taigrr/arduinolibs
1
0
Fork 0
mirror of https://github.com/taigrr/arduinolibs synced 2025-01-18 04:33:12 -08:00
Code Issues Projects Releases Wiki Activity

Add HMAC support to all of the hash algorithms

Browse Source
This commit is contained in:
Rhys Weatherley 2015-03-24 19:41:24 +10:00
parent e0803c01fc
commit fd38b7e127
25 changed files with 845 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/crypto.dox
View File

@ -29,7 +29,7 @@
\li Block ciphers: AES128, AES192, AES256
\li Block cipher modes: CTR, CFB, CBC, OFB
\li Stream ciphers: ChaCha
\li Hash algorithms: SHA1, SHA256, SHA512, SHA3_256, SHA3_512, BLAKE2s, BLAKE2b
\li Hash algorithms: SHA1, SHA256, SHA512, SHA3_256, SHA3_512, BLAKE2s, BLAKE2b (regular and HMAC modes)
\li Public key algorithms: Curve25519
\li Random number generation: \link RNGClass RNG\endlink, TransistorNoiseSource, RingOscillatorNoiseSource

2
doc/mainpage.dox
View File

@ -93,7 +93,7 @@ realtime clock and the LCD library to implement an alarm clock.
\li Block ciphers: AES128, AES192, AES256
\li Block cipher modes: CTR, CFB, CBC, OFB
\li Stream ciphers: ChaCha
\li Hash algorithms: SHA1, SHA256, SHA512, SHA3_256, SHA3_512, BLAKE2s, BLAKE2b
\li Hash algorithms: SHA1, SHA256, SHA512, SHA3_256, SHA3_512, BLAKE2s, BLAKE2b (regular and HMAC modes)
\li Public key algorithms: Curve25519
\li Random number generation: \link RNGClass RNG\endlink, TransistorNoiseSource, RingOscillatorNoiseSource

19
libraries/Crypto/BLAKE2b.cpp
View File

@ -162,6 +162,25 @@ void BLAKE2b::clear()
reset();
}
void BLAKE2b::resetHMAC(const void *key, size_t keyLen)
{
formatHMACKey(state.m, key, keyLen, 0x36);
state.lengthLow += 128;
processChunk(0);
}
void BLAKE2b::finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen)
{
uint8_t temp[64];
finalize(temp, sizeof(temp));
formatHMACKey(state.m, key, keyLen, 0x5C);
state.lengthLow += 128;
processChunk(0);
update(temp, sizeof(temp));
finalize(hash, hashLen);
clean(temp);
}
// Permutation on the message input state for BLAKE2b.
static const uint8_t sigma[12][16] PROGMEM = {
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15},

3
libraries/Crypto/BLAKE2b.h
View File

@ -41,6 +41,9 @@ public:
void clear();
void resetHMAC(const void *key, size_t keyLen);
void finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen);
private:
struct {
uint64_t h[8];

19
libraries/Crypto/BLAKE2s.cpp
View File

@ -157,6 +157,25 @@ void BLAKE2s::clear()
reset();
}
void BLAKE2s::resetHMAC(const void *key, size_t keyLen)
{
formatHMACKey(state.m, key, keyLen, 0x36);
state.length += 64;
processChunk(0);
}
void BLAKE2s::finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen)
{
uint8_t temp[32];
finalize(temp, sizeof(temp));
formatHMACKey(state.m, key, keyLen, 0x5C);
state.length += 64;
processChunk(0);
update(temp, sizeof(temp));
finalize(hash, hashLen);
clean(temp);
}
// Permutation on the message input state for BLAKE2s.
static const uint8_t sigma[10][16] PROGMEM = {
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15},

3
libraries/Crypto/BLAKE2s.h
View File

@ -41,6 +41,9 @@ public:
void clear();
void resetHMAC(const void *key, size_t keyLen);
void finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen);
private:
struct {
uint32_t h[8];

76
libraries/Crypto/Hash.cpp
View File

@ -21,6 +21,7 @@
*/
#include "Hash.h"
#include <string.h>
/**
* \class Hash Hash.h <Hash.h>
@ -66,7 +67,7 @@ Hash::~Hash()
* \fn void Hash::reset()
* \brief Resets the hash ready for a new hashing process.
*
* \sa update(), finalize()
* \sa update(), finalize(), resetHMAC()
*/
/**
@ -96,7 +97,7 @@ Hash::~Hash()
* If finalize() is called again, then the returned \a hash value is
* undefined. Call reset() first to start a new hashing process.
*
* \sa reset(), update()
* \sa reset(), update(), finalizeHMAC()
*/
/**
@ -106,3 +107,74 @@ Hash::~Hash()
*
* \sa reset()
*/
/**
* \fn void Hash::resetHMAC(const void *key, size_t keyLen)
* \brief Resets the hash ready for a new HMAC hashing process.
*
* \param key Points to the HMAC key for the hashing process.
* \param keyLen Size of the HMAC \a key in bytes.
*
* The following example computes a HMAC over a series of data blocks
* with a specific key:
*
* \code
* hash.resetHMAC(key, sizeof(key));
* hash.update(data1, sizeof(data1));
* hash.update(data2, sizeof(data2));
* ...
* hash.update(dataN, sizeof(dataN));
* hash.finalizeHMAC(key, sizeof(key), hmac, sizeof(hmac));
* \endcode
*
* The same key must be passed to both resetHMAC() and finalizeHMAC().
*
* \sa finalizeHMAC(), reset()
*/
/**
* \fn void Hash::finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen)
* \brief Finalizes the HMAC hashing process and returns the hash.
*
* \param key Points to the HMAC key for the hashing process. The contents
* of this array must be identical to the value passed to resetHMAC().
* \param keyLen Size of the HMAC \a key in bytes.
* \param hash The buffer to return the hash value in.
* \param hashLen The length of the \a hash buffer, normally hashSize().
*
* \sa resetHMAC(), finalize()
*/
/**
* \brief Formats a HMAC key into a block.
*
* \param block The block to format the key into. Must be at least
* blockSize() bytes in length.
* \param key Points to the HMAC key for the hashing process.
* \param len Length of the HMAC \a key in bytes.
* \param pad Inner (0x36) or outer (0x5C) padding value to XOR with
* the formatted HMAC key.
*
* This function is intended to help subclasses implement resetHMAC() and
* finalizeHMAC() by directly formatting the HMAC key into the subclass's
* internal block buffer and resetting the hash.
*/
void Hash::formatHMACKey(void *block, const void *key, size_t len, uint8_t pad)
{
size_t size = blockSize();
reset();
if (len <= size) {
memcpy(block, key, len);
} else {
update(key, len);
len = hashSize();
finalize(block, len);
reset();
}
memset(block + len, pad, size - len);
uint8_t *b = (uint8_t *)block;
while (len > 0) {
*b++ ^= pad;
--len;
}
}

6
libraries/Crypto/Hash.h
View File

@ -40,6 +40,12 @@ public:
virtual void finalize(void *hash, size_t len) = 0;
virtual void clear() = 0;
virtual void resetHMAC(const void *key, size_t keyLen) = 0;
virtual void finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen) = 0;
protected:
void formatHMACKey(void *block, const void *key, size_t len, uint8_t pad);
};
#endif

35
libraries/Crypto/KeccakCore.cpp
View File

@ -247,6 +247,41 @@ void KeccakCore::clear()
clean(state);
}
/**
* \brief Sets a HMAC key for a Keccak-based hash algorithm.
*
* \param key Points to the HMAC key for the hashing process.
* \param len Length of the HMAC \a key in bytes.
* \param pad Inner (0x36) or outer (0x5C) padding value to XOR with
* the formatted HMAC key.
* \param hashSize The size of the output from the hash algorithm.
*
* This function is intended to help classes implement Hash::resetHMAC() and
* Hash::finalizeHMAC() by directly formatting the HMAC key into the
* internal block buffer and resetting the hash.
*/
void KeccakCore::setHMACKey(const void *key, size_t len, uint8_t pad, size_t hashSize)
{
uint8_t *b = (uint8_t *)state.B;
size_t size = blockSize();
reset();
if (len <= size) {
memcpy(b, key, len);
} else {
update(key, len);
this->pad(0x06);
extract(b, hashSize);
len = hashSize;
reset();
}
memset(b + len, pad, size - len);
while (len > 0) {
*b++ ^= pad;
--len;
}
update(state.B, size);
}
/**
* \brief Transform the state with the KECCAK-p sponge function with b = 1600.
*/

2
libraries/Crypto/KeccakCore.h
View File

@ -46,6 +46,8 @@ public:
void clear();
void setHMACKey(const void *key, size_t len, uint8_t pad, size_t hashSize);
private:
struct {
uint64_t A[5][5];

19
libraries/Crypto/SHA1.cpp
View File

@ -131,6 +131,25 @@ void SHA1::clear()
reset();
}
void SHA1::resetHMAC(const void *key, size_t keyLen)
{
formatHMACKey(state.w, key, keyLen, 0x36);
state.length += 64 * 8;
processChunk();
}
void SHA1::finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen)
{
uint8_t temp[20];
finalize(temp, sizeof(temp));
formatHMACKey(state.w, key, keyLen, 0x5C);
state.length += 64 * 8;
processChunk();
update(temp, sizeof(temp));
finalize(hash, hashLen);
clean(temp);
}
/**
* \brief Processes a single 512-bit chunk with the core SHA-1 algorithm.
*

3
libraries/Crypto/SHA1.h
View File

@ -40,6 +40,9 @@ public:
void clear();
void resetHMAC(const void *key, size_t keyLen);
void finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen);
private:
struct {
uint32_t h[5];

19
libraries/Crypto/SHA256.cpp
View File

@ -136,6 +136,25 @@ void SHA256::clear()
reset();
}
void SHA256::resetHMAC(const void *key, size_t keyLen)
{
formatHMACKey(state.w, key, keyLen, 0x36);
state.length += 64 * 8;
processChunk();
}
void SHA256::finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen)
{
uint8_t temp[32];
finalize(temp, sizeof(temp));
formatHMACKey(state.w, key, keyLen, 0x5C);
state.length += 64 * 8;
processChunk();
update(temp, sizeof(temp));
finalize(hash, hashLen);
clean(temp);
}
/**
* \brief Processes a single 512-bit chunk with the core SHA-256 algorithm.
*

3
libraries/Crypto/SHA256.h
View File

@ -40,6 +40,9 @@ public:
void clear();
void resetHMAC(const void *key, size_t keyLen);
void finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen);
private:
struct {
uint32_t h[8];

31
libraries/Crypto/SHA3.cpp
View File

@ -21,6 +21,7 @@
*/
#include "SHA3.h"
#include "Crypto.h"
/**
* \class SHA3_256 SHA3.h <SHA3.h>
@ -79,6 +80,21 @@ void SHA3_256::clear()
core.clear();
}
void SHA3_256::resetHMAC(const void *key, size_t keyLen)
{
core.setHMACKey(key, keyLen, 0x36, 32);
}
void SHA3_256::finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen)
{
uint8_t temp[32];
finalize(temp, sizeof(temp));
core.setHMACKey(key, keyLen, 0x5C, 32);
core.update(temp, sizeof(temp));
finalize(hash, hashLen);
clean(temp);
}
/**
* \class SHA3_512 SHA3.h <SHA3.h>
* \brief SHA3-512 hash algorithm.
@ -135,3 +151,18 @@ void SHA3_512::clear()
{
core.clear();
}
void SHA3_512::resetHMAC(const void *key, size_t keyLen)
{
core.setHMACKey(key, keyLen, 0x36, 64);
}
void SHA3_512::finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen)
{
uint8_t temp[64];
finalize(temp, sizeof(temp));
core.setHMACKey(key, keyLen, 0x5C, 64);
core.update(temp, sizeof(temp));
finalize(hash, hashLen);
clean(temp);
}

6
libraries/Crypto/SHA3.h
View File

@ -41,6 +41,9 @@ public:
void clear();
void resetHMAC(const void *key, size_t keyLen);
void finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen);
private:
KeccakCore core;
};
@ -60,6 +63,9 @@ public:
void clear();
void resetHMAC(const void *key, size_t keyLen);
void finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen);
private:
KeccakCore core;
};

19
libraries/Crypto/SHA512.cpp
View File

@ -139,6 +139,25 @@ void SHA512::clear()
reset();
}
void SHA512::resetHMAC(const void *key, size_t keyLen)
{
formatHMACKey(state.w, key, keyLen, 0x36);
state.lengthLow += 128 * 8;
processChunk();
}
void SHA512::finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen)
{
uint8_t temp[64];
finalize(temp, sizeof(temp));
formatHMACKey(state.w, key, keyLen, 0x5C);
state.lengthLow += 128 * 8;
processChunk();
update(temp, sizeof(temp));
finalize(hash, hashLen);
clean(temp);
}
/**
* \brief Processes a single 1024-bit chunk with the core SHA-512 algorithm.
*

3
libraries/Crypto/SHA512.h
View File

@ -40,6 +40,9 @@ public:
void clear();
void resetHMAC(const void *key, size_t keyLen);
void finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen);
private:
struct {
uint64_t h[8];

72
libraries/Crypto/examples/TestBLAKE2b/TestBLAKE2b.ino
View File

@ -29,6 +29,7 @@ This example runs tests on the BLAKE2b implementation to verify correct behaviou
#include <string.h>
#define HASH_SIZE 64
#define BLOCK_SIZE 128
struct TestHashVector
{
@ -90,7 +91,7 @@ static TestHashVector const testVectorBLAKE2b_4 = {
BLAKE2b blake2b;
byte buffer[128];
byte buffer[BLOCK_SIZE + 2];
bool testHash_N(Hash *hash, const struct TestHashVector *test, size_t inc)
{
@ -160,6 +161,69 @@ void perfHash(Hash *hash)
Serial.println(" bytes per second");
}
// Very simple method for hashing a HMAC inner or outer key.
void hashKey(Hash *hash, const uint8_t *key, size_t keyLen, uint8_t pad)
{
size_t posn;
uint8_t buf;
uint8_t result[HASH_SIZE];
if (keyLen <= BLOCK_SIZE) {
hash->reset();
for (posn = 0; posn < BLOCK_SIZE; ++posn) {
if (posn < keyLen)
buf = key[posn] ^ pad;
else
buf = pad;
hash->update(&buf, 1);
}
} else {
hash->reset();
hash->update(key, keyLen);
hash->finalize(result, HASH_SIZE);
hash->reset();
for (posn = 0; posn < BLOCK_SIZE; ++posn) {
if (posn < HASH_SIZE)
buf = result[posn] ^ pad;
else
buf = pad;
hash->update(&buf, 1);
}
}
}
void testHMAC(Hash *hash, size_t keyLen)
{
uint8_t result[HASH_SIZE];
Serial.print("HMAC-BLAKE2b keysize=");
Serial.print(keyLen);
Serial.print(" ... ");
// Construct the expected result with a simple HMAC implementation.
memset(buffer, (uint8_t)keyLen, keyLen);
hashKey(hash, buffer, keyLen, 0x36);
memset(buffer, 0xBA, sizeof(buffer));
hash->update(buffer, sizeof(buffer));
hash->finalize(result, HASH_SIZE);
memset(buffer, (uint8_t)keyLen, keyLen);
hashKey(hash, buffer, keyLen, 0x5C);
hash->update(result, HASH_SIZE);
hash->finalize(result, HASH_SIZE);
// Now use the library to compute the HMAC.
hash->resetHMAC(buffer, keyLen);
memset(buffer, 0xBA, sizeof(buffer));
hash->update(buffer, sizeof(buffer));
memset(buffer, (uint8_t)keyLen, keyLen);
hash->finalizeHMAC(buffer, keyLen, buffer, HASH_SIZE);
// Check the result.
if (!memcmp(result, buffer, HASH_SIZE))
Serial.println("Passed");
else
Serial.println("Failed");
}
void setup()
{
Serial.begin(9600);
@ -171,6 +235,12 @@ void setup()
testHash(&blake2b, &testVectorBLAKE2b_2);
testHash(&blake2b, &testVectorBLAKE2b_3);
testHash(&blake2b, &testVectorBLAKE2b_4);
testHMAC(&blake2b, (size_t)0);
testHMAC(&blake2b, 1);
testHMAC(&blake2b, HASH_SIZE);
testHMAC(&blake2b, BLOCK_SIZE);
testHMAC(&blake2b, BLOCK_SIZE + 1);
testHMAC(&blake2b, BLOCK_SIZE + 2);
Serial.println();

70
libraries/Crypto/examples/TestBLAKE2s/TestBLAKE2s.ino
View File

@ -29,6 +29,7 @@ This example runs tests on the BLAKE2s implementation to verify correct behaviou
#include <string.h>
#define HASH_SIZE 32
#define BLOCK_SIZE 64
struct TestHashVector
{
@ -144,6 +145,69 @@ void perfHash(Hash *hash)
Serial.println(" bytes per second");
}
// Very simple method for hashing a HMAC inner or outer key.
void hashKey(Hash *hash, const uint8_t *key, size_t keyLen, uint8_t pad)
{
size_t posn;
uint8_t buf;
uint8_t result[HASH_SIZE];
if (keyLen <= BLOCK_SIZE) {
hash->reset();
for (posn = 0; posn < BLOCK_SIZE; ++posn) {
if (posn < keyLen)
buf = key[posn] ^ pad;
else
buf = pad;
hash->update(&buf, 1);
}
} else {
hash->reset();
hash->update(key, keyLen);
hash->finalize(result, HASH_SIZE);
hash->reset();
for (posn = 0; posn < BLOCK_SIZE; ++posn) {
if (posn < HASH_SIZE)
buf = result[posn] ^ pad;
else
buf = pad;
hash->update(&buf, 1);
}
}
}
void testHMAC(Hash *hash, size_t keyLen)
{
uint8_t result[HASH_SIZE];
Serial.print("HMAC-BLAKE2s keysize=");
Serial.print(keyLen);
Serial.print(" ... ");
// Construct the expected result with a simple HMAC implementation.
memset(buffer, (uint8_t)keyLen, keyLen);
hashKey(hash, buffer, keyLen, 0x36);
memset(buffer, 0xBA, sizeof(buffer));
hash->update(buffer, sizeof(buffer));
hash->finalize(result, HASH_SIZE);
memset(buffer, (uint8_t)keyLen, keyLen);
hashKey(hash, buffer, keyLen, 0x5C);
hash->update(result, HASH_SIZE);
hash->finalize(result, HASH_SIZE);
// Now use the library to compute the HMAC.
hash->resetHMAC(buffer, keyLen);
memset(buffer, 0xBA, sizeof(buffer));
hash->update(buffer, sizeof(buffer));
memset(buffer, (uint8_t)keyLen, keyLen);
hash->finalizeHMAC(buffer, keyLen, buffer, HASH_SIZE);
// Check the result.
if (!memcmp(result, buffer, HASH_SIZE))
Serial.println("Passed");
else
Serial.println("Failed");
}
void setup()
{
Serial.begin(9600);
@ -155,6 +219,12 @@ void setup()
testHash(&blake2s, &testVectorBLAKE2s_2);
testHash(&blake2s, &testVectorBLAKE2s_3);
testHash(&blake2s, &testVectorBLAKE2s_4);
testHMAC(&blake2s, (size_t)0);
testHMAC(&blake2s, 1);
testHMAC(&blake2s, HASH_SIZE);
testHMAC(&blake2s, BLOCK_SIZE);
testHMAC(&blake2s, BLOCK_SIZE + 1);
testHMAC(&blake2s, sizeof(buffer));
Serial.println();

