static void _sol_message_digest_hmac_reset(struct sol_message_digest *handle) { HMAC_CTX *ctx = sol_message_digest_common_get_context(handle); HMAC_CTX_reset(ctx); }
/** Completes computation of the HMAC-SHA256 digest value. This function completes HMAC-SHA256 hash computation and retrieves the digest value into the specified memory. After this function has been called, the HMAC-SHA256 context cannot be used again. HMAC-SHA256 context should be already correctly initialized by HmacSha256Init(), and should not be finalized by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is undefined. If HmacSha256Context is NULL, then return FALSE. If HmacValue is NULL, then return FALSE. @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA256 digest value (32 bytes). @retval TRUE HMAC-SHA256 digest computation succeeded. @retval FALSE HMAC-SHA256 digest computation failed. **/ BOOLEAN EFIAPI HmacSha256Final ( IN OUT VOID *HmacSha256Context, OUT UINT8 *HmacValue ) { UINT32 Length; // // Check input parameters. // if (HmacSha256Context == NULL || HmacValue == NULL) { return FALSE; } // // OpenSSL HMAC-SHA256 digest finalization // if (HMAC_Final ((HMAC_CTX *)HmacSha256Context, HmacValue, &Length) != 1) { return FALSE; } if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha256Context) != 1) { return FALSE; } return TRUE; }
/** Initializes user-supplied memory pointed by HmacSha256Context as HMAC-SHA256 context for subsequent use. If HmacSha256Context is NULL, then return FALSE. @param[out] HmacSha256Context Pointer to HMAC-SHA256 context being initialized. @param[in] Key Pointer to the user-supplied key. @param[in] KeySize Key size in bytes. @retval TRUE HMAC-SHA256 context initialization succeeded. @retval FALSE HMAC-SHA256 context initialization failed. **/ BOOLEAN EFIAPI HmacSha256Init ( OUT VOID *HmacSha256Context, IN CONST UINT8 *Key, IN UINTN KeySize ) { // // Check input parameters. // if (HmacSha256Context == NULL || KeySize > INT_MAX) { return FALSE; } // // OpenSSL HMAC-SHA256 Context Initialization // memset(HmacSha256Context, 0, HMAC_SHA256_CTX_SIZE); if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha256Context) != 1) { return FALSE; } if (HMAC_Init_ex ((HMAC_CTX *)HmacSha256Context, Key, (UINT32) KeySize, EVP_sha256(), NULL) != 1) { return FALSE; } return TRUE; }
HMAC_CTX *HMAC_CTX_new(void) { HMAC_CTX *ctx = (HMAC_CTX *)OPENSSL_zalloc(sizeof(HMAC_CTX)); if (ctx) if (!HMAC_CTX_reset(ctx)) { HMAC_CTX_free(ctx); ctx = NULL; } return ctx; }
void tsig_hmac_reset(tsig_hmac_t t) { HMAC_CTX *hmac = (HMAC_CTX*)t; #if SSL_API_LT_110 HMAC_CTX_cleanup(hmac); HMAC_CTX_init(hmac); #else HMAC_CTX_reset(hmac); #endif }
void hmac_final(HMACCTX ctx, unsigned char *hashmacbuf, unsigned int *len) { HMAC_Final(ctx,hashmacbuf,len); #ifndef OLD_CRYPTO HMAC_CTX_reset(ctx); #else HMAC_cleanup(ctx); #endif SAFE_FREE(ctx); }
void hmac_ctx_init(HMAC_CTX *ctx, const uint8_t *key, int key_len, const EVP_MD *kt) { ASSERT(NULL != kt && NULL != ctx); HMAC_CTX_reset(ctx); HMAC_Init_ex(ctx, key, key_len, kt, NULL); /* make sure we used a big enough key */ ASSERT(HMAC_size(ctx) <= key_len); }
HMAC_CTX *HMAC_CTX_new(void) { HMAC_CTX *ctx = OPENSSL_zalloc(sizeof(HMAC_CTX)); if (ctx != NULL) { if (!HMAC_CTX_reset(ctx)) { HMAC_CTX_free(ctx); return NULL; } } return ctx; }
int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx) { if (!HMAC_CTX_reset(dctx)) goto err; if (!EVP_MD_CTX_copy_ex(dctx->i_ctx, sctx->i_ctx)) goto err; if (!EVP_MD_CTX_copy_ex(dctx->o_ctx, sctx->o_ctx)) goto err; if (!EVP_MD_CTX_copy_ex(dctx->md_ctx, sctx->md_ctx)) goto err; memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK); dctx->key_length = sctx->key_length; dctx->md = sctx->md; return 1; err: hmac_ctx_cleanup(dctx); return 0; }
/* a counter-based KDF based on NIST SP800-108 */ static void eap_pwd_kdf(uint8_t *key, int keylen, char const *label, int label_len, uint8_t *retult, int retult_bit_len) { HMAC_CTX *hmac_ctx; uint8_t digest[SHA256_DIGEST_LENGTH]; uint16_t i, ctr, L; int retult_byte_len, len = 0; unsigned int mdlen = SHA256_DIGEST_LENGTH; uint8_t mask = 0xff; MEM(hmac_ctx = HMAC_CTX_new()); retult_byte_len = (retult_bit_len + 7) / 8; ctr = 0; L = htons(retult_bit_len); while (len < retult_byte_len) { ctr++; i = htons(ctr); HMAC_Init_ex(hmac_ctx, key, keylen, EVP_sha256(), NULL); if (ctr > 1) HMAC_Update(hmac_ctx, digest, mdlen); HMAC_Update(hmac_ctx, (uint8_t *) &i, sizeof(uint16_t)); HMAC_Update(hmac_ctx, (uint8_t const *)label, label_len); HMAC_Update(hmac_ctx, (uint8_t *) &L, sizeof(uint16_t)); HMAC_Final(hmac_ctx, digest, &mdlen); if ((len + (int) mdlen) > retult_byte_len) { memcpy(retult + len, digest, retult_byte_len - len); } else { memcpy(retult + len, digest, mdlen); } len += mdlen; HMAC_CTX_reset(hmac_ctx); } /* since we're expanding to a bit length, mask off the excess */ if (retult_bit_len % 8) { mask <<= (8 - (retult_bit_len % 8)); retult[retult_byte_len - 1] &= mask; } HMAC_CTX_free(hmac_ctx); }
/** Calculate HMAC using OpenSSL's MD5 implementation * * @param digest Caller digest to be filled in. * @param in Pointer to data stream. * @param inlen length of data stream. * @param key Pointer to authentication key. * @param key_len Length of authentication key. * */ void fr_hmac_md5(uint8_t digest[MD5_DIGEST_LENGTH], uint8_t const *in, size_t inlen, uint8_t const *key, size_t key_len) { HMAC_CTX *ctx; if (unlikely(!md5_hmac_ctx)) { ctx = HMAC_CTX_new(); if (unlikely(!ctx)) return; fr_thread_local_set_destructor(md5_hmac_ctx, _hmac_md5_ctx_free_on_exit, ctx); } else { ctx = md5_hmac_ctx; } #ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW /* Since MD5 is not allowed by FIPS, explicitly allow it. */ HMAC_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); #endif /* EVP_MD_CTX_FLAG_NON_FIPS_ALLOW */ HMAC_Init_ex(ctx, key, key_len, EVP_md5(), NULL); HMAC_Update(ctx, in, inlen); HMAC_Final(ctx, digest, NULL); HMAC_CTX_reset(ctx); }
HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type) { HMACCTX ctx = NULL; ctx = HMAC_CTX_new(); if (ctx == NULL) { return NULL; } #ifndef OLD_CRYPTO HMAC_CTX_reset(ctx); // openssl 0.9.7 requires it. #endif switch(type) { case SSH_HMAC_SHA1: HMAC_Init_ex(ctx, key, len, EVP_sha1(), NULL); break; case SSH_HMAC_SHA256: HMAC_Init_ex(ctx, key, len, EVP_sha256(), NULL); break; case SSH_HMAC_SHA384: HMAC_Init_ex(ctx, key, len, EVP_sha384(), NULL); break; case SSH_HMAC_SHA512: HMAC_Init_ex(ctx, key, len, EVP_sha512(), NULL); break; case SSH_HMAC_MD5: HMAC_Init_ex(ctx, key, len, EVP_md5(), NULL); break; default: HMAC_CTX_free(ctx); SAFE_FREE(ctx); ctx = NULL; } return ctx; }
int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md) { if (key && md) HMAC_CTX_reset(ctx); return HMAC_Init_ex(ctx, key, len, md, NULL); }
int main(int argc, char *argv[]) { # ifndef OPENSSL_NO_MD5 int i; char *p; # endif int err = 0; HMAC_CTX *ctx = NULL, *ctx2 = NULL; unsigned char buf[EVP_MAX_MD_SIZE]; unsigned int len; # ifdef OPENSSL_NO_MD5 printf("test skipped: MD5 disabled\n"); # else # ifdef CHARSET_EBCDIC ebcdic2ascii(test[0].data, test[0].data, test[0].data_len); ebcdic2ascii(test[1].data, test[1].data, test[1].data_len); ebcdic2ascii(test[2].key, test[2].key, test[2].key_len); ebcdic2ascii(test[2].data, test[2].data, test[2].data_len); # endif for (i = 0; i < 4; i++) { p = pt(HMAC(EVP_md5(), test[i].key, test[i].key_len, test[i].data, test[i].data_len, NULL, NULL), MD5_DIGEST_LENGTH); if (strcmp(p, (char *)test[i].digest) != 0) { printf("Error calculating HMAC on %d entry'\n", i); printf("got %s instead of %s\n", p, test[i].digest); err++; } else printf("test %d ok\n", i); } # endif /* OPENSSL_NO_MD5 */ /* test4 */ ctx = HMAC_CTX_new(); if (ctx == NULL) { printf("HMAC malloc failure (test 4)\n"); err++; goto end; } if (HMAC_CTX_get_md(ctx) != NULL) { printf("Message digest not NULL for HMAC (test 4)\n"); err++; goto test5; } if (HMAC_Init_ex(ctx, NULL, 0, NULL, NULL)) { printf("Should fail to initialise HMAC with empty MD and key (test 4)\n"); err++; goto test5; } if (HMAC_Update(ctx, test[4].data, test[4].data_len)) { printf("Should fail HMAC_Update with ctx not set up (test 4)\n"); err++; goto test5; } if (HMAC_Init_ex(ctx, NULL, 0, EVP_sha1(), NULL)) { printf("Should fail to initialise HMAC with empty key (test 4)\n"); err++; goto test5; } if (HMAC_Update(ctx, test[4].data, test[4].data_len)) { printf("Should fail HMAC_Update with ctx not set up (test 4)\n"); err++; goto test5; } printf("test 4 ok\n"); test5: /* Test 5 has empty key; test that single-shot accepts a NULL key. */ p = pt(HMAC(EVP_sha1(), NULL, 0, test[4].data, test[4].data_len, NULL, NULL), SHA_DIGEST_LENGTH); if (strcmp(p, (char *)test[4].digest) != 0) { printf("Error calculating HMAC on %d entry'\n", i); printf("got %s instead of %s\n", p, test[4].digest); err++; } HMAC_CTX_reset(ctx); if (HMAC_CTX_get_md(ctx) != NULL) { printf("Message digest not NULL for HMAC (test 5)\n"); err++; goto test6; } if (HMAC_Init_ex(ctx, test[4].key, test[4].key_len, NULL, NULL)) { printf("Should fail to initialise HMAC with empty MD (test 5)\n"); err++; goto test6; } if (HMAC_Update(ctx, test[4].data, test[4].data_len)) { printf("Should fail HMAC_Update with ctx not set up (test 5)\n"); err++; goto test6; } if (HMAC_Init_ex(ctx, test[4].key, -1, EVP_sha1(), NULL)) { printf("Should fail to initialise HMAC with invalid key len(test 5)\n"); err++; goto test6; } if (!HMAC_Init_ex(ctx, test[4].key, test[4].key_len, EVP_sha1(), NULL)) { printf("Failed to initialise HMAC (test 5)\n"); err++; goto test6; } if (!HMAC_Update(ctx, test[4].data, test[4].data_len)) { printf("Error updating HMAC with data (test 5)\n"); err++; goto test6; } if (!HMAC_Final(ctx, buf, &len)) { printf("Error finalising data (test 5)\n"); err++; goto test6; } p = pt(buf, len); if (strcmp(p, (char *)test[4].digest) != 0) { printf("Error calculating interim HMAC on test 5\n"); printf("got %s instead of %s\n", p, test[4].digest); err++; goto test6; } if (HMAC_Init_ex(ctx, NULL, 0, EVP_sha256(), NULL)) { printf("Should disallow changing MD without a new key (test 5)\n"); err++; goto test6; } if (!HMAC_Init_ex(ctx, test[5].key, test[5].key_len, EVP_sha256(), NULL)) { printf("Failed to reinitialise HMAC (test 5)\n"); err++; goto test6; } if (HMAC_CTX_get_md(ctx) != EVP_sha256()) { printf("Unexpected message digest for HMAC (test 5)\n"); err++; goto test6; } if (!HMAC_Update(ctx, test[5].data, test[5].data_len)) { printf("Error updating HMAC with data (sha256) (test 5)\n"); err++; goto test6; } if (!HMAC_Final(ctx, buf, &len)) { printf("Error finalising data (sha256) (test 5)\n"); err++; goto test6; } p = pt(buf, len); if (strcmp(p, (char *)test[5].digest) != 0) { printf("Error calculating 2nd interim HMAC on test 5\n"); printf("got %s instead of %s\n", p, test[5].digest); err++; goto test6; } if (!HMAC_Init_ex(ctx, test[6].key, test[6].key_len, NULL, NULL)) { printf("Failed to reinitialise HMAC with key (test 5)\n"); err++; goto test6; } if (!HMAC_Update(ctx, test[6].data, test[6].data_len)) { printf("Error updating HMAC with data (new key) (test 5)\n"); err++; goto test6; } if (!HMAC_Final(ctx, buf, &len)) { printf("Error finalising data (new key) (test 5)\n"); err++; goto test6; } p = pt(buf, len); if (strcmp(p, (char *)test[6].digest) != 0) { printf("error calculating HMAC on test 5\n"); printf("got %s instead of %s\n", p, test[6].digest); err++; } else { printf("test 5 ok\n"); } test6: HMAC_CTX_reset(ctx); ctx2 = HMAC_CTX_new(); if (ctx2 == NULL) { printf("HMAC malloc failure (test 6)\n"); err++; goto end; } if (!HMAC_Init_ex(ctx, test[7].key, test[7].key_len, EVP_sha1(), NULL)) { printf("Failed to initialise HMAC (test 6)\n"); err++; goto end; } if (!HMAC_Update(ctx, test[7].data, test[7].data_len)) { printf("Error updating HMAC with data (test 6)\n"); err++; goto end; } if (!HMAC_CTX_copy(ctx2, ctx)) { printf("Failed to copy HMAC_CTX (test 6)\n"); err++; goto end; } if (!HMAC_Final(ctx2, buf, &len)) { printf("Error finalising data (test 6)\n"); err++; goto end; } p = pt(buf, len); if (strcmp(p, (char *)test[7].digest) != 0) { printf("Error calculating HMAC on test 6\n"); printf("got %s instead of %s\n", p, test[7].digest); err++; } else { printf("test 6 ok\n"); } end: HMAC_CTX_free(ctx2); HMAC_CTX_free(ctx); EXIT(err); }
void hmac_ctx_cleanup(HMAC_CTX *ctx) { HMAC_CTX_reset(ctx); }
/* The random function H(x) = HMAC-SHA256(0^32, x) */ static void pwd_hmac_final(HMAC_CTX *hmac_ctx, uint8_t *digest) { unsigned int mdlen = SHA256_DIGEST_LENGTH; HMAC_Final(hmac_ctx, digest, &mdlen); HMAC_CTX_reset(hmac_ctx); }