/src/libressl/crypto/hmac/hm_pmeth.c

Source (jump to first uncovered line)
/* $OpenBSD: hm_pmeth.c,v 1.13 2022/03/30 07:17:48 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2007.
 */
/* ====================================================================
 * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    licensing@OpenSSL.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */

#include <stdio.h>
#include <string.h>

#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>

#include "evp_locl.h"
#include "hmac_local.h"

/* HMAC pkey context structure */

typedef struct {
  const EVP_MD *md; /* MD for HMAC use */
  ASN1_OCTET_STRING ktmp; /* Temp storage for key */
  HMAC_CTX ctx;
} HMAC_PKEY_CTX;

static int
pkey_hmac_init(EVP_PKEY_CTX *ctx)
{
  HMAC_PKEY_CTX *hctx;

  if ((hctx = calloc(1, sizeof(HMAC_PKEY_CTX))) == NULL)
    return 0;

  hctx->ktmp.type = V_ASN1_OCTET_STRING;
  HMAC_CTX_init(&hctx->ctx);

  ctx->data = hctx;
  ctx->keygen_info_count = 0;

  return 1;
}

static int
pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
{
  HMAC_PKEY_CTX *sctx, *dctx;

  if (!pkey_hmac_init(dst))
    return 0;
  sctx = src->data;
  dctx = dst->data;
  dctx->md = sctx->md;
  HMAC_CTX_init(&dctx->ctx);
  if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))
    return 0;
  if (sctx->ktmp.data) {
    if (!ASN1_OCTET_STRING_set(&dctx->ktmp, sctx->ktmp.data,
        sctx->ktmp.length))
      return 0;
  }
  return 1;
}

static void
pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)
{
  HMAC_PKEY_CTX *hctx;

  if ((hctx = ctx->data) == NULL)
    return;

  HMAC_CTX_cleanup(&hctx->ctx);
  freezero(hctx->ktmp.data, hctx->ktmp.length);
  free(hctx);
}

static int
pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
{
  ASN1_OCTET_STRING *hkey = NULL;
  HMAC_PKEY_CTX *hctx = ctx->data;

  if (!hctx->ktmp.data)
    return 0;
  hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp);
  if (!hkey)
    return 0;
  EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey);

  return 1;
}

static int
int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
  HMAC_PKEY_CTX *hctx = ctx->pctx->data;

  if (!HMAC_Update(&hctx->ctx, data, count))
    return 0;
  return 1;
}

static int
hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
{
  HMAC_PKEY_CTX *hctx = ctx->data;

  HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT);
  EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
  mctx->update = int_update;
  return 1;
}

static int
hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
    EVP_MD_CTX *mctx)
{
  unsigned int hlen;
  HMAC_PKEY_CTX *hctx = ctx->data;
  int l = EVP_MD_CTX_size(mctx);

  if (l < 0)
    return 0;
  *siglen = l;
  if (!sig)
    return 1;

  if (!HMAC_Final(&hctx->ctx, sig, &hlen))
    return 0;
  *siglen = (size_t)hlen;
  return 1;
}

static int
pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
{
  HMAC_PKEY_CTX *hctx = ctx->data;
  ASN1_OCTET_STRING *key;

  switch (type) {
  case EVP_PKEY_CTRL_SET_MAC_KEY:
    if ((!p2 && p1 > 0) || (p1 < -1))
      return 0;
    if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1))
      return 0;
    break;

  case EVP_PKEY_CTRL_MD:
    hctx->md = p2;
    break;

  case EVP_PKEY_CTRL_DIGESTINIT:
    key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;
    if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,
        ctx->engine))
      return 0;
    break;

  default:
    return -2;
  }
  return 1;
}

static int
pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
{
  if (!value)
    return 0;
  if (!strcmp(type, "key")) {
    void *p = (void *)value;
    return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, -1, p);
  }
  if (!strcmp(type, "hexkey")) {
    unsigned char *key;
    int r;
    long keylen;
    key = string_to_hex(value, &keylen);
    if (!key)
      return 0;
    r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
    free(key);
    return r;
  }
  return -2;
}

const EVP_PKEY_METHOD hmac_pkey_meth = {
  .pkey_id = EVP_PKEY_HMAC,

  .init = pkey_hmac_init,
  .copy = pkey_hmac_copy,
  .cleanup = pkey_hmac_cleanup,

