2 * Hashed Message Authentication Code using MD5 (HMAC-MD5)
4 * hmac_md5 was based on sample code in RFC2104 (thanks guys).
6 * Adapted to Bacula by Kern E. Sibbald, February MMI.
10 Bacula® - The Network Backup Solution
12 Copyright (C) 2001-2006 Free Software Foundation Europe e.V.
14 The main author of Bacula is Kern Sibbald, with contributions from
15 many others, a complete list can be found in the file AUTHORS.
16 This program is Free Software; you can redistribute it and/or
17 modify it under the terms of version two of the GNU Lesser General
18 Public License as published by the Free Software Foundation plus
19 additions in the file LICENSE.
21 This program is distributed in the hope that it will be useful, but
22 WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
24 Lesser General Public License for more details.
26 You should have received a copy of the GNU Affero General Public License
27 along with this program; if not, write to the Free Software
28 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
31 Bacula® is a registered trademark of Kern Sibbald.
32 The licensor of Bacula is the Free Software Foundation Europe
33 (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich,
34 Switzerland, email:ftf@fsfeurope.org.
39 #define PAD_LEN 64 /* PAD length */
40 #define SIG_LEN MD5HashSize /* MD5 digest length */
44 uint8_t* text, /* pointer to data stream */
45 int text_len, /* length of data stream */
46 uint8_t* key, /* pointer to authentication key */
47 int key_len, /* length of authentication key */
48 uint8_t *hmac) /* returned hmac-md5 */
51 uint8_t k_ipad[PAD_LEN]; /* inner padding - key XORd with ipad */
52 uint8_t k_opad[PAD_LEN]; /* outer padding - key XORd with opad */
53 uint8_t keysig[SIG_LEN];
56 /* if key is longer than PAD length, reset it to key=MD5(key) */
57 if (key_len > PAD_LEN) {
61 MD5Update(&md5key, key, key_len);
62 MD5Final(keysig, &md5key);
69 * the HMAC_MD5 transform looks like:
71 * MD5(Key XOR opad, MD5(Key XOR ipad, text))
73 * where Key is an n byte key
74 * ipad is the byte 0x36 repeated 64 times
76 * opad is the byte 0x5c repeated 64 times
77 * and text is the data being protected
80 /* Zero pads and store key */
81 memset(k_ipad, 0, PAD_LEN);
82 memcpy(k_ipad, key, key_len);
83 memcpy(k_opad, k_ipad, PAD_LEN);
85 /* XOR key with ipad and opad values */
86 for (i=0; i<PAD_LEN; i++) {
91 /* perform inner MD5 */
92 MD5Init(&md5c); /* start inner hash */
93 MD5Update(&md5c, k_ipad, PAD_LEN); /* hash inner pad */
94 MD5Update(&md5c, text, text_len); /* hash text */
95 MD5Final(hmac, &md5c); /* store inner hash */
97 /* perform outer MD5 */
98 MD5Init(&md5c); /* start outer hash */
99 MD5Update(&md5c, k_opad, PAD_LEN); /* hash outer pad */
100 MD5Update(&md5c, hmac, SIG_LEN); /* hash inner hash */
101 MD5Final(hmac, &md5c); /* store results */
104 Test Vectors (Trailing '\0' of a character string not included in test):
106 key = 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
110 digest = 0x9294727a3638bb1c13f48ef8158bfc9d
113 data = "what do ya want for nothing?"
115 digest = 0x750c783e6ab0b503eaa86e310a5db738
117 key = 0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
120 data = 0xDDDDDDDDDDDDDDDDDDDD...
121 ..DDDDDDDDDDDDDDDDDDDD...
122 ..DDDDDDDDDDDDDDDDDDDD...
123 ..DDDDDDDDDDDDDDDDDDDD...
124 ..DDDDDDDDDDDDDDDDDDDD
126 digest = 0x56be34521d144c88dbb8c733f0e8b3f6