From 91f663ce1b46ecd99399023ad539f158419272e7 Mon Sep 17 00:00:00 2001 From: Alexander Scheel Date: Fri, 28 Sep 2018 11:03:52 -0400 Subject: [PATCH 2/2] Replace HMAC-SHA1 implementation with OpenSSL's If OpenSSL EVP is not found, fallback to internal implementation of HMAC-SHA1. Signed-off-by: Alexander Scheel --- src/lib/hmacsha1.c | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/src/lib/hmacsha1.c b/src/lib/hmacsha1.c index c3cbd87a2c..211470ea35 100644 --- a/src/lib/hmacsha1.c +++ b/src/lib/hmacsha1.c @@ -10,13 +10,19 @@ RCSID("$Id: c3cbd87a2c13c47da93fdb1bdfbf6da4c22aaac5 $") +#ifdef HAVE_OPENSSL_EVP_H +#include +#include +#endif + #include #ifdef HMAC_SHA1_DATA_PROBLEMS unsigned int sha1_data_problems = 0; #endif -/** Calculate HMAC using SHA1 +#ifdef HAVE_OPENSSL_EVP_H +/** Calculate HMAC using OpenSSL's SHA1 implementation * * @param digest Caller digest to be filled in. * @param text Pointer to data stream. @@ -28,6 +34,26 @@ void fr_hmac_sha1(uint8_t digest[SHA1_DIGEST_LENGTH], uint8_t const *text, size_t text_len, uint8_t const *key, size_t key_len) { + HMAC_CTX *ctx = HMAC_CTX_new(); + HMAC_Init_ex(ctx, key, key_len, EVP_sha1(), NULL); + HMAC_Update(ctx, text, text_len); + HMAC_Final(ctx, digest, NULL); + HMAC_CTX_free(ctx); +} + +#else + +/** Calculate HMAC using internal SHA1 implementation + * + * @param digest Caller digest to be filled in. + * @param text Pointer to data stream. + * @param text_len length of data stream. + * @param key Pointer to authentication key. + * @param key_len Length of authentication key. + */ +void fr_hmac_sha1(uint8_t digest[SHA1_DIGEST_LENGTH], uint8_t const *text, size_t text_len, + uint8_t const *key, size_t key_len) +{ fr_sha1_ctx context; uint8_t k_ipad[65]; /* inner padding - key XORd with ipad */ uint8_t k_opad[65]; /* outer padding - key XORd with opad */ @@ -142,6 +168,7 @@ } #endif } +#endif /* HAVE_OPENSSL_EVP_H */ /* Test Vectors (Trailing '\0' of a character string not included in test):