xref: /illumos-gate/usr/src/uts/common/gssapi/mechs/krb5/crypto/cksumtypes.c (revision 7c478bd95313f5f23a4c958a745db2134aa03244) 
1*7c478bd9Sstevel@tonic-gate /*
2*7c478bd9Sstevel@tonic-gate  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
3*7c478bd9Sstevel@tonic-gate  * Use is subject to license terms.
4*7c478bd9Sstevel@tonic-gate  */
5*7c478bd9Sstevel@tonic-gate 
6*7c478bd9Sstevel@tonic-gate #pragma ident	"%Z%%M%	%I%	%E% SMI"
7*7c478bd9Sstevel@tonic-gate 
8*7c478bd9Sstevel@tonic-gate /*
9*7c478bd9Sstevel@tonic-gate  * Copyright (C) 1998 by the FundsXpress, INC.
10*7c478bd9Sstevel@tonic-gate  *
11*7c478bd9Sstevel@tonic-gate  * All rights reserved.
12*7c478bd9Sstevel@tonic-gate  *
13*7c478bd9Sstevel@tonic-gate  * Export of this software from the United States of America may require
14*7c478bd9Sstevel@tonic-gate  * a specific license from the United States Government.  It is the
15*7c478bd9Sstevel@tonic-gate  * responsibility of any person or organization contemplating export to
16*7c478bd9Sstevel@tonic-gate  * obtain such a license before exporting.
17*7c478bd9Sstevel@tonic-gate  *
18*7c478bd9Sstevel@tonic-gate  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
19*7c478bd9Sstevel@tonic-gate  * distribute this software and its documentation for any purpose and
20*7c478bd9Sstevel@tonic-gate  * without fee is hereby granted, provided that the above copyright
21*7c478bd9Sstevel@tonic-gate  * notice appear in all copies and that both that copyright notice and
22*7c478bd9Sstevel@tonic-gate  * this permission notice appear in supporting documentation, and that
23*7c478bd9Sstevel@tonic-gate  * the name of FundsXpress. not be used in advertising or publicity pertaining
24*7c478bd9Sstevel@tonic-gate  * to distribution of the software without specific, written prior
25*7c478bd9Sstevel@tonic-gate  * permission.  FundsXpress makes no representations about the suitability of
26*7c478bd9Sstevel@tonic-gate  * this software for any purpose.  It is provided "as is" without express
27*7c478bd9Sstevel@tonic-gate  * or implied warranty.
28*7c478bd9Sstevel@tonic-gate  *
29*7c478bd9Sstevel@tonic-gate  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
30*7c478bd9Sstevel@tonic-gate  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
31*7c478bd9Sstevel@tonic-gate  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
32*7c478bd9Sstevel@tonic-gate  */
33*7c478bd9Sstevel@tonic-gate 
34*7c478bd9Sstevel@tonic-gate #include <k5-int.h>
35*7c478bd9Sstevel@tonic-gate #include <hash_provider.h>
36*7c478bd9Sstevel@tonic-gate #include <keyhash_provider.h>
37*7c478bd9Sstevel@tonic-gate #include <cksumtypes.h>
38*7c478bd9Sstevel@tonic-gate 
39*7c478bd9Sstevel@tonic-gate struct krb5_cksumtypes krb5_cksumtypes_list[] = {
40*7c478bd9Sstevel@tonic-gate     { CKSUMTYPE_CRC32, KRB5_CKSUMFLAG_NOT_COLL_PROOF,
41*7c478bd9Sstevel@tonic-gate       "crc32", "CRC-32",
42*7c478bd9Sstevel@tonic-gate       NULL, NULL, &krb5_hash_crc32, 0,
43*7c478bd9Sstevel@tonic-gate #ifdef _KERNEL
44*7c478bd9Sstevel@tonic-gate       NULL,
45*7c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
46*7c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
47*7c478bd9Sstevel@tonic-gate },
48*7c478bd9Sstevel@tonic-gate 
49*7c478bd9Sstevel@tonic-gate     { CKSUMTYPE_DESCBC, 0,
50*7c478bd9Sstevel@tonic-gate       "des-cbc", "DES cbc mode",
