mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-04 22:13:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #7714 from daverodgman/sha3-update

Browse Source 
SHA-3 update
This commit is contained in:
Manuel Pégourié-Gonnard 2023-06-12 15:13:30 +02:00 committed by GitHub
commit 14f65a47c8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 80 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
include/mbedtls/md.h
View File

@ -113,7 +113,10 @@
#define MBEDTLS_MD_SOME_LEGACY #define MBEDTLS_MD_SOME_LEGACY
#endif #endif
#if defined(MBEDTLS_SHA3_C) #if defined(MBEDTLS_SHA3_C)
#define MBEDTLS_MD_CAN_SHA3 #define MBEDTLS_MD_CAN_SHA3_224
#define MBEDTLS_MD_CAN_SHA3_256
#define MBEDTLS_MD_CAN_SHA3_384
#define MBEDTLS_MD_CAN_SHA3_512
#endif #endif
#if defined(MBEDTLS_RIPEMD160_C) #if defined(MBEDTLS_RIPEMD160_C)
#define MBEDTLS_MD_CAN_RIPEMD160 #define MBEDTLS_MD_CAN_RIPEMD160
@ -158,23 +161,37 @@ typedef enum {
MBEDTLS_MD_SHA3_512, /**< The SHA3-512 message digest. */ MBEDTLS_MD_SHA3_512, /**< The SHA3-512 message digest. */
} mbedtls_md_type_t; } mbedtls_md_type_t;
#if defined(MBEDTLS_MD_CAN_SHA512) || defined(MBEDTLS_SHA3_C) /* Note: this should always be >= PSA_HASH_MAX_SIZE
* in all builds with both CRYPTO_C and MD_LIGHT.
*
* This is to make things easier for modules such as TLS that may define a
* buffer size using MD_MAX_SIZE in a part of the code that's common to PSA
* and legacy, then assume the buffer's size is PSA_HASH_MAX_SIZE in another
* part of the code based on PSA.
*/
#if defined(MBEDTLS_MD_CAN_SHA512) || defined(MBEDTLS_MD_CAN_SHA3_512)
#define MBEDTLS_MD_MAX_SIZE 64 /* longest known is SHA512 */ #define MBEDTLS_MD_MAX_SIZE 64 /* longest known is SHA512 */
#elif defined(MBEDTLS_MD_CAN_SHA384) #elif defined(MBEDTLS_MD_CAN_SHA384) || defined(MBEDTLS_MD_CAN_SHA3_384)
#define MBEDTLS_MD_MAX_SIZE 48 /* longest known is SHA384 */ #define MBEDTLS_MD_MAX_SIZE 48 /* longest known is SHA384 */
#elif defined(MBEDTLS_MD_CAN_SHA256) #elif defined(MBEDTLS_MD_CAN_SHA256) || defined(MBEDTLS_MD_CAN_SHA3_256)
#define MBEDTLS_MD_MAX_SIZE 32 /* longest known is SHA256 */ #define MBEDTLS_MD_MAX_SIZE 32 /* longest known is SHA256 */
#elif defined(MBEDTLS_MD_CAN_SHA224) #elif defined(MBEDTLS_MD_CAN_SHA224) || defined(MBEDTLS_MD_CAN_SHA3_224)
#define MBEDTLS_MD_MAX_SIZE 28 /* longest known is SHA224 */ #define MBEDTLS_MD_MAX_SIZE 28 /* longest known is SHA224 */
#else #else
#define MBEDTLS_MD_MAX_SIZE 20 /* longest known is SHA1 or RIPE MD-160 #define MBEDTLS_MD_MAX_SIZE 20 /* longest known is SHA1 or RIPE MD-160
or smaller (MD5 and earlier) */ or smaller (MD5 and earlier) */
#endif #endif
#if defined(MBEDTLS_MD_CAN_SHA3) #if defined(MBEDTLS_MD_CAN_SHA3_224)
#define MBEDTLS_MD_MAX_BLOCK_SIZE 144 /* the longest known is SHA3-224 */ #define MBEDTLS_MD_MAX_BLOCK_SIZE 144 /* the longest known is SHA3-224 */
#elif defined(MBEDTLS_MD_CAN_SHA512) #elif defined(MBEDTLS_MD_CAN_SHA3_256)
#define MBEDTLS_MD_MAX_BLOCK_SIZE 136
#elif defined(MBEDTLS_MD_CAN_SHA512) || defined(MBEDTLS_MD_CAN_SHA384)
#define MBEDTLS_MD_MAX_BLOCK_SIZE 128 #define MBEDTLS_MD_MAX_BLOCK_SIZE 128
#elif defined(MBEDTLS_MD_CAN_SHA3_384)
#define MBEDTLS_MD_MAX_BLOCK_SIZE 104
#elif defined(MBEDTLS_MD_CAN_SHA3_512)
#define MBEDTLS_MD_MAX_BLOCK_SIZE 72
#else #else
#define MBEDTLS_MD_MAX_BLOCK_SIZE 64 #define MBEDTLS_MD_MAX_BLOCK_SIZE 64
#endif #endif

47
library/md.c
View File

@ -139,25 +139,34 @@ const mbedtls_md_info_t mbedtls_sha512_info = {
}; };
#endif #endif
#if defined(MBEDTLS_MD_CAN_SHA3) #if defined(MBEDTLS_MD_CAN_SHA3_224)
const mbedtls_md_info_t mbedtls_sha3_224_info = { const mbedtls_md_info_t mbedtls_sha3_224_info = {
"SHA3-224", "SHA3-224",
MBEDTLS_MD_SHA3_224, MBEDTLS_MD_SHA3_224,
28, 28,
144, 144,
}; };
#endif
#if defined(MBEDTLS_MD_CAN_SHA3_256)
const mbedtls_md_info_t mbedtls_sha3_256_info = { const mbedtls_md_info_t mbedtls_sha3_256_info = {
"SHA3-256", "SHA3-256",
MBEDTLS_MD_SHA3_256, MBEDTLS_MD_SHA3_256,
32, 32,
136, 136,
}; };
#endif
#if defined(MBEDTLS_MD_CAN_SHA3_384)
const mbedtls_md_info_t mbedtls_sha3_384_info = { const mbedtls_md_info_t mbedtls_sha3_384_info = {
"SHA3-384", "SHA3-384",
MBEDTLS_MD_SHA3_384, MBEDTLS_MD_SHA3_384,
48, 48,
104, 104,
}; };
#endif
#if defined(MBEDTLS_MD_CAN_SHA3_512)
const mbedtls_md_info_t mbedtls_sha3_512_info = { const mbedtls_md_info_t mbedtls_sha3_512_info = {
"SHA3-512", "SHA3-512",
MBEDTLS_MD_SHA3_512, MBEDTLS_MD_SHA3_512,
@ -197,13 +206,19 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type)
case MBEDTLS_MD_SHA512: case MBEDTLS_MD_SHA512:
return &mbedtls_sha512_info; return &mbedtls_sha512_info;
#endif #endif
#if defined(MBEDTLS_SHA3_C) #if defined(MBEDTLS_MD_CAN_SHA3_224)
case MBEDTLS_MD_SHA3_224: case MBEDTLS_MD_SHA3_224:
return &mbedtls_sha3_224_info; return &mbedtls_sha3_224_info;
#endif
#if defined(MBEDTLS_MD_CAN_SHA3_256)
case MBEDTLS_MD_SHA3_256: case MBEDTLS_MD_SHA3_256:
return &mbedtls_sha3_256_info; return &mbedtls_sha3_256_info;
#endif
#if defined(MBEDTLS_MD_CAN_SHA3_384)
case MBEDTLS_MD_SHA3_384: case MBEDTLS_MD_SHA3_384:
return &mbedtls_sha3_384_info; return &mbedtls_sha3_384_info;
#endif
#if defined(MBEDTLS_MD_CAN_SHA3_512)
case MBEDTLS_MD_SHA3_512: case MBEDTLS_MD_SHA3_512:
return &mbedtls_sha3_512_info; return &mbedtls_sha3_512_info;
#endif #endif
@ -889,10 +904,19 @@ static const int supported_digests[] = {
MBEDTLS_MD_MD5, MBEDTLS_MD_MD5,
#endif #endif
#if defined(MBEDTLS_MD_CAN_SHA3) #if defined(MBEDTLS_MD_CAN_SHA3_224)
MBEDTLS_MD_SHA3_224, MBEDTLS_MD_SHA3_224,
#endif
#if defined(MBEDTLS_MD_CAN_SHA3_256)
MBEDTLS_MD_SHA3_256, MBEDTLS_MD_SHA3_256,
#endif
#if defined(MBEDTLS_MD_CAN_SHA3_384)
MBEDTLS_MD_SHA3_384, MBEDTLS_MD_SHA3_384,
#endif
#if defined(MBEDTLS_MD_CAN_SHA3_512)
MBEDTLS_MD_SHA3_512, MBEDTLS_MD_SHA3_512,
#endif #endif
@ -946,14 +970,23 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name)
return mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); return mbedtls_md_info_from_type(MBEDTLS_MD_SHA512);
} }
#endif #endif
#if defined(MBEDTLS_SHA3_C) #if defined(MBEDTLS_MD_CAN_SHA3_224)
if (!strcmp("SHA3-224", md_name)) { if (!strcmp("SHA3-224", md_name)) {
return mbedtls_md_info_from_type(MBEDTLS_MD_SHA3_224); return mbedtls_md_info_from_type(MBEDTLS_MD_SHA3_224);
} else if (!strcmp("SHA3-256", md_name)) { }
#endif
#if defined(MBEDTLS_MD_CAN_SHA3_256)
if (!strcmp("SHA3-256", md_name)) {
return mbedtls_md_info_from_type(MBEDTLS_MD_SHA3_256); return mbedtls_md_info_from_type(MBEDTLS_MD_SHA3_256);
} else if (!strcmp("SHA3-384", md_name)) { }
#endif
#if defined(MBEDTLS_MD_CAN_SHA3_384)
if (!strcmp("SHA3-384", md_name)) {
return mbedtls_md_info_from_type(MBEDTLS_MD_SHA3_384); return mbedtls_md_info_from_type(MBEDTLS_MD_SHA3_384);
} else if (!strcmp("SHA3-512", md_name)) { }
#endif
#if defined(MBEDTLS_MD_CAN_SHA3_512)
if (!strcmp("SHA3-512", md_name)) {
return mbedtls_md_info_from_type(MBEDTLS_MD_SHA3_512); return mbedtls_md_info_from_type(MBEDTLS_MD_SHA3_512);
} }
#endif #endif

32
tests/suites/test_suite_hmac_drbg.misc.data
View File

@ -19,19 +19,19 @@ depends_on:MBEDTLS_MD_CAN_SHA512
hmac_drbg_entropy_usage:MBEDTLS_MD_SHA512 hmac_drbg_entropy_usage:MBEDTLS_MD_SHA512
HMAC_DRBG entropy usage SHA3-224 HMAC_DRBG entropy usage SHA3-224
depends_on:MBEDTLS_MD_CAN_SHA3 depends_on:MBEDTLS_MD_CAN_SHA3_224
hmac_drbg_entropy_usage:MBEDTLS_MD_SHA3_224 hmac_drbg_entropy_usage:MBEDTLS_MD_SHA3_224
HMAC_DRBG entropy usage SHA3-256 HMAC_DRBG entropy usage SHA3-256
depends_on:MBEDTLS_MD_CAN_SHA3 depends_on:MBEDTLS_MD_CAN_SHA3_256
hmac_drbg_entropy_usage:MBEDTLS_MD_SHA3_256 hmac_drbg_entropy_usage:MBEDTLS_MD_SHA3_256
HMAC_DRBG entropy usage SHA3-384 HMAC_DRBG entropy usage SHA3-384
depends_on:MBEDTLS_MD_CAN_SHA3 depends_on:MBEDTLS_MD_CAN_SHA3_384
hmac_drbg_entropy_usage:MBEDTLS_MD_SHA3_384 hmac_drbg_entropy_usage:MBEDTLS_MD_SHA3_384
HMAC_DRBG entropy usage SHA3-512 HMAC_DRBG entropy usage SHA3-512
depends_on:MBEDTLS_MD_CAN_SHA3 depends_on:MBEDTLS_MD_CAN_SHA3_512
hmac_drbg_entropy_usage:MBEDTLS_MD_SHA3_512 hmac_drbg_entropy_usage:MBEDTLS_MD_SHA3_512
HMAC_DRBG write/update seed file SHA-1 [#1] HMAC_DRBG write/update seed file SHA-1 [#1]
@ -75,35 +75,35 @@ depends_on:MBEDTLS_MD_CAN_SHA512
hmac_drbg_seed_file:MBEDTLS_MD_SHA512:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR hmac_drbg_seed_file:MBEDTLS_MD_SHA512:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR
HMAC_DRBG write/update seed file SHA3-224 [#1] HMAC_DRBG write/update seed file SHA3-224 [#1]
depends_on:MBEDTLS_MD_CAN_SHA3 depends_on:MBEDTLS_MD_CAN_SHA3_224
hmac_drbg_seed_file:MBEDTLS_MD_SHA3_224:"data_files/hmac_drbg_seed":0 hmac_drbg_seed_file:MBEDTLS_MD_SHA3_224:"data_files/hmac_drbg_seed":0
HMAC_DRBG write/update seed file SHA3-224 [#2] HMAC_DRBG write/update seed file SHA3-224 [#2]
depends_on:MBEDTLS_MD_CAN_SHA3 depends_on:MBEDTLS_MD_CAN_SHA3_224
hmac_drbg_seed_file:MBEDTLS_MD_SHA3_224:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR hmac_drbg_seed_file:MBEDTLS_MD_SHA3_224:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR
HMAC_DRBG write/update seed file SHA3-256 [#1] HMAC_DRBG write/update seed file SHA3-256 [#1]
depends_on:MBEDTLS_MD_CAN_SHA3 depends_on:MBEDTLS_MD_CAN_SHA3_256
hmac_drbg_seed_file:MBEDTLS_MD_SHA3_256:"data_files/hmac_drbg_seed":0 hmac_drbg_seed_file:MBEDTLS_MD_SHA3_256:"data_files/hmac_drbg_seed":0
HMAC_DRBG write/update seed file SHA3-256 [#2] HMAC_DRBG write/update seed file SHA3-256 [#2]
depends_on:MBEDTLS_MD_CAN_SHA3 depends_on:MBEDTLS_MD_CAN_SHA3_256
hmac_drbg_seed_file:MBEDTLS_MD_SHA3_256:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR hmac_drbg_seed_file:MBEDTLS_MD_SHA3_256:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR
HMAC_DRBG write/update seed file SHA3-384 [#1] HMAC_DRBG write/update seed file SHA3-384 [#1]
depends_on:MBEDTLS_MD_CAN_SHA3 depends_on:MBEDTLS_MD_CAN_SHA3_384
hmac_drbg_seed_file:MBEDTLS_MD_SHA3_384:"data_files/hmac_drbg_seed":0 hmac_drbg_seed_file:MBEDTLS_MD_SHA3_384:"data_files/hmac_drbg_seed":0
HMAC_DRBG write/update seed file SHA3-384 [#2] HMAC_DRBG write/update seed file SHA3-384 [#2]
depends_on:MBEDTLS_MD_CAN_SHA3 depends_on:MBEDTLS_MD_CAN_SHA3_384
hmac_drbg_seed_file:MBEDTLS_MD_SHA3_384:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR hmac_drbg_seed_file:MBEDTLS_MD_SHA3_384:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR
HMAC_DRBG write/update seed file SHA3-512 [#1] HMAC_DRBG write/update seed file SHA3-512 [#1]
depends_on:MBEDTLS_MD_CAN_SHA3 depends_on:MBEDTLS_MD_CAN_SHA3_512
hmac_drbg_seed_file:MBEDTLS_MD_SHA3_512:"data_files/hmac_drbg_seed":0 hmac_drbg_seed_file:MBEDTLS_MD_SHA3_512:"data_files/hmac_drbg_seed":0
HMAC_DRBG write/update seed file SHA3-512 [#2] HMAC_DRBG write/update seed file SHA3-512 [#2]
depends_on:MBEDTLS_MD_CAN_SHA3 depends_on:MBEDTLS_MD_CAN_SHA3_512
hmac_drbg_seed_file:MBEDTLS_MD_SHA3_512:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR hmac_drbg_seed_file:MBEDTLS_MD_SHA3_512:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR
HMAC_DRBG from buffer SHA-1 HMAC_DRBG from buffer SHA-1
@ -127,19 +127,19 @@ depends_on:MBEDTLS_MD_CAN_SHA512
hmac_drbg_buf:MBEDTLS_MD_SHA512 hmac_drbg_buf:MBEDTLS_MD_SHA512
HMAC_DRBG from buffer SHA3-224 HMAC_DRBG from buffer SHA3-224
depends_on:MBEDTLS_MD_CAN_SHA3 depends_on:MBEDTLS_MD_CAN_SHA3_224
hmac_drbg_buf:MBEDTLS_MD_SHA3_224 hmac_drbg_buf:MBEDTLS_MD_SHA3_224
HMAC_DRBG from buffer SHA3-256 HMAC_DRBG from buffer SHA3-256
depends_on:MBEDTLS_MD_CAN_SHA3 depends_on:MBEDTLS_MD_CAN_SHA3_256
hmac_drbg_buf:MBEDTLS_MD_SHA3_256 hmac_drbg_buf:MBEDTLS_MD_SHA3_256
HMAC_DRBG from buffer SHA3-384 HMAC_DRBG from buffer SHA3-384
depends_on:MBEDTLS_MD_CAN_SHA3 depends_on:MBEDTLS_MD_CAN_SHA3_384
hmac_drbg_buf:MBEDTLS_MD_SHA3_384 hmac_drbg_buf:MBEDTLS_MD_SHA3_384
HMAC_DRBG from buffer SHA3-512 HMAC_DRBG from buffer SHA3-512
depends_on:MBEDTLS_MD_CAN_SHA3 depends_on:MBEDTLS_MD_CAN_SHA3_512
hmac_drbg_buf:MBEDTLS_MD_SHA3_512 hmac_drbg_buf:MBEDTLS_MD_SHA3_512
HMAC_DRBG self test HMAC_DRBG self test