1 // Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 
15 #ifndef OPENSSL_HEADER_SHA_H
16 #define OPENSSL_HEADER_SHA_H
17 
18 #include <openssl/base.h>        // IWYU pragma: export
19 #include <openssl/bcm_public.h>  // IWYU pragma: export
20 
21 // `sha.h` historically included SHA-1 and SHA-2 hash functions. So, for
22 // backward compatibility `sha2.h` is included here. New uses of this header
23 // should include sha2.h unless SHA-1 family functions are required.
24 #include <openssl/sha2.h>  // IWYU pragma: export
25 
26 #if defined(__cplusplus)
27 extern "C" {
28 #endif
29 
30 
31 // The SHA family of hash functions (SHA-1 and SHA-2).
32 
33 
34 // SHA-1.
35 
36 // SHA_CBLOCK is the block size of SHA-1.
37 #define SHA_CBLOCK 64
38 
39 // SHA_DIGEST_LENGTH is the length of a SHA-1 digest.
40 #define SHA_DIGEST_LENGTH 20
41 
42 // SHA1_Init initialises |sha| and returns one.
43 OPENSSL_EXPORT int SHA1_Init(SHA_CTX *sha);
44 
45 // SHA1_Update adds |len| bytes from |data| to |sha| and returns one.
46 OPENSSL_EXPORT int SHA1_Update(SHA_CTX *sha, const void *data, size_t len);
47 
48 // SHA1_Final adds the final padding to |sha| and writes the resulting digest to
49 // |out|, which must have at least |SHA_DIGEST_LENGTH| bytes of space. It
50 // returns one.
51 OPENSSL_EXPORT int SHA1_Final(uint8_t out[SHA_DIGEST_LENGTH], SHA_CTX *sha);
52 
53 // SHA1 writes the digest of |len| bytes from |data| to |out| and returns
54 // |out|. There must be at least |SHA_DIGEST_LENGTH| bytes of space in
55 // |out|.
56 OPENSSL_EXPORT uint8_t *SHA1(const uint8_t *data, size_t len,
57                              uint8_t out[SHA_DIGEST_LENGTH]);
58 
59 // SHA1_Transform is a low-level function that performs a single, SHA-1 block
60 // transformation using the state from |sha| and |SHA_CBLOCK| bytes from
61 // |block|.
62 OPENSSL_EXPORT void SHA1_Transform(SHA_CTX *sha,
63                                    const uint8_t block[SHA_CBLOCK]);
64 
65 // CRYPTO_fips_186_2_prf derives |out_len| bytes from |xkey| using the PRF
66 // defined in FIPS 186-2, Appendix 3.1, with change notice 1 applied. The b
67 // parameter is 160 and seed, XKEY, is also 160 bits. The optional XSEED user
68 // input is all zeros.
69 //
70 // The PRF generates a sequence of 320-bit numbers. Each number is encoded as a
71 // 40-byte string in big-endian and then concatenated to form |out|. If
72 // |out_len| is not a multiple of 40, the result is truncated. This matches the
73 // construction used in Section 7 of RFC 4186 and Section 7 of RFC 4187.
74 //
75 // This PRF is based on SHA-1, a weak hash function, and should not be used
76 // in new protocols. It is provided for compatibility with some legacy EAP
77 // methods.
78 OPENSSL_EXPORT void CRYPTO_fips_186_2_prf(
79     uint8_t *out, size_t out_len, const uint8_t xkey[SHA_DIGEST_LENGTH]);
80 
81 
82 #if defined(__cplusplus)
83 }  // extern C
84 #endif
85 
86 #endif  // OPENSSL_HEADER_SHA_H
87