include/mbedtls/md.h

*c6672fdcSEdison Ai/* SPDX-License-Identifier: Apache-2.0 */
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \file md.h
817466cbSJens Wiklander *
817466cbSJens Wiklander * \brief Generic message digest wrapper
817466cbSJens Wiklander *
817466cbSJens Wiklander * \author Adriaan de Jong <dejong@fox-it.com>
817466cbSJens Wiklander *
817466cbSJens Wiklander *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
817466cbSJens Wiklander *
817466cbSJens Wiklander *  Licensed under the Apache License, Version 2.0 (the "License"); you may
817466cbSJens Wiklander *  not use this file except in compliance with the License.
817466cbSJens Wiklander *  You may obtain a copy of the License at
817466cbSJens Wiklander *
817466cbSJens Wiklander *  http://www.apache.org/licenses/LICENSE-2.0
817466cbSJens Wiklander *
817466cbSJens Wiklander *  Unless required by applicable law or agreed to in writing, software
817466cbSJens Wiklander *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
817466cbSJens Wiklander *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
817466cbSJens Wiklander *  See the License for the specific language governing permissions and
817466cbSJens Wiklander *  limitations under the License.
817466cbSJens Wiklander *
817466cbSJens Wiklander *  This file is part of mbed TLS (https://tls.mbed.org)
817466cbSJens Wiklander */
817466cbSJens Wiklander#ifndef MBEDTLS_MD_H
817466cbSJens Wiklander#define MBEDTLS_MD_H
817466cbSJens Wiklander
817466cbSJens Wiklander#include <stddef.h>
817466cbSJens Wiklander
817466cbSJens Wiklander#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE                -0x5080  /**< The selected feature is not available. */
817466cbSJens Wiklander#define MBEDTLS_ERR_MD_BAD_INPUT_DATA                     -0x5100  /**< Bad input parameters to function. */
817466cbSJens Wiklander#define MBEDTLS_ERR_MD_ALLOC_FAILED                       -0x5180  /**< Failed to allocate memory. */
817466cbSJens Wiklander#define MBEDTLS_ERR_MD_FILE_IO_ERROR                      -0x5200  /**< Opening or reading of file failed. */
817466cbSJens Wiklander
817466cbSJens Wiklander#ifdef __cplusplus
817466cbSJens Wiklanderextern "C" {
817466cbSJens Wiklander#endif
817466cbSJens Wiklander
817466cbSJens Wiklandertypedef enum {
817466cbSJens Wiklander    MBEDTLS_MD_NONE=0,
817466cbSJens Wiklander    MBEDTLS_MD_MD2,
817466cbSJens Wiklander    MBEDTLS_MD_MD4,
817466cbSJens Wiklander    MBEDTLS_MD_MD5,
817466cbSJens Wiklander    MBEDTLS_MD_SHA1,
817466cbSJens Wiklander    MBEDTLS_MD_SHA224,
817466cbSJens Wiklander    MBEDTLS_MD_SHA256,
817466cbSJens Wiklander    MBEDTLS_MD_SHA384,
817466cbSJens Wiklander    MBEDTLS_MD_SHA512,
817466cbSJens Wiklander    MBEDTLS_MD_RIPEMD160,
817466cbSJens Wiklander} mbedtls_md_type_t;
817466cbSJens Wiklander
817466cbSJens Wiklander#if defined(MBEDTLS_SHA512_C)
817466cbSJens Wiklander#define MBEDTLS_MD_MAX_SIZE         64  /* longest known is SHA512 */
817466cbSJens Wiklander#else
817466cbSJens Wiklander#define MBEDTLS_MD_MAX_SIZE         32  /* longest known is SHA256 or less */
817466cbSJens Wiklander#endif
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * Opaque struct defined in md_internal.h
817466cbSJens Wiklander */
817466cbSJens Wiklandertypedef struct mbedtls_md_info_t mbedtls_md_info_t;
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * Generic message digest context.
817466cbSJens Wiklander */
817466cbSJens Wiklandertypedef struct {
817466cbSJens Wiklander    /** Information about the associated message digest */
817466cbSJens Wiklander    const mbedtls_md_info_t *md_info;
817466cbSJens Wiklander
817466cbSJens Wiklander    /** Digest-specific context */
817466cbSJens Wiklander    void *md_ctx;
817466cbSJens Wiklander
817466cbSJens Wiklander    /** HMAC part of the context */
817466cbSJens Wiklander    void *hmac_ctx;
817466cbSJens Wiklander} mbedtls_md_context_t;
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief Returns the list of digests supported by the generic digest module.
