hmacsha.c revision 298770
1143731Sdougb/* 2262706Serwin * Copyright (C) 2005-2007, 2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") 3143731Sdougb * 4143731Sdougb * Permission to use, copy, modify, and/or distribute this software for any 5193149Sdougb * purpose with or without fee is hereby granted, provided that the above 6143731Sdougb * copyright notice and this permission notice appear in all copies. 7143731Sdougb * 8143731Sdougb * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 9143731Sdougb * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 10143731Sdougb * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 11143731Sdougb * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 12143731Sdougb * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 13143731Sdougb * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 14143731Sdougb * PERFORMANCE OF THIS SOFTWARE. 15143731Sdougb */ 16143731Sdougb 17143731Sdougb/* $Id$ */ 18234010Sdougb 19143731Sdougb/* 20143731Sdougb * This code implements the HMAC-SHA1, HMAC-SHA224, HMAC-SHA256, HMAC-SHA384 21143731Sdougb * and HMAC-SHA512 keyed hash algorithm described in RFC 2104 and 22143731Sdougb * draft-ietf-dnsext-tsig-sha-01.txt. 23193149Sdougb */ 24170222Sdougb 25193149Sdougb#include "config.h" 26143731Sdougb 27193149Sdougb#include <isc/assertions.h> 28143731Sdougb#include <isc/hmacsha.h> 29193149Sdougb#include <isc/platform.h> 30143731Sdougb#include <isc/sha1.h> 31193149Sdougb#include <isc/sha2.h> 32262706Serwin#include <isc/string.h> 33193149Sdougb#include <isc/types.h> 34193149Sdougb#include <isc/util.h> 35193149Sdougb 36193149Sdougb#ifdef ISC_PLATFORM_OPENSSLHASH 37224092Sdougb 38193149Sdougbvoid 39193149Sdougbisc_hmacsha1_init(isc_hmacsha1_t *ctx, const unsigned char *key, 40224092Sdougb unsigned int len) 41224092Sdougb{ 42193149Sdougb HMAC_Init(ctx, (const void *) key, (int) len, EVP_sha1()); 43224092Sdougb} 44193149Sdougb 45193149Sdougbvoid 46193149Sdougbisc_hmacsha1_invalidate(isc_hmacsha1_t *ctx) { 47193149Sdougb HMAC_CTX_cleanup(ctx); 48193149Sdougb} 49143731Sdougb 50143731Sdougbvoid 51143731Sdougbisc_hmacsha1_update(isc_hmacsha1_t *ctx, const unsigned char *buf, 52143731Sdougb unsigned int len) 53143731Sdougb{ 54143731Sdougb HMAC_Update(ctx, buf, (int) len); 55143731Sdougb} 56143731Sdougb 57143731Sdougbvoid 58143731Sdougbisc_hmacsha1_sign(isc_hmacsha1_t *ctx, unsigned char *digest, size_t len) { 59143731Sdougb unsigned char newdigest[ISC_SHA1_DIGESTLENGTH]; 60193149Sdougb 61193149Sdougb REQUIRE(len <= ISC_SHA1_DIGESTLENGTH); 62193149Sdougb 63193149Sdougb HMAC_Final(ctx, newdigest, NULL); 64193149Sdougb HMAC_CTX_cleanup(ctx); 65193149Sdougb memcpy(digest, newdigest, len); 66193149Sdougb memset(newdigest, 0, sizeof(newdigest)); 67193149Sdougb} 68193149Sdougb 69193149Sdougbvoid 70193149Sdougbisc_hmacsha224_init(isc_hmacsha224_t *ctx, const