summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Pointner <equinox@anytun.org>2014-06-21 19:16:11 +0000
committerChristian Pointner <equinox@anytun.org>2014-06-21 19:16:11 +0000
commit7e12caca626bdbee7a351ab1fb3244b8c99224f3 (patch)
tree7fde35ded9ca6c51aa301822c2dcc08e03440a61 /src
parentimplemented cipher with nettle (not tested yet) (diff)
implemented auth tag with nettle (not tested yet)
Diffstat (limited to 'src')
-rw-r--r--src/auth_algo.c26
-rw-r--r--src/auth_algo.h3
2 files changed, 15 insertions, 14 deletions
diff --git a/src/auth_algo.c b/src/auth_algo.c
index 87ea472..e1f5de5 100644
--- a/src/auth_algo.c
+++ b/src/auth_algo.c
@@ -152,15 +152,14 @@ int auth_algo_sha1_init(auth_algo_t* aa)
if(!aa->params_)
return -2;
- auth_algo_sha1_param_t* params = aa->params_;
-
#if defined(USE_SSL_CRYPTO)
+ auth_algo_sha1_param_t* params = aa->params_;
HMAC_CTX_init(&params->ctx_);
HMAC_Init_ex(&params->ctx_, NULL, 0, EVP_sha1(), NULL);
#elif defined(USE_NETTLE)
- // TODO: nettle
-
+ // nothing here
#else // USE_GCRYPT is the default
+ auth_algo_sha1_param_t* params = aa->params_;
gcry_error_t err = gcry_md_open(&params->handle_, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC);
if(err) {
log_printf(ERROR, "failed to open message digest algo: %s", gcry_strerror(err));
@@ -177,14 +176,13 @@ void auth_algo_sha1_close(auth_algo_t* aa)
return;
if(aa->params_) {
- auth_algo_sha1_param_t* params = aa->params_;
-
#if defined(USE_SSL_CRYPTO)
+ auth_algo_sha1_param_t* params = aa->params_;
HMAC_CTX_cleanup(&params->ctx_);
#elif defined(USE_NETTLE)
- // TODO: nettle
-
+ // nothing here
#else // USE_GCRYPT is the default
+ auth_algo_sha1_param_t* params = aa->params_;
if(params->handle_)
gcry_md_close(params->handle_);
#endif
@@ -220,9 +218,11 @@ void auth_algo_sha1_generate(auth_algo_t* aa, key_derivation_t* kd, key_derivati
HMAC_Update(&params->ctx_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet));
HMAC_Final(&params->ctx_, hmac, NULL);
#elif defined(USE_NETTLE)
- // TODO: nettle
- u_int8_t hmac[SHA1_LENGTH];
+ hmac_sha1_set_key(&params->ctx_, aa->key_.length_, aa->key_.buf_);
+ u_int8_t hmac[SHA1_LENGTH];
+ hmac_sha1_update(&params->ctx_, encrypted_packet_get_auth_portion_length(packet), encrypted_packet_get_auth_portion(packet));
+ hmac_sha1_digest(&params->ctx_, SHA1_LENGTH, hmac);
#else // USE_GCRYPT is the default
gcry_error_t err = gcry_md_setkey(params->handle_, aa->key_.buf_, aa->key_.length_);
if(err) {
@@ -272,9 +272,11 @@ int auth_algo_sha1_check_tag(auth_algo_t* aa, key_derivation_t* kd, key_derivati
HMAC_Update(&params->ctx_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet));
HMAC_Final(&params->ctx_, hmac, NULL);
#elif defined(USE_NETTLE)
- // TODO: nettle
- u_int8_t hmac[SHA1_LENGTH];
+ hmac_sha1_set_key(&params->ctx_, aa->key_.length_, aa->key_.buf_);
+ u_int8_t hmac[SHA1_LENGTH];
+ hmac_sha1_update(&params->ctx_, encrypted_packet_get_auth_portion_length(packet), encrypted_packet_get_auth_portion(packet));
+ hmac_sha1_digest(&params->ctx_, SHA1_LENGTH, hmac);
#else // USE_GCRYPT is the default
gcry_error_t err = gcry_md_setkey(params->handle_, aa->key_.buf_, aa->key_.length_);
if(err) {
diff --git a/src/auth_algo.h b/src/auth_algo.h
index e800c8e..b8a20b8 100644
--- a/src/auth_algo.h
+++ b/src/auth_algo.h
@@ -71,8 +71,7 @@ struct auth_algo_sha1_param_struct {
#if defined(USE_SSL_CRYPTO)
HMAC_CTX ctx_;
#elif defined(USE_NETTLE)
- // TOOD: nettle
-
+ struct hmac_sha1_ctx ctx_;
#else // USE_GCRYPT is the default
gcry_md_hd_t handle_;
#endif