8 # define alloca __builtin_alloca
10 # define alloca __alloca
11 #elif defined _MSC_VER
13 # define alloca _alloca
19 void *alloca (size_t);
24 #include <sys/types.h>
32 #ifdef HAVE_NETINET_IN_H
33 # include <netinet/in.h>
38 # include <gnutls/gnutls.h>
39 # include <gnutls/x509.h>
41 # include <openssl/rsa.h>
42 # include <openssl/objects.h>
43 # include <openssl/err.h>
44 # include <openssl/ssl.h>
45 # include <openssl/dh.h>
46 # include <openssl/dsa.h>
47 # include <openssl/evp.h>
48 # include <openssl/x509.h>
49 # include <openssl/pem.h>
54 # include <openssl/sha.h>
59 # include <gnutls/x509.h>
62 # include <openssl/evp.h>
63 # include <openssl/hmac.h>
64 # include <openssl/rand.h>
69 #include "Eet_private.h"
71 #define EET_MAGIC_SIGN 0x1ee74271
74 # define MAX_KEY_LEN 32
75 # define MAX_IV_LEN 16
77 # define MAX_KEY_LEN EVP_MAX_KEY_LENGTH
78 # define MAX_IV_LEN EVP_MAX_IV_LENGTH
83 static Eet_Error eet_hmac_sha1(const void *key, size_t key_len, const void *data, size_t data_len, unsigned char *res);
85 static Eet_Error eet_pbkdf2_sha1(const char *key, int key_len, const unsigned char *salt, unsigned int salt_len, int iter, unsigned char *res, int res_len);
93 gnutls_x509_crt_t certificate;
94 gnutls_x509_privkey_t private_key;
97 EVP_PKEY *private_key;
103 eet_identity_open(const char *certificate_file, const char *private_key_file, Eet_Key_Password_Callback cb)
105 #ifdef HAVE_SIGNATURE
106 /* Signature declarations */
110 /* Gnutls private declarations */
114 gnutls_datum_t load_file = { NULL, 0 };
118 if (!(key = malloc(sizeof(Eet_Key)))) goto on_error;
121 if (gnutls_x509_crt_init(&(key->certificate))) goto on_error;
122 if (gnutls_x509_privkey_init(&(key->private_key))) goto on_error;
124 /* Mmap certificate_file */
125 if (!(fp = fopen(certificate_file, "r"))) goto on_error;
126 if ((fd = fileno(fp)) == -1) goto on_error;
127 if (fstat(fd, &st)) goto on_error;
128 if ((data = mmap(NULL, st.st_size, PROT_READ, MAP_PRIVATE, fd, 0)) == MAP_FAILED) goto on_error;
130 /* Import the certificate in Eet_Key structure */
131 load_file.data = data;
132 load_file.size = st.st_size;
133 if (gnutls_x509_crt_import(key->certificate, &load_file, GNUTLS_X509_FMT_PEM) < 0)
135 if (munmap(data, st.st_size)) goto on_error;
141 load_file.data = NULL;
144 /* Mmap private_key_file */
145 if (!(fp = fopen(private_key_file, "r"))) goto on_error;
146 if ((fd = fileno(fp)) == -1) goto on_error;
147 if (fstat(fd, &st)) goto on_error;
148 if ((data = mmap(NULL, st.st_size, PROT_READ, MAP_PRIVATE, fd, 0)) == MAP_FAILED) goto on_error;
150 /* Import the private key in Eet_Key structure */
151 load_file.data = data;
152 load_file.size = st.st_size;
153 /* Try to directly import the PEM encoded private key */
