void
fips_hmac_sha1_hash(sha1_hmac_ctx_t *sha1_hmac_ctx,
uint8_t *message, uint32_t message_len,
uint8_t *hmac_computed)
{
/* do a SHA1 update of the inner context using the specified data */
SHA1Update(&((sha1_hmac_ctx)->hc_icontext), message,
message_len);
/*
* Do a SHA1 final on the inner context.
*/
SHA1Final(hmac_computed, &((sha1_hmac_ctx)->hc_icontext));
/*
* Do an SHA1 update on the outer context, feeding the inner
* digest as data.
*/
SHA1Update(&((sha1_hmac_ctx)->hc_ocontext), hmac_computed,
SHA1_HASH_SIZE);
/*
* Do a SHA1 final on the outer context, storing the computed
* digest in the caller's buffer.
*/
SHA1Final(hmac_computed, &((sha1_hmac_ctx)->hc_ocontext));
kmem_free(sha1_hmac_ctx, sizeof (sha1_hmac_ctx_t));
}
int crsha1(char *username, const char *password, const char *challenge, const char *response) {
char buf[1024];
SHA1_CTX ctx;
unsigned char digest[20];
char hexbuf[sizeof(digest) * 2 + 1];
hmacsha1 hmac;
/* not sure how this helps but the RFC says to do it... */
SHA1Init(&ctx);
SHA1Update(&ctx, (unsigned char *)password, strlen(password));
SHA1Final(digest, &ctx);
snprintf(buf, sizeof(buf), "%s:%s", username, hmac_printhex(digest, hexbuf, sizeof(digest)));
SHA1Init(&ctx);
SHA1Update(&ctx, (unsigned char *)buf, strlen(buf));
SHA1Final(digest, &ctx);
hmacsha1_init(&hmac, (unsigned char *)hmac_printhex(digest, hexbuf, sizeof(digest)), sizeof(digest) * 2);
hmacsha1_update(&hmac, (unsigned char *)challenge, strlen(challenge));
hmacsha1_final(&hmac, digest);
hmac_printhex(digest, hexbuf, sizeof(digest));
if(!hmac_strcmp(hmac_printhex(digest, hexbuf, sizeof(digest)), response))
return 1;
return 0;
}
void hmac_sha1(const unsigned char *inText, size_t inTextLength, unsigned char* inKey, const size_t inKeyLengthConst, unsigned char *outDigest)
{
const size_t B = 64;
const size_t L = 20;
SHA1_CTX theSHA1Context;
unsigned char k_ipad[B + 1]; /* inner padding - key XORd with ipad */
unsigned char k_opad[B + 1]; /* outer padding - key XORd with opad */
size_t inKeyLength;
/* if key is longer than 64 bytes reset it to key=SHA1 (key) */
if (inKeyLengthConst > B)
{
SHA1Init(&theSHA1Context);
SHA1Update(&theSHA1Context, inKey, inKeyLengthConst);
SHA1Final(inKey, &theSHA1Context);
inKeyLength = L;
}
else
{
inKeyLength = inKeyLengthConst;
}
/* start out by storing key in pads */
memset(k_ipad, 0, sizeof k_ipad);
memset(k_opad, 0, sizeof k_opad);
memcpy(k_ipad, inKey, inKeyLength);
memcpy(k_opad, inKey, inKeyLength);
/* XOR key with ipad and opad values */
int i;
for (i = 0; i < B; i++)
{
k_ipad[i] ^= 0x36;
k_opad[i] ^= 0x5c;
}
/*
* perform inner SHA1
*/
SHA1Init(&theSHA1Context); /* init context for 1st pass */
