1817466cbSJens Wiklander /** 2817466cbSJens Wiklander * \file md.h 3817466cbSJens Wiklander * 43d3b0591SJens Wiklander * \brief This file contains the generic message-digest wrapper. 5817466cbSJens Wiklander * 6817466cbSJens Wiklander * \author Adriaan de Jong <dejong@fox-it.com> 73d3b0591SJens Wiklander */ 83d3b0591SJens Wiklander /* 9*7901324dSJerome Forissier * Copyright The Mbed TLS Contributors 10*7901324dSJerome Forissier * SPDX-License-Identifier: Apache-2.0 11817466cbSJens Wiklander * 12817466cbSJens Wiklander * Licensed under the Apache License, Version 2.0 (the "License"); you may 13817466cbSJens Wiklander * not use this file except in compliance with the License. 14817466cbSJens Wiklander * You may obtain a copy of the License at 15817466cbSJens Wiklander * 16817466cbSJens Wiklander * http://www.apache.org/licenses/LICENSE-2.0 17817466cbSJens Wiklander * 18817466cbSJens Wiklander * Unless required by applicable law or agreed to in writing, software 19817466cbSJens Wiklander * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 20817466cbSJens Wiklander * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 21817466cbSJens Wiklander * See the License for the specific language governing permissions and 22817466cbSJens Wiklander * limitations under the License. 23817466cbSJens Wiklander */ 243d3b0591SJens Wiklander 25817466cbSJens Wiklander #ifndef MBEDTLS_MD_H 26817466cbSJens Wiklander #define MBEDTLS_MD_H 27817466cbSJens Wiklander 28817466cbSJens Wiklander #include <stddef.h> 29817466cbSJens Wiklander 303d3b0591SJens Wiklander #if !defined(MBEDTLS_CONFIG_FILE) 3111fa71b9SJerome Forissier #include "mbedtls/config.h" 323d3b0591SJens Wiklander #else 333d3b0591SJens Wiklander #include MBEDTLS_CONFIG_FILE 343d3b0591SJens Wiklander #endif 353d3b0591SJens Wiklander 36817466cbSJens Wiklander #define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */ 37817466cbSJens Wiklander #define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */ 38817466cbSJens Wiklander #define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */ 39817466cbSJens Wiklander #define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */ 40817466cbSJens Wiklander 413d3b0591SJens Wiklander /* MBEDTLS_ERR_MD_HW_ACCEL_FAILED is deprecated and should not be used. */ 423d3b0591SJens Wiklander #define MBEDTLS_ERR_MD_HW_ACCEL_FAILED -0x5280 /**< MD hardware accelerator failed. */ 433d3b0591SJens Wiklander 44817466cbSJens Wiklander #ifdef __cplusplus 45817466cbSJens Wiklander extern "C" { 46817466cbSJens Wiklander #endif 47817466cbSJens Wiklander 483d3b0591SJens Wiklander /** 493d3b0591SJens Wiklander * \brief Supported message digests. 503d3b0591SJens Wiklander * 513d3b0591SJens Wiklander * \warning MD2, MD4, MD5 and SHA-1 are considered weak message digests and 523d3b0591SJens Wiklander * their use constitutes a security risk. We recommend considering 533d3b0591SJens Wiklander * stronger message digests instead. 543d3b0591SJens Wiklander * 553d3b0591SJens Wiklander */ 56817466cbSJens Wiklander typedef enum { 573d3b0591SJens Wiklander MBEDTLS_MD_NONE=0, /**< None. */ 583d3b0591SJens Wiklander MBEDTLS_MD_MD2, /**< The MD2 message digest. */ 593d3b0591SJens Wiklander MBEDTLS_MD_MD4, /**< The MD4 message digest. */ 603d3b0591SJens Wiklander MBEDTLS_MD_MD5, /**< The MD5 message digest. */ 613d3b0591SJens Wiklander MBEDTLS_MD_SHA1, /**< The SHA-1 message digest. */ 623d3b0591SJens Wiklander MBEDTLS_MD_SHA224, /**< The SHA-224 message digest. */ 633d3b0591SJens Wiklander MBEDTLS_MD_SHA256, /**< The SHA-256 message digest. */ 643d3b0591SJens Wiklander MBEDTLS_MD_SHA384, /**< The SHA-384 message digest. */ 653d3b0591SJens Wiklander MBEDTLS_MD_SHA512, /**< The SHA-512 message digest. */ 663d3b0591SJens Wiklander MBEDTLS_MD_RIPEMD160, /**< The RIPEMD-160 message digest. */ 67817466cbSJens Wiklander } mbedtls_md_type_t; 68817466cbSJens Wiklander 69817466cbSJens Wiklander #if defined(MBEDTLS_SHA512_C) 70817466cbSJens Wiklander #define MBEDTLS_MD_MAX_SIZE 64 /* longest known is SHA512 */ 71817466cbSJens Wiklander #else 72817466cbSJens Wiklander #define MBEDTLS_MD_MAX_SIZE 32 /* longest known is SHA256 or less */ 73817466cbSJens Wiklander #endif 74817466cbSJens Wiklander 7511fa71b9SJerome Forissier #if defined(MBEDTLS_SHA512_C) 7611fa71b9SJerome Forissier #define MBEDTLS_MD_MAX_BLOCK_SIZE 128 7711fa71b9SJerome Forissier #else 7811fa71b9SJerome Forissier #define MBEDTLS_MD_MAX_BLOCK_SIZE 64 7911fa71b9SJerome Forissier #endif 8011fa71b9SJerome Forissier 81817466cbSJens Wiklander /** 823d3b0591SJens Wiklander * Opaque struct defined in md_internal.h. 83817466cbSJens Wiklander */ 84817466cbSJens Wiklander typedef struct mbedtls_md_info_t mbedtls_md_info_t; 85817466cbSJens Wiklander 86817466cbSJens Wiklander /** 873d3b0591SJens Wiklander * The generic message-digest context. 88817466cbSJens Wiklander */ 893d3b0591SJens Wiklander typedef struct mbedtls_md_context_t 903d3b0591SJens Wiklander { 913d3b0591SJens Wiklander /** Information about the associated message digest. */ 92817466cbSJens Wiklander const mbedtls_md_info_t *md_info; 93817466cbSJens Wiklander 943d3b0591SJens Wiklander /** The digest-specific context. */ 95817466cbSJens Wiklander void *md_ctx; 96817466cbSJens Wiklander 973d3b0591SJens Wiklander /** The HMAC part of the context. */ 98817466cbSJens Wiklander void *hmac_ctx; 99817466cbSJens Wiklander } mbedtls_md_context_t; 100817466cbSJens Wiklander 101817466cbSJens Wiklander /** 1023d3b0591SJens Wiklander * \brief This function returns the list of digests supported by the 1033d3b0591SJens Wiklander * generic digest module. 104817466cbSJens Wiklander * 105*7901324dSJerome Forissier * \note The list starts with the strongest available hashes. 106*7901324dSJerome Forissier * 1073d3b0591SJens Wiklander * \return A statically allocated array of digests. Each element 1083d3b0591SJens Wiklander * in the returned list is an integer belonging to the 1093d3b0591SJens Wiklander * message-digest enumeration #mbedtls_md_type_t. 1103d3b0591SJens Wiklander * The last entry is 0. 111817466cbSJens Wiklander */ 112817466cbSJens Wiklander const int *mbedtls_md_list( void ); 113817466cbSJens Wiklander 114817466cbSJens Wiklander /** 1153d3b0591SJens Wiklander * \brief This function returns the message-digest information 1163d3b0591SJens Wiklander * associated with the given digest name. 117817466cbSJens Wiklander * 1183d3b0591SJens Wiklander * \param md_name The name of the digest to search for. 119817466cbSJens Wiklander * 1203d3b0591SJens Wiklander * \return The message-digest information associated with \p md_name. 1213d3b0591SJens Wiklander * \return NULL if the associated message-digest information is not found. 122817466cbSJens Wiklander */ 123817466cbSJens Wiklander const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ); 124817466cbSJens Wiklander 125817466cbSJens Wiklander /** 1263d3b0591SJens Wiklander * \brief This function returns the message-digest information 1273d3b0591SJens Wiklander * associated with the given digest type. 128817466cbSJens Wiklander * 1293d3b0591SJens Wiklander * \param md_type The type of digest to search for. 130817466cbSJens Wiklander * 1313d3b0591SJens Wiklander * \return The message-digest information associated with \p md_type. 1323d3b0591SJens Wiklander * \return NULL if the associated message-digest information is not found. 133817466cbSJens Wiklander */ 134817466cbSJens Wiklander const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ); 135817466cbSJens Wiklander 136817466cbSJens Wiklander /** 1373d3b0591SJens Wiklander * \brief This function initializes a message-digest context without 1383d3b0591SJens Wiklander * binding it to a particular message-digest algorithm. 1393d3b0591SJens Wiklander * 1403d3b0591SJens Wiklander * This function should always be called first. It prepares the 1413d3b0591SJens Wiklander * context for mbedtls_md_setup() for binding it to a 1423d3b0591SJens Wiklander * message-digest algorithm. 143817466cbSJens Wiklander */ 144817466cbSJens Wiklander void mbedtls_md_init( mbedtls_md_context_t *ctx ); 145817466cbSJens Wiklander 146817466cbSJens Wiklander /** 1473d3b0591SJens Wiklander * \brief This function clears the internal structure of \p ctx and 1483d3b0591SJens Wiklander * frees any embedded internal structure, but does not free 1493d3b0591SJens Wiklander * \p ctx itself. 1503d3b0591SJens Wiklander * 1513d3b0591SJens Wiklander * If you have called mbedtls_md_setup() on \p ctx, you must 1523d3b0591SJens Wiklander * call mbedtls_md_free() when you are no longer using the 1533d3b0591SJens Wiklander * context. 1543d3b0591SJens Wiklander * Calling this function if you have previously 1553d3b0591SJens Wiklander * called mbedtls_md_init() and nothing else is optional. 1563d3b0591SJens Wiklander * You must not call this function if you have not called 1573d3b0591SJens Wiklander * mbedtls_md_init(). 158817466cbSJens Wiklander */ 159817466cbSJens Wiklander void mbedtls_md_free( mbedtls_md_context_t *ctx ); 160817466cbSJens Wiklander 161817466cbSJens Wiklander #if ! defined(MBEDTLS_DEPRECATED_REMOVED) 162817466cbSJens Wiklander #if defined(MBEDTLS_DEPRECATED_WARNING) 163817466cbSJens Wiklander #define MBEDTLS_DEPRECATED __attribute__((deprecated)) 164817466cbSJens Wiklander #else 165817466cbSJens Wiklander #define MBEDTLS_DEPRECATED 166817466cbSJens Wiklander #endif 167817466cbSJens Wiklander /** 1683d3b0591SJens Wiklander * \brief This function selects the message digest algorithm to use, 1693d3b0591SJens Wiklander * and allocates internal structures. 1703d3b0591SJens Wiklander * 1713d3b0591SJens Wiklander * It should be called after mbedtls_md_init() or mbedtls_md_free(). 172817466cbSJens Wiklander * Makes it necessary to call mbedtls_md_free() later. 173817466cbSJens Wiklander * 174817466cbSJens Wiklander * \deprecated Superseded by mbedtls_md_setup() in 2.0.0 175817466cbSJens Wiklander * 1763d3b0591SJens Wiklander * \param ctx The context to set up. 1773d3b0591SJens Wiklander * \param md_info The information structure of the message-digest algorithm 1783d3b0591SJens Wiklander * to use. 179817466cbSJens Wiklander * 1803d3b0591SJens Wiklander * \return \c 0 on success. 1813d3b0591SJens Wiklander * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 1823d3b0591SJens Wiklander * failure. 1833d3b0591SJens Wiklander * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. 184817466cbSJens Wiklander */ 185817466cbSJens Wiklander int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED; 186817466cbSJens Wiklander #undef MBEDTLS_DEPRECATED 187817466cbSJens Wiklander #endif /* MBEDTLS_DEPRECATED_REMOVED */ 188817466cbSJens Wiklander 189817466cbSJens Wiklander /** 1903d3b0591SJens Wiklander * \brief This function selects the message digest algorithm to use, 1913d3b0591SJens Wiklander * and allocates internal structures. 192817466cbSJens Wiklander * 1933d3b0591SJens Wiklander * It should be called after mbedtls_md_init() or 1943d3b0591SJens Wiklander * mbedtls_md_free(). Makes it necessary to call 1953d3b0591SJens Wiklander * mbedtls_md_free() later. 196817466cbSJens Wiklander * 1973d3b0591SJens Wiklander * \param ctx The context to set up. 1983d3b0591SJens Wiklander * \param md_info The information structure of the message-digest algorithm 1993d3b0591SJens Wiklander * to use. 2003d3b0591SJens Wiklander * \param hmac Defines if HMAC is used. 0: HMAC is not used (saves some memory), 2013d3b0591SJens Wiklander * or non-zero: HMAC is used with this context. 2023d3b0591SJens Wiklander * 2033d3b0591SJens Wiklander * \return \c 0 on success. 