krb5 commit: Add libk5crypto SHA-256 and SHA-384 hash providers

Greg Hudson ghudson at mit.edu
Mon Oct 3 16:02:40 EDT 2016


https://github.com/krb5/krb5/commit/c438227afd763997c131339c1476f61d1628a20d
commit c438227afd763997c131339c1476f61d1628a20d
Author: Greg Hudson <ghudson at mit.edu>
Date:   Sat Dec 5 19:36:41 2015 -0500

    Add libk5crypto SHA-256 and SHA-384 hash providers
    
    Add SHA-256 and SHA-384 hash providers to each of the libk5crypto back
    ends, in preparation for AES-SHA2 support.  For the builtin back end,
    adapt SHA-512 code from Heimdal (SHA-384 is just truncated SHA-512
    with different initial values).  Replace builtin/sha2/t_sha256.c with
    a program under crypto_tests which tests SHA-256 and SHA-384 in all
    back ends.
    
    ticket: 8490

 src/lib/crypto/builtin/hash_provider/Makefile.in |   11 +-
 src/lib/crypto/builtin/hash_provider/deps        |   13 +
 src/lib/crypto/builtin/hash_provider/hash_sha2.c |   88 +++++++
 src/lib/crypto/builtin/sha2/Makefile.in          |   20 +--
 src/lib/crypto/builtin/sha2/deps                 |   10 +
 src/lib/crypto/builtin/sha2/sha2.h               |   23 ++
 src/lib/crypto/builtin/sha2/sha512.c             |  305 ++++++++++++++++++++++
 src/lib/crypto/builtin/sha2/t_sha256.c           |  117 ---------
 src/lib/crypto/crypto_tests/Makefile.in          |   13 +-
 src/lib/crypto/crypto_tests/deps                 |   12 +
 src/lib/crypto/crypto_tests/t_sha2.c             |  145 ++++++++++
 src/lib/crypto/krb/crypto_int.h                  |    2 +
 src/lib/crypto/openssl/hash_provider/hash_evp.c  |   20 ++
 src/lib/crypto/openssl/hmac.c                    |    4 +
 14 files changed, 642 insertions(+), 141 deletions(-)

diff --git a/src/lib/crypto/builtin/hash_provider/Makefile.in b/src/lib/crypto/builtin/hash_provider/Makefile.in
index c665d6c..2f587a4 100644
--- a/src/lib/crypto/builtin/hash_provider/Makefile.in
+++ b/src/lib/crypto/builtin/hash_provider/Makefile.in
@@ -1,7 +1,7 @@
 mydir=lib$(S)crypto$(S)builtin$(S)hash_provider
 BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
 LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb -I$(srcdir)/../md4 \
-	-I$(srcdir)/../md5 -I$(srcdir)/../sha1
+	-I$(srcdir)/../md5 -I$(srcdir)/../sha1 -I$(srcdir)/../sha2
 
 ##DOS##BUILDTOP = ..\..\..\..
 ##DOS##PREFIXDIR = builtin\hash_provider
@@ -11,17 +11,20 @@ STLIBOBJS= \
 	hash_crc32.o 	\
 	hash_md4.o 	\
 	hash_md5.o 	\
-	hash_sha1.o
+	hash_sha1.o	\
+	hash_sha2.o
 
 OBJS=   $(OUTPRE)hash_crc32.$(OBJEXT) 	\
 	$(OUTPRE)hash_md4.$(OBJEXT) 	\
 	$(OUTPRE)hash_md5.$(OBJEXT) 	\
-	$(OUTPRE)hash_sha1.$(OBJEXT)
+	$(OUTPRE)hash_sha1.$(OBJEXT)	\
+	$(OUTPRE)hash_sha2.$(OBJEXT)
 
 SRCS=	$(srcdir)/hash_crc32.c	\
 	$(srcdir)/hash_md4.c 	\
 	$(srcdir)/hash_md5.c 	\
-	$(srcdir)/hash_sha1.c
+	$(srcdir)/hash_sha1.c	\
+	$(srcdir)/hash_sha2.c
 
 ##DOS##LIBOBJS = $(OBJS)
 
