自学教程：C++ EVP_Digest函数代码示例

int X509_ocspid_print(BIO *bp, X509 *x){    unsigned char *der = NULL;    unsigned char *dertmp;    int derlen;    int i;    unsigned char SHA1md[SHA_DIGEST_LENGTH];    /*     * display the hash of the subject as it would appear in OCSP requests     */    if (BIO_printf(bp, "        Subject OCSP hash: ") <= 0)        goto err;    derlen = i2d_X509_NAME(x->cert_info->subject, NULL);    if ((der = dertmp = (unsigned char *)OPENSSL_malloc(derlen)) == NULL)        goto err;    i2d_X509_NAME(x->cert_info->subject, &dertmp);    if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL))        goto err;    for (i = 0; i < SHA_DIGEST_LENGTH; i++) {        if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)            goto err;    }    OPENSSL_free(der);    der = NULL;    /*     * display the hash of the public key as it would appear in OCSP requests     */    if (BIO_printf(bp, "/n        Public key OCSP hash: ") <= 0)        goto err;    if (!EVP_Digest(x->cert_info->key->public_key->data,                    x->cert_info->key->public_key->length,                    SHA1md, NULL, EVP_sha1(), NULL))        goto err;    for (i = 0; i < SHA_DIGEST_LENGTH; i++) {        if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)            goto err;    }    BIO_printf(bp, "/n");    return (1); err:    if (der != NULL)        OPENSSL_free(der);    return (0);}

string& WS::ComputeKey(string& key) {	key.append("258EAFA5-E914-47DA-95CA-C5AB0DC85B11"); // WEBSOCKET_GUID	UInt8 temp[20];	EVP_Digest(key.c_str(),key.size(),temp,NULL,EVP_sha1(),NULL);	return Util::ToBase64(temp, sizeof(temp), key); }

int main(int argc, char *argv[])	{	int i,err=0;	unsigned char **P,**R;	char *p;	unsigned char md[RIPEMD160_DIGEST_LENGTH];	P=(unsigned char **)test;	R=(unsigned char **)ret;	i=1;	while (*P != NULL)		{#ifdef CHARSET_EBCDIC		ebcdic2ascii((char *)*P, (char *)*P, strlen((char *)*P));#endif		EVP_Digest(&(P[0][0]),strlen((char *)*P),md,NULL,EVP_ripemd160(), NULL);		p=pt(md);		if (strcmp(p,(char *)*R) != 0)			{			printf("error calculating RIPEMD160 on '%s'/n",*P);			printf("got %s instead of %s/n",p,*R);			err++;			}		else			printf("test %d ok/n",i);		i++;		R++;		P++;		}	EXIT(err);	return(0);	}

int main(int argc, char **argv) {  size_t i, j;  uint8_t md[SHA_DIGEST_LENGTH];  char md_hex[sizeof(md) * 2 + 1];  int ok = 1;  CRYPTO_library_init();  for (i = 0; test[i] != NULL; i++) {    EVP_Digest(test[i], strlen(test[i]), md, NULL, EVP_sha1(), NULL);    for (j = 0; j < sizeof(md); j++) {      sprintf(&md_hex[j * 2], "%02x", md[j]);    }    if (strcmp(md_hex, expected[i]) != 0) {      fprintf(stderr, "#%u: got %s, wanted %s/n", (unsigned)i, md_hex,              expected[i]);      ok = 0;    }  }  ok &= test_incremental();  if (ok) {    printf("PASS/n");  }  return ok ? 0 : 1;}

intmd_full (const EVP_MD *kt, const uint8_t *src, int src_len, uint8_t *dst){  unsigned int in_md_len = 0;  return EVP_Digest(src, src_len, dst, &in_md_len, kt, NULL);}

