Chapter 5 Non-Cryptographic Operations 163
Hash-Based Message Authentication Code
Once you have properly initialized the key object, you can call B_DigestInit. The
Reference Manual Chapter 4 entry on
B_DigestInit shows that it requires four
arguments. The first argument is the algorithm object; the second is the key object.
The third is an algorithm chooser. The fourth is a surrender context; this is a fast
function, so it is reasonable to pass a properly cast
NULL_PTR:
Step 4: Update
Once you have set the algorithm object, you can create the message authentication
code by calling
B_DigestUpdate for all of the data to digest:
/* Complete Steps 1-4 of Generating Random Numbers */
/* Generate KEY_SIZE bytes of random data for the key. */
if ((status = B_GenerateRandomBytes
(randomAlgorithm, keyData, KEY_SIZE,
(A_SURRENDER_CTX *)NULL_PTR)) != 0)
break;
keyDataItem.data = keyData;
keyDataItem.len = key_Size;
/* Set the key object */
if ((status = B_SetKeyInfo (HMACKey, KI_Item, (pointer) & keyDataItem)) != 0)
break;
B_ALGORITHM_METHOD *HMAC_CHOOSER[] = {
&AM_SHA,
&AM_SHA_RANDOM,
(B_ALGORITHM_METHOD *)NULL_PTR
};
if ((status = B_DigestInit
(HMACDigester, HMACKey, HMAC_CHOOSER,
(A_SURRENDER_CTX *)NULL_PTR)) != 0)
break;
unsigned char dataToDigest[] = "Digest this sentence.";
unsigned int dataToDigestLen = strlen (dataToDigest);
if ((status = B_DigestUpdate
(HMACDigester, dataToDigest, dataToDigestLen,
(A_SURRENDER_CTX *)NULL_PTR)) != 0)
break;
