1 /**
2  * \file sha512.h
3  * \brief This file contains SHA-384 and SHA-512 definitions and functions.
4  *
5  * The Secure Hash Algorithms 384 and 512 (SHA-384 and SHA-512) cryptographic
6  * hash functions are defined in <em>FIPS 180-4: Secure Hash Standard (SHS)</em>.
7  */
8 /*
9  *  Copyright The Mbed TLS Contributors
10  *  SPDX-License-Identifier: Apache-2.0
11  *
12  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
13  *  not use this file except in compliance with the License.
14  *  You may obtain a copy of the License at
15  *
16  *  http://www.apache.org/licenses/LICENSE-2.0
17  *
18  *  Unless required by applicable law or agreed to in writing, software
19  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
20  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21  *  See the License for the specific language governing permissions and
22  *  limitations under the License.
23  */
24 #ifndef MBEDTLS_SHA512_H
25 #define MBEDTLS_SHA512_H
26 #include "mbedtls/private_access.h"
27 
28 #include "mbedtls/build_info.h"
29 
30 #include <stddef.h>
31 #include <stdint.h>
32 
33 /** SHA-512 input data was malformed. */
34 #define MBEDTLS_ERR_SHA512_BAD_INPUT_DATA                 -0x0075
35 
36 #ifdef __cplusplus
37 extern "C" {
38 #endif
39 
40 #if !defined(MBEDTLS_SHA512_ALT)
41 // Regular implementation
42 //
43 
44 /**
45  * \brief          The SHA-512 context structure.
46  *
47  *                 The structure is used both for SHA-384 and for SHA-512
48  *                 checksum calculations. The choice between these two is
49  *                 made in the call to mbedtls_sha512_starts().
50  */
51 typedef struct mbedtls_sha512_context
52 {
53     uint64_t MBEDTLS_PRIVATE(total)[2];          /*!< The number of Bytes processed. */
54     uint64_t MBEDTLS_PRIVATE(state)[8];          /*!< The intermediate digest state. */
55     unsigned char MBEDTLS_PRIVATE(buffer)[128];  /*!< The data block being processed. */
56 #if defined(MBEDTLS_SHA384_C)
57     int MBEDTLS_PRIVATE(is384);                  /*!< Determines which function to use:
58                                                       0: Use SHA-512, or 1: Use SHA-384. */
59 #endif
60 }
61 mbedtls_sha512_context;
62 
63 #else  /* MBEDTLS_SHA512_ALT */
64 #include "sha512_alt.h"
65 #endif /* MBEDTLS_SHA512_ALT */
66 
67 /**
68  * \brief          This function initializes a SHA-512 context.
69  *
70  * \param ctx      The SHA-512 context to initialize. This must
71  *                 not be \c NULL.
72  */
73 void mbedtls_sha512_init( mbedtls_sha512_context *ctx );
74 
75 /**
76  * \brief          This function clears a SHA-512 context.
77  *
78  * \param ctx      The SHA-512 context to clear. This may be \c NULL,
79  *                 in which case this function does nothing. If it
80  *                 is not \c NULL, it must point to an initialized
81  *                 SHA-512 context.
82  */
83 void mbedtls_sha512_free( mbedtls_sha512_context *ctx );
84 
85 /**
86  * \brief          This function clones the state of a SHA-512 context.
87  *
88  * \param dst      The destination context. This must be initialized.
89  * \param src      The context to clone. This must be initialized.
90  */
91 void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
92                            const mbedtls_sha512_context *src );
93 
94 /**
95  * \brief          This function starts a SHA-384 or SHA-512 checksum
96  *                 calculation.
97  *
98  * \param ctx      The SHA-512 context to use. This must be initialized.
99  * \param is384    Determines which function to use. This must be
100  *                 either \c 0 for SHA-512, or \c 1 for SHA-384.
101  *
102  * \note           When \c MBEDTLS_SHA384_C is not defined,
103  *                 \p is384 must be \c 0, or the function will return
104  *                 #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA.
105  *
106  * \return         \c 0 on success.
107  * \return         A negative error code on failure.
108  */
109 int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 );
110 
111 /**
112  * \brief          This function feeds an input buffer into an ongoing
113  *                 SHA-512 checksum calculation.
114  *
115  * \param ctx      The SHA-512 context. This must be initialized
116  *                 and have a hash operation started.
117  * \param input    The buffer holding the input data. This must
118  *                 be a readable buffer of length \p ilen Bytes.
119  * \param ilen     The length of the input data in Bytes.
120  *
121  * \return         \c 0 on success.
122  * \return         A negative error code on failure.
123  */
124 int mbedtls_sha512_update( mbedtls_sha512_context *ctx,
125                            const unsigned char *input,
126                            size_t ilen );
127 
128 /**
129  * \brief          This function finishes the SHA-512 operation, and writes
130  *                 the result to the output buffer.
131  *
132  * \param ctx      The SHA-512 context. This must be initialized
133  *                 and have a hash operation started.
134  * \param output   The SHA-384 or SHA-512 checksum result.
135  *                 This must be a writable buffer of length \c 64 bytes
136  *                 for SHA-512, \c 48 bytes for SHA-384.
137  *
138  * \return         \c 0 on success.
139  * \return         A negative error code on failure.
140  */
141 int mbedtls_sha512_finish( mbedtls_sha512_context *ctx,
142                            unsigned char *output );
143 
144 /**
145  * \brief          This function processes a single data block within
146  *                 the ongoing SHA-512 computation.
147  *                 This function is for internal use only.
148  *
149  * \param ctx      The SHA-512 context. This must be initialized.
150  * \param data     The buffer holding one block of data. This
151  *                 must be a readable buffer of length \c 128 Bytes.
152  *
153  * \return         \c 0 on success.
154  * \return         A negative error code on failure.
155  */
156 int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
157                                      const unsigned char data[128] );
158 
159 /**
160  * \brief          This function calculates the SHA-512 or SHA-384
161  *                 checksum of a buffer.
162  *
163  *                 The function allocates the context, performs the
164  *                 calculation, and frees the context.
165  *
166  *                 The SHA-512 result is calculated as
167  *                 output = SHA-512(input buffer).
168  *
169  * \param input    The buffer holding the input data. This must be
170  *                 a readable buffer of length \p ilen Bytes.
171  * \param ilen     The length of the input data in Bytes.
172  * \param output   The SHA-384 or SHA-512 checksum result.
173  *                 This must be a writable buffer of length \c 64 bytes
174  *                 for SHA-512, \c 48 bytes for SHA-384.
175  * \param is384    Determines which function to use. This must be either
176  *                 \c 0 for SHA-512, or \c 1 for SHA-384.
177  *
178  * \note           When \c MBEDTLS_SHA384_C is not defined, \p is384 must
179  *                 be \c 0, or the function will return
180  *                 #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA.
181  *
182  * \return         \c 0 on success.
183  * \return         A negative error code on failure.
184  */
185 int mbedtls_sha512( const unsigned char *input,
186                     size_t ilen,
187                     unsigned char *output,
188                     int is384 );
189 
190 #if defined(MBEDTLS_SELF_TEST)
191 
192  /**
193  * \brief          The SHA-384 or SHA-512 checkup routine.
194  *
195  * \return         \c 0 on success.
196  * \return         \c 1 on failure.
197  */
198 int mbedtls_sha512_self_test( int verbose );
199 #endif /* MBEDTLS_SELF_TEST */
200 
201 #ifdef __cplusplus
202 }
203 #endif
204 
205 #endif /* mbedtls_sha512.h */
206