1 /*
2 * sha1.h
3 *
4 * interface to the Secure Hash Algorithm v.1 (SHA-1), specified in
5 * FIPS 180-1
6 *
7 * David A. McGrew
8 * Cisco Systems, Inc.
9 */
10
11 /*
12 *
13 * Copyright (c) 2001-2017, Cisco Systems, Inc.
14 * All rights reserved.
15 *
16 * Redistribution and use in source and binary forms, with or without
17 * modification, are permitted provided that the following conditions
18 * are met:
19 *
20 * Redistributions of source code must retain the above copyright
21 * notice, this list of conditions and the following disclaimer.
22 *
23 * Redistributions in binary form must reproduce the above
24 * copyright notice, this list of conditions and the following
25 * disclaimer in the documentation and/or other materials provided
26 * with the distribution.
27 *
28 * Neither the name of the Cisco Systems, Inc. nor the names of its
29 * contributors may be used to endorse or promote products derived
30 * from this software without specific prior written permission.
31 *
32 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
33 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
34 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
35 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
36 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
37 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
38 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
39 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
40 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
41 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
42 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
43 * OF THE POSSIBILITY OF SUCH DAMAGE.
44 *
45 */
46
47 #ifndef SHA1_H
48 #define SHA1_H
49
50 #ifdef HAVE_CONFIG_H
51 #include <config.h>
52 #endif
53
54 #include "err.h"
55 #ifdef OPENSSL
56 #include <openssl/evp.h>
57 #include <stdint.h>
58 #else
59 #include "datatypes.h"
60 #endif
61
62 #ifdef __cplusplus
63 extern "C" {
64 #endif
65
66 #ifdef OPENSSL
67
68 /*
69 * srtp_sha1_init(&ctx) initializes the SHA1 context ctx
70 *
71 * srtp_sha1_update(&ctx, msg, len) hashes the len octets starting at msg
72 * into the SHA1 context
73 *
74 * srtp_sha1_final(&ctx, output) performs the final processing of the SHA1
75 * context and writes the result to the 20 octets at output
76 *
77 * Return values are ignored on the EVP functions since all three
78 * of these functions return void.
79 *
80 */
81
82 /* OpenSSL 1.1.0 made EVP_MD_CTX an opaque structure, which must be allocated
83 using EVP_MD_CTX_new. But this function doesn't exist in OpenSSL 1.0.x. */
84 #if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER
85
86 typedef EVP_MD_CTX srtp_sha1_ctx_t;
87
srtp_sha1_init(srtp_sha1_ctx_t * ctx)88 static inline void srtp_sha1_init(srtp_sha1_ctx_t *ctx)
89 {
90 EVP_MD_CTX_init(ctx);
91 EVP_DigestInit(ctx, EVP_sha1());
92 }
93
srtp_sha1_update(srtp_sha1_ctx_t * ctx,const uint8_t * M,int octets_in_msg)94 static inline void srtp_sha1_update(srtp_sha1_ctx_t *ctx,
95 const uint8_t *M,
96 int octets_in_msg)
97 {
98 EVP_DigestUpdate(ctx, M, octets_in_msg);
99 }
100
srtp_sha1_final(srtp_sha1_ctx_t * ctx,uint32_t * output)101 static inline void srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t *output)
102 {
103 unsigned int len = 0;
104
105 EVP_DigestFinal(ctx, (unsigned char *)output, &len);
106 EVP_MD_CTX_cleanup(ctx);
107 }
108
109 #else
110
111 typedef EVP_MD_CTX *srtp_sha1_ctx_t;
112
113 static inline void srtp_sha1_init(srtp_sha1_ctx_t *ctx)
114 {
115 *ctx = EVP_MD_CTX_new();
116 EVP_DigestInit(*ctx, EVP_sha1());
117 }
118
119 static inline void srtp_sha1_update(srtp_sha1_ctx_t *ctx,
120 const uint8_t *M,
121 int octets_in_msg)
122 {
123 EVP_DigestUpdate(*ctx, M, octets_in_msg);
124 }
125
126 static inline void srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t *output)
127 {
128 unsigned int len = 0;
129
130 EVP_DigestFinal(*ctx, (unsigned char *)output, &len);
131 EVP_MD_CTX_free(*ctx);
132 }
133 #endif
134
135 #else
136
137 typedef struct {
138 uint32_t H[5]; /* state vector */
139 uint32_t M[16]; /* message buffer */
140 int octets_in_buffer; /* octets of message in buffer */
141 uint32_t num_bits_in_msg; /* total number of bits in message */
142 } srtp_sha1_ctx_t;
143
144 /*
145 * srtp_sha1_init(&ctx) initializes the SHA1 context ctx
146 *
147 * srtp_sha1_update(&ctx, msg, len) hashes the len octets starting at msg
148 * into the SHA1 context
149 *
150 * srtp_sha1_final(&ctx, output) performs the final processing of the SHA1
151 * context and writes the result to the 20 octets at output
152 *
153 */
154 void srtp_sha1_init(srtp_sha1_ctx_t *ctx);
155
156 void srtp_sha1_update(srtp_sha1_ctx_t *ctx,
157 const uint8_t *M,
158 int octets_in_msg);
159
160 void srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t output[5]);
161
162 /*
163 * The srtp_sha1_core function is INTERNAL to SHA-1, but it is declared
164 * here because it is also used by the cipher SEAL 3.0 in its key
165 * setup algorithm.
166 */
167
168 /*
169 * srtp_sha1_core(M, H) computes the core sha1 compression function, where M is
170 * the next part of the message and H is the intermediate state {H0,
171 * H1, ...}
172 *
173 * this function does not do any of the padding required in the
174 * complete sha1 function
175 */
176 void srtp_sha1_core(const uint32_t M[16], uint32_t hash_value[5]);
177
178 #endif /* else OPENSSL */
179
180 #ifdef __cplusplus
181 }
182 #endif
183
184 #endif /* SHA1_H */
185