X-Git-Url: https://git.cryptolib.org/?p=arm-crypto-lib.git;a=blobdiff_plain;f=hmac-sha1%2Fhmac-sha1.c;fp=hmac-sha1%2Fhmac-sha1.c;h=0998570ba83cb4870b7303cfbf0043fe883052e2;hp=0000000000000000000000000000000000000000;hb=2a4779378a7bf4322a0e6b2024284092135e8a3d;hpb=e69f1207a9fbd9c0f45bfdbb2d8ebe9852d95969

diff --git a/hmac-sha1/hmac-sha1.c b/hmac-sha1/hmac-sha1.c
new file mode 100644
index 0000000..0998570
--- /dev/null
+++ b/hmac-sha1/hmac-sha1.c
@@ -0,0 +1,131 @@
+/* hmac-sha1.c */
+/*
+    This file is part of the ARM-Crypto-Lib.
+    Copyright (C) 2006-2010  Daniel Otte (daniel.otte@rub.de)
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+/**
+ * 
+ * implementation of HMAC as described in RFC2104
+ * Author:      Daniel Otte
+ * email:       daniel.otte@rub.de
+ * License:     GPLv3 or later
+ **/
+
+/* 
+ * hmac = hash ( k^opad , hash( k^ipad  , msg))
+ */
+
+#include <stdint.h>
+#include <string.h>
+#include "config.h"
+#include "sha1.h"
+#include "hmac-sha1.h"
+
+#define IPAD 0x36
+#define OPAD 0x5C
+
+
+#ifndef HMAC_SHORTONLY
+
+void hmac_sha1_init(hmac_sha1_ctx_t *s, const void* key, uint16_t keylength_b){
+	uint8_t buffer[SHA1_BLOCK_BYTES];
+	uint8_t i;
+	
+	memset(buffer, 0, SHA1_BLOCK_BYTES);
+	if (keylength_b > SHA1_BLOCK_BITS){
+		sha1((void*)buffer, key, keylength_b);
+	} else {
+		memcpy(buffer, key, (keylength_b+7)/8);
+	}
+	
+	for (i=0; i<SHA1_BLOCK_BYTES; ++i){
+		buffer[i] ^= IPAD;
+	}
+	sha1_init(&(s->a));
+	sha1_nextBlock(&(s->a), buffer);
+	
+	for (i=0; i<SHA1_BLOCK_BYTES; ++i){
+		buffer[i] ^= IPAD^OPAD;
+	}
+	sha1_init(&(s->b));
+	sha1_nextBlock(&(s->b), buffer);
+	
+	
+#if defined SECURE_WIPE_BUFFER
+	memset(buffer, 0, SHA1_BLOCK_BYTES);
+#endif
+}
+
+void hmac_sha1_nextBlock(hmac_sha1_ctx_t *s, const void* block){
+	sha1_nextBlock(&(s->a), block);
+}
+void hmac_sha1_lastBlock(hmac_sha1_ctx_t *s, const void* block, uint16_t length_b){
+	while(length_b>=SHA1_BLOCK_BITS){
+		sha1_nextBlock(&(s->a), block);
+		block = (uint8_t*)block + SHA1_BLOCK_BYTES;
+		length_b -= SHA1_BLOCK_BITS;
+	}
+	sha1_lastBlock(&(s->a), block, length_b);
+}
+
+void hmac_sha1_final(void* dest, hmac_sha1_ctx_t *s){
+	sha1_ctx2hash(dest, &(s->a));
+	sha1_lastBlock(&(s->b), dest, SHA1_HASH_BITS);
+	sha1_ctx2hash(dest, &(s->b));
+}
+
+#endif
+
+/*
+ * keylength in bits!
+ * message length in bits!
+ */
+void hmac_sha1(void* dest, const void* key, uint16_t keylength_b, const void* msg, uint32_t msglength_b){ /* a one-shot*/
+	sha1_ctx_t s;
+	uint8_t i;
+	uint8_t buffer[SHA1_BLOCK_BYTES];
+	
+	memset(buffer, 0, SHA1_BLOCK_BYTES);
+	
+	/* if key is larger than a block we have to hash it*/
+	if (keylength_b > SHA1_BLOCK_BITS){
+		sha1((void*)buffer, key, keylength_b);
+	} else {
+		memcpy(buffer, key, (keylength_b+7)/8);
+	}
+	
+	for (i=0; i<SHA1_BLOCK_BYTES; ++i){
+		buffer[i] ^= IPAD;
+	}
+	sha1_init(&s);
+	sha1_nextBlock(&s, buffer);
+	while (msglength_b >= SHA1_BLOCK_BITS){
+		sha1_nextBlock(&s, msg);
+		msg = (uint8_t*)msg + SHA1_BLOCK_BYTES;
+		msglength_b -=  SHA1_BLOCK_BITS;
+	}
+	sha1_lastBlock(&s, msg, msglength_b);
+	/* since buffer still contains key xor ipad we can do ... */
+	for (i=0; i<SHA1_BLOCK_BYTES; ++i){
+		buffer[i] ^= IPAD ^ OPAD;
+	}
+	sha1_ctx2hash(dest, &s); /* save inner hash temporary to dest */
+	sha1_init(&s);
+	sha1_nextBlock(&s, buffer);
+	sha1_lastBlock(&s, dest, SHA1_HASH_BITS);
+	sha1_ctx2hash(dest, &s);
+}
+