Commit 02ced31b authored by Mark Andrews's avatar Mark Andrews
Browse files

2072. [bug] We were not generating valid HMAC SHA digests.

                        [RT #16320]
parent 9464f583
2072. [bug] We were not generating valid HMAC SHA digests.
[RT #16320]
2071. [port] Test whether gcc accepts -fno-strict-aliasing.
[RT #16324]
......
......@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: hash_test.c,v 1.15 2005/04/27 04:56:08 sra Exp $ */
/* $Id: hash_test.c,v 1.16 2006/08/16 03:15:09 marka Exp $ */
/*! \file */
#include <config.h>
......@@ -24,18 +24,19 @@
#include <string.h>
#include <isc/hmacmd5.h>
#include <isc/hmacsha.h>
#include <isc/md5.h>
#include <isc/sha1.h>
#include <isc/util.h>
#include <isc/string.h>
static void
print_digest(unsigned char *s, const char *hash, unsigned char *d,
print_digest(const char *s, const char *hash, unsigned char *d,
unsigned int words)
{
unsigned int i, j;
printf("hash (%s) %s:\n\t", hash, (char *)s);
printf("hash (%s) %s:\n\t", hash, s);
for (i = 0; i < words; i++) {
printf(" ");
for (j = 0; j < 4; j++)
......@@ -47,9 +48,15 @@ print_digest(unsigned char *s, const char *hash, unsigned char *d,
int
main(int argc, char **argv) {
isc_sha1_t sha1;
isc_sha224_t sha224;
isc_md5_t md5;
isc_hmacmd5_t hmacmd5;
unsigned char digest[20];
isc_hmacsha1_t hmacsha1;
isc_hmacsha224_t hmacsha224;
isc_hmacsha256_t hmacsha256;
isc_hmacsha384_t hmacsha384;
isc_hmacsha512_t hmacsha512;
unsigned char digest[ISC_SHA512_DIGESTLENGTH];
unsigned char buffer[1024];
const char *s;
unsigned char key[20];
......@@ -62,21 +69,35 @@ main(int argc, char **argv) {
memcpy(buffer, s, strlen(s));
isc_sha1_update(&sha1, buffer, strlen(s));
isc_sha1_final(&sha1, digest);
print_digest(buffer, "sha1", digest, 5);
print_digest(s, "sha1", digest, ISC_SHA1_DIGESTLENGTH/4);
s = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
isc_sha1_init(&sha1);
memcpy(buffer, s, strlen(s));
isc_sha1_update(&sha1, buffer, strlen(s));
isc_sha1_final(&sha1, digest);
print_digest(buffer, "sha1", digest, 5);
print_digest(s, "sha1", digest, ISC_SHA1_DIGESTLENGTH/4);
s = "abc";
isc_sha224_init(&sha224);
memcpy(buffer, s, strlen(s));
isc_sha224_update(&sha224, buffer, strlen(s));
isc_sha224_final(digest, &sha224);
print_digest(s, "sha224", digest, ISC_SHA224_DIGESTLENGTH/4);
s = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
isc_sha224_init(&sha224);
memcpy(buffer, s, strlen(s));
isc_sha224_update(&sha224, buffer, strlen(s));
isc_sha224_final(digest, &sha224);
print_digest(s, "sha224", digest, ISC_SHA224_DIGESTLENGTH/4);
s = "abc";
isc_md5_init(&md5);
memcpy(buffer, s, strlen(s));
isc_md5_update(&md5, buffer, strlen(s));
isc_md5_final(&md5, digest);
print_digest(buffer, "md5", digest, 4);
print_digest(s, "md5", digest, 4);
/*
* The 3 HMAC-MD5 examples from RFC2104
......@@ -87,7 +108,7 @@ main(int argc, char **argv) {
memcpy(buffer, s, strlen(s));
isc_hmacmd5_update(&hmacmd5, buffer, strlen(s));
isc_hmacmd5_sign(&hmacmd5, digest);
print_digest(buffer, "hmacmd5", digest, 4);
print_digest(s, "hmacmd5", digest, 4);
s = "what do ya want for nothing?";
strcpy((char *)key, "Jefe");
......@@ -95,7 +116,7 @@ main(int argc, char **argv) {
memcpy(buffer, s, strlen(s));
isc_hmacmd5_update(&hmacmd5, buffer, strlen(s));
isc_hmacmd5_sign(&hmacmd5, digest);
print_digest(buffer, "hmacmd5", digest, 4);
print_digest(s, "hmacmd5", digest, 4);
s = "\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
......@@ -107,7 +128,162 @@ main(int argc, char **argv) {
memcpy(buffer, s, strlen(s));
isc_hmacmd5_update(&hmacmd5, buffer, strlen(s));
isc_hmacmd5_sign(&hmacmd5, digest);
print_digest(buffer, "hmacmd5", digest, 4);
print_digest(s, "hmacmd5", digest, 4);
/*
* The 3 HMAC-SHA1 examples from RFC4634.
*/
s = "Hi There";
memset(key, 0x0b, 20);
isc_hmacsha1_init(&hmacsha1, key, 20);
memcpy(buffer, s, strlen(s));
isc_hmacsha1_update(&hmacsha1, buffer, strlen(s));
isc_hmacsha1_sign(&hmacsha1, digest, ISC_SHA1_DIGESTLENGTH);
print_digest(s, "hmacsha1", digest, ISC_SHA1_DIGESTLENGTH/4);
s = "what do ya want for nothing?";
strcpy((char *)key, "Jefe");
isc_hmacsha1_init(&hmacsha1, key, 4);
memcpy(buffer, s, strlen(s));
isc_hmacsha1_update(&hmacsha1, buffer, strlen(s));
isc_hmacsha1_sign(&hmacsha1, digest, ISC_SHA1_DIGESTLENGTH);
print_digest(s, "hmacsha1", digest, ISC_SHA1_DIGESTLENGTH/4);
s = "\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335";
memset(key, 0xaa, 20);
isc_hmacsha1_init(&hmacsha1, key, 20);
memcpy(buffer, s, strlen(s));
isc_hmacsha1_update(&hmacsha1, buffer, strlen(s));
isc_hmacsha1_sign(&hmacsha1, digest, ISC_SHA1_DIGESTLENGTH);
print_digest(s, "hmacsha1", digest, ISC_SHA1_DIGESTLENGTH/4);
/*
* The 3 HMAC-SHA224 examples from RFC4634.
*/
s = "Hi There";
memset(key, 0x0b, 20);
isc_hmacsha224_init(&hmacsha224, key, 20);
memcpy(buffer, s, strlen(s));
isc_hmacsha224_update(&hmacsha224, buffer, strlen(s));
isc_hmacsha224_sign(&hmacsha224, digest, ISC_SHA224_DIGESTLENGTH);
print_digest(s, "hmacsha224", digest, ISC_SHA224_DIGESTLENGTH/4);
s = "what do ya want for nothing?";
strcpy((char *)key, "Jefe");
isc_hmacsha224_init(&hmacsha224, key, 4);
memcpy(buffer, s, strlen(s));
isc_hmacsha224_update(&hmacsha224, buffer, strlen(s));
isc_hmacsha224_sign(&hmacsha224, digest, ISC_SHA224_DIGESTLENGTH);
print_digest(s, "hmacsha224", digest, ISC_SHA224_DIGESTLENGTH/4);
s = "\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335";
memset(key, 0xaa, 20);
isc_hmacsha224_init(&hmacsha224, key, 20);
memcpy(buffer, s, strlen(s));
isc_hmacsha224_update(&hmacsha224, buffer, strlen(s));
isc_hmacsha224_sign(&hmacsha224, digest, ISC_SHA224_DIGESTLENGTH);
print_digest(s, "hmacsha224", digest, ISC_SHA224_DIGESTLENGTH/4);
/*
* The 3 HMAC-SHA256 examples from RFC4634.
