1/**************************** sha.h ****************************/
2/***************** See RFC 6234 for details. *******************/
3/*
4 Copyright (c) 2011 IETF Trust and the persons identified as
5 authors of the code. All rights reserved.
6
7 Redistribution and use in source and binary forms, with or
8 without modification, are permitted provided that the following
9 conditions are met:
10
11 - Redistributions of source code must retain the above
12 copyright notice, this list of conditions and
13 the following disclaimer.
14
15 - Redistributions in binary form must reproduce the above
16 copyright notice, this list of conditions and the following
17 disclaimer in the documentation and/or other materials provided
18 with the distribution.
19
20 - Neither the name of Internet Society, IETF or IETF Trust, nor
21 the names of specific contributors, may be used to endorse or
22 promote products derived from this software without specific
23 prior written permission.
24
25 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
26 CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
27 INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
28 MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
29 DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
30 CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
31 SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
32 NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
33 LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
34 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
35 CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
36 OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
37 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
38*/
39#ifndef _SHA_H_
40#define _SHA_H_
41
42/*
43 * Description:
44 * This file implements the Secure Hash Algorithms
45 * as defined in the U.S. National Institute of Standards
46 * and Technology Federal Information Processing Standards
47 * Publication (FIPS PUB) 180-3 published in October 2008
48 * and formerly defined in its predecessors, FIPS PUB 180-1
49 * and FIP PUB 180-2.
50 *
51 * A combined document showing all algorithms is available at
52 * http://csrc.nist.gov/publications/fips/
53 * fips180-3/fips180-3_final.pdf
54 *
55 * The five hashes are defined in these sizes:
56 * SHA-1 20 byte / 160 bit
57 * SHA-224 28 byte / 224 bit
58 * SHA-256 32 byte / 256 bit
59 * SHA-384 48 byte / 384 bit
60 * SHA-512 64 byte / 512 bit
61 *
62 * Compilation Note:
63 * These files may be compiled with two options:
64 * USE_32BIT_ONLY - use 32-bit arithmetic only, for systems
65 * without 64-bit integers
66 *
67 * USE_MODIFIED_MACROS - use alternate form of the SHA_Ch()
68 * and SHA_Maj() macros that are equivalent
69 * and potentially faster on many systems
70 *
71 */
72
73#include <stdint.h>
74/*
75 * If you do not have the ISO standard stdint.h header file, then you
76 * must typedef the following:
77 * name meaning
78 * uint64_t unsigned 64-bit integer
79 * uint32_t unsigned 32-bit integer
80 * uint8_t unsigned 8-bit integer (i.e., unsigned char)
81 * int_least16_t integer of >= 16 bits
82 *
83 * See stdint-example.h
84 */
85
86#ifndef _SHA_enum_
87#define _SHA_enum_
88/*
89 * All SHA functions return one of these values.
90 */
91enum {
92 shaSuccess = 0,
93 shaNull, /* Null pointer parameter */
94 shaInputTooLong, /* input data too long */
95 shaStateError, /* called Input after FinalBits or Result */
96 shaBadParam /* passed a bad parameter */
97};
98#endif /* _SHA_enum_ */
99
100/*
101 * These constants hold size information for each of the SHA
102 * hashing operations
103 */
104enum {
105 SHA1_Message_Block_Size = 64, SHA224_Message_Block_Size = 64,
106 SHA256_Message_Block_Size = 64, SHA384_Message_Block_Size = 128,
107 SHA512_Message_Block_Size = 128,
108 USHA_Max_Message_Block_Size = SHA512_Message_Block_Size,
109
110 SHA1HashSize = 20, SHA224HashSize = 28, SHA256HashSize = 32,
111 SHA384HashSize = 48, SHA512HashSize = 64,
112 USHAMaxHashSize = SHA512HashSize,
113
114 SHA1HashSizeBits = 160, SHA224HashSizeBits = 224,
115 SHA256HashSizeBits = 256, SHA384HashSizeBits = 384,
116 SHA512HashSizeBits = 512, USHAMaxHashSizeBits = SHA512HashSizeBits
117};
118
119/*
120 * These constants are used in the USHA (Unified SHA) functions.
121 */
122typedef enum SHAversion {
123 SHA1, SHA224, SHA256, SHA384, SHA512
124} SHAversion;
125
126/*
127 * This structure will hold context information for the SHA-1
128 * hashing operation.
129 */
130typedef struct SHA1Context {
131 uint32_t Intermediate_Hash[SHA1HashSize/4]; /* Message Digest */
132
133 uint32_t Length_High; /* Message length in bits */
134 uint32_t Length_Low; /* Message length in bits */
135
136 int_least16_t Message_Block_Index; /* Message_Block array index */
137 /* 512-bit message blocks */
138 uint8_t Message_Block[SHA1_Message_Block_Size];
139
140 int Computed; /* Is the hash computed? */
141 int Corrupted; /* Cumulative corruption code */
142} SHA1Context;
143
144/*
145 * This structure will hold context information for the SHA-256
146 * hashing operation.
147 */
148typedef struct SHA256Context {
149 uint32_t Intermediate_Hash[SHA256HashSize/4]; /* Message Digest */
150
151 uint32_t Length_High; /* Message length in bits */
152 uint32_t Length_Low; /* Message length in bits */
153
154 int_least16_t Message_Block_Index; /* Message_Block array index */
155 /* 512-bit message blocks */
156 uint8_t Message_Block[SHA256_Message_Block_Size];
157
158 int Computed; /* Is the hash computed? */
159 int Corrupted; /* Cumulative corruption code */
160} SHA256Context;
161
162/*
163 * This structure will hold context information for the SHA-512
164 * hashing operation.
165 */
166typedef struct SHA512Context {
167#ifdef USE_32BIT_ONLY
168 uint32_t Intermediate_Hash[SHA512HashSize/4]; /* Message Digest */
169 uint32_t Length[4]; /* Message length in bits */
170#else /* !USE_32BIT_ONLY */
171 uint64_t Intermediate_Hash[SHA512HashSize/8]; /* Message Digest */
172 uint64_t Length_High, Length_Low; /* Message length in bits */
173#endif /* USE_32BIT_ONLY */
174
175 int_least16_t Message_Block_Index; /* Message_Block array index */
176 /* 1024-bit message blocks */
177 uint8_t Message_Block[SHA512_Message_Block_Size];
178
179 int Computed; /* Is the hash computed?*/
180 int Corrupted; /* Cumulative corruption code */
181} SHA512Context;
182
183/*
184 * This structure will hold context information for the SHA-224
185 * hashing operation. It uses the SHA-256 structure for computation.
186 */
187typedef struct SHA256Context SHA224Context;
188
189/*
190 * This structure will hold context information for the SHA-384
191 * hashing operation. It uses the SHA-512 structure for computation.
192 */
193typedef struct SHA512Context SHA384Context;
194
195/*
196 * This structure holds context information for all SHA
197 * hashing operations.
198 */
199typedef struct USHAContext {
200 int whichSha; /* which SHA is being used */
201 union {
202 SHA1Context sha1Context;
203 SHA224Context sha224Context; SHA256Context sha256Context;
204 SHA384Context sha384Context; SHA512Context sha512Context;
205 } ctx;
206} USHAContext;
207
208/*
209 * This structure will hold context information for the HMAC
210 * keyed-hashing operation.
211 */
212typedef struct HMACContext {
213 int whichSha; /* which SHA is being used */
214 int hashSize; /* hash size of SHA being used */
215 int blockSize; /* block size of SHA being used */
216 USHAContext shaContext; /* SHA context */
217 unsigned char k_opad[USHA_Max_Message_Block_Size];
218 /* outer padding - key XORd with opad */
219 int Computed; /* Is the MAC computed? */
220 int Corrupted; /* Cumulative corruption code */
221
222} HMACContext;
223
224/*
225 * This structure will hold context information for the HKDF
226 * extract-and-expand Key Derivation Functions.
227 */
228typedef struct HKDFContext {
229 int whichSha; /* which SHA is being used */
230 HMACContext hmacContext;
231 int hashSize; /* hash size of SHA being used */
232 unsigned char prk[USHAMaxHashSize];
233 /* pseudo-random key - output of hkdfInput */
234 int Computed; /* Is the key material computed? */
235 int Corrupted; /* Cumulative corruption code */
236} HKDFContext;
237
238/*
239 * Function Prototypes
240 */
241
242/* SHA-1 */
243extern int SHA1Reset(SHA1Context *);
244extern int SHA1Input(SHA1Context *, const uint8_t *bytes,
245 unsigned int bytecount);
246extern int SHA1FinalBits(SHA1Context *, uint8_t bits,
247 unsigned int bit_count);
248extern int SHA1Result(SHA1Context *,
249 uint8_t Message_Digest[SHA1HashSize]);
250
251/* SHA-224 */
252extern int SHA224Reset(SHA224Context *);
253extern int SHA224Input(SHA224Context *, const uint8_t *bytes,
254 unsigned int bytecount);
255extern int SHA224FinalBits(SHA224Context *, uint8_t bits,
256 unsigned int bit_count);
257extern int SHA224Result(SHA224Context *,
258 uint8_t Message_Digest[SHA224HashSize]);
259
260/* SHA-256 */
261extern int SHA256Reset(SHA256Context *);
262extern int SHA256Input(SHA256Context *, const uint8_t *bytes,
263 unsigned int bytecount);
264extern int SHA256FinalBits(SHA256Context *, uint8_t bits,
265 unsigned int bit_count);
266extern int SHA256Result(SHA256Context *,
267 uint8_t Message_Digest[SHA256HashSize]);
268
269/* SHA-384 */
270extern int SHA384Reset(SHA384Context *);
271extern int SHA384Input(SHA384Context *, const uint8_t *bytes,
272 unsigned int bytecount);
273extern int SHA384FinalBits(SHA384Context *, uint8_t bits,
274 unsigned int bit_count);
275extern int SHA384Result(SHA384Context *,
276 uint8_t Message_Digest[SHA384HashSize]);
277
278/* SHA-512 */
279extern int SHA512Reset(SHA512Context *);
280extern int SHA512Input(SHA512Context *, const uint8_t *bytes,
281 unsigned int bytecount);
282extern int SHA512FinalBits(SHA512Context *, uint8_t bits,
283 unsigned int bit_count);
284extern int SHA512Result(SHA512Context *,
285 uint8_t Message_Digest[SHA512HashSize]);
286
287/* Unified SHA functions, chosen by whichSha */
288extern int USHAReset(USHAContext *context, SHAversion whichSha);
289extern int USHAInput(USHAContext *context,
290 const uint8_t *bytes, unsigned int bytecount);
291extern int USHAFinalBits(USHAContext *context,
292 uint8_t bits, unsigned int bit_count);
293extern int USHAResult(USHAContext *context,
294 uint8_t Message_Digest[USHAMaxHashSize]);
295extern int USHABlockSize(enum SHAversion whichSha);
296extern int USHAHashSize(enum SHAversion whichSha);
297extern int USHAHashSizeBits(enum SHAversion whichSha);
298extern const char *USHAHashName(enum SHAversion whichSha);
299
300/*
301 * HMAC Keyed-Hashing for Message Authentication, RFC 2104,
302 * for all SHAs.
303 * This interface allows a fixed-length text input to be used.
304 */
305extern int hmac(SHAversion whichSha, /* which SHA algorithm to use */
306 const unsigned char *text, /* pointer to data stream */
307 int text_len, /* length of data stream */
308 const unsigned char *key, /* pointer to authentication key */
309 int key_len, /* length of authentication key */
310 uint8_t digest[USHAMaxHashSize]); /* caller digest to fill in */
311
312/*
313 * HMAC Keyed-Hashing for Message Authentication, RFC 2104,
314 * for all SHAs.
315 * This interface allows any length of text input to be used.
316 */
317extern int hmacReset(HMACContext *context, enum SHAversion whichSha,
318 const unsigned char *key, int key_len);
319extern int hmacInput(HMACContext *context, const unsigned char *text,
320 int text_len);
321extern int hmacFinalBits(HMACContext *context, uint8_t bits,
322 unsigned int bit_count);
323extern int hmacResult(HMACContext *context,
324 uint8_t digest[USHAMaxHashSize]);
325
326/*
327 * HKDF HMAC-based Extract-and-Expand Key Derivation Function,
328 * RFC 5869, for all SHAs.
329 */
330extern int hkdf(SHAversion whichSha, const unsigned char *salt,
331 int salt_len, const unsigned char *ikm, int ikm_len,
332 const unsigned char *info, int info_len,
333 uint8_t okm[ ], int okm_len);
334extern int hkdfExtract(SHAversion whichSha, const unsigned char *salt,
335 int salt_len, const unsigned char *ikm,
336 int ikm_len, uint8_t prk[USHAMaxHashSize]);
337extern int hkdfExpand(SHAversion whichSha, const uint8_t prk[ ],
338 int prk_len, const unsigned char *info,
339 int info_len, uint8_t okm[ ], int okm_len);
340
341/*
342 * HKDF HMAC-based Extract-and-Expand Key Derivation Function,
343 * RFC 5869, for all SHAs.
344 * This interface allows any length of text input to be used.
345 */
346extern int hkdfReset(HKDFContext *context, enum SHAversion whichSha,
347 const unsigned char *salt, int salt_len);
348extern int hkdfInput(HKDFContext *context, const unsigned char *ikm,
349 int ikm_len);
350extern int hkdfFinalBits(HKDFContext *context, uint8_t ikm_bits,
351 unsigned int ikm_bit_count);
352extern int hkdfResult(HKDFContext *context,
353 uint8_t prk[USHAMaxHashSize],
354 const unsigned char *info, int info_len,
355 uint8_t okm[USHAMaxHashSize], int okm_len);
356#endif /* _SHA_H_ */
357

source code of qtbase/src/3rdparty/rfc6234/sha.h