signers implemented with HMAC now support NULL output parameters
authorMartin Willi <martin@strongswan.org>
Wed, 29 Aug 2007 07:52:49 +0000 (07:52 -0000)
committerMartin Willi <martin@strongswan.org>
Wed, 29 Aug 2007 07:52:49 +0000 (07:52 -0000)
to feed signer with more than one block of data.

src/libstrongswan/crypto/signers/hmac_signer.c
src/libstrongswan/crypto/signers/signer.h

index 76e1ce5..ad5b882 100644 (file)
@@ -52,14 +52,19 @@ struct private_hmac_signer_t {
 /**
  * Implementation of signer_t.get_signature.
  */
 /**
  * Implementation of signer_t.get_signature.
  */
-static void get_signature (private_hmac_signer_t *this, chunk_t data, u_int8_t *buffer)
+static void get_signature(private_hmac_signer_t *this, chunk_t data, u_int8_t *buffer)
 {
 {
-       u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
-       
-       this->hmac_prf->get_bytes(this->hmac_prf, data, full_mac);
-
-       /* copy MAC depending on truncation */
-       memcpy(buffer, full_mac, this->block_size);
+       if (buffer == NULL)
+       {       /* append mode */
+               this->hmac_prf->get_bytes(this->hmac_prf, data, NULL);
+       }
+       else
+       {
+               u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
+               
+               this->hmac_prf->get_bytes(this->hmac_prf, data, full_mac);
+               memcpy(buffer, full_mac, this->block_size);
+       }
 }
 
 /**
 }
 
 /**
@@ -67,18 +72,24 @@ static void get_signature (private_hmac_signer_t *this, chunk_t data, u_int8_t *
  */
 static void allocate_signature (private_hmac_signer_t *this, chunk_t data, chunk_t *chunk)
 {
  */
 static void allocate_signature (private_hmac_signer_t *this, chunk_t data, chunk_t *chunk)
 {
-       chunk_t signature;
-       u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
-       
-       this->hmac_prf->get_bytes(this->hmac_prf,data,full_mac);
+       if (chunk == NULL)
+       {       /* append mode */
+               this->hmac_prf->get_bytes(this->hmac_prf, data, NULL);
+       }
+       else
+       {
+               chunk_t signature;
+               u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
+               
+               this->hmac_prf->get_bytes(this->hmac_prf, data, full_mac);
 
 
-       signature.ptr = malloc(this->block_size);
-       signature.len = this->block_size;
-       
-       /* copy signature */
-       memcpy(signature.ptr, full_mac, this->block_size);
+               signature.ptr = malloc(this->block_size);
+               signature.len = this->block_size;
+               
+               memcpy(signature.ptr, full_mac, this->block_size);
 
 
-       *chunk = signature;
+               *chunk = signature;
+       }
 }
 
 /**
 }
 
 /**
index 0f37097..4218e41 100644 (file)
@@ -74,6 +74,9 @@ extern enum_name_t *integrity_algorithm_names;
 struct signer_t {
        /**
         * @brief Generate a signature.
 struct signer_t {
        /**
         * @brief Generate a signature.
+        *
+        * If buffer is NULL, data is processed and prepended to a next call until
+        * buffer is a valid pointer.
         * 
         * @param this                  calling object
         * @param data                  a chunk containing the data to sign
         * 
         * @param this                  calling object
         * @param data                  a chunk containing the data to sign
@@ -83,6 +86,9 @@ struct signer_t {
        
        /**
         * @brief Generate a signature and allocate space for it.
        
        /**
         * @brief Generate a signature and allocate space for it.
+        *
+        * If chunk is NULL, data is processed and prepended to a next call until
+        * chunk is a valid chunk pointer.
         * 
         * @param this                  calling object
         * @param data                  a chunk containing the data to sign
         * 
         * @param this                  calling object
         * @param data                  a chunk containing the data to sign