quickjs-tart

quickjs-based runtime for wallet-core logic
Log | Files | Refs | README | LICENSE

hmac.c (5087B)

      1 /***************************************************************************
      2  *                                  _   _ ____  _
      3  *  Project                     ___| | | |  _ \| |
      4  *                             / __| | | | |_) | |
      5  *                            | (__| |_| |  _ <| |___
      6  *                             \___|\___/|_| \_\_____|
      7  *
      8  * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
      9  *
     10  * This software is licensed as described in the file COPYING, which
     11  * you should have received as part of this distribution. The terms
     12  * are also available at https://curl.se/docs/copyright.html.
     13  *
     14  * You may opt to use, copy, modify, merge, publish, distribute and/or sell
     15  * copies of the Software, and permit persons to whom the Software is
     16  * furnished to do so, under the terms of the COPYING file.
     17  *
     18  * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
     19  * KIND, either express or implied.
     20  *
     21  * SPDX-License-Identifier: curl
     22  *
     23  * RFC2104 Keyed-Hashing for Message Authentication
     24  *
     25  ***************************************************************************/
     26 
     27 #include "curl_setup.h"
     28 
     29 #if (defined(USE_CURL_NTLM_CORE) && !defined(USE_WINDOWS_SSPI)) ||      \
     30   !defined(CURL_DISABLE_AWS) || !defined(CURL_DISABLE_DIGEST_AUTH) ||   \
     31   defined(USE_SSL)
     32 
     33 #include <curl/curl.h>
     34 
     35 #include "curl_hmac.h"
     36 #include "curl_memory.h"
     37 #include "curlx/warnless.h"
     38 
     39 /* The last #include file should be: */
     40 #include "memdebug.h"
     41 
     42 /*
     43  * Generic HMAC algorithm.
     44  *
     45  *   This module computes HMAC digests based on any hash function. Parameters
     46  * and computing procedures are setup dynamically at HMAC computation context
     47  * initialization.
     48  */
     49 
     50 static const unsigned char hmac_ipad = 0x36;
     51 static const unsigned char hmac_opad = 0x5C;
     52 
     53 struct HMAC_context *
     54 Curl_HMAC_init(const struct HMAC_params *hashparams,
     55                const unsigned char *key,
     56                unsigned int keylen)
     57 {
     58   size_t i;
     59   struct HMAC_context *ctxt;
     60   unsigned char *hkey;
     61   unsigned char b;
     62 
     63   /* Create HMAC context. */
     64   i = sizeof(*ctxt) + 2 * hashparams->ctxtsize + hashparams->resultlen;
     65   ctxt = malloc(i);
     66 
     67   if(!ctxt)
     68     return ctxt;
     69 
     70   ctxt->hash = hashparams;
     71   ctxt->hashctxt1 = (void *) (ctxt + 1);
     72   ctxt->hashctxt2 = (void *) ((char *) ctxt->hashctxt1 + hashparams->ctxtsize);
     73 
     74   /* If the key is too long, replace it by its hash digest. */
     75   if(keylen > hashparams->maxkeylen) {
     76     hashparams->hinit(ctxt->hashctxt1);
     77     hashparams->hupdate(ctxt->hashctxt1, key, keylen);
     78     hkey = (unsigned char *) ctxt->hashctxt2 + hashparams->ctxtsize;
     79     hashparams->hfinal(hkey, ctxt->hashctxt1);
     80     key = hkey;
     81     keylen = hashparams->resultlen;
     82   }
     83 
     84   /* Prime the two hash contexts with the modified key. */
     85   hashparams->hinit(ctxt->hashctxt1);
     86   hashparams->hinit(ctxt->hashctxt2);
     87 
     88   for(i = 0; i < keylen; i++) {
     89     b = (unsigned char)(*key ^ hmac_ipad);
     90     hashparams->hupdate(ctxt->hashctxt1, &b, 1);
     91     b = (unsigned char)(*key++ ^ hmac_opad);
     92     hashparams->hupdate(ctxt->hashctxt2, &b, 1);
     93   }
     94 
     95   for(; i < hashparams->maxkeylen; i++) {
     96     hashparams->hupdate(ctxt->hashctxt1, &hmac_ipad, 1);
     97     hashparams->hupdate(ctxt->hashctxt2, &hmac_opad, 1);
     98   }
     99 
    100   /* Done, return pointer to HMAC context. */
    101   return ctxt;
    102 }
    103 
    104 int Curl_HMAC_update(struct HMAC_context *ctxt,
    105                      const unsigned char *ptr,
    106                      unsigned int len)
    107 {
    108   /* Update first hash calculation. */
    109   ctxt->hash->hupdate(ctxt->hashctxt1, ptr, len);
    110   return 0;
    111 }
    112 
    113 
    114 int Curl_HMAC_final(struct HMAC_context *ctxt, unsigned char *output)
    115 {
    116   const struct HMAC_params *hashparams = ctxt->hash;
    117 
    118   /* Do not get output if called with a null parameter: only release
    119      storage. */
    120 
    121   if(!output)
    122     output = (unsigned char *) ctxt->hashctxt2 + ctxt->hash->ctxtsize;
    123 
    124   hashparams->hfinal(output, ctxt->hashctxt1);
    125   hashparams->hupdate(ctxt->hashctxt2, output, hashparams->resultlen);
    126   hashparams->hfinal(output, ctxt->hashctxt2);
    127   free(ctxt);
    128   return 0;
    129 }
    130 
    131 /*
    132  * Curl_hmacit()
    133  *
    134  * This is used to generate a HMAC hash, for the specified input data, given
    135  * the specified hash function and key.
    136  *
    137  * Parameters:
    138  *
    139  * hashparams [in]     - The hash function (Curl_HMAC_MD5).
    140  * key        [in]     - The key to use.
    141  * keylen     [in]     - The length of the key.
    142  * buf        [in]     - The data to encrypt.
    143  * buflen     [in]     - The length of the data.
    144  * output     [in/out] - The output buffer.
    145  *
    146  * Returns CURLE_OK on success.
    147  */
    148 CURLcode Curl_hmacit(const struct HMAC_params *hashparams,
    149                      const unsigned char *key, const size_t keylen,
    150                      const unsigned char *buf, const size_t buflen,
    151                      unsigned char *output)
    152 {
    153   struct HMAC_context *ctxt =
    154     Curl_HMAC_init(hashparams, key, curlx_uztoui(keylen));
    155 
    156   if(!ctxt)
    157     return CURLE_OUT_OF_MEMORY;
    158 
    159   /* Update the digest with the given challenge */
    160   Curl_HMAC_update(ctxt, buf, curlx_uztoui(buflen));
    161 
    162   /* Finalise the digest */
    163   Curl_HMAC_final(ctxt, output);
    164 
    165   return CURLE_OK;
    166 }
    167 
    168 #endif /* Using NTLM (without SSPI) or AWS */