* Initial crack at TLS 1.2 client side only (server side is seriously broken).

git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@263 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
2025-07-30 16:24:09 +03:00 · 2016-07-27 11:05:09 +00:00
parent abda243710
commit d476a79411
7 changed files with 262 additions and 119 deletions
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007, Cameron Rich
+ * Copyright (c) 2007-2016, Cameron Rich
 * 
 * All rights reserved.
 * 
@ -103,3 +103,37 @@ void hmac_sha1(const uint8_t *msg, int length, const uint8_t *key,
    SHA1_Update(&context, digest, SHA1_SIZE);
    SHA1_Final(digest, &context);
 }
+
+/**
+ * Perform HMAC-SHA256
+ * NOTE: does not handle keys larger than the block size.
+ */
+void hmac_sha256(const uint8_t *msg, int length, const uint8_t *key, 
+        int key_len, uint8_t *digest)
+{
+    SHA256_CTX context;
+    uint8_t k_ipad[64];
+    uint8_t k_opad[64];
+    int i;
+
+    memset(k_ipad, 0, sizeof k_ipad);
+    memset(k_opad, 0, sizeof k_opad);
+    memcpy(k_ipad, key, key_len);
+    memcpy(k_opad, key, key_len);
+
+    for (i = 0; i < 64; i++) 
+    {
+        k_ipad[i] ^= 0x36;
+        k_opad[i] ^= 0x5c;
+    }
+
+    SHA256_Init(&context);
+    SHA256_Update(&context, k_ipad, 64);
+    SHA256_Update(&context, msg, length);
+    SHA256_Final(digest, &context);
+    SHA256_Init(&context);
+    SHA256_Update(&context, k_opad, 64);
+    SHA256_Update(&context, digest, SHA256_SIZE);
+    SHA256_Final(digest, &context);
+}
+