1 /**
2  * \file sha256.h
3  *
4  * \brief This file contains SHA-224 and SHA-256 definitions and functions.
5  *
6  * The Secure Hash Algorithms 224 and 256 (SHA-224 and SHA-256) cryptographic
7  * hash functions are defined in <em>FIPS 180-4: Secure Hash Standard (SHS)</em>.
8  */
9 /*
10  *  Copyright The Mbed TLS Contributors
11  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
12  */
13 #ifndef MBEDTLS_SHA256_H
14 #define MBEDTLS_SHA256_H
15 #include "mbedtls/private_access.h"
16 
17 #include "mbedtls/build_info.h"
18 
19 #include <stddef.h>
20 #include <stdint.h>
21 
22 /** SHA-256 input data was malformed. */
23 #define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA                 -0x0074
24 
25 #ifdef __cplusplus
26 extern "C" {
27 #endif
28 
29 #if !defined(MBEDTLS_SHA256_ALT)
30 // Regular implementation
31 //
32 
33 /**
34  * \brief          The SHA-256 context structure.
35  *
36  *                 The structure is used both for SHA-256 and for SHA-224
37  *                 checksum calculations. The choice between these two is
38  *                 made in the call to mbedtls_sha256_starts().
39  */
40 typedef struct mbedtls_sha256_context {
41     unsigned char MBEDTLS_PRIVATE(buffer)[64];   /*!< The data block being processed. */
42     uint32_t MBEDTLS_PRIVATE(total)[2];          /*!< The number of Bytes processed.  */
43     uint32_t MBEDTLS_PRIVATE(state)[8];          /*!< The intermediate digest state.  */
44 #if defined(MBEDTLS_SHA224_C)
45     int MBEDTLS_PRIVATE(is224);                  /*!< Determines which function to use:
46                                                     0: Use SHA-256, or 1: Use SHA-224. */
47 #endif
48 }
49 mbedtls_sha256_context;
50 
51 #else  /* MBEDTLS_SHA256_ALT */
52 #include "sha256_alt.h"
53 #endif /* MBEDTLS_SHA256_ALT */
54 
55 /**
56  * \brief          This function initializes a SHA-256 context.
57  *
58  * \param ctx      The SHA-256 context to initialize. This must not be \c NULL.
59  */
60 void mbedtls_sha256_init(mbedtls_sha256_context *ctx);
61 
62 /**
63  * \brief          This function clears a SHA-256 context.
64  *
65  * \param ctx      The SHA-256 context to clear. This may be \c NULL, in which
66  *                 case this function returns immediately. If it is not \c NULL,
67  *                 it must point to an initialized SHA-256 context.
68  */
69 void mbedtls_sha256_free(mbedtls_sha256_context *ctx);
70 
71 /**
72  * \brief          This function clones the state of a SHA-256 context.
73  *
74  * \param dst      The destination context. This must be initialized.
75  * \param src      The context to clone. This must be initialized.
76  */
77 void mbedtls_sha256_clone(mbedtls_sha256_context *dst,
78                           const mbedtls_sha256_context *src);
79 
80 /**
81  * \brief          This function starts a SHA-224 or SHA-256 checksum
82  *                 calculation.
83  *
84  * \param ctx      The context to use. This must be initialized.
85  * \param is224    This determines which function to use. This must be
86  *                 either \c 0 for SHA-256, or \c 1 for SHA-224.
87  *
88  * \note           is224 must be defined accordingly to the enabled
89  *                 MBEDTLS_SHA224_C/MBEDTLS_SHA256_C symbols otherwise the
90  *                 function will return #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA.
91  *
92  * \return         \c 0 on success.
93  * \return         A negative error code on failure.
94  */
95 int mbedtls_sha256_starts(mbedtls_sha256_context *ctx, int is224);
96 
97 /**
98  * \brief          This function feeds an input buffer into an ongoing
99  *                 SHA-256 checksum calculation.
100  *
101  * \param ctx      The SHA-256 context. This must be initialized
102  *                 and have a hash operation started.
103  * \param input    The buffer holding the data. This must be a readable
104  *                 buffer of length \p ilen Bytes.
105  * \param ilen     The length of the input data in Bytes.
106  *
107  * \return         \c 0 on success.
108  * \return         A negative error code on failure.
109  */
110 int mbedtls_sha256_update(mbedtls_sha256_context *ctx,
111                           const unsigned char *input,
112                           size_t ilen);
113 
114 /**
115  * \brief          This function finishes the SHA-256 operation, and writes
116  *                 the result to the output buffer.
117  *
118  * \param ctx      The SHA-256 context. This must be initialized
119  *                 and have a hash operation started.
120  * \param output   The SHA-224 or SHA-256 checksum result.
121  *                 This must be a writable buffer of length \c 32 bytes
122  *                 for SHA-256, \c 28 bytes for SHA-224.
123  *
124  * \return         \c 0 on success.
125  * \return         A negative error code on failure.
126  */
127 int mbedtls_sha256_finish(mbedtls_sha256_context *ctx,
128                           unsigned char *output);
129 
130 /**
131  * \brief          This function processes a single data block within
132  *                 the ongoing SHA-256 computation. This function is for
133  *                 internal use only.
134  *
135  * \param ctx      The SHA-256 context. This must be initialized.
136  * \param data     The buffer holding one block of data. This must
137  *                 be a readable buffer of length \c 64 Bytes.
138  *
139  * \return         \c 0 on success.
140  * \return         A negative error code on failure.
141  */
142 int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx,
143                                     const unsigned char data[64]);
144 
145 /**
146  * \brief          This function calculates the SHA-224 or SHA-256
147  *                 checksum of a buffer.
148  *
149  *                 The function allocates the context, performs the
150  *                 calculation, and frees the context.
151  *
152  *                 The SHA-256 result is calculated as
153  *                 output = SHA-256(input buffer).
154  *
155  * \param input    The buffer holding the data. This must be a readable
156  *                 buffer of length \p ilen Bytes.
157  * \param ilen     The length of the input data in Bytes.
158  * \param output   The SHA-224 or SHA-256 checksum result.
159  *                 This must be a writable buffer of length \c 32 bytes
160  *                 for SHA-256, \c 28 bytes for SHA-224.
161  * \param is224    Determines which function to use. This must be
162  *                 either \c 0 for SHA-256, or \c 1 for SHA-224.
163  *
164  * \return         \c 0 on success.
165  * \return         A negative error code on failure.
166  */
167 int mbedtls_sha256(const unsigned char *input,
168                    size_t ilen,
169                    unsigned char *output,
170                    int is224);
171 
172 #if defined(MBEDTLS_SELF_TEST)
173 
174 #if defined(MBEDTLS_SHA224_C)
175 /**
176  * \brief          The SHA-224 checkup routine.
177  *
178  * \return         \c 0 on success.
179  * \return         \c 1 on failure.
180  */
181 int mbedtls_sha224_self_test(int verbose);
182 #endif /* MBEDTLS_SHA224_C */
183 
184 #if defined(MBEDTLS_SHA256_C)
185 /**
186  * \brief          The SHA-256 checkup routine.
187  *
188  * \return         \c 0 on success.
189  * \return         \c 1 on failure.
190  */
191 int mbedtls_sha256_self_test(int verbose);
192 #endif /* MBEDTLS_SHA256_C */
193 
194 #endif /* MBEDTLS_SELF_TEST */
195 
196 #ifdef __cplusplus
197 }
198 #endif
199 
200 #endif /* mbedtls_sha256.h */
201