1 /**
2 * \file md.c
3 *
4 * \brief Generic message digest wrapper for mbed TLS
5 *
6 * \author Adriaan de Jong <dejong@fox-it.com>
7 *
8 * Copyright The Mbed TLS Contributors
9 * SPDX-License-Identifier: Apache-2.0
10 *
11 * Licensed under the Apache License, Version 2.0 (the "License"); you may
12 * not use this file except in compliance with the License.
13 * You may obtain a copy of the License at
14 *
15 * http://www.apache.org/licenses/LICENSE-2.0
16 *
17 * Unless required by applicable law or agreed to in writing, software
18 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
19 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20 * See the License for the specific language governing permissions and
21 * limitations under the License.
22 */
23
24 #include "common.h"
25
26 #if defined(MBEDTLS_MD_C)
27
28 #include "mbedtls/md.h"
29 #include "md_wrap.h"
30 #include "mbedtls/platform_util.h"
31 #include "mbedtls/error.h"
32
33 #include "mbedtls/md5.h"
34 #include "mbedtls/ripemd160.h"
35 #include "mbedtls/sha1.h"
36 #include "mbedtls/sha256.h"
37 #include "mbedtls/sha512.h"
38
39 #if defined(MBEDTLS_PLATFORM_C)
40 #include "mbedtls/platform.h"
41 #else
42 #include <stdlib.h>
43 #define mbedtls_calloc calloc
44 #define mbedtls_free free
45 #endif
46
47 #include <string.h>
48
49 #if defined(MBEDTLS_FS_IO)
50 #include <stdio.h>
51 #endif
52
53 #if defined(MBEDTLS_MD5_C)
54 const mbedtls_md_info_t mbedtls_md5_info = {
55 "MD5",
56 MBEDTLS_MD_MD5,
57 16,
58 64,
59 };
60 #endif
61
62 #if defined(MBEDTLS_RIPEMD160_C)
63 const mbedtls_md_info_t mbedtls_ripemd160_info = {
64 "RIPEMD160",
65 MBEDTLS_MD_RIPEMD160,
66 20,
67 64,
68 };
69 #endif
70
71 #if defined(MBEDTLS_SHA1_C)
72 const mbedtls_md_info_t mbedtls_sha1_info = {
73 "SHA1",
74 MBEDTLS_MD_SHA1,
75 20,
76 64,
77 };
78 #endif
79
80 #if defined(MBEDTLS_SHA224_C)
81 const mbedtls_md_info_t mbedtls_sha224_info = {
82 "SHA224",
83 MBEDTLS_MD_SHA224,
84 28,
85 64,
86 };
87 #endif
88
89 #if defined(MBEDTLS_SHA256_C)
90 const mbedtls_md_info_t mbedtls_sha256_info = {
91 "SHA256",
92 MBEDTLS_MD_SHA256,
93 32,
94 64,
95 };
96 #endif
97
98 #if defined(MBEDTLS_SHA384_C)
99 const mbedtls_md_info_t mbedtls_sha384_info = {
100 "SHA384",
101 MBEDTLS_MD_SHA384,
102 48,
103 128,
104 };
105 #endif
106
107 #if defined(MBEDTLS_SHA512_C)
108 const mbedtls_md_info_t mbedtls_sha512_info = {
109 "SHA512",
110 MBEDTLS_MD_SHA512,
111 64,
112 128,
113 };
114 #endif
115
116 /*
117 * Reminder: update profiles in x509_crt.c when adding a new hash!
