Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Blame
Revision Log

snmpv3_mbedtls.c@ 457

Last change on this file since 457 was 457, checked in by coas-nagasima, 4 years ago
ファイルを追加
Property svn:eol-style set to `native` Property svn:mime-type set to `text/x-csrc;charset=UTF-8`
File size: 10.7 KB

Line
1	/**
2	* @file
3	* SNMPv3 crypto/auth functions implemented for ARM mbedtls.
4	*/
5
6	/*
7	* Copyright (c) 2016 Elias Oenal and Dirk Ziegelmeier.
8	* All rights reserved.
9	*
10	* Redistribution and use in source and binary forms, with or without modification,
11	* are permitted provided that the following conditions are met:
12	*
13	* 1. Redistributions of source code must retain the above copyright notice,
14	* this list of conditions and the following disclaimer.
15	* 2. Redistributions in binary form must reproduce the above copyright notice,
16	* this list of conditions and the following disclaimer in the documentation
17	* and/or other materials provided with the distribution.
18	* 3. The name of the author may not be used to endorse or promote products
19	* derived from this software without specific prior written permission.
20	*
21	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
22	* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
23	* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
24	* SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
25	* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
26	* OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27	* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28	* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
29	* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
30	* OF SUCH DAMAGE.
31	*
32	* Author: Elias Oenal <lwip@eliasoenal.com>
33	* Dirk Ziegelmeier <dirk@ziegelmeier.net>
34	*/
35
36	#include "lwip/apps/snmpv3.h"
37	#include "snmpv3_priv.h"
38	#include "lwip/arch.h"
39	#include "snmp_msg.h"
40	#include "lwip/sys.h"
41	#include <string.h>
42
43	#if LWIP_SNMP && LWIP_SNMP_V3 && LWIP_SNMP_V3_MBEDTLS
44
45	#include "mbedtls/md.h"
46	#include "mbedtls/cipher.h"
47
48	#include "mbedtls/md5.h"
49	#include "mbedtls/sha1.h"
50
51	err_t
52	snmpv3_auth(struct snmp_pbuf_stream *stream, u16_t length,
53	const u8_t key, snmpv3_auth_algo_t algo, u8_t hmac_out)
54	{
55	u32_t i;
56	u8_t key_len;
57	const mbedtls_md_info_t *md_info;
58	mbedtls_md_context_t ctx;
59	struct snmp_pbuf_stream read_stream;
60	snmp_pbuf_stream_init(&read_stream, stream->pbuf, stream->offset, stream->length);
61
62	if (algo == SNMP_V3_AUTH_ALGO_MD5) {
63	md_info = mbedtls_md_info_from_type(MBEDTLS_MD_MD5);
64	key_len = SNMP_V3_MD5_LEN;
65	} else if (algo == SNMP_V3_AUTH_ALGO_SHA) {
66	md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1);
67	key_len = SNMP_V3_SHA_LEN;
68	} else {
69	return ERR_ARG;
70	}
71
72	mbedtls_md_init(&ctx);
73	if (mbedtls_md_setup(&ctx, md_info, 1) != 0) {
74	return ERR_ARG;
75	}
76
77	if (mbedtls_md_hmac_starts(&ctx, key, key_len) != 0) {
78	goto free_md;
79	}
80
81	for (i = 0; i < length; i++) {
82	u8_t byte;
83
84	if (snmp_pbuf_stream_read(&read_stream, &byte)) {
85	goto free_md;
86	}
87
88	if (mbedtls_md_hmac_update(&ctx, &byte, 1) != 0) {
89	goto free_md;
90	}
91	}
92
93	if (mbedtls_md_hmac_finish(&ctx, hmac_out) != 0) {
94	goto free_md;
95	}
96
97	mbedtls_md_free(&ctx);
98	return ERR_OK;
99
100	free_md:
101	mbedtls_md_free(&ctx);
102	return ERR_ARG;
103	}
104
105	#if LWIP_SNMP_V3_CRYPTO
106
107	err_t
108	snmpv3_crypt(struct snmp_pbuf_stream *stream, u16_t length,
109	const u8_t key, const u8_t priv_param, const u32_t engine_boots,
110	const u32_t engine_time, snmpv3_priv_algo_t algo, snmpv3_priv_mode_t mode)
111	{
112	size_t i;
113	mbedtls_cipher_context_t ctx;
114	const mbedtls_cipher_info_t *cipher_info;
115
116	struct snmp_pbuf_stream read_stream;
