summaryrefslogtreecommitdiff
path: root/lib/crypto/hmac.myr
blob: 54b5b3ec67d36ada479eeeac767ee12f1cb4cd00 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
use std

use "sha256"
use "hash"

pkg crypto =
	type hmac(@h) :: hash @h = struct
		inner	: @h
		outer	: @h
	;;

	const hmacsha256 	: (key : byte[:], msg : byte[:] -> byte[32])
	const hmacsha224 	: (key : byte[:], msg : byte[:] -> byte[28])
	generic hmacinit	: (hmac : hmac(@h)#, key : byte[:] -> void)
	generic hmacadd		: (hmac : hmac(@h)#, msg : byte[:] -> void)
	generic hmacfin		: (hmac : hmac(@h)#, dst : byte[:] -> void)
;;

const hmacsha256 = {key, msg
	var hmac : hmac(sha256)
	var r : byte[32]

	hmacinit(&hmac, key)
	hmacadd(&hmac, msg)
	hmacfin(&hmac, r[:])
	-> r
}

const hmacsha224 = {key, msg
	var hmac : hmac(sha224)
	var r : byte[28]

	hmacinit(&hmac, key)
	hmacadd(&hmac, msg)
	hmacfin(&hmac, r[:])
	-> r
}


generic hmacinit = {hmac : hmac(@h)#, key :: hash @h
	/* for now, max block size is 128 bytes */
	var k : byte[128], ik : byte[128], ok : byte[128]
	var hashsz, blksz

	hashsz = impl(Hashsz, @h)
	blksz = impl(Blocksz, @h)
	std.slfill(k[:blksz], 0)
	if key.len > blksz
		/* abuse the inner hasher a bit */
		hinit(&hmac.inner)
		hadd(&hmac.inner, key)
		hfin(&hmac.inner, k[:hashsz])
	else
		std.slcp(k[:key.len], key)
	;;
	for var i = 0; i < blksz; i++
		ik[i] = k[i] ^ 0x36
		ok[i] = k[i] ^ 0x5c
	;;
	hinit(&hmac.inner)
	hinit(&hmac.outer)
	hadd(&hmac.inner, ik[:blksz])
	hadd(&hmac.outer, ok[:blksz])
}


generic hmacadd = {hmac, msg
	hadd(&hmac.inner, msg)
}

generic hmacfin = {hmac : hmac(@h)#, dst :: hash @h
	hfin(&hmac.inner, dst)
	hadd(&hmac.outer, dst)
	hfin(&hmac.outer, dst)
}