unsigned char *key, 71193149Sdougb unsigned int len) 72193149Sdougb{ 73193149Sdougb HMAC_Init(ctx, (const void *) key, (int) len, EVP_sha224()); 74193149Sdougb} 75193149Sdougb 76193149Sdougbvoid 77193149Sdougbisc_hmacsha224_invalidate(isc_hmacsha224_t *ctx) { 78143731Sdougb HMAC_CTX_cleanup(ctx); 79143731Sdougb} 80193149Sdougb 81193149Sdougbvoid 82193149Sdougbisc_hmacsha224_update(isc_hmacsha224_t *ctx, const unsigned char *buf, 83193149Sdougb unsigned int len) 84193149Sdougb{ 85193149Sdougb HMAC_Update(ctx, buf, (int) len); 86193149Sdougb} 87193149Sdougb 88193149Sdougbvoid 89193149Sdougbisc_hmacsha224_sign(isc_hmacsha224_t *ctx, unsigned char *digest, size_t len) { 90193149Sdougb unsigned char newdigest[ISC_SHA224_DIGESTLENGTH]; 91193149Sdougb 92193149Sdougb REQUIRE(len <= ISC_SHA224_DIGESTLENGTH); 93193149Sdougb 94143731Sdougb HMAC_Final(ctx, newdigest, NULL); 95143731Sdougb HMAC_CTX_cleanup(ctx); 96193149Sdougb memcpy(digest, newdigest, len); 97224092Sdougb memset(newdigest, 0, sizeof(newdigest)); 98224092Sdougb} 99193149Sdougb 100193149Sdougbvoid 101193149Sdougbisc_hmacsha256_init(isc_hmacsha256_t *ctx, const unsigned char *key, 102193149Sdougb unsigned int len) 103193149Sdougb{ 104193149Sdougb HMAC_Init(ctx, (const void *) key, (int) len, EVP_sha256()); 105193149Sdougb} 106193149Sdougb 107193149Sdougbvoid 108193149Sdougbisc_hmacsha256_invalidate(isc_hmacsha256_t *ctx) { 109193149Sdougb HMAC_CTX_cleanup(ctx); 110193149Sdougb} 111193149Sdougb 112193149Sdougbvoid 113193149Sdougbisc_hmacsha256_update(isc_hmacsha256_t *ctx, const unsigned char *buf, 114193149Sdougb unsigned int len) 115193149Sdougb{ 116224092Sdougb HMAC_Update(ctx, buf, (int) len); 117193149Sdougb} 118143731Sdougb 119193149Sdougbvoid 120193149Sdougbisc_hmacsha256_sign(isc_hmacsha256_t *ctx, unsigned char *digest, size_t len) { 121224092Sdougb unsigned char newdigest[ISC_SHA256_DIGESTLENGTH]; 122193149Sdougb 123193149Sdougb REQUIRE(len <= ISC_SHA256_DIGESTLENGTH); 124193149Sdougb 125143731Sdougb HMAC_Final(ctx, newdigest, NULL); 126193149Sdougb HMAC_CTX_cleanup(ctx); 127193149Sdougb memcpy(digest, newdigest, len); 128193149Sdougb memset(newdigest, 0, sizeof(newdigest)); 129193149Sdougb} 130193149Sdougb 131193149Sdougbvoid 132193149Sdougbisc_hmacsha384_init(isc_hmacsha384_t *ctx, const unsigned char *key, 133193149Sdougb unsigned int len) 134193149Sdougb{ 135193149Sdougb HMAC_Init(ctx, (const void *) key, (int) len, EVP_sha384()); 136193149Sdougb} 137193149Sdougb 138193149Sdougbvoid 139193149Sdougbisc_hmacsha384_invalidate(isc_hmacsha384_t *ctx) { 140193149Sdougb HMAC_CTX_cleanup(ctx); 141193149Sdougb} 142193149Sdougb 143193149Sdougbvoid 144193149Sdougbisc_hmacsha384_update(isc_hmacsha384_t *ctx, const unsigned char *buf, 145193149Sdougb unsigned int len) 146193149Sdougb{ 147193149Sdougb HMAC_Update(ctx, buf, (int) len); 148193149Sdougb} 149143731Sdougb 150143731Sdougbvoid 151193149Sdougbisc_hmacsha384_sign(isc_hmacsha384_t *ctx, unsigned char *digest, size_t len) { 152193149Sdougb unsigned char newdigest[ISC_SHA384_DIGESTLENGTH]; 153193149Sdougb 154193149Sdougb REQUIRE(len <= ISC_SHA384_DIGESTLENGTH); 155193149Sdougb 156193149Sdougb HMAC_Final(ctx, newdigest, NULL); 157193149Sdougb HMAC_CTX_cleanup(ctx); 158193149Sdougb memcpy(digest, newdigest, len); 159193149Sdougb memset(newdigest, 0, sizeof(newdigest)); 160193149Sdougb} 161193149Sdougb 162193149Sdougbvoid 163193149Sdougbisc_hmacsha512_init(isc_hmacsha512_t *ctx, const unsigned char *key, 164193149Sdougb unsigned int len) 165193149Sdougb{ 166193149Sdougb HMAC_Init(ctx, (const void *) key, (int) len, EVP_sha512()); 167193149Sdougb} 168193149Sdougb 169193149Sdougbvoid 170193149Sdougbisc_hmacsha512_invalidate(isc_hmacsha512_t *ctx) { 171193149Sdougb HMAC_CTX_cleanup(ctx); 172193149Sdougb} 173193149Sdougb 174193149Sdougbvoid 175193149Sdougbisc_hmacsha512_update(isc_hmacsha512_t *ctx, const unsigned char *buf, 176193149Sdougb unsigned int len) 177193149Sdougb{ 178193149Sdougb HMAC_Update(ctx, buf, (int) len); 179193149Sdougb} 180193149Sdougb 181193149Sdougbvoid 182193149Sdougbisc_hmacsha512_sign(isc_hmacsha512_t *ctx, unsigned char *digest, size_t len) { 183193149Sdougb unsigned char newdigest[ISC_SHA512_DIGESTLENGTH]; 184193149Sdougb 185193149Sdougb REQUIRE(len <= ISC_SHA512_DIGESTLENGTH); 186193149Sdougb 187193149Sdougb HMAC_Final(ctx, newdigest, NULL); 188193149Sdougb HMAC_CTX_cleanup(ctx); 189193149Sdougb memcpy(digest, newdigest, len); 190193149Sdougb memset(newdigest, 0, sizeof(newdigest)); 191193149Sdougb} 192193149Sdougb 193193149Sdougb#else 194193149Sdougb 195193149Sdougb#define IPAD 0x36 196193149Sdougb#define OPAD 0x5C 197193149Sdougb 198193149Sdougb/* 199193149Sdougb * Start HMAC-SHA1 process. Initialize an sha1 context and digest the key. 200193149Sdougb */ 201193149Sdougbvoid 202193149Sdougbisc_hmacsha1_init(isc_hmacsha1_t *ctx, const unsigned char *key, 203193149Sdougb unsigned int len) 204193149Sdougb{ 205193149Sdougb unsigned char ipad[ISC_SHA1_BLOCK_LENGTH]; 206193149Sdougb unsigned int i; 207193149Sdougb 208193149Sdougb memset(ctx->key, 0, sizeof(ctx->key)); 209193149Sdougb if (len > sizeof(ctx->key)) { 210193149Sdougb isc_sha1_t sha1ctx; 211193149Sdougb isc_sha1_init(&sha1ctx); 212143731Sdougb isc_sha1_update(&sha1ctx, key, len); 213143731Sdougb isc_sha1_final(&sha1ctx, ctx->key); 214143731Sdougb } else 215 memcpy(ctx->key, key, len); 216 217 isc_sha1_init(&ctx->sha1ctx); 218 memset(ipad, IPAD, sizeof(ipad)); 219 for (i = 0; i < ISC_SHA1_BLOCK_LENGTH; i++) 220 ipad[i] ^= ctx->key[i]; 221 isc_sha1_update(&ctx->sha1ctx, ipad, sizeof(ipad)); 222} 223 224void 225isc_hmacsha1_invalidate(isc_hmacsha1_t *ctx) { 226 isc_sha1_invalidate(&ctx->sha1ctx); 227 memset(ctx, 0, sizeof(*ctx)); 228} 229 230/* 231 * Update context to reflect the concatenation of another buffer full 232 * of bytes. 