1 /**
2 * \file mbedtls_md.c
3 *
4 * \brief Generic message digest wrapper for mbed TLS
5 *
6 * \author Adriaan de Jong <dejong@fox-it.com>
7 *
8 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
9 * SPDX-License-Identifier: Apache-2.0
10 *
11 * Licensed under the Apache License, Version 2.0 (the "License"); you may
12 * not use this file except in compliance with the License.
13 * You may obtain a copy of the License at
14 *
15 * http://www.apache.org/licenses/LICENSE-2.0
16 *
17 * Unless required by applicable law or agreed to in writing, software
18 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
19 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20 * See the License for the specific language governing permissions and
21 * limitations under the License.
22 *
23 * This file is part of mbed TLS (https://tls.mbed.org)
24 */
25
26 #if !defined(MBEDTLS_CONFIG_FILE)
27 #include "mbedtls/config.h"
28 #else
29 #include MBEDTLS_CONFIG_FILE
30 #endif
31
32 #if defined(MBEDTLS_MD_C)
33
34 #include "mbedtls/md.h"
35 #include "mbedtls/md_internal.h"
36
37 #if defined(MBEDTLS_PLATFORM_C)
38 #include "mbedtls/platform.h"
39 #else
40 #include <stdlib.h>
41 #define mbedtls_calloc calloc
42 #define mbedtls_free free
43 #endif
44
45 #include <string.h>
46
47 #if defined(MBEDTLS_FS_IO)
48 #include <stdio.h>
49 #endif
50
51 /* Implementation that should never be optimized out by the compiler */
mbedtls_zeroize(void * v,size_t n)52 static void mbedtls_zeroize( void *v, size_t n ) {
53 volatile unsigned char *p = v; while( n-- ) *p++ = 0;
54 }
55
56 /*
57 * Reminder: update profiles in x509_crt.c when adding a new hash!
58 */
59 static const int supported_digests[] = {
60
61 #if defined(MBEDTLS_SHA512_C)
62 MBEDTLS_MD_SHA512,
63 MBEDTLS_MD_SHA384,
64 #endif
65
66 #if defined(MBEDTLS_SHA256_C)
67 MBEDTLS_MD_SHA256,
68 MBEDTLS_MD_SHA224,
69 #endif
70
71 #if defined(MBEDTLS_SHA1_C)
72 MBEDTLS_MD_SHA1,
73 #endif
74
75 #if defined(MBEDTLS_RIPEMD160_C)
76 MBEDTLS_MD_RIPEMD160,
77 #endif
78
79 #if defined(MBEDTLS_MD5_C)
80 MBEDTLS_MD_MD5,
81 #endif
82
83 #if defined(MBEDTLS_MD4_C)
84 MBEDTLS_MD_MD4,
85 #endif
86
87 #if defined(MBEDTLS_MD2_C)
88 MBEDTLS_MD_MD2,
89 #endif
90
91 MBEDTLS_MD_NONE
92 };
93
mbedtls_md_list(void)94 const int *mbedtls_md_list( void )
95 {
96 return( supported_digests );
97 }
98
mbedtls_md_info_from_string(const char * md_name)99 const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name )
100 {
101 if( NULL == md_name )
102 return( NULL );
103
104 /* Get the appropriate digest information */
105 #if defined(MBEDTLS_MD2_C)
106 if( !strcmp( "MD2", md_name ) )
107 return mbedtls_md_info_from_type( MBEDTLS_MD_MD2 );
108 #endif
109 #if defined(MBEDTLS_MD4_C)
110 if( !strcmp( "MD4", md_name ) )
111 return mbedtls_md_info_from_type( MBEDTLS_MD_MD4 );
112 #endif
113 #if defined(MBEDTLS_MD5_C)
114 if( !strcmp( "MD5", md_name ) )
115 return mbedtls_md_info_from_type( MBEDTLS_MD_MD5 );
116 #endif
117 #if defined(MBEDTLS_RIPEMD160_C)
118 if( !strcmp( "RIPEMD160", md_name ) )
119 return mbedtls_md_info_from_type( MBEDTLS_MD_RIPEMD160 );
120 #endif
121 #if defined(MBEDTLS_SHA1_C)
122 if( !strcmp( "SHA1", md_name ) || !strcmp( "SHA", md_name ) )
123 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
124 #endif
125 #if defined(MBEDTLS_SHA256_C)
126 if( !strcmp( "SHA224", md_name ) )
127 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA224 );
128 if( !strcmp( "SHA256", md_name ) )
129 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 );
130 #endif
131 #if defined(MBEDTLS_SHA512_C)
132 if( !strcmp( "SHA384", md_name ) )
133 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 );
134 if( !strcmp( "SHA512", md_name ) )
135 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 );
136 #endif
137 return( NULL );
138 }
139
mbedtls_md_info_from_type(mbedtls_md_type_t md_type)140 const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
141 {
142 switch( md_type )
143 {
144 #if defined(MBEDTLS_MD2_C)
145 case MBEDTLS_MD_MD2:
146 return( &mbedtls_md2_info );
147 #endif
148 #if defined(MBEDTLS_MD4_C)
149 case MBEDTLS_MD_MD4:
150 return( &mbedtls_md4_info );
151 #endif
152 #if defined(MBEDTLS_MD5_C)
153 case MBEDTLS_MD_MD5:
154 return( &mbedtls_md5_info );
155 #endif
156 #if defined(MBEDTLS_RIPEMD160_C)
157 case MBEDTLS_MD_RIPEMD160:
158 return( &mbedtls_ripemd160_info );
159 #endif
160 #if defined(MBEDTLS_SHA1_C)
161 case MBEDTLS_MD_SHA1:
162 return( &mbedtls_sha1_info );
163 #endif
164 #if defined(MBEDTLS_SHA256_C)
165 case MBEDTLS_MD_SHA224:
166 return( &mbedtls_sha224_info );
167 case MBEDTLS_MD_SHA256:
168 return( &mbedtls_sha256_info );
169 #endif
170 #if defined(MBEDTLS_SHA512_C)
171 case MBEDTLS_MD_SHA384:
172 return( &mbedtls_sha384_info );
173 case MBEDTLS_MD_SHA512:
174 return( &mbedtls_sha512_info );
175 #endif
176 default:
177 return( NULL );
178 }
179 }
180
mbedtls_md_init(mbedtls_md_context_t * ctx)181 void mbedtls_md_init( mbedtls_md_context_t *ctx )
182 {
183 memset( ctx, 0, sizeof( mbedtls_md_context_t ) );
184 }
185
mbedtls_md_free(mbedtls_md_context_t * ctx)186 void mbedtls_md_free( mbedtls_md_context_t *ctx )
187 {
188 if( ctx == NULL || ctx->md_info == NULL )
189 return;
190
191 if( ctx->md_ctx != NULL )
192 ctx->md_info->ctx_free_func( ctx->md_ctx );
193
194 if( ctx->hmac_ctx != NULL )
195 {
196 mbedtls_zeroize( ctx->hmac_ctx, 2 * ctx->md_info->block_size );
197 mbedtls_free( ctx->hmac_ctx );
198 }
199
200 mbedtls_zeroize( ctx, sizeof( mbedtls_md_context_t ) );
201 }
202
mbedtls_md_clone(mbedtls_md_context_t * dst,const mbedtls_md_context_t * src)203 int mbedtls_md_clone( mbedtls_md_context_t *dst,
204 const mbedtls_md_context_t *src )
205 {
206 if( dst == NULL || dst->md_info == NULL ||
207 src == NULL || src->md_info == NULL ||
208 dst->md_info != src->md_info )
209 {
210 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
211 }
212
213 dst->md_info->clone_func( dst->md_ctx, src->md_ctx );
214
215 return( 0 );
216 }
217
218 #if ! defined(MBEDTLS_DEPRECATED_REMOVED)
mbedtls_md_init_ctx(mbedtls_md_context_t * ctx,const mbedtls_md_info_t * md_info)219 int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info )
220 {
221 return mbedtls_md_setup( ctx, md_info, 1 );
222 }
223 #endif
224
mbedtls_md_setup(mbedtls_md_context_t * ctx,const mbedtls_md_info_t * md_info,int hmac)225 int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac )
226 {
227 if( md_info == NULL || ctx == NULL )
228 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
229
230 if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
231 return( MBEDTLS_ERR_MD_ALLOC_FAILED );
232
233 if( hmac != 0 )
234 {
235 ctx->hmac_ctx = mbedtls_calloc( 2, md_info->block_size );
236 if( ctx->hmac_ctx == NULL )
237 {
238 md_info->ctx_free_func( ctx->md_ctx );
239 return( MBEDTLS_ERR_MD_ALLOC_FAILED );
240 }
241 }
242
243 ctx->md_info = md_info;
244
245 return( 0 );
246 }
247
mbedtls_md_starts(mbedtls_md_context_t * ctx)248 int mbedtls_md_starts( mbedtls_md_context_t *ctx )
249 {
250 if( ctx == NULL || ctx->md_info == NULL )
251 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
252
253 ctx->md_info->starts_func( ctx->md_ctx );
254
255 return( 0 );
256 }
257
mbedtls_md_update(mbedtls_md_context_t * ctx,const unsigned char * input,size_t ilen)258 int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
259 {
260 if( ctx == NULL || ctx->md_info == NULL )
261 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
262
263 ctx->md_info->update_func( ctx->md_ctx, input, ilen );
264
265 return( 0 );
266 }
267
mbedtls_md_finish(mbedtls_md_context_t * ctx,unsigned char * output)268 int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
269 {
270 if( ctx == NULL || ctx->md_info == NULL )
271 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
272
273 ctx->md_info->finish_func( ctx->md_ctx, output );
274
275 return( 0 );
276 }
277
mbedtls_md(const mbedtls_md_info_t * md_info,const unsigned char * input,size_t ilen,unsigned char * output)278 int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
279 unsigned char *output )
280 {
281 if( md_info == NULL )
282 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
283
284 md_info->digest_func( input, ilen, output );
285
286 return( 0 );
287 }
288
289 #if defined(MBEDTLS_FS_IO)
mbedtls_md_file(const mbedtls_md_info_t * md_info,const char * path,unsigned char * output)290 int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output )
291 {
292 int ret;
293 FILE *f;
294 size_t n;
295 mbedtls_md_context_t ctx;
296 unsigned char buf[1024];
297
298 if( md_info == NULL )
299 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
300
301 if( ( f = fopen( path, "rb" ) ) == NULL )
302 return( MBEDTLS_ERR_MD_FILE_IO_ERROR );
303
304 mbedtls_md_init( &ctx );
305
306 if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
307 goto cleanup;
308
309 md_info->starts_func( ctx.md_ctx );
310
311 while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
312 md_info->update_func( ctx.md_ctx, buf, n );
313
314 if( ferror( f ) != 0 )
315 {
316 ret = MBEDTLS_ERR_MD_FILE_IO_ERROR;
317 goto cleanup;
318 }
319
320 md_info->finish_func( ctx.md_ctx, output );
321
322 cleanup:
323 fclose( f );
324 mbedtls_md_free( &ctx );
325
326 return( ret );
327 }
328 #endif /* MBEDTLS_FS_IO */
329
mbedtls_md_hmac_starts(mbedtls_md_context_t * ctx,const unsigned char * key,size_t keylen)330 int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen )
331 {
332 unsigned char sum[MBEDTLS_MD_MAX_SIZE];
333 unsigned char *ipad, *opad;
334 size_t i;
335
336 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
337 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
338
339 if( keylen > (size_t) ctx->md_info->block_size )
340 {
341 ctx->md_info->starts_func( ctx->md_ctx );
342 ctx->md_info->update_func( ctx->md_ctx, key, keylen );
343 ctx->md_info->finish_func( ctx->md_ctx, sum );
344
345 keylen = ctx->md_info->size;
346 key = sum;
347 }
348
349 ipad = (unsigned char *) ctx->hmac_ctx;
350 opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
351
352 memset( ipad, 0x36, ctx->md_info->block_size );
353 memset( opad, 0x5C, ctx->md_info->block_size );
354
355 for( i = 0; i < keylen; i++ )
356 {
357 ipad[i] = (unsigned char)( ipad[i] ^ key[i] );
358 opad[i] = (unsigned char)( opad[i] ^ key[i] );
359 }
360
361 mbedtls_zeroize( sum, sizeof( sum ) );
362
363 ctx->md_info->starts_func( ctx->md_ctx );
364 ctx->md_info->update_func( ctx->md_ctx, ipad, ctx->md_info->block_size );
365
366 return( 0 );
367 }
368
mbedtls_md_hmac_update(mbedtls_md_context_t * ctx,const unsigned char * input,size_t ilen)369 int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
370 {
371 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
372 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
373
374 ctx->md_info->update_func( ctx->md_ctx, input, ilen );
375
376 return( 0 );
377 }
378
mbedtls_md_hmac_finish(mbedtls_md_context_t * ctx,unsigned char * output)379 int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
380 {
381 unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
382 unsigned char *opad;
383
384 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
385 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
386
387 opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
388
389 ctx->md_info->finish_func( ctx->md_ctx, tmp );
390 ctx->md_info->starts_func( ctx->md_ctx );
391 ctx->md_info->update_func( ctx->md_ctx, opad, ctx->md_info->block_size );
392 ctx->md_info->update_func( ctx->md_ctx, tmp, ctx->md_info->size );
393 ctx->md_info->finish_func( ctx->md_ctx, output );
394
395 return( 0 );
396 }
397
mbedtls_md_hmac_reset(mbedtls_md_context_t * ctx)398 int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
399 {
400 unsigned char *ipad;
401
402 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
403 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
404
405 ipad = (unsigned char *) ctx->hmac_ctx;
406
407 ctx->md_info->starts_func( ctx->md_ctx );
408 ctx->md_info->update_func( ctx->md_ctx, ipad, ctx->md_info->block_size );
409
410 return( 0 );
411 }
412
mbedtls_md_hmac(const mbedtls_md_info_t * md_info,const unsigned char * key,size_t keylen,const unsigned char * input,size_t ilen,unsigned char * output)413 int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
414 const unsigned char *input, size_t ilen,
415 unsigned char *output )
416 {
417 mbedtls_md_context_t ctx;
418 int ret;
419
420 if( md_info == NULL )
421 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
422
423 mbedtls_md_init( &ctx );
424
425 if( ( ret = mbedtls_md_setup( &ctx, md_info, 1 ) ) != 0 )
426 return( ret );
427
428 mbedtls_md_hmac_starts( &ctx, key, keylen );
429 mbedtls_md_hmac_update( &ctx, input, ilen );
430 mbedtls_md_hmac_finish( &ctx, output );
431
432 mbedtls_md_free( &ctx );
433
434 return( 0 );
435 }
436
mbedtls_md_process(mbedtls_md_context_t * ctx,const unsigned char * data)437 int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
438 {
439 if( ctx == NULL || ctx->md_info == NULL )
440 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
441
442 ctx->md_info->process_func( ctx->md_ctx, data );
443
444 return( 0 );
445 }
446
mbedtls_md_get_size(const mbedtls_md_info_t * md_info)447 unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info )
448 {
449 if( md_info == NULL )
450 return( 0 );
451
452 return md_info->size;
453 }
454
mbedtls_md_get_type(const mbedtls_md_info_t * md_info)455 mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info )
456 {
457 if( md_info == NULL )
458 return( MBEDTLS_MD_NONE );
459
460 return md_info->type;
461 }
462
mbedtls_md_get_name(const mbedtls_md_info_t * md_info)463 const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info )
464 {
465 if( md_info == NULL )
466 return( NULL );
467
468 return md_info->name;
469 }
470
471 #endif /* MBEDTLS_MD_C */
472
