Mercurial > pihelp
view hmac-sha1.c @ 11:e83b35e864d7
hmac and decrypt keys differ now
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 12 Jun 2013 23:00:25 +0800 |
parents | 8705acff2494 |
children |
line wrap: on
line source
/* hmac-sha1.c */ /* This file is part of the AVR-Crypto-Lib. Copyright (C) 2008 Daniel Otte ([email protected]) This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ /** * * implementation of HMAC as described in RFC2104 * Author: Daniel Otte * email: [email protected] * License: GPLv3 or later **/ /* * hmac = hash ( k^opad , hash( k^ipad , msg)) */ #include <stdint.h> #include <string.h> #include "config.h" #include "sha1.h" #include "hmac-sha1.h" #define IPAD 0x36 #define OPAD 0x5C #ifndef HMAC_SHORTONLY void hmac_sha1_init(hmac_sha1_ctx_t *s, const void* key, uint16_t keylength_b){ uint8_t buffer[SHA1_BLOCK_BYTES]; uint8_t i; memset(buffer, 0, SHA1_BLOCK_BYTES); if (keylength_b > SHA1_BLOCK_BITS){ sha1((void*)buffer, key, keylength_b); } else { memcpy(buffer, key, (keylength_b+7)/8); } for (i=0; i<SHA1_BLOCK_BYTES; ++i){ buffer[i] ^= IPAD; } sha1_init(&(s->a)); sha1_nextBlock(&(s->a), buffer); for (i=0; i<SHA1_BLOCK_BYTES; ++i){ buffer[i] ^= IPAD^OPAD; } sha1_init(&(s->b)); sha1_nextBlock(&(s->b), buffer); #if defined SECURE_WIPE_BUFFER memset(buffer, 0, SHA1_BLOCK_BYTES); #endif } void hmac_sha1_nextBlock(hmac_sha1_ctx_t *s, const void* block){ sha1_nextBlock(&(s->a), block); } void hmac_sha1_lastBlock(hmac_sha1_ctx_t *s, const void* block, uint16_t length_b){ while(length_b>=SHA1_BLOCK_BITS){ sha1_nextBlock(&s->a, block); block = (uint8_t*)block + SHA1_BLOCK_BYTES; length_b -= SHA1_BLOCK_BITS; } sha1_lastBlock(&s->a, block, length_b); } void hmac_sha1_final(void* dest, hmac_sha1_ctx_t *s){ sha1_ctx2hash(dest, &s->a); sha1_lastBlock(&s->b, dest, SHA1_HASH_BITS); sha1_ctx2hash(dest, &(s->b)); } #endif /* * keylength in bits! * message length in bits! */ void hmac_sha1(void* dest, const void* key, uint16_t keylength_b, const void* msg, uint32_t msglength_b){ /* a one-shot*/ sha1_ctx_t s; uint8_t i; uint8_t buffer[SHA1_BLOCK_BYTES]; memset(buffer, 0, SHA1_BLOCK_BYTES); /* if key is larger than a block we have to hash it*/ if (keylength_b > SHA1_BLOCK_BITS){ sha1((void*)buffer, key, keylength_b); } else { memcpy(buffer, key, (keylength_b+7)/8); } for (i=0; i<SHA1_BLOCK_BYTES; ++i){ buffer[i] ^= IPAD; } sha1_init(&s); sha1_nextBlock(&s, buffer); while (msglength_b >= SHA1_BLOCK_BITS){ sha1_nextBlock(&s, msg); msg = (uint8_t*)msg + SHA1_BLOCK_BYTES; msglength_b -= SHA1_BLOCK_BITS; } sha1_lastBlock(&s, msg, msglength_b); /* since buffer still contains key xor ipad we can do ... */ for (i=0; i<SHA1_BLOCK_BYTES; ++i){ buffer[i] ^= IPAD ^ OPAD; } sha1_ctx2hash(dest, &s); /* save inner hash temporary to dest */ sha1_init(&s); sha1_nextBlock(&s, buffer); sha1_lastBlock(&s, dest, SHA1_HASH_BITS); sha1_ctx2hash(dest, &s); }