fixup hmacs
This commit is contained in:
parent
cd309ceb7d
commit
9a0b8caeb5
|
@ -3,28 +3,43 @@
|
||||||
|
|
||||||
import nimSHA2
|
import nimSHA2
|
||||||
|
|
||||||
proc hmacSha256*(key: openarray[byte]; msg: seq[byte]|string): seq[byte] =
|
proc fillPad(pad: var openarray[byte]; key: openarray[byte]; fillByte: byte) =
|
||||||
|
for i in 0..key.high: pad[i] = fillByte xor key[i].uint8
|
||||||
|
for i in key.len..pad.high: pad[i] = fillByte
|
||||||
|
|
||||||
|
proc hmacSha256*(key: openarray[byte]; msg: seq[byte]|string; outLength = 32): seq[byte] =
|
||||||
const blockSize = 64
|
const blockSize = 64
|
||||||
assert(key.len <= blockSize)
|
assert(outLength <= 32)
|
||||||
var
|
var
|
||||||
inner, outer: SHA256
|
hash: SHA256
|
||||||
pad: array[blockSize, byte]
|
pad: array[blockSize, byte]
|
||||||
block:
|
block:
|
||||||
const xorByte = 0x36'u8
|
const xorByte = 0x36'u8
|
||||||
for i in 0..key.high: pad[i] = xorByte xor key[i]
|
if key.len < blockSize:
|
||||||
for i in key.len..pad.high: pad[i] = xorByte
|
fillPad(pad, key, xorByte)
|
||||||
initSHA(inner)
|
else:
|
||||||
update(inner, pad)
|
initSHA(hash)
|
||||||
update(inner, msg)
|
update(hash, key)
|
||||||
|
var keyDigest = final(hash)
|
||||||
|
fillPad(pad, keyDigest, xorByte)
|
||||||
|
initSHA(hash)
|
||||||
|
update(hash, pad)
|
||||||
|
update(hash, msg)
|
||||||
|
var digest = final(hash)
|
||||||
block:
|
block:
|
||||||
const xorByte = 0x5c'u8
|
const xorByte = 0x5c'u8
|
||||||
for i in 0..key.high: pad[i] = xorByte xor key[i]
|
if key.len < blockSize:
|
||||||
for i in key.len..pad.high: pad[i] = xorByte
|
fillPad(pad, key, xorByte)
|
||||||
initSHA(outer)
|
else:
|
||||||
update(outer, pad)
|
initSHA(hash)
|
||||||
update(outer, final(inner))
|
update(hash, key)
|
||||||
var digest = final(outer)
|
var keyDigest = final(hash)
|
||||||
result.setLen(digest.len)
|
fillPad(pad, keyDigest, xorByte)
|
||||||
|
initSHA(hash)
|
||||||
|
update(hash, pad)
|
||||||
|
update(hash, digest)
|
||||||
|
digest = final(hash)
|
||||||
|
result.setLen(outLength)
|
||||||
copyMem(result[0].addr, digest[0].addr, result.len)
|
copyMem(result[0].addr, digest[0].addr, result.len)
|
||||||
|
|
||||||
when isMainModule:
|
when isMainModule:
|
||||||
|
@ -34,7 +49,54 @@ when isMainModule:
|
||||||
var key: array[20,byte]
|
var key: array[20,byte]
|
||||||
for b in key.mitems: b = 0x0b'u8
|
for b in key.mitems: b = 0x0b'u8
|
||||||
var data = "Hi There"
|
var data = "Hi There"
|
||||||
check(data.toHex == "4869205468657265")
|
let a = cast[string](hmacSha256(key, data)).toHex.toLowerAscii
|
||||||
let hmac = cast[string](hmacSha256(key, data)).toHex.toLowerAscii
|
let b = "b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
|
||||||
let control = "b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
|
check(a == b)
|
||||||
check(hmac == control)
|
test "2":
|
||||||
|
var key = "Jefe"
|
||||||
|
var data = "what do ya want for nothing?"
|
||||||
|
let a = cast[string](hmacSha256(cast[seq[byte]](key), data)).toHex.toLowerAscii
|
||||||
|
let b = "5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843"
|
||||||
|
check(a == b)
|
||||||
|
test "3":
|
||||||
|
var
|
||||||
|
key: array[20,byte]
|
||||||
|
data = newSeq[byte](50)
|
||||||
|
for b in key.mitems: b = 0xaa'u8
|
||||||
|
for b in data.mitems: b = 0xdd'u8
|
||||||
|
let a = cast[string](hmacSha256(key, data)).toHex.toLowerAscii
|
||||||
|
let b = "773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe"
|
||||||
|
check(a == b)
|
||||||
|
test "4":
|
||||||
|
var
|
||||||
|
key: array[25,byte]
|
||||||
|
data = newSeq[byte](50)
|
||||||
|
for i in key.low..key.high: key[i] = i.uint8.succ
|
||||||
|
for b in data.mitems: b = 0xcd'u8
|
||||||
|
let a = cast[string](hmacSha256(key, data)).toHex.toLowerAscii
|
||||||
|
let b = "82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b"
|
||||||
|
check(a == b)
|
||||||
|
test "5":
|
||||||
|
var
|
||||||
|
key: array[20,byte]
|
||||||
|
data = "Test With Truncation"
|
||||||
|
for b in key.mitems: b = 0x0c'u8
|
||||||
|
let a = cast[string](hmacSha256(key, data, 16)).toHex.toLowerAscii
|
||||||
|
let b = "a3b6167473100ee06e0c796c2955552b"
|
||||||
|
check(a == b)
|
||||||
|
test "6":
|
||||||
|
var
|
||||||
|
key: array[131,byte]
|
||||||
|
data = "Test Using Larger Than Block-Size Key - Hash Key First"
|
||||||
|
for b in key.mitems: b = 0xaa'u8
|
||||||
|
let a = cast[string](hmacSha256(key, data)).toHex.toLowerAscii
|
||||||
|
let b = "60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54"
|
||||||
|
check(a == b)
|
||||||
|
test "7":
|
||||||
|
var
|
||||||
|
key: array[131,byte]
|
||||||
|
data = "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm."
|
||||||
|
for b in key.mitems: b = 0xaa'u8
|
||||||
|
let a = cast[string](hmacSha256(key, data)).toHex.toLowerAscii
|
||||||
|
let b = "9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2"
|
||||||
|
check(a == b)
|
||||||
|
|
Loading…
Reference in New Issue