自学教程：C++ EVP_MD_CTX_new函数代码示例

static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num){    EVP_MD_CTX *m5;    EVP_MD_CTX *s1;    unsigned char buf[16], smd[SHA_DIGEST_LENGTH];    unsigned char c = 'A';    unsigned int i, j, k;    int ret = 0;#ifdef CHARSET_EBCDIC    c = os_toascii[c];          /* 'A' in ASCII */#endif    k = 0;    m5 = EVP_MD_CTX_new();    s1 = EVP_MD_CTX_new();    if (m5 == NULL || s1 == NULL) {        SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_MALLOC_FAILURE);        goto err;    }    EVP_MD_CTX_set_flags(m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);    for (i = 0; (int)i < num; i += MD5_DIGEST_LENGTH) {        k++;        if (k > sizeof buf) {            /* bug: 'buf' is too small for this ciphersuite */            SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_INTERNAL_ERROR);            return 0;        }        for (j = 0; j < k; j++)            buf[j] = c;        c++;        EVP_DigestInit_ex(s1, EVP_sha1(), NULL);        EVP_DigestUpdate(s1, buf, k);        EVP_DigestUpdate(s1, s->session->master_key,                         s->session->master_key_length);        EVP_DigestUpdate(s1, s->s3->server_random, SSL3_RANDOM_SIZE);        EVP_DigestUpdate(s1, s->s3->client_random, SSL3_RANDOM_SIZE);        EVP_DigestFinal_ex(s1, smd, NULL);        EVP_DigestInit_ex(m5, EVP_md5(), NULL);        EVP_DigestUpdate(m5, s->session->master_key,                         s->session->master_key_length);        EVP_DigestUpdate(m5, smd, SHA_DIGEST_LENGTH);        if ((int)(i + MD5_DIGEST_LENGTH) > num) {            EVP_DigestFinal_ex(m5, smd, NULL);            memcpy(km, smd, (num - i));        } else            EVP_DigestFinal_ex(m5, km, NULL);        km += MD5_DIGEST_LENGTH;    }    OPENSSL_cleanse(smd, sizeof(smd));    ret = 1; err:    EVP_MD_CTX_free(m5);    EVP_MD_CTX_free(s1);    return ret;}

static int test_EVP_DigestSignInit(void){    int ret = 0;    EVP_PKEY *pkey = NULL;    unsigned char *sig = NULL;    size_t sig_len = 0;    EVP_MD_CTX *md_ctx, *md_ctx_verify;    md_ctx = EVP_MD_CTX_new();    md_ctx_verify = EVP_MD_CTX_new();    if (md_ctx == NULL || md_ctx_verify == NULL)        goto out;    pkey = load_example_rsa_key();    if (pkey == NULL ||        !EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey) ||        !EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))) {        goto out;    }    /* Determine the size of the signature. */    if (!EVP_DigestSignFinal(md_ctx, NULL, &sig_len)) {        goto out;    }    /* Sanity check for testing. */    if (sig_len != (size_t)EVP_PKEY_size(pkey)) {        fprintf(stderr, "sig_len mismatch/n");        goto out;    }    sig = OPENSSL_malloc(sig_len);    if (sig == NULL || !EVP_DigestSignFinal(md_ctx, sig, &sig_len)) {        goto out;    }    /* Ensure that the signature round-trips. */    if (!EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sha256(), NULL, pkey)        || !EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))        || !EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)) {        goto out;    }    ret = 1; out:    if (!ret) {        ERR_print_errors_fp(stderr);    }    EVP_MD_CTX_free(md_ctx);    EVP_MD_CTX_free(md_ctx_verify);    EVP_PKEY_free(pkey);    OPENSSL_free(sig);    return ret;}

static PyObject *EVP_digest(EVPobject *self, PyObject *unused){    unsigned char digest[EVP_MAX_MD_SIZE];    EVP_MD_CTX *temp_ctx;    PyObject *retval;    unsigned int digest_size;    temp_ctx = EVP_MD_CTX_new();    if (temp_ctx == NULL) {        PyErr_NoMemory();        return NULL;    }    if (!locked_EVP_MD_CTX_copy(temp_ctx, self)) {        return _setException(PyExc_ValueError);    }    digest_size = EVP_MD_CTX_size(temp_ctx);    if (!EVP_DigestFinal(temp_ctx, digest, NULL)) {        _setException(PyExc_ValueError);        return NULL;    }    retval = PyBytes_FromStringAndSize((const char *)digest, digest_size);    EVP_MD_CTX_free(temp_ctx);    return retval;}

