HMACCTX hmac_init(const void *key, int len, int type) { HMACCTX ctx = NULL; ctx = malloc(sizeof(*ctx)); if (ctx == NULL) { return NULL; } #ifndef OLD_CRYPTO HMAC_CTX_init(ctx); // openssl 0.9.7 requires it. #endif switch(type) { case HMAC_SHA1: HMAC_Init(ctx, key, len, EVP_sha1()); break; case HMAC_MD5: HMAC_Init(ctx, key, len, EVP_md5()); break; default: SAFE_FREE(ctx); ctx = NULL; } return ctx; }
int sftp_mac_set_read_key(pool *p, const EVP_MD *hash, const BIGNUM *k, const char *h, uint32_t hlen) { const unsigned char *id = NULL; char *buf, *ptr; uint32_t buflen, bufsz, id_len; char letter; size_t blocksz; struct sftp_mac *mac; HMAC_CTX *mac_ctx; switch_read_mac(); mac = &(read_macs[read_mac_idx]); mac_ctx = &(read_ctxs[read_mac_idx]); bufsz = buflen = 1024; ptr = buf = sftp_msg_getbuf(p, bufsz); /* Need to use SSH2-style format of K for the key. */ sftp_msg_write_mpint(&buf, &buflen, k); id_len = sftp_session_get_id(&id); /* HASH(K || H || "E" || session_id) */ letter = 'E'; set_mac_key(mac, hash, ptr, (bufsz - buflen), h, hlen, &letter, id, id_len); #if OPENSSL_VERSION_NUMBER > 0x000907000L HMAC_CTX_init(mac_ctx); # if OPENSSL_VERSION_NUMBER >= 0x10000001L if (HMAC_Init_ex(mac_ctx, mac->key, mac->key_len, mac->digest, NULL) != 1) { pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION, "error initializing HMAC: %s", sftp_crypto_get_errors()); errno = EPERM; return -1; } # else HMAC_Init_ex(mac_ctx, mac->key, mac->key_len, mac->digest, NULL); # endif /* OpenSSL-1.0.0 and later */ #else /* Reset the HMAC context. */ HMAC_Init(mac_ctx, NULL, 0, NULL); HMAC_Init(mac_ctx, mac->key, mac->key_len, mac->digest); #endif if (mac->mac_len == 0) { blocksz = EVP_MD_size(mac->digest); } else { blocksz = mac->mac_len; } pr_memscrub(ptr, bufsz); sftp_mac_set_block_size(blocksz); return 0; }
void isc_hmacmd5_init(isc_hmacmd5_t *ctx, const unsigned char *key, unsigned int len) { #ifdef HMAC_RETURN_INT RUNTIME_CHECK(HMAC_Init(ctx, (const void *) key, (int) len, EVP_md5()) == 1); #else HMAC_Init(ctx, (const void *) key, (int) len, EVP_md5()); #endif }
int HDW_generate_master_node(uint8_t *seed, size_t seed_len, HDW_XKEY_NET net, HDW_xkey_t *key) { int res; HMAC_CTX hmac_ctx; res = HMAC_Init(&hmac_ctx, BIP32_SPEC_DEFAULT_KEY, (int) strlen(BIP32_SPEC_DEFAULT_KEY), EVP_sha512()); if (!res) { fprintf(stderr, "Could not HMAC_Init\n"); return res; } res = HMAC_Update(&hmac_ctx, seed, seed_len); if (!res) { fprintf(stderr, "Could not HMAC_Update\n"); goto cleanup_hmac_context; } uint8_t master_digest[SHA512_DIGEST_LENGTH]; uint32_t digest_len; res = HMAC_Final(&hmac_ctx, master_digest, &digest_len); if (digest_len != SHA512_DIGEST_LENGTH) { // Oh ho, we might have smashed the stack :( . Abort everything! // This should not happen at all. fprintf(stderr, "Big problem at %s%d\n", __FILE__, __LINE__); exit(-1); } if (!res) { fprintf(stderr, "Could not HMAC_Final\n"); goto cleanup_hmac_context; } size_t half_hash_len = SHA512_DIGEST_LENGTH / 2; memcpy(key->version, KEY_VERSIONS_VALUES[net | HDW_XKEY_TYPE_PRIVATE], sizeof(key->version)); // Copy the L and R part into the key. key->key_data[0] = 0; memcpy(key->key_data + 1, master_digest, half_hash_len); memcpy(key->chain_code, master_digest + half_hash_len, half_hash_len); // Set the rest of the data as master key. key->depth = (uint8_t) 0; memset(key->parent_fingerprint, 0, sizeof(key->parent_fingerprint)); memset(key->child_number, 0, sizeof(key->child_number)); cleanup_hmac_context: HMAC_CTX_cleanup(&hmac_ctx); return res; }
int32_t mz_crypt_hmac_init(void *handle, const void *key, int32_t key_length) { mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle; int32_t result = 0; const EVP_MD *evp_md = NULL; if (hmac == NULL || key == NULL) return MZ_PARAM_ERROR; mz_crypt_hmac_reset(handle); hmac->ctx = HMAC_CTX_new(); if (hmac->algorithm == MZ_HASH_SHA1) evp_md = EVP_sha1(); else evp_md = EVP_sha256(); result = HMAC_Init(hmac->ctx, key, key_length, evp_md); if (!result) { hmac->error = ERR_get_error(); return MZ_HASH_ERROR; } return MZ_OK; }
static void insert_message_authenticator(struct rad_handle *h, int resp) { #ifdef WITH_SSL u_char md[EVP_MAX_MD_SIZE]; u_int md_len; const struct rad_server *srvp; HMAC_CTX ctx; srvp = &h->servers[h->srv]; if (h->authentic_pos != 0) { HMAC_CTX_init(&ctx); HMAC_Init(&ctx, srvp->secret, strlen(srvp->secret), EVP_md5()); HMAC_Update(&ctx, &h->out[POS_CODE], POS_AUTH - POS_CODE); if (resp) HMAC_Update(&ctx, &h->in[POS_AUTH], LEN_AUTH); else HMAC_Update(&ctx, &h->out[POS_AUTH], LEN_AUTH); HMAC_Update(&ctx, &h->out[POS_ATTRS], h->out_len - POS_ATTRS); HMAC_Final(&ctx, md, &md_len); HMAC_CTX_cleanup(&ctx); HMAC_cleanup(&ctx); memcpy(&h->out[h->authentic_pos + 2], md, md_len); } #endif }
static int __hmac_sha1_init(archive_hmac_sha1_ctx *ctx, const uint8_t *key, size_t key_len) { HMAC_CTX_init(ctx); HMAC_Init(ctx, key, key_len, EVP_sha1()); return 0; }
// Signing functions bool OSSLEVPMacAlgorithm::signInit(const SymmetricKey* key) { // Call the superclass initialiser if (!MacAlgorithm::signInit(key)) { return false; } // Initialize the context HMAC_CTX_init(&curCTX); // Initialize EVP signing if (!HMAC_Init(&curCTX, key->getKeyBits().const_byte_str(), key->getKeyBits().size(), getEVPHash())) { ERROR_MSG("HMAC_Init failed"); HMAC_CTX_cleanup(&curCTX); ByteString dummy; MacAlgorithm::signFinal(dummy); return false; } return true; }
/* The random function H(x) = HMAC-SHA256(0^32, x) */ void H_Init(HMAC_CTX *ctx) { u8 allzero[SHA256_DIGEST_LENGTH]; os_memset(allzero, 0, SHA256_DIGEST_LENGTH); HMAC_Init(ctx, allzero, SHA256_DIGEST_LENGTH, EVP_sha256()); }
void openssl_hmac_md5() { int fd, size; unsigned int len; HMAC_CTX hmac_ctx; char file_name[COMM_LEN], inputs[COMM_LEN]; unsigned char tmps[LINE_LEN], outputs[EVP_MAX_MD_SIZE]; memset(tmps, 0, sizeof(tmps)); memset(inputs, 0, sizeof(inputs)); memset(outputs, 0, sizeof(outputs)); printf("\nPlease input a file name: "); scanf("%s", file_name); fd = open(file_name, O_RDONLY); if (fd < 0) return; OpenSSL_add_all_digests(); strcpy(inputs, "hmac_md5"); HMAC_Init(&hmac_ctx, inputs, sizeof(inputs), EVP_get_digestbyname("md5")); while ((size = read(fd, tmps, LINE_LEN)) > 0) HMAC_Update(&hmac_ctx, tmps, size); HMAC_Final(&hmac_ctx, outputs, &len); HMAC_cleanup(&hmac_ctx); close(fd); printf("HMAC_MD5(%s, %s) = ", file_name, inputs); for (size = 0; size < len; size++) printf("%02x", outputs[size]); printf("\n"); }
int mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen, u_char *digest, size_t dlen) { static u_char m[MAC_DIGEST_LEN_MAX]; u_char b[4], nonce[8]; if (mac->mac_len > sizeof(m)) return SSH_ERR_INTERNAL_ERROR; switch (mac->type) { case SSH_EVP: POKE_U32(b, seqno); /* reset HMAC context */ if (HMAC_Init(&mac->evp_ctx, NULL, 0, NULL) != 1 || HMAC_Update(&mac->evp_ctx, b, sizeof(b)) != 1 || HMAC_Update(&mac->evp_ctx, data, datalen) != 1 || HMAC_Final(&mac->evp_ctx, m, NULL) != 1) return SSH_ERR_LIBCRYPTO_ERROR; break; case SSH_UMAC: POKE_U64(nonce, seqno); umac_update(mac->umac_ctx, data, datalen); umac_final(mac->umac_ctx, m, nonce); break; default: return SSH_ERR_INVALID_ARGUMENT; } if (digest != NULL) { if (dlen > mac->mac_len) dlen = mac->mac_len; memcpy(digest, m, dlen); } return 0; }
u_char * mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen) { static u_char m[EVP_MAX_MD_SIZE]; u_char b[4]; if (mac->mac_len > sizeof(m)) fatal("mac_compute: mac too long %u %lu", mac->mac_len, (u_long)sizeof(m)); switch (mac->type) { case SSH_EVP: put_u32(b, seqno); /* reset HMAC context */ HMAC_Init(&mac->evp_ctx, NULL, 0, NULL); HMAC_Update(&mac->evp_ctx, b, sizeof(b)); HMAC_Update(&mac->evp_ctx, data, datalen); HMAC_Final(&mac->evp_ctx, m, NULL); break; default: fatal("mac_compute: unknown MAC type"); } return (m); }
int mac_init(struct sshmac *mac) { if (mac->key == NULL) return SSH_ERR_INVALID_ARGUMENT; switch (mac->type) { case SSH_EVP: if (mac->evp_md == NULL) return SSH_ERR_INVALID_ARGUMENT; HMAC_CTX_init(&mac->evp_ctx); if (HMAC_Init(&mac->evp_ctx, mac->key, mac->key_len, mac->evp_md) != 1) { HMAC_CTX_cleanup(&mac->evp_ctx); return SSH_ERR_LIBCRYPTO_ERROR; } return 0; case SSH_UMAC: if ((mac->umac_ctx = umac_new(mac->key)) == NULL) return SSH_ERR_ALLOC_FAIL; return 0; case SSH_UMAC128: mac->umac_ctx = umac128_new(mac->key); return 0; default: return SSH_ERR_INVALID_ARGUMENT; } }
/** @fn int soap_smd_init(struct soap *soap, struct soap_smd_data *data, int alg, const void *key, int keylen) @brief Initiates a (signed) digest computation. @param soap context @param[in,out] data smdevp engine context @param[in] alg is algorithm to use @param[in] key is key to use or NULL for digests @param[in] keylen is length of HMAC key (when provided) @return SOAP_OK or SOAP_SSL_ERROR */ int soap_smd_init(struct soap *soap, struct soap_smd_data *data, int alg, const void *key, int keylen) { static int done = 0; int err = 1; #ifdef WITH_OPENSSL /* OpenSSL: make sure we have the digest algorithms, need to call just once */ if (!done) { done = 1; OpenSSL_add_all_digests(); OpenSSL_add_all_algorithms(); } #endif /* the algorithm to use */ data->alg = alg; /* the key to use */ data->key = key; /* allocate and init the OpenSSL HMAC or EVP_MD context */ if ((alg & (SOAP_SMD_PASSTHRU-1)) == SOAP_SMD_HMAC_SHA1) { data->ctx = (void*)SOAP_MALLOC(soap, sizeof(HMAC_CTX)); HMAC_CTX_init((HMAC_CTX*)data->ctx); } else { data->ctx = (void*)SOAP_MALLOC(soap, sizeof(EVP_MD_CTX)); EVP_MD_CTX_init((EVP_MD_CTX*)data->ctx); } DBGLOG(TEST, SOAP_MESSAGE(fdebug, "-- SMD Init alg=%d (%p) --\n", alg, data->ctx)); /* init the digest or signature computations */ switch (alg & (SOAP_SMD_PASSTHRU-1)) { case SOAP_SMD_DGST_MD5: EVP_DigestInit((EVP_MD_CTX*)data->ctx, EVP_md5()); break; case SOAP_SMD_DGST_SHA1: EVP_DigestInit((EVP_MD_CTX*)data->ctx, EVP_sha1()); break; case SOAP_SMD_DGST_SHA256: EVP_DigestInit((EVP_MD_CTX*)data->ctx, EVP_sha256()); break; case SOAP_SMD_HMAC_SHA1: HMAC_Init((HMAC_CTX*)data->ctx, key, keylen, EVP_sha1()); break; case SOAP_SMD_SIGN_DSA_SHA1: err = EVP_SignInit((EVP_MD_CTX*)data->ctx, EVP_dss1()); break; case SOAP_SMD_SIGN_RSA_SHA1: err = EVP_SignInit((EVP_MD_CTX*)data->ctx, EVP_sha1()); break; case SOAP_SMD_SIGN_RSA_SHA256: err = EVP_SignInit((EVP_MD_CTX*)data->ctx, EVP_sha256()); break; case SOAP_SMD_VRFY_DSA_SHA1: err = EVP_VerifyInit((EVP_MD_CTX*)data->ctx, EVP_dss1()); break; case SOAP_SMD_VRFY_RSA_SHA1: err = EVP_VerifyInit((EVP_MD_CTX*)data->ctx, EVP_sha1()); break; } /* check and return */ return soap_smd_check(soap, data, err, "soap_smd_init() failed"); }
QByteArray SSH2MAC::mac(const QByteArray & data) { QByteArray hmac(m_macLen, 0); HMAC_Init(m_ctx, (const uint8_t*) m_key.data(), m_keyLen, m_evptype); HMAC_Update(m_ctx, (const uint8_t *) data.data(), data.size()); HMAC_Final(m_ctx, (uint8_t *) hmac.data(), NULL); return hmac; }
/* The random function H(x) = HMAC-SHA256(0^32, x) */ static void H_Init(HMAC_CTX *ctx) { uint8_t allzero[SHA256_DIGEST_LENGTH]; memset(allzero, 0, SHA256_DIGEST_LENGTH); HMAC_Init(ctx, allzero, SHA256_DIGEST_LENGTH, EVP_sha256()); }
void tsig_hmac_init(tsig_hmac_t t, const void *key, int len, const EVP_MD *md) { HMAC_CTX *hmac = (HMAC_CTX*)t; #if SSL_API_LT_100 HMAC_Init(hmac, key, len, md); #else HMAC_Init_ex(hmac, key, len, md, NULL); #endif }
/* * Authenticate to the server with the Challenge-Response Authentication * Mechanism (CRAM). The authentication type associated with CRAM is * "CRAM-MD5". */ int auth_cram_md5(session *ssn, const char *user, const char *pass) { int t; size_t n; unsigned int i; unsigned char *chal, *resp, *out, *buf; unsigned char md[EVP_MAX_MD_SIZE], mdhex[EVP_MAX_MD_SIZE * 2 + 1]; unsigned int mdlen; HMAC_CTX hmac; if ((t = imap_authenticate(ssn, "CRAM-MD5")) == -1) return -1; if (response_authenticate(ssn, t, &chal) == STATUS_RESPONSE_CONTINUE) { n = strlen((char *)(chal)) * 3 / 4 + 1; resp = (unsigned char *)xmalloc(n * sizeof(char)); memset(resp, 0, n); EVP_DecodeBlock(resp, chal, strlen((char *)(chal))); HMAC_Init(&hmac, (const unsigned char *)pass, strlen(pass), EVP_md5()); HMAC_Update(&hmac, resp, strlen((char *)(resp))); HMAC_Final(&hmac, md, &mdlen); xfree(chal); xfree(resp); for (i = 0; i < mdlen; i++) snprintf((char *)(mdhex) + i * 2, mdlen * 2 - i * 2 + 1, "%02x", md[i]); mdhex[mdlen * 2] = '\0'; n = strlen(user) + 1 + strlen((char *)(mdhex)) + 1; buf = (unsigned char *)xmalloc(n * sizeof(unsigned char)); memset(buf, 0, n); snprintf((char *)(buf), n, "%s %s", user, mdhex); n = (strlen((char *)(buf)) + 3) * 4 / 3 + 1; out = (unsigned char *)xmalloc(n * sizeof(unsigned char)); memset(out, 0, n); EVP_EncodeBlock(out, buf, strlen((char *)(buf))); imap_continuation(ssn, (char *)(out), strlen((char *)(out))); xfree(buf); xfree(out); } else return -1; return response_authenticate(ssn, t, NULL); }
static int _sol_message_digest_hmac_init(struct sol_message_digest *handle, const EVP_MD *md, const struct sol_str_slice key) { HMAC_CTX *ctx = sol_message_digest_common_get_context(handle); if (HMAC_Init(ctx, key.data, key.len, md)) return 0; return -EINVAL; }
static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, int sec_len, unsigned char *seed, int seed_len, unsigned char *out, int olen) { int chunk,n; unsigned int j; HMAC_CTX ctx; HMAC_CTX ctx_tmp; unsigned char A1[HMAC_MAX_MD_CBLOCK]; unsigned int A1_len; chunk=EVP_MD_size(md); HMAC_Init(&ctx,sec,sec_len,md); HMAC_Update(&ctx,seed,seed_len); HMAC_Final(&ctx,A1,&A1_len); n=0; for (;;) { HMAC_Init(&ctx,NULL,0,NULL); /* re-init */ HMAC_Update(&ctx,A1,A1_len); memcpy(&ctx_tmp,&ctx,sizeof(ctx)); /* Copy for A2 */ /* not needed for last one */ HMAC_Update(&ctx,seed,seed_len); if (olen > chunk) { HMAC_Final(&ctx,out,&j); out+=j; olen-=j; HMAC_Final(&ctx_tmp,A1,&A1_len); /* calc the next A1 value */ } else /* last one */ { HMAC_Final(&ctx,A1,&A1_len); memcpy(out,A1,olen); break; } } HMAC_cleanup(&ctx); HMAC_cleanup(&ctx_tmp); memset(A1,0,sizeof(A1)); }
static int tls_hash(StringInfo* secret, StringInfo* seed, const EVP_MD *md, StringInfo* out) { uint8_t *ptr; unsigned int left; int tocpy; uint8_t *A; uint8_t _A[48],tmp[48]; unsigned int A_l,tmp_l; HMAC_CTX ctx; ptr = out->data; left = out->data_len; ssl_print_string("tls_hash: hash secret", secret); ssl_print_string("tls_hash: hash seed", seed); A=seed->data; A_l=seed->data_len; while(left){ HMAC_CTX_init(&ctx); HMAC_Init(&ctx, secret->data, secret->data_len, md); HMAC_Update(&ctx,A,A_l); HMAC_Final(&ctx,_A,&A_l); HMAC_cleanup(&ctx); A=_A; HMAC_CTX_init(&ctx); HMAC_Init(&ctx,secret->data,secret->data_len,md); HMAC_Update(&ctx,A,A_l); HMAC_Update(&ctx,seed->data,seed->data_len); HMAC_Final(&ctx,tmp,&tmp_l); HMAC_cleanup(&ctx); tocpy=std::min(left,tmp_l); memcpy(ptr,tmp,tocpy); ptr+=tocpy; left-=tocpy; } ssl_print_string("hash out", out); return (0); }
/* * call-seq: * HMAC.new(key, digest) -> hmac * * Returns an instance of OpenSSL::HMAC set with the key and digest * algorithm to be used. The instance represents the initial state of * the message authentication code before any data has been processed. * To process data with it, use the instance method #update with your * data as an argument. * * === Example * * key = 'key' * digest = OpenSSL::Digest.new('sha1') * instance = OpenSSL::HMAC.new(key, digest) * #=> f42bb0eeb018ebbd4597ae7213711ec60760843f * instance.class * #=> OpenSSL::HMAC * * === A note about comparisons * * Two instances won't be equal when they're compared, even if they have the * same value. Use #to_s or #hexdigest to return the authentication code that * the instance represents. For example: * * other_instance = OpenSSL::HMAC.new('key', OpenSSL::Digest.new('sha1')) * #=> f42bb0eeb018ebbd4597ae7213711ec60760843f * instance * #=> f42bb0eeb018ebbd4597ae7213711ec60760843f * instance == other_instance * #=> false * instance.to_s == other_instance.to_s * #=> true * */ static VALUE ossl_hmac_initialize(VALUE self, VALUE key, VALUE digest) { HMAC_CTX *ctx; StringValue(key); GetHMAC(self, ctx); HMAC_Init(ctx, RSTRING_PTR(key), RSTRING_LENINT(key), GetDigestPtr(digest)); return self; }
void *por_tag_thread(void *threadargs_ptr){ HMAC_CTX ctx; unsigned char digest[SHA_DIGEST_LENGTH]; unsigned int digest_len = 0; unsigned int block; int *ret = NULL; unsigned char buf[POR_BLOCK_SIZE]; struct thread_arguments *threadargs = threadargs_ptr; int i = 0; if(!threadargs || !threadargs->file || !threadargs->tags || !threadargs->key || !threadargs->numblocks) goto cleanup; /* Allocate memory for return value - this should be freed by the checker */ ret = malloc(sizeof(int)); if(!ret) goto cleanup; *ret = 0; /* For N threads, read in and tag each Nth block */ block = threadargs->threadid; for(i = 0; i < threadargs->numblocks; i++){ memset(digest, 0, SHA_DIGEST_LENGTH); memset(buf, 0, POR_BLOCK_SIZE); fseek(threadargs->file, (block*POR_BLOCK_SIZE), SEEK_SET); fread(buf, POR_BLOCK_SIZE, 1, threadargs->file); if(ferror(threadargs->file)) goto cleanup; /* Calculate the tag for this block */ HMAC_CTX_init(&ctx); HMAC_Init(&ctx, threadargs->key->prf_key, threadargs->key->prf_key_size, EVP_sha1()); HMAC_Update(&ctx, (const unsigned char *)&block, sizeof(unsigned int)); HMAC_Update(&ctx, (unsigned char *)threadargs->filepath, (int)threadargs->filepath_len); HMAC_Update(&ctx, buf, POR_BLOCK_SIZE); HMAC_Final(&ctx, digest, &digest_len); HMAC_cleanup(&ctx); /* Store the tag in a buffer until all threads are done. Writer should destroy tags. */ memcpy((threadargs->tags + (SHA_DIGEST_LENGTH * block)), digest, digest_len); block += NUM_THREADS; } *ret = 1; pthread_exit(ret); cleanup: pthread_exit(ret); }
int main(int argc, char **argv) { Octstr *data, *filename, *mac, *key; unsigned char macbuf[EVP_MAX_MD_SIZE], *p; int mac_len; #ifdef HAVE_LIBSSL HMAC_CTX ctx; #endif gwlib_init(); get_and_set_debugs(argc, argv, NULL); if (argc < 3) panic(0, "Syntax: %s <key> <file>\n", argv[0]); key = octstr_create(argv[1]); filename = octstr_create(argv[2]); data = octstr_read_file(octstr_get_cstr(filename)); if (data == NULL) panic(0, "Cannot read file."); debug("",0,"Dumping file `%s':", octstr_get_cstr(filename)); octstr_dump(data, 0); #ifdef HAVE_LIBSSL HMAC_Init(&ctx, octstr_get_cstr(key), octstr_len(key), EVP_sha1()); p = HMAC(EVP_sha1(), octstr_get_cstr(key), octstr_len(key), octstr_get_cstr(data), octstr_len(data), macbuf, &mac_len); HMAC_cleanup(&ctx); #else macbuf[0] = 0; mac_len = 0; p = macbuf; warning(0, "No SSL support. Can't calculate HMAC value."); #endif mac = octstr_create_from_data(p, mac_len); octstr_binary_to_hex(mac, 0); debug("",0,"HMAC of file `%s' and key `%s' is:", octstr_get_cstr(filename), octstr_get_cstr(key)); octstr_dump(mac, 0); octstr_destroy(data); octstr_destroy(mac); octstr_destroy(key); gwlib_shutdown(); return 0; }
int P_hash(const char *digest, unsigned char *dest, int dlen, unsigned char *secret, int sslen, unsigned char *seed, int slen) { unsigned char hmac[20]; uint32_t hlen; HMAC_CTX hm; const EVP_MD *md = EVP_get_digestbyname(digest); uint32_t tmpslen; unsigned char tmpseed[slen]; unsigned char *out = dest; int pending = dlen; // Copy initial seed memcpy(tmpseed, seed, slen); tmpslen = slen; // Calculate enough data to fill destination while (pending > 0) { HMAC_Init(&hm, secret, sslen, md); HMAC_Update(&hm, tmpseed, tmpslen); HMAC_Final(&hm, tmpseed, &tmpslen); HMAC_Init(&hm, secret, sslen, md); HMAC_Update(&hm, tmpseed, tmpslen); HMAC_Update(&hm, seed, slen); HMAC_Final(&hm, hmac, &hlen); hlen = (hlen > pending) ? pending : hlen; memcpy(out, hmac, hlen); out += hlen; pending -= hlen; } HMAC_cleanup(&hm); return hlen; }
int sftp_mac_set_write_key(pool *p, const EVP_MD *hash, const BIGNUM *k, const char *h, uint32_t hlen) { const unsigned char *id = NULL; char *buf, *ptr; uint32_t buflen, bufsz, id_len; char letter; struct sftp_mac *mac; HMAC_CTX *mac_ctx; switch_write_mac(); mac = &(write_macs[write_mac_idx]); mac_ctx = &(write_ctxs[write_mac_idx]); bufsz = buflen = 1024; ptr = buf = sftp_msg_getbuf(p, bufsz); /* Need to use SSH2-style format of K for the key. */ sftp_msg_write_mpint(&buf, &buflen, k); id_len = sftp_session_get_id(&id); /* HASH(K || H || "F" || session_id) */ letter = 'F'; set_mac_key(mac, hash, ptr, (bufsz - buflen), h, hlen, &letter, id, id_len); #if OPENSSL_VERSION_NUMBER > 0x000907000L HMAC_CTX_init(mac_ctx); #else /* Reset the HMAC context. */ HMAC_Init(mac_ctx, NULL, 0, NULL); #endif HMAC_Init(mac_ctx, mac->key, mac->key_len, mac->digest); pr_memscrub(ptr, bufsz); return 0; }
USES_APPLE_DEPRECATED_API /* OpenSSL API has been deprecated by Apple */ #include "eap_pwd.h" #include <freeradius-devel/radiusd.h> #include <freeradius-devel/modules.h> /* The random function H(x) = HMAC-SHA256(0^32, x) */ static void H_Init(HMAC_CTX *ctx) { uint8_t allzero[SHA256_DIGEST_LENGTH]; memset(allzero, 0, SHA256_DIGEST_LENGTH); HMAC_Init(ctx, allzero, SHA256_DIGEST_LENGTH, EVP_sha256()); }
unsigned char *HMAC2(//fixed to SHA256: EVP_MD *evp_md, unsigned char *key, int key_len, unsigned char *d, int n, unsigned char *md) //always 64, unsigned int *md_len) { HMAC_CTX c; //static unsigned char m[EVP_MAX_MD_SIZE]; static unsigned char m[2*SHA256_DIGEST_LENGTH]; if (md == NULL) md=m; //first round HMAC_Init(&c, key, key_len); HMAC_Update(&c,d,n); HMAC_Final(&c,md); //second round HMAC_Init(&c, NULL, key_len); //only performs memcpy HMAC_Update(&c,d,n); HMAC_Final(&c,md+SHA256_DIGEST_LENGTH); HMAC_cleanup(&c); return(md); }
unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, const unsigned char *d, size_t n, unsigned char *md, unsigned int *md_len) { HMAC_CTX c; static unsigned char m[EVP_MAX_MD_SIZE]; if (md == NULL) md=m; HMAC_CTX_init(&c); HMAC_Init(&c,key,key_len,evp_md); HMAC_Update(&c,d,n); HMAC_Final(&c,md,md_len); HMAC_CTX_cleanup(&c); return(md); }
int mac_init(Mac *mac) { if (mac->key == NULL) fatal("mac_init: no key"); switch (mac->type) { case SSH_EVP: if (mac->evp_md == NULL) return -1; HMAC_Init(&mac->evp_ctx, mac->key, mac->key_len, mac->evp_md); return 0; default: return -1; } }