mirror of
https://github.com/rn10950/RetroZilla.git
synced 2024-11-14 03:30:17 +01:00
44b7f056d9
bug1001332, 56b691c003ad, bug1086145, bug1054069, bug1155922, bug991783, bug1125025, bug1162521, bug1162644, bug1132941, bug1164364, bug1166205, bug1166163, bug1166515, bug1138554, bug1167046, bug1167043, bug1169451, bug1172128, bug1170322, bug102794, bug1128184, bug557830, bug1174648, bug1180244, bug1177784, bug1173413, bug1169174, bug1084669, bug951455, bug1183395, bug1177430, bug1183827, bug1160139, bug1154106, bug1142209, bug1185033, bug1193467, bug1182667(with sha512 changes backed out, which breaks VC6 compilation), bug1158489, bug337796
191 lines
4.6 KiB
C
191 lines
4.6 KiB
C
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#include "seccomon.h"
|
|
#include "secerr.h"
|
|
#include "blapi.h"
|
|
#include "pkcs11i.h"
|
|
#include "softoken.h"
|
|
#include "hmacct.h"
|
|
|
|
/* MACMechanismToHash converts a PKCS#11 MAC mechanism into a freebl hash
|
|
* type. */
|
|
static HASH_HashType
|
|
MACMechanismToHash(CK_MECHANISM_TYPE mech)
|
|
{
|
|
switch (mech) {
|
|
case CKM_MD5_HMAC:
|
|
case CKM_SSL3_MD5_MAC:
|
|
return HASH_AlgMD5;
|
|
case CKM_SHA_1_HMAC:
|
|
case CKM_SSL3_SHA1_MAC:
|
|
return HASH_AlgSHA1;
|
|
case CKM_SHA224_HMAC:
|
|
return HASH_AlgSHA224;
|
|
case CKM_SHA256_HMAC:
|
|
return HASH_AlgSHA256;
|
|
case CKM_SHA384_HMAC:
|
|
return HASH_AlgSHA384;
|
|
case CKM_SHA512_HMAC:
|
|
return HASH_AlgSHA512;
|
|
}
|
|
return HASH_AlgNULL;
|
|
}
|
|
|
|
static sftk_MACConstantTimeCtx *
|
|
SetupMAC(CK_MECHANISM_PTR mech, SFTKObject *key)
|
|
{
|
|
CK_NSS_MAC_CONSTANT_TIME_PARAMS *params =
|
|
(CK_NSS_MAC_CONSTANT_TIME_PARAMS *) mech->pParameter;
|
|
sftk_MACConstantTimeCtx *ctx;
|
|
HASH_HashType alg;
|
|
SFTKAttribute *keyval;
|
|
unsigned char secret[sizeof(ctx->secret)];
|
|
unsigned int secretLength;
|
|
|
|
if (mech->ulParameterLen != sizeof(CK_NSS_MAC_CONSTANT_TIME_PARAMS)) {
|
|
return NULL;
|
|
}
|
|
|
|
alg = MACMechanismToHash(params->macAlg);
|
|
if (alg == HASH_AlgNULL) {
|
|
return NULL;
|
|
}
|
|
|
|
keyval = sftk_FindAttribute(key,CKA_VALUE);
|
|
if (keyval == NULL) {
|
|
return NULL;
|
|
}
|
|
secretLength = keyval->attrib.ulValueLen;
|
|
if (secretLength > sizeof(secret)) {
|
|
sftk_FreeAttribute(keyval);
|
|
return NULL;
|
|
}
|
|
memcpy(secret, keyval->attrib.pValue, secretLength);
|
|
sftk_FreeAttribute(keyval);
|
|
|
|
ctx = PORT_Alloc(sizeof(sftk_MACConstantTimeCtx));
|
|
if (!ctx) {
|
|
return NULL;
|
|
}
|
|
|
|
memcpy(ctx->secret, secret, secretLength);
|
|
ctx->secretLength = secretLength;
|
|
ctx->hash = HASH_GetRawHashObject(alg);
|
|
ctx->totalLength = params->ulBodyTotalLen;
|
|
|
|
return ctx;
|
|
}
|
|
|
|
sftk_MACConstantTimeCtx *
|
|
sftk_HMACConstantTime_New(CK_MECHANISM_PTR mech, SFTKObject *key)
