[PATCH 1/7] hmac: Add set_key_expanded function

Daiki Ueno Fri, 19 Jul 2019 06:39:08 -0700

From: Daiki Ueno <du...@redhat.com>

This adds a set_key_expanded to all HMACs, to provide a compatible
signature with nettle_set_key_func.  This function is similar to
set_key, but assumes the input is already expanded to the hash block
size.


Signed-off-by: Daiki Ueno <du...@redhat.com>
---
 hmac-md5.c       |  7 +++++++
 hmac-ripemd160.c |  7 +++++++
 hmac-sha1.c      |  7 +++++++
 hmac-sha224.c    |  7 +++++++
 hmac-sha256.c    |  7 +++++++
 hmac-sha384.c    |  7 +++++++
 hmac-sha512.c    |  7 +++++++
 hmac.c           | 48 ++++++++++++++++++++++++++++++++----------------
 hmac.h           | 45 +++++++++++++++++++++++++++++++++++++++++++++
 9 files changed, 126 insertions(+), 16 deletions(-)

diff --git a/hmac-md5.c b/hmac-md5.c
index a27e64f6..b5a9c4d0 100644
--- a/hmac-md5.c
+++ b/hmac-md5.c
@@ -44,6 +44,13 @@ hmac_md5_set_key(struct hmac_md5_ctx *ctx,
   HMAC_SET_KEY(ctx, &nettle_md5, key_length, key);
 }
 
+void
+hmac_md5_set_key_expanded(struct hmac_md5_ctx *ctx,
+                         const uint8_t *key)
+{
+  HMAC_SET_KEY_EXPANDED(ctx, &nettle_md5, key);
+}
+
 void
 hmac_md5_update(struct hmac_md5_ctx *ctx,
                size_t length, const uint8_t *data)
diff --git a/hmac-ripemd160.c b/hmac-ripemd160.c
index 24e2cbe7..d4ba5fea 100644
--- a/hmac-ripemd160.c
+++ b/hmac-ripemd160.c
@@ -44,6 +44,13 @@ hmac_ripemd160_set_key(struct hmac_ripemd160_ctx *ctx,
   HMAC_SET_KEY(ctx, &nettle_ripemd160, key_length, key);
 }
 
+void
+hmac_ripemd160_set_key_expanded(struct hmac_ripemd160_ctx *ctx,
+                               const uint8_t *key)
+{
+  HMAC_SET_KEY_EXPANDED(ctx, &nettle_ripemd160, key);
+}
+
 void
 hmac_ripemd160_update(struct hmac_ripemd160_ctx *ctx,
                      size_t length, const uint8_t *data)
diff --git a/hmac-sha1.c b/hmac-sha1.c
index 5e7188f9..3d299b5d 100644
--- a/hmac-sha1.c
+++ b/hmac-sha1.c
@@ -44,6 +44,13 @@ hmac_sha1_set_key(struct hmac_sha1_ctx *ctx,
   HMAC_SET_KEY(ctx, &nettle_sha1, key_length, key);
 }
 
+void
+hmac_sha1_set_key_expanded(struct hmac_sha1_ctx *ctx,
+                          const uint8_t *key)
+{
+  HMAC_SET_KEY_EXPANDED(ctx, &nettle_sha1, key);
+}
+
 void
 hmac_sha1_update(struct hmac_sha1_ctx *ctx,
                 size_t length, const uint8_t *data)
diff --git a/hmac-sha224.c b/hmac-sha224.c
index c5bc8750..18dc3307 100644
--- a/hmac-sha224.c
+++ b/hmac-sha224.c
@@ -44,6 +44,13 @@ hmac_sha224_set_key(struct hmac_sha224_ctx *ctx,
   HMAC_SET_KEY(ctx, &nettle_sha224, key_length, key);
 }
 
+void
+hmac_sha224_set_key_expanded(struct hmac_sha224_ctx *ctx,
+                            const uint8_t *key)
+{
+  HMAC_SET_KEY_EXPANDED(ctx, &nettle_sha224, key);
+}
+
 void
 hmac_sha224_digest(struct hmac_sha224_ctx *ctx,
                   size_t length, uint8_t *digest)
diff --git a/hmac-sha256.c b/hmac-sha256.c
index af5cc0f1..a89e0f6b 100644
--- a/hmac-sha256.c
+++ b/hmac-sha256.c
@@ -44,6 +44,13 @@ hmac_sha256_set_key(struct hmac_sha256_ctx *ctx,
   HMAC_SET_KEY(ctx, &nettle_sha256, key_length, key);
 }
 
+void
+hmac_sha256_set_key_expanded(struct hmac_sha256_ctx *ctx,
+                            const uint8_t *key)
+{
+  HMAC_SET_KEY_EXPANDED(ctx, &nettle_sha256, key);
+}
+
 void
 hmac_sha256_update(struct hmac_sha256_ctx *ctx,
                   size_t length, const uint8_t *data)
diff --git a/hmac-sha384.c b/hmac-sha384.c
index 30008b5f..c3904053 100644
--- a/hmac-sha384.c
+++ b/hmac-sha384.c
@@ -44,6 +44,13 @@ hmac_sha384_set_key(struct hmac_sha512_ctx *ctx,
   HMAC_SET_KEY(ctx, &nettle_sha384, key_length, key);
 }
 
+void
+hmac_sha384_set_key_expanded(struct hmac_sha512_ctx *ctx,
+                            const uint8_t *key)
+{
+  HMAC_SET_KEY_EXPANDED(ctx, &nettle_sha384, key);
+}
+
 void
 hmac_sha384_digest(struct hmac_sha512_ctx *ctx,
                   size_t length, uint8_t *digest)
diff --git a/hmac-sha512.c b/hmac-sha512.c
index de64637a..4fff1f35 100644
--- a/hmac-sha512.c
+++ b/hmac-sha512.c
@@ -44,6 +44,13 @@ hmac_sha512_set_key(struct hmac_sha512_ctx *ctx,
   HMAC_SET_KEY(ctx, &nettle_sha512, key_length, key);
 }
 
+void
+hmac_sha512_set_key_expanded(struct hmac_sha512_ctx *ctx,
+                            const uint8_t *key)
+{
+  HMAC_SET_KEY_EXPANDED(ctx, &nettle_sha512, key);
+}
+
 void
 hmac_sha512_update(struct hmac_sha512_ctx *ctx,
                   size_t length, const uint8_t *data)
diff --git a/hmac.c b/hmac.c
index 6ac5e11a..925b9c3b 100644
--- a/hmac.c
+++ b/hmac.c
@@ -48,10 +48,10 @@
 #define IPAD 0x36
 #define OPAD 0x5c
 
-void
-hmac_set_key(void *outer, void *inner, void *state,
-            const struct nettle_hash *hash,
-            size_t key_length, const uint8_t *key)
+static void
+_hmac_set_key(void *outer, void *inner, void *state,
+             const struct nettle_hash *hash,
+             size_t key_length, const uint8_t *key)
 {
   TMP_DECL(pad, uint8_t, NETTLE_MAX_HASH_BLOCK_SIZE);
   TMP_ALLOC(pad, hash->block_size);
@@ -59,6 +59,26 @@ hmac_set_key(void *outer, void *inner, void *state,
   hash->init(outer);
   hash->init(inner);
 
+  assert(key_length <= hash->block_size);
+
+  memset(pad, OPAD, hash->block_size);
+  memxor(pad, key, key_length);
+
+  hash->update(outer, hash->block_size, pad);
+
+  memset(pad, IPAD, hash->block_size);
+  memxor(pad, key, key_length);
+
+  hash->update(inner, hash->block_size, pad);
+
+  memcpy(state, inner, hash->context_size);
+}
+
+void
+hmac_set_key(void *outer, void *inner, void *state,
+            const struct nettle_hash *hash,
+            size_t key_length, const uint8_t *key)
+{
   if (key_length > hash->block_size)
     {
       /* Reduce key to the algorithm's hash size. Use the area pointed
@@ -75,19 +95,15 @@ hmac_set_key(void *outer, void *inner, void *state,
       key_length = hash->digest_size;
     }
 
