TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 6fb5120fde4ab889bea402f5ab230c720b0a3b9a / . / library / ripemd160.c
blob: b4fc3cdba1fc3f4af072584d8229a565487b5413 [file] [log] [blame]
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]1/*
2 * RIPE MD-160 implementation
3 *
Bence Szépkúti1e148272020-08-07 13:07:28 +0200[diff] [blame]4 * Copyright The Mbed TLS Contributors
Dave Rodgman16799db2023-11-02 19:47:20 +0000[diff] [blame]5 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]6 */
7
8/*
9 * The RIPEMD-160 algorithm was designed by RIPE in 1996
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]10 * http://homes.esat.kuleuven.be/~bosselae/mbedtls_ripemd160.html
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]11 * http://ehash.iaik.tugraz.at/wiki/RIPEMD-160
12 */
13
Gilles Peskinedb09ef62020-06-03 01:43:33 +0200[diff] [blame]14#include "common.h"
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]15
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16#if defined(MBEDTLS_RIPEMD160_C)
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]17
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]18#include "mbedtls/ripemd160.h"
Andres Amaya Garcia1f6301b2018-04-17 09:51:09 -0500[diff] [blame]19#include "mbedtls/platform_util.h"
Janos Follath24eed8d2019-11-22 13:21:35 +0000[diff] [blame]20#include "mbedtls/error.h"
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]21
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]22#include <string.h>
23
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]24#include "mbedtls/platform.h"
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]25
Gilles Peskine342d9282018-01-23 18:21:21 +0100[diff] [blame]26#if !defined(MBEDTLS_RIPEMD160_ALT)
27
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]28void mbedtls_ripemd160_init(mbedtls_ripemd160_context *ctx)
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]29{
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]30 memset(ctx, 0, sizeof(mbedtls_ripemd160_context));
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]31}
32
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]33void mbedtls_ripemd160_free(mbedtls_ripemd160_context *ctx)
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]34{
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]35 if (ctx == NULL) {
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]36 return;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]37 }
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]38
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]39 mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ripemd160_context));
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]40}
41
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]42void mbedtls_ripemd160_clone(mbedtls_ripemd160_context *dst,
43 const mbedtls_ripemd160_context *src)
Manuel Pégourié-Gonnard16d412f2015-07-06 15:26:26 +0200[diff] [blame]44{
45 *dst = *src;
46}
47
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]48/*
Paul Bakker61b699e2014-01-22 13:35:29 +0100[diff] [blame]49 * RIPEMD-160 context setup
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]50 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]51int mbedtls_ripemd160_starts(mbedtls_ripemd160_context *ctx)
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]52{
53 ctx->total[0] = 0;
54 ctx->total[1] = 0;
55
56 ctx->state[0] = 0x67452301;
57 ctx->state[1] = 0xEFCDAB89;
58 ctx->state[2] = 0x98BADCFE;
59 ctx->state[3] = 0x10325476;
60 ctx->state[4] = 0xC3D2E1F0;
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]61
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]62 return 0;
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]63}
64
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]65#if !defined(MBEDTLS_RIPEMD160_PROCESS_ALT)
Manuel Pégourié-Gonnarde4d47a62014-01-17 20:41:32 +0100[diff] [blame]66/*
67 * Process one block
68 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]69int mbedtls_internal_ripemd160_process(mbedtls_ripemd160_context *ctx,
70 const unsigned char data[64])
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]71{
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]72 struct {
gabor-mezei-arm4cb56f82020-08-25 19:12:01 +0200[diff] [blame]73 uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16];
74 } local;
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]75
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]76 local.X[0] = MBEDTLS_GET_UINT32_LE(data, 0);
77 local.X[1] = MBEDTLS_GET_UINT32_LE(data, 4);
78 local.X[2] = MBEDTLS_GET_UINT32_LE(data, 8);
79 local.X[3] = MBEDTLS_GET_UINT32_LE(data, 12);
80 local.X[4] = MBEDTLS_GET_UINT32_LE(data, 16);
81 local.X[5] = MBEDTLS_GET_UINT32_LE(data, 20);
82 local.X[6] = MBEDTLS_GET_UINT32_LE(data, 24);
83 local.X[7] = MBEDTLS_GET_UINT32_LE(data, 28);
84 local.X[8] = MBEDTLS_GET_UINT32_LE(data, 32);
85 local.X[9] = MBEDTLS_GET_UINT32_LE(data, 36);
86 local.X[10] = MBEDTLS_GET_UINT32_LE(data, 40);
87 local.X[11] = MBEDTLS_GET_UINT32_LE(data, 44);
88 local.X[12] = MBEDTLS_GET_UINT32_LE(data, 48);
89 local.X[13] = MBEDTLS_GET_UINT32_LE(data, 52);
90 local.X[14] = MBEDTLS_GET_UINT32_LE(data, 56);
91 local.X[15] = MBEDTLS_GET_UINT32_LE(data, 60);
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]92
gabor-mezei-arm4cb56f82020-08-25 19:12:01 +0200[diff] [blame]93 local.A = local.Ap = ctx->state[0];
94 local.B = local.Bp = ctx->state[1];
95 local.C = local.Cp = ctx->state[2];
96 local.D = local.Dp = ctx->state[3];
97 local.E = local.Ep = ctx->state[4];
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]98
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]99#define F1(x, y, z) ((x) ^ (y) ^ (z))
100#define F2(x, y, z) (((x) & (y)) | (~(x) & (z)))
101#define F3(x, y, z) (((x) | ~(y)) ^ (z))
102#define F4(x, y, z) (((x) & (z)) | ((y) & ~(z)))
103#define F5(x, y, z) ((x) ^ ((y) | ~(z)))
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]104
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]105#define S(x, n) (((x) << (n)) | ((x) >> (32 - (n))))
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]106
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]107#define P(a, b, c, d, e, r, s, f, k) \
gabor-mezei-arm4cb56f82020-08-25 19:12:01 +0200[diff] [blame]108 do \
109 { \
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]110 (a) += f((b), (c), (d)) + local.X[r] + (k); \
111 (a) = S((a), (s)) + (e); \
112 (c) = S((c), 10); \
113 } while (0)
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]114
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]115#define P2(a, b, c, d, e, r, s, rp, sp) \
Hanno Becker1eeca412018-10-15 12:01:35 +0100[diff] [blame]116 do \
117 { \
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]118 P((a), (b), (c), (d), (e), (r), (s), F, K); \
119 P(a ## p, b ## p, c ## p, d ## p, e ## p, \
120 (rp), (sp), Fp, Kp); \
121 } while (0)
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]122
123#define F F1
124#define K 0x00000000
125#define Fp F5
126#define Kp 0x50A28BE6
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]127 P2(local.A, local.B, local.C, local.D, local.E, 0, 11, 5, 8);
128 P2(local.E, local.A, local.B, local.C, local.D, 1, 14, 14, 9);
129 P2(local.D, local.E, local.A, local.B, local.C, 2, 15, 7, 9);
130 P2(local.C, local.D, local.E, local.A, local.B, 3, 12, 0, 11);
131 P2(local.B, local.C, local.D, local.E, local.A, 4, 5, 9, 13);
132 P2(local.A, local.B, local.C, local.D, local.E, 5, 8, 2, 15);
133 P2(local.E, local.A, local.B, local.C, local.D, 6, 7, 11, 15);
134 P2(local.D, local.E, local.A, local.B, local.C, 7, 9, 4, 5);
135 P2(local.C, local.D, local.E, local.A, local.B, 8, 11, 13, 7);
136 P2(local.B, local.C, local.D, local.E, local.A, 9, 13, 6, 7);
