8 files changed, 132 insertions, 562 deletions
diff --git a/src/libstrongswan/plugins/openssl/Makefile.am b/src/libstrongswan/plugins/openssl/Makefile.am
index 0a4586982..c59888663 100644
--- a/src/libstrongswan/plugins/openssl/Makefile.am
+++ b/src/libstrongswan/plugins/openssl/Makefile.am
@@ -24,9 +24,7 @@ libstrongswan_openssl_la_SOURCES = \
 	openssl_x509.c openssl_x509.h \
 	openssl_crl.c openssl_crl.h \
 	openssl_rng.c openssl_rng.h \
-	openssl_hmac.c openssl_hmac.h \
-	openssl_hmac_prf.c openssl_hmac_prf.h \
-	openssl_hmac_signer.c openssl_hmac_signer.h
+	openssl_hmac.c openssl_hmac.h
 
 libstrongswan_openssl_la_LDFLAGS = -module -avoid-version
 libstrongswan_openssl_la_LIBADD  = -lcrypto
diff --git a/src/libstrongswan/plugins/openssl/openssl_hmac.c b/src/libstrongswan/plugins/openssl/openssl_hmac.c
index fa882382e..07f5f6ba0 100644
--- a/src/libstrongswan/plugins/openssl/openssl_hmac.c
+++ b/src/libstrongswan/plugins/openssl/openssl_hmac.c
@@ -40,17 +40,21 @@
 
 #include "openssl_hmac.h"
 
-typedef struct private_openssl_hmac_t private_openssl_hmac_t;
+#include <crypto/hmacs/hmac.h>
+#include <crypto/hmacs/hmac_prf.h>
+#include <crypto/hmacs/hmac_signer.h>
+
+typedef struct private_hmac_t private_hmac_t;
 
 /**
- * Private data of a openssl_hmac_t object.
+ * Private data of a hmac_t object.
  */
-struct private_openssl_hmac_t {
+struct private_hmac_t {
 
 	/**
 	 * Public interface
 	 */
-	openssl_hmac_t public;
+	hmac_t public;
 
 	/**
 	 * Hasher to use
@@ -71,13 +75,13 @@ struct private_openssl_hmac_t {
 /**
  * Resets HMAC context
  */
-static void reset(private_openssl_hmac_t *this)
+static void reset(private_hmac_t *this)
 {
 	HMAC_Init_ex(&this->hmac, this->key.ptr, this->key.len, this->hasher, NULL);
 }
 
-METHOD(openssl_hmac_t, get_mac, void,
-	private_openssl_hmac_t *this, chunk_t data, u_int8_t *out)
+METHOD(hmac_t, get_mac, void,
+	private_hmac_t *this, chunk_t data, u_int8_t *out)
 {
 	if (out == NULL)
 	{
@@ -91,36 +95,22 @@ METHOD(openssl_hmac_t, get_mac, void,
 	}
 }
 
-METHOD(openssl_hmac_t, allocate_mac, void,
-	private_openssl_hmac_t *this, chunk_t data, chunk_t *out)
-{
-	if (out == NULL)
-	{
-		get_mac(this, data, NULL);
-	}
-	else
-	{
-		*out = chunk_alloc(EVP_MD_size(this->hasher));
-		get_mac(this, data, out->ptr);
-	}
-}
-
-METHOD(openssl_hmac_t, get_block_size, size_t,
-	private_openssl_hmac_t *this)
+METHOD(hmac_t, get_mac_size, size_t,
+	private_hmac_t *this)
 {
 	return EVP_MD_size(this->hasher);
 }
 
-METHOD(openssl_hmac_t, set_key, void,
-	private_openssl_hmac_t *this, chunk_t key)
+METHOD(hmac_t, set_key, void,
+	private_hmac_t *this, chunk_t key)
 {
 	chunk_clear(&this->key);
 	this->key = chunk_clone(key);
 	reset(this);
 }
 
