src/net/http/des.cc - cobalt - Git at Google

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "net/http/des.h"

 #include "base/logging.h"

 #if defined(USE_OPENSSL)
 #include <openssl/des.h>
 #include "crypto/openssl_util.h"
 #elif defined(USE_NSS)
 #include <nss.h>
 #include <pk11pub.h>
 #include "crypto/nss_util.h"
 #elif defined(OS_MACOSX)
 #include <CommonCrypto/CommonCryptor.h>
 #elif defined(OS_WIN)
 #include <windows.h>
 #include <wincrypt.h>
 #include "crypto/scoped_capi_types.h"
 #endif

 // The Mac and Windows (CryptoAPI) versions of DESEncrypt are our own code.
 // DESSetKeyParity, DESMakeKey, and the Linux (NSS) version of DESEncrypt are
 // based on mozilla/security/manager/ssl/src/nsNTLMAuthModule.cpp,
 // CVS rev. 1.14.

 /* ***** BEGIN LICENSE BLOCK *****
  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  *
  * The contents of this file are subject to the Mozilla Public License Version
  * 1.1 (the "License"); you may not use this file except in compliance with
  * the License. You may obtain a copy of the License at
  * http://www.mozilla.org/MPL/
  *
  * Software distributed under the License is distributed on an "AS IS" basis,
  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
  * for the specific language governing rights and limitations under the
  * License.
  *
  * The Original Code is Mozilla.
  *
  * The Initial Developer of the Original Code is IBM Corporation.
  * Portions created by IBM Corporation are Copyright (C) 2003
  * IBM Corporation. All Rights Reserved.
  *
  * Contributor(s):
  *   Darin Fisher <darin@meer.net>
  *
  * Alternatively, the contents of this file may be used under the terms of
  * either the GNU General Public License Version 2 or later (the "GPL"), or
  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
  * in which case the provisions of the GPL or the LGPL are applicable instead
  * of those above. If you wish to allow use of your version of this file only
  * under the terms of either the GPL or the LGPL, and not to allow others to
  * use your version of this file under the terms of the MPL, indicate your
  * decision by deleting the provisions above and replace them with the notice
  * and other provisions required by the GPL or the LGPL. If you do not delete
  * the provisions above, a recipient may use your version of this file under
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */

 // Set odd parity bit (in least significant bit position).
 static uint8 DESSetKeyParity(uint8 x) {
   if ((((x >> 7) ^ (x >> 6) ^ (x >> 5) ^
         (x >> 4) ^ (x >> 3) ^ (x >> 2) ^
         (x >> 1)) & 0x01) == 0) {
     x |= 0x01;
   } else {
     x &= 0xfe;
   }
   return x;
 }

 namespace net {

 void DESMakeKey(const uint8* raw, uint8* key) {
   key[0] = DESSetKeyParity(raw[0]);
   key[1] = DESSetKeyParity((raw[0] << 7) | (raw[1] >> 1));
   key[2] = DESSetKeyParity((raw[1] << 6) | (raw[2] >> 2));
   key[3] = DESSetKeyParity((raw[2] << 5) | (raw[3] >> 3));
   key[4] = DESSetKeyParity((raw[3] << 4) | (raw[4] >> 4));
   key[5] = DESSetKeyParity((raw[4] << 3) | (raw[5] >> 5));
   key[6] = DESSetKeyParity((raw[5] << 2) | (raw[6] >> 6));
   key[7] = DESSetKeyParity((raw[6] << 1));
 }

 #if defined(USE_OPENSSL)

 void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) {
   crypto::EnsureOpenSSLInit();

   DES_key_schedule ks;
   DES_set_key_unchecked(
       reinterpret_cast<const_DES_cblock*>(const_cast<uint8*>(key)), &ks);

   DES_ecb_encrypt(reinterpret_cast<const_DES_cblock*>(const_cast<uint8*>(src)),
                   reinterpret_cast<DES_cblock*>(hash), &ks, DES_ENCRYPT);
 }

 #elif defined(USE_NSS)

 void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) {
   CK_MECHANISM_TYPE cipher_mech = CKM_DES_ECB;
   PK11SlotInfo* slot = NULL;
   PK11SymKey* symkey = NULL;
   PK11Context* ctxt = NULL;
   SECItem key_item;
   SECItem* param = NULL;
   SECStatus rv;
   unsigned int n;

   crypto::EnsureNSSInit();

   slot = PK11_GetInternalSlot();
   if (!slot)
     goto done;

   key_item.data = const_cast<uint8*>(key);
   key_item.len = 8;
   symkey = PK11_ImportSymKey(slot, cipher_mech,
                              PK11_OriginUnwrap, CKA_ENCRYPT,
                              &key_item, NULL);
   if (!symkey)
     goto done;

   // No initialization vector required.
   param = PK11_ParamFromIV(cipher_mech, NULL);
   if (!param)
     goto done;

   ctxt = PK11_CreateContextBySymKey(cipher_mech, CKA_ENCRYPT,
                                     symkey, param);
   if (!ctxt)
     goto done;

   rv = PK11_CipherOp(ctxt, hash, reinterpret_cast<int*>(&n), 8,
                      const_cast<uint8*>(src), 8);
   if (rv != SECSuccess)
     goto done;

   // TODO(wtc): Should this be PK11_Finalize?
   rv = PK11_DigestFinal(ctxt, hash+8, &n, 0);
   if (rv != SECSuccess)
     goto done;

  done:
   if (ctxt)
     PK11_DestroyContext(ctxt, PR_TRUE);
   if (symkey)
     PK11_FreeSymKey(symkey);
   if (param)
     SECITEM_FreeItem(param, PR_TRUE);
   if (slot)
     PK11_FreeSlot(slot);
 }

 #elif defined(OS_MACOSX)

 void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) {
   CCCryptorStatus status;
   size_t data_out_moved = 0;
   status = CCCrypt(kCCEncrypt, kCCAlgorithmDES, kCCOptionECBMode,
                    key, 8, NULL, src, 8, hash, 8, &data_out_moved);
   DCHECK(status == kCCSuccess);
   DCHECK(data_out_moved == 8);
 }

 #elif defined(OS_WIN)

 void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) {
   crypto::ScopedHCRYPTPROV provider;
   if (!CryptAcquireContext(provider.receive(), NULL, NULL, PROV_RSA_FULL,
                            CRYPT_VERIFYCONTEXT))
     return;

   {
     // Import the DES key.
     struct KeyBlob {
       BLOBHEADER header;
       DWORD key_size;
       BYTE key_data[8];
     };
     KeyBlob key_blob;
     key_blob.header.bType = PLAINTEXTKEYBLOB;
     key_blob.header.bVersion = CUR_BLOB_VERSION;
     key_blob.header.reserved = 0;
     key_blob.header.aiKeyAlg = CALG_DES;
     key_blob.key_size = 8;  // 64 bits
     memcpy(key_blob.key_data, key, 8);

     crypto::ScopedHCRYPTKEY key;
     BOOL import_ok = CryptImportKey(provider,
                                     reinterpret_cast<BYTE*>(&key_blob),
                                     sizeof key_blob, 0, 0, key.receive());
     // Destroy the copy of the key.
     SecureZeroMemory(key_blob.key_data, sizeof key_blob.key_data);
     if (!import_ok)
       return;

     // No initialization vector required.
     DWORD cipher_mode = CRYPT_MODE_ECB;
     if (!CryptSetKeyParam(key, KP_MODE, reinterpret_cast<BYTE*>(&cipher_mode),
                           0))
       return;

     // CryptoAPI requires us to copy the plaintext to the output buffer first.
     CopyMemory(hash, src, 8);
     // Pass a 'Final' of FALSE, otherwise CryptEncrypt appends one additional
     // block of padding to the data.
     DWORD hash_len = 8;
     CryptEncrypt(key, 0, FALSE, 0, hash, &hash_len, 8);
   }
 }

 #endif

 }  // namespace net
	// Copyright (c) 2011 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "net/http/des.h"

