Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(105)

Side by Side Diff: base/hmac_win.cc

Issue 6805019: Move crypto files out of base, to a top level directory. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
(Empty)
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "base/hmac.h"
6
7 #include <windows.h>
8 #include <wincrypt.h>
9
10 #include <algorithm>
11 #include <vector>
12
13 #include "base/crypto/scoped_capi_types.h"
14 #include "base/logging.h"
15 #include "base/third_party/nss/blapi.h"
16 #include "base/third_party/nss/sha256.h"
17
18 namespace base {
19
20 namespace {
21
22 // Implementation of HMAC-SHA-256:
23 //
24 // SHA-256 is supported in Windows XP SP3 or later. We still need to support
25 // Windows XP SP2, so unfortunately we have to implement HMAC-SHA-256 here.
26
27 enum {
28 SHA256_BLOCK_SIZE = 64 // Block size (in bytes) of the input to SHA-256.
29 };
30
31 // See FIPS 198: The Keyed-Hash Message Authentication Code (HMAC).
32 void ComputeHMACSHA256(const unsigned char* key, size_t key_len,
33 const unsigned char* text, size_t text_len,
34 unsigned char* output, size_t output_len) {
35 SHA256Context ctx;
36
37 // Pre-process the key, if necessary.
38 unsigned char key0[SHA256_BLOCK_SIZE];
39 if (key_len > SHA256_BLOCK_SIZE) {
40 SHA256_Begin(&ctx);
41 SHA256_Update(&ctx, key, key_len);
42 SHA256_End(&ctx, key0, NULL, SHA256_LENGTH);
43 memset(key0 + SHA256_LENGTH, 0, SHA256_BLOCK_SIZE - SHA256_LENGTH);
44 } else {
45 memcpy(key0, key, key_len);
46 memset(key0 + key_len, 0, SHA256_BLOCK_SIZE - key_len);
47 }
48
49 unsigned char padded_key[SHA256_BLOCK_SIZE];
50 unsigned char inner_hash[SHA256_LENGTH];
51
52 // XOR key0 with ipad.
53 for (int i = 0; i < SHA256_BLOCK_SIZE; ++i)
54 padded_key[i] = key0[i] ^ 0x36;
55
56 // Compute the inner hash.
57 SHA256_Begin(&ctx);
58 SHA256_Update(&ctx, padded_key, SHA256_BLOCK_SIZE);
59 SHA256_Update(&ctx, text, text_len);
60 SHA256_End(&ctx, inner_hash, NULL, SHA256_LENGTH);
61
62 // XOR key0 with opad.
63 for (int i = 0; i < SHA256_BLOCK_SIZE; ++i)
64 padded_key[i] = key0[i] ^ 0x5c;
65
66 // Compute the outer hash.
67 SHA256_Begin(&ctx);
68 SHA256_Update(&ctx, padded_key, SHA256_BLOCK_SIZE);
69 SHA256_Update(&ctx, inner_hash, SHA256_LENGTH);
70 SHA256_End(&ctx, output, NULL, output_len);
71 }
72
73 } // namespace
74
75 struct HMACPlatformData {
76 ~HMACPlatformData() {
77 if (!raw_key_.empty()) {
78 SecureZeroMemory(&raw_key_[0], raw_key_.size());
79 }
80
81 // Destroy the key before releasing the provider.
82 key_.reset();
83 }
84
85 ScopedHCRYPTPROV provider_;
86 ScopedHCRYPTKEY key_;
87
88 // For HMAC-SHA-256 only.
89 std::vector<unsigned char> raw_key_;
90 };
91
92 HMAC::HMAC(HashAlgorithm hash_alg)
93 : hash_alg_(hash_alg), plat_(new HMACPlatformData()) {
94 // Only SHA-1 and SHA-256 hash algorithms are supported now.
95 DCHECK(hash_alg_ == SHA1 || hash_alg_ == SHA256);
96 }
97
98 bool HMAC::Init(const unsigned char* key, int key_length) {
99 if (plat_->provider_ || plat_->key_ || !plat_->raw_key_.empty()) {
100 // Init must not be called more than once on the same HMAC object.
101 NOTREACHED();
102 return false;
103 }
104
105 if (hash_alg_ == SHA256) {
106 if (key_length < SHA256_LENGTH / 2)
107 return false; // Key is too short.
108 plat_->raw_key_.assign(key, key + key_length);
109 return true;
110 }
111
112 if (!CryptAcquireContext(plat_->provider_.receive(), NULL, NULL,
113 PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
114 NOTREACHED();
115 return false;
116 }
117
118 // This code doesn't work on Win2k because PLAINTEXTKEYBLOB and
119 // CRYPT_IPSEC_HMAC_KEY are not supported on Windows 2000. PLAINTEXTKEYBLOB
120 // allows the import of an unencrypted key. For Win2k support, a cubmbersome
121 // exponent-of-one key procedure must be used:
122 // http://support.microsoft.com/kb/228786/en-us
123 // CRYPT_IPSEC_HMAC_KEY allows keys longer than 16 bytes.
124
125 struct KeyBlob {
126 BLOBHEADER header;
127 DWORD key_size;
128 BYTE key_data[1];
129 };
130 size_t key_blob_size = std::max(offsetof(KeyBlob, key_data) + key_length,
131 sizeof(KeyBlob));
132 std::vector<BYTE> key_blob_storage = std::vector<BYTE>(key_blob_size);
133 KeyBlob* key_blob = reinterpret_cast<KeyBlob*>(&key_blob_storage[0]);
134 key_blob->header.bType = PLAINTEXTKEYBLOB;
135 key_blob->header.bVersion = CUR_BLOB_VERSION;
136 key_blob->header.reserved = 0;
137 key_blob->header.aiKeyAlg = CALG_RC2;
138 key_blob->key_size = key_length;
139 memcpy(key_blob->key_data, key, key_length);
140
141 if (!CryptImportKey(plat_->provider_, &key_blob_storage[0],
142 key_blob_storage.size(), 0, CRYPT_IPSEC_HMAC_KEY,
143 plat_->key_.receive())) {
144 NOTREACHED();
145 return false;
146 }
147
148 // Destroy the copy of the key.
149 SecureZeroMemory(key_blob->key_data, key_length);
150
151 return true;
152 }
153
154 HMAC::~HMAC() {
155 }
156
157 bool HMAC::Sign(const std::string& data,
158 unsigned char* digest,
159 int digest_length) {
160 if (hash_alg_ == SHA256) {
161 if (plat_->raw_key_.empty())
162 return false;
163 ComputeHMACSHA256(&plat_->raw_key_[0], plat_->raw_key_.size(),
164 reinterpret_cast<const unsigned char*>(data.data()),
165 data.size(), digest, digest_length);
166 return true;
167 }
168
169 if (!plat_->provider_ || !plat_->key_)
170 return false;
171
172 if (hash_alg_ != SHA1) {
173 NOTREACHED();
174 return false;
175 }
176
177 ScopedHCRYPTHASH hash;
178 if (!CryptCreateHash(plat_->provider_, CALG_HMAC, plat_->key_, 0,
179 hash.receive()))
180 return false;
181
182 HMAC_INFO hmac_info;
183 memset(&hmac_info, 0, sizeof(hmac_info));
184 hmac_info.HashAlgid = CALG_SHA1;
185 if (!CryptSetHashParam(hash, HP_HMAC_INFO,
186 reinterpret_cast<BYTE*>(&hmac_info), 0))
187 return false;
188
189 if (!CryptHashData(hash, reinterpret_cast<const BYTE*>(data.data()),
190 static_cast<DWORD>(data.size()), 0))
191 return false;
192
193 DWORD sha1_size = digest_length;
194 return !!CryptGetHashParam(hash, HP_HASHVAL, digest, &sha1_size, 0);
195 }
196
197 } // namespace base
OLDNEW
« no previous file with comments | « base/hmac_unittest.cc ('k') | base/nss_util.h » ('j') | base/nss_util.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698