illumos/illumos-gate: usr/src/common/crypto/fips/fips_sha2

annotate usr/src/common/crypto/fips/fips_sha2_util.c @ 10979:00cad6413daf

6897371 cryptoadm needs changes in order to support fips-140 mode in local zones 6897374 Memory leaking in kernel algorithm modules and softtoken dsa with fips enabled

author	Hai-May Chao <Hai-May.Chao@Sun.COM>
date	Thu, 05 Nov 2009 21:57:36 -0800
parents	a10fbcfc2f21
children

rev	line source
10500 a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	1 /*
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	2 * CDDL HEADER START
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	3 *
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	4 * The contents of this file are subject to the terms of the
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	5 * Common Development and Distribution License (the "License").
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	6 * You may not use this file except in compliance with the License.
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	7 *
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	9 * or http://www.opensolaris.org/os/licensing.
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	10 * See the License for the specific language governing permissions
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	11 * and limitations under the License.
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	12 *
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	13 * When distributing Covered Code, include this CDDL HEADER in each
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	15 * If applicable, add the following below this CDDL HEADER, with the
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	16 * fields enclosed by brackets "[]" replaced with your own identifying
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	17 * information: Portions Copyright [yyyy] [name of copyright owner]
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	18 *
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	19 * CDDL HEADER END
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	20 */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	21 /*
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	23 * Use is subject to license terms.
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	24 */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	25
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	26 #include <sys/types.h>
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	27 #include <sys/errno.h>
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	28 #include <sys/kmem.h>
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	29 #include <sys/systm.h>
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	30 #define _SHA2_IMPL
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	31 #include <sys/sha2.h>
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	32 #include <sys/crypto/common.h>
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	33 #include <sys/cmn_err.h>
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	34 #ifndef _KERNEL
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	35 #include <stdlib.h>
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	36 #include <string.h>
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	37 #include <strings.h>
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	38 #include <stdio.h>
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	39 #include <security/cryptoki.h>
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	40 #include <cryptoutil.h>
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	41 #include "softMAC.h"
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	42 #endif
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	43 #include <sha2/sha2_impl.h>
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	44
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	45
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	46 /*
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	47 * fips_sha2_build_context()
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	48 *
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	49 * Description:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	50 * This function allocates and initializes SHA2 context.
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	51 */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	52 #ifndef _KERNEL
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	53 SHA2_CTX *
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	54 fips_sha2_build_context(CK_MECHANISM_TYPE mechanism)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	55 {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	56 SHA2_CTX *sha2_context;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	57
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	58 if ((sha2_context = malloc(sizeof (SHA2_CTX))) == NULL)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	59 return (NULL);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	60
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	61 switch (mechanism) {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	62 case CKM_SHA256:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	63 SHA2Init(SHA256, sha2_context);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	64 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	65
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	66 case CKM_SHA384:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	67 SHA2Init(SHA384, sha2_context);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	68 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	69
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	70 case CKM_SHA512:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	71 SHA2Init(SHA512, sha2_context);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	72 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	73 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	74
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	75 return (sha2_context);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	76 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	77
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	78 #else
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	79 SHA2_CTX *
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	80 fips_sha2_build_context(sha2_mech_t mechanism)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	81 {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	82 SHA2_CTX *sha2_context;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	83
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	84 if ((sha2_context = kmem_zalloc(sizeof (SHA2_CTX),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	85 KM_SLEEP)) == NULL)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	86 return (NULL);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	87
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	88 switch (mechanism) {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	89 case SHA256_TYPE:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	90 SHA2Init(SHA256, sha2_context);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	91 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	92
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	93 case SHA384_TYPE:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	94 SHA2Init(SHA384, sha2_context);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	95 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	96
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	97 case SHA512_TYPE:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	98 SHA2Init(SHA512, sha2_context);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	99 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	100 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	101
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	102 return (sha2_context);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	103 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	104 #endif
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	105
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	106 /*
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	107 * fips_sha2_hash()
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	108 *
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	109 * Arguments:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	110 * sha2_context: pointer to SHA2 context
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	111 * in: pointer to the input data to be hashed
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	112 * inlen: length of the input data
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	113 * out: pointer to the output data after hashing
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	114 *
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	115 * Description:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	116 * This function calls the low-level SHA2 routines for hashing.
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	117 *
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	118 */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	119 int
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	120 fips_sha2_hash(SHA2_CTX sha2_context, uchar_t in,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	121 ulong_t inlen, uchar_t *out)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	122 {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	123
10979 00cad6413daf 6897371 cryptoadm needs changes in order to support fips-140 mode in local zones Hai-May Chao <Hai-May.Chao@Sun.COM> parents: 10500 diff changeset	124 int rv;
00cad6413daf 6897371 cryptoadm needs changes in order to support fips-140 mode in local zones Hai-May Chao <Hai-May.Chao@Sun.COM> parents: 10500 diff changeset	125
10500 a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	126 if (in != NULL) {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	127 SHA2Update((SHA2_CTX *)sha2_context, in, inlen);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	128 SHA2Final(out, (SHA2_CTX *)sha2_context);
10979 00cad6413daf 6897371 cryptoadm needs changes in order to support fips-140 mode in local zones Hai-May Chao <Hai-May.Chao@Sun.COM> parents: 10500 diff changeset	129 rv = CKR_OK;
10500 a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	130 } else {
10979 00cad6413daf 6897371 cryptoadm needs changes in order to support fips-140 mode in local zones Hai-May Chao <Hai-May.Chao@Sun.COM> parents: 10500 diff changeset	131 rv = CKR_ARGUMENTS_BAD;
10500 a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	132 }
10979 00cad6413daf 6897371 cryptoadm needs changes in order to support fips-140 mode in local zones Hai-May Chao <Hai-May.Chao@Sun.COM> parents: 10500 diff changeset	133
00cad6413daf 6897371 cryptoadm needs changes in order to support fips-140 mode in local zones Hai-May Chao <Hai-May.Chao@Sun.COM> parents: 10500 diff changeset	134 if (sha2_context)
00cad6413daf 6897371 cryptoadm needs changes in order to support fips-140 mode in local zones Hai-May Chao <Hai-May.Chao@Sun.COM> parents: 10500 diff changeset	135 #ifdef _KERNEL
00cad6413daf 6897371 cryptoadm needs changes in order to support fips-140 mode in local zones Hai-May Chao <Hai-May.Chao@Sun.COM> parents: 10500 diff changeset	136 kmem_free(sha2_context, sizeof (SHA2_CTX));
00cad6413daf 6897371 cryptoadm needs changes in order to support fips-140 mode in local zones Hai-May Chao <Hai-May.Chao@Sun.COM> parents: 10500 diff changeset	137 #else
00cad6413daf 6897371 cryptoadm needs changes in order to support fips-140 mode in local zones Hai-May Chao <Hai-May.Chao@Sun.COM> parents: 10500 diff changeset	138 free(sha2_context);
00cad6413daf 6897371 cryptoadm needs changes in order to support fips-140 mode in local zones Hai-May Chao <Hai-May.Chao@Sun.COM> parents: 10500 diff changeset	139 #endif
00cad6413daf 6897371 cryptoadm needs changes in order to support fips-140 mode in local zones Hai-May Chao <Hai-May.Chao@Sun.COM> parents: 10500 diff changeset	140 return (rv);
00cad6413daf 6897371 cryptoadm needs changes in order to support fips-140 mode in local zones Hai-May Chao <Hai-May.Chao@Sun.COM> parents: 10500 diff changeset	141
10500 a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	142 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	143
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	144 #ifndef _KERNEL
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	145 soft_hmac_ctx_t *
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	146 fips_sha2_hmac_build_context(CK_MECHANISM_TYPE mechanism,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	147 uint8_t *secret_key,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	148 unsigned int secret_key_length)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	149 {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	150
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	151 soft_hmac_ctx_t *hmac_ctx;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	152
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	153 hmac_ctx = malloc(sizeof (soft_hmac_ctx_t));
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	154
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	155 if (hmac_ctx == NULL) {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	156 return (NULL);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	157 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	158
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	159 switch (mechanism) {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	160 case CKM_SHA256_HMAC:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	161 {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	162 uint64_t sha_ipad[SHA256_HMAC_INTS_PER_BLOCK];
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	163 uint64_t sha_opad[SHA256_HMAC_INTS_PER_BLOCK];
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	164
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	165 hmac_ctx->hmac_len = SHA256_DIGEST_LENGTH;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	166 bzero(sha_ipad, SHA256_HMAC_BLOCK_SIZE);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	167 bzero(sha_opad, SHA256_HMAC_BLOCK_SIZE);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	168
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	169 (void) memcpy(sha_ipad, secret_key, secret_key_length);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	170 (void) memcpy(sha_opad, secret_key, secret_key_length);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	171
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	172 sha2_hmac_ctx_init(CKM_TO_SHA2(mechanism),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	173 &hmac_ctx->hc_ctx_u.sha2_ctx,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	174 sha_ipad, sha_opad,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	175 SHA256_HMAC_INTS_PER_BLOCK,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	176 SHA256_HMAC_BLOCK_SIZE);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	177
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	178 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	179 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	180
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	181 case CKM_SHA384_HMAC:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	182 {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	183 uint64_t sha_ipad[SHA512_HMAC_INTS_PER_BLOCK];
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	184 uint64_t sha_opad[SHA512_HMAC_INTS_PER_BLOCK];
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	185
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	186 hmac_ctx->hmac_len = SHA384_DIGEST_LENGTH;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	187 bzero(sha_ipad, SHA512_HMAC_BLOCK_SIZE);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	188 bzero(sha_opad, SHA512_HMAC_BLOCK_SIZE);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	189
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	190 (void) memcpy(sha_ipad, secret_key, secret_key_length);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	191 (void) memcpy(sha_opad, secret_key, secret_key_length);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	192
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	193 sha2_hmac_ctx_init(CKM_TO_SHA2(mechanism),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	194 &hmac_ctx->hc_ctx_u.sha2_ctx,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	195 sha_ipad, sha_opad,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	196 SHA512_HMAC_INTS_PER_BLOCK,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	197 SHA512_HMAC_BLOCK_SIZE);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	198 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	199 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	200
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	201 case CKM_SHA512_HMAC:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	202 {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	203 uint64_t sha_ipad[SHA512_HMAC_INTS_PER_BLOCK];
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	204 uint64_t sha_opad[SHA512_HMAC_INTS_PER_BLOCK];
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	205
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	206 hmac_ctx->hmac_len = SHA512_DIGEST_LENGTH;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	207 bzero(sha_ipad, SHA512_HMAC_BLOCK_SIZE);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	208 bzero(sha_opad, SHA512_HMAC_BLOCK_SIZE);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	209
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	210 (void) memcpy(sha_ipad, secret_key, secret_key_length);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	211 (void) memcpy(sha_opad, secret_key, secret_key_length);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	212
