1 1.5 roy /* $NetBSD: hmac.c,v 1.5 2017/10/05 09:59:04 roy Exp $ */ 2 1.3 christos 3 1.3 christos /*- 4 1.3 christos * Copyright (c) 2016 The NetBSD Foundation, Inc. 5 1.1 sjg * All rights reserved. 6 1.3 christos * 7 1.3 christos * This code is derived from software contributed to The NetBSD Foundation 8 1.3 christos * by Christos Zoulas. 9 1.3 christos * 10 1.1 sjg * Redistribution and use in source and binary forms, with or without 11 1.3 christos * modification, are permitted provided that the following conditions 12 1.3 christos * are met: 13 1.1 sjg * 1. Redistributions of source code must retain the above copyright 14 1.3 christos * notice, this list of conditions and the following disclaimer. 15 1.1 sjg * 2. Redistributions in binary form must reproduce the above copyright 16 1.1 sjg * notice, this list of conditions and the following disclaimer in the 17 1.3 christos * documentation and/or other materials provided with the distribution. 18 1.1 sjg * 19 1.3 christos * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 1.3 christos * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 1.3 christos * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 1.3 christos * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 1.3 christos * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 1.3 christos * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 1.3 christos * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 1.3 christos * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 1.3 christos * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 1.3 christos * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 1.3 christos * POSSIBILITY OF SUCH DAMAGE. 30 1.1 sjg */ 31 1.1 sjg #include <sys/cdefs.h> 32 1.5 roy __RCSID("$NetBSD: hmac.c,v 1.5 2017/10/05 09:59:04 roy Exp $"); 33 1.1 sjg 34 1.3 christos #include <string.h> 35 1.1 sjg #include <stdlib.h> 36 1.1 sjg 37 1.3 christos #include <md2.h> 38 1.3 christos #include <md4.h> 39 1.3 christos #include <md5.h> 40 1.3 christos #include <rmd160.h> 41 1.3 christos #include <sha1.h> 42 1.3 christos #include <sha2.h> 43 1.3 christos 44 1.3 christos #define HMAC_SIZE 128 45 1.3 christos #define HMAC_IPAD 0x36 46 1.3 christos #define HMAC_OPAD 0x5C 47 1.3 christos 48 1.3 christos static const struct hmac { 49 1.3 christos const char *name; 50 1.3 christos size_t ctxsize; 51 1.3 christos size_t digsize; 52 1.3 christos size_t blocksize; 53 1.3 christos void (*init)(void *); 54 1.3 christos void (*update)(void *, const uint8_t *, unsigned int); 55 1.3 christos void (*final)(uint8_t *, void *); 56 1.3 christos } hmacs[] = { 57 1.3 christos { 58 1.3 christos "md2", sizeof(MD2_CTX), MD2_DIGEST_LENGTH, MD2_BLOCK_LENGTH, 59 1.3 christos (void *)MD2Init, (void *)MD2Update, (void *)MD2Final, 60 1.3 christos }, 61 1.3 christos { 62 1.3 christos "md4", sizeof(MD4_CTX), MD4_DIGEST_LENGTH, MD4_BLOCK_LENGTH, 63 1.3 christos (void *)MD4Init, (void *)MD4Update, (void *)MD4Final, 64 1.3 christos }, 65 1.3 christos { 66 1.3 christos "md5", sizeof(MD5_CTX), MD5_DIGEST_LENGTH, MD5_BLOCK_LENGTH, 67 1.3 christos (void *)MD5Init, (void *)MD5Update, (void *)MD5Final, 68 1.3 christos }, 69 1.3 christos { 70 1.3 christos "rmd160", sizeof(RMD160_CTX), RMD160_DIGEST_LENGTH, 71 1.3 christos RMD160_BLOCK_LENGTH, 72 1.3 christos (void *)RMD160Init, (void *)RMD160Update, (void *)RMD160Final, 73 1.3 christos }, 74 1.1 sjg { 75 1.3 christos "sha1", sizeof(SHA1_CTX), SHA1_DIGEST_LENGTH, SHA1_BLOCK_LENGTH, 76 1.3 christos (void *)SHA1Init, (void *)SHA1Update, (void *)SHA1Final, 77 1.1 sjg }, 78 1.1 sjg { 79 1.3 christos "sha224", sizeof(SHA224_CTX), SHA224_DIGEST_LENGTH, 80 1.3 christos SHA224_BLOCK_LENGTH, 81 1.3 christos (void *)SHA224_Init, (void *)SHA224_Update, 82 1.3 christos (void *)SHA224_Final, 83 1.1 sjg }, 84 1.1 sjg { 85 1.3 christos "sha256", sizeof(SHA256_CTX), SHA256_DIGEST_LENGTH, 86 1.3 christos SHA256_BLOCK_LENGTH, 87 1.3 christos (void *)SHA256_Init, (void *)SHA256_Update, 88 1.3 christos (void *)SHA256_Final, 89 1.1 sjg }, 90 1.1 sjg { 91 1.3 christos "sha384", sizeof(SHA384_CTX), SHA384_DIGEST_LENGTH, 92 1.3 christos SHA384_BLOCK_LENGTH, 93 1.3 christos (void *)SHA384_Init, (void *)SHA384_Update, 94 1.3 christos (void *)SHA384_Final, 95 1.1 sjg }, 96 1.1 sjg { 97 1.3 christos "sha512", sizeof(SHA512_CTX), SHA512_DIGEST_LENGTH, 98 1.3 christos SHA512_BLOCK_LENGTH, 99 1.3 christos (void *)SHA512_Init, (void *)SHA512_Update, 100 1.3 christos (void *)SHA512_Final, 101 1.1 sjg }, 102 1.3 christos }; 103 1.3 christos 104 1.3 christos static const struct hmac * 105 1.3 christos hmac_find(const char *name) 106 1.3 christos { 107 1.3 christos for (size_t i = 0; i < __arraycount(hmacs); i++) { 108 1.3 christos if (strcmp(hmacs[i].name, name) != 0) 109 1.3 christos continue; 110 1.3 christos return &hmacs[i]; 111 1.1 sjg } 112 1.3 christos return NULL; 113 1.1 sjg } 114 1.1 sjg 115 1.3 christos ssize_t 116 1.5 roy hmac(const char *name, 117 1.3 christos const void *key, size_t klen, 118 1.3 christos const void *text, size_t tlen, 119 1.3 christos void *digest, size_t dlen) 120 1.3 christos { 121 1.3 christos uint8_t ipad[HMAC_SIZE], opad[HMAC_SIZE], d[HMAC_SIZE]; 122 1.3 christos const uint8_t *k = key; 123 1.3 christos const struct hmac *h; 124 1.3 christos uint64_t c[32]; 125 1.3 christos void *p; 126 1.3 christos 127 1.3 christos if ((h = hmac_find(name)) == NULL) 128 1.3 christos return -1; 129 1.3 christos 130 1.3 christos 131 1.3 christos if (klen > h->blocksize) { 132 1.3 christos (*h->init)(c); 133 1.3 christos (*h->update)(c, k, (unsigned int)klen); 134 1.3 christos (*h->final)(d, c); 135 1.3 christos k = (void *)d; 136 1.3 christos klen = h->digsize; 137 1.3 christos } 138 1.3 christos 139 1.3 christos /* Form input and output pads for the digests */ 140 1.3 christos for (size_t i = 0; i < sizeof(ipad); i++) { 141 1.3 christos ipad[i] = (i < klen ? k[i] : 0) ^ HMAC_IPAD; 142 1.3 christos opad[i] = (i < klen ? k[i] : 0) ^ HMAC_OPAD; 143 1.3 christos } 144 1.1 sjg 145 1.3 christos p = dlen >= h->digsize ? digest : d; 146 1.3 christos if (p != digest) { 147 1.3 christos memcpy(p, digest, dlen); 148 1.3 christos memset((char *)p + dlen, 0, h->digsize - dlen); 149 1.3 christos } 150 1.3 christos (*h->init)(c); 151 1.5 roy (*h->update)(c, ipad, (unsigned int)h->blocksize); 152 1.3 christos (*h->update)(c, text, (unsigned int)tlen); 153 1.3 christos (*h->final)(p, c); 154 1.3 christos 155 1.3 christos (*h->init)(c); 156 1.4 christos (*h->update)(c, opad, (unsigned int)h->blocksize); 157 1.3 christos (*h->update)(c, digest, (unsigned int)h->digsize); 158 1.3 christos (*h->final)(p, c); 159 1.3 christos 160 1.3 christos if (p != digest) 161 1.3 christos memcpy(digest, p, dlen); 162 1.3 christos 163 1.5 roy return (ssize_t)h->digsize; 164 1.1 sjg } 165
Indexes created Mon Sep 22 13:09:51 GMT 2025