bug-gnulib
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

hmac-md5


From: Simon Josefsson
Subject: hmac-md5
Date: Wed, 05 Oct 2005 14:18:08 +0200
User-agent: Gnus/5.110004 (No Gnus v0.4) Emacs/22.0.50 (gnu/linux)

Hi.  This is the HMAC-MD5 module, that depends on the MD5 module.
What do you think?  Ok to install?

The reason I'm using hmac.h instead of hmac-md5.h is that I think
hmac.h should contain the prototype for hmac_sha1 too, eventually.
That would be a separate module with a hmac-sha1.c implementation,
though, but it would share the hmac.h header.  If you think having
hmac-md5.h and hmac-sha1.h is better, I can change it.

I am unsure about the prototype here too.  I'm using 'void*', but I
considered using 'uint8_t*' because HMAC-MD5 is byte-oriented.
However, so is MD5, but the current gnulib module use 'void*' for it
anyway.  Also, 'uint8_t' is difficult since it isn't C89, i.e. it is
difficult to expose a library API using uint8_t.  (I do that in my
libraries today, but there is no functionality in gnulib to do this
today.)

It would be nice if the md5 module contained a '#define MD5_BLOCK_SIZE
64' and '#define MD5_DIGEST_SIZE 16' so I don't have to hard code
those numbers.  Should I submit a patch?

Note that there are no hooks for using libgcrypt instead.  That will
came later on.  First I need the crypto functionality inside gnulib,
then I can write a layer on top of that to multiplex the functionality
to either the gnulib modules or to libgcrypt.

Thanks.

Index: modules/hmac-md5
===================================================================
RCS file: modules/hmac-md5
diff -N modules/hmac-md5
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ modules/hmac-md5    5 Oct 2005 12:11:33 -0000
@@ -0,0 +1,25 @@
+Description:
+Compute hashed message authentication codes with MD5.
+
+Files:
+lib/hmac.h
+lib/hmac-md5.c
+m4/hmac-md5.m4
+
+Depends-on:
+memxor
+md5
+
+configure.ac:
+gl_HMAC_MD5
+
+Makefile.am:
+
+Include:
+"hmac.h"
+
+License:
+LGPL
+
+Maintainer:
+Simon Josefsson
Index: modules/hmac-md5-tests
===================================================================
RCS file: modules/hmac-md5-tests
diff -N modules/hmac-md5-tests
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ modules/hmac-md5-tests      5 Oct 2005 12:11:33 -0000
@@ -0,0 +1,11 @@
+Files:
+tests/test-hmac-md5.c
+
+Depends-on:
+
+configure.ac:
+
+Makefile.am:
+TESTS += test-hmac-md5
+noinst_PROGRAMS += test-hmac-md5
+test_hmac_md5_SOURCES = test-hmac-md5.c
Index: m4/hmac-md5.m4
===================================================================
RCS file: m4/hmac-md5.m4
diff -N m4/hmac-md5.m4
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ m4/hmac-md5.m4      5 Oct 2005 12:11:33 -0000
@@ -0,0 +1,11 @@
+# hmac-md5.m4 serial 1
+dnl Copyright (C) 2005 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+AC_DEFUN([gl_HMAC_MD5],
+[
+  AC_LIBSOURCES([hmac.h, hmac-md5.c])
+  AC_LIBOBJ([hmac-md5])
+])
Index: lib/hmac.h
===================================================================
RCS file: lib/hmac.h
diff -N lib/hmac.h
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ lib/hmac.h  5 Oct 2005 12:11:33 -0000
@@ -0,0 +1,33 @@
+/* hmac.h -- hashed message authentication codes
+   Copyright (C) 2005 Free Software Foundation, Inc.
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2, or (at your option)
+   any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software Foundation,
+   Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.  */
+
+/* Written by Simon Josefsson.  */
+
+#ifndef HMAC_H
+# define HMAC_H 1
+
+#include <stddef.h>
+
+/* Compute Hashed Message Authentication Code with MD5, as described
+   in RFC 2104, over BUFFER data of BUFLEN bytes using the KEY of
+   KEYLEN bytes, writing the output to pre-allocated 16 byte minimum
+   RESBUF buffer.  Return 0 on success.  */
+int
+hmac_md5 (const void *key, size_t keylen,
+         const void *buffer, size_t buflen, void *resbuf);
+
+#endif /* HMAC_H */
Index: lib/hmac-md5.c
===================================================================
RCS file: lib/hmac-md5.c
diff -N lib/hmac-md5.c
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ lib/hmac-md5.c      5 Oct 2005 12:11:33 -0000
@@ -0,0 +1,76 @@
+/* hmac-md5.c -- hashed message authentication codes
+   Copyright (C) 2005 Free Software Foundation, Inc.
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2, or (at your option)
+   any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software Foundation,
+   Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.  */
+
+/* Written by Simon Josefsson.  */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include "hmac.h"
+
+#include "md5.h"
+
+#include <string.h>
+
+#define IPAD 0x36
+#define OPAD 0x5c
+
+int
+hmac_md5 (const void *key, size_t keylen,
+         const void *in, size_t inlen, void *resbuf)
+{
+  struct md5_ctx inner;
+  struct md5_ctx outer;
+  char optkeybuf[16];
+  char block[64];
+  char innerhash[16];
+
+  if (keylen > 64)
+    {
+      struct md5_ctx keyhash;
+
+      md5_init_ctx (&keyhash);
+      md5_process_bytes (key, keylen, &keyhash);
+      md5_finish_ctx (&keyhash, optkeybuf);
+
+      key = optkeybuf;
+      keylen = 16;
+    }
+
+  md5_init_ctx (&inner);
+
+  memset (block, IPAD, sizeof (block));
+  memxor (block, key, keylen);
+
+  md5_process_block (block, 64, &inner);
+  md5_process_bytes (in, inlen, &inner);
+
+  md5_finish_ctx (&inner, innerhash);
+
+  md5_init_ctx (&outer);
+
+  memset (block, OPAD, sizeof (block));
+  memxor (block, key, keylen);
+
+  md5_process_block (block, 64, &outer);
+  md5_process_bytes (innerhash, 16, &outer);
+
+  md5_finish_ctx (&outer, resbuf);
+
+  return 0;
+}
Index: tests/test-hmac-md5.c
===================================================================
RCS file: tests/test-hmac-md5.c
diff -N tests/test-hmac-md5.c
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ tests/test-hmac-md5.c       5 Oct 2005 12:11:33 -0000
@@ -0,0 +1,150 @@
+/*
+ * Copyright (C) 2005 Free Software Foundation
+ * Written by Simon Josefsson
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2, or (at your option)
+ * any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.  */
+
+#if HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <stdio.h>
+#include <string.h>
+#include "hmac.h"
+
+/* Test vectors from RFC 2104. */
+
+int
+main (int argc, char *argv[])
+{
+  {
+    /*
+       key =         0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
+       key_len =     16 bytes
+       data =        "Hi There"
+       data_len =    8  bytes
+       digest =      0x9294727a3638bb1c13f48ef8158bfc9d
+     */
+    char *key =
+      "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
+    size_t key_len = 16;
+    char *data = "Hi There";
+    size_t data_len = 8;
+    char *digest =
+      "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc\x9d";
+    char out[16];
+
+    if (hmac_md5 (key, key_len, data, data_len, out) != 0)
+      {
+       printf ("call failure\n");
+       return 1;
+      }
+
+    if (memcmp (digest, out, 16) != 0)
+      {
+       size_t i;
+       printf ("hash 1 missmatch. expected:\n");
+       for (i = 0; i < 16; i++)
+         printf ("%02x ", digest[i] & 0xFF);
+       printf ("\ncomputed:\n");
+       for (i = 0; i < 16; i++)
+         printf ("%02x ", out[i] & 0xFF);
+       printf ("\n");
+       return 1;
+      }
+  }
+
+  {
+    /*
+       key =         "Jefe"
+       data =        "what do ya want for nothing?"
+       data_len =    28 bytes
+       digest =      0x750c783e6ab0b503eaa86e310a5db738
+     */
+    char *key = "Jefe";
+    size_t key_len = 4;
+    char *data = "what do ya want for nothing?";
+    size_t data_len = 28;
+    char *digest =
+      "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7\x38";
+    char out[16];
+
+    if (hmac_md5 (key, key_len, data, data_len, out) != 0)
+      {
+       printf ("call failure\n");
+       return 1;
+      }
+
+    if (memcmp (digest, out, 16) != 0)
+      {
+       size_t i;
+       printf ("hash 2 missmatch. expected:\n");
+       for (i = 0; i < 16; i++)
+         printf ("%02x ", digest[i] & 0xFF);
+       printf ("\ncomputed:\n");
+       for (i = 0; i < 16; i++)
+         printf ("%02x ", out[i] & 0xFF);
+       printf ("\n");
+       return 1;
+      }
+  }
+
+  {
+    /*
+       key =         0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+       key_len       16 bytes
+       data =        0xDDDDDDDDDDDDDDDDDDDD...
+       ..DDDDDDDDDDDDDDDDDDDD...
+       ..DDDDDDDDDDDDDDDDDDDD...
+       ..DDDDDDDDDDDDDDDDDDDD...
+       ..DDDDDDDDDDDDDDDDDDDD
+       data_len =    50 bytes
+       digest =      0x56be34521d144c88dbb8c733f0e8b3f6
+     */
+    char *key =
+      "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA";
+    size_t key_len = 16;
+    char *data = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+      "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+      "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+      "\xDD\xDD";
+    size_t data_len = 50;
+    char *digest =
+      "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3\xf6";
+    char out[16];
+
+    if (hmac_md5 (key, key_len, data, data_len, out) != 0)
+      {
+       printf ("call failure\n");
+       return 1;
+      }
+
+    if (memcmp (digest, out, 16) != 0)
+      {
+       size_t i;
+       printf ("hash 3 missmatch. expected:\n");
+       for (i = 0; i < 16; i++)
+         printf ("%02x ", digest[i] & 0xFF);
+       printf ("\ncomputed:\n");
+       for (i = 0; i < 16; i++)
+         printf ("%02x ", out[i] & 0xFF);
+       printf ("\n");
+       return 1;
+      }
+  }
+
+  return 0;
+}




reply via email to

[Prev in Thread] Current Thread [Next in Thread]