74 lines
2.1 KiB
Diff
74 lines
2.1 KiB
Diff
From 91f663ce1b46ecd99399023ad539f158419272e7 Mon Sep 17 00:00:00 2001
|
|
From: Alexander Scheel <ascheel@redhat.com>
|
|
Date: Fri, 28 Sep 2018 11:03:52 -0400
|
|
Subject: [PATCH 2/2] Replace HMAC-SHA1 implementation with OpenSSL's
|
|
|
|
If OpenSSL EVP is not found, fallback to internal implementation of
|
|
HMAC-SHA1.
|
|
|
|
Signed-off-by: Alexander Scheel <ascheel@redhat.com>
|
|
---
|
|
src/lib/hmacsha1.c | 29 ++++++++++++++++++++++++++++-
|
|
1 file changed, 28 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/src/lib/hmacsha1.c b/src/lib/hmacsha1.c
|
|
index c3cbd87a2c..211470ea35 100644
|
|
--- a/src/lib/hmacsha1.c
|
|
+++ b/src/lib/hmacsha1.c
|
|
@@ -10,13 +10,19 @@
|
|
|
|
RCSID("$Id: c3cbd87a2c13c47da93fdb1bdfbf6da4c22aaac5 $")
|
|
|
|
+#ifdef HAVE_OPENSSL_EVP_H
|
|
+#include <openssl/hmac.h>
|
|
+#include <openssl/evp.h>
|
|
+#endif
|
|
+
|
|
#include <freeradius-devel/libradius.h>
|
|
|
|
#ifdef HMAC_SHA1_DATA_PROBLEMS
|
|
unsigned int sha1_data_problems = 0;
|
|
#endif
|
|
|
|
-/** Calculate HMAC using SHA1
|
|
+#ifdef HAVE_OPENSSL_EVP_H
|
|
+/** Calculate HMAC using OpenSSL's SHA1 implementation
|
|
*
|
|
* @param digest Caller digest to be filled in.
|
|
* @param text Pointer to data stream.
|
|
@@ -28,6 +34,26 @@
|
|
void fr_hmac_sha1(uint8_t digest[SHA1_DIGEST_LENGTH], uint8_t const *text, size_t text_len,
|
|
uint8_t const *key, size_t key_len)
|
|
{
|
|
+ HMAC_CTX *ctx = HMAC_CTX_new();
|
|
+ HMAC_Init_ex(ctx, key, key_len, EVP_sha1(), NULL);
|
|
+ HMAC_Update(ctx, text, text_len);
|
|
+ HMAC_Final(ctx, digest, NULL);
|
|
+ HMAC_CTX_free(ctx);
|
|
+}
|
|
+
|
|
+#else
|
|
+
|
|
+/** Calculate HMAC using internal SHA1 implementation
|
|
+ *
|
|
+ * @param digest Caller digest to be filled in.
|
|
+ * @param text Pointer to data stream.
|
|
+ * @param text_len length of data stream.
|
|
+ * @param key Pointer to authentication key.
|
|
+ * @param key_len Length of authentication key.
|
|
+ */
|
|
+void fr_hmac_sha1(uint8_t digest[SHA1_DIGEST_LENGTH], uint8_t const *text, size_t text_len,
|
|
+ uint8_t const *key, size_t key_len)
|
|
+{
|
|
fr_sha1_ctx context;
|
|
uint8_t k_ipad[65]; /* inner padding - key XORd with ipad */
|
|
uint8_t k_opad[65]; /* outer padding - key XORd with opad */
|
|
@@ -142,6 +168,7 @@
|
|
}
|
|
#endif
|
|
}
|
|
+#endif /* HAVE_OPENSSL_EVP_H */
|
|
|
|
/*
|
|
Test Vectors (Trailing '\0' of a character string not included in test):
|