|
1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ |
|
2 /* |
|
3 * Copyright (C) 2015 by the Massachusetts Institute of Technology. |
|
4 * All rights reserved. |
|
5 * |
|
6 * Redistribution and use in source and binary forms, with or without |
|
7 * modification, are permitted provided that the following conditions |
|
8 * are met: |
|
9 * |
|
10 * * Redistributions of source code must retain the above copyright |
|
11 * notice, this list of conditions and the following disclaimer. |
|
12 * |
|
13 * * Redistributions in binary form must reproduce the above copyright |
|
14 * notice, this list of conditions and the following disclaimer in |
|
15 * the documentation and/or other materials provided with the |
|
16 * distribution. |
|
17 * |
|
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
|
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
|
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
|
21 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE |
|
22 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, |
|
23 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES |
|
24 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR |
|
25 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
|
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
|
27 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
|
29 * OF THE POSSIBILITY OF SUCH DAMAGE. |
|
30 */ |
|
31 /* |
|
32 * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. |
|
33 */ |
|
34 |
|
35 #include "crypto_int.h" |
|
36 #include <libucrypto.h> |
|
37 |
|
38 #define MD5_DIGEST_LENGTH 16 |
|
39 #define MD5_DATASIZE 64 |
|
40 #define SHA_DIGEST_LENGTH 20 |
|
41 #define SHA_DATASIZE 64 |
|
42 |
|
43 static krb5_error_code |
|
44 hash_ucrypto(int ucrypto_type, size_t digest_size, const krb5_crypto_iov *data, |
|
45 size_t num_data, krb5_data *output) |
|
46 { |
|
47 crypto_ctx_t uctx; /* ucrypto context */ |
|
48 size_t i; |
|
49 int ret = 0; |
|
50 |
|
51 if (output->length != digest_size) |
|
52 return KRB5_CRYPTO_INTERNAL; |
|
53 |
|
54 if (ucrypto_digest_init(&uctx, ucrypto_type, NULL, 0) != CRYPTO_SUCCESS) |
|
55 return KRB5_CRYPTO_INTERNAL; |
|
56 |
|
57 for (i = 0; i < num_data; i++) { |
|
58 const krb5_data *d = &data[i].data; |
|
59 if (SIGN_IOV(&data[i])) { |
|
60 if (ucrypto_digest_update(&uctx, (uchar_t *)d->data, |
|
61 (size_t)d->length) != CRYPTO_SUCCESS) { |
|
62 ret = KRB5_CRYPTO_INTERNAL; |
|
63 break; |
|
64 } |
|
65 } |
|
66 } |
|
67 |
|
68 if (ret) { |
|
69 /* error, just clean up ucrypto context */ |
|
70 (void)ucrypto_digest_final(&uctx, NULL, 0); |
|
71 } else { |
|
72 size_t outlen = (size_t)output->length; |
|
73 |
|
74 if (ucrypto_digest_final(&uctx, (uchar_t *)output->data, &outlen) |
|
75 != CRYPTO_SUCCESS) { |
|
76 ret = KRB5_CRYPTO_INTERNAL; |
|
77 } else { |
|
78 output->length = (uint_t)outlen; |
|
79 } |
|
80 } |
|
81 |
|
82 return ret; |
|
83 } |
|
84 |
|
85 static krb5_error_code |
|
86 hash_md5(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) |
|
87 { |
|
88 return hash_ucrypto(CRYPTO_MD5, MD5_DIGEST_LENGTH, data, num_data, output); |
|
89 } |
|
90 |
|
91 static krb5_error_code |
|
92 hash_sha1(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) |
|
93 { |
|
94 return hash_ucrypto(CRYPTO_SHA1, SHA_DIGEST_LENGTH, data, num_data, |
|
95 output); |
|
96 } |
|
97 |
|
98 const struct krb5_hash_provider krb5int_hash_md5 = { |
|
99 "MD5", |
|
100 MD5_DIGEST_LENGTH, |
|
101 MD5_DATASIZE, |
|
102 hash_md5 |
|
103 }; |
|
104 |
|
105 const struct krb5_hash_provider krb5int_hash_sha1 = { |
|
106 "SHA1", |
|
107 SHA_DIGEST_LENGTH, |
|
108 SHA_DATASIZE, |
|
109 hash_sha1 |
|
110 }; |