static NTSTATUS hash_init( struct hash *hash )
{
switch (hash->alg_id)
{
case ALG_ID_SHA1:
CC_SHA1_Init( &hash->u.sha1_ctx );
break;
case ALG_ID_SHA256:
CC_SHA256_Init( &hash->u.sha256_ctx );
break;
case ALG_ID_SHA384:
CC_SHA384_Init( &hash->u.sha512_ctx );
break;
case ALG_ID_SHA512:
CC_SHA512_Init( &hash->u.sha512_ctx );
break;
default:
ERR( "unhandled id %u\n", hash->alg_id );
return STATUS_NOT_IMPLEMENTED;
}
return STATUS_SUCCESS;
}
/*** SHA384 ***/
static OSStatus HashSHA384Init(SSLBuffer *digestCtx, SSLContext *sslCtx)
{
assert(digestCtx->length >= sizeof(CC_SHA512_CTX));
CC_SHA512_CTX *ctx = (CC_SHA512_CTX *)digestCtx->data;
CC_SHA384_Init(ctx);
dgprintf(("###HashSHA384Init ctx %p\n", ctx));
return noErr;
}
Crypto::Digest Crypto::DigestOpen(DigestAlgo algo) {
auto d = new CCDigest(size_t(algo.get()));
switch(d->algo) {
case CCDigestAlgo::MD5: d->v=calloc(sizeof(CC_MD5_CTX), 1); CC_MD5_Init (static_cast<CC_MD5_CTX*> (d->v)); break;
case CCDigestAlgo::SHA1: d->v=calloc(sizeof(CC_SHA1_CTX), 1); CC_SHA1_Init (static_cast<CC_SHA1_CTX*> (d->v)); break;
case CCDigestAlgo::SHA256: d->v=calloc(sizeof(CC_SHA256_CTX),1); CC_SHA256_Init(static_cast<CC_SHA256_CTX*>(d->v)); break;
case CCDigestAlgo::SHA384: d->v=calloc(sizeof(CC_SHA512_CTX),1); CC_SHA384_Init(static_cast<CC_SHA512_CTX*>(d->v)); break;
case CCDigestAlgo::SHA512: d->v=calloc(sizeof(CC_SHA512_CTX),1); CC_SHA512_Init(static_cast<CC_SHA512_CTX*>(d->v)); break;
default: d->v=0; break;
}
return d;
}
static void
md_init(int type, void *ctxp)
{
switch (type) {
case MD_TYPE_MD5: CC_MD5_Init(ctxp); break;
case MD_TYPE_SHA1: CC_SHA1_Init(ctxp); break;
case MD_TYPE_SHA256: CC_SHA256_Init(ctxp); break;
case MD_TYPE_SHA384: CC_SHA384_Init(ctxp); break;
case MD_TYPE_SHA512: CC_SHA512_Init(ctxp); break;
default: break;
}
}
extern "C" int32_t AppleCryptoNative_DigestFinal(DigestCtx* ctx, uint8_t* pOutput, int32_t cbOutput)
{
if (ctx == nullptr || pOutput == nullptr || cbOutput < ctx->cbDigest)
return -1;
int32_t ret = 0;
switch (ctx->algorithm)
{
case PAL_MD5:
ret = CC_MD5_Final(pOutput, &ctx->d.md5);
break;
case PAL_SHA1:
ret = CC_SHA1_Final(pOutput, &ctx->d.sha1);
break;
case PAL_SHA256:
ret = CC_SHA256_Final(pOutput, &ctx->d.sha256);
break;
case PAL_SHA384:
ret = CC_SHA384_Final(pOutput, &ctx->d.sha384);
break;
case PAL_SHA512:
ret = CC_SHA512_Final(pOutput, &ctx->d.sha512);
break;
default:
ret = -1;
break;
}
if (ret != 1)
{
return ret;
}
switch (ctx->algorithm)
{
case PAL_MD5:
return CC_MD5_Init(&ctx->d.md5);
case PAL_SHA1:
return CC_SHA1_Init(&ctx->d.sha1);
case PAL_SHA256:
return CC_SHA256_Init(&ctx->d.sha256);
case PAL_SHA384:
return CC_SHA384_Init(&ctx->d.sha384);
case PAL_SHA512:
return CC_SHA512_Init(&ctx->d.sha512);
default:
assert(false);
return -2;
}
}
static void _wi_sha2_ctx_init(wi_sha2_bits_t bits, _wi_sha2_ctx_t *ctx) {
ctx->bits = bits;
#ifdef WI_SHA2_OPENSSL
switch(ctx->bits) {
case WI_SHA2_224:
SHA224_Init(&ctx->openssl_256_ctx);
break;
case WI_SHA2_256:
SHA256_Init(&ctx->openssl_256_ctx);
break;
case WI_SHA2_384:
SHA384_Init(&ctx->openssl_512_ctx);
break;
case WI_SHA2_512:
SHA512_Init(&ctx->openssl_512_ctx);
break;
}
#endif
#ifdef WI_SHA2_COMMONCRYPTO
switch(ctx->bits) {
case WI_SHA2_224:
CC_SHA224_Init(&ctx->commondigest_256_ctx);
break;
case WI_SHA2_256:
CC_SHA256_Init(&ctx->commondigest_256_ctx);
break;
case WI_SHA2_384:
CC_SHA384_Init(&ctx->commondigest_512_ctx);
break;
case WI_SHA2_512:
CC_SHA512_Init(&ctx->commondigest_512_ctx);
break;
}
#endif
}
extern "C" DigestCtx* AppleCryptoNative_DigestCreate(PAL_HashAlgorithm algorithm, int32_t* pcbDigest)
{
if (pcbDigest == nullptr)
return nullptr;
DigestCtx* digestCtx = reinterpret_cast<DigestCtx*>(malloc(sizeof(DigestCtx)));
if (digestCtx == nullptr)
return nullptr;
digestCtx->algorithm = algorithm;
switch (algorithm)
{
case PAL_MD5:
*pcbDigest = CC_MD5_DIGEST_LENGTH;
CC_MD5_Init(&digestCtx->d.md5);
break;
case PAL_SHA1:
*pcbDigest = CC_SHA1_DIGEST_LENGTH;
CC_SHA1_Init(&digestCtx->d.sha1);
break;
case PAL_SHA256:
*pcbDigest = CC_SHA256_DIGEST_LENGTH;
CC_SHA256_Init(&digestCtx->d.sha256);
break;
case PAL_SHA384:
*pcbDigest = CC_SHA384_DIGEST_LENGTH;
CC_SHA384_Init(&digestCtx->d.sha384);
break;
case PAL_SHA512:
*pcbDigest = CC_SHA512_DIGEST_LENGTH;
CC_SHA512_Init(&digestCtx->d.sha512);
break;
default:
*pcbDigest = -1;
free(digestCtx);
return nullptr;
}
digestCtx->cbDigest = *pcbDigest;
return digestCtx;
}
std::unique_ptr<CryptoDigest> CryptoDigest::create(CryptoAlgorithmIdentifier algorithm)
{
std::unique_ptr<CryptoDigest> digest(new CryptoDigest);
digest->m_context->algorithm = algorithm;
switch (algorithm) {
case CryptoAlgorithmIdentifier::SHA_1: {
CC_SHA1_CTX* context = new CC_SHA1_CTX;
digest->m_context->ccContext = context;
CC_SHA1_Init(context);
return digest;
}
case CryptoAlgorithmIdentifier::SHA_224: {
CC_SHA256_CTX* context = new CC_SHA256_CTX;
digest->m_context->ccContext = context;
CC_SHA224_Init(context);
return digest;
}
case CryptoAlgorithmIdentifier::SHA_256: {
CC_SHA256_CTX* context = new CC_SHA256_CTX;
digest->m_context->ccContext = context;
CC_SHA256_Init(context);
return digest;
}
case CryptoAlgorithmIdentifier::SHA_384: {
CC_SHA512_CTX* context = new CC_SHA512_CTX;
digest->m_context->ccContext = context;
CC_SHA384_Init(context);
return digest;
}
case CryptoAlgorithmIdentifier::SHA_512: {
CC_SHA512_CTX* context = new CC_SHA512_CTX;
digest->m_context->ccContext = context;
CC_SHA512_Init(context);
return digest;
}
default:
return nullptr;
}
}
void *
SecCmsUtilGetHashObjByAlgID(SECAlgorithmID *algid)
{
SECOidData *oidData = SECOID_FindOID(&(algid->algorithm));
