ah_core.c

来自「eCos操作系统源码」· C语言 代码 · 共 1,667 行 · 第 1/3 页

		key = _KEYBUF(state->sav->key_auth);
		keylen = _KEYLEN(state->sav->key_auth);
	}

	bzero(ipad, 64);
	bzero(opad, 64);
	bcopy(key, ipad, keylen);
	bcopy(key, opad, keylen);
	for (i = 0; i < 64; i++) {
		ipad[i] ^= 0x36;
		opad[i] ^= 0x5c;
	}

	MD5Init(ctxt);
	MD5Update(ctxt, ipad, 64);

	return 0;
}

static void
ah_hmac_md5_loop(state, addr, len)
	struct ah_algorithm_state *state;
	caddr_t addr;
	size_t len;
{
	MD5_CTX *ctxt;

	if (!state || !state->foo)
		panic("ah_hmac_md5_loop: what?");
	ctxt = (MD5_CTX *)(((caddr_t)state->foo) + 128);
	MD5Update(ctxt, addr, len);
}

static void
ah_hmac_md5_result(state, addr)
	struct ah_algorithm_state *state;
	caddr_t addr;
{
	u_char digest[16];
	u_char *ipad;
	u_char *opad;
	MD5_CTX *ctxt;

	if (!state || !state->foo)
		panic("ah_hmac_md5_result: what?");

	ipad = (u_char *)state->foo;
	opad = (u_char *)(ipad + 64);
	ctxt = (MD5_CTX *)(opad + 64);

	MD5Final(&digest[0], ctxt);

	MD5Init(ctxt);
	MD5Update(ctxt, opad, 64);
	MD5Update(ctxt, &digest[0], sizeof(digest));
	MD5Final(&digest[0], ctxt);

	bcopy(&digest[0], (void *)addr, HMACSIZE);

	free(state->foo, M_TEMP);
}

static int
ah_hmac_sha1_mature(sav)
	struct secasvar *sav;
{
	const struct ah_algorithm *algo;

	if (!sav->key_auth) {
		ipseclog((LOG_ERR, "ah_hmac_sha1_mature: no key is given.\n"));
		return 1;
	}

	algo = ah_algorithm_lookup(sav->alg_auth);
	if (!algo) {
		ipseclog((LOG_ERR, "ah_hmac_sha1_mature: unsupported algorithm.\n"));
		return 1;
	}

	if (sav->key_auth->sadb_key_bits < algo->keymin
	 || algo->keymax < sav->key_auth->sadb_key_bits) {
		ipseclog((LOG_ERR,
		    "ah_hmac_sha1_mature: invalid key length %d.\n",
		    sav->key_auth->sadb_key_bits));
		return 1;
	}

	return 0;
}

static int
ah_hmac_sha1_init(state, sav)
	struct ah_algorithm_state *state;
	struct secasvar *sav;
{
	u_char *ipad;
	u_char *opad;
	SHA1_CTX *ctxt;
	u_char tk[SHA1_RESULTLEN];	/* SHA-1 generates 160 bits */
	u_char *key;
	size_t keylen;
	size_t i;

	if (!state)
		panic("ah_hmac_sha1_init: what?");

	state->sav = sav;
	state->foo = (void *)malloc(64 + 64 + sizeof(SHA1_CTX),
			M_TEMP, M_NOWAIT);
	if (!state->foo)
		return ENOBUFS;

	ipad = (u_char *)state->foo;
	opad = (u_char *)(ipad + 64);
	ctxt = (SHA1_CTX *)(opad + 64);

	/* compress the key if necessery */
	if (64 < _KEYLEN(state->sav->key_auth)) {
		SHA1Init(ctxt);
		SHA1Update(ctxt, _KEYBUF(state->sav->key_auth),
			_KEYLEN(state->sav->key_auth));
		SHA1Final(&tk[0], ctxt);
		key = &tk[0];
		keylen = SHA1_RESULTLEN;
	} else {
		key = _KEYBUF(state->sav->key_auth);
		keylen = _KEYLEN(state->sav->key_auth);
	}

	bzero(ipad, 64);
	bzero(opad, 64);
	bcopy(key, ipad, keylen);
	bcopy(key, opad, keylen);
	for (i = 0; i < 64; i++) {
		ipad[i] ^= 0x36;
		opad[i] ^= 0x5c;
	}

