/* Final update and encoding of data in the context.
* This does require all requisite fields be properly
* set.
*/
int
fko_spa_data_final(fko_ctx_t ctx,
const char * const enc_key, const int enc_key_len,
const char * const hmac_key, const int hmac_key_len)
{
char *tbuf;
int res = 0, data_with_hmac_len = 0;
/* Must be initialized
*/
if(!CTX_INITIALIZED(ctx))
return(FKO_ERROR_CTX_NOT_INITIALIZED);
if(enc_key_len < 0)
return(FKO_ERROR_INVALID_KEY_LEN);
res = fko_encrypt_spa_data(ctx, enc_key, enc_key_len);
/* Now calculate hmac if so configured
*/
if (res == FKO_SUCCESS && ctx->hmac_type != FKO_HMAC_UNKNOWN)
{
if(hmac_key_len < 0)
return(FKO_ERROR_INVALID_KEY_LEN);
if(hmac_key == NULL)
return(FKO_ERROR_INVALID_KEY_LEN);
res = fko_set_spa_hmac(ctx, hmac_key, hmac_key_len);
if (res == FKO_SUCCESS)
{
/* Now that we have the hmac, append it to the
* encrypted data (which has already been base64-encoded
* and the trailing '=' chars stripped off).
*/
data_with_hmac_len
= ctx->encrypted_msg_len+1+ctx->msg_hmac_len+1;
tbuf = realloc(ctx->encrypted_msg, data_with_hmac_len);
if (tbuf == NULL)
return(FKO_ERROR_MEMORY_ALLOCATION);
strlcat(tbuf, ctx->msg_hmac, data_with_hmac_len);
ctx->encrypted_msg = tbuf;
ctx->encrypted_msg_len = data_with_hmac_len;
}
}
return res;
}
static PyObject *
set_spa_hmac(PyObject *self, PyObject *args)
{
fko_ctx_t ctx;
char *hmac_key;
int hmac_key_len;
int res;
if(!PyArg_ParseTuple(args, "ks#", &ctx, &hmac_key, &hmac_key_len))
return NULL;
res = fko_set_spa_hmac(ctx, hmac_key, hmac_key_len);
if(res != FKO_SUCCESS)
{
PyErr_SetString(FKOError, fko_errstr(res));
return NULL;
}
return Py_BuildValue("", NULL);
}
int
fko_verify_hmac(fko_ctx_t ctx,
const char * const hmac_key, const int hmac_key_len)
{
char *hmac_digest_from_data = NULL;
char *tbuf = NULL;
int res = FKO_SUCCESS;
int hmac_b64_digest_len = 0, zero_free_rv = FKO_SUCCESS;
/* Must be initialized
*/
if(!CTX_INITIALIZED(ctx))
return(FKO_ERROR_CTX_NOT_INITIALIZED);
if (! is_valid_encoded_msg_len(ctx->encrypted_msg_len))
return(FKO_ERROR_INVALID_DATA_HMAC_MSGLEN_VALIDFAIL);
if(hmac_key_len > MAX_DIGEST_BLOCK_LEN)
return(FKO_ERROR_INVALID_HMAC_KEY_LEN);
if(ctx->hmac_type == FKO_HMAC_MD5)
hmac_b64_digest_len = MD5_B64_LEN;
else if(ctx->hmac_type == FKO_HMAC_SHA1)
hmac_b64_digest_len = SHA1_B64_LEN;
else if(ctx->hmac_type == FKO_HMAC_SHA256)
hmac_b64_digest_len = SHA256_B64_LEN;
else if(ctx->hmac_type == FKO_HMAC_SHA384)
hmac_b64_digest_len = SHA384_B64_LEN;
else if(ctx->hmac_type == FKO_HMAC_SHA512)
hmac_b64_digest_len = SHA512_B64_LEN;
else
return(FKO_ERROR_UNSUPPORTED_HMAC_MODE);
if((ctx->encrypted_msg_len - hmac_b64_digest_len)
< MIN_SPA_ENCODED_MSG_SIZE)
return(FKO_ERROR_INVALID_DATA_HMAC_ENCMSGLEN_VALIDFAIL);
/* Get digest value
*/
hmac_digest_from_data = strndup((ctx->encrypted_msg
+ ctx->encrypted_msg_len - hmac_b64_digest_len),
hmac_b64_digest_len);
if(hmac_digest_from_data == NULL)
return(FKO_ERROR_MEMORY_ALLOCATION);
/* Now we chop the HMAC digest off of the encrypted msg
*/
tbuf = strndup(ctx->encrypted_msg,
ctx->encrypted_msg_len - hmac_b64_digest_len);
if(tbuf == NULL)
{
if(zero_free(hmac_digest_from_data, strnlen(hmac_digest_from_data,
MAX_SPA_ENCODED_MSG_SIZE)) == FKO_SUCCESS)
return(FKO_ERROR_MEMORY_ALLOCATION);
else
return(FKO_ERROR_ZERO_OUT_DATA);
}
if(zero_free(ctx->encrypted_msg, ctx->encrypted_msg_len) != FKO_SUCCESS)
zero_free_rv = FKO_ERROR_ZERO_OUT_DATA;
ctx->encrypted_msg = tbuf;
ctx->encrypted_msg_len -= hmac_b64_digest_len;
if(ctx->encryption_mode == FKO_ENC_MODE_ASYMMETRIC)
{
/* See if we need to add the "hQ" string to the front of the
* encrypted data.
*/
if(! ctx->added_gpg_prefix)
{
res = add_gpg_prefix(ctx);
}
}
else
{
/* See if we need to add the "Salted__" string to the front of the
* encrypted data.
*/
if(! ctx->added_salted_str)
{
res = add_salted_str(ctx);
}
}
if (res != FKO_SUCCESS)
{
if(zero_free(hmac_digest_from_data, strnlen(hmac_digest_from_data,
MAX_SPA_ENCODED_MSG_SIZE)) != FKO_SUCCESS)
zero_free_rv = FKO_ERROR_ZERO_OUT_DATA;
if(zero_free_rv == FKO_SUCCESS)
return(res);
else
return(zero_free_rv);
}
/* Calculate the HMAC from the encrypted data and then
* compare
*/
res = fko_set_spa_hmac_type(ctx, ctx->hmac_type);
if(res == FKO_SUCCESS)
{
res = fko_set_spa_hmac(ctx, hmac_key, hmac_key_len);
if(res == FKO_SUCCESS)
{
if(constant_runtime_cmp(hmac_digest_from_data,
ctx->msg_hmac, hmac_b64_digest_len) != 0)
{
res = FKO_ERROR_INVALID_DATA_HMAC_COMPAREFAIL;
}
}
}
if(zero_free(hmac_digest_from_data, strnlen(hmac_digest_from_data,
MAX_SPA_ENCODED_MSG_SIZE)) != FKO_SUCCESS)
zero_free_rv = FKO_ERROR_ZERO_OUT_DATA;
if(res == FKO_SUCCESS)
return(zero_free_rv);
else
return(res);
}
