kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
528 Commits
12 Branches
38 MiB
 
 
 
 
 
 
Tree: f4b4952719
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f4b4952719'
${ noResults }
boringssl/crypto/hmac/hmac.c

209 lines
7.0 KiB
Raw Blame History 

  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <openssl/hmac.h>

  58. 

  59. #include <assert.h>

  60. 

  61. #include <openssl/mem.h>

  62. 

  63. 

  64. uint8_t *HMAC(const EVP_MD *evp_md, const void *key, size_t key_len,

  65.               const uint8_t *data, size_t data_len, uint8_t *out,

  66.               unsigned int *out_len) {

  67.   HMAC_CTX ctx;

  68.   static uint8_t static_out_buffer[EVP_MAX_MD_SIZE];

  69. 

  70.   /* OpenSSL has traditionally supported using a static buffer if |out| is

  71.    * NULL. We maintain that but don't document it. This behaviour should be

  72.    * considered to be deprecated. */

  73.   if (out == NULL) {

  74.     out = static_out_buffer;

  75.   }

  76. 

  77.   HMAC_CTX_init(&ctx);

  78.   if (!HMAC_Init(&ctx, key, key_len, evp_md) ||

  79.       !HMAC_Update(&ctx, data, data_len) ||

  80.       !HMAC_Final(&ctx, out, out_len)) {

  81.     out = NULL;

  82.   }

  83. 

  84.   HMAC_CTX_cleanup(&ctx);

  85.   return out;

  86. }

  87. 

  88. void HMAC_CTX_init(HMAC_CTX *ctx) {

  89.   EVP_MD_CTX_init(&ctx->i_ctx);

  90.   EVP_MD_CTX_init(&ctx->o_ctx);

  91.   EVP_MD_CTX_init(&ctx->md_ctx);

  92. }

  93. 

  94. void HMAC_CTX_cleanup(HMAC_CTX *ctx) {

  95.   EVP_MD_CTX_cleanup(&ctx->i_ctx);

  96.   EVP_MD_CTX_cleanup(&ctx->o_ctx);

  97.   EVP_MD_CTX_cleanup(&ctx->md_ctx);

  98.   OPENSSL_cleanse(ctx, sizeof(ctx));

  99. }

  100. 

  101. int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, size_t key_len,

  102.                  const EVP_MD *md, ENGINE *impl) {

  103.   unsigned i, reset = 0;

  104.   uint8_t pad[HMAC_MAX_MD_CBLOCK];

  105. 

  106.   if (md != NULL) {

  107.     reset = 1;

  108.     ctx->md = md;

  109.   } else {

  110.     md = ctx->md;

  111.   }

  112. 

  113.   if (key != NULL) {

  114.     size_t block_size = EVP_MD_block_size(md);

  115.     reset = 1;

  116.     assert(block_size <= sizeof(ctx->key));

  117.     if (block_size < key_len) {

  118.       if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl) ||

  119.           !EVP_DigestUpdate(&ctx->md_ctx, key, key_len) ||

  120.           !EVP_DigestFinal_ex(&(ctx->md_ctx), ctx->key, &ctx->key_length)) {

  121.         goto err;

  122.       }

  123.     } else {

  124.       assert(key_len >= 0 && key_len <= sizeof(ctx->key));

  125.       memcpy(ctx->key, key, key_len);

  126.       ctx->key_length = key_len;

  127.     }

  128.     if (ctx->key_length != HMAC_MAX_MD_CBLOCK) {

  129.       memset(&ctx->key[ctx->key_length], 0, sizeof(ctx->key) - ctx->key_length);

  130.     }

  131.   }

  132. 

  133.   if (reset) {

  134.     for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++) {

  135.       pad[i] = 0x36 ^ ctx->key[i];

  136.     }

  137.     if (!EVP_DigestInit_ex(&ctx->i_ctx, md, impl) ||

  138.         !EVP_DigestUpdate(&ctx->i_ctx, pad, EVP_MD_block_size(md))) {

  139.       goto err;

  140.     }

  141. 

  142.     for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++) {

  143.       pad[i] = 0x5c ^ ctx->key[i];

  144.     }

  145.     if (!EVP_DigestInit_ex(&ctx->o_ctx, md, impl) ||

  146.         !EVP_DigestUpdate(&ctx->o_ctx, pad, EVP_MD_block_size(md))) {

  147.       goto err;

  148.     }

  149.   }

  150. 

  151.   if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx)) {

  152.     goto err;

  153.   }

  154. 

  155.   return 1;

  156. 

  157. err:

  158.   return 0;

  159. }

  160. 

  161. int HMAC_Update(HMAC_CTX *ctx, const uint8_t *data, size_t data_len) {

  162.   return EVP_DigestUpdate(&ctx->md_ctx, data, data_len);

  163. }

  164. 

  165. int HMAC_Final(HMAC_CTX *ctx, uint8_t *out, unsigned int *out_len) {

  166.   unsigned int i;

  167.   uint8_t buf[EVP_MAX_MD_SIZE];

  168. 

  169.   if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i) ||

  170.       !EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx) ||

  171.       !EVP_DigestUpdate(&ctx->md_ctx, buf, i) ||

  172.       !EVP_DigestFinal_ex(&ctx->md_ctx, out, out_len)) {

  173.     *out_len = 0;

  174.     return 0;

  175.   }

  176. 

  177.   return 1;

  178. }

  179. 

  180. size_t HMAC_size(const HMAC_CTX *ctx) {

  181.   return EVP_MD_size(ctx->md);

  182. }

  183. 

  184. int HMAC_CTX_copy(HMAC_CTX *dest, const HMAC_CTX *src) {

  185.   if (!EVP_MD_CTX_copy(&dest->i_ctx, &src->i_ctx) ||

  186.       !EVP_MD_CTX_copy(&dest->o_ctx, &src->o_ctx) ||

  187.       !EVP_MD_CTX_copy(&dest->md_ctx, &src->md_ctx)) {

  188.     return 0;

  189.   }

  190. 

  191.   memcpy(dest->key, src->key, HMAC_MAX_MD_CBLOCK);

  192.   dest->key_length = src->key_length;

  193.   dest->md = src->md;

  194.   return 1;

  195. }

  196. 

  197. void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags) {

  198.   EVP_MD_CTX_set_flags(&ctx->i_ctx, flags);

  199.   EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);

  200.   EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);

  201. }

  202. 

  203. int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len, const EVP_MD *md) {

  204.   if (key && md) {

  205.     HMAC_CTX_init(ctx);

  206.   }

  207.   return HMAC_Init_ex(ctx, key, key_len, md, NULL);

  208. }