/*
-Copyright (c) 2004-2007, John Hurst
+Copyright (c) 2004-2009, John Hurst
All rights reserved.
Redistribution and use in source and binary forms, with or without
class ASDCP::AESEncContext::h__AESContext : public AES_KEY
{
public:
+ Kumu::SymmetricKey m_KeyBuf;
byte_t m_IVec[CBC_BLOCK_SIZE];
};
return RESULT_INIT;
m_Context = new h__AESContext;
+ m_Context->m_KeyBuf.Set(key);
- if ( AES_set_encrypt_key(key, KEY_SIZE_BITS, m_Context) )
+ if ( AES_set_encrypt_key(m_Context->m_KeyBuf.Value(), KEY_SIZE_BITS, m_Context) )
{
print_ssl_error();
return RESULT_CRYPT_INIT;
class ASDCP::AESDecContext::h__AESContext : public AES_KEY
{
public:
+ Kumu::SymmetricKey m_KeyBuf;
byte_t m_IVec[CBC_BLOCK_SIZE];
};
return RESULT_INIT;
m_Context = new h__AESContext;
+ m_Context->m_KeyBuf.Set(key);
- if ( AES_set_decrypt_key(key, KEY_SIZE_BITS, m_Context) )
+ if ( AES_set_decrypt_key(m_Context->m_KeyBuf.Value(), KEY_SIZE_BITS, m_Context) )
{
print_ssl_error();
return RESULT_CRYPT_INIT;
static const ui32_t B_len = 64; // rfc 2104, Sec. 2
-static byte_t ipad[KeyLen] = { 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36 };
-
-static byte_t opad[KeyLen] = { 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c };
+static byte_t const ipad_const = 0x36;
+static byte_t const opad_const = 0x5c;
class HMACContext::h__HMACContext
{
public:
byte_t m_SHAValue[HMAC_SIZE];
- LabelSet_t m_SetType;
bool m_Final;
h__HMACContext() : m_Final(false) {}
{
byte_t rng_buf[SHA_DIGEST_LENGTH*2];
Kumu::Gen_FIPS_186_Value(key, KeyLen, rng_buf, SHA_DIGEST_LENGTH*2);
+
+ // rng_buf contains two rounds, x0 and x1 (each 160 bits).
+ // Use x1 per SMPTE 430-6-2006 Sec. 7.10
memcpy(m_key, rng_buf+SHA_DIGEST_LENGTH, KeyLen);
- m_SetType = LS_MXF_SMPTE;
Reset();
}
SHA1_Update(&SHA, key_nonce, KeyLen);
SHA1_Final(sha_buf, &SHA);
memcpy(m_key, sha_buf, KeyLen);
- m_SetType = LS_MXF_INTEROP;
Reset();
}
Reset()
{
byte_t xor_buf[B_len];
+ memset(xor_buf, 0, B_len);
+ memcpy(xor_buf, m_key, KeyLen);
+
memset(m_SHAValue, 0, HMAC_SIZE);
m_Final = false;
SHA1_Init(&m_SHA);
// H(K XOR opad, H(K XOR ipad, text))
// ^^^^^^^^^^
- ui32_t i = 0;
-
- for ( ; i < KeyLen; i++ )
- xor_buf[i] = m_key[i] ^ ipad[i];
-
- if ( m_SetType == LS_MXF_SMPTE )
- {
- for ( ; i < B_len; i++ )
- xor_buf[i] = 0 ^ ipad[0];
-
- SHA1_Update(&m_SHA, xor_buf, B_len);
- }
- else
- {
- SHA1_Update(&m_SHA, xor_buf, KeyLen);
- }
+ for ( ui32_t i = 0; i < B_len; i++ )
+ xor_buf[i] ^= ipad_const;
+
+ SHA1_Update(&m_SHA, xor_buf, B_len);
}
//
void
Finalize()
{
- // H(K XOR opad, H(K XOR ipad, text))
- // ^^^^^^^^^^^^^^^
- SHA1_Final(m_SHAValue, &m_SHA);
-
SHA_CTX SHA;
SHA1_Init(&SHA);
- byte_t xor_buf[KeyLen];
- ui32_t i = 0;
-
- for ( ; i < KeyLen; i++ )
- xor_buf[i] = m_key[i] ^ opad[i];
-
- if ( m_SetType == LS_MXF_SMPTE )
- {
- for ( ; i < B_len; i++ )
- xor_buf[i] = 0 ^ opad[0];
-
- SHA1_Update(&m_SHA, xor_buf, B_len);
- }
- else
- {
- SHA1_Update(&m_SHA, xor_buf, KeyLen);
- }
-
- SHA1_Update(&SHA, xor_buf, KeyLen);
+ byte_t xor_buf[B_len];
+ memset(xor_buf, 0, B_len);
+ memcpy(xor_buf, m_key, KeyLen);
+
+ SHA1_Init(&SHA);
+
+ // H(K XOR opad, H(K XOR ipad, text))
+ // ^^^^^^^^^^
+ for ( ui32_t i = 0; i < B_len; i++ )
+ xor_buf[i] ^= opad_const;
+
+ SHA1_Update(&SHA, xor_buf, B_len);
+
+ // H(K XOR opad, H(K XOR ipad, text))
+ // ^
+ SHA1_Final(m_SHAValue, &m_SHA);
SHA1_Update(&SHA, m_SHAValue, HMAC_SIZE);
+ // H(K XOR opad, H(K XOR ipad, text))
+ // ^
SHA1_Final(m_SHAValue, &SHA);
m_Final = true;
}