xref: /freebsd/crypto/krb5/src/lib/crypto/openssl/hash_provider/hash_evp.c (revision 7f2fe78b9dd5f51c821d771b63d2e096f6fd49e9) 
1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /* lib/crypto/openssl/hash_provider/hash_evp.c - OpenSSL hash providers */
3 /*
4  * Copyright (C) 2015 by the Massachusetts Institute of Technology.
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  *
11  * * Redistributions of source code must retain the above copyright
12  *   notice, this list of conditions and the following disclaimer.
13  *
14  * * Redistributions in binary form must reproduce the above copyright
15  *   notice, this list of conditions and the following disclaimer in
16  *   the documentation and/or other materials provided with the
17  *   distribution.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
22  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23  * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
24  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
25  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
26  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
28  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
30  * OF THE POSSIBILITY OF SUCH DAMAGE.
31  */
32 
33 #include "crypto_int.h"
34 
35 #if defined(K5_OPENSSL_MD4) || defined(K5_OPENSSL_MD5) ||       \
36     defined(K5_OPENSSL_SHA1) || defined(K5_OPENSSL_SHA2)
37 
38 #include <openssl/evp.h>
39 
40 /* 1.1 standardizes constructor and destructor names, renaming
41  * EVP_MD_CTX_create and EVP_MD_CTX_destroy. */
42 #if OPENSSL_VERSION_NUMBER < 0x10100000L
43 #define EVP_MD_CTX_new EVP_MD_CTX_create
44 #define EVP_MD_CTX_free EVP_MD_CTX_destroy
45 #endif
46 
47 static krb5_error_code
hash_evp(const EVP_MD * type,const krb5_crypto_iov * data,size_t num_data,krb5_data * output)48 hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data,
49          krb5_data *output)
50 {
51     EVP_MD_CTX *ctx;
52     const krb5_data *d;
53     size_t i;
54     int ok;
55 
56     if (output->length != (unsigned int)EVP_MD_size(type))
57         return KRB5_CRYPTO_INTERNAL;
58 
59     ctx = EVP_MD_CTX_new();
60     if (ctx == NULL)
61         return ENOMEM;
62 
63     ok = EVP_DigestInit_ex(ctx, type, NULL);
64     for (i = 0; i < num_data; i++) {
65         if (!SIGN_IOV(&data[i]))
66             continue;
67         d = &data[i].data;
68         ok = ok && EVP_DigestUpdate(ctx, d->data, d->length);
69     }
70     ok = ok && EVP_DigestFinal_ex(ctx, (uint8_t *)output->data, NULL);
71     EVP_MD_CTX_free(ctx);
72     return ok ? 0 : KRB5_CRYPTO_INTERNAL;
73 }
74 
75 #endif
76 
77 #ifdef K5_OPENSSL_MD4
78 static krb5_error_code
hash_md4(const krb5_crypto_iov * data,size_t num_data,krb5_data * output)79 hash_md4(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
80 {
81     return hash_evp(EVP_md4(), data, num_data, output);
82 }
83 
84 const struct krb5_hash_provider krb5int_hash_md4 = {
85     "MD4", 16, 64, hash_md4
86 };
87 #endif
88 
89 #ifdef K5_OPENSSL_MD5
90 static krb5_error_code
hash_md5(const krb5_crypto_iov * data,size_t num_data,krb5_data * output)91 hash_md5(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
92 {
93     return hash_evp(EVP_md5(), data, num_data, output);
94 }
95 
96 const struct krb5_hash_provider krb5int_hash_md5 = {
97     "MD5", 16, 64, hash_md5
98 };
99 #endif
100 
101 #ifdef K5_OPENSSL_SHA1
102 static krb5_error_code
hash_sha1(const krb5_crypto_iov * data,size_t num_data,krb5_data * output)103 hash_sha1(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
104 {
105     return hash_evp(EVP_sha1(), data, num_data, output);
106 }
107 
108 const struct krb5_hash_provider krb5int_hash_sha1 = {
109     "SHA1", 20, 64, hash_sha1
110 };
111 #endif
112 
113 #ifdef K5_OPENSSL_SHA2
114 static krb5_error_code
hash_sha256(const krb5_crypto_iov * data,size_t num_data,krb5_data * output)115 hash_sha256(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
116 {
117     return hash_evp(EVP_sha256(), data, num_data, output);
118 }
119 
120 static krb5_error_code
hash_sha384(const krb5_crypto_iov * data,size_t num_data,krb5_data * output)121 hash_sha384(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
122 {
123     return hash_evp(EVP_sha384(), data, num_data, output);
124 }
125 
126 const struct krb5_hash_provider krb5int_hash_sha256 = {
127     "SHA-256", 32, 64, hash_sha256
128 };
129 
130 const struct krb5_hash_provider krb5int_hash_sha384 = {
131     "SHA-384", 48, 128, hash_sha384
132 };
133 #endif
134