Coverage Report

Created: 2026-07-16 06:59

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/openssl/crypto/evp/digest.c
Line
Count
Source
1
/*
2
 * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9
10
#include <stdio.h>
11
#include <openssl/objects.h>
12
#include <openssl/evp.h>
13
#include <openssl/ec.h>
14
#include <openssl/params.h>
15
#include <openssl/core_names.h>
16
#include "internal/cryptlib.h"
17
#include "internal/nelem.h"
18
#include "internal/provider.h"
19
#include "internal/core.h"
20
#include "internal/common.h"
21
#include "crypto/evp.h"
22
#include "evp_local.h"
23
24
#include <crypto/asn1.h>
25
26
static void evp_md_free(void *m);
27
28
void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force, int keep_fetched)
29
9.59k
{
30
9.59k
    if (ctx->algctx != NULL) {
31
9.59k
        if (ctx->digest != NULL && ctx->digest->freectx != NULL)
32
9.59k
            ctx->digest->freectx(ctx->algctx);
33
9.59k
        ctx->algctx = NULL;
34
9.59k
        EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
35
9.59k
    }
36
37
    /* Code below to be removed when legacy support is dropped. */
38
39
    /*
40
     * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because
41
     * sometimes only copies of the context are ever finalised.
42
     */
43
9.59k
    if (force)
44
0
        ctx->digest = NULL;
45
46
    /* Non legacy code, this has to be later than the ctx->digest cleaning */
47
9.59k
    if (!keep_fetched) {
48
9.59k
        EVP_MD_free(ctx->fetched_digest);
49
9.59k
        ctx->fetched_digest = NULL;
50
9.59k
        ctx->reqdigest = NULL;
51
9.59k
    }
52
9.59k
}
53
54
static int evp_md_ctx_reset_ex(EVP_MD_CTX *ctx, int keep_fetched)
55
9.59k
{
56
9.59k
    if (ctx == NULL)
57
0
        return 1;
58
59
    /*
60
     * pctx should be freed by the user of EVP_MD_CTX
61
     * if EVP_MD_CTX_FLAG_KEEP_PKEY_CTX is set
62
     */
63
9.59k
    if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX)) {
64
9.59k
        EVP_PKEY_CTX_free(ctx->pctx);
65
9.59k
        ctx->pctx = NULL;
66
9.59k
    }
67
68
9.59k
    evp_md_ctx_clear_digest(ctx, 0, keep_fetched);
69
9.59k
    if (!keep_fetched)
70
9.59k
        OPENSSL_cleanse(ctx, sizeof(*ctx));
71
72
9.59k
    return 1;
73
9.59k
}
74
75
/* This call frees resources associated with the context */
76
int EVP_MD_CTX_reset(EVP_MD_CTX *ctx)
77
9.59k
{
78
9.59k
    return evp_md_ctx_reset_ex(ctx, 0);
79
9.59k
}
80
81
#ifndef FIPS_MODULE
82
EVP_MD_CTX *evp_md_ctx_new_ex(EVP_PKEY *pkey, const ASN1_OCTET_STRING *id,
83
    OSSL_LIB_CTX *libctx, const char *propq)
84
0
{
85
0
    EVP_MD_CTX *ctx;
86
0
    EVP_PKEY_CTX *pctx = NULL;
87
88
0
    if ((ctx = EVP_MD_CTX_new()) == NULL
89
0
        || (pctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq)) == NULL) {
90
0
        ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
91
0
        goto err;
92
0
    }
93
94
0
    if (id != NULL && EVP_PKEY_CTX_set1_id(pctx, id->data, id->length) <= 0)
95
0
        goto err;
96
97
0
    EVP_MD_CTX_set_pkey_ctx(ctx, pctx);
98
0
    return ctx;
99
100
0
err:
101
0
    EVP_PKEY_CTX_free(pctx);
102
0
    EVP_MD_CTX_free(ctx);
103
0
    return NULL;
104
0
}
105
#endif
106
107
EVP_MD_CTX *EVP_MD_CTX_new(void)
108
9.59k
{
109
9.59k
    return OPENSSL_zalloc(sizeof(EVP_MD_CTX));
110
9.59k
}
111
112
void EVP_MD_CTX_free(EVP_MD_CTX *ctx)
113
9.59k
{
114
9.59k
    if (ctx == NULL)
115
0
        return;
116
117
9.59k
    EVP_MD_CTX_reset(ctx);
118
9.59k
    OPENSSL_free(ctx);
119
9.59k
}
120
121
int evp_md_ctx_free_algctx(EVP_MD_CTX *ctx)
122
9.59k
{
123
9.59k
    if (ctx->algctx != NULL) {
124
0
        if (!ossl_assert(ctx->digest != NULL)) {
125
0
            ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
126
0
            return 0;
127
0
        }
128
0
        if (ctx->digest->freectx != NULL)
129
0
            ctx->digest->freectx(ctx->algctx);
130
0
        ctx->algctx = NULL;
131
0
    }
132
9.59k
    return 1;
133
9.59k
}
134
135
static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type,
136
    const OSSL_PARAM params[])
137
19.1k
{
138
19.1k
#if !defined(FIPS_MODULE)
139
19.1k
    if (ctx->pctx != NULL
140
0
        && EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx->pctx)
141
0
        && ctx->pctx->op.sig.algctx != NULL) {
142
        /*
143
         * Prior to OpenSSL 3.0 calling EVP_DigestInit_ex() on an mdctx
144
         * previously initialised with EVP_DigestSignInit() would retain
145
         * information about the key, and re-initialise for another sign
146
         * operation. So in that case we redirect to EVP_DigestSignInit()
147
         */
148
0
        if (ctx->pctx->operation == EVP_PKEY_OP_SIGNCTX)
149
0
            return EVP_DigestSignInit(ctx, NULL, type, NULL, NULL);
150
0
        if (ctx->pctx->operation == EVP_PKEY_OP_VERIFYCTX)
151
0
            return EVP_DigestVerifyInit(ctx, NULL, type, NULL, NULL);
152
0
        ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
153
0
        return 0;
154
0
    }
155
19.1k
#endif
156
157
19.1k
    EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED | EVP_MD_CTX_FLAG_FINALISED);
158
159
19.1k
    if (type != NULL) {
160
19.1k
        ctx->reqdigest = type;
161
19.1k
    } else {
162
0
        if (ossl_unlikely(ctx->digest == NULL)) {
163
0
            ERR_raise(ERR_LIB_EVP, EVP_R_NO_DIGEST_SET);
164
0
            return 0;
165
0
        }
166
0
        type = ctx->digest;
167
0
    }
168
169
19.1k
    if (ossl_likely(ctx->digest == type)) {
170
9.59k
        if (ossl_unlikely(!ossl_assert(type->prov != NULL))) {
171
0
            ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
172
0
            return 0;
173
0
        }
174
9.59k
    } else {
175
9.59k
        if (!evp_md_ctx_free_algctx(ctx))
176
0
            return 0;
177
9.59k
    }
178
179
19.1k
    if (ossl_unlikely(type->prov == NULL)) {
180
#ifdef FIPS_MODULE
181
        /* We only do explicit fetches inside the FIPS module */
182
        ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
183
        return 0;
184
#else
185
        /* The NULL digest is a special case */
186
0
        EVP_MD *provmd = EVP_MD_fetch(NULL,
187
0
            type->type != NID_undef ? OBJ_nid2sn(type->type)
188
0
                                    : "NULL",
189
0
            "");
190
191
0
        if (provmd == NULL) {
192
0
            ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
193
0
            return 0;
194
0
        }
195
0
        type = provmd;
196
0
        EVP_MD_free(ctx->fetched_digest);
197
0
        ctx->fetched_digest = provmd;
198
0
#endif
199
0
    }
200
201
19.1k
    if (ossl_unlikely(type->prov != NULL && ctx->fetched_digest != type)) {
202
9.59k
        if (ossl_unlikely(!EVP_MD_up_ref((EVP_MD *)type))) {
203
0
            ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
204
0
            return 0;
205
0
        }
206
9.59k
        EVP_MD_free(ctx->fetched_digest);
207
9.59k
        ctx->fetched_digest = (EVP_MD *)type;
208
9.59k
    }
209
19.1k
    ctx->digest = type;
210
19.1k
    if (ctx->algctx == NULL) {
211
9.59k
        ctx->algctx = ctx->digest->newctx(ossl_provider_ctx(type->prov));
212
9.59k
        if (ctx->algctx == NULL) {
213
0
            ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
214
0
            return 0;
215
0
        }
216
9.59k
    }
217
218
19.1k
    if (ctx->digest->dinit == NULL) {
219
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
220
0
        return 0;
221
0
    }
222
223
19.1k
    return ctx->digest->dinit(ctx->algctx, params);
224
19.1k
}
225
226
int EVP_DigestInit_ex2(EVP_MD_CTX *ctx, const EVP_MD *type,
227
    const OSSL_PARAM params[])
228
3
{
229
3
    return evp_md_init_internal(ctx, type, params);
230
3
}
231
232
int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
233
0
{
234
0
    EVP_MD_CTX_reset(ctx);
235
0
    return evp_md_init_internal(ctx, type, NULL);
236
0
}
237
238
int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
239
19.1k
{
240
19.1k
    if (!ossl_assert(impl == NULL))
241
0
        return 0;
242
19.1k
    return evp_md_init_internal(ctx, type, NULL);
243
19.1k
}
244
245
int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
246
19.1k
{
247
19.1k
    if (ossl_unlikely(count == 0))
248
0
        return 1;
249
250
19.1k
    if (ossl_unlikely((ctx->flags & EVP_MD_CTX_FLAG_FINALISED) != 0)) {
251
0
        ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
252
0
        return 0;
253
0
    }
254
255
19.1k
    if (ossl_unlikely(ctx->pctx != NULL)
256
0
        && EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx->pctx)
257
0
        && ctx->pctx->op.sig.algctx != NULL) {
258
0
#ifndef FIPS_MODULE
259
        /*
260
         * Prior to OpenSSL 3.0 EVP_DigestSignUpdate() and
261
         * EVP_DigestVerifyUpdate() were just macros for EVP_DigestUpdate().