2043d3b0591SJens Wiklander * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 2053d3b0591SJens Wiklander * failure. 2063d3b0591SJens Wiklander * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. 207817466cbSJens Wiklander */ 208817466cbSJens Wiklander int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ); 209817466cbSJens Wiklander 210817466cbSJens Wiklander /** 2113d3b0591SJens Wiklander * \brief This function clones the state of an message-digest 2123d3b0591SJens Wiklander * context. 213817466cbSJens Wiklander * 2143d3b0591SJens Wiklander * \note You must call mbedtls_md_setup() on \c dst before calling 2153d3b0591SJens Wiklander * this function. 216817466cbSJens Wiklander * 2173d3b0591SJens Wiklander * \note The two contexts must have the same type, 2183d3b0591SJens Wiklander * for example, both are SHA-256. 219817466cbSJens Wiklander * 2203d3b0591SJens Wiklander * \warning This function clones the message-digest state, not the 2213d3b0591SJens Wiklander * HMAC state. 222817466cbSJens Wiklander * 2233d3b0591SJens Wiklander * \param dst The destination context. 2243d3b0591SJens Wiklander * \param src The context to be cloned. 2253d3b0591SJens Wiklander * 2263d3b0591SJens Wiklander * \return \c 0 on success. 2273d3b0591SJens Wiklander * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification failure. 228817466cbSJens Wiklander */ 229817466cbSJens Wiklander int mbedtls_md_clone( mbedtls_md_context_t *dst, 230817466cbSJens Wiklander const mbedtls_md_context_t *src ); 231817466cbSJens Wiklander 232817466cbSJens Wiklander /** 2333d3b0591SJens Wiklander * \brief This function extracts the message-digest size from the 2343d3b0591SJens Wiklander * message-digest information structure. 235817466cbSJens Wiklander * 2363d3b0591SJens Wiklander * \param md_info The information structure of the message-digest algorithm 2373d3b0591SJens Wiklander * to use. 238817466cbSJens Wiklander * 2393d3b0591SJens Wiklander * \return The size of the message-digest output in Bytes. 240817466cbSJens Wiklander */ 241817466cbSJens Wiklander unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ); 242817466cbSJens Wiklander 243817466cbSJens Wiklander /** 2443d3b0591SJens Wiklander * \brief This function extracts the message-digest type from the 2453d3b0591SJens Wiklander * message-digest information structure. 246817466cbSJens Wiklander * 2473d3b0591SJens Wiklander * \param md_info The information structure of the message-digest algorithm 2483d3b0591SJens Wiklander * to use. 249817466cbSJens Wiklander * 2503d3b0591SJens Wiklander * \return The type of the message digest. 251817466cbSJens Wiklander */ 252817466cbSJens Wiklander mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ); 253817466cbSJens Wiklander 254817466cbSJens Wiklander /** 2553d3b0591SJens Wiklander * \brief This function extracts the message-digest name from the 2563d3b0591SJens Wiklander * message-digest information structure. 257817466cbSJens Wiklander * 2583d3b0591SJens Wiklander * \param md_info The information structure of the message-digest algorithm 2593d3b0591SJens Wiklander * to use. 260817466cbSJens Wiklander * 2613d3b0591SJens Wiklander * \return The name of the message digest. 262817466cbSJens Wiklander */ 263817466cbSJens Wiklander const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ); 264817466cbSJens Wiklander 265817466cbSJens Wiklander /** 2663d3b0591SJens Wiklander * \brief This function starts a message-digest computation. 267817466cbSJens Wiklander * 2683d3b0591SJens Wiklander * You must call this function after setting up the context 2693d3b0591SJens Wiklander * with mbedtls_md_setup(), and before passing data with 2703d3b0591SJens Wiklander * mbedtls_md_update(). 271817466cbSJens Wiklander * 2723d3b0591SJens Wiklander * \param ctx The generic message-digest context. 2733d3b0591SJens Wiklander * 2743d3b0591SJens Wiklander * \return \c 0 on success. 2753d3b0591SJens Wiklander * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 2763d3b0591SJens Wiklander * failure. 277817466cbSJens Wiklander */ 278817466cbSJens Wiklander int mbedtls_md_starts( mbedtls_md_context_t *ctx ); 279817466cbSJens Wiklander 280817466cbSJens Wiklander /** 2813d3b0591SJens Wiklander * \brief This function feeds an input buffer into an ongoing 2823d3b0591SJens Wiklander * message-digest computation. 283817466cbSJens Wiklander * 2843d3b0591SJens Wiklander * You must call mbedtls_md_starts() before calling this 2853d3b0591SJens Wiklander * function. You may call this function multiple times. 2863d3b0591SJens Wiklander * Afterwards, call mbedtls_md_finish(). 287817466cbSJens Wiklander * 2883d3b0591SJens Wiklander * \param ctx The generic message-digest context. 2893d3b0591SJens Wiklander * \param input The buffer holding the input data. 2903d3b0591SJens Wiklander * \param ilen The length of the input data. 2913d3b0591SJens Wiklander * 2923d3b0591SJens Wiklander * \return \c 0 on success. 2933d3b0591SJens Wiklander * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 2943d3b0591SJens Wiklander * failure. 295817466cbSJens Wiklander */ 296817466cbSJens Wiklander int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ); 297817466cbSJens Wiklander 298817466cbSJens Wiklander /** 2993d3b0591SJens Wiklander * \brief This function finishes the digest operation, 3003d3b0591SJens Wiklander * and writes the result to the output buffer. 301817466cbSJens Wiklander * 3023d3b0591SJens Wiklander * Call this function after a call to mbedtls_md_starts(), 3033d3b0591SJens Wiklander * followed by any number of calls to mbedtls_md_update(). 3043d3b0591SJens Wiklander * Afterwards, you may either clear the context with 3053d3b0591SJens Wiklander * mbedtls_md_free(), or call mbedtls_md_starts() to reuse 3063d3b0591SJens Wiklander * the context for another digest operation with the same 3073d3b0591SJens Wiklander * algorithm. 308817466cbSJens Wiklander * 3093d3b0591SJens Wiklander * \param ctx The generic message-digest context. 3103d3b0591SJens Wiklander * \param output The buffer for the generic message-digest checksum result. 3113d3b0591SJens Wiklander * 3123d3b0591SJens Wiklander * \return \c 0 on success. 3133d3b0591SJens Wiklander * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 3143d3b0591SJens Wiklander * failure. 315817466cbSJens Wiklander */ 316817466cbSJens Wiklander int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ); 317817466cbSJens Wiklander 318817466cbSJens Wiklander /** 3193d3b0591SJens Wiklander * \brief This function calculates the message-digest of a buffer, 3203d3b0591SJens Wiklander * with respect to a configurable message-digest algorithm 3213d3b0591SJens Wiklander * in a single call. 322817466cbSJens Wiklander * 3233d3b0591SJens Wiklander * The result is calculated as 3243d3b0591SJens Wiklander * Output = message_digest(input buffer). 325817466cbSJens Wiklander * 3263d3b0591SJens Wiklander * \param md_info The information structure of the message-digest algorithm 3273d3b0591SJens Wiklander * to use. 3283d3b0591SJens Wiklander * \param input The buffer holding the data. 3293d3b0591SJens Wiklander * \param ilen The length of the input data. 3303d3b0591SJens Wiklander * \param output The generic message-digest checksum result. 3313d3b0591SJens Wiklander * 3323d3b0591SJens Wiklander * \return \c 0 on success. 3333d3b0591SJens Wiklander * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 3343d3b0591SJens Wiklander * failure. 335817466cbSJens Wiklander */ 336817466cbSJens Wiklander int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, 337817466cbSJens Wiklander unsigned char *output ); 338817466cbSJens Wiklander 339817466cbSJens Wiklander #if defined(MBEDTLS_FS_IO) 340817466cbSJens Wiklander /** 3413d3b0591SJens Wiklander * \brief This function calculates the message-digest checksum 3423d3b0591SJens Wiklander * result of the contents of the provided file. 343817466cbSJens Wiklander * 3443d3b0591SJens Wiklander * The result is calculated as 3453d3b0591SJens Wiklander * Output = message_digest(file contents). 346817466cbSJens Wiklander * 3473d3b0591SJens Wiklander * \param md_info The information structure of the message-digest algorithm 3483d3b0591SJens Wiklander * to use. 3493d3b0591SJens Wiklander * \param path The input file name. 3503d3b0591SJens Wiklander * \param output The generic message-digest checksum result. 3513d3b0591SJens Wiklander * 3523d3b0591SJens Wiklander * \return \c 0 on success. 3533d3b0591SJens Wiklander * \return #MBEDTLS_ERR_MD_FILE_IO_ERROR on an I/O error accessing 3543d3b0591SJens Wiklander * the file pointed by \p path. 3553d3b0591SJens Wiklander * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL. 356817466cbSJens Wiklander */ 357817466cbSJens Wiklander int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, 358817466cbSJens Wiklander unsigned char *output ); 359817466cbSJens Wiklander #endif /* MBEDTLS_FS_IO */ 360817466cbSJens Wiklander 361817466cbSJens Wiklander /** 3623d3b0591SJens Wiklander * \brief This function sets the HMAC key and prepares to 3633d3b0591SJens Wiklander * authenticate a new message. 364817466cbSJens Wiklander * 3653d3b0591SJens Wiklander * Call this function after mbedtls_md_setup(), to use 3663d3b0591SJens Wiklander * the MD context for an HMAC calculation, then call 3673d3b0591SJens Wiklander * mbedtls_md_hmac_update() to provide the input data, and 3683d3b0591SJens Wiklander * mbedtls_md_hmac_finish() to get the HMAC value. 369817466cbSJens Wiklander * 3703d3b0591SJens Wiklander * \param ctx The message digest context containing an embedded HMAC 3713d3b0591SJens Wiklander * context. 3723d3b0591SJens Wiklander * \param key The HMAC secret key. 3733d3b0591SJens Wiklander * \param keylen The length of the HMAC key in Bytes. 3743d3b0591SJens Wiklander * 3753d3b0591SJens Wiklander * \return \c 0 on success. 3763d3b0591SJens Wiklander * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 3773d3b0591SJens Wiklander * failure. 378817466cbSJens Wiklander */ 379817466cbSJens Wiklander int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, 380817466cbSJens Wiklander size_t keylen ); 381817466cbSJens Wiklander 382817466cbSJens Wiklander /** 3833d3b0591SJens Wiklander * \brief This function feeds an input buffer into an ongoing HMAC 3843d3b0591SJens Wiklander * computation. 385817466cbSJens Wiklander * 3863d3b0591SJens Wiklander * Call mbedtls_md_hmac_starts() or mbedtls_md_hmac_reset() 3873d3b0591SJens Wiklander * before calling this function. 3883d3b0591SJens Wiklander * You may call this function multiple times to pass the 3893d3b0591SJens Wiklander * input piecewise. 3903d3b0591SJens Wiklander * Afterwards, call mbedtls_md_hmac_finish(). 391817466cbSJens Wiklander * 3923d3b0591SJens Wiklander * \param ctx The message digest context containing an embedded HMAC 3933d3b0591SJens Wiklander * context. 3943d3b0591SJens Wiklander * \param input The buffer holding the input data. 3953d3b0591SJens Wiklander * \param ilen The length of the input data. 3963d3b0591SJens Wiklander * 3973d3b0591SJens Wiklander * \return \c 0 on success. 3983d3b0591SJens Wiklander * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 3993d3b0591SJens Wiklander * failure. 400817466cbSJens Wiklander */ 401817466cbSJens Wiklander int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, 402817466cbSJens Wiklander size_t ilen ); 403817466cbSJens Wiklander 404817466cbSJens Wiklander /** 4053d3b0591SJens Wiklander * \brief This function finishes the HMAC operation, and writes 4063d3b0591SJens Wiklander * the result to the output buffer. 407817466cbSJens Wiklander * 4083d3b0591SJens Wiklander * Call this function after mbedtls_md_hmac_starts() and 4093d3b0591SJens Wiklander * mbedtls_md_hmac_update() to get the HMAC value. Afterwards 4103d3b0591SJens Wiklander * you may either call mbedtls_md_free() to clear the context, 4113d3b0591SJens Wiklander * or call mbedtls_md_hmac_reset() to reuse the context with 4123d3b0591SJens Wiklander * the same HMAC key. 413817466cbSJens Wiklander * 4143d3b0591SJens Wiklander * \param ctx The message digest context containing an embedded HMAC 4153d3b0591SJens Wiklander * context. 4163d3b0591SJens Wiklander * \param output The generic HMAC checksum result. 4173d3b0591SJens Wiklander * 4183d3b0591SJens Wiklander * \return \c 0 on success. 4193d3b0591SJens Wiklander * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 4203d3b0591SJens Wiklander * failure. 421817466cbSJens Wiklander */ 422817466cbSJens Wiklander int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output); 423817466cbSJens Wiklander 424817466cbSJens Wiklander /** 4253d3b0591SJens Wiklander * \brief This function prepares to authenticate a new message with 4263d3b0591SJens Wiklander * the same key as the previous HMAC operation. 427817466cbSJens Wiklander * 4283d3b0591SJens Wiklander * You may call this function after mbedtls_md_hmac_finish(). 4293d3b0591SJens Wiklander * Afterwards call mbedtls_md_hmac_update() to pass the new 4303d3b0591SJens Wiklander * input. 431817466cbSJens Wiklander * 4323d3b0591SJens Wiklander * \param ctx The message digest context containing an embedded HMAC 4333d3b0591SJens Wiklander * context. 4343d3b0591SJens Wiklander * 4353d3b0591SJens Wiklander * \return \c 0 on success. 4363d3b0591SJens Wiklander * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 4373d3b0591SJens Wiklander * failure. 438817466cbSJens Wiklander */ 439817466cbSJens Wiklander int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ); 440817466cbSJens Wiklander 441817466cbSJens Wiklander /** 4423d3b0591SJens Wiklander * \brief This function calculates the full generic HMAC 4433d3b0591SJens Wiklander * on the input buffer with the provided key. 444817466cbSJens Wiklander * 4453d3b0591SJens Wiklander * The function allocates the context, performs the 4463d3b0591SJens Wiklander * calculation, and frees the context. 447817466cbSJens Wiklander * 4483d3b0591SJens Wiklander * The HMAC result is calculated as 4493d3b0591SJens Wiklander * output = generic HMAC(hmac key, input buffer). 4503d3b0591SJens Wiklander * 4513d3b0591SJens Wiklander * \param md_info The information structure of the message-digest algorithm 4523d3b0591SJens Wiklander * to use. 4533d3b0591SJens Wiklander * \param key The HMAC secret key. 4543d3b0591SJens Wiklander * \param keylen The length of the HMAC secret key in Bytes. 4553d3b0591SJens Wiklander * \param input The buffer holding the input data. 4563d3b0591SJens Wiklander * \param ilen The length of the input data. 4573d3b0591SJens Wiklander * \param output The generic HMAC result. 4583d3b0591SJens Wiklander * 4593d3b0591SJens Wiklander * \return \c 0 on success. 4603d3b0591SJens Wiklander * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification 4613d3b0591SJens Wiklander * failure. 462817466cbSJens Wiklander */ 463817466cbSJens Wiklander int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen, 464817466cbSJens Wiklander const unsigned char *input, size_t ilen, 465817466cbSJens Wiklander unsigned char *output ); 466817466cbSJens Wiklander 467817466cbSJens Wiklander /* Internal use */ 468817466cbSJens Wiklander int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ); 469817466cbSJens Wiklander 470817466cbSJens Wiklander #ifdef __cplusplus 471817466cbSJens Wiklander } 472817466cbSJens Wiklander #endif 473817466cbSJens Wiklander 474817466cbSJens Wiklander #endif /* MBEDTLS_MD_H */ 475