Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Blame
Revision Log

sha.c@ 464

Last change on this file since 464 was 464, checked in by coas-nagasima, 3 years ago
WolfSSLとAzure IoT SDKを更新
Property svn:eol-style set to `native` Property svn:mime-type set to `text/x-csrc;charset=UTF-8`
File size: 24.8 KB

Line
1	/* sha.c
2	*
3	* Copyright (C) 2006-2020 wolfSSL Inc.
4	*
5	* This file is part of wolfSSL.
6	*
7	* wolfSSL is free software; you can redistribute it and/or modify
8	* it under the terms of the GNU General Public License as published by
9	* the Free Software Foundation; either version 2 of the License, or
10	* (at your option) any later version.
11	*
12	* wolfSSL is distributed in the hope that it will be useful,
13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15	* GNU General Public License for more details.
16	*
17	* You should have received a copy of the GNU General Public License
18	* along with this program; if not, write to the Free Software
19	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20	*/
21
22
23	#ifdef HAVE_CONFIG_H
24	#include <config.h>
25	#endif
26
27	#include <wolfssl/wolfcrypt/settings.h>
28
29	#if !defined(NO_SHA)
30
31	#if defined(HAVE_FIPS) && \
32	defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
33
34	/* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
35	#define FIPS_NO_WRAPPERS
36
37	#ifdef USE_WINDOWS_API
38	#pragma code_seg(".fipsA$j")
39	#pragma const_seg(".fipsB$j")
40	#endif
41	#endif
42
43	#include <wolfssl/wolfcrypt/sha.h>
44	#include <wolfssl/wolfcrypt/error-crypt.h>
45	#include <wolfssl/wolfcrypt/hash.h>
46
47	#ifdef WOLF_CRYPTO_CB
48	#include <wolfssl/wolfcrypt/cryptocb.h>
49	#endif
50
51	/* fips wrapper calls, user can call direct */
52	#if defined(HAVE_FIPS) && \
53	(!defined(HAVE_FIPS_VERSION) \|\| (HAVE_FIPS_VERSION < 2))
54
55	int wc_InitSha(wc_Sha* sha)
56	{
57	if (sha == NULL) {
58	return BAD_FUNC_ARG;
59	}
60	return InitSha_fips(sha);
61	}
62	int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
63	{
64	(void)heap;
65	(void)devId;
66	if (sha == NULL) {
67	return BAD_FUNC_ARG;
68	}
69	return InitSha_fips(sha);
70	}
71
72	int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
73	{
74	if (sha == NULL \|\| (data == NULL && len > 0)) {
75	return BAD_FUNC_ARG;
76	}
77	return ShaUpdate_fips(sha, data, len);
78	}
79
80	int wc_ShaFinal(wc_Sha* sha, byte* out)
81	{
82	if (sha == NULL \|\| out == NULL) {
83	return BAD_FUNC_ARG;
84	}
85	return ShaFinal_fips(sha,out);
86	}
87	void wc_ShaFree(wc_Sha* sha)
88	{
89	(void)sha;
90	/* Not supported in FIPS */
91	}
92
93	#else /* else build without fips, or for FIPS v2 */
94
95
96	#if defined(WOLFSSL_TI_HASH)
97	/* #include <wolfcrypt/src/port/ti/ti-hash.c> included by wc_port.c */
98
99	#else
100
101	#include <wolfssl/wolfcrypt/logging.h>
102	#ifdef NO_INLINE
103	#include <wolfssl/wolfcrypt/misc.h>
104	#else
105	#define WOLFSSL_MISC_INCLUDED
106	#include <wolfcrypt/src/misc.c>
107	#endif
108
109
110	/* Hardware Acceleration */
111	#if defined(WOLFSSL_PIC32MZ_HASH)
112	#include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
113
114	#elif defined(STM32_HASH)
115
116	/* Supports CubeMX HAL or Standard Peripheral Library */
117	int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
118	{
119	if (sha == NULL) {
120	return BAD_FUNC_ARG;
121	}
122
123	(void)devId;
124	(void)heap;
125
126	wc_Stm32_Hash_Init(&sha->stmCtx);
127
128	return 0;
129	}
130
131	int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
132	{
133	int ret;
134
135	if (sha == NULL \|\| (data == NULL && len > 0)) {
136	return BAD_FUNC_ARG;
137	}
138
139	ret = wolfSSL_CryptHwMutexLock();
140	if (ret == 0) {
141	ret = wc_Stm32_Hash_Update(&sha->stmCtx, HASH_AlgoSelection_SHA1,
142	data, len);
143	wolfSSL_CryptHwMutexUnLock();
144	}
145	return ret;
146	}
147
148	int wc_ShaFinal(wc_Sha* sha, byte* hash)
149	{
150	int ret;
151
152	if (sha == NULL \|\| hash == NULL) {
153	return BAD_FUNC_ARG;
154	}
155
156	ret = wolfSSL_CryptHwMutexLock();
157	if (ret == 0) {
158	ret = wc_Stm32_Hash_Final(&sha->stmCtx, HASH_AlgoSelection_SHA1,
159	hash, WC_SHA_DIGEST_SIZE);
160	wolfSSL_CryptHwMutexUnLock();
161	}
162
163	(void)wc_InitSha(sha); /* reset state */
164
165	return ret;
166	}
167
168
169	#elif defined(FREESCALE_LTC_SHA)
170
171	#include "fsl_ltc.h"
172	int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
173	{
174	if (sha == NULL) {
175	return BAD_FUNC_ARG;
176	}
177
178	(void)devId;
179	(void)heap;
180
181	LTC_HASH_Init(LTC_BASE, &sha->ctx, kLTC_Sha1, NULL, 0);
182	return 0;
183	}
184
185	int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
186	{
187	LTC_HASH_Update(&sha->ctx, data, len);
188	return 0;
189	}
190
191	int wc_ShaFinal(wc_Sha* sha, byte* hash)
192	{
193	word32 hashlen = WC_SHA_DIGEST_SIZE;
194	LTC_HASH_Finish(&sha->ctx, hash, &hashlen);
195	return wc_InitSha(sha); /* reset state */
196	}
197
198
199	#elif defined(FREESCALE_MMCAU_SHA)
200
201	#ifdef FREESCALE_MMCAU_CLASSIC_SHA
202	#include "cau_api.h"
203	#else
204	#include "fsl_mmcau.h"
205	#endif
206
207	#define USE_SHA_SOFTWARE_IMPL /* Only for API's, actual transform is here */
208
209	#define XTRANSFORM(S,B) Transform((S),(B))
210	#define XTRANSFORM_LEN(S,B,L) Transform_Len((S),(B),(L))
211
212	#ifndef WC_HASH_DATA_ALIGNMENT
213	/* these hardware API's require 4 byte (word32) alignment */
214	#define WC_HASH_DATA_ALIGNMENT 4
215	#endif
216
217	static int InitSha(wc_Sha* sha)
218	{
219	int ret = 0;
220	ret = wolfSSL_CryptHwMutexLock();
221	if (ret != 0) {
222	return ret;
223	}
224	#ifdef FREESCALE_MMCAU_CLASSIC_SHA
225	cau_sha1_initialize_output(sha->digest);
226	#else
227	MMCAU_SHA1_InitializeOutput((word32*)sha->digest);
228	#endif
229	wolfSSL_CryptHwMutexUnLock();
230
231	sha->buffLen = 0;
232	sha->loLen = 0;
233	sha->hiLen = 0;
234
235	return ret;
236	}
237
238	static int Transform(wc_Sha* sha, const byte* data)
239	{
240	int ret = wolfSSL_CryptHwMutexLock();
241	if (ret == 0) {
242	#ifdef FREESCALE_MMCAU_CLASSIC_SHA
243	cau_sha1_hash_n((byte*)data, 1, sha->digest);
244	#else
245	MMCAU_SHA1_HashN((byte)data, 1, (word32)sha->digest);
246	#endif
247	wolfSSL_CryptHwMutexUnLock();
248	}
249	return ret;
250	}
251
252	static int Transform_Len(wc_Sha* sha, const byte* data, word32 len)
253	{
254	int ret = wolfSSL_CryptHwMutexLock();
255	if (ret == 0) {
256	#if defined(WC_HASH_DATA_ALIGNMENT) && WC_HASH_DATA_ALIGNMENT > 0
257	if ((size_t)data % WC_HASH_DATA_ALIGNMENT) {
258	/* data pointer is NOT aligned,
259	* so copy and perform one block at a time */
260	byte* local = (byte*)sha->buffer;
261	while (len >= WC_SHA_BLOCK_SIZE) {
262	XMEMCPY(local, data, WC_SHA_BLOCK_SIZE);
263	#ifdef FREESCALE_MMCAU_CLASSIC_SHA
264	cau_sha1_hash_n(local, 1, sha->digest);
265	#else
266	MMCAU_SHA1_HashN(local, 1, sha->digest);
267	#endif
268	data += WC_SHA_BLOCK_SIZE;
269	len -= WC_SHA_BLOCK_SIZE;
270	}
271	}
272	else
273	#endif
274	{
275	#ifdef FREESCALE_MMCAU_CLASSIC_SHA
276	cau_sha1_hash_n((byte*)data, len/WC_SHA_BLOCK_SIZE, sha->digest);
277	#else
278	MMCAU_SHA1_HashN((byte*)data, len/WC_SHA_BLOCK_SIZE,
279	(word32*)sha->digest);
280	#endif
281	}
282	wolfSSL_CryptHwMutexUnLock();
283	}
284	return ret;
285	}
286
287	#elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH)
288	/* wolfcrypt/src/port/caam/caam_sha.c */
289
290	#elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
291	!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
292
293	#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
294
295	#define USE_SHA_SOFTWARE_IMPL
296
297	static int InitSha(wc_Sha* sha)
298	{
299	int ret = 0;
300
301	sha->digest[0] = 0x67452301L;
302	sha->digest[1] = 0xEFCDAB89L;
303	sha->digest[2] = 0x98BADCFEL;
304	sha->digest[3] = 0x10325476L;
305	sha->digest[4] = 0xC3D2E1F0L;
306
307	sha->buffLen = 0;
308	sha->loLen = 0;
309	sha->hiLen = 0;
310
311	/* always start firstblock = 1 when using hw engine */
312	sha->ctx.isfirstblock = 1;
313	sha->ctx.sha_type = SHA1;
314	if(sha->ctx.mode == ESP32_SHA_HW){
315	/* release hw engine */
316	esp_sha_hw_unlock();
317	}
318	/* always set mode as INIT
319	* whether using HW or SW is determined at first call of update()
320	*/
321	sha->ctx.mode = ESP32_SHA_INIT;
322
323	return ret;
324	}
325
326	#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
327	!defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
328
329	/* implemented in wolfcrypt/src/port/Renesas/renesas_tsip_sha.c */
330
331	#elif defined(WOLFSSL_IMXRT_DCP)
332	/* implemented in wolfcrypt/src/port/nxp/dcp_port.c */
333
334	#elif defined(WOLFSSL_SILABS_SE_ACCEL)
335
336	/* implemented in wolfcrypt/src/port/silabs/silabs_hash.c */
337
338	#else
339	/* Software implementation */
340	#define USE_SHA_SOFTWARE_IMPL
341
342	static int InitSha(wc_Sha* sha)
343	{
344	int ret = 0;
345
346	sha->digest[0] = 0x67452301L;
347	sha->digest[1] = 0xEFCDAB89L;
348	sha->digest[2] = 0x98BADCFEL;
349	sha->digest[3] = 0x10325476L;
350	sha->digest[4] = 0xC3D2E1F0L;
351
352	sha->buffLen = 0;
353	sha->loLen = 0;
354	sha->hiLen = 0;
355	#if defined(WOLFSSL_HASH_FLAGS) \|\| defined(WOLF_CRYPTO_CB)
356	sha->flags = 0;
357	#endif
358
359	return ret;
360	}
361	#endif /* End Hardware Acceleration */
362
363	/* Software implementation */
364	#ifdef USE_SHA_SOFTWARE_IMPL
