UInt64 Random::getRandSeed()
{
UInt64 result;
#if defined(_WIN32) || defined(__WIN32__)
HCRYPTPROV hProvider = 0;
CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
CryptGenRandom(hProvider, (DWORD)sizeof(UInt64), (BYTE*)&result);
CryptReleaseContext(hProvider, 0);
#else
int n = 0;
int fd = open("/dev/urandom", O_RDONLY, 0);
if (fd >= 0)
{
n = read(fd, &result, sizeof(UInt64));
close(fd);
}
if (n <= 0)
{
static UInt64 x = 0;
SHA1Engine engine;
UInt32 t = (UInt32) std::time(NULL);
engine.update(&t, sizeof(t));
void* p = this;
engine.update(&p, sizeof(p));
UInt32 junk[32];
engine.update(junk, sizeof(junk));
DigestEngine::Digest d = engine.digest();
memcpy(&result, &d[0], sizeof(UInt64));
x += result;
result = x;
}
#endif
return result;
}
int RandomBuf::readFromDevice(char* buffer, std::streamsize length)
{
int n = 0;
#if defined(POCO_OS_FAMILY_WINDOWS)
HCRYPTPROV hProvider = 0;
CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
CryptGenRandom(hProvider, (DWORD) length, (BYTE*) buffer);
CryptReleaseContext(hProvider, 0);
n = static_cast<int>(length);
#else
#if defined(POCO_OS_FAMILY_UNIX)
int fd = open("/dev/urandom", O_RDONLY, 0);
if (fd >= 0)
{
n = read(fd, buffer, length);
close(fd);
}
#endif
if (n <= 0)
{
// x is here as a source of randomness, so it does not make
// much sense to protect it with a Mutex.
static UInt32 x = 0;
Random rnd1(256);
Random rnd2(64);
x += rnd1.next();
n = 0;
SHA1Engine engine;
UInt32 t = (UInt32) std::time(NULL);
engine.update(&t, sizeof(t));
void* p = this;
engine.update(&p, sizeof(p));
engine.update(buffer, length);
UInt32 junk[32];
engine.update(junk, sizeof(junk));
while (n < length)
{
for (int i = 0; i < 100; ++i)
{
UInt32 r = rnd2.next();
engine.update(&r, sizeof(r));
engine.update(&x, sizeof(x));
x += rnd1.next();
}
DigestEngine::Digest d = engine.digest();
for (DigestEngine::Digest::const_iterator it = d.begin(); it != d.end() && n < length; ++it, ++n)
{
engine.update(*it);
*buffer++ = *it++;
}
}
}
#endif
return n;
}
void MongoAuthentication::scramGenerateClientProof(UCBuffer &authMsg, UCBuffer &payload, uint8_t saltedPassword[Poco::SHA1Engine::DIGEST_SIZE])
{
uint8_t clientKey[SHA1Engine::DIGEST_SIZE] = { 0 };
uint8_t storedKey[SHA1Engine::DIGEST_SIZE] = { 0 };
uint8_t clientSignature[SHA1Engine::DIGEST_SIZE] = { 0 };
uint8_t clientProof[SHA1Engine::DIGEST_SIZE] = { 0 };
HMACEngine<SHA1Engine> hmac((char*)saltedPassword, SHA1Engine::DIGEST_SIZE);
hmac.update("Client Key", strlen("Client Key"));
const DigestEngine::Digest& clientDigest = hmac.digest();
for (int i = 0; i < clientDigest.size(); i++) {
clientKey[i] = clientDigest[i];
}
SHA1Engine sha;
sha.update(clientKey, SHA1Engine::DIGEST_SIZE);
const DigestEngine::Digest &storedDigest = sha.digest();
for (int i = 0; i < storedDigest.size(); i++) {
storedKey[i] = storedDigest[i];
}
HMACEngine<SHA1Engine> hmac2((char*)storedKey, sizeof(storedKey));
hmac2.update(authMsg.begin(), authMsg.size());
const DigestEngine::Digest &signatrueDigest = hmac2.digest();
for (int i = 0; i < signatrueDigest.size(); i++) {
clientSignature[i] = signatrueDigest[i];
}
for (int i = 0; i < SHA1Engine::DIGEST_SIZE; i++) {
clientProof[i] = clientKey[i] ^ clientSignature[i];
}
std::stringstream proofStream;
Poco::Base64Encoder b64(proofStream);
b64.write((char*)clientProof, sizeof(clientProof));
b64.close();
payload.append((unsigned char*)proofStream.str().c_str(), proofStream.str().size());
}
void SHA1EngineTest::testSHA1()
{
SHA1Engine engine;
// test vectors from FIPS 180-1
engine.update("abc");
assert (DigestEngine::digestToHex(engine.digest()) == "a9993e364706816aba3e25717850c26c9cd0d89d");
engine.update("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq");
assert (DigestEngine::digestToHex(engine.digest()) == "84983e441c3bd26ebaae4aa1f95129e5e54670f1");
for (int i = 0; i < 1000000; ++i)
engine.update('a');
assert (DigestEngine::digestToHex(engine.digest()) == "34aa973cd4c4daa4f61eeb2bdbad27316534016f");
}
string ofxCrypto::sha1(string source) {
SHA1Engine engine;
engine.update(source);
return DigestEngine::digestToHex(engine.digest());
}
int RandomBuf::readFromDevice(char* buffer, std::streamsize length)
{
int n = 0;
#if defined(POCO_OS_FAMILY_WINDOWS)
//HCRYPTPROV hProvider = 0;
//CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
//CryptGenRandom(hProvider, (DWORD) length, (BYTE*) buffer);
//CryptReleaseContext(hProvider, 0);
n = static_cast<int>(length);
using namespace Windows::Security::Cryptography;
using namespace Windows::Security::Cryptography::Core;
using namespace Windows::Storage::Streams;
SymmetricKeyAlgorithmProvider ^keyProvider = SymmetricKeyAlgorithmProvider::OpenAlgorithm(Core::SymmetricAlgorithmNames::AesCbc);
Platform::Array<uint8> ^rtArray = ref new Platform::Array<unsigned char>(reinterpret_cast<uint8*>(buffer), n);
IBuffer ^rtBuffer = CryptographicBuffer::CreateFromByteArray(rtArray);
CryptographicKey ^key = keyProvider->CreateSymmetricKey(rtBuffer);
IBuffer ^encryptedBuffer = CryptographicEngine::Encrypt(key, rtBuffer, nullptr);
CryptographicBuffer::CopyToByteArray(encryptedBuffer, &rtArray);
memcpy(buffer, rtArray->begin(), n);
#else
#if defined(POCO_OS_FAMILY_UNIX)
int fd = open("/dev/urandom", O_RDONLY, 0);
if (fd >= 0)
{
n = read(fd, buffer, length);
close(fd);
}
#endif
if (n <= 0)
{
// x is here as a source of randomness, so it does not make
// much sense to protect it with a Mutex.
static UInt32 x = 0;
Random rnd1(256);
Random rnd2(64);
x += rnd1.next();
n = 0;
SHA1Engine engine;
UInt32 t = (UInt32) std::time(NULL);
engine.update(&t, sizeof(t));
void* p = this;
engine.update(&p, sizeof(p));
engine.update(buffer, length);
UInt32 junk[32];
engine.update(junk, sizeof(junk));
while (n < length)
{
for (int i = 0; i < 100; ++i)
{
UInt32 r = rnd2.next();
engine.update(&r, sizeof(r));
engine.update(&x, sizeof(x));
x += rnd1.next();
}
DigestEngine::Digest d = engine.digest();
for (DigestEngine::Digest::const_iterator it = d.begin(); it != d.end() && n < length; ++it, ++n)
{
engine.update(*it);
*buffer++ = *it++;
}
}
}
#endif
return n;
}
