Keyed-Hashing for Message Authentication. More...

#include <string.h>
#include <assert.h>
#include <ipxe/crypto.h>
#include <ipxe/hmac.h>

Functions
	FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)

	FILE_SECBOOT (PERMITTED)

void	hmac_init (struct digest_algorithm digest, void ctx, const void *key, size_t key_len)
	Initialise HMAC. More...

void	hmac_final (struct digest_algorithm digest, void ctx, void *hmac)
	Finalise HMAC. More...

Detailed Description

Keyed-Hashing for Message Authentication.

Definition in file hmac.c.

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )

◆ FILE_SECBOOT()

FILE_SECBOOT ( PERMITTED )

◆ hmac_init()

void hmac_init	(	struct digest_algorithm *	digest,
		void *	ctx,
		const void *	key,
		size_t	key_len
	)

Initialise HMAC.

Parameters

digest	Digest algorithm to use
ctx	HMAC context
key	Key
key_len	Length of key

Definition at line 58 of file hmac.c.

                                   {
         hmac_context_t ( digest ) *hctx = ctx;
         unsigned int i;
 
         /* Construct input pad */
         memset ( hctx->pad, 0, sizeof ( hctx->pad ) );
         if ( key_len <= sizeof ( hctx->pad ) ) {
                 memcpy ( hctx->pad, key, key_len );
         } else {
                 digest_init ( digest, hctx->ctx );
                 digest_update ( digest, hctx->ctx, key, key_len );
                 digest_final ( digest, hctx->ctx, hctx->pad );
         }
         for ( i = 0 ; i < sizeof ( hctx->pad ) ; i++ ) {
                 hctx->pad[i] ^= 0x36;
         }
 
         /* Start inner hash */
         digest_init ( digest, hctx->ctx );
         digest_update ( digest, hctx->ctx, hctx->pad, sizeof ( hctx->pad ) );
 }

References ctx, digest_final(), digest_init(), digest_update(), hmac_context_t, key, memcpy(), and memset().

Referenced by ccmp_kie_mic(), hmac_drbg_update_key(), hmac_drbg_update_value(), hmac_okx(), ntlm_key(), ntlm_response(), pbkdf2_sha1_f(), peerdist_info_passphrase_okx(), peerdist_info_segment_hash(), prf_sha1(), tkip_kie_mic(), tls_hmac_init(), and tls_p_hash_va().

◆ hmac_final()

void hmac_final	(	struct digest_algorithm *	digest,
		void *	ctx,
		void *	hmac
	)

Finalise HMAC.

Parameters

digest	Digest algorithm to use
ctx	HMAC context
hmac	HMAC digest to fill in

Definition at line 88 of file hmac.c.

                                                                            {
         hmac_context_t ( digest ) *hctx = ctx;
         unsigned int i;
 
         /* Construct output pad from input pad */
         for ( i = 0 ; i < sizeof ( hctx->pad ) ; i++ ) {
                 hctx->pad[i] ^= 0x6a;
         }
 
         /* Finish inner hash */
         digest_final ( digest, hctx->ctx, hmac );
 
         /* Perform outer hash */
         digest_init ( digest, hctx->ctx );
         digest_update ( digest, hctx->ctx, hctx->pad, sizeof ( hctx->pad ) );
         digest_update ( digest, hctx->ctx, hmac, digest->digestsize );
         digest_final ( digest, hctx->ctx, hmac );
 
         /* Erase output pad (from which the key may be derivable) */
         memset ( hctx->pad, 0, sizeof ( hctx->pad ) );
 }

References ctx, digest_final(), digest_init(), digest_update(), digest_algorithm::digestsize, hmac_context_t, and memset().

Referenced by ccmp_kie_mic(), hmac_drbg_update_key(), hmac_drbg_update_value(), hmac_okx(), ntlm_key(), ntlm_response(), pbkdf2_sha1_f(), peerdist_info_passphrase_okx(), peerdist_info_segment_hash(), prf_sha1(), tkip_kie_mic(), tls_hmac_final(), and tls_p_hash_va().