SHA1Update(&theSHA1Context, k_ipad, B); /* start with inner pad */
SHA1Update(&theSHA1Context, (unsigned char *)inText, inTextLength); /* then text of datagram */
SHA1Final((unsigned char *)outDigest, &theSHA1Context); /* finish up 1st pass */
/*
* perform outer SHA1
*/
SHA1Init(&theSHA1Context); /* init context for 2nd pass */
SHA1Update(&theSHA1Context, k_opad, B); /* start with outer pad */
SHA1Update(&theSHA1Context, outDigest, L); /* then results of 1st hash */
SHA1Final(outDigest, &theSHA1Context); /* finish up 2nd pass */
}
void hmac_sha1(const u_int8_t *inText, size_t inTextLength, u_int8_t* inKey, size_t inKeyLength, u_int8_t *outDigest)
{
#define B 64
#define L 20
SHA1_CTX theSHA1Context;
u_int8_t k_ipad[B + 1]; /* inner padding - key XORd with ipad */
u_int8_t k_opad[B + 1]; /* outer padding - key XORd with opad */
/* if key is longer than 64 bytes reset it to key=SHA1 (key) */
if (inKeyLength > B)
{
SHA1Init(&theSHA1Context);
SHA1Update(&theSHA1Context, inKey, inKeyLength);
SHA1Final(inKey, &theSHA1Context);
inKeyLength = L;
}
/* start out by storing key in pads */
memset(k_ipad, 0, sizeof k_ipad);
memset(k_opad, 0, sizeof k_opad);
memcpy(k_ipad, inKey, inKeyLength);
memcpy(k_opad, inKey, inKeyLength);
/* XOR key with ipad and opad values */
int i;
for (i = 0; i < B; i++)
{
k_ipad[i] ^= 0x36;
k_opad[i] ^= 0x5c;
}
/*
* perform inner SHA1
*/
SHA1Init(&theSHA1Context); /* init context for 1st pass */
SHA1Update(&theSHA1Context, k_ipad, B); /* start with inner pad */
SHA1Update(&theSHA1Context, (u_int8_t *)inText, inTextLength); /* then text of datagram */
SHA1Final((u_int8_t *)outDigest, &theSHA1Context); /* finish up 1st pass */
/*
* perform outer SHA1
*/
SHA1Init(&theSHA1Context); /* init context for 2nd
* pass */
SHA1Update(&theSHA1Context, k_opad, B); /* start with outer pad */
SHA1Update(&theSHA1Context, (u_int8_t *)outDigest, L); /* then results of 1st
* hash */
SHA1Final((u_int8_t *)outDigest, &theSHA1Context); /* finish up 2nd pass */
}
CK_RV
sha1_hash(SESSION *sess,
CK_BBOOL length_only,
DIGEST_CONTEXT *ctx,
CK_BYTE *in_data,
CK_ULONG in_data_len,
CK_BYTE *out_data,
CK_ULONG *out_data_len)
{
if (! sess || ! ctx || ! out_data_len) {
return (CKR_FUNCTION_FAILED);
}
*out_data_len = SHA1_DIGEST_LENGTH;
if (length_only == TRUE) {
return (CKR_OK);
}
if (ctx->context.sha1ctx == NULL)
return (CKR_HOST_MEMORY);
SHA1Update(ctx->context.sha1ctx, in_data, in_data_len);
SHA1Final(out_data, ctx->context.sha1ctx);
return (CKR_OK);
}
/* Generate a cookie.
* First argument is true if we're to create an Initiator cookie.
* Length SHOULD be a multiple of sizeof(u_int32_t).