108
libraries/Crypto/examples/TestSHA1/TestSHA1.ino
View File

@ -29,16 +29,19 @@ This example runs tests on the SHA1 implementation to verify correct behaviour.
#include <string.h>
#define HASH_SIZE 20
#define BLOCK_SIZE 64
struct TestHashVector
{
const char *name;
const char *key;
const char *data;
uint8_t hash[HASH_SIZE];
};
static TestHashVector const testVectorSHA1_1 = {
"SHA-1 #1",
0,
"abc",
{0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A,
0xBA, 0x3E, 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C,
@ -46,11 +49,28 @@ static TestHashVector const testVectorSHA1_1 = {
};
static TestHashVector const testVectorSHA1_2 = {
"SHA-1 #2",
0,
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
{0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E,
0xBA, 0xAE, 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5,
0xE5, 0x46, 0x70, 0xF1}
};
static TestHashVector const testVectorHMAC_SHA1_1 = {
"HMAC-SHA-1 #1",
"",
"",
{0xfb, 0xdb, 0x1d, 0x1b, 0x18, 0xaa, 0x6c, 0x08,
0x32, 0x4b, 0x7d, 0x64, 0xb7, 0x1f, 0xb7, 0x63,
0x70, 0x69, 0x0e, 0x1d}
};
static TestHashVector const testVectorHMAC_SHA1_2 = {
"HMAC-SHA-1 #2",
"key",
"The quick brown fox jumps over the lazy dog",
{0xde, 0x7c, 0x9b, 0x85, 0xb8, 0xb7, 0x8a, 0xa6,
0xbc, 0x8a, 0x7a, 0x36, 0xf7, 0x0a, 0x90, 0x70,
0x1c, 0x9d, 0xb4, 0xd9}
};
SHA1 sha1;
@ -100,6 +120,86 @@ void testHash(Hash *hash, const struct TestHashVector *test)
Serial.println("Failed");
}
// Very simple method for hashing a HMAC inner or outer key.
void hashKey(Hash *hash, const uint8_t *key, size_t keyLen, uint8_t pad)
{
size_t posn;
uint8_t buf;
uint8_t result[HASH_SIZE];
if (keyLen <= BLOCK_SIZE) {
hash->reset();
for (posn = 0; posn < BLOCK_SIZE; ++posn) {
if (posn < keyLen)
buf = key[posn] ^ pad;
else
buf = pad;
hash->update(&buf, 1);
}
} else {
hash->reset();
hash->update(key, keyLen);
hash->finalize(result, HASH_SIZE);
hash->reset();
for (posn = 0; posn < BLOCK_SIZE; ++posn) {
if (posn < HASH_SIZE)
buf = result[posn] ^ pad;
else
buf = pad;
hash->update(&buf, 1);
}
}
}
void testHMAC(Hash *hash, size_t keyLen)
{
uint8_t result[HASH_SIZE];
Serial.print("HMAC-SHA-1 keysize=");
Serial.print(keyLen);
Serial.print(" ... ");
// Construct the expected result with a simple HMAC implementation.
memset(buffer, (uint8_t)keyLen, keyLen);
hashKey(hash, buffer, keyLen, 0x36);
memset(buffer, 0xBA, sizeof(buffer));
hash->update(buffer, sizeof(buffer));
hash->finalize(result, HASH_SIZE);
memset(buffer, (uint8_t)keyLen, keyLen);
hashKey(hash, buffer, keyLen, 0x5C);
hash->update(result, HASH_SIZE);
hash->finalize(result, HASH_SIZE);
// Now use the library to compute the HMAC.
hash->resetHMAC(buffer, keyLen);
memset(buffer, 0xBA, sizeof(buffer));
hash->update(buffer, sizeof(buffer));
memset(buffer, (uint8_t)keyLen, keyLen);
hash->finalizeHMAC(buffer, keyLen, buffer, HASH_SIZE);
// Check the result.
if (!memcmp(result, buffer, HASH_SIZE))
Serial.println("Passed");
else
Serial.println("Failed");
}
void testHMAC(Hash *hash, const struct TestHashVector *test)
{
uint8_t result[HASH_SIZE];
Serial.print(test->name);
Serial.print(" ... ");
hash->resetHMAC(test->key, strlen(test->key));
hash->update(test->data, strlen(test->data));
hash->finalizeHMAC(test->key, strlen(test->key), result, sizeof(result));
if (!memcmp(result, test->hash, HASH_SIZE))
Serial.println("Passed");
else
Serial.println("Failed");
}
void perfHash(Hash *hash)
{
unsigned long start;
@ -133,6 +233,14 @@ void setup()
Serial.println("Test Vectors:");
testHash(&sha1, &testVectorSHA1_1);
testHash(&sha1, &testVectorSHA1_2);
testHMAC(&sha1, &testVectorHMAC_SHA1_1);
testHMAC(&sha1, &testVectorHMAC_SHA1_2);
testHMAC(&sha1, (size_t)0);
testHMAC(&sha1, 1);
testHMAC(&sha1, HASH_SIZE);
testHMAC(&sha1, BLOCK_SIZE);
testHMAC(&sha1, BLOCK_SIZE + 1);
testHMAC(&sha1, sizeof(buffer));
Serial.println();

110
libraries/Crypto/examples/TestSHA256/TestSHA256.ino
View File

@ -29,16 +29,19 @@ This example runs tests on the SHA256 implementation to verify correct behaviour
#include <string.h>
#define HASH_SIZE 32
#define BLOCK_SIZE 64
struct TestHashVector
{
const char *name;
const char *key;
const char *data;
uint8_t hash[HASH_SIZE];
};
static TestHashVector const testVectorSHA256_1 = {
"SHA-256 #1",
0,
"abc",
{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
@ -47,12 +50,31 @@ static TestHashVector const testVectorSHA256_1 = {
};
static TestHashVector const testVectorSHA256_2 = {
"SHA-256 #2",
0,
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
{0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8,
0xe5, 0xc0, 0x26, 0x93, 0x0c, 0x3e, 0x60, 0x39,
0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67,
0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1}
};
static TestHashVector const testVectorHMAC_SHA256_1 = {
"HMAC-SHA-256 #1",
"",
"",
{0xb6, 0x13, 0x67, 0x9a, 0x08, 0x14, 0xd9, 0xec,
0x77, 0x2f, 0x95, 0xd7, 0x78, 0xc3, 0x5f, 0xc5,
0xff, 0x16, 0x97, 0xc4, 0x93, 0x71, 0x56, 0x53,
0xc6, 0xc7, 0x12, 0x14, 0x42, 0x92, 0xc5, 0xad}
};
static TestHashVector const testVectorHMAC_SHA256_2 = {
"HMAC-SHA-256 #2",
"key",
"The quick brown fox jumps over the lazy dog",
{0xf7, 0xbc, 0x83, 0xf4, 0x30, 0x53, 0x84, 0x24,
0xb1, 0x32, 0x98, 0xe6, 0xaa, 0x6f, 0xb1, 0x43,
0xef, 0x4d, 0x59, 0xa1, 0x49, 0x46, 0x17, 0x59,
0x97, 0x47, 0x9d, 0xbc, 0x2d, 0x1a, 0x3c, 0xd8}
};
SHA256 sha256;
@ -102,6 +124,86 @@ void testHash(Hash *hash, const struct TestHashVector *test)
Serial.println("Failed");
}
// Very simple method for hashing a HMAC inner or outer key.
void hashKey(Hash *hash, const uint8_t *key, size_t keyLen, uint8_t pad)
{
size_t posn;
uint8_t buf;
uint8_t result[HASH_SIZE];
if (keyLen <= BLOCK_SIZE) {
hash->reset();
for (posn = 0; posn < BLOCK_SIZE; ++posn) {
if (posn < keyLen)
buf = key[posn] ^ pad;
else
buf = pad;
hash->update(&buf, 1);
}
} else {
hash->reset();
hash->update(key, keyLen);
hash->finalize(result, HASH_SIZE);
hash->reset();
for (posn = 0; posn < BLOCK_SIZE; ++posn) {
if (posn < HASH_SIZE)
buf = result[posn] ^ pad;
else
buf = pad;
hash->update(&buf, 1);
}
}
}
void testHMAC(Hash *hash, size_t keyLen)
{
uint8_t result[HASH_SIZE];
Serial.print("HMAC-SHA-256 keysize=");
Serial.print(keyLen);
Serial.print(" ... ");
// Construct the expected result with a simple HMAC implementation.
memset(buffer, (uint8_t)keyLen, keyLen);
hashKey(hash, buffer, keyLen, 0x36);
memset(buffer, 0xBA, sizeof(buffer));
hash->update(buffer, sizeof(buffer));
hash->finalize(result, HASH_SIZE);
memset(buffer, (uint8_t)keyLen, keyLen);
hashKey(hash, buffer, keyLen, 0x5C);
hash->update(result, HASH_SIZE);
hash->finalize(result, HASH_SIZE);
// Now use the library to compute the HMAC.
hash->resetHMAC(buffer, keyLen);
memset(buffer, 0xBA, sizeof(buffer));
hash->update(buffer, sizeof(buffer));
memset(buffer, (uint8_t)keyLen, keyLen);
hash->finalizeHMAC(buffer, keyLen, buffer, HASH_SIZE);
// Check the result.
if (!memcmp(result, buffer, HASH_SIZE))
Serial.println("Passed");
else
Serial.println("Failed");
}
void testHMAC(Hash *hash, const struct TestHashVector *test)
{
uint8_t result[HASH_SIZE];
Serial.print(test->name);
Serial.print(" ... ");
hash->resetHMAC(test->key, strlen(test->key));
hash->update(test->data, strlen(test->data));
hash->finalizeHMAC(test->key, strlen(test->key), result, sizeof(result));
if (!memcmp(result, test->hash, HASH_SIZE))
Serial.println("Passed");
else
Serial.println("Failed");
}
void perfHash(Hash *hash)
{
unsigned long start;
@ -135,6 +237,14 @@ void setup()
Serial.println("Test Vectors:");
testHash(&sha256, &testVectorSHA256_1);
testHash(&sha256, &testVectorSHA256_2);
testHMAC(&sha256, &testVectorHMAC_SHA256_1);
testHMAC(&sha256, &testVectorHMAC_SHA256_2);
testHMAC(&sha256, (size_t)0);
testHMAC(&sha256, 1);
testHMAC(&sha256, HASH_SIZE);
testHMAC(&sha256, BLOCK_SIZE);
testHMAC(&sha256, BLOCK_SIZE + 1);
testHMAC(&sha256, sizeof(buffer));
Serial.println();

86
libraries/Crypto/examples/TestSHA3_256/TestSHA3_256.ino
View File

@ -31,6 +31,7 @@ correct behaviour.
#define DATA_SIZE 136
#define HASH_SIZE 32
#define BLOCK_SIZE 136
struct TestHashVector
{
@ -95,7 +96,7 @@ static TestHashVector const testVectorSHA3_256_4 = {
0xBE, 0x9B, 0x7C, 0x73, 0x6B, 0x80, 0x59, 0xAB,
0xFD, 0x67, 0x79, 0xAC, 0x35, 0xAC, 0x81, 0xB5}
};
static TestHashVector const testVectorSHA3_256_5 = {
static TestHashVector testVectorSHA3_256_5 = {
"SHA3-256 #5",
{0xB3, 0x2D, 0x95, 0xB0, 0xB9, 0xAA, 0xD2, 0xA8,
0x81, 0x6D, 0xE6, 0xD0, 0x6D, 0x1F, 0x86, 0x00,
@ -123,8 +124,6 @@ static TestHashVector const testVectorSHA3_256_5 = {
SHA3_256 sha3_256;
byte buffer[128];
bool testHash_N(Hash *hash, const struct TestHashVector *test, size_t inc)
{
size_t size = test->dataSize;
@ -176,25 +175,92 @@ void perfHash(Hash *hash)
unsigned long start;
unsigned long elapsed;
int count;
// Reuse one of the test vectors as a large temporary buffer.
uint8_t *buffer = (uint8_t *)&testVectorSHA3_256_5;
Serial.print("Hashing ... ");
for (size_t posn = 0; posn < sizeof(buffer); ++posn)
for (size_t posn = 0; posn < 128; ++posn)
buffer[posn] = (uint8_t)posn;
hash->reset();
start = micros();
for (count = 0; count < 500; ++count) {
hash->update(buffer, sizeof(buffer));
hash->update(buffer, 128);
}
elapsed = micros() - start;
Serial.print(elapsed / (sizeof(buffer) * 500.0));
Serial.print(elapsed / (128 * 500.0));
Serial.print("us per byte, ");
Serial.print((sizeof(buffer) * 500.0 * 1000000.0) / elapsed);
Serial.print((128 * 500.0 * 1000000.0) / elapsed);
Serial.println(" bytes per second");
}
// Very simple method for hashing a HMAC inner or outer key.
void hashKey(Hash *hash, const uint8_t *key, size_t keyLen, uint8_t pad)
{
size_t posn;
uint8_t buf;
uint8_t result[HASH_SIZE];
if (keyLen <= BLOCK_SIZE) {
hash->reset();
for (posn = 0; posn < BLOCK_SIZE; ++posn) {
if (posn < keyLen)
buf = key[posn] ^ pad;
else
buf = pad;
hash->update(&buf, 1);
}
} else {
hash->reset();
hash->update(key, keyLen);
hash->finalize(result, HASH_SIZE);
hash->reset();
for (posn = 0; posn < BLOCK_SIZE; ++posn) {
if (posn < HASH_SIZE)
buf = result[posn] ^ pad;
else
buf = pad;
hash->update(&buf, 1);
}
}
}
void testHMAC(Hash *hash, size_t keyLen)
{
uint8_t result[HASH_SIZE];
// Reuse one of the test vectors as a large temporary buffer.
uint8_t *buffer = (uint8_t *)&testVectorSHA3_256_5;
Serial.print("HMAC-SHA3-256 keysize=");
Serial.print(keyLen);
Serial.print(" ... ");
// Construct the expected result with a simple HMAC implementation.
memset(buffer, (uint8_t)keyLen, keyLen);
hashKey(hash, buffer, keyLen, 0x36);
memset(buffer, 0xBA, sizeof(buffer));
hash->update(buffer, sizeof(buffer));
hash->finalize(result, HASH_SIZE);
memset(buffer, (uint8_t)keyLen, keyLen);
hashKey(hash, buffer, keyLen, 0x5C);
hash->update(result, HASH_SIZE);
hash->finalize(result, HASH_SIZE);
// Now use the library to compute the HMAC.
hash->resetHMAC(buffer, keyLen);
memset(buffer, 0xBA, sizeof(buffer));
hash->update(buffer, sizeof(buffer));
memset(buffer, (uint8_t)keyLen, keyLen);
hash->finalizeHMAC(buffer, keyLen, buffer, HASH_SIZE);
// Check the result.
if (!memcmp(result, buffer, HASH_SIZE))
Serial.println("Passed");
else
Serial.println("Failed");
}
void setup()
{
Serial.begin(9600);
@ -207,6 +273,12 @@ void setup()
testHash(&sha3_256, &testVectorSHA3_256_3);
testHash(&sha3_256, &testVectorSHA3_256_4);
testHash(&sha3_256, &testVectorSHA3_256_5);
testHMAC(&sha3_256, (size_t)0);
testHMAC(&sha3_256, 1);
testHMAC(&sha3_256, HASH_SIZE);
testHMAC(&sha3_256, BLOCK_SIZE);
testHMAC(&sha3_256, BLOCK_SIZE + 1);
testHMAC(&sha3_256, BLOCK_SIZE + 2);
Serial.println();

70
libraries/Crypto/examples/TestSHA3_512/TestSHA3_512.ino
View File

@ -31,6 +31,7 @@ correct behaviour.
#define DATA_SIZE 72
#define HASH_SIZE 64
#define BLOCK_SIZE 72
struct TestHashVector
{
@ -199,6 +200,69 @@ void perfHash(Hash *hash)
Serial.println(" bytes per second");
}
// Very simple method for hashing a HMAC inner or outer key.
void hashKey(Hash *hash, const uint8_t *key, size_t keyLen, uint8_t pad)
{
size_t posn;
uint8_t buf;
uint8_t result[HASH_SIZE];
if (keyLen <= BLOCK_SIZE) {
hash->reset();
for (posn = 0; posn < BLOCK_SIZE; ++posn) {
if (posn < keyLen)
buf = key[posn] ^ pad;
else
buf = pad;
hash->update(&buf, 1);
}
} else {
hash->reset();
hash->update(key, keyLen);
hash->finalize(result, HASH_SIZE);
hash->reset();
for (posn = 0; posn < BLOCK_SIZE; ++posn) {
if (posn < HASH_SIZE)
buf = result[posn] ^ pad;
else
buf = pad;
hash->update(&buf, 1);
}
}
}
void testHMAC(Hash *hash, size_t keyLen)
{
uint8_t result[HASH_SIZE];
Serial.print("HMAC-SHA3-512 keysize=");
Serial.print(keyLen);
Serial.print(" ... ");
// Construct the expected result with a simple HMAC implementation.
memset(buffer, (uint8_t)keyLen, keyLen);
hashKey(hash, buffer, keyLen, 0x36);
memset(buffer, 0xBA, sizeof(buffer));
hash->update(buffer, sizeof(buffer));
hash->finalize(result, HASH_SIZE);
memset(buffer, (uint8_t)keyLen, keyLen);
hashKey(hash, buffer, keyLen, 0x5C);
hash->update(result, HASH_SIZE);
hash->finalize(result, HASH_SIZE);
// Now use the library to compute the HMAC.
hash->resetHMAC(buffer, keyLen);
memset(buffer, 0xBA, sizeof(buffer));
hash->update(buffer, sizeof(buffer));
memset(buffer, (uint8_t)keyLen, keyLen);
hash->finalizeHMAC(buffer, keyLen, buffer, HASH_SIZE);
// Check the result.
if (!memcmp(result, buffer, HASH_SIZE))
Serial.println("Passed");
else
Serial.println("Failed");
}
void setup()
{
Serial.begin(9600);
@ -211,6 +275,12 @@ void setup()
testHash(&sha3_512, &testVectorSHA3_512_3);
testHash(&sha3_512, &testVectorSHA3_512_4);
testHash(&sha3_512, &testVectorSHA3_512_5);
testHMAC(&sha3_512, (size_t)0);
testHMAC(&sha3_512, 1);
testHMAC(&sha3_512, HASH_SIZE);
testHMAC(&sha3_512, BLOCK_SIZE);
testHMAC(&sha3_512, BLOCK_SIZE + 1);
testHMAC(&sha3_512, sizeof(buffer));
Serial.println();

72
libraries/Crypto/examples/TestSHA512/TestSHA512.ino
View File

@ -29,6 +29,7 @@ This example runs tests on the SHA512 implementation to verify correct behaviour
#include <string.h>
#define HASH_SIZE 64
#define BLOCK_SIZE 128
struct TestHashVector
{
@ -77,7 +78,7 @@ static TestHashVector const testVectorSHA512_3 = {
SHA512 sha512;
byte buffer[128];
byte buffer[BLOCK_SIZE + 2];
bool testHash_N(Hash *hash, const struct TestHashVector *test, size_t inc)
{
@ -147,6 +148,69 @@ void perfHash(Hash *hash)
Serial.println(" bytes per second");
}
// Very simple method for hashing a HMAC inner or outer key.
void hashKey(Hash *hash, const uint8_t *key, size_t keyLen, uint8_t pad)
{
size_t posn;
uint8_t buf;
uint8_t result[HASH_SIZE];
if (keyLen <= BLOCK_SIZE) {
hash->reset();
for (posn = 0; posn < BLOCK_SIZE; ++posn) {
if (posn < keyLen)
buf = key[posn] ^ pad;
else
buf = pad;
hash->update(&buf, 1);
}
} else {
hash->reset();
hash->update(key, keyLen);
hash->finalize(result, HASH_SIZE);
hash->reset();
for (posn = 0; posn < BLOCK_SIZE; ++posn) {
if (posn < HASH_SIZE)
buf = result[posn] ^ pad;
else
buf = pad;
hash->update(&buf, 1);
}
}
}
void testHMAC(Hash *hash, size_t keyLen)
{
uint8_t result[HASH_SIZE];
Serial.print("HMAC-SHA-512 keysize=");
Serial.print(keyLen);
Serial.print(" ... ");
// Construct the expected result with a simple HMAC implementation.
memset(buffer, (uint8_t)keyLen, keyLen);
hashKey(hash, buffer, keyLen, 0x36);
memset(buffer, 0xBA, sizeof(buffer));
hash->update(buffer, sizeof(buffer));
hash->finalize(result, HASH_SIZE);
memset(buffer, (uint8_t)keyLen, keyLen);
hashKey(hash, buffer, keyLen, 0x5C);
hash->update(result, HASH_SIZE);
hash->finalize(result, HASH_SIZE);
// Now use the library to compute the HMAC.
hash->resetHMAC(buffer, keyLen);
memset(buffer, 0xBA, sizeof(buffer));
hash->update(buffer, sizeof(buffer));
memset(buffer, (uint8_t)keyLen, keyLen);
hash->finalizeHMAC(buffer, keyLen, buffer, HASH_SIZE);
// Check the result.
if (!memcmp(result, buffer, HASH_SIZE))
Serial.println("Passed");
else
Serial.println("Failed");
}
void setup()
{
Serial.begin(9600);
@ -157,6 +221,12 @@ void setup()
testHash(&sha512, &testVectorSHA512_1);
testHash(&sha512, &testVectorSHA512_2);
testHash(&sha512, &testVectorSHA512_3);
testHMAC(&sha512, (size_t)0);
testHMAC(&sha512, 1);
testHMAC(&sha512, HASH_SIZE);
testHMAC(&sha512, BLOCK_SIZE);
testHMAC(&sha512, BLOCK_SIZE + 1);
testHMAC(&sha512, BLOCK_SIZE + 2);
Serial.println();