Exemple #1
0
/*
 * Compute signature - finalize SHA224 operation and reapply SHA224.
 */
void
isc_hmacsha224_sign(isc_hmacsha224_t *ctx, unsigned char *digest, size_t len) {
	unsigned char opad[ISC_SHA224_BLOCK_LENGTH];
	unsigned char newdigest[ISC_SHA224_DIGESTLENGTH];
	unsigned int i;

	REQUIRE(len <= ISC_SHA224_DIGESTLENGTH);
	isc_sha224_final(newdigest, &ctx->sha224ctx);

	memset(opad, OPAD, sizeof(opad));
	for (i = 0; i < ISC_SHA224_BLOCK_LENGTH; i++)
		opad[i] ^= ctx->key[i];

	isc_sha224_init(&ctx->sha224ctx);
	isc_sha224_update(&ctx->sha224ctx, opad, sizeof(opad));
	isc_sha224_update(&ctx->sha224ctx, newdigest, ISC_SHA224_DIGESTLENGTH);
	isc_sha224_final(newdigest, &ctx->sha224ctx);
	memcpy(digest, newdigest, len);
	memset(newdigest, 0, sizeof(newdigest));
}
Exemple #2
0
/*
 * Start HMAC-SHA224 process.  Initialize an sha224 context and digest the key.
 */
void
isc_hmacsha224_init(isc_hmacsha224_t *ctx, const unsigned char *key,
		    unsigned int len)
{
	unsigned char ipad[ISC_SHA224_BLOCK_LENGTH];
	unsigned int i;

	memset(ctx->key, 0, sizeof(ctx->key));
	if (len > sizeof(ctx->key)) {
		isc_sha224_t sha224ctx;
		isc_sha224_init(&sha224ctx);
		isc_sha224_update(&sha224ctx, key, len);
		isc_sha224_final(ctx->key, &sha224ctx);
	} else
		memcpy(ctx->key, key, len);

	isc_sha224_init(&ctx->sha224ctx);
	memset(ipad, IPAD, sizeof(ipad));
	for (i = 0; i < ISC_SHA224_BLOCK_LENGTH; i++)
		ipad[i] ^= ctx->key[i];
	isc_sha224_update(&ctx->sha224ctx, ipad, sizeof(ipad));
}
Exemple #3
0
/*
 * Update context to reflect the concatenation of another buffer full
 * of bytes.
 */
void
isc_hmacsha224_update(isc_hmacsha224_t *ctx, const unsigned char *buf,
		   unsigned int len)
{
	isc_sha224_update(&ctx->sha224ctx, buf, len);
}
Exemple #4
0
int
main(int argc, char **argv)  {
	isc_buffer_t buf;
	unsigned char key[1024];
	char secret[1024];
	char base64[(1024*4)/3];
	isc_region_t r;
	isc_result_t result;

	if (argc != 3) {
		fprintf(stderr, "Usage:\t%s algorithm secret\n", argv[0]);
		fprintf(stderr, "\talgorithm: (MD5 | SHA1 | SHA224 | "
				"SHA256 | SHA384 | SHA512)\n");
		return (1);
	}

	isc_buffer_init(&buf, secret, sizeof(secret));
	result = isc_base64_decodestring(argv[2], &buf);
	if (result != ISC_R_SUCCESS) {
		fprintf(stderr, "error: %s\n", isc_result_totext(result));
		return (1);
	}
	isc__buffer_usedregion(&buf, &r);

	if (!strcasecmp(argv[1], "md5") ||
	    !strcasecmp(argv[1], "hmac-md5")) {
		if (r.length > HMAC_LEN) {
			isc_md5_t md5ctx;
			isc_md5_init(&md5ctx);
			isc_md5_update(&md5ctx, r.base, r.length);
			isc_md5_final(&md5ctx, key);

			r.base = key;
			r.length = ISC_MD5_DIGESTLENGTH;
		}
	} else if (!strcasecmp(argv[1], "sha1") ||
		   !strcasecmp(argv[1], "hmac-sha1")) {
		if (r.length > ISC_SHA1_DIGESTLENGTH) {
			isc_sha1_t sha1ctx;
			isc_sha1_init(&sha1ctx);
			isc_sha1_update(&sha1ctx, r.base, r.length);
			isc_sha1_final(&sha1ctx, key);

			r.base = key;
			r.length = ISC_SHA1_DIGESTLENGTH;
		}
	} else if (!strcasecmp(argv[1], "sha224") ||
		   !strcasecmp(argv[1], "hmac-sha224")) {
		if (r.length > ISC_SHA224_DIGESTLENGTH) {
			isc_sha224_t sha224ctx;
			isc_sha224_init(&sha224ctx);
			isc_sha224_update(&sha224ctx, r.base, r.length);
			isc_sha224_final(key, &sha224ctx);

