]> git.saurik.com Git - apple/security.git/blob - libsecurity_ssl/lib/sslDigests.c
Security-55179.1.tar.gz
[apple/security.git] / libsecurity_ssl / lib / sslDigests.c
1 /*
2 * Copyright (c) 2000-2001,2005-2007,2010-2012 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*
25 * sslDigests.c - Interface between SSL and SHA, MD5 digest implementations
26 */
27
28 #include "sslContext.h"
29 #include "cryptType.h"
30 #include "sslMemory.h"
31 #include "sslDigests.h"
32 #include "sslDebug.h"
33
34 #include <CommonCrypto/CommonDigest.h>
35 #include <string.h>
36
37 #define DIGEST_PRINT 0
38 #if DIGEST_PRINT
39 #define dgprintf(s) printf s
40 #else
41 #define dgprintf(s)
42 #endif
43
44 const UInt8 SSLMACPad1[MAX_MAC_PADDING] =
45 {
46 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
47 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
48 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
49 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
50 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
51 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36
52 };
53
54 const UInt8 SSLMACPad2[MAX_MAC_PADDING] =
55 {
56 0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,
57 0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,
58 0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,
59 0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,
60 0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,
61 0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,0x5C,0x5C
62 };
63
64 /*
65 * Public general hash functions
66 */
67
68 /*
69 * A convenience wrapper for HashReference.clone, which has the added benefit of
70 * allocating the state buffer for the caller.
71 */
72 OSStatus
73 CloneHashState(
74 const HashReference *ref,
75 const SSLBuffer *state,
76 SSLBuffer *newState,
77 SSLContext *ctx)
78 {
79 OSStatus err;
80 if ((err = SSLAllocBuffer(newState, ref->contextSize, ctx)) != 0)
81 return err;
82 return ref->clone(state, newState);
83 }
84
85 /*
86 * Wrapper for HashReference.init.
87 */
88 OSStatus
89 ReadyHash(const HashReference *ref, SSLBuffer *state, SSLContext *ctx)
90 {
91 OSStatus err;
92 if ((err = SSLAllocBuffer(state, ref->contextSize, ctx)) != 0)
93 return err;
94 return ref->init(state, ctx);
95 }
96
97 /*
98 * Wrapper for HashReference.close. Tolerates NULL state and frees it if it's
99 * there.
100 */
101 OSStatus CloseHash(const HashReference *ref, SSLBuffer *state, SSLContext *ctx)
102 {
103 OSStatus serr;
104
105 if(state->data == NULL) {
106 return noErr;
107 }
108 serr = ref->close(state, ctx);
109 if(serr) {
110 return serr;
111 }
112 return SSLFreeBuffer(state, ctx);
113 }
114
115
116 /*** NULL ***/
117 static OSStatus HashNullInit(SSLBuffer *digestCtx, SSLContext *sslCtx) {
118 return noErr;
119 }
120 static OSStatus HashNullUpdate(SSLBuffer *digestCtx, const SSLBuffer *data) {
121 return noErr;
122 }
123 static OSStatus HashNullFinal(SSLBuffer *digestCtx, SSLBuffer *digest) {
124 return noErr;
125 }
126 static OSStatus HashNullClose(SSLBuffer *digestCtx, SSLContext *sslCtx) {
127 return noErr;
128 }
129 static OSStatus HashNullClone(const SSLBuffer *src, SSLBuffer *dest) {
130 return noErr;
131 }
132
133 /*** MD5 ***/
134 static OSStatus HashMD5Init(SSLBuffer *digestCtx, SSLContext *sslCtx)
135 {
136 assert(digestCtx->length >= sizeof(CC_MD5_CTX));
137 CC_MD5_CTX *ctx = (CC_MD5_CTX *)digestCtx->data;
138 CC_MD5_Init(ctx);
139 dgprintf(("###HashMD5Init ctx %p\n", ctx));
140 return noErr;
141 }
142
143 static OSStatus HashMD5Update(SSLBuffer *digestCtx, const SSLBuffer *data)
144 {
145 /* 64 bits cast: safe, SSL records are always smaller than 2^32 bytes */
146 assert(digestCtx->length >= sizeof(CC_MD5_CTX));
147 CC_MD5_CTX *ctx = (CC_MD5_CTX *)digestCtx->data;
148 CC_MD5_Update(ctx, data->data, (CC_LONG)data->length);
149 return noErr;
150 }
151
152 static OSStatus HashMD5Final(SSLBuffer *digestCtx, SSLBuffer *digest)
153 {
154 assert(digestCtx->length >= sizeof(CC_MD5_CTX));
155 CC_MD5_CTX *ctx = (CC_MD5_CTX *)digestCtx->data;
156 dgprintf(("###HashMD5Final ctx %p\n", ctx));
157 assert(digest->length >= CC_MD5_DIGEST_LENGTH);
158 //if (digest->length < CC_MD5_DIGEST_LENGTH)
159 // return errSSLCrypto;
160 CC_MD5_Final(digest->data, ctx);
161 digest->length = CC_MD5_DIGEST_LENGTH;
162 return noErr;
163 }
164
165 static OSStatus HashMD5Close(SSLBuffer *digestCtx, SSLContext *sslCtx)
166 {
167 assert(digestCtx->length >= sizeof(CC_MD5_CTX));
168 return noErr;
169 }
170
171 static OSStatus HashMD5Clone(const SSLBuffer *src, SSLBuffer *dst)
172 {
173 CC_MD5_CTX *srcCtx;
174 CC_MD5_CTX *dstCtx;
175
176 assert(src->length >= sizeof(CC_MD5_CTX));
177 assert(dst->length >= sizeof(CC_MD5_CTX));
178
179 srcCtx = (CC_MD5_CTX *)src->data;
180 dstCtx = (CC_MD5_CTX *)dst->data;
181 dgprintf(("###HashMD5Clone srcCtx %p dstCtx %p\n", srcCtx, dstCtx));
182
183 memcpy(dstCtx, srcCtx, sizeof(CC_MD5_CTX));
184 return noErr;
185 }
186
187 /*** SHA1 ***/
188 static OSStatus HashSHA1Init(SSLBuffer *digestCtx, SSLContext *sslCtx)
189 {
190 assert(digestCtx->length >= sizeof(CC_SHA1_CTX));
191 CC_SHA1_CTX *ctx = (CC_SHA1_CTX *)digestCtx->data;
192 CC_SHA1_Init(ctx);
193 dgprintf(("###HashSHA1Init ctx %p\n", ctx));
194 return noErr;
195 }
196
197 static OSStatus HashSHA1Update(SSLBuffer *digestCtx, const SSLBuffer *data)
198 {
199 /* 64 bits cast: safe, SSL records are always smaller than 2^32 bytes */
200 assert(digestCtx->length >= sizeof(CC_SHA1_CTX));
201 CC_SHA1_CTX *ctx = (CC_SHA1_CTX *)digestCtx->data;
202 CC_SHA1_Update(ctx, data->data, (CC_LONG)data->length);
203 return noErr;
204 }
205
206 static OSStatus HashSHA1Final(SSLBuffer *digestCtx, SSLBuffer *digest)
207 {
208 assert(digestCtx->length >= sizeof(CC_SHA1_CTX));
209 CC_SHA1_CTX *ctx = (CC_SHA1_CTX *)digestCtx->data;
210 dgprintf(("###HashSHA1Final ctx %p\n", ctx));
211 assert(digest->length >= CC_SHA1_DIGEST_LENGTH);
212 //if (digest->length < CC_SHA1_DIGEST_LENGTH)
213 // return errSSLCrypto;
214 CC_SHA1_Final(digest->data, ctx);
215 digest->length = CC_SHA1_DIGEST_LENGTH;
216 return noErr;
217 }
218
219 static OSStatus HashSHA1Close(SSLBuffer *digestCtx, SSLContext *sslCtx)
220 {
221 assert(digestCtx->length >= sizeof(CC_SHA1_CTX));
222 return noErr;
223 }
224
225 static OSStatus HashSHA1Clone(const SSLBuffer *src, SSLBuffer *dst)
226 {
227 CC_SHA1_CTX *srcCtx;
228 CC_SHA1_CTX *dstCtx;
229
230 assert(src->length >= sizeof(CC_SHA1_CTX));
231 assert(dst->length >= sizeof(CC_SHA1_CTX));
232
233 srcCtx = (CC_SHA1_CTX *)src->data;
234 dstCtx = (CC_SHA1_CTX *)dst->data;
235 dgprintf(("###HashSHA1Clone srcCtx %p dstCtx %p\n", srcCtx, dstCtx));
236
237 memcpy(dstCtx, srcCtx, sizeof(CC_SHA1_CTX));
238 return noErr;
239 }
240
241 /*** SHA256 ***/
242 static OSStatus HashSHA256Init(SSLBuffer *digestCtx, SSLContext *sslCtx)
243 {
244 assert(digestCtx->length >= sizeof(CC_SHA256_CTX));
245 CC_SHA256_CTX *ctx = (CC_SHA256_CTX *)digestCtx->data;
246 CC_SHA256_Init(ctx);
247 dgprintf(("###HashSHA256Init ctx %p\n", ctx));
248 return noErr;
249 }
250
251 static OSStatus HashSHA256Update(SSLBuffer *digestCtx, const SSLBuffer *data)
252 {
253 /* 64 bits cast: safe, SSL records are always smaller than 2^32 bytes */
254 assert(digestCtx->length >= sizeof(CC_SHA256_CTX));
255 CC_SHA256_CTX *ctx = (CC_SHA256_CTX *)digestCtx->data;
256 CC_SHA256_Update(ctx, data->data, (CC_LONG)data->length);
257 return noErr;
258 }
259
260 static OSStatus HashSHA256Final(SSLBuffer *digestCtx, SSLBuffer *digest)
261 {
262 assert(digestCtx->length >= sizeof(CC_SHA256_CTX));
263 CC_SHA256_CTX *ctx = (CC_SHA256_CTX *)digestCtx->data;
264 dgprintf(("###HashSHA256Final ctx %p\n", ctx));
265 assert(digest->length >= CC_SHA256_DIGEST_LENGTH);
266 //if (digest->length < CC_SHA256_DIGEST_LENGTH)
267 // return errSSLCrypto;
268 CC_SHA256_Final(digest->data, ctx);
269 digest->length = CC_SHA256_DIGEST_LENGTH;
270 return noErr;
271 }
272
273 static OSStatus HashSHA256Close(SSLBuffer *digestCtx, SSLContext *sslCtx)
274 {
275 assert(digestCtx->length >= sizeof(CC_SHA256_CTX));
276 return noErr;
277 }
278
279 static OSStatus HashSHA256Clone(const SSLBuffer *src, SSLBuffer *dst)
280 {
281 CC_SHA256_CTX *srcCtx;
282 CC_SHA256_CTX *dstCtx;
283
284 assert(src->length >= sizeof(CC_SHA256_CTX));
285 assert(dst->length >= sizeof(CC_SHA256_CTX));
286
287 srcCtx = (CC_SHA256_CTX *)src->data;
288 dstCtx = (CC_SHA256_CTX *)dst->data;
289 dgprintf(("###HashSHA256Clone srcCtx %p dstCtx %p\n", srcCtx, dstCtx));
290
291 memcpy(dstCtx, srcCtx, sizeof(CC_SHA256_CTX));
292 return noErr;
293 }
294
295 /*** SHA384 ***/
296 static OSStatus HashSHA384Init(SSLBuffer *digestCtx, SSLContext *sslCtx)
297 {
298 assert(digestCtx->length >= sizeof(CC_SHA512_CTX));
299 CC_SHA512_CTX *ctx = (CC_SHA512_CTX *)digestCtx->data;
300 CC_SHA384_Init(ctx);
301 dgprintf(("###HashSHA384Init ctx %p\n", ctx));
302 return noErr;
303 }
304
305 static OSStatus HashSHA384Update(SSLBuffer *digestCtx, const SSLBuffer *data)
306 {
307 /* 64 bits cast: safe, SSL records are always smaller than 2^32 bytes */
308 assert(digestCtx->length >= sizeof(CC_SHA512_CTX));
309 CC_SHA512_CTX *ctx = (CC_SHA512_CTX *)digestCtx->data;
310 CC_SHA384_Update(ctx, data->data, (CC_LONG)data->length);
311 return noErr;
312 }
313
314 static OSStatus HashSHA384Final(SSLBuffer *digestCtx, SSLBuffer *digest)
315 {
316 assert(digestCtx->length >= sizeof(CC_SHA512_CTX));
317 CC_SHA512_CTX *ctx = (CC_SHA512_CTX *)digestCtx->data;
318 dgprintf(("###HashSHA384Final ctx %p\n", ctx));
319 assert(digest->length >= CC_SHA384_DIGEST_LENGTH);
320 //if (digest->length < CC_SHA384_DIGEST_LENGTH)
321 // return errSSLCrypto;
322 CC_SHA384_Final(digest->data, ctx);
323 digest->length = CC_SHA384_DIGEST_LENGTH;
324 return noErr;
325 }
326
327 static OSStatus HashSHA384Close(SSLBuffer *digestCtx, SSLContext *sslCtx)
328 {
329 assert(digestCtx->length >= sizeof(CC_SHA512_CTX));
330 return noErr;
331 }
332
333 static OSStatus HashSHA384Clone(const SSLBuffer *src, SSLBuffer *dst)
334 {
335 CC_SHA512_CTX *srcCtx;
336 CC_SHA512_CTX *dstCtx;
337
338 assert(src->length >= sizeof(CC_SHA512_CTX));
339 assert(dst->length >= sizeof(CC_SHA512_CTX));
340
341 srcCtx = (CC_SHA512_CTX *)src->data;
342 dstCtx = (CC_SHA512_CTX *)dst->data;
343 dgprintf(("###HashSHA384Clone srcCtx %p dstCtx %p\n", srcCtx, dstCtx));
344
345 memcpy(dstCtx, srcCtx, sizeof(CC_SHA512_CTX));
346 return noErr;
347 }
348
349 /*
350 * These are the handles by which the bulk of digesting work
351 * is done.
352 */
353 const HashReference SSLHashNull =
354 {
355 0,
356 0,
357 0,
358 HashNullInit,
359 HashNullUpdate,
360 HashNullFinal,
361 HashNullClose,
362 HashNullClone
363 };
364
365 const HashReference SSLHashMD5 =
366 {
367 sizeof(CC_MD5_CTX),
368 CC_MD5_DIGEST_LENGTH,
369 48,
370 HashMD5Init,
371 HashMD5Update,
372 HashMD5Final,
373 HashMD5Close,
374 HashMD5Clone
375 };
376
377 const HashReference SSLHashSHA1 =
378 {
379 sizeof(CC_SHA1_CTX),
380 CC_SHA1_DIGEST_LENGTH,
381 40,
382 HashSHA1Init,
383 HashSHA1Update,
384 HashSHA1Final,
385 HashSHA1Close,
386 HashSHA1Clone
387 };
388
389 const HashReference SSLHashSHA256 =
390 {
391 sizeof(CC_SHA256_CTX),
392 CC_SHA256_DIGEST_LENGTH,
393 CC_SHA256_BLOCK_BYTES,
394 HashSHA256Init,
395 HashSHA256Update,
396 HashSHA256Final,
397 HashSHA256Close,
398 HashSHA256Clone
399 };
400
401 const HashReference SSLHashSHA384 =
402 {
403 sizeof(CC_SHA512_CTX),
404 CC_SHA384_DIGEST_LENGTH,
405 CC_SHA384_BLOCK_BYTES,
406 HashSHA384Init,
407 HashSHA384Update,
408 HashSHA384Final,
409 HashSHA384Close,
410 HashSHA384Clone
411 };