1 /* $OpenBSD: cm_pmeth.c,v 1.8 2014/07/11 08:44:48 jsing Exp $ */
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2010.
4 */
5 /* ====================================================================
6 * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 */
53
54 #include <stdio.h>
55 #include <string.h>
56
57 #include <openssl/cmac.h>
58 #include <openssl/evp.h>
59 #include <openssl/x509.h>
60 #include <openssl/x509v3.h>
61
62 #include "evp_locl.h"
63
64 /* The context structure and "key" is simply a CMAC_CTX */
65
66 static int
pkey_cmac_init(EVP_PKEY_CTX * ctx)67 pkey_cmac_init(EVP_PKEY_CTX *ctx)
68 {
69 ctx->data = CMAC_CTX_new();
70 if (!ctx->data)
71 return 0;
72 ctx->keygen_info_count = 0;
73 return 1;
74 }
75
76 static int
pkey_cmac_copy(EVP_PKEY_CTX * dst,EVP_PKEY_CTX * src)77 pkey_cmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
78 {
79 if (!pkey_cmac_init(dst))
80 return 0;
81 if (!CMAC_CTX_copy(dst->data, src->data))
82 return 0;
83 return 1;
84 }
85
86 static void
pkey_cmac_cleanup(EVP_PKEY_CTX * ctx)87 pkey_cmac_cleanup(EVP_PKEY_CTX *ctx)
88 {
89 CMAC_CTX_free(ctx->data);
90 }
91
92 static int
pkey_cmac_keygen(EVP_PKEY_CTX * ctx,EVP_PKEY * pkey)93 pkey_cmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
94 {
95 CMAC_CTX *cmkey = CMAC_CTX_new();
96 CMAC_CTX *cmctx = ctx->data;
97
98 if (!cmkey)
99 return 0;
100 if (!CMAC_CTX_copy(cmkey, cmctx)) {
101 CMAC_CTX_free(cmkey);
102 return 0;
103 }
104 EVP_PKEY_assign(pkey, EVP_PKEY_CMAC, cmkey);
105
106 return 1;
107 }
108
109 static int
int_update(EVP_MD_CTX * ctx,const void * data,size_t count)110 int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
111 {
112 if (!CMAC_Update(ctx->pctx->data, data, count))
113 return 0;
114 return 1;
115 }
116
117 static int
cmac_signctx_init(EVP_PKEY_CTX * ctx,EVP_MD_CTX * mctx)118 cmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
119 {
120 EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
121 mctx->update = int_update;
122 return 1;
123 }
124
125 static int
cmac_signctx(EVP_PKEY_CTX * ctx,unsigned char * sig,size_t * siglen,EVP_MD_CTX * mctx)126 cmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
127 EVP_MD_CTX *mctx)
128 {
129 return CMAC_Final(ctx->data, sig, siglen);
130 }
131
132 static int
pkey_cmac_ctrl(EVP_PKEY_CTX * ctx,int type,int p1,void * p2)133 pkey_cmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
134 {
135 CMAC_CTX *cmctx = ctx->data;
136
137 switch (type) {
138 case EVP_PKEY_CTRL_SET_MAC_KEY:
139 if (!p2 || p1 < 0)
140 return 0;
141 if (!CMAC_Init(cmctx, p2, p1, NULL, NULL))
142 return 0;
143 break;
144
145 case EVP_PKEY_CTRL_CIPHER:
146 if (!CMAC_Init(cmctx, NULL, 0, p2, ctx->engine))
147 return 0;
148 break;
149
150 case EVP_PKEY_CTRL_MD:
151 if (ctx->pkey && !CMAC_CTX_copy(ctx->data,
152 (CMAC_CTX *)ctx->pkey->pkey.ptr))
153 return 0;
154 if (!CMAC_Init(cmctx, NULL, 0, NULL, NULL))
155 return 0;
156 break;
157
158 default:
159 return -2;
160 }
161 return 1;
162 }
163
164 static int
pkey_cmac_ctrl_str(EVP_PKEY_CTX * ctx,const char * type,const char * value)165 pkey_cmac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
166 {
167 if (!value)
168 return 0;
169 if (!strcmp(type, "key")) {
170 void *p = (void *)value;
171 return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
172 strlen(p), p);
173 }
174 if (!strcmp(type, "cipher")) {
175 const EVP_CIPHER *c;
176
177 c = EVP_get_cipherbyname(value);
178 if (!c)
179 return 0;
180 return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_CIPHER, -1, (void *)c);
181 }
182 if (!strcmp(type, "hexkey")) {
183 unsigned char *key;
184 int r;
185 long keylen;
186
187 key = string_to_hex(value, &keylen);
188 if (!key)
189 return 0;
190 r = pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
191 free(key);
192 return r;
193 }
194
195 return -2;
196 }
197
198 const EVP_PKEY_METHOD cmac_pkey_meth = {
199 .pkey_id = EVP_PKEY_CMAC,
200 .flags = EVP_PKEY_FLAG_SIGCTX_CUSTOM,
201
202 .init = pkey_cmac_init,
203 .copy = pkey_cmac_copy,
204 .cleanup = pkey_cmac_cleanup,
205
206 .keygen = pkey_cmac_keygen,
207
208 .signctx_init = cmac_signctx_init,
209 .signctx = cmac_signctx,
210
211 .ctrl = pkey_cmac_ctrl,
212 .ctrl_str = pkey_cmac_ctrl_str
213 };
214