ssh_mac_ctx ssh_mac_ctx_init(enum ssh_mac_e type) { ssh_mac_ctx ctx = malloc(sizeof (struct ssh_mac_ctx_struct)); const mbedtls_md_info_t *md_info; int rc; if (ctx == NULL) { return NULL; } ctx->mac_type=type; switch(type) { case SSH_MAC_SHA1: md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); break; case SSH_MAC_SHA256: md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); break; case SSH_MAC_SHA384: md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA384); break; case SSH_MAC_SHA512: md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); break; default: goto error; } if (md_info == NULL) { goto error; } mbedtls_md_init(&ctx->ctx); rc = mbedtls_md_setup(&ctx->ctx, md_info, 0); if (rc != 0) { goto error; } rc = mbedtls_md_starts(&ctx->ctx); if (rc != 0) { goto error; } return ctx; error: SAFE_FREE(ctx); return NULL; }
HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type) { HMACCTX ctx = NULL; const mbedtls_md_info_t *md_info = NULL; int rc; ctx = malloc(sizeof(mbedtls_md_context_t)); if (ctx == NULL) { return NULL; } switch (type) { case SSH_HMAC_SHA1: md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); break; case SSH_HMAC_SHA256: md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); break; case SSH_HMAC_SHA512: md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); break; default: goto error; } mbedtls_md_init(ctx); if (md_info == NULL) { goto error; } rc = mbedtls_md_setup(ctx, md_info, 1); if (rc != 0) { goto error; } rc = mbedtls_md_hmac_starts(ctx, key, len); if (rc != 0) { goto error; } return ctx; error: mbedtls_md_free(ctx); SAFE_FREE(ctx); return NULL; }
/** * Given the indirected identifier for the hash algorithm return its label. * * @param Hashes The hash algorithm in question. * @return The label for the digest. */ const char* get_digest_label(Hashes h) { const mbedtls_md_info_t* info = mbedtls_md_info_from_type((mbedtls_md_type_t)h); if (info) { return info->name; } return "<UNKNOWN>"; }
/** * Given the identifier for the hash algorithm return the output size. * * @param Hashes The hash algorithm in question. * @return The size of the buffer (in bytes) required to hold the digest output. */ int get_digest_output_length(Hashes h) { const mbedtls_md_info_t* info = mbedtls_md_info_from_type((mbedtls_md_type_t)h); if (info) { return info->size; } return 0; }
tt_result_t tt_ecdsa_verify(IN tt_ecdsa_t *dsa, IN tt_u8_t *input, IN tt_u32_t len, IN tt_md_type_t md_type, IN tt_u8_t *sig, IN tt_u32_t sig_len) { mbedtls_ecdsa_context *ctx = &dsa->ctx; mbedtls_md_type_t t; const mbedtls_md_info_t *md_type_info; tt_u8_t hash[MBEDTLS_MD_MAX_SIZE]; tt_u32_t hashlen; int e; t = tt_g_md_type_map[md_type]; md_type_info = mbedtls_md_info_from_type(t); mbedtls_md(md_type_info, input, len, hash); hashlen = mbedtls_md_get_size(md_type_info); e = mbedtls_ecdsa_read_signature(ctx, hash, hashlen, sig, sig_len); if (e != 0) { tt_crypto_error("ecdsa verify failed"); return TT_FAIL; } return TT_SUCCESS; }
int ss_onetimeauth(buffer_t *buf, uint8_t *iv, size_t capacity) { uint8_t hash[ONETIMEAUTH_BYTES * 2]; uint8_t auth_key[MAX_IV_LENGTH + MAX_KEY_LENGTH]; memcpy(auth_key, iv, enc_iv_len); memcpy(auth_key + enc_iv_len, enc_key, enc_key_len); brealloc(buf, ONETIMEAUTH_BYTES + buf->len, capacity); #if defined(USE_CRYPTO_OPENSSL) HMAC(EVP_sha1(), auth_key, enc_iv_len + enc_key_len, (uint8_t *)buf->array, buf->len, (uint8_t *)hash, NULL); #elif defined(USE_CRYPTO_MBEDTLS) mbedtls_md_hmac(mbedtls_md_info_from_type( MBEDTLS_MD_SHA1), auth_key, enc_iv_len + enc_key_len, (uint8_t *)buf->array, buf->len, (uint8_t *)hash); #else sha1_hmac(auth_key, enc_iv_len + enc_key_len, (uint8_t *)buf->array, buf->len, (uint8_t *)hash); #endif memcpy(buf->array + buf->len, hash, ONETIMEAUTH_BYTES); buf->len += ONETIMEAUTH_BYTES; return 0; }
/* * Deterministic signature wrapper */ int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, mbedtls_md_type_t md_alg ) { int ret; mbedtls_hmac_drbg_context rng_ctx; unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES]; size_t grp_len = ( grp->nbits + 7 ) / 8; const mbedtls_md_info_t *md_info; mbedtls_mpi h; if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); mbedtls_mpi_init( &h ); mbedtls_hmac_drbg_init( &rng_ctx ); /* Use private key and message hash (reduced) to initialize HMAC_DRBG */ MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, data, grp_len ) ); MBEDTLS_MPI_CHK( derive_mpi( grp, &h, buf, blen ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, data + grp_len, grp_len ) ); mbedtls_hmac_drbg_seed_buf( &rng_ctx, md_info, data, 2 * grp_len ); ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen, mbedtls_hmac_drbg_random, &rng_ctx ); cleanup: mbedtls_hmac_drbg_free( &rng_ctx ); mbedtls_mpi_free( &h ); return( ret ); }
result_t crypto_base::pbkdf2(int32_t algo, Buffer_base* password, Buffer_base* salt, int32_t iterations, int32_t size, obj_ptr<Buffer_base>& retVal) { if (algo < hash_base::_MD2 || algo > hash_base::_RIPEMD160) return CHECK_ERROR(CALL_E_INVALIDARG); qstring str_pass; qstring str_salt; qstring str_key; password->toString(str_pass); salt->toString(str_salt); str_key.resize(size); mbedtls_md_context_t ctx; mbedtls_md_setup(&ctx, mbedtls_md_info_from_type((mbedtls_md_type_t)algo), 1); mbedtls_pkcs5_pbkdf2_hmac(&ctx, (const unsigned char *)str_pass.c_str(), str_pass.length(), (const unsigned char *)str_salt.c_str(), str_salt.length(), iterations, size, (unsigned char *)&str_key[0]); mbedtls_md_free(&ctx); retVal = new Buffer(str_key); return 0; }
BOOL winpr_Digest_Init(WINPR_DIGEST_CTX* ctx, WINPR_MD_TYPE md) { #if defined(WITH_OPENSSL) EVP_MD_CTX* mdctx = (EVP_MD_CTX*) ctx; const EVP_MD* evp = winpr_openssl_get_evp_md(md); if (!mdctx || !evp) return FALSE; if (EVP_DigestInit_ex(mdctx, evp, NULL) != 1) return FALSE; #elif defined(WITH_MBEDTLS) mbedtls_md_context_t* mdctx = (mbedtls_md_context_t*) ctx; mbedtls_md_type_t md_type = winpr_mbedtls_get_md_type(md); const mbedtls_md_info_t* md_info = mbedtls_md_info_from_type(md_type); if (!md_info) return FALSE; if (mdctx->md_info != md_info) { mbedtls_md_free(mdctx); /* can be called at any time after mbedtls_md_init */ if (mbedtls_md_setup(mdctx, md_info, 0) != 0) return FALSE; } if (mbedtls_md_starts(mdctx) != 0) return FALSE; #endif return TRUE; }
int winpr_Digest_Init(WINPR_DIGEST_CTX* ctx, int md) { #if defined(WITH_OPENSSL) const EVP_MD* evp = winpr_openssl_get_evp_md(md); if (!evp) return -1; EVP_MD_CTX_init((EVP_MD_CTX*) ctx); if (EVP_DigestInit_ex((EVP_MD_CTX*) ctx, evp, NULL) != 1) return -1; #elif defined(WITH_MBEDTLS) const mbedtls_md_info_t* md_info; mbedtls_md_type_t md_type = winpr_mbedtls_get_md_type(md); md_info = mbedtls_md_info_from_type(md_type); if (!md_info) return -1; mbedtls_md_init((mbedtls_md_context_t*) ctx); if (mbedtls_md_setup((mbedtls_md_context_t*) ctx, md_info, 0) != 0) return -1; if (mbedtls_md_starts((mbedtls_md_context_t*) ctx) != 0) return -1; #endif return 0; }
void show_available_digests() { const int *digests = mbedtls_md_list(); #ifndef ENABLE_SMALL printf("The following message digests are available for use with\n" PACKAGE_NAME ". A message digest is used in conjunction with\n" "the HMAC function, to authenticate received packets.\n" "You can specify a message digest as parameter to\n" "the --auth option.\n\n"); #endif while (*digests != 0) { const mbedtls_md_info_t *info = mbedtls_md_info_from_type(*digests); if (info) { printf("%s %d bit default key\n", mbedtls_md_get_name(info), mbedtls_md_get_size(info) * 8); } digests++; } printf("\n"); }
SHACTX sha1_init(void) { SHACTX ctx = NULL; int rc; const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); if (md_info == NULL) { return NULL; } ctx = malloc(sizeof(mbedtls_md_context_t)); if (ctx == NULL) { return NULL; } mbedtls_md_init(ctx); rc = mbedtls_md_setup(ctx, md_info, 0); if (rc != 0) { SAFE_FREE(ctx); return NULL; } rc = mbedtls_md_starts(ctx); if (rc != 0) { SAFE_FREE(ctx); return NULL; } return ctx; }
int winpr_HMAC_Init(WINPR_HMAC_CTX* ctx, int md, const BYTE* key, size_t keylen) { #if defined(WITH_OPENSSL) const EVP_MD* evp = winpr_openssl_get_evp_md(md); if (!evp) return -1; HMAC_CTX_init((HMAC_CTX*) ctx); #if (OPENSSL_VERSION_NUMBER < 0x10000000L) HMAC_Init_ex((HMAC_CTX*) ctx, key, keylen, evp, NULL); #else if (HMAC_Init_ex((HMAC_CTX*) ctx, key, keylen, evp, NULL) != 1) return -1; #endif #elif defined(WITH_MBEDTLS) const mbedtls_md_info_t* md_info; mbedtls_md_type_t md_type = winpr_mbedtls_get_md_type(md); md_info = mbedtls_md_info_from_type(md_type); if (!md_info) return -1; mbedtls_md_init((mbedtls_md_context_t*) ctx); if (mbedtls_md_setup((mbedtls_md_context_t*) ctx, md_info, 1) != 0) return -1; if (mbedtls_md_hmac_starts((mbedtls_md_context_t*) ctx, key, keylen) != 0) return -1; #endif return 0; }
int complete_auth_fields(uint8_t key_id, const char *key, void *packet, size_t pckt_len, void *auth_data_pos) { const mbedtls_md_info_t *md_info; mbedtls_md_type_t md_type; size_t auth_data_len; switch (key_id) { case HMAC_SHA_1_96: md_type = MBEDTLS_MD_SHA1; auth_data_len = SHA1_AUTH_DATA_LEN; break; default: OOR_LOG(LDBG_2, "complete_auth_fields: HMAC unknown key type: %d", (int)key_id); return(BAD); } md_info = mbedtls_md_info_from_type(md_type); memset(auth_data_pos,0,auth_data_len); if (mbedtls_md_hmac(md_info, (const unsigned char *)key, strlen(key), (const unsigned char *)packet, pckt_len, (unsigned char *)auth_data_pos) != 0){ OOR_LOG(LDBG_2, "complete_auth_fields: Error using mbedtls"); return (BAD); } return (GOOD); }
int rb_ssl_get_certfp(rb_fde_t *F, uint8_t certfp[RB_SSL_CERTFP_LEN]) { const mbedtls_x509_crt *peer_cert; uint8_t hash[RB_SSL_CERTFP_LEN]; const mbedtls_md_info_t *md_info; int ret; peer_cert = mbedtls_ssl_get_peer_cert(SSL_P(F)); if (peer_cert == NULL) return 0; md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); if (md_info == NULL) return 0; if ((ret = mbedtls_md(md_info, peer_cert->raw.p, peer_cert->raw.len, hash)) != 0) { rb_lib_log("rb_get_ssl_certfp: unable to get certfp for F: %p, %d", F, ret); return 0; } memcpy(certfp, hash, RB_SSL_CERTFP_LEN); return 1; }
EVPCTX evp_init(int nid) { EVPCTX ctx = NULL; int rc; mbedtls_md_type_t algo = nid_to_md_algo(nid); const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(algo); if (md_info == NULL) { return NULL; } ctx = malloc(sizeof(mbedtls_md_context_t)); if (ctx == NULL) { return NULL; } mbedtls_md_init(ctx); rc = mbedtls_md_setup(ctx, md_info, 0); if (rc != 0) { SAFE_FREE(ctx); return NULL; } rc = mbedtls_md_starts(ctx); if (rc != 0) { SAFE_FREE(ctx); return NULL; } return ctx; }
int ss_gen_hash(buffer_t *buf, uint32_t *counter, enc_ctx_t *ctx, size_t capacity) { ssize_t blen = buf->len; uint16_t chunk_len = htons((uint16_t)blen); uint8_t hash[ONETIMEAUTH_BYTES * 2]; uint8_t key[MAX_IV_LENGTH + sizeof(uint32_t)]; uint32_t c = htonl(*counter); brealloc(buf, AUTH_BYTES + blen, capacity); memcpy(key, ctx->evp.iv, enc_iv_len); memcpy(key + enc_iv_len, &c, sizeof(uint32_t)); #if defined(USE_CRYPTO_OPENSSL) HMAC(EVP_sha1(), key, enc_iv_len + sizeof(uint32_t), (uint8_t *)buf->array, blen, hash, NULL); #elif defined(USE_CRYPTO_MBEDTLS) mbedtls_md_hmac(mbedtls_md_info_from_type( MBEDTLS_MD_SHA1), key, enc_iv_len + sizeof(uint32_t), (uint8_t *)buf->array, blen, hash); #else sha1_hmac(key, enc_iv_len + sizeof(uint32_t), (uint8_t *)buf->array, blen, hash); #endif memmove(buf->array + AUTH_BYTES, buf->array, blen); memcpy(buf->array + CLEN_BYTES, hash, ONETIMEAUTH_BYTES); memcpy(buf->array, &chunk_len, CLEN_BYTES); *counter = *counter + 1; buf->len = blen + AUTH_BYTES; return 0; }
void sha1(unsigned char *digest, int len, unsigned char *hash) { const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); if (md_info != NULL) { mbedtls_md(md_info, digest, len, hash); } }
int ss_check_hash(buffer_t *buf, chunk_t *chunk, enc_ctx_t *ctx, size_t capacity) { int i, j, k; ssize_t blen = buf->len; uint32_t cidx = chunk->idx; brealloc(chunk->buf, chunk->len + blen, capacity); brealloc(buf, chunk->len + blen, capacity); for (i = 0, j = 0, k = 0; i < blen; i++) { chunk->buf->array[cidx++] = buf->array[k++]; if (cidx == CLEN_BYTES) { uint16_t clen = ntohs(*((uint16_t *)chunk->buf->array)); brealloc(chunk->buf, clen + AUTH_BYTES, capacity); chunk->len = clen; } if (cidx == chunk->len + AUTH_BYTES) { // Compare hash uint8_t hash[ONETIMEAUTH_BYTES * 2]; uint8_t key[MAX_IV_LENGTH + sizeof(uint32_t)]; uint32_t c = htonl(chunk->counter); memcpy(key, ctx->evp.iv, enc_iv_len); memcpy(key + enc_iv_len, &c, sizeof(uint32_t)); #if defined(USE_CRYPTO_OPENSSL) HMAC(EVP_sha1(), key, enc_iv_len + sizeof(uint32_t), (uint8_t *)chunk->buf->array + AUTH_BYTES, chunk->len, hash, NULL); #elif defined(USE_CRYPTO_MBEDTLS) mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), key, enc_iv_len + sizeof(uint32_t), (uint8_t *)chunk->buf->array + AUTH_BYTES, chunk->len, hash); #else sha1_hmac(key, enc_iv_len + sizeof(uint32_t), (uint8_t *)chunk->buf->array + AUTH_BYTES, chunk->len, hash); #endif if (safe_memcmp(hash, chunk->buf->array + CLEN_BYTES, ONETIMEAUTH_BYTES) != 0) { return 0; } // Copy chunk back to buffer memmove(buf->array + j + chunk->len, buf->array + k, blen - i - 1); memcpy(buf->array + j, chunk->buf->array + AUTH_BYTES, chunk->len); // Reset the base offset j += chunk->len; k = j; cidx = 0; chunk->counter++; } } buf->len = j; chunk->idx = cidx; return 1; }
/* * Checkup routine for HMAC_DRBG with SHA-1 */ int mbedtls_hmac_drbg_self_test( int verbose ) { mbedtls_hmac_drbg_context ctx; unsigned char buf[OUTPUT_LEN]; const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); mbedtls_hmac_drbg_init( &ctx ); /* * PR = True */ if( verbose != 0 ) mbedtls_printf( " HMAC_DRBG (PR = True) : " ); test_offset = 0; CHK( mbedtls_hmac_drbg_seed( &ctx, md_info, hmac_drbg_self_test_entropy, (void *) entropy_pr, NULL, 0 ) ); mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON ); CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); CHK( memcmp( buf, result_pr, OUTPUT_LEN ) ); mbedtls_hmac_drbg_free( &ctx ); mbedtls_hmac_drbg_free( &ctx ); if( verbose != 0 ) mbedtls_printf( "passed\n" ); /* * PR = False */ if( verbose != 0 ) mbedtls_printf( " HMAC_DRBG (PR = False) : " ); mbedtls_hmac_drbg_init( &ctx ); test_offset = 0; CHK( mbedtls_hmac_drbg_seed( &ctx, md_info, hmac_drbg_self_test_entropy, (void *) entropy_nopr, NULL, 0 ) ); CHK( mbedtls_hmac_drbg_reseed( &ctx, NULL, 0 ) ); CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); CHK( memcmp( buf, result_nopr, OUTPUT_LEN ) ); mbedtls_hmac_drbg_free( &ctx ); mbedtls_hmac_drbg_free( &ctx ); if( verbose != 0 ) mbedtls_printf( "passed\n" ); if( verbose != 0 ) mbedtls_printf( "\n" ); return( 0 ); }
Digest::Digest(mbedtls_md_type_t algo, const char *key, int32_t sz) { m_bMac = true; m_iAlgo = algo; mbedtls_md_init(&m_ctx); mbedtls_md_setup(&m_ctx, mbedtls_md_info_from_type(algo), 1); mbedtls_md_hmac_starts(&m_ctx, (unsigned char *)key, sz); }
// ESP32 SHA256 void SHA256(uint8_t *dest, const uint8_t *data, size_t dataLength) { mbedtls_md_context_t ctx; mbedtls_md_init(&ctx); mbedtls_md_setup(&ctx, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 0); mbedtls_md_starts(&ctx); mbedtls_md_update(&ctx, (const unsigned char *)data, dataLength); mbedtls_md_finish(&ctx, dest); }
Digest::Digest(mbedtls_md_type_t algo) { m_bMac = false; m_iAlgo = algo; mbedtls_md_init(&m_ctx); mbedtls_md_setup(&m_ctx, mbedtls_md_info_from_type(algo), 0); mbedtls_md_starts(&m_ctx); }
/*JSON{ "type" : "staticmethod", "class" : "crypto", "name" : "PBKDF2", "generate" : "jswrap_crypto_PBKDF2", "params" : [ ["passphrase","JsVar","Passphrase"], ["salt","JsVar","Salt for turning passphrase into a key"], ["options","JsVar","Object of Options, `{ keySize: 8 (in 32 bit words), iterations: 10, hasher: 'SHA1'/'SHA224'/'SHA256'/'SHA384'/'SHA512' }`"] ], "return" : ["JsVar","Returns an ArrayBuffer"], "return_object" : "ArrayBuffer", "ifdef" : "USE_TLS" } Password-Based Key Derivation Function 2 algorithm, using SHA512 */ JsVar *jswrap_crypto_PBKDF2(JsVar *passphrase, JsVar *salt, JsVar *options) { int iterations = 1; int keySize = 128/32; mbedtls_md_type_t hasher = MBEDTLS_MD_SHA1; if (jsvIsObject(options)) { keySize = jsvGetIntegerAndUnLock(jsvObjectGetChild(options, "keySize", 0)); if (keySize<=0) keySize=128/32; iterations = jsvGetIntegerAndUnLock(jsvObjectGetChild(options, "iterations", 0)); if (iterations<1) iterations = 1; JsVar *hashVar = jsvObjectGetChild(options, "hasher", 0); if (!jsvIsUndefined(hashVar)) hasher = jswrap_crypto_getHasher(hashVar); jsvUnLock(hashVar); } else if (!jsvIsUndefined(options)) jsError("Options should be an object or undefined, got %t", options); if (hasher == MBEDTLS_MD_NONE) return 0; // already shown an error JSV_GET_AS_CHAR_ARRAY(passPtr, passLen, passphrase); if (!passPtr) return 0; JSV_GET_AS_CHAR_ARRAY(saltPtr, saltLen, salt); if (!saltPtr) return 0; int err; mbedtls_md_context_t ctx; mbedtls_md_init( &ctx ); err = mbedtls_md_setup( &ctx, mbedtls_md_info_from_type( hasher ), 1 ); assert(err==0); char *keyPtr = 0; JsVar *keyArr = jsvNewArrayBufferWithPtr((unsigned)keySize*4, &keyPtr); if (!keyPtr) { jsError("Not enough memory for result"); return 0; } err = mbedtls_pkcs5_pbkdf2_hmac( &ctx, (unsigned char*)passPtr, passLen, (unsigned char*)saltPtr, saltLen, (unsigned)iterations, (unsigned)keySize*4, (unsigned char*)keyPtr ); mbedtls_md_free( &ctx ); if (!err) { return keyArr; } else { jswrap_crypto_error(err); jsvUnLock(keyArr); return 0; } }
void calculate_ciphertext_hmac(const unsigned char *ciphertext, const unsigned char *hmac_key, unsigned char *hmac) { #ifdef USE_MBEDTLS mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), hmac_key, 40, ciphertext, 128, hmac); #else sha1_hmac(hmac_key, 40, ciphertext, 128, hmac); #endif }
/* * Helper for writing signature algorithms */ int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, const void *sig_opts ) { int ret; char *p = buf; size_t n = size; const char *desc = NULL; ret = mbedtls_oid_get_sig_alg_desc( sig_oid, &desc ); if( ret != 0 ) ret = mbedtls_snprintf( p, n, "???" ); else ret = mbedtls_snprintf( p, n, "%s", desc ); MBEDTLS_X509_SAFE_SNPRINTF; #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) if( pk_alg == MBEDTLS_PK_RSASSA_PSS ) { const mbedtls_pk_rsassa_pss_options *pss_opts; const mbedtls_md_info_t *md_info, *mgf_md_info; pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts; md_info = mbedtls_md_info_from_type( md_alg ); mgf_md_info = mbedtls_md_info_from_type( pss_opts->mgf1_hash_id ); ret = mbedtls_snprintf( p, n, " (%s, MGF1-%s, 0x%02X)", md_info ? mbedtls_md_get_name( md_info ) : "???", mgf_md_info ? mbedtls_md_get_name( mgf_md_info ) : "???", pss_opts->expected_salt_len ); MBEDTLS_X509_SAFE_SNPRINTF; } #else ((void) pk_alg); ((void) md_alg); ((void) sig_opts); #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ return( (int)( size - n ) ); }
bool ECDSA_Verify(COSE * pSigner, int index, const cn_cbor * pKey, int cbitDigest, const byte * rgbToSign, size_t cbToSign, cose_errback * perr) { mbedtls_ecp_keypair keypair; mbedtls_mpi r; mbedtls_mpi s; mbedtls_md_type_t mdType; const mbedtls_md_info_t *pmdInfo; byte rgbDigest[MBEDTLS_MD_MAX_SIZE]; cn_cbor * pSig; bool result = false; mbedtls_ecp_keypair_init(&keypair); mbedtls_mpi_init(&r); mbedtls_mpi_init(&s); if(!ECKey_From(pKey, &keypair, perr)) goto errorReturn; switch(cbitDigest) { case 256: mdType = MBEDTLS_MD_SHA256; break; case 384: mdType = MBEDTLS_MD_SHA384; break; case 512: mdType = MBEDTLS_MD_SHA512; break; default: FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER); } pmdInfo = mbedtls_md_info_from_type(mdType); CHECK_CONDITION(pmdInfo != NULL, COSE_ERR_INVALID_PARAMETER); CHECK_CONDITION(mbedtls_md(pmdInfo, rgbToSign, cbToSign, rgbDigest) == 0, COSE_ERR_INVALID_PARAMETER); pSig = _COSE_arrayget_int(pSigner, index); CHECK_CONDITION((pSig != NULL) && (pSig->type == CN_CBOR_BYTES), COSE_ERR_INVALID_PARAMETER); CHECK_CONDITION(mbedtls_mpi_read_binary( &r, pSig->v.bytes, pSig->length / 2 ) == 0, COSE_ERR_OUT_OF_MEMORY); CHECK_CONDITION(mbedtls_mpi_read_binary( &s, pSig->v.bytes + pSig->length / 2, pSig->length / 2 ) == 0, COSE_ERR_OUT_OF_MEMORY); CHECK_CONDITION(mbedtls_ecdsa_verify(&keypair.grp, rgbDigest, mbedtls_md_get_size(pmdInfo), &keypair.Q, &r, &s) == 0, COSE_ERR_CRYPTO_FAIL); result = true; errorReturn: mbedtls_mpi_free(&r); mbedtls_mpi_free(&s); mbedtls_ecp_keypair_free(&keypair); return result; }
void evp(int nid, unsigned char *digest, int len, unsigned char *hash, unsigned int *hlen) { mbedtls_md_type_t algo = nid_to_md_algo(nid); const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(algo); if (md_info != NULL) { *hlen = mbedtls_md_get_size(md_info); mbedtls_md(md_info, digest, len, hash); } }
/* * Helper for mbedtls_pk_sign and mbedtls_pk_verify */ static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len ) { const mbedtls_md_info_t *md_info; if( *hash_len != 0 ) return( 0 ); if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL ) return( -1 ); *hash_len = mbedtls_md_get_size( md_info ); return( 0 ); }
int mbedtls_pkcs5_self_test( int verbose ) { mbedtls_md_context_t sha1_ctx; const mbedtls_md_info_t *info_sha1; int ret, i; unsigned char key[64]; mbedtls_md_init( &sha1_ctx ); info_sha1 = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); if( info_sha1 == NULL ) { ret = 1; goto exit; } if( ( ret = mbedtls_md_setup( &sha1_ctx, info_sha1, 1 ) ) != 0 ) { ret = 1; goto exit; } for( i = 0; i < MAX_TESTS; i++ ) { if( verbose != 0 ) mbedtls_printf( " PBKDF2 (SHA1) #%d: ", i ); ret = mbedtls_pkcs5_pbkdf2_hmac( &sha1_ctx, password[i], plen[i], salt[i], slen[i], it_cnt[i], key_len[i], key ); if( ret != 0 || memcmp( result_key[i], key, key_len[i] ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); ret = 1; goto exit; } if( verbose != 0 ) mbedtls_printf( "passed\n" ); } if( verbose != 0 ) mbedtls_printf( "\n" ); exit: mbedtls_md_free( &sha1_ctx ); return( ret ); }