1 /**
2 * \file md.c
3 *
4 * \brief Generic message digest wrapper for mbed TLS
5 *
6 * \author Adriaan de Jong <dejong@fox-it.com>
7 *
8 * Copyright The Mbed TLS Contributors
9 * SPDX-License-Identifier: Apache-2.0
10 *
11 * Licensed under the Apache License, Version 2.0 (the "License"); you may
12 * not use this file except in compliance with the License.
13 * You may obtain a copy of the License at
14 *
15 * http://www.apache.org/licenses/LICENSE-2.0
16 *
17 * Unless required by applicable law or agreed to in writing, software
18 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
19 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20 * See the License for the specific language governing permissions and
21 * limitations under the License.
22 */
23
24 #include "common.h"
25
26 #if defined(MBEDTLS_MD_C)
27
28 #include "mbedtls/md.h"
29 #include "md_wrap.h"
30 #include "mbedtls/platform_util.h"
31 #include "mbedtls/error.h"
32
33 #if defined(MBEDTLS_MD2_C)
34 #include "mbedtls/md2.h"
35 #endif
36
37 #if defined(MBEDTLS_MD4_C)
38 #include "mbedtls/md4.h"
39 #endif
40
41 #if !defined(HW_MBEDTLS_ATLAS_MCU)
42 #include "mbedtls/md5.h"
43 #include "mbedtls/ripemd160.h"
44 #include "mbedtls/sha1.h"
45 #include "mbedtls/sha512.h"
46 #endif
47 #include "mbedtls/sha256.h"
48 #if defined(VENDOR_REDEFINE_TEE_API_C)
49 #include "mbedtls/hw_redefine_tee_api.h"
50 #endif
51
52 #if defined(MBEDTLS_PLATFORM_C)
53 #include "mbedtls/platform.h"
54 #else
55 #include <stdlib.h>
56 #define mbedtls_calloc calloc
57 #define mbedtls_free free
58 #endif
59
60 #include <string.h>
61
62 #if defined(MBEDTLS_FS_IO)
63 #include <stdio.h>
64 #endif
65
66 #if defined(HW_MBEDTLS_CONFIG_C)
67 #include "mbedtls/hw_mbedtls_config.h"
68 #endif
69
70 #if defined(MBEDTLS_MD2_C)
71 const mbedtls_md_info_t mbedtls_md2_info = {
72 "MD2",
73 MBEDTLS_MD_MD2,
74 16,
75 16,
76 };
77 #endif
78
79 #if defined(MBEDTLS_MD4_C)
80 const mbedtls_md_info_t mbedtls_md4_info = {
81 "MD4",
82 MBEDTLS_MD_MD4,
83 16,
84 64,
85 };
86 #endif
87
88 #if defined(MBEDTLS_MD5_C)
89 const mbedtls_md_info_t mbedtls_md5_info = {
90 "MD5",
91 MBEDTLS_MD_MD5,
92 16,
93 64,
94 };
95 #endif
96
97 #if defined(MBEDTLS_RIPEMD160_C)
98 const mbedtls_md_info_t mbedtls_ripemd160_info = {
99 "RIPEMD160",
100 MBEDTLS_MD_RIPEMD160,
101 20,
102 64,
103 };
104 #endif
105
106 #if defined(MBEDTLS_SHA1_C)
107 const mbedtls_md_info_t mbedtls_sha1_info = {
108 "SHA1",
109 MBEDTLS_MD_SHA1,
110 20,
111 64,
112 };
113 #endif
114
115 #if defined(MBEDTLS_SHA224_C)
116 const mbedtls_md_info_t mbedtls_sha224_info = {
117 "SHA224",
118 MBEDTLS_MD_SHA224,
119 28,
120 64,
121 };
122 #endif
123
124 #if defined(MBEDTLS_SHA256_C)
125 const mbedtls_md_info_t mbedtls_sha256_info = {
126 "SHA256",
127 MBEDTLS_MD_SHA256,
128 32,
129 64,
130 };
131 #endif
132
133 #if defined(MBEDTLS_SHA384_C)
134 const mbedtls_md_info_t mbedtls_sha384_info = {
135 "SHA384",
136 MBEDTLS_MD_SHA384,
137 48,
138 128,
139 };
140 #endif
141
142 #if defined(MBEDTLS_SHA512_C)
143 const mbedtls_md_info_t mbedtls_sha512_info = {
144 "SHA512",
145 MBEDTLS_MD_SHA512,
146 64,
147 128,
148 };
149 #endif
150
151 /*
152 * Reminder: update profiles in x509_crt.c when adding a new hash!