-METHOD(openssl_hmac_t, destroy, void,
-	private_openssl_hmac_t *this)
+METHOD(hmac_t, destroy, void,
+	private_hmac_t *this)
 {
 	HMAC_CTX_cleanup(&this->hmac);
 	chunk_clear(&this->key);
@@ -128,17 +118,16 @@ METHOD(openssl_hmac_t, destroy, void,
 }
 
 /*
- * Described in header
+ * Create an OpenSSL-backed implementation of the hmac_t interface
  */
-openssl_hmac_t *openssl_hmac_create(hash_algorithm_t algo)
+static hmac_t *hmac_create(hash_algorithm_t algo)
 {
-	private_openssl_hmac_t *this;
+	private_hmac_t *this;
 
 	INIT(this,
 		.public = {
 			.get_mac = _get_mac,
-			.allocate_mac = _allocate_mac,
-			.get_block_size = _get_block_size,
+			.get_mac_size = _get_mac_size,
 			.set_key = _set_key,
 			.destroy = _destroy,
 		},
@@ -175,3 +164,99 @@ openssl_hmac_t *openssl_hmac_create(hash_algorithm_t algo)
 
 	return &this->public;
 }
+
+/*
+ * Described in header
+ */
+prf_t *openssl_hmac_prf_create(pseudo_random_function_t algo)
+{
+	hmac_t *hmac = NULL;
+
+	switch (algo)
+	{
+		case PRF_HMAC_SHA1:
+			hmac = hmac_create(HASH_SHA1);
+			break;
+		case PRF_HMAC_MD5:
+			hmac = hmac_create(HASH_MD5);
+			break;
+		case PRF_HMAC_SHA2_256:
+			hmac = hmac_create(HASH_SHA256);
+			break;
+		case PRF_HMAC_SHA2_384:
+			hmac = hmac_create(HASH_SHA384);
+			break;
+		case PRF_HMAC_SHA2_512:
+			hmac = hmac_create(HASH_SHA512);
+			break;
+		default:
+			break;
+	}
+	if (hmac)
+	{
+		return hmac_prf_create(hmac);
+	}
+	return NULL;
+}
+
+/*
+ * Described in header
+ */
+signer_t *openssl_hmac_signer_create(integrity_algorithm_t algo)
+{
+	hmac_t *hmac = NULL;
+	size_t trunc = 0;
+
+	switch (algo)
+	{
+		case AUTH_HMAC_MD5_96:
+			hmac = hmac_create(HASH_MD5);
+			trunc = 12;
+			break;
+		case AUTH_HMAC_MD5_128:
+			hmac = hmac_create(HASH_MD5);
+			trunc = 16;
+			break;
+		case AUTH_HMAC_SHA1_96:
+			hmac = hmac_create(HASH_SHA1);
+			trunc = 12;
+			break;
+		case AUTH_HMAC_SHA1_128:
+			hmac = hmac_create(HASH_SHA1);
+			trunc = 16;
+			break;
+		case AUTH_HMAC_SHA1_160:
+			hmac = hmac_create(HASH_SHA1);
+			trunc = 20;
+			break;
+		case AUTH_HMAC_SHA2_256_128:
+			hmac = hmac_create(HASH_SHA256);
+			trunc = 16;
+			break;
+		case AUTH_HMAC_SHA2_256_256:
+			hmac = hmac_create(HASH_SHA256);
+			trunc = 32;
+			break;
+		case AUTH_HMAC_SHA2_384_192:
+			hmac = hmac_create(HASH_SHA384);
+			trunc = 24;
+			break;
+		case AUTH_HMAC_SHA2_384_384:
+			hmac = hmac_create(HASH_SHA384);
+			trunc = 48;
+			break;
+		case AUTH_HMAC_SHA2_512_256:
+			hmac = hmac_create(HASH_SHA512);
+			trunc = 32;
+			break;
+		default:
+			break;
+	}
+	if (hmac)
+	{
+		return hmac_signer_create(hmac, trunc);
+	}
+	return NULL;
+}
+
+
diff --git a/src/libstrongswan/plugins/openssl/openssl_hmac.h b/src/libstrongswan/plugins/openssl/openssl_hmac.h
index 175513c2f..95ab6bfc3 100644
--- a/src/libstrongswan/plugins/openssl/openssl_hmac.h
+++ b/src/libstrongswan/plugins/openssl/openssl_hmac.h
@@ -14,6 +14,8 @@
  */
 
