Merge pull request #6283 from OTAkeys/pr/hmac_iterative_calc

hashes/sha256: add iterative hmac calc. functions
2017-03-01 17:14:11 +01:00 · 2017-03-01 17:14:11 +01:00 · dacc3cba9f
commit dacc3cba9f
parent f6022a283d f2ef9db988
3 changed files with 259 additions and 18 deletions
--- a/sys/hashes/sha256.c
+++ b/sys/hashes/sha256.c
@ -2,6 +2,7 @@
 * Copyright 2005 Colin Percival
 * Copyright 2013 Christian Mehlis & René Kijewski
 * Copyright 2016 Martin Landsmann <martin.landsmann@haw-hamburg.de>
 * Copyright 2016 OTA keys S.A.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
@ -39,6 +40,7 @@
 * @author      Christian Mehlis
 * @author      Rene Kijewski
 * @author      Martin Landsmann
 * @author      Hermann Lelong
 *
 * @}
 */
@ -276,8 +278,8 @@ void *sha256(const void *data, size_t len, void *digest)
    return digest;
 }
-const void *hmac_sha256(const void *key, size_t key_length,
+
-                        const void *data, size_t len, void *digest)
+void hmac_sha256_init(hmac_context_t *ctx, const void *key, size_t key_length)
 {
    unsigned char k[SHA256_INTERNAL_BLOCK_SIZE];
@ -304,16 +306,29 @@ const void *hmac_sha256(const void *key, size_t key_length,
    }
    /*
-     * Create the inner hash
+     * Initiate calculation of the inner hash
     * tmp = hash(i_key_pad CONCAT message)
     */
-    sha256_context_t c;
+    sha256_init(&ctx->c_in);
-    unsigned char tmp[SHA256_DIGEST_LENGTH];
+    sha256_update(&ctx->c_in, i_key_pad, SHA256_INTERNAL_BLOCK_SIZE);
-    sha256_init(&c);
+    /*
-    sha256_update(&c, i_key_pad, SHA256_INTERNAL_BLOCK_SIZE);
+     * Initiate calculation of the outer hash
-    sha256_update(&c, data, len);
+     * result = hash(o_key_pad CONCAT tmp)
-    sha256_final(&c, tmp);
+     */
    sha256_init(&ctx->c_out);
    sha256_update(&ctx->c_out, o_key_pad, SHA256_INTERNAL_BLOCK_SIZE);
 }
 void hmac_sha256_update(hmac_context_t *ctx, const void *data, size_t len)
 {
    sha256_update(&ctx->c_in, data, len);
 }
 void hmac_sha256_final(hmac_context_t *ctx, void *digest)
 {
    unsigned char tmp[SHA256_DIGEST_LENGTH];
    static unsigned char m[SHA256_DIGEST_LENGTH];
@ -321,14 +336,20 @@ const void *hmac_sha256(const void *key, size_t key_length,
        digest = m;
    }
-    /*
+    sha256_final(&ctx->c_in, tmp);
-     * Create the outer hash
+    sha256_update(&ctx->c_out, tmp, SHA256_DIGEST_LENGTH);
-     * result = hash(o_key_pad CONCAT tmp)
+    sha256_final(&ctx->c_out, digest);
-     */
+}
-    sha256_init(&c);
+
-    sha256_update(&c, o_key_pad, SHA256_INTERNAL_BLOCK_SIZE);
+const void *hmac_sha256(const void *key, size_t key_length,
-    sha256_update(&c, tmp, SHA256_DIGEST_LENGTH);
+                        const void *data, size_t len, void *digest)
-    sha256_final(&c, digest);
+{
    hmac_context_t ctx;
    hmac_sha256_init(&ctx, key, key_length);
    hmac_sha256_update(&ctx,data, len);
    hmac_sha256_final(&ctx, digest);
    return digest;
 }
--- a/sys/include/hashes/sha256.h
+++ b/sys/include/hashes/sha256.h
@ -2,6 +2,7 @@
 * Copyright 2005 Colin Percival
 * Copyright 2013 Christian Mehlis & René Kijewski
 * Copyright 2016 Martin Landsmann <martin.landsmann@haw-hamburg.de>
 * Copyright 2016 OTA keys S.A.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
@ -39,6 +40,7 @@
 * @author      Colin Percival
 * @author      Christian Mehlis
 * @author      Rene Kijewski
 * @author      Hermann Lelong
 */
 #ifndef _SHA256_H
@ -58,7 +60,7 @@ extern "C" {
 #define SHA256_INTERNAL_BLOCK_SIZE (64)
 /**
- * @brief Context for ciper operatins based on sha256
+ * @brief Context for ciper operations based on sha256
 */
 typedef struct {
    /** global state */
@ -69,6 +71,16 @@ typedef struct {
    unsigned char buf[64];
 } sha256_context_t;
 /**
 * @brief Context for HMAC operations based on sha256
 */
 typedef struct {
    /** Context for inner hash calculation */
    sha256_context_t c_in;
    /** Context for outer hash calculation */
    sha256_context_t c_out;
 } hmac_context_t;
 /**
 * @brief sha256-chain indexed element
 */
@ -116,6 +128,31 @@ void sha256_final(sha256_context_t *ctx, void *digest);
 */
 void *sha256(const void *data, size_t len, void *digest);
 /**
 * @brief hmac_sha256_init HMAC SHA-256 calculation. Initiate calculation of a HMAC
 * @param ctx hmac_context_t handle to use
 * @param[in] key key used in the hmac-sha256 computation
 * @param[in] key_length the size in bytes of the key
 */
 void hmac_sha256_init(hmac_context_t *ctx, const void *key, size_t key_length);
 /**
 * @brief hmac_sha256_update Add data bytes for HMAC calculation
 * @param ctx hmac_context_t handle to use
 * @param data[in] pointer to the buffer to generate hash from
 * @param len[in] length of the buffer
 */
 void hmac_sha256_update(hmac_context_t *ctx, const void *data, size_t len);
 /**
 * @brief hmac_sha256_final HMAC SHA-256 finalization. Finish HMAC calculation and export the value
 * @param ctx hmac_context_t handle to use
 * @param[out] digest the computed hmac-sha256,
 *             length MUST be SHA256_DIGEST_LENGTH
 *             if digest == NULL, a static buffer is used
 */
 void hmac_sha256_final(hmac_context_t *ctx, void *digest);
 /**
 * @brief function to compute a hmac-sha256 from a given message
 *
--- a/tests/unittests/tests-hashes/tests-hashes-sha256-hmac.c
+++ b/tests/unittests/tests-hashes/tests-hashes-sha256-hmac.c
@ -1,5 +1,6 @@
 /*
 * Copyright (C) 2016 Martin Landsmann <martin.landsmann@haw-hamburg.de>
 * Copyright 2016 OTA keys S.A.
