1 /**
2 * \file mbedtls_md.c
3 *
4 * \brief Generic message digest wrapper for mbed TLS
5 *
6 * \author Adriaan de Jong <dejong@fox-it.com>
7 *
8 * Copyright The Mbed TLS Contributors
9 * SPDX-License-Identifier: Apache-2.0
10 *
11 * Licensed under the Apache License, Version 2.0 (the "License"); you may
12 * not use this file except in compliance with the License.
13 * You may obtain a copy of the License at
14 *
15 * http://www.apache.org/licenses/LICENSE-2.0
16 *
17 * Unless required by applicable law or agreed to in writing, software
18 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
19 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20 * See the License for the specific language governing permissions and
21 * limitations under the License.
22 */
23
24 #include "common.h"
25
26 #if defined(MBEDTLS_MD_C)
27
28 #include "mbedtls/md.h"
29 #include "mbedtls/md_internal.h"
30 #include "mbedtls/platform_util.h"
31 #include "mbedtls/error.h"
32
33 #include "mbedtls/md2.h"
34 #include "mbedtls/md4.h"
35 #include "mbedtls/md5.h"
36 #include "mbedtls/ripemd160.h"
37 #include "mbedtls/sha1.h"
38 #include "mbedtls/sha256.h"
39 #include "mbedtls/sha512.h"
40
41 #if defined(MBEDTLS_PLATFORM_C)
42 #include "mbedtls/platform.h"
43 #else
44 #include <stdlib.h>
45 #define mbedtls_calloc calloc
46 #define mbedtls_free free
47 #endif
48
49 #include <string.h>
50
51 #if defined(MBEDTLS_FS_IO)
52 #include <stdio.h>
53 #endif
54
55 #if defined(MBEDTLS_MD2_C)
56 const mbedtls_md_info_t mbedtls_md2_info = {
57 "MD2",
58 MBEDTLS_MD_MD2,
59 16,
60 16,
61 };
62 #endif
63
64 #if defined(MBEDTLS_MD4_C)
65 const mbedtls_md_info_t mbedtls_md4_info = {
66 "MD4",
67 MBEDTLS_MD_MD4,
68 16,
69 64,
70 };
71 #endif
72
73 #if defined(MBEDTLS_MD5_C)
74 const mbedtls_md_info_t mbedtls_md5_info = {
75 "MD5",
76 MBEDTLS_MD_MD5,
77 16,
78 64,
79 };
80 #endif
81
82 #if defined(MBEDTLS_RIPEMD160_C)
83 const mbedtls_md_info_t mbedtls_ripemd160_info = {
84 "RIPEMD160",
85 MBEDTLS_MD_RIPEMD160,
86 20,
87 64,
88 };
89 #endif
90
91 #if defined(MBEDTLS_SHA1_C)
92 const mbedtls_md_info_t mbedtls_sha1_info = {
93 "SHA1",
94 MBEDTLS_MD_SHA1,
95 20,
96 64,
97 };
98 #endif
99
100 #if defined(MBEDTLS_SHA256_C)
101 const mbedtls_md_info_t mbedtls_sha224_info = {
102 "SHA224",
103 MBEDTLS_MD_SHA224,
104 28,
105 64,
106 };
107
108 const mbedtls_md_info_t mbedtls_sha256_info = {
109 "SHA256",
110 MBEDTLS_MD_SHA256,
111 32,
112 64,
113 };
114 #endif
115
116 #if defined(MBEDTLS_SHA512_C)
117 #if !defined(MBEDTLS_SHA512_NO_SHA384)
118 const mbedtls_md_info_t mbedtls_sha384_info = {
119 "SHA384",
120 MBEDTLS_MD_SHA384,
121 48,
122 128,
123 };
124 #endif
125
126 const mbedtls_md_info_t mbedtls_sha512_info = {
127 "SHA512",
128 MBEDTLS_MD_SHA512,
129 64,
130 128,
131 };
132 #endif
133
134 /*
135 * Reminder: update profiles in x509_crt.c when adding a new hash!
136 */
137 static const int supported_digests[] = {
138
139 #if defined(MBEDTLS_SHA512_C)
140 MBEDTLS_MD_SHA512,
141 #if !defined(MBEDTLS_SHA512_NO_SHA384)
142 MBEDTLS_MD_SHA384,
143 #endif
144 #endif
145
146 #if defined(MBEDTLS_SHA256_C)
147 MBEDTLS_MD_SHA256,
148 MBEDTLS_MD_SHA224,
149 #endif
150
151 #if defined(MBEDTLS_SHA1_C)
152 MBEDTLS_MD_SHA1,
153 #endif
154
155 #if defined(MBEDTLS_RIPEMD160_C)
156 MBEDTLS_MD_RIPEMD160,
157 #endif
158
159 #if defined(MBEDTLS_MD5_C)
160 MBEDTLS_MD_MD5,
161 #endif
162
163 #if defined(MBEDTLS_MD4_C)
164 MBEDTLS_MD_MD4,
165 #endif
166
167 #if defined(MBEDTLS_MD2_C)
168 MBEDTLS_MD_MD2,
169 #endif
170
171 MBEDTLS_MD_NONE
172 };
173
mbedtls_md_list(void)174 const int *mbedtls_md_list( void )
175 {
176 return( supported_digests );
177 }
178
mbedtls_md_info_from_string(const char * md_name)179 const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name )
180 {
181 if( NULL == md_name )
182 return( NULL );
183
184 /* Get the appropriate digest information */
185 #if defined(MBEDTLS_MD2_C)
186 if( !strcmp( "MD2", md_name ) )
187 return mbedtls_md_info_from_type( MBEDTLS_MD_MD2 );
188 #endif
189 #if defined(MBEDTLS_MD4_C)
190 if( !strcmp( "MD4", md_name ) )
191 return mbedtls_md_info_from_type( MBEDTLS_MD_MD4 );
192 #endif
193 #if defined(MBEDTLS_MD5_C)
194 if( !strcmp( "MD5", md_name ) )
195 return mbedtls_md_info_from_type( MBEDTLS_MD_MD5 );
196 #endif
197 #if defined(MBEDTLS_RIPEMD160_C)
198 if( !strcmp( "RIPEMD160", md_name ) )
199 return mbedtls_md_info_from_type( MBEDTLS_MD_RIPEMD160 );
200 #endif
201 #if defined(MBEDTLS_SHA1_C)
202 if( !strcmp( "SHA1", md_name ) || !strcmp( "SHA", md_name ) )
203 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
204 #endif
205 #if defined(MBEDTLS_SHA256_C)
206 if( !strcmp( "SHA224", md_name ) )
207 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA224 );
208 if( !strcmp( "SHA256", md_name ) )
209 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 );
210 #endif
211 #if defined(MBEDTLS_SHA512_C)
212 #if !defined(MBEDTLS_SHA512_NO_SHA384)
213 if( !strcmp( "SHA384", md_name ) )
214 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 );
215 #endif
216 if( !strcmp( "SHA512", md_name ) )
217 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 );
218 #endif
219 return( NULL );
220 }
221
mbedtls_md_info_from_type(mbedtls_md_type_t md_type)222 const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
223 {
224 switch( md_type )
225 {
226 #if defined(MBEDTLS_MD2_C)
227 case MBEDTLS_MD_MD2:
228 return( &mbedtls_md2_info );
229 #endif
230 #if defined(MBEDTLS_MD4_C)
231 case MBEDTLS_MD_MD4:
232 return( &mbedtls_md4_info );
233 #endif
234 #if defined(MBEDTLS_MD5_C)
235 case MBEDTLS_MD_MD5:
236 return( &mbedtls_md5_info );
237 #endif
238 #if defined(MBEDTLS_RIPEMD160_C)
239 case MBEDTLS_MD_RIPEMD160:
240 return( &mbedtls_ripemd160_info );
241 #endif
242 #if defined(MBEDTLS_SHA1_C)
243 case MBEDTLS_MD_SHA1:
244 return( &mbedtls_sha1_info );
245 #endif
246 #if defined(MBEDTLS_SHA256_C)
247 case MBEDTLS_MD_SHA224:
248 return( &mbedtls_sha224_info );
249 case MBEDTLS_MD_SHA256:
250 return( &mbedtls_sha256_info );
251 #endif
