コード例 #1
0
ファイル: hmac.c プロジェクト: AndresPozo/PCL
/*
 * hmacResult
 *
 * Description:
 *   This function will return the N-byte message digest into the
 *   Message_Digest array provided by the caller.
 *
 * Parameters:
 *   context: [in/out]
 *     The context to use to calculate the HMAC hash.
 *   digest[ ]: [out]
 *     Where the digest is returned.
 *     NOTE 2: The length of the hash is determined by the value of
 *      whichSha that was passed to hmacReset().
 *
 * Returns:
 *   sha Error Code.
 *
 */
int hmacResult(HMACContext *context, uint8_t *digest)
{
  int ret;
  if (!context) return shaNull;
  if (context->Corrupted) return context->Corrupted;
  if (context->Computed) return context->Corrupted = shaStateError;

  /* finish up 1st pass */
  /* (Use digest here as a temporary buffer.) */
  ret =
    USHAResult(&context->shaContext, digest) ||

         /* perform outer SHA */
         /* init context for 2nd pass */
         USHAReset(&context->shaContext, context->whichSha) ||

         /* start with outer pad */
         USHAInput(&context->shaContext, context->k_opad,
                   context->blockSize) ||

         /* then results of 1st hash */
         USHAInput(&context->shaContext, digest, context->hashSize) ||
         /* finish up 2nd pass */
         USHAResult(&context->shaContext, digest);

  context->Computed = 1;
  return context->Corrupted = ret;
}
コード例 #2
0
/*
* HMACResult
*
* Description:
*   This function will return the N-byte message digest into the
*   Message_Digest array provided by the caller.
*   NOTE: The first octet of hash is stored in the 0th element,
*      the last octet of hash in the Nth element.
*
* Parameters:
*   context: [in/out]
*     The context to use to calculate the HMAC hash.
*   digest: [out]
*     Where the digest is returned.
*   NOTE 2: The length of the hash is determined by the value of
*      whichSha that was passed to hmacReset().
*
* Returns:
*   sha Error Code.
*
*/
int hmacResult(HMACContext *ctx, uint8_t *digest)
{
    if (!ctx) return shaNull;

    /* finish up 1st pass */
    /* (Use digest here as a temporary buffer.) */
    return USHAResult(&ctx->shaContext, digest) ||

        /* perform outer SHA */
        /* init context for 2nd pass */
        USHAReset(&ctx->shaContext, (SHAversion)ctx->whichSha) ||

        /* start with outer pad */
        USHAInput(&ctx->shaContext, ctx->k_opad, ctx->blockSize) ||

        /* then results of 1st hash */
        USHAInput(&ctx->shaContext, digest, ctx->hashSize) ||

        /* finish up 2nd pass */
        USHAResult(&ctx->shaContext, digest);
}
コード例 #3
0
TSS_RESULT LIBTPMCALL TCS_Seal(
                           UINT32         locality, 
                           TPM_KEY_HANDLE hParent,
                           TPM_AUTHDATA * parentAuth,
                           TPM_ENCAUTH *  encDataAuth,
                           UINT32         pcrInfoSize,
		                     BYTE *         pcrInfo,
                           UINT32         dataSize,
                           BYTE *         data,
                           TPM_AUTH *     auth,
                           UINT32 *       sealedDataSize,
                           BYTE **        sealedData) {
   UINT64 			 	offset = 0;
	TSS_RESULT 	 		result;
	UINT32 		 		paramSize;
	BYTE 		 			txBlob[TSS_TPM_TXBLOB_SIZE];
	TPM_COMMAND_CODE 	ordinal = TPM_ORD_Seal;
	BYTE 		 			bigendian_ordinal[sizeof(ordinal)];
	BYTE 		 			bigendian_pcrInfoSize[sizeof(pcrInfoSize)];
	BYTE 		 			bigendian_dataSize[sizeof(dataSize)];
	TPM_NONCE 	 		h1;
	TPM_NONCE 	 		h1Check;
	struct USHAContext ctx_sha1;
	
	if(LIBTPM_IsInit() == false) {
      LOGERROR("libtpm not initialized");
      return TCSERR(TSS_E_INTERNAL_ERROR);
   }

	LOGDEBUG("Entering TCS_Seal");

   // Generate H1
	USHAReset(&ctx_sha1, SHA1);
	UINT32ToArray(ordinal, bigendian_ordinal);
	UINT32ToArray(pcrInfoSize, bigendian_pcrInfoSize);
	UINT32ToArray(dataSize, bigendian_dataSize);
	USHAInput(&ctx_sha1, bigendian_ordinal, sizeof(bigendian_ordinal));
	USHAInput(&ctx_sha1, encDataAuth->authdata, sizeof(encDataAuth->authdata));
	USHAInput(&ctx_sha1, bigendian_pcrInfoSize, sizeof(bigendian_pcrInfoSize));
	USHAInput(&ctx_sha1, pcrInfo, pcrInfoSize);
	USHAInput(&ctx_sha1, bigendian_dataSize, sizeof(bigendian_dataSize));
	USHAInput(&ctx_sha1, data, dataSize);
	USHAResult(&ctx_sha1, (uint8_t *) &h1);
	memset(&ctx_sha1, 0, sizeof(ctx_sha1));
	
	// Compute AUTH
	result = tcs_compute_auth(locality, auth, &h1, parentAuth);
	if(result) {
		return result;
	}
	
	// Communication with TPM
	result = tpm_rqu_build(TPM_ORD_Seal, &offset, txBlob, hParent, encDataAuth->authdata, pcrInfoSize, pcrInfo, dataSize, data, auth);
	if(result) {
		LOGDEBUG("tpm_rqu_build returns %x", result);
		return result;
	}
				    
	UnloadBlob_Header(txBlob, &paramSize);
	result = tpm_io(locality, txBlob, paramSize, txBlob, sizeof(txBlob));
	if(result) {
	   result = TDDLERR(result);
		LOGERROR("tpm_io returns %x", result);
		return result;
	}
	
	result = UnloadBlob_Header(txBlob, &paramSize);
	if (! result) {
		result = tpm_rsp_parse(TPM_ORD_Seal, txBlob, paramSize, sealedDataSize, sealedData, auth);
	}
	
	if(! result) {
		// Check auth value
		USHAReset(&ctx_sha1, SHA1);
		USHAInput(&ctx_sha1, (uint8_t *) &result, sizeof(TPM_RESULT));
		USHAInput(&ctx_sha1, bigendian_ordinal, sizeof(bigendian_ordinal));
		USHAInput(&ctx_sha1, *sealedData, *sealedDataSize);
		USHAResult(&ctx_sha1, (uint8_t *) &h1Check);
		memset(&ctx_sha1, 0, sizeof(ctx_sha1));
		
		result = tcs_check_auth(auth, &h1Check, parentAuth);
		if(result) {
		   free(*sealedData);
		   *sealedData = 0;
		}
	}

	LOGDEBUG("Exiting TCS_Seal : %x", result);

	return result;
}
コード例 #4
0
/*
*  hmacReset
*
*  Description:
*      This function will initialize the hmacContext in preparation
*      for computing a new HMAC message digest.
*
*  Parameters:
*      context: [in/out]
*          The context to reset.
*      whichSha: [in]
*          One of SHA1, SHA224, SHA256, SHA384, SHA512
*      key: [in]
*          The secret shared key.
*      key_len: [in]
*          The length of the secret shared key.
*
*  Returns:
*      sha Error Code.
*
*/
int hmacReset(HMACContext *ctx, enum SHAversion whichSha,
    const unsigned char *key, int key_len)
{
    int i, blocksize, hashsize;

    /* inner padding - key XORd with ipad */
    unsigned char k_ipad[USHA_Max_Message_Block_Size];

    /* temporary buffer when keylen > blocksize */
    unsigned char tempkey[USHAMaxHashSize];

    if (!ctx) return shaNull;

    blocksize = ctx->blockSize = USHABlockSize(whichSha);
    hashsize = ctx->hashSize = USHAHashSize(whichSha);

    ctx->whichSha = whichSha;

    /*
    * If key is longer than the hash blocksize,
    * reset it to key = HASH(key).
    */
    if (key_len > blocksize) {
        USHAContext tctx;
        int err = USHAReset(&tctx, whichSha) ||
            USHAInput(&tctx, key, key_len) ||
            USHAResult(&tctx, tempkey);
        if (err != shaSuccess) return err;

        key = tempkey;
        key_len = hashsize;
    }

    /*
    * The HMAC transform looks like:
    *
    * SHA(K XOR opad, SHA(K XOR ipad, text))
    *
    * where K is an n byte key.
    * ipad is the byte 0x36 repeated blocksize times
    * opad is the byte 0x5c repeated blocksize times
    * and text is the data being protected.
    */

    /* store key into the pads, XOR'd with ipad and opad values */
    for (i = 0; i < key_len; i++) {
        k_ipad[i] = key[i] ^ 0x36;
        ctx->k_opad[i] = key[i] ^ 0x5c;
    }
    /* remaining pad bytes are '\0' XOR'd with ipad and opad values */
    for (; i < blocksize; i++) {
        k_ipad[i] = 0x36;
        ctx->k_opad[i] = 0x5c;
    }

    /* perform inner hash */
    /* init context for 1st pass */
    return USHAReset(&ctx->shaContext, whichSha) ||
        /* and start with inner pad */
        USHAInput(&ctx->shaContext, k_ipad, blocksize);
}