 /**
+ * Implements HMAC based PRF and signer using OpenSSL's HMAC functions.
+ *
  * @defgroup openssl_hmac openssl_hmac
  * @{ @ingroup openssl_p
  */
@@ -21,70 +23,23 @@
 #ifndef OPENSSL_HMAC_H_
 #define OPENSSL_HMAC_H_
 
-typedef struct openssl_hmac_t openssl_hmac_t;
-
-#include <crypto/hashers/hasher.h>
+#include <crypto/prfs/prf.h>
+#include <crypto/signers/signer.h>
 
 /**
- * Simple wrapper around OpenSSL's functions to calculate HMAC message
- * authentication codes
+ * Creates a new prf_t object based on an HMAC.
+ *
+ * @param algo		algorithm to implement
+ * @return			prf_t object, NULL if not supported
  */
-struct openssl_hmac_t {
-
-	/**
-	 * Generate message authentication code.
-	 *
-	 * If out is NULL, no result is given back.  A next call will
-	 * append the data to already supplied data.  If out is not NULL,
-	 * the mac of all apended data is calculated, written to out and the
-	 * internal state is reset.
-	 *
-	 * @param data		chunk of data to authenticate
-	 * @param out		pointer where the generated bytes will be written
-	 */
-	void (*get_mac)(openssl_hmac_t *this, chunk_t data, u_int8_t *out);
-
-	/**
-	 * Generates message authentication code and allocates memory for it.
-	 *
-	 * If out is NULL, no result is given back.  A next call will
-	 * append the data to already supplied data.  If out is not NULL,
-	 * the mac of all apended data is calculated, returned in out and the
-	 * internal state is reset;
-	 *
-	 * @param data		chunk of data to authenticate
-	 * @param out		chunk which will hold generated bytes
-	 */
-	void (*allocate_mac)(openssl_hmac_t *this, chunk_t data, chunk_t *out);
-
-	/**
-	 * Get the size of the resulting MAC.
-	 *
-	 * @return			block size in bytes
-	 */
-	size_t (*get_block_size)(openssl_hmac_t *this);
-
-	/**
-	 * Set the key to be used for the HMAC.
-	 *
-	 * Any key length is accepted.
-	 *
-	 * @param key		key to set
-	 */
-	void (*set_key)(openssl_hmac_t *this, chunk_t key);
-
-	/**
-	 * Destroys an openssl_hmac_t object.
-	 */
-	void (*destroy)(openssl_hmac_t *this);
-};
+prf_t *openssl_hmac_prf_create(pseudo_random_function_t algo);
 
 /**
- * Creates a new openssl_hmac_t object.
+ * Creates a new signer_t object based on an HMAC.
  *
- * @param algo			hash algorithm to use
- * @return				openssl_hmac_t object, NULL if not supported
+ * @param algo		algorithm to implement
+ * @return			signer_t, NULL if not supported
  */
-openssl_hmac_t *openssl_hmac_create(hash_algorithm_t algo);
+signer_t *openssl_hmac_signer_create(integrity_algorithm_t algo);
 
 #endif /** OPENSSL_HMAC_H_ @}*/
diff --git a/src/libstrongswan/plugins/openssl/openssl_hmac_prf.c b/src/libstrongswan/plugins/openssl/openssl_hmac_prf.c
deleted file mode 100644
index fc2285c05..000000000
--- a/src/libstrongswan/plugins/openssl/openssl_hmac_prf.c
+++ /dev/null
@@ -1,146 +0,0 @@
-/*
- * Copyright (C) 2012 Tobias Brunner
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-/*
- * Copyright (C) 2012 Aleksandr Grinberg
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- * THE SOFTWARE.
- */
-
-
-#include "openssl_hmac.h"
-#include "openssl_hmac_prf.h"
-
-typedef struct private_openssl_hmac_prf_t private_openssl_hmac_prf_t;
-
-/**
- * Private data of openssl_hmac_prf_t
- */
-struct private_openssl_hmac_prf_t {
-
-	/**
-	 * Public part of this class.
-	 */
-	openssl_hmac_prf_t public;
-
-	/**
-	 * OpenSSL based HMAC implementation
-	 */
-	openssl_hmac_t *hmac;
-};
-
-METHOD(prf_t, get_block_size, size_t,
-	private_openssl_hmac_prf_t *this)
-{
-	return this->hmac->get_block_size(this->hmac);
-}
-
-METHOD(prf_t, get_key_size, size_t,
-	private_openssl_hmac_prf_t *this)
-{
-	/* for HMAC prfs, IKEv2 uses block size as key size */
-	return this->hmac->get_block_size(this->hmac);
-}
-
-METHOD(prf_t, get_bytes, void,
-	private_openssl_hmac_prf_t *this, chunk_t seed, u_int8_t *out)
-{
-	this->hmac->get_mac(this->hmac, seed, out);
-}
-
-METHOD(prf_t, allocate_bytes, void,
-	private_openssl_hmac_prf_t *this, chunk_t seed, chunk_t *out)
-{
-	this->hmac->allocate_mac(this->hmac, seed, out);
-}
-
-METHOD(prf_t, set_key, void,
-	private_openssl_hmac_prf_t *this, chunk_t key)
-{
-	this->hmac->set_key(this->hmac, key);
-}
-
-METHOD(prf_t, destroy, void,
-	private_openssl_hmac_prf_t *this)
-{
-	this->hmac->destroy(this->hmac);
-	free(this);
-}
-
-/*
- * Described in header
- */
-openssl_hmac_prf_t *openssl_hmac_prf_create(pseudo_random_function_t algo)
-{
-	private_openssl_hmac_prf_t *this;
-	openssl_hmac_t *hmac = NULL;
-
-	switch (algo)
-	{
-		case PRF_HMAC_MD5:
-			hmac = openssl_hmac_create(HASH_MD5);
-			break;
-		case PRF_HMAC_SHA1:
-			hmac = openssl_hmac_create(HASH_SHA1);
-			break;
-		case PRF_HMAC_SHA2_256:
-			hmac = openssl_hmac_create(HASH_SHA256);
-			break;
-		case PRF_HMAC_SHA2_384:
-			hmac = openssl_hmac_create(HASH_SHA384);
-			break;
-		case PRF_HMAC_SHA2_512:
-			hmac = openssl_hmac_create(HASH_SHA512);
-			break;
-		default:
-			break;
-	}
-	if (!hmac)
-	{
-		return NULL;
-	}
-
-	INIT(this,
-		.public = {
-			.prf = {
-				.get_bytes = _get_bytes,
-				.allocate_bytes = _allocate_bytes,
-				.get_block_size = _get_block_size,
-				.get_key_size = _get_key_size,
-				.set_key = _set_key,
-				.destroy = _destroy,
-			},
-		},
-		.hmac = hmac,
-	);
-
-	return &this->public;
-}
diff --git a/src/libstrongswan/plugins/openssl/openssl_hmac_prf.h b/src/libstrongswan/plugins/openssl/openssl_hmac_prf.h
deleted file mode 100644
index 1758da238..000000000
--- a/src/libstrongswan/plugins/openssl/openssl_hmac_prf.h
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright (C) 2012 Aleksandr Grinberg
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- * THE SOFTWARE.
- */
-
-/**
- * @defgroup openssl_hmac_prf openssl_hmac_prf
- * @{ @ingroup openssl_p
