Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/openssl/demos/mac/cmac-aes256.c
34869 views
1
/*-

2
 * Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.

3
 *

4
 * Licensed under the Apache License 2.0 (the "License").  You may not use

5
 * this file except in compliance with the License.  You can obtain a copy

6
 * in the file LICENSE in the source distribution or at

7
 * https://www.openssl.org/source/license.html

8
 */

9


10
/*

11
 * Example of using EVP_MAC_ methods to calculate

12
 * a CMAC of static buffers

13
 */

14


15
#include <string.h>

16
#include <stdio.h>

17
#include <openssl/crypto.h>

18
#include <openssl/core_names.h>

19
#include <openssl/err.h>

20
#include <openssl/evp.h>

21
#include <openssl/cmac.h>

22
#include <openssl/params.h>

23


24
/*

25
 * Hard coding the key into an application is very bad.

26
 * It is done here solely for educational purposes.

27
 */

28
static unsigned char key[] = {

29
    0x6c, 0xde, 0x14, 0xf5, 0xd5, 0x2a, 0x4a, 0xdf,

30
    0x12, 0x39, 0x1e, 0xbf, 0x36, 0xf9, 0x6a, 0x46,

31
    0x48, 0xd0, 0xb6, 0x51, 0x89, 0xfc, 0x24, 0x85,

32
    0xa8, 0x8d, 0xdf, 0x7e, 0x80, 0x14, 0xc8, 0xce,

33
};

34


35
static const unsigned char data[] =

36
    "To be, or not to be, that is the question,\n"

37
    "Whether tis nobler in the minde to suffer\n"

38
    "The ſlings and arrowes of outragious fortune,\n"

39
    "Or to take Armes again in a sea of troubles,\n"

40
    "And by opposing, end them, to die to sleep;\n"

41
    "No more, and by a sleep, to say we end\n"

42
    "The heart-ache, and the thousand natural shocks\n"

43
    "That flesh is heir to? tis a consumation\n"

44
    "Devoutly to be wished. To die to sleep,\n"

45
    "To sleepe, perchance to dreame, Aye, there's the rub,\n"

46
    "For in that sleep of death what dreams may come\n"

47
    "When we haue shuffled off this mortal coil\n"

48
    "Must give us pause. There's the respect\n"

49
    "That makes calamity of so long life:\n"

50
    "For who would bear the Ships and Scorns of time,\n"

51
    "The oppressor's wrong, the proud man's Contumely,\n"

52
    "The pangs of dispised love, the Law's delay,\n"

53
;

54


55
/* The known value of the CMAC/AES256 MAC of the above soliloqy */

56
static const unsigned char expected_output[] = {

57
    0x67, 0x92, 0x32, 0x23, 0x50, 0x3d, 0xc5, 0xba,

58
    0x78, 0xd4, 0x6d, 0x63, 0xf2, 0x2b, 0xe9, 0x56,

59
};

60


61
/*

62
 * A property query used for selecting the MAC implementation.

63
 */

64
static const char *propq = NULL;

65


66
int main(void)

67
{

68
    int ret = EXIT_FAILURE;

69
    OSSL_LIB_CTX *library_context = NULL;

70
    EVP_MAC *mac = NULL;

71
    EVP_MAC_CTX *mctx = NULL;

72
    unsigned char *out = NULL;

73
    size_t out_len = 0;

74
    OSSL_PARAM params[4], *p = params;

75
    char cipher_name[] = "AES-256-CBC";

76


77
    library_context = OSSL_LIB_CTX_new();

78
    if (library_context == NULL) {

79
        fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");

80
        goto end;

81
    }

82


83
    /* Fetch the CMAC implementation */

84
    mac = EVP_MAC_fetch(library_context, "CMAC", propq);

85
    if (mac == NULL) {

86
        fprintf(stderr, "EVP_MAC_fetch() returned NULL\n");

87
        goto end;

88
    }

89


90
    /* Create a context for the CMAC operation */

91
    mctx = EVP_MAC_CTX_new(mac);

92
    if (mctx == NULL) {

93
        fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n");

94
        goto end;

95
    }

96


97
    /* The underlying cipher to be used */

98
    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER, cipher_name,

99
                                            sizeof(cipher_name));

100
    *p = OSSL_PARAM_construct_end();

101


102
    /* Initialise the CMAC operation */

103
    if (!EVP_MAC_init(mctx, key, sizeof(key), params)) {

104
        fprintf(stderr, "EVP_MAC_init() failed\n");

105
        goto end;

106
    }

107


108
    /* Make one or more calls to process the data to be authenticated */

109
    if (!EVP_MAC_update(mctx, data, sizeof(data))) {

110
        fprintf(stderr, "EVP_MAC_update() failed\n");

111
        goto end;

112
    }

113


114
    /* Make a call to the final with a NULL buffer to get the length of the MAC */

115
    if (!EVP_MAC_final(mctx, NULL, &out_len, 0)) {

116
        fprintf(stderr, "EVP_MAC_final() failed\n");

117
        goto end;

118
    }

119
    out = OPENSSL_malloc(out_len);

120
    if (out == NULL) {

121
        fprintf(stderr, "malloc failed\n");

122
        goto end;

123
    }

124
    /* Make one call to the final to get the MAC */

125
    if (!EVP_MAC_final(mctx, out, &out_len, out_len)) {

126
        fprintf(stderr, "EVP_MAC_final() failed\n");

127
        goto end;

128
    }

129


130
    printf("Generated MAC:\n");

131
    BIO_dump_indent_fp(stdout, out, out_len, 2);

132
    putchar('\n');

133


134
    if (out_len != sizeof(expected_output)) {

135
        fprintf(stderr, "Generated MAC has an unexpected length\n");

136
        goto end;

137
    }

138


139
    if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) {

140
        fprintf(stderr, "Generated MAC does not match expected value\n");

141
        goto end;

142
    }

143


144
    ret = EXIT_SUCCESS;

145
end:

146
    if (ret != EXIT_SUCCESS)

147
        ERR_print_errors_fp(stderr);

148
    /* OpenSSL free functions will ignore NULL arguments */

149
    OPENSSL_free(out);

150
    EVP_MAC_CTX_free(mctx);

151
    EVP_MAC_free(mac);

152
    OSSL_LIB_CTX_free(library_context);

153
    return ret;

154
}

155


156