1 /* 2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <string.h> 13 #include "internal/cryptlib.h" 14 #include <openssl/hmac.h> 15 #include <openssl/opensslconf.h> 16 #include "hmac_lcl.h" 17 18 int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, 19 const EVP_MD *md, ENGINE *impl) 20 { 21 int i, j, reset = 0; 22 unsigned char pad[HMAC_MAX_MD_CBLOCK]; 23 24 /* If we are changing MD then we must have a key */ 25 if (md != NULL && md != ctx->md && (key == NULL || len < 0)) 26 return 0; 27 28 if (md != NULL) { 29 reset = 1; 30 ctx->md = md; 31 } else if (ctx->md) { 32 md = ctx->md; 33 } else { 34 return 0; 35 } 36 37 if (key != NULL) { 38 reset = 1; 39 j = EVP_MD_block_size(md); 40 OPENSSL_assert(j <= (int)sizeof(ctx->key)); 41 if (j < len) { 42 if (!EVP_DigestInit_ex(ctx->md_ctx, md, impl)) 43 goto err; 44 if (!EVP_DigestUpdate(ctx->md_ctx, key, len)) 45 goto err; 46 if (!EVP_DigestFinal_ex(ctx->md_ctx, ctx->key, 47 &ctx->key_length)) 48 goto err; 49 } else { 50 if (len < 0 || len > (int)sizeof(ctx->key)) 51 return 0; 52 memcpy(ctx->key, key, len); 53 ctx->key_length = len; 54 } 55 if (ctx->key_length != HMAC_MAX_MD_CBLOCK) 56 memset(&ctx->key[ctx->key_length], 0, 57 HMAC_MAX_MD_CBLOCK - ctx->key_length); 58 } 59 60 if (reset) { 61 for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++) 62 pad[i] = 0x36 ^ ctx->key[i]; 63 if (!EVP_DigestInit_ex(ctx->i_ctx, md, impl)) 64 goto err; 65 if (!EVP_DigestUpdate(ctx->i_ctx, pad, EVP_MD_block_size(md))) 66 goto err; 67 68 for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++) 69 pad[i] = 0x5c ^ ctx->key[i]; 70 if (!EVP_DigestInit_ex(ctx->o_ctx, md, impl)) 71 goto err; 72 if (!EVP_DigestUpdate(ctx->o_ctx, pad, EVP_MD_block_size(md))) 73 goto err; 74 } 75 if (!EVP_MD_CTX_copy_ex(ctx->md_ctx, ctx->i_ctx)) 76 goto err; 77 return 1; 78 err: 79 return 0; 80 } 81 82 #if OPENSSL_API_COMPAT < 0x10100000L 83 int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md) 84 { 85 if (key && md) 86 HMAC_CTX_reset(ctx); 87 return HMAC_Init_ex(ctx, key, len, md, NULL); 88 } 89 #endif 90 91 int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len) 92 { 93 if (!ctx->md) 94 return 0; 95 return EVP_DigestUpdate(ctx->md_ctx, data, len); 96 } 97 98 int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) 99 { 100 unsigned int i; 101 unsigned char buf[EVP_MAX_MD_SIZE]; 102 103 if (!ctx->md) 104 goto err; 105 106 if (!EVP_DigestFinal_ex(ctx->md_ctx, buf, &i)) 107 goto err; 108 if (!EVP_MD_CTX_copy_ex(ctx->md_ctx, ctx->o_ctx)) 109 goto err; 110 if (!EVP_DigestUpdate(ctx->md_ctx, buf, i)) 111 goto err; 112 if (!EVP_DigestFinal_ex(ctx->md_ctx, md, len)) 113 goto err; 114 return 1; 115 err: 116 return 0; 117 } 118 119 size_t HMAC_size(const HMAC_CTX *ctx) 120 { 121 return EVP_MD_size((ctx)->md); 122 } 123 124 