Commit d3b78b13 authored by jselbie's avatar jselbie

Merged changed from FeralInteractive and added support for CommonCrypto on Mac

parent 8aff602e
# BOOST_INCLUDE := -I/home/jselbie/boost_1_57_0
# OPENSSL_INCLUDE := -I/home/jselbie/lib/openssl
BOOST_INCLUDE := -I/Users/jselbie/boost_1_52_0
#OPENSSL_INCLUDE := -I/Users/jselbie/openssl/include
......@@ -18,13 +18,6 @@
#include "polling.h"
#include "fasthash.h"
#ifdef IS_LINUX
#ifndef HAS_EPOLL
#pragma message "polling.cpp: WARNING - EPOLL IS NOT AVAILABLE"
// --------------------------------------------------------------------------
......@@ -16,7 +16,7 @@
#include "commonincludes.hpp"
#include <openssl/hmac.h>
//#include <openssl/hmac.h>
#include "stuncore.h"
#include "stunsocket.h"
#include "stunsocketthread.h"
......@@ -24,8 +24,15 @@
#include "stunbuilder.h"
#include <boost/crc.hpp>
#ifndef __APPLE__
#include <openssl/md5.h>
#include <openssl/hmac.h>
#include <CommonCrypto/CommonCrypto.h>
#include "stunauth.h"
......@@ -498,10 +505,16 @@ HRESULT CStunMessageBuilder::AddMessageIntegrityImpl(uint8_t* key, size_t keysiz
// now do a little pointer math so that HMAC can write exactly to where the hash bytes will appear
pDstBuf = ((uint8_t*)pData) + length + 4;
pHashResult = HMAC(EVP_sha1(), key, keysize, (uint8_t*)pData, length, pDstBuf, &resultlength);
#ifndef __APPLE__
pHashResult = HMAC(EVP_sha1(), key, keysize, (uint8_t*)pData, length, pDstBuf, &resultlength);
ASSERT(resultlength == 20);
ASSERT(pHashResult != NULL);
CCHmac(kCCHmacAlgSHA1, key, keysize,(uint8_t*)pData, length, pDstBuf);
return hr;
......@@ -557,7 +570,12 @@ HRESULT CStunMessageBuilder::AddMessageIntegrityLongTerm(const char* pszUserName
ASSERT((pDst-key) == lenTotal);
#ifndef __APPLE__
pResult = MD5(key, lenTotal, hash);
pResult = CC_MD5(key, lenTotal, hash);
ASSERT(pResult != NULL);
hr= AddMessageIntegrityImpl(hash, MD5_DIGEST_LENGTH);
......@@ -22,9 +22,16 @@
#include "stunutils.h"
#include "socketaddress.h"
#include <boost/crc.hpp>
#ifndef __APPLE__
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/md5.h>
#include <CommonCrypto/CommonCrypto.h>
#include "stunauth.h"
#include "fasthash.h"
......@@ -145,7 +152,11 @@ HRESULT CStunMessageReader::ValidateMessageIntegrity(uint8_t* key, size_t keylen
const size_t c_hmacsize = 20;
uint8_t hmaccomputed[c_hmacsize] = {}; // zero-init
unsigned int hmaclength = c_hmacsize;
#ifndef __APPLE__
HMAC_CTX ctx = {};
CCHmacContext ctx = {};
uint32_t chunk32;
uint16_t chunk16;
size_t len, nChunks;
......@@ -182,13 +193,21 @@ HRESULT CStunMessageReader::ValidateMessageIntegrity(uint8_t* key, size_t keylen
stream.Attach(spBuffer, false);
// Here comes the fun part. If there is a fingerprint attribute, we have to adjust the length header in computing the hash
#ifndef __APPLE__
fContextInit = true;
HMAC_Init(&ctx, key, keylength, EVP_sha1());
CCHmacInit(&ctx, kCCHmacAlgSHA1, key, keylength);
fContextInit = true;
// message type
#ifndef __APPLE__
HMAC_Update(&ctx, (unsigned char*)&chunk16, sizeof(chunk16));
CCHmacUpdate(&ctx, &chunk16, sizeof(chunk16));
// message length
......@@ -203,7 +222,12 @@ HRESULT CStunMessageReader::ValidateMessageIntegrity(uint8_t* key, size_t keylen
chunk16 = htons(adjustedlengthHeader);
#ifndef __APPLE__
HMAC_Update(&ctx, (unsigned char*)&chunk16, sizeof(chunk16));
CCHmacUpdate(&ctx, &chunk16, sizeof(chunk16));
// now include everything up to the hash attribute itself.
len = pAttribIntegrity->offset;
......@@ -217,10 +241,19 @@ HRESULT CStunMessageReader::ValidateMessageIntegrity(uint8_t* key, size_t keylen
for (size_t count = 0; count < nChunks; count++)
#ifndef __APPLE__
HMAC_Update(&ctx, (unsigned char*)&chunk32, sizeof(chunk32));
CCHmacUpdate(&ctx, &chunk32, sizeof(chunk32));
#ifndef __APPLE__
HMAC_Final(&ctx, hmaccomputed, &hmaclength);
CCHmacFinal(&ctx, hmaccomputed);
// now compare the bytes
cmp = memcmp(hmaccomputed, spBuffer->GetData() + pAttribIntegrity->offset, c_hmacsize);
......@@ -230,7 +263,11 @@ HRESULT CStunMessageReader::ValidateMessageIntegrity(uint8_t* key, size_t keylen
if (fContextInit)
#ifndef __APPLE__
return hr;
......@@ -289,7 +326,19 @@ HRESULT CStunMessageReader::ValidateMessageIntegrityLong(const char* pszUser, co
ASSERT((pDst-key) == totallength);
#ifndef __APPLE__
ChkIfA(NULL == MD5(key, totallength, hash), E_FAIL);
CC_MD5_CTX context = {};
CC_MD5_Update(&context, key, totallength);
CC_MD5_Final(hash, &context);
Chk(ValidateMessageIntegrity(hash, ARRAYSIZE(hash)));
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment