[libav.git] / libavutil / hmac.c

/*
 * Copyright (C) 2012 Martin Storsjo
 *
 * This file is part of Libav.
 *
 * Libav is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * Libav is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with Libav; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 */

#include <string.h>

#include "attributes.h"
#include "hmac.h"
#include "md5.h"
#include "sha.h"
#include "mem.h"

#define MAX_HASHLEN 32
#define MAX_BLOCKLEN 64

struct AVHMAC {
    void *hash;
    int blocklen, hashlen;
    void (*final)(void*, uint8_t*);
    void (*update)(void*, const uint8_t*, int len);
    void (*init)(void*);
    uint8_t key[MAX_BLOCKLEN];
    int keylen;
};

#define DEFINE_SHA(bits)                           \
static av_cold void sha ## bits ##_init(void *ctx) \
{                                                  \
    av_sha_init(ctx, bits);                        \
}

DEFINE_SHA(160)
DEFINE_SHA(224)
DEFINE_SHA(256)

AVHMAC *av_hmac_alloc(enum AVHMACType type)
{
    AVHMAC *c = av_mallocz(sizeof(*c));
    if (!c)
        return NULL;
    switch (type) {
    case AV_HMAC_MD5:
        c->blocklen = 64;
        c->hashlen  = 16;
        c->init     = av_md5_init;
        c->update   = av_md5_update;
        c->final    = av_md5_final;
        c->hash     = av_md5_alloc();
        break;
    case AV_HMAC_SHA1:
        c->blocklen = 64;
        c->hashlen  = 20;
        c->init     = sha160_init;
        c->update   = av_sha_update;
        c->final    = av_sha_final;
        c->hash     = av_sha_alloc();
        break;
    case AV_HMAC_SHA224:
        c->blocklen = 64;
        c->hashlen  = 28;
        c->init     = sha224_init;
        c->update   = av_sha_update;
        c->final    = av_sha_final;
        c->hash     = av_sha_alloc();
        break;
    case AV_HMAC_SHA256:
        c->blocklen = 64;
        c->hashlen  = 32;
        c->init     = sha256_init;
        c->update   = av_sha_update;
        c->final    = av_sha_final;
        c->hash     = av_sha_alloc();
        break;
    default:
        av_free(c);
        return NULL;
    }
    if (!c->hash) {
        av_free(c);
        return NULL;
    }
    return c;
}

void av_hmac_free(AVHMAC *c)
{
    if (!c)
        return;
    av_free(c->hash);
    av_free(c);
}

void av_hmac_init(AVHMAC *c, const uint8_t *key, unsigned int keylen)
{
    int i;
    uint8_t block[MAX_BLOCKLEN];
    if (keylen > c->blocklen) {
        c->init(c->hash);
        c->update(c->hash, key, keylen);
        c->final(c->hash, c->key);
        c->keylen = c->hashlen;
    } else {
        memcpy(c->key, key, keylen);
        c->keylen = keylen;
    }
    c->init(c->hash);
    for (i = 0; i < c->keylen; i++)
        block[i] = c->key[i] ^ 0x36;
    for (i = c->keylen; i < c->blocklen; i++)
        block[i] = 0x36;
    c->update(c->hash, block, c->blocklen);
}

void av_hmac_update(AVHMAC *c, const uint8_t *data, unsigned int len)
{
    c->update(c->hash, data, len);
}

int av_hmac_final(AVHMAC *c, uint8_t *out, unsigned int outlen)
{
    uint8_t block[MAX_BLOCKLEN];
    int i;
    if (outlen < c->hashlen)
        return AVERROR(EINVAL);
    c->final(c->hash, out);
    c->init(c->hash);
    for (i = 0; i < c->keylen; i++)
        block[i] = c->key[i] ^ 0x5C;
    for (i = c->keylen; i < c->blocklen; i++)
        block[i] = 0x5C;
    c->update(c->hash, block, c->blocklen);
    c->update(c->hash, out, c->hashlen);
    c->final(c->hash, out);
    return c->hashlen;
}

int av_hmac_calc(AVHMAC *c, const uint8_t *data, unsigned int len,
                 const uint8_t *key, unsigned int keylen,
                 uint8_t *out, unsigned int outlen)
{
    av_hmac_init(c, key, keylen);
    av_hmac_update(c, data, len);
    return av_hmac_final(c, out, outlen);
}

#ifdef TEST
#include <stdio.h>

static void test(AVHMAC *hmac, const uint8_t *key, int keylen,
                 const uint8_t *data, int datalen)
{
    uint8_t buf[MAX_HASHLEN];
    int out, i;
    // Some of the test vectors are strings, where sizeof() includes the
    // trailing null byte - remove that.
    if (!key[keylen - 1])
        keylen--;
    if (!data[datalen - 1])
        datalen--;
    out = av_hmac_calc(hmac, data, datalen, key, keylen, buf, sizeof(buf));
    for (i = 0; i < out; i++)
        printf("%02x", buf[i]);
    printf("\n");
}

int main(void)
{
    uint8_t key1[20], key3[131], data3[50];
    enum AVHMACType i = AV_HMAC_SHA224;
    const uint8_t key2[]  = "Jefe";
    const uint8_t data1[] = "Hi There";
    const uint8_t data2[] = "what do ya want for nothing?";
    const uint8_t data4[] = "Test Using Larger Than Block-Size Key - Hash Key First";
    const uint8_t data5[] = "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data";
    const uint8_t data6[] = "This is a test using a larger than block-size key and a larger "
                            "than block-size data. The key needs to be hashed before being used"
                            " by the HMAC algorithm.";
    AVHMAC *hmac = av_hmac_alloc(AV_HMAC_MD5);
    if (!hmac)
        return 1;
    memset(key1, 0x0b, sizeof(key1));
    memset(key3, 0xaa, sizeof(key3));
    memset(data3, 0xdd, sizeof(data3));
    // RFC 2202 test vectors
    test(hmac, key1, 16, data1, sizeof(data1));
    test(hmac, key2, sizeof(key2), data2, sizeof(data2));
    test(hmac, key3, 16, data3, sizeof(data3));
    test(hmac, key3, 80, data4, sizeof(data4));
    test(hmac, key3, 80, data5, sizeof(data5));
    av_hmac_free(hmac);

    /* SHA-1 */
    hmac = av_hmac_alloc(AV_HMAC_SHA1);
    if (!hmac)
        return 1;
    // RFC 2202 test vectors
    test(hmac, key1, sizeof(key1), data1, sizeof(data1));
    test(hmac, key2, sizeof(key2), data2, sizeof(data2));
    test(hmac, key3, 20, data3, sizeof(data3));
    test(hmac, key3, 80, data4, sizeof(data4));
    test(hmac, key3, 80, data5, sizeof(data5));
    av_hmac_free(hmac);

