4 * \brief Generic message digest wrapper for mbed TLS
\r
6 * \author Adriaan de Jong <dejong@fox-it.com>
\r
8 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
\r
9 * SPDX-License-Identifier: Apache-2.0
\r
11 * Licensed under the Apache License, Version 2.0 (the "License"); you may
\r
12 * not use this file except in compliance with the License.
\r
13 * You may obtain a copy of the License at
\r
15 * http://www.apache.org/licenses/LICENSE-2.0
\r
17 * Unless required by applicable law or agreed to in writing, software
\r
18 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
\r
19 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
20 * See the License for the specific language governing permissions and
\r
21 * limitations under the License.
\r
23 * This file is part of mbed TLS (https://tls.mbed.org)
\r
26 #if !defined(MBEDTLS_CONFIG_FILE)
\r
27 #include "mbedtls/config.h"
\r
29 #include MBEDTLS_CONFIG_FILE
\r
32 #if defined(MBEDTLS_MD_C)
\r
34 #include "mbedtls/md.h"
\r
35 #include "mbedtls/md_internal.h"
\r
36 #include "mbedtls/platform_util.h"
\r
38 #if defined(MBEDTLS_PLATFORM_C)
\r
39 #include "mbedtls/platform.h"
\r
42 #define mbedtls_calloc calloc
\r
43 #define mbedtls_free free
\r
48 #if defined(MBEDTLS_FS_IO)
\r
53 * Reminder: update profiles in x509_crt.c when adding a new hash!
\r
55 static const int supported_digests[] = {
\r
57 #if defined(MBEDTLS_SHA512_C)
\r
62 #if defined(MBEDTLS_SHA256_C)
\r
67 #if defined(MBEDTLS_SHA1_C)
\r
71 #if defined(MBEDTLS_RIPEMD160_C)
\r
72 MBEDTLS_MD_RIPEMD160,
\r
75 #if defined(MBEDTLS_MD5_C)
\r
79 #if defined(MBEDTLS_MD4_C)
\r
83 #if defined(MBEDTLS_MD2_C)
\r
90 const int *mbedtls_md_list( void )
\r
92 return( supported_digests );
\r
95 const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name )
\r
97 if( NULL == md_name )
\r
100 /* Get the appropriate digest information */
\r
101 #if defined(MBEDTLS_MD2_C)
\r
102 if( !strcmp( "MD2", md_name ) )
\r
103 return mbedtls_md_info_from_type( MBEDTLS_MD_MD2 );
\r
105 #if defined(MBEDTLS_MD4_C)
\r
106 if( !strcmp( "MD4", md_name ) )
\r
107 return mbedtls_md_info_from_type( MBEDTLS_MD_MD4 );
\r
109 #if defined(MBEDTLS_MD5_C)
\r
110 if( !strcmp( "MD5", md_name ) )
\r
111 return mbedtls_md_info_from_type( MBEDTLS_MD_MD5 );
\r
113 #if defined(MBEDTLS_RIPEMD160_C)
\r
114 if( !strcmp( "RIPEMD160", md_name ) )
\r
115 return mbedtls_md_info_from_type( MBEDTLS_MD_RIPEMD160 );
\r
117 #if defined(MBEDTLS_SHA1_C)
\r
118 if( !strcmp( "SHA1", md_name ) || !strcmp( "SHA", md_name ) )
\r
119 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
\r
121 #if defined(MBEDTLS_SHA256_C)
\r
122 if( !strcmp( "SHA224", md_name ) )
\r
123 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA224 );
\r
124 if( !strcmp( "SHA256", md_name ) )
\r
125 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 );
\r
127 #if defined(MBEDTLS_SHA512_C)
\r
128 if( !strcmp( "SHA384", md_name ) )
\r
129 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 );
\r
130 if( !strcmp( "SHA512", md_name ) )
\r
131 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 );
\r
136 const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
\r
140 #if defined(MBEDTLS_MD2_C)
\r
141 case MBEDTLS_MD_MD2:
\r
142 return( &mbedtls_md2_info );
\r
144 #if defined(MBEDTLS_MD4_C)
\r
145 case MBEDTLS_MD_MD4:
\r
146 return( &mbedtls_md4_info );
\r
148 #if defined(MBEDTLS_MD5_C)
\r
149 case MBEDTLS_MD_MD5:
\r
150 return( &mbedtls_md5_info );
\r
152 #if defined(MBEDTLS_RIPEMD160_C)
\r
153 case MBEDTLS_MD_RIPEMD160:
\r
154 return( &mbedtls_ripemd160_info );
\r
156 #if defined(MBEDTLS_SHA1_C)
\r
157 case MBEDTLS_MD_SHA1:
\r
158 return( &mbedtls_sha1_info );
\r
160 #if defined(MBEDTLS_SHA256_C)
\r
161 case MBEDTLS_MD_SHA224:
\r
162 return( &mbedtls_sha224_info );
\r
163 case MBEDTLS_MD_SHA256:
\r
164 return( &mbedtls_sha256_info );
\r
166 #if defined(MBEDTLS_SHA512_C)
\r
167 case MBEDTLS_MD_SHA384:
\r
168 return( &mbedtls_sha384_info );
\r
169 case MBEDTLS_MD_SHA512:
\r
170 return( &mbedtls_sha512_info );
\r
177 void mbedtls_md_init( mbedtls_md_context_t *ctx )
\r
179 memset( ctx, 0, sizeof( mbedtls_md_context_t ) );
\r
182 void mbedtls_md_free( mbedtls_md_context_t *ctx )
\r
184 if( ctx == NULL || ctx->md_info == NULL )
\r
187 if( ctx->md_ctx != NULL )
\r
188 ctx->md_info->ctx_free_func( ctx->md_ctx );
\r
190 if( ctx->hmac_ctx != NULL )
\r
192 mbedtls_platform_zeroize( ctx->hmac_ctx,
\r
193 2 * ctx->md_info->block_size );
\r
194 mbedtls_free( ctx->hmac_ctx );
\r
197 mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md_context_t ) );
\r
200 int mbedtls_md_clone( mbedtls_md_context_t *dst,
\r
201 const mbedtls_md_context_t *src )
\r
203 if( dst == NULL || dst->md_info == NULL ||
\r
204 src == NULL || src->md_info == NULL ||
\r
205 dst->md_info != src->md_info )
\r
207 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
\r
210 dst->md_info->clone_func( dst->md_ctx, src->md_ctx );
\r
215 #if ! defined(MBEDTLS_DEPRECATED_REMOVED)
\r
216 int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info )
\r
218 return mbedtls_md_setup( ctx, md_info, 1 );
\r
222 int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac )
\r
224 if( md_info == NULL || ctx == NULL )
\r
225 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
\r
227 if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
\r
228 return( MBEDTLS_ERR_MD_ALLOC_FAILED );
\r
232 ctx->hmac_ctx = mbedtls_calloc( 2, md_info->block_size );
\r
233 if( ctx->hmac_ctx == NULL )
\r
235 md_info->ctx_free_func( ctx->md_ctx );
\r
236 return( MBEDTLS_ERR_MD_ALLOC_FAILED );
\r
240 ctx->md_info = md_info;
\r
245 int mbedtls_md_starts( mbedtls_md_context_t *ctx )
\r
247 if( ctx == NULL || ctx->md_info == NULL )
\r
248 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
\r
250 return( ctx->md_info->starts_func( ctx->md_ctx ) );
\r
253 int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
\r
255 if( ctx == NULL || ctx->md_info == NULL )
\r
256 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
\r
258 return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) );
\r
261 int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
\r
263 if( ctx == NULL || ctx->md_info == NULL )
\r
264 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
\r
266 return( ctx->md_info->finish_func( ctx->md_ctx, output ) );
\r
269 int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
\r
270 unsigned char *output )
\r
272 if( md_info == NULL )
\r
273 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
\r
275 return( md_info->digest_func( input, ilen, output ) );
\r
278 #if defined(MBEDTLS_FS_IO)
\r
279 int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output )
\r
284 mbedtls_md_context_t ctx;
\r
285 unsigned char buf[1024];
\r
287 if( md_info == NULL )
\r
288 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
\r
290 if( ( f = fopen( path, "rb" ) ) == NULL )
\r
291 return( MBEDTLS_ERR_MD_FILE_IO_ERROR );
\r
293 mbedtls_md_init( &ctx );
\r
295 if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
\r
298 if( ( ret = md_info->starts_func( ctx.md_ctx ) ) != 0 )
\r
301 while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
\r
302 if( ( ret = md_info->update_func( ctx.md_ctx, buf, n ) ) != 0 )
\r
305 if( ferror( f ) != 0 )
\r
306 ret = MBEDTLS_ERR_MD_FILE_IO_ERROR;
\r
308 ret = md_info->finish_func( ctx.md_ctx, output );
\r
311 mbedtls_platform_zeroize( buf, sizeof( buf ) );
\r
313 mbedtls_md_free( &ctx );
\r
317 #endif /* MBEDTLS_FS_IO */
\r
319 int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen )
\r
322 unsigned char sum[MBEDTLS_MD_MAX_SIZE];
\r
323 unsigned char *ipad, *opad;
\r
326 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
\r
327 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
\r
329 if( keylen > (size_t) ctx->md_info->block_size )
\r
331 if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
\r
333 if( ( ret = ctx->md_info->update_func( ctx->md_ctx, key, keylen ) ) != 0 )
\r
335 if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, sum ) ) != 0 )
\r
338 keylen = ctx->md_info->size;
\r
342 ipad = (unsigned char *) ctx->hmac_ctx;
\r
343 opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
\r
345 memset( ipad, 0x36, ctx->md_info->block_size );
\r
346 memset( opad, 0x5C, ctx->md_info->block_size );
\r
348 for( i = 0; i < keylen; i++ )
\r
350 ipad[i] = (unsigned char)( ipad[i] ^ key[i] );
\r
351 opad[i] = (unsigned char)( opad[i] ^ key[i] );
\r
354 if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
\r
356 if( ( ret = ctx->md_info->update_func( ctx->md_ctx, ipad,
\r
357 ctx->md_info->block_size ) ) != 0 )
\r
361 mbedtls_platform_zeroize( sum, sizeof( sum ) );
\r
366 int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
\r
368 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
\r
369 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
\r
371 return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) );
\r
374 int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
\r
377 unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
\r
378 unsigned char *opad;
\r
380 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
\r
381 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
\r
383 opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
\r
385 if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, tmp ) ) != 0 )
\r
387 if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
\r
389 if( ( ret = ctx->md_info->update_func( ctx->md_ctx, opad,
\r
390 ctx->md_info->block_size ) ) != 0 )
\r
392 if( ( ret = ctx->md_info->update_func( ctx->md_ctx, tmp,
\r
393 ctx->md_info->size ) ) != 0 )
\r
395 return( ctx->md_info->finish_func( ctx->md_ctx, output ) );
\r
398 int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
\r
401 unsigned char *ipad;
\r
403 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
\r
404 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
\r
406 ipad = (unsigned char *) ctx->hmac_ctx;
\r
408 if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
\r
410 return( ctx->md_info->update_func( ctx->md_ctx, ipad,
\r
411 ctx->md_info->block_size ) );
\r
414 int mbedtls_md_hmac( const mbedtls_md_info_t *md_info,
\r
415 const unsigned char *key, size_t keylen,
\r
416 const unsigned char *input, size_t ilen,
\r
417 unsigned char *output )
\r
419 mbedtls_md_context_t ctx;
\r
422 if( md_info == NULL )
\r
423 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
\r
425 mbedtls_md_init( &ctx );
\r
427 if( ( ret = mbedtls_md_setup( &ctx, md_info, 1 ) ) != 0 )
\r
430 if( ( ret = mbedtls_md_hmac_starts( &ctx, key, keylen ) ) != 0 )
\r
432 if( ( ret = mbedtls_md_hmac_update( &ctx, input, ilen ) ) != 0 )
\r
434 if( ( ret = mbedtls_md_hmac_finish( &ctx, output ) ) != 0 )
\r
438 mbedtls_md_free( &ctx );
\r
443 int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
\r
445 if( ctx == NULL || ctx->md_info == NULL )
\r
446 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
\r
448 return( ctx->md_info->process_func( ctx->md_ctx, data ) );
\r
451 unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info )
\r
453 if( md_info == NULL )
\r
456 return md_info->size;
\r
459 mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info )
\r
461 if( md_info == NULL )
\r
462 return( MBEDTLS_MD_NONE );
\r
464 return md_info->type;
\r
467 const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info )
\r
469 if( md_info == NULL )
\r
472 return md_info->name;
\r
475 #endif /* MBEDTLS_MD_C */
\r