Implementation of HMAC-SHA1-96 Integrity Algorithm
Change-Id: Id301f0cb6e7cc9cde79385a18f3999d8d9c0feab
Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
diff --git a/integrity_algo.cpp b/integrity_algo.cpp
index b765e06..16d0863 100644
--- a/integrity_algo.cpp
+++ b/integrity_algo.cpp
@@ -25,6 +25,47 @@
authCodeLength = authLength;
}
+Buffer AlgoSHA1::generateHMAC(const uint8_t* input, const size_t len) const
+{
+ Buffer output(SHA_DIGEST_LENGTH);
+ unsigned int mdLen = 0;
+
+ if (HMAC(EVP_sha1(), K1.data(), K1.size(), input, len,
+ output.data(), &mdLen) == NULL)
+ {
+ throw std::runtime_error("Generating integrity data failed");
+ }
+
+ // HMAC generates Message Digest to the size of SHA_DIGEST_LENGTH, the
+ // AuthCode field length is based on the integrity algorithm. So we are
+ // interested only in the AuthCode field length of the generated Message
+ // digest.
+ output.resize(authCodeLength);
+
+ return output;
+}
+
+bool AlgoSHA1::verifyIntegrityData(const Buffer& packet,
+ const size_t length,
+ Buffer::const_iterator integrityData) const
+{
+
+ auto output = generateHMAC(
+ packet.data() + message::parser::RMCP_SESSION_HEADER_SIZE,
+ length);
+
+ // Verify if the generated integrity data for the packet and the received
+ // integrity data matches.
+ return (std::equal(output.begin(), output.end(), integrityData));
+}
+
+Buffer AlgoSHA1::generateIntegrityData(const Buffer& packet) const
+{
+ return generateHMAC(
+ packet.data() + message::parser::RMCP_SESSION_HEADER_SIZE,
+ packet.size() - message::parser::RMCP_SESSION_HEADER_SIZE);
+}
+
}// namespace integrity
}// namespace cipher