diff --git a/src/lib/crypto/builtin/hash_provider/deps b/src/lib/crypto/builtin/hash_provider/deps
index e1f9b35..18f89b3 100644
--- a/src/lib/crypto/builtin/hash_provider/deps
+++ b/src/lib/crypto/builtin/hash_provider/deps
@@ -53,3 +53,16 @@ hash_sha1.so hash_sha1.po $(OUTPRE)hash_sha1.$(OBJEXT): \
   $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
   hash_sha1.c
+hash_sha2.so hash_sha2.po $(OUTPRE)hash_sha2.$(OBJEXT): \
+  $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
+  $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
+  $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \
+  $(srcdir)/../crypto_mod.h $(srcdir)/../sha2/sha2.h \
+  $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+  $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+  $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+  $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+  $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \
+  $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+  $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
+  hash_sha2.c
diff --git a/src/lib/crypto/builtin/hash_provider/hash_sha2.c b/src/lib/crypto/builtin/hash_provider/hash_sha2.c
new file mode 100644
index 0000000..ac4896d
--- /dev/null
+++ b/src/lib/crypto/builtin/hash_provider/hash_sha2.c
@@ -0,0 +1,88 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/builtin/hash_provider/sha2.c - SHA-2 hash providers */
+/*
+ * Copyright (C) 2015 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "crypto_int.h"
+#include "sha2.h"
+
+static krb5_error_code
+k5_sha256_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
+{
+    SHA256_CTX ctx;
+    size_t i;
+    const krb5_crypto_iov *iov;
+
+    if (output->length != SHA256_DIGEST_LENGTH)
+        return KRB5_CRYPTO_INTERNAL;
+
+    k5_sha256_init(&ctx);
+    for (i = 0; i < num_data; i++) {
+        iov = &data[i];
+        if (SIGN_IOV(iov))
+            k5_sha256_update(&ctx, iov->data.data, iov->data.length);
+    }
+    k5_sha256_final(output->data, &ctx);
+    return 0;
+}
+
+static krb5_error_code
+k5_sha384_hash(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
+{
+    SHA384_CTX ctx;
+    size_t i;
+    const krb5_crypto_iov *iov;
+
+    if (output->length != SHA384_DIGEST_LENGTH)
+        return KRB5_CRYPTO_INTERNAL;
+
+    k5_sha384_init(&ctx);
+    for (i = 0; i < num_data; i++) {
+        iov = &data[i];
+        if (SIGN_IOV(iov))
+            k5_sha384_update(&ctx, iov->data.data, iov->data.length);
+    }
+    k5_sha384_final(output->data, &ctx);
+    return 0;
+}
+
+const struct krb5_hash_provider krb5int_hash_sha256 = {
+    "SHA-256",
+    SHA256_DIGEST_LENGTH,
+    SHA256_BLOCK_SIZE,
+    k5_sha256_hash
+};
+
+const struct krb5_hash_provider krb5int_hash_sha384 = {
+    "SHA-384",
+    SHA384_DIGEST_LENGTH,
+    SHA384_BLOCK_SIZE,
+    k5_sha384_hash
+};
diff --git a/src/lib/crypto/builtin/sha2/Makefile.in b/src/lib/crypto/builtin/sha2/Makefile.in
index d4a8ac7..c309242 100644
--- a/src/lib/crypto/builtin/sha2/Makefile.in
+++ b/src/lib/crypto/builtin/sha2/Makefile.in
@@ -5,11 +5,11 @@ BUILDTOP=$(REL)..$(S)..$(S)..$(S)..
 ##DOS##PREFIXDIR = builtin\sha2
 ##DOS##OBJFILE = ..\..\$(OUTPRE)sha2.lst
 
-STLIBOBJS= sha256.o
+STLIBOBJS= sha256.o sha512.o
 
-OBJS= $(OUTPRE)sha256.$(OBJEXT) 
+OBJS= $(OUTPRE)sha256.$(OBJEXT) $(OUTPRE)sha512.$(OBJEXT)
 
-SRCS= $(srcdir)/sha256.c
+SRCS= $(srcdir)/sha256.c $(srcdir)/sha512.c
 
 ##DOS##LIBOBJS = $(OBJS)
 
@@ -19,20 +19,6 @@ includes: depend
 
 depend: $(SRCS)
 
-t_sha256: t_sha256.o sha256.o $(SUPPORT_DEPLIB)
-	$(CC_LINK) -o t_sha256 t_sha256.o sha256.o $(SUPPORT_LIB)
-
-
-$(OUTPRE)t_sha256.exe: $(OUTPRE)t_sha256.obj $(OUTPRE)sha256.obj
-	link -out:$@ $**
-
-
-check-unix: t_sha256
-	$(RUN_TEST) $(C)t_sha256
-
-clean:
-	$(RM) t_sha256$(EXEEXT) t_sha256.$(OBJEXT)
-
 clean-unix:: clean-libobjs
 
 @libobj_frag@
diff --git a/src/lib/crypto/builtin/sha2/deps b/src/lib/crypto/builtin/sha2/deps
index b2be886..61b8309 100644
--- a/src/lib/crypto/builtin/sha2/deps
+++ b/src/lib/crypto/builtin/sha2/deps
@@ -11,3 +11,13 @@ sha256.so sha256.po $(OUTPRE)sha256.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
   $(top_srcdir)/include/socket-utils.h sha2.h sha256.c
+sha512.so sha512.po $(OUTPRE)sha512.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h sha2.h sha512.c
diff --git a/src/lib/crypto/builtin/sha2/sha2.h b/src/lib/crypto/builtin/sha2/sha2.h
index 6c743e1..97d8505 100644
--- a/src/lib/crypto/builtin/sha2/sha2.h
+++ b/src/lib/crypto/builtin/sha2/sha2.h
@@ -39,6 +39,12 @@
 #include <k5-int.h>
 