118 */
119 static const int supported_digests[] = {
120
121 #if defined(MBEDTLS_SHA512_C)
122 MBEDTLS_MD_SHA512,
123 #endif
124
125 #if defined(MBEDTLS_SHA384_C)
126 MBEDTLS_MD_SHA384,
127 #endif
128
129 #if defined(MBEDTLS_SHA256_C)
130 MBEDTLS_MD_SHA256,
131 #endif
132 #if defined(MBEDTLS_SHA224_C)
133 MBEDTLS_MD_SHA224,
134 #endif
135
136 #if defined(MBEDTLS_SHA1_C)
137 MBEDTLS_MD_SHA1,
138 #endif
139
140 #if defined(MBEDTLS_RIPEMD160_C)
141 MBEDTLS_MD_RIPEMD160,
142 #endif
143
144 #if defined(MBEDTLS_MD5_C)
145 MBEDTLS_MD_MD5,
146 #endif
147
148 MBEDTLS_MD_NONE
149 };
150
mbedtls_md_list(void)151 const int *mbedtls_md_list( void )
152 {
153 return( supported_digests );
154 }
155
mbedtls_md_info_from_string(const char * md_name)156 const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name )
157 {
158 if( NULL == md_name )
159 return( NULL );
160
161 /* Get the appropriate digest information */
162 #if defined(MBEDTLS_MD5_C)
163 if( !strcmp( "MD5", md_name ) )
164 return mbedtls_md_info_from_type( MBEDTLS_MD_MD5 );
165 #endif
166 #if defined(MBEDTLS_RIPEMD160_C)
167 if( !strcmp( "RIPEMD160", md_name ) )
168 return mbedtls_md_info_from_type( MBEDTLS_MD_RIPEMD160 );
169 #endif
170 #if defined(MBEDTLS_SHA1_C)
171 if( !strcmp( "SHA1", md_name ) || !strcmp( "SHA", md_name ) )
172 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
173 #endif
174 #if defined(MBEDTLS_SHA224_C)
175 if( !strcmp( "SHA224", md_name ) )
176 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA224 );
177 #endif
178 #if defined(MBEDTLS_SHA256_C)
179 if( !strcmp( "SHA256", md_name ) )
180 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 );
181 #endif
182 #if defined(MBEDTLS_SHA384_C)
183 if( !strcmp( "SHA384", md_name ) )
184 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 );
185 #endif
186 #if defined(MBEDTLS_SHA512_C)
187 if( !strcmp( "SHA512", md_name ) )
188 return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 );
189 #endif
190 return( NULL );
191 }
192
mbedtls_md_info_from_type(mbedtls_md_type_t md_type)193 const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
194 {
195 switch( md_type )
196 {
197 #if defined(MBEDTLS_MD5_C)
198 case MBEDTLS_MD_MD5:
199 return( &mbedtls_md5_info );
200 #endif
201 #if defined(MBEDTLS_RIPEMD160_C)
202 case MBEDTLS_MD_RIPEMD160:
203 return( &mbedtls_ripemd160_info );
204 #endif
205 #if defined(MBEDTLS_SHA1_C)
206 case MBEDTLS_MD_SHA1:
207 return( &mbedtls_sha1_info );
208 #endif
209 #if defined(MBEDTLS_SHA224_C)
210 case MBEDTLS_MD_SHA224:
211 return( &mbedtls_sha224_info );
212 #endif
213 #if defined(MBEDTLS_SHA256_C)
214 case MBEDTLS_MD_SHA256:
215 return( &mbedtls_sha256_info );
216 #endif
217 #if defined(MBEDTLS_SHA384_C)
218 case MBEDTLS_MD_SHA384:
219 return( &mbedtls_sha384_info );
220 #endif
221 #if defined(MBEDTLS_SHA512_C)
222 case MBEDTLS_MD_SHA512:
223 return( &mbedtls_sha512_info );
224 #endif
225 default:
226 return( NULL );
227 }
228 }
229
mbedtls_md_init(mbedtls_md_context_t * ctx)230 void mbedtls_md_init( mbedtls_md_context_t *ctx )
231 {
232 memset( ctx, 0, sizeof( mbedtls_md_context_t ) );
233 }
234
mbedtls_md_free(mbedtls_md_context_t * ctx)235 void mbedtls_md_free( mbedtls_md_context_t *ctx )
236 {
237 if( ctx == NULL || ctx->md_info == NULL )
238 return;
239
240 if( ctx->md_ctx != NULL )
241 {
242 switch( ctx->md_info->type )
243 {
244 #if defined(MBEDTLS_MD5_C)
245 case MBEDTLS_MD_MD5:
246 mbedtls_md5_free( ctx->md_ctx );
247 break;
248 #endif
249 #if defined(MBEDTLS_RIPEMD160_C)
250 case MBEDTLS_MD_RIPEMD160:
251 mbedtls_ripemd160_free( ctx->md_ctx );
252 break;
253 #endif
254 #if defined(MBEDTLS_SHA1_C)
255 case MBEDTLS_MD_SHA1:
256 mbedtls_sha1_free( ctx->md_ctx );
257 break;
258 #endif
259 #if defined(MBEDTLS_SHA224_C)
260 case MBEDTLS_MD_SHA224:
261 mbedtls_sha256_free( ctx->md_ctx );
262 break;
263 #endif
264 #if defined(MBEDTLS_SHA256_C)
265 case MBEDTLS_MD_SHA256:
266 mbedtls_sha256_free( ctx->md_ctx );
267 break;
268 #endif
269 #if defined(MBEDTLS_SHA384_C)
270 case MBEDTLS_MD_SHA384:
271 mbedtls_sha512_free( ctx->md_ctx );
272 break;
273 #endif
274 #if defined(MBEDTLS_SHA512_C)
275 case MBEDTLS_MD_SHA512:
276 mbedtls_sha512_free( ctx->md_ctx );
277 break;
278 #endif
279 default:
280 /* Shouldn't happen */
281 break;
282 }
283 mbedtls_free( ctx->md_ctx );
284 }
285
286 if( ctx->hmac_ctx != NULL )
287 {
288 mbedtls_platform_zeroize( ctx->hmac_ctx,
289 2 * ctx->md_info->block_size );
290 mbedtls_free( ctx->hmac_ctx );
291 }
292
293 mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md_context_t ) );
294 }
295
mbedtls_md_clone(mbedtls_md_context_t * dst,const mbedtls_md_context_t * src)296 int mbedtls_md_clone( mbedtls_md_context_t *dst,
297 const mbedtls_md_context_t *src )
298 {
299 if( dst == NULL || dst->md_info == NULL ||
300 src == NULL || src->md_info == NULL ||
301 dst->md_info != src->md_info )
302 {
303 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
304 }
305
306 switch( src->md_info->type )
307 {
308 #if defined(MBEDTLS_MD5_C)
309 case MBEDTLS_MD_MD5:
310 mbedtls_md5_clone( dst->md_ctx, src->md_ctx );
311 break;
312 #endif
313 #if defined(MBEDTLS_RIPEMD160_C)
314 case MBEDTLS_MD_RIPEMD160:
315 mbedtls_ripemd160_clone( dst->md_ctx, src->md_ctx );
316 break;
317 #endif
318 #if defined(MBEDTLS_SHA1_C)
319 case MBEDTLS_MD_SHA1:
320 mbedtls_sha1_clone( dst->md_ctx, src->md_ctx );
321 break;
322 #endif
323 #if defined(MBEDTLS_SHA224_C)
324 case MBEDTLS_MD_SHA224:
325 mbedtls_sha256_clone( dst->md_ctx, src->md_ctx );
326 break;
327 #endif
328 #if defined(MBEDTLS_SHA256_C)
329 case MBEDTLS_MD_SHA256:
330 mbedtls_sha256_clone( dst->md_ctx, src->md_ctx );
331 break;
332 #endif
333 #if defined(MBEDTLS_SHA384_C)
334 case MBEDTLS_MD_SHA384:
335 mbedtls_sha512_clone( dst->md_ctx, src->md_ctx );
336 break;
337 #endif
338 #if defined(MBEDTLS_SHA512_C)
339 case MBEDTLS_MD_SHA512:
340 mbedtls_sha512_clone( dst->md_ctx, src->md_ctx );
341 break;
342 #endif
343 default:
344 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
345 }
346
347 return( 0 );
348 }
349
350 #define ALLOC( type ) \
351 do { \
352 ctx->md_ctx = mbedtls_calloc( 1, sizeof( mbedtls_##type##_context ) ); \
353 if( ctx->md_ctx == NULL ) \
354 return( MBEDTLS_ERR_MD_ALLOC_FAILED ); \
355 mbedtls_##type##_init( ctx->md_ctx ); \
356 } \
357 while( 0 )
358
mbedtls_md_setup(mbedtls_md_context_t * ctx,const mbedtls_md_info_t * md_info,int hmac)359 int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac )
360 {
361 if( md_info == NULL || ctx == NULL )
362 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
363
364 ctx->md_info = md_info;
365 ctx->md_ctx = NULL;
366 ctx->hmac_ctx = NULL;
367
368 switch( md_info->type )
369 {
370 #if defined(MBEDTLS_MD5_C)
371 case MBEDTLS_MD_MD5:
