US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)
RFC 6234

 
Document Type RFC - Informational (May 2011; No errata)
Obsoletes RFC 4634
Updates RFC 3174
Was draft-eastlake-sha2b (individual in gen area)
Last updated 2013-03-02
Stream IETF
Formats plain text pdf html
Stream WG state (None)
Consensus Unknown
Document shepherd No shepherd assigned
IESG IESG state RFC 6234 (Informational)
Telechat date
Responsible AD Russ Housley
Send notices to d3e3e3@gmail.com, tony+shs@maillennium.att.com
Internet Engineering Task Force (IETF)                   D. Eastlake 3rd
Request for Comments: 6234                                        Huawei
Obsoletes: 4634                                                T. Hansen
Updates: 3174                                                  AT&T Labs
Category: Informational                                         May 2011
ISSN: 2070-1721

                       US Secure Hash Algorithms
                   (SHA and SHA-based HMAC and HKDF)

Abstract

   The United States of America has adopted a suite of Secure Hash
   Algorithms (SHAs), including four beyond SHA-1, as part of a Federal
   Information Processing Standard (FIPS), namely SHA-224, SHA-256,
   SHA-384, and SHA-512.  This document makes open source code
   performing these SHA hash functions conveniently available to the
   Internet community.  The sample code supports input strings of
   arbitrary bit length.  Much of the text herein was adapted by the
   authors from FIPS 180-2.

   This document replaces RFC 4634, fixing errata and adding code for an
   HMAC-based extract-and-expand Key Derivation Function, HKDF (RFC
   5869).  As with RFC 4634, code to perform SHA-based Hashed Message
   Authentication Codes (HMACs) is also included.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Not all documents
   approved by the IESG are a candidate for any level of Internet
   Standard; see Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc6234.

Eastlake & Hansen             Informational                     [Page 1]
RFC 6234                SHAs, HMAC-SHAs, and HKDF               May 2011

Copyright Notice

   Copyright (c) 2011 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Eastlake & Hansen             Informational                     [Page 2]
RFC 6234                SHAs, HMAC-SHAs, and HKDF               May 2011

Table of Contents

   1. Overview of Contents ............................................4
   2. Notation for Bit Strings and Integers ...........................5
   3. Operations on Words .............................................6
   4. Message Padding and Parsing .....................................8
      4.1. SHA-224 and SHA-256 ........................................8
      4.2. SHA-384 and SHA-512 ........................................9
   5. Functions and Constants Used ...................................10
      5.1. SHA-224 and SHA-256 .......................................10
      5.2. SHA-384 and SHA-512 .......................................11
   6. Computing the Message Digest ...................................12
      6.1. SHA-224 and SHA-256 Initialization ........................12
      6.2. SHA-224 and SHA-256 Processing ............................13
      6.3. SHA-384 and SHA-512 Initialization ........................14
      6.4. SHA-384 and SHA-512 Processing ............................15
   7. HKDF- and SHA-Based HMACs ......................................17
      7.1. SHA-Based HMACs ...........................................17
      7.2. HKDF ......................................................17
   8. C Code for SHAs, HMAC, and HKDF ................................17
      8.1. The Header Files ..........................................21
           8.1.1. The .h file ........................................21
           8.1.2. stdint-example.h ...................................29
           8.1.3. sha-private.h ......................................29
      8.2. The SHA Code ..............................................30
           8.2.1. sha1.c .............................................30
           8.2.2. sha224-256.c .......................................39
Show full document text