TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 034ea7e754e74a94945e25615aea8f39e9e06222 / . / library / sha1.c
blob: d2ec8bae9dd829de1719c878d4822ca9dfe57064 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1/*
2 * FIPS-180-1 compliant SHA-1 implementation
3 *
Manuel Pégourié-Gonnard6fb81872015-07-27 11:11:48 +0200[diff] [blame]4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
Manuel Pégourié-Gonnard37ff1402015-09-04 14:21:07 +0200[diff] [blame]5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]18 *
Manuel Pégourié-Gonnardfe446432015-03-06 13:17:10 +0000[diff] [blame]19 * This file is part of mbed TLS (https://tls.mbed.org)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]20 */
21/*
22 * The SHA-1 standard was published by NIST in 1993.
23 *
24 * http://www.itl.nist.gov/fipspubs/fip180-1.htm
25 */
26
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]27#if !defined(MBEDTLS_CONFIG_FILE)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]28#include "mbedtls/config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]29#else
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]30#include MBEDTLS_CONFIG_FILE
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]31#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]32
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]33#if defined(MBEDTLS_SHA1_C)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]34
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]35#include "mbedtls/sha1.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]36
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]37#include <string.h>
38
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]39#if defined(MBEDTLS_SELF_TEST)
40#if defined(MBEDTLS_PLATFORM_C)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]41#include "mbedtls/platform.h"
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]42#else
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]43#include <stdio.h>
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]44#define mbedtls_printf printf
45#endif /* MBEDTLS_PLATFORM_C */
46#endif /* MBEDTLS_SELF_TEST */
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]47
Manuel Pégourié-Gonnard8b2641d2015-08-27 20:03:46 +0200[diff] [blame]48#if !defined(MBEDTLS_SHA1_ALT)
49
Paul Bakker34617722014-06-13 17:20:13 +0200[diff] [blame]50/* Implementation that should never be optimized out by the compiler */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]51static void mbedtls_zeroize( void *v, size_t n ) {
Simon Butcher88ffc082016-05-20 00:00:37 +0100[diff] [blame]52 volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
Paul Bakker34617722014-06-13 17:20:13 +0200[diff] [blame]53}
54
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]55/*
56 * 32-bit integer manipulation macros (big endian)
57 */
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]58#ifndef GET_UINT32_BE
59#define GET_UINT32_BE(n,b,i) \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]60{ \
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]61 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
62 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
63 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
64 | ( (uint32_t) (b)[(i) + 3] ); \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]65}
66#endif
67
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]68#ifndef PUT_UINT32_BE
69#define PUT_UINT32_BE(n,b,i) \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]70{ \
71 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
72 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
73 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
74 (b)[(i) + 3] = (unsigned char) ( (n) ); \
75}
76#endif
77
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]78void mbedtls_sha1_init( mbedtls_sha1_context *ctx )
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]79{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]80 memset( ctx, 0, sizeof( mbedtls_sha1_context ) );
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]81}
82
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]83void mbedtls_sha1_free( mbedtls_sha1_context *ctx )
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]84{
85 if( ctx == NULL )
86 return;
87
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]88 mbedtls_zeroize( ctx, sizeof( mbedtls_sha1_context ) );
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]89}
90
Manuel Pégourié-Gonnard16d412f2015-07-06 15:26:26 +0200[diff] [blame]91void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
92 const mbedtls_sha1_context *src )
93{
94 *dst = *src;
95}
96
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]97/*
98 * SHA-1 context setup
99 */
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]100int mbedtls_sha1_starts_ext( mbedtls_sha1_context *ctx )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]101{
102 ctx->total[0] = 0;
103 ctx->total[1] = 0;
104
105 ctx->state[0] = 0x67452301;
106 ctx->state[1] = 0xEFCDAB89;
107 ctx->state[2] = 0x98BADCFE;
108 ctx->state[3] = 0x10325476;
109 ctx->state[4] = 0xC3D2E1F0;
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]110
111 return( 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]112}
113
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]114#if !defined(MBEDTLS_SHA1_PROCESS_ALT)
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]115int mbedtls_sha1_process_ext( mbedtls_sha1_context *ctx,
116 const unsigned char data[64] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]117{
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]118 uint32_t temp, W[16], A, B, C, D, E;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]119
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]120 GET_UINT32_BE( W[ 0], data, 0 );
121 GET_UINT32_BE( W[ 1], data, 4 );
122 GET_UINT32_BE( W[ 2], data, 8 );
123 GET_UINT32_BE( W[ 3], data, 12 );
124 GET_UINT32_BE( W[ 4], data, 16 );
125 GET_UINT32_BE( W[ 5], data, 20 );
126 GET_UINT32_BE( W[ 6], data, 24 );
127 GET_UINT32_BE( W[ 7], data, 28 );
128 GET_UINT32_BE( W[ 8], data, 32 );
129 GET_UINT32_BE( W[ 9], data, 36 );
130 GET_UINT32_BE( W[10], data, 40 );
131 GET_UINT32_BE( W[11], data, 44 );
132 GET_UINT32_BE( W[12], data, 48 );
133 GET_UINT32_BE( W[13], data, 52 );
134 GET_UINT32_BE( W[14], data, 56 );
135 GET_UINT32_BE( W[15], data, 60 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]136
137#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
138
139#define R(t) \
140( \
Paul Bakker66d5d072014-06-17 16:39:18 +0200[diff] [blame]141 temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \
142 W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]143 ( W[t & 0x0F] = S(temp,1) ) \
144)
145
146#define P(a,b,c,d,e,x) \
147{ \
148 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
149}
150
151 A = ctx->state[0];
152 B = ctx->state[1];
153 C = ctx->state[2];
154 D = ctx->state[3];
155 E = ctx->state[4];
156
157#define F(x,y,z) (z ^ (x & (y ^ z)))
158#define K 0x5A827999
159
160 P( A, B, C, D, E, W[0] );
161 P( E, A, B, C, D, W[1] );
162 P( D, E, A, B, C, W[2] );
163 P( C, D, E, A, B, W[3] );
164 P( B, C, D, E, A, W[4] );
165 P( A, B, C, D, E, W[5] );
166 P( E, A, B, C, D, W[6] );
167 P( D, E, A, B, C, W[7] );
168 P( C, D, E, A, B, W[8] );
169 P( B, C, D, E, A, W[9] );
170 P( A, B, C, D, E, W[10] );
171 P( E, A, B, C, D, W[11] );
172 P( D, E, A, B, C, W[12] );
173 P( C, D, E, A, B, W[13] );
174 P( B, C, D, E, A, W[14] );
175 P( A, B, C, D, E, W[15] );
176 P( E, A, B, C, D, R(16) );
177 P( D, E, A, B, C, R(17) );
178 P( C, D, E, A, B, R(18) );
179 P( B, C, D, E, A, R(19) );
180
181#undef K
182#undef F
183
184#define F(x,y,z) (x ^ y ^ z)
185#define K 0x6ED9EBA1
186
187 P( A, B, C, D, E, R(20) );
188 P( E, A, B, C, D, R(21) );
189 P( D, E, A, B, C, R(22) );
190 P( C, D, E, A, B, R(23) );
191 P( B, C, D, E, A, R(24) );
192 P( A, B, C, D, E, R(25) );
193 P( E, A, B, C, D, R(26) );
194 P( D, E, A, B, C, R(27) );
195 P( C, D, E, A, B, R(28) );
196 P( B, C, D, E, A, R(29) );
197 P( A, B, C, D, E, R(30) );
198 P( E, A, B, C, D, R(31) );
199 P( D, E, A, B, C, R(32) );
200 P( C, D, E, A, B, R(33) );
201 P( B, C, D, E, A, R(34) );
202 P( A, B, C, D, E, R(35) );
203 P( E, A, B, C, D, R(36) );
204 P( D, E, A, B, C, R(37) );
205 P( C, D, E, A, B, R(38) );
206 P( B, C, D, E, A, R(39) );
207
208#undef K
209#undef F
210
211#define F(x,y,z) ((x & y) | (z & (x | y)))
212#define K 0x8F1BBCDC
213
214 P( A, B, C, D, E, R(40) );
215 P( E, A, B, C, D, R(41) );
216 P( D, E, A, B, C, R(42) );
217 P( C, D, E, A, B, R(43) );
218 P( B, C, D, E, A, R(44) );
219 P( A, B, C, D, E, R(45) );
220 P( E, A, B, C, D, R(46) );
221 P( D, E, A, B, C, R(47) );
222 P( C, D, E, A, B, R(48) );
223 P( B, C, D, E, A, R(49) );
224 P( A, B, C, D, E, R(50) );
225 P( E, A, B, C, D, R(51) );
226 P( D, E, A, B, C, R(52) );
227 P( C, D, E, A, B, R(53) );
228 P( B, C, D, E, A, R(54) );
229 P( A, B, C, D, E, R(55) );
230 P( E, A, B, C, D, R(56) );
231 P( D, E, A, B, C, R(57) );
232 P( C, D, E, A, B, R(58) );
233 P( B, C, D, E, A, R(59) );
234
235#undef K
236#undef F
237
238#define F(x,y,z) (x ^ y ^ z)
239#define K 0xCA62C1D6
240
241 P( A, B, C, D, E, R(60) );
242 P( E, A, B, C, D, R(61) );
243 P( D, E, A, B, C, R(62) );
244 P( C, D, E, A, B, R(63) );
245 P( B, C, D, E, A, R(64) );
246 P( A, B, C, D, E, R(65) );
247 P( E, A, B, C, D, R(66) );
248 P( D, E, A, B, C, R(67) );
249 P( C, D, E, A, B, R(68) );
250 P( B, C, D, E, A, R(69) );
251 P( A, B, C, D, E, R(70) );
252 P( E, A, B, C, D, R(71) );
253 P( D, E, A, B, C, R(72) );
254 P( C, D, E, A, B, R(73) );
255 P( B, C, D, E, A, R(74) );
256 P( A, B, C, D, E, R(75) );
257 P( E, A, B, C, D, R(76) );
258 P( D, E, A, B, C, R(77) );
259 P( C, D, E, A, B, R(78) );
260 P( B, C, D, E, A, R(79) );
261
262#undef K
263#undef F
264
265 ctx->state[0] += A;
266 ctx->state[1] += B;
267 ctx->state[2] += C;
268 ctx->state[3] += D;
269 ctx->state[4] += E;
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]270
271 return( 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]272}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]273#endif /* !MBEDTLS_SHA1_PROCESS_ALT */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]274
275/*
276 * SHA-1 process buffer
277 */
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]278int mbedtls_sha1_update_ext( mbedtls_sha1_context *ctx,
279 const unsigned char *input,
280 size_t ilen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]281{
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]282 int ret;
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]283 size_t fill;
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]284 uint32_t left;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]285
Brian White12895d12014-04-11 11:29:42 -0400[diff] [blame]286 if( ilen == 0 )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]287 return( 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]288
289 left = ctx->total[0] & 0x3F;
290 fill = 64 - left;
291
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]292 ctx->total[0] += (uint32_t) ilen;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]293 ctx->total[0] &= 0xFFFFFFFF;
294
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]295 if( ctx->total[0] < (uint32_t) ilen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]296 ctx->total[1]++;
297
298 if( left && ilen >= fill )
299 {
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]300 memcpy( (void *) (ctx->buffer + left), input, fill );
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]301
302 if( ( ret = mbedtls_sha1_process_ext( ctx, ctx->buffer ) ) != 0 )
303 return( ret );
304
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]305 input += fill;
306 ilen -= fill;
307 left = 0;
308 }
309
310 while( ilen >= 64 )
311 {
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]312 if( ( ret = mbedtls_sha1_process_ext( ctx, input ) ) != 0 )
313 return( ret );
314
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]315 input += 64;
316 ilen -= 64;
317 }
318
319 if( ilen > 0 )
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]320 memcpy( (void *) (ctx->buffer + left), input, ilen );
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]321
322 return( 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]323}
324
325static const unsigned char sha1_padding[64] =
326{
327 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
328 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
329 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
330 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
331};
332
333/*
334 * SHA-1 final digest
335 */
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]336int mbedtls_sha1_finish_ext( mbedtls_sha1_context *ctx,
337 unsigned char output[20] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]338{
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]339 int ret;
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]340 uint32_t last, padn;
341 uint32_t high, low;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]342 unsigned char msglen[8];
343
344 high = ( ctx->total[0] >> 29 )
345 | ( ctx->total[1] << 3 );
346 low = ( ctx->total[0] << 3 );
347
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]348 PUT_UINT32_BE( high, msglen, 0 );
349 PUT_UINT32_BE( low, msglen, 4 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]350
351 last = ctx->total[0] & 0x3F;
352 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
353
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]354 if( ( ret = mbedtls_sha1_update_ext( ctx, sha1_padding, padn ) ) != 0 )
355 return( ret );
356 if( ( ret = mbedtls_sha1_update_ext( ctx, msglen, 8 ) ) != 0 )
357 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]358
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]359 PUT_UINT32_BE( ctx->state[0], output, 0 );
360 PUT_UINT32_BE( ctx->state[1], output, 4 );
361 PUT_UINT32_BE( ctx->state[2], output, 8 );
362 PUT_UINT32_BE( ctx->state[3], output, 12 );
363 PUT_UINT32_BE( ctx->state[4], output, 16 );
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]364
365 return( 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]366}
367
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]368#endif /* !MBEDTLS_SHA1_ALT */
Paul Bakker90995b52013-06-24 19:20:35 +0200[diff] [blame]369
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]370/*
371 * output = SHA-1( input buffer )
372 */
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]373int mbedtls_sha1_ext( const unsigned char *input,
374 size_t ilen,
375 unsigned char output[20] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]376{
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]377 int ret;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]378 mbedtls_sha1_context ctx;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]379
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]380 mbedtls_sha1_init( &ctx );
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]381
382 if( ( ret = mbedtls_sha1_starts_ext( &ctx ) ) != 0 )
383 return( ret );
384
385 if( ( ret = mbedtls_sha1_update_ext( &ctx, input, ilen ) ) != 0 )
386 return( ret );
387
388 if( ( ret = mbedtls_sha1_finish_ext( &ctx, output ) ) != 0 )
389 return( ret );
390
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]391 mbedtls_sha1_free( &ctx );
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]392
393 return( 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]394}
395
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]396#if defined(MBEDTLS_SELF_TEST)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]397/*
398 * FIPS-180-1 test vectors
399 */
Manuel Pégourié-Gonnard28122e42015-03-11 09:13:42 +0000[diff] [blame]400static const unsigned char sha1_test_buf[3][57] =
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]401{
402 { "abc" },
403 { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
404 { "" }
405};
406
407static const int sha1_test_buflen[3] =
408{
409 3, 56, 1000
410};
411
412static const unsigned char sha1_test_sum[3][20] =
413{
414 { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
415 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
416 { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
417 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
418 { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
419 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
420};
421
422/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]423 * Checkup routine
424 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]425int mbedtls_sha1_self_test( int verbose )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]426{
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]427 int i, j, buflen, ret = 0;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]428 unsigned char buf[1024];
429 unsigned char sha1sum[20];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]430 mbedtls_sha1_context ctx;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]431
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]432 mbedtls_sha1_init( &ctx );
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]433
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]434 /*
435 * SHA-1
436 */
437 for( i = 0; i < 3; i++ )
438 {
439 if( verbose != 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]440 mbedtls_printf( " SHA-1 test #%d: ", i + 1 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]441
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]442 if( mbedtls_sha1_starts_ext( &ctx ) != 0 )
443 goto fail;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]444
445 if( i == 2 )
446 {
447 memset( buf, 'a', buflen = 1000 );
448
449 for( j = 0; j < 1000; j++ )
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]450 {
451 if( mbedtls_sha1_update_ext( &ctx, buf, buflen ) != 0 )
452 goto fail;
453 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]454 }
455 else
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]456 {
457 if( mbedtls_sha1_update_ext( &ctx, sha1_test_buf[i],
458 sha1_test_buflen[i] ) != 0 )
459 goto fail;
460 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]461
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]462 mbedtls_sha1_finish_ext( &ctx, sha1sum );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]463
464 if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]465 goto exit;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]466
467 if( verbose != 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]468 mbedtls_printf( "passed\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]469 }
470
471 if( verbose != 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]472 mbedtls_printf( "\n" );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]473
Andres Amaya Garcia034ea7e2017-04-28 15:14:50 +0100[diff] [blame^]474 goto exit;
475
476fail:
477 if( verbose != 0 )
478 mbedtls_printf( "failed\n" );
479
480 ret = 1;
481
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]482exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]483 mbedtls_sha1_free( &ctx );
Paul Bakker5b4af392014-06-26 12:09:34 +0200[diff] [blame]484
485 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]486}
487
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]488#endif /* MBEDTLS_SELF_TEST */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]489
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]490#endif /* MBEDTLS_SHA1_C */