    /* SHA-2 */
    while (i <= AV_HMAC_SHA256) {
        hmac = av_hmac_alloc(i);
        // RFC 4231 test vectors
        test(hmac, key1, sizeof(key1), data1, sizeof(data1));
        test(hmac, key2, sizeof(key2), data2, sizeof(data2));
        test(hmac, key3, 20, data3, sizeof(data3));
        test(hmac, key3, sizeof(key3), data4, sizeof(data4));
        test(hmac, key3, sizeof(key3), data6, sizeof(data6));
        av_hmac_free(hmac);
        i++;
    }
    return 0;
}
#endif /* TEST */
Commit	Line	Data
8ee288d2 MS	1	/*
	2	* Copyright (C) 2012 Martin Storsjo
	3	*
	4	* This file is part of Libav.
	5	*
	6	* Libav is free software; you can redistribute it and/or
	7	* modify it under the terms of the GNU Lesser General Public
	8	* License as published by the Free Software Foundation; either
	9	* version 2.1 of the License, or (at your option) any later version.
	10	*
	11	* Libav is distributed in the hope that it will be useful,
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	14	* Lesser General Public License for more details.
	15	*
	16	* You should have received a copy of the GNU Lesser General Public
	17	* License along with Libav; if not, write to the Free Software
	18	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
	19	*/
	20
	21	#include <string.h>
	22
1fda184a	23	#include "attributes.h"
8ee288d2 MS	24	#include "hmac.h"
	25	#include "md5.h"
	26	#include "sha.h"
	27	#include "mem.h"
	28
7e38340b	29	#define MAX_HASHLEN 32
8ee288d2 MS	30	#define MAX_BLOCKLEN 64
	31
	32	struct AVHMAC {
	33	void *hash;
	34	int blocklen, hashlen;
	35	void (final)(void, uint8_t*);
	36	void (update)(void, const uint8_t*, int len);
	37	void (init)(void);
	38	uint8_t key[MAX_BLOCKLEN];
	39	int keylen;
	40	};
	41
7e38340b JA	42	#define DEFINE_SHA(bits) \
	43	static av_cold void sha ## bits ##_init(void *ctx) \
	44	{ \
	45	av_sha_init(ctx, bits); \
8ee288d2 MS	46	}
8ee288d2 MS	47
7e38340b JA	48	DEFINE_SHA(160)
	49	DEFINE_SHA(224)
	50	DEFINE_SHA(256)
	51
8ee288d2 MS	52	AVHMAC *av_hmac_alloc(enum AVHMACType type)
	53	{
	54	AVHMAC c = av_mallocz(sizeof(c));
	55	if (!c)
	56	return NULL;
	57	switch (type) {
	58	case AV_HMAC_MD5:
	59	c->blocklen = 64;
	60	c->hashlen = 16;
	61	c->init = av_md5_init;
	62	c->update = av_md5_update;
	63	c->final = av_md5_final;
	64	c->hash = av_md5_alloc();
	65	break;
	66	case AV_HMAC_SHA1:
	67	c->blocklen = 64;
	68	c->hashlen = 20;
7e38340b JA	69	c->init = sha160_init;
	70	c->update = av_sha_update;
	71	c->final = av_sha_final;
	72	c->hash = av_sha_alloc();
	73	break;
	74	case AV_HMAC_SHA224:
	75	c->blocklen = 64;
	76	c->hashlen = 28;
	77	c->init = sha224_init;
	78	c->update = av_sha_update;
	79	c->final = av_sha_final;
	80	c->hash = av_sha_alloc();
	81	break;
	82	case AV_HMAC_SHA256:
	83	c->blocklen = 64;
	84	c->hashlen = 32;
	85	c->init = sha256_init;
8ee288d2 MS	86	c->update = av_sha_update;
	87	c->final = av_sha_final;
	88	c->hash = av_sha_alloc();
	89	break;
	90	default:
	91	av_free(c);
	92	return NULL;
	93	}
	94	if (!c->hash) {
	95	av_free(c);
	96	return NULL;
	97	}
	98	return c;
	99	}
	100
	101	void av_hmac_free(AVHMAC *c)
	102	{
	103	if (!c)
	104	return;
	105	av_free(c->hash);
	106	av_free(c);
	107	}
	108
	109	void av_hmac_init(AVHMAC c, const uint8_t key, unsigned int keylen)
	110	{
	111	int i;
	112	uint8_t block[MAX_BLOCKLEN];
	113	if (keylen > c->blocklen) {
	114	c->init(c->hash);
	115	c->update(c->hash, key, keylen);
	116	c->final(c->hash, c->key);
	117	c->keylen = c->hashlen;
	118	} else {
	119	memcpy(c->key, key, keylen);
	120	c->keylen = keylen;
	121	}
	122	c->init(c->hash);
	123	for (i = 0; i < c->keylen; i++)
	124	block[i] = c->key[i] ^ 0x36;
	125	for (i = c->keylen; i < c->blocklen; i++)
	126	block[i] = 0x36;
	127	c->update(c->hash, block, c->blocklen);
	128	}
	129
	130	void av_hmac_update(AVHMAC c, const uint8_t data, unsigned int len)
	131	{
	132	c->update(c->hash, data, len);
	133	}
	134
	135	int av_hmac_final(AVHMAC c, uint8_t out, unsigned int outlen)
	136	{
	137	uint8_t block[MAX_BLOCKLEN];
	138	int i;
	139	if (outlen < c->hashlen)
	140	return AVERROR(EINVAL);
	141	c->final(c->hash, out);
	142	c->init(c->hash);
	143	for (i = 0; i < c->keylen; i++)
	144	block[i] = c->key[i] ^ 0x5C;
	145	for (i = c->keylen; i < c->blocklen; i++)
	146	block[i] = 0x5C;
	147	c->update(c->hash, block, c->blocklen);
	148	c->update(c->hash, out, c->hashlen);
	149	c->final(c->hash, out);
150	return c->hashlen;
151	}
152
153	int av_hmac_calc(AVHMAC c, const uint8_t data, unsigned int len,
154	const uint8_t *key, unsigned int keylen,
155	uint8_t *out, unsigned int outlen)
156	{
157	av_hmac_init(c, key, keylen);
158	av_hmac_update(c, data, len);
159	return av_hmac_final(c, out, outlen);
160	}
3130fa51 MS	161
	162	#ifdef TEST
	163	#include <stdio.h>
	164
	165	static void test(AVHMAC hmac, const uint8_t key, int keylen,
	166	const uint8_t *data, int datalen)
	167	{
	168	uint8_t buf[MAX_HASHLEN];
	169	int out, i;
	170	// Some of the test vectors are strings, where sizeof() includes the
	171	// trailing null byte - remove that.
	172	if (!key[keylen - 1])
	173	keylen--;
	174	if (!data[datalen - 1])
	175	datalen--;
	176	out = av_hmac_calc(hmac, data, datalen, key, keylen, buf, sizeof(buf));
	177	for (i = 0; i < out; i++)
	178	printf("%02x", buf[i]);
	179	printf("\n");
	180	}
	181
	182	int main(void)
	183	{
e59f7cd8 JA	184	uint8_t key1[20], key3[131], data3[50];
e59f7cd8 JA	185	enum AVHMACType i = AV_HMAC_SHA224;
3130fa51 MS	186	const uint8_t key2[] = "Jefe";
	187	const uint8_t data1[] = "Hi There";
	188	const uint8_t data2[] = "what do ya want for nothing?";
e59f7cd8 JA	189	const uint8_t data4[] = "Test Using Larger Than Block-Size Key - Hash Key First";
	190	const uint8_t data5[] = "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data";
	191	const uint8_t data6[] = "This is a test using a larger than block-size key and a larger "
	192	"than block-size data. The key needs to be hashed before being used"
	193	" by the HMAC algorithm.";
3130fa51 MS	194	AVHMAC *hmac = av_hmac_alloc(AV_HMAC_MD5);
	195	if (!hmac)
	196	return 1;
	197	memset(key1, 0x0b, sizeof(key1));
	198	memset(key3, 0xaa, sizeof(key3));
3130fa51	199	memset(data3, 0xdd, sizeof(data3));
e59f7cd8 JA	200	// RFC 2202 test vectors
	201	test(hmac, key1, 16, data1, sizeof(data1));
	202	test(hmac, key2, sizeof(key2), data2, sizeof(data2));
	203	test(hmac, key3, 16, data3, sizeof(data3));
	204	test(hmac, key3, 80, data4, sizeof(data4));
	205	test(hmac, key3, 80, data5, sizeof(data5));
	206	av_hmac_free(hmac);
	207
	208	/* SHA-1 */
	209	hmac = av_hmac_alloc(AV_HMAC_SHA1);
	210	if (!hmac)
	211	return 1;
	212	// RFC 2202 test vectors
3130fa51 MS	213	test(hmac, key1, sizeof(key1), data1, sizeof(data1));
3130fa51 MS	214	test(hmac, key2, sizeof(key2), data2, sizeof(data2));
e59f7cd8 JA	215	test(hmac, key3, 20, data3, sizeof(data3));
	216	test(hmac, key3, 80, data4, sizeof(data4));
	217	test(hmac, key3, 80, data5, sizeof(data5));
3130fa51	218	av_hmac_free(hmac);
e59f7cd8 JA	219
	220	/* SHA-2 */
	221	while (i <= AV_HMAC_SHA256) {
	222	hmac = av_hmac_alloc(i);
	223	// RFC 4231 test vectors
	224	test(hmac, key1, sizeof(key1), data1, sizeof(data1));
	225	test(hmac, key2, sizeof(key2), data2, sizeof(data2));
	226	test(hmac, key3, 20, data3, sizeof(data3));
	227	test(hmac, key3, sizeof(key3), data4, sizeof(data4));
	228	test(hmac, key3, sizeof(key3), data6, sizeof(data6));
	229	av_hmac_free(hmac);
	230	i++;
	231	}
3130fa51 MS	232	return 0;
	233	}
	234	#endif /* TEST */