xref: /illumos-gate/usr/src/uts/common/gssapi/mechs/krb5/crypto/cksumtypes.c (revision 8cd1b71859be6a08c9b7a446994fdbca544bb34f) 
17c478bd9Sstevel@tonic-gate /*
2159d09a2SMark Phalan  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
37c478bd9Sstevel@tonic-gate  * Use is subject to license terms.
47c478bd9Sstevel@tonic-gate  */
57c478bd9Sstevel@tonic-gate 
67c478bd9Sstevel@tonic-gate 
77c478bd9Sstevel@tonic-gate /*
87c478bd9Sstevel@tonic-gate  * Copyright (C) 1998 by the FundsXpress, INC.
97c478bd9Sstevel@tonic-gate  *
107c478bd9Sstevel@tonic-gate  * All rights reserved.
117c478bd9Sstevel@tonic-gate  *
127c478bd9Sstevel@tonic-gate  * Export of this software from the United States of America may require
137c478bd9Sstevel@tonic-gate  * a specific license from the United States Government.  It is the
147c478bd9Sstevel@tonic-gate  * responsibility of any person or organization contemplating export to
157c478bd9Sstevel@tonic-gate  * obtain such a license before exporting.
167c478bd9Sstevel@tonic-gate  *
177c478bd9Sstevel@tonic-gate  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
187c478bd9Sstevel@tonic-gate  * distribute this software and its documentation for any purpose and
197c478bd9Sstevel@tonic-gate  * without fee is hereby granted, provided that the above copyright
207c478bd9Sstevel@tonic-gate  * notice appear in all copies and that both that copyright notice and
217c478bd9Sstevel@tonic-gate  * this permission notice appear in supporting documentation, and that
227c478bd9Sstevel@tonic-gate  * the name of FundsXpress. not be used in advertising or publicity pertaining
237c478bd9Sstevel@tonic-gate  * to distribution of the software without specific, written prior
247c478bd9Sstevel@tonic-gate  * permission.  FundsXpress makes no representations about the suitability of
257c478bd9Sstevel@tonic-gate  * this software for any purpose.  It is provided "as is" without express
267c478bd9Sstevel@tonic-gate  * or implied warranty.
277c478bd9Sstevel@tonic-gate  *
287c478bd9Sstevel@tonic-gate  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
297c478bd9Sstevel@tonic-gate  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
307c478bd9Sstevel@tonic-gate  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
317c478bd9Sstevel@tonic-gate  */
327c478bd9Sstevel@tonic-gate 
33159d09a2SMark Phalan #include "k5-int.h"
34159d09a2SMark Phalan #include "hash_provider.h"
35159d09a2SMark Phalan #include "keyhash_provider.h"
36159d09a2SMark Phalan #include "cksumtypes.h"
377c478bd9Sstevel@tonic-gate 
38159d09a2SMark Phalan const struct krb5_cksumtypes krb5_cksumtypes_list[] = {
397c478bd9Sstevel@tonic-gate     { CKSUMTYPE_CRC32, KRB5_CKSUMFLAG_NOT_COLL_PROOF,
407c478bd9Sstevel@tonic-gate       "crc32", "CRC-32",
41*8cd1b718SToomas Soome       0, NULL, &krb5int_hash_crc32, 0,
427c478bd9Sstevel@tonic-gate #ifdef _KERNEL
437c478bd9Sstevel@tonic-gate       NULL,
447c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
457c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
467c478bd9Sstevel@tonic-gate },
477c478bd9Sstevel@tonic-gate 
487c478bd9Sstevel@tonic-gate     { CKSUMTYPE_DESCBC, 0,
497c478bd9Sstevel@tonic-gate       "des-cbc", "DES cbc mode",
50159d09a2SMark Phalan       ENCTYPE_DES_CBC_CRC, &krb5int_keyhash_descbc,
51*8cd1b718SToomas Soome       0,  0,
