summaryrefslogtreecommitdiff
path: root/src/auth_algo.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/auth_algo.c')
-rw-r--r--src/auth_algo.c62
1 files changed, 39 insertions, 23 deletions
diff --git a/src/auth_algo.c b/src/auth_algo.c
index e9b6d0f..e1f5de5 100644
--- a/src/auth_algo.c
+++ b/src/auth_algo.c
@@ -152,17 +152,19 @@ int auth_algo_sha1_init(auth_algo_t* aa)
if(!aa->params_)
return -2;
+#if defined(USE_SSL_CRYPTO)
+ auth_algo_sha1_param_t* params = aa->params_;
+ HMAC_CTX_init(&params->ctx_);
+ HMAC_Init_ex(&params->ctx_, NULL, 0, EVP_sha1(), NULL);
+#elif defined(USE_NETTLE)
+ // nothing here
+#else // USE_GCRYPT is the default
auth_algo_sha1_param_t* params = aa->params_;
-
-#ifndef USE_SSL_CRYPTO
gcry_error_t err = gcry_md_open(&params->handle_, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC);
if(err) {
log_printf(ERROR, "failed to open message digest algo: %s", gcry_strerror(err));
return -1;
}
-#else
- HMAC_CTX_init(&params->ctx_);
- HMAC_Init_ex(&params->ctx_, NULL, 0, EVP_sha1(), NULL);
#endif
return 0;
@@ -174,13 +176,15 @@ void auth_algo_sha1_close(auth_algo_t* aa)
return;
if(aa->params_) {
+#if defined(USE_SSL_CRYPTO)
+ auth_algo_sha1_param_t* params = aa->params_;
+ HMAC_CTX_cleanup(&params->ctx_);
+#elif defined(USE_NETTLE)
+ // nothing here
+#else // USE_GCRYPT is the default
auth_algo_sha1_param_t* params = aa->params_;
-
-#ifndef USE_SSL_CRYPTO
if(params->handle_)
gcry_md_close(params->handle_);
-#else
- HMAC_CTX_cleanup(&params->ctx_);
#endif
free(aa->params_);
@@ -207,7 +211,19 @@ void auth_algo_sha1_generate(auth_algo_t* aa, key_derivation_t* kd, key_derivati
if(ret < 0)
return;
-#ifndef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
+ HMAC_Init_ex(&params->ctx_, aa->key_.buf_, aa->key_.length_, EVP_sha1(), NULL);
+
+ u_int8_t hmac[SHA1_LENGTH];
+ HMAC_Update(&params->ctx_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet));
+ HMAC_Final(&params->ctx_, hmac, NULL);
+#elif defined(USE_NETTLE)
+ hmac_sha1_set_key(&params->ctx_, aa->key_.length_, aa->key_.buf_);
+
+ u_int8_t hmac[SHA1_LENGTH];
+ hmac_sha1_update(&params->ctx_, encrypted_packet_get_auth_portion_length(packet), encrypted_packet_get_auth_portion(packet));
+ hmac_sha1_digest(&params->ctx_, SHA1_LENGTH, hmac);
+#else // USE_GCRYPT is the default
gcry_error_t err = gcry_md_setkey(params->handle_, aa->key_.buf_, aa->key_.length_);
if(err) {
log_printf(ERROR, "failed to set hmac key: %s", gcry_strerror(err));
@@ -218,12 +234,6 @@ void auth_algo_sha1_generate(auth_algo_t* aa, key_derivation_t* kd, key_derivati
gcry_md_write(params->handle_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet));
gcry_md_final(params->handle_);
u_int8_t* hmac = gcry_md_read(params->handle_, 0);
-#else
- HMAC_Init_ex(&params->ctx_, aa->key_.buf_, aa->key_.length_, EVP_sha1(), NULL);
-
- u_int8_t hmac[SHA1_LENGTH];
- HMAC_Update(&params->ctx_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet));
- HMAC_Final(&params->ctx_, hmac, NULL);
#endif
u_int8_t* tag = encrypted_packet_get_auth_tag(packet);
@@ -255,7 +265,19 @@ int auth_algo_sha1_check_tag(auth_algo_t* aa, key_derivation_t* kd, key_derivati
if(ret < 0)
return 0;
-#ifndef USE_SSL_CRYPTO
+#if defined(USE_SSL_CRYPTO)
+ HMAC_Init_ex(&params->ctx_, aa->key_.buf_, aa->key_.length_, EVP_sha1(), NULL);
+
+ u_int8_t hmac[SHA1_LENGTH];
+ HMAC_Update(&params->ctx_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet));
+ HMAC_Final(&params->ctx_, hmac, NULL);
+#elif defined(USE_NETTLE)
+ hmac_sha1_set_key(&params->ctx_, aa->key_.length_, aa->key_.buf_);
+
+ u_int8_t hmac[SHA1_LENGTH];
+ hmac_sha1_update(&params->ctx_, encrypted_packet_get_auth_portion_length(packet), encrypted_packet_get_auth_portion(packet));
+ hmac_sha1_digest(&params->ctx_, SHA1_LENGTH, hmac);
+#else // USE_GCRYPT is the default
gcry_error_t err = gcry_md_setkey(params->handle_, aa->key_.buf_, aa->key_.length_);
if(err) {
log_printf(ERROR, "failed to set hmac key: %s", gcry_strerror(err));
@@ -266,12 +288,6 @@ int auth_algo_sha1_check_tag(auth_algo_t* aa, key_derivation_t* kd, key_derivati
gcry_md_write(params->handle_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet));
gcry_md_final(params->handle_);
u_int8_t* hmac = gcry_md_read(params->handle_, 0);
-#else
- HMAC_Init_ex(&params->ctx_, aa->key_.buf_, aa->key_.length_, EVP_sha1(), NULL);
-
- u_int8_t hmac[SHA1_LENGTH];
- HMAC_Update(&params->ctx_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet));
- HMAC_Final(&params->ctx_, hmac, NULL);
#endif
u_int8_t* tag = encrypted_packet_get_auth_tag(packet);