gc: support HMAC-SHA256 and HMAC-SHA512.

* lib/gc.h: Add gc_hmac_sha256 and gc_hmac_sha512.
* lib/gc-libgcrypt.c (gc_hmac_sha256, gc_hmac_sha512): New
functions.
(gc_hmac_md5): Use symbolic constant.
* lib/gc-gnulib.c: Include hmac.h for HMAC-SHA256/512 too.
(gc_hmac_sha256, gc_hmac_sha512): New functions.
* lib/hmac.h: Add hmac_sha256 and hmac_sha512 prototypes.
* m4/sha256.m4: Protect against empty expansion.
* m4/sha512.m4: Likewise.
* lib/hmac-sha256.c: New file.
* lib/hmac-sha512.c: Likewise.
* m4/gc-hmac-sha256.m4: Likewise.
* m4/gc-hmac-sha512.m4: Likewise.
* m4/gc-sha256.m4: Likewise.
* m4/gc-sha512.m4: Likewise.
* modules/crypto/gc-hmac-sha256: Likewise.
* modules/crypto/gc-hmac-sha256-tests: Likewise.
* modules/crypto/gc-hmac-sha512: Likewise.
* modules/crypto/gc-hmac-sha512-tests: Likewise.
* modules/crypto/hmac-sha256: Likewise.
* modules/crypto/hmac-sha256-tests: Likewise.
* modules/crypto/hmac-sha512: Likewise.
* modules/crypto/hmac-sha512-tests: Likewise.
* tests/test-gc-hmac-sha256.c: Likewise.
* tests/test-gc-hmac-sha512.c: Likewise
* tests/test-hmac-sha256.c: Likewise.
* tests/test-hmac-sha512.c: Likewise

1 files changed, 81 insertions, 1 deletions

diff --git a/lib/gc-libgcrypt.c b/lib/gc-libgcrypt.c
index 050b89f080..3be4272953 100644
--- a/lib/gc-libgcrypt.c
+++ b/lib/gc-libgcrypt.c
@@ -656,7 +656,7 @@ gc_hmac_md5 (const void *key, size_t keylen,
   unsigned char *hash;
   gpg_error_t err;
 
-  assert (hlen == 16);
+  assert (hlen == GC_MD5_DIGEST_SIZE);
 
   err = gcry_md_open (&mdh, GCRY_MD_MD5, GCRY_MD_FLAG_HMAC);
   if (err != GPG_ERR_NO_ERROR)
@@ -725,3 +725,83 @@ gc_hmac_sha1 (const void *key, size_t keylen,
   return GC_OK;
 }
 #endif
+
+#ifdef GNULIB_GC_HMAC_SHA256
+Gc_rc
+gc_hmac_sha256 (const void *key, size_t keylen,
+             const void *in, size_t inlen, char *resbuf)
+{
+  size_t hlen = gcry_md_get_algo_dlen (GCRY_MD_SHA256);
+  gcry_md_hd_t mdh;
+  unsigned char *hash;
+  gpg_error_t err;
+
+  assert (hlen == GC_SHA256_DIGEST_SIZE);
+
+  err = gcry_md_open (&mdh, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
+  if (err != GPG_ERR_NO_ERROR)
+    return GC_INVALID_HASH;
+
+  err = gcry_md_setkey (mdh, key, keylen);
+  if (err != GPG_ERR_NO_ERROR)
+    {
+      gcry_md_close (mdh);
+      return GC_INVALID_HASH;
+    }
+
+  gcry_md_write (mdh, in, inlen);
+
+  hash = gcry_md_read (mdh, GCRY_MD_SHA256);
+  if (hash == NULL)
+    {
+      gcry_md_close (mdh);
+      return GC_INVALID_HASH;
+    }
+
+  memcpy (resbuf, hash, hlen);
+
+  gcry_md_close (mdh);
+
+  return GC_OK;
+}
+#endif
+
+#ifdef GNULIB_GC_HMAC_SHA512
+Gc_rc
+gc_hmac_sha512 (const void *key, size_t keylen,
+              const void *in, size_t inlen, char *resbuf)
+{
+  size_t hlen = gcry_md_get_algo_dlen (GCRY_MD_SHA512);
+  gcry_md_hd_t mdh;
+  unsigned char *hash;
+  gpg_error_t err;
+
+  assert (hlen == GC_SHA512_DIGEST_SIZE);
+
+  err = gcry_md_open (&mdh, GCRY_MD_SHA512, GCRY_MD_FLAG_HMAC);
+  if (err != GPG_ERR_NO_ERROR)
+    return GC_INVALID_HASH;
+
+  err = gcry_md_setkey (mdh, key, keylen);
+  if (err != GPG_ERR_NO_ERROR)
+    {
+      gcry_md_close (mdh);
+      return GC_INVALID_HASH;
+    }
+
+  gcry_md_write (mdh, in, inlen);
+
+  hash = gcry_md_read (mdh, GCRY_MD_SHA512);
+  if (hash == NULL)
+    {
+      gcry_md_close (mdh);
+      return GC_INVALID_HASH;
+    }
+
+  memcpy (resbuf, hash, hlen);
+
+  gcry_md_close (mdh);
+
+  return GC_OK;
+}
+#endif