int crypto_auth_hmacsha256_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k) { unsigned char correct[32]; crypto_auth_hmacsha256(correct,in,inlen,k); return crypto_verify_32(h,correct) | (-(h == correct)) | sodium_memcmp(correct,h,32); }
/** * PBKDF2_SHA256(passwd, passwdlen, salt, saltlen, c, buf, dkLen): * Compute PBKDF2(passwd, salt, c, dkLen) using HMAC-SHA256 as the PRF, and * write the output to buf. The value dkLen must be at most 32 * (2^32 - 1). */ void PBKDF2_SHA256(const uint8_t * passwd, size_t passwdlen, const uint8_t * salt, size_t saltlen, uint64_t c, uint8_t * buf, size_t dkLen) { uint8_t key[32] = {0}; size_t i; uint8_t salt_and_ivec[saltlen + 4]; uint8_t U[32]; uint8_t T[32]; uint64_t j; int k; size_t clen; if (passwdlen > 32) { /* For some reason libsodium allows 64byte keys meaning keys * between 32byte and 64bytes are not compatible with libsodium. toxencryptsave should only give 32byte passwds so this isn't an issue here.*/ crypto_hash_sha256(key, passwd, passwdlen); } else { memcpy(key, passwd, passwdlen); } memcpy(salt_and_ivec, salt, saltlen); for (i = 0; i * 32 < dkLen; i++) { be32enc(salt_and_ivec + saltlen, (uint32_t)(i + 1)); crypto_auth_hmacsha256(U, salt_and_ivec, sizeof(salt_and_ivec), key); memcpy(T, U, 32); for (j = 2; j <= c; j++) { crypto_auth_hmacsha256(U, U, 32, key); for (k = 0; k < 32; k++) { T[k] ^= U[k]; } } clen = dkLen - i * 32; if (clen > 32) { clen = 32; } memcpy(&buf[i * 32], T, clen); } sodium_memzero((void *) key, sizeof(key)); }
int main(void) { int i; crypto_auth_hmacsha256(a,c,sizeof c,key); for (i = 0;i < 32;++i) { printf(",0x%02x",(unsigned int) a[i]); if (i % 8 == 7) printf("\n"); } return 0; }
int crypto_auth_sec(unsigned char *out, const unsigned char *in, unsigned long long inlen, const unsigned char *k) { /* Argument addresses are public for now */ public_in(__SMACK_value(out)); public_in(__SMACK_value(in)); public_in(__SMACK_value(k)); /* Annotations: everything is private (this should fail) */ return crypto_auth_hmacsha256(out,in,inlen,k); }
int crypto_auth_pub(unsigned char *out, const unsigned char *in, unsigned long long inlen, const unsigned char *k) { /* Argument addresses are public for now */ public_in(__SMACK_value(out)); public_in(__SMACK_value(in)); public_in(__SMACK_value(k)); /* Annotations */ public_in(__SMACK_value(inlen)); return crypto_auth_hmacsha256(out,in,inlen,k); }
int yacl_hmac_sha256(const uint8_t *key, size_t key_len, const uint8_t *data, size_t data_len, uint8_t mac[YACL_SHA256_LEN]) { #ifdef HAVE_LIBSODIUM if (YACL_SHA256_LEN == key_len) { return crypto_auth_hmacsha256(mac, data, data_len, key); } #endif return hmac_sha256(key, key_len, data, data_len, mac); }
int macaroon_hmac(const unsigned char* _key, size_t _key_sz, const unsigned char* text, size_t text_sz, unsigned char* hash) { int rc; unsigned char key[crypto_auth_hmacsha256_KEYBYTES]; sodium_memzero(key, crypto_auth_hmacsha256_BYTES); memmove(key, _key, _key_sz < sizeof(key) ? _key_sz : sizeof(key)); rc = crypto_auth_hmacsha256(hash, text, text_sz, key); assert(rc == 0); return 0; }
static void mm_hmacsha256(void) { crypto_auth_hmacsha256_state st; unsigned char *h, *h2; unsigned char *k; unsigned char *m; size_t mlen; size_t l1, l2; int i; for (i = 0; i < MAX_ITER; i++) { mlen = randombytes_uniform(MAXLEN); m = (unsigned char *) sodium_malloc(mlen); k = (unsigned char *) sodium_malloc(crypto_auth_hmacsha256_KEYBYTES); h = (unsigned char *) sodium_malloc(crypto_auth_hmacsha256_BYTES); h2 = (unsigned char *) sodium_malloc(crypto_auth_hmacsha256_BYTES); crypto_auth_hmacsha256_keygen(k); randombytes_buf(m, mlen); crypto_auth_hmacsha256_init(&st, k, crypto_auth_hmacsha256_KEYBYTES); l1 = randombytes_uniform(mlen); l2 = randombytes_uniform(mlen - l1); crypto_auth_hmacsha256_update(&st, m, l1); crypto_auth_hmacsha256_update(&st, m + l1, l2); crypto_auth_hmacsha256_update(&st, m + l1 + l2, mlen - l1 - l2); crypto_auth_hmacsha256_final(&st, h); crypto_auth_hmacsha256(h2, m, mlen, k); assert(memcmp(h, h2, crypto_auth_hmacsha256_BYTES) == 0); sodium_free(h2); sodium_free(h); sodium_free(k); sodium_free(m); } }
int crypto_auth_hmacsha256_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k) { unsigned char correct[32]; crypto_auth_hmacsha256(correct,in,inlen,k); return crypto_verify_32(h,correct); }
SODIUM_EXPORT int crypto_auth_hmacsha256_ref(unsigned char *out, const unsigned char *in, unsigned long long inlen, const unsigned char *k) { return crypto_auth_hmacsha256(out, in, inlen, k); }