EIC code displayed by LXR |
|
|
|
|||
File indexing completed on 2025-08-27 09:37:32
0001 /** 0002 * \file md.h 0003 * 0004 * \brief This file contains the generic functions for message-digest 0005 * (hashing) and HMAC. 0006 * 0007 * \author Adriaan de Jong <dejong@fox-it.com> 0008 */ 0009 /* 0010 * Copyright The Mbed TLS Contributors 0011 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 0012 */ 0013 0014 #ifndef MBEDTLS_MD_H 0015 #define MBEDTLS_MD_H 0016 #include "mbedtls/private_access.h" 0017 0018 #include <stddef.h> 0019 0020 #include "mbedtls/build_info.h" 0021 #include "mbedtls/platform_util.h" 0022 0023 /** The selected feature is not available. */ 0024 #define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 0025 /** Bad input parameters to function. */ 0026 #define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 0027 /** Failed to allocate memory. */ 0028 #define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 0029 /** Opening or reading of file failed. */ 0030 #define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200 0031 0032 #ifdef __cplusplus 0033 extern "C" { 0034 #endif 0035 0036 /** 0037 * \brief Supported message digests. 0038 * 0039 * \warning MD5 and SHA-1 are considered weak message digests and 0040 * their use constitutes a security risk. We recommend considering 0041 * stronger message digests instead. 0042 * 0043 */ 0044 /* Note: these are aligned with the definitions of PSA_ALG_ macros for hashes, 0045 * in order to enable an efficient implementation of conversion functions. 0046 * This is tested by md_to_from_psa() in test_suite_md. */ 0047 typedef enum { 0048 MBEDTLS_MD_NONE=0, /**< None. */ 0049 MBEDTLS_MD_MD5=0x03, /**< The MD5 message digest. */ 0050 MBEDTLS_MD_RIPEMD160=0x04, /**< The RIPEMD-160 message digest. */ 0051 MBEDTLS_MD_SHA1=0x05, /**< The SHA-1 message digest. */ 0052 MBEDTLS_MD_SHA224=0x08, /**< The SHA-224 message digest. */ 0053 MBEDTLS_MD_SHA256=0x09, /**< The SHA-256 message digest. */ 0054 MBEDTLS_MD_SHA384=0x0a, /**< The SHA-384 message digest. */ 0055 MBEDTLS_MD_SHA512=0x0b, /**< The SHA-512 message digest. */ 0056 MBEDTLS_MD_SHA3_224=0x10, /**< The SHA3-224 message digest. */ 0057 MBEDTLS_MD_SHA3_256=0x11, /**< The SHA3-256 message digest. */ 0058 MBEDTLS_MD_SHA3_384=0x12, /**< The SHA3-384 message digest. */ 0059 MBEDTLS_MD_SHA3_512=0x13, /**< The SHA3-512 message digest. */ 0060 } mbedtls_md_type_t; 0061 0062 /* Note: this should always be >= PSA_HASH_MAX_SIZE 0063 * in all builds with both CRYPTO_C and MD_LIGHT. 0064 * 0065 * This is to make things easier for modules such as TLS that may define a 0066 * buffer size using MD_MAX_SIZE in a part of the code that's common to PSA 0067 * and legacy, then assume the buffer's size is PSA_HASH_MAX_SIZE in another 0068 * part of the code based on PSA. 0069 */ 0070 #if defined(MBEDTLS_MD_CAN_SHA512) || defined(MBEDTLS_MD_CAN_SHA3_512) 0071 #define MBEDTLS_MD_MAX_SIZE 64 /* longest known is SHA512 */ 0072 #elif defined(MBEDTLS_MD_CAN_SHA384) || defined(MBEDTLS_MD_CAN_SHA3_384) 0073 #define MBEDTLS_MD_MAX_SIZE 48 /* longest known is SHA384 */ 0074 #elif defined(MBEDTLS_MD_CAN_SHA256) || defined(MBEDTLS_MD_CAN_SHA3_256) 0075 #define MBEDTLS_MD_MAX_SIZE 32 /* longest known is SHA256 */ 0076 #elif defined(MBEDTLS_MD_CAN_SHA224) || defined(MBEDTLS_MD_CAN_SHA3_224) 0077 #define MBEDTLS_MD_MAX_SIZE 28 /* longest known is SHA224 */ 0078 #else 0079 #define MBEDTLS_MD_MAX_SIZE 20 /* longest known is SHA1 or RIPE MD-160 0080 or smaller (MD5 and earlier) */ 0081 #endif 0082 0083 #if defined(MBEDTLS_MD_CAN_SHA3_224) 0084 #define MBEDTLS_MD_MAX_BLOCK_SIZE 144 /* the longest known is SHA3-224 */ 0085 #elif defined(MBEDTLS_MD_CAN_SHA3_256) 0086 #define MBEDTLS_MD_MAX_BLOCK_SIZE 136 0087 #elif defined(MBEDTLS_MD_CAN_SHA512) || defined(MBEDTLS_MD_CAN_SHA384) 0088 #define MBEDTLS_MD_MAX_BLOCK_SIZE 128 0089 #elif defined(MBEDTLS_MD_CAN_SHA3_384) 0090 #define MBEDTLS_MD_MAX_BLOCK_SIZE 104 0091 #elif defined(MBEDTLS_MD_CAN_SHA3_512) 0092 #define MBEDTLS_MD_MAX_BLOCK_SIZE 72 0093 #else 0094 #define MBEDTLS_MD_MAX_BLOCK_SIZE 64 0095 #endif 0096 0097 /** 0098 * Opaque struct. 0099 * 0100 * Constructed using either #mbedtls_md_info_from_string or 0101 * #mbedtls_md_info_from_type. 0102 * 0103 * Fields can be accessed with #mbedtls_md_get_size, 0104 * #mbedtls_md_get_type and #mbedtls_md_get_name. 0105 */ 0106 /* Defined internally in library/md_wrap.h. */ 0107 typedef struct mbedtls_md_info_t mbedtls_md_info_t; 0108 0109 /** 0110 * Used internally to indicate whether a context uses legacy or PSA. 0111 * 0112 * Internal use only. 0113 */ 0114 typedef enum { 0115 MBEDTLS_MD_ENGINE_LEGACY = 0, 0116 MBEDTLS_MD_ENGINE_PSA, 0117 } mbedtls_md_engine_t; 0118 0119 /** 0120 * The generic message-digest context. 0121 */ 0122 typedef struct mbedtls_md_context_t { 0123 /** Information about the associated message digest. */ 0124 const mbedtls_md_info_t *MBEDTLS_PRIVATE(md_info); 0125 0126 #if defined(MBEDTLS_MD_SOME_PSA) 0127 /** Are hash operations dispatched to PSA or legacy? */ 0128 mbedtls_md_engine_t MBEDTLS_PRIVATE(engine); 0129 #endif 0130 0131 /** The digest-specific context (legacy) or the PSA operation. */ 0132 void *MBEDTLS_PRIVATE(md_ctx); 0133 0134 #if defined(MBEDTLS_MD_C) 0135 /** The HMAC part of the context. */ 0136 void *MBEDTLS_PRIVATE(hmac_ctx); 0137 #endif 0138 } mbedtls_md_context_t; 0139 0140 /** 0141 * \brief This function returns the message-digest information 0142 * associated with the given digest type. 0143 * 0144 * \param md_type The type of digest to search for. 0145 * 0146 * \return The message-digest information associated with \p md_type. 0147 * \return NULL if the associated message-digest information is not found. 0148 */ 0149 const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type); 0150 0151 /** 0152 * \brief This function initializes a message-digest context without 0153 * binding it to a particular message-digest algorithm. 0154 * 0155 * This function should always be called first. It prepares the 0156 * context for mbedtls_md_setup() for binding it to a 0157 * message-digest algorithm. 0158 */ 0159 void mbedtls_md_init(mbedtls_md_context_t *ctx); 0160 0161 /** 0162 * \brief This function clears the internal structure of \p ctx and 0163 * frees any embedded internal structure, but does not free 0164 * \p ctx itself. 0165 * 0166 * If you have called mbedtls_md_setup() on \p ctx, you must 0167 * call mbedtls_md_free() when you are no longer using the 0168 * context. 0169 * Calling this function if you have previously 0170 * called mbedtls_md_init() and nothing else is optional. 0171 * You must not call this function if you have not called 0172 * mbedtls_md_init(). 0173 */ 0174 void mbedtls_md_free(mbedtls_md_context_t *ctx); 0175 0176 0177 /** 0178 * \brief This function selects the message digest algorithm to use, 0179 * and allocates internal structures. 0180 * 0181 * It should be called after mbedtls_md_init() or 0182 * mbedtls_md_free(). Makes it necessary to call 0183 * mbedtls_md_free() later. 0184 * 0185 * \param ctx The context to set up. 0186 * \param md_info The information structure of the message-digest algorithm 0187 * to use. 0188 * \param hmac Defines if HMAC is used. 0: HMAC is not used (saves some memory), 0189 * or non-zero: HMAC is used with this context. 0190 * 0191 * \return \c 0 on success. 0192 * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 0193 * failure. 0194 * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. 0195 */ 0196 MBEDTLS_CHECK_RETURN_TYPICAL 0197 int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac); 0198 0199 /** 0200 * \brief This function clones the state of a message-digest 0201 * context. 0202 * 0203 * \note You must call mbedtls_md_setup() on \c dst before calling 0204 * this function. 0205 * 0206 * \note The two contexts must have the same type, 0207 * for example, both are SHA-256. 0208 * 0209 * \warning This function clones the message-digest state, not the 0210 * HMAC state. 0211 * 0212 * \param dst The destination context. 0213 * \param src The context to be cloned. 0214 * 0215 * \return \c 0 on success. 0216 * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification failure. 0217 * \return #MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE if both contexts are 0218 * not using the same engine. This can be avoided by moving 0219 * the call to psa_crypto_init() before the first call to 0220 * mbedtls_md_setup(). 0221 */ 0222 MBEDTLS_CHECK_RETURN_TYPICAL 0223 int mbedtls_md_clone(mbedtls_md_context_t *dst, 0224 const mbedtls_md_context_t *src); 0225 0226 /** 0227 * \brief This function extracts the message-digest size from the 0228 * message-digest information structure. 0229 * 0230 * \param md_info The information structure of the message-digest algorithm 0231 * to use. 0232 * 0233 * \return The size of the message-digest output in Bytes. 0234 */ 0235 unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info); 0236 0237 /** 0238 * \brief This function gives the message-digest size associated to 0239 * message-digest type. 0240 * 0241 * \param md_type The message-digest type. 0242 * 0243 * \return The size of the message-digest output in Bytes, 0244 * or 0 if the message-digest type is not known. 0245 */ 0246 static inline unsigned char mbedtls_md_get_size_from_type(mbedtls_md_type_t md_type) 0247 { 0248 return mbedtls_md_get_size(mbedtls_md_info_from_type(md_type)); 0249 } 0250 0251 /** 0252 * \brief This function extracts the message-digest type from the 0253 * message-digest information structure. 0254 * 0255 * \param md_info The information structure of the message-digest algorithm 0256 * to use. 0257 * 0258 * \return The type of the message digest. 0259 */ 0260 mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info); 0261 0262 /** 0263 * \brief This function starts a message-digest computation. 0264 * 0265 * You must call this function after setting up the context 0266 * with mbedtls_md_setup(), and before passing data with 0267 * mbedtls_md_update(). 0268 * 0269 * \param ctx The generic message-digest context. 0270 * 0271 * \return \c 0 on success. 0272 * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 0273 * failure. 0274 */ 0275 MBEDTLS_CHECK_RETURN_TYPICAL 0276 int mbedtls_md_starts(mbedtls_md_context_t *ctx); 0277 0278 /** 0279 * \brief This function feeds an input buffer into an ongoing 0280 * message-digest computation. 0281 * 0282 * You must call mbedtls_md_starts() before calling this 0283 * function. You may call this function multiple times. 0284 * Afterwards, call mbedtls_md_finish(). 0285 * 0286 * \param ctx The generic message-digest context. 0287 * \param input The buffer holding the input data. 0288 * \param ilen The length of the input data. 0289 * 0290 * \return \c 0 on success. 0291 * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 0292 * failure. 0293 */ 0294 MBEDTLS_CHECK_RETURN_TYPICAL 0295 int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen); 0296 0297 /** 0298 * \brief This function finishes the digest operation, 0299 * and writes the result to the output buffer. 0300 * 0301 * Call this function after a call to mbedtls_md_starts(), 0302 * followed by any number of calls to mbedtls_md_update(). 0303 * Afterwards, you may either clear the context with 0304 * mbedtls_md_free(), or call mbedtls_md_starts() to reuse 0305 * the context for another digest operation with the same 0306 * algorithm. 0307 * 0308 * \param ctx The generic message-digest context. 0309 * \param output The buffer for the generic message-digest checksum result. 0310 * 0311 * \return \c 0 on success. 0312 * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 0313 * failure. 