262
         * Some code calls EVP_DigestUpdate() directly even when initialised
263
         * with EVP_DigestSignInit_ex() or
264
         * EVP_DigestVerifyInit_ex(), so we detect that and redirect to
265
         * the correct EVP_Digest*Update() function
266
         */
267
0
        if (ctx->pctx->operation == EVP_PKEY_OP_SIGNCTX)
268
0
            return EVP_DigestSignUpdate(ctx, data, count);
269
0
        if (ctx->pctx->operation == EVP_PKEY_OP_VERIFYCTX)
270
0
            return EVP_DigestVerifyUpdate(ctx, data, count);
271
0
#endif
272
0
        ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
273
0
        return 0;
274
0
    }
275
276
19.1k
    if (ctx->digest == NULL || ctx->digest->prov == NULL) {
277
0
        ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
278
0
        return 0;
279
0
    }
280
281
19.1k
    if (ossl_unlikely(ctx->digest->dupdate == NULL)) {
282
0
        ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
283
0
        return 0;
284
0
    }
285
19.1k
    return ctx->digest->dupdate(ctx->algctx, data, count);
286
19.1k
}
287
288
/* The caller can assume that this removes any secret data from the context */
289
int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
290
0
{
291
0
    int ret;
292
0
    ret = EVP_DigestFinal_ex(ctx, md, size);
293
0
    EVP_MD_CTX_reset(ctx);
294
0
    return ret;
295
0
}
296
297
/* The caller can assume that this removes any secret data from the context */
298
int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *isize)
299
9.59k
{
300
9.59k
    int ret, sz;
301
9.59k
    size_t size = 0;
302
9.59k
    size_t mdsize = 0;
303
304
9.59k
    if (ossl_unlikely(ctx->digest == NULL))
305
0
        return 0;
306
307
9.59k
    sz = EVP_MD_CTX_get_size(ctx);
308
9.59k
    if (ossl_unlikely(sz < 0))
309
0
        return 0;
310
9.59k
    mdsize = sz;
311
9.59k
    if (ossl_unlikely(ctx->digest->prov == NULL)) {
312
0
        ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR);
313
0
        return 0;
314
0
    }
315
316
9.59k
    if (ossl_unlikely(ctx->digest->dfinal == NULL)) {
317
0
        ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR);
318
0
        return 0;
319
0
    }
320
321
9.59k
    if (ossl_unlikely((ctx->flags & EVP_MD_CTX_FLAG_FINALISED) != 0)) {
322
0
        ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR);
323
0
        return 0;
324
0
    }
325
326
9.59k
    ret = ctx->digest->dfinal(ctx->algctx, md, &size, mdsize);
327
328
9.59k
    ctx->flags |= EVP_MD_CTX_FLAG_FINALISED;
329
330
9.59k
    if (isize != NULL) {
331
9.59k
        if (ossl_likely(size <= UINT_MAX)) {
332
9.59k
            *isize = (unsigned int)size;
333
9.59k
        } else {
334
0
            ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR);
335
0
            ret = 0;
336
0
        }
337
9.59k
    }
338
339
9.59k
    return ret;
340
9.59k
}
341
342
/* This is a one shot operation */
343
int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t size)
344
0
{
345
0
    int ret = 0;
346
0
    OSSL_PARAM params[2];
347
0
    size_t i = 0;
348
349
0
    if (ossl_unlikely(ctx->digest == NULL)) {
350
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_NULL_ALGORITHM);
351
0
        return 0;
352
0
    }
353
354
0
    if (ossl_unlikely(ctx->digest->prov == NULL)) {
355
0
        ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR);
356
0
        return 0;
357
0
    }
358
359
0
    if (ossl_unlikely(ctx->digest->dfinal == NULL)) {
360
0
        ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR);
361
0
        return 0;
362
0
    }
363
364
0
    if (ossl_unlikely((ctx->flags & EVP_MD_CTX_FLAG_FINALISED) != 0)) {
365
0
        ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR);
366
0
        return 0;
367
0
    }
368
369
    /*
370
     * For backward compatibility we pass the XOFLEN via a param here so that
371
     * older providers can use the supplied value. Ideally we should have just
372
     * used the size passed into ctx->digest->dfinal().
373
     */
374
0
    params[i++] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_XOFLEN, &size);
375
0
    params[i++] = OSSL_PARAM_construct_end();
376
377
0
    if (ossl_likely(EVP_MD_CTX_set_params(ctx, params) >= 0))
378
0
        ret = ctx->digest->dfinal(ctx->algctx, md, &size, size);
379
380
0
    ctx->flags |= EVP_MD_CTX_FLAG_FINALISED;
381
382
0
    return ret;
383
0
}
384
385
/* EVP_DigestSqueeze() can be called multiple times */
386
int EVP_DigestSqueeze(EVP_MD_CTX *ctx, unsigned char *md, size_t size)
387
0
{
388
0
    if (ctx->digest == NULL) {
389
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_NULL_ALGORITHM);
390
0
        return 0;
391
0
    }
392
393
0
    if (ctx->digest->prov == NULL) {
394
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_OPERATION);
395
0
        return 0;
396
0
    }
397
398
0
    if (ctx->digest->dsqueeze == NULL) {
399
0
        ERR_raise(ERR_LIB_EVP, EVP_R_METHOD_NOT_SUPPORTED);
400
0
        return 0;
