41 static const char* tsig_str =
"tsig-ssl";
46 static void init_context(
void *context,
49 static void update(
void *context,
const void *data,
size_t size);
50 static void final(
void *context, uint8_t *digest,
size_t *size);
52 typedef struct tsig_cleanup_table_struct tsig_cleanup_table_type;
53 struct tsig_cleanup_table_struct {
54 tsig_cleanup_table_type* next;
57 static tsig_cleanup_table_type* tsig_cleanup_table = NULL;
66 const char* digest,
const char* name,
const char* wireformat)
69 const EVP_MD *hmac_algorithm = NULL;
74 hmac_algorithm = EVP_get_digestbyname(digest);
75 if (!hmac_algorithm) {
76 ods_log_error(
"[%s] %s digest not available", tsig_str, digest);
82 algorithm->
wf_name = ldns_dname_new_frm_str(wireformat);
89 algorithm->
data = hmac_algorithm;
106 tsig_cleanup_table = NULL;
107 tsig_allocator = allocator;
108 OpenSSL_add_all_digests();
110 if (!tsig_openssl_init_algorithm(allocator,
"md5",
"hmac-md5",
111 "hmac-md5.sig-alg.reg.int.")) {
116 if (!tsig_openssl_init_algorithm(allocator,
"sha1",
"hmac-sha1",
122 #ifdef HAVE_EVP_SHA256
124 if (!tsig_openssl_init_algorithm(allocator,
"sha256",
"hmac-sha256",
133 cleanup_context(
void *data)
135 HMAC_CTX* context = (HMAC_CTX*) data;
136 HMAC_CTX_cleanup(context);
141 context_add_cleanup(
void* context)
143 tsig_cleanup_table_type* entry = NULL;
148 sizeof(tsig_cleanup_table_type));
150 entry->cleanup = context;
151 entry->next = tsig_cleanup_table;
152 tsig_cleanup_table = entry;
162 HMAC_CTX_init(context);
163 context_add_cleanup(context);
170 HMAC_CTX* ctx = (HMAC_CTX*) context;
171 const EVP_MD* md = (
const EVP_MD*) algorithm->
data;
172 HMAC_Init_ex(ctx, key->
data, key->
size, md, NULL);
177 update(
void* context,
const void* data,
size_t size)
179 HMAC_CTX* ctx = (HMAC_CTX*) context;
180 HMAC_Update(ctx, (
unsigned char*) data, (
int) size);
185 final(
void* context, uint8_t* digest,
size_t* size)
187 HMAC_CTX* ctx = (HMAC_CTX*) context;
188 unsigned len = (unsigned) *size;
189 HMAC_Final(ctx, digest, &len);
190 *size = (size_t) len;
200 tsig_handler_openssl_finalize(
void)
202 tsig_cleanup_table_type* entry = tsig_cleanup_table;
205 cleanup_context(entry->cleanup);