diff options
Diffstat (limited to 'third_party/heimdal/lib/krb5/crypto-aes-sha2.c')
| -rw-r--r-- | third_party/heimdal/lib/krb5/crypto-aes-sha2.c | 199 |
1 files changed, 199 insertions, 0 deletions
diff --git a/third_party/heimdal/lib/krb5/crypto-aes-sha2.c b/third_party/heimdal/lib/krb5/crypto-aes-sha2.c new file mode 100644 index 0000000..94ec9a1 --- /dev/null +++ b/third_party/heimdal/lib/krb5/crypto-aes-sha2.c @@ -0,0 +1,199 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +/* + * AES HMAC-SHA2 + */ + +krb5_error_code +_krb5_aes_sha2_md_for_enctype(krb5_context context, + krb5_enctype enctype, + const EVP_MD **md) +{ + switch (enctype) { + case ETYPE_AES128_CTS_HMAC_SHA256_128: + *md = EVP_sha256(); + break; + case ETYPE_AES256_CTS_HMAC_SHA384_192: + *md = EVP_sha384(); + break; + default: + return KRB5_PROG_ETYPE_NOSUPP; + break; + } + return 0; +} + +static krb5_error_code +SP_HMAC_SHA2_checksum(krb5_context context, + krb5_crypto crypto, + struct _krb5_key_data *key, + unsigned usage, + const struct krb5_crypto_iov *iov, + int niov, + Checksum *result) +{ + krb5_error_code ret; + const EVP_MD *md; + unsigned char hmac[EVP_MAX_MD_SIZE]; + unsigned int hmaclen = sizeof(hmac); + + ret = _krb5_aes_sha2_md_for_enctype(context, key->key->keytype, &md); + if (ret) + return ret; + + ret = _krb5_evp_hmac_iov(context, crypto, key, iov, niov, hmac, + &hmaclen, md, NULL); + if (ret) + return ret; + + heim_assert(result->checksum.length <= hmaclen, "SHA2 internal error"); + + memcpy(result->checksum.data, hmac, result->checksum.length); + + return 0; +} + +static struct _krb5_key_type keytype_aes128_sha2 = { + KRB5_ENCTYPE_AES128_CTS_HMAC_SHA256_128, + "aes-128-sha2", + 128, + 16, + sizeof(struct _krb5_evp_schedule), + NULL, + _krb5_evp_schedule, + _krb5_AES_SHA2_salt, + NULL, + _krb5_evp_cleanup, + EVP_aes_128_cbc +}; + +static struct _krb5_key_type keytype_aes256_sha2 = { + KRB5_ENCTYPE_AES256_CTS_HMAC_SHA384_192, + "aes-256-sha2", + 256, + 32, + sizeof(struct _krb5_evp_schedule), + NULL, + _krb5_evp_schedule, + _krb5_AES_SHA2_salt, + NULL, + _krb5_evp_cleanup, + EVP_aes_256_cbc +}; + +struct _krb5_checksum_type _krb5_checksum_hmac_sha256_128_aes128 = { + CKSUMTYPE_HMAC_SHA256_128_AES128, + "hmac-sha256-128-aes128", + 64, + 16, + F_KEYED | F_CPROOF | F_DERIVED, + SP_HMAC_SHA2_checksum, + NULL +}; + +struct _krb5_checksum_type _krb5_checksum_hmac_sha384_192_aes256 = { + CKSUMTYPE_HMAC_SHA384_192_AES256, + "hmac-sha384-192-aes256", + 128, + 24, + F_KEYED | F_CPROOF | F_DERIVED, + SP_HMAC_SHA2_checksum, + NULL +}; + +static krb5_error_code +AES_SHA2_PRF(krb5_context context, + krb5_crypto crypto, + const krb5_data *in, + krb5_data *out) +{ + krb5_error_code ret; + krb5_data label; + const EVP_MD *md = NULL; + + ret = _krb5_aes_sha2_md_for_enctype(context, crypto->et->type, &md); + if (ret) + return ret; + + label.data = "prf"; + label.length = 3; + + ret = krb5_data_alloc(out, EVP_MD_size(md)); + if (ret) + return ret; + + ret = _krb5_SP800_108_HMAC_KDF(context, &crypto->key.key->keyvalue, + &label, in, md, out); + + if (ret) + krb5_data_free(out); + + return ret; +} + +struct _krb5_encryption_type _krb5_enctype_aes128_cts_hmac_sha256_128 = { + ETYPE_AES128_CTS_HMAC_SHA256_128, + "aes128-cts-hmac-sha256-128", + "aes128-cts-sha256", + 16, + 1, + 16, + &keytype_aes128_sha2, + NULL, /* should never be called */ + &_krb5_checksum_hmac_sha256_128_aes128, + F_DERIVED | F_ENC_THEN_CKSUM | F_SP800_108_HMAC_KDF, + _krb5_evp_encrypt_cts, + NULL, + 16, + AES_SHA2_PRF +}; + +struct _krb5_encryption_type _krb5_enctype_aes256_cts_hmac_sha384_192 = { + ETYPE_AES256_CTS_HMAC_SHA384_192, + "aes256-cts-hmac-sha384-192", + "aes256-cts-sha384", + 16, + 1, + 16, + &keytype_aes256_sha2, + NULL, /* should never be called */ + &_krb5_checksum_hmac_sha384_192_aes256, + F_DERIVED | F_ENC_THEN_CKSUM | F_SP800_108_HMAC_KDF, + _krb5_evp_encrypt_cts, + NULL, + 16, + AES_SHA2_PRF +}; |