自学教程：C++ EVP_sha512函数代码示例

bool CCrypter::SetKeyFromPassphrase(const SecureString& strKeyData, const std::vector<unsigned char>& chSalt, const unsigned int nRounds, const unsigned int nDerivationMethod){    if (nRounds < 1 || chSalt.size() != WALLET_CRYPTO_SALT_SIZE)        return false;    int i = 0;    if (nDerivationMethod == 0)        i = EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha512(), &chSalt[0],                          (unsigned char *)&strKeyData[0], strKeyData.size(), nRounds, chKey, chIV);    if (i != (int)WALLET_CRYPTO_KEY_SIZE)    {        OPENSSL_cleanse(chKey, sizeof(chKey));        OPENSSL_cleanse(chIV, sizeof(chIV));        return false;    }    fKeySet = true;    return true;}

static int hb_EVP_MD_ptr_to_id( const EVP_MD * p ){   int n;   if(      p == EVP_md_null()   ) n = HB_EVP_MD_MD_NULL;#ifndef OPENSSL_NO_MD2   else if( p == EVP_md2()       ) n = HB_EVP_MD_MD2;#endif#ifndef OPENSSL_NO_MD4   else if( p == EVP_md4()       ) n = HB_EVP_MD_MD4;#endif#ifndef OPENSSL_NO_MD5   else if( p == EVP_md5()       ) n = HB_EVP_MD_MD5;#endif#ifndef OPENSSL_NO_SHA   else if( p == EVP_sha()       ) n = HB_EVP_MD_SHA;   else if( p == EVP_sha1()      ) n = HB_EVP_MD_SHA1;   else if( p == EVP_dss()       ) n = HB_EVP_MD_DSS;   else if( p == EVP_dss1()      ) n = HB_EVP_MD_DSS1;#if ! defined( HB_OPENSSL_OLD_OSX_ )   else if( p == EVP_ecdsa()     ) n = HB_EVP_MD_ECDSA;#endif#endif#ifndef OPENSSL_NO_SHA256   else if( p == EVP_sha224()    ) n = HB_EVP_MD_SHA224;   else if( p == EVP_sha256()    ) n = HB_EVP_MD_SHA256;#endif#ifndef OPENSSL_NO_SHA512   else if( p == EVP_sha384()    ) n = HB_EVP_MD_SHA384;   else if( p == EVP_sha512()    ) n = HB_EVP_MD_SHA512;#endif#ifndef OPENSSL_NO_MDC2   else if( p == EVP_mdc2()      ) n = HB_EVP_MD_MDC2;#endif#ifndef OPENSSL_NO_RIPEMD   else if( p == EVP_ripemd160() ) n = HB_EVP_MD_RIPEMD160;#endif   else                            n = HB_EVP_MD_UNSUPPORTED;   return n;}

void openssl_add_all_digests_int(void){#ifndef OPENSSL_NO_MD4    EVP_add_digest(EVP_md4());#endif#ifndef OPENSSL_NO_MD5    EVP_add_digest(EVP_md5());    EVP_add_digest_alias(SN_md5, "ssl3-md5");    EVP_add_digest(EVP_md5_sha1());#endif    EVP_add_digest(EVP_sha1());    EVP_add_digest_alias(SN_sha1, "ssl3-sha1");    EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);#if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)    EVP_add_digest(EVP_mdc2());#endif#ifndef OPENSSL_NO_RMD160    EVP_add_digest(EVP_ripemd160());    EVP_add_digest_alias(SN_ripemd160, "ripemd");    EVP_add_digest_alias(SN_ripemd160, "rmd160");#endif    EVP_add_digest(EVP_sha224());    EVP_add_digest(EVP_sha256());    EVP_add_digest(EVP_sha384());    EVP_add_digest(EVP_sha512());#ifndef OPENSSL_NO_WHIRLPOOL    EVP_add_digest(EVP_whirlpool());#endif#ifndef OPENSSL_NO_BLAKE2    EVP_add_digest(EVP_blake2b512());    EVP_add_digest(EVP_blake2s256());#endif    EVP_add_digest(EVP_sha3_224());    EVP_add_digest(EVP_sha3_256());    EVP_add_digest(EVP_sha3_384());    EVP_add_digest(EVP_sha3_512());#if 0    EVP_add_digest(EVP_shake128());    EVP_add_digest(EVP_shake256());#endif}

