Home | History | Annotate | Download | only in hash
History log of /src/lib/libc/hash/hmac.c
RevisionDateAuthorComments
 1.5  05-Oct-2017  roy Cast away some compile warnings.
 1.4  10-Jan-2017  christos add missing cast.
 1.3  01-Jul-2016  christos branches: 1.3.2;
new hmac function.
 1.2  27-Oct-2006  drochner As discussed back in June, remove hmac_sha1 and hmac_md5 from libc, to
reduce bloat and namespace trouble. (both were never public; hmac_sha1
is moved to libcrypt now because it is used locally there)
 1.1  02-Jul-2004  sjg Add support for SHA1 hashed passwords.
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by smb@research.att.com).

* The format of the encrypted password is:
* $<tag>$<iterations>$<salt>$<digest>
*
* where:
* <tag> is "sha1"
* <iterations> is an unsigned int identifying how many rounds
* have been applied to <digest>. The number
* should vary slightly for each password to make
* it harder to generate a dictionary of
* pre-computed hashes. See crypt_sha1_iterations.
* <salt> up to 64 bytes of random data, 8 bytes is
* currently considered more than enough.
* <digest> the hashed password.

hmac.c implementes HMAC as defined in RFC 2104 and includes a unit
test for both hmac_sha1 and hmac_sha1 using a selection of the Known
Answer Tests from RFC 2202.

It is worth noting that to be FIPS compliant the hmac key (password)
should be 10-20 chars.
 1.3.2.1  20-Mar-2017  pgoyette Sync with HEAD

RSS XML Feed