527c478bd9Sstevel@tonic-gate #ifdef _KERNEL
537c478bd9Sstevel@tonic-gate       NULL,
547c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
557c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
567c478bd9Sstevel@tonic-gate },
577c478bd9Sstevel@tonic-gate 
587c478bd9Sstevel@tonic-gate     { CKSUMTYPE_RSA_MD5, 0,
597c478bd9Sstevel@tonic-gate       "md5", "RSA-MD5",
60*8cd1b718SToomas Soome       0, NULL, &krb5int_hash_md5, 0,
617c478bd9Sstevel@tonic-gate #ifdef _KERNEL
627c478bd9Sstevel@tonic-gate       SUN_CKM_MD5,
637c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
647c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
657c478bd9Sstevel@tonic-gate },
667c478bd9Sstevel@tonic-gate     { CKSUMTYPE_RSA_MD5_DES, 0,
677c478bd9Sstevel@tonic-gate       "md5-des", "RSA-MD5 with DES cbc mode",
68159d09a2SMark Phalan       ENCTYPE_DES_CBC_CRC, &krb5int_keyhash_md5des,
69*8cd1b718SToomas Soome       0, 0,
707c478bd9Sstevel@tonic-gate #ifdef _KERNEL
717c478bd9Sstevel@tonic-gate       SUN_CKM_MD5,
727c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
737c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
747c478bd9Sstevel@tonic-gate },
757c478bd9Sstevel@tonic-gate 
767c478bd9Sstevel@tonic-gate     { CKSUMTYPE_NIST_SHA, 0,
777c478bd9Sstevel@tonic-gate       "sha", "NIST-SHA",
78*8cd1b718SToomas Soome       0, NULL, &krb5int_hash_sha1, 0,
797c478bd9Sstevel@tonic-gate #ifdef _KERNEL
807c478bd9Sstevel@tonic-gate       SUN_CKM_SHA1,
817c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
827c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
837c478bd9Sstevel@tonic-gate },
847c478bd9Sstevel@tonic-gate 
857c478bd9Sstevel@tonic-gate     { CKSUMTYPE_HMAC_SHA1_DES3, KRB5_CKSUMFLAG_DERIVE,
867c478bd9Sstevel@tonic-gate       "hmac-sha1-des3", "HMAC-SHA1 DES3 key",
87*8cd1b718SToomas Soome       0, NULL, &krb5int_hash_sha1, 0,
887c478bd9Sstevel@tonic-gate #ifdef _KERNEL
897c478bd9Sstevel@tonic-gate       SUN_CKM_SHA1_HMAC,
907c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
917c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
927c478bd9Sstevel@tonic-gate  },
937c478bd9Sstevel@tonic-gate     { CKSUMTYPE_HMAC_SHA1_DES3, KRB5_CKSUMFLAG_DERIVE,
947c478bd9Sstevel@tonic-gate       "hmac-sha1-des3-kd", "HMAC-SHA1 DES3 key", /* alias */
95*8cd1b718SToomas Soome       0, NULL, &krb5int_hash_sha1, 0,
967c478bd9Sstevel@tonic-gate #ifdef _KERNEL
977c478bd9Sstevel@tonic-gate       SUN_CKM_SHA1_HMAC,
987c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
997c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
1007c478bd9Sstevel@tonic-gate },
1017c478bd9Sstevel@tonic-gate     { CKSUMTYPE_HMAC_MD5_ARCFOUR, 0,
1027c478bd9Sstevel@tonic-gate       "hmac-md5-rc4", "Microsoft HMAC MD5 (RC4 key)",
103159d09a2SMark Phalan       ENCTYPE_ARCFOUR_HMAC, &krb5int_keyhash_hmac_md5,
104159d09a2SMark Phalan       NULL, 0,
1057c478bd9Sstevel@tonic-gate #ifdef _KERNEL
1067c478bd9Sstevel@tonic-gate       SUN_CKM_MD5,
1077c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
1087c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
1097c478bd9Sstevel@tonic-gate     },
1107c478bd9Sstevel@tonic-gate     { CKSUMTYPE_HMAC_MD5_ARCFOUR, 0,
1117c478bd9Sstevel@tonic-gate       "hmac-md5-enc", "Microsoft HMAC MD5 (RC4 key)",  /*Heimdal alias*/
112159d09a2SMark Phalan       ENCTYPE_ARCFOUR_HMAC, &krb5int_keyhash_hmac_md5,
113159d09a2SMark Phalan       NULL, 0,
1147c478bd9Sstevel@tonic-gate #ifdef _KERNEL
1157c478bd9Sstevel@tonic-gate       SUN_CKM_MD5,
1167c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
1177c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
1187c478bd9Sstevel@tonic-gate     },
1197c478bd9Sstevel@tonic-gate     { CKSUMTYPE_HMAC_MD5_ARCFOUR, 0,
1207c478bd9Sstevel@tonic-gate       "hmac-md5-earcfour", "Microsoft HMAC MD5 (RC4 key)",  /* alias*/
121159d09a2SMark Phalan       ENCTYPE_ARCFOUR_HMAC, &krb5int_keyhash_hmac_md5,
122159d09a2SMark Phalan       NULL, 0,
1237c478bd9Sstevel@tonic-gate #ifdef _KERNEL
1247c478bd9Sstevel@tonic-gate       SUN_CKM_MD5,
1257c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
1267c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
1277c478bd9Sstevel@tonic-gate     },
1287c478bd9Sstevel@tonic-gate 
1297c478bd9Sstevel@tonic-gate     { CKSUMTYPE_HMAC_SHA1_96_AES128, KRB5_CKSUMFLAG_DERIVE,
1307c478bd9Sstevel@tonic-gate       "hmac-sha1-96-aes128", "HMAC-SHA1 AES128 key",
131*8cd1b718SToomas Soome 	0, NULL, &krb5int_hash_sha1, 12,
1327c478bd9Sstevel@tonic-gate #ifdef _KERNEL
1337c478bd9Sstevel@tonic-gate       SUN_CKM_SHA1_HMAC,
1347c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
1357c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
1367c478bd9Sstevel@tonic-gate     },
1377c478bd9Sstevel@tonic-gate     { CKSUMTYPE_HMAC_SHA1_96_AES256, KRB5_CKSUMFLAG_DERIVE,
1387c478bd9Sstevel@tonic-gate       "hmac-sha1-96-aes256", "HMAC-SHA1 AES256 key",
139159d09a2SMark Phalan 	0, NULL, &krb5int_hash_sha1, 12,
1407c478bd9Sstevel@tonic-gate #ifdef _KERNEL
1417c478bd9Sstevel@tonic-gate       SUN_CKM_SHA1_HMAC,
1427c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
1437c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
1447c478bd9Sstevel@tonic-gate     }
1457c478bd9Sstevel@tonic-gate 
1467c478bd9Sstevel@tonic-gate };
1477c478bd9Sstevel@tonic-gate 
1487c478bd9Sstevel@tonic-gate const int krb5_cksumtypes_length =
1497c478bd9Sstevel@tonic-gate sizeof(krb5_cksumtypes_list)/sizeof(struct krb5_cksumtypes);
1507c478bd9Sstevel@tonic-gate 
151159d09a2SMark Phalan /* Solaris Kerberos */
1527c478bd9Sstevel@tonic-gate #ifdef _KERNEL
1537c478bd9Sstevel@tonic-gate void
setup_kef_cksumtypes()1547c478bd9Sstevel@tonic-gate setup_kef_cksumtypes()
1557c478bd9Sstevel@tonic-gate {
1567c478bd9Sstevel@tonic-gate 	int i;
1577c478bd9Sstevel@tonic-gate 	struct krb5_cksumtypes *ck;
1587c478bd9Sstevel@tonic-gate 
1597c478bd9Sstevel@tonic-gate 	for (i=0; i<krb5_cksumtypes_length; i++) {
1607c478bd9Sstevel@tonic-gate 		ck = (struct krb5_cksumtypes *)&krb5_cksumtypes_list[i];
1617c478bd9Sstevel@tonic-gate 		if (ck != NULL &&
1627c478bd9Sstevel@tonic-gate 		    ck->mt_c_name != NULL &&
1637c478bd9Sstevel@tonic-gate 		    ck->kef_cksum_mt == CRYPTO_MECH_INVALID) {
1647c478bd9Sstevel@tonic-gate 
1657c478bd9Sstevel@tonic-gate 			ck->kef_cksum_mt = crypto_mech2id(ck->mt_c_name);
1667c478bd9Sstevel@tonic-gate 			KRB5_LOG1(KRB5_INFO, "setup_kef_cksumtypes() - "
1677c478bd9Sstevel@tonic-gate 				"%s ==> %ld",
1687c478bd9Sstevel@tonic-gate 				ck->mt_c_name, (ulong_t)ck->kef_cksum_mt);
1697c478bd9Sstevel@tonic-gate 		}
1707c478bd9Sstevel@tonic-gate 	}
1717c478bd9Sstevel@tonic-gate }
1727c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
173