include/mbedtls/md.h

*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \file md.h
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \brief Generic message digest wrapper
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \author Adriaan de Jong <dejong@fox-it.com>
*817466cbSJens Wiklander *
*817466cbSJens Wiklander *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
*817466cbSJens Wiklander *  SPDX-License-Identifier: Apache-2.0
*817466cbSJens Wiklander *
*817466cbSJens Wiklander *  Licensed under the Apache License, Version 2.0 (the "License"); you may
*817466cbSJens Wiklander *  not use this file except in compliance with the License.
*817466cbSJens Wiklander *  You may obtain a copy of the License at
*817466cbSJens Wiklander *
*817466cbSJens Wiklander *  http://www.apache.org/licenses/LICENSE-2.0
*817466cbSJens Wiklander *
*817466cbSJens Wiklander *  Unless required by applicable law or agreed to in writing, software
*817466cbSJens Wiklander *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
*817466cbSJens Wiklander *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
*817466cbSJens Wiklander *  See the License for the specific language governing permissions and
*817466cbSJens Wiklander *  limitations under the License.
*817466cbSJens Wiklander *
*817466cbSJens Wiklander *  This file is part of mbed TLS (https://tls.mbed.org)
*817466cbSJens Wiklander */
*817466cbSJens Wiklander#ifndef MBEDTLS_MD_H
*817466cbSJens Wiklander#define MBEDTLS_MD_H
*817466cbSJens Wiklander
*817466cbSJens Wiklander#include <stddef.h>
*817466cbSJens Wiklander
*817466cbSJens Wiklander#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE                -0x5080  /**< The selected feature is not available. */
*817466cbSJens Wiklander#define MBEDTLS_ERR_MD_BAD_INPUT_DATA                     -0x5100  /**< Bad input parameters to function. */
*817466cbSJens Wiklander#define MBEDTLS_ERR_MD_ALLOC_FAILED                       -0x5180  /**< Failed to allocate memory. */
*817466cbSJens Wiklander#define MBEDTLS_ERR_MD_FILE_IO_ERROR                      -0x5200  /**< Opening or reading of file failed. */
*817466cbSJens Wiklander
*817466cbSJens Wiklander#ifdef __cplusplus
*817466cbSJens Wiklanderextern "C" {
*817466cbSJens Wiklander#endif
*817466cbSJens Wiklander
*817466cbSJens Wiklandertypedef enum {
*817466cbSJens Wiklander    MBEDTLS_MD_NONE=0,
*817466cbSJens Wiklander    MBEDTLS_MD_MD2,
*817466cbSJens Wiklander    MBEDTLS_MD_MD4,
*817466cbSJens Wiklander    MBEDTLS_MD_MD5,
*817466cbSJens Wiklander    MBEDTLS_MD_SHA1,
*817466cbSJens Wiklander    MBEDTLS_MD_SHA224,
*817466cbSJens Wiklander    MBEDTLS_MD_SHA256,
*817466cbSJens Wiklander    MBEDTLS_MD_SHA384,
*817466cbSJens Wiklander    MBEDTLS_MD_SHA512,
*817466cbSJens Wiklander    MBEDTLS_MD_RIPEMD160,
*817466cbSJens Wiklander} mbedtls_md_type_t;
*817466cbSJens Wiklander
*817466cbSJens Wiklander#if defined(MBEDTLS_SHA512_C)
*817466cbSJens Wiklander#define MBEDTLS_MD_MAX_SIZE         64  /* longest known is SHA512 */
*817466cbSJens Wiklander#else
*817466cbSJens Wiklander#define MBEDTLS_MD_MAX_SIZE         32  /* longest known is SHA256 or less */
*817466cbSJens Wiklander#endif
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * Opaque struct defined in md_internal.h
*817466cbSJens Wiklander */
*817466cbSJens Wiklandertypedef struct mbedtls_md_info_t mbedtls_md_info_t;
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * Generic message digest context.
*817466cbSJens Wiklander */
*817466cbSJens Wiklandertypedef struct {
*817466cbSJens Wiklander    /** Information about the associated message digest */
*817466cbSJens Wiklander    const mbedtls_md_info_t *md_info;
*817466cbSJens Wiklander
*817466cbSJens Wiklander    /** Digest-specific context */
*817466cbSJens Wiklander    void *md_ctx;
*817466cbSJens Wiklander
*817466cbSJens Wiklander    /** HMAC part of the context */
*817466cbSJens Wiklander    void *hmac_ctx;
*817466cbSJens Wiklander} mbedtls_md_context_t;
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief Returns the list of digests supported by the generic digest module.
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \return          a statically allocated array of digests, the last entry
*817466cbSJens Wiklander *                  is 0.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderconst int *mbedtls_md_list( void );
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Returns the message digest information associated with the
*817466cbSJens Wiklander *                  given digest name.
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param md_name   Name of the digest to search for.
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \return          The message digest information associated with md_name or
*817466cbSJens Wiklander *                  NULL if not found.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderconst mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name );
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Returns the message digest information associated with the
*817466cbSJens Wiklander *                  given digest type.
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param md_type   type of digest to search for.
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \return          The message digest information associated with md_type or
*817466cbSJens Wiklander *                  NULL if not found.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderconst mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type );
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Initialize a md_context (as NONE)
*817466cbSJens Wiklander *                  This should always be called first.
*817466cbSJens Wiklander *                  Prepares the context for mbedtls_md_setup() or mbedtls_md_free().
*817466cbSJens Wiklander */
*817466cbSJens Wiklandervoid mbedtls_md_init( mbedtls_md_context_t *ctx );
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Free and clear the internal structures of ctx.
*817466cbSJens Wiklander *                  Can be called at any time after mbedtls_md_init().
*817466cbSJens Wiklander *                  Mandatory once mbedtls_md_setup() has been called.
*817466cbSJens Wiklander */
*817466cbSJens Wiklandervoid mbedtls_md_free( mbedtls_md_context_t *ctx );
*817466cbSJens Wiklander
*817466cbSJens Wiklander#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
*817466cbSJens Wiklander#if defined(MBEDTLS_DEPRECATED_WARNING)
*817466cbSJens Wiklander#define MBEDTLS_DEPRECATED    __attribute__((deprecated))
*817466cbSJens Wiklander#else
*817466cbSJens Wiklander#define MBEDTLS_DEPRECATED
*817466cbSJens Wiklander#endif
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Select MD to use and allocate internal structures.
*817466cbSJens Wiklander *                  Should be called after mbedtls_md_init() or mbedtls_md_free().
*817466cbSJens Wiklander *                  Makes it necessary to call mbedtls_md_free() later.
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \deprecated      Superseded by mbedtls_md_setup() in 2.0.0
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param ctx       Context to set up.
*817466cbSJens Wiklander * \param md_info   Message digest to use.
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \returns         \c 0 on success,
*817466cbSJens Wiklander *                  \c MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure,
*817466cbSJens Wiklander *                  \c MBEDTLS_ERR_MD_ALLOC_FAILED memory allocation failure.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderint mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED;
*817466cbSJens Wiklander#undef MBEDTLS_DEPRECATED
*817466cbSJens Wiklander#endif /* MBEDTLS_DEPRECATED_REMOVED */
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Select MD to use and allocate internal structures.
*817466cbSJens Wiklander *                  Should be called after mbedtls_md_init() or mbedtls_md_free().
*817466cbSJens Wiklander *                  Makes it necessary to call mbedtls_md_free() later.
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param ctx       Context to set up.
*817466cbSJens Wiklander * \param md_info   Message digest to use.
*817466cbSJens Wiklander * \param hmac      0 to save some memory if HMAC will not be used,
*817466cbSJens Wiklander *                  non-zero is HMAC is going to be used with this context.
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \returns         \c 0 on success,
*817466cbSJens Wiklander *                  \c MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure,
*817466cbSJens Wiklander *                  \c MBEDTLS_ERR_MD_ALLOC_FAILED memory allocation failure.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderint mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac );
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Clone the state of an MD context
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \note            The two contexts must have been setup to the same type
*817466cbSJens Wiklander *                  (cloning from SHA-256 to SHA-512 make no sense).
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \warning         Only clones the MD state, not the HMAC state! (for now)
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param dst       The destination context
*817466cbSJens Wiklander * \param src       The context to be cloned
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \return          \c 0 on success,
*817466cbSJens Wiklander *                  \c MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderint mbedtls_md_clone( mbedtls_md_context_t *dst,
*817466cbSJens Wiklander                      const mbedtls_md_context_t *src );
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Returns the size of the message digest output.
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param md_info   message digest info
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \return          size of the message digest output in bytes.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderunsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info );
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Returns the type of the message digest output.
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param md_info   message digest info
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \return          type of the message digest output.
*817466cbSJens Wiklander */
*817466cbSJens Wiklandermbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info );
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Returns the name of the message digest output.
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param md_info   message digest info
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \return          name of the message digest output.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderconst char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info );
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Prepare the context to digest a new message.
*817466cbSJens Wiklander *                  Generally called after mbedtls_md_setup() or mbedtls_md_finish().
*817466cbSJens Wiklander *                  Followed by mbedtls_md_update().
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param ctx       generic message digest context.
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \returns         0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
*817466cbSJens Wiklander *                  verification fails.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderint mbedtls_md_starts( mbedtls_md_context_t *ctx );
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Generic message digest process buffer
*817466cbSJens Wiklander *                  Called between mbedtls_md_starts() and mbedtls_md_finish().
*817466cbSJens Wiklander *                  May be called repeatedly.
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param ctx       Generic message digest context
*817466cbSJens Wiklander * \param input     buffer holding the  datal
*817466cbSJens Wiklander * \param ilen      length of the input data
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \returns         0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
*817466cbSJens Wiklander *                  verification fails.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderint mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen );
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Generic message digest final digest
*817466cbSJens Wiklander *                  Called after mbedtls_md_update().
*817466cbSJens Wiklander *                  Usually followed by mbedtls_md_free() or mbedtls_md_starts().
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param ctx       Generic message digest context
*817466cbSJens Wiklander * \param output    Generic message digest checksum result
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \returns         0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
*817466cbSJens Wiklander *                  verification fails.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderint mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output );
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief          Output = message_digest( input buffer )
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param md_info  message digest info
*817466cbSJens Wiklander * \param input    buffer holding the  data
*817466cbSJens Wiklander * \param ilen     length of the input data
*817466cbSJens Wiklander * \param output   Generic message digest checksum result
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \returns        0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
*817466cbSJens Wiklander *                 verification fails.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderint mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
*817466cbSJens Wiklander        unsigned char *output );
*817466cbSJens Wiklander
*817466cbSJens Wiklander#if defined(MBEDTLS_FS_IO)
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief          Output = message_digest( file contents )
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param md_info  message digest info
*817466cbSJens Wiklander * \param path     input file name
*817466cbSJens Wiklander * \param output   generic message digest checksum result
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \return         0 if successful,
*817466cbSJens Wiklander *                 MBEDTLS_ERR_MD_FILE_IO_ERROR if file input failed,
*817466cbSJens Wiklander *                 MBEDTLS_ERR_MD_BAD_INPUT_DATA if md_info was NULL.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderint mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path,
*817466cbSJens Wiklander                     unsigned char *output );
*817466cbSJens Wiklander#endif /* MBEDTLS_FS_IO */
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Set HMAC key and prepare to authenticate a new message.
*817466cbSJens Wiklander *                  Usually called after mbedtls_md_setup() or mbedtls_md_hmac_finish().
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param ctx       HMAC context
*817466cbSJens Wiklander * \param key       HMAC secret key
*817466cbSJens Wiklander * \param keylen    length of the HMAC key in bytes
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \returns         0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
*817466cbSJens Wiklander *                  verification fails.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderint mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
*817466cbSJens Wiklander                    size_t keylen );
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Generic HMAC process buffer.
*817466cbSJens Wiklander *                  Called between mbedtls_md_hmac_starts() or mbedtls_md_hmac_reset()
*817466cbSJens Wiklander *                  and mbedtls_md_hmac_finish().
*817466cbSJens Wiklander *                  May be called repeatedly.
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param ctx       HMAC context
*817466cbSJens Wiklander * \param input     buffer holding the  data
*817466cbSJens Wiklander * \param ilen      length of the input data
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \returns         0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
*817466cbSJens Wiklander *                  verification fails.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderint mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input,
*817466cbSJens Wiklander                    size_t ilen );
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Output HMAC.
*817466cbSJens Wiklander *                  Called after mbedtls_md_hmac_update().
*817466cbSJens Wiklander *                  Usually followed by mbedtls_md_hmac_reset(),
*817466cbSJens Wiklander *                  mbedtls_md_hmac_starts(), or mbedtls_md_free().
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param ctx       HMAC context
*817466cbSJens Wiklander * \param output    Generic HMAC checksum result
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \returns         0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
*817466cbSJens Wiklander *                  verification fails.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderint mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output);
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief           Prepare to authenticate a new message with the same key.
*817466cbSJens Wiklander *                  Called after mbedtls_md_hmac_finish() and before
*817466cbSJens Wiklander *                  mbedtls_md_hmac_update().
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param ctx       HMAC context to be reset
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \returns         0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
*817466cbSJens Wiklander *                  verification fails.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderint mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx );
*817466cbSJens Wiklander
*817466cbSJens Wiklander/**
*817466cbSJens Wiklander * \brief          Output = Generic_HMAC( hmac key, input buffer )
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \param md_info  message digest info
*817466cbSJens Wiklander * \param key      HMAC secret key
*817466cbSJens Wiklander * \param keylen   length of the HMAC key in bytes
*817466cbSJens Wiklander * \param input    buffer holding the  data
*817466cbSJens Wiklander * \param ilen     length of the input data
*817466cbSJens Wiklander * \param output   Generic HMAC-result
*817466cbSJens Wiklander *
*817466cbSJens Wiklander * \returns        0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
*817466cbSJens Wiklander *                 verification fails.
*817466cbSJens Wiklander */
*817466cbSJens Wiklanderint mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
*817466cbSJens Wiklander                const unsigned char *input, size_t ilen,
*817466cbSJens Wiklander                unsigned char *output );
*817466cbSJens Wiklander
*817466cbSJens Wiklander/* Internal use */
*817466cbSJens Wiklanderint mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data );
*817466cbSJens Wiklander
*817466cbSJens Wiklander#ifdef __cplusplus
*817466cbSJens Wiklander}
*817466cbSJens Wiklander#endif
*817466cbSJens Wiklander
*817466cbSJens Wiklander#endif /* MBEDTLS_MD_H */