diff options
| author | Christian Pointner <equinox@anytun.org> | 2014-06-22 22:39:26 +0000 |
|---|---|---|
| committer | Christian Pointner <equinox@anytun.org> | 2014-06-22 22:39:26 +0000 |
| commit | a80542f71b65d67328e42792b3bb88d6547fd693 (patch) | |
| tree | c190166c97cbb426e85767ac3e7af0e806640b5a /src | |
| parent | implemented cipher using nettle (not tested yet) (diff) | |
implemented auth algo using nettle (not tested yet)
Diffstat (limited to 'src')
| -rw-r--r-- | src/authAlgo.cpp | 18 | ||||
| -rw-r--r-- | src/authAlgo.h | 3 |
2 files changed, 11 insertions, 10 deletions
diff --git a/src/authAlgo.cpp b/src/authAlgo.cpp index 0fa4a47..abc38c4 100644 --- a/src/authAlgo.cpp +++ b/src/authAlgo.cpp @@ -58,8 +58,7 @@ Sha1AuthAlgo::Sha1AuthAlgo(kd_dir_t d) : AuthAlgo(d), key_(DIGEST_LENGTH) HMAC_CTX_init(&ctx_); HMAC_Init_ex(&ctx_, NULL, 0, EVP_sha1(), NULL); #elif defined(USE_NETTLE) - // TODO: nettle - + // nothing here #else // USE_GCRYPT is the default gcry_error_t err = gcry_md_open(&handle_, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC); if(err) { @@ -74,8 +73,7 @@ Sha1AuthAlgo::~Sha1AuthAlgo() #if defined(USE_SSL_CRYPTO) HMAC_CTX_cleanup(&ctx_); #elif defined(USE_NETTLE) - // TODO: nettle - + // nothing here #else // USE_GCRYPT is the default if(handle_) { gcry_md_close(handle_); @@ -104,9 +102,11 @@ void Sha1AuthAlgo::generate(KeyDerivation& kd, EncryptedPacket& packet) HMAC_Update(&ctx_, packet.getAuthenticatedPortion(), packet.getAuthenticatedPortionLength()); HMAC_Final(&ctx_, hmac, NULL); #elif defined(USE_NETTLE) - // TODO: nettle - uint8_t hmac[DIGEST_LENGTH]; + hmac_sha1_set_key(&ctx_, key_.getLength(), key_.getBuf()); + uint8_t hmac[DIGEST_LENGTH]; + hmac_sha1_update(&ctx_, packet.getAuthenticatedPortionLength(), packet.getAuthenticatedPortion()); + hmac_sha1_digest(&ctx_, DIGEST_LENGTH, hmac); #else // USE_GCRYPT is the default gcry_error_t err = gcry_md_setkey(handle_, key_.getBuf(), key_.getLength()); if(err) { @@ -151,9 +151,11 @@ bool Sha1AuthAlgo::checkTag(KeyDerivation& kd, EncryptedPacket& packet) HMAC_Update(&ctx_, packet.getAuthenticatedPortion(), packet.getAuthenticatedPortionLength()); HMAC_Final(&ctx_, hmac, NULL); #elif defined(USE_NETTLE) - // TODO: nettle - uint8_t hmac[DIGEST_LENGTH]; + hmac_sha1_set_key(&ctx_, key_.getLength(), key_.getBuf()); + uint8_t hmac[DIGEST_LENGTH]; + hmac_sha1_update(&ctx_, packet.getAuthenticatedPortionLength(), packet.getAuthenticatedPortion()); + hmac_sha1_digest(&ctx_, DIGEST_LENGTH, hmac); #else // USE_GCRYPT is the default gcry_error_t err = gcry_md_setkey(handle_, key_.getBuf(), key_.getLength()); if(err) { diff --git a/src/authAlgo.h b/src/authAlgo.h index d58646f..1e86407 100644 --- a/src/authAlgo.h +++ b/src/authAlgo.h @@ -102,8 +102,7 @@ private: #if defined(USE_SSL_CRYPTO) HMAC_CTX ctx_; #elif defined(USE_NETTLE) - // TODO: nettle - + struct hmac_sha1_ctx ctx_; #else // USE_GCRYPT is the default gcry_md_hd_t handle_; #endif |