/* TODO(davidben): Forbid RSA-PKCS1 in TLS 1.3. For now we allow it because NSS * has yet to start doing RSA-PSS, so enforcing it would complicate interop * testing. */static int is_rsa_pkcs1(const EVP_MD **out_md, uint16_t sigalg) {  switch (sigalg) {    case SSL_SIGN_RSA_PKCS1_MD5_SHA1:      *out_md = EVP_md5_sha1();      return 1;    case SSL_SIGN_RSA_PKCS1_SHA1:      *out_md = EVP_sha1();      return 1;    case SSL_SIGN_RSA_PKCS1_SHA256:      *out_md = EVP_sha256();      return 1;    case SSL_SIGN_RSA_PKCS1_SHA384:      *out_md = EVP_sha384();      return 1;    case SSL_SIGN_RSA_PKCS1_SHA512:      *out_md = EVP_sha512();      return 1;    default:      return 0;  }}

KDF_FUNC KDF_get_x9_63(const EVP_MD *md){	if 	(md == EVP_md5())		return x963_md5kdf;	else if (md == EVP_ripemd160())		return x963_rmd160kdf;	else if (md == EVP_sha1())		return x963_sha1kdf;	else if (md == EVP_sha224())			return x963_sha224kdf;	else if (md == EVP_sha256())		return x963_sha256kdf;	else if (md == EVP_sha384())		return x963_sha384kdf;	else if (md == EVP_sha512())		return x963_sha512kdf;	else if (md == EVP_sm3())		return x963_sm3kdf;	return NULL;}

static inline const EVP_MD *digest_decide_md(const unsigned int alg){	switch (alg)	{		case DIGALG_MD5:			return EVP_md5();		case DIGALG_SHA1:			return EVP_sha1();		case DIGALG_SHA2_256:			return EVP_sha256();		case DIGALG_SHA2_512:			return EVP_sha512();	}	(void) slog(LG_ERROR, "%s: called with unknown/unimplemented alg '%u' (BUG)", __func__, alg);	return NULL;}

boolcrypto_rsa_verify_signature(struct string *databuffer, struct string *signature, const char *pubkey){	int err;	bool retval;	EVP_MD_CTX md_ctx;	EVP_PKEY *pkey;	/* load public key into openssl structure */        pkey = crypto_load_key(pubkey, false);        if (pkey == NULL) {            log_err("crypto_verify_signature: key loading failed/n");            return false;        }                /* Verify the signature */        if (EVP_VerifyInit(&md_ctx, EVP_sha512()) != 1) {            log_err("crypto_verify_signature: libcrypto verify init failed/n");            EVP_PKEY_free(pkey);            return false;        }        EVP_VerifyUpdate(&md_ctx, string_get(databuffer), string_length(databuffer));        err = EVP_VerifyFinal(&md_ctx, (unsigned char*)string_get(signature), string_length(signature), pkey);        EVP_PKEY_free(pkey);                if (err != 1) {            log_err("crypto_verify_signature: signature verify failed, received bogus data from backend./n");            ERR_print_errors_fp(stderr);            retval = false;            goto bailout_ctx_cleanup;        }        retval = true;bailout_ctx_cleanup:        EVP_MD_CTX_cleanup(&md_ctx);        //log_info("Signature Verified Ok./n");	return retval;}

static void_md_init_subsystem (void){    int i;    for (i = 0; i < MUNGE_MAC_LAST_ITEM; i++) {        _md_map [i] = NULL;    }    _md_map [MUNGE_MAC_MD5] = EVP_md5 ();    _md_map [MUNGE_MAC_SHA1] = EVP_sha1 ();    _md_map [MUNGE_MAC_RIPEMD160] = EVP_ripemd160 ();#if HAVE_EVP_SHA256    _md_map [MUNGE_MAC_SHA256] = EVP_sha256 ();#endif /* HAVE_EVP_SHA256 */#if HAVE_EVP_SHA512    _md_map [MUNGE_MAC_SHA512] = EVP_sha512 ();#endif /* HAVE_EVP_SHA512 */    return;}

