X-Git-Url: http://git.silcnet.org/gitweb/?p=silc.git;a=blobdiff_plain;f=lib%2Fsilccrypt%2Fsilchmac.c;h=6b3abed3dc6376663c76592ccf48b813dccea4a0;hp=30f36c3f98a8cbc5593f80a9fca2151af9494a0b;hb=40f8443d8d3a6577336ee66d18e04d9ac4d956bb;hpb=318d79b391bf6288e3e28c840217a7097f3d0392 diff --git a/lib/silccrypt/silchmac.c b/lib/silccrypt/silchmac.c index 30f36c3f..6b3abed3 100644 --- a/lib/silccrypt/silchmac.c +++ b/lib/silccrypt/silchmac.c @@ -2,159 +2,463 @@ silchmac.c - Author: Pekka Riikonen + Author: Pekka Riikonen - Copyright (C) 1997 - 2000 Pekka Riikonen + Copyright (C) 1999 - 2005 Pekka Riikonen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - + the Free Software Foundation; version 2 of the License. + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. */ -/* - * $Id$ - * $Log$ - * Revision 1.3 2000/07/14 09:12:24 priikone - * Fixed bug in silc_hmac_make. - * - * Revision 1.2 2000/07/05 06:08:43 priikone - * Global cosmetic change. - * - * Revision 1.1.1.1 2000/06/27 11:36:55 priikone - * Imported from internal CVS/Added Log headers. - * - * - */ - -#include "silcincludes.h" - -/* Allocates a new SilcHmac object. First argument is the hash function - object to tell the hmac which hash function should be used when creating - HMAC's. The new SilcHmac object is returned to new_hmac argument. */ - -int silc_hmac_alloc(SilcHash hash, SilcHmac *new_hmac) -{ - SILC_LOG_DEBUG(("Allocating new hmac object")); +/* $Id$ */ + +#include "silc.h" + +/* HMAC context */ +struct SilcHmacStruct { + SilcHmacObject *hmac; + SilcHash hash; + unsigned char inner_pad[64]; + unsigned char outer_pad[64]; + unsigned char *key; + unsigned int key_len : 31; + unsigned int allocated_hash : 1; /* TRUE if the hash was allocated */ +}; + +#ifndef SILC_EPOC +/* List of dynamically registered HMACs. */ +SilcDList silc_hmac_list = NULL; +#endif /* SILC_EPOC */ + +/* Default hmacs for silc_hmac_register_default(). */ +const SilcHmacObject silc_default_hmacs[] = +{ + { "hmac-sha256-96", 12 }, + { "hmac-sha1-96", 12 }, + { "hmac-md5-96", 12 }, + { "hmac-sha256", 32 }, + { "hmac-sha1", 20 }, + { "hmac-md5", 16 }, + + { NULL, 0 } +}; + +static void silc_hmac_init_internal(SilcHmac hmac, unsigned char *key, + SilcUInt32 key_len) +{ + SilcHash hash = hmac->hash; + SilcUInt32 block_len; + unsigned char hvalue[SILC_HASH_MAXLEN]; + int i; + + memset(hmac->inner_pad, 0, sizeof(hmac->inner_pad)); + memset(hmac->outer_pad, 0, sizeof(hmac->outer_pad)); + + block_len = silc_hash_block_len(hash); + + /* If the key length is more than block size of the hash function, the + key is hashed. */ + if (key_len > block_len) { + silc_hash_make(hash, key, key_len, hvalue); + key = hvalue; + key_len = silc_hash_len(hash); + } + + /* Copy the key into the pads */ + memcpy(hmac->inner_pad, key, key_len); + memcpy(hmac->outer_pad, key, key_len); + + /* XOR the key with pads */ + for (i = 0; i < block_len; i++) { + hmac->inner_pad[i] ^= 0x36; + hmac->outer_pad[i] ^= 0x5c; + } +} + +/* Registers a new HMAC into the SILC. This function is used at the + initialization of the SILC. */ + +SilcBool silc_hmac_register(const SilcHmacObject *hmac) +{ +#ifndef SILC_EPOC + SilcHmacObject *new; + + SILC_LOG_DEBUG(("Registering new HMAC `%s'", hmac->name)); + + /* Check for existing */ + if (silc_hmac_list) { + SilcHmacObject *entry; + silc_dlist_start(silc_hmac_list); + while ((entry = silc_dlist_get(silc_hmac_list)) != SILC_LIST_END) { + if (!strcmp(entry->name, hmac->name)) + return FALSE; + } + } + + new = silc_calloc(1, sizeof(*new)); + new->name = strdup(hmac->name); + new->len = hmac->len; + + /* Add to list */ + if (silc_hmac_list == NULL) + silc_hmac_list = silc_dlist_init(); + silc_dlist_add(silc_hmac_list, new); + +#endif /* SILC_EPOC */ + return TRUE; +} + +/* Unregister a HMAC from the SILC. */ +SilcBool silc_hmac_unregister(SilcHmacObject *hmac) +{ +#ifndef SILC_EPOC + SilcHmacObject *entry; + + SILC_LOG_DEBUG(("Unregistering HMAC")); + + if (!silc_hmac_list) + return FALSE; + + silc_dlist_start(silc_hmac_list); + while ((entry = silc_dlist_get(silc_hmac_list)) != SILC_LIST_END) { + if (hmac == SILC_ALL_HMACS || entry == hmac) { + silc_dlist_del(silc_hmac_list, entry); + silc_free(entry->name); + silc_free(entry); + + if (silc_dlist_count(silc_hmac_list) == 0) { + silc_dlist_uninit(silc_hmac_list); + silc_hmac_list = NULL; + } + + return TRUE; + } + } + +#endif /* SILC_EPOC */ + return FALSE; +} + +/* Function that registers all the default hmacs (all builtin ones). + The application may use this to register the default hmacs if + specific hmacs in any specific order is not wanted. */ + +SilcBool silc_hmac_register_default(void) +{ +#ifndef SILC_EPOC + int i; + + for (i = 0; silc_default_hmacs[i].name; i++) + silc_hmac_register(&(silc_default_hmacs[i])); + +#endif /* SILC_EPOC */ + return TRUE; +} + +SilcBool silc_hmac_unregister_all(void) +{ +#ifndef SILC_EPOC + SilcHmacObject *entry; + + if (!silc_hmac_list) + return FALSE; + + silc_dlist_start(silc_hmac_list); + while ((entry = silc_dlist_get(silc_hmac_list)) != SILC_LIST_END) { + silc_hmac_unregister(entry); + if (!silc_hmac_list) + break; + } +#endif /* SILC_EPOC */ + return TRUE; +} + +/* Allocates a new SilcHmac object of name of `name'. The `hash' may + be provided as argument. If provided it is used as the hash function + of the HMAC. If it is NULL then the hash function is allocated and + the name of the hash algorithm is derived from the `name'. */ + +SilcBool silc_hmac_alloc(const char *name, SilcHash hash, SilcHmac *new_hmac) +{ + SILC_LOG_DEBUG(("Allocating new HMAC")); + + /* Allocate the new object */ *new_hmac = silc_calloc(1, sizeof(**new_hmac)); + + if (!hash) { + char *tmp = strdup(name), *hname; + + hname = tmp; + if (strchr(hname, '-')) + hname = strchr(hname, '-') + 1; + if (strchr(hname, '-')) + *strchr(hname, '-') = '\0'; + + if (!silc_hash_alloc(hname, &hash)) { + silc_free(tmp); + silc_free(*new_hmac); + *new_hmac = NULL; + return FALSE; + } + + (*new_hmac)->allocated_hash = TRUE; + silc_free(tmp); + } + (*new_hmac)->hash = hash; - (*new_hmac)->set_key = silc_hmac_set_key; - (*new_hmac)->make_hmac = silc_hmac_make; - (*new_hmac)->make_hmac_with_key = silc_hmac_make_with_key; - (*new_hmac)->make_hmac_truncated = silc_hmac_make_truncated; - return 1; +#ifndef SILC_EPOC + if (silc_hmac_list) { + SilcHmacObject *entry; + silc_dlist_start(silc_hmac_list); + while ((entry = silc_dlist_get(silc_hmac_list)) != SILC_LIST_END) { + if (!strcmp(entry->name, name)) { + (*new_hmac)->hmac = entry; + return TRUE; + } + } + } +#else + { + /* On EPOC which don't have globals we check our constant hash list. */ + int i; + for (i = 0; silc_default_hmacs[i].name; i++) { + if (!strcmp(silc_default_hmacs[i].name, name)) { + (*new_hmac)->hmac = (SilcHmacObject *)&(silc_default_hmacs[i]); + return TRUE; + } + } + } +#endif /* SILC_EPOC */ + + silc_free(*new_hmac); + *new_hmac = NULL; + return FALSE; } /* Free's the SilcHmac object. */ void silc_hmac_free(SilcHmac hmac) { - if (hmac) + if (hmac) { + if (hmac->allocated_hash) + silc_hash_free(hmac->hash); + + if (hmac->key) { + memset(hmac->key, 0, hmac->key_len); + silc_free(hmac->key); + } + silc_free(hmac); + } } -/* Creates the HMAC. The created keyed hash value is returned to - return_hash argument. */ +/* Returns the length of the MAC that the HMAC will produce. */ -void silc_hmac_make_internal(SilcHmac hmac, unsigned char *data, - unsigned