817466cbSJens Wiklander *
817466cbSJens Wiklander * \return          a statically allocated array of digests, the last entry
817466cbSJens Wiklander *                  is 0.
817466cbSJens Wiklander */
817466cbSJens Wiklanderconst int *mbedtls_md_list( void );
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Returns the message digest information associated with the
817466cbSJens Wiklander *                  given digest name.
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param md_name   Name of the digest to search for.
817466cbSJens Wiklander *
817466cbSJens Wiklander * \return          The message digest information associated with md_name or
817466cbSJens Wiklander *                  NULL if not found.
817466cbSJens Wiklander */
817466cbSJens Wiklanderconst mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name );
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Returns the message digest information associated with the
817466cbSJens Wiklander *                  given digest type.
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param md_type   type of digest to search for.
817466cbSJens Wiklander *
817466cbSJens Wiklander * \return          The message digest information associated with md_type or
817466cbSJens Wiklander *                  NULL if not found.
817466cbSJens Wiklander */
817466cbSJens Wiklanderconst mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type );
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Initialize a md_context (as NONE)
817466cbSJens Wiklander *                  This should always be called first.
817466cbSJens Wiklander *                  Prepares the context for mbedtls_md_setup() or mbedtls_md_free().
817466cbSJens Wiklander */
817466cbSJens Wiklandervoid mbedtls_md_init( mbedtls_md_context_t *ctx );
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Free and clear the internal structures of ctx.
817466cbSJens Wiklander *                  Can be called at any time after mbedtls_md_init().
817466cbSJens Wiklander *                  Mandatory once mbedtls_md_setup() has been called.
817466cbSJens Wiklander */
817466cbSJens Wiklandervoid mbedtls_md_free( mbedtls_md_context_t *ctx );
817466cbSJens Wiklander
817466cbSJens Wiklander#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
817466cbSJens Wiklander#if defined(MBEDTLS_DEPRECATED_WARNING)
817466cbSJens Wiklander#define MBEDTLS_DEPRECATED    __attribute__((deprecated))
817466cbSJens Wiklander#else
817466cbSJens Wiklander#define MBEDTLS_DEPRECATED
817466cbSJens Wiklander#endif
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Select MD to use and allocate internal structures.
817466cbSJens Wiklander *                  Should be called after mbedtls_md_init() or mbedtls_md_free().
817466cbSJens Wiklander *                  Makes it necessary to call mbedtls_md_free() later.
817466cbSJens Wiklander *
817466cbSJens Wiklander * \deprecated      Superseded by mbedtls_md_setup() in 2.0.0
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param ctx       Context to set up.
817466cbSJens Wiklander * \param md_info   Message digest to use.
817466cbSJens Wiklander *
817466cbSJens Wiklander * \returns         \c 0 on success,
817466cbSJens Wiklander *                  \c MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure,
817466cbSJens Wiklander *                  \c MBEDTLS_ERR_MD_ALLOC_FAILED memory allocation failure.
817466cbSJens Wiklander */
817466cbSJens Wiklanderint mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED;
817466cbSJens Wiklander#undef MBEDTLS_DEPRECATED
817466cbSJens Wiklander#endif /* MBEDTLS_DEPRECATED_REMOVED */
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Select MD to use and allocate internal structures.
817466cbSJens Wiklander *                  Should be called after mbedtls_md_init() or mbedtls_md_free().
817466cbSJens Wiklander *                  Makes it necessary to call mbedtls_md_free() later.
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param ctx       Context to set up.
817466cbSJens Wiklander * \param md_info   Message digest to use.
817466cbSJens Wiklander * \param hmac      0 to save some memory if HMAC will not be used,
817466cbSJens Wiklander *                  non-zero is HMAC is going to be used with this context.
817466cbSJens Wiklander *
817466cbSJens Wiklander * \returns         \c 0 on success,
817466cbSJens Wiklander *                  \c MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure,
817466cbSJens Wiklander *                  \c MBEDTLS_ERR_MD_ALLOC_FAILED memory allocation failure.
817466cbSJens Wiklander */
817466cbSJens Wiklanderint mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac );
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Clone the state of an MD context
817466cbSJens Wiklander *
817466cbSJens Wiklander * \note            The two contexts must have been setup to the same type
817466cbSJens Wiklander *                  (cloning from SHA-256 to SHA-512 make no sense).
817466cbSJens Wiklander *
817466cbSJens Wiklander * \warning         Only clones the MD state, not the HMAC state! (for now)
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param dst       The destination context
817466cbSJens Wiklander * \param src       The context to be cloned
817466cbSJens Wiklander *
817466cbSJens Wiklander * \return          \c 0 on success,
817466cbSJens Wiklander *                  \c MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure.
817466cbSJens Wiklander */
817466cbSJens Wiklanderint mbedtls_md_clone( mbedtls_md_context_t *dst,
817466cbSJens Wiklander                      const mbedtls_md_context_t *src );
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Returns the size of the message digest output.
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param md_info   message digest info
817466cbSJens Wiklander *
817466cbSJens Wiklander * \return          size of the message digest output in bytes.
817466cbSJens Wiklander */
817466cbSJens Wiklanderunsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info );
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Returns the type of the message digest output.
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param md_info   message digest info
817466cbSJens Wiklander *
817466cbSJens Wiklander * \return          type of the message digest output.
817466cbSJens Wiklander */
817466cbSJens Wiklandermbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info );
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Returns the name of the message digest output.
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param md_info   message digest info
817466cbSJens Wiklander *
817466cbSJens Wiklander * \return          name of the message digest output.
817466cbSJens Wiklander */
817466cbSJens Wiklanderconst char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info );
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Prepare the context to digest a new message.
817466cbSJens Wiklander *                  Generally called after mbedtls_md_setup() or mbedtls_md_finish().
817466cbSJens Wiklander *                  Followed by mbedtls_md_update().
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param ctx       generic message digest context.
817466cbSJens Wiklander *
817466cbSJens Wiklander * \returns         0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
817466cbSJens Wiklander *                  verification fails.
817466cbSJens Wiklander */
817466cbSJens Wiklanderint mbedtls_md_starts( mbedtls_md_context_t *ctx );
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Generic message digest process buffer
817466cbSJens Wiklander *                  Called between mbedtls_md_starts() and mbedtls_md_finish().
817466cbSJens Wiklander *                  May be called repeatedly.
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param ctx       Generic message digest context
817466cbSJens Wiklander * \param input     buffer holding the  datal
817466cbSJens Wiklander * \param ilen      length of the input data
817466cbSJens Wiklander *
817466cbSJens Wiklander * \returns         0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
817466cbSJens Wiklander *                  verification fails.
817466cbSJens Wiklander */
817466cbSJens Wiklanderint mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen );
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Generic message digest final digest
817466cbSJens Wiklander *                  Called after mbedtls_md_update().
817466cbSJens Wiklander *                  Usually followed by mbedtls_md_free() or mbedtls_md_starts().
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param ctx       Generic message digest context
817466cbSJens Wiklander * \param output    Generic message digest checksum result
817466cbSJens Wiklander *
817466cbSJens Wiklander * \returns         0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
817466cbSJens Wiklander *                  verification fails.
817466cbSJens Wiklander */
817466cbSJens Wiklanderint mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output );
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief          Output = message_digest( input buffer )
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param md_info  message digest info
817466cbSJens Wiklander * \param input    buffer holding the  data
817466cbSJens Wiklander * \param ilen     length of the input data
817466cbSJens Wiklander * \param output   Generic message digest checksum result
817466cbSJens Wiklander *
817466cbSJens Wiklander * \returns        0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
817466cbSJens Wiklander *                 verification fails.
817466cbSJens Wiklander */
817466cbSJens Wiklanderint mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
817466cbSJens Wiklander        unsigned char *output );
817466cbSJens Wiklander
817466cbSJens Wiklander#if defined(MBEDTLS_FS_IO)
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief          Output = message_digest( file contents )
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param md_info  message digest info
817466cbSJens Wiklander * \param path     input file name
817466cbSJens Wiklander * \param output   generic message digest checksum result
817466cbSJens Wiklander *
817466cbSJens Wiklander * \return         0 if successful,
817466cbSJens Wiklander *                 MBEDTLS_ERR_MD_FILE_IO_ERROR if file input failed,
817466cbSJens Wiklander *                 MBEDTLS_ERR_MD_BAD_INPUT_DATA if md_info was NULL.
817466cbSJens Wiklander */
817466cbSJens Wiklanderint mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path,
817466cbSJens Wiklander                     unsigned char *output );
817466cbSJens Wiklander#endif /* MBEDTLS_FS_IO */
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Set HMAC key and prepare to authenticate a new message.
817466cbSJens Wiklander *                  Usually called after mbedtls_md_setup() or mbedtls_md_hmac_finish().
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param ctx       HMAC context
817466cbSJens Wiklander * \param key       HMAC secret key
817466cbSJens Wiklander * \param keylen    length of the HMAC key in bytes
817466cbSJens Wiklander *
817466cbSJens Wiklander * \returns         0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
817466cbSJens Wiklander *                  verification fails.
817466cbSJens Wiklander */
817466cbSJens Wiklanderint mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
817466cbSJens Wiklander                    size_t keylen );
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Generic HMAC process buffer.
817466cbSJens Wiklander *                  Called between mbedtls_md_hmac_starts() or mbedtls_md_hmac_reset()
817466cbSJens Wiklander *                  and mbedtls_md_hmac_finish().
817466cbSJens Wiklander *                  May be called repeatedly.
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param ctx       HMAC context
817466cbSJens Wiklander * \param input     buffer holding the  data
817466cbSJens Wiklander * \param ilen      length of the input data
817466cbSJens Wiklander *
817466cbSJens Wiklander * \returns         0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
817466cbSJens Wiklander *                  verification fails.
817466cbSJens Wiklander */
817466cbSJens Wiklanderint mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input,
817466cbSJens Wiklander                    size_t ilen );
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Output HMAC.
817466cbSJens Wiklander *                  Called after mbedtls_md_hmac_update().
817466cbSJens Wiklander *                  Usually followed by mbedtls_md_hmac_reset(),
817466cbSJens Wiklander *                  mbedtls_md_hmac_starts(), or mbedtls_md_free().
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param ctx       HMAC context
817466cbSJens Wiklander * \param output    Generic HMAC checksum result
817466cbSJens Wiklander *
817466cbSJens Wiklander * \returns         0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
817466cbSJens Wiklander *                  verification fails.
817466cbSJens Wiklander */
817466cbSJens Wiklanderint mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output);
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief           Prepare to authenticate a new message with the same key.
817466cbSJens Wiklander *                  Called after mbedtls_md_hmac_finish() and before
817466cbSJens Wiklander *                  mbedtls_md_hmac_update().
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param ctx       HMAC context to be reset
817466cbSJens Wiklander *
817466cbSJens Wiklander * \returns         0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
817466cbSJens Wiklander *                  verification fails.
817466cbSJens Wiklander */
817466cbSJens Wiklanderint mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx );
817466cbSJens Wiklander
817466cbSJens Wiklander/**
817466cbSJens Wiklander * \brief          Output = Generic_HMAC( hmac key, input buffer )
817466cbSJens Wiklander *
817466cbSJens Wiklander * \param md_info  message digest info
817466cbSJens Wiklander * \param key      HMAC secret key
817466cbSJens Wiklander * \param keylen   length of the HMAC key in bytes
817466cbSJens Wiklander * \param input    buffer holding the  data
817466cbSJens Wiklander * \param ilen     length of the input data
817466cbSJens Wiklander * \param output   Generic HMAC-result
817466cbSJens Wiklander *
817466cbSJens Wiklander * \returns        0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
817466cbSJens Wiklander *                 verification fails.
817466cbSJens Wiklander */
817466cbSJens Wiklanderint mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
817466cbSJens Wiklander                const unsigned char *input, size_t ilen,
817466cbSJens Wiklander                unsigned char *output );
817466cbSJens Wiklander
817466cbSJens Wiklander/* Internal use */
817466cbSJens Wiklanderint mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data );
817466cbSJens Wiklander
817466cbSJens Wiklander#ifdef __cplusplus
817466cbSJens Wiklander}
817466cbSJens Wiklander#endif
817466cbSJens Wiklander
817466cbSJens Wiklander#endif /* MBEDTLS_MD_H */