1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
3 * lib/crypto/krb/checksum/hmac_md5.c
5 * Copyright (C) 2009 by the Massachusetts Institute of Technology.
8 * Export of this software from the United States of America may
9 * require a specific license from the United States Government.
10 * It is the responsibility of any person or organization contemplating
11 * export to obtain such a license before exporting.
13 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
14 * distribute this software and its documentation for any purpose and
15 * without fee is hereby granted, provided that the above copyright
16 * notice appear in all copies and that both that copyright notice and
17 * this permission notice appear in supporting documentation, and that
18 * the name of M.I.T. not be used in advertising or publicity pertaining
19 * to distribution of the software without specific, written prior
20 * permission. Furthermore if you modify this software you must label
21 * your software as modified software and not distribute it in such a
22 * fashion that it might be confused with the original M.I.T. software.
23 * M.I.T. makes no representations about the suitability of
24 * this software for any purpose. It is provided "as is" without express
25 * or implied warranty.
27 * Microsoft HMAC-MD5 and MD5-HMAC checksums (see RFC 4757):
28 * HMAC(KS, hash(msusage || input))
29 * KS is HMAC(key, "signaturekey\0") for HMAC-MD5, or just the key for
34 #include "cksumtypes.h"
36 #include "arcfour-int.h"
38 krb5_error_code krb5int_hmacmd5_checksum(const struct krb5_cksumtypes *ctp,
39 krb5_key key, krb5_keyusage usage,
40 const krb5_crypto_iov *data,
44 krb5_keyusage ms_usage;
46 krb5_keyblock ks, *keyblock;
47 krb5_crypto_iov *hash_iov = NULL, iov;
48 krb5_data ds = empty_data(), hashval = empty_data();
51 if (key == NULL || key->keyblock.length > ctp->hash->blocksize)
52 return KRB5_BAD_ENCTYPE;
53 if (ctp->ctype == CKSUMTYPE_HMAC_MD5_ARCFOUR) {
54 /* Compute HMAC(key, "signaturekey\0") to get the signing key ks. */
55 ret = alloc_data(&ds, key->keyblock.length);
59 iov.flags = KRB5_CRYPTO_TYPE_DATA;
60 iov.data = make_data("signaturekey", 13);
61 ret = krb5int_hmac(ctp->hash, key, &iov, 1, &ds);
64 ks.length = key->keyblock.length;
65 ks.contents = (krb5_octet *) ds.data;
67 } else /* For md5-hmac, just use the key. */
68 keyblock = &key->keyblock;
70 /* Compute the MD5 value of the input. */
71 ms_usage = krb5int_arcfour_translate_usage(usage);
72 store_32_le(ms_usage, t);
73 hash_iov = k5alloc((num_data + 1) * sizeof(krb5_crypto_iov), &ret);
76 hash_iov[0].flags = KRB5_CRYPTO_TYPE_DATA;
77 hash_iov[0].data = make_data(t, 4);
78 memcpy(hash_iov + 1, data, num_data * sizeof(krb5_crypto_iov));
79 ret = alloc_data(&hashval, ctp->hash->hashsize);
82 ret = ctp->hash->hash(hash_iov, num_data + 1, &hashval);
86 /* Compute HMAC(ks, md5value). */
87 iov.flags = KRB5_CRYPTO_TYPE_DATA;
89 ret = krb5int_hmac_keyblock(ctp->hash, keyblock, &iov, 1, output);
92 zapfree(ds.data, ds.length);
93 zapfree(hashval.data, hashval.length);