			r.base = key;
			r.length = ISC_SHA224_DIGESTLENGTH;
		}
	} else if (!strcasecmp(argv[1], "sha256") ||
		   !strcasecmp(argv[1], "hmac-sha256")) {
		if (r.length > ISC_SHA256_DIGESTLENGTH) {
			isc_sha256_t sha256ctx;
			isc_sha256_init(&sha256ctx);
			isc_sha256_update(&sha256ctx, r.base, r.length);
			isc_sha256_final(key, &sha256ctx);

			r.base = key;
			r.length = ISC_SHA256_DIGESTLENGTH;
		}
	} else if (!strcasecmp(argv[1], "sha384") ||
		   !strcasecmp(argv[1], "hmac-sha384")) {
		if (r.length > ISC_SHA384_DIGESTLENGTH) {
			isc_sha384_t sha384ctx;
			isc_sha384_init(&sha384ctx);
			isc_sha384_update(&sha384ctx, r.base, r.length);
			isc_sha384_final(key, &sha384ctx);

			r.base = key;
			r.length = ISC_SHA384_DIGESTLENGTH;
		}
	} else if (!strcasecmp(argv[1], "sha512") ||
		   !strcasecmp(argv[1], "hmac-sha512")) {
		if (r.length > ISC_SHA512_DIGESTLENGTH) {
			isc_sha512_t sha512ctx;
			isc_sha512_init(&sha512ctx);
			isc_sha512_update(&sha512ctx, r.base, r.length);
			isc_sha512_final(key, &sha512ctx);

			r.base = key;
			r.length = ISC_SHA512_DIGESTLENGTH;
		}
	} else {
		fprintf(stderr, "unknown hmac/digest algorithm: %s\n", argv[1]);
		return (1);
	}

	isc_buffer_init(&buf, base64, sizeof(base64));
	result = isc_base64_totext(&r, 0, "", &buf);
	if (result != ISC_R_SUCCESS) {
		fprintf(stderr, "error: %s\n", isc_result_totext(result));
		return (1);
	}
	fprintf(stdout, "%.*s\n", (int)isc_buffer_usedlength(&buf), base64);
	return (0);
}
Exemple #5
0
int
main(int argc, char **argv) {
	isc_sha1_t sha1;
	isc_sha224_t sha224;
	isc_md5_t md5;
	isc_hmacmd5_t hmacmd5;
	isc_hmacsha1_t hmacsha1;
	isc_hmacsha224_t hmacsha224;
	isc_hmacsha256_t hmacsha256;
	isc_hmacsha384_t hmacsha384;
	isc_hmacsha512_t hmacsha512;
	unsigned char digest[ISC_SHA512_DIGESTLENGTH];
	unsigned char buffer[1024];
	const char *s;
	unsigned char key[20];

	UNUSED(argc);
	UNUSED(argv);

	s = "abc";
	isc_sha1_init(&sha1);
	memcpy(buffer, s, strlen(s));
	isc_sha1_update(&sha1, buffer, strlen(s));
	isc_sha1_final(&sha1, digest);
	print_digest(s, "sha1", digest, ISC_SHA1_DIGESTLENGTH/4);

	s = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
	isc_sha1_init(&sha1);
	memcpy(buffer, s, strlen(s));
	isc_sha1_update(&sha1, buffer, strlen(s));
	isc_sha1_final(&sha1, digest);
	print_digest(s, "sha1", digest, ISC_SHA1_DIGESTLENGTH/4);

	s = "abc";
	isc_sha224_init(&sha224);
	memcpy(buffer, s, strlen(s));
	isc_sha224_update(&sha224, buffer, strlen(s));
	isc_sha224_final(digest, &sha224);
	print_digest(s, "sha224", digest, ISC_SHA224_DIGESTLENGTH/4);

	s = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
	isc_sha224_init(&sha224);
	memcpy(buffer, s, strlen(s));
	isc_sha224_update(&sha224, buffer, strlen(s));
	isc_sha224_final(digest, &sha224);
	print_digest(s, "sha224", digest, ISC_SHA224_DIGESTLENGTH/4);

	s = "abc";
	isc_md5_init(&md5);
	memcpy(buffer, s, strlen(s));
	isc_md5_update(&md5, buffer, strlen(s));
	isc_md5_final(&md5, digest);
	print_digest(s, "md5", digest, 4);

