/**
* Create a PKCS12 signing context for use in ccnx_Signing from the provided key. It is destroyed
* by parc_Signing when the signing context is destroyed.
*
* Example:
* @code
* <#example#>
* @endcode
*/
PARCSigningInterface *
parcSymmetricSignerFileStore_Create(PARCBuffer *secret_key, PARCCryptoHashType hmacHashType)
{
_PARCAesSignerFileStore *keystore = parcMemory_AllocateAndClear(sizeof(_PARCAesSignerFileStore));
assertNotNull(keystore, "parcMemory_AllocateAndClear(%zu) returned NULL, cannot allocate keystore", sizeof(_PARCAesSignerFileStore));
keystore->hashType = hmacHashType;
switch (hmacHashType) {
case PARC_HASH_SHA256:
keystore->hashLength = SHA256_DIGEST_LENGTH;
keystore->opensslMd = EVP_sha256();
break;
case PARC_HASH_SHA512:
keystore->hashLength = SHA512_DIGEST_LENGTH;
keystore->opensslMd = EVP_sha512();
break;
default:
parcBuffer_Release(&secret_key);
parcMemory_Deallocate((void **) &keystore);
trapIllegalValue(hmacHashType, "Unknown HMAC hash type: %d", hmacHashType);
}
keystore->secretKey = parcBuffer_Acquire(secret_key);
// the signer key digest is SHA256, independent of the HMAC digest
PARCCryptoHasher *hasher = parcCryptoHasher_Create(PARC_HASH_SHA256);
parcCryptoHasher_Init(hasher);
parcCryptoHasher_UpdateBuffer(hasher, secret_key);
keystore->secretKeyHash = parcCryptoHasher_Finalize(hasher);
parcCryptoHasher_Release(&hasher);
// create the functor from the template then specialize it to this keystore.
// This depends on keystore->secret_key being set. It will cause a callback
// into hmac_setup()
keystore->hasherFunctor = functor_hmac;
keystore->hasherFunctor.functor_env = keystore;
keystore->hasher = parcCryptoHasher_CustomHasher(keystore->hashType, keystore->hasherFunctor);
PARCSigningInterface *signer = parcMemory_AllocateAndClear(sizeof(PARCSigningInterface));
assertNotNull(signer, "parcMemory_AllocateAndClear(%zu) returned NULL", sizeof(PARCSigningInterface));
*signer = aeskeystoreinterface;
signer->interfaceContext = keystore;
return signer;
}
PARCSymmetricKeySigner *
parcSymmetricKeySigner_Create(PARCSymmetricKeyStore *keyStore, PARCCryptoHashType hmacHashType)
{
PARCSymmetricKeySigner *result = parcObject_CreateInstance(PARCSymmetricKeySigner);
if (result != NULL) {
result->hashType = hmacHashType;
switch (hmacHashType) {
case PARC_HASH_SHA256:
result->hashLength = SHA256_DIGEST_LENGTH;
result->opensslMd = EVP_sha256();
break;
case PARC_HASH_SHA512:
result->hashLength = SHA512_DIGEST_LENGTH;
result->opensslMd = EVP_sha512();
break;
default:
parcObject_Release((void **) &result);
trapIllegalValue(hmacHashType, "Unknown HMAC hash type: %d", hmacHashType);
}
// the signer key digest is SHA256, independent of the HMAC digest
result->secretKeyHash = parcSymmetricKeyStore_GetVerifierKeyDigest(keyStore);
result->keyStore = parcSymmetricKeyStore_Acquire(keyStore);
result->generalKeyStore = parcKeyStore_Create(result->keyStore, PARCSymmetricKeyStoreAsKeyStore);
// create the functor from the template then specialize it to this keystore.
// This depends on keystore->secret_key being set. It will cause a callback
// into hmac_setup()
result->hasherFunctor = functor_hmac;
result->hasherFunctor.functor_env = result;
result->hasher = parcCryptoHasher_CustomHasher(hmacHashType, result->hasherFunctor);
}
return result;
}