372 ALLOC( md5 );
373 break;
374 #endif
375 #if defined(MBEDTLS_RIPEMD160_C)
376 case MBEDTLS_MD_RIPEMD160:
377 ALLOC( ripemd160 );
378 break;
379 #endif
380 #if defined(MBEDTLS_SHA1_C)
381 case MBEDTLS_MD_SHA1:
382 ALLOC( sha1 );
383 break;
384 #endif
385 #if defined(MBEDTLS_SHA224_C)
386 case MBEDTLS_MD_SHA224:
387 ALLOC( sha256 );
388 break;
389 #endif
390 #if defined(MBEDTLS_SHA256_C)
391 case MBEDTLS_MD_SHA256:
392 ALLOC( sha256 );
393 break;
394 #endif
395 #if defined(MBEDTLS_SHA384_C)
396 case MBEDTLS_MD_SHA384:
397 ALLOC( sha512 );
398 break;
399 #endif
400 #if defined(MBEDTLS_SHA512_C)
401 case MBEDTLS_MD_SHA512:
402 ALLOC( sha512 );
403 break;
404 #endif
405 default:
406 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
407 }
408
409 if( hmac != 0 )
410 {
411 ctx->hmac_ctx = mbedtls_calloc( 2, md_info->block_size );
412 if( ctx->hmac_ctx == NULL )
413 {
414 mbedtls_md_free( ctx );
415 return( MBEDTLS_ERR_MD_ALLOC_FAILED );
416 }
417 }
418
419 return( 0 );
420 }
421 #undef ALLOC
422
mbedtls_md_starts(mbedtls_md_context_t * ctx)423 int mbedtls_md_starts( mbedtls_md_context_t *ctx )
424 {
425 if( ctx == NULL || ctx->md_info == NULL )
426 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
427
428 switch( ctx->md_info->type )
429 {
430 #if defined(MBEDTLS_MD5_C)
431 case MBEDTLS_MD_MD5:
432 return( mbedtls_md5_starts( ctx->md_ctx ) );
433 #endif
434 #if defined(MBEDTLS_RIPEMD160_C)
435 case MBEDTLS_MD_RIPEMD160:
436 return( mbedtls_ripemd160_starts( ctx->md_ctx ) );
437 #endif
438 #if defined(MBEDTLS_SHA1_C)
439 case MBEDTLS_MD_SHA1:
440 return( mbedtls_sha1_starts( ctx->md_ctx ) );
441 #endif
442 #if defined(MBEDTLS_SHA224_C)
443 case MBEDTLS_MD_SHA224:
444 return( mbedtls_sha256_starts( ctx->md_ctx, 1 ) );
445 #endif
446 #if defined(MBEDTLS_SHA256_C)
447 case MBEDTLS_MD_SHA256:
448 return( mbedtls_sha256_starts( ctx->md_ctx, 0 ) );
449 #endif
450 #if defined(MBEDTLS_SHA384_C)
451 case MBEDTLS_MD_SHA384:
452 return( mbedtls_sha512_starts( ctx->md_ctx, 1 ) );
453 #endif
454 #if defined(MBEDTLS_SHA512_C)
455 case MBEDTLS_MD_SHA512:
456 return( mbedtls_sha512_starts( ctx->md_ctx, 0 ) );
457 #endif
458 default:
459 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
460 }
461 }
462
mbedtls_md_update(mbedtls_md_context_t * ctx,const unsigned char * input,size_t ilen)463 int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
464 {
465 if( ctx == NULL || ctx->md_info == NULL )
466 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
467
468 switch( ctx->md_info->type )
469 {
470 #if defined(MBEDTLS_MD5_C)
471 case MBEDTLS_MD_MD5:
472 return( mbedtls_md5_update( ctx->md_ctx, input, ilen ) );
473 #endif
474 #if defined(MBEDTLS_RIPEMD160_C)
475 case MBEDTLS_MD_RIPEMD160:
476 return( mbedtls_ripemd160_update( ctx->md_ctx, input, ilen ) );
477 #endif
478 #if defined(MBEDTLS_SHA1_C)
479 case MBEDTLS_MD_SHA1:
480 return( mbedtls_sha1_update( ctx->md_ctx, input, ilen ) );
481 #endif
482 #if defined(MBEDTLS_SHA224_C)
483 case MBEDTLS_MD_SHA224:
484 return( mbedtls_sha256_update( ctx->md_ctx, input, ilen ) );
485 #endif
486 #if defined(MBEDTLS_SHA256_C)
487 case MBEDTLS_MD_SHA256:
488 return( mbedtls_sha256_update( ctx->md_ctx, input, ilen ) );
489 #endif
490 #if defined(MBEDTLS_SHA384_C)
491 case MBEDTLS_MD_SHA384:
492 return( mbedtls_sha512_update( ctx->md_ctx, input, ilen ) );
493 #endif
494 #if defined(MBEDTLS_SHA512_C)