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	213 sha2_hmac_ctx_init(CKM_TO_SHA2(mechanism),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	214 &hmac_ctx->hc_ctx_u.sha2_ctx,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	215 sha_ipad, sha_opad,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	216 SHA512_HMAC_INTS_PER_BLOCK,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	217 SHA512_HMAC_BLOCK_SIZE);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	218
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	219 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	220 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	221 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	222
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	223 return (hmac_ctx);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	224 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	225
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	226 CK_RV
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	227 fips_hmac_sha2_hash(unsigned char *hmac_computed,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	228 uint8_t *secret_key,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	229 unsigned int secret_key_length,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	230 uint8_t *message,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	231 unsigned int message_length,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	232 CK_MECHANISM_TYPE mechanism)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	233 {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	234
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	235 soft_hmac_ctx_t *hmac_ctx = NULL;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	236
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	237 hmac_ctx = fips_sha2_hmac_build_context(mechanism,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	238 secret_key, secret_key_length);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	239
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	240 if (hmac_ctx == NULL)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	241 return (CKR_HOST_MEMORY);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	242
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	243 switch (mechanism) {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	244 case CKM_SHA256_HMAC:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	245 if (message != NULL)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	246 SHA2Update(&(hmac_ctx->hc_ctx_u.sha2_ctx.hc_icontext),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	247 message, message_length);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	248
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	249 SOFT_MAC_FINAL_2(SHA256, &(hmac_ctx->hc_ctx_u.sha2_ctx),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	250 hmac_computed);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	251 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	252
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	253 case CKM_SHA384_HMAC:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	254 if (message != NULL)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	255 SHA2Update(&(hmac_ctx->hc_ctx_u.sha2_ctx.hc_icontext),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	256 message, message_length);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	257
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	258 SOFT_MAC_FINAL_2(SHA384, &(hmac_ctx->hc_ctx_u.sha2_ctx),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	259 hmac_computed);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	260 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	261
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	262 case CKM_SHA512_HMAC:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	263 if (message != NULL)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	264 SHA2Update(&(hmac_ctx->hc_ctx_u.sha2_ctx.hc_icontext),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	265 message, message_length);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	266
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	267 SOFT_MAC_FINAL_2(SHA512, &(hmac_ctx->hc_ctx_u.sha2_ctx),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	268 hmac_computed);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	269 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	270 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	271
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	272 free(hmac_ctx);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	273 return (CKR_OK);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	274 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	275
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	276 #else
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	277
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	278 /*
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	279 * Initialize a SHA2-HMAC context.
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	280 */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	281 void
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	282 sha2_mac_init_ctx(sha2_hmac_ctx_t ctx, void keyval, uint_t length_in_bytes)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	283 {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	284 uint64_t ipad[SHA512_HMAC_BLOCK_SIZE / sizeof (uint64_t)];
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	285 uint64_t opad[SHA512_HMAC_BLOCK_SIZE / sizeof (uint64_t)];
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	286 int i, block_size, blocks_per_int64;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	287
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	288 /* Determine the block size */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	289 if (ctx->hc_mech_type <= SHA256_HMAC_GEN_MECH_INFO_TYPE) {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	290 block_size = SHA256_HMAC_BLOCK_SIZE;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	291 blocks_per_int64 = SHA256_HMAC_BLOCK_SIZE / sizeof (uint64_t);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	292 } else {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	293 block_size = SHA512_HMAC_BLOCK_SIZE;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	294 blocks_per_int64 = SHA512_HMAC_BLOCK_SIZE / sizeof (uint64_t);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	295 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	296
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	297 (void) bzero(ipad, block_size);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	298 (void) bzero(opad, block_size);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	299 (void) bcopy(keyval, ipad, length_in_bytes);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	300 (void) bcopy(keyval, opad, length_in_bytes);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	301
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	302 /* XOR key with ipad (0x36) and opad (0x5c) */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	303 for (i = 0; i < blocks_per_int64; i ++) {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	304 ipad[i] ^= 0x3636363636363636;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	305 opad[i] ^= 0x5c5c5c5c5c5c5c5c;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	306 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	307
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	308 /* perform SHA2 on ipad */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	309 SHA2Init(ctx->hc_mech_type, &ctx->hc_icontext);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	310 SHA2Update(&ctx->hc_icontext, (uint8_t *)ipad, block_size);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	311
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	312 /* perform SHA2 on opad */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	313 SHA2Init(ctx->hc_mech_type, &ctx->hc_ocontext);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	314 SHA2Update(&ctx->hc_ocontext, (uint8_t *)opad, block_size);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	315
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	316 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	317
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	318 sha2_hmac_ctx_t *
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	319 fips_sha2_hmac_build_context(sha2_mech_t mechanism,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	320 uint8_t *secret_key,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	321 unsigned int secret_key_length)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	322 {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	323 sha2_hmac_ctx_t *sha2_hmac_ctx_tmpl;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	324
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	325 /*
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	326 * Allocate and initialize SHA2 context.
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	327 */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	328 sha2_hmac_ctx_tmpl = kmem_alloc(sizeof (sha2_hmac_ctx_t),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	329 KM_SLEEP);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	330 if (sha2_hmac_ctx_tmpl == NULL)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	331 return (NULL);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	332
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	333 switch (mechanism) {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	334 case SHA256_TYPE:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	335 sha2_hmac_ctx_tmpl->hc_mech_type =
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	336 SHA256_HMAC_MECH_INFO_TYPE;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	337 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	338
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	339 case SHA384_TYPE:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	340 sha2_hmac_ctx_tmpl->hc_mech_type =
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	341 SHA384_HMAC_MECH_INFO_TYPE;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	342 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	343
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	344 case SHA512_TYPE:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	345 sha2_hmac_ctx_tmpl->hc_mech_type =
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	346 SHA512_HMAC_MECH_INFO_TYPE;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	347 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	348 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	349
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	350 /*
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	351 * initialize ctx->hc_icontext and ctx->hc_ocontext
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	352 */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	353 sha2_mac_init_ctx(sha2_hmac_ctx_tmpl, secret_key,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	354 secret_key_length);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	355
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	356 return (sha2_hmac_ctx_tmpl);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	357 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	358
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	359 void
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	360 fips_hmac_sha2_hash(sha2_hmac_ctx_t *sha2_hmac_ctx,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	361 uint8_t *message,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	362 uint32_t message_len,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	363 uint8_t *hmac_computed,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	364 sha2_mech_t mechanism)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	365
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	366 {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	367
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	368 SHA2Update(&((sha2_hmac_ctx)->hc_icontext), message,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	369 message_len);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	370 SHA2Final(hmac_computed, &((sha2_hmac_ctx)->hc_icontext));
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	371
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	372 switch (mechanism) {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	373 case SHA256_TYPE:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	374 SHA2Update(&((sha2_hmac_ctx)->hc_ocontext),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	375 hmac_computed, SHA256_DIGEST_LENGTH);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	376 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	377
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	378 case SHA384_TYPE:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	379 SHA2Update(&((sha2_hmac_ctx)->hc_ocontext),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	380 hmac_computed, SHA384_DIGEST_LENGTH);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	381 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	382
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	383 case SHA512_TYPE:
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	384 SHA2Update(&((sha2_hmac_ctx)->hc_ocontext),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	385 hmac_computed, SHA512_DIGEST_LENGTH);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	386 break;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	387 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	388
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	389 SHA2Final(hmac_computed, &((sha2_hmac_ctx)->hc_ocontext));
10979 00cad6413daf 6897371 cryptoadm needs changes in order to support fips-140 mode in local zones Hai-May Chao <Hai-May.Chao@Sun.COM> parents: 10500 diff changeset	390
00cad6413daf 6897371 cryptoadm needs changes in order to support fips-140 mode in local zones Hai-May Chao <Hai-May.Chao@Sun.COM> parents: 10500 diff changeset	391 kmem_free(sha2_hmac_ctx, sizeof (sha2_hmac_ctx_t));
10500 a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	392 }
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	393
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	394 #endif
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	395
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	396 /*
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	397 * SHA2 Power-On SelfTest(s).
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	398 */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	399 int
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	400 fips_sha2_post(void)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	401 {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	402
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	403 /*
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	404 * SHA-256 Known Hash Message (512-bits).
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	405 * Source from NIST SHA256ShortMsg (Len = 512)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	406 */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	407 static uint8_t sha256_known_hash_message[] = {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	408 0x35, 0x92, 0xec, 0xfd, 0x1e, 0xac, 0x61, 0x8f,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	409 0xd3, 0x90, 0xe7, 0xa9, 0xc2, 0x4b, 0x65, 0x65,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	410 0x32, 0x50, 0x93, 0x67, 0xc2, 0x1a, 0x0e, 0xac,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	411 0x12, 0x12, 0xac, 0x83, 0xc0, 0xb2, 0x0c, 0xd8,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	412 0x96, 0xeb, 0x72, 0xb8, 0x01, 0xc4, 0xd2, 0x12,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	413 0xc5, 0x45, 0x2b, 0xbb, 0xf0, 0x93, 0x17, 0xb5,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	414 0x0c, 0x5c, 0x9f, 0xb1, 0x99, 0x75, 0x53, 0xd2,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	415 0xbb, 0xc2, 0x9b, 0xb4, 0x2f, 0x57, 0x48, 0xad
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	416 };
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	417
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	418 /* known SHA256 Digest Message (32 bytes) */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	419 static uint8_t known_sha256_digest[] = {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	420 0x10, 0x5a, 0x60, 0x86, 0x58, 0x30, 0xac, 0x3a,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	421 0x37, 0x1d, 0x38, 0x43, 0x32, 0x4d, 0x4b, 0xb5,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	422 0xfa, 0x8e, 0xc0, 0xe0, 0x2d, 0xda, 0xa3, 0x89,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	423 0xad, 0x8d, 0xa4, 0xf1, 0x02, 0x15, 0xc4, 0x54
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	424 };
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	425
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	426 /*
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	427 * SHA-384 Known Hash Message (512-bits).
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	428 * Source from NIST SHA384ShortMsg (Len = 512)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	429 */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	430 static uint8_t sha384_known_hash_message[] = {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	431 0x58, 0xbe, 0xab, 0xf9, 0x79, 0xab, 0x35, 0xab,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	432 0xba, 0x29, 0x37, 0x6d, 0x5d, 0xc2, 0x27, 0xab,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	433 0xb3, 0xd2, 0xff, 0x4d, 0x90, 0x30, 0x49, 0x82,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	434 0xfc, 0x10, 0x79, 0xbc, 0x2b, 0x28, 0x80, 0xfc,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	435 0xb0, 0x12, 0x9e, 0x4f, 0xed, 0xf2, 0x78, 0x98,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	436 0xce, 0x58, 0x6a, 0x91, 0xb7, 0x68, 0x1e, 0x0d,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	437 0xba, 0x38, 0x5e, 0x80, 0x0e, 0x79, 0x26, 0xc0,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	438 0xbc, 0x5a, 0xfe, 0x0d, 0x9c, 0xa9, 0x86, 0x50
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	439 };
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	440
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	441 /* known SHA384 Digest Message (48 bytes) */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	442 static uint8_t known_sha384_digest[] = {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	443 0xa0, 0x88, 0x8e, 0x1c, 0x4d, 0x7e, 0x80, 0xcb,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	444 0xaa, 0xaf, 0xa8, 0xbb, 0x1c, 0xa1, 0xca, 0x91,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	445 0x2a, 0x93, 0x21, 0x75, 0xc2, 0xef, 0x98, 0x2c,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	446 0xe1, 0xf1, 0x23, 0xa8, 0xc1, 0xae, 0xe9, 0x63,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	447 0x5a, 0xd7, 0x5b, 0xe5, 0x25, 0x90, 0xa9, 0x24,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	448 0xbe, 0xd3, 0xf5, 0xec, 0x36, 0xc3, 0x56, 0x90
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	449 };
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	450
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	451 /*
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	452 * SHA-512 Known Hash Message (512-bits).
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	453 * Source from NIST SHA512ShortMsg (Len = 512)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	454 */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	455 static uint8_t sha512_known_hash_message[] = {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	456 0x09, 0x5c, 0x7f, 0x30, 0x82, 0x4f, 0xc9, 0x28,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	457 0x58, 0xcc, 0x93, 0x47, 0xc0, 0x85, 0xd5, 0x78,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	458 0x88, 0x5f, 0xf3, 0x61, 0x4d, 0xd3, 0x8e, 0xe7,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	459 0xee, 0x94, 0xa0, 0xf4, 0x40, 0x72, 0xc8, 0x77,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	460 0x04, 0x7e, 0xe2, 0xad, 0x16, 0x6f, 0xdb, 0xa0,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	461 0xe7, 0x44, 0xc3, 0xed, 0x2c, 0x2b, 0x24, 0xc9,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	462 0xd8, 0xa2, 0x93, 0x46, 0x48, 0xdc, 0x84, 0xd3,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	463 0xbe, 0x66, 0x63, 0x02, 0x11, 0x0a, 0xe0, 0x8f
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	464 };
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	465
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	466 /* known SHA512 Digest Message (64 bytes) */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	467 static uint8_t known_sha512_digest[] = {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	468 0xd5, 0xcd, 0xaf, 0x83, 0xbb, 0x4a, 0x27, 0xea,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	469 0xad, 0x8d, 0x8f, 0x18, 0xe4, 0xbe, 0xe9, 0xc2,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	470 0x5b, 0xe9, 0x49, 0xa7, 0x61, 0xa0, 0xfd, 0x0f,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	471 0xb2, 0x28, 0x4c, 0xab, 0x14, 0x3c, 0xad, 0x60,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	472 0xbe, 0xb5, 0x68, 0x87, 0x34, 0xb2, 0xf8, 0x1e,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	473 0x9e, 0x2d, 0x64, 0x0b, 0x42, 0x5f, 0xd3, 0x2c,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	474 0xcb, 0x3d, 0x20, 0xd0, 0x2d, 0x63, 0xc2, 0xc9,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	475 0x4c, 0x03, 0xab, 0x3d, 0x9e, 0x7d, 0x9b, 0x4a
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	476 };
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	477
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	478 /* SHA-2 HMAC Test Vectors */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	479
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	480 /*
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	481 * SHA-256 HMAC Known Hash Message (512-bits).
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	482 */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	483 static uint8_t sha256_hmac_known_hash_message[] = {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	484 0x54, 0x68, 0x65, 0x20, 0x74, 0x65, 0x73, 0x74,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	485 0x20, 0x6D, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	486 0x20, 0x66, 0x6F, 0x72, 0x20, 0x74, 0x68, 0x65,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	487 0x20, 0x4D, 0x44, 0x32, 0x2C, 0x20, 0x4D, 0x44,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	488 0x35, 0x2C, 0x20, 0x61, 0x6E, 0x64, 0x20, 0x53,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	489 0x48, 0x41, 0x2D, 0x31, 0x20, 0x68, 0x61, 0x73,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	490 0x68, 0x69, 0x6E, 0x67, 0x20, 0x61, 0x6C, 0x67,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	491 0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D, 0x73, 0x2E
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	492 };
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	493
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	494 static uint8_t sha256_hmac_known_secret_key[] = {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	495 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	496 0x74, 0x68, 0x65, 0x20, 0x53, 0x48, 0x41, 0x2D,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	497 0x32, 0x35, 0x36, 0x20, 0x48, 0x4D, 0x41, 0x43,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	498 0x20, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x20,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	499 0x6B, 0x65, 0x79, 0x21
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	500 };
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	501
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	502 static uint8_t sha256_hmac_known_secret_key_length
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	503 = sizeof (sha256_hmac_known_secret_key);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	504
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	505
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	506 /* known SHA256 hmac (32 bytes) */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	507 static uint8_t known_sha256_hmac[] = {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	508 0x02, 0x87, 0x21, 0x93, 0x84, 0x8a, 0x35, 0xae,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	509 0xdb, 0xb6, 0x79, 0x26, 0x96, 0xf0, 0x50, 0xeb,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	510 0x33, 0x49, 0x57, 0xf1, 0xb2, 0x32, 0xd3, 0x63,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	511 0x03, 0x65, 0x57, 0xa2, 0xba, 0xa2, 0x5f, 0x35
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	512 };
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	513
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	514 /*
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	515 * SHA-384 HMAC Known Hash Message (512-bits).
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	516 * Source from NIST HMAC.txt (Count = 15, Klen = 16, Tlen = 48)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	517 */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	518 static uint8_t sha384_hmac_known_secret_key[] = {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	519 0x01, 0xac, 0x59, 0xf4, 0x2f, 0x8b, 0xb9, 0x1d,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	520 0x1b, 0xd1, 0x0f, 0xe6, 0x99, 0x0d, 0x7a, 0x87
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	521 };
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	522
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	523 static uint8_t sha384_hmac_known_secret_key_length
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	524 = sizeof (sha384_hmac_known_secret_key);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	525
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	526 static uint8_t sha384_hmac_known_hash_message[] = {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	527 0x3c, 0xaf, 0x18, 0xc4, 0x76, 0xed, 0xd5, 0x61,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	528 0x5f, 0x34, 0x3a, 0xc7, 0xb7, 0xd3, 0xa9, 0xda,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	529 0x9e, 0xfa, 0xde, 0x75, 0x56, 0x72, 0xd5, 0xba,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	530 0x4b, 0x8a, 0xe8, 0xa7, 0x50, 0x55, 0x39, 0xea,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	531 0x2c, 0x12, 0x4f, 0xf7, 0x55, 0xec, 0x04, 0x57,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	532 0xfb, 0xe4, 0x9e, 0x43, 0x48, 0x0b, 0x3c, 0x71,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	533 0xe7, 0xf4, 0x74, 0x2e, 0xc3, 0x69, 0x3a, 0xad,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	534 0x11, 0x5d, 0x03, 0x9f, 0x90, 0x22, 0x2b, 0x03,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	535 0x0f, 0xdc, 0x94, 0x40, 0x31, 0x36, 0x91, 0x71,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	536 0x6d, 0x53, 0x02, 0x00, 0x58, 0x08, 0xc0, 0x76,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	537 0x27, 0x48, 0x3b, 0x91, 0x6f, 0xdf, 0x61, 0x98,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	538 0x30, 0x63, 0xc2, 0xeb, 0x12, 0x68, 0xf2, 0xde,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	539 0xee, 0xf4, 0x2f, 0xc7, 0x90, 0x33, 0x44, 0x56,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	540 0xbc, 0x6b, 0xad, 0x25, 0x6e, 0x31, 0xfc, 0x90,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	541 0x66, 0xde, 0x7c, 0xc7, 0xe4, 0x3d, 0x13, 0x21,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	542 0xb1, 0x86, 0x6d, 0xb4, 0x5e, 0x90, 0x56, 0x22
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	543 };
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	544
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	545 /* known SHA384 hmac (48 bytes) */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	546 static uint8_t known_sha384_hmac[] = {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	547 0x19, 0x85, 0xfa, 0x21, 0x63, 0xa5, 0x94, 0x3f,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	548 0xc5, 0xd9, 0x2f, 0x1f, 0xe8, 0x83, 0x12, 0x15,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	549 0xe7, 0xe9, 0x1f, 0x0b, 0xff, 0x53, 0x32, 0xbc,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	550 0x71, 0x3a, 0x07, 0x2b, 0xdb, 0x3a, 0x8f, 0x9e,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	551 0x5c, 0x51, 0x57, 0x46, 0x3a, 0x3b, 0xfe, 0xb3,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	552 0x62, 0x31, 0x41, 0x6e, 0x65, 0x97, 0x3e, 0x64
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	553 };
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	554
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	555 /*
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	556 * SHA-512 HMAC Known Hash Message (512-bits).
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	557 * Source from NIST HMAC.txt (Count = 30, Klen = 20, Tlen = 64)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	558 */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	559 static uint8_t sha512_hmac_known_secret_key[] = {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	560 0xa7, 0x36, 0xf2, 0x74, 0xfd, 0xa6, 0x8e, 0x1b,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	561 0xd5, 0xf9, 0x47, 0x1e, 0x85, 0xfd, 0x41, 0x5d,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	562 0x7f, 0x2b, 0xa1, 0xbc
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	563 };
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	564
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	565 static uint8_t sha512_hmac_known_secret_key_length
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	566 = sizeof (sha512_hmac_known_secret_key);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	567
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	568 static uint8_t sha512_hmac_known_hash_message[] = {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	569 0xa6, 0xcc, 0xc3, 0x55, 0x2c, 0x33, 0xe9, 0x17,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	570 0x8b, 0x6b, 0x82, 0xc6, 0x53, 0xd6, 0x3d, 0xe2,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	571 0x54, 0x0f, 0x17, 0x08, 0x07, 0xc3, 0xd9, 0x6a,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	572 0x2a, 0xc2, 0xe2, 0x7d, 0xab, 0x55, 0x26, 0xf1,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	573 0xc7, 0xd3, 0x77, 0xe6, 0x73, 0x6f, 0x04, 0x5d,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	574 0xfb, 0x54, 0x1f, 0xec, 0xe9, 0xf4, 0x43, 0xb7,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	575 0x28, 0x9c, 0x55, 0x9b, 0x69, 0x4c, 0x2a, 0xac,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	576 0xc6, 0xc7, 0x4a, 0xe2, 0xa5, 0xe6, 0xf3, 0x0f,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	577 0xe0, 0x31, 0x61, 0x14, 0x23, 0xb0, 0x4d, 0x55,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	578 0x95, 0xff, 0xb4, 0x6a, 0xba, 0xa1, 0xd9, 0x18,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	579 0x98, 0x96, 0x8d, 0x7f, 0x18, 0x30, 0xae, 0x94,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	580 0xb0, 0x22, 0xee, 0xd2, 0x3f, 0xda, 0xd5, 0x2d,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	581 0x38, 0x11, 0x0a, 0x48, 0x03, 0xa0, 0xce, 0xe7,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	582 0xa0, 0x95, 0xc9, 0xa7, 0x8e, 0x86, 0x09, 0xed,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	583 0xeb, 0x25, 0x48, 0x1c, 0xdc, 0x15, 0x6d, 0x0b,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	584 0x2f, 0xfc, 0x56, 0xb6, 0x3f, 0xda, 0xd5, 0x33
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	585 };
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	586
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	587 /* known SHA512 hmac (64 bytes) */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	588 static uint8_t known_sha512_hmac[] = {
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	589 0xf7, 0x18, 0x03, 0x43, 0x1e, 0x07, 0xa5, 0xa6,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	590 0xe5, 0xfd, 0x4a, 0xe4, 0xcf, 0xc2, 0x75, 0x3b,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	591 0xc8, 0x0d, 0x26, 0xe1, 0x67, 0x23, 0xd9, 0xe8,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	592 0x8b, 0x40, 0x5a, 0x02, 0x34, 0x8e, 0xf4, 0xb9,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	593 0x67, 0x92, 0xc9, 0x9c, 0xed, 0x64, 0xdc, 0x70,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	594 0xea, 0x47, 0x53, 0x78, 0xb7, 0x46, 0x6a, 0xc2,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	595 0xca, 0xf4, 0xa4, 0x20, 0xb0, 0x1f, 0xf6, 0x1e,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	596 0x72, 0xc5, 0xb5, 0xee, 0x8e, 0xaa, 0xd4, 0xd4
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	597 };
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	598
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	599 /* SHA-2 variables. */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	600 uint8_t sha256_computed_digest[SHA256_DIGEST_LENGTH];
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	601 uint8_t sha384_computed_digest[SHA384_DIGEST_LENGTH];
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	602 uint8_t sha512_computed_digest[SHA512_DIGEST_LENGTH];
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	603
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	604 uint8_t hmac_computed[SHA512_DIGEST_LENGTH];
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	605 SHA2_CTX *sha2_context = NULL;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	606
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	607 #ifdef _KERNEL
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	608 sha2_hmac_ctx_t *sha2_hmac_ctx;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	609 #endif
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	610
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	611 int rv;
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	612
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	613 /*
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	614 * SHA-2 Known Answer Hashing Test.
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	615 */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	616
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	617 /* SHA-256 POST */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	618
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	619 #ifdef _KERNEL
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	620 sha2_context = fips_sha2_build_context(SHA256_TYPE);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	621 #else
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	622 sha2_context = fips_sha2_build_context(CKM_SHA256);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	623 #endif
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	624
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	625 if (sha2_context == NULL)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	626 return (CKR_HOST_MEMORY);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	627
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	628 rv = fips_sha2_hash(sha2_context,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	629 sha256_known_hash_message,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	630 FIPS_KNOWN_HMAC_MESSAGE_LENGTH,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	631 sha256_computed_digest);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	632
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	633 if ((rv != CKR_OK) \|\|
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	634 (memcmp(sha256_computed_digest, known_sha256_digest,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	635 SHA256_DIGEST_LENGTH) != 0))
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	636 return (CKR_DEVICE_ERROR);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	637
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	638 /* SHA-384 POST */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	639
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	640 #ifdef _KERNEL
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	641 sha2_context = fips_sha2_build_context(SHA384_TYPE);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	642 #else
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	643 sha2_context = fips_sha2_build_context(CKM_SHA384);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	644 #endif
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	645
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	646 if (sha2_context == NULL)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	647 return (CKR_HOST_MEMORY);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	648
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	649 rv = fips_sha2_hash(sha2_context,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	650 sha384_known_hash_message,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	651 FIPS_KNOWN_HMAC_MESSAGE_LENGTH,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	652 sha384_computed_digest);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	653
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	654 if ((rv != CKR_OK) \|\|
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	655 (memcmp(sha384_computed_digest, known_sha384_digest,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	656 SHA384_DIGEST_LENGTH) != 0))
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	657 return (CKR_DEVICE_ERROR);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	658
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	659 /* SHA-512 POST */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	660
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	661 #ifdef _KERNEL
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	662 sha2_context = fips_sha2_build_context(SHA512_TYPE);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	663 #else
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	664 sha2_context = fips_sha2_build_context(CKM_SHA512);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	665 #endif
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	666
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	667 if (sha2_context == NULL)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	668 return (CKR_HOST_MEMORY);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	669
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	670 rv = fips_sha2_hash(sha2_context,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	671 sha512_known_hash_message,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	672 FIPS_KNOWN_HMAC_MESSAGE_LENGTH,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	673 sha512_computed_digest);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	674
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	675 if ((rv != CKR_OK) \|\|
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	676 (memcmp(sha512_computed_digest, known_sha512_digest,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	677 SHA512_DIGEST_LENGTH) != 0))
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	678 return (CKR_DEVICE_ERROR);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	679
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	680 /*
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	681 * SHA-2 HMAC Known Answer Hashing Test.
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	682 */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	683
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	684 /* HMAC SHA-256 POST */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	685
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	686 #ifdef _KERNEL
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	687 sha2_hmac_ctx = fips_sha2_hmac_build_context(
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	688 SHA256_TYPE,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	689 sha256_hmac_known_secret_key,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	690 sha256_hmac_known_secret_key_length);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	691
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	692 if (sha2_hmac_ctx == NULL)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	693 return (CKR_HOST_MEMORY);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	694
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	695 fips_hmac_sha2_hash(sha2_hmac_ctx,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	696 sha256_hmac_known_hash_message,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	697 FIPS_KNOWN_HMAC_MESSAGE_LENGTH,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	698 hmac_computed,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	699 SHA256_TYPE);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	700
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	701 if (memcmp(hmac_computed, known_sha256_hmac,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	702 SHA256_DIGEST_LENGTH) != 0)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	703 return (CKR_DEVICE_ERROR);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	704
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	705 #else
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	706 rv = fips_hmac_sha2_hash(hmac_computed,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	707 sha256_hmac_known_secret_key,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	708 sha256_hmac_known_secret_key_length,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	709 sha256_hmac_known_hash_message,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	710 FIPS_KNOWN_HMAC_MESSAGE_LENGTH,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	711 CKM_SHA256_HMAC);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	712
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	713 if ((rv != CKR_OK) \|\|
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	714 (memcmp(hmac_computed, known_sha256_hmac,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	715 SHA256_DIGEST_LENGTH) != 0))
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	716 return (CKR_DEVICE_ERROR);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	717
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	718 #endif
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	719
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	720 /* HMAC SHA-384 POST */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	721
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	722 #ifdef _KERNEL
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	723 sha2_hmac_ctx = fips_sha2_hmac_build_context(
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	724 SHA384_TYPE,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	725 sha384_hmac_known_secret_key,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	726 sha384_hmac_known_secret_key_length);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	727
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	728 if (sha2_hmac_ctx == NULL)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	729 return (CKR_HOST_MEMORY);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	730
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	731 fips_hmac_sha2_hash(sha2_hmac_ctx,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	732 sha384_hmac_known_hash_message,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	733 sizeof (sha384_hmac_known_hash_message),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	734 hmac_computed,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	735 SHA384_TYPE);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	736
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	737 if (memcmp(hmac_computed, known_sha384_hmac,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	738 SHA384_DIGEST_LENGTH) != 0)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	739 return (CKR_DEVICE_ERROR);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	740 #else
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	741 rv = fips_hmac_sha2_hash(hmac_computed,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	742 sha384_hmac_known_secret_key,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	743 sha384_hmac_known_secret_key_length,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	744 sha384_hmac_known_hash_message,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	745 sizeof (sha384_hmac_known_hash_message),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	746 CKM_SHA384_HMAC);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	747
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	748 if ((rv != CKR_OK) \|\|
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	749 (memcmp(hmac_computed, known_sha384_hmac,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	750 SHA384_DIGEST_LENGTH) != 0))
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	751 return (CKR_DEVICE_ERROR);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	752
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	753 #endif
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	754
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	755 /* HMAC SHA-512 POST */
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	756
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	757 #ifdef _KERNEL
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	758 sha2_hmac_ctx = fips_sha2_hmac_build_context(
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	759 SHA512_TYPE,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	760 sha512_hmac_known_secret_key,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	761 sha512_hmac_known_secret_key_length);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	762
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	763 if (sha2_hmac_ctx == NULL)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	764 return (CKR_HOST_MEMORY);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	765
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	766 fips_hmac_sha2_hash(sha2_hmac_ctx,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	767 sha512_hmac_known_hash_message,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	768 sizeof (sha512_hmac_known_hash_message),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	769 hmac_computed,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	770 SHA512_TYPE);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	771
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	772 if (memcmp(hmac_computed, known_sha512_hmac,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	773 SHA512_DIGEST_LENGTH) != 0)
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	774 return (CKR_DEVICE_ERROR);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	775
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	776 #else
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	777 rv = fips_hmac_sha2_hash(hmac_computed,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	778 sha512_hmac_known_secret_key,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	779 sha512_hmac_known_secret_key_length,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	780 sha512_hmac_known_hash_message,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	781 sizeof (sha512_hmac_known_hash_message),
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	782 CKM_SHA512_HMAC);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	783
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	784 if ((rv != CKR_OK) \|\|
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	785 (memcmp(hmac_computed, known_sha512_hmac,
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	786 SHA512_DIGEST_LENGTH) != 0))
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	787 return (CKR_DEVICE_ERROR);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	788
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	789 #endif
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	790
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	791 return (CKR_OK);
a10fbcfc2f21 PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode Hai-May Chao <Hai-May.Chao@Sun.COM> parents: diff changeset	792 }

Mercurial > illumos > illumos-gate

annotate usr/src/common/crypto/fips/fips_sha2_util.c @ 10979:00cad6413daf