1/* $OpenBSD: m_sha1.c,v 1.26 2024/04/09 13:52:41 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to.  The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 *    notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 *    notice, this list of conditions and the following disclaimer in the
30 *    documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 *    must display the following acknowledgement:
33 *    "This product includes cryptographic software written by
34 *     Eric Young (eay@cryptsoft.com)"
35 *    The word 'cryptographic' can be left out if the rouines from the library
36 *    being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 *    the apps directory (application code) you must include an acknowledgement:
39 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed.  i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#ifndef OPENSSL_NO_SHA
64
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67#include <openssl/sha.h>
68
69#ifndef OPENSSL_NO_RSA
70#include <openssl/rsa.h>
71#endif
72
73#include "evp_local.h"
74#include "sha_internal.h"
75
76static int
77sha1_init(EVP_MD_CTX *ctx)
78{
79	return SHA1_Init(ctx->md_data);
80}
81
82static int
83sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count)
84{
85	return SHA1_Update(ctx->md_data, data, count);
86}
87
88static int
89sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
90{
91	return SHA1_Final(md, ctx->md_data);
92}
93
94static const EVP_MD sha1_md = {
95	.type = NID_sha1,
96	.pkey_type = NID_sha1WithRSAEncryption,
97	.md_size = SHA_DIGEST_LENGTH,
98	.flags = EVP_MD_FLAG_DIGALGID_ABSENT,
99	.init = sha1_init,
100	.update = sha1_update,
101	.final = sha1_final,
102	.copy = NULL,
103	.cleanup = NULL,
104	.block_size = SHA_CBLOCK,
105	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
106};
107
108const EVP_MD *
109EVP_sha1(void)
110{
111	return &sha1_md;
112}
113LCRYPTO_ALIAS(EVP_sha1);
114#endif
115
116#ifndef OPENSSL_NO_SHA256
117static int
118sha224_init(EVP_MD_CTX *ctx)
119{
120	return SHA224_Init(ctx->md_data);
121}
122
123static int
124sha224_update(EVP_MD_CTX *ctx, const void *data, size_t count)
125{
126	/*
127	 * Even though there're separate SHA224_[Update|Final], we call
128	 * SHA256 functions even in SHA224 context. This is what happens
129	 * there anyway, so we can spare few CPU cycles:-)
130	 */
131	return SHA256_Update(ctx->md_data, data, count);
132}
133
134static int
135sha224_final(EVP_MD_CTX *ctx, unsigned char *md)
136{
137	return SHA224_Final(md, ctx->md_data);
138}
139
140static const EVP_MD sha224_md = {
141	.type = NID_sha224,
142	.pkey_type = NID_sha224WithRSAEncryption,
143	.md_size = SHA224_DIGEST_LENGTH,
144	.flags = EVP_MD_FLAG_DIGALGID_ABSENT,
145	.init = sha224_init,
146	.update = sha224_update,
147	.final = sha224_final,
148	.copy = NULL,
149	.cleanup = NULL,
150	.block_size = SHA256_CBLOCK,
151	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA256_CTX),
152};
153
154const EVP_MD *
155EVP_sha224(void)
156{
157	return &sha224_md;
158}
159LCRYPTO_ALIAS(EVP_sha224);
160
161static int
162sha256_init(EVP_MD_CTX *ctx)
163{
164	return SHA256_Init(ctx->md_data);
165}
166
167static int
168sha256_update(EVP_MD_CTX *ctx, const void *data, size_t count)
169{
170	return SHA256_Update(ctx->md_data, data, count);
171}
172
173static int
174sha256_final(EVP_MD_CTX *ctx, unsigned char *md)
175{
176	return SHA256_Final(md, ctx->md_data);
177}
178
179static const EVP_MD sha256_md = {
180	.type = NID_sha256,
181	.pkey_type = NID_sha256WithRSAEncryption,
182	.md_size = SHA256_DIGEST_LENGTH,
183	.flags = EVP_MD_FLAG_DIGALGID_ABSENT,
184	.init = sha256_init,
185	.update = sha256_update,
186	.final = sha256_final,
187	.copy = NULL,
188	.cleanup = NULL,
189	.block_size = SHA256_CBLOCK,
190	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA256_CTX),
191};
192
193const EVP_MD *
194EVP_sha256(void)
195{
196	return &sha256_md;
197}
198LCRYPTO_ALIAS(EVP_sha256);
199#endif	/* ifndef OPENSSL_NO_SHA256 */
200
201#ifndef OPENSSL_NO_SHA512
202static int
203sha384_init(EVP_MD_CTX *ctx)
204{
205	return SHA384_Init(ctx->md_data);
206}
207
208static int
209sha384_update(EVP_MD_CTX *ctx, const void *data, size_t count)
210{
211	/* See comment in SHA224/256 section */
212	return SHA512_Update(ctx->md_data, data, count);
213}
214
215static int
216sha384_final(EVP_MD_CTX *ctx, unsigned char *md)
217{
218	return SHA384_Final(md, ctx->md_data);
219}
220
221static const EVP_MD sha384_md = {
222	.type = NID_sha384,
223	.pkey_type = NID_sha384WithRSAEncryption,
224	.md_size = SHA384_DIGEST_LENGTH,
225	.flags = EVP_MD_FLAG_DIGALGID_ABSENT,
226	.init = sha384_init,
227	.update = sha384_update,
228	.final = sha384_final,
229	.copy = NULL,
230	.cleanup = NULL,
231	.block_size = SHA512_CBLOCK,
232	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX),
233};
234
235const EVP_MD *
236EVP_sha384(void)
237{
238	return &sha384_md;
239}
240LCRYPTO_ALIAS(EVP_sha384);
241
242static int
243sha512_init(EVP_MD_CTX *ctx)
244{
245	return SHA512_Init(ctx->md_data);
246}
247
248static int
249sha512_update(EVP_MD_CTX *ctx, const void *data, size_t count)
250{
251	return SHA512_Update(ctx->md_data, data, count);
252}
253
254static int
255sha512_final(EVP_MD_CTX *ctx, unsigned char *md)
256{
257	return SHA512_Final(md, ctx->md_data);
258}
259
260static const EVP_MD sha512_md = {
261	.type = NID_sha512,
262	.pkey_type = NID_sha512WithRSAEncryption,
263	.md_size = SHA512_DIGEST_LENGTH,
264	.flags = EVP_MD_FLAG_DIGALGID_ABSENT,
265	.init = sha512_init,
266	.update = sha512_update,
267	.final = sha512_final,
268	.copy = NULL,
269	.cleanup = NULL,
270	.block_size = SHA512_CBLOCK,
271	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX),
272};
273
274const EVP_MD *
275EVP_sha512(void)
276{
277	return &sha512_md;
278}
279LCRYPTO_ALIAS(EVP_sha512);
280
281static int
282sha512_224_init(EVP_MD_CTX *ctx)
283{
284	return SHA512_224_Init(ctx->md_data);
285}
286
287static int
288sha512_224_update(EVP_MD_CTX *ctx, const void *data, size_t count)
289{
290	return SHA512_224_Update(ctx->md_data, data, count);
291}
292
293static int
294sha512_224_final(EVP_MD_CTX *ctx, unsigned char *md)
295{
296	return SHA512_224_Final(md, ctx->md_data);
297}
298
299static const EVP_MD sha512_224_md = {
300	.type = NID_sha512_224,
301	.pkey_type = NID_sha512_224WithRSAEncryption,
302	.md_size = SHA512_224_DIGEST_LENGTH,
303	.flags = EVP_MD_FLAG_DIGALGID_ABSENT,
304	.init = sha512_224_init,
305	.update = sha512_224_update,
306	.final = sha512_224_final,
307	.copy = NULL,
308	.cleanup = NULL,
309	.block_size = SHA512_CBLOCK,
310	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX),
311};
312
313const EVP_MD *
314EVP_sha512_224(void)
315{
316	return &sha512_224_md;
317}
318LCRYPTO_ALIAS(EVP_sha512_224);
319
320static int
321sha512_256_init(EVP_MD_CTX *ctx)
322{
323	return SHA512_256_Init(ctx->md_data);
324}
325
326static int
327sha512_256_update(EVP_MD_CTX *ctx, const void *data, size_t count)
328{
329	return SHA512_256_Update(ctx->md_data, data, count);
330}
331
332static int
333sha512_256_final(EVP_MD_CTX *ctx, unsigned char *md)
334{
335	return SHA512_256_Final(md, ctx->md_data);
336}
337
338static const EVP_MD sha512_256_md = {
339	.type = NID_sha512_256,
340	.pkey_type = NID_sha512_256WithRSAEncryption,
341	.md_size = SHA512_256_DIGEST_LENGTH,
342	.flags = EVP_MD_FLAG_DIGALGID_ABSENT,
343	.init = sha512_256_init,
344	.update = sha512_256_update,
345	.final = sha512_256_final,
346	.copy = NULL,
347	.cleanup = NULL,
348	.block_size = SHA512_CBLOCK,
349	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX),
350};
351
352const EVP_MD *
353EVP_sha512_256(void)
354{
355	return &sha512_256_md;
356}
357LCRYPTO_ALIAS(EVP_sha512_256);
358#endif	/* ifndef OPENSSL_NO_SHA512 */
359