Add fticks.c and fticks.h to the build.

4d22f9e6 · Linus Nordberg · d53d9023 · 4d22f9e6 · 4d22f9e6 · 4d22f9e6
Commit 4d22f9e6 authored Apr 04, 2011 by Linus Nordberg
Hide whitespace changes
Inline Side-by-side

Showing with 80 additions and 1 deletion

Makefile.am Makefile.am +3 -1

configure.ac configure.ac +3 -0

fticks.c fticks.c +67 -0

fticks.h fticks.h +7 -0

No files found.
--- a/Makefile.am
+++ b/Makefile.am
@@ -17,6 +17,7 @@ radsecproxy_SOURCES = radsecproxy.c \
                      tcp.c \
                      tls.c \
                      dtls.c \
+                      fticks.c \
                      radsecproxy.h \
                      tlscommon.h \
                      gconfig.h \
@@ -30,7 +31,8 @@ radsecproxy_SOURCES = radsecproxy.c \
                      udp.h \
                      tcp.h \
                      tls.h \
-                      dtls.h
+                      dtls.h \
+		      fticks.h
 catgconf_SOURCES    = debug.c \
                      util.c \

--- a/configure.ac
+++ b/configure.ac
@@ -46,6 +46,9 @@ AC_ARG_ENABLE(dtls,
      exit -1
    fi
  ])
+AC_CHECK_LIB([nettle], [nettle_sha256_init],,
+    AC_MSG_ERROR([required library nettle not found]))
 dnl Check if we're on Solaris and set CFLAGS accordingly
 AC_CANONICAL_SYSTEM

--- a/fticks.c
+++ b/fticks.c
+/* Copyright (C) 2011 NORDUnet A/S
+ * See LICENSE for information about licensing.
+ */
+#include <stdio.h>		/* For sprintf().  */
+#include <string.h>
+#include <nettle/sha.h>
+#include <nettle/hmac.h>
+static void
+format_hash(const uint8_t *hash, size_t out_len, uint8_t *out)
+{
+    int i;
+    for (i = 0; i < out_len / 2; i++)
+	sprintf((char *) out + i*2, "%02x", hash[i % SHA256_DIGEST_SIZE]);
+}
+static void
+hash(const uint8_t *in,
+     const uint8_t *key,
+     size_t out_len,
+     uint8_t *out)
+{
+    if (key == NULL) {
+	struct sha256_ctx ctx;
+	uint8_t hash[SHA256_DIGEST_SIZE];
+	sha256_init(&ctx);
+	sha256_update(&ctx, strlen((char *) in), in);
+	sha256_digest(&ctx, sizeof(hash), hash);
+	format_hash(hash, out_len, out);
+    }
+    else {
+	struct hmac_sha256_ctx ctx;
+	uint8_t hash[SHA256_DIGEST_SIZE];
+	hmac_sha256_set_key(&ctx, strlen((char *) key), key);
+	hmac_sha256_update(&ctx, strlen((char *) in), in);
+	hmac_sha256_digest(&ctx, sizeof(hash), hash);
+	format_hash(hash, out_len, out);
+    }
+}
+/** Hash the MAC in \a IN, keying with \a KEY if it's not NULL.
+    \a IN and \a KEY are NULL terminated strings.
+    \a IN is sanitised by lowercasing it, removing all but [0-9a-f]
+    and truncating it at first ';' (due to RADIUS praxis with tacking
+    on SSID to MAC in Calling-Station-Id).  */
+void
+fticks_hashmac(const uint8_t *in,
+	       const uint8_t *key,
+	       size_t out_len,
+	       uint8_t *out)
+{
+    /* TODO: lowercase */
+    /* TODO: s/[!0-9a-f]//1 */
+    /* TODO: truncate after first ';', if any */
+    hash(in, key, out_len, out);
+}
+/* Local Variables: */
+/* c-file-style: "stroustrup" */
+/* End: */
--- a/fticks.h
+++ b/fticks.h
+/* Copyright (C) 2011 NORDUnet A/S
+ * See LICENSE for information about licensing.
+ */
+int fticks_hashmac(const uint8_t *in,
+		   const uint8_t *key,
+		   size_t out_len,
+		   uint8_t *out);