	#include "base/logging.h"

	#if defined(USE_OPENSSL)
	#include <openssl/des.h>
	#include "crypto/openssl_util.h"
	#elif defined(USE_NSS)
	#include <nss.h>
	#include <pk11pub.h>
	#include "crypto/nss_util.h"
	#elif defined(OS_MACOSX)
	#include <CommonCrypto/CommonCryptor.h>
	#elif defined(OS_WIN)
	#include <windows.h>
	#include <wincrypt.h>
	#include "crypto/scoped_capi_types.h"
	#endif

	// The Mac and Windows (CryptoAPI) versions of DESEncrypt are our own code.
	// DESSetKeyParity, DESMakeKey, and the Linux (NSS) version of DESEncrypt are
	// based on mozilla/security/manager/ssl/src/nsNTLMAuthModule.cpp,
	// CVS rev. 1.14.

	/* *** BEGIN LICENSE BLOCK ***
	* Version: MPL 1.1/GPL 2.0/LGPL 2.1
	*
	* The contents of this file are subject to the Mozilla Public License Version
	* 1.1 (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	* http://www.mozilla.org/MPL/
	*
	* Software distributed under the License is distributed on an "AS IS" basis,
	* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
	* for the specific language governing rights and limitations under the
	* License.
	*
	* The Original Code is Mozilla.
	*
	* The Initial Developer of the Original Code is IBM Corporation.
	* Portions created by IBM Corporation are Copyright (C) 2003
	* IBM Corporation. All Rights Reserved.
	*
	* Contributor(s):
	* Darin Fisher <darin@meer.net>
	*
	* Alternatively, the contents of this file may be used under the terms of
	* either the GNU General Public License Version 2 or later (the "GPL"), or
	* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
	* in which case the provisions of the GPL or the LGPL are applicable instead
	* of those above. If you wish to allow use of your version of this file only
	* under the terms of either the GPL or the LGPL, and not to allow others to
	* use your version of this file under the terms of the MPL, indicate your
	* decision by deleting the provisions above and replace them with the notice
	* and other provisions required by the GPL or the LGPL. If you do not delete
	* the provisions above, a recipient may use your version of this file under
	* the terms of any one of the MPL, the GPL or the LGPL.
	*
	* *** END LICENSE BLOCK *** */

	// Set odd parity bit (in least significant bit position).
	static uint8 DESSetKeyParity(uint8 x) {
	if ((((x >> 7) ^ (x >> 6) ^ (x >> 5) ^
	(x >> 4) ^ (x >> 3) ^ (x >> 2) ^
	(x >> 1)) & 0x01) == 0) {
	x \|= 0x01;
	} else {
	x &= 0xfe;
	}
	return x;
	}

	namespace net {

	void DESMakeKey(const uint8* raw, uint8* key) {
	key[0] = DESSetKeyParity(raw[0]);
	key[1] = DESSetKeyParity((raw[0] << 7) \| (raw[1] >> 1));
	key[2] = DESSetKeyParity((raw[1] << 6) \| (raw[2] >> 2));
	key[3] = DESSetKeyParity((raw[2] << 5) \| (raw[3] >> 3));
	key[4] = DESSetKeyParity((raw[3] << 4) \| (raw[4] >> 4));
	key[5] = DESSetKeyParity((raw[4] << 3) \| (raw[5] >> 5));
	key[6] = DESSetKeyParity((raw[5] << 2) \| (raw[6] >> 6));
	key[7] = DESSetKeyParity((raw[6] << 1));
	}

	#if defined(USE_OPENSSL)

	void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) {
	crypto::EnsureOpenSSLInit();

	DES_key_schedule ks;
	DES_set_key_unchecked(
	reinterpret_cast<const_DES_cblock>(const_cast<uint8>(key)), &ks);

	DES_ecb_encrypt(reinterpret_cast<const_DES_cblock>(const_cast<uint8>(src)),
	reinterpret_cast<DES_cblock*>(hash), &ks, DES_ENCRYPT);
	}

