1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22/* 23 * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. 24 */ 25 26/** 27 * \file KMSAgentCryptoUtilities.cpp 28 */ 29 30#include <openssl/rand.h> 31#include <openssl/hmac.h> 32#include <openssl/err.h> 33#include <openssl/sha.h> 34 35#include "KMSAgentCryptoUtilities.h" 36#include "SYSCommon.h" 37#include "KMSAgentStringUtilities.h" 38//#include "ApplianceParameters.h" 39 40// Find header in CryptoUtilities.h 41bool GetPseudorandomBytes( 42 int i_iNumBytes, 43 unsigned char* o_pBytes ) 44{ 45 if ( 1 != RAND_bytes( o_pBytes, i_iNumBytes) ) 46 { 47 return false; 48 } 49 50 return true; 51} 52 53// assumes o_pHashedBuffer points to HASH_LENGTH bytes 54bool HashBuffer( 55 const unsigned char* i_pBufferToHash, 56 int i_iBufferToHashSize, 57 unsigned char* o_pHashedBuffer ) 58{ 59 60 FATAL_ASSERT( HASH_LENGTH == SHA_DIGEST_LENGTH ); 61 FATAL_ASSERT( i_pBufferToHash && (i_iBufferToHashSize > 0) && o_pHashedBuffer ); 62 63 unsigned char aDigest[HASH_LENGTH]; 64 65 if ( NULL == SHA1( i_pBufferToHash, i_iBufferToHashSize, aDigest ) ) 66 { 67 return false; 68 } 69 70 memcpy( o_pHashedBuffer, aDigest, HASH_LENGTH ); 71 72 return true; 73} 74 75// assumes o_pHMACBuffer points to HMAC_LENGTH bytes 76bool HMACBuffers( 77 int i_iBufferCount, 78 const unsigned char** i_pBufferToHMAC, 79 int* i_pBufferToHMACSize, 80 const unsigned char* i_pHMACKey, 81 int i_iHMACKeySize, 82 unsigned char* o_pHMACBuffer ) 83{ 84 // assumes o_pHMACBuffer points to HMAC_LENGTH bytes 85 86 FATAL_ASSERT( HMAC_LENGTH == SHA_DIGEST_LENGTH ); 87 FATAL_ASSERT( (i_iBufferCount > 0) && 88 i_pBufferToHMAC && 89 i_pBufferToHMACSize && 90 i_pHMACKey && 91 (i_iHMACKeySize > 0) && o_pHMACBuffer ); 92 93 HMAC_CTX stContext; 94 95 HMAC_CTX_init( &stContext ); 96 97 HMAC_Init_ex( &stContext, i_pHMACKey, i_iHMACKeySize, EVP_sha1(), NULL ); 98 99 int i; 100 for ( i = 0; i < i_iBufferCount; i++ ) 101 { 102 HMAC_Update( &stContext, i_pBufferToHMAC[i], i_pBufferToHMACSize[i] ); 103 } 104 105 unsigned int iHMACSize = HMAC_LENGTH; 106 107 HMAC_Final( &stContext, o_pHMACBuffer, &iHMACSize ); 108 109 FATAL_ASSERT( iHMACSize == HMAC_LENGTH ); 110 111 HMAC_CTX_cleanup( &stContext ); 112 113 return true; 114} 115 116