mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update the demos/README file because it is really old. New demos should provide best practice for API use.

Browse Source 
Add demonstration for computing a SHA3-512 digest - digest/EVP_MD_demo

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14150)
This commit is contained in:
Paul Nelson 2021-02-10 16:49:19 -06:00 committed by Dmitry Belyavskiy
parent a7a041c230
commit 29ce1066bc
5 changed files with 481 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
demos/README.txt
View File

@ -1,9 +1,23 @@
NOTE: Don't expect any of these programs to work with current
OpenSSL releases, or even with later SSLeay releases.
OpenSSL Demonstration Applications
Original README:
=============================================================================
This folder contains source code that demonstrates the proper use of the OpenSSL
library API.
Some demo programs sent to me by various people
bio: Demonstration of a simple TLS client and server.
eric
certs: Demonstration of creating certs, using OCSP
ciphers:
cms:
digest:
EVP_MD_demo.c Compute a digest from multiple buffers
EVP_MD_stdin.c Compute a digest with data read from stdin
EVP_f_md.c Compute a digest using BIO and EVP_f_md
smime:
pkcs12:
pkread.c Print out a description of a PKCS12 file.
pkwrite.c Add a password to an existing PKCS12 file.

122
demos/digest/BIO_f_md.c Executable file
View File

@ -0,0 +1,122 @@
/*-
* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*-
* Example of using EVP_MD_fetch and EVP_Digest* methods to calculate
* a digest of static buffers
* You can find SHA3 test vectors from NIST here:
* https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/sha3/sha-3bytetestvectors.zip
* For example, contains these lines:
Len = 80
Msg = 1ca984dcc913344370cf
MD = 6915ea0eeffb99b9b246a0e34daf3947852684c3d618260119a22835659e4f23d4eb66a15d0affb8e93771578f5e8f25b7a5f2a55f511fb8b96325ba2cd14816
* use xxd convert the hex message string to binary input for BIO_f_md:
* echo "1ca984dcc913344370cf" | xxd -r -p | ./BIO_f_md
* and then verify the output matches MD above.
*/
#include <string.h>
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
/*-
* This demonstration will show how to digest data using
* a BIO configured with a message digest
* A message digest name may be passed as an argument.
* The default digest is SHA3-512
*/
int main(int argc, char * argv[])
{
int result = 1;
OSSL_LIB_CTX *library_context = NULL;
BIO *input = NULL;
BIO *bio_digest = NULL;
EVP_MD *md = NULL;
unsigned char buffer[512];
size_t readct, writect;
size_t digest_size;
char *digest_value=NULL;
int j;
input = BIO_new_fd( fileno(stdin), 1 );
if (input == NULL) {
fprintf(stderr, "BIO_new_fd() for stdin returned NULL\n");
goto cleanup;
}
library_context = OSSL_LIB_CTX_new();
if (library_context == NULL) {
fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
goto cleanup;
}
/*
* Fetch a message digest by name
* The algorithm name is case insensitive.
* See providers(7) for details about algorithm fetching
*/
md = EVP_MD_fetch( library_context, "SHA3-512", NULL );
if (md == NULL) {
fprintf(stderr, "EVP_MD_fetch did not find SHA3-512.\n");
goto cleanup;
}
digest_size = EVP_MD_size(md);
digest_value = OPENSSL_malloc(digest_size);
if (digest_value == NULL) {
fprintf(stderr, "Can't allocate %lu bytes for the digest value.\n", (unsigned long)digest_size);
goto cleanup;
}
/* Make a bio that uses the digest */
bio_digest = BIO_new(BIO_f_md());
if (bio_digest == NULL) {
fprintf(stderr, "BIO_new(BIO_f_md()) returned NULL\n");
goto cleanup;
}
/* set our bio_digest BIO to digest data */
if (BIO_set_md(bio_digest,md) != 1) {
fprintf(stderr, "BIO_set_md failed.\n");
goto cleanup;
}
/*-
* We will use BIO chaining so that as we read, the digest gets updated
* See the man page for BIO_push
*/
BIO *reading = BIO_push( bio_digest, input );
while( BIO_read(reading, buffer, sizeof(buffer)) > 0 )
;
/*-
* BIO_gets must be used to calculate the final
* digest value and then copy it to digest_value.
*/
if (BIO_gets(bio_digest, digest_value, digest_size) != digest_size) {
fprintf(stderr, "BIO_gets(bio_digest) failed\n");
goto cleanup;
}
for (j=0; j<digest_size; j++) {
fprintf(stdout, "%02x", (unsigned char)digest_value[j]);
}
fprintf(stdout, "\n");
result = 0;
cleanup:
if (result != 0)
ERR_print_errors_fp(stderr);
OPENSSL_free(digest_value);
BIO_free(input);
BIO_free(bio_digest);
EVP_MD_free(md);
OSSL_LIB_CTX_free(library_context);
return result;
}

183
demos/digest/EVP_MD_demo.c Normal file
View File

@ -0,0 +1,183 @@
/*-
* Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Example of using EVP_MD_fetch and EVP_Digest* methods to calculate
* a digest of static buffers
*/
#include <string.h>
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
/*-
* This demonstration will show how to digest data using
* the soliloqy from Hamlet scene 1 act 3
* The soliloqy is split into two parts to demonstrate using EVP_DigestUpdate
* more than once.
*/
const char * hamlet_1 =
"To be, or not to be, that is the question,\n"
"Whether tis nobler in the minde to suffer\n"
"The ſlings and arrowes of outragious fortune,\n"
"Or to take Armes again in a sea of troubles,\n"
"And by opposing, end them, to die to sleep;\n"
"No more, and by a sleep, to say we end\n"
"The heart-ache, and the thousand natural shocks\n"
"That flesh is heir to? tis a consumation\n"
"Devoutly to be wished. To die to sleep,\n"
"To sleepe, perchance to dreame, Aye, there's the rub,\n"
"For in that sleep of death what dreams may come\n"
"When we haue shuffled off this mortal coil\n"
"Must give us pause. There's the respect\n"
"That makes calamity of so long life:\n"
"For who would bear the Ships and Scorns of time,\n"
"The oppressor's wrong, the proud man's Contumely,\n"
"The pangs of dispised love, the Law's delay,\n"
;
const char * hamlet_2 =
"The insolence of Office, and the spurns\n"
"That patient merit of the'unworthy takes,\n"
"When he himself might his Quietas make\n"
"With a bare bodkin? Who would fardels bear,\n"
"To grunt and sweat under a weary life,\n"
"But that the dread of something after death,\n"
"The undiscovered country, from whose bourn\n"
"No traveller returns, puzzles the will,\n"
"And makes us rather bear those ills we have,\n"
"Then fly to others we know not of?\n"
"Thus conscience does make cowards of us all,\n"
"And thus the native hue of Resolution\n"
"Is sickled o'er with the pale cast of Thought,\n"
"And enterprises of great pith and moment,\n"
"With this regard their currents turn awry,\n"
"And lose the name of Action. Soft you now,\n"
"The fair Ophelia? Nymph in thy Orisons\n"
"Be all my sins remember'd.\n"
;
/* The known value of the SHA3-512 digest of the above soliloqy */
const unsigned char known_answer[] = {
0xbb, 0x69, 0xf8, 0x09, 0x9c, 0x2e, 0x00, 0x3d,
0xa4, 0x29, 0x5f, 0x59, 0x4b, 0x89, 0xe4, 0xd9,
0xdb, 0xa2, 0xe5, 0xaf, 0xa5, 0x87, 0x73, 0x9d,
0x83, 0x72, 0xcf, 0xea, 0x84, 0x66, 0xc1, 0xf9,
0xc9, 0x78, 0xef, 0xba, 0x3d, 0xe9, 0xc1, 0xff,
0xa3, 0x75, 0xc7, 0x58, 0x74, 0x8e, 0x9c, 0x1d,
0x14, 0xd9, 0xdd, 0xd1, 0xfd, 0x24, 0x30, 0xd6,
0x81, 0xca, 0x8f, 0x78, 0x29, 0x19, 0x9a, 0xfe,
};
int demonstrate_digest(void)
{
OSSL_LIB_CTX *library_context;
int result = 0;
const char *option_properties = NULL;
EVP_MD *message_digest = NULL;
EVP_MD_CTX *digest_context = NULL;
unsigned int digest_length;
unsigned char *digest_value = NULL;
int j;
library_context = OSSL_LIB_CTX_new();
if (library_context == NULL) {
fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
goto cleanup;
}
/*
* Fetch a message digest by name
* The algorithm name is case insensitive.
* See providers(7) for details about algorithm fetching
*/
message_digest = EVP_MD_fetch(library_context,
"SHA3-512", option_properties);
if (message_digest == NULL) {
fprintf(stderr, "EVP_MD_fetch could not find SHA3-512.");
goto cleanup;
}
/* Determine the length of the fetched digest type */
digest_length = EVP_MD_size(message_digest);
if (digest_length <= 0) {
fprintf(stderr, "EVP_MD_size returned invalid size.\n");
goto cleanup;
}
digest_value = OPENSSL_malloc(digest_length);
if (digest_value == NULL) {
fprintf(stderr, "No memory.\n");
goto cleanup;
}
/*
* Make a message digest context to hold temporary state
* during digest creation
*/
digest_context = EVP_MD_CTX_new();
if (digest_context == NULL) {
fprintf(stderr, "EVP_MD_CTX_new failed.\n");
goto cleanup;
}
/*
* Initialize the message digest context to use the fetched
* digest provider
*/
if (EVP_DigestInit(digest_context, message_digest) != 1) {
fprintf(stderr, "EVP_DigestInit failed.\n");
goto cleanup;
}
/* Digest parts one and two of the soliloqy */
if (EVP_DigestUpdate(digest_context, hamlet_1, strlen(hamlet_1)) != 1) {
fprintf(stderr, "EVP_DigestUpdate(hamlet_1) failed.\n");
goto cleanup;
}
if (EVP_DigestUpdate(digest_context, hamlet_2, strlen(hamlet_2)) != 1) {
fprintf(stderr, "EVP_DigestUpdate(hamlet_2) failed.\n");
goto cleanup;
}
if (EVP_DigestFinal(digest_context, digest_value, &digest_length) != 1) {
fprintf(stderr, "EVP_DigestFinal() failed.\n");
goto cleanup;
}
for (j=0; j<digest_length; j++) {
fprintf(stdout, "%02x", digest_value[j]);
}
fprintf(stdout, "\n");
/* Check digest_value against the known answer */
if ((size_t)digest_length != sizeof(known_answer)) {
fprintf(stdout, "Digest length(%d) not equal to known answer length(%lu).\n",
digest_length, sizeof(known_answer));
} else if (memcmp(digest_value, known_answer, digest_length) != 0) {
for (j=0; j<sizeof(known_answer); j++) {
fprintf(stdout, "%02x", known_answer[j] );
}
fprintf(stdout, "\nDigest does not match known answer\n");
} else {
fprintf(stdout, "Digest computed properly.\n");
result = 1;
}
cleanup:
if (result != 1)
ERR_print_errors_fp(stderr);
/* OpenSSL free functions will ignore NULL arguments */
EVP_MD_CTX_free(digest_context);
OPENSSL_free(digest_value);
EVP_MD_free(message_digest);
OSSL_LIB_CTX_free(library_context);
return result;
}
int main(void)
{
return demonstrate_digest() == 0;
}

134
demos/digest/EVP_MD_stdin.c Executable file
View File

@ -0,0 +1,134 @@
/*-
* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*-
* Example of using EVP_MD_fetch and EVP_Digest* methods to calculate
* a digest of static buffers
* You can find SHA3 test vectors from NIST here:
* https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/sha3/sha-3bytetestvectors.zip
* For example, contains these lines:
Len = 80
Msg = 1ca984dcc913344370cf
MD = 6915ea0eeffb99b9b246a0e34daf3947852684c3d618260119a22835659e4f23d4eb66a15d0affb8e93771578f5e8f25b7a5f2a55f511fb8b96325ba2cd14816
* use xxd convert the hex message string to binary input for EVP_MD_stdin:
* echo "1ca984dcc913344370cf" | xxd -r -p | ./EVP_MD_stdin
* and then verify the output matches MD above.
*/
#include <string.h>
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
/*-
* This demonstration will show how to digest data using
* a BIO created to read from stdin
*/
int demonstrate_digest(BIO *input)
{
OSSL_LIB_CTX *library_context = NULL;
int result = 0;
const char * option_properties = NULL;
EVP_MD *message_digest = NULL;
EVP_MD_CTX *digest_context = NULL;
unsigned int digest_length;
unsigned char *digest_value = NULL;
unsigned char buffer[512];
int ii;
library_context = OSSL_LIB_CTX_new();
if (library_context == NULL) {
fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
goto cleanup;
}
/*
* Fetch a message digest by name
* The algorithm name is case insensitive.
* See providers(7) for details about algorithm fetching
*/
message_digest = EVP_MD_fetch(library_context,
"SHA3-512", option_properties);
if (message_digest == NULL) {
fprintf(stderr, "EVP_MD_fetch could not find SHA3-512.");
ERR_print_errors_fp(stderr);
OSSL_LIB_CTX_free(library_context);
return 0;
}
/* Determine the length of the fetched digest type */
digest_length = EVP_MD_size(message_digest);
if (digest_length <= 0) {
fprintf(stderr, "EVP_MD_size returned invalid size.\n");
goto cleanup;
}
digest_value = OPENSSL_malloc(digest_length);
if (digest_value == NULL) {
fprintf(stderr, "No memory.\n");
goto cleanup;
}
/*
* Make a message digest context to hold temporary state
* during digest creation
*/
digest_context = EVP_MD_CTX_new();
if (digest_context == NULL) {
fprintf(stderr, "EVP_MD_CTX_new failed.\n");
ERR_print_errors_fp(stderr);
goto cleanup;
}
/*
* Initialize the message digest context to use the fetched
* digest provider
*/
if (EVP_DigestInit(digest_context, message_digest) != 1) {
fprintf(stderr, "EVP_DigestInit failed.\n");
ERR_print_errors_fp(stderr);
goto cleanup;
}
while ((ii = BIO_read(input, buffer, sizeof(buffer))) > 0) {
if (EVP_DigestUpdate(digest_context, buffer, ii) != 1) {
fprintf(stderr, "EVP_DigestUpdate() failed.\n");
goto cleanup;
}
}
if (EVP_DigestFinal(digest_context, digest_value, &digest_length) != 1) {
fprintf(stderr, "EVP_DigestFinal() failed.\n");
goto cleanup;
}
result = 1;
for (ii=0; ii<digest_length; ii++) {
fprintf(stdout, "%02x", digest_value[ii]);
}
fprintf(stdout, "\n");
cleanup:
if (result != 1)
ERR_print_errors_fp(stderr);
/* OpenSSL free functions will ignore NULL arguments */
EVP_MD_CTX_free(digest_context);
OPENSSL_free(digest_value);
EVP_MD_free(message_digest);
OSSL_LIB_CTX_free(library_context);
return result;
}
int main(void)
{
int result = 1;
BIO *input = BIO_new_fd( fileno(stdin), 1 );
if (input != NULL) {
result = demonstrate_digest(input);
BIO_free(input);
}
return result;
}

22
demos/digest/Makefile Normal file
View File

@ -0,0 +1,22 @@
#
# To run the demos when linked with a shared library (default):
#
# LD_LIBRARY_PATH=../.. ./EVP_MD_demo
CFLAGS = -I../../include -g
LDFLAGS = -L../..
LDLIBS = -lcrypto
all: EVP_MD_demo EVP_MD_stdin BIO_f_md
%.o: %.c
$(CC) $(CFLAGS) -c $<
EVP_MD_demo: EVP_MD_demo.o
EVP_MD_stdin: EVP_MD_stdin.o
BIO_f_md: BIO_f_md.o
test: ;
clean:
$(RM) *.o EVP_MD_demo EVP_MD_stdin BIO_f_md