UInt64 Random::getRandSeed() { UInt64 result; #if defined(_WIN32) || defined(__WIN32__) HCRYPTPROV hProvider = 0; CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); CryptGenRandom(hProvider, (DWORD)sizeof(UInt64), (BYTE*)&result); CryptReleaseContext(hProvider, 0); #else int n = 0; int fd = open("/dev/urandom", O_RDONLY, 0); if (fd >= 0) { n = read(fd, &result, sizeof(UInt64)); close(fd); } if (n <= 0) { static UInt64 x = 0; SHA1Engine engine; UInt32 t = (UInt32) std::time(NULL); engine.update(&t, sizeof(t)); void* p = this; engine.update(&p, sizeof(p)); UInt32 junk[32]; engine.update(junk, sizeof(junk)); DigestEngine::Digest d = engine.digest(); memcpy(&result, &d[0], sizeof(UInt64)); x += result; result = x; } #endif return result; }
int RandomBuf::readFromDevice(char* buffer, std::streamsize length) { int n = 0; #if defined(POCO_OS_FAMILY_WINDOWS) HCRYPTPROV hProvider = 0; CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); CryptGenRandom(hProvider, (DWORD) length, (BYTE*) buffer); CryptReleaseContext(hProvider, 0); n = static_cast<int>(length); #else #if defined(POCO_OS_FAMILY_UNIX) int fd = open("/dev/urandom", O_RDONLY, 0); if (fd >= 0) { n = read(fd, buffer, length); close(fd); } #endif if (n <= 0) { // x is here as a source of randomness, so it does not make // much sense to protect it with a Mutex. static UInt32 x = 0; Random rnd1(256); Random rnd2(64); x += rnd1.next(); n = 0; SHA1Engine engine; UInt32 t = (UInt32) std::time(NULL); engine.update(&t, sizeof(t)); void* p = this; engine.update(&p, sizeof(p)); engine.update(buffer, length); UInt32 junk[32]; engine.update(junk, sizeof(junk)); while (n < length) { for (int i = 0; i < 100; ++i) { UInt32 r = rnd2.next(); engine.update(&r, sizeof(r)); engine.update(&x, sizeof(x)); x += rnd1.next(); } DigestEngine::Digest d = engine.digest(); for (DigestEngine::Digest::const_iterator it = d.begin(); it != d.end() && n < length; ++it, ++n) { engine.update(*it); *buffer++ = *it++; } } } #endif return n; }
void MongoAuthentication::scramGenerateClientProof(UCBuffer &authMsg, UCBuffer &payload, uint8_t saltedPassword[Poco::SHA1Engine::DIGEST_SIZE]) { uint8_t clientKey[SHA1Engine::DIGEST_SIZE] = { 0 }; uint8_t storedKey[SHA1Engine::DIGEST_SIZE] = { 0 }; uint8_t clientSignature[SHA1Engine::DIGEST_SIZE] = { 0 }; uint8_t clientProof[SHA1Engine::DIGEST_SIZE] = { 0 }; HMACEngine<SHA1Engine> hmac((char*)saltedPassword, SHA1Engine::DIGEST_SIZE); hmac.update("Client Key", strlen("Client Key")); const DigestEngine::Digest& clientDigest = hmac.digest(); for (int i = 0; i < clientDigest.size(); i++) { clientKey[i] = clientDigest[i]; } SHA1Engine sha; sha.update(clientKey, SHA1Engine::DIGEST_SIZE); const DigestEngine::Digest &storedDigest = sha.digest(); for (int i = 0; i < storedDigest.size(); i++) { storedKey[i] = storedDigest[i]; } HMACEngine<SHA1Engine> hmac2((char*)storedKey, sizeof(storedKey)); hmac2.update(authMsg.begin(), authMsg.size()); const DigestEngine::Digest &signatrueDigest = hmac2.digest(); for (int i = 0; i < signatrueDigest.size(); i++) { clientSignature[i] = signatrueDigest[i]; } for (int i = 0; i < SHA1Engine::DIGEST_SIZE; i++) { clientProof[i] = clientKey[i] ^ clientSignature[i]; } std::stringstream proofStream; Poco::Base64Encoder b64(proofStream); b64.write((char*)clientProof, sizeof(clientProof)); b64.close(); payload.append((unsigned char*)proofStream.str().c_str(), proofStream.str().size()); }
void SHA1EngineTest::testSHA1() { SHA1Engine engine; // test vectors from FIPS 180-1 engine.update("abc"); assert (DigestEngine::digestToHex(engine.digest()) == "a9993e364706816aba3e25717850c26c9cd0d89d"); engine.update("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"); assert (DigestEngine::digestToHex(engine.digest()) == "84983e441c3bd26ebaae4aa1f95129e5e54670f1"); for (int i = 0; i < 1000000; ++i) engine.update('a'); assert (DigestEngine::digestToHex(engine.digest()) == "34aa973cd4c4daa4f61eeb2bdbad27316534016f"); }
string ofxCrypto::sha1(string source) { SHA1Engine engine; engine.update(source); return DigestEngine::digestToHex(engine.digest()); }
int RandomBuf::readFromDevice(char* buffer, std::streamsize length) { int n = 0; #if defined(POCO_OS_FAMILY_WINDOWS) //HCRYPTPROV hProvider = 0; //CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); //CryptGenRandom(hProvider, (DWORD) length, (BYTE*) buffer); //CryptReleaseContext(hProvider, 0); n = static_cast<int>(length); using namespace Windows::Security::Cryptography; using namespace Windows::Security::Cryptography::Core; using namespace Windows::Storage::Streams; SymmetricKeyAlgorithmProvider ^keyProvider = SymmetricKeyAlgorithmProvider::OpenAlgorithm(Core::SymmetricAlgorithmNames::AesCbc); Platform::Array<uint8> ^rtArray = ref new Platform::Array<unsigned char>(reinterpret_cast<uint8*>(buffer), n); IBuffer ^rtBuffer = CryptographicBuffer::CreateFromByteArray(rtArray); CryptographicKey ^key = keyProvider->CreateSymmetricKey(rtBuffer); IBuffer ^encryptedBuffer = CryptographicEngine::Encrypt(key, rtBuffer, nullptr); CryptographicBuffer::CopyToByteArray(encryptedBuffer, &rtArray); memcpy(buffer, rtArray->begin(), n); #else #if defined(POCO_OS_FAMILY_UNIX) int fd = open("/dev/urandom", O_RDONLY, 0); if (fd >= 0) { n = read(fd, buffer, length); close(fd); } #endif if (n <= 0) { // x is here as a source of randomness, so it does not make // much sense to protect it with a Mutex. static UInt32 x = 0; Random rnd1(256); Random rnd2(64); x += rnd1.next(); n = 0; SHA1Engine engine; UInt32 t = (UInt32) std::time(NULL); engine.update(&t, sizeof(t)); void* p = this; engine.update(&p, sizeof(p)); engine.update(buffer, length); UInt32 junk[32]; engine.update(junk, sizeof(junk)); while (n < length) { for (int i = 0; i < 100; ++i) { UInt32 r = rnd2.next(); engine.update(&r, sizeof(r)); engine.update(&x, sizeof(x)); x += rnd1.next(); } DigestEngine::Digest d = engine.digest(); for (DigestEngine::Digest::const_iterator it = d.begin(); it != d.end() && n < length; ++it, ++n) { engine.update(*it); *buffer++ = *it++; } } } #endif return n; }