and everything was OK. BUT if user types wrong password
BIO_f_cipher outputs only garbage and my function crashes. Yes
I can and I should fix my function, but BIO_f_cipher is
- easy way to add encryption support to many exisiting applications
+ easy way to add encryption support to many existing applications
and it's hard to debug and fix them all.
So I wanted another BIO which would catch the incorrect passwords and
1) you must somehow separate checksum from actual data.
2) you need lot's of memory when reading the file, because you
must read to the end of the file and verify the checksum before
- leting the application to read the data.
+ letting the application to read the data.
BIO_f_reliable tries to solve both problems, so that you can
- read and write arbitraly long streams using only fixed amount
+ read and write arbitrary long streams using only fixed amount
of memory.
BIO_f_reliable splits data stream into blocks. Each block is prefixed
several Kbytes of memory to buffer single block before verifying
it's digest.
- BIO_f_reliable goes futher and adds several important capabilities:
+ BIO_f_reliable goes further and adds several important capabilities:
1) the digest of the block is computed over the whole stream
-- so nobody can rearrange the blocks or remove or replace them.
and then compare the digest output.
Bad things: BIO_f_reliable knows what's going on in EVP_Digest. I
- initialy wrote and tested this code on x86 machine and wrote the
+ initially wrote and tested this code on x86 machine and wrote the
digests out in machine-dependent order :( There are people using
this code and I cannot change this easily without making existing
data files unreadable.
#include <stdio.h>
#include <errno.h>
#include "cryptlib.h"
-#include "buffer.h"
-#include "bio.h"
-#include "evp.h"
-#include "rand.h"
-
-#ifndef NOPROTO
-static int ok_write(BIO *h,char *buf,int num);
-static int ok_read(BIO *h,char *buf,int size);
-static long ok_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+#include <openssl/buffer.h>
+#include <openssl/bio.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+
+static int ok_write(BIO *h, const char *buf, int num);
+static int ok_read(BIO *h, char *buf, int size);
+static long ok_ctrl(BIO *h, int cmd, long arg1, void *arg2);
static int ok_new(BIO *h);
static int ok_free(BIO *data);
+static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
+
static void sig_out(BIO* b);
static void sig_in(BIO* b);
static void block_out(BIO* b);
static void block_in(BIO* b);
-#else
-static int ok_write();
-static int ok_read();
-static long ok_ctrl();
-static int ok_new();
-static int ok_free();
-static void sig_out();
-static void sig_in();
-static void block_out();
-static void block_in();
-#endif
-
#define OK_BLOCK_SIZE (1024*4)
#define OK_BLOCK_BLOCK 4
#define IOBS (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE)
ok_ctrl,
ok_new,
ok_free,
+ ok_callback_ctrl,
};
-BIO_METHOD *BIO_f_reliable()
+BIO_METHOD *BIO_f_reliable(void)
{
return(&methods_ok);
}
-static int ok_new(bi)
-BIO *bi;
+static int ok_new(BIO *bi)
{
BIO_OK_CTX *ctx;
- ctx=(BIO_OK_CTX *)Malloc(sizeof(BIO_OK_CTX));
+ ctx=(BIO_OK_CTX *)OPENSSL_malloc(sizeof(BIO_OK_CTX));
if (ctx == NULL) return(0);
ctx->buf_len=0;
return(1);
}
-static int ok_free(a)
-BIO *a;
+static int ok_free(BIO *a)
{
if (a == NULL) return(0);
memset(a->ptr,0,sizeof(BIO_OK_CTX));
- Free(a->ptr);
+ OPENSSL_free(a->ptr);
a->ptr=NULL;
a->init=0;
a->flags=0;
return(1);
}
-static int ok_read(b,out,outl)
-BIO *b;
-char *out;
-int outl;
+static int ok_read(BIO *b, char *out, int outl)
{
int ret=0,i,n;
BIO_OK_CTX *ctx;
return(ret);
}
-static int ok_write(b,in,inl)
-BIO *b;
-char *in;
-int inl;
+static int ok_write(BIO *b, const char *in, int inl)
{
int ret=0,n,i;
BIO_OK_CTX *ctx;
return(ret);
}
-static long ok_ctrl(b,cmd,num,ptr)
-BIO *b;
-int cmd;
-long num;
-char *ptr;
+static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
{
BIO_OK_CTX *ctx;
EVP_MD *md;
- EVP_MD **ppmd;
+ const EVP_MD **ppmd;
long ret=1;
int i;
case BIO_C_GET_MD:
if (b->init)
{
- ppmd=(EVP_MD **)ptr;
+ ppmd=(const EVP_MD **)ptr;
*ppmd=ctx->md.digest;
}
else
return(ret);
}
-static void longswap(char* ptr, int len)
+static long ok_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+ {
+ long ret=1;
+
+ if (b->next_bio == NULL) return(0);
+ switch (cmd)
+ {
+ default:
+ ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
+ break;
+ }
+ return(ret);
+ }
+
+static void longswap(void *_ptr, int len)
{
#ifndef L_ENDIAN
int i;
+ char *ptr=_ptr;
for(i= 0;i < len;i+= 4){
*((unsigned long *)&(ptr[i]))= swapem(*((unsigned long *)&(ptr[i])));
if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return;
EVP_DigestInit(md, md->digest);
- RAND_bytes(&(md->md.base[0]), md->digest->md_size);
+ RAND_pseudo_bytes(&(md->md.base[0]), md->digest->md_size);
memcpy(&(ctx->buf[ctx->buf_len]), &(md->md.base[0]), md->digest->md_size);
longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
ctx->buf_len+= md->digest->md_size;
tl= swapem(tl);
memcpy(ctx->buf, &tl, OK_BLOCK_BLOCK);
tl= swapem(tl);
- EVP_DigestUpdate(md, &(ctx->buf[OK_BLOCK_BLOCK]), tl);
+ EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
md->digest->final(&(ctx->buf[ctx->buf_len]), &(md->md.base[0]));
ctx->buf_len+= md->digest->md_size;
ctx->blockout= 1;
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
- long tl= 0;
+ long tl= 0;
unsigned char tmp[EVP_MAX_MD_SIZE];
ctx=(BIO_OK_CTX *)b->ptr;
tl= swapem(tl);
if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return;
- EVP_DigestUpdate(md, &(ctx->buf[OK_BLOCK_BLOCK]), tl);
+ EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
md->digest->final(tmp, &(md->md.base[0]));
if(memcmp(&(ctx->buf[tl+ OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == 0)
{
projects / openssl.git / blobdiff