401
0
    }
402
403
0
    return ctx->digest->dsqueeze(ctx->algctx, md, &size, size);
404
0
}
405
406
int EVP_MD_CTX_serialize(EVP_MD_CTX *ctx, unsigned char *out, size_t *outlen)
407
0
{
408
0
    if (ctx->digest == NULL) {
409
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_NULL_ALGORITHM);
410
0
        return 0;
411
0
    }
412
413
0
    if (ctx->digest->prov == NULL) {
414
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_OPERATION);
415
0
        return 0;
416
0
    }
417
418
0
    if (ctx->digest->serialize == NULL) {
419
0
        ERR_raise(ERR_LIB_EVP, EVP_R_METHOD_NOT_SUPPORTED);
420
0
        return 0;
421
0
    }
422
423
0
    if (ossl_unlikely((ctx->flags & EVP_MD_CTX_FLAG_FINALISED) != 0)) {
424
0
        ERR_raise(ERR_LIB_EVP, EVP_R_CONTEXT_FINALIZED);
425
0
        return 0;
426
0
    }
427
428
0
    return ctx->digest->serialize(ctx->algctx, out, outlen);
429
0
}
430
431
int EVP_MD_CTX_deserialize(EVP_MD_CTX *ctx, const unsigned char *in,
432
    size_t inlen)
433
0
{
434
0
    if (ctx->digest == NULL) {
435
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_NULL_ALGORITHM);
436
0
        return 0;
437
0
    }
438
439
0
    if (ctx->digest->prov == NULL) {
440
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_OPERATION);
441
0
        return 0;
442
0
    }
443
444
0
    if (ctx->digest->deserialize == NULL) {
445
0
        ERR_raise(ERR_LIB_EVP, EVP_R_METHOD_NOT_SUPPORTED);
446
0
        return 0;
447
0
    }
448
449
0
    if (ossl_unlikely((ctx->flags & EVP_MD_CTX_FLAG_FINALISED) != 0)) {
450
0
        ERR_raise(ERR_LIB_EVP, EVP_R_CONTEXT_FINALIZED);
451
0
        return 0;
452
0
    }
453
454
0
    return ctx->digest->deserialize(ctx->algctx, in, inlen);
455
0
}
456
457
EVP_MD_CTX *EVP_MD_CTX_dup(const EVP_MD_CTX *in)
458
0
{
459
0
    EVP_MD_CTX *out = EVP_MD_CTX_new();
460
461
0
    if (out != NULL && !EVP_MD_CTX_copy_ex(out, in)) {
462
0
        EVP_MD_CTX_free(out);
463
0
        out = NULL;
464
0
    }
465
0
    return out;
466
0
}
467
468
int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
469
0
{
470
0
    EVP_MD_CTX_reset(out);
471
0
    return EVP_MD_CTX_copy_ex(out, in);
472
0
}
473
474
int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
475
0
{
476
0
    int digest_change = 0;
477
478
0
    if (in == NULL) {
479
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
480
0
        return 0;
481
0
    }
482
483
0
    if (in->digest == NULL) {
484
        /* copying uninitialized digest context */
485
0
        EVP_MD_CTX_reset(out);
486
0
        if (out->fetched_digest != NULL)
487
0
            EVP_MD_free(out->fetched_digest);
488
0
        *out = *in;
489
0
        goto clone_pkey;
490
0
    }
491
492
0
    if (in->digest->prov == NULL || in->digest->dupctx == NULL) {
493
0
        ERR_raise(ERR_LIB_EVP, EVP_R_NOT_ABLE_TO_COPY_CTX);
494
0
        return 0;
495
0
    }
496
497
0
    if (out->digest == in->digest && in->digest->copyctx != NULL
498
0
        && out->algctx != NULL && in->algctx != NULL) {
499
500
0
        in->digest->copyctx(out->algctx, in->algctx);
501
502
0
        EVP_PKEY_CTX_free(out->pctx);
503
0
        out->pctx = NULL;
504
505
0
        out->flags = in->flags;
506
0
    } else {
507
0
        evp_md_ctx_reset_ex(out, 1);
508
0
        digest_change = (out->fetched_digest != in->fetched_digest);
509
510
0
        if (digest_change && in->fetched_digest != NULL
511
0
            && !EVP_MD_up_ref(in->fetched_digest))
512
0
            return 0;
513
0
        if (digest_change && out->fetched_digest != NULL)
514
0
            EVP_MD_free(out->fetched_digest);
515
0
        *out = *in;
516
        /* NULL out pointers in case of error */
517
0
        out->pctx = NULL;
518
0
        out->algctx = NULL;
519
520
0
        if (in->algctx != NULL) {
521
0
            out->algctx = in->digest->dupctx(in->algctx);
522
0
            if (out->algctx == NULL) {
523
0
                ERR_raise(ERR_LIB_EVP, EVP_R_NOT_ABLE_TO_COPY_CTX);
524
0
                return 0;
525
0
            }
526
0
        }
527
0
    }
528
529
0
clone_pkey:
530
    /* copied EVP_MD_CTX should free the copied EVP_PKEY_CTX */
531
0
    EVP_MD_CTX_clear_flags(out, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
532
0
#ifndef FIPS_MODULE
533
0
    if (in->pctx != NULL) {
534
0
        out->pctx = EVP_PKEY_CTX_dup(in->pctx);
535
0
        if (out->pctx == NULL) {
536
0
            ERR_raise(ERR_LIB_EVP, EVP_R_NOT_ABLE_TO_COPY_CTX);
537
0
            EVP_MD_CTX_reset(out);
538
0
            return 0;
539
0
        }
540
0
    }
541
0
#endif
542
543
0
    return 1;
544
0
}
545
546
int EVP_Digest(const void *data, size_t count,
547
    unsigned char *md, unsigned int *size, const EVP_MD *type,
548
    ENGINE *impl)
549
0
{
550
0
    EVP_MD_CTX *ctx;
551
0
    int ret;
552
553
0
    if (!ossl_assert(impl == NULL))
554
0
        return 0;
555
556
0
    ctx = EVP_MD_CTX_new();
557
0
    if (ctx == NULL)
558
0
        return 0;
559
0
    EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_ONESHOT);
560
0
    ret = EVP_DigestInit_ex(ctx, type, NULL)
561
0
        && EVP_DigestUpdate(ctx, data, count)
562
0
        && EVP_DigestFinal_ex(ctx, md, size);
563
0
    EVP_MD_CTX_free(ctx);
564
565
0
    return ret;
566
0
}
567
568
int EVP_Q_digest(OSSL_LIB_CTX *libctx, const char *name, const char *propq,
569
    const void *data, size_t datalen,
570
    unsigned char *md, size_t *mdlen)
571
0
{
572
0
    EVP_MD *digest = EVP_MD_fetch(libctx, name, propq);
573
0
    unsigned int temp = 0;
574
0
    int ret = 0;
575
576
0
    if (digest != NULL) {
577
0
        ret = EVP_Digest(data, datalen, md, &temp, digest, NULL);
578
0
        EVP_MD_free(digest);
579
0
    }
580
0
    if (mdlen != NULL)
581
0
        *mdlen = temp;
582
0
    return ret;
583
0
}
584
585
int EVP_MD_get_params(const EVP_MD *digest, OSSL_PARAM params[])
586
0
{
587
0
    if (digest != NULL && digest->get_params != NULL)
588
0
        return digest->get_params(params);
589
0
    return 0;
590
0
}
591
592
const OSSL_PARAM *EVP_MD_gettable_params(const EVP_MD *digest)
593
0
{
594
0
    if (digest != NULL && digest->gettable_params != NULL)
595
0
        return digest->gettable_params(
596
0
            ossl_provider_ctx(EVP_MD_get0_provider(digest)));
597
0
    return NULL;
598
0
}
599
600
int EVP_MD_CTX_set_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[])
601
0
{
602
0
    EVP_PKEY_CTX *pctx = ctx->pctx;
603
604
    /* If we have a pctx then we should try that first */
605
0
    if (ossl_unlikely(pctx != NULL)
606
0
        && (pctx->operation == EVP_PKEY_OP_VERIFYCTX
607
0
            || pctx->operation == EVP_PKEY_OP_SIGNCTX)
608
0
        && pctx->op.sig.algctx != NULL
609
0
        && pctx->op.sig.signature->set_ctx_md_params != NULL)
610
0
        return pctx->op.sig.signature->set_ctx_md_params(pctx->op.sig.algctx,
611
0
            params);
612
613
0
    if (ossl_likely(ctx->digest != NULL && ctx->digest->set_ctx_params != NULL))
614
0
        return ctx->digest->set_ctx_params(ctx->algctx, params);
615
616
0
    return 0;
617
0
}
618
619
const OSSL_PARAM *EVP_MD_settable_ctx_params(const EVP_MD *md)
620
0
{
621
0
    void *provctx;
622
623
0
    if (md != NULL && md->settable_ctx_params != NULL) {
624
0
        provctx = ossl_provider_ctx(EVP_MD_get0_provider(md));
625
0
        return md->settable_ctx_params(NULL, provctx);
626
0
    }
627
0
    return NULL;
628
0
}
629
630
const OSSL_PARAM *EVP_MD_CTX_settable_params(EVP_MD_CTX *ctx)
631
0
{
632
0
    EVP_PKEY_CTX *pctx;
633
0
    void *alg;
634
635
0
    if (ctx == NULL)
636
0
        return NULL;
637
638
    /* If we have a pctx then we should try that first */
639
0
    pctx = ctx->pctx;
640
0
    if (pctx != NULL
641
0
        && (pctx->operation == EVP_PKEY_OP_VERIFYCTX
642
0
            || pctx->operation == EVP_PKEY_OP_SIGNCTX)
643
0
        && pctx->op.sig.algctx != NULL
644
0
        && pctx->op.sig.signature->settable_ctx_md_params != NULL)
645
0
        return pctx->op.sig.signature->settable_ctx_md_params(
646
0
            pctx->op.sig.algctx);
647
648
0
    if (ctx->digest != NULL && ctx->digest->settable_ctx_params != NULL) {
649
0
        alg = ossl_provider_ctx(EVP_MD_get0_provider(ctx->digest));
650
0
        return ctx->digest->settable_ctx_params(ctx->algctx, alg);
651
0
    }
652
653
0
    return NULL;
654
0
}
655
656
int EVP_MD_CTX_get_params(EVP_MD_CTX *ctx, OSSL_PARAM params[])
657
188
{
658
188
    EVP_PKEY_CTX *pctx = ctx->pctx;
659
660
    /* If we have a pctx then we should try that first */
661
188
    if (pctx != NULL
662
0
        && (pctx->operation == EVP_PKEY_OP_VERIFYCTX
663
0
            || pctx->operation == EVP_PKEY_OP_SIGNCTX)
664
0
        && pctx->op.sig.algctx != NULL
665
0
        && pctx->op.sig.signature->get_ctx_md_params != NULL)
666
0
        return pctx->op.sig.signature->get_ctx_md_params(pctx->op.sig.algctx,
667
0
            params);
668
669
188
    if (ctx->digest != NULL && ctx->digest->get_ctx_params != NULL)
670
188
        return ctx->digest->get_ctx_params(ctx->algctx, params);
671
672
0
    return 0;
673
188
}
674
675
const OSSL_PARAM *EVP_MD_gettable_ctx_params(const EVP_MD *md)
676
0
{
677
0
    void *provctx;
678
679
0
    if (md != NULL && md->gettable_ctx_params != NULL) {
680
0
        provctx = ossl_provider_ctx(EVP_MD_get0_provider(md));
681
0
        return md->gettable_ctx_params(NULL, provctx);
682
0
    }
683
0
    return NULL;
684
0
}
685
686
const OSSL_PARAM *EVP_MD_CTX_gettable_params(EVP_MD_CTX *ctx)
687
9.59k
{
688
9.59k
    EVP_PKEY_CTX *pctx;
689
9.59k
    void *provctx;
690
691
9.59k
    if (ossl_unlikely(ctx == NULL))
692
0
        return NULL;
693
694
    /* If we have a pctx then we should try that first */
695
9.59k
    pctx = ctx->pctx;
696
9.59k
    if (ossl_unlikely(pctx != NULL)
697
0
        && (pctx->operation == EVP_PKEY_OP_VERIFYCTX
698
0
            || pctx->operation == EVP_PKEY_OP_SIGNCTX)
699
0
