1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
/* Copyright 2001-2005 The Apache Software Foundation or its licensors, as
* applicable.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/* NIST Secure Hash Algorithm
* heavily modified by Uwe Hollerbach uh@alumni.caltech edu
* from Peter C. Gutmann's implementation as found in
* Applied Cryptography by Bruce Schneier
* This code is hereby placed in the public domain
*/
#ifndef APR_SHA1_H
#define APR_SHA1_H
#include "apu.h"
#include "apr_general.h"
#ifdef __cplusplus
extern "C" {
#endif
/**
* @file apr_sha1.h
* @brief APR-UTIL SHA1 library
*/
/** size of the SHA1 DIGEST */
#define APR_SHA1_DIGESTSIZE 20
/**
* Define the Magic String prefix that identifies a password as being
* hashed using our algorithm.
*/
#define APR_SHA1PW_ID "{SHA}"
/** length of the SHA Password */
#define APR_SHA1PW_IDLEN 5
/** @see apr_sha1_ctx_t */
typedef struct apr_sha1_ctx_t apr_sha1_ctx_t;
/**
* SHA1 context structure
*/
struct apr_sha1_ctx_t {
/** message digest */
apr_uint32_t digest[5];
/** 64-bit bit counts */
apr_uint32_t count_lo, count_hi;
/** SHA data buffer */
apr_uint32_t data[16];
/** unprocessed amount in data */
int local;
};
/**
* Provide a means to SHA1 crypt/encode a plaintext password in a way which
* makes password file compatible with those commonly use in netscape web
* and ldap installations.
* @param clear The plaintext password
* @param len The length of the plaintext password
* @param out The encrypted/encoded password
* @note SHA1 support is useful for migration purposes, but is less
* secure than Apache's password format, since Apache's (MD5)
* password format uses a random eight character salt to generate
* one of many possible hashes for the same password. Netscape
* uses plain SHA1 without a salt, so the same password
* will always generate the same hash, making it easier
* to break since the search space is smaller.
*/
APU_DECLARE(void) apr_sha1_base64(const char *clear, int len, char *out);
/**
* Initialize the SHA digest
* @param context The SHA context to initialize
*/
APU_DECLARE(void) apr_sha1_init(apr_sha1_ctx_t *context);
/**
* Update the SHA digest
* @param context The SHA1 context to update
* @param input The buffer to add to the SHA digest
* @param inputLen The length of the input buffer
*/
APU_DECLARE(void) apr_sha1_update(apr_sha1_ctx_t *context, const char *input,
unsigned int inputLen);
/**
* Update the SHA digest with binary data
* @param context The SHA1 context to update
* @param input The buffer to add to the SHA digest
* @param inputLen The length of the input buffer
*/
APU_DECLARE(void) apr_sha1_update_binary(apr_sha1_ctx_t *context,
const unsigned char *input,
unsigned int inputLen);
/**
* Finish computing the SHA digest
* @param digest the output buffer in which to store the digest
* @param context The context to finalize
*/
APU_DECLARE(void) apr_sha1_final(unsigned char digest[APR_SHA1_DIGESTSIZE],
apr_sha1_ctx_t *context);
#ifdef __cplusplus
}
#endif
#endif /* APR_SHA1_H */
|