void HPAVKeyDAK (uint8_t DAK [], const char * string)
{
struct sha256 sha256;
uint8_t digest [SHA256_DIGEST_LENGTH];
const uint8_t secret [] =
{
0x08,
0x85,
0x6D,
0xAF,
0x7C,
0xF5,
0x81,
0x85
};
int count = 999;
SHA256Reset (&sha256);
SHA256Write (&sha256, (uint8_t *)(string), strlen (string));
SHA256Write (&sha256, secret, sizeof (secret));
SHA256Fetch (&sha256, digest);
while (count-- > 0)
{
SHA256Reset (&sha256);
SHA256Write (&sha256, digest, sizeof (digest));
SHA256Fetch (&sha256, digest);
}
memcpy (DAK, digest, HPAVKEY_DAK_LEN);
return;
}
void HPAVKeyNMK (uint8_t NMK [], const char * string)
{
struct sha256 sha256;
uint8_t digest [SHA256_DIGEST_LENGTH];
const uint8_t secret [] =
{
0x08,
0x85,
0x6D,
0xAF,
0x7C,
0xF5,
0x81,
0x86
};
unsigned rehash = 999;
SHA256Reset (&sha256);
SHA256Write (&sha256, string, strlen (string));
SHA256Write (&sha256, secret, sizeof (secret));
SHA256Fetch (&sha256, digest);
while (rehash--)
{
SHA256Reset (&sha256);
SHA256Write (&sha256, digest, sizeof (digest));
SHA256Fetch (&sha256, digest);
}
memcpy (NMK, digest, HPAVKEY_NMK_LEN);
return;
}
void HPAVKeyNID (uint8_t NID [], const uint8_t NMK [], uint8_t level)
{
struct sha256 sha256;
uint8_t digest [SHA256_DIGEST_LENGTH];
unsigned rehash = 4;
SHA256Reset (&sha256);
SHA256Write (&sha256, NMK, HPAVKEY_NMK_LEN);
SHA256Fetch (&sha256, digest);
while (rehash--)
{
SHA256Reset (&sha256);
SHA256Write (&sha256, digest, sizeof (digest));
SHA256Fetch (&sha256, digest);
}
#if 1
level <<= 4;
digest [HPAVKEY_NID_LEN - 1] >>= 4;
digest [HPAVKEY_NID_LEN - 1] |= level;
#else
digest [HPAVKEY_NID_LEN - 1] &= ~0xC0;
digest [HPAVKEY_NID_LEN - 1] |= level << 6;
#endif
memcpy (NID, digest, HPAVKEY_NID_LEN);
return;
}
void SHA256::Finalize( void* hash )
{
if ( m_context == nullptr )
throw Error( "SHA256::Finalize(): Invalid call on uninitialized object." );
SHA256Result( CTX, static_cast<uint8_t*>( hash ) );
SHA256Reset( CTX );
}
void HPAVKeyNID (uint8_t NID [], const uint8_t NMK [], uint8_t level)
{
struct sha256 sha256;
uint8_t digest [SHA256_DIGEST_LENGTH];
int count = 4;
SHA256Reset (&sha256);
SHA256Write (&sha256, NMK, HPAVKEY_NMK_LEN);
SHA256Fetch (&sha256, digest);
while (count-- > 0)
{
SHA256Reset (&sha256);
SHA256Write (&sha256, digest, sizeof (digest));
SHA256Fetch (&sha256, digest);
}
level <<= 4;
digest [HPAVKEY_NID_LEN - 1] >>= 4;
digest [HPAVKEY_NID_LEN - 1] |= level;
memcpy (NID, digest, HPAVKEY_NID_LEN);
return;
}
void md_map_sh256(uint8_t *hash, const uint8_t *msg, int len) {
SHA256Context ctx;
if (SHA256Reset(&ctx) != shaSuccess) {
THROW(ERR_NO_VALID);
}
if (SHA256Input(&ctx, msg, len) != shaSuccess) {
THROW(ERR_NO_VALID);
}
if (SHA256Result(&ctx, hash) != shaSuccess) {
THROW(ERR_NO_VALID);
}
}
/*
* USHAReset
*
* Description:
* This function will initialize the SHA Context in preparation
* for computing a new SHA message digest.
*
* Parameters:
* context: [in/out]
* The context to reset.
* whichSha: [in]
* Selects which SHA reset to call
*
* Returns:
* sha Error Code.
