You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

hmac.c 4.2KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139
  1. /*
  2. * Copyright (C) 2007 Michael Brown <mbrown@fensystems.co.uk>.
  3. *
  4. * This program is free software; you can redistribute it and/or
  5. * modify it under the terms of the GNU General Public License as
  6. * published by the Free Software Foundation; either version 2 of the
  7. * License, or any later version.
  8. *
  9. * This program is distributed in the hope that it will be useful, but
  10. * WITHOUT ANY WARRANTY; without even the implied warranty of
  11. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  12. * General Public License for more details.
  13. *
  14. * You should have received a copy of the GNU General Public License
  15. * along with this program; if not, write to the Free Software
  16. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  17. * 02110-1301, USA.
  18. *
  19. * You can also choose to distribute this program under the terms of
  20. * the Unmodified Binary Distribution Licence (as given in the file
  21. * COPYING.UBDL), provided that you have satisfied its requirements.
  22. *
  23. * Alternatively, you may distribute this code in source or binary
  24. * form, with or without modification, provided that the following
  25. * conditions are met:
  26. *
  27. * 1. Redistributions of source code must retain the above copyright
  28. * notice, this list of conditions and the above disclaimer.
  29. *
  30. * 2. Redistributions in binary form must reproduce the above
  31. * copyright notice, this list of conditions and the above
  32. * disclaimer in the documentation and/or other materials provided
  33. * with the distribution.
  34. */
  35. FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
  36. /**
  37. * @file
  38. *
  39. * Keyed-Hashing for Message Authentication
  40. */
  41. #include <string.h>
  42. #include <assert.h>
  43. #include <ipxe/crypto.h>
  44. #include <ipxe/hmac.h>
  45. /**
  46. * Reduce HMAC key length
  47. *
  48. * @v digest Digest algorithm to use
  49. * @v digest_ctx Digest context
  50. * @v key Key
  51. * @v key_len Length of key
  52. */
  53. static void hmac_reduce_key ( struct digest_algorithm *digest,
  54. void *key, size_t *key_len ) {
  55. uint8_t digest_ctx[digest->ctxsize];
  56. digest_init ( digest, digest_ctx );
  57. digest_update ( digest, digest_ctx, key, *key_len );
  58. digest_final ( digest, digest_ctx, key );
  59. *key_len = digest->digestsize;
  60. }
  61. /**
  62. * Initialise HMAC
  63. *
  64. * @v digest Digest algorithm to use
  65. * @v digest_ctx Digest context
  66. * @v key Key
  67. * @v key_len Length of key
  68. *
  69. * The length of the key should be less than the block size of the
  70. * digest algorithm being used. (If the key length is greater, it
  71. * will be replaced with its own digest, and key_len will be updated
  72. * accordingly).
  73. */
  74. void hmac_init ( struct digest_algorithm *digest, void *digest_ctx,
  75. void *key, size_t *key_len ) {
  76. unsigned char k_ipad[digest->blocksize];
  77. unsigned int i;
  78. /* Reduce key if necessary */
  79. if ( *key_len > sizeof ( k_ipad ) )
  80. hmac_reduce_key ( digest, key, key_len );
  81. /* Construct input pad */
  82. memset ( k_ipad, 0, sizeof ( k_ipad ) );
  83. memcpy ( k_ipad, key, *key_len );
  84. for ( i = 0 ; i < sizeof ( k_ipad ) ; i++ ) {
  85. k_ipad[i] ^= 0x36;
  86. }
  87. /* Start inner hash */
  88. digest_init ( digest, digest_ctx );
  89. digest_update ( digest, digest_ctx, k_ipad, sizeof ( k_ipad ) );
  90. }
  91. /**
  92. * Finalise HMAC
  93. *
  94. * @v digest Digest algorithm to use
  95. * @v digest_ctx Digest context
  96. * @v key Key
  97. * @v key_len Length of key
  98. * @v hmac HMAC digest to fill in
  99. *
  100. * The length of the key should be less than the block size of the
  101. * digest algorithm being used. (If the key length is greater, it
  102. * will be replaced with its own digest, and key_len will be updated
  103. * accordingly).
  104. */
  105. void hmac_final ( struct digest_algorithm *digest, void *digest_ctx,
  106. void *key, size_t *key_len, void *hmac ) {
  107. unsigned char k_opad[digest->blocksize];
  108. unsigned int i;
  109. /* Reduce key if necessary */
  110. if ( *key_len > sizeof ( k_opad ) )
  111. hmac_reduce_key ( digest, key, key_len );
  112. /* Construct output pad */
  113. memset ( k_opad, 0, sizeof ( k_opad ) );
  114. memcpy ( k_opad, key, *key_len );
  115. for ( i = 0 ; i < sizeof ( k_opad ) ; i++ ) {
  116. k_opad[i] ^= 0x5c;
  117. }
  118. /* Finish inner hash */
  119. digest_final ( digest, digest_ctx, hmac );
  120. /* Perform outer hash */
  121. digest_init ( digest, digest_ctx );
  122. digest_update ( digest, digest_ctx, k_opad, sizeof ( k_opad ) );
  123. digest_update ( digest, digest_ctx, hmac, digest->digestsize );
  124. digest_final ( digest, digest_ctx, hmac );
  125. }