| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/des.h" | 5 #include "net/http/des.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 | 8 |
| 9 #if defined(USE_OPENSSL) | 9 #if defined(USE_OPENSSL) |
| 10 #include <openssl/des.h> | 10 #include <openssl/des.h> |
| (...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 57 * use your version of this file under the terms of the MPL, indicate your | 57 * use your version of this file under the terms of the MPL, indicate your |
| 58 * decision by deleting the provisions above and replace them with the notice | 58 * decision by deleting the provisions above and replace them with the notice |
| 59 * and other provisions required by the GPL or the LGPL. If you do not delete | 59 * and other provisions required by the GPL or the LGPL. If you do not delete |
| 60 * the provisions above, a recipient may use your version of this file under | 60 * the provisions above, a recipient may use your version of this file under |
| 61 * the terms of any one of the MPL, the GPL or the LGPL. | 61 * the terms of any one of the MPL, the GPL or the LGPL. |
| 62 * | 62 * |
| 63 * ***** END LICENSE BLOCK ***** */ | 63 * ***** END LICENSE BLOCK ***** */ |
| 64 | 64 |
| 65 // Set odd parity bit (in least significant bit position). | 65 // Set odd parity bit (in least significant bit position). |
| 66 static uint8 DESSetKeyParity(uint8 x) { | 66 static uint8 DESSetKeyParity(uint8 x) { |
| 67 if ((((x >> 7) ^ (x >> 6) ^ (x >> 5) ^ | 67 if ((((x >> 7) ^ (x >> 6) ^ (x >> 5) ^ (x >> 4) ^ (x >> 3) ^ (x >> 2) ^ |
| 68 (x >> 4) ^ (x >> 3) ^ (x >> 2) ^ | 68 (x >> 1)) & |
| 69 (x >> 1)) & 0x01) == 0) { | 69 0x01) == 0) { |
| 70 x |= 0x01; | 70 x |= 0x01; |
| 71 } else { | 71 } else { |
| 72 x &= 0xfe; | 72 x &= 0xfe; |
| 73 } | 73 } |
| 74 return x; | 74 return x; |
| 75 } | 75 } |
| 76 | 76 |
| 77 namespace net { | 77 namespace net { |
| 78 | 78 |
| 79 void DESMakeKey(const uint8* raw, uint8* key) { | 79 void DESMakeKey(const uint8* raw, uint8* key) { |
| (...skipping 10 matching lines...) Expand all Loading... |
| 90 #if defined(USE_OPENSSL) | 90 #if defined(USE_OPENSSL) |
| 91 | 91 |
| 92 void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) { | 92 void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) { |
| 93 crypto::EnsureOpenSSLInit(); | 93 crypto::EnsureOpenSSLInit(); |
| 94 | 94 |
| 95 DES_key_schedule ks; | 95 DES_key_schedule ks; |
| 96 DES_set_key_unchecked( | 96 DES_set_key_unchecked( |
| 97 reinterpret_cast<const_DES_cblock*>(const_cast<uint8*>(key)), &ks); | 97 reinterpret_cast<const_DES_cblock*>(const_cast<uint8*>(key)), &ks); |
| 98 | 98 |
| 99 DES_ecb_encrypt(reinterpret_cast<const_DES_cblock*>(const_cast<uint8*>(src)), | 99 DES_ecb_encrypt(reinterpret_cast<const_DES_cblock*>(const_cast<uint8*>(src)), |
| 100 reinterpret_cast<DES_cblock*>(hash), &ks, DES_ENCRYPT); | 100 reinterpret_cast<DES_cblock*>(hash), |
| 101 &ks, |
| 102 DES_ENCRYPT); |
| 101 } | 103 } |
| 102 | 104 |
| 103 #elif defined(USE_NSS) | 105 #elif defined(USE_NSS) |
| 104 | 106 |
| 105 void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) { | 107 void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) { |
| 106 CK_MECHANISM_TYPE cipher_mech = CKM_DES_ECB; | 108 CK_MECHANISM_TYPE cipher_mech = CKM_DES_ECB; |
| 107 PK11SlotInfo* slot = NULL; | 109 PK11SlotInfo* slot = NULL; |
| 108 PK11SymKey* symkey = NULL; | 110 PK11SymKey* symkey = NULL; |
