static int sqlcipher_ltc_hmac(void *ctx, int algorithm, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out) { int rc, hash_idx; hmac_state hmac; unsigned long outlen; switch(algorithm) { case SQLCIPHER_HMAC_SHA1: hash_idx = find_hash("sha1"); break; case SQLCIPHER_HMAC_SHA256: hash_idx = find_hash("sha256"); break; case SQLCIPHER_HMAC_SHA512: hash_idx = find_hash("sha512"); break; default: return SQLITE_ERROR; } if(hash_idx < 0) return SQLITE_ERROR; outlen = hash_descriptor[hash_idx].hashsize; if(in == NULL) return SQLITE_ERROR; if((rc = hmac_init(&hmac, hash_idx, hmac_key, key_sz)) != CRYPT_OK) return SQLITE_ERROR; if((rc = hmac_process(&hmac, in, in_sz)) != CRYPT_OK) return SQLITE_ERROR; if(in2 != NULL && (rc = hmac_process(&hmac, in2, in2_sz)) != CRYPT_OK) return SQLITE_ERROR; if((rc = hmac_done(&hmac, out, &outlen)) != CRYPT_OK) return SQLITE_ERROR; return SQLITE_OK; }
static int sqlcipher_ltc_hmac(void *ctx, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out) { int rc, hash_idx; hmac_state hmac; unsigned long outlen = key_sz; hash_idx = find_hash("sha1"); if((rc = hmac_init(&hmac, hash_idx, hmac_key, key_sz)) != CRYPT_OK) return SQLITE_ERROR; if((rc = hmac_process(&hmac, in, in_sz)) != CRYPT_OK) return SQLITE_ERROR; if((rc = hmac_process(&hmac, in2, in2_sz)) != CRYPT_OK) return SQLITE_ERROR; if((rc = hmac_done(&hmac, out, &outlen)) != CRYPT_OK) return SQLITE_ERROR; return SQLITE_OK; }
/* Checks the mac in hashbuf, for the data in readbuf. * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ static int checkmac(buffer* macbuf, buffer* sourcebuf) { unsigned char macsize; hmac_state hmac; unsigned char tempbuf[MAX_MAC_LEN]; unsigned long hashsize; int len; macsize = ses.keys->recv_algo_mac->hashsize; if (macsize == 0) { return DROPBEAR_SUCCESS; } /* calculate the mac */ if (hmac_init(&hmac, find_hash(ses.keys->recv_algo_mac->hashdesc->name), ses.keys->recvmackey, ses.keys->recv_algo_mac->keysize) != CRYPT_OK) { dropbear_exit("HMAC error"); } /* sequence number */ STORE32H(ses.recvseq, tempbuf); if (hmac_process(&hmac, tempbuf, 4) != CRYPT_OK) { dropbear_exit("HMAC error"); } buf_setpos(sourcebuf, 0); len = sourcebuf->len; if (hmac_process(&hmac, buf_getptr(sourcebuf, len), len) != CRYPT_OK) { dropbear_exit("HMAC error"); } hashsize = sizeof(tempbuf); if (hmac_done(&hmac, tempbuf, &hashsize) != CRYPT_OK) { dropbear_exit("HMAC error"); } /* compare the hash */ if (memcmp(tempbuf, buf_getptr(macbuf, macsize), macsize) != 0) { return DROPBEAR_FAILURE; } else { return DROPBEAR_SUCCESS; } }
/** HMAC a file @param hash The index of the hash you wish to use @param fname The name of the file you wish to HMAC @param key The secret key @param keylen The length of the secret key @param out [out] The HMAC authentication tag @param outlen [in/out] The max size and resulting size of the authentication tag @return CRYPT_OK if successful, CRYPT_NOP if file support has been disabled */ int hmac_file(int hash, const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *out, unsigned long *outlen) { #ifdef LTC_NO_FILE return CRYPT_NOP; #else hmac_state hmac; FILE *in; unsigned char buf[512]; size_t x; int err; LTC_ARGCHK(fname != NULL); LTC_ARGCHK(key != NULL); LTC_ARGCHK(out != NULL); LTC_ARGCHK(outlen != NULL); if((err = hash_is_valid(hash)) != CRYPT_OK) { return err; } if ((err = hmac_init(&hmac, hash, key, keylen)) != CRYPT_OK) { return err; } in = fopen(fname, "rb"); if (in == NULL) { return CRYPT_FILE_NOTFOUND; } /* process the file contents */ do { x = fread(buf, 1, sizeof(buf), in); if ((err = hmac_process(&hmac, buf, (unsigned long)x)) != CRYPT_OK) { /* we don't trap this error since we're already returning an error! */ fclose(in); return err; } } while (x == sizeof(buf)); if (fclose(in) != 0) { return CRYPT_ERROR; } /* get final hmac */ if ((err = hmac_done(&hmac, out, outlen)) != CRYPT_OK) { return err; } #ifdef LTC_CLEAN_STACK /* clear memory */ zeromem(buf, sizeof(buf)); #endif return CRYPT_OK; #endif }
