1 /** 2 * \file sha256.h 3 * 4 * \brief This file contains SHA-224 and SHA-256 definitions and functions. 5 * 6 * The Secure Hash Algorithms 224 and 256 (SHA-224 and SHA-256) cryptographic 7 * hash functions are defined in <em>FIPS 180-4: Secure Hash Standard (SHS)</em>. 8 */ 9 /* 10 * Copyright The Mbed TLS Contributors 11 * SPDX-License-Identifier: Apache-2.0 12 * 13 * Licensed under the Apache License, Version 2.0 (the "License"); you may 14 * not use this file except in compliance with the License. 15 * You may obtain a copy of the License at 16 * 17 * http://www.apache.org/licenses/LICENSE-2.0 18 * 19 * Unless required by applicable law or agreed to in writing, software 20 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 21 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 22 * See the License for the specific language governing permissions and 23 * limitations under the License. 24 */ 25 #ifndef MBEDTLS_SHA256_H 26 #define MBEDTLS_SHA256_H 27 28 #if !defined(MBEDTLS_CONFIG_FILE) 29 #include "mbedtls/config.h" 30 #else 31 #include MBEDTLS_CONFIG_FILE 32 #endif 33 34 #include <stddef.h> 35 #include <stdint.h> 36 37 /* MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED is deprecated and should not be used. */ 38 /** SHA-256 hardware accelerator failed */ 39 #define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED -0x0037 40 /** SHA-256 input data was malformed. */ 41 #define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA -0x0074 42 43 #ifdef __cplusplus 44 extern "C" { 45 #endif 46 47 #if !defined(MBEDTLS_SHA256_ALT) 48 // Regular implementation 49 // 50 51 /** 52 * \brief The SHA-256 context structure. 53 * 54 * The structure is used both for SHA-256 and for SHA-224 55 * checksum calculations. The choice between these two is 56 * made in the call to mbedtls_sha256_starts_ret(). 57 */ 58 typedef struct mbedtls_sha256_context 59 { 60 uint32_t total[2]; /*!< The number of Bytes processed. */ 61 uint32_t state[8]; /*!< The intermediate digest state. */ 62 unsigned char buffer[64]; /*!< The data block being processed. */ 63 int is224; /*!< Determines which function to use: 64 0: Use SHA-256, or 1: Use SHA-224. */ 65 } 66 mbedtls_sha256_context; 67 68 #else /* MBEDTLS_SHA256_ALT */ 69 #include "sha256_alt.h" 70 #endif /* MBEDTLS_SHA256_ALT */ 71 72 /** 73 * \brief This function initializes a SHA-256 context. 74 * 75 * \param ctx The SHA-256 context to initialize. This must not be \c NULL. 76 */ 77 void mbedtls_sha256_init( mbedtls_sha256_context *ctx ); 78 79 /** 80 * \brief This function clears a SHA-256 context. 81 * 82 * \param ctx The SHA-256 context to clear. This may be \c NULL, in which 83 * case this function returns immediately. If it is not \c NULL, 84 * it must point to an initialized SHA-256 context. 85 */ 86 void mbedtls_sha256_free( mbedtls_sha256_context *ctx ); 87 88 /** 89 * \brief This function clones the state of a SHA-256 context. 90 * 91 * \param dst The destination context. This must be initialized. 92 * \param src The context to clone. This must be initialized. 93 */ 94 void mbedtls_sha256_clone( mbedtls_sha256_context *dst, 95 const mbedtls_sha256_context *src ); 96 97 /** 98 * \brief This function starts a SHA-224 or SHA-256 checksum 99 * calculation. 100 * 101 * \param ctx The context to use. This must be initialized. 102 * \param is224 This determines which function to use. This must be 103 * either \c 0 for SHA-256, or \c 1 for SHA-224. 104 * 105 * \return \c 0 on success. 106 * \return A negative error code on failure. 107 */ 108 int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ); 109 110 /** 111 * \brief This function feeds an input buffer into an ongoing 112 * SHA-256 checksum calculation. 113 * 114 * \param ctx The SHA-256 context. This must be initialized 115 * and have a hash operation started. 116 * \param input The buffer holding the data. This must be a readable 117 * buffer of length \p ilen Bytes. 118 * \param ilen The length of the input data in Bytes. 119 * 120 * \return \c 0 on success. 121 * \return A negative error code on failure. 122 */ 123 int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, 124 const unsigned char *input, 125 size_t ilen ); 126 127 /** 128 * \brief This function finishes the SHA-256 operation, and writes 129 * the result to the output buffer. 130 * 131 * \param ctx The SHA-256 context. This must be initialized 132 * and have a hash operation started. 133 * \param output The SHA-224 or SHA-256 checksum result. 134 * This must be a writable buffer of length \c 32 Bytes. 135 * 136 * \return \c 0 on success. 137 * \return A negative error code on failure. 138 */ 139 int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, 140 unsigned char output[32] ); 141 142 /** 143 * \brief This function processes a single data block within 144 * the ongoing SHA-256 computation. This function is for 145 * internal use only. 146 * 147 * \param ctx The SHA-256 context. This must be initialized. 148 * \param data The buffer holding one block of data. This must 149 * be a readable buffer of length \c 64 Bytes. 