1 #ifdef HMAC_MD5 2 #ifndef LINT 3 static const char rcsid[] = "$Header: /proj/cvs/prod/libbind/dst/hmac_link.c,v 1.8 2007/09/24 17:18:25 each Exp $"; 4 #endif 5 /* 6 * Portions Copyright (c) 1995-1998 by Trusted Information Systems, Inc. 7 * 8 * Permission to use, copy modify, and distribute this software for any 9 * purpose with or without fee is hereby granted, provided that the above 10 * copyright notice and this permission notice appear in all copies. 11 * 12 * THE SOFTWARE IS PROVIDED "AS IS" AND TRUSTED INFORMATION SYSTEMS 13 * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL 14 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL 15 * TRUSTED INFORMATION SYSTEMS BE LIABLE FOR ANY SPECIAL, DIRECT, 16 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING 17 * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, 18 * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION 19 * WITH THE USE OR PERFORMANCE OF THE SOFTWARE. 20 */ 21 22 /*% 23 * This file contains an implementation of the HMAC-MD5 algorithm. 24 */ 25 #include "port_before.h" 26 27 #include <stdio.h> 28 #include <unistd.h> 29 #include <stdlib.h> 30 #include <string.h> 31 #include <memory.h> 32 #include <sys/param.h> 33 #include <sys/time.h> 34 #include <netinet/in.h> 35 #include <arpa/nameser.h> 36 #include <resolv.h> 37 38 #include "dst_internal.h" 39 40 #ifdef USE_MD5 41 # ifndef HAVE_MD5 42 # include "md5.h" 43 # else 44 # ifdef SOLARIS2 45 # include <sys/md5.h> 46 # endif 47 # endif 48 # ifndef _MD5_H_ 49 # define _MD5_H_ 1 /*%< make sure we do not include rsaref md5.h file */ 50 # endif 51 #endif 52 53 #include "port_after.h" 54 55 56 #define HMAC_LEN 64 57 #define HMAC_IPAD 0x36 58 #define HMAC_OPAD 0x5c 59 #define MD5_LEN 16 60 61 62 typedef struct hmackey { 63 u_char hk_ipad[64], hk_opad[64]; 64 } HMAC_Key; 65 66 67 /************************************************************************** 68 * dst_hmac_md5_sign 69 * Call HMAC signing functions to sign a block of data. 70 * There are three steps to signing, INIT (initialize structures), 71 * UPDATE (hash (more) data), FINAL (generate a signature). This 72 * routine performs one or more of these steps. 73 * Parameters 74 * mode SIG_MODE_INIT, SIG_MODE_UPDATE and/or SIG_MODE_FINAL. 75 * priv_key key to use for signing. 76 * context the context to be used in this digest 77 * data data to be signed. 78 * len length in bytes of data. 79 * signature location to store signature. 80 * sig_len size of the signature location 81 * returns 82 * N Success on SIG_MODE_FINAL = returns signature length in bytes 83 * 0 Success on SIG_MODE_INIT and UPDATE 84 * <0 Failure 85 */ 86 87 static int 88 dst_hmac_md5_sign(const int mode, DST_KEY *d_key, void **context, 89 const u_char *data, const int len, 90 u_char *signature, const int sig_len) 91 { 92 HMAC_Key *key; 93 int sign_len = 0; 94 MD5_CTX *ctx = NULL; 95 96 if (d_key == NULL || d_key->dk_KEY_struct == NULL) 97 return (-1); 98 99 if (mode & SIG_MODE_INIT) 100 ctx = (MD5_CTX *) malloc(sizeof(*ctx)); 101 else if (context) 102 ctx = (MD5_CTX *) *context; 103 if (ctx == NULL) 104 return (-1); 105 106 key = (HMAC_Key *) d_key->dk_KEY_struct; 107 108 if (mode & SIG_MODE_INIT) { 109 MD5Init(ctx); 110 MD5Update(ctx, key->hk_ipad, HMAC_LEN); 111 } 112 113 if ((mode & SIG_MODE_UPDATE) && (data && len > 0)) 114 MD5Update(ctx, data, len); 115 116 if (mode & SIG_MODE_FINAL) { 117 if (signature == NULL || sig_len < MD5_LEN) 118 return (SIGN_FINAL_FAILURE); 119 MD5Final(signature, ctx); 120 121 /* perform outer MD5 */ 122 MD5Init(ctx); 123 MD5Update(ctx, key->hk_opad, HMAC_LEN); 124 MD5Update(ctx, signature, MD5_LEN); 125 MD5Final(signature, ctx); 126 sign_len = MD5_LEN; 127 SAFE_FREE(ctx); 128 } 129 else { 130 if (context == NULL) 131 return (-1); 132 *context = (void *) ctx; 133 } 134 return (sign_len); 135 } 136 137 138 /************************************************************************** 139 * dst_hmac_md5_verify() 140 * Calls HMAC verification routines. There are three steps to 141 * verification, INIT (initialize structures), UPDATE (hash (more) data), 142 * FINAL (generate a signature). This routine performs one or more of 143 * these steps. 144 * Parameters 145 * mode SIG_MODE_INIT, SIG_MODE_UPDATE and/or SIG_MODE_FINAL. 146 * dkey key to use for verify. 147 * data data signed. 148 * len length in bytes of data. 149 * signature signature. 150 * sig_len length in bytes of signature. 151 * returns 152 * 0 Success 153 * <0 Failure 154 */ 155 156 static int 157 dst_hmac_md5_verify(const int mode, DST_KEY *d_key, void **context, 158 const u_char *data, const int len, 159 const u_char *signature, const int sig_len) 160 { 161 HMAC_Key *key; 162 MD5_CTX *ctx = NULL; 163 164 if (d_key == NULL || d_key->dk_KEY_struct == NULL) 165 return (-1); 166 167 if (mode & SIG_MODE_INIT) 168 ctx = (MD5_CTX *) malloc(sizeof(*ctx)); 169 else if (context) 170 ctx = (MD5_CTX *) *context; 171 if (ctx == NULL) 172 return (-1); 173 174 key = (HMAC_Key *) d_key->dk_KEY_struct; 175 if (mode & SIG_MODE_INIT) { 176 MD5Init(ctx); 177 MD5Update(ctx, key->hk_ipad, HMAC_LEN); 178 } 179 if ((mode & SIG_MODE_UPDATE) && (data && len > 0)) 180 MD5Update(ctx, data, len); 181 182 if (mode & SIG_MODE_FINAL) { 183 u_char digest[MD5_LEN]; 184 if (signature == NULL || key == NULL || sig_len != MD5_LEN) 185 return (VERIFY_FINAL_FAILURE); 186 MD5Final(digest, ctx); 187 188 /* perform outer MD5 */ 189 MD5Init(ctx); 190 MD5Update(ctx, key->hk_opad, HMAC_LEN); 191 MD5Update(ctx, digest, MD5_LEN); 192 MD5Final(digest, ctx); 193 194 SAFE_FREE(ctx); 195 if (memcmp(digest, signature, MD5_LEN) != 0) 196 return (VERIFY_FINAL_FAILURE); 197 } 198 else { 199 if (context == NULL) 200 return (-1); 201 *context = (void *) ctx; 202 } 203 return (0); 204 } 205 206 207 /************************************************************************** 208 * dst_buffer_to_hmac_md5 209 * Converts key from raw data to an HMAC Key 210 * This function gets in a pointer to the data 211 * Parameters 212 * hkey the HMAC key to be filled in 213 * key the key in raw format 214 * keylen the length of the key 215 * Return 216 * 0 Success 217 * <0 Failure 218 */ 219 static int 220 dst_buffer_to_hmac_md5(DST_KEY *dkey, const u_char *key, const int keylen) 221 { 222 int i; 223 HMAC_Key *hkey = NULL; 224 MD5_CTX ctx; 225 int local_keylen = keylen; 226 u_char tk[MD5_LEN]; 227 228 if (dkey == NULL || key == NULL || keylen < 0) 229 return (-1); 230 231 if ((hkey = (HMAC_Key *) malloc(sizeof(HMAC_Key))) == NULL) 232 return (-2); 233 234 memset(hkey->hk_ipad, 0, sizeof(hkey->hk_ipad)); 235 memset(hkey->hk_opad, 0, sizeof(hkey->hk_opad)); 236 237 /* if key is longer than HMAC_LEN bytes reset it to key=MD5(key) */ 238 if (keylen > HMAC_LEN) { 239 MD5Init(&ctx); 240 MD5Update(&ctx, key, keylen); 241 MD5Final(tk, &ctx); 242 memset((void *) &ctx, 0, sizeof(ctx)); 243 key = tk; 244 local_keylen = MD5_LEN; 245 } 246 /* start out by storing key in pads */ 247 memcpy(hkey->hk_ipad, key, local_keylen); 248 memcpy(hkey->hk_opad, key, local_keylen); 249 250 /* XOR key with hk_ipad and opad values */ 251 for (i = 0; i < HMAC_LEN; i++) { 252 hkey->hk_ipad[i] ^= HMAC_IPAD; 253 hkey->hk_opad[i] ^= HMAC_OPAD; 254 } 255 dkey->dk_key_size = local_keylen; 256 dkey->dk_KEY_struct = (void *) hkey; 257 return (1); 258 } 259 260 261 /************************************************************************** 262 * dst_hmac_md5_key_to_file_format 263 * Encodes an HMAC Key into the portable file format. 264 * Parameters 265 * hkey HMAC KEY structure 266 * buff output buffer 267 * buff_len size of output buffer 268 * Return 269 * 0 Failure - null input hkey 270 * -1 Failure - not enough space in output area 271 * N Success - Length of data returned in buff 272 */ 273 274 static int 275 dst_hmac_md5_key_to_file_format(const DST_KEY *dkey, char *buff, 276 const int buff_len) 277 { 278 char *bp; 279 int len, i, key_len; 280 u_char key[HMAC_LEN]; 281 HMAC_Key *hkey; 282 283 if (dkey == NULL || dkey->dk_KEY_struct == NULL) 284 return (0); 285 /* 286 * Using snprintf() would be so much simpler here. 287 */ 288 if (buff == NULL || 289 buff_len <= (int)(strlen(key_file_fmt_str) + 290 strlen(KEY_FILE_FORMAT) + 4)) 291 return (-1); /*%< no OR not enough space in output area */ 292 hkey = (HMAC_Key *) dkey->dk_KEY_struct; 293 memset(buff, 0, buff_len); /*%< just in case */ 294 /* write file header */ 295 sprintf(buff, key_file_fmt_str, KEY_FILE_FORMAT, KEY_HMAC_MD5, "HMAC"); 296 297 bp = buff + strlen(buff); 298 299 memset(key, 0, HMAC_LEN); 300 for (i = 0; i < HMAC_LEN; i++) 301 key[i] = hkey->hk_ipad[i] ^ HMAC_IPAD; 302 for (i = HMAC_LEN - 1; i >= 0; i--) 303 if (key[i] != 0) 304 break; 305 key_len = i + 1; 306 307 if (buff_len - (bp - buff) < 6) 308 return (-1); 309 strcat(bp, "Key: "); 310 bp += strlen("Key: "); 311 312 len = b64_ntop(key, key_len, bp, buff_len - (bp - buff)); 313 if (len < 0) 314 return (-1); 315 bp += len; 316 if (buff_len - (bp - buff) < 2) 317 return (-1); 318 *(bp++) = '\n'; 319 *bp = '\0'; 320 321 return (bp - buff); 322 } 323 324 325 /************************************************************************** 326 * dst_hmac_md5_key_from_file_format 327 * Converts contents of a key file into an HMAC key. 328 * Parameters 329 * hkey structure to put key into 330 * buff buffer containing the encoded key 331 * buff_len the length of the buffer 332 * Return 333 * n >= 0 Foot print of the key converted 334 * n < 0 Error in conversion 335 */ 336 337 static int 338 dst_hmac_md5_key_from_file_format(DST_KEY *dkey, const char *buff, 339 const int buff_len) 340 { 341 const char *p = buff, *eol; 342 u_char key[HMAC_LEN+1]; /* b64_pton needs more than 64 bytes do decode 343 * it should probably be fixed rather than doing 344 * this 345 */ 346 u_char *tmp; 347 int key_len, len; 348 349 if (dkey == NULL) 350 return (-2); 351 if (buff == NULL || buff_len < 0) 352 return (-1); 353 354 memset(key, 0, sizeof(key)); 355 356 if (!dst_s_verify_str(&p, "Key: ")) 357 return (-3); 358 359 eol = strchr(p, '\n'); 360 if (eol == NULL) 361 return (-4); 362 len = eol - p; 363 tmp = malloc(len + 2); 364 if (tmp == NULL) 365 return (-5); 366 memcpy(tmp, p, len); 367 *(tmp + len) = 0x0; 368 key_len = b64_pton((char *)tmp, key, HMAC_LEN+1); /*%< see above */ 369 SAFE_FREE2(tmp, len + 2); 370 371 if (dst_buffer_to_hmac_md5(dkey, key, key_len) < 0) { 372 return (-6); 373 } 374 return (0); 375 } 376 377 /*% 378 * dst_hmac_md5_to_dns_key() 379 * function to extract hmac key from DST_KEY structure 380 * intput: 381 * in_key: HMAC-MD5 key 382 * output: 383 * out_str: buffer to write ot 384 * out_len: size of output buffer 385 * returns: 386 * number of bytes written to output buffer 387 */ 388 static int 389 dst_hmac_md5_to_dns_key(const DST_KEY *in_key, u_char *out_str, 390 const int out_len) 391 { 392 393 HMAC_Key *hkey; 394 int i; 395 396 if (in_key == NULL || in_key->dk_KEY_struct == NULL || 397 out_len <= in_key->dk_key_size || out_str == NULL) 398 return (-1); 399 400 hkey = (HMAC_Key *) in_key->dk_KEY_struct; 401 for (i = 0; i < in_key->dk_key_size; i++) 402 out_str[i] = hkey->hk_ipad[i] ^ HMAC_IPAD; 403 return (i); 404 } 405 406 /************************************************************************** 407 * dst_hmac_md5_compare_keys 408 * Compare two keys for equality. 409 * Return 410 * 0 The keys are equal 411 * NON-ZERO The keys are not equal 412 */ 413 414 static int 415 dst_hmac_md5_compare_keys(const DST_KEY *key1, const DST_KEY *key2) 416 { 417 HMAC_Key *hkey1 = (HMAC_Key *) key1->dk_KEY_struct; 418 HMAC_Key *hkey2 = (HMAC_Key *) key2->dk_KEY_struct; 419 return memcmp(hkey1->hk_ipad, hkey2->hk_ipad, HMAC_LEN); 420 } 421 422 /************************************************************************** 423 * dst_hmac_md5_free_key_structure 424 * Frees all (none) dynamically allocated structures in hkey 425 */ 426 427 static void * 428 dst_hmac_md5_free_key_structure(void *key) 429 { 430 HMAC_Key *hkey = key; 431 SAFE_FREE(hkey); 432 return (NULL); 433 } 434 435 436 /*************************************************************************** 437 * dst_hmac_md5_generate_key 438 * Creates a HMAC key of size size with a maximum size of 63 bytes 439 * generating a HMAC key larger than 63 bytes makes no sense as that key 440 * is digested before use. 441 */ 442 443 static int 444 dst_hmac_md5_generate_key(DST_KEY *key, const int nothing) 445 { 446 (void)key; 447 (void)nothing; 448 return (-1); 449 } 450 451 /*% 452 * dst_hmac_md5_init() Function to answer set up function pointers for HMAC 453 * related functions 454 */ 455 int 456 #ifdef SUNW_LIBMD5 457 dst_md5_hmac_init() 458 #else 459 dst_hmac_md5_init() 460 #endif 461 { 462 if (dst_t_func[KEY_HMAC_MD5] != NULL) 463 return (1); 464 dst_t_func[KEY_HMAC_MD5] = malloc(sizeof(struct dst_func)); 465 if (dst_t_func[KEY_HMAC_MD5] == NULL) 466 return (0); 467 memset(dst_t_func[KEY_HMAC_MD5], 0, sizeof(struct dst_func)); 468 dst_t_func[KEY_HMAC_MD5]->sign = dst_hmac_md5_sign; 469 dst_t_func[KEY_HMAC_MD5]->verify = dst_hmac_md5_verify; 470 dst_t_func[KEY_HMAC_MD5]->compare = dst_hmac_md5_compare_keys; 471 dst_t_func[KEY_HMAC_MD5]->generate = dst_hmac_md5_generate_key; 472 dst_t_func[KEY_HMAC_MD5]->destroy = dst_hmac_md5_free_key_structure; 473 dst_t_func[KEY_HMAC_MD5]->to_dns_key = dst_hmac_md5_to_dns_key; 474 dst_t_func[KEY_HMAC_MD5]->from_dns_key = dst_buffer_to_hmac_md5; 475 dst_t_func[KEY_HMAC_MD5]->to_file_fmt = dst_hmac_md5_key_to_file_format; 476 dst_t_func[KEY_HMAC_MD5]->from_file_fmt = dst_hmac_md5_key_from_file_format; 477 return (1); 478 } 479 480 #else 481 int __dst_hmac_md5_init(void); 482 #define dst_hmac_md5_init __dst_hmac_md5_init 483 484 int 485 dst_hmac_md5_init() 486 { 487 return (0); 488 } 489 #endif 490 491 /*! \file */ 492