diff options
| author | Franklin Wei <me@fwei.tk> | 2018-06-03 21:38:24 -0400 |
|---|---|---|
| committer | Franklin Wei <me@fwei.tk> | 2018-06-03 21:38:24 -0400 |
| commit | a4bee983312b69bb28bc57f3e7210f0e9b645930 (patch) | |
| tree | c423e2eff707d137e4a77c44cc14a43b295d7fa5 | |
| parent | 0478b7bc8f570a48e8524342b2f02331d87c028d (diff) | |
| download | csaa-a4bee983312b69bb28bc57f3e7210f0e9b645930.zip csaa-a4bee983312b69bb28bc57f3e7210f0e9b645930.tar.gz csaa-a4bee983312b69bb28bc57f3e7210f0e9b645930.tar.bz2 csaa-a4bee983312b69bb28bc57f3e7210f0e9b645930.tar.xz | |
Implement authenticated acknowledgement
| -rw-r--r-- | trusted_module.c | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/trusted_module.c b/trusted_module.c index e7f2d67..501267f 100644 --- a/trusted_module.c +++ b/trusted_module.c @@ -436,11 +436,27 @@ static uint64_t hash_to_u64(hash_t h) return ret; } -/* generate a signed acknowledgement for successful completion of a - * request */ +/* Generate a signed acknowledgement for successful completion of a + * request. We append a zero byte to the user request and take the + * HMAC. */ static hash_t req_ack(const struct trusted_module *tm, const struct user_request *req) { - /* TODO */ + HMAC_CTX *ctx = HMAC_CTX_new(); + HMAC_Init_ex(ctx, + tm->user_keys[req->user_id - 1].key, + tm->user_keys[req->user_id - 1].len, + EVP_sha256(), NULL); + + HMAC_Update(ctx, (const unsigned char*)req, sizeof(*req)); + + char zero = 0; + HMAC_Update(ctx, &zero, 1); + + hash_t hmac; + HMAC_Final(ctx, hmac.hash, NULL); + HMAC_CTX_free(ctx); + + return hmac; } /* execute a user request, if possible */ |