C++ (Cpp) BL_FIPSEntryOKの例

プログラミング言語: C++ (Cpp)

メソッド/関数: BL_FIPSEntryOK

hotexamples.comのコード掲載数: 2

C++ (Cpp) BL_FIPSEntryOK - 2件のコード例が見つかりました。すべてオープンソースプロジェクトから抽出されたC++ (Cpp)のBL_FIPSEntryOKの実例で、最も評価が高いものを厳選しています。コード例の評価を行っていただくことで、より質の高いコード例が表示されるようになります。

コード例 #1

ファイルを表示

ファイル: nsslowhash.c プロジェクト: MichaelKohler/gecko-dev

NSSLOWInitContext *
NSSLOW_Init(void)
{
#ifdef FREEBL_NO_DEPEND
    (void)FREEBL_InitStubs();
#endif

    /* make sure the FIPS product is installed if we are trying to
     * go into FIPS mode */
    if (nsslow_GetFIPSEnabled()) {
        if (BL_FIPSEntryOK(PR_TRUE) != SECSuccess) {
            PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
            post_failed = PR_TRUE;
            return NULL;
        }
    }
    post_failed = PR_FALSE;

    return &dummyContext;
}

コード例 #2

ファイルを表示

ファイル: shvfy.c プロジェクト: MekliCZ/positron

static PRBool
blapi_SHVerifyFile(const char *shName, PRBool self)
{
    char *checkName = NULL;
    PRFileDesc *checkFD = NULL;
    PRFileDesc *shFD = NULL;
    void  *hashcx = NULL;
    const SECHashObject *hashObj = NULL;
    SECItem signature = { 0, NULL, 0 };
    SECItem hash;
    int bytesRead, offset;
    SECStatus rv;
    DSAPublicKey key;
    int count;
#ifdef FREEBL_USE_PRELINK
    int pid = 0;
#endif

    PRBool result = PR_FALSE; /* if anything goes wrong,
			       * the signature does not verify */
    unsigned char buf[4096];
    unsigned char hashBuf[HASH_LENGTH_MAX];

    PORT_Memset(&key,0,sizeof(key));
    hash.data = hashBuf;
    hash.len = sizeof(hashBuf);

    /* If our integrity check was never ran or failed, fail any other 
     * integrity checks to prevent any token going into FIPS mode. */
    if (!self && (BL_FIPSEntryOK(PR_FALSE) != SECSuccess)) {
	return PR_FALSE;
    }

    if (!shName) {
	goto loser;
    }

    /* figure out the name of our check file */
    checkName = mkCheckFileName(shName);
    if (!checkName) {
	goto loser;
    }

    /* open the check File */
    checkFD = PR_Open(checkName, PR_RDONLY, 0);
    if (checkFD == NULL) {
#ifdef DEBUG_SHVERIFY
        fprintf(stderr, "Failed to open the check file %s: (%d, %d)\n",
                checkName, (int)PR_GetError(), (int)PR_GetOSError());
#endif /* DEBUG_SHVERIFY */
	goto loser;
    }

    /* read and Verify the headerthe header */
    bytesRead = PR_Read(checkFD, buf, 12);
    if (bytesRead != 12) {
	goto loser;
    }
    if ((buf[0] != NSS_SIGN_CHK_MAGIC1) || (buf[1] != NSS_SIGN_CHK_MAGIC2)) {
	goto loser;
    }
    if ((buf[2] != NSS_SIGN_CHK_MAJOR_VERSION) || 
				(buf[3] < NSS_SIGN_CHK_MINOR_VERSION)) {
	goto loser;
    }
#ifdef notdef
    if (decodeInt(&buf[8]) != CKK_DSA) {
	goto loser;
    }
#endif

    /* seek past any future header extensions */
    offset = decodeInt(&buf[4]);
    if (PR_Seek(checkFD, offset, PR_SEEK_SET) < 0) {
	goto loser;
    }

    /* read the key */
    rv = readItem(checkFD,&key.params.prime);
    if (rv != SECSuccess) {
	goto loser;
    }
    rv = readItem(checkFD,&key.params.subPrime);
    if (rv != SECSuccess) {
	goto loser;
    }
    rv = readItem(checkFD,&key.params.base);
    if (rv != SECSuccess) {
	goto loser;
    }
    rv = readItem(checkFD,&key.publicValue);
    if (rv != SECSuccess) {
	goto loser;
    }
    /* read the siganture */
    rv = readItem(checkFD,&signature);
    if (rv != SECSuccess) {
	goto loser;
    }

    /* done with the check file */
    PR_Close(checkFD);
    checkFD = NULL;

    hashObj = HASH_GetRawHashObject(PQG_GetHashType(&key.params));
    if (hashObj == NULL) {
	goto loser;
    }

    /* open our library file */
#ifdef FREEBL_USE_PRELINK
    shFD = bl_OpenUnPrelink(shName,&pid);
#else
    shFD = PR_Open(shName, PR_RDONLY, 0);
#endif
    if (shFD == NULL) {
#ifdef DEBUG_SHVERIFY
        fprintf(stderr, "Failed to open the library file %s: (%d, %d)\n",
                shName, (int)PR_GetError(), (int)PR_GetOSError());
#endif /* DEBUG_SHVERIFY */
	goto loser;
    }

    /* hash our library file with SHA1 */
    hashcx = hashObj->create();
    if (hashcx == NULL) {
	goto loser;
    }
    hashObj->begin(hashcx);

    count = 0;
    while ((bytesRead = PR_Read(shFD, buf, sizeof(buf))) > 0) {
	hashObj->update(hashcx, buf, bytesRead);
	count += bytesRead;
    }
#ifdef FREEBL_USE_PRELINK
    bl_CloseUnPrelink(shFD, pid);
#else
    PR_Close(shFD);
#endif
    shFD = NULL;

    hashObj->end(hashcx, hash.data, &hash.len, hash.len);


    /* verify the hash against the check file */
    if (DSA_VerifyDigest(&key, &signature, &hash) == SECSuccess) {
	result = PR_TRUE;
    }
#ifdef DEBUG_SHVERIFY
  {
        int i,j;
        fprintf(stderr,"File %s: %d bytes\n",shName, count);
        fprintf(stderr,"  hash: %d bytes\n", hash.len);
#define STEP 10
        for (i=0; i < hash.len; i += STEP) {
           fprintf(stderr,"   ");
           for (j=0; j < STEP && (i+j) < hash.len; j++) {
                fprintf(stderr," %02x", hash.data[i+j]);
           }
           fprintf(stderr,"\n");
        }
        fprintf(stderr,"  signature: %d bytes\n", signature.len);
        for (i=0; i < signature.len; i += STEP) {
           fprintf(stderr,"   ");
           for (j=0; j < STEP && (i+j) < signature.len; j++) {
                fprintf(stderr," %02x", signature.data[i+j]);
           }
           fprintf(stderr,"\n");
        }
	fprintf(stderr,"Verified : %s\n",result?"TRUE": "FALSE");
    }
#endif /* DEBUG_SHVERIFY */


loser:
    if (checkName != NULL) {
	PORT_Free(checkName);
    }
    if (checkFD != NULL) {
	PR_Close(checkFD);
    }
    if (shFD != NULL) {
	PR_Close(shFD);
    }
    if (hashcx != NULL) {
	if (hashObj) {
	    hashObj->destroy(hashcx,PR_TRUE);
	}
    }
    if (signature.data != NULL) {
	PORT_Free(signature.data);
    }
    if (key.params.prime.data != NULL) {
	PORT_Free(key.params.prime.data);
    }
    if (key.params.subPrime.data != NULL) {
	PORT_Free(key.params.subPrime.data);
    }
    if (key.params.base.data != NULL) {
	PORT_Free(key.params.base.data);
    }
    if (key.publicValue.data != NULL) {
	PORT_Free(key.publicValue.data);
    }

    return result;
}