/** * Create a PKCS12 signing context for use in ccnx_Signing from the provided key. It is destroyed * by parc_Signing when the signing context is destroyed. * * Example: * @code * <#example#> * @endcode */ PARCSigningInterface * parcSymmetricSignerFileStore_Create(PARCBuffer *secret_key, PARCCryptoHashType hmacHashType) { _PARCAesSignerFileStore *keystore = parcMemory_AllocateAndClear(sizeof(_PARCAesSignerFileStore)); assertNotNull(keystore, "parcMemory_AllocateAndClear(%zu) returned NULL, cannot allocate keystore", sizeof(_PARCAesSignerFileStore)); keystore->hashType = hmacHashType; switch (hmacHashType) { case PARC_HASH_SHA256: keystore->hashLength = SHA256_DIGEST_LENGTH; keystore->opensslMd = EVP_sha256(); break; case PARC_HASH_SHA512: keystore->hashLength = SHA512_DIGEST_LENGTH; keystore->opensslMd = EVP_sha512(); break; default: parcBuffer_Release(&secret_key); parcMemory_Deallocate((void **) &keystore); trapIllegalValue(hmacHashType, "Unknown HMAC hash type: %d", hmacHashType); } keystore->secretKey = parcBuffer_Acquire(secret_key); // the signer key digest is SHA256, independent of the HMAC digest PARCCryptoHasher *hasher = parcCryptoHasher_Create(PARC_HASH_SHA256); parcCryptoHasher_Init(hasher); parcCryptoHasher_UpdateBuffer(hasher, secret_key); keystore->secretKeyHash = parcCryptoHasher_Finalize(hasher); parcCryptoHasher_Release(&hasher); // create the functor from the template then specialize it to this keystore. // This depends on keystore->secret_key being set. It will cause a callback // into hmac_setup() keystore->hasherFunctor = functor_hmac; keystore->hasherFunctor.functor_env = keystore; keystore->hasher = parcCryptoHasher_CustomHasher(keystore->hashType, keystore->hasherFunctor); PARCSigningInterface *signer = parcMemory_AllocateAndClear(sizeof(PARCSigningInterface)); assertNotNull(signer, "parcMemory_AllocateAndClear(%zu) returned NULL", sizeof(PARCSigningInterface)); *signer = aeskeystoreinterface; signer->interfaceContext = keystore; return signer; }
PARCSymmetricKeySigner * parcSymmetricKeySigner_Create(PARCSymmetricKeyStore *keyStore, PARCCryptoHashType hmacHashType) { PARCSymmetricKeySigner *result = parcObject_CreateInstance(PARCSymmetricKeySigner); if (result != NULL) { result->hashType = hmacHashType; switch (hmacHashType) { case PARC_HASH_SHA256: result->hashLength = SHA256_DIGEST_LENGTH; result->opensslMd = EVP_sha256(); break; case PARC_HASH_SHA512: result->hashLength = SHA512_DIGEST_LENGTH; result->opensslMd = EVP_sha512(); break; default: parcObject_Release((void **) &result); trapIllegalValue(hmacHashType, "Unknown HMAC hash type: %d", hmacHashType); } // the signer key digest is SHA256, independent of the HMAC digest result->secretKeyHash = parcSymmetricKeyStore_GetVerifierKeyDigest(keyStore); result->keyStore = parcSymmetricKeyStore_Acquire(keyStore); result->generalKeyStore = parcKeyStore_Create(result->keyStore, PARCSymmetricKeyStoreAsKeyStore); // create the functor from the template then specialize it to this keystore. // This depends on keystore->secret_key being set. It will cause a callback // into hmac_setup() result->hasherFunctor = functor_hmac; result->hasherFunctor.functor_env = result; result->hasher = parcCryptoHasher_CustomHasher(hmacHashType, result->hasherFunctor); } return result; }