+2024-10-21 Niels Möller <nisse@lysator.liu.se>
+
+ * hmac.h (struct hmac_sha256_ctx): Change outer and inner members
+ to hold only the sha256 state, no block buffers.
+ * hmac-sha256.c (hmac_sha256_set_key): Rewrite, without hmac_set_key.
+ (hmac_sha256_digest): Rewrite, without hmac_digest.
+ * hmac-sha224.c (hmac_sha224_set_key): Analogous change.
+ (hmac_sha224_digest): Analogous change.
+
2025-06-22 Niels Möller <nisse@lysator.liu.se>
* testsuite/testutils.c (test_mac): Print name of mac algorithm on
# include "config.h"
#endif
+#include <string.h>
+
#include "hmac.h"
+#include "memxor.h"
+
+#define IPAD 0x36
+#define OPAD 0x5c
void
hmac_sha224_set_key(struct hmac_sha224_ctx *ctx,
size_t key_length, const uint8_t *key)
{
- HMAC_SET_KEY(ctx, &nettle_sha224, key_length, key);
+ uint8_t digest[SHA224_DIGEST_SIZE];
+
+ sha224_init (&ctx->state);
+ if (key_length > SHA224_BLOCK_SIZE)
+ {
+ sha224_update (&ctx->state, key_length, key);
+ sha224_digest (&ctx->state, digest);
+ key = digest;
+ key_length = SHA224_DIGEST_SIZE;
+ }
+
+ memset (ctx->state.block, OPAD, SHA224_BLOCK_SIZE);
+ memxor (ctx->state.block, key, key_length);
+ sha224_update (&ctx->state, SHA224_BLOCK_SIZE, ctx->state.block);
+ memcpy (ctx->outer, ctx->state.state, sizeof(ctx->outer));
+
+ sha224_init (&ctx->state);
+ memset (ctx->state.block, IPAD, SHA224_BLOCK_SIZE);
+ memxor (ctx->state.block, key, key_length);
+ sha224_update (&ctx->state, SHA224_BLOCK_SIZE, ctx->state.block);
+ memcpy (ctx->inner, ctx->state.state, sizeof(ctx->outer));
}
void
hmac_sha224_digest(struct hmac_sha224_ctx *ctx,
uint8_t *digest)
{
- HMAC_DIGEST(ctx, &nettle_sha224, digest);
+ uint8_t inner_digest[SHA224_DIGEST_SIZE];
+ sha224_digest (&ctx->state, inner_digest);
+
+ memcpy (ctx->state.state, ctx->outer, sizeof (ctx->state.state));
+ ctx->state.count = 1;
+ sha224_update (&ctx->state, SHA224_DIGEST_SIZE, inner_digest);
+ sha224_digest (&ctx->state, digest);
+
+ memcpy (ctx->state.state, ctx->inner, sizeof (ctx->state.state));
+ ctx->state.count = 1;
}
# include "config.h"
#endif
+#include <string.h>
+
#include "hmac.h"
+#include "memxor.h"
+
+#define IPAD 0x36
+#define OPAD 0x5c
void
hmac_sha256_set_key(struct hmac_sha256_ctx *ctx,
size_t key_length, const uint8_t *key)
{
- HMAC_SET_KEY(ctx, &nettle_sha256, key_length, key);
+ uint8_t digest[SHA256_DIGEST_SIZE];
+
+ sha256_init (&ctx->state);
+ if (key_length > SHA256_BLOCK_SIZE)
+ {
+ sha256_update (&ctx->state, key_length, key);
+ sha256_digest (&ctx->state, digest);
+ key = digest;
+ key_length = SHA256_DIGEST_SIZE;
+ }
+
+ memset (ctx->state.block, OPAD, SHA256_BLOCK_SIZE);
+ memxor (ctx->state.block, key, key_length);
+ sha256_update (&ctx->state, SHA256_BLOCK_SIZE, ctx->state.block);
+ memcpy (ctx->outer, ctx->state.state, sizeof(ctx->outer));
+
+ sha256_init (&ctx->state);
+ memset (ctx->state.block, IPAD, SHA256_BLOCK_SIZE);
+ memxor (ctx->state.block, key, key_length);
+ sha256_update (&ctx->state, SHA256_BLOCK_SIZE, ctx->state.block);
+ memcpy (ctx->inner, ctx->state.state, sizeof(ctx->outer));
}
void
hmac_sha256_digest(struct hmac_sha256_ctx *ctx,
uint8_t *digest)
{
- HMAC_DIGEST(ctx, &nettle_sha256, digest);
+ uint8_t inner_digest[SHA256_DIGEST_SIZE];
+ sha256_digest (&ctx->state, inner_digest);
+
+ memcpy (ctx->state.state, ctx->outer, sizeof (ctx->state.state));
+ ctx->state.count = 1;
+ sha256_update (&ctx->state, SHA256_DIGEST_SIZE, inner_digest);
+ sha256_digest (&ctx->state, digest);
+
+ memcpy (ctx->state.state, ctx->inner, sizeof (ctx->state.state));
+ ctx->state.count = 1;
}
uint8_t *digest);
/* hmac-sha256 */
-struct hmac_sha256_ctx HMAC_CTX(struct sha256_ctx);
+struct hmac_sha256_ctx {
+ uint32_t outer[_SHA256_DIGEST_LENGTH];
+ uint32_t inner[_SHA256_DIGEST_LENGTH];
+ struct sha256_ctx state;
+};
void
hmac_sha256_set_key(struct hmac_sha256_ctx *ctx,
projects / thirdparty / nettle.git / commitdiff
