mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-23 17:34:00 +03:00
basic: add hmac_sha256 implementation
Based on the FIPS 198 specification. Not optimized and probably completely unsafe, to be used only for non-strong-cryptographic purposes when OpenSSL cannot be used.
This commit is contained in:
parent
6eb736727a
commit
8d39bff4e3
62
src/basic/hmac.c
Normal file
62
src/basic/hmac.c
Normal file
@ -0,0 +1,62 @@
|
||||
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||
|
||||
#include <assert.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "hmac.h"
|
||||
#include "sha256.h"
|
||||
|
||||
#define HMAC_BLOCK_SIZE 64
|
||||
#define INNER_PADDING_BYTE 0x36
|
||||
#define OUTER_PADDING_BYTE 0x5c
|
||||
|
||||
void hmac_sha256(const void *key,
|
||||
size_t key_size,
|
||||
const void *input,
|
||||
size_t input_size,
|
||||
uint8_t res[static SHA256_DIGEST_SIZE]) {
|
||||
|
||||
uint8_t inner_padding[HMAC_BLOCK_SIZE] = { };
|
||||
uint8_t outer_padding[HMAC_BLOCK_SIZE] = { };
|
||||
uint8_t replacement_key[SHA256_DIGEST_SIZE];
|
||||
struct sha256_ctx hash;
|
||||
|
||||
assert(key);
|
||||
assert(key_size > 0);
|
||||
assert(res);
|
||||
|
||||
/* Implement algorithm as described by FIPS 198. */
|
||||
|
||||
/* The key needs to be block size length or less, hash it if it's longer. */
|
||||
if (key_size > HMAC_BLOCK_SIZE) {
|
||||
sha256_init_ctx(&hash);
|
||||
sha256_process_bytes(key, key_size, &hash);
|
||||
sha256_finish_ctx(&hash, replacement_key);
|
||||
key = replacement_key;
|
||||
key_size = SHA256_DIGEST_SIZE;
|
||||
}
|
||||
|
||||
/* First, copy the key into the padding arrays. If it's shorter than
|
||||
* the block size, the arrays are already initialized to 0. */
|
||||
memcpy(inner_padding, key, key_size);
|
||||
memcpy(outer_padding, key, key_size);
|
||||
|
||||
/* Then, XOR the provided key and any padding leftovers with the fixed
|
||||
* padding bytes as defined in FIPS 198. */
|
||||
for (size_t i = 0; i < HMAC_BLOCK_SIZE; i++) {
|
||||
inner_padding[i] ^= INNER_PADDING_BYTE;
|
||||
outer_padding[i] ^= OUTER_PADDING_BYTE;
|
||||
}
|
||||
|
||||
/* First pass: hash the inner padding array and the input. */
|
||||
sha256_init_ctx(&hash);
|
||||
sha256_process_bytes(inner_padding, HMAC_BLOCK_SIZE, &hash);
|
||||
sha256_process_bytes(input, input_size, &hash);
|
||||
sha256_finish_ctx(&hash, res);
|
||||
|
||||
/* Second pass: hash the outer padding array and the result of the first pass. */
|
||||
sha256_init_ctx(&hash);
|
||||
sha256_process_bytes(outer_padding, HMAC_BLOCK_SIZE, &hash);
|
||||
sha256_process_bytes(res, SHA256_DIGEST_SIZE, &hash);
|
||||
sha256_finish_ctx(&hash, res);
|
||||
}
|
12
src/basic/hmac.h
Normal file
12
src/basic/hmac.h
Normal file
@ -0,0 +1,12 @@
|
||||
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||
#pragma once
|
||||
|
||||
#include <stdint.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
#define SHA256_DIGEST_SIZE 32
|
||||
|
||||
/* Unoptimized implementation based on FIPS 198. 'res' has to be allocated by
|
||||
* the caller. Prefer external OpenSSL functions, and use this only when
|
||||
* linking to OpenSSL is not desireable (eg: libsystemd.so). */
|
||||
void hmac_sha256(const void *key, size_t key_size, const void *input, size_t input_size, uint8_t res[static SHA256_DIGEST_SIZE]);
|
@ -72,6 +72,8 @@ basic_sources = files('''
|
||||
hashmap.h
|
||||
hexdecoct.c
|
||||
hexdecoct.h
|
||||
hmac.c
|
||||
hmac.h
|
||||
hostname-util.c
|
||||
hostname-util.h
|
||||
in-addr-util.c
|
||||
|
@ -629,6 +629,8 @@ tests += [
|
||||
|
||||
[['src/test/test-nscd-flush.c'],
|
||||
[], [], [], 'ENABLE_NSCD', 'manual'],
|
||||
|
||||
[['src/test/test-hmac.c']],
|
||||
]
|
||||
|
||||
############################################################
|
||||
|
76
src/test/test-hmac.c
Normal file
76
src/test/test-hmac.c
Normal file
@ -0,0 +1,76 @@
|
||||
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||
|
||||
#include "hexdecoct.h"
|
||||
#include "hmac.h"
|
||||
#include "string-util.h"
|
||||
#include "tests.h"
|
||||
|
||||
static void hmac_sha256_by_string(const char *key, const char *value, uint8_t res[static SHA256_DIGEST_SIZE]) {
|
||||
hmac_sha256(key, strlen(key), value, strlen(value), res);
|
||||
}
|
||||
|
||||
static void test_hmac(void) {
|
||||
uint8_t result[SHA256_DIGEST_SIZE];
|
||||
char *hex_result = NULL;
|
||||
|
||||
log_info("/* %s */", __func__);
|
||||
|
||||
/* Results compared with output of 'echo -n "<input>" | openssl dgst -sha256 -hmac "<key>"' */
|
||||
|
||||
hmac_sha256_by_string("waldo",
|
||||
"",
|
||||
result);
|
||||
hex_result = hexmem(result, sizeof(result));
|
||||
assert_se(streq_ptr(hex_result, "cadd5e42114351181f3abff477641d88efb57d2b5641a1e5c6d623363a6d3bad"));
|
||||
hex_result = mfree(hex_result);
|
||||
|
||||
hmac_sha256_by_string("waldo",
|
||||
"baldohaldo",
|
||||
result);
|
||||
hex_result = hexmem(result, sizeof(result));
|
||||
assert_se(streq_ptr(hex_result, "c47ad5031ba21605e52c6ca68090d66a2dd5ccf84efa4bace15361a8cba63cda"));
|
||||
hex_result = mfree(hex_result);
|
||||
|
||||
hmac_sha256_by_string("waldo",
|
||||
"baldo haldo",
|
||||
result);
|
||||
hex_result = hexmem(result, sizeof(result));
|
||||
assert_se(streq_ptr(hex_result, "4e8974ad6c08b98cc2519cd1e27aa7195769fcf86db1dd7ceaab4d44c490ad69"));
|
||||
hex_result = mfree(hex_result);
|
||||
|
||||
hmac_sha256_by_string("waldo",
|
||||
"baldo 4e8974ad6c08b98cc2519cd1e27aa7195769fcf86db1dd7ceaab4d44c490ad69 haldo",
|
||||
result);
|
||||
hex_result = hexmem(result, sizeof(result));
|
||||
assert_se(streq_ptr(hex_result, "039f3df430b19753ffb493e5b90708f75c5210b63c6bcbef3374eb3f0a3f97f7"));
|
||||
hex_result = mfree(hex_result);
|
||||
|
||||
hmac_sha256_by_string("4e8974ad6c08b98cc2519cd1e27aa7195769fcf86db1dd7ceaab4d44c490ad69",
|
||||
"baldo haldo",
|
||||
result);
|
||||
hex_result = hexmem(result, sizeof(result));
|
||||
assert_se(streq_ptr(hex_result, "c4cfaf48077cbb0bbd177a09e59ec4c248f4ca771503410f5b54b98d88d2f47b"));
|
||||
hex_result = mfree(hex_result);
|
||||
|
||||
hmac_sha256_by_string("4e8974ad6c08b98cc2519cd1e27aa7195769fcf86db1dd7ceaab4d44c490ad69",
|
||||
"supercalifragilisticexpialidocious",
|
||||
result);
|
||||
hex_result = hexmem(result, sizeof(result));
|
||||
assert_se(streq_ptr(hex_result, "2c059e7a63c4c3b23f47966a65fd2f8a2f5d7161e2e90d78ff68866b5c375cb7"));
|
||||
hex_result = mfree(hex_result);
|
||||
|
||||
hmac_sha256_by_string("4e8974ad6c08b98cc2519cd1e27aa7195769fcf86db1dd7ceaab4d44c490ad69c47ad5031ba21605e52c6ca68090d66a2dd5ccf84efa4bace15361a8cba63cda",
|
||||
"supercalifragilisticexpialidocious",
|
||||
result);
|
||||
hex_result = hexmem(result, sizeof(result));
|
||||
assert_se(streq_ptr(hex_result, "1dd1d1d45b9d9f9673dc9983c968c46ff3168e03cfeb4156a219eba1af4cff5f"));
|
||||
hex_result = mfree(hex_result);
|
||||
}
|
||||
|
||||
int main(int argc, char **argv) {
|
||||
test_setup_logging(LOG_INFO);
|
||||
|
||||
test_hmac();
|
||||
|
||||
return 0;
|
||||
}
|
Loading…
Reference in New Issue
Block a user