suricata
util-crypt.c
Go to the documentation of this file.
1 /* Copyright (C) 2007-2012 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Roliers Jean-Paul <popof.fpn@gmail.co>
22  *
23  * Implements cryptographic functions.
24  * Based on the libtomcrypt library ( http://libtom.org/?page=features&newsitems=5&whatfile=crypt )
25  *
26  * Implementation of function using NSS is not linked with libtomcrypt.
27  */
28 
29 #include "suricata-common.h"
30 #include "suricata.h"
31 #include "util-crypt.h"
32 #ifdef HAVE_NSS
33 #include <sechash.h>
34 #endif
35 
36 #ifndef HAVE_NSS
37 
38 #define F0(x,y,z) (z ^ (x & (y ^ z)))
39 #define F1(x,y,z) (x ^ y ^ z)
40 #define F2(x,y,z) ((x & y) | (z & (x | y)))
41 #define F3(x,y,z) (x ^ y ^ z)
42 
43 
44 static int Sha1Compress(HashState *md, unsigned char *buf)
45 {
46  uint32_t a,b,c,d,e,W[80],i;
47  /* copy the state into 512-bits into W[0..15] */
48  for (i = 0; i < 16; i++) {
49  LOAD32H(W[i], buf + (4*i));
50  }
51 
52  /* copy state */
53  a = md->sha1.state[0];
54  b = md->sha1.state[1];
55  c = md->sha1.state[2];
56  d = md->sha1.state[3];
57  e = md->sha1.state[4];
58 
59  /* expand it */
60  for (i = 16; i < 80; i++) {
61  W[i] = ROL(W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16], 1);
62  }
63 
64  /* compress */
65  /* round one */
66  #define FF0(a,b,c,d,e,i) e = (ROLc(a, 5) + F0(b,c,d) + e + W[i] + 0x5a827999UL); b = ROLc(b, 30);
67  #define FF1(a,b,c,d,e,i) e = (ROLc(a, 5) + F1(b,c,d) + e + W[i] + 0x6ed9eba1UL); b = ROLc(b, 30);
68  #define FF2(a,b,c,d,e,i) e = (ROLc(a, 5) + F2(b,c,d) + e + W[i] + 0x8f1bbcdcUL); b = ROLc(b, 30);
69  #define FF3(a,b,c,d,e,i) e = (ROLc(a, 5) + F3(b,c,d) + e + W[i] + 0xca62c1d6UL); b = ROLc(b, 30);
70 
71  for (i = 0; i < 20; ) {
72  FF0(a,b,c,d,e,i++);
73  FF0(e,a,b,c,d,i++);
74  FF0(d,e,a,b,c,i++);
75  FF0(c,d,e,a,b,i++);
76  FF0(b,c,d,e,a,i++);
77  }
78 
79  /* round two */
80  for (; i < 40; ) {
81  FF1(a,b,c,d,e,i++);
82  FF1(e,a,b,c,d,i++);
83  FF1(d,e,a,b,c,i++);
84  FF1(c,d,e,a,b,i++);
85  FF1(b,c,d,e,a,i++);
86  }
87 
88  /* round three */
89  for (; i < 60; ) {
90  FF2(a,b,c,d,e,i++);
91  FF2(e,a,b,c,d,i++);
92  FF2(d,e,a,b,c,i++);
93  FF2(c,d,e,a,b,i++);
94  FF2(b,c,d,e,a,i++);
95  }
96 
97  /* round four */
98  for (; i < 80; ) {
99  FF3(a,b,c,d,e,i++);
100  FF3(e,a,b,c,d,i++);
101  FF3(d,e,a,b,c,i++);
102  FF3(c,d,e,a,b,i++);
103  FF3(b,c,d,e,a,i++);
104  }
105 
106  #undef FF0
107  #undef FF1
108  #undef FF2
109  #undef FF3
110 
111  /* store */
112  md->sha1.state[0] = md->sha1.state[0] + a;
113  md->sha1.state[1] = md->sha1.state[1] + b;
114  md->sha1.state[2] = md->sha1.state[2] + c;
115  md->sha1.state[3] = md->sha1.state[3] + d;
116  md->sha1.state[4] = md->sha1.state[4] + e;
117 
118  return SC_SHA_1_OK;
119 }
120 
121 static int Sha1Init(HashState * md)
122 {
123  if(md == NULL)
124  {
125  return SC_SHA_1_NOK;
126  }
127  md->sha1.state[0] = 0x67452301UL;
128  md->sha1.state[1] = 0xefcdab89UL;
129  md->sha1.state[2] = 0x98badcfeUL;
130  md->sha1.state[3] = 0x10325476UL;
131  md->sha1.state[4] = 0xc3d2e1f0UL;
132  md->sha1.curlen = 0;
133  md->sha1.length = 0;
134  return SC_SHA_1_OK;
135 }
136 
137 static int Sha1Process (HashState * md, const unsigned char *in, unsigned long inlen)
138 {
139  if(md == NULL || in == NULL) {
140  return SC_SHA_1_INVALID_ARG;
141  }
142 
143  unsigned long n;
144  int err;
145 
146  if (md->sha1.curlen > sizeof(md->sha1.buf)) {
147  return SC_SHA_1_INVALID_ARG;
148  }
149  while (inlen > 0) {
150  if (md-> sha1.curlen == 0 && inlen >= 64) {
151  if ((err = Sha1Compress(md, (unsigned char *)in)) != SC_SHA_1_OK) {
152  return err;
153  }
154  md-> sha1 .length += 64 * 8;
155  in += 64;
156  inlen -= 64;
157  } else {
158  n = MIN(inlen, (64 - md-> sha1 .curlen));
159  memcpy(md-> sha1 .buf + md-> sha1.curlen, in, (size_t)n);
160  md-> sha1 .curlen += n;
161  in += n;
162  inlen -= n;
163  if (md-> sha1 .curlen == 64) {
164  if ((err = Sha1Compress(md, md-> sha1 .buf)) != SC_SHA_1_OK) {
165  return err;
166  }
167  md-> sha1 .length += 8*64;
168  md-> sha1 .curlen = 0;
169  }
170  }
171  }
172  return SC_SHA_1_OK;
173 }
174 
175 
176 
177 static int Sha1Done(HashState * md, unsigned char *out)
178 {
179  int i;
180 
181  if (md == NULL || out == NULL)
182  {
183  return SC_SHA_1_NOK;
184  }
185 
186  if (md->sha1.curlen >= sizeof(md->sha1.buf)) {
187  return SC_SHA_1_INVALID_ARG;
188  }
189 
190  /* increase the length of the message */
191  md->sha1.length += md->sha1.curlen * 8;
192 
193  /* append the '1' bit */
194  md->sha1.buf[md->sha1.curlen++] = (unsigned char)0x80;
195 
196  /* if the length is currently above 56 bytes we append zeros
197  * then compress. Then we can fall back to padding zeros and length
198  * encoding like normal.
199  */
200  if (md->sha1.curlen > 56) {
201  while (md->sha1.curlen < 64) {
202  md->sha1.buf[md->sha1.curlen++] = (unsigned char)0;
203  }
204  Sha1Compress(md, md->sha1.buf);
205  md->sha1.curlen = 0;
206  }
207 
208  /* pad upto 56 bytes of zeroes */
209  while (md->sha1.curlen < 56) {
210  md->sha1.buf[md->sha1.curlen++] = (unsigned char)0;
211  }
212 
213  /* store length */
214  STORE64H(md->sha1.length, md->sha1.buf+56);
215  Sha1Compress(md, md->sha1.buf);
216 
217  /* copy output */
218  for (i = 0; i < 5; i++) {
219  STORE32H(md->sha1.state[i], out+(4*i));
220  }
221 
222  memset(md, 0, sizeof(HashState));
223 
224  return SC_SHA_1_OK;
225 }
226 
227 /** \brief calculate SHA1 hash
228  * \retval int 1 for success, 0 for fail
229  */
230 int ComputeSHA1(const uint8_t *inbuf, size_t inbuf_len,
231  uint8_t *outbuf, size_t outbuf_size)
232 {
233  if (unlikely(outbuf_size != 20))
234  return 0;
235 
236  HashState md;
237  Sha1Init(&md);
238  Sha1Process(&md, inbuf, inbuf_len);
239  Sha1Done(&md, outbuf);
240  return 1;
241 }
242 
243 #else /* HAVE_NSS */
244 
245 /** \brief calculate SHA1 hash
246  * \retval int 1 for success, 0 for fail
247  */
248 int ComputeSHA1(const uint8_t *inbuf, size_t inbuf_len,
249  uint8_t *outbuf, size_t outbuf_size)
250 {
251  if (unlikely(outbuf_size != 20))
252  return 0;
253 
254  HASHContext *sha1_ctx = HASH_Create(HASH_AlgSHA1);
255  if (sha1_ctx == NULL) {
256  return 0;
257  }
258 
259  HASH_Begin(sha1_ctx);
260  HASH_Update(sha1_ctx, inbuf, inbuf_len);
261  unsigned int rlen;
262  HASH_End(sha1_ctx, outbuf, &rlen, outbuf_size);
263  HASH_Destroy(sha1_ctx);
264 
265  return rlen == outbuf_size;
266 }
267 
268 #endif /* HAVE_NSS */
269 
270 static const char *b64codes = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
271 
272 int Base64Encode(const unsigned char *in, unsigned long inlen,
273  unsigned char *out, unsigned long *outlen)
274 {
275  unsigned long i, len2, leven;
276  unsigned char *p;
277  if(in == NULL || out == NULL || outlen == NULL)
278  {
279  return SC_BASE64_INVALID_ARG;
280  }
281  /* valid output size ? */
282  len2 = 4 * ((inlen + 2) / 3);
283  if (*outlen < len2 + 1) {
284  *outlen = len2 + 1;
285  return SC_BASE64_OVERFLOW;
286  }
287  p = out;
288  leven = 3*(inlen / 3);
289  for (i = 0; i < leven; i += 3) {
290  *p++ = b64codes[(in[0] >> 2) & 0x3F];
291  *p++ = b64codes[(((in[0] & 3) << 4) + (in[1] >> 4)) & 0x3F];
292  *p++ = b64codes[(((in[1] & 0xf) << 2) + (in[2] >> 6)) & 0x3F];
293  *p++ = b64codes[in[2] & 0x3F];
294  in += 3;
295  }
296  /* Pad it if necessary... */
297  if (i < inlen) {
298  unsigned a = in[0];
299  unsigned b = (i+1 < inlen) ? in[1] : 0;
300 
301  *p++ = b64codes[(a >> 2) & 0x3F];
302  *p++ = b64codes[(((a & 3) << 4) + (b >> 4)) & 0x3F];
303  *p++ = (i+1 < inlen) ? b64codes[(((b & 0xf) << 2)) & 0x3F] : '=';
304  *p++ = '=';
305  }
306  /* append a NULL byte */
307  *p = '\0';
308  /* return ok */
309  *outlen = p - out;
310  return SC_BASE64_OK;
311 }
uint64_t length
Definition: util-crypt.h:70
Sha1State sha1
Definition: util-crypt.h:77
uint32_t state[5]
Definition: util-crypt.h:71
int ComputeSHA1(const uint8_t *inbuf, size_t inbuf_len, uint8_t *outbuf, size_t outbuf_size)
calculate SHA1 hash
Definition: util-crypt.c:230
#define unlikely(expr)
Definition: util-optimize.h:35
uint32_t curlen
Definition: util-crypt.h:71
#define MIN(x, y)
#define STORE32H(x, y)
Definition: util-crypt.h:59
uint16_t rlen
#define FF0(a, b, c, d, e, i)
unsigned char buf[64]
Definition: util-crypt.h:72
#define FF3(a, b, c, d, e, i)
#define STORE64H(x, y)
Definition: util-crypt.h:53
#define FF1(a, b, c, d, e, i)
#define FF2(a, b, c, d, e, i)
#define LOAD32H(x, y)
Definition: util-crypt.h:47
int Base64Encode(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen)
Definition: util-crypt.c:272
#define ROL(x, y)
Definition: util-crypt.h:63