|
Hello I’m trying to write an engine that implements message digest functions – specifically: sha256, sha384 and sha512. The first two work as expected, I can intercept calls to update() and final() but for sha512 it doesn’t work. From the below program output you can see that my digest_meths method is invoked as expected for sha256 and sha384 (invoked with nid 672 and 673) but nothing for sha512 even though I supply NID_sha512 in my supported_nids array. I’ve unsuccessfully tried to search for a solution to this – so any input would be greatly appreciated. How can I hook sha512 from my engine? Relevant Openssl version: OpenSSL 1.0.2o 27 Mar 2018, Kind Regards Christian
My digest_meths function:
static int engine_digest_meths(ENGINE *e, const EVP_MD **digest, const int **nids, int nid) { // Avoid compiler warning (void)(e);
if (!digest) { static int supported_nids[] = {NID_sha256, NID_sha384, NID_sha512, 0}; *nids = supported_nids; return 2; }
static EVP_MD newEVP_MDmethods; if (nid == NID_sha256 || nid == NID_sha384 || nid == NID_sha512) { debug_print("SSLEngine: engine_digest_meths called, nid: %i \n", nid);
if (nid == NID_sha256) { originalSHA256Methods = EVP_sha256(); memcpy(&newEVP_MDmethods, originalSHA256Methods, sizeof(EVP_MD)); newEVP_MDmethods.update = engine_sha256_update; newEVP_MDmethods.final = engine_sha256_final; } else if (nid == NID_sha384) { originalSHA384Methods = EVP_sha384(); memcpy(&newEVP_MDmethods, originalSHA384Methods, sizeof(EVP_MD)); newEVP_MDmethods.update = engine_sha384_update; newEVP_MDmethods.final = engine_sha384_final; } else if (nid == NID_sha512) { originalSHA512Methods = EVP_sha512(); memcpy(&newEVP_MDmethods, originalSHA512Methods, sizeof(EVP_MD)); newEVP_MDmethods.update = engine_sha512_update; newEVP_MDmethods.final = engine_sha512_final; } *digest = &newEVP_MDmethods; } else { *digest = NULL; return 0; } return 1; }
Example test run:
test@test:/tmp# ./engine-test Testing SHA256... SSLEngine: engine_digest_meths called, nid: 672 SSLEngine: engine_sha256_update called with 8 bytes SSLEngine: engine_sha256_final called, ret = 1, digest = 2413fb3709b05939f04cf2e92f7d0897fc2596f9ad0b8a9ea855c7bfebaae892 Openssl output = 2413fb3709b05939f04cf2e92f7d0897fc2596f9ad0b8a9ea855c7bfebaae892 Testing SHA384... SSLEngine: engine_digest_meths called, nid: 673 SSLEngine: engine_sha384_update called with 8 bytes SSLEngine: engine_sha384_final called, ret = 1, digest = 26014c5c5fbfa7ea9865f08c320abab5323a1b522c178fb513cbf5cafdf124e3d6748a549f57456ef0f1d67bb8916cc2 Openssl output = 26014c5c5fbfa7ea9865f08c320abab5323a1b522c178fb513cbf5cafdf124e3d6748a549f57456ef0f1d67bb8916cc2 Testing SHA512... Openssl output = ce57d8bc990447c7ec35557040756db2a9ff7cdab53911f3c7995bc6bf3572cda8c94fa53789e523a680de9921c067f6717e79426df467185fc7a6dbec4b2d57
|
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
