libextra/fipsmd5.c

   1 /*
   2  * Copyright (C) 2008, 2010 Free Software Foundation, Inc.
   3  *
   4  * Author: Simon Josefsson
   5  *
   6  * This file is part of GNUTLS-EXTRA.
   7  *
   8  * This program is free software: you can redistribute it and/or modify
   9  * it under the terms of the GNU General Public License as published by
  10  * the Free Software Foundation, either version 3 of the License, or
  11  * (at your option) any later version.
  12  *
  13  * This program is distributed in the hope that it will be useful,
  14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  * GNU General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU General Public License
  19  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  20  *
  21  */
  22
  23 #include <gnutls_int.h>
  24 #include <gnutls/crypto.h>
  25 #include <gnutls/extra.h>
  26
  27 #include <md5.h>
  28 #include <hmac.h>
  29
  30 static int
  31 md5init (gnutls_mac_algorithm_t mac, void **ctx)
  32 {
  33   *ctx = gnutls_malloc (sizeof (struct md5_ctx));
  34   if (!*ctx)
  35     return GNUTLS_E_MEMORY_ERROR;
  36   md5_init_ctx (*ctx);
  37   return 0;
  38 }
  39
  40 static int
  41 md5hash (void *ctx, const void *text, size_t textsize)
  42 {
  43   md5_process_bytes (text, textsize, ctx);
  44   return 0;
  45 }
  46
  47 static int
  48 md5copy (void **dst_ctx, void *src_ctx)
  49 {
  50   *dst_ctx = gnutls_malloc (sizeof (struct md5_ctx));
  51   if (!*dst_ctx)
  52     return GNUTLS_E_MEMORY_ERROR;
  53   memcpy (*dst_ctx, src_ctx, sizeof (struct md5_ctx));
  54   return 0;
  55 }
  56
  57 static int
  58 md5output (void *src_ctx, void *digest, size_t digestsize)
  59 {
  60   char out[MD5_DIGEST_SIZE];
  61   md5_finish_ctx (src_ctx, out);
  62   memcpy (digest, out, digestsize);
  63   return 0;
  64 }
  65
  66 static void
  67 md5deinit (void *ctx)
  68 {
  69   gnutls_free (ctx);
  70 }
  71
  72 struct hmacctx
  73 {
  74   char *data;
  75   size_t datasize;
  76   char *key;
  77   size_t keysize;
  78 };
  79
  80 static int
  81 hmacmd5init (gnutls_mac_algorithm_t mac, void **ctx)
  82 {
  83   struct hmacctx *p;
  84
  85   p = gnutls_malloc (sizeof (struct hmacctx));
  86   if (!p)
  87     return -1;
  88
  89   p->data = NULL;
  90   p->datasize = 0;
  91   p->key = NULL;
  92   p->keysize = 0;
  93
  94   *ctx = p;
  95
  96   return 0;
  97 }
  98
  99 static int
 100 hmacmd5setkey (void *ctx, const void *key, size_t keysize)
 101 {
 102   struct hmacctx *p = ctx;
 103
 104   if (p->key)
 105     gnutls_free (p->key);
 106
 107   p->key = gnutls_malloc (keysize);
 108   if (!p->key)
 109     return -1;
 110
 111   memcpy (p->key, key, keysize);
 112   p->keysize = keysize;
 113
 114   return 0;
 115 }
 116
 117 static int
 118 hmacmd5hash (void *ctx, const void *text, size_t textsize)
 119 {
 120   struct hmacctx *p = ctx;
 121   char *new;
 122
 123   new = gnutls_realloc (p->data, p->datasize + textsize);
 124   if (!new)
 125     return -1;
 126
 127   memcpy (new + p->datasize, text, textsize);
 128
 129   p->data = new;
 130   p->datasize += textsize;
 131
 132   return 0;
 133 }
 134
 135 static int
 136 hmacmd5copy (void **dst_ctx, void *src_ctx)
 137 {
 138   struct hmacctx *p = src_ctx;
 139   struct hmacctx *q;
 140
 141   q = gnutls_malloc (sizeof (struct hmacctx));
 142   if (!q)
 143     return -1;
 144
 145   q->data = gnutls_malloc (p->datasize);
 146   if (!q->data)
 147     {
 148       gnutls_free (q);
 149       return -1;
 150     }
 151   memcpy (q->data, p->data, p->datasize);
 152   q->datasize = p->datasize;
 153
 154   q->key = gnutls_malloc (p->keysize);
 155   if (!q->key)
 156     {
 157       gnutls_free (q);
 158       gnutls_free (q->data);
 159       return -1;
 160     }
 161   memcpy (q->key, p->key, p->keysize);
 162   q->keysize = p->keysize;
 163
 164   *dst_ctx = q;
 165
 166   return 0;
 167 }
 168
 169 static int
 170 hmacmd5output (void *ctx, void *digest, size_t digestsize)
 171 {
 172   struct hmacctx *p = ctx;
 173   char out[MD5_DIGEST_SIZE];
 174   int ret;
 175
 176   ret = hmac_md5 (p->key, p->keysize, p->data, p->datasize, out);
 177   if (ret)
 178     return GNUTLS_E_HASH_FAILED;
 179
 180   memcpy (digest, out, digestsize);
 181
 182   return 0;
 183 }
 184
 185 static void
 186 hmacmd5deinit (void *ctx)
 187 {
 188   struct hmacctx *p = ctx;
 189
 190   if (p->data)
 191     gnutls_free (p->data);
 192   if (p->key)
 193     gnutls_free (p->key);
 194
 195   gnutls_free (p);
 196 }
 197
 198 static gnutls_crypto_digest_st dig = {
 199   .init = md5init,
 200   .hash = md5hash,
 201   .copy = md5copy,
 202   .output = md5output,
 203   .deinit = md5deinit
 204 };
 205
 206 static gnutls_crypto_mac_st mac = {
 207   .init = hmacmd5init,
 208   .setkey = hmacmd5setkey,
 209   .hash = hmacmd5hash,
 210   .copy = hmacmd5copy,
 211   .output = hmacmd5output,
 212   .deinit = hmacmd5deinit
 213 };
 214
 215 /**
 216  * gnutls_register_md5_handler:
 217  *
 218  * Register a non-libgcrypt based MD5 and HMAC-MD5 handler.  This is
 219  * useful if you run Libgcrypt in FIPS-mode.  Normally TLS requires
 220  * use of MD5, so without this you cannot use GnuTLS with libgcrypt in
 221  * FIPS mode.
 222  *
 223  * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error.
 224  *
 225  * Since: 2.6.0
 226  **/
 227 int
 228 gnutls_register_md5_handler (void)
 229 {
 230   int ret;
 231
 232   ret = gnutls_crypto_single_digest_register (GNUTLS_DIG_MD5, INT_MAX, &dig);
 233   if (ret)
 234     return ret;
 235
 236   ret = gnutls_crypto_single_mac_register (GNUTLS_MAC_MD5, INT_MAX, &mac);
 237   if (ret)
 238     return ret;
 239
 240   return 0;
 241 }