1 /*
2 * Copyright 2011 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
11 #include "rtc_base/message_digest.h"
12
13 #include <string.h>
14
15 #include <cstdint>
16 #include <memory>
17
18 #include "absl/strings/string_view.h"
19 #include "rtc_base/openssl_digest.h"
20 #include "rtc_base/string_encode.h"
21
22 namespace rtc {
23
24 // From RFC 4572.
25 const char DIGEST_MD5[] = "md5";
26 const char DIGEST_SHA_1[] = "sha-1";
27 const char DIGEST_SHA_224[] = "sha-224";
28 const char DIGEST_SHA_256[] = "sha-256";
29 const char DIGEST_SHA_384[] = "sha-384";
30 const char DIGEST_SHA_512[] = "sha-512";
31
32 static const size_t kBlockSize = 64; // valid for SHA-256 and down
33
Create(absl::string_view alg)34 MessageDigest* MessageDigestFactory::Create(absl::string_view alg) {
35 MessageDigest* digest = new OpenSSLDigest(alg);
36 if (digest->Size() == 0) { // invalid algorithm
37 delete digest;
38 digest = nullptr;
39 }
40 return digest;
41 }
42
IsFips180DigestAlgorithm(absl::string_view alg)43 bool IsFips180DigestAlgorithm(absl::string_view alg) {
44 // These are the FIPS 180 algorithms. According to RFC 4572 Section 5,
45 // "Self-signed certificates (for which legacy certificates are not a
46 // consideration) MUST use one of the FIPS 180 algorithms (SHA-1,
47 // SHA-224, SHA-256, SHA-384, or SHA-512) as their signature algorithm,
48 // and thus also MUST use it to calculate certificate fingerprints."
49 return alg == DIGEST_SHA_1 || alg == DIGEST_SHA_224 ||
50 alg == DIGEST_SHA_256 || alg == DIGEST_SHA_384 ||
51 alg == DIGEST_SHA_512;
52 }
53
ComputeDigest(MessageDigest * digest,const void * input,size_t in_len,void * output,size_t out_len)54 size_t ComputeDigest(MessageDigest* digest,
55 const void* input,
56 size_t in_len,
57 void* output,
58 size_t out_len) {
59 digest->Update(input, in_len);
60 return digest->Finish(output, out_len);
61 }
62
ComputeDigest(absl::string_view alg,const void * input,size_t in_len,void * output,size_t out_len)63 size_t ComputeDigest(absl::string_view alg,
64 const void* input,
65 size_t in_len,
66 void* output,
67 size_t out_len) {
68 std::unique_ptr<MessageDigest> digest(MessageDigestFactory::Create(alg));
69 return (digest) ? ComputeDigest(digest.get(), input, in_len, output, out_len)
70 : 0;
71 }
72
ComputeDigest(MessageDigest * digest,absl::string_view input)73 std::string ComputeDigest(MessageDigest* digest, absl::string_view input) {
74 std::unique_ptr<char[]> output(new char[digest->Size()]);
75 ComputeDigest(digest, input.data(), input.size(), output.get(),
76 digest->Size());
77 return hex_encode(absl::string_view(output.get(), digest->Size()));
78 }
79
ComputeDigest(absl::string_view alg,absl::string_view input,std::string * output)80 bool ComputeDigest(absl::string_view alg,
81 absl::string_view input,
82 std::string* output) {
83 std::unique_ptr<MessageDigest> digest(MessageDigestFactory::Create(alg));
84 if (!digest) {
85 return false;
86 }
87 *output = ComputeDigest(digest.get(), input);
88 return true;
89 }
90
ComputeDigest(absl::string_view alg,absl::string_view input)91 std::string ComputeDigest(absl::string_view alg, absl::string_view input) {
92 std::string output;
93 ComputeDigest(alg, input, &output);
94 return output;
95 }
96
97 // Compute a RFC 2104 HMAC: H(K XOR opad, H(K XOR ipad, text))
ComputeHmac(MessageDigest * digest,const void * key,size_t key_len,const void * input,size_t in_len,void * output,size_t out_len)98 size_t ComputeHmac(MessageDigest* digest,
99 const void* key,
100 size_t key_len,
101 const void* input,
102 size_t in_len,
103 void* output,
104 size_t out_len) {
105 // We only handle algorithms with a 64-byte blocksize.
106 // TODO: Add BlockSize() method to MessageDigest.
107 size_t block_len = kBlockSize;
108 if (digest->Size() > 32) {
109 return 0;
110 }
111 // Copy the key to a block-sized buffer to simplify padding.
112 // If the key is longer than a block, hash it and use the result instead.
113 std::unique_ptr<uint8_t[]> new_key(new uint8_t[block_len]);
114 if (key_len > block_len) {
115 ComputeDigest(digest, key, key_len, new_key.get(), block_len);
116 memset(new_key.get() + digest->Size(), 0, block_len - digest->Size());
117 } else {
118 memcpy(new_key.get(), key, key_len);
119 memset(new_key.get() + key_len, 0, block_len - key_len);
120 }
121 // Set up the padding from the key, salting appropriately for each padding.
122 std::unique_ptr<uint8_t[]> o_pad(new uint8_t[block_len]);
123 std::unique_ptr<uint8_t[]> i_pad(new uint8_t[block_len]);
124 for (size_t i = 0; i < block_len; ++i) {
125 o_pad[i] = 0x5c ^ new_key[i];
126 i_pad[i] = 0x36 ^ new_key[i];
127 }
128 // Inner hash; hash the inner padding, and then the input buffer.
129 std::unique_ptr<uint8_t[]> inner(new uint8_t[digest->Size()]);
130 digest->Update(i_pad.get(), block_len);
131 digest->Update(input, in_len);
132 digest->Finish(inner.get(), digest->Size());
133 // Outer hash; hash the outer padding, and then the result of the inner hash.
134 digest->Update(o_pad.get(), block_len);
135 digest->Update(inner.get(), digest->Size());
136 return digest->Finish(output, out_len);
137 }
138
ComputeHmac(absl::string_view alg,const void * key,size_t key_len,const void * input,size_t in_len,void * output,size_t out_len)139 size_t ComputeHmac(absl::string_view alg,
140 const void* key,
141 size_t key_len,
142 const void* input,
143 size_t in_len,
144 void* output,
145 size_t out_len) {
146 std::unique_ptr<MessageDigest> digest(MessageDigestFactory::Create(alg));
147 if (!digest) {
148 return 0;
149 }
150 return ComputeHmac(digest.get(), key, key_len, input, in_len, output,
151 out_len);
152 }
153
ComputeHmac(MessageDigest * digest,absl::string_view key,absl::string_view input)154 std::string ComputeHmac(MessageDigest* digest,
155 absl::string_view key,
156 absl::string_view input) {
157 std::unique_ptr<char[]> output(new char[digest->Size()]);
158 ComputeHmac(digest, key.data(), key.size(), input.data(), input.size(),
159 output.get(), digest->Size());
160 return hex_encode(absl::string_view(output.get(), digest->Size()));
161 }
162
ComputeHmac(absl::string_view alg,absl::string_view key,absl::string_view input,std::string * output)163 bool ComputeHmac(absl::string_view alg,
164 absl::string_view key,
165 absl::string_view input,
166 std::string* output) {
167 std::unique_ptr<MessageDigest> digest(MessageDigestFactory::Create(alg));
168 if (!digest) {
169 return false;
170 }
171 *output = ComputeHmac(digest.get(), key, input);
172 return true;
173 }
174
ComputeHmac(absl::string_view alg,absl::string_view key,absl::string_view input)175 std::string ComputeHmac(absl::string_view alg,
176 absl::string_view key,
177 absl::string_view input) {
178 std::string output;
179 ComputeHmac(alg, key, input, &output);
180 return output;
181 }
182
183 } // namespace rtc
184