From de2a27e255b6ec834d11c005909b28a150c7c0db Mon Sep 17 00:00:00 2001 From: "Ondrej Zajicek (work)" Date: Tue, 25 Oct 2016 17:04:17 +0200 Subject: Add generic message authentication interface Add generic interface for generating and verifying MACs (message authentication codes). Replace multiple HMAC implementation with a generic one. --- lib/sha1.h | 30 ++++++------------------------ 1 file changed, 6 insertions(+), 24 deletions(-) (limited to 'lib/sha1.h') diff --git a/lib/sha1.h b/lib/sha1.h index c019bb49..8666a651 100644 --- a/lib/sha1.h +++ b/lib/sha1.h @@ -1,5 +1,5 @@ /* - * BIRD Library -- SHA-1 Hash Function (FIPS 180-1, RFC 3174) and HMAC-SHA-1 + * BIRD Library -- SHA-1 Hash Function (FIPS 180-1, RFC 3174) * * (c) 2015 CZ.NIC z.s.p.o. * @@ -27,6 +27,8 @@ * Internal SHA1 state. * You should use it just as an opaque handle only. */ +struct hash_context; + struct sha1_context { u32 h0, h1, h2, h3, h4; byte buf[SHA1_BLOCK_SIZE]; @@ -34,15 +36,14 @@ struct sha1_context { uint count; }; - -void sha1_init(struct sha1_context *ctx); /* Initialize new algorithm run in the @ctx context. **/ +void sha1_init(struct hash_context *ctx); /* Initialize new algorithm run in the @ctx context. **/ /* * Push another @len bytes of data pointed to by @buf onto the SHA1 hash * currently in @ctx. You can call this any times you want on the same hash (and * you do not need to reinitialize it by @sha1_init()). It has the same effect * as concatenating all the data together and passing them at once. */ -void sha1_update(struct sha1_context *ctx, const byte *buf, uint len); +void sha1_update(struct hash_context *ctx, const byte *buf, uint len); /* * No more @sha1_update() calls will be done. This terminates the hash and * returns a pointer to it. @@ -50,7 +51,7 @@ void sha1_update(struct sha1_context *ctx, const byte *buf, uint len); * Note that the pointer points into data in the @ctx context. If it ceases to * exist, the pointer becomes invalid. */ -byte *sha1_final(struct sha1_context *ctx); +byte *sha1_final(struct hash_context *ctx); /* * A convenience one-shot function for SHA1 hash. It is equivalent to this @@ -63,24 +64,5 @@ byte *sha1_final(struct sha1_context *ctx); */ void sha1_hash_buffer(byte *outbuf, const byte *buffer, uint length); -/* - * SHA1 HMAC message authentication. If you provide @key and @data, the result - * will be stored in @outbuf. - */ -void sha1_hmac(byte *outbuf, const byte *key, uint keylen, const byte *data, uint datalen); - -/* - * The HMAC also exists in a stream version in a way analogous to the plain - * SHA1. Pass this as a context. - */ -struct sha1_hmac_context { - struct sha1_context ictx; - struct sha1_context octx; -}; - -void sha1_hmac_init(struct sha1_hmac_context *ctx, const byte *key, uint keylen); /* Initialize HMAC with context @ctx and the given key. See sha1_init(). */ -void sha1_hmac_update(struct sha1_hmac_context *ctx, const byte *data, uint datalen); /* Hash another @datalen bytes of data. See sha1_update(). */ -byte *sha1_hmac_final(struct sha1_hmac_context *ctx); /* Terminate the HMAC and return a pointer to the allocated hash. See sha1_final(). */ - #endif /* _BIRD_SHA1_H_ */ -- cgit v1.2.3