*
*/
int USHAReset(USHAContext *context, enum SHAversion whichSha)
{
if (!context) return shaNull;
context->whichSha = whichSha;
switch (whichSha) {
case SHA1: return SHA1Reset((SHA1Context*)&context->ctx);
case SHA224: return SHA224Reset((SHA224Context*)&context->ctx);
case SHA256: return SHA256Reset((SHA256Context*)&context->ctx);
case SHA384: return SHA384Reset((SHA384Context*)&context->ctx);
case SHA512: return SHA512Reset((SHA512Context*)&context->ctx);
default: return shaBadParam;
}
}
/*!
Resets the object.
*/
void QCryptographicHash::reset()
{
switch (d->method) {
case Sha1:
sha1InitState(&d->sha1Context);
break;
#ifdef QT_CRYPTOGRAPHICHASH_ONLY_SHA1
default:
Q_ASSERT_X(false, "QCryptographicHash", "Method not compiled in");
Q_UNREACHABLE();
break;
#else
case Md4:
md4_init(&d->md4Context);
break;
case Md5:
MD5Init(&d->md5Context);
break;
case Sha224:
SHA224Reset(&d->sha224Context);
break;
case Sha256:
SHA256Reset(&d->sha256Context);
break;
case Sha384:
SHA384Reset(&d->sha384Context);
break;
case Sha512:
SHA512Reset(&d->sha512Context);
break;
case RealSha3_224:
case Keccak_224:
sha3Init(&d->sha3Context, 224);
break;
case RealSha3_256:
case Keccak_256:
sha3Init(&d->sha3Context, 256);
break;
case RealSha3_384:
case Keccak_384:
sha3Init(&d->sha3Context, 384);
break;
case RealSha3_512:
case Keccak_512:
sha3Init(&d->sha3Context, 512);
break;
#endif
}
d->result.clear();
}
void SHA256Ident (signed fd, uint8_t digest [])
{
struct sha256 sha256;
uint8_t buffer [1024];
signed length;
SHA256Reset (&sha256);
while ((length = read (fd, buffer, sizeof (buffer))) > 0)
{
SHA256Write (&sha256, buffer, length);
}
SHA256Fetch (&sha256, digest);
return;
}
void SHA256::Update( const void* data, size_type size )
{
if ( data != nullptr )
if ( size > 0 )
{
if ( m_context == nullptr )
{
m_context = new SHA256Context;
SHA256Reset( CTX );
}
const uint8* bytes = reinterpret_cast<const uint8*>( data );
do
{
size_type blockSize = Min( size_type( 0xfffffff0 ), size );
SHA256Input( CTX, bytes, unsigned( blockSize ) );
size -= blockSize;
bytes += blockSize;
}
while ( size > 0 );
}
}
static int load_registration_id(PROV_AUTH_INFO* handle)
{
int result;
if (handle->sec_type == PROV_AUTH_TYPE_TPM)
{
SHA256Context sha_ctx;
uint8_t msg_digest[SHA256HashSize];
unsigned char* endorsement_key;
size_t ek_len;
if (handle->hsm_client_get_endorsement_key(handle->hsm_client_handle, &endorsement_key, &ek_len) != 0)
{
LogError("Failed getting device reg id");
result = MU_FAILURE;
}
else
{
if (SHA256Reset(&sha_ctx) != 0)
{
LogError("Failed sha256 reset");
result = MU_FAILURE;
}
else if (SHA256Input(&sha_ctx, endorsement_key, (unsigned int)ek_len) != 0)
{
LogError("Failed SHA256Input");
result = MU_FAILURE;
}
else if (SHA256Result(&sha_ctx, msg_digest) != 0)
{
LogError("Failed SHA256Result");
result = MU_FAILURE;
}
else
{
handle->registration_id = encode_value(msg_digest, SHA256HashSize);
if (handle->registration_id == NULL)
{
LogError("Failed allocating registration Id");
result = MU_FAILURE;
}
else
{
result = 0;
}
}
free(endorsement_key);
}
}
else
{
handle->registration_id = handle->hsm_client_get_common_name(handle->hsm_client_handle);
if (handle->registration_id == NULL)
{
LogError("Failed getting common name from certificate");
result = MU_FAILURE;
}
else
{
result = 0;
}
}
return result;
}
/* SHA256 Low Level Interface */
int sha256_low_init(SHA256Context *context) {
return SHA256Reset(context);
}
void SHA256::Initialize()
{
if ( m_context == nullptr )
m_context = new SHA256Context;
SHA256Reset( CTX );
}