*/
s = "Hi There";
memset(key, 0x0b, 20);
isc_hmacsha256_init(&hmacsha256, key, 20);
memcpy(buffer, s, strlen(s));
isc_hmacsha256_update(&hmacsha256, buffer, strlen(s));
isc_hmacsha256_sign(&hmacsha256, digest, ISC_SHA256_DIGESTLENGTH);
print_digest(s, "hmacsha256", digest, ISC_SHA256_DIGESTLENGTH/4);
s = "what do ya want for nothing?";
strcpy((char *)key, "Jefe");
isc_hmacsha256_init(&hmacsha256, key, 4);
memcpy(buffer, s, strlen(s));
isc_hmacsha256_update(&hmacsha256, buffer, strlen(s));
isc_hmacsha256_sign(&hmacsha256, digest, ISC_SHA256_DIGESTLENGTH);
print_digest(s, "hmacsha256", digest, ISC_SHA256_DIGESTLENGTH/4);
s = "\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335";
memset(key, 0xaa, 20);
isc_hmacsha256_init(&hmacsha256, key, 20);
memcpy(buffer, s, strlen(s));
isc_hmacsha256_update(&hmacsha256, buffer, strlen(s));
isc_hmacsha256_sign(&hmacsha256, digest, ISC_SHA256_DIGESTLENGTH);
print_digest(s, "hmacsha256", digest, ISC_SHA256_DIGESTLENGTH/4);
/*
* The 3 HMAC-SHA384 examples from RFC4634.
*/
s = "Hi There";
memset(key, 0x0b, 20);
isc_hmacsha384_init(&hmacsha384, key, 20);
memcpy(buffer, s, strlen(s));
isc_hmacsha384_update(&hmacsha384, buffer, strlen(s));
isc_hmacsha384_sign(&hmacsha384, digest, ISC_SHA384_DIGESTLENGTH);
print_digest(s, "hmacsha384", digest, ISC_SHA384_DIGESTLENGTH/4);
s = "what do ya want for nothing?";
strcpy((char *)key, "Jefe");
isc_hmacsha384_init(&hmacsha384, key, 4);
memcpy(buffer, s, strlen(s));
isc_hmacsha384_update(&hmacsha384, buffer, strlen(s));
isc_hmacsha384_sign(&hmacsha384, digest, ISC_SHA384_DIGESTLENGTH);
print_digest(s, "hmacsha384", digest, ISC_SHA384_DIGESTLENGTH/4);
s = "\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335";
memset(key, 0xaa, 20);
isc_hmacsha384_init(&hmacsha384, key, 20);
memcpy(buffer, s, strlen(s));
isc_hmacsha384_update(&hmacsha384, buffer, strlen(s));
isc_hmacsha384_sign(&hmacsha384, digest, ISC_SHA384_DIGESTLENGTH);
print_digest(s, "hmacsha384", digest, ISC_SHA384_DIGESTLENGTH/4);
/*
* The 3 HMAC-SHA512 examples from RFC4634.
*/
s = "Hi There";
memset(key, 0x0b, 20);
isc_hmacsha512_init(&hmacsha512, key, 20);
memcpy(buffer, s, strlen(s));
isc_hmacsha512_update(&hmacsha512, buffer, strlen(s));
isc_hmacsha512_sign(&hmacsha512, digest, ISC_SHA512_DIGESTLENGTH);
print_digest(s, "hmacsha512", digest, ISC_SHA512_DIGESTLENGTH/4);
s = "what do ya want for nothing?";
strcpy((char *)key, "Jefe");
isc_hmacsha512_init(&hmacsha512, key, 4);
memcpy(buffer, s, strlen(s));
isc_hmacsha512_update(&hmacsha512, buffer, strlen(s));
isc_hmacsha512_sign(&hmacsha512, digest, ISC_SHA512_DIGESTLENGTH);
print_digest(s, "hmacsha512", digest, ISC_SHA512_DIGESTLENGTH/4);
s = "\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335"
"\335\335\335\335\335\335\335\335\335\335";
memset(key, 0xaa, 20);
isc_hmacsha512_init(&hmacsha512, key, 20);
memcpy(buffer, s, strlen(s));
isc_hmacsha512_update(&hmacsha512, buffer, strlen(s));
