ServiceRegistration/hmac-mbedtls.c

   1 /* hash.c
   2  *
   3  * Copyright (c) 2019 Apple Computer, Inc. All rights reserved.
   4  *
   5  * Licensed under the Apache License, Version 2.0 (the "License");
   6  * you may not use this file except in compliance with the License.
   7  * You may obtain a copy of the License at
   8  *
   9  *     http://www.apache.org/licenses/LICENSE-2.0
  10  *
  11  * Unless required by applicable law or agreed to in writing, software
  12  * distributed under the License is distributed on an "AS IS" BASIS,
  13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14  * See the License for the specific language governing permissions and
  15  * limitations under the License.
  16  *
  17  * DNS SIG(0) hashature generation for DNSSD SRP using mbedtls.
  18  *
  19  * Functions required for loading, saving, and generating public/private keypairs, extracting the public key
  20  * into KEY RR data, and computing hashatures.
  21  */
  22
  23 #include <stdio.h>
  24 #include <arpa/inet.h>
  25 #include <string.h>
  26 #include <stdlib.h>
  27 #include <unistd.h>
  28 #include <fcntl.h>
  29 #include <errno.h>
  30
  31 #include "srp.h"
  32 #include "dns-msg.h"
  33 #define SRP_CRYPTO_MBEDTLS_INTERNAL
  34 #include "srp-crypto.h"
  35
  36 // Function to generate a signature given some data and a private key
  37 void
  38 srp_hmac_iov(hmac_key_t *key, uint8_t *output, size_t max, struct iovec *iov, int count)
  39 {
  40     int status;
  41     char errbuf[64];
  42     mbedtls_md_context_t ctx;
  43     const mbedtls_md_info_t *md_type;
  44     int digest_size;
  45         int i, line;
  46 #define KABLOOIE line = __LINE__ - 1; goto kablooie
  47
  48     switch(key->algorithm) {
  49     case  SRP_HMAC_TYPE_SHA256:
  50         md_type = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
  51         if (md_type == NULL) {
  52             ERROR("srp_hmac_iov: HMAC_SHA256 support missing");
  53             return;
  54         }
  55         digest_size = mbedtls_md_get_size(md_type);
  56         break;
  57     default:
  58         ERROR("srp_hmac_iov: unsupported HMAC hash algorithm: %d", key->algorithm);
  59         return;
  60     }
  61     if (max < digest_size) {
  62         ERROR("srp_hmac_iov: not enough space in output buffer (%lu) for hash (%d).",
  63               (unsigned long)max, digest_size);
  64         return;
  65     }
  66
  67     if ((status = mbedtls_md_setup(&ctx, md_type, 1)) != 0) {
  68         KABLOOIE;
  69     kablooie:
  70         mbedtls_strerror(status, errbuf, sizeof errbuf);
  71         ERROR("srp_hmac_iov failed at hmac-mbedtls.c line %d: " PUB_S_SRP, line, errbuf);
  72     }
  73
  74     if ((status = mbedtls_md_hmac_starts(&ctx, key->secret, key->length)) != 0) {
  75         KABLOOIE;
  76     }
  77         for (i = 0; i < count; i++) {
  78         if ((status = mbedtls_md_hmac_update(&ctx, iov[i].iov_base, iov[i].iov_len)) != 0) {
  79             KABLOOIE;
  80         }
  81         }
  82         if ((status = mbedtls_md_hmac_finish(&ctx, output)) != 0) {
  83         KABLOOIE;
  84         }
  85 }
  86
  87 int
  88 srp_base64_parse(char *src, size_t *len_ret, uint8_t *buf, size_t buflen)
  89 {
  90     size_t slen = strlen(src);
  91     int ret = mbedtls_base64_decode(buf, buflen, len_ret, (const unsigned char *)src, slen);
  92     if (ret == MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL) {
  93         return ENOBUFS;
  94     } else if (ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER) {
  95         return EILSEQ;
  96     } else if (ret < 0) {
  97         return EINVAL;
  98     }
  99     return 0;
 100 }
 101
 102 // Local Variables:
 103 // mode: C
 104 // tab-width: 4
 105 // c-file-style: "bsd"
 106 // c-basic-offset: 4
 107 // fill-column: 108
 108 // indent-tabs-mode: nil
 109 // End: