Added SHA3 to MD.

This enables HMAC with SHA3. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
2025-03-21 19:20:56 +00:00 · 2022-05-20 14:17:14 +02:00 · 2022-05-20 14:17:14 +02:00 · 4712d4c3e6
commit 4712d4c3e6
parent 1f3ae1639d
3 changed files with 141 additions and 2 deletions
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@ -61,15 +61,23 @@ typedef enum {
    MBEDTLS_MD_SHA384,    /**< The SHA-384 message digest. */
    MBEDTLS_MD_SHA512,    /**< The SHA-512 message digest. */
    MBEDTLS_MD_RIPEMD160, /**< The RIPEMD-160 message digest. */
+#if defined(MBEDTLS_SHA3_C)
+    MBEDTLS_MD_SHA3_224,    /**< The SHA3-224 message digest. */
+    MBEDTLS_MD_SHA3_256,    /**< The SHA3-256 message digest. */
+    MBEDTLS_MD_SHA3_384,    /**< The SHA3-384 message digest. */
+    MBEDTLS_MD_SHA3_512,    /**< The SHA3-512 message digest. */
+#endif
 } mbedtls_md_type_t;

-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_SHA3_C)
 #define MBEDTLS_MD_MAX_SIZE         64  /* longest known is SHA512 */
 #else
 #define MBEDTLS_MD_MAX_SIZE         32  /* longest known is SHA256 or less */
 #endif

-#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_SHA3_C)
+#define MBEDTLS_MD_MAX_BLOCK_SIZE         144 /* the longest known is SHA3-224 */
+#elif defined(MBEDTLS_SHA512_C)
 #define MBEDTLS_MD_MAX_BLOCK_SIZE         128
 #else
 #define MBEDTLS_MD_MAX_BLOCK_SIZE         64
--- a/library/md.c
+++ b/library/md.c
@ -35,6 +35,9 @@
 #include "mbedtls/sha1.h"
 #include "mbedtls/sha256.h"
 #include "mbedtls/sha512.h"
+#if defined(MBEDTLS_SHA3_C)
+#include "mbedtls/sha3.h"
+#endif

 #if defined(MBEDTLS_PLATFORM_C)
 #include "mbedtls/platform.h"
@ -113,11 +116,46 @@ const mbedtls_md_info_t mbedtls_sha512_info = {
 };
 #endif

+#if defined(MBEDTLS_SHA3_C)
+const mbedtls_md_info_t mbedtls_sha3_224_info = {
+    "SHA3-224",
+    MBEDTLS_MD_SHA3_224,
+    28,
+    144,
+};
+const mbedtls_md_info_t mbedtls_sha3_256_info = {
+    "SHA3-256",
+    MBEDTLS_MD_SHA3_256,
+    32,
+    136,
+};
+const mbedtls_md_info_t mbedtls_sha3_384_info = {
+    "SHA3-384",
+    MBEDTLS_MD_SHA3_384,
+    48,
+    104,
+};
+const mbedtls_md_info_t mbedtls_sha3_512_info = {
+    "SHA3-512",
+    MBEDTLS_MD_SHA3_512,
+    64,
+    72,
+};
+#endif
+
+
 /*
 * Reminder: update profiles in x509_crt.c when adding a new hash!
 */
 static const int supported_digests[] = {

+#if defined(MBEDTLS_SHA3_C)
+        MBEDTLS_MD_SHA3_512,
+        MBEDTLS_MD_SHA3_384,
+        MBEDTLS_MD_SHA3_256,
+        MBEDTLS_MD_SHA3_224,
+#endif
+
 #if defined(MBEDTLS_SHA512_C)
        MBEDTLS_MD_SHA512,
 #endif
@ -186,6 +224,16 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name )
 #if defined(MBEDTLS_SHA512_C)
    if( !strcmp( "SHA512", md_name ) )
        return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 );
+#endif
+#if defined(MBEDTLS_SHA3_C)
+    if( !strcmp( "SHA3-224", md_name ) )
+        return mbedtls_md_info_from_type( MBEDTLS_MD_SHA3_224 );
+    if( !strcmp( "SHA3-256", md_name ) )
+        return mbedtls_md_info_from_type( MBEDTLS_MD_SHA3_256 );
+    if( !strcmp( "SHA3-384", md_name ) )
+        return mbedtls_md_info_from_type( MBEDTLS_MD_SHA3_384 );
+    if( !strcmp( "SHA3-512", md_name ) )
+        return mbedtls_md_info_from_type( MBEDTLS_MD_SHA3_512 );
 #endif
    return( NULL );
 }
@ -221,6 +269,16 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
 #if defined(MBEDTLS_SHA512_C)
        case MBEDTLS_MD_SHA512:
            return( &mbedtls_sha512_info );
+#endif
+#if defined(MBEDTLS_SHA3_C)
+        case MBEDTLS_MD_SHA3_224:
+            return( &mbedtls_sha3_224_info );
+        case MBEDTLS_MD_SHA3_256:
+            return( &mbedtls_sha3_256_info );
+        case MBEDTLS_MD_SHA3_384:
+            return( &mbedtls_sha3_384_info );
+        case MBEDTLS_MD_SHA3_512:
+            return( &mbedtls_sha3_512_info );
 #endif
        default:
            return( NULL );
@ -284,6 +342,14 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx )
            case MBEDTLS_MD_SHA512:
                mbedtls_sha512_free( ctx->md_ctx );
                break;
+#endif
+#if defined(MBEDTLS_SHA3_C)
+            case MBEDTLS_MD_SHA3_224:
+            case MBEDTLS_MD_SHA3_256:
+            case MBEDTLS_MD_SHA3_384:
+            case MBEDTLS_MD_SHA3_512:
+                mbedtls_sha3_free( ctx->md_ctx );
+                break;
 #endif
            default:
                /* Shouldn't happen */
@ -348,6 +414,14 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst,
        case MBEDTLS_MD_SHA512:
            mbedtls_sha512_clone( dst->md_ctx, src->md_ctx );
            break;
+#endif
+#if defined(MBEDTLS_SHA3_C)
+        case MBEDTLS_MD_SHA3_224:
+        case MBEDTLS_MD_SHA3_256:
+        case MBEDTLS_MD_SHA3_384:
+        case MBEDTLS_MD_SHA3_512:
+            mbedtls_sha3_clone( dst->md_ctx, src->md_ctx );
+            break;
 #endif
        default:
            return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@ -410,6 +484,14 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf
        case MBEDTLS_MD_SHA512:
            ALLOC( sha512 );
            break;
+#endif
+#if defined(MBEDTLS_SHA3_C)
+        case MBEDTLS_MD_SHA3_224:
+        case MBEDTLS_MD_SHA3_256:
+        case MBEDTLS_MD_SHA3_384:
+        case MBEDTLS_MD_SHA3_512:
+            ALLOC( sha3 );
+            break;
 #endif
        default:
            return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@ -463,6 +545,16 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx )
 #if defined(MBEDTLS_SHA512_C)
        case MBEDTLS_MD_SHA512:
            return( mbedtls_sha512_starts( ctx->md_ctx, 0 ) );
+#endif
+#if defined(MBEDTLS_SHA3_C)
+        case MBEDTLS_MD_SHA3_224:
+            return( mbedtls_sha3_starts( ctx->md_ctx, MBEDTLS_SHA3_224 ) );
+        case MBEDTLS_MD_SHA3_256:
+            return( mbedtls_sha3_starts( ctx->md_ctx, MBEDTLS_SHA3_256 ) );
+        case MBEDTLS_MD_SHA3_384:
+            return( mbedtls_sha3_starts( ctx->md_ctx, MBEDTLS_SHA3_384 ) );
+        case MBEDTLS_MD_SHA3_512:
+            return( mbedtls_sha3_starts( ctx->md_ctx, MBEDTLS_SHA3_512 ) );
 #endif
        default:
            return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@ -503,6 +595,13 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si
 #if defined(MBEDTLS_SHA512_C)
        case MBEDTLS_MD_SHA512:
            return( mbedtls_sha512_update( ctx->md_ctx, input, ilen ) );
+#endif
+#if defined(MBEDTLS_SHA3_C)
+        case MBEDTLS_MD_SHA3_224:
+        case MBEDTLS_MD_SHA3_256:
+        case MBEDTLS_MD_SHA3_384:
+        case MBEDTLS_MD_SHA3_512:
+            return( mbedtls_sha3_update( ctx->md_ctx, input, ilen ) );
 #endif
        default:
            return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@ -543,6 +642,13 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
 #if defined(MBEDTLS_SHA512_C)
        case MBEDTLS_MD_SHA512:
            return( mbedtls_sha512_finish( ctx->md_ctx, output ) );
+#endif
+#if defined(MBEDTLS_SHA3_C)
+        case MBEDTLS_MD_SHA3_224:
+        case MBEDTLS_MD_SHA3_256:
+        case MBEDTLS_MD_SHA3_384:
+        case MBEDTLS_MD_SHA3_512:
+            return( mbedtls_sha3_finish( ctx->md_ctx, output, ctx->md_info->size ) );
 #endif
        default:
            return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@ -584,6 +690,16 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si
 #if defined(MBEDTLS_SHA512_C)
        case MBEDTLS_MD_SHA512:
            return( mbedtls_sha512( input, ilen, output, 0 ) );
+#endif
+#if defined(MBEDTLS_SHA3_C)
+        case MBEDTLS_MD_SHA3_224:
+            return( mbedtls_sha3( MBEDTLS_SHA3_224, input, ilen, output, md_info->size ) );
+        case MBEDTLS_MD_SHA3_256:
+            return( mbedtls_sha3( MBEDTLS_SHA3_256, input, ilen, output, md_info->size ) );
+        case MBEDTLS_MD_SHA3_384:
+            return( mbedtls_sha3( MBEDTLS_SHA3_384, input, ilen, output, md_info->size ) );
+        case MBEDTLS_MD_SHA3_512:
+            return( mbedtls_sha3( MBEDTLS_SHA3_512, input, ilen, output, md_info->size ) );
 #endif
        default:
            return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@ -788,6 +904,15 @@ int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
 #if defined(MBEDTLS_SHA512_C)
        case MBEDTLS_MD_SHA512:
            return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) );
+#endif
+#if defined(MBEDTLS_SHA3_C)
+        /* mbedtls_md_process() is used for test suite. Since, sha3.c does not
+           implement mbedtls_sha3_process(), we silently return 0 */
+        case MBEDTLS_MD_SHA3_224:
+        case MBEDTLS_MD_SHA3_256:
+        case MBEDTLS_MD_SHA3_384:
+        case MBEDTLS_MD_SHA3_512:
+            return( 0 );
 #endif
        default:
            return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
--- a/library/md_wrap.h
+++ b/library/md_wrap.h
@ -74,6 +74,12 @@ extern const mbedtls_md_info_t mbedtls_sha384_info;
 #if defined(MBEDTLS_SHA512_C)
 extern const mbedtls_md_info_t mbedtls_sha512_info;
 #endif
+#if defined(MBEDTLS_SHA3_C)
+extern const mbedtls_md_info_t mbedtls_sha3_224_info;
+extern const mbedtls_md_info_t mbedtls_sha3_256_info;
+extern const mbedtls_md_info_t mbedtls_sha3_384_info;
+extern const mbedtls_md_info_t mbedtls_sha3_512_info;
+#endif

 #ifdef __cplusplus
 }