17c478bd9Sstevel@tonic-gate /*
2159d09a2SMark Phalan  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
37c478bd9Sstevel@tonic-gate  * Use is subject to license terms.
47c478bd9Sstevel@tonic-gate  */
57c478bd9Sstevel@tonic-gate 
67c478bd9Sstevel@tonic-gate /*
77c478bd9Sstevel@tonic-gate  * lib/crypto/pbkdf2.c
87c478bd9Sstevel@tonic-gate  *
97c478bd9Sstevel@tonic-gate  * Copyright 2002 by the Massachusetts Institute of Technology.
107c478bd9Sstevel@tonic-gate  * All Rights Reserved.
117c478bd9Sstevel@tonic-gate  *
127c478bd9Sstevel@tonic-gate  * Export of this software from the United States of America may
137c478bd9Sstevel@tonic-gate  *   require a specific license from the United States Government.
147c478bd9Sstevel@tonic-gate  *   It is the responsibility of any person or organization contemplating
157c478bd9Sstevel@tonic-gate  *   export to obtain such a license before exporting.
16*6cc2d1cfS  *
177c478bd9Sstevel@tonic-gate  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
187c478bd9Sstevel@tonic-gate  * distribute this software and its documentation for any purpose and
197c478bd9Sstevel@tonic-gate  * without fee is hereby granted, provided that the above copyright
207c478bd9Sstevel@tonic-gate  * notice appear in all copies and that both that copyright notice and
217c478bd9Sstevel@tonic-gate  * this permission notice appear in supporting documentation, and that
227c478bd9Sstevel@tonic-gate  * the name of M.I.T. not be used in advertising or publicity pertaining
237c478bd9Sstevel@tonic-gate  * to distribution of the software without specific, written prior
247c478bd9Sstevel@tonic-gate  * permission.  Furthermore if you modify this software you must label
257c478bd9Sstevel@tonic-gate  * your software as modified software and not distribute it in such a
267c478bd9Sstevel@tonic-gate  * fashion that it might be confused with the original M.I.T. software.
277c478bd9Sstevel@tonic-gate  * M.I.T. makes no representations about the suitability of
287c478bd9Sstevel@tonic-gate  * this software for any purpose.  It is provided "as is" without express
297c478bd9Sstevel@tonic-gate  * or implied warranty.
30*6cc2d1cfS  *
317c478bd9Sstevel@tonic-gate  *
327c478bd9Sstevel@tonic-gate  * Implementation of PBKDF2 from RFC 2898.
337c478bd9Sstevel@tonic-gate  * Not currently used; likely to be used when we get around to AES support.
347c478bd9Sstevel@tonic-gate  */
357c478bd9Sstevel@tonic-gate 
367c478bd9Sstevel@tonic-gate #ifndef _KERNEL
377c478bd9Sstevel@tonic-gate 
387c478bd9Sstevel@tonic-gate #include <ctype.h>
39159d09a2SMark Phalan #include "k5-int.h"
40159d09a2SMark Phalan #include "hash_provider.h"
417c478bd9Sstevel@tonic-gate 
427c478bd9Sstevel@tonic-gate /*
43159d09a2SMark Phalan  * Solaris Kerberos:
447c478bd9Sstevel@tonic-gate  * MIT code ripped out, use PBKDF2 algorithm from PKCS#11
457c478bd9Sstevel@tonic-gate  * provider.
467c478bd9Sstevel@tonic-gate  */
477c478bd9Sstevel@tonic-gate krb5_error_code
krb5int_pbkdf2_hmac_sha1(krb5_context context,const krb5_data * out,unsigned long count,krb5_enctype enctype,const krb5_data * pass,const krb5_data * salt)487c478bd9Sstevel@tonic-gate krb5int_pbkdf2_hmac_sha1(
497c478bd9Sstevel@tonic-gate 	krb5_context context,
507c478bd9Sstevel@tonic-gate 	const krb5_data *out,
517c478bd9Sstevel@tonic-gate 	unsigned long count,
527c478bd9Sstevel@tonic-gate 	krb5_enctype enctype,
537c478bd9Sstevel@tonic-gate 	const krb5_data *pass, const krb5_data *salt)
547c478bd9Sstevel@tonic-gate {
557c478bd9Sstevel@tonic-gate 	krb5_error_code ret = 0;
567c478bd9Sstevel@tonic-gate 	CK_RV rv;
577c478bd9Sstevel@tonic-gate 	CK_PKCS5_PBKD2_PARAMS params;
587c478bd9Sstevel@tonic-gate 	CK_MECHANISM mechanism;
597c478bd9Sstevel@tonic-gate 	CK_OBJECT_CLASS class = CKO_SECRET_KEY;
607c478bd9Sstevel@tonic-gate 	CK_ATTRIBUTE tmpl[3];
617c478bd9Sstevel@tonic-gate 	CK_KEY_TYPE	keytype;
627c478bd9Sstevel@tonic-gate 	CK_OBJECT_HANDLE hKey;
637c478bd9Sstevel@tonic-gate 	int attrs = 0;
64cd8b59cfSwillf 	CK_ULONG outlen, passlen;
657c478bd9Sstevel@tonic-gate 
667c478bd9Sstevel@tonic-gate 	mechanism.mechanism = CKM_PKCS5_PBKD2;
677c478bd9Sstevel@tonic-gate 	mechanism.pParameter = &params;
687c478bd9Sstevel@tonic-gate 	mechanism.ulParameterLen = sizeof (params);
697c478bd9Sstevel@tonic-gate 
707c478bd9Sstevel@tonic-gate 	tmpl[attrs].type = CKA_CLASS;
717c478bd9Sstevel@tonic-gate 	tmpl[attrs].pValue = &class;
727c478bd9Sstevel@tonic-gate 	tmpl[attrs].ulValueLen = sizeof (class);
737c478bd9Sstevel@tonic-gate 	attrs++;
747c478bd9Sstevel@tonic-gate 
757c478bd9Sstevel@tonic-gate 	rv = get_key_type(enctype, &keytype);
767c478bd9Sstevel@tonic-gate 	if (rv != CKR_OK)
777c478bd9Sstevel@tonic-gate 		return (PKCS_ERR);
787c478bd9Sstevel@tonic-gate 
797c478bd9Sstevel@tonic-gate 	tmpl[attrs].type = CKA_KEY_TYPE;
807c478bd9Sstevel@tonic-gate 	tmpl[attrs].pValue = &keytype;
817c478bd9Sstevel@tonic-gate 	tmpl[attrs].ulValueLen = sizeof (keytype);
827c478bd9Sstevel@tonic-gate 	attrs++;
837c478bd9Sstevel@tonic-gate 
847c478bd9Sstevel@tonic-gate 	/*
857c478bd9Sstevel@tonic-gate 	 * For DES key types, do not include the value len attr.
867c478bd9Sstevel@tonic-gate 	 */
877c478bd9Sstevel@tonic-gate 	if (out->length > 0 &&
887c478bd9Sstevel@tonic-gate 	    enctype != ENCTYPE_DES_CBC_CRC &&
897c478bd9Sstevel@tonic-gate 	    enctype != ENCTYPE_DES_CBC_MD5 &&
907c478bd9Sstevel@tonic-gate 	    enctype != ENCTYPE_DES_CBC_RAW &&
917c478bd9Sstevel@tonic-gate 	    enctype != ENCTYPE_DES_HMAC_SHA1 &&
927c478bd9Sstevel@tonic-gate 	    enctype != ENCTYPE_DES3_CBC_SHA1 &&
937c478bd9Sstevel@tonic-gate 	    enctype != ENCTYPE_DES3_CBC_RAW) {
947c478bd9Sstevel@tonic-gate 		tmpl[attrs].type = CKA_VALUE_LEN;
95cd8b59cfSwillf 		/* using outlen to avoid 64bit alignment issues */
96cd8b59cfSwillf 		outlen = (CK_ULONG)out->length;
97cd8b59cfSwillf 		tmpl[attrs].pValue = &outlen;
98*6cc2d1cfS 		tmpl[attrs].ulValueLen = sizeof (outlen);
997c478bd9Sstevel@tonic-gate 		attrs++;
1007c478bd9Sstevel@tonic-gate 	}
1017c478bd9Sstevel@tonic-gate 
1027c478bd9Sstevel@tonic-gate 	params.saltSource = CKZ_SALT_SPECIFIED;
1037c478bd9Sstevel@tonic-gate 	params.pSaltSourceData = (void *)salt->data;
1047c478bd9Sstevel@tonic-gate 	params.ulSaltSourceDataLen = salt->length;
1057c478bd9Sstevel@tonic-gate 	params.iterations = count;
1067c478bd9Sstevel@tonic-gate 	params.prf = CKP_PKCS5_PBKD2_HMAC_SHA1;
1077c478bd9Sstevel@tonic-gate 	params.pPrfData = NULL;
1087c478bd9Sstevel@tonic-gate 	params.ulPrfDataLen = 0;
1097c478bd9Sstevel@tonic-gate 	params.pPassword = (CK_UTF8CHAR_PTR)pass->data;
110cd8b59cfSwillf 	/* using passlen to avoid 64bit alignment issues */
111cd8b59cfSwillf 	passlen = (CK_ULONG)pass->length;
112cd8b59cfSwillf 	params.ulPasswordLen = &passlen;
1137c478bd9Sstevel@tonic-gate 
1147c478bd9Sstevel@tonic-gate 	rv = C_GenerateKey(krb_ctx_hSession(context), &mechanism, tmpl,
115*6cc2d1cfS 	    attrs, &hKey);
1167c478bd9Sstevel@tonic-gate 
1177c478bd9Sstevel@tonic-gate 	if (rv != CKR_OK)
1187c478bd9Sstevel@tonic-gate 		ret = PKCS_ERR;
1197c478bd9Sstevel@tonic-gate 	else {
1207c478bd9Sstevel@tonic-gate 		/* Get the value from the key object. */
1217c478bd9Sstevel@tonic-gate 		tmpl[0].type = CKA_VALUE;
1227c478bd9Sstevel@tonic-gate 		tmpl[0].pValue = out->data;
1237c478bd9Sstevel@tonic-gate 		tmpl[0].ulValueLen = out->length;
1247c478bd9Sstevel@tonic-gate 		rv = C_GetAttributeValue(krb_ctx_hSession(context), hKey,
125*6cc2d1cfS 		    tmpl, 1);
1267c478bd9Sstevel@tonic-gate 		if (rv != CKR_OK)
1277c478bd9Sstevel@tonic-gate 			ret = PKCS_ERR;
128*6cc2d1cfS 		(void) C_DestroyObject(krb_ctx_hSession(context), hKey);
1297c478bd9Sstevel@tonic-gate 	}
1307c478bd9Sstevel@tonic-gate 
1317c478bd9Sstevel@tonic-gate 	return (ret);
1327c478bd9Sstevel@tonic-gate }
1337c478bd9Sstevel@tonic-gate #endif /* !_KERNEL */
134