int
encryptFinal(void)
{
CCCryptorStatus status;
int rv;
/* finish zlib */
do {
strm.next_out = compressed;
strm.avail_out = sizeof(compressed);
rv = deflate(&strm, Z_FINISH);
if (rv != Z_OK && rv != Z_STREAM_END && rv != Z_BUF_ERROR) {
printf("zlib error %d\n", rv);
}
status = CCCryptorUpdate(cryptorRef,
compressed, sizeof(compressed) - strm.avail_out,
bufOut, sizeof(bufOut), &bufOutLen);
if (status != kCCSuccess) {
printf("cryptor update error\n");
return(-1);
}
if (bufOutLen) {
CCHmacUpdate(&hmacContext, bufOut, bufOutLen);
writer(bufOut, bufOutLen);
}
} while (strm.avail_out == 0);
deflateEnd(&strm);
status = CCCryptorFinal(cryptorRef,
bufOut, sizeof(bufOut), &bufOutLen);
if (status != kCCSuccess) {
printf("cryptor update error: %d\n", status);
}
if (bufOutLen) {
CCHmacUpdate(&hmacContext, bufOut, bufOutLen);
writer(bufOut, bufOutLen);
}
status = CCCryptorRelease(cryptorRef);
if (status != kCCSuccess) {
printf("cryptor release error\n");
}
CCHmacFinal(&hmacContext, &header.hmacDigest);
CCHmacFinal(&hmacContextPlain, &header.hmacDigestPlain);
seeker(0);
writer(&header, sizeof(header));
return(0);
}
/* normal crypt ops */
static OSStatus HMAC_Update(
HMACContextRef hmacCtx,
const void *data,
unsigned dataLen)
{
CCHmacUpdate(&hmacCtx->ccHmac, data, dataLen);
return noErr;
}
void Hmac::Update(const void* buffer, size_t length)
{
if (!mInitialized)
{
Initialize();
}
CCHmacUpdate(&mHMACContext, buffer, length);
}
int
decryptFinal(HMACCheck hmacCheck)
{
CCCryptorStatus status;
int rv;
uint8_t hmacDigest[CC_SHA512_DIGEST_LENGTH];
status = CCCryptorFinal(cryptorRef,
compressed, sizeof(compressed), &compressedLen);
if (status != kCCSuccess) {
printf("cryptor update error\n");
return(-1);
}
status = CCCryptorRelease(cryptorRef);
if (status != kCCSuccess) {
printf("cryptor release error\n");
}
if (compressedLen) {
strm.next_in = compressed;
strm.avail_in = (uint)compressedLen;
do {
strm.next_out = bufOut;
strm.avail_out = sizeof(bufOut);
rv = inflate(&strm, Z_FINISH);
if (rv != Z_OK && rv != Z_STREAM_END && rv != Z_BUF_ERROR) {
printf("zlib error\n");
}
bufOutLen = sizeof(bufOut) - strm.avail_out;
if (bufOutLen) {
CCHmacUpdate(&hmacContextPlain, bufOut, bufOutLen);
writer(bufOut, bufOutLen);
}
} while (strm.avail_out == 0);
}
inflateEnd(&strm);
if (hmacCheck == kHmacNoCheck)
return(0);
/* CHECK */
CCHmacFinal(&hmacContext, &hmacDigest);
if (memcmp(header.hmacDigest, hmacDigest, sizeof(hmacDigest)))
printf("CRYPT CORRUPT\n");
CCHmacFinal(&hmacContextPlain, &hmacDigest);
if (memcmp(header.hmacDigestPlain, hmacDigest, sizeof(hmacDigest)))
printf("PLAIN CORRUPT\n");
return(0);
}
int32_t mz_crypt_hmac_update(void *handle, const void *buf, int32_t size)
{
mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle;
if (hmac == NULL || buf == NULL)
return MZ_PARAM_ERROR;
CCHmacUpdate(&hmac->ctx, buf, size);
return MZ_OK;
}
static void
lib_hmac_update(mrb_state *mrb, struct mrb_hmac *hmac, unsigned char *data, mrb_int len)
