From: Christian Grothoff <christian@grothoff.org>
Date: Fri, 18 Jun 2010 15:29:45 +0000 (+0000)
Subject: hmac
X-Git-Tag: initial-import-from-subversion-38251~21335
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=475452849162e7c123141d9710b2cf3480e8f868;p=oweals%2Fgnunet.git

hmac
---

diff --git a/src/core/gnunet-service-core.c b/src/core/gnunet-service-core.c
index 7fcb03094..ce7e33a45 100644
--- a/src/core/gnunet-service-core.c
+++ b/src/core/gnunet-service-core.c
@@ -189,7 +189,7 @@ struct EncryptedMessage
    * verify message integrity.  Everything after this hash (including
    * this hash itself) will be encrypted.  
    */
-  GNUNET_HashCode plaintext_hash;
+  GNUNET_HashCode hmac;
 
   /**
    * Sequence number, in network byte order.  This field
@@ -2024,15 +2024,16 @@ process_plaintext_neighbour_queue (struct Neighbour *n)
   em->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE);
   em->iv_seed = ph->iv_seed;
   esize = used - ENCRYPTED_HEADER_SIZE;
-  GNUNET_CRYPTO_hash (&ph->sequence_number,
+  GNUNET_CRYPTO_hmac (&n->encrypt_key,
+		      &ph->sequence_number,
 		      esize - sizeof (GNUNET_HashCode), 
-		      &ph->plaintext_hash);
+		      &ph->hmac);
   GNUNET_CRYPTO_hash (&ph->iv_seed, sizeof (uint32_t), &iv);
 #if DEBUG_HANDSHAKE
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
               "Hashed %u bytes of plaintext (`%s') using IV `%d'\n",
 	      (unsigned int) (esize - sizeof (GNUNET_HashCode)),
-	      GNUNET_h2s (&ph->plaintext_hash),
+	      GNUNET_h2s (&ph->hmac),
 	      (int) ph->iv_seed);
 #endif
   /* encrypt */
@@ -2046,8 +2047,8 @@ process_plaintext_neighbour_queue (struct Neighbour *n)
   GNUNET_assert (GNUNET_OK ==
                  do_encrypt (n,
                              &iv,
-                             &ph->plaintext_hash,
-                             &em->plaintext_hash, esize));
+                             &ph->hmac,
+                             &em->hmac, esize));
   /* append to transmission list */
   GNUNET_CONTAINER_DLL_insert_after (n->encrypted_head,
 				     n->encrypted_tail,
@@ -3313,13 +3314,14 @@ handle_encrypted_message (struct Neighbour *n,
   if (GNUNET_OK !=
       do_decrypt (n,
                   &iv,
-                  &m->plaintext_hash,
+                  &m->hmac,
                   &buf[ENCRYPTED_HEADER_SIZE], 
 		  size - ENCRYPTED_HEADER_SIZE))
     return;
   pt = (struct EncryptedMessage *) buf;
   /* validate hash */
-  GNUNET_CRYPTO_hash (&pt->sequence_number,
+  GNUNET_CRYPTO_hmac (&n->decrypt_key,
+		      &pt->sequence_number,
                       size - ENCRYPTED_HEADER_SIZE - sizeof (GNUNET_HashCode), &ph);
 #if DEBUG_HANDSHAKE 
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -3329,7 +3331,7 @@ handle_encrypted_message (struct Neighbour *n,
 	      (int) m->iv_seed);
 #endif
   if (0 != memcmp (&ph, 
-		   &pt->plaintext_hash, 
+		   &pt->hmac, 
 		   sizeof (GNUNET_HashCode)))
     {
       /* checksum failed */
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index e1eb0f28d..5e28127e5 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -353,6 +353,21 @@ void GNUNET_CRYPTO_hash (const void *block,
                          GNUNET_HashCode * ret);
 
 
+/**
+ * Calculate HMAC of a message (RFC 2104)
+ *
+ * @param key secret key
+ * @param plaintext input plaintext
+ * @param plaintext_len length of plaintext
+ * @param hmac where to store the hmac
+ */
+void 
+GNUNET_CRYPTO_hmac (const struct GNUNET_CRYPTO_AesSessionKey *key,
+		    const void *plaintext,
+		    size_t plaintext_len,
+		    GNUNET_HashCode *hmac);
+
+
 /**
  * Function called once the hash computation over the
  * specified file has completed.
diff --git a/src/util/crypto_hash.c b/src/util/crypto_hash.c
index 74ea72de4..09366a949 100644
--- a/src/util/crypto_hash.c
+++ b/src/util/crypto_hash.c
@@ -806,4 +806,43 @@ GNUNET_CRYPTO_hash_xorcmp (const GNUNET_HashCode * h1,
   return 0;
 }
 
+
+/**
+ * Calculate HMAC of a message (RFC 2104)
+ *
+ * @param key secret key
+ * @param plaintext input plaintext
+ * @param plaintext_len length of plaintext
+ * @param hmac where to store the hmac
+ */
+void 
+GNUNET_CRYPTO_hmac (const struct GNUNET_CRYPTO_AesSessionKey *key,
+		    const void *plaintext,
+		    size_t plaintext_len,
+		    GNUNET_HashCode *hmac)
+{
+  GNUNET_HashCode kh;
+  GNUNET_HashCode ipad;
+  GNUNET_HashCode opad;
+  GNUNET_HashCode him;
+  struct sha512_ctx sctx;
+
+  memset (&kh, 0, sizeof (kh));
+  GNUNET_assert (sizeof (GNUNET_HashCode) > sizeof (struct GNUNET_CRYPTO_AesSessionKey));
+  memcpy (&kh, key, sizeof (struct GNUNET_CRYPTO_AesSessionKey));				
+  memset (&ipad, 0x5c, sizeof (ipad));
+  memset (&opad, 0x36, sizeof (opad));
+  GNUNET_CRYPTO_hash_xor (&ipad, &kh, &ipad);
+  GNUNET_CRYPTO_hash_xor (&opad, &kh, &opad);
+  sha512_init (&sctx);
+  sha512_update (&sctx, (const unsigned char*) &ipad, sizeof (ipad));
+  sha512_update (&sctx, plaintext, plaintext_len);
+  sha512_final (&sctx, (unsigned char*) &him);
+  sha512_init (&sctx);
+  sha512_update (&sctx, (const unsigned char*) &opad, sizeof (opad));
+  sha512_update (&sctx, (const unsigned char*) &him, sizeof (him));
+  sha512_final (&sctx, (unsigned char*) hmac);
+}
+
+
 /* end of crypto_hash.c */