51*7c478bd9Sstevel@tonic-gate       ENCTYPE_DES_CBC_CRC, &krb5_keyhash_descbc,
52*7c478bd9Sstevel@tonic-gate       NULL,  NULL,
53*7c478bd9Sstevel@tonic-gate #ifdef _KERNEL
54*7c478bd9Sstevel@tonic-gate       NULL,
55*7c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
56*7c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
57*7c478bd9Sstevel@tonic-gate },
58*7c478bd9Sstevel@tonic-gate 
59*7c478bd9Sstevel@tonic-gate     { CKSUMTYPE_RSA_MD5, 0,
60*7c478bd9Sstevel@tonic-gate       "md5", "RSA-MD5",
61*7c478bd9Sstevel@tonic-gate       NULL, NULL, &krb5int_hash_md5, 0,
62*7c478bd9Sstevel@tonic-gate #ifdef _KERNEL
63*7c478bd9Sstevel@tonic-gate       SUN_CKM_MD5,
64*7c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
65*7c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
66*7c478bd9Sstevel@tonic-gate },
67*7c478bd9Sstevel@tonic-gate     { CKSUMTYPE_RSA_MD5_DES, 0,
68*7c478bd9Sstevel@tonic-gate       "md5-des", "RSA-MD5 with DES cbc mode",
69*7c478bd9Sstevel@tonic-gate       ENCTYPE_DES_CBC_CRC, &krb5_keyhash_md5des,
70*7c478bd9Sstevel@tonic-gate       NULL, NULL,
71*7c478bd9Sstevel@tonic-gate #ifdef _KERNEL
72*7c478bd9Sstevel@tonic-gate       SUN_CKM_MD5,
73*7c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
74*7c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
75*7c478bd9Sstevel@tonic-gate },
76*7c478bd9Sstevel@tonic-gate 
77*7c478bd9Sstevel@tonic-gate     { CKSUMTYPE_NIST_SHA, 0,
78*7c478bd9Sstevel@tonic-gate       "sha", "NIST-SHA",
79*7c478bd9Sstevel@tonic-gate       NULL, NULL, &krb5_hash_sha1, 0,
80*7c478bd9Sstevel@tonic-gate #ifdef _KERNEL
81*7c478bd9Sstevel@tonic-gate       SUN_CKM_SHA1,
82*7c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
83*7c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
84*7c478bd9Sstevel@tonic-gate },
85*7c478bd9Sstevel@tonic-gate 
86*7c478bd9Sstevel@tonic-gate     { CKSUMTYPE_HMAC_SHA1_DES3, KRB5_CKSUMFLAG_DERIVE,
87*7c478bd9Sstevel@tonic-gate       "hmac-sha1-des3", "HMAC-SHA1 DES3 key",
88*7c478bd9Sstevel@tonic-gate       NULL, NULL, &krb5_hash_sha1, 0,
89*7c478bd9Sstevel@tonic-gate #ifdef _KERNEL
90*7c478bd9Sstevel@tonic-gate       SUN_CKM_SHA1_HMAC,
91*7c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
92*7c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
93*7c478bd9Sstevel@tonic-gate  },
94*7c478bd9Sstevel@tonic-gate     { CKSUMTYPE_HMAC_SHA1_DES3, KRB5_CKSUMFLAG_DERIVE,
95*7c478bd9Sstevel@tonic-gate       "hmac-sha1-des3-kd", "HMAC-SHA1 DES3 key", /* alias */
96*7c478bd9Sstevel@tonic-gate       NULL, NULL, &krb5_hash_sha1, 0,
97*7c478bd9Sstevel@tonic-gate #ifdef _KERNEL
98*7c478bd9Sstevel@tonic-gate       SUN_CKM_SHA1_HMAC,
99*7c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
100*7c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
101*7c478bd9Sstevel@tonic-gate },
102*7c478bd9Sstevel@tonic-gate     { CKSUMTYPE_HMAC_MD5_ARCFOUR, 0,
103*7c478bd9Sstevel@tonic-gate 	"hmac-md5-rc4", "Microsoft HMAC MD5 (RC4 key)",
104*7c478bd9Sstevel@tonic-gate 	ENCTYPE_ARCFOUR_HMAC, &krb5int_keyhash_hmac_md5, NULL, 0,
105*7c478bd9Sstevel@tonic-gate #ifdef _KERNEL
106*7c478bd9Sstevel@tonic-gate       SUN_CKM_MD5,
107*7c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
108*7c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
109*7c478bd9Sstevel@tonic-gate     },
110*7c478bd9Sstevel@tonic-gate     { CKSUMTYPE_HMAC_MD5_ARCFOUR, 0,
111*7c478bd9Sstevel@tonic-gate 	"hmac-md5-enc", "Microsoft HMAC MD5 (RC4 key)",  /*Heimdal alias*/
112*7c478bd9Sstevel@tonic-gate 	ENCTYPE_ARCFOUR_HMAC, &krb5int_keyhash_hmac_md5, NULL, 0,
113*7c478bd9Sstevel@tonic-gate #ifdef _KERNEL
114*7c478bd9Sstevel@tonic-gate       SUN_CKM_MD5,
115*7c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
116*7c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
117*7c478bd9Sstevel@tonic-gate     },
118*7c478bd9Sstevel@tonic-gate     { CKSUMTYPE_HMAC_MD5_ARCFOUR, 0,
119*7c478bd9Sstevel@tonic-gate 	"hmac-md5-earcfour", "Microsoft HMAC MD5 (RC4 key)",  /* alias*/
120*7c478bd9Sstevel@tonic-gate 	ENCTYPE_ARCFOUR_HMAC, &krb5int_keyhash_hmac_md5, NULL, 0,
121*7c478bd9Sstevel@tonic-gate #ifdef _KERNEL
122*7c478bd9Sstevel@tonic-gate       SUN_CKM_MD5,
123*7c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
124*7c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
125*7c478bd9Sstevel@tonic-gate     },
126*7c478bd9Sstevel@tonic-gate 
127*7c478bd9Sstevel@tonic-gate     { CKSUMTYPE_HMAC_SHA1_96_AES128, KRB5_CKSUMFLAG_DERIVE,
128*7c478bd9Sstevel@tonic-gate 	"hmac-sha1-96-aes128", "HMAC-SHA1 AES128 key",
129*7c478bd9Sstevel@tonic-gate 	NULL, NULL, &krb5_hash_sha1, 12,
130*7c478bd9Sstevel@tonic-gate #ifdef _KERNEL
131*7c478bd9Sstevel@tonic-gate       SUN_CKM_SHA1_HMAC,
132*7c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
133*7c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
134*7c478bd9Sstevel@tonic-gate     },
135*7c478bd9Sstevel@tonic-gate     { CKSUMTYPE_HMAC_SHA1_96_AES256, KRB5_CKSUMFLAG_DERIVE,
136*7c478bd9Sstevel@tonic-gate 	"hmac-sha1-96-aes256", "HMAC-SHA1 AES256 key",
137*7c478bd9Sstevel@tonic-gate 	0, NULL, &krb5_hash_sha1, 12,
138*7c478bd9Sstevel@tonic-gate #ifdef _KERNEL
139*7c478bd9Sstevel@tonic-gate       SUN_CKM_SHA1_HMAC,
140*7c478bd9Sstevel@tonic-gate       CRYPTO_MECH_INVALID
141*7c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
142*7c478bd9Sstevel@tonic-gate     }
143*7c478bd9Sstevel@tonic-gate 
144*7c478bd9Sstevel@tonic-gate };
145*7c478bd9Sstevel@tonic-gate 
146*7c478bd9Sstevel@tonic-gate const int krb5_cksumtypes_length =
147*7c478bd9Sstevel@tonic-gate sizeof(krb5_cksumtypes_list)/sizeof(struct krb5_cksumtypes);
148*7c478bd9Sstevel@tonic-gate 
149*7c478bd9Sstevel@tonic-gate #ifdef _KERNEL
150*7c478bd9Sstevel@tonic-gate void
151*7c478bd9Sstevel@tonic-gate setup_kef_cksumtypes()
152*7c478bd9Sstevel@tonic-gate {
153*7c478bd9Sstevel@tonic-gate 	int i;
154*7c478bd9Sstevel@tonic-gate 	struct krb5_cksumtypes *ck;
155*7c478bd9Sstevel@tonic-gate 
156*7c478bd9Sstevel@tonic-gate 	for (i=0; i<krb5_cksumtypes_length; i++) {
157*7c478bd9Sstevel@tonic-gate 		ck = (struct krb5_cksumtypes *)&krb5_cksumtypes_list[i];
158*7c478bd9Sstevel@tonic-gate 		if (ck != NULL &&
159*7c478bd9Sstevel@tonic-gate 		    ck->mt_c_name != NULL &&
160*7c478bd9Sstevel@tonic-gate 		    ck->kef_cksum_mt == CRYPTO_MECH_INVALID) {
161*7c478bd9Sstevel@tonic-gate 
162*7c478bd9Sstevel@tonic-gate 			ck->kef_cksum_mt = crypto_mech2id(ck->mt_c_name);
163*7c478bd9Sstevel@tonic-gate 			KRB5_LOG1(KRB5_INFO, "setup_kef_cksumtypes() - "
164*7c478bd9Sstevel@tonic-gate 				"%s ==> %ld",
165*7c478bd9Sstevel@tonic-gate 				ck->mt_c_name, (ulong_t)ck->kef_cksum_mt);
166*7c478bd9Sstevel@tonic-gate 		}
167*7c478bd9Sstevel@tonic-gate 	}
168*7c478bd9Sstevel@tonic-gate }
169*7c478bd9Sstevel@tonic-gate #endif /* _KERNEL */
170