TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / refs/heads/jenkinsfile / . / library / sha1.c
blob: 1f29a0fbf8854ea5592be03da5d9bfbb50b937f7 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1/*
2 * FIPS-180-1 compliant SHA-1 implementation
3 *
Manuel Pégourié-Gonnard6fb81872015-07-27 11:11:48 +0200[diff] [blame]4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
Manuel Pégourié-Gonnard37ff1402015-09-04 14:21:07 +0200[diff] [blame]5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]18 *
Manuel Pégourié-Gonnardfe446432015-03-06 13:17:10 +0000[diff] [blame]19 * This file is part of mbed TLS (https://tls.mbed.org)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]20 */
21/*
22 * The SHA-1 standard was published by NIST in 1993.
23 *
24 * http://www.itl.nist.gov/fipspubs/fip180-1.htm
25 */
26
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]27#if !defined(MBEDTLS_CONFIG_FILE)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]28#include "mbedtls/config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]29#else
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]30#include MBEDTLS_CONFIG_FILE
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]31#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]32
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]33#if defined(MBEDTLS_SHA1_C)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]34
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]35#include "mbedtls/sha1.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]36
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]37#include <string.h>
38
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]39#if defined(MBEDTLS_SELF_TEST)
40#if defined(MBEDTLS_PLATFORM_C)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]41#include "mbedtls/platform.h"
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]42#else
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]43#include <stdio.h>
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]44#define mbedtls_printf printf
45#endif /* MBEDTLS_PLATFORM_C */
46#endif /* MBEDTLS_SELF_TEST */
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]47
Manuel Pégourié-Gonnard8b2641d2015-08-27 20:03:46 +0200[diff] [blame]48#if !defined(MBEDTLS_SHA1_ALT)
49
Paul Bakker34617722014-06-13 17:20:13 +0200[diff] [blame]50/* Implementation that should never be optimized out by the compiler */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]51static void mbedtls_zeroize( void *v, size_t n ) {
Simon Butcher88ffc082016-05-20 00:00:37 +0100[diff] [blame]52 volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
Paul Bakker34617722014-06-13 17:20:13 +0200[diff] [blame]53}
54
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]55/*
56 * 32-bit integer manipulation macros (big endian)
57 */
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]58#ifndef GET_UINT32_BE
59#define GET_UINT32_BE(n,b,i) \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]60{ \
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]61 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
62 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
63 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
64 | ( (uint32_t) (b)[(i) + 3] ); \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]65}
66#endif
67
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]68#ifndef PUT_UINT32_BE
69#define PUT_UINT32_BE(n,b,i) \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]70{ \
71 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
72 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
73 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
74 (b)[(i) + 3] = (unsigned char) ( (n) ); \
75}
76#endif
77
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]78void mbedtls_sha1_init( mbedtls_sha1_context *ctx )
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]79{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]80 memset( ctx, 0, sizeof( mbedtls_sha1_context ) );
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]81}
82
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]83void mbedtls_sha1_free( mbedtls_sha1_context *ctx )
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]84{
85 if( ctx == NULL )
86 return;
87
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]88 mbedtls_zeroize( ctx, sizeof( mbedtls_sha1_context ) );
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]89}
90
Manuel Pégourié-Gonnard16d412f2015-07-06 15:26:26 +0200[diff] [blame]91void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
92 const mbedtls_sha1_context *src )
93{
94 *dst = *src;
95}
96
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]97/*
98 * SHA-1 context setup
99 */
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]100int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]101{
102 ctx->total[0] = 0;
103 ctx->total[1] = 0;
104
105 ctx->state[0] = 0x67452301;
106 ctx->state[1] = 0xEFCDAB89;
107 ctx->state[2] = 0x98BADCFE;
108 ctx->state[3] = 0x10325476;
109 ctx->state[4] = 0xC3D2E1F0;
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]110
111 return( 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]112}
113
Jaeden Amero041039f2018-02-19 15:28:08 +0000[diff] [blame]114#if !defined(MBEDTLS_DEPRECATED_REMOVED)
115void mbedtls_sha1_starts( mbedtls_sha1_context *ctx )
116{
117 mbedtls_sha1_starts_ret( ctx );
118}
119#endif
120
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]121#if !defined(MBEDTLS_SHA1_PROCESS_ALT)
Andres Amaya Garciacccfe082017-06-28 10:36:39 +0100[diff] [blame]122int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
123 const unsigned char data[64] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]124{
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]125 uint32_t temp, W[16], A, B, C, D, E;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]126
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]127 GET_UINT32_BE( W[ 0], data, 0 );
128 GET_UINT32_BE( W[ 1], data, 4 );
129 GET_UINT32_BE( W[ 2], data, 8 );
130 GET_UINT32_BE( W[ 3], data, 12 );
131 GET_UINT32_BE( W[ 4], data, 16 );
132 GET_UINT32_BE( W[ 5], data, 20 );
133 GET_UINT32_BE( W[ 6], data, 24 );
134 GET_UINT32_BE( W[ 7], data, 28 );
135 GET_UINT32_BE( W[ 8], data, 32 );
136 GET_UINT32_BE( W[ 9], data, 36 );
137 GET_UINT32_BE( W[10], data, 40 );
138 GET_UINT32_BE( W[11], data, 44 );
139 GET_UINT32_BE( W[12], data, 48 );
140 GET_UINT32_BE( W[13], data, 52 );
141 GET_UINT32_BE( W[14], data, 56 );
142 GET_UINT32_BE( W[15], data, 60 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]143
144#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
145
146#define R(t) \
147( \
Paul Bakker66d5d072014-06-17 16:39:18 +0200[diff] [blame]148 temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \
149 W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]150 ( W[t & 0x0F] = S(temp,1) ) \
151)
152
153#define P(a,b,c,d,e,x) \
154{ \
155 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
156}
157
158 A = ctx->state[0];
159 B = ctx->state[1];
160 C = ctx->state[2];
161 D = ctx->state[3];
162 E = ctx->state[4];
163
164#define F(x,y,z) (z ^ (x & (y ^ z)))
165#define K 0x5A827999
166
167 P( A, B, C, D, E, W[0] );
168 P( E, A, B, C, D, W[1] );
169 P( D, E, A, B, C, W[2] );
170 P( C, D, E, A, B, W[3] );
171 P( B, C, D, E, A, W[4] );
172 P( A, B, C, D, E, W[5] );
173 P( E, A, B, C, D, W[6] );
174 P( D, E, A, B, C, W[7] );
175 P( C, D, E, A, B, W[8] );
176 P( B, C, D, E, A, W[9] );
177 P( A, B, C, D, E, W[10] );
178 P( E, A, B, C, D, W[11] );
179 P( D, E, A, B, C, W[12] );
180 P( C, D, E, A, B, W[13] );
181 P( B, C, D, E, A, W[14] );
182 P( A, B, C, D, E, W[15] );
183 P( E, A, B, C, D, R(16) );
184 P( D, E, A, B, C, R(17) );
185 P( C, D, E, A, B, R(18) );
186 P( B, C, D, E, A, R(19) );
187
188#undef K
189#undef F
190
191#define F(x,y,z) (x ^ y ^ z)
192#define K 0x6ED9EBA1
193
194 P( A, B, C, D, E, R(20) );
195 P( E, A, B, C, D, R(21) );
196 P( D, E, A, B, C, R(22) );
197 P( C, D, E, A, B, R(23) );
198 P( B, C, D, E, A, R(24) );
199 P( A, B, C, D, E, R(25) );
200 P( E, A, B, C, D, R(26) );
201 P( D, E, A, B, C, R(27) );
202 P( C, D, E, A, B, R(28) );
203 P( B, C, D, E, A, R(29) );
204 P( A, B, C, D, E, R(30) );
205 P( E, A, B, C, D, R(31) );
206 P( D, E, A, B, C, R(32) );
207 P( C, D, E, A, B, R(33) );
208 P( B, C, D, E, A, R(34) );
209 P( A, B, C, D, E, R(35) );
210 P( E, A, B, C, D, R(36) );
211 P( D, E, A, B, C, R(37) );
212 P( C, D, E, A, B, R(38) );
213 P( B, C, D, E, A, R(39) );
214
215#undef K
216#undef F
217
218#define F(x,y,z) ((x & y) | (z & (x | y)))
219#define K 0x8F1BBCDC
220
221 P( A, B, C, D, E, R(40) );
222 P( E, A, B, C, D, R(41) );
223 P( D, E, A, B, C, R(42) );
224 P( C, D, E, A, B, R(43) );
225 P( B, C, D, E, A, R(44) );
226 P( A, B, C, D, E, R(45) );
227 P( E, A, B, C, D, R(46) );
228 P( D, E, A, B, C, R(47) );
229 P( C, D, E, A, B, R(48) );
230 P( B, C, D, E, A, R(49) );
231 P( A, B, C, D, E, R(50) );
232 P( E, A, B, C, D, R(51) );
233 P( D, E, A, B, C, R(52) );
234 P( C, D, E, A, B, R(53) );
235 P( B, C, D, E, A, R(54) );
236 P( A, B, C, D, E, R(55) );
237 P( E, A, B, C, D, R(56) );
238 P( D, E, A, B, C, R(57) );
239 P( C, D, E, A, B, R(58) );
240 P( B, C, D, E, A, R(59) );
241
242#undef K
243#undef F
244
245#define F(x,y,z) (x ^ y ^ z)
246#define K 0xCA62C1D6
247
248 P( A, B, C, D, E, R(60) );
249 P( E, A, B, C, D, R(61) );
250 P( D, E, A, B, C, R(62) );
251 P( C, D, E, A, B, R(63) );
252 P( B, C, D, E, A, R(64) );
253 P( A, B, C, D, E, R(65) );
254 P( E, A, B, C, D, R(66) );
255 P( D, E, A, B, C, R(67) );
256 P( C, D, E, A, B, R(68) );
257 P( B, C, D, E, A, R(69) );
258 P( A, B, C, D, E, R(70) );
259 P( E, A, B, C, D, R(71) );
260 P( D, E, A, B, C, R(72) );
261 P( C, D, E, A, B, R(73) );
262 P( B, C, D, E, A, R(74) );
263 P( A, B, C, D, E, R(75) );
264 P( E, A, B, C, D, R(76) );
265 P( D, E, A, B, C, R(77) );
266 P( C, D, E, A, B, R(78) );
267 P( B, C, D, E, A, R(79) );
268
269#undef K
270#undef F
271
272 ctx->state[0] += A;
273 ctx->state[1] += B;
274 ctx->state[2] += C;
275 ctx->state[3] += D;
276 ctx->state[4] += E;
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]277
278 return( 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]279}
Jaeden Amero041039f2018-02-19 15:28:08 +0000[diff] [blame]280
281#if !defined(MBEDTLS_DEPRECATED_REMOVED)
282void mbedtls_sha1_process( mbedtls_sha1_context *ctx,
283 const unsigned char data[64] )
284{
285 mbedtls_internal_sha1_process( ctx, data );
286}
287#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]288#endif /* !MBEDTLS_SHA1_PROCESS_ALT */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]289
290/*
291 * SHA-1 process buffer
292 */
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]293int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]294 const unsigned char *input,
295 size_t ilen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]296{
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]297 int ret;
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]298 size_t fill;
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]299 uint32_t left;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]300
Brian White12895d12014-04-11 11:29:42 -0400[diff] [blame]301 if( ilen == 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]302 return( 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]303
304 left = ctx->total[0] & 0x3F;
305 fill = 64 - left;
306
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]307 ctx->total[0] += (uint32_t) ilen;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]308 ctx->total[0] &= 0xFFFFFFFF;
309
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]310 if( ctx->total[0] < (uint32_t) ilen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]311 ctx->total[1]++;
312
313 if( left && ilen >= fill )
314 {
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]315 memcpy( (void *) (ctx->buffer + left), input, fill );
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]316
Andres Amaya Garciacccfe082017-06-28 10:36:39 +0100[diff] [blame]317 if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]318 return( ret );
319
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]320 input += fill;
321 ilen -= fill;
322 left = 0;
323 }
324
325 while( ilen >= 64 )
326 {
Andres Amaya Garciacccfe082017-06-28 10:36:39 +0100[diff] [blame]327 if( ( ret = mbedtls_internal_sha1_process( ctx, input ) ) != 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]328 return( ret );
329
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]330 input += 64;
331 ilen -= 64;
332 }
333
334 if( ilen > 0 )
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]335 memcpy( (void *) (ctx->buffer + left), input, ilen );
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]336
337 return( 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]338}
339
Jaeden Amero041039f2018-02-19 15:28:08 +0000[diff] [blame]340#if !defined(MBEDTLS_DEPRECATED_REMOVED)
341void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
342 const unsigned char *input,
343 size_t ilen )
344{
345 mbedtls_sha1_update_ret( ctx, input, ilen );
346}
347#endif
348
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]349static const unsigned char sha1_padding[64] =
350{
351 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
352 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
353 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
354 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
355};
356
357/*
358 * SHA-1 final digest
359 */
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]360int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]361 unsigned char output[20] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]362{
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]363 int ret;
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]364 uint32_t last, padn;
365 uint32_t high, low;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]366 unsigned char msglen[8];
367
368 high = ( ctx->total[0] >> 29 )
369 | ( ctx->total[1] << 3 );
370 low = ( ctx->total[0] << 3 );
371
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]372 PUT_UINT32_BE( high, msglen, 0 );
373 PUT_UINT32_BE( low, msglen, 4 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]374
375 last = ctx->total[0] & 0x3F;
376 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
377
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]378 if( ( ret = mbedtls_sha1_update_ret( ctx, sha1_padding, padn ) ) != 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]379 return( ret );
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]380 if( ( ret = mbedtls_sha1_update_ret( ctx, msglen, 8 ) ) != 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]381 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]382
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]383 PUT_UINT32_BE( ctx->state[0], output, 0 );
384 PUT_UINT32_BE( ctx->state[1], output, 4 );
385 PUT_UINT32_BE( ctx->state[2], output, 8 );
386 PUT_UINT32_BE( ctx->state[3], output, 12 );
387 PUT_UINT32_BE( ctx->state[4], output, 16 );
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]388
389 return( 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]390}
391
Jaeden Amero041039f2018-02-19 15:28:08 +0000[diff] [blame]392#if !defined(MBEDTLS_DEPRECATED_REMOVED)
393void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
394 unsigned char output[20] )
395{
396 mbedtls_sha1_finish_ret( ctx, output );
397}
398#endif
399
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]400#endif /* !MBEDTLS_SHA1_ALT */
Paul Bakker90995b52013-06-24 19:20:35 +0200[diff] [blame]401
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]402/*
403 * output = SHA-1( input buffer )
404 */
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]405int mbedtls_sha1_ret( const unsigned char *input,
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]406 size_t ilen,
407 unsigned char output[20] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]408{
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]409 int ret;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]410 mbedtls_sha1_context ctx;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]411
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]412 mbedtls_sha1_init( &ctx );
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]413
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]414 if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 )
Andres Amaya Garcia0963e6c2017-07-20 14:34:08 +0100[diff] [blame]415 goto exit;
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]416
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]417 if( ( ret = mbedtls_sha1_update_ret( &ctx, input, ilen ) ) != 0 )
Andres Amaya Garcia0963e6c2017-07-20 14:34:08 +0100[diff] [blame]418 goto exit;
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]419
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]420 if( ( ret = mbedtls_sha1_finish_ret( &ctx, output ) ) != 0 )
Andres Amaya Garcia0963e6c2017-07-20 14:34:08 +0100[diff] [blame]421 goto exit;
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]422
Andres Amaya Garcia0963e6c2017-07-20 14:34:08 +0100[diff] [blame]423exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]424 mbedtls_sha1_free( &ctx );
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]425
Andres Amaya Garcia0963e6c2017-07-20 14:34:08 +0100[diff] [blame]426 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]427}
428
Jaeden Amero041039f2018-02-19 15:28:08 +0000[diff] [blame]429#if !defined(MBEDTLS_DEPRECATED_REMOVED)
430void mbedtls_sha1( const unsigned char *input,
431 size_t ilen,
432 unsigned char output[20] )
433{
434 mbedtls_sha1_ret( input, ilen, output );
435}
436#endif
437
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]438#if defined(MBEDTLS_SELF_TEST)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]439/*
440 * FIPS-180-1 test vectors
441 */
Manuel Pégourié-Gonnard28122e42015-03-11 09:13:42 +0000[diff] [blame]442static const unsigned char sha1_test_buf[3][57] =
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]443{
444 { "abc" },
445 { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
446 { "" }
447};
448
Andres Amaya Garcia2d0aa8b2017-07-21 14:57:26 +0100[diff] [blame]449static const size_t sha1_test_buflen[3] =
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]450{
451 3, 56, 1000
452};
453
454static const unsigned char sha1_test_sum[3][20] =
455{
456 { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
457 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
458 { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
459 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
460 { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
461 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
462};
463
464/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]465 * Checkup routine
466 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]467int mbedtls_sha1_self_test( int verbose )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]468{
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]469 int i, j, buflen, ret = 0;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]470 unsigned char buf[1024];
471 unsigned char sha1sum[20];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]472 mbedtls_sha1_context ctx;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]473
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]474 mbedtls_sha1_init( &ctx );
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]475
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]476 /*
477 * SHA-1
478 */
479 for( i = 0; i < 3; i++ )
480 {
481 if( verbose != 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]482 mbedtls_printf( " SHA-1 test #%d: ", i + 1 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]483
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]484 if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]485 goto fail;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]486
487 if( i == 2 )
488 {
489 memset( buf, 'a', buflen = 1000 );
490
491 for( j = 0; j < 1000; j++ )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]492 {
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]493 ret = mbedtls_sha1_update_ret( &ctx, buf, buflen );
Andres Amaya Garcia6a3f3052017-07-20 14:18:54 +0100[diff] [blame]494 if( ret != 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]495 goto fail;
496 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]497 }
498 else
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]499 {
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]500 ret = mbedtls_sha1_update_ret( &ctx, sha1_test_buf[i],
Andres Amaya Garcia6a3f3052017-07-20 14:18:54 +0100[diff] [blame]501 sha1_test_buflen[i] );
502 if( ret != 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]503 goto fail;
504 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]505
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]506 if( ( ret = mbedtls_sha1_finish_ret( &ctx, sha1sum ) ) != 0 )
Andres Amaya Garcia6a3f3052017-07-20 14:18:54 +0100[diff] [blame]507 goto fail;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]508
509 if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
Andres Amaya Garcia6a3f3052017-07-20 14:18:54 +0100[diff] [blame]510 {
511 ret = 1;
512 goto fail;
513 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]514
515 if( verbose != 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]516 mbedtls_printf( "passed\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]517 }
518
519 if( verbose != 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]520 mbedtls_printf( "\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]521
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]522 goto exit;
523
524fail:
525 if( verbose != 0 )
526 mbedtls_printf( "failed\n" );
527
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]528exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]529 mbedtls_sha1_free( &ctx );
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]530
531 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]532}
533
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]534#endif /* MBEDTLS_SELF_TEST */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]535
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]536#endif /* MBEDTLS_SHA1_C */