isc_hmacsha512_sign(&hmacsha512, digest, ISC_SHA512_DIGESTLENGTH);
print_digest(s, "hmacsha512", digest, ISC_SHA512_DIGESTLENGTH/4);
return (0);
}
......@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: hmacsha.c,v 1.4 2006/01/31 00:35:21 marka Exp $ */
/* $Id: hmacsha.c,v 1.5 2006/08/16 03:15:09 marka Exp $ */
/*
* This code implements the HMAC-SHA1, HMAC-SHA224, HMAC-SHA256, HMAC-SHA384
......@@ -42,7 +42,7 @@ void
isc_hmacsha1_init(isc_hmacsha1_t *ctx, const unsigned char *key,
unsigned int len)
{
unsigned char ipad[ISC_SHA1_DIGESTLENGTH];
unsigned char ipad[ISC_SHA1_BLOCK_LENGTH];
unsigned int i;
memset(ctx->key, 0, sizeof(ctx->key));
......@@ -56,7 +56,7 @@ isc_hmacsha1_init(isc_hmacsha1_t *ctx, const unsigned char *key,
isc_sha1_init(&ctx->sha1ctx);
memset(ipad, IPAD, sizeof(ipad));
for (i = 0; i < ISC_SHA1_DIGESTLENGTH; i++)
for (i = 0; i < ISC_SHA1_BLOCK_LENGTH; i++)
ipad[i] ^= ctx->key[i];
isc_sha1_update(&ctx->sha1ctx, ipad, sizeof(ipad));
}
......@@ -84,7 +84,7 @@ isc_hmacsha1_update(isc_hmacsha1_t *ctx, const unsigned char *buf,
*/
void
isc_hmacsha1_sign(isc_hmacsha1_t *ctx, unsigned char *digest, size_t len) {
unsigned char opad[ISC_SHA1_DIGESTLENGTH];
unsigned char opad[ISC_SHA1_BLOCK_LENGTH];
unsigned char newdigest[ISC_SHA1_DIGESTLENGTH];
unsigned int i;
......@@ -92,7 +92,7 @@ isc_hmacsha1_sign(isc_hmacsha1_t *ctx, unsigned char *digest, size_t len) {
isc_sha1_final(&ctx->sha1ctx, newdigest);
memset(opad, OPAD, sizeof(opad));
for (i = 0; i < ISC_SHA1_DIGESTLENGTH; i++)
for (i = 0; i < ISC_SHA1_BLOCK_LENGTH; i++)
opad[i] ^= ctx->key[i];
isc_sha1_init(&ctx->sha1ctx);
......@@ -101,7 +101,7 @@ isc_hmacsha1_sign(isc_hmacsha1_t *ctx, unsigned char *digest, size_t len) {
isc_sha1_final(&ctx->sha1ctx, newdigest);
isc_hmacsha1_invalidate(ctx);
memcpy(digest, newdigest, len);
memset(newdigest, 0, len);
memset(newdigest, 0, sizeof(newdigest));
}
/*
......@@ -112,7 +112,7 @@ isc_boolean_t
isc_hmacsha1_verify(isc_hmacsha1_t *ctx, unsigned char *digest, size_t len) {
unsigned char newdigest[ISC_SHA1_DIGESTLENGTH];
REQUIRE(len <= ISC_SHA1_DIGESTLENGTH);
REQUIRE(len <= ISC_SHA1_BLOCK_LENGTH);
isc_hmacsha1_sign(ctx, newdigest, ISC_SHA1_DIGESTLENGTH);
return (ISC_TF(memcmp(digest, newdigest, len) == 0));
}
......@@ -124,7 +124,7 @@ void
isc_hmacsha224_init(isc_hmacsha224_t *ctx, const unsigned char *key,
unsigned int len)
{
unsigned char ipad[ISC_SHA224_DIGESTLENGTH];
unsigned char ipad[ISC_SHA224_BLOCK_LENGTH];
unsigned int i;
memset(ctx->key, 0, sizeof(ctx->key));
......@@ -138,7 +138,7 @@ isc_hmacsha224_init(isc_hmacsha224_t *ctx, const unsigned char *key,
isc_sha224_init(&ctx->sha224ctx);
memset(ipad, IPAD, sizeof(ipad));
for (i = 0; i < ISC_SHA224_DIGESTLENGTH; i++)
for (i = 0; i < ISC_SHA224_BLOCK_LENGTH; i++)
ipad[i] ^= ctx->key[i];
isc_sha224_update(&ctx->sha224ctx, ipad, sizeof(ipad));
}
