/*
 * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
 * Use is subject to license terms.
 */

/*
 * lib/crypto/keyhash_provider/hmac_md5.c
 *
(I don't know)
.
 * Copyright2001 by the Massachusetts Institute of Technology.
 * All Rights Reserved.
 *
 * Export of this software from the United States of America may
 *   require a specific license from the United States Government.
 *   It is the responsibility of any person or organization contemplating
 *   export to obtain such a license before exporting.
 *
 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
 * distribute this software and its documentation for any purpose and
 * without fee is hereby granted, provided that the above copyright
 * notice appear in all copies and that both that copyright notice and
 * this permission notice appear in supporting documentation, and that
 * the name of M.I.T. not be used in advertising or publicity pertaining
 * to distribution of the software without specific, written prior
 * permission.  Furthermore if you modify this software you must label
 * your software as modified software and not distribute it in such a
 * fashion that it might be confused with the original M.I.T. software.
 * M.I.T. makes no representations about the suitability of
 * this software for any purpose.  It is provided "as is" without express
 * or implied warranty.
 *
 *
* Implementation of the Microsoft hmac-md5 checksum type.
* Implemented based on draft-brezak-win2k-krb-rc4-hmac-03
 */

#include "k5-int.h"
#include "keyhash_provider.h"
#include "arcfour.h"
#include "hash_provider.h"

static  krb5_error_code
k5_hmac_md5_hash (krb5_context context,
        const krb5_keyblock *key, krb5_keyusage usage,
        const krb5_data *iv,
        const krb5_data *input, krb5_data *output)
{
  krb5_keyusage ms_usage;
  krb5_error_code ret;
  krb5_keyblock ks;
  krb5_data ds, ks_constant, md5tmp;
  krb5_data hash_input[2];
  char digest[MD5_CKSUM_LENGTH];
  char t[4];
  CK_MECHANISM mechanism;
  CK_RV rv;
  CK_ULONG hashlen;

  bzero(&ks, sizeof(krb5_keyblock));

  /*
   * Solaris Kerberos: The digest length is that of MD5_CKSUM_LENGTH not the key
   * length, as keys can be of varying lengths but should not affect the digest
   * length.  The signing key is the digest and therefore is also the same
   * length, MD5_CKSUM_LENGTH.
   */
  ds.length = MD5_CKSUM_LENGTH;
  ks.length = MD5_CKSUM_LENGTH;
  ds.data = malloc(ds.length);
  if (ds.data == NULL)
    return ENOMEM;
  ks.contents = (void *) ds.data;

  ks_constant.data = "signaturekey";
  ks_constant.length = strlen(ks_constant.data)+1; /* Including null*/

  /* Solaris Kerberos */
  ret = krb5_hmac(context, &krb5int_hash_md5, key, 1,
                   &ks_constant, &ds);
  if (ret)
    goto cleanup;

  ms_usage = krb5int_arcfour_translate_usage (usage);
  t[0] = (ms_usage) & 0xff;
  t[1] = (ms_usage>>8) & 0xff;
  t[2] = (ms_usage >>16) & 0xff;
  t[3] = (ms_usage>>24) & 0XFF;

  /* Solaris Kerberos */
  mechanism.mechanism = CKM_MD5;
  mechanism.pParameter = NULL_PTR;
  mechanism.ulParameterLen = 0;

  if ((rv = C_DigestInit(krb_ctx_hSession(context), &mechanism)) != CKR_OK) {
        KRB5_LOG(KRB5_ERR, "C_DigestInit failed in k5_md5_hmac_hash: "
        "rv = 0x%x.", rv);
        ret = PKCS_ERR;
        goto cleanup;
  }
  if ((rv = C_DigestUpdate(krb_ctx_hSession(context),
        (CK_BYTE_PTR)t, (CK_ULONG)sizeof(t))) != CKR_OK) {
        KRB5_LOG(KRB5_ERR, "C_DigestUpdate failed in k5_md5_hmac_hash: "
            "rv = 0x%x", rv);
        ret = PKCS_ERR;
        goto cleanup;
  }
  if ((rv = C_DigestUpdate(krb_ctx_hSession(context),
        (CK_BYTE_PTR)input->data, (CK_ULONG)input->length)) != CKR_OK) {
        KRB5_LOG(KRB5_ERR, "C_DigestUpdate failed in k5_md5_hmac_hash: "
            "rv = 0x%x", rv);
        ret = PKCS_ERR;
        goto cleanup;
  }
  hashlen = MD5_CKSUM_LENGTH;
  if ((rv = C_DigestFinal(krb_ctx_hSession(context),
        (CK_BYTE_PTR)digest, (CK_ULONG_PTR)&hashlen)) != CKR_OK) {
        KRB5_LOG(KRB5_ERR, "C_DigestFinal failed in k5_md5_hmac_hash: "
            "rv = 0x%x", rv);
        ret = PKCS_ERR;
        goto cleanup;
  }

  md5tmp.data = digest;
  md5tmp.length = hashlen;

  ret = krb5_hmac (context, &krb5int_hash_md5, &ks, 1, &md5tmp, output);

cleanup:
  bzero(ks.contents, ks.length);
  bzero(md5tmp.data, md5tmp.length);
  FREE (ks.contents, ks.length);
  return (ret);
}



const struct krb5_keyhash_provider krb5int_keyhash_hmac_md5 = {
  16,
  k5_hmac_md5_hash,
  NULL /*checksum  again*/
};