1 ;;; rfc2104.el --- RFC2104 Hashed Message Authentication Codes
3 ;; Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
4 ;; 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
6 ;; Author: Simon Josefsson <jas@pdc.kth.se>
9 ;; This file is part of GNU Emacs.
11 ;; GNU Emacs is free software: you can redistribute it and/or modify
12 ;; it under the terms of the GNU General Public License as published by
13 ;; the Free Software Foundation, either version 3 of the License, or
14 ;; (at your option) any later version.
16 ;; GNU Emacs is distributed in the hope that it will be useful,
17 ;; but WITHOUT ANY WARRANTY; without even the implied warranty of
18 ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 ;; GNU General Public License for more details.
21 ;; You should have received a copy of the GNU General Public License
22 ;; along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>.
26 ;; This is a quick'n'dirty, low performance, implementation of RFC2104.
31 ;; (rfc2104-hash 'md5 64 16 "Jefe" "what do ya want for nothing?")
32 ;; "750c783e6ab0b503eaa86e310a5db738"
35 ;; (rfc2104-hash 'sha1-encode 64 20 "Jefe" "what do ya want for nothing?")
36 ;; "effcdf6ae5eb2fa2d27416d5f184df9c259a7c79"
38 ;; 64 is block length of hash function (64 for MD5 and SHA), 16 is
39 ;; resulting hash length (16 for MD5, 20 for SHA).
41 ;; Tested with Emacs 20.2 and XEmacs 20.3.
43 ;; Test case reference: RFC 2202.
47 ;; 1998-08-16 initial release posted to gnu.emacs.sources
48 ;; 1998-08-17 use append instead of char-list-to-string
49 ;; 1998-08-26 don't require hexl
50 ;; 1998-09-25 renamed from hmac.el to rfc2104.el, also renamed functions
51 ;; 1999-10-23 included in pgnus
52 ;; 2000-08-15 `rfc2104-hexstring-to-bitstring'
53 ;; 2000-05-12 added sha-1 example, added test case reference
54 ;; 2003-11-13 change rfc2104-hexstring-to-bitstring to ...-byte-list
58 (eval-when-compile (require 'cl
))
60 ;; Magic character for inner HMAC round. 0x36 == 54 == '6'
61 (defconst rfc2104-ipad ?
\x36)
63 ;; Magic character for outer HMAC round. 0x5C == 92 == '\'
64 (defconst rfc2104-opad ?
\x5C)
66 ;; Not so magic character for padding the key. 0x00
67 (defconst rfc2104-zero ?
\x00)
69 ;; Alist for converting hex to decimal.
70 (defconst rfc2104-hex-alist
71 '((?
0 .
0) (?a .
10) (?A .
10)
72 (?
1 .
1) (?b .
11) (?B .
11)
73 (?
2 .
2) (?c .
12) (?C .
12)
74 (?
3 .
3) (?d .
13) (?D .
13)
75 (?
4 .
4) (?e .
14) (?E .
14)
76 (?
5 .
5) (?f .
15) (?F .
15)
82 (defun rfc2104-hex-to-int (str)
85 (+ (* 16 (rfc2104-hex-to-int (cdr str
)))
86 (cdr (assoc (car str
) rfc2104-hex-alist
)))
87 (rfc2104-hex-to-int (reverse (append str nil
))))
90 (defun rfc2104-hexstring-to-bitstring (str)
92 (while (< 0 (length str
))
93 (push (rfc2104-hex-to-int (substring str -
2)) out
)
94 (setq str
(substring str
0 -
2)))
95 (apply (if (fboundp 'unibyte-string
) 'unibyte-string
'string
) out
)))
97 (defun rfc2104-hash (hash block-length hash-length key text
)
98 (let* (;; if key is longer than B, reset it to HASH(key)
99 (key (if (> (length key
) block-length
)
100 (funcall hash key
) key
))
101 (k_ipad (append key nil
))
102 (k_opad (append key nil
)))
103 ;; zero pad k_ipad/k_opad
104 (while (< (length k_ipad
) block-length
)
105 (setq k_ipad
(append k_ipad
(list rfc2104-zero
))))
106 (while (< (length k_opad
) block-length
)
107 (setq k_opad
(append k_opad
(list rfc2104-zero
))))
108 ;; XOR key with ipad/opad into k_ipad/k_opad
109 (setq k_ipad
(mapcar (lambda (c) (logxor c rfc2104-ipad
)) k_ipad
))
110 (setq k_opad
(mapcar (lambda (c) (logxor c rfc2104-opad
)) k_opad
))
111 ;; perform outer hash
112 (funcall hash
(concat k_opad
(rfc2104-hexstring-to-bitstring
113 ;; perform inner hash
114 (funcall hash
(concat k_ipad text
)))))))
118 ;; arch-tag: cf671d5c-a45f-4a09-815e-704e59e43950
119 ;;; rfc2104.el ends here