nerdcruft/libcruft-util
1
0
Fork 0
Code Issues Releases Activity

hash/hmac: allow keys greater than block length

Browse Source
This commit is contained in:
Danny Robson 2015-03-02 00:35:58 +11:00
parent cce9af76e3
commit c10e11c398
1 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
hash/hmac.cpp
View File

@ -35,13 +35,24 @@ static const uint8_t OFILL = 0x5C;
HMAC::HMAC (const uint8_t *restrict key, size_t len)
{
CHECK (key);
CHECK_LE (len, m_ikey.size ());
CHECK_LE (len, m_okey.size ());
static_assert (sizeof (m_ikey) == sizeof (m_okey), "key padding must match");
std::copy (key, key + len, m_ikey.begin ());
// If the key is larger than the blocklength, use the hash of the key
if (len > 64) {
m_hash.update (key, len);
m_hash.finish ();
auto d = m_hash.digest ();
m_hash.reset ();
std::copy (d.begin (), d.end (), m_ikey.begin ());
len = d.size ();
// Use the key directly
} else {
std::copy (key, key + len, m_ikey.begin ());
}
std::fill (m_ikey.begin () + len,
m_ikey.end (),
0);
@ -62,7 +73,6 @@ HMAC::HMAC (const uint8_t *restrict key, size_t len)
}
//-----------------------------------------------------------------------------
void
HMAC::update (const void *restrict data, size_t len)