From 7c926ff1150133127c73b9b46d82524f57b3c616 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 3 Jun 2008 14:29:27 +1000 Subject: SMB2 signing now works. The spec was wrong (and will be fixed in the next version) (This used to be commit 436cb17b869e2d6cc57936ccc5e81680fb992341) --- source4/lib/crypto/hmacsha256.c | 92 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) create mode 100644 source4/lib/crypto/hmacsha256.c (limited to 'source4/lib/crypto/hmacsha256.c') diff --git a/source4/lib/crypto/hmacsha256.c b/source4/lib/crypto/hmacsha256.c new file mode 100644 index 0000000000..5503bdd59b --- /dev/null +++ b/source4/lib/crypto/hmacsha256.c @@ -0,0 +1,92 @@ +/* + Unix SMB/CIFS implementation. + + Interface header: HMAC SHA-256 code + + Copyright (C) Andrew Tridgell 2008 + + based in hmacsha1.c which is: + Copyright (C) Stefan Metzmacher + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +/* + taken direct from rfc2202 implementation and modified for suitable use + */ + +#include "includes.h" +#include "lib/crypto/crypto.h" +#include "heimdal/lib/hcrypto/sha.h" + +/*********************************************************************** + the rfc 2104/2202 version of hmac_sha256 initialisation. +***********************************************************************/ +_PUBLIC_ void hmac_sha256_init(const uint8_t *key, size_t key_len, struct HMACSHA256Context *ctx) +{ + int i; + uint8_t tk[SHA256_DIGEST_LENGTH]; + + /* if key is longer than 64 bytes reset it to key=HASH(key) */ + if (key_len > 64) + { + SHA256_CTX tctx; + + SHA256_Init(&tctx); + SHA256_Update(&tctx, key, key_len); + SHA256_Final(tk, &tctx); + + key = tk; + key_len = SHA256_DIGEST_LENGTH; + } + + /* start out by storing key in pads */ + ZERO_STRUCT(ctx->k_ipad); + ZERO_STRUCT(ctx->k_opad); + memcpy( ctx->k_ipad, key, key_len); + memcpy( ctx->k_opad, key, key_len); + + /* XOR key with ipad and opad values */ + for (i=0; i<64; i++) + { + ctx->k_ipad[i] ^= 0x36; + ctx->k_opad[i] ^= 0x5c; + } + + SHA256_Init(&ctx->ctx); + SHA256_Update(&ctx->ctx, ctx->k_ipad, 64); +} + +/*********************************************************************** + update hmac_sha256 "inner" buffer +***********************************************************************/ +_PUBLIC_ void hmac_sha256_update(const uint8_t *data, size_t data_len, struct HMACSHA256Context *ctx) +{ + SHA256_Update(&ctx->ctx, data, data_len); /* then text of datagram */ +} + +/*********************************************************************** + finish off hmac_sha256 "inner" buffer and generate outer one. +***********************************************************************/ +_PUBLIC_ void hmac_sha256_final(uint8_t digest[SHA256_DIGEST_LENGTH], struct HMACSHA256Context *ctx) +{ + SHA256_CTX ctx_o; + + SHA256_Final(digest, &ctx->ctx); + + SHA256_Init(&ctx_o); + SHA256_Update(&ctx_o, ctx->k_opad, 64); + SHA256_Update(&ctx_o, digest, SHA256_DIGEST_LENGTH); + SHA256_Final(digest, &ctx_o); +} -- cgit From 9cf72946aaf32d4335c8e59eb805844cadea76a8 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 4 Jun 2008 09:42:55 -0700 Subject: copied the Heimdal sha256 functions into lib/crypto to avoid a link error Hopefully we can remove this again later (This used to be commit fa2ecfea7a1acc388a86e8fba5b42df7925c9045) --- source4/lib/crypto/hmacsha256.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source4/lib/crypto/hmacsha256.c') diff --git a/source4/lib/crypto/hmacsha256.c b/source4/lib/crypto/hmacsha256.c index 5503bdd59b..6b0af9ee83 100644 --- a/source4/lib/crypto/hmacsha256.c +++ b/source4/lib/crypto/hmacsha256.c @@ -28,7 +28,6 @@ #include "includes.h" #include "lib/crypto/crypto.h" -#include "heimdal/lib/hcrypto/sha.h" /*********************************************************************** the rfc 2104/2202 version of hmac_sha256 initialisation. -- cgit