153 */
154 static const int supported_digests[] = {
155
156 #if defined(MBEDTLS_SHA512_C)
157 MBEDTLS_MD_SHA512,
158 #endif
159
160 #if defined(MBEDTLS_SHA384_C)
161 MBEDTLS_MD_SHA384,
162 #endif
163
164 #if defined(MBEDTLS_SHA256_C)
165 MBEDTLS_MD_SHA256,
166 #endif
167 #if defined(MBEDTLS_SHA224_C)
168 MBEDTLS_MD_SHA224,
169 #endif
170
171 #if defined(MBEDTLS_SHA1_C)
172 MBEDTLS_MD_SHA1,
173 #endif
174
175 #if defined(MBEDTLS_RIPEMD160_C)
176 MBEDTLS_MD_RIPEMD160,
177 #endif
178
179 #if defined(MBEDTLS_MD5_C)
180 MBEDTLS_MD_MD5,
181 #endif
182
183 #if defined(MBEDTLS_MD4_C)
184 MBEDTLS_MD_MD4,
185 #endif
186
187 #if defined(MBEDTLS_MD2_C)
188 MBEDTLS_MD_MD2,
189 #endif
190
191 MBEDTLS_MD_NONE
192 };
193
mbedtls_md_list(void)194 const int *mbedtls_md_list( void )
195 {
196 return( supported_digests );
197 }
198
mbedtls_md_info_from_string(const char * md_name)199 const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name )
200 {
201 if( NULL == md_name )
202 return( NULL );
203
204 /* Get the appropriate digest information */
205 #if defined(MBEDTLS_MD2_C)
206 if( !strcmp( "MD2", md_name ) )
207 return mbedtls_md_info_from_type( MBEDTLS_MD_MD2 );
208 #endif
209 #if defined(MBEDTLS_MD4_C)
210 if( !strcmp( "MD4", md_name ) )
211 return mbedtls_md_info_from_type( MBEDTLS_MD_MD4 );
212 #endif
213 #if defined(MBEDTLS_MD5_C)
214 if( !strcmp( "MD5", md_name ) )
215 return mbedtls_md_info_from_type( MBEDTLS_MD_MD5 );
216 #endif
217 #if defined(MBEDTLS_RIPEMD160_C)
218 if( !strcmp( "RIPEMD160", md_name ) )
219 return mbedtls_md_info_from_type( MBEDTLS_MD_RIPEMD160 );
220 #endif
221 #if defined(MBEDTLS_SHA1_C)
222 if( !strcmp( "SHA1", md_name ) || !strcmp( "SHA", md_name ) )
223 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
224 #endif
225 #if defined(MBEDTLS_SHA224_C)
226 if( !strcmp( "SHA224", md_name ) )
227 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA224 );
228 #endif
229 #if defined(MBEDTLS_SHA256_C)
230 if( !strcmp( "SHA256", md_name ) )
231 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 );
232 #endif
233 #if defined(MBEDTLS_SHA384_C)
234 if( !strcmp( "SHA384", md_name ) )
235 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 );
236 #endif
237 #if defined(MBEDTLS_SHA512_C)
238 if( !strcmp( "SHA512", md_name ) )
239 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 );
240 #endif
241 return( NULL );
242 }
243
mbedtls_md_info_from_type(mbedtls_md_type_t md_type)244 const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
245 {
246 switch( md_type )
247 {
248 #if defined(MBEDTLS_MD2_C)
249 case MBEDTLS_MD_MD2:
250 #if defined(HW_MBEDTLS_CONFIG_C)
251 if (hw_mbedtls_get_config(HW_MBEDTLS_DISABLE_MD2) == HW_MBEDTLS_CONFIG_ENABLE) {
252 return( &mbedtls_md2_info );
253 } else {
254 return NULL;
255 }
256 #else
257 return( &mbedtls_md2_info );
258 #endif
259 #endif
260
261 #if defined(MBEDTLS_MD4_C)
262 case MBEDTLS_MD_MD4:
263 #if defined(HW_MBEDTLS_CONFIG_C)
264 if (hw_mbedtls_get_config(HW_MBEDTLS_DISABLE_MD4) == HW_MBEDTLS_CONFIG_ENABLE) {
265 return( &mbedtls_md4_info );
266 } else {
267 return NULL;
268 }
269 #else
270 return( &mbedtls_md4_info );
271 #endif
272 #endif
273
274 #if defined(MBEDTLS_MD5_C)
275 case MBEDTLS_MD_MD5:
276 return( &mbedtls_md5_info );
277 #endif
278 #if defined(MBEDTLS_RIPEMD160_C)
279 case MBEDTLS_MD_RIPEMD160:
280 return( &mbedtls_ripemd160_info );
281 #endif
282 #if defined(MBEDTLS_SHA1_C)
283 case MBEDTLS_MD_SHA1:
284 return( &mbedtls_sha1_info );
285 #endif
286 #if defined(MBEDTLS_SHA224_C)
287 case MBEDTLS_MD_SHA224:
288 return( &mbedtls_sha224_info );
289 #endif
290 #if defined(MBEDTLS_SHA256_C)
291 case MBEDTLS_MD_SHA256:
292 return( &mbedtls_sha256_info );
293 #endif
294 #if defined(MBEDTLS_SHA384_C)
295 case MBEDTLS_MD_SHA384:
296 return( &mbedtls_sha384_info );
297 #endif
298 #if defined(MBEDTLS_SHA512_C)
299 case MBEDTLS_MD_SHA512:
300 return( &mbedtls_sha512_info );
301 #endif
302 default:
303 return( NULL );
304 }
305 }
306
mbedtls_md_init(mbedtls_md_context_t * ctx)307 void mbedtls_md_init( mbedtls_md_context_t *ctx )
308 {
309 memset( ctx, 0, sizeof( mbedtls_md_context_t ) );
310 }
311
mbedtls_md_free(mbedtls_md_context_t * ctx)312 void mbedtls_md_free( mbedtls_md_context_t *ctx )
313 {
314 if( ctx == NULL || ctx->md_info == NULL )
315 return;
316
317 if( ctx->md_ctx != NULL )
318 {
319 switch( ctx->md_info->type )
320 {
321 #if defined(MBEDTLS_MD2_C)
322 case MBEDTLS_MD_MD2:
323 mbedtls_md2_free( ctx->md_ctx );
324 break;
325 #endif
326 #if defined(MBEDTLS_MD4_C)
327 case MBEDTLS_MD_MD4:
328 mbedtls_md4_free( ctx->md_ctx );
329 break;
330 #endif
331 #if defined(MBEDTLS_MD5_C)
332 case MBEDTLS_MD_MD5:
333 mbedtls_md5_free( ctx->md_ctx );
334 break;
335 #endif
336 #if defined(MBEDTLS_RIPEMD160_C)
337 case MBEDTLS_MD_RIPEMD160:
338 mbedtls_ripemd160_free( ctx->md_ctx );
339 break;
340 #endif
341 #if defined(MBEDTLS_SHA1_C)
342 case MBEDTLS_MD_SHA1:
343 mbedtls_sha1_free( ctx->md_ctx );
344 break;
345 #endif
346 #if defined(MBEDTLS_SHA224_C)
347 case MBEDTLS_MD_SHA224:
348 mbedtls_sha256_free( ctx->md_ctx );
349 break;
350 #endif
351 #if defined(MBEDTLS_SHA256_C)
352 case MBEDTLS_MD_SHA256:
353 mbedtls_sha256_free( ctx->md_ctx );
354 break;
355 #endif
356 #if defined(MBEDTLS_SHA384_C)
357 case MBEDTLS_MD_SHA384:
358 mbedtls_sha512_free( ctx->md_ctx );
359 break;
360 #endif
361 #if defined(MBEDTLS_SHA512_C)
362 case MBEDTLS_MD_SHA512:
363 mbedtls_sha512_free( ctx->md_ctx );
364 break;
365 #endif
366 default:
367 /* Shouldn't happen */
368 break;
369 }
370 mbedtls_free( ctx->md_ctx );
371 }
372
373 if( ctx->hmac_ctx != NULL )
374 {
375 mbedtls_platform_zeroize( ctx->hmac_ctx,
376 2 * ctx->md_info->block_size );
377 mbedtls_free( ctx->hmac_ctx );
378 }
379
380 mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md_context_t ) );
381 }
382
mbedtls_md_clone(mbedtls_md_context_t * dst,const mbedtls_md_context_t * src)383 int mbedtls_md_clone( mbedtls_md_context_t *dst,
384 const mbedtls_md_context_t *src )
385 {
386 if( dst == NULL || dst->md_info == NULL ||
387 src == NULL || src->md_info == NULL ||
388 dst->md_info != src->md_info )
389 {
390 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
391 }
392
393 switch( src->md_info->type )
394 {
395 #if defined(MBEDTLS_MD2_C)
396 case MBEDTLS_MD_MD2:
397 mbedtls_md2_clone( dst->md_ctx, src->md_ctx );
398 break;
399 #endif
400 #if defined(MBEDTLS_MD4_C)
401 case MBEDTLS_MD_MD4:
402 mbedtls_md4_clone( dst->md_ctx, src->md_ctx );
403 break;
404 #endif
405 #if defined(MBEDTLS_MD5_C)
406 case MBEDTLS_MD_MD5:
407 mbedtls_md5_clone( dst->md_ctx, src->md_ctx );
408 break;
409 #endif
410 #if defined(MBEDTLS_RIPEMD160_C)
411 case MBEDTLS_MD_RIPEMD160:
412 mbedtls_ripemd160_clone( dst->md_ctx, src->md_ctx );
413 break;
414 #endif
415 #if defined(MBEDTLS_SHA1_C)
416 case MBEDTLS_MD_SHA1:
417 mbedtls_sha1_clone( dst->md_ctx, src->md_ctx );
418 break;
419 #endif
420 #if defined(MBEDTLS_SHA224_C)
421 case MBEDTLS_MD_SHA224:
422 mbedtls_sha256_clone( dst->md_ctx, src->md_ctx );
423 break;
424 #endif
425 #if defined(MBEDTLS_SHA256_C)
426 case MBEDTLS_MD_SHA256:
427 mbedtls_sha256_clone( dst->md_ctx, src->md_ctx );
428 break;
429 #endif
430 #if defined(MBEDTLS_SHA384_C)
431 case MBEDTLS_MD_SHA384:
432 mbedtls_sha512_clone( dst->md_ctx, src->md_ctx );
433 break;
434 #endif
435 #if defined(MBEDTLS_SHA512_C)
436 case MBEDTLS_MD_SHA512:
437 mbedtls_sha512_clone( dst->md_ctx, src->md_ctx );
438 break;
439 #endif
440 default:
441 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
442 }
443
444 return( 0 );
445 }
446
447 #define ALLOC( type ) \
448 do { \
449 ctx->md_ctx = mbedtls_calloc( 1, sizeof( mbedtls_##type##_context ) ); \
450 if( ctx->md_ctx == NULL ) \
451 return( MBEDTLS_ERR_MD_ALLOC_FAILED ); \
452 mbedtls_##type##_init( ctx->md_ctx ); \
453 } \
454 while( 0 )
455
mbedtls_md_setup(mbedtls_md_context_t * ctx,const mbedtls_md_info_t * md_info,int hmac)456 int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac )
457 {
458 if( md_info == NULL || ctx == NULL )
459 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
460
461 ctx->md_info = md_info;
462 ctx->md_ctx = NULL;
463 ctx->hmac_ctx = NULL;
464
465 switch( md_info->type )
466 {
467 #if defined(MBEDTLS_MD2_C)
468 case MBEDTLS_MD_MD2:
469 ALLOC( md2 );
470 break;
471 #endif
472 #if defined(MBEDTLS_MD4_C)
473 case MBEDTLS_MD_MD4:
474 ALLOC( md4 );
475 break;
476 #endif
477 #if defined(MBEDTLS_MD5_C)
478 case MBEDTLS_MD_MD5:
479 ALLOC( md5 );
480 break;
481 #endif
482 #if defined(MBEDTLS_RIPEMD160_C)
483 case MBEDTLS_MD_RIPEMD160:
484 ALLOC( ripemd160 );
485 break;
486 #endif
487 #if defined(MBEDTLS_SHA1_C)
488 case MBEDTLS_MD_SHA1:
489 ALLOC( sha1 );
490 break;
491 #endif
492 #if defined(MBEDTLS_SHA224_C)
493 case MBEDTLS_MD_SHA224:
494 ALLOC( sha256 );
495 break;
496 #endif
497 #if defined(MBEDTLS_SHA256_C)
498 case MBEDTLS_MD_SHA256:
499 ALLOC( sha256 );
500 break;
501 #endif
502 #if defined(MBEDTLS_SHA384_C)
503 case MBEDTLS_MD_SHA384:
504 ALLOC( sha512 );
505 break;
506 #endif
507 #if defined(MBEDTLS_SHA512_C)
508 case MBEDTLS_MD_SHA512:
509 ALLOC( sha512 );
510 break;
511 #endif
512 default:
513 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
514 }
515
516 if( hmac != 0 )
517 {
518 ctx->hmac_ctx = mbedtls_calloc( 2, md_info->block_size );
519 if( ctx->hmac_ctx == NULL )
520 {
521 mbedtls_md_free( ctx );
522 return( MBEDTLS_ERR_MD_ALLOC_FAILED );
523 }
524 }
525
526 return( 0 );
527 }
528 #undef ALLOC
529
mbedtls_md_starts(mbedtls_md_context_t * ctx)530 int mbedtls_md_starts( mbedtls_md_context_t *ctx )
531 {
532 if( ctx == NULL || ctx->md_info == NULL )
533 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
534
535 switch( ctx->md_info->type )
536 {
537 #if defined(MBEDTLS_MD2_C)
538 case MBEDTLS_MD_MD2:
539 return( mbedtls_md2_starts( ctx->md_ctx ) );
540 #endif
541 #if defined(MBEDTLS_MD4_C)
542 case MBEDTLS_MD_MD4:
543 return( mbedtls_md4_starts( ctx->md_ctx ) );
544 #endif
545 #if defined(MBEDTLS_MD5_C)
546 case MBEDTLS_MD_MD5:
547 return( mbedtls_md5_starts( ctx->md_ctx ) );
548 #endif
549 #if defined(MBEDTLS_RIPEMD160_C)
550 case MBEDTLS_MD_RIPEMD160:
551 return( mbedtls_ripemd160_starts( ctx->md_ctx ) );
552 #endif
553 #if defined(MBEDTLS_SHA1_C)
554 case MBEDTLS_MD_SHA1:
555 return( mbedtls_sha1_starts( ctx->md_ctx ) );
556 #endif
557 #if defined(MBEDTLS_SHA224_C)
558 case MBEDTLS_MD_SHA224:
559 return( mbedtls_sha256_starts( ctx->md_ctx, 1 ) );
560 #endif
561 #if defined(MBEDTLS_SHA256_C)
562 case MBEDTLS_MD_SHA256:
563 return( mbedtls_sha256_starts( ctx->md_ctx, 0 ) );
564 #endif
565 #if defined(MBEDTLS_SHA384_C)
566 case MBEDTLS_MD_SHA384:
567 return( mbedtls_sha512_starts( ctx->md_ctx, 1 ) );
568 #endif
569 #if defined(MBEDTLS_SHA512_C)
570 case MBEDTLS_MD_SHA512:
571 return( mbedtls_sha512_starts( ctx->md_ctx, 0 ) );
572 #endif
573 default:
574 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
575 }
576 }
577
mbedtls_md_update(mbedtls_md_context_t * ctx,const unsigned char * input,size_t ilen)578 int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
579 {
580 if( ctx == NULL || ctx->md_info == NULL )
581 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
582
583 switch( ctx->md_info->type )
584 {
585 #if defined(MBEDTLS_MD2_C)
586 case MBEDTLS_MD_MD2:
587 return( mbedtls_md2_update( ctx->md_ctx, input, ilen ) );
588 #endif
589 #if defined(MBEDTLS_MD4_C)
590 case MBEDTLS_MD_MD4:
591 return( mbedtls_md4_update( ctx->md_ctx, input, ilen ) );
592 #endif
593 #if defined(MBEDTLS_MD5_C)
594 case MBEDTLS_MD_MD5:
595 return( mbedtls_md5_update( ctx->md_ctx, input, ilen ) );
596 #endif
597 #if defined(MBEDTLS_RIPEMD160_C)
598 case MBEDTLS_MD_RIPEMD160:
599 return( mbedtls_ripemd160_update( ctx->md_ctx, input, ilen ) );
600 #endif
601 #if defined(MBEDTLS_SHA1_C)
602 case MBEDTLS_MD_SHA1:
603 return( mbedtls_sha1_update( ctx->md_ctx, input, ilen ) );
604 #endif
605 #if defined(MBEDTLS_SHA224_C)
606 case MBEDTLS_MD_SHA224:
607 return( mbedtls_sha256_update( ctx->md_ctx, input, ilen ) );
608 #endif
609 #if defined(MBEDTLS_SHA256_C)
610 case MBEDTLS_MD_SHA256:
611 return( mbedtls_sha256_update( ctx->md_ctx, input, ilen ) );
612 #endif
613 #if defined(MBEDTLS_SHA384_C)
614 case MBEDTLS_MD_SHA384:
615 return( mbedtls_sha512_update( ctx->md_ctx, input, ilen ) );
616 #endif
617 #if defined(MBEDTLS_SHA512_C)
618 case MBEDTLS_MD_SHA512:
619 return( mbedtls_sha512_update( ctx->md_ctx, input, ilen ) );
620 #endif
621 default:
622 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
623 }
624 }
625
mbedtls_md_finish(mbedtls_md_context_t * ctx,unsigned char * output)626 int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
627 {
628 if( ctx == NULL || ctx->md_info == NULL )
629 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
630
631 switch( ctx->md_info->type )
632 {
633 #if defined(MBEDTLS_MD2_C)
634 case MBEDTLS_MD_MD2:
635 return( mbedtls_md2_finish( ctx->md_ctx, output ) );
636 #endif
637 #if defined(MBEDTLS_MD4_C)
638 case MBEDTLS_MD_MD4:
639 return( mbedtls_md4_finish( ctx->md_ctx, output ) );
640 #endif
641 #if defined(MBEDTLS_MD5_C)
642 case MBEDTLS_MD_MD5:
643 return( mbedtls_md5_finish( ctx->md_ctx, output ) );
644 #endif
645 #if defined(MBEDTLS_RIPEMD160_C)
646 case MBEDTLS_MD_RIPEMD160:
647 return( mbedtls_ripemd160_finish( ctx->md_ctx, output ) );
648 #endif
649 #if defined(MBEDTLS_SHA1_C)
650 case MBEDTLS_MD_SHA1:
651 return( mbedtls_sha1_finish( ctx->md_ctx, output ) );
652 #endif
653 #if defined(MBEDTLS_SHA224_C)
654 case MBEDTLS_MD_SHA224:
655 return( mbedtls_sha256_finish( ctx->md_ctx, output ) );
656 #endif
657 #if defined(MBEDTLS_SHA256_C)
658 case MBEDTLS_MD_SHA256:
659 return( mbedtls_sha256_finish( ctx->md_ctx, output ) );
660 #endif
661 #if defined(MBEDTLS_SHA384_C)
662 case MBEDTLS_MD_SHA384:
663 return( mbedtls_sha512_finish( ctx->md_ctx, output ) );
664 #endif
665 #if defined(MBEDTLS_SHA512_C)
666 case MBEDTLS_MD_SHA512:
667 return( mbedtls_sha512_finish( ctx->md_ctx, output ) );
668 #endif
669 default:
670 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
671 }
672 }
673
mbedtls_md(const mbedtls_md_info_t * md_info,const unsigned char * input,size_t ilen,unsigned char * output)674 int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
675 unsigned char *output )
676 {
677 if( md_info == NULL )
678 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
679
680 switch( md_info->type )
681 {
682 #if defined(MBEDTLS_MD2_C)
683 case MBEDTLS_MD_MD2:
684 return( mbedtls_md2( input, ilen, output ) );
685 #endif
686 #if defined(MBEDTLS_MD4_C)
687 case MBEDTLS_MD_MD4:
688 return( mbedtls_md4( input, ilen, output ) );
689 #endif
690 #if defined(MBEDTLS_MD5_C)
691 case MBEDTLS_MD_MD5:
692 return( mbedtls_md5( input, ilen, output ) );
693 #endif
694 #if defined(MBEDTLS_RIPEMD160_C)
695 case MBEDTLS_MD_RIPEMD160:
696 return( mbedtls_ripemd160( input, ilen, output ) );
697 #endif
698 #if defined(MBEDTLS_SHA1_C)
699 case MBEDTLS_MD_SHA1:
700 return( mbedtls_sha1( input, ilen, output ) );
701 #endif
702 #if defined(MBEDTLS_SHA224_C)
703 case MBEDTLS_MD_SHA224:
704 return( mbedtls_sha256( input, ilen, output, 1 ) );
705 #endif
706 #if defined(MBEDTLS_SHA256_C)
707 case MBEDTLS_MD_SHA256:
708 return( mbedtls_sha256( input, ilen, output, 0 ) );
709 #endif
710 #if defined(MBEDTLS_SHA384_C)
711 case MBEDTLS_MD_SHA384:
712 return( mbedtls_sha512( input, ilen, output, 1 ) );
713 #endif
714 #if defined(MBEDTLS_SHA512_C)
715 case MBEDTLS_MD_SHA512:
716 return( mbedtls_sha512( input, ilen, output, 0 ) );
717 #endif
718 default:
719 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
720 }
721 }
722
723 #if defined(MBEDTLS_FS_IO)
mbedtls_md_file(const mbedtls_md_info_t * md_info,const char * path,unsigned char * output)724 int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output )
725 {
726 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
727 FILE *f;
728 size_t n;
729 mbedtls_md_context_t ctx;
730 unsigned char buf[1024];
731
732 if( md_info == NULL )
733 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
734
735 if( ( f = fopen( path, "rb" ) ) == NULL )
736 return( MBEDTLS_ERR_MD_FILE_IO_ERROR );
737
738 mbedtls_md_init( &ctx );
739
740 if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
741 goto cleanup;
742
743 if( ( ret = mbedtls_md_starts( &ctx ) ) != 0 )
744 goto cleanup;
745
746 while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
747 if( ( ret = mbedtls_md_update( &ctx, buf, n ) ) != 0 )
748 goto cleanup;
749
750 if( ferror( f ) != 0 )
751 ret = MBEDTLS_ERR_MD_FILE_IO_ERROR;
752 else
753 ret = mbedtls_md_finish( &ctx, output );
754
755 cleanup:
756 mbedtls_platform_zeroize( buf, sizeof( buf ) );
757 fclose( f );
758 mbedtls_md_free( &ctx );
759
760 return( ret );
761 }
762 #endif /* MBEDTLS_FS_IO */
763
mbedtls_md_hmac_starts(mbedtls_md_context_t * ctx,const unsigned char * key,size_t keylen)764 int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen )
765 {
766 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
767 unsigned char sum[MBEDTLS_MD_MAX_SIZE];
768 unsigned char *ipad, *opad;
769 size_t i;
770
771 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
772 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
773
774 if( keylen > (size_t) ctx->md_info->block_size )
775 {
776 if( ( ret = mbedtls_md_starts( ctx ) ) != 0 )
777 goto cleanup;
778 if( ( ret = mbedtls_md_update( ctx, key, keylen ) ) != 0 )
779 goto cleanup;
780 if( ( ret = mbedtls_md_finish( ctx, sum ) ) != 0 )
781 goto cleanup;
782
783 keylen = ctx->md_info->size;
784 key = sum;
785 }
786
787 ipad = (unsigned char *) ctx->hmac_ctx;
788 opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
789
790 memset( ipad, 0x36, ctx->md_info->block_size );
791 memset( opad, 0x5C, ctx->md_info->block_size );
792
793 for( i = 0; i < keylen; i++ )
794 {
795 ipad[i] = (unsigned char)( ipad[i] ^ key[i] );
796 opad[i] = (unsigned char)( opad[i] ^ key[i] );
797 }
798
799 if( ( ret = mbedtls_md_starts( ctx ) ) != 0 )
800 goto cleanup;
801 if( ( ret = mbedtls_md_update( ctx, ipad,
802 ctx->md_info->block_size ) ) != 0 )
803 goto cleanup;
804
805 cleanup:
806 mbedtls_platform_zeroize( sum, sizeof( sum ) );
807
808 return( ret );
809 }
810
mbedtls_md_hmac_update(mbedtls_md_context_t * ctx,const unsigned char * input,size_t ilen)811 int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
812 {
813 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
814 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
815
816 return( mbedtls_md_update( ctx, input, ilen ) );
817 }
818
mbedtls_md_hmac_finish(mbedtls_md_context_t * ctx,unsigned char * output)819 int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
820 {
821 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
822 unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
823 unsigned char *opad;
824
825 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
826 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
827
828 opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
829
830 if( ( ret = mbedtls_md_finish( ctx, tmp ) ) != 0 )
831 return( ret );
832 if( ( ret = mbedtls_md_starts( ctx ) ) != 0 )
833 return( ret );
834 if( ( ret = mbedtls_md_update( ctx, opad,
835 ctx->md_info->block_size ) ) != 0 )
836 return( ret );
837 if( ( ret = mbedtls_md_update( ctx, tmp,
838 ctx->md_info->size ) ) != 0 )
839 return( ret );
840 return( mbedtls_md_finish( ctx, output ) );
841 }
842
mbedtls_md_hmac_reset(mbedtls_md_context_t * ctx)843 int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
844 {
845 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
846 unsigned char *ipad;
847
848 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
849 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
850
851 ipad = (unsigned char *) ctx->hmac_ctx;
852
853 if( ( ret = mbedtls_md_starts( ctx ) ) != 0 )
854 return( ret );
855 return( mbedtls_md_update( ctx, ipad, ctx->md_info->block_size ) );
856 }
857
mbedtls_md_hmac(const mbedtls_md_info_t * md_info,const unsigned char * key,size_t keylen,const unsigned char * input,size_t ilen,unsigned char * output)858 int mbedtls_md_hmac( const mbedtls_md_info_t *md_info,
859 const unsigned char *key, size_t keylen,
860 const unsigned char *input, size_t ilen,
861 unsigned char *output )
862 {
863 mbedtls_md_context_t ctx;
864 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
865
866 if( md_info == NULL )
867 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
868
869 mbedtls_md_init( &ctx );
870
871 if( ( ret = mbedtls_md_setup( &ctx, md_info, 1 ) ) != 0 )
872 goto cleanup;
873
874 if( ( ret = mbedtls_md_hmac_starts( &ctx, key, keylen ) ) != 0 )
875 goto cleanup;
876 if( ( ret = mbedtls_md_hmac_update( &ctx, input, ilen ) ) != 0 )
877 goto cleanup;
878 if( ( ret = mbedtls_md_hmac_finish( &ctx, output ) ) != 0 )
879 goto cleanup;
880
881 cleanup:
882 mbedtls_md_free( &ctx );
883
884 return( ret );
885 }
886
mbedtls_md_process(mbedtls_md_context_t * ctx,const unsigned char * data)887 int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
888 {
889 if( ctx == NULL || ctx->md_info == NULL )
890 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
891
892 switch( ctx->md_info->type )
893 {
894 #if defined(MBEDTLS_MD2_C)
895 case MBEDTLS_MD_MD2:
896 return( mbedtls_internal_md2_process( ctx->md_ctx ) );
897 #endif
898 #if defined(MBEDTLS_MD4_C)
899 case MBEDTLS_MD_MD4:
900 return( mbedtls_internal_md4_process( ctx->md_ctx, data ) );
901 #endif
902 #if defined(MBEDTLS_MD5_C)
903 case MBEDTLS_MD_MD5:
904 return( mbedtls_internal_md5_process( ctx->md_ctx, data ) );
905 #endif
906 #if defined(MBEDTLS_RIPEMD160_C)
907 case MBEDTLS_MD_RIPEMD160:
908 return( mbedtls_internal_ripemd160_process( ctx->md_ctx, data ) );
909 #endif
910 #if defined(MBEDTLS_SHA1_C) && !defined(MBEDTLS_SHA1_ALT)
911 case MBEDTLS_MD_SHA1:
912 return( mbedtls_internal_sha1_process( ctx->md_ctx, data ) );
913 #endif
914 #if defined(MBEDTLS_SHA224_C) && !defined(MBEDTLS_SHA256_ALT)
915 case MBEDTLS_MD_SHA224:
916 return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) );
917 #endif
918 #if defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA256_ALT)
919 case MBEDTLS_MD_SHA256:
920 return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) );
921 #endif
922 #if defined(MBEDTLS_SHA384_C) && !defined(MBEDTLS_SHA512_ALT)
923 case MBEDTLS_MD_SHA384:
924 return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) );
925 #endif
926 #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_ALT)
927 case MBEDTLS_MD_SHA512:
928 return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) );
929 #endif
930 default:
931 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
932 }
933 }
934
mbedtls_md_get_size(const mbedtls_md_info_t * md_info)935 unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info )
936 {
937 if( md_info == NULL )
938 return( 0 );
939
940 return md_info->size;
941 }
942
mbedtls_md_get_type(const mbedtls_md_info_t * md_info)943 mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info )
944 {
945 if( md_info == NULL )
946 return( MBEDTLS_MD_NONE );
947
948 return md_info->type;
949 }
950
mbedtls_md_get_name(const mbedtls_md_info_t * md_info)951 const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info )
952 {
953 if( md_info == NULL )
954 return( NULL );
955
956 return md_info->name;
957 }
958
959 #endif /* MBEDTLS_MD_C */
960