Source/lib/crypto/signers/hmac_signer.c

   1 /**
   2  * @file hmac_signer.c
   3  *
   4  * @brief Implementation of hmac_signer_t.
   5  *
   6  */
   7
   8 /*
   9  * Copyright (C) 2005 Jan Hutter, Martin Willi
  10  * Hochschule fuer Technik Rapperswil
  11  *
  12  * This program is free software; you can redistribute it and/or modify it
  13  * under the terms of the GNU General Public License as published by the
  14  * Free Software Foundation; either version 2 of the License, or (at your
  15  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
  16  *
  17  * This program is distributed in the hope that it will be useful, but
  18  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  19  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  20  * for more details.
  21  */
  22
  23 #include <string.h>
  24
  25 #include "hmac_signer.h"
  26
  27 #include <crypto/prfs/hmac_prf.h>
  28
  29 /**
  30  * This class represents a hmac signer with 12 byte (96 bit) output.
  31  */
  32 #define BLOCK_SIZE      12
  33
  34 typedef struct private_hmac_signer_t private_hmac_signer_t;
  35
  36 /**
  37  * Private data structure with signing context.
  38  */
  39 struct private_hmac_signer_t {
  40         /**
  41          * Public interface of hmac_signer_t.
  42          */
  43         hmac_signer_t public;
  44
  45         /*
  46          * Assigned hmac function.
  47          */
  48         prf_t *hmac_prf;
  49 };
  50
  51 /**
  52  * Implementation of signer_t.get_signature.
  53  */
  54 static void get_signature (private_hmac_signer_t *this, chunk_t data, u_int8_t *buffer)
  55 {
  56         u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
  57
  58         this->hmac_prf->get_bytes(this->hmac_prf,data,full_mac);
  59
  60         /* copy mac aka signature :-) */
  61         memcpy(buffer,full_mac,BLOCK_SIZE);
  62 }
  63
  64 /**
  65  * Implementation of signer_t.allocate_signature.
  66  */
  67 static void allocate_signature (private_hmac_signer_t *this, chunk_t data, chunk_t *chunk)
  68 {
  69         chunk_t signature;
  70         u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
  71
  72         this->hmac_prf->get_bytes(this->hmac_prf,data,full_mac);
  73
  74         signature.ptr = malloc(BLOCK_SIZE);
  75         signature.len = BLOCK_SIZE;
  76
  77         /* copy signature */
  78         memcpy(signature.ptr,full_mac,BLOCK_SIZE);
  79
  80         *chunk = signature;
  81 }
  82
  83 /**
  84  * Implementation of signer_t.verify_signature.
  85  */
  86 static bool verify_signature (private_hmac_signer_t *this, chunk_t data, chunk_t signature)
  87 {
  88         u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
  89
  90         this->hmac_prf->get_bytes(this->hmac_prf,data,full_mac);
  91
  92         if (signature.len != BLOCK_SIZE)
  93         {
  94                 return FALSE;
  95         }
  96
  97         /* compare mac aka signature :-) */
  98         if (memcmp(signature.ptr,full_mac,BLOCK_SIZE) == 0)
  99         {
 100                 return TRUE;
 101         }
 102         else
 103         {
 104                 return FALSE;
 105         }
 106 }
 107
 108 /**
 109  * Implementation of signer_t.get_key_size.
 110  */
 111 static size_t get_key_size (private_hmac_signer_t *this)
 112 {
 113         /* for HMAC signer, IKEv2 uses block size as key size */
 114         return this->hmac_prf->get_block_size(this->hmac_prf);
 115 }
 116
 117 /**
 118  * Implementation of signer_t.get_block_size.
 119  */
 120 static size_t get_block_size (private_hmac_signer_t *this)
 121 {
 122         return BLOCK_SIZE;
 123 }
 124
 125 /**
 126  * Implementation of signer_t.set_key.
 127  */
 128 static void set_key (private_hmac_signer_t *this, chunk_t key)
 129 {
 130         this->hmac_prf->set_key(this->hmac_prf,key);
 131 }
 132
 133 /**
 134  * Implementation of signer_t.destroy.
 135  */
 136 static status_t destroy(private_hmac_signer_t *this)
 137 {
 138         this->hmac_prf->destroy(this->hmac_prf);
 139         free(this);
 140         return SUCCESS;
 141 }
 142
 143 /*
 144  * Described in header
 145  */
 146 hmac_signer_t *hmac_signer_create(hash_algorithm_t hash_algoritm)
 147 {
 148         private_hmac_signer_t *this = malloc_thing(private_hmac_signer_t);
 149
 150         this->hmac_prf = (prf_t *) hmac_prf_create(hash_algoritm);
 151
 152         if (this->hmac_prf == NULL)
 153         {
 154                 /* algorithm not supported */
 155                 free(this);
 156                 return NULL;
 157         }
 158
 159         /* interface functions */
 160         this->public.signer_interface.get_signature = (void (*) (signer_t*, chunk_t, u_int8_t*))get_signature;
 161         this->public.signer_interface.allocate_signature = (void (*) (signer_t*, chunk_t, chunk_t*))allocate_signature;
 162         this->public.signer_interface.verify_signature = (bool (*) (signer_t*, chunk_t, chunk_t))verify_signature;
 163         this->public.signer_interface.get_key_size = (size_t (*) (signer_t*))get_key_size;
 164         this->public.signer_interface.get_block_size = (size_t (*) (signer_t*))get_block_size;
 165         this->public.signer_interface.set_key = (void (*) (signer_t*,chunk_t))set_key;
 166         this->public.signer_interface.destroy = (void (*) (signer_t*))destroy;
 167
 168         return &(this->public);
 169 }