| anjana_sreekumar@infosys.com | 991c206 | 2020-01-08 11:42:57 +0530 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright (c) 2003-2018, Great Software Laboratory Pvt. Ltd. |
| 3 | * Copyright (c) 2017 Intel Corporation |
| 4 | * Copyright (c) 2019, Infosys Ltd. |
| 5 | * |
| 6 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 7 | * you may not use this file except in compliance with the License. |
| 8 | * You may obtain a copy of the License at |
| 9 | * |
| 10 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 11 | * |
| 12 | * Unless required by applicable law or agreed to in writing, software |
| 13 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 15 | * See the License for the specific language governing permissions and |
| 16 | * limitations under the License. |
| 17 | */ |
| 18 | |
| 19 | #include <string.h> |
| 20 | #include <stdint.h> |
| 21 | |
| 22 | #include <openssl/x509.h> |
| 23 | #include <openssl/hmac.h> |
| 24 | |
| 25 | #include "sec.h" |
| 26 | #include "secUtils.h" |
| 27 | |
| 28 | /** |
| 29 | * @brief Create integrity key |
| 30 | * @param[in] kasme key |
| 31 | * @param[out] int_key generated integrity key |
| 32 | * @return void |
| 33 | */ |
| 34 | void SecUtils::create_integrity_key(unsigned char *kasme, unsigned char *int_key) |
| 35 | { |
| 36 | /*TODO : Handle appropriate security values in salt. Remove |
| 37 | * hardcoding*/ |
| 38 | uint8_t salt[HASH_SALT_LEN] = { |
| 39 | 0x15, |
| 40 | 0x02, /*sec algo code*/ |
| 41 | 0, |
| 42 | 1, |
| 43 | 1, |
| 44 | 0, |
| 45 | 1 |
| 46 | }; |
| 47 | |
| 48 | unsigned char out_key[HMAC_SIZE] = {0}; |
| 49 | unsigned int out_len = 0; |
| 50 | calculate_hmac_sha256(salt, HASH_SALT_LEN, kasme, AIA_KASME_SIZE, out_key, &out_len); |
| 51 | |
| 52 | memcpy(int_key, &out_key[AIA_KASME_SIZE - NAS_INT_KEY_SIZE], |
| 53 | NAS_INT_KEY_SIZE); |
| 54 | } |
| 55 | |
| 56 | /** |
| 57 | * @brief Create eNodeB key to exchange in init ctx message |
| 58 | * @param [in]kasme key |
| 59 | * @param [out]kenb_key output the generated key |
| 60 | * @return void |
| 61 | */ |
| 62 | void SecUtils::create_kenb_key(unsigned char *kasme, unsigned char *kenb_key, |
| 63 | unsigned int seq_no) |
| 64 | { |
| 65 | uint8_t salt[HASH_SALT_LEN] = { |
| 66 | 0x11, /*TODO : Sec algo. handle properly instead of harcoding here*/ |
| 67 | (seq_no >> 24) & 0xFF, /*Byte 1 of seq no*/ |
| 68 | (seq_no >> 16) & 0xFF, /*Byte 2 of seq no*/ |
| 69 | (seq_no >> 8 ) & 0xFF, /*Byte 3 of seq no*/ |
| 70 | (seq_no ) & 0xFF, /*Byte 4 of seq no*/ |
| 71 | 0x00, |
| 72 | 0x04 |
| 73 | }; |
| 74 | |
| 75 | uint8_t out_key[HMAC_SIZE]; |
| 76 | unsigned int out_len = 0; |
| 77 | calculate_hmac_sha256(salt, HASH_SALT_LEN, kasme, AIA_KASME_SIZE, out_key, &out_len); |
| 78 | memcpy(kenb_key, out_key, KENB_SIZE); |
| 79 | |
| 80 | } |
| 81 | |
| 82 | |
| 83 | /** |
| 84 | * @brief Create MAC(message authentication code) |
| 85 | * @param [in]input data and key |
| 86 | * @param [out]output MAC, out_len size of MAC |
| 87 | * @return void |
| 88 | */ |
| 89 | |
| 90 | |
| 91 | void SecUtils::calculate_hmac_sha256(const unsigned char *input_data, |
| 92 | int input_data_len, const unsigned char *key, |
| 93 | int key_length, void *output, unsigned int *out_len) |
| 94 | { |
| 95 | |
| 96 | unsigned int mac_length = 0; |
| 97 | unsigned char mac_buffer[EVP_MAX_MD_SIZE] = {0}; |
| 98 | HMAC(EVP_sha256(), key, key_length, input_data, input_data_len, mac_buffer, &mac_length); |
| 99 | memcpy(output, mac_buffer, mac_length); |
| 100 | *out_len = mac_length; |
| 101 | |
| 102 | } |