// Let derIssuer be the DER encoding of the issuer of aCert. // Let derPublicKey be the DER encoding of the public key of aIssuerCert. // Let serialNumber be the bytes of the serial number of aCert. // The value calculated is SHA384(derIssuer || derPublicKey || serialNumber). // Because the DER encodings include the length of the data encoded, // there do not exist A(derIssuerA, derPublicKeyA, serialNumberA) and // B(derIssuerB, derPublicKeyB, serialNumberB) such that the concatenation of // each triplet results in the same string of bytes but where each part in A is // not equal to its counterpart in B. This is important because as a result it // is computationally infeasible to find collisions that would subvert this // cache (given that SHA384 is a cryptographically-secure hash function). static SECStatus CertIDHash(SHA384Buffer& buf, const CERTCertificate* aCert, const CERTCertificate* aIssuerCert) { ScopedPK11Context context(PK11_CreateDigestContext(SEC_OID_SHA384)); if (!context) { return SECFailure; } SECStatus rv = PK11_DigestBegin(context.get()); if (rv != SECSuccess) { return rv; } rv = PK11_DigestOp(context.get(), aCert->derIssuer.data, aCert->derIssuer.len); if (rv != SECSuccess) { return rv; } rv = PK11_DigestOp(context.get(), aIssuerCert->derPublicKey.data, aIssuerCert->derPublicKey.len); if (rv != SECSuccess) { return rv; } rv = PK11_DigestOp(context.get(), aCert->serialNumber.data, aCert->serialNumber.len); if (rv != SECSuccess) { return rv; } uint32_t outLen = 0; rv = PK11_DigestFinal(context.get(), buf, &outLen, SHA384_LENGTH); if (outLen != SHA384_LENGTH) { return SECFailure; } return rv; }
// Let derIssuer be the DER encoding of the issuer of aCert. // Let derPublicKey be the DER encoding of the public key of aIssuerCert. // Let serialNumber be the bytes of the serial number of aCert. // The value calculated is SHA384(derIssuer || derPublicKey || serialNumber). // Because the DER encodings include the length of the data encoded, // there do not exist A(derIssuerA, derPublicKeyA, serialNumberA) and // B(derIssuerB, derPublicKeyB, serialNumberB) such that the concatenation of // each triplet results in the same string of bytes but where each part in A is // not equal to its counterpart in B. This is important because as a result it // is computationally infeasible to find collisions that would subvert this // cache (given that SHA384 is a cryptographically-secure hash function). static SECStatus CertIDHash(SHA384Buffer& buf, const CertID& certID) { ScopedPK11Context context(PK11_CreateDigestContext(SEC_OID_SHA384)); if (!context) { return SECFailure; } SECStatus rv = PK11_DigestBegin(context.get()); if (rv != SECSuccess) { return rv; } rv = PK11_DigestOp(context.get(), certID.issuer.data, certID.issuer.len); if (rv != SECSuccess) { return rv; } rv = PK11_DigestOp(context.get(), certID.issuerSubjectPublicKeyInfo.data, certID.issuerSubjectPublicKeyInfo.len); if (rv != SECSuccess) { return rv; } rv = PK11_DigestOp(context.get(), certID.serialNumber.data, certID.serialNumber.len); if (rv != SECSuccess) { return rv; } uint32_t outLen = 0; rv = PK11_DigestFinal(context.get(), buf, &outLen, SHA384_LENGTH); if (outLen != SHA384_LENGTH) { return SECFailure; } return rv; }
gboolean crypto_md5_hash (const char *salt, const gsize salt_len, const char *password, gsize password_len, char *buffer, gsize buflen, GError **error) { PK11Context *ctx; int nkey = buflen; unsigned int digest_len; int count = 0; char digest[MD5_HASH_LEN]; char *p = buffer; if (salt) g_return_val_if_fail (salt_len >= 8, FALSE); g_return_val_if_fail (password != NULL, FALSE); g_return_val_if_fail (password_len > 0, FALSE); g_return_val_if_fail (buffer != NULL, FALSE); g_return_val_if_fail (buflen > 0, FALSE); ctx = PK11_CreateDigestContext (SEC_OID_MD5); if (!ctx) { g_set_error (error, NM_CRYPTO_ERROR, NM_CRYPTO_ERR_MD5_INIT_FAILED, _("Failed to initialize the MD5 context: %d."), PORT_GetError ()); return FALSE; } while (nkey > 0) { int i = 0; PK11_DigestBegin (ctx); if (count++) PK11_DigestOp (ctx, (const unsigned char *) digest, digest_len); PK11_DigestOp (ctx, (const unsigned char *) password, password_len); if (salt) PK11_DigestOp (ctx, (const unsigned char *) salt, 8); /* Only use 8 bytes of salt */ PK11_DigestFinal (ctx, (unsigned char *) digest, &digest_len, sizeof (digest)); while (nkey && (i < digest_len)) { *(p++) = digest[i++]; nkey--; } } memset (digest, 0, sizeof (digest)); PK11_DestroyContext (ctx, PR_TRUE); return TRUE; }
/* * J A R _ d i g e s t _ f i l e * * Calculates the MD5 and SHA1 digests for a file * present on disk, and returns these in JAR_Digest struct. * */ int JAR_digest_file (char *filename, JAR_Digest *dig) { JAR_FILE fp; PK11Context *md5 = 0; PK11Context *sha1 = 0; unsigned char *buf = (unsigned char *) PORT_ZAlloc (FILECHUNQ); int num; unsigned int md5_length, sha1_length; if (buf == NULL) { /* out of memory */ return JAR_ERR_MEMORY; } if ((fp = JAR_FOPEN (filename, "rb")) == 0) { /* perror (filename); FIX XXX XXX XXX XXX XXX XXX */ PORT_Free (buf); return JAR_ERR_FNF; } md5 = PK11_CreateDigestContext (SEC_OID_MD5); sha1 = PK11_CreateDigestContext (SEC_OID_SHA1); if (md5 == NULL || sha1 == NULL) { /* can't generate digest contexts */ PORT_Free (buf); JAR_FCLOSE (fp); return JAR_ERR_GENERAL; } PK11_DigestBegin (md5); PK11_DigestBegin (sha1); while (1) { if ((num = JAR_FREAD (fp, buf, FILECHUNQ)) == 0) break; PK11_DigestOp (md5, buf, num); PK11_DigestOp (sha1, buf, num); } PK11_DigestFinal (md5, dig->md5, &md5_length, MD5_LENGTH); PK11_DigestFinal (sha1, dig->sha1, &sha1_length, SHA1_LENGTH); PK11_DestroyContext (md5, PR_TRUE); PK11_DestroyContext (sha1, PR_TRUE); PORT_Free (buf); JAR_FCLOSE (fp); return 0; }
static void cpg_deliver_fn ( cpg_handle_t handle, const struct cpg_name *group_name, uint32_t nodeid, uint32_t pid, void *m, size_t msg_len) { const struct my_msg *msg2 = m; unsigned char sha1_compare[20]; unsigned int i; unsigned int sha1_len; printf ("msg '%s'\n", msg2->buffer); PK11_DigestBegin(sha1_context); PK11_DigestOp(sha1_context, msg2->buffer, msg2->msg_size); PK11_DigestFinal(sha1_context, sha1_compare, &sha1_len, sizeof(sha1_compare)); printf ("SIZE %d HASH: ", msg2->msg_size); for (i = 0; i < 20; i++) { printf ("%x", sha1_compare[i]); } printf ("\n"); if (memcmp (sha1_compare, msg2->sha1, 20) != 0) { printf ("incorrect hash\n"); exit (1); } deliveries++; }
/*********************************************************************** * * PK11MessageDigest.update * */ JNIEXPORT void JNICALL Java_org_mozilla_jss_pkcs11_PK11MessageDigest_update (JNIEnv *env, jclass clazz, jobject proxyObj, jbyteArray inbufBA, jint offset, jint len) { PK11Context *context = NULL; jbyte* bytes = NULL; if( JSS_PK11_getCipherContext(env, proxyObj, &context) != PR_SUCCESS ) { /* exception was thrown */ goto finish; } PR_ASSERT( (*env)->GetArrayLength(env, inbufBA) >= offset+len ); bytes = (*env)->GetByteArrayElements(env, inbufBA, NULL); if( bytes == NULL ) { ASSERT_OUTOFMEM(env); goto finish; } if( PK11_DigestOp(context, (unsigned char*)(bytes+offset), len) != SECSuccess ) { JSS_throwMsg(env, DIGEST_EXCEPTION, "Digest operation failed"); goto finish; } finish: if(bytes) { (*env)->ReleaseByteArrayElements(env, inbufBA, bytes, JNI_ABORT); } }
char *oauth_body_hash_data(size_t length, const char *data) { PK11SlotInfo *slot = NULL; PK11Context *context = NULL; unsigned char digest[20]; // Is there a way to tell how large the output is? unsigned int len; SECStatus s; char *rv=NULL; oauth_init_nss(); slot = PK11_GetInternalKeySlot(); if (!slot) goto looser; context = PK11_CreateDigestContext(SEC_OID_SHA1); if (!context) goto looser; s = PK11_DigestBegin(context); if (s != SECSuccess) goto looser; s = PK11_DigestOp(context, (unsigned char*) data, length); if (s != SECSuccess) goto looser; s = PK11_DigestFinal(context, digest, &len, sizeof digest); if (s != SECSuccess) goto looser; unsigned char *dgst = xmalloc(len*sizeof(char)); // oauth_body_hash_encode frees the digest.. memcpy(dgst, digest, len); rv=oauth_body_hash_encode(len, dgst); looser: if (context) PK11_DestroyContext(context, PR_TRUE); if (slot) PK11_FreeSlot(slot); return rv; }
void sha512_write(sha512_context *ctx, const unsigned char *datap, int length) { SECStatus status = PK11_DigestOp(ctx->ctx_nss, datap, length); PR_ASSERT(status == SECSuccess); DBG(DBG_CRYPT, DBG_log("NSS: sha512 write end")); }
void hmac_final(u_char *output, struct hmac_ctx *ctx) { unsigned int outlen = 0; SECStatus status = PK11_DigestFinal(ctx->ctx_nss, output, &outlen, ctx->hmac_digest_len); PR_ASSERT(status == SECSuccess); PR_ASSERT(outlen == ctx->hmac_digest_len); PK11_DestroyContext(ctx->ctx_nss, PR_TRUE); ctx->ctx_nss = NULL; ctx->ctx_nss = PK11_CreateDigestContext(nss_hash_oid(ctx->h)); PR_ASSERT(ctx->ctx_nss != NULL); status = PK11_DigestBegin(ctx->ctx_nss); PR_ASSERT(status == SECSuccess); status = PK11_DigestKey(ctx->ctx_nss, ctx->okey); PR_ASSERT(status == SECSuccess); status = PK11_DigestOp(ctx->ctx_nss, output, outlen); PR_ASSERT(status == SECSuccess); status = PK11_DigestFinal(ctx->ctx_nss, output, &outlen, ctx->hmac_digest_len); PR_ASSERT(status == SECSuccess); PR_ASSERT(outlen == ctx->hmac_digest_len); PK11_DestroyContext(ctx->ctx_nss, PR_TRUE); if (ctx->ikey != NULL) PK11_FreeSymKey(ctx->ikey); if (ctx->okey != NULL) PK11_FreeSymKey(ctx->okey); /* DBG(DBG_CRYPT, DBG_log("NSS: hmac final end")); */ }
/* MAC is generated per PKCS 12 section 6. It is expected that key, msg * and mac_dest are pre allocated, non-NULL arrays. msg_len is passed in * because it is not known how long the message actually is. String * manipulation routines will not necessarily work because msg may have * imbedded NULLs */ SECItem * sec_pkcs12_generate_mac(SECItem *key, SECItem *msg, PRBool old_method) { SECStatus res = SECFailure; SECItem *mac = NULL; PK11Context *pk11cx = NULL; SECItem ignore = {0}; if((key == NULL) || (msg == NULL)) { return NULL; } if(old_method == PR_TRUE) { return sec_pkcs12_generate_old_mac(key, msg); } /* allocate return item */ mac = SECITEM_AllocItem(NULL, NULL, SHA1_LENGTH); if (mac == NULL) { return NULL; } pk11cx = PK11_CreateContextByRawKey(NULL, CKM_SHA_1_HMAC, PK11_OriginDerive, CKA_SIGN, key, &ignore, NULL); if (pk11cx == NULL) { goto loser; } res = PK11_DigestBegin(pk11cx); if (res == SECFailure) { goto loser; } res = PK11_DigestOp(pk11cx, msg->data, msg->len); if (res == SECFailure) { goto loser; } res = PK11_DigestFinal(pk11cx, mac->data, &mac->len, SHA1_LENGTH); if (res == SECFailure) { goto loser; } PK11_DestroyContext(pk11cx, PR_TRUE); pk11cx = NULL; loser: if(res != SECSuccess) { SECITEM_ZfreeItem(mac, PR_TRUE); mac = NULL; if (pk11cx) { PK11_DestroyContext(pk11cx, PR_TRUE); } } return mac; }
int sxi_hmac_sha1_update(sxi_hmac_sha1_ctx *ctx, const void *d, int len) { if (!ctx) return 0; if (PK11_DigestOp(ctx->context, d, len) != SECSuccess) return 0; return 1; }
// Let derIssuer be the DER encoding of the issuer of aCert. // Let derPublicKey be the DER encoding of the public key of aIssuerCert. // Let serialNumber be the bytes of the serial number of aCert. // The value calculated is SHA384(derIssuer || derPublicKey || serialNumber). // Because the DER encodings include the length of the data encoded, // there do not exist A(derIssuerA, derPublicKeyA, serialNumberA) and // B(derIssuerB, derPublicKeyB, serialNumberB) such that the concatenation of // each triplet results in the same string of bytes but where each part in A is // not equal to its counterpart in B. This is important because as a result it // is computationally infeasible to find collisions that would subvert this // cache (given that SHA384 is a cryptographically-secure hash function). static SECStatus CertIDHash(SHA384Buffer& buf, const CertID& certID, const char* aIsolationKey) { ScopedPK11Context context(PK11_CreateDigestContext(SEC_OID_SHA384)); if (!context) { return SECFailure; } SECStatus rv = PK11_DigestBegin(context.get()); if (rv != SECSuccess) { return rv; } SECItem certIDIssuer = UnsafeMapInputToSECItem(certID.issuer); rv = PK11_DigestOp(context.get(), certIDIssuer.data, certIDIssuer.len); if (rv != SECSuccess) { return rv; } SECItem certIDIssuerSubjectPublicKeyInfo = UnsafeMapInputToSECItem(certID.issuerSubjectPublicKeyInfo); rv = PK11_DigestOp(context.get(), certIDIssuerSubjectPublicKeyInfo.data, certIDIssuerSubjectPublicKeyInfo.len); if (rv != SECSuccess) { return rv; } SECItem certIDSerialNumber = UnsafeMapInputToSECItem(certID.serialNumber); rv = PK11_DigestOp(context.get(), certIDSerialNumber.data, certIDSerialNumber.len); if (rv != SECSuccess) { return rv; } if (aIsolationKey) { rv = PK11_DigestOp(context.get(), (const unsigned char*) aIsolationKey, strlen(aIsolationKey)); if (rv != SECSuccess) { return rv; } } uint32_t outLen = 0; rv = PK11_DigestFinal(context.get(), buf, &outLen, SHA384_LENGTH); if (outLen != SHA384_LENGTH) { return SECFailure; } return rv; }
void Curl_nss_md5sum(unsigned char *tmp, /* input */ size_t tmplen, unsigned char *md5sum, /* output */ size_t md5len) { PK11Context *MD5pw = PK11_CreateDigestContext(SEC_OID_MD5); unsigned int MD5out; PK11_DigestOp(MD5pw, tmp, curlx_uztoui(tmplen)); PK11_DigestFinal(MD5pw, md5sum, &MD5out, curlx_uztoui(md5len)); PK11_DestroyContext(MD5pw, PR_TRUE); }
void hmac_update(struct hmac_ctx *ctx, const u_char *data, size_t data_len) { DBG(DBG_CRYPT, DBG_dump("hmac_update data value: ", data, data_len)); if (data_len > 0) { DBG(DBG_CRYPT, DBG_log("hmac_update: inside if")); SECStatus status = PK11_DigestOp(ctx->ctx_nss, data, data_len); DBG(DBG_CRYPT, DBG_log("hmac_update: after digest")); PR_ASSERT(status == SECSuccess); DBG(DBG_CRYPT, DBG_log("hmac_update: after assert")); } }