static int hmac_ctx_alloc_mds(HMAC_CTX *ctx){    if (ctx->i_ctx == NULL)        ctx->i_ctx = EVP_MD_CTX_new();    if (ctx->i_ctx == NULL)        return 0;    if (ctx->o_ctx == NULL)        ctx->o_ctx = EVP_MD_CTX_new();    if (ctx->o_ctx == NULL)        return 0;    if (ctx->md_ctx == NULL)        ctx->md_ctx = EVP_MD_CTX_new();    if (ctx->md_ctx == NULL)        return 0;    return 1;}

int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,                          size_t siglen){    unsigned char md[EVP_MAX_MD_SIZE];    int r = 0;    unsigned int mdlen = 0;    int vctx = 0;    if (ctx->pctx->pmeth->verifyctx)        vctx = 1;    else        vctx = 0;    if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) {        if (vctx) {            r = ctx->pctx->pmeth->verifyctx(ctx->pctx, sig, siglen, ctx);        } else            r = EVP_DigestFinal_ex(ctx, md, &mdlen);    } else {        EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new();        if (tmp_ctx == NULL || !EVP_MD_CTX_copy_ex(tmp_ctx, ctx))            return -1;        if (vctx) {            r = tmp_ctx->pctx->pmeth->verifyctx(tmp_ctx->pctx,                                                sig, siglen, tmp_ctx);        } else            r = EVP_DigestFinal_ex(tmp_ctx, md, &mdlen);        EVP_MD_CTX_free(tmp_ctx);    }    if (vctx || !r)        return r;    return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);}

static int test_EVP_DigestVerifyInit(void){    int ret = 0;    EVP_PKEY *pkey = NULL;    EVP_MD_CTX *md_ctx;    md_ctx = EVP_MD_CTX_new();    pkey = load_example_rsa_key();    if (pkey == NULL ||        !EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey) ||        !EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)) ||        !EVP_DigestVerifyFinal(md_ctx, kSignature, sizeof(kSignature))) {        goto out;    }    ret = 1; out:    if (!ret) {        ERR_print_errors_fp(stderr);    }    EVP_MD_CTX_free(md_ctx);    EVP_PKEY_free(pkey);    return ret;}

static int_md_ctx_create (md_ctx *x){    assert (x != NULL);#if HAVE_EVP_MD_CTX_NEW    /*  OpenSSL >= 1.1.0  */    x->ctx = EVP_MD_CTX_new ();                         /* alloc & init */#elif HAVE_EVP_MD_CTX_CREATE    /*  OpenSSL >= 0.9.7, < 1.1.0  */    x->ctx = EVP_MD_CTX_create ();                      /* alloc & init */#else  /* !HAVE_EVP_MD_CTX_CREATE */    x->ctx = OPENSSL_malloc (sizeof (EVP_MD_CTX));      /* allocate */#if HAVE_EVP_MD_CTX_INIT    /*  OpenSSL >= 0.9.7, < 1.1.0  */    if (x->ctx != NULL ) {        EVP_MD_CTX_init (x->ctx);                       /* initialize */    }#endif /* HAVE_EVP_MD_CTX_INIT */#endif /* !HAVE_EVP_MD_CTX_CREATE */    if (x->ctx == NULL) {        return (-1);    }    return (0);}

/* * Generates the mac for the Finished message. Returns the length of the MAC or * 0 on error. */size_t tls13_final_finish_mac(SSL *s, const char *str, size_t slen,                             unsigned char *out){    const EVP_MD *md = ssl_handshake_md(s);    unsigned char hash[EVP_MAX_MD_SIZE];    size_t hashlen, ret = 0;    EVP_PKEY *key = NULL;    EVP_MD_CTX *ctx = EVP_MD_CTX_new();    if (!ssl_handshake_hash(s, hash, sizeof(hash), &hashlen))        goto err;    if (str == s->method->ssl3_enc->server_finished_label)        key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL,                                   s->server_finished_secret, hashlen);    else        key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL,                                   s->client_finished_secret, hashlen);    if (key == NULL            || ctx == NULL            || EVP_DigestSignInit(ctx, NULL, md, NULL, key) <= 0            || EVP_DigestSignUpdate(ctx, hash, hashlen) <= 0            || EVP_DigestSignFinal(ctx, out, &hashlen) <= 0)        goto err;    ret = hashlen; err:    EVP_PKEY_free(key);    EVP_MD_CTX_free(ctx);    return ret;}

