Use centralized hasher names in openssl plugin
[strongswan.git] / src / libstrongswan / plugins / openssl / openssl_hmac.c
index 8c8767d..5d05425 100644 (file)
@@ -67,24 +67,42 @@ struct private_mac_t {
        HMAC_CTX hmac;
 };
 
-/**
- * Resets HMAC context
- */
-static bool reset(private_mac_t *this)
+METHOD(mac_t, set_key, bool,
+       private_mac_t *this, chunk_t key)
 {
-       return HMAC_Init_ex(&this->hmac, NULL, 0, this->hasher, NULL);
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+       return HMAC_Init_ex(&this->hmac, key.ptr, key.len, this->hasher, NULL);
+#else /* OPENSSL_VERSION_NUMBER < 1.0 */
+       HMAC_Init_ex(&this->hmac, key.ptr, key.len, this->hasher, NULL);
+       return TRUE;
+#endif
 }
 
 METHOD(mac_t, get_mac, bool,
        private_mac_t *this, chunk_t data, u_int8_t *out)
 {
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+       if (!HMAC_Update(&this->hmac, data.ptr, data.len))
+       {
+               return FALSE;
+       }
        if (out == NULL)
        {
-               return HMAC_Update(&this->hmac, data.ptr, data.len);
+               return TRUE;
        }
-       return HMAC_Update(&this->hmac, data.ptr, data.len) &&
-                  HMAC_Final(&this->hmac, out, NULL) &&
-                  reset(this);
+       if (!HMAC_Final(&this->hmac, out, NULL))
+       {
+               return FALSE;
+       }
+#else /* OPENSSL_VERSION_NUMBER < 1.0 */
+       HMAC_Update(&this->hmac, data.ptr, data.len);
+       if (out == NULL)
+       {
+               return TRUE;
+       }
+       HMAC_Final(&this->hmac, out, NULL);
+#endif
+       return set_key(this, chunk_empty);
 }
 
 METHOD(mac_t, get_mac_size, size_t,
@@ -93,12 +111,6 @@ METHOD(mac_t, get_mac_size, size_t,
        return EVP_MD_size(this->hasher);
 }
 
-METHOD(mac_t, set_key, bool,
-       private_mac_t *this, chunk_t key)
-{
-       return HMAC_Init_ex(&this->hmac, key.ptr, key.len, this->hasher, NULL);
-}
-
 METHOD(mac_t, destroy, void,
        private_mac_t *this)
 {
@@ -112,6 +124,13 @@ METHOD(mac_t, destroy, void,
 static mac_t *hmac_create(hash_algorithm_t algo)
 {
        private_mac_t *this;
+       char *name;
+
+       name = enum_to_name(hash_algorithm_short_names, algo);
+       if (!name)
+       {
+               return NULL;
+       }
 
        INIT(this,
                .public = {
@@ -120,29 +139,9 @@ static mac_t *hmac_create(hash_algorithm_t algo)
                        .set_key = _set_key,
                        .destroy = _destroy,
                },
+               .hasher = EVP_get_digestbyname(name),
        );
 
-       switch (algo)
-       {
-               case HASH_MD5:
-                       this->hasher = EVP_get_digestbyname("md5");
-                       break;
-               case HASH_SHA1:
-                       this->hasher = EVP_get_digestbyname("sha1");
-                       break;
-               case HASH_SHA256:
-                       this->hasher = EVP_get_digestbyname("sha256");
-                       break;
-               case HASH_SHA384:
-                       this->hasher = EVP_get_digestbyname("sha384");
-                       break;
-               case HASH_SHA512:
-                       this->hasher = EVP_get_digestbyname("sha512");
-                       break;
-               default:
-                       break;
-       }
-
        if (!this->hasher)
        {
                free(this);
@@ -150,7 +149,7 @@ static mac_t *hmac_create(hash_algorithm_t algo)
        }
 
        HMAC_CTX_init(&this->hmac);
-       if (!HMAC_Init_ex(&this->hmac, NULL, 0, this->hasher, NULL))
+       if (!set_key(this, chunk_empty))
        {
                destroy(this);
                return NULL;
@@ -190,4 +189,3 @@ signer_t *openssl_hmac_signer_create(integrity_algorithm_t algo)
        return NULL;
 }
 
-