495 case MBEDTLS_MD_SHA512:
496 return( mbedtls_sha512_update( ctx->md_ctx, input, ilen ) );
497 #endif
498 default:
499 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
500 }
501 }
502
mbedtls_md_finish(mbedtls_md_context_t * ctx,unsigned char * output)503 int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
504 {
505 if( ctx == NULL || ctx->md_info == NULL )
506 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
507
508 switch( ctx->md_info->type )
509 {
510 #if defined(MBEDTLS_MD5_C)
511 case MBEDTLS_MD_MD5:
512 return( mbedtls_md5_finish( ctx->md_ctx, output ) );
513 #endif
514 #if defined(MBEDTLS_RIPEMD160_C)
515 case MBEDTLS_MD_RIPEMD160:
516 return( mbedtls_ripemd160_finish( ctx->md_ctx, output ) );
517 #endif
518 #if defined(MBEDTLS_SHA1_C)
519 case MBEDTLS_MD_SHA1:
520 return( mbedtls_sha1_finish( ctx->md_ctx, output ) );
521 #endif
522 #if defined(MBEDTLS_SHA224_C)
523 case MBEDTLS_MD_SHA224:
524 return( mbedtls_sha256_finish( ctx->md_ctx, output ) );
525 #endif
526 #if defined(MBEDTLS_SHA256_C)
527 case MBEDTLS_MD_SHA256:
528 return( mbedtls_sha256_finish( ctx->md_ctx, output ) );
529 #endif
530 #if defined(MBEDTLS_SHA384_C)
531 case MBEDTLS_MD_SHA384:
532 return( mbedtls_sha512_finish( ctx->md_ctx, output ) );
533 #endif
534 #if defined(MBEDTLS_SHA512_C)
535 case MBEDTLS_MD_SHA512:
536 return( mbedtls_sha512_finish( ctx->md_ctx, output ) );
537 #endif
538 default:
539 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
540 }
541 }
542
mbedtls_md(const mbedtls_md_info_t * md_info,const unsigned char * input,size_t ilen,unsigned char * output)543 int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
544 unsigned char *output )
545 {
546 if( md_info == NULL )
547 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
548
549 switch( md_info->type )
550 {
551 #if defined(MBEDTLS_MD5_C)
552 case MBEDTLS_MD_MD5:
553 return( mbedtls_md5( input, ilen, output ) );
554 #endif
555 #if defined(MBEDTLS_RIPEMD160_C)
556 case MBEDTLS_MD_RIPEMD160:
557 return( mbedtls_ripemd160( input, ilen, output ) );
558 #endif
559 #if defined(MBEDTLS_SHA1_C)
560 case MBEDTLS_MD_SHA1:
561 return( mbedtls_sha1( input, ilen, output ) );
562 #endif
563 #if defined(MBEDTLS_SHA224_C)
564 case MBEDTLS_MD_SHA224:
565 return( mbedtls_sha256( input, ilen, output, 1 ) );
566 #endif
567 #if defined(MBEDTLS_SHA256_C)
568 case MBEDTLS_MD_SHA256:
569 return( mbedtls_sha256( input, ilen, output, 0 ) );
570 #endif
571 #if defined(MBEDTLS_SHA384_C)
572 case MBEDTLS_MD_SHA384:
573 return( mbedtls_sha512( input, ilen, output, 1 ) );
574 #endif
575 #if defined(MBEDTLS_SHA512_C)
576 case MBEDTLS_MD_SHA512:
577 return( mbedtls_sha512( input, ilen, output, 0 ) );
578 #endif
579 default:
580 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
581 }
582 }
583
584 #if defined(MBEDTLS_FS_IO)
mbedtls_md_file(const mbedtls_md_info_t * md_info,const char * path,unsigned char * output)585 int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output )
586 {
587 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
588 FILE *f;
589 size_t n;
590 mbedtls_md_context_t ctx;
591 unsigned char buf[1024];
592
593 if( md_info == NULL )
594 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
595
596 if( ( f = fopen( path, "rb" ) ) == NULL )
597 return( MBEDTLS_ERR_MD_FILE_IO_ERROR );
598
599 mbedtls_md_init( &ctx );
600
601 if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
602 goto cleanup;
603
604 if( ( ret = mbedtls_md_starts( &ctx ) ) != 0 )
605 goto cleanup;
606
607 while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
608 if( ( ret = mbedtls_md_update( &ctx, buf, n ) ) != 0 )
609 goto cleanup;
610
611 if( ferror( f ) != 0 )
612 ret = MBEDTLS_ERR_MD_FILE_IO_ERROR;
613 else
614 ret = mbedtls_md_finish( &ctx, output );
615
616 cleanup:
617 mbedtls_platform_zeroize( buf, sizeof( buf ) );
618 fclose( f );
619 mbedtls_md_free( &ctx );
620
621 return( ret );
622 }
623 #endif /* MBEDTLS_FS_IO */
624
mbedtls_md_hmac_starts(mbedtls_md_context_t * ctx,const unsigned char * key,size_t keylen)625 int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen )
626 {
627 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
628 unsigned char sum[MBEDTLS_MD_MAX_SIZE];
629 unsigned char *ipad, *opad;
630 size_t i;
631
632 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
633 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
634
635 if( keylen > (size_t) ctx->md_info->block_size )
636 {
637 if( ( ret = mbedtls_md_starts( ctx ) ) != 0 )
638 goto cleanup;
639 if( ( ret = mbedtls_md_update( ctx, key, keylen ) ) != 0 )
640 goto cleanup;
641 if( ( ret = mbedtls_md_finish( ctx, sum ) ) != 0 )
642 goto cleanup;
643
644 keylen = ctx->md_info->size;
645 key = sum;
646 }
647
648 ipad = (unsigned char *) ctx->hmac_ctx;
649 opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
650
651 memset( ipad, 0x36, ctx->md_info->block_size );
652 memset( opad, 0x5C, ctx->md_info->block_size );
653
654 for( i = 0; i < keylen; i++ )
655 {
656 ipad[i] = (unsigned char)( ipad[i] ^ key[i] );
657 opad[i] = (unsigned char)( opad[i] ^ key[i] );
658 }
659
660 if( ( ret = mbedtls_md_starts( ctx ) ) != 0 )
661 goto cleanup;
662 if( ( ret = mbedtls_md_update( ctx, ipad,
663 ctx->md_info->block_size ) ) != 0 )
664 goto cleanup;
665
666 cleanup:
667 mbedtls_platform_zeroize( sum, sizeof( sum ) );
668
669 return( ret );
670 }
671
mbedtls_md_hmac_update(mbedtls_md_context_t * ctx,const unsigned char * input,size_t ilen)672 int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
673 {
674 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
675 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
676
677 return( mbedtls_md_update( ctx, input, ilen ) );
678 }
679
mbedtls_md_hmac_finish(mbedtls_md_context_t * ctx,unsigned char * output)680 int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
681 {
682 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
683 unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
684 unsigned char *opad;
685
686 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
687 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
688
689 opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
690
691 if( ( ret = mbedtls_md_finish( ctx, tmp ) ) != 0 )
692 return( ret );
693 if( ( ret = mbedtls_md_starts( ctx ) ) != 0 )
694 return( ret );
695 if( ( ret = mbedtls_md_update( ctx, opad,
696 ctx->md_info->block_size ) ) != 0 )
697 return( ret );
698 if( ( ret = mbedtls_md_update( ctx, tmp,
699 ctx->md_info->size ) ) != 0 )
700 return( ret );
701 return( mbedtls_md_finish( ctx, output ) );
702 }
703
mbedtls_md_hmac_reset(mbedtls_md_context_t * ctx)704 int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
705 {
706 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
707 unsigned char *ipad;
708
709 if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
710 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
711
712 ipad = (unsigned char *) ctx->hmac_ctx;
713
714 if( ( ret = mbedtls_md_starts( ctx ) ) != 0 )
715 return( ret );
716 return( mbedtls_md_update( ctx, ipad, ctx->md_info->block_size ) );
717 }
718
mbedtls_md_hmac(const mbedtls_md_info_t * md_info,const unsigned char * key,size_t keylen,const unsigned char * input,size_t ilen,unsigned char * output)719 int mbedtls_md_hmac( const mbedtls_md_info_t *md_info,
720 const unsigned char *key, size_t keylen,
721 const unsigned char *input, size_t ilen,
722 unsigned char *output )
723 {
724 mbedtls_md_context_t ctx;
725 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
726
727 if( md_info == NULL )
728 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
729
730 mbedtls_md_init( &ctx );
731
732 if( ( ret = mbedtls_md_setup( &ctx, md_info, 1 ) ) != 0 )
733 goto cleanup;
734
735 if( ( ret = mbedtls_md_hmac_starts( &ctx, key, keylen ) ) != 0 )
736 goto cleanup;
737 if( ( ret = mbedtls_md_hmac_update( &ctx, input, ilen ) ) != 0 )
738 goto cleanup;
739 if( ( ret = mbedtls_md_hmac_finish( &ctx, output ) ) != 0 )
740 goto cleanup;
741
742 cleanup:
743 mbedtls_md_free( &ctx );
744
745 return( ret );
746 }
747
mbedtls_md_process(mbedtls_md_context_t * ctx,const unsigned char * data)748 int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
749 {
750 if( ctx == NULL || ctx->md_info == NULL )
751 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
752
753 switch( ctx->md_info->type )
754 {
755 #if defined(MBEDTLS_MD5_C)
756 case MBEDTLS_MD_MD5:
757 return( mbedtls_internal_md5_process( ctx->md_ctx, data ) );
758 #endif
759 #if defined(MBEDTLS_RIPEMD160_C)
760 case MBEDTLS_MD_RIPEMD160:
761 return( mbedtls_internal_ripemd160_process( ctx->md_ctx, data ) );
762 #endif
763 #if defined(MBEDTLS_SHA1_C)
764 case MBEDTLS_MD_SHA1:
765 return( mbedtls_internal_sha1_process( ctx->md_ctx, data ) );
766 #endif
767 #if defined(MBEDTLS_SHA224_C)
768 case MBEDTLS_MD_SHA224:
769 return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) );
770 #endif
771 #if defined(MBEDTLS_SHA256_C)
772 case MBEDTLS_MD_SHA256:
773 return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) );
774 #endif
775 #if defined(MBEDTLS_SHA384_C)
776 case MBEDTLS_MD_SHA384:
777 return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) );
778 #endif
779 #if defined(MBEDTLS_SHA512_C)
780 case MBEDTLS_MD_SHA512:
781 return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) );
782 #endif
783 default:
784 return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
785 }
786 }
787
mbedtls_md_get_size(const mbedtls_md_info_t * md_info)788 unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info )
789 {
790 if( md_info == NULL )
791 return( 0 );
792
793 return md_info->size;
794 }
795
mbedtls_md_get_type(const mbedtls_md_info_t * md_info)796 mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info )
797 {
798 if( md_info == NULL )
799 return( MBEDTLS_MD_NONE );
800
801 return md_info->type;
802 }
803
mbedtls_md_get_name(const mbedtls_md_info_t * md_info)804 const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info )
805 {
806 if( md_info == NULL )
807 return( NULL );
808
809 return md_info->name;
810 }
811
812 #endif /* MBEDTLS_MD_C */
813