2013-09-13 19:47:00 +00:00
|
|
|
/*
|
2019-08-23 16:23:39 +00:00
|
|
|
* Copyright (c)2019 ZeroTier, Inc.
|
2013-09-13 19:47:00 +00:00
|
|
|
*
|
2019-08-23 16:23:39 +00:00
|
|
|
* Use of this software is governed by the Business Source License included
|
|
|
|
|
* in the LICENSE.TXT file in the project's root directory.
|
2013-09-13 19:47:00 +00:00
|
|
|
*
|
2019-08-23 16:23:39 +00:00
|
|
|
* Change Date: 2023-01-01
|
2013-09-13 19:47:00 +00:00
|
|
|
*
|
2019-08-23 16:23:39 +00:00
|
|
|
* On the date above, in accordance with the Business Source License, use
|
|
|
|
|
* of this software will be governed by version 2.0 of the Apache License.
|
2013-09-13 19:47:00 +00:00
|
|
|
*/
|
2019-08-23 16:23:39 +00:00
|
|
|
/****/
|
2013-09-13 19:47:00 +00:00
|
|
|
|
2013-12-07 00:49:20 +00:00
|
|
|
#ifndef ZT_SHA512_HPP
|
|
|
|
|
#define ZT_SHA512_HPP
|
2013-09-13 19:47:00 +00:00
|
|
|
|
2019-08-20 20:32:23 +00:00
|
|
|
#include "Constants.hpp"
|
|
|
|
|
|
|
|
|
|
#ifdef __APPLE__
|
|
|
|
|
#include <CommonCrypto/CommonDigest.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef ZT_USE_LIBCRYPTO
|
|
|
|
|
#include <openssl/sha.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
2013-09-13 19:47:00 +00:00
|
|
|
#define ZT_SHA512_DIGEST_LEN 64
|
2019-08-20 20:32:23 +00:00
|
|
|
#define ZT_SHA384_DIGEST_LEN 48
|
2013-09-13 19:47:00 +00:00
|
|
|
|
2019-08-23 15:41:22 +00:00
|
|
|
#define ZT_SHA512_BLOCK_SIZE 128
|
|
|
|
|
#define ZT_SHA384_BLOCK_SIZE 128
|
|
|
|
|
|
|
|
|
|
#define ZT_HMACSHA384_LEN 48
|
|
|
|
|
|
2019-09-05 18:39:16 +00:00
|
|
|
#define ZT_PROTO_KBKDF_LABEL_KEY_USE_HMAC 'H'
|
|
|
|
|
#define ZT_PROTO_KBKDF_LABEL_KEY_USE_AES_GMAC_SIV_K1 '1'
|
|
|
|
|
#define ZT_PROTO_KBKDF_LABEL_KEY_USE_AES_GMAC_SIV_K2 '2'
|
|
|
|
|
#define ZT_PROTO_KBKDF_LABEL_KEY_USE_AES_GMAC_SIV_K3 '3'
|
|
|
|
|
#define ZT_PROTO_KBKDF_LABEL_KEY_USE_AES_GMAC_SIV_K4 '4'
|
|
|
|
|
|
2013-09-13 19:47:00 +00:00
|
|
|
namespace ZeroTier {
|
|
|
|
|
|
2019-08-20 20:32:23 +00:00
|
|
|
#ifdef __APPLE__
|
|
|
|
|
#define ZT_HAVE_NATIVE_SHA512 1
|
2019-08-27 03:18:28 +00:00
|
|
|
static ZT_ALWAYS_INLINE void SHA512(void *digest,const void *data,unsigned int len)
|
2019-08-20 20:32:23 +00:00
|
|
|
{
|
|
|
|
|
CC_SHA512_CTX ctx;
|
|
|
|
|
CC_SHA512_Init(&ctx);
|
|
|
|
|
CC_SHA512_Update(&ctx,data,len);
|
|
|
|
|
CC_SHA512_Final(reinterpret_cast<unsigned char *>(digest),&ctx);
|
|
|
|
|
}
|
2019-08-27 03:18:28 +00:00
|
|
|
static ZT_ALWAYS_INLINE void SHA384(void *digest,const void *data,unsigned int len)
|
2019-08-20 20:32:23 +00:00
|
|
|
{
|
|
|
|
|
CC_SHA512_CTX ctx;
|
|
|
|
|
CC_SHA384_Init(&ctx);
|
|
|
|
|
CC_SHA384_Update(&ctx,data,len);
|
|
|
|
|
CC_SHA384_Final(reinterpret_cast<unsigned char *>(digest),&ctx);
|
|
|
|
|
}
|
2019-08-27 03:18:28 +00:00
|
|
|
static ZT_ALWAYS_INLINE void SHA384(void *digest,const void *data0,unsigned int len0,const void *data1,unsigned int len1)
|
2019-08-23 15:41:22 +00:00
|
|
|
{
|
|
|
|
|
CC_SHA512_CTX ctx;
|
|
|
|
|
CC_SHA384_Init(&ctx);
|
|
|
|
|
CC_SHA384_Update(&ctx,data0,len0);
|
|
|
|
|
CC_SHA384_Update(&ctx,data1,len1);
|
|
|
|
|
CC_SHA384_Final(reinterpret_cast<unsigned char *>(digest),&ctx);
|
|
|
|
|
}
|
2019-08-20 20:32:23 +00:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef ZT_USE_LIBCRYPTO
|
|
|
|
|
#define ZT_HAVE_NATIVE_SHA512 1
|
2019-08-27 03:18:28 +00:00
|
|
|
static ZT_ALWAYS_INLINE void SHA512(void *digest,const void *data,unsigned int len)
|
2019-08-20 20:32:23 +00:00
|
|
|
{
|
|
|
|
|
SHA512_CTX ctx;
|
|
|
|
|
SHA512_Init(&ctx);
|
|
|
|
|
SHA512_Update(&ctx,data,len);
|
|
|
|
|
SHA512_Final(reinterpret_cast<unsigned char *>(digest),&ctx);
|
|
|
|
|
}
|
2019-08-27 03:18:28 +00:00
|
|
|
static ZT_ALWAYS_INLINE void SHA384(void *digest,const void *data,unsigned int len)
|
2019-08-20 20:32:23 +00:00
|
|
|
{
|
|
|
|
|
SHA512_CTX ctx;
|
|
|
|
|
SHA384_Init(&ctx);
|
|
|
|
|
SHA384_Update(&ctx,data,len);
|
|
|
|
|
SHA384_Final(reinterpret_cast<unsigned char *>(digest),&ctx);
|
|
|
|
|
}
|
2019-08-27 03:18:28 +00:00
|
|
|
static ZT_ALWAYS_INLINE void SHA384(void *digest,const void *data0,unsigned int len0,const void *data1,unsigned int len1)
|
2019-08-23 15:41:22 +00:00
|
|
|
{
|
|
|
|
|
SHA512_CTX ctx;
|
|
|
|
|
SHA384_Init(&ctx);
|
|
|
|
|
SHA384_Update(&ctx,data0,len0);
|
|
|
|
|
SHA384_Update(&ctx,data1,len1);
|
|
|
|
|
SHA384_Final(reinterpret_cast<unsigned char *>(digest),&ctx);
|
|
|
|
|
}
|
2019-08-20 20:32:23 +00:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifndef ZT_HAVE_NATIVE_SHA512
|
2019-08-07 21:41:58 +00:00
|
|
|
void SHA512(void *digest,const void *data,unsigned int len);
|
|
|
|
|
void SHA384(void *digest,const void *data,unsigned int len);
|
2019-08-26 19:17:23 +00:00
|
|
|
void SHA384(void *digest,const void *data0,unsigned int len0,const void *data1,unsigned int len1);
|
2019-08-20 20:32:23 +00:00
|
|
|
#endif
|
2013-09-13 19:47:00 +00:00
|
|
|
|
2019-09-04 22:22:15 +00:00
|
|
|
/**
|
|
|
|
|
* Compute HMAC SHA-384 using a 256-bit key
|
|
|
|
|
*
|
|
|
|
|
* @param key Secret key
|
|
|
|
|
* @param msg Message to HMAC
|
|
|
|
|
* @param msglen Length of message
|
|
|
|
|
* @param mac Buffer to fill with result
|
|
|
|
|
*/
|
|
|
|
|
void HMACSHA384(const uint8_t key[32],const void *msg,const unsigned int msglen,uint8_t mac[48]);
|
2019-08-23 15:41:22 +00:00
|
|
|
|
2019-09-05 18:39:16 +00:00
|
|
|
/**
|
|
|
|
|
* Compute KBKDF (key-based key derivation function) using HMAC-SHA-384 as a PRF
|
|
|
|
|
*
|
|
|
|
|
* @param key Source master key
|
|
|
|
|
* @param label A label indicating the key's purpose in the ZeroTier system
|
|
|
|
|
* @param context An arbitrary "context" or zero if not applicable
|
|
|
|
|
* @param iter Key iteration for generation of multiple keys for the same label/context
|
|
|
|
|
* @param out Output to receive derived key
|
|
|
|
|
*/
|
|
|
|
|
void KBKDFHMACSHA384(const uint8_t key[32],const char label,const char context,const uint32_t iter,uint8_t out[32]);
|
|
|
|
|
|
2013-09-13 19:47:00 +00:00
|
|
|
} // namespace ZeroTier
|
|
|
|
|
|
|
|
|
|
#endif
|
