| 1 | /**************************** sha.h ****************************/ |
|---|---|
| 2 | /***************** See RFC 6234 for details. *******************/ |
| 3 | /* |
| 4 | Copyright (c) 2011 IETF Trust and the persons identified as |
| 5 | authors of the code. All rights reserved. |
| 6 | |
| 7 | Redistribution and use in source and binary forms, with or |
| 8 | without modification, are permitted provided that the following |
| 9 | conditions are met: |
| 10 | |
| 11 | - Redistributions of source code must retain the above |
| 12 | copyright notice, this list of conditions and |
| 13 | the following disclaimer. |
| 14 | |
| 15 | - Redistributions in binary form must reproduce the above |
| 16 | copyright notice, this list of conditions and the following |
| 17 | disclaimer in the documentation and/or other materials provided |
| 18 | with the distribution. |
| 19 | |
| 20 | - Neither the name of Internet Society, IETF or IETF Trust, nor |
| 21 | the names of specific contributors, may be used to endorse or |
| 22 | promote products derived from this software without specific |
| 23 | prior written permission. |
| 24 | |
| 25 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND |
| 26 | CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, |
| 27 | INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF |
| 28 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE |
| 29 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR |
| 30 | CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| 31 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
| 32 | NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
| 33 | LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
| 34 | HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
| 35 | CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR |
| 36 | OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, |
| 37 | EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 38 | */ |
| 39 | #ifndef _SHA_H_ |
| 40 | #define _SHA_H_ |
| 41 | |
| 42 | /* |
| 43 | * Description: |
| 44 | * This file implements the Secure Hash Algorithms |
| 45 | * as defined in the U.S. National Institute of Standards |
| 46 | * and Technology Federal Information Processing Standards |
| 47 | * Publication (FIPS PUB) 180-3 published in October 2008 |
| 48 | * and formerly defined in its predecessors, FIPS PUB 180-1 |
| 49 | * and FIP PUB 180-2. |
| 50 | * |
| 51 | * A combined document showing all algorithms is available at |
| 52 | * http://csrc.nist.gov/publications/fips/ |
| 53 | * fips180-3/fips180-3_final.pdf |
| 54 | * |
| 55 | * The five hashes are defined in these sizes: |
| 56 | * SHA-1 20 byte / 160 bit |
| 57 | * SHA-224 28 byte / 224 bit |
| 58 | * SHA-256 32 byte / 256 bit |
| 59 | * SHA-384 48 byte / 384 bit |
| 60 | * SHA-512 64 byte / 512 bit |
| 61 | * |
| 62 | * Compilation Note: |
| 63 | * These files may be compiled with two options: |
| 64 | * USE_32BIT_ONLY - use 32-bit arithmetic only, for systems |
| 65 | * without 64-bit integers |
| 66 | * |
| 67 | * USE_MODIFIED_MACROS - use alternate form of the SHA_Ch() |
| 68 | * and SHA_Maj() macros that are equivalent |
| 69 | * and potentially faster on many systems |
| 70 | * |
| 71 | */ |
| 72 | |
| 73 | #include <stdint.h> |
| 74 | /* |
| 75 | * If you do not have the ISO standard stdint.h header file, then you |
| 76 | * must typedef the following: |
| 77 | * name meaning |
| 78 | * uint64_t unsigned 64-bit integer |
| 79 | * uint32_t unsigned 32-bit integer |
| 80 | * uint8_t unsigned 8-bit integer (i.e., unsigned char) |
| 81 | * int_least16_t integer of >= 16 bits |
| 82 | * |
| 83 | * See stdint-example.h |
| 84 | */ |
| 85 | |
| 86 | #ifndef _SHA_enum_ |
| 87 | #define _SHA_enum_ |
| 88 | /* |
| 89 | * All SHA functions return one of these values. |
| 90 | */ |
| 91 | enum { |
