4 * \brief This file contains SHA-1 definitions and functions.
\r
6 * The Secure Hash Algorithm 1 (SHA-1) cryptographic hash function is defined in
\r
7 * <em>FIPS 180-4: Secure Hash Standard (SHS)</em>.
\r
9 * \warning SHA-1 is considered a weak message digest and its use constitutes
\r
10 * a security risk. We recommend considering stronger message
\r
14 * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
\r
15 * SPDX-License-Identifier: Apache-2.0
\r
17 * Licensed under the Apache License, Version 2.0 (the "License"); you may
\r
18 * not use this file except in compliance with the License.
\r
19 * You may obtain a copy of the License at
\r
21 * http://www.apache.org/licenses/LICENSE-2.0
\r
23 * Unless required by applicable law or agreed to in writing, software
\r
24 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
\r
25 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
26 * See the License for the specific language governing permissions and
\r
27 * limitations under the License.
\r
29 * This file is part of Mbed TLS (https://tls.mbed.org)
\r
31 #ifndef MBEDTLS_SHA1_H
\r
32 #define MBEDTLS_SHA1_H
\r
34 #if !defined(MBEDTLS_CONFIG_FILE)
\r
37 #include MBEDTLS_CONFIG_FILE
\r
43 /* MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED is deprecated and should not be used. */
\r
44 #define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED -0x0035 /**< SHA-1 hardware accelerator failed */
\r
45 #define MBEDTLS_ERR_SHA1_BAD_INPUT_DATA -0x0073 /**< SHA-1 input data was malformed. */
\r
51 #if !defined(MBEDTLS_SHA1_ALT)
\r
52 // Regular implementation
\r
56 * \brief The SHA-1 context structure.
\r
58 * \warning SHA-1 is considered a weak message digest and its use
\r
59 * constitutes a security risk. We recommend considering
\r
60 * stronger message digests instead.
\r
63 typedef struct mbedtls_sha1_context
\r
65 uint32_t total[2]; /*!< The number of Bytes processed. */
\r
66 uint32_t state[5]; /*!< The intermediate digest state. */
\r
67 unsigned char buffer[64]; /*!< The data block being processed. */
\r
69 mbedtls_sha1_context;
\r
71 #else /* MBEDTLS_SHA1_ALT */
\r
72 #include "sha1_alt.h"
\r
73 #endif /* MBEDTLS_SHA1_ALT */
\r
76 * \brief This function initializes a SHA-1 context.
\r
78 * \warning SHA-1 is considered a weak message digest and its use
\r
79 * constitutes a security risk. We recommend considering
\r
80 * stronger message digests instead.
\r
82 * \param ctx The SHA-1 context to initialize.
\r
83 * This must not be \c NULL.
\r
86 void mbedtls_sha1_init( mbedtls_sha1_context *ctx );
\r
89 * \brief This function clears a SHA-1 context.
\r
91 * \warning SHA-1 is considered a weak message digest and its use
\r
92 * constitutes a security risk. We recommend considering
\r
93 * stronger message digests instead.
\r
95 * \param ctx The SHA-1 context to clear. This may be \c NULL,
\r
96 * in which case this function does nothing. If it is
\r
97 * not \c NULL, it must point to an initialized
\r
101 void mbedtls_sha1_free( mbedtls_sha1_context *ctx );
\r
104 * \brief This function clones the state of a SHA-1 context.
\r
106 * \warning SHA-1 is considered a weak message digest and its use
\r
107 * constitutes a security risk. We recommend considering
\r
108 * stronger message digests instead.
\r
110 * \param dst The SHA-1 context to clone to. This must be initialized.
\r
111 * \param src The SHA-1 context to clone from. This must be initialized.
\r
114 void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
\r
115 const mbedtls_sha1_context *src );
\r
118 * \brief This function starts a SHA-1 checksum calculation.
\r
120 * \warning SHA-1 is considered a weak message digest and its use
\r
121 * constitutes a security risk. We recommend considering
\r
122 * stronger message digests instead.
\r
124 * \param ctx The SHA-1 context to initialize. This must be initialized.
\r
126 * \return \c 0 on success.
\r
127 * \return A negative error code on failure.
\r
130 int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx );
\r
133 * \brief This function feeds an input buffer into an ongoing SHA-1
\r
134 * checksum calculation.
\r
136 * \warning SHA-1 is considered a weak message digest and its use
\r
137 * constitutes a security risk. We recommend considering
\r
138 * stronger message digests instead.
\r
140 * \param ctx The SHA-1 context. This must be initialized
\r
141 * and have a hash operation started.
\r
142 * \param input The buffer holding the input data.
\r
143 * This must be a readable buffer of length \p ilen Bytes.
\r
144 * \param ilen The length of the input data \p input in Bytes.
\r
146 * \return \c 0 on success.
\r
147 * \return A negative error code on failure.
\r
149 int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
\r
150 const unsigned char *input,
\r
154 * \brief This function finishes the SHA-1 operation, and writes
\r
155 * the result to the output buffer.
\r
157 * \warning SHA-1 is considered a weak message digest and its use
\r
158 * constitutes a security risk. We recommend considering
\r
159 * stronger message digests instead.
\r
161 * \param ctx The SHA-1 context to use. This must be initialized and
\r
162 * have a hash operation started.
\r
163 * \param output The SHA-1 checksum result. This must be a writable
\r
164 * buffer of length \c 20 Bytes.
\r
166 * \return \c 0 on success.
\r
167 * \return A negative error code on failure.
\r
169 int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
\r
170 unsigned char output[20] );
\r
173 * \brief SHA-1 process data block (internal use only).
\r
175 * \warning SHA-1 is considered a weak message digest and its use
\r
176 * constitutes a security risk. We recommend considering
\r
177 * stronger message digests instead.
\r
179 * \param ctx The SHA-1 context to use. This must be initialized.
\r
180 * \param data The data block being processed. This must be a
\r
181 * readable buffer of length \c 64 Bytes.
\r
183 * \return \c 0 on success.
\r
184 * \return A negative error code on failure.
\r
187 int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
\r
188 const unsigned char data[64] );
\r
190 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
\r
191 #if defined(MBEDTLS_DEPRECATED_WARNING)
\r
192 #define MBEDTLS_DEPRECATED __attribute__((deprecated))
\r
194 #define MBEDTLS_DEPRECATED
\r
197 * \brief This function starts a SHA-1 checksum calculation.
\r
199 * \warning SHA-1 is considered a weak message digest and its use
\r
200 * constitutes a security risk. We recommend considering
\r
201 * stronger message digests instead.
\r
203 * \deprecated Superseded by mbedtls_sha1_starts_ret() in 2.7.0.
\r
205 * \param ctx The SHA-1 context to initialize. This must be initialized.
\r
208 MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
\r
211 * \brief This function feeds an input buffer into an ongoing SHA-1
\r
212 * checksum calculation.
\r
214 * \warning SHA-1 is considered a weak message digest and its use
\r
215 * constitutes a security risk. We recommend considering
\r
216 * stronger message digests instead.
\r
218 * \deprecated Superseded by mbedtls_sha1_update_ret() in 2.7.0.
\r
220 * \param ctx The SHA-1 context. This must be initialized and
\r
221 * have a hash operation started.
\r
222 * \param input The buffer holding the input data.
\r
223 * This must be a readable buffer of length \p ilen Bytes.
\r
224 * \param ilen The length of the input data \p input in Bytes.
\r
227 MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
\r
228 const unsigned char *input,
\r
232 * \brief This function finishes the SHA-1 operation, and writes
\r
233 * the result to the output buffer.
\r
235 * \warning SHA-1 is considered a weak message digest and its use
\r
236 * constitutes a security risk. We recommend considering
\r
237 * stronger message digests instead.
\r
239 * \deprecated Superseded by mbedtls_sha1_finish_ret() in 2.7.0.
\r
241 * \param ctx The SHA-1 context. This must be initialized and
\r
242 * have a hash operation started.
\r
243 * \param output The SHA-1 checksum result.
\r
244 * This must be a writable buffer of length \c 20 Bytes.
\r
246 MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
\r
247 unsigned char output[20] );
\r
250 * \brief SHA-1 process data block (internal use only).
\r
252 * \warning SHA-1 is considered a weak message digest and its use
\r
253 * constitutes a security risk. We recommend considering
\r
254 * stronger message digests instead.
\r
256 * \deprecated Superseded by mbedtls_internal_sha1_process() in 2.7.0.
\r
258 * \param ctx The SHA-1 context. This must be initialized.
\r
259 * \param data The data block being processed.
\r
260 * This must be a readable buffer of length \c 64 bytes.
\r
263 MBEDTLS_DEPRECATED void mbedtls_sha1_process( mbedtls_sha1_context *ctx,
\r
264 const unsigned char data[64] );
\r
266 #undef MBEDTLS_DEPRECATED
\r
267 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
\r
270 * \brief This function calculates the SHA-1 checksum of a buffer.
\r
272 * The function allocates the context, performs the
\r
273 * calculation, and frees the context.
\r
275 * The SHA-1 result is calculated as
\r
276 * output = SHA-1(input buffer).
\r
278 * \warning SHA-1 is considered a weak message digest and its use
\r
279 * constitutes a security risk. We recommend considering
\r
280 * stronger message digests instead.
\r
282 * \param input The buffer holding the input data.
\r
283 * This must be a readable buffer of length \p ilen Bytes.
\r
284 * \param ilen The length of the input data \p input in Bytes.
\r
285 * \param output The SHA-1 checksum result.
\r
286 * This must be a writable buffer of length \c 20 Bytes.
\r
288 * \return \c 0 on success.
\r
289 * \return A negative error code on failure.
\r
292 int mbedtls_sha1_ret( const unsigned char *input,
\r
294 unsigned char output[20] );
\r
296 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
\r
297 #if defined(MBEDTLS_DEPRECATED_WARNING)
\r
298 #define MBEDTLS_DEPRECATED __attribute__((deprecated))
\r
300 #define MBEDTLS_DEPRECATED
\r
303 * \brief This function calculates the SHA-1 checksum of a buffer.
\r
305 * The function allocates the context, performs the
\r
306 * calculation, and frees the context.
\r
308 * The SHA-1 result is calculated as
\r
309 * output = SHA-1(input buffer).
\r
311 * \warning SHA-1 is considered a weak message digest and its use
\r
312 * constitutes a security risk. We recommend considering
\r
313 * stronger message digests instead.
\r
315 * \deprecated Superseded by mbedtls_sha1_ret() in 2.7.0
\r
317 * \param input The buffer holding the input data.
\r
318 * This must be a readable buffer of length \p ilen Bytes.
\r
319 * \param ilen The length of the input data \p input in Bytes.
\r
320 * \param output The SHA-1 checksum result. This must be a writable
\r
321 * buffer of size \c 20 Bytes.
\r
324 MBEDTLS_DEPRECATED void mbedtls_sha1( const unsigned char *input,
\r
326 unsigned char output[20] );
\r
328 #undef MBEDTLS_DEPRECATED
\r
329 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
\r
331 #if defined(MBEDTLS_SELF_TEST)
\r
334 * \brief The SHA-1 checkup routine.
\r
336 * \warning SHA-1 is considered a weak message digest and its use
\r
337 * constitutes a security risk. We recommend considering
\r
338 * stronger message digests instead.
\r
340 * \return \c 0 on success.
\r
341 * \return \c 1 on failure.
\r
344 int mbedtls_sha1_self_test( int verbose );
\r
346 #endif /* MBEDTLS_SELF_TEST */
\r
352 #endif /* mbedtls_sha1.h */
\r