Commit 9c4cba34 authored by Brian Wellington's avatar Brian Wellington
Browse files

334. [func] Added hmac-md5 to libisc.

parent 0e65062a
334. [func] Added hmac-md5 to libisc.
333. [bug] The resolver incorrectly accepted referrals to
domains that were not parents of the query name,
causing assertion failures.
......
......@@ -15,12 +15,14 @@
* SOFTWARE.
*/
/* $Id: hash_test.c,v 1.4 2000/06/23 16:18:56 tale Exp $ */
/* $Id: hash_test.c,v 1.5 2000/07/17 17:33:39 bwelling Exp $ */
#include <config.h>
#include <stdio.h>
#include <string.h>
#include <isc/hmacmd5.h>
#include <isc/md5.h>
#include <isc/sha1.h>
#include <isc/util.h>
......@@ -45,9 +47,11 @@ int
main(int argc, char **argv) {
isc_sha1_t sha1;
isc_md5_t md5;
isc_hmacmd5_t hmacmd5;
unsigned char digest[20];
unsigned char buffer[1024];
const unsigned char *s;
unsigned char key[20];
UNUSED(argc);
UNUSED(argv);
......@@ -73,5 +77,36 @@ main(int argc, char **argv) {
isc_md5_final(&md5, digest);
print_digest(buffer, "md5", digest, 4);
/*
* The 3 HMAC-MD5 examples from RFC 2104
*/
s = "Hi There";
memset(key, 0x0b, 16);
isc_hmacmd5_init(&hmacmd5, key, 16);
strcpy(buffer, s);
isc_hmacmd5_update(&hmacmd5, buffer, strlen(s));
isc_hmacmd5_sign(&hmacmd5, digest);
print_digest(buffer, "hmacmd5", digest, 4);
s = "what do ya want for nothing?";
strcpy(key, "Jefe");
isc_hmacmd5_init(&hmacmd5, key, 4);
strcpy(buffer, s);
isc_hmacmd5_update(&hmacmd5, buffer, strlen(s));
isc_hmacmd5_sign(&hmacmd5, digest);
print_digest(buffer, "hmacmd5", digest, 4);
s = "\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335";
memset(key, 0xaa, 16);
isc_hmacmd5_init(&hmacmd5, key, 16);
strcpy(buffer, s);
isc_hmacmd5_update(&hmacmd5, buffer, strlen(s));
isc_hmacmd5_sign(&hmacmd5, digest);
print_digest(buffer, "hmacmd5", digest, 4);
return (0);
}
......@@ -13,7 +13,7 @@
# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
# SOFTWARE.
# $Id: Makefile.in,v 1.61 2000/06/22 21:56:48 tale Exp $
# $Id: Makefile.in,v 1.62 2000/07/17 17:33:31 bwelling Exp $
srcdir = @srcdir@
VPATH = @srcdir@
......@@ -50,7 +50,8 @@ WIN32OBJS = win32/condition.@O@ win32/dir.@O@ win32/file.@O@ \
# Alphabetically
OBJS = @ISC_EXTRA_OBJS@ \
assertions.@O@ base64.@O@ bitstring.@O@ buffer.@O@ \
bufferlist.@O@ commandline.@O@ error.@O@ event.@O@ heap.@O@ \
bufferlist.@O@ commandline.@O@ error.@O@ event.@O@ \
heap.@O@ hmacmd5.@O@ \
lex.@O@ lfsr.@O@ lib.@O@ log.@O@ \
md5.@O@ mem.@O@ mutexblock.@O@ netaddr.@O@ ondestroy.@O@ \
quota.@O@ random.@O@ \
......@@ -62,7 +63,8 @@ OBJS = @ISC_EXTRA_OBJS@ \
# Alphabetically
SRCS = @ISC_EXTRA_SRCS@ \
assertions.c base64.c bitstring.c buffer.c \
bufferlist.c commandline.c error.c event.c heap.c \
bufferlist.c commandline.c error.c event.c \
heap.c hmacmd5.c \
lex.c lfsr.c lib.c log.c \
md5.c mem.c mutexblock.c netaddr.c ondestroy.c \
quota.c random.c \
......
/*
* Copyright (C) 2000 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
* CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
*/
/* $Id: hmacmd5.c,v 1.1 2000/07/17 17:33:31 bwelling Exp $ */
/*
* This code implements the HMAC-MD5 keyed hash algorithm
* described in RFC 2104.
*/
#include "config.h"
#include <isc/assertions.h>
#include <isc/hmacmd5.h>
#include <isc/md5.h>
#include <isc/types.h>
#include <isc/util.h>
#define PADLEN 64
#define IPAD 0x36
#define OPAD 0x5C
/*
* Start HMAC-MD5 process. Initialize an md5 context and digest the key.
*/
void
isc_hmacmd5_init(isc_hmacmd5_t *ctx, const unsigned char *key,
unsigned int len)
{
unsigned char ipad[PADLEN];
int i;
memset(ctx->key, 0, sizeof (ctx->key));
if (len > sizeof(ctx->key)) {
isc_md5_t md5ctx;
isc_md5_init(&md5ctx);
isc_md5_update(&md5ctx, key, len);
isc_md5_final(&md5ctx, ctx->key);
} else
memcpy(ctx->key, key, len);
isc_md5_init(&ctx->md5ctx);
memset(ipad, IPAD, sizeof (ipad));
for (i = 0; i < PADLEN; i++)
ipad[i] ^= ctx->key[i];
isc_md5_update(&ctx->md5ctx, ipad, sizeof(ipad));
}
void
isc_hmacmd5_invalidate(isc_hmacmd5_t *ctx) {
isc_md5_invalidate(&ctx->md5ctx);
memset(ctx->key, 0, sizeof (ctx->key));
memset(ctx, 0, sizeof (ctx));
}
/*
* Update context to reflect the concatenation of another buffer full
* of bytes.
*/
void
isc_hmacmd5_update(isc_hmacmd5_t *ctx, const unsigned char *buf,
unsigned int len)
{
isc_md5_update(&ctx->md5ctx, buf, len);
}
/*
* Compute signature - finalize MD5 operation and reapply MD5.
*/
void
isc_hmacmd5_sign(isc_hmacmd5_t *ctx, unsigned char *digest) {
unsigned char opad[PADLEN];
int i;
isc_md5_final(&ctx->md5ctx, digest);
memset(opad, OPAD, sizeof (opad));
for (i = 0; i < PADLEN; i++)
opad[i] ^= ctx->key[i];
isc_md5_init(&ctx->md5ctx);
isc_md5_update(&ctx->md5ctx, opad, sizeof(opad));
isc_md5_update(&ctx->md5ctx, digest, ISC_MD5_DIGESTLENGTH);
isc_md5_final(&ctx->md5ctx, digest);
isc_hmacmd5_invalidate(ctx);
}
/*
* Verify signature - finalize MD5 operation and reapply MD5, then
* compare to the supplied digest.
*/
isc_boolean_t
isc_hmacmd5_verify(isc_hmacmd5_t *ctx, unsigned char *digest) {
unsigned char newdigest[ISC_MD5_DIGESTLENGTH];
isc_hmacmd5_sign(ctx, newdigest);
return (ISC_TF(memcmp(digest, newdigest, ISC_MD5_DIGESTLENGTH) == 0));
}
......@@ -13,7 +13,7 @@
# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
# SOFTWARE.
# $Id: Makefile.in,v 1.39 2000/06/30 00:26:19 gson Exp $
# $Id: Makefile.in,v 1.40 2000/07/17 17:33:34 bwelling Exp $
srcdir = @srcdir@
VPATH = @srcdir@
......@@ -28,8 +28,8 @@ top_srcdir = @top_srcdir@
#
HEADERS = assertions.h base64.h bitstring.h boolean.h buffer.h \
bufferlist.h commandline.h error.h event.h eventclass.h \
file.h formatcheck.h fsaccess.h heap.h interfaceiter.h \
@ISC_IPV6_H@ lang.h lex.h \
file.h formatcheck.h fsaccess.h heap.h hmacmd5.h \
interfaceiter.h @ISC_IPV6_H@ lang.h lex.h \
lfsr.h lib.h list.h log.h magic.h md5.h mem.h msgcat.h \
mutexblock.h netaddr.h ondestroy.h os.h \
print.h quota.h random.h ratelimiter.h region.h \
......
/*
* Copyright (C) 2000 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
* CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
*/
/* $Id: hmacmd5.h,v 1.1 2000/07/17 17:33:32 bwelling Exp $ */
/*
* This is the header file for the HMAC-MD5 keyed hash algorithm
* described in RFC 2104.
*/
#ifndef ISC_HMACMD5_H
#define ISC_HMACMD5_H 1
#include <isc/lang.h>
#include <isc/md5.h>
#include <isc/types.h>
#define ISC_HMACMD5_KEYLENGTH 64
typedef struct {
isc_md5_t md5ctx;
unsigned char key[ISC_HMACMD5_KEYLENGTH];
} isc_hmacmd5_t;
ISC_LANG_BEGINDECLS
void
isc_hmacmd5_init(isc_hmacmd5_t *ctx, const unsigned char *key,
unsigned int len);
void
isc_hmacmd5_invalidate(isc_hmacmd5_t *ctx);
void
isc_hmacmd5_update(isc_hmacmd5_t *ctx, const unsigned char *buf,
unsigned int len);
void
isc_hmacmd5_sign(isc_hmacmd5_t *ctx, unsigned char *digest);
isc_boolean_t
isc_hmacmd5_verify(isc_hmacmd5_t *ctx, unsigned char *digest);
ISC_LANG_ENDDECLS
#endif /* ISC_HMACMD5_H */
......@@ -994,6 +994,7 @@
./lib/isc/event.c C 1998,1999,2000
./lib/isc/fsaccess.c C 2000
./lib/isc/heap.c C 1997,1998,1999,2000
./lib/isc/hmacmd5.c C 2000
./lib/isc/include/.cvsignore X 1999,2000
./lib/isc/include/Makefile.in MAKE 1998,1999,2000
./lib/isc/include/isc/.cvsignore X 1999,2000
......@@ -1013,6 +1014,7 @@
./lib/isc/include/isc/formatcheck.h C 2000
./lib/isc/include/isc/fsaccess.h C 2000
./lib/isc/include/isc/heap.h C 1997,1998,1999,2000
./lib/isc/include/isc/hmacmd5.h C 2000
./lib/isc/include/isc/interfaceiter.h C 1999,2000
./lib/isc/include/isc/ipv6.h C 1999,2000
./lib/isc/include/isc/lang.h C 1999,2000
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment