Commit 5e72dc47 authored by johan's avatar johan

Add hash functions to the crypto API

parent 3e5fdca8
......@@ -306,10 +306,71 @@ BCTOOLBOX_PUBLIC int32_t bctoolbox_ssl_config_set_dtls_srtp_protection_profiles(
BCTOOLBOX_PUBLIC int32_t bctoolbox_ssl_get_dtls_srtp_key_material(bctoolbox_ssl_context_t *ssl_ctx, char *output, size_t *output_length);
BCTOOLBOX_PUBLIC uint8_t bctoolbox_dtls_srtp_supported(void);
#ifdef __cplusplus
}
#endif
/*****************************************************************************/
/***** Hashing *****/
/*****************************************************************************/
/**
* @brief HMAC-SHA256 wrapper
* @param[in] key HMAC secret key
* @param[in] keyLength HMAC key length in bytes
* @param[in] input Input data buffer
* @param[in] inputLength Input data length in bytes
* @param[in] hmacLength Length of output required in bytes, HMAC output is truncated to the hmacLength left bytes. 32 bytes maximum
* @param[out] output Output data buffer.
*
*/
BCTOOLBOX_PUBLIC void bctoolbox_hmacSha256(const uint8_t *key,
size_t keyLength,
const uint8_t *input,
size_t inputLength,
uint8_t hmacLength,
uint8_t *output);
/**
* @brief SHA256 wrapper
* @param[in] input Input data buffer
* @param[in] inputLength Input data length in bytes
* @param[in] hmacLength Length of output required in bytes, SHA256 output is truncated to the hashLength left bytes. 32 bytes maximum
* @param[out] output Output data buffer.
*
*/
BCTOOLBOX_PUBLIC void bctoolbox_sha256(const uint8_t *input,
size_t inputLength,
uint8_t hashLength,
uint8_t *output);
/**
* @brief HMAC-SHA1 wrapper
* @param[in] key HMAC secret key
* @param[in] keyLength HMAC key length
* @param[in] input Input data buffer
* @param[in] inputLength Input data length
* @param[in] hmacLength Length of output required in bytes, HMAC output is truncated to the hmacLength left bytes. 20 bytes maximum
* @param[out] output Output data buffer
*
*/
BCTOOLBOX_PUBLIC void bctoolbox_hmacSha1(const uint8_t *key,
size_t keyLength,
const uint8_t *input,
size_t inputLength,
uint8_t hmacLength,
uint8_t *output);
/**
* @brief MD5 wrapper
* output = md5(input)
* @param[in] input Input data buffer
* @param[in] inputLength Input data length in bytes
* @param[out] output Output data buffer.
*
*/
BCTOOLBOX_PUBLIC void bctoolbox_md5(const uint8_t *input,
size_t inputLength,
uint8_t output[16]);
#ifdef __cplusplus
}
#endif
#endif /* BCTOOLBOX_CRYPTO_H */
......@@ -30,6 +30,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#include <mbedtls/x509.h>
#include <mbedtls/entropy.h>
#include <mbedtls/ctr_drbg.h>
#include <mbedtls/md5.h>
#include <mbedtls/sha1.h>
#include <mbedtls/sha256.h>
#include <mbedtls/sha512.h>
......@@ -950,20 +951,6 @@ void bctoolbox_ssl_config_free(bctoolbox_ssl_config_t *ssl_config) {
bctoolbox_free(ssl_config);
}
const mbedtls_x509_crt_profile bctoolbox_x509_crt_profile_default =
{
/* Hashes from SHA-1 and above */
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_RIPEMD160 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
0xFFFFFFF, /* Any PK alg */
0xFFFFFFF, /* Any curve */
1024,
};
int32_t bctoolbox_ssl_config_defaults(bctoolbox_ssl_config_t *ssl_config, int endpoint, int transport) {
int mbedtls_endpoint, mbedtls_transport;
......@@ -1173,3 +1160,103 @@ int32_t bctoolbox_ssl_context_setup(bctoolbox_ssl_context_t *ssl_ctx, bctoolbox_
return mbedtls_ssl_setup(&(ssl_ctx->ssl_ctx), ssl_config->ssl_config);
}
/*****************************************************************************/
/***** Hashing *****/
/*****************************************************************************/
/*
* HMAC-SHA-256 wrapper
* @param[in] key HMAC secret key
* @param[in] keyLength HMAC key length
* @param[in] input Input data buffer
* @param[in] inputLength Input data length
* @param[in] hmacLength Length of output required in bytes, HMAC output is truncated to the hmacLength left bytes. 32 bytes maximum
* @param[out] output Output data buffer.
*
*/
void bctoolbox_hmacSha256(const uint8_t *key,
size_t keyLength,
const uint8_t *input,
size_t inputLength,
uint8_t hmacLength,
uint8_t *output)
{
uint8_t hmacOutput[32];
mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), key, keyLength, input, inputLength, hmacOutput);
/* check output length, can't be>32 */
if (hmacLength>32) {
memcpy(output, hmacOutput, 32);
} else {
memcpy(output, hmacOutput, hmacLength);
}
}
/*
* @brief SHA256 wrapper
* @param[in] input Input data buffer
* @param[in] inputLength Input data length in bytes
* @param[in] hmacLength Length of output required in bytes, HMAC output is truncated to the hmacLength left bytes. 32 bytes maximum
* @param[out] output Output data buffer.
*
*/
void bctoolbox_sha256(const uint8_t *input,
size_t inputLength,
uint8_t hashLength,
uint8_t *output)
{
uint8_t hashOutput[32];
mbedtls_sha256(input, inputLength, hashOutput, 0); /* last param to zero to select SHA256 and not SHA224 */
/* check output length, can't be>32 */
if (hashLength>32) {
memcpy(output, hashOutput, 32);
} else {
memcpy(output, hashOutput, hashLength);
}
}
/*
* @brief HMAC-SHA1 wrapper
* @param[in] key HMAC secret key
* @param[in] keyLength HMAC key length
* @param[in] input Input data buffer
* @param[in] inputLength Input data length
* @param[in] hmacLength Length of output required in bytes, HMAC output is truncated to the hmacLength left bytes. 20 bytes maximum
* @param[out] output Output data buffer.
*
*/
void bctoolbox_hmacSha1(const uint8_t *key,
size_t keyLength,
const uint8_t *input,
size_t inputLength,
uint8_t hmacLength,
uint8_t *output)
{
uint8_t hmacOutput[20];
mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), key, keyLength, input, inputLength, hmacOutput);
/* check output length, can't be>20 */
if (hmacLength>20) {
memcpy(output, hmacOutput, 20);
} else {
memcpy(output, hmacOutput, hmacLength);
}
}
/**
* @brief MD5 wrapper
* output = md5(input)
* @param[in] input Input data buffer
* @param[in] inputLength Input data length in bytes
* @param[out] output Output data buffer.
*
*/
void bctoolbox_md5(const uint8_t *input,
size_t inputLength,
uint8_t output[16])
{
mbedtls_md5(input, inputLength, output);
}
......@@ -32,6 +32,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#include <polarssl/x509.h>
#include <polarssl/entropy.h>
#include <polarssl/ctr_drbg.h>
#include <polarssl/md5.h>
#include <polarssl/sha1.h>
#include <polarssl/sha256.h>
#include <polarssl/sha512.h>
......@@ -1023,3 +1024,101 @@ int32_t bctoolbox_ssl_context_setup(bctoolbox_ssl_context_t *ssl_ctx, bctoolbox_
return 0;
}
/*****************************************************************************/
/***** Hashing *****/
/*****************************************************************************/
/**
* @brief HMAC-SHA256 wrapper
* @param[in] key HMAC secret key
* @param[in] keyLength HMAC key length in bytes
* @param[in] input Input data buffer
* @param[in] inputLength Input data length in bytes
* @param[in] hmacLength Length of output required in bytes, HMAC output is truncated to the hmacLength left bytes. 32 bytes maximum
* @param[out] output Output data buffer.
*
*/
void bctoolbox_hmacSha256(const uint8_t *key,
size_t keyLength,
const uint8_t *input,
size_t inputLength,
uint8_t hmacLength,
uint8_t *output)
{
uint8_t hmacOutput[32];
sha256_hmac(key, keyLength, input, inputLength, hmacOutput, 0); /* last param to zero to select SHA256 and not SHA224 */
/* check output length, can't be>32 */
if (hmacLength>32) {
memcpy(output, hmacOutput, 32);
} else {
memcpy(output, hmacOutput, hmacLength);
}
}
/**
* @brief SHA256 wrapper
* @param[in] input Input data buffer
* @param[in] inputLength Input data length in bytes
* @param[in] hmacLength Length of output required in bytes, SHA256 output is truncated to the hashLength left bytes. 32 bytes maximum
* @param[out] output Output data buffer.
*
*/
void bctoolbox_sha256(const uint8_t *input,
size_t inputLength,
uint8_t hashLength,
uint8_t *output)
{
uint8_t hashOutput[32];
sha256(input, inputLength, hashOutput, 0); /* last param to zero to select SHA256 and not SHA224 */
/* check output length, can't be>32 */
if (hashLength>32) {
memcpy(output, hashOutput, 32);
} else {
memcpy(output, hashOutput, hashLength);
}
}
/**
* @brief HMAC-SHA1 wrapper
* @param[in] key HMAC secret key
* @param[in] keyLength HMAC key length
* @param[in] input Input data buffer
* @param[in] inputLength Input data length
* @param[in] hmacLength Length of output required in bytes, HMAC output is truncated to the hmacLength left bytes. 20 bytes maximum
* @param[out] output Output data buffer
*
*/
void bctoolbox_hmacSha1(const uint8_t *key,
size_t keyLength,
const uint8_t *input,
size_t inputLength,
uint8_t hmacLength,
uint8_t *output)
{
uint8_t hmacOutput[20];
sha1_hmac(key, keyLength, input, inputLength, hmacOutput);
/* check output length, can't be>20 */
if (hmacLength>20) {
memcpy(output, hmacOutput, 20);
} else {
memcpy(output, hmacOutput, hmacLength);
}
}
/**
* @brief MD5 wrapper
* output = md5(input)
* @param[in] input Input data buffer
* @param[in] inputLength Input data length in bytes
* @param[out] output Output data buffer.
*
*/
void bctoolbox_md5(const uint8_t *input,
size_t inputLength,
uint8_t output[16])
{
md5(input, inputLength, output);
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment