Google Git
Sign in
pigweed / third_party / github / ARMmbed / mbedtls / aacd928f97116e7dd8f27e6a3ffa250f9eec1b79 / . / library / sha1.c
blob: 1587de48052decb6c27d6e971c7141e23f74b7a6 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1/*
2 * FIPS-180-1 compliant SHA-1 implementation
3 *
Manuel Pégourié-Gonnard6fb81872015-07-27 11:11:48 +0200[diff] [blame]4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
Manuel Pégourié-Gonnard37ff1402015-09-04 14:21:07 +0200[diff] [blame]5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]18 *
Manuel Pégourié-Gonnardfe446432015-03-06 13:17:10 +0000[diff] [blame]19 * This file is part of mbed TLS (https://tls.mbed.org)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]20 */
21/*
22 * The SHA-1 standard was published by NIST in 1993.
23 *
24 * http://www.itl.nist.gov/fipspubs/fip180-1.htm
25 */
26
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]27#if !defined(MBEDTLS_CONFIG_FILE)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]28#include "mbedtls/config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]29#else
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]30#include MBEDTLS_CONFIG_FILE
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]31#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]32
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]33#if defined(MBEDTLS_SHA1_C)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]34
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]35#include "mbedtls/sha1.h"
Andres Amaya Garcia1f6301b2018-04-17 09:51:09 -0500[diff] [blame]36#include "mbedtls/platform_util.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]37
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]38#include <string.h>
39
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]40#if defined(MBEDTLS_SELF_TEST)
41#if defined(MBEDTLS_PLATFORM_C)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]42#include "mbedtls/platform.h"
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]43#else
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]44#include <stdio.h>
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]45#define mbedtls_printf printf
46#endif /* MBEDTLS_PLATFORM_C */
47#endif /* MBEDTLS_SELF_TEST */
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]48
Manuel Pégourié-Gonnard8b2641d2015-08-27 20:03:46 +0200[diff] [blame]49#if !defined(MBEDTLS_SHA1_ALT)
50
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]51/*
52 * 32-bit integer manipulation macros (big endian)
53 */
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]54#ifndef GET_UINT32_BE
55#define GET_UINT32_BE(n,b,i) \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]56{ \
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]57 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
58 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
59 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
60 | ( (uint32_t) (b)[(i) + 3] ); \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]61}
62#endif
63
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]64#ifndef PUT_UINT32_BE
65#define PUT_UINT32_BE(n,b,i) \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]66{ \
67 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
68 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
69 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
70 (b)[(i) + 3] = (unsigned char) ( (n) ); \
71}
72#endif
73
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]74void mbedtls_sha1_init( mbedtls_sha1_context *ctx )
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]75{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]76 memset( ctx, 0, sizeof( mbedtls_sha1_context ) );
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]77}
78
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]79void mbedtls_sha1_free( mbedtls_sha1_context *ctx )
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]80{
81 if( ctx == NULL )
82 return;
83
Andres Amaya Garcia1f6301b2018-04-17 09:51:09 -0500[diff] [blame]84 mbedtls_platform_zeroize( ctx, sizeof( mbedtls_sha1_context ) );
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]85}
86
Manuel Pégourié-Gonnard16d412f2015-07-06 15:26:26 +0200[diff] [blame]87void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
88 const mbedtls_sha1_context *src )
89{
90 *dst = *src;
91}
92
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]93/*
94 * SHA-1 context setup
95 */
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]96int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]97{
98 ctx->total[0] = 0;
99 ctx->total[1] = 0;
100
101 ctx->state[0] = 0x67452301;
102 ctx->state[1] = 0xEFCDAB89;
103 ctx->state[2] = 0x98BADCFE;
104 ctx->state[3] = 0x10325476;
105 ctx->state[4] = 0xC3D2E1F0;
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]106
107 return( 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]108}
109
Jaeden Amero041039f2018-02-19 15:28:08 +0000[diff] [blame]110#if !defined(MBEDTLS_DEPRECATED_REMOVED)
111void mbedtls_sha1_starts( mbedtls_sha1_context *ctx )
112{
113 mbedtls_sha1_starts_ret( ctx );
114}
115#endif
116
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]117#if !defined(MBEDTLS_SHA1_PROCESS_ALT)
Andres Amaya Garciacccfe082017-06-28 10:36:39 +0100[diff] [blame]118int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
119 const unsigned char data[64] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]120{
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]121 uint32_t temp, W[16], A, B, C, D, E;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]122
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]123 GET_UINT32_BE( W[ 0], data, 0 );
124 GET_UINT32_BE( W[ 1], data, 4 );
125 GET_UINT32_BE( W[ 2], data, 8 );
126 GET_UINT32_BE( W[ 3], data, 12 );
127 GET_UINT32_BE( W[ 4], data, 16 );
128 GET_UINT32_BE( W[ 5], data, 20 );
129 GET_UINT32_BE( W[ 6], data, 24 );
130 GET_UINT32_BE( W[ 7], data, 28 );
131 GET_UINT32_BE( W[ 8], data, 32 );
132 GET_UINT32_BE( W[ 9], data, 36 );
133 GET_UINT32_BE( W[10], data, 40 );
134 GET_UINT32_BE( W[11], data, 44 );
135 GET_UINT32_BE( W[12], data, 48 );
136 GET_UINT32_BE( W[13], data, 52 );
137 GET_UINT32_BE( W[14], data, 56 );
138 GET_UINT32_BE( W[15], data, 60 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]139
140#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
141
142#define R(t) \
143( \
Paul Bakker66d5d072014-06-17 16:39:18 +0200[diff] [blame]144 temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \
145 W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]146 ( W[t & 0x0F] = S(temp,1) ) \
147)
148
149#define P(a,b,c,d,e,x) \
150{ \
151 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
152}
153
154 A = ctx->state[0];
155 B = ctx->state[1];
156 C = ctx->state[2];
157 D = ctx->state[3];
158 E = ctx->state[4];
159
160#define F(x,y,z) (z ^ (x & (y ^ z)))
161#define K 0x5A827999
162
163 P( A, B, C, D, E, W[0] );
164 P( E, A, B, C, D, W[1] );
165 P( D, E, A, B, C, W[2] );
166 P( C, D, E, A, B, W[3] );
167 P( B, C, D, E, A, W[4] );
168 P( A, B, C, D, E, W[5] );
169 P( E, A, B, C, D, W[6] );
170 P( D, E, A, B, C, W[7] );
171 P( C, D, E, A, B, W[8] );
172 P( B, C, D, E, A, W[9] );
173 P( A, B, C, D, E, W[10] );
174 P( E, A, B, C, D, W[11] );
175 P( D, E, A, B, C, W[12] );
176 P( C, D, E, A, B, W[13] );
177 P( B, C, D, E, A, W[14] );
178 P( A, B, C, D, E, W[15] );
179 P( E, A, B, C, D, R(16) );
180 P( D, E, A, B, C, R(17) );
181 P( C, D, E, A, B, R(18) );
182 P( B, C, D, E, A, R(19) );
183
184#undef K
185#undef F
186
187#define F(x,y,z) (x ^ y ^ z)
188#define K 0x6ED9EBA1
189
190 P( A, B, C, D, E, R(20) );
191 P( E, A, B, C, D, R(21) );
192 P( D, E, A, B, C, R(22) );
193 P( C, D, E, A, B, R(23) );
194 P( B, C, D, E, A, R(24) );
195 P( A, B, C, D, E, R(25) );
196 P( E, A, B, C, D, R(26) );
197 P( D, E, A, B, C, R(27) );
198 P( C, D, E, A, B, R(28) );
199 P( B, C, D, E, A, R(29) );
200 P( A, B, C, D, E, R(30) );
201 P( E, A, B, C, D, R(31) );
202 P( D, E, A, B, C, R(32) );
203 P( C, D, E, A, B, R(33) );
204 P( B, C, D, E, A, R(34) );
205 P( A, B, C, D, E, R(35) );
206 P( E, A, B, C, D, R(36) );
207 P( D, E, A, B, C, R(37) );
208 P( C, D, E, A, B, R(38) );
209 P( B, C, D, E, A, R(39) );
210
211#undef K
212#undef F
213
214#define F(x,y,z) ((x & y) | (z & (x | y)))
215#define K 0x8F1BBCDC
216
217 P( A, B, C, D, E, R(40) );
218 P( E, A, B, C, D, R(41) );
219 P( D, E, A, B, C, R(42) );
220 P( C, D, E, A, B, R(43) );
221 P( B, C, D, E, A, R(44) );
222 P( A, B, C, D, E, R(45) );
223 P( E, A, B, C, D, R(46) );
224 P( D, E, A, B, C, R(47) );
225 P( C, D, E, A, B, R(48) );
226 P( B, C, D, E, A, R(49) );
227 P( A, B, C, D, E, R(50) );
228 P( E, A, B, C, D, R(51) );
229 P( D, E, A, B, C, R(52) );
230 P( C, D, E, A, B, R(53) );
231 P( B, C, D, E, A, R(54) );
232 P( A, B, C, D, E, R(55) );
