libemsha

This library is an MIT-licensed HMAC-SHA-256 C++11 library designed for embedded systems. It is built following the JPL Power of Ten rules. It was written in response to a need for a standalone HMAC-SHA-256 package that could run on several platforms.

Getting and Building the Source

The source code is available via Github; each version should be git tagged. :

git clone https://github.com/kisom/libemsha
git clone git@github.com:kisom/libemsha

The current release is 1.0.1.

The project is built using Autotools and make.

When building from a git checkout, the [autobuild]{.title-ref} script will bootstrap the project from the autotools sources (e.g. via autoreconf -i), run configure (by default to use clang), and attempt to build the library and run the unit tests.

Once the autotools infrastructure has been bootstrapped, the following should work: :

./configure && make && make check && make install

There are three flags to configure that might be useful:

• --disable-hexstring disables the provided hexstring function; while this might be useful in many cases, it also adds extra size to the code.
• --disable-hexlut disables the larger lookup table used by hexstring, which can save around a kilobyte of program space. If the hexstring function is disabled, this option has no effect.
• --disable-selftest disables the internal self-tests, which can reclaim some additional program space.

Documentation

Documentation is currently done with Sphinx. See doc/.

See also

• FIPS 180-4, the Secure Hash Standard
• FIPS 198-1, The Keyed-Hash Message Authentication Code (HMAC)
• RFC 2014, HMAC: Keyed-Hashing for Message Authentication
• RFC 6234, US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)¹
• The behaviour of this package was cross-checked using the Go 1.5.1 linux/amd64 standard library's crypto/sha256 package.

Footnotes

---

1. This library came about after extracting the relevant C code from RFC 6234, and needing a C++ version. It draws heavy inspiration from that code base. ↩︎