[thirdparty/openssl.git] / crypto / evp / m_sha1.c

/*
 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include "internal/cryptlib.h"

#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/sha.h>
#include <openssl/rsa.h>
#include "internal/evp_int.h"
#include "internal/sha.h"

static int init(EVP_MD_CTX *ctx)
{
    return SHA1_Init(EVP_MD_CTX_md_data(ctx));
}

static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
    return SHA1_Update(EVP_MD_CTX_md_data(ctx), data, count);
}

static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
    return SHA1_Final(md, EVP_MD_CTX_md_data(ctx));
}

static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms)
{
    unsigned char padtmp[40];
    unsigned char sha1tmp[SHA_DIGEST_LENGTH];

    SHA_CTX *sha1;

    if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
        return -2;

    if (ctx == NULL)
        return 0;

    sha1 = EVP_MD_CTX_md_data(ctx);

    /* SSLv3 client auth handling: see RFC-6101 5.6.8 */
    if (mslen != 48)
        return 0;

    /* At this point hash contains all handshake messages, update
     * with master secret and pad_1.
     */

    if (SHA1_Update(sha1, ms, mslen) <= 0)
        return 0;

    /* Set padtmp to pad_1 value */
    memset(padtmp, 0x36, sizeof(padtmp));

    if (!SHA1_Update(sha1, padtmp, sizeof(padtmp)))
        return 0;

    if (!SHA1_Final(sha1tmp, sha1))
        return 0;

    /* Reinitialise context */

    if (!SHA1_Init(sha1))
        return 0;

    if (SHA1_Update(sha1, ms, mslen) <= 0)
        return 0;

    /* Set padtmp to pad_2 value */
    memset(padtmp, 0x5c, sizeof(padtmp));

    if (!SHA1_Update(sha1, padtmp, sizeof(padtmp)))
        return 0;

    if (!SHA1_Update(sha1, sha1tmp, sizeof(sha1tmp)))
        return 0;

    /* Now when ctx is finalised it will return the SSL v3 hash value */
    OPENSSL_cleanse(sha1tmp, sizeof(sha1tmp));

    return 1;

}

static const EVP_MD sha1_md = {
    NID_sha1,
    NID_sha1WithRSAEncryption,
    SHA_DIGEST_LENGTH,
    EVP_MD_FLAG_DIGALGID_ABSENT,
    init,
    update,
    final,
    NULL,
    NULL,
    SHA_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA_CTX),
    ctrl
};

const EVP_MD *EVP_sha1(void)
{
    return &sha1_md;
}

static int init224(EVP_MD_CTX *ctx)
{
    return SHA224_Init(EVP_MD_CTX_md_data(ctx));
}

static int update224(EVP_MD_CTX *ctx, const void *data, size_t count)
{
    return SHA224_Update(EVP_MD_CTX_md_data(ctx), data, count);
}

static int final224(EVP_MD_CTX *ctx, unsigned char *md)
{
    return SHA224_Final(md, EVP_MD_CTX_md_data(ctx));
}

static int init256(EVP_MD_CTX *ctx)
{
    return SHA256_Init(EVP_MD_CTX_md_data(ctx));
}

static int update256(EVP_MD_CTX *ctx, const void *data, size_t count)
{
    return SHA256_Update(EVP_MD_CTX_md_data(ctx), data, count);
}

static int final256(EVP_MD_CTX *ctx, unsigned char *md)
{
    return SHA256_Final(md, EVP_MD_CTX_md_data(ctx));
}

static const EVP_MD sha224_md = {
    NID_sha224,
    NID_sha224WithRSAEncryption,
    SHA224_DIGEST_LENGTH,
    EVP_MD_FLAG_DIGALGID_ABSENT,
    init224,
    update224,
    final224,
    NULL,
    NULL,
    SHA256_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA256_CTX),
};

