| hm_pmeth.c (238405) | hm_pmeth.c (280297) |
|---|---|
| 1/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2 * project 2007. | 1/* 2 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project 3 * 2007. |
| 3 */ 4/* ==================================================================== 5 * Copyright (c) 2007 The OpenSSL Project. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 11 * 1. Redistributions of source code must retain the above copyright | 4 */ 5/* ==================================================================== 6 * Copyright (c) 2007 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright |
| 12 * notice, this list of conditions and the following disclaimer. | 13 * notice, this list of conditions and the following disclaimer. |
| 13 * 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in 16 * the documentation and/or other materials provided with the 17 * distribution. 18 * 19 * 3. All advertising materials mentioning features or use of this 20 * software must display the following acknowledgment: --- 39 unchanged lines hidden (view full) --- 60#include <openssl/x509.h> 61#include <openssl/x509v3.h> 62#include <openssl/evp.h> 63#include <openssl/hmac.h> 64#include "evp_locl.h" 65 66/* HMAC pkey context structure */ 67 | 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. All advertising materials mentioning features or use of this 21 * software must display the following acknowledgment: --- 39 unchanged lines hidden (view full) --- 61#include <openssl/x509.h> 62#include <openssl/x509v3.h> 63#include <openssl/evp.h> 64#include <openssl/hmac.h> 65#include "evp_locl.h" 66 67/* HMAC pkey context structure */ 68 |
| 68typedef struct 69 { 70 const EVP_MD *md; /* MD for HMAC use */ 71 ASN1_OCTET_STRING ktmp; /* Temp storage for key */ 72 HMAC_CTX ctx; 73 } HMAC_PKEY_CTX; | 69typedef struct { 70 const EVP_MD *md; /* MD for HMAC use */ 71 ASN1_OCTET_STRING ktmp; /* Temp storage for key */ 72 HMAC_CTX ctx; 73} HMAC_PKEY_CTX; |
| 74 75static int pkey_hmac_init(EVP_PKEY_CTX *ctx) | 74 75static int pkey_hmac_init(EVP_PKEY_CTX *ctx) |
| 76 { 77 HMAC_PKEY_CTX *hctx; 78 hctx = OPENSSL_malloc(sizeof(HMAC_PKEY_CTX)); 79 if (!hctx) 80 return 0; 81 hctx->md = NULL; 82 hctx->ktmp.data = NULL; 83 hctx->ktmp.length = 0; 84 hctx->ktmp.flags = 0; 85 hctx->ktmp.type = V_ASN1_OCTET_STRING; 86 HMAC_CTX_init(&hctx->ctx); | 76{ 77 HMAC_PKEY_CTX *hctx; 78 hctx = OPENSSL_malloc(sizeof(HMAC_PKEY_CTX)); 79 if (!hctx) 80 return 0; 81 hctx->md = NULL; 82 hctx->ktmp.data = NULL; 83 hctx->ktmp.length = 0; 84 hctx->ktmp.flags = 0; 85 hctx->ktmp.type = V_ASN1_OCTET_STRING; 86 HMAC_CTX_init(&hctx->ctx); |
| 87 | 87 |
| 88 ctx->data = hctx; 89 ctx->keygen_info_count = 0; | 88 ctx->data = hctx; 89 ctx->keygen_info_count = 0; |
| 90 | 90 |
| 91 return 1; 92 } | 91 return 1; 92} |
| 93 94static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) | 93 94static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) |
| 95 { 96 HMAC_PKEY_CTX *sctx, *dctx; 97 if (!pkey_hmac_init(dst)) 98 return 0; 99 sctx = src->data; 100 dctx = dst->data; 101 dctx->md = sctx->md; 102 HMAC_CTX_init(&dctx->ctx); 103 if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx)) 104 return 0; 105 if (sctx->ktmp.data) 106 { 107 if (!ASN1_OCTET_STRING_set(&dctx->ktmp, 108 sctx->ktmp.data, sctx->ktmp.length)) 109 return 0; 110 } 111 return 1; 112 } | 95{ 96 HMAC_PKEY_CTX *sctx, *dctx; 97 if (!pkey_hmac_init(dst)) 98 return 0; 99 sctx = src->data; 100 dctx = dst->data; 101 dctx->md = sctx->md; 102 HMAC_CTX_init(&dctx->ctx); 103 if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx)) 104 return 0; 105 if (sctx->ktmp.data) { 106 if (!ASN1_OCTET_STRING_set(&dctx->ktmp, 107 sctx->ktmp.data, sctx->ktmp.length)) 108 return 0; 109 } 110 return 1; 111} |
| 113 114static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx) | 112 113static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx) |
| 115 { 116 HMAC_PKEY_CTX *hctx = ctx->data; 117 HMAC_CTX_cleanup(&hctx->ctx); 118 if (hctx->ktmp.data) 119 { 120 if (hctx->ktmp.length) 121 OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length); 122 OPENSSL_free(hctx->ktmp.data); 123 hctx->ktmp.data = NULL; 124 } 125 OPENSSL_free(hctx); 126 } | 114{ 115 HMAC_PKEY_CTX *hctx = ctx->data; 116 HMAC_CTX_cleanup(&hctx->ctx); 117 if (hctx->ktmp.data) { 118 if (hctx->ktmp.length) 119 OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length); 120 OPENSSL_free(hctx->ktmp.data); 121 hctx->ktmp.data = NULL; 122 } 123 OPENSSL_free(hctx); 124} |
| 127 128static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) | 125 126static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) |
| 129 { 130 ASN1_OCTET_STRING *hkey = NULL; 131 HMAC_PKEY_CTX *hctx = ctx->data; 132 if (!hctx->ktmp.data) 133 return 0; 134 hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp); 135 if (!hkey) 136 return 0; 137 EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey); 138 139 return 1; 140 } | 127{ 128 ASN1_OCTET_STRING *hkey = NULL; 129 HMAC_PKEY_CTX *hctx = ctx->data; 130 if (!hctx->ktmp.data) 131 return 0; 132 hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp); 133 if (!hkey) 134 return 0; 135 EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey); |
| 141 | 136 |
| 142static int int_update(EVP_MD_CTX *ctx,const void *data,size_t count) 143 { 144 HMAC_PKEY_CTX *hctx = ctx->pctx->data; 145 if (!HMAC_Update(&hctx->ctx, data, count)) 146 return 0; 147 return 1; 148 } | 137 return 1; 138} |
| 149 | 139 |
| 140static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count) 141{ 142 HMAC_PKEY_CTX *hctx = ctx->pctx->data; 143 if (!HMAC_Update(&hctx->ctx, data, count)) 144 return 0; 145 return 1; 146} 147 |
|
| 150static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) | 148static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) |
| 151 { 152 HMAC_PKEY_CTX *hctx = ctx->data; 153 HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT); 154 EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); 155 mctx->update = int_update; 156 return 1; 157 } | 149{ 150 HMAC_PKEY_CTX *hctx = ctx->data; 151 HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT); 152 EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); 153 mctx->update = int_update; 154 return 1; 155} |
| 158 159static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, | 156 157static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, |
| 160 EVP_MD_CTX *mctx) 161 { 162 unsigned int hlen; 163 HMAC_PKEY_CTX *hctx = ctx->data; 164 int l = EVP_MD_CTX_size(mctx); | 158 EVP_MD_CTX *mctx) 159{ 160 unsigned int hlen; 161 HMAC_PKEY_CTX *hctx = ctx->data; 162 int l = EVP_MD_CTX_size(mctx); |
| 165 | 163 |
| 166 if (l < 0) 167 return 0; 168 *siglen = l; 169 if (!sig) 170 return 1; | 164 if (l < 0) 165 return 0; 166 *siglen = l; 167 if (!sig) 168 return 1; |
| 171 | 169 |
| 172 if (!HMAC_Final(&hctx->ctx, sig, &hlen)) 173 return 0; 174 *siglen = (size_t)hlen; 175 return 1; 176 } | 170 if (!HMAC_Final(&hctx->ctx, sig, &hlen)) 171 return 0; 172 *siglen = (size_t)hlen; 173 return 1; 174} |
| 177 178static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) | 175 176static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) |
| 179 { 180 HMAC_PKEY_CTX *hctx = ctx->data; 181 ASN1_OCTET_STRING *key; 182 switch (type) 183 { | 177{ 178 HMAC_PKEY_CTX *hctx = ctx->data; 179 ASN1_OCTET_STRING *key; 180 switch (type) { |
| 184 | 181 |
| 185 case EVP_PKEY_CTRL_SET_MAC_KEY: 186 if ((!p2 && p1 > 0) || (p1 < -1)) 187 return 0; 188 if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1)) 189 return 0; 190 break; | 182 case EVP_PKEY_CTRL_SET_MAC_KEY: 183 if ((!p2 && p1 > 0) || (p1 < -1)) 184 return 0; 185 if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1)) 186 return 0; 187 break; |
| 191 | 188 |
| 192 case EVP_PKEY_CTRL_MD: 193 hctx->md = p2; 194 break; | 189 case EVP_PKEY_CTRL_MD: 190 hctx->md = p2; 191 break; |
| 195 | 192 |
| 196 case EVP_PKEY_CTRL_DIGESTINIT: 197 key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr; 198 if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md, 199 ctx->engine)) 200 return 0; 201 break; | 193 case EVP_PKEY_CTRL_DIGESTINIT: 194 key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr; 195 if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md, 196 ctx->engine)) 197 return 0; 198 break; |
| 202 | 199 |
| 203 default: 204 return -2; | 200 default: 201 return -2; |
| 205 | 202 |
| 206 } 207 return 1; 208 } | 203 } 204 return 1; 205} |
| 209 210static int pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx, | 206 207static int pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx, |
| 211 const char *type, const char *value) 212 { 213 if (!value) 214 { 215 return 0; 216 } 217 if (!strcmp(type, "key")) 218 { 219 void *p = (void *)value; 220 return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, 221 -1, p); 222 } 223 if (!strcmp(type, "hexkey")) 224 { 225 unsigned char *key; 226 int r; 227 long keylen; 228 key = string_to_hex(value, &keylen); 229 if (!key) 230 return 0; 231 r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key); 232 OPENSSL_free(key); 233 return r; 234 } 235 return -2; 236 } | 208 const char *type, const char *value) 209{ 210 if (!value) { 211 return 0; 212 } 213 if (!strcmp(type, "key")) { 214 void *p = (void *)value; 215 return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, -1, p); 216 } 217 if (!strcmp(type, "hexkey")) { 218 unsigned char *key; 219 int r; 220 long keylen; 221 key = string_to_hex(value, &keylen); 222 if (!key) 223 return 0; 224 r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key); 225 OPENSSL_free(key); 226 return r; 227 } 228 return -2; 229} |
| 237 | 230 |
| 238const EVP_PKEY_METHOD hmac_pkey_meth = 239 { 240 EVP_PKEY_HMAC, 241 0, 242 pkey_hmac_init, 243 pkey_hmac_copy, 244 pkey_hmac_cleanup, | 231const EVP_PKEY_METHOD hmac_pkey_meth = { 232 EVP_PKEY_HMAC, 233 0, 234 pkey_hmac_init, 235 pkey_hmac_copy, 236 pkey_hmac_cleanup, |
| 245 | 237 |
| 246 0, 0, | 238 0, 0, |
| 247 | 239 |
| 248 0, 249 pkey_hmac_keygen, | 240 0, 241 pkey_hmac_keygen, |
| 250 | 242 |
| 251 0, 0, | 243 0, 0, |
| 252 | 244 |
| 253 0, 0, | 245 0, 0, |
| 254 | 246 |
| 255 0,0, | 247 0, 0, |
| 256 | 248 |
| 257 hmac_signctx_init, 258 hmac_signctx, | 249 hmac_signctx_init, 250 hmac_signctx, |
| 259 | 251 |
| 260 0,0, | 252 0, 0, |
| 261 | 253 |
| 262 0,0, | 254 0, 0, |
| 263 | 255 |
| 264 0,0, | 256 0, 0, |
| 265 | 257 |
| 266 0,0, | 258 0, 0, |
| 267 | 259 |
| 268 pkey_hmac_ctrl, 269 pkey_hmac_ctrl_str 270 271 }; | 260 pkey_hmac_ctrl, 261 pkey_hmac_ctrl_str 262}; |