mirror of
https://github.com/ipxe/ipxe
synced 2026-07-01 00:04:54 +03:00
[tls] Split out hybrid MD5+SHA1 algorithm used in TLS version 1.1
Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
@@ -0,0 +1,85 @@
|
||||
/*
|
||||
* Copyright (C) 2026 Michael Brown <mbrown@fensystems.co.uk>.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License as
|
||||
* published by the Free Software Foundation; either version 2 of the
|
||||
* License, or any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
* 02110-1301, USA.
|
||||
*
|
||||
* You can also choose to distribute this program under the terms of
|
||||
* the Unmodified Binary Distribution Licence (as given in the file
|
||||
* COPYING.UBDL), provided that you have satisfied its requirements.
|
||||
*/
|
||||
|
||||
FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
|
||||
FILE_SECBOOT ( PERMITTED );
|
||||
|
||||
/** @file
|
||||
*
|
||||
* Hybrid MD5+SHA1 hash as used by TLSv1.1 and earlier
|
||||
*
|
||||
*/
|
||||
|
||||
#include <ipxe/crypto.h>
|
||||
#include <ipxe/md5_sha1.h>
|
||||
|
||||
/**
|
||||
* Initialise MD5+SHA1 algorithm
|
||||
*
|
||||
* @v ctx MD5+SHA1 context
|
||||
*/
|
||||
static void md5_sha1_init ( void *ctx ) {
|
||||
struct md5_sha1_context *context = ctx;
|
||||
|
||||
digest_init ( &md5_algorithm, context->md5 );
|
||||
digest_init ( &sha1_algorithm, context->sha1 );
|
||||
}
|
||||
|
||||
/**
|
||||
* Accumulate data with MD5+SHA1 algorithm
|
||||
*
|
||||
* @v ctx MD5+SHA1 context
|
||||
* @v data Data
|
||||
* @v len Length of data
|
||||
*/
|
||||
static void md5_sha1_update ( void *ctx, const void *data, size_t len ) {
|
||||
struct md5_sha1_context *context = ctx;
|
||||
|
||||
digest_update ( &md5_algorithm, context->md5, data, len );
|
||||
digest_update ( &sha1_algorithm, context->sha1, data, len );
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate MD5+SHA1 digest
|
||||
*
|
||||
* @v ctx MD5+SHA1 context
|
||||
* @v out Output buffer
|
||||
*/
|
||||
static void md5_sha1_final ( void *ctx, void *out ) {
|
||||
struct md5_sha1_context *context = ctx;
|
||||
struct md5_sha1_digest *digest = out;
|
||||
|
||||
digest_final ( &md5_algorithm, context->md5, digest->md5 );
|
||||
digest_final ( &sha1_algorithm, context->sha1, digest->sha1 );
|
||||
}
|
||||
|
||||
/** Hybrid MD5+SHA1 digest algorithm */
|
||||
struct digest_algorithm md5_sha1_algorithm = {
|
||||
.name = "md5+sha1",
|
||||
.ctxsize = sizeof ( struct md5_sha1_context ),
|
||||
.blocksize = 0, /* Not applicable */
|
||||
.digestsize = sizeof ( struct md5_sha1_digest ),
|
||||
.init = md5_sha1_init,
|
||||
.update = md5_sha1_update,
|
||||
.final = md5_sha1_final,
|
||||
};
|
||||
@@ -0,0 +1,42 @@
|
||||
#ifndef _IPXE_MD5_SHA1_H
|
||||
#define _IPXE_MD5_SHA1_H
|
||||
|
||||
/** @file
|
||||
*
|
||||
* Hybrid MD5+SHA1 hash as used by TLSv1.1 and earlier
|
||||
*
|
||||
*/
|
||||
|
||||
FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
|
||||
FILE_SECBOOT ( PERMITTED );
|
||||
|
||||
#include <stdint.h>
|
||||
#include <ipxe/crypto.h>
|
||||
#include <ipxe/md5.h>
|
||||
#include <ipxe/sha1.h>
|
||||
|
||||
/** An MD5+SHA1 context */
|
||||
struct md5_sha1_context {
|
||||
/** MD5 context */
|
||||
uint8_t md5[MD5_CTX_SIZE];
|
||||
/** SHA-1 context */
|
||||
uint8_t sha1[SHA1_CTX_SIZE];
|
||||
} __attribute__ (( packed ));
|
||||
|
||||
/** MD5+SHA1 context size */
|
||||
#define MD5_SHA1_CTX_SIZE sizeof ( struct md5_sha1_context )
|
||||
|
||||
/** An MD5+SHA1 digest */
|
||||
struct md5_sha1_digest {
|
||||
/** MD5 digest */
|
||||
uint8_t md5[MD5_DIGEST_SIZE];
|
||||
/** SHA-1 digest */
|
||||
uint8_t sha1[SHA1_DIGEST_SIZE];
|
||||
} __attribute__ (( packed ));
|
||||
|
||||
/** MD5+SHA1 digest size */
|
||||
#define MD5_SHA1_DIGEST_SIZE sizeof ( struct md5_sha1_digest )
|
||||
|
||||
extern struct digest_algorithm md5_sha1_algorithm;
|
||||
|
||||
#endif /* _IPXE_MD5_SHA1_H */
|
||||
@@ -307,28 +307,6 @@ struct tls_client_random {
|
||||
uint8_t random[32];
|
||||
} __attribute__ (( packed ));
|
||||
|
||||
/** An MD5+SHA1 context */
|
||||
struct md5_sha1_context {
|
||||
/** MD5 context */
|
||||
uint8_t md5[MD5_CTX_SIZE];
|
||||
/** SHA-1 context */
|
||||
uint8_t sha1[SHA1_CTX_SIZE];
|
||||
} __attribute__ (( packed ));
|
||||
|
||||
/** MD5+SHA1 context size */
|
||||
#define MD5_SHA1_CTX_SIZE sizeof ( struct md5_sha1_context )
|
||||
|
||||
/** An MD5+SHA1 digest */
|
||||
struct md5_sha1_digest {
|
||||
/** MD5 digest */
|
||||
uint8_t md5[MD5_DIGEST_SIZE];
|
||||
/** SHA-1 digest */
|
||||
uint8_t sha1[SHA1_DIGEST_SIZE];
|
||||
} __attribute__ (( packed ));
|
||||
|
||||
/** MD5+SHA1 digest size */
|
||||
#define MD5_SHA1_DIGEST_SIZE sizeof ( struct md5_sha1_digest )
|
||||
|
||||
/** A TLS session */
|
||||
struct tls_session {
|
||||
/** Reference counter */
|
||||
|
||||
+1
-65
@@ -37,6 +37,7 @@ FILE_SECBOOT ( PERMITTED );
|
||||
#include <ipxe/md5.h>
|
||||
#include <ipxe/sha1.h>
|
||||
#include <ipxe/sha256.h>
|
||||
#include <ipxe/md5_sha1.h>
|
||||
#include <ipxe/aes.h>
|
||||
#include <ipxe/rsa.h>
|
||||
#include <ipxe/iobuf.h>
|
||||
@@ -280,71 +281,6 @@ tls_version ( struct tls_connection *tls, unsigned int version ) {
|
||||
( tls->version >= version ) );
|
||||
}
|
||||
|
||||
/******************************************************************************
|
||||
*
|
||||
* Hybrid MD5+SHA1 hash as used by TLSv1.1 and earlier
|
||||
*
|
||||
******************************************************************************
|
||||
*/
|
||||
|
||||
/**
|
||||
* Initialise MD5+SHA1 algorithm
|
||||
*
|
||||
* @v ctx MD5+SHA1 context
|
||||
*/
|
||||
static void md5_sha1_init ( void *ctx ) {
|
||||
struct md5_sha1_context *context = ctx;
|
||||
|
||||
digest_init ( &md5_algorithm, context->md5 );
|
||||
digest_init ( &sha1_algorithm, context->sha1 );
|
||||
}
|
||||
|
||||
/**
|
||||
* Accumulate data with MD5+SHA1 algorithm
|
||||
*
|
||||
* @v ctx MD5+SHA1 context
|
||||
* @v data Data
|
||||
* @v len Length of data
|
||||
*/
|
||||
static void md5_sha1_update ( void *ctx, const void *data, size_t len ) {
|
||||
struct md5_sha1_context *context = ctx;
|
||||
|
||||
digest_update ( &md5_algorithm, context->md5, data, len );
|
||||
digest_update ( &sha1_algorithm, context->sha1, data, len );
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate MD5+SHA1 digest
|
||||
*
|
||||
* @v ctx MD5+SHA1 context
|
||||
* @v out Output buffer
|
||||
*/
|
||||
static void md5_sha1_final ( void *ctx, void *out ) {
|
||||
struct md5_sha1_context *context = ctx;
|
||||
struct md5_sha1_digest *digest = out;
|
||||
|
||||
digest_final ( &md5_algorithm, context->md5, digest->md5 );
|
||||
digest_final ( &sha1_algorithm, context->sha1, digest->sha1 );
|
||||
}
|
||||
|
||||
/** Hybrid MD5+SHA1 digest algorithm */
|
||||
static struct digest_algorithm md5_sha1_algorithm = {
|
||||
.name = "md5+sha1",
|
||||
.ctxsize = sizeof ( struct md5_sha1_context ),
|
||||
.blocksize = 0, /* Not applicable */
|
||||
.digestsize = sizeof ( struct md5_sha1_digest ),
|
||||
.init = md5_sha1_init,
|
||||
.update = md5_sha1_update,
|
||||
.final = md5_sha1_final,
|
||||
};
|
||||
|
||||
/** RSA digestInfo prefix for MD5+SHA1 algorithm */
|
||||
struct rsa_digestinfo_prefix rsa_md5_sha1_prefix __rsa_digestinfo_prefix = {
|
||||
.digest = &md5_sha1_algorithm,
|
||||
.data = NULL, /* MD5+SHA1 signatures have no digestInfo */
|
||||
.len = 0,
|
||||
};
|
||||
|
||||
/******************************************************************************
|
||||
*
|
||||
* Cleanup functions
|
||||
|
||||
Reference in New Issue
Block a user