strongswan/src/libstrongswan/crypto/signers/hmac_signer.c

/**
 * @file hmac_signer.c
 * 
 * @brief Implementation of hmac_signer_t.
 * 
 */

/*
 * Copyright (C) 2005-2006 Martin Willi
 * Copyright (C) 2005 Jan Hutter
 * Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

#include <string.h>

#include "hmac_signer.h"

#include <crypto/prfs/hmac_prf.h>

typedef struct private_hmac_signer_t private_hmac_signer_t;

/**
 * Private data structure with signing context.
 */
struct private_hmac_signer_t {
	/**
	 * Public interface of hmac_signer_t.
	 */
	hmac_signer_t public;
	
	/**
	 * Assigned hmac function.
	 */
	prf_t *hmac_prf;
	
	/**
	 * Block size (truncation of HMAC Hash)
	 */
	size_t block_size;
};

/**
 * Implementation of signer_t.get_signature.
 */
static void get_signature(private_hmac_signer_t *this, chunk_t data, u_int8_t *buffer)
{
	if (buffer == NULL)
	{	/* append mode */
		this->hmac_prf->get_bytes(this->hmac_prf, data, NULL);
	}
	else
	{
		u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
		
		this->hmac_prf->get_bytes(this->hmac_prf, data, full_mac);
		memcpy(buffer, full_mac, this->block_size);
	}
}

/**
 * Implementation of signer_t.allocate_signature.
 */
static void allocate_signature (private_hmac_signer_t *this, chunk_t data, chunk_t *chunk)
{
	if (chunk == NULL)
	{	/* append mode */
		this->hmac_prf->get_bytes(this->hmac_prf, data, NULL);
	}
	else
	{
		chunk_t signature;
		u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
		
		this->hmac_prf->get_bytes(this->hmac_prf, data, full_mac);

		signature.ptr = malloc(this->block_size);
		signature.len = this->block_size;
		
		memcpy(signature.ptr, full_mac, this->block_size);

		*chunk = signature;
	}
}

/**
 * Implementation of signer_t.verify_signature.
 */
static bool verify_signature(private_hmac_signer_t *this, chunk_t data, chunk_t signature)
{
	u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
	
	this->hmac_prf->get_bytes(this->hmac_prf, data, full_mac);
	
	if (signature.len != this->block_size)
	{
		return FALSE;
	}
	
	/* compare mac aka signature :-) */
	if (memcmp(signature.ptr, full_mac, this->block_size) == 0)
	{
		return TRUE;
	}
	else
	{
		return FALSE;
	}
}

/**
 * Implementation of signer_t.get_key_size.
 */
static size_t get_key_size(private_hmac_signer_t *this)
{
	/* for HMAC signer, IKEv2 uses block size as key size */
	return this->hmac_prf->get_block_size(this->hmac_prf);
}

/**
 * Implementation of signer_t.get_block_size.
 */
static size_t get_block_size(private_hmac_signer_t *this)
{
	return this->block_size;
}

/**
 * Implementation of signer_t.set_key.
 */
static void set_key(private_hmac_signer_t *this, chunk_t key)
{
	this->hmac_prf->set_key(this->hmac_prf, key);
}

/**
 * Implementation of signer_t.destroy.
 */
static status_t destroy(private_hmac_signer_t *this)
{
	this->hmac_prf->destroy(this->hmac_prf);
	free(this);
	return SUCCESS;
}

/*
 * Described in header
 */
hmac_signer_t *hmac_signer_create(hash_algorithm_t hash_algoritm, size_t block_size)
{
	size_t hmac_block_size;
	private_hmac_signer_t *this = malloc_thing(private_hmac_signer_t);

	this->hmac_prf = (prf_t *) hmac_prf_create(hash_algoritm);
	if (this->hmac_prf == NULL)
	{
		/* algorithm not supported */
		free(this);
		return NULL;
	}
	
	/* prevent invalid truncation */
	hmac_block_size = this->hmac_prf->get_block_size(this->hmac_prf);
	this->block_size = min(block_size, hmac_block_size);
	
	/* interface functions */
	this->public.signer_interface.get_signature = (void (*) (signer_t*, chunk_t, u_int8_t*))get_signature;
	this->public.signer_interface.allocate_signature = (void (*) (signer_t*, chunk_t, chunk_t*))allocate_signature;
	this->public.signer_interface.verify_signature = (bool (*) (signer_t*, chunk_t, chunk_t))verify_signature;
	this->public.signer_interface.get_key_size = (size_t (*) (signer_t*))get_key_size;
	this->public.signer_interface.get_block_size = (size_t (*) (signer_t*))get_block_size;
	this->public.signer_interface.set_key = (void (*) (signer_t*,chunk_t))set_key;
	this->public.signer_interface.destroy = (void (*) (signer_t*))destroy;
	
	return &(this->public);
}
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`/**`
			`* @file hmac_signer.c`
			`*`
			`* @brief Implementation of hmac_signer_t.`
			`*`
			`*/`

			`/*`
updated copyright information 2006-07-07 08:49:06 +00:00			`* Copyright (C) 2005-2006 Martin Willi`
			`* Copyright (C) 2005 Jan Hutter`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`* Hochschule fuer Technik Rapperswil`
			`*`
			`* This program is free software; you can redistribute it and/or modify it`
			`* under the terms of the GNU General Public License as published by the`
			`* Free Software Foundation; either version 2 of the License, or (at your`
			`* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.`
			`*`
			`* This program is distributed in the hope that it will be useful, but`
			`* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY`
			`* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License`
			`* for more details.`
			`*/`

- split up in libstrong, charon, stroke, testing done - new leak detective with malloc hook in library - useable, but needs improvements - logger_manager has now a single instance per library - allows use of loggers from any linking prog - a LOT of other things 2006-04-10 08:07:38 +00:00			`#include <string.h>`

- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`#include "hmac_signer.h"`

../svn-commit.tmp 2006-04-05 12:10:50 +00:00			`#include <crypto/prfs/hmac_prf.h>`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00
			`typedef struct private_hmac_signer_t private_hmac_signer_t;`

			`/**`
- code cleaned up 2005-12-06 16:04:39 +00:00			`* Private data structure with signing context.`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`*/`
			`struct private_hmac_signer_t {`
			`/**`
- code cleaned up 2005-12-06 16:04:39 +00:00			`* Public interface of hmac_signer_t.`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`*/`
			`hmac_signer_t public;`

merged EAP framework from branch into trunk includes a lot of other modifications 2007-02-12 15:56:47 +00:00			`/**`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`* Assigned hmac function.`
			`*/`
			`prf_t *hmac_prf;`
merged EAP framework from branch into trunk includes a lot of other modifications 2007-02-12 15:56:47 +00:00
			`/**`
			`* Block size (truncation of HMAC Hash)`
			`*/`
			`size_t block_size;`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`};`

- code cleaned up 2005-12-06 16:04:39 +00:00			`/**`
			`* Implementation of signer_t.get_signature.`
			`*/`
signers implemented with HMAC now support NULL output parameters to feed signer with more than one block of data. 2007-08-29 07:52:49 +00:00			`static void get_signature(private_hmac_signer_t this, chunk_t data, u_int8_t buffer)`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`{`
signers implemented with HMAC now support NULL output parameters to feed signer with more than one block of data. 2007-08-29 07:52:49 +00:00			`if (buffer == NULL)`
			`{ /* append mode */`
			`this->hmac_prf->get_bytes(this->hmac_prf, data, NULL);`
			`}`
			`else`
			`{`
			`u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];`

			`this->hmac_prf->get_bytes(this->hmac_prf, data, full_mac);`
			`memcpy(buffer, full_mac, this->block_size);`
			`}`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`}`

- code cleaned up 2005-12-06 16:04:39 +00:00			`/**`
			`* Implementation of signer_t.allocate_signature.`
			`*/`
- return value cleanup 2005-11-28 20:29:47 +00:00			`static void allocate_signature (private_hmac_signer_t this, chunk_t data, chunk_t chunk)`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`{`
signers implemented with HMAC now support NULL output parameters to feed signer with more than one block of data. 2007-08-29 07:52:49 +00:00			`if (chunk == NULL)`
			`{ /* append mode */`
			`this->hmac_prf->get_bytes(this->hmac_prf, data, NULL);`
			`}`
			`else`
			`{`
			`chunk_t signature;`
			`u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];`

			`this->hmac_prf->get_bytes(this->hmac_prf, data, full_mac);`
- return value cleanup 2005-11-28 20:29:47 +00:00
signers implemented with HMAC now support NULL output parameters to feed signer with more than one block of data. 2007-08-29 07:52:49 +00:00			`signature.ptr = malloc(this->block_size);`
			`signature.len = this->block_size;`

			`memcpy(signature.ptr, full_mac, this->block_size);`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00
signers implemented with HMAC now support NULL output parameters to feed signer with more than one block of data. 2007-08-29 07:52:49 +00:00			`*chunk = signature;`
			`}`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`}`

- code cleaned up 2005-12-06 16:04:39 +00:00			`/**`
			`* Implementation of signer_t.verify_signature.`
			`*/`
merged EAP framework from branch into trunk includes a lot of other modifications 2007-02-12 15:56:47 +00:00			`static bool verify_signature(private_hmac_signer_t *this, chunk_t data, chunk_t signature)`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`{`
			`u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];`

merged EAP framework from branch into trunk includes a lot of other modifications 2007-02-12 15:56:47 +00:00			`this->hmac_prf->get_bytes(this->hmac_prf, data, full_mac);`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00
merged EAP framework from branch into trunk includes a lot of other modifications 2007-02-12 15:56:47 +00:00			`if (signature.len != this->block_size)`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`{`
- code cleaned up 2005-12-06 16:04:39 +00:00			`return FALSE;`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`}`

			`/* compare mac aka signature :-) */`
merged EAP framework from branch into trunk includes a lot of other modifications 2007-02-12 15:56:47 +00:00			`if (memcmp(signature.ptr, full_mac, this->block_size) == 0)`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`{`
- code cleaned up 2005-12-06 16:04:39 +00:00			`return TRUE;`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`}`
			`else`
			`{`
- code cleaned up 2005-12-06 16:04:39 +00:00			`return FALSE;`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`}`
			`}`
- encryption seems to work 2005-11-29 17:19:59 +00:00
- code cleaned up 2005-12-06 16:04:39 +00:00			`/**`
			`* Implementation of signer_t.get_key_size.`
			`*/`
merged EAP framework from branch into trunk includes a lot of other modifications 2007-02-12 15:56:47 +00:00			`static size_t get_key_size(private_hmac_signer_t *this)`
- encryption seems to work 2005-11-29 17:19:59 +00:00			`{`
- refactored ike proposal - uses now proposal_t, wich is also used by child proposals - ike key derivation refactored - crypter_t api has get_key_size now - some other improvements here and there 2006-02-14 14:52:00 +00:00			`/* for HMAC signer, IKEv2 uses block size as key size */`
- encryption seems to work 2005-11-29 17:19:59 +00:00			`return this->hmac_prf->get_block_size(this->hmac_prf);`
			`}`
- code cleaned up 2005-12-06 16:04:39 +00:00
			`/**`
			`* Implementation of signer_t.get_block_size.`
			`*/`
merged EAP framework from branch into trunk includes a lot of other modifications 2007-02-12 15:56:47 +00:00			`static size_t get_block_size(private_hmac_signer_t *this)`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`{`
merged EAP framework from branch into trunk includes a lot of other modifications 2007-02-12 15:56:47 +00:00			`return this->block_size;`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`}`
- code cleaned up 2005-12-06 16:04:39 +00:00
			`/**`
			`* Implementation of signer_t.set_key.`
			`*/`
merged EAP framework from branch into trunk includes a lot of other modifications 2007-02-12 15:56:47 +00:00			`static void set_key(private_hmac_signer_t *this, chunk_t key)`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`{`
merged EAP framework from branch into trunk includes a lot of other modifications 2007-02-12 15:56:47 +00:00			`this->hmac_prf->set_key(this->hmac_prf, key);`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`}`

			`/**`
- code cleaned up 2005-12-06 16:04:39 +00:00			`* Implementation of signer_t.destroy.`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`*/`
			`static status_t destroy(private_hmac_signer_t *this)`
			`{`
			`this->hmac_prf->destroy(this->hmac_prf);`
- split up in libstrong, charon, stroke, testing done - new leak detective with malloc hook in library - useable, but needs improvements - logger_manager has now a single instance per library - allows use of loggers from any linking prog - a LOT of other things 2006-04-10 08:07:38 +00:00			`free(this);`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`return SUCCESS;`
			`}`

			`/*`
			`* Described in header`
			`*/`
merged EAP framework from branch into trunk includes a lot of other modifications 2007-02-12 15:56:47 +00:00			`hmac_signer_t *hmac_signer_create(hash_algorithm_t hash_algoritm, size_t block_size)`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`{`
merged EAP framework from branch into trunk includes a lot of other modifications 2007-02-12 15:56:47 +00:00			`size_t hmac_block_size;`
- split up in libstrong, charon, stroke, testing done - new leak detective with malloc hook in library - useable, but needs improvements - logger_manager has now a single instance per library - allows use of loggers from any linking prog - a LOT of other things 2006-04-10 08:07:38 +00:00			`private_hmac_signer_t *this = malloc_thing(private_hmac_signer_t);`
- return value cleanup 2005-11-28 20:29:47 +00:00
- changed prf_hmac_t to hmac_prf_t 2005-11-28 12:56:40 +00:00			`this->hmac_prf = (prf_t *) hmac_prf_create(hash_algoritm);`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`if (this->hmac_prf == NULL)`
			`{`
- return value cleanup 2005-11-28 20:29:47 +00:00			`/* algorithm not supported */`
- split up in libstrong, charon, stroke, testing done - new leak detective with malloc hook in library - useable, but needs improvements - logger_manager has now a single instance per library - allows use of loggers from any linking prog - a LOT of other things 2006-04-10 08:07:38 +00:00			`free(this);`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`return NULL;`
			`}`

merged EAP framework from branch into trunk includes a lot of other modifications 2007-02-12 15:56:47 +00:00			`/* prevent invalid truncation */`
			`hmac_block_size = this->hmac_prf->get_block_size(this->hmac_prf);`
			`this->block_size = min(block_size, hmac_block_size);`

- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`/* interface functions */`
- return value cleanup 2005-11-28 20:29:47 +00:00			`this->public.signer_interface.get_signature = (void () (signer_t, chunk_t, u_int8_t*))get_signature;`
			`this->public.signer_interface.allocate_signature = (void () (signer_t, chunk_t, chunk_t*))allocate_signature;`
- code cleaned up 2005-12-06 16:04:39 +00:00			`this->public.signer_interface.verify_signature = (bool () (signer_t, chunk_t, chunk_t))verify_signature;`
- encryption seems to work 2005-11-29 17:19:59 +00:00			`this->public.signer_interface.get_key_size = (size_t () (signer_t))get_key_size;`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00			`this->public.signer_interface.get_block_size = (size_t () (signer_t))get_block_size;`
- return value cleanup 2005-11-28 20:29:47 +00:00			`this->public.signer_interface.set_key = (void () (signer_t,chunk_t))set_key;`
			`this->public.signer_interface.destroy = (void () (signer_t))destroy;`
- AUTH_HMAC_MD5_96 and AUTH_HMAC_SHA1_96 implemented and tested... 2005-11-28 12:42:43 +00:00
			`return &(this->public);`
			`}`