/****************
* This filter is used to collect a message digest
*/
int
md_filter( void *opaque, int control,
IOBUF a, byte *buf, size_t *ret_len)
{
size_t size = *ret_len;
md_filter_context_t *mfx = opaque;
int i, rc=0;
if( control == IOBUFCTRL_UNDERFLOW ) {
if( mfx->maxbuf_size && size > mfx->maxbuf_size )
size = mfx->maxbuf_size;
i = iobuf_read( a, buf, size );
if( i == -1 ) i = 0;
if( i ) {
gcry_md_write(mfx->md, buf, i );
if( mfx->md2 )
gcry_md_write(mfx->md2, buf, i );
}
else
rc = -1; /* eof */
*ret_len = i;
}
else if( control == IOBUFCTRL_DESC )
*(char**)buf = "md_filter";
return rc;
}
int journal_file_hmac_put_header(JournalFile *f) {
int r;
assert(f);
if (!f->seal)
return 0;
r = journal_file_hmac_start(f);
if (r < 0)
return r;
/* All but state+reserved, boot_id, arena_size,
* tail_object_offset, n_objects, n_entries,
* tail_entry_seqnum, head_entry_seqnum, entry_array_offset,
* head_entry_realtime, tail_entry_realtime,
* tail_entry_monotonic, n_data, n_fields, n_tags,
* n_entry_arrays. */
gcry_md_write(f->hmac, f->header->signature, offsetof(Header, state) - offsetof(Header, signature));
gcry_md_write(f->hmac, &f->header->file_id, offsetof(Header, boot_id) - offsetof(Header, file_id));
gcry_md_write(f->hmac, &f->header->seqnum_id, offsetof(Header, arena_size) - offsetof(Header, seqnum_id));
gcry_md_write(f->hmac, &f->header->data_hash_table_offset, offsetof(Header, tail_object_offset) - offsetof(Header, data_hash_table_offset));
return 0;
}
/* Implementation of SHA1-HMAC. We're rolling our own just to
* double-check that the calls libotr makes to libgcrypt are in fact
* doing the right thing. */
void sha1hmac(unsigned char digest[20], unsigned char key[20],
unsigned char *data, size_t datalen)
{
unsigned char ipad[64], opad[64];
size_t i;
gcry_md_hd_t sha1;
gcry_error_t err;
unsigned char hash[20];
memset(ipad, 0, 64);
memset(opad, 0, 64);
memmove(ipad, key, 20);
memmove(opad, key, 20);
for(i=0;i<64;++i) {
ipad[i] ^= 0x36;
opad[i] ^= 0x5c;
}
err = gcry_md_open(&sha1, GCRY_MD_SHA1, 0);
if (err) {
fprintf(stderr, "Error: %s\n", gcry_strerror(err));
exit(1);
}
gcry_md_write(sha1, ipad, 64);
gcry_md_write(sha1, data, datalen);
memmove(hash, gcry_md_read(sha1, 0), 20);
gcry_md_reset(sha1);
gcry_md_write(sha1, opad, 64);
gcry_md_write(sha1, hash, 20);
memmove(digest, gcry_md_read(sha1, 0), 20);
gcry_md_close(sha1);
}
/* final part of the hash */
static uint8_t *hash_finish( gcry_md_hd_t hd, signature_packet_t *p_sig )
{
if( p_sig->version == 3 )
{
gcry_md_putc( hd, p_sig->type );
gcry_md_write( hd, &p_sig->specific.v3.timestamp, 4 );
}
else if( p_sig->version == 4 )
{
gcry_md_putc( hd, p_sig->version );
gcry_md_putc( hd, p_sig->type );
gcry_md_putc( hd, p_sig->public_key_algo );
gcry_md_putc( hd, p_sig->digest_algo );
gcry_md_write( hd, p_sig->specific.v4.hashed_data_len, 2 );
size_t i_len = scalar_number( p_sig->specific.v4.hashed_data_len, 2 );
gcry_md_write( hd, p_sig->specific.v4.hashed_data, i_len );
gcry_md_putc( hd, 0x04 );
gcry_md_putc( hd, 0xFF );
i_len += 6; /* hashed data + 6 bytes header */
gcry_md_putc( hd, (i_len >> 24) & 0xff );
gcry_md_putc( hd, (i_len >> 16) & 0xff );
gcry_md_putc( hd, (i_len >> 8) & 0xff );
gcry_md_putc( hd, (i_len) & 0xff );
}
/* iTunes - Remote pairing hash */
static char *
itunes_pairing_hash(char *paircode, char *pin)
{
char hash[33];
char ebuf[64];
uint8_t *hash_bytes;
size_t hashlen;
gcry_md_hd_t hd;
gpg_error_t gc_err;
int i;
if (strlen(paircode) != 16)
{
DPRINTF(E_LOG, L_REMOTE, "Paircode length != 16, cannot compute pairing hash\n");
return NULL;
}
if (strlen(pin) != 4)
{
DPRINTF(E_LOG, L_REMOTE, "Pin length != 4, cannot compute pairing hash\n");
return NULL;
}
gc_err = gcry_md_open(&hd, GCRY_MD_MD5, 0);
if (gc_err != GPG_ERR_NO_ERROR)
{
gpg_strerror_r(gc_err, ebuf, sizeof(ebuf));
DPRINTF(E_LOG, L_REMOTE, "Could not open MD5: %s\n", ebuf);
return NULL;
}
gcry_md_write(hd, paircode, 16);
/* Add pin code characters on 16 bits - remember Mac OS X is
* all UTF-16 (wchar_t).
*/
for (i = 0; i < 4; i++)
{
gcry_md_write(hd, pin + i, 1);
gcry_md_write(hd, "\0", 1);
}
hash_bytes = gcry_md_read(hd, GCRY_MD_MD5);
if (!hash_bytes)
{
DPRINTF(E_LOG, L_REMOTE, "Could not read MD5 hash\n");
return NULL;
}
hashlen = gcry_md_get_algo_dlen(GCRY_MD_MD5);
for (i = 0; i < hashlen; i++)
sprintf(hash + (2 * i), "%02X", hash_bytes[i]);
gcry_md_close(hd);
return strdup(hash);
}
static void
check_one_md (int algo, char *data, int len, char *expect)
{
gcry_md_hd_t hd, hd2;
unsigned char *p;
int mdlen;
int i;
gcry_error_t err = 0;
err = gcry_md_open (&hd, algo, 0);
if (err)
{
fail ("algo %d, grcy_md_open failed: %s\n", algo, gpg_strerror (err));
return;
}
mdlen = gcry_md_get_algo_dlen (algo);
if (mdlen < 1 || mdlen > 500)
{
fail ("algo %d, grcy_md_get_algo_dlen failed: %d\n", algo, mdlen);
return;
}
if (*data == '!' && !data[1])
{ /* hash one million times a "a" */
char aaa[1000];
memset (aaa, 'a', 1000);
for (i = 0; i < 1000; i++)
gcry_md_write (hd, aaa, 1000);
}
else
gcry_md_write (hd, data, len);
err = gcry_md_copy (&hd2, hd);
if (err)
{
fail ("algo %d, gcry_md_copy failed: %s\n", algo, gpg_strerror (err));
}
gcry_md_close (hd);
p = gcry_md_read (hd2, algo);
if (memcmp (p, expect, mdlen))
{
printf ("computed: ");
for (i = 0; i < mdlen; i++)
printf ("%02x ", p[i] & 0xFF);
printf ("\nexpected: ");
for (i = 0; i < mdlen; i++)
printf ("%02x ", expect[i] & 0xFF);
printf ("\n");
fail ("algo %d, digest mismatch\n", algo);
}
gcry_md_close (hd2);
}
int journal_file_hmac_put_object(JournalFile *f, ObjectType type, Object *o, uint64_t p) {
int r;
assert(f);
if (!f->seal)
return 0;
r = journal_file_hmac_start(f);
if (r < 0)
return r;
if (!o) {
r = journal_file_move_to_object(f, type, p, &o);
if (r < 0)
return r;
} else {
if (type > OBJECT_UNUSED && o->object.type != type)
return -EBADMSG;
}
gcry_md_write(f->hmac, o, offsetof(ObjectHeader, payload));
switch (o->object.type) {
case OBJECT_DATA:
/* All but hash and payload are mutable */
gcry_md_write(f->hmac, &o->data.hash, sizeof(o->data.hash));
gcry_md_write(f->hmac, o->data.payload, le64toh(o->object.size) - offsetof(DataObject, payload));
break;
case OBJECT_FIELD:
/* Same here */
gcry_md_write(f->hmac, &o->field.hash, sizeof(o->field.hash));
gcry_md_write(f->hmac, o->field.payload, le64toh(o->object.size) - offsetof(FieldObject, payload));
break;
case OBJECT_ENTRY:
/* All */
gcry_md_write(f->hmac, &o->entry.seqnum, le64toh(o->object.size) - offsetof(EntryObject, seqnum));
break;
case OBJECT_FIELD_HASH_TABLE:
case OBJECT_DATA_HASH_TABLE:
case OBJECT_ENTRY_ARRAY:
/* Nothing: everything is mutable */
break;
case OBJECT_TAG:
/* All but the tag itself */
gcry_md_write(f->hmac, &o->tag.seqnum, sizeof(o->tag.seqnum));
gcry_md_write(f->hmac, &o->tag.epoch, sizeof(o->tag.epoch));
break;
default:
return -EINVAL;
}
return 0;
}
/* Creates an md5 signature of the concatenated parameters and adds it to keyval */
static int
param_sign(struct keyval *kv)
{
struct onekeyval *okv;
char hash[33];
char ebuf[64];
uint8_t *hash_bytes;
size_t hash_len;
gcry_md_hd_t md_hdl;
gpg_error_t gc_err;
int ret;
int i;
gc_err = gcry_md_open(&md_hdl, GCRY_MD_MD5, 0);
if (gc_err != GPG_ERR_NO_ERROR)
{
gpg_strerror_r(gc_err, ebuf, sizeof(ebuf));
DPRINTF(E_LOG, L_LASTFM, "Could not open MD5: %s\n", ebuf);
return -1;
}
for (okv = kv->head; okv; okv = okv->next)
{
gcry_md_write(md_hdl, okv->name, strlen(okv->name));
gcry_md_write(md_hdl, okv->value, strlen(okv->value));
}
gcry_md_write(md_hdl, lastfm_secret, strlen(lastfm_secret));
hash_bytes = gcry_md_read(md_hdl, GCRY_MD_MD5);
if (!hash_bytes)
{
DPRINTF(E_LOG, L_LASTFM, "Could not read MD5 hash\n");
return -1;
}
hash_len = gcry_md_get_algo_dlen(GCRY_MD_MD5);
for (i = 0; i < hash_len; i++)
sprintf(hash + (2 * i), "%02x", hash_bytes[i]);
ret = keyval_add(kv, "api_sig", hash);
gcry_md_close(md_hdl);
return ret;
}
std::vector<unsigned char> User::generateWHIRLPOOL(const std::string& password, std::vector<unsigned char>& salt)
{
std::vector<char> passwordBytes;
passwordBytes.insert(passwordBytes.begin(), password.begin(), password.end());
if(salt.empty())
{
std::random_device rd;
std::default_random_engine generator(rd());
std::uniform_int_distribution<unsigned char> distribution(0, 255);
auto randByte = std::bind(distribution, generator);
for(uint32_t i = 0; i < 16; ++i) salt.push_back(randByte());
}
passwordBytes.insert(passwordBytes.end(), salt.begin(), salt.end());
gcry_error_t result;
gcry_md_hd_t stribogHandle = nullptr;
if((result = gcry_md_open(&stribogHandle, GCRY_MD_WHIRLPOOL, 0)) != GPG_ERR_NO_ERROR)
{
GD::out.printError("Could not initialize WHIRLPOOL handle: " + GD::bl->hf.getGCRYPTError(result));
return std::vector<unsigned char>();
}
gcry_md_write(stribogHandle, &passwordBytes.at(0), passwordBytes.size());
gcry_md_final(stribogHandle);
uint8_t* digest = gcry_md_read(stribogHandle, GCRY_MD_WHIRLPOOL);
if(!digest)
{
GD::out.printError("Could not generate WHIRLPOOL of password: " + GD::bl->hf.getGCRYPTError(result));
gcry_md_close(stribogHandle);
return std::vector<unsigned char>();
}
std::vector<unsigned char> keyBytes(digest, digest + gcry_md_get_algo_dlen(GCRY_MD_WHIRLPOOL));
gcry_md_close(stribogHandle);
return keyBytes;
}
int hmac (char* key, int keyLength, char* outFile, long fileLength,
char** mac, int* macLength ){
DPRINT("\nin hmac.\n");
gcry_error_t err;
gcry_md_hd_t shahd;
DPRINT("opening hash\n");
err = gcry_md_open(&shahd, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
if(err){ return MD_OPEN_ERROR;}
DPRINT("setting key\n");
err = gcry_md_setkey(shahd, key, keyLength);
if(err){ return MD_SETKEY_ERROR;}
DPRINT("actually hashing\n");
DPRINT("%ld\n",fileLength);
gcry_md_write(shahd, outFile, fileLength);
DPRINT("done hashing\n");
*macLength = 32;
char* temp;
temp = gcry_md_read(shahd, GCRY_MD_SHA256);
DPRINT("preparing to read hash\n");
/*copy it over since closing shahd would free the mac.*/
*mac = (char*)(malloc(*macLength * sizeof(char)));
memcpy(*mac, temp, *macLength);
gcry_md_close(shahd);
return NONE;
}
uint64_t mageec::hash_data(const void *data, unsigned long size)
{
gcry_md_hd_t handle = NULL;
gcry_error_t err = 0;
unsigned char *hash = NULL;
uint64_t finalhash;
err = gcry_md_open (&handle, GCRY_MD_SHA256, 0);
if (err != 0)
return 0;
gcry_md_write(handle, data, size);
hash = gcry_md_read(handle, GCRY_MD_SHA256);
if (hash == NULL)
return 0;
/* XOR each 64-bit block to generate 64-bit hash */
finalhash = static_cast<uint64_t>(hash[0] ^ hash[8] ^ hash[16] ^ hash[24]) << 56;
finalhash |= static_cast<uint64_t>(hash[1] ^ hash[9] ^ hash[17] ^ hash[25]) << 48;
finalhash |= static_cast<uint64_t>(hash[2] ^ hash[10] ^ hash[18] ^ hash[26]) << 40;
finalhash |= static_cast<uint64_t>(hash[3] ^ hash[11] ^ hash[19] ^ hash[27]) << 32;
finalhash |= static_cast<uint64_t>(hash[4] ^ hash[12] ^ hash[20] ^ hash[28]) << 24;
finalhash |= static_cast<uint64_t>(hash[5] ^ hash[13] ^ hash[21] ^ hash[29]) << 16;
finalhash |= static_cast<uint64_t>(hash[6] ^ hash[14] ^ hash[22] ^ hash[30]) << 8;
finalhash |= static_cast<uint64_t>(hash[7] ^ hash[15] ^ hash[23] ^ hash[31]);
return finalhash;
}
/**
* File hashing task.
*
* @param cls closure
* @param tc context
*/
static void
file_hash_task (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
{
struct GNUNET_CRYPTO_FileHashContext *fhc = cls;
struct GNUNET_HashCode *res;
size_t delta;
fhc->task = GNUNET_SCHEDULER_NO_TASK;
GNUNET_assert (fhc->offset <= fhc->fsize);
delta = fhc->bsize;
if (fhc->fsize - fhc->offset < delta)
delta = fhc->fsize - fhc->offset;
if (delta != GNUNET_DISK_file_read (fhc->fh, fhc->buffer, delta))
{
LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "read", fhc->filename);
file_hash_finish (fhc, NULL);
return;
}
gcry_md_write (fhc->md, fhc->buffer, delta);
fhc->offset += delta;
if (fhc->offset == fhc->fsize)
{
res = (struct GNUNET_HashCode *) gcry_md_read (fhc->md, GCRY_MD_SHA512);
file_hash_finish (fhc, res);
return;
}
fhc->task = GNUNET_SCHEDULER_add_with_priority (fhc->priority,
&file_hash_task, fhc);
}
char * get_hmac(char * cipher, char * key, size_t length){
/* Generating hmac from the encrypted content
GCRY_MD_SHA512 - Algo
flags or of GCRY_MD_FLAG_SECURE | GCRY_MD_FLAG_HMAC
indicating that its secure mode and we need HMAC
*/
gcry_error_t err;
gcry_md_hd_t hm;
err = gcry_md_open(&hm, GCRY_MD_SHA512, GCRY_MD_FLAG_SECURE | GCRY_MD_FLAG_HMAC);
if(err != GPG_ERR_NO_ERROR){
printf ("Error at opening handle for hmac: %s\n",gcry_strerror(err));
exit(-1);
}
err = gcry_md_enable(hm,GCRY_MD_SHA512);
err = gcry_md_setkey(hm, key,KEYLENGTH_SHA );
if(err != GPG_ERR_NO_ERROR){
printf ("Error at setting key: %s\n",gcry_strerror(err));
exit(-1);
}
// generating the HMAC using the cipher text
gcry_md_write(hm,cipher,length);
gcry_md_final(hm);
// printf("\nlength: %lu\n",length);
char * hmac;
hmac = gcry_md_read(hm , GCRY_MD_SHA512 );
if(hmac == NULL ){
printf ("hmac null ?\n");
// exit(-1);
}
// print_buf(hmac,64); // debug
// printf("hmac length : %lu\n",strlen(hmac)); // debug to check hmac length should be 64
return hmac;
}
int
rasqal_digest_buffer(rasqal_digest_type type, unsigned char *output,
const unsigned char * const input, size_t len)
{
gcry_md_hd_t hash;
enum gcry_md_algos algo;
unsigned int output_len;
if(type > RASQAL_DIGEST_LAST)
return -1;
algo = rasqal_digest_to_gcry_md_algos[type];
if(algo == GCRY_MD_NONE)
return -1;
output_len = gcry_md_get_algo_dlen(algo);
if(!input)
return output_len;
if(gcry_md_open(&hash, algo, 0))
return -1;
gcry_md_write(hash, input, len);
gcry_md_final(hash);
memcpy(output, gcry_md_read(hash, algo), output_len);
gcry_md_close(hash);
return output_len;
}
Gc_rc
gc_sha1 (const void *in, size_t inlen, void *resbuf)
{
size_t outlen = gcry_md_get_algo_dlen (GCRY_MD_SHA1);
gcry_md_hd_t hd;
gpg_error_t err;
unsigned char *p;
assert (outlen == GC_SHA1_DIGEST_SIZE);
err = gcry_md_open (&hd, GCRY_MD_SHA1, 0);
if (err != GPG_ERR_NO_ERROR)
return GC_INVALID_HASH;
gcry_md_write (hd, in, inlen);
p = gcry_md_read (hd, GCRY_MD_SHA1);
if (p == NULL)
{
gcry_md_close (hd);
return GC_INVALID_HASH;
}
memcpy (resbuf, p, outlen);
gcry_md_close (hd);
return GC_OK;
}
int update_md(struct md_container* md,void* data,ssize_t size) {
int i;
error(255,"update_md called\n");
#ifdef _PARAMETER_CHECK_
if (md==NULL||data==NULL) {
return RETFAIL;
}
#endif
#ifdef WITH_MHASH
for(i=0;i<=HASH_MHASH_COUNT;i++) {
if (md->mhash_mdh[i]!=MHASH_FAILED) {
mhash (md->mhash_mdh[i], data, size);
}
}
#endif /* WITH_MHASH */
#ifdef WITH_GCRYPT
gcry_md_write(md->mdh, data, size);
#endif
return RETOK;
}
/* Hash the data for a detached signature. Returns 0 on success. */
static gpg_error_t
hash_data (int fd, gcry_md_hd_t md)
{
gpg_error_t err = 0;
FILE *fp;
char buffer[4096];
int nread;
fp = fdopen ( dup (fd), "rb");
if (!fp)
{
err = gpg_error_from_syserror ();
log_error ("fdopen(%d) failed: %s\n", fd, gpg_strerror (err));
return err;
}
do
{
nread = fread (buffer, 1, DIM(buffer), fp);
gcry_md_write (md, buffer, nread);
}
while (nread);
if (ferror (fp))
{
err = gpg_error_from_syserror ();
log_error ("read error on fd %d: %s\n", fd, gpg_strerror (err));
}
fclose (fp);
return err;
}
extern ssize_t io_read(IO_HANDLE f, void *d, size_t l)
{
io_private_t *io_ptr = f;
if (!io_ptr || io_ptr->fd < 0)
return errno = EBADF , -1;
ssize_t r = 0;
switch (io_ptr->operation)
{
case IO_LZMA:
if (!io_ptr->lzma_init)
io_do_decompress(io_ptr);
r = lzma_read(io_ptr, d, l);
break;
case IO_ENCRYPT:
r = enc_read(io_ptr, d, l);
break;
case IO_DEFAULT:
r = ecc_read(io_ptr, d, l);
break;
default:
errno = EINVAL;
r = -1;
break;
}
if (r >= 0 && io_ptr->hash_init)
gcry_md_write(io_ptr->hash_handle, d, r);
return r;
}
/* deterministically generate from seed/idx a string of buflen pseudorandom bytes */
static void det_randomize(void *buf, size_t buflen, const void *seed, size_t seedlen, uint32_t idx) {
gcry_md_hd_t hd, hd2;
size_t olen, cpylen;
uint32_t ctr;
olen = gcry_md_get_algo_dlen(RND_HASH);
gcry_md_open(&hd, RND_HASH, 0);
gcry_md_write(hd, seed, seedlen);
gcry_md_putc(hd, (idx >> 24) & 0xff);
gcry_md_putc(hd, (idx >> 16) & 0xff);
gcry_md_putc(hd, (idx >> 8) & 0xff);
gcry_md_putc(hd, (idx >> 0) & 0xff);
for (ctr = 0; buflen; ctr++) {
gcry_md_copy(&hd2, hd);
gcry_md_putc(hd2, (ctr >> 24) & 0xff);
gcry_md_putc(hd2, (ctr >> 16) & 0xff);
gcry_md_putc(hd2, (ctr >> 8) & 0xff);
gcry_md_putc(hd2, (ctr >> 0) & 0xff);
gcry_md_final(hd2);
cpylen = (buflen < olen) ? buflen : olen;
memcpy(buf, gcry_md_read(hd2, RND_HASH), cpylen);
gcry_md_close(hd2);
buf += cpylen;
buflen -= cpylen;
}
gcry_md_close(hd);
}
/*********************************************************************
*
* DES KW implementation
*
*********************************************************************/
static int
xmlSecGCryptKWDes3Sha1(void * context,
const xmlSecByte * in, xmlSecSize inSize,
xmlSecByte * out, xmlSecSize outSize) {
xmlSecGCryptKWDes3CtxPtr ctx = (xmlSecGCryptKWDes3CtxPtr)context;
gcry_md_hd_t digestCtx;
unsigned char * res;
unsigned int len;
gcry_error_t err;
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize > 0, -1);
len = gcry_md_get_algo_dlen(GCRY_MD_SHA1);
xmlSecAssert2(outSize >= len, -1);
err = gcry_md_open(&digestCtx, GCRY_MD_SHA1, GCRY_MD_FLAG_SECURE); /* we are paranoid */
if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_md_open(GCRY_MD_SHA1)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_GCRYPT_REPORT_ERROR(err));
return(-1);
}
gcry_md_write(digestCtx, in, inSize);
err = gcry_md_final(digestCtx);
if(err != GPG_ERR_NO_ERROR) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_md_final",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_GCRYPT_REPORT_ERROR(err));
gcry_md_close(digestCtx);
return(-1);
}
res = gcry_md_read(digestCtx, GCRY_MD_SHA1);
if(res == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"gcry_md_read(GCRY_MD_SHA1)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
gcry_md_close(digestCtx);
return(-1);
}
/* done */
xmlSecAssert2(outSize >= len, -1);
memcpy(out, res, len);
gcry_md_close(digestCtx);
return(len);
}
int
_mesa_sha1_update(struct mesa_sha1 *ctx, const void *data, int size)
{
gcry_md_hd_t h = (gcry_md_hd_t) ctx;
gcry_md_write(h, data, size);
return 1;
}
void z_digest_hash_write(void *hdl, const void *buffer, z_int_t length) /* z_proto, z_func z_digest_hash_write */
{
#ifdef HAVE_GCRYPT_H
gcry_md_hd_t *gcry_hdl = hdl;
gcry_md_write(*gcry_hdl, buffer, length);
#endif
}
static void
bench_hash_do_bench (struct bench_obj *obj, void *buf, size_t buflen)
{
gcry_md_hd_t hd = obj->priv;
gcry_md_reset (hd);
gcry_md_write (hd, buf, buflen);
gcry_md_final (hd);
}
void update(const char* data, int len)
{
TORRENT_ASSERT(data != 0);
TORRENT_ASSERT(len > 0);
#ifdef TORRENT_USE_GCRYPT
gcry_md_write(m_context, data, len);
#else
SHA1_Update(&m_context, reinterpret_cast<unsigned char const*>(data), len);
#endif
}
void hash_update(
void* d,
const char* buffer,
size_t bufsize)
{
gcry_md_hd_t ctx = (gcry_md_hd_t)d;
// Update with the provided block.
gcry_md_write(ctx, buffer, bufsize);
}
int
P_hash(const char *digest, unsigned char *dest, int dlen, unsigned char *secret, int sslen,
unsigned char *seed, int slen)
{
unsigned char hmac[48];
uint32_t hlen;
gcry_md_hd_t md;
uint32_t tmpslen;
unsigned char tmpseed[slen];
unsigned char *out = dest;
int pending = dlen;
int algo = gcry_md_map_name(digest);
int algolen = gcry_md_get_algo_dlen(algo);
// Copy initial seed
memcpy(tmpseed, seed, slen);
tmpslen = slen;
// Calculate enough data to fill destination
while (pending > 0) {
gcry_md_open(&md, algo, GCRY_MD_FLAG_HMAC);
gcry_md_setkey(md, secret, sslen);
gcry_md_write(md, tmpseed, tmpslen);
memcpy(tmpseed, gcry_md_read(md, algo), algolen);
tmpslen = algolen;
gcry_md_close(md);
gcry_md_open(&md, algo, GCRY_MD_FLAG_HMAC);
gcry_md_setkey(md, secret, sslen);
gcry_md_write(md, tmpseed, tmpslen);
gcry_md_write(md, seed, slen);
memcpy(hmac, gcry_md_read(md, algo), algolen);
hlen = algolen;
hlen = (hlen > pending) ? pending : hlen;
memcpy(out, hmac, hlen);
out += hlen;
pending -= hlen;
}
return hlen;
}
static void
hash_mpi (gcry_md_hd_t md, gcry_mpi_t a)
{
byte buf[512];
size_t n;
if (gcry_mpi_print (GCRYMPI_FMT_SSH, buf, sizeof buf - 1, &n, a))
_gsti_log_info (0, "Oops: MPI too large for hashing\n");
else
gcry_md_write (md, buf, n);
}
void digestsha1(const struct iovec *iov, int iovcnt, void *dest)
{
gcry_md_hd_t c;
int i;
gcry_md_open(&c, GCRY_MD_SHA1, 0);
for (i = 0; i < iovcnt; i++)
gcry_md_write(c, iov[i].iov_base, iov[i].iov_len);
gcry_md_final(c);
memcpy(dest, gcry_md_read(c, 0), gcry_md_get_algo_dlen(GCRY_MD_SHA1));
}
static void
hash_32bit (gcry_md_hd_t md, unsigned a)
{
byte tmp[4];
tmp[0] = a >> 24;
tmp[1] = a >> 16;
tmp[2] = a >> 8;
tmp[3] = a >> 0;
gcry_md_write (md, tmp, 4);
}
gchar *
xfce_mailwatch_cram_md5(const gchar *username,
const gchar *password,
const gchar *challenge_base64)
{
#ifdef HAVE_SSL_SUPPORT
gchar challenge[2048];
gsize len, username_len;
gcry_md_hd_t hmac_md5;
gchar *response, *response_base64 = NULL;
g_return_val_if_fail(username && *username && password && *password
&& challenge_base64 && *challenge_base64, NULL);
len = xfce_mailwatch_base64_decode(challenge_base64, (guchar *)challenge,
sizeof(challenge) - 1);
if(len <= 0)
return NULL;
challenge[len] = 0;
DBG("challenge is \"%s\"\n", challenge);
if(gcry_md_open(&hmac_md5, GCRY_MD_MD5, GCRY_MD_FLAG_HMAC) != GPG_ERR_NO_ERROR)
return NULL;
gcry_md_setkey(hmac_md5, password, strlen(password));
gcry_md_write(hmac_md5, challenge, len);
gcry_md_final(hmac_md5);
username_len = strlen(username);
/* username + a space + MD5 in hex + null */
response = g_malloc0(username_len + 1
+ gcry_md_get_algo_dlen(GCRY_MD_MD5)*2 + 1);
strcpy(response, username);
response[username_len] = ' ';
bin2hex(response + username_len + 1, gcry_md_read(hmac_md5, GCRY_MD_MD5),
gcry_md_get_algo_dlen(GCRY_MD_MD5));
gcry_md_close(hmac_md5);
DBG("response before base64: %s\n", response);
if(xfce_mailwatch_base64_encode((guchar *)response, strlen(response),
&response_base64) <= 0)
{
g_free(response_base64);
response_base64 = NULL;
}
g_free(response);
return response_base64;
#else
g_warning("CRAM-MD5 computation unavailable: libmailwatch was not compiled with gnutls support.");
return NULL;
#endif
}