150 * 151 * \return \c 0 on success. 152 * \return A negative error code on failure. 153 */ 154 int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, 155 const unsigned char data[64] ); 156 157 #if !defined(MBEDTLS_DEPRECATED_REMOVED) 158 #if defined(MBEDTLS_DEPRECATED_WARNING) 159 #define MBEDTLS_DEPRECATED __attribute__((deprecated)) 160 #else 161 #define MBEDTLS_DEPRECATED 162 #endif 163 /** 164 * \brief This function starts a SHA-224 or SHA-256 checksum 165 * calculation. 166 * 167 * \deprecated Superseded by mbedtls_sha256_starts_ret() in 2.7.0. 168 * 169 * \param ctx The context to use. This must be initialized. 170 * \param is224 Determines which function to use. This must be 171 * either \c 0 for SHA-256, or \c 1 for SHA-224. 172 */ 173 MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, 174 int is224 ); 175 176 /** 177 * \brief This function feeds an input buffer into an ongoing 178 * SHA-256 checksum calculation. 179 * 180 * \deprecated Superseded by mbedtls_sha256_update_ret() in 2.7.0. 181 * 182 * \param ctx The SHA-256 context to use. This must be 183 * initialized and have a hash operation started. 184 * \param input The buffer holding the data. This must be a readable 185 * buffer of length \p ilen Bytes. 186 * \param ilen The length of the input data in Bytes. 187 */ 188 MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx, 189 const unsigned char *input, 190 size_t ilen ); 191 192 /** 193 * \brief This function finishes the SHA-256 operation, and writes 194 * the result to the output buffer. 195 * 196 * \deprecated Superseded by mbedtls_sha256_finish_ret() in 2.7.0. 197 * 198 * \param ctx The SHA-256 context. This must be initialized and 199 * have a hash operation started. 200 * \param output The SHA-224 or SHA-256 checksum result. This must be 201 * a writable buffer of length \c 32 Bytes. 202 */ 203 MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, 204 unsigned char output[32] ); 205 206 /** 207 * \brief This function processes a single data block within 208 * the ongoing SHA-256 computation. This function is for 209 * internal use only. 210 * 211 * \deprecated Superseded by mbedtls_internal_sha256_process() in 2.7.0. 212 * 213 * \param ctx The SHA-256 context. This must be initialized. 214 * \param data The buffer holding one block of data. This must be 215 * a readable buffer of size \c 64 Bytes. 216 */ 217 MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx, 218 const unsigned char data[64] ); 219 220 #undef MBEDTLS_DEPRECATED 221 #endif /* !MBEDTLS_DEPRECATED_REMOVED */ 222 223 /** 224 * \brief This function calculates the SHA-224 or SHA-256 225 * checksum of a buffer. 226 * 227 * The function allocates the context, performs the 228 * calculation, and frees the context. 229 * 230 * The SHA-256 result is calculated as 231 * output = SHA-256(input buffer). 232 * 233 * \param input The buffer holding the data. This must be a readable 234 * buffer of length \p ilen Bytes. 235 * \param ilen The length of the input data in Bytes. 236 * \param output The SHA-224 or SHA-256 checksum result. This must 237 * be a writable buffer of length \c 32 Bytes. 238 * \param is224 Determines which function to use. This must be 239 * either \c 0 for SHA-256, or \c 1 for SHA-224. 240 * 241 * \return \c 0 on success. 242 * \return A negative error code on failure. 243 */ 244 int mbedtls_sha256_ret( const unsigned char *input, 245 size_t ilen, 246 unsigned char output[32], 247 int is224 ); 248 249 #if !defined(MBEDTLS_DEPRECATED_REMOVED) 250 #if defined(MBEDTLS_DEPRECATED_WARNING) 251 #define MBEDTLS_DEPRECATED __attribute__((deprecated)) 252 #else 253 #define MBEDTLS_DEPRECATED 254 #endif 255 256 /** 257 * \brief This function calculates the SHA-224 or SHA-256 checksum 258 * of a buffer. 259 * 260 * The function allocates the context, performs the 261 * calculation, and frees the context. 262 * 263 * The SHA-256 result is calculated as 264 * output = SHA-256(input buffer). 265 * 266 * \deprecated Superseded by mbedtls_sha256_ret() in 2.7.0. 267 * 268 * \param input The buffer holding the data. This must be a readable 269 * buffer of length \p ilen Bytes. 270 * \param ilen The length of the input data in Bytes. 271 * \param output The SHA-224 or SHA-256 checksum result. This must be 272 * a writable buffer of length \c 32 Bytes. 273 * \param is224 Determines which function to use. This must be either 274 * \c 0 for SHA-256, or \c 1 for SHA-224. 275 */ 276 MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input, 277 size_t ilen, 278 unsigned char output[32], 279 int is224 ); 280 281 #undef MBEDTLS_DEPRECATED 282 #endif /* !MBEDTLS_DEPRECATED_REMOVED */ 283 284 #if defined(MBEDTLS_SELF_TEST) 285 286 /** 287 * \brief The SHA-224 and SHA-256 checkup routine. 288 * 289 * \return \c 0 on success. 290 * \return \c 1 on failure. 291 */ 292 int mbedtls_sha256_self_test( int verbose ); 293 294 #endif /* MBEDTLS_SELF_TEST */ 295 296 #ifdef __cplusplus 297 } 298 #endif 299 300 #endif /* mbedtls_sha256.h */ 301