-  assert(key_length <= hash->block_size);
-  
-  memset(pad, OPAD, hash->block_size);
-  memxor(pad, key, key_length);
-
-  hash->update(outer, hash->block_size, pad);
-
-  memset(pad, IPAD, hash->block_size);
-  memxor(pad, key, key_length);
-
-  hash->update(inner, hash->block_size, pad);
+  _hmac_set_key(outer, inner, state, hash, key_length, key);
+}
 
-  memcpy(state, inner, hash->context_size);
+void
+hmac_set_key_expanded(void *outer, void *inner, void *state,
+                     const struct nettle_hash *hash,
+                     const uint8_t *key)
+{
+  _hmac_set_key(outer, inner, state, hash, hash->block_size, key);
 }
 
 void
diff --git a/hmac.h b/hmac.h
index 40a8e77a..6ce17aec 100644
--- a/hmac.h
+++ b/hmac.h
@@ -47,25 +47,33 @@ extern "C" {
 
 /* Namespace mangling */
 #define hmac_set_key nettle_hmac_set_key
+#define hmac_set_key_expanded nettle_hmac_set_key_expanded
 #define hmac_update nettle_hmac_update
 #define hmac_digest nettle_hmac_digest
 #define hmac_md5_set_key nettle_hmac_md5_set_key
+#define hmac_md5_set_key_expanded nettle_hmac_md5_set_key_expanded
 #define hmac_md5_update nettle_hmac_md5_update
 #define hmac_md5_digest nettle_hmac_md5_digest
 #define hmac_ripemd160_set_key nettle_hmac_ripemd160_set_key
+#define hmac_ripemd160_set_key_expanded nettle_hmac_ripemd160_set_key_expanded
 #define hmac_ripemd160_update nettle_hmac_ripemd160_update
 #define hmac_ripemd160_digest nettle_hmac_ripemd160_digest
 #define hmac_sha1_set_key nettle_hmac_sha1_set_key
+#define hmac_sha1_set_key_expanded nettle_hmac_sha1_set_key_expanded
 #define hmac_sha1_update nettle_hmac_sha1_update
 #define hmac_sha1_digest nettle_hmac_sha1_digest
 #define hmac_sha224_set_key nettle_hmac_sha224_set_key
+#define hmac_sha224_set_key_expanded nettle_hmac_sha224_set_key_expanded
 #define hmac_sha224_digest nettle_hmac_sha224_digest
 #define hmac_sha256_set_key nettle_hmac_sha256_set_key
+#define hmac_sha256_set_key_expanded nettle_hmac_sha256_set_key_expanded
 #define hmac_sha256_update nettle_hmac_sha256_update
 #define hmac_sha256_digest nettle_hmac_sha256_digest
 #define hmac_sha384_set_key nettle_hmac_sha384_set_key
+#define hmac_sha384_set_key_expanded nettle_hmac_sha384_set_key_expanded
 #define hmac_sha384_digest nettle_hmac_sha384_digest
 #define hmac_sha512_set_key nettle_hmac_sha512_set_key
+#define hmac_sha512_set_key_expanded nettle_hmac_sha512_set_key_expanded
 #define hmac_sha512_update nettle_hmac_sha512_update
 #define hmac_sha512_digest nettle_hmac_sha512_digest
 
@@ -74,6 +82,11 @@ hmac_set_key(void *outer, void *inner, void *state,
             const struct nettle_hash *hash,
             size_t length, const uint8_t *key);
 
