38eebea9c914a02dfe4130e349f48fc36f2c264e
[strongswan.git] / src / libstrongswan / crypto / hashers / hasher.c
1 /*
2 * Copyright (C) 2012-2015 Tobias Brunner
3 * Copyright (C) 2005-2006 Martin Willi
4 * Copyright (C) 2005 Jan Hutter
5 * Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 #include "hasher.h"
19
20 #include <asn1/oid.h>
21
22 ENUM_BEGIN(hash_algorithm_names, HASH_SHA1, HASH_SHA512,
23 "HASH_SHA1",
24 "HASH_SHA256",
25 "HASH_SHA384",
26 "HASH_SHA512");
27 ENUM_NEXT(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA224, HASH_SHA512,
28 "HASH_UNKNOWN",
29 "HASH_MD2",
30 "HASH_MD4",
31 "HASH_MD5",
32 "HASH_SHA224");
33 ENUM_END(hash_algorithm_names, HASH_SHA224);
34
35 ENUM_BEGIN(hash_algorithm_short_names, HASH_SHA1, HASH_SHA512,
36 "sha1",
37 "sha256",
38 "sha384",
39 "sha512");
40 ENUM_NEXT(hash_algorithm_short_names, HASH_UNKNOWN, HASH_SHA224, HASH_SHA512,
41 "unknown",
42 "md2",
43 "md4",
44 "md5",
45 "sha224");
46 ENUM_END(hash_algorithm_short_names, HASH_SHA224);
47
48 /*
49 * Described in header.
50 */
51 hash_algorithm_t hasher_algorithm_from_oid(int oid)
52 {
53 switch (oid)
54 {
55 case OID_MD2:
56 case OID_MD2_WITH_RSA:
57 return HASH_MD2;
58 case OID_MD5:
59 case OID_MD5_WITH_RSA:
60 return HASH_MD5;
61 case OID_SHA1:
62 case OID_SHA1_WITH_RSA:
63 return HASH_SHA1;
64 case OID_SHA224:
65 case OID_SHA224_WITH_RSA:
66 return HASH_SHA224;
67 case OID_SHA256:
68 case OID_SHA256_WITH_RSA:
69 return HASH_SHA256;
70 case OID_SHA384:
71 case OID_SHA384_WITH_RSA:
72 return HASH_SHA384;
73 case OID_SHA512:
74 case OID_SHA512_WITH_RSA:
75 return HASH_SHA512;
76 default:
77 return HASH_UNKNOWN;
78 }
79 }
80
81 /*
82 * Described in header.
83 */
84 hash_algorithm_t hasher_algorithm_from_prf(pseudo_random_function_t alg)
85 {
86 switch (alg)
87 {
88 case PRF_HMAC_MD5:
89 return HASH_MD5;
90 case PRF_HMAC_SHA1:
91 case PRF_FIPS_SHA1_160:
92 case PRF_KEYED_SHA1:
93 return HASH_SHA1;
94 case PRF_HMAC_SHA2_256:
95 return HASH_SHA256;
96 case PRF_HMAC_SHA2_384:
97 return HASH_SHA384;
98 case PRF_HMAC_SHA2_512:
99 return HASH_SHA512;
100 case PRF_HMAC_TIGER:
101 case PRF_AES128_XCBC:
102 case PRF_AES128_CMAC:
103 case PRF_FIPS_DES:
104 case PRF_CAMELLIA128_XCBC:
105 case PRF_UNDEFINED:
106 break;
107 }
108 return HASH_UNKNOWN;
109 }
110
111 /*
112 * Described in header.
113 */
114 hash_algorithm_t hasher_algorithm_from_integrity(integrity_algorithm_t alg,
115 size_t *length)
116 {
117 if (length)
118 {
119 switch (alg)
120 {
121 case AUTH_HMAC_MD5_96:
122 case AUTH_HMAC_SHA1_96:
123 case AUTH_HMAC_SHA2_256_96:
124 *length = 12;
125 break;
126 case AUTH_HMAC_MD5_128:
127 case AUTH_HMAC_SHA1_128:
128 case AUTH_HMAC_SHA2_256_128:
129 *length = 16;
130 break;
131 case AUTH_HMAC_SHA1_160:
132 *length = 20;
133 break;
134 case AUTH_HMAC_SHA2_384_192:
135 *length = 24;
136 break;
137 case AUTH_HMAC_SHA2_256_256:
138 case AUTH_HMAC_SHA2_512_256:
139 *length = 32;
140 break;
141 case AUTH_HMAC_SHA2_384_384:
142 *length = 48;
143 break;
144 case AUTH_HMAC_SHA2_512_512:
145 *length = 64;
146 break;
147 default:
148 break;
149 }
150 }
151 switch (alg)
152 {
153 case AUTH_HMAC_MD5_96:
154 case AUTH_HMAC_MD5_128:
155 case AUTH_KPDK_MD5:
156 return HASH_MD5;
157 case AUTH_HMAC_SHA1_96:
158 case AUTH_HMAC_SHA1_128:
159 case AUTH_HMAC_SHA1_160:
160 return HASH_SHA1;
161 case AUTH_HMAC_SHA2_256_96:
162 case AUTH_HMAC_SHA2_256_128:
163 case AUTH_HMAC_SHA2_256_256:
164 return HASH_SHA256;
165 case AUTH_HMAC_SHA2_384_192:
166 case AUTH_HMAC_SHA2_384_384:
167 return HASH_SHA384;
168 case AUTH_HMAC_SHA2_512_256:
169 case AUTH_HMAC_SHA2_512_512:
170 return HASH_SHA512;
171 case AUTH_AES_CMAC_96:
172 case AUTH_AES_128_GMAC:
173 case AUTH_AES_192_GMAC:
174 case AUTH_AES_256_GMAC:
175 case AUTH_AES_XCBC_96:
176 case AUTH_DES_MAC:
177 case AUTH_CAMELLIA_XCBC_96:
178 case AUTH_UNDEFINED:
179 break;
180 }
181 return HASH_UNKNOWN;
182 }
183
184 /*
185 * Described in header.
186 */
187 integrity_algorithm_t hasher_algorithm_to_integrity(hash_algorithm_t alg,
188 size_t length)
189 {
190 switch (alg)
191 {
192 case HASH_MD5:
193 switch (length)
194 {
195 case 12:
196 return AUTH_HMAC_MD5_96;
197 case 16:
198 return AUTH_HMAC_MD5_128;
199 }
200 break;
201 case HASH_SHA1:
202 switch (length)
203 {
204 case 12:
205 return AUTH_HMAC_SHA1_96;
206 case 16:
207 return AUTH_HMAC_SHA1_128;
208 case 20:
209 return AUTH_HMAC_SHA1_160;
210 }
211 break;
212 case HASH_SHA256:
213 switch (length)
214 {
215 case 12:
216 return AUTH_HMAC_SHA2_256_96;
217 case 16:
218 return AUTH_HMAC_SHA2_256_128;
219 case 32:
220 return AUTH_HMAC_SHA2_256_256;
221 }
222 break;
223 case HASH_SHA384:
224 switch (length)
225 {
226 case 24:
227 return AUTH_HMAC_SHA2_384_192;
228 case 48:
229 return AUTH_HMAC_SHA2_384_384;
230
231 }
232 break;
233 case HASH_SHA512:
234 switch (length)
235 {
236 case 32:
237 return AUTH_HMAC_SHA2_512_256;
238 case 64:
239 return AUTH_HMAC_SHA2_512_512;
240 }
241 break;
242 case HASH_MD2:
243 case HASH_MD4:
244 case HASH_SHA224:
245 case HASH_UNKNOWN:
246 break;
247 }
248 return AUTH_UNDEFINED;
249 }
250
251 /*
252 * Described in header.
253 */
254 bool hasher_algorithm_for_ikev2(hash_algorithm_t alg)
255 {
256 switch (alg)
257 {
258 case HASH_SHA1:
259 case HASH_SHA256:
260 case HASH_SHA384:
261 case HASH_SHA512:
262 return TRUE;
263 case HASH_UNKNOWN:
264 case HASH_MD2:
265 case HASH_MD4:
266 case HASH_MD5:
267 case HASH_SHA224:
268 break;
269 }
270 return FALSE;
271 }
272
273 /*
274 * Described in header.
275 */
276 int hasher_algorithm_to_oid(hash_algorithm_t alg)
277 {
278 int oid;
279
280 switch (alg)
281 {
282 case HASH_MD2:
283 oid = OID_MD2;
284 break;
285 case HASH_MD5:
286 oid = OID_MD5;
287 break;
288 case HASH_SHA1:
289 oid = OID_SHA1;
290 break;
291 case HASH_SHA224:
292 oid = OID_SHA224;
293 break;
294 case HASH_SHA256:
295 oid = OID_SHA256;
296 break;
297 case HASH_SHA384:
298 oid = OID_SHA384;
299 break;
300 case HASH_SHA512:
301 oid = OID_SHA512;
302 break;
303 default:
304 oid = OID_UNKNOWN;
305 }
306 return oid;
307 }
308
309 /*
310 * Described in header.
311 */
312 int hasher_signature_algorithm_to_oid(hash_algorithm_t alg, key_type_t key)
313 {
314 switch (key)
315 {
316 case KEY_RSA:
317 switch (alg)
318 {
319 case HASH_MD2:
320 return OID_MD2_WITH_RSA;
321 case HASH_MD5:
322 return OID_MD5_WITH_RSA;
323 case HASH_SHA1:
324 return OID_SHA1_WITH_RSA;
325 case HASH_SHA224:
326 return OID_SHA224_WITH_RSA;
327 case HASH_SHA256:
328 return OID_SHA256_WITH_RSA;
329 case HASH_SHA384:
330 return OID_SHA384_WITH_RSA;
331 case HASH_SHA512:
332 return OID_SHA512_WITH_RSA;
333 default:
334 return OID_UNKNOWN;
335 }
336 case KEY_ECDSA:
337 switch (alg)
338 {
339 case HASH_SHA1:
340 return OID_ECDSA_WITH_SHA1;
341 case HASH_SHA256:
342 return OID_ECDSA_WITH_SHA256;
343 case HASH_SHA384:
344 return OID_ECDSA_WITH_SHA384;
345 case HASH_SHA512:
346 return OID_ECDSA_WITH_SHA512;
347 default:
348 return OID_UNKNOWN;
349 }
350 case KEY_BLISS:
351 switch (alg)
352 {
353 case HASH_SHA256:
354 return OID_BLISS_WITH_SHA256;
355 case HASH_SHA384:
356 return OID_BLISS_WITH_SHA384;
357 case HASH_SHA512:
358 return OID_BLISS_WITH_SHA512;
359 default:
360 return OID_UNKNOWN;
361 }
362 default:
363 return OID_UNKNOWN;
364 }
365 }
366
367 /*
368 * Defined in header.
369 */
370 hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme)
371 {
372 switch (scheme)
373 {
374 case SIGN_UNKNOWN:
375 case SIGN_RSA_EMSA_PKCS1_NULL:
376 case SIGN_ECDSA_WITH_NULL:
377 break;
378 case SIGN_RSA_EMSA_PKCS1_MD5:
379 return HASH_MD5;
380 case SIGN_RSA_EMSA_PKCS1_SHA1:
381 case SIGN_ECDSA_WITH_SHA1_DER:
382 return HASH_SHA1;
383 case SIGN_RSA_EMSA_PKCS1_SHA224:
384 return HASH_SHA224;
385 case SIGN_RSA_EMSA_PKCS1_SHA256:
386 case SIGN_ECDSA_WITH_SHA256_DER:
387 case SIGN_ECDSA_256:
388 case SIGN_BLISS_WITH_SHA256:
389 return HASH_SHA256;
390 case SIGN_RSA_EMSA_PKCS1_SHA384:
391 case SIGN_ECDSA_WITH_SHA384_DER:
392 case SIGN_ECDSA_384:
393 case SIGN_BLISS_WITH_SHA384:
394 return HASH_SHA384;
395 case SIGN_RSA_EMSA_PKCS1_SHA512:
396 case SIGN_ECDSA_WITH_SHA512_DER:
397 case SIGN_ECDSA_521:
398 case SIGN_BLISS_WITH_SHA512:
399 return HASH_SHA512;
400 }
401 return HASH_UNKNOWN;
402 }