hasher: Add function to determine length of hashes
[strongswan.git] / src / libstrongswan / crypto / hashers / hasher.c
1 /*
2 * Copyright (C) 2012-2015 Tobias Brunner
3 * Copyright (C) 2015-2017 Andreas Steffen
4 * Copyright (C) 2005-2006 Martin Willi
5 * Copyright (C) 2005 Jan Hutter
6 * HSR Hochschule fuer Technik Rapperswil
7 *
8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2 of the License, or (at your
11 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
12 *
13 * This program is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
15 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
16 * for more details.
17 */
18
19 #include "hasher.h"
20
21 #include <asn1/oid.h>
22
23 ENUM_BEGIN(hash_algorithm_names, HASH_SHA1, HASH_IDENTITY,
24 "HASH_SHA1",
25 "HASH_SHA256",
26 "HASH_SHA384",
27 "HASH_SHA512",
28 "HASH_IDENTITY");
29 ENUM_NEXT(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_IDENTITY,
30 "HASH_UNKNOWN",
31 "HASH_MD2",
32 "HASH_MD4",
33 "HASH_MD5",
34 "HASH_SHA224",
35 "HASH_SHA3_224",
36 "HASH_SHA3_256",
37 "HASH_SHA3_384",
38 "HASH_SHA3_512");
39 ENUM_END(hash_algorithm_names, HASH_SHA3_512);
40
41 ENUM_BEGIN(hash_algorithm_short_names, HASH_SHA1, HASH_IDENTITY,
42 "sha1",
43 "sha256",
44 "sha384",
45 "sha512",
46 "identity");
47 ENUM_NEXT(hash_algorithm_short_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_IDENTITY,
48 "unknown",
49 "md2",
50 "md4",
51 "md5",
52 "sha224",
53 "sha3_224",
54 "sha3_256",
55 "sha3_384",
56 "sha3_512");
57 ENUM_END(hash_algorithm_short_names, HASH_SHA3_512);
58
59 /*
60 * Described in header
61 */
62 size_t hasher_hash_size(hash_algorithm_t alg)
63 {
64 switch (alg)
65 {
66 case HASH_SHA1:
67 return HASH_SIZE_SHA1;
68 case HASH_SHA256:
69 return HASH_SIZE_SHA256;
70 case HASH_SHA384:
71 return HASH_SIZE_SHA384;
72 case HASH_SHA512:
73 return HASH_SIZE_SHA512;
74 case HASH_MD2:
75 return HASH_SIZE_MD2;
76 case HASH_MD4:
77 return HASH_SIZE_MD4;
78 case HASH_MD5:
79 return HASH_SIZE_MD5;
80 case HASH_SHA224:
81 return HASH_SIZE_SHA224;
82 case HASH_SHA3_224:
83 return HASH_SIZE_SHA224;
84 case HASH_SHA3_256:
85 return HASH_SIZE_SHA256;
86 case HASH_SHA3_384:
87 return HASH_SIZE_SHA384;
88 case HASH_SHA3_512:
89 return HASH_SIZE_SHA512;
90 case HASH_IDENTITY:
91 case HASH_UNKNOWN:
92 break;
93 }
94 return 0;
95 }
96
97 /*
98 * Described in header.
99 */
100 hash_algorithm_t hasher_algorithm_from_oid(int oid)
101 {
102 switch (oid)
103 {
104 case OID_MD2:
105 case OID_MD2_WITH_RSA:
106 return HASH_MD2;
107 case OID_MD5:
108 case OID_MD5_WITH_RSA:
109 return HASH_MD5;
110 case OID_SHA1:
111 case OID_SHA1_WITH_RSA:
112 return HASH_SHA1;
113 case OID_SHA224:
114 case OID_SHA224_WITH_RSA:
115 return HASH_SHA224;
116 case OID_SHA256:
117 case OID_SHA256_WITH_RSA:
118 return HASH_SHA256;
119 case OID_SHA384:
120 case OID_SHA384_WITH_RSA:
121 return HASH_SHA384;
122 case OID_SHA512:
123 case OID_SHA512_WITH_RSA:
124 return HASH_SHA512;
125 case OID_SHA3_224:
126 case OID_RSASSA_PKCS1V15_WITH_SHA3_224:
127 return HASH_SHA3_224;
128 case OID_SHA3_256:
129 case OID_RSASSA_PKCS1V15_WITH_SHA3_256:
130 return HASH_SHA3_256;
131 case OID_SHA3_384:
132 case OID_RSASSA_PKCS1V15_WITH_SHA3_384:
133 return HASH_SHA3_384;
134 case OID_SHA3_512:
135 case OID_RSASSA_PKCS1V15_WITH_SHA3_512:
136 return HASH_SHA3_512;
137 case OID_ED25519:
138 case OID_ED448:
139 return HASH_IDENTITY;
140 default:
141 return HASH_UNKNOWN;
142 }
143 }
144
145 /*
146 * Described in header.
147 */
148 hash_algorithm_t hasher_algorithm_from_prf(pseudo_random_function_t alg)
149 {
150 switch (alg)
151 {
152 case PRF_HMAC_MD5:
153 return HASH_MD5;
154 case PRF_HMAC_SHA1:
155 case PRF_FIPS_SHA1_160:
156 case PRF_KEYED_SHA1:
157 return HASH_SHA1;
158 case PRF_HMAC_SHA2_256:
159 return HASH_SHA256;
160 case PRF_HMAC_SHA2_384:
161 return HASH_SHA384;
162 case PRF_HMAC_SHA2_512:
163 return HASH_SHA512;
164 case PRF_HMAC_TIGER:
165 case PRF_AES128_XCBC:
166 case PRF_AES128_CMAC:
167 case PRF_FIPS_DES:
168 case PRF_CAMELLIA128_XCBC:
169 case PRF_UNDEFINED:
170 break;
171 }
172 return HASH_UNKNOWN;
173 }
174
175 /*
176 * Described in header.
177 */
178 hash_algorithm_t hasher_algorithm_from_integrity(integrity_algorithm_t alg,
179 size_t *length)
180 {
181 if (length)
182 {
183 switch (alg)
184 {
185 case AUTH_HMAC_MD5_96:
186 case AUTH_HMAC_SHA1_96:
187 case AUTH_HMAC_SHA2_256_96:
188 *length = 12;
189 break;
190 case AUTH_HMAC_MD5_128:
191 case AUTH_HMAC_SHA1_128:
192 case AUTH_HMAC_SHA2_256_128:
193 *length = 16;
194 break;
195 case AUTH_HMAC_SHA1_160:
196 *length = 20;
197 break;
198 case AUTH_HMAC_SHA2_384_192:
199 *length = 24;
200 break;
201 case AUTH_HMAC_SHA2_256_256:
202 case AUTH_HMAC_SHA2_512_256:
203 *length = 32;
204 break;
205 case AUTH_HMAC_SHA2_384_384:
206 *length = 48;
207 break;
208 case AUTH_HMAC_SHA2_512_512:
209 *length = 64;
210 break;
211 default:
212 break;
213 }
214 }
215 switch (alg)
216 {
217 case AUTH_HMAC_MD5_96:
218 case AUTH_HMAC_MD5_128:
219 case AUTH_KPDK_MD5:
220 return HASH_MD5;
221 case AUTH_HMAC_SHA1_96:
222 case AUTH_HMAC_SHA1_128:
223 case AUTH_HMAC_SHA1_160:
224 return HASH_SHA1;
225 case AUTH_HMAC_SHA2_256_96:
226 case AUTH_HMAC_SHA2_256_128:
227 case AUTH_HMAC_SHA2_256_256:
228 return HASH_SHA256;
229 case AUTH_HMAC_SHA2_384_192:
230 case AUTH_HMAC_SHA2_384_384:
231 return HASH_SHA384;
232 case AUTH_HMAC_SHA2_512_256:
233 case AUTH_HMAC_SHA2_512_512:
234 return HASH_SHA512;
235 case AUTH_AES_CMAC_96:
236 case AUTH_AES_128_GMAC:
237 case AUTH_AES_192_GMAC:
238 case AUTH_AES_256_GMAC:
239 case AUTH_AES_XCBC_96:
240 case AUTH_DES_MAC:
241 case AUTH_CAMELLIA_XCBC_96:
242 case AUTH_UNDEFINED:
243 break;
244 }
245 return HASH_UNKNOWN;
246 }
247
248 /*
249 * Described in header.
250 */
251 integrity_algorithm_t hasher_algorithm_to_integrity(hash_algorithm_t alg,
252 size_t length)
253 {
254 switch (alg)
255 {
256 case HASH_MD5:
257 switch (length)
258 {
259 case 12:
260 return AUTH_HMAC_MD5_96;
261 case 16:
262 return AUTH_HMAC_MD5_128;
263 }
264 break;
265 case HASH_SHA1:
266 switch (length)
267 {
268 case 12:
269 return AUTH_HMAC_SHA1_96;
270 case 16:
271 return AUTH_HMAC_SHA1_128;
272 case 20:
273 return AUTH_HMAC_SHA1_160;
274 }
275 break;
276 case HASH_SHA256:
277 switch (length)
278 {
279 case 12:
280 return AUTH_HMAC_SHA2_256_96;
281 case 16:
282 return AUTH_HMAC_SHA2_256_128;
283 case 32:
284 return AUTH_HMAC_SHA2_256_256;
285 }
286 break;
287 case HASH_SHA384:
288 switch (length)
289 {
290 case 24:
291 return AUTH_HMAC_SHA2_384_192;
292 case 48:
293 return AUTH_HMAC_SHA2_384_384;
294
295 }
296 break;
297 case HASH_SHA512:
298 switch (length)
299 {
300 case 32:
301 return AUTH_HMAC_SHA2_512_256;
302 case 64:
303 return AUTH_HMAC_SHA2_512_512;
304 }
305 break;
306 case HASH_MD2:
307 case HASH_MD4:
308 case HASH_SHA224:
309 case HASH_SHA3_224:
310 case HASH_SHA3_256:
311 case HASH_SHA3_384:
312 case HASH_SHA3_512:
313 case HASH_IDENTITY:
314 case HASH_UNKNOWN:
315 break;
316 }
317 return AUTH_UNDEFINED;
318 }
319
320 /*
321 * Described in header.
322 */
323 bool hasher_algorithm_for_ikev2(hash_algorithm_t alg)
324 {
325 switch (alg)
326 {
327 case HASH_IDENTITY:
328 case HASH_SHA256:
329 case HASH_SHA384:
330 case HASH_SHA512:
331 return TRUE;
332 case HASH_UNKNOWN:
333 case HASH_MD2:
334 case HASH_MD4:
335 case HASH_MD5:
336 case HASH_SHA1:
337 case HASH_SHA224:
338 case HASH_SHA3_224:
339 case HASH_SHA3_256:
340 case HASH_SHA3_384:
341 case HASH_SHA3_512:
342 break;
343 }
344 return FALSE;
345 }
346
347 /*
348 * Described in header.
349 */
350 int hasher_algorithm_to_oid(hash_algorithm_t alg)
351 {
352 int oid;
353
354 switch (alg)
355 {
356 case HASH_MD2:
357 oid = OID_MD2;
358 break;
359 case HASH_MD5:
360 oid = OID_MD5;
361 break;
362 case HASH_SHA1:
363 oid = OID_SHA1;
364 break;
365 case HASH_SHA224:
366 oid = OID_SHA224;
367 break;
368 case HASH_SHA256:
369 oid = OID_SHA256;
370 break;
371 case HASH_SHA384:
372 oid = OID_SHA384;
373 break;
374 case HASH_SHA512:
375 oid = OID_SHA512;
376 break;
377 case HASH_SHA3_224:
378 oid = OID_SHA3_224;
379 break;
380 case HASH_SHA3_256:
381 oid = OID_SHA3_256;
382 break;
383 case HASH_SHA3_384:
384 oid = OID_SHA3_384;
385 break;
386 case HASH_SHA3_512:
387 oid = OID_SHA3_512;
388 break;
389 default:
390 oid = OID_UNKNOWN;
391 }
392 return oid;
393 }
394
395 /*
396 * Described in header.
397 */
398 int hasher_signature_algorithm_to_oid(hash_algorithm_t alg, key_type_t key)
399 {
400 switch (key)
401 {
402 case KEY_RSA:
403 switch (alg)
404 {
405 case HASH_MD2:
406 return OID_MD2_WITH_RSA;
407 case HASH_MD5:
408 return OID_MD5_WITH_RSA;
409 case HASH_SHA1:
410 return OID_SHA1_WITH_RSA;
411 case HASH_SHA224:
412 return OID_SHA224_WITH_RSA;
413 case HASH_SHA256:
414 return OID_SHA256_WITH_RSA;
415 case HASH_SHA384:
416 return OID_SHA384_WITH_RSA;
417 case HASH_SHA512:
418 return OID_SHA512_WITH_RSA;
419 case HASH_SHA3_224:
420 return OID_RSASSA_PKCS1V15_WITH_SHA3_224;
421 case HASH_SHA3_256:
422 return OID_RSASSA_PKCS1V15_WITH_SHA3_256;
423 case HASH_SHA3_384:
424 return OID_RSASSA_PKCS1V15_WITH_SHA3_384;
425 case HASH_SHA3_512:
426 return OID_RSASSA_PKCS1V15_WITH_SHA3_512;
427 default:
428 return OID_UNKNOWN;
429 }
430 case KEY_ECDSA:
431 switch (alg)
432 {
433 case HASH_SHA1:
434 return OID_ECDSA_WITH_SHA1;
435 case HASH_SHA256:
436 return OID_ECDSA_WITH_SHA256;
437 case HASH_SHA384:
438 return OID_ECDSA_WITH_SHA384;
439 case HASH_SHA512:
440 return OID_ECDSA_WITH_SHA512;
441 default:
442 return OID_UNKNOWN;
443 }
444 case KEY_ED25519:
445 switch (alg)
446 {
447 case HASH_IDENTITY:
448 return OID_ED25519;
449 default:
450 return OID_UNKNOWN;
451 }
452 case KEY_ED448:
453 switch (alg)
454 {
455 case HASH_IDENTITY:
456 return OID_ED448;
457 default:
458 return OID_UNKNOWN;
459 }
460 case KEY_BLISS:
461 switch (alg)
462 {
463 case HASH_SHA256:
464 return OID_BLISS_WITH_SHA2_256;
465 case HASH_SHA384:
466 return OID_BLISS_WITH_SHA2_384;
467 case HASH_SHA512:
468 return OID_BLISS_WITH_SHA2_512;
469 case HASH_SHA3_256:
470 return OID_BLISS_WITH_SHA3_256;
471 case HASH_SHA3_384:
472 return OID_BLISS_WITH_SHA3_384;
473 case HASH_SHA3_512:
474 return OID_BLISS_WITH_SHA3_512;
475 default:
476 return OID_UNKNOWN;
477 }
478 default:
479 return OID_UNKNOWN;
480 }
481 }
482
483 /*
484 * Defined in header.
485 */
486 hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme)
487 {
488 switch (scheme)
489 {
490 case SIGN_UNKNOWN:
491 case SIGN_RSA_EMSA_PKCS1_NULL:
492 case SIGN_ECDSA_WITH_NULL:
493 case SIGN_RSA_EMSA_PSS:
494 break;
495 case SIGN_ED25519:
496 case SIGN_ED448:
497 return HASH_IDENTITY;
498 case SIGN_RSA_EMSA_PKCS1_MD5:
499 return HASH_MD5;
500 case SIGN_RSA_EMSA_PKCS1_SHA1:
501 case SIGN_ECDSA_WITH_SHA1_DER:
502 return HASH_SHA1;
503 case SIGN_RSA_EMSA_PKCS1_SHA2_224:
504 return HASH_SHA224;
505 case SIGN_RSA_EMSA_PKCS1_SHA2_256:
506 case SIGN_ECDSA_WITH_SHA256_DER:
507 case SIGN_ECDSA_256:
508 case SIGN_BLISS_WITH_SHA2_256:
509 return HASH_SHA256;
510 case SIGN_RSA_EMSA_PKCS1_SHA2_384:
511 case SIGN_ECDSA_WITH_SHA384_DER:
512 case SIGN_ECDSA_384:
513 case SIGN_BLISS_WITH_SHA2_384:
514 return HASH_SHA384;
515 case SIGN_RSA_EMSA_PKCS1_SHA2_512:
516 case SIGN_ECDSA_WITH_SHA512_DER:
517 case SIGN_ECDSA_521:
518 case SIGN_BLISS_WITH_SHA2_512:
519 return HASH_SHA512;
520 case SIGN_RSA_EMSA_PKCS1_SHA3_224:
521 return HASH_SHA3_224;
522 case SIGN_RSA_EMSA_PKCS1_SHA3_256:
523 case SIGN_BLISS_WITH_SHA3_256:
524 return HASH_SHA3_256;
525 case SIGN_RSA_EMSA_PKCS1_SHA3_384:
526 case SIGN_BLISS_WITH_SHA3_384:
527 return HASH_SHA3_384;
528 case SIGN_RSA_EMSA_PKCS1_SHA3_512:
529 case SIGN_BLISS_WITH_SHA3_512:
530 return HASH_SHA3_512;
531 }
532 return HASH_UNKNOWN;
533 }