static int
__archive_libc3_sha512update(archive_sha512_ctx *ctx, const void *indata,
size_t insize)
{
SHA512Update(ctx, indata, insize);
return (ARCHIVE_OK);
}
char *
SHA512Data(const u_char *data, size_t len, char *buf)
{
SHA2_CTX ctx;
SHA512Init(&ctx);
SHA512Update(&ctx, data, len);
return (SHA512End(&ctx, buf));
}
void
SHA512Pad(SHA2_CTX *ctx)
{
uint8_t finalcount[16];
/* Store unpadded message length in bits in big endian format. */
BE64TO8(finalcount, ctx->count[1]);
BE64TO8(finalcount + 8, ctx->count[0]);
/* Append a '1' bit (0x80) to the message. */
SHA512Update(ctx, (uint8_t *)"\200", 1);
/* Pad message such that the resulting length modulo 1024 is 896. */
while ((ctx->count[0] & 1008) != 896)
SHA512Update(ctx, (uint8_t *)"\0", 1);
/* Append length of message in bits and do final SHA512Transform(). */
SHA512Update(ctx, finalcount, sizeof(finalcount));
}
bool
asignify_pubkey_check_signature(struct asignify_public_data *pk,
struct asignify_public_data *sig, const unsigned char *data, size_t dlen)
{
SHA2_CTX sh;
unsigned char h[crypto_sign_HASHBYTES];
if (pk == NULL || sig == NULL) {
return (false);
}
/* Check sanity */
if (pk->version != sig->version ||
pk->id_len != sig->id_len ||
(pk->id_len > 0 && memcmp(pk->id, sig->id, sig->id_len) != 0)) {
return (false);
}
if (pk->version == sig->version) {
switch (pk->version) {
case 0:
if (pk->data_len == crypto_sign_PUBLICKEYBYTES &&
sig->data_len == crypto_sign_BYTES) {
SHA512Init(&sh);
SHA512Update(&sh, sig->data, 32);
SHA512Update(&sh, pk->data, 32);
SHA512Update(&sh, data, dlen);
SHA512Final(h, &sh);
if (crypto_sign_ed25519_verify_detached(sig->data, h, pk->data) == 0) {
return (true);
}
}
break;
case 1:
if (pk->data_len == crypto_sign_PUBLICKEYBYTES &&
sig->data_len == crypto_sign_BYTES) {
/* ED25519 */
SHA512Init(&sh);
SHA512Update(&sh, sig->data, 32);
SHA512Update(&sh, pk->data, 32);
SHA512Update(&sh, (const uint8_t *)&sig->version,
sizeof(sig->version));
SHA512Update(&sh, data, dlen);
SHA512Final(h, &sh);
if (crypto_sign_ed25519_verify_detached(sig->data, h, pk->data) == 0) {
return (true);
}
}
break;
default:
break;
}
}
return (false);
}
int
crypto_hash_sha512(unsigned char *out, const unsigned char *in,
unsigned long long inlen)
{
SHA2_CTX ctx;
SHA512Init(&ctx);
SHA512Update(&ctx, in, inlen);
SHA512Final(out, &ctx);
return 0;
}
char *
SHA512FileChunk(const char *filename, char *buf, off_t off, off_t len)
{
struct stat sb;
u_char buffer[BUFSIZ];
SHA2_CTX ctx;
int fd, save_errno;
ssize_t nr;
SHA512Init(&ctx);
if ((fd = open(filename, O_RDONLY)) < 0)
return (NULL);
if (len == 0) {
if (fstat(fd, &sb) == -1) {
close(fd);
return (NULL);
}
len = sb.st_size;
}
if (off > 0 && lseek(fd, off, SEEK_SET) < 0) {
close(fd);
return (NULL);
}
while ((nr = read(fd, buffer, MIN(sizeof(buffer), len))) > 0) {
SHA512Update(&ctx, buffer, (size_t)nr);
if (len > 0 && (len -= nr) == 0)
break;
}
save_errno = errno;
close(fd);
errno = save_errno;
return (nr < 0 ? NULL : SHA512End(&ctx, buf));
}
void
SHA384Update(SHA2_CTX *ctx, const uint8_t *data, size_t len)
{
SHA512Update(ctx, data, len);
}