diff options
Diffstat (limited to 'src/lib/libcrypto/hmac/hm_pmeth.c')
-rw-r--r-- | src/lib/libcrypto/hmac/hm_pmeth.c | 127 |
1 files changed, 66 insertions, 61 deletions
diff --git a/src/lib/libcrypto/hmac/hm_pmeth.c b/src/lib/libcrypto/hmac/hm_pmeth.c index e7a550b30c..c1ada08a48 100644 --- a/src/lib/libcrypto/hmac/hm_pmeth.c +++ b/src/lib/libcrypto/hmac/hm_pmeth.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: hm_pmeth.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */ | 1 | /* $OpenBSD: hm_pmeth.c,v 1.5 2014/06/21 12:00:01 miod Exp $ */ |
2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 | * project 2007. | 3 | * project 2007. |
4 | */ | 4 | */ |
@@ -66,16 +66,17 @@ | |||
66 | 66 | ||
67 | /* HMAC pkey context structure */ | 67 | /* HMAC pkey context structure */ |
68 | 68 | ||
69 | typedef struct | 69 | typedef struct { |
70 | { | ||
71 | const EVP_MD *md; /* MD for HMAC use */ | 70 | const EVP_MD *md; /* MD for HMAC use */ |
72 | ASN1_OCTET_STRING ktmp; /* Temp storage for key */ | 71 | ASN1_OCTET_STRING ktmp; /* Temp storage for key */ |
73 | HMAC_CTX ctx; | 72 | HMAC_CTX ctx; |
74 | } HMAC_PKEY_CTX; | 73 | } HMAC_PKEY_CTX; |
75 | 74 | ||
76 | static int pkey_hmac_init(EVP_PKEY_CTX *ctx) | 75 | static int |
77 | { | 76 | pkey_hmac_init(EVP_PKEY_CTX *ctx) |
77 | { | ||
78 | HMAC_PKEY_CTX *hctx; | 78 | HMAC_PKEY_CTX *hctx; |
79 | |||
79 | hctx = malloc(sizeof(HMAC_PKEY_CTX)); | 80 | hctx = malloc(sizeof(HMAC_PKEY_CTX)); |
80 | if (!hctx) | 81 | if (!hctx) |
81 | return 0; | 82 | return 0; |
@@ -90,11 +91,13 @@ static int pkey_hmac_init(EVP_PKEY_CTX *ctx) | |||
90 | ctx->keygen_info_count = 0; | 91 | ctx->keygen_info_count = 0; |
91 | 92 | ||
92 | return 1; | 93 | return 1; |
93 | } | 94 | } |
94 | 95 | ||
95 | static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) | 96 | static int |
96 | { | 97 | pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) |
98 | { | ||
97 | HMAC_PKEY_CTX *sctx, *dctx; | 99 | HMAC_PKEY_CTX *sctx, *dctx; |
100 | |||
98 | if (!pkey_hmac_init(dst)) | 101 | if (!pkey_hmac_init(dst)) |
99 | return 0; | 102 | return 0; |
100 | sctx = src->data; | 103 | sctx = src->data; |
@@ -103,33 +106,35 @@ static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) | |||
103 | HMAC_CTX_init(&dctx->ctx); | 106 | HMAC_CTX_init(&dctx->ctx); |
104 | if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx)) | 107 | if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx)) |
105 | return 0; | 108 | return 0; |
106 | if (sctx->ktmp.data) | 109 | if (sctx->ktmp.data) { |
107 | { | 110 | if (!ASN1_OCTET_STRING_set(&dctx->ktmp, sctx->ktmp.data, |
108 | if (!ASN1_OCTET_STRING_set(&dctx->ktmp, | 111 | sctx->ktmp.length)) |
109 | sctx->ktmp.data, sctx->ktmp.length)) | ||
110 | return 0; | 112 | return 0; |
111 | } | ||
112 | return 1; | ||
113 | } | 113 | } |
114 | return 1; | ||
115 | } | ||
114 | 116 | ||
115 | static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx) | 117 | static void |
116 | { | 118 | pkey_hmac_cleanup(EVP_PKEY_CTX *ctx) |
119 | { | ||
117 | HMAC_PKEY_CTX *hctx = ctx->data; | 120 | HMAC_PKEY_CTX *hctx = ctx->data; |
121 | |||
118 | HMAC_CTX_cleanup(&hctx->ctx); | 122 | HMAC_CTX_cleanup(&hctx->ctx); |
119 | if (hctx->ktmp.data) | 123 | if (hctx->ktmp.data) { |
120 | { | ||
121 | if (hctx->ktmp.length) | 124 | if (hctx->ktmp.length) |
122 | OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length); | 125 | OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length); |
123 | free(hctx->ktmp.data); | 126 | free(hctx->ktmp.data); |
124 | hctx->ktmp.data = NULL; | 127 | hctx->ktmp.data = NULL; |
125 | } | ||
126 | free(hctx); | ||
127 | } | 128 | } |
129 | free(hctx); | ||
130 | } | ||
128 | 131 | ||
129 | static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) | 132 | static int |
130 | { | 133 | pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) |
134 | { | ||
131 | ASN1_OCTET_STRING *hkey = NULL; | 135 | ASN1_OCTET_STRING *hkey = NULL; |
132 | HMAC_PKEY_CTX *hctx = ctx->data; | 136 | HMAC_PKEY_CTX *hctx = ctx->data; |
137 | |||
133 | if (!hctx->ktmp.data) | 138 | if (!hctx->ktmp.data) |
134 | return 0; | 139 | return 0; |
135 | hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp); | 140 | hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp); |
@@ -138,28 +143,33 @@ static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) | |||
138 | EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey); | 143 | EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey); |
139 | 144 | ||
140 | return 1; | 145 | return 1; |
141 | } | 146 | } |
142 | 147 | ||
143 | static int int_update(EVP_MD_CTX *ctx,const void *data,size_t count) | 148 | static int |
144 | { | 149 | int_update(EVP_MD_CTX *ctx,const void *data,size_t count) |
150 | { | ||