const EVP_MD *EVP_sha224(void)
{
    return &sha224_md;
}

static const EVP_MD sha256_md = {
    NID_sha256,
    NID_sha256WithRSAEncryption,
    SHA256_DIGEST_LENGTH,
    EVP_MD_FLAG_DIGALGID_ABSENT,
    init256,
    update256,
    final256,
    NULL,
    NULL,
    SHA256_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA256_CTX),
};

const EVP_MD *EVP_sha256(void)
{
    return &sha256_md;
}

static int init512_224(EVP_MD_CTX *ctx)
{
    return sha512_224_init(EVP_MD_CTX_md_data(ctx));
}

static int init512_256(EVP_MD_CTX *ctx)
{
    return sha512_256_init(EVP_MD_CTX_md_data(ctx));
}

static int init384(EVP_MD_CTX *ctx)
{
    return SHA384_Init(EVP_MD_CTX_md_data(ctx));
}

static int update384(EVP_MD_CTX *ctx, const void *data, size_t count)
{
    return SHA384_Update(EVP_MD_CTX_md_data(ctx), data, count);
}

static int final384(EVP_MD_CTX *ctx, unsigned char *md)
{
    return SHA384_Final(md, EVP_MD_CTX_md_data(ctx));
}

static int init512(EVP_MD_CTX *ctx)
{
    return SHA512_Init(EVP_MD_CTX_md_data(ctx));
}

/* See comment in SHA224/256 section */
static int update512(EVP_MD_CTX *ctx, const void *data, size_t count)
{
    return SHA512_Update(EVP_MD_CTX_md_data(ctx), data, count);
}

static int final512(EVP_MD_CTX *ctx, unsigned char *md)
{
    return SHA512_Final(md, EVP_MD_CTX_md_data(ctx));
}

static const EVP_MD sha512_224_md = {
    NID_sha512_224,
    NID_sha512_224WithRSAEncryption,
    SHA224_DIGEST_LENGTH,
    EVP_MD_FLAG_DIGALGID_ABSENT,
    init512_224,
    update512,
    final512,
    NULL,
    NULL,
    SHA512_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA512_CTX),
};

const EVP_MD *EVP_sha512_224(void)
{
    return &sha512_224_md;
}

static const EVP_MD sha512_256_md = {
    NID_sha512_256,
    NID_sha512_256WithRSAEncryption,
    SHA256_DIGEST_LENGTH,
    EVP_MD_FLAG_DIGALGID_ABSENT,
    init512_256,
    update512,
    final512,
    NULL,
    NULL,
    SHA512_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA512_CTX),
};

const EVP_MD *EVP_sha512_256(void)
{
    return &sha512_256_md;
}

static const EVP_MD sha384_md = {
    NID_sha384,
    NID_sha384WithRSAEncryption,
    SHA384_DIGEST_LENGTH,
    EVP_MD_FLAG_DIGALGID_ABSENT,
    init384,
    update384,
    final384,
    NULL,
    NULL,
    SHA512_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA512_CTX),
};

const EVP_MD *EVP_sha384(void)
{
    return &sha384_md;
}

static const EVP_MD sha512_md = {
    NID_sha512,
    NID_sha512WithRSAEncryption,
    SHA512_DIGEST_LENGTH,
    EVP_MD_FLAG_DIGALGID_ABSENT,
    init512,
    update512,
    final512,
    NULL,
    NULL,
    SHA512_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA512_CTX),
};

const EVP_MD *EVP_sha512(void)
{
    return &sha512_md;
}
Commit	Line	Data
62867571	1	/*
4bed94f0	2	* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
d02b48c6	3	*
62867571 RS	4	* Licensed under the OpenSSL license (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
d02b48c6 RE	8	*/
	9
	10	#include <stdio.h>
b39fc560	11	#include "internal/cryptlib.h"
69104cdf	12
474e469b RS	13	#include <openssl/evp.h>
	14	#include <openssl/objects.h>
	15	#include <openssl/sha.h>
3c27208f	16	#include <openssl/rsa.h>
ab0a14bb	17	#include "internal/evp_int.h"
4bed94f0	18	#include "internal/sha.h"
d02b48c6	19
26188931	20	static int init(EVP_MD_CTX *ctx)
0f113f3e	21	{
6e59a892	22	return SHA1_Init(EVP_MD_CTX_md_data(ctx));
0f113f3e MC	23	}
	24
	25	static int update(EVP_MD_CTX ctx, const void data, size_t count)
	26	{
6e59a892	27	return SHA1_Update(EVP_MD_CTX_md_data(ctx), data, count);
0f113f3e MC	28	}
	29
	30	static int final(EVP_MD_CTX ctx, unsigned char md)
	31	{
6e59a892	32	return SHA1_Final(md, EVP_MD_CTX_md_data(ctx));
0f113f3e MC	33	}
0f113f3e MC	34
00f5263b DSH	35	static int ctrl(EVP_MD_CTX ctx, int cmd, int mslen, void ms)
	36	{
	37	unsigned char padtmp[40];
	38	unsigned char sha1tmp[SHA_DIGEST_LENGTH];
	39
a5abd438	40	SHA_CTX *sha1;
00f5263b DSH	41
00f5263b DSH	42	if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
a5abd438 DSH	43	return -2;
	44
	45	if (ctx == NULL)
00f5263b DSH	46	return 0;
00f5263b DSH	47
a5abd438 DSH	48	sha1 = EVP_MD_CTX_md_data(ctx);
a5abd438 DSH	49
00f5263b DSH	50	/* SSLv3 client auth handling: see RFC-6101 5.6.8 */
	51	if (mslen != 48)
	52	return 0;
	53
	54	/* At this point hash contains all handshake messages, update
	55	* with master secret and pad_1.
	56	*/
	57
	58	if (SHA1_Update(sha1, ms, mslen) <= 0)
	59	return 0;
	60
	61	/* Set padtmp to pad_1 value */
	62	memset(padtmp, 0x36, sizeof(padtmp));
	63
	64	if (!SHA1_Update(sha1, padtmp, sizeof(padtmp)))
	65	return 0;
	66
	67	if (!SHA1_Final(sha1tmp, sha1))
	68	return 0;
	69
	70	/* Reinitialise context */
	71
	72	if (!SHA1_Init(sha1))
	73	return 0;
	74
	75	if (SHA1_Update(sha1, ms, mslen) <= 0)
	76	return 0;
	77
	78	/* Set padtmp to pad_2 value */
	79	memset(padtmp, 0x5c, sizeof(padtmp));
	80
	81	if (!SHA1_Update(sha1, padtmp, sizeof(padtmp)))
	82	return 0;
	83
	84	if (!SHA1_Update(sha1, sha1tmp, sizeof(sha1tmp)))
	85	return 0;
	86
	87	/* Now when ctx is finalised it will return the SSL v3 hash value */
	88	OPENSSL_cleanse(sha1tmp, sizeof(sha1tmp));
	89
	90	return 1;
	91
	92	}
	93
0f113f3e MC	94	static const EVP_MD sha1_md = {
	95	NID_sha1,
	96	NID_sha1WithRSAEncryption,
	97	SHA_DIGEST_LENGTH,
7f572e95	98	EVP_MD_FLAG_DIGALGID_ABSENT,
0f113f3e MC	99	init,
	100	update,
	101	final,
	102	NULL,
	103	NULL,
0f113f3e MC	104	SHA_CBLOCK,
0f113f3e MC	105	sizeof(EVP_MD *) + sizeof(SHA_CTX),
00f5263b	106	ctrl
0f113f3e	107	};
d02b48c6	108
13588350	109	const EVP_MD *EVP_sha1(void)
0f113f3e	110	{
26a7d938	111	return &sha1_md;
0f113f3e	112	}
31c2ac1c	113
31c2ac1c	114	static int init224(EVP_MD_CTX *ctx)
0f113f3e	115	{
6e59a892	116	return SHA224_Init(EVP_MD_CTX_md_data(ctx));
0f113f3e MC	117	}
0f113f3e MC	118
babab8e7 VD	119	static int update224(EVP_MD_CTX ctx, const void data, size_t count)
	120	{
	121	return SHA224_Update(EVP_MD_CTX_md_data(ctx), data, count);
	122	}
	123
	124	static int final224(EVP_MD_CTX ctx, unsigned char md)
	125	{
	126	return SHA224_Final(md, EVP_MD_CTX_md_data(ctx));
	127	}
	128
31c2ac1c	129	static int init256(EVP_MD_CTX *ctx)
0f113f3e	130	{
6e59a892	131	return SHA256_Init(EVP_MD_CTX_md_data(ctx));
0f113f3e MC	132	}
0f113f3e MC	133
0f113f3e MC	134	static int update256(EVP_MD_CTX ctx, const void data, size_t count)
0f113f3e MC	135	{
6e59a892	136	return SHA256_Update(EVP_MD_CTX_md_data(ctx), data, count);
0f113f3e MC	137	}
	138
	139	static int final256(EVP_MD_CTX ctx, unsigned char md)
	140	{
6e59a892	141	return SHA256_Final(md, EVP_MD_CTX_md_data(ctx));
0f113f3e MC	142	}
	143
	144	static const EVP_MD sha224_md = {
	145	NID_sha224,
	146	NID_sha224WithRSAEncryption,
	147	SHA224_DIGEST_LENGTH,
7f572e95	148	EVP_MD_FLAG_DIGALGID_ABSENT,
0f113f3e	149	init224,
babab8e7 VD	150	update224,
babab8e7 VD	151	final224,
0f113f3e MC	152	NULL,
0f113f3e MC	153	NULL,
0f113f3e MC	154	SHA256_CBLOCK,
	155	sizeof(EVP_MD *) + sizeof(SHA256_CTX),
	156	};
31c2ac1c AP	157
31c2ac1c AP	158	const EVP_MD *EVP_sha224(void)
0f113f3e	159	{
26a7d938	160	return &sha224_md;
0f113f3e MC	161	}
	162
	163	static const EVP_MD sha256_md = {
	164	NID_sha256,
	165	NID_sha256WithRSAEncryption,
	166	SHA256_DIGEST_LENGTH,
7f572e95	167	EVP_MD_FLAG_DIGALGID_ABSENT,
0f113f3e MC	168	init256,
	169	update256,
	170	final256,
	171	NULL,
	172	NULL,
0f113f3e MC	173	SHA256_CBLOCK,
	174	sizeof(EVP_MD *) + sizeof(SHA256_CTX),
	175	};
31c2ac1c AP	176
31c2ac1c AP	177	const EVP_MD *EVP_sha256(void)
0f113f3e	178	{
26a7d938	179	return &sha256_md;
0f113f3e	180	}
31c2ac1c	181
4bed94f0 P	182	static int init512_224(EVP_MD_CTX *ctx)
	183	{
	184	return sha512_224_init(EVP_MD_CTX_md_data(ctx));
	185	}
	186
	187	static int init512_256(EVP_MD_CTX *ctx)
	188	{
	189	return sha512_256_init(EVP_MD_CTX_md_data(ctx));
	190	}
	191
31c2ac1c	192	static int init384(EVP_MD_CTX *ctx)
0f113f3e	193	{
6e59a892	194	return SHA384_Init(EVP_MD_CTX_md_data(ctx));
0f113f3e MC	195	}
0f113f3e MC	196
babab8e7 VD	197	static int update384(EVP_MD_CTX ctx, const void data, size_t count)
	198	{
	199	return SHA384_Update(EVP_MD_CTX_md_data(ctx), data, count);
	200	}
	201
	202	static int final384(EVP_MD_CTX ctx, unsigned char md)
	203	{
	204	return SHA384_Final(md, EVP_MD_CTX_md_data(ctx));
	205	}
	206
31c2ac1c	207	static int init512(EVP_MD_CTX *ctx)
0f113f3e	208	{
6e59a892	209	return SHA512_Init(EVP_MD_CTX_md_data(ctx));
0f113f3e MC	210	}
0f113f3e MC	211
31c2ac1c	212	/* See comment in SHA224/256 section */
0f113f3e MC	213	static int update512(EVP_MD_CTX ctx, const void data, size_t count)
0f113f3e MC	214	{
6e59a892	215	return SHA512_Update(EVP_MD_CTX_md_data(ctx), data, count);
0f113f3e MC	216	}
	217
	218	static int final512(EVP_MD_CTX ctx, unsigned char md)
	219	{
6e59a892	220	return SHA512_Final(md, EVP_MD_CTX_md_data(ctx));
0f113f3e MC	221	}
0f113f3e MC	222
4bed94f0 P	223	static const EVP_MD sha512_224_md = {
	224	NID_sha512_224,
	225	NID_sha512_224WithRSAEncryption,
	226	SHA224_DIGEST_LENGTH,
	227	EVP_MD_FLAG_DIGALGID_ABSENT,
	228	init512_224,
	229	update512,
	230	final512,
	231	NULL,
	232	NULL,
	233	SHA512_CBLOCK,
	234	sizeof(EVP_MD *) + sizeof(SHA512_CTX),
	235	};
	236
	237	const EVP_MD *EVP_sha512_224(void)
	238	{
	239	return &sha512_224_md;
	240	}
	241
	242	static const EVP_MD sha512_256_md = {
	243	NID_sha512_256,
	244	NID_sha512_256WithRSAEncryption,
	245	SHA256_DIGEST_LENGTH,
	246	EVP_MD_FLAG_DIGALGID_ABSENT,
	247	init512_256,
	248	update512,
	249	final512,
	250	NULL,
	251	NULL,
	252	SHA512_CBLOCK,
	253	sizeof(EVP_MD *) + sizeof(SHA512_CTX),
	254	};
	255
	256	const EVP_MD *EVP_sha512_256(void)
	257	{
	258	return &sha512_256_md;
	259	}
	260
0f113f3e MC	261	static const EVP_MD sha384_md = {
	262	NID_sha384,
	263	NID_sha384WithRSAEncryption,
	264	SHA384_DIGEST_LENGTH,
7f572e95	265	EVP_MD_FLAG_DIGALGID_ABSENT,
0f113f3e	266	init384,
babab8e7 VD	267	update384,
babab8e7 VD	268	final384,
0f113f3e MC	269	NULL,
0f113f3e MC	270	NULL,
0f113f3e MC	271	SHA512_CBLOCK,
	272	sizeof(EVP_MD *) + sizeof(SHA512_CTX),
	273	};
31c2ac1c AP	274
31c2ac1c AP	275	const EVP_MD *EVP_sha384(void)
0f113f3e	276	{
26a7d938	277	return &sha384_md;
0f113f3e MC	278	}
	279
	280	static const EVP_MD sha512_md = {
	281	NID_sha512,
	282	NID_sha512WithRSAEncryption,
	283	SHA512_DIGEST_LENGTH,
7f572e95	284	EVP_MD_FLAG_DIGALGID_ABSENT,
0f113f3e MC	285	init512,
	286	update512,
	287	final512,
	288	NULL,
	289	NULL,
0f113f3e MC	290	SHA512_CBLOCK,
	291	sizeof(EVP_MD *) + sizeof(SHA512_CTX),
	292	};
31c2ac1c AP	293
31c2ac1c AP	294	const EVP_MD *EVP_sha512(void)
0f113f3e	295	{
26a7d938	296	return &sha512_md;
0f113f3e	297	}