*/
void
get_cookie(bool initiator, u_int8_t *cookie, int length, const ip_address *addr)
{
u_char buffer[SHA1_DIGEST_SIZE];
SHA1_CTX ctx;
do {
if (initiator)
{
get_rnd_bytes(cookie, length);
}
else /* Responder cookie */
{
/* This looks as good as any way */
size_t addr_length;
static u_int32_t counter = 0;
unsigned char addr_buff[
sizeof(union {struct in_addr; struct in6_addr;})];
addr_length = addrbytesof(addr, addr_buff, sizeof(addr_buff));
SHA1Init(&ctx);
SHA1Update(&ctx, addr_buff, addr_length);
SHA1Update(&ctx, secret_of_the_day, sizeof(secret_of_the_day));
counter++;
SHA1Update(&ctx, (const void *) &counter, sizeof(counter));
SHA1Final(buffer, &ctx);
memcpy(cookie, buffer, length);
}
} while (is_zero_cookie(cookie)); /* probably never loops */
}
int rl_dirty_hash(struct rlite *db, unsigned char **hash)
{
long i;
int retval = RL_OK;
rl_page *page;
SHA1_CTX sha;
unsigned char *data = NULL;
if (db->write_pages_len == 0) {
*hash = NULL;
goto cleanup;
}
RL_MALLOC(data, db->page_size * sizeof(unsigned char));
RL_MALLOC(*hash, sizeof(unsigned char) * 20);
SHA1Init(&sha);
for (i = 0; i < db->write_pages_len; i++) {
page = db->write_pages[i];
memset(data, 0, db->page_size);
if (page->type) {
retval = page->type->serialize(db, page->obj, data);
}
SHA1Update(&sha, data, db->page_size);
}
SHA1Final(*hash, &sha);
cleanup:
rl_free(data);
if (retval != RL_OK) {
rl_free(*hash);
*hash = NULL;
}
return retval;
}
int RandomUpdate (
RANDOM_STRUCT *randStruct,
unsigned char *block,
unsigned int blockLen
)
{
SHA1_CTX context;
unsigned char digest[20];
unsigned int i, x;
SHA1Init (&context);
SHA1Update (&context, block, blockLen);
SHA1Final (digest, &context);
/* add digest to state */
x = 0;
for (i = 0; i < 20; i++) {
x += randStruct->state[19-i] + digest[19-i];
randStruct->state[19-i] = (unsigned char)x;
x >>= 8;
}
if (randStruct->bytesNeeded < blockLen)
randStruct->bytesNeeded = 0;
else
randStruct->bytesNeeded -= blockLen;
/* Zeroize sensitive information. */
memset ((unsigned char *)digest, 0, sizeof (digest));
x = 0;
return (0);
}
//2. hash function then get key
unsigned hash_func(char* portstr){
SHA1_CTX sha;
uint8_t results[20];
char * buf;
int n;
uint8_t chunks0[4];
uint8_t chunks1[4];
uint8_t chunks2[4];
uint8_t chunks3[4];
uint8_t chunks4[4];
uint8_t ans[4];
buf = portstr;
n = strlen(buf);
SHA1Init(&sha);
SHA1Update(&sha, (uint8_t*)buf, n);
SHA1Final(results, &sha);
strncpy(chunks0, results, 4);
strncpy(chunks1, results + 4, 4);
strncpy(chunks2, results + 4*2, 4);
strncpy(chunks3, results + 4*3, 4);
strncpy(chunks4, results + 4*4, 4);
for(int i = 0; i < 5; i++){
ans[i] = chunks0[i] ^ chunks1[i] ^ chunks2[i] ^ chunks3[i] ^ chunks4[i];
}
return *(unsigned*)ans;
}
/*
* fips_sha1_hash()
*
* Arguments:
* sha1_context: pointer to SHA1 context
* in: pointer to the input data to be hashed
* inlen: length of the input data
* out: pointer to the output data after hashing
*
* Description:
* This function calls the low-level SHA1 routines for hashing.
*
*/
int
fips_sha1_hash(SHA1_CTX *sha1_context, uchar_t *in, ulong_t inlen, uchar_t *out)
{
int rv;
if (in != NULL) {
#ifdef __sparcv9
SHA1Update((SHA1_CTX *)sha1_context, in, (uint_t)inlen);
#else /* !__sparcv9 */
SHA1Update((SHA1_CTX *)sha1_context, in, inlen);
#endif /* __sparcv9 */
SHA1Final(out, (SHA1_CTX *)sha1_context);
rv = CKR_OK;
} else
rv = CKR_ARGUMENTS_BAD;
if (sha1_context)
#ifdef _KERNEL
kmem_free(sha1_context, sizeof (SHA1_CTX));
#else
free(sha1_context);
#endif
return (rv);
}
void drizzle_mysql_password_hash(char *to, const char *from, size_t from_size)
{
SHA1_CTX ctx;
uint8_t hash_tmp1[SHA1_DIGEST_LENGTH];
uint8_t hash_tmp2[SHA1_DIGEST_LENGTH];
SHA1Init(&ctx);
SHA1Update(&ctx, (const uint8_t*)from, from_size);
SHA1Final(hash_tmp1, &ctx);
SHA1Init(&ctx);
SHA1Update(&ctx, hash_tmp1, SHA1_DIGEST_LENGTH);
SHA1Final(hash_tmp2, &ctx);
(void)drizzle_hex_string(to, (char*)hash_tmp2, SHA1_DIGEST_LENGTH);
}
/* Reseed the PRNG given by randomStruct.
* It requires previous calls to RandomUpdate. If there is no (enough)
* entropy stored returns PRNG_NO_DATA_TO_RESEED. Use GetRandomBytesNeeded
* to find out how much (random) input is still needed.
*/
u32 RandomReseed (RANDOM_STRUCT *randStruct)
{
u8 auxbuff[PRNG_MOD_BLEN];
if (randStruct == NULL) return PRNG_NOT_INIT;
if (randStruct->bytesPool) {
/* reseed from pool; new_state = H(previous_state || pool) */
/* transform zstate to byte string */
WORD2BYTE (auxbuff, randStruct->zstate, PRNG_MOD_BLEN);
/* compute hash */
SHA1Init (&(randStruct->hashCtx));
SHA1Update (&(randStruct->hashCtx), auxbuff, PRNG_MOD_BLEN);
SHA1Update (&(randStruct->hashCtx),
randStruct->pool, PRNG_MOD_BLEN);
SHA1Final (randStruct->pool, &(randStruct->hashCtx));
/* transform new pool to mpz number (zstate, the new prng state) */
BYTE2WORD (randStruct->zstate, randStruct->pool, PRNG_MOD_BLEN);
return PRNG_NO_ERROR;
}
else
/* no input has been fed since last reseed! */
return PRNG_NO_DATA_TO_RESEED;
}
void
HMAC_SHA1_Init(HMAC_SHA1_CTX *ctx, const u_int8_t *key, u_int key_len)
{
u_int8_t k_ipad[SHA1_BLOCK_LENGTH];
int i;
if (key_len > SHA1_BLOCK_LENGTH) {
SHA1Init(&ctx->ctx);
SHA1Update(&ctx->ctx, key, key_len);
SHA1Final(ctx->key, &ctx->ctx);
ctx->key_len = SHA1_DIGEST_LENGTH;
} else {
bcopy(key, ctx->key, key_len);
ctx->key_len = key_len;
}
bzero(k_ipad, SHA1_BLOCK_LENGTH);
bcopy(ctx->key, k_ipad, ctx->key_len);
for (i = 0; i < SHA1_BLOCK_LENGTH; i++)
k_ipad[i] ^= 0x36;
SHA1Init(&ctx->ctx);
SHA1Update(&ctx->ctx, k_ipad, SHA1_BLOCK_LENGTH);
bzero(k_ipad, sizeof k_ipad);
}
const unsigned char *Digest::get(void)
{
unsigned count = 0;
if(bufsize)
return buffer;
if(!context || !hashtype)
return NULL;
switch(*((char *)hashtype)) {
case 'm':
MD5Final(buffer, (MD5_CTX*)context);
release();
bufsize = 16;
break;
case 's':
SHA1Final(buffer, (SHA1_CTX*)context);
release();
bufsize = 20;
break;
default:
break;
}
while(count < bufsize) {
snprintf(textbuf + (count * 2), 3, "%2.2x", buffer[count]);
++count;
}
return buffer;
}
/*
* des_init_random_number_generator:
*
* This routine takes a secret key possibly shared by a number of servers
* and uses it to generate a random number stream that is not shared by
* any of the other servers. It does this by using the current process id,
* host id, and the current time to the nearest second. The resulting
* stream seed is not useful information for cracking the secret key.
* Moreover, this routine keeps no copy of the secret key.
*/
void
des_init_random_number_generator(des_cblock *seed)
{
u_int64_t seed_q;
des_cblock seed_new;
SHA1_CTX sha;
u_char results[20];
char hname[64], accum[512];
struct timeval when;
SHA1Init(&sha);
gethostname(hname, sizeof(hname) - 1);
gettimeofday(&when, NULL);
memcpy(&seed_q, seed, sizeof(seed_q));
snprintf(accum, sizeof(accum), "%lld%ld%d%s%d%lld",
(long long)when.tv_sec, (long)when.tv_usec, getpid(), hname,
getuid(), (long long)seed_q);
SHA1Update(&sha, (u_char *) accum, strlen(accum));
memset(accum, 0, sizeof(accum));
SHA1Final(results, &sha);
memcpy(seed_new, results, sizeof(seed_new));
des_random_seed(&seed_new);
memset(seed_new, 0, sizeof(seed_new));
memset(results, 0, sizeof(results));
}
//=============================================================================
// WebSocketAcceptKey()
// 1) взять строковое значение из заголовка Sec-WebSocket-Key и объединить со
// строкой 258EAFA5-E914-47DA-95CA-C5AB0DC85B11
// 2) вычислить бинарный хеш SHA-1 (бинарная строка из 20 символов) от полученной
// в первом пункте строки
// 3) закодировать хеш в Base64
//=============================================================================
bool ICACHE_FLASH_ATTR WebSocketAcceptKey(uint8* dkey, uint8* skey)
{
uint8 keybuf[sizeWebSocketAddKey];
SHA1_CTX cha;
int len = 0;
{
uint8 *pcmp = skey;
while(*pcmp >= '+' && len < sizeWebSocketKey) {
pcmp++;
len++;
};
if(len != sizeWebSocketKey) return false;
ets_memcpy(keybuf, WebSocketAddKey, sizeWebSocketAddKey);
};
SHA1Init(&cha);
SHA1Update(&cha, skey, len);
SHA1Update(&cha, keybuf, sizeWebSocketAddKey);
SHA1Final(keybuf, &cha);
len = base64encode(dkey, 31, keybuf, SHA1_HASH_LEN);
#if DEBUGSOO > 2
os_printf("\ncha:'");
print_hex_dump(keybuf, SHA1_HASH_LEN, '\0');
os_printf("'\n");
os_printf("key[%u]:'%s'\n", len, dkey);
#endif
return true;
}
/* zsync_sha1(self, filedesc)
* Given the currently-open-and-at-start-of-file complete local copy of the
* target, read it and compare the SHA1 checksum with the one from the .zsync.
* Returns -1 or 1 as per zsync_complete.
*/
static int zsync_sha1(struct zsync_state *zs, int fh) {
SHA1_CTX shactx;
{ /* Do SHA1 of file contents */
unsigned char* buf = (unsigned char*)malloc(4096);
int rc;
SHA1Init(&shactx);
while (0 < (rc = read(fh, buf, sizeof buf))) {
SHA1Update(&shactx, buf, rc);
}
free(buf);
if (rc < 0) {
perror("read");
return -1;
}
}
{ /* And compare result of the SHA1 with the one from the .zsync */
unsigned char digest[SHA1_DIGEST_LENGTH];
int i;
SHA1Final(digest, &shactx);
for (i = 0; i < SHA1_DIGEST_LENGTH; i++) {
int j;
sscanf(&(zs->checksum[2 * i]), "%2x", &j);
if (j != digest[i]) {
return -1;
}
}
return 1; /* Checksum verified okay */
}
}
EFI_STATUS
EFIAPI
HSHash(
IN CONST EFI_HASH_PROTOCOL *This,
IN CONST EFI_GUID *HashAlgorithm,
IN BOOLEAN Extend,
IN CONST UINT8 *Message,
IN UINT64 MessageSize,
IN OUT EFI_HASH_OUTPUT *Hash
)
{
HS_PRIVATE_DATA *PrivateData;
SHA1_CTX CtxCopy;
if (!This || !HashAlgorithm || !Message || !Hash || !MessageSize) {
return EFI_INVALID_PARAMETER;
}
if (!CompareGuid(&gEfiHashAlgorithmSha1Guid, HashAlgorithm)) {
return EFI_UNSUPPORTED;
}
PrivateData = HS_PRIVATE_FROM_PROTO(This);
if (!Extend) {
SHA1Init(&PrivateData->Sha1Ctx);
}
SHA1Update(&PrivateData->Sha1Ctx, Message, MessageSize);
// SHA1Final clears the context, so we need to create a copy
// in order to be able to support later updates.
CopyMem(&CtxCopy, &PrivateData->Sha1Ctx, sizeof CtxCopy);
SHA1Final(*Hash->Sha1Hash, &CtxCopy);
return EFI_SUCCESS;
}
bool crypto_digest_finalize(DIGEST *digest, uint8_t *dest, uint32_t *length)
{
switch (digest->type) {
case CRYPTO_DIGEST_MD5:
/* Guard against programmer error by either the API client or
* an out-of-sync CRYPTO_DIGEST_MAX_SIZE */
assert(*length >= CRYPTO_DIGEST_MD5_SIZE);
*length = CRYPTO_DIGEST_MD5_SIZE;
/* Doesn't return anything ... */
MD5Final((unsigned char *)dest, &digest->md5);
return true;
case CRYPTO_DIGEST_SHA1:
/* Guard against programmer error by either the API client or
* an out-of-sync CRYPTO_DIGEST_MAX_SIZE */
assert(*length >= CRYPTO_DIGEST_SHA1_SIZE);
*length = CRYPTO_DIGEST_SHA1_SIZE;
if (SHA1Final(&digest->sha1, (u_int8_t *) dest) == shaSuccess) {
return true;
} else {
return false;
}
break;
default:
return false;
}
return false;
}
static void
int_sha1_finish(PX_MD *h, uint8 *dst)
{
SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
SHA1Final(dst, ctx);
}
/*
* Compute a SHA-1 digest on a range of bytes.
*/
static void dexComputeSHA1Digest(const unsigned char* data, size_t length,
unsigned char digest[])
{
SHA1_CTX context;
SHA1Init(&context);
SHA1Update(&context, data, length);
SHA1Final(digest, &context);
}
static void calculateHash(Img2Header* header, uint8_t* hash) {
SHA1_CTX context;
SHA1Init(&context);
SHA1Update(&context, (uint8_t*) header, 0x3E0);
SHA1Final(hash, &context);
memcpy(hash + 20, Img2HashPadding, 32 - 20);
aes_img2verify_encrypt(hash, 32, NULL);
}
static void calculateDataHash(void* buffer, int len, uint8_t* hash) {
SHA1_CTX context;
SHA1Init(&context);
SHA1Update(&context, buffer, len);
SHA1Final(hash, &context);
memcpy(hash + 20, Img2HashPadding, 64 - 20);
aes_img2verify_encrypt(hash, 64, NULL);
}
void IOPlatformExpert::registerNVRAMController(IONVRAMController * caller)
{
OSData * data;
IORegistryEntry * entry;
OSString * string = 0;
uuid_string_t uuid;
entry = IORegistryEntry::fromPath( "/efi/platform", gIODTPlane );
if ( entry )
{
data = OSDynamicCast( OSData, entry->getProperty( "system-id" ) );
if ( data && data->getLength( ) == 16 )
{
SHA1_CTX context;
uint8_t digest[ SHA_DIGEST_LENGTH ];
const uuid_t space = { 0x2A, 0x06, 0x19, 0x90, 0xD3, 0x8D, 0x44, 0x40, 0xA1, 0x39, 0xC4, 0x97, 0x70, 0x37, 0x65, 0xAC };
SHA1Init( &context );
SHA1Update( &context, space, sizeof( space ) );
SHA1Update( &context, data->getBytesNoCopy( ), data->getLength( ) );
SHA1Final( digest, &context );
digest[ 6 ] = ( digest[ 6 ] & 0x0F ) | 0x50;
digest[ 8 ] = ( digest[ 8 ] & 0x3F ) | 0x80;
uuid_unparse( digest, uuid );
string = OSString::withCString( uuid );
}
entry->release( );
}
if ( string == 0 )
{
entry = IORegistryEntry::fromPath( "/options", gIODTPlane );
if ( entry )
{
data = OSDynamicCast( OSData, entry->getProperty( "platform-uuid" ) );
if ( data && data->getLength( ) == sizeof( uuid_t ) )
{
uuid_unparse( ( uint8_t * ) data->getBytesNoCopy( ), uuid );
string = OSString::withCString( uuid );
}
entry->release( );
}
}
if ( string )
{
getProvider( )->setProperty( kIOPlatformUUIDKey, string );
publishResource( kIOPlatformUUIDKey, string );
string->release( );
}
publishResource("IONVRAM");
}
void sha1_hmac(unsigned char *inputkey, size_t inputkeylen,
unsigned char *inputmsg, size_t msglen,
unsigned char *dst)
{
SHA1_CTX ctx;
size_t keylen = inputkeylen;
unsigned char keydigest[20];
unsigned char *key = inputkey;
unsigned char ipad[HMAC_SHA1_BLOCKSIZE];
unsigned char opad[HMAC_SHA1_BLOCKSIZE];
unsigned int i;
/* Shorten key if needed */
if (keylen > HMAC_SHA1_BLOCKSIZE)
{
SHA1Init(&ctx);
SHA1Update(&ctx,inputkey,keylen);
SHA1Final(keydigest,&ctx);
key = keydigest;
keylen = 20;
}
/* Padding */
memset(ipad, 0x36, HMAC_SHA1_BLOCKSIZE);
memset(opad, 0x5c, HMAC_SHA1_BLOCKSIZE);
/* Pad key */
for(i = 0; i < keylen; i++) {
ipad[i] ^= key[i];
opad[i] ^= key[i];
}
/* First */
SHA1Init(&ctx);
SHA1Update(&ctx, ipad, HMAC_SHA1_BLOCKSIZE);
SHA1Update(&ctx, inputmsg, msglen);
SHA1Final(dst, &ctx);
/* Second */
SHA1Init(&ctx);
SHA1Update(&ctx, opad, HMAC_SHA1_BLOCKSIZE);
SHA1Update(&ctx, dst, 20);
SHA1Final(dst, &ctx);
}
int
_mesa_sha1_final(struct mesa_sha1 *ctx, unsigned char result[20])
{
SHA1_CTX *sha1_ctx = (SHA1_CTX *) ctx;
SHA1Final(result, sha1_ctx);
free(sha1_ctx);
return 1;
}
void CKeyPair::DeriveKeyFromPassword( unsigned char * password )
{
SHA_INFO si;
unsigned long len = (unsigned long)strlen( (const char *)&password[0] );
SHA1Init( &si );
SHA1Update( &si, password, len );
SHA1Final( private_key, &si );
SHA1Init( &si );
SHA1Update( &si, private_key, 20 );
SHA1Update( &si, password, len );
SHA1Final( &private_key[1], &si );
private_key[0] &= 7;
ZeroMemory( &si, sizeof(si) );
}
static void
mix_pool(void)
{
SHA1_CTX ctx;
SHA1Init(&ctx);
SHA1Update(&ctx, random_pool, RANDOM_POOL_SIZE);
SHA1Final(random_pool, &ctx);
}
/* This function instead of just computing the SHA1 and xoring it
* against digest, also perform the digest of "digest" itself and
* replace the old value with the new one.
*
* So the final digest will be:
*
* digest = SHA1(digest xor SHA1(data))
*
* This function is used every time we want to preserve the order so
* that digest(a,b,c,d) will be different than digest(b,c,d,a)
*
* Also note that mixdigest("foo") followed by mixdigest("bar")
* will lead to a different digest compared to "fo", "obar".
*/
void mixDigest(unsigned char *digest, void *ptr, size_t len) {
SHA1_CTX ctx;
char *s = ptr;
xorDigest(digest,s,len);
SHA1Init(&ctx);
SHA1Update(&ctx,digest,20);
SHA1Final(digest,&ctx);
}
void SHA1Hash::Finalize()
{
CoreAssert(this != NULL);
if (m_hash) delete [] m_hash;
m_hash = new unsigned char[SHA1_DIGEST_SIZE];
SHA1Final(m_hash, &m_state);
}
