/src/strongswan/src/libstrongswan/crypto/hashers/hasher.c

Source (jump to first uncovered line)
/*
 * Copyright (C) 2012-2015 Tobias Brunner
 * Copyright (C) 2015-2017 Andreas Steffen
 * Copyright (C) 2005-2006 Martin Willi
 * Copyright (C) 2005 Jan Hutter
 *
 * Copyright (C) secunet Security Networks AG
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

#include "hasher.h"

#include <asn1/oid.h>
#include <credentials/keys/signature_params.h>

ENUM_BEGIN(hash_algorithm_names, HASH_SHA1, HASH_IDENTITY,
  "HASH_SHA1",
  "HASH_SHA2_256",
  "HASH_SHA2_384",
  "HASH_SHA2_512",
  "HASH_IDENTITY");
ENUM_NEXT(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_IDENTITY,
  "HASH_UNKNOWN",
  "HASH_MD2",
  "HASH_MD4",
  "HASH_MD5",
  "HASH_SHA2_224",
  "HASH_SHA3_224",
  "HASH_SHA3_256",
  "HASH_SHA3_384",
  "HASH_SHA3_512");
ENUM_END(hash_algorithm_names, HASH_SHA3_512);

ENUM_BEGIN(hash_algorithm_short_names, HASH_SHA1, HASH_IDENTITY,
  "sha1",
  "sha256",
  "sha384",
  "sha512",
  "identity");
ENUM_NEXT(hash_algorithm_short_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_IDENTITY,
  "unknown",
  "md2",
  "md4",
  "md5",
  "sha224",
  "sha3_224",
  "sha3_256",
  "sha3_384",
  "sha3_512");
ENUM_END(hash_algorithm_short_names, HASH_SHA3_512);

ENUM_BEGIN(hash_algorithm_short_names_upper, HASH_SHA1, HASH_IDENTITY,
  "SHA1",
  "SHA2_256",
  "SHA2_384",
  "SHA2_512",
  "IDENTITY");
ENUM_NEXT(hash_algorithm_short_names_upper, HASH_UNKNOWN, HASH_SHA3_512, HASH_IDENTITY,
  "UNKNOWN",
  "MD2",
  "MD4",
  "MD5",
  "SHA2_224",
  "SHA3_224",
  "SHA3_256",
  "SHA3_384",
  "SHA3_512");
ENUM_END(hash_algorithm_short_names_upper, HASH_SHA3_512);

/*
 * Described in header
 */
size_t hasher_hash_size(hash_algorithm_t alg)
{
  switch (alg)
  {
    case HASH_SHA1:
      return HASH_SIZE_SHA1;
    case HASH_SHA256:
      return HASH_SIZE_SHA256;
    case HASH_SHA384:
      return HASH_SIZE_SHA384;
    case HASH_SHA512:
      return HASH_SIZE_SHA512;
    case HASH_MD2:
      return HASH_SIZE_MD2;
    case HASH_MD4:
      return HASH_SIZE_MD4;
    case HASH_MD5:
      return HASH_SIZE_MD5;
    case HASH_SHA224:
      return HASH_SIZE_SHA224;
    case HASH_SHA3_224:
      return HASH_SIZE_SHA224;
    case HASH_SHA3_256:
      return HASH_SIZE_SHA256;
    case HASH_SHA3_384:
      return HASH_SIZE_SHA384;
    case HASH_SHA3_512:
      return HASH_SIZE_SHA512;
    case HASH_IDENTITY:
    case HASH_UNKNOWN:
      break;
  }
  return 0;
}

/*
 * Described in header.
 */
hash_algorithm_t hasher_algorithm_from_oid(int oid)
{
  switch (oid)
  {
    case OID_MD2:
    case OID_MD2_WITH_RSA:
      return HASH_MD2;
    case OID_MD5:
    case OID_MD5_WITH_RSA:
      return HASH_MD5;
    case OID_SHA1:
    case OID_SHA1_WITH_RSA:
      return HASH_SHA1;
    case OID_SHA224:
    case OID_SHA224_WITH_RSA:
      return HASH_SHA224;
    case OID_SHA256:
    case OID_SHA256_WITH_RSA:
      return HASH_SHA256;
    case OID_SHA384:
    case OID_SHA384_WITH_RSA:
      return HASH_SHA384;
    case OID_SHA512:
    case OID_SHA512_WITH_RSA:
      return HASH_SHA512;
    case OID_SHA3_224:
    case OID_RSASSA_PKCS1V15_WITH_SHA3_224:
      return HASH_SHA3_224;
    case OID_SHA3_256:
    case OID_RSASSA_PKCS1V15_WITH_SHA3_256:
      return HASH_SHA3_256;
    case OID_SHA3_384:
    case OID_RSASSA_PKCS1V15_WITH_SHA3_384:
      return HASH_SHA3_384;
    case OID_SHA3_512:
    case OID_RSASSA_PKCS1V15_WITH_SHA3_512:
      return HASH_SHA3_512;
    case OID_ED25519:
    case OID_ED448:
      return HASH_IDENTITY;
    default:
      return HASH_UNKNOWN;
  }
}

/*
 * Described in header.
 */
hash_algorithm_t hasher_algorithm_from_prf(pseudo_random_function_t alg)
{
  switch (alg)
  {
    case PRF_HMAC_MD5:
      return HASH_MD5;
    case PRF_HMAC_SHA1:
    case PRF_FIPS_SHA1_160:
    case PRF_KEYED_SHA1:
      return HASH_SHA1;
    case PRF_HMAC_SHA2_256:
      return HASH_SHA256;
    case PRF_HMAC_SHA2_384:
      return HASH_SHA384;
    case PRF_HMAC_SHA2_512:
      return HASH_SHA512;
    case PRF_HMAC_TIGER:
    case PRF_AES128_XCBC:
    case PRF_AES128_CMAC:
    case PRF_FIPS_DES:
    case PRF_CAMELLIA128_XCBC:
    case PRF_UNDEFINED:
      break;
  }
  return HASH_UNKNOWN;
}

/*
 * Described in header.
 */
hash_algorithm_t hasher_algorithm_from_integrity(integrity_algorithm_t alg,
                         size_t *length)
{
  if (length)
  {
    switch (alg)
    {
      case AUTH_HMAC_MD5_96:
      case AUTH_HMAC_SHA1_96:
      case AUTH_HMAC_SHA2_256_96:
        *length = 12;
        break;
      case AUTH_HMAC_MD5_128:
      case AUTH_HMAC_SHA1_128:
      case AUTH_HMAC_SHA2_256_128:
        *length = 16;
        break;
      case AUTH_HMAC_SHA1_160:
        *length = 20;
        break;
      case AUTH_HMAC_SHA2_384_192:
        *length = 24;
        break;
      case AUTH_HMAC_SHA2_256_256:
      case AUTH_HMAC_SHA2_512_256:
        *length = 32;
        break;
      case AUTH_HMAC_SHA2_384_384:
        *length = 48;
        break;
      case AUTH_HMAC_SHA2_512_512:
        *length = 64;
        break;
      default:
        break;
    }
  }
  switch (alg)
  {
    case AUTH_HMAC_MD5_96:
    case AUTH_HMAC_MD5_128:
    case AUTH_KPDK_MD5:
      return HASH_MD5;
    case AUTH_HMAC_SHA1_96:
    case AUTH_HMAC_SHA1_128:
    case AUTH_HMAC_SHA1_160:
      return HASH_SHA1;
    case AUTH_HMAC_SHA2_256_96:
    case AUTH_HMAC_SHA2_256_128:
    case AUTH_HMAC_SHA2_256_256:
      return HASH_SHA256;
    case AUTH_HMAC_SHA2_384_192:
    case AUTH_HMAC_SHA2_384_384:
      return HASH_SHA384;
    case AUTH_HMAC_SHA2_512_256:
    case AUTH_HMAC_SHA2_512_512:
      return HASH_SHA512;
    case AUTH_AES_CMAC_96:
    case AUTH_AES_128_GMAC:
    case AUTH_AES_192_GMAC:
    case AUTH_AES_256_GMAC:
    case AUTH_AES_XCBC_96:
    case AUTH_DES_MAC:
    case AUTH_CAMELLIA_XCBC_96:
    case AUTH_UNDEFINED:
      break;
  }
  return HASH_UNKNOWN;
}

/*
 * Described in header.
 */
integrity_algorithm_t hasher_algorithm_to_integrity(hash_algorithm_t alg,
                          size_t length)
{
  switch (alg)
  {
    case HASH_MD5:
      switch (length)
      {
        case 12:
          return AUTH_HMAC_MD5_96;
        case 16:
          return AUTH_HMAC_MD5_128;
      }
      break;
    case HASH_SHA1:
      switch (length)
      {
        case 12:
          return AUTH_HMAC_SHA1_96;
        case 16:
          return AUTH_HMAC_SHA1_128;
        case 20:
          return AUTH_HMAC_SHA1_160;
      }
      break;
    case HASH_SHA256:
      switch (length)
      {
        case 12:
          return AUTH_HMAC_SHA2_256_96;
        case 16:
          return AUTH_HMAC_SHA2_256_128;
        case 32:
          return AUTH_HMAC_SHA2_256_256;
      }
      break;
    case HASH_SHA384:
      switch (length)
      {
        case 24:
          return AUTH_HMAC_SHA2_384_192;
        case 48:
          return AUTH_HMAC_SHA2_384_384;

      }
      break;
    case HASH_SHA512:
      switch (length)
      {
        case 32:
          return AUTH_HMAC_SHA2_512_256;
        case 64:
          return AUTH_HMAC_SHA2_512_512;
      }
      break;
    case HASH_MD2:
    case HASH_MD4:
    case HASH_SHA224:
    case HASH_SHA3_224:
    case HASH_SHA3_256:
    case HASH_SHA3_384:
    case HASH_SHA3_512:
    case HASH_IDENTITY:
    case HASH_UNKNOWN:
      break;
  }
  return AUTH_UNDEFINED;
}

/*
 * Described in header.
 */
bool hasher_algorithm_for_ikev2(hash_algorithm_t alg)
{
  switch (alg)
  {
    case HASH_IDENTITY:
    case HASH_SHA256:
    case HASH_SHA384:
    case HASH_SHA512:
      return TRUE;
    case HASH_UNKNOWN:
    case HASH_MD2:
    case HASH_MD4:
    case HASH_MD5:
    case HASH_SHA1:
    case HASH_SHA224:
    case HASH_SHA3_224:
    case HASH_SHA3_256:
    case HASH_SHA3_384:
    case HASH_SHA3_512:
      break;
  }
  return FALSE;
}

/*
 * Described in header.
 */
int hasher_algorithm_to_oid(hash_algorithm_t alg)
{
  int oid;

  switch (alg)
  {
    case HASH_MD2:
      oid = OID_MD2;
      break;
    case HASH_MD5:
      oid = OID_MD5;
      break;
    case HASH_SHA1:
      oid = OID_SHA1;
      break;
    case HASH_SHA224:
      oid = OID_SHA224;
      break;
    case HASH_SHA256:
      oid = OID_SHA256;
      break;
    case HASH_SHA384:
      oid = OID_SHA384;
      break;
    case HASH_SHA512:
      oid = OID_SHA512;
      break;
    case HASH_SHA3_224:
      oid = OID_SHA3_224;
      break;
    case HASH_SHA3_256:
      oid = OID_SHA3_256;
      break;
    case HASH_SHA3_384:
      oid = OID_SHA3_384;
      break;
    case HASH_SHA3_512:
      oid = OID_SHA3_512;
      break;
    default:
      oid = OID_UNKNOWN;
  }
  return oid;
}

/*
 * Described in header.
 */
int hasher_signature_algorithm_to_oid(hash_algorithm_t alg, key_type_t key)
{
  switch (key)
  {
    case KEY_RSA:
      switch (alg)
      {
        case HASH_MD2:
          return OID_MD2_WITH_RSA;
        case HASH_MD5:
          return OID_MD5_WITH_RSA;
        case HASH_SHA1:
          return OID_SHA1_WITH_RSA;
        case HASH_SHA224:
          return OID_SHA224_WITH_RSA;
        case HASH_SHA256:
          return OID_SHA256_WITH_RSA;
        case HASH_SHA384:
          return OID_SHA384_WITH_RSA;
        case HASH_SHA512:
          return OID_SHA512_WITH_RSA;
        case HASH_SHA3_224:
          return OID_RSASSA_PKCS1V15_WITH_SHA3_224;
        case HASH_SHA3_256:
          return OID_RSASSA_PKCS1V15_WITH_SHA3_256;
        case HASH_SHA3_384:
          return OID_RSASSA_PKCS1V15_WITH_SHA3_384;
        case HASH_SHA3_512:
          return OID_RSASSA_PKCS1V15_WITH_SHA3_512;
        default:
          return OID_UNKNOWN;
      }
    case KEY_ECDSA:
      switch (alg)
      {
        case HASH_SHA1:
          return OID_ECDSA_WITH_SHA1;
        case HASH_SHA256:
          return OID_ECDSA_WITH_SHA256;
        case HASH_SHA384:
          return OID_ECDSA_WITH_SHA384;
        case HASH_SHA512:
          return OID_ECDSA_WITH_SHA512;
        default:
          return OID_UNKNOWN;
      }
    case KEY_ED25519:
      switch (alg)
      {
        case HASH_IDENTITY:
          return OID_ED25519;
        default:
          return OID_UNKNOWN;
      }
    case KEY_ED448:
      switch (alg)
      {
        case HASH_IDENTITY:
          return OID_ED448;
        default:
          return OID_UNKNOWN;
      }
    default:
      return OID_UNKNOWN;
  }
}

/*
 * Defined in header.
 */
hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme,
                        void *params)
{
  switch (scheme)
  {
    case SIGN_UNKNOWN:
    case SIGN_RSA_EMSA_PKCS1_NULL:
    case SIGN_ECDSA_WITH_NULL:
      break;
    case SIGN_RSA_EMSA_PSS:
      if (params)
      {
        rsa_pss_params_t *pss = params;
        return pss->hash;
      }
      break;
    case SIGN_ED25519:
    case SIGN_ED448:
      return HASH_IDENTITY;
    case SIGN_RSA_EMSA_PKCS1_MD5:
      return HASH_MD5;
    case SIGN_RSA_EMSA_PKCS1_SHA1:
    case SIGN_ECDSA_WITH_SHA1_DER:
      return HASH_SHA1;
    case SIGN_RSA_EMSA_PKCS1_SHA2_224:
      return HASH_SHA224;
    case SIGN_RSA_EMSA_PKCS1_SHA2_256:
    case SIGN_ECDSA_WITH_SHA256_DER:
    case SIGN_ECDSA_256:
      return HASH_SHA256;
    case SIGN_RSA_EMSA_PKCS1_SHA2_384:
    case SIGN_ECDSA_WITH_SHA384_DER:
    case SIGN_ECDSA_384:
      return HASH_SHA384;
    case SIGN_RSA_EMSA_PKCS1_SHA2_512:
    case SIGN_ECDSA_WITH_SHA512_DER:
    case SIGN_ECDSA_521:
      return HASH_SHA512;
    case SIGN_RSA_EMSA_PKCS1_SHA3_224:
      return HASH_SHA3_224;
    case SIGN_RSA_EMSA_PKCS1_SHA3_256:
      return HASH_SHA3_256;
    case SIGN_RSA_EMSA_PKCS1_SHA3_384:
      return HASH_SHA3_384;
    case SIGN_RSA_EMSA_PKCS1_SHA3_512:
      return HASH_SHA3_512;
  }
  return HASH_UNKNOWN;
}

Coverage Report

Created: 2025-07-12 06:06

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright (C) 2012-2015 Tobias Brunner
3		* Copyright (C) 2015-2017 Andreas Steffen
4		* Copyright (C) 2005-2006 Martin Willi
5		* Copyright (C) 2005 Jan Hutter
6		*
7		* Copyright (C) secunet Security Networks AG
8		*
9		* This program is free software; you can redistribute it and/or modify it
10		* under the terms of the GNU General Public License as published by the
11		* Free Software Foundation; either version 2 of the License, or (at your
12		* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
13		*
14		* This program is distributed in the hope that it will be useful, but
15		* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
16		* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
17		* for more details.
18		*/
19
20		#include "hasher.h"
21
22		#include <asn1/oid.h>
23		#include <credentials/keys/signature_params.h>
24
25		ENUM_BEGIN(hash_algorithm_names, HASH_SHA1, HASH_IDENTITY,
26		"HASH_SHA1",
27		"HASH_SHA2_256",
28		"HASH_SHA2_384",
29		"HASH_SHA2_512",
30		"HASH_IDENTITY");
31		ENUM_NEXT(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_IDENTITY,
32		"HASH_UNKNOWN",
33		"HASH_MD2",
34		"HASH_MD4",
35		"HASH_MD5",
36		"HASH_SHA2_224",
37		"HASH_SHA3_224",
38		"HASH_SHA3_256",
39		"HASH_SHA3_384",
40		"HASH_SHA3_512");
41		ENUM_END(hash_algorithm_names, HASH_SHA3_512);
42
43		ENUM_BEGIN(hash_algorithm_short_names, HASH_SHA1, HASH_IDENTITY,
44		"sha1",
45		"sha256",
46		"sha384",
47		"sha512",
48		"identity");
49		ENUM_NEXT(hash_algorithm_short_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_IDENTITY,
50		"unknown",
51		"md2",
52		"md4",
53		"md5",
54		"sha224",
55		"sha3_224",
56		"sha3_256",
57		"sha3_384",
58		"sha3_512");
59		ENUM_END(hash_algorithm_short_names, HASH_SHA3_512);
60
61		ENUM_BEGIN(hash_algorithm_short_names_upper, HASH_SHA1, HASH_IDENTITY,
62		"SHA1",
63		"SHA2_256",
64		"SHA2_384",
65		"SHA2_512",
66		"IDENTITY");
67		ENUM_NEXT(hash_algorithm_short_names_upper, HASH_UNKNOWN, HASH_SHA3_512, HASH_IDENTITY,
68		"UNKNOWN",
69		"MD2",
70		"MD4",
71		"MD5",
72		"SHA2_224",
73		"SHA3_224",
74		"SHA3_256",
75		"SHA3_384",
76		"SHA3_512");
77		ENUM_END(hash_algorithm_short_names_upper, HASH_SHA3_512);
78
79		/*
80		* Described in header
81		*/
82		size_t hasher_hash_size(hash_algorithm_t alg)
83	0	{
84	0	switch (alg)
85	0	{
86	0	case HASH_SHA1:
87	0	return HASH_SIZE_SHA1;
88	0	case HASH_SHA256:
89	0	return HASH_SIZE_SHA256;
90	0	case HASH_SHA384:
91	0	return HASH_SIZE_SHA384;
92	0	case HASH_SHA512:
93	0	return HASH_SIZE_SHA512;
94	0	case HASH_MD2:
95	0	return HASH_SIZE_MD2;
96	0	case HASH_MD4:
97	0	return HASH_SIZE_MD4;
98	0	case HASH_MD5:
99	0	return HASH_SIZE_MD5;
100	0	case HASH_SHA224:
101	0	return HASH_SIZE_SHA224;
102	0	case HASH_SHA3_224:
103	0	return HASH_SIZE_SHA224;
104	0	case HASH_SHA3_256:
105	0	return HASH_SIZE_SHA256;
106	0	case HASH_SHA3_384:
107	0	return HASH_SIZE_SHA384;
108	0	case HASH_SHA3_512:
109	0	return HASH_SIZE_SHA512;
110	0	case HASH_IDENTITY:
111	0	case HASH_UNKNOWN:
112	0	break;
113	0	}
114	0	return 0;
115	0	}
116
117		/*
118		* Described in header.
119		*/
120		hash_algorithm_t hasher_algorithm_from_oid(int oid)
121	840	{
122	840	switch (oid)
123	840	{
124	6	case OID_MD2:
125	16	case OID_MD2_WITH_RSA:
126	16	return HASH_MD2;
127	8	case OID_MD5:
128	25	case OID_MD5_WITH_RSA:
129	25	return HASH_MD5;
130	24	case OID_SHA1:
131	38	case OID_SHA1_WITH_RSA:
132	38	return HASH_SHA1;
133	14	case OID_SHA224:
134	33	case OID_SHA224_WITH_RSA:
135	33	return HASH_SHA224;
136	13	case OID_SHA256:
137	25	case OID_SHA256_WITH_RSA:
138	25	return HASH_SHA256;
139	13	case OID_SHA384:
140	25	case OID_SHA384_WITH_RSA:
141	25	return HASH_SHA384;
142	24	case OID_SHA512:
143	33	case OID_SHA512_WITH_RSA:
144	33	return HASH_SHA512;
145	13	case OID_SHA3_224:
146	24	case OID_RSASSA_PKCS1V15_WITH_SHA3_224:
147	24	return HASH_SHA3_224;
148	19	case OID_SHA3_256:
149	31	case OID_RSASSA_PKCS1V15_WITH_SHA3_256:
150	31	return HASH_SHA3_256;
151	16	case OID_SHA3_384:
152	31	case OID_RSASSA_PKCS1V15_WITH_SHA3_384:
153	31	return HASH_SHA3_384;
154	13	case OID_SHA3_512:
155	24	case OID_RSASSA_PKCS1V15_WITH_SHA3_512:
156	24	return HASH_SHA3_512;
157	21	case OID_ED25519:
158	38	case OID_ED448:
159	38	return HASH_IDENTITY;
160	497	default:
161	497	return HASH_UNKNOWN;
162	840	}
163	840	}
164
165		/*
166		* Described in header.
167		*/
168		hash_algorithm_t hasher_algorithm_from_prf(pseudo_random_function_t alg)
169	0	{
170	0	switch (alg)
171	0	{
172	0	case PRF_HMAC_MD5:
173	0	return HASH_MD5;
174	0	case PRF_HMAC_SHA1:
175	0	case PRF_FIPS_SHA1_160:
176	0	case PRF_KEYED_SHA1:
177	0	return HASH_SHA1;
178	0	case PRF_HMAC_SHA2_256:
179	0	return HASH_SHA256;
180	0	case PRF_HMAC_SHA2_384:
181	0	return HASH_SHA384;
182	0	case PRF_HMAC_SHA2_512:
183	0	return HASH_SHA512;
184	0	case PRF_HMAC_TIGER:
185	0	case PRF_AES128_XCBC:
186	0	case PRF_AES128_CMAC:
187	0	case PRF_FIPS_DES:
188	0	case PRF_CAMELLIA128_XCBC:
189	0	case PRF_UNDEFINED:
190	0	break;
191	0	}
192	0	return HASH_UNKNOWN;
193	0	}
194
195		/*
196		* Described in header.
197		*/
198		hash_algorithm_t hasher_algorithm_from_integrity(integrity_algorithm_t alg,
199		size_t *length)
200	0	{
201	0	if (length)
202	0	{
203	0	switch (alg)
204	0	{
205	0	case AUTH_HMAC_MD5_96:
206	0	case AUTH_HMAC_SHA1_96:
207	0	case AUTH_HMAC_SHA2_256_96:
208	0	*length = 12;
209	0	break;
210	0	case AUTH_HMAC_MD5_128:
211	0	case AUTH_HMAC_SHA1_128:
212	0	case AUTH_HMAC_SHA2_256_128:
213	0	*length = 16;
214	0	break;
215	0	case AUTH_HMAC_SHA1_160:
216	0	*length = 20;
217	0	break;
218	0	case AUTH_HMAC_SHA2_384_192:
219	0	*length = 24;
220	0	break;
221	0	case AUTH_HMAC_SHA2_256_256:
222	0	case AUTH_HMAC_SHA2_512_256:
223	0	*length = 32;
224	0	break;
225	0	case AUTH_HMAC_SHA2_384_384:
226	0	*length = 48;
227	0	break;
228	0	case AUTH_HMAC_SHA2_512_512:
229	0	*length = 64;
230	0	break;
231	0	default:
232	0	break;
233	0	}
234	0	}
235	0	switch (alg)
236	0	{
237	0	case AUTH_HMAC_MD5_96:
238	0	case AUTH_HMAC_MD5_128:
239	0	case AUTH_KPDK_MD5:
240	0	return HASH_MD5;
241	0	case AUTH_HMAC_SHA1_96:
242	0	case AUTH_HMAC_SHA1_128:
243	0	case AUTH_HMAC_SHA1_160:
244	0	return HASH_SHA1;
245	0	case AUTH_HMAC_SHA2_256_96:
246	0	case AUTH_HMAC_SHA2_256_128:
247	0	case AUTH_HMAC_SHA2_256_256:
248	0	return HASH_SHA256;
249	0	case AUTH_HMAC_SHA2_384_192:
250	0	case AUTH_HMAC_SHA2_384_384:
251	0	return HASH_SHA384;
252	0	case AUTH_HMAC_SHA2_512_256:
253	0	case AUTH_HMAC_SHA2_512_512:
254	0	return HASH_SHA512;
255	0	case AUTH_AES_CMAC_96:
256	0	case AUTH_AES_128_GMAC:
257	0	case AUTH_AES_192_GMAC:
258	0	case AUTH_AES_256_GMAC:
259	0	case AUTH_AES_XCBC_96:
260	0	case AUTH_DES_MAC:
261	0	case AUTH_CAMELLIA_XCBC_96:
262	0	case AUTH_UNDEFINED:
263	0	break;
264	0	}
265	0	return HASH_UNKNOWN;
266	0	}
267
268		/*
269		* Described in header.
270		*/
271		integrity_algorithm_t hasher_algorithm_to_integrity(hash_algorithm_t alg,
272		size_t length)
273	0	{
274	0	switch (alg)
275	0	{
276	0	case HASH_MD5:
277	0	switch (length)
278	0	{
279	0	case 12:
280	0	return AUTH_HMAC_MD5_96;
281	0	case 16:
282	0	return AUTH_HMAC_MD5_128;
283	0	}
284	0	break;
285	0	case HASH_SHA1:
286	0	switch (length)
287	0	{
288	0	case 12:
289	0	return AUTH_HMAC_SHA1_96;
290	0	case 16:
291	0	return AUTH_HMAC_SHA1_128;
292	0	case 20:
293	0	return AUTH_HMAC_SHA1_160;
294	0	}
295	0	break;
296	0	case HASH_SHA256:
297	0	switch (length)
298	0	{
299	0	case 12:
300	0	return AUTH_HMAC_SHA2_256_96;
301	0	case 16:
302	0	return AUTH_HMAC_SHA2_256_128;
303	0	case 32:
304	0	return AUTH_HMAC_SHA2_256_256;
305	0	}
306	0	break;
307	0	case HASH_SHA384:
308	0	switch (length)
309	0	{
310	0	case 24:
311	0	return AUTH_HMAC_SHA2_384_192;
312	0	case 48:
313	0	return AUTH_HMAC_SHA2_384_384;
314
315	0	}
316	0	break;
317	0	case HASH_SHA512:
318	0	switch (length)
319	0	{
320	0	case 32:
321	0	return AUTH_HMAC_SHA2_512_256;
322	0	case 64:
323	0	return AUTH_HMAC_SHA2_512_512;
324	0	}
325	0	break;
326	0	case HASH_MD2:
327	0	case HASH_MD4:
328	0	case HASH_SHA224:
329	0	case HASH_SHA3_224:
330	0	case HASH_SHA3_256:
331	0	case HASH_SHA3_384:
332	0	case HASH_SHA3_512:
333	0	case HASH_IDENTITY:
334	0	case HASH_UNKNOWN:
335	0	break;
336	0	}
337	0	return AUTH_UNDEFINED;
338	0	}
339
340		/*
341		* Described in header.
342		*/
343		bool hasher_algorithm_for_ikev2(hash_algorithm_t alg)
344	0	{
345	0	switch (alg)
346	0	{
347	0	case HASH_IDENTITY:
348	0	case HASH_SHA256:
349	0	case HASH_SHA384:
350	0	case HASH_SHA512:
351	0	return TRUE;
352	0	case HASH_UNKNOWN:
353	0	case HASH_MD2:
354	0	case HASH_MD4:
355	0	case HASH_MD5:
356	0	case HASH_SHA1:
357	0	case HASH_SHA224:
358	0	case HASH_SHA3_224:
359	0	case HASH_SHA3_256:
360	0	case HASH_SHA3_384:
361	0	case HASH_SHA3_512:
362	0	break;
363	0	}
364	0	return FALSE;
365	0	}
366
367		/*
368		* Described in header.
369		*/
370		int hasher_algorithm_to_oid(hash_algorithm_t alg)
371	0	{
372	0	int oid;
373
374	0	switch (alg)
375	0	{
376	0	case HASH_MD2:
377	0	oid = OID_MD2;
378	0	break;
379	0	case HASH_MD5:
380	0	oid = OID_MD5;
381	0	break;
382	0	case HASH_SHA1:
383	0	oid = OID_SHA1;
384	0	break;
385	0	case HASH_SHA224:
386	0	oid = OID_SHA224;
387	0	break;
388	0	case HASH_SHA256:
389	0	oid = OID_SHA256;
390	0	break;
391	0	case HASH_SHA384:
392	0	oid = OID_SHA384;
393	0	break;
394	0	case HASH_SHA512:
395	0	oid = OID_SHA512;
396	0	break;
397	0	case HASH_SHA3_224:
398	0	oid = OID_SHA3_224;
399	0	break;
400	0	case HASH_SHA3_256:
401	0	oid = OID_SHA3_256;
402	0	break;
403	0	case HASH_SHA3_384:
404	0	oid = OID_SHA3_384;
405	0	break;
406	0	case HASH_SHA3_512:
407	0	oid = OID_SHA3_512;
408	0	break;
409	0	default:
410	0	oid = OID_UNKNOWN;
411	0	}
412	0	return oid;
413	0	}
414
415		/*
416		* Described in header.
417		*/
418		int hasher_signature_algorithm_to_oid(hash_algorithm_t alg, key_type_t key)
419	0	{
420	0	switch (key)
421	0	{
422	0	case KEY_RSA:
423	0	switch (alg)
424	0	{
425	0	case HASH_MD2:
426	0	return OID_MD2_WITH_RSA;
427	0	case HASH_MD5:
428	0	return OID_MD5_WITH_RSA;
429	0	case HASH_SHA1:
430	0	return OID_SHA1_WITH_RSA;
431	0	case HASH_SHA224:
432	0	return OID_SHA224_WITH_RSA;
433	0	case HASH_SHA256:
434	0	return OID_SHA256_WITH_RSA;
435	0	case HASH_SHA384:
436	0	return OID_SHA384_WITH_RSA;
437	0	case HASH_SHA512:
438	0	return OID_SHA512_WITH_RSA;
439	0	case HASH_SHA3_224:
440	0	return OID_RSASSA_PKCS1V15_WITH_SHA3_224;
441	0	case HASH_SHA3_256:
442	0	return OID_RSASSA_PKCS1V15_WITH_SHA3_256;
443	0	case HASH_SHA3_384:
444	0	return OID_RSASSA_PKCS1V15_WITH_SHA3_384;
445	0	case HASH_SHA3_512:
446	0	return OID_RSASSA_PKCS1V15_WITH_SHA3_512;
447	0	default:
448	0	return OID_UNKNOWN;
449	0	}
450	0	case KEY_ECDSA:
451	0	switch (alg)
452	0	{
453	0	case HASH_SHA1:
454	0	return OID_ECDSA_WITH_SHA1;
455	0	case HASH_SHA256:
456	0	return OID_ECDSA_WITH_SHA256;
457	0	case HASH_SHA384:
458	0	return OID_ECDSA_WITH_SHA384;
459	0	case HASH_SHA512:
460	0	return OID_ECDSA_WITH_SHA512;
461	0	default:
462	0	return OID_UNKNOWN;
463	0	}
464	0	case KEY_ED25519:
465	0	switch (alg)
466	0	{
467	0	case HASH_IDENTITY:
468	0	return OID_ED25519;
469	0	default:
470	0	return OID_UNKNOWN;
471	0	}
472	0	case KEY_ED448:
473	0	switch (alg)
474	0	{
475	0	case HASH_IDENTITY:
476	0	return OID_ED448;
477	0	default:
478	0	return OID_UNKNOWN;
479	0	}
480	0	default:
481	0	return OID_UNKNOWN;
482	0	}
483	0	}
484
485		/*
486		* Defined in header.
487		*/
488		hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme,
489		void *params)
490	0	{
491	0	switch (scheme)
492	0	{
493	0	case SIGN_UNKNOWN:
494	0	case SIGN_RSA_EMSA_PKCS1_NULL:
495	0	case SIGN_ECDSA_WITH_NULL:
496	0	break;
497	0	case SIGN_RSA_EMSA_PSS:
498	0	if (params)
499	0	{
500	0	rsa_pss_params_t *pss = params;
501	0	return pss->hash;
502	0	}
503	0	break;
504	0	case SIGN_ED25519:
505	0	case SIGN_ED448:
506	0	return HASH_IDENTITY;
507	0	case SIGN_RSA_EMSA_PKCS1_MD5:
508	0	return HASH_MD5;
509	0	case SIGN_RSA_EMSA_PKCS1_SHA1:
510	0	case SIGN_ECDSA_WITH_SHA1_DER:
511	0	return HASH_SHA1;
512	0	case SIGN_RSA_EMSA_PKCS1_SHA2_224:
513	0	return HASH_SHA224;
514	0	case SIGN_RSA_EMSA_PKCS1_SHA2_256:
515	0	case SIGN_ECDSA_WITH_SHA256_DER:
516	0	case SIGN_ECDSA_256:
517	0	return HASH_SHA256;
518	0	case SIGN_RSA_EMSA_PKCS1_SHA2_384:
519	0	case SIGN_ECDSA_WITH_SHA384_DER:
520	0	case SIGN_ECDSA_384:
521	0	return HASH_SHA384;
522	0	case SIGN_RSA_EMSA_PKCS1_SHA2_512:
523	0	case SIGN_ECDSA_WITH_SHA512_DER:
524	0	case SIGN_ECDSA_521:
525	0	return HASH_SHA512;
526	0	case SIGN_RSA_EMSA_PKCS1_SHA3_224:
527	0	return HASH_SHA3_224;
528	0	case SIGN_RSA_EMSA_PKCS1_SHA3_256:
529	0	return HASH_SHA3_256;
530	0	case SIGN_RSA_EMSA_PKCS1_SHA3_384:
531	0	return HASH_SHA3_384;
532	0	case SIGN_RSA_EMSA_PKCS1_SHA3_512:
533	0	return HASH_SHA3_512;
534	0	}
535	0	return HASH_UNKNOWN;
536	0	}