hmac: add support for SHA-2
[libav.git] / libavutil / hmac.c
1 /*
2 * Copyright (C) 2012 Martin Storsjo
3 *
4 * This file is part of Libav.
5 *
6 * Libav is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * Libav is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with Libav; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21 #include <string.h>
22
23 #include "attributes.h"
24 #include "hmac.h"
25 #include "md5.h"
26 #include "sha.h"
27 #include "mem.h"
28
29 #define MAX_HASHLEN 32
30 #define MAX_BLOCKLEN 64
31
32 struct AVHMAC {
33 void *hash;
34 int blocklen, hashlen;
35 void (*final)(void*, uint8_t*);
36 void (*update)(void*, const uint8_t*, int len);
37 void (*init)(void*);
38 uint8_t key[MAX_BLOCKLEN];
39 int keylen;
40 };
41
42 #define DEFINE_SHA(bits) \
43 static av_cold void sha ## bits ##_init(void *ctx) \
44 { \
45 av_sha_init(ctx, bits); \
46 }
47
48 DEFINE_SHA(160)
49 DEFINE_SHA(224)
50 DEFINE_SHA(256)
51
52 AVHMAC *av_hmac_alloc(enum AVHMACType type)
53 {
54 AVHMAC *c = av_mallocz(sizeof(*c));
55 if (!c)
56 return NULL;
57 switch (type) {
58 case AV_HMAC_MD5:
59 c->blocklen = 64;
60 c->hashlen = 16;
61 c->init = av_md5_init;
62 c->update = av_md5_update;
63 c->final = av_md5_final;
64 c->hash = av_md5_alloc();
65 break;
66 case AV_HMAC_SHA1:
67 c->blocklen = 64;
68 c->hashlen = 20;
69 c->init = sha160_init;
70 c->update = av_sha_update;
71 c->final = av_sha_final;
72 c->hash = av_sha_alloc();
73 break;
74 case AV_HMAC_SHA224:
75 c->blocklen = 64;
76 c->hashlen = 28;
77 c->init = sha224_init;
78 c->update = av_sha_update;
79 c->final = av_sha_final;
80 c->hash = av_sha_alloc();
81 break;
82 case AV_HMAC_SHA256:
83 c->blocklen = 64;
84 c->hashlen = 32;
85 c->init = sha256_init;
86 c->update = av_sha_update;
87 c->final = av_sha_final;
88 c->hash = av_sha_alloc();
89 break;
90 default:
91 av_free(c);
92 return NULL;
93 }
94 if (!c->hash) {
95 av_free(c);
96 return NULL;
97 }
98 return c;
99 }
100
101 void av_hmac_free(AVHMAC *c)
102 {
103 if (!c)
104 return;
105 av_free(c->hash);
106 av_free(c);
107 }
108
109 void av_hmac_init(AVHMAC *c, const uint8_t *key, unsigned int keylen)
110 {
111 int i;
112 uint8_t block[MAX_BLOCKLEN];
113 if (keylen > c->blocklen) {
114 c->init(c->hash);
115 c->update(c->hash, key, keylen);
116 c->final(c->hash, c->key);
117 c->keylen = c->hashlen;
118 } else {
119 memcpy(c->key, key, keylen);
120 c->keylen = keylen;
121 }
122 c->init(c->hash);
123 for (i = 0; i < c->keylen; i++)
124 block[i] = c->key[i] ^ 0x36;
125 for (i = c->keylen; i < c->blocklen; i++)
126 block[i] = 0x36;
127 c->update(c->hash, block, c->blocklen);
128 }
129
130 void av_hmac_update(AVHMAC *c, const uint8_t *data, unsigned int len)
131 {
132 c->update(c->hash, data, len);
133 }
134
135 int av_hmac_final(AVHMAC *c, uint8_t *out, unsigned int outlen)
136 {
137 uint8_t block[MAX_BLOCKLEN];
138 int i;
139 if (outlen < c->hashlen)
140 return AVERROR(EINVAL);
141 c->final(c->hash, out);
142 c->init(c->hash);
143 for (i = 0; i < c->keylen; i++)
144 block[i] = c->key[i] ^ 0x5C;
145 for (i = c->keylen; i < c->blocklen; i++)
146 block[i] = 0x5C;
147 c->update(c->hash, block, c->blocklen);
148 c->update(c->hash, out, c->hashlen);
149 c->final(c->hash, out);
150 return c->hashlen;
151 }
152
153 int av_hmac_calc(AVHMAC *c, const uint8_t *data, unsigned int len,
154 const uint8_t *key, unsigned int keylen,
155 uint8_t *out, unsigned int outlen)
156 {
157 av_hmac_init(c, key, keylen);
158 av_hmac_update(c, data, len);
159 return av_hmac_final(c, out, outlen);
160 }
161
162 #ifdef TEST
163 #include <stdio.h>
164
165 static void test(AVHMAC *hmac, const uint8_t *key, int keylen,
166 const uint8_t *data, int datalen)
167 {
168 uint8_t buf[MAX_HASHLEN];
169 int out, i;
170 // Some of the test vectors are strings, where sizeof() includes the
171 // trailing null byte - remove that.
172 if (!key[keylen - 1])
173 keylen--;
174 if (!data[datalen - 1])
175 datalen--;
176 out = av_hmac_calc(hmac, data, datalen, key, keylen, buf, sizeof(buf));
177 for (i = 0; i < out; i++)
178 printf("%02x", buf[i]);
179 printf("\n");
180 }
181
182 int main(void)
183 {
184 uint8_t key1[16], key3[16], data3[50], key4[63], key5[64], key6[65];
185 const uint8_t key2[] = "Jefe";
186 const uint8_t data1[] = "Hi There";
187 const uint8_t data2[] = "what do ya want for nothing?";
188 AVHMAC *hmac = av_hmac_alloc(AV_HMAC_MD5);
189 if (!hmac)
190 return 1;
191 memset(key1, 0x0b, sizeof(key1));
192 memset(key3, 0xaa, sizeof(key3));
193 memset(key4, 0x44, sizeof(key4));
194 memset(key5, 0x55, sizeof(key5));
195 memset(key6, 0x66, sizeof(key6));
196 memset(data3, 0xdd, sizeof(data3));
197 // RFC 2104 test vectors
198 test(hmac, key1, sizeof(key1), data1, sizeof(data1));
199 test(hmac, key2, sizeof(key2), data2, sizeof(data2));
200 test(hmac, key3, sizeof(key3), data3, sizeof(data3));
201 // Additional tests, to test cases where the key is too long
202 test(hmac, key4, sizeof(key4), data1, sizeof(data1));
203 test(hmac, key5, sizeof(key5), data2, sizeof(data2));
204 test(hmac, key6, sizeof(key6), data3, sizeof(data3));
205 av_hmac_free(hmac);
206 return 0;
207 }
208 #endif /* TEST */