117	struct snmp_pbuf_stream write_stream;
118	snmp_pbuf_stream_init(&read_stream, stream->pbuf, stream->offset, stream->length);
119	snmp_pbuf_stream_init(&write_stream, stream->pbuf, stream->offset, stream->length);
120	mbedtls_cipher_init(&ctx);
121
122	if (algo == SNMP_V3_PRIV_ALGO_DES) {
123	u8_t iv_local[8];
124	u8_t out_bytes[8];
125	size_t out_len;
126
127	/* RFC 3414 mandates padding for DES */
128	if ((length & 0x07) != 0) {
129	return ERR_ARG;
130	}
131
132	cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_DES_CBC);
133	if (mbedtls_cipher_setup(&ctx, cipher_info) != 0) {
134	return ERR_ARG;
135	}
136	if (mbedtls_cipher_set_padding_mode(&ctx, MBEDTLS_PADDING_NONE) != 0) {
137	return ERR_ARG;
138	}
139	if (mbedtls_cipher_setkey(&ctx, key, 8 * 8, (mode == SNMP_V3_PRIV_MODE_ENCRYPT) ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT) != 0) {
140	goto error;
141	}
142
143	/* Prepare IV */
144	for (i = 0; i < LWIP_ARRAYSIZE(iv_local); i++) {
145	iv_local[i] = priv_param[i] ^ key[i + 8];
146	}
147	if (mbedtls_cipher_set_iv(&ctx, iv_local, LWIP_ARRAYSIZE(iv_local)) != 0) {
148	goto error;
149	}
150
151	for (i = 0; i < length; i += 8) {
152	size_t j;
153	u8_t in_bytes[8];
154	out_len = LWIP_ARRAYSIZE(out_bytes) ;
155
156	for (j = 0; j < LWIP_ARRAYSIZE(in_bytes); j++) {
157	if (snmp_pbuf_stream_read(&read_stream, &in_bytes[j]) != ERR_OK) {
158	goto error;
159	}
160	}
161
162	if (mbedtls_cipher_update(&ctx, in_bytes, LWIP_ARRAYSIZE(in_bytes), out_bytes, &out_len) != 0) {
163	goto error;
164	}
165
166	if (snmp_pbuf_stream_writebuf(&write_stream, out_bytes, (u16_t)out_len) != ERR_OK) {
167	goto error;
168	}
169	}
170
171	out_len = LWIP_ARRAYSIZE(out_bytes);
172	if (mbedtls_cipher_finish(&ctx, out_bytes, &out_len) != 0) {
173	goto error;
174	}
175
176	if (snmp_pbuf_stream_writebuf(&write_stream, out_bytes, (u16_t)out_len) != ERR_OK) {
177	goto error;
178	}
179	} else if (algo == SNMP_V3_PRIV_ALGO_AES) {
180	u8_t iv_local[16];
181
182	cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_CFB128);
183	if (mbedtls_cipher_setup(&ctx, cipher_info) != 0) {
184	return ERR_ARG;
185	}
186	if (mbedtls_cipher_setkey(&ctx, key, 16 * 8, (mode == SNMP_V3_PRIV_MODE_ENCRYPT) ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT) != 0) {
187	goto error;
188	}
189
190	/*
191	* IV is the big endian concatenation of boots,
192	* uptime and priv param - see RFC3826.
193	*/
194	iv_local[0 + 0] = (engine_boots >> 24) & 0xFF;
195	iv_local[0 + 1] = (engine_boots >> 16) & 0xFF;
196	iv_local[0 + 2] = (engine_boots >> 8) & 0xFF;
197	iv_local[0 + 3] = (engine_boots >> 0) & 0xFF;
198	iv_local[4 + 0] = (engine_time >> 24) & 0xFF;
199	iv_local[4 + 1] = (engine_time >> 16) & 0xFF;
200	iv_local[4 + 2] = (engine_time >> 8) & 0xFF;
201	iv_local[4 + 3] = (engine_time >> 0) & 0xFF;
202	SMEMCPY(iv_local + 8, priv_param, 8);
203	if (mbedtls_cipher_set_iv(&ctx, iv_local, LWIP_ARRAYSIZE(iv_local)) != 0) {
204	goto error;
205	}
206
207	for (i = 0; i < length; i++) {
208	u8_t in_byte;
209	u8_t out_byte;
210	size_t out_len = sizeof(out_byte);
211
212	if (snmp_pbuf_stream_read(&read_stream, &in_byte) != ERR_OK) {
213	goto error;
214	}
215	if (mbedtls_cipher_update(&ctx, &in_byte, sizeof(in_byte), &out_byte, &out_len) != 0) {
216	goto error;
217	}
218	if (snmp_pbuf_stream_write(&write_stream, out_byte) != ERR_OK) {
219	goto error;
220	}
221	}
222	} else {
223	return ERR_ARG;
224	}
225
226	mbedtls_cipher_free(&ctx);
227	return ERR_OK;
228
229	error:
230	mbedtls_cipher_free(&ctx);
231	return ERR_OK;
232	}
233
234	#endif /* LWIP_SNMP_V3_CRYPTO */
235
236	/* A.2.1. Password to Key Sample Code for MD5 */
237	void
238	snmpv3_password_to_key_md5(
239	const u8_t password, / IN */
240	size_t passwordlen, /* IN */
241	const u8_t engineID, / IN - pointer to snmpEngineID */
242	u8_t engineLength,/* IN - length of snmpEngineID */
243	u8_t key) / OUT - pointer to caller 16-octet buffer */
244	{
245	mbedtls_md5_context MD;
246	u8_t *cp, password_buf[64];
247	u32_t password_index = 0;
248	u8_t i;
249	u32_t count = 0;
250
251	mbedtls_md5_init(&MD); /* initialize MD5 */
252	mbedtls_md5_starts(&MD);
253
254	/**********************************************/
255	/* Use while loop until we've done 1 Megabyte */
256	/**********************************************/
257	while (count < 1048576) {
258	cp = password_buf;
259	for (i = 0; i < 64; i++) {
260	/*************************************************/
261	/* Take the next octet of the password, wrapping */
262	/* to the beginning of the password as necessary.*/
263	/*************************************************/
264	*cp++ = password[password_index++ % passwordlen];
265	}
266	mbedtls_md5_update(&MD, password_buf, 64);
267	count += 64;
268	}
269	mbedtls_md5_finish(&MD, key); /* tell MD5 we're done */
270
271	/*****************************************************/
272	/* Now localize the key with the engineID and pass */
273	/* through MD5 to produce final key */
274	/* May want to ensure that engineLength <= 32, */
275	/* otherwise need to use a buffer larger than 64 */
276	/*****************************************************/
277	SMEMCPY(password_buf, key, 16);
278	MEMCPY(password_buf + 16, engineID, engineLength);
279	SMEMCPY(password_buf + 16 + engineLength, key, 16);
280
281	mbedtls_md5_starts(&MD);
282	mbedtls_md5_update(&MD, password_buf, 32 + engineLength);
283	mbedtls_md5_finish(&MD, key);
284
285	mbedtls_md5_free(&MD);
286	return;
287	}
288
289	/* A.2.2. Password to Key Sample Code for SHA */
290	void
291	snmpv3_password_to_key_sha(
292	const u8_t password, / IN */
293	size_t passwordlen, /* IN */
294	const u8_t engineID, / IN - pointer to snmpEngineID */
295	u8_t engineLength,/* IN - length of snmpEngineID */
296	u8_t key) / OUT - pointer to caller 20-octet buffer */
297	{
298	mbedtls_sha1_context SH;
299	u8_t *cp, password_buf[72];
300	u32_t password_index = 0;
301	u8_t i;
302	u32_t count = 0;
303
304	mbedtls_sha1_init(&SH); /* initialize SHA */
305	mbedtls_sha1_starts(&SH);
306
307	/**********************************************/
308	/* Use while loop until we've done 1 Megabyte */
309	/**********************************************/
310	while (count < 1048576) {
311	cp = password_buf;
312	for (i = 0; i < 64; i++) {
313	/*************************************************/
314	/* Take the next octet of the password, wrapping */
315	/* to the beginning of the password as necessary.*/
316	/*************************************************/
317	*cp++ = password[password_index++ % passwordlen];
318	}
319	mbedtls_sha1_update(&SH, password_buf, 64);
320	count += 64;
321	}
322	mbedtls_sha1_finish(&SH, key); /* tell SHA we're done */
323
324	/*****************************************************/
325	/* Now localize the key with the engineID and pass */
326	/* through SHA to produce final key */
327	/* May want to ensure that engineLength <= 32, */
328	/* otherwise need to use a buffer larger than 72 */
329	/*****************************************************/
330	SMEMCPY(password_buf, key, 20);
331	MEMCPY(password_buf + 20, engineID, engineLength);
332	SMEMCPY(password_buf + 20 + engineLength, key, 20);
333
334	mbedtls_sha1_starts(&SH);
335	mbedtls_sha1_update(&SH, password_buf, 40 + engineLength);
336	mbedtls_sha1_finish(&SH, key);
337
338	mbedtls_sha1_free(&SH);
339	return;
340	}
341
342	#endif /* LWIP_SNMP && LWIP_SNMP_V3 && LWIP_SNMP_V3_MBEDTLS */

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: azure_iot_hub_f767zi/trunk/asp_baseplatform/lwip/lwip-2.1.2/src/apps/snmp/snmpv3_mbedtls.c@ 457

Download in other formats: