Use centralized hasher names in openssl plugin
[strongswan.git] / src / libstrongswan / plugins / openssl / openssl_hmac.c
index caf0d3a..5d05425 100644 (file)
@@ -65,34 +65,44 @@ struct private_mac_t {
         * Current HMAC context
         */
        HMAC_CTX hmac;
-
-       /**
-        * Key
-        */
-       chunk_t key;
 };
 
-/**
- * Resets HMAC context
- */
-static void reset(private_mac_t *this)
+METHOD(mac_t, set_key, bool,
+       private_mac_t *this, chunk_t key)
 {
-       HMAC_Init_ex(&this->hmac, this->key.ptr, this->key.len, this->hasher, NULL);
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+       return HMAC_Init_ex(&this->hmac, key.ptr, key.len, this->hasher, NULL);
+#else /* OPENSSL_VERSION_NUMBER < 1.0 */
+       HMAC_Init_ex(&this->hmac, key.ptr, key.len, this->hasher, NULL);
+       return TRUE;
+#endif
 }
 
-METHOD(mac_t, get_mac, void,
+METHOD(mac_t, get_mac, bool,
        private_mac_t *this, chunk_t data, u_int8_t *out)
 {
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+       if (!HMAC_Update(&this->hmac, data.ptr, data.len))
+       {
+               return FALSE;
+       }
        if (out == NULL)
        {
-               HMAC_Update(&this->hmac, data.ptr, data.len);
+               return TRUE;
+       }
+       if (!HMAC_Final(&this->hmac, out, NULL))
+       {
+               return FALSE;
        }
-       else
+#else /* OPENSSL_VERSION_NUMBER < 1.0 */
+       HMAC_Update(&this->hmac, data.ptr, data.len);
+       if (out == NULL)
        {
-               HMAC_Update(&this->hmac, data.ptr, data.len);
-               HMAC_Final(&this->hmac, out, NULL);
-               reset(this);
+               return TRUE;
        }
+       HMAC_Final(&this->hmac, out, NULL);
+#endif
+       return set_key(this, chunk_empty);
 }
 
 METHOD(mac_t, get_mac_size, size_t,
@@ -101,19 +111,10 @@ METHOD(mac_t, get_mac_size, size_t,
        return EVP_MD_size(this->hasher);
 }
 
-METHOD(mac_t, set_key, void,
-       private_mac_t *this, chunk_t key)
-{
-       chunk_clear(&this->key);
-       this->key = chunk_clone(key);
-       reset(this);
-}
-
 METHOD(mac_t, destroy, void,
        private_mac_t *this)
 {
        HMAC_CTX_cleanup(&this->hmac);
-       chunk_clear(&this->key);
        free(this);
 }
 
@@ -123,6 +124,13 @@ METHOD(mac_t, destroy, void,
 static mac_t *hmac_create(hash_algorithm_t algo)
 {
        private_mac_t *this;
+       char *name;
+
+       name = enum_to_name(hash_algorithm_short_names, algo);
+       if (!name)
+       {
+               return NULL;
+       }
 
        INIT(this,
                .public = {
@@ -131,29 +139,9 @@ static mac_t *hmac_create(hash_algorithm_t algo)
                        .set_key = _set_key,
                        .destroy = _destroy,
                },
+               .hasher = EVP_get_digestbyname(name),
        );
 
-       switch (algo)
-       {
-               case HASH_MD5:
-                       this->hasher = EVP_get_digestbyname("md5");
-                       break;
-               case HASH_SHA1:
-                       this->hasher = EVP_get_digestbyname("sha1");
-                       break;
-               case HASH_SHA256:
-                       this->hasher = EVP_get_digestbyname("sha256");
-                       break;
-               case HASH_SHA384:
-                       this->hasher = EVP_get_digestbyname("sha384");
-                       break;
-               case HASH_SHA512:
-                       this->hasher = EVP_get_digestbyname("sha512");
-                       break;
-               default:
-                       break;
-       }
-
        if (!this->hasher)
        {
                free(this);
@@ -161,6 +149,11 @@ static mac_t *hmac_create(hash_algorithm_t algo)
        }
 
        HMAC_CTX_init(&this->hmac);
+       if (!set_key(this, chunk_empty))
+       {
+               destroy(this);
+               return NULL;
+       }
 
        return &this->public;
 }
@@ -196,4 +189,3 @@ signer_t *openssl_hmac_signer_create(integrity_algorithm_t algo)
        return NULL;
 }
 
-