1 | /* |
---|
2 | * Gaim-Encryption MGF-1 Mask Generation Function (see PKCS#1 v2.1) |
---|
3 | * |
---|
4 | * Copyright (C) 2003 William Tompkins |
---|
5 | * |
---|
6 | * This program is free software; you can redistribute it and/or modify |
---|
7 | * it under the terms of the GNU General Public License as published by |
---|
8 | * the Free Software Foundation; either version 2 of the License, or |
---|
9 | * (at your option) any later version. |
---|
10 | * |
---|
11 | * This program is distributed in the hope that it will be useful, |
---|
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
14 | * GNU General Public License for more details. |
---|
15 | * |
---|
16 | * You should have received a copy of the GNU General Public License |
---|
17 | * along with this program; if not, write to the Free Software |
---|
18 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
---|
19 | */ |
---|
20 | |
---|
21 | #include <pk11func.h> |
---|
22 | |
---|
23 | /* for g_assert; PORT_Assert seems disabled... */ |
---|
24 | #include <glib.h> |
---|
25 | |
---|
26 | #include "nss_mgf1.h" |
---|
27 | |
---|
28 | static const SECOidTag Hash_OID = SEC_OID_SHA1; |
---|
29 | |
---|
30 | /* Mask Generation function: From a seed, produce a variably sized mask, and */ |
---|
31 | /* XOR it with the maskee. */ |
---|
32 | |
---|
33 | /* Note- this is an inefficient implementation, as we repeatedly hash the */ |
---|
34 | /* seed. If we saved the intermediate context, we'd probably save */ |
---|
35 | /* a bunch of time. But, the NSS exported interface doesn't let us */ |
---|
36 | /* do that easily, so we don't. */ |
---|
37 | |
---|
38 | static void memxor (unsigned char* a, unsigned char* b, int len) { |
---|
39 | while (len-- > 0) { |
---|
40 | *a++ ^= *b++; |
---|
41 | } |
---|
42 | } |
---|
43 | |
---|
44 | int mgf1(unsigned char* maskee, unsigned int maskee_len, |
---|
45 | unsigned char* seed, unsigned seed_len) { |
---|
46 | |
---|
47 | unsigned char* extended_seed = PORT_Alloc(seed_len + 4); |
---|
48 | unsigned char* hash_out; |
---|
49 | unsigned int hash_len; |
---|
50 | |
---|
51 | unsigned long int counter = 0; |
---|
52 | unsigned int counter_pos = seed_len; |
---|
53 | |
---|
54 | unsigned int maskee_pos = 0; |
---|
55 | unsigned int cur_block_size; |
---|
56 | |
---|
57 | SECStatus rv; |
---|
58 | |
---|
59 | hash_len = 20; |
---|
60 | |
---|
61 | hash_out = PORT_Alloc(hash_len); |
---|
62 | PORT_Memcpy(extended_seed, seed, seed_len); |
---|
63 | |
---|
64 | while (maskee_pos < maskee_len) { |
---|
65 | /* Store counter at counter_pos, msb first */ |
---|
66 | extended_seed[counter_pos] = (unsigned char) ((counter >> 24) & 0xff); |
---|
67 | extended_seed[counter_pos+1] = (unsigned char) ((counter >> 16) & 0xff); |
---|
68 | extended_seed[counter_pos+2] = (unsigned char) ((counter >> 8) & 0xff); |
---|
69 | extended_seed[counter_pos+3] = (unsigned char) (counter & 0xff); |
---|
70 | |
---|
71 | rv = PK11_HashBuf(Hash_OID, hash_out, extended_seed, seed_len + 4); |
---|
72 | g_assert(rv == SECSuccess); |
---|
73 | |
---|
74 | cur_block_size = (maskee_len - maskee_pos); |
---|
75 | if (cur_block_size > hash_len) cur_block_size = hash_len; |
---|
76 | |
---|
77 | memxor(maskee + maskee_pos, hash_out, cur_block_size); |
---|
78 | maskee_pos += cur_block_size; |
---|
79 | |
---|
80 | ++counter; |
---|
81 | } |
---|
82 | |
---|
83 | PORT_ZFree(extended_seed, seed_len+4); |
---|
84 | PORT_ZFree(hash_out, hash_len); |
---|
85 | return 1; |
---|
86 | } |
---|