Exemplo n.º 1
1
int main(int argc, char *argv[]) {
    if(argc != 2) {
        printf("Usage: ./test_app <file_name>\n");
        return -1;
    }

    ENGINE *e = load_engine(ENGINE_MODULE, "test_engine");
    if(e == 0) {
        printf("Unable to load engine\n");
        return -1;
    }
    ENGINE_ctrl_cmd_string(e, "username", "user", 0);
    ENGINE_ctrl_cmd_string(e, "password", "password", 0);
    ENGINE_init(e);
    
    HMAC_CTX ctx;
    HMAC_CTX_init(&ctx);
    HMAC_Init_ex(&ctx, "test_key\0", 9, EVP_sha1(), e);

    FILE *f = fopen(argv[1], "r");
    char buf[BUF_SIZE];
    while(!feof(f)) {
        size_t ln = fread(buf, sizeof(char), BUF_SIZE, f);
        if(ln == 0) continue;
        HMAC_Update(&ctx, buf, ln);
    }
    fclose(f);
    
    unsigned int siglen;
    unsigned char md[20];
    HMAC_Final(&ctx, md, &siglen);
    ENGINE_finish(e);

    printf("HMAC-SHA1: ");
    for(size_t i = 0; i < siglen; i++) printf("%02x", md[i]);
    printf("\n");

    return 0;
}
Exemplo n.º 2
0
/* {{{ libssh2_mac_method_hmac_md5_hash
 * Calculate hash using full md5 value
 */
static int libssh2_mac_method_hmac_md5_hash(LIBSSH2_SESSION *session, unsigned char *buf, unsigned long seqno,
																	  const unsigned char *packet, unsigned long packet_len, 
																	  const unsigned char *addtl, unsigned long addtl_len, void **abstract)
{
	HMAC_CTX ctx;
	unsigned char seqno_buf[4];

	libssh2_htonu32(seqno_buf, seqno);

	HMAC_Init(&ctx, *abstract, 16, EVP_md5());
	HMAC_Update(&ctx, seqno_buf, 4);
	HMAC_Update(&ctx, packet, packet_len);
	if (addtl && addtl_len) {
		HMAC_Update(&ctx, addtl, addtl_len);
	}
	HMAC_Final(&ctx, buf, NULL);
	HMAC_cleanup(&ctx);

	return 0;
}
Exemplo n.º 3
0
unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
                    const unsigned char *d, size_t n, unsigned char *md,
                    unsigned int *md_len)
{
    HMAC_CTX c;
    static unsigned char m[EVP_MAX_MD_SIZE];

    if (md == NULL) md=m;
    HMAC_CTX_init(&c);
    if (!HMAC_Init(&c,key,key_len,evp_md))
        goto err;
    if (!HMAC_Update(&c,d,n))
        goto err;
    if (!HMAC_Final(&c,md,md_len))
        goto err;
    HMAC_CTX_cleanup(&c);
    return md;
err:
    return NULL;
}
Exemplo n.º 4
0
/* a counter-based KDF based on NIST SP800-108 */
static void eap_pwd_kdf(uint8_t *key, int keylen, char const *label,
			int label_len, uint8_t *retult, int retult_bit_len)
{
	HMAC_CTX	*hmac_ctx;
	uint8_t		digest[SHA256_DIGEST_LENGTH];
	uint16_t	i, ctr, L;
	int		retult_byte_len, len = 0;
	unsigned int	mdlen = SHA256_DIGEST_LENGTH;
	uint8_t		mask = 0xff;

	MEM(hmac_ctx = HMAC_CTX_new());
	retult_byte_len = (retult_bit_len + 7) / 8;

	ctr = 0;
	L = htons(retult_bit_len);
	while (len < retult_byte_len) {
		ctr++; i = htons(ctr);

		HMAC_Init_ex(hmac_ctx, key, keylen, EVP_sha256(), NULL);
		if (ctr > 1) HMAC_Update(hmac_ctx, digest, mdlen);
		HMAC_Update(hmac_ctx, (uint8_t *) &i, sizeof(uint16_t));
		HMAC_Update(hmac_ctx, (uint8_t const *)label, label_len);
		HMAC_Update(hmac_ctx, (uint8_t *) &L, sizeof(uint16_t));
		HMAC_Final(hmac_ctx, digest, &mdlen);
		if ((len + (int) mdlen) > retult_byte_len) {
			memcpy(retult + len, digest, retult_byte_len - len);
		} else {
			memcpy(retult + len, digest, mdlen);
		}
		len += mdlen;
		HMAC_CTX_reset(hmac_ctx);
	}

	/* since we're expanding to a bit length, mask off the excess */
	if (retult_bit_len % 8) {
		mask <<= (8 - (retult_bit_len % 8));
		retult[retult_byte_len - 1] &= mask;
	}

	HMAC_CTX_free(hmac_ctx);
}
Exemplo n.º 5
0
char * Crypto_Digest_HMAC (int count, char * algoName,
                           char * data, char * key) {

  count = count;
  HMAC_CTX ctx;
  const EVP_MD *md;
  unsigned char hmac_value [EVP_MAX_MD_SIZE];
  unsigned int hmac_len;

  OpenSSL_add_all_digests ();
  md = EVP_get_digestbyname (algoName);
  if (!md) return "";

  HMAC_CTX_init (&ctx);
  HMAC_Init_ex (&ctx, key, strlen (key), md, NULL);
  HMAC_Update (&ctx, (unsigned char *) data, strlen (data));
  HMAC_Final (&ctx, hmac_value, &hmac_len);
  HMAC_CTX_cleanup (&ctx);

  return Crypto_Digest_MakeHexDigest (hmac_value, hmac_len);;
}
Exemplo n.º 6
0
int cmeHMACFinal(HMAC_CTX **ctx, unsigned char *out, unsigned int *outl)
{
    int result;

    result=HMAC_Final(*ctx,out,outl);
    cmeFree(*ctx);
    if (result==0)  //1= success, 0=failure
    {
#ifdef ERROR_LOG
        fprintf(stderr,"CaumeDSE Error: cmeHMACFinal(), HMAC_Final() failure!\n");
#endif
        return (1);
    }
    else
    {
#ifdef DEBUG
        fprintf(stdout,"CaumeDSE Debug: cmeHMACFinal(), HMAC_Final() success.\n");
#endif
       return (0);
    }
Exemplo n.º 7
0
int hmac::digest(lua_State * L)
{
    target_type * self = lua::to<hmac>(L, 1);
    
    unsigned char * md = new unsigned char[EVP_MAX_MD_SIZE];
    unsigned int md_len = EVP_MAX_MD_SIZE;
    
    HMAC_Final(self, md, &md_len);
    
    std::size_t output_len = md_len * 2 + 1;
    char * output = new char[output_len];
    char * output_end = hex_encode(md, md + md_len, output, output + output_len);
    *output_end = '\0';
    
    lua_pushstring(L, output);
    
    delete [] md;
    delete [] output;
    
    return 1;
}
Exemplo n.º 8
0
int por_verify_block(char *filepath, size_t filepath_len, unsigned char *block, size_t block_len, unsigned int index, unsigned char *tag, size_t tag_len){
	
	HMAC_CTX ctx;
	POR_key *key = NULL;
	unsigned char digest[SHA_DIGEST_LENGTH];
	unsigned int digest_len = 0;
	int ret = 0;
	
	if(!filepath || !block || !block_len || !tag || !tag_len) return 0;
	if(filepath_len >= MAXPATHLEN) return 0;
	
	key = por_get_keys();
	if(!key) goto cleanup;
	
	HMAC_CTX_init(&ctx);
	HMAC_Init(&ctx, key->prf_key, key->prf_key_size, EVP_sha1());

	HMAC_Update(&ctx, (const unsigned char *)&index, sizeof(unsigned int));
	HMAC_Update(&ctx, (unsigned char *)filepath, (int)filepath_len);
	HMAC_Update(&ctx, block, block_len);
		
	HMAC_Final(&ctx, digest, &digest_len);
		
	HMAC_cleanup(&ctx);			

	ret = memcmp(digest, tag, tag_len);

/*	printf("Tag: ");
	printhex(tag, tag_len);
	printf("Verify: ");
	printhex(digest, digest_len);
*/
	if(key) destroy_por_key(key);

	if(ret == 0) return 1;
	
cleanup:
	return 0;
	
}
Exemplo n.º 9
0
static int
verify(const ocra_suite * ocra, const uint8_t *key, size_t key_l,
    const uint8_t *buf, size_t buf_l, const char *resp)
{
	int ret;
	unsigned int md_l = 20;
	uint8_t *md = NULL;
	char *tmp;
	HMAC_CTX *ctx = NULL;

	if (0 != (ret = hmac_new(&ctx)))
		return ret;

	if (NULL == ((md = (uint8_t *)malloc(mdlen(ocra->hotp_alg)))))
		return RFC6287_ERR_POSIX;

