1 /* $OpenBSD: m_sha1.c,v 1.26 2024/04/09 13:52:41 beck Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59 #include <stdio.h>
60
61 #include <openssl/opensslconf.h>
62
63 #ifndef OPENSSL_NO_SHA
64
65 #include <openssl/evp.h>
66 #include <openssl/objects.h>
67 #include <openssl/sha.h>
68
69 #ifndef OPENSSL_NO_RSA
70 #include <openssl/rsa.h>
71 #endif
72
73 #include "evp_local.h"
74 #include "sha_internal.h"
75
76 static int
sha1_init(EVP_MD_CTX * ctx)77 sha1_init(EVP_MD_CTX *ctx)
78 {
79 return SHA1_Init(ctx->md_data);
80 }
81
82 static int
sha1_update(EVP_MD_CTX * ctx,const void * data,size_t count)83 sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count)
84 {
85 return SHA1_Update(ctx->md_data, data, count);
86 }
87
88 static int
sha1_final(EVP_MD_CTX * ctx,unsigned char * md)89 sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
90 {
91 return SHA1_Final(md, ctx->md_data);
92 }
93
94 static const EVP_MD sha1_md = {
95 .type = NID_sha1,
96 .pkey_type = NID_sha1WithRSAEncryption,
97 .md_size = SHA_DIGEST_LENGTH,
98 .flags = EVP_MD_FLAG_DIGALGID_ABSENT,
99 .init = sha1_init,
100 .update = sha1_update,
101 .final = sha1_final,
102 .copy = NULL,
103 .cleanup = NULL,
104 .block_size = SHA_CBLOCK,
105 .ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
106 };
107
108 const EVP_MD *
EVP_sha1(void)109 EVP_sha1(void)
110 {
111 return &sha1_md;
112 }
113 LCRYPTO_ALIAS(EVP_sha1);
114 #endif
115
116 #ifndef OPENSSL_NO_SHA256
117 static int
sha224_init(EVP_MD_CTX * ctx)118 sha224_init(EVP_MD_CTX *ctx)
119 {
120 return SHA224_Init(ctx->md_data);
121 }
122
123 static int
sha224_update(EVP_MD_CTX * ctx,const void * data,size_t count)124 sha224_update(EVP_MD_CTX *ctx, const void *data, size_t count)
125 {
126 /*
127 * Even though there're separate SHA224_[Update|Final], we call
128 * SHA256 functions even in SHA224 context. This is what happens
129 * there anyway, so we can spare few CPU cycles:-)
130 */
131 return SHA256_Update(ctx->md_data, data, count);
132 }
133
134 static int
sha224_final(EVP_MD_CTX * ctx,unsigned char * md)135 sha224_final(EVP_MD_CTX *ctx, unsigned char *md)
136 {
137 return SHA224_Final(md, ctx->md_data);
138 }
139
140 static const EVP_MD sha224_md = {
141 .type = NID_sha224,
142 .pkey_type = NID_sha224WithRSAEncryption,
143 .md_size = SHA224_DIGEST_LENGTH,
144 .flags = EVP_MD_FLAG_DIGALGID_ABSENT,
145 .init = sha224_init,
146 .update = sha224_update,
147 .final = sha224_final,
148 .copy = NULL,
149 .cleanup = NULL,
150 .block_size = SHA256_CBLOCK,
151 .ctx_size = sizeof(EVP_MD *) + sizeof(SHA256_CTX),
152 };
153
154 const EVP_MD *
EVP_sha224(void)155 EVP_sha224(void)
156 {
157 return &sha224_md;
158 }
159 LCRYPTO_ALIAS(EVP_sha224);
160
161 static int
sha256_init(EVP_MD_CTX * ctx)162 sha256_init(EVP_MD_CTX *ctx)
163 {
164 return SHA256_Init(ctx->md_data);
165 }
166
167 static int
sha256_update(EVP_MD_CTX * ctx,const void * data,size_t count)168 sha256_update(EVP_MD_CTX *ctx, const void *data, size_t count)
169 {
170 return SHA256_Update(ctx->md_data, data, count);
171 }
172
173 static int
sha256_final(EVP_MD_CTX * ctx,unsigned char * md)174 sha256_final(EVP_MD_CTX *ctx, unsigned char *md)
175 {
176 return SHA256_Final(md, ctx->md_data);
177 }
178
179 static const EVP_MD sha256_md = {
180 .type = NID_sha256,
181 .pkey_type = NID_sha256WithRSAEncryption,
182 .md_size = SHA256_DIGEST_LENGTH,
183 .flags = EVP_MD_FLAG_DIGALGID_ABSENT,
184 .init = sha256_init,
185 .update = sha256_update,
186 .final = sha256_final,
187 .copy = NULL,
188 .cleanup = NULL,
189 .block_size = SHA256_CBLOCK,
190 .ctx_size = sizeof(EVP_MD *) + sizeof(SHA256_CTX),
191 };
192
193 const EVP_MD *
EVP_sha256(void)194 EVP_sha256(void)
195 {
196 return &sha256_md;
197 }
198 LCRYPTO_ALIAS(EVP_sha256);
199 #endif /* ifndef OPENSSL_NO_SHA256 */
200
201 #ifndef OPENSSL_NO_SHA512
202 static int
sha384_init(EVP_MD_CTX * ctx)203 sha384_init(EVP_MD_CTX *ctx)
204 {
205 return SHA384_Init(ctx->md_data);
206 }
207
208 static int
sha384_update(EVP_MD_CTX * ctx,const void * data,size_t count)209 sha384_update(EVP_MD_CTX *ctx, const void *data, size_t count)
210 {
211 /* See comment in SHA224/256 section */
