summaryrefslogtreecommitdiffstats
path: root/src/lib/crypto/sha/sha_crypto.c
blob: b539b1199fb597506ff153580c644de2290595c4 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76

#include "shs.h"

/* Windows needs to these prototypes for the assignment below */

static krb5_error_code
krb5_sha_crypto_sum_func
	PROTOTYPE((krb5_const krb5_pointer in,
		   krb5_const size_t in_length,
		   krb5_const krb5_pointer seed,
		   krb5_const size_t seed_length,
		   krb5_checksum FAR *outcksum));

static krb5_error_code
krb5_sha_crypto_verify_func
	PROTOTYPE((krb5_const krb5_checksum FAR *cksum,
		   krb5_const krb5_pointer in,
		   krb5_const size_t in_length,
		   krb5_const krb5_pointer seed,
		   krb5_const size_t seed_length));

static krb5_error_code
krb5_sha_crypto_sum_func(in, in_length, seed, seed_length, outcksum)
    krb5_const krb5_pointer in;
    krb5_const size_t in_length;
    krb5_const krb5_pointer seed;
    krb5_const size_t seed_length;
    krb5_checksum FAR *outcksum;
{
    krb5_error_code retval;

    if (outcksum->length < HMAC_SHA_CKSUM_LENGTH)
	return KRB5_BAD_MSIZE;

    outcksum->checksum_type = CKSUMTYPE_HMAC_SHA;
    outcksum->length = HMAC_SHA_CKSUM_LENGTH;

    retval = hmac_sha(in, in_length, seed, seed_length, outcksum->contents);
    return retval;
}

static krb5_error_code
krb5_sha_crypto_verify_func(cksum, in, in_length, seed, seed_length)
    krb5_const krb5_checksum FAR *cksum;
    krb5_const krb5_pointer in;
    krb5_const size_t in_length;
    krb5_const krb5_pointer seed;
    krb5_const size_t seed_length;
{
    krb5_octet digest[HMAC_SHA_CKSUM_LENGTH];
    krb5_error_code retval;

    if (cksum->checksum_type != CKSUMTYPE_HMAC_SHA)
	return KRB5KRB_AP_ERR_INAPP_CKSUM;
    if (cksum->length != HMAC_SHA_CKSUM_LENGTH)
	return KRB5KRB_AP_ERR_BAD_INTEGRITY;

    retval = hmac_sha(in, in_length, seed, seed_length, digest);
    if (retval) goto cleanup;

    if (memcmp((char *)digest, (char *)cksum->contents, cksum->length))
	retval = KRB5KRB_AP_ERR_BAD_INTEGRITY;

cleanup:
    memset((char *)digest, 0, sizeof(digest));
    return retval;
}

krb5_checksum_entry hmac_sha_cksumtable_entry =
{
    0,
    krb5_sha_crypto_sum_func,
    krb5_sha_crypto_verify_func,
    HMAC_SHA_CKSUM_LENGTH,
    1,					/* is collision proof */
    1,					/* uses key */
};
generated by cgit (git 2.34.1) at 2024-07-01 19:31:45 +0000