탐색 도움말
로그인
baoxu
/
frp
1
0
포크 0
파일
트리: ffc13b704a
브랜치 태그
frp
/
vendor
/
golang.org
/
x
/
crypto
/
pkcs12
/
mac.go

mac.go 1.0 KB
히스토리 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445 
  1. // Copyright 2015 The Go Authors. All rights reserved.
    2. 

  2. // Use of this source code is governed by a BSD-style
    3. 

  3. // license that can be found in the LICENSE file.
    4. 

  4. 

  5. package pkcs12
    6. 

  6. 

  7. import (
    8. 

  8. 	"crypto/hmac"
    9. 

  9. 	"crypto/sha1"
    10. 

  10. 	"crypto/x509/pkix"
    11. 

  11. 	"encoding/asn1"
    12. 

  12. )
    13. 

  13. 

  14. type macData struct {
    15. 

  15. 	Mac        digestInfo
    16. 

  16. 	MacSalt    []byte
    17. 

  17. 	Iterations int `asn1:"optional,default:1"`
    18. 

  18. }
    19. 

  19. 

  20. // from PKCS#7:
    21. 

  21. type digestInfo struct {
    22. 

  22. 	Algorithm pkix.AlgorithmIdentifier
    23. 

  23. 	Digest    []byte
    24. 

  24. }
    25. 

  25. 

  26. var (
    27. 

  27. 	oidSHA1 = asn1.ObjectIdentifier([]int{1, 3, 14, 3, 2, 26})
    28. 

  28. )
    29. 

  29. 

  30. func verifyMac(macData *macData, message, password []byte) error {
    31. 

  31. 	if !macData.Mac.Algorithm.Algorithm.Equal(oidSHA1) {
    32. 

  32. 		return NotImplementedError("unknown digest algorithm: " + macData.Mac.Algorithm.Algorithm.String())
    33. 

  33. 	}
    34. 

  34. 

  35. 	key := pbkdf(sha1Sum, 20, 64, macData.MacSalt, password, macData.Iterations, 3, 20)
    36. 

  36. 

  37. 	mac := hmac.New(sha1.New, key)
    38. 

  38. 	mac.Write(message)
    39. 

  39. 	expectedMAC := mac.Sum(nil)
    40. 

  40. 

  41. 	if !hmac.Equal(macData.Mac.Digest, expectedMAC) {
    42. 

  42. 		return ErrIncorrectPassword
    43. 

  43. 	}
    44. 

  44. 	return nil
    45. 

  45. }
    46.