	if ((1 != HMAC_Init_ex(ctx, key, key_l, evp_md(ocra->hotp_alg), NULL)) ||
	    (1 != HMAC_Update(ctx, buf, (int)buf_l)) ||
	    (1 != HMAC_Final(ctx, md, &md_l)) ||
	    (md_l != mdlen(ocra->hotp_alg))) {
		hmac_destroy(ctx);
		free(md);
		return RFC6287_ERR_OPENSSL;
	}
	hmac_destroy(ctx);
	if (ocra->hotp_trunc) {
		ret = truncate_md(md, md_l, ocra->hotp_trunc, &tmp);
		free(md);
		if (0 != ret)
			return ret;
	} else
		tmp = (char *)md;
	if (0 != memcmp(resp, tmp,
	    (ocra->hotp_trunc) ? (unsigned int)ocra->hotp_trunc : md_l))
		ret = RFC6287_VERIFY_FAILED;
	else
		ret = RFC6287_SUCCESS;
	free(tmp);
	return ret;
}
Exemplo n.º 10
0
static void kderive_update(struct kderive_context *ctx)
{
	uint32_t i;
#if (OPENSSL_VERSION_NUMBER < 0x1010002f)
	HMAC_CTX hctx;
#endif
        HMAC_CTX *phctx = NULL;
	unsigned char *pos = ctx->out;
	uint32_t *p_iter = (uint32_t *)ctx->fid;
	uint32_t num_iters = ctx->out_len / PRF_OUTPUT_SIZE;

	check_prf_iters(num_iters);

#if (OPENSSL_VERSION_NUMBER < 0x1010002f)
	HMAC_CTX_init(&hctx);
        phctx = &hctx;
#else
        phctx = HMAC_CTX_new();
        /* I guess we presume it was successful? */
#endif
	for (i = 0; i < num_iters; i++) {
		/*
		 * update the iteration number in the fid
		 */
		*p_iter = htobe32(i);
		HMAC_Init_ex(phctx,
			     ctx->pkey, ctx->pkey_len >> 3,
			     EVP_sha256(),
			     NULL);
		HMAC_Update(phctx, ctx->fid, ctx->fid_len);
		HMAC_Final(phctx, pos, NULL);

		pos += PRF_OUTPUT_SIZE;
	}
#if (OPENSSL_VERSION_NUMBER < 0x1010002f)
	HMAC_CTX_cleanup(phctx);
#else
        HMAC_CTX_free(phctx);
#endif
}
Exemplo n.º 11
0
// Other 'common' functions for this format:
void encfs_common_setIVec(encfs_common_custom_salt *cur_salt, unsigned char *ivec, uint64_t seed, unsigned char *key)
{
	unsigned char md[EVP_MAX_MD_SIZE];
	unsigned int mdLen = EVP_MAX_MD_SIZE;
	int i;
	HMAC_CTX mac_ctx;

	memcpy( ivec, &key[cur_salt->keySize], cur_salt->ivLength );
	for(i=0; i<8; ++i) {
		md[i] = (unsigned char)(seed & 0xff);
		seed >>= 8;
	}
	// combine ivec and seed with HMAC
	HMAC_CTX_init(&mac_ctx);
	HMAC_Init_ex( &mac_ctx, key, cur_salt->keySize, EVP_sha1(), 0 );
	HMAC_Init_ex( &mac_ctx, 0, 0, 0, 0 );
	HMAC_Update( &mac_ctx, ivec, cur_salt->ivLength );
	HMAC_Update( &mac_ctx, md, 8 );
	HMAC_Final( &mac_ctx, md, &mdLen );
	HMAC_CTX_cleanup(&mac_ctx);
	memcpy( ivec, md, cur_salt->ivLength );
}
Exemplo n.º 12
0
		void init(RC4_KEY* rc4, const unsigned char* session_key, const unsigned char* peer_key)
		{
			HMAC_CTX hmac_ctx;
			HMAC_CTX_init(&hmac_ctx);
			HMAC_Init_ex(&hmac_ctx, (void*)peer_key, peer_key_size, EVP_sha1(), NULL);

			HMAC_Update(&hmac_ctx, session_key, session_key_size);

			unsigned char rc4_keystring[SHA_DIGEST_LENGTH];
			unsigned int rc4_keystring_size = SHA_DIGEST_LENGTH;
			
			HMAC_Final(&hmac_ctx, rc4_keystring, &rc4_keystring_size);
			
			HMAC_CTX_cleanup(&hmac_ctx);

			RC4_set_key(rc4, rc4_keystring_size, rc4_keystring);
			
			const unsigned char rc4_key_init[rc4_init_size] = { 0x00 };
			unsigned char rc4_key_init_output[rc4_init_size];

			RC4(rc4, sizeof(rc4_key_init), rc4_key_init, rc4_key_init_output);
		}
Exemplo n.º 13
0
/* a counter-based KDF based on NIST SP800-108 */
static void
eap_pwd_kdf(uint8_t *key, int keylen, const char *label, int labellen,
	    uint8_t *result, int resultbitlen)
{
    HMAC_CTX hctx;
    uint8_t digest[SHA256_DIGEST_LENGTH];
    uint16_t i, ctr, L;
    int resultbytelen, len = 0;
    unsigned int mdlen = SHA256_DIGEST_LENGTH;
    uint8_t mask = 0xff;

    resultbytelen = (resultbitlen + 7)/8;
    ctr = 0;
    L = htons(resultbitlen);
    while (len < resultbytelen) {
	ctr++; i = htons(ctr);
	HMAC_Init(&hctx, key, keylen, EVP_sha256());
	if (ctr > 1) {
	    HMAC_Update(&hctx, digest, mdlen);
	}
	HMAC_Update(&hctx, (uint8_t *) &i, sizeof(uint16_t));
	HMAC_Update(&hctx, (const uint8_t *)label, labellen);
	HMAC_Update(&hctx, (uint8_t *) &L, sizeof(uint16_t));
	HMAC_Final(&hctx, digest, &mdlen);
	if ((len + (int) mdlen) > resultbytelen) {
	    memcpy(result + len, digest, resultbytelen - len);
	} else {
	    memcpy(result + len, digest, mdlen);
	}
	len += mdlen;
	HMAC_CTX_cleanup(&hctx);
    }

    /* since we're expanding to a bit length, mask off the excess */
    if (resultbitlen % 8) {
	mask <<= (8 - (resultbitlen % 8));
	result[resultbytelen - 1] &= mask;
    }
}
Exemplo n.º 14
0
ByteArray Hmac::doFinal() throw (HmacException, InvalidStateException) {
	if (this->state == Hmac::NO_INIT || this->state == Hmac::INIT)
	{
		throw InvalidStateException("Hmac::doFinal");
	}

	unsigned int size;
	unsigned char *md = new unsigned char[EVP_MAX_MD_SIZE + 1];
	int rc = HMAC_Final( &this->ctx, md, &size );
	HMAC_CTX_cleanup( &this->ctx );
	this->state = Hmac::NO_INIT;
	if (!rc)
	{
		delete( md );
		throw HmacException(HmacException::CTX_FINISH, "Hmac::doFinal");
	}

	ByteArray content;
	content.setDataPointer( md, size );

	return content;
}
Exemplo n.º 15
0
void l4l_rest() {
			__l4l.data.l_trz=snprintf(__l4l.data.s_trz,L4L_MAX_TRZ_LEN-1,__l4l.data.s_trz_aux2,__l4l.data.s_trz_aux);
			__l4l.data.s_trz[__l4l.data.l_trz++]='\n';__l4l.data.s_trz[__l4l.data.l_trz]='\0';
			__l4l.size+=fwrite(__l4l.data.s_trz,1,__l4l.data.l_trz,__l4l.data.logFile);
			strcpy(__l4l.data.s_trz_aux,__l4l.data.s_trz);
			if(__l4l.data.currMask & __l4l.cfg.flush_mask) {
				fflush (__l4l.data.logFile);\
				fsync (fileno (__l4l.data.logFile));
			}

#ifdef L4L_HASH_METHOD
			if (__l4l.data.currMask & __l4l.cfg.hash_mask) {
				int i=0;

				HMAC_Update(&__l4l.data.ctx, (unsigned char*)&__l4l.data.s_trz, (size_t)(__l4l.data.l_trz-1));
				HMAC_Final(&__l4l.data.ctx, __l4l.data.hash_bin, &__l4l.data.len);
				for(i=0;i < L4L_MAX_HASH_LEN;i+=2) {
					__l4l.data.hash_str[i]=lut[(int)(__l4l.data.hash_bin[i] >>4)];
					__l4l.data.hash_str[i+1]=lut[(int)(__l4l.data.hash_bin[i] & 0x0f)]; 
				}
				__l4l.data.hash_str[i]='\0';
			}
Exemplo n.º 16
0
unsigned int FIPS_incore_fingerprint(unsigned char *sig,unsigned int len)
    {
    const unsigned char *p1 = FIPS_text_start();
    const unsigned char *p2 = FIPS_text_end();
    const unsigned char *p3 = FIPS_rodata_start;
    const unsigned char *p4 = FIPS_rodata_end;
    HMAC_CTX c;

    HMAC_CTX_init(&c);
    HMAC_Init(&c,FIPS_hmac_key,strlen(FIPS_hmac_key),EVP_sha1());

    /* detect overlapping regions */
    if (p1<=p3 && p2>=p3)
	p3=p1, p4=p2>p4?p2:p4, p1=NULL, p2=NULL;
    else if (p3<=p1 && p4>=p1)
	p3=p3, p4=p2>p4?p2:p4, p1=NULL, p2=NULL;

    if (p1)
	HMAC_Update(&c,p1,(size_t)p2-(size_t)p1);

    if (FIPS_signature>=p3 && FIPS_signature<p4)
	{
	/* "punch" hole */
	HMAC_Update(&c,p3,(size_t)FIPS_signature-(size_t)p3);
	p3 = FIPS_signature+sizeof(FIPS_signature);
	if (p3<p4)
	    HMAC_Update(&c,p3,(size_t)p4-(size_t)p3);
	}
    else
	HMAC_Update(&c,p3,(size_t)p4-(size_t)p3);

    if (!fips_post_corrupt(FIPS_TEST_INTEGRITY, 0, NULL))
	HMAC_Update(&c, (unsigned char *)FIPS_hmac_key, 1);

    HMAC_Final(&c,sig,&len);
    HMAC_CTX_cleanup(&c);

    return len;
    }
Exemplo n.º 17
0
static int hmac_fdigest(lua_State *L)
{
  const char *t = luaL_checkstring(L, 1);
  const EVP_MD *type = EVP_get_digestbyname(t);
  const char *s;
  const char *k;
  unsigned char digest[EVP_MAX_MD_SIZE];
  unsigned int written = 0;
  unsigned int i;
  char *hex;
  HMAC_CTX c;

  if (type == NULL) {
    luaL_argerror(L, 1, "invalid digest type");
    return 0;
  }

  s = luaL_checkstring(L, 2);
  k = luaL_checkstring(L, 3);


  HMAC_CTX_init(&c);
  HMAC_Init_ex(&c, k, (int)lua_strlen(L, 3), type, NULL);
  HMAC_Update(&c, (unsigned char *)s, lua_strlen(L, 2));
  HMAC_Final(&c, digest, &written);
  HMAC_CTX_cleanup(&c);

  if (lua_toboolean(L, 4))
    lua_pushlstring(L, (char *)digest, written);
  else {
    hex = (char*)calloc(sizeof(char), written*2 + 1);
    for (i = 0; i < written; i++)
      sprintf(hex + 2*i, "%02x", digest[i]);
    lua_pushlstring(L, hex, written*2);
    free(hex);
  }

  return 1;
}
static int calculate_auth_data(const struct iovec *iov, int iovlen,
			       const struct in6_addr *coa,
			       const struct in6_addr *cn,
			       const uint8_t *key, uint8_t *digest)
{
	uint8_t buf[HMAC_SHA1_HASH_LEN];
	int i;

#ifdef HAVE_LIBCRYPTO
	unsigned int len = HMAC_SHA1_HASH_LEN;
	HMAC_CTX ctx;
	const EVP_MD *evp_md = EVP_sha1();

	HMAC_CTX_init(&ctx);
	HMAC_Init_ex(&ctx, key, HMAC_SHA1_KEY_SIZE, evp_md, NULL);

	HMAC_Update(&ctx, (uint8_t *)coa, sizeof(*coa));
	HMAC_Update(&ctx, (uint8_t *)cn, sizeof(*coa));
	for (i = 0; i < iovlen; i++) {
		HMAC_Update(&ctx, (uint8_t *)iov[i].iov_base, iov[i].iov_len);
	}
	HMAC_Final(&ctx, buf, &len);
	HMAC_CTX_cleanup(&ctx);
#else
	HMAC_SHA1_CTX ctx;

	HMAC_SHA1_init(&ctx, key, HMAC_SHA1_KEY_SIZE);
	HMAC_SHA1_update(&ctx, (uint8_t *)coa, sizeof(*coa));
	HMAC_SHA1_update(&ctx, (uint8_t *)cn, sizeof(*coa));
	for (i = 0; i < iovlen; i++) {
		HMAC_SHA1_update(&ctx, (uint8_t *)iov[i].iov_base,
				 iov[i].iov_len);
	}
	HMAC_SHA1_final(&ctx, buf);
#endif
	memcpy(digest, buf, MIPV6_DIGEST_LEN);
	return 0;
}
Exemplo n.º 19
0
bool HMAC_Create(COSE_MacMessage * pcose, int HSize, int TSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
{
	HMAC_CTX ctx;
	const EVP_MD * pmd = NULL;
	byte * rgbOut = NULL;
	unsigned int cbOut;
#ifdef USE_CBOR_CONTEXT
	cn_cbor_context * context = &pcose->m_message.m_allocContext;
#endif

