X-Git-Url: https://git.cryptolib.org/?a=blobdiff_plain;f=hmac-sha256.c;h=d84f46dd7a323a58ac6e705088a69fd9695f85d0;hb=17332291e15183d71d88ed868275e3cb53917180;hp=e6fe3bc5bf18c1778aef59bcaa41f90b1cd61b69;hpb=38806fc75038026e167a26eff90b6111066a3642;p=avr-crypto-lib.git

diff --git a/hmac-sha256.c b/hmac-sha256.c
index e6fe3bc..d84f46d 100644
--- a/hmac-sha256.c
+++ b/hmac-sha256.c
@@ -1,9 +1,27 @@
+/* hmac-sha256.c */
+/*
+    This file is part of the This file is part of the AVR-Crypto-Lib.
+    Copyright (C) 2008  Daniel Otte (daniel.otte@rub.de)
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
 /**
  * 
  * implementation of HMAC as described in RFC2104
- * Author:	Daniel Otte
- * 
- * License:	GPL
+ * Author:      Daniel Otte
+ * email:       daniel.otte@rub.de
+ * License:     GPLv3 or later
  **/
 
 /* 
@@ -12,6 +30,7 @@
 
 #include <stdint.h>
 #include <string.h>
+#include "config.h"
 #include "sha256.h"
 
 #define IPAD 0x36
@@ -19,52 +38,59 @@
 
 typedef sha256_ctx_t hmac_sha256_ctx_t;
 
-void hmac_sha256_init(hmac_sha256_ctx_t *s, void* key, uint16_t kl){
-	uint8_t buffer[SHA256_BLOCK_BITS/8];
+#ifndef HMAC_SHORTONLY
+
+void hmac_sha256_init(hmac_sha256_ctx_t *s, void* key, uint16_t keylength_b){
+	uint8_t buffer[SHA256_HASH_BYTES];
 	uint8_t i;
 	
-	if (kl > SHA256_BLOCK_BITS){
-		sha256((void*)buffer, key, kl);
+	memset(buffer, 0, SHA256_HASH_BYTES);
+	if (keylength_b > SHA256_BLOCK_BITS){
+		sha256((void*)buffer, key, keylength_b);
 	} else {
-		memcpy(buffer, key, kl/8 + (kl & 0x7)?1:0);
+		memcpy(buffer, key, (keylength_b+7)/8);
 	}
 	
-	for (i=0; i<SHA256_BLOCK_BITS/8; ++i){
+	for (i=0; i<SHA256_HASH_BYTES; ++i){
 		buffer[i] ^= IPAD;
 	}
 	
 	sha256_init(s);
 	sha256_nextBlock(s, buffer);
 #if defined SECURE_WIPE_BUFFER
-	memset(buffer, 0, SHA256_BLOCK_BITS/8);
+	memset(buffer, 0, SHA256_HASH_BYTES);
 #endif
 }
 
-void hmac_sha256_final(hmac_sha256_ctx_t *s, void* key, uint16_t kl){
-	uint8_t buffer[SHA256_BLOCK_BITS/8];
+void hmac_sha256_final(hmac_sha256_ctx_t *s, void* key, uint16_t keylength_b){
+	uint8_t buffer[SHA256_HASH_BYTES];
 	uint8_t i;
 	sha256_ctx_t a;
 	
-	if (kl > SHA256_BLOCK_BITS){
-		sha256((void*)buffer, key, kl);
+	memset(buffer, 0, SHA256_HASH_BYTES);
+	if (keylength_b > SHA256_BLOCK_BITS){
+		sha256((void*)buffer, key, keylength_b);
 	} else {
-		memcpy(buffer, key, kl/8 + (kl & 0x7)?1:0);
+		memcpy(buffer, key, (keylength_b+7)/8);
 	}
 	
-	for (i=0; i<SHA256_BLOCK_BITS/8; ++i){
+	for (i=0; i<SHA256_HASH_BYTES; ++i){
 		buffer[i] ^= OPAD;
 	}
 	
 	sha256_init(&a);
 	sha256_nextBlock(&a, buffer); /* hash key ^ opad */
 	sha256_ctx2hash((void*)buffer, s);  /* copy hash(key ^ ipad, msg) to buffer */
-	sha256_lastBlock(s, buffer, SHA256_HASH_BITS);
+	sha256_lastBlock(&a, buffer, SHA256_HASH_BITS);
+	memcpy(s, &a, sizeof(sha256_ctx_t));
 #if defined SECURE_WIPE_BUFFER
-	memset(buffer, 0, SHA256_BLOCK_BITS/8);
+	memset(buffer, 0, SHA256_HASH_BYTES);
 	memset(a.h, 0, 8*4);
 #endif	
 }
 
+#endif
+
 /*
 void hmac_sha256_nextBlock()
 void hmac_sha256_lastBlock()
@@ -74,33 +100,33 @@ void hmac_sha256_lastBlock()
  * keylength in bits!
  * message length in bits!
  */
-void hmac_sha256(void* dest, void* key, uint16_t kl, void* msg, uint64_t ml){ /* a one-shot*/
+void hmac_sha256(void* dest, void* key, uint16_t keylength_b, void* msg, uint64_t msglength_b){ /* a one-shot*/
 	sha256_ctx_t s;
 	uint8_t i;
-	uint8_t buffer[SHA256_BLOCK_BITS/8];
+	uint8_t buffer[SHA256_HASH_BYTES];
 	
-	memset(buffer, 0, SHA256_BLOCK_BITS/8);
+	memset(buffer, 0, SHA256_HASH_BYTES);
 	
 	/* if key is larger than a block we have to hash it*/
-	if (kl > SHA256_BLOCK_BITS){
-		sha256((void*)buffer, key, kl);
+	if (keylength_b > SHA256_BLOCK_BITS){
+		sha256((void*)buffer, key, keylength_b);
 	} else {
-		memcpy(buffer, key, kl/8 + (kl & 0x7)?1:0);
+		memcpy(buffer, key, (keylength_b+7)/8);
 	}
 	
-	for (i=0; i<SHA256_BLOCK_BITS/8; ++i){
+	for (i=0; i<SHA256_HASH_BYTES; ++i){
 		buffer[i] ^= IPAD;
 	}
 	sha256_init(&s);
 	sha256_nextBlock(&s, buffer);
-	while (ml >= SHA256_BLOCK_BITS){
+	while (msglength_b >= SHA256_BLOCK_BITS){
 		sha256_nextBlock(&s, msg);
-		msg += SHA256_BLOCK_BITS/8;
-		ml -=  SHA256_BLOCK_BITS;
+		msg = (uint8_t*)msg + SHA256_HASH_BYTES;
+		msglength_b -=  SHA256_BLOCK_BITS;
 	}
-	sha256_lastBlock(&s, msg, ml);
+	sha256_lastBlock(&s, msg, msglength_b);
 	/* since buffer still contains key xor ipad we can do ... */
-	for (i=0; i<SHA256_BLOCK_BITS/8; ++i){
+	for (i=0; i<SHA256_HASH_BYTES; ++i){
 		buffer[i] ^= IPAD ^ OPAD;
 	}
 	sha256_ctx2hash(dest, &s); /* save inner hash temporary to dest */