/src/openssl30/crypto/evp/legacy_sha.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | /* |
11 | | * All SHA low level APIs are deprecated for public use, but still ok for |
12 | | * internal use. |
13 | | */ |
14 | | #include "internal/deprecated.h" |
15 | | |
16 | | #include <openssl/sha.h> /* diverse SHA macros */ |
17 | | #include "internal/sha3.h" /* KECCAK1600_WIDTH */ |
18 | | #include "crypto/evp.h" |
19 | | /* Used by legacy methods */ |
20 | | #include "crypto/sha.h" |
21 | | #include "legacy_meth.h" |
22 | | #include "evp_local.h" |
23 | | |
24 | | /*- |
25 | | * LEGACY methods for SHA. |
26 | | * These only remain to support engines that can get these methods. |
27 | | * Hardware support for SHA3 has been removed from these legacy cases. |
28 | | */ |
29 | | #define IMPLEMENT_LEGACY_EVP_MD_METH_SHA3(nm, fn, tag) \ |
30 | | static int nm##_init(EVP_MD_CTX *ctx) \ |
31 | 0 | { \ |
32 | 0 | return fn##_init(EVP_MD_CTX_get0_md_data(ctx), tag, ctx->digest->md_size * 8); \ |
33 | 0 | } \ |
34 | | static int nm##_update(EVP_MD_CTX *ctx, const void *data, size_t count) \ |
35 | 0 | { \ |
36 | 0 | return fn##_update(EVP_MD_CTX_get0_md_data(ctx), data, count); \ |
37 | 0 | } \ |
38 | | static int nm##_final(EVP_MD_CTX *ctx, unsigned char *md) \ |
39 | 0 | { \ |
40 | 0 | return fn##_final(md, EVP_MD_CTX_get0_md_data(ctx)); \ |
41 | 0 | } |
42 | | #define IMPLEMENT_LEGACY_EVP_MD_METH_SHAKE(nm, fn, tag) \ |
43 | | static int nm##_init(EVP_MD_CTX *ctx) \ |
44 | 0 | { \ |
45 | 0 | return fn##_init(EVP_MD_CTX_get0_md_data(ctx), tag, ctx->digest->md_size * 8); \ |
46 | 0 | } |
47 | | |
48 | 0 | #define sha512_224_Init sha512_224_init |
49 | 0 | #define sha512_256_Init sha512_256_init |
50 | | |
51 | 0 | #define sha512_224_Update SHA512_Update |
52 | 0 | #define sha512_224_Final SHA512_Final |
53 | 0 | #define sha512_256_Update SHA512_Update |
54 | 0 | #define sha512_256_Final SHA512_Final |
55 | | |
56 | | IMPLEMENT_LEGACY_EVP_MD_METH(sha1, SHA1) |
57 | | IMPLEMENT_LEGACY_EVP_MD_METH(sha224, SHA224) |
58 | | IMPLEMENT_LEGACY_EVP_MD_METH(sha256, SHA256) |
59 | | IMPLEMENT_LEGACY_EVP_MD_METH(sha384, SHA384) |
60 | | IMPLEMENT_LEGACY_EVP_MD_METH(sha512, SHA512) |
61 | | IMPLEMENT_LEGACY_EVP_MD_METH(sha512_224_int, sha512_224) |
62 | | IMPLEMENT_LEGACY_EVP_MD_METH(sha512_256_int, sha512_256) |
63 | | IMPLEMENT_LEGACY_EVP_MD_METH_SHA3(sha3_int, ossl_sha3, '\x06') |
64 | | IMPLEMENT_LEGACY_EVP_MD_METH_SHAKE(shake, ossl_sha3, '\x1f') |
65 | | |
66 | | static int sha1_int_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2) |
67 | 0 | { |
