Commit | Line | Data |
---|---|---|
920dae64 AT |
1 | \ ========== Copyright Header Begin ========================================== |
2 | \ | |
3 | \ Hypervisor Software File: hmac-sha1.fth | |
4 | \ | |
5 | \ Copyright (c) 2006 Sun Microsystems, Inc. All Rights Reserved. | |
6 | \ | |
7 | \ - Do no alter or remove copyright notices | |
8 | \ | |
9 | \ - Redistribution and use of this software in source and binary forms, with | |
10 | \ or without modification, are permitted provided that the following | |
11 | \ conditions are met: | |
12 | \ | |
13 | \ - Redistribution of source code must retain the above copyright notice, | |
14 | \ this list of conditions and the following disclaimer. | |
15 | \ | |
16 | \ - Redistribution in binary form must reproduce the above copyright notice, | |
17 | \ this list of conditions and the following disclaimer in the | |
18 | \ documentation and/or other materials provided with the distribution. | |
19 | \ | |
20 | \ Neither the name of Sun Microsystems, Inc. or the names of contributors | |
21 | \ may be used to endorse or promote products derived from this software | |
22 | \ without specific prior written permission. | |
23 | \ | |
24 | \ This software is provided "AS IS," without a warranty of any kind. | |
25 | \ ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, | |
26 | \ INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A | |
27 | \ PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN | |
28 | \ MICROSYSTEMS, INC. ("SUN") AND ITS LICENSORS SHALL NOT BE LIABLE FOR | |
29 | \ ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT OF USING, MODIFYING OR | |
30 | \ DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES. IN NO EVENT WILL SUN | |
31 | \ OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA, OR | |
32 | \ FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE | |
33 | \ DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, | |
34 | \ ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, EVEN IF | |
35 | \ SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. | |
36 | \ | |
37 | \ You acknowledge that this software is not designed, licensed or | |
38 | \ intended for use in the design, construction, operation or maintenance of | |
39 | \ any nuclear facility. | |
40 | \ | |
41 | \ ========== Copyright Header End ============================================ | |
42 | id: @(#)hmac-sha1.fth 1.1 04/09/07 | |
43 | purpose: HMAC over SHA-1 | |
44 | copyright: Copyright 2004 Sun Microsystems, Inc. All Rights Reserved | |
45 | copyright: Use is subject to license terms. | |
46 | ||
47 | \ RFC 2104: HMAC: Keyed-Hashing for Message Authentication | |
48 | \ RFC 2202: Test Cases for HMAC-MD5 and HMAC-SHA-1 | |
49 | ||
50 | headerless | |
51 | ||
52 | \ HMAC-SHA1(K, message) can be expressed as | |
53 | \ SHA1(K' xor opad, SHA1(K' xor ipad, message)) | |
54 | \ | |
55 | \ where, | |
56 | \ K = secret key; If the input key is longer than 64 (SHA1_BLK_SIZE) | |
57 | \ bytes, this is first hashed to produce the 20 (SHA1_DIGEST_LEN) | |
58 | \ byte hash which is used as the actual key to HMAC. | |
59 | \ K' = K with zeroes appended so that the result is SHA1_BLK_SIZE bytes | |
60 | \ ipad = 0x36 repeated SHA1_BLK_SIZE times | |
61 | \ opad = 0x5c repeated SHA1_BLK_SIZE times | |
62 | ||
63 | d# 20 constant HMAC_SHA1_DIGEST_LEN | |
64 | ||
65 | : hmac-sha1-hashkey ( keydata keylen -- keydata' keylen' ) | |
66 | dup SHA1_BLK_SIZE > if ( key keylen ) | |
67 | sha1-init sha1-update sha1-final ( key' keylen' ) | |
68 | then ( key' keylen' ) | |
69 | ; | |
70 | ||
71 | : hmac-sha1-init ( key keylen -- ) | |
72 | SHA1_BLK_SIZE dup alloc-mem swap ( key,len buf,len ) | |
73 | 2dup 0 fill ( key,len buf,len ) | |
74 | 2swap hmac-sha1-hashkey 3 pick swap move ( buf,len ) | |
75 | 2dup bounds ?do ( buf,len ) | |
76 | i c@ h# 36 xor i c! ( buf,len ) | |
77 | loop ( buf,len ) | |
78 | sha1-init ( buf,len ) | |
79 | 2dup sha1-update ( buf,len ) | |
80 | free-mem ( ) | |
81 | ; | |
82 | ||
83 | : hmac-sha1-update ( data datalen -- ) | |
84 | sha1-update | |
85 | ; | |
86 | ||
87 | : hmac-sha1-final ( key keylen -- digest len ) | |
88 | SHA1_DIGEST_LEN dup alloc-mem swap ( key,len idigest,len ) | |
89 | sha1-final 3 pick swap move ( key,len idigest,len ) | |
90 | ||
91 | SHA1_BLK_SIZE dup alloc-mem swap ( key,len idigest,len buf,len ) | |
92 | 2dup 0 fill ( key,len idigest,len buf,len ) | |
93 | 2rot hmac-sha1-hashkey 3 pick swap move ( idigest,len buf,len ) | |
94 | ||
95 | 2dup bounds ?do ( idigest,len buf,len ) | |
96 | i c@ h# 5c xor i c! ( idigest,len buf,len ) | |
97 | loop ( idigest,len buf,len ) | |
98 | ||
99 | sha1-init | |
100 | 2dup sha1-update free-mem ( idigest,len ) | |
101 | 2dup sha1-update free-mem ( ) | |
102 | sha1-final ( hmac-digest,len ) | |
103 | ; | |
104 | ||
105 | : hmac-sha1 ( adr size key keylen -- digest len ) | |
106 | 2swap 2over hmac-sha1-init ( key keylen adr size ) | |
107 | begin dup while ( key keylen adr rem ) | |
108 | 2dup h# 4000 min tuck hmac-sha1-update ( key keylen adr rem n ) | |
109 | tuck - >r ca+ r> ( key keylen adr' rem' ) | |
110 | show-progress ( key keylen adr' rem' ) | |
111 | repeat 2drop ( key keylen ) | |
112 | hmac-sha1-final ( digest,len ) | |
113 | ; | |
114 | ||
115 | [ifdef] DEBUG | |
116 | ||
117 | d# 80 instance buffer: hmac-test-keybuf | |
118 | d# 80 instance buffer: hmac-test-databuf | |
119 | ||
120 | : hmac-test ( testid$ adr size key keylen digest len -- ) | |
121 | >r >r 2rot type 2 spaces hmac-sha1 r> r> digest= if | |
122 | ." PASSED" | |
123 | else | |
124 | ." FAILED" | |
125 | then cr | |
126 | ; | |
127 | ||
128 | : hmac-tests ( -- ) | |
129 | ||
130 | " Test 1" | |
131 | " Hi There" | |
132 | hmac-test-keybuf d# 20 2dup h# 0b fill | |
133 | " "(b617318655057264e28bc0b6fb378c8ef146be00)" | |
134 | hmac-test | |
135 | ||
136 | " Test 2" | |
137 | " what do ya want for nothing?" | |
138 | " Jefe" | |
139 | " "(effcdf6ae5eb2fa2d27416d5f184df9c259a7c79)" | |
140 | hmac-test | |
141 | ||
142 | " Test 3" | |
143 | hmac-test-databuf d# 50 2dup h# dd fill | |
144 | hmac-test-keybuf d# 20 2dup h# aa fill | |
145 | " "(125d7342b9ac11cd91a39af48aa17b4f63f175d3)" | |
146 | hmac-test | |
147 | ||
148 | " Test 4" | |
149 | hmac-test-databuf d# 50 2dup h# cd fill | |
150 | " "(0102030405060708090a0b0c0d0e0f10111213141516171819)" | |
151 | " "(4c9007f4026250c6bc8414f9bf50c86c2d7235da)" | |
152 | hmac-test | |
153 | ||
154 | " Test 5" | |
155 | " Test With Truncation" | |
156 | hmac-test-keybuf d# 20 2dup h# 0c fill | |
157 | " "(4c1a03424b55e07fe7f27be1d58bb9324a9a5a04)" | |
158 | hmac-test | |
159 | ||
160 | " Test 6" | |
161 | " Test Using Larger Than Block-Size Key - Hash Key First" | |
162 | hmac-test-keybuf d# 80 2dup h# aa fill | |
163 | " "(aa4ae5e15272d00e95705637ce8a3b55ed402112)" | |
164 | hmac-test | |
165 | ||
166 | " Test 7" | |
167 | " Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data" | |
168 | hmac-test-keybuf d# 80 2dup h# aa fill | |
169 | " "(e8e99d0f45237d786d6bbaa7965c7808bbff1a91)" | |
170 | hmac-test | |
171 | ; | |
172 | ||
173 | [then] | |
174 | ||
175 | headers |