  .keygen = pkey_hmac_keygen,

  .signctx_init = hmac_signctx_init,
  .signctx = hmac_signctx,

  .ctrl = pkey_hmac_ctrl,
  .ctrl_str = pkey_hmac_ctrl_str
};

Coverage Report

Created: 2022-08-24 06:30

Line	Count	Source (jump to first uncovered line)
1		/* $OpenBSD: hm_pmeth.c,v 1.13 2022/03/30 07:17:48 tb Exp $ */
2		/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3		* project 2007.
4		*/
5		/* ====================================================================
6		* Copyright (c) 2007 The OpenSSL Project. All rights reserved.
7		*
8		* Redistribution and use in source and binary forms, with or without
9		* modification, are permitted provided that the following conditions
10		* are met:
11		*
12		* 1. Redistributions of source code must retain the above copyright
13		* notice, this list of conditions and the following disclaimer.
14		*
15		* 2. Redistributions in binary form must reproduce the above copyright
16		* notice, this list of conditions and the following disclaimer in
17		* the documentation and/or other materials provided with the
18		* distribution.
19		*
20		* 3. All advertising materials mentioning features or use of this
21		* software must display the following acknowledgment:
22		* "This product includes software developed by the OpenSSL Project
23		* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24		*
25		* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26		* endorse or promote products derived from this software without
27		* prior written permission. For written permission, please contact
28		* licensing@OpenSSL.org.
29		*
30		* 5. Products derived from this software may not be called "OpenSSL"
31		* nor may "OpenSSL" appear in their names without prior written
32		* permission of the OpenSSL Project.
33		*
34		* 6. Redistributions of any form whatsoever must retain the following
35		* acknowledgment:
36		* "This product includes software developed by the OpenSSL Project
37		* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38		*
39		* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40		* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41		* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42		* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43		* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44		* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45		* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46		* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47		* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48		* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49		* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50		* OF THE POSSIBILITY OF SUCH DAMAGE.
51		* ====================================================================
52		*
53		* This product includes cryptographic software written by Eric Young
54		* (eay@cryptsoft.com). This product includes software written by Tim
55		* Hudson (tjh@cryptsoft.com).
56		*
57		*/
58
59		#include <stdio.h>
60		#include <string.h>
61
62		#include <openssl/evp.h>
63		#include <openssl/hmac.h>
64		#include <openssl/x509.h>
65		#include <openssl/x509v3.h>
66
67		#include "evp_locl.h"
68		#include "hmac_local.h"
69
70		/* HMAC pkey context structure */
71
72		typedef struct {
73		const EVP_MD md; / MD for HMAC use */
74		ASN1_OCTET_STRING ktmp; /* Temp storage for key */
75		HMAC_CTX ctx;
76		} HMAC_PKEY_CTX;
77
78		static int
79		pkey_hmac_init(EVP_PKEY_CTX *ctx)
80	0	{
81	0	HMAC_PKEY_CTX *hctx;
82
83	0	if ((hctx = calloc(1, sizeof(HMAC_PKEY_CTX))) == NULL)
84	0	return 0;
85
86	0	hctx->ktmp.type = V_ASN1_OCTET_STRING;
87	0	HMAC_CTX_init(&hctx->ctx);
88
89	0	ctx->data = hctx;
90	0	ctx->keygen_info_count = 0;
91
92	0	return 1;
93	0	}
94
95		static int
96		pkey_hmac_copy(EVP_PKEY_CTX dst, EVP_PKEY_CTX src)