154 if (gnutls_x509_privkey_import(key->private_key, &load_file, GNUTLS_X509_FMT_PEM) < 0)
156 /* Else ask for the private key pass */
157 if (cb && cb(pass, 1024, 0, NULL))
159 /* If pass then try to decode the pkcs 8 private key */
160 if (gnutls_x509_privkey_import_pkcs8(key->private_key, &load_file, GNUTLS_X509_FMT_PEM, pass, 0))
165 /* Else try to import the pkcs 8 private key without pass */
166 if (gnutls_x509_privkey_import_pkcs8(key->private_key, &load_file, GNUTLS_X509_FMT_PEM, NULL, 1))
170 if (munmap(data, st.st_size)) goto on_error;
179 if (key->certificate) gnutls_x509_crt_deinit(key->certificate);
180 if (key->private_key) gnutls_x509_privkey_deinit(key->private_key);
183 if (data) munmap(data, st.st_size);
185 /* Openssl private declarations */
186 EVP_PKEY *pkey = NULL;
189 /* Load the X509 certificate in memory. */
190 fp = fopen(certificate_file, "r");
191 if (!fp) return NULL;
192 cert = PEM_read_X509(fp, NULL, NULL, NULL);
194 if (!cert) goto on_error;
196 /* Check the presence of the public key. Just in case. */
197 pkey = X509_get_pubkey(cert);
198 if (!pkey) goto on_error;
200 /* Load the private key in memory. */
201 fp = fopen(private_key_file, "r");
202 if (!fp) goto on_error;
203 pkey = PEM_read_PrivateKey(fp, NULL, cb, NULL);
205 if (!pkey) goto on_error;
207 /* Load the certificate and the private key in Eet_Key structure */
208 key = malloc(sizeof(Eet_Key));
209 if (!key) goto on_error;
211 key->certificate = cert;
212 key->private_key = pkey;
217 if (cert) X509_free(cert);
218 if (pkey) EVP_PKEY_free(pkey);
225 eet_identity_close(Eet_Key *key)
227 #ifdef HAVE_SIGNATURE
228 if (!key || (key->references > 0)) return ;
230 gnutls_x509_crt_deinit(key->certificate);
231 gnutls_x509_privkey_deinit(key->private_key);
233 X509_free(key->certificate);
234 EVP_PKEY_free(key->private_key);
241 eet_identity_print(Eet_Key *key, FILE *out)
243 #ifdef HAVE_SIGNATURE
245 const char *names[6] = {
254 gnutls_datum_t data = { NULL, 0 };
255 gnutls_datum_t rsa_raw[6];
263 if (key->private_key)
265 if (gnutls_x509_privkey_export_rsa_raw(key->private_key,
266 rsa_raw + 0, /* Modulus */
267 rsa_raw + 1, /* Public exponent */
268 rsa_raw + 2, /* Private exponent */
269 rsa_raw + 3, /* First prime */
270 rsa_raw + 4, /* Second prime */
271 rsa_raw + 5)) /* Coefficient */
273 if (!(res = malloc(size))) goto on_error;
275 fprintf(out, "Private Key:\n");
278 for (i = 0; i < 6; i++)
280 while ((err = gnutls_hex_encode(rsa_raw + i, res, &size)) == GNUTLS_E_SHORT_MEMORY_BUFFER)
283 if (!(res = realloc(res, size))) goto on_error;
285 if (err) goto on_error;
287 fprintf(out, "\t%s:\n", names[i]);
288 for (j = 0; strlen(res) > j; j += 32)
290 snprintf(buf, 32, "%s", res + j);
291 fprintf(out, "\t\t%s\n", buf);
298 if (key->certificate)
300 fprintf(out, "Public certificate:\n");
301 if (gnutls_x509_crt_print(key->certificate, GNUTLS_X509_CRT_FULL, &data)) goto on_error;
302 fprintf(out, "%s\n", data.data);
303 gnutls_free(data.data);
309 if (data.data) gnutls_free(data.data);
318 rsa = EVP_PKEY_get1_RSA(key->private_key);
321 fprintf(out, "Private key (RSA):\n");
322 RSA_print_fp(out, rsa, 0);
325 dsa = EVP_PKEY_get1_DSA(key->private_key);
328 fprintf(out, "Private key (DSA):\n");
329 DSA_print_fp(out, dsa, 0);
332 dh = EVP_PKEY_get1_DH(key->private_key);
335 fprintf(out, "Private key (DH):\n");
336 DHparams_print_fp(out, dh);
339 fprintf(out, "Public certificate:\n");
340 X509_print_fp(out, key->certificate);
343 ERR("You need to compile signature support in EET.");
348 eet_identity_ref(Eet_Key *key)
350 if (key == NULL) return ;
355 eet_identity_unref(Eet_Key *key)
357 if (key == NULL) return ;
359 eet_identity_close(key);
363 eet_identity_compute_sha1(const void *data_base, unsigned int data_length,
368 #ifdef HAVE_SIGNATURE
370 result = malloc(gcry_md_get_algo_dlen(GCRY_MD_SHA1));
371 if (!result) return NULL;
373 gcry_md_hash_buffer(GCRY_MD_SHA1, result, data_base, data_length);
374 if (sha1_length) *sha1_length = gcry_md_get_algo_dlen(GCRY_MD_SHA1);
377 result = malloc(SHA_DIGEST_LENGTH);
378 if (!result) return NULL;
380 SHA1(data_base, data_length, result);
381 if (sha1_length) *sha1_length = SHA_DIGEST_LENGTH;
394 eet_identity_sign(FILE *fp, Eet_Key *key)
396 #ifdef HAVE_SIGNATURE
397 Eet_Error err = EET_ERROR_NONE;
402 unsigned char *sign = NULL;
403 unsigned char *cert = NULL;
405 gnutls_datum_t datum = { NULL, 0 };
410 unsigned int sign_len = 0;
414 /* A few check and flush pending write. */
415 if (!fp || !key || !key->certificate || !key->private_key)
416 return EET_ERROR_BAD_OBJECT;
418 /* Get the file size. */
420 if (fd < 0) return EET_ERROR_BAD_OBJECT;
421 if (fstat(fd, &st_buf) < 0) return EET_ERROR_MMAP_FAILED;
423 /* Map the file in memory. */
424 data = mmap(NULL, st_buf.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
425 if (data == MAP_FAILED) return EET_ERROR_MMAP_FAILED;
429 datum.size = st_buf.st_size;
431 /* Get the signature length */
432 if (gnutls_x509_privkey_sign_data(key->private_key, GNUTLS_DIG_SHA1, 0, &datum, sign, &sign_len) &&
435 err = EET_ERROR_SIGNATURE_FAILED;
439 /* Get the signature */
440 sign = malloc(sign_len);
441 if (!sign || gnutls_x509_privkey_sign_data(key->private_key, GNUTLS_DIG_SHA1, 0, &datum, sign, &sign_len))
443 if (!sign) err = EET_ERROR_OUT_OF_MEMORY;
444 else err = EET_ERROR_SIGNATURE_FAILED;
448 /* Get the certificate length */
449 if (gnutls_x509_crt_export(key->certificate, GNUTLS_X509_FMT_DER, cert, &cert_len) &&
