diff --git a/Cargo.lock b/Cargo.lock index 36051777b..59cbb1e11 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1014,6 +1014,7 @@ name = "libcrux-hmac" version = "0.0.2-beta.2" dependencies = [ "libcrux-hacl", + "libcrux-hacl-rs", "libcrux-hkdf", ] diff --git a/libcrux-hmac/Cargo.toml b/libcrux-hmac/Cargo.toml index a29de12d0..b0a3004b2 100644 --- a/libcrux-hmac/Cargo.toml +++ b/libcrux-hmac/Cargo.toml @@ -15,3 +15,4 @@ path = "src/hmac.rs" [dependencies] libcrux-hkdf = { version = "=0.0.2-beta.2", path = "../libcrux-hkdf" } libcrux-hacl = { version = "=0.0.2-beta.2", path = "../sys/hacl" } +libcrux-hacl-rs = { path = "../libcrux-hacl-rs/" } diff --git a/libcrux-hmac/src/hacl_hmac.rs b/libcrux-hmac/src/hacl_hmac.rs deleted file mode 100644 index 65136aa26..000000000 --- a/libcrux-hmac/src/hacl_hmac.rs +++ /dev/null @@ -1,30 +0,0 @@ -use libcrux_hacl::{ - Hacl_HMAC_compute_sha1, Hacl_HMAC_compute_sha2_256, Hacl_HMAC_compute_sha2_384, - Hacl_HMAC_compute_sha2_512, -}; - -macro_rules! impl_hmac { - ($name:ident,$fun:expr,$tag_len:literal) => { - /// Compute HMAC. - /// - /// Note that this function panics if `key` or `data` is larger than 2**32 bytes. - pub fn $name(key: &[u8], data: &[u8]) -> [u8; $tag_len] { - let mut dst = [0u8; $tag_len]; - unsafe { - $fun( - dst.as_mut_ptr(), - key.as_ptr() as _, - key.len().try_into().unwrap(), - data.as_ptr() as _, - data.len().try_into().unwrap(), - ) - } - dst - } - }; -} - -impl_hmac!(sha1, Hacl_HMAC_compute_sha1, 20); -impl_hmac!(sha2_256, Hacl_HMAC_compute_sha2_256, 32); -impl_hmac!(sha2_384, Hacl_HMAC_compute_sha2_384, 48); -impl_hmac!(sha2_512, Hacl_HMAC_compute_sha2_512, 64); diff --git a/libcrux-hmac/src/hmac.rs b/libcrux-hmac/src/hmac.rs index 3eea90a22..dab739650 100644 --- a/libcrux-hmac/src/hmac.rs +++ b/libcrux-hmac/src/hmac.rs @@ -3,7 +3,11 @@ //! This crate implements HMAC on SHA 1 and SHA 2 (except for SHA 224). use libcrux_hkdf as hkdf; -pub(crate) mod hacl_hmac; + +use libcrux_hacl_rs::hmac::compute_sha1 as hmac_sha1; +use libcrux_hacl_rs::hmac::compute_sha2_256 as hmac_sha256; +use libcrux_hacl_rs::hmac::compute_sha2_384 as hmac_sha384; +use libcrux_hacl_rs::hmac::compute_sha2_512 as hmac_sha512; /// The HMAC algorithm defining the used hash function. #[derive(Copy, Clone, Debug, PartialEq)] @@ -45,11 +49,12 @@ pub fn hmac(alg: Algorithm, key: &[u8], data: &[u8], tag_length: Option) Some(v) => v, None => native_tag_length, }; - let mut dst: Vec<_> = match alg { - Algorithm::Sha1 => crate::hacl_hmac::sha1(key, data).into(), - Algorithm::Sha256 => crate::hacl_hmac::sha2_256(key, data).into(), - Algorithm::Sha384 => crate::hacl_hmac::sha2_384(key, data).into(), - Algorithm::Sha512 => crate::hacl_hmac::sha2_512(key, data).into(), + let mut dst = vec![0u8; native_tag_length]; + match alg { + Algorithm::Sha1 => hmac_sha1(&mut dst, key, key.len() as u32, data, data.len() as u32), + Algorithm::Sha256 => hmac_sha256(&mut dst, key, key.len() as u32, data, data.len() as u32), + Algorithm::Sha384 => hmac_sha384(&mut dst, key, key.len() as u32, data, data.len() as u32), + Algorithm::Sha512 => hmac_sha512(&mut dst, key, key.len() as u32, data, data.len() as u32), }; dst.truncate(tag_length); dst