static void delivery_callback ( cpg_handle_t handle, const struct cpg_name *groupName, uint32_t nodeid, uint32_t pid, void *msg, size_t msg_len) { log_entry_t *log_pt; msg_t *msg_pt = (msg_t*)msg; msg_status_t status = MSG_OK; char status_buf[20]; unsigned char sha1_compare[20]; unsigned int sha1_len; if (record_messages_g == 0) { return; } if (nodeid != msg_pt->nodeid) { status = MSG_NODEID_ERR; } if (pid != msg_pt->pid) { status = MSG_PID_ERR; } if (msg_len != msg_pt->size) { status = MSG_SIZE_ERR; } PK11_DigestBegin(sha1_context); PK11_DigestOp(sha1_context, msg_pt->payload, (msg_pt->size - sizeof (msg_t))); PK11_DigestFinal(sha1_context, sha1_compare, &sha1_len, sizeof(sha1_compare)); if (memcmp (sha1_compare, msg_pt->sha1, 20) != 0) { qb_log (LOG_ERR, "msg seq:%d; incorrect hash", msg_pt->seq); status = MSG_SHA1_ERR; } log_pt = malloc (sizeof(log_entry_t)); qb_list_init (&log_pt->list); snprintf (log_pt->log, LOG_STR_SIZE, "%u:%d:%d:%s;", msg_pt->nodeid, msg_pt->seq, my_seq, err_status_string (status_buf, 20, status)); qb_list_add_tail (&log_pt->list, &msg_log_head); total_stored_msgs++; total_msgs_revd++; my_seq++; if ((total_msgs_revd % 1000) == 0) { qb_log (LOG_INFO, "rx %d", total_msgs_revd); } }
/* * J A R _ c a l c u l a t e _ d i g e s t * * Quick calculation of a digest for * the specified block of memory. Will calculate * for all supported algorithms, now MD5. * * This version supports huge pointers for WIN16. * */ JAR_Digest * PR_CALLBACK JAR_calculate_digest(void *data, long length) { PK11Context *md5 = 0; PK11Context *sha1 = 0; JAR_Digest *dig = PORT_ZNew(JAR_Digest); long chunq; unsigned int md5_length, sha1_length; if (dig == NULL) { /* out of memory allocating digest */ return NULL; } md5 = PK11_CreateDigestContext(SEC_OID_MD5); sha1 = PK11_CreateDigestContext(SEC_OID_SHA1); if (length >= 0) { PK11_DigestBegin (md5); PK11_DigestBegin (sha1); do { chunq = length; PK11_DigestOp(md5, (unsigned char*)data, chunq); PK11_DigestOp(sha1, (unsigned char*)data, chunq); length -= chunq; data = ((char *) data + chunq); } while (length > 0); PK11_DigestFinal (md5, dig->md5, &md5_length, MD5_LENGTH); PK11_DigestFinal (sha1, dig->sha1, &sha1_length, SHA1_LENGTH); PK11_DestroyContext (md5, PR_TRUE); PK11_DestroyContext (sha1, PR_TRUE); } return dig; }
void sxi_sha256(const unsigned char *d, size_t n,unsigned char *md) { unsigned len; PK11Context *context = PK11_CreateDigestContext(SEC_OID_SHA256); if (!context || PK11_DigestBegin(context) != SECSuccess || PK11_DigestOp(context, d, n) != SECSuccess || PK11_DigestFinal(context, md, &len, SHA256_DIGEST_LENGTH) != SECSuccess) { /* TODO: log */ } if (context) PK11_DestroyContext(context, PR_TRUE); }
void hmac_update(struct hmac_ctx *ctx, const u_char *data, size_t data_len) { #ifdef HAVE_LIBNSS if(data_len > 0) { SECStatus status = PK11_DigestOp(ctx->ctx_nss, data, data_len); PR_ASSERT(status == SECSuccess); } #else ctx->h->hash_update(&ctx->hash_ctx, data, data_len); #endif }
/* * @param(IN) salt salt in binary format * @param(IN) saltSize number of bytes for the salt * @param(IN) clearPasswd clearPasswd * @param(OUT) the hashed password with salt in ascii b64 format * * #sample keyfile line * j2ee;{SSHA}WRWaz20fzw3zN9x5Uzyyk5Wfvrbe4m40rYTPrA==;staff,eng */ void sshaPasswd(const char* salt, const int saltSize,const char* clearPasswd,NSString& hashed) { //PRBool workaround= PR_FALSE; //PR_TRUE; const int digestLen = SHA1_LENGTH; //20 unsigned char H[512]; char* pwdAndSalt=NULL; hashed.clear(); if (!clearPasswd) { return; } int tobeHashedLen = 0; pwdAndSalt = addSalt(clearPasswd, salt, saltSize,tobeHashedLen); //if (workaround==PR_TRUE) { //https_SHA1_Hash(H,pwdAndSalt); //refer lib/libadmin/password.cpp //} else { //const int keylen = PRIVATE_KEY_LEN; //unsigned char DigestPrivatekey[PRIVATE_KEY_LEN]; //PK11_GenerateRandom(DigestPrivatekey, keylen); PK11Context * SHA1Ctx = PK11_CreateDigestContext(SEC_OID_SHA1); if (SHA1Ctx==NULL) { FREE(pwdAndSalt); return; } PK11_DigestBegin(SHA1Ctx); //PK11_DigestOp(SHA1Ctx, (unsigned char*)pwdAndSalt, strlen(pwdAndSalt) ); PK11_DigestOp(SHA1Ctx, (unsigned char*)pwdAndSalt, tobeHashedLen ); PK11_DigestFinal(SHA1Ctx, (unsigned char *)H, (unsigned int*)&digestLen, sizeof(H)); PK11_DestroyContext(SHA1Ctx, 1); PR_ASSERT(digestLen==20); //} char* base64Val=NULL; if (salt!=NULL && saltSize>0) { memcpy(H+20,salt,saltSize); //append salt to hashed passwd base64Val = BTOA_DataToAscii(H,digestLen+saltSize); //base64.h } else { base64Val = BTOA_DataToAscii(H,digestLen); //base64.h } hashed.append(SSHA_TAG ); hashed.append(base64Val); if (base64Val) PORT_Free(base64Val); base64Val = NULL; FREE(pwdAndSalt); return; }
static int nr_crypto_nss_hmac(UCHAR *key, int keyl, UCHAR *buf, int bufl, UCHAR *result) { CK_MECHANISM_TYPE mech = CKM_SHA_1_HMAC; PK11SlotInfo *slot = 0; MOZ_ASSERT(keyl > 0); SECItem keyi = { siBuffer, key, static_cast<unsigned int>(keyl)}; PK11SymKey *skey = 0; PK11Context *hmac_ctx = 0; SECStatus status; unsigned int hmac_len; SECItem param = { siBuffer, nullptr, 0 }; int err = R_INTERNAL; slot = PK11_GetInternalKeySlot(); if (!slot) goto abort; skey = PK11_ImportSymKey(slot, mech, PK11_OriginUnwrap, CKA_SIGN, &keyi, nullptr); if (!skey) goto abort; hmac_ctx = PK11_CreateContextBySymKey(mech, CKA_SIGN, skey, ¶m); if (!hmac_ctx) goto abort; status = PK11_DigestBegin(hmac_ctx); if (status != SECSuccess) goto abort; status = PK11_DigestOp(hmac_ctx, buf, bufl); if (status != SECSuccess) goto abort; status = PK11_DigestFinal(hmac_ctx, result, &hmac_len, 20); if (status != SECSuccess) goto abort; MOZ_ASSERT(hmac_len == 20); err = 0; abort: if(hmac_ctx) PK11_DestroyContext(hmac_ctx, PR_TRUE); if (skey) PK11_FreeSymKey(skey); if (slot) PK11_FreeSlot(slot); return err; }
static int DigestFile(FILE *outFile, FILE *inFile, SECOidData *hashOID) { int nb; unsigned char ibuf[4096], digest[32]; PK11Context *hashcx; unsigned int len; SECStatus rv; hashcx = PK11_CreateDigestContext(hashOID->offset); if (hashcx == NULL) { return -1; } PK11_DigestBegin(hashcx); for (;;) { if (feof(inFile)) break; nb = fread(ibuf, 1, sizeof(ibuf), inFile); if (nb != sizeof(ibuf)) { if (nb == 0) { if (ferror(inFile)) { PORT_SetError(SEC_ERROR_IO); PK11_DestroyContext(hashcx,PR_TRUE); return -1; } /* eof */ break; } } rv = PK11_DigestOp(hashcx, ibuf, nb); if (rv != SECSuccess) { PK11_DestroyContext(hashcx, PR_TRUE); return -1; } } rv = PK11_DigestFinal(hashcx, digest, &len, 32); PK11_DestroyContext(hashcx, PR_TRUE); if (rv != SECSuccess) return -1; nb = fwrite(digest, 1, len, outFile); if (nb != len) { PORT_SetError(SEC_ERROR_IO); return -1; } return 0; }
NS_IMETHODIMP DigestOutputStream::Write(const char* aBuf, uint32_t aCount, uint32_t* retval) { nsNSSShutDownPreventionLock lock; if (isAlreadyShutDown()) { return NS_ERROR_NOT_AVAILABLE; } nsresult rv = MapSECStatus(PK11_DigestOp(mDigestContext, uint8_t_ptr_cast(aBuf), aCount)); NS_ENSURE_SUCCESS(rv, rv); return mOutputStream->Write(aBuf, aCount, retval); }
/* * This code is mostly cargo-cult taken from here: * http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn5.html * * It should implement HMAC with the given mechanism (SHA: 1, 256, 384, 512). */ static bool hmac(SECItem *key, CK_MECHANISM_TYPE mech, const SECItem *in, struct digest_buffer *out) { SECItem param = { siBuffer, NULL, 0 }; PK11SlotInfo *slot = NULL; PK11SymKey *symkey = NULL; PK11Context *ctx = NULL; bool ret = false; SECStatus s; slot = PK11_GetBestSlot(mech, NULL); if (slot == NULL) { slot = PK11_GetInternalKeySlot(); if (slot == NULL) { goto done; } } symkey = PK11_ImportSymKey(slot, mech, PK11_OriginUnwrap, CKA_SIGN, key, NULL); if (symkey == NULL) goto done; ctx = PK11_CreateContextBySymKey(mech, CKA_SIGN, symkey, ¶m); if (ctx == NULL) goto done; s = PK11_DigestBegin(ctx); if (s != SECSuccess) goto done; s = PK11_DigestOp(ctx, in->data, in->len); if (s != SECSuccess) goto done; s = PK11_DigestFinal(ctx, out->buf, &out->len, sizeof(out->buf)); if (s != SECSuccess) goto done; ret = true; done: if (ctx != NULL) PK11_DestroyContext(ctx, PR_TRUE); if (symkey != NULL) PK11_FreeSymKey(symkey); if (slot != NULL) PK11_FreeSlot(slot); return ret; }
/* void update ([array, size_is (aLen), const] in octet aData, in unsigned long aLen); */ NS_IMETHODIMP nsCryptoHMAC::Update(const uint8_t *aData, uint32_t aLen) { nsNSSShutDownPreventionLock locker; if (!mHMACContext) return NS_ERROR_NOT_INITIALIZED; if (!aData) return NS_ERROR_INVALID_ARG; SECStatus ss = PK11_DigestOp(mHMACContext, aData, aLen); NS_ENSURE_TRUE(ss == SECSuccess, NS_ERROR_FAILURE); return NS_OK; }
void hmac_final(u_char *output, struct hmac_ctx *ctx) { #ifndef HAVE_LIBNSS const struct hash_desc *h = ctx->h; h->hash_final(output, &ctx->hash_ctx); h->hash_init(&ctx->hash_ctx); h->hash_update(&ctx->hash_ctx, ctx->buf2, HMAC_BUFSIZE); h->hash_update(&ctx->hash_ctx, output, h->hash_digest_len); h->hash_final(output, &ctx->hash_ctx); #else unsigned int outlen = 0; SECStatus status = PK11_DigestFinal(ctx->ctx_nss, output, &outlen, ctx->hmac_digest_len); PR_ASSERT(status == SECSuccess); PR_ASSERT(outlen == ctx->hmac_digest_len); PK11_DestroyContext(ctx->ctx_nss, PR_TRUE); ctx->ctx_nss = NULL; ctx->ctx_nss = PK11_CreateDigestContext(nss_hash_oid(ctx->h)); PR_ASSERT(ctx->ctx_nss!=NULL); status=PK11_DigestBegin(ctx->ctx_nss); PR_ASSERT(status==SECSuccess); status=PK11_DigestKey(ctx->ctx_nss, ctx->okey); PR_ASSERT(status==SECSuccess); status = PK11_DigestOp(ctx->ctx_nss, output, outlen); PR_ASSERT(status == SECSuccess); status = PK11_DigestFinal(ctx->ctx_nss, output, &outlen, ctx->hmac_digest_len); PR_ASSERT(status == SECSuccess); PR_ASSERT(outlen == ctx->hmac_digest_len); PK11_DestroyContext(ctx->ctx_nss, PR_TRUE); if(ctx->ikey !=NULL) { PK11_FreeSymKey(ctx->ikey); } if(ctx->okey != NULL) { PK11_FreeSymKey(ctx->okey); } /* DBG(DBG_CRYPT, DBG_log("NSS: hmac final end")); */ #endif }
char *oauth_sign_hmac_sha1_raw (const char *m, const size_t ml, const char *k, const size_t kl) { PK11SlotInfo *slot = NULL; PK11SymKey *pkey = NULL; PK11Context *context = NULL; unsigned char digest[20]; // Is there a way to tell how large the output is? unsigned int len; SECStatus s; SECItem keyItem, noParams; char *rv=NULL; keyItem.type = siBuffer; keyItem.data = (unsigned char*) k; keyItem.len = kl; noParams.type = siBuffer; noParams.data = NULL; noParams.len = 0; oauth_init_nss(); slot = PK11_GetInternalKeySlot(); if (!slot) goto looser; pkey = PK11_ImportSymKey(slot, CKM_SHA_1_HMAC, PK11_OriginUnwrap, CKA_SIGN, &keyItem, NULL); if (!pkey) goto looser; context = PK11_CreateContextBySymKey(CKM_SHA_1_HMAC, CKA_SIGN, pkey, &noParams); if (!context) goto looser; s = PK11_DigestBegin(context); if (s != SECSuccess) goto looser; s = PK11_DigestOp(context, (unsigned char*) m, ml); if (s != SECSuccess) goto looser; s = PK11_DigestFinal(context, digest, &len, sizeof digest); if (s != SECSuccess) goto looser; rv=oauth_encode_base64(len, digest); looser: if (context) PK11_DestroyContext(context, PR_TRUE); if (pkey) PK11_FreeSymKey(pkey); if (slot) PK11_FreeSlot(slot); return rv; }
static SECStatus ssl_MacBuffer(PK11SymKey *key, CK_MECHANISM_TYPE mech, const unsigned char *in, unsigned int len, unsigned char *mac, unsigned int *macLen, unsigned int maxMacLen) { PK11Context *ctx; SECItem macParam = { 0, NULL, 0 }; unsigned int computedLen; SECStatus rv; ctx = PK11_CreateContextBySymKey(mech, CKA_SIGN, key, &macParam); if (!ctx) { PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); return SECFailure; } rv = PK11_DigestBegin(ctx); if (rv != SECSuccess) { PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); goto loser; } rv = PK11_DigestOp(ctx, in, len); if (rv != SECSuccess) { PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); goto loser; } rv = PK11_DigestFinal(ctx, mac, &computedLen, maxMacLen); if (rv != SECSuccess) { PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); goto loser; } *macLen = maxMacLen; PK11_DestroyContext(ctx, PR_TRUE); return SECSuccess; loser: PK11_DestroyContext(ctx, PR_TRUE); return SECFailure; }
void sha384_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, unsigned int ole) { sha512_context ctx; unsigned int length; if (ole < 1) return; memset(ob, 0, ole); if (ole > 48) ole = 48; sha384_init(&ctx); SECStatus status = PK11_DigestOp(ctx.ctx_nss, ib, ile); PR_ASSERT(status == SECSuccess); status = PK11_DigestFinal(ctx.ctx_nss, ob, &length, ole); PR_ASSERT(length == ole); PR_ASSERT(status == SECSuccess); PK11_DestroyContext(ctx.ctx_nss, PR_TRUE); DBG(DBG_CRYPT, DBG_log("NSS: sha384 init end")); }
SECStatus PK11_HashBuf(SECOidTag hashAlg, unsigned char *out, const unsigned char *in, PRInt32 len) { PK11Context *context; unsigned int max_length; unsigned int out_length; SECStatus rv; /* len will be passed to PK11_DigestOp as unsigned. */ if (len < 0) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } context = PK11_CreateDigestContext(hashAlg); if (context == NULL) return SECFailure; rv = PK11_DigestBegin(context); if (rv != SECSuccess) { PK11_DestroyContext(context, PR_TRUE); return rv; } rv = PK11_DigestOp(context, in, len); if (rv != SECSuccess) { PK11_DestroyContext(context, PR_TRUE); return rv; } /* XXX This really should have been an argument to this function! */ max_length = HASH_ResultLenByOidTag(hashAlg); PORT_Assert(max_length); if (!max_length) max_length = HASH_LENGTH_MAX; rv = PK11_DigestFinal(context, out, &out_length, max_length); PK11_DestroyContext(context, PR_TRUE); return rv; }
char *oauth_body_hash_file(char *filename) { PK11SlotInfo *slot = NULL; PK11Context *context = NULL; unsigned char digest[20]; // Is there a way to tell how large the output is? unsigned int len; SECStatus s; char *rv=NULL; size_t bl; unsigned char fb[BUFSIZ]; FILE *F= fopen(filename, "r"); if (!F) return NULL; oauth_init_nss(); slot = PK11_GetInternalKeySlot(); if (!slot) goto looser; context = PK11_CreateDigestContext(SEC_OID_SHA1); if (!context) goto looser; s = PK11_DigestBegin(context); if (s != SECSuccess) goto looser; while (!feof(F) && (bl=fread(fb,sizeof(char),BUFSIZ, F))>0) { s = PK11_DigestOp(context, (unsigned char*) fb, bl); if (s != SECSuccess) goto looser; } s = PK11_DigestFinal(context, digest, &len, sizeof digest); if (s != SECSuccess) goto looser; unsigned char *dgst = xmalloc(len*sizeof(char)); // oauth_body_hash_encode frees the digest.. memcpy(dgst, digest, len); rv=oauth_body_hash_encode(len, dgst); looser: fclose(F); if (context) PK11_DestroyContext(context, PR_TRUE); if (slot) PK11_FreeSlot(slot); return rv; }