kris
/
boringssl
1
0
Çatalla 0
Kod Konular 0 Değişiklik İstekleri 0 Sürümler 0 Wiki Aktivite
25'ten fazla konu seçemezsiniz Konular bir harf veya rakamla başlamalı, kısa çizgiler ('-') içerebilir ve en fazla 35 karakter uzunluğunda olabilir.
3700 İşleme
12 Dallar
38 MiB
 
 
 
 
 
 
Ağaç: 5c7a4b8c2f
Dallar Biçim İmleri
${ item.name }
${ searchTerm } dalı oluştur
'5c7a4b8c2f'den
${ noResults }
boringssl/crypto/hmac/hmac.c

216 satır
7.5 KiB
Ham Suçlama Geçmiş 

  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <openssl/hmac.h>

  58. 

  59. #include <assert.h>

  60. #include <string.h>

  61. 

  62. #include <openssl/digest.h>

  63. #include <openssl/mem.h>

  64. 

  65. #include "../internal.h"

  66. 

  67. 

  68. uint8_t *HMAC(const EVP_MD *evp_md, const void *key, size_t key_len,

  69.               const uint8_t *data, size_t data_len, uint8_t *out,

  70.               unsigned int *out_len) {

  71.   HMAC_CTX ctx;

  72.   static uint8_t static_out_buffer[EVP_MAX_MD_SIZE];

  73. 

  74.   /* OpenSSL has traditionally supported using a static buffer if |out| is

  75.    * NULL. We maintain that but don't document it. This behaviour should be

  76.    * considered to be deprecated. */

  77.   if (out == NULL) {

  78.     out = static_out_buffer;

  79.   }

  80. 

  81.   HMAC_CTX_init(&ctx);

  82.   if (!HMAC_Init_ex(&ctx, key, key_len, evp_md, NULL) ||

  83.       !HMAC_Update(&ctx, data, data_len) ||

  84.       !HMAC_Final(&ctx, out, out_len)) {

  85.     out = NULL;

  86.   }

  87. 

  88.   HMAC_CTX_cleanup(&ctx);

  89.   return out;

  90. }

  91. 

  92. void HMAC_CTX_init(HMAC_CTX *ctx) {

  93.   ctx->md = NULL;

  94.   EVP_MD_CTX_init(&ctx->i_ctx);

  95.   EVP_MD_CTX_init(&ctx->o_ctx);

  96.   EVP_MD_CTX_init(&ctx->md_ctx);

  97. }

  98. 

  99. void HMAC_CTX_cleanup(HMAC_CTX *ctx) {

  100.   EVP_MD_CTX_cleanup(&ctx->i_ctx);

  101.   EVP_MD_CTX_cleanup(&ctx->o_ctx);

  102.   EVP_MD_CTX_cleanup(&ctx->md_ctx);

  103.   OPENSSL_cleanse(ctx, sizeof(HMAC_CTX));

  104. }

  105. 

  106. int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, size_t key_len,

  107.                  const EVP_MD *md, ENGINE *impl) {

  108.   if (md == NULL) {

  109.     md = ctx->md;

  110.   }

  111. 

  112.   /* If either |key| is non-NULL or |md| has changed, initialize with a new key

  113.    * rather than rewinding the previous one.

  114.    *

  115.    * TODO(davidben,eroman): Passing the previous |md| with a NULL |key| is

  116.    * ambiguous between using the empty key and reusing the previous key. There

  117.    * exist callers which intend the latter, but the former is an awkward edge

  118.    * case. Fix to API to avoid this. */

  119.   if (md != ctx->md || key != NULL) {

  120.     uint8_t pad[EVP_MAX_MD_BLOCK_SIZE];

  121.     uint8_t key_block[EVP_MAX_MD_BLOCK_SIZE];

  122.     unsigned key_block_len;

  123. 

  124.     size_t block_size = EVP_MD_block_size(md);

  125.     assert(block_size <= sizeof(key_block));

  126.     if (block_size < key_len) {

  127.       /* Long keys are hashed. */

  128.       if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl) ||

  129.           !EVP_DigestUpdate(&ctx->md_ctx, key, key_len) ||

  130.           !EVP_DigestFinal_ex(&ctx->md_ctx, key_block, &key_block_len)) {

  131.         return 0;

  132.       }

  133.     } else {

  134.       assert(key_len <= sizeof(key_block));

  135.       OPENSSL_memcpy(key_block, key, key_len);

  136.       key_block_len = (unsigned)key_len;

  137.     }

  138.     /* Keys are then padded with zeros. */

  139.     if (key_block_len != EVP_MAX_MD_BLOCK_SIZE) {

  140.       OPENSSL_memset(&key_block[key_block_len], 0, sizeof(key_block) - key_block_len);

  141.     }

  142. 

  143.     for (size_t i = 0; i < EVP_MAX_MD_BLOCK_SIZE; i++) {

  144.       pad[i] = 0x36 ^ key_block[i];

  145.     }

  146.     if (!EVP_DigestInit_ex(&ctx->i_ctx, md, impl) ||

  147.         !EVP_DigestUpdate(&ctx->i_ctx, pad, EVP_MD_block_size(md))) {

  148.       return 0;

  149.     }

  150. 

  151.     for (size_t i = 0; i < EVP_MAX_MD_BLOCK_SIZE; i++) {

  152.       pad[i] = 0x5c ^ key_block[i];

  153.     }

  154.     if (!EVP_DigestInit_ex(&ctx->o_ctx, md, impl) ||

  155.         !EVP_DigestUpdate(&ctx->o_ctx, pad, EVP_MD_block_size(md))) {

  156.       return 0;

  157.     }

  158. 

  159.     ctx->md = md;

  160.   }

  161. 

  162.   if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx)) {

  163.     return 0;

  164.   }

  165. 

  166.   return 1;

  167. }

  168. 

  169. int HMAC_Update(HMAC_CTX *ctx, const uint8_t *data, size_t data_len) {

  170.   return EVP_DigestUpdate(&ctx->md_ctx, data, data_len);

  171. }

  172. 

  173. int HMAC_Final(HMAC_CTX *ctx, uint8_t *out, unsigned int *out_len) {

  174.   unsigned int i;

  175.   uint8_t buf[EVP_MAX_MD_SIZE];

  176. 

  177.   /* TODO(davidben): The only thing that can officially fail here is

  178.    * |EVP_MD_CTX_copy_ex|, but even that should be impossible in this case. */

  179.   if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i) ||

  180.       !EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx) ||

  181.       !EVP_DigestUpdate(&ctx->md_ctx, buf, i) ||

  182.       !EVP_DigestFinal_ex(&ctx->md_ctx, out, out_len)) {

  183.     *out_len = 0;

  184.     return 0;

  185.   }

  186. 

  187.   return 1;

  188. }

  189. 

  190. size_t HMAC_size(const HMAC_CTX *ctx) {

  191.   return EVP_MD_size(ctx->md);

  192. }

  193. 

  194. int HMAC_CTX_copy_ex(HMAC_CTX *dest, const HMAC_CTX *src) {

  195.   if (!EVP_MD_CTX_copy_ex(&dest->i_ctx, &src->i_ctx) ||

  196.       !EVP_MD_CTX_copy_ex(&dest->o_ctx, &src->o_ctx) ||

  197.       !EVP_MD_CTX_copy_ex(&dest->md_ctx, &src->md_ctx)) {

  198.     return 0;

  199.   }

  200. 

  201.   dest->md = src->md;

  202.   return 1;

  203. }

  204. 

  205. int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len, const EVP_MD *md) {

  206.   if (key && md) {

  207.     HMAC_CTX_init(ctx);

  208.   }

  209.   return HMAC_Init_ex(ctx, key, key_len, md, NULL);

  210. }

  211. 

  212. int HMAC_CTX_copy(HMAC_CTX *dest, const HMAC_CTX *src) {

  213.   HMAC_CTX_init(dest);

  214.   return HMAC_CTX_copy_ex(dest, src);

  215. }