include/apr_sha1.h - apr-util - Git at Google

 /* Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 /* NIST Secure Hash Algorithm
  * 	heavily modified by Uwe Hollerbach uh@alumni.caltech edu
  * 	from Peter C. Gutmann's implementation as found in
  * 	Applied Cryptography by Bruce Schneier
  * 	This code is hereby placed in the public domain
  */

 #ifndef APR_SHA1_H
 #define APR_SHA1_H

 #include "apu.h"
 #include "apr_general.h"

 #ifdef __cplusplus
 extern "C" {
 #endif

 /**
  * @file apr_sha1.h
  * @brief APR-UTIL SHA1 library
  */

 /** size of the SHA1 DIGEST */
 #define APR_SHA1_DIGESTSIZE 20

 /**
  * Define the Magic String prefix that identifies a password as being
  * hashed using our algorithm.
  */
 #define APR_SHA1PW_ID "{SHA}"

 /** length of the SHA Password */
 #define APR_SHA1PW_IDLEN 5

 /** @see apr_sha1_ctx_t */
 typedef struct apr_sha1_ctx_t apr_sha1_ctx_t;

 /**
  * SHA1 context structure
  */
 struct apr_sha1_ctx_t {
     /** message digest */
     apr_uint32_t digest[5];
     /** 64-bit bit counts */
     apr_uint32_t count_lo, count_hi;
     /** SHA data buffer */
     apr_uint32_t data[16];
     /** unprocessed amount in data */
     int local;
 };

 /**
  * Provide a means to SHA1 crypt/encode a plaintext password in a way which
  * makes password file compatible with those commonly use in netscape web
  * and ldap installations.
  * @param clear The plaintext password
  * @param len The length of the plaintext password
  * @param out The encrypted/encoded password
  * @note SHA1 support is useful for migration purposes, but is less
  *     secure than Apache's password format, since Apache's (MD5)
  *     password format uses a random eight character salt to generate
  *     one of many possible hashes for the same password.  Netscape
  *     uses plain SHA1 without a salt, so the same password
  *     will always generate the same hash, making it easier
  *     to break since the search space is smaller.
  */
 APU_DECLARE(void) apr_sha1_base64(const char *clear, int len, char *out);

 /**
  * Initialize the SHA digest
  * @param context The SHA context to initialize
  */
 APU_DECLARE(void) apr_sha1_init(apr_sha1_ctx_t *context);

 /**
  * Update the SHA digest
  * @param context The SHA1 context to update
  * @param input The buffer to add to the SHA digest
  * @param inputLen The length of the input buffer
  */
 APU_DECLARE(void) apr_sha1_update(apr_sha1_ctx_t *context, const char *input,
                                 unsigned int inputLen);

 /**
  * Update the SHA digest with binary data
  * @param context The SHA1 context to update
  * @param input The buffer to add to the SHA digest
  * @param inputLen The length of the input buffer
  */
 APU_DECLARE(void) apr_sha1_update_binary(apr_sha1_ctx_t *context,
                                        const unsigned char *input,
                                        unsigned int inputLen);

 /**
  * Finish computing the SHA digest
  * @param digest the output buffer in which to store the digest
  * @param context The context to finalize
  */
 APU_DECLARE(void) apr_sha1_final(unsigned char digest[APR_SHA1_DIGESTSIZE],
                                apr_sha1_ctx_t *context);

 #ifdef __cplusplus
 }
 #endif

 #endif	/* APR_SHA1_H */
	/* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	/* NIST Secure Hash Algorithm
	* heavily modified by Uwe Hollerbach uh@alumni.caltech edu
	* from Peter C. Gutmann's implementation as found in
	* Applied Cryptography by Bruce Schneier
	* This code is hereby placed in the public domain
	*/

	#ifndef APR_SHA1_H
	#define APR_SHA1_H

	#include "apu.h"
	#include "apr_general.h"

	#ifdef __cplusplus
	extern "C" {
	#endif

	/**
	* @file apr_sha1.h
	* @brief APR-UTIL SHA1 library
	*/

	/** size of the SHA1 DIGEST */
	#define APR_SHA1_DIGESTSIZE 20

	/**
	* Define the Magic String prefix that identifies a password as being
	* hashed using our algorithm.
	*/
	#define APR_SHA1PW_ID "{SHA}"

	/** length of the SHA Password */
	#define APR_SHA1PW_IDLEN 5

	/** @see apr_sha1_ctx_t */
	typedef struct apr_sha1_ctx_t apr_sha1_ctx_t;

	/**
	* SHA1 context structure
	*/
	struct apr_sha1_ctx_t {
	/** message digest */
	apr_uint32_t digest[5];
	/** 64-bit bit counts */
	apr_uint32_t count_lo, count_hi;
	/** SHA data buffer */
	apr_uint32_t data[16];
	/** unprocessed amount in data */
	int local;
	};

	/**
	* Provide a means to SHA1 crypt/encode a plaintext password in a way which
	* makes password file compatible with those commonly use in netscape web
	* and ldap installations.
	* @param clear The plaintext password
	* @param len The length of the plaintext password
	* @param out The encrypted/encoded password
	* @note SHA1 support is useful for migration purposes, but is less
	* secure than Apache's password format, since Apache's (MD5)
	* password format uses a random eight character salt to generate
	* one of many possible hashes for the same password. Netscape
	* uses plain SHA1 without a salt, so the same password
	* will always generate the same hash, making it easier
	* to break since the search space is smaller.
	*/
	APU_DECLARE(void) apr_sha1_base64(const char clear, int len, char out);

	/**
	* Initialize the SHA digest
	* @param context The SHA context to initialize
	*/
	APU_DECLARE(void) apr_sha1_init(apr_sha1_ctx_t *context);

	/**
	* Update the SHA digest
	* @param context The SHA1 context to update
	* @param input The buffer to add to the SHA digest
	* @param inputLen The length of the input buffer
	*/
	APU_DECLARE(void) apr_sha1_update(apr_sha1_ctx_t context, const char input,
	unsigned int inputLen);

	/**
	* Update the SHA digest with binary data
	* @param context The SHA1 context to update
	* @param input The buffer to add to the SHA digest
	* @param inputLen The length of the input buffer
	*/
	APU_DECLARE(void) apr_sha1_update_binary(apr_sha1_ctx_t *context,
	const unsigned char *input,
	unsigned int inputLen);

	/**
	* Finish computing the SHA digest
	* @param digest the output buffer in which to store the digest
	* @param context The context to finalize
	*/
	APU_DECLARE(void) apr_sha1_final(unsigned char digest[APR_SHA1_DIGESTSIZE],
	apr_sha1_ctx_t *context);

	#ifdef __cplusplus
	}
	#endif

	#endif /* APR_SHA1_H */