ByteArray PublicKey::getKeyIdentifier() throw (EncodeException){	ByteArray ret;	unsigned int size;	X509_PUBKEY *pubkey = NULL;		if(X509_PUBKEY_set(&pubkey, this->key) == 0)	{		throw EncodeException(EncodeException::UNKNOWN, "PublicKey::getKeyIdentifier");	}				ret = ByteArray(EVP_MAX_MD_SIZE);	EVP_Digest(pubkey->public_key->data, pubkey->public_key->length, ret.getDataPointer(), &size, EVP_sha1(), NULL);	ret = ByteArray(ret.getDataPointer(), size);	X509_PUBKEY_free(pubkey);		return ret;		//return ByteArray(digest, digestLen);	/*	ByteArray der = this->getDerEncoded();	MessageDigest md(MessageDigest::SHA1);		MessageDigest::loadMessageDigestAlgorithms();		return md.doFinal(der);*/}

int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,                unsigned char *md, unsigned int *len){    int inl;    unsigned char *str, *p;    inl = i2d(data, NULL);    if (inl <= 0) {        ASN1err(ASN1_F_ASN1_DIGEST, ERR_R_INTERNAL_ERROR);        return 0;    }    if ((str = OPENSSL_malloc(inl)) == NULL) {        ASN1err(ASN1_F_ASN1_DIGEST, ERR_R_MALLOC_FAILURE);        return 0;    }    p = str;    i2d(data, &p);    if (!EVP_Digest(str, inl, md, len, type, NULL)) {        OPENSSL_free(str);        return 0;    }    OPENSSL_free(str);    return 1;}

CK_RV PKCS11_Digest_OpenSSL::Digest(Cryptoki_Session_Context* pSessionCtx, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen){    OPENSSL_HEADER();        UINT32             digestLen = *pulDigestLen;    OpenSSLDigestData* pDigData;    if(pSessionCtx == NULL || pSessionCtx->DigestCtx == NULL) return CKR_SESSION_CLOSED;    pDigData = (OpenSSLDigestData*)pSessionCtx->DigestCtx;    if(pDigData->HmacKey != NULL)    {        OPENSSL_CHECKRESULT(HMAC_Update(&pDigData->HmacCtx, pData  , ulDataLen ));        OPENSSL_CHECKRESULT(HMAC_Final (&pDigData->HmacCtx, pDigest, &digestLen));    }    else    {        OPENSSL_CHECKRESULT(EVP_Digest(pData, ulDataLen, pDigest, &digestLen, pDigData->CurrentCtx.digest, NULL));    }    *pulDigestLen = digestLen;    OPENSSL_CLEANUP();        TINYCLR_SSL_FREE(pDigData);    pSessionCtx->DigestCtx = NULL;        OPENSSL_RETURN();}

int main(int argc, char *argv[])	{	int i,err=0;	char **P,**R;	char *p;	unsigned char md[RIPEMD160_DIGEST_LENGTH];	P=test;	R=ret;	i=1;	while (*P != NULL)		{#ifdef CHARSET_EBCDIC		ebcdic2ascii((char *)*P, (char *)*P, TINYCLR_SSL_STRLEN((char *)*P));#endif		EVP_Digest(&(P[0][0]),TINYCLR_SSL_STRLEN((char *)*P),md,NULL,EVP_ripemd160(), NULL);		p=pt(md);		if (TINYCLR_SSL_STRCMP(p,(char *)*R) != 0)			{			TINYCLR_SSL_PRINTF("error calculating RIPEMD160 on '%s'/n",*P);			TINYCLR_SSL_PRINTF("got %s instead of %s/n",p,*R);			err++;			}		else			TINYCLR_SSL_PRINTF("test %d ok/n",i);		i++;		R++;		P++;		}	EXIT(err);	return(0);	}

int main(int argc, char *argv[]){    int i, err = 0;    char **P, **R;    char *p;    unsigned char md[MD5_DIGEST_LENGTH];    P = test;    R = ret;    i = 1;    while (*P != NULL) {        EVP_Digest(&(P[0][0]), strlen((char *)*P), md, NULL, EVP_md5(), NULL);        p = pt(md);        if (strcmp(p, (char *)*R) != 0) {            printf("error calculating MD5 on '%s'/n", *P);            printf("got %s instead of %s/n", p, *R);            err++;        } else            printf("test %d ok/n", i);        i++;        R++;        P++;    }# ifdef OPENSSL_SYS_NETWARE    if (err)        printf("ERROR: %d/n", err);# endif    EXIT(err);}

