📄 mech_md5.c
字号:
rc = digest_mgr_digest_final( sess, FALSE, &digest_ctx, hash, &hash_len ); if (rc != CKR_OK) { st_err_log(126, __FILE__, __LINE__); digest_mgr_cleanup( &digest_ctx ); return rc; } digest_mgr_cleanup( &digest_ctx ); memset( &digest_ctx, 0x0, sizeof(DIGEST_CONTEXT) ); // outer hash // rc = digest_mgr_init( sess, &digest_ctx, &digest_mech ); if (rc != CKR_OK) { st_err_log(123, __FILE__, __LINE__); digest_mgr_cleanup( &digest_ctx ); return rc; } rc = digest_mgr_digest_update( sess, &digest_ctx, k_opad, MD5_BLOCK_SIZE ); if (rc != CKR_OK) { st_err_log(123, __FILE__, __LINE__); digest_mgr_cleanup( &digest_ctx ); return rc; } rc = digest_mgr_digest_update( sess, &digest_ctx, hash, hash_len ); if (rc != CKR_OK) { st_err_log(123, __FILE__, __LINE__); digest_mgr_cleanup( &digest_ctx ); return rc; } hash_len = sizeof(hash); rc = digest_mgr_digest_final( sess, FALSE, &digest_ctx, hash, &hash_len ); if (rc != CKR_OK) { st_err_log(126, __FILE__, __LINE__); digest_mgr_cleanup( &digest_ctx ); return rc; } memcpy( out_data, hash, hmac_len ); *out_data_len = hmac_len; digest_mgr_cleanup( &digest_ctx ); return CKR_OK;}////CK_RVmd5_hmac_verify( SESSION * sess, SIGN_VERIFY_CONTEXT * ctx, CK_BYTE * in_data, CK_ULONG in_data_len, CK_BYTE * signature, CK_ULONG sig_len ){ CK_BYTE hmac[MD5_HASH_SIZE]; SIGN_VERIFY_CONTEXT hmac_ctx; CK_ULONG hmac_len, len; CK_RV rc; if (!sess || !ctx || !in_data || !signature){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } if (ctx->mech.mechanism == CKM_MD5_HMAC_GENERAL) hmac_len = *(CK_ULONG *)ctx->mech.pParameter; else hmac_len = MD5_HASH_SIZE; memset( &hmac_ctx, 0, sizeof(SIGN_VERIFY_CONTEXT) ); rc = sign_mgr_init( sess, &hmac_ctx, &ctx->mech, FALSE, ctx->key ); if (rc != CKR_OK) { sign_mgr_cleanup( &hmac_ctx ); return rc; } len = sizeof(hmac); rc = sign_mgr_sign( sess, FALSE, &hmac_ctx, in_data, in_data_len, hmac, &len ); if (rc != CKR_OK) { sign_mgr_cleanup( &hmac_ctx ); return rc; } if ((len != hmac_len) || (len != sig_len)){ st_err_log(46, __FILE__, __LINE__); return CKR_SIGNATURE_LEN_RANGE; } if (memcmp(hmac, signature, hmac_len) != 0){ st_err_log(47, __FILE__, __LINE__); rc = CKR_SIGNATURE_INVALID; } sign_mgr_cleanup( &hmac_ctx ); return rc;}//// CKM routines//voidckm_md5_init( MD5_CONTEXT *context ){ context->i[0] = context->i[1] = 0; // Load magic initialization constants. // context->buf[0] = (CK_ULONG)0x67452301; context->buf[1] = (CK_ULONG)0xefcdab89; context->buf[2] = (CK_ULONG)0x98badcfe; context->buf[3] = (CK_ULONG)0x10325476;}////CK_RVckm_md5_update( MD5_CONTEXT * context, CK_BYTE * in_data, CK_ULONG in_data_len ){ CK_ULONG in[16]; int mdi; CK_ULONG i, ii; // compute number of bytes mod 64 // mdi = (int)((context->i[0] >> 3) & 0x3F); // update number of bits // if ((context->i[0] + (in_data_len << 3)) < context->i[0]) context->i[1]++; context->i[0] += (in_data_len << 3); context->i[1] += (in_data_len >> 29); while (in_data_len--) { // add new character to buffer, increment mdi // context->in[mdi++] = *in_data++; // transform if necessary // if (mdi == 0x40) { for (i = 0, ii = 0; i < 16; i++, ii += 4) in[i] = (((CK_ULONG)context->in[ii+3]) << 24) | (((CK_ULONG)context->in[ii+2]) << 16) | (((CK_ULONG)context->in[ii+1]) << 8) | ((CK_ULONG)context->in[ii]); ckm_md5_transform (context->buf, in); mdi = 0; } } return CKR_OK;}////CK_RVckm_md5_final( MD5_CONTEXT *context, CK_BYTE *out_data, CK_ULONG out_data_len ){ CK_ULONG in[16]; int mdi; CK_ULONG i, ii; CK_ULONG padLen; if (!out_data || (out_data_len < MD5_HASH_SIZE)){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } // save number of bits // in[14] = context->i[0]; in[15] = context->i[1]; // compute number of bytes mod 64 // mdi = (int)((context->i[0] >> 3) & 0x3F); // pad out to 56 mod 64 // padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi); ckm_md5_update( context, PADDING, padLen ); // append length in bits and transform // for (i = 0, ii = 0; i < 14; i++, ii += 4) in[i] = (((CK_ULONG)context->in[ii+3]) << 24) | (((CK_ULONG)context->in[ii+2]) << 16) | (((CK_ULONG)context->in[ii+1]) << 8) | ((CK_ULONG)context->in[ii]); ckm_md5_transform (context->buf, in); // store buffer in digest // for (i = 0, ii = 0; i < 4; i++, ii += 4) { context->digest[ii ] = (CK_BYTE) (context->buf[i] & 0xFF); context->digest[ii+1] = (CK_BYTE)((context->buf[i] >> 8) & 0xFF); context->digest[ii+2] = (CK_BYTE)((context->buf[i] >> 16) & 0xFF); context->digest[ii+3] = (CK_BYTE)((context->buf[i] >> 24) & 0xFF); } memcpy( out_data, context->digest, MD5_HASH_SIZE ); return CKR_OK;}// Stuff stolen from CCA (saf_md5.c)/******************************************************************************//* Rotate a word (32 bits) left by a specified number of bits. The 32-bit *//* number invalue is circularly rotated left by num_bits bit positions. The *//* result is returned as the function result. *//*----------------------------------------------------------------------------*/#define rotate_left(Data, bit_cnt) \ (Data = ( (Data << bit_cnt) | \ (Data >> (32 - bit_cnt)) ) )/******************************************************************************//* Implement the MD5 algorithm's "F" function. This function performs a *//* transform on three input words, designated x, y, and z, producing a *//* single word output value. The transform is: *//* *//* output = ( x AND y ) OR ( (NOT x) AND z ) *//*----------------------------------------------------------------------------*/#define F( x, y, z) ( ( x & y ) | ( (~x) & z) )/******************************************************************************//* Implement the MD5 algorithm's "G" function. This function performs a *//* transform on three input words, designated x, y, and z, producing a *//* single word output value. The transform is: *//* *//* output = ( x AND z ) OR ( y AND (NOT z) ) *//*----------------------------------------------------------------------------*/#define G( x, y, z) ( ( x & z ) | ( y & (~z) ) )/******************************************************************************//* Implement the MD5 algorithm's "H" function. This function performs a *//* transform on three input words, designated x, y, and z, producing a *//* single word output value. The transform is: *//* *//* output = ( x XOR y XOR z ) *//*----------------------------------------------------------------------------*/#define H( x, y, z) ( x ^ y ^ z )/******************************************************************************//* Implement the MD5 algorithm's "I" function. This function performs a *//* transform on three input words, designated x, y, and z, producing a *//* single word output value. The transform is: *//* *//* output = ( y XOR ( x OR (NOT z) ) ) *//*----------------------------------------------------------------------------*/#define I( x, y, z) ( y ^ ( x | (~z) ) )/*----------------------------------------------------------------------------*//* *//* Define the MD5 "T[]" table. This table consists of 64 4-byte (MD5_word) *//* entries, designated T[1] through T[64]. (Note that this is different from */⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -