Cryptography Reference
In-Depth Information
code to its proper initialization value. You could ask the caller of this function
to pass the correct initialization value in as a parameter, but you can “cheat”
instead to save an input parameter. Because you know that the caller of
hmac
had to initialize
hash_out
, copy that value into
hash1
to properly initialize it.
Completing the HMAC Operation
Now you have the fi rst hash code computed in
hash1
, according to the secure
hashing algorithm that was passed in. To complete the HMAC operation, you
need to prepend that with another block of 0x5Cs, XORed with the shared
secret, and hash it:
opad = ( unsigned char * ) malloc( hash_block_length );
memset( opad, 0x5C, hash_block_length );
free( padded_block );
padded_block = ( unsigned char * ) malloc( hash_code_length
( hash_block_length * sizeof( int ) ) );
memset( padded_block, '\0', hash_block_length );
memcpy( padded_block, key, key_length );
for ( i = 0; i < hash_block_length; i
)
{
padded_block[ i ] ^= opad[ i ];
}
Notice that this frees and reallocates
padded_block
. You may wonder why
you'd want to reallocate here because you already allocated this temporary space
to compute the fi rst hash value. However, consider the case where
text_length
is less than
hash_code_length
, which sometimes it is. In this case, you'd have
too little space for the prepended hash code. You could make this a bit more
effi cient by allocating
max( hash_code_length, text_length )
at the top of
the function, but this implementation is good enough.
Finally, compute the hash into
hash_out
, which is the return value of the
function
memcpy( padded_block
hash_block_length, hash1,
hash_code_length * sizeof( int ) );
digest_hash( padded_block,
hash_block_length
( hash_code_length * sizeof( int ) ), hash_out,
hash_code_length, hash_block_operate, hash_block_finalize );
Creating Updateable Hash Functions
Notice that, in order to compute an HMAC, you had to build an internal buffer
consisting of a padded, XORed key followed by the text to be hashed. However,
the hash functions presented here don't ever need to go back in the data stream.
Search WWH ::
Custom Search