 #define SHA256_DIGEST_LENGTH 32
+#define SHA384_DIGEST_LENGTH 48
+#define SHA512_DIGEST_LENGTH 64
+
+#define SHA256_BLOCK_SIZE 64
+#define SHA384_BLOCK_SIZE 128
+#define SHA512_BLOCK_SIZE 128
 
 struct sha256state {
   unsigned int sz[2];
@@ -46,10 +52,27 @@ struct sha256state {
   unsigned char save[64];
 };
 
+struct sha512state {
+  uint64_t sz[2];
+  uint64_t counter[8];
+  unsigned char save[128];
+};
+
+/* SHA-384 and SHA-512 use the same state object. */
 typedef struct sha256state SHA256_CTX;
+typedef struct sha512state SHA384_CTX;
+typedef struct sha512state SHA512_CTX;
 
 void k5_sha256_init(SHA256_CTX *);
 void k5_sha256_update(SHA256_CTX *, const void *, size_t);
 void k5_sha256_final(void *, SHA256_CTX *);
 
+void k5_sha384_init(SHA384_CTX *);
+void k5_sha384_update(SHA384_CTX *, const void *, size_t);
+void k5_sha384_final(void *, SHA384_CTX *);
+
+void k5_sha512_init(SHA512_CTX *);
+void k5_sha512_update(SHA512_CTX *, const void *, size_t);
+void k5_sha512_final(void *, SHA512_CTX *);
+
 #endif /* SHA2_H */
diff --git a/src/lib/crypto/builtin/sha2/sha512.c b/src/lib/crypto/builtin/sha2/sha512.c
new file mode 100644
index 0000000..8f0ce89
--- /dev/null
+++ b/src/lib/crypto/builtin/sha2/sha512.c
@@ -0,0 +1,305 @@
+/*
+ * Copyright (c) 2006, 2010 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <k5-int.h>
+#include "sha2.h"
+
+#ifdef K5_BE
+#define WORDS_BIGENDIAN
+#endif
+
+#ifndef min
+#define min(a,b) (((a)>(b))?(b):(a))
+#endif
+
+#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
+#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
+
+#define ROTR(x,n)   (((x)>>(n)) | ((x) << (64 - (n))))
+
+#define Sigma0(x)	(ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39))
+#define Sigma1(x)	(ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41))
+#define sigma0(x)	(ROTR(x,1)  ^ ROTR(x,8)  ^ ((x)>>7))
+#define sigma1(x)	(ROTR(x,19) ^ ROTR(x,61) ^ ((x)>>6))
+
+#define A m->counter[0]
+#define B m->counter[1]
+#define C m->counter[2]
+#define D m->counter[3]
+#define E m->counter[4]
+#define F m->counter[5]
+#define G m->counter[6]
+#define H m->counter[7]
+
+static const uint64_t constant_512[80] = {
+    0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL,
+    0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL,
+    0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
+    0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL,
+    0xd807aa98a3030242ULL, 0x12835b0145706fbeULL,
+    0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL,
+    0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL,
+    0x9bdc06a725c71235ULL, 0xc19bf174cf692694ULL,
+    0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL,
+    0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL,
+    0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL,
+    0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL,
+    0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL,
+    0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL,
+    0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL,
+    0x06ca6351e003826fULL, 0x142929670a0e6e70ULL,
+    0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL,
+    0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL,
+    0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL,
+    0x81c2c92e47edaee6ULL, 0x92722c851482353bULL,
+    0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL,
+    0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL,
+    0xd192e819d6ef5218ULL, 0xd69906245565a910ULL,
+    0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL,
+    0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL,
+    0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL,
+    0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL,
+    0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL,
+    0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL,
+    0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL,
+    0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL,
+    0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL,
+    0xca273eceea26619cULL, 0xd186b8c721c0c207ULL,
+    0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL,
+    0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL,
+    0x113f9804bef90daeULL, 0x1b710b35131c471bULL,
+    0x28db77f523047d84ULL, 0x32caab7b40c72493ULL,
+    0x3c9ebe0a15c9bebcULL, 0x431d67c49c100d4cULL,
+    0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL,
