1 /*
2 * Pidgin-Encryption MGF-1 Mask Generation Function (see PKCS#1 v2.1)
3 *
4 * Copyright (C) 2003 William Tompkins
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
20
21 #include <pk11func.h>
22
23 /* for g_assert; PORT_Assert seems disabled... */
24 #include <glib.h>
25
26 #include "nss_mgf1.h"
27
28 static const SECOidTag Hash_OID = SEC_OID_SHA1;
29
30 /* Mask Generation function: From a seed, produce a variably sized mask, and */
31 /* XOR it with the maskee. */
32
33 /* Note- this is an inefficient implementation, as we repeatedly hash the */
34 /* seed. If we saved the intermediate context, we'd probably save */
35 /* a bunch of time. But, the NSS exported interface doesn't let us */
36 /* do that easily, so we don't. */
37
memxor(unsigned char * a,unsigned char * b,int len)38 static void memxor (unsigned char* a, unsigned char* b, int len) {
39 while (len-- > 0) {
40 *a++ ^= *b++;
41 }
42 }
43
mgf1(unsigned char * maskee,unsigned int maskee_len,unsigned char * seed,unsigned seed_len)44 int mgf1(unsigned char* maskee, unsigned int maskee_len,
45 unsigned char* seed, unsigned seed_len) {
46
47 unsigned char* extended_seed = PORT_Alloc(seed_len + 4);
48 unsigned char* hash_out;
49 unsigned int hash_len;
50
51 unsigned long int counter = 0;
52 unsigned int counter_pos = seed_len;
53
54 unsigned int maskee_pos = 0;
55 unsigned int cur_block_size;
56
57 SECStatus rv;
58
59 hash_len = 20;
60
61 hash_out = PORT_Alloc(hash_len);
62 PORT_Memcpy(extended_seed, seed, seed_len);
63
64 while (maskee_pos < maskee_len) {
65 /* Store counter at counter_pos, msb first */
66 extended_seed[counter_pos] = (unsigned char) ((counter >> 24) & 0xff);
67 extended_seed[counter_pos+1] = (unsigned char) ((counter >> 16) & 0xff);
68 extended_seed[counter_pos+2] = (unsigned char) ((counter >> 8) & 0xff);
69 extended_seed[counter_pos+3] = (unsigned char) (counter & 0xff);
70
71 rv = PK11_HashBuf(Hash_OID, hash_out, extended_seed, seed_len + 4);
72 g_assert(rv == SECSuccess);
73
74 cur_block_size = (maskee_len - maskee_pos);
75 if (cur_block_size > hash_len) cur_block_size = hash_len;
76
77 memxor(maskee + maskee_pos, hash_out, cur_block_size);
78 maskee_pos += cur_block_size;
79
80 ++counter;
81 }
82
83 PORT_ZFree(extended_seed, seed_len+4);
84 PORT_ZFree(hash_out, hash_len);
85 return 1;
86 }
87