21.03.2013 Views

Problem - Kevin Tafuro

Problem - Kevin Tafuro

Problem - Kevin Tafuro

SHOW MORE
SHOW LESS

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

void DGST_Update(DGST_CTX *ctx, unsigned char *m, size_t len);<br />

void DGST_Final(unsigned char *tag. DGST_CTX *ctx);<br />

Some hash function implementations won’t have an explicit reset implementation, in<br />

which case you can implement the reset functionality by calling DGST_Init( ) again.<br />

Even though OpenSSLalready has an HMAC implementation, here is an example of<br />

binding the previous HMAC implementation to OpenSSL’s SHA1 implementation:<br />

typedef SHA_CTX DGST_CTX;<br />

#define DGST_BLK_SZ 64<br />

#define DGST_OUT_SZ 20<br />

#define DGST_Init(x) SHA1_Init(x)<br />

#define DGST_Reset(x) DGST_Init(x)<br />

#define DGST_Update(x, m, l) SHA1_Update(x, m, l)<br />

#define DGST_Final(o, x) SHA1_Final(o, x)<br />

See Also<br />

Recipes 5.26, 6.3, 6.4, 6.9<br />

6.11 Using OMAC (a Simple Block Cipher–Based<br />

MAC)<br />

<strong>Problem</strong><br />

You want to use a simple MAC based on a block cipher, such as AES.<br />

Solution<br />

Use the OMAC implementation provided in the “Discussion” section.<br />

Discussion<br />

Be sure to look at our generic recommendations for using a MAC (see<br />

Recipe 6.9).<br />

OMAC is a straightforward message authentication algorithm based on the CBCencryption<br />

mode. It fixes some security problems with the naïve implementation of a<br />

MAC from CBC mode (CBC-MAC). In particular, that MAC is susceptible to lengthextension<br />

attacks, similar to the ones we consider for cryptographic hash functions<br />

in Recipe 6.7.<br />

280 | Chapter 6: Hashes and Message Authentication<br />

This is the Title of the Book, eMatter Edition<br />

Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!