......@@ -165,7 +165,7 @@ isc_hmacsha224_update(isc_hmacsha224_t *ctx, const unsigned char *buf,
*/
void
isc_hmacsha224_sign(isc_hmacsha224_t *ctx, unsigned char *digest, size_t len) {
unsigned char opad[ISC_SHA224_DIGESTLENGTH];
unsigned char opad[ISC_SHA224_BLOCK_LENGTH];
unsigned char newdigest[ISC_SHA224_DIGESTLENGTH];
unsigned int i;
......@@ -173,7 +173,7 @@ isc_hmacsha224_sign(isc_hmacsha224_t *ctx, unsigned char *digest, size_t len) {
isc_sha224_final(newdigest, &ctx->sha224ctx);
memset(opad, OPAD, sizeof(opad));
for (i = 0; i < ISC_SHA224_DIGESTLENGTH; i++)
for (i = 0; i < ISC_SHA224_BLOCK_LENGTH; i++)
opad[i] ^= ctx->key[i];
isc_sha224_init(&ctx->sha224ctx);
......@@ -181,7 +181,7 @@ isc_hmacsha224_sign(isc_hmacsha224_t *ctx, unsigned char *digest, size_t len) {
isc_sha224_update(&ctx->sha224ctx, newdigest, ISC_SHA224_DIGESTLENGTH);
isc_sha224_final(newdigest, &ctx->sha224ctx);
memcpy(digest, newdigest, len);
memset(newdigest, 0, len);
memset(newdigest, 0, sizeof(newdigest));
}
/*
......@@ -204,7 +204,7 @@ void
isc_hmacsha256_init(isc_hmacsha256_t *ctx, const unsigned char *key,
unsigned int len)
{
unsigned char ipad[ISC_SHA256_DIGESTLENGTH];
unsigned char ipad[ISC_SHA256_BLOCK_LENGTH];
unsigned int i;
memset(ctx->key, 0, sizeof(ctx->key));
......@@ -218,7 +218,7 @@ isc_hmacsha256_init(isc_hmacsha256_t *ctx, const unsigned char *key,
isc_sha256_init(&ctx->sha256ctx);
memset(ipad, IPAD, sizeof(ipad));
for (i = 0; i < ISC_SHA256_DIGESTLENGTH; i++)
for (i = 0; i < ISC_SHA256_BLOCK_LENGTH; i++)
ipad[i] ^= ctx->key[i];
isc_sha256_update(&ctx->sha256ctx, ipad, sizeof(ipad));
}
......@@ -245,7 +245,7 @@ isc_hmacsha256_update(isc_hmacsha256_t *ctx, const unsigned char *buf,
*/
void
isc_hmacsha256_sign(isc_hmacsha256_t *ctx, unsigned char *digest, size_t len) {
unsigned char opad[ISC_SHA256_DIGESTLENGTH];
unsigned char opad[ISC_SHA256_BLOCK_LENGTH];
unsigned char newdigest[ISC_SHA256_DIGESTLENGTH];
unsigned int i;
......@@ -253,7 +253,7 @@ isc_hmacsha256_sign(isc_hmacsha256_t *ctx, unsigned char *digest, size_t len) {
isc_sha256_final(newdigest, &ctx->sha256ctx);
memset(opad, OPAD, sizeof(opad));
for (i = 0; i < ISC_SHA256_DIGESTLENGTH; i++)
for (i = 0; i < ISC_SHA256_BLOCK_LENGTH; i++)
opad[i] ^= ctx->key[i];
isc_sha256_init(&ctx->sha256ctx);
......@@ -261,7 +261,7 @@ isc_hmacsha256_sign(isc_hmacsha256_t *ctx, unsigned char *digest, size_t len) {
isc_sha256_update(&ctx->sha256ctx, newdigest, ISC_SHA256_DIGESTLENGTH);
isc_sha256_final(newdigest, &ctx->sha256ctx);
memcpy(digest, newdigest, len);
memset(newdigest, 0, len);
memset(newdigest, 0, sizeof(newdigest));
}
/*
......@@ -284,7 +284,7 @@ void
isc_hmacsha384_init(isc_hmacsha384_t *ctx, const unsigned char *key,
unsigned int len)
{
unsigned char ipad[ISC_SHA384_DIGESTLENGTH];
unsigned char ipad[ISC_SHA384_BLOCK_LENGTH];
unsigned int i;
memset(ctx->key, 0, sizeof(ctx->key));
......@@ -298,7 +298,7 @@ isc_hmacsha384_init(isc_hmacsha384_t *ctx, const unsigned char *key,
isc_sha384_init(&ctx->sha384ctx);
memset(ipad, IPAD, sizeof(ipad));
for (i = 0; i < ISC_SHA384_DIGESTLENGTH; i++)
for (i = 0; i < ISC_SHA384_BLOCK_LENGTH; i++)
ipad[i] ^= ctx->key[i];
isc_sha384_update(&ctx->sha384ctx, ipad, sizeof(ipad));
}
......@@ -325,7 +325,7 @@ isc_hmacsha384_update(isc_hmacsha384_t *ctx, const unsigned char *buf,
*/
void
isc_hmacsha384_sign(isc_hmacsha384_t *ctx, unsigned char *digest, size_t len) {
unsigned char opad[ISC_SHA384_DIGESTLENGTH];
unsigned char opad[ISC_SHA384_BLOCK_LENGTH];
unsigned char newdigest[ISC_SHA384_DIGESTLENGTH];
unsigned int i;
......@@ -333,7 +333,7 @@ isc_hmacsha384_sign(isc_hmacsha384_t *ctx, unsigned char *digest, size_t len) {
isc_sha384_final(newdigest, &ctx->sha384ctx);
memset(opad, OPAD, sizeof(opad));
for (i = 0; i < ISC_SHA384_DIGESTLENGTH; i++)
for (i = 0; i < ISC_SHA384_BLOCK_LENGTH; i++)
opad[i] ^= ctx->key[i];
isc_sha384_init(&ctx->sha384ctx);
......@@ -341,7 +341,7 @@ isc_hmacsha384_sign(isc_hmacsha384_t *ctx, unsigned char *digest, size_t len) {
isc_sha384_update(&ctx->sha384ctx, newdigest, ISC_SHA384_DIGESTLENGTH);
isc_sha384_final(newdigest, &ctx->sha384ctx);
memcpy(digest, newdigest, len);
memset(newdigest, 0, len);
memset(newdigest, 0, sizeof(newdigest));
}
/*
......@@ -364,7 +364,7 @@ void
isc_hmacsha512_init(isc_hmacsha512_t *ctx, const unsigned char *key,
unsigned int len)
{
unsigned char ipad[ISC_SHA512_DIGESTLENGTH];
unsigned char ipad[ISC_SHA512_BLOCK_LENGTH];
unsigned int i;
memset(ctx->key, 0, sizeof(ctx->key));
......@@ -378,7 +378,7 @@ isc_hmacsha512_init(isc_hmacsha512_t *ctx, const unsigned char *key,
isc_sha512_init(&ctx->sha512ctx);
memset(ipad, IPAD, sizeof(ipad));
for (i = 0; i < ISC_SHA512_DIGESTLENGTH; i++)
for (i = 0; i < ISC_SHA512_BLOCK_LENGTH; i++)
ipad[i] ^= ctx->key[i];
isc_sha512_update(&ctx->sha512ctx, ipad, sizeof(ipad));
}
......@@ -405,7 +405,7 @@ isc_hmacsha512_update(isc_hmacsha512_t *ctx, const unsigned char *buf,
*/
void
isc_hmacsha512_sign(isc_hmacsha512_t *ctx, unsigned char *digest, size_t len) {
unsigned char opad[ISC_SHA512_DIGESTLENGTH];
unsigned char opad[ISC_SHA512_BLOCK_LENGTH];
unsigned char newdigest[ISC_SHA512_DIGESTLENGTH];
unsigned int i;
......@@ -413,7 +413,7 @@ isc_hmacsha512_sign(isc_hmacsha512_t *ctx, unsigned char *digest, size_t len) {
isc_sha512_final(newdigest, &ctx->sha512ctx);
memset(opad, OPAD, sizeof(opad));
for (i = 0; i < ISC_SHA512_DIGESTLENGTH; i++)
for (i = 0; i < ISC_SHA512_BLOCK_LENGTH; i++)
opad[i] ^= ctx->key[i];
isc_sha512_init(&ctx->sha512ctx);
......@@ -421,7 +421,7 @@ isc_hmacsha512_sign(isc_hmacsha512_t *ctx, unsigned char *digest, size_t len) {
isc_sha512_update(&ctx->sha512ctx, newdigest, ISC_SHA512_DIGESTLENGTH);
isc_sha512_final(newdigest, &ctx->sha512ctx);
memcpy(digest, newdigest, len);
memset(newdigest, 0, len);
memset(newdigest, 0, sizeof(newdigest));
}
/*
......