233 */ 234void 235isc_hmacsha1_update(isc_hmacsha1_t *ctx, const unsigned char *buf, 236 unsigned int len) 237{ 238 isc_sha1_update(&ctx->sha1ctx, buf, len); 239} 240 241/* 242 * Compute signature - finalize SHA1 operation and reapply SHA1. 243 */ 244void 245isc_hmacsha1_sign(isc_hmacsha1_t *ctx, unsigned char *digest, size_t len) { 246 unsigned char opad[ISC_SHA1_BLOCK_LENGTH]; 247 unsigned char newdigest[ISC_SHA1_DIGESTLENGTH]; 248 unsigned int i; 249 250 REQUIRE(len <= ISC_SHA1_DIGESTLENGTH); 251 isc_sha1_final(&ctx->sha1ctx, newdigest); 252 253 memset(opad, OPAD, sizeof(opad)); 254 for (i = 0; i < ISC_SHA1_BLOCK_LENGTH; i++) 255 opad[i] ^= ctx->key[i]; 256 257 isc_sha1_init(&ctx->sha1ctx); 258 isc_sha1_update(&ctx->sha1ctx, opad, sizeof(opad)); 259 isc_sha1_update(&ctx->sha1ctx, newdigest, ISC_SHA1_DIGESTLENGTH); 260 isc_sha1_final(&ctx->sha1ctx, newdigest); 261 isc_hmacsha1_invalidate(ctx); 262 memcpy(digest, newdigest, len); 263 memset(newdigest, 0, sizeof(newdigest)); 264} 265 266/* 267 * Start HMAC-SHA224 process. Initialize an sha224 context and digest the key. 268 */ 269void 270isc_hmacsha224_init(isc_hmacsha224_t *ctx, const unsigned char *key, 271 unsigned int len) 272{ 273 unsigned char ipad[ISC_SHA224_BLOCK_LENGTH]; 274 unsigned int i; 275 276 memset(ctx->key, 0, sizeof(ctx->key)); 277 if (len > sizeof(ctx->key)) { 278 isc_sha224_t sha224ctx; 279 isc_sha224_init(&sha224ctx); 280 isc_sha224_update(&sha224ctx, key, len); 281 isc_sha224_final(ctx->key, &sha224ctx); 282 } else 283 memcpy(ctx->key, key, len); 284 285 isc_sha224_init(&ctx->sha224ctx); 286 memset(ipad, IPAD, sizeof(ipad)); 287 for (i = 0; i < ISC_SHA224_BLOCK_LENGTH; i++) 288 ipad[i] ^= ctx->key[i]; 289 isc_sha224_update(&ctx->sha224ctx, ipad, sizeof(ipad)); 290} 291 292void 293isc_hmacsha224_invalidate(isc_hmacsha224_t *ctx) { 294 memset(ctx, 0, sizeof(*ctx)); 295} 296 297/* 298 * Update context to reflect the concatenation of another buffer full 299 * of bytes. 300 */ 301void 302isc_hmacsha224_update(isc_hmacsha224_t *ctx, const unsigned char *buf, 303 unsigned int len) 304{ 305 isc_sha224_update(&ctx->sha224ctx, buf, len); 306} 307 308/* 309 * Compute signature - finalize SHA224 operation and reapply SHA224. 310 */ 311void 312isc_hmacsha224_sign(isc_hmacsha224_t *ctx, unsigned char *digest, size_t len) { 313 unsigned char opad[ISC_SHA224_BLOCK_LENGTH]; 314 unsigned char newdigest[ISC_SHA224_DIGESTLENGTH]; 315 unsigned int i; 316 317 REQUIRE(len <= ISC_SHA224_DIGESTLENGTH); 318 isc_sha224_final(newdigest, &ctx->sha224ctx); 319 320 memset(opad, OPAD, sizeof(opad)); 321 for (i = 0; i < ISC_SHA224_BLOCK_LENGTH; i++) 322 opad[i] ^= ctx->key[i]; 323 324 isc_sha224_init(&ctx->sha224ctx); 325 isc_sha224_update(&ctx->sha224ctx, opad, sizeof(opad)); 326 isc_sha224_update(&ctx->sha224ctx, newdigest, ISC_SHA224_DIGESTLENGTH); 327 isc_sha224_final(newdigest, &ctx->sha224ctx); 328 memcpy(digest, newdigest, len); 329 memset(newdigest, 0, sizeof(newdigest)); 330} 331 332/* 333 * Start HMAC-SHA256 process. Initialize an sha256 context and digest the key. 334 */ 335void 336isc_hmacsha256_init(isc_hmacsha256_t *ctx, const unsigned char *key, 337 unsigned int len) 338{ 339 unsigned char ipad[ISC_SHA256_BLOCK_LENGTH]; 340 unsigned int i; 341 342 memset(ctx->key, 0, sizeof(ctx->key)); 343 if (len > sizeof(ctx->key)) { 344 isc_sha256_t sha256ctx; 345 isc_sha256_init(&sha256ctx); 346 isc_sha256_update(&sha256ctx, key, len); 347 isc_sha256_final(ctx->key, &sha256ctx); 348 } else 349 memcpy(ctx->key, key, len); 350 351 isc_sha256_init(&ctx->sha256ctx); 352 memset(ipad, IPAD, sizeof(ipad)); 353 for (i = 0; i < ISC_SHA256_BLOCK_LENGTH; i++) 354 ipad[i] ^= ctx->key[i]; 355 isc_sha256_update(&ctx->sha256ctx, ipad, sizeof(ipad)); 356} 357 358void 359isc_hmacsha256_invalidate(isc_hmacsha256_t *ctx) { 360 memset(ctx, 0, sizeof(*ctx)); 361} 362 363/* 364 * Update context to reflect the concatenation of another buffer full 365 * of bytes. 366 */ 367void 368isc_hmacsha256_update(isc_hmacsha256_t *ctx, const unsigned char *buf, 369 unsigned int len) 370{ 371 isc_sha256_update(&ctx->sha256ctx, buf, len); 372} 373 374/* 375 * Compute signature - finalize SHA256 operation and reapply SHA256. 376 */ 377void 378isc_hmacsha256_sign(isc_hmacsha256_t *ctx, unsigned char *digest, size_t len) { 379 unsigned char opad[ISC_SHA256_BLOCK_LENGTH]; 380 unsigned char newdigest[ISC_SHA256_DIGESTLENGTH]; 381 unsigned int i; 382 383 REQUIRE(len <= ISC_SHA256_DIGESTLENGTH); 384 isc_sha256_final(newdigest, &ctx->sha256ctx); 385 386 memset(opad, OPAD, sizeof(opad)); 387 for (i = 0; i < ISC_SHA256_BLOCK_LENGTH; i++) 388 opad[i] ^= ctx->key[i]; 389 390 isc_sha256_init(&ctx->sha256ctx); 391 isc_sha256_update(&ctx->sha256ctx, opad, sizeof(opad)); 392 isc_sha256_update(&ctx->sha256ctx, newdigest, ISC_SHA256_DIGESTLENGTH); 393 isc_sha256_final(newdigest, &ctx->sha256ctx); 394 memcpy(digest, newdigest, len); 395 memset(newdigest, 0, sizeof(newdigest)); 396} 397 398/* 399 * Start HMAC-SHA384 process. Initialize an sha384 context and digest the key. 400 */ 401void 402isc_hmacsha384_init(isc_hmacsha384_t *ctx, const unsigned char *key, 403 unsigned int len) 404{ 405 unsigned char ipad[ISC_SHA384_BLOCK_LENGTH]; 406 unsigned int i; 407 408 memset(ctx->key, 0, sizeof(ctx->key)); 409 if (len > sizeof(ctx->key)) { 410 isc_sha384_t sha384ctx; 411 isc_sha384_init(&sha384ctx); 412 isc_sha384_update(&sha384ctx, key, len); 413 isc_sha384_final(ctx->key, &sha384ctx); 414 } else 415 memcpy(ctx->key, key, len); 416 417 isc_sha384_init(&ctx->sha384ctx); 418 memset(ipad, IPAD, sizeof(ipad)); 419 for (i = 0; i < ISC_SHA384_BLOCK_LENGTH; i++) 420 ipad[i] ^= ctx->key[i]; 421 isc_sha384_update(&ctx->sha384ctx, ipad, sizeof(ipad)); 422} 423 424void 425isc_hmacsha384_invalidate(isc_hmacsha384_t *ctx) { 426 memset(ctx, 0, sizeof(*ctx)); 427} 428 429/* 430 * Update context to reflect the concatenation of another buffer full 431 * of bytes. 432 */ 433void 434isc_hmacsha384_update(isc_hmacsha384_t *ctx, const unsigned char *buf, 435 unsigned int len) 436{ 437 isc_sha384_update(&ctx->sha384ctx, buf, len); 438} 439 440/* 441 * Compute signature - finalize SHA384 operation and reapply SHA384. 442 */ 443void 444isc_hmacsha384_sign(isc_hmacsha384_t *ctx, unsigned char *digest, size_t len) { 445 unsigned char opad[ISC_SHA384_BLOCK_LENGTH]; 446 unsigned char newdigest[ISC_SHA384_DIGESTLENGTH]; 447 unsigned int i; 448 449 REQUIRE(len <= ISC_SHA384_DIGESTLENGTH); 450 isc_sha384_final(newdigest, &ctx->sha384ctx); 451 452 memset(opad, OPAD, sizeof(opad)); 453 for (i = 0; i < ISC_SHA384_BLOCK_LENGTH; i++) 454 opad[i] ^= ctx->key[i]; 455 456 isc_sha384_init(&ctx->sha384ctx); 457 isc_sha384_update(&ctx->sha384ctx, opad, sizeof(opad)); 458 isc_sha384_update(&ctx->sha384ctx, newdigest, ISC_SHA384_DIGESTLENGTH); 459 isc_sha384_final(newdigest, &ctx->sha384ctx); 460 memcpy(digest, newdigest, len); 461 memset(newdigest, 0, sizeof(newdigest)); 462} 463 464/* 465 * Start HMAC-SHA512 process. Initialize an sha512 context and digest the key. 466 */ 467void 468isc_hmacsha512_init(isc_hmacsha512_t *ctx, const unsigned char *key, 469 unsigned int len) 470{ 471 unsigned char ipad[ISC_SHA512_BLOCK_LENGTH]; 472 unsigned int i; 473 474 memset(ctx->key, 0, sizeof(ctx->key)); 475 if (len > sizeof(ctx->key)) { 476 isc_sha512_t sha512ctx; 477 isc_sha512_init(&sha512ctx); 478 isc_sha512_update(&sha512ctx, key, len); 479 isc_sha512_final(ctx->key, &sha512ctx); 480 } else 481 memcpy(ctx->key, key, len); 482 483 isc_sha512_init(&ctx->sha512ctx); 484 memset(ipad, IPAD, sizeof(ipad)); 485 for (i = 0; i < ISC_SHA512_BLOCK_LENGTH; i++) 486 ipad[i] ^= ctx->key[i]; 487 isc_sha512_update(&ctx->sha512ctx, ipad, sizeof(ipad)); 488} 489 490void 491isc_hmacsha512_invalidate(isc_hmacsha512_t *ctx) { 492 memset(ctx, 0, sizeof(*ctx)); 493} 494 495/* 496 * Update context to reflect the concatenation of another buffer full 497 * of bytes. 498 */ 499void 500isc_hmacsha512_update(isc_hmacsha512_t *ctx, const unsigned char *buf, 501 unsigned int len) 502{ 503 isc_sha512_update(&ctx->sha512ctx, buf, len); 504} 505 506/* 507 * Compute signature - finalize SHA512 operation and reapply SHA512. 508 */ 509void 510isc_hmacsha512_sign(isc_hmacsha512_t *ctx, unsigned char *digest, size_t len) { 511 unsigned char opad[ISC_SHA512_BLOCK_LENGTH]; 512 unsigned char newdigest[ISC_SHA512_DIGESTLENGTH]; 513 unsigned int i; 514 515 REQUIRE(len <= ISC_SHA512_DIGESTLENGTH); 516 isc_sha512_final(newdigest, &ctx->sha512ctx); 517 518 memset(opad, OPAD, sizeof(opad)); 519 for (i = 0; i < ISC_SHA512_BLOCK_LENGTH; i++) 520 opad[i] ^= ctx->key[i]; 521 522 isc_sha512_init(&ctx->sha512ctx); 523 isc_sha512_update(&ctx->sha512ctx, opad, sizeof(opad)); 524 isc_sha512_update(&ctx->sha512ctx, newdigest, ISC_SHA512_DIGESTLENGTH); 525 isc_sha512_final(newdigest, &ctx->sha512ctx); 526 memcpy(digest, newdigest, len); 527 memset(newdigest, 0, sizeof(newdigest)); 528} 529#endif /* !ISC_PLATFORM_OPENSSLHASH */ 530 531/* 532 * Verify signature - finalize SHA1 operation and reapply SHA1, then 533 * compare to the supplied digest. 534 */ 535isc_boolean_t 536isc_hmacsha1_verify(isc_hmacsha1_t *ctx, unsigned char *digest, size_t len) { 537 unsigned char newdigest[ISC_SHA1_DIGESTLENGTH]; 538 539 REQUIRE(len <= ISC_SHA1_DIGESTLENGTH); 540 isc_hmacsha1_sign(ctx, newdigest, ISC_SHA1_DIGESTLENGTH); 541 return (ISC_TF(isc_tsmemcmp(digest, newdigest, len) == 0)); 542} 543 544/* 545 * Verify signature - finalize SHA224 operation and reapply SHA224, then 546 * compare to the supplied digest. 547 */ 548isc_boolean_t 549isc_hmacsha224_verify(isc_hmacsha224_t *ctx, unsigned char *digest, size_t len) { 550 unsigned char newdigest[ISC_SHA224_DIGESTLENGTH]; 551 552 REQUIRE(len <= ISC_SHA224_DIGESTLENGTH); 553 isc_hmacsha224_sign(ctx, newdigest, ISC_SHA224_DIGESTLENGTH); 554 return (ISC_TF(isc_tsmemcmp(digest, newdigest, len) == 0)); 555} 556 557/* 558 * Verify signature - finalize SHA256 operation and reapply SHA256, then 559 * compare to the supplied digest. 560 */ 561isc_boolean_t 562isc_hmacsha256_verify(isc_hmacsha256_t *ctx, unsigned char *digest, size_t len) { 563 unsigned char newdigest[ISC_SHA256_DIGESTLENGTH]; 564 565 REQUIRE(len <= ISC_SHA256_DIGESTLENGTH); 566 isc_hmacsha256_sign(ctx, newdigest, ISC_SHA256_DIGESTLENGTH); 567 return (ISC_TF(isc_tsmemcmp(digest, newdigest, len) == 0)); 568} 569 570/* 571 * Verify signature - finalize SHA384 operation and reapply SHA384, then 572 * compare to the supplied digest. 573 */ 574isc_boolean_t 575isc_hmacsha384_verify(isc_hmacsha384_t *ctx, unsigned char *digest, size_t len) { 576 unsigned char newdigest[ISC_SHA384_DIGESTLENGTH]; 577 578 REQUIRE(len <= ISC_SHA384_DIGESTLENGTH); 579 isc_hmacsha384_sign(ctx, newdigest, ISC_SHA384_DIGESTLENGTH); 580 return (ISC_TF(isc_tsmemcmp(digest, newdigest, len) == 0)); 581} 582 583/* 584 * Verify signature - finalize SHA512 operation and reapply SHA512, then 585 * compare to the supplied digest. 586 */ 587isc_boolean_t 588isc_hmacsha512_verify(isc_hmacsha512_t *ctx, unsigned char *digest, size_t len) { 589 unsigned char newdigest[ISC_SHA512_DIGESTLENGTH]; 590 591 REQUIRE(len <= ISC_SHA512_DIGESTLENGTH); 592 isc_hmacsha512_sign(ctx, newdigest, ISC_SHA512_DIGESTLENGTH); 593 return (ISC_TF(isc_tsmemcmp(digest, newdigest, len) == 0)); 594} 595