1 /**
2  * \file sha256.h
3  *
4  * \brief This file contains SHA-224 and SHA-256 definitions and functions.
5  *
6  * The Secure Hash Algorithms 224 and 256 (SHA-224 and SHA-256) cryptographic
7  * hash functions are defined in <em>FIPS 180-4: Secure Hash Standard (SHS)</em>.
8  */
9 /*
10  *  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
11  *  SPDX-License-Identifier: Apache-2.0
12  *
13  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
14  *  not use this file except in compliance with the License.
15  *  You may obtain a copy of the License at
16  *
17  *  http://www.apache.org/licenses/LICENSE-2.0
18  *
19  *  Unless required by applicable law or agreed to in writing, software
20  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
21  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22  *  See the License for the specific language governing permissions and
23  *  limitations under the License.
24  *
25  *  This file is part of Mbed TLS (https://tls.mbed.org)
26  */
27 #ifndef MBEDTLS_SHA256_H
28 #define MBEDTLS_SHA256_H
29 
30 #if !defined(MBEDTLS_CONFIG_FILE)
31 #include "config.h"
32 #else
33 #include MBEDTLS_CONFIG_FILE
34 #endif
35 
36 #include <stddef.h>
37 #include <stdint.h>
38 
39 /* MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED is deprecated and should not be used. */
40 #define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED                -0x0037  /**< SHA-256 hardware accelerator failed */
41 #define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA                 -0x0074  /**< SHA-256 input data was malformed. */
42 
43 #ifdef __cplusplus
44 extern "C" {
45 #endif
46 
47 #if !defined(MBEDTLS_SHA256_ALT)
48 // Regular implementation
49 //
50 
51 /**
52  * \brief          The SHA-256 context structure.
53  *
54  *                 The structure is used both for SHA-256 and for SHA-224
55  *                 checksum calculations. The choice between these two is
56  *                 made in the call to mbedtls_sha256_starts_ret().
57  */
58 typedef struct mbedtls_sha256_context
59 {
60     uint32_t total[2];          /*!< The number of Bytes processed.  */
61     uint32_t state[8];          /*!< The intermediate digest state.  */
62     unsigned char buffer[64];   /*!< The data block being processed. */
63     int is224;                  /*!< Determines which function to use:
64                                      0: Use SHA-256, or 1: Use SHA-224. */
65 }
66 mbedtls_sha256_context;
67 
68 #else  /* MBEDTLS_SHA256_ALT */
69 #include "sha256_alt.h"
70 #endif /* MBEDTLS_SHA256_ALT */
71 
72 /**
73  * \brief          This function initializes a SHA-256 context.
74  *
75  * \param ctx      The SHA-256 context to initialize. This must not be \c NULL.
76  */
77 void mbedtls_sha256_init( mbedtls_sha256_context *ctx );
78 
79 /**
80  * \brief          This function clears a SHA-256 context.
81  *
82  * \param ctx      The SHA-256 context to clear. This may be \c NULL, in which
83  *                 case this function returns immediately. If it is not \c NULL,
84  *                 it must point to an initialized SHA-256 context.
85  */
86 void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
87 
88 /**
89  * \brief          This function clones the state of a SHA-256 context.
90  *
91  * \param dst      The destination context. This must be initialized.
92  * \param src      The context to clone. This must be initialized.
93  */
94 void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
95                            const mbedtls_sha256_context *src );
96 
97 /**
98  * \brief          This function starts a SHA-224 or SHA-256 checksum
99  *                 calculation.
100  *
101  * \param ctx      The context to use. This must be initialized.
102  * \param is224    This determines which function to use. This must be
103  *                 either \c 0 for SHA-256, or \c 1 for SHA-224.
104  *
105  * \return         \c 0 on success.
106  * \return         A negative error code on failure.
107  */
108 int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 );
109 
110 /**
111  * \brief          This function feeds an input buffer into an ongoing
112  *                 SHA-256 checksum calculation.
113  *
114  * \param ctx      The SHA-256 context. This must be initialized
115  *                 and have a hash operation started.
116  * \param input    The buffer holding the data. This must be a readable
117  *                 buffer of length \p ilen Bytes.
118  * \param ilen     The length of the input data in Bytes.
119  *
120  * \return         \c 0 on success.
121  * \return         A negative error code on failure.
122  */
123 int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
124                                const unsigned char *input,
125                                size_t ilen );
126 
127 /**
128  * \brief          This function finishes the SHA-256 operation, and writes
129  *                 the result to the output buffer.
130  *
131  * \param ctx      The SHA-256 context. This must be initialized
132  *                 and have a hash operation started.
133  * \param output   The SHA-224 or SHA-256 checksum result.
134  *                 This must be a writable buffer of length \c 32 Bytes.
135  *
136  * \return         \c 0 on success.
137  * \return         A negative error code on failure.
138  */
139 int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
140                                unsigned char output[32] );
141 
142 /**
143  * \brief          This function processes a single data block within
144  *                 the ongoing SHA-256 computation. This function is for
145  *                 internal use only.
146  *
147  * \param ctx      The SHA-256 context. This must be initialized.
148  * \param data     The buffer holding one block of data. This must
149  *                 be a readable buffer of length \c 64 Bytes.
150  *
151  * \return         \c 0 on success.
152  * \return         A negative error code on failure.
153  */
154 int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
155                                      const unsigned char data[64] );
156 
157 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
158 #if defined(MBEDTLS_DEPRECATED_WARNING)
159 #define MBEDTLS_DEPRECATED      __attribute__((deprecated))
160 #else
161 #define MBEDTLS_DEPRECATED
162 #endif
163 /**
164  * \brief          This function starts a SHA-224 or SHA-256 checksum
165  *                 calculation.
166  *
167  * \deprecated     Superseded by mbedtls_sha256_starts_ret() in 2.7.0.
168  *
169  * \param ctx      The context to use. This must be initialized.
170  * \param is224    Determines which function to use. This must be
171  *                 either \c 0 for SHA-256, or \c 1 for SHA-224.
172  */
173 MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
174                                                int is224 );
175 
176 /**
177  * \brief          This function feeds an input buffer into an ongoing
178  *                 SHA-256 checksum calculation.
179  *
180  * \deprecated     Superseded by mbedtls_sha256_update_ret() in 2.7.0.
181  *
182  * \param ctx      The SHA-256 context to use. This must be
183  *                 initialized and have a hash operation started.
184  * \param input    The buffer holding the data. This must be a readable
185  *                 buffer of length \p ilen Bytes.
186  * \param ilen     The length of the input data in Bytes.
187  */
188 MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
189                                                const unsigned char *input,
190                                                size_t ilen );
191 
192 /**
193  * \brief          This function finishes the SHA-256 operation, and writes
194  *                 the result to the output buffer.
195  *
196  * \deprecated     Superseded by mbedtls_sha256_finish_ret() in 2.7.0.
197  *
198  * \param ctx      The SHA-256 context. This must be initialized and
199  *                 have a hash operation started.
200  * \param output   The SHA-224 or SHA-256 checksum result. This must be
201  *                 a writable buffer of length \c 32 Bytes.
202  */
203 MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
204                                                unsigned char output[32] );
205 
206 /**
207  * \brief          This function processes a single data block within
208  *                 the ongoing SHA-256 computation. This function is for
209  *                 internal use only.
210  *
211  * \deprecated     Superseded by mbedtls_internal_sha256_process() in 2.7.0.
212  *
213  * \param ctx      The SHA-256 context. This must be initialized.
214  * \param data     The buffer holding one block of data. This must be
215  *                 a readable buffer of size \c 64 Bytes.
216  */
217 MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx,
218                                                 const unsigned char data[64] );
219 
220 #undef MBEDTLS_DEPRECATED
221 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
222 
223 /**
224  * \brief          This function calculates the SHA-224 or SHA-256
225  *                 checksum of a buffer.
226  *
227  *                 The function allocates the context, performs the
228  *                 calculation, and frees the context.
229  *
230  *                 The SHA-256 result is calculated as
231  *                 output = SHA-256(input buffer).
232  *
233  * \param input    The buffer holding the data. This must be a readable
234  *                 buffer of length \p ilen Bytes.
235  * \param ilen     The length of the input data in Bytes.
236  * \param output   The SHA-224 or SHA-256 checksum result. This must
237  *                 be a writable buffer of length \c 32 Bytes.
238  * \param is224    Determines which function to use. This must be
239  *                 either \c 0 for SHA-256, or \c 1 for SHA-224.
240  */
241 int mbedtls_sha256_ret( const unsigned char *input,
242                         size_t ilen,
243                         unsigned char output[32],
244                         int is224 );
245 
246 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
247 #if defined(MBEDTLS_DEPRECATED_WARNING)
248 #define MBEDTLS_DEPRECATED      __attribute__((deprecated))
249 #else
250 #define MBEDTLS_DEPRECATED
251 #endif
252 
253 /**
254  * \brief          This function calculates the SHA-224 or SHA-256 checksum
255  *                 of a buffer.
256  *
257  *                 The function allocates the context, performs the
258  *                 calculation, and frees the context.
259  *
260  *                 The SHA-256 result is calculated as
261  *                 output = SHA-256(input buffer).
262  *
263  * \deprecated     Superseded by mbedtls_sha256_ret() in 2.7.0.
264  *
265  * \param input    The buffer holding the data. This must be a readable
266  *                 buffer of length \p ilen Bytes.
267  * \param ilen     The length of the input data in Bytes.
268  * \param output   The SHA-224 or SHA-256 checksum result. This must be
269  *                 a writable buffer of length \c 32 Bytes.
270  * \param is224    Determines which function to use. This must be either
271  *                 \c 0 for SHA-256, or \c 1 for SHA-224.
272  */
273 MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input,
274                                         size_t ilen,
275                                         unsigned char output[32],
276                                         int is224 );
277 
278 #undef MBEDTLS_DEPRECATED
279 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
280 
281 #if defined(MBEDTLS_SELF_TEST)
282 
283 /**
284  * \brief          The SHA-224 and SHA-256 checkup routine.
285  *
286  * \return         \c 0 on success.
287  * \return         \c 1 on failure.
288  */
289 int mbedtls_sha256_self_test( int verbose );
290 
291 #endif /* MBEDTLS_SELF_TEST */
292 
293 #ifdef __cplusplus
294 }
295 #endif
296 
297 #endif /* mbedtls_sha256.h */
298