c/minizip-ng
1
0
Fork 0
mirror of https://github.com/zlib-ng/minizip-ng synced 2025-03-28 21:13:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixed hmac implementation in brg library. #334

Browse Source 
Moved brg setup in cmake.
This commit is contained in:
Nathan Moinvaziri 2018-10-31 18:25:53 -07:00
parent f6557afd71
commit f79ec42ad3
8 changed files with 103 additions and 146 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
CMakeLists.txt
View File

@ -180,9 +180,7 @@ if(UNIX)
list(APPEND MINIZIP_SRC "mz_os_posix.c" "mz_strm_os_posix.c")
if ((USE_PKCRYPT OR USE_AES) AND (NOT USE_OPENSSL AND NOT OPENSSL_FOUND))
list(APPEND MINIZIP_SRC "mz_crypt_brg.c")
add_definitions(-DMZ_ZIP_NO_SIGNING)
set(USE_BRG TRUE)
# Check to see which random generation functions we have
check_symbol_exists("getrandom" "sys/random.h" HAVE_GETRANDOM)
@ -213,28 +211,6 @@ if(UNIX)
endif()
endif()
endif()
set(BRG_SRC
lib/brg/aescrypt.c
lib/brg/aeskey.c
lib/brg/aestab.c
lib/brg/hmac.c
lib/brg/sha1.c
lib/brg/sha2.c)
set(BRG_PUBLIC_HEADERS
lib/brg/aes.h
lib/brg/aesopt.h
lib/brg/aestab.h
lib/brg/brg_endian.h
lib/brg/brg_types.h
lib/brg/hmac.h
lib/brg/sha1.h)
include_directories(lib/brg)
source_group("BRG" FILES ${BRG_SRC} ${BRG_PUBLIC_HEADERS})
endif()
# Setup and use large file macros if necessary
@ -286,6 +262,34 @@ if(USE_AES)
list(APPEND MINIZIP_PUBLIC_HEADERS "mz_strm_wzaes.h")
endif()
# Include BRG
if(USE_BRG)
list(APPEND MINIZIP_SRC "mz_crypt_brg.c")
add_definitions(-DMZ_ZIP_NO_SIGNING)
set(BRG_SRC
lib/brg/aescrypt.c
lib/brg/aeskey.c
lib/brg/aestab.c
lib/brg/hmac.c
lib/brg/sha1.c
lib/brg/sha2.c)
set(BRG_PUBLIC_HEADERS
lib/brg/aes.h
lib/brg/aesopt.h
lib/brg/aestab.h
lib/brg/brg_endian.h
lib/brg/brg_types.h
lib/brg/hmac.h
lib/brg/sha1.h)
include_directories(lib/brg)
source_group("BRG" FILES ${BRG_SRC} ${BRG_PUBLIC_HEADERS})
endif()
# Include OpenSSL
if(USE_OPENSSL AND OPENSSL_FOUND)
list(APPEND MINIZIP_SRC "mz_crypt_openssl.c")

7
mz_compat.h
View File

@ -25,14 +25,17 @@ extern "C" {
#ifndef DEF_MEM_LEVEL
# if MAX_MEM_LEVEL >= 8
# define DEF_MEM_LEVEL 8
# else
# elif defined(MAX_MEM_LEVEL)
# define DEF_MEM_LEVEL MAX_MEM_LEVEL
# endif
#endif
#else
#ifndef MAX_WBITS
#define MAX_WBITS (15)
#endif
#ifndef DEF_MEM_LEVEL
#define DEF_MEM_LEVEL (8)
#endif
#endif
#ifndef ZEXPORT
# define ZEXPORT

3
mz_crypt.h
View File

@ -40,11 +40,10 @@ void* mz_crypt_aes_create(void **handle);
void mz_crypt_aes_delete(void **handle);
void mz_crypt_hmac_reset(void *handle);
int32_t mz_crypt_hmac_begin(void *handle);
int32_t mz_crypt_hmac_init(void *handle, const void *key, int32_t key_length);
int32_t mz_crypt_hmac_update(void *handle, const void *buf, int32_t size);
int32_t mz_crypt_hmac_end(void *handle, uint8_t *digest, int32_t digest_size);
int32_t mz_crypt_hmac_copy(void *src_handle, void *target_handle);
int32_t mz_crypt_hmac_set_key(void *handle, const void *key, int32_t key_length);
void mz_crypt_hmac_set_algorithm(void *handle, uint16_t algorithm);
void* mz_crypt_hmac_create(void **handle);
void mz_crypt_hmac_delete(void **handle);

20
mz_crypt_brg.c
View File

@ -321,18 +321,22 @@ void mz_crypt_hmac_reset(void *handle)
hmac->error = 0;
}
int32_t mz_crypt_hmac_begin(void *handle)
int32_t mz_crypt_hmac_init(void *handle, const void *key, int32_t key_length)
{
mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle;
if (hmac == NULL)
return MZ_PARAM_ERROR;
mz_crypt_hmac_reset(handle);
if (hmac->algorithm == MZ_HASH_SHA1)
hmac_sha_begin(HMAC_SHA1, &hmac->ctx);
else
hmac_sha_begin(HMAC_SHA256, &hmac->ctx);
hmac_sha_key(key, key_length, &hmac->ctx);
return MZ_OK;
}
@ -370,20 +374,6 @@ int32_t mz_crypt_hmac_end(void *handle, uint8_t *digest, int32_t digest_size)
return MZ_OK;
}
int32_t mz_crypt_hmac_set_key(void *handle, const void *key, int32_t key_length)
{
mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle;
if (hmac == NULL || key == NULL)
return MZ_PARAM_ERROR;
mz_crypt_hmac_reset(handle);
hmac_sha_key(key, key_length, &hmac->ctx);
return MZ_OK;
}
void mz_crypt_hmac_set_algorithm(void *handle, uint16_t algorithm)
{
mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle;

36
mz_crypt_openssl.c
View File

@ -324,13 +324,24 @@ void mz_crypt_hmac_reset(void *handle)
hmac->error = 0;
}
int32_t mz_crypt_hmac_begin(void *handle)
int32_t mz_crypt_hmac_init(void *handle, const void *key, int32_t key_length)
{
mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle;
const EVP_MD *evp_md = NULL;
if (hmac == NULL)
if (hmac == NULL || key == NULL)
return MZ_PARAM_ERROR;
mz_crypt_hmac_reset(handle);
hmac->ctx = HMAC_CTX_new();
if (hmac->algorithm == MZ_HASH_SHA1)
evp_md = EVP_sha1();
else
evp_md = EVP_sha256();
HMAC_Init(hmac->ctx, key, key_length, evp_md);
return MZ_OK;
}
@ -377,27 +388,6 @@ int32_t mz_crypt_hmac_end(void *handle, uint8_t *digest, int32_t digest_size)
return MZ_OK;
}
int32_t mz_crypt_hmac_set_key(void *handle, const void *key, int32_t key_length)
{
mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle;
const EVP_MD *evp_md = NULL;
if (hmac == NULL || key == NULL)
return MZ_PARAM_ERROR;
mz_crypt_hmac_reset(handle);
hmac->ctx = HMAC_CTX_new();
if (hmac->algorithm == MZ_HASH_SHA1)
evp_md = EVP_sha1();
else
evp_md = EVP_sha256();
HMAC_Init(hmac->ctx, key, key_length, evp_md);
return MZ_OK;
}
void mz_crypt_hmac_set_algorithm(void *handle, uint16_t algorithm)
{
mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle;

112
mz_crypt_win32.c
View File

@ -383,73 +383,7 @@ void mz_crypt_hmac_reset(void *handle)
mz_crypt_hmac_free(handle);
}
int32_t mz_crypt_hmac_begin(void *handle)
{
mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle;
int32_t result = 0;
int32_t err = MZ_OK;
if (hmac == NULL || hmac->provider == 0)
return MZ_PARAM_ERROR;
result = CryptCreateHash(hmac->provider, CALG_HMAC, hmac->key, 0, &hmac->hash);
if (!result)
{
hmac->error = GetLastError();
err = MZ_HASH_ERROR;
}
if (result)
{
result = CryptSetHashParam(hmac->hash, HP_HMAC_INFO, (uint8_t *)&hmac->info, 0);
if (!result)
{
hmac->error = GetLastError();
err = MZ_HASH_ERROR;
}
}
return err;
}
int32_t mz_crypt_hmac_update(void *handle, const void *buf, int32_t size)
{
mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle;
int32_t result = 0;
if (hmac == NULL || buf == NULL || hmac->hash == 0)
return MZ_PARAM_ERROR;
result = CryptHashData(hmac->hash, buf, size, 0);
if (!result)
{
hmac->error = GetLastError();
return MZ_HASH_ERROR;
}
return MZ_OK;
}
int32_t mz_crypt_hmac_end(void *handle, uint8_t *digest, int32_t digest_size)
{
mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle;
int32_t result = 0;
int32_t expected_size = 0;
int32_t err = MZ_OK;
if (hmac == NULL || digest == NULL || hmac->hash == 0)
return MZ_PARAM_ERROR;
result = CryptGetHashParam(hmac->hash, HP_HASHVAL, NULL, &expected_size, 0);
if (expected_size > digest_size)
return MZ_BUF_ERROR;
if (!result)
return MZ_HASH_ERROR;
result = CryptGetHashParam(hmac->hash, HP_HASHVAL, digest, &digest_size, 0);
if (!result)
{
hmac->error = GetLastError();
return MZ_HASH_ERROR;
}
return MZ_OK;
}
int32_t mz_crypt_hmac_set_key(void *handle, const void *key, int32_t key_length)
int32_t mz_crypt_hmac_init(void *handle, const void *key, int32_t key_length)
{
mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle;
HCRYPTHASH hash = 0;
@ -499,6 +433,10 @@ int32_t mz_crypt_hmac_set_key(void *handle, const void *key, int32_t key_length)
memcpy(key_blob + sizeof(key_blob_header_s), key, key_length);
result = CryptImportKey(hmac->provider, key_blob, key_blob_size, 0, CRYPT_IPSEC_HMAC_KEY, &hmac->key);
if (result)
result = CryptCreateHash(hmac->provider, CALG_HMAC, hmac->key, 0, &hmac->hash);
if (result)
result = CryptSetHashParam(hmac->hash, HP_HMAC_INFO, (uint8_t *)&hmac->info, 0);
if (!result)
{
hmac->error = GetLastError();
@ -513,6 +451,46 @@ int32_t mz_crypt_hmac_set_key(void *handle, const void *key, int32_t key_length)
return err;
}
int32_t mz_crypt_hmac_update(void *handle, const void *buf, int32_t size)
{
mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle;
int32_t result = 0;
if (hmac == NULL || buf == NULL || hmac->hash == 0)
return MZ_PARAM_ERROR;
result = CryptHashData(hmac->hash, buf, size, 0);
if (!result)
{
hmac->error = GetLastError();
return MZ_HASH_ERROR;
}
return MZ_OK;
}
int32_t mz_crypt_hmac_end(void *handle, uint8_t *digest, int32_t digest_size)
{
mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle;
int32_t result = 0;
int32_t expected_size = 0;
int32_t err = MZ_OK;
if (hmac == NULL || digest == NULL || hmac->hash == 0)
return MZ_PARAM_ERROR;
result = CryptGetHashParam(hmac->hash, HP_HASHVAL, NULL, &expected_size, 0);
if (expected_size > digest_size)
return MZ_BUF_ERROR;
if (!result)
return MZ_HASH_ERROR;
result = CryptGetHashParam(hmac->hash, HP_HASHVAL, digest, &digest_size, 0);
if (!result)
{
hmac->error = GetLastError();
return MZ_HASH_ERROR;
}
return MZ_OK;
}
void mz_crypt_hmac_set_algorithm(void *handle, uint16_t algorithm)
{
mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle;

11
mz_strm_wzaes.c
View File

@ -97,12 +97,8 @@ int32_t mz_stream_wzaes_pbkdf2(uint8_t *password, int32_t password_length, uint8
mz_crypt_hmac_set_algorithm(hmac2, MZ_HASH_SHA1);
mz_crypt_hmac_set_algorithm(hmac3, MZ_HASH_SHA1);
err = mz_crypt_hmac_set_key(hmac1, password, password_length);
if (err == MZ_OK)
err = mz_crypt_hmac_begin(hmac1);
err = mz_crypt_hmac_set_key(hmac2, password, password_length);
if (err == MZ_OK)
err = mz_crypt_hmac_begin(hmac2);
err = mz_crypt_hmac_init(hmac1, password, password_length);
err = mz_crypt_hmac_init(hmac2, password, password_length);
if (err == MZ_OK)
err = mz_crypt_hmac_update(hmac2, salt, salt_length);
@ -222,8 +218,7 @@ int32_t mz_stream_wzaes_open(void *stream, const char *path, int32_t mode)
// Initialize for authentication using key 2
mz_crypt_hmac_reset(wzaes->hmac);
mz_crypt_hmac_set_algorithm(wzaes->hmac, MZ_HASH_SHA1);
mz_crypt_hmac_set_key(wzaes->hmac, kbuf + key_length, key_length);
mz_crypt_hmac_begin(wzaes->hmac);
mz_crypt_hmac_init(wzaes->hmac, kbuf + key_length, key_length);
memcpy(verify, kbuf + (2 * key_length), MZ_AES_PW_VERIFY_SIZE);

6
test/test.c
View File

@ -550,8 +550,7 @@ void test_crypt_hmac(void)
mz_crypt_hmac_create(&hmac);
mz_crypt_hmac_set_algorithm(hmac, MZ_HASH_SHA1);
mz_crypt_hmac_set_key(hmac, key, key_length);
mz_crypt_hmac_begin(hmac);
mz_crypt_hmac_init(hmac, key, key_length);
mz_crypt_hmac_update(hmac, test, test_length);
mz_crypt_hmac_end(hmac, hash, sizeof(hash));
mz_crypt_hmac_delete(&hmac);
@ -568,8 +567,7 @@ void test_crypt_hmac(void)
mz_crypt_hmac_create(&hmac);
mz_crypt_hmac_set_algorithm(hmac, MZ_HASH_SHA256);
mz_crypt_hmac_set_key(hmac, key, key_length);
mz_crypt_hmac_begin(hmac);
mz_crypt_hmac_init(hmac, key, key_length);
mz_crypt_hmac_update(hmac, test, test_length);
mz_crypt_hmac_end(hmac, hash256, sizeof(hash256));
mz_crypt_hmac_delete(&hmac);