intca_subjectpubkey_digest(X509 *x509, uint8_t *md, unsigned int *size){	uint8_t		*buf = NULL;	int		 buflen;	if (*size < SHA_DIGEST_LENGTH)		return (-1);	/*	 * Generate a SHA-1 digest of the Subject Public Key Info	 * element in the X.509 certificate, an ASN.1 sequence	 * that includes the public key type (eg. RSA) and the	 * public key value (see 3.7 of RFC4306).	 */	buflen = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x509), &buf);	if (!buflen)		return (-1);	if (!EVP_Digest(buf, buflen, md, size, EVP_sha1(), NULL)) {		free(buf);		return (-1);	}	free(buf);	return (0);}

int X509_pubkey_digest(const X509 *data, const EVP_MD *type, unsigned char *md,	     unsigned int *len)	{	ASN1_BIT_STRING *key;	key = X509_get0_pubkey_bitstr(data);	if(!key) return 0;	return EVP_Digest(key->data, key->length, md, len, type, NULL);	}

int main(int argc, char *argv[])	{	int i,err=0;	unsigned char **P,**R;	static unsigned char buf[1000];	char *p,*r;	EVP_MD_CTX c;	unsigned char md[SHA_DIGEST_LENGTH];#ifdef CHARSET_EBCDIC	ebcdic2ascii(test[0], test[0], strlen(test[0]));	ebcdic2ascii(test[1], test[1], strlen(test[1]));#endif	EVP_MD_CTX_init(&c);	P=(unsigned char **)test;	R=(unsigned char **)ret;	i=1;	while (*P != NULL)		{		EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha(), NULL);		p=pt(md);		if (strcmp(p,(char *)*R) != 0)			{			printf("error calculating SHA on '%s'/n",*P);			printf("got %s instead of %s/n",p,*R);			err++;			}		else			printf("test %d ok/n",i);		i++;		R++;		P++;		}	memset(buf,'a',1000);#ifdef CHARSET_EBCDIC	ebcdic2ascii(buf, buf, 1000);#endif /*CHARSET_EBCDIC*/	EVP_DigestInit_ex(&c,EVP_sha(), NULL);	for (i=0; i<1000; i++)		EVP_DigestUpdate(&c,buf,1000);	EVP_DigestFinal_ex(&c,md,NULL);	p=pt(md);	r=bigret;	if (strcmp(p,r) != 0)		{		printf("error calculating SHA on '%s'/n",p);		printf("got %s instead of %s/n",p,r);		err++;		}	else		printf("test 3 ok/n");	EVP_MD_CTX_cleanup(&c);	EXIT(err);	return(0);	}

int main(int argc, char *argv[]){    int i, err = 0;    char **P, **R;    static unsigned char buf[1000];    char *p, *r;    EVP_MD_CTX *c;    unsigned char md[SHA_DIGEST_LENGTH];#ifdef CHARSET_EBCDIC    ebcdic2ascii(test[0], test[0], strlen(test[0]));    ebcdic2ascii(test[1], test[1], strlen(test[1]));#endif    c = EVP_MD_CTX_new();    P = test;    R = ret;    i = 1;    while (*P != NULL) {        EVP_Digest(*P, strlen((char *)*P), md, NULL, EVP_sha1(), NULL);        p = pt(md);        if (strcmp(p, (char *)*R) != 0) {            printf("error calculating SHA1 on '%s'/n", *P);            printf("got %s instead of %s/n", p, *R);            err++;        } else            printf("test %d ok/n", i);        i++;        R++;        P++;    }    memset(buf, 'a', 1000);#ifdef CHARSET_EBCDIC    ebcdic2ascii(buf, buf, 1000);#endif                         /* CHARSET_EBCDIC */    EVP_DigestInit_ex(c, EVP_sha1(), NULL);    for (i = 0; i < 1000; i++)        EVP_DigestUpdate(c, buf, 1000);    EVP_DigestFinal_ex(c, md, NULL);    p = pt(md);    r = bigret;    if (strcmp(p, r) != 0) {        printf("error calculating SHA1 on 'a' * 1000/n");        printf("got %s instead of %s/n", p, r);        err++;    } else        printf("test 3 ok/n");#ifdef OPENSSL_SYS_NETWARE    if (err)        printf("ERROR: %d/n", err);#endif    EVP_MD_CTX_free(c);    EXIT(err);    return (0);}

OCSP_CERTID *OCSP_cert_id_new (const EVP_MD * dgst,                               X509_NAME * issuerName, ASN1_BIT_STRING * issuerKey, ASN1_INTEGER * serialNumber){    int nid;    unsigned int i;    X509_ALGOR *alg;    OCSP_CERTID *cid = NULL;    unsigned char md[EVP_MAX_MD_SIZE];    if (!(cid = OCSP_CERTID_new ()))        goto err;    alg = cid->hashAlgorithm;    if (alg->algorithm != NULL)        ASN1_OBJECT_free (alg->algorithm);    if ((nid = EVP_MD_type (dgst)) == NID_undef)    {        OCSPerr (OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_UNKNOWN_NID);        goto err;    }    if (!(alg->algorithm = OBJ_nid2obj (nid)))        goto err;    if ((alg->parameter = ASN1_TYPE_new ()) == NULL)        goto err;    alg->parameter->type = V_ASN1_NULL;    if (!X509_NAME_digest (issuerName, dgst, md, &i))        goto digerr;    if (!(ASN1_OCTET_STRING_set (cid->issuerNameHash, md, i)))        goto err;    /* Calculate the issuerKey hash, excluding tag and length */    if (!EVP_Digest (issuerKey->data, issuerKey->length, md, &i, dgst, NULL))        goto err;    if (!(ASN1_OCTET_STRING_set (cid->issuerKeyHash, md, i)))        goto err;    if (serialNumber)    {        ASN1_INTEGER_free (cid->serialNumber);        if (!(cid->serialNumber = ASN1_INTEGER_dup (serialNumber)))            goto err;    }    return cid;  digerr:    OCSPerr (OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_DIGEST_ERR);  err:    if (cid)        OCSP_CERTID_free (cid);    return NULL;}

bool ECDSA_Sign(COSE * pSigner, int index, const cn_cbor * pKey, int cbitDigest, const byte * rgbToSign, size_t cbToSign, cose_errback * perr){	EC_KEY * eckey = NULL;	byte rgbDigest[EVP_MAX_MD_SIZE];	unsigned int cbDigest = sizeof(rgbDigest);	byte  * pbSig = NULL;	const EVP_MD * digest;#ifdef USE_CBOR_CONTEXT	cn_cbor_context * context = &pSigner->m_allocContext;#endif	cn_cbor * p = NULL;	ECDSA_SIG * psig = NULL;	cn_cbor_errback cbor_error;	int cbR;	byte rgbSig[66];	int cb;		eckey = ECKey_From(pKey, &cbR, perr);	if (eckey == NULL) {	errorReturn:		if (p != NULL) CN_CBOR_FREE(p, context);		if (eckey != NULL) EC_KEY_free(eckey);		return false;	}	switch (cbitDigest) {	case 256: digest = EVP_sha256(); break;	case 512: digest = EVP_sha512(); break;	case 384: digest = EVP_sha384(); break;	default:		FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);	}	EVP_Digest(rgbToSign, cbToSign, rgbDigest, &cbDigest, digest, NULL);	psig = ECDSA_do_sign(rgbDigest, cbDigest, eckey);	CHECK_CONDITION(psig != NULL, COSE_ERR_CRYPTO_FAIL);	pbSig = COSE_CALLOC(cbR, 2, context);	CHECK_CONDITION(pbSig != NULL, COSE_ERR_OUT_OF_MEMORY);	cb = BN_bn2bin(psig->r, rgbSig);	CHECK_CONDITION(cb <= cbR, COSE_ERR_INVALID_PARAMETER);	memcpy(pbSig + cbR - cb, rgbSig, cb);	cb = BN_bn2bin(psig->s, rgbSig);	CHECK_CONDITION(cb <= cbR, COSE_ERR_INVALID_PARAMETER);	memcpy(pbSig + 2*cbR - cb, rgbSig, cb);	p = cn_cbor_data_create(pbSig, cbR*2, CBOR_CONTEXT_PARAM_COMMA &cbor_error);	CHECK_CONDITION_CBOR(p != NULL, cbor_error);	CHECK_CONDITION(_COSE_array_replace(pSigner, p, index, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);		return true;}

int CPK_PUBLIC_PARAMS_digest(CPK_PUBLIC_PARAMS *params, const EVP_MD *md,	unsigned char *dgst, unsigned int *dgstlen){	if (!EVP_Digest(M_ASN1_STRING_data(params->public_factors),		M_ASN1_STRING_length(params->public_factors),		dgst, dgstlen, md, NULL)) {		return 0;	}	return 1;}

int openconnect_sha1(unsigned char *result, void *data, int len){	EVP_MD_CTX c;	EVP_MD_CTX_init(&c);	EVP_Digest(data, len, result, NULL, EVP_sha1(), NULL);	EVP_MD_CTX_cleanup(&c);	return 0;}

/** * EM_AES::set_key() * 设置AES加密密钥 *  * @param string key * @return void */void EM_AES::set_key(const string & key){	this->m_key_str = key;		unsigned char md[MD5_DIGEST_LENGTH];		EVP_Digest(key.c_str(), (size_t)key.length(), md, NULL, EVP_md5(), NULL);	strncpy((char*)&this->m_key, (char*)&md, EM_AES_KEY_SIZE/8); }

int CPK_MASTER_SECRET_digest(CPK_MASTER_SECRET *master, const EVP_MD *md,	unsigned char *dgst, unsigned int *dgstlen){	if (!EVP_Digest(M_ASN1_STRING_data(master->secret_factors),		M_ASN1_STRING_length(master->secret_factors),		dgst, dgstlen, md, NULL)) {		return 0;	}	return 1;}

Target::Target(const SocketAddress& address,Cookie* pCookie) : address(address),isPeer(pCookie?true:false),peerId(),pDH(pCookie?pCookie->_pCookieComputing->pDH:NULL) {	if(address.port()==0)		((SocketAddress&)this->address) = SocketAddress(address.host(),RTMFP_DEFAULT_PORT);	if(isPeer) {		((vector<UInt8>&)publicKey).resize(pCookie->_pCookieComputing->nonce.size()-7);		memcpy((void*)&publicKey[0],&pCookie->_pCookieComputing->nonce[7],publicKey.size());		((vector<UInt8>&)publicKey)[3] = 0x1D;		EVP_Digest(&publicKey[0],publicKey.size(),(UInt8*)id,NULL,EVP_sha256(),NULL);		pCookie->_pCookieComputing->pDH = NULL;	}}

voidHMAC_Init_ex(HMAC_CTX *ctx,	     const void *key,	     size_t keylen,	     const EVP_MD *md,	     ENGINE *engine){    unsigned char *p;    size_t i;    if (ctx->md != md) {	ctx->md = md;	if (ctx->buf) {	    memset(ctx->buf, 0, ctx->key_length);	    free (ctx->buf);	}	ctx->key_length = EVP_MD_size(ctx->md);	ctx->buf = malloc(ctx->key_length);    }#if 0    ctx->engine = engine;#endif    if (keylen > EVP_MD_block_size(ctx->md)) {	EVP_Digest(key, keylen, ctx->buf, NULL, ctx->md, engine);	key = ctx->buf;	keylen = EVP_MD_size(ctx->md);    }    if (ctx->opad) {	memset(ctx->opad, 0, ctx->key_length);	free(ctx->opad);    }    if (ctx->ipad) {	memset(ctx->ipad, 0, ctx->key_length);	free(ctx->ipad);    }    ctx->opad = malloc(EVP_MD_block_size(ctx->md));    ctx->ipad = malloc(EVP_MD_block_size(ctx->md));    memset(ctx->ipad, 0x36, EVP_MD_block_size(ctx->md));    memset(ctx->opad, 0x5c, EVP_MD_block_size(ctx->md));    for (i = 0, p = ctx->ipad; i < keylen; i++)	p[i] ^= ((const unsigned char *)key)[i];    for (i = 0, p = ctx->opad; i < keylen; i++)	p[i] ^= ((const unsigned char *)key)[i];    if (ctx->ctx == NULL)	ctx->ctx = EVP_MD_CTX_create();    EVP_DigestInit_ex(ctx->ctx, ctx->md, ctx->engine);    EVP_DigestUpdate(ctx->ctx, ctx->ipad, EVP_MD_block_size(ctx->md));}

Handshake::Handshake(Gateway& gateway,Handler& handler,Entity& entity) : ServerSession(0,0,Peer(handler),RTMFP_SYMETRIC_KEY,RTMFP_SYMETRIC_KEY,(Invoker&)handler),	_gateway(gateway) {	(bool&)checked=true;	memcpy(_certificat,"/x01/x0A/x41/x0E",4);	RandomInputStream().read((char*)&_certificat[4],64);	memcpy(&_certificat[68],"/x02/x15/x02/x02/x15/x05/x02/x15/x0E",9);	// Display far id flash side	EVP_Digest(_certificat,sizeof(_certificat),(unsigned char *)entity.id,NULL,EVP_sha256(),NULL);}

enum ssl_private_key_result_t ssl_private_key_sign(    SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,    uint16_t signature_algorithm, const uint8_t *in, size_t in_len) {  if (ssl->cert->key_method != NULL) {    if (ssl->cert->key_method->sign != NULL) {      return ssl->cert->key_method->sign(ssl, out, out_len, max_out,                                         signature_algorithm, in, in_len);    }    /* TODO(davidben): Remove support for |sign_digest|-only     * |SSL_PRIVATE_KEY_METHOD|s. */    const EVP_MD *md;    int curve;    if (!is_rsa_pkcs1(&md, signature_algorithm) &&        !is_ecdsa(&curve, &md, signature_algorithm)) {      OPENSSL_PUT_ERROR(SSL, SSL_R_UNSUPPORTED_PROTOCOL_FOR_CUSTOM_KEY);      return ssl_private_key_failure;    }    uint8_t hash[EVP_MAX_MD_SIZE];    unsigned hash_len;    if (!EVP_Digest(in, in_len, hash, &hash_len, md, NULL)) {      return ssl_private_key_failure;    }    return ssl->cert->key_method->sign_digest(ssl, out, out_len, max_out, md,                                              hash, hash_len);  }  const EVP_MD *md;  if (is_rsa_pkcs1(&md, signature_algorithm) &&      ssl3_protocol_version(ssl) < TLS1_3_VERSION) {    return ssl_sign_rsa_pkcs1(ssl, out, out_len, max_out, md, in, in_len)               ? ssl_private_key_success               : ssl_private_key_failure;  }  int curve;  if (is_ecdsa(&curve, &md, signature_algorithm)) {    return ssl_sign_ecdsa(ssl, out, out_len, max_out, curve, md, in, in_len)               ? ssl_private_key_success               : ssl_private_key_failure;  }  if (is_rsa_pss(&md, signature_algorithm)) {    return ssl_sign_rsa_pss(ssl, out, out_len, max_out, md, in, in_len)               ? ssl_private_key_success               : ssl_private_key_failure;  }  OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_SIGNATURE_TYPE);  return ssl_private_key_failure;}