137 P2(local.A, local.B, local.C, local.D, local.E, 10, 14, 15, 8);
138 P2(local.E, local.A, local.B, local.C, local.D, 11, 15, 8, 11);
139 P2(local.D, local.E, local.A, local.B, local.C, 12, 6, 1, 14);
140 P2(local.C, local.D, local.E, local.A, local.B, 13, 7, 10, 14);
141 P2(local.B, local.C, local.D, local.E, local.A, 14, 9, 3, 12);
142 P2(local.A, local.B, local.C, local.D, local.E, 15, 8, 12, 6);
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]143#undef F
144#undef K
145#undef Fp
146#undef Kp
147
148#define F F2
149#define K 0x5A827999
150#define Fp F4
151#define Kp 0x5C4DD124
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]152 P2(local.E, local.A, local.B, local.C, local.D, 7, 7, 6, 9);
153 P2(local.D, local.E, local.A, local.B, local.C, 4, 6, 11, 13);
154 P2(local.C, local.D, local.E, local.A, local.B, 13, 8, 3, 15);
155 P2(local.B, local.C, local.D, local.E, local.A, 1, 13, 7, 7);
156 P2(local.A, local.B, local.C, local.D, local.E, 10, 11, 0, 12);
157 P2(local.E, local.A, local.B, local.C, local.D, 6, 9, 13, 8);
158 P2(local.D, local.E, local.A, local.B, local.C, 15, 7, 5, 9);
159 P2(local.C, local.D, local.E, local.A, local.B, 3, 15, 10, 11);
160 P2(local.B, local.C, local.D, local.E, local.A, 12, 7, 14, 7);
161 P2(local.A, local.B, local.C, local.D, local.E, 0, 12, 15, 7);
162 P2(local.E, local.A, local.B, local.C, local.D, 9, 15, 8, 12);
163 P2(local.D, local.E, local.A, local.B, local.C, 5, 9, 12, 7);
164 P2(local.C, local.D, local.E, local.A, local.B, 2, 11, 4, 6);
165 P2(local.B, local.C, local.D, local.E, local.A, 14, 7, 9, 15);
166 P2(local.A, local.B, local.C, local.D, local.E, 11, 13, 1, 13);
167 P2(local.E, local.A, local.B, local.C, local.D, 8, 12, 2, 11);
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]168#undef F
169#undef K
170#undef Fp
171#undef Kp
172
173#define F F3
174#define K 0x6ED9EBA1
175#define Fp F3
176#define Kp 0x6D703EF3
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]177 P2(local.D, local.E, local.A, local.B, local.C, 3, 11, 15, 9);
178 P2(local.C, local.D, local.E, local.A, local.B, 10, 13, 5, 7);
179 P2(local.B, local.C, local.D, local.E, local.A, 14, 6, 1, 15);
180 P2(local.A, local.B, local.C, local.D, local.E, 4, 7, 3, 11);
181 P2(local.E, local.A, local.B, local.C, local.D, 9, 14, 7, 8);
182 P2(local.D, local.E, local.A, local.B, local.C, 15, 9, 14, 6);
183 P2(local.C, local.D, local.E, local.A, local.B, 8, 13, 6, 6);
184 P2(local.B, local.C, local.D, local.E, local.A, 1, 15, 9, 14);
185 P2(local.A, local.B, local.C, local.D, local.E, 2, 14, 11, 12);
186 P2(local.E, local.A, local.B, local.C, local.D, 7, 8, 8, 13);
187 P2(local.D, local.E, local.A, local.B, local.C, 0, 13, 12, 5);
188 P2(local.C, local.D, local.E, local.A, local.B, 6, 6, 2, 14);
189 P2(local.B, local.C, local.D, local.E, local.A, 13, 5, 10, 13);
190 P2(local.A, local.B, local.C, local.D, local.E, 11, 12, 0, 13);
191 P2(local.E, local.A, local.B, local.C, local.D, 5, 7, 4, 7);
192 P2(local.D, local.E, local.A, local.B, local.C, 12, 5, 13, 5);
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]193#undef F
194#undef K
195#undef Fp
196#undef Kp
197
198#define F F4
199#define K 0x8F1BBCDC
200#define Fp F2
201#define Kp 0x7A6D76E9
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]202 P2(local.C, local.D, local.E, local.A, local.B, 1, 11, 8, 15);
203 P2(local.B, local.C, local.D, local.E, local.A, 9, 12, 6, 5);
204 P2(local.A, local.B, local.C, local.D, local.E, 11, 14, 4, 8);
205 P2(local.E, local.A, local.B, local.C, local.D, 10, 15, 1, 11);
206 P2(local.D, local.E, local.A, local.B, local.C, 0, 14, 3, 14);
207 P2(local.C, local.D, local.E, local.A, local.B, 8, 15, 11, 14);
208 P2(local.B, local.C, local.D, local.E, local.A, 12, 9, 15, 6);
209 P2(local.A, local.B, local.C, local.D, local.E, 4, 8, 0, 14);
210 P2(local.E, local.A, local.B, local.C, local.D, 13, 9, 5, 6);
211 P2(local.D, local.E, local.A, local.B, local.C, 3, 14, 12, 9);
212 P2(local.C, local.D, local.E, local.A, local.B, 7, 5, 2, 12);
213 P2(local.B, local.C, local.D, local.E, local.A, 15, 6, 13, 9);
214 P2(local.A, local.B, local.C, local.D, local.E, 14, 8, 9, 12);
215 P2(local.E, local.A, local.B, local.C, local.D, 5, 6, 7, 5);
216 P2(local.D, local.E, local.A, local.B, local.C, 6, 5, 10, 15);
217 P2(local.C, local.D, local.E, local.A, local.B, 2, 12, 14, 8);
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]218#undef F
219#undef K
220#undef Fp
221#undef Kp
222
223#define F F5
224#define K 0xA953FD4E
225#define Fp F1
226#define Kp 0x00000000
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]227 P2(local.B, local.C, local.D, local.E, local.A, 4, 9, 12, 8);
228 P2(local.A, local.B, local.C, local.D, local.E, 0, 15, 15, 5);
229 P2(local.E, local.A, local.B, local.C, local.D, 5, 5, 10, 12);
230 P2(local.D, local.E, local.A, local.B, local.C, 9, 11, 4, 9);
231 P2(local.C, local.D, local.E, local.A, local.B, 7, 6, 1, 12);
232 P2(local.B, local.C, local.D, local.E, local.A, 12, 8, 5, 5);
233 P2(local.A, local.B, local.C, local.D, local.E, 2, 13, 8, 14);
234 P2(local.E, local.A, local.B, local.C, local.D, 10, 12, 7, 6);
235 P2(local.D, local.E, local.A, local.B, local.C, 14, 5, 6, 8);
236 P2(local.C, local.D, local.E, local.A, local.B, 1, 12, 2, 13);
237 P2(local.B, local.C, local.D, local.E, local.A, 3, 13, 13, 6);
238 P2(local.A, local.B, local.C, local.D, local.E, 8, 14, 14, 5);
239 P2(local.E, local.A, local.B, local.C, local.D, 11, 11, 0, 15);
240 P2(local.D, local.E, local.A, local.B, local.C, 6, 8, 3, 13);
241 P2(local.C, local.D, local.E, local.A, local.B, 15, 5, 9, 11);
242 P2(local.B, local.C, local.D, local.E, local.A, 13, 6, 11, 11);
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]243#undef F
244#undef K
245#undef Fp
246#undef Kp
247
gabor-mezei-arm4cb56f82020-08-25 19:12:01 +0200[diff] [blame]248 local.C = ctx->state[1] + local.C + local.Dp;
249 ctx->state[1] = ctx->state[2] + local.D + local.Ep;
250 ctx->state[2] = ctx->state[3] + local.E + local.Ap;
251 ctx->state[3] = ctx->state[4] + local.A + local.Bp;
252 ctx->state[4] = ctx->state[0] + local.B + local.Cp;
253 ctx->state[0] = local.C;
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]254
gabor-mezei-armd1c98fc2020-08-19 14:03:06 +0200[diff] [blame]255 /* Zeroise variables to clear sensitive data from memory. */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]256 mbedtls_platform_zeroize(&local, sizeof(local));
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]257
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]258 return 0;
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]259}
Jaeden Amero041039f2018-02-19 15:28:08 +0000[diff] [blame]260
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]261#endif /* !MBEDTLS_RIPEMD160_PROCESS_ALT */
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]262
263/*
Paul Bakker61b699e2014-01-22 13:35:29 +0100[diff] [blame]264 * RIPEMD-160 process buffer
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]265 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]266int mbedtls_ripemd160_update(mbedtls_ripemd160_context *ctx,
267 const unsigned char *input,
268 size_t ilen)
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]269{
Janos Follath24eed8d2019-11-22 13:21:35 +0000[diff] [blame]270 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]271 size_t fill;
272 uint32_t left;
273
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]274 if (ilen == 0) {
275 return 0;
276 }
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]277
278 left = ctx->total[0] & 0x3F;
279 fill = 64 - left;
280
281 ctx->total[0] += (uint32_t) ilen;
282 ctx->total[0] &= 0xFFFFFFFF;
283
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]284 if (ctx->total[0] < (uint32_t) ilen) {
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]285 ctx->total[1]++;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]286 }
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]287
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]288 if (left && ilen >= fill) {
289 memcpy((void *) (ctx->buffer + left), input, fill);
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]290
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]291 if ((ret = mbedtls_internal_ripemd160_process(ctx, ctx->buffer)) != 0) {
292 return ret;
293 }
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]294
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]295 input += fill;
296 ilen -= fill;
297 left = 0;
298 }
299
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]300 while (ilen >= 64) {
301 if ((ret = mbedtls_internal_ripemd160_process(ctx, input)) != 0) {
302 return ret;
303 }
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]304
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]305 input += 64;
306 ilen -= 64;
307 }
308
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]309 if (ilen > 0) {
310 memcpy((void *) (ctx->buffer + left), input, ilen);
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]311 }
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]312
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]313 return 0;
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]314}
315
Paul Bakker61b699e2014-01-22 13:35:29 +0100[diff] [blame]316static const unsigned char ripemd160_padding[64] =
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]317{
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]318 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]319 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
320 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
321 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
322};
323
324/*
Paul Bakker61b699e2014-01-22 13:35:29 +0100[diff] [blame]325 * RIPEMD-160 final digest
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]326 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]327int mbedtls_ripemd160_finish(mbedtls_ripemd160_context *ctx,
328 unsigned char output[20])
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]329{
Janos Follath24eed8d2019-11-22 13:21:35 +0000[diff] [blame]330 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]331 uint32_t last, padn;
332 uint32_t high, low;
333 unsigned char msglen[8];
334
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]335 high = (ctx->total[0] >> 29)
336 | (ctx->total[1] << 3);
337 low = (ctx->total[0] << 3);
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]338
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]339 MBEDTLS_PUT_UINT32_LE(low, msglen, 0);
340 MBEDTLS_PUT_UINT32_LE(high, msglen, 4);
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]341
342 last = ctx->total[0] & 0x3F;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]343 padn = (last < 56) ? (56 - last) : (120 - last);
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]344
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]345 ret = mbedtls_ripemd160_update(ctx, ripemd160_padding, padn);
346 if (ret != 0) {
Dave Rodgmanaafd1e02023-09-11 12:59:36 +0100[diff] [blame]347 goto exit;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]348 }
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]349
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]350 ret = mbedtls_ripemd160_update(ctx, msglen, 8);
351 if (ret != 0) {
Dave Rodgmanaafd1e02023-09-11 12:59:36 +0100[diff] [blame]352 goto exit;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]353 }
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]354
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]355 MBEDTLS_PUT_UINT32_LE(ctx->state[0], output, 0);
356 MBEDTLS_PUT_UINT32_LE(ctx->state[1], output, 4);
357 MBEDTLS_PUT_UINT32_LE(ctx->state[2], output, 8);
358 MBEDTLS_PUT_UINT32_LE(ctx->state[3], output, 12);
359 MBEDTLS_PUT_UINT32_LE(ctx->state[4], output, 16);
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]360
Dave Rodgmanaafd1e02023-09-11 12:59:36 +0100[diff] [blame]361 ret = 0;
362
363exit:
364 mbedtls_ripemd160_free(ctx);
365 return ret;
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]366}
367
Gilles Peskine342d9282018-01-23 18:21:21 +0100[diff] [blame]368#endif /* ! MBEDTLS_RIPEMD160_ALT */
369
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]370/*
Paul Bakker61b699e2014-01-22 13:35:29 +0100[diff] [blame]371 * output = RIPEMD-160( input buffer )
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]372 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]373int mbedtls_ripemd160(const unsigned char *input,
374 size_t ilen,
375 unsigned char output[20])
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]376{
Janos Follath24eed8d2019-11-22 13:21:35 +0000[diff] [blame]377 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]378 mbedtls_ripemd160_context ctx;
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]379
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]380 mbedtls_ripemd160_init(&ctx);
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]381
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]382 if ((ret = mbedtls_ripemd160_starts(&ctx)) != 0) {
Andres Amaya Garcia0963e6c2017-07-20 14:34:08 +0100[diff] [blame]383 goto exit;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]384 }
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]385
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]386 if ((ret = mbedtls_ripemd160_update(&ctx, input, ilen)) != 0) {
Andres Amaya Garcia0963e6c2017-07-20 14:34:08 +0100[diff] [blame]387 goto exit;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]388 }
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]389
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]390 if ((ret = mbedtls_ripemd160_finish(&ctx, output)) != 0) {
Andres Amaya Garcia0963e6c2017-07-20 14:34:08 +0100[diff] [blame]391 goto exit;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]392 }
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]393
Andres Amaya Garcia0963e6c2017-07-20 14:34:08 +0100[diff] [blame]394exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]395 mbedtls_ripemd160_free(&ctx);
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]396
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]397 return ret;
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]398}
399
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]400#if defined(MBEDTLS_SELF_TEST)
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]401/*
Manuel Pégourié-Gonnardff40c3a2014-01-17 19:49:15 +0100[diff] [blame]402 * Test vectors from the RIPEMD-160 paper and
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]403 * http://homes.esat.kuleuven.be/~bosselae/mbedtls_ripemd160.html#HMAC
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]404 */
Manuel Pégourié-Gonnardff40c3a2014-01-17 19:49:15 +0100[diff] [blame]405#define TESTS 8
Andres Amaya Garcia2d0aa8b2017-07-21 14:57:26 +0100[diff] [blame]406static const unsigned char ripemd160_test_str[TESTS][81] =
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]407{
Andres Amaya Garcia2d0aa8b2017-07-21 14:57:26 +0100[diff] [blame]408 { "" },
409 { "a" },
410 { "abc" },
411 { "message digest" },
412 { "abcdefghijklmnopqrstuvwxyz" },
413 { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
414 { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
Guido Vranken962e4ee2020-08-21 21:08:56 +0200[diff] [blame]415 { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" },
Andres Amaya Garcia2d0aa8b2017-07-21 14:57:26 +0100[diff] [blame]416};
417
418static const size_t ripemd160_test_strlen[TESTS] =
419{
420 0, 1, 3, 14, 26, 56, 62, 80
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]421};
422
Paul Bakker61b699e2014-01-22 13:35:29 +0100[diff] [blame]423static const unsigned char ripemd160_test_md[TESTS][20] =
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]424{
425 { 0x9c, 0x11, 0x85, 0xa5, 0xc5, 0xe9, 0xfc, 0x54, 0x61, 0x28,
426 0x08, 0x97, 0x7e, 0xe8, 0xf5, 0x48, 0xb2, 0x25, 0x8d, 0x31 },
427 { 0x0b, 0xdc, 0x9d, 0x2d, 0x25, 0x6b, 0x3e, 0xe9, 0xda, 0xae,
428 0x34, 0x7b, 0xe6, 0xf4, 0xdc, 0x83, 0x5a, 0x46, 0x7f, 0xfe },
429 { 0x8e, 0xb2, 0x08, 0xf7, 0xe0, 0x5d, 0x98, 0x7a, 0x9b, 0x04,
430 0x4a, 0x8e, 0x98, 0xc6, 0xb0, 0x87, 0xf1, 0x5a, 0x0b, 0xfc },
431 { 0x5d, 0x06, 0x89, 0xef, 0x49, 0xd2, 0xfa, 0xe5, 0x72, 0xb8,
432 0x81, 0xb1, 0x23, 0xa8, 0x5f, 0xfa, 0x21, 0x59, 0x5f, 0x36 },
433 { 0xf7, 0x1c, 0x27, 0x10, 0x9c, 0x69, 0x2c, 0x1b, 0x56, 0xbb,
434 0xdc, 0xeb, 0x5b, 0x9d, 0x28, 0x65, 0xb3, 0x70, 0x8d, 0xbc },
435 { 0x12, 0xa0, 0x53, 0x38, 0x4a, 0x9c, 0x0c, 0x88, 0xe4, 0x05,
436 0xa0, 0x6c, 0x27, 0xdc, 0xf4, 0x9a, 0xda, 0x62, 0xeb, 0x2b },
437 { 0xb0, 0xe2, 0x0b, 0x6e, 0x31, 0x16, 0x64, 0x02, 0x86, 0xed,
438 0x3a, 0x87, 0xa5, 0x71, 0x30, 0x79, 0xb2, 0x1f, 0x51, 0x89 },
439 { 0x9b, 0x75, 0x2e, 0x45, 0x57, 0x3d, 0x4b, 0x39, 0xf4, 0xdb,
440 0xd3, 0x32, 0x3c, 0xab, 0x82, 0xbf, 0x63, 0x32, 0x6b, 0xfb },
441};
442
443/*
444 * Checkup routine
445 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]446int mbedtls_ripemd160_self_test(int verbose)
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]447{
Andres Amaya Garcia6a3f3052017-07-20 14:18:54 +0100[diff] [blame]448 int i, ret = 0;
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]449 unsigned char output[20];
450
Dave Rodgman6dd757a2023-02-02 12:40:50 +0000[diff] [blame]451 memset(output, 0, sizeof(output));
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]452
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]453 for (i = 0; i < TESTS; i++) {
454 if (verbose != 0) {
455 mbedtls_printf(" RIPEMD-160 test #%d: ", i + 1);
456 }
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]457
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]458 ret = mbedtls_ripemd160(ripemd160_test_str[i],
459 ripemd160_test_strlen[i], output);
460 if (ret != 0) {
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]461 goto fail;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]462 }
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]463
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]464 if (memcmp(output, ripemd160_test_md[i], 20) != 0) {
Andres Amaya Garcia6a3f3052017-07-20 14:18:54 +0100[diff] [blame]465 ret = 1;
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]466 goto fail;
Andres Amaya Garcia6a3f3052017-07-20 14:18:54 +0100[diff] [blame]467 }
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]468
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]469 if (verbose != 0) {
470 mbedtls_printf("passed\n");
471 }
Manuel Pégourié-Gonnardff40c3a2014-01-17 19:49:15 +0100[diff] [blame]472 }
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]473
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]474 if (verbose != 0) {
475 mbedtls_printf("\n");
476 }
Paul Bakker4400ecc2016-07-19 14:41:43 +0100[diff] [blame]477
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]478 return 0;
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]479
480fail:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]481 if (verbose != 0) {
482 mbedtls_printf("failed\n");
483 }
Andres Amaya Garciab1a8bf92017-05-02 10:59:46 +0100[diff] [blame]484
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]485 return ret;
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]486}
487
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]488#endif /* MBEDTLS_SELF_TEST */
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +0100[diff] [blame]489
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]490#endif /* MBEDTLS_RIPEMD160_C */