        && pctx->op.sig.signature != NULL
700
0
        && pctx->op.sig.signature->gettable_ctx_md_params != NULL
701
0
        && pctx->op.sig.algctx != NULL)
702
0
        return pctx->op.sig.signature->gettable_ctx_md_params(
703
0
            pctx->op.sig.algctx);
704
705
9.59k
    if (ossl_unlikely(ctx->digest != NULL
706
9.59k
            && ctx->digest->gettable_ctx_params != NULL)) {
707
188
        provctx = ossl_provider_ctx(EVP_MD_get0_provider(ctx->digest));
708
188
        return ctx->digest->gettable_ctx_params(ctx->algctx, provctx);
709
188
    }
710
9.41k
    return NULL;
711
9.59k
}
712
713
int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
714
0
{
715
0
    int ret = EVP_CTRL_RET_UNSUPPORTED;
716
0
    int set_params = 1;
717
0
    size_t sz;
718
0
    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
719
720
0
    if (ctx == NULL) {
721
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
722
0
        return 0;
723
0
    }
724
725
0
    if (ctx->digest != NULL && ctx->digest->prov == NULL) {
726
0
        ERR_raise(ERR_LIB_EVP, EVP_R_CTRL_NOT_IMPLEMENTED);
727
0
        return 0;
728
0
    }
729
730
0
    switch (cmd) {
731
0
    case EVP_MD_CTRL_XOF_LEN:
732
0
        sz = (size_t)p1;
733
0
        params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_XOFLEN, &sz);
734
0
        break;
735
0
    case EVP_MD_CTRL_MICALG:
736
0
        set_params = 0;
737
0
        params[0] = OSSL_PARAM_construct_utf8_string(OSSL_DIGEST_PARAM_MICALG,
738
0
            p2, p1 ? p1 : 9999);
739
0
        break;
740
0
    case EVP_CTRL_SSL3_MASTER_SECRET:
741
0
        params[0] = OSSL_PARAM_construct_octet_string(OSSL_DIGEST_PARAM_SSL3_MS,
742
0
            p2, p1);
743
0
        break;
744
0
    default:
745
0
        goto conclude;
746
0
    }
747
748
0
    if (set_params)
749
0
        ret = EVP_MD_CTX_set_params(ctx, params);
750
0
    else
751
0
        ret = EVP_MD_CTX_get_params(ctx, params);
752
753
0
conclude:
754
0
    if (ret <= 0)
755
0
        return 0;
756
0
    return ret;
757
0
}
758
759
EVP_MD *evp_md_new(void)
760
34
{
761
34
    EVP_MD *md = OPENSSL_zalloc(sizeof(*md));
762
763
34
    if (md != NULL && !CRYPTO_NEW_REF(&md->refcnt, 1)) {
764
0
        OPENSSL_free(md);
765
0
        return NULL;
766
0
    }
767
34
    return md;
768
34
}
769
770
/*
771
 * FIPS module note: since internal fetches will be entirely
772
 * provider based, we know that none of its code depends on legacy
773
 * NIDs or any functionality that use them.
774
 */
775
#ifndef FIPS_MODULE
776
static void set_legacy_nid(const char *name, void *vlegacy_nid)
777
89
{
778
89
    int nid;
779
89
    int *legacy_nid = vlegacy_nid;
780
    /*
781
     * We use lowest level function to get the associated method, because
782
     * higher level functions such as EVP_get_digestbyname() have changed
783
     * to look at providers too.
784
     */
785
89
    const void *legacy_method = OBJ_NAME_get(name, OBJ_NAME_TYPE_MD_METH);
786
787
89
    if (*legacy_nid == -1) /* We found a clash already */
788
0
        return;
789
790
89
    if (legacy_method == NULL)
791
60
        return;
792
29
    nid = EVP_MD_nid(legacy_method);
793
29
    if (*legacy_nid != NID_undef && *legacy_nid != nid) {
794
0
        *legacy_nid = -1;
795
0
        return;
796
0
    }
797
29
    *legacy_nid = nid;
798
29
}
799
#endif
800
801
static int evp_md_cache_constants(EVP_MD *md)
802
34
{
803
34
    int ok, xof = 0, algid_absent = 0;
804
34
    size_t blksz = 0;
805
34
    size_t mdsize = 0;
806
34
    OSSL_PARAM params[5];
807
808
    /*
809
     * Note that these parameters are 'constants' that are only set up
810
     * during the EVP_MD_fetch(). For this reason the XOF functions set the
811
     * md_size to 0, since the output size is unknown.
812
     */
813
34
    params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_BLOCK_SIZE, &blksz);
814
34
    params[1] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_SIZE, &mdsize);
815
34
    params[2] = OSSL_PARAM_construct_int(OSSL_DIGEST_PARAM_XOF, &xof);
816
34
    params[3] = OSSL_PARAM_construct_int(OSSL_DIGEST_PARAM_ALGID_ABSENT,
817
34
        &algid_absent);
818
34
    params[4] = OSSL_PARAM_construct_end();
819
34
    ok = evp_do_md_getparams(md, params) > 0;
820
34
    if (mdsize > INT_MAX || blksz > INT_MAX)
821
0
        ok = 0;
822
34
    if (ok) {
823
34
        md->block_size = (int)blksz;
824
34
        md->md_size = (int)mdsize;
825
34
        if (xof)
826
6
            md->flags |= EVP_MD_FLAG_XOF;
827
34
        if (algid_absent)
828
21
            md->flags |= EVP_MD_FLAG_DIGALGID_ABSENT;
829
34
    }
830
34
    return ok;
831
34
}
832
833
static void *evp_md_from_algorithm(int name_id,
834
    const OSSL_ALGORITHM *algodef,
835
    OSSL_PROVIDER *prov, int no_store)
836
34
{
837
34
    const OSSL_DISPATCH *fns = algodef->implementation;
838
34
    EVP_MD *md = NULL;
839
34
    int fncnt = 0;
840
841
    /* EVP_MD_fetch() will set the legacy NID if available */
842
34
    if ((md = evp_md_new()) == NULL) {
843
0
        ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB);
844
0
        return NULL;
845
0
    }
846
847
34
    if (no_store != 0)
848
0
        md->flags |= EVP_MD_FLAG_NO_STORE;
849
850
34
#ifndef FIPS_MODULE
851
34
    md->type = NID_undef;
852
34
    if (!evp_names_do_all(prov, name_id, set_legacy_nid, &md->type)
853
34
        || md->type == -1) {
854
0
        ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
855
0
        goto err;
856
0
    }
857
34
#endif
858
859
34
    md->name_id = name_id;
860
34
    if ((md->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL)
861
0
        goto err;
862
863
34
    md->description = algodef->algorithm_description;
864
865
423
    for (; fns->function_id != 0; fns++) {
866
389
        switch (fns->function_id) {
867
34
        case OSSL_FUNC_DIGEST_NEWCTX:
868
34
            if (md->newctx == NULL) {
869
34
                md->newctx = OSSL_FUNC_digest_newctx(fns);
870
34
                fncnt++;
871
34
            }
872
34
            break;
873
34
        case OSSL_FUNC_DIGEST_INIT:
874
34
            if (md->dinit == NULL) {
875
34
                md->dinit = OSSL_FUNC_digest_init(fns);
876
34
                fncnt++;
877
34
            }
878
34
            break;
879
34
        case OSSL_FUNC_DIGEST_UPDATE:
880
34
            if (md->dupdate == NULL) {
881
34
                md->dupdate = OSSL_FUNC_digest_update(fns);
882
34
                fncnt++;
883
34
            }
884
34
            break;
885
34
        case OSSL_FUNC_DIGEST_FINAL:
886
34
            if (md->dfinal == NULL) {
887
34
                md->dfinal = OSSL_FUNC_digest_final(fns);
888
34
                fncnt++;
889
34
            }
890
34
            break;
891
6
        case OSSL_FUNC_DIGEST_SQUEEZE:
892
6
            if (md->dsqueeze == NULL) {
893
6
                md->dsqueeze = OSSL_FUNC_digest_squeeze(fns);
894
6
                fncnt++;
895
6
            }
896
6
            break;
897
0
        case OSSL_FUNC_DIGEST_DIGEST:
898
0
            if (md->digest == NULL)
899
0
                md->digest = OSSL_FUNC_digest_digest(fns);
900
            /* We don't increment fnct for this as it is stand alone */
901
0
            break;
902
34
        case OSSL_FUNC_DIGEST_FREECTX:
903
34
            if (md->freectx == NULL) {
904
34
                md->freectx = OSSL_FUNC_digest_freectx(fns);
905
34
                fncnt++;
906
34
            }
907
34
            break;
908
34
        case OSSL_FUNC_DIGEST_DUPCTX:
909
34
            if (md->dupctx == NULL)
910
34
                md->dupctx = OSSL_FUNC_digest_dupctx(fns);
911
34
            break;
912
34
        case OSSL_FUNC_DIGEST_GET_PARAMS:
913
34
            if (md->get_params == NULL)
914
34
                md->get_params = OSSL_FUNC_digest_get_params(fns);
915
34
            break;
916
12
        case OSSL_FUNC_DIGEST_SET_CTX_PARAMS:
917
12
            if (md->set_ctx_params == NULL)
918
12
                md->set_ctx_params = OSSL_FUNC_digest_set_ctx_params(fns);
919
12
            break;
920
9
        case OSSL_FUNC_DIGEST_GET_CTX_PARAMS:
921
9
            if (md->get_ctx_params == NULL)
922
9
                md->get_ctx_params = OSSL_FUNC_digest_get_ctx_params(fns);
923
9
            break;
924
34
        case OSSL_FUNC_DIGEST_GETTABLE_PARAMS:
925
34
            if (md->gettable_params == NULL)
926
34
                md->gettable_params = OSSL_FUNC_digest_gettable_params(fns);
927
34
            break;
928
12
        case OSSL_FUNC_DIGEST_SETTABLE_CTX_PARAMS:
929
12
            if (md->settable_ctx_params == NULL)
930
12
                md->settable_ctx_params = OSSL_FUNC_digest_settable_ctx_params(fns);
931
12
            break;
932
9
        case OSSL_FUNC_DIGEST_GETTABLE_CTX_PARAMS:
933
9
            if (md->gettable_ctx_params == NULL)
934
9
                md->gettable_ctx_params = OSSL_FUNC_digest_gettable_ctx_params(fns);
935
9
            break;
936
31
        case OSSL_FUNC_DIGEST_COPYCTX:
937
31
            if (md->copyctx == NULL)
938
31
                md->copyctx = OSSL_FUNC_digest_copyctx(fns);
939
31
            break;
940
19
        case OSSL_FUNC_DIGEST_SERIALIZE:
941
19
            if (md->serialize == NULL)
942
19
                md->serialize = OSSL_FUNC_digest_serialize(fns);
943
19
            break;
944
19
        case OSSL_FUNC_DIGEST_DESERIALIZE:
945
19
            if (md->deserialize == NULL)
946
19
                md->deserialize = OSSL_FUNC_digest_deserialize(fns);
947
19
            break;
948
389
        }
949
389
    }
950
34
    if ((fncnt != 0 && fncnt != 5 && fncnt != 6)
951
34
        || (fncnt == 0 && md->digest == NULL)) {
952
        /*
953
         * In order to be a consistent set of functions we either need the
954
         * whole set of init/update/final etc functions or none of them.
955
         * The "digest" function can standalone. We at least need one way to
956
         * generate digests.
957
         */
958
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS);
959
0
        goto err;
960
0
    }
961
34
    if (prov != NULL && !ossl_provider_up_ref(prov))
962
0
        goto err;
963
964
34
    md->prov = prov;
965
966
34
    if (!evp_md_cache_constants(md)) {
967
0
        ERR_raise(ERR_LIB_EVP, EVP_R_CACHE_CONSTANTS_FAILED);
968
0
        goto err;
969
0
    }
970
971
34
    return md;
972
973
0
err:
974
0
    evp_md_free(md);
975
0
    return NULL;
976
34
}
977
978
static int evp_md_up_ref(void *m)
979
84
{
980
84
    EVP_MD *md = (EVP_MD *)m;
981
84
    int ref = 0;
982
983
84
    if (md->origin == EVP_ORIG_DYNAMIC)
984
84
        CRYPTO_UP_REF(&md->refcnt, &ref);
985
84
    return 1;
986
84
}
987
988
static void evp_md_free(void *m)
989
34
{
990
34
    EVP_MD *md = (EVP_MD *)m;
991
34
    int i;
992
993
34
    if (md == NULL || md->origin != EVP_ORIG_DYNAMIC)
994
0
        return;
995
996
34
    CRYPTO_DOWN_REF(&md->refcnt, &i);
997
34
    if (i > 0)
998
34
        return;
999
1000
0
    OPENSSL_free(md->type_name);
1001
0
    ossl_provider_free(md->prov);
1002
0
    CRYPTO_FREE_REF(&md->refcnt);
1003
0
    OPENSSL_free(md);
1004
0
}
1005
1006
EVP_MD *EVP_MD_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
1007
    const char *properties)
1008
793k
{
1009
793k
    EVP_MD *md = evp_generic_fetch(ctx, OSSL_OP_DIGEST, algorithm, properties,
1010
793k
        evp_md_from_algorithm, evp_md_up_ref, evp_md_free);
1011
1012
793k
    return md;
1013
793k
}
1014
1015
int EVP_MD_up_ref(EVP_MD *md)
1016
9.59k
{
1017
#ifdef OPENSSL_NO_CACHED_FETCH
1018
    return evp_md_up_ref(md);
1019
#else
1020
9.59k
    if (md->flags & EVP_MD_FLAG_NO_STORE)
1021
0
        return evp_md_up_ref(md);
1022
9.59k
    return 1;
1023
9.59k
#endif
1024
9.59k
}
1025
1026
void EVP_MD_free(EVP_MD *md)
1027
811k
{
1028
#ifdef OPENSSL_NO_CACHED_FETCH
1029
    evp_md_free(md);
1030
#else
1031
811k
    if (md != NULL && (md->flags & EVP_MD_FLAG_NO_STORE))
1032
0
        evp_md_free(md);
1033
811k
    return;
1034
811k
#endif
1035
811k
}
1036
1037
void EVP_MD_do_all_provided(OSSL_LIB_CTX *libctx,
1038
    void (*fn)(EVP_MD *mac, void *arg),
1039
    void *arg)
1040
0
{
1041
0
    struct EVP_MD_do_all_provided_thunk t;
1042
1043
0
    t.fn = fn;
1044
0
    t.arg = arg;
1045
0
    evp_generic_do_all(libctx, OSSL_OP_DIGEST,
1046
0
        EVP_MD_do_all_provided_thunk, &t,
1047
0
        evp_md_from_algorithm, evp_md_up_ref, evp_md_free);
1048
0
}
1049
1050
EVP_MD *evp_digest_fetch_from_prov(OSSL_PROVIDER *prov,
1051
    const char *algorithm,
1052
    const char *properties)
1053
0
{
1054
0
    return evp_generic_fetch_from_prov(prov, OSSL_OP_DIGEST,
1055
0
        algorithm, properties,
1056
0
        evp_md_from_algorithm,
1057
0
        evp_md_up_ref,
1058
0
        evp_md_free);
1059
0
}
1060
1061
typedef struct {
1062
    int md_nid;
1063
    int hmac_nid;
1064
} ossl_hmacmd_pair;
1065
1066
static const ossl_hmacmd_pair ossl_hmacmd_pairs[] = {
1067
    { NID_sha1, NID_hmacWithSHA1 },
1068
    { NID_md5, NID_hmacWithMD5 },
1069
    { NID_sha224, NID_hmacWithSHA224 },
1070
    { NID_sha256, NID_hmacWithSHA256 },
1071
    { NID_sha384, NID_hmacWithSHA384 },
1072
    { NID_sha512, NID_hmacWithSHA512 },
1073
    { NID_id_GostR3411_94, NID_id_HMACGostR3411_94 },
1074
    { NID_id_GostR3411_2012_256, NID_id_tc26_hmac_gost_3411_2012_256 },
1075
    { NID_id_GostR3411_2012_512, NID_id_tc26_hmac_gost_3411_2012_512 },
1076
    { NID_sha3_224, NID_hmac_sha3_224 },
1077
    { NID_sha3_256, NID_hmac_sha3_256 },
1078
    { NID_sha3_384, NID_hmac_sha3_384 },
1079
    { NID_sha3_512, NID_hmac_sha3_512 },
1080
    { NID_sha512_224, NID_hmacWithSHA512_224 },
1081
    { NID_sha512_256, NID_hmacWithSHA512_256 }
1082
};
1083
1084
int ossl_hmac2mdnid(int hmac_nid)
1085
0
{
1086
0
    int md_nid = NID_undef;
1087
0
    size_t i;
1088
1089
0
    for (i = 0; i < OSSL_NELEM(ossl_hmacmd_pairs); i++) {
1090
0
        if (ossl_hmacmd_pairs[i].hmac_nid == hmac_nid) {
1091
0
            md_nid = ossl_hmacmd_pairs[i].md_nid;
1092
0
            break;
1093
0
        }
1094
0
    }
1095
1096
0
    return md_nid;
1097
0
}
1098
1099
int ossl_md2hmacnid(int md_nid)
1100
0
{
1101
0
    int hmac_nid = NID_undef;
1102
0
    size_t i;
1103
1104
0
    for (i = 0; i < OSSL_NELEM(ossl_hmacmd_pairs); i++) {
1105
0
        if (ossl_hmacmd_pairs[i].md_nid == md_nid) {
1106
0
            hmac_nid = ossl_hmacmd_pairs[i].hmac_nid;
1107
0
            break;
1108
0
        }
1109
0
    }
1110
1111
0
    return hmac_nid;
1112
0
}