233 P( E, A, B, C, D, R(56) );
234 P( D, E, A, B, C, R(57) );
235 P( C, D, E, A, B, R(58) );
236 P( B, C, D, E, A, R(59) );
237
238#undef K
239#undef F
240
241#define F(x,y,z) (x ^ y ^ z)
242#define K 0xCA62C1D6
243
244 P( A, B, C, D, E, R(60) );
245 P( E, A, B, C, D, R(61) );
246 P( D, E, A, B, C, R(62) );
247 P( C, D, E, A, B, R(63) );
248 P( B, C, D, E, A, R(64) );
249 P( A, B, C, D, E, R(65) );
250 P( E, A, B, C, D, R(66) );
251 P( D, E, A, B, C, R(67) );
252 P( C, D, E, A, B, R(68) );
253 P( B, C, D, E, A, R(69) );
254 P( A, B, C, D, E, R(70) );
255 P( E, A, B, C, D, R(71) );
256 P( D, E, A, B, C, R(72) );
257 P( C, D, E, A, B, R(73) );
258 P( B, C, D, E, A, R(74) );
259 P( A, B, C, D, E, R(75) );
260 P( E, A, B, C, D, R(76) );
261 P( D, E, A, B, C, R(77) );
262 P( C, D, E, A, B, R(78) );
263 P( B, C, D, E, A, R(79) );
264
265#undef K
266#undef F
267
268 ctx->state[0] += A;
269 ctx->state[1] += B;
270 ctx->state[2] += C;
271 ctx->state[3] += D;
272 ctx->state[4] += E;
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]273
274 return( 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]275}
Jaeden Amero041039f2018-02-19 15:28:08 +0000[diff] [blame]276
277#if !defined(MBEDTLS_DEPRECATED_REMOVED)
278void mbedtls_sha1_process( mbedtls_sha1_context *ctx,
279 const unsigned char data[64] )
280{
281 mbedtls_internal_sha1_process( ctx, data );
282}
283#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]284#endif /* !MBEDTLS_SHA1_PROCESS_ALT */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]285
286/*
287 * SHA-1 process buffer
288 */
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]289int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]290 const unsigned char *input,
291 size_t ilen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]292{
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]293 int ret;
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]294 size_t fill;
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]295 uint32_t left;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]296
Brian White12895d12014-04-11 11:29:42 -0400[diff] [blame]297 if( ilen == 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]298 return( 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]299
300 left = ctx->total[0] & 0x3F;
301 fill = 64 - left;
302
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]303 ctx->total[0] += (uint32_t) ilen;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]304 ctx->total[0] &= 0xFFFFFFFF;
305
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]306 if( ctx->total[0] < (uint32_t) ilen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]307 ctx->total[1]++;
308
309 if( left && ilen >= fill )
310 {
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]311 memcpy( (void *) (ctx->buffer + left), input, fill );
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]312
Andres Amaya Garciacccfe082017-06-28 10:36:39 +0100[diff] [blame]313 if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]314 return( ret );
315
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]316 input += fill;
317 ilen -= fill;
318 left = 0;
319 }
320
321 while( ilen >= 64 )
322 {
Andres Amaya Garciacccfe082017-06-28 10:36:39 +0100[diff] [blame]323 if( ( ret = mbedtls_internal_sha1_process( ctx, input ) ) != 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]324 return( ret );
325
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]326 input += 64;
327 ilen -= 64;
328 }
329
330 if( ilen > 0 )
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]331 memcpy( (void *) (ctx->buffer + left), input, ilen );
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]332
333 return( 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]334}
335
Jaeden Amero041039f2018-02-19 15:28:08 +0000[diff] [blame]336#if !defined(MBEDTLS_DEPRECATED_REMOVED)
337void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
338 const unsigned char *input,
339 size_t ilen )
340{
341 mbedtls_sha1_update_ret( ctx, input, ilen );
342}
343#endif
344
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]345static const unsigned char sha1_padding[64] =
346{
347 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
348 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
349 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
350 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
351};
352
353/*
354 * SHA-1 final digest
355 */
