]>
git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/hmac/hmac.c
17cc58717b9f9492e155e2148d2051fe4891db97
2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
13 #include "internal/cryptlib.h"
14 #include <openssl/hmac.h>
15 #include <openssl/opensslconf.h>
16 #include "hmac_local.h"
18 int HMAC_Init_ex(HMAC_CTX
*ctx
, const void *key
, int len
,
19 const EVP_MD
*md
, ENGINE
*impl
)
23 unsigned char pad
[HMAC_MAX_MD_CBLOCK_SIZE
];
25 /* If we are changing MD then we must have a key */
26 if (md
!= NULL
&& md
!= ctx
->md
&& (key
== NULL
|| len
< 0))
39 * The HMAC construction is not allowed to be used with the
40 * extendable-output functions (XOF) shake128 and shake256.
42 if ((EVP_MD_flags(md
) & EVP_MD_FLAG_XOF
) != 0)
47 j
= EVP_MD_block_size(md
);
48 if (!ossl_assert(j
<= (int)sizeof(ctx
->key
)))
51 if (!EVP_DigestInit_ex(ctx
->md_ctx
, md
, impl
)
52 || !EVP_DigestUpdate(ctx
->md_ctx
, key
, len
)
53 || !EVP_DigestFinal_ex(ctx
->md_ctx
, ctx
->key
,
57 if (len
< 0 || len
> (int)sizeof(ctx
->key
))
59 memcpy(ctx
->key
, key
, len
);
60 ctx
->key_length
= len
;
62 if (ctx
->key_length
!= HMAC_MAX_MD_CBLOCK_SIZE
)
63 memset(&ctx
->key
[ctx
->key_length
], 0,
64 HMAC_MAX_MD_CBLOCK_SIZE
- ctx
->key_length
);
68 for (i
= 0; i
< HMAC_MAX_MD_CBLOCK_SIZE
; i
++)
69 pad
[i
] = 0x36 ^ ctx
->key
[i
];
70 if (!EVP_DigestInit_ex(ctx
->i_ctx
, md
, impl
)
71 || !EVP_DigestUpdate(ctx
->i_ctx
, pad
, EVP_MD_block_size(md
)))
74 for (i
= 0; i
< HMAC_MAX_MD_CBLOCK_SIZE
; i
++)
75 pad
[i
] = 0x5c ^ ctx
->key
[i
];
76 if (!EVP_DigestInit_ex(ctx
->o_ctx
, md
, impl
)
77 || !EVP_DigestUpdate(ctx
->o_ctx
, pad
, EVP_MD_block_size(md
)))
80 if (!EVP_MD_CTX_copy_ex(ctx
->md_ctx
, ctx
->i_ctx
))
85 OPENSSL_cleanse(pad
, sizeof(pad
));
89 #if !OPENSSL_API_1_1_0
90 int HMAC_Init(HMAC_CTX
*ctx
, const void *key
, int len
, const EVP_MD
*md
)
94 return HMAC_Init_ex(ctx
, key
, len
, md
, NULL
);
98 int HMAC_Update(HMAC_CTX
*ctx
, const unsigned char *data
, size_t len
)
102 return EVP_DigestUpdate(ctx
->md_ctx
, data
, len
);
105 int HMAC_Final(HMAC_CTX
*ctx
, unsigned char *md
, unsigned int *len
)
108 unsigned char buf
[EVP_MAX_MD_SIZE
];
113 if (!EVP_DigestFinal_ex(ctx
->md_ctx
, buf
, &i
))
115 if (!EVP_MD_CTX_copy_ex(ctx
->md_ctx
, ctx
->o_ctx
))
117 if (!EVP_DigestUpdate(ctx
->md_ctx
, buf
, i
))
119 if (!EVP_DigestFinal_ex(ctx
->md_ctx
, md
, len
))
126 size_t HMAC_size(const HMAC_CTX
*ctx
)
128 int size
= EVP_MD_size((ctx
)->md
);
130 return (size
< 0) ? 0 : size
;
133 HMAC_CTX
*HMAC_CTX_new(void)
135 HMAC_CTX
*ctx
= OPENSSL_zalloc(sizeof(HMAC_CTX
));
138 if (!HMAC_CTX_reset(ctx
)) {
146 static void hmac_ctx_cleanup(HMAC_CTX
*ctx
)
148 EVP_MD_CTX_reset(ctx
->i_ctx
);
149 EVP_MD_CTX_reset(ctx
->o_ctx
);
150 EVP_MD_CTX_reset(ctx
->md_ctx
);
153 OPENSSL_cleanse(ctx
->key
, sizeof(ctx
->key
));
156 void HMAC_CTX_free(HMAC_CTX
*ctx
)
159 hmac_ctx_cleanup(ctx
);
160 EVP_MD_CTX_free(ctx
->i_ctx
);
161 EVP_MD_CTX_free(ctx
->o_ctx
);
162 EVP_MD_CTX_free(ctx
->md_ctx
);
167 static int hmac_ctx_alloc_mds(HMAC_CTX
*ctx
)
169 if (ctx
->i_ctx
== NULL
)
170 ctx
->i_ctx
= EVP_MD_CTX_new();
171 if (ctx
->i_ctx
== NULL
)
173 if (ctx
->o_ctx
== NULL
)
174 ctx
->o_ctx
= EVP_MD_CTX_new();
175 if (ctx
->o_ctx
== NULL
)
177 if (ctx
->md_ctx
== NULL
)
178 ctx
->md_ctx
= EVP_MD_CTX_new();
179 if (ctx
->md_ctx
== NULL
)
184 int HMAC_CTX_reset(HMAC_CTX
*ctx
)
186 hmac_ctx_cleanup(ctx
);
187 if (!hmac_ctx_alloc_mds(ctx
)) {
188 hmac_ctx_cleanup(ctx
);
194 int HMAC_CTX_copy(HMAC_CTX
*dctx
, HMAC_CTX
*sctx
)
196 if (!hmac_ctx_alloc_mds(dctx
))
198 if (!EVP_MD_CTX_copy_ex(dctx
->i_ctx
, sctx
->i_ctx
))
200 if (!EVP_MD_CTX_copy_ex(dctx
->o_ctx
, sctx
->o_ctx
))
202 if (!EVP_MD_CTX_copy_ex(dctx
->md_ctx
, sctx
->md_ctx
))
204 memcpy(dctx
->key
, sctx
->key
, HMAC_MAX_MD_CBLOCK_SIZE
);
205 dctx
->key_length
= sctx
->key_length
;
209 hmac_ctx_cleanup(dctx
);
213 unsigned char *HMAC(const EVP_MD
*evp_md
, const void *key
, int key_len
,
214 const unsigned char *d
, size_t n
, unsigned char *md
,
215 unsigned int *md_len
)
218 static unsigned char m
[EVP_MAX_MD_SIZE
];
219 static const unsigned char dummy_key
[1] = {'\0'};
223 if ((c
= HMAC_CTX_new()) == NULL
)
226 /* For HMAC_Init_ex, NULL key signals reuse. */
227 if (key
== NULL
&& key_len
== 0) {
231 if (!HMAC_Init_ex(c
, key
, key_len
, evp_md
, NULL
))
233 if (!HMAC_Update(c
, d
, n
))
235 if (!HMAC_Final(c
, md
, md_len
))
244 void HMAC_CTX_set_flags(HMAC_CTX
*ctx
, unsigned long flags
)
246 EVP_MD_CTX_set_flags(ctx
->i_ctx
, flags
);
247 EVP_MD_CTX_set_flags(ctx
->o_ctx
, flags
);
248 EVP_MD_CTX_set_flags(ctx
->md_ctx
, flags
);
251 const EVP_MD
*HMAC_CTX_get_md(const HMAC_CTX
*ctx
)