summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/hmac/hm_pmeth.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/hmac/hm_pmeth.c')
-rw-r--r--src/lib/libcrypto/hmac/hm_pmeth.c127
1 files changed, 66 insertions, 61 deletions
diff --git a/src/lib/libcrypto/hmac/hm_pmeth.c b/src/lib/libcrypto/hmac/hm_pmeth.c
index e7a550b30c..c1ada08a48 100644
--- a/src/lib/libcrypto/hmac/hm_pmeth.c
+++ b/src/lib/libcrypto/hmac/hm_pmeth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: hm_pmeth.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */ 1/* $OpenBSD: hm_pmeth.c,v 1.5 2014/06/21 12:00:01 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2007. 3 * project 2007.
4 */ 4 */
@@ -66,16 +66,17 @@
66 66
67/* HMAC pkey context structure */ 67/* HMAC pkey context structure */
68 68
69typedef struct 69typedef struct {
70 {
71 const EVP_MD *md; /* MD for HMAC use */ 70 const EVP_MD *md; /* MD for HMAC use */
72 ASN1_OCTET_STRING ktmp; /* Temp storage for key */ 71 ASN1_OCTET_STRING ktmp; /* Temp storage for key */
73 HMAC_CTX ctx; 72 HMAC_CTX ctx;
74 } HMAC_PKEY_CTX; 73} HMAC_PKEY_CTX;
75 74
76static int pkey_hmac_init(EVP_PKEY_CTX *ctx) 75static int
77 { 76pkey_hmac_init(EVP_PKEY_CTX *ctx)
77{
78 HMAC_PKEY_CTX *hctx; 78 HMAC_PKEY_CTX *hctx;
79
79 hctx = malloc(sizeof(HMAC_PKEY_CTX)); 80 hctx = malloc(sizeof(HMAC_PKEY_CTX));
80 if (!hctx) 81 if (!hctx)
81 return 0; 82 return 0;
@@ -90,11 +91,13 @@ static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
90 ctx->keygen_info_count = 0; 91 ctx->keygen_info_count = 0;
91 92
92 return 1; 93 return 1;
93 } 94}
94 95
95static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) 96static int
96 { 97pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
98{
97 HMAC_PKEY_CTX *sctx, *dctx; 99 HMAC_PKEY_CTX *sctx, *dctx;
100
98 if (!pkey_hmac_init(dst)) 101 if (!pkey_hmac_init(dst))
99 return 0; 102 return 0;
100 sctx = src->data; 103 sctx = src->data;
@@ -103,33 +106,35 @@ static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
103 HMAC_CTX_init(&dctx->ctx); 106 HMAC_CTX_init(&dctx->ctx);
104 if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx)) 107 if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))
105 return 0; 108 return 0;
106 if (sctx->ktmp.data) 109 if (sctx->ktmp.data) {
107 { 110 if (!ASN1_OCTET_STRING_set(&dctx->ktmp, sctx->ktmp.data,
108 if (!ASN1_OCTET_STRING_set(&dctx->ktmp, 111 sctx->ktmp.length))
109 sctx->ktmp.data, sctx->ktmp.length))
110 return 0; 112 return 0;
111 }
112 return 1;
113 } 113 }
114 return 1;
115}
114 116
115static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx) 117static void
116 { 118pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)
119{
117 HMAC_PKEY_CTX *hctx = ctx->data; 120 HMAC_PKEY_CTX *hctx = ctx->data;
121
118 HMAC_CTX_cleanup(&hctx->ctx); 122 HMAC_CTX_cleanup(&hctx->ctx);
119 if (hctx->ktmp.data) 123 if (hctx->ktmp.data) {
120 {
121 if (hctx->ktmp.length) 124 if (hctx->ktmp.length)
122 OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length); 125 OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length);
123 free(hctx->ktmp.data); 126 free(hctx->ktmp.data);
124 hctx->ktmp.data = NULL; 127 hctx->ktmp.data = NULL;
125 }
126 free(hctx);
127 } 128 }
129 free(hctx);
130}
128 131
129static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) 132static int
130 { 133pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
134{
131 ASN1_OCTET_STRING *hkey = NULL; 135 ASN1_OCTET_STRING *hkey = NULL;
132 HMAC_PKEY_CTX *hctx = ctx->data; 136 HMAC_PKEY_CTX *hctx = ctx->data;
137
133 if (!hctx->ktmp.data) 138 if (!hctx->ktmp.data)
134 return 0; 139 return 0;
135 hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp); 140 hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp);
@@ -138,28 +143,33 @@ static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
138 EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey); 143 EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey);
139 144
140 return 1; 145 return 1;
141 } 146}
142 147
143static int int_update(EVP_MD_CTX *ctx,const void *data,size_t count) 148static int
144 { 149int_update(EVP_MD_CTX *ctx,const void *data,size_t count)
150{
145 HMAC_PKEY_CTX *hctx = ctx->pctx->data; 151 HMAC_PKEY_CTX *hctx = ctx->pctx->data;
152
146 if (!HMAC_Update(&hctx->ctx, data, count)) 153 if (!HMAC_Update(&hctx->ctx, data, count))
147 return 0; 154 return 0;
148 return 1; 155 return 1;
149 } 156}
150 157
151static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) 158static int
152 { 159hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
160{
153 HMAC_PKEY_CTX *hctx = ctx->data; 161 HMAC_PKEY_CTX *hctx = ctx->data;
162
154 HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT); 163 HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT);
155 EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); 164 EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
156 mctx->update = int_update; 165 mctx->update = int_update;
157 return 1; 166 return 1;
158 } 167}
159 168
160static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, 169static int
161 EVP_MD_CTX *mctx) 170hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
162 { 171 EVP_MD_CTX *mctx)
172{
163 unsigned int hlen; 173 unsigned int hlen;
164 HMAC_PKEY_CTX *hctx = ctx->data; 174 HMAC_PKEY_CTX *hctx = ctx->data;
165 int l = EVP_MD_CTX_size(mctx); 175 int l = EVP_MD_CTX_size(mctx);
@@ -174,55 +184,49 @@ static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
174 return 0; 184 return 0;
175 *siglen = (size_t)hlen; 185 *siglen = (size_t)hlen;
176 return 1; 186 return 1;
177 } 187}
178 188
179static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) 189static int
180 { 190pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
191{
181 HMAC_PKEY_CTX *hctx = ctx->data; 192 HMAC_PKEY_CTX *hctx = ctx->data;
182 ASN1_OCTET_STRING *key; 193 ASN1_OCTET_STRING *key;
183 switch (type)
184 {
185 194
186 case EVP_PKEY_CTRL_SET_MAC_KEY: 195 switch (type) {
196 case EVP_PKEY_CTRL_SET_MAC_KEY:
187 if ((!p2 && p1 > 0) || (p1 < -1)) 197 if ((!p2 && p1 > 0) || (p1 < -1))
188 return 0; 198 return 0;
189 if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1)) 199 if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1))
190 return 0; 200 return 0;
191 break; 201 break;
192 202
193 case EVP_PKEY_CTRL_MD: 203 case EVP_PKEY_CTRL_MD:
194 hctx->md = p2; 204 hctx->md = p2;
195 break; 205 break;
196 206
197 case EVP_PKEY_CTRL_DIGESTINIT: 207 case EVP_PKEY_CTRL_DIGESTINIT:
198 key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr; 208 key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;
199 if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md, 209 if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,
200 ctx->engine)) 210 ctx->engine))
201 return 0; 211 return 0;
202 break; 212 break;
203 213
204 default: 214 default:
205 return -2; 215 return -2;
206
207 }
208 return 1;
209 } 216 }
217 return 1;
218}
210 219
211static int pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx, 220static int
212 const char *type, const char *value) 221pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
213 { 222{
214 if (!value) 223 if (!value)
215 {
216 return 0; 224 return 0;
217 } 225 if (!strcmp(type, "key")) {
218 if (!strcmp(type, "key"))
219 {
220 void *p = (void *)value; 226 void *p = (void *)value;
221 return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, 227 return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, -1, p);
222 -1, p); 228 }
223 } 229 if (!strcmp(type, "hexkey")) {
224 if (!strcmp(type, "hexkey"))
225 {
226 unsigned char *key; 230 unsigned char *key;
227 int r; 231 int r;
228 long keylen; 232 long keylen;
@@ -232,11 +236,12 @@ static int pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx,
232 r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key); 236 r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
233 free(key); 237 free(key);
234 return r; 238 return r;
235 }
236 return -2;
237 } 239 }
240 return -2;
241}
238 242
239const EVP_PKEY_METHOD hmac_pkey_meth = { 243const EVP_PKEY_METHOD
244hmac_pkey_meth = {
240 .pkey_id = EVP_PKEY_HMAC, 245 .pkey_id = EVP_PKEY_HMAC,
241 246
242 .init = pkey_hmac_init, 247 .init = pkey_hmac_init,