{
#if MRB_INT_MAX > SIZE_MAX
if (len > SIZE_MAX) {
mrb_raise(mrb, E_ARGUMENT_ERROR, "too long string");
}
#endif
CCHmacUpdate(&hmac->ctx, data, len);
}
extern "C" int AppleCryptoNative_HmacUpdate(HmacCtx* ctx, uint8_t* pbData, int32_t cbData)
{
if (cbData == 0)
return 1;
if (ctx == nullptr || pbData == nullptr)
return 0;
// No return value
CCHmacUpdate(&ctx->hmac, pbData, static_cast<size_t>(cbData));
return 1;
}
static
void
hmac_sha1(const uint8_t *key, size_t key_len, const uint8_t *text, size_t text_len,
uint8_t digest[CC_SHA1_DIGEST_LENGTH])
{
CCHmacContext hmac_sha1_context;
CCHmacInit(&hmac_sha1_context, kCCHmacAlgSHA1, key, key_len);
CCHmacUpdate(&hmac_sha1_context, text, text_len);
CCHmacFinal(&hmac_sha1_context, digest);
}
int
decryptData(void *bufIn, size_t bufInLen)
{
CCCryptorStatus status;
int rv;
CCHmacUpdate(&hmacContext, bufIn, bufInLen);
status = CCCryptorUpdate(cryptorRef,
bufIn, bufInLen,
compressed, sizeof(compressed), &compressedLen);
if (status != kCCSuccess) {
printf("cryptor update error\n");
return(-1);
}
if (compressedLen) {
strm.next_in = compressed;
strm.avail_in = (uint)compressedLen;
do {
strm.next_out = bufOut;
strm.avail_out = sizeof(bufOut);
rv = inflate(&strm, Z_NO_FLUSH);
if (rv != Z_OK && rv != Z_STREAM_END && rv != Z_BUF_ERROR) {
printf("zlib error %d\n", rv);
}
bufOutLen = sizeof(bufOut) - strm.avail_out;
if (bufOutLen) {
CCHmacUpdate(&hmacContextPlain, bufOut, bufOutLen);
writer(bufOut, bufOutLen);
}
} while (strm.avail_out == 0);
}
return(0);
}
/*
* Stateless, one-shot HMAC function.
* Output is written to caller-spullied buffer, as in CCHmacFinal().
*/
void CCHmac(
CCHmacAlgorithm algorithm, /* kCCHmacSHA1, kCCHmacMD5 */
const void *key,
size_t keyLength, /* length of key in bytes */
const void *data,
size_t dataLength, /* length of data in bytes */
void *macOut) /* MAC written here */
{
CCHmacContext ctx;
CCHmacInit(&ctx, algorithm, key, keyLength);
CCHmacUpdate(&ctx, data, dataLength);
CCHmacFinal(&ctx, macOut);
}
/*
* Given an initialized CCHmacContext, feed it some data and get the result.
*/
static void hmacRun(
CCHmacContext *ctx,
bool randomUpdates,
const unsigned char *ptext,
size_t ptextLen,
void *dataOut)
{
while(ptextLen) {
size_t thisMoveIn; /* input to CCryptUpdate() */
if(randomUpdates) {
thisMoveIn = genRandomSize(1, ptextLen);
}
else {
thisMoveIn = ptextLen;
}
logSize(("###ptext segment (1) len %lu\n", (unsigned long)thisMoveIn));
CCHmacUpdate(ctx, ptext, thisMoveIn);
ptext += thisMoveIn;
ptextLen -= thisMoveIn;
}
CCHmacFinal(ctx, dataOut);
}
virtual bool update(const byte *in, int length) {
CCHmacUpdate(&ctx, in, length);
return true;
}
static void
__hmac_sha1_update(archive_hmac_sha1_ctx *ctx, const uint8_t *data,
size_t data_len)
{
CCHmacUpdate(ctx, data, data_len);
}
void MacContext::update(const CssmData &data)
{
CCHmacUpdate(&hmacCtx, data.data(), data.length());
}
void Crypto::MACUpdate(MAC m, const StringPiece &in) {
CCHmacUpdate(&FromVoid<CCMAC*>(m)->ctx, in.data(), in.size());
}
static int doHMacCloneTest(const uint8_t *ptext,
size_t ptextLen,
CCHmacAlgorithm hmacAlg,
uint32_t keySizeInBytes,
bool stagedOrig,
bool stagedClone,
bool quiet,
bool verbose)
{
uint8_t *keyBytes;
uint8_t hmacOrig[MAX_HMAC_SIZE];
uint8_t hmacClone[MAX_HMAC_SIZE];
int rtn = 1;
CCHmacContext ctxOrig;
CCHmacContext ctxClone;
unsigned die; /* 0..3 indicates when to clone */
unsigned loopNum = 0;
size_t hmacLen;
bool didClone = false;
switch(hmacAlg) {
case kCCHmacAlgSHA1:
if(verbose) diag("hmac-sha1\n");
hmacLen = CC_SHA1_DIGEST_LENGTH;
break;
case kCCHmacAlgMD5:
if(verbose) diag("hmac-md5\n");
hmacLen = CC_MD5_DIGEST_LENGTH;
break;
case kCCHmacAlgSHA224:
if(verbose) diag("hmac-sha224\n");
hmacLen = CC_SHA224_DIGEST_LENGTH;
break;
case kCCHmacAlgSHA256:
if(verbose) diag("hmac-sha256\n");
hmacLen = CC_SHA256_DIGEST_LENGTH;
break;
case kCCHmacAlgSHA384:
if(verbose) diag("hmac-sha384\n");
hmacLen = CC_SHA384_DIGEST_LENGTH;
break;
case kCCHmacAlgSHA512:
if(verbose) diag("hmac-sha512\n");
hmacLen = CC_SHA512_DIGEST_LENGTH;
break;
default:
if(verbose) diag("***BRRRZAP!\n");
return 0;
}
/* random key */
byteBuffer keyBuffer = genRandomByteBuffer(keySizeInBytes, keySizeInBytes);
keyBytes = keyBuffer->bytes;
/* cook up first context */
CCHmacInit(&ctxOrig, hmacAlg, keyBytes, keySizeInBytes);
/* roll the dice */
die = (unsigned) genRandomSize(0, 3);
/*
* In this loop we do updates to the ctxOrig up until we
* clone it, then we use hmacRun to finish both of them.
*/
while(ptextLen) {
if((die == loopNum) || !stagedOrig) {
/* make the clone now */
if(verbose) {
diag(" ...cloning at loop %u\n", loopNum);
}
ctxClone = ctxOrig;
didClone = true;
if(memcmp(&ctxClone, &ctxOrig, CC_HMAC_CONTEXT_SIZE * sizeof(uint32_t))) {
if(verbose) diag("*** context miscompare\n");
} else {
if(verbose) diag("*** context clone worked\n");
}
/* do all of the clone's updates and final here */
hmacRun(&ctxClone, stagedClone, ptext, ptextLen, hmacClone);
/* now do all remaining updates and final for original */
hmacRun(&ctxOrig, stagedOrig, ptext, ptextLen, hmacOrig);
/* we're all done, time to check the HMAC values */
break;
} /* making clone */
/* feed some data into cryptorOrig */
size_t thisMove;
if(stagedOrig) {
thisMove = genRandomSize(1, ptextLen);
}
else {
thisMove = ptextLen;
}
logSize(("###ptext segment (2) len %lu\n", (unsigned long)thisMove));
CCHmacUpdate(&ctxOrig, ptext, thisMove);
ptext += thisMove;
ptextLen -= thisMove;
loopNum++;
}
/*
* It's possible to get here without cloning or doing any finals,
* if we ran thru multiple updates and finished ptextLen for cryptorOrig
* before we hit the cloning spot.
*/
if(!didClone) {
if(verbose) {
diag("...ctxOrig finished before we cloned; skipping test\n");
}
return 1;
}
if(memcmp(hmacOrig, hmacClone, hmacLen)) {
diag("***data miscompare\n");
rtn = 0;
} else {
if(verbose) diag("*** clone worked\n");
rtn = 1;
}
if(keyBuffer) free(keyBuffer);
return rtn;
}