1
/*-
2
 * Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9

10
/*
11
 * Example of using EVP_MAC_ methods to calculate
12
 * a HMAC of static buffers
13
 */
14

15
#include <string.h>
16
#include <stdio.h>
17
#include <openssl/crypto.h>
18
#include <openssl/core_names.h>
19
#include <openssl/err.h>
20
#include <openssl/evp.h>
21
#include <openssl/hmac.h>
22
#include <openssl/params.h>
23

24
/*
25
 * Hard coding the key into an application is very bad.
26
 * It is done here solely for educational purposes.
27
 */
28
static unsigned char key[] = {
29
    0x25, 0xfd, 0x12, 0x99, 0xdf, 0xad, 0x1a, 0x03,
30
    0x0a, 0x81, 0x3c, 0x2d, 0xcc, 0x05, 0xd1, 0x5c,
31
    0x17, 0x7a, 0x36, 0x73, 0x17, 0xef, 0x41, 0x75,
32
    0x71, 0x18, 0xe0, 0x1a, 0xda, 0x99, 0xc3, 0x61,
33
    0x38, 0xb5, 0xb1, 0xe0, 0x82, 0x2c, 0x70, 0xa4,
34
    0xc0, 0x8e, 0x5e, 0xf9, 0x93, 0x9f, 0xcf, 0xf7,
35
    0x32, 0x4d, 0x0c, 0xbd, 0x31, 0x12, 0x0f, 0x9a,
36
    0x15, 0xee, 0x82, 0xdb, 0x8d, 0x29, 0x54, 0x14,
37
};
38

39
static const unsigned char data[] =
40
    "To be, or not to be, that is the question,\n"
41
    "Whether tis nobler in the minde to suffer\n"
42
    "The ſlings and arrowes of outragious fortune,\n"
43
    "Or to take Armes again in a sea of troubles,\n"
44
    "And by opposing, end them, to die to sleep;\n"
45
    "No more, and by a sleep, to say we end\n"
46
    "The heart-ache, and the thousand natural shocks\n"
47
    "That flesh is heir to? tis a consumation\n"
48
    "Devoutly to be wished. To die to sleep,\n"
49
    "To sleepe, perchance to dreame, Aye, there's the rub,\n"
50
    "For in that sleep of death what dreams may come\n"
51
    "When we haue shuffled off this mortal coil\n"
52
    "Must give us pause. There's the respect\n"
53
    "That makes calamity of so long life:\n"
54
    "For who would bear the Ships and Scorns of time,\n"
55
    "The oppressor's wrong, the proud man's Contumely,\n"
56
    "The pangs of dispised love, the Law's delay,\n"
57
;
58

59
/* The known value of the HMAC/SHA3-512 MAC of the above soliloqy */
60
static const unsigned char expected_output[] = {
61
    0x3b, 0x77, 0x5f, 0xf1, 0x4f, 0x9e, 0xb9, 0x23,
62
    0x8f, 0xdc, 0xa0, 0x68, 0x15, 0x7b, 0x8a, 0xf1,
63
    0x96, 0x23, 0xaa, 0x3c, 0x1f, 0xe9, 0xdc, 0x89,
64
    0x11, 0x7d, 0x58, 0x07, 0xe7, 0x96, 0x17, 0xe3,
65
    0x44, 0x8b, 0x03, 0x37, 0x91, 0xc0, 0x6e, 0x06,
66
    0x7c, 0x54, 0xe4, 0xa4, 0xcc, 0xd5, 0x16, 0xbb,
67
    0x5e, 0x4d, 0x64, 0x7d, 0x88, 0x23, 0xc9, 0xb7,
68
    0x25, 0xda, 0xbe, 0x4b, 0xe4, 0xd5, 0x34, 0x30,
69
};
70

71
/*
72
 * A property query used for selecting the MAC implementation.
73
 */
74
static const char *propq = NULL;
75

76
int main(void)
77
{
78
    int ret = EXIT_FAILURE;
79
    OSSL_LIB_CTX *library_context = NULL;
80
    EVP_MAC *mac = NULL;
81
    EVP_MAC_CTX *mctx = NULL;
82
    EVP_MD_CTX *digest_context = NULL;
83
    unsigned char *out = NULL;
84
    size_t out_len = 0;
85
    OSSL_PARAM params[4], *p = params;
86
    char digest_name[] = "SHA3-512";
87

88
    library_context = OSSL_LIB_CTX_new();
89
    if (library_context == NULL) {
90
        fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
91
        goto end;
92
    }
93

94
    /* Fetch the HMAC implementation */
95
    mac = EVP_MAC_fetch(library_context, "HMAC", propq);
96
    if (mac == NULL) {
97
        fprintf(stderr, "EVP_MAC_fetch() returned NULL\n");
98
        goto end;
99
    }
100

101
    /* Create a context for the HMAC operation */
102
    mctx = EVP_MAC_CTX_new(mac);
103
    if (mctx == NULL) {
104
        fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n");
105
        goto end;
106
    }
107

108
    /* The underlying digest to be used */
109
    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, digest_name,
110
                                            sizeof(digest_name));
111
    *p = OSSL_PARAM_construct_end();
112

113
    /* Initialise the HMAC operation */
114
    if (!EVP_MAC_init(mctx, key, sizeof(key), params)) {
115
        fprintf(stderr, "EVP_MAC_init() failed\n");
116
        goto end;
117
    }
118

119
    /* Make one or more calls to process the data to be authenticated */
120
    if (!EVP_MAC_update(mctx, data, sizeof(data))) {
121
        fprintf(stderr, "EVP_MAC_update() failed\n");
122
        goto end;
123
    }
124

125
    /* Make a call to the final with a NULL buffer to get the length of the MAC */
126
    if (!EVP_MAC_final(mctx, NULL, &out_len, 0)) {
127
        fprintf(stderr, "EVP_MAC_final() failed\n");
128
        goto end;
129
    }
130
    out = OPENSSL_malloc(out_len);
131
    if (out == NULL) {
132
        fprintf(stderr, "malloc failed\n");
133
        goto end;
134
    }
135
    /* Make one call to the final to get the MAC */
136
    if (!EVP_MAC_final(mctx, out, &out_len, out_len)) {
137
        fprintf(stderr, "EVP_MAC_final() failed\n");
138
        goto end;
139
    }
140

141
    printf("Generated MAC:\n");
142
    BIO_dump_indent_fp(stdout, out, out_len, 2);
143
    putchar('\n');
144

145
    if (out_len != sizeof(expected_output)) {
146
        fprintf(stderr, "Generated MAC has an unexpected length\n");
147
        goto end;
148
    }
149

150
    if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) {
151
        fprintf(stderr, "Generated MAC does not match expected value\n");
152
        goto end;
153
    }
154

155
    ret = EXIT_SUCCESS;
156
end:
157
    if (ret != EXIT_SUCCESS)
158
        ERR_print_errors_fp(stderr);
159
    /* OpenSSL free functions will ignore NULL arguments */
160
    OPENSSL_free(out);
161
    EVP_MD_CTX_free(digest_context);
162
    EVP_MAC_CTX_free(mctx);
163
    EVP_MAC_free(mac);
164
    OSSL_LIB_CTX_free(library_context);
165
    return ret;
166
}
167

168