1 // SPDX-License-Identifier: MIT
2 
3 #ifndef SHA2_H
4 #define SHA2_H
5 
6 #include <stddef.h>
7 #include <stdint.h>
8 
9 #define PQC_SHA256CTX_BYTES 40
10 #define PQC_SHA512CTX_BYTES 72
11 
12 typedef struct {
13 	uint8_t *ctx;
14 } sha256ctx;
15 #define sha256_inc_init oqs_sha2_sha256_inc_init
16 #define sha256_inc_ctx_clone oqs_sha2_sha256_inc_ctx_clone
17 #define sha256_inc_ctx_release oqs_sha2_sha256_inc_ctx_release
18 #define sha256_inc_blocks oqs_sha2_sha256_inc_blocks
19 #define sha256_inc_finalize oqs_sha2_sha256_inc_finalize
20 #define sha256 OQS_SHA2_sha256
21 
22 typedef struct {
23 	uint8_t *ctx;
24 } sha512ctx;
25 #define sha512_inc_init oqs_sha2_sha512_inc_init
26 #define sha512_inc_ctx_clone oqs_sha2_sha512_inc_ctx_clone
27 #define sha512_inc_ctx_release oqs_sha2_sha512_inc_ctx_release
28 #define sha512_inc_blocks oqs_sha2_sha512_inc_blocks
29 #define sha512_inc_finalize oqs_sha2_sha512_inc_finalize
30 #define sha512 OQS_SHA2_sha512
31 
32 /**
33  * \brief Process a message with SHA-256 and return the hash code in the output byte array.
34  *
35  * \warning The output array must be at least 32 bytes in length.
36  *
37  * \param output The output byte array
38  * \param input The message input byte array
39  * \param inplen The number of message bytes to process
40  */
41 void OQS_SHA2_sha256(uint8_t *output, const uint8_t *input, size_t inplen);
42 
43 /** Data structure for the state of the SHA-256 incremental hashing API. */
44 typedef struct {
45 	/** Internal state */
46 	void *ctx;
47 } OQS_SHA2_sha256_ctx;
48 
49 /**
50  * \brief Allocate and initialize the state for the SHA-256 incremental hashing API.
51  *
52  * \warning The state must be released by OQS_SHA2_sha256_inc_finalize
53  * or OQS_SHA2_sha256_inc_ctx_release.
54  *
55  * \param state Pointer to the state
56  */
57 void OQS_SHA2_sha256_inc_init(OQS_SHA2_sha256_ctx *state);
58 
59 /**
60  * \brief Duplicate state for the SHA-256 incremental hashing API.
61  *
62  * \warning dest must be allocated by the caller. Caller is responsible
63  * for releasing dest by calling either OQS_SHA3_sha3_256_inc_finalize or
64  * OQS_SHA3_sha3_256_inc_ctx_release.
65  *
66  * \param dest The function state to copy into; must be initialized
67  * \param src The function state to copy; must be initialized
68  */
69 void OQS_SHA2_sha256_inc_ctx_clone(OQS_SHA2_sha256_ctx *dest, const OQS_SHA2_sha256_ctx *src);
70 
71 /**
72  * \brief Process blocks with SHA-256 and update the state.
73  *
74  * \warning The state must be initialized by OQS_SHA2_sha256_inc_init or OQS_SHA2_sha256_inc_ctx_clone.
75  *
76  * \param state The state to update
77  * \param in Message input byte array
78  * \param inblocks The number of blocks of message bytes to process
79  */
80 void OQS_SHA2_sha256_inc_blocks(OQS_SHA2_sha256_ctx *state, const uint8_t *in, size_t inblocks);
81 
82 /**
83  * \brief Process more message bytes with SHA-256 and return the hash code in the output byte array.
84  *
85  * \warning The output array must be at least 32 bytes in length. The state is
86  * deallocated by this function and can not be used again after calling
87  * this function without calling OQS_SHA2_sha256_inc_init again.
88  *
89  * \param out The output byte array
90  * \param state The state
91  * \param in Additional message input byte array
92  * \param inlen The number of additional message bytes to process
93  */
94 void OQS_SHA2_sha256_inc_finalize(uint8_t *out, OQS_SHA2_sha256_ctx *state, const uint8_t *in, size_t inlen);
95 
96 /**
97  * \brief Destroy state.
98  *
99  * \warning The state is deallocated by this function and can not be used again after calling
100  * this function without calling OQS_SHA2_sha256_inc_init again.
101  *
102  * \param state The state
103  */
104 void OQS_SHA2_sha256_inc_ctx_release(OQS_SHA2_sha256_ctx *state);
105 
106 /**
107  * \brief Process a message with SHA-384 and return the hash code in the output byte array.
108  *
109  * \warning The output array must be at least 48 bytes in length.
110  *
111  * \param output The output byte array
112  * \param input The message input byte array
113  * \param inplen The number of message bytes to process
114  */
115 void OQS_SHA2_sha384(uint8_t *output, const uint8_t *input, size_t inplen);
116 
117 /** Data structure for the state of the SHA-384 incremental hashing API. */
118 typedef struct {
119 	/** Internal state. */
120 	void *ctx;
121 } OQS_SHA2_sha384_ctx;
122 
123 /**
124  * \brief Allocate and initialize the state for the SHA-384 incremental hashing API.
125  *
126  * \warning The state must be released by OQS_SHA2_sha384_inc_finalize
127  * or OQS_SHA2_sha384_inc_ctx_release.
