diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2012-06-22 11:28:10 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2012-06-25 16:35:06 +0200 |
| commit | 903093d439c4bc5d6083c07b4a6aa410cf90216e (patch) | |
| tree | d7c609779bc80370452fc13bc3ffe268641e6993 | |
| parent | 73d032e41276ecca3b1b7c7f95c805a649113b48 (diff) | |
| download | strongswan-903093d439c4bc5d6083c07b4a6aa410cf90216e.tar.bz2 strongswan-903093d439c4bc5d6083c07b4a6aa410cf90216e.tar.xz | |
hasher_algorithm_from_integrity() optionally returns truncation length
| -rw-r--r-- | src/libstrongswan/crypto/hashers/hasher.c | 36 | ||||
| -rw-r--r-- | src/libstrongswan/crypto/hashers/hasher.h | 13 | ||||
| -rw-r--r-- | src/scepclient/scepclient.c | 3 |
3 files changed, 45 insertions, 7 deletions
diff --git a/src/libstrongswan/crypto/hashers/hasher.c b/src/libstrongswan/crypto/hashers/hasher.c index 6cf828a36..580976222 100644 --- a/src/libstrongswan/crypto/hashers/hasher.c +++ b/src/libstrongswan/crypto/hashers/hasher.c @@ -68,9 +68,41 @@ hash_algorithm_t hasher_algorithm_from_oid(int oid) /* * Described in header. */ -hash_algorithm_t hasher_algorithm_from_integrity(integrity_algorithm_t integrity) +hash_algorithm_t hasher_algorithm_from_integrity(integrity_algorithm_t alg, + size_t *length) { - switch (integrity) + if (length) + { + switch (alg) + { + case AUTH_HMAC_MD5_96: + case AUTH_HMAC_SHA1_96: + case AUTH_HMAC_SHA2_256_96: + *length = 12; + break; + case AUTH_HMAC_MD5_128: + case AUTH_HMAC_SHA1_128: + case AUTH_HMAC_SHA2_256_128: + *length = 16; + break; + case AUTH_HMAC_SHA1_160: + *length = 20; + break; + case AUTH_HMAC_SHA2_384_192: + *length = 24; + break; + case AUTH_HMAC_SHA2_256_256: + case AUTH_HMAC_SHA2_512_256: + *length = 32; + break; + case AUTH_HMAC_SHA2_384_384: + *length = 48; + break; + default: + break; + } + } + switch (alg) { case AUTH_HMAC_MD5_96: case AUTH_HMAC_MD5_128: diff --git a/src/libstrongswan/crypto/hashers/hasher.h b/src/libstrongswan/crypto/hashers/hasher.h index 4d0d66fcf..5325e017b 100644 --- a/src/libstrongswan/crypto/hashers/hasher.h +++ b/src/libstrongswan/crypto/hashers/hasher.h @@ -101,7 +101,7 @@ struct hasher_t { size_t (*get_hash_size) (hasher_t *this); /** - * Resets the hashers state. + * Resets the hasher's state. */ void (*reset) (hasher_t *this); @@ -115,17 +115,22 @@ struct hasher_t { * Conversion of ASN.1 OID to hash algorithm. * * @param oid ASN.1 OID - * @return hash algorithm, HASH_UNKNOWN if OID unsuported + * @return hash algorithm, HASH_UNKNOWN if OID unsupported */ hash_algorithm_t hasher_algorithm_from_oid(int oid); /** * Conversion of integrity algorithm to hash algorithm (if based on one). * - * @param integrity integrity algorithm + * If length is not NULL the length of the resulting signature is returned, + * which might be smaller than the output size of the underlying hash. + * + * @param alg integrity algorithm + * @param length returns signature length, if not NULL * @return hash algorithm, HASH_UNKNOWN if not based on a hash */ -hash_algorithm_t hasher_algorithm_from_integrity(integrity_algorithm_t integrity); +hash_algorithm_t hasher_algorithm_from_integrity(integrity_algorithm_t alg, + size_t *length); /** * Conversion of hash algorithm into ASN.1 OID. diff --git a/src/scepclient/scepclient.c b/src/scepclient/scepclient.c index 56aafa415..76d639a84 100644 --- a/src/scepclient/scepclient.c +++ b/src/scepclient/scepclient.c @@ -851,7 +851,8 @@ int main(int argc, char **argv) { usage("invalid algorithm specified"); } - hash = hasher_algorithm_from_integrity(token->algorithm); + hash = hasher_algorithm_from_integrity(token->algorithm, + NULL); if (hash == OID_UNKNOWN) { usage("invalid algorithm specified"); |