int data_len, unsigned char *key, - unsigned int key_len, unsigned char *return_hash) +SilcUInt32 silc_hmac_len(SilcHmac hmac) { - SilcHash hash = hmac->hash; - unsigned char inner_pad[hash->hash->block_len + 1]; - unsigned char outer_pad[hash->hash->block_len + 1]; - unsigned char hvalue[hash->hash->hash_len]; - void *hash_context; - int i; + return hmac->hmac->len; +} - SILC_LOG_DEBUG(("Making HMAC for message")); +/* Get hash context */ - hash_context = silc_calloc(1, hash->hash->context_len()); +SilcHash silc_hmac_get_hash(SilcHmac hmac) +{ + return hmac->hash; +} - memset(inner_pad, 0, sizeof(inner_pad)); - memset(outer_pad, 0, sizeof(outer_pad)); +/* Return name of hmac */ - /* If the key length is more than block size of the hash function, the - key is hashed. */ - if (key_len > hash->hash->block_len) { - hash->make_hash(hash, key, key_len, hvalue); - key = hvalue; - key_len = hash->hash->hash_len; +const char *silc_hmac_get_name(SilcHmac hmac) +{ + return hmac->hmac->name; +} + +/* Returns TRUE if HMAC `name' is supported. */ + +SilcBool silc_hmac_is_supported(const char *name) +{ +#ifndef SILC_EPOC + SilcHmacObject *entry; + + if (!name) + return FALSE; + + if (silc_hmac_list) { + silc_dlist_start(silc_hmac_list); + while ((entry = silc_dlist_get(silc_hmac_list)) != SILC_LIST_END) { + if (!strcmp(entry->name, name)) + return TRUE; + } } +#else + { + int i; + for (i = 0; silc_default_hmacs[i].name; i++) + if (!strcmp(silc_default_hmacs[i].name, name)) + return TRUE; + } +#endif /* SILC_EPOC */ + return FALSE; +} - /* Copy the key into the pads */ - memcpy(inner_pad, key, key_len); - memcpy(outer_pad, key, key_len); +/* Returns comma separated list of supported HMACs. */ - /* XOR the key with pads */ - for (i = 0; i < hash->hash->block_len; i++) { - inner_pad[i] ^= 0x36; - outer_pad[i] ^= 0x5c; +char *silc_hmac_get_supported() +{ + SilcHmacObject *entry; + char *list = NULL; + int len = 0; + +#ifndef SILC_EPOC + if (silc_hmac_list) { + silc_dlist_start(silc_hmac_list); + while ((entry = silc_dlist_get(silc_hmac_list)) != SILC_LIST_END) { + len += strlen(entry->name); + list = silc_realloc(list, len + 1); + + memcpy(list + (len - strlen(entry->name)), + entry->name, strlen(entry->name)); + memcpy(list + len, ",", 1); + len++; + } + } +#else + { + int i; + for (i = 0; silc_default_hmacs[i].name; i++) { + entry = (SilcHmacObject *)&(silc_default_hmacs[i]); + len += strlen(entry->name); + list = silc_realloc(list, len + 1); + + memcpy(list + (len - strlen(entry->name)), + entry->name, strlen(entry->name)); + memcpy(list + len, ",", 1); + len++; + } } +#endif /* SILC_EPOC */ - /* Do the HMAC transform (too bad I can't do make_hash directly, sigh) */ - hash->hash->init(hash_context); - hash->hash->update(hash_context, inner_pad, hash->hash->block_len); - hash->hash->update(hash_context, data, data_len); - hash->hash->final(hash_context, return_hash); - hash->hash->init(hash_context); - hash->hash->update(hash_context, outer_pad, hash->hash->block_len); - hash->hash->update(hash_context, return_hash, hash->hash->hash_len); - hash->hash->final(hash_context, return_hash); + list[len - 1] = 0; + + return list; +} + +/* Sets the HMAC key used in the HMAC creation */ + +void silc_hmac_set_key(SilcHmac hmac, const unsigned char *key, + SilcUInt32 key_len) +{ + if (hmac->key) { + memset(hmac->key, 0, hmac->key_len); + silc_free(hmac->key); + } + hmac->key = silc_calloc(key_len, sizeof(unsigned char)); + hmac->key_len = key_len; + memcpy(hmac->key, key, key_len); } /* Create the HMAC. This is thee make_hmac function pointer. This uses the internal key set with silc_hmac_set_key. */ void silc_hmac_make(SilcHmac hmac, unsigned char *data, - unsigned int data_len, unsigned char *return_hash) + SilcUInt32 data_len, unsigned char *return_hash, + SilcUInt32 *return_len) +{ + SILC_LOG_DEBUG(("Making HMAC for message")); + + silc_hmac_init(hmac); + silc_hmac_update(hmac, data, data_len); + silc_hmac_final(hmac, return_hash, return_len); +} + +/* Creates HMAC just as above except that this doesn't use the internal + key. The key is sent as argument to the function. */ + +void silc_hmac_make_with_key(SilcHmac hmac, unsigned char *data, + SilcUInt32 data_len, + unsigned char *key, SilcUInt32 key_len, + unsigned char *return_hash, + SilcUInt32 *return_len) { - silc_hmac_make_internal(hmac, data, data_len, hmac->key, - hmac->key_len, return_hash); + SILC_LOG_DEBUG(("Making HMAC for message")); + + silc_hmac_init_with_key(hmac, key, key_len); + silc_hmac_update(hmac, data, data_len); + silc_hmac_final(hmac, return_hash, return_len); } /* Creates the HMAC just as above except that the hash value is truncated to the truncated_len sent as argument. NOTE: One should not truncate to - less than half of the length of original hash value. However, this + less than half of the length of original hash value. However, this routine allows these dangerous truncations. */ void silc_hmac_make_truncated(SilcHmac hmac, unsigned char *data, - unsigned int data_len, - unsigned int truncated_len, + SilcUInt32 data_len, + SilcUInt32 truncated_len, unsigned char *return_hash) { - unsigned char hvalue[hmac->hash->hash->hash_len]; + unsigned char hvalue[SILC_HASH_MAXLEN]; - silc_hmac_make_internal(hmac, data, data_len, - hmac->key, hmac->key_len, hvalue); + SILC_LOG_DEBUG(("Making HMAC for message")); + + silc_hmac_init(hmac); + silc_hmac_update(hmac, data, data_len); + silc_hmac_final(hmac, return_hash, NULL); memcpy(return_hash, hvalue, truncated_len); memset(hvalue, 0, sizeof(hvalue)); } -/* Creates HMAC just as above except that this doesn't use the internal - key. The key is sent as argument to the function. */ +/* Init HMAC for silc_hmac_update and silc_hmac_final. */ -void silc_hmac_make_with_key(SilcHmac hmac, unsigned char *data, - unsigned int data_len, - unsigned char *key, unsigned int key_len, - unsigned char *return_hash) +void silc_hmac_init(SilcHmac hmac) { - silc_hmac_make_internal(hmac, data, data_len, key, key_len, return_hash); + silc_hmac_init_with_key(hmac, hmac->key, hmac->key_len); } -/* Sets the HMAC key used in the HMAC creation */ +/* Same as above but with specific key */ -void silc_hmac_set_key(SilcHmac hmac, const unsigned char *key, - unsigned int key_len) +void silc_hmac_init_with_key(SilcHmac hmac, const unsigned char *key, + SilcUInt32 key_len) { - hmac->key = silc_calloc(key_len, sizeof(unsigned char)); - hmac->key_len = key_len; - memcpy(hmac->key, key, key_len); + SilcHash hash = hmac->hash; + silc_hmac_init_internal(hmac, (unsigned char *)key, key_len); + silc_hash_init(hash); + silc_hash_update(hash, hmac->inner_pad, silc_hash_block_len(hash)); +} + +/* Add data to be used in the MAC computation. */ + +void silc_hmac_update(SilcHmac hmac, const unsigned char *data, + SilcUInt32 data_len) +{ + SilcHash hash = hmac->hash; + silc_hash_update(hash, data, data_len); +} + +/* Compute the final MAC. */ + +void silc_hmac_final(SilcHmac hmac, unsigned char *return_hash, + SilcUInt32 *return_len) +{ + SilcHash hash = hmac->hash; + unsigned char mac[SILC_HASH_MAXLEN]; + + silc_hash_final(hash, mac); + silc_hash_init(hash); + silc_hash_update(hash, hmac->outer_pad, silc_hash_block_len(hash)); + silc_hash_update(hash, mac, silc_hash_len(hash)); + silc_hash_final(hash, mac); + memcpy(return_hash, mac, hmac->hmac->len); + memset(mac, 0, sizeof(mac)); + + if (return_len) + *return_len = hmac->hmac->len; }