365
366	static WC_INLINE void AddLength(wc_Sha* sha, word32 len)
367	{
368	word32 tmp = sha->loLen;
369	if ((sha->loLen += len) < tmp)
370	sha->hiLen++; /* carry low to high */
371	}
372
373	/* Check if custom wc_Sha transform is used */
374	#ifndef XTRANSFORM
375	#define XTRANSFORM(S,B) Transform((S),(B))
376
377	#define blk0(i) (W[i] = ((word32)&data[i*sizeof(word32)]))
378	#define blk1(i) (W[(i)&15] = \
379	rotlFixed(W[((i)+13)&15]^W[((i)+8)&15]^W[((i)+2)&15]^W[(i)&15],1))
380
381	#define f1(x,y,z) ((z)^((x) &((y)^(z))))
382	#define f2(x,y,z) ((x)^(y)^(z))
383	#define f3(x,y,z) (((x)&(y))\|((z)&((x)\|(y))))
384	#define f4(x,y,z) ((x)^(y)^(z))
385
386	#ifdef WOLFSSL_NUCLEUS_1_2
387	/* nucleus.h also defines R1-R4 */
388	#undef R1
389	#undef R2
390	#undef R3
391	#undef R4
392	#endif
393
394	/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
395	#define R0(v,w,x,y,z,i) (z)+= f1((w),(x),(y)) + blk0((i)) + 0x5A827999+ \
396	rotlFixed((v),5); (w) = rotlFixed((w),30);
397	#define R1(v,w,x,y,z,i) (z)+= f1((w),(x),(y)) + blk1((i)) + 0x5A827999+ \
398	rotlFixed((v),5); (w) = rotlFixed((w),30);
399	#define R2(v,w,x,y,z,i) (z)+= f2((w),(x),(y)) + blk1((i)) + 0x6ED9EBA1+ \
400	rotlFixed((v),5); (w) = rotlFixed((w),30);
401	#define R3(v,w,x,y,z,i) (z)+= f3((w),(x),(y)) + blk1((i)) + 0x8F1BBCDC+ \
402	rotlFixed((v),5); (w) = rotlFixed((w),30);
403	#define R4(v,w,x,y,z,i) (z)+= f4((w),(x),(y)) + blk1((i)) + 0xCA62C1D6+ \
404	rotlFixed((v),5); (w) = rotlFixed((w),30);
405
406	static int Transform(wc_Sha* sha, const byte* data)
407	{
408	word32 W[WC_SHA_BLOCK_SIZE / sizeof(word32)];
409
410	/* Copy context->state[] to working vars */
411	word32 a = sha->digest[0];
412	word32 b = sha->digest[1];
413	word32 c = sha->digest[2];
414	word32 d = sha->digest[3];
415	word32 e = sha->digest[4];
416
417	#ifdef USE_SLOW_SHA
418	word32 t, i;
419
420	for (i = 0; i < 16; i++) {
421	R0(a, b, c, d, e, i);
422	t = e; e = d; d = c; c = b; b = a; a = t;
423	}
424
425	for (; i < 20; i++) {
426	R1(a, b, c, d, e, i);
427	t = e; e = d; d = c; c = b; b = a; a = t;
428	}
429
430	for (; i < 40; i++) {
431	R2(a, b, c, d, e, i);
432	t = e; e = d; d = c; c = b; b = a; a = t;
433	}
434
435	for (; i < 60; i++) {
436	R3(a, b, c, d, e, i);
437	t = e; e = d; d = c; c = b; b = a; a = t;
438	}
439
440	for (; i < 80; i++) {
441	R4(a, b, c, d, e, i);
442	t = e; e = d; d = c; c = b; b = a; a = t;
443	}
444	#else
445	/* nearly 1 K bigger in code size but 25% faster */
446	/* 4 rounds of 20 operations each. Loop unrolled. */
447	R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
448	R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
449	R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
450	R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
451
452	R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
453
454	R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
455	R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
456	R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
457	R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
458	R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
459
460	R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
461	R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
462	R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
463	R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
464	R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
465
466	R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
467	R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
468	R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
469	R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
470	R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
471	#endif
472
473	/* Add the working vars back into digest state[] */
474	sha->digest[0] += a;
475	sha->digest[1] += b;
476	sha->digest[2] += c;
477	sha->digest[3] += d;
478	sha->digest[4] += e;
479
480	(void)data; /* Not used */
481
482	return 0;
483	}
484	#endif /* !USE_CUSTOM_SHA_TRANSFORM */
485
486
487	int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
488	{
489	int ret = 0;
490
491	if (sha == NULL)
492	return BAD_FUNC_ARG;
493
494	sha->heap = heap;
495	#ifdef WOLF_CRYPTO_CB
496	sha->devId = devId;
497	#endif
498
499	#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
500	!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
501	sha->ctx.mode = ESP32_SHA_INIT;
502	sha->ctx.isfirstblock = 1;
503	#endif
504	ret = InitSha(sha);
505	if (ret != 0)
506	return ret;
507
508	#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
509	ret = wolfAsync_DevCtxInit(&sha->asyncDev, WOLFSSL_ASYNC_MARKER_SHA,
510	sha->heap, devId);
511	#else
512	(void)devId;
513	#endif /* WOLFSSL_ASYNC_CRYPT */
514
515	return ret;
516	}
517
518	/* do block size increments/updates */
519	int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
520	{
521	int ret = 0;
522	word32 blocksLen;
523	byte* local;
524
525	if (sha == NULL \|\| (data == NULL && len > 0)) {
526	return BAD_FUNC_ARG;
527	}
528
529	if (data == NULL && len == 0) {
530	/* valid, but do nothing */
531	return 0;
532	}
533
534	#ifdef WOLF_CRYPTO_CB
535	if (sha->devId != INVALID_DEVID) {
536	ret = wc_CryptoCb_ShaHash(sha, data, len, NULL);
537	if (ret != CRYPTOCB_UNAVAILABLE)
538	return ret;
539	ret = 0; /* reset ret */
540	/* fall-through when unavailable */
541	}
542	#endif
543	#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
544	if (sha->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA) {
545	#if defined(HAVE_INTEL_QA)
546	return IntelQaSymSha(&sha->asyncDev, NULL, data, len);
547	#endif
548	}
549	#endif /* WOLFSSL_ASYNC_CRYPT */
550
551	/* check that internal buffLen is valid */
552	if (sha->buffLen >= WC_SHA_BLOCK_SIZE)
553	return BUFFER_E;
554
555	/* add length for final */
556	AddLength(sha, len);
557
558	local = (byte*)sha->buffer;
559
560	/* process any remainder from previous operation */
561	if (sha->buffLen > 0) {
562	blocksLen = min(len, WC_SHA_BLOCK_SIZE - sha->buffLen);
563	XMEMCPY(&local[sha->buffLen], data, blocksLen);
564
565	sha->buffLen += blocksLen;
566	data += blocksLen;
567	len -= blocksLen;
568
569	if (sha->buffLen == WC_SHA_BLOCK_SIZE) {
570	#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
571	ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
572	#endif
573
574	#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
575	!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
576	if (sha->ctx.mode == ESP32_SHA_INIT) {
577	esp_sha_try_hw_lock(&sha->ctx);
578	}
579	if (sha->ctx.mode == ESP32_SHA_SW) {
580	ret = XTRANSFORM(sha, (const byte*)local);
581	} else {
582	esp_sha_process(sha, (const byte*)local);
583	}
584	#else
585	ret = XTRANSFORM(sha, (const byte*)local);
586	#endif
587	if (ret != 0)
588	return ret;
589
590	sha->buffLen = 0;
591	}
592	}
593
594	/* process blocks */
595	#ifdef XTRANSFORM_LEN
596	/* get number of blocks */
597	/* 64-1 = 0x3F (~ Inverted = 0xFFFFFFC0) */
598	/* len (masked by 0xFFFFFFC0) returns block aligned length */
599	blocksLen = len & ~(WC_SHA_BLOCK_SIZE-1);
600	if (blocksLen > 0) {
601	/* Byte reversal performed in function if required. */
602	XTRANSFORM_LEN(sha, data, blocksLen);
603	data += blocksLen;
604	len -= blocksLen;
605	}
606	#else
607	while (len >= WC_SHA_BLOCK_SIZE) {
608	word32* local32 = sha->buffer;
609	/* optimization to avoid memcpy if data pointer is properly aligned */
610	/* Little Endian requires byte swap, so can't use data directly */
611	#if defined(WC_HASH_DATA_ALIGNMENT) && !defined(LITTLE_ENDIAN_ORDER)
612	if (((size_t)data % WC_HASH_DATA_ALIGNMENT) == 0) {
613	local32 = (word32*)data;
614	}
615	else
616	#endif
617	{
618	XMEMCPY(local32, data, WC_SHA_BLOCK_SIZE);
619	}
620
621	data += WC_SHA_BLOCK_SIZE;
622	len -= WC_SHA_BLOCK_SIZE;
623
624	#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
625	ByteReverseWords(local32, local32, WC_SHA_BLOCK_SIZE);
626	#endif
627
628	#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
629	!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
630	if (sha->ctx.mode == ESP32_SHA_INIT){
631	esp_sha_try_hw_lock(&sha->ctx);
632	}
633	if (sha->ctx.mode == ESP32_SHA_SW){
634	ret = XTRANSFORM(sha, (const byte*)local32);
635	} else {
636	esp_sha_process(sha, (const byte*)local32);
637	}
638	#else
639	ret = XTRANSFORM(sha, (const byte*)local32);
640	#endif
641	}
642	#endif /* XTRANSFORM_LEN */
643
644	/* save remainder */
645	if (len > 0) {
646	XMEMCPY(local, data, len);
647	sha->buffLen = len;
648	}
649
650	return ret;
651	}
652
653	int wc_ShaFinalRaw(wc_Sha* sha, byte* hash)
654	{
655	#ifdef LITTLE_ENDIAN_ORDER
656	word32 digest[WC_SHA_DIGEST_SIZE / sizeof(word32)];
657	#endif
658
659	if (sha == NULL \|\| hash == NULL) {
660	return BAD_FUNC_ARG;
661	}
662
663	#ifdef LITTLE_ENDIAN_ORDER
664	ByteReverseWords((word32)digest, (word32)sha->digest, WC_SHA_DIGEST_SIZE);
665	XMEMCPY(hash, digest, WC_SHA_DIGEST_SIZE);
666	#else
667	XMEMCPY(hash, sha->digest, WC_SHA_DIGEST_SIZE);
668	#endif
669
670	return 0;
671	}
672
673	int wc_ShaFinal(wc_Sha* sha, byte* hash)
674	{
675	int ret;
676	byte* local;
677
678	if (sha == NULL \|\| hash == NULL) {
679	return BAD_FUNC_ARG;
680	}
681
682	local = (byte*)sha->buffer;
683
684	#ifdef WOLF_CRYPTO_CB
685	if (sha->devId != INVALID_DEVID) {
686	ret = wc_CryptoCb_ShaHash(sha, NULL, 0, hash);
687	if (ret != CRYPTOCB_UNAVAILABLE)
688	return ret;
689	/* fall-through when unavailable */
690	}
691	#endif
692	#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
693	if (sha->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA) {
694	#if defined(HAVE_INTEL_QA)
695	return IntelQaSymSha(&sha->asyncDev, hash, NULL, WC_SHA_DIGEST_SIZE);
696	#endif
697	}
698	#endif /* WOLFSSL_ASYNC_CRYPT */
699
700	local[sha->buffLen++] = 0x80; /* add 1 */
701
702	/* pad with zeros */
703	if (sha->buffLen > WC_SHA_PAD_SIZE) {
704	XMEMSET(&local[sha->buffLen], 0, WC_SHA_BLOCK_SIZE - sha->buffLen);
705	sha->buffLen += WC_SHA_BLOCK_SIZE - sha->buffLen;
706
707	#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
708	ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
709	#endif
710
711	#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
712	!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
713	if (sha->ctx.mode == ESP32_SHA_INIT) {
714	esp_sha_try_hw_lock(&sha->ctx);
715	}
716	if (sha->ctx.mode == ESP32_SHA_SW) {
717	ret = XTRANSFORM(sha, (const byte*)local);
718	} else {
719	ret = esp_sha_process(sha, (const byte*)local);
720	}
721	#else
722	ret = XTRANSFORM(sha, (const byte*)local);
723	#endif
724	if (ret != 0)
725	return ret;
726
727	sha->buffLen = 0;
728	}
729	XMEMSET(&local[sha->buffLen], 0, WC_SHA_PAD_SIZE - sha->buffLen);
730
731	#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
732	ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
733	#endif
734
735	/* store lengths */
736	/* put lengths in bits */
737	sha->hiLen = (sha->loLen >> (8*sizeof(sha->loLen) - 3)) + (sha->hiLen << 3);
738	sha->loLen = sha->loLen << 3;
739
740	/* ! length ordering dependent on digest endian type ! */
741	XMEMCPY(&local[WC_SHA_PAD_SIZE], &sha->hiLen, sizeof(word32));
742	XMEMCPY(&local[WC_SHA_PAD_SIZE + sizeof(word32)], &sha->loLen, sizeof(word32));
743
744	#if defined(FREESCALE_MMCAU_SHA)
745	/* Kinetis requires only these bytes reversed */
746	ByteReverseWords(&sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)],
747	&sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)],
748	2 * sizeof(word32));
749	#endif
750
751	#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
752	!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
753	if (sha->ctx.mode == ESP32_SHA_INIT) {
754	esp_sha_try_hw_lock(&sha->ctx);
755	}
756	if (sha->ctx.mode == ESP32_SHA_SW) {
757	ret = XTRANSFORM(sha, (const byte*)local);
758	} else {
759	ret = esp_sha_digest_process(sha, 1);
760	}
761	#else
762	ret = XTRANSFORM(sha, (const byte*)local);
763	#endif
764
765	#ifdef LITTLE_ENDIAN_ORDER
766	ByteReverseWords(sha->digest, sha->digest, WC_SHA_DIGEST_SIZE);
767	#endif
768
769	XMEMCPY(hash, sha->digest, WC_SHA_DIGEST_SIZE);
770
771	(void)InitSha(sha); /* reset state */
772
773	return ret;
774	}
775
776	#endif /* USE_SHA_SOFTWARE_IMPL */
777
778
779	int wc_InitSha(wc_Sha* sha)
780	{
781	return wc_InitSha_ex(sha, NULL, INVALID_DEVID);
782	}
783
784	void wc_ShaFree(wc_Sha* sha)
785	{
