Moved HMAC prints back to main crypto module

Signed-off-by: Adriaan de Jong <dejong@fox-it.com> Acked-by: David Sommerseth <davids@redhat.com> Signed-off-by: David Sommerseth <davids@redhat.com>
2024-09-20 12:02:28 +02:00 · 2011-07-14 21:35:45 +02:00 · 2011-07-14 21:35:45 +02:00 · 62242ed28d
commit 62242ed28d
parent 0d4ec3d8bb
6 changed files with 20 additions and 46 deletions
--- a/crypto.c
+++ b/crypto.c
@ -462,8 +462,20 @@ init_key_ctx (struct key_ctx *ctx, struct key *key,
  if (kt->digest && kt->hmac_length > 0)
    {
      ALLOC_OBJ(ctx->hmac, hmac_ctx_t);
-      hmac_ctx_init (ctx->hmac, key->hmac, kt->hmac_length, kt->digest,
-	  prefix);
+      hmac_ctx_init (ctx->hmac, key->hmac, kt->hmac_length, kt->digest);
+
+      msg (D_HANDSHAKE,
+      "%s: Using %d bit message hash '%s' for HMAC authentication",
+      prefix, md_kt_size(kt->digest) * 8, md_kt_name(kt->digest));
+
+      dmsg (D_SHOW_KEYS, "%s: HMAC KEY: %s", prefix,
+	  format_hex (key->hmac, kt->hmac_length, 0, &gc));
+
+      dmsg (D_CRYPTO_DEBUG, "%s: HMAC size=%d block_size=%d",
+	prefix,
+	md_kt_size(kt->digest),
+	hmac_ctx_size(ctx->hmac));
+
    }
  gc_free (&gc);
 }
--- a/crypto_backend.h
+++ b/crypto_backend.h
@ -442,11 +442,10 @@ void md_ctx_final (md_ctx_t *ctx, uint8_t *dst);
 * @param key		The key to use for the HMAC
 * @param key_len	The key length to use
 * @param kt 		Static message digest parameters
- * @param prefix	Prefix to use when printing debug information.
 *
 */
 void hmac_ctx_init (hmac_ctx_t *ctx, const uint8_t *key, int key_length,
-    const md_kt_t *kt, const char *prefix);
+    const md_kt_t *kt);

 /*
 * Free the given HMAC context.
--- a/crypto_openssl.c
+++ b/crypto_openssl.c
@ -745,10 +745,8 @@ md_ctx_final (EVP_MD_CTX *ctx, uint8_t *dst)

 void
 hmac_ctx_init (HMAC_CTX *ctx, const uint8_t *key, int key_len,
-    const EVP_MD *kt, const char *prefix)
+    const EVP_MD *kt)
 {
-  struct gc_arena gc = gc_new ();
-
  ASSERT(NULL != kt && NULL != ctx);

  CLEAR(*ctx);
@ -756,24 +754,8 @@ hmac_ctx_init (HMAC_CTX *ctx, const uint8_t *key, int key_len,
  HMAC_CTX_init (ctx);
  HMAC_Init_ex (ctx, key, key_len, kt, NULL);

-  if (prefix)
-    msg (D_HANDSHAKE,
-	"%s: Using %d bit message hash '%s' for HMAC authentication",
-	prefix, HMAC_size (ctx) * 8, OBJ_nid2sn (EVP_MD_type (kt)));
-
  /* make sure we used a big enough key */
  ASSERT (HMAC_size (ctx) <= key_len);
-
-  if (prefix)
-    dmsg (D_SHOW_KEYS, "%s: HMAC KEY: %s", prefix,
-	format_hex (key, key_len, 0, &gc));
-  if (prefix)
-    dmsg (D_CRYPTO_DEBUG, "%s: HMAC size=%d block_size=%d",
-	prefix,
-	EVP_MD_size (kt),
-	EVP_MD_block_size (kt));
-
-  gc_free (&gc);
 }

 void
--- a/crypto_polarssl.c
+++ b/crypto_polarssl.c
@ -511,11 +511,8 @@ md_ctx_final (md_context_t *ctx, uint8_t *dst)
 * TODO: re-enable dmsg for crypto debug
 */
 void
-hmac_ctx_init (md_context_t *ctx, const uint8_t *key, int key_len, const md_info_t *kt,
-    const char *prefix)
+hmac_ctx_init (md_context_t *ctx, const uint8_t *key, int key_len, const md_info_t *kt)
 {
-  struct gc_arena gc = gc_new ();
-
  ASSERT(NULL != kt && NULL != ctx);

  CLEAR(*ctx);
@ -523,24 +520,8 @@ hmac_ctx_init (md_context_t *ctx, const uint8_t *key, int key_len, const md_info
  ASSERT(0 == md_init_ctx(ctx, kt));
  ASSERT(0 == md_hmac_starts(ctx, key, key_len));

-  if (prefix)
-    msg (D_HANDSHAKE,
-	"%s: Using %d bit message hash '%s' for HMAC authentication",
-	prefix, md_get_size(kt) * 8, md_get_name(kt));
-
  /* make sure we used a big enough key */
  ASSERT (md_get_size(kt) <= key_len);
-
-  if (prefix)
-    dmsg (D_SHOW_KEYS, "%s: HMAC KEY: %s", prefix,
-	format_hex (key, key_len, 0, &gc));
-//  if (prefix)
-//    dmsg (D_CRYPTO_DEBUG, "%s: HMAC size=%d block_size=%d",
-//         prefix,
-//         md_get_size(md_info),
-//         EVP_MD_block_size (md_info));
-
-  gc_free (&gc);
 }

 void
--- a/ntlm.c
+++ b/ntlm.c
@ -84,7 +84,7 @@ gen_hmac_md5 (const char* data, int data_len, const char* key, int key_len,char
 	hmac_ctx_t hmac_ctx;
 	CLEAR(hmac_ctx);

-	hmac_ctx_init(&hmac_ctx, key, key_len, md5_kt, NULL);
+	hmac_ctx_init(&hmac_ctx, key, key_len, md5_kt);
 	hmac_ctx_update(&hmac_ctx, (const unsigned char *)data, data_len);
 	hmac_ctx_final(&hmac_ctx, (unsigned char *)result);
 	hmac_ctx_cleanup(&hmac_ctx);
--- a/ssl.c
+++ b/ssl.c
@ -1188,8 +1188,8 @@ tls1_P_hash(const md_kt_t *md_kt,
  chunk = md_kt_size(md_kt);
  A1_len = md_kt_size(md_kt);

-  hmac_ctx_init(&ctx, sec, sec_len, md_kt, NULL);
-  hmac_ctx_init(&ctx_tmp, sec, sec_len, md_kt, NULL);
+  hmac_ctx_init(&ctx, sec, sec_len, md_kt);
+  hmac_ctx_init(&ctx_tmp, sec, sec_len, md_kt);

  hmac_ctx_update(&ctx,seed,seed_len);
  hmac_ctx_final(&ctx, A1);