md.c 10.6 KB
Newer Older
1 2
/**
 * \file md.c
3
 *
4
 * \brief Generic message digest wrapper for mbed TLS
5 6 7
 *
 * \author Adriaan de Jong <dejong@fox-it.com>
 *
Manuel Pégourié-Gonnard's avatar
Manuel Pégourié-Gonnard committed
8
 *  Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
9
 *
10
 *  This file is part of mbed TLS (https://tls.mbed.org)
11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License along
 *  with this program; if not, write to the Free Software Foundation, Inc.,
 *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */

27
#if !defined(POLARSSL_CONFIG_FILE)
28
#include "mbedtls/config.h"
29 30 31
#else
#include POLARSSL_CONFIG_FILE
#endif
32 33 34

#if defined(POLARSSL_MD_C)

35 36
#include "mbedtls/md.h"
#include "mbedtls/md_wrap.h"
37

38 39 40
#if defined(POLARSSL_PLATFORM_C)
#include "mbedtls/platform.h"
#else
41
#include <stdlib.h>
42 43 44 45
#define polarssl_malloc     malloc
#define polarssl_free       free
#endif

46
#include <string.h>
47

48 49 50
#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \
    !defined(EFI32)
#define strcasecmp  _stricmp
51 52
#endif

53 54 55 56 57
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}

58 59
static const int supported_digests[] = {

60 61
#if defined(POLARSSL_SHA512_C)
        POLARSSL_MD_SHA512,
62
        POLARSSL_MD_SHA384,
63 64
#endif

65 66
#if defined(POLARSSL_SHA256_C)
        POLARSSL_MD_SHA256,
67
        POLARSSL_MD_SHA224,
68 69
#endif

70 71
#if defined(POLARSSL_SHA1_C)
        POLARSSL_MD_SHA1,
72 73
#endif

Paul Bakker's avatar
Paul Bakker committed
74 75
#if defined(POLARSSL_RIPEMD160_C)
        POLARSSL_MD_RIPEMD160,
76 77
#endif

78 79
#if defined(POLARSSL_MD5_C)
        POLARSSL_MD_MD5,
80 81
#endif

82 83
#if defined(POLARSSL_MD4_C)
        POLARSSL_MD_MD4,
84 85
#endif

86 87
#if defined(POLARSSL_MD2_C)
        POLARSSL_MD_MD2,
88 89
#endif

90
        POLARSSL_MD_NONE
91 92 93 94
};

const int *md_list( void )
{
95
    return( supported_digests );
96 97
}

98 99 100
const md_info_t *md_info_from_string( const char *md_name )
{
    if( NULL == md_name )
101
        return( NULL );
102 103 104 105 106 107 108 109 110 111 112 113 114 115

    /* Get the appropriate digest information */
#if defined(POLARSSL_MD2_C)
    if( !strcasecmp( "MD2", md_name ) )
        return md_info_from_type( POLARSSL_MD_MD2 );
#endif
#if defined(POLARSSL_MD4_C)
    if( !strcasecmp( "MD4", md_name ) )
        return md_info_from_type( POLARSSL_MD_MD4 );
#endif
#if defined(POLARSSL_MD5_C)
    if( !strcasecmp( "MD5", md_name ) )
        return md_info_from_type( POLARSSL_MD_MD5 );
#endif
Paul Bakker's avatar
Paul Bakker committed
116 117 118
#if defined(POLARSSL_RIPEMD160_C)
    if( !strcasecmp( "RIPEMD160", md_name ) )
        return md_info_from_type( POLARSSL_MD_RIPEMD160 );
119
#endif
120 121 122 123
#if defined(POLARSSL_SHA1_C)
    if( !strcasecmp( "SHA1", md_name ) || !strcasecmp( "SHA", md_name ) )
        return md_info_from_type( POLARSSL_MD_SHA1 );
#endif
124
#if defined(POLARSSL_SHA256_C)
125 126 127 128 129
    if( !strcasecmp( "SHA224", md_name ) )
        return md_info_from_type( POLARSSL_MD_SHA224 );
    if( !strcasecmp( "SHA256", md_name ) )
        return md_info_from_type( POLARSSL_MD_SHA256 );
#endif
130
#if defined(POLARSSL_SHA512_C)
131 132 133 134 135
    if( !strcasecmp( "SHA384", md_name ) )
        return md_info_from_type( POLARSSL_MD_SHA384 );
    if( !strcasecmp( "SHA512", md_name ) )
        return md_info_from_type( POLARSSL_MD_SHA512 );
#endif
136
    return( NULL );
137 138 139 140 141 142 143 144
}

