emsha

This library is an MIT-licensed HMAC-SHA-256 C++11 library designed for embedded systems. It is built following the JPL Power of Ten rules. It was written in response to a need for a standalone HMAC-SHA-256 package that could run on several platforms, including several memory- constrained embedded platforms.

Getting and Building the Source

The source code is available via Git; each version should be git tagged. There is also a mirror on Github.

git clone https://git.wntrmute.dev/sc/emsha

The current release is 1.1.1.

The project is built using CMake. Packages are built using the RelWithDebInfo configuration; artifacts are built using the sc3dev build script.

There are two cache variables that might be useful:

• SET EMSHA_NO_HEXSTRING disables the provided hexstring function; while this might be useful in many cases, it also adds extra size to the code. For memory-constrained microcontrollers, this might be desirable.
• SET_EMSHA_NO_HEXLUT disables the larger lookup table used by hexstring, which can save around a kilobyte of program space. If the hexstring function is disabled, this option has no effect.
• SET_EMSHA_NO_SELFTEST disables the internal self-tests, which can reclaim some additional program space.

Documentation

Documentation is currently done with Doxygen; documentation is available online.

See also

• FIPS 180-4, the Secure Hash Standard
• FIPS 198-1, The Keyed-Hash Message Authentication Code (HMAC)
• RFC 2014, HMAC: Keyed-Hashing for Message Authentication
• RFC 6234, US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)
• The behaviour of this package was cross-checked using the Go 1.5.1 linux/amd64 standard library's crypto/sha256 package.

Acknowledgements

This library came about after extracting the relevant C code from RFC 6234, and needing a C++ version. It draws heavy inspiration from that code. I also pulled a lot of test vectors from Go's crypto/sha256.