hmac_mbedtls.c 6.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217
  1. /*
  2. * hmac_mbedtls.c
  3. *
  4. * Implementation of hmac srtp_auth_type_t that leverages Mbedtls
  5. *
  6. * YongCheng Yang
  7. */
  8. /*
  9. *
  10. * Copyright(c) 2013-2017, Cisco Systems, Inc.
  11. * All rights reserved.
  12. *
  13. * Redistribution and use in source and binary forms, with or without
  14. * modification, are permitted provided that the following conditions
  15. * are met:
  16. *
  17. * Redistributions of source code must retain the above copyright
  18. * notice, this list of conditions and the following disclaimer.
  19. *
  20. * Redistributions in binary form must reproduce the above
  21. * copyright notice, this list of conditions and the following
  22. * disclaimer in the documentation and/or other materials provided
  23. * with the distribution.
  24. *
  25. * Neither the name of the Cisco Systems, Inc. nor the names of its
  26. * contributors may be used to endorse or promote products derived
  27. * from this software without specific prior written permission.
  28. *
  29. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  30. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  31. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
  32. * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
  33. * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
  34. * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  35. * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
  36. * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  37. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  38. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  39. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  40. * OF THE POSSIBILITY OF SUCH DAMAGE.
  41. *
  42. */
  43. #ifdef HAVE_CONFIG_H
  44. #include <config.h>
  45. #endif
  46. #include "auth.h"
  47. #include "alloc.h"
  48. #include "err.h" /* for srtp_debug */
  49. #include "auth_test_cases.h"
  50. #include <mbedtls/md.h>
  51. #define SHA1_DIGEST_SIZE 20
  52. /* the debug module for authentiation */
  53. srtp_debug_module_t srtp_mod_hmac = {
  54. 0, /* debugging is off by default */
  55. "hmac sha-1 mbedtls" /* printable name for module */
  56. };
  57. static srtp_err_status_t srtp_hmac_mbedtls_alloc(srtp_auth_t **a,
  58. int key_len,
  59. int out_len)
  60. {
  61. extern const srtp_auth_type_t srtp_hmac;
  62. debug_print(srtp_mod_hmac, "allocating auth func with key length %d",
  63. key_len);
  64. debug_print(srtp_mod_hmac, " tag length %d",
  65. out_len);
  66. /* check output length - should be less than 20 bytes */
  67. if (out_len > SHA1_DIGEST_SIZE) {
  68. return srtp_err_status_bad_param;
  69. }
  70. *a = (srtp_auth_t *)srtp_crypto_alloc(sizeof(srtp_auth_t));
  71. if (*a == NULL) {
  72. return srtp_err_status_alloc_fail;
  73. }
  74. // allocate the buffer of mbedtls context.
  75. (*a)->state = srtp_crypto_alloc(sizeof(mbedtls_md_context_t));
  76. if ((*a)->state == NULL) {
  77. srtp_crypto_free(*a);
  78. *a = NULL;
  79. return srtp_err_status_alloc_fail;
  80. }
  81. mbedtls_md_init((mbedtls_md_context_t *)(*a)->state);
  82. /* set pointers */
  83. (*a)->type = &srtp_hmac;
  84. (*a)->out_len = out_len;
  85. (*a)->key_len = key_len;
  86. (*a)->prefix_len = 0;
  87. return srtp_err_status_ok;
  88. }
  89. static srtp_err_status_t srtp_hmac_mbedtls_dealloc(srtp_auth_t *a)
  90. {
  91. mbedtls_md_context_t *hmac_ctx;
  92. hmac_ctx = (mbedtls_md_context_t *)a->state;
  93. mbedtls_md_free(hmac_ctx);
  94. srtp_crypto_free(hmac_ctx);
  95. /* zeroize entire state*/
  96. octet_string_set_to_zero(a, sizeof(srtp_auth_t));
  97. /* free memory */
  98. srtp_crypto_free(a);
  99. return srtp_err_status_ok;
  100. }
  101. static srtp_err_status_t srtp_hmac_mbedtls_start(void *statev)
  102. {
  103. mbedtls_md_context_t *state = (mbedtls_md_context_t *)statev;
  104. if (mbedtls_md_hmac_reset(state) != 0)
  105. return srtp_err_status_auth_fail;
  106. return srtp_err_status_ok;
  107. }
  108. static srtp_err_status_t srtp_hmac_mbedtls_init(void *statev,
  109. const uint8_t *key,
  110. int key_len)
  111. {
  112. mbedtls_md_context_t *state = (mbedtls_md_context_t *)statev;
  113. const mbedtls_md_info_t *info = NULL;
  114. info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1);
  115. if (info == NULL)
  116. return srtp_err_status_auth_fail;
  117. if (mbedtls_md_setup(state, info, 1) != 0)
  118. return srtp_err_status_auth_fail;
  119. debug_print(srtp_mod_hmac, "mbedtls setup, name: %s",
  120. mbedtls_md_get_name(info));
  121. debug_print(srtp_mod_hmac, "mbedtls setup, size: %d",
  122. mbedtls_md_get_size(info));
  123. if (mbedtls_md_hmac_starts(state, key, key_len) != 0)
  124. return srtp_err_status_auth_fail;
  125. return srtp_err_status_ok;
  126. }
  127. static srtp_err_status_t srtp_hmac_mbedtls_update(void *statev,
  128. const uint8_t *message,
  129. int msg_octets)
  130. {
  131. mbedtls_md_context_t *state = (mbedtls_md_context_t *)statev;
  132. debug_print(srtp_mod_hmac, "input: %s",
  133. srtp_octet_string_hex_string(message, msg_octets));
  134. if (mbedtls_md_hmac_update(state, message, msg_octets) != 0)
  135. return srtp_err_status_auth_fail;
  136. return srtp_err_status_ok;
  137. }
  138. static srtp_err_status_t srtp_hmac_mbedtls_compute(void *statev,
  139. const uint8_t *message,
  140. int msg_octets,
  141. int tag_len,
  142. uint8_t *result)
  143. {
  144. mbedtls_md_context_t *state = (mbedtls_md_context_t *)statev;
  145. uint8_t hash_value[SHA1_DIGEST_SIZE];
  146. int i;
  147. /* check tag length, return error if we can't provide the value expected */
  148. if (tag_len > SHA1_DIGEST_SIZE) {
  149. return srtp_err_status_bad_param;
  150. }
  151. /* hash message, copy output into H */
  152. if (mbedtls_md_hmac_update(statev, message, msg_octets) != 0)
  153. return srtp_err_status_auth_fail;
  154. if (mbedtls_md_hmac_finish(state, hash_value) != 0)
  155. return srtp_err_status_auth_fail;
  156. /* copy hash_value to *result */
  157. for (i = 0; i < tag_len; i++) {
  158. result[i] = hash_value[i];
  159. }
  160. debug_print(srtp_mod_hmac, "output: %s",
  161. srtp_octet_string_hex_string(hash_value, tag_len));
  162. return srtp_err_status_ok;
  163. }
  164. /* end test case 0 */
  165. static const char srtp_hmac_mbedtls_description[] =
  166. "hmac sha-1 authentication function using mbedtls";
  167. /*
  168. * srtp_auth_type_t hmac is the hmac metaobject
  169. */
  170. const srtp_auth_type_t srtp_hmac = {
  171. srtp_hmac_mbedtls_alloc, /* */
  172. srtp_hmac_mbedtls_dealloc, /* */
  173. srtp_hmac_mbedtls_init, /* */
  174. srtp_hmac_mbedtls_compute, /* */
  175. srtp_hmac_mbedtls_update, /* */
  176. srtp_hmac_mbedtls_start, /* */
  177. srtp_hmac_mbedtls_description, /* */
  178. &srtp_hmac_test_case_0, /* */
  179. SRTP_HMAC_SHA1 /* */
  180. };