From 623722f7cc4c20d2b7d8df03035801acacda6018 Mon Sep 17 00:00:00 2001 From: George Hazan Date: Thu, 15 Aug 2013 20:00:29 +0000 Subject: mir_sha1_byte_t => BYTE; mir_sha1_long_t => ULONG; mir_hmac_sha1 went to core git-svn-id: http://svn.miranda-ng.org/main/trunk@5707 1316c22d-e87f-b044-9b9b-93d7a3e3ba9c --- bin10/lib/mir_core.lib | Bin 50334 -> 50550 bytes bin10/lib/mir_core64.lib | Bin 45804 -> 45996 bytes bin11/lib/mir_core.lib | Bin 50334 -> 50550 bytes bin11/lib/mir_core64.lib | Bin 45804 -> 45996 bytes include/delphi/m_core.inc | 2 + include/m_core.h | 17 +- protocols/Gadu-Gadu/src/avatar.cpp | 2 +- protocols/Gadu-Gadu/src/oauth.cpp | 46 +---- protocols/JabberG/src/jabber_iqid.cpp | 4 +- protocols/JabberG/src/jabber_secur.cpp | 68 ++----- protocols/JabberG/src/jabber_secur.h | 2 +- protocols/JabberG/src/jabber_svc.cpp | 4 +- protocols/JabberG/src/jabber_util.cpp | 8 +- protocols/JabberG/src/jabber_vcard.cpp | 4 +- protocols/MRA/Mra_10.vcxproj | 1 - protocols/MRA/Mra_10.vcxproj.filters | 3 - protocols/MRA/Mra_11.vcxproj | 1 - protocols/MRA/Mra_11.vcxproj.filters | 3 - protocols/MRA/src/MraUtils.cpp | 60 ------- protocols/MRA/src/Mra_functions.cpp | 4 +- protocols/MSN/src/msn_auth.cpp | 72 ++------ protocols/MSN/src/msn_misc.cpp | 2 +- protocols/Tlen/src/jabber_util.cpp | 8 +- protocols/Tlen/src/tlen_picture.cpp | 4 +- protocols/Twitter/src/oauth.cpp | 238 +------------------------ protocols/Twitter/src/oauth/sha1.c | 317 --------------------------------- protocols/Twitter/src/utility.h | 1 - src/mir_core/mir_core.def | 1 + src/mir_core/sha1.cpp | 44 ++++- 29 files changed, 109 insertions(+), 807 deletions(-) delete mode 100644 protocols/MRA/src/MraUtils.cpp delete mode 100644 protocols/Twitter/src/oauth/sha1.c diff --git a/bin10/lib/mir_core.lib b/bin10/lib/mir_core.lib index a24dcf97d5..904590a4b9 100644 Binary files a/bin10/lib/mir_core.lib and b/bin10/lib/mir_core.lib differ diff --git a/bin10/lib/mir_core64.lib b/bin10/lib/mir_core64.lib index 34369a56c8..47ad270cfa 100644 Binary files a/bin10/lib/mir_core64.lib and b/bin10/lib/mir_core64.lib differ diff --git a/bin11/lib/mir_core.lib b/bin11/lib/mir_core.lib index ceda7d9ebf..e2a2177eec 100644 Binary files a/bin11/lib/mir_core.lib and b/bin11/lib/mir_core.lib differ diff --git a/bin11/lib/mir_core64.lib b/bin11/lib/mir_core64.lib index 917eae0aec..2648c70498 100644 Binary files a/bin11/lib/mir_core64.lib and b/bin11/lib/mir_core64.lib differ diff --git a/include/delphi/m_core.inc b/include/delphi/m_core.inc index 0435eab92f..7462e63d9a 100644 --- a/include/delphi/m_core.inc +++ b/include/delphi/m_core.inc @@ -593,6 +593,8 @@ procedure mir_sha1_finish(ctx:pmir_sha1_ctx; hashout:SHA1Hash); stdcall; procedure mir_sha1_hash(dataIn:pmir_sha1_byte_t; len:int;hashout:SHA1Hash); stdcall; external CoreDLL name 'mir_sha1_hash'; +procedure mir_hmac_sha1(hashout:SHA1Hash; const key:pmir_sha1_byte_t; keyLen:size_t; const dataIn:pmir_sha1_byte_t; dataLen:size_t); stdcall; + external CoreDLL name 'mir_hmac_sha1'; /////////////////////////////////////////////////////////////////////////////// // strings diff --git a/include/m_core.h b/include/m_core.h index 73937eb366..3fdb81a747 100644 --- a/include/m_core.h +++ b/include/m_core.h @@ -654,22 +654,21 @@ MIR_CORE_DLL(int) ProtoGetAvatarFileFormat(const TCHAR *ptszFileName); /////////////////////////////////////////////////////////////////////////////// // sha1 functions -typedef unsigned char mir_sha1_byte_t; -typedef unsigned long mir_sha1_long_t; - #define MIR_SHA1_HASH_SIZE 20 typedef struct { - mir_sha1_long_t H[5]; - mir_sha1_long_t W[80]; + ULONG H[5]; + ULONG W[80]; int lenW; - mir_sha1_long_t sizeHi, sizeLo; + ULONG sizeHi, sizeLo; } mir_sha1_ctx; MIR_CORE_DLL(void) mir_sha1_init(mir_sha1_ctx *ctx); -MIR_CORE_DLL(void) mir_sha1_append(mir_sha1_ctx *ctx, mir_sha1_byte_t *dataIn, int len); -MIR_CORE_DLL(void) mir_sha1_finish(mir_sha1_ctx *ctx, mir_sha1_byte_t hashout[20]); -MIR_CORE_DLL(void) mir_sha1_hash(mir_sha1_byte_t *dataIn, int len, mir_sha1_byte_t hashout[20]); +MIR_CORE_DLL(void) mir_sha1_append(mir_sha1_ctx *ctx, const BYTE *dataIn, int len); +MIR_CORE_DLL(void) mir_sha1_finish(mir_sha1_ctx *ctx, BYTE hashout[MIR_SHA1_HASH_SIZE]); +MIR_CORE_DLL(void) mir_sha1_hash(BYTE *dataIn, int len, BYTE hashout[MIR_SHA1_HASH_SIZE]); + +MIR_CORE_DLL(void) mir_hmac_sha1(BYTE hashout[MIR_SHA1_HASH_SIZE], const BYTE *key, size_t keylen, const BYTE *text, size_t textlen); /////////////////////////////////////////////////////////////////////////////// // strings diff --git a/protocols/Gadu-Gadu/src/avatar.cpp b/protocols/Gadu-Gadu/src/avatar.cpp index 400182613c..05d4f8781a 100644 --- a/protocols/Gadu-Gadu/src/avatar.cpp +++ b/protocols/Gadu-Gadu/src/avatar.cpp @@ -114,7 +114,7 @@ char *gg_avatarhash(char *param) if (param == NULL || (result = (char *)mir_alloc(MIR_SHA1_HASH_SIZE * 2 + 1)) == NULL) return NULL; - mir_sha1_byte_t digest[MIR_SHA1_HASH_SIZE]; + BYTE digest[MIR_SHA1_HASH_SIZE]; mir_sha1_hash((BYTE*)param, (int)strlen(param), digest); return bin2hex(digest, sizeof(digest), result); } diff --git a/protocols/Gadu-Gadu/src/oauth.cpp b/protocols/Gadu-Gadu/src/oauth.cpp index e2484a3838..7f428319e7 100644 --- a/protocols/Gadu-Gadu/src/oauth.cpp +++ b/protocols/Gadu-Gadu/src/oauth.cpp @@ -50,46 +50,6 @@ static int paramsortFunc(const OAUTHPARAMETER *p1, const OAUTHPARAMETER *p2) return res != 0 ? res : strcmp(p1->value, p2->value); } -// HMAC-SHA1 (see RFC 2104 for details) -void hmacsha1_hash(mir_sha1_byte_t *text, int text_len, mir_sha1_byte_t *key, int key_len, - mir_sha1_byte_t digest[MIR_SHA1_HASH_SIZE]) -{ - mir_sha1_ctx context; - mir_sha1_byte_t k_ipad[64]; - mir_sha1_byte_t k_opad[64]; - int i; - - if (key_len > 64) { - mir_sha1_ctx tctx; - mir_sha1_byte_t tk[MIR_SHA1_HASH_SIZE]; - - mir_sha1_init(&tctx); - mir_sha1_append(&tctx, key, key_len); - mir_sha1_finish(&tctx, tk); - - key = tk; - key_len = MIR_SHA1_HASH_SIZE; - } - - memset(k_ipad, 0x36, 64); - memset(k_opad, 0x5c, 64); - - for (i = 0; i < key_len; i++) { - k_ipad[i] ^= key[i]; - k_opad[i] ^= key[i]; - } - - mir_sha1_init(&context); - mir_sha1_append(&context, k_ipad, 64); - mir_sha1_append(&context, text, text_len); - mir_sha1_finish(&context, digest); - - mir_sha1_init(&context); - mir_sha1_append(&context, k_opad, 64); - mir_sha1_append(&context, digest, MIR_SHA1_HASH_SIZE); - mir_sha1_finish(&context, digest); -} - // see RFC 3986 for details #define isunreserved(c) ( isalnum((unsigned char)c) || c == '-' || c == '.' || c == '_' || c == '~') char *oauth_uri_escape(const char *str) @@ -239,12 +199,10 @@ int oauth_sign_request(LIST ¶ms, const char *httpmethod, con strcat(key, "&"); strcat(key, tsenc); - mir_sha1_byte_t digest[MIR_SHA1_HASH_SIZE]; - hmacsha1_hash((BYTE*)(char*)text, (int)strlen(text), (BYTE*)(char*)key, (int)strlen(key), digest); + BYTE digest[MIR_SHA1_HASH_SIZE]; + mir_hmac_sha1(digest, (BYTE*)(char*)text, strlen(text), (BYTE*)(char*)key, strlen(key)); sign = mir_base64_encode(digest, MIR_SHA1_HASH_SIZE); } -// else if (!strcmp(signmethod, "RSA-SHA1")) { // unimplemented -// } else { // PLAINTEXT ptrA csenc( oauth_uri_escape(consumer_secret)); ptrA tsenc( oauth_uri_escape(token_secret)); diff --git a/protocols/JabberG/src/jabber_iqid.cpp b/protocols/JabberG/src/jabber_iqid.cpp index 9c17f9bd8b..db937bee8c 100644 --- a/protocols/JabberG/src/jabber_iqid.cpp +++ b/protocols/JabberG/src/jabber_iqid.cpp @@ -1474,10 +1474,10 @@ LBL_ErrFormat: setByte(hContact, "AvatarType", pictureType); - mir_sha1_byte_t digest[20]; + BYTE digest[20]; mir_sha1_ctx sha; mir_sha1_init(&sha); - mir_sha1_append(&sha, (mir_sha1_byte_t*)(char*)body, resultLen); + mir_sha1_append(&sha, (BYTE*)(char*)body, resultLen); mir_sha1_finish(&sha, digest); GetAvatarFileName(hContact, tszFileName, SIZEOF(tszFileName)); diff --git a/protocols/JabberG/src/jabber_secur.cpp b/protocols/JabberG/src/jabber_secur.cpp index 72068c9d95..67423b03b4 100644 --- a/protocols/JabberG/src/jabber_secur.cpp +++ b/protocols/JabberG/src/jabber_secur.cpp @@ -227,49 +227,9 @@ char* TMD5Auth::getChallenge(const TCHAR *challenge) return mir_base64_encode((PBYTE)buf, cbLen); } - ///////////////////////////////////////////////////////////////////////////////////////// // SCRAM-SHA-1 authorization -void hmac_sha1(mir_sha1_byte_t *md, mir_sha1_byte_t *key, size_t keylen, mir_sha1_byte_t *text, size_t textlen) -{ - const unsigned SHA_BLOCKSIZE = 64; - - unsigned char mdkey[MIR_SHA1_HASH_SIZE]; - unsigned char k_ipad[SHA_BLOCKSIZE], k_opad[SHA_BLOCKSIZE]; - mir_sha1_ctx ctx; - - if (keylen > SHA_BLOCKSIZE) - { - mir_sha1_init(&ctx); - mir_sha1_append(&ctx, key, (int)keylen); - mir_sha1_finish(&ctx, mdkey); - keylen = 20; - key = mdkey; - } - - memcpy(k_ipad, key, keylen); - memcpy(k_opad, key, keylen); - memset(k_ipad+keylen, 0x36, SHA_BLOCKSIZE - keylen); - memset(k_opad+keylen, 0x5c, SHA_BLOCKSIZE - keylen); - - for (unsigned i = 0; i < keylen; i++) - { - k_ipad[i] ^= 0x36; - k_opad[i] ^= 0x5c; - } - - mir_sha1_init(&ctx); - mir_sha1_append(&ctx, k_ipad, SHA_BLOCKSIZE); - mir_sha1_append(&ctx, text, (int)textlen); - mir_sha1_finish(&ctx, md); - - mir_sha1_init(&ctx); - mir_sha1_append(&ctx, k_opad, SHA_BLOCKSIZE); - mir_sha1_append(&ctx, md, MIR_SHA1_HASH_SIZE); - mir_sha1_finish(&ctx, md); -} - TScramAuth::TScramAuth(ThreadData* info) : TJabberAuth(info) { @@ -284,15 +244,15 @@ TScramAuth::~TScramAuth() mir_free(serverSignature); } -void TScramAuth::Hi(mir_sha1_byte_t* res , char* passw, size_t passwLen, char* salt, size_t saltLen, int ind) +void TScramAuth::Hi(BYTE* res , char* passw, size_t passwLen, char* salt, size_t saltLen, int ind) { - mir_sha1_byte_t u[ MIR_SHA1_HASH_SIZE ]; + BYTE u[ MIR_SHA1_HASH_SIZE ]; memcpy(u, salt, saltLen); *(unsigned*)(u + saltLen) = htonl(1); saltLen += 4; memset(res, 0, MIR_SHA1_HASH_SIZE); for (int i = 0; i < ind; i++) { - hmac_sha1(u, (mir_sha1_byte_t*)passw, passwLen, u, saltLen); + mir_hmac_sha1(u, (BYTE*)passw, passwLen, u, saltLen); saltLen = sizeof(u); for (unsigned j = 0; j < sizeof(u); j++) @@ -339,13 +299,13 @@ char* TScramAuth::getChallenge(const TCHAR *challenge) ptrA passw( mir_utf8encodeT(info->password)); size_t passwLen = strlen(passw); - mir_sha1_byte_t saltedPassw[ MIR_SHA1_HASH_SIZE ]; + BYTE saltedPassw[ MIR_SHA1_HASH_SIZE ]; Hi(saltedPassw, passw, passwLen, salt, saltLen, ind); - mir_sha1_byte_t clientKey[ MIR_SHA1_HASH_SIZE ]; - hmac_sha1(clientKey, saltedPassw, sizeof(saltedPassw), (mir_sha1_byte_t*)"Client Key", 10); + BYTE clientKey[ MIR_SHA1_HASH_SIZE ]; + mir_hmac_sha1(clientKey, saltedPassw, sizeof(saltedPassw), (BYTE*)"Client Key", 10); - mir_sha1_byte_t storedKey[ MIR_SHA1_HASH_SIZE ]; + BYTE storedKey[ MIR_SHA1_HASH_SIZE ]; mir_sha1_ctx ctx; mir_sha1_init(&ctx); @@ -355,19 +315,19 @@ char* TScramAuth::getChallenge(const TCHAR *challenge) char authmsg[4096]; int authmsgLen = mir_snprintf(authmsg, sizeof(authmsg), "%s,%s,c=biws,r=%s", msg1, chl, snonce); - mir_sha1_byte_t clientSig[ MIR_SHA1_HASH_SIZE ]; - hmac_sha1(clientSig, storedKey, sizeof(storedKey), (mir_sha1_byte_t*)authmsg, authmsgLen); + BYTE clientSig[ MIR_SHA1_HASH_SIZE ]; + mir_hmac_sha1(clientSig, storedKey, sizeof(storedKey), (BYTE*)authmsg, authmsgLen); - mir_sha1_byte_t clientProof[ MIR_SHA1_HASH_SIZE ]; + BYTE clientProof[ MIR_SHA1_HASH_SIZE ]; for (unsigned j = 0; j < sizeof(clientKey); j++) clientProof[j] = clientKey[j] ^ clientSig[j]; /* Calculate the server signature */ - mir_sha1_byte_t serverKey[ MIR_SHA1_HASH_SIZE ]; - hmac_sha1(serverKey, saltedPassw, sizeof(saltedPassw), (mir_sha1_byte_t*)"Server Key", 10); + BYTE serverKey[ MIR_SHA1_HASH_SIZE ]; + mir_hmac_sha1(serverKey, saltedPassw, sizeof(saltedPassw), (BYTE*)"Server Key", 10); - mir_sha1_byte_t srvSig[ MIR_SHA1_HASH_SIZE ]; - hmac_sha1(srvSig, serverKey, sizeof(serverKey), (mir_sha1_byte_t*)authmsg, authmsgLen); + BYTE srvSig[ MIR_SHA1_HASH_SIZE ]; + mir_hmac_sha1(srvSig, serverKey, sizeof(serverKey), (BYTE*)authmsg, authmsgLen); serverSignature = mir_base64_encode((PBYTE)srvSig, sizeof(srvSig)); char buf[4096]; diff --git a/protocols/JabberG/src/jabber_secur.h b/protocols/JabberG/src/jabber_secur.h index 18afe89dfa..838e11367b 100644 --- a/protocols/JabberG/src/jabber_secur.h +++ b/protocols/JabberG/src/jabber_secur.h @@ -92,7 +92,7 @@ public: virtual char* getChallenge(const TCHAR *challenge); virtual bool validateLogin(const TCHAR *challenge); - void Hi(mir_sha1_byte_t* res , char* passw, size_t passwLen, char* salt, size_t saltLen, int ind); + void Hi(BYTE* res , char* passw, size_t passwLen, char* salt, size_t saltLen, int ind); }; // ntlm auth - LanServer based authorization diff --git a/protocols/JabberG/src/jabber_svc.cpp b/protocols/JabberG/src/jabber_svc.cpp index 4048dccf74..ae1bf712f7 100644 --- a/protocols/JabberG/src/jabber_svc.cpp +++ b/protocols/JabberG/src/jabber_svc.cpp @@ -313,10 +313,10 @@ INT_PTR __cdecl CJabberProto::JabberSetAvatar(WPARAM, LPARAM lParam) _read(fileIn, pResult, dwPngSize); _close(fileIn); - mir_sha1_byte_t digest[MIR_SHA1_HASH_SIZE]; + BYTE digest[MIR_SHA1_HASH_SIZE]; mir_sha1_ctx sha1ctx; mir_sha1_init(&sha1ctx); - mir_sha1_append(&sha1ctx, (mir_sha1_byte_t*)pResult, dwPngSize); + mir_sha1_append(&sha1ctx, (BYTE*)pResult, dwPngSize); mir_sha1_finish(&sha1ctx, digest); TCHAR tFileName[ MAX_PATH ]; diff --git a/protocols/JabberG/src/jabber_util.cpp b/protocols/JabberG/src/jabber_util.cpp index a33c8640bd..7b00dfd63d 100644 --- a/protocols/JabberG/src/jabber_util.cpp +++ b/protocols/JabberG/src/jabber_util.cpp @@ -341,10 +341,10 @@ char* __stdcall JabberSha1(char* str) if (str == NULL) return NULL; - mir_sha1_byte_t digest[20]; + BYTE digest[20]; mir_sha1_ctx sha; mir_sha1_init(&sha); - mir_sha1_append(&sha, (mir_sha1_byte_t*)str, (int)strlen(str)); + mir_sha1_append(&sha, (BYTE*)str, (int)strlen(str)); mir_sha1_finish(&sha, digest); char *result = (char*)mir_alloc(41); @@ -1625,10 +1625,10 @@ void __cdecl CJabberProto::LoadHttpAvatars(void* param) setByte(AI.hContact, "AvatarType", pictureType); char buffer[ 41 ]; - mir_sha1_byte_t digest[20]; + BYTE digest[20]; mir_sha1_ctx sha; mir_sha1_init(&sha); - mir_sha1_append(&sha, (mir_sha1_byte_t*)res->pData, res->dataLength); + mir_sha1_append(&sha, (BYTE*)res->pData, res->dataLength); mir_sha1_finish(&sha, digest); bin2hex(digest, sizeof(digest), buffer); diff --git a/protocols/JabberG/src/jabber_vcard.cpp b/protocols/JabberG/src/jabber_vcard.cpp index 21cf96574c..f0cec19fa1 100644 --- a/protocols/JabberG/src/jabber_vcard.cpp +++ b/protocols/JabberG/src/jabber_vcard.cpp @@ -1171,10 +1171,10 @@ void CJabberProto::SetServerVcard(BOOL bPhotoChanged, TCHAR* szPhotoFileName) // NEED TO UPDATE OUR AVATAR HASH: - mir_sha1_byte_t digest[MIR_SHA1_HASH_SIZE]; + BYTE digest[MIR_SHA1_HASH_SIZE]; mir_sha1_ctx sha1ctx; mir_sha1_init(&sha1ctx); - mir_sha1_append(&sha1ctx, (mir_sha1_byte_t*)buffer, nRead); + mir_sha1_append(&sha1ctx, (BYTE*)buffer, nRead); mir_sha1_finish(&sha1ctx, digest); char buf[MIR_SHA1_HASH_SIZE*2+1]; diff --git a/protocols/MRA/Mra_10.vcxproj b/protocols/MRA/Mra_10.vcxproj index 11bacd5c3a..ec5727dd76 100644 --- a/protocols/MRA/Mra_10.vcxproj +++ b/protocols/MRA/Mra_10.vcxproj @@ -187,7 +187,6 @@ - Create diff --git a/protocols/MRA/Mra_10.vcxproj.filters b/protocols/MRA/Mra_10.vcxproj.filters index e674ed722d..ed7f4006e4 100644 --- a/protocols/MRA/Mra_10.vcxproj.filters +++ b/protocols/MRA/Mra_10.vcxproj.filters @@ -78,9 +78,6 @@ Source Files - - Source Files - diff --git a/protocols/MRA/Mra_11.vcxproj b/protocols/MRA/Mra_11.vcxproj index a036582ea4..db0dbacf76 100644 --- a/protocols/MRA/Mra_11.vcxproj +++ b/protocols/MRA/Mra_11.vcxproj @@ -190,7 +190,6 @@ - Create diff --git a/protocols/MRA/Mra_11.vcxproj.filters b/protocols/MRA/Mra_11.vcxproj.filters index 9df9c95b3a..11841dbdb6 100644 --- a/protocols/MRA/Mra_11.vcxproj.filters +++ b/protocols/MRA/Mra_11.vcxproj.filters @@ -81,9 +81,6 @@ Source Files - - Source Files - diff --git a/protocols/MRA/src/MraUtils.cpp b/protocols/MRA/src/MraUtils.cpp deleted file mode 100644 index d35255d4a9..0000000000 --- a/protocols/MRA/src/MraUtils.cpp +++ /dev/null @@ -1,60 +0,0 @@ -#include "Mra.h" -#include "MraSendQueue.h" - -void hmac_sha1(BYTE *text,size_t text_len,BYTE *key,size_t key_len,BYTE *digest) -{ - mir_sha1_ctx context; - BYTE k_ipad[65]; /* inner padding - key XORd with ipad */ - BYTE k_opad[65]; /* outer padding - key XORd with opad */ - BYTE tk[MIR_SHA1_HASH_SIZE]; - /* if key is longer than 64 bytes reset it to key=SHA1(key) */ - if (key_len>64) - { - mir_sha1_ctx tctx; - - mir_sha1_init(&tctx); - mir_sha1_append(&tctx,key,key_len); - mir_sha1_finish(&tctx,(BYTE*)&tk); - - key=tk; - key_len=MIR_SHA1_HASH_SIZE; - } - - /* - * the HMAC_SHA1 transform looks like: - * - * SHA1(K XOR opad, SHA1(K XOR ipad, text)) - * - * where K is an n byte key - * ipad is the byte 0x36 repeated 64 times - * opad is the byte 0x5c repeated 64 times - * and text is the data being protected - */ - - /* start out by storing key in pads */ - memmove(&k_ipad,key,key_len); - memmove(&k_opad,key,key_len); - memset(&k_ipad[key_len], 0, (sizeof(k_ipad)-key_len)); - memset(&k_opad[key_len], 0 , (sizeof(k_opad)-key_len)); - - /* XOR key with ipad and opad values */ - for (size_t i=0;i<(64/sizeof(ULONGLONG));i++) - { - ((ULONGLONG*)k_ipad)[i]^=0x3636363636363636; - ((ULONGLONG*)k_opad)[i]^=0x5C5C5C5C5C5C5C5C; - } - /* perform inner SHA1 */ - mir_sha1_init(&context); /* init context for 1st pass */ - mir_sha1_append(&context,k_ipad,64); /* start with inner pad */ - mir_sha1_append(&context,text,text_len); /* then text of datagram */ - mir_sha1_finish(&context,digest); /* finish up 1st pass */ - /* perform outer SHA1 */ - mir_sha1_init(&context); /* init context for 2nd pass */ - mir_sha1_append(&context,k_opad,64); /* start with outer pad */ - mir_sha1_append(&context,(BYTE*)digest,MIR_SHA1_HASH_SIZE); /* then results of 1st hash */ - mir_sha1_finish(&context,digest); /* finish up 2nd pass */ - - bzero(k_ipad,sizeof(k_ipad)); - bzero(k_opad,sizeof(k_opad)); - bzero(tk,sizeof(tk)); -} diff --git a/protocols/MRA/src/Mra_functions.cpp b/protocols/MRA/src/Mra_functions.cpp index 114de07da0..23b19814f3 100644 --- a/protocols/MRA/src/Mra_functions.cpp +++ b/protocols/MRA/src/Mra_functions.cpp @@ -1544,7 +1544,7 @@ BOOL CMraProto::SetPassDB(LPSTR lpszBuff, size_t dwBuffSize) btCryptedPass[0] = (BYTE)dwBuffSize; //memmove(&btCryptedPass[1], lpszBuff, dwBuffSize); - hmac_sha1(btRandomData, sizeof(btRandomData), (BYTE*)szEMail, dwEMailSize, bthmacSHA1); + mir_hmac_sha1(bthmacSHA1, (BYTE*)szEMail, dwEMailSize, btRandomData, sizeof(btRandomData)); RC4(btCryptedPass, sizeof(btCryptedPass), bthmacSHA1, MIR_SHA1_HASH_SIZE); RC4(btCryptedPass, sizeof(btCryptedPass), btRandomData, sizeof(btRandomData)); @@ -1583,7 +1583,7 @@ BOOL CMraProto::GetPassDB(LPSTR lpszBuff, size_t dwBuffSize, size_t *pdwBuffSize if (mraGetContactSettingBlob(NULL, "pCryptPass", btCryptedPass, sizeof(btCryptedPass), &dwCryptedPass)) if (dwCryptedPass == sizeof(btCryptedPass)) if (mraGetStaticStringA(NULL, "e-mail", szEMail, SIZEOF(szEMail), &dwEMailSize)) { - hmac_sha1(btRandomData, sizeof(btRandomData), (BYTE*)szEMail, dwEMailSize, bthmacSHA1); + mir_hmac_sha1(bthmacSHA1, (BYTE*)szEMail, dwEMailSize, btRandomData, sizeof(btRandomData)); RC4(btCryptedPass, sizeof(btCryptedPass), bthmacSHA1, MIR_SHA1_HASH_SIZE); CopyMemoryReverseDWORD(btCryptedPass, btCryptedPass, sizeof(btCryptedPass)); diff --git a/protocols/MSN/src/msn_auth.cpp b/protocols/MSN/src/msn_auth.cpp index 7ee1ff538e..23d1001f83 100644 --- a/protocols/MSN/src/msn_auth.cpp +++ b/protocols/MSN/src/msn_auth.cpp @@ -329,66 +329,26 @@ int CMsnProto::MSN_GetPassportAuth(void) return retVal; } -void hmac_sha1 (mir_sha1_byte_t *md, mir_sha1_byte_t *key, size_t keylen, mir_sha1_byte_t *text, size_t textlen) +static void derive_key(BYTE* der, unsigned char* key, size_t keylen, unsigned char* data, size_t datalen) { - const unsigned SHA_BLOCKSIZE = 64; - - unsigned char mdkey[MIR_SHA1_HASH_SIZE]; - unsigned char k_ipad[SHA_BLOCKSIZE], k_opad[SHA_BLOCKSIZE]; - mir_sha1_ctx ctx; - - if (keylen > SHA_BLOCKSIZE) - { - mir_sha1_init(&ctx); - mir_sha1_append(&ctx, key, (int)keylen); - mir_sha1_finish(&ctx, mdkey); - keylen = 20; - key = mdkey; - } - - memcpy(k_ipad, key, keylen); - memcpy(k_opad, key, keylen); - memset(k_ipad+keylen, 0x36, SHA_BLOCKSIZE - keylen); - memset(k_opad+keylen, 0x5c, SHA_BLOCKSIZE - keylen); - - for (unsigned i = 0; i < keylen; i++) - { - k_ipad[i] ^= 0x36; - k_opad[i] ^= 0x5c; - } - - mir_sha1_init(&ctx); - mir_sha1_append(&ctx, k_ipad, SHA_BLOCKSIZE); - mir_sha1_append(&ctx, text, (int)textlen); - mir_sha1_finish(&ctx, md); - - mir_sha1_init(&ctx); - mir_sha1_append(&ctx, k_opad, SHA_BLOCKSIZE); - mir_sha1_append(&ctx, md, MIR_SHA1_HASH_SIZE); - mir_sha1_finish(&ctx, md); -} - - -static void derive_key(mir_sha1_byte_t* der, unsigned char* key, size_t keylen, unsigned char* data, size_t datalen) -{ - mir_sha1_byte_t hash1[MIR_SHA1_HASH_SIZE]; - mir_sha1_byte_t hash2[MIR_SHA1_HASH_SIZE]; - mir_sha1_byte_t hash3[MIR_SHA1_HASH_SIZE]; - mir_sha1_byte_t hash4[MIR_SHA1_HASH_SIZE]; + BYTE hash1[MIR_SHA1_HASH_SIZE]; + BYTE hash2[MIR_SHA1_HASH_SIZE]; + BYTE hash3[MIR_SHA1_HASH_SIZE]; + BYTE hash4[MIR_SHA1_HASH_SIZE]; const size_t buflen = MIR_SHA1_HASH_SIZE + datalen; - mir_sha1_byte_t* buf = (mir_sha1_byte_t*)alloca(buflen); + BYTE* buf = (BYTE*)alloca(buflen); - hmac_sha1(hash1, key, keylen, data, datalen); - hmac_sha1(hash3, key, keylen, hash1, MIR_SHA1_HASH_SIZE); + mir_hmac_sha1(hash1, key, keylen, data, datalen); + mir_hmac_sha1(hash3, key, keylen, hash1, MIR_SHA1_HASH_SIZE); memcpy(buf, hash1, MIR_SHA1_HASH_SIZE); memcpy(buf + MIR_SHA1_HASH_SIZE, data, datalen); - hmac_sha1(hash2, key, keylen, buf, buflen); + mir_hmac_sha1(hash2, key, keylen, buf, buflen); memcpy(buf, hash3, MIR_SHA1_HASH_SIZE); memcpy(buf + MIR_SHA1_HASH_SIZE, data, datalen); - hmac_sha1(hash4, key, keylen, buf, buflen); + mir_hmac_sha1(hash4, key, keylen, buf, buflen); memcpy(der, hash2, MIR_SHA1_HASH_SIZE); memcpy(der + MIR_SHA1_HASH_SIZE, hash4, 4); @@ -436,8 +396,8 @@ char* CMsnProto::GenerateLoginBlob(char* challenge) unsigned key1len; BYTE *key1 = (BYTE*)mir_base64_decode(authSecretToken, &key1len); - mir_sha1_byte_t key2[MIR_SHA1_HASH_SIZE+4]; - mir_sha1_byte_t key3[MIR_SHA1_HASH_SIZE+4]; + BYTE key2[MIR_SHA1_HASH_SIZE+4]; + BYTE key3[MIR_SHA1_HASH_SIZE+4]; static const unsigned char encdata1[] = "WS-SecureConversationSESSION KEY HASH"; static const unsigned char encdata2[] = "WS-SecureConversationSESSION KEY ENCRYPTION"; @@ -447,8 +407,8 @@ char* CMsnProto::GenerateLoginBlob(char* challenge) size_t chllen = strlen(challenge); - mir_sha1_byte_t hash[MIR_SHA1_HASH_SIZE]; - hmac_sha1(hash, key2, MIR_SHA1_HASH_SIZE+4, (mir_sha1_byte_t*)challenge, chllen); + BYTE hash[MIR_SHA1_HASH_SIZE]; + mir_hmac_sha1(hash, key2, MIR_SHA1_HASH_SIZE+4, (BYTE*)challenge, chllen); unsigned char* newchl = PKCS5_Padding(challenge, chllen); @@ -514,8 +474,8 @@ char* CMsnProto::HotmailLogin(const char* url) UrlEncode(noncenc, fnpst + sz, fnpstlen - sz); sz = strlen(fnpst); - mir_sha1_byte_t hash[MIR_SHA1_HASH_SIZE]; - hmac_sha1(hash, key2, sizeof(key2), (mir_sha1_byte_t*)fnpst, sz); + BYTE hash[MIR_SHA1_HASH_SIZE]; + mir_hmac_sha1(hash, key2, sizeof(key2), (BYTE*)fnpst, sz); noncenc = mir_base64_encode(hash, sizeof(hash)); diff --git a/protocols/MSN/src/msn_misc.cpp b/protocols/MSN/src/msn_misc.cpp index 8f2f26401e..94ee971d1f 100644 --- a/protocols/MSN/src/msn_misc.cpp +++ b/protocols/MSN/src/msn_misc.cpp @@ -276,7 +276,7 @@ int CMsnProto::MSN_SetMyAvatar(const TCHAR* sztFname, void* pData, size_t cbLen) char *szFname = mir_utf8encodeT(sztFname); mir_sha1_init(&sha1ctx); - mir_sha1_append(&sha1ctx, (mir_sha1_byte_t*)pData, (int)cbLen); + mir_sha1_append(&sha1ctx, (BYTE*)pData, (int)cbLen); mir_sha1_finish(&sha1ctx, sha1d); ptrA szSha1d( mir_base64_encode((PBYTE)sha1d, sizeof(sha1d))); diff --git a/protocols/Tlen/src/jabber_util.cpp b/protocols/Tlen/src/jabber_util.cpp index 0fe8d0b10d..a219a5a573 100644 --- a/protocols/Tlen/src/jabber_util.cpp +++ b/protocols/Tlen/src/jabber_util.cpp @@ -259,8 +259,8 @@ char *JabberSha1(char *str) return NULL; mir_sha1_init( &sha ); - mir_sha1_append( &sha, (mir_sha1_byte_t* )str, (int)strlen( str )); - mir_sha1_finish( &sha, (mir_sha1_byte_t* )digest ); + mir_sha1_append( &sha, (BYTE* )str, (int)strlen( str )); + mir_sha1_finish( &sha, (BYTE* )digest ); if ((result=(char *)mir_alloc(41)) == NULL) return NULL; sprintf(result, "%08x%08x%08x%08x%08x", (int)htonl(digest[0]), (int)htonl(digest[1]), (int)htonl(digest[2]), (int)htonl(digest[3]), (int)htonl(digest[4])); @@ -270,7 +270,7 @@ char *JabberSha1(char *str) char *TlenSha1(char *str, int len) { mir_sha1_ctx sha; - mir_sha1_byte_t digest[20]; + BYTE digest[20]; char* result; int i; @@ -278,7 +278,7 @@ char *TlenSha1(char *str, int len) return NULL; mir_sha1_init( &sha ); - mir_sha1_append( &sha, (mir_sha1_byte_t* )str, len); + mir_sha1_append( &sha, (BYTE* )str, len); mir_sha1_finish( &sha, digest ); if (( result=( char* )mir_alloc( 20 )) == NULL ) return NULL; diff --git a/protocols/Tlen/src/tlen_picture.cpp b/protocols/Tlen/src/tlen_picture.cpp index f6d896aa2e..55c4a1c07d 100644 --- a/protocols/Tlen/src/tlen_picture.cpp +++ b/protocols/Tlen/src/tlen_picture.cpp @@ -299,13 +299,13 @@ BOOL SendPicture(TlenProtocol *proto, HANDLE hContact) { int readcount = (int)fread(fileBuffer, (size_t)1, (size_t)toread, fp); i -= readcount; if (readcount > 0) { - mir_sha1_append( &sha, (mir_sha1_byte_t* )fileBuffer, readcount); + mir_sha1_append( &sha, (BYTE* )fileBuffer, readcount); } if (toread != readcount) { break; } } - mir_sha1_finish( &sha, (mir_sha1_byte_t* )digest ); + mir_sha1_finish( &sha, (BYTE* )digest ); JabberSend(proto, "", jid, (int)htonl(digest[0]), (int)htonl(digest[1]), (int)htonl(digest[2]), (int)htonl(digest[3]), (int)htonl(digest[4]), idStr, item->ft->filesSize[0], "jpg"); } else { diff --git a/protocols/Twitter/src/oauth.cpp b/protocols/Twitter/src/oauth.cpp index cfc4812191..7a9a761bb6 100644 --- a/protocols/Twitter/src/oauth.cpp +++ b/protocols/Twitter/src/oauth.cpp @@ -416,233 +416,6 @@ wstring mir_twitter::OAuthCreateTimestamp() return buf; } -string mir_twitter::HMACSHA1( const string& keyBytes, const string& data ) -{ - // based on http://msdn.microsoft.com/en-us/library/aa382379%28v=VS.85%29.aspx - - string hash; - - //-------------------------------------------------------------------- - // Declare variables. - // - // hProv: Handle to a cryptographic service provider (CSP). - // This example retrieves the default provider for - // the PROV_RSA_FULL provider type. - // hHash: Handle to the hash object needed to create a hash. - // hKey: Handle to a symmetric key. This example creates a - // key for the RC4 algorithm. - // hHmacHash: Handle to an HMAC hash. - // pbHash: Pointer to the hash. - // dwDataLen: Length, in bytes, of the hash. - // Data1: Password string used to create a symmetric key. - // Data2: Message string to be hashed. - // HmacInfo: Instance of an HMAC_INFO structure that contains - // information about the HMAC hash. - // - HCRYPTPROV hProv = NULL; - HCRYPTHASH hHash = NULL; - HCRYPTKEY hKey = NULL; - HCRYPTHASH hHmacHash = NULL; - PBYTE pbHash = NULL; - DWORD dwDataLen = 0; - //BYTE Data1[] = {0x70,0x61,0x73,0x73,0x77,0x6F,0x72,0x64}; - //BYTE Data2[] = {0x6D,0x65,0x73,0x73,0x61,0x67,0x65}; - HMAC_INFO HmacInfo; - - //-------------------------------------------------------------------- - // Zero the HMAC_INFO structure and use the SHA1 algorithm for - // hashing. - - ZeroMemory(&HmacInfo, sizeof(HmacInfo)); - HmacInfo.HashAlgid = CALG_SHA1; - - //-------------------------------------------------------------------- - // Acquire a handle to the default RSA cryptographic service provider. - - if (!CryptAcquireContext( - &hProv, // handle of the CSP - NULL, // key container name - NULL, // CSP name - PROV_RSA_FULL, // provider type - CRYPT_VERIFYCONTEXT)) // no key access is requested - { - _TRACE(" Error in AcquireContext 0x%08x \n", - GetLastError()); - goto ErrorExit; - } - - //-------------------------------------------------------------------- - // Derive a symmetric key from a hash object by performing the - // following steps: - // 1. Call CryptCreateHash to retrieve a handle to a hash object. - // 2. Call CryptHashData to add a text string (password) to the - // hash object. - // 3. Call CryptDeriveKey to create the symmetric key from the - // hashed password derived in step 2. - // You will use the key later to create an HMAC hash object. - - if (!CryptCreateHash( - hProv, // handle of the CSP - CALG_SHA1, // hash algorithm to use - 0, // hash key - 0, // reserved - &hHash)) // address of hash object handle - { - _TRACE("Error in CryptCreateHash 0x%08x \n", - GetLastError()); - goto ErrorExit; - } - - if (!CryptHashData( - hHash, // handle of the hash object - (BYTE*)keyBytes.c_str(), // password to hash - (DWORD)keyBytes.size(), // number of bytes of data to add - 0)) // flags - { - _TRACE("Error in CryptHashData 0x%08x \n", - GetLastError()); - goto ErrorExit; - } - - // key creation based on - // http://mirror.leaseweb.com/NetBSD/NetBSD-release-5-0/src/dist/wpa/src/crypto/crypto_cryptoapi.c - struct { - BLOBHEADER hdr; - DWORD len; - BYTE key[1024]; // TODO might want to dynamically allocate this, Should Be Fine though - } key_blob; - - key_blob.hdr.bType = PLAINTEXTKEYBLOB; - key_blob.hdr.bVersion = CUR_BLOB_VERSION; - key_blob.hdr.reserved = 0; - /* - * Note: RC2 is not really used, but that can be used to - * import HMAC keys of up to 16 byte long. - * CRYPT_IPSEC_HMAC_KEY flag for CryptImportKey() is needed to - * be able to import longer keys (HMAC-SHA1 uses 20-byte key). - */ - key_blob.hdr.aiKeyAlg = CALG_RC2; - key_blob.len = (DWORD)keyBytes.size(); - ZeroMemory(key_blob.key, sizeof(key_blob.key)); - - _ASSERTE(keyBytes.size() <= SIZEOF(key_blob.key)); - CopyMemory(key_blob.key, keyBytes.c_str(), min(keyBytes.size(), SIZEOF(key_blob.key))); - - if (!CryptImportKey( - hProv, - (BYTE *)&key_blob, - sizeof(key_blob), - 0, - CRYPT_IPSEC_HMAC_KEY, - &hKey)) - { - _TRACE("Error in CryptImportKey 0x%08x \n", GetLastError()); - goto ErrorExit; - } - - //-------------------------------------------------------------------- - // Create an HMAC by performing the following steps: - // 1. Call CryptCreateHash to create a hash object and retrieve - // a handle to it. - // 2. Call CryptSetHashParam to set the instance of the HMAC_INFO - // structure into the hash object. - // 3. Call CryptHashData to compute a hash of the message. - // 4. Call CryptGetHashParam to retrieve the size, in bytes, of - // the hash. - // 5. Call malloc to allocate memory for the hash. - // 6. Call CryptGetHashParam again to retrieve the HMAC hash. - - if (!CryptCreateHash( - hProv, // handle of the CSP. - CALG_HMAC, // HMAC hash algorithm ID - hKey, // key for the hash (see above) - 0, // reserved - &hHmacHash)) // address of the hash handle - { - _TRACE("Error in CryptCreateHash 0x%08x \n", - GetLastError()); - goto ErrorExit; - } - - if (!CryptSetHashParam( - hHmacHash, // handle of the HMAC hash object - HP_HMAC_INFO, // setting an HMAC_INFO object - (BYTE*)&HmacInfo, // the HMAC_INFO object - 0)) // reserved - { - _TRACE("Error in CryptSetHashParam 0x%08x \n", - GetLastError()); - goto ErrorExit; - } - - if (!CryptHashData( - hHmacHash, // handle of the HMAC hash object - (BYTE*)data.c_str(), // message to hash - (DWORD)data.size(), // number of bytes of data to add - 0)) // flags - { - _TRACE("Error in CryptHashData 0x%08x \n", - GetLastError()); - goto ErrorExit; - } - - //-------------------------------------------------------------------- - // Call CryptGetHashParam twice. Call it the first time to retrieve - // the size, in bytes, of the hash. Allocate memory. Then call - // CryptGetHashParam again to retrieve the hash value. - - if (!CryptGetHashParam( - hHmacHash, // handle of the HMAC hash object - HP_HASHVAL, // query on the hash value - NULL, // filled on second call - &dwDataLen, // length, in bytes, of the hash - 0)) - { - _TRACE("Error in CryptGetHashParam 0x%08x \n", - GetLastError()); - goto ErrorExit; - } - - pbHash = (BYTE*)malloc(dwDataLen); - if(NULL == pbHash) - { - _TRACE("unable to allocate memory\n"); - goto ErrorExit; - } - - if (!CryptGetHashParam( - hHmacHash, // handle of the HMAC hash object - HP_HASHVAL, // query on the hash value - pbHash, // pointer to the HMAC hash value - &dwDataLen, // length, in bytes, of the hash - 0)) - { - _TRACE("Error in CryptGetHashParam 0x%08x \n", GetLastError()); - goto ErrorExit; - } - - for(DWORD i = 0 ; i < dwDataLen ; i++) - { - hash.push_back((char)pbHash[i]); - } - - // Free resources. - // lol goto -ErrorExit: - if(hHmacHash) - CryptDestroyHash(hHmacHash); - if(hKey) - CryptDestroyKey(hKey); - if(hHash) - CryptDestroyHash(hHash); - if(hProv) - CryptReleaseContext(hProv, 0); - if(pbHash) - free(pbHash); - - return hash; -} - wstring mir_twitter::OAuthCreateSignature( const wstring& signatureBase, const wstring& consumerSecret, const wstring& requestTokenSecret ) { // URL encode key elements @@ -652,12 +425,9 @@ wstring mir_twitter::OAuthCreateSignature( const wstring& signatureBase, const w wstring key = escapedConsumerSecret + L"&" + escapedTokenSecret; string keyBytes = WideToUTF8(key); + BYTE digest[MIR_SHA1_HASH_SIZE]; string data = WideToUTF8(signatureBase); - string hash = HMACSHA1(keyBytes, data); - ptrA encoded( mir_base64_encode((PBYTE)hash.c_str(), (unsigned)hash.length())); - wstring signature = _A2T(encoded); - - // URL encode the returned signature - signature = UrlEncode(signature); - return signature; + mir_hmac_sha1(digest, (PBYTE)keyBytes.c_str(), keyBytes.size(), (PBYTE)data.c_str(), data.size()); + ptrA encoded( mir_base64_encode(digest, sizeof(digest))); + return UrlEncode((TCHAR*)_A2T(encoded)); } diff --git a/protocols/Twitter/src/oauth/sha1.c b/protocols/Twitter/src/oauth/sha1.c deleted file mode 100644 index c3189008ac..0000000000 --- a/protocols/Twitter/src/oauth/sha1.c +++ /dev/null @@ -1,317 +0,0 @@ -/* This code is public-domain - it is based on libcrypt - * placed in the public domain by Wei Dai and other contributors. - */ -// gcc -Wall -DSHA1TEST -o sha1test sha1.c && ./sha1test - -#include -#include - -/* header */ - -#define HASH_LENGTH 20 -#define BLOCK_LENGTH 64 - -union _buffer { - uint8_t b[BLOCK_LENGTH]; - uint32_t w[BLOCK_LENGTH/4]; -}; - -union _state { - uint8_t b[HASH_LENGTH]; - uint32_t w[HASH_LENGTH/4]; -}; - -typedef struct sha1nfo { - union _buffer buffer; - uint8_t bufferOffset; - union _state state; - uint32_t byteCount; - uint8_t keyBuffer[BLOCK_LENGTH]; - uint8_t innerHash[HASH_LENGTH]; -} sha1nfo; - -/* public API - prototypes - TODO: doxygen*/ - -/** - */ -void sha1_init(sha1nfo *s); -/** - */ -void sha1_writebyte(sha1nfo *s, uint8_t data); -/** - */ -void sha1_write(sha1nfo *s, const char *data, size_t len); -/** - */ -uint8_t* sha1_result(sha1nfo *s); -/** - */ -void sha1_initHmac(sha1nfo *s, const uint8_t* key, int keyLength); -/** - */ -uint8_t* sha1_resultHmac(sha1nfo *s); - - -/* code */ -#define SHA1_K0 0x5a827999 -#define SHA1_K20 0x6ed9eba1 -#define SHA1_K40 0x8f1bbcdc -#define SHA1_K60 0xca62c1d6 - -const uint8_t sha1InitState[] = { - 0x01,0x23,0x45,0x67, // H0 - 0x89,0xab,0xcd,0xef, // H1 - 0xfe,0xdc,0xba,0x98, // H2 - 0x76,0x54,0x32,0x10, // H3 - 0xf0,0xe1,0xd2,0xc3 // H4 -}; - -void sha1_init(sha1nfo *s) { - memcpy(s->state.b,sha1InitState,HASH_LENGTH); - s->byteCount = 0; - s->bufferOffset = 0; -} - -uint32_t sha1_rol32(uint32_t number, uint8_t bits) { - return ((number << bits) | (number >> (32-bits))); -} - -void sha1_hashBlock(sha1nfo *s) { - uint8_t i; - uint32_t a,b,c,d,e,t; - - a=s->state.w[0]; - b=s->state.w[1]; - c=s->state.w[2]; - d=s->state.w[3]; - e=s->state.w[4]; - for (i=0; i<80; i++) { - if (i>=16) { - t = s->buffer.w[(i+13)&15] ^ s->buffer.w[(i+8)&15] ^ s->buffer.w[(i+2)&15] ^ s->buffer.w[i&15]; - s->buffer.w[i&15] = sha1_rol32(t,1); - } - if (i<20) { - t = (d ^ (b & (c ^ d))) + SHA1_K0; - } else if (i<40) { - t = (b ^ c ^ d) + SHA1_K20; - } else if (i<60) { - t = ((b & c) | (d & (b | c))) + SHA1_K40; - } else { - t = (b ^ c ^ d) + SHA1_K60; - } - t+=sha1_rol32(a,5) + e + s->buffer.w[i&15]; - e=d; - d=c; - c=sha1_rol32(b,30); - b=a; - a=t; - } - s->state.w[0] += a; - s->state.w[1] += b; - s->state.w[2] += c; - s->state.w[3] += d; - s->state.w[4] += e; -} - -void sha1_addUncounted(sha1nfo *s, uint8_t data) { - s->buffer.b[s->bufferOffset ^ 3] = data; - s->bufferOffset++; - if (s->bufferOffset == BLOCK_LENGTH) { - sha1_hashBlock(s); - s->bufferOffset = 0; - } -} - -void sha1_writebyte(sha1nfo *s, uint8_t data) { - ++s->byteCount; - sha1_addUncounted(s, data); -} - -void sha1_write(sha1nfo *s, const char *data, size_t len) { - for (;len--;) sha1_writebyte(s, (uint8_t) *data++); -} - -void sha1_pad(sha1nfo *s) { - // Implement SHA-1 padding (fips180-2 ยง5.1.1) - - // Pad with 0x80 followed by 0x00 until the end of the block - sha1_addUncounted(s, 0x80); - while (s->bufferOffset != 56) sha1_addUncounted(s, 0x00); - - // Append length in the last 8 bytes - sha1_addUncounted(s, 0); // We're only using 32 bit lengths - sha1_addUncounted(s, 0); // But SHA-1 supports 64 bit lengths - sha1_addUncounted(s, 0); // So zero pad the top bits - sha1_addUncounted(s, s->byteCount >> 29); // Shifting to multiply by 8 - sha1_addUncounted(s, s->byteCount >> 21); // as SHA-1 supports bitstreams as well as - sha1_addUncounted(s, s->byteCount >> 13); // byte. - sha1_addUncounted(s, s->byteCount >> 5); - sha1_addUncounted(s, s->byteCount << 3); -} - -uint8_t* sha1_result(sha1nfo *s) { - int i; - // Pad to complete the last block - sha1_pad(s); - - // Swap byte order back - for (i=0; i<5; i++) { - uint32_t a,b; - a=s->state.w[i]; - b=a<<24; - b|=(a<<8) & 0x00ff0000; - b|=(a>>8) & 0x0000ff00; - b|=a>>24; - s->state.w[i]=b; - } - - // Return pointer to hash (20 characters) - return s->state.b; -} - -#define HMAC_IPAD 0x36 -#define HMAC_OPAD 0x5c - -void sha1_initHmac(sha1nfo *s, const uint8_t* key, int keyLength) { - uint8_t i; - memset(s->keyBuffer, 0, BLOCK_LENGTH); - if (keyLength > BLOCK_LENGTH) { - // Hash long keys - sha1_init(s); - for (;keyLength--;) sha1_writebyte(s, *key++); - memcpy(s->keyBuffer, sha1_result(s), HASH_LENGTH); - } else { - // Block length keys are used as is - memcpy(s->keyBuffer, key, keyLength); - } - // Start inner hash - sha1_init(s); - for (i=0; ikeyBuffer[i] ^ HMAC_IPAD); - } -} - -uint8_t* sha1_resultHmac(sha1nfo *s) { - uint8_t i; - // Complete inner hash - memcpy(s->innerHash,sha1_result(s),HASH_LENGTH); - // Calculate outer hash - sha1_init(s); - for (i=0; ikeyBuffer[i] ^ HMAC_OPAD); - for (i=0; iinnerHash[i]); - return sha1_result(s); -} - -/* self-test */ - -#if SHA1TEST -#include - -uint8_t hmacKey1[]={ - 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f, - 0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f, - 0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,0x29,0x2a,0x2b,0x2c,0x2d,0x2e,0x2f, - 0x30,0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x39,0x3a,0x3b,0x3c,0x3d,0x3e,0x3f -}; -uint8_t hmacKey2[]={ - 0x30,0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x39,0x3a,0x3b,0x3c,0x3d,0x3e,0x3f, - 0x40,0x41,0x42,0x43 -}; -uint8_t hmacKey3[]={ - 0x50,0x51,0x52,0x53,0x54,0x55,0x56,0x57,0x58,0x59,0x5a,0x5b,0x5c,0x5d,0x5e,0x5f, - 0x60,0x61,0x62,0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6a,0x6b,0x6c,0x6d,0x6e,0x6f, - 0x70,0x71,0x72,0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7a,0x7b,0x7c,0x7d,0x7e,0x7f, - 0x80,0x81,0x82,0x83,0x84,0x85,0x86,0x87,0x88,0x89,0x8a,0x8b,0x8c,0x8d,0x8e,0x8f, - 0x90,0x91,0x92,0x93,0x94,0x95,0x96,0x97,0x98,0x99,0x9a,0x9b,0x9c,0x9d,0x9e,0x9f, - 0xa0,0xa1,0xa2,0xa3,0xa4,0xa5,0xa6,0xa7,0xa8,0xa9,0xaa,0xab,0xac,0xad,0xae,0xaf, - 0xb0,0xb1,0xb2,0xb3 -}; -uint8_t hmacKey4[]={ - 0x70,0x71,0x72,0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7a,0x7b,0x7c,0x7d,0x7e,0x7f, - 0x80,0x81,0x82,0x83,0x84,0x85,0x86,0x87,0x88,0x89,0x8a,0x8b,0x8c,0x8d,0x8e,0x8f, - 0x90,0x91,0x92,0x93,0x94,0x95,0x96,0x97,0x98,0x99,0x9a,0x9b,0x9c,0x9d,0x9e,0x9f, - 0xa0 -}; - -void printHash(uint8_t* hash) { - int i; - for (i=0; i<20; i++) { - printf("%02x", hash[i]); - } - printf("\n"); -} - - -int main (int argc, char **argv) { - uint32_t a; - sha1nfo s; - - // SHA tests - printf("Test: FIPS 180-2 C.1 and RFC3174 7.3 TEST1\n"); - printf("Expect:a9993e364706816aba3e25717850c26c9cd0d89d\n"); - printf("Result:"); - sha1_init(&s); - sha1_write(&s, "abc", 3); - printHash(sha1_result(&s)); - printf("\n\n"); - - printf("Test: FIPS 180-2 C.2 and RFC3174 7.3 TEST2\n"); - printf("Expect:84983e441c3bd26ebaae4aa1f95129e5e54670f1\n"); - printf("Result:"); - sha1_init(&s); - sha1_write(&s, "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56); - printHash(sha1_result(&s)); - printf("\n\n"); - - printf("Test: RFC3174 7.3 TEST4\n"); - printf("Expect:dea356a2cddd90c7a7ecedc5ebb563934f460452\n"); - printf("Result:"); - sha1_init(&s); - for (a=0; a<80; a++) sha1_write(&s, "01234567", 8); - printHash(sha1_result(&s)); - printf("\n\n"); - - // HMAC tests - printf("Test: FIPS 198a A.1\n"); - printf("Expect:4f4ca3d5d68ba7cc0a1208c9c61e9c5da0403c0a\n"); - printf("Result:"); - sha1_initHmac(&s, hmacKey1, 64); - sha1_write(&s, "Sample #1",9); - printHash(sha1_resultHmac(&s)); - printf("\n\n"); - - printf("Test: FIPS 198a A.2\n"); - printf("Expect:0922d3405faa3d194f82a45830737d5cc6c75d24\n"); - printf("Result:"); - sha1_initHmac(&s, hmacKey2, 20); - sha1_write(&s, "Sample #2", 9); - printHash(sha1_resultHmac(&s)); - printf("\n\n"); - - printf("Test: FIPS 198a A.3\n"); - printf("Expect:bcf41eab8bb2d802f3d05caf7cb092ecf8d1a3aa\n"); - printf("Result:"); - sha1_initHmac(&s, hmacKey3,100); - sha1_write(&s, "Sample #3", 9); - printHash(sha1_resultHmac(&s)); - printf("\n\n"); - - printf("Test: FIPS 198a A.4\n"); - printf("Expect:9ea886efe268dbecce420c7524df32e0751a2a26\n"); - printf("Result:"); - sha1_initHmac(&s, hmacKey4,49); - sha1_write(&s, "Sample #4", 9); - printHash(sha1_resultHmac(&s)); - printf("\n\n"); - - // Long tests - printf("Test: FIPS 180-2 C.3 and RFC3174 7.3 TEST3\n"); - printf("Expect:34aa973cd4c4daa4f61eeb2bdbad27316534016f\n"); - printf("Result:"); - sha1_init(&s); - for (a=0; a<1000000; a++) sha1_writebyte(&s, 'a'); - printHash(sha1_result(&s)); - - return 0; -} -#endif /* self-test */ diff --git a/protocols/Twitter/src/utility.h b/protocols/Twitter/src/utility.h index 11d5b4f6ea..42d2313002 100644 --- a/protocols/Twitter/src/utility.h +++ b/protocols/Twitter/src/utility.h @@ -76,7 +76,6 @@ public: std::wstring OAuthCreateNonce(); std::wstring OAuthCreateTimestamp(); - std::string HMACSHA1( const std::string& keyBytes, const std::string& data ); std::wstring OAuthCreateSignature( const std::wstring& signatureBase, const std::wstring& consumerSecret, const std::wstring& requestTokenSecret ); protected: diff --git a/src/mir_core/mir_core.def b/src/mir_core/mir_core.def index 037afb2aaf..3ec58865c6 100644 --- a/src/mir_core/mir_core.def +++ b/src/mir_core/mir_core.def @@ -229,3 +229,4 @@ mir_writeLogVA @226 mir_writeLogVW @227 bin2hex @228 bin2hexW @229 +mir_hmac_sha1 @230 diff --git a/src/mir_core/sha1.cpp b/src/mir_core/sha1.cpp index 9e1b376d92..5e82a3ce5b 100644 --- a/src/mir_core/sha1.cpp +++ b/src/mir_core/sha1.cpp @@ -94,7 +94,7 @@ MIR_CORE_DLL(void) mir_sha1_init(mir_sha1_ctx *ctx) ctx->W[i] = 0; } -MIR_CORE_DLL(void) mir_sha1_append(mir_sha1_ctx *ctx, mir_sha1_byte_t *dataIn, int len) +MIR_CORE_DLL(void) mir_sha1_append(mir_sha1_ctx *ctx, const BYTE *dataIn, int len) { /* Read the data into W and process blocks as they get full */ @@ -110,7 +110,7 @@ MIR_CORE_DLL(void) mir_sha1_append(mir_sha1_ctx *ctx, mir_sha1_byte_t *dataIn, i } } -MIR_CORE_DLL(void) mir_sha1_finish(mir_sha1_ctx *ctx, mir_sha1_byte_t hashout[20]) +MIR_CORE_DLL(void) mir_sha1_finish(mir_sha1_ctx *ctx, BYTE hashout[20]) { unsigned char pad0x80 = 0x80; unsigned char pad0x00 = 0x00; @@ -145,7 +145,7 @@ MIR_CORE_DLL(void) mir_sha1_finish(mir_sha1_ctx *ctx, mir_sha1_byte_t hashout[20 mir_sha1_init(ctx); } -MIR_CORE_DLL(void) mir_sha1_hash(mir_sha1_byte_t *dataIn, int len, mir_sha1_byte_t hashout[20]) +MIR_CORE_DLL(void) mir_sha1_hash(BYTE *dataIn, int len, BYTE hashout[20]) { mir_sha1_ctx ctx; @@ -153,3 +153,41 @@ MIR_CORE_DLL(void) mir_sha1_hash(mir_sha1_byte_t *dataIn, int len, mir_sha1_byte mir_sha1_append(&ctx, dataIn, len); mir_sha1_finish(&ctx, hashout); } + +///////////////////////////////////////////////////////////////////////////////////////// + +MIR_CORE_DLL(void) mir_hmac_sha1(BYTE hashout[MIR_SHA1_HASH_SIZE], const BYTE *key, size_t keylen, const BYTE *text, size_t textlen) +{ + const unsigned SHA_BLOCKSIZE = 64; + + BYTE mdkey[MIR_SHA1_HASH_SIZE], k_ipad[SHA_BLOCKSIZE], k_opad[SHA_BLOCKSIZE]; + mir_sha1_ctx ctx; + + if (keylen > SHA_BLOCKSIZE) { + mir_sha1_init(&ctx); + mir_sha1_append(&ctx, key, (int)keylen); + mir_sha1_finish(&ctx, mdkey); + keylen = 20; + key = mdkey; + } + + memcpy(k_ipad, key, keylen); + memcpy(k_opad, key, keylen); + memset(k_ipad+keylen, 0x36, SHA_BLOCKSIZE - keylen); + memset(k_opad+keylen, 0x5c, SHA_BLOCKSIZE - keylen); + + for (unsigned i = 0; i < keylen; i++) { + k_ipad[i] ^= 0x36; + k_opad[i] ^= 0x5c; + } + + mir_sha1_init(&ctx); + mir_sha1_append(&ctx, k_ipad, SHA_BLOCKSIZE); + mir_sha1_append(&ctx, text, (int)textlen); + mir_sha1_finish(&ctx, hashout); + + mir_sha1_init(&ctx); + mir_sha1_append(&ctx, k_opad, SHA_BLOCKSIZE); + mir_sha1_append(&ctx, hashout, MIR_SHA1_HASH_SIZE); + mir_sha1_finish(&ctx, hashout); +} -- cgit v1.2.3