2 * MD5 hash implementation and interface functions (non-FIPS allowed cases)
3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
21 #undef hmac_md5_vector_non_fips_allow
22 #undef hmac_md5_non_fips_allow
25 * hmac_md5_vector_non_fips_allow - HMAC-MD5 over data vector (RFC 2104)
26 * @key: Key for HMAC operations
27 * @key_len: Length of the key in bytes
28 * @num_elem: Number of elements in the data vector
29 * @addr: Pointers to the data areas
30 * @len: Lengths of the data blocks
31 * @mac: Buffer for the hash (16 bytes)
32 * Returns: 0 on success, -1 on failure
34 int hmac_md5_vector_non_fips_allow(const u8 *key, size_t key_len,
35 size_t num_elem, const u8 *addr[],
36 const size_t *len, u8 *mac)
38 u8 k_pad[64]; /* padding - key XORd with ipad/opad */
45 * Fixed limit on the number of fragments to avoid having to
46 * allocate memory (which could fail).
51 /* if key is longer than 64 bytes reset it to key = MD5(key) */
53 if (md5_vector_non_fips_allow(1, &key, &key_len, tk))
59 /* the HMAC_MD5 transform looks like:
61 * MD5(K XOR opad, MD5(K XOR ipad, text))
63 * where K is an n byte key
64 * ipad is the byte 0x36 repeated 64 times
65 * opad is the byte 0x5c repeated 64 times
66 * and text is the data being protected */
68 /* start out by storing key in ipad */
69 os_memset(k_pad, 0, sizeof(k_pad));
70 os_memcpy(k_pad, key, key_len);
72 /* XOR key with ipad values */
73 for (i = 0; i < 64; i++)
76 /* perform inner MD5 */
79 for (i = 0; i < num_elem; i++) {
80 _addr[i + 1] = addr[i];
83 if (md5_vector_non_fips_allow(1 + num_elem, _addr, _len, mac))
86 os_memset(k_pad, 0, sizeof(k_pad));
87 os_memcpy(k_pad, key, key_len);
88 /* XOR key with opad values */
89 for (i = 0; i < 64; i++)
92 /* perform outer MD5 */
96 _len[1] = MD5_MAC_LEN;
97 return md5_vector_non_fips_allow(2, _addr, _len, mac);
102 * hmac_md5_non_fips_allow - HMAC-MD5 over data buffer (RFC 2104)
103 * @key: Key for HMAC operations
104 * @key_len: Length of the key in bytes
105 * @data: Pointers to the data area
106 * @data_len: Length of the data area
107 * @mac: Buffer for the hash (16 bytes)
108 * Returns: 0 on success, -1 on failure
110 int hmac_md5_non_fips_allow(const u8 *key, size_t key_len, const u8 *data,
111 size_t data_len, u8 *mac)
113 return hmac_md5_vector_non_fips_allow(key, key_len, 1, &data,