xref: /illumos-gate/usr/src/uts/common/gssapi/mechs/krb5/crypto/keyhash_provider/k_hmac_md5.c (revision d7bec57c3803769d0e8bf1960016b866617d455c) 
1 /*
2  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
3  * Use is subject to license terms.
4  */
5 
6 /*
7  * lib/crypto/keyhash_provider/hmac_md5.c
8  *
9 (I don't know)
10 .
11  * Copyright2001 by the Massachusetts Institute of Technology.
12  * All Rights Reserved.
13  *
14  * Export of this software from the United States of America may
15  *   require a specific license from the United States Government.
16  *   It is the responsibility of any person or organization contemplating
17  *   export to obtain such a license before exporting.
18  *
19  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
20  * distribute this software and its documentation for any purpose and
21  * without fee is hereby granted, provided that the above copyright
22  * notice appear in all copies and that both that copyright notice and
23  * this permission notice appear in supporting documentation, and that
24  * the name of M.I.T. not be used in advertising or publicity pertaining
25  * to distribution of the software without specific, written prior
26  * permission.  Furthermore if you modify this software you must label
27  * your software as modified software and not distribute it in such a
28  * fashion that it might be confused with the original M.I.T. software.
29  * M.I.T. makes no representations about the suitability of
30  * this software for any purpose.  It is provided "as is" without express
31  * or implied warranty.
32  *
33  *
34 * Implementation of the Microsoft hmac-md5 checksum type.
35 * Implemented based on draft-brezak-win2k-krb-rc4-hmac-03
36  */
37 
38 #include <k5-int.h>
39 #include <etypes.h>
40 #include <keyhash_provider.h>
41 #include <arcfour.h>
42 #include <hash_provider.h>
43 
44 /*ARGSUSED*/
45 static  krb5_error_code
46 k5_hmac_md5_hash (krb5_context context,
47 	const krb5_keyblock *key, krb5_keyusage usage,
48 	const krb5_data *iv,
49 	const krb5_data *input, krb5_data *output)
50 {
51   krb5_keyusage ms_usage;
52   krb5_error_code ret;
53   krb5_keyblock ks;
54   krb5_data ds, ks_constant, md5tmp;
55   krb5_data hash_input[2];
56   int i;
57   char t[4], outbuf[MD5_CKSUM_LENGTH];
58 
59 #ifdef _KERNEL
60   KRB5_LOG1(KRB5_INFO, "k5_hmac_md5_hash() hash_mt = %ld cipher_mt = %ld",
61 	(ulong_t) context->kef_hash_mt,
62 	(ulong_t) context->kef_cipher_mt);
63 #endif
64 
65   for (i=0; i<krb5_enctypes_length; i++) {
66 	if (krb5_enctypes_list[i].etype == key->enctype)
67             break;
68   }
69   if (i == krb5_enctypes_length) {
70 	KRB5_LOG(KRB5_ERR, "krb5_ck_make_checksum bad enctype: %d",
71 		key->enctype);
72 	return(KRB5_BAD_ENCTYPE);
73   }
74 
75   bzero(&ks, sizeof(krb5_keyblock));
76   /*
77    * Solaris Kerberos: The digest length is that of MD5_CKSUM_LENGTH not the key
78    * length, as keys can be of varying lengths but should not affect the digest
79    * length.  The signing key is the digest and therefore is also the same
80    * length, MD5_CKSUM_LENGTH.
81    */
82   ds.length = MD5_CKSUM_LENGTH;
83   ds.data = MALLOC(ds.length);
84   if (ds.data == NULL)
85     return (ENOMEM);
86   ks.contents = (void *) ds.data;
87   ks.length = MD5_CKSUM_LENGTH;
88 
89 #ifdef _KERNEL
90   if (key->kef_key.ck_data == NULL) {
91 	ret = init_key_kef(krb5_enctypes_list[i].kef_cipher_mt,
92 			(krb5_keyblock *)key);
93 	if (ret)
94 		goto cleanup;
95   }
96 
97   ret = init_key_kef(krb5_enctypes_list[i].kef_cipher_mt, &ks);
98   if (ret)
99 	goto cleanup;
100 #endif /* _KERNEL */
101 
102   ks_constant.data = "signaturekey";
103   ks_constant.length = strlen(ks_constant.data)+1; /* Including null*/
104 
105 #ifdef _KERNEL
106   ret = krb5_hmac(context, (krb5_keyblock *)key, &ks_constant, &ds);
107 #else
108   ret = krb5_hmac(context, &krb5int_hash_md5, key, 1, &ks_constant, &ds);
109 #endif /* _KERNEL */
110   if (ret)
111     goto cleanup;
112 
113   ms_usage = krb5int_arcfour_translate_usage (usage);
114   t[0] = (ms_usage) & 0xff;
115   t[1] = (ms_usage>>8) & 0xff;
116   t[2] = (ms_usage >>16) & 0xff;
117   t[3] = (ms_usage>>24) & 0XFF;
118 
119   hash_input[0].data = (char *)&t;
120   hash_input[0].length = 4;
121   hash_input[1].data = input->data;
122   hash_input[1].length = input->length;
123 
124   md5tmp.data = (void *)outbuf;
125   md5tmp.length = sizeof(outbuf);
126 
127   /* Use generic hash function that calls to kEF */
128   if (k5_ef_hash(context, 2, hash_input, &md5tmp)) {
129 	return (KRB5_KEF_ERROR);
130   }
131 
132 #ifdef _KERNEL
133   ret = krb5_hmac (context, &ks, &md5tmp, output);
134 #else
135   ret = krb5_hmac (context, &krb5int_hash_md5, &ks, 1, &md5tmp, output);
136 #endif /* _KERNEL */
137 
138 cleanup:
139   bzero(md5tmp.data, md5tmp.length);
140   bzero(ks.contents, ks.length);
141   FREE (ks.contents, ks.length);
142   return (ret);
143 }
144 
145  const struct krb5_keyhash_provider
146 krb5int_keyhash_hmac_md5 = {
147                 	MD5_CKSUM_LENGTH,
148 			k5_hmac_md5_hash,
149 			NULL /*checksum  again*/
150 			};
151 
152