212 return SHA512_Update(ctx->md_data, data, count);
213 }
214
215 static int
sha384_final(EVP_MD_CTX * ctx,unsigned char * md)216 sha384_final(EVP_MD_CTX *ctx, unsigned char *md)
217 {
218 return SHA384_Final(md, ctx->md_data);
219 }
220
221 static const EVP_MD sha384_md = {
222 .type = NID_sha384,
223 .pkey_type = NID_sha384WithRSAEncryption,
224 .md_size = SHA384_DIGEST_LENGTH,
225 .flags = EVP_MD_FLAG_DIGALGID_ABSENT,
226 .init = sha384_init,
227 .update = sha384_update,
228 .final = sha384_final,
229 .copy = NULL,
230 .cleanup = NULL,
231 .block_size = SHA512_CBLOCK,
232 .ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX),
233 };
234
235 const EVP_MD *
EVP_sha384(void)236 EVP_sha384(void)
237 {
238 return &sha384_md;
239 }
240 LCRYPTO_ALIAS(EVP_sha384);
241
242 static int
sha512_init(EVP_MD_CTX * ctx)243 sha512_init(EVP_MD_CTX *ctx)
244 {
245 return SHA512_Init(ctx->md_data);
246 }
247
248 static int
sha512_update(EVP_MD_CTX * ctx,const void * data,size_t count)249 sha512_update(EVP_MD_CTX *ctx, const void *data, size_t count)
250 {
251 return SHA512_Update(ctx->md_data, data, count);
252 }
253
254 static int
sha512_final(EVP_MD_CTX * ctx,unsigned char * md)255 sha512_final(EVP_MD_CTX *ctx, unsigned char *md)
256 {
257 return SHA512_Final(md, ctx->md_data);
258 }
259
260 static const EVP_MD sha512_md = {
261 .type = NID_sha512,
262 .pkey_type = NID_sha512WithRSAEncryption,
263 .md_size = SHA512_DIGEST_LENGTH,
264 .flags = EVP_MD_FLAG_DIGALGID_ABSENT,
265 .init = sha512_init,
266 .update = sha512_update,
267 .final = sha512_final,
268 .copy = NULL,
269 .cleanup = NULL,
270 .block_size = SHA512_CBLOCK,
271 .ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX),
272 };
273
274 const EVP_MD *
EVP_sha512(void)275 EVP_sha512(void)
276 {
277 return &sha512_md;
278 }
279 LCRYPTO_ALIAS(EVP_sha512);
280
281 static int
sha512_224_init(EVP_MD_CTX * ctx)282 sha512_224_init(EVP_MD_CTX *ctx)
283 {
284 return SHA512_224_Init(ctx->md_data);
285 }
286
287 static int
sha512_224_update(EVP_MD_CTX * ctx,const void * data,size_t count)288 sha512_224_update(EVP_MD_CTX *ctx, const void *data, size_t count)
289 {
290 return SHA512_224_Update(ctx->md_data, data, count);
291 }
292
293 static int
sha512_224_final(EVP_MD_CTX * ctx,unsigned char * md)294 sha512_224_final(EVP_MD_CTX *ctx, unsigned char *md)
295 {
296 return SHA512_224_Final(md, ctx->md_data);
297 }
298
299 static const EVP_MD sha512_224_md = {
300 .type = NID_sha512_224,
301 .pkey_type = NID_sha512_224WithRSAEncryption,
302 .md_size = SHA512_224_DIGEST_LENGTH,
303 .flags = EVP_MD_FLAG_DIGALGID_ABSENT,
304 .init = sha512_224_init,
305 .update = sha512_224_update,
306 .final = sha512_224_final,
307 .copy = NULL,
308 .cleanup = NULL,
309 .block_size = SHA512_CBLOCK,
310 .ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX),
311 };
312
313 const EVP_MD *
EVP_sha512_224(void)314 EVP_sha512_224(void)
315 {
316 return &sha512_224_md;
317 }
318 LCRYPTO_ALIAS(EVP_sha512_224);
319
320 static int
sha512_256_init(EVP_MD_CTX * ctx)321 sha512_256_init(EVP_MD_CTX *ctx)
322 {
323 return SHA512_256_Init(ctx->md_data);
324 }
325
326 static int
sha512_256_update(EVP_MD_CTX * ctx,const void * data,size_t count)327 sha512_256_update(EVP_MD_CTX *ctx, const void *data, size_t count)
328 {
329 return SHA512_256_Update(ctx->md_data, data, count);
330 }
331
332 static int
sha512_256_final(EVP_MD_CTX * ctx,unsigned char * md)333 sha512_256_final(EVP_MD_CTX *ctx, unsigned char *md)
334 {
335 return SHA512_256_Final(md, ctx->md_data);
336 }
337
338 static const EVP_MD sha512_256_md = {
339 .type = NID_sha512_256,
340 .pkey_type = NID_sha512_256WithRSAEncryption,
341 .md_size = SHA512_256_DIGEST_LENGTH,
342 .flags = EVP_MD_FLAG_DIGALGID_ABSENT,
343 .init = sha512_256_init,
344 .update = sha512_256_update,
345 .final = sha512_256_final,
346 .copy = NULL,
347 .cleanup = NULL,
348 .block_size = SHA512_CBLOCK,
349 .ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX),
350 };
351
352 const EVP_MD *
EVP_sha512_256(void)353 EVP_sha512_256(void)
354 {
355 return &sha512_256_md;
356 }
357 LCRYPTO_ALIAS(EVP_sha512_256);
358 #endif /* ifndef OPENSSL_NO_SHA512 */
359