Support all available hash functions to compute message digests

spacemonkeygo · Aug 8, 2019 · c1c0ec6 · c1c0ec6
1 parent c2dcc5c
commit c1c0ec6
Show file tree

Hide file tree

Showing 13 changed files with 589 additions and 216 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1 +1,2 @@
 openssl.test
+.idea
diff --git a/cert.go b/cert.go
@@ -26,24 +26,6 @@ import (
 	"unsafe"
 )
 
-type EVP_MD int
-
-const (
-	EVP_NULL      EVP_MD = iota
-	EVP_MD5       EVP_MD = iota
-	EVP_MD4       EVP_MD = iota
-	EVP_SHA       EVP_MD = iota
-	EVP_SHA1      EVP_MD = iota
-	EVP_DSS       EVP_MD = iota
-	EVP_DSS1      EVP_MD = iota
-	EVP_MDC2      EVP_MD = iota
-	EVP_RIPEMD160 EVP_MD = iota
-	EVP_SHA224    EVP_MD = iota
-	EVP_SHA256    EVP_MD = iota
-	EVP_SHA384    EVP_MD = iota
-	EVP_SHA512    EVP_MD = iota
-)
-
 // X509_Version represents a version on an x509 certificate.
 type X509_Version int
 

diff --git a/ctx.go b/ctx.go
@@ -298,8 +298,7 @@ func (s *CertificateStore) AddCertificate(cert *Certificate) error {
 }
 
 type CertificateStoreCtx struct {
-	ctx     *C.X509_STORE_CTX
-	ssl_ctx *Ctx
+	ctx *C.X509_STORE_CTX
 }
 
 func (self *CertificateStoreCtx) VerifyResult() VerifyResult {

diff --git a/digest_computer.go b/digest_computer.go
@@ -0,0 +1,68 @@
+package openssl
+
+// #include "shim.h"
+import "C"
+import (
+	"fmt"
+	"runtime"
+	"unsafe"
+)
+
+// DigestComputer is a generic structure to compute message digest
+// with any hash function supported by OpenSSL
+type DigestComputer struct {
+	ctx    *C.EVP_MD_CTX
+	engine *Engine
+	evpMD  EVP_MD
+}
+
+func NewDigestComputer(digestType EVP_MD) (*DigestComputer, error) {
+	return NewDigestComputerWithEngine(nil, digestType)
+}
+
+func NewDigestComputerWithEngine(e *Engine, digestType EVP_MD) (*DigestComputer, error) {
+	hash := &DigestComputer{engine: e, evpMD: digestType}
+	hash.ctx = C.X_EVP_MD_CTX_new()
+	if hash.ctx == nil {
+		return nil, fmt.Errorf("openssl: %s: unable to allocate ctx", digestType.String())
+	}
+	runtime.SetFinalizer(hash, func(hash *DigestComputer) { hash.Close() })
+	if err := hash.Reset(); err != nil {
+		return nil, err
+	}
+	return hash, nil
+}
+
+func (s *DigestComputer) Close() {
+	if s.ctx != nil {
+		C.X_EVP_MD_CTX_free(s.ctx)
+		s.ctx = nil
+	}
+}
+
+func (s *DigestComputer) Reset() error {
+	if 1 != C.X_EVP_DigestInit_ex(s.ctx, s.evpMD.c(), engineRef(s.engine)) {
+		return fmt.Errorf("openssl: %v: cannot init evpMD ctx", s.evpMD.String())
+	}
+	return nil
+}
+
+func (s *DigestComputer) Write(p []byte) (n int, err error) {
+	if len(p) == 0 {
+		return 0, nil
+	}
+	if 1 != C.X_EVP_DigestUpdate(s.ctx, unsafe.Pointer(&p[0]),
+		C.size_t(len(p))) {
+		return 0, fmt.Errorf("openssl: %v: cannot update evpMD", s.evpMD.String())
+	}
+	return len(p), nil
+}
+
+func (s *DigestComputer) Sum() ([]byte, error) {
+	result := make([]byte, s.evpMD.Size())
+	if 1 != C.X_EVP_DigestFinal_ex(s.ctx,
+		(*C.uchar)(unsafe.Pointer(&result[0])), nil) {
+		return result, fmt.Errorf("openssl: %v: cannot finalize ctx", s.evpMD.String())
+	}
+	return result, s.Reset()
+}
diff --git a/engine.go b/engine.go
@@ -48,3 +48,10 @@ func EngineById(name string) (*Engine, error) {
 	})
 	return e, nil
 }
+
+func engineRef(e *Engine) *C.ENGINE {
+	if e == nil {
+		return nil
+	}
+	return e.e
+}