1e1051a39Sopenharmony_ci/* 2e1051a39Sopenharmony_ci * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. 3e1051a39Sopenharmony_ci * 4e1051a39Sopenharmony_ci * Licensed under the Apache License 2.0 (the "License"). You may not use 5e1051a39Sopenharmony_ci * this file except in compliance with the License. You can obtain a copy 6e1051a39Sopenharmony_ci * in the file LICENSE in the source distribution or at 7e1051a39Sopenharmony_ci * https://www.openssl.org/source/license.html 8e1051a39Sopenharmony_ci */ 9e1051a39Sopenharmony_ci 10e1051a39Sopenharmony_ci/* 11e1051a39Sopenharmony_ci * All SHA low level APIs are deprecated for public use, but still ok for 12e1051a39Sopenharmony_ci * internal use. 13e1051a39Sopenharmony_ci */ 14e1051a39Sopenharmony_ci#include "internal/deprecated.h" 15e1051a39Sopenharmony_ci 16e1051a39Sopenharmony_ci#include <openssl/sha.h> /* diverse SHA macros */ 17e1051a39Sopenharmony_ci#include "internal/sha3.h" /* KECCAK1600_WIDTH */ 18e1051a39Sopenharmony_ci#include "crypto/evp.h" 19e1051a39Sopenharmony_ci/* Used by legacy methods */ 20e1051a39Sopenharmony_ci#include "crypto/sha.h" 21e1051a39Sopenharmony_ci#include "legacy_meth.h" 22e1051a39Sopenharmony_ci#include "evp_local.h" 23e1051a39Sopenharmony_ci 24e1051a39Sopenharmony_ci/*- 25e1051a39Sopenharmony_ci * LEGACY methods for SHA. 26e1051a39Sopenharmony_ci * These only remain to support engines that can get these methods. 27e1051a39Sopenharmony_ci * Hardware support for SHA3 has been removed from these legacy cases. 28e1051a39Sopenharmony_ci */ 29e1051a39Sopenharmony_ci#define IMPLEMENT_LEGACY_EVP_MD_METH_SHA3(nm, fn, tag) \ 30e1051a39Sopenharmony_cistatic int nm##_init(EVP_MD_CTX *ctx) \ 31e1051a39Sopenharmony_ci{ \ 32e1051a39Sopenharmony_ci return fn##_init(EVP_MD_CTX_get0_md_data(ctx), tag, ctx->digest->md_size * 8); \ 33e1051a39Sopenharmony_ci} \ 34e1051a39Sopenharmony_cistatic int nm##_update(EVP_MD_CTX *ctx, const void *data, size_t count) \ 35e1051a39Sopenharmony_ci{ \ 36e1051a39Sopenharmony_ci return fn##_update(EVP_MD_CTX_get0_md_data(ctx), data, count); \ 37e1051a39Sopenharmony_ci} \ 38e1051a39Sopenharmony_cistatic int nm##_final(EVP_MD_CTX *ctx, unsigned char *md) \ 39e1051a39Sopenharmony_ci{ \ 40e1051a39Sopenharmony_ci return fn##_final(md, EVP_MD_CTX_get0_md_data(ctx)); \ 41e1051a39Sopenharmony_ci} 42e1051a39Sopenharmony_ci#define IMPLEMENT_LEGACY_EVP_MD_METH_SHAKE(nm, fn, tag) \ 43e1051a39Sopenharmony_cistatic int nm##_init(EVP_MD_CTX *ctx) \ 44e1051a39Sopenharmony_ci{ \ 45e1051a39Sopenharmony_ci return fn##_init(EVP_MD_CTX_get0_md_data(ctx), tag, ctx->digest->md_size * 8); \ 46e1051a39Sopenharmony_ci} \ 47e1051a39Sopenharmony_ci 48e1051a39Sopenharmony_ci#define sha512_224_Init sha512_224_init 49e1051a39Sopenharmony_ci#define sha512_256_Init sha512_256_init 50e1051a39Sopenharmony_ci 51e1051a39Sopenharmony_ci#define sha512_224_Update SHA512_Update 52e1051a39Sopenharmony_ci#define sha512_224_Final SHA512_Final 53e1051a39Sopenharmony_ci#define sha512_256_Update SHA512_Update 54e1051a39Sopenharmony_ci#define sha512_256_Final SHA512_Final 55e1051a39Sopenharmony_ci 56e1051a39Sopenharmony_ciIMPLEMENT_LEGACY_EVP_MD_METH(sha1, SHA1) 57e1051a39Sopenharmony_ciIMPLEMENT_LEGACY_EVP_MD_METH(sha224, SHA224) 58e1051a39Sopenharmony_ciIMPLEMENT_LEGACY_EVP_MD_METH(sha256, SHA256) 59e1051a39Sopenharmony_ciIMPLEMENT_LEGACY_EVP_MD_METH(sha384, SHA384) 60e1051a39Sopenharmony_ciIMPLEMENT_LEGACY_EVP_MD_METH(sha512, SHA512) 61e1051a39Sopenharmony_ciIMPLEMENT_LEGACY_EVP_MD_METH(sha512_224_int, sha512_224) 62e1051a39Sopenharmony_ciIMPLEMENT_LEGACY_EVP_MD_METH(sha512_256_int, sha512_256) 63e1051a39Sopenharmony_ciIMPLEMENT_LEGACY_EVP_MD_METH_SHA3(sha3_int, ossl_sha3, '\x06') 64e1051a39Sopenharmony_ciIMPLEMENT_LEGACY_EVP_MD_METH_SHAKE(shake, ossl_sha3, '\x1f') 65e1051a39Sopenharmony_ci 66e1051a39Sopenharmony_cistatic int sha1_int_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2) 67e1051a39Sopenharmony_ci{ 68e1051a39Sopenharmony_ci return ossl_sha1_ctrl(ctx != NULL ? EVP_MD_CTX_get0_md_data(ctx) : NULL, 69e1051a39Sopenharmony_ci cmd, p1, p2); 70e1051a39Sopenharmony_ci} 71e1051a39Sopenharmony_ci 72e1051a39Sopenharmony_cistatic int shake_ctrl(EVP_MD_CTX *evp_ctx, int cmd, int p1, void *p2) 73e1051a39Sopenharmony_ci{ 74e1051a39Sopenharmony_ci KECCAK1600_CTX *ctx = evp_ctx->md_data; 75e1051a39Sopenharmony_ci 76e1051a39Sopenharmony_ci switch (cmd) { 77e1051a39Sopenharmony_ci case EVP_MD_CTRL_XOF_LEN: 78e1051a39Sopenharmony_ci ctx->md_size = p1; 79e1051a39Sopenharmony_ci return 1; 80e1051a39Sopenharmony_ci default: 81e1051a39Sopenharmony_ci return 0; 82e1051a39Sopenharmony_ci } 83e1051a39Sopenharmony_ci} 84e1051a39Sopenharmony_ci 85e1051a39Sopenharmony_ci 86e1051a39Sopenharmony_ci 87e1051a39Sopenharmony_cistatic const EVP_MD sha1_md = { 88e1051a39Sopenharmony_ci NID_sha1, 89e1051a39Sopenharmony_ci NID_sha1WithRSAEncryption, 90e1051a39Sopenharmony_ci SHA_DIGEST_LENGTH, 91e1051a39Sopenharmony_ci EVP_MD_FLAG_DIGALGID_ABSENT, 92e1051a39Sopenharmony_ci EVP_ORIG_GLOBAL, 93e1051a39Sopenharmony_ci LEGACY_EVP_MD_METH_TABLE(sha1_init, sha1_update, sha1_final, sha1_int_ctrl, 94e1051a39Sopenharmony_ci SHA_CBLOCK), 95e1051a39Sopenharmony_ci}; 96e1051a39Sopenharmony_ci 97e1051a39Sopenharmony_ciconst EVP_MD *EVP_sha1(void) 98e1051a39Sopenharmony_ci{ 99e1051a39Sopenharmony_ci return &sha1_md; 100e1051a39Sopenharmony_ci} 101e1051a39Sopenharmony_ci 102e1051a39Sopenharmony_cistatic const EVP_MD sha224_md = { 103e1051a39Sopenharmony_ci NID_sha224, 104e1051a39Sopenharmony_ci NID_sha224WithRSAEncryption, 105e1051a39Sopenharmony_ci SHA224_DIGEST_LENGTH, 106e1051a39Sopenharmony_ci EVP_MD_FLAG_DIGALGID_ABSENT, 107e1051a39Sopenharmony_ci EVP_ORIG_GLOBAL, 108e1051a39Sopenharmony_ci