452 err = EET_ERROR_SIGNATURE_FAILED;
456 /* Get the certificate */
457 cert = malloc(cert_len);
458 if (!cert || gnutls_x509_crt_export(key->certificate, GNUTLS_X509_FMT_DER, cert, &cert_len))
460 if (!cert) err = EET_ERROR_OUT_OF_MEMORY;
461 else err = EET_ERROR_SIGNATURE_FAILED;
465 sign_len = EVP_PKEY_size(key->private_key);
466 sign = malloc(sign_len);
469 err = EET_ERROR_OUT_OF_MEMORY;
473 /* Do the signature. */
474 EVP_SignInit(&md_ctx, EVP_sha1());
475 EVP_SignUpdate(&md_ctx, data, st_buf.st_size);
476 err = EVP_SignFinal(&md_ctx, sign, (unsigned int *)&sign_len, key->private_key);
479 ERR_print_errors_fp(stdout);
480 err = EET_ERROR_SIGNATURE_FAILED;
484 /* Give me the der (binary form for X509). */
485 cert_len = i2d_X509(key->certificate, &cert);
488 ERR_print_errors_fp(stdout);
489 err = EET_ERROR_X509_ENCODING_FAILED;
493 /* Append the signature at the end of the file. */
494 head[0] = (int) htonl ((unsigned int) EET_MAGIC_SIGN);
495 head[1] = (int) htonl ((unsigned int) sign_len);
496 head[2] = (int) htonl ((unsigned int) cert_len);
498 if (fwrite(head, sizeof(head), 1, fp) != 1)
500 err = EET_ERROR_WRITE_ERROR;
503 if (fwrite(sign, sign_len, 1, fp) != 1)
505 err = EET_ERROR_WRITE_ERROR;
508 if (fwrite(cert, cert_len, 1, fp) != 1)
510 err = EET_ERROR_WRITE_ERROR;
516 if (cert) free(cert);
518 if (cert) OPENSSL_free(cert);
520 if (sign) free(sign);
521 munmap(data, st_buf.st_size);
524 return EET_ERROR_NOT_IMPLEMENTED;
529 eet_identity_check(const void *data_base, unsigned int data_length,
530 void **sha1, int *sha1_length,
531 const void *signature_base, unsigned int signature_length,
532 const void **raw_signature_base, unsigned int *raw_signature_length,
535 #ifdef HAVE_SIGNATURE
536 const int *header = signature_base;
537 const unsigned char *sign;
538 const unsigned char *cert_der;
543 /* At least the header size */
544 if (signature_length < sizeof(int) * 3) return NULL;
547 magic = ntohl(header[0]);
548 sign_len = ntohl(header[1]);
549 cert_len = ntohl(header[2]);
551 /* Verify the header */
552 if (magic != EET_MAGIC_SIGN) return NULL;
553 if (sign_len + cert_len + sizeof(int) * 3 > signature_length) return NULL;
555 /* Update the signature and certificate pointer */
556 sign = (unsigned char *)signature_base + sizeof(int) * 3;
557 cert_der = sign + sign_len;
560 gnutls_x509_crt_t cert;
561 gnutls_datum_t datum;
562 gnutls_datum_t signature;
563 # if EET_USE_NEW_GNUTLS_API
569 /* Create an understanding certificate structure for gnutls */
570 datum.data = (void *)cert_der;
571 datum.size = cert_len;
572 gnutls_x509_crt_init(&cert);
573 gnutls_x509_crt_import(cert, &datum, GNUTLS_X509_FMT_DER);
575 signature.data = (void *)sign;
576 signature.size = sign_len;
