[efi] Include installed protocol list in unknown handle names
[ipxe.git] / src / crypto / hmac.c
1 /*
2 * Copyright (C) 2007 Michael Brown <mbrown@fensystems.co.uk>.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License as
6 * published by the Free Software Foundation; either version 2 of the
7 * License, or any later version.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
17 * 02110-1301, USA.
18 *
19 * You can also choose to distribute this program under the terms of
20 * the Unmodified Binary Distribution Licence (as given in the file
21 * COPYING.UBDL), provided that you have satisfied its requirements.
22 */
23
24 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
25
26 /**
27 * @file
28 *
29 * Keyed-Hashing for Message Authentication
30 */
31
32 #include <string.h>
33 #include <assert.h>
34 #include <ipxe/crypto.h>
35 #include <ipxe/hmac.h>
36
37 /**
38 * Reduce HMAC key length
39 *
40 * @v digest Digest algorithm to use
41 * @v digest_ctx Digest context
42 * @v key Key
43 * @v key_len Length of key
44 */
45 static void hmac_reduce_key ( struct digest_algorithm *digest,
46 void *key, size_t *key_len ) {
47 uint8_t digest_ctx[digest->ctxsize];
48
49 digest_init ( digest, digest_ctx );
50 digest_update ( digest, digest_ctx, key, *key_len );
51 digest_final ( digest, digest_ctx, key );
52 *key_len = digest->digestsize;
53 }
54
55 /**
56 * Initialise HMAC
57 *
58 * @v digest Digest algorithm to use
59 * @v digest_ctx Digest context
60 * @v key Key
61 * @v key_len Length of key
62 *
63 * The length of the key should be less than the block size of the
64 * digest algorithm being used. (If the key length is greater, it
65 * will be replaced with its own digest, and key_len will be updated
66 * accordingly).
67 */
68 void hmac_init ( struct digest_algorithm *digest, void *digest_ctx,
69 void *key, size_t *key_len ) {
70 unsigned char k_ipad[digest->blocksize];
71 unsigned int i;
72
73 /* Reduce key if necessary */
74 if ( *key_len > sizeof ( k_ipad ) )
75 hmac_reduce_key ( digest, key, key_len );
76
77 /* Construct input pad */
78 memset ( k_ipad, 0, sizeof ( k_ipad ) );
79 memcpy ( k_ipad, key, *key_len );
80 for ( i = 0 ; i < sizeof ( k_ipad ) ; i++ ) {
81 k_ipad[i] ^= 0x36;
82 }
83
84 /* Start inner hash */
85 digest_init ( digest, digest_ctx );
86 digest_update ( digest, digest_ctx, k_ipad, sizeof ( k_ipad ) );
87 }
88
89 /**
90 * Finalise HMAC
91 *
92 * @v digest Digest algorithm to use
93 * @v digest_ctx Digest context
94 * @v key Key
95 * @v key_len Length of key
96 * @v hmac HMAC digest to fill in
97 *
98 * The length of the key should be less than the block size of the
99 * digest algorithm being used. (If the key length is greater, it
100 * will be replaced with its own digest, and key_len will be updated
101 * accordingly).
102 */
103 void hmac_final ( struct digest_algorithm *digest, void *digest_ctx,
104 void *key, size_t *key_len, void *hmac ) {
105 unsigned char k_opad[digest->blocksize];
106 unsigned int i;
107
108 /* Reduce key if necessary */
109 if ( *key_len > sizeof ( k_opad ) )
110 hmac_reduce_key ( digest, key, key_len );
111
112 /* Construct output pad */
113 memset ( k_opad, 0, sizeof ( k_opad ) );
114 memcpy ( k_opad, key, *key_len );
115 for ( i = 0 ; i < sizeof ( k_opad ) ; i++ ) {
116 k_opad[i] ^= 0x5c;
117 }
118
119 /* Finish inner hash */
120 digest_final ( digest, digest_ctx, hmac );
121
122 /* Perform outer hash */
123 digest_init ( digest, digest_ctx );
124 digest_update ( digest, digest_ctx, k_opad, sizeof ( k_opad ) );
125 digest_update ( digest, digest_ctx, hmac, digest->digestsize );
126 digest_final ( digest, digest_ctx, hmac );
127 }