void getPassword(void) { char buf[kMaxPasswordLen+kPwdSaltLen]; size_t bufLen; unsigned char hash[CC_SHA256_BLOCK_BYTES]; uint8_t salt[kPwdSaltLen]; int fd; off_t rv; if (!isZero(passwordHash, sizeof(passwordHash))) { if (isZero(password, sizeof(password))) { do { readpassphrase("password: "******"incorrect password\n"); sleep(1); } } while (memcmp(hash, passwordHash, CC_SHA256_BLOCK_BYTES)); } } else { do { readpassphrase("password: "******"password is too short\n\n"); continue; } readpassphrase("repeat password: "******"passwords do not match\n\n"); } while (strcmp(password, buf)); getSalt(salt, kPwdSaltLen); bufLen = strlen(buf); memcpy(&buf[bufLen], salt, kPwdSaltLen); memset(passwordHash, 0, CC_SHA256_BLOCK_BYTES); CC_SHA512(buf, (int)bufLen+kPwdSaltLen, passwordHash); memcpy(&passwordHash[CC_SHA256_BLOCK_BYTES], salt, kPwdSaltLen); fd = open(getSaltsPath(), O_RDWR|O_CREAT, 0600); if (fd >= 0) { rv = lseek(fd, sizeof(redsideSalts), SEEK_SET); rv = write(fd, passwordHash, CC_SHA256_BLOCK_BYTES+kPwdSaltLen); rv = close(fd); } else { printf("cannot save password hash\n"); } } }
void SHA512(sLONG_PTR *pResult, PackagePtr pParams) { C_BLOB Param1; C_LONGINT Param2; C_TEXT returnValue; Param1.fromParamAtIndex(pParams, 1); Param2.fromParamAtIndex(pParams, 2); uint8_t *buf = (uint8_t *)calloc(64, sizeof(uint8_t)); CC_SHA512((unsigned char *)Param1.getBytesPtr(), Param1.getBytesLength(), buf); C_BLOB temp; temp.setBytes((const uint8_t *)buf, 64); switch (Param2.getIntValue()) { case 1: temp.toB64Text(&returnValue); break; default: temp.toHexText(&returnValue); break; } free(buf); returnValue.setReturn(pResult); }
void ed25519_create_privatekey(unsigned char *private_key, const unsigned char *seed) { CC_SHA512(seed, 64, private_key); private_key[0] &= 248; private_key[31] &= 63; private_key[31] |= 64; }
C4Err HASH_DO(HASH_Algorithm algorithm, const unsigned char *in, unsigned long inlen, unsigned long outLen, uint8_t *out) { C4Err err = kC4Err_NoErr; HASH_ContextRef hashRef = kInvalidHASH_ContextRef; uint8_t hashBuf[128]; uint8_t *p = (outLen < sizeof(hashBuf))?hashBuf:out; #if _USES_COMMON_CRYPTO_ /* use apple algorithms if possible*/ switch(algorithm) { case kHASH_Algorithm_MD5: CC_MD5(in, (CC_LONG) inlen, hashBuf); goto complete; break; case kHASH_Algorithm_SHA1: CC_SHA1(in, (CC_LONG) inlen, hashBuf); goto complete; break; case kHASH_Algorithm_SHA224: CC_SHA224(in, (CC_LONG) inlen, hashBuf); goto complete; break; case kHASH_Algorithm_SHA256: CC_SHA256(in, (CC_LONG) inlen, hashBuf); goto complete; break; case kHASH_Algorithm_SHA384: CC_SHA384(in, (CC_LONG) inlen, hashBuf); goto complete; break; case kHASH_Algorithm_SHA512: CC_SHA512(in, (CC_LONG) inlen, hashBuf); goto complete; break; default: break; } #endif err = HASH_Init( algorithm, & hashRef); CKERR; err = HASH_Update( hashRef, in, inlen); CKERR; err = HASH_Final( hashRef, p); CKERR; complete: if((err == kC4Err_NoErr) & (p!= out)) COPY(hashBuf, out, outLen); done: if(!IsNull(hashRef)) HASH_Free(hashRef); return err; }