diff options
Diffstat (limited to 'nacl/crypto_auth/hmacsha256/ref/hmac.c')
-rw-r--r-- | nacl/crypto_auth/hmacsha256/ref/hmac.c | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/nacl/crypto_auth/hmacsha256/ref/hmac.c b/nacl/crypto_auth/hmacsha256/ref/hmac.c new file mode 100644 index 00000000..8ab30bb4 --- /dev/null +++ b/nacl/crypto_auth/hmacsha256/ref/hmac.c | |||
@@ -0,0 +1,83 @@ | |||
1 | /* | ||
2 | * 20080913 | ||
3 | * D. J. Bernstein | ||
4 | * Public domain. | ||
5 | * */ | ||
6 | |||
7 | #include "crypto_hashblocks_sha256.h" | ||
8 | #include "crypto_auth.h" | ||
9 | |||
10 | #define blocks crypto_hashblocks_sha256 | ||
11 | |||
12 | typedef unsigned int uint32; | ||
13 | |||
14 | static const char iv[32] = { | ||
15 | 0x6a,0x09,0xe6,0x67, | ||
16 | 0xbb,0x67,0xae,0x85, | ||
17 | 0x3c,0x6e,0xf3,0x72, | ||
18 | 0xa5,0x4f,0xf5,0x3a, | ||
19 | 0x51,0x0e,0x52,0x7f, | ||
20 | 0x9b,0x05,0x68,0x8c, | ||
21 | 0x1f,0x83,0xd9,0xab, | ||
22 | 0x5b,0xe0,0xcd,0x19, | ||
23 | } ; | ||
24 | |||
25 | int crypto_auth(unsigned char *out,const unsigned char *in,unsigned long long inlen,const unsigned char *k) | ||
26 | { | ||
27 | unsigned char h[32]; | ||
28 | unsigned char padded[128]; | ||
29 | int i; | ||
30 | unsigned long long bits = 512 + (inlen << 3); | ||
31 | |||
32 | for (i = 0;i < 32;++i) h[i] = iv[i]; | ||
33 | |||
34 | for (i = 0;i < 32;++i) padded[i] = k[i] ^ 0x36; | ||
35 | for (i = 32;i < 64;++i) padded[i] = 0x36; | ||
36 | |||
37 | blocks(h,padded,64); | ||
38 | blocks(h,in,inlen); | ||
39 | in += inlen; | ||
40 | inlen &= 63; | ||
41 | in -= inlen; | ||
42 | |||
43 | for (i = 0;i < inlen;++i) padded[i] = in[i]; | ||
44 | padded[inlen] = 0x80; | ||
45 | |||
46 | if (inlen < 56) { | ||
47 | for (i = inlen + 1;i < 56;++i) padded[i] = 0; | ||
48 | padded[56] = bits >> 56; | ||
49 | padded[57] = bits >> 48; | ||
50 | padded[58] = bits >> 40; | ||
51 | padded[59] = bits >> 32; | ||
52 | padded[60] = bits >> 24; | ||
53 | padded[61] = bits >> 16; | ||
54 | padded[62] = bits >> 8; | ||
55 | padded[63] = bits; | ||
56 | blocks(h,padded,64); | ||
57 | } else { | ||
58 | for (i = inlen + 1;i < 120;++i) padded[i] = 0; | ||
59 | padded[120] = bits >> 56; | ||
60 | padded[121] = bits >> 48; | ||
61 | padded[122] = bits >> 40; | ||
62 | padded[123] = bits >> 32; | ||
63 | padded[124] = bits >> 24; | ||
64 | padded[125] = bits >> 16; | ||
65 | padded[126] = bits >> 8; | ||
66 | padded[127] = bits; | ||
67 | blocks(h,padded,128); | ||
68 | } | ||
69 | |||
70 | for (i = 0;i < 32;++i) padded[i] = k[i] ^ 0x5c; | ||
71 | for (i = 32;i < 64;++i) padded[i] = 0x5c; | ||
72 | for (i = 0;i < 32;++i) padded[64 + i] = h[i]; | ||
73 | |||
74 | for (i = 0;i < 32;++i) out[i] = iv[i]; | ||
75 | |||
76 | for (i = 32;i < 64;++i) padded[64 + i] = 0; | ||
77 | padded[64 + 32] = 0x80; | ||
78 | padded[64 + 62] = 3; | ||
79 | |||
80 | blocks(out,padded,128); | ||
81 | |||
82 | return 0; | ||
83 | } | ||