lib/libcrypto/cmac/cm_pmeth.c

   1 /* $OpenBSD: cm_pmeth.c,v 1.8 2014/07/11 08:44:48 jsing Exp $ */
   2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
   3  * project 2010.
   4  */
   5 /* ====================================================================
   6  * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted provided that the following conditions
  10  * are met:
  11  *
  12  * 1. Redistributions of source code must retain the above copyright
  13  *    notice, this list of conditions and the following disclaimer.
  14  *
  15  * 2. Redistributions in binary form must reproduce the above copyright
  16  *    notice, this list of conditions and the following disclaimer in
  17  *    the documentation and/or other materials provided with the
  18  *    distribution.
  19  *
  20  * 3. All advertising materials mentioning features or use of this
  21  *    software must display the following acknowledgment:
  22  *    "This product includes software developed by the OpenSSL Project
  23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  24  *
  25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26  *    endorse or promote products derived from this software without
  27  *    prior written permission. For written permission, please contact
  28  *    licensing@OpenSSL.org.
  29  *
  30  * 5. Products derived from this software may not be called "OpenSSL"
  31  *    nor may "OpenSSL" appear in their names without prior written
  32  *    permission of the OpenSSL Project.
  33  *
  34  * 6. Redistributions of any form whatsoever must retain the following
  35  *    acknowledgment:
  36  *    "This product includes software developed by the OpenSSL Project
  37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  38  *
  39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50  * OF THE POSSIBILITY OF SUCH DAMAGE.
  51  * ====================================================================
  52  */
  53
  54 #include <stdio.h>
  55 #include <string.h>
  56
  57 #include <openssl/cmac.h>
  58 #include <openssl/evp.h>
  59 #include <openssl/x509.h>
  60 #include <openssl/x509v3.h>
  61
  62 #include "evp_locl.h"
  63
  64 /* The context structure and "key" is simply a CMAC_CTX */
  65
  66 static int
  67 pkey_cmac_init(EVP_PKEY_CTX *ctx)
  68 {
  69         ctx->data = CMAC_CTX_new();
  70         if (!ctx->data)
  71                 return 0;
  72         ctx->keygen_info_count = 0;
  73         return 1;
  74 }
  75
  76 static int
  77 pkey_cmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
  78 {
  79         if (!pkey_cmac_init(dst))
  80                 return 0;
  81         if (!CMAC_CTX_copy(dst->data, src->data))
  82                 return 0;
  83         return 1;
  84 }
  85
  86 static void
  87 pkey_cmac_cleanup(EVP_PKEY_CTX *ctx)
  88 {
  89         CMAC_CTX_free(ctx->data);
  90 }
  91
  92 static int
  93 pkey_cmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
  94 {
  95         CMAC_CTX *cmkey = CMAC_CTX_new();
  96         CMAC_CTX *cmctx = ctx->data;
  97
  98         if (!cmkey)
  99                 return 0;
 100         if (!CMAC_CTX_copy(cmkey, cmctx)) {
 101                 CMAC_CTX_free(cmkey);
 102                 return 0;
 103         }
 104         EVP_PKEY_assign(pkey, EVP_PKEY_CMAC, cmkey);
 105
 106         return 1;
 107 }
 108
 109 static int
 110 int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
 111 {
 112         if (!CMAC_Update(ctx->pctx->data, data, count))
 113                 return 0;
 114         return 1;
 115 }
 116
 117 static int
 118 cmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
 119 {
 120         EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
 121         mctx->update = int_update;
 122         return 1;
 123 }
 124
 125 static int
 126 cmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
 127     EVP_MD_CTX *mctx)
 128 {
 129         return CMAC_Final(ctx->data, sig, siglen);
 130 }
 131
 132 static int
 133 pkey_cmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 134 {
 135         CMAC_CTX *cmctx = ctx->data;
 136
 137         switch (type) {
 138         case EVP_PKEY_CTRL_SET_MAC_KEY:
 139                 if (!p2 || p1 < 0)
 140                         return 0;
 141                 if (!CMAC_Init(cmctx, p2, p1, NULL, NULL))
 142                         return 0;
 143                 break;
 144
 145         case EVP_PKEY_CTRL_CIPHER:
 146                 if (!CMAC_Init(cmctx, NULL, 0, p2, ctx->engine))
 147                         return 0;
 148                 break;
 149
 150         case EVP_PKEY_CTRL_MD:
 151                 if (ctx->pkey && !CMAC_CTX_copy(ctx->data,
 152                     (CMAC_CTX *)ctx->pkey->pkey.ptr))
 153                         return 0;
 154                 if (!CMAC_Init(cmctx, NULL, 0, NULL, NULL))
 155                         return 0;
 156                 break;
 157
 158         default:
 159                 return -2;
 160         }
 161         return 1;
 162 }
 163
 164 static int
 165 pkey_cmac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
 166 {
 167         if (!value)
 168                 return 0;
 169         if (!strcmp(type, "key")) {
 170                 void *p = (void *)value;
 171                 return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
 172                     strlen(p), p);
 173         }
 174         if (!strcmp(type, "cipher")) {
 175                 const EVP_CIPHER *c;
 176
 177                 c = EVP_get_cipherbyname(value);
 178                 if (!c)
 179                         return 0;
 180                 return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_CIPHER, -1, (void *)c);
 181         }
 182         if (!strcmp(type, "hexkey")) {
 183                 unsigned char *key;
 184                 int r;
 185                 long keylen;
 186
 187                 key = string_to_hex(value, &keylen);
 188                 if (!key)
 189                         return 0;
 190                 r = pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
 191                 free(key);
 192                 return r;
 193         }
 194
 195         return -2;
 196 }
 197
 198 const EVP_PKEY_METHOD cmac_pkey_meth = {
 199         .pkey_id = EVP_PKEY_CMAC,
 200         .flags = EVP_PKEY_FLAG_SIGCTX_CUSTOM,
 201
 202         .init = pkey_cmac_init,
 203         .copy = pkey_cmac_copy,
 204         .cleanup = pkey_cmac_cleanup,
 205
 206         .keygen = pkey_cmac_keygen,
 207
 208         .signctx_init = cmac_signctx_init,
 209         .signctx = cmac_signctx,
 210
 211         .ctrl = pkey_cmac_ctrl,
 212         .ctrl_str = pkey_cmac_ctrl_str
 213 };