/* * keylength in bits! * message length in bits! */ void hmac_sha256(void* dest, void* key, uint16_t keylength_b, void* msg, uint64_t msglength_b){ /* a one-shot*/ sha256_ctx_t s; uint8_t i; uint8_t buffer[SHA256_HASH_BYTES]; memset(buffer, 0, SHA256_HASH_BYTES); /* if key is larger than a block we have to hash it*/ if (keylength_b > SHA256_BLOCK_BITS){ sha256((void*)buffer, key, keylength_b); } else { memcpy(buffer, key, (keylength_b+7)/8); } for (i=0; i<SHA256_HASH_BYTES; ++i){ buffer[i] ^= IPAD; } sha256_init(&s); sha256_nextBlock(&s, buffer); while (msglength_b >= SHA256_BLOCK_BITS){ sha256_nextBlock(&s, msg); msg = (uint8_t*)msg + SHA256_HASH_BYTES; msglength_b -= SHA256_BLOCK_BITS; } sha256_lastBlock(&s, msg, msglength_b); /* since buffer still contains key xor ipad we can do ... */ for (i=0; i<SHA256_HASH_BYTES; ++i){ buffer[i] ^= IPAD ^ OPAD; } sha256_ctx2hash(dest, &s); /* save inner hash temporary to dest */ sha256_init(&s); sha256_nextBlock(&s, buffer); sha256_lastBlock(&s, dest, SHA256_HASH_BITS); sha256_ctx2hash(dest, &s); }
void hmac_sha256_final(hmac_sha256_ctx_t *s, void* key, uint16_t keylength_b){ uint8_t buffer[SHA256_HASH_BYTES]; uint8_t i; sha256_ctx_t a; memset(buffer, 0, SHA256_HASH_BYTES); if (keylength_b > SHA256_BLOCK_BITS){ sha256((void*)buffer, key, keylength_b); } else { memcpy(buffer, key, (keylength_b+7)/8); } for (i=0; i<SHA256_HASH_BYTES; ++i){ buffer[i] ^= OPAD; } sha256_init(&a); sha256_nextBlock(&a, buffer); /* hash key ^ opad */ sha256_ctx2hash((void*)buffer, s); /* copy hash(key ^ ipad, msg) to buffer */ sha256_lastBlock(&a, buffer, SHA256_HASH_BITS); memcpy(s, &a, sizeof(sha256_ctx_t)); #if defined SECURE_WIPE_BUFFER memset(buffer, 0, SHA256_HASH_BYTES); memset(a.h, 0, 8*4); #endif }
/* * length in bits! */ void sha256(void* dest, const void* msg, uint32_t length_b){ /* length could be choosen longer but this is for µC */ sha256_ctx_t s; sha256_init(&s); while(length_b >= SHA256_BLOCK_BITS){ sha256_nextBlock(&s, msg); msg = (uint8_t*)msg + SHA256_BLOCK_BITS/8; length_b -= SHA256_BLOCK_BITS; } sha256_lastBlock(&s, msg, length_b); sha256_ctx2hash(dest,&s); }
void hmac_sha256_final(void* dest, hmac_sha256_ctx_t *s){ sha256_ctx2hash((sha256_hash_t*)dest, &(s->a)); sha256_lastBlock(&(s->b), dest, SHA256_HASH_BITS); sha256_ctx2hash((sha256_hash_t*)dest, &(s->b)); }