	/*
	 * The 3 HMAC-MD5 examples from RFC2104
	 */
	s = "Hi There";
	memset(key, 0x0b, 16);
	isc_hmacmd5_init(&hmacmd5, key, 16);
	memcpy(buffer, s, strlen(s));
	isc_hmacmd5_update(&hmacmd5, buffer, strlen(s));
	isc_hmacmd5_sign(&hmacmd5, digest);
	print_digest(s, "hmacmd5", digest, 4);

	s = "what do ya want for nothing?";
	strcpy((char *)key, "Jefe");
	isc_hmacmd5_init(&hmacmd5, key, 4);
	memcpy(buffer, s, strlen(s));
	isc_hmacmd5_update(&hmacmd5, buffer, strlen(s));
	isc_hmacmd5_sign(&hmacmd5, digest);
	print_digest(s, "hmacmd5", digest, 4);

	s = "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335";
	memset(key, 0xaa, 16);
	isc_hmacmd5_init(&hmacmd5, key, 16);
	memcpy(buffer, s, strlen(s));
	isc_hmacmd5_update(&hmacmd5, buffer, strlen(s));
	isc_hmacmd5_sign(&hmacmd5, digest);
	print_digest(s, "hmacmd5", digest, 4);

	/*
	 * The 3 HMAC-SHA1 examples from RFC4634.
	 */
	s = "Hi There";
	memset(key, 0x0b, 20);
	isc_hmacsha1_init(&hmacsha1, key, 20);
	memcpy(buffer, s, strlen(s));
	isc_hmacsha1_update(&hmacsha1, buffer, strlen(s));
	isc_hmacsha1_sign(&hmacsha1, digest, ISC_SHA1_DIGESTLENGTH);
	print_digest(s, "hmacsha1", digest, ISC_SHA1_DIGESTLENGTH/4);

	s = "what do ya want for nothing?";
	strcpy((char *)key, "Jefe");
	isc_hmacsha1_init(&hmacsha1, key, 4);
	memcpy(buffer, s, strlen(s));
	isc_hmacsha1_update(&hmacsha1, buffer, strlen(s));
	isc_hmacsha1_sign(&hmacsha1, digest, ISC_SHA1_DIGESTLENGTH);
	print_digest(s, "hmacsha1", digest, ISC_SHA1_DIGESTLENGTH/4);

	s = "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335";
	memset(key, 0xaa, 20);
	isc_hmacsha1_init(&hmacsha1, key, 20);
	memcpy(buffer, s, strlen(s));
	isc_hmacsha1_update(&hmacsha1, buffer, strlen(s));
	isc_hmacsha1_sign(&hmacsha1, digest, ISC_SHA1_DIGESTLENGTH);
	print_digest(s, "hmacsha1", digest, ISC_SHA1_DIGESTLENGTH/4);

	/*
	 * The 3 HMAC-SHA224 examples from RFC4634.
	 */
	s = "Hi There";
	memset(key, 0x0b, 20);
	isc_hmacsha224_init(&hmacsha224, key, 20);
	memcpy(buffer, s, strlen(s));
	isc_hmacsha224_update(&hmacsha224, buffer, strlen(s));
	isc_hmacsha224_sign(&hmacsha224, digest, ISC_SHA224_DIGESTLENGTH);
	print_digest(s, "hmacsha224", digest, ISC_SHA224_DIGESTLENGTH/4);

	s = "what do ya want for nothing?";
	strcpy((char *)key, "Jefe");
	isc_hmacsha224_init(&hmacsha224, key, 4);
	memcpy(buffer, s, strlen(s));
	isc_hmacsha224_update(&hmacsha224, buffer, strlen(s));
	isc_hmacsha224_sign(&hmacsha224, digest, ISC_SHA224_DIGESTLENGTH);
	print_digest(s, "hmacsha224", digest, ISC_SHA224_DIGESTLENGTH/4);

	s = "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335";
	memset(key, 0xaa, 20);
	isc_hmacsha224_init(&hmacsha224, key, 20);
	memcpy(buffer, s, strlen(s));
	isc_hmacsha224_update(&hmacsha224, buffer, strlen(s));
	isc_hmacsha224_sign(&hmacsha224, digest, ISC_SHA224_DIGESTLENGTH);
	print_digest(s, "hmacsha224", digest, ISC_SHA224_DIGESTLENGTH/4);

