kris
/
boringssl
1
0
派生 0
代码 工单 0 合并请求 0 版本发布 0 百科 动态
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符
255 提交
12 分支
38 MiB
 
 
 
 
 
 
目录树: 019c3cc64a
分支列表 标签列表
${ item.name }
创建分支 ${ searchTerm }
从 '019c3cc64a'
${ noResults }
boringssl/crypto/evp/p_hmac.c

217 行
6.6 KiB
原始文件 Blame 文件历史 

  1. /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

  2.  * project 2007.

  3.  */

  4. /* ====================================================================

  5.  * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.

  6.  *

  7.  * Redistribution and use in source and binary forms, with or without

  8.  * modification, are permitted provided that the following conditions

  9.  * are met:

  10.  *

  11.  * 1. Redistributions of source code must retain the above copyright

  12.  *    notice, this list of conditions and the following disclaimer.

  13.  *

  14.  * 2. Redistributions in binary form must reproduce the above copyright

  15.  *    notice, this list of conditions and the following disclaimer in

  16.  *    the documentation and/or other materials provided with the

  17.  *    distribution.

  18.  *

  19.  * 3. All advertising materials mentioning features or use of this

  20.  *    software must display the following acknowledgment:

  21.  *    "This product includes software developed by the OpenSSL Project

  22.  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

  23.  *

  24.  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

  25.  *    endorse or promote products derived from this software without

  26.  *    prior written permission. For written permission, please contact

  27.  *    licensing@OpenSSL.org.

  28.  *

  29.  * 5. Products derived from this software may not be called "OpenSSL"

  30.  *    nor may "OpenSSL" appear in their names without prior written

  31.  *    permission of the OpenSSL Project.

  32.  *

  33.  * 6. Redistributions of any form whatsoever must retain the following

  34.  *    acknowledgment:

  35.  *    "This product includes software developed by the OpenSSL Project

  36.  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

  37.  *

  38.  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

  39.  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  40.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

  41.  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

  42.  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

  43.  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

  44.  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

  45.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  46.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

  47.  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

  48.  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

  49.  * OF THE POSSIBILITY OF SUCH DAMAGE.

  50.  * ====================================================================

  51.  *

  52.  * This product includes cryptographic software written by Eric Young

  53.  * (eay@cryptsoft.com).  This product includes software written by Tim

  54.  * Hudson (tjh@cryptsoft.com). */

  55. 

  56. #include <openssl/evp.h>

  57. 

  58. #include <openssl/asn1.h>

  59. #include <openssl/err.h>

  60. #include <openssl/hmac.h>

  61. #include <openssl/mem.h>

  62. #include <openssl/obj.h>

  63. 

  64. #include "internal.h"

  65. 

  66. 

  67. typedef struct {

  68.   const EVP_MD *md;       /* MD for HMAC use */

  69.   ASN1_OCTET_STRING ktmp; /* Temp storage for key */

  70.   HMAC_CTX ctx;

  71. } HMAC_PKEY_CTX;

  72. 

  73. static int pkey_hmac_init(EVP_PKEY_CTX *ctx) {

  74.   HMAC_PKEY_CTX *hctx;

  75.   hctx = OPENSSL_malloc(sizeof(HMAC_PKEY_CTX));

  76.   if (!hctx) {

  77.     return 0;

  78.   }

  79.   memset(hctx, 0, sizeof(HMAC_PKEY_CTX));

  80.   hctx->ktmp.type = V_ASN1_OCTET_STRING;

  81.   HMAC_CTX_init(&hctx->ctx);

  82. 

  83.   ctx->data = hctx;

  84. 

  85.   return 1;

  86. }

  87. 

  88. static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) {

  89.   HMAC_PKEY_CTX *sctx, *dctx;

  90.   if (!pkey_hmac_init(dst)) {

  91.     return 0;

  92.   }

  93.   sctx = src->data;

  94.   dctx = dst->data;

  95.   dctx->md = sctx->md;

  96.   HMAC_CTX_init(&dctx->ctx);

  97.   if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx)) {

  98.     return 0;

  99.   }

  100.   if (sctx->ktmp.data) {

  101.     if (!ASN1_OCTET_STRING_set(&dctx->ktmp, sctx->ktmp.data,

  102.                                sctx->ktmp.length)) {

  103.       return 0;

  104.     }

  105.   }

  106.   return 1;

  107. }

  108. 

  109. static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx) {

  110.   HMAC_PKEY_CTX *hctx = ctx->data;

  111. 

  112.   HMAC_CTX_cleanup(&hctx->ctx);

  113.   if (hctx->ktmp.data) {

  114.     if (hctx->ktmp.length) {

  115.       OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length);

  116.     }

  117.     OPENSSL_free(hctx->ktmp.data);

  118.     hctx->ktmp.data = NULL;

  119.   }

  120.   OPENSSL_free(hctx);

  121. }

  122. 

  123. static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) {

  124.   ASN1_OCTET_STRING *hkey = NULL;

  125.   HMAC_PKEY_CTX *hctx = ctx->data;

  126. 

  127.   if (!hctx->ktmp.data) {

  128.     return 0;

  129.   }

  130.   hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp);

  131.   if (!hkey) {

  132.     return 0;

  133.   }

  134.   EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey);

  135. 

  136.   return 1;

  137. }

  138. 

  139. static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count) {

  140.   HMAC_PKEY_CTX *hctx = ctx->pctx->data;

  141.   return HMAC_Update(&hctx->ctx, data, count);

  142. }

  143. 

  144. static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) {

  145.   HMAC_PKEY_CTX *hctx = ctx->data;

  146. 

  147.   HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT);

  148.   EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);

  149.   mctx->update = int_update;

  150.   return 1;

  151. }

  152. 

  153. static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,

  154.                         EVP_MD_CTX *mctx) {

  155.   unsigned int hlen;

  156.   HMAC_PKEY_CTX *hctx = ctx->data;

  157.   size_t md_size = EVP_MD_CTX_size(mctx);

  158. 

  159.   if (!sig) {

  160.     *siglen = md_size;

  161.     return 1;

  162.   } else if (*siglen < md_size) {

  163.     OPENSSL_PUT_ERROR(EVP, hmac_signctx, EVP_R_BUFFER_TOO_SMALL);

  164.     return 0;

  165.   }

  166. 

  167.   if (!HMAC_Final(&hctx->ctx, sig, &hlen)) {

  168.     return 0;

  169.   }

  170.   *siglen = (size_t)hlen;

  171.   return 1;

  172. }

  173. 

  174. static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) {

  175.   HMAC_PKEY_CTX *hctx = ctx->data;

  176.   ASN1_OCTET_STRING *key;

  177. 

  178.   switch (type) {

  179.     case EVP_PKEY_CTRL_SET_MAC_KEY:

  180.       if ((!p2 && p1 > 0) || (p1 < -1)) {

  181.         return 0;

  182.       }

  183.       if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1)) {

  184.         return 0;

  185.       }

  186.       break;

  187. 

  188.     case EVP_PKEY_CTRL_MD:

  189.       hctx->md = p2;

  190.       break;

  191. 

  192.     case EVP_PKEY_CTRL_DIGESTINIT:

  193.       key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;

  194.       if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,

  195.                         ctx->engine)) {

  196.         return 0;

  197.       }

  198.       break;

  199. 

  200.     default:

  201.       return -2;

  202.   }

  203.   return 1;

  204. }

  205. 

  206. const EVP_PKEY_METHOD hmac_pkey_meth = {

  207.     EVP_PKEY_HMAC,          0 /* flags */,        pkey_hmac_init,

  208.     pkey_hmac_copy,         pkey_hmac_cleanup,    0 /* paramgen_init */,

  209.     0 /* paramgen */,       0 /* keygen_init */,  pkey_hmac_keygen,

  210.     0 /* sign_init */,      0 /* sign */,         0 /* verify_init */,

  211.     0 /* verify */,         hmac_signctx_init,    hmac_signctx,

  212.     0 /* verifyctx_init */, 0 /* verifyctx */,    0 /* encrypt_init */,

  213.     0 /* encrypt */,        0 /* decrypt_init */, 0 /* decrypt */,

  214.     0 /* derive_init */,    0 /* derive */,       pkey_hmac_ctrl,

  215.     0,

  216. };