- */
-
-#ifndef OPENSSL_HMAC_PRF_H_
-#define OPENSSL_HMAC_PRF_H_
-
-typedef struct openssl_hmac_prf_t openssl_hmac_prf_t;
-
-#include <crypto/prfs/prf.h>
-
-/**
- * Implementation of pseudo random functions using OpenSSL.
- */
-struct openssl_hmac_prf_t {
-
-	/**
-	 * Implements prf_t interface.
-	 */
-	prf_t prf;
-};
-
-/**
- * Constructor to create openssl_hmac_prf_t.
- *
- * @param algo		algorithm
- * @return			openssl_hmac_prf_t, NULL if not supported
- */
-openssl_hmac_prf_t *openssl_hmac_prf_create(pseudo_random_function_t algo);
-
-#endif /** OPENSSL_HMAC_PRF_H_ @}*/
diff --git a/src/libstrongswan/plugins/openssl/openssl_hmac_signer.c b/src/libstrongswan/plugins/openssl/openssl_hmac_signer.c
deleted file mode 100644
index 3c2a89035..000000000
--- a/src/libstrongswan/plugins/openssl/openssl_hmac_signer.c
+++ /dev/null
@@ -1,213 +0,0 @@
-/*
- * Copyright (C) 2012 Tobias Brunner
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-/*
- * Copyright (C) 2012 Aleksandr Grinberg
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- * THE SOFTWARE.
- */
-
-#include "openssl_hmac.h"
-#include "openssl_hmac_signer.h"
-
-typedef struct private_openssl_hmac_signer_t private_openssl_hmac_signer_t;
-
-/**
- * Private data of openssl_hmac_signer_t
- */
-struct private_openssl_hmac_signer_t {
-
-	/**
-	 * Public part of this class.
-	 */
-	openssl_hmac_signer_t public;
-
-	/**
-	 * OpenSSL based HMAC implementation
-	 */
-	openssl_hmac_t *hmac;
-
-	/**
-	 * Signature truncation length
-	 */
-	size_t trunc;
-};
-
-METHOD(signer_t, get_block_size, size_t,
-	private_openssl_hmac_signer_t *this)
-{
-	return this->trunc;
-}
-
-METHOD(signer_t, get_key_size, size_t,
-	private_openssl_hmac_signer_t *this)
-{
-	return this->hmac->get_block_size(this->hmac);
-}
-
-METHOD(signer_t, get_signature, void,
-	private_openssl_hmac_signer_t *this, chunk_t data, u_int8_t *out)
-{
-	if (out == NULL)
-	{
-		this->hmac->get_mac(this->hmac, data, NULL);
-	}
-	else
-	{
-		u_int8_t mac[this->hmac->get_block_size(this->hmac)];
-
-		this->hmac->get_mac(this->hmac, data, mac);
-		memcpy(out, mac, this->trunc);
-	}
-}
-
-METHOD(signer_t, allocate_signature,void,
-	private_openssl_hmac_signer_t *this, chunk_t data, chunk_t *out)
-{
-	if (out == NULL)
-	{
-		this->hmac->get_mac(this->hmac, data, NULL);
-	}
-	else
-	{
-		u_int8_t mac[this->hmac->get_block_size(this->hmac)];
-
-		this->hmac->get_mac(this->hmac, data, mac);
-
-		*out = chunk_alloc(this->trunc);
-		memcpy(out->ptr, mac, this->trunc);
-	}
-}
-
-METHOD(signer_t, verify_signature, bool,
-	private_openssl_hmac_signer_t *this, chunk_t seed, chunk_t signature)
-{
-	u_int8_t mac[this->hmac->get_block_size(this->hmac)];
-
-	this->hmac->get_mac(this->hmac, seed, mac);
-
-	if (signature.len != this->trunc)
-	{
-		return FALSE;
-	}
-	return memeq(signature.ptr, mac, this->trunc);
-}
-
-METHOD(signer_t, set_key, void,
-	private_openssl_hmac_signer_t *this, chunk_t key)
-{
-	this->hmac->set_key(this->hmac, key);
-}
-
-METHOD(signer_t, destroy, void,
-	private_openssl_hmac_signer_t *this)
-{
-	this->hmac->destroy(this->hmac);
-	free(this);
-}
-
-/*
- * Described in header
- */
-openssl_hmac_signer_t *openssl_hmac_signer_create(integrity_algorithm_t algo)
