1/*
2 * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
3 * Use is subject to license terms.
4 */
5
6
7/*
8 * Copyright (C) 1998 by the FundsXpress, INC.
9 *
10 * All rights reserved.
11 *
12 * Export of this software from the United States of America may require
13 * a specific license from the United States Government.  It is the
14 * responsibility of any person or organization contemplating export to
15 * obtain such a license before exporting.
16 *
17 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
18 * distribute this software and its documentation for any purpose and
19 * without fee is hereby granted, provided that the above copyright
20 * notice appear in all copies and that both that copyright notice and
21 * this permission notice appear in supporting documentation, and that
22 * the name of FundsXpress. not be used in advertising or publicity pertaining
23 * to distribution of the software without specific, written prior
24 * permission.  FundsXpress makes no representations about the suitability of
25 * this software for any purpose.  It is provided "as is" without express
26 * or implied warranty.
27 *
28 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
29 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
30 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
31 */
32
33#include "k5-int.h"
34#include "hash_provider.h"
35#include "keyhash_provider.h"
36#include "cksumtypes.h"
37
38const struct krb5_cksumtypes krb5_cksumtypes_list[] = {
39    { CKSUMTYPE_CRC32, KRB5_CKSUMFLAG_NOT_COLL_PROOF,
40      "crc32", "CRC-32",
41      0, NULL, &krb5int_hash_crc32, 0,
42#ifdef _KERNEL
43      NULL,
44      CRYPTO_MECH_INVALID
45#endif /* _KERNEL */
46},
47
48    { CKSUMTYPE_DESCBC, 0,
49      "des-cbc", "DES cbc mode",
50      ENCTYPE_DES_CBC_CRC, &krb5int_keyhash_descbc,
51      0,  0,
52#ifdef _KERNEL
53      NULL,
54      CRYPTO_MECH_INVALID
55#endif /* _KERNEL */
56},
57
58    { CKSUMTYPE_RSA_MD5, 0,
59      "md5", "RSA-MD5",
60      0, NULL, &krb5int_hash_md5, 0,
61#ifdef _KERNEL
62      SUN_CKM_MD5,
63      CRYPTO_MECH_INVALID
64#endif /* _KERNEL */
65},
66    { CKSUMTYPE_RSA_MD5_DES, 0,
67      "md5-des", "RSA-MD5 with DES cbc mode",
68      ENCTYPE_DES_CBC_CRC, &krb5int_keyhash_md5des,
69      0, 0,
70#ifdef _KERNEL
71      SUN_CKM_MD5,
72      CRYPTO_MECH_INVALID
73#endif /* _KERNEL */
74},
75
76    { CKSUMTYPE_NIST_SHA, 0,
77      "sha", "NIST-SHA",
78      0, NULL, &krb5int_hash_sha1, 0,
79#ifdef _KERNEL
80      SUN_CKM_SHA1,
81      CRYPTO_MECH_INVALID
82#endif /* _KERNEL */
83},
84
85    { CKSUMTYPE_HMAC_SHA1_DES3, KRB5_CKSUMFLAG_DERIVE,
86      "hmac-sha1-des3", "HMAC-SHA1 DES3 key",
87      0, NULL, &krb5int_hash_sha1, 0,
88#ifdef _KERNEL
89      SUN_CKM_SHA1_HMAC,
90      CRYPTO_MECH_INVALID
91#endif /* _KERNEL */
92 },
93    { CKSUMTYPE_HMAC_SHA1_DES3, KRB5_CKSUMFLAG_DERIVE,
94      "hmac-sha1-des3-kd", "HMAC-SHA1 DES3 key", /* alias */
95      0, NULL, &krb5int_hash_sha1, 0,
96#ifdef _KERNEL
97      SUN_CKM_SHA1_HMAC,
98      CRYPTO_MECH_INVALID
99#endif /* _KERNEL */
100},
101    { CKSUMTYPE_HMAC_MD5_ARCFOUR, 0,
102      "hmac-md5-rc4", "Microsoft HMAC MD5 (RC4 key)",
103      ENCTYPE_ARCFOUR_HMAC, &krb5int_keyhash_hmac_md5,
104      NULL, 0,
105#ifdef _KERNEL
106      SUN_CKM_MD5,
107      CRYPTO_MECH_INVALID
108#endif /* _KERNEL */
109    },
110    { CKSUMTYPE_HMAC_MD5_ARCFOUR, 0,
111      "hmac-md5-enc", "Microsoft HMAC MD5 (RC4 key)",  /*Heimdal alias*/
112      ENCTYPE_ARCFOUR_HMAC, &krb5int_keyhash_hmac_md5,
113      NULL, 0,
114#ifdef _KERNEL
115      SUN_CKM_MD5,
116      CRYPTO_MECH_INVALID
117#endif /* _KERNEL */
118    },
119    { CKSUMTYPE_HMAC_MD5_ARCFOUR, 0,
120      "hmac-md5-earcfour", "Microsoft HMAC MD5 (RC4 key)",  /* alias*/
121      ENCTYPE_ARCFOUR_HMAC, &krb5int_keyhash_hmac_md5,
122      NULL, 0,
123#ifdef _KERNEL
124      SUN_CKM_MD5,
125      CRYPTO_MECH_INVALID
126#endif /* _KERNEL */
127    },
128
129    { CKSUMTYPE_HMAC_SHA1_96_AES128, KRB5_CKSUMFLAG_DERIVE,
130      "hmac-sha1-96-aes128", "HMAC-SHA1 AES128 key",
131	0, NULL, &krb5int_hash_sha1, 12,
132#ifdef _KERNEL
133      SUN_CKM_SHA1_HMAC,
134      CRYPTO_MECH_INVALID
135#endif /* _KERNEL */
136    },
137    { CKSUMTYPE_HMAC_SHA1_96_AES256, KRB5_CKSUMFLAG_DERIVE,
138      "hmac-sha1-96-aes256", "HMAC-SHA1 AES256 key",
139	0, NULL, &krb5int_hash_sha1, 12,
140#ifdef _KERNEL
141      SUN_CKM_SHA1_HMAC,
142      CRYPTO_MECH_INVALID
143#endif /* _KERNEL */
144    }
145
146};
147
148const int krb5_cksumtypes_length =
149sizeof(krb5_cksumtypes_list)/sizeof(struct krb5_cksumtypes);
150
151/* Solaris Kerberos */
152#ifdef _KERNEL
153void
154setup_kef_cksumtypes()
155{
156	int i;
157	struct krb5_cksumtypes *ck;
158
159	for (i=0; i<krb5_cksumtypes_length; i++) {
160		ck = (struct krb5_cksumtypes *)&krb5_cksumtypes_list[i];
161		if (ck != NULL &&
162		    ck->mt_c_name != NULL &&
163		    ck->kef_cksum_mt == CRYPTO_MECH_INVALID) {
164
165			ck->kef_cksum_mt = crypto_mech2id(ck->mt_c_name);
166			KRB5_LOG1(KRB5_INFO, "setup_kef_cksumtypes() - "
167				"%s ==> %ld",
168				ck->mt_c_name, (ulong_t)ck->kef_cksum_mt);
169		}
170	}
171}
172#endif /* _KERNEL */
173