mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-28 08:37:25 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Added SHA3 to MD.

Browse Source 
This enables HMAC with SHA3.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos 2022-05-20 14:17:14 +02:00
parent 1f3ae1639d
commit 4712d4c3e6
No known key found for this signature in database
GPG Key ID: C0095B7870A4CCD3
3 changed files with 141 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
include/mbedtls/md.h
View File

@ -61,15 +61,23 @@ typedef enum {
MBEDTLS_MD_SHA384, /**< The SHA-384 message digest. */ MBEDTLS_MD_SHA384, /**< The SHA-384 message digest. */
MBEDTLS_MD_SHA512, /**< The SHA-512 message digest. */ MBEDTLS_MD_SHA512, /**< The SHA-512 message digest. */
MBEDTLS_MD_RIPEMD160, /**< The RIPEMD-160 message digest. */ MBEDTLS_MD_RIPEMD160, /**< The RIPEMD-160 message digest. */
#if defined(MBEDTLS_SHA3_C)
MBEDTLS_MD_SHA3_224, /**< The SHA3-224 message digest. */
MBEDTLS_MD_SHA3_256, /**< The SHA3-256 message digest. */
MBEDTLS_MD_SHA3_384, /**< The SHA3-384 message digest. */
MBEDTLS_MD_SHA3_512, /**< The SHA3-512 message digest. */
#endif
} mbedtls_md_type_t; } mbedtls_md_type_t;
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_SHA3_C)
#define MBEDTLS_MD_MAX_SIZE 64 /* longest known is SHA512 */ #define MBEDTLS_MD_MAX_SIZE 64 /* longest known is SHA512 */
#else #else
#define MBEDTLS_MD_MAX_SIZE 32 /* longest known is SHA256 or less */ #define MBEDTLS_MD_MAX_SIZE 32 /* longest known is SHA256 or less */
#endif #endif
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_SHA3_C)
#define MBEDTLS_MD_MAX_BLOCK_SIZE 144 /* the longest known is SHA3-224 */
#elif defined(MBEDTLS_SHA512_C)
#define MBEDTLS_MD_MAX_BLOCK_SIZE 128 #define MBEDTLS_MD_MAX_BLOCK_SIZE 128
#else #else
#define MBEDTLS_MD_MAX_BLOCK_SIZE 64 #define MBEDTLS_MD_MAX_BLOCK_SIZE 64

125
library/md.c
View File

@ -35,6 +35,9 @@
#include "mbedtls/sha1.h" #include "mbedtls/sha1.h"
#include "mbedtls/sha256.h" #include "mbedtls/sha256.h"
#include "mbedtls/sha512.h" #include "mbedtls/sha512.h"
#if defined(MBEDTLS_SHA3_C)
#include "mbedtls/sha3.h"
#endif
#if defined(MBEDTLS_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
@ -113,11 +116,46 @@ const mbedtls_md_info_t mbedtls_sha512_info = {
}; };
#endif #endif
#if defined(MBEDTLS_SHA3_C)
const mbedtls_md_info_t mbedtls_sha3_224_info = {
"SHA3-224",
MBEDTLS_MD_SHA3_224,
28,
144,
};
const mbedtls_md_info_t mbedtls_sha3_256_info = {
"SHA3-256",
MBEDTLS_MD_SHA3_256,
32,
136,
};
const mbedtls_md_info_t mbedtls_sha3_384_info = {
"SHA3-384",
MBEDTLS_MD_SHA3_384,
48,
104,
};
const mbedtls_md_info_t mbedtls_sha3_512_info = {
"SHA3-512",
MBEDTLS_MD_SHA3_512,
64,
72,
};
#endif
/* /*
* Reminder: update profiles in x509_crt.c when adding a new hash! * Reminder: update profiles in x509_crt.c when adding a new hash!
*/ */
static const int supported_digests[] = { static const int supported_digests[] = {
#if defined(MBEDTLS_SHA3_C)
MBEDTLS_MD_SHA3_512,
MBEDTLS_MD_SHA3_384,
MBEDTLS_MD_SHA3_256,
MBEDTLS_MD_SHA3_224,
#endif
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_SHA512_C)
MBEDTLS_MD_SHA512, MBEDTLS_MD_SHA512,
#endif #endif
@ -186,6 +224,16 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name )
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_SHA512_C)
if( !strcmp( "SHA512", md_name ) ) if( !strcmp( "SHA512", md_name ) )
return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 ); return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 );
#endif
#if defined(MBEDTLS_SHA3_C)
if( !strcmp( "SHA3-224", md_name ) )
return mbedtls_md_info_from_type( MBEDTLS_MD_SHA3_224 );
if( !strcmp( "SHA3-256", md_name ) )
return mbedtls_md_info_from_type( MBEDTLS_MD_SHA3_256 );
if( !strcmp( "SHA3-384", md_name ) )
return mbedtls_md_info_from_type( MBEDTLS_MD_SHA3_384 );
if( !strcmp( "SHA3-512", md_name ) )
return mbedtls_md_info_from_type( MBEDTLS_MD_SHA3_512 );
#endif #endif
return( NULL ); return( NULL );
} }
@ -221,6 +269,16 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_SHA512_C)
case MBEDTLS_MD_SHA512: case MBEDTLS_MD_SHA512:
return( &mbedtls_sha512_info ); return( &mbedtls_sha512_info );
#endif
#if defined(MBEDTLS_SHA3_C)
case MBEDTLS_MD_SHA3_224:
return( &mbedtls_sha3_224_info );
case MBEDTLS_MD_SHA3_256:
return( &mbedtls_sha3_256_info );
case MBEDTLS_MD_SHA3_384:
return( &mbedtls_sha3_384_info );
case MBEDTLS_MD_SHA3_512:
return( &mbedtls_sha3_512_info );
#endif #endif
default: default:
return( NULL ); return( NULL );
@ -284,6 +342,14 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx )
case MBEDTLS_MD_SHA512: case MBEDTLS_MD_SHA512:
mbedtls_sha512_free( ctx->md_ctx ); mbedtls_sha512_free( ctx->md_ctx );
break; break;
#endif
#if defined(MBEDTLS_SHA3_C)
case MBEDTLS_MD_SHA3_224:
case MBEDTLS_MD_SHA3_256:
case MBEDTLS_MD_SHA3_384:
case MBEDTLS_MD_SHA3_512:
mbedtls_sha3_free( ctx->md_ctx );
break;
#endif #endif
default: default:
/* Shouldn't happen */ /* Shouldn't happen */
@ -348,6 +414,14 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst,
case MBEDTLS_MD_SHA512: case MBEDTLS_MD_SHA512:
mbedtls_sha512_clone( dst->md_ctx, src->md_ctx ); mbedtls_sha512_clone( dst->md_ctx, src->md_ctx );
break; break;
#endif
#if defined(MBEDTLS_SHA3_C)
case MBEDTLS_MD_SHA3_224:
case MBEDTLS_MD_SHA3_256:
case MBEDTLS_MD_SHA3_384:
case MBEDTLS_MD_SHA3_512:
mbedtls_sha3_clone( dst->md_ctx, src->md_ctx );
break;
#endif #endif
default: default:
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@ -410,6 +484,14 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf
case MBEDTLS_MD_SHA512: case MBEDTLS_MD_SHA512:
ALLOC( sha512 ); ALLOC( sha512 );
break; break;
#endif
#if defined(MBEDTLS_SHA3_C)
case MBEDTLS_MD_SHA3_224:
case MBEDTLS_MD_SHA3_256:
case MBEDTLS_MD_SHA3_384:
case MBEDTLS_MD_SHA3_512:
ALLOC( sha3 );
break;
#endif #endif
default: default:
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@ -463,6 +545,16 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx )
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_SHA512_C)
case MBEDTLS_MD_SHA512: case MBEDTLS_MD_SHA512:
return( mbedtls_sha512_starts( ctx->md_ctx, 0 ) ); return( mbedtls_sha512_starts( ctx->md_ctx, 0 ) );
#endif
#if defined(MBEDTLS_SHA3_C)
case MBEDTLS_MD_SHA3_224:
return( mbedtls_sha3_starts( ctx->md_ctx, MBEDTLS_SHA3_224 ) );
case MBEDTLS_MD_SHA3_256:
return( mbedtls_sha3_starts( ctx->md_ctx, MBEDTLS_SHA3_256 ) );
case MBEDTLS_MD_SHA3_384:
return( mbedtls_sha3_starts( ctx->md_ctx, MBEDTLS_SHA3_384 ) );
case MBEDTLS_MD_SHA3_512:
return( mbedtls_sha3_starts( ctx->md_ctx, MBEDTLS_SHA3_512 ) );
#endif #endif
default: default:
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@ -503,6 +595,13 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_SHA512_C)
case MBEDTLS_MD_SHA512: case MBEDTLS_MD_SHA512:
return( mbedtls_sha512_update( ctx->md_ctx, input, ilen ) ); return( mbedtls_sha512_update( ctx->md_ctx, input, ilen ) );
#endif
#if defined(MBEDTLS_SHA3_C)
case MBEDTLS_MD_SHA3_224:
case MBEDTLS_MD_SHA3_256:
case MBEDTLS_MD_SHA3_384:
case MBEDTLS_MD_SHA3_512:
return( mbedtls_sha3_update( ctx->md_ctx, input, ilen ) );
#endif #endif
default: default:
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@ -543,6 +642,13 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_SHA512_C)
case MBEDTLS_MD_SHA512: case MBEDTLS_MD_SHA512:
return( mbedtls_sha512_finish( ctx->md_ctx, output ) ); return( mbedtls_sha512_finish( ctx->md_ctx, output ) );
#endif
#if defined(MBEDTLS_SHA3_C)
case MBEDTLS_MD_SHA3_224:
case MBEDTLS_MD_SHA3_256:
case MBEDTLS_MD_SHA3_384:
case MBEDTLS_MD_SHA3_512:
return( mbedtls_sha3_finish( ctx->md_ctx, output, ctx->md_info->size ) );
#endif #endif
default: default:
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@ -584,6 +690,16 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_SHA512_C)
case MBEDTLS_MD_SHA512: case MBEDTLS_MD_SHA512:
return( mbedtls_sha512( input, ilen, output, 0 ) ); return( mbedtls_sha512( input, ilen, output, 0 ) );
#endif
#if defined(MBEDTLS_SHA3_C)
case MBEDTLS_MD_SHA3_224:
return( mbedtls_sha3( MBEDTLS_SHA3_224, input, ilen, output, md_info->size ) );
case MBEDTLS_MD_SHA3_256:
return( mbedtls_sha3( MBEDTLS_SHA3_256, input, ilen, output, md_info->size ) );
case MBEDTLS_MD_SHA3_384:
return( mbedtls_sha3( MBEDTLS_SHA3_384, input, ilen, output, md_info->size ) );
case MBEDTLS_MD_SHA3_512:
return( mbedtls_sha3( MBEDTLS_SHA3_512, input, ilen, output, md_info->size ) );
#endif #endif
default: default:
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@ -788,6 +904,15 @@ int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_SHA512_C)
case MBEDTLS_MD_SHA512: case MBEDTLS_MD_SHA512:
return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) ); return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) );
#endif
#if defined(MBEDTLS_SHA3_C)
/* mbedtls_md_process() is used for test suite. Since, sha3.c does not
implement mbedtls_sha3_process(), we silently return 0 */
case MBEDTLS_MD_SHA3_224:
case MBEDTLS_MD_SHA3_256:
case MBEDTLS_MD_SHA3_384:
case MBEDTLS_MD_SHA3_512:
return( 0 );
#endif #endif
default: default:
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );

6
library/md_wrap.h
View File

@ -74,6 +74,12 @@ extern const mbedtls_md_info_t mbedtls_sha384_info;
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_SHA512_C)
extern const mbedtls_md_info_t mbedtls_sha512_info; extern const mbedtls_md_info_t mbedtls_sha512_info;
#endif #endif
#if defined(MBEDTLS_SHA3_C)
extern const mbedtls_md_info_t mbedtls_sha3_224_info;
extern const mbedtls_md_info_t mbedtls_sha3_256_info;
extern const mbedtls_md_info_t mbedtls_sha3_384_info;
extern const mbedtls_md_info_t mbedtls_sha3_512_info;
#endif
#ifdef __cplusplus #ifdef __cplusplus
} }