/*
-Copyright (c) 2004-2007, John Hurst
+Copyright (c) 2004-2009, John Hurst
All rights reserved.
Redistribution and use in source and binary forms, with or without
class ASDCP::AESEncContext::h__AESContext : public AES_KEY
{
public:
+ Kumu::SymmetricKey m_KeyBuf;
byte_t m_IVec[CBC_BLOCK_SIZE];
};
return RESULT_INIT;
m_Context = new h__AESContext;
+ m_Context->m_KeyBuf.Set(key);
- if ( AES_set_encrypt_key(key, KEY_SIZE_BITS, m_Context) )
+ if ( AES_set_encrypt_key(m_Context->m_KeyBuf.Value(), KEY_SIZE_BITS, m_Context) )
{
print_ssl_error();
return RESULT_CRYPT_INIT;
class ASDCP::AESDecContext::h__AESContext : public AES_KEY
{
public:
+ Kumu::SymmetricKey m_KeyBuf;
byte_t m_IVec[CBC_BLOCK_SIZE];
};
return RESULT_INIT;
m_Context = new h__AESContext;
+ m_Context->m_KeyBuf.Set(key);
- if ( AES_set_decrypt_key(key, KEY_SIZE_BITS, m_Context) )
+ if ( AES_set_decrypt_key(m_Context->m_KeyBuf.Value(), KEY_SIZE_BITS, m_Context) )
{
print_ssl_error();
return RESULT_CRYPT_INIT;
//------------------------------------------------------------------------------------------
+static const ui32_t B_len = 64; // rfc 2104, Sec. 2
-static byte_t ipad[KeyLen] = { 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36 };
-
-static byte_t opad[KeyLen] = { 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c };
+static byte_t const ipad_const = 0x36;
+static byte_t const opad_const = 0x5c;
class HMACContext::h__HMACContext
{
SHA_CTX m_SHA;
- byte_t m_key[KeyLen];
+ byte_t m_key[KeyLen];
ASDCP_NO_COPY_CONSTRUCT(h__HMACContext);
public:
- byte_t sha_value[HMAC_SIZE];
- bool m_Final;
+ byte_t m_SHAValue[HMAC_SIZE];
+ bool m_Final;
h__HMACContext() : m_Final(false) {}
~h__HMACContext() {}
{
byte_t rng_buf[SHA_DIGEST_LENGTH*2];
Kumu::Gen_FIPS_186_Value(key, KeyLen, rng_buf, SHA_DIGEST_LENGTH*2);
+
+ // rng_buf contains two rounds, x0 and x1 (each 160 bits).
+ // Use x1 per SMPTE 430-6-2006 Sec. 7.10
memcpy(m_key, rng_buf+SHA_DIGEST_LENGTH, KeyLen);
Reset();
}
SHA1_Update(&SHA, key_nonce, KeyLen);
SHA1_Final(sha_buf, &SHA);
memcpy(m_key, sha_buf, KeyLen);
-
Reset();
}
+ //
void
Reset()
{
- byte_t xor_buf[KeyLen];
- memset(sha_value, 0, HMAC_SIZE);
+ byte_t xor_buf[B_len];
+ memset(xor_buf, 0, B_len);
+ memcpy(xor_buf, m_key, KeyLen);
+
+ memset(m_SHAValue, 0, HMAC_SIZE);
m_Final = false;
SHA1_Init(&m_SHA);
// H(K XOR opad, H(K XOR ipad, text))
// ^^^^^^^^^^
- for ( ui32_t i = 0; i < KeyLen; i++ )
- xor_buf[i] = m_key[i] ^ ipad[i];
+ for ( ui32_t i = 0; i < B_len; i++ )
+ xor_buf[i] ^= ipad_const;
- SHA1_Update(&m_SHA, xor_buf, KeyLen);
+ SHA1_Update(&m_SHA, xor_buf, B_len);
}
//
void
Finalize()
{
- // H(K XOR opad, H(K XOR ipad, text))
- // ^^^^^^^^^^^^^^^
- SHA1_Final(sha_value, &m_SHA);
-
SHA_CTX SHA;
SHA1_Init(&SHA);
- byte_t xor_buf[KeyLen];
+ byte_t xor_buf[B_len];
+ memset(xor_buf, 0, B_len);
+ memcpy(xor_buf, m_key, KeyLen);
- for ( ui32_t i = 0; i < KeyLen; i++ )
- xor_buf[i] = m_key[i] ^ opad[i];
-
- SHA1_Update(&SHA, xor_buf, KeyLen);
- SHA1_Update(&SHA, sha_value, HMAC_SIZE);
+ SHA1_Init(&SHA);
+
+ // H(K XOR opad, H(K XOR ipad, text))
+ // ^^^^^^^^^^
+ for ( ui32_t i = 0; i < B_len; i++ )
+ xor_buf[i] ^= opad_const;
+
+ SHA1_Update(&SHA, xor_buf, B_len);
- SHA1_Final(sha_value, &SHA);
+ // H(K XOR opad, H(K XOR ipad, text))
+ // ^
+ SHA1_Final(m_SHAValue, &m_SHA);
+ SHA1_Update(&SHA, m_SHAValue, HMAC_SIZE);
+
+ // H(K XOR opad, H(K XOR ipad, text))
+ // ^
+ SHA1_Final(m_SHAValue, &SHA);
m_Final = true;
}
};
if ( m_Context.empty() || ! m_Context->m_Final )
return RESULT_INIT;
- memcpy(buf, m_Context->sha_value, HMAC_SIZE);
+ memcpy(buf, m_Context->m_SHAValue, HMAC_SIZE);
return RESULT_OK;
}
if ( m_Context.empty() || ! m_Context->m_Final )
return RESULT_INIT;
- return ( memcmp(buf, m_Context->sha_value, HMAC_SIZE) == 0 ) ? RESULT_OK : RESULT_HMACFAIL;
+ return ( memcmp(buf, m_Context->m_SHAValue, HMAC_SIZE) == 0 ) ? RESULT_OK : RESULT_HMACFAIL;
}