This source file includes following definitions.
- Wrapped_SHA256_Update
- ComputeHMACSHA256
- plat_
- Init
- Sign
#include "crypto/hmac.h"
#include <windows.h>
#include <wincrypt.h>
#include <algorithm>
#include <vector>
#include "base/logging.h"
#include "crypto/scoped_capi_types.h"
#include "crypto/third_party/nss/chromium-blapi.h"
#include "crypto/third_party/nss/chromium-sha256.h"
namespace crypto {
namespace {
enum {
SHA256_BLOCK_SIZE = 64
};
void Wrapped_SHA256_Update(SHA256Context* ctx, const unsigned char* text,
size_t text_len) {
const unsigned int kChunkSize = 1 << 30;
while (text_len > kChunkSize) {
SHA256_Update(ctx, text, kChunkSize);
text += kChunkSize;
text_len -= kChunkSize;
}
SHA256_Update(ctx, text, (unsigned int)text_len);
}
void ComputeHMACSHA256(const unsigned char* key, size_t key_len,
const unsigned char* text, size_t text_len,
unsigned char* output, size_t output_len) {
SHA256Context ctx;
unsigned char key0[SHA256_BLOCK_SIZE];
if (key_len > SHA256_BLOCK_SIZE) {
SHA256_Begin(&ctx);
Wrapped_SHA256_Update(&ctx, key, key_len);
SHA256_End(&ctx, key0, NULL, SHA256_LENGTH);
memset(key0 + SHA256_LENGTH, 0, SHA256_BLOCK_SIZE - SHA256_LENGTH);
} else {
memcpy(key0, key, key_len);
if (key_len < SHA256_BLOCK_SIZE)
memset(key0 + key_len, 0, SHA256_BLOCK_SIZE - key_len);
}
unsigned char padded_key[SHA256_BLOCK_SIZE];
unsigned char inner_hash[SHA256_LENGTH];
for (int i = 0; i < SHA256_BLOCK_SIZE; ++i)
padded_key[i] = key0[i] ^ 0x36;
SHA256_Begin(&ctx);
SHA256_Update(&ctx, padded_key, SHA256_BLOCK_SIZE);
Wrapped_SHA256_Update(&ctx, text, text_len);
SHA256_End(&ctx, inner_hash, NULL, SHA256_LENGTH);
for (int i = 0; i < SHA256_BLOCK_SIZE; ++i)
padded_key[i] = key0[i] ^ 0x5c;
SHA256_Begin(&ctx);
SHA256_Update(&ctx, padded_key, SHA256_BLOCK_SIZE);
SHA256_Update(&ctx, inner_hash, SHA256_LENGTH);
SHA256_End(&ctx, output, NULL, (unsigned int) output_len);
}
}
struct HMACPlatformData {
~HMACPlatformData() {
if (!raw_key_.empty()) {
SecureZeroMemory(&raw_key_[0], raw_key_.size());
}
key_.reset();
}
ScopedHCRYPTPROV provider_;
ScopedHCRYPTKEY key_;
std::vector<unsigned char> raw_key_;
};
HMAC::HMAC(HashAlgorithm hash_alg)
: hash_alg_(hash_alg), plat_(new HMACPlatformData()) {
DCHECK(hash_alg_ == SHA1 || hash_alg_ == SHA256);
}
bool HMAC::Init(const unsigned char* key, size_t key_length) {
if (plat_->provider_ || plat_->key_ || !plat_->raw_key_.empty()) {
NOTREACHED();
return false;
}
if (hash_alg_ == SHA256) {
plat_->raw_key_.assign(key, key + key_length);
return true;
}
if (!CryptAcquireContext(plat_->provider_.receive(), NULL, NULL,
PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
NOTREACHED();
return false;
}
struct KeyBlob {
BLOBHEADER header;
DWORD key_size;
BYTE key_data[1];
};
size_t key_blob_size = std::max(offsetof(KeyBlob, key_data) + key_length,
sizeof(KeyBlob));
std::vector<BYTE> key_blob_storage = std::vector<BYTE>(key_blob_size);
KeyBlob* key_blob = reinterpret_cast<KeyBlob*>(&key_blob_storage[0]);
key_blob->header.bType = PLAINTEXTKEYBLOB;
key_blob->header.bVersion = CUR_BLOB_VERSION;
key_blob->header.reserved = 0;
key_blob->header.aiKeyAlg = CALG_RC2;
key_blob->key_size = static_cast<DWORD>(key_length);
memcpy(key_blob->key_data, key, key_length);
if (!CryptImportKey(plat_->provider_, &key_blob_storage[0],
(DWORD)key_blob_storage.size(), 0,
CRYPT_IPSEC_HMAC_KEY, plat_->key_.receive())) {
NOTREACHED();
return false;
}
SecureZeroMemory(key_blob->key_data, key_length);
return true;
}
HMAC::~HMAC() {
}
bool HMAC::Sign(const base::StringPiece& data,
unsigned char* digest,
size_t digest_length) const {
if (hash_alg_ == SHA256) {
if (plat_->raw_key_.empty())
return false;
ComputeHMACSHA256(&plat_->raw_key_[0], plat_->raw_key_.size(),
reinterpret_cast<const unsigned char*>(data.data()),
data.size(), digest, digest_length);
return true;
}
if (!plat_->provider_ || !plat_->key_)
return false;
if (hash_alg_ != SHA1) {
NOTREACHED();
return false;
}
ScopedHCRYPTHASH hash;
if (!CryptCreateHash(plat_->provider_, CALG_HMAC, plat_->key_, 0,
hash.receive()))
return false;
HMAC_INFO hmac_info;
memset(&hmac_info, 0, sizeof(hmac_info));
hmac_info.HashAlgid = CALG_SHA1;
if (!CryptSetHashParam(hash, HP_HMAC_INFO,
reinterpret_cast<BYTE*>(&hmac_info), 0))
return false;
if (!CryptHashData(hash, reinterpret_cast<const BYTE*>(data.data()),
static_cast<DWORD>(data.size()), 0))
return false;
DWORD sha1_size = static_cast<DWORD>(digest_length);
return !!CryptGetHashParam(hash, HP_HASHVAL, digest, &sha1_size, 0);
}
}