128  *
129  * \param state Pointer to the state
130  */
131 void OQS_SHA2_sha384_inc_init(OQS_SHA2_sha384_ctx *state);
132 
133 /**
134  * \brief Duplicate state for the SHA-384 incremental hashing API.
135  *
136  * \warning dest must be allocated by the caller. Caller is responsible
137  * for releasing dest by calling either OQS_SHA3_sha3_384_inc_finalize or
138  * OQS_SHA3_sha3_384_inc_ctx_release.
139  *
140  * \param dest The function state to copy into; must be initialized
141  * \param src The function state to copy; must be initialized
142  */
143 void OQS_SHA2_sha384_inc_ctx_clone(OQS_SHA2_sha384_ctx *dest, const OQS_SHA2_sha384_ctx *src);
144 
145 /**
146  * \brief Process blocks with SHA-384 and update the state.
147  *
148  * \warning The state must be initialized by OQS_SHA2_sha384_inc_init or OQS_SHA2_sha384_inc_ctx_clone.
149  *
150  * \param state The state to update
151  * \param in Message input byte array
152  * \param inblocks The number of blocks of message bytes to process
153  */
154 void OQS_SHA2_sha384_inc_blocks(OQS_SHA2_sha384_ctx *state, const uint8_t *in, size_t inblocks);
155 
156 /**
157  * \brief Process more message bytes with SHA-384 and return the hash code in the output byte array.
158  *
159  * \warning The output array must be at least 48 bytes in length. The state is
160  * deallocated by this function and can not be used again after calling
161  * this function without calling OQS_SHA2_sha384_inc_init again.
162  *
163  * \param out The output byte array
164  * \param state The state
165  * \param in Additional message input byte array
166  * \param inlen The number of additional message bytes to process
167  */
168 void OQS_SHA2_sha384_inc_finalize(uint8_t *out, OQS_SHA2_sha384_ctx *state, const uint8_t *in, size_t inlen);
169 
170 /**
171  * \brief Destroy state.
172  *
173  * \warning The state is deallocated by this function and can not be used again after calling
174  * this function without calling OQS_SHA2_sha384_inc_init again.
175  *
176  * \param state The state
177  */
178 void OQS_SHA2_sha384_inc_ctx_release(OQS_SHA2_sha384_ctx *state);
179 
180 /**
181  * \brief Process a message with SHA-512 and return the hash code in the output byte array.
182  *
183  * \warning The output array must be at least 64 bytes in length.
184  *
185  * \param output The output byte array
186  * \param input The message input byte array
187  * \param inplen The number of message bytes to process
188  */
189 void OQS_SHA2_sha512(uint8_t *output, const uint8_t *input, size_t inplen);
190 
191 /** Data structure for the state of the SHA-512 incremental hashing API. */
192 typedef struct {
193 	/** Internal state. */
194 	void *ctx;
195 } OQS_SHA2_sha512_ctx;
196 
197 /**
198  * \brief Allocate and initialize the state for the SHA-512 incremental hashing API.
199  *
200  * \warning The state must be released by OQS_SHA2_sha512_inc_finalize
201  * or OQS_SHA2_sha512_inc_ctx_release.
202  *
203  * \param state Pointer to the state
204  */
205 void OQS_SHA2_sha512_inc_init(OQS_SHA2_sha512_ctx *state);
206 
207 /**
208  * \brief Duplicate state for the SHA-512 incremental hashing API.
209  *
210  * \warning dest must be allocated by the caller. Caller is responsible
211  * for releasing dest by calling either OQS_SHA3_sha3_512_inc_finalize or
212  * OQS_SHA3_sha3_512_inc_ctx_release.
213  *
214  * \param dest The function state to copy into; must be initialized
215  * \param src The function state to copy; must be initialized
216  */
217 void OQS_SHA2_sha512_inc_ctx_clone(OQS_SHA2_sha512_ctx *dest, const OQS_SHA2_sha512_ctx *src);
218 
219 /**
220  * \brief Process blocks with SHA-512 and update the state.
221  *
222  * \warning The state must be initialized by OQS_SHA2_sha512_inc_init or OQS_SHA2_sha512_inc_ctx_clone.
223  *
224  * \param state The state to update
225  * \param in Message input byte array
226  * \param inblocks The number of blocks of message bytes to process
227  */
228 void OQS_SHA2_sha512_inc_blocks(OQS_SHA2_sha512_ctx *state, const uint8_t *in, size_t inblocks);
229 
230 /**
231  * \brief Process more message bytes with SHA-512 and return the hash code in the output byte array.
232  *
233  * \warning The output array must be at least 64 bytes in length. The state is
234  * deallocated by this function and can not be used again after calling
235  * this function without calling OQS_SHA2_sha512_inc_init again.
236  *
237  * \param out The output byte array
238  * \param state The state
239  * \param in Additional message input byte array
240  * \param inlen The number of additional message bytes to process
241  */
242 void OQS_SHA2_sha512_inc_finalize(uint8_t *out, OQS_SHA2_sha512_ctx *state, const uint8_t *in, size_t inlen);
243 
244 /**
245  * \brief Destroy state.
246  *
247  * \warning The state is deallocated by this function and can not be used again after calling
248  * this function without calling OQS_SHA2_sha512_inc_init again.
249  *
250  * \param state The state
251  */
252 void OQS_SHA2_sha512_inc_ctx_release(OQS_SHA2_sha512_ctx *state);
253 
254 #endif
255