| 109 PK11Context* ctxt = NULL; | 111 PK11Context* ctxt = NULL; |
| 110 SECItem key_item; | 112 SECItem key_item; |
| 111 SECItem* param = NULL; | 113 SECItem* param = NULL; |
| 112 SECStatus rv; | 114 SECStatus rv; |
| 113 unsigned int n; | 115 unsigned int n; |
| 114 | 116 |
| 115 crypto::EnsureNSSInit(); | 117 crypto::EnsureNSSInit(); |
| 116 | 118 |
| 117 slot = PK11_GetInternalSlot(); | 119 slot = PK11_GetInternalSlot(); |
| 118 if (!slot) | 120 if (!slot) |
| 119 goto done; | 121 goto done; |
| 120 | 122 |
| 121 key_item.data = const_cast<uint8*>(key); | 123 key_item.data = const_cast<uint8*>(key); |
| 122 key_item.len = 8; | 124 key_item.len = 8; |
| 123 symkey = PK11_ImportSymKey(slot, cipher_mech, | 125 symkey = PK11_ImportSymKey( |
| 124 PK11_OriginUnwrap, CKA_ENCRYPT, | 126 slot, cipher_mech, PK11_OriginUnwrap, CKA_ENCRYPT, &key_item, NULL); |
| 125 &key_item, NULL); | |
| 126 if (!symkey) | 127 if (!symkey) |
| 127 goto done; | 128 goto done; |
| 128 | 129 |
| 129 // No initialization vector required. | 130 // No initialization vector required. |
| 130 param = PK11_ParamFromIV(cipher_mech, NULL); | 131 param = PK11_ParamFromIV(cipher_mech, NULL); |
| 131 if (!param) | 132 if (!param) |
| 132 goto done; | 133 goto done; |
| 133 | 134 |
| 134 ctxt = PK11_CreateContextBySymKey(cipher_mech, CKA_ENCRYPT, | 135 ctxt = PK11_CreateContextBySymKey(cipher_mech, CKA_ENCRYPT, symkey, param); |
| 135 symkey, param); | |
| 136 if (!ctxt) | 136 if (!ctxt) |
| 137 goto done; | 137 goto done; |
| 138 | 138 |
| 139 rv = PK11_CipherOp(ctxt, hash, reinterpret_cast<int*>(&n), 8, | 139 rv = PK11_CipherOp( |
| 140 const_cast<uint8*>(src), 8); | 140 ctxt, hash, reinterpret_cast<int*>(&n), 8, const_cast<uint8*>(src), 8); |
| 141 if (rv != SECSuccess) | 141 if (rv != SECSuccess) |
| 142 goto done; | 142 goto done; |
| 143 | 143 |
| 144 // TODO(wtc): Should this be PK11_Finalize? | 144 // TODO(wtc): Should this be PK11_Finalize? |
| 145 rv = PK11_DigestFinal(ctxt, hash+8, &n, 0); | 145 rv = PK11_DigestFinal(ctxt, hash + 8, &n, 0); |
| 146 if (rv != SECSuccess) | 146 if (rv != SECSuccess) |
| 147 goto done; | 147 goto done; |
| 148 | 148 |
| 149 done: | 149 done: |
| 150 if (ctxt) | 150 if (ctxt) |
| 151 PK11_DestroyContext(ctxt, PR_TRUE); | 151 PK11_DestroyContext(ctxt, PR_TRUE); |
| 152 if (symkey) | 152 if (symkey) |
| 153 PK11_FreeSymKey(symkey); | 153 PK11_FreeSymKey(symkey); |
| 154 if (param) | 154 if (param) |
| 155 SECITEM_FreeItem(param, PR_TRUE); | 155 SECITEM_FreeItem(param, PR_TRUE); |
| 156 if (slot) | 156 if (slot) |
| 157 PK11_FreeSlot(slot); | 157 PK11_FreeSlot(slot); |
| 158 } | 158 } |
| 159 | 159 |
| 160 #elif defined(OS_MACOSX) | 160 #elif defined(OS_MACOSX) |
| 161 | 161 |
| 162 void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) { | 162 void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) { |
| 163 CCCryptorStatus status; | 163 CCCryptorStatus status; |
| 164 size_t data_out_moved = 0; | 164 size_t data_out_moved = 0; |
| 165 status = CCCrypt(kCCEncrypt, kCCAlgorithmDES, kCCOptionECBMode, | 165 status = CCCrypt(kCCEncrypt, |
| 166 key, 8, NULL, src, 8, hash, 8, &data_out_moved); | 166 kCCAlgorithmDES, |
| 167 kCCOptionECBMode, |
| 168 key, |
| 169 8, |
| 170 NULL, |
| 171 src, |
| 172 8, |
| 173 hash, |
| 174 8, |
| 175 &data_out_moved); |
| 167 DCHECK(status == kCCSuccess); | 176 DCHECK(status == kCCSuccess); |
| 168 DCHECK(data_out_moved == 8); | 177 DCHECK(data_out_moved == 8); |
| 169 } | 178 } |
| 170 | 179 |
| 171 #elif defined(OS_WIN) | 180 #elif defined(OS_WIN) |
| 172 | 181 |
| 173 void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) { | 182 void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) { |
| 174 crypto::ScopedHCRYPTPROV provider; | 183 crypto::ScopedHCRYPTPROV provider; |
| 175 if (!CryptAcquireContext(provider.receive(), NULL, NULL, PROV_RSA_FULL, | 184 if (!CryptAcquireContext( |
| 176 CRYPT_VERIFYCONTEXT)) | 185 provider.receive(), NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) |
| 177 return; | 186 return; |
| 178 | 187 |
| 179 { | 188 { |
| 180 // Import the DES key. | 189 // Import the DES key. |
| 181 struct KeyBlob { | 190 struct KeyBlob { |
| 182 BLOBHEADER header; | 191 BLOBHEADER header; |
| 183 DWORD key_size; | 192 DWORD key_size; |
| 184 BYTE key_data[8]; | 193 BYTE key_data[8]; |
| 185 }; | 194 }; |
| 186 KeyBlob key_blob; | 195 KeyBlob key_blob; |
| 187 key_blob.header.bType = PLAINTEXTKEYBLOB; | 196 key_blob.header.bType = PLAINTEXTKEYBLOB; |
| 188 key_blob.header.bVersion = CUR_BLOB_VERSION; | 197 key_blob.header.bVersion = CUR_BLOB_VERSION; |
| 189 key_blob.header.reserved = 0; | 198 key_blob.header.reserved = 0; |
| 190 key_blob.header.aiKeyAlg = CALG_DES; | 199 key_blob.header.aiKeyAlg = CALG_DES; |
| 191 key_blob.key_size = 8; // 64 bits | 200 key_blob.key_size = 8; // 64 bits |
| 192 memcpy(key_blob.key_data, key, 8); | 201 memcpy(key_blob.key_data, key, 8); |
| 193 | 202 |
| 194 crypto::ScopedHCRYPTKEY key; | 203 crypto::ScopedHCRYPTKEY key; |
| 195 BOOL import_ok = CryptImportKey(provider, | 204 BOOL import_ok = CryptImportKey(provider, |
| 196 reinterpret_cast<BYTE*>(&key_blob), | 205 reinterpret_cast<BYTE*>(&key_blob), |
| 197 sizeof key_blob, 0, 0, key.receive()); | 206 sizeof key_blob, |
| 207 0, |
| 208 0, |
| 209 key.receive()); |
| 198 // Destroy the copy of the key. | 210 // Destroy the copy of the key. |
| 199 SecureZeroMemory(key_blob.key_data, sizeof key_blob.key_data); | 211 SecureZeroMemory(key_blob.key_data, sizeof key_blob.key_data); |
| 200 if (!import_ok) | 212 if (!import_ok) |
| 201 return; | 213 return; |
| 202 | 214 |
| 203 // No initialization vector required. | 215 // No initialization vector required. |
| 204 DWORD cipher_mode = CRYPT_MODE_ECB; | 216 DWORD cipher_mode = CRYPT_MODE_ECB; |
| 205 if (!CryptSetKeyParam(key, KP_MODE, reinterpret_cast<BYTE*>(&cipher_mode), | 217 if (!CryptSetKeyParam( |
| 206 0)) | 218 key, KP_MODE, reinterpret_cast<BYTE*>(&cipher_mode), 0)) |
| 207 return; | 219 return; |
| 208 | 220 |
| 209 // CryptoAPI requires us to copy the plaintext to the output buffer first. | 221 // CryptoAPI requires us to copy the plaintext to the output buffer first. |
| 210 CopyMemory(hash, src, 8); | 222 CopyMemory(hash, src, 8); |
| 211 // Pass a 'Final' of FALSE, otherwise CryptEncrypt appends one additional | 223 // Pass a 'Final' of FALSE, otherwise CryptEncrypt appends one additional |
| 212 // block of padding to the data. | 224 // block of padding to the data. |
| 213 DWORD hash_len = 8; | 225 DWORD hash_len = 8; |
| 214 CryptEncrypt(key, 0, FALSE, 0, hash, &hash_len, 8); | 226 CryptEncrypt(key, 0, FALSE, 0, hash, &hash_len, 8); |
| 215 } | 227 } |
| 216 } | 228 } |
| 217 | 229 |
| 218 #endif | 230 #endif |
| 219 | 231 |
| 220 } // namespace net | 232 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
