hm_pmeth.c revision ee7afb3c942c4eefef6ed06201eafaf8ec58e2e3 
1/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
2 * project 2007.
3 */
4/* ====================================================================
5 * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 *    notice, this list of conditions and the following disclaimer.
13 *
14 * 2. Redistributions in binary form must reproduce the above copyright
15 *    notice, this list of conditions and the following disclaimer in
16 *    the documentation and/or other materials provided with the
17 *    distribution.
18 *
19 * 3. All advertising materials mentioning features or use of this
20 *    software must display the following acknowledgment:
21 *    "This product includes software developed by the OpenSSL Project
22 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
23 *
24 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
25 *    endorse or promote products derived from this software without
26 *    prior written permission. For written permission, please contact
27 *    licensing@OpenSSL.org.
28 *
29 * 5. Products derived from this software may not be called "OpenSSL"
30 *    nor may "OpenSSL" appear in their names without prior written
31 *    permission of the OpenSSL Project.
32 *
33 * 6. Redistributions of any form whatsoever must retain the following
34 *    acknowledgment:
35 *    "This product includes software developed by the OpenSSL Project
36 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
37 *
38 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
39 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
40 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
41 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
42 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
43 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
44 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
45 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
46 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
47 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
48 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49 * OF THE POSSIBILITY OF SUCH DAMAGE.
50 * ====================================================================
51 *
52 * This product includes cryptographic software written by Eric Young
53 * (eay@cryptsoft.com).  This product includes software written by Tim
54 * Hudson (tjh@cryptsoft.com).
55 *
56 */
57
58#include <stdio.h>
59#include "cryptlib.h"
60#include <openssl/x509.h>
61#include <openssl/x509v3.h>
62#include <openssl/evp.h>
63#include <openssl/hmac.h>
64#include "evp_locl.h"
65
66/* HMAC pkey context structure */
67
68typedef struct
69	{
70	const EVP_MD *md;	/* MD for HMAC use */
71	ASN1_OCTET_STRING ktmp; /* Temp storage for key */
72	HMAC_CTX ctx;
73	} HMAC_PKEY_CTX;
74
75static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
76	{
77	HMAC_PKEY_CTX *hctx;
78	hctx = OPENSSL_malloc(sizeof(HMAC_PKEY_CTX));
79	if (!hctx)
80		return 0;
81	hctx->md = NULL;
82	hctx->ktmp.data = NULL;
83	hctx->ktmp.length = 0;
84	hctx->ktmp.flags = 0;
85	hctx->ktmp.type = V_ASN1_OCTET_STRING;
86	HMAC_CTX_init(&hctx->ctx);
87
88	ctx->data = hctx;
89	ctx->keygen_info_count = 0;
90
91	return 1;
92	}
93
94static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
95	{
96	HMAC_PKEY_CTX *sctx, *dctx;
97	if (!pkey_hmac_init(dst))
98		return 0;
99       	sctx = src->data;
100	dctx = dst->data;
101	dctx->md = sctx->md;
102	HMAC_CTX_init(&dctx->ctx);
103	HMAC_CTX_copy(&dctx->ctx, &sctx->ctx);
104	if (sctx->ktmp.data)
105		{
106		if (!ASN1_OCTET_STRING_set(&dctx->ktmp,
107					sctx->ktmp.data, sctx->ktmp.length))
108			return 0;
109		}
110	return 1;
111	}
112
113static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)
114	{
115	HMAC_PKEY_CTX *hctx = ctx->data;
116	HMAC_CTX_cleanup(&hctx->ctx);
117	if (hctx->ktmp.data)
118		{
119		if (hctx->ktmp.length)
120			OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length);
121		OPENSSL_free(hctx->ktmp.data);
122		hctx->ktmp.data = NULL;
123		}
124	OPENSSL_free(hctx);
125	}
126
127static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
128	{
129	ASN1_OCTET_STRING *hkey = NULL;
130	HMAC_PKEY_CTX *hctx = ctx->data;
131	if (!hctx->ktmp.data)
132		return 0;
133	hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp);
134	if (!hkey)
135		return 0;
136	EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey);
137
138	return 1;
139	}
140
141static int int_update(EVP_MD_CTX *ctx,const void *data,size_t count)
142	{
143	HMAC_PKEY_CTX *hctx = ctx->pctx->data;
144	HMAC_Update(&hctx->ctx, data, count);
145	return 1;
146	}
147
148static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
149	{
150	HMAC_PKEY_CTX *hctx = ctx->data;
151	HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT);
152	EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
153	mctx->update = int_update;
154	return 1;
155	}
156
157static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
158					EVP_MD_CTX *mctx)
159	{
160	unsigned int hlen;
161	HMAC_PKEY_CTX *hctx = ctx->data;
162	int l = EVP_MD_CTX_size(mctx);
163
164	if (l < 0)
165		return 0;
166	*siglen = l;
167	if (!sig)
168		return 1;
169
170	HMAC_Final(&hctx->ctx, sig, &hlen);
171	*siglen = (size_t)hlen;
172	return 1;
173	}
174
175static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
176	{
177	HMAC_PKEY_CTX *hctx = ctx->data;
178	ASN1_OCTET_STRING *key;
179	switch (type)
180		{
181
182		case EVP_PKEY_CTRL_SET_MAC_KEY:
183		if ((!p2 && p1 > 0) || (p1 < -1))
184			return 0;
185		if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1))
186			return 0;
187		break;
188
189		case EVP_PKEY_CTRL_MD:
190		hctx->md = p2;
191		break;
192
193		case EVP_PKEY_CTRL_DIGESTINIT:
194		key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;
195		HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,
196				ctx->engine);
197		break;
198
199		default:
200		return -2;
201
202		}
203	return 1;
204	}
205
206static int pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx,
207			const char *type, const char *value)
208	{
209	if (!value)
210		{
211		return 0;
212		}
213	if (!strcmp(type, "key"))
214		{
215		void *p = (void *)value;
216		return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
217				-1, p);
218		}
219	if (!strcmp(type, "hexkey"))
220		{
221		unsigned char *key;
222		int r;
223		long keylen;
224		key = string_to_hex(value, &keylen);
225		if (!key)
226			return 0;
227		r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
228		OPENSSL_free(key);
229		return r;
230		}
231	return -2;
232	}
233
234const EVP_PKEY_METHOD hmac_pkey_meth =
235	{
236	EVP_PKEY_HMAC,
237	0,
238	pkey_hmac_init,
239	pkey_hmac_copy,
240	pkey_hmac_cleanup,
241
242	0, 0,
243
244	0,
245	pkey_hmac_keygen,
246
247	0, 0,
248
249	0, 0,
250
251	0,0,
252
253	hmac_signctx_init,
254	hmac_signctx,
255
256	0,0,
257
258	0,0,
259
260	0,0,
261
262	0,0,
263
264	pkey_hmac_ctrl,
265	pkey_hmac_ctrl_str
266
267	};
268