static int test_mdc2(void){    int testresult = 0;    unsigned char md[MDC2_DIGEST_LENGTH];    EVP_MD_CTX *c;    static char text[] = "Now is the time for all ";    size_t tlen = strlen(text);# ifdef CHARSET_EBCDIC    ebcdic2ascii(text, text, tlen);# endif    c = EVP_MD_CTX_new();    if (!TEST_ptr(c)        || !TEST_true(EVP_DigestInit_ex(c, EVP_mdc2(), NULL))        || !TEST_true(EVP_DigestUpdate(c, (unsigned char *)text, tlen))        || !TEST_true(EVP_DigestFinal_ex(c, &(md[0]), NULL))        || !TEST_mem_eq(md, MDC2_DIGEST_LENGTH, pad1, MDC2_DIGEST_LENGTH)        || !TEST_true(EVP_DigestInit_ex(c, EVP_mdc2(), NULL)))        goto end;    /* FIXME: use a ctl function? */    ((MDC2_CTX *)EVP_MD_CTX_md_data(c))->pad_type = 2;    if (!TEST_true(EVP_DigestUpdate(c, (unsigned char *)text, tlen))        || !TEST_true(EVP_DigestFinal_ex(c, &(md[0]), NULL))        || !TEST_mem_eq(md, MDC2_DIGEST_LENGTH, pad2, MDC2_DIGEST_LENGTH))        goto end;    testresult = 1; end:    EVP_MD_CTX_free(c);    return testresult;}

unsigned long X509_issuer_and_serial_hash(X509 *a){    unsigned long ret = 0;    EVP_MD_CTX *ctx = EVP_MD_CTX_new();    unsigned char md[16];    char *f;    if (ctx == NULL)        goto err;    f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0);    if (!EVP_DigestInit_ex(ctx, EVP_md5(), NULL))        goto err;    if (!EVP_DigestUpdate(ctx, (unsigned char *)f, strlen(f)))        goto err;    OPENSSL_free(f);    if (!EVP_DigestUpdate        (ctx, (unsigned char *)a->cert_info.serialNumber.data,         (unsigned long)a->cert_info.serialNumber.length))        goto err;    if (!EVP_DigestFinal_ex(ctx, &(md[0]), NULL))        goto err;    ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |           ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)        ) & 0xffffffffL; err:    EVP_MD_CTX_free(ctx);    return (ret);}

BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass){    unsigned char dig[SHA_DIGEST_LENGTH];    EVP_MD_CTX *ctxt;    unsigned char *cs;    BIGNUM *res = NULL;    if ((s == NULL) || (user == NULL) || (pass == NULL))        return NULL;    ctxt = EVP_MD_CTX_new();    if (ctxt == NULL)        return NULL;    if ((cs = OPENSSL_malloc(BN_num_bytes(s))) == NULL)        goto err;    EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL);    EVP_DigestUpdate(ctxt, user, strlen(user));    EVP_DigestUpdate(ctxt, ":", 1);    EVP_DigestUpdate(ctxt, pass, strlen(pass));    EVP_DigestFinal_ex(ctxt, dig, NULL);    EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL);    BN_bn2bin(s, cs);    EVP_DigestUpdate(ctxt, cs, BN_num_bytes(s));    OPENSSL_free(cs);    EVP_DigestUpdate(ctxt, dig, sizeof(dig));    EVP_DigestFinal_ex(ctxt, dig, NULL);    res = BN_bin2bn(dig, sizeof(dig), NULL); err:    EVP_MD_CTX_free(ctxt);    return res;}

// Hashing functionsbool OSSLEVPHashAlgorithm::hashInit(){	if (!HashAlgorithm::hashInit())	{		return false;	}	// Initialize the context	curCTX = EVP_MD_CTX_new();	if (curCTX == NULL)	{		ERROR_MSG("Failed to allocate space for EVP_MD_CTX");		return false;	}	// Initialize EVP digesting	if (!EVP_DigestInit_ex(curCTX, getEVPHash(), NULL))	{		ERROR_MSG("EVP_DigestInit failed");		EVP_MD_CTX_free(curCTX);		curCTX = NULL;		ByteString dummy;		HashAlgorithm::hashFinal(dummy);		return false;	}	return true;}

int_libssh2_sha1(const unsigned char *message, unsigned long len,              unsigned char *out){#ifdef HAVE_OPAQUE_STRUCTS    EVP_MD_CTX * ctx = EVP_MD_CTX_new();    if(ctx == NULL)        return 1; /* error */    if(EVP_DigestInit(ctx, EVP_get_digestbyname("sha1"))) {        EVP_DigestUpdate(ctx, message, len);        EVP_DigestFinal(ctx, out, NULL);        EVP_MD_CTX_free(ctx);        return 0; /* success */    }    EVP_MD_CTX_free(ctx);#else    EVP_MD_CTX ctx;    EVP_MD_CTX_init(&ctx);    if(EVP_DigestInit(&ctx, EVP_get_digestbyname("sha1"))) {        EVP_DigestUpdate(&ctx, message, len);        EVP_DigestFinal(&ctx, out, NULL);        return 0; /* success */    }#endif    return 1; /* error */}

void module_sha256_create(struct image *image){	image->md = EVP_sha256();	image->mdctx = EVP_MD_CTX_new();	EVP_DigestInit_ex(image->mdctx, image->md, NULL);}

static jose_io_t *hsh(const jose_hook_alg_t *alg, jose_cfg_t *cfg, jose_io_t *next){    jose_io_auto_t *io = NULL;    const EVP_MD *md = NULL;    io_t *i = NULL;    switch (str2enum(alg->name, "S512", "S384", "S256", "S224", "S1", NULL)) {    case 0: md = EVP_sha512(); break;    case 1: md = EVP_sha384(); break;    case 2: md = EVP_sha256(); break;    case 3: md = EVP_sha224(); break;    case 4: md = EVP_sha1();   break;    }    i = calloc(1, sizeof(*i));    if (!i)        return NULL;    io = jose_io_incref(&i->io);    io->feed = hsh_feed;    io->done = hsh_done;    io->free = hsh_free;    i->next = jose_io_incref(next);    i->emc = EVP_MD_CTX_new();    if (!i->next || !i->emc)        return NULL;    if (EVP_DigestInit(i->emc, md) <= 0)        return NULL;    return jose_io_incref(io);}

/* NOTE: Caller must xfree the signature returned by sig_pp */extern intcrypto_sign(void * key, char *buffer, int buf_size, char **sig_pp,		unsigned int *sig_size_p){	EVP_MD_CTX    *ectx;	int           rc    = SLURM_SUCCESS;	int           ksize = EVP_PKEY_size((EVP_PKEY *) key);	/*	 * Allocate memory for signature: at most EVP_PKEY_size() bytes	 */	*sig_pp = xmalloc(ksize * sizeof(unsigned char));	ectx = EVP_MD_CTX_new();	EVP_SignInit(ectx, EVP_sha1());	EVP_SignUpdate(ectx, buffer, buf_size);	if (!(EVP_SignFinal(ectx, (unsigned char *)*sig_pp, sig_size_p,			(EVP_PKEY *) key))) {		rc = SLURM_ERROR;	}	EVP_MD_CTX_free(ectx);	return rc;}

static PyObject *EVP_hexdigest(EVPobject *self, PyObject *unused){    unsigned char digest[EVP_MAX_MD_SIZE];    EVP_MD_CTX *temp_ctx;    unsigned int digest_size;    temp_ctx = EVP_MD_CTX_new();    if (temp_ctx == NULL) {        PyErr_NoMemory();        return NULL;    }    /* Get the raw (binary) digest value */    if (!locked_EVP_MD_CTX_copy(temp_ctx, self)) {        return _setException(PyExc_ValueError);    }    digest_size = EVP_MD_CTX_size(temp_ctx);    if (!EVP_DigestFinal(temp_ctx, digest, NULL)) {        _setException(PyExc_ValueError);        return NULL;    }    EVP_MD_CTX_free(temp_ctx);    return _Py_strhex((const char *)digest, digest_size);}

int ssl3_digest_cached_records(SSL *s, int keep){    const EVP_MD *md;    long hdatalen;    void *hdata;    if (s->s3->handshake_dgst == NULL) {        hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);        if (hdatalen <= 0) {            SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, SSL_R_BAD_HANDSHAKE_LENGTH);            return 0;        }        s->s3->handshake_dgst = EVP_MD_CTX_new();        if (s->s3->handshake_dgst == NULL) {            SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, ERR_R_MALLOC_FAILURE);            return 0;        }        md = ssl_handshake_md(s);        if (   md == NULL            || !EVP_DigestInit_ex(s->s3->handshake_dgst, md, NULL)            || !EVP_DigestUpdate(s->s3->handshake_dgst, hdata, hdatalen))        {            SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, ERR_R_INTERNAL_ERROR);            return 0;        }    }    if (keep == 0) {        BIO_free(s->s3->handshake_buffer);        s->s3->handshake_buffer = NULL;    }    return 1;}

EVP_MD_CTX *md_ctx_new(void){    EVP_MD_CTX *ctx = EVP_MD_CTX_new();    check_malloc_return(ctx);    return ctx;}

/** Low-level signature verification. *  /param key_count Number of keys in the /a keys array  *         and number fo signatures in the /a sigs array. *  /param keys Array of keys.  The keys must include public key data. *  /param sigs Array of signatures, as returned from gale_crypto_sign_raw(). *  /param data Data to verify against signatures. *  /return Nonzero iff the all signatures are valid. */int gale_crypto_verify_raw(int key_count,        const struct gale_group *keys,        const struct gale_data *sigs,        struct gale_data data){	int i,is_valid = 1;	EVP_MD_CTX *context = EVP_MD_CTX_new();	RSA *rsa;	EVP_VerifyInit(context,EVP_md5());	EVP_VerifyUpdate(context,data.p,data.l);	for (i = 0; is_valid && i < key_count; ++i) {		EVP_PKEY *key = EVP_PKEY_new();		EVP_PKEY_assign_RSA(key,RSA_new());		rsa = EVP_PKEY_get0_RSA(key);		crypto_i_rsa(keys[i],rsa);		if (!crypto_i_public_valid(rsa)) {			gale_alert(GALE_WARNING,G_("invalid public key"),0);			is_valid = 0;			goto cleanup;		}		if (!EVP_VerifyFinal(context,sigs[i].p,sigs[i].l,key)) {			crypto_i_error();			is_valid = 0;			goto cleanup;		}	cleanup:		EVP_PKEY_free(key);	}	return is_valid;}

DIGEST_CTX rpmDigestInit(int hashalgo, rpmDigestFlags flags){    DIGEST_CTX ctx = xcalloc(1, sizeof(*ctx));    ctx->md_ctx = EVP_MD_CTX_new();    if (!ctx->md_ctx) {        free(ctx);        return NULL;    }    const EVP_MD *md = getEVPMD(hashalgo);    if (md == EVP_md_null()) {        free(ctx->md_ctx);        free(ctx);        return NULL;    }    ctx->algo = hashalgo;    ctx->flags = flags;    if (!EVP_DigestInit_ex(ctx->md_ctx, md, NULL)) {        free(ctx->md_ctx);        free(ctx);        return NULL;    }    return ctx;}

int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,                char *data, EVP_PKEY *pkey){    EVP_MD_CTX *ctx = EVP_MD_CTX_new();    const EVP_MD *type;    unsigned char *p, *buf_in = NULL;    int ret = -1, i, inl;    if (ctx == NULL) {        ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_MALLOC_FAILURE);        goto err;    }    i = OBJ_obj2nid(a->algorithm);    type = EVP_get_digestbyname(OBJ_nid2sn(i));    if (type == NULL) {        ASN1err(ASN1_F_ASN1_VERIFY, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);        goto err;    }    if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7) {        ASN1err(ASN1_F_ASN1_VERIFY, ASN1_R_INVALID_BIT_STRING_BITS_LEFT);        goto err;    }    inl = i2d(data, NULL);    if (inl <= 0) {        ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_INTERNAL_ERROR);        goto err;    }    buf_in = OPENSSL_malloc((unsigned int)inl);    if (buf_in == NULL) {        ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_MALLOC_FAILURE);        goto err;    }    p = buf_in;    i2d(data, &p);    ret = EVP_VerifyInit_ex(ctx, type, NULL)        && EVP_VerifyUpdate(ctx, (unsigned char *)buf_in, inl);    OPENSSL_clear_free(buf_in, (unsigned int)inl);    if (!ret) {        ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_EVP_LIB);        goto err;    }    ret = -1;    if (EVP_VerifyFinal(ctx, (unsigned char *)signature->data,                        (unsigned int)signature->length, pkey) <= 0) {        ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_EVP_LIB);        ret = 0;        goto err;    }    ret = 1; err:    EVP_MD_CTX_free(ctx);    return ret;}

int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,                        size_t *siglen){    int sctx = 0, r = 0;    EVP_PKEY_CTX *pctx = ctx->pctx;    if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM) {        if (!sigret)            return pctx->pmeth->signctx(pctx, sigret, siglen, ctx);        if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE)            r = pctx->pmeth->signctx(pctx, sigret, siglen, ctx);        else {            EVP_PKEY_CTX *dctx = EVP_PKEY_CTX_dup(ctx->pctx);            if (!dctx)                return 0;            r = dctx->pmeth->signctx(dctx, sigret, siglen, ctx);            EVP_PKEY_CTX_free(dctx);        }        return r;    }    if (pctx->pmeth->signctx)        sctx = 1;    else        sctx = 0;    if (sigret) {        unsigned char md[EVP_MAX_MD_SIZE];        unsigned int mdlen = 0;        if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) {            if (sctx)                r = ctx->pctx->pmeth->signctx(ctx->pctx, sigret, siglen, ctx);            else                r = EVP_DigestFinal_ex(ctx, md, &mdlen);        } else {            EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new();            if (tmp_ctx == NULL || !EVP_MD_CTX_copy_ex(tmp_ctx, ctx))                return 0;            if (sctx)                r = tmp_ctx->pctx->pmeth->signctx(tmp_ctx->pctx,                                                  sigret, siglen, tmp_ctx);            else                r = EVP_DigestFinal_ex(tmp_ctx, md, &mdlen);            EVP_MD_CTX_free(tmp_ctx);        }        if (sctx || !r)            return r;        if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)            return 0;    } else {        if (sctx) {            if (pctx->pmeth->signctx(pctx, sigret, siglen, ctx) <= 0)                return 0;        } else {            int s = EVP_MD_size(ctx->digest);            if (s < 0 || EVP_PKEY_sign(pctx, sigret, siglen, NULL, s) <= 0)                return 0;        }    }    return 1;}

PKI_MEM * HSM_OPENSSL_sign(PKI_MEM *der, PKI_DIGEST_ALG *digest, PKI_X509_KEYPAIR *key){	EVP_MD_CTX *ctx = NULL;	size_t out_size = 0;	size_t ossl_ret = 0;	PKI_MEM *out_mem = NULL;	EVP_PKEY *pkey = NULL;	if (!der || !der->data || !key || !key->value)	{		PKI_ERROR( PKI_ERR_PARAM_NULL, NULL);		return NULL;	}	// Private Key	pkey = key->value;	// Get the Maximum size of a signature	ossl_ret = out_size = (size_t) EVP_PKEY_size(pkey);	// Initialize the return structure	out_mem = PKI_MEM_new ((size_t)out_size);	ctx = EVP_MD_CTX_new();	if (!out_mem || !ctx) {		if (ctx) EVP_MD_CTX_free(ctx);		if (out_mem) PKI_MEM_free(out_mem);		PKI_ERROR( PKI_ERR_MEMORY_ALLOC, NULL);		return NULL;	}	EVP_MD_CTX_init(ctx);	EVP_SignInit_ex(ctx, digest, NULL);	EVP_SignUpdate (ctx, der->data, der->size);	// Finalize the signature	if (!EVP_SignFinal(ctx, out_mem->data, (unsigned int *) &ossl_ret, pkey))	{		PKI_log_err("ERROR while finalizing signature (%s)", 			HSM_OPENSSL_get_errdesc(HSM_OPENSSL_get_errno(), NULL, 0));		PKI_MEM_free(out_mem);		out_mem = NULL;	}	else out_mem->size = (size_t) ossl_ret;	// Cleanup the context#if OPENSSL_VERSION_NUMBER <= 0x1010000f	EVP_MD_CTX_cleanup(ctx);#else	EVP_MD_CTX_reset(ctx);#endif	EVP_MD_CTX_free(ctx);	return out_mem;}

