1
/* This Source Code Form is subject to the terms of the Mozilla Public
2
* License, v. 2.0. If a copy of the MPL was not distributed with this
3
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
12
/* MACMechanismToHash converts a PKCS#11 MAC mechanism into a freebl hash
15
MACMechanismToHash(CK_MECHANISM_TYPE mech)
19
case CKM_SSL3_MD5_MAC:
22
case CKM_SSL3_SHA1_MAC:
25
return HASH_AlgSHA224;
27
return HASH_AlgSHA256;
29
return HASH_AlgSHA384;
31
return HASH_AlgSHA512;
36
static sftk_MACConstantTimeCtx *
37
SetupMAC(CK_MECHANISM_PTR mech, SFTKObject *key)
39
CK_NSS_MAC_CONSTANT_TIME_PARAMS *params =
40
(CK_NSS_MAC_CONSTANT_TIME_PARAMS *) mech->pParameter;
41
sftk_MACConstantTimeCtx *ctx;
43
SFTKAttribute *keyval;
44
unsigned char secret[sizeof(ctx->secret)];
45
unsigned int secretLength;
47
if (mech->ulParameterLen != sizeof(CK_NSS_MAC_CONSTANT_TIME_PARAMS)) {
51
alg = MACMechanismToHash(params->macAlg);
52
if (alg == HASH_AlgNULL) {
56
keyval = sftk_FindAttribute(key,CKA_VALUE);
60
secretLength = keyval->attrib.ulValueLen;
61
if (secretLength > sizeof(secret)) {
62
sftk_FreeAttribute(keyval);
65
memcpy(secret, keyval->attrib.pValue, secretLength);
66
sftk_FreeAttribute(keyval);
68
ctx = PORT_Alloc(sizeof(sftk_MACConstantTimeCtx));
73
memcpy(ctx->secret, secret, secretLength);
74
ctx->secretLength = secretLength;
75
ctx->hash = HASH_GetRawHashObject(alg);
76
ctx->totalLength = params->ulBodyTotalLen;
81
sftk_MACConstantTimeCtx *
82
sftk_HMACConstantTime_New(CK_MECHANISM_PTR mech, SFTKObject *key)
84
CK_NSS_MAC_CONSTANT_TIME_PARAMS *params =
85
(CK_NSS_MAC_CONSTANT_TIME_PARAMS *) mech->pParameter;
86
sftk_MACConstantTimeCtx *ctx;
88
if (params->ulHeaderLen > sizeof(ctx->header)) {
91
ctx = SetupMAC(mech, key);
96
ctx->headerLength = params->ulHeaderLen;
97
memcpy(ctx->header, params->pHeader, params->ulHeaderLen);
101
sftk_MACConstantTimeCtx *
102
sftk_SSLv3MACConstantTime_New(CK_MECHANISM_PTR mech, SFTKObject *key)
104
CK_NSS_MAC_CONSTANT_TIME_PARAMS *params =
105
(CK_NSS_MAC_CONSTANT_TIME_PARAMS *) mech->pParameter;
106
unsigned int padLength = 40, j;
107
sftk_MACConstantTimeCtx *ctx;
109
if (params->macAlg != CKM_SSL3_MD5_MAC &&
110
params->macAlg != CKM_SSL3_SHA1_MAC) {
113
ctx = SetupMAC(mech, key);
118
if (params->macAlg == CKM_SSL3_MD5_MAC) {
127
if (ctx->headerLength > sizeof(ctx->header)) {
132
memcpy(&ctx->header[j], ctx->secret, ctx->secretLength);
133
j += ctx->secretLength;
134
memset(&ctx->header[j], 0x36, padLength);
136
memcpy(&ctx->header[j], params->pHeader, params->ulHeaderLen);
146
sftk_HMACConstantTime_Update(void *pctx, void *data, unsigned int len)
148
sftk_MACConstantTimeCtx *ctx = (sftk_MACConstantTimeCtx *) pctx;
149
SECStatus rv = HMAC_ConstantTime(
150
ctx->mac, NULL, sizeof(ctx->mac),
152
ctx->secret, ctx->secretLength,
153
ctx->header, ctx->headerLength,
156
PORT_Assert(rv == SECSuccess);
160
sftk_SSLv3MACConstantTime_Update(void *pctx, void *data, unsigned int len)
162
sftk_MACConstantTimeCtx *ctx = (sftk_MACConstantTimeCtx *) pctx;
163
SECStatus rv = SSLv3_MAC_ConstantTime(
164
ctx->mac, NULL, sizeof(ctx->mac),
166
ctx->secret, ctx->secretLength,
167
ctx->header, ctx->headerLength,
170
PORT_Assert(rv == SECSuccess);
174
sftk_MACConstantTime_EndHash(void *pctx, void *out, unsigned int *outLength,
175
unsigned int maxLength)
177
const sftk_MACConstantTimeCtx *ctx = (sftk_MACConstantTimeCtx *) pctx;
178
unsigned int toCopy = ctx->hash->length;
179
if (toCopy > maxLength) {
182
memcpy(out, ctx->mac, toCopy);
189
sftk_MACConstantTime_DestroyContext(void *pctx, PRBool free)