68 | 0 | return ossl_sha1_ctrl(ctx != NULL ? EVP_MD_CTX_get0_md_data(ctx) : NULL, |
69 | 0 | cmd, p1, p2); |
70 | 0 | } |
71 | | |
72 | | static int shake_ctrl(EVP_MD_CTX *evp_ctx, int cmd, int p1, void *p2) |
73 | 0 | { |
74 | 0 | KECCAK1600_CTX *ctx; |
75 | |
|
76 | 0 | if (evp_ctx == NULL) |
77 | 0 | return 0; |
78 | 0 | ctx = evp_ctx->md_data; |
79 | |
|
80 | 0 | switch (cmd) { |
81 | 0 | case EVP_MD_CTRL_XOF_LEN: |
82 | 0 | ctx->md_size = p1; |
83 | 0 | return 1; |
84 | 0 | default: |
85 | 0 | return 0; |
86 | 0 | } |
87 | 0 | } |
88 | | |
89 | | static const EVP_MD sha1_md = { |
90 | | NID_sha1, |
91 | | NID_sha1WithRSAEncryption, |
92 | | SHA_DIGEST_LENGTH, |
93 | | EVP_MD_FLAG_DIGALGID_ABSENT, |
94 | | EVP_ORIG_GLOBAL, |
95 | | LEGACY_EVP_MD_METH_TABLE(sha1_init, sha1_update, sha1_final, sha1_int_ctrl, |
96 | | SHA_CBLOCK), |
97 | | }; |
98 | | |
99 | | const EVP_MD *EVP_sha1(void) |
100 | 434k | { |
101 | 434k | return &sha1_md; |
102 | 434k | } |
103 | | |
104 | | static const EVP_MD sha224_md = { |
105 | | NID_sha224, |
106 | | NID_sha224WithRSAEncryption, |
107 | | SHA224_DIGEST_LENGTH, |
108 | | EVP_MD_FLAG_DIGALGID_ABSENT, |
109 | | EVP_ORIG_GLOBAL, |
110 | | LEGACY_EVP_MD_METH_TABLE(sha224_init, sha224_update, sha224_final, NULL, |
111 | | SHA256_CBLOCK), |
112 | | }; |
113 | | |
114 | | const EVP_MD *EVP_sha224(void) |
115 | 164 | { |
116 | 164 | return &sha224_md; |
117 | 164 | } |
118 | | |
119 | | static const EVP_MD sha256_md = { |
120 | | NID_sha256, |
121 | | NID_sha256WithRSAEncryption, |
122 | | SHA256_DIGEST_LENGTH, |
123 | | EVP_MD_FLAG_DIGALGID_ABSENT, |
124 | | EVP_ORIG_GLOBAL, |
125 | | LEGACY_EVP_MD_METH_TABLE(sha256_init, sha256_update, sha256_final, NULL, |
126 | | SHA256_CBLOCK), |
127 | | }; |
128 | | |
129 | | const EVP_MD *EVP_sha256(void) |
130 | 164 | { |
131 | 164 | return &sha256_md; |
132 | 164 | } |
133 | | |
134 | | static const EVP_MD sha512_224_md = { |
135 | | NID_sha512_224, |
136 | | NID_sha512_224WithRSAEncryption, |
137 | | SHA224_DIGEST_LENGTH, |
138 | | EVP_MD_FLAG_DIGALGID_ABSENT, |
139 | | EVP_ORIG_GLOBAL, |
140 | | LEGACY_EVP_MD_METH_TABLE(sha512_224_int_init, sha512_224_int_update, |
141 | | sha512_224_int_final, NULL, SHA512_CBLOCK), |
142 | | }; |
143 | | |
144 | | const EVP_MD *EVP_sha512_224(void) |
145 | 164 | { |
146 | 164 | return &sha512_224_md; |
147 | 164 | } |
148 | | |
149 | | static const EVP_MD sha512_256_md = { |
150 | | NID_sha512_256, |
151 | | NID_sha512_256WithRSAEncryption, |
152 | | SHA256_DIGEST_LENGTH, |
153 | | EVP_MD_FLAG_DIGALGID_ABSENT, |
154 | | EVP_ORIG_GLOBAL, |
155 | | LEGACY_EVP_MD_METH_TABLE(sha512_256_int_init, sha512_256_int_update, |
156 | | sha512_256_int_final, NULL, SHA512_CBLOCK), |
157 | | }; |
158 | | |
159 | | const EVP_MD *EVP_sha512_256(void) |
160 | 164 | { |
161 | 164 | return &sha512_256_md; |
162 | 164 | } |
163 | | |
164 | | static const EVP_MD sha384_md = { |
165 | | NID_sha384, |
166 | | NID_sha384WithRSAEncryption, |
167 | | SHA384_DIGEST_LENGTH, |
168 | | EVP_MD_FLAG_DIGALGID_ABSENT, |
169 | | EVP_ORIG_GLOBAL, |
170 | | LEGACY_EVP_MD_METH_TABLE(sha384_init, sha384_update, sha384_final, NULL, |
171 | | SHA512_CBLOCK), |
172 | | }; |
173 | | |
174 | | const EVP_MD *EVP_sha384(void) |
175 | 164 | { |
176 | 164 | return &sha384_md; |
177 | 164 | } |
178 | | |
179 | | static const EVP_MD sha512_md = { |
180 | | NID_sha512, |
181 | | NID_sha512WithRSAEncryption, |
182 | | SHA512_DIGEST_LENGTH, |
183 | | EVP_MD_FLAG_DIGALGID_ABSENT, |
184 | | EVP_ORIG_GLOBAL, |
185 | | LEGACY_EVP_MD_METH_TABLE(sha512_init, sha512_update, sha512_final, NULL, |
186 | | SHA512_CBLOCK), |
187 | | }; |
188 | | |
189 | | const EVP_MD *EVP_sha512(void) |
190 | 164 | { |
191 | 164 | return &sha512_md; |
192 | 164 | } |
193 | | |
194 | | #define EVP_MD_SHA3(bitlen) \ |
195 | | const EVP_MD *EVP_sha3_##bitlen(void) \ |
196 | 656 | { \ |
197 | 656 | static const EVP_MD sha3_##bitlen##_md = { \ |
198 | 656 | NID_sha3_##bitlen, \ |
199 | 656 | NID_RSA_SHA3_##bitlen, \ |
200 | 656 | bitlen / 8, \ |
201 | 656 | EVP_MD_FLAG_DIGALGID_ABSENT, \ |
202 | 656 | EVP_ORIG_GLOBAL, \ |
203 | 656 | LEGACY_EVP_MD_METH_TABLE(sha3_int_init, sha3_int_update, \ |
204 | 656 | sha3_int_final, NULL, \ |
205 | 656 | (KECCAK1600_WIDTH - bitlen * 2) / 8), \ |
206 | 656 | }; \ |
207 | 656 | return &sha3_##bitlen##_md; \ |
208 | 656 | } |
209 | | #define EVP_MD_SHAKE(bitlen) \ |
210 | | const EVP_MD *EVP_shake##bitlen(void) \ |
211 | 328 | { \ |
212 | 328 | static const EVP_MD shake##bitlen##_md = { \ |
213 | 328 | NID_shake##bitlen, \ |
214 | 328 | 0, \ |
215 | 328 | bitlen / 8, \ |
216 | 328 | EVP_MD_FLAG_XOF | EVP_MD_FLAG_DIGALGID_ABSENT, \ |
217 | 328 | EVP_ORIG_GLOBAL, \ |
218 | 328 | LEGACY_EVP_MD_METH_TABLE(shake_init, sha3_int_update, sha3_int_final, \ |
219 | 328 | shake_ctrl, (KECCAK1600_WIDTH - bitlen * 2) / 8), \ |
220 | 328 | }; \ |
221 | 328 | return &shake##bitlen##_md; \ |
222 | 328 | } |
223 | | |
224 | 164 | EVP_MD_SHA3(224) |
225 | 164 | EVP_MD_SHA3(256) |
226 | 164 | EVP_MD_SHA3(384) |
227 | 164 | EVP_MD_SHA3(512) |
228 | | |
229 | 164 | EVP_MD_SHAKE(128) |
230 | | EVP_MD_SHAKE(256) |