/* This function signs the buffer passed as argument, returns the length of the signature * else -1 on error * It leaves the sign in **sign_buf (which is allocated) */int sign_hello(unsigned char* hello_buf,unsigned int hello_len,unsigned char** sign_buf){	EVP_MD_CTX* ctx = NULL;	unsigned int sign_len;	EVP_PKEY* evp = EVP_PKEY_new();	FILE* fp;	*sign_buf = NULL;	ctx = (EVP_MD_CTX*)calloc(1,sizeof(EVP_MD_CTX));	EVP_MD_CTX_init(ctx);	OpenSSL_add_all_algorithms();	if((fp=fopen(PRIV_KEY,"r"))==NULL){		goto fail;	}	if((evp=PEM_read_PrivateKey(fp,NULL,NULL,NULL))==NULL){		goto fail;	}	*sign_buf = (unsigned char*)calloc(1,EVP_PKEY_size(evp));   	if(EVP_SignInit(ctx,EVP_sha512())==0){		goto fail;	}	if(EVP_SignUpdate(ctx,hello_buf,hello_len)==0){		goto fail;	}	if(EVP_SignFinal(ctx,*sign_buf,&sign_len,evp)==0){		goto fail;	}		EVP_MD_CTX_cleanup(ctx);	free(ctx);	EVP_PKEY_free(evp);	return sign_len;    fail:	EVP_MD_CTX_cleanup(ctx); 	free(ctx);	if (*sign_buf != NULL) {		free(*sign_buf);	}	return -1;}

static int is_ecdsa(int *out_curve, const EVP_MD **out_md, uint16_t sigalg) {  switch (sigalg) {    case SSL_SIGN_ECDSA_SHA1:      *out_curve = NID_undef;      *out_md = EVP_sha1();      return 1;    case SSL_SIGN_ECDSA_SECP256R1_SHA256:      *out_curve = NID_X9_62_prime256v1;      *out_md = EVP_sha256();      return 1;    case SSL_SIGN_ECDSA_SECP384R1_SHA384:      *out_curve = NID_secp384r1;      *out_md = EVP_sha384();      return 1;    case SSL_SIGN_ECDSA_SECP521R1_SHA512:      *out_curve = NID_secp521r1;      *out_md = EVP_sha512();      return 1;    default:      return 0;  }}

intlws_genhmac_init(struct lws_genhmac_ctx *ctx, enum lws_genhmac_types type,		 const uint8_t *key, size_t key_len){	EVP_PKEY *pkey;	ctx->type = type;	switch (type) {	case LWS_GENHMAC_TYPE_SHA256:		ctx->evp_type = EVP_sha256();		break;	case LWS_GENHMAC_TYPE_SHA384:		ctx->evp_type = EVP_sha384();		break;	case LWS_GENHMAC_TYPE_SHA512:		ctx->evp_type = EVP_sha512();		break;	default:		lwsl_err("%s: unknown HMAC type %d/n", __func__, type);		return -1;	}        ctx->ctx = EVP_MD_CTX_create();        if (!ctx->ctx)		return -1;        if (EVP_DigestInit_ex(ctx->ctx, ctx->evp_type, NULL) != 1)		return -1;        pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, key, (int)key_len);        if (EVP_DigestSignInit(ctx->ctx, NULL, ctx->evp_type, NULL, pkey) != 1)		return -1;        EVP_PKEY_free(pkey);	return 0;}

