void DigestTests::testDigest() { CK_RV rv; CK_SESSION_HANDLE hSession = CK_INVALID_HANDLE; CK_MECHANISM mechanism = { CKM_SHA512, NULL_PTR, 0 }; CK_ULONG digestLen; CK_BYTE_PTR digest; CK_BYTE data[] = {"Text to digest"}; // Just make sure that we finalize any previous tests CRYPTOKI_F_PTR( C_Finalize(NULL_PTR) ); rv = CRYPTOKI_F_PTR( C_Digest(hSession, data, sizeof(data)-1, NULL_PTR, &digestLen) ); CPPUNIT_ASSERT(rv == CKR_CRYPTOKI_NOT_INITIALIZED); rv = CRYPTOKI_F_PTR( C_Initialize(NULL_PTR) ); CPPUNIT_ASSERT(rv == CKR_OK); rv = CRYPTOKI_F_PTR( C_OpenSession(m_initializedTokenSlotID, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &hSession) ); CPPUNIT_ASSERT(rv == CKR_OK); rv = CRYPTOKI_F_PTR( C_Digest(CK_INVALID_HANDLE, data, sizeof(data)-1, NULL_PTR, &digestLen) ); CPPUNIT_ASSERT(rv == CKR_SESSION_HANDLE_INVALID); rv = CRYPTOKI_F_PTR( C_Digest(hSession, data, sizeof(data)-1, NULL_PTR, &digestLen) ); CPPUNIT_ASSERT(rv == CKR_OPERATION_NOT_INITIALIZED); rv = CRYPTOKI_F_PTR( C_DigestInit(hSession, &mechanism) ); CPPUNIT_ASSERT(rv == CKR_OK); rv = CRYPTOKI_F_PTR( C_Digest(hSession, NULL_PTR, sizeof(data)-1, NULL_PTR, &digestLen) ); CPPUNIT_ASSERT(rv == CKR_ARGUMENTS_BAD); rv = CRYPTOKI_F_PTR( C_Digest(hSession, data, sizeof(data)-1, NULL_PTR, NULL_PTR) ); CPPUNIT_ASSERT(rv == CKR_ARGUMENTS_BAD); rv = CRYPTOKI_F_PTR( C_Digest(hSession, data, sizeof(data)-1, NULL_PTR, &digestLen) ); CPPUNIT_ASSERT(rv == CKR_OK); digest = (CK_BYTE_PTR)malloc(digestLen); digestLen = 0; rv = CRYPTOKI_F_PTR( C_Digest(hSession, data, sizeof(data)-1, digest, &digestLen) ); CPPUNIT_ASSERT(rv == CKR_BUFFER_TOO_SMALL); rv = CRYPTOKI_F_PTR( C_Digest(hSession, data, sizeof(data)-1, digest, &digestLen) ); CPPUNIT_ASSERT(rv == CKR_OK); rv = CRYPTOKI_F_PTR( C_Digest(hSession, data, sizeof(data)-1, digest, &digestLen) ); CPPUNIT_ASSERT(rv == CKR_OPERATION_NOT_INITIALIZED); free(digest); }
HRESULT Library_security_pkcs11_native_Microsoft_SPOT_Cryptoki_CryptokiDigest::DigestInternal___SZARRAY_U1__SZARRAY_U1__I4__I4( CLR_RT_StackFrame& stack ) { TINYCLR_HEADER(); CLR_RT_HeapBlock* pThis = stack.This(); CLR_RT_HeapBlock_Array* pData = stack.Arg1().DereferenceArray(); CLR_INT32 offset = stack.Arg2().NumericByRef().s4; CLR_INT32 len = stack.Arg3().NumericByRef().s4; CLR_RT_HeapBlock* pSession = pThis[Library_security_pkcs11_native_Microsoft_SPOT_Cryptoki_SessionContainer::FIELD__m_session].Dereference(); CLR_INT32 digestSize = pThis[Library_security_pkcs11_native_Microsoft_SPOT_Cryptoki_CryptokiDigest::FIELD__m_hashSize].NumericByRef().s4; CK_SESSION_HANDLE hSession; //CLR_INT32 maxProcessingBytes; FAULT_ON_NULL_ARG(pData); FAULT_ON_NULL(pSession); if((offset + len) > (CLR_INT32)pData->m_numOfElements) TINYCLR_SET_AND_LEAVE(CLR_E_OUT_OF_RANGE); hSession = (CK_SESSION_HANDLE)pSession[Library_security_pkcs11_native_Microsoft_SPOT_Cryptoki_Session::FIELD__m_handle].NumericByRef().s4; if(hSession == CK_SESSION_HANDLE_INVALID) TINYCLR_SET_AND_LEAVE(CLR_E_OBJECT_DISPOSED); // TODO: add code for processing chunks at a time if size is too big //maxProcessingBytes = pSession[Library_security_pkcs11_native_Microsoft_SPOT_Cryptoki_Session::FIELD__m_maxProcessingBytes].NumericByRef().s4; TINYCLR_CHECK_HRESULT(CLR_RT_HeapBlock_Array::CreateInstance(stack.PushValue(), digestSize, g_CLR_RT_WellKnownTypes.m_UInt8)); CRYPTOKI_CHECK_RESULT(stack, C_Digest(hSession, pData->GetElement(offset), len, stack.TopValue().DereferenceArray()->GetFirstElement(), (CK_ULONG_PTR)&digestSize)); TINYCLR_NOCLEANUP(); }
