ssl/quic/quic_srt_gen.c - third_party/openssl - Git at Google

 /*
  * Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
  * in the file LICENSE in the source distribution or at
  * https://www.openssl.org/source/license.html
  */
 #include "internal/quic_srt_gen.h"
 #include <openssl/core_names.h>
 #include <openssl/evp.h>

 struct quic_srt_gen_st {
     EVP_MAC *mac;
     EVP_MAC_CTX *mac_ctx;
 };

 /*
  * Simple HMAC-SHA256-based stateless reset token generator.
  */

 QUIC_SRT_GEN *ossl_quic_srt_gen_new(OSSL_LIB_CTX *libctx, const char *propq,
     const unsigned char *key, size_t key_len)
 {
     QUIC_SRT_GEN *srt_gen;
     OSSL_PARAM params[3], *p = params;

     if ((srt_gen = OPENSSL_zalloc(sizeof(*srt_gen))) == NULL)
         return NULL;

     if ((srt_gen->mac = EVP_MAC_fetch(libctx, "HMAC", propq)) == NULL)
         goto err;

     if ((srt_gen->mac_ctx = EVP_MAC_CTX_new(srt_gen->mac)) == NULL)
         goto err;

     *p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, "SHA256", 7);
     if (propq != NULL)
         *p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_PROPERTIES,
             (char *)propq, 0);
     *p++ = OSSL_PARAM_construct_end();

     if (!EVP_MAC_init(srt_gen->mac_ctx, key, key_len, params))
         goto err;

     return srt_gen;

 err:
     ossl_quic_srt_gen_free(srt_gen);
     return NULL;
 }

 void ossl_quic_srt_gen_free(QUIC_SRT_GEN *srt_gen)
 {
     if (srt_gen == NULL)
         return;

     EVP_MAC_CTX_free(srt_gen->mac_ctx);
     EVP_MAC_free(srt_gen->mac);
     OPENSSL_free(srt_gen);
 }

 int ossl_quic_srt_gen_calculate_token(QUIC_SRT_GEN *srt_gen,
     const QUIC_CONN_ID *dcid,
     QUIC_STATELESS_RESET_TOKEN *token)
 {
     size_t outl = 0;
     unsigned char mac[SHA256_DIGEST_LENGTH];

     if (!EVP_MAC_init(srt_gen->mac_ctx, NULL, 0, NULL))
         return 0;

     if (!EVP_MAC_update(srt_gen->mac_ctx, (const unsigned char *)dcid->id,
             dcid->id_len))
         return 0;

     if (!EVP_MAC_final(srt_gen->mac_ctx, mac, &outl, sizeof(mac))
         || outl != sizeof(mac))
         return 0;

     assert(sizeof(mac) >= sizeof(token->token));
     memcpy(token->token, mac, sizeof(token->token));
     return 1;
 }
	/*
	* Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
	*
	* Licensed under the Apache License 2.0 (the "License"). You may not use
	* this file except in compliance with the License. You can obtain a copy
	* in the file LICENSE in the source distribution or at
	* https://www.openssl.org/source/license.html
	*/
	#include "internal/quic_srt_gen.h"
	#include <openssl/core_names.h>
	#include <openssl/evp.h>

	struct quic_srt_gen_st {
	EVP_MAC *mac;
	EVP_MAC_CTX *mac_ctx;
	};

	/*
	* Simple HMAC-SHA256-based stateless reset token generator.
	*/

	QUIC_SRT_GEN ossl_quic_srt_gen_new(OSSL_LIB_CTX libctx, const char *propq,
	const unsigned char *key, size_t key_len)
	{
	QUIC_SRT_GEN *srt_gen;
	OSSL_PARAM params[3], *p = params;

	if ((srt_gen = OPENSSL_zalloc(sizeof(*srt_gen))) == NULL)
	return NULL;

	if ((srt_gen->mac = EVP_MAC_fetch(libctx, "HMAC", propq)) == NULL)
	goto err;

	if ((srt_gen->mac_ctx = EVP_MAC_CTX_new(srt_gen->mac)) == NULL)
	goto err;

	*p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, "SHA256", 7);
	if (propq != NULL)
	*p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_PROPERTIES,
	(char *)propq, 0);
	*p++ = OSSL_PARAM_construct_end();

	if (!EVP_MAC_init(srt_gen->mac_ctx, key, key_len, params))
	goto err;

	return srt_gen;

	err:
	ossl_quic_srt_gen_free(srt_gen);
	return NULL;
	}

	void ossl_quic_srt_gen_free(QUIC_SRT_GEN *srt_gen)
	{
	if (srt_gen == NULL)
	return;

	EVP_MAC_CTX_free(srt_gen->mac_ctx);
	EVP_MAC_free(srt_gen->mac);
	OPENSSL_free(srt_gen);
	}

	int ossl_quic_srt_gen_calculate_token(QUIC_SRT_GEN *srt_gen,
	const QUIC_CONN_ID *dcid,
	QUIC_STATELESS_RESET_TOKEN *token)
	{
	size_t outl = 0;
	unsigned char mac[SHA256_DIGEST_LENGTH];

	if (!EVP_MAC_init(srt_gen->mac_ctx, NULL, 0, NULL))
	return 0;

	if (!EVP_MAC_update(srt_gen->mac_ctx, (const unsigned char *)dcid->id,
	dcid->id_len))
	return 0;

	if (!EVP_MAC_final(srt_gen->mac_ctx, mac, &outl, sizeof(mac))
	\|\| outl != sizeof(mac))
	return 0;

	assert(sizeof(mac) >= sizeof(token->token));
	memcpy(token->token, mac, sizeof(token->token));
	return 1;
	}