1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25/* Copyright 2013 Saso Kiselkov. All rights reserved. */ 26 27#ifndef _SYS_SHA2_H 28#define _SYS_SHA2_H 29 30#include <sys/types.h> /* for uint_* */ 31 32#ifdef __cplusplus 33extern "C" { 34#endif 35 36#define SHA2_HMAC_MIN_KEY_LEN 1 /* SHA2-HMAC min key length in bytes */ 37#define SHA2_HMAC_MAX_KEY_LEN INT_MAX /* SHA2-HMAC max key length in bytes */ 38 39#define SHA256_DIGEST_LENGTH 32 /* SHA256 digest length in bytes */ 40#define SHA384_DIGEST_LENGTH 48 /* SHA384 digest length in bytes */ 41#define SHA512_DIGEST_LENGTH 64 /* SHA512 digest length in bytes */ 42 43/* Truncated versions of SHA-512 according to FIPS-180-4, section 5.3.6 */ 44#define SHA512_224_DIGEST_LENGTH 28 /* SHA512/224 digest length */ 45#define SHA512_256_DIGEST_LENGTH 32 /* SHA512/256 digest length */ 46 47#define SHA256_HMAC_BLOCK_SIZE 64 /* SHA256-HMAC block size */ 48#define SHA512_HMAC_BLOCK_SIZE 128 /* SHA512-HMAC block size */ 49 50#define SHA256 0 51#define SHA256_HMAC 1 52#define SHA256_HMAC_GEN 2 53#define SHA384 3 54#define SHA384_HMAC 4 55#define SHA384_HMAC_GEN 5 56#define SHA512 6 57#define SHA512_HMAC 7 58#define SHA512_HMAC_GEN 8 59#define SHA512_224 9 60#define SHA512_256 10 61 62/* 63 * SHA2 context. 64 * The contents of this structure are a private interface between the 65 * Init/Update/Final calls of the functions defined below. 66 * Callers must never attempt to read or write any of the fields 67 * in this structure directly. 68 */ 69 70#include <crypto/sha2/sha256.h> 71#include <crypto/sha2/sha384.h> 72#include <crypto/sha2/sha512.h> 73#include <crypto/sha2/sha512t.h> 74typedef struct { 75 uint32_t algotype; /* Algorithm Type */ 76 union { 77 SHA256_CTX SHA256_ctx; 78 SHA384_CTX SHA384_ctx; 79 SHA512_CTX SHA512_ctx; 80 }; 81} SHA2_CTX; 82 83extern void SHA256Init(SHA256_CTX *); 84 85extern void SHA256Update(SHA256_CTX *, const void *, size_t); 86 87extern void SHA256Final(void *, SHA256_CTX *); 88 89extern void SHA384Init(SHA384_CTX *); 90 91extern void SHA384Update(SHA384_CTX *, const void *, size_t); 92 93extern void SHA384Final(void *, SHA384_CTX *); 94 95extern void SHA512Init(SHA512_CTX *); 96 97extern void SHA512Update(SHA512_CTX *, const void *, size_t); 98 99extern void SHA512Final(void *, SHA512_CTX *); 100 101 102static inline void 103SHA2Init(uint64_t mech, SHA2_CTX *c) 104{ 105 switch (mech) { 106 case SHA256: 107 SHA256_Init(&c->SHA256_ctx); 108 break; 109 case SHA384: 110 SHA384_Init(&c->SHA384_ctx); 111 break; 112 case SHA512: 113 SHA512_Init(&c->SHA512_ctx); 114 break; 115 case SHA512_256: 116 SHA512_256_Init(&c->SHA512_ctx); 117 break; 118 default: 119 panic("unknown mechanism %ju", (uintmax_t)mech); 120 } 121 c->algotype = (uint32_t)mech; 122} 123 124static inline void 125SHA2Update(SHA2_CTX *c, const void *p, size_t s) 126{ 127 switch (c->algotype) { 128 case SHA256: 129 SHA256_Update(&c->SHA256_ctx, p, s); 130 break; 131 case SHA384: 132 SHA384_Update(&c->SHA384_ctx, p, s); 133 break; 134 case SHA512: 135 SHA512_Update(&c->SHA512_ctx, p, s); 136 break; 137 case SHA512_256: 138 SHA512_256_Update(&c->SHA512_ctx, p, s); 139 break; 140 default: 141 panic("unknown mechanism %d", c->algotype); 142 } 143} 144 145static inline void 146SHA2Final(void *p, SHA2_CTX *c) 147{ 148 switch (c->algotype) { 149 case SHA256: 150 SHA256_Final(p, &c->SHA256_ctx); 151 break; 152 case SHA384: 153 SHA384_Final(p, &c->SHA384_ctx); 154 break; 155 case SHA512: 156 SHA512_Final(p, &c->SHA512_ctx); 157 break; 158 case SHA512_256: 159 SHA512_256_Final(p, &c->SHA512_ctx); 160 break; 161 default: 162 panic("unknown mechanism %d", c->algotype); 163 } 164} 165 166#ifdef _SHA2_IMPL 167/* 168 * The following types/functions are all private to the implementation 169 * of the SHA2 functions and must not be used by consumers of the interface 170 */ 171 172/* 173 * List of support mechanisms in this module. 174 * 175 * It is important to note that in the module, division or modulus calculations 176 * are used on the enumerated type to determine which mechanism is being used; 177 * therefore, changing the order or additional mechanisms should be done 178 * carefully 179 */ 180typedef enum sha2_mech_type { 181 SHA256_MECH_INFO_TYPE, /* SUN_CKM_SHA256 */ 182 SHA256_HMAC_MECH_INFO_TYPE, /* SUN_CKM_SHA256_HMAC */ 183 SHA256_HMAC_GEN_MECH_INFO_TYPE, /* SUN_CKM_SHA256_HMAC_GENERAL */ 184 SHA384_MECH_INFO_TYPE, /* SUN_CKM_SHA384 */ 185 SHA384_HMAC_MECH_INFO_TYPE, /* SUN_CKM_SHA384_HMAC */ 186 SHA384_HMAC_GEN_MECH_INFO_TYPE, /* SUN_CKM_SHA384_HMAC_GENERAL */ 187 SHA512_MECH_INFO_TYPE, /* SUN_CKM_SHA512 */ 188 SHA512_HMAC_MECH_INFO_TYPE, /* SUN_CKM_SHA512_HMAC */ 189 SHA512_HMAC_GEN_MECH_INFO_TYPE, /* SUN_CKM_SHA512_HMAC_GENERAL */ 190 SHA512_224_MECH_INFO_TYPE, /* SUN_CKM_SHA512_224 */ 191 SHA512_256_MECH_INFO_TYPE /* SUN_CKM_SHA512_256 */ 192} sha2_mech_type_t; 193 194#endif /* _SHA2_IMPL */ 195 196#ifdef __cplusplus 197} 198#endif 199 200#endif /* _SYS_SHA2_H */ 201