libsodium: Needed for Dnscrypto-proxy Release 1.3.0
[tomato.git] / release / src / router / libsodium / src / libsodium / crypto_auth / hmacsha512256 / ref / hmac_hmacsha512256.c
blobbe871ced5611a6f75a00db2daff9cafb1b8dc35d
1 /*
2 * 20080913
3 * D. J. Bernstein
4 * Public domain.
5 * */
7 #include "api.h"
8 #include "crypto_hashblocks_sha512.h"
10 #define blocks crypto_hashblocks_sha512
12 typedef unsigned long long uint64;
14 static const unsigned char iv[64] = {
15 0x6a,0x09,0xe6,0x67,0xf3,0xbc,0xc9,0x08,
16 0xbb,0x67,0xae,0x85,0x84,0xca,0xa7,0x3b,
17 0x3c,0x6e,0xf3,0x72,0xfe,0x94,0xf8,0x2b,
18 0xa5,0x4f,0xf5,0x3a,0x5f,0x1d,0x36,0xf1,
19 0x51,0x0e,0x52,0x7f,0xad,0xe6,0x82,0xd1,
20 0x9b,0x05,0x68,0x8c,0x2b,0x3e,0x6c,0x1f,
21 0x1f,0x83,0xd9,0xab,0xfb,0x41,0xbd,0x6b,
22 0x5b,0xe0,0xcd,0x19,0x13,0x7e,0x21,0x79
23 } ;
25 int crypto_auth(unsigned char *out,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
27 unsigned char h[64];
28 unsigned char padded[256];
29 unsigned long long i;
30 unsigned long long bytes = 128 + inlen;
32 for (i = 0;i < 64;++i) h[i] = iv[i];
34 for (i = 0;i < 32;++i) padded[i] = k[i] ^ 0x36;
35 for (i = 32;i < 128;++i) padded[i] = 0x36;
37 blocks(h,padded,128);
38 blocks(h,in,inlen);
39 in += inlen;
40 inlen &= 127;
41 in -= inlen;
43 for (i = 0;i < inlen;++i) padded[i] = in[i];
44 padded[inlen] = 0x80;
46 if (inlen < 112) {
47 for (i = inlen + 1;i < 119;++i) padded[i] = 0;
48 padded[119] = bytes >> 61;
49 padded[120] = bytes >> 53;
50 padded[121] = bytes >> 45;
51 padded[122] = bytes >> 37;
52 padded[123] = bytes >> 29;
53 padded[124] = bytes >> 21;
54 padded[125] = bytes >> 13;
55 padded[126] = bytes >> 5;
56 padded[127] = bytes << 3;
57 blocks(h,padded,128);
58 } else {
59 for (i = inlen + 1;i < 247;++i) padded[i] = 0;
60 padded[247] = bytes >> 61;
61 padded[248] = bytes >> 53;
62 padded[249] = bytes >> 45;
63 padded[250] = bytes >> 37;
64 padded[251] = bytes >> 29;
65 padded[252] = bytes >> 21;
66 padded[253] = bytes >> 13;
67 padded[254] = bytes >> 5;
68 padded[255] = bytes << 3;
69 blocks(h,padded,256);
72 for (i = 0;i < 32;++i) padded[i] = k[i] ^ 0x5c;
73 for (i = 32;i < 128;++i) padded[i] = 0x5c;
75 for (i = 0;i < 64;++i) padded[128 + i] = h[i];
76 for (i = 0;i < 64;++i) h[i] = iv[i];
78 for (i = 64;i < 128;++i) padded[128 + i] = 0;
79 padded[128 + 64] = 0x80;
80 padded[128 + 126] = 6;
82 blocks(h,padded,256);
83 for (i = 0;i < 32;++i) out[i] = h[i];
85 return 0;