1 /***************************************************************************
3 * Project ___| | | | _ \| |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
8 * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.haxx.se/docs/copyright.html.
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
21 * RFC2104 Keyed-Hashing for Message Authentication
23 ***************************************************************************/
25 #include "curl_setup.h"
27 #ifndef CURL_DISABLE_CRYPTO_AUTH
29 #include "curl_hmac.h"
30 #include "curl_memory.h"
31 /* The last #include file should be: */
35 * Generic HMAC algorithm.
37 * This module computes HMAC digests based on any hash function. Parameters
38 * and computing procedures are set-up dynamically at HMAC computation
39 * context initialisation.
42 static const unsigned char hmac_ipad = 0x36;
43 static const unsigned char hmac_opad = 0x5C;
48 Curl_HMAC_init(const HMAC_params * hashparams,
49 const unsigned char * key,
57 /* Create HMAC context. */
58 i = sizeof *ctxt + 2 * hashparams->hmac_ctxtsize +
59 hashparams->hmac_resultlen;
65 ctxt->hmac_hash = hashparams;
66 ctxt->hmac_hashctxt1 = (void *) (ctxt + 1);
67 ctxt->hmac_hashctxt2 = (void *) ((char *) ctxt->hmac_hashctxt1 +
68 hashparams->hmac_ctxtsize);
70 /* If the key is too long, replace it by its hash digest. */
71 if(keylen > hashparams->hmac_maxkeylen) {
72 (*hashparams->hmac_hinit)(ctxt->hmac_hashctxt1);
73 (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt1, key, keylen);
74 hkey = (unsigned char *) ctxt->hmac_hashctxt2 + hashparams->hmac_ctxtsize;
75 (*hashparams->hmac_hfinal)(hkey, ctxt->hmac_hashctxt1);
77 keylen = hashparams->hmac_resultlen;
80 /* Prime the two hash contexts with the modified key. */
81 (*hashparams->hmac_hinit)(ctxt->hmac_hashctxt1);
82 (*hashparams->hmac_hinit)(ctxt->hmac_hashctxt2);
84 for(i = 0; i < keylen; i++) {
85 b = (unsigned char)(*key ^ hmac_ipad);
86 (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt1, &b, 1);
87 b = (unsigned char)(*key++ ^ hmac_opad);
88 (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt2, &b, 1);
91 for(; i < hashparams->hmac_maxkeylen; i++) {
92 (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt1, &hmac_ipad, 1);
93 (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt2, &hmac_opad, 1);
96 /* Done, return pointer to HMAC context. */
100 int Curl_HMAC_update(HMAC_context * ctxt,
101 const unsigned char * data,
104 /* Update first hash calculation. */
105 (*ctxt->hmac_hash->hmac_hupdate)(ctxt->hmac_hashctxt1, data, len);
110 int Curl_HMAC_final(HMAC_context * ctxt, unsigned char * result)
112 const HMAC_params * hashparams = ctxt->hmac_hash;
114 /* Do not get result if called with a null parameter: only release
118 result = (unsigned char *) ctxt->hmac_hashctxt2 +
119 ctxt->hmac_hash->hmac_ctxtsize;
121 (*hashparams->hmac_hfinal)(result, ctxt->hmac_hashctxt1);
122 (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt2,
123 result, hashparams->hmac_resultlen);
124 (*hashparams->hmac_hfinal)(result, ctxt->hmac_hashctxt2);
129 #endif /* CURL_DISABLE_CRYPTO_AUTH */