1e1051a39Sopenharmony_ci/* 2e1051a39Sopenharmony_ci * Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved. 3e1051a39Sopenharmony_ci * 4e1051a39Sopenharmony_ci * Licensed under the Apache License 2.0 (the "License"). You may not use 5e1051a39Sopenharmony_ci * this file except in compliance with the License. You can obtain a copy 6e1051a39Sopenharmony_ci * in the file LICENSE in the source distribution or at 7e1051a39Sopenharmony_ci * https://www.openssl.org/source/license.html 8e1051a39Sopenharmony_ci */ 9e1051a39Sopenharmony_ci 10e1051a39Sopenharmony_ci#include <string.h> 11e1051a39Sopenharmony_ci 12e1051a39Sopenharmony_ci#include "apps.h" 13e1051a39Sopenharmony_ci#include "progs.h" 14e1051a39Sopenharmony_ci#include <openssl/bio.h> 15e1051a39Sopenharmony_ci#include <openssl/err.h> 16e1051a39Sopenharmony_ci#include <openssl/evp.h> 17e1051a39Sopenharmony_ci#include <openssl/params.h> 18e1051a39Sopenharmony_ci#include <openssl/core_names.h> 19e1051a39Sopenharmony_ci 20e1051a39Sopenharmony_ci#undef BUFSIZE 21e1051a39Sopenharmony_ci#define BUFSIZE 1024*8 22e1051a39Sopenharmony_ci 23e1051a39Sopenharmony_citypedef enum OPTION_choice { 24e1051a39Sopenharmony_ci OPT_COMMON, 25e1051a39Sopenharmony_ci OPT_MACOPT, OPT_BIN, OPT_IN, OPT_OUT, 26e1051a39Sopenharmony_ci OPT_CIPHER, OPT_DIGEST, 27e1051a39Sopenharmony_ci OPT_PROV_ENUM 28e1051a39Sopenharmony_ci} OPTION_CHOICE; 29e1051a39Sopenharmony_ci 30e1051a39Sopenharmony_ciconst OPTIONS mac_options[] = { 31e1051a39Sopenharmony_ci {OPT_HELP_STR, 1, '-', "Usage: %s [options] mac_name\n"}, 32e1051a39Sopenharmony_ci 33e1051a39Sopenharmony_ci OPT_SECTION("General"), 34e1051a39Sopenharmony_ci {"help", OPT_HELP, '-', "Display this summary"}, 35e1051a39Sopenharmony_ci {"macopt", OPT_MACOPT, 's', "MAC algorithm parameters in n:v form"}, 36e1051a39Sopenharmony_ci {"cipher", OPT_CIPHER, 's', "Cipher"}, 37e1051a39Sopenharmony_ci {"digest", OPT_DIGEST, 's', "Digest"}, 38e1051a39Sopenharmony_ci {OPT_MORE_STR, 1, '-', "See 'PARAMETER NAMES' in the EVP_MAC_ docs"}, 39e1051a39Sopenharmony_ci 40e1051a39Sopenharmony_ci OPT_SECTION("Input"), 41e1051a39Sopenharmony_ci {"in", OPT_IN, '<', "Input file to MAC (default is stdin)"}, 42e1051a39Sopenharmony_ci 43e1051a39Sopenharmony_ci OPT_SECTION("Output"), 44e1051a39Sopenharmony_ci {"out", OPT_OUT, '>', "Output to filename rather than stdout"}, 45e1051a39Sopenharmony_ci {"binary", OPT_BIN, '-', 46e1051a39Sopenharmony_ci "Output in binary format (default is hexadecimal)"}, 47e1051a39Sopenharmony_ci 48e1051a39Sopenharmony_ci OPT_PROV_OPTIONS, 49e1051a39Sopenharmony_ci 50e1051a39Sopenharmony_ci OPT_PARAMETERS(), 51e1051a39Sopenharmony_ci {"mac_name", 0, 0, "MAC algorithm"}, 52e1051a39Sopenharmony_ci {NULL} 53e1051a39Sopenharmony_ci}; 54e1051a39Sopenharmony_ci 55e1051a39Sopenharmony_cistatic char *alloc_mac_algorithm_name(STACK_OF(OPENSSL_STRING) **optp, 56e1051a39Sopenharmony_ci const char *name, const char *arg) 57e1051a39Sopenharmony_ci{ 58e1051a39Sopenharmony_ci size_t len = strlen(name) + strlen(arg) + 2; 59e1051a39Sopenharmony_ci char *res; 60e1051a39Sopenharmony_ci 61e1051a39Sopenharmony_ci if (*optp == NULL) 62e1051a39Sopenharmony_ci *optp = sk_OPENSSL_STRING_new_null(); 63e1051a39Sopenharmony_ci if (*optp == NULL) 64e1051a39Sopenharmony_ci return NULL; 65e1051a39Sopenharmony_ci 66e1051a39Sopenharmony_ci res = app_malloc(len, "algorithm name"); 67e1051a39Sopenharmony_ci BIO_snprintf(res, len, "%s:%s", name, arg); 68e1051a39Sopenharmony_ci if (sk_OPENSSL_STRING_push(*optp, res)) 69e1051a39Sopenharmony_ci return res; 70e1051a39Sopenharmony_ci OPENSSL_free(res); 71e1051a39Sopenharmony_ci return NULL; 72e1051a39Sopenharmony_ci} 73e1051a39Sopenharmony_ci 74e1051a39Sopenharmony_ciint mac_main(int argc, char **argv) 75e1051a39Sopenharmony_ci{ 76e1051a39Sopenharmony_ci int ret = 1; 77e1051a39Sopenharmony_ci char *prog; 78e1051a39Sopenharmony_ci EVP_MAC *mac = NULL; 79e1051a39Sopenharmony_ci OPTION_CHOICE o; 80e1051a39Sopenharmony_ci EVP_MAC_CTX *ctx = NULL; 81e1051a39Sopenharmony_ci STACK_OF(OPENSSL_STRING) *opts = NULL; 82e1051a39Sopenharmony_ci unsigned char *buf = NULL; 83e1051a39Sopenharmony_ci size_t len; 84e1051a39Sopenharmony_ci int i; 85e1051a39Sopenharmony_ci BIO *in = NULL, *out = NULL; 86e1051a39Sopenharmony_ci const char *outfile = NULL; 87e1051a39Sopenharmony_ci const char *infile = NULL; 88e1051a39Sopenharmony_ci int out_bin = 0; 89e1051a39Sopenharmony_ci int inform = FORMAT_BINARY; 90e1051a39Sopenharmony_ci char *digest = NULL, *cipher = NULL; 91e1051a39Sopenharmony_ci OSSL_PARAM *params = NULL; 92e1051a39Sopenharmony_ci 93e1051a39Sopenharmony_ci prog = opt_init(argc, argv, mac_options); 94e1051a39Sopenharmony_ci buf = app_malloc(BUFSIZE, "I/O buffer"); 95e1051a39Sopenharmony_ci while ((o = opt_next()) != OPT_EOF) { 96e1051a39Sopenharmony_ci switch (o) { 97e1051a39Sopenharmony_ci default: 98e1051a39Sopenharmony_ciopthelp: 99e1051a39Sopenharmony_ci BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); 100e1051a39Sopenharmony_ci goto err; 101e1051a39Sopenharmony_ci case OPT_HELP: 102e1051a39Sopenharmony_ci opt_help(mac_options); 103e1051a39Sopenharmony_ci ret = 0; 104e1051a39Sopenharmony_ci goto err; 105e1051a39Sopenharmony_ci case OPT_BIN: 106e1051a39Sopenharmony_ci out_bin = 1; 107e1051a39Sopenharmony_ci break; 108e1051a39Sopenharmony_ci case OPT_IN: 109e1051a39Sopenharmony_ci infile = opt_arg(); 110e1051a39Sopenharmony_ci break; 111e1051a39Sopenharmony_ci case OPT_OUT: 112e1051a39Sopenharmony_ci outfile = opt_arg(); 113e1051a39Sopenharmony_ci break; 114e1051a39Sopenharmony_ci case OPT_MACOPT: 115e1051a39Sopenharmony_ci if (opts == NULL) 116e1051a39Sopenharmony_ci opts = sk_OPENSSL_STRING_new_null(); 117e1051a39Sopenharmony_ci if (opts == NULL || !sk_OPENSSL_STRING_push(opts, opt_arg())) 118e1051a39Sopenharmony_ci goto opthelp; 119e1051a39Sopenharmony_ci break; 120e1051a39Sopenharmony_ci case OPT_CIPHER: 121e1051a39Sopenharmony_ci OPENSSL_free(cipher); 122e1051a39Sopenharmony_ci cipher = alloc_mac_algorithm_name(&opts, "cipher", opt_arg()); 123e1051a39Sopenharmony_ci if (cipher == NULL) 124e1051a39Sopenharmony_ci goto opthelp; 125e1051a39Sopenharmony_ci break; 126e1051a39Sopenharmony_ci case OPT_DIGEST: 127e1051a39Sopenharmony_ci OPENSSL_free(digest); 128e1051a39Sopenharmony_ci digest = alloc_mac_algorithm_name(&opts, "digest", opt_arg()); 129e1051a39Sopenharmony_ci if (digest == NULL) 130e1051a39Sopenharmony_ci goto opthelp; 131e1051a39Sopenharmony_ci break; 132e1051a39Sopenharmony_ci case OPT_PROV_CASES: 133e1051a39Sopenharmony_ci if (!opt_provider(o)) 134e1051a39Sopenharmony_ci goto err; 135e1051a39Sopenharmony_ci break; 136e1051a39Sopenharmony_ci } 137e1051a39Sopenharmony_ci } 138e1051a39Sopenharmony_ci 139e1051a39Sopenharmony_ci /* One argument, the MAC name. */ 140e1051a39Sopenharmony_ci argc = opt_num_rest(); 141e1051a39Sopenharmony_ci argv = opt_rest(); 142e1051a39Sopenharmony_ci if (argc != 1) 143e1051a39Sopenharmony_ci goto opthelp; 144e1051a39Sopenharmony_ci 145e1051a39Sopenharmony_ci mac = EVP_MAC_fetch(app_get0_libctx(), argv[0], app_get0_propq()); 146e1051a39Sopenharmony_ci if (mac == NULL) { 147e1051a39Sopenharmony_ci BIO_printf(bio_err, "Invalid MAC name %s\n", argv[0]); 148e1051a39Sopenharmony_ci goto opthelp; 149e1051a39Sopenharmony_ci } 150e1051a39Sopenharmony_ci 151e1051a39Sopenharmony_ci ctx = EVP_MAC_CTX_new(mac); 152e1051a39Sopenharmony_ci if (ctx == NULL) 153e1051a39Sopenharmony_ci goto err; 154e1051a39Sopenharmony_ci 155e1051a39Sopenharmony_ci if (opts != NULL) { 156e1051a39Sopenharmony_ci int ok = 1; 157e1051a39Sopenharmony_ci 158e1051a39Sopenharmony_ci params = app_params_new_from_opts(opts, 159e1051a39Sopenharmony_ci EVP_MAC_settable_ctx_params(mac)); 160e1051a39Sopenharmony_ci if (params == NULL) 161e1051a39Sopenharmony_ci goto err; 162e1051a39Sopenharmony_ci 163e1051a39Sopenharmony_ci if (!EVP_MAC_CTX_set_params(ctx, params)) { 164e1051a39Sopenharmony_ci BIO_printf(bio_err, "MAC parameter error\n"); 165e1051a39Sopenharmony_ci ERR_print_errors(bio_err); 166e1051a39Sopenharmony_ci ok = 0; 167e1051a39Sopenharmony_ci } 168e1051a39Sopenharmony_ci app_params_free(params); 169e1051a39Sopenharmony_ci if (!ok) 170e1051a39Sopenharmony_ci goto err; 171e1051a39Sopenharmony_ci } 172e1051a39Sopenharmony_ci 173e1051a39Sopenharmony_ci in = bio_open_default(infile, 'r', inform); 174e1051a39Sopenharmony_ci if (in == NULL) 175e1051a39Sopenharmony_ci goto err; 176e1051a39Sopenharmony_ci 177e1051a39Sopenharmony_ci out = bio_open_default(outfile, 'w', out_bin ? FORMAT_BINARY : FORMAT_TEXT); 178e1051a39Sopenharmony_ci if (out == NULL) 179e1051a39Sopenharmony_ci goto err; 180e1051a39Sopenharmony_ci 181e1051a39Sopenharmony_ci if (!EVP_MAC_init(ctx, NULL, 0, NULL)) { 182e1051a39Sopenharmony_ci BIO_printf(bio_err, "EVP_MAC_Init failed\n"); 183e1051a39Sopenharmony_ci goto err; 184e1051a39Sopenharmony_ci } 185e1051a39Sopenharmony_ci 186e1051a39Sopenharmony_ci while (BIO_pending(in) || !BIO_eof(in)) { 187e1051a39Sopenharmony_ci i = BIO_read(in, (char *)buf, BUFSIZE); 188e1051a39Sopenharmony_ci if (i < 0) { 189e1051a39Sopenharmony_ci BIO_printf(bio_err, "Read Error in '%s'\n", infile); 190e1051a39Sopenharmony_ci ERR_print_errors(bio_err); 191e1051a39Sopenharmony_ci goto err; 192e1051a39Sopenharmony_ci } 193e1051a39Sopenharmony_ci if (i == 0) 194e1051a39Sopenharmony_ci break; 195e1051a39Sopenharmony_ci if (!EVP_MAC_update(ctx, buf, i)) { 196e1051a39Sopenharmony_ci BIO_printf(bio_err, "EVP_MAC_update failed\n"); 197e1051a39Sopenharmony_ci goto err; 198e1051a39Sopenharmony_ci } 199e1051a39Sopenharmony_ci } 200e1051a39Sopenharmony_ci 201e1051a39Sopenharmony_ci if (!EVP_MAC_final(ctx, NULL, &len, 0)) { 202e1051a39Sopenharmony_ci BIO_printf(bio_err, "EVP_MAC_final failed\n"); 203e1051a39Sopenharmony_ci goto err; 204e1051a39Sopenharmony_ci } 205e1051a39Sopenharmony_ci if (len > BUFSIZE) { 206e1051a39Sopenharmony_ci BIO_printf(bio_err, "output len is too large\n"); 207e1051a39Sopenharmony_ci goto err; 208e1051a39Sopenharmony_ci } 209e1051a39Sopenharmony_ci 210e1051a39Sopenharmony_ci if (!EVP_MAC_final(ctx, buf, &len, BUFSIZE)) { 211e1051a39Sopenharmony_ci BIO_printf(bio_err, "EVP_MAC_final failed\n"); 212e1051a39Sopenharmony_ci goto err; 213e1051a39Sopenharmony_ci } 214e1051a39Sopenharmony_ci 215e1051a39Sopenharmony_ci if (out_bin) { 216e1051a39Sopenharmony_ci BIO_write(out, buf, len); 217e1051a39Sopenharmony_ci } else { 218e1051a39Sopenharmony_ci for (i = 0; i < (int)len; ++i) 219e1051a39Sopenharmony_ci BIO_printf(out, "%02X", buf[i]); 220e1051a39Sopenharmony_ci if (outfile == NULL) 221e1051a39Sopenharmony_ci BIO_printf(out,"\n"); 222e1051a39Sopenharmony_ci } 223e1051a39Sopenharmony_ci 224e1051a39Sopenharmony_ci ret = 0; 225e1051a39Sopenharmony_cierr: 226e1051a39Sopenharmony_ci if (ret != 0) 227e1051a39Sopenharmony_ci ERR_print_errors(bio_err); 228e1051a39Sopenharmony_ci OPENSSL_clear_free(buf, BUFSIZE); 229e1051a39Sopenharmony_ci OPENSSL_free(cipher); 230e1051a39Sopenharmony_ci OPENSSL_free(digest); 231e1051a39Sopenharmony_ci sk_OPENSSL_STRING_free(opts); 232e1051a39Sopenharmony_ci BIO_free(in); 233e1051a39Sopenharmony_ci BIO_free(out); 234e1051a39Sopenharmony_ci EVP_MAC_CTX_free(ctx); 235e1051a39Sopenharmony_ci EVP_MAC_free(mac); 236e1051a39Sopenharmony_ci return ret; 237e1051a39Sopenharmony_ci} 238