 *
 * This file is subject to the terms and conditions of the GNU Lesser
 * General Public License v2.1. See the file LICENSE in the top level
@ -153,6 +154,180 @@ static void test_hashes_hmac_sha256_hash_PRF6(void)
                 "9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2", hmac));
 }
 static void test_hashes_hmac_sha256_ite_hash_sequence(void)
 {
    unsigned char key[64];
    hmac_context_t ctx;
    /* prepare an empty key */
    memset((void*)key, 0x0, 64);
    static uint8_t hmac[SHA256_DIGEST_LENGTH];
    /* use an empty message */
    const unsigned char *m = NULL;
    hmac_sha256_init(&ctx, key, sizeof(key));
    hmac_sha256_update(&ctx, m, 0);
    hmac_sha256_final(&ctx, hmac);
    TEST_ASSERT(compare_str_vs_digest(
                 "b613679a0814d9ec772f95d778c35fc5ff1697c493715653c6c712144292c5ad", hmac));
    /* use a real message */
    const unsigned char str[] = "The quick brown fox jumps over the lazy dog";
    key[0] = 'k';
    key[1] = 'e';
    key[2] = 'y';
    hmac_sha256_init(&ctx, key, sizeof(key));
    hmac_sha256_update(&ctx, str, strlen((char*)str));
    hmac_sha256_final(&ctx, hmac);
    TEST_ASSERT(compare_str_vs_digest(
                 "f7bc83f430538424b13298e6aa6fb143ef4d59a14946175997479dbc2d1a3cd8", hmac));
 }
 /*
        The followig testcases are taken from:
        https://tools.ietf.org/html/rfc4868#section-2.7.1
 */
 static void test_hashes_hmac_sha256_ite_hash_PRF1(void)
 {
    /* Test Case PRF-1: */
    hmac_context_t ctx;
    const unsigned char strPRF1[] = "Hi There";
    unsigned char key[20];
    static unsigned char hmac[SHA256_DIGEST_LENGTH];
    memset(key, 0x0b, sizeof(key));
    hmac_sha256_init(&ctx, key, sizeof(key));
    hmac_sha256_update(&ctx, strPRF1, strlen((char*)strPRF1));
    hmac_sha256_final(&ctx, hmac);
    TEST_ASSERT(compare_str_vs_digest(
                 "b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7", hmac));
 }
 static void test_hashes_hmac_sha256_ite_hash_PRF2(void)
 {
    /* Test Case PRF-2: */
    hmac_context_t ctx;
    const unsigned char strPRF2[] = "what do ya want for nothing?";
    unsigned char key[4] = {'J', 'e', 'f', 'e'};
    static unsigned char hmac[SHA256_DIGEST_LENGTH];
    hmac_sha256_init(&ctx, key, sizeof(key));
    hmac_sha256_update(&ctx, strPRF2, strlen((char*)strPRF2));
    hmac_sha256_final(&ctx, hmac);
    TEST_ASSERT(compare_str_vs_digest(
                 "5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843", hmac));
 }
 static void test_hashes_hmac_sha256_ite_hash_PRF3(void)
 {
    /* Test Case PRF-3: */
    hmac_context_t ctx;
    char unsigned strPRF3[50];
    unsigned char key[20];
    static unsigned char hmac[SHA256_DIGEST_LENGTH];
    memset(strPRF3, 0xdd, sizeof(strPRF3));
    memset(key, 0xaa, sizeof(key));
    hmac_sha256_init(&ctx, key, sizeof(key));
    hmac_sha256_update(&ctx, strPRF3, sizeof(strPRF3));
    hmac_sha256_final(&ctx, hmac);
    TEST_ASSERT(compare_str_vs_digest(
                 "773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe", hmac));
 }
 static void test_hashes_hmac_sha256_ite_hash_PRF4(void)
 {
    /* Test Case PRF-4: */
    hmac_context_t ctx;
    char unsigned strPRF4[50];
    unsigned char key[25];
    static unsigned char hmac[SHA256_DIGEST_LENGTH];
    memset(strPRF4, 0xcd, sizeof(strPRF4));
    /*
    * set key to: 0102030405060708090a0b0c0d0e0f10111213141516171819
    */
    for (size_t i = 0; i < sizeof(key); ++i) {
        key[i] = i+1;
    }
    hmac_sha256_init(&ctx, key, sizeof(key));
