1 /*
2 * Copyright (C) 2007 Michael Brown <mbrown@fensystems.co.uk>.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License as
6 * published by the Free Software Foundation; either version 2 of the
7 * License, or any later version.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
17 * 02110-1301, USA.
18 *
19 * You can also choose to distribute this program under the terms of
20 * the Unmodified Binary Distribution Licence (as given in the file
21 * COPYING.UBDL), provided that you have satisfied its requirements.
22 *
23 * Alternatively, you may distribute this code in source or binary
24 * form, with or without modification, provided that the following
25 * conditions are met:
26 *
27 * 1. Redistributions of source code must retain the above copyright
28 * notice, this list of conditions and the above disclaimer.
29 *
30 * 2. Redistributions in binary form must reproduce the above
31 * copyright notice, this list of conditions and the above
32 * disclaimer in the documentation and/or other materials provided
33 * with the distribution.
34 */
35
36 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
37
38 /**
39 * @file
40 *
41 * Keyed-Hashing for Message Authentication
42 */
43
44 #include <string.h>
45 #include <assert.h>
46 #include <ipxe/crypto.h>
47 #include <ipxe/hmac.h>
48
49 /**
50 * Reduce HMAC key length
51 *
52 * @v digest Digest algorithm to use
53 * @v digest_ctx Digest context
54 * @v key Key
55 * @v key_len Length of key
56 */
hmac_reduce_key(struct digest_algorithm * digest,void * key,size_t * key_len)57 static void hmac_reduce_key ( struct digest_algorithm *digest,
58 void *key, size_t *key_len ) {
59 uint8_t digest_ctx[digest->ctxsize];
60
61 digest_init ( digest, digest_ctx );
62 digest_update ( digest, digest_ctx, key, *key_len );
63 digest_final ( digest, digest_ctx, key );
64 *key_len = digest->digestsize;
65 }
66
67 /**
68 * Initialise HMAC
69 *
70 * @v digest Digest algorithm to use
71 * @v digest_ctx Digest context
72 * @v key Key
73 * @v key_len Length of key
74 *
75 * The length of the key should be less than the block size of the
76 * digest algorithm being used. (If the key length is greater, it
77 * will be replaced with its own digest, and key_len will be updated
78 * accordingly).
79 */
hmac_init(struct digest_algorithm * digest,void * digest_ctx,void * key,size_t * key_len)80 void hmac_init ( struct digest_algorithm *digest, void *digest_ctx,
81 void *key, size_t *key_len ) {
82 unsigned char k_ipad[digest->blocksize];
83 unsigned int i;
84
85 /* Reduce key if necessary */
86 if ( *key_len > sizeof ( k_ipad ) )
87 hmac_reduce_key ( digest, key, key_len );
88
89 /* Construct input pad */
90 memset ( k_ipad, 0, sizeof ( k_ipad ) );
91 memcpy ( k_ipad, key, *key_len );
92 for ( i = 0 ; i < sizeof ( k_ipad ) ; i++ ) {
93 k_ipad[i] ^= 0x36;
94 }
95
96 /* Start inner hash */
97 digest_init ( digest, digest_ctx );
98 digest_update ( digest, digest_ctx, k_ipad, sizeof ( k_ipad ) );
99 }
100
101 /**
102 * Finalise HMAC
103 *
104 * @v digest Digest algorithm to use
105 * @v digest_ctx Digest context
106 * @v key Key
107 * @v key_len Length of key
108 * @v hmac HMAC digest to fill in
109 *
110 * The length of the key should be less than the block size of the
111 * digest algorithm being used. (If the key length is greater, it
112 * will be replaced with its own digest, and key_len will be updated
113 * accordingly).
114 */
hmac_final(struct digest_algorithm * digest,void * digest_ctx,void * key,size_t * key_len,void * hmac)115 void hmac_final ( struct digest_algorithm *digest, void *digest_ctx,
116 void *key, size_t *key_len, void *hmac ) {
117 unsigned char k_opad[digest->blocksize];
118 unsigned int i;
119
120 /* Reduce key if necessary */
121 if ( *key_len > sizeof ( k_opad ) )
122 hmac_reduce_key ( digest, key, key_len );
123
124 /* Construct output pad */
125 memset ( k_opad, 0, sizeof ( k_opad ) );
126 memcpy ( k_opad, key, *key_len );
127 for ( i = 0 ; i < sizeof ( k_opad ) ; i++ ) {
128 k_opad[i] ^= 0x5c;
129 }
130
131 /* Finish inner hash */
132 digest_final ( digest, digest_ctx, hmac );
133
134 /* Perform outer hash */
135 digest_init ( digest, digest_ctx );
136 digest_update ( digest, digest_ctx, k_opad, sizeof ( k_opad ) );
137 digest_update ( digest, digest_ctx, hmac, digest->digestsize );
138 digest_final ( digest, digest_ctx, hmac );
139 }
140