	SHA1Init(ctxt);
	SHA1Update(ctxt, ipad, 64);

	return 0;
}

static void
ah_hmac_sha1_loop(state, addr, len)
	struct ah_algorithm_state *state;
	caddr_t addr;
	size_t len;
{
	SHA1_CTX *ctxt;

	if (!state || !state->foo)
		panic("ah_hmac_sha1_loop: what?");

	ctxt = (SHA1_CTX *)(((u_char *)state->foo) + 128);
	SHA1Update(ctxt, (caddr_t)addr, (size_t)len);
}

static void
ah_hmac_sha1_result(state, addr)
	struct ah_algorithm_state *state;
	caddr_t addr;
{
	u_char digest[SHA1_RESULTLEN];	/* SHA-1 generates 160 bits */
	u_char *ipad;
	u_char *opad;
	SHA1_CTX *ctxt;

	if (!state || !state->foo)
		panic("ah_hmac_sha1_result: what?");

	ipad = (u_char *)state->foo;
	opad = (u_char *)(ipad + 64);
	ctxt = (SHA1_CTX *)(opad + 64);

	SHA1Final((caddr_t)&digest[0], ctxt);

	SHA1Init(ctxt);
	SHA1Update(ctxt, opad, 64);
	SHA1Update(ctxt, (caddr_t)&digest[0], sizeof(digest));
	SHA1Final((caddr_t)&digest[0], ctxt);

	bcopy(&digest[0], (void *)addr, HMACSIZE);

	free(state->foo, M_TEMP);
}

static int
ah_hmac_sha2_256_mature(sav)
	struct secasvar *sav;
{
	const struct ah_algorithm *algo;

	if (!sav->key_auth) {
		ipseclog((LOG_ERR,
		    "ah_hmac_sha2_256_mature: no key is given.\n"));
		return 1;
	}

	algo = ah_algorithm_lookup(sav->alg_auth);
	if (!algo) {
		ipseclog((LOG_ERR,
		    "ah_hmac_sha2_256_mature: unsupported algorithm.\n"));
		return 1;
	}

	if (sav->key_auth->sadb_key_bits < algo->keymin ||
	    algo->keymax < sav->key_auth->sadb_key_bits) {
		ipseclog((LOG_ERR,
		    "ah_hmac_sha2_256_mature: invalid key length %d.\n",
		    sav->key_auth->sadb_key_bits));
		return 1;
	}

	return 0;
}

static int
ah_hmac_sha2_256_init(state, sav)
	struct ah_algorithm_state *state;
	struct secasvar *sav;
{
	u_char *ipad;
	u_char *opad;
	SHA256_CTX *ctxt;
	u_char tk[SHA256_DIGEST_LENGTH];
	u_char *key;
	size_t keylen;
	size_t i;

	if (!state)
		panic("ah_hmac_sha2_256_init: what?");

	state->sav = sav;
	state->foo = (void *)malloc(64 + 64 + sizeof(SHA256_CTX),
	    M_TEMP, M_NOWAIT);
	if (!state->foo)
		return ENOBUFS;

	ipad = (u_char *)state->foo;
	opad = (u_char *)(ipad + 64);
	ctxt = (SHA256_CTX *)(opad + 64);

	/* compress the key if necessery */
	if (64 < _KEYLEN(state->sav->key_auth)) {
		bzero(tk, sizeof(tk));
		bzero(ctxt, sizeof(*ctxt));
		SHA256_Init(ctxt);
		SHA256_Update(ctxt, _KEYBUF(state->sav->key_auth),
		    _KEYLEN(state->sav->key_auth));
		SHA256_Final(&tk[0], ctxt);
		key = &tk[0];
		keylen = sizeof(tk) < 64 ? sizeof(tk) : 64;
	} else {
		key = _KEYBUF(state->sav->key_auth);
		keylen = _KEYLEN(state->sav->key_auth);
	}

	bzero(ipad, 64);
	bzero(opad, 64);
	bcopy(key, ipad, keylen);
	bcopy(key, opad, keylen);
	for (i = 0; i < 64; i++) {
		ipad[i] ^= 0x36;
		opad[i] ^= 0x5c;
	}

	bzero(ctxt, sizeof(*ctxt));
	SHA256_Init(ctxt);
	SHA256_Update(ctxt, ipad, 64);

	return 0;
}

static void
ah_hmac_sha2_256_loop(state, addr, len)
	struct ah_algorithm_state *state;
	caddr_t addr;
	size_t len;
{
	SHA256_CTX *ctxt;

	if (!state || !state->foo)
		panic("ah_hmac_sha2_256_loop: what?");

	ctxt = (SHA256_CTX *)(((u_char *)state->foo) + 128);
	SHA256_Update(ctxt, (caddr_t)addr, (size_t)len);
}

static void
ah_hmac_sha2_256_result(state, addr)
	struct ah_algorithm_state *state;
	caddr_t addr;
{
	u_char digest[SHA256_DIGEST_LENGTH];
	u_char *ipad;
	u_char *opad;
	SHA256_CTX *ctxt;

	if (!state || !state->foo)
		panic("ah_hmac_sha2_256_result: what?");

	ipad = (u_char *)state->foo;
	opad = (u_char *)(ipad + 64);
	ctxt = (SHA256_CTX *)(opad + 64);

	SHA256_Final((caddr_t)&digest[0], ctxt);

	bzero(ctxt, sizeof(*ctxt));
	SHA256_Init(ctxt);
	SHA256_Update(ctxt, opad, 64);
	SHA256_Update(ctxt, (caddr_t)&digest[0], sizeof(digest));
	SHA256_Final((caddr_t)&digest[0], ctxt);

	bcopy(&digest[0], (void *)addr, HMACSIZE);

	free(state->foo, M_TEMP);
}

static int
ah_hmac_sha2_384_mature(sav)
	struct secasvar *sav;
{
	const struct ah_algorithm *algo;

	if (!sav->key_auth) {
		ipseclog((LOG_ERR,
		    "ah_hmac_sha2_384_mature: no key is given.\n"));
		return 1;
	}

	algo = ah_algorithm_lookup(sav->alg_auth);
	if (!algo) {
		ipseclog((LOG_ERR,
		    "ah_hmac_sha2_384_mature: unsupported algorithm.\n"));
		return 1;
	}

	if (sav->key_auth->sadb_key_bits < algo->keymin ||
	    algo->keymax < sav->key_auth->sadb_key_bits) {
		ipseclog((LOG_ERR,
		    "ah_hmac_sha2_384_mature: invalid key length %d.\n",
		    sav->key_auth->sadb_key_bits));
		return 1;
	}

	return 0;
}

static int
ah_hmac_sha2_384_init(state, sav)
	struct ah_algorithm_state *state;
	struct secasvar *sav;
{
	u_char *ipad;
	u_char *opad;
	SHA384_CTX *ctxt;
	u_char tk[SHA384_DIGEST_LENGTH];
	u_char *key;
	size_t keylen;
	size_t i;

	if (!state)
		panic("ah_hmac_sha2_384_init: what?");

	state->sav = sav;
	state->foo = (void *)malloc(64 + 64 + sizeof(SHA384_CTX),
	    M_TEMP, M_NOWAIT);
	if (!state->foo)
		return ENOBUFS;
	bzero(state->foo, 64 + 64 + sizeof(SHA384_CTX));

	ipad = (u_char *)state->foo;
	opad = (u_char *)(ipad + 64);
	ctxt = (SHA384_CTX *)(opad + 64);

	/* compress the key if necessery */
	if (64 < _KEYLEN(state->sav->key_auth)) {
		bzero(tk, sizeof(tk));
		bzero(ctxt, sizeof(*ctxt));
		SHA384_Init(ctxt);
		SHA384_Update(ctxt, _KEYBUF(state->sav->key_auth),
		    _KEYLEN(state->sav->key_auth));
		SHA384_Final(&tk[0], ctxt);
		key = &tk[0];
		keylen = sizeof(tk) < 64 ? sizeof(tk) : 64;
	} else {
		key = _KEYBUF(state->sav->key_auth);
		keylen = _KEYLEN(state->sav->key_auth);
	}

	bzero(ipad, 64);
	bzero(opad, 64);
	bcopy(key, ipad, keylen);
	bcopy(key, opad, keylen);
	for (i = 0; i < 64; i++) {
		ipad[i] ^= 0x36;
		opad[i] ^= 0x5c;
	}

	bzero(ctxt, sizeof(*ctxt));
	SHA384_Init(ctxt);
	SHA384_Update(ctxt, ipad, 64);

	return 0;
}

static void
ah_hmac_sha2_384_loop(state, addr, len)
	struct ah_algorithm_state *state;
	caddr_t addr;
	size_t len;
{
	SHA384_CTX *ctxt;

	if (!state || !state->foo)
		panic("ah_hmac_sha2_384_loop: what?");

	ctxt = (SHA384_CTX *)(((u_char *)state->foo) + 128);
	SHA384_Update(ctxt, (caddr_t)addr, (size_t)len);
}

static void
ah_hmac_sha2_384_result(state, addr)
	struct ah_algorithm_state *state;
	caddr_t addr;
{
	u_char digest[SHA384_DIGEST_LENGTH];
	u_char *ipad;
	u_char *opad;
	SHA384_CTX *ctxt;

	if (!state || !state->foo)
		panic("ah_hmac_sha2_384_result: what?");

	ipad = (u_char *)state->foo;
	opad = (u_char *)(ipad + 64);
	ctxt = (SHA384_CTX *)(opad + 64);

	SHA384_Final((caddr_t)&digest[0], ctxt);

	bzero(ctxt, sizeof(*ctxt));
	SHA384_Init(ctxt);
	SHA384_Update(ctxt, opad, 64);
	SHA384_Update(ctxt, (caddr_t)&digest[0], sizeof(digest));
	SHA384_Final((caddr_t)&digest[0], ctxt);

	bcopy(&digest[0], (void *)addr, HMACSIZE);

	free(state->foo, M_TEMP);
}

static int
ah_hmac_sha2_512_mature(sav)
	struct secasvar *sav;
{
	const struct ah_algorithm *algo;

	if (!sav->key_auth) {
		ipseclog((LOG_ERR,
		    "ah_hmac_sha2_512_mature: no key is given.\n"));
		return 1;
	}

	algo = ah_algorithm_lookup(sav->alg_auth);
	if (!algo) {
		ipseclog((LOG_ERR,
		    "ah_hmac_sha2_512_mature: unsupported algorithm.\n"));
		return 1;
	}

	if (sav->key_auth->sadb_key_bits < algo->keymin ||
	    algo->keymax < sav->key_auth->sadb_key_bits) {
		ipseclog((LOG_ERR,
		    "ah_hmac_sha2_512_mature: invalid key length %d.\n",
		    sav->key_auth->sadb_key_bits));
		return 1;
	}

	return 0;
}

static int
ah_hmac_sha2_512_init(state, sav)
	struct ah_algorithm_state *state;
	struct secasvar *sav;
{
	u_char *ipad;
	u_char *opad;
	SHA512_CTX *ctxt;
	u_char tk[SHA512_DIGEST_LENGTH];
	u_char *key;
	size_t keylen;
	size_t i;

	if (!state)
		panic("ah_hmac_sha2_512_init: what?");

	state->sav = sav;
	state->foo = (void *)malloc(64 + 64 + sizeof(SHA512_CTX),
	    M_TEMP, M_NOWAIT);
	if (!state->foo)
		return ENOBUFS;
	bzero(state->foo, 64 + 64 + sizeof(SHA512_CTX));

	ipad = (u_char *)state->foo;
	opad = (u_char *)(ipad + 64);
	ctxt = (SHA512_CTX *)(opad + 64);

	/* compress the key if necessery */
	if (64 < _KEYLEN(state->sav->key_auth)) {
		bzero(tk, sizeof(tk));
		bzero(ctxt, sizeof(*ctxt));
		SHA512_Init(ctxt);
		SHA512_Update(ctxt, _KEYBUF(state->sav->key_auth),
		    _KEYLEN(state->sav->key_auth));
		SHA512_Final(&tk[0], ctxt);
		key = &tk[0];
		keylen = sizeof(tk) < 64 ? sizeof(tk) : 64;
	} else {
		key = _KEYBUF(state->sav->key_auth);
		keylen = _KEYLEN(state->sav->key_auth);
	}

	bzero(ipad, 64);
	bzero(opad, 64);
	bcopy(key, ipad, keylen);
	bcopy(key, opad, keylen);
	for (i = 0; i < 64; i++) {
		ipad[i] ^= 0x36;
		opad[i] ^= 0x5c;
	}

	bzero(ctxt, sizeof(*ctxt));
	SHA512_Init(ctxt);
	SHA512_Update(ctxt, ipad, 64);

	return 0;
}

static void
ah_hmac_sha2_512_loop(state, addr, len)
	struct ah_algorithm_state *state;
	caddr_t addr;
	size_t len;
{
	SHA512_CTX *ctxt;

	if (!state || !state->foo)
		panic("ah_hmac_sha2_512_loop: what?");

	ctxt = (SHA512_CTX *)(((u_char *)state->foo) + 128);
	SHA512_Update(ctxt, (caddr_t)addr, (size_t)len);
}