From 342d602f5d8405ddc248a90c4caa4c04c797bfa2 Mon Sep 17 00:00:00 2001 From: Moataz Elmasry Date: Sun, 22 Jan 2017 16:09:30 +0100 Subject: Add support for HMAC SHA2-256, HMAC SHA2-384, HMAC SHA2-512 --- src/Mayaqua/Encrypt.c | 117 ++++++++++++++++++++++++++++++++++++++++++-------- src/Mayaqua/Encrypt.h | 14 ++++++ 2 files changed, 112 insertions(+), 19 deletions(-) diff --git a/src/Mayaqua/Encrypt.c b/src/Mayaqua/Encrypt.c index 9914646b..21058a77 100644 --- a/src/Mayaqua/Encrypt.c +++ b/src/Mayaqua/Encrypt.c @@ -378,14 +378,44 @@ void HMacMd5(void *dst, void *key, UINT key_size, void *data, UINT data_size) MD5_Final(dst, &md5_ctx1); } +void HMacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size) { + HMacSha(_SHA1_160, dst, key, key_size, data, data_size); +} + +void HMacSha2_256(void *dst, void *key, UINT key_size, void *data, UINT data_size) { + HMacSha(_SHA2_256, dst, key, key_size, data, data_size); +} + +void HMacSha2_384(void *dst, void *key, UINT key_size, void *data, UINT data_size) { + HMacSha(_SHA2_384, dst, key, key_size, data, data_size); +} + +void HMacSha2_512(void *dst, void *key, UINT key_size, void *data, UINT data_size) { + HMacSha(_SHA2_512, dst, key, key_size, data, data_size); +} + // Calculation of HMAC (SHA-1) -void HMacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size) +void HMacSha(UINT sha_type, void *dst, void *key, UINT key_size, void *data, UINT data_size) { - UCHAR k[HMAC_BLOCK_SIZE]; - UCHAR hash1[SHA1_SIZE]; - UCHAR data2[HMAC_BLOCK_SIZE]; + UINT hmac_block_size; + switch(sha_type) { + case _SHA1_160: + case _SHA2_256: + hmac_block_size = HMAC_BLOCK_SIZE; + break; + case _SHA2_384: + case _SHA2_512: + hmac_block_size = HMAC_BLOCK_SIZE_1024; + break; + default: + return; + } + + UCHAR k[hmac_block_size]; + UCHAR hash1[hmac_block_size]; + UCHAR data2[hmac_block_size]; SHA_CTX sha_ctx1; - UCHAR pad1[HMAC_BLOCK_SIZE]; + UCHAR pad1[hmac_block_size]; UINT i; // Validate arguments if (dst == NULL || (key == NULL && key_size != 0) || (data == NULL && data_size != 0)) @@ -393,14 +423,15 @@ void HMacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size) return; } + // Creating a K - if (key_size <= HMAC_BLOCK_SIZE) + if (key_size <= hmac_block_size) { for (i = 0;i < key_size;i++) { pad1[i] = ((UCHAR *)key)[i] ^ 0x36; } - for (i = key_size;i < HMAC_BLOCK_SIZE;i++) + for (i = key_size;i < hmac_block_size;i++) { pad1[i] = 0 ^ 0x36; } @@ -410,41 +441,89 @@ void HMacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size) Zero(k, sizeof(k)); HashSha1(k, key, key_size); - for (i = 0;i < HMAC_BLOCK_SIZE;i++) + for (i = 0;i < hmac_block_size;i++) { pad1[i] = k[i] ^ 0x36; } } - SHA1_Init(&sha_ctx1); - SHA1_Update(&sha_ctx1, pad1, sizeof(pad1)); - SHA1_Update(&sha_ctx1, data, data_size); - SHA1_Final(hash1, &sha_ctx1); + switch(sha_type) { + case _SHA1_160: + SHA1_Init(&sha_ctx1); + SHA1_Update(&sha_ctx1, pad1, sizeof(pad1)); + SHA1_Update(&sha_ctx1, data, data_size); + SHA1_Final(hash1, &sha_ctx1); + break; + case _SHA2_256: + SHA256_Init(&sha_ctx1); + SHA256_Update(&sha_ctx1, pad1, sizeof(pad1)); + SHA256_Update(&sha_ctx1, data, data_size); + SHA256_Final(hash1, &sha_ctx1); + break; + case _SHA2_384: + SHA384_Init(&sha_ctx1); + SHA384_Update(&sha_ctx1, pad1, sizeof(pad1)); + SHA384_Update(&sha_ctx1, data, data_size); + SHA384_Final(hash1, &sha_ctx1); + break; + case _SHA2_512: + SHA512_Init(&sha_ctx1); + SHA512_Update(&sha_ctx1, pad1, sizeof(pad1)); + SHA512_Update(&sha_ctx1, data, data_size); + SHA512_Final(hash1, &sha_ctx1); + break; + } + // Generation of data 2 - if (key_size <= HMAC_BLOCK_SIZE) + if (key_size <= hmac_block_size) { for (i = 0;i < key_size;i++) { data2[i] = ((UCHAR *)key)[i] ^ 0x5c; } - for (i = key_size;i < HMAC_BLOCK_SIZE;i++) + for (i = key_size;i < hmac_block_size;i++) { data2[i] = 0 ^ 0x5c; } } else { - for (i = 0;i < HMAC_BLOCK_SIZE;i++) + for (i = 0;i < hmac_block_size;i++) { data2[i] = k[i] ^ 0x5c; } } - SHA1_Init(&sha_ctx1); - SHA1_Update(&sha_ctx1, data2, HMAC_BLOCK_SIZE); - SHA1_Update(&sha_ctx1, hash1, SHA1_SIZE); - SHA1_Final(dst, &sha_ctx1); + switch(sha_type) { + case _SHA1_160: + SHA1_Init(&sha_ctx1); + SHA1_Update(&sha_ctx1, data2, hmac_block_size); + SHA1_Update(&sha_ctx1, hash1, SHA1_SIZE); + SHA1_Final(dst, &sha_ctx1); + break; + case _SHA2_256: + SHA256_Init(&sha_ctx1); + SHA256_Update(&sha_ctx1, data2, hmac_block_size); + SHA256_Update(&sha_ctx1, hash1, SHA256_SIZE); + SHA256_Final(dst, &sha_ctx1); + break; + case _SHA2_384: + SHA384_Init(&sha_ctx1); + SHA384_Update(&sha_ctx1, data2, hmac_block_size); + SHA384_Update(&sha_ctx1, hash1, SHA384_SIZE); + SHA384_Final(dst, &sha_ctx1); + break; + + case _SHA2_512: + SHA384_Init(&sha_ctx1); + SHA384_Update(&sha_ctx1, data2, hmac_block_size); + SHA1_Update(&sha_ctx1, hash1, SHA512_SIZE); + SHA384_Final(dst, &sha_ctx1); + break; + + } + } // Calculate the HMAC diff --git a/src/Mayaqua/Encrypt.h b/src/Mayaqua/Encrypt.h index 46720fb5..9021b983 100644 --- a/src/Mayaqua/Encrypt.h +++ b/src/Mayaqua/Encrypt.h @@ -141,8 +141,16 @@ void RAND_Free_For_SoftEther(); #define AES_IV_SIZE 16 // AES IV size #define AES_MAX_KEY_SIZE 32 // Maximum AES key size +// IANA definitions taken from IKEv1 Phase 1. For internal use only +#define _SHA1_160 2 +#define _SHA2_256 4 +#define _SHA2_384 5 +#define _SHA2_512 6 + // HMAC block size #define HMAC_BLOCK_SIZE 64 +// The block size for sha-384 and sha-512 as defined by rfc4868 +#define HMAC_BLOCK_SIZE_1024 128 #define DH_GROUP1_PRIME_768 \ "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ @@ -294,6 +302,8 @@ struct X_CRL #define MD5_SIZE 16 #define SHA1_SIZE 20 #define SHA256_SIZE 32 +#define SHA384_SIZE 48 +#define SHA512_SIZE 64 // Key element of DES struct DES_KEY_VALUE @@ -559,7 +569,11 @@ void MdProcess(MD *md, void *dest, void *src, UINT size); void Enc_tls1_PRF(unsigned char *label, int label_len, const unsigned char *sec, int slen, unsigned char *out1, int olen); +void HMacSha(UINT sha_type, void *dst, void *key, UINT key_size, void *data, UINT data_size); void HMacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size); +void HMacSha2_256(void *dst, void *key, UINT key_size, void *data, UINT data_size); +void HMacSha2_384(void *dst, void *key, UINT key_size, void *data, UINT data_size); +void HMacSha2_512(void *dst, void *key, UINT key_size, void *data, UINT data_size); void HMacMd5(void *dst, void *key, UINT key_size, void *data, UINT data_size); BUF *EasyEncrypt(BUF *src_buf); -- cgit v1.2.3 From 29234b7f9a4f4c7bc61360abd6e24323d6f9b2c2 Mon Sep 17 00:00:00 2001 From: Moataz Elmasry Date: Mon, 23 Jan 2017 00:50:48 +0100 Subject: Add HMAC SHA2 to IKE --- src/Cedar/IPsec_IkePacket.c | 69 +++++++++++++++++++++++++++++++++++++++------ src/Cedar/IPsec_IkePacket.h | 14 ++++++++- src/Mayaqua/Encrypt.c | 64 +++++++++++++++++++++++++++++------------ src/Mayaqua/Encrypt.h | 15 ++++++---- 4 files changed, 129 insertions(+), 33 deletions(-) diff --git a/src/Cedar/IPsec_IkePacket.c b/src/Cedar/IPsec_IkePacket.c index 6068397d..6550247e 100644 --- a/src/Cedar/IPsec_IkePacket.c +++ b/src/Cedar/IPsec_IkePacket.c @@ -2558,7 +2558,7 @@ IKE_ENGINE *NewIkeEngine() { IKE_ENGINE *e = ZeroMalloc(sizeof(IKE_ENGINE)); IKE_CRYPTO *des, *des3, *aes; - IKE_HASH *sha1, *md5; + IKE_HASH *sha1, *md5, *sha2_256, *sha2_384, *sha2_512; IKE_DH *dh1, *dh2, *dh5; UINT des_key_sizes[] = { @@ -2594,6 +2594,14 @@ IKE_ENGINE *NewIkeEngine() // SHA-1 sha1 = NewIkeHash(e, IKE_HASH_SHA1_ID, IKE_HASH_SHA1_STRING, 20); + // SHA-2 + // sha2-256 + sha2_256 = NewIkeHash(e, IKE_HASH_SHA2_256_ID, IKE_HASH_SHA2_256_STRING, 32); + // sha2-384 + sha2_384 = NewIkeHash(e, IKE_HASH_SHA2_384_ID, IKE_HASH_SHA2_384_STRING, 48); + // sha2-512 + sha2_512 = NewIkeHash(e, IKE_HASH_SHA2_512_ID, IKE_HASH_SHA2_512_STRING, 64); + // MD5 md5 = NewIkeHash(e, IKE_HASH_MD5_ID, IKE_HASH_MD5_STRING, 16); @@ -2608,6 +2616,10 @@ IKE_ENGINE *NewIkeEngine() e->IkeCryptos[IKE_P1_CRYPTO_AES_CBC] = aes; e->IkeHashes[IKE_P1_HASH_MD5] = md5; e->IkeHashes[IKE_P1_HASH_SHA1] = sha1; + //e->IkeHashes[IKE_P1_HASH_SHA2_256] = sha2_256; + //e->IkeHashes[IKE_P1_HASH_SHA2_384] = sha2_384; + //e->IkeHashes[IKE_P1_HASH_SHA2_512] = sha2_512; + // Definition of ESP algorithm e->EspCryptos[IKE_TRANSFORM_ID_P2_ESP_DES] = des; @@ -2925,6 +2937,15 @@ void IkeHash(IKE_HASH *h, void *dst, void *src, UINT size) // SHA-1 Sha1(dst, src, size); break; + case IKE_HASH_SHA2_256_ID: + Sha2_256(dst, src, size); + break; + case IKE_HASH_SHA2_384_ID: + Sha2_384(dst, src, size); + break; + case IKE_HASH_SHA2_512_ID: + Sha2_512(dst, src, size); + break; default: // Unknown @@ -2936,11 +2957,26 @@ void IkeHash(IKE_HASH *h, void *dst, void *src, UINT size) // Calculation of HMAC void IkeHMac(IKE_HASH *h, void *dst, void *key, UINT key_size, void *data, UINT data_size) { - UCHAR k[HMAC_BLOCK_SIZE]; + UINT hmac_block_size; + if (h == NULL) { + return; + } + switch (h->HashId) { + case IKE_HASH_SHA1_ID: + case IKE_HASH_SHA2_256_ID: + hmac_block_size = HMAC_BLOCK_SIZE; + break; + case IKE_HASH_SHA2_384_ID: + case IKE_HASH_SHA2_512_ID: + hmac_block_size = HMAC_BLOCK_SIZE_1024; + break; + default: return; + } + UCHAR k[hmac_block_size]; UCHAR *data1; UCHAR hash1[IKE_MAX_HASH_SIZE]; UINT data1_size; - UCHAR data2[IKE_MAX_HASH_SIZE + HMAC_BLOCK_SIZE]; + UCHAR data2[IKE_MAX_HASH_SIZE + hmac_block_size]; UINT data2_size; UCHAR tmp1600[1600]; bool no_free = false; @@ -2957,6 +2993,21 @@ void IkeHMac(IKE_HASH *h, void *dst, void *key, UINT key_size, void *data, UINT HMacSha1(dst, key, key_size, data, data_size); return; } + else if (h->HashId == IKE_HASH_SHA2_256_ID) + { + HMacSha2_256(dst, key, key_size, data, data_size); + return; + } + else if (h->HashId == IKE_HASH_SHA2_384_ID) + { + HMacSha2_384(dst, key, key_size, data, data_size); + return; + } + else if (h->HashId == IKE_HASH_SHA2_512_ID) + { + HMacSha2_512(dst, key, key_size, data, data_size); + return; + } else if (h->HashId == IKE_HASH_MD5_ID) { // Use the special function (fast) in the case of MD5 @@ -2966,7 +3017,7 @@ void IkeHMac(IKE_HASH *h, void *dst, void *key, UINT key_size, void *data, UINT // Creating a K Zero(k, sizeof(k)); - if (key_size <= HMAC_BLOCK_SIZE) + if (key_size <= hmac_block_size) { Copy(k, key, key_size); } @@ -2976,7 +3027,7 @@ void IkeHMac(IKE_HASH *h, void *dst, void *key, UINT key_size, void *data, UINT } // Generation of data 1 - data1_size = data_size + HMAC_BLOCK_SIZE; + data1_size = data_size + hmac_block_size; if (data1_size > sizeof(tmp1600)) { @@ -2988,12 +3039,12 @@ void IkeHMac(IKE_HASH *h, void *dst, void *key, UINT key_size, void *data, UINT no_free = true; } - for (i = 0;i < HMAC_BLOCK_SIZE;i++) + for (i = 0;i < hmac_block_size;i++) { data1[i] = k[i] ^ 0x36; } - Copy(data1 + HMAC_BLOCK_SIZE, data, data_size); + Copy(data1 + hmac_block_size, data, data_size); // Calculate the hash value IkeHash(h, hash1, data1, data1_size); @@ -3004,14 +3055,14 @@ void IkeHMac(IKE_HASH *h, void *dst, void *key, UINT key_size, void *data, UINT } // Generation of data 2 - data2_size = h->HashSize + HMAC_BLOCK_SIZE; + data2_size = h->HashSize + hmac_block_size; for (i = 0;i < HMAC_BLOCK_SIZE;i++) { data2[i] = k[i] ^ 0x5c; } - Copy(data2 + HMAC_BLOCK_SIZE, hash1, h->HashSize); + Copy(data2 + hmac_block_size, hash1, h->HashSize); // Calculate the hash value IkeHash(h, dst, data2, data2_size); diff --git a/src/Cedar/IPsec_IkePacket.h b/src/Cedar/IPsec_IkePacket.h index c34864c7..2f7859f7 100644 --- a/src/Cedar/IPsec_IkePacket.h +++ b/src/Cedar/IPsec_IkePacket.h @@ -120,7 +120,7 @@ #endif // OS_WIN32 // Maximum hash size -#define IKE_MAX_HASH_SIZE 20 // Size of SHA-1 is the maximum for now +#define IKE_MAX_HASH_SIZE 64 // Size of SHA-2-512 is the maximum for now // Maximum block size #define IKE_MAX_BLOCK_SIZE 16 // Size of AES is maximum at the moment @@ -250,6 +250,9 @@ struct IKE_TRANSFORM_VALUE // Phase 1: The hash algorithm in IKE transform value #define IKE_P1_HASH_MD5 1 #define IKE_P1_HASH_SHA1 2 +#define IKE_P1_HASH_SHA2_256 4 +#define IKE_P1_HASH_SHA2_384 5 +#define IKE_P1_HASH_SHA2_512 6 // Phase 1: The authentication method in the IKE transform value #define IKE_P1_AUTH_METHOD_PRESHAREDKEY 1 @@ -530,6 +533,15 @@ struct IKE_P1_KEYSET #define IKE_HASH_SHA1_ID 1 #define IKE_HASH_SHA1_STRING "SHA-1" +#define IKE_HASH_SHA2_256_ID 2 +#define IKE_HASH_SHA2_256_STRING "SHA-2-256" + +#define IKE_HASH_SHA2_384_ID 3 +#define IKE_HASH_SHA2_384_STRING "SHA-2-384" + +#define IKE_HASH_SHA2_512_ID 4 +#define IKE_HASH_SHA2_512_STRING "SHA-2-512" + // Number and name of DH algorithm for IKE #define IKE_DH_1_ID 0 #define IKE_DH_1_STRING "MODP 768 (Group 1)" diff --git a/src/Mayaqua/Encrypt.c b/src/Mayaqua/Encrypt.c index 21058a77..903c34a8 100644 --- a/src/Mayaqua/Encrypt.c +++ b/src/Mayaqua/Encrypt.c @@ -379,19 +379,19 @@ void HMacMd5(void *dst, void *key, UINT key_size, void *data, UINT data_size) } void HMacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size) { - HMacSha(_SHA1_160, dst, key, key_size, data, data_size); + HMacSha(SHA1_160, dst, key, key_size, data, data_size); } void HMacSha2_256(void *dst, void *key, UINT key_size, void *data, UINT data_size) { - HMacSha(_SHA2_256, dst, key, key_size, data, data_size); + HMacSha(SHA2_256, dst, key, key_size, data, data_size); } void HMacSha2_384(void *dst, void *key, UINT key_size, void *data, UINT data_size) { - HMacSha(_SHA2_384, dst, key, key_size, data, data_size); + HMacSha(SHA2_384, dst, key, key_size, data, data_size); } void HMacSha2_512(void *dst, void *key, UINT key_size, void *data, UINT data_size) { - HMacSha(_SHA2_512, dst, key, key_size, data, data_size); + HMacSha(SHA2_512, dst, key, key_size, data, data_size); } // Calculation of HMAC (SHA-1) @@ -399,12 +399,12 @@ void HMacSha(UINT sha_type, void *dst, void *key, UINT key_size, void *data, UIN { UINT hmac_block_size; switch(sha_type) { - case _SHA1_160: - case _SHA2_256: + case SHA1_160: + case SHA2_256: hmac_block_size = HMAC_BLOCK_SIZE; break; - case _SHA2_384: - case _SHA2_512: + case SHA2_384: + case SHA2_512: hmac_block_size = HMAC_BLOCK_SIZE_1024; break; default: @@ -448,25 +448,25 @@ void HMacSha(UINT sha_type, void *dst, void *key, UINT key_size, void *data, UIN } switch(sha_type) { - case _SHA1_160: + case SHA1_160: SHA1_Init(&sha_ctx1); SHA1_Update(&sha_ctx1, pad1, sizeof(pad1)); SHA1_Update(&sha_ctx1, data, data_size); SHA1_Final(hash1, &sha_ctx1); break; - case _SHA2_256: + case SHA2_256: SHA256_Init(&sha_ctx1); SHA256_Update(&sha_ctx1, pad1, sizeof(pad1)); SHA256_Update(&sha_ctx1, data, data_size); SHA256_Final(hash1, &sha_ctx1); break; - case _SHA2_384: + case SHA2_384: SHA384_Init(&sha_ctx1); SHA384_Update(&sha_ctx1, pad1, sizeof(pad1)); SHA384_Update(&sha_ctx1, data, data_size); SHA384_Final(hash1, &sha_ctx1); break; - case _SHA2_512: + case SHA2_512: SHA512_Init(&sha_ctx1); SHA512_Update(&sha_ctx1, pad1, sizeof(pad1)); SHA512_Update(&sha_ctx1, data, data_size); @@ -496,26 +496,26 @@ void HMacSha(UINT sha_type, void *dst, void *key, UINT key_size, void *data, UIN } switch(sha_type) { - case _SHA1_160: + case SHA1_160: SHA1_Init(&sha_ctx1); SHA1_Update(&sha_ctx1, data2, hmac_block_size); SHA1_Update(&sha_ctx1, hash1, SHA1_SIZE); SHA1_Final(dst, &sha_ctx1); break; - case _SHA2_256: + case SHA2_256: SHA256_Init(&sha_ctx1); SHA256_Update(&sha_ctx1, data2, hmac_block_size); SHA256_Update(&sha_ctx1, hash1, SHA256_SIZE); SHA256_Final(dst, &sha_ctx1); break; - case _SHA2_384: + case SHA2_384: SHA384_Init(&sha_ctx1); SHA384_Update(&sha_ctx1, data2, hmac_block_size); SHA384_Update(&sha_ctx1, hash1, SHA384_SIZE); SHA384_Final(dst, &sha_ctx1); break; - case _SHA2_512: + case