static void _wi_sha2_ctx_init(wi_sha2_bits_t bits, _wi_sha2_ctx_t *ctx) {
ctx->bits = bits;
#ifdef WI_SHA2_OPENSSL
switch(ctx->bits) {
case WI_SHA2_224:
SHA224_Init(&ctx->openssl_256_ctx);
break;
case WI_SHA2_256:
SHA256_Init(&ctx->openssl_256_ctx);
break;
case WI_SHA2_384:
SHA384_Init(&ctx->openssl_512_ctx);
break;
case WI_SHA2_512:
SHA512_Init(&ctx->openssl_512_ctx);
break;
}
#endif
#ifdef WI_SHA2_COMMONCRYPTO
switch(ctx->bits) {
case WI_SHA2_224:
CC_SHA224_Init(&ctx->commondigest_256_ctx);
break;
case WI_SHA2_256:
CC_SHA256_Init(&ctx->commondigest_256_ctx);
break;
case WI_SHA2_384:
CC_SHA384_Init(&ctx->commondigest_512_ctx);
break;
case WI_SHA2_512:
CC_SHA512_Init(&ctx->commondigest_512_ctx);
break;
}
#endif
}
std::unique_ptr<CryptoDigest> CryptoDigest::create(CryptoAlgorithmIdentifier algorithm)
{
std::unique_ptr<CryptoDigest> digest(new CryptoDigest);
digest->m_context->algorithm = algorithm;
switch (algorithm) {
case CryptoAlgorithmIdentifier::SHA_1: {
CC_SHA1_CTX* context = new CC_SHA1_CTX;
digest->m_context->ccContext = context;
CC_SHA1_Init(context);
return digest;
}
case CryptoAlgorithmIdentifier::SHA_224: {
CC_SHA256_CTX* context = new CC_SHA256_CTX;
digest->m_context->ccContext = context;
CC_SHA224_Init(context);
return digest;
}
case CryptoAlgorithmIdentifier::SHA_256: {
CC_SHA256_CTX* context = new CC_SHA256_CTX;
digest->m_context->ccContext = context;
CC_SHA256_Init(context);
return digest;
}
case CryptoAlgorithmIdentifier::SHA_384: {
CC_SHA512_CTX* context = new CC_SHA512_CTX;
digest->m_context->ccContext = context;
CC_SHA384_Init(context);
return digest;
}
case CryptoAlgorithmIdentifier::SHA_512: {
CC_SHA512_CTX* context = new CC_SHA512_CTX;
digest->m_context->ccContext = context;
CC_SHA512_Init(context);
return digest;
}
default:
return nullptr;
}
}
void *
SecCmsUtilGetHashObjByAlgID(SECAlgorithmID *algid)
{
SECOidData *oidData = SECOID_FindOID(&(algid->algorithm));
if (oidData)
{
void *digobj = NULL;
switch (oidData->offset) {
case SEC_OID_SHA1:
digobj = calloc(1, sizeof(CC_SHA1_CTX));
CC_SHA1_Init(digobj);
break;
case SEC_OID_MD5:
digobj = calloc(1, sizeof(CC_MD5_CTX));
CC_MD5_Init(digobj);
break;
case SEC_OID_SHA224:
digobj = calloc(1, sizeof(CC_SHA256_CTX));
CC_SHA224_Init(digobj);
break;
case SEC_OID_SHA256:
digobj = calloc(1, sizeof(CC_SHA256_CTX));
CC_SHA256_Init(digobj);
break;
case SEC_OID_SHA384:
digobj = calloc(1, sizeof(CC_SHA512_CTX));
CC_SHA384_Init(digobj);
break;
case SEC_OID_SHA512:
digobj = calloc(1, sizeof(CC_SHA512_CTX));
CC_SHA512_Init(digobj);
break;
default:
break;
}
return digobj;
}
return 0;
}
ssize_t /* O - Size of hash or -1 on error */
cupsHashData(const char *algorithm, /* I - Algorithm name */
const void *data, /* I - Data to hash */
size_t datalen, /* I - Length of data to hash */
unsigned char *hash, /* I - Hash buffer */
size_t hashsize) /* I - Size of hash buffer */
{
if (!algorithm || !data || datalen == 0 || !hash || hashsize == 0)
{
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Bad arguments to function"), 1);
return (-1);
}
#ifdef __APPLE__
if (!strcmp(algorithm, "sha"))
{
/*
* SHA-1...
