X-Git-Url: https://git.distorted.org.uk/u/mdw/catacomb/blobdiff_plain/a351d052dda03a2cc1af01dcef4640891f551ada..6ec3a4cf4aaa7cd375e1aa18f85861986259b8e5:/hmac-def.h diff --git a/hmac-def.h b/hmac-def.h index 38dd64a..8b6b4f5 100644 --- a/hmac-def.h +++ b/hmac-def.h @@ -1,13 +1,13 @@ /* -*-c-*- * - * $Id: hmac-def.h,v 1.3 2000/07/02 18:27:42 mdw Exp $ + * $Id: hmac-def.h,v 1.8 2004/04/08 01:36:15 mdw Exp $ * * Definitions for HMAC and NMAC * * (c) 1999 Straylight/Edgeware */ -/*----- Licensing notice --------------------------------------------------* +/*----- Licensing notice --------------------------------------------------* * * This file is part of Catacomb. * @@ -15,36 +15,18 @@ * it under the terms of the GNU Library General Public License as * published by the Free Software Foundation; either version 2 of the * License, or (at your option) any later version. - * + * * Catacomb is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Library General Public License for more details. - * + * * You should have received a copy of the GNU Library General Public * License along with Catacomb; if not, write to the Free * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: hmac-def.h,v $ - * Revision 1.3 2000/07/02 18:27:42 mdw - * (ghash->ops->done): Interface change. Passing in a null buffer pointer - * uses a buffer internal to the ghash object. The operation returns the - * address of the buffer it used. Clients of generic hashes no longer need - * to use dynamically allocated memory for hash results. - * - * Revision 1.2 2000/06/17 11:23:44 mdw - * Use secure arena for memory allocation. Minor changes in the generic - * hash interface. - * - * Revision 1.1 1999/12/10 23:16:40 mdw - * Split mode macros into interface and implementation. - * - */ - #ifndef CATACOMB_HMAC_DEF_H #define CATACOMB_HMAC_DEF_H @@ -86,7 +68,9 @@ \ /* --- Useful constants --- */ \ \ -const octet pre##_mackeysz[] = { KSZ_ANY, PRE##_HASHSZ }; \ +const octet pre##_hmackeysz[] = { KSZ_ANY, PRE##_STATESZ }; \ +const octet pre##_sslmackeysz[] = { KSZ_ANY, PRE##_STATESZ }; \ +const octet pre##_nmackeysz[] = { KSZ_SET, 2 * PRE##_STATESZ, 0 }; \ \ /* --- @pre_nmacinit@ --- * \ * \ @@ -101,8 +85,8 @@ const octet pre##_mackeysz[] = { KSZ_ANY, PRE##_HASHSZ }; \ \ void pre##_nmacinit(pre##_mackey *key, const void *ok, const void *ik) \ { \ - memcpy(key->ochain, ok, PRE##_HASHSZ); \ - memcpy(key->ichain, ik, PRE##_HASHSZ); \ + memcpy(key->ochain, ok, PRE##_STATESZ); \ + memcpy(key->ichain, ik, PRE##_STATESZ); \ key->ocount = key->icount = 0; \ } \ \ @@ -154,6 +138,48 @@ void pre##_hmacinit(pre##_mackey *key, const void *k, size_t sz) \ BURN(ctx); \ } \ \ +/* --- @pre_sslmacinit@ --- * \ + * \ + * Arguments: @pre_mackey *key@ = pointer to MAC key object \ + * @const void *k@ = pointer to key to use \ + * @size_t sz@ = size of key data \ + * \ + * Returns: --- \ + * \ + * Use: Initializes a MAC key for doing hasing using the SSL3 \ + * variant of HMAC. \ + */ \ + \ +void pre##_sslmacinit(pre##_mackey *key, const void *k, size_t sz) \ +{ \ + const octet *kbuf = k; \ + pre##_ctx ctx; \ + octet buf[PRE##_HASHSZ]; \ + \ + if (sz > PRE##_BUFSZ) { \ + pre##_init(&ctx); \ + pre##_hash(&ctx, k, sz); \ + pre##_done(&ctx, buf); \ + kbuf = buf; \ + sz = PRE##_HASHSZ; \ + } \ + \ + pre##_init(&ctx); \ + memcpy(ctx.buf, kbuf, sz); \ + memset(ctx.buf + sz, 0x5c, PRE##_BUFSZ - sz); \ + pre##_compress(&ctx, ctx.buf); \ + pre##_state(&ctx, key->ochain); \ + \ + pre##_init(&ctx); \ + memcpy(ctx.buf, kbuf, sz); \ + memset(ctx.buf + sz, 0x36, PRE##_BUFSZ - sz); \ + pre##_compress(&ctx, ctx.buf); \ + pre##_state(&ctx, key->ichain); \ + \ + key->ocount = key->icount = PRE##_BUFSZ; \ + BURN(ctx); \ +} \ + \ /* --- @pre_macinit@ --- * \ * \ * Arguments: @pre_macctx *ctx@ = pointer to MAC context block \ @@ -166,7 +192,7 @@ void pre##_hmacinit(pre##_mackey *key, const void *k, size_t sz) \ \ void pre##_macinit(pre##_macctx *ctx, const pre##_mackey *key) \ { \ - memcpy(ctx->chain, key->ochain, PRE##_HASHSZ); \ + memcpy(ctx->chain, key->ochain, PRE##_STATESZ); \ ctx->count = key->ocount; \ pre##_set(&ctx->ctx, key->ichain, key->icount); \ } \ @@ -208,10 +234,11 @@ void pre##_macdone(pre##_macctx *ctx, void *mac) \ /* --- Generic MAC interface --- */ \ \ static const gmac_ops gkops; \ -static const ghash_ops gops; \ +static const ghash_ops gops, gnops, gsslops; \ \ typedef struct gkctx { \ gmac m; \ + const ghash_ops *gops; \ pre##_mackey k; \ } gkctx; \ \ @@ -225,7 +252,7 @@ static ghash *gkinit(gmac *m) \ { \ gkctx *gk = (gkctx *)m; \ gctx *g = S_CREATE(gctx); \ - g->h.ops = &gops; \ + g->h.ops = gk->gops; \ pre##_macinit(&g->c, &gk->k); \ return (&g->h); \ } \ @@ -234,10 +261,31 @@ static gmac *gkey(const void *k, size_t sz) \ { \ gkctx *gk = S_CREATE(gkctx); \ gk->m.ops = &gkops; \ + gk->gops = &gops; \ pre##_hmacinit(&gk->k, k, sz); \ return (&gk->m); \ } \ \ +static gmac *gnkey(const void *k, size_t sz) \ +{ \ + gkctx *gk = S_CREATE(gkctx); \ + const octet *kk = k; \ + assert(keysz(sz, pre##_nmackeysz) == sz); \ + gk->m.ops = &gkops; \ + gk->gops = &gnops; \ + pre##_nmacinit(&gk->k, kk, kk + PRE##_STATESZ); \ + return (&gk->m); \ +} \ + \ +static gmac *gsslkey(const void *k, size_t sz) \ +{ \ + gkctx *gk = S_CREATE(gkctx); \ + gk->m.ops = &gkops; \ + gk->gops = &gsslops; \ + pre##_sslmacinit(&gk->k, k, sz); \ + return (&gk->m); \ +} \ + \ static void ghhash(ghash *h, const void *p, size_t sz) \ { \ gctx *g = (gctx *)h; \ @@ -253,6 +301,14 @@ static octet *ghdone(ghash *h, void *buf) \ return (buf); \ } \ \ +static ghash *ghcopy(ghash *h) \ +{ \ + gctx *g = (gctx *)h; \ + gctx *gg = S_CREATE(gctx); \ + memcpy(gg, g, sizeof(gctx)); \ + return (&gg->h); \ +} \ + \ static void ghdestroy(ghash *h) \ { \ gctx *g = (gctx *)h; \ @@ -273,12 +329,24 @@ static ghash *ghinit(void) \ return (0); \ } \ \ +const gcmac pre##_nmac = \ + { #pre "-nmac", PRE##_HASHSZ, pre##_nmackeysz, gnkey }; \ const gcmac pre##_hmac = \ - { #pre "-hmac", PRE##_HASHSZ, pre##_mackeysz, gkey }; \ + { #pre "-hmac", PRE##_HASHSZ, pre##_hmackeysz, gkey }; \ +const gcmac pre##_sslmac = \ + { #pre "-sslmac", PRE##_HASHSZ, pre##_sslmackeysz, gsslkey }; \ static const gmac_ops gkops = { &pre##_hmac, gkinit, gkdestroy }; \ +static const gmac_ops gnkops = { &pre##_nmac, gkinit, gkdestroy }; \ +static const gmac_ops gsslkops = { &pre##_sslmac, gkinit, gkdestroy }; \ static const gchash gch = { #pre "-hmac", PRE##_HASHSZ, ghinit }; \ static const ghash_ops gops = \ - { &gch, ghhash, ghdone, ghdestroy }; \ + { &gch, ghhash, ghdone, ghdestroy, ghcopy }; \ +static const gchash gnch = { #pre "-nmac", PRE##_HASHSZ, ghinit }; \ +static const ghash_ops gnops = \ + { &gch, ghhash, ghdone, ghdestroy, ghcopy }; \ +static const gchash gsslch = { #pre "-sslmac", PRE##_HASHSZ, ghinit }; \ +static const ghash_ops gsslops = \ + { &gch, ghhash, ghdone, ghdestroy, ghcopy }; \ \ HMAC_TEST(PRE, pre)