PKIFXSECCryptoHash.cpp

Go to the documentation of this file.

#include "PKIFXSECCryptoHash.h"
#include "PKIFXSECCryptoKeyHMAC.h"

#include <xsec/enc/XSCrypt/XSCryptCryptoBase64.hpp>
#include <xsec/enc/XSECCryptoException.hpp>
#include <xsec/enc/XSECCryptoUtils.hpp>
#include <xsec/framework/XSECError.hpp>


struct PKIFXSECCryptoHashImpl
{
    PKIFXSECCryptoHashImpl();
    IPKIFMediatorPtr m_med;
    XSECCryptoHash::HashType m_alg;
    CPKIFKeyMaterialPtr m_key;
    IPKIFRawCryptContext * m_hmacCtx;
    IPKIFHashContext * m_hashCtx;
    IPKIFCryptoRaw * m_raw;
    IPKIFCryptoMisc * m_misc;
};

PKIFXSECCryptoHashImpl::PKIFXSECCryptoHashImpl()
{
    m_hmacCtx = 0;
    m_hashCtx = 0;
    m_raw = 0;
    m_misc = 0;
}

PKIFCRYPTO::HASH_ALG pkifHashAlgForHT(
                                      XSECCryptoHash::HashType ht)
{
    switch(ht) {
        case HASH_SHA1:
            return PKIFCRYPTO::SHA1;
            break;
        case HASH_MD5:
            return PKIFCRYPTO::MD5;
            break;
        case HASH_SHA224:
            return PKIFCRYPTO::SHA224;
            break;
        case HASH_SHA256:
            return PKIFCRYPTO::SHA256;
            break;
        case HASH_SHA384:
            return PKIFCRYPTO::SHA384;
            break;
        case HASH_SHA512:
            return PKIFCRYPTO::SHA512;
            break;
    }
    // the xml security library default
    return PKIFCRYPTO::SHA1;
}

PKIFXSECCryptoHash::PKIFXSECCryptoHash()
:m_impl(new PKIFXSECCryptoHashImpl)
{
}

PKIFXSECCryptoHash::PKIFXSECCryptoHash(
       IPKIFMediatorPtr & med,
       HashType alg)
:m_impl(new PKIFXSECCryptoHashImpl)
{
    m_impl->m_med = med;
    m_impl->m_alg = alg;
    
}

PKIFXSECCryptoHash::~PKIFXSECCryptoHash()
{
    if(m_impl) {
        if(m_impl->m_hmacCtx) {
            delete m_impl->m_hmacCtx;
            m_impl->m_hmacCtx = 0;
        }
        if(m_impl->m_hashCtx) {
            delete m_impl->m_hashCtx;
            m_impl->m_hashCtx = 0;
        }
        delete m_impl;
        m_impl = 0;
    }
}

void PKIFXSECCryptoHash::reset(void)
{
    if(m_impl->m_hmacCtx) {
        delete m_impl->m_hmacCtx;
        m_impl->m_hmacCtx = 0;
    }
    if(m_impl->m_hashCtx) {
        delete m_impl->m_hashCtx;
        m_impl->m_hashCtx = 0;
    }
}

void PKIFXSECCryptoHash::hash(
      unsigned char * data,
      unsigned int length)
{
    if(!m_impl->m_med) {
        throw XSECCryptoException(XSECCryptoException::MDError,
            "PKIFXSECCryptoHash - No mediator is configured");
    }
    try {
        // the only way to tell between a HMAC call and a hash call is whether a key's been set
        if(m_impl->m_key) {
            // hang on to a pointer for future updates 
            if(!m_impl->m_raw) {
                m_impl->m_raw = m_impl->m_med->GetMediator<IPKIFCryptoRaw>();
                if(!m_impl->m_raw) {
                    throw XSECCryptoException(XSECCryptoException::MDError,
                        "PKIFXSECCryptoHash - No mediator is configured for HMAC support");
                }
            }
            // since there's no init call, this is the best way to tell if it's a new hash
            if(!m_impl->m_hmacCtx) {
                m_impl->m_hmacCtx = m_impl->m_raw->HMACInit(*(m_impl->m_key),pkifHashAlgForHT(m_impl->m_alg));
            }
            m_impl->m_raw->HMACUpdate(m_impl->m_hmacCtx,data,length);
        } else {
            // hang on to a pointer for future updates
            if(!m_impl->m_misc) {   
                m_impl->m_misc = m_impl->m_med->GetMediator<IPKIFCryptoMisc>();
                if(!m_impl->m_misc) {
                    throw XSECCryptoException(XSECCryptoException::MDError,
                        "PKIFXSECCryptoHash - No mediator is configured for hash support");
                }
            }
            // since there's no init call, this is the best way to tell if it's a new hash
            if(!m_impl->m_hashCtx) {
                m_impl->m_hashCtx = m_impl->m_misc->HashInit(pkifHashAlgForHT(m_impl->m_alg));
            }
            m_impl->m_misc->HashUpdate(m_impl->m_hashCtx,data,length);
        }
    }catch(CPKIFException & e) {
        throw XSECCryptoException(XSECCryptoException::MDError,e.GetDescription());
    }
}

unsigned int PKIFXSECCryptoHash::finish(
    unsigned char * hash,
    unsigned int maxLength)
{
    int outLen = maxLength;
    try {
        // the only way to tell between a HMAC call and a hash call is whether a key's been set
        if(m_impl->m_hmacCtx) {
            m_impl->m_raw->HMACFinal(m_impl->m_hmacCtx,hash,&outLen);
        } else if(m_impl->m_hashCtx){
            m_impl->m_misc->HashFinal(m_impl->m_hashCtx,hash,&outLen);
        }
    }catch(CPKIFException & e) {
        throw XSECCryptoException(XSECCryptoException::MDError,e.GetDescription());
    }
    return outLen;
}

XSECCryptoHash::HashType PKIFXSECCryptoHash::getHashType() const
{
    return m_impl->m_alg;
}

void PKIFXSECCryptoHash::setKey(
    XSECCryptoKey * key)
{
    if(!key){
        CPKIFKeyMaterialPtr empty;
        m_impl->m_key = empty;
        return;
    }
    PKIFXSECCryptoKeyHMAC * hmacKey = dynamic_cast<PKIFXSECCryptoKeyHMAC *>(key);
    if(!hmacKey) {
        throw XSECCryptoException(XSECCryptoException::MDError,
            "PKIFXSECCryptoHash - Invalid key");
    }

    m_impl->m_key = hmacKey->getPKIFKeyMaterial();
}