*/
CC_SHA1_CTX ctx; /* SHA-1 context */
if (hashsize < CC_SHA1_DIGEST_LENGTH)
goto too_small;
CC_SHA1_Init(&ctx);
CC_SHA1_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA1_Final(hash, &ctx);
return (CC_SHA1_DIGEST_LENGTH);
}
else if (!strcmp(algorithm, "sha2-224"))
{
CC_SHA256_CTX ctx; /* SHA-224 context */
if (hashsize < CC_SHA224_DIGEST_LENGTH)
goto too_small;
CC_SHA224_Init(&ctx);
CC_SHA224_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA224_Final(hash, &ctx);
return (CC_SHA224_DIGEST_LENGTH);
}
else if (!strcmp(algorithm, "sha2-256"))
{
CC_SHA256_CTX ctx; /* SHA-256 context */
if (hashsize < CC_SHA256_DIGEST_LENGTH)
goto too_small;
CC_SHA256_Init(&ctx);
CC_SHA256_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA256_Final(hash, &ctx);
return (CC_SHA256_DIGEST_LENGTH);
}
else if (!strcmp(algorithm, "sha2-384"))
{
CC_SHA512_CTX ctx; /* SHA-384 context */
if (hashsize < CC_SHA384_DIGEST_LENGTH)
goto too_small;
CC_SHA384_Init(&ctx);
CC_SHA384_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA384_Final(hash, &ctx);
return (CC_SHA384_DIGEST_LENGTH);
}
else if (!strcmp(algorithm, "sha2-512"))
{
CC_SHA512_CTX ctx; /* SHA-512 context */
if (hashsize < CC_SHA512_DIGEST_LENGTH)
goto too_small;
CC_SHA512_Init(&ctx);
CC_SHA512_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA512_Final(hash, &ctx);
return (CC_SHA512_DIGEST_LENGTH);
}
else if (!strcmp(algorithm, "sha2-512_224"))
{
CC_SHA512_CTX ctx; /* SHA-512 context */
unsigned char temp[CC_SHA512_DIGEST_LENGTH];
/* SHA-512 hash */
/*
* SHA2-512 truncated to 224 bits (28 bytes)...
*/
if (hashsize < CC_SHA224_DIGEST_LENGTH)
goto too_small;
CC_SHA512_Init(&ctx);
CC_SHA512_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA512_Final(temp, &ctx);
memcpy(hash, temp, CC_SHA224_DIGEST_LENGTH);
return (CC_SHA224_DIGEST_LENGTH);
}
else if (!strcmp(algorithm, "sha2-512_256"))
{
CC_SHA512_CTX ctx; /* SHA-512 context */
unsigned char temp[CC_SHA512_DIGEST_LENGTH];
/* SHA-512 hash */
/*
* SHA2-512 truncated to 256 bits (32 bytes)...
*/
if (hashsize < CC_SHA256_DIGEST_LENGTH)
goto too_small;
CC_SHA512_Init(&ctx);
CC_SHA512_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA512_Final(temp, &ctx);
memcpy(hash, temp, CC_SHA256_DIGEST_LENGTH);
return (CC_SHA256_DIGEST_LENGTH);
}
#elif defined(HAVE_GNUTLS)
gnutls_digest_algorithm_t alg = GNUTLS_DIG_UNKNOWN;
/* Algorithm */
unsigned char temp[64]; /* Temporary hash buffer */
size_t tempsize = 0; /* Truncate to this size? */
if (!strcmp(algorithm, "sha"))
alg = GNUTLS_DIG_SHA1;
else if (!strcmp(algorithm, "sha2-224"))
alg = GNUTLS_DIG_SHA224;
else if (!strcmp(algorithm, "sha2-256"))
alg = GNUTLS_DIG_SHA256;
else if (!strcmp(algorithm, "sha2-384"))
alg = GNUTLS_DIG_SHA384;
else if (!strcmp(algorithm, "sha2-512"))
alg = GNUTLS_DIG_SHA512;
else if (!strcmp(algorithm, "sha2-512_224"))
{
alg = GNUTLS_DIG_SHA512;
tempsize = 28;
}
else if (!strcmp(algorithm, "sha2-512_256"))
{
alg = GNUTLS_DIG_SHA512;
tempsize = 32;
}
if (alg != GNUTLS_DIG_UNKNOWN)
{
if (tempsize > 0)
{
/*
* Truncate result to tempsize bytes...
*/
if (hashsize < tempsize)
goto too_small;
gnutls_hash_fast(alg, data, datalen, temp);
memcpy(hash, temp, tempsize);
return ((ssize_t)tempsize);
}
if (hashsize < gnutls_hash_get_len(alg))
goto too_small;
gnutls_hash_fast(alg, data, datalen, hash);
return (gnutls_hash_get_len(alg));
}
#else
/*
* No hash support without CommonCrypto or GNU TLS...
