diff options
| author | George Hazan <george.hazan@gmail.com> | 2013-11-20 12:50:15 +0000 |
|---|---|---|
| committer | George Hazan <george.hazan@gmail.com> | 2013-11-20 12:50:15 +0000 |
| commit | ca2a90cb613a130b878b9ac4db6708bbd140b66b (patch) | |
| tree | 79d3ab279d24b7cc3effacf62d5de89203fab595 /src/core/stdcrypt | |
| parent | a90a4275934b9b3c5889b3fbf3fb312a83714ede (diff) | |
trying to use the strong provider first
git-svn-id: http://svn.miranda-ng.org/main/trunk@6945 1316c22d-e87f-b044-9b9b-93d7a3e3ba9c
Diffstat (limited to 'src/core/stdcrypt')
| -rw-r--r-- | src/core/stdcrypt/utils.cpp | 596 |
1 files changed, 297 insertions, 299 deletions
diff --git a/src/core/stdcrypt/utils.cpp b/src/core/stdcrypt/utils.cpp index c9bdb70c43..3ef8b7bdf7 100644 --- a/src/core/stdcrypt/utils.cpp +++ b/src/core/stdcrypt/utils.cpp @@ -27,12 +27,10 @@ bool getRandomBytes(BYTE *buf, size_t bufLen) {
// try to use Intel hardware randomizer first
HCRYPTPROV hProvider = NULL;
- if (::CryptAcquireContext(&hProvider, NULL, _T("Intel Hardware Cryptographic Service Provider"), PROV_INTEL_SEC, 0)) {
- ::CryptGenRandom(hProvider, DWORD(bufLen), buf);
- ::CryptReleaseContext(hProvider, 0);
- }
- // no luck? try to use RSA
- else if (::CryptAcquireContext(&hProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
+ if (::CryptAcquireContext(&hProvider, NULL, _T("Intel Hardware Cryptographic Service Provider"), PROV_INTEL_SEC, 0) ||
+ ::CryptAcquireContext(&hProvider, NULL, MS_STRONG_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT) ||
+ ::CryptAcquireContext(&hProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
+ {
::CryptGenRandom(hProvider, DWORD(bufLen), buf);
::CryptReleaseContext(hProvider, 0);
}
@@ -50,299 +48,299 @@ bool getRandomBytes(BYTE *buf, size_t bufLen) /////////////////////////////////////////////////////////////////////////////////////////
-struct SHA256_CONTEXT -{ - UINT32 h0, h1, h2, h3, h4, h5, h6, h7; - UINT32 nblocks; - BYTE buf[64]; - int count; -}; - -static void sha256_init(SHA256_CONTEXT *hd) -{ - hd->h0 = 0x6a09e667; - hd->h1 = 0xbb67ae85; - hd->h2 = 0x3c6ef372; - hd->h3 = 0xa54ff53a; - hd->h4 = 0x510e527f; - hd->h5 = 0x9b05688c; - hd->h6 = 0x1f83d9ab; - hd->h7 = 0x5be0cd19; - - hd->nblocks = 0; - hd->count = 0; -} - -/* -Transform the message X which consists of 16 32-bit-words. See FIPS -180-2 for details. */ -#define ror(x,n) ( ((x) >> (n)) | ((x) << (32-(n))) ) -#define S0(x) (ror ((x), 7) ^ ror ((x), 18) ^ ((x) >> 3)) /* (4.6) */ -#define S1(x) (ror ((x), 17) ^ ror ((x), 19) ^ ((x) >> 10)) /* (4.7) */ -#define R(a,b,c,d,e,f,g,h,k,w) do \ -{ \ - t1 = (h)+Sum1((e)) + Cho((e), (f), (g)) + (k)+(w); \ - t2 = Sum0((a)) + Maj((a), (b), (c)); \ - h = g; \ - g = f; \ - f = e; \ - e = d + t1; \ - d = c; \ - c = b; \ - b = a; \ - a = t1 + t2; \ -} while (0) - -/* (4.2) same as SHA-1's F1. */ -static inline UINT32 -Cho(UINT32 x, UINT32 y, UINT32 z) -{ - return (z ^ (x & (y ^ z))); -} - -/* (4.3) same as SHA-1's F3 */ -static inline UINT32 -Maj(UINT32 x, UINT32 y, UINT32 z) -{ - return ((x & y) | (z & (x | y))); -} - -/* (4.4) */ -static inline UINT32 Sum0(UINT32 x) -{ - return (ror(x, 2) ^ ror(x, 13) ^ ror(x, 22)); -} - -/* (4.5) */ -static inline UINT32 -Sum1(UINT32 x) -{ - return (ror(x, 6) ^ ror(x, 11) ^ ror(x, 25)); -} - - -static void transform(SHA256_CONTEXT *hd, const unsigned char *data) -{ - static const UINT32 K[64] = { - 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, - 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, - 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, - 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, - 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, - 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, - 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, - 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, - 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, - 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, - 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, - 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, - 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, - 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, - 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, - 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 - }; - - UINT32 a, b, c, d, e, f, g, h, t1, t2; - UINT32 x[16]; - UINT32 w[64]; - int i; - - a = hd->h0; - b = hd->h1; - c = hd->h2; - d = hd->h3; - e = hd->h4; - f = hd->h5; - g = hd->h6; - h = hd->h7; - -#ifdef WORDS_BIGENDIAN - memcpy(x, data, 64); -#else - { - BYTE *p2; - - for (i = 0, p2 = (BYTE*)x; i < 16; i++, p2 += 4) { - p2[3] = *data++; - p2[2] = *data++; - p2[1] = *data++; - p2[0] = *data++; - } - } -#endif - - for (i = 0; i < 16; i++) - w[i] = x[i]; - for (; i < 64; i++) - w[i] = S1(w[i - 2]) + w[i - 7] + S0(w[i - 15]) + w[i - 16]; - - for (i = 0; i < 64;) - { -#if 0 - R(a, b, c, d, e, f, g, h, K[i], w[i]); - i++; -#else - t1 = h + Sum1(e) + Cho(e, f, g) + K[i] + w[i]; - t2 = Sum0(a) + Maj(a, b, c); - d += t1; - h = t1 + t2; - - t1 = g + Sum1(d) + Cho(d, e, f) + K[i + 1] + w[i + 1]; - t2 = Sum0(h) + Maj(h, a, b); - c += t1; - g = t1 + t2; - - t1 = f + Sum1(c) + Cho(c, d, e) + K[i + 2] + w[i + 2]; - t2 = Sum0(g) + Maj(g, h, a); - b += t1; - f = t1 + t2; - - t1 = e + Sum1(b) + Cho(b, c, d) + K[i + 3] + w[i + 3]; - t2 = Sum0(f) + Maj(f, g, h); - a += t1; - e = t1 + t2; - - t1 = d + Sum1(a) + Cho(a, b, c) + K[i + 4] + w[i + 4]; - t2 = Sum0(e) + Maj(e, f, g); - h += t1; - d = t1 + t2; - - t1 = c + Sum1(h) + Cho(h, a, b) + K[i + 5] + w[i + 5]; - t2 = Sum0(d) + Maj(d, e, f); - g += t1; - c = t1 + t2; - - t1 = b + Sum1(g) + Cho(g, h, a) + K[i + 6] + w[i + 6]; - t2 = Sum0(c) + Maj(c, d, e); - f += t1; - b = t1 + t2; - - t1 = a + Sum1(f) + Cho(f, g, h) + K[i + 7] + w[i + 7]; - t2 = Sum0(b) + Maj(b, c, d); - e += t1; - a = t1 + t2; - - i += 8; -#endif - } - - hd->h0 += a; - hd->h1 += b; - hd->h2 += c; - hd->h3 += d; - hd->h4 += e; - hd->h5 += f; - hd->h6 += g; - hd->h7 += h; -} -#undef S0 -#undef S1 -#undef R - - -/* Update the message digest with the contents of INBUF with length -INLEN. */ -static void sha256_write(SHA256_CONTEXT *hd, const void *inbuf_arg, size_t inlen) -{ - const unsigned char *inbuf = (const unsigned char *)inbuf_arg; - - if (hd->count == 64) - { /* flush the buffer */ - transform(hd, hd->buf); - hd->count = 0; - hd->nblocks++; - } - if (!inbuf) - return; - if (hd->count) - { - for (; inlen && hd->count < 64; inlen--) - hd->buf[hd->count++] = *inbuf++; - sha256_write(hd, NULL, 0); - if (!inlen) - return; - } - - while (inlen >= 64) - { - transform(hd, inbuf); - hd->count = 0; - hd->nblocks++; - inlen -= 64; - inbuf += 64; - } - for (; inlen && hd->count < 64; inlen--) - hd->buf[hd->count++] = *inbuf++; -} - - -/* -The routine finally terminates the computation and returns the -digest. The handle is prepared for a new cycle, but adding bytes -to the handle will the destroy the returned buffer. Returns: 32 -bytes with the message the digest. */ -static void sha256_final(SHA256_CONTEXT *hd, BYTE tmpHash[32]) -{ - UINT32 t, msb, lsb; - - sha256_write(hd, NULL, 0); /* flush */; - - t = hd->nblocks; - /* multiply by 64 to make a BYTE count */ - lsb = t << 6; - msb = t >> 26; - /* add the count */ - t = lsb; - if ((lsb += hd->count) < t) - msb++; - /* multiply by 8 to make a bit count */ - t = lsb; - lsb <<= 3; - msb <<= 3; - msb |= t >> 29; - - if (hd->count < 56) - { /* enough room */ - hd->buf[hd->count++] = 0x80; /* pad */ - while (hd->count < 56) - hd->buf[hd->count++] = 0; /* pad */ - } - else - { /* need one extra block */ - hd->buf[hd->count++] = 0x80; /* pad character */ - while (hd->count < 64) - hd->buf[hd->count++] = 0; - sha256_write(hd, NULL, 0); /* flush */; - memset(hd->buf, 0, 56); /* fill next block with zeroes */ - } - /* append the 64 bit count */ - hd->buf[56] = msb >> 24; - hd->buf[57] = msb >> 16; - hd->buf[58] = msb >> 8; - hd->buf[59] = msb; - hd->buf[60] = lsb >> 24; - hd->buf[61] = lsb >> 16; - hd->buf[62] = lsb >> 8; - hd->buf[63] = lsb; - transform(hd, hd->buf); - - BYTE *p = tmpHash; -#ifdef WORDS_BIGENDIAN -#define X(a) do { *(UINT32*)p = hd->h##a ; p += 4; } while(0) -#else /* little endian */ -#define X(a) do { *p++ = hd->h##a >> 24; *p++ = hd->h##a >> 16; \ - *p++ = hd->h##a >> 8; *p++ = hd->h##a; } while (0) -#endif - X(0); - X(1); - X(2); - X(3); - X(4); - X(5); - X(6); - X(7); -#undef X -} +struct SHA256_CONTEXT
+{
+ UINT32 h0, h1, h2, h3, h4, h5, h6, h7;
+ UINT32 nblocks;
+ BYTE buf[64];
+ int count;
+};
+
+static void sha256_init(SHA256_CONTEXT *hd)
+{
+ hd->h0 = 0x6a09e667;
+ hd->h1 = 0xbb67ae85;
+ hd->h2 = 0x3c6ef372;
+ hd->h3 = 0xa54ff53a;
+ hd->h4 = 0x510e527f;
+ hd->h5 = 0x9b05688c;
+ hd->h6 = 0x1f83d9ab;
+ hd->h7 = 0x5be0cd19;
+
+ hd->nblocks = 0;
+ hd->count = 0;
+}
+
+/*
+Transform the message X which consists of 16 32-bit-words. See FIPS
+180-2 for details. */
+#define ror(x,n) ( ((x) >> (n)) | ((x) << (32-(n))) )
+#define S0(x) (ror ((x), 7) ^ ror ((x), 18) ^ ((x) >> 3)) /* (4.6) */
+#define S1(x) (ror ((x), 17) ^ ror ((x), 19) ^ ((x) >> 10)) /* (4.7) */
+#define R(a,b,c,d,e,f,g,h,k,w) do \
+{ \
+ t1 = (h)+Sum1((e)) + Cho((e), (f), (g)) + (k)+(w); \
+ t2 = Sum0((a)) + Maj((a), (b), (c)); \
+ h = g; \
+ g = f; \
+ f = e; \
+ e = d + t1; \
+ d = c; \
+ c = b; \
+ b = a; \
+ a = t1 + t2; \
+} while (0)
+
+/* (4.2) same as SHA-1's F1. */
+static inline UINT32
+Cho(UINT32 x, UINT32 y, UINT32 z)
+{
+ return (z ^ (x & (y ^ z)));
+}
+
+/* (4.3) same as SHA-1's F3 */
+static inline UINT32
+Maj(UINT32 x, UINT32 y, UINT32 z)
+{
+ return ((x & y) | (z & (x | y)));
+}
+
+/* (4.4) */
+static inline UINT32 Sum0(UINT32 x)
+{
+ return (ror(x, 2) ^ ror(x, 13) ^ ror(x, 22));
+}
+
+/* (4.5) */
+static inline UINT32
+Sum1(UINT32 x)
+{
+ return (ror(x, 6) ^ ror(x, 11) ^ ror(x, 25));
+}
+
+
+static void transform(SHA256_CONTEXT *hd, const unsigned char *data)
+{
+ static const UINT32 K[64] = {
+ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
+ 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+ 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+ 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+ 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
+ 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+ 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
+ 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+ 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+ 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+ 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
+ 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+ 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
+ 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+ 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+ 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+ };
+
+ UINT32 a, b, c, d, e, f, g, h, t1, t2;
+ UINT32 x[16];
+ UINT32 w[64];
+ int i;
+
+ a = hd->h0;
+ b = hd->h1;
+ c = hd->h2;
+ d = hd->h3;
+ e = hd->h4;
+ f = hd->h5;
+ g = hd->h6;
+ h = hd->h7;
+
+#ifdef WORDS_BIGENDIAN
+ memcpy(x, data, 64);
+#else
+ {
+ BYTE *p2;
+
+ for (i = 0, p2 = (BYTE*)x; i < 16; i++, p2 += 4) {
+ p2[3] = *data++;
+ p2[2] = *data++;
+ p2[1] = *data++;
+ p2[0] = *data++;
+ }
+ }
+#endif
+
+ for (i = 0; i < 16; i++)
+ w[i] = x[i];
+ for (; i < 64; i++)
+ w[i] = S1(w[i - 2]) + w[i - 7] + S0(w[i - 15]) + w[i - 16];
+
+ for (i = 0; i < 64;)
+ {
+#if 0
+ R(a, b, c, d, e, f, g, h, K[i], w[i]);
+ i++;
+#else
+ t1 = h + Sum1(e) + Cho(e, f, g) + K[i] + w[i];
+ t2 = Sum0(a) + Maj(a, b, c);
+ d += t1;
+ h = t1 + t2;
+
+ t1 = g + Sum1(d) + Cho(d, e, f) + K[i + 1] + w[i + 1];
+ t2 = Sum0(h) + Maj(h, a, b);
+ c += t1;
+ g = t1 + t2;
+
+ t1 = f + Sum1(c) + Cho(c, d, e) + K[i + 2] + w[i + 2];
+ t2 = Sum0(g) + Maj(g, h, a);
+ b += t1;
+ f = t1 + t2;
+
+ t1 = e + Sum1(b) + Cho(b, c, d) + K[i + 3] + w[i + 3];
+ t2 = Sum0(f) + Maj(f, g, h);
+ a += t1;
+ e = t1 + t2;
+
+ t1 = d + Sum1(a) + Cho(a, b, c) + K[i + 4] + w[i + 4];
+ t2 = Sum0(e) + Maj(e, f, g);
+ h += t1;
+ d = t1 + t2;
+
+ t1 = c + Sum1(h) + Cho(h, a, b) + K[i + 5] + w[i + 5];
+ t2 = Sum0(d) + Maj(d, e, f);
+ g += t1;
+ c = t1 + t2;
+
+ t1 = b + Sum1(g) + Cho(g, h, a) + K[i + 6] + w[i + 6];
+ t2 = Sum0(c) + Maj(c, d, e);
+ f += t1;
+ b = t1 + t2;
+
+ t1 = a + Sum1(f) + Cho(f, g, h) + K[i + 7] + w[i + 7];
+ t2 = Sum0(b) + Maj(b, c, d);
+ e += t1;
+ a = t1 + t2;
+
+ i += 8;
+#endif
+ }
+
+ hd->h0 += a;
+ hd->h1 += b;
+ hd->h2 += c;
+ hd->h3 += d;
+ hd->h4 += e;
+ hd->h5 += f;
+ hd->h6 += g;
+ hd->h7 += h;
+}
+#undef S0
+#undef S1
+#undef R
+
+
+/* Update the message digest with the contents of INBUF with length
+INLEN. */
+static void sha256_write(SHA256_CONTEXT *hd, const void *inbuf_arg, size_t inlen)
+{
+ const unsigned char *inbuf = (const unsigned char *)inbuf_arg;
+
+ if (hd->count == 64)
+ { /* flush the buffer */
+ transform(hd, hd->buf);
+ hd->count = 0;
+ hd->nblocks++;
+ }
+ if (!inbuf)
+ return;
+ if (hd->count)
+ {
+ for (; inlen && hd->count < 64; inlen--)
+ hd->buf[hd->count++] = *inbuf++;
+ sha256_write(hd, NULL, 0);
+ if (!inlen)
+ return;
+ }
+
+ while (inlen >= 64)
+ {
+ transform(hd, inbuf);
+ hd->count = 0;
+ hd->nblocks++;
+ inlen -= 64;
+ inbuf += 64;
+ }
+ for (; inlen && hd->count < 64; inlen--)
+ hd->buf[hd->count++] = *inbuf++;
+}
+
+
+/*
+The routine finally terminates the computation and returns the
+digest. The handle is prepared for a new cycle, but adding bytes
+to the handle will the destroy the returned buffer. Returns: 32
+bytes with the message the digest. */
+static void sha256_final(SHA256_CONTEXT *hd, BYTE tmpHash[32])
+{
+ UINT32 t, msb, lsb;
+
+ sha256_write(hd, NULL, 0); /* flush */;
+
+ t = hd->nblocks;
+ /* multiply by 64 to make a BYTE count */
+ lsb = t << 6;
+ msb = t >> 26;
+ /* add the count */
+ t = lsb;
+ if ((lsb += hd->count) < t)
+ msb++;
+ /* multiply by 8 to make a bit count */
+ t = lsb;
+ lsb <<= 3;
+ msb <<= 3;
+ msb |= t >> 29;
+
+ if (hd->count < 56)
+ { /* enough room */
+ hd->buf[hd->count++] = 0x80; /* pad */
+ while (hd->count < 56)
+ hd->buf[hd->count++] = 0; /* pad */
+ }
+ else
+ { /* need one extra block */
+ hd->buf[hd->count++] = 0x80; /* pad character */
+ while (hd->count < 64)
+ hd->buf[hd->count++] = 0;
+ sha256_write(hd, NULL, 0); /* flush */;
+ memset(hd->buf, 0, 56); /* fill next block with zeroes */
+ }
+ /* append the 64 bit count */
+ hd->buf[56] = msb >> 24;
+ hd->buf[57] = msb >> 16;
+ hd->buf[58] = msb >> 8;
+ hd->buf[59] = msb;
+ hd->buf[60] = lsb >> 24;
+ hd->buf[61] = lsb >> 16;
+ hd->buf[62] = lsb >> 8;
+ hd->buf[63] = lsb;
+ transform(hd, hd->buf);
+
+ BYTE *p = tmpHash;
+#ifdef WORDS_BIGENDIAN
+#define X(a) do { *(UINT32*)p = hd->h##a ; p += 4; } while(0)
+#else /* little endian */
+#define X(a) do { *p++ = hd->h##a >> 24; *p++ = hd->h##a >> 16; \
+ *p++ = hd->h##a >> 8; *p++ = hd->h##a; } while (0)
+#endif
+ X(0);
+ X(1);
+ X(2);
+ X(3);
+ X(4);
+ X(5);
+ X(6);
+ X(7);
+#undef X
+}
static void make_sha256(const void *buf, size_t bufLen, BYTE tmpHash[32])
{
|