const md_info_t *md_info_from_type( md_type_t md_type )
{
    switch( md_type )
    {
#if defined(POLARSSL_MD2_C)
        case POLARSSL_MD_MD2:
145
            return( &md2_info );
146 147 148
#endif
#if defined(POLARSSL_MD4_C)
        case POLARSSL_MD_MD4:
149
            return( &md4_info );
150 151 152
#endif
#if defined(POLARSSL_MD5_C)
        case POLARSSL_MD_MD5:
153
            return( &md5_info );
154
#endif
Paul Bakker's avatar
Paul Bakker committed
155 156
#if defined(POLARSSL_RIPEMD160_C)
        case POLARSSL_MD_RIPEMD160:
157
            return( &ripemd160_info );
158
#endif
159 160
#if defined(POLARSSL_SHA1_C)
        case POLARSSL_MD_SHA1:
161
            return( &sha1_info );
162
#endif
163
#if defined(POLARSSL_SHA256_C)
164
        case POLARSSL_MD_SHA224:
165
            return( &sha224_info );
166
        case POLARSSL_MD_SHA256:
167
            return( &sha256_info );
168
#endif
169
#if defined(POLARSSL_SHA512_C)
170
        case POLARSSL_MD_SHA384:
171
            return( &sha384_info );
172
        case POLARSSL_MD_SHA512:
173
            return( &sha512_info );
174 175
#endif
        default:
176
            return( NULL );
177 178 179
    }
}

180 181 182 183 184 185 186
void md_init( md_context_t *ctx )
{
    memset( ctx, 0, sizeof( md_context_t ) );
}

void md_free( md_context_t *ctx )
{
187
    if( ctx == NULL || ctx->md_info == NULL )
188 189
        return;

190
    if( ctx->md_ctx != NULL )
191 192
        ctx->md_info->ctx_free_func( ctx->md_ctx );

193 194 195 196 197 198
    if( ctx->hmac_ctx != NULL )
    {
        polarssl_zeroize( ctx->hmac_ctx, 2 * ctx->md_info->block_size );
        polarssl_free( ctx->hmac_ctx );
    }

199 200 201
    polarssl_zeroize( ctx, sizeof( md_context_t ) );
}

202
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info, int hmac  )
203
{
Paul Bakker's avatar
Paul Bakker committed
204
    if( md_info == NULL || ctx == NULL )
205
        return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
206 207

    if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
208
        return( POLARSSL_ERR_MD_ALLOC_FAILED );
209

210
    if( hmac != 0 )
211
    {
212 213 214 215 216 217
        ctx->hmac_ctx = polarssl_malloc( 2 * md_info->block_size );
        if( ctx->hmac_ctx == NULL )
        {
            md_info->ctx_free_func( ctx->md_ctx );
            return( POLARSSL_ERR_MD_ALLOC_FAILED );
        }
218 219
    }

220 221
    ctx->md_info = md_info;

222
    return( 0 );
223 224
}

225
int md_starts( md_context_t *ctx )
226 227
{
    if( ctx == NULL || ctx->md_info == NULL )
228
        return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
229

230
    ctx->md_info->starts_func( ctx->md_ctx );
231

232
    return( 0 );
233 234
}

235
int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
236 237
{
    if( ctx == NULL || ctx->md_info == NULL )
238
        return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
239

240 241
    ctx->md_info->update_func( ctx->md_ctx, input, ilen );

242
    return( 0 );
243 244 245 246 247
}

int md_finish( md_context_t *ctx, unsigned char *output )
{
    if( ctx == NULL || ctx->md_info == NULL )
248
        return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
249 250

    ctx->md_info->finish_func( ctx->md_ctx, output );
251

252
    return( 0 );
253 254
}

255
int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
256 257
            unsigned char *output )
{
258
    if( md_info == NULL )
259
        return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
260 261 262

    md_info->digest_func( input, ilen, output );

263
    return( 0 );
264 265 266 267
}

int md_file( const md_info_t *md_info, const char *path, unsigned char *output )
{
268
#if defined(POLARSSL_FS_IO)
269
    int ret;
270
#endif
271

272
    if( md_info == NULL )
273
        return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
274

275
#if defined(POLARSSL_FS_IO)
276
    ret = md_info->file_func( path, output );
277 278
    if( ret != 0 )
        return( POLARSSL_ERR_MD_FILE_IO_ERROR + ret );
279

280
    return( ret );
281 282 283 284
#else
    ((void) path);
    ((void) output);

285
    return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE );
286
#endif /* POLARSSL_FS_IO */
287 288
}

289
int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen )
290
{
291
    unsigned char sum[POLARSSL_MD_MAX_SIZE];
292
    unsigned char *ipad, *opad;
293 294
    size_t i;

295
    if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
296
        return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
297

298 299 300 301 302 303 304 305 306 307
    if( keylen > (size_t) ctx->md_info->block_size )
    {
        ctx->md_info->starts_func( ctx->md_ctx );
        ctx->md_info->update_func( ctx->md_ctx, key, keylen );
        ctx->md_info->finish_func( ctx->md_ctx, sum );

        keylen = ctx->md_info->size;
        key = sum;
    }

308 309 310 311 312
    ipad = (unsigned char *) ctx->hmac_ctx;
    opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;

    memset( ipad, 0x36, ctx->md_info->block_size );
    memset( opad, 0x5C, ctx->md_info->block_size );
313 314 315

    for( i = 0; i < keylen; i++ )
    {
316 317
        ipad[i] = (unsigned char)( ipad[i] ^ key[i] );
        opad[i] = (unsigned char)( opad[i] ^ key[i] );
318 319 320 321 322
    }

    polarssl_zeroize( sum, sizeof( sum ) );

    ctx->md_info->starts_func( ctx->md_ctx );
323
    ctx->md_info->update_func( ctx->md_ctx, ipad, ctx->md_info->block_size );
324

325
    return( 0 );
326 327
}

328
int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
329
{
330
    if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
331
        return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
332

333
    ctx->md_info->update_func( ctx->md_ctx, input, ilen );
334

335
    return( 0 );
336 337
}

338
int md_hmac_finish( md_context_t *ctx, unsigned char *output )
339
{
340
    unsigned char tmp[POLARSSL_MD_MAX_SIZE];
341
    unsigned char *opad;
342

343
    if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
344
        return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
345

346 347
    opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;

348 349
    ctx->md_info->finish_func( ctx->md_ctx, tmp );
    ctx->md_info->starts_func( ctx->md_ctx );
350
    ctx->md_info->update_func( ctx->md_ctx, opad, ctx->md_info->block_size );
351 352
    ctx->md_info->update_func( ctx->md_ctx, tmp, ctx->md_info->size );
    ctx->md_info->finish_func( ctx->md_ctx, output );
353

354
    return( 0 );
355 356 357 358
}

int md_hmac_reset( md_context_t *ctx )
{
359 360 361
    unsigned char *ipad;

    if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
362
        return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
363

364 365
    ipad = (unsigned char *) ctx->hmac_ctx;

366
    ctx->md_info->starts_func( ctx->md_ctx );
367
    ctx->md_info->update_func( ctx->md_ctx, ipad, ctx->md_info->block_size );
368

369
    return( 0 );
370 371
}

372 373
int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
                const unsigned char *input, size_t ilen,
374 375
                unsigned char *output )
{
376 377 378
    md_context_t ctx;
    int ret;

379
    if( md_info == NULL )
380
        return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
381

382 383
    md_init( &ctx );

384
    if( ( ret = md_init_ctx( &ctx, md_info, 1 ) ) != 0 )
385 386 387 388 389 390 391
        return( ret );

    md_hmac_starts( &ctx, key, keylen );
    md_hmac_update( &ctx, input, ilen );
    md_hmac_finish( &ctx, output );

    md_free( &ctx );
392

393
    return( 0 );
394 395
}

396 397 398
int md_process( md_context_t *ctx, const unsigned char *data )
{
    if( ctx == NULL || ctx->md_info == NULL )
399
        return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
400 401 402

    ctx->md_info->process_func( ctx->md_ctx, data );

403
    return( 0 );
404 405
}

406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429
unsigned char md_get_size( const md_info_t *md_info )
{
    if( md_info == NULL )
        return( 0 );

    return md_info->size;
}

md_type_t md_get_type( const md_info_t *md_info )
{
    if( md_info == NULL )
        return( POLARSSL_MD_NONE );

    return md_info->type;
}

const char *md_get_name( const md_info_t *md_info )
{
    if( md_info == NULL )
        return( NULL );

    return md_info->name;
}

430
#endif /* POLARSSL_MD_C */