LEGACY_EVP_MD_METH_TABLE(sha224_init, sha224_update, sha224_final, NULL, 109e1051a39Sopenharmony_ci SHA256_CBLOCK), 110e1051a39Sopenharmony_ci}; 111e1051a39Sopenharmony_ci 112e1051a39Sopenharmony_ciconst EVP_MD *EVP_sha224(void) 113e1051a39Sopenharmony_ci{ 114e1051a39Sopenharmony_ci return &sha224_md; 115e1051a39Sopenharmony_ci} 116e1051a39Sopenharmony_ci 117e1051a39Sopenharmony_cistatic const EVP_MD sha256_md = { 118e1051a39Sopenharmony_ci NID_sha256, 119e1051a39Sopenharmony_ci NID_sha256WithRSAEncryption, 120e1051a39Sopenharmony_ci SHA256_DIGEST_LENGTH, 121e1051a39Sopenharmony_ci EVP_MD_FLAG_DIGALGID_ABSENT, 122e1051a39Sopenharmony_ci EVP_ORIG_GLOBAL, 123e1051a39Sopenharmony_ci LEGACY_EVP_MD_METH_TABLE(sha256_init, sha256_update, sha256_final, NULL, 124e1051a39Sopenharmony_ci SHA256_CBLOCK), 125e1051a39Sopenharmony_ci}; 126e1051a39Sopenharmony_ci 127e1051a39Sopenharmony_ciconst EVP_MD *EVP_sha256(void) 128e1051a39Sopenharmony_ci{ 129e1051a39Sopenharmony_ci return &sha256_md; 130e1051a39Sopenharmony_ci} 131e1051a39Sopenharmony_ci 132e1051a39Sopenharmony_cistatic const EVP_MD sha512_224_md = { 133e1051a39Sopenharmony_ci NID_sha512_224, 134e1051a39Sopenharmony_ci NID_sha512_224WithRSAEncryption, 135e1051a39Sopenharmony_ci SHA224_DIGEST_LENGTH, 136e1051a39Sopenharmony_ci EVP_MD_FLAG_DIGALGID_ABSENT, 137e1051a39Sopenharmony_ci EVP_ORIG_GLOBAL, 138e1051a39Sopenharmony_ci LEGACY_EVP_MD_METH_TABLE(sha512_224_int_init, sha512_224_int_update, 139e1051a39Sopenharmony_ci sha512_224_int_final, NULL, SHA512_CBLOCK), 140e1051a39Sopenharmony_ci}; 141e1051a39Sopenharmony_ci 142e1051a39Sopenharmony_ciconst EVP_MD *EVP_sha512_224(void) 143e1051a39Sopenharmony_ci{ 144e1051a39Sopenharmony_ci return &sha512_224_md; 145e1051a39Sopenharmony_ci} 146e1051a39Sopenharmony_ci 147e1051a39Sopenharmony_cistatic const EVP_MD sha512_256_md = { 148e1051a39Sopenharmony_ci NID_sha512_256, 149e1051a39Sopenharmony_ci NID_sha512_256WithRSAEncryption, 150e1051a39Sopenharmony_ci SHA256_DIGEST_LENGTH, 151e1051a39Sopenharmony_ci EVP_MD_FLAG_DIGALGID_ABSENT, 152e1051a39Sopenharmony_ci EVP_ORIG_GLOBAL, 153e1051a39Sopenharmony_ci LEGACY_EVP_MD_METH_TABLE(sha512_256_int_init, sha512_256_int_update, 154e1051a39Sopenharmony_ci sha512_256_int_final, NULL, SHA512_CBLOCK), 155e1051a39Sopenharmony_ci}; 156e1051a39Sopenharmony_ci 157e1051a39Sopenharmony_ciconst EVP_MD *EVP_sha512_256(void) 158e1051a39Sopenharmony_ci{ 159e1051a39Sopenharmony_ci return &sha512_256_md; 160e1051a39Sopenharmony_ci} 161e1051a39Sopenharmony_ci 162e1051a39Sopenharmony_cistatic const EVP_MD sha384_md = { 163e1051a39Sopenharmony_ci NID_sha384, 164e1051a39Sopenharmony_ci NID_sha384WithRSAEncryption, 165e1051a39Sopenharmony_ci SHA384_DIGEST_LENGTH, 166e1051a39Sopenharmony_ci EVP_MD_FLAG_DIGALGID_ABSENT, 167e1051a39Sopenharmony_ci EVP_ORIG_GLOBAL, 168e1051a39Sopenharmony_ci LEGACY_EVP_MD_METH_TABLE(sha384_init, sha384_update, sha384_final, NULL, 169e1051a39Sopenharmony_ci SHA512_CBLOCK), 170e1051a39Sopenharmony_ci}; 171e1051a39Sopenharmony_ci 172e1051a39Sopenharmony_ciconst EVP_MD *EVP_sha384(void) 173e1051a39Sopenharmony_ci{ 174e1051a39Sopenharmony_ci return &sha384_md; 175e1051a39Sopenharmony_ci} 176e1051a39Sopenharmony_ci 177e1051a39Sopenharmony_cistatic const EVP_MD sha512_md = { 178e1051a39Sopenharmony_ci NID_sha512, 179e1051a39Sopenharmony_ci NID_sha512WithRSAEncryption, 180e1051a39Sopenharmony_ci SHA512_DIGEST_LENGTH, 181e1051a39Sopenharmony_ci EVP_MD_FLAG_DIGALGID_ABSENT, 182e1051a39Sopenharmony_ci EVP_ORIG_GLOBAL, 183e1051a39Sopenharmony_ci LEGACY_EVP_MD_METH_TABLE(sha512_init, sha512_update, sha512_final, NULL, 184e1051a39Sopenharmony_ci SHA512_CBLOCK), 185e1051a39Sopenharmony_ci}; 186e1051a39Sopenharmony_ci 187e1051a39Sopenharmony_ciconst EVP_MD *EVP_sha512(void) 188e1051a39Sopenharmony_ci{ 189e1051a39Sopenharmony_ci return &sha512_md; 190e1051a39Sopenharmony_ci} 191e1051a39Sopenharmony_ci 192e1051a39Sopenharmony_ci#define EVP_MD_SHA3(bitlen) \ 193e1051a39Sopenharmony_ciconst EVP_MD *EVP_sha3_##bitlen(void) \ 194e1051a39Sopenharmony_ci{ \ 195e1051a39Sopenharmony_ci static const EVP_MD sha3_##bitlen##_md = { \ 196e1051a39Sopenharmony_ci NID_sha3_##bitlen, \ 197e1051a39Sopenharmony_ci NID_RSA_SHA3_##bitlen, \ 198e1051a39Sopenharmony_ci bitlen / 8, \ 199e1051a39Sopenharmony_ci EVP_MD_FLAG_DIGALGID_ABSENT, \ 200e1051a39Sopenharmony_ci EVP_ORIG_GLOBAL, \ 201e1051a39Sopenharmony_ci LEGACY_EVP_MD_METH_TABLE(sha3_int_init, sha3_int_update, \ 202e1051a39Sopenharmony_ci sha3_int_final, NULL, \ 203e1051a39Sopenharmony_ci (KECCAK1600_WIDTH - bitlen * 2) / 8), \ 204e1051a39Sopenharmony_ci }; \ 205e1051a39Sopenharmony_ci return &sha3_##bitlen##_md; \ 206e1051a39Sopenharmony_ci} 207e1051a39Sopenharmony_ci#define EVP_MD_SHAKE(bitlen) \ 208e1051a39Sopenharmony_ciconst EVP_MD *EVP_shake##bitlen(void) \ 209e1051a39Sopenharmony_ci{ \ 210e1051a39Sopenharmony_ci static const EVP_MD shake##bitlen##_md = { \ 211e1051a39Sopenharmony_ci NID_shake##bitlen, \ 212e1051a39Sopenharmony_ci 0, \ 213e1051a39Sopenharmony_ci bitlen / 8, \ 214e1051a39Sopenharmony_ci EVP_MD_FLAG_XOF, \ 215e1051a39Sopenharmony_ci EVP_ORIG_GLOBAL, \ 216e1051a39Sopenharmony_ci LEGACY_EVP_MD_METH_TABLE(shake_init, sha3_int_update, sha3_int_final, \ 217e1051a39Sopenharmony_ci shake_ctrl, (KECCAK1600_WIDTH - bitlen * 2) / 8), \ 218e1051a39Sopenharmony_ci }; \ 219e1051a39Sopenharmony_ci return &shake##bitlen##_md; \ 220e1051a39Sopenharmony_ci} 221e1051a39Sopenharmony_ci 222e1051a39Sopenharmony_ciEVP_MD_SHA3(224) 223e1051a39Sopenharmony_ciEVP_MD_SHA3(256) 224e1051a39Sopenharmony_ciEVP_MD_SHA3(384) 225e1051a39Sopenharmony_ciEVP_MD_SHA3(512) 226e1051a39Sopenharmony_ci 227e1051a39Sopenharmony_ciEVP_MD_SHAKE(128) 228e1051a39Sopenharmony_ciEVP_MD_SHAKE(256) 229