if (oidData)
{
void *digobj = NULL;
switch (oidData->offset) {
case SEC_OID_SHA1:
digobj = calloc(1, sizeof(CC_SHA1_CTX));
CC_SHA1_Init(digobj);
break;
case SEC_OID_MD5:
digobj = calloc(1, sizeof(CC_MD5_CTX));
CC_MD5_Init(digobj);
break;
case SEC_OID_SHA224:
digobj = calloc(1, sizeof(CC_SHA256_CTX));
CC_SHA224_Init(digobj);
break;
case SEC_OID_SHA256:
digobj = calloc(1, sizeof(CC_SHA256_CTX));
CC_SHA256_Init(digobj);
break;
case SEC_OID_SHA384:
digobj = calloc(1, sizeof(CC_SHA512_CTX));
CC_SHA384_Init(digobj);
break;
case SEC_OID_SHA512:
digobj = calloc(1, sizeof(CC_SHA512_CTX));
CC_SHA512_Init(digobj);
break;
default:
break;
}
return digobj;
}
return 0;
}
ssize_t /* O - Size of hash or -1 on error */
cupsHashData(const char *algorithm, /* I - Algorithm name */
const void *data, /* I - Data to hash */
size_t datalen, /* I - Length of data to hash */
unsigned char *hash, /* I - Hash buffer */
size_t hashsize) /* I - Size of hash buffer */
{
if (!algorithm || !data || datalen == 0 || !hash || hashsize == 0)
{
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Bad arguments to function"), 1);
return (-1);
}
#ifdef __APPLE__
if (!strcmp(algorithm, "sha"))
{
/*
* SHA-1...
*/
CC_SHA1_CTX ctx; /* SHA-1 context */
if (hashsize < CC_SHA1_DIGEST_LENGTH)
goto too_small;
CC_SHA1_Init(&ctx);
CC_SHA1_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA1_Final(hash, &ctx);
return (CC_SHA1_DIGEST_LENGTH);
}
else if (!strcmp(algorithm, "sha2-224"))
{
CC_SHA256_CTX ctx; /* SHA-224 context */
if (hashsize < CC_SHA224_DIGEST_LENGTH)
goto too_small;
CC_SHA224_Init(&ctx);
CC_SHA224_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA224_Final(hash, &ctx);
return (CC_SHA224_DIGEST_LENGTH);
}
else if (!strcmp(algorithm, "sha2-256"))
{
CC_SHA256_CTX ctx; /* SHA-256 context */
if (hashsize < CC_SHA256_DIGEST_LENGTH)
goto too_small;
CC_SHA256_Init(&ctx);
CC_SHA256_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA256_Final(hash, &ctx);
return (CC_SHA256_DIGEST_LENGTH);
}
else if (!strcmp(algorithm, "sha2-384"))
{
CC_SHA512_CTX ctx; /* SHA-384 context */
if (hashsize < CC_SHA384_DIGEST_LENGTH)
goto too_small;
CC_SHA384_Init(&ctx);
CC_SHA384_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA384_Final(hash, &ctx);
return (CC_SHA384_DIGEST_LENGTH);
}
else if (!strcmp(algorithm, "sha2-512"))
{
CC_SHA512_CTX ctx; /* SHA-512 context */
if (hashsize < CC_SHA512_DIGEST_LENGTH)
goto too_small;
CC_SHA512_Init(&ctx);
CC_SHA512_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA512_Final(hash, &ctx);
return (CC_SHA512_DIGEST_LENGTH);
}
else if (!strcmp(algorithm, "sha2-512_224"))
{
CC_SHA512_CTX ctx; /* SHA-512 context */
unsigned char temp[CC_SHA512_DIGEST_LENGTH];
/* SHA-512 hash */
/*
* SHA2-512 truncated to 224 bits (28 bytes)...
