/proc/self/cwd/external/curl/lib/hmac.c

Source (jump to first uncovered line)
/***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at https://curl.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 * SPDX-License-Identifier: curl
 *
 * RFC2104 Keyed-Hashing for Message Authentication
 *
 ***************************************************************************/

#include "curl_setup.h"

#if (defined(USE_CURL_NTLM_CORE) && !defined(USE_WINDOWS_SSPI))         \
  || !defined(CURL_DISABLE_AWS) || !defined(CURL_DISABLE_DIGEST_AUTH)

#include <curl/curl.h>

#include "curl_hmac.h"
#include "curl_memory.h"
#include "warnless.h"

/* The last #include file should be: */
#include "memdebug.h"

/*
 * Generic HMAC algorithm.
 *
 *   This module computes HMAC digests based on any hash function. Parameters
 * and computing procedures are set-up dynamically at HMAC computation context
 * initialization.
 */

static const unsigned char hmac_ipad = 0x36;
static const unsigned char hmac_opad = 0x5C;



struct HMAC_context *
Curl_HMAC_init(const struct HMAC_params *hashparams,
               const unsigned char *key,
               unsigned int keylen)
{
  size_t i;
  struct HMAC_context *ctxt;
  unsigned char *hkey;
  unsigned char b;

  /* Create HMAC context. */
  i = sizeof(*ctxt) + 2 * hashparams->hmac_ctxtsize +
    hashparams->hmac_resultlen;
  ctxt = malloc(i);

  if(!ctxt)
    return ctxt;

  ctxt->hmac_hash = hashparams;
  ctxt->hmac_hashctxt1 = (void *) (ctxt + 1);
  ctxt->hmac_hashctxt2 = (void *) ((char *) ctxt->hmac_hashctxt1 +
      hashparams->hmac_ctxtsize);

  /* If the key is too long, replace it by its hash digest. */
  if(keylen > hashparams->hmac_maxkeylen) {
    (*hashparams->hmac_hinit)(ctxt->hmac_hashctxt1);
    (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt1, key, keylen);
    hkey = (unsigned char *) ctxt->hmac_hashctxt2 + hashparams->hmac_ctxtsize;
    (*hashparams->hmac_hfinal)(hkey, ctxt->hmac_hashctxt1);
    key = hkey;
    keylen = hashparams->hmac_resultlen;
  }

  /* Prime the two hash contexts with the modified key. */
  (*hashparams->hmac_hinit)(ctxt->hmac_hashctxt1);
  (*hashparams->hmac_hinit)(ctxt->hmac_hashctxt2);

  for(i = 0; i < keylen; i++) {
    b = (unsigned char)(*key ^ hmac_ipad);
    (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt1, &b, 1);
    b = (unsigned char)(*key++ ^ hmac_opad);
    (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt2, &b, 1);
  }

  for(; i < hashparams->hmac_maxkeylen; i++) {
    (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt1, &hmac_ipad, 1);
    (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt2, &hmac_opad, 1);
  }

  /* Done, return pointer to HMAC context. */
  return ctxt;
}

int Curl_HMAC_update(struct HMAC_context *ctxt,
                     const unsigned char *data,
                     unsigned int len)
{
  /* Update first hash calculation. */
  (*ctxt->hmac_hash->hmac_hupdate)(ctxt->hmac_hashctxt1, data, len);
  return 0;
}


int Curl_HMAC_final(struct HMAC_context *ctxt, unsigned char *result)
{
  const struct HMAC_params *hashparams = ctxt->hmac_hash;

  /* Do not get result if called with a null parameter: only release
     storage. */

  if(!result)
    result = (unsigned char *) ctxt->hmac_hashctxt2 +
     ctxt->hmac_hash->hmac_ctxtsize;

  (*hashparams->hmac_hfinal)(result, ctxt->hmac_hashctxt1);
  (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt2,
   result, hashparams->hmac_resultlen);
  (*hashparams->hmac_hfinal)(result, ctxt->hmac_hashctxt2);
  free((char *) ctxt);
  return 0;
}