+    0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL
+};
+
+static inline uint64_t
+cshift64 (uint64_t x, unsigned int n)
+{
+  return ((uint64_t)x << (uint64_t)n) | ((uint64_t)x >> ((uint64_t)64 - (uint64_t)n));
+}
+
+void
+k5_sha512_init (SHA512_CTX *m)
+{
+    m->sz[0] = 0;
+    m->sz[1] = 0;
+    A = 0x6a09e667f3bcc908ULL;
+    B = 0xbb67ae8584caa73bULL;
+    C = 0x3c6ef372fe94f82bULL;
+    D = 0xa54ff53a5f1d36f1ULL;
+    E = 0x510e527fade682d1ULL;
+    F = 0x9b05688c2b3e6c1fULL;
+    G = 0x1f83d9abfb41bd6bULL;
+    H = 0x5be0cd19137e2179ULL;
+}
+
+static void
+calc (SHA512_CTX *m, uint64_t *in)
+{
+    uint64_t AA, BB, CC, DD, EE, FF, GG, HH;
+    uint64_t data[80];
+    int i;
+
+    AA = A;
+    BB = B;
+    CC = C;
+    DD = D;
+    EE = E;
+    FF = F;
+    GG = G;
+    HH = H;
+
+    for (i = 0; i < 16; ++i)
+	data[i] = in[i];
+    for (i = 16; i < 80; ++i)
+	data[i] = sigma1(data[i-2]) + data[i-7] +
+	    sigma0(data[i-15]) + data[i - 16];
+
+    for (i = 0; i < 80; i++) {
+	uint64_t T1, T2;
+
+	T1 = HH + Sigma1(EE) + Ch(EE, FF, GG) + constant_512[i] + data[i];
+	T2 = Sigma0(AA) + Maj(AA,BB,CC);
+
+	HH = GG;
+	GG = FF;
+	FF = EE;
+	EE = DD + T1;
+	DD = CC;
+	CC = BB;
+	BB = AA;
+	AA = T1 + T2;
+    }
+
+    A += AA;
+    B += BB;
+    C += CC;
+    D += DD;
+    E += EE;
+    F += FF;
+    G += GG;
+    H += HH;
+}
+
+/*
+ * From `Performance analysis of MD5' by Joseph D. Touch <touch at isi.edu>
+ */
+
+#if !defined(WORDS_BIGENDIAN) || defined(_CRAY)
+static inline uint64_t
+swap_uint64_t (uint64_t t)
+{
+    uint64_t temp;
+
+    temp   = cshift64(t, 32);
+    temp = ((temp & 0xff00ff00ff00ff00ULL) >> 8) |
+           ((temp & 0x00ff00ff00ff00ffULL) << 8);
+    return ((temp & 0xffff0000ffff0000ULL) >> 16) |
+           ((temp & 0x0000ffff0000ffffULL) << 16);
+}
+
+struct x64{
+    uint64_t a;
+    uint64_t b;
+};
+#endif
+
+void
+k5_sha512_update (SHA512_CTX *m, const void *v, size_t len)
+{
+    const unsigned char *p = v;
+    size_t old_sz = m->sz[0];
+    size_t offset;
+
+    m->sz[0] += len * 8;
+    if (m->sz[0] < old_sz)
+	++m->sz[1];
+    offset = (old_sz / 8) % 128;
+    while(len > 0){
+	size_t l = min(len, 128 - offset);
+	memcpy(m->save + offset, p, l);
+	offset += l;
+	p += l;
+	len -= l;
+	if(offset == 128){
+#if !defined(WORDS_BIGENDIAN) || defined(_CRAY)
+	    int i;
+	    uint64_t current[16];
+	    struct x64 *us = (struct x64*)m->save;
+	    for(i = 0; i < 8; i++){
+		current[2*i+0] = swap_uint64_t(us[i].a);
+		current[2*i+1] = swap_uint64_t(us[i].b);
+	    }
+	    calc(m, current);
+#else
+	    calc(m, (uint64_t*)m->save);
+#endif
+	    offset = 0;
+	}
+    }
+}
+
+void
+k5_sha512_final (void *res, SHA512_CTX *m)
+{
+    unsigned char zeros[128 + 16];
+    unsigned offset = (m->sz[0] / 8) % 128;
+    unsigned int dstart = (240 - offset - 1) % 128 + 1;
+
+    *zeros = 0x80;
+    memset (zeros + 1, 0, sizeof(zeros) - 1);
+    zeros[dstart+15] = (m->sz[0] >> 0) & 0xff;
+    zeros[dstart+14] = (m->sz[0] >> 8) & 0xff;
+    zeros[dstart+13] = (m->sz[0] >> 16) & 0xff;
+    zeros[dstart+12] = (m->sz[0] >> 24) & 0xff;
+    zeros[dstart+11] = (m->sz[0] >> 32) & 0xff;
+    zeros[dstart+10] = (m->sz[0] >> 40) & 0xff;
+    zeros[dstart+9]  = (m->sz[0] >> 48) & 0xff;
+    zeros[dstart+8]  = (m->sz[0] >> 56) & 0xff;
+
+    zeros[dstart+7] = (m->sz[1] >> 0) & 0xff;
+    zeros[dstart+6] = (m->sz[1] >> 8) & 0xff;
+    zeros[dstart+5] = (m->sz[1] >> 16) & 0xff;
+    zeros[dstart+4] = (m->sz[1] >> 24) & 0xff;
+    zeros[dstart+3] = (m->sz[1] >> 32) & 0xff;
+    zeros[dstart+2] = (m->sz[1] >> 40) & 0xff;
+    zeros[dstart+1] = (m->sz[1] >> 48) & 0xff;
+    zeros[dstart+0] = (m->sz[1] >> 56) & 0xff;
+    k5_sha512_update (m, zeros, dstart + 16);
+    {
+	int i;
+	unsigned char *r = (unsigned char*)res;
+
+	for (i = 0; i < 8; ++i) {
+	    r[8*i+7] = m->counter[i] & 0xFF;
+	    r[8*i+6] = (m->counter[i] >> 8) & 0xFF;
+	    r[8*i+5] = (m->counter[i] >> 16) & 0xFF;
+	    r[8*i+4] = (m->counter[i] >> 24) & 0xFF;
+	    r[8*i+3] = (m->counter[i] >> 32) & 0XFF;
+	    r[8*i+2] = (m->counter[i] >> 40) & 0xFF;
+	    r[8*i+1] = (m->counter[i] >> 48) & 0xFF;
+	    r[8*i]   = (m->counter[i] >> 56) & 0xFF;
+	}
+    }
+}
+
+void
+k5_sha384_init (SHA384_CTX *m)
+{
+    m->sz[0] = 0;
+    m->sz[1] = 0;
+    A = 0xcbbb9d5dc1059ed8ULL;
+    B = 0x629a292a367cd507ULL;
+    C = 0x9159015a3070dd17ULL;
+    D = 0x152fecd8f70e5939ULL;
+    E = 0x67332667ffc00b31ULL;
+    F = 0x8eb44a8768581511ULL;
