diff options
| author | Mattias Andrée <maandree@kth.se> | 2024-09-15 02:15:08 +0200 |
|---|---|---|
| committer | Mattias Andrée <maandree@kth.se> | 2024-09-15 02:15:08 +0200 |
| commit | d4ce8327ff902b5ecd42d057063c03793e6d91c2 (patch) | |
| tree | 7ec1db1573f12225d6f6c324865b1b49a5a9580d /libkeccak_hmac_digest.c | |
| parent | m (diff) | |
| download | libkeccak-d4ce8327ff902b5ecd42d057063c03793e6d91c2.tar.gz libkeccak-d4ce8327ff902b5ecd42d057063c03793e6d91c2.tar.bz2 libkeccak-d4ce8327ff902b5ecd42d057063c03793e6d91c2.tar.xz | |
Organise files
Signed-off-by: Mattias Andrée <maandree@kth.se>
Diffstat (limited to 'libkeccak_hmac_digest.c')
| -rw-r--r-- | libkeccak_hmac_digest.c | 81 |
1 files changed, 0 insertions, 81 deletions
diff --git a/libkeccak_hmac_digest.c b/libkeccak_hmac_digest.c deleted file mode 100644 index 2e1732f..0000000 --- a/libkeccak_hmac_digest.c +++ /dev/null @@ -1,81 +0,0 @@ -/* See LICENSE file for copyright and license details. */ -#define NEED_EXPLICIT_BZERO 1 -#include "common.h" - - -/** - * Absorb the last part of the message and fetch the hash - * and wipe sensitive data when possible - * - * You may use `&state->sponge` for continued squeezing - * - * @param state The hashing state - * @param msg_ The rest of the message, may be `NULL`, may be modified - * @param msglen The length of the partial message - * @param bits The number of bits at the end of the message not covered by `msglen` - * @param suffix The suffix concatenate to the message, only '1':s and '0':s, and NUL-termination - * @param hashsum Output parameter for the hashsum, may be `NULL` - * @return Zero on success, -1 on error - */ -int -libkeccak_hmac_digest(struct libkeccak_hmac_state *restrict state, const void *restrict msg_, size_t msglen, - size_t bits, const char *restrict suffix, void *restrict hashsum) -{ - const unsigned char *restrict msg = msg_; - size_t hashsize = (size_t)(state->sponge.n >> 3); - char *tmp = malloc((size_t)((state->sponge.n + 7) >> 3) * sizeof(char)); - unsigned char leftover[2]; - size_t newlen; - - if (!tmp) - return -1; - - if (!(state->key_length & 7)) { - if (libkeccak_digest(&state->sponge, msg, msglen, bits, suffix, tmp) < 0) - goto fail; - goto stage_2; - } - - if (libkeccak_hmac_update(state, msg, msglen) < 0) - goto fail; - leftover[0] = state->leftover; - if (bits) { - leftover[0] |= (unsigned char)(msg[msglen] >> (state->key_length & 7)); - leftover[1] = (unsigned char)(msg[msglen] << (8 - (state->key_length & 7))); - } - newlen = (state->key_length & 7) + bits; - if (libkeccak_digest(&state->sponge, leftover, newlen >> 3, newlen & 7, suffix, tmp) < 0) - goto fail; - -stage_2: - bits = state->sponge.n & 7; - state->key_ipad = state->key_opad; - if (libkeccak_hmac_update(state, NULL, 0) < 0) - goto fail; - - if (!(state->key_length & 7)) { - if (libkeccak_digest(&state->sponge, tmp, hashsize, bits, suffix, hashsum) < 0) - goto fail; - goto stage_3; - } - - if (libkeccak_hmac_update(state, tmp, hashsize) < 0) - goto fail; - leftover[0] = state->leftover; - if (bits) { - leftover[0] |= (unsigned char)(tmp[hashsize] >> (state->key_length & 7)); - leftover[1] = (unsigned char)(tmp[hashsize] << (8 - (state->key_length & 7))); - } - newlen = (state->key_length & 7) + bits; - if (libkeccak_digest(&state->sponge, leftover, newlen >> 3, newlen & 7, suffix, tmp) < 0) - goto fail; - -stage_3: - my_explicit_bzero(tmp, (size_t)((state->sponge.n + 7) >> 3) * sizeof(char)); - free(tmp); - return 0; -fail: - my_explicit_bzero(tmp, (size_t)((state->sponge.n + 7) >> 3) * sizeof(char)); - free(tmp); - return -1; -} |