578 /* Verify the signature */
579 # if EET_USE_NEW_GNUTLS_API
581 I am waiting for my patch being accepted in GnuTLS release.
582 But we now have a way to prevent double computation of SHA1.
584 err = gcry_md_open (&md, GCRY_MD_SHA1, 0);
585 if (err < 0) return NULL;
587 gcry_md_write(md, data_base, data_length);
589 hash = gcry_md_read(md, GCRY_MD_SHA1);
596 datum.size = gcry_md_get_algo_dlen(GCRY_MD_SHA1);
599 if (!gnutls_x509_crt_verify_hash(cert, 0, &datum, &signature))
607 *sha1 = malloc(datum.size);
614 memcpy(*sha1, hash, datum.size);
615 *sha1_length = datum.size;
620 datum.data = (void *)data_base;
621 datum.size = data_length;
623 if (!gnutls_x509_crt_verify_data(cert, 0, &datum, &signature))
632 gnutls_x509_crt_deinit(cert);
635 const unsigned char *tmp;
641 /* Strange but d2i_X509 seems to put 0 all over the place. */
642 tmp = alloca(cert_len);
643 memcpy((char*) tmp, cert_der, cert_len);
644 x509 = d2i_X509(NULL, &tmp, cert_len);
645 if (x509 == NULL) return NULL;
647 /* Get public key - eay */
648 pkey=X509_get_pubkey(x509);
655 /* Verify the signature */
656 EVP_VerifyInit(&md_ctx, EVP_sha1());
657 EVP_VerifyUpdate(&md_ctx, data_base, data_length);
658 err = EVP_VerifyFinal(&md_ctx, sign, sign_len, pkey);
672 if (x509_length) *x509_length = cert_len;
673 if (raw_signature_base) *raw_signature_base = sign;
674 if (raw_signature_length) *raw_signature_length = sign_len;
682 eet_identity_certificate_print(const unsigned char *certificate, int der_length, FILE *out)
684 #ifdef HAVE_SIGNATURE
685 if (!certificate || !out || der_length <= 0)
687 ERR("No certificate provided.");
691 gnutls_datum_t datum;
692 gnutls_x509_crt_t cert;
694 /* Create an understanding certificate structure for gnutls */
695 datum.data = (void *)certificate;
696 datum.size = der_length;
697 if (gnutls_x509_crt_init(&cert)) goto on_error;
698 if (gnutls_x509_crt_import(cert, &datum, GNUTLS_X509_FMT_DER)) goto on_error;
700 /* Pretty print the certificate */
703 if (gnutls_x509_crt_print(cert, GNUTLS_X509_CRT_FULL, &datum)) goto on_error;
704 INF("Public certificate :");
705 INF("%s", datum.data);
708 if (datum.data) gnutls_free(datum.data);
709 gnutls_x509_crt_deinit(cert);
711 const unsigned char *tmp;
714 /* Strange but d2i_X509 seems to put 0 all over the place. */
715 tmp = alloca(der_length);
716 memcpy((char*) tmp, certificate, der_length);
717 x509 = d2i_X509(NULL, &tmp, der_length);
720 INF("Not a valid certificate.");
724 INF("Public certificate :");
725 X509_print_fp(out, x509);
730 ERR("You need to compile signature support in EET.");
735 eet_cipher(const void *data, unsigned int size, const char *key, unsigned int length, void **result, unsigned int *result_length)
738 /* Cipher declarations */
739 unsigned int *ret = NULL;
740 unsigned char iv[MAX_IV_LEN];
741 unsigned char ik[MAX_KEY_LEN];
742 unsigned char key_material[MAX_IV_LEN + MAX_KEY_LEN];
744 unsigned int tmp = 0;
748 /* Gcrypt declarations */
749 gcry_error_t err = 0;
750 gcry_cipher_hd_t cipher;
752 /* Openssl declarations*/
754 unsigned int *buffer;
759 /* Gcrypt salt generation */
760 gcry_create_nonce((unsigned char *)&salt, sizeof(salt));
762 /* Openssl salt generation */
763 if (!RAND_bytes((unsigned char*)&salt, sizeof (unsigned int)))
764 return EET_ERROR_PRNG_NOT_SEEDED;
767 eet_pbkdf2_sha1(key, length, (unsigned char *)&salt, sizeof(unsigned int), 2048, key_material, MAX_KEY_LEN + MAX_IV_LEN);
769 memcpy(iv, key_material, MAX_IV_LEN);
770 memcpy(ik, key_material + MAX_IV_LEN, MAX_KEY_LEN);
772 memset(key_material, 0, sizeof (key_material));
774 crypted_length = ((((size + sizeof (unsigned int)) >> 5) + 1) << 5);
775 ret = malloc(crypted_length + sizeof(unsigned int));
777 memset(iv, 0, sizeof (iv));
778 memset(ik, 0, sizeof (ik));
779 memset(&salt, 0, sizeof (salt));
780 return EET_ERROR_OUT_OF_MEMORY;
784 memset(&salt, 0, sizeof (salt));
789 memcpy(ret + 2, data, size);
791 /* Gcrypt create the corresponding cipher
792 AES with a 256 bit key, Cipher Block Chaining mode */
793 err = gcry_cipher_open(&cipher, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, 0);
794 if (err) goto on_error;
796 err = gcry_cipher_setiv(cipher, iv, MAX_IV_LEN);
797 if (err) goto on_error;
798 err = gcry_cipher_setkey(cipher, ik, MAX_KEY_LEN);
799 if (err) goto on_error;
801 memset(iv, 0, sizeof (iv));
802 memset(ik, 0, sizeof (ik));
805 err = gcry_cipher_encrypt(cipher, (unsigned char *)(ret + 1), crypted_length, NULL, 0);
806 if (err) goto on_error;
808 /* Gcrypt close the cipher */
809 gcry_cipher_close(cipher);
811 buffer = alloca(crypted_length);
814 memcpy(buffer + 1, data, size);
816 /* Openssl create the corresponding cipher
817 AES with a 256 bit key, Cipher Block Chaining mode */
818 EVP_CIPHER_CTX_init(&ctx);
819 if (!EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, ik, iv)) goto on_error;
822 memset(iv, 0, sizeof (iv));
823 memset(ik, 0, sizeof (ik));
825 /* Openssl encrypt */
826 if (!EVP_EncryptUpdate(&ctx, (unsigned char*)(ret + 1), &tmp_len, (unsigned char*) buffer, size + sizeof (unsigned int)))
829 /* Openssl close the cipher */
830 if (!EVP_EncryptFinal_ex(&ctx, ((unsigned char*)(ret + 1)) + tmp_len, &tmp_len))
832 EVP_CIPHER_CTX_cleanup(&ctx);
835 /* Set return values */
836 if (result_length) *result_length = crypted_length + sizeof(unsigned int);
837 if (result) *result = ret;
840 return EET_ERROR_NONE;
843 memset(iv, 0, sizeof (iv));
844 memset(ik, 0, sizeof (ik));
848 if (opened) gcry_cipher_close(cipher);
851 if (opened) EVP_CIPHER_CTX_cleanup(&ctx);
855 if (result) *result = NULL;
856 if (result_length) *result_length = 0;
858 return EET_ERROR_ENCRYPT_FAILED;
860 /* Cipher not supported */
866 (void) result_length;
867 return EET_ERROR_NOT_IMPLEMENTED;
872 eet_decipher(const void *data, unsigned int size, const char *key, unsigned int length, void **result, unsigned int *result_length)
875 const unsigned int *over = data;
876 unsigned int *ret = NULL;
877 unsigned char ik[MAX_KEY_LEN];
878 unsigned char iv[MAX_IV_LEN];
879 unsigned char key_material[MAX_KEY_LEN + MAX_IV_LEN];
884 /* At least the salt and an AES block */
885 if (size < sizeof(unsigned int) + 16) return EET_ERROR_BAD_OBJECT;
890 /* Generate the iv and the key with the salt */
891 eet_pbkdf2_sha1(key, length, (unsigned char *)&salt, sizeof(unsigned int), 2048, key_material, MAX_KEY_LEN + MAX_IV_LEN);
893 memcpy(iv, key_material, MAX_IV_LEN);
894 memcpy(ik, key_material + MAX_IV_LEN, MAX_KEY_LEN);
896 memset(key_material, 0, sizeof (key_material));
897 memset(&salt, 0, sizeof (salt));
899 /* Align to AES block size if size is not align */
900 tmp_len = size - sizeof (unsigned int);
901 if ((tmp_len & 0x1F) != 0) goto on_error;
903 ret = malloc(tmp_len);
904 if (!ret) goto on_error;
907 gcry_error_t err = 0;
908 gcry_cipher_hd_t cipher;
910 /* Gcrypt create the corresponding cipher */
911 err = gcry_cipher_open(&cipher, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, 0);
912 if (err) return EET_ERROR_DECRYPT_FAILED;
913 err = gcry_cipher_setiv(cipher, iv, MAX_IV_LEN);
914 if (err) goto on_error;
915 err = gcry_cipher_setkey(cipher, ik, MAX_KEY_LEN);
916 if (err) goto on_error;
918 memset(iv, 0, sizeof (iv));
919 memset(ik, 0, sizeof (ik));
922 err = gcry_cipher_decrypt(cipher, ret, tmp_len, ((unsigned int *)data) + 1, tmp_len);
923 if (err) goto on_error;
925 /* Gcrypt close the cipher */
926 gcry_cipher_close(cipher);
932 /* Openssl create the corresponding cipher */
933 EVP_CIPHER_CTX_init(&ctx);
936 if (!EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, ik, iv))
939 memset(iv, 0, sizeof (iv));
940 memset(ik, 0, sizeof (ik));
942 /* Openssl decrypt */
943 if (!EVP_DecryptUpdate(&ctx, (unsigned char *) ret, &tmp,
944 (unsigned char *) (over + 1), tmp_len))
947 /* Openssl close the cipher*/
948 EVP_CIPHER_CTX_cleanup(&ctx);
950 /* Get the decrypted data size */
953 if (tmp > tmp_len) goto on_error;
955 /* Update the return values */
956 if (result_length) *result_length = tmp;
960 *result = malloc(tmp);
963 memcpy(*result, ret + 1, tmp);
967 return EET_ERROR_NONE;
970 memset(iv, 0, sizeof (iv));
971 memset(ik, 0, sizeof (ik));
975 if (opened) EVP_CIPHER_CTX_cleanup(&ctx);
977 if (result) *result = NULL;
978 if (result_length) *result_length = 0;
981 return EET_ERROR_DECRYPT_FAILED;
988 (void) result_length;
989 return EET_ERROR_NOT_IMPLEMENTED;
996 eet_hmac_sha1(const void *key, size_t key_len,
997 const void *data, size_t data_len, unsigned char *res)
999 size_t hlen = gcry_md_get_algo_dlen (GCRY_MD_SHA1);
1001 unsigned char *hash;
1004 err = gcry_md_open(&mdh, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC);
1005 if (err != GPG_ERR_NO_ERROR)
1008 err = gcry_md_setkey(mdh, key, key_len);
1009 if (err != GPG_ERR_NO_ERROR)
1015 gcry_md_write(mdh, data, data_len);
1017 hash = gcry_md_read(mdh, GCRY_MD_SHA1);
1024 memcpy(res, hash, hlen);
1033 eet_pbkdf2_sha1(const char *key,
1035 const unsigned char *salt,
1036 unsigned int salt_len,
1041 unsigned char digest[20];
1042 unsigned char tab[4];
1043 unsigned char *p = res;
1046 int digest_len = 20;
1055 buf = alloca(salt_len + 4);
1058 for (i = 1; len; len -= tmp_len, p += tmp_len, i++)
1060 if (len > digest_len) tmp_len = digest_len;
1063 tab[0] = (unsigned char)(i & 0xff000000) >> 24;
1064 tab[1] = (unsigned char)(i & 0x00ff0000) >> 16;
1065 tab[2] = (unsigned char)(i & 0x0000ff00) >> 8;
1066 tab[3] = (unsigned char)(i & 0x000000ff) >> 0;
1069 memcpy(buf, salt, salt_len);
1070 memcpy(buf + salt_len, tab, 4);
1071 eet_hmac_sha1(key, key_len, buf, salt_len + 4, digest);
1073 HMAC_Init(&hctx, key, key_len, EVP_sha1());
1074 HMAC_Update(&hctx, salt, salt_len);
1075 HMAC_Update(&hctx, tab, 4);
1076 HMAC_Final(&hctx, digest, NULL);
1078 memcpy(p, digest, tmp_len);
1080 for (j = 1; j < iter; j++)
1083 eet_hmac_sha1(key, key_len, digest, 20, digest);
1085 HMAC(EVP_sha1(), key, key_len, digest, 20, digest, NULL);
1087 for (k = 0; k < tmp_len; k++)
1094 HMAC_cleanup(&hctx);