diff options
| author | Christian Pointner <equinox@anytun.org> | 2014-06-21 19:16:11 +0000 |
|---|---|---|
| committer | Christian Pointner <equinox@anytun.org> | 2014-06-21 19:16:11 +0000 |
| commit | 7e12caca626bdbee7a351ab1fb3244b8c99224f3 (patch) | |
| tree | 7fde35ded9ca6c51aa301822c2dcc08e03440a61 | |
| parent | implemented cipher with nettle (not tested yet) (diff) | |
implemented auth tag with nettle (not tested yet)
| -rw-r--r-- | src/auth_algo.c | 26 | ||||
| -rw-r--r-- | src/auth_algo.h | 3 |
2 files changed, 15 insertions, 14 deletions
diff --git a/src/auth_algo.c b/src/auth_algo.c index 87ea472..e1f5de5 100644 --- a/src/auth_algo.c +++ b/src/auth_algo.c @@ -152,15 +152,14 @@ int auth_algo_sha1_init(auth_algo_t* aa) if(!aa->params_) return -2; - auth_algo_sha1_param_t* params = aa->params_; - #if defined(USE_SSL_CRYPTO) + auth_algo_sha1_param_t* params = aa->params_; HMAC_CTX_init(¶ms->ctx_); HMAC_Init_ex(¶ms->ctx_, NULL, 0, EVP_sha1(), NULL); #elif defined(USE_NETTLE) - // TODO: nettle - + // nothing here #else // USE_GCRYPT is the default + auth_algo_sha1_param_t* params = aa->params_; gcry_error_t err = gcry_md_open(¶ms->handle_, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC); if(err) { log_printf(ERROR, "failed to open message digest algo: %s", gcry_strerror(err)); @@ -177,14 +176,13 @@ void auth_algo_sha1_close(auth_algo_t* aa) return; if(aa->params_) { - auth_algo_sha1_param_t* params = aa->params_; - #if defined(USE_SSL_CRYPTO) + auth_algo_sha1_param_t* params = aa->params_; HMAC_CTX_cleanup(¶ms->ctx_); #elif defined(USE_NETTLE) - // TODO: nettle - + // nothing here #else // USE_GCRYPT is the default + auth_algo_sha1_param_t* params = aa->params_; if(params->handle_) gcry_md_close(params->handle_); #endif @@ -220,9 +218,11 @@ void auth_algo_sha1_generate(auth_algo_t* aa, key_derivation_t* kd, key_derivati HMAC_Update(¶ms->ctx_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet)); HMAC_Final(¶ms->ctx_, hmac, NULL); #elif defined(USE_NETTLE) - // TODO: nettle - u_int8_t hmac[SHA1_LENGTH]; + hmac_sha1_set_key(¶ms->ctx_, aa->key_.length_, aa->key_.buf_); + u_int8_t hmac[SHA1_LENGTH]; + hmac_sha1_update(¶ms->ctx_, encrypted_packet_get_auth_portion_length(packet), encrypted_packet_get_auth_portion(packet)); + hmac_sha1_digest(¶ms->ctx_, SHA1_LENGTH, hmac); #else // USE_GCRYPT is the default gcry_error_t err = gcry_md_setkey(params->handle_, aa->key_.buf_, aa->key_.length_); if(err) { @@ -272,9 +272,11 @@ int auth_algo_sha1_check_tag(auth_algo_t* aa, key_derivation_t* kd, key_derivati HMAC_Update(¶ms->ctx_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet)); HMAC_Final(¶ms->ctx_, hmac, NULL); #elif defined(USE_NETTLE) - // TODO: nettle - u_int8_t hmac[SHA1_LENGTH]; + hmac_sha1_set_key(¶ms->ctx_, aa->key_.length_, aa->key_.buf_); + u_int8_t hmac[SHA1_LENGTH]; + hmac_sha1_update(¶ms->ctx_, encrypted_packet_get_auth_portion_length(packet), encrypted_packet_get_auth_portion(packet)); + hmac_sha1_digest(¶ms->ctx_, SHA1_LENGTH, hmac); #else // USE_GCRYPT is the default gcry_error_t err = gcry_md_setkey(params->handle_, aa->key_.buf_, aa->key_.length_); if(err) { diff --git a/src/auth_algo.h b/src/auth_algo.h index e800c8e..b8a20b8 100644 --- a/src/auth_algo.h +++ b/src/auth_algo.h @@ -71,8 +71,7 @@ struct auth_algo_sha1_param_struct { #if defined(USE_SSL_CRYPTO) HMAC_CTX ctx_; #elif defined(USE_NETTLE) - // TOOD: nettle - + struct hmac_sha1_ctx ctx_; #else // USE_GCRYPT is the default gcry_md_hd_t handle_; #endif |