+    G = 0xdb0c2e0d64f98fa7ULL;
+    H = 0x47b5481dbefa4fa4ULL;
+}
+
+void
+k5_sha384_update (SHA384_CTX *m, const void *v, size_t len)
+{
+    k5_sha512_update(m, v, len);
+}
+
+void
+k5_sha384_final (void *res, SHA384_CTX *m)
+{
+    unsigned char data[SHA512_DIGEST_LENGTH];
+    k5_sha512_final(data, m);
+    memcpy(res, data, SHA384_DIGEST_LENGTH);
+}
diff --git a/src/lib/crypto/builtin/sha2/t_sha256.c b/src/lib/crypto/builtin/sha2/t_sha256.c
deleted file mode 100644
index c2da381..0000000
--- a/src/lib/crypto/builtin/sha2/t_sha256.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* lib/crypto/builtin/sha2/t_sha256.c */
-/*
- * Copyright (c) 1995 - 2002 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <k5-int.h>
-#include "sha2.h"
-
-#define ONE_MILLION_A "one million a's"
-
-struct test {
-    char *str;
-    unsigned char hash[64];
-};
-
-struct test tests[] = {
-    { "abc",
-      { 0xba, 0x78, 0x16, 0xbf,  0x8f, 0x01, 0xcf, 0xea,
-    0x41, 0x41, 0x40, 0xde,  0x5d, 0xae, 0x22, 0x23,
-    0xb0, 0x03, 0x61, 0xa3,  0x96, 0x17, 0x7a, 0x9c,
-    0xb4, 0x10, 0xff, 0x61,  0xf2, 0x00, 0x15, 0xad }},
-    { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
-      { 0x24, 0x8d, 0x6a, 0x61,  0xd2, 0x06, 0x38, 0xb8,
-    0xe5, 0xc0, 0x26, 0x93,  0x0c, 0x3e, 0x60, 0x39,
-    0xa3, 0x3c, 0xe4, 0x59,  0x64, 0xff, 0x21, 0x67,
-    0xf6, 0xec, 0xed, 0xd4,  0x19, 0xdb, 0x06, 0xc1 }},
-    { ONE_MILLION_A,
-      {0xcd,0xc7,0x6e,0x5c, 0x99,0x14,0xfb,0x92,
-       0x81,0xa1,0xc7,0xe2, 0x84,0xd7,0x3e,0x67,
-       0xf1,0x80,0x9a,0x48, 0xa4,0x97,0x20,0x0e,
-       0x04,0x6d,0x39,0xcc, 0xc7,0x11,0x2c,0xd0 }},
-    { NULL }
-};
-
-int
-main (void)
-{
-    struct test *t;
-    void *ctx = malloc(sizeof(SHA256_CTX));
-    unsigned char *res = malloc(SHA256_DIGEST_LENGTH);
-    char buf[1000];
-
-    for (t = tests; t->str; ++t) {
-    
-        k5_sha256_init(ctx);
-        if(strcmp(t->str, ONE_MILLION_A) == 0) {
-            int i;
-            memset(buf, 'a', sizeof(buf));
-            for(i = 0; i < 1000; i++) {
-                k5_sha256_update(ctx, buf, sizeof(buf));
-            }
-        } else {
-            k5_sha256_update(ctx, (unsigned char *)t->str, strlen(t->str));
-        }
-
-        k5_sha256_final(res, ctx);
-        if (memcmp (res, t->hash, SHA256_DIGEST_LENGTH) != 0) {
-            int i;
-
-            printf ("%s(\"%s\") failed\n", "SHA- 256", t->str);
-            printf("should be:  ");
-            for(i = 0; i < SHA256_DIGEST_LENGTH; ++i) {
-                if(i > 0 && (i % 16) == 0)
-                printf("\n            ");
-                printf("%02x ", t->hash[i]);
-            }
-            printf("\nresult was: ");
-            for(i = 0; i < SHA256_DIGEST_LENGTH; ++i) {
-            if(i > 0 && (i % 16) == 0)
-                printf("\n            ");
-                printf("%02x ", res[i]);
-            }
-            printf("\n");
-            return 1;
-        }
-    
-        if (memcmp (res, t->hash, SHA256_DIGEST_LENGTH) != 0) {
-            printf("EVP %s failed here old function where successful!\n", "SHA-256");
-            return 1;
-        }
-    }
-    free(ctx);
-    free(res);
-    printf ("success\n");
-    return 0;
-}
-
diff --git a/src/lib/crypto/crypto_tests/Makefile.in b/src/lib/crypto/crypto_tests/Makefile.in
index f4914d4..9da6bf7 100644
--- a/src/lib/crypto/crypto_tests/Makefile.in
+++ b/src/lib/crypto/crypto_tests/Makefile.in
@@ -21,6 +21,7 @@ EXTRADEPSRCS=\
 	$(srcdir)/t_crc.c	\
 	$(srcdir)/t_mddriver.c	\
 	$(srcdir)/t_kperf.c	\
+	$(srcdir)/t_sha2.c	\
 	$(srcdir)/t_short.c	\
 	$(srcdir)/t_str2key.c	\
 	$(srcdir)/t_derive.c	\
@@ -37,7 +38,8 @@ check-unix: t_nfold t_encrypt t_decrypt t_prf t_prng t_cmac t_hmac \
 		aes-test  \
 		camellia-test  \
 		t_mddriver4 t_mddriver \
-		t_crc t_cts t_short t_str2key t_derive t_fork t_cf2 t_combine
+		t_crc t_cts t_sha2 t_short t_str2key t_derive t_fork t_cf2 \
+		t_combine
 	$(RUN_TEST) ./t_nfold
 	$(RUN_TEST) ./t_encrypt
 	$(RUN_TEST) ./t_decrypt
@@ -59,6 +61,7 @@ check-unix: t_nfold t_encrypt t_decrypt t_prf t_prng t_cmac t_hmac \
 	cmp camellia-vt.txt $(srcdir)/camellia-expect-vt.txt
 	$(RUN_TEST) $(C)t_mddriver4 -x
 	$(RUN_TEST) $(C)t_mddriver -x
+	$(RUN_TEST) ./t_sha2
 	$(RUN_TEST) ./t_short
 	$(RUN_TEST) ./t_str2key
 	$(RUN_TEST) ./t_derive
@@ -99,6 +102,10 @@ t_cts$(EXEEXT): t_cts.$(OBJEXT) $(KRB5_BASE_DEPLIBS)
 	$(CC_LINK) -o $@ t_cts.$(OBJEXT) \
 		$(KRB5_BASE_LIBS)
 
+t_sha2$(EXEEXT): t_sha2.$(OBJEXT) $(KRB5_BASE_DEPLIBS)
+	$(CC_LINK) -o $@ t_sha2.$(OBJEXT) \
+		$(KRB5_BASE_LIBS)
+
 t_short$(EXEEXT): t_short.$(OBJEXT) $(KRB5_BASE_DEPLIBS)
 	$(CC_LINK) -o $@ t_short.$(OBJEXT) \
 		$(KRB5_BASE_LIBS)
@@ -162,8 +169,8 @@ clean:
 		t_crc.o t_crc t_cts.o t_cts \
 		t_mddriver4.o t_mddriver4 t_mddriver.o t_mddriver \
 		t_cksum4 t_cksum4.o t_cksum5 t_cksum5.o t_cksums t_cksums.o \
-		t_kperf.o t_kperf t_short t_short.o t_str2key t_str2key.o \
-		t_derive t_derive.o t_fork t_fork.o \
+		t_kperf.o t_kperf t_sha2.o t_sha2 t_short t_short.o t_str2key \
+		t_str2key.o t_derive t_derive.o t_fork t_fork.o \
 		t_mddriver$(EXEEXT) $(OUTPRE)t_mddriver.$(OBJEXT) \
 		camellia-test camellia-test.o camellia-vt.txt \
 		t_cf2 t_cf2.o t_cf2.output t_combine.o t_combine
diff --git a/src/lib/crypto/crypto_tests/deps b/src/lib/crypto/crypto_tests/deps
index e05eae3..bc5422a 100644
--- a/src/lib/crypto/crypto_tests/deps
+++ b/src/lib/crypto/crypto_tests/deps
@@ -193,6 +193,18 @@ $(OUTPRE)t_kperf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
   $(top_srcdir)/include/socket-utils.h t_kperf.c
+$(OUTPRE)t_sha2.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../builtin/aes/aes.h \
+  $(srcdir)/../builtin/crypto_mod.h $(srcdir)/../builtin/sha2/sha2.h \
+  $(srcdir)/../krb/crypto_int.h $(top_srcdir)/include/k5-buf.h \
+  $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
+  $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+  $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+  $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+  $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+  $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
+  $(top_srcdir)/include/socket-utils.h t_sha2.c
 $(OUTPRE)t_short.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
   $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \
diff --git a/src/lib/crypto/crypto_tests/t_sha2.c b/src/lib/crypto/crypto_tests/t_sha2.c
new file mode 100644
index 0000000..12f3286
--- /dev/null
+++ b/src/lib/crypto/crypto_tests/t_sha2.c
@@ -0,0 +1,145 @@
+/*
+ * Copyright (c) 1995 - 2002 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <k5-int.h>
+#include "crypto_int.h"
+
+#define ONE_MILLION_A "one million a's"
+
+struct test {
+    char *str;
+    unsigned char hash[64];
+};
+
+struct test sha256_tests[] = {
+    { "abc",
+      { 0xba,0x78,0x16,0xbf,0x8f,0x01,0xcf,0xea,
+        0x41,0x41,0x40,0xde,0x5d,0xae,0x22,0x23,
+        0xb0,0x03,0x61,0xa3,0x96,0x17,0x7a,0x9c,
+        0xb4,0x10,0xff,0x61,0xf2,0x00,0x15,0xad }},
+    { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+      { 0x24,0x8d,0x6a,0x61,0xd2,0x06,0x38,0xb8,
+        0xe5,0xc0,0x26,0x93,0x0c,0x3e,0x60,0x39,
+        0xa3,0x3c,0xe4,0x59,0x64,0xff,0x21,0x67,
+        0xf6,0xec,0xed,0xd4,0x19,0xdb,0x06,0xc1 }},
+    { ONE_MILLION_A,
+      { 0xcd,0xc7,0x6e,0x5c,0x99,0x14,0xfb,0x92,
+        0x81,0xa1,0xc7,0xe2,0x84,0xd7,0x3e,0x67,
+        0xf1,0x80,0x9a,0x48,0xa4,0x97,0x20,0x0e,
+        0x04,0x6d,0x39,0xcc,0xc7,0x11,0x2c,0xd0 }},
+    { NULL }
+};
+
+struct test sha384_tests[] = {
+    { "abc",
+      { 0xcb,0x00,0x75,0x3f,0x45,0xa3,0x5e,0x8b,
+	0xb5,0xa0,0x3d,0x69,0x9a,0xc6,0x50,0x07,
+	0x27,0x2c,0x32,0xab,0x0e,0xde,0xd1,0x63,
+	0x1a,0x8b,0x60,0x5a,0x43,0xff,0x5b,0xed,
+	0x80,0x86,0x07,0x2b,0xa1,0xe7,0xcc,0x23,
+	0x58,0xba,0xec,0xa1,0x34,0xc8,0x25,0xa7 }},
+    { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmno"
+      "ijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
+      { 0x09,0x33,0x0c,0x33,0xf7,0x11,0x47,0xe8,
+	0x3d,0x19,0x2f,0xc7,0x82,0xcd,0x1b,0x47,
+	0x53,0x11,0x1b,0x17,0x3b,0x3b,0x05,0xd2,
+	0x2f,0xa0,0x80,0x86,0xe3,0xb0,0xf7,0x12,
+	0xfc,0xc7,0xc7,0x1a,0x55,0x7e,0x2d,0xb9,
+	0x66,0xc3,0xe9,0xfa,0x91,0x74,0x60,0x39 }},
+    { ONE_MILLION_A,
+      { 0x9d,0x0e,0x18,0x09,0x71,0x64,0x74,0xcb,
+	0x08,0x6e,0x83,0x4e,0x31,0x0a,0x4a,0x1c,
+	0xed,0x14,0x9e,0x9c,0x00,0xf2,0x48,0x52,
+	0x79,0x72,0xce,0xc5,0x70,0x4c,0x2a,0x5b,
+	0x07,0xb8,0xb3,0xdc,0x38,0xec,0xc4,0xeb,
+	0xae,0x97,0xdd,0xd8,0x7f,0x3d,0x89,0x85 }},
+    { NULL }
+};
+
+static int
+hash_test(const struct krb5_hash_provider *hash, struct test *tests)
+{
+    struct test *t;
+    krb5_crypto_iov iov, *iovs;
+    krb5_data hval;
+    size_t i;
+
+    if (alloc_data(&hval, hash->hashsize))
+	abort();
+    for (t = tests; t->str; ++t) {
+	if (strcmp(t->str, ONE_MILLION_A) == 0) {
+	    /* Hash a million 'a's using a thousand iovs. */
+	    iovs = calloc(1000, sizeof(*iovs));
+	    assert(iovs != NULL);
+	    for (i = 0; i < 1000; i++) {
+		iovs[i].flags = KRB5_CRYPTO_TYPE_DATA;
+		if (alloc_data(&iovs[i].data, 1000) != 0)
+		    abort();
+		memset(iovs[i].data.data, 'a', 1000);
+	    }
+	    if (hash->hash(iovs, 1000, &hval) != 0)
+		abort();
+	    if (memcmp(hval.data, t->hash, hval.length) != 0)
+		abort();
+	    for (i = 0; i < 1000; i++)
+		free(iovs[i].data.data);
+	    free(iovs);
+	} else {
+	    /* Hash the input in the test. */
+	    iov.flags = KRB5_CRYPTO_TYPE_DATA;
+	    iov.data = string2data(t->str);
+	    if (hash->hash(&iov, 1, &hval) != 0)
+		abort();
+	    if (memcmp(hval.data, t->hash, hval.length) != 0)
+		abort();
+
+	    if (hash == &krb5int_hash_sha256) {
+		/* Try again using k5_sha256(). */
+		if (k5_sha256(&iov.data, (uint8_t *)hval.data) != 0)
+		    abort();
+		if (memcmp(hval.data, t->hash, hval.length) != 0)
+		    abort();
+	    }
+	}
+    }
+    free(hval.data);
+    return 0;
+}
+
+int
+main()
+{
+    hash_test(&krb5int_hash_sha256, sha256_tests);
+    hash_test(&krb5int_hash_sha384, sha384_tests);
+    return 0;
+}
diff --git a/src/lib/crypto/krb/crypto_int.h b/src/lib/crypto/krb/crypto_int.h
index 0f2e472..311d2a8 100644
--- a/src/lib/crypto/krb/crypto_int.h
+++ b/src/lib/crypto/krb/crypto_int.h
@@ -432,6 +432,8 @@ extern const struct krb5_hash_provider krb5int_hash_crc32;
 extern const struct krb5_hash_provider krb5int_hash_md4;
 extern const struct krb5_hash_provider krb5int_hash_md5;
 extern const struct krb5_hash_provider krb5int_hash_sha1;
+extern const struct krb5_hash_provider krb5int_hash_sha256;
+extern const struct krb5_hash_provider krb5int_hash_sha384;
 
 /* Modules must implement the following functions. */
 
diff --git a/src/lib/crypto/openssl/hash_provider/hash_evp.c b/src/lib/crypto/openssl/hash_provider/hash_evp.c
index 0017ade..957ed8d 100644
--- a/src/lib/crypto/openssl/hash_provider/hash_evp.c
+++ b/src/lib/crypto/openssl/hash_provider/hash_evp.c
@@ -79,6 +79,18 @@ hash_sha1(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
     return hash_evp(EVP_sha1(), data, num_data, output);
 }
 
+static krb5_error_code
+hash_sha256(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
+{
+    return hash_evp(EVP_sha256(), data, num_data, output);
+}
+
+static krb5_error_code
+hash_sha384(const krb5_crypto_iov *data, size_t num_data, krb5_data *output)
+{
+    return hash_evp(EVP_sha384(), data, num_data, output);
+}
+
 const struct krb5_hash_provider krb5int_hash_md4 = {
     "MD4", 16, 64, hash_md4
 };
@@ -90,3 +102,11 @@ const struct krb5_hash_provider krb5int_hash_md5 = {
 const struct krb5_hash_provider krb5int_hash_sha1 = {
     "SHA1", 20, 64, hash_sha1
 };
+
+const struct krb5_hash_provider krb5int_hash_sha256 = {
+    "SHA-256", 32, 64, hash_sha256
+};
+
+const struct krb5_hash_provider krb5int_hash_sha384 = {
+    "SHA-384", 48, 128, hash_sha384
+};
diff --git a/src/lib/crypto/openssl/hmac.c b/src/lib/crypto/openssl/hmac.c
index b9cbd9b..b2db6ec 100644
--- a/src/lib/crypto/openssl/hmac.c
+++ b/src/lib/crypto/openssl/hmac.c
@@ -99,6 +99,10 @@ map_digest(const struct krb5_hash_provider *hash)
 {
     if (!strncmp(hash->hash_name, "SHA1",4))
         return EVP_sha1();
+    else if (!strncmp(hash->hash_name, "SHA-256",7))
+        return EVP_sha256();
+    else if (!strncmp(hash->hash_name, "SHA-384",7))
+        return EVP_sha384();
     else if (!strncmp(hash->hash_name, "MD5", 3))
         return EVP_md5();
     else if (!strncmp(hash->hash_name, "MD4", 3))


More information about the cvs-krb5 mailing list