| 92 | shaSuccess = 0, |
| 93 | shaNull, /* Null pointer parameter */ |
| 94 | shaInputTooLong, /* input data too long */ |
| 95 | shaStateError, /* called Input after FinalBits or Result */ |
| 96 | shaBadParam /* passed a bad parameter */ |
| 97 | }; |
| 98 | #endif /* _SHA_enum_ */ |
| 99 | |
| 100 | /* |
| 101 | * These constants hold size information for each of the SHA |
| 102 | * hashing operations |
| 103 | */ |
| 104 | enum { |
| 105 | SHA1_Message_Block_Size = 64, SHA224_Message_Block_Size = 64, |
| 106 | SHA256_Message_Block_Size = 64, SHA384_Message_Block_Size = 128, |
| 107 | SHA512_Message_Block_Size = 128, |
| 108 | USHA_Max_Message_Block_Size = SHA512_Message_Block_Size, |
| 109 | |
| 110 | SHA1HashSize = 20, SHA224HashSize = 28, SHA256HashSize = 32, |
| 111 | SHA384HashSize = 48, SHA512HashSize = 64, |
| 112 | USHAMaxHashSize = SHA512HashSize, |
| 113 | |
| 114 | SHA1HashSizeBits = 160, SHA224HashSizeBits = 224, |
| 115 | SHA256HashSizeBits = 256, SHA384HashSizeBits = 384, |
| 116 | SHA512HashSizeBits = 512, USHAMaxHashSizeBits = SHA512HashSizeBits |
| 117 | }; |
| 118 | |
| 119 | /* |
| 120 | * These constants are used in the USHA (Unified SHA) functions. |
| 121 | */ |
| 122 | typedef enum SHAversion { |
| 123 | SHA1, SHA224, SHA256, SHA384, SHA512 |
| 124 | } SHAversion; |
| 125 | |
| 126 | /* |
| 127 | * This structure will hold context information for the SHA-1 |
| 128 | * hashing operation. |
| 129 | */ |
| 130 | typedef struct SHA1Context { |
| 131 | uint32_t Intermediate_Hash[SHA1HashSize/4]; /* Message Digest */ |
| 132 | |
| 133 | uint32_t Length_High; /* Message length in bits */ |
| 134 | uint32_t Length_Low; /* Message length in bits */ |
| 135 | |
| 136 | int_least16_t Message_Block_Index; /* Message_Block array index */ |
| 137 | /* 512-bit message blocks */ |
| 138 | uint8_t Message_Block[SHA1_Message_Block_Size]; |
| 139 | |
| 140 | int Computed; /* Is the hash computed? */ |
| 141 | int Corrupted; /* Cumulative corruption code */ |
| 142 | } SHA1Context; |
| 143 | |
| 144 | /* |
| 145 | * This structure will hold context information for the SHA-256 |
| 146 | * hashing operation. |
| 147 | */ |
| 148 | typedef struct SHA256Context { |
| 149 | uint32_t Intermediate_Hash[SHA256HashSize/4]; /* Message Digest */ |
| 150 | |
| 151 | uint32_t Length_High; /* Message length in bits */ |
| 152 | uint32_t Length_Low; /* Message length in bits */ |
| 153 | |
| 154 | int_least16_t Message_Block_Index; /* Message_Block array index */ |
| 155 | /* 512-bit message blocks */ |
| 156 | uint8_t Message_Block[SHA256_Message_Block_Size]; |
| 157 | |
| 158 | int Computed; /* Is the hash computed? */ |
| 159 | int Corrupted; /* Cumulative corruption code */ |
| 160 | } SHA256Context; |
| 161 | |
| 162 | /* |
| 163 | * This structure will hold context information for the SHA-512 |
| 164 | * hashing operation. |
| 165 | */ |
| 166 | typedef struct SHA512Context { |
| 167 | #ifdef USE_32BIT_ONLY |
| 168 | uint32_t Intermediate_Hash[SHA512HashSize/4]; /* Message Digest */ |
| 169 | uint32_t Length[4]; /* Message length in bits */ |
| 170 | #else /* !USE_32BIT_ONLY */ |
| 171 | uint64_t Intermediate_Hash[SHA512HashSize/8]; /* Message Digest */ |
| 172 | uint64_t Length_High, Length_Low; /* Message length in bits */ |
| 173 | #endif /* USE_32BIT_ONLY */ |
| 174 | |
| 175 | int_least16_t Message_Block_Index; /* Message_Block array index */ |
| 176 | /* 1024-bit message blocks */ |
| 177 | uint8_t Message_Block[SHA512_Message_Block_Size]; |
| 178 | |
| 179 | int Computed; /* Is the hash computed?*/ |
| 180 | int Corrupted; /* Cumulative corruption code */ |
| 181 | } SHA512Context; |
| 182 | |
| 183 | /* |
| 184 | * This structure will hold context information for the SHA-224 |
| 185 | * hashing operation. It uses the SHA-256 structure for computation. |
| 186 | */ |
| 187 | typedef struct SHA256Context SHA224Context; |
| 188 | |
| 189 | /* |
| 190 | * This structure will hold context information for the SHA-384 |
| 191 | * hashing operation. It uses the SHA-512 structure for computation. |
| 192 | */ |
| 193 | typedef struct SHA512Context SHA384Context; |
| 194 | |
| 195 | /* |
| 196 | * This structure holds context information for all SHA |
| 197 | * hashing operations. |
| 198 | */ |
| 199 | typedef struct USHAContext { |
| 200 | int whichSha; /* which SHA is being used */ |
| 201 | union { |
| 202 | SHA1Context sha1Context; |
| 203 | SHA224Context sha224Context; SHA256Context sha256Context; |
| 204 | SHA384Context sha384Context; SHA512Context sha512Context; |
| 205 | } ctx; |
| 206 | } USHAContext; |
| 207 | |
| 208 | /* |
| 209 | * This structure will hold context information for the HMAC |
| 210 | * keyed-hashing operation. |
| 211 | */ |
| 212 | typedef struct HMACContext { |
| 213 | int whichSha; /* which SHA is being used */ |
| 214 | int hashSize; /* hash size of SHA being used */ |
| 215 | int blockSize; /* block size of SHA being used */ |
| 216 | USHAContext shaContext; /* SHA context */ |
| 217 | unsigned char k_opad[USHA_Max_Message_Block_Size]; |
| 218 | /* outer padding - key XORd with opad */ |
| 219 | int Computed; /* Is the MAC computed? */ |
| 220 | int Corrupted; /* Cumulative corruption code */ |
| 221 | |
| 222 | } HMACContext; |
| 223 | |
| 224 | /* |
| 225 | * This structure will hold context information for the HKDF |
| 226 | * extract-and-expand Key Derivation Functions. |
| 227 | */ |
| 228 | typedef struct HKDFContext { |
| 229 | int whichSha; /* which SHA is being used */ |
| 230 | HMACContext hmacContext; |
| 231 | int hashSize; /* hash size of SHA being used */ |
| 232 | unsigned char prk[USHAMaxHashSize]; |
| 233 | /* pseudo-random key - output of hkdfInput */ |
| 234 | int Computed; /* Is the key material computed? */ |
| 235 | int Corrupted; /* Cumulative corruption code */ |
| 236 | } HKDFContext; |
| 237 | |
| 238 | /* |
| 239 | * Function Prototypes |
| 240 | */ |
| 241 | |
| 242 | /* SHA-1 */ |
| 243 | extern int SHA1Reset(SHA1Context *); |
| 244 | extern int SHA1Input(SHA1Context *, const uint8_t *bytes, |
| 245 | unsigned int bytecount); |
| 246 | extern int SHA1FinalBits(SHA1Context *, uint8_t bits, |
| 247 | unsigned int bit_count); |
| 248 | extern int SHA1Result(SHA1Context *, |
| 249 | uint8_t Message_Digest[SHA1HashSize]); |
| 250 | |
| 251 | /* SHA-224 */ |
| 252 | extern int SHA224Reset(SHA224Context *); |
| 253 | extern int SHA224Input(SHA224Context *, const uint8_t *bytes, |
| 254 | unsigned int bytecount); |
| 255 | extern int SHA224FinalBits(SHA224Context *, uint8_t bits, |
| 256 | unsigned int bit_count); |
| 257 | extern int SHA224Result(SHA224Context *, |
| 258 | uint8_t Message_Digest[SHA224HashSize]); |
| 259 | |
| 260 | /* SHA-256 */ |
| 261 | extern int SHA256Reset(SHA256Context *); |
| 262 | extern int SHA256Input(SHA256Context *, const uint8_t *bytes, |
| 263 | unsigned int bytecount); |
| 264 | extern int SHA256FinalBits(SHA256Context *, uint8_t bits, |
| 265 | unsigned int bit_count); |
| 266 | extern int SHA256Result(SHA256Context *, |
| 267 | uint8_t Message_Digest[SHA256HashSize]); |
| 268 | |
| 269 | /* SHA-384 */ |
| 270 | extern int SHA384Reset(SHA384Context *); |
| 271 | extern int SHA384Input(SHA384Context *, const uint8_t *bytes, |
| 272 | unsigned int bytecount); |
| 273 | extern int SHA384FinalBits(SHA384Context *, uint8_t bits, |
| 274 | unsigned int bit_count); |
| 275 | extern int SHA384Result(SHA384Context *, |
| 276 | uint8_t Message_Digest[SHA384HashSize]); |
| 277 | |
| 278 | /* SHA-512 */ |
| 279 | extern int SHA512Reset(SHA512Context *); |
| 280 | extern int SHA512Input(SHA512Context *, const uint8_t *bytes, |
| 281 | unsigned int bytecount); |
| 282 | extern int SHA512FinalBits(SHA512Context *, uint8_t bits, |
| 283 | unsigned int bit_count); |
| 284 | extern int SHA512Result(SHA512Context *, |
| 285 | uint8_t Message_Digest[SHA512HashSize]); |
| 286 | |
| 287 | /* Unified SHA functions, chosen by whichSha */ |
| 288 | extern int USHAReset(USHAContext *context, SHAversion whichSha); |
| 289 | extern int USHAInput(USHAContext *context, |
| 290 | const uint8_t *bytes, unsigned int bytecount); |
| 291 | extern int USHAFinalBits(USHAContext *context, |
| 292 | uint8_t bits, unsigned int bit_count); |
| 293 | extern int USHAResult(USHAContext *context, |
| 294 | uint8_t Message_Digest[USHAMaxHashSize]); |
| 295 | extern int USHABlockSize(enum SHAversion whichSha); |
| 296 | extern int USHAHashSize(enum SHAversion whichSha); |
| 297 | extern int USHAHashSizeBits(enum SHAversion whichSha); |
| 298 | extern const char *USHAHashName(enum SHAversion whichSha); |
| 299 | |
| 300 | /* |
| 301 | * HMAC Keyed-Hashing for Message Authentication, RFC 2104, |
| 302 | * for all SHAs. |
| 303 | * This interface allows a fixed-length text input to be used. |
| 304 | */ |
| 305 | extern int hmac(SHAversion whichSha, /* which SHA algorithm to use */ |
| 306 | const unsigned char *text, /* pointer to data stream */ |
| 307 | int text_len, /* length of data stream */ |
| 308 | const unsigned char *key, /* pointer to authentication key */ |
| 309 | int key_len, /* length of authentication key */ |
| 310 | uint8_t digest[USHAMaxHashSize]); /* caller digest to fill in */ |
| 311 | |
| 312 | /* |
| 313 | * HMAC Keyed-Hashing for Message Authentication, RFC 2104, |
| 314 | * for all SHAs. |
| 315 | * This interface allows any length of text input to be used. |
| 316 | */ |
| 317 | extern int hmacReset(HMACContext *context, enum SHAversion whichSha, |
| 318 | const unsigned char *key, int key_len); |
| 319 | extern int hmacInput(HMACContext *context, const unsigned char *text, |
| 320 | int text_len); |
| 321 | extern int hmacFinalBits(HMACContext *context, uint8_t bits, |
| 322 | unsigned int bit_count); |
| 323 | extern int hmacResult(HMACContext *context, |
| 324 | uint8_t digest[USHAMaxHashSize]); |
| 325 | |
| 326 | /* |
| 327 | * HKDF HMAC-based Extract-and-Expand Key Derivation Function, |
| 328 | * RFC 5869, for all SHAs. |
| 329 | */ |
| 330 | extern int hkdf(SHAversion whichSha, const unsigned char *salt, |
| 331 | int salt_len, const unsigned char *ikm, int ikm_len, |
| 332 | const unsigned char *info, int info_len, |
| 333 | uint8_t okm[ ], int okm_len); |
| 334 | extern int hkdfExtract(SHAversion whichSha, const unsigned char *salt, |
| 335 | int salt_len, const unsigned char *ikm, |
| 336 | int ikm_len, uint8_t prk[USHAMaxHashSize]); |
| 337 | extern int hkdfExpand(SHAversion whichSha, const uint8_t prk[ ], |
| 338 | int prk_len, const unsigned char *info, |
| 339 | int info_len, uint8_t okm[ ], int okm_len); |
| 340 | |
| 341 | /* |
| 342 | * HKDF HMAC-based Extract-and-Expand Key Derivation Function, |
| 343 | * RFC 5869, for all SHAs. |
| 344 | * This interface allows any length of text input to be used. |
| 345 | */ |
| 346 | extern int hkdfReset(HKDFContext *context, enum SHAversion whichSha, |
| 347 | const unsigned char *salt, int salt_len); |
| 348 | extern int hkdfInput(HKDFContext *context, const unsigned char *ikm, |
| 349 | int ikm_len); |
| 350 | extern int hkdfFinalBits(HKDFContext *context, uint8_t ikm_bits, |
| 351 | unsigned int ikm_bit_count); |
| 352 | extern int hkdfResult(HKDFContext *context, |
| 353 | uint8_t prk[USHAMaxHashSize], |
| 354 | const unsigned char *info, int info_len, |
| 355 | uint8_t okm[USHAMaxHashSize], int okm_len); |
| 356 | #endif /* _SHA_H_ */ |
| 357 |
Generated while processing Qt/src/corelib/tools/qmessageauthenticationcode.cpp
Generated on 2020-Oct-27 from project Qt revision 6.0b
Powered by 
Code Browser 2.1
Generator usage only permitted with license.