3f49f36000383a5a37d4d6622a1001be1c8a661a
[strongswan.git] / src / libstrongswan / crypto / hashers / hasher.c
1 /*
2 * Copyright (C) 2012-2015 Tobias Brunner
3 * Copyright (C) 2015-2017 Andreas Steffen
4 * Copyright (C) 2005-2006 Martin Willi
5 * Copyright (C) 2005 Jan Hutter
6 * HSR Hochschule fuer Technik Rapperswil
7 *
8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2 of the License, or (at your
11 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
12 *
13 * This program is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
15 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
16 * for more details.
17 */
18
19 #include "hasher.h"
20
21 #include <asn1/oid.h>
22
23 ENUM_BEGIN(hash_algorithm_names, HASH_SHA1, HASH_IDENTITY,
24 "HASH_SHA1",
25 "HASH_SHA256",
26 "HASH_SHA384",
27 "HASH_SHA512",
28 "HASH_IDENTITY");
29 ENUM_NEXT(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_IDENTITY,
30 "HASH_UNKNOWN",
31 "HASH_MD2",
32 "HASH_MD4",
33 "HASH_MD5",
34 "HASH_SHA224",
35 "HASH_SHA3_224",
36 "HASH_SHA3_256",
37 "HASH_SHA3_384",
38 "HASH_SHA3_512");
39 ENUM_END(hash_algorithm_names, HASH_SHA3_512);
40
41 ENUM_BEGIN(hash_algorithm_short_names, HASH_SHA1, HASH_IDENTITY,
42 "sha1",
43 "sha256",
44 "sha384",
45 "sha512",
46 "identity");
47 ENUM_NEXT(hash_algorithm_short_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_IDENTITY,
48 "unknown",
49 "md2",
50 "md4",
51 "md5",
52 "sha224",
53 "sha3_224",
54 "sha3_256",
55 "sha3_384",
56 "sha3_512");
57 ENUM_END(hash_algorithm_short_names, HASH_SHA3_512);
58
59 /*
60 * Described in header.
61 */
62 hash_algorithm_t hasher_algorithm_from_oid(int oid)
63 {
64 switch (oid)
65 {
66 case OID_MD2:
67 case OID_MD2_WITH_RSA:
68 return HASH_MD2;
69 case OID_MD5:
70 case OID_MD5_WITH_RSA:
71 return HASH_MD5;
72 case OID_SHA1:
73 case OID_SHA1_WITH_RSA:
74 return HASH_SHA1;
75 case OID_SHA224:
76 case OID_SHA224_WITH_RSA:
77 return HASH_SHA224;
78 case OID_SHA256:
79 case OID_SHA256_WITH_RSA:
80 return HASH_SHA256;
81 case OID_SHA384:
82 case OID_SHA384_WITH_RSA:
83 return HASH_SHA384;
84 case OID_SHA512:
85 case OID_SHA512_WITH_RSA:
86 return HASH_SHA512;
87 case OID_SHA3_224:
88 case OID_RSASSA_PKCS1V15_WITH_SHA3_224:
89 return HASH_SHA3_224;
90 case OID_SHA3_256:
91 case OID_RSASSA_PKCS1V15_WITH_SHA3_256:
92 return HASH_SHA3_256;
93 case OID_SHA3_384:
94 case OID_RSASSA_PKCS1V15_WITH_SHA3_384:
95 return HASH_SHA3_384;
96 case OID_SHA3_512:
97 case OID_RSASSA_PKCS1V15_WITH_SHA3_512:
98 return HASH_SHA3_512;
99 case OID_ED25519:
100 case OID_ED448:
101 return HASH_IDENTITY;
102 default:
103 return HASH_UNKNOWN;
104 }
105 }
106
107 /*
108 * Described in header.
109 */
110 hash_algorithm_t hasher_algorithm_from_prf(pseudo_random_function_t alg)
111 {
112 switch (alg)
113 {
114 case PRF_HMAC_MD5:
115 return HASH_MD5;
116 case PRF_HMAC_SHA1:
117 case PRF_FIPS_SHA1_160:
118 case PRF_KEYED_SHA1:
119 return HASH_SHA1;
120 case PRF_HMAC_SHA2_256:
121 return HASH_SHA256;
122 case PRF_HMAC_SHA2_384:
123 return HASH_SHA384;
124 case PRF_HMAC_SHA2_512:
125 return HASH_SHA512;
126 case PRF_HMAC_TIGER:
127 case PRF_AES128_XCBC:
128 case PRF_AES128_CMAC:
129 case PRF_FIPS_DES:
130 case PRF_CAMELLIA128_XCBC:
131 case PRF_UNDEFINED:
132 break;
133 }
134 return HASH_UNKNOWN;
135 }
136
137 /*
138 * Described in header.
139 */
140 hash_algorithm_t hasher_algorithm_from_integrity(integrity_algorithm_t alg,
141 size_t *length)
142 {
143 if (length)
144 {
145 switch (alg)
146 {
147 case AUTH_HMAC_MD5_96:
148 case AUTH_HMAC_SHA1_96:
149 case AUTH_HMAC_SHA2_256_96:
150 *length = 12;
151 break;
152 case AUTH_HMAC_MD5_128:
153 case AUTH_HMAC_SHA1_128:
154 case AUTH_HMAC_SHA2_256_128:
155 *length = 16;
156 break;
157 case AUTH_HMAC_SHA1_160:
158 *length = 20;
159 break;
160 case AUTH_HMAC_SHA2_384_192:
161 *length = 24;
162 break;
163 case AUTH_HMAC_SHA2_256_256:
164 case AUTH_HMAC_SHA2_512_256:
165 *length = 32;
166 break;
167 case AUTH_HMAC_SHA2_384_384:
168 *length = 48;
169 break;
170 case AUTH_HMAC_SHA2_512_512:
171 *length = 64;
172 break;
173 default:
174 break;
175 }
176 }
177 switch (alg)
178 {
179 case AUTH_HMAC_MD5_96:
180 case AUTH_HMAC_MD5_128:
181 case AUTH_KPDK_MD5:
182 return HASH_MD5;
183 case AUTH_HMAC_SHA1_96:
184 case AUTH_HMAC_SHA1_128:
185 case AUTH_HMAC_SHA1_160:
186 return HASH_SHA1;
187 case AUTH_HMAC_SHA2_256_96:
188 case AUTH_HMAC_SHA2_256_128:
189 case AUTH_HMAC_SHA2_256_256:
190 return HASH_SHA256;
191 case AUTH_HMAC_SHA2_384_192:
192 case AUTH_HMAC_SHA2_384_384:
193 return HASH_SHA384;
194 case AUTH_HMAC_SHA2_512_256:
195 case AUTH_HMAC_SHA2_512_512:
196 return HASH_SHA512;
197 case AUTH_AES_CMAC_96:
198 case AUTH_AES_128_GMAC:
199 case AUTH_AES_192_GMAC:
200 case AUTH_AES_256_GMAC:
201 case AUTH_AES_XCBC_96:
202 case AUTH_DES_MAC:
203 case AUTH_CAMELLIA_XCBC_96:
204 case AUTH_UNDEFINED:
205 break;
206 }
207 return HASH_UNKNOWN;
208 }
209
210 /*
211 * Described in header.
212 */
213 integrity_algorithm_t hasher_algorithm_to_integrity(hash_algorithm_t alg,
214 size_t length)
215 {
216 switch (alg)
217 {
218 case HASH_MD5:
219 switch (length)
220 {
221 case 12:
222 return AUTH_HMAC_MD5_96;
223 case 16:
224 return AUTH_HMAC_MD5_128;
225 }
226 break;
227 case HASH_SHA1:
228 switch (length)
229 {
230 case 12:
231 return AUTH_HMAC_SHA1_96;
232 case 16:
233 return AUTH_HMAC_SHA1_128;
234 case 20:
235 return AUTH_HMAC_SHA1_160;
236 }
237 break;
238 case HASH_SHA256:
239 switch (length)
240 {
241 case 12:
242 return AUTH_HMAC_SHA2_256_96;
243 case 16:
244 return AUTH_HMAC_SHA2_256_128;
245 case 32:
246 return AUTH_HMAC_SHA2_256_256;
247 }
248 break;
249 case HASH_SHA384:
250 switch (length)
251 {
252 case 24:
253 return AUTH_HMAC_SHA2_384_192;
254 case 48:
255 return AUTH_HMAC_SHA2_384_384;
256
257 }
258 break;
259 case HASH_SHA512:
260 switch (length)
261 {
262 case 32:
263 return AUTH_HMAC_SHA2_512_256;
264 case 64:
265 return AUTH_HMAC_SHA2_512_512;
266 }
267 break;
268 case HASH_MD2:
269 case HASH_MD4:
270 case HASH_SHA224:
271 case HASH_SHA3_224:
272 case HASH_SHA3_256:
273 case HASH_SHA3_384:
274 case HASH_SHA3_512:
275 case HASH_IDENTITY:
276 case HASH_UNKNOWN:
277 break;
278 }
279 return AUTH_UNDEFINED;
280 }
281
282 /*
283 * Described in header.
284 */
285 bool hasher_algorithm_for_ikev2(hash_algorithm_t alg)
286 {
287 switch (alg)
288 {
289 case HASH_IDENTITY:
290 case HASH_SHA256:
291 case HASH_SHA384:
292 case HASH_SHA512:
293 return TRUE;
294 case HASH_UNKNOWN:
295 case HASH_MD2:
296 case HASH_MD4:
297 case HASH_MD5:
298 case HASH_SHA1:
299 case HASH_SHA224:
300 case HASH_SHA3_224:
301 case HASH_SHA3_256:
302 case HASH_SHA3_384:
303 case HASH_SHA3_512:
304 break;
305 }
306 return FALSE;
307 }
308
309 /*
310 * Described in header.
311 */
312 int hasher_algorithm_to_oid(hash_algorithm_t alg)
313 {
314 int oid;
315
316 switch (alg)
317 {
318 case HASH_MD2:
319 oid = OID_MD2;
320 break;
321 case HASH_MD5:
322 oid = OID_MD5;
323 break;
324 case HASH_SHA1:
325 oid = OID_SHA1;
326 break;
327 case HASH_SHA224:
328 oid = OID_SHA224;
329 break;
330 case HASH_SHA256:
331 oid = OID_SHA256;
332 break;
333 case HASH_SHA384:
334 oid = OID_SHA384;
335 break;
336 case HASH_SHA512:
337 oid = OID_SHA512;
338 break;
339 case HASH_SHA3_224:
340 oid = OID_SHA3_224;
341 break;
342 case HASH_SHA3_256:
343 oid = OID_SHA3_256;
344 break;
345 case HASH_SHA3_384:
346 oid = OID_SHA3_384;
347 break;
348 case HASH_SHA3_512:
349 oid = OID_SHA3_512;
350 break;
351 default:
352 oid = OID_UNKNOWN;
353 }
354 return oid;
355 }
356
357 /*
358 * Described in header.
359 */
360 int hasher_signature_algorithm_to_oid(hash_algorithm_t alg, key_type_t key)
361 {
362 switch (key)
363 {
364 case KEY_RSA:
365 switch (alg)
366 {
367 case HASH_MD2:
368 return OID_MD2_WITH_RSA;
369 case HASH_MD5:
370 return OID_MD5_WITH_RSA;
371 case HASH_SHA1:
372 return OID_SHA1_WITH_RSA;
373 case HASH_SHA224:
374 return OID_SHA224_WITH_RSA;
375 case HASH_SHA256:
376 return OID_SHA256_WITH_RSA;
377 case HASH_SHA384:
378 return OID_SHA384_WITH_RSA;
379 case HASH_SHA512:
380 return OID_SHA512_WITH_RSA;
381 case HASH_SHA3_224:
382 return OID_RSASSA_PKCS1V15_WITH_SHA3_224;
383 case HASH_SHA3_256:
384 return OID_RSASSA_PKCS1V15_WITH_SHA3_256;
385 case HASH_SHA3_384:
386 return OID_RSASSA_PKCS1V15_WITH_SHA3_384;
387 case HASH_SHA3_512:
388 return OID_RSASSA_PKCS1V15_WITH_SHA3_512;
389 default:
390 return OID_UNKNOWN;
391 }
392 case KEY_ECDSA:
393 switch (alg)
394 {
395 case HASH_SHA1:
396 return OID_ECDSA_WITH_SHA1;
397 case HASH_SHA256:
398 return OID_ECDSA_WITH_SHA256;
399 case HASH_SHA384:
400 return OID_ECDSA_WITH_SHA384;
401 case HASH_SHA512:
402 return OID_ECDSA_WITH_SHA512;
403 default:
404 return OID_UNKNOWN;
405 }
406 case KEY_ED25519:
407 switch (alg)
408 {
409 case HASH_IDENTITY:
410 return OID_ED25519;
411 default:
412 return OID_UNKNOWN;
413 }
414 case KEY_ED448:
415 switch (alg)
416 {
417 case HASH_IDENTITY:
418 return OID_ED448;
419 default:
420 return OID_UNKNOWN;
421 }
422 case KEY_BLISS:
423 switch (alg)
424 {
425 case HASH_SHA256:
426 return OID_BLISS_WITH_SHA2_256;
427 case HASH_SHA384:
428 return OID_BLISS_WITH_SHA2_384;
429 case HASH_SHA512:
430 return OID_BLISS_WITH_SHA2_512;
431 case HASH_SHA3_256:
432 return OID_BLISS_WITH_SHA3_256;
433 case HASH_SHA3_384:
434 return OID_BLISS_WITH_SHA3_384;
435 case HASH_SHA3_512:
436 return OID_BLISS_WITH_SHA3_512;
437 default:
438 return OID_UNKNOWN;
439 }
440 default:
441 return OID_UNKNOWN;
442 }
443 }
444
445 /*
446 * Defined in header.
447 */
448 hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme)
449 {
450 switch (scheme)
451 {
452 case SIGN_UNKNOWN:
453 case SIGN_RSA_EMSA_PKCS1_NULL:
454 case SIGN_ECDSA_WITH_NULL:
455 case SIGN_RSA_EMSA_PSS:
456 break;
457 case SIGN_ED25519:
458 case SIGN_ED448:
459 return HASH_IDENTITY;
460 case SIGN_RSA_EMSA_PKCS1_MD5:
461 return HASH_MD5;
462 case SIGN_RSA_EMSA_PKCS1_SHA1:
463 case SIGN_ECDSA_WITH_SHA1_DER:
464 return HASH_SHA1;
465 case SIGN_RSA_EMSA_PKCS1_SHA2_224:
466 return HASH_SHA224;
467 case SIGN_RSA_EMSA_PKCS1_SHA2_256:
468 case SIGN_ECDSA_WITH_SHA256_DER:
469 case SIGN_ECDSA_256:
470 case SIGN_BLISS_WITH_SHA2_256:
471 return HASH_SHA256;
472 case SIGN_RSA_EMSA_PKCS1_SHA2_384:
473 case SIGN_ECDSA_WITH_SHA384_DER:
474 case SIGN_ECDSA_384:
475 case SIGN_BLISS_WITH_SHA2_384:
476 return HASH_SHA384;
477 case SIGN_RSA_EMSA_PKCS1_SHA2_512:
478 case SIGN_ECDSA_WITH_SHA512_DER:
479 case SIGN_ECDSA_521:
480 case SIGN_BLISS_WITH_SHA2_512:
481 return HASH_SHA512;
482 case SIGN_RSA_EMSA_PKCS1_SHA3_224:
483 return HASH_SHA3_224;
484 case SIGN_RSA_EMSA_PKCS1_SHA3_256:
485 case SIGN_BLISS_WITH_SHA3_256:
486 return HASH_SHA3_256;
487 case SIGN_RSA_EMSA_PKCS1_SHA3_384:
488 case SIGN_BLISS_WITH_SHA3_384:
489 return HASH_SHA3_384;
490 case SIGN_RSA_EMSA_PKCS1_SHA3_512:
491 case SIGN_BLISS_WITH_SHA3_512:
492 return HASH_SHA3_512;
493 }
494 return HASH_UNKNOWN;
495 }