Browse Source

Merge pull request #6283 from OTAkeys/pr/hmac_iterative_calc

hashes/sha256: add iterative hmac calc. functions
pr/rotary
BytesGalore 6 years ago committed by GitHub
parent
commit
dacc3cba9f
  1. 55
      sys/hashes/sha256.c
  2. 39
      sys/include/hashes/sha256.h
  3. 183
      tests/unittests/tests-hashes/tests-hashes-sha256-hmac.c

55
sys/hashes/sha256.c

@ -2,6 +2,7 @@
* Copyright 2005 Colin Percival
* Copyright 2013 Christian Mehlis & René Kijewski
* Copyright 2016 Martin Landsmann <martin.landsmann@haw-hamburg.de>
* Copyright 2016 OTA keys S.A.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -39,6 +40,7 @@
* @author Christian Mehlis
* @author Rene Kijewski
* @author Martin Landsmann
* @author Hermann Lelong
*
* @}
*/
@ -276,8 +278,8 @@ void *sha256(const void *data, size_t len, void *digest)
return digest;
}
const void *hmac_sha256(const void *key, size_t key_length,
const void *data, size_t len, void *digest)
void hmac_sha256_init(hmac_context_t *ctx, const void *key, size_t key_length)
{
unsigned char k[SHA256_INTERNAL_BLOCK_SIZE];
@ -304,16 +306,29 @@ const void *hmac_sha256(const void *key, size_t key_length,
}
/*
* Create the inner hash
* Initiate calculation of the inner hash
* tmp = hash(i_key_pad CONCAT message)
*/
sha256_context_t c;
unsigned char tmp[SHA256_DIGEST_LENGTH];
sha256_init(&ctx->c_in);
sha256_update(&ctx->c_in, i_key_pad, SHA256_INTERNAL_BLOCK_SIZE);
sha256_init(&c);
sha256_update(&c, i_key_pad, SHA256_INTERNAL_BLOCK_SIZE);
sha256_update(&c, data, len);
sha256_final(&c, tmp);
/*
* Initiate calculation of the outer hash
* result = hash(o_key_pad CONCAT tmp)
*/
sha256_init(&ctx->c_out);
sha256_update(&ctx->c_out, o_key_pad, SHA256_INTERNAL_BLOCK_SIZE);
}
void hmac_sha256_update(hmac_context_t *ctx, const void *data, size_t len)
{
sha256_update(&ctx->c_in, data, len);
}
void hmac_sha256_final(hmac_context_t *ctx, void *digest)
{
unsigned char tmp[SHA256_DIGEST_LENGTH];
static unsigned char m[SHA256_DIGEST_LENGTH];
@ -321,14 +336,20 @@ const void *hmac_sha256(const void *key, size_t key_length,
digest = m;
}
/*
* Create the outer hash
* result = hash(o_key_pad CONCAT tmp)
*/
sha256_init(&c);
sha256_update(&c, o_key_pad, SHA256_INTERNAL_BLOCK_SIZE);
sha256_update(&c, tmp, SHA256_DIGEST_LENGTH);
sha256_final(&c, digest);
sha256_final(&ctx->c_in, tmp);
sha256_update(&ctx->c_out, tmp, SHA256_DIGEST_LENGTH);
sha256_final(&ctx->c_out, digest);
}
const void *hmac_sha256(const void *key, size_t key_length,
const void *data, size_t len, void *digest)
{
hmac_context_t ctx;
hmac_sha256_init(&ctx, key, key_length);
hmac_sha256_update(&ctx,data, len);
hmac_sha256_final(&ctx, digest);
return digest;
}

39
sys/include/hashes/sha256.h

@ -2,6 +2,7 @@
* Copyright 2005 Colin Percival
* Copyright 2013 Christian Mehlis & René Kijewski
* Copyright 2016 Martin Landsmann <martin.landsmann@haw-hamburg.de>
* Copyright 2016 OTA keys S.A.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -39,6 +40,7 @@
* @author Colin Percival
* @author Christian Mehlis
* @author Rene Kijewski
* @author Hermann Lelong
*/
#ifndef _SHA256_H
@ -58,7 +60,7 @@ extern "C" {
#define SHA256_INTERNAL_BLOCK_SIZE (64)
/**
* @brief Context for ciper operatins based on sha256
* @brief Context for ciper operations based on sha256
*/
typedef struct {
/** global state */
@ -69,6 +71,16 @@ typedef struct {
unsigned char buf[64];
} sha256_context_t;
/**
* @brief Context for HMAC operations based on sha256
*/
typedef struct {
/** Context for inner hash calculation */
sha256_context_t c_in;
/** Context for outer hash calculation */
sha256_context_t c_out;
} hmac_context_t;
/**
* @brief sha256-chain indexed element
*/
@ -116,6 +128,31 @@ void sha256_final(sha256_context_t *ctx, void *digest);
*/
void *sha256(const void *data, size_t len, void *digest);
/**
* @brief hmac_sha256_init HMAC SHA-256 calculation. Initiate calculation of a HMAC
* @param ctx hmac_context_t handle to use
* @param[in] key key used in the hmac-sha256 computation
* @param[in] key_length the size in bytes of the key
*/
void hmac_sha256_init(hmac_context_t *ctx, const void *key, size_t key_length);
/**
* @brief hmac_sha256_update Add data bytes for HMAC calculation
* @param ctx hmac_context_t handle to use
* @param data[in] pointer to the buffer to generate hash from
* @param len[in] length of the buffer
*/
void hmac_sha256_update(hmac_context_t *ctx, const void *data, size_t len);
/**
* @brief hmac_sha256_final HMAC SHA-256 finalization. Finish HMAC calculation and export the value
* @param ctx hmac_context_t handle to use
* @param[out] digest the computed hmac-sha256,
* length MUST be SHA256_DIGEST_LENGTH
* if digest == NULL, a static buffer is used
*/
void hmac_sha256_final(hmac_context_t *ctx, void *digest);
/**
* @brief function to compute a hmac-sha256 from a given message
*

183
tests/unittests/tests-hashes/tests-hashes-sha256-hmac.c

@ -1,5 +1,6 @@
/*
* Copyright (C) 2016 Martin Landsmann <martin.landsmann@haw-hamburg.de>
* Copyright 2016 OTA keys S.A.
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
@ -153,6 +154,180 @@ static void test_hashes_hmac_sha256_hash_PRF6(void)
"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2", hmac));
}
static void test_hashes_hmac_sha256_ite_hash_sequence(void)
{
unsigned char key[64];
hmac_context_t ctx;
/* prepare an empty key */
memset((void*)key, 0x0, 64);
static uint8_t hmac[SHA256_DIGEST_LENGTH];
/* use an empty message */
const unsigned char *m = NULL;
hmac_sha256_init(&ctx, key, sizeof(key));
hmac_sha256_update(&ctx, m, 0);
hmac_sha256_final(&ctx, hmac);
TEST_ASSERT(compare_str_vs_digest(
"b613679a0814d9ec772f95d778c35fc5ff1697c493715653c6c712144292c5ad", hmac));
/* use a real message */
const unsigned char str[] = "The quick brown fox jumps over the lazy dog";
key[0] = 'k';
key[1] = 'e';
key[2] = 'y';
hmac_sha256_init(&ctx, key, sizeof(key));
hmac_sha256_update(&ctx, str, strlen((char*)str));
hmac_sha256_final(&ctx, hmac);
TEST_ASSERT(compare_str_vs_digest(
"f7bc83f430538424b13298e6aa6fb143ef4d59a14946175997479dbc2d1a3cd8", hmac));
}
/*
The followig testcases are taken from:
https://tools.ietf.org/html/rfc4868#section-2.7.1
*/
static void test_hashes_hmac_sha256_ite_hash_PRF1(void)
{
/* Test Case PRF-1: */
hmac_context_t ctx;
const unsigned char strPRF1[] = "Hi There";
unsigned char key[20];
static unsigned char hmac[SHA256_DIGEST_LENGTH];
memset(key, 0x0b, sizeof(key));
hmac_sha256_init(&ctx, key, sizeof(key));
hmac_sha256_update(&ctx, strPRF1, strlen((char*)strPRF1));
hmac_sha256_final(&ctx, hmac);
TEST_ASSERT(compare_str_vs_digest(
"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7", hmac));
}
static void test_hashes_hmac_sha256_ite_hash_PRF2(void)
{
/* Test Case PRF-2: */
hmac_context_t ctx;
const unsigned char strPRF2[] = "what do ya want for nothing?";
unsigned char key[4] = {'J', 'e', 'f', 'e'};
static unsigned char hmac[SHA256_DIGEST_LENGTH];
hmac_sha256_init(&ctx, key, sizeof(key));
hmac_sha256_update(&ctx, strPRF2, strlen((char*)strPRF2));
hmac_sha256_final(&ctx, hmac);
TEST_ASSERT(compare_str_vs_digest(
"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843", hmac));
}
static void test_hashes_hmac_sha256_ite_hash_PRF3(void)
{
/* Test Case PRF-3: */
hmac_context_t ctx;
char unsigned strPRF3[50];
unsigned char key[20];
static unsigned char hmac[SHA256_DIGEST_LENGTH];
memset(strPRF3, 0xdd, sizeof(strPRF3));
memset(key, 0xaa, sizeof(key));
hmac_sha256_init(&ctx, key, sizeof(key));
hmac_sha256_update(&ctx, strPRF3, sizeof(strPRF3));
hmac_sha256_final(&ctx, hmac);
TEST_ASSERT(compare_str_vs_digest(
"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe", hmac));
}
static void test_hashes_hmac_sha256_ite_hash_PRF4(void)
{
/* Test Case PRF-4: */
hmac_context_t ctx;
char unsigned strPRF4[50];
unsigned char key[25];
static unsigned char hmac[SHA256_DIGEST_LENGTH];
memset(strPRF4, 0xcd, sizeof(strPRF4));
/*
* set key to: 0102030405060708090a0b0c0d0e0f10111213141516171819
*/
for (size_t i = 0; i < sizeof(key); ++i) {
key[i] = i+1;
}
hmac_sha256_init(&ctx, key, sizeof(key));
hmac_sha256_update(&ctx, strPRF4, sizeof(strPRF4));
hmac_sha256_final(&ctx, hmac);
TEST_ASSERT(compare_str_vs_digest(
"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b", hmac));
}
static void test_hashes_hmac_sha256_ite_hash_PRF5(void)
{
/* Test Case PRF-5: */
hmac_context_t ctx;
const unsigned char strPRF5[] = "Test Using Larger Than Block-Size Key - Hash Key First";
unsigned char longKey[131];
static unsigned char hmac[SHA256_DIGEST_LENGTH];
memset(longKey, 0xaa, sizeof(longKey));
hmac_sha256_init(&ctx, longKey, sizeof(longKey));
hmac_sha256_update(&ctx, strPRF5, strlen((char*)strPRF5));
hmac_sha256_final(&ctx, hmac);
TEST_ASSERT(compare_str_vs_digest(
"60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54", hmac));
}
static void test_hashes_hmac_sha256_ite_hash_PRF6(void)
{
/* Test Case PRF-6: */
hmac_context_t ctx;
const unsigned char strPRF6[] = "This is a test using a larger than block-size key and a "
"larger than block-size data. The key needs to be hashed "
"before being used by the HMAC algorithm.";
unsigned char longKey[131];
static unsigned char hmac[SHA256_DIGEST_LENGTH];
memset(longKey, 0xaa, sizeof(longKey));
/* the same key is used as above: 131 x 0xa */
hmac_sha256_init(&ctx, longKey, sizeof(longKey));
hmac_sha256_update(&ctx, strPRF6, strlen((char*)strPRF6));
hmac_sha256_final(&ctx, hmac);
TEST_ASSERT(compare_str_vs_digest(
"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2", hmac));
}
static void test_hashes_hmac_sha256_ite_hash_PRF6_split(void)
{
/* Test Case PRF-6: */
hmac_context_t ctx;
const unsigned char strPRF6_1[] = "This is a test using a larger than block-size key and a ";
const unsigned char strPRF6_2[] = "larger than block-size data. The key needs to be hashed ";
const unsigned char strPRF6_3[] = "before being used by the HMAC algorithm.";
unsigned char longKey[131];
static unsigned char hmac[SHA256_DIGEST_LENGTH];
memset(longKey, 0xaa, sizeof(longKey));
/* the same key is used as above: 131 x 0xa */
hmac_sha256_init(&ctx, longKey, sizeof(longKey));
hmac_sha256_update(&ctx, strPRF6_1, strlen((char*)strPRF6_1));
hmac_sha256_update(&ctx, strPRF6_2, strlen((char*)strPRF6_2));
hmac_sha256_update(&ctx, strPRF6_3, strlen((char*)strPRF6_3));
hmac_sha256_final(&ctx, hmac);
TEST_ASSERT(compare_str_vs_digest(
"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2", hmac));
}
Test *tests_hashes_sha256_hmac_tests(void)
{
EMB_UNIT_TESTFIXTURES(fixtures) {
@ -163,6 +338,14 @@ Test *tests_hashes_sha256_hmac_tests(void)
new_TestFixture(test_hashes_hmac_sha256_hash_PRF4),
new_TestFixture(test_hashes_hmac_sha256_hash_PRF5),
new_TestFixture(test_hashes_hmac_sha256_hash_PRF6),
new_TestFixture(test_hashes_hmac_sha256_ite_hash_sequence),
new_TestFixture(test_hashes_hmac_sha256_ite_hash_PRF1),
new_TestFixture(test_hashes_hmac_sha256_ite_hash_PRF2),
new_TestFixture(test_hashes_hmac_sha256_ite_hash_PRF3),
new_TestFixture(test_hashes_hmac_sha256_ite_hash_PRF4),
new_TestFixture(test_hashes_hmac_sha256_ite_hash_PRF5),
new_TestFixture(test_hashes_hmac_sha256_ite_hash_PRF6),
new_TestFixture(test_hashes_hmac_sha256_ite_hash_PRF6_split),
};
EMB_UNIT_TESTCALLER(hashes_sha256_tests, NULL, NULL,

Loading…
Cancel
Save