145 | HMAC_PKEY_CTX *hctx = ctx->pctx->data; | 151 | HMAC_PKEY_CTX *hctx = ctx->pctx->data; |
152 | |||
146 | if (!HMAC_Update(&hctx->ctx, data, count)) | 153 | if (!HMAC_Update(&hctx->ctx, data, count)) |
147 | return 0; | 154 | return 0; |
148 | return 1; | 155 | return 1; |
149 | } | 156 | } |
150 | 157 | ||
151 | static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) | 158 | static int |
152 | { | 159 | hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) |
160 | { | ||
153 | HMAC_PKEY_CTX *hctx = ctx->data; | 161 | HMAC_PKEY_CTX *hctx = ctx->data; |
162 | |||
154 | HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT); | 163 | HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT); |
155 | EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); | 164 | EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); |
156 | mctx->update = int_update; | 165 | mctx->update = int_update; |
157 | return 1; | 166 | return 1; |
158 | } | 167 | } |
159 | 168 | ||
160 | static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, | 169 | static int |
161 | EVP_MD_CTX *mctx) | 170 | hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, |
162 | { | 171 | EVP_MD_CTX *mctx) |
172 | { | ||
163 | unsigned int hlen; | 173 | unsigned int hlen; |
164 | HMAC_PKEY_CTX *hctx = ctx->data; | 174 | HMAC_PKEY_CTX *hctx = ctx->data; |
165 | int l = EVP_MD_CTX_size(mctx); | 175 | int l = EVP_MD_CTX_size(mctx); |
@@ -174,55 +184,49 @@ static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, | |||
174 | return 0; | 184 | return 0; |
175 | *siglen = (size_t)hlen; | 185 | *siglen = (size_t)hlen; |
176 | return 1; | 186 | return 1; |
177 | } | 187 | } |
178 | 188 | ||
179 | static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) | 189 | static int |
180 | { | 190 | pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) |
191 | { | ||
181 | HMAC_PKEY_CTX *hctx = ctx->data; | 192 | HMAC_PKEY_CTX *hctx = ctx->data; |
182 | ASN1_OCTET_STRING *key; | 193 | ASN1_OCTET_STRING *key; |
183 | switch (type) | ||
184 | { | ||
185 | 194 | ||
186 | case EVP_PKEY_CTRL_SET_MAC_KEY: | 195 | switch (type) { |
196 | case EVP_PKEY_CTRL_SET_MAC_KEY: | ||
187 | if ((!p2 && p1 > 0) || (p1 < -1)) | 197 | if ((!p2 && p1 > 0) || (p1 < -1)) |
188 | return 0; | 198 | return 0; |
189 | if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1)) | 199 | if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1)) |
190 | return 0; | 200 | return 0; |
191 | break; | 201 | break; |
192 | 202 | ||
193 | case EVP_PKEY_CTRL_MD: | 203 | case EVP_PKEY_CTRL_MD: |
194 | hctx->md = p2; | 204 | hctx->md = p2; |
195 | break; | 205 | break; |
196 | 206 | ||
197 | case EVP_PKEY_CTRL_DIGESTINIT: | 207 | case EVP_PKEY_CTRL_DIGESTINIT: |
198 | key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr; | 208 | key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr; |
199 | if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md, | 209 | if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md, |
200 | ctx->engine)) | 210 | ctx->engine)) |
201 | return 0; | 211 | return 0; |
202 | break; | 212 | break; |
203 | 213 | ||
204 | default: | 214 | default: |
205 | return -2; | 215 | return -2; |
206 | |||
207 | } | ||
208 | return 1; | ||
209 | } | 216 | } |
217 | return 1; | ||
218 | } | ||
210 | 219 | ||
211 | static int pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx, | 220 | static int |
212 | const char *type, const char *value) | 221 | pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) |
213 | { | 222 | { |
214 | if (!value) | 223 | if (!value) |
215 | { | ||
216 | return 0; | 224 | return 0; |
217 | } | 225 | if (!strcmp(type, "key")) { |
218 | if (!strcmp(type, "key")) | ||
219 | { | ||
220 | void *p = (void *)value; | 226 | void *p = (void *)value; |
221 | return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, | 227 | return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, -1, p); |
222 | -1, p); | 228 | } |
223 | } | 229 | if (!strcmp(type, "hexkey")) { |
224 | if (!strcmp(type, "hexkey")) | ||
225 | { | ||
226 | unsigned char *key; | 230 | unsigned char *key; |
227 | int r; | 231 | int r; |
228 | long keylen; | 232 | long keylen; |
@@ -232,11 +236,12 @@ static int pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx, | |||
232 | r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key); | 236 | r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key); |
233 | free(key); | 237 | free(key); |
234 | return r; | 238 | return r; |
235 | } | ||
236 | return -2; | ||
237 | } | 239 | } |
240 | return -2; | ||
241 | } | ||
238 | 242 | ||
239 | const EVP_PKEY_METHOD hmac_pkey_meth = { | 243 | const EVP_PKEY_METHOD |
244 | hmac_pkey_meth = { | ||
240 | .pkey_id = EVP_PKEY_HMAC, | 245 | .pkey_id = EVP_PKEY_HMAC, |
241 | 246 | ||
242 | .init = pkey_hmac_init, | 247 | .init = pkey_hmac_init, |