SHA2_512: SHA384_Init(&sha_ctx1); SHA384_Update(&sha_ctx1, data2, hmac_block_size); SHA1_Update(&sha_ctx1, hash1, SHA512_SIZE); @@ -4437,7 +4437,7 @@ void Encrypt(CRYPT *c, void *dst, void *src, UINT size) } // SHA-1 hash -void Sha1(void *dst, void *src, UINT size) +void Sha(UINT sha_type, void *dst, void *src, UINT size) { // Validate arguments if (dst == NULL || src == NULL) @@ -4445,7 +4445,35 @@ void Sha1(void *dst, void *src, UINT size) return; } - SHA1(src, size, dst); + switch(sha_type) { + case SHA1_160: + SHA1(src, size, dst); + break; + case SHA2_256: + SHA256(src, size, dst); + break; + case SHA2_384: + SHA384(src, size, dst); + break; + case SHA2_512: + SHA512(src, size, dst); + break; + } + +} + +void Sha1(void *dst, void *src, UINT size) { + Sha(SHA1_160, dst, src, size); +} + +void Sha2_256(void *dst, void *src, UINT size) { + Sha(SHA2_256, dst, src, size); +} +void Sha2_384(void *dst, void *src, UINT size) { + Sha(SHA2_384, dst, src, size); +} +void Sha2_512(void *dst, void *src, UINT size) { + Sha(SHA2_512, dst, src, size); } // MD5 hash diff --git a/src/Mayaqua/Encrypt.h b/src/Mayaqua/Encrypt.h index 9021b983..96722cf8 100644 --- a/src/Mayaqua/Encrypt.h +++ b/src/Mayaqua/Encrypt.h @@ -141,11 +141,11 @@ void RAND_Free_For_SoftEther(); #define AES_IV_SIZE 16 // AES IV size #define AES_MAX_KEY_SIZE 32 // Maximum AES key size -// IANA definitions taken from IKEv1 Phase 1. For internal use only -#define _SHA1_160 2 -#define _SHA2_256 4 -#define _SHA2_384 5 -#define _SHA2_512 6 +// IANA definitions taken from IKEv1 Phase 1 +#define SHA1_160 2 +#define SHA2_256 4 +#define SHA2_384 5 +#define SHA2_512 6 // HMAC block size #define HMAC_BLOCK_SIZE 64 @@ -518,7 +518,12 @@ void Des3Encrypt(void *dest, void *src, UINT size, DES_KEY *key, void *ivec); void Des3Encrypt2(void *dest, void *src, UINT size, DES_KEY_VALUE *k1, DES_KEY_VALUE *k2, DES_KEY_VALUE *k3, void *ivec); void Des3Decrypt(void *dest, void *src, UINT size, DES_KEY *key, void *ivec); void Des3Decrypt2(void *dest, void *src, UINT size, DES_KEY_VALUE *k1, DES_KEY_VALUE *k2, DES_KEY_VALUE *k3, void *ivec); +void Sha(UINT sha_type, void *dst, void *src, UINT size); void Sha1(void *dst, void *src, UINT size); +void Sha2_256(void *dst, void *src, UINT size); +void Sha2_384(void *dst, void *src, UINT size); +void Sha2_512(void *dst, void *src, UINT size); + void Md5(void *dst, void *src, UINT size); void MacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size); void MacSha196(void *dst, void *key, void *data, UINT data_size); -- cgit v1.2.3 From 071004477fa1474777e4fd5f42ff693db7aaeac7 Mon Sep 17 00:00:00 2001 From: Moataz Elmasry Date: Mon, 23 Jan 2017 02:03:37 +0100 Subject: Fix errors while adding SHA2 support to HMAC --- src/Cedar/IPsec_IkePacket.c | 6 ++-- src/Mayaqua/Encrypt.c | 74 ++++++++++++++++++++++++--------------------- 2 files changed, 43 insertions(+), 37 deletions(-) diff --git a/src/Cedar/IPsec_IkePacket.c b/src/Cedar/IPsec_IkePacket.c index 6550247e..0c83752b 100644 --- a/src/Cedar/IPsec_IkePacket.c +++ b/src/Cedar/IPsec_IkePacket.c @@ -2616,9 +2616,9 @@ IKE_ENGINE *NewIkeEngine() e->IkeCryptos[IKE_P1_CRYPTO_AES_CBC] = aes; e->IkeHashes[IKE_P1_HASH_MD5] = md5; e->IkeHashes[IKE_P1_HASH_SHA1] = sha1; - //e->IkeHashes[IKE_P1_HASH_SHA2_256] = sha2_256; - //e->IkeHashes[IKE_P1_HASH_SHA2_384] = sha2_384; - //e->IkeHashes[IKE_P1_HASH_SHA2_512] = sha2_512; + e->IkeHashes[IKE_P1_HASH_SHA2_256] = sha2_256; + e->IkeHashes[IKE_P1_HASH_SHA2_384] = sha2_384; + e->IkeHashes[IKE_P1_HASH_SHA2_512] = sha2_512; // Definition of ESP algorithm diff --git a/src/Mayaqua/Encrypt.c b/src/Mayaqua/Encrypt.c index 903c34a8..21c178a6 100644 --- a/src/Mayaqua/Encrypt.c +++ b/src/Mayaqua/Encrypt.c @@ -398,13 +398,19 @@ void HMacSha2_512(void *dst, void *key, UINT key_size, void *data, UINT data_siz void HMacSha(UINT sha_type, void *dst, void *key, UINT key_size, void *data, UINT data_size) { UINT hmac_block_size; + void* sha_ctx1; switch(sha_type) { case SHA1_160: + sha_ctx1 = ZeroMalloc(sizeof(SHA_CTX)); + hmac_block_size = HMAC_BLOCK_SIZE; + break; case SHA2_256: + sha_ctx1 = ZeroMalloc(sizeof(SHA256_CTX)); hmac_block_size = HMAC_BLOCK_SIZE; break; case SHA2_384: case SHA2_512: + sha_ctx1 = ZeroMalloc(sizeof(SHA512_CTX)); hmac_block_size = HMAC_BLOCK_SIZE_1024; break; default: @@ -414,7 +420,7 @@ void HMacSha(UINT sha_type, void *dst, void *key, UINT key_size, void *data, UIN UCHAR k[hmac_block_size]; UCHAR hash1[hmac_block_size]; UCHAR data2[hmac_block_size]; - SHA_CTX sha_ctx1; + //SHA_CTX sha_ctx1; UCHAR pad1[hmac_block_size]; UINT i; // Validate arguments @@ -449,28 +455,28 @@ void HMacSha(UINT sha_type, void *dst, void *key, UINT key_size, void *data, UIN switch(sha_type) { case SHA1_160: - SHA1_Init(&sha_ctx1); - SHA1_Update(&sha_ctx1, pad1, sizeof(pad1)); - SHA1_Update(&sha_ctx1, data, data_size); - SHA1_Final(hash1, &sha_ctx1); + SHA1_Init((SHA_CTX *)sha_ctx1); + SHA1_Update((SHA_CTX *)sha_ctx1, pad1, sizeof(pad1)); + SHA1_Update((SHA_CTX *)sha_ctx1, data, data_size); + SHA1_Final(hash1, (SHA_CTX *)sha_ctx1); break; case SHA2_256: - SHA256_Init(&sha_ctx1); - SHA256_Update(&sha_ctx1, pad1, sizeof(pad1)); - SHA256_Update(&sha_ctx1, data, data_size); - SHA256_Final(hash1, &sha_ctx1); + SHA256_Init((SHA256_CTX *)sha_ctx1); + SHA256_Update((SHA256_CTX *)sha_ctx1, pad1, sizeof(pad1)); + SHA256_Update((SHA256_CTX *)sha_ctx1, data, data_size); + SHA256_Final(hash1, (SHA256_CTX *)sha_ctx1); break; case SHA2_384: - SHA384_Init(&sha_ctx1); - SHA384_Update(&sha_ctx1, pad1, sizeof(pad1)); - SHA384_Update(&sha_ctx1, data, data_size); - SHA384_Final(hash1, &sha_ctx1); + SHA384_Init((SHA512_CTX *)sha_ctx1); + SHA384_Update((SHA512_CTX *)sha_ctx1, pad1, sizeof(pad1)); + SHA384_Update((SHA512_CTX *)sha_ctx1, data, data_size); + SHA384_Final(hash1, (SHA512_CTX *)sha_ctx1); break; case SHA2_512: - SHA512_Init(&sha_ctx1); - SHA512_Update(&sha_ctx1, pad1, sizeof(pad1)); - SHA512_Update(&sha_ctx1, data, data_size); - SHA512_Final(hash1, &sha_ctx1); + SHA512_Init((SHA512_CTX *)sha_ctx1); + SHA512_Update((SHA512_CTX *)sha_ctx1, pad1, sizeof(pad1)); + SHA512_Update((SHA512_CTX *)sha_ctx1, data, data_size); + SHA512_Final(hash1, (SHA512_CTX *)sha_ctx1); break; } @@ -497,32 +503,32 @@ void HMacSha(UINT sha_type, void *dst, void *key, UINT key_size, void *data, UIN switch(sha_type) { case SHA1_160: - SHA1_Init(&sha_ctx1); - SHA1_Update(&sha_ctx1, data2, hmac_block_size); - SHA1_Update(&sha_ctx1, hash1, SHA1_SIZE); - SHA1_Final(dst, &sha_ctx1); + SHA1_Init((SHA_CTX *)sha_ctx1); + SHA1_Update((SHA_CTX *)sha_ctx1, data2, hmac_block_size); + SHA1_Update((SHA_CTX *)sha_ctx1, hash1, SHA1_SIZE); + SHA1_Final(dst, (SHA_CTX *)sha_ctx1); break; case SHA2_256: - SHA256_Init(&sha_ctx1); - SHA256_Update(&sha_ctx1, data2, hmac_block_size); - SHA256_Update(&sha_ctx1, hash1, SHA256_SIZE); - SHA256_Final(dst, &sha_ctx1); + SHA256_Init((SHA256_CTX *)sha_ctx1); + SHA256_Update((SHA256_CTX *)sha_ctx1, data2, hmac_block_size); + SHA256_Update((SHA256_CTX *)sha_ctx1, hash1, SHA256_SIZE); + SHA256_Final(dst, (SHA256_CTX *)sha_ctx1); break; case SHA2_384: - SHA384_Init(&sha_ctx1); - SHA384_Update(&sha_ctx1, data2, hmac_block_size); - SHA384_Update(&sha_ctx1, hash1, SHA384_SIZE); - SHA384_Final(dst, &sha_ctx1); + SHA384_Init((SHA512_CTX *)sha_ctx1); + SHA384_Update((SHA512_CTX *)sha_ctx1, data2, hmac_block_size); + SHA384_Update((SHA512_CTX *)sha_ctx1, hash1, SHA384_SIZE); + SHA384_Final(dst, (SHA512_CTX *)sha_ctx1); break; case SHA2_512: - SHA384_Init(&sha_ctx1); - SHA384_Update(&sha_ctx1, data2, hmac_block_size); - SHA1_Update(&sha_ctx1, hash1, SHA512_SIZE); - SHA384_Final(dst, &sha_ctx1); + SHA512_Init((SHA512_CTX *)sha_ctx1); + SHA512_Update((SHA512_CTX *)sha_ctx1, data2, hmac_block_size); + SHA512_Update((SHA512_CTX *)sha_ctx1, hash1, SHA512_SIZE); + SHA512_Final(dst, (SHA512_CTX *)sha_ctx1); break; - } + Free(sha_ctx1); } -- cgit v1.2.3 From e0a9fb1950d20f2260c5472b27f8252f7542f69f Mon Sep 17 00:00:00 2001 From: Moataz Elmasry Date: Mon, 23 Jan 2017 02:34:25 +0100 Subject: Add HMAC-SHA2-256, HMAC2-384, HMAC2-512 support to OpenVPN --- src/Cedar/Interop_OpenVPN.h | 2 +- src/bin/hamcore/openvpn_sample.ovpn | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Cedar/Interop_OpenVPN.h b/src/Cedar/Interop_OpenVPN.h index 20e53bb8..7ff8f5fc 100644 --- a/src/Cedar/Interop_OpenVPN.h +++ b/src/Cedar/Interop_OpenVPN.h @@ -155,7 +155,7 @@ #define OPENVPN_CIPHER_LIST "[NULL-CIPHER] NULL AES-128-CBC AES-192-CBC AES-256-CBC BF-CBC CAST-CBC CAST5-CBC DES-CBC DES-EDE-CBC DES-EDE3-CBC DESX-CBC RC2-40-CBC RC2-64-CBC RC2-CBC" // List of the supported hash algorithm -#define OPENVPN_MD_LIST "SHA SHA1 MD5 MD4 RMD160" +#define OPENVPN_MD_LIST "SHA SHA1 SHA256 SHA384 SHA512 MD5 MD4 RMD160" // MTU #define OPENVPN_MTU_LINK 1514 // Ethernet MTU diff --git a/src/bin/hamcore/openvpn_sample.ovpn b/src/bin/hamcore/openvpn_sample.ovpn index 63cc5b85..e9964dd3 100644 --- a/src/bin/hamcore/openvpn_sample.ovpn +++ b/src/bin/hamcore/openvpn_sample.ovpn @@ -83,7 +83,7 @@ $TAG_BEFORE_REMOTE$remote $TAG_HOSTNAME$ $TAG_PORT$ # cipher: [NULL-CIPHER] NULL AES-128-CBC AES-192-CBC AES-256-CBC BF-CBC # CAST-CBC CAST5-CBC DES-CBC DES-EDE-CBC DES-EDE3-CBC DESX-CBC # RC2-40-CBC RC2-64-CBC RC2-CBC -# auth: SHA SHA1 MD5 MD4 RMD160 +# auth: SHA SHA1 SHA256 SHA384 SHA512 MD5 MD4 RMD160 cipher AES-128-CBC auth SHA1 -- cgit v1.2.3