......@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: hmacsha.h,v 1.3 2006/01/27 23:57:46 marka Exp $ */
/* $Id: hmacsha.h,v 1.4 2006/08/16 03:15:09 marka Exp $ */
/*
* This is the header file for the HMAC-SHA1, HMAC-SHA224, HMAC-SHA256,
......@@ -29,11 +29,11 @@
#include <isc/sha2.h>
#include <isc/types.h>
#define ISC_HMACSHA1_KEYLENGTH ISC_SHA1_DIGESTLENGTH
#define ISC_HMACSHA224_KEYLENGTH ISC_SHA224_DIGESTLENGTH
#define ISC_HMACSHA256_KEYLENGTH ISC_SHA256_DIGESTLENGTH
#define ISC_HMACSHA384_KEYLENGTH ISC_SHA384_DIGESTLENGTH
#define ISC_HMACSHA512_KEYLENGTH ISC_SHA512_DIGESTLENGTH
#define ISC_HMACSHA1_KEYLENGTH ISC_SHA1_BLOCK_LENGTH
#define ISC_HMACSHA224_KEYLENGTH ISC_SHA224_BLOCK_LENGTH
#define ISC_HMACSHA256_KEYLENGTH ISC_SHA256_BLOCK_LENGTH
#define ISC_HMACSHA384_KEYLENGTH ISC_SHA384_BLOCK_LENGTH
#define ISC_HMACSHA512_KEYLENGTH ISC_SHA512_BLOCK_LENGTH
typedef struct {
isc_sha1_t sha1ctx;
......
......@@ -18,7 +18,7 @@
#ifndef ISC_SHA1_H
#define ISC_SHA1_H 1
/* $Id: sha1.h,v 1.13 2006/02/01 00:10:35 marka Exp $ */
/* $Id: sha1.h,v 1.14 2006/08/16 03:15:09 marka Exp $ */
/* $NetBSD: sha1.h,v 1.2 1998/05/29 22:55:44 thorpej Exp $ */
......@@ -32,11 +32,12 @@
#include <isc/types.h>
#define ISC_SHA1_DIGESTLENGTH 20U
#define ISC_SHA1_BLOCK_LENGTH 64U
typedef struct {
isc_uint32_t state[5];
isc_uint32_t count[2];
unsigned char buffer[64];
unsigned char buffer[ISC_SHA1_BLOCK_LENGTH];
} isc_sha1_t;
ISC_LANG_BEGINDECLS
......
......@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: sha2.h,v 1.6 2006/02/24 00:03:15 marka Exp $ */
/* $Id: sha2.h,v 1.7 2006/08/16 03:15:09 marka Exp $ */
/* $FreeBSD: src/sys/crypto/sha2/sha2.h,v 1.1.2.1 2001/07/03 11:01:36 ume Exp $ */
/* $KAME: sha2.h,v 1.3 2001/03/12 08:27:48 itojun Exp $ */
......@@ -62,6 +62,7 @@
/*** SHA-224/256/384/512 Various Length Definitions ***********************/
#define ISC_SHA224_BLOCK_LENGTH 64U
#define ISC_SHA224_DIGESTLENGTH 28U
#define ISC_SHA224_DIGESTSTRINGLENGTH (ISC_SHA224_DIGESTLENGTH * 2 + 1)
#define ISC_SHA256_BLOCK_LENGTH 64U
......
......@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: sha2.c,v 1.9 2006/03/10 03:49:57 marka Exp $ */
/* $Id: sha2.c,v 1.10 2006/08/16 03:15:09 marka Exp $ */
/* $FreeBSD: src/sys/crypto/sha2/sha2.c,v 1.2.2.2 2002/03/05 08:36:47 ume Exp $ */
/* $KAME: sha2.c,v 1.8 2001/11/08 01:07:52 itojun Exp $ */
......@@ -420,7 +420,7 @@ isc_sha224_update(isc_sha224_t *context, const isc_uint8_t* data, size_t len) {
}
void
isc_sha224_final(isc_uint8_t digest[], isc_sha256_t *context) {
isc_sha224_final(isc_uint8_t digest[], isc_sha224_t *context) {
isc_uint8_t sha256_digest[ISC_SHA256_DIGESTLENGTH];
isc_sha256_final(sha256_digest, (isc_sha256_t *)context);
memcpy(digest, sha256_digest, ISC_SHA224_DIGESTLENGTH);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment