On 30/09/18 11:22, Bruno Haible wrote:
> Hi Pádraig,
>
> With this patch, I see a small regression:
>
>> #include <config.h>
>> -
>> -#include "hmac.h"
> There is no verification any more that hmac.h is self-contained.
>
> As mentioned just yesterday, the best practice is to #include the
> specification header right after <config.h>.
Oops. Fixed.
I also reduced some more repetition
within the hmac function itself.
I'll squash in the attached, and push later.
thanks for the review!
Pádraig.
diff --git a/lib/hmac-md5.c b/lib/hmac-md5.c
index 33f2bc9..935fa6e 100644
--- a/lib/hmac-md5.c
+++ b/lib/hmac-md5.c
@@ -15,6 +15,9 @@
along with this program; if not, see <https://www.gnu.org/licenses/>. */
#include <config.h>
+
+#include "hmac.h"
+
#include "md5.h"
#define GL_HMAC_NAME 5
diff --git a/lib/hmac-sha1.c b/lib/hmac-sha1.c
index 8cab525..6f28bdc 100644
--- a/lib/hmac-sha1.c
+++ b/lib/hmac-sha1.c
@@ -15,6 +15,9 @@
along with this program; if not, see <https://www.gnu.org/licenses/>. */
#include <config.h>
+
+#include "hmac.h"
+
#include "sha1.h"
#define GL_HMAC_NAME 1
diff --git a/lib/hmac-sha256.c b/lib/hmac-sha256.c
index f26a79f..16e4501 100644
--- a/lib/hmac-sha256.c
+++ b/lib/hmac-sha256.c
@@ -15,6 +15,9 @@
along with this program; if not, see <https://www.gnu.org/licenses/>. */
#include <config.h>
+
+#include "hmac.h"
+
#include "sha256.h"
#define GL_HMAC_NAME 256
diff --git a/lib/hmac-sha512.c b/lib/hmac-sha512.c
index 91e5f98..6d919d0 100644
--- a/lib/hmac-sha512.c
+++ b/lib/hmac-sha512.c
@@ -15,6 +15,9 @@
along with this program; if not, see <https://www.gnu.org/licenses/>. */
#include <config.h>
+
+#include "hmac.h"
+
#include "sha512.h"
#define GL_HMAC_NAME 512
diff --git a/lib/hmac.c b/lib/hmac.c
index fb9207f..00dd08f 100644
--- a/lib/hmac.c
+++ b/lib/hmac.c
@@ -16,7 +16,6 @@
#include <string.h>
-#include "hmac.h"
#include "memxor.h"
#define IPAD 0x36
@@ -39,19 +38,34 @@
#define GL_HMAC_FN_PROC _GLHMAC_CONCAT (HMAC_ALG, _process_bytes)
#define GL_HMAC_FN_FINI _GLHMAC_CONCAT (HMAC_ALG, _finish_ctx)
+static void
+hmac_hash (const void *key, size_t keylen,
+ const void *in, size_t inlen,
+ int pad, void *resbuf)
+{
+ struct GL_HMAC_CTX hmac_ctx;
+ char block[GL_HMAC_BLOCKSIZE];
+
+ memset (block, pad, sizeof block);
+ /* zero padding of the key to the block size
+ is implicit in the memxor. */
+ memxor (block, key, keylen);
+
+ GL_HMAC_FN_INIT (&hmac_ctx);
+ GL_HMAC_FN_BLOC (block, sizeof block, &hmac_ctx);
+ GL_HMAC_FN_PROC (in, inlen, &hmac_ctx);
+ GL_HMAC_FN_FINI (&hmac_ctx, resbuf);
+}
+
int
GL_HMAC_FN (const void *key, size_t keylen,
- const void *in, size_t inlen, void *resbuf)
+ const void *in, size_t inlen, void *resbuf)
{
- struct GL_HMAC_CTX inner;
- struct GL_HMAC_CTX outer;
char optkeybuf[GL_HMAC_HASHSIZE];
- char block[GL_HMAC_BLOCKSIZE];
char innerhash[GL_HMAC_HASHSIZE];
/* Ensure key size is <= block size. */
-
- if (keylen > sizeof block)
+ if (keylen > GL_HMAC_BLOCKSIZE)
{
struct GL_HMAC_CTX keyhash;
@@ -60,31 +74,14 @@ GL_HMAC_FN (const void *key, size_t keylen,
GL_HMAC_FN_FINI (&keyhash, optkeybuf);
key = optkeybuf;
-
- /* zero padding of the key to the block size
- is implicit in the memxor below. */
keylen = sizeof optkeybuf;
}
/* Compute INNERHASH from KEY and IN. */
-
- memset (block, IPAD, sizeof block);
- memxor (block, key, keylen);
-
- GL_HMAC_FN_INIT (&inner);
- GL_HMAC_FN_BLOC (block, sizeof block, &inner);
- GL_HMAC_FN_PROC (in, inlen, &inner);
- GL_HMAC_FN_FINI (&inner, innerhash);
+ hmac_hash (key, keylen, in, inlen, IPAD, innerhash);
/* Compute result from KEY and INNERHASH. */
-
- memset (block, OPAD, sizeof block);
- memxor (block, key, keylen);
-
- GL_HMAC_FN_INIT (&outer);
- GL_HMAC_FN_BLOC (block, sizeof block, &outer);
- GL_HMAC_FN_PROC (innerhash, sizeof innerhash, &outer);
- GL_HMAC_FN_FINI (&outer, resbuf);
+ hmac_hash (key, keylen, innerhash, sizeof innerhash, OPAD, resbuf);
return 0;
}
diff --git a/tests/test-hmac-md5.c b/tests/test-hmac-md5.c
index 3110a84..199444b 100644
--- a/tests/test-hmac-md5.c
+++ b/tests/test-hmac-md5.c
@@ -17,11 +17,13 @@
/* Written by Simon Josefsson. */
#include <config.h>
+
+#include "hmac.h"
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include "hmac.h"
/* Test vectors from RFC 2104. */
diff --git a/tests/test-hmac-sha1.c b/tests/test-hmac-sha1.c
index 98a3b34..9d91876 100644
--- a/tests/test-hmac-sha1.c
+++ b/tests/test-hmac-sha1.c
@@ -17,12 +17,13 @@
/* Written by Simon Josefsson. */
#include <config.h>
+
+#include "hmac.h"
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include "hmac.h"
-
static void
hmac_check (const void *key, size_t key_len,
const void *data, size_t data_len, const char *digest)
diff --git a/tests/test-hmac-sha256.c b/tests/test-hmac-sha256.c
index 077ec6e..551e849 100644
--- a/tests/test-hmac-sha256.c
+++ b/tests/test-hmac-sha256.c
@@ -17,12 +17,13 @@
/* Written by Simon Josefsson. Test vectors from RFC 4231. */
#include <config.h>
+
+#include "hmac.h"
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include "hmac.h"
-
static void
hmac_check (const void *key, size_t key_len,
const void *data, size_t data_len, const char *digest)
diff --git a/tests/test-hmac-sha512.c b/tests/test-hmac-sha512.c
index ab6e101..1ffe992 100644
--- a/tests/test-hmac-sha512.c
+++ b/tests/test-hmac-sha512.c
@@ -17,12 +17,13 @@
/* Written by Simon Josefsson. Test vectors from RFC 4231. */
#include <config.h>
+
+#include "hmac.h"
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include "hmac.h"
-
static void
hmac_check (const void *key, size_t key_len,
const void *data, size_t data_len, const char *digest)