	HMAC_CTX_init(&ctx);

	if (0) {
	errorReturn:
		COSE_FREE(rgbOut, context);
		HMAC_cleanup(&ctx);
		return false;
	}

	switch (HSize) {
	case 256: pmd = EVP_sha256(); break;
	case 384: pmd = EVP_sha384(); break;
	case 512: pmd = EVP_sha512(); break;
	default: FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER); break;
	}

	rgbOut = COSE_CALLOC(EVP_MAX_MD_SIZE, 1, context);
	CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);

	CHECK_CONDITION(HMAC_Init(&ctx, pbKey, (int) cbKey, pmd), COSE_ERR_CRYPTO_FAIL);
	CHECK_CONDITION(HMAC_Update(&ctx, pbAuthData, cbAuthData), COSE_ERR_CRYPTO_FAIL);
	CHECK_CONDITION(HMAC_Final(&ctx, rgbOut, &cbOut), COSE_ERR_CRYPTO_FAIL);

	CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cn_cbor_data_create(rgbOut, TSize / 8, CBOR_CONTEXT_PARAM_COMMA NULL), INDEX_MAC_TAG, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);

	HMAC_cleanup(&ctx);
	return true;
}
Exemplo n.º 20
0
unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
                    const unsigned char *d, size_t n, unsigned char *md,
                    unsigned int *md_len)
{
    HMAC_CTX *c = NULL;
    static unsigned char m[EVP_MAX_MD_SIZE];

    if (md == NULL)
        md = m;
    if ((c = HMAC_CTX_new()) == NULL)
        goto err;
    if (!HMAC_Init_ex(c, key, key_len, evp_md, NULL))
        goto err;
    if (!HMAC_Update(c, d, n))
        goto err;
    if (!HMAC_Final(c, md, md_len))
        goto err;
    HMAC_CTX_free(c);
    return md;
err:
    HMAC_CTX_free(c);
    return NULL;
}
Exemplo n.º 21
0
char* CryptoHandler::hmac_sha512(char* datain, char* keyin, const bool& base64)
{
	unsigned char* key = (unsigned char*) keyin;
	unsigned char* data = (unsigned char*) datain;
	unsigned char* result;
	unsigned int result_len = 64;

	HMAC_CTX ctx;
	result = (unsigned char*) malloc(sizeof(char) * result_len);

	ENGINE_load_builtin_engines();
	ENGINE_register_all_complete();

	HMAC_CTX_init(&ctx);
	HMAC_Init_ex(&ctx, key, strlen(keyin), EVP_sha512(), NULL);
	HMAC_Update(&ctx, data, strlen(datain));
	HMAC_Final(&ctx, result, &result_len);
	HMAC_CTX_cleanup(&ctx);

	if(base64)
		return base64encode(result,result_len);
	return (char*)result;
}
Exemplo n.º 22
0
/** Calculate HMAC using OpenSSL's MD5 implementation
 *
 * @param digest Caller digest to be filled in.
 * @param in Pointer to data stream.
 * @param inlen length of data stream.
 * @param key Pointer to authentication key.
 * @param key_len Length of authentication key.
 *
 */
void fr_hmac_md5(uint8_t digest[MD5_DIGEST_LENGTH], uint8_t const *in, size_t inlen,
		 uint8_t const *key, size_t key_len)
{
	HMAC_CTX *ctx;

	if (unlikely(!md5_hmac_ctx)) {
		ctx = HMAC_CTX_new();
		if (unlikely(!ctx)) return;
		fr_thread_local_set_destructor(md5_hmac_ctx, _hmac_md5_ctx_free_on_exit, ctx);
	} else {
		ctx = md5_hmac_ctx;
	}

#ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW
	/* Since MD5 is not allowed by FIPS, explicitly allow it. */
	HMAC_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
#endif /* EVP_MD_CTX_FLAG_NON_FIPS_ALLOW */

	HMAC_Init_ex(ctx, key, key_len, EVP_md5(), NULL);
	HMAC_Update(ctx, in, inlen);
	HMAC_Final(ctx, digest, NULL);
	HMAC_CTX_reset(ctx);
}
Exemplo n.º 23
0
Arquivo: hmac.c Projeto: RobinWuDev/Qt
uint8_t *HMAC(const EVP_MD *evp_md, const void *key, size_t key_len,
              const uint8_t *data, size_t data_len, uint8_t *out,
              unsigned int *out_len) {
  HMAC_CTX ctx;
  static uint8_t static_out_buffer[EVP_MAX_MD_SIZE];

  /* OpenSSL has traditionally supported using a static buffer if |out| is
   * NULL. We maintain that but don't document it. This behaviour should be
   * considered to be deprecated. */
  if (out == NULL) {
    out = static_out_buffer;
  }

  HMAC_CTX_init(&ctx);
  if (!HMAC_Init(&ctx, key, key_len, evp_md) ||
      !HMAC_Update(&ctx, data, data_len) ||
      !HMAC_Final(&ctx, out, out_len)) {
    out = NULL;
  }

  HMAC_CTX_cleanup(&ctx);
  return out;
}
Exemplo n.º 24
0
char *
host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
{
	const EVP_MD *md = EVP_sha1();
	HMAC_CTX mac_ctx;
	u_char salt[256], result[256];
	char uu_salt[512], uu_result[512];
	static char encoded[1024];
	u_int i, len;

	len = EVP_MD_size(md);

	if (name_from_hostfile == NULL) {
		/* Create new salt */
		for (i = 0; i < len; i++)
			salt[i] = arc4random();
	} else {
		/* Extract salt from known host entry */
		if (extract_salt(name_from_hostfile, src_len, salt,
		    sizeof(salt)) == -1)
			return (NULL);
	}

	HMAC_Init(&mac_ctx, salt, len, md);
	HMAC_Update(&mac_ctx, __UNCONST(host), strlen(host));
	HMAC_Final(&mac_ctx, result, NULL);
	HMAC_cleanup(&mac_ctx);

	if (__b64_ntop(salt, len, uu_salt, sizeof(uu_salt)) == -1 ||
	    __b64_ntop(result, len, uu_result, sizeof(uu_result)) == -1)
		fatal("host_hash: __b64_ntop failed");

	snprintf(encoded, sizeof(encoded), "%s%s%c%s", HASH_MAGIC, uu_salt,
	    HASH_DELIM, uu_result);

	return (encoded);
}
Exemplo n.º 25
0
u_char *
mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen)
{
	static union {
		u_char m[EVP_MAX_MD_SIZE];
		u_int64_t for_align;
	} u;
	u_char b[4], nonce[8];

	if (mac->mac_len > sizeof(u))
		fatal("mac_compute: mac too long %u %lu",
		    mac->mac_len, (u_long)sizeof(u));

	switch (mac->type) {
	case SSH_EVP:
		put_u32(b, seqno);
		/* reset HMAC context */
		HMAC_Init(&mac->evp_ctx, NULL, 0, NULL);
		HMAC_Update(&mac->evp_ctx, b, sizeof(b));
		HMAC_Update(&mac->evp_ctx, data, datalen);
		HMAC_Final(&mac->evp_ctx, u.m, NULL);
		break;
	case SSH_UMAC:
		put_u64(nonce, seqno);
		umac_update(mac->umac_ctx, data, datalen);
		umac_final(mac->umac_ctx, u.m, nonce);
		break;
	case SSH_UMAC128:
		put_u64(nonce, seqno);
		umac128_update(mac->umac_ctx, data, datalen);
		umac128_final(mac->umac_ctx, u.m, nonce);
		break;
	default:
		fatal("mac_compute: unknown MAC type");
	}
	return (u.m);
}
Exemplo n.º 26
0
static int sqlcipher_openssl_hmac(void *ctx, int algorithm, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out) {
  unsigned int outlen;
  int rc = SQLITE_OK;
  HMAC_CTX* hctx = NULL;

  if(in == NULL) goto error;

  hctx = HMAC_CTX_new();
  if(hctx == NULL) goto error;

  switch(algorithm) {
    case SQLCIPHER_HMAC_SHA1:
      if(!HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha1(), NULL)) goto error;
      break;
    case SQLCIPHER_HMAC_SHA256:
      if(!HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha256(), NULL)) goto error;
      break;
    case SQLCIPHER_HMAC_SHA512:
      if(!HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha512(), NULL)) goto error;
      break;
    default:
      goto error;
  }

  if(!HMAC_Update(hctx, in, in_sz)) goto error;
  if(in2 != NULL) {
    if(!HMAC_Update(hctx, in2, in2_sz)) goto error;
  }
  if(!HMAC_Final(hctx, out, &outlen)) goto error;
  
  goto cleanup;
error:
  rc = SQLITE_ERROR;
cleanup:
  if(hctx) HMAC_CTX_free(hctx);
  return rc;
}
Exemplo n.º 27
0
/**
  Completes computation of the HMAC-MD5 digest value.

  This function completes HMAC-MD5 digest computation and retrieves the digest value into
  the specified memory. After this function has been called, the HMAC-MD5 context cannot
  be used again.
  HMAC-MD5 context should be already correctly intialized by HmacMd5Init(), and should not be
  finalized by HmacMd5Final(). Behavior with invalid HMAC-MD5 context is undefined.

  If HmacMd5Context is NULL, then return FALSE.
  If HmacValue is NULL, then return FALSE.

  @param[in, out]  HmacMd5Context  Pointer to the HMAC-MD5 context.
  @param[out]      HmacValue       Pointer to a buffer that receives the HMAC-MD5 digest
                                   value (16 bytes).

  @retval TRUE   HMAC-MD5 digest computation succeeded.
  @retval FALSE  HMAC-MD5 digest computation failed.

**/
BOOLEAN
EFIAPI
HmacMd5Final (
  IN OUT  VOID   *HmacMd5Context,
  OUT     UINT8  *HmacValue
  )
{
  UINT32  Length;

  //
  // Check input parameters.
  //
  if (HmacMd5Context == NULL || HmacValue == NULL) {
    return FALSE;
  }

  //
  // OpenSSL HMAC-MD5 digest finalization
  //
  HMAC_Final (HmacMd5Context, HmacValue, &Length);
  HMAC_CTX_cleanup (HmacMd5Context);

  return TRUE;
}
Exemplo n.º 28
0
ssize_t
dsa_sign_final(struct iked_dsa *dsa, void *buf, size_t len)
{
	unsigned int	 siglen;
	size_t		 off = 0;
	uint8_t		*ptr = buf;

	if (len < dsa_length(dsa))
		return (-1);

	if (dsa->dsa_hmac) {
		if (!HMAC_Final(dsa->dsa_ctx, buf, &siglen))
			return (-1);
	} else {
		if (_dsa_sign_encode(dsa, ptr, &off) < 0)
			return (-1);
		if (!EVP_SignFinal(dsa->dsa_ctx, ptr + off, &siglen,
		    dsa->dsa_key))
			return (-1);
		siglen += off;
	}

	return (siglen);
}
void hash(char data[]) {
    // The secret key for hashing
    const char key[] = "12345678";
 
    // The data that we're going to hash
    //char data[] = "hello world";
    
    // Be careful of the length of string with the choosen hash engine. SHA1 needed 20 characters.
    // Change the length accordingly with your choosen hash engine.     
    unsigned char* result;
    unsigned int len = 20;
 
    result = (unsigned char*)malloc(sizeof(char) * len);
 
    HMAC_CTX ctx;
    HMAC_CTX_init(&ctx);
 
    // Using sha1 hash engine here.
    // You may use other hash engines. e.g EVP_md5(), EVP_sha224, EVP_sha512, etc
    HMAC_Init_ex(&ctx, key, strlen(key), EVP_sha1(), NULL);
   	 
    
   // HMAC_Update(&ctx, (unsigned char*)&data, strlen(data));
    HMAC_Final(&ctx, result, &len);
    HMAC_CTX_cleanup(&ctx);
 
    printf("HMAC digest: ");
 
    for (int i = 0; i != len; i++)
        printf("%02x", (unsigned int)result[i]);
 
    printf("\n");
 
    //free(result);
 
}
Exemplo n.º 30
0
/* Generate a MAC */
int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
       unsigned char *mac, unsigned int *maclen)
{
  const EVP_MD *md_type;
  HMAC_CTX hmac;
  unsigned char key[PKCS12_MAC_KEY_LENGTH], *salt;
  int saltlen, iter;

  if (!PKCS7_type_is_data(p12->authsafes))
    {
    PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_CONTENT_TYPE_NOT_DATA);
    return 0;
    }

  salt = p12->mac->salt->data;
  saltlen = p12->mac->salt->length;
  if (!p12->mac->iter) iter = 1;
  else iter = ASN1_INTEGER_get (p12->mac->iter);
      if(!(md_type =
     EVP_get_digestbyobj (p12->mac->dinfo->algor->algorithm))) {
    PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_UNKNOWN_DIGEST_ALGORITHM);
    return 0;
  }
  if(!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,
         PKCS12_MAC_KEY_LENGTH, key, md_type)) {
    PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_KEY_GEN_ERROR);
    return 0;
  }
  HMAC_CTX_init(&hmac);
  HMAC_Init_ex(&hmac, key, PKCS12_MAC_KEY_LENGTH, md_type, NULL);
      HMAC_Update(&hmac, p12->authsafes->d.data->data,
           p12->authsafes->d.data->length);
      HMAC_Final(&hmac, mac, maclen);
      HMAC_CTX_cleanup(&hmac);
  return 1;
}