search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Started using OpenSSL as cryptographic back-end.
[libisds.git] / src / crypto_openssl.c
blob85ef3ff07cdbbb32357f0acc8a76cad23e9e9f98
1
2 #include <assert.h>
3 #include <locale.h>
4 #include <openssl/err.h>
5 #include <openssl/md5.h>
6 #include <openssl/sha.h>
7
8 #include "isds_priv.h"
9 #include "utils.h"
10
11
12 #ifndef SHA1_DIGEST_LENGTH
13 # define SHA1_DIGEST_LENGTH 20
14 #endif /* !SHA1_DIGEST_LENGTH */
15
16
17 /* Initialise all cryptographic libraries which libisds depends on.
18 * @return IE_SUCCESS if everything went all-right. */
19 _hidden isds_error _isds_init_crypto_openssl(void)
20 {
21 ERR_load_crypto_strings();
22
23 return IE_SUCCESS;
24 }
25
26 /* Computes hash from @input with @length and store it into @hash.
27 * The hash algorithm is defined inside @hash.
28 * @input is input block to hash
29 * @length is @input block length in bytes
30 * @hash input algorithm, output hash value and hash length; hash value will be
31 * reallocated, it's always valid pointer or NULL (before and after call) */
32 _hidden isds_error _isds_compute_hash_openssl(const void *input, const size_t length,
33 struct isds_hash *hash)
34 {
35 void *hash_buf = NULL;
36 size_t hash_len = 0;
37 unsigned char * (*hash_func)(const unsigned char *, size_t n,
38 unsigned char *) = NULL;
39
40 if (((0 != length) && (NULL == input)) || (NULL == hash)) {
41 return IE_INVAL;
42 }
43
44 isds_log(ILF_SEC, ILL_DEBUG,
45 _("Data hash requested, length=%zu, content:\n%*s\n"
46 "End of data to hash\n"), length, length, input);
47
48 /* Select algorithm */
49 switch (hash->algorithm) {
50 case HASH_ALGORITHM_MD5:
51 hash_len = MD5_DIGEST_LENGTH;
52 hash_func = MD5;
53 break;
54 case HASH_ALGORITHM_SHA_1:
55 hash_len = SHA1_DIGEST_LENGTH;
56 hash_func = SHA1;
57 break;
58 case HASH_ALGORITHM_SHA_224:
59 hash_len = SHA224_DIGEST_LENGTH;
60 hash_func = SHA224;
61 break;
62 case HASH_ALGORITHM_SHA_256:
63 hash_len = SHA256_DIGEST_LENGTH;
64 hash_func = SHA256;
65 break;
66 case HASH_ALGORITHM_SHA_384:
67 hash_len = SHA384_DIGEST_LENGTH;
68 hash_func = SHA384;
69 break;
70 case HASH_ALGORITHM_SHA_512:
71 hash_len = SHA512_DIGEST_LENGTH;
72 hash_func = SHA512;
73 break;
74 default:
75 return IE_NOTSUP;
76 }
77
78 assert(0 != hash_len);
79
80 /* Get known the hash length and allocate buffer for hash value */
81 hash->length = hash_len;
82 hash_buf = realloc(hash->value, hash->length);
83 if (NULL == hash_buf) {
84 return IE_NOMEM;
85 }
86 hash->value = hash_buf;
87
88 assert(NULL != hash->value);
89 assert(NULL != hash_func);
90
91 /* Compute the hash */
92 hash_func(input, length, hash->value);
93
94 return IE_SUCCESS;
95 }
96
97 /* Free CMS data buffer allocated inside _isds_extract_cms_data().
98 * This is necessary because GPGME.
99 * @buffer is pointer to memory to free */
100 _hidden void _isds_cms_data_free_openssl(void *buffer)
101 {
102 }
103
104 /* Extract data from CMS (successor of PKCS#7)
105 * @context is session context
106 * @cms is input block with CMS structure
107 * @cms_length is @cms block length in bytes
108 * @data are automatically reallocated bit stream with data found in @cms
109 * You must free them with _isds_cms_data_free().
110 * @data_length is length of @data in bytes */
111 _hidden isds_error _isds_extract_cms_data_openssl(struct isds_ctx *context,
112 const void *cms, const size_t cms_length,
113 void **data, size_t *data_length)
114 {
115 assert(NULL != context);
116
117 if ((NULL == cms) || (0 == cms_length) ||
118 (NULL == data) || (NULL == data_length)) {
119 return IE_INVAL;
120 }
121
122 /* TODO */
123
124 return IE_ERROR;
125 }
Client library for ISDS