/* Final update and encoding of data in the context.
* This does require all requisite fields be properly
* set.
*/
int
fko_spa_data_final(fko_ctx_t ctx, char *enc_key)
{
/* Must be initialized
*/
if(!CTX_INITIALIZED(ctx))
return(FKO_ERROR_CTX_NOT_INITIALIZED);
return(fko_encrypt_spa_data(ctx, enc_key));
}
/* Final update and encoding of data in the context.
* This does require all requisite fields be properly
* set.
*/
int
fko_spa_data_final(fko_ctx_t ctx,
const char * const enc_key, const int enc_key_len,
const char * const hmac_key, const int hmac_key_len)
{
char *tbuf;
int res = 0, data_with_hmac_len = 0;
/* Must be initialized
*/
if(!CTX_INITIALIZED(ctx))
return(FKO_ERROR_CTX_NOT_INITIALIZED);
if(enc_key_len < 0)
return(FKO_ERROR_INVALID_KEY_LEN);
res = fko_encrypt_spa_data(ctx, enc_key, enc_key_len);
/* Now calculate hmac if so configured
*/
if (res == FKO_SUCCESS && ctx->hmac_type != FKO_HMAC_UNKNOWN)
{
if(hmac_key_len < 0)
return(FKO_ERROR_INVALID_KEY_LEN);
if(hmac_key == NULL)
return(FKO_ERROR_INVALID_KEY_LEN);
res = fko_set_spa_hmac(ctx, hmac_key, hmac_key_len);
if (res == FKO_SUCCESS)
{
/* Now that we have the hmac, append it to the
* encrypted data (which has already been base64-encoded
* and the trailing '=' chars stripped off).
*/
data_with_hmac_len
= ctx->encrypted_msg_len+1+ctx->msg_hmac_len+1;
tbuf = realloc(ctx->encrypted_msg, data_with_hmac_len);
if (tbuf == NULL)
return(FKO_ERROR_MEMORY_ALLOCATION);
strlcat(tbuf, ctx->msg_hmac, data_with_hmac_len);
ctx->encrypted_msg = tbuf;
ctx->encrypted_msg_len = data_with_hmac_len;
}
}
return res;
}
/* encrypt_spa_data
*/
static PyObject *
encrypt_spa_data(PyObject *self, PyObject *args)
{
fko_ctx_t ctx;
char *key;
int key_len;
int res;
if(!PyArg_ParseTuple(args, "ks#", &ctx, &key, &key_len))
return NULL;
res = fko_encrypt_spa_data(ctx, key, key_len);
if(res != FKO_SUCCESS)
{
PyErr_SetString(FKOError, fko_errstr(res));
return NULL;
}
return Py_BuildValue("", NULL);
}