/* Create the packet mac, and append H(seqno|clearbuf) to the output */ static void writemac(buffer * outputbuffer, buffer * clearwritebuf) { int macsize; unsigned char seqbuf[4]; unsigned long hashsize; hmac_state hmac; TRACE(("enter writemac")); macsize = ses.keys->trans_algo_mac->hashsize; if (macsize > 0) { /* calculate the mac */ if (hmac_init(&hmac, find_hash(ses.keys->trans_algo_mac->hashdesc->name), ses.keys->transmackey, ses.keys->trans_algo_mac->keysize) != CRYPT_OK) { dropbear_exit("HMAC error"); } /* sequence number */ STORE32H(ses.transseq, seqbuf); if (hmac_process(&hmac, seqbuf, 4) != CRYPT_OK) { dropbear_exit("HMAC error"); } /* the actual contents */ buf_setpos(clearwritebuf, 0); if (hmac_process(&hmac, buf_getptr(clearwritebuf, clearwritebuf->len), clearwritebuf->len) != CRYPT_OK) { dropbear_exit("HMAC error"); } hashsize = macsize; if (hmac_done(&hmac, buf_getwriteptr(outputbuffer, macsize), &hashsize) != CRYPT_OK) { dropbear_exit("HMAC error"); } buf_incrwritepos(outputbuffer, macsize); } TRACE(("leave writemac")); }
void authenticate_decrypt(void* buf, u32 len) { #ifdef GLADMAN_HMAC hmac_sha1_data(buf, len, &hmac); #else if (hmac_process(&hmac, buf, len) != CRYPT_OK) Z_ERROR("Failed to authenticate"); #endif if (ctr_decrypt(buf, buf, len, &ctr) != CRYPT_OK) Z_ERROR("Failed to decrypt"); }
/** HMAC multiple blocks of memory to produce the authentication tag @param hash The index of the hash to use @param key The secret key @param keylen The length of the secret key (octets) @param out [out] Destination of the authentication tag @param outlen [in/out] Max size and resulting size of authentication tag @param in The data to HMAC @param inlen The length of the data to HMAC (octets) @param ... tuples of (data,len) pairs to HMAC, terminated with a (NULL,x) (x=don't care) @return CRYPT_OK if successful */ int hmac_memory_multi(int hash, const unsigned char *key, unsigned long keylen, unsigned char *out, unsigned long *outlen, const unsigned char *in, unsigned long inlen, ...) { hmac_state *hmac; int err; va_list args; const unsigned char *curptr; unsigned long curlen; LTC_ARGCHK(key != NULL); LTC_ARGCHK(in != NULL); LTC_ARGCHK(out != NULL); LTC_ARGCHK(outlen != NULL); /* allocate ram for hmac state */ hmac = XMALLOC(sizeof(hmac_state)); if (hmac == NULL) { return CRYPT_MEM; } if ((err = hmac_init(hmac, hash, key, keylen)) != CRYPT_OK) { goto LBL_ERR; } va_start(args, inlen); curptr = in; curlen = inlen; for (;;) { /* process buf */ if ((err = hmac_process(hmac, curptr, curlen)) != CRYPT_OK) { goto LBL_ERR; } /* step to next */ curptr = va_arg(args, const unsigned char*); if (curptr == NULL) { break; } curlen = va_arg(args, unsigned long); } if ((err = hmac_done(hmac, out, outlen)) != CRYPT_OK) { goto LBL_ERR; } LBL_ERR: #ifdef LTC_CLEAN_STACK zeromem(hmac, sizeof(hmac_state)); #endif XFREE(hmac); va_end(args); return err; }
/** HMAC a block of memory to produce the authentication tag @param hash The index of the hash to use @param key The secret key @param keylen The length of the secret key (octets) @param in The data to HMAC @param inlen The length of the data to HMAC (octets) @param out [out] Destination of the authentication tag @param outlen [in/out] Max size and resulting size of authentication tag @return CRYPT_OK if successful */ int hmac_memory(int hash, const unsigned char *key, unsigned long keylen, const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) { hmac_state *hmac; int err; LTC_ARGCHK(key != NULL); LTC_ARGCHK(in != NULL); LTC_ARGCHK(out != NULL); LTC_ARGCHK(outlen != NULL); /* make sure hash descriptor is valid */ if ((err = hash_is_valid(hash)) != CRYPT_OK) { return err; } /* is there a descriptor? */ if (hash_descriptor[hash].hmac_block != NULL) { return hash_descriptor[hash].hmac_block(key, keylen, in, inlen, out, outlen); } /* nope, so call the hmac functions */ /* allocate ram for hmac state */ hmac = XMALLOC(sizeof(hmac_state)); if (hmac == NULL) { return CRYPT_MEM; } if ((err = hmac_init(hmac, hash, key, keylen)) != CRYPT_OK) { goto LBL_ERR; } if ((err = hmac_process(hmac, in, inlen)) != CRYPT_OK) { goto LBL_ERR; } if ((err = hmac_done(hmac, out, outlen)) != CRYPT_OK) { goto LBL_ERR; } err = CRYPT_OK; LBL_ERR: #ifdef LTC_CLEAN_STACK zeromem(hmac, sizeof(hmac_state)); #endif XFREE(hmac); return err; }
/** HMAC a block of memory to produce the authentication tag @param hash The index of the hash to use @param key The secret key @param keylen The length of the secret key (octets) @param in The data to HMAC @param inlen The length of the data to HMAC (octets) @param out [out] Destination of the authentication tag @param outlen [in/out] Max size and resulting size of authentication tag @return CRYPT_OK if successful */ int hmac_memory(int hash, const unsigned char *key, unsigned long keylen, const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) { hmac_state *hmac; int err; LTC_ARGCHK(key != NULL); LTC_ARGCHK(in != NULL); LTC_ARGCHK(out != NULL); LTC_ARGCHK(outlen != NULL); /* allocate ram for hmac state */ hmac = XMALLOC(sizeof(hmac_state)); if (hmac == NULL) { return CRYPT_MEM; } if ((err = hmac_init(hmac, hash, key, keylen)) != CRYPT_OK) { goto LBL_ERR; } if ((err = hmac_process(hmac, in, inlen)) != CRYPT_OK) { goto LBL_ERR; } if ((err = hmac_done(hmac, out, outlen)) != CRYPT_OK) { goto LBL_ERR; } err = CRYPT_OK; LBL_ERR: #ifdef LTC_CLEAN_STACK zeromem(hmac, sizeof(hmac_state)); #endif XFREE(hmac); return err; }
int pkcs_5_alg2(const unsigned char *password, unsigned long password_len, const unsigned char *salt, unsigned long salt_len, int iteration_count, int hash_idx, unsigned char *out, unsigned long *outlen) { int err, itts; ulong32 blkno; unsigned long stored, left, x, y; unsigned char *buf[2]; hmac_state *hmac; LTC_ARGCHK(password != NULL); LTC_ARGCHK(salt != NULL); LTC_ARGCHK(out != NULL); LTC_ARGCHK(outlen != NULL); /* test hash IDX */ if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) { return err; } buf[0] = XMALLOC(MAXBLOCKSIZE * 2); hmac = XMALLOC(sizeof(hmac_state)); if (hmac == NULL || buf[0] == NULL) { if (hmac != NULL) { XFREE(hmac); } if (buf[0] != NULL) { XFREE(buf[0]); } return CRYPT_MEM; } /* buf[1] points to the second block of MAXBLOCKSIZE bytes */ buf[1] = buf[0] + MAXBLOCKSIZE; left = *outlen; blkno = 1; stored = 0; while (left != 0) { /* process block number blkno */ zeromem(buf[0], MAXBLOCKSIZE*2); /* store current block number and increment for next pass */ STORE32H(blkno, buf[1]); ++blkno; /* get PRF(P, S||int(blkno)) */ if ((err = hmac_init(hmac, hash_idx, password, password_len)) != CRYPT_OK) { goto LBL_ERR; } if ((err = hmac_process(hmac, salt, salt_len)) != CRYPT_OK) { goto LBL_ERR; } if ((err = hmac_process(hmac, buf[1], 4)) != CRYPT_OK) { goto LBL_ERR; } x = MAXBLOCKSIZE; if ((err = hmac_done(hmac, buf[0], &x)) != CRYPT_OK) { goto LBL_ERR; } /* now compute repeated and XOR it in buf[1] */ XMEMCPY(buf[1], buf[0], x); for (itts = 1; itts < iteration_count; ++itts) { if ((err = hmac_memory(hash_idx, password, password_len, buf[0], x, buf[0], &x)) != CRYPT_OK) { goto LBL_ERR; } for (y = 0; y < x; y++) { buf[1][y] ^= buf[0][y]; } } /* now emit upto x bytes of buf[1] to output */ for (y = 0; y < x && left != 0; ++y) { out[stored++] = buf[1][y]; --left; } } *outlen = stored; err = CRYPT_OK; LBL_ERR: #ifdef LTC_CLEAN_STACK zeromem(buf[0], MAXBLOCKSIZE*2); zeromem(hmac, sizeof(hmac_state)); #endif XFREE(hmac); XFREE(buf[0]); return err; }