17c478bd9Sstevel@tonic-gate /*
2159d09a2SMark Phalan * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
37c478bd9Sstevel@tonic-gate * Use is subject to license terms.
47c478bd9Sstevel@tonic-gate */
57c478bd9Sstevel@tonic-gate
67c478bd9Sstevel@tonic-gate /*
77c478bd9Sstevel@tonic-gate * lib/crypto/pbkdf2.c
87c478bd9Sstevel@tonic-gate *
97c478bd9Sstevel@tonic-gate * Copyright 2002 by the Massachusetts Institute of Technology.
107c478bd9Sstevel@tonic-gate * All Rights Reserved.
117c478bd9Sstevel@tonic-gate *
127c478bd9Sstevel@tonic-gate * Export of this software from the United States of America may
137c478bd9Sstevel@tonic-gate * require a specific license from the United States Government.
147c478bd9Sstevel@tonic-gate * It is the responsibility of any person or organization contemplating
157c478bd9Sstevel@tonic-gate * export to obtain such a license before exporting.
16*6cc2d1cfS *
177c478bd9Sstevel@tonic-gate * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
187c478bd9Sstevel@tonic-gate * distribute this software and its documentation for any purpose and
197c478bd9Sstevel@tonic-gate * without fee is hereby granted, provided that the above copyright
207c478bd9Sstevel@tonic-gate * notice appear in all copies and that both that copyright notice and
217c478bd9Sstevel@tonic-gate * this permission notice appear in supporting documentation, and that
227c478bd9Sstevel@tonic-gate * the name of M.I.T. not be used in advertising or publicity pertaining
237c478bd9Sstevel@tonic-gate * to distribution of the software without specific, written prior
247c478bd9Sstevel@tonic-gate * permission. Furthermore if you modify this software you must label
257c478bd9Sstevel@tonic-gate * your software as modified software and not distribute it in such a
267c478bd9Sstevel@tonic-gate * fashion that it might be confused with the original M.I.T. software.
277c478bd9Sstevel@tonic-gate * M.I.T. makes no representations about the suitability of
287c478bd9Sstevel@tonic-gate * this software for any purpose. It is provided "as is" without express
297c478bd9Sstevel@tonic-gate * or implied warranty.
30*6cc2d1cfS *
317c478bd9Sstevel@tonic-gate *
327c478bd9Sstevel@tonic-gate * Implementation of PBKDF2 from RFC 2898.
337c478bd9Sstevel@tonic-gate * Not currently used; likely to be used when we get around to AES support.
347c478bd9Sstevel@tonic-gate */
357c478bd9Sstevel@tonic-gate
367c478bd9Sstevel@tonic-gate #ifndef _KERNEL
377c478bd9Sstevel@tonic-gate
387c478bd9Sstevel@tonic-gate #include <ctype.h>
39159d09a2SMark Phalan #include "k5-int.h"
40159d09a2SMark Phalan #include "hash_provider.h"
417c478bd9Sstevel@tonic-gate
427c478bd9Sstevel@tonic-gate /*
43159d09a2SMark Phalan * Solaris Kerberos:
447c478bd9Sstevel@tonic-gate * MIT code ripped out, use PBKDF2 algorithm from PKCS#11
457c478bd9Sstevel@tonic-gate * provider.
467c478bd9Sstevel@tonic-gate */
477c478bd9Sstevel@tonic-gate krb5_error_code
krb5int_pbkdf2_hmac_sha1(krb5_context context,const krb5_data * out,unsigned long count,krb5_enctype enctype,const krb5_data * pass,const krb5_data * salt)487c478bd9Sstevel@tonic-gate krb5int_pbkdf2_hmac_sha1(
497c478bd9Sstevel@tonic-gate krb5_context context,
507c478bd9Sstevel@tonic-gate const krb5_data *out,
517c478bd9Sstevel@tonic-gate unsigned long count,
527c478bd9Sstevel@tonic-gate krb5_enctype enctype,
537c478bd9Sstevel@tonic-gate const krb5_data *pass, const krb5_data *salt)
547c478bd9Sstevel@tonic-gate {
557c478bd9Sstevel@tonic-gate krb5_error_code ret = 0;
567c478bd9Sstevel@tonic-gate CK_RV rv;
577c478bd9Sstevel@tonic-gate CK_PKCS5_PBKD2_PARAMS params;
587c478bd9Sstevel@tonic-gate CK_MECHANISM mechanism;
597c478bd9Sstevel@tonic-gate CK_OBJECT_CLASS class = CKO_SECRET_KEY;
607c478bd9Sstevel@tonic-gate CK_ATTRIBUTE tmpl[3];
617c478bd9Sstevel@tonic-gate CK_KEY_TYPE keytype;
627c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hKey;
637c478bd9Sstevel@tonic-gate int attrs = 0;
64cd8b59cfSwillf CK_ULONG outlen, passlen;
657c478bd9Sstevel@tonic-gate
667c478bd9Sstevel@tonic-gate mechanism.mechanism = CKM_PKCS5_PBKD2;
677c478bd9Sstevel@tonic-gate mechanism.pParameter = ¶ms;
687c478bd9Sstevel@tonic-gate mechanism.ulParameterLen = sizeof (params);
697c478bd9Sstevel@tonic-gate
707c478bd9Sstevel@tonic-gate tmpl[attrs].type = CKA_CLASS;
717c478bd9Sstevel@tonic-gate tmpl[attrs].pValue = &class;
727c478bd9Sstevel@tonic-gate tmpl[attrs].ulValueLen = sizeof (class);
737c478bd9Sstevel@tonic-gate attrs++;
747c478bd9Sstevel@tonic-gate
757c478bd9Sstevel@tonic-gate rv = get_key_type(enctype, &keytype);
767c478bd9Sstevel@tonic-gate if (rv != CKR_OK)
777c478bd9Sstevel@tonic-gate return (PKCS_ERR);
787c478bd9Sstevel@tonic-gate
797c478bd9Sstevel@tonic-gate tmpl[attrs].type = CKA_KEY_TYPE;
807c478bd9Sstevel@tonic-gate tmpl[attrs].pValue = &keytype;
817c478bd9Sstevel@tonic-gate tmpl[attrs].ulValueLen = sizeof (keytype);
827c478bd9Sstevel@tonic-gate attrs++;
837c478bd9Sstevel@tonic-gate
847c478bd9Sstevel@tonic-gate /*
857c478bd9Sstevel@tonic-gate * For DES key types, do not include the value len attr.
867c478bd9Sstevel@tonic-gate */
877c478bd9Sstevel@tonic-gate if (out->length > 0 &&
887c478bd9Sstevel@tonic-gate enctype != ENCTYPE_DES_CBC_CRC &&
897c478bd9Sstevel@tonic-gate enctype != ENCTYPE_DES_CBC_MD5 &&
907c478bd9Sstevel@tonic-gate enctype != ENCTYPE_DES_CBC_RAW &&
917c478bd9Sstevel@tonic-gate enctype != ENCTYPE_DES_HMAC_SHA1 &&
927c478bd9Sstevel@tonic-gate enctype != ENCTYPE_DES3_CBC_SHA1 &&
937c478bd9Sstevel@tonic-gate enctype != ENCTYPE_DES3_CBC_RAW) {
947c478bd9Sstevel@tonic-gate tmpl[attrs].type = CKA_VALUE_LEN;
95cd8b59cfSwillf /* using outlen to avoid 64bit alignment issues */
96cd8b59cfSwillf outlen = (CK_ULONG)out->length;
97cd8b59cfSwillf tmpl[attrs].pValue = &outlen;
98*6cc2d1cfS tmpl[attrs].ulValueLen = sizeof (outlen);
997c478bd9Sstevel@tonic-gate attrs++;
1007c478bd9Sstevel@tonic-gate }
1017c478bd9Sstevel@tonic-gate
1027c478bd9Sstevel@tonic-gate params.saltSource = CKZ_SALT_SPECIFIED;
1037c478bd9Sstevel@tonic-gate params.pSaltSourceData = (void *)salt->data;
1047c478bd9Sstevel@tonic-gate params.ulSaltSourceDataLen = salt->length;
1057c478bd9Sstevel@tonic-gate params.iterations = count;
1067c478bd9Sstevel@tonic-gate params.prf = CKP_PKCS5_PBKD2_HMAC_SHA1;
1077c478bd9Sstevel@tonic-gate params.pPrfData = NULL;
1087c478bd9Sstevel@tonic-gate params.ulPrfDataLen = 0;
1097c478bd9Sstevel@tonic-gate params.pPassword = (CK_UTF8CHAR_PTR)pass->data;
110cd8b59cfSwillf /* using passlen to avoid 64bit alignment issues */
111cd8b59cfSwillf passlen = (CK_ULONG)pass->length;
112cd8b59cfSwillf params.ulPasswordLen = &passlen;
1137c478bd9Sstevel@tonic-gate
1147c478bd9Sstevel@tonic-gate rv = C_GenerateKey(krb_ctx_hSession(context), &mechanism, tmpl,
115*6cc2d1cfS attrs, &hKey);
1167c478bd9Sstevel@tonic-gate
1177c478bd9Sstevel@tonic-gate if (rv != CKR_OK)
1187c478bd9Sstevel@tonic-gate ret = PKCS_ERR;
1197c478bd9Sstevel@tonic-gate else {
1207c478bd9Sstevel@tonic-gate /* Get the value from the key object. */
1217c478bd9Sstevel@tonic-gate tmpl[0].type = CKA_VALUE;
1227c478bd9Sstevel@tonic-gate tmpl[0].pValue = out->data;
1237c478bd9Sstevel@tonic-gate tmpl[0].ulValueLen = out->length;
1247c478bd9Sstevel@tonic-gate rv = C_GetAttributeValue(krb_ctx_hSession(context), hKey,
125*6cc2d1cfS tmpl, 1);
1267c478bd9Sstevel@tonic-gate if (rv != CKR_OK)
1277c478bd9Sstevel@tonic-gate ret = PKCS_ERR;
128*6cc2d1cfS (void) C_DestroyObject(krb_ctx_hSession(context), hKey);
1297c478bd9Sstevel@tonic-gate }
1307c478bd9Sstevel@tonic-gate
1317c478bd9Sstevel@tonic-gate return (ret);
1327c478bd9Sstevel@tonic-gate }
1337c478bd9Sstevel@tonic-gate #endif /* !_KERNEL */
134