iPXE
Functions
hmac.c File Reference

Keyed-Hashing for Message Authentication. More...

#include <string.h>
#include <assert.h>
#include <ipxe/crypto.h>
#include <ipxe/hmac.h>

Go to the source code of this file.

Functions

 FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)
 
static void hmac_reduce_key (struct digest_algorithm *digest, void *key, size_t *key_len)
 Reduce HMAC key length. More...
 
void hmac_init (struct digest_algorithm *digest, void *digest_ctx, void *key, size_t *key_len)
 Initialise HMAC. More...
 
void hmac_final (struct digest_algorithm *digest, void *digest_ctx, void *key, size_t *key_len, void *hmac)
 Finalise HMAC. More...
 

Detailed Description

Keyed-Hashing for Message Authentication.

Definition in file hmac.c.

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL  )

◆ hmac_reduce_key()

static void hmac_reduce_key ( struct digest_algorithm digest,
void *  key,
size_t key_len 
)
static

Reduce HMAC key length.

Parameters
digestDigest algorithm to use
digest_ctxDigest context
keyKey
key_lenLength of key

Definition at line 57 of file hmac.c.

58  {
59  uint8_t digest_ctx[digest->ctxsize];
60 
61  digest_init ( digest, digest_ctx );
62  digest_update ( digest, digest_ctx, key, *key_len );
63  digest_final ( digest, digest_ctx, key );
64  *key_len = digest->digestsize;
65 }
static void digest_update(struct digest_algorithm *digest, void *ctx, const void *data, size_t len)
Definition: crypto.h:177
static void digest_final(struct digest_algorithm *digest, void *ctx, void *out)
Definition: crypto.h:182
struct md4_digest digest
Digest of data already processed.
Definition: md4.h:12
static void digest_init(struct digest_algorithm *digest, void *ctx)
Definition: crypto.h:172
unsigned char uint8_t
Definition: stdint.h:10
union @375 key
Sense key.
Definition: scsi.h:18

References digest, digest_final(), digest_init(), digest_update(), and key.

Referenced by hmac_final(), and hmac_init().

◆ hmac_init()

void hmac_init ( struct digest_algorithm digest,
void *  digest_ctx,
void *  key,
size_t key_len 
)

Initialise HMAC.

Parameters
digestDigest algorithm to use
digest_ctxDigest context
keyKey
key_lenLength of key

The length of the key should be less than the block size of the digest algorithm being used. (If the key length is greater, it will be replaced with its own digest, and key_len will be updated accordingly).

Definition at line 80 of file hmac.c.

81  {
82  unsigned char k_ipad[digest->blocksize];
83  unsigned int i;
84 
85  /* Reduce key if necessary */
86  if ( *key_len > sizeof ( k_ipad ) )
87  hmac_reduce_key ( digest, key, key_len );
88 
89  /* Construct input pad */
90  memset ( k_ipad, 0, sizeof ( k_ipad ) );
91  memcpy ( k_ipad, key, *key_len );
92  for ( i = 0 ; i < sizeof ( k_ipad ) ; i++ ) {
93  k_ipad[i] ^= 0x36;
94  }
95 
96  /* Start inner hash */
97  digest_init ( digest, digest_ctx );
98  digest_update ( digest, digest_ctx, k_ipad, sizeof ( k_ipad ) );
99 }
static void digest_update(struct digest_algorithm *digest, void *ctx, const void *data, size_t len)
Definition: crypto.h:177
struct md4_digest digest
Digest of data already processed.
Definition: md4.h:12
void * memcpy(void *dest, const void *src, size_t len) __nonnull
static void digest_init(struct digest_algorithm *digest, void *ctx)
Definition: crypto.h:172
static void hmac_reduce_key(struct digest_algorithm *digest, void *key, size_t *key_len)
Reduce HMAC key length.
Definition: hmac.c:57
union @375 key
Sense key.
Definition: scsi.h:18
void * memset(void *dest, int character, size_t len) __nonnull

References digest, digest_init(), digest_update(), hmac_reduce_key(), key, memcpy(), and memset().

Referenced by ccmp_kie_mic(), hmac_drbg_update_key(), hmac_drbg_update_value(), ntlm_key(), ntlm_response(), pbkdf2_sha1_f(), peerdist_info_passphrase_okx(), peerdist_info_segment_hash(), prf_sha1(), tkip_kie_mic(), tls_hmac_init(), and tls_p_hash_va().

◆ hmac_final()

void hmac_final ( struct digest_algorithm digest,
void *  digest_ctx,
void *  key,
size_t key_len,
void *  hmac 
)

Finalise HMAC.

Parameters
digestDigest algorithm to use
digest_ctxDigest context
keyKey
key_lenLength of key
hmacHMAC digest to fill in

The length of the key should be less than the block size of the digest algorithm being used. (If the key length is greater, it will be replaced with its own digest, and key_len will be updated accordingly).

Definition at line 115 of file hmac.c.

116  {
117  unsigned char k_opad[digest->blocksize];
118  unsigned int i;
119 
120  /* Reduce key if necessary */
121  if ( *key_len > sizeof ( k_opad ) )
122  hmac_reduce_key ( digest, key, key_len );
123 
124  /* Construct output pad */
125  memset ( k_opad, 0, sizeof ( k_opad ) );
126  memcpy ( k_opad, key, *key_len );
127  for ( i = 0 ; i < sizeof ( k_opad ) ; i++ ) {
128  k_opad[i] ^= 0x5c;
129  }
130 
131  /* Finish inner hash */
132  digest_final ( digest, digest_ctx, hmac );
133 
134  /* Perform outer hash */
135  digest_init ( digest, digest_ctx );
136  digest_update ( digest, digest_ctx, k_opad, sizeof ( k_opad ) );
137  digest_update ( digest, digest_ctx, hmac, digest->digestsize );
138  digest_final ( digest, digest_ctx, hmac );
139 }
static void digest_update(struct digest_algorithm *digest, void *ctx, const void *data, size_t len)
Definition: crypto.h:177
static void digest_final(struct digest_algorithm *digest, void *ctx, void *out)
Definition: crypto.h:182
struct md4_digest digest
Digest of data already processed.
Definition: md4.h:12
void * memcpy(void *dest, const void *src, size_t len) __nonnull
static void digest_init(struct digest_algorithm *digest, void *ctx)
Definition: crypto.h:172
static void hmac_reduce_key(struct digest_algorithm *digest, void *key, size_t *key_len)
Reduce HMAC key length.
Definition: hmac.c:57
union @375 key
Sense key.
Definition: scsi.h:18
void * memset(void *dest, int character, size_t len) __nonnull

References digest, digest_final(), digest_init(), digest_update(), hmac_reduce_key(), key, memcpy(), and memset().

Referenced by ccmp_kie_mic(), hmac_drbg_update_key(), hmac_drbg_update_value(), ntlm_key(), ntlm_response(), pbkdf2_sha1_f(), peerdist_info_passphrase_okx(), peerdist_info_segment_hash(), prf_sha1(), tkip_kie_mic(), tls_hmac_final(), and tls_p_hash_va().