1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2  * All rights reserved.
3  *
4  * This package is an SSL implementation written
5  * by Eric Young (eay@cryptsoft.com).
6  * The implementation was written so as to conform with Netscapes SSL.
7  *
8  * This library is free for commercial and non-commercial use as long as
9  * the following conditions are aheared to.  The following conditions
10  * apply to all code found in this distribution, be it the RC4, RSA,
11  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
12  * included with this distribution is covered by the same copyright terms
13  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14  *
15  * Copyright remains Eric Young's, and as such any Copyright notices in
16  * the code are not to be removed.
17  * If this package is used in a product, Eric Young should be given attribution
18  * as the author of the parts of the library used.
19  * This can be in the form of a textual message at program startup or
20  * in documentation (online or textual) provided with the package.
21  *
22  * Redistribution and use in source and binary forms, with or without
23  * modification, are permitted provided that the following conditions
24  * are met:
25  * 1. Redistributions of source code must retain the copyright
26  *    notice, this list of conditions and the following disclaimer.
27  * 2. Redistributions in binary form must reproduce the above copyright
28  *    notice, this list of conditions and the following disclaimer in the
29  *    documentation and/or other materials provided with the distribution.
30  * 3. All advertising materials mentioning features or use of this software
31  *    must display the following acknowledgement:
32  *    "This product includes cryptographic software written by
33  *     Eric Young (eay@cryptsoft.com)"
34  *    The word 'cryptographic' can be left out if the rouines from the library
35  *    being used are not cryptographic related :-).
36  * 4. If you include any Windows specific code (or a derivative thereof) from
37  *    the apps directory (application code) you must include an acknowledgement:
38  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39  *
40  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50  * SUCH DAMAGE.
51  *
52  * The licence and distribution terms for any publically available version or
53  * derivative of this code cannot be changed.  i.e. this code cannot simply be
54  * copied and put under another distribution licence
55  * [including the GNU Public Licence.] */
56 
57 #ifndef OPENSSL_HEADER_SHA_H
58 #define OPENSSL_HEADER_SHA_H
59 
60 #include <openssl/base.h>
61 
62 #if defined(__cplusplus)
63 extern "C" {
64 #endif
65 
66 
67 // The SHA family of hash functions (SHA-1 and SHA-2).
68 
69 
70 // SHA_CBLOCK is the block size of SHA-1.
71 #define SHA_CBLOCK 64
72 
73 // SHA_DIGEST_LENGTH is the length of a SHA-1 digest.
74 #define SHA_DIGEST_LENGTH 20
75 
76 // SHA1_Init initialises |sha| and returns one.
77 OPENSSL_EXPORT int SHA1_Init(SHA_CTX *sha);
78 
79 // SHA1_Update adds |len| bytes from |data| to |sha| and returns one.
80 OPENSSL_EXPORT int SHA1_Update(SHA_CTX *sha, const void *data, size_t len);
81 
82 // SHA1_Final adds the final padding to |sha| and writes the resulting digest to
83 // |out|, which must have at least |SHA_DIGEST_LENGTH| bytes of space. It
84 // returns one.
85 OPENSSL_EXPORT int SHA1_Final(uint8_t out[SHA_DIGEST_LENGTH], SHA_CTX *sha);
86 
87 // SHA1 writes the digest of |len| bytes from |data| to |out| and returns
88 // |out|. There must be at least |SHA_DIGEST_LENGTH| bytes of space in
89 // |out|.
90 OPENSSL_EXPORT uint8_t *SHA1(const uint8_t *data, size_t len,
91                              uint8_t out[SHA_DIGEST_LENGTH]);
92 
93 // SHA1_Transform is a low-level function that performs a single, SHA-1 block
94 // transformation using the state from |sha| and |SHA_CBLOCK| bytes from
95 // |block|.
96 OPENSSL_EXPORT void SHA1_Transform(SHA_CTX *sha,
97                                    const uint8_t block[SHA_CBLOCK]);
98 
99 struct sha_state_st {
100 #if defined(OPENSSL_WINDOWS)
101   uint32_t h[5];
102 #else
103   // wpa_supplicant accesses |h0|..|h4| so we must support those names
104   // for compatibility with it until it can be updated.
105   union {
106     uint32_t h[5];
107     struct {
108       uint32_t h0;
109       uint32_t h1;
110       uint32_t h2;
111       uint32_t h3;
112       uint32_t h4;
113     };
114   };
115 #endif
116   uint32_t Nl, Nh;
117   uint8_t data[SHA_CBLOCK];
118   unsigned num;
119 };
120 
121 
122 // SHA-224.
123 
124 // SHA224_CBLOCK is the block size of SHA-224.
125 #define SHA224_CBLOCK 64
126 
127 // SHA224_DIGEST_LENGTH is the length of a SHA-224 digest.
128 #define SHA224_DIGEST_LENGTH 28
129 
130 // SHA224_Init initialises |sha| and returns 1.
131 OPENSSL_EXPORT int SHA224_Init(SHA256_CTX *sha);
132 
133 // SHA224_Update adds |len| bytes from |data| to |sha| and returns 1.
134 OPENSSL_EXPORT int SHA224_Update(SHA256_CTX *sha, const void *data, size_t len);
135 
136 // SHA224_Final adds the final padding to |sha| and writes the resulting digest
137 // to |out|, which must have at least |SHA224_DIGEST_LENGTH| bytes of space. It
138 // returns one on success and zero on programmer error.
139 OPENSSL_EXPORT int SHA224_Final(uint8_t out[SHA224_DIGEST_LENGTH],
140                                 SHA256_CTX *sha);
141 
142 // SHA224 writes the digest of |len| bytes from |data| to |out| and returns
143 // |out|. There must be at least |SHA224_DIGEST_LENGTH| bytes of space in
144 // |out|.
145 OPENSSL_EXPORT uint8_t *SHA224(const uint8_t *data, size_t len,
146                                uint8_t out[SHA224_DIGEST_LENGTH]);
147 
148 
149 // SHA-256.
150 
151 // SHA256_CBLOCK is the block size of SHA-256.
152 #define SHA256_CBLOCK 64
153 
154 // SHA256_DIGEST_LENGTH is the length of a SHA-256 digest.
155 #define SHA256_DIGEST_LENGTH 32
156 
157 // SHA256_Init initialises |sha| and returns 1.
158 OPENSSL_EXPORT int SHA256_Init(SHA256_CTX *sha);
159 
160 // SHA256_Update adds |len| bytes from |data| to |sha| and returns 1.
161 OPENSSL_EXPORT int SHA256_Update(SHA256_CTX *sha, const void *data, size_t len);
162 
163 // SHA256_Final adds the final padding to |sha| and writes the resulting digest
164 // to |out|, which must have at least |SHA256_DIGEST_LENGTH| bytes of space. It
165 // returns one on success and zero on programmer error.
166 OPENSSL_EXPORT int SHA256_Final(uint8_t out[SHA256_DIGEST_LENGTH],
167                                 SHA256_CTX *sha);
168 
169 // SHA256 writes the digest of |len| bytes from |data| to |out| and returns
170 // |out|. There must be at least |SHA256_DIGEST_LENGTH| bytes of space in
171 // |out|.
172 OPENSSL_EXPORT uint8_t *SHA256(const uint8_t *data, size_t len,
173                                uint8_t out[SHA256_DIGEST_LENGTH]);
174 
175 // SHA256_Transform is a low-level function that performs a single, SHA-256
176 // block transformation using the state from |sha| and |SHA256_CBLOCK| bytes
177 // from |block|.
178 OPENSSL_EXPORT void SHA256_Transform(SHA256_CTX *sha,
179                                      const uint8_t block[SHA256_CBLOCK]);
180 
181 // SHA256_TransformBlocks is a low-level function that takes |num_blocks| *
182 // |SHA256_CBLOCK| bytes of data and performs SHA-256 transforms on it to update
183 // |state|. You should not use this function unless you are implementing a
184 // derivative of SHA-256.
185 OPENSSL_EXPORT void SHA256_TransformBlocks(uint32_t state[8],
186                                            const uint8_t *data,
187                                            size_t num_blocks);
188 
189 struct sha256_state_st {
190   uint32_t h[8];
191   uint32_t Nl, Nh;
192   uint8_t data[SHA256_CBLOCK];
193   unsigned num, md_len;
194 };
195 
196 
197 // SHA-384.
198 
199 // SHA384_CBLOCK is the block size of SHA-384.
200 #define SHA384_CBLOCK 128
201 
202 // SHA384_DIGEST_LENGTH is the length of a SHA-384 digest.
203 #define SHA384_DIGEST_LENGTH 48
204 
205 // SHA384_Init initialises |sha| and returns 1.
206 OPENSSL_EXPORT int SHA384_Init(SHA512_CTX *sha);
207 
208 // SHA384_Update adds |len| bytes from |data| to |sha| and returns 1.
209 OPENSSL_EXPORT int SHA384_Update(SHA512_CTX *sha, const void *data, size_t len);
210 
211 // SHA384_Final adds the final padding to |sha| and writes the resulting digest
212 // to |out|, which must have at least |SHA384_DIGEST_LENGTH| bytes of space. It
213 // returns one on success and zero on programmer error.
214 OPENSSL_EXPORT int SHA384_Final(uint8_t out[SHA384_DIGEST_LENGTH],
215                                 SHA512_CTX *sha);
216 
217 // SHA384 writes the digest of |len| bytes from |data| to |out| and returns
218 // |out|. There must be at least |SHA384_DIGEST_LENGTH| bytes of space in
219 // |out|.
220 OPENSSL_EXPORT uint8_t *SHA384(const uint8_t *data, size_t len,
221                                uint8_t out[SHA384_DIGEST_LENGTH]);
222 
223 
224 // SHA-512.
225 
226 // SHA512_CBLOCK is the block size of SHA-512.
227 #define SHA512_CBLOCK 128
228 
229 // SHA512_DIGEST_LENGTH is the length of a SHA-512 digest.
230 #define SHA512_DIGEST_LENGTH 64
231 
232 // SHA512_Init initialises |sha| and returns 1.
233 OPENSSL_EXPORT int SHA512_Init(SHA512_CTX *sha);
234 
235 // SHA512_Update adds |len| bytes from |data| to |sha| and returns 1.
236 OPENSSL_EXPORT int SHA512_Update(SHA512_CTX *sha, const void *data, size_t len);
237 
238 // SHA512_Final adds the final padding to |sha| and writes the resulting digest
239 // to |out|, which must have at least |SHA512_DIGEST_LENGTH| bytes of space. It
240 // returns one on success and zero on programmer error.
241 OPENSSL_EXPORT int SHA512_Final(uint8_t out[SHA512_DIGEST_LENGTH],
242                                 SHA512_CTX *sha);
243 
244 // SHA512 writes the digest of |len| bytes from |data| to |out| and returns
245 // |out|. There must be at least |SHA512_DIGEST_LENGTH| bytes of space in
246 // |out|.
247 OPENSSL_EXPORT uint8_t *SHA512(const uint8_t *data, size_t len,
248                                uint8_t out[SHA512_DIGEST_LENGTH]);
249 
250 // SHA512_Transform is a low-level function that performs a single, SHA-512
251 // block transformation using the state from |sha| and |SHA512_CBLOCK| bytes
252 // from |block|.
253 OPENSSL_EXPORT void SHA512_Transform(SHA512_CTX *sha,
254                                      const uint8_t block[SHA512_CBLOCK]);
255 
256 struct sha512_state_st {
257   uint64_t h[8];
258   uint64_t Nl, Nh;
259   uint8_t p[128];
260   unsigned num, md_len;
261 };
262 
263 
264 // SHA-512-256
265 //
266 // See https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf section 5.3.6
267 
268 #define SHA512_256_DIGEST_LENGTH 32
269 
270 // SHA512_256_Init initialises |sha| and returns 1.
271 OPENSSL_EXPORT int SHA512_256_Init(SHA512_CTX *sha);
272 
273 // SHA512_256_Update adds |len| bytes from |data| to |sha| and returns 1.
274 OPENSSL_EXPORT int SHA512_256_Update(SHA512_CTX *sha, const void *data,
275                                      size_t len);
276 
277 // SHA512_256_Final adds the final padding to |sha| and writes the resulting
278 // digest to |out|, which must have at least |SHA512_256_DIGEST_LENGTH| bytes of
279 // space. It returns one on success and zero on programmer error.
280 OPENSSL_EXPORT int SHA512_256_Final(uint8_t out[SHA512_256_DIGEST_LENGTH],
281                                     SHA512_CTX *sha);
282 
283 // SHA512_256 writes the digest of |len| bytes from |data| to |out| and returns
284 // |out|. There must be at least |SHA512_256_DIGEST_LENGTH| bytes of space in
285 // |out|.
286 OPENSSL_EXPORT uint8_t *SHA512_256(const uint8_t *data, size_t len,
287                                    uint8_t out[SHA512_256_DIGEST_LENGTH]);
288 
289 
290 #if defined(__cplusplus)
291 }  // extern C
292 #endif
293 
294 #endif  // OPENSSL_HEADER_SHA_H
295