-{
-	private_openssl_hmac_signer_t *this;
-	openssl_hmac_t *hmac = NULL;
-	size_t trunc = 0;
-
-	switch (algo)
-	{
-		case AUTH_HMAC_MD5_96:
-			hmac = openssl_hmac_create(HASH_MD5);
-			trunc = 12;
-			break;
-		case AUTH_HMAC_MD5_128:
-			hmac = openssl_hmac_create(HASH_MD5);
-			trunc = 16;
-			break;
-		case AUTH_HMAC_SHA1_96:
-			hmac = openssl_hmac_create(HASH_SHA1);
-			trunc = 12;
-			break;
-		case AUTH_HMAC_SHA1_128:
-			hmac = openssl_hmac_create(HASH_SHA1);
-			trunc = 16;
-			break;
-		case AUTH_HMAC_SHA1_160:
-			hmac = openssl_hmac_create(HASH_SHA1);
-			trunc = 20;
-			break;
-		case AUTH_HMAC_SHA2_256_128:
-			hmac = openssl_hmac_create(HASH_SHA256);
-			trunc = 16;
-			break;
-		case AUTH_HMAC_SHA2_256_256:
-			hmac = openssl_hmac_create(HASH_SHA256);
-			trunc = 32;
-			break;
-		case AUTH_HMAC_SHA2_384_192:
-			hmac = openssl_hmac_create(HASH_SHA384);
-			trunc = 24;
-			break;
-		case AUTH_HMAC_SHA2_384_384:
-			hmac = openssl_hmac_create(HASH_SHA384);
-			trunc = 48;
-			break;
-		case AUTH_HMAC_SHA2_512_256:
-			hmac = openssl_hmac_create(HASH_SHA512);
-			trunc = 32;
-			break;
-		default:
-			break;
-	}
-	if (!hmac)
-	{
-		return NULL;
-	}
-
-	INIT(this,
-		.public = {
-			.signer = {
-				.get_signature = _get_signature,
-				.allocate_signature = _allocate_signature,
-				.verify_signature = _verify_signature,
-				.get_block_size = _get_block_size,
-				.get_key_size = _get_key_size,
-				.set_key = _set_key,
-				.destroy = _destroy,
-			},
-		},
-		.hmac = hmac,
-		.trunc = trunc,
-	);
-
-	return &this->public;
-}
diff --git a/src/libstrongswan/plugins/openssl/openssl_hmac_signer.h b/src/libstrongswan/plugins/openssl/openssl_hmac_signer.h
deleted file mode 100644
index fe97b30f5..000000000
--- a/src/libstrongswan/plugins/openssl/openssl_hmac_signer.h
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright (C) 2012 Aleksandr Grinberg
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
-
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
-
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- * THE SOFTWARE.
- */
-
-/**
- * @defgroup openssl_hmac_signer openssl_hmac_signer
- * @{ @ingroup openssl_p
- */
-
-#ifndef OPENSSL_HMAC_SIGNER_H_
-#define OPENSSL_HMAC_SIGNER_H_
-
-typedef struct openssl_hmac_signer_t openssl_hmac_signer_t;
-
-#include <crypto/signers/signer.h>
-
-/**
- * Implementation of HMAC signature functions using OpenSSL.
- */
-struct openssl_hmac_signer_t {
-
-	/**
-	 * Implements signer_t interface.
-	 */
-	signer_t signer;
-};
-
-/**
- * Constructor to create openssl_hmac_signer_t.
- *
- * @param algo		algorithm
- * @return			openssl_hmac_signer_t, NULL if not supported
- */
-openssl_hmac_signer_t *openssl_hmac_signer_create(integrity_algorithm_t algo);
-
-#endif /** OPENSSL_HMAC_SIGNER_H_ @}*/
diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
index 625ad0ab9..5a114122a 100644
--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
@@ -41,8 +41,7 @@
 #include "openssl_x509.h"
 #include "openssl_crl.h"
 #include "openssl_rng.h"
-#include "openssl_hmac_prf.h"
-#include "openssl_hmac_signer.h"
+#include "openssl_hmac.h"
 
 typedef struct private_openssl_plugin_t private_openssl_plugin_t;