786	if (sha == NULL)
787	return;
788
789	#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
790	wolfAsync_DevCtxFree(&sha->asyncDev, WOLFSSL_ASYNC_MARKER_SHA);
791	#endif /* WOLFSSL_ASYNC_CRYPT */
792
793	#ifdef WOLFSSL_PIC32MZ_HASH
794	wc_ShaPic32Free(sha);
795	#endif
796	#if (defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
797	!defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH))
798	if (sha->msg != NULL) {
799	XFREE(sha->msg, sha->heap, DYNAMIC_TYPE_TMP_BUFFER);
800	sha->msg = NULL;
801	}
802	#endif
803	#ifdef WOLFSSL_IMXRT_DCP
804	DCPShaFree(sha);
805	#endif
806	}
807
808	#endif /* !WOLFSSL_TI_HASH */
809	#endif /* HAVE_FIPS */
810
811	#ifndef WOLFSSL_TI_HASH
812	#if !defined(WOLFSSL_RENESAS_TSIP_CRYPT) \|\| \
813	defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
814	int wc_ShaGetHash(wc_Sha* sha, byte* hash)
815	{
816	int ret;
817	wc_Sha tmpSha;
818
819	if (sha == NULL \|\| hash == NULL)
820	return BAD_FUNC_ARG;
821
822	#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
823	!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
824	if(sha->ctx.mode == ESP32_SHA_INIT){
825	esp_sha_try_hw_lock(&sha->ctx);
826	}
827	if(sha->ctx.mode != ESP32_SHA_SW)
828	esp_sha_digest_process(sha, 0);
829	#endif
830
831	ret = wc_ShaCopy(sha, &tmpSha);
832	if (ret == 0) {
833	ret = wc_ShaFinal(&tmpSha, hash);
834	#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
835	!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
836	sha->ctx.mode = ESP32_SHA_SW;
837	#endif
838
839
840	}
841	return ret;
842	}
843
844	int wc_ShaCopy(wc_Sha* src, wc_Sha* dst)
845	{
846	int ret = 0;
847
848	if (src == NULL \|\| dst == NULL)
849	return BAD_FUNC_ARG;
850
851	XMEMCPY(dst, src, sizeof(wc_Sha));
852
853	#ifdef WOLFSSL_SILABS_SE_ACCEL
854	dst->silabsCtx.hash_ctx.cmd_ctx = &(dst->silabsCtx.cmd_ctx);
855	dst->silabsCtx.hash_ctx.hash_type_ctx = &(dst->silabsCtx.hash_type_ctx);
856	#endif
857
858	#ifdef WOLFSSL_ASYNC_CRYPT
859	ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
860	#endif
861	#ifdef WOLFSSL_PIC32MZ_HASH
862	ret = wc_Pic32HashCopy(&src->cache, &dst->cache);
863	#endif
864	#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
865	!defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
866	dst->ctx.mode = src->ctx.mode;
867	dst->ctx.isfirstblock = src->ctx.isfirstblock;
868	dst->ctx.sha_type = src->ctx.sha_type;
869	#endif
870	#if defined(WOLFSSL_HASH_FLAGS) \|\| defined(WOLF_CRYPTO_CB)
871	dst->flags \|= WC_HASH_FLAG_ISCOPY;
872	#endif
873	return ret;
874	}
875	#endif /* defined(WOLFSSL_RENESAS_TSIP_CRYPT) ... */
876	#endif /* !WOLFSSL_TI_HASH */
877
878
879	#if defined(WOLFSSL_HASH_FLAGS) \|\| defined(WOLF_CRYPTO_CB)
880	int wc_ShaSetFlags(wc_Sha* sha, word32 flags)
881	{
882	if (sha) {
883	sha->flags = flags;
884	}
885	return 0;
886	}
887	int wc_ShaGetFlags(wc_Sha* sha, word32* flags)
888	{
889	if (sha && flags) {
890	*flags = sha->flags;
891	}
892	return 0;
893	}
894	#endif
895
896	#endif /* !NO_SHA */

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/wolfcrypt/src/sha.c@ 464

Download in other formats: