1
/* Copyright 2001-2005 The Apache Software Foundation or its licensors, as
4
* Licensed under the Apache License, Version 2.0 (the "License");
5
* you may not use this file except in compliance with the License.
6
* You may obtain a copy of the License at
8
* http://www.apache.org/licenses/LICENSE-2.0
10
* Unless required by applicable law or agreed to in writing, software
11
* distributed under the License is distributed on an "AS IS" BASIS,
12
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
* See the License for the specific language governing permissions and
14
* limitations under the License.
16
/* NIST Secure Hash Algorithm
17
* heavily modified by Uwe Hollerbach uh@alumni.caltech edu
18
* from Peter C. Gutmann's implementation as found in
19
* Applied Cryptography by Bruce Schneier
20
* This code is hereby placed in the public domain
27
#include "apr_general.h"
35
* @brief APR-UTIL SHA1 library
38
/** size of the SHA1 DIGEST */
39
#define APR_SHA1_DIGESTSIZE 20
42
* Define the Magic String prefix that identifies a password as being
43
* hashed using our algorithm.
45
#define APR_SHA1PW_ID "{SHA}"
47
/** length of the SHA Password */
48
#define APR_SHA1PW_IDLEN 5
50
/** @see apr_sha1_ctx_t */
51
typedef struct apr_sha1_ctx_t apr_sha1_ctx_t;
54
* SHA1 context structure
56
struct apr_sha1_ctx_t {
58
apr_uint32_t digest[5];
59
/** 64-bit bit counts */
60
apr_uint32_t count_lo, count_hi;
61
/** SHA data buffer */
62
apr_uint32_t data[16];
63
/** unprocessed amount in data */
68
* Provide a means to SHA1 crypt/encode a plaintext password in a way which
69
* makes password file compatible with those commonly use in netscape web
70
* and ldap installations.
71
* @param clear The plaintext password
72
* @param len The length of the plaintext password
73
* @param out The encrypted/encoded password
74
* @note SHA1 support is useful for migration purposes, but is less
75
* secure than Apache's password format, since Apache's (MD5)
76
* password format uses a random eight character salt to generate
77
* one of many possible hashes for the same password. Netscape
78
* uses plain SHA1 without a salt, so the same password
79
* will always generate the same hash, making it easier
80
* to break since the search space is smaller.
82
APU_DECLARE(void) apr_sha1_base64(const char *clear, int len, char *out);
85
* Initialize the SHA digest
86
* @param context The SHA context to initialize
88
APU_DECLARE(void) apr_sha1_init(apr_sha1_ctx_t *context);
91
* Update the SHA digest
92
* @param context The SHA1 context to update
93
* @param input The buffer to add to the SHA digest
94
* @param inputLen The length of the input buffer
96
APU_DECLARE(void) apr_sha1_update(apr_sha1_ctx_t *context, const char *input,
97
unsigned int inputLen);
100
* Update the SHA digest with binary data
101
* @param context The SHA1 context to update
102
* @param input The buffer to add to the SHA digest
103
* @param inputLen The length of the input buffer
105
APU_DECLARE(void) apr_sha1_update_binary(apr_sha1_ctx_t *context,
106
const unsigned char *input,
107
unsigned int inputLen);
110
* Finish computing the SHA digest
111
* @param digest the output buffer in which to store the digest
112
* @param context The context to finalize
114
APU_DECLARE(void) apr_sha1_final(unsigned char digest[APR_SHA1_DIGESTSIZE],
115
apr_sha1_ctx_t *context);
121
#endif /* APR_SHA1_H */