int
secalgo_ds_digest(int algo, unsigned char* buf, size_t len,
unsigned char* res)
{
switch(algo) {
#if defined(HAVE_EVP_SHA1) && defined(USE_SHA1)
case LDNS_SHA1:
(void)SHA1(buf, len, res);
return 1;
#endif
#ifdef HAVE_EVP_SHA256
case LDNS_SHA256:
(void)SHA256(buf, len, res);
return 1;
#endif
#ifdef USE_GOST
case LDNS_HASH_GOST:
if(do_gost94(buf, len, res))
return 1;
break;
#endif
#ifdef USE_ECDSA
case LDNS_SHA384:
(void)SHA384(buf, len, res);
return 1;
#endif
default:
verbose(VERB_QUERY, "unknown DS digest algorithm %d",
algo);
break;
}
return 0;
}
static void makeShaBase64(unsigned char *inputBuf, int inputSize, char out[EDW_SID_SIZE])
/* Make zero terminated printable cryptographic hash out of in */
{
unsigned char shaBuf[48];
SHA384(inputBuf, inputSize, shaBuf);
char *base64 = base64Encode((char*)shaBuf, sizeof(shaBuf));
memcpy(out, base64, EDW_SID_SIZE);
out[EDW_SID_SIZE-1] = 0;
freeMem(base64);
}
static unsigned char * hash( SRP_HashAlgorithm alg, const unsigned char *d, size_t n, unsigned char *md )
{
switch (alg)
{
case SRP_SHA1 : return SHA1( d, n, md );
case SRP_SHA224: return SHA224( d, n, md );
case SRP_SHA256: return SHA256( d, n, md );
case SRP_SHA384: return SHA384( d, n, md );
case SRP_SHA512: return SHA512( d, n, md );
default:
return 0;
}
}
ikptr
ikrt_openssl_sha384 (ikptr s_input, ikptr s_input_len, ikpcb * pcb)
{
#ifdef HAVE_SHA384
ik_ssl_cuchar * in = (ik_ssl_cuchar *)IK_GENERALISED_C_STRING(s_input);
ik_ulong in_len = (ik_ulong)ik_generalised_c_buffer_len(s_input, s_input_len);
unsigned char sum[SHA384_DIGEST_LENGTH];
SHA384(in, in_len, sum);
return ika_bytevector_from_memory_block(pcb, sum, SHA384_DIGEST_LENGTH);
#else
feature_failure(__func__);
#endif
}
size_t *Hashes(const char* bytes)
{
SHA384(bytes, strnlen(bytes, STR_MAX), hashbuf);
int bit, i, j, n=0;
for (i=0; i < k; i++) {
size_t curr_key=0;
for (j=0; j<hashpart; j++,n++) {
bit = (hashbuf[n / CHAR_BIT] & ((unsigned char)1 << ((CHAR_BIT - 1) - (n % CHAR_BIT)))) !=0 ? 1 : 0;
curr_key = (curr_key << 1) | bit;
}
Ki[i] = curr_key;
}
return Ki;
}
static inline std::string digest(Name name, const char *buf, size_t bufSize)
{
unsigned char md[128];
const unsigned char *src = cybozu::cast<const unsigned char *>(buf);
switch (name) {
case N_SHA1: SHA1(src, bufSize, md); break;
case N_SHA224: SHA224(src, bufSize, md); break;
case N_SHA256: SHA256(src, bufSize, md); break;
case N_SHA384: SHA384(src, bufSize, md); break;
case N_SHA512: SHA512(src, bufSize, md); break;
default:
throw cybozu::Exception("crypt:Hash:digest") << name;
}
return std::string(cybozu::cast<const char*>(md), getSize(name));
}
bool OpensslManager::HashString(Openssl_Hash algorithm, unsigned char *input, int size, unsigned char *output, int *outlength)
{
switch(algorithm)
{
case Openssl_Hash_MD5:
MD5(input, size, output);
*outlength = MD5_DIGEST_LENGTH;
return true;
case Openssl_Hash_MD4:
MD4(input, size, output);
*outlength = MD4_DIGEST_LENGTH;
return true;
case Openssl_Hash_MD2:
MD2(input, size, output);
*outlength = MD2_DIGEST_LENGTH;
return true;
case Openssl_Hash_SHA:
SHA(input, size, output);
*outlength = SHA_DIGEST_LENGTH;
return true;
case Openssl_Hash_SHA1:
SHA1(input, size, output);
*outlength = SHA_DIGEST_LENGTH;
return true;
case Openssl_Hash_SHA224:
SHA224(input, size, output);
*outlength = SHA224_DIGEST_LENGTH;
return true;
case Openssl_Hash_SHA256:
SHA256(input, size, output);
*outlength = SHA256_DIGEST_LENGTH;
return true;
case Openssl_Hash_SHA384:
SHA384(input, size, output);
*outlength = SHA384_DIGEST_LENGTH;
return true;
case Openssl_Hash_SHA512:
SHA512(input, size, output);
*outlength = SHA512_DIGEST_LENGTH;
return true;
case Openssl_Hash_RIPEMD160:
RIPEMD160(input, size, output);
*outlength = RIPEMD160_DIGEST_LENGTH;
return true;
}
return false;
}
static ErlDrvSSizeT sha_drv_control(ErlDrvData handle,
unsigned int command,
char *buf, ErlDrvSizeT len,
char **rbuf, ErlDrvSizeT rlen)
{
ErlDrvBinary *b = NULL;
switch (command) {
#ifdef HAVE_MD2
case 2:
rlen = MD2_DIGEST_LENGTH;
b = driver_alloc_binary(rlen);
if (b) MD2((unsigned char*)buf, len, (unsigned char*)b->orig_bytes);
break;
#endif
case 224:
rlen = SHA224_DIGEST_LENGTH;
b = driver_alloc_binary(rlen);
if (b) SHA224((unsigned char*)buf, len, (unsigned char*)b->orig_bytes);
break;
case 256:
rlen = SHA256_DIGEST_LENGTH;
b = driver_alloc_binary(rlen);
if (b) SHA256((unsigned char*)buf, len, (unsigned char*)b->orig_bytes);
break;
case 384:
rlen = SHA384_DIGEST_LENGTH;
b = driver_alloc_binary(rlen);
if (b) SHA384((unsigned char*)buf, len, (unsigned char*)b->orig_bytes);
break;
case 512:
rlen = SHA512_DIGEST_LENGTH;
b = driver_alloc_binary(rlen);
if (b) SHA512((unsigned char*)buf, len, (unsigned char*)b->orig_bytes);
break;
};
if (b) {
*rbuf = (char *)b;
} else {
*rbuf = NULL;
rlen = 0;
};
return rlen;
}
/* SHA-2: 384 Bits output */
OpcUa_StatusCode OpcUa_P_OpenSSL_SHA2_384_Generate(
OpcUa_CryptoProvider* a_pProvider,
OpcUa_Byte* a_pData,
OpcUa_UInt32 a_dataLen,
OpcUa_Byte* a_pMessageDigest)
{
OpcUa_InitializeStatus(OpcUa_Module_P_OpenSSL, "SHA2_384_Generate");
OpcUa_ReferenceParameter(a_pProvider);
OpcUa_ReturnErrorIfArgumentNull(a_pData);
OpcUa_ReturnErrorIfArgumentNull(a_pMessageDigest);
if(SHA384(a_pData, a_dataLen, a_pMessageDigest) == OpcUa_Null)
{
OpcUa_GotoErrorWithStatus(OpcUa_Bad);
}
OpcUa_ReturnStatusCode;
OpcUa_BeginErrorHandling;
OpcUa_FinishErrorHandling;
}
/*** impl Sha ***/
bool Sha::Sum(const int64_t type, const void* bytes, const int64_t len, char* pbuffer){
if(!(type>=TYPE_MIN && type<=TYPE_MAX) || !bytes || len<=0 || !pbuffer){
return false;
}
bool ok =false;
unsigned char digest[SHA512_DIGEST_LENGTH] ={0};
int digest_len =0;
if(type == TYPE_SHA1){
digest_len =SHA_DIGEST_LENGTH;
ok =SHA1(reinterpret_cast< const unsigned char* >(bytes), len, digest);
}
else if(type == TYPE_SHA224){
digest_len =SHA224_DIGEST_LENGTH;
ok =SHA224(reinterpret_cast< const unsigned char* >(bytes), len, digest);
}
else if(type == TYPE_SHA256){
digest_len =SHA256_DIGEST_LENGTH;
ok =SHA256(reinterpret_cast< const unsigned char* >(bytes), len, digest);
}
else if(type == TYPE_SHA384){
digest_len =SHA384_DIGEST_LENGTH;
ok =SHA384(reinterpret_cast< const unsigned char* >(bytes), len, digest);
}
else if(type == TYPE_SHA512){
digest_len =SHA512_DIGEST_LENGTH;
ok =SHA512(reinterpret_cast< const unsigned char* >(bytes), len, digest);
}
if(ok){
for(int i=0; i<digest_len; ++i){
sprintf(pbuffer+i*2, "%02x", digest[i]);
}
return true;
}
else{
return false;
}
}
void CommandDispatcher (PA_long32 pProcNum, PA_PluginParameters params)
{
switch(pProcNum)
{
case kInitPlugin :
case kServerInitPlugin :
OnStartup();
break;
// --- Common Crypto
case 1 :
PEM_From_P12(params);
break;
case 2 :
Get_timestamp(params);
break;
case 3 :
Get_timestring(params);
break;
case 4 :
Get_unixtime(params);
break;
case 5 :
RSASHA256(params);
break;
case 6 :
HMACMD5(params);
break;
case 7 :
HMACSHA1(params);
break;
case 8 :
HMACSHA256(params);
break;
case 9 :
HMACSHA384(params);
break;
case 10 :
HMACSHA512(params);
break;
case 11 :
SHA384(params);
break;
case 12 :
SHA512(params);
break;
case 13 :
MD5(params);
break;
case 14 :
SHA1(params);
break;
case 15 :
SHA256(params);
break;
case 16 :
RSASHA1(params);
break;
case 17 :
AES128(params);
break;
case 18 :
AES192(params);
break;
case 19 :
AES256(params);
break;
case 20 :
RIPEMD160(params);
break;
case 21 :
RSAVERIFYSHA1(params);
break;
case 22 :
RSAVERIFYSHA256(params);
break;
}
}
int crypto_hash(unsigned char *out,const unsigned char *in,unsigned long long inlen)
{
SHA384(in,inlen,out);
return 0;
}
void CommandDispatcher (int32_t pProcNum, sLONG_PTR *pResult, PackagePtr pParams)
{
switch(pProcNum)
{
case kServerInitPlugin :
case kInitPlugin :
curl_global_init(CURL_GLOBAL_ALL);
break;
case kServerDeinitPlugin :
case kDeinitPlugin :
curl_global_cleanup();
break;
// --- PKCS
case 1 :
PEM_From_P12(pResult, pParams);
break;
// --- MISC
case 2 :
PICTURE_GET_RAW_DATA(pResult, pParams);
break;
case 3 :
STACK_Get_available_size(pResult, pParams);
break;
case 4 :
PROCESS_GET_LIST(pResult, pParams);
break;
case 5 :
PROCESS_Get_id(pResult, pParams);
break;
case 6 :
SYSTEM_Get_timestamp(pResult, pParams);
break;
case 7 :
SYSTEM_Get_timestring(pResult, pParams);
