4 * \brief This file contains SHA-1 definitions and functions.
6 * The Secure Hash Algorithm 1 (SHA-1) cryptographic hash function is defined in
7 * <em>FIPS 180-4: Secure Hash Standard (SHS)</em>.
9 * \warning SHA-1 is considered a weak message digest and its use constitutes
10 * a security risk. We recommend considering stronger message
14 * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
15 * SPDX-License-Identifier: Apache-2.0
17 * Licensed under the Apache License, Version 2.0 (the "License"); you may
18 * not use this file except in compliance with the License.
19 * You may obtain a copy of the License at
21 * http://www.apache.org/licenses/LICENSE-2.0
23 * Unless required by applicable law or agreed to in writing, software
24 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
25 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
26 * See the License for the specific language governing permissions and
27 * limitations under the License.
29 * This file is part of Mbed TLS (https://tls.mbed.org)
31 #ifndef MBEDTLS_SHA1_H
32 #define MBEDTLS_SHA1_H
34 #if !defined(MBEDTLS_CONFIG_FILE)
37 #include MBEDTLS_CONFIG_FILE
43 /* MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED is deprecated and should not be used. */
44 #define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED -0x0035 /**< SHA-1 hardware accelerator failed */
45 #define MBEDTLS_ERR_SHA1_BAD_INPUT_DATA -0x0073 /**< SHA-1 input data was malformed. */
51 #if !defined(MBEDTLS_SHA1_ALT)
52 // Regular implementation
56 * \brief The SHA-1 context structure.
58 * \warning SHA-1 is considered a weak message digest and its use
59 * constitutes a security risk. We recommend considering
60 * stronger message digests instead.
63 typedef struct mbedtls_sha1_context
65 uint32_t total[2]; /*!< The number of Bytes processed. */
66 uint32_t state[5]; /*!< The intermediate digest state. */
67 unsigned char buffer[64]; /*!< The data block being processed. */
71 #else /* MBEDTLS_SHA1_ALT */
73 #endif /* MBEDTLS_SHA1_ALT */
76 * \brief This function initializes a SHA-1 context.
78 * \warning SHA-1 is considered a weak message digest and its use
79 * constitutes a security risk. We recommend considering
80 * stronger message digests instead.
82 * \param ctx The SHA-1 context to initialize.
83 * This must not be \c NULL.
86 void mbedtls_sha1_init( mbedtls_sha1_context *ctx );
89 * \brief This function clears a SHA-1 context.
91 * \warning SHA-1 is considered a weak message digest and its use
92 * constitutes a security risk. We recommend considering
93 * stronger message digests instead.
95 * \param ctx The SHA-1 context to clear. This may be \c NULL,
96 * in which case this function does nothing. If it is
97 * not \c NULL, it must point to an initialized
101 void mbedtls_sha1_free( mbedtls_sha1_context *ctx );
104 * \brief This function clones the state of a SHA-1 context.
106 * \warning SHA-1 is considered a weak message digest and its use
107 * constitutes a security risk. We recommend considering
108 * stronger message digests instead.
110 * \param dst The SHA-1 context to clone to. This must be initialized.
111 * \param src The SHA-1 context to clone from. This must be initialized.
114 void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
115 const mbedtls_sha1_context *src );
118 * \brief This function starts a SHA-1 checksum calculation.
120 * \warning SHA-1 is considered a weak message digest and its use
121 * constitutes a security risk. We recommend considering
122 * stronger message digests instead.
124 * \param ctx The SHA-1 context to initialize. This must be initialized.
126 * \return \c 0 on success.
127 * \return A negative error code on failure.
130 int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx );
133 * \brief This function feeds an input buffer into an ongoing SHA-1
134 * checksum calculation.
136 * \warning SHA-1 is considered a weak message digest and its use
137 * constitutes a security risk. We recommend considering
138 * stronger message digests instead.
140 * \param ctx The SHA-1 context. This must be initialized
141 * and have a hash operation started.
142 * \param input The buffer holding the input data.
143 * This must be a readable buffer of length \p ilen Bytes.
144 * \param ilen The length of the input data \p input in Bytes.
146 * \return \c 0 on success.
147 * \return A negative error code on failure.
149 int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
150 const unsigned char *input,
154 * \brief This function finishes the SHA-1 operation, and writes
155 * the result to the output buffer.
157 * \warning SHA-1 is considered a weak message digest and its use
158 * constitutes a security risk. We recommend considering
159 * stronger message digests instead.
161 * \param ctx The SHA-1 context to use. This must be initialized and
162 * have a hash operation started.
163 * \param output The SHA-1 checksum result. This must be a writable
164 * buffer of length \c 20 Bytes.
166 * \return \c 0 on success.
167 * \return A negative error code on failure.
169 int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
170 unsigned char output[20] );
173 * \brief SHA-1 process data block (internal use only).
175 * \warning SHA-1 is considered a weak message digest and its use
176 * constitutes a security risk. We recommend considering
177 * stronger message digests instead.
179 * \param ctx The SHA-1 context to use. This must be initialized.
180 * \param data The data block being processed. This must be a
181 * readable buffer of length \c 64 Bytes.
183 * \return \c 0 on success.
184 * \return A negative error code on failure.
187 int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
188 const unsigned char data[64] );
190 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
191 #if defined(MBEDTLS_DEPRECATED_WARNING)
192 #define MBEDTLS_DEPRECATED __attribute__((deprecated))
194 #define MBEDTLS_DEPRECATED
197 * \brief This function starts a SHA-1 checksum calculation.
199 * \warning SHA-1 is considered a weak message digest and its use
200 * constitutes a security risk. We recommend considering
201 * stronger message digests instead.
203 * \deprecated Superseded by mbedtls_sha1_starts_ret() in 2.7.0.
205 * \param ctx The SHA-1 context to initialize. This must be initialized.
208 MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
211 * \brief This function feeds an input buffer into an ongoing SHA-1
212 * checksum calculation.
214 * \warning SHA-1 is considered a weak message digest and its use
215 * constitutes a security risk. We recommend considering
216 * stronger message digests instead.
218 * \deprecated Superseded by mbedtls_sha1_update_ret() in 2.7.0.
220 * \param ctx The SHA-1 context. This must be initialized and
221 * have a hash operation started.
222 * \param input The buffer holding the input data.
223 * This must be a readable buffer of length \p ilen Bytes.
224 * \param ilen The length of the input data \p input in Bytes.
227 MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
228 const unsigned char *input,
232 * \brief This function finishes the SHA-1 operation, and writes
233 * the result to the output buffer.
235 * \warning SHA-1 is considered a weak message digest and its use
236 * constitutes a security risk. We recommend considering
237 * stronger message digests instead.
239 * \deprecated Superseded by mbedtls_sha1_finish_ret() in 2.7.0.
241 * \param ctx The SHA-1 context. This must be initialized and
242 * have a hash operation started.
243 * \param output The SHA-1 checksum result.
244 * This must be a writable buffer of length \c 20 Bytes.
246 MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
247 unsigned char output[20] );
250 * \brief SHA-1 process data block (internal use only).
252 * \warning SHA-1 is considered a weak message digest and its use
253 * constitutes a security risk. We recommend considering
254 * stronger message digests instead.
256 * \deprecated Superseded by mbedtls_internal_sha1_process() in 2.7.0.
258 * \param ctx The SHA-1 context. This must be initialized.
259 * \param data The data block being processed.
260 * This must be a readable buffer of length \c 64 bytes.
263 MBEDTLS_DEPRECATED void mbedtls_sha1_process( mbedtls_sha1_context *ctx,
264 const unsigned char data[64] );
266 #undef MBEDTLS_DEPRECATED
267 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
270 * \brief This function calculates the SHA-1 checksum of a buffer.
272 * The function allocates the context, performs the
273 * calculation, and frees the context.
275 * The SHA-1 result is calculated as
276 * output = SHA-1(input buffer).
278 * \warning SHA-1 is considered a weak message digest and its use
279 * constitutes a security risk. We recommend considering
280 * stronger message digests instead.
282 * \param input The buffer holding the input data.
283 * This must be a readable buffer of length \p ilen Bytes.
284 * \param ilen The length of the input data \p input in Bytes.
285 * \param output The SHA-1 checksum result.
286 * This must be a writable buffer of length \c 20 Bytes.
288 * \return \c 0 on success.
289 * \return A negative error code on failure.
292 int mbedtls_sha1_ret( const unsigned char *input,
294 unsigned char output[20] );
296 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
297 #if defined(MBEDTLS_DEPRECATED_WARNING)
298 #define MBEDTLS_DEPRECATED __attribute__((deprecated))
300 #define MBEDTLS_DEPRECATED
303 * \brief This function calculates the SHA-1 checksum of a buffer.
305 * The function allocates the context, performs the
306 * calculation, and frees the context.
308 * The SHA-1 result is calculated as
309 * output = SHA-1(input buffer).
311 * \warning SHA-1 is considered a weak message digest and its use
312 * constitutes a security risk. We recommend considering
313 * stronger message digests instead.
315 * \deprecated Superseded by mbedtls_sha1_ret() in 2.7.0
317 * \param input The buffer holding the input data.
318 * This must be a readable buffer of length \p ilen Bytes.
319 * \param ilen The length of the input data \p input in Bytes.
320 * \param output The SHA-1 checksum result. This must be a writable
321 * buffer of size \c 20 Bytes.
324 MBEDTLS_DEPRECATED void mbedtls_sha1( const unsigned char *input,
326 unsigned char output[20] );
328 #undef MBEDTLS_DEPRECATED
329 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
331 #if defined(MBEDTLS_SELF_TEST)
334 * \brief The SHA-1 checkup routine.
336 * \warning SHA-1 is considered a weak message digest and its use
337 * constitutes a security risk. We recommend considering
338 * stronger message digests instead.
340 * \return \c 0 on success.
341 * \return \c 1 on failure.
344 int mbedtls_sha1_self_test( int verbose );
346 #endif /* MBEDTLS_SELF_TEST */
352 #endif /* mbedtls_sha1.h */