int tls13_export_keying_material_early(SSL *s, unsigned char *out, size_t olen,                                       const char *label, size_t llen,                                       const unsigned char *context,                                       size_t contextlen){    static const unsigned char exporterlabel[] = "exporter";    unsigned char exportsecret[EVP_MAX_MD_SIZE];    unsigned char hash[EVP_MAX_MD_SIZE], data[EVP_MAX_MD_SIZE];    const EVP_MD *md;    EVP_MD_CTX *ctx = EVP_MD_CTX_new();    unsigned int hashsize, datalen;    int ret = 0;    const SSL_CIPHER *sslcipher;    if (ctx == NULL || !ossl_statem_export_early_allowed(s))        goto err;    if (!s->server && s->max_early_data > 0            && s->session->ext.max_early_data == 0)        sslcipher = SSL_SESSION_get0_cipher(s->psksession);    else        sslcipher = SSL_SESSION_get0_cipher(s->session);    md = ssl_md(sslcipher->algorithm2);    /*     * Calculate the hash value and store it in |data|. The reason why     * the empty string is used is that the definition of TLS-Exporter     * is like so:     *     * TLS-Exporter(label, context_value, key_length) =     *     HKDF-Expand-Label(Derive-Secret(Secret, label, ""),     *                       "exporter", Hash(context_value), key_length)     *     * Derive-Secret(Secret, Label, Messages) =     *       HKDF-Expand-Label(Secret, Label,     *                         Transcript-Hash(Messages), Hash.length)     *     * Here Transcript-Hash is the cipher suite hash algorithm.     */    if (EVP_DigestInit_ex(ctx, md, NULL) <= 0            || EVP_DigestUpdate(ctx, context, contextlen) <= 0            || EVP_DigestFinal_ex(ctx, hash, &hashsize) <= 0            || EVP_DigestInit_ex(ctx, md, NULL) <= 0            || EVP_DigestFinal_ex(ctx, data, &datalen) <= 0            || !tls13_hkdf_expand(s, md, s->early_exporter_master_secret,                                  (const unsigned char *)label, llen,                                  data, datalen, exportsecret, hashsize, 0)            || !tls13_hkdf_expand(s, md, exportsecret, exporterlabel,                                  sizeof(exporterlabel) - 1, hash, hashsize,                                  out, olen, 0))        goto err;    ret = 1; err:    EVP_MD_CTX_free(ctx);    return ret;}

int main(int argc, char *argv[]){    int i, err = 0;    char **P, **R;    static unsigned char buf[1000];    char *p, *r;    EVP_MD_CTX *c;    unsigned char md[SHA_DIGEST_LENGTH];#ifdef CHARSET_EBCDIC    ebcdic2ascii(test[0], test[0], strlen(test[0]));    ebcdic2ascii(test[1], test[1], strlen(test[1]));#endif    c = EVP_MD_CTX_new();    P = test;    R = ret;    i = 1;    while (*P != NULL) {        EVP_Digest(*P, strlen((char *)*P), md, NULL, EVP_sha1(), NULL);        p = pt(md);        if (strcmp(p, (char *)*R) != 0) {            printf("error calculating SHA1 on '%s'/n", *P);            printf("got %s instead of %s/n", p, *R);            err++;        } else            printf("test %d ok/n", i);        i++;        R++;        P++;    }    memset(buf, 'a', 1000);#ifdef CHARSET_EBCDIC    ebcdic2ascii(buf, buf, 1000);#endif                         /* CHARSET_EBCDIC */    EVP_DigestInit_ex(c, EVP_sha1(), NULL);    for (i = 0; i < 1000; i++)        EVP_DigestUpdate(c, buf, 1000);    EVP_DigestFinal_ex(c, md, NULL);    p = pt(md);    r = bigret;    if (strcmp(p, r) != 0) {        printf("error calculating SHA1 on 'a' * 1000/n");        printf("got %s instead of %s/n", p, r);        err++;    } else        printf("test 3 ok/n");#ifdef OPENSSL_SYS_NETWARE    if (err)        printf("ERROR: %d/n", err);#endif    EVP_MD_CTX_free(c);    EXIT(err);    return (0);}

static int test_EVP_DigestSignInit(void){    int ret = 0;    EVP_PKEY *pkey = NULL;    unsigned char *sig = NULL;    size_t sig_len = 0;    EVP_MD_CTX *md_ctx, *md_ctx_verify = NULL;    if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())            || !TEST_ptr(md_ctx_verify = EVP_MD_CTX_new())            || !TEST_ptr(pkey = load_example_rsa_key()))        goto out;    if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))            || !TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))        goto out;    /* Determine the size of the signature. */    if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))            || !TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))        goto out;    if (!TEST_ptr(sig = OPENSSL_malloc(sig_len))            || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))        goto out;    /* Ensure that the signature round-trips. */    if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sha256(),                                        NULL, pkey))            || !TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify,                                                 kMsg, sizeof(kMsg)))            || !TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))        goto out;    ret = 1; out:    EVP_MD_CTX_free(md_ctx);    EVP_MD_CTX_free(md_ctx_verify);    EVP_PKEY_free(pkey);    OPENSSL_free(sig);    return ret;}

void evp(int nid, unsigned char *digest, int len, unsigned char *hash, unsigned int *hlen){    const EVP_MD *evp_md = nid_to_evpmd(nid);    EVP_MD_CTX *md = EVP_MD_CTX_new();    EVP_DigestInit(md, evp_md);    EVP_DigestUpdate(md, digest, len);    EVP_DigestFinal(md, hash, hlen);    EVP_MD_CTX_free(md);}

void CC_EVP(const EVP_MD *evp, uint32_t mlen, const void *data, uint32_t len, unsigned char *md){	unsigned int mdlen = mlen;	EVP_MD_CTX* c = EVP_MD_CTX_new();	EVP_MD_CTX_reset(c);	EVP_DigestInit(c, evp);	EVP_DigestUpdate(c, data, len);	EVP_DigestFinal(c, md, &mdlen);		EVP_MD_CTX_free(c);}

int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,                                size_t len, size_t *secret_size){    static const unsigned char *salt[3] = {#ifndef CHARSET_EBCDIC        (const unsigned char *)"A",        (const unsigned char *)"BB",        (const unsigned char *)"CCC",#else        (const unsigned char *)"/x41",        (const unsigned char *)"/x42/x42",        (const unsigned char *)"/x43/x43/x43",#endif    };    unsigned char buf[EVP_MAX_MD_SIZE];    EVP_MD_CTX *ctx = EVP_MD_CTX_new();    int i, ret = 1;    unsigned int n;    size_t ret_secret_size = 0;    if (ctx == NULL) {        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_GENERATE_MASTER_SECRET,                 ERR_R_MALLOC_FAILURE);        return 0;    }    for (i = 0; i < 3; i++) {        if (EVP_DigestInit_ex(ctx, s->ctx->sha1, NULL) <= 0            || EVP_DigestUpdate(ctx, salt[i],                                strlen((const char *)salt[i])) <= 0            || EVP_DigestUpdate(ctx, p, len) <= 0            || EVP_DigestUpdate(ctx, &(s->s3->client_random[0]),                                SSL3_RANDOM_SIZE) <= 0            || EVP_DigestUpdate(ctx, &(s->s3->server_random[0]),                                SSL3_RANDOM_SIZE) <= 0               /* TODO(size_t) : convert me */            || EVP_DigestFinal_ex(ctx, buf, &n) <= 0            || EVP_DigestInit_ex(ctx, s->ctx->md5, NULL) <= 0            || EVP_DigestUpdate(ctx, p, len) <= 0            || EVP_DigestUpdate(ctx, buf, n) <= 0            || EVP_DigestFinal_ex(ctx, out, &n) <= 0) {            SSLfatal(s, SSL_AD_INTERNAL_ERROR,                     SSL_F_SSL3_GENERATE_MASTER_SECRET, ERR_R_INTERNAL_ERROR);            ret = 0;            break;        }        out += n;        ret_secret_size += n;    }    EVP_MD_CTX_free(ctx);    OPENSSL_cleanse(buf, sizeof(buf));    if (ret)        *secret_size = ret_secret_size;    return ret;}