]>
Commit | Line | Data |
---|---|---|
c8ef656d DSH |
1 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
2 | * project 2010. | |
3 | */ | |
4 | /* ==================================================================== | |
5 | * Copyright (c) 2010 The OpenSSL Project. All rights reserved. | |
6 | * | |
7 | * Redistribution and use in source and binary forms, with or without | |
8 | * modification, are permitted provided that the following conditions | |
9 | * are met: | |
10 | * | |
11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | |
13 | * | |
14 | * 2. Redistributions in binary form must reproduce the above copyright | |
15 | * notice, this list of conditions and the following disclaimer in | |
16 | * the documentation and/or other materials provided with the | |
17 | * distribution. | |
18 | * | |
19 | * 3. All advertising materials mentioning features or use of this | |
20 | * software must display the following acknowledgment: | |
21 | * "This product includes software developed by the OpenSSL Project | |
22 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
23 | * | |
24 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
25 | * endorse or promote products derived from this software without | |
26 | * prior written permission. For written permission, please contact | |
27 | * licensing@OpenSSL.org. | |
28 | * | |
29 | * 5. Products derived from this software may not be called "OpenSSL" | |
30 | * nor may "OpenSSL" appear in their names without prior written | |
31 | * permission of the OpenSSL Project. | |
32 | * | |
33 | * 6. Redistributions of any form whatsoever must retain the following | |
34 | * acknowledgment: | |
35 | * "This product includes software developed by the OpenSSL Project | |
36 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
37 | * | |
38 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
39 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
40 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
41 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
42 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
43 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
44 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
45 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
46 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
47 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
48 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
49 | * OF THE POSSIBILITY OF SUCH DAMAGE. | |
50 | * ==================================================================== | |
c8ef656d DSH |
51 | */ |
52 | ||
53 | #include <stdio.h> | |
54 | #include "cryptlib.h" | |
55 | #include <openssl/x509.h> | |
56 | #include <openssl/x509v3.h> | |
57 | #include <openssl/evp.h> | |
58 | #include <openssl/cmac.h> | |
59 | #include "evp_locl.h" | |
60 | ||
61 | /* The context structure and "key" is simply a CMAC_CTX */ | |
62 | ||
63 | static int pkey_cmac_init(EVP_PKEY_CTX *ctx) | |
64 | { | |
65 | ctx->data = CMAC_CTX_new(); | |
66 | if (!ctx->data) | |
67 | return 0; | |
68 | ctx->keygen_info_count = 0; | |
69 | return 1; | |
70 | } | |
71 | ||
72 | static int pkey_cmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) | |
73 | { | |
74 | if (!pkey_cmac_init(dst)) | |
75 | return 0; | |
76 | if (!CMAC_CTX_copy(dst->data, src->data)) | |
77 | return 0; | |
78 | return 1; | |
79 | } | |
80 | ||
81 | static void pkey_cmac_cleanup(EVP_PKEY_CTX *ctx) | |
82 | { | |
83 | CMAC_CTX_free(ctx->data); | |
84 | } | |
85 | ||
86 | static int pkey_cmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) | |
87 | { | |
88 | CMAC_CTX *cmkey = CMAC_CTX_new(); | |
89 | CMAC_CTX *cmctx = ctx->data; | |
90 | if (!cmkey) | |
91 | return 0; | |
92 | if (!CMAC_CTX_copy(cmkey, cmctx)) | |
93 | { | |
94 | CMAC_CTX_free(cmkey); | |
95 | return 0; | |
96 | } | |
97 | EVP_PKEY_assign(pkey, EVP_PKEY_CMAC, cmkey); | |
98 | ||
99 | return 1; | |
100 | } | |
101 | ||
102 | static int int_update(EVP_MD_CTX *ctx,const void *data,size_t count) | |
103 | { | |
104 | if (!CMAC_Update(ctx->pctx->data, data, count)) | |
105 | return 0; | |
106 | return 1; | |
107 | } | |
108 | ||
109 | static int cmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) | |
110 | { | |
111 | EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); | |
112 | mctx->update = int_update; | |
113 | return 1; | |
114 | } | |
115 | ||
116 | static int cmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, | |
117 | EVP_MD_CTX *mctx) | |
118 | { | |
119 | return CMAC_Final(ctx->data, sig, siglen); | |
120 | } | |
121 | ||
122 | static int pkey_cmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) | |
123 | { | |
124 | CMAC_CTX *cmctx = ctx->data; | |
125 | switch (type) | |
126 | { | |
127 | ||
128 | case EVP_PKEY_CTRL_SET_MAC_KEY: | |
129 | if (!p2 || p1 < 0) | |
130 | return 0; | |
131 | if (!CMAC_Init(cmctx, p2, p1, NULL, NULL)) | |
132 | return 0; | |
133 | break; | |
134 | ||
135 | case EVP_PKEY_CTRL_CIPHER: | |
e3e31ff4 | 136 | if (!CMAC_Init(cmctx, NULL, 0, p2, ctx->engine)) |
c8ef656d DSH |
137 | return 0; |
138 | break; | |
139 | ||
140 | case EVP_PKEY_CTRL_MD: | |
141 | if (ctx->pkey && !CMAC_CTX_copy(ctx->data, | |
142 | (CMAC_CTX *)ctx->pkey->pkey.ptr)) | |
143 | return 0; | |
144 | if (!CMAC_Init(cmctx, NULL, 0, NULL, NULL)) | |
145 | return 0; | |
146 | break; | |
147 | ||
148 | default: | |
149 | return -2; | |
150 | ||
151 | } | |
152 | return 1; | |
153 | } | |
154 | ||
155 | static int pkey_cmac_ctrl_str(EVP_PKEY_CTX *ctx, | |
156 | const char *type, const char *value) | |
157 | { | |
158 | if (!value) | |
159 | { | |
160 | return 0; | |
161 | } | |
162 | if (!strcmp(type, "key")) | |
163 | { | |
164 | void *p = (void *)value; | |
165 | return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, | |
166 | strlen(p), p); | |
167 | } | |
168 | if (!strcmp(type, "cipher")) | |
169 | { | |
170 | const EVP_CIPHER *c; | |
171 | c = EVP_get_cipherbyname(value); | |
172 | if (!c) | |
173 | return 0; | |
174 | return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_CIPHER, -1, (void *)c); | |
175 | } | |
176 | if (!strcmp(type, "hexkey")) | |
177 | { | |
178 | unsigned char *key; | |
179 | int r; | |
180 | long keylen; | |
181 | key = string_to_hex(value, &keylen); | |
182 | if (!key) | |
183 | return 0; | |
184 | r = pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key); | |
185 | OPENSSL_free(key); | |
186 | return r; | |
187 | } | |
188 | return -2; | |
189 | } | |
190 | ||
191 | const EVP_PKEY_METHOD cmac_pkey_meth = | |
192 | { | |
193 | EVP_PKEY_CMAC, | |
194 | EVP_PKEY_FLAG_SIGCTX_CUSTOM, | |
195 | pkey_cmac_init, | |
196 | pkey_cmac_copy, | |
197 | pkey_cmac_cleanup, | |
198 | ||
199 | 0, 0, | |
200 | ||
201 | 0, | |
202 | pkey_cmac_keygen, | |
203 | ||
204 | 0, 0, | |
205 | ||
206 | 0, 0, | |
207 | ||
208 | 0,0, | |
209 | ||
210 | cmac_signctx_init, | |
211 | cmac_signctx, | |
212 | ||
213 | 0,0, | |
214 | ||
215 | 0,0, | |
216 | ||
217 | 0,0, | |
218 | ||
219 | 0,0, | |
220 | ||
221 | pkey_cmac_ctrl, | |
222 | pkey_cmac_ctrl_str | |
223 | ||
224 | }; |