*/
if (hashsize < 64)
goto too_small;
#endif /* __APPLE__ */
/*
* Unknown hash algorithm...
*/
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Unknown hash algorithm."), 1);
return (-1);
/*
* We get here if the buffer is too small.
*/
too_small:
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Hash buffer too small."), 1);
return (-1);
}
/***
*** SHA224
***/
void SHA224Object::digestInit()
{
mIsDone = false;
CC_SHA224_Init(&mCtx);
}
SHA224Digest::SHA224Digest() : Digest(kSecDigestSHA2, CC_SHA224_DIGEST_LENGTH)
{
CC_SHA224_Init(&mContext);
}
C4Err HASH_Init(HASH_Algorithm algorithm, HASH_ContextRef * ctx)
{
int err = kC4Err_NoErr;
HASH_Context* hashCTX = NULL;
const struct ltc_hash_descriptor* desc = NULL;
ValidateParam(ctx);
*ctx = NULL;
hashCTX = XMALLOC(sizeof (HASH_Context)); CKNULL(hashCTX);
hashCTX->magic = kHASH_ContextMagic;
hashCTX->algor = algorithm;
#if _USES_COMMON_CRYPTO_
switch(algorithm)
{
case kHASH_Algorithm_MD5:
hashCTX->ccAlgor = kCCHmacAlgMD5;
hashCTX->process = (void*) sCCHashUpdateMD5;
hashCTX->done = (void*) sCCHashFinalMD5;
hashCTX->hashsize = 16;
CC_MD5_Init(&hashCTX->state.ccMD5_state);
break;
case kHASH_Algorithm_SHA1:
hashCTX->ccAlgor = kCCHmacAlgSHA1;
hashCTX->hashsize = 20;
hashCTX->process = (void*) sCCHashUpdateSHA1;
hashCTX->done = (void*) sCCHashFinalSHA1;;
CC_SHA1_Init(&hashCTX->state.ccSHA1_state);
break;
case kHASH_Algorithm_SHA224:
hashCTX->ccAlgor = kCCHmacAlgSHA224;
hashCTX->hashsize = 28;
hashCTX->process = (void*) sCCHashUpdateSHA224;
hashCTX->done = (void*) sCCHashFinalSHA224;
CC_SHA224_Init(&hashCTX->state.ccSHA256_state);
break;
case kHASH_Algorithm_SHA256:
hashCTX->ccAlgor = kCCHmacAlgSHA256;
hashCTX->hashsize = 32;
hashCTX->process = (void*) sCCHashUpdateSHA256;
hashCTX->done = (void*) sCCHashFinalSHA256;;
CC_SHA256_Init(&hashCTX->state.ccSHA256_state);
break;
case kHASH_Algorithm_SHA384:
hashCTX->ccAlgor = kCCHmacAlgSHA384;
hashCTX->hashsize = 48;
hashCTX->process = (void*) sCCHashUpdateSHA384;
hashCTX->done = (void*) sCCHashFinalSHA384;
CC_SHA384_Init(&hashCTX->state.ccSHA512_state);
break;
case kHASH_Algorithm_SHA512:
hashCTX->ccAlgor = kCCHmacAlgSHA512;
hashCTX->hashsize = 64;
hashCTX->process = (void*) sCCHashUpdateSHA512;
hashCTX->done = (void*) sCCHashFinalSHA512;
CC_SHA512_Init(&hashCTX->state.ccSHA512_state);
break;
default:
hashCTX->ccAlgor = kCCHmacAlgInvalid;
break;
}
if(hashCTX->ccAlgor == kCCHmacAlgInvalid)
{
desc = sDescriptorForHash(algorithm);
hashCTX->hashsize = desc->hashsize;
hashCTX->process = (void*) desc->process;
hashCTX->done = (void*) desc->done;
if(IsNull(desc))
RETERR( kC4Err_BadHashNumber);
if(desc->init)
err = (desc->init)(&hashCTX->state.tc_state);
CKERR;
}
#else
desc = sDescriptorForHash(algorithm);
hashCTX->hashsize = desc->hashsize;
hashCTX->process = (void*) desc->process;
hashCTX->done = (void*) desc->done;
if(IsNull(desc))
RETERR( kC4Err_BadHashNumber);
if(desc->init)
err = (desc->init)(&hashCTX->state.tc_state);
CKERR;
#endif
*ctx = hashCTX;
done:
if(IsC4Err(err))
{
if(IsntNull(hashCTX))
{
XFREE(hashCTX);
}
}
return err;
}