|
|
{
|
|
CK_NSS_MAC_CONSTANT_TIME_PARAMS *params =
|
|
(CK_NSS_MAC_CONSTANT_TIME_PARAMS *) mech->pParameter;
|
|
sftk_MACConstantTimeCtx *ctx;
|
|
|
|
if (params->ulHeaderLen > sizeof(ctx->header)) {
|
|
return NULL;
|
|
}
|
|
ctx = SetupMAC(mech, key);
|
|
if (!ctx) {
|
|
return NULL;
|
|
}
|
|
|
|
ctx->headerLength = params->ulHeaderLen;
|
|
memcpy(ctx->header, params->pHeader, params->ulHeaderLen);
|
|
return ctx;
|
|
}
|
|
|
|
sftk_MACConstantTimeCtx *
|
|
sftk_SSLv3MACConstantTime_New(CK_MECHANISM_PTR mech, SFTKObject *key)
|
|
{
|
|
CK_NSS_MAC_CONSTANT_TIME_PARAMS *params =
|
|
(CK_NSS_MAC_CONSTANT_TIME_PARAMS *) mech->pParameter;
|
|
unsigned int padLength = 40, j;
|
|
sftk_MACConstantTimeCtx *ctx;
|
|
|
|
if (params->macAlg != CKM_SSL3_MD5_MAC &&
|
|
params->macAlg != CKM_SSL3_SHA1_MAC) {
|
|
return NULL;
|
|
}
|
|
ctx = SetupMAC(mech, key);
|
|
if (!ctx) {
|
|
return NULL;
|
|
}
|
|
|
|
if (params->macAlg == CKM_SSL3_MD5_MAC) {
|
|
padLength = 48;
|
|
}
|
|
|
|
ctx->headerLength =
|
|
ctx->secretLength +
|
|
padLength +
|
|
params->ulHeaderLen;
|
|
|
|
if (ctx->headerLength > sizeof(ctx->header)) {
|
|
goto loser;
|
|
}
|
|
|
|
j = 0;
|
|
memcpy(&ctx->header[j], ctx->secret, ctx->secretLength);
|
|
j += ctx->secretLength;
|
|
memset(&ctx->header[j], 0x36, padLength);
|
|
j += padLength;
|
|
memcpy(&ctx->header[j], params->pHeader, params->ulHeaderLen);
|
|
|
|
return ctx;
|
|
|
|
loser:
|
|
PORT_Free(ctx);
|
|
return NULL;
|
|
}
|
|
|
|
void
|
|
sftk_HMACConstantTime_Update(void *pctx, const void *data, unsigned int len)
|
|
{
|
|
sftk_MACConstantTimeCtx *ctx = (sftk_MACConstantTimeCtx *) pctx;
|
|
PORT_CheckSuccess(HMAC_ConstantTime(
|
|
ctx->mac, NULL, sizeof(ctx->mac),
|
|
ctx->hash,
|
|
ctx->secret, ctx->secretLength,
|
|
ctx->header, ctx->headerLength,
|
|
data, len,
|
|
ctx->totalLength));
|
|
}
|
|
|
|
void
|
|
sftk_SSLv3MACConstantTime_Update(void *pctx, const void *data, unsigned int len)
|
|
{
|
|
sftk_MACConstantTimeCtx *ctx = (sftk_MACConstantTimeCtx *) pctx;
|
|
PORT_CheckSuccess(SSLv3_MAC_ConstantTime(
|
|
ctx->mac, NULL, sizeof(ctx->mac),
|
|
ctx->hash,
|
|
ctx->secret, ctx->secretLength,
|
|
ctx->header, ctx->headerLength,
|
|
data, len,
|
|
ctx->totalLength));
|
|
}
|
|
|
|
void
|
|
sftk_MACConstantTime_EndHash(void *pctx, void *out, unsigned int *outLength,
|
|
unsigned int maxLength)
|
|
{
|
|
const sftk_MACConstantTimeCtx *ctx = (sftk_MACConstantTimeCtx *) pctx;
|
|
unsigned int toCopy = ctx->hash->length;
|
|
if (toCopy > maxLength) {
|
|
toCopy = maxLength;
|
|
}
|
|
memcpy(out, ctx->mac, toCopy);
|
|
if (outLength) {
|
|
*outLength = toCopy;
|
|
}
|
|
}
|
|
|
|
void
|
|
sftk_MACConstantTime_DestroyContext(void *pctx, PRBool free)
|
|
{
|
|
PORT_Free(pctx);
|
|
}
|