if (kt->digest && kt->hmac_length > 0)
{
ALLOC_OBJ(ctx->hmac, hmac_ctx_t);
- hmac_ctx_init (ctx->hmac, key->hmac, kt->hmac_length, kt->digest,
- prefix);
+ hmac_ctx_init (ctx->hmac, key->hmac, kt->hmac_length, kt->digest);
+
+ msg (D_HANDSHAKE,
+ "%s: Using %d bit message hash '%s' for HMAC authentication",
+ prefix, md_kt_size(kt->digest) * 8, md_kt_name(kt->digest));
+
+ dmsg (D_SHOW_KEYS, "%s: HMAC KEY: %s", prefix,
+ format_hex (key->hmac, kt->hmac_length, 0, &gc));
+
+ dmsg (D_CRYPTO_DEBUG, "%s: HMAC size=%d block_size=%d",
+ prefix,
+ md_kt_size(kt->digest),
+ hmac_ctx_size(ctx->hmac));
+
}
gc_free (&gc);
}
* @param key The key to use for the HMAC
* @param key_len The key length to use
* @param kt Static message digest parameters
- * @param prefix Prefix to use when printing debug information.
*
*/
void hmac_ctx_init (hmac_ctx_t *ctx, const uint8_t *key, int key_length,
- const md_kt_t *kt, const char *prefix);
+ const md_kt_t *kt);
/*
* Free the given HMAC context.
void
hmac_ctx_init (HMAC_CTX *ctx, const uint8_t *key, int key_len,
- const EVP_MD *kt, const char *prefix)
+ const EVP_MD *kt)
{
- struct gc_arena gc = gc_new ();
-
ASSERT(NULL != kt && NULL != ctx);
CLEAR(*ctx);
HMAC_CTX_init (ctx);
HMAC_Init_ex (ctx, key, key_len, kt, NULL);
- if (prefix)
- msg (D_HANDSHAKE,
- "%s: Using %d bit message hash '%s' for HMAC authentication",
- prefix, HMAC_size (ctx) * 8, OBJ_nid2sn (EVP_MD_type (kt)));
-
/* make sure we used a big enough key */
ASSERT (HMAC_size (ctx) <= key_len);
-
- if (prefix)
- dmsg (D_SHOW_KEYS, "%s: HMAC KEY: %s", prefix,
- format_hex (key, key_len, 0, &gc));
- if (prefix)
- dmsg (D_CRYPTO_DEBUG, "%s: HMAC size=%d block_size=%d",
- prefix,
- EVP_MD_size (kt),
- EVP_MD_block_size (kt));
-
- gc_free (&gc);
}
void
* TODO: re-enable dmsg for crypto debug
*/
void
-hmac_ctx_init (md_context_t *ctx, const uint8_t *key, int key_len, const md_info_t *kt,
- const char *prefix)
+hmac_ctx_init (md_context_t *ctx, const uint8_t *key, int key_len, const md_info_t *kt)
{
- struct gc_arena gc = gc_new ();
-
ASSERT(NULL != kt && NULL != ctx);
CLEAR(*ctx);
ASSERT(0 == md_init_ctx(ctx, kt));
ASSERT(0 == md_hmac_starts(ctx, key, key_len));
- if (prefix)
- msg (D_HANDSHAKE,
- "%s: Using %d bit message hash '%s' for HMAC authentication",
- prefix, md_get_size(kt) * 8, md_get_name(kt));
-
/* make sure we used a big enough key */
ASSERT (md_get_size(kt) <= key_len);
-
- if (prefix)
- dmsg (D_SHOW_KEYS, "%s: HMAC KEY: %s", prefix,
- format_hex (key, key_len, 0, &gc));
-// if (prefix)
-// dmsg (D_CRYPTO_DEBUG, "%s: HMAC size=%d block_size=%d",
-// prefix,
-// md_get_size(md_info),
-// EVP_MD_block_size (md_info));
-
- gc_free (&gc);
}
void
hmac_ctx_t hmac_ctx;
CLEAR(hmac_ctx);
- hmac_ctx_init(&hmac_ctx, key, key_len, md5_kt, NULL);
+ hmac_ctx_init(&hmac_ctx, key, key_len, md5_kt);
hmac_ctx_update(&hmac_ctx, (const unsigned char *)data, data_len);
hmac_ctx_final(&hmac_ctx, (unsigned char *)result);
hmac_ctx_cleanup(&hmac_ctx);
chunk = md_kt_size(md_kt);
A1_len = md_kt_size(md_kt);
- hmac_ctx_init(&ctx, sec, sec_len, md_kt, NULL);
- hmac_ctx_init(&ctx_tmp, sec, sec_len, md_kt, NULL);
+ hmac_ctx_init(&ctx, sec, sec_len, md_kt);
+ hmac_ctx_init(&ctx_tmp, sec, sec_len, md_kt);
hmac_ctx_update(&ctx,seed,seed_len);
hmac_ctx_final(&ctx, A1);
projects / thirdparty / openvpn.git / commitdiff