/*
 * Curl_hmacit()
 *
 * This is used to generate a HMAC hash, for the specified input data, given
 * the specified hash function and key.
 *
 * Parameters:
 *
 * hashparams [in]     - The hash function (Curl_HMAC_MD5).
 * key        [in]     - The key to use.
 * keylen     [in]     - The length of the key.
 * data       [in]     - The data to encrypt.
 * datalen    [in]     - The length of the data.
 * output     [in/out] - The output buffer.
 *
 * Returns CURLE_OK on success.
 */
CURLcode Curl_hmacit(const struct HMAC_params *hashparams,
                     const unsigned char *key, const size_t keylen,
                     const unsigned char *data, const size_t datalen,
                     unsigned char *output)
{
  struct HMAC_context *ctxt =
    Curl_HMAC_init(hashparams, key, curlx_uztoui(keylen));

  if(!ctxt)
    return CURLE_OUT_OF_MEMORY;

  /* Update the digest with the given challenge */
  Curl_HMAC_update(ctxt, data, curlx_uztoui(datalen));

  /* Finalise the digest */
  Curl_HMAC_final(ctxt, output);

  return CURLE_OK;
}

#endif /* Using NTLM (without SSPI) or AWS */

Line	Count	Source (jump to first uncovered line)
1		/***************************************************************************
2		* _ _ ____ _
3		* Project ___\| \| \| \| _ \\| \|
4		* / __\| \| \| \| \|_) \| \|
5		* \| (__\| \|_\| \| _ <\| \|___
6		* \___\|\___/\|_\| \_\_____\|
7		*
8		* Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
9		*
10		* This software is licensed as described in the file COPYING, which
11		* you should have received as part of this distribution. The terms
12		* are also available at https://curl.se/docs/copyright.html.
13		*
14		* You may opt to use, copy, modify, merge, publish, distribute and/or sell
15		* copies of the Software, and permit persons to whom the Software is
16		* furnished to do so, under the terms of the COPYING file.
17		*
18		* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19		* KIND, either express or implied.
20		*
21		* SPDX-License-Identifier: curl
22		*
23		* RFC2104 Keyed-Hashing for Message Authentication
24		*
25		***************************************************************************/
26
27		#include "curl_setup.h"
28
29		#if (defined(USE_CURL_NTLM_CORE) && !defined(USE_WINDOWS_SSPI)) \
30		\|\| !defined(CURL_DISABLE_AWS) \|\| !defined(CURL_DISABLE_DIGEST_AUTH)
31
32		#include <curl/curl.h>
33
34		#include "curl_hmac.h"
35		#include "curl_memory.h"
36		#include "warnless.h"
37
38		/* The last #include file should be: */
39		#include "memdebug.h"
40
41		/*
42		* Generic HMAC algorithm.
43		*
44		* This module computes HMAC digests based on any hash function. Parameters
45		* and computing procedures are set-up dynamically at HMAC computation context
46		* initialization.
47		*/
48
49		static const unsigned char hmac_ipad = 0x36;
50		static const unsigned char hmac_opad = 0x5C;
51
52
53
54		struct HMAC_context *
55		Curl_HMAC_init(const struct HMAC_params *hashparams,
56		const unsigned char *key,
57		unsigned int keylen)
58	0	{
59	0	size_t i;
60	0	struct HMAC_context *ctxt;
61	0	unsigned char *hkey;
62	0	unsigned char b;
63
64		/* Create HMAC context. */
65	0	i = sizeof(ctxt) + 2 hashparams->hmac_ctxtsize +
66	0	hashparams->hmac_resultlen;
67	0	ctxt = malloc(i);
68
69	0	if(!ctxt)
70	0	return ctxt;
71
72	0	ctxt->hmac_hash = hashparams;
73	0	ctxt->hmac_hashctxt1 = (void *) (ctxt + 1);
74	0	ctxt->hmac_hashctxt2 = (void ) ((char ) ctxt->hmac_hashctxt1 +
75	0	hashparams->hmac_ctxtsize);
76
77		/* If the key is too long, replace it by its hash digest. */
78	0	if(keylen > hashparams->hmac_maxkeylen) {
79	0	(*hashparams->hmac_hinit)(ctxt->hmac_hashctxt1);
80	0	(*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt1, key, keylen);
81	0	hkey = (unsigned char *) ctxt->hmac_hashctxt2 + hashparams->hmac_ctxtsize;
82	0	(*hashparams->hmac_hfinal)(hkey, ctxt->hmac_hashctxt1);
83	0	key = hkey;
84	0	keylen = hashparams->hmac_resultlen;
85	0	}
86
87		/* Prime the two hash contexts with the modified key. */
88	0	(*hashparams->hmac_hinit)(ctxt->hmac_hashctxt1);
89	0	(*hashparams->hmac_hinit)(ctxt->hmac_hashctxt2);
90
91	0	for(i = 0; i < keylen; i++) {
92	0	b = (unsigned char)(*key ^ hmac_ipad);
93	0	(*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt1, &b, 1);
94	0	b = (unsigned char)(*key++ ^ hmac_opad);
95	0	(*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt2, &b, 1);
96	0	}
97
98	0	for(; i < hashparams->hmac_maxkeylen; i++) {
99	0	(*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt1, &hmac_ipad, 1);
100	0	(*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt2, &hmac_opad, 1);
101	0	}
102
103		/* Done, return pointer to HMAC context. */
104	0	return ctxt;
105	0	}
106
107		int Curl_HMAC_update(struct HMAC_context *ctxt,
108		const unsigned char *data,
109		unsigned int len)
110	0	{
111		/* Update first hash calculation. */
112	0	(*ctxt->hmac_hash->hmac_hupdate)(ctxt->hmac_hashctxt1, data, len);
113	0	return 0;
114	0	}
115
116
117		int Curl_HMAC_final(struct HMAC_context ctxt, unsigned char result)
118	0	{
119	0	const struct HMAC_params *hashparams = ctxt->hmac_hash;
120
121		/* Do not get result if called with a null parameter: only release
122		storage. */
123
124	0	if(!result)
125	0	result = (unsigned char *) ctxt->hmac_hashctxt2 +
126	0	ctxt->hmac_hash->hmac_ctxtsize;
127
128	0	(*hashparams->hmac_hfinal)(result, ctxt->hmac_hashctxt1);
129	0	(*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt2,
130	0	result, hashparams->hmac_resultlen);
131	0	(*hashparams->hmac_hfinal)(result, ctxt->hmac_hashctxt2);
132	0	free((char *) ctxt);
133	0	return 0;
134	0	}
135
136		/*
137		* Curl_hmacit()
138		*
139		* This is used to generate a HMAC hash, for the specified input data, given
140		* the specified hash function and key.
141		*
142		* Parameters:
143		*
144		* hashparams [in] - The hash function (Curl_HMAC_MD5).
145		* key [in] - The key to use.
146		* keylen [in] - The length of the key.
147		* data [in] - The data to encrypt.
148		* datalen [in] - The length of the data.
149		* output [in/out] - The output buffer.
150		*
151		* Returns CURLE_OK on success.
152		*/
153		CURLcode Curl_hmacit(const struct HMAC_params *hashparams,
154		const unsigned char *key, const size_t keylen,
155		const unsigned char *data, const size_t datalen,
156		unsigned char *output)
157	0	{
158	0	struct HMAC_context *ctxt =
159	0	Curl_HMAC_init(hashparams, key, curlx_uztoui(keylen));
160
161	0	if(!ctxt)
162	0	return CURLE_OUT_OF_MEMORY;
163
164		/* Update the digest with the given challenge */
165	0	Curl_HMAC_update(ctxt, data, curlx_uztoui(datalen));
166
167		/* Finalise the digest */
168	0	Curl_HMAC_final(ctxt, output);
169
170	0	return CURLE_OK;
171	0	}
172
173		#endif /* Using NTLM (without SSPI) or AWS */

Coverage Report

Created: 2024-05-04 12:45