12155bb23SAllan Jude /* $OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $ */
22155bb23SAllan Jude /*-
32155bb23SAllan Jude * The authors of this code are John Ioannidis (ji@tla.org),
42155bb23SAllan Jude * Angelos D. Keromytis (kermit@csd.uch.gr),
52155bb23SAllan Jude * Niels Provos (provos@physnet.uni-hamburg.de) and
62155bb23SAllan Jude * Damien Miller (djm@mindrot.org).
72155bb23SAllan Jude *
82155bb23SAllan Jude * This code was written by John Ioannidis for BSD/OS in Athens, Greece,
92155bb23SAllan Jude * in November 1995.
102155bb23SAllan Jude *
112155bb23SAllan Jude * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996,
122155bb23SAllan Jude * by Angelos D. Keromytis.
132155bb23SAllan Jude *
142155bb23SAllan Jude * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis
152155bb23SAllan Jude * and Niels Provos.
162155bb23SAllan Jude *
172155bb23SAllan Jude * Additional features in 1999 by Angelos D. Keromytis.
182155bb23SAllan Jude *
192155bb23SAllan Jude * AES XTS implementation in 2008 by Damien Miller
202155bb23SAllan Jude *
212155bb23SAllan Jude * Copyright (C) 1995, 1996, 1997, 1998, 1999 by John Ioannidis,
222155bb23SAllan Jude * Angelos D. Keromytis and Niels Provos.
232155bb23SAllan Jude *
242155bb23SAllan Jude * Copyright (C) 2001, Angelos D. Keromytis.
252155bb23SAllan Jude *
262155bb23SAllan Jude * Copyright (C) 2008, Damien Miller
272155bb23SAllan Jude * Copyright (c) 2014 The FreeBSD Foundation
282155bb23SAllan Jude * All rights reserved.
292155bb23SAllan Jude *
302155bb23SAllan Jude * Portions of this software were developed by John-Mark Gurney
312155bb23SAllan Jude * under sponsorship of the FreeBSD Foundation and
322155bb23SAllan Jude * Rubicon Communications, LLC (Netgate).
332155bb23SAllan Jude *
342155bb23SAllan Jude * Permission to use, copy, and modify this software with or without fee
352155bb23SAllan Jude * is hereby granted, provided that this entire notice is included in
362155bb23SAllan Jude * all copies of any software which is or includes a copy or
372155bb23SAllan Jude * modification of this software.
382155bb23SAllan Jude * You may use this code under the GNU public license if you so wish. Please
392155bb23SAllan Jude * contribute changes back to the authors under this freer than GPL license
402155bb23SAllan Jude * so that we may further the use of strong encryption without limitations to
412155bb23SAllan Jude * all.
422155bb23SAllan Jude *
432155bb23SAllan Jude * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
442155bb23SAllan Jude * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
452155bb23SAllan Jude * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
462155bb23SAllan Jude * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
472155bb23SAllan Jude * PURPOSE.
482155bb23SAllan Jude */
492155bb23SAllan Jude
50*faf470ffSJohn Baldwin #include <sys/types.h>
51c97f39ceSConrad Meyer #include <crypto/sha2/sha224.h>
522155bb23SAllan Jude #include <crypto/sha2/sha256.h>
532155bb23SAllan Jude #include <crypto/sha2/sha384.h>
542155bb23SAllan Jude #include <crypto/sha2/sha512.h>
552155bb23SAllan Jude #include <opencrypto/xform_auth.h>
562155bb23SAllan Jude
579b6b2f86SJohn Baldwin static int SHA224Update_int(void *, const void *, u_int);
589b6b2f86SJohn Baldwin static int SHA256Update_int(void *, const void *, u_int);
599b6b2f86SJohn Baldwin static int SHA384Update_int(void *, const void *, u_int);
609b6b2f86SJohn Baldwin static int SHA512Update_int(void *, const void *, u_int);
612155bb23SAllan Jude
62c4729f6eSConrad Meyer /* Plain hashes */
63d8787d4fSMark Johnston const struct auth_hash auth_hash_sha2_224 = {
64c4729f6eSConrad Meyer .type = CRYPTO_SHA2_224,
65c4729f6eSConrad Meyer .name = "SHA2-224",
66c4729f6eSConrad Meyer .hashsize = SHA2_224_HASH_LEN,
67c4729f6eSConrad Meyer .ctxsize = sizeof(SHA224_CTX),
68c4729f6eSConrad Meyer .blocksize = SHA2_224_BLOCK_LEN,
69c4729f6eSConrad Meyer .Init = (void (*)(void *)) SHA224_Init,
70c4729f6eSConrad Meyer .Update = SHA224Update_int,
71d3d79e96SJohn Baldwin .Final = (void (*)(uint8_t *, void *)) SHA224_Final,
72c4729f6eSConrad Meyer };
73c4729f6eSConrad Meyer
74d8787d4fSMark Johnston const struct auth_hash auth_hash_sha2_256 = {
75c4729f6eSConrad Meyer .type = CRYPTO_SHA2_256,
76c4729f6eSConrad Meyer .name = "SHA2-256",
77c4729f6eSConrad Meyer .keysize = SHA2_256_BLOCK_LEN,
78c4729f6eSConrad Meyer .hashsize = SHA2_256_HASH_LEN,
79c4729f6eSConrad Meyer .ctxsize = sizeof(SHA256_CTX),
80c4729f6eSConrad Meyer .blocksize = SHA2_256_BLOCK_LEN,
81c4729f6eSConrad Meyer .Init = (void (*)(void *)) SHA256_Init,
82c4729f6eSConrad Meyer .Update = SHA256Update_int,
83d3d79e96SJohn Baldwin .Final = (void (*)(uint8_t *, void *)) SHA256_Final,
84c4729f6eSConrad Meyer };
85c4729f6eSConrad Meyer
86d8787d4fSMark Johnston const struct auth_hash auth_hash_sha2_384 = {
87c4729f6eSConrad Meyer .type = CRYPTO_SHA2_384,
88c4729f6eSConrad Meyer .name = "SHA2-384",
89c4729f6eSConrad Meyer .keysize = SHA2_384_BLOCK_LEN,
90c4729f6eSConrad Meyer .hashsize = SHA2_384_HASH_LEN,
91c4729f6eSConrad Meyer .ctxsize = sizeof(SHA384_CTX),
92c4729f6eSConrad Meyer .blocksize = SHA2_384_BLOCK_LEN,
93c4729f6eSConrad Meyer .Init = (void (*)(void *)) SHA384_Init,
94c4729f6eSConrad Meyer .Update = SHA384Update_int,
95d3d79e96SJohn Baldwin .Final = (void (*)(uint8_t *, void *)) SHA384_Final,
96c4729f6eSConrad Meyer };
97c4729f6eSConrad Meyer
98d8787d4fSMark Johnston const struct auth_hash auth_hash_sha2_512 = {
99c4729f6eSConrad Meyer .type = CRYPTO_SHA2_512,
100c4729f6eSConrad Meyer .name = "SHA2-512",
101c4729f6eSConrad Meyer .keysize = SHA2_512_BLOCK_LEN,
102c4729f6eSConrad Meyer .hashsize = SHA2_512_HASH_LEN,
103c4729f6eSConrad Meyer .ctxsize = sizeof(SHA512_CTX),
104c4729f6eSConrad Meyer .blocksize = SHA2_512_BLOCK_LEN,
105c4729f6eSConrad Meyer .Init = (void (*)(void *)) SHA512_Init,
106c4729f6eSConrad Meyer .Update = SHA512Update_int,
107d3d79e96SJohn Baldwin .Final = (void (*)(uint8_t *, void *)) SHA512_Final,
108c4729f6eSConrad Meyer };
109c4729f6eSConrad Meyer
1102155bb23SAllan Jude /* Authentication instances */
111d8787d4fSMark Johnston const struct auth_hash auth_hash_hmac_sha2_224 = {
112c97f39ceSConrad Meyer .type = CRYPTO_SHA2_224_HMAC,
113c97f39ceSConrad Meyer .name = "HMAC-SHA2-224",
114c97f39ceSConrad Meyer .keysize = SHA2_224_BLOCK_LEN,
115c97f39ceSConrad Meyer .hashsize = SHA2_224_HASH_LEN,
116c97f39ceSConrad Meyer .ctxsize = sizeof(SHA224_CTX),
117c97f39ceSConrad Meyer .blocksize = SHA2_224_BLOCK_LEN,
118c97f39ceSConrad Meyer .Init = (void (*)(void *)) SHA224_Init,
119c97f39ceSConrad Meyer .Update = SHA224Update_int,
120d3d79e96SJohn Baldwin .Final = (void (*)(uint8_t *, void *)) SHA224_Final,
121c97f39ceSConrad Meyer };
122c97f39ceSConrad Meyer
123d8787d4fSMark Johnston const struct auth_hash auth_hash_hmac_sha2_256 = {
124255811d7SConrad Meyer .type = CRYPTO_SHA2_256_HMAC,
125255811d7SConrad Meyer .name = "HMAC-SHA2-256",
126590adc1bSConrad Meyer .keysize = SHA2_256_BLOCK_LEN,
127255811d7SConrad Meyer .hashsize = SHA2_256_HASH_LEN,
128255811d7SConrad Meyer .ctxsize = sizeof(SHA256_CTX),
129590adc1bSConrad Meyer .blocksize = SHA2_256_BLOCK_LEN,
130255811d7SConrad Meyer .Init = (void (*)(void *)) SHA256_Init,
131255811d7SConrad Meyer .Update = SHA256Update_int,
132d3d79e96SJohn Baldwin .Final = (void (*)(uint8_t *, void *)) SHA256_Final,
1332155bb23SAllan Jude };
1342155bb23SAllan Jude
135d8787d4fSMark Johnston const struct auth_hash auth_hash_hmac_sha2_384 = {
136255811d7SConrad Meyer .type = CRYPTO_SHA2_384_HMAC,
137255811d7SConrad Meyer .name = "HMAC-SHA2-384",
138590adc1bSConrad Meyer .keysize = SHA2_384_BLOCK_LEN,
139255811d7SConrad Meyer .hashsize = SHA2_384_HASH_LEN,
140255811d7SConrad Meyer .ctxsize = sizeof(SHA384_CTX),
141590adc1bSConrad Meyer .blocksize = SHA2_384_BLOCK_LEN,
142255811d7SConrad Meyer .Init = (void (*)(void *)) SHA384_Init,
143255811d7SConrad Meyer .Update = SHA384Update_int,
144d3d79e96SJohn Baldwin .Final = (void (*)(uint8_t *, void *)) SHA384_Final,
1452155bb23SAllan Jude };
1462155bb23SAllan Jude
147d8787d4fSMark Johnston const struct auth_hash auth_hash_hmac_sha2_512 = {
148255811d7SConrad Meyer .type = CRYPTO_SHA2_512_HMAC,
149255811d7SConrad Meyer .name = "HMAC-SHA2-512",
150590adc1bSConrad Meyer .keysize = SHA2_512_BLOCK_LEN,
151255811d7SConrad Meyer .hashsize = SHA2_512_HASH_LEN,
152255811d7SConrad Meyer .ctxsize = sizeof(SHA512_CTX),
153590adc1bSConrad Meyer .blocksize = SHA2_512_BLOCK_LEN,
154255811d7SConrad Meyer .Init = (void (*)(void *)) SHA512_Init,
155255811d7SConrad Meyer .Update = SHA512Update_int,
156d3d79e96SJohn Baldwin .Final = (void (*)(uint8_t *, void *)) SHA512_Final,
1572155bb23SAllan Jude };
1582155bb23SAllan Jude
1592155bb23SAllan Jude /*
1602155bb23SAllan Jude * And now for auth.
1612155bb23SAllan Jude */
1622155bb23SAllan Jude static int
SHA224Update_int(void * ctx,const void * buf,u_int len)1639b6b2f86SJohn Baldwin SHA224Update_int(void *ctx, const void *buf, u_int len)
164c97f39ceSConrad Meyer {
165c97f39ceSConrad Meyer SHA224_Update(ctx, buf, len);
166c97f39ceSConrad Meyer return 0;
167c97f39ceSConrad Meyer }
168c97f39ceSConrad Meyer
169c97f39ceSConrad Meyer static int
SHA256Update_int(void * ctx,const void * buf,u_int len)1709b6b2f86SJohn Baldwin SHA256Update_int(void *ctx, const void *buf, u_int len)
1712155bb23SAllan Jude {
1722155bb23SAllan Jude SHA256_Update(ctx, buf, len);
1732155bb23SAllan Jude return 0;
1742155bb23SAllan Jude }
1752155bb23SAllan Jude
1762155bb23SAllan Jude static int
SHA384Update_int(void * ctx,const void * buf,u_int len)1779b6b2f86SJohn Baldwin SHA384Update_int(void *ctx, const void *buf, u_int len)
1782155bb23SAllan Jude {
1792155bb23SAllan Jude SHA384_Update(ctx, buf, len);
1802155bb23SAllan Jude return 0;
1812155bb23SAllan Jude }
1822155bb23SAllan Jude
1832155bb23SAllan Jude static int
SHA512Update_int(void * ctx,const void * buf,u_int len)1849b6b2f86SJohn Baldwin SHA512Update_int(void *ctx, const void *buf, u_int len)
1852155bb23SAllan Jude {
1862155bb23SAllan Jude SHA512_Update(ctx, buf, len);
1872155bb23SAllan Jude return 0;
1882155bb23SAllan Jude }
189