openssh-portable/md-sha256.c

/* $OpenBSD: md-sha256.c,v 1.5 2006/08/03 03:34:42 deraadt Exp $ */
/*
 * Copyright (c) 2005 Damien Miller <djm@openbsd.org>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

/* EVP wrapper for SHA256 */

#include "includes.h"

#include <sys/types.h>
#include <openssl/opensslv.h>

#if !defined(HAVE_EVP_SHA256) && (OPENSSL_VERSION_NUMBER >= 0x00907000L)

#include <string.h>
#include <openssl/evp.h>
#ifdef HAVE_SHA256_UPDATE
# ifdef HAVE_SHA2_H
#  include <sha2.h>
# elif defined(HAVE_CRYPTO_SHA2_H)
#  include <crypto/sha2.h>
# endif
#endif

const EVP_MD *evp_ssh_sha256(void);

static int
ssh_sha256_init(EVP_MD_CTX *ctxt)
{
	SHA256_Init(ctxt->md_data);
	return (1);
}

static int
ssh_sha256_update(EVP_MD_CTX *ctxt, const void *data, unsigned long len)
{
	SHA256_Update(ctxt->md_data, data, len);
	return (1);
}

static int
ssh_sha256_final(EVP_MD_CTX *ctxt, unsigned char *digest)
{
	SHA256_Final(digest, ctxt->md_data);
	return (1);
}

static int
ssh_sha256_cleanup(EVP_MD_CTX *ctxt)
{
	memset(ctxt->md_data, 0, sizeof(SHA256_CTX));
	return (1);
}

const EVP_MD *
evp_ssh_sha256(void)
{
	static EVP_MD ssh_sha256;

	memset(&ssh_sha256, 0, sizeof(ssh_sha256));
	ssh_sha256.type = NID_undef;
	ssh_sha256.md_size = SHA256_DIGEST_LENGTH;
	ssh_sha256.init = ssh_sha256_init;
	ssh_sha256.update = ssh_sha256_update;
	ssh_sha256.final = ssh_sha256_final;
	ssh_sha256.cleanup = ssh_sha256_cleanup;
	ssh_sha256.block_size = SHA256_BLOCK_LENGTH;
	ssh_sha256.ctx_size = sizeof(SHA256_CTX);

	return (&ssh_sha256);
}

#endif /* !defined(HAVE_EVP_SHA256) && (OPENSSL_VERSION_NUMBER >= 0x00907000L) */
- deraadt@cvs.openbsd.org 2006/08/03 03:34:42 [OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c] [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ] [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c] [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c] [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c] [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c] [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c] [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c] [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h] [serverloop.c session.c session.h sftp-client.c sftp-common.c] [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c] [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c] [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c] [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c] [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h] [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h] almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step NB. portable commit contains everything except removing includes.h, as that will take a fair bit more work as we move headers that are required for portability workarounds to defines.h. (also, this step wasn't "easy") 2006-08-05 04:39:39 +02:00			`/* $OpenBSD: md-sha256.c,v 1.5 2006/08/03 03:34:42 deraadt Exp $ */`
- djm@cvs.openbsd.org 2006/03/07 09:07:40 [kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] Implement the diffie-hellman-group-exchange-sha256 key exchange method using the SHA256 code in libc (and wrapper to make it into an OpenSSL EVP), interop tested against CVS PuTTY NB. no portability bits committed yet 2006-03-15 02:08:28 +01:00			`/*`
			`* Copyright (c) 2005 Damien Miller <djm@openbsd.org>`
			`*`
			`* Permission to use, copy, modify, and distribute this software for any`
			`* purpose with or without fee is hereby granted, provided that the above`
			`* copyright notice and this permission notice appear in all copies.`
			`*`
			`* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES`
			`* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF`
			`* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR`
			`* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES`
			`* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN`
			`* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF`
			`* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.`
			`*/`

			`/* EVP wrapper for SHA256 */`

			`#include "includes.h"`
- deraadt@cvs.openbsd.org 2006/08/03 03:34:42 [OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c] [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ] [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c] [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c] [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c] [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c] [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c] [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c] [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h] [serverloop.c session.c session.h sftp-client.c sftp-common.c] [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c] [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c] [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c] [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c] [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h] [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h] almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step NB. portable commit contains everything except removing includes.h, as that will take a fair bit more work as we move headers that are required for portability workarounds to defines.h. (also, this step wasn't "easy") 2006-08-05 04:39:39 +02:00
			`#include <sys/types.h>`
- (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h] Disable sha256 when openssl < 0.9.7. Patch from djm@. Corrections/testing by me. 2006-03-16 05:17:05 +01:00			`#include <openssl/opensslv.h>`
- (djm) [configure.ac defines.h kex.c md-sha256.c] [openbsd-compat/sha2.h openbsd-compat/openbsd-compat.h] [openbsd-compat/sha2.c] First stab at portability glue for SHA256 KEX support, should work with libc SHA256 support or OpenSSL EVP_sha256 if present 2006-03-15 03:02:28 +01:00
- (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h] Disable sha256 when openssl < 0.9.7. Patch from djm@. Corrections/testing by me. 2006-03-16 05:17:05 +01:00			`#if !defined(HAVE_EVP_SHA256) && (OPENSSL_VERSION_NUMBER >= 0x00907000L)`
- (djm) [configure.ac defines.h kex.c md-sha256.c] [openbsd-compat/sha2.h openbsd-compat/openbsd-compat.h] [openbsd-compat/sha2.c] First stab at portability glue for SHA256 KEX support, should work with libc SHA256 support or OpenSSL EVP_sha256 if present 2006-03-15 03:02:28 +01:00
- (djm) [md-sha256.c configure.ac] md-sha256.c needs sha2.h if present 2006-03-15 03:12:41 +01:00			`#include <string.h>`
- djm@cvs.openbsd.org 2006/03/07 09:07:40 [kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] Implement the diffie-hellman-group-exchange-sha256 key exchange method using the SHA256 code in libc (and wrapper to make it into an OpenSSL EVP), interop tested against CVS PuTTY NB. no portability bits committed yet 2006-03-15 02:08:28 +01:00			`#include <openssl/evp.h>`
- (dtucker) [configure.ac md-sha256.c] NetBSD has sha2.h in /usr/include/crypto. Hint from djm@. 2006-03-15 22:14:34 +01:00			`#ifdef HAVE_SHA256_UPDATE`
			`# ifdef HAVE_SHA2_H`
			`# include <sha2.h>`
			`# elif defined(HAVE_CRYPTO_SHA2_H)`
			`# include <crypto/sha2.h>`
			`# endif`
- (djm) [md-sha256.c configure.ac] md-sha256.c needs sha2.h if present 2006-03-15 03:12:41 +01:00			`#endif`
- djm@cvs.openbsd.org 2006/03/07 09:07:40 [kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] Implement the diffie-hellman-group-exchange-sha256 key exchange method using the SHA256 code in libc (and wrapper to make it into an OpenSSL EVP), interop tested against CVS PuTTY NB. no portability bits committed yet 2006-03-15 02:08:28 +01:00
			`const EVP_MD *evp_ssh_sha256(void);`

			`static int`
			`ssh_sha256_init(EVP_MD_CTX *ctxt)`
			`{`
			`SHA256_Init(ctxt->md_data);`
			`return (1);`
			`}`

			`static int`
			`ssh_sha256_update(EVP_MD_CTX ctxt, const void data, unsigned long len)`
			`{`
			`SHA256_Update(ctxt->md_data, data, len);`
			`return (1);`
			`}`

			`static int`
			`ssh_sha256_final(EVP_MD_CTX ctxt, unsigned char digest)`
			`{`
			`SHA256_Final(digest, ctxt->md_data);`
			`return (1);`
			`}`

			`static int`
			`ssh_sha256_cleanup(EVP_MD_CTX *ctxt)`
			`{`
			`memset(ctxt->md_data, 0, sizeof(SHA256_CTX));`
			`return (1);`
			`}`

			`const EVP_MD *`
			`evp_ssh_sha256(void)`
			`{`
			`static EVP_MD ssh_sha256;`

			`memset(&ssh_sha256, 0, sizeof(ssh_sha256));`
			`ssh_sha256.type = NID_undef;`
			`ssh_sha256.md_size = SHA256_DIGEST_LENGTH;`
			`ssh_sha256.init = ssh_sha256_init;`
			`ssh_sha256.update = ssh_sha256_update;`
			`ssh_sha256.final = ssh_sha256_final;`
			`ssh_sha256.cleanup = ssh_sha256_cleanup;`
			`ssh_sha256.block_size = SHA256_BLOCK_LENGTH;`
			`ssh_sha256.ctx_size = sizeof(SHA256_CTX);`

			`return (&ssh_sha256);`
			`}`
- (djm) [configure.ac defines.h kex.c md-sha256.c] [openbsd-compat/sha2.h openbsd-compat/openbsd-compat.h] [openbsd-compat/sha2.c] First stab at portability glue for SHA256 KEX support, should work with libc SHA256 support or OpenSSL EVP_sha256 if present 2006-03-15 03:02:28 +01:00
- (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h] Disable sha256 when openssl < 0.9.7. Patch from djm@. Corrections/testing by me. 2006-03-16 05:17:05 +01:00			`#endif /* !defined(HAVE_EVP_SHA256) && (OPENSSL_VERSION_NUMBER >= 0x00907000L) */`
- (djm) [configure.ac defines.h kex.c md-sha256.c] [openbsd-compat/sha2.h openbsd-compat/openbsd-compat.h] [openbsd-compat/sha2.c] First stab at portability glue for SHA256 KEX support, should work with libc SHA256 support or OpenSSL EVP_sha256 if present 2006-03-15 03:02:28 +01:00