| Hannes Tschofenig | f8b9ebf | 2023-07-18 13:46:10 +0100 | [diff] [blame^] | 1 | /* |
| 2 | * Example computing a SHA-256 hash using the PSA Crypto API |
| 3 | * |
| 4 | * The example computes the SHA-256 hash of a test string using the |
| 5 | * one-shot API call psa_hash_compute() and the using multi-part |
| 6 | * operation, which requires psa_hash_setup(), psa_hash_update() and |
| 7 | * psa_hash_finish(). The multi-part operation is popular on embedded |
| 8 | * devices where a rolling hash needs to be computed. |
| 9 | * |
| 10 | * |
| 11 | * Copyright The Mbed TLS Contributors |
| 12 | * SPDX-License-Identifier: Apache-2.0 |
| 13 | * |
| 14 | * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| 15 | * not use this file except in compliance with the License. |
| 16 | * You may obtain a copy of the License at |
| 17 | * |
| 18 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 19 | * |
| 20 | * Unless required by applicable law or agreed to in writing, software |
| 21 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| 22 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 23 | * See the License for the specific language governing permissions and |
| 24 | * limitations under the License. |
| 25 | */ |
| 26 | |
| 27 | |
| 28 | #include "psa/crypto.h" |
| 29 | #include <string.h> |
| 30 | #include <stdio.h> |
| 31 | #include <stdlib.h> |
| 32 | |
| 33 | #include "mbedtls/build_info.h" |
| 34 | |
| 35 | #define TEST_SHA256_HASH { \ |
| 36 | 0x5a, 0x09, 0xe8, 0xfa, 0x9c, 0x77, 0x80, 0x7b, 0x24, 0xe9, 0x9c, 0x9c, \ |
| 37 | 0xf9, 0x99, 0xde, 0xbf, 0xad, 0x84, 0x41, 0xe2, 0x69, 0xeb, 0x96, 0x0e, \ |
| 38 | 0x20, 0x1f, 0x61, 0xfc, 0x3d, 0xe2, 0x0d, 0x5a \ |
| 39 | } |
| 40 | |
| 41 | const uint8_t mbedtls_test_sha256_hash[] = TEST_SHA256_HASH; |
| 42 | |
| 43 | const size_t mbedtls_test_sha256_hash_len = |
| 44 | sizeof( mbedtls_test_sha256_hash ); |
| 45 | |
| 46 | #if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_SHA256_C) |
| 47 | int main( void ) |
| 48 | { |
| 49 | printf( "MBEDTLS_PSA_CRYPTO_C and MBEDTLS_SHA256_C" |
| 50 | "not defined.\r\n" ); |
| 51 | return( EXIT_SUCCESS ); |
| 52 | } |
| 53 | #else |
| 54 | |
| 55 | int main( void ) |
| 56 | { |
| 57 | uint8_t buf[] = "Hello World!"; |
| 58 | psa_status_t status; |
| 59 | uint8_t hash[PSA_HASH_MAX_SIZE]; |
| 60 | size_t hash_size; |
| 61 | psa_hash_operation_t sha256_psa = PSA_HASH_OPERATION_INIT; |
| 62 | psa_hash_operation_t cloned_sha256 = PSA_HASH_OPERATION_INIT; |
| 63 | |
| 64 | printf( "PSA Crypto API: SHA-256 example\n\n" ); |
| 65 | |
| 66 | status = psa_crypto_init( ); |
| 67 | if( status != PSA_SUCCESS ) |
| 68 | { |
| 69 | printf( "psa_crypto_init failed\n" ); |
| 70 | return( EXIT_FAILURE ); |
| 71 | } |
| 72 | |
| 73 | |
| 74 | /* Compute hash using multi-part operation */ |
| 75 | |
| 76 | status = psa_hash_setup( &sha256_psa, PSA_ALG_SHA_256 ); |
| 77 | if( status != PSA_SUCCESS ) |
| 78 | { |
| 79 | printf( "psa_hash_setup failed\n" ); |
| 80 | return( EXIT_FAILURE ); |
| 81 | } |
| 82 | |
| 83 | status = psa_hash_update( &sha256_psa, buf, sizeof( buf ) ); |
| 84 | if( status != PSA_SUCCESS ) |
| 85 | { |
| 86 | printf( "psa_hash_update failed\n" ); |
| 87 | return( EXIT_FAILURE ); |
| 88 | } |
| 89 | |
| 90 | status = psa_hash_clone( &sha256_psa, &cloned_sha256 ); |
| 91 | if( status != PSA_SUCCESS ) |
| 92 | { |
| 93 | printf( "PSA hash clone failed" ); |
| 94 | return( EXIT_FAILURE ); |
| 95 | } |
| 96 | |
| 97 | status = psa_hash_finish( &sha256_psa, hash, sizeof( hash ), &hash_size ); |
| 98 | if( status != PSA_SUCCESS ) |
| 99 | { |
| 100 | printf( "psa_hash_finish failed\n" ); |
| 101 | return( EXIT_FAILURE ); |
| 102 | } |
| 103 | |
| 104 | status = psa_hash_verify( &cloned_sha256, mbedtls_test_sha256_hash, mbedtls_test_sha256_hash_len ); |
| 105 | if( status != PSA_SUCCESS ) |
| 106 | { |
| 107 | printf( "psa_hash_verify failed\n" ); |
| 108 | return( EXIT_FAILURE ); |
| 109 | } else |
| 110 | { |
| 111 | printf( "Multi-part hash operation successful!\n"); |
| 112 | } |
| 113 | |
| 114 | /* Compute hash using one-shot function call */ |
| 115 | memset( hash,0,sizeof( hash ) ); |
| 116 | hash_size = 0; |
| 117 | |
| 118 | status = psa_hash_compute( PSA_ALG_SHA_256, |
| 119 | buf, sizeof( buf ), |
| 120 | hash, sizeof( hash ), |
| 121 | &hash_size ); |
| 122 | if( status != PSA_SUCCESS ) |
| 123 | { |
| 124 | printf( "psa_hash_compute failed\n" ); |
| 125 | return( EXIT_FAILURE ); |
| 126 | } |
| 127 | |
| 128 | for( size_t j = 0; j < mbedtls_test_sha256_hash_len; j++ ) |
| 129 | { |
| 130 | if( hash[j] != mbedtls_test_sha256_hash[j] ) |
| 131 | { |
| 132 | printf( "One-shot hash operation failed!\n\n"); |
| 133 | return( EXIT_FAILURE ); |
| 134 | } |
| 135 | } |
| 136 | |
| 137 | printf( "One-shot hash operation successful!\n\n"); |
| 138 | |
| 139 | printf( "The SHA-256( '%s' ) is:\n", buf ); |
| 140 | |
| 141 | for( size_t j = 0; j < mbedtls_test_sha256_hash_len; j++ ) |
| 142 | { |
| 143 | if( j % 8 == 0 ) printf( "\n " ); |
| 144 | printf( "%02x ", hash[j] ); |
| 145 | } |
| 146 | |
| 147 | printf( "\n" ); |
| 148 | |
| 149 | mbedtls_psa_crypto_free( ); |
| 150 | return( EXIT_SUCCESS ); |
| 151 | } |
| 152 | #endif /* MBEDTLS_PSA_CRYPTO_C && MBEDTLS_SHA256_C */ |