3.2 KiB
emsha: EMbedded Secure HAshing
This library is an MIT-licensed HMAC-SHA-256 C++11 library designed for embedded systems. It is built following the JPL Power of Ten rules. It was written in response to a need for a standalone HMAC-SHA-256 package that could run on several platforms, including several memory- constrained embedded platforms.
Getting and Building the Source
The source code is available via Git; each version should be git tagged. There is also a mirror on Github.
git clone https://git.wntrmute.dev/sc/emsha
The current release is 1.1.1.
The project is built using CMake. Packages are built using the RelWithDebInfo
configuration; artifacts are built using the sc3dev
build script.
There are two cache variables that might be useful:
SET EMSHA_NO_HEXSTRING
disables the providedhexstring
function; while this might be useful in many cases, it also adds extra size to the code. For memory-constrained microcontrollers, this might be desirable.SET_EMSHA_NO_HEXLUT
disables the larger lookup table used byhexstring
, which can save around a kilobyte of program space. If thehexstring
function is disabled, this option has no effect.SET_EMSHA_NO_SELFTEST
disables the internal self-tests, which can reclaim some additional program space.
Synopsis
The Hash pure virtual class defines a basic interface for programs:
- Hash::Reset will clear an instance of a Hash class.
- Hash::Update writes data into the Hash.
- Hash::Finalize will finish the Hash function and write the results out.
There are two implementations provided for Hash: SHA256 and HMAC.
Documentation
Documentation is currently done with Doxygen; documentation is available online.
See also
- FIPS 180-4, the Secure Hash Standard
- FIPS 198-1, The Keyed-Hash Message Authentication Code (HMAC)
- RFC 2014, HMAC: Keyed-Hashing for Message Authentication
- RFC 6234, US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)
- The behaviour of this package was cross-checked using the Go 1.5.1 linux/amd64 standard library's crypto/sha256 package.
Acknowledgements
This library came about after extracting the relevant C code from RFC 6234, and needing a C++ version. It draws heavy inspiration from that code. I also pulled a lot of test vectors from Go's crypto/sha256.