include/mbedtls/sha256.h

0001 /**
0002  * \file sha256.h
0003  *
0004  * \brief This file contains SHA-224 and SHA-256 definitions and functions.
0005  *
0006  * The Secure Hash Algorithms 224 and 256 (SHA-224 and SHA-256) cryptographic
0007  * hash functions are defined in <em>FIPS 180-4: Secure Hash Standard (SHS)</em>.
0008  */
0009 /*
0010  *  Copyright The Mbed TLS Contributors
0011  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
0012  */
0013 #ifndef MBEDTLS_SHA256_H
0014 #define MBEDTLS_SHA256_H
0015 #include "mbedtls/private_access.h"
0016
0017 #include "mbedtls/build_info.h"
0018
0019 #include <stddef.h>
0020 #include <stdint.h>
0021
0022 /** SHA-256 input data was malformed. */
0023 #define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA                 -0x0074
0024
0025 #ifdef __cplusplus
0026 extern "C" {
0027 #endif
0028
0029 #if !defined(MBEDTLS_SHA256_ALT)
0030 // Regular implementation
0031 //
0032
0033 /**
0034  * \brief          The SHA-256 context structure.
0035  *
0036  *                 The structure is used both for SHA-256 and for SHA-224
0037  *                 checksum calculations. The choice between these two is
0038  *                 made in the call to mbedtls_sha256_starts().
0039  */
0040 typedef struct mbedtls_sha256_context {
0041     unsigned char MBEDTLS_PRIVATE(buffer)[64];   /*!< The data block being processed. */
0042     uint32_t MBEDTLS_PRIVATE(total)[2];          /*!< The number of Bytes processed.  */
0043     uint32_t MBEDTLS_PRIVATE(state)[8];          /*!< The intermediate digest state.  */
0044 #if defined(MBEDTLS_SHA224_C)
0045     int MBEDTLS_PRIVATE(is224);                  /*!< Determines which function to use:
0046                                                     0: Use SHA-256, or 1: Use SHA-224. */
0047 #endif
0048 }
0049 mbedtls_sha256_context;
0050
0051 #else  /* MBEDTLS_SHA256_ALT */
0052 #include "sha256_alt.h"
0053 #endif /* MBEDTLS_SHA256_ALT */
0054
0055 /**
0056  * \brief          This function initializes a SHA-256 context.
0057  *
0058  * \param ctx      The SHA-256 context to initialize. This must not be \c NULL.
0059  */
0060 void mbedtls_sha256_init(mbedtls_sha256_context *ctx);
0061
0062 /**
0063  * \brief          This function clears a SHA-256 context.
0064  *
0065  * \param ctx      The SHA-256 context to clear. This may be \c NULL, in which
0066  *                 case this function returns immediately. If it is not \c NULL,
0067  *                 it must point to an initialized SHA-256 context.
0068  */
0069 void mbedtls_sha256_free(mbedtls_sha256_context *ctx);
0070
0071 /**
0072  * \brief          This function clones the state of a SHA-256 context.
0073  *
0074  * \param dst      The destination context. This must be initialized.
0075  * \param src      The context to clone. This must be initialized.
0076  */
0077 void mbedtls_sha256_clone(mbedtls_sha256_context *dst,
0078                           const mbedtls_sha256_context *src);
0079
0080 /**
0081  * \brief          This function starts a SHA-224 or SHA-256 checksum
0082  *                 calculation.
0083  *
0084  * \param ctx      The context to use. This must be initialized.
0085  * \param is224    This determines which function to use. This must be
0086  *                 either \c 0 for SHA-256, or \c 1 for SHA-224.
0087  *
0088  * \note           is224 must be defined accordingly to the enabled
0089  *                 MBEDTLS_SHA224_C/MBEDTLS_SHA256_C symbols otherwise the
0090  *                 function will return #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA.
0091  *
0092  * \return         \c 0 on success.
0093  * \return         A negative error code on failure.
0094  */
0095 int mbedtls_sha256_starts(mbedtls_sha256_context *ctx, int is224);
0096
0097 /**
0098  * \brief          This function feeds an input buffer into an ongoing
0099  *                 SHA-256 checksum calculation.
0100  *
0101  * \param ctx      The SHA-256 context. This must be initialized
0102  *                 and have a hash operation started.
0103  * \param input    The buffer holding the data. This must be a readable
0104  *                 buffer of length \p ilen Bytes.
0105  * \param ilen     The length of the input data in Bytes.
0106  *
0107  * \return         \c 0 on success.
0108  * \return         A negative error code on failure.
0109  */
0110 int mbedtls_sha256_update(mbedtls_sha256_context *ctx,
0111                           const unsigned char *input,
0112                           size_t ilen);
0113
0114 /**
0115  * \brief          This function finishes the SHA-256 operation, and writes
0116  *                 the result to the output buffer.
0117  *
0118  * \param ctx      The SHA-256 context. This must be initialized
0119  *                 and have a hash operation started.
0120  * \param output   The SHA-224 or SHA-256 checksum result.
0121  *                 This must be a writable buffer of length \c 32 bytes
0122  *                 for SHA-256, \c 28 bytes for SHA-224.
0123  *
0124  * \return         \c 0 on success.
0125  * \return         A negative error code on failure.
0126  */
0127 int mbedtls_sha256_finish(mbedtls_sha256_context *ctx,
0128                           unsigned char *output);
0129
0130 /**
0131  * \brief          This function processes a single data block within
0132  *                 the ongoing SHA-256 computation. This function is for
0133  *                 internal use only.
0134  *
0135  * \param ctx      The SHA-256 context. This must be initialized.
0136  * \param data     The buffer holding one block of data. This must
0137  *                 be a readable buffer of length \c 64 Bytes.
0138  *
0139  * \return         \c 0 on success.
0140  * \return         A negative error code on failure.
0141  */
0142 int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx,
0143                                     const unsigned char data[64]);
0144
0145 /**
0146  * \brief          This function calculates the SHA-224 or SHA-256
0147  *                 checksum of a buffer.
0148  *
0149  *                 The function allocates the context, performs the
0150  *                 calculation, and frees the context.
0151  *
0152  *                 The SHA-256 result is calculated as
0153  *                 output = SHA-256(input buffer).
0154  *
0155  * \param input    The buffer holding the data. This must be a readable
0156  *                 buffer of length \p ilen Bytes.
0157  * \param ilen     The length of the input data in Bytes.
0158  * \param output   The SHA-224 or SHA-256 checksum result.
0159  *                 This must be a writable buffer of length \c 32 bytes
0160  *                 for SHA-256, \c 28 bytes for SHA-224.
0161  * \param is224    Determines which function to use. This must be
0162  *                 either \c 0 for SHA-256, or \c 1 for SHA-224.
0163  *
0164  * \return         \c 0 on success.
0165  * \return         A negative error code on failure.
0166  */
0167 int mbedtls_sha256(const unsigned char *input,
0168                    size_t ilen,
0169                    unsigned char *output,
0170                    int is224);
0171
0172 #if defined(MBEDTLS_SELF_TEST)
0173
0174 #if defined(MBEDTLS_SHA224_C)
0175 /**
0176  * \brief          The SHA-224 checkup routine.
0177  *
0178  * \return         \c 0 on success.
0179  * \return         \c 1 on failure.
0180  */
0181 int mbedtls_sha224_self_test(int verbose);
0182 #endif /* MBEDTLS_SHA224_C */
0183
0184 #if defined(MBEDTLS_SHA256_C)
0185 /**
0186  * \brief          The SHA-256 checkup routine.
0187  *
0188  * \return         \c 0 on success.
0189  * \return         \c 1 on failure.
0190  */
0191 int mbedtls_sha256_self_test(int verbose);
0192 #endif /* MBEDTLS_SHA256_C */
0193
0194 #endif /* MBEDTLS_SELF_TEST */
0195
0196 #ifdef __cplusplus
0197 }
0198 #endif
0199
0200 #endif /* mbedtls_sha256.h */