summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Pointner <equinox@anytun.org>2009-01-15 01:16:38 +0000
committerChristian Pointner <equinox@anytun.org>2009-01-15 01:16:38 +0000
commita16d8914427b3b769b9a00bab849158448606d53 (patch)
tree5c0beda53ade1106d471bf09631a521ae82789d0
parentported uanytun key derivation to anytun (diff)
small cleanup
-rw-r--r--src/anytun.cpp3
-rw-r--r--src/authAlgo.cpp56
-rw-r--r--src/cryptinit.hpp2
3 files changed, 23 insertions, 38 deletions
diff --git a/src/anytun.cpp b/src/anytun.cpp
index c0cb03b..3949187 100644
--- a/src/anytun.cpp
+++ b/src/anytun.cpp
@@ -34,9 +34,6 @@
#include <boost/bind.hpp>
-#ifndef NOCRYPT
-#include <gcrypt.h>
-#endif
#include <cerrno> // for ENOMEM
#include "datatypes.h"
diff --git a/src/authAlgo.cpp b/src/authAlgo.cpp
index a0b9193..3088c72 100644
--- a/src/authAlgo.cpp
+++ b/src/authAlgo.cpp
@@ -80,30 +80,23 @@ void Sha1AuthAlgo::generate(KeyDerivation& kd, kd_dir dir, EncryptedPacket& pack
if(!packet.getAuthTagLength())
return;
- bool result = kd.generate(dir, LABEL_SATP_MSG_AUTH, packet.getSeqNr(), key_);
- if(result) { // a new key got generated
+ kd.generate(dir, LABEL_SATP_MSG_AUTH, packet.getSeqNr(), key_);
#ifndef USE_SSL_CRYPTO
- gcry_error_t err = gcry_md_setkey(handle_, key_.getBuf(), key_.getLength());
- if(err) {
- char buf[STERROR_TEXT_MAX];
- buf[0] = 0;
- cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::setKey: Failed to set hmac key: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX);
- return;
- }
-#else
- HMAC_Init_ex(&ctx_, key_.getBuf(), key_.getLength(), EVP_sha1(), NULL);
- }
- else {
- HMAC_Init_ex(&ctx_, NULL, 0, NULL, NULL);
-#endif
- }
+ gcry_error_t err = gcry_md_setkey(handle_, key_.getBuf(), key_.getLength());
+ if(err) {
+ char buf[STERROR_TEXT_MAX];
+ buf[0] = 0;
+ cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::setKey: Failed to set hmac key: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX);
+ return;
+ }
-#ifndef USE_SSL_CRYPTO
gcry_md_reset(handle_);
gcry_md_write(handle_, packet.getAuthenticatedPortion(), packet.getAuthenticatedPortionLength());
gcry_md_final(handle_);
u_int8_t* hmac = gcry_md_read(handle_, 0);
#else
+ HMAC_Init_ex(&ctx_, key_.getBuf(), key_.getLength(), EVP_sha1(), NULL);
+
u_int8_t hmac[DIGEST_LENGTH];
HMAC_Update(&ctx_, packet.getAuthenticatedPortion(), packet.getAuthenticatedPortionLength());
HMAC_Final(&ctx_, hmac, NULL);
@@ -124,30 +117,23 @@ bool Sha1AuthAlgo::checkTag(KeyDerivation& kd, kd_dir dir, EncryptedPacket& pack
if(!packet.getAuthTagLength())
return true;
- bool result = kd.generate(dir, LABEL_SATP_MSG_AUTH, packet.getSeqNr(), key_);
- if(result) { // a new key got generated
-#ifndef USE_SSL_CRYPTO
- gcry_error_t err = gcry_md_setkey(handle_, key_.getBuf(), key_.getLength());
- if(err) {
- char buf[STERROR_TEXT_MAX];
- buf[0] = 0;
- cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::setKey: Failed to set hmac key: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX);
- return false;
- }
-#else
- HMAC_Init_ex(&ctx_, key_.getBuf(), key_.getLength(), EVP_sha1(), NULL);
- }
- else {
- HMAC_Init_ex(&ctx_, NULL, 0, NULL, NULL);
-#endif
- }
-
+ kd.generate(dir, LABEL_SATP_MSG_AUTH, packet.getSeqNr(), key_);
#ifndef USE_SSL_CRYPTO
+ gcry_error_t err = gcry_md_setkey(handle_, key_.getBuf(), key_.getLength());
+ if(err) {
+ char buf[STERROR_TEXT_MAX];
+ buf[0] = 0;
+ cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::setKey: Failed to set hmac key: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX);
+ return false;
+ }
+
gcry_md_reset(handle_);
gcry_md_write(handle_, packet.getAuthenticatedPortion(), packet.getAuthenticatedPortionLength());
gcry_md_final(handle_);
u_int8_t* hmac = gcry_md_read(handle_, 0);
#else
+ HMAC_Init_ex(&ctx_, key_.getBuf(), key_.getLength(), EVP_sha1(), NULL);
+
u_int8_t hmac[DIGEST_LENGTH];
HMAC_Update(&ctx_, packet.getAuthenticatedPortion(), packet.getAuthenticatedPortionLength());
HMAC_Final(&ctx_, hmac, NULL);
diff --git a/src/cryptinit.hpp b/src/cryptinit.hpp
index dd878cd..80f4e14 100644
--- a/src/cryptinit.hpp
+++ b/src/cryptinit.hpp
@@ -34,6 +34,8 @@
#ifndef NOCRYPT
#ifndef USE_SSL_CRYPTO
+#include <gcrypt.h>
+
// boost thread callbacks for libgcrypt
#if defined(BOOST_HAS_PTHREADS)