*/
if (hashsize < CC_SHA224_DIGEST_LENGTH)
goto too_small;
CC_SHA512_Init(&ctx);
CC_SHA512_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA512_Final(temp, &ctx);
memcpy(hash, temp, CC_SHA224_DIGEST_LENGTH);
return (CC_SHA224_DIGEST_LENGTH);
}
else if (!strcmp(algorithm, "sha2-512_256"))
{
CC_SHA512_CTX ctx; /* SHA-512 context */
unsigned char temp[CC_SHA512_DIGEST_LENGTH];
/* SHA-512 hash */
/*
* SHA2-512 truncated to 256 bits (32 bytes)...
*/
if (hashsize < CC_SHA256_DIGEST_LENGTH)
goto too_small;
CC_SHA512_Init(&ctx);
CC_SHA512_Update(&ctx, data, (CC_LONG)datalen);
CC_SHA512_Final(temp, &ctx);
memcpy(hash, temp, CC_SHA256_DIGEST_LENGTH);
return (CC_SHA256_DIGEST_LENGTH);
}
#elif defined(HAVE_GNUTLS)
gnutls_digest_algorithm_t alg = GNUTLS_DIG_UNKNOWN;
/* Algorithm */
unsigned char temp[64]; /* Temporary hash buffer */
size_t tempsize = 0; /* Truncate to this size? */
if (!strcmp(algorithm, "sha"))
alg = GNUTLS_DIG_SHA1;
else if (!strcmp(algorithm, "sha2-224"))
alg = GNUTLS_DIG_SHA224;
else if (!strcmp(algorithm, "sha2-256"))
alg = GNUTLS_DIG_SHA256;
else if (!strcmp(algorithm, "sha2-384"))
alg = GNUTLS_DIG_SHA384;
else if (!strcmp(algorithm, "sha2-512"))
alg = GNUTLS_DIG_SHA512;
else if (!strcmp(algorithm, "sha2-512_224"))
{
alg = GNUTLS_DIG_SHA512;
tempsize = 28;
}
else if (!strcmp(algorithm, "sha2-512_256"))
{
alg = GNUTLS_DIG_SHA512;
tempsize = 32;
}
if (alg != GNUTLS_DIG_UNKNOWN)
{
if (tempsize > 0)
{
/*
* Truncate result to tempsize bytes...
*/
if (hashsize < tempsize)
goto too_small;
gnutls_hash_fast(alg, data, datalen, temp);
memcpy(hash, temp, tempsize);
return ((ssize_t)tempsize);
}
if (hashsize < gnutls_hash_get_len(alg))
goto too_small;
gnutls_hash_fast(alg, data, datalen, hash);
return (gnutls_hash_get_len(alg));
}
#else
/*
* No hash support without CommonCrypto or GNU TLS...
*/
if (hashsize < 64)
goto too_small;
#endif /* __APPLE__ */
/*
* Unknown hash algorithm...
*/
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Unknown hash algorithm."), 1);
return (-1);
/*
* We get here if the buffer is too small.
*/
too_small:
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Hash buffer too small."), 1);
return (-1);
}
static int
__archive_libsystem_sha384init(archive_sha384_ctx *ctx)
{
CC_SHA384_Init(ctx);
return (ARCHIVE_OK);
}
/***
*** SHA384
***/
void SHA384Object::digestInit()
{
mIsDone = false;
CC_SHA384_Init(&mCtx);
}
SHA384Digest::SHA384Digest() : Digest(kSecDigestSHA2, CC_SHA384_DIGEST_LENGTH)
{
CC_SHA384_Init(&mContext);
}
C4Err HASH_Init(HASH_Algorithm algorithm, HASH_ContextRef * ctx)
{
int err = kC4Err_NoErr;
HASH_Context* hashCTX = NULL;
const struct ltc_hash_descriptor* desc = NULL;
ValidateParam(ctx);
*ctx = NULL;
hashCTX = XMALLOC(sizeof (HASH_Context)); CKNULL(hashCTX);
hashCTX->magic = kHASH_ContextMagic;
hashCTX->algor = algorithm;
#if _USES_COMMON_CRYPTO_
switch(algorithm)
{
case kHASH_Algorithm_MD5:
hashCTX->ccAlgor = kCCHmacAlgMD5;
hashCTX->process = (void*) sCCHashUpdateMD5;
hashCTX->done = (void*) sCCHashFinalMD5;
hashCTX->hashsize = 16;
CC_MD5_Init(&hashCTX->state.ccMD5_state);
break;
case kHASH_Algorithm_SHA1:
hashCTX->ccAlgor = kCCHmacAlgSHA1;
hashCTX->hashsize = 20;
hashCTX->process = (void*) sCCHashUpdateSHA1;
hashCTX->done = (void*) sCCHashFinalSHA1;;
CC_SHA1_Init(&hashCTX->state.ccSHA1_state);
break;
case kHASH_Algorithm_SHA224:
hashCTX->ccAlgor = kCCHmacAlgSHA224;
hashCTX->hashsize = 28;
hashCTX->process = (void*) sCCHashUpdateSHA224;
hashCTX->done = (void*) sCCHashFinalSHA224;
CC_SHA224_Init(&hashCTX->state.ccSHA256_state);
break;
case kHASH_Algorithm_SHA256:
hashCTX->ccAlgor = kCCHmacAlgSHA256;
hashCTX->hashsize = 32;
hashCTX->process = (void*) sCCHashUpdateSHA256;
hashCTX->done = (void*) sCCHashFinalSHA256;;
CC_SHA256_Init(&hashCTX->state.ccSHA256_state);
break;
case kHASH_Algorithm_SHA384:
hashCTX->ccAlgor = kCCHmacAlgSHA384;
hashCTX->hashsize = 48;
hashCTX->process = (void*) sCCHashUpdateSHA384;
hashCTX->done = (void*) sCCHashFinalSHA384;
CC_SHA384_Init(&hashCTX->state.ccSHA512_state);
break;
case kHASH_Algorithm_SHA512:
hashCTX->ccAlgor = kCCHmacAlgSHA512;
hashCTX->hashsize = 64;
hashCTX->process = (void*) sCCHashUpdateSHA512;
hashCTX->done = (void*) sCCHashFinalSHA512;
CC_SHA512_Init(&hashCTX->state.ccSHA512_state);
break;
default:
hashCTX->ccAlgor = kCCHmacAlgInvalid;
break;
}
if(hashCTX->ccAlgor == kCCHmacAlgInvalid)
{
desc = sDescriptorForHash(algorithm);
hashCTX->hashsize = desc->hashsize;
hashCTX->process = (void*) desc->process;
hashCTX->done = (void*) desc->done;
if(IsNull(desc))
RETERR( kC4Err_BadHashNumber);
if(desc->init)
err = (desc->init)(&hashCTX->state.tc_state);
CKERR;
}
#else
desc = sDescriptorForHash(algorithm);
hashCTX->hashsize = desc->hashsize;
hashCTX->process = (void*) desc->process;
hashCTX->done = (void*) desc->done;
if(IsNull(desc))
RETERR( kC4Err_BadHashNumber);
if(desc->init)
err = (desc->init)(&hashCTX->state.tc_state);
CKERR;
#endif
*ctx = hashCTX;
done:
if(IsC4Err(err))
{
if(IsntNull(hashCTX))
{
XFREE(hashCTX);
}
}
return err;
}