static krb5_error_codeRSA_MD5_checksum(krb5_context context,		 struct _krb5_key_data *key,		 const void *data,		 size_t len,		 unsigned usage,		 Checksum *C){    if (EVP_Digest(data, len, C->checksum.data, NULL, EVP_md5(), NULL) != 1)	krb5_abortx(context, "md5 checksum failed");    return 0;}

static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,                                      X509V3_CTX *ctx, char *str){    ASN1_OCTET_STRING *oct;    X509_PUBKEY *pubkey;    const unsigned char *pk;    int pklen;    unsigned char pkey_dig[EVP_MAX_MD_SIZE];    unsigned int diglen;    if (strcmp(str, "hash"))        return s2i_ASN1_OCTET_STRING(method, ctx, str);    if ((oct = ASN1_OCTET_STRING_new()) == NULL) {        X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);        return NULL;    }    if (ctx && (ctx->flags == CTX_TEST))        return oct;    if (!ctx || (!ctx->subject_req && !ctx->subject_cert)) {        X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY);        goto err;    }    if (ctx->subject_req)        pubkey = ctx->subject_req->req_info.pubkey;    else        pubkey = ctx->subject_cert->cert_info.key;    if (pubkey == NULL) {        X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY);        goto err;    }    X509_PUBKEY_get0_param(NULL, &pk, &pklen, NULL, pubkey);    if (!EVP_Digest(pk, pklen, pkey_dig, &diglen, EVP_sha1(), NULL))        goto err;    if (!ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {        X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);        goto err;    }    return oct; err:    ASN1_OCTET_STRING_free(oct);    return NULL;}

int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,		unsigned char *md, unsigned int *len)	{	int i;	unsigned char *str = NULL;	i=ASN1_item_i2d(asn,&str, it);	if (!str) return(0);	EVP_Digest(str, i, md, len, type, NULL);	OPENSSL_free(str);	return(1);	}

Handshake::Handshake(Gateway& gateway,DatagramSocket& socket,ServerData& data) : Session(0,0,Peer(SocketAddress()),RTMFP_SYMETRIC_KEY,RTMFP_SYMETRIC_KEY,socket,data),	_gateway(gateway),_signature("/x03/x1a/x00/x00/x02/x1e/x00/x81/x02/x0d/x02",11) {		memcpy(_certificat,"/x01/x0A/x41/x0E",4);	RandomInputStream().read((char*)&_certificat[4],64);	memcpy(&_certificat[68],"/x02/x15/x02/x02/x15/x05/x02/x15/x0E",9);	// Display far id flash side	UInt8 id[32];	EVP_Digest(_certificat,sizeof(_certificat),id,NULL,EVP_sha256(),NULL);	INFO("Id of this cumulus server : %s",Util::FormatHex(id,32).c_str());}

static void *ibcs_kdf(const EVP_MD *md, const void *in, size_t inlen,	void *out, size_t *outlen){	unsigned char state[EVP_MAX_MD_SIZE * 2];	unsigned char dgst[EVP_MAX_MD_SIZE];	unsigned int dgstlen;	size_t rlen;	unsigned char *pout;	int i;	dgstlen = EVP_MD_size(md);	memset(state, 0, dgstlen);	if (!EVP_Digest(in, inlen, state + dgstlen, &dgstlen, md, NULL)) {		KDF2err(KDF2_F_IBCS_KDF, KDF2_R_DIGEST_FAILURE);		return NULL;	}	rlen = *outlen;	pout = out;	for (i = 0; i < (*outlen + dgstlen - 1)/dgstlen; i++) {		size_t len;		if (!EVP_Digest(state, dgstlen, state, &dgstlen, md, NULL)) {			KDF2err(KDF2_F_IBCS_KDF, KDF2_R_DIGEST_FAILURE);			return NULL;		}		if (!EVP_Digest(state, dgstlen*2, dgst, &dgstlen, md, NULL)) {			KDF2err(KDF2_F_IBCS_KDF, KDF2_R_DIGEST_FAILURE);			return NULL;		}		len = (dgstlen <= rlen) ? dgstlen : rlen;		memcpy(pout, dgst, len);		pout += len;		rlen -= len;	}	return out;}