252 #if defined(MBEDTLS_SHA512_C)
253 #if !defined(MBEDTLS_SHA512_NO_SHA384)
254 case MBEDTLS_MD_SHA384:
255 return( &mbedtls_sha384_info );
256 #endif
257 case MBEDTLS_MD_SHA512:
258 return( &mbedtls_sha512_info );
259 #endif
260 default:
261 return( NULL );
262 }
263 }
264
mbedtls_md_init(mbedtls_md_context_t * ctx)265 void mbedtls_md_init( mbedtls_md_context_t *ctx )
266 {
267 memset( ctx, 0, sizeof( mbedtls_md_context_t ) );
268 }
269
mbedtls_md_free(mbedtls_md_context_t * ctx)270 void mbedtls_md_free( mbedtls_md_context_t *ctx )
271 {
272 if( ctx == NULL || ctx->md_info == NULL )
273 return;
274
275 if( ctx->md_ctx != NULL )
276 {
277 switch( ctx->md_info->type )
278 {
279 #if defined(MBEDTLS_MD2_C)
280 case MBEDTLS_MD_MD2:
281 mbedtls_md2_free( ctx->md_ctx );
282 break;
283 #endif
284 #if defined(MBEDTLS_MD4_C)
285 case MBEDTLS_MD_MD4:
286 mbedtls_md4_free( ctx->md_ctx );
287 break;
288 #endif
289 #if defined(MBEDTLS_MD5_C)
290 case MBEDTLS_MD_MD5:
291 mbedtls_md5_free( ctx->md_ctx );
292 break;
293 #endif
294 #if defined(MBEDTLS_RIPEMD160_C)
295 case MBEDTLS_MD_RIPEMD160:
296 mbedtls_ripemd160_free( ctx->md_ctx );
297 break;
298 #endif
299 #if defined(MBEDTLS_SHA1_C)
300 case MBEDTLS_MD_SHA1:
301 mbedtls_sha1_free( ctx->md_ctx );
302 break;
303 #endif
304 #if defined(MBEDTLS_SHA256_C)
305 case MBEDTLS_MD_SHA224:
306 case MBEDTLS_MD_SHA256:
307 mbedtls_sha256_free( ctx->md_ctx );
308 break;
309 #endif
310 #if defined(MBEDTLS_SHA512_C)
311 #if !defined(MBEDTLS_SHA512_NO_SHA384)
312 case MBEDTLS_MD_SHA384:
313 #endif
314 case MBEDTLS_MD_SHA512:
315 mbedtls_sha512_free( ctx->md_ctx );
316 break;
317 #endif
318 default:
319 /* Shouldn't happen */
320 break;
321 }
322 mbedtls_free( ctx->md_ctx );
323 }
324
325 if( ctx->hmac_ctx != NULL )
326 {
327 mbedtls_platform_zeroize( ctx->hmac_ctx,
328 2 * ctx->md_info->block_size );
329 mbedtls_free( ctx->hmac_ctx );
330 }
331
332 mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md_context_t ) );
333 }
334
mbedtls_md_clone(mbedtls_md_context_t * dst,const mbedtls_md_context_t * src)335 int mbedtls_md_clone( mbedtls_md_context_t *dst,
336 const mbedtls_md_context_t *src )
337 {
338 if( dst == NULL || dst->md_info == NULL ||
339 src == NULL || src->md_info == NULL ||
340 dst->md_info != src->md_info )
341 {
342 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
343 }
344
345 switch( src->md_info->type )
346 {
347 #if defined(MBEDTLS_MD2_C)
348 case MBEDTLS_MD_MD2:
349 mbedtls_md2_clone( dst->md_ctx, src->md_ctx );
350 break;
351 #endif
352 #if defined(MBEDTLS_MD4_C)
353 case MBEDTLS_MD_MD4:
354 mbedtls_md4_clone( dst->md_ctx, src->md_ctx );
355 break;
356 #endif
357 #if defined(MBEDTLS_MD5_C)
358 case MBEDTLS_MD_MD5:
359 mbedtls_md5_clone( dst->md_ctx, src->md_ctx );
360 break;
361 #endif
362 #if defined(MBEDTLS_RIPEMD160_C)
363 case MBEDTLS_MD_RIPEMD160:
364 mbedtls_ripemd160_clone( dst->md_ctx, src->md_ctx );
365 break;
366 #endif
367 #if defined(MBEDTLS_SHA1_C)
368 case MBEDTLS_MD_SHA1:
369 mbedtls_sha1_clone( dst->md_ctx, src->md_ctx );
370 break;
371 #endif
372 #if defined(MBEDTLS_SHA256_C)
373 case MBEDTLS_MD_SHA224:
374 case MBEDTLS_MD_SHA256:
375 mbedtls_sha256_clone( dst->md_ctx, src->md_ctx );
376 break;
377 #endif
378 #if defined(MBEDTLS_SHA512_C)
379 #if !defined(MBEDTLS_SHA512_NO_SHA384)
380 case MBEDTLS_MD_SHA384:
381 #endif
382 case MBEDTLS_MD_SHA512:
383 mbedtls_sha512_clone( dst->md_ctx, src->md_ctx );
384 break;
385 #endif
386 default:
387 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
388 }
389
390 return( 0 );
391 }
392
393 #if ! defined(MBEDTLS_DEPRECATED_REMOVED)
mbedtls_md_init_ctx(mbedtls_md_context_t * ctx,const mbedtls_md_info_t * md_info)394 int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info )
395 {
396 return mbedtls_md_setup( ctx, md_info, 1 );
397 }
398 #endif
399
400 #define ALLOC( type ) \
401 do { \
402 ctx->md_ctx = mbedtls_calloc( 1, sizeof( mbedtls_##type##_context ) ); \
403 if( ctx->md_ctx == NULL ) \
404 return( MBEDTLS_ERR_MD_ALLOC_FAILED ); \
405 mbedtls_##type##_init( ctx->md_ctx ); \
406 } \
407 while( 0 )
408
mbedtls_md_setup(mbedtls_md_context_t * ctx,const mbedtls_md_info_t * md_info,int hmac)409 int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac )
410 {
411 if( md_info == NULL || ctx == NULL )
412 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
413
414 ctx->md_info = md_info;
415 ctx->md_ctx = NULL;
416 ctx->hmac_ctx = NULL;
417
418 switch( md_info->type )
419 {
420 #if defined(MBEDTLS_MD2_C)
421 case MBEDTLS_MD_MD2:
422 ALLOC( md2 );
423 break;
424 #endif
425 #if defined(MBEDTLS_MD4_C)
426 case MBEDTLS_MD_MD4:
427 ALLOC( md4 );
428 break;
429 #endif
430 #if defined(MBEDTLS_MD5_C)
431 case MBEDTLS_MD_MD5:
432 ALLOC( md5 );
433 break;
434 #endif
435 #if defined(MBEDTLS_RIPEMD160_C)
436 case MBEDTLS_MD_RIPEMD160:
437 ALLOC( ripemd160 );
438 break;
439 #endif
440 #if defined(MBEDTLS_SHA1_C)
441 case MBEDTLS_MD_SHA1:
442 ALLOC( sha1 );
443 break;
444 #endif
445 #if defined(MBEDTLS_SHA256_C)
446 case MBEDTLS_MD_SHA224:
447 case MBEDTLS_MD_SHA256:
448 ALLOC( sha256 );
449 break;
450 #endif
451 #if defined(MBEDTLS_SHA512_C)
452 #if !defined(MBEDTLS_SHA512_NO_SHA384)
453 case MBEDTLS_MD_SHA384:
454 #endif
455 case MBEDTLS_MD_SHA512:
456 ALLOC( sha512 );
457 break;
458 #endif
459 default:
460 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
461 }
462
463 if( hmac != 0 )
464 {
465 ctx->hmac_ctx = mbedtls_calloc( 2, md_info->block_size );
466 if( ctx->hmac_ctx == NULL )
467 {
468 mbedtls_md_free( ctx );
469 return( MBEDTLS_ERR_MD_ALLOC_FAILED );
470 }
471 }
472
473 return( 0 );
474 }
475 #undef ALLOC
476
mbedtls_md_starts(mbedtls_md_context_t * ctx)477 int mbedtls_md_starts( mbedtls_md_context_t *ctx )
478 {
479 if( ctx == NULL || ctx->md_info == NULL )
480 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
481
482 switch( ctx->md_info->type )
483 {
484 #if defined(MBEDTLS_MD2_C)
485 case MBEDTLS_MD_MD2:
486 return( mbedtls_md2_starts_ret( ctx->md_ctx ) );
487 #endif
488 #if defined(MBEDTLS_MD4_C)
489 case MBEDTLS_MD_MD4:
490 return( mbedtls_md4_starts_ret( ctx->md_ctx ) );
491 #endif
492 #if defined(MBEDTLS_MD5_C)
493 case MBEDTLS_MD_MD5:
494 return( mbedtls_md5_starts_ret( ctx->md_ctx ) );
495 #endif
496 #if defined(MBEDTLS_RIPEMD160_C)
497 case MBEDTLS_MD_RIPEMD160:
498 return( mbedtls_ripemd160_starts_ret( ctx->md_ctx ) );
499 #endif
500 #if defined(MBEDTLS_SHA1_C)
501 case MBEDTLS_MD_SHA1:
502 return( mbedtls_sha1_starts_ret( ctx->md_ctx ) );
503 #endif
504 #if defined(MBEDTLS_SHA256_C)
505 case MBEDTLS_MD_SHA224:
506 return( mbedtls_sha256_starts_ret( ctx->md_ctx, 1 ) );
507 case MBEDTLS_MD_SHA256:
508 return( mbedtls_sha256_starts_ret( ctx->md_ctx, 0 ) );
509 #endif
510 #if defined(MBEDTLS_SHA512_C)
511 #if !defined(MBEDTLS_SHA512_NO_SHA384)
512 case MBEDTLS_MD_SHA384:
513 return( mbedtls_sha512_starts_ret( ctx->md_ctx, 1 ) );
514 #endif
515 case MBEDTLS_MD_SHA512:
516 return( mbedtls_sha512_starts_ret( ctx->md_ctx, 0 ) );
517 #endif
518 default:
519 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
520 }
521 }
522
mbedtls_md_update(mbedtls_md_context_t * ctx,const unsigned char * input,size_t ilen)523 int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
524 {
525 if( ctx == NULL || ctx->md_info == NULL )
526 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
527
528 switch( ctx->md_info->type )
529 {
530 #if defined(MBEDTLS_MD2_C)
531 case MBEDTLS_MD_MD2:
532 return( mbedtls_md2_update_ret( ctx->md_ctx, input, ilen ) );
533 #endif
534 #if defined(MBEDTLS_MD4_C)
535 case MBEDTLS_MD_MD4:
536 return( mbedtls_md4_update_ret( ctx->md_ctx, input, ilen ) );
537 #endif
538 #if defined(MBEDTLS_MD5_C)
539 case MBEDTLS_MD_MD5:
540 return( mbedtls_md5_update_ret( ctx->md_ctx, input, ilen ) );
541 #endif
542 #if defined(MBEDTLS_RIPEMD160_C)
543 case MBEDTLS_MD_RIPEMD160:
544 return( mbedtls_ripemd160_update_ret( ctx->md_ctx, input, ilen ) );
545 #endif
546 #if defined(MBEDTLS_SHA1_C)
547 case MBEDTLS_MD_SHA1:
548 return( mbedtls_sha1_update_ret( ctx->md_ctx, input, ilen ) );
549 #endif
550 #if defined(MBEDTLS_SHA256_C)
551 case MBEDTLS_MD_SHA224:
552 case MBEDTLS_MD_SHA256:
553 return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) );
554 #endif
555 #if defined(MBEDTLS_SHA512_C)
556 #if !defined(MBEDTLS_SHA512_NO_SHA384)
557 case MBEDTLS_MD_SHA384:
558 #endif
559 case MBEDTLS_MD_SHA512:
560 return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) );
561 #endif
562 default:
563 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
564 }
565 }
566
mbedtls_md_finish(mbedtls_md_context_t * ctx,unsigned char * output)567 int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
568 {
569 if( ctx == NULL || ctx->md_info == NULL )
570 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
571
572 switch( ctx->md_info->type )
573 {
574 #if defined(MBEDTLS_MD2_C)
575 case MBEDTLS_MD_MD2:
576 return( mbedtls_md2_finish_ret( ctx->md_ctx, output ) );
577 #endif
578 #if defined(MBEDTLS_MD4_C)
579 case MBEDTLS_MD_MD4:
580 return( mbedtls_md4_finish_ret( ctx->md_ctx, output ) );
581 #endif
582 #if defined(MBEDTLS_MD5_C)
583 case MBEDTLS_MD_MD5:
584 return( mbedtls_md5_finish_ret( ctx->md_ctx, output ) );
585 #endif
586 #if defined(MBEDTLS_RIPEMD160_C)
587 case MBEDTLS_MD_RIPEMD160:
588 return( mbedtls_ripemd160_finish_ret( ctx->md_ctx, output ) );
589 #endif
590 #if defined(MBEDTLS_SHA1_C)
591 case MBEDTLS_MD_SHA1:
592 return( mbedtls_sha1_finish_ret( ctx->md_ctx, output ) );
593 #endif
594 #if defined(MBEDTLS_SHA256_C)
595 case MBEDTLS_MD_SHA224:
596 case MBEDTLS_MD_SHA256:
597 return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) );
598 #endif
599 #if defined(MBEDTLS_SHA512_C)
600 #if !defined(MBEDTLS_SHA512_NO_SHA384)
601 case MBEDTLS_MD_SHA384:
602 #endif
603 case MBEDTLS_MD_SHA512:
604 return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) );
605 #endif
606 default:
607 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
608 }
609 }
610
mbedtls_md(const mbedtls_md_info_t * md_info,const unsigned char * input,size_t ilen,unsigned char * output)611 int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
612 unsigned char *output )
613 {
614 if( md_info == NULL )
615 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
616
617 switch( md_info->type )
618 {
619 #if defined(MBEDTLS_MD2_C)
620 case MBEDTLS_MD_MD2:
621 return( mbedtls_md2_ret( input, ilen, output ) );
622 #endif
623 #if defined(MBEDTLS_MD4_C)
624 case MBEDTLS_MD_MD4:
625 return( mbedtls_md4_ret( input, ilen, output ) );
626 #endif
627 #if defined(MBEDTLS_MD5_C)
628 case MBEDTLS_MD_MD5:
629 return( mbedtls_md5_ret( input, ilen, output ) );
630 #endif
631 #if defined(MBEDTLS_RIPEMD160_C)
632 case MBEDTLS_MD_RIPEMD160:
633 return( mbedtls_ripemd160_ret( input, ilen, output ) );
634 #endif
635 #if defined(MBEDTLS_SHA1_C)
636 case MBEDTLS_MD_SHA1:
637 return( mbedtls_sha1_ret( input, ilen, output ) );
638 #endif
639 #if defined(MBEDTLS_SHA256_C)
640 case MBEDTLS_MD_SHA224:
641 return( mbedtls_sha256_ret( input, ilen, output, 1 ) );
642 case MBEDTLS_MD_SHA256:
643 return( mbedtls_sha256_ret( input, ilen, output, 0 ) );
644 #endif
645 #if defined(MBEDTLS_SHA512_C)
646 #if !defined(MBEDTLS_SHA512_NO_SHA384)
647 case MBEDTLS_MD_SHA384:
648 return( mbedtls_sha512_ret( input, ilen, output, 1 ) );
649 #endif
650 case MBEDTLS_MD_SHA512:
651 return( mbedtls_sha512_ret( input, ilen, output, 0 ) );
652 #endif
653 default:
654 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
655 }
656 }
657
658 #if defined(MBEDTLS_FS_IO)
mbedtls_md_file(const mbedtls_md_info_t * md_info,const char * path,unsigned char * output)659 int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output )
660 {
661 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
662 FILE *f;
663 size_t n;
664 mbedtls_md_context_t ctx;
665 unsigned char buf[1024];
666
667 if( md_info == NULL )
668 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
669
670 if( ( f = fopen( path, "rb" ) ) == NULL )
671 return( MBEDTLS_ERR_MD_FILE_IO_ERROR );
672
673 mbedtls_md_init( &ctx );
674
675 if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
676 goto cleanup;
677
678 if( ( ret = mbedtls_md_starts( &ctx ) ) != 0 )
679 goto cleanup;
680
681 while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
682 if( ( ret = mbedtls_md_update( &ctx, buf, n ) ) != 0 )
683 goto cleanup;
684
685 if( ferror( f ) != 0 )
686 ret = MBEDTLS_ERR_MD_FILE_IO_ERROR;
687 else
688 ret = mbedtls_md_finish( &ctx, output );
689
690 cleanup:
691 mbedtls_platform_zeroize( buf, sizeof( buf ) );
692 fclose( f );
693 mbedtls_md_free( &ctx );
694
695 return( ret );
696 }
697 #endif /* MBEDTLS_FS_IO */
698
mbedtls_md_hmac_starts(mbedtls_md_context_t * ctx,const unsigned char * key,size_t keylen)699 int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen )
700 {
701 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
702 unsigned char sum[MBEDTLS_MD_MAX_SIZE];
703 unsigned char *ipad, *opad;
704 size_t i;
705
706 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
707 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
708
709 if( keylen > (size_t) ctx->md_info->block_size )
710 {
711 if( ( ret = mbedtls_md_starts( ctx ) ) != 0 )
712 goto cleanup;
713 if( ( ret = mbedtls_md_update( ctx, key, keylen ) ) != 0 )
714 goto cleanup;
715 if( ( ret = mbedtls_md_finish( ctx, sum ) ) != 0 )
716 goto cleanup;
717
718 keylen = ctx->md_info->size;
719 key = sum;
720 }
721
722 ipad = (unsigned char *) ctx->hmac_ctx;
723 opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
724
725 memset( ipad, 0x36, ctx->md_info->block_size );
726 memset( opad, 0x5C, ctx->md_info->block_size );
727
728 for( i = 0; i < keylen; i++ )
729 {
730 ipad[i] = (unsigned char)( ipad[i] ^ key[i] );
731 opad[i] = (unsigned char)( opad[i] ^ key[i] );
732 }
733
734 if( ( ret = mbedtls_md_starts( ctx ) ) != 0 )
735 goto cleanup;
736 if( ( ret = mbedtls_md_update( ctx, ipad,
737 ctx->md_info->block_size ) ) != 0 )
738 goto cleanup;
739
740 cleanup:
741 mbedtls_platform_zeroize( sum, sizeof( sum ) );
742
743 return( ret );
744 }
745
mbedtls_md_hmac_update(mbedtls_md_context_t * ctx,const unsigned char * input,size_t ilen)746 int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
747 {
748 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
749 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
750
751 return( mbedtls_md_update( ctx, input, ilen ) );
752 }
753
mbedtls_md_hmac_finish(mbedtls_md_context_t * ctx,unsigned char * output)754 int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
755 {
756 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
757 unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
758 unsigned char *opad;
759
760 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
761 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
762
763 opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
764
765 if( ( ret = mbedtls_md_finish( ctx, tmp ) ) != 0 )
766 return( ret );
767 if( ( ret = mbedtls_md_starts( ctx ) ) != 0 )
768 return( ret );
769 if( ( ret = mbedtls_md_update( ctx, opad,
770 ctx->md_info->block_size ) ) != 0 )
771 return( ret );
772 if( ( ret = mbedtls_md_update( ctx, tmp,
773 ctx->md_info->size ) ) != 0 )
774 return( ret );
775 return( mbedtls_md_finish( ctx, output ) );
776 }
777
mbedtls_md_hmac_reset(mbedtls_md_context_t * ctx)778 int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
779 {
780 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
781 unsigned char *ipad;
782
783 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
784 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
785
786 ipad = (unsigned char *) ctx->hmac_ctx;
787
788 if( ( ret = mbedtls_md_starts( ctx ) ) != 0 )
789 return( ret );
790 return( mbedtls_md_update( ctx, ipad, ctx->md_info->block_size ) );
791 }
792
mbedtls_md_hmac(const mbedtls_md_info_t * md_info,const unsigned char * key,size_t keylen,const unsigned char * input,size_t ilen,unsigned char * output)793 int mbedtls_md_hmac( const mbedtls_md_info_t *md_info,
794 const unsigned char *key, size_t keylen,
795 const unsigned char *input, size_t ilen,
796 unsigned char *output )
797 {
798 mbedtls_md_context_t ctx;
799 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
800
801 if( md_info == NULL )
802 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
803
804 mbedtls_md_init( &ctx );
805
806 if( ( ret = mbedtls_md_setup( &ctx, md_info, 1 ) ) != 0 )
807 goto cleanup;
808
809 if( ( ret = mbedtls_md_hmac_starts( &ctx, key, keylen ) ) != 0 )
810 goto cleanup;
811 if( ( ret = mbedtls_md_hmac_update( &ctx, input, ilen ) ) != 0 )
812 goto cleanup;
813 if( ( ret = mbedtls_md_hmac_finish( &ctx, output ) ) != 0 )
814 goto cleanup;
815
816 cleanup:
817 mbedtls_md_free( &ctx );
818
819 return( ret );
820 }
821
mbedtls_md_process(mbedtls_md_context_t * ctx,const unsigned char * data)822 int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
823 {
824 if( ctx == NULL || ctx->md_info == NULL )
825 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
826
827 switch( ctx->md_info->type )
828 {
829 #if defined(MBEDTLS_MD2_C)
830 case MBEDTLS_MD_MD2:
831 return( mbedtls_internal_md2_process( ctx->md_ctx ) );
832 #endif
833 #if defined(MBEDTLS_MD4_C)
834 case MBEDTLS_MD_MD4:
835 return( mbedtls_internal_md4_process( ctx->md_ctx, data ) );
836 #endif
837 #if defined(MBEDTLS_MD5_C)
838 case MBEDTLS_MD_MD5:
839 return( mbedtls_internal_md5_process( ctx->md_ctx, data ) );
840 #endif
841 #if defined(MBEDTLS_RIPEMD160_C)
842 case MBEDTLS_MD_RIPEMD160:
843 return( mbedtls_internal_ripemd160_process( ctx->md_ctx, data ) );
844 #endif
845 #if defined(MBEDTLS_SHA1_C)
846 case MBEDTLS_MD_SHA1:
847 return( mbedtls_internal_sha1_process( ctx->md_ctx, data ) );
848 #endif
849 #if defined(MBEDTLS_SHA256_C)
850 case MBEDTLS_MD_SHA224:
851 case MBEDTLS_MD_SHA256:
852 return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) );
853 #endif
854 #if defined(MBEDTLS_SHA512_C)
855 #if !defined(MBEDTLS_SHA512_NO_SHA384)
856 case MBEDTLS_MD_SHA384:
857 #endif
858 case MBEDTLS_MD_SHA512:
859 return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) );
860 #endif
861 default:
862 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
863 }
864 }
865
mbedtls_md_get_size(const mbedtls_md_info_t * md_info)866 unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info )
867 {
868 if( md_info == NULL )
869 return( 0 );
870
871 return md_info->size;
872 }
873
mbedtls_md_get_type(const mbedtls_md_info_t * md_info)874 mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info )
875 {
876 if( md_info == NULL )
877 return( MBEDTLS_MD_NONE );
878
879 return md_info->type;
880 }
881
mbedtls_md_get_name(const mbedtls_md_info_t * md_info)882 const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info )
883 {
884 if( md_info == NULL )
885 return( NULL );
886
887 return md_info->name;
888 }
889
890 #endif /* MBEDTLS_MD_C */
891