97	0	{
98	0	HMAC_PKEY_CTX sctx, dctx;
99
100	0	if (!pkey_hmac_init(dst))
101	0	return 0;
102	0	sctx = src->data;
103	0	dctx = dst->data;
104	0	dctx->md = sctx->md;
105	0	HMAC_CTX_init(&dctx->ctx);
106	0	if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))
107	0	return 0;
108	0	if (sctx->ktmp.data) {
109	0	if (!ASN1_OCTET_STRING_set(&dctx->ktmp, sctx->ktmp.data,
110	0	sctx->ktmp.length))
111	0	return 0;
112	0	}
113	0	return 1;
114	0	}
115
116		static void
117		pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)
118	0	{
119	0	HMAC_PKEY_CTX *hctx;
120
121	0	if ((hctx = ctx->data) == NULL)
122	0	return;
123
124	0	HMAC_CTX_cleanup(&hctx->ctx);
125	0	freezero(hctx->ktmp.data, hctx->ktmp.length);
126	0	free(hctx);
127	0	}
128
129		static int
130		pkey_hmac_keygen(EVP_PKEY_CTX ctx, EVP_PKEY pkey)
131	0	{
132	0	ASN1_OCTET_STRING *hkey = NULL;
133	0	HMAC_PKEY_CTX *hctx = ctx->data;
134
135	0	if (!hctx->ktmp.data)
136	0	return 0;
137	0	hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp);
138	0	if (!hkey)
139	0	return 0;
140	0	EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey);
141
142	0	return 1;
143	0	}
144
145		static int
146		int_update(EVP_MD_CTX ctx, const void data, size_t count)
147	0	{
148	0	HMAC_PKEY_CTX *hctx = ctx->pctx->data;
149
150	0	if (!HMAC_Update(&hctx->ctx, data, count))
151	0	return 0;
152	0	return 1;
153	0	}
154
155		static int
156		hmac_signctx_init(EVP_PKEY_CTX ctx, EVP_MD_CTX mctx)
157	0	{
158	0	HMAC_PKEY_CTX *hctx = ctx->data;
159
160	0	HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT);
161	0	EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
162	0	mctx->update = int_update;
163	0	return 1;
164	0	}
165
166		static int
167		hmac_signctx(EVP_PKEY_CTX ctx, unsigned char sig, size_t *siglen,
168		EVP_MD_CTX *mctx)
169	0	{
170	0	unsigned int hlen;
171	0	HMAC_PKEY_CTX *hctx = ctx->data;
172	0	int l = EVP_MD_CTX_size(mctx);
173
174	0	if (l < 0)
175	0	return 0;
176	0	*siglen = l;
177	0	if (!sig)
178	0	return 1;
179
180	0	if (!HMAC_Final(&hctx->ctx, sig, &hlen))
181	0	return 0;
182	0	*siglen = (size_t)hlen;
183	0	return 1;
184	0	}
185
186		static int
187		pkey_hmac_ctrl(EVP_PKEY_CTX ctx, int type, int p1, void p2)
188	0	{
189	0	HMAC_PKEY_CTX *hctx = ctx->data;
190	0	ASN1_OCTET_STRING *key;
191
192	0	switch (type) {
193	0	case EVP_PKEY_CTRL_SET_MAC_KEY:
194	0	if ((!p2 && p1 > 0) \|\| (p1 < -1))
195	0	return 0;
196	0	if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1))
197	0	return 0;
198	0	break;
199
200	0	case EVP_PKEY_CTRL_MD:
201	0	hctx->md = p2;
202	0	break;
203
204	0	case EVP_PKEY_CTRL_DIGESTINIT:
205	0	key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;
206	0	if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,
207	0	ctx->engine))
208	0	return 0;
209	0	break;
210
211	0	default:
212	0	return -2;
213	0	}
214	0	return 1;
215	0	}
216
217		static int
218		pkey_hmac_ctrl_str(EVP_PKEY_CTX ctx, const char type, const char *value)
219	0	{
220	0	if (!value)
221	0	return 0;
222	0	if (!strcmp(type, "key")) {
223	0	void p = (void )value;
224	0	return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, -1, p);
225	0	}
226	0	if (!strcmp(type, "hexkey")) {
227	0	unsigned char *key;
228	0	int r;
229	0	long keylen;
230	0	key = string_to_hex(value, &keylen);
231	0	if (!key)
232	0	return 0;
233	0	r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
234	0	free(key);
235	0	return r;
236	0	}
237	0	return -2;
238	0	}
239
240		const EVP_PKEY_METHOD hmac_pkey_meth = {
241		.pkey_id = EVP_PKEY_HMAC,
242
243		.init = pkey_hmac_init,
244		.copy = pkey_hmac_copy,
245		.cleanup = pkey_hmac_cleanup,
246
247		.keygen = pkey_hmac_keygen,
248
249		.signctx_init = hmac_signctx_init,
250		.signctx = hmac_signctx,
251
252		.ctrl = pkey_hmac_ctrl,
253		.ctrl_str = pkey_hmac_ctrl_str
254		};