--- /dev/null
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include <assert.h>
+#include <string.h>
+
+#include "hmac.h"
+#include "sha256.h"
+
+#define HMAC_BLOCK_SIZE 64
+#define INNER_PADDING_BYTE 0x36
+#define OUTER_PADDING_BYTE 0x5c
+
+void hmac_sha256(const void *key,
+ size_t key_size,
+ const void *input,
+ size_t input_size,
+ uint8_t res[static SHA256_DIGEST_SIZE]) {
+
+ uint8_t inner_padding[HMAC_BLOCK_SIZE] = { };
+ uint8_t outer_padding[HMAC_BLOCK_SIZE] = { };
+ uint8_t replacement_key[SHA256_DIGEST_SIZE];
+ struct sha256_ctx hash;
+
+ assert(key);
+ assert(key_size > 0);
+ assert(res);
+
+ /* Implement algorithm as described by FIPS 198. */
+
+ /* The key needs to be block size length or less, hash it if it's longer. */
+ if (key_size > HMAC_BLOCK_SIZE) {
+ sha256_init_ctx(&hash);
+ sha256_process_bytes(key, key_size, &hash);
+ sha256_finish_ctx(&hash, replacement_key);
+ key = replacement_key;
+ key_size = SHA256_DIGEST_SIZE;
+ }
+
+ /* First, copy the key into the padding arrays. If it's shorter than
+ * the block size, the arrays are already initialized to 0. */
+ memcpy(inner_padding, key, key_size);
+ memcpy(outer_padding, key, key_size);
+
+ /* Then, XOR the provided key and any padding leftovers with the fixed
+ * padding bytes as defined in FIPS 198. */
+ for (size_t i = 0; i < HMAC_BLOCK_SIZE; i++) {
+ inner_padding[i] ^= INNER_PADDING_BYTE;
+ outer_padding[i] ^= OUTER_PADDING_BYTE;
+ }
+
+ /* First pass: hash the inner padding array and the input. */
+ sha256_init_ctx(&hash);
+ sha256_process_bytes(inner_padding, HMAC_BLOCK_SIZE, &hash);
+ sha256_process_bytes(input, input_size, &hash);
+ sha256_finish_ctx(&hash, res);
+
+ /* Second pass: hash the outer padding array and the result of the first pass. */
+ sha256_init_ctx(&hash);
+ sha256_process_bytes(outer_padding, HMAC_BLOCK_SIZE, &hash);
+ sha256_process_bytes(res, SHA256_DIGEST_SIZE, &hash);
+ sha256_finish_ctx(&hash, res);
+}
--- /dev/null
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#pragma once
+
+#include <stdint.h>
+#include <stdlib.h>
+
+#define SHA256_DIGEST_SIZE 32
+
+/* Unoptimized implementation based on FIPS 198. 'res' has to be allocated by
+ * the caller. Prefer external OpenSSL functions, and use this only when
+ * linking to OpenSSL is not desireable (eg: libsystemd.so). */
+void hmac_sha256(const void *key, size_t key_size, const void *input, size_t input_size, uint8_t res[static SHA256_DIGEST_SIZE]);
hashmap.h
hexdecoct.c
hexdecoct.h
+ hmac.c
+ hmac.h
hostname-util.c
hostname-util.h
in-addr-util.c
[['src/test/test-nscd-flush.c'],
[], [], [], 'ENABLE_NSCD', 'manual'],
+
+ [['src/test/test-hmac.c']],
]
############################################################
--- /dev/null
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include "hexdecoct.h"
+#include "hmac.h"
+#include "string-util.h"
+#include "tests.h"
+
+static void hmac_sha256_by_string(const char *key, const char *value, uint8_t res[static SHA256_DIGEST_SIZE]) {
+ hmac_sha256(key, strlen(key), value, strlen(value), res);
+}
+
+static void test_hmac(void) {
+ uint8_t result[SHA256_DIGEST_SIZE];
+ char *hex_result = NULL;
+
+ log_info("/* %s */", __func__);
+
+ /* Results compared with output of 'echo -n "<input>" | openssl dgst -sha256 -hmac "<key>"' */
+
+ hmac_sha256_by_string("waldo",
+ "",
+ result);
+ hex_result = hexmem(result, sizeof(result));
+ assert_se(streq_ptr(hex_result, "cadd5e42114351181f3abff477641d88efb57d2b5641a1e5c6d623363a6d3bad"));
+ hex_result = mfree(hex_result);
+
+ hmac_sha256_by_string("waldo",
+ "baldohaldo",
+ result);
+ hex_result = hexmem(result, sizeof(result));
+ assert_se(streq_ptr(hex_result, "c47ad5031ba21605e52c6ca68090d66a2dd5ccf84efa4bace15361a8cba63cda"));
+ hex_result = mfree(hex_result);
+
+ hmac_sha256_by_string("waldo",
+ "baldo haldo",
+ result);
+ hex_result = hexmem(result, sizeof(result));
+ assert_se(streq_ptr(hex_result, "4e8974ad6c08b98cc2519cd1e27aa7195769fcf86db1dd7ceaab4d44c490ad69"));
+ hex_result = mfree(hex_result);
+
+ hmac_sha256_by_string("waldo",
+ "baldo 4e8974ad6c08b98cc2519cd1e27aa7195769fcf86db1dd7ceaab4d44c490ad69 haldo",
+ result);
+ hex_result = hexmem(result, sizeof(result));
+ assert_se(streq_ptr(hex_result, "039f3df430b19753ffb493e5b90708f75c5210b63c6bcbef3374eb3f0a3f97f7"));
+ hex_result = mfree(hex_result);
+
+ hmac_sha256_by_string("4e8974ad6c08b98cc2519cd1e27aa7195769fcf86db1dd7ceaab4d44c490ad69",
+ "baldo haldo",
+ result);
+ hex_result = hexmem(result, sizeof(result));
+ assert_se(streq_ptr(hex_result, "c4cfaf48077cbb0bbd177a09e59ec4c248f4ca771503410f5b54b98d88d2f47b"));
+ hex_result = mfree(hex_result);
+
+ hmac_sha256_by_string("4e8974ad6c08b98cc2519cd1e27aa7195769fcf86db1dd7ceaab4d44c490ad69",
+ "supercalifragilisticexpialidocious",
+ result);
+ hex_result = hexmem(result, sizeof(result));
+ assert_se(streq_ptr(hex_result, "2c059e7a63c4c3b23f47966a65fd2f8a2f5d7161e2e90d78ff68866b5c375cb7"));
+ hex_result = mfree(hex_result);
+
+ hmac_sha256_by_string("4e8974ad6c08b98cc2519cd1e27aa7195769fcf86db1dd7ceaab4d44c490ad69c47ad5031ba21605e52c6ca68090d66a2dd5ccf84efa4bace15361a8cba63cda",
+ "supercalifragilisticexpialidocious",
+ result);
+ hex_result = hexmem(result, sizeof(result));
+ assert_se(streq_ptr(hex_result, "1dd1d1d45b9d9f9673dc9983c968c46ff3168e03cfeb4156a219eba1af4cff5f"));
+ hex_result = mfree(hex_result);
+}
+
+int main(int argc, char **argv) {
+ test_setup_logging(LOG_INFO);
+
+ test_hmac();
+
+ return 0;
+}
projects / thirdparty / systemd.git / commitdiff
