2 ---------------------------------------------------------------------------
3 Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved.
7 The free distribution and use of this software in both source and binary
8 form is allowed (with or without changes) provided that:
10 1. distributions of this source code include the above copyright
11 notice, this list of conditions and the following disclaimer;
13 2. distributions in binary form include the above copyright
14 notice, this list of conditions and the following disclaimer
15 in the documentation and/or other associated materials;
17 3. the copyright holder's name is not used to endorse products
18 built using this software without specific written permission.
20 ALTERNATIVELY, provided that this notice is retained in full, this product
21 may be distributed under the terms of the GNU General Public License (GPL),
22 in which case the provisions of the GPL apply INSTEAD OF those given above.
26 This software is provided 'as is' with no explicit or implied warranties
27 in respect of its properties, including, but not limited to, correctness
28 and/or fitness for purpose.
29 ---------------------------------------------------------------------------
30 Issue Date: 26/08/2003
32 This is an implementation of HMAC, the FIPS standard keyed hash function
35 #include <netinet/in.h>
38 #if defined(__cplusplus)
43 /* initialise the HMAC context to zero */
44 void hmac_sha_begin(hmac_ctx cx[1])
46 memset(cx, 0, sizeof(hmac_ctx));
49 /* input the HMAC key (can be called multiple times) */
50 int hmac_sha_key(const unsigned char key[], unsigned long key_len, hmac_ctx cx[1])
52 if(cx->klen == HMAC_IN_DATA) /* error if further key input */
53 return HMAC_BAD_MODE; /* is attempted in data mode */
55 if(cx->klen + key_len > HASH_INPUT_SIZE) /* if the key has to be hashed */
57 if(cx->klen <= HASH_INPUT_SIZE) /* if the hash has not yet been */
58 { /* started, initialise it and */
59 sha_begin(cx->ctx); /* hash stored key characters */
60 sha_hash(cx->key, cx->klen, cx->ctx);
63 sha_hash(key, key_len, cx->ctx); /* hash long key data into hash */
65 else /* otherwise store key data */
66 memcpy(cx->key + cx->klen, key, key_len);
68 cx->klen += key_len; /* update the key length count */
72 /* input the HMAC data (can be called multiple times) - */
73 /* note that this call terminates the key input phase */
74 void hmac_sha_data(const unsigned char data[], unsigned long data_len, hmac_ctx cx[1])
77 if(cx->klen != HMAC_IN_DATA) /* if not yet in data phase */
79 if(cx->klen > HASH_INPUT_SIZE) /* if key is being hashed */
80 { /* complete the hash and */
81 sha_end(cx->key, cx->ctx); /* store the result as the */
82 cx->klen = HASH_OUTPUT_SIZE; /* key and set new length */
85 /* pad the key if necessary */
86 memset(cx->key + cx->klen, 0, HASH_INPUT_SIZE - cx->klen);
88 /* xor ipad into key value */
89 for(i = 0; i < (HASH_INPUT_SIZE >> 2); ++i)
90 ((uint32_t*)cx->key)[i] ^= 0x36363636;
92 /* and start hash operation */
94 sha_hash(cx->key, HASH_INPUT_SIZE, cx->ctx);
96 /* mark as now in data mode */
97 cx->klen = HMAC_IN_DATA;
100 /* hash the data (if any) */
102 sha_hash(data, data_len, cx->ctx);
105 /* compute and output the MAC value */
106 void hmac_sha_end(unsigned char mac[], unsigned long mac_len, hmac_ctx cx[1])
107 { unsigned char dig[HASH_OUTPUT_SIZE];
110 /* if no data has been entered perform a null data phase */
111 if(cx->klen != HMAC_IN_DATA)
112 hmac_sha_data((const unsigned char*)0, 0, cx);
114 sha_end(dig, cx->ctx); /* complete the inner hash */
116 /* set outer key value using opad and removing ipad */
117 for(i = 0; i < (HASH_INPUT_SIZE >> 2); ++i)
118 ((uint32_t*)cx->key)[i] ^= 0x36363636 ^ 0x5c5c5c5c;
120 /* perform the outer hash operation */
122 sha_hash(cx->key, HASH_INPUT_SIZE, cx->ctx);
123 sha_hash(dig, HASH_OUTPUT_SIZE, cx->ctx);
124 sha_end(dig, cx->ctx);
126 /* output the hash value */
127 for(i = 0; i < mac_len; ++i)
131 /* 'do it all in one go' subroutine */
132 void hmac_sha(const unsigned char key[], unsigned long key_len,
133 const unsigned char data[], unsigned long data_len,
134 unsigned char mac[], unsigned long mac_len)
138 hmac_sha_key(key, key_len, cx);
139 hmac_sha_data(data, data_len, cx);
140 hmac_sha_end(mac, mac_len, cx);
143 #if defined(__cplusplus)