diff options
Diffstat (limited to 'lib/libcrypto/cmac')
| -rw-r--r-- | lib/libcrypto/cmac/cm_ameth.c | 21 | ||||
| -rw-r--r-- | lib/libcrypto/cmac/cm_pmeth.c | 115 | ||||
| -rw-r--r-- | lib/libcrypto/cmac/cmac.c | 125 |
3 files changed, 137 insertions, 124 deletions
diff --git a/lib/libcrypto/cmac/cm_ameth.c b/lib/libcrypto/cmac/cm_ameth.c index e4952df2f9e..a793e65262d 100644 --- a/lib/libcrypto/cmac/cm_ameth.c +++ b/lib/libcrypto/cmac/cm_ameth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cm_ameth.c,v 1.3 2014/06/12 15:49:28 deraadt Exp $ */ +/* $OpenBSD: cm_ameth.c,v 1.4 2014/06/21 12:07:02 miod Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2010. */ @@ -62,19 +62,23 @@ * key. */ -static int cmac_size(const EVP_PKEY *pkey) - { +static int +cmac_size(const EVP_PKEY *pkey) +{ return EVP_MAX_BLOCK_LENGTH; - } +} -static void cmac_key_free(EVP_PKEY *pkey) - { +static void +cmac_key_free(EVP_PKEY *pkey) +{ CMAC_CTX *cmctx = (CMAC_CTX *)pkey->pkey.ptr; + if (cmctx) CMAC_CTX_free(cmctx); - } +} -const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = { +const EVP_PKEY_ASN1_METHOD +cmac_asn1_meth = { .pkey_id = EVP_PKEY_CMAC, .pkey_base_id = EVP_PKEY_CMAC, @@ -84,4 +88,3 @@ const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = { .pkey_size = cmac_size, .pkey_free = cmac_key_free }; - diff --git a/lib/libcrypto/cmac/cm_pmeth.c b/lib/libcrypto/cmac/cm_pmeth.c index b65c1795aed..3010f91acab 100644 --- a/lib/libcrypto/cmac/cm_pmeth.c +++ b/lib/libcrypto/cmac/cm_pmeth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cm_pmeth.c,v 1.4 2014/06/12 15:49:28 deraadt Exp $ */ +/* $OpenBSD: cm_pmeth.c,v 1.5 2014/06/21 12:07:02 miod Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2010. */ @@ -61,135 +61,140 @@ /* The context structure and "key" is simply a CMAC_CTX */ -static int pkey_cmac_init(EVP_PKEY_CTX *ctx) - { +static int +pkey_cmac_init(EVP_PKEY_CTX *ctx) +{ ctx->data = CMAC_CTX_new(); if (!ctx->data) return 0; ctx->keygen_info_count = 0; return 1; - } +} -static int pkey_cmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) - { +static int +pkey_cmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) +{ if (!pkey_cmac_init(dst)) return 0; if (!CMAC_CTX_copy(dst->data, src->data)) return 0; return 1; - } +} -static void pkey_cmac_cleanup(EVP_PKEY_CTX *ctx) - { +static void +pkey_cmac_cleanup(EVP_PKEY_CTX *ctx) +{ CMAC_CTX_free(ctx->data); - } +} -static int pkey_cmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) - { +static int +pkey_cmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) +{ CMAC_CTX *cmkey = CMAC_CTX_new(); CMAC_CTX *cmctx = ctx->data; + if (!cmkey) return 0; - if (!CMAC_CTX_copy(cmkey, cmctx)) - { + if (!CMAC_CTX_copy(cmkey, cmctx)) { CMAC_CTX_free(cmkey); return 0; - } + } EVP_PKEY_assign(pkey, EVP_PKEY_CMAC, cmkey); return 1; - } +} -static int int_update(EVP_MD_CTX *ctx,const void *data,size_t count) - { +static int +int_update(EVP_MD_CTX *ctx,const void *data,size_t count) +{ if (!CMAC_Update(ctx->pctx->data, data, count)) return 0; return 1; - } +} -static int cmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) - { +static int +cmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) +{ EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); mctx->update = int_update; return 1; - } +} -static int cmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx) - { +static int +cmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, + EVP_MD_CTX *mctx) +{ return CMAC_Final(ctx->data, sig, siglen); - } +} -static int pkey_cmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) - { +static int +pkey_cmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) +{ CMAC_CTX *cmctx = ctx->data; - switch (type) - { - case EVP_PKEY_CTRL_SET_MAC_KEY: + switch (type) { + case EVP_PKEY_CTRL_SET_MAC_KEY: if (!p2 || p1 < 0) return 0; if (!CMAC_Init(cmctx, p2, p1, NULL, NULL)) return 0; break; - case EVP_PKEY_CTRL_CIPHER: + case EVP_PKEY_CTRL_CIPHER: if (!CMAC_Init(cmctx, NULL, 0, p2, ctx->engine)) return 0; break; - case EVP_PKEY_CTRL_MD: + case EVP_PKEY_CTRL_MD: if (ctx->pkey && !CMAC_CTX_copy(ctx->data, - (CMAC_CTX *)ctx->pkey->pkey.ptr)) + (CMAC_CTX *)ctx->pkey->pkey.ptr)) return 0; if (!CMAC_Init(cmctx, NULL, 0, NULL, NULL)) return 0; break; - default: + default: return -2; - - } - return 1; } + return 1; +} -static int pkey_cmac_ctrl_str(EVP_PKEY_CTX *ctx, - const char *type, const char *value) - { +static int +pkey_cmac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) +{ if (!value) - { return 0; - } - if (!strcmp(type, "key")) - { + if (!strcmp(type, "key")) { void *p = (void *)value; return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, - strlen(p), p); - } - if (!strcmp(type, "cipher")) - { + strlen(p), p); + } + if (!strcmp(type, "cipher")) { const EVP_CIPHER *c; + c = EVP_get_cipherbyname(value); if (!c) return 0; return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_CIPHER, -1, (void *)c); - } - if (!strcmp(type, "hexkey")) - { + } + if (!strcmp(type, "hexkey")) { unsigned char *key; int r; long keylen; + key = string_to_hex(value, &keylen); if (!key) return 0; r = pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key); free(key); return r; - } - return -2; } -const EVP_PKEY_METHOD cmac_pkey_meth = { + return -2; +} + +const EVP_PKEY_METHOD +cmac_pkey_meth = { .pkey_id = EVP_PKEY_CMAC, .flags = EVP_PKEY_FLAG_SIGCTX_CUSTOM, diff --git a/lib/libcrypto/cmac/cmac.c b/lib/libcrypto/cmac/cmac.c index 237ff01b6b9..b2f77c59bdc 100644 --- a/lib/libcrypto/cmac/cmac.c +++ b/lib/libcrypto/cmac/cmac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cmac.c,v 1.5 2014/06/12 15:49:28 deraadt Exp $ */ +/* $OpenBSD: cmac.c,v 1.6 2014/06/21 12:07:02 miod Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -57,8 +57,7 @@ #include "cryptlib.h" #include <openssl/cmac.h> -struct CMAC_CTX_st - { +struct CMAC_CTX_st { /* Cipher context to use */ EVP_CIPHER_CTX cctx; /* Keys k1 and k2 */ @@ -70,61 +69,69 @@ struct CMAC_CTX_st unsigned char last_block[EVP_MAX_BLOCK_LENGTH]; /* Number of bytes in last block: -1 means context not initialised */ int nlast_block; - }; +}; /* Make temporary keys K1 and K2 */ -static void make_kn(unsigned char *k1, unsigned char *l, int bl) - { +static void +make_kn(unsigned char *k1, unsigned char *l, int bl) +{ int i; + /* Shift block to left, including carry */ - for (i = 0; i < bl; i++) - { + for (i = 0; i < bl; i++) { k1[i] = l[i] << 1; if (i < bl - 1 && l[i + 1] & 0x80) k1[i] |= 1; - } + } /* If MSB set fixup with R */ if (l[0] & 0x80) k1[bl - 1] ^= bl == 16 ? 0x87 : 0x1b; - } +} -CMAC_CTX *CMAC_CTX_new(void) - { +CMAC_CTX * +CMAC_CTX_new(void) +{ CMAC_CTX *ctx; + ctx = malloc(sizeof(CMAC_CTX)); if (!ctx) return NULL; EVP_CIPHER_CTX_init(&ctx->cctx); ctx->nlast_block = -1; return ctx; - } +} -void CMAC_CTX_cleanup(CMAC_CTX *ctx) - { +void +CMAC_CTX_cleanup(CMAC_CTX *ctx) +{ EVP_CIPHER_CTX_cleanup(&ctx->cctx); OPENSSL_cleanse(ctx->tbl, EVP_MAX_BLOCK_LENGTH); OPENSSL_cleanse(ctx->k1, EVP_MAX_BLOCK_LENGTH); OPENSSL_cleanse(ctx->k2, EVP_MAX_BLOCK_LENGTH); OPENSSL_cleanse(ctx->last_block, EVP_MAX_BLOCK_LENGTH); ctx->nlast_block = -1; - } +} -EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx) - { +EVP_CIPHER_CTX * +CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx) +{ return &ctx->cctx; - } +} -void CMAC_CTX_free(CMAC_CTX *ctx) - { +void +CMAC_CTX_free(CMAC_CTX *ctx) +{ CMAC_CTX_cleanup(ctx); free(ctx); - } +} -int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in) - { +int +CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in) +{ int bl; + if (in->nlast_block == -1) return 0; if (!EVP_CIPHER_CTX_copy(&out->cctx, &in->cctx)) @@ -136,15 +143,16 @@ int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in) memcpy(out->last_block, in->last_block, bl); out->nlast_block = in->nlast_block; return 1; - } +} -int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen, - const EVP_CIPHER *cipher, ENGINE *impl) - { +int +CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen, + const EVP_CIPHER *cipher, ENGINE *impl) +{ static unsigned char zero_iv[EVP_MAX_BLOCK_LENGTH]; + /* All zeros means restart */ - if (!key && !cipher && !impl && keylen == 0) - { + if (!key && !cipher && !impl && keylen == 0) { /* Not initialised */ if (ctx->nlast_block == -1) return 0; @@ -153,14 +161,14 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen, memset(ctx->tbl, 0, EVP_CIPHER_CTX_block_size(&ctx->cctx)); ctx->nlast_block = 0; return 1; - } + } /* Initialiase context */ if (cipher && !EVP_EncryptInit_ex(&ctx->cctx, cipher, impl, NULL, NULL)) return 0; /* Non-NULL key means initialisation complete */ - if (key) - { + if (key) { int bl; + if (!EVP_CIPHER_CTX_cipher(&ctx->cctx)) return 0; if (!EVP_CIPHER_CTX_set_key_length(&ctx->cctx, keylen)) @@ -179,12 +187,13 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen, /* Zero tbl so resume works */ memset(ctx->tbl, 0, bl); ctx->nlast_block = 0; - } - return 1; } + return 1; +} -int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen) - { +int +CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen) +{ const unsigned char *data = in; size_t bl; @@ -194,9 +203,9 @@ int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen) return 1; bl = EVP_CIPHER_CTX_block_size(&ctx->cctx); /* Copy into partial block if we need to */ - if (ctx->nlast_block > 0) - { + if (ctx->nlast_block > 0) { size_t nleft; + nleft = bl - ctx->nlast_block; if (dlen < nleft) nleft = dlen; @@ -210,24 +219,23 @@ int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen) /* Else not final block so encrypt it */ if (!EVP_Cipher(&ctx->cctx, ctx->tbl, ctx->last_block,bl)) return 0; - } + } /* Encrypt all but one of the complete blocks left */ - while(dlen > bl) - { + while (dlen > bl) { if (!EVP_Cipher(&ctx->cctx, ctx->tbl, data, bl)) return 0; dlen -= bl; data += bl; - } + } /* Copy any data left to last block buffer */ memcpy(ctx->last_block, data, dlen); ctx->nlast_block = dlen; return 1; +} - } - -int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen) - { +int +CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen) +{ int i, bl, lb; if (ctx->nlast_block == -1) @@ -238,29 +246,26 @@ int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen) return 1; lb = ctx->nlast_block; /* Is last block complete? */ - if (lb == bl) - { + if (lb == bl) { for (i = 0; i < bl; i++) out[i] = ctx->last_block[i] ^ ctx->k1[i]; - } - else - { + } else { ctx->last_block[lb] = 0x80; if (bl - lb > 1) memset(ctx->last_block + lb + 1, 0, bl - lb - 1); for (i = 0; i < bl; i++) out[i] = ctx->last_block[i] ^ ctx->k2[i]; - } - if (!EVP_Cipher(&ctx->cctx, out, out, bl)) - { + } + if (!EVP_Cipher(&ctx->cctx, out, out, bl)) { OPENSSL_cleanse(out, bl); return 0; - } - return 1; } + return 1; +} -int CMAC_resume(CMAC_CTX *ctx) - { +int +CMAC_resume(CMAC_CTX *ctx) +{ if (ctx->nlast_block == -1) return 0; /* The buffer "tbl" containes the last fully encrypted block @@ -270,4 +275,4 @@ int CMAC_resume(CMAC_CTX *ctx) * CMAC to continue after calling CMAC_Final(). */ return EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, ctx->tbl); - } +} |