Rev 7698 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 7698 | Rev 9216 | ||
|---|---|---|---|
| Line 18... | Line 18... | ||
| 18 | 18 | ||
| 19 | ; Main concept: |
19 | ; Main concept: |
| 20 | ; To compute HMAC over the data `text' we perform |
20 | ; To compute HMAC over the data `text' we perform |
| Line -... | Line 21... | ||
| - | 21 | ; H(K XOR opad, H(K XOR ipad, text)) |
|
| - | 22 | ||
| 21 | ; H(K XOR opad, H(K XOR ipad, text)) |
23 | SHA2_256_BLOCK_SIZE = 64 |
| 22 | 24 | ||
| 23 | struct hmac_sha256_context |
25 | struct hmac_sha256_context |
| 24 | hash rb SHA256_HASH_SIZE |
26 | hash rb SHA2_256_LEN |
| 25 | ipad_ctx crash_ctx |
27 | ipad_ctx rb LIBCRASH_CTX_LEN |
| Line 26... | Line 28... | ||
| 26 | opad_ctx crash_ctx |
28 | opad_ctx rb LIBCRASH_CTX_LEN |
| 27 | ends |
29 | ends |
| Line 28... | Line 30... | ||
| 28 | 30 | ||
| Line 29... | Line 31... | ||
| 29 | ; We will precompute partial hashes of K XOR ipad and K XOR opad, |
31 | ; We will precompute partial hashes of K XOR ipad and K XOR opad, |
| 30 | ; and store them in the context structure. |
32 | ; and store them in the context structure. |
| 31 | 33 | ||
| Line 32... | Line 34... | ||
| 32 | proc hmac_sha256_setkey ctx, key, key_length |
34 | proc hmac_sha256_setkey ctx, key, key_length |
| Line 33... | Line 35... | ||
| 33 | 35 | ||
| 34 | locals |
36 | locals |
| 35 | k_temp rb SHA256_BLOCK_SIZE |
37 | k_temp rb SHA2_256_BLOCK_SIZE |
| 36 | endl |
38 | endl |
| 37 | 39 | ||
| 38 | pusha |
40 | pusha |
| 39 | 41 | ||
| 40 | ; input esi = key, ecx=key_length |
42 | ; input esi = key, ecx=key_length |
| 41 | mov ecx, [key_length] |
43 | mov ecx, [key_length] |
| 42 | cmp ecx, SHA256_BLOCK_SIZE |
44 | cmp ecx, SHA2_256_BLOCK_SIZE |
| 43 | ja .hash_it |
45 | ja .hash_it |
| 44 | ; Key is smaller then or equal to blocksize, |
46 | ; Key is smaller then or equal to blocksize, |
| 45 | ; copy key to ipad |
47 | ; copy key to ipad |
| 46 | mov esi, [key] |
48 | mov esi, [key] |
| 47 | lea edi, [k_temp] |
49 | lea edi, [k_temp] |
| 48 | rep movsb |
50 | rep movsb |
| Line 49... | Line 51... | ||
| 49 | mov ecx, SHA256_BLOCK_SIZE |
51 | mov ecx, SHA2_256_BLOCK_SIZE |
| 50 | sub ecx, [key_length] |
52 | sub ecx, [key_length] |
| 51 | jz .finish |
53 | jz .finish |
| 52 | ; append zeros to the key |
54 | ; append zeros to the key |
| 53 | xor al, al |
55 | xor al, al |
| 54 | rep stosb |
56 | rep stosb |
| 55 | jmp .finish |
57 | jmp .finish |
| 56 | 58 | ||
| 57 | ; Given key is larger then key size, hash it |
59 | ; Given key is larger then key size, hash it |
| 58 | .hash_it: |
60 | .hash_it: |
| 59 | invoke sha256_init, [ctx] |
61 | invoke sha2_256_init, [ctx] |
| 60 | invoke sha256_update, [ctx], [key], [key_length] |
62 | invoke sha2_256_update, [ctx], [key], [key_length] |
| Line 61... | Line 63... | ||
| 61 | invoke sha256_final, [ctx] |
63 | invoke sha2_256_finish, [ctx] |
| 62 | mov esi, [ctx] |
64 | mov esi, [ctx] |
| 63 | lea edi, [k_temp] |
65 | lea edi, [k_temp] |
| 64 | mov ecx, SHA256_HASH_SIZE/4 |
66 | mov ecx, SHA2_256_LEN/4 |
| 65 | rep movsd |
67 | rep movsd |
| 66 | xor eax, eax |
68 | xor eax, eax |
| 67 | mov ecx, (SHA256_BLOCK_SIZE-SHA256_HASH_SIZE)/4 |
69 | mov ecx, (SHA2_256_BLOCK_SIZE-SHA2_256_LEN)/4 |
| 68 | rep stosd |
70 | rep stosd |
| 69 | 71 | ||
| Line 70... | Line 72... | ||
| 70 | .finish: |
72 | .finish: |
| 71 | ; xor ipad buffer with 0x36363... |
73 | ; xor ipad buffer with 0x36363... |
| 72 | lea esi, [k_temp] |
74 | lea esi, [k_temp] |
| 73 | mov ecx, SHA256_BLOCK_SIZE/4 |
75 | mov ecx, SHA2_256_BLOCK_SIZE/4 |
| Line 74... | Line 76... | ||
| 74 | @@: |
76 | @@: |
| 75 | xor dword[esi], 0x36363636 ; ipad constant |
77 | xor dword[esi], 0x36363636 ; ipad constant |
| 76 | add esi, 4 |
78 | add esi, 4 |
| Line 77... | Line 79... | ||
| 77 | dec ecx |
79 | dec ecx |
| 78 | jnz @r |
80 | jnz @r |
| 79 | 81 | ||
| Line 80... | Line 82... | ||
| 80 | ; Init our hash with k_xor_ipad |
82 | ; Init our hash with k_xor_ipad |
| 81 | mov ebx, [ctx] |
83 | mov ebx, [ctx] |
| 82 | lea edi, [ebx+hmac_sha256_context.ipad_ctx] |
84 | lea edi, [ebx+hmac_sha256_context.ipad_ctx] |
| 83 | invoke sha256_init, edi |
85 | invoke sha2_256_init, edi |
| 84 | 86 | ||
| 85 | lea esi, [k_temp] |
87 | lea esi, [k_temp] |
| 86 | DEBUGF 1, "HASH: " |
88 | DEBUGF 1, "HASH: " |
| 87 | stdcall dump_hex, esi, SHA256_BLOCK_SIZE/4 |
89 | stdcall dump_hex, esi, SHA2_256_BLOCK_SIZE/4 |
| Line 88... | Line 90... | ||
| 88 | 90 | ||
| 89 | mov ebx, [ctx] |
91 | mov ebx, [ctx] |
| 90 | lea edi, [ebx+hmac_sha256_context.ipad_ctx] |
92 | lea edi, [ebx+hmac_sha256_context.ipad_ctx] |
| 91 | invoke sha256_update, edi, esi, SHA256_BLOCK_SIZE |
93 | invoke sha2_256_update, edi, esi, SHA2_256_BLOCK_SIZE |
| Line 92... | Line 94... | ||
| 92 | 94 | ||
| 93 | ; xor opad buffer with 0x5c5c5... |
95 | ; xor opad buffer with 0x5c5c5... |
| 94 | lea esi, [k_temp] |
96 | lea esi, [k_temp] |
| Line 95... | Line 97... | ||
| 95 | mov ecx, SHA256_BLOCK_SIZE/4 |
97 | mov ecx, SHA2_256_BLOCK_SIZE/4 |
| 96 | @@: |
98 | @@: |
| 97 | xor dword[esi], 0x36363636 xor 0x5c5c5c5c ; opad constant |
99 | xor dword[esi], 0x36363636 xor 0x5c5c5c5c ; opad constant |
| Line 98... | Line 100... | ||
| 98 | add esi, 4 |
100 | add esi, 4 |
| 99 | dec ecx |
101 | dec ecx |
| Line 100... | Line 102... | ||
| 100 | jnz @r |
102 | jnz @r |
| Line 122... | Line 124... | ||
| 122 | ; TODO: remove unnescessary pushing/popping |
124 | ; TODO: remove unnescessary pushing/popping |
| Line 123... | Line 125... | ||
| 123 | 125 | ||
| Line 124... | Line 126... | ||
| 124 | proc hmac_sha256 ctx, _data, _length |
126 | proc hmac_sha256 ctx, _data, _length |
| 125 | 127 | ||
| 126 | locals |
128 | locals |
| 127 | inner_ctx crash_ctx |
129 | inner_ctx rb LIBCRASH_CTX_LEN |
| Line 128... | Line 130... | ||
| 128 | outer_ctx crash_ctx |
130 | outer_ctx rb LIBCRASH_CTX_LEN |
| 129 | endl |
131 | endl |
| 130 | 132 | ||
| Line 136... | Line 138... | ||
| 136 | 138 | ||
| 137 | ; Copy partial hashes of ipad and opad to our temporary buffers |
139 | ; Copy partial hashes of ipad and opad to our temporary buffers |
| 138 | mov esi, [ctx] |
140 | mov esi, [ctx] |
| 139 | lea esi, [esi+hmac_sha256_context.ipad_ctx] |
141 | lea esi, [esi+hmac_sha256_context.ipad_ctx] |
| 140 | lea edi, [inner_ctx] |
142 | lea edi, [inner_ctx] |
| 141 | repeat (sizeof.crash_ctx)/4*2 |
143 | repeat (LIBCRASH_CTX_LEN)/4*2 |
| 142 | movsd |
144 | movsd |
| Line 143... | Line 145... | ||
| 143 | end repeat |
145 | end repeat |
| 144 | 146 | ||
| 145 | ; Append provided data to inner hash and finalize |
147 | ; Append provided data to inner hash and finalize |
| 146 | lea ebx, [inner_ctx] |
148 | lea ebx, [inner_ctx] |
| 147 | invoke sha256_update, ebx, [_data], [_length] |
149 | invoke sha2_256_update, ebx, [_data], [_length] |
| Line 148... | Line 150... | ||
| 148 | lea ebx, [inner_ctx] |
150 | lea ebx, [inner_ctx] |
| 149 | invoke sha256_final, ebx |
151 | invoke sha2_256_finish, ebx |
| 150 | 152 | ||
| Line 151... | Line 153... | ||
| 151 | DEBUGF 1, "Inner Hash: " |
153 | DEBUGF 1, "Inner Hash: " |
| 152 | lea esi, [inner_ctx.hash] |
154 | lea esi, [inner_ctx] |
| 153 | stdcall dump_hex, esi, SHA256_HASH_SIZE/4 |
155 | stdcall dump_hex, esi, SHA2_256_LEN/4 |
| 154 | 156 | ||
| 155 | ; Calculate outer hash |
157 | ; Calculate outer hash |
| 156 | lea ebx, [outer_ctx] |
158 | lea ebx, [outer_ctx] |
| 157 | lea esi, [inner_ctx.hash] |
159 | lea esi, [inner_ctx] |
| 158 | invoke sha256_update, ebx, esi, SHA256_HASH_SIZE |
160 | invoke sha2_256_update, ebx, esi, SHA2_256_LEN |
| 159 | lea ebx, [outer_ctx] |
161 | lea ebx, [outer_ctx] |
| 160 | invoke sha256_final, ebx |
162 | invoke sha2_256_finish, ebx |
| 161 | ; Copy output hash to ctx structure ; FIXME |
163 | ; Copy output hash to ctx structure ; FIXME |
| 162 | lea esi, [outer_ctx.hash] |
164 | lea esi, [outer_ctx] |
| Line 163... | Line 165... | ||
| 163 | mov edi, [ctx] |
165 | mov edi, [ctx] |
| 164 | repeat SHA256_HASH_SIZE/4 |
166 | repeat SHA2_256_LEN/4 |