diff options
| -rw-r--r-- | Source/charon/testcases/hmac_test.c | 3 | ||||
| -rw-r--r-- | Source/charon/transforms/hmac.c | 62 | ||||
| -rw-r--r-- | Source/charon/transforms/hmac.h | 16 |
3 files changed, 49 insertions, 32 deletions
diff --git a/Source/charon/testcases/hmac_test.c b/Source/charon/testcases/hmac_test.c index 4a36dcb9c..ccefb86cf 100644 --- a/Source/charon/testcases/hmac_test.c +++ b/Source/charon/testcases/hmac_test.c @@ -169,7 +169,8 @@ void test_hmac_sha1(tester_t *tester) for (i=0; i<3; i++) { - hmac_t *hmac = hmac_create(HASH_SHA1, keys[i]); + hmac_t *hmac = hmac_create(HASH_SHA1); + hmac->set_key(hmac, keys[i]); hmac->allocate_mac(hmac, data[i], &digest[i]); hmac->destroy(hmac); diff --git a/Source/charon/transforms/hmac.c b/Source/charon/transforms/hmac.c index 93bbffade..1f078ebf0 100644 --- a/Source/charon/transforms/hmac.c +++ b/Source/charon/transforms/hmac.c @@ -110,6 +110,37 @@ static size_t get_block_size(private_hmac_t *this) } /** + * implementation of hmac_t.set_key + */ +static status_t set_key(private_hmac_t *this, chunk_t key) +{ + int i; + u_int8_t buffer[this->b]; + + memset(buffer, 0, this->b); + + if (key.len > this->b) + { + /* if key is too long, it will be hashed */ + this->h->get_hash(this->h, key, buffer); + } + else + { + /* if not, just copy it in our pre-padded k */ + memcpy(buffer, key.ptr, key.len); + } + + /* apply ipad and opad to key */ + for (i = 0; i < this->b; i++) + { + this->ipaded_key.ptr[i] = buffer[i] ^ 0x36; + this->opaded_key.ptr[i] = buffer[i] ^ 0x5C; + } + + return SUCCESS;; +} + +/** * implementation of hmac_t.destroy */ static status_t destroy(private_hmac_t *this) @@ -125,10 +156,9 @@ static status_t destroy(private_hmac_t *this) /* * Described in header */ -hmac_t *hmac_create(hash_algorithm_t hash_algorithm, chunk_t key) +hmac_t *hmac_create(hash_algorithm_t hash_algorithm) { private_hmac_t *this; - u_int8_t i; this = allocator_alloc_thing(private_hmac_t); if (this == NULL) @@ -139,6 +169,7 @@ hmac_t *hmac_create(hash_algorithm_t hash_algorithm, chunk_t key) this->public.get_mac = (size_t (*)(hmac_t *,chunk_t,u_int8_t*))get_mac; this->public.allocate_mac = (size_t (*)(hmac_t *,chunk_t,chunk_t*))allocate_mac; this->public.get_block_size = (size_t (*)(hmac_t *))get_block_size; + this->public.set_key = (status_t (*)(hmac_t *,chunk_t))set_key; this->public.destroy = (status_t (*)(hmac_t *))destroy; /* set b, according to hasher */ @@ -160,26 +191,7 @@ hmac_t *hmac_create(hash_algorithm_t hash_algorithm, chunk_t key) return NULL; } - /* k must be b long, padded with 0x00 */ - this->k.ptr = allocator_alloc(this->b); - this->k.len = this->b; - if (this->k.ptr == NULL) - { - this->h->destroy(this->h); - allocator_free(this); - } - memset(this->k.ptr, 0, this->k.len); - if (key.len > this->h->get_block_size(this->h)) - { - /* if key is too long, it will be hashed */ - this->h->get_hash(this->h, key, this->k.ptr); - } - else - { - /* if not, just copy it in our pre-padded k */ - memcpy(this->k.ptr, key.ptr, key.len); - } /* build ipad and opad */ this->opaded_key.ptr = allocator_alloc(this->b); @@ -196,17 +208,11 @@ hmac_t *hmac_create(hash_algorithm_t hash_algorithm, chunk_t key) if (this->ipaded_key.ptr == NULL) { this->h->destroy(this->h); - allocator_free(this->k.ptr); allocator_free(this->opaded_key.ptr); allocator_free(this); return NULL; } - - for (i = 0; i < this->b; i++) - { - this->ipaded_key.ptr[i] = this->k.ptr[i] ^ 0x36; - this->opaded_key.ptr[i] = this->k.ptr[i] ^ 0x5C; - } + return &(this->public); } diff --git a/Source/charon/transforms/hmac.h b/Source/charon/transforms/hmac.h index f374b14f8..14cec6818 100644 --- a/Source/charon/transforms/hmac.h +++ b/Source/charon/transforms/hmac.h @@ -64,7 +64,18 @@ struct hmac_s { * @param this calling hmac * @return block size in bytes */ - size_t (*get_block_size) (hmac_t *this); + size_t (*get_block_size) (hmac_t *this); + + /** + * @brief set the key for this hmac + * + * Any key length is accepted. + * + * @param this calling hmac + * @param key key to set + * @return block size in bytes + */ + size_t (*set_key) (hmac_t *this, chunk_t key); /** * @brief Destroys a hmac object. @@ -80,11 +91,10 @@ struct hmac_s { * Creates a new hmac_t object * * @param hash_algorithm hash algorithm to use - * @param key A chunk containing the key * @return * - hmac_t if successfully * - NULL if out of ressources or hash not supported */ -hmac_t *hmac_create(hash_algorithm_t hash_algorithm, chunk_t key); +hmac_t *hmac_create(hash_algorithm_t hash_algorithm); #endif /*HMAC_H_*/ |