224 lines
8.3 KiB
C
224 lines
8.3 KiB
C
/**
|
|
* \file md.h
|
|
*
|
|
* \brief This file contains the generic message-digest wrapper.
|
|
*
|
|
* \author Adriaan de Jong <dejong@fox-it.com>
|
|
*/
|
|
/*
|
|
* Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
|
|
* Copyright (C) 2018-2022, Intel Corporation.
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
* not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*
|
|
* This file is part of Mbed TLS (https://tls.mbed.org)
|
|
*/
|
|
|
|
#ifndef MBEDTLS_MD_H
|
|
#define MBEDTLS_MD_H
|
|
|
|
#include <rtl.h>
|
|
#include "sha256.h"
|
|
|
|
#define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */
|
|
|
|
#define mbedtls_platform_zeroize(buf, len) memset((buf), 0U, (len))
|
|
|
|
/**
|
|
* \brief Supported message digests.
|
|
*
|
|
*/
|
|
typedef enum {
|
|
MBEDTLS_MD_NONE = 0, /**< None. */
|
|
MBEDTLS_MD_SHA256, /**< The SHA-256 message digest. */
|
|
} mbedtls_md_type_t;
|
|
|
|
#define MBEDTLS_MD_MAX_SIZE 32 /* longest known is SHA256 or less */
|
|
|
|
/**
|
|
* Opaque struct defined in md_internal.h.
|
|
*/
|
|
typedef struct mbedtls_md_info mbedtls_md_info_t;
|
|
|
|
/**
|
|
* The generic message-digest context.
|
|
*/
|
|
typedef struct {
|
|
/** Information about the associated message digest. */
|
|
const mbedtls_md_info_t *md_info;
|
|
|
|
/** The digest-specific context. */
|
|
uint8_t md_ctx[sizeof(mbedtls_sha256_context)];
|
|
|
|
/** The HMAC part of the context. Use array here to avoid dynamic memory
|
|
* allocation. The hardcode value 128 is 2 times of block_size which
|
|
* is 64 in md_wrap.c
|
|
*/
|
|
uint8_t hmac_ctx[128];
|
|
} mbedtls_md_context_t;
|
|
|
|
/**
|
|
* \brief This function returns the message-digest information
|
|
* associated with the given digest type.
|
|
*
|
|
* \param md_type The type of digest to search for.
|
|
*
|
|
* \return The message-digest information associated with \p md_type.
|
|
* \return NULL if the associated message-digest information is not found.
|
|
*/
|
|
const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type);
|
|
|
|
/**
|
|
* \brief This function initializes a message-digest context without
|
|
* binding it to a particular message-digest algorithm.
|
|
*
|
|
* This function should always be called first. It prepares the
|
|
* context for mbedtls_md_setup() for binding it to a
|
|
* message-digest algorithm.
|
|
*/
|
|
void mbedtls_md_init(mbedtls_md_context_t *ctx);
|
|
|
|
/**
|
|
* \brief This function clears the internal structure of \p ctx and
|
|
* frees any embedded internal structure, but does not free
|
|
* \p ctx itself.
|
|
*
|
|
* If you have called mbedtls_md_setup() on \p ctx, you must
|
|
* call mbedtls_md_free() when you are no longer using the
|
|
* context.
|
|
* Calling this function if you have previously
|
|
* called mbedtls_md_init() and nothing else is optional.
|
|
* You must not call this function if you have not called
|
|
* mbedtls_md_init().
|
|
*/
|
|
void mbedtls_md_free(mbedtls_md_context_t *ctx);
|
|
|
|
/**
|
|
* \brief This function selects the message digest algorithm to use,
|
|
* and allocates internal structures.
|
|
*
|
|
* It should be called after mbedtls_md_init() or
|
|
* mbedtls_md_free(). Makes it necessary to call
|
|
* mbedtls_md_free() later.
|
|
*
|
|
* \param ctx The context to set up.
|
|
* \param md_info The information structure of the message-digest algorithm
|
|
* to use.
|
|
*
|
|
* \return \c 0 on success.
|
|
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
|
|
* failure.
|
|
* \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure.
|
|
*/
|
|
int32_t mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info);
|
|
|
|
/**
|
|
* \brief This function extracts the message-digest size from the
|
|
* message-digest information structure.
|
|
*
|
|
* \param md_info The information structure of the message-digest algorithm
|
|
* to use.
|
|
*
|
|
* \return The size of the message-digest output in Bytes.
|
|
*/
|
|
uint8_t mbedtls_md_get_size(const mbedtls_md_info_t *md_info);
|
|
|
|
/**
|
|
* \brief This function sets the HMAC key and prepares to
|
|
* authenticate a new message.
|
|
*
|
|
* Call this function after mbedtls_md_setup(), to use
|
|
* the MD context for an HMAC calculation, then call
|
|
* mbedtls_md_hmac_update() to provide the input data, and
|
|
* mbedtls_md_hmac_finish() to get the HMAC value.
|
|
*
|
|
* \param ctx The message digest context containing an embedded HMAC
|
|
* context.
|
|
* \param key The HMAC secret key.
|
|
* \param keylen The length of the HMAC key in Bytes.
|
|
*
|
|
* \return \c 0 on success.
|
|
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
|
|
* failure.
|
|
*/
|
|
int32_t mbedtls_md_hmac_starts(mbedtls_md_context_t *ctx, const uint8_t *key, size_t keylen);
|
|
|
|
/**
|
|
* \brief This function feeds an input buffer into an ongoing HMAC
|
|
* computation.
|
|
*
|
|
* Call mbedtls_md_hmac_starts() or mbedtls_md_hmac_reset()
|
|
* before calling this function.
|
|
* You may call this function multiple times to pass the
|
|
* input piecewise.
|
|
* Afterwards, call mbedtls_md_hmac_finish().
|
|
*
|
|
* \param ctx The message digest context containing an embedded HMAC
|
|
* context.
|
|
* \param input The buffer holding the input data.
|
|
* \param ilen The length of the input data.
|
|
*
|
|
* \return \c 0 on success.
|
|
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
|
|
* failure.
|
|
*/
|
|
int32_t mbedtls_md_hmac_update(mbedtls_md_context_t *ctx, const uint8_t *input, size_t ilen);
|
|
|
|
/**
|
|
* \brief This function finishes the HMAC operation, and writes
|
|
* the result to the output buffer.
|
|
*
|
|
* Call this function after mbedtls_md_hmac_starts() and
|
|
* mbedtls_md_hmac_update() to get the HMAC value. Afterwards
|
|
* you may either call mbedtls_md_free() to clear the context,
|
|
* or call mbedtls_md_hmac_reset() to reuse the context with
|
|
* the same HMAC key.
|
|
*
|
|
* \param ctx The message digest context containing an embedded HMAC
|
|
* context.
|
|
* \param output The generic HMAC checksum result.
|
|
*
|
|
* \return \c 0 on success.
|
|
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
|
|
* failure.
|
|
*/
|
|
int32_t mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, uint8_t *output);
|
|
|
|
/**
|
|
* \brief This function calculates the full generic HMAC
|
|
* on the input buffer with the provided key.
|
|
*
|
|
* The function allocates the context, performs the
|
|
* calculation, and frees the context.
|
|
*
|
|
* The HMAC result is calculated as
|
|
* output = generic HMAC(hmac key, input buffer).
|
|
*
|
|
* \param md_info The information structure of the message-digest algorithm
|
|
* to use.
|
|
* \param key The HMAC secret key.
|
|
* \param keylen The length of the HMAC secret key in Bytes.
|
|
* \param input The buffer holding the input data.
|
|
* \param ilen The length of the input data.
|
|
* \param output The generic HMAC result.
|
|
*
|
|
* \return \c 0 on success.
|
|
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
|
|
* failure.
|
|
*/
|
|
int32_t mbedtls_md_hmac(const mbedtls_md_info_t *md_info, const uint8_t *key, size_t keylen,
|
|
const uint8_t *input, size_t ilen, uint8_t *output);
|
|
|
|
#endif /* MBEDTLS_MD_H */
|