+void
+hmac_set_key_expanded(void *outer, void *inner, void *state,
+                     const struct nettle_hash *hash,
+                     const uint8_t *key);
+
 /* This function is not strictly needed, it's s just the same as the
  * hash update function. */
 void
@@ -94,6 +107,10 @@ hmac_digest(const void *outer, const void *inner, void 
*state,
   hmac_set_key( &(ctx)->outer, &(ctx)->inner, &(ctx)->state,   \
                 (hash), (length), (key) )
 
+#define HMAC_SET_KEY_EXPANDED(ctx, hash, key)                          \
+  hmac_set_key_expanded( &(ctx)->outer, &(ctx)->inner, &(ctx)->state,  \
+                (hash), (key) )
+
 #define HMAC_DIGEST(ctx, hash, length, digest)                 \
   hmac_digest( &(ctx)->outer, &(ctx)->inner, &(ctx)->state,    \
                (hash), (length), (digest) )
@@ -107,6 +124,10 @@ void
 hmac_md5_set_key(struct hmac_md5_ctx *ctx,
                 size_t key_length, const uint8_t *key);
 
+void
+hmac_md5_set_key_expanded(struct hmac_md5_ctx *ctx,
+                         const uint8_t *key);
+
 void
 hmac_md5_update(struct hmac_md5_ctx *ctx,
                size_t length, const uint8_t *data);
@@ -123,6 +144,10 @@ void
 hmac_ripemd160_set_key(struct hmac_ripemd160_ctx *ctx,
                       size_t key_length, const uint8_t *key);
 
+void
+hmac_ripemd160_set_key_expanded(struct hmac_ripemd160_ctx *ctx,
+                               const uint8_t *key);
+
 void
 hmac_ripemd160_update(struct hmac_ripemd160_ctx *ctx,
                      size_t length, const uint8_t *data);
@@ -139,6 +164,10 @@ void
 hmac_sha1_set_key(struct hmac_sha1_ctx *ctx,
                  size_t key_length, const uint8_t *key);
 
+void
+hmac_sha1_set_key_expanded(struct hmac_sha1_ctx *ctx,
+                          const uint8_t *key);
+
 void
 hmac_sha1_update(struct hmac_sha1_ctx *ctx,
                 size_t length, const uint8_t *data);
@@ -154,6 +183,10 @@ void
 hmac_sha256_set_key(struct hmac_sha256_ctx *ctx,
                    size_t key_length, const uint8_t *key);
 
+void
+hmac_sha256_set_key_expanded(struct hmac_sha256_ctx *ctx,
+                            const uint8_t *key);
+
 void
 hmac_sha256_update(struct hmac_sha256_ctx *ctx,
                   size_t length, const uint8_t *data);
@@ -169,6 +202,10 @@ void
 hmac_sha224_set_key(struct hmac_sha224_ctx *ctx,
                    size_t key_length, const uint8_t *key);
 
+void
+hmac_sha224_set_key_expanded(struct hmac_sha224_ctx *ctx,
+                            const uint8_t *key);
+
 #define hmac_sha224_update nettle_hmac_sha256_update
 
 void
@@ -182,6 +219,10 @@ void
 hmac_sha512_set_key(struct hmac_sha512_ctx *ctx,
                    size_t key_length, const uint8_t *key);
 
+void
+hmac_sha512_set_key_expanded(struct hmac_sha512_ctx *ctx,
+                            const uint8_t *key);
+
 void
 hmac_sha512_update(struct hmac_sha512_ctx *ctx,
                   size_t length, const uint8_t *data);
@@ -197,6 +238,10 @@ void
 hmac_sha384_set_key(struct hmac_sha512_ctx *ctx,
                    size_t key_length, const uint8_t *key);
 
+void
+hmac_sha384_set_key_expanded(struct hmac_sha512_ctx *ctx,
+                            const uint8_t *key);
+
 #define hmac_sha384_update nettle_hmac_sha512_update
 
 void
-- 
2.21.0

_______________________________________________
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs

[PATCH 1/7] hmac: Add set_key_expanded function

Reply via email to