break;
case 8 :
SYSTEM_Generate_UUID(pResult, pParams);
break;
case 9 :
SYSTEM_Get_unixtime(pResult, pParams);
break;
case 10 :
STRUCTURE_Import_definition(pResult, pParams);
break;
case 11 :
VOLUME_Is_remote(pResult, pParams);
break;
case 12 :
VOLUME_Is_ejectable(pResult, pParams);
break;
case 13 :
PATH_Get_known_folder(pResult, pParams);
break;
case 14 :
PATH_From_user_selection(pResult, pParams);
break;
// --- JSON
case 15 :
JSON_Strip_white_space(pResult, pParams);
break;
case 16 :
JSON_Parse_text(pResult, pParams);
break;
case 17 :
JSON_Export_to_text(pResult, pParams);
break;
case 18 :
JSON_CLOSE(pResult, pParams);
break;
case 19 :
JSON_New(pResult, pParams);
break;
case 20 :
JSON_GET_BOOL_ARRAY(pResult, pParams);
break;
case 21 :
JSON_GET_CHILD_NODES(pResult, pParams);
break;
case 22 :
JSON_GET_LONG_ARRAY(pResult, pParams);
break;
case 23 :
JSON_Get_child_by_name(pResult, pParams);
break;
case 24 :
JSON_Get_child_by_position(pResult, pParams);
break;
case 25 :
JSON_Get_comment(pResult, pParams);
break;
case 26 :
JSON_GET_TEXT_ARRAY(pResult, pParams);
break;
case 27 :
JSON_GET_REAL_ARRAY(pResult, pParams);
break;
case 28 :
JSON_Get_bool(pResult, pParams);
break;
case 29 :
JSON_Get_real(pResult, pParams);
break;
case 30 :
JSON_Get_long(pResult, pParams);
break;
case 31 :
JSON_Get_type(pResult, pParams);
break;
case 32 :
JSON_Get_name(pResult, pParams);
break;
case 33 :
JSON_Get_text(pResult, pParams);
break;
case 34 :
JSON_DELETE_ITEM_BY_NAME(pResult, pParams);
break;
case 35 :
JSON_DELETE_ITEM_BY_POSITION(pResult, pParams);
break;
case 36 :
JSON_SET_TYPE(pResult, pParams);
break;
case 37 :
JSON_SET_NULL(pResult, pParams);
break;
case 38 :
JSON_SET_COMMENT(pResult, pParams);
break;
case 39 :
JSON_SET_NAME(pResult, pParams);
break;
case 40 :
JSON_SET_TEXT(pResult, pParams);
break;
case 41 :
JSON_SET_LONG(pResult, pParams);
break;
case 42 :
JSON_SET_REAL(pResult, pParams);
break;
case 43 :
JSON_Append_bool_array(pResult, pParams);
break;
case 44 :
JSON_Append_real_array(pResult, pParams);
break;
case 45 :
JSON_Append_long_array(pResult, pParams);
break;
case 46 :
JSON_Append_text_array(pResult, pParams);
break;
case 47 :
JSON_Append_text(pResult, pParams);
break;
case 48 :
JSON_Append_long(pResult, pParams);
break;
case 49 :
JSON_Append_real(pResult, pParams);
break;
case 50 :
JSON_Append_bool(pResult, pParams);
break;
case 51 :
JSON_Append_node(pResult, pParams);
break;
case 52 :
JSON_SET_BOOL(pResult, pParams);
break;
case 53 :
JSON_CLEAR(pResult, pParams);
break;
case 54 :
JSON_Append_array(pResult, pParams);
break;
case 55 :
JSON_Append_array_element(pResult, pParams);
break;
// --- ZIP
case 56 :
Unzip(pResult, pParams);
break;
case 57 :
Zip(pResult, pParams);
break;
// --- Common Crypto
case 58 :
RSASHA256(pResult, pParams);
break;
case 59 :
HMACMD5(pResult, pParams);
break;
case 60 :
HMACSHA1(pResult, pParams);
break;
case 61 :
HMACSHA256(pResult, pParams);
break;
case 62 :
HMACSHA384(pResult, pParams);
break;
case 63 :
HMACSHA512(pResult, pParams);
break;
case 64 :
SHA384(pResult, pParams);
break;
case 65 :
SHA512(pResult, pParams);
break;
case 66 :
MD5(pResult, pParams);
break;
case 67 :
SHA1(pResult, pParams);
break;
case 68 :
SHA256(pResult, pParams);
break;
// --- cURL
case 69 :
_cURL(pResult, pParams);
break;
case 70 :
cURL_Escape_url(pResult, pParams);
break;
case 71 :
cURL_Unescape_url(pResult, pParams);
break;
case 72 :
cURL_Get_version(pResult, pParams);
break;
case 73 :
cURL_Get_date(pResult, pParams);
break;
case 74 :
RSASHA1(pResult, pParams);
break;
}
}
void
ecdsa_sigverify(val_context_t * ctx,
const u_char *data,
size_t data_len,
const val_dnskey_rdata_t * dnskey,
const val_rrsig_rdata_t * rrsig,
val_astatus_t * key_status, val_astatus_t * sig_status)
{
char buf[1028];
size_t buflen = 1024;
u_char sha_hash[MAX_DIGEST_LENGTH];
EC_KEY *eckey = NULL;
BIGNUM *bn_x = NULL;
BIGNUM *bn_y = NULL;
ECDSA_SIG *ecdsa_sig;
size_t hashlen = 0;
ecdsa_sig = ECDSA_SIG_new();
memset(sha_hash, 0, sizeof(sha_hash));
val_log(ctx, LOG_DEBUG,
"ecdsa_sigverify(): parsing the public key...");
if (rrsig->algorithm == ALG_ECDSAP256SHA256) {
hashlen = SHA256_DIGEST_LENGTH;
SHA256(data, data_len, sha_hash);
eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); /* P-256 */
} else if (rrsig->algorithm == ALG_ECDSAP384SHA384) {
hashlen = SHA384_DIGEST_LENGTH;
SHA384(data, data_len, sha_hash);
eckey = EC_KEY_new_by_curve_name(NID_secp384r1); /* P-384 */
}
if (eckey == NULL) {
val_log(ctx, LOG_INFO,
"ecdsa_sigverify(): could not create key for ECDSA group.");
*key_status = VAL_AC_INVALID_KEY;
goto err;
};
/*
* contruct an EC_POINT from the "Q" field in the
* dnskey->public_key, dnskey->public_key_len
*/
if (dnskey->public_key_len != 2*hashlen) {
val_log(ctx, LOG_INFO,
"ecdsa_sigverify(): dnskey length does not match expected size.");
*key_status = VAL_AC_INVALID_KEY;
goto err;
}
bn_x = BN_bin2bn(dnskey->public_key, hashlen, NULL);
bn_y = BN_bin2bn(&dnskey->public_key[hashlen], hashlen, NULL);
if (1 != EC_KEY_set_public_key_affine_coordinates(eckey, bn_x, bn_y)) {
val_log(ctx, LOG_INFO,
"ecdsa_sigverify(): Error associating ECSA structure with key.");
*key_status = VAL_AC_INVALID_KEY;
goto err;
}
val_log(ctx, LOG_DEBUG, "ecdsa_sigverify(): SHA hash = %s",
get_hex_string(sha_hash, hashlen, buf, buflen));
val_log(ctx, LOG_DEBUG,
"ecdsa_sigverify(): verifying ECDSA signature...");
/*
* contruct ECDSA signature from the "r" and "s" fileds in
* rrsig->signature, rrsig->signature_len
*/
if (rrsig->signature_len != 2*hashlen) {
val_log(ctx, LOG_INFO,
"ecdsa_sigverify(): Signature length does not match expected size.");
*sig_status = VAL_AC_RRSIG_VERIFY_FAILED;
goto err;
}
ECDSA_SIG_set0(ecdsa_sig, BN_bin2bn(rrsig->signature, hashlen, NULL),
BN_bin2bn(&rrsig->signature[hashlen], hashlen, NULL));
if (ECDSA_do_verify(sha_hash, hashlen, ecdsa_sig, eckey) == 1) {
val_log(ctx, LOG_INFO, "ecdsa_sigverify(): returned SUCCESS");
*sig_status = VAL_AC_RRSIG_VERIFIED;
} else {
val_log(ctx, LOG_INFO, "ecdsa_sigverify(): returned FAILURE");
*sig_status = VAL_AC_RRSIG_VERIFY_FAILED;
}
/* Free all structures allocated */
err:
if (ecdsa_sig)
ECDSA_SIG_free(ecdsa_sig);
if (bn_x)
BN_free(bn_x);
if (bn_y)
BN_free(bn_y);
if (eckey)
EC_KEY_free(eckey);
return;
}
int do_hash(char *algo, char *word)
{
unsigned char hash[64 + 1], seed[10];
double tm;
int iterations = 0;
clock_t cstart = clock(), cend = 0;
srandom(time(NULL));
memset(&hash, 0, sizeof hash);
unsigned long r[NUM_THREADS] = {0};
pthread_t thread[NUM_THREADS];
int i;
for(i = 0; i < NUM_THREADS; i++){
r[i] = random()^i;
// printf("Thread number %d, r = %lu, ", i, r[i]); //DEBUG
// printf("created at 0x%08lx\n", (unsigned long) &thread[i]); //DEBUG
}
// return 0; //DEBUG
if(!strncmp(algo, "md5", 3)){
for(;;){
iterations++;
sprintf(seed, "%lu", random());
MD5(seed, sizeof seed, hash);
//output_hash(hash, algo); //DEBUG
if(check_hash(hash, word))
break;
}
}
else if(!strncmp(algo, "sha1", 4)){
for(;;){
iterations++;
sprintf(seed, "%lu", random());
SHA1(seed, sizeof seed, hash);
//output_hash(hash, algo); //DEBUG
if(check_hash(hash, word)){
break;
}
}
}
else if(!strncmp(algo, "sha256", 6)){
for(;;){
iterations++;
sprintf(seed, "%lu", random());
SHA256(seed, sizeof seed, hash);
//output_hash(hash, algo); //DEBUG
if(check_hash(hash, word)){
break;
}
}
}
else if(!strncmp(algo, "sha384", 6)){
for(;;){
iterations++;
sprintf(seed, "%lu", random());
SHA384(seed, sizeof seed, hash);
//output_hash(hash, algo); //DEBUG
if(check_hash(hash, word)){
break;
}
}
}
else if(!strncmp(algo, "sha512", 6)){
for(;;){
iterations++;
sprintf(seed, "%lu", random());
SHA512(seed, sizeof seed, hash);
//output_hash(hash, algo); //DEBUG
if(check_hash(hash, word)){
break;
}
}
}
else if(!strncmp(algo, "rmd160", 6)){
for(;;){
iterations++;
sprintf(seed, "%lu", random());
RIPEMD160(seed, sizeof seed, hash);
//output_hash(hash, algo); //DEBUG
if(check_hash(hash, word)){
break;
}
}
}
else {
printf("Unknown hashing algorithm.\n\n");
return 1;
}
cend = clock();
tm = ((double)cend - (double)cstart) * 1.0e-6;
printf("String match found in %.3f seconds. (%d iterations)\nHASH: ", tm, iterations);
output_hash(hash, algo);
printf("SEED: %s\n\n", seed);
return 0;
}
