4 * \brief This file contains SHA-224 and SHA-256 definitions and functions.
6 * The Secure Hash Algorithms 224 and 256 (SHA-224 and SHA-256) cryptographic
7 * hash functions are defined in <em>FIPS 180-4: Secure Hash Standard (SHS)</em>.
10 * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
11 * SPDX-License-Identifier: Apache-2.0
13 * Licensed under the Apache License, Version 2.0 (the "License"); you may
14 * not use this file except in compliance with the License.
15 * You may obtain a copy of the License at
17 * http://www.apache.org/licenses/LICENSE-2.0
19 * Unless required by applicable law or agreed to in writing, software
20 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
21 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22 * See the License for the specific language governing permissions and
23 * limitations under the License.
25 * This file is part of Mbed TLS (https://tls.mbed.org)
27 #ifndef MBEDTLS_SHA256_H
28 #define MBEDTLS_SHA256_H
30 #if !defined(MBEDTLS_CONFIG_FILE)
33 #include MBEDTLS_CONFIG_FILE
39 /* MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED is deprecated and should not be used. */
40 #define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED -0x0037 /**< SHA-256 hardware accelerator failed */
41 #define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA -0x0074 /**< SHA-256 input data was malformed. */
47 #if !defined(MBEDTLS_SHA256_ALT)
48 // Regular implementation
52 * \brief The SHA-256 context structure.
54 * The structure is used both for SHA-256 and for SHA-224
55 * checksum calculations. The choice between these two is
56 * made in the call to mbedtls_sha256_starts_ret().
58 typedef struct mbedtls_sha256_context
60 uint32_t total[2]; /*!< The number of Bytes processed. */
61 uint32_t state[8]; /*!< The intermediate digest state. */
62 unsigned char buffer[64]; /*!< The data block being processed. */
63 int is224; /*!< Determines which function to use:
64 0: Use SHA-256, or 1: Use SHA-224. */
66 mbedtls_sha256_context;
68 #else /* MBEDTLS_SHA256_ALT */
69 #include "sha256_alt.h"
70 #endif /* MBEDTLS_SHA256_ALT */
73 * \brief This function initializes a SHA-256 context.
75 * \param ctx The SHA-256 context to initialize. This must not be \c NULL.
77 void mbedtls_sha256_init( mbedtls_sha256_context *ctx );
80 * \brief This function clears a SHA-256 context.
82 * \param ctx The SHA-256 context to clear. This may be \c NULL, in which
83 * case this function returns immediately. If it is not \c NULL,
84 * it must point to an initialized SHA-256 context.
86 void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
89 * \brief This function clones the state of a SHA-256 context.
91 * \param dst The destination context. This must be initialized.
92 * \param src The context to clone. This must be initialized.
94 void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
95 const mbedtls_sha256_context *src );
98 * \brief This function starts a SHA-224 or SHA-256 checksum
101 * \param ctx The context to use. This must be initialized.
102 * \param is224 This determines which function to use. This must be
103 * either \c 0 for SHA-256, or \c 1 for SHA-224.
105 * \return \c 0 on success.
106 * \return A negative error code on failure.
108 int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 );
111 * \brief This function feeds an input buffer into an ongoing
112 * SHA-256 checksum calculation.
114 * \param ctx The SHA-256 context. This must be initialized
115 * and have a hash operation started.
116 * \param input The buffer holding the data. This must be a readable
117 * buffer of length \p ilen Bytes.
118 * \param ilen The length of the input data in Bytes.
120 * \return \c 0 on success.
121 * \return A negative error code on failure.
123 int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
124 const unsigned char *input,
128 * \brief This function finishes the SHA-256 operation, and writes
129 * the result to the output buffer.
131 * \param ctx The SHA-256 context. This must be initialized
132 * and have a hash operation started.
133 * \param output The SHA-224 or SHA-256 checksum result.
134 * This must be a writable buffer of length \c 32 Bytes.
136 * \return \c 0 on success.
137 * \return A negative error code on failure.
139 int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
140 unsigned char output[32] );
143 * \brief This function processes a single data block within
144 * the ongoing SHA-256 computation. This function is for
147 * \param ctx The SHA-256 context. This must be initialized.
148 * \param data The buffer holding one block of data. This must
149 * be a readable buffer of length \c 64 Bytes.
151 * \return \c 0 on success.
152 * \return A negative error code on failure.
154 int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
155 const unsigned char data[64] );
157 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
158 #if defined(MBEDTLS_DEPRECATED_WARNING)
159 #define MBEDTLS_DEPRECATED __attribute__((deprecated))
161 #define MBEDTLS_DEPRECATED
164 * \brief This function starts a SHA-224 or SHA-256 checksum
167 * \deprecated Superseded by mbedtls_sha256_starts_ret() in 2.7.0.
169 * \param ctx The context to use. This must be initialized.
170 * \param is224 Determines which function to use. This must be
171 * either \c 0 for SHA-256, or \c 1 for SHA-224.
173 MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
177 * \brief This function feeds an input buffer into an ongoing
178 * SHA-256 checksum calculation.
180 * \deprecated Superseded by mbedtls_sha256_update_ret() in 2.7.0.
182 * \param ctx The SHA-256 context to use. This must be
183 * initialized and have a hash operation started.
184 * \param input The buffer holding the data. This must be a readable
185 * buffer of length \p ilen Bytes.
186 * \param ilen The length of the input data in Bytes.
188 MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
189 const unsigned char *input,
193 * \brief This function finishes the SHA-256 operation, and writes
194 * the result to the output buffer.
196 * \deprecated Superseded by mbedtls_sha256_finish_ret() in 2.7.0.
198 * \param ctx The SHA-256 context. This must be initialized and
199 * have a hash operation started.
200 * \param output The SHA-224 or SHA-256 checksum result. This must be
201 * a writable buffer of length \c 32 Bytes.
203 MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
204 unsigned char output[32] );
207 * \brief This function processes a single data block within
208 * the ongoing SHA-256 computation. This function is for
211 * \deprecated Superseded by mbedtls_internal_sha256_process() in 2.7.0.
213 * \param ctx The SHA-256 context. This must be initialized.
214 * \param data The buffer holding one block of data. This must be
215 * a readable buffer of size \c 64 Bytes.
217 MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx,
218 const unsigned char data[64] );
220 #undef MBEDTLS_DEPRECATED
221 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
224 * \brief This function calculates the SHA-224 or SHA-256
225 * checksum of a buffer.
227 * The function allocates the context, performs the
228 * calculation, and frees the context.
230 * The SHA-256 result is calculated as
231 * output = SHA-256(input buffer).
233 * \param input The buffer holding the data. This must be a readable
234 * buffer of length \p ilen Bytes.
235 * \param ilen The length of the input data in Bytes.
236 * \param output The SHA-224 or SHA-256 checksum result. This must
237 * be a writable buffer of length \c 32 Bytes.
238 * \param is224 Determines which function to use. This must be
239 * either \c 0 for SHA-256, or \c 1 for SHA-224.
241 int mbedtls_sha256_ret( const unsigned char *input,
243 unsigned char output[32],
246 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
247 #if defined(MBEDTLS_DEPRECATED_WARNING)
248 #define MBEDTLS_DEPRECATED __attribute__((deprecated))
250 #define MBEDTLS_DEPRECATED
254 * \brief This function calculates the SHA-224 or SHA-256 checksum
257 * The function allocates the context, performs the
258 * calculation, and frees the context.
260 * The SHA-256 result is calculated as
261 * output = SHA-256(input buffer).
263 * \deprecated Superseded by mbedtls_sha256_ret() in 2.7.0.
265 * \param input The buffer holding the data. This must be a readable
266 * buffer of length \p ilen Bytes.
267 * \param ilen The length of the input data in Bytes.
268 * \param output The SHA-224 or SHA-256 checksum result. This must be
269 * a writable buffer of length \c 32 Bytes.
270 * \param is224 Determines which function to use. This must be either
271 * \c 0 for SHA-256, or \c 1 for SHA-224.
273 MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input,
275 unsigned char output[32],
278 #undef MBEDTLS_DEPRECATED
279 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
281 #if defined(MBEDTLS_SELF_TEST)
284 * \brief The SHA-224 and SHA-256 checkup routine.
286 * \return \c 0 on success.
287 * \return \c 1 on failure.
289 int mbedtls_sha256_self_test( int verbose );
291 #endif /* MBEDTLS_SELF_TEST */
297 #endif /* mbedtls_sha256.h */