	/*
	 * The 3 HMAC-SHA256 examples from RFC4634.
	 */
	s = "Hi There";
	memset(key, 0x0b, 20);
	isc_hmacsha256_init(&hmacsha256, key, 20);
	memcpy(buffer, s, strlen(s));
	isc_hmacsha256_update(&hmacsha256, buffer, strlen(s));
	isc_hmacsha256_sign(&hmacsha256, digest, ISC_SHA256_DIGESTLENGTH);
	print_digest(s, "hmacsha256", digest, ISC_SHA256_DIGESTLENGTH/4);

	s = "what do ya want for nothing?";
	strcpy((char *)key, "Jefe");
	isc_hmacsha256_init(&hmacsha256, key, 4);
	memcpy(buffer, s, strlen(s));
	isc_hmacsha256_update(&hmacsha256, buffer, strlen(s));
	isc_hmacsha256_sign(&hmacsha256, digest, ISC_SHA256_DIGESTLENGTH);
	print_digest(s, "hmacsha256", digest, ISC_SHA256_DIGESTLENGTH/4);

	s = "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335";
	memset(key, 0xaa, 20);
	isc_hmacsha256_init(&hmacsha256, key, 20);
	memcpy(buffer, s, strlen(s));
	isc_hmacsha256_update(&hmacsha256, buffer, strlen(s));
	isc_hmacsha256_sign(&hmacsha256, digest, ISC_SHA256_DIGESTLENGTH);
	print_digest(s, "hmacsha256", digest, ISC_SHA256_DIGESTLENGTH/4);

	/*
	 * The 3 HMAC-SHA384 examples from RFC4634.
	 */
	s = "Hi There";
	memset(key, 0x0b, 20);
	isc_hmacsha384_init(&hmacsha384, key, 20);
	memcpy(buffer, s, strlen(s));
	isc_hmacsha384_update(&hmacsha384, buffer, strlen(s));
	isc_hmacsha384_sign(&hmacsha384, digest, ISC_SHA384_DIGESTLENGTH);
	print_digest(s, "hmacsha384", digest, ISC_SHA384_DIGESTLENGTH/4);

	s = "what do ya want for nothing?";
	strcpy((char *)key, "Jefe");
	isc_hmacsha384_init(&hmacsha384, key, 4);
	memcpy(buffer, s, strlen(s));
	isc_hmacsha384_update(&hmacsha384, buffer, strlen(s));
	isc_hmacsha384_sign(&hmacsha384, digest, ISC_SHA384_DIGESTLENGTH);
	print_digest(s, "hmacsha384", digest, ISC_SHA384_DIGESTLENGTH/4);

	s = "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335";
	memset(key, 0xaa, 20);
	isc_hmacsha384_init(&hmacsha384, key, 20);
	memcpy(buffer, s, strlen(s));
	isc_hmacsha384_update(&hmacsha384, buffer, strlen(s));
	isc_hmacsha384_sign(&hmacsha384, digest, ISC_SHA384_DIGESTLENGTH);
	print_digest(s, "hmacsha384", digest, ISC_SHA384_DIGESTLENGTH/4);

	/*
	 * The 3 HMAC-SHA512 examples from RFC4634.
	 */
	s = "Hi There";
	memset(key, 0x0b, 20);
	isc_hmacsha512_init(&hmacsha512, key, 20);
	memcpy(buffer, s, strlen(s));
	isc_hmacsha512_update(&hmacsha512, buffer, strlen(s));
	isc_hmacsha512_sign(&hmacsha512, digest, ISC_SHA512_DIGESTLENGTH);
	print_digest(s, "hmacsha512", digest, ISC_SHA512_DIGESTLENGTH/4);

	s = "what do ya want for nothing?";
	strcpy((char *)key, "Jefe");
	isc_hmacsha512_init(&hmacsha512, key, 4);
	memcpy(buffer, s, strlen(s));
	isc_hmacsha512_update(&hmacsha512, buffer, strlen(s));
	isc_hmacsha512_sign(&hmacsha512, digest, ISC_SHA512_DIGESTLENGTH);
	print_digest(s, "hmacsha512", digest, ISC_SHA512_DIGESTLENGTH/4);

	s = "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335"
	    "\335\335\335\335\335\335\335\335\335\335";
	memset(key, 0xaa, 20);
	isc_hmacsha512_init(&hmacsha512, key, 20);
	memcpy(buffer, s, strlen(s));
	isc_hmacsha512_update(&hmacsha512, buffer, strlen(s));
	isc_hmacsha512_sign(&hmacsha512, digest, ISC_SHA512_DIGESTLENGTH);
	print_digest(s, "hmacsha512", digest, ISC_SHA512_DIGESTLENGTH/4);

	return (0);
}