const EVP_MD *FIPS_get_digestbynid(int nid){    switch (nid) {    case NID_sha1:        return EVP_sha1();    case NID_sha224:        return EVP_sha224();    case NID_sha256:        return EVP_sha256();    case NID_sha384:        return EVP_sha384();    case NID_sha512:        return EVP_sha512();    default:        return NULL;    }}

static int get_hash_via_env_var(char *hash){	int 		fd;	char 		*ob_key;	struct stat 	stat_info;	char 		*p;	if (NULL == (ob_key = (char *) getenv("gtm_obfuscation_key")))		return 1;	fd = open(ob_key, O_RDONLY);	if (fd == -1)		return 1;	if (fstat(fd, &stat_info) == -1)		return 1;	if (!S_ISREG(stat_info.st_mode))		return 1;	p = mmap(0, stat_info.st_size, PROT_READ, MAP_SHARED, fd, 0);	if (MAP_FAILED == p)		return 1;	if (-1 == close(fd))		return 1;#	ifdef USE_OPENSSL	EVP_Digest(p, stat_info.st_size, (unsigned char *)hash, NULL, EVP_sha512(), NULL);#	elif defined USE_GCRYPT	gcry_md_hash_buffer(GCRY_MD_SHA512, hash, p, stat_info.st_size );#	endif	/* Since we have what we want no need to check the status of the munmap */	munmap(p, stat_info.st_size);	return 0;}

PARCSymmetricKeySigner *parcSymmetricKeySigner_Create(PARCSymmetricKeyStore *keyStore, PARCCryptoHashType hmacHashType){    PARCSymmetricKeySigner *result = parcObject_CreateInstance(PARCSymmetricKeySigner);    if (result != NULL) {        result->hashType = hmacHashType;        switch (hmacHashType) {            case PARC_HASH_SHA256:                result->hashLength = SHA256_DIGEST_LENGTH;                result->opensslMd = EVP_sha256();                break;            case PARC_HASH_SHA512:                result->hashLength = SHA512_DIGEST_LENGTH;                result->opensslMd = EVP_sha512();                break;            default:                parcObject_Release((void **) &result);                trapIllegalValue(hmacHashType, "Unknown HMAC hash type: %d", hmacHashType);        }        // the signer key digest is SHA256, independent of the HMAC digest        result->secretKeyHash = parcSymmetricKeyStore_GetVerifierKeyDigest(keyStore);        result->keyStore = parcSymmetricKeyStore_Acquire(keyStore);        result->generalKeyStore = parcKeyStore_Create(result->keyStore, PARCSymmetricKeyStoreAsKeyStore);        // create the functor from the template then specialize it to this keystore.        // This depends on keystore->secret_key being set.  It will cause a callback        // into hmac_setup()        result->hasherFunctor = functor_hmac;        result->hasherFunctor.functor_env = result;        result->hasher = parcCryptoHasher_CustomHasher(hmacHashType, result->hasherFunctor);    }    return result;}

bool HMAC_Create(COSE_MacMessage * pcose, int HSize, int TSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr){	HMAC_CTX ctx;	const EVP_MD * pmd = NULL;	byte * rgbOut = NULL;	unsigned int cbOut;#ifdef USE_CBOR_CONTEXT	cn_cbor_context * context = &pcose->m_message.m_allocContext;#endif	HMAC_CTX_init(&ctx);	if (0) {	errorReturn:		COSE_FREE(rgbOut, context);		HMAC_cleanup(&ctx);		return false;	}	switch (HSize) {	case 256: pmd = EVP_sha256(); break;	case 384: pmd = EVP_sha384(); break;	case 512: pmd = EVP_sha512(); break;	default: FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER); break;	}	rgbOut = COSE_CALLOC(EVP_MAX_MD_SIZE, 1, context);	CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);	CHECK_CONDITION(HMAC_Init(&ctx, pbKey, (int) cbKey, pmd), COSE_ERR_CRYPTO_FAIL);	CHECK_CONDITION(HMAC_Update(&ctx, pbAuthData, cbAuthData), COSE_ERR_CRYPTO_FAIL);	CHECK_CONDITION(HMAC_Final(&ctx, rgbOut, &cbOut), COSE_ERR_CRYPTO_FAIL);	CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cn_cbor_data_create(rgbOut, TSize / 8, CBOR_CONTEXT_PARAM_COMMA NULL), INDEX_MAC_TAG, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);	HMAC_cleanup(&ctx);	return true;}

char* CryptoHandler::hmac_sha512(char* datain, char* keyin, const bool& base64){	unsigned char* key = (unsigned char*) keyin;	unsigned char* data = (unsigned char*) datain;	unsigned char* result;	unsigned int result_len = 64;	HMAC_CTX ctx;	result = (unsigned char*) malloc(sizeof(char) * result_len);	ENGINE_load_builtin_engines();	ENGINE_register_all_complete();	HMAC_CTX_init(&ctx);	HMAC_Init_ex(&ctx, key, strlen(keyin), EVP_sha512(), NULL);	HMAC_Update(&ctx, data, strlen(datain));	HMAC_Final(&ctx, result, &result_len);	HMAC_CTX_cleanup(&ctx);	if(base64)		return base64encode(result,result_len);	return (char*)result;}

static int sqlcipher_openssl_kdf(void *ctx, int algorithm, const unsigned char *pass, int pass_sz, unsigned char* salt, int salt_sz, int workfactor, int key_sz, unsigned char *key) {  int rc = SQLITE_OK;   switch(algorithm) {    case SQLCIPHER_HMAC_SHA1:      if(!PKCS5_PBKDF2_HMAC((const char *)pass, pass_sz, salt, salt_sz, workfactor, EVP_sha1(), key_sz, key)) goto error;      break;    case SQLCIPHER_HMAC_SHA256:      if(!PKCS5_PBKDF2_HMAC((const char *)pass, pass_sz, salt, salt_sz, workfactor, EVP_sha256(), key_sz, key)) goto error;      break;    case SQLCIPHER_HMAC_SHA512:      if(!PKCS5_PBKDF2_HMAC((const char *)pass, pass_sz, salt, salt_sz, workfactor, EVP_sha512(), key_sz, key)) goto error;      break;    default:      return SQLITE_ERROR;  }  goto cleanup;error:  rc = SQLITE_ERROR;cleanup:  return rc;}

/*! * /brief Get message digest type for a given algorithm. * * /param algorithm  Algorithm number. * * /return Pointer to digest type specification, NULL if not implemented. */static const EVP_MD *get_digest_type(knot_dnssec_algorithm_t algorithm){	// EVP_<digest>() functions should not fail (return NULL)	switch (algorithm) {	case KNOT_DNSSEC_ALG_RSASHA1:	case KNOT_DNSSEC_ALG_RSASHA1_NSEC3_SHA1:	case KNOT_DNSSEC_ALG_DSA:	case KNOT_DNSSEC_ALG_DSA_NSEC3_SHA1:		return EVP_sha1();	case KNOT_DNSSEC_ALG_RSAMD5:		return EVP_md5();	case KNOT_DNSSEC_ALG_RSASHA256:	case KNOT_DNSSEC_ALG_ECDSAP256SHA256:		return EVP_sha256();	case KNOT_DNSSEC_ALG_ECDSAP384SHA384:		return EVP_sha384();	case KNOT_DNSSEC_ALG_RSASHA512:		return EVP_sha512();	default:		return NULL;	}}

/* SHA512: generate hash of known digest value and compare to known   precomputed correct hash*/static int FIPS_sha512_test(){    unsigned char digest[SHA512_DIGEST_LENGTH] =    {   0x99, 0xc9, 0xe9, 0x5b, 0x88, 0xd4, 0x78, 0x88, 0xdf, 0x88, 0x5f,        0x94, 0x71, 0x64, 0x28, 0xca,        0x16, 0x1f, 0x3d, 0xf4, 0x1f, 0xf3, 0x0f, 0xc5, 0x03, 0x99, 0xb2,        0xd0, 0xe7, 0x0b, 0x94, 0x4a,        0x45, 0xd2, 0x6c, 0x4f, 0x20, 0x06, 0xef, 0x71, 0xa9, 0x25, 0x7f,        0x24, 0xb1, 0xd9, 0x40, 0x22,        0x49, 0x54, 0x10, 0xc2, 0x22, 0x9d, 0x27, 0xfe, 0xbd, 0xd6, 0xd6,        0xeb, 0x2d, 0x42, 0x1d, 0xa3    };    unsigned char str[] = "etaonrishd";    unsigned char md[SHA512_DIGEST_LENGTH];    ERR_clear_error();    if (!EVP_Digest(str, sizeof(str) - 1, md, NULL, EVP_sha512(), NULL))        return 0;    if (memcmp(md, digest, sizeof(md)))        return 0;    return 1;}

static int sqlcipher_openssl_hmac(void *ctx, int algorithm, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out) {  unsigned int outlen;  int rc = SQLITE_OK;  HMAC_CTX* hctx = NULL;  if(in == NULL) goto error;  hctx = HMAC_CTX_new();  if(hctx == NULL) goto error;  switch(algorithm) {    case SQLCIPHER_HMAC_SHA1:      if(!HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha1(), NULL)) goto error;      break;    case SQLCIPHER_HMAC_SHA256:      if(!HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha256(), NULL)) goto error;      break;    case SQLCIPHER_HMAC_SHA512:      if(!HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha512(), NULL)) goto error;      break;    default:      goto error;  }  if(!HMAC_Update(hctx, in, in_sz)) goto error;  if(in2 != NULL) {    if(!HMAC_Update(hctx, in2, in2_sz)) goto error;  }  if(!HMAC_Final(hctx, out, &outlen)) goto error;    goto cleanup;error:  rc = SQLITE_ERROR;cleanup:  if(hctx) HMAC_CTX_free(hctx);  return rc;}

extern "C" K qHMAC512(K data, K key){    unsigned int SHA512_DIGEST_LENGTH=64;    unsigned char md[SHA512_DIGEST_LENGTH];    unsigned char result[SHA512_DIGEST_LENGTH];    unsigned int len=0;    K ret = ktn(KG,SHA512_DIGEST_LENGTH);    HMAC_CTX ctx;    HMAC_CTX_init(&ctx);    HMAC_Init_ex(&ctx, key->s, strlen(key->s), EVP_sha512(), NULL);    HMAC_Update(&ctx, (unsigned char*)(data->s), strlen(data->s));    HMAC_Final(&ctx, result, &len);    HMAC_CTX_cleanup(&ctx);    for(int i=0; i < len ; i++)        kG(ret)[i]=result[i];    return (ret);}

HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type) {  HMACCTX ctx = NULL;  ctx = HMAC_CTX_new();  if (ctx == NULL) {    return NULL;  }#ifndef OLD_CRYPTO  HMAC_CTX_reset(ctx); // openssl 0.9.7 requires it.#endif  switch(type) {    case SSH_HMAC_SHA1:      HMAC_Init_ex(ctx, key, len, EVP_sha1(), NULL);      break;    case SSH_HMAC_SHA256:      HMAC_Init_ex(ctx, key, len, EVP_sha256(), NULL);      break;    case SSH_HMAC_SHA384:      HMAC_Init_ex(ctx, key, len, EVP_sha384(), NULL);      break;    case SSH_HMAC_SHA512:      HMAC_Init_ex(ctx, key, len, EVP_sha512(), NULL);      break;    case SSH_HMAC_MD5:      HMAC_Init_ex(ctx, key, len, EVP_md5(), NULL);      break;    default:      HMAC_CTX_free(ctx);      SAFE_FREE(ctx);      ctx = NULL;  }  return ctx;}

voidisc_hmacsha512_init(isc_hmacsha512_t *ctx, const unsigned char *key,		    unsigned int len){	HMAC_Init(ctx, (const void *) key, (int) len, EVP_sha512());}

/** * Setup key and digest for verification. Adjust sig if necessary. * * @param algo: key algorithm * @param evp_key: EVP PKEY public key to create. * @param digest_type: digest type to use * @param key: key to setup for. * @param keylen: length of key. * @return false on failure. */static intsetup_key_digest(int algo, EVP_PKEY** evp_key, const EVP_MD** digest_type, 	unsigned char* key, size_t keylen){#if defined(USE_DSA) && defined(USE_SHA1)	DSA* dsa;#endif	RSA* rsa;	switch(algo) {#if defined(USE_DSA) && defined(USE_SHA1)		case LDNS_DSA:		case LDNS_DSA_NSEC3:			*evp_key = EVP_PKEY_new();			if(!*evp_key) {				log_err("verify: malloc failure in crypto");				return 0;			}			dsa = sldns_key_buf2dsa_raw(key, keylen);			if(!dsa) {				verbose(VERB_QUERY, "verify: "					"sldns_key_buf2dsa_raw failed");				return 0;			}			if(EVP_PKEY_assign_DSA(*evp_key, dsa) == 0) {				verbose(VERB_QUERY, "verify: "					"EVP_PKEY_assign_DSA failed");				return 0;			}#ifdef HAVE_EVP_DSS1			*digest_type = EVP_dss1();#else			*digest_type = EVP_sha1();#endif			break;#endif /* USE_DSA && USE_SHA1 */#if defined(USE_SHA1) || (defined(HAVE_EVP_SHA256) && defined(USE_SHA2)) || (defined(HAVE_EVP_SHA512) && defined(USE_SHA2))#ifdef USE_SHA1		case LDNS_RSASHA1:		case LDNS_RSASHA1_NSEC3:#endif#if defined(HAVE_EVP_SHA256) && defined(USE_SHA2)		case LDNS_RSASHA256:#endif#if defined(HAVE_EVP_SHA512) && defined(USE_SHA2)		case LDNS_RSASHA512:#endif			*evp_key = EVP_PKEY_new();			if(!*evp_key) {				log_err("verify: malloc failure in crypto");				return 0;			}			rsa = sldns_key_buf2rsa_raw(key, keylen);			if(!rsa) {				verbose(VERB_QUERY, "verify: "					"sldns_key_buf2rsa_raw SHA failed");				return 0;			}			if(EVP_PKEY_assign_RSA(*evp_key, rsa) == 0) {				verbose(VERB_QUERY, "verify: "					"EVP_PKEY_assign_RSA SHA failed");				return 0;			}			/* select SHA version */#if defined(HAVE_EVP_SHA256) && defined(USE_SHA2)			if(algo == LDNS_RSASHA256)				*digest_type = EVP_sha256();			else#endif#if defined(HAVE_EVP_SHA512) && defined(USE_SHA2)				if(algo == LDNS_RSASHA512)				*digest_type = EVP_sha512();			else#endif#ifdef USE_SHA1				*digest_type = EVP_sha1();#else				{ verbose(VERB_QUERY, "no digest available"); return 0; }#endif			break;#endif /* defined(USE_SHA1) || (defined(HAVE_EVP_SHA256) && defined(USE_SHA2)) || (defined(HAVE_EVP_SHA512) && defined(USE_SHA2)) */		case LDNS_RSAMD5:			*evp_key = EVP_PKEY_new();			if(!*evp_key) {				log_err("verify: malloc failure in crypto");				return 0;//.........这里部分代码省略.........

static unsigned int sha_512_func(unsigned char *o, X509 *x) {	const EVP_MD *md;	md = EVP_sha512();	return generic_func(o, x, md);}

int HDW_generate_master_node(uint8_t *seed,                             size_t seed_len,                             HDW_XKEY_NET net,                             HDW_xkey_t *key) {    int res;    HMAC_CTX hmac_ctx;    res = HMAC_Init(&hmac_ctx, BIP32_SPEC_DEFAULT_KEY, (int) strlen(BIP32_SPEC_DEFAULT_KEY), EVP_sha512());    if (!res) {        fprintf(stderr, "Could not HMAC_Init/n");        return res;    }    res = HMAC_Update(&hmac_ctx, seed, seed_len);    if (!res) {        fprintf(stderr, "Could not HMAC_Update/n");        goto cleanup_hmac_context;    }    uint8_t master_digest[SHA512_DIGEST_LENGTH];    uint32_t digest_len;    res = HMAC_Final(&hmac_ctx, master_digest, &digest_len);    if (digest_len != SHA512_DIGEST_LENGTH) {        // Oh ho, we might have smashed the stack :( . Abort everything!        // This should not happen at all.        fprintf(stderr, "Big problem at %s%d/n", __FILE__, __LINE__);        exit(-1);    }    if (!res) {        fprintf(stderr, "Could not HMAC_Final/n");        goto cleanup_hmac_context;    }    size_t half_hash_len = SHA512_DIGEST_LENGTH / 2;    memcpy(key->version, KEY_VERSIONS_VALUES[net | HDW_XKEY_TYPE_PRIVATE], sizeof(key->version));    // Copy the L and R part into the key.    key->key_data[0] = 0;    memcpy(key->key_data + 1, master_digest, half_hash_len);    memcpy(key->chain_code, master_digest + half_hash_len, half_hash_len);    // Set the rest of the data as master key.    key->depth = (uint8_t) 0;    memset(key->parent_fingerprint, 0, sizeof(key->parent_fingerprint));    memset(key->child_number, 0, sizeof(key->child_number));    cleanup_hmac_context:    HMAC_CTX_cleanup(&hmac_ctx);    return res;}

static void *x963_sha512kdf(const void *in, size_t inlen,	void *out, size_t *outlen){	return x963_kdf(EVP_sha512(), in, inlen, out, outlen);}

static inline int get_pass(str *_username, str *_secret, str *_password){	unsigned int hmac_len = SHA_DIGEST_LENGTH;	unsigned char hmac_sha1[512];	switch(autheph_sha_alg) {		case AUTHEPH_SHA1:			hmac_len = SHA_DIGEST_LENGTH;			if (HMAC(EVP_sha1(), _secret->s, _secret->len,					(unsigned char *) _username->s,					_username->len, hmac_sha1, &hmac_len) == NULL)			{				LM_ERR("HMAC-SHA1 failed/n");				return -1;			}			break;		case AUTHEPH_SHA256:			hmac_len = SHA256_DIGEST_LENGTH;			if (HMAC(EVP_sha256(), _secret->s, _secret->len,					(unsigned char *) _username->s,					_username->len, hmac_sha1, &hmac_len) == NULL)			{				LM_ERR("HMAC-SHA256 failed/n");				return -1;			}			break;		case AUTHEPH_SHA384:			hmac_len = SHA384_DIGEST_LENGTH;			if (HMAC(EVP_sha256(), _secret->s, _secret->len,					(unsigned char *) _username->s,					_username->len, hmac_sha1, &hmac_len) == NULL)			{				LM_ERR("HMAC-SHA256 failed/n");				return -1;			}			break;		case AUTHEPH_SHA512:			hmac_len = SHA512_DIGEST_LENGTH;			if (HMAC(EVP_sha512(), _secret->s, _secret->len,					(unsigned char *) _username->s,					_username->len, hmac_sha1, &hmac_len) == NULL)			{				LM_ERR("HMAC-SHA512 failed/n");				return -1;			}			break;		default:			LM_ERR("Inavlid SHA Algorithm/n");			return -1;	}	LM_DBG("HMAC-Len (%i)/n", hmac_len);	_password->len = base64_enc(hmac_sha1, hmac_len,					(unsigned char *) _password->s,					base64_enc_len(hmac_len));	LM_DBG("calculated password: %.*s (%i)/n", _password->len, _password->s, _password->len);	return 0;}