crypto: Add SHA256 and SHA512 based MACs

3 files changed, 249 insertions, 7 deletions

diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index 25616410be..a1f2614f69 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -1,7 +1,7 @@
 /* 
  * %CopyrightBegin%
  *
- * Copyright Ericsson AB 2010-2011. All Rights Reserved.
+ * Copyright Ericsson AB 2010-2012. All Rights Reserved.
  *
  * The contents of this file are subject to the Erlang Public License,
  * Version 1.1, (the "License"); you may not use this file except in
@@ -149,6 +149,8 @@ static ERL_NIF_TERM md4_update(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv
 static ERL_NIF_TERM md4_final(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM md5_mac_n(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM sha_mac_n(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+static ERL_NIF_TERM sha256_mac_n_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+static ERL_NIF_TERM sha512_mac_n_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM hmac_init(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM hmac_update(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM hmac_final(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
@@ -208,6 +210,16 @@ static void hmac_md5(unsigned char *key, int klen,
 static void hmac_sha1(unsigned char *key, int klen,
 		      unsigned char *dbuf, int dlen, 
 		      unsigned char *hmacbuf);
+#ifdef HAVE_SHA256
+static void hmac_sha256(unsigned char *key, int klen,
+			unsigned char *dbuf, int dlen,
+			unsigned char *hmacbuf);
+#endif
+#ifdef HAVE_SHA512
+static void hmac_sha512(unsigned char *key, int klen,
+			unsigned char *dbuf, int dlen,
+			unsigned char *hmacbuf);
+#endif
 
 static int library_refc = 0; /* number of users of this dynamic library */
 
@@ -235,6 +247,8 @@ static ErlNifFunc nif_funcs[] = {
     {"md4_final", 1, md4_final},
     {"md5_mac_n", 3, md5_mac_n},
     {"sha_mac_n", 3, sha_mac_n},
+    {"sha256_mac_n_nif", 3, sha256_mac_n_nif},
+    {"sha512_mac_n_nif", 3, sha512_mac_n_nif},
     {"hmac_init", 2, hmac_init},
     {"hmac_update", 2, hmac_update},
     {"hmac_final", 1, hmac_final},
@@ -292,6 +306,7 @@ ERL_NIF_INIT(crypto,nif_funcs,load,reload,upgrade,unload)
 #define SHA384_LEN	(384/8)
 #define SHA512_LEN	(512/8)
 #define HMAC_INT_LEN    64
+#define HMAC_INT2_LEN   128
 
 #define HMAC_IPAD       0x36
 #define HMAC_OPAD       0x5c
@@ -765,6 +780,50 @@ static ERL_NIF_TERM sha_mac_n(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[
     return ret;
 }
 
+static ERL_NIF_TERM sha256_mac_n_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (Key, Data, MacSize) */
+#ifdef HAVE_SHA256
+    unsigned char hmacbuf[SHA256_DIGEST_LENGTH];
+    ErlNifBinary key, data;
+    unsigned mac_sz;
+    ERL_NIF_TERM ret;
+
+    if (!enif_inspect_iolist_as_binary(env, argv[0], &key)
+	|| !enif_inspect_iolist_as_binary(env, argv[1], &data)
+	|| !enif_get_uint(env,argv[2],&mac_sz) || mac_sz > SHA256_DIGEST_LENGTH) {
+	return enif_make_badarg(env);
+    }
+    hmac_sha256(key.data, key.size, data.data, data.size, hmacbuf);
+    memcpy(enif_make_new_binary(env, mac_sz, &ret),
+	   hmacbuf, mac_sz);
+    return ret;
+#else
+    return atom_notsup;
+#endif
+}
+
+static ERL_NIF_TERM sha512_mac_n_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (Key, Data, MacSize) */
+#ifdef HAVE_SHA512
+    unsigned char hmacbuf[SHA512_DIGEST_LENGTH];
+    ErlNifBinary key, data;
+    unsigned mac_sz;
+    ERL_NIF_TERM ret;
+
+    if (!enif_inspect_iolist_as_binary(env, argv[0], &key)
+	|| !enif_inspect_iolist_as_binary(env, argv[1], &data)
+	|| !enif_get_uint(env,argv[2],&mac_sz) || mac_sz > SHA512_DIGEST_LENGTH) {
+	return enif_make_badarg(env);
+    }
+    hmac_sha512(key.data, key.size, data.data, data.size, hmacbuf);
+    memcpy(enif_make_new_binary(env, mac_sz, &ret),
+	   hmacbuf, mac_sz);
+    return ret;
+#else
+    return atom_notsup;
+#endif
+}
+
 static ERL_NIF_TERM hmac_init(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
 {/* (Type, Key) */
     ErlNifBinary key;
@@ -773,6 +832,8 @@ static ERL_NIF_TERM hmac_init(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[
     const EVP_MD *md;
     
     if (argv[0] == atom_sha) md = EVP_sha1();
+    else if (argv[0] == atom_sha256) md = EVP_sha256();
+    else if (argv[0] == atom_sha512) md = EVP_sha512();
     else if (argv[0] == atom_md5) md = EVP_md5();
     else if (argv[0] == atom_ripemd160) md = EVP_ripemd160();
     else goto badarg;
@@ -2184,3 +2245,84 @@ static void hmac_sha1(unsigned char *key, int klen,
     SHA1_Final((unsigned char *) hmacbuf, &ctx);
 }
 
+#ifdef HAVE_SHA256
+static void hmac_sha256(unsigned char *key, int klen,
+			unsigned char *dbuf, int dlen,
+			unsigned char *hmacbuf)
+{
+    SHA256_CTX ctx;
+    char ipad[HMAC_INT_LEN];
+    char opad[HMAC_INT_LEN];
+    unsigned char nkey[SHA256_DIGEST_LENGTH];
+    int i;
+
+    /* Change key if longer than 64 bytes */
+    if (klen > HMAC_INT_LEN) {
+	SHA256(key, klen, nkey);
+	key = nkey;
+	klen = SHA256_DIGEST_LENGTH;
+    }
+
+    memset(ipad, '\0', sizeof(ipad));
+    memset(opad, '\0', sizeof(opad));
+    memcpy(ipad, key, klen);
+    memcpy(opad, key, klen);
+
+    for (i = 0; i < HMAC_INT_LEN; i++) {
+	ipad[i] ^= HMAC_IPAD;
+	opad[i] ^= HMAC_OPAD;
+    }
+
+    /* inner SHA */
+    SHA256_Init(&ctx);
+    SHA256_Update(&ctx, ipad, HMAC_INT_LEN);
+    SHA256_Update(&ctx, dbuf, dlen);
+    SHA256_Final((unsigned char *) hmacbuf, &ctx);
+    /* outer SHA */
+    SHA256_Init(&ctx);
+    SHA256_Update(&ctx, opad, HMAC_INT_LEN);
+    SHA256_Update(&ctx, hmacbuf, SHA256_DIGEST_LENGTH);
+    SHA256_Final((unsigned char *) hmacbuf, &ctx);
+}
+#endif
+
+#ifdef HAVE_SHA512
+static void hmac_sha512(unsigned char *key, int klen,
+			unsigned char *dbuf, int dlen,
+			unsigned char *hmacbuf)
+{
+    SHA512_CTX ctx;
+    char ipad[HMAC_INT2_LEN];
+    char opad[HMAC_INT2_LEN];
+    unsigned char nkey[SHA512_DIGEST_LENGTH];
+    int i;
+
+    /* Change key if longer than 64 bytes */
+    if (klen > HMAC_INT2_LEN) {
+	SHA512(key, klen, nkey);
+	key = nkey;
+	klen = SHA512_DIGEST_LENGTH;
+    }
+
+    memset(ipad, '\0', sizeof(ipad));
+    memset(opad, '\0', sizeof(opad));
+    memcpy(ipad, key, klen);
+    memcpy(opad, key, klen);
+
+    for (i = 0; i < HMAC_INT2_LEN; i++) {
+	ipad[i] ^= HMAC_IPAD;
+	opad[i] ^= HMAC_OPAD;
+    }
+
+    /* inner SHA */
+    SHA512_Init(&ctx);
+    SHA512_Update(&ctx, ipad, HMAC_INT2_LEN);
+    SHA512_Update(&ctx, dbuf, dlen);
+    SHA512_Final((unsigned char *) hmacbuf, &ctx);
+    /* outer SHA */
+    SHA512_Init(&ctx);
+    SHA512_Update(&ctx, opad, HMAC_INT2_LEN);
+    SHA512_Update(&ctx, hmacbuf, SHA512_DIGEST_LENGTH);
+    SHA512_Final((unsigned char *) hmacbuf, &ctx);
+}
+#endif
diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl
index 69ab51d11e..0f14092f87 100644
--- a/lib/crypto/src/crypto.erl
+++ b/lib/crypto/src/crypto.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 1999-2011. All Rights Reserved.
+%% Copyright Ericsson AB 1999-2012. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -22,12 +22,14 @@
 -module(crypto).
 
 -export([start/0, stop/0, info/0, info_lib/0, version/0]).
+-export([hash/2]).
 -export([md4/1, md4_init/0, md4_update/2, md4_final/1]).
 -export([md5/1, md5_init/0, md5_update/2, md5_final/1]).
 -export([sha/1, sha_init/0, sha_update/2, sha_final/1]).
 -export([sha256/1, sha256_init/0, sha256_update/2, sha256_final/1]).
 -export([sha512/1, sha512_init/0, sha512_update/2, sha512_final/1]).
 -export([md5_mac/2, md5_mac_96/2, sha_mac/2, sha_mac/3, sha_mac_96/2]).
+-export([sha256_mac/2, sha256_mac_96/2, sha512_mac/2, sha512_mac/3, sha512_mac_96/2]).
 -export([hmac_init/2, hmac_update/2, hmac_final/1, hmac_final_n/2]).
 -export([des_cbc_encrypt/3, des_cbc_decrypt/3, des_cbc_ivec/1]).
 -export([des_ecb_encrypt/2, des_ecb_decrypt/2]).
@@ -68,6 +70,8 @@
  		    sha512, sha512_init, sha512_update, sha512_final,
 		    md5_mac,  md5_mac_96,
 		    sha_mac,  sha_mac_96,
+		    sha256_mac,  sha256_mac_96,
+		    sha512_mac,  sha512_mac_96,
                     sha_mac_init, sha_mac_update, sha_mac_final,
 		    des_cbc_encrypt, des_cbc_decrypt,
 		    des_cfb_encrypt, des_cfb_decrypt,
@@ -172,7 +176,7 @@ info_lib() -> ?nif_stub.
 %% (no version): Driver implementation
 %% 2.0         : NIF implementation, requires OTP R14
 version() -> ?CRYPTO_VSN.
-     
+
 %% Below Key and Data are binaries or IO-lists. IVec is a binary.
 %% Output is always a binary. Context is a binary.
 
@@ -180,6 +184,15 @@ version() -> ?CRYPTO_VSN.
 %%  MESSAGE DIGESTS
 %%
 
+-spec hash(_, iodata()) -> binary().
+hash(md5, Data)    -> md5(Data);
+hash(md4, Data)    -> md4(Data);
+hash(sha, Data)    -> sha(Data);
+hash(sha1, Data)   -> sha(Data);
+hash(sha256, Data) -> sha256(Data);
+hash(sha512, Data) -> sha512(Data).
+
+
 %%
 %%  MD5
 %%
@@ -337,6 +350,52 @@ sha_mac_96(Key, Data) ->
 sha_mac_n(_Key,_Data,_MacSz) -> ?nif_stub.
 
 %%
+%%  SHA256_MAC
+%%
+-spec sha256_mac(iodata(), iodata()) -> binary().
+-spec sha256_mac_96(iodata(), iodata()) -> binary().
+
+sha256_mac(Key, Data) ->
+    sha256_mac_n(Key,Data,32).
+
+sha256_mac(Key, Data, Size) ->
+    sha256_mac_n(Key, Data, Size).
+
+sha256_mac_96(Key, Data) ->
+    sha256_mac_n(Key,Data,12).
+
+sha256_mac_n(Key, Data, MacSz) ->
+   case sha256_mac_n_nif(Key, Data, MacSz) of
+       notsup -> erlang:error(notsup);
+       Bin -> Bin
+   end.
+
+sha256_mac_n_nif(_Key,_Data,_MacSz) -> ?nif_stub.
+
+%%
+%%  SHA512_MAC
+%%
+-spec sha512_mac(iodata(), iodata()) -> binary().
+-spec sha512_mac_96(iodata(), iodata()) -> binary().
+
+sha512_mac(Key, Data) ->
+    sha512_mac_n(Key,Data,64).
+
+sha512_mac(Key, Data, Size) ->
+    sha512_mac_n(Key, Data, Size).
+
+sha512_mac_96(Key, Data) ->
+    sha512_mac_n(Key,Data,12).
+
+sha512_mac_n(Key, Data, MacSz) ->
+   case sha512_mac_n_nif(Key, Data, MacSz) of
+       notsup -> erlang:error(notsup);
+       Bin -> Bin
+   end.
+
+sha512_mac_n_nif(_Key,_Data,_MacSz) -> ?nif_stub.
+
+%%
 %% CRYPTO FUNCTIONS
 %%
 
diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl
index 6cc00d85ad..01cdf9f001 100644
--- a/lib/crypto/test/crypto_SUITE.erl
+++ b/lib/crypto/test/crypto_SUITE.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 1999-2011. All Rights Reserved.
+%% Copyright Ericsson AB 1999-2012. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -33,6 +33,8 @@
 	 sha_update/1,
          hmac_update_sha/1,
          hmac_update_sha_n/1,
+         hmac_update_sha256/1,
+         hmac_update_sha512/1,
          hmac_update_md5/1,
          hmac_update_md5_io/1,
          hmac_update_md5_n/1,
@@ -84,8 +86,8 @@ groups() ->
      {rest, [],
       [md5, md5_update, md4, md4_update, md5_mac,
        md5_mac_io, sha, sha_update,
-       hmac_update_sha, hmac_update_sha_n, hmac_update_md5_n,
-       hmac_update_md5_io, hmac_update_md5,
+       hmac_update_sha, hmac_update_sha_n, hmac_update_sha256, hmac_update_sha512,
+       hmac_update_md5_n, hmac_update_md5_io, hmac_update_md5,
        des_cbc, aes_cfb, aes_cbc,
        aes_cbc_iter, aes_ctr, aes_ctr_stream, des_cbc_iter, des_ecb,
        rand_uniform_test, strong_rand_test,
@@ -338,6 +340,44 @@ hmac_update_sha(Config) when is_list(Config) ->
     ?line Mac = crypto:hmac_final(Ctx3),
     ?line Exp = crypto:sha_mac(Key, lists:flatten([Data, Data2])), 
     ?line m(Exp, Mac).
+
+hmac_update_sha256(doc) ->
+    ["Generate an SHA256 HMAC using hmac_init, hmac_update, and hmac_final. "
+     "Expected values for examples are generated using crypto:sha256_mac." ];
+hmac_update_sha256(suite) ->
+    [];
+hmac_update_sha256(Config) when is_list(Config) ->
+    ?line Key = hexstr2bin("00010203101112132021222330313233"
+                           "04050607141516172425262734353637"
+                           "08090a0b18191a1b28292a2b38393a3b"
+                           "0c0d0e0f1c1d1e1f2c2d2e2f3c3d3e3f"),
+    ?line Data = "Sampl",
+    ?line Data2 = "e #1",
+    ?line Ctx = crypto:hmac_init(sha256, Key),
+    ?line Ctx2 = crypto:hmac_update(Ctx, Data),
+    ?line Ctx3 = crypto:hmac_update(Ctx2, Data2),
+    ?line Mac = crypto:hmac_final(Ctx3),
+    ?line Exp = crypto:sha256_mac(Key, lists:flatten([Data, Data2])),
+    ?line m(Exp, Mac).
+
+hmac_update_sha512(doc) ->
+    ["Generate an SHA512 HMAC using hmac_init, hmac_update, and hmac_final. "
+     "Expected values for examples are generated using crypto:sha512_mac." ];
+hmac_update_sha512(suite) ->
+    [];
+hmac_update_sha512(Config) when is_list(Config) ->
+    ?line Key = hexstr2bin("00010203101112132021222330313233"
+                           "04050607141516172425262734353637"
+                           "08090a0b18191a1b28292a2b38393a3b"
+                           "0c0d0e0f1c1d1e1f2c2d2e2f3c3d3e3f"),
+    ?line Data = "Sampl",
+    ?line Data2 = "e #1",
+    ?line Ctx = crypto:hmac_init(sha512, Key),
+    ?line Ctx2 = crypto:hmac_update(Ctx, Data),
+    ?line Ctx3 = crypto:hmac_update(Ctx2, Data2),
+    ?line Mac = crypto:hmac_final(Ctx3),
+    ?line Exp = crypto:sha512_mac(Key, lists:flatten([Data, Data2])),
+    ?line m(Exp, Mac).
     
 hmac_update_md5(doc) ->
     ["Generate an MD5 HMAC using hmac_init, hmac_update, and hmac_final. "
@@ -1482,7 +1522,8 @@ worker_loop(N, Config) ->
     Funcs = { md5, md5_update, md5_mac, md5_mac_io, sha, sha_update, des_cbc,
 	      aes_cfb, aes_cbc, des_cbc_iter, rand_uniform_test, strong_rand_test,
 	      rsa_verify_test, exor_test, rc4_test, rc4_stream_test, mod_exp_test,
-              hmac_update_md5, hmac_update_sha, aes_ctr_stream },
+              hmac_update_md5, hmac_update_sha, hmac_update_sha256, hmac_update_sha512,
+	      aes_ctr_stream },
 
     F = element(random:uniform(size(Funcs)),Funcs),
     %%io:format("worker ~p calling ~p\n",[self(),F]),