	#elif defined(USE_NSS)

	void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) {
	CK_MECHANISM_TYPE cipher_mech = CKM_DES_ECB;
	PK11SlotInfo* slot = NULL;
	PK11SymKey* symkey = NULL;
	PK11Context* ctxt = NULL;
	SECItem key_item;
	SECItem* param = NULL;
	SECStatus rv;
	unsigned int n;

	crypto::EnsureNSSInit();

	slot = PK11_GetInternalSlot();
	if (!slot)
	goto done;

	key_item.data = const_cast<uint8*>(key);
	key_item.len = 8;
	symkey = PK11_ImportSymKey(slot, cipher_mech,
	PK11_OriginUnwrap, CKA_ENCRYPT,
	&key_item, NULL);
	if (!symkey)
	goto done;

	// No initialization vector required.
	param = PK11_ParamFromIV(cipher_mech, NULL);
	if (!param)
	goto done;

	ctxt = PK11_CreateContextBySymKey(cipher_mech, CKA_ENCRYPT,
	symkey, param);
	if (!ctxt)
	goto done;

	rv = PK11_CipherOp(ctxt, hash, reinterpret_cast<int*>(&n), 8,
	const_cast<uint8*>(src), 8);
	if (rv != SECSuccess)
	goto done;

	// TODO(wtc): Should this be PK11_Finalize?
	rv = PK11_DigestFinal(ctxt, hash+8, &n, 0);
	if (rv != SECSuccess)
	goto done;

	done:
	if (ctxt)
	PK11_DestroyContext(ctxt, PR_TRUE);
	if (symkey)
	PK11_FreeSymKey(symkey);
	if (param)
	SECITEM_FreeItem(param, PR_TRUE);
	if (slot)
	PK11_FreeSlot(slot);
	}

	#elif defined(OS_MACOSX)

	void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) {
	CCCryptorStatus status;
	size_t data_out_moved = 0;
	status = CCCrypt(kCCEncrypt, kCCAlgorithmDES, kCCOptionECBMode,
	key, 8, NULL, src, 8, hash, 8, &data_out_moved);
	DCHECK(status == kCCSuccess);
	DCHECK(data_out_moved == 8);
	}

	#elif defined(OS_WIN)

	void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) {
	crypto::ScopedHCRYPTPROV provider;
	if (!CryptAcquireContext(provider.receive(), NULL, NULL, PROV_RSA_FULL,
	CRYPT_VERIFYCONTEXT))
	return;

	{
	// Import the DES key.
	struct KeyBlob {
	BLOBHEADER header;
	DWORD key_size;
	BYTE key_data[8];
	};
	KeyBlob key_blob;
	key_blob.header.bType = PLAINTEXTKEYBLOB;
	key_blob.header.bVersion = CUR_BLOB_VERSION;
	key_blob.header.reserved = 0;
	key_blob.header.aiKeyAlg = CALG_DES;
	key_blob.key_size = 8; // 64 bits
	memcpy(key_blob.key_data, key, 8);

	crypto::ScopedHCRYPTKEY key;
	BOOL import_ok = CryptImportKey(provider,
	reinterpret_cast<BYTE*>(&key_blob),
	sizeof key_blob, 0, 0, key.receive());
	// Destroy the copy of the key.
	SecureZeroMemory(key_blob.key_data, sizeof key_blob.key_data);
	if (!import_ok)
	return;

	// No initialization vector required.
	DWORD cipher_mode = CRYPT_MODE_ECB;
	if (!CryptSetKeyParam(key, KP_MODE, reinterpret_cast<BYTE*>(&cipher_mode),
	0))
	return;

	// CryptoAPI requires us to copy the plaintext to the output buffer first.
	CopyMemory(hash, src, 8);
	// Pass a 'Final' of FALSE, otherwise CryptEncrypt appends one additional
	// block of padding to the data.
	DWORD hash_len = 8;
	CryptEncrypt(key, 0, FALSE, 0, hash, &hash_len, 8);
	}
	}

	#endif

	} // namespace net