void DigestTests::testDigestAll() { CK_RV rv; CK_SESSION_HANDLE hSession; CK_MECHANISM mechanisms[] = { #ifndef WITH_FIPS { CKM_MD5, NULL_PTR, 0 }, #endif { CKM_SHA_1, NULL_PTR, 0 }, { CKM_SHA224, NULL_PTR, 0 }, { CKM_SHA256, NULL_PTR, 0 }, { CKM_SHA384, NULL_PTR, 0 }, { CKM_SHA512, NULL_PTR, 0 }, #ifdef WITH_GOST { CKM_GOSTR3411, NULL_PTR, 0 }, #endif }; CK_ULONG digestLen; CK_BYTE_PTR digest; CK_BYTE data[] = {"Text to digest"}; // Just make sure that we finalize any previous tests CRYPTOKI_F_PTR( C_Finalize(NULL_PTR) ); rv = CRYPTOKI_F_PTR( C_Initialize(NULL_PTR) ); CPPUNIT_ASSERT(rv == CKR_OK); rv = CRYPTOKI_F_PTR( C_OpenSession(m_initializedTokenSlotID, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &hSession) ); CPPUNIT_ASSERT(rv == CKR_OK); for (unsigned int i = 0; i < sizeof(mechanisms)/sizeof(CK_MECHANISM); i++) { rv = CRYPTOKI_F_PTR( C_DigestInit(hSession, &mechanisms[i]) ); CPPUNIT_ASSERT(rv == CKR_OK); rv = CRYPTOKI_F_PTR( C_Digest(hSession, data, sizeof(data)-1, NULL_PTR, &digestLen) ); CPPUNIT_ASSERT(rv == CKR_OK); digest = (CK_BYTE_PTR)malloc(digestLen); rv = CRYPTOKI_F_PTR( C_Digest(hSession, data, sizeof(data)-1, digest, &digestLen) ); CPPUNIT_ASSERT(rv == CKR_OK); free(digest); } }
/* * Compute hashes using metaslot (or softtoken). * Not all hardware tokens support the combined HASH + RSA/EC * Signing operations so it is safer to separate the hashing * from the signing. This function generates a hash using a * separate session. The resulting digest can be signed later. */ KMF_RETURN PKCS_DigestData(KMF_HANDLE_T handle, CK_SESSION_HANDLE hSession, CK_MECHANISM_TYPE mechtype, KMF_DATA *tobesigned, KMF_DATA *output, boolean_t pkcs1_encoding) { KMF_RETURN rv = KMF_OK; CK_RV ckrv; CK_MECHANISM mechanism; KMF_HANDLE *kmfh = (KMF_HANDLE *)handle; CK_BYTE outbuf[MAX_SHA2_DIGEST_LENGTH + sizeof (SHA512_DER_PREFIX)]; CK_ULONG outlen = sizeof (outbuf); mechanism.mechanism = mechtype; mechanism.pParameter = NULL; mechanism.ulParameterLen = 0; ckrv = C_DigestInit(hSession, &mechanism); if (ckrv != CKR_OK) { kmfh->lasterr.kstype = KMF_KEYSTORE_PK11TOKEN; kmfh->lasterr.errcode = ckrv; rv = KMF_ERR_INTERNAL; goto end; } ckrv = C_Digest(hSession, tobesigned->Data, tobesigned->Length, outbuf, &outlen); if (ckrv != CKR_OK) { kmfh->lasterr.kstype = KMF_KEYSTORE_PK11TOKEN; kmfh->lasterr.errcode = ckrv; rv = KMF_ERR_INTERNAL; } if (pkcs1_encoding) { uchar_t *pfx; int pfxlen; switch (mechtype) { case CKM_MD5: pfx = MD5_DER_PREFIX; pfxlen = sizeof (MD5_DER_PREFIX); break; case CKM_SHA_1: pfx = SHA1_DER_PREFIX; pfxlen = sizeof (SHA1_DER_PREFIX); break; case CKM_SHA256: pfx = SHA256_DER_PREFIX; pfxlen = sizeof (SHA256_DER_PREFIX); break; case CKM_SHA384: pfx = SHA384_DER_PREFIX; pfxlen = sizeof (SHA384_DER_PREFIX); break; case CKM_SHA512: pfx = SHA512_DER_PREFIX; pfxlen = sizeof (SHA512_DER_PREFIX); break; default: rv = KMF_ERR_BAD_ALGORITHM; goto end; } (void) memcpy(output->Data, pfx, pfxlen); (void) memcpy(output->Data + pfxlen, outbuf, outlen); output->Length = outlen + pfxlen; } else { (void) memcpy(output->Data, outbuf, outlen); output->Length = outlen; } end: return (rv); }