    hmac_sha256_update(&ctx, strPRF4, sizeof(strPRF4));
    hmac_sha256_final(&ctx, hmac);
    TEST_ASSERT(compare_str_vs_digest(
                 "82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b", hmac));
 }
 static void test_hashes_hmac_sha256_ite_hash_PRF5(void)
 {
    /* Test Case PRF-5: */
    hmac_context_t ctx;
    const unsigned char strPRF5[] = "Test Using Larger Than Block-Size Key - Hash Key First";
    unsigned char longKey[131];
    static unsigned char hmac[SHA256_DIGEST_LENGTH];
    memset(longKey, 0xaa, sizeof(longKey));
    hmac_sha256_init(&ctx, longKey, sizeof(longKey));
    hmac_sha256_update(&ctx, strPRF5, strlen((char*)strPRF5));
    hmac_sha256_final(&ctx, hmac);
    TEST_ASSERT(compare_str_vs_digest(
                 "60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54", hmac));
 }
 static void test_hashes_hmac_sha256_ite_hash_PRF6(void)
 {
    /* Test Case PRF-6: */
    hmac_context_t ctx;
    const unsigned char strPRF6[] = "This is a test using a larger than block-size key and a "
                           "larger than block-size data. The key needs to be hashed "
                           "before being used by the HMAC algorithm.";
    unsigned char longKey[131];
    static unsigned char hmac[SHA256_DIGEST_LENGTH];
    memset(longKey, 0xaa, sizeof(longKey));
    /* the same key is used as above: 131 x 0xa */
    hmac_sha256_init(&ctx, longKey, sizeof(longKey));
    hmac_sha256_update(&ctx, strPRF6, strlen((char*)strPRF6));
    hmac_sha256_final(&ctx, hmac);
    TEST_ASSERT(compare_str_vs_digest(
                 "9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2", hmac));
 }
 static void test_hashes_hmac_sha256_ite_hash_PRF6_split(void)
 {
    /* Test Case PRF-6: */
    hmac_context_t ctx;
    const unsigned char strPRF6_1[] = "This is a test using a larger than block-size key and a ";
    const unsigned char strPRF6_2[] = "larger than block-size data. The key needs to be hashed ";
    const unsigned char strPRF6_3[] = "before being used by the HMAC algorithm.";
    unsigned char longKey[131];
    static unsigned char hmac[SHA256_DIGEST_LENGTH];
    memset(longKey, 0xaa, sizeof(longKey));
    /* the same key is used as above: 131 x 0xa */
    hmac_sha256_init(&ctx, longKey, sizeof(longKey));
    hmac_sha256_update(&ctx, strPRF6_1, strlen((char*)strPRF6_1));
    hmac_sha256_update(&ctx, strPRF6_2, strlen((char*)strPRF6_2));
    hmac_sha256_update(&ctx, strPRF6_3, strlen((char*)strPRF6_3));
    hmac_sha256_final(&ctx, hmac);
    TEST_ASSERT(compare_str_vs_digest(
                 "9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2", hmac));
 }
 Test *tests_hashes_sha256_hmac_tests(void)
 {
    EMB_UNIT_TESTFIXTURES(fixtures) {
@ -163,6 +338,14 @@ Test *tests_hashes_sha256_hmac_tests(void)
        new_TestFixture(test_hashes_hmac_sha256_hash_PRF4),
        new_TestFixture(test_hashes_hmac_sha256_hash_PRF5),
        new_TestFixture(test_hashes_hmac_sha256_hash_PRF6),
        new_TestFixture(test_hashes_hmac_sha256_ite_hash_sequence),
        new_TestFixture(test_hashes_hmac_sha256_ite_hash_PRF1),
        new_TestFixture(test_hashes_hmac_sha256_ite_hash_PRF2),
        new_TestFixture(test_hashes_hmac_sha256_ite_hash_PRF3),
        new_TestFixture(test_hashes_hmac_sha256_ite_hash_PRF4),
        new_TestFixture(test_hashes_hmac_sha256_ite_hash_PRF5),
        new_TestFixture(test_hashes_hmac_sha256_ite_hash_PRF6),
        new_TestFixture(test_hashes_hmac_sha256_ite_hash_PRF6_split),
    };
    EMB_UNIT_TESTCALLER(hashes_sha256_tests, NULL, NULL,