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]356int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]357 unsigned char output[20] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]358{
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]359 int ret;
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]360 uint32_t last, padn;
361 uint32_t high, low;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]362 unsigned char msglen[8];
363
364 high = ( ctx->total[0] >> 29 )
365 | ( ctx->total[1] << 3 );
366 low = ( ctx->total[0] << 3 );
367
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]368 PUT_UINT32_BE( high, msglen, 0 );
369 PUT_UINT32_BE( low, msglen, 4 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]370
371 last = ctx->total[0] & 0x3F;
372 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
373
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]374 if( ( ret = mbedtls_sha1_update_ret( ctx, sha1_padding, padn ) ) != 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]375 return( ret );
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]376 if( ( ret = mbedtls_sha1_update_ret( ctx, msglen, 8 ) ) != 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]377 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]378
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]379 PUT_UINT32_BE( ctx->state[0], output, 0 );
380 PUT_UINT32_BE( ctx->state[1], output, 4 );
381 PUT_UINT32_BE( ctx->state[2], output, 8 );
382 PUT_UINT32_BE( ctx->state[3], output, 12 );
383 PUT_UINT32_BE( ctx->state[4], output, 16 );
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]384
385 return( 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]386}
387
Jaeden Amero041039f2018-02-19 15:28:08 +0000[diff] [blame]388#if !defined(MBEDTLS_DEPRECATED_REMOVED)
389void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
390 unsigned char output[20] )
391{
392 mbedtls_sha1_finish_ret( ctx, output );
393}
394#endif
395
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]396#endif /* !MBEDTLS_SHA1_ALT */
Paul Bakker90995b52013-06-24 19:20:35 +0200[diff] [blame]397
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]398/*
399 * output = SHA-1( input buffer )
400 */
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]401int mbedtls_sha1_ret( const unsigned char *input,
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]402 size_t ilen,
403 unsigned char output[20] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]404{
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]405 int ret;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]406 mbedtls_sha1_context ctx;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]407
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]408 mbedtls_sha1_init( &ctx );
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]409
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]410 if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 )
Andres Amaya Garcia0963e6c2017-07-20 14:34:08 +0100[diff] [blame]411 goto exit;
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]412
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]413 if( ( ret = mbedtls_sha1_update_ret( &ctx, input, ilen ) ) != 0 )
Andres Amaya Garcia0963e6c2017-07-20 14:34:08 +0100[diff] [blame]414 goto exit;
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]415
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]416 if( ( ret = mbedtls_sha1_finish_ret( &ctx, output ) ) != 0 )
Andres Amaya Garcia0963e6c2017-07-20 14:34:08 +0100[diff] [blame]417 goto exit;
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]418
Andres Amaya Garcia0963e6c2017-07-20 14:34:08 +0100[diff] [blame]419exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]420 mbedtls_sha1_free( &ctx );
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]421
Andres Amaya Garcia0963e6c2017-07-20 14:34:08 +0100[diff] [blame]422 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]423}
424
Jaeden Amero041039f2018-02-19 15:28:08 +0000[diff] [blame]425#if !defined(MBEDTLS_DEPRECATED_REMOVED)
426void mbedtls_sha1( const unsigned char *input,
427 size_t ilen,
428 unsigned char output[20] )
429{
430 mbedtls_sha1_ret( input, ilen, output );
431}
432#endif
433
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]434#if defined(MBEDTLS_SELF_TEST)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]435/*
436 * FIPS-180-1 test vectors
437 */
Manuel Pégourié-Gonnard28122e42015-03-11 09:13:42 +0000[diff] [blame]438static const unsigned char sha1_test_buf[3][57] =
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]439{
440 { "abc" },
441 { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
442 { "" }
443};
444
Andres Amaya Garcia2d0aa8b2017-07-21 14:57:26 +0100[diff] [blame]445static const size_t sha1_test_buflen[3] =
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]446{
447 3, 56, 1000
448};
449
450static const unsigned char sha1_test_sum[3][20] =
451{
452 { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
453 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
454 { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
455 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
456 { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
457 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
458};
459
460/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]461 * Checkup routine
462 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]463int mbedtls_sha1_self_test( int verbose )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]464{
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]465 int i, j, buflen, ret = 0;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]466 unsigned char buf[1024];
467 unsigned char sha1sum[20];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]468 mbedtls_sha1_context ctx;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]469
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]470 mbedtls_sha1_init( &ctx );
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]471
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]472 /*
473 * SHA-1
474 */
475 for( i = 0; i < 3; i++ )
476 {
477 if( verbose != 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]478 mbedtls_printf( " SHA-1 test #%d: ", i + 1 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]479
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]480 if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]481 goto fail;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]482
483 if( i == 2 )
484 {
485 memset( buf, 'a', buflen = 1000 );
486
487 for( j = 0; j < 1000; j++ )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]488 {
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]489 ret = mbedtls_sha1_update_ret( &ctx, buf, buflen );
Andres Amaya Garcia6a3f3052017-07-20 14:18:54 +0100[diff] [blame]490 if( ret != 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]491 goto fail;
492 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]493 }
494 else
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]495 {
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]496 ret = mbedtls_sha1_update_ret( &ctx, sha1_test_buf[i],
Andres Amaya Garcia6a3f3052017-07-20 14:18:54 +0100[diff] [blame]497 sha1_test_buflen[i] );
498 if( ret != 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]499 goto fail;
500 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]501
Gilles Peskine9e4f77c2018-01-22 11:48:08 +0100[diff] [blame]502 if( ( ret = mbedtls_sha1_finish_ret( &ctx, sha1sum ) ) != 0 )
Andres Amaya Garcia6a3f3052017-07-20 14:18:54 +0100[diff] [blame]503 goto fail;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]504
505 if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
Andres Amaya Garcia6a3f3052017-07-20 14:18:54 +0100[diff] [blame]506 {
507 ret = 1;
508 goto fail;
509 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]510
511 if( verbose != 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]512 mbedtls_printf( "passed\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]513 }
514
515 if( verbose != 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]516 mbedtls_printf( "\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]517
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame]518 goto exit;
519
520fail:
521 if( verbose != 0 )
522 mbedtls_printf( "failed\n" );
523
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]524exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]525 mbedtls_sha1_free( &ctx );
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]526
527 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]528}
529
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]530#endif /* MBEDTLS_SELF_TEST */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]531
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]532#endif /* MBEDTLS_SHA1_C */