wpa_supplicant: md5-non-fips.c Source File

Go to the documentation of this file.
00001 /*
00002  * MD5 hash implementation and interface functions (non-FIPS allowed cases)
00003  * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
00004  *
00005  * This program is free software; you can redistribute it and/or modify
00006  * it under the terms of the GNU General Public License version 2 as
00007  * published by the Free Software Foundation.
00008  *
00009  * Alternatively, this software may be distributed under the terms of BSD
00010  * license.
00011  *
00012  * See README and COPYING for more details.
00013  */
00014 
00015 #include "includes.h"
00016 
00017 #include "common.h"
00018 #include "md5.h"
00019 #include "crypto.h"
00020 
00021 
00032 int hmac_md5_vector_non_fips_allow(const u8 *key, size_t key_len,
00033                                    size_t num_elem, const u8 *addr[],
00034                                    const size_t *len, u8 *mac)
00035 {
00036         u8 k_pad[64]; /* padding - key XORd with ipad/opad */
00037         u8 tk[16];
00038         const u8 *_addr[6];
00039         size_t i, _len[6];
00040 
00041         if (num_elem > 5) {
00042                 /*
00043                  * Fixed limit on the number of fragments to avoid having to
00044                  * allocate memory (which could fail).
00045                  */
00046                 return -1;
00047         }
00048 
00049         /* if key is longer than 64 bytes reset it to key = MD5(key) */
00050         if (key_len > 64) {
00051                 if (md5_vector_non_fips_allow(1, &key, &key_len, tk))
00052                         return -1;
00053                 key = tk;
00054                 key_len = 16;
00055         }
00056 
00057         /* the HMAC_MD5 transform looks like:
00058          *
00059          * MD5(K XOR opad, MD5(K XOR ipad, text))
00060          *
00061          * where K is an n byte key
00062          * ipad is the byte 0x36 repeated 64 times
00063          * opad is the byte 0x5c repeated 64 times
00064          * and text is the data being protected */
00065 
00066         /* start out by storing key in ipad */
00067         os_memset(k_pad, 0, sizeof(k_pad));
00068         os_memcpy(k_pad, key, key_len);
00069 
00070         /* XOR key with ipad values */
00071         for (i = 0; i < 64; i++)
00072                 k_pad[i] ^= 0x36;
00073 
00074         /* perform inner MD5 */
00075         _addr[0] = k_pad;
00076         _len[0] = 64;
00077         for (i = 0; i < num_elem; i++) {
00078                 _addr[i + 1] = addr[i];
00079                 _len[i + 1] = len[i];
00080         }
00081         if (md5_vector_non_fips_allow(1 + num_elem, _addr, _len, mac))
00082                 return -1;
00083 
00084         os_memset(k_pad, 0, sizeof(k_pad));
00085         os_memcpy(k_pad, key, key_len);
00086         /* XOR key with opad values */
00087         for (i = 0; i < 64; i++)
00088                 k_pad[i] ^= 0x5c;
00089 
00090         /* perform outer MD5 */
00091         _addr[0] = k_pad;
00092         _len[0] = 64;
00093         _addr[1] = mac;
00094         _len[1] = MD5_MAC_LEN;
00095         return md5_vector_non_fips_allow(2, _addr, _len, mac);
00096 }
00097 
00098 
00108 int hmac_md5_non_fips_allow(const u8 *key, size_t key_len, const u8 *data,
00109                             size_t data_len, u8 *mac)
00110 {
00111         return hmac_md5_vector_non_fips_allow(key, key_len, 1, &data,
00112                                               &data_len, mac);
00113 }