1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
|
#include "hmac.h"
#include "digest.h"
ErlNifResourceType* hmac_context_rtype;
ERL_NIF_TERM hmac_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
{/* (Type, Key, Data) or (Type, Key, Data, MacSize) */
struct digest_type_t *digp = NULL;
ErlNifBinary key, data;
unsigned char buff[EVP_MAX_MD_SIZE];
unsigned size = 0, req_size = 0;
ERL_NIF_TERM ret;
digp = get_digest_type(argv[0]);
if (!digp ||
!enif_inspect_iolist_as_binary(env, argv[1], &key) ||
!enif_inspect_iolist_as_binary(env, argv[2], &data) ||
(argc == 4 && !enif_get_uint(env, argv[3], &req_size))) {
return enif_make_badarg(env);
}
if (!digp->md.p ||
!HMAC(digp->md.p,
key.data, key.size,
data.data, data.size,
buff, &size)) {
return atom_notsup;
}
ASSERT(0 < size && size <= EVP_MAX_MD_SIZE);
CONSUME_REDS(env, data);
if (argc == 4) {
if (req_size <= size) {
size = req_size;
}
else {
return enif_make_badarg(env);
}
}
memcpy(enif_make_new_binary(env, size, &ret), buff, size);
return ret;
}
void hmac_context_dtor(ErlNifEnv* env, struct hmac_context *obj)
{
if (obj->alive) {
HMAC_CTX_free(obj->ctx);
obj->alive = 0;
}
enif_mutex_destroy(obj->mtx);
}
ERL_NIF_TERM hmac_init_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
{/* (Type, Key) */
struct digest_type_t *digp = NULL;
ErlNifBinary key;
ERL_NIF_TERM ret;
struct hmac_context *obj;
digp = get_digest_type(argv[0]);
if (!digp ||
!enif_inspect_iolist_as_binary(env, argv[1], &key)) {
return enif_make_badarg(env);
}
if (!digp->md.p) {
return atom_notsup;
}
obj = enif_alloc_resource(hmac_context_rtype, sizeof(struct hmac_context));
obj->mtx = enif_mutex_create("crypto.hmac");
obj->alive = 1;
obj->ctx = HMAC_CTX_new();
#if OPENSSL_VERSION_NUMBER >= PACKED_OPENSSL_VERSION_PLAIN(1,0,0)
// Check the return value of HMAC_Init: it may fail in FIPS mode
// for disabled algorithms
if (!HMAC_Init_ex(obj->ctx, key.data, key.size, digp->md.p, NULL)) {
enif_release_resource(obj);
return atom_notsup;
}
#else
HMAC_Init_ex(obj->ctx, key.data, key.size, digp->md.p, NULL);
#endif
ret = enif_make_resource(env, obj);
enif_release_resource(obj);
return ret;
}
ERL_NIF_TERM hmac_update_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
{/* (Context, Data) */
ErlNifBinary data;
struct hmac_context* obj;
if (!enif_get_resource(env, argv[0], hmac_context_rtype, (void**)&obj)
|| !enif_inspect_iolist_as_binary(env, argv[1], &data)) {
return enif_make_badarg(env);
}
enif_mutex_lock(obj->mtx);
if (!obj->alive) {
enif_mutex_unlock(obj->mtx);
return enif_make_badarg(env);
}
HMAC_Update(obj->ctx, data.data, data.size);
enif_mutex_unlock(obj->mtx);
CONSUME_REDS(env,data);
return argv[0];
}
ERL_NIF_TERM hmac_final_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
{/* (Context) or (Context, HashLen) */
ERL_NIF_TERM ret;
struct hmac_context* obj;
unsigned char mac_buf[EVP_MAX_MD_SIZE];
unsigned char * mac_bin;
unsigned int req_len = 0;
unsigned int mac_len;
if (!enif_get_resource(env,argv[0],hmac_context_rtype, (void**)&obj)
|| (argc == 2 && !enif_get_uint(env, argv[1], &req_len))) {
return enif_make_badarg(env);
}
enif_mutex_lock(obj->mtx);
if (!obj->alive) {
enif_mutex_unlock(obj->mtx);
return enif_make_badarg(env);
}
HMAC_Final(obj->ctx, mac_buf, &mac_len);
HMAC_CTX_free(obj->ctx);
obj->alive = 0;
enif_mutex_unlock(obj->mtx);
if (argc == 2 && req_len < mac_len) {
/* Only truncate to req_len bytes if asked. */
mac_len = req_len;
}
mac_bin = enif_make_new_binary(env, mac_len, &ret);
memcpy(mac_bin, mac_buf, mac_len);
return ret;
}
|