HMAC_CTX *HMAC_CTX_new(void) 125 { 126 HMAC_CTX *ctx = OPENSSL_zalloc(sizeof(HMAC_CTX)); 127 128 if (ctx != NULL) { 129 if (!HMAC_CTX_reset(ctx)) { 130 HMAC_CTX_free(ctx); 131 return NULL; 132 } 133 } 134 return ctx; 135 } 136 137 static void hmac_ctx_cleanup(HMAC_CTX *ctx) 138 { 139 EVP_MD_CTX_reset(ctx->i_ctx); 140 EVP_MD_CTX_reset(ctx->o_ctx); 141 EVP_MD_CTX_reset(ctx->md_ctx); 142 ctx->md = NULL; 143 ctx->key_length = 0; 144 OPENSSL_cleanse(ctx->key, sizeof(ctx->key)); 145 } 146 147 void HMAC_CTX_free(HMAC_CTX *ctx) 148 { 149 if (ctx != NULL) { 150 hmac_ctx_cleanup(ctx); 151 EVP_MD_CTX_free(ctx->i_ctx); 152 EVP_MD_CTX_free(ctx->o_ctx); 153 EVP_MD_CTX_free(ctx->md_ctx); 154 OPENSSL_free(ctx); 155 } 156 } 157 158 int HMAC_CTX_reset(HMAC_CTX *ctx) 159 { 160 hmac_ctx_cleanup(ctx); 161 if (ctx->i_ctx == NULL) 162 ctx->i_ctx = EVP_MD_CTX_new(); 163 if (ctx->i_ctx == NULL) 164 goto err; 165 if (ctx->o_ctx == NULL) 166 ctx->o_ctx = EVP_MD_CTX_new(); 167 if (ctx->o_ctx == NULL) 168 goto err; 169 if (ctx->md_ctx == NULL) 170 ctx->md_ctx = EVP_MD_CTX_new(); 171 if (ctx->md_ctx == NULL) 172 goto err; 173 ctx->md = NULL; 174 return 1; 175 err: 176 hmac_ctx_cleanup(ctx); 177 return 0; 178 } 179 180 int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx) 181 { 182 if (!HMAC_CTX_reset(dctx)) 183 goto err; 184 if (!EVP_MD_CTX_copy_ex(dctx->i_ctx, sctx->i_ctx)) 185 goto err; 186 if (!EVP_MD_CTX_copy_ex(dctx->o_ctx, sctx->o_ctx)) 187 goto err; 188 if (!EVP_MD_CTX_copy_ex(dctx->md_ctx, sctx->md_ctx)) 189 goto err; 190 memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK); 191 dctx->key_length = sctx->key_length; 192 dctx->md = sctx->md; 193 return 1; 194 err: 195 hmac_ctx_cleanup(dctx); 196 return 0; 197 } 198 199 unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, 200 const unsigned char *d, size_t n, unsigned char *md, 201 unsigned int *md_len) 202 { 203 HMAC_CTX *c = NULL; 204 static unsigned char m[EVP_MAX_MD_SIZE]; 205 static const unsigned char dummy_key[1] = {'\0'}; 206 207 if (md == NULL) 208 md = m; 209 if ((c = HMAC_CTX_new()) == NULL) 210 goto err; 211 212 /* For HMAC_Init_ex, NULL key signals reuse. */ 213 if (key == NULL && key_len == 0) { 214 key = dummy_key; 215 } 216 217 if (!HMAC_Init_ex(c, key, key_len, evp_md, NULL)) 218 goto err; 219 if (!HMAC_Update(c, d, n)) 220 goto err; 221 if (!HMAC_Final(c, md, md_len)) 222 goto err; 223 HMAC_CTX_free(c); 224 return md; 225 err: 226 HMAC_CTX_free(c); 227 return NULL; 228 } 229 230 void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags) 231 { 232 EVP_MD_CTX_set_flags(ctx->i_ctx, flags); 233 EVP_MD_CTX_set_flags(ctx->o_ctx, flags); 234 EVP_MD_CTX_set_flags(ctx->md_ctx, flags); 235 } 236 237 const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx) 238 { 239 return ctx->md; 240 } 241