0314 */ 0315 MBEDTLS_CHECK_RETURN_TYPICAL 0316 int mbedtls_md_finish(mbedtls_md_context_t *ctx, unsigned char *output); 0317 0318 /** 0319 * \brief This function calculates the message-digest of a buffer, 0320 * with respect to a configurable message-digest algorithm 0321 * in a single call. 0322 * 0323 * The result is calculated as 0324 * Output = message_digest(input buffer). 0325 * 0326 * \param md_info The information structure of the message-digest algorithm 0327 * to use. 0328 * \param input The buffer holding the data. 0329 * \param ilen The length of the input data. 0330 * \param output The generic message-digest checksum result. 0331 * 0332 * \return \c 0 on success. 0333 * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 0334 * failure. 0335 */ 0336 MBEDTLS_CHECK_RETURN_TYPICAL 0337 int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, 0338 unsigned char *output); 0339 0340 /** 0341 * \brief This function returns the list of digests supported by the 0342 * generic digest module. 0343 * 0344 * \note The list starts with the strongest available hashes. 0345 * 0346 * \return A statically allocated array of digests. Each element 0347 * in the returned list is an integer belonging to the 0348 * message-digest enumeration #mbedtls_md_type_t. 0349 * The last entry is 0. 0350 */ 0351 const int *mbedtls_md_list(void); 0352 0353 /** 0354 * \brief This function returns the message-digest information 0355 * associated with the given digest name. 0356 * 0357 * \param md_name The name of the digest to search for. 0358 * 0359 * \return The message-digest information associated with \p md_name. 0360 * \return NULL if the associated message-digest information is not found. 0361 */ 0362 const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name); 0363 0364 /** 0365 * \brief This function returns the name of the message digest for 0366 * the message-digest information structure given. 0367 * 0368 * \param md_info The information structure of the message-digest algorithm 0369 * to use. 0370 * 0371 * \return The name of the message digest. 0372 */ 0373 const char *mbedtls_md_get_name(const mbedtls_md_info_t *md_info); 0374 0375 /** 0376 * \brief This function returns the message-digest information 0377 * from the given context. 0378 * 0379 * \param ctx The context from which to extract the information. 0380 * This must be initialized (or \c NULL). 0381 * 0382 * \return The message-digest information associated with \p ctx. 0383 * \return \c NULL if \p ctx is \c NULL. 0384 */ 0385 const mbedtls_md_info_t *mbedtls_md_info_from_ctx( 0386 const mbedtls_md_context_t *ctx); 0387 0388 #if defined(MBEDTLS_FS_IO) 0389 /** 0390 * \brief This function calculates the message-digest checksum 0391 * result of the contents of the provided file. 0392 * 0393 * The result is calculated as 0394 * Output = message_digest(file contents). 0395 * 0396 * \param md_info The information structure of the message-digest algorithm 0397 * to use. 0398 * \param path The input file name. 0399 * \param output The generic message-digest checksum result. 0400 * 0401 * \return \c 0 on success. 0402 * \return #MBEDTLS_ERR_MD_FILE_IO_ERROR on an I/O error accessing 0403 * the file pointed by \p path. 0404 * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL. 0405 */ 0406 MBEDTLS_CHECK_RETURN_TYPICAL 0407 int mbedtls_md_file(const mbedtls_md_info_t *md_info, const char *path, 0408 unsigned char *output); 0409 #endif /* MBEDTLS_FS_IO */ 0410 0411 /** 0412 * \brief This function sets the HMAC key and prepares to 0413 * authenticate a new message. 0414 * 0415 * Call this function after mbedtls_md_setup(), to use 0416 * the MD context for an HMAC calculation, then call 0417 * mbedtls_md_hmac_update() to provide the input data, and 0418 * mbedtls_md_hmac_finish() to get the HMAC value. 0419 * 0420 * \param ctx The message digest context containing an embedded HMAC 0421 * context. 0422 * \param key The HMAC secret key. 0423 * \param keylen The length of the HMAC key in Bytes. 0424 * 0425 * \return \c 0 on success. 0426 * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 0427 * failure. 0428 */ 0429 MBEDTLS_CHECK_RETURN_TYPICAL 0430 int mbedtls_md_hmac_starts(mbedtls_md_context_t *ctx, const unsigned char *key, 0431 size_t keylen); 0432 0433 /** 0434 * \brief This function feeds an input buffer into an ongoing HMAC 0435 * computation. 0436 * 0437 * Call mbedtls_md_hmac_starts() or mbedtls_md_hmac_reset() 0438 * before calling this function. 0439 * You may call this function multiple times to pass the 0440 * input piecewise. 0441 * Afterwards, call mbedtls_md_hmac_finish(). 0442 * 0443 * \param ctx The message digest context containing an embedded HMAC 0444 * context. 0445 * \param input The buffer holding the input data. 0446 * \param ilen The length of the input data. 0447 * 0448 * \return \c 0 on success. 0449 * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 0450 * failure. 0451 */ 0452 MBEDTLS_CHECK_RETURN_TYPICAL 0453 int mbedtls_md_hmac_update(mbedtls_md_context_t *ctx, const unsigned char *input, 0454 size_t ilen); 0455 0456 /** 0457 * \brief This function finishes the HMAC operation, and writes 0458 * the result to the output buffer. 0459 * 0460 * Call this function after mbedtls_md_hmac_starts() and 0461 * mbedtls_md_hmac_update() to get the HMAC value. Afterwards 0462 * you may either call mbedtls_md_free() to clear the context, 0463 * or call mbedtls_md_hmac_reset() to reuse the context with 0464 * the same HMAC key. 0465 * 0466 * \param ctx The message digest context containing an embedded HMAC 0467 * context. 0468 * \param output The generic HMAC checksum result. 0469 * 0470 * \return \c 0 on success. 0471 * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 0472 * failure. 0473 */ 0474 MBEDTLS_CHECK_RETURN_TYPICAL 0475 int mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, unsigned char *output); 0476 0477 /** 0478 * \brief This function prepares to authenticate a new message with 0479 * the same key as the previous HMAC operation. 0480 * 0481 * You may call this function after mbedtls_md_hmac_finish(). 0482 * Afterwards call mbedtls_md_hmac_update() to pass the new 0483 * input. 0484 * 0485 * \param ctx The message digest context containing an embedded HMAC 0486 * context. 0487 * 0488 * \return \c 0 on success. 0489 * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 0490 * failure. 0491 */ 0492 MBEDTLS_CHECK_RETURN_TYPICAL 0493 int mbedtls_md_hmac_reset(mbedtls_md_context_t *ctx); 0494 0495 /** 0496 * \brief This function calculates the full generic HMAC 0497 * on the input buffer with the provided key. 0498 * 0499 * The function allocates the context, performs the 0500 * calculation, and frees the context. 0501 * 0502 * The HMAC result is calculated as 0503 * output = generic HMAC(hmac key, input buffer). 0504 * 0505 * \param md_info The information structure of the message-digest algorithm 0506 * to use. 0507 * \param key The HMAC secret key. 0508 * \param keylen The length of the HMAC secret key in Bytes. 0509 * \param input The buffer holding the input data. 0510 * \param ilen The length of the input data. 0511 * \param output The generic HMAC result. 0512 * 0513 * \return \c 0 on success. 0514 * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 0515 * failure. 0516 */ 0517 MBEDTLS_CHECK_RETURN_TYPICAL 0518 int mbedtls_md_hmac(const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen, 0519 const unsigned char *input, size_t ilen, 0520 unsigned char *output); 0521 0522 #ifdef __cplusplus 0523 } 0524 #endif 0525 0526 #endif /* MBEDTLS_MD_H */
| [ Source navigation ] | [ Diff markup ] | [ Identifier search ] | [ general search ] |
|
This page was automatically generated by the 2.3.7 LXR engine. The LXR team |
|