19 #include "keccak-tiny/keccak-tiny.h"
28 DISABLE_GCC_WARNING(
"-Wredundant-decls")
30 #include <openssl/hmac.h>
31 #include <openssl/sha.h>
33 ENABLE_GCC_WARNING(
"-Wredundant-decls")
46 if (SHA1((
const unsigned char*)m,len,(
unsigned char*)digest) == NULL) {
61 tor_assert(algorithm == DIGEST_SHA256 || algorithm == DIGEST_SHA3_256);
64 if (algorithm == DIGEST_SHA256) {
65 ret = (SHA256((
const uint8_t*)m,len,(uint8_t*)digest) != NULL);
67 #ifdef OPENSSL_HAS_SHA3
69 ret = EVP_Digest(m, len, (uint8_t*)digest, &dlen, EVP_sha3_256(), NULL);
71 ret = (sha3_256((uint8_t *)digest,
DIGEST256_LEN,(
const uint8_t *)m, len)
90 tor_assert(algorithm == DIGEST_SHA512 || algorithm == DIGEST_SHA3_512);
93 if (algorithm == DIGEST_SHA512) {
94 ret = (SHA512((
const unsigned char*)m,len,(
unsigned char*)digest)
97 #ifdef OPENSSL_HAS_SHA3
99 ret = EVP_Digest(m, len, (uint8_t*)digest, &dlen, EVP_sha3_512(), NULL);
101 ret = (sha3_512((uint8_t*)digest,
DIGEST512_LEN, (
const uint8_t*)m, len)
122 #ifdef OPENSSL_HAS_SHA3
130 #ifdef TOR_UNIT_TESTS
151 #define STRUCT_FIELD_SIZE(st, f) (sizeof( ((st*)0)->f ))
153 #define END_OF_FIELD(f) (offsetof(crypto_digest_t, f) + \
154 STRUCT_FIELD_SIZE(crypto_digest_t, f))
157 return END_OF_FIELD(d.sha1);
159 return END_OF_FIELD(d.sha2);
161 return END_OF_FIELD(d.sha512);
162 #ifdef OPENSSL_HAS_SHA3
163 case DIGEST_SHA3_256: FALLTHROUGH;
164 case DIGEST_SHA3_512:
165 return END_OF_FIELD(d.md);
167 case DIGEST_SHA3_256: FALLTHROUGH;
168 case DIGEST_SHA3_512:
169 return END_OF_FIELD(d.sha3);
176 #undef STRUCT_FIELD_SIZE
192 SHA1_Init(&r->
d.
sha1);
195 SHA256_Init(&r->
d.
sha2);
200 #ifdef OPENSSL_HAS_SHA3
201 case DIGEST_SHA3_256:
202 r->
d.md = EVP_MD_CTX_new();
203 if (!EVP_DigestInit(r->
d.md, EVP_sha3_256())) {
208 case DIGEST_SHA3_512:
209 r->
d.md = EVP_MD_CTX_new();
210 if (!EVP_DigestInit(r->
d.md, EVP_sha3_512())) {
216 case DIGEST_SHA3_256:
217 keccak_digest_init(&r->
d.
sha3, 256);
219 case DIGEST_SHA3_512:
220 keccak_digest_init(&r->
d.
sha3, 512);
224 tor_assert_unreached();
247 tor_assert(algorithm == DIGEST_SHA256 || algorithm == DIGEST_SHA3_256);
256 tor_assert(algorithm == DIGEST_SHA512 || algorithm == DIGEST_SHA3_512);
267 #ifdef OPENSSL_HAS_SHA3
268 if (digest->
algorithm == DIGEST_SHA3_256 ||
271 EVP_MD_CTX_free(digest->
d.md);
298 SHA1_Update(&digest->
d.
sha1, (
void*)data, len);
301 SHA256_Update(&digest->
d.
sha2, (
void*)data, len);
304 SHA512_Update(&digest->
d.
sha512, (
void*)data, len);
306 #ifdef OPENSSL_HAS_SHA3
307 case DIGEST_SHA3_256: FALLTHROUGH;
308 case DIGEST_SHA3_512: {
309 int r = EVP_DigestUpdate(digest->
d.md, data, len);
314 case DIGEST_SHA3_256: FALLTHROUGH;
315 case DIGEST_SHA3_512:
316 keccak_digest_update(&digest->
d.
sha3, (
const uint8_t *)data, len);
336 char *out,
size_t out_len)
345 if (digest->
algorithm == DIGEST_SHA3_256 ||
347 #ifdef OPENSSL_HAS_SHA3
348 unsigned dlen = (unsigned)
350 EVP_MD_CTX *tmp = EVP_MD_CTX_new();
351 EVP_MD_CTX_copy(tmp, digest->
d.md);
352 memset(r, 0xff,
sizeof(r));
353 int res = EVP_DigestFinal(tmp, r, &dlen);
354 EVP_MD_CTX_free(tmp);
360 keccak_digest_sum(&digest->
d.
sha3, (uint8_t *)out, out_len);
368 memcpy(&tmpenv, digest, alloc_bytes);
371 SHA1_Final(r, &tmpenv.
d.
sha1);
374 SHA256_Final(r, &tmpenv.
d.
sha2);
377 SHA512_Final(r, &tmpenv.
d.
sha512);
380 case DIGEST_SHA3_256: FALLTHROUGH;
381 case DIGEST_SHA3_512:
383 log_warn(
LD_BUG,
"Handling unexpected algorithm %d", digest->
algorithm);
385 tor_assert_unreached();
389 #ifdef OPENSSL_HAS_SHA3
392 memcpy(out, r, out_len);
409 #ifdef OPENSSL_HAS_SHA3
410 if (digest->
algorithm == DIGEST_SHA3_256 ||
412 result->
d.md = EVP_MD_CTX_new();
413 EVP_MD_CTX_copy(result->
d.md, digest->
d.md);
428 memcpy(checkpoint->
mem, digest, bytes);
439 memcpy(digest, checkpoint->
mem, bytes);
455 #ifdef OPENSSL_HAS_SHA3
456 if (from->
algorithm == DIGEST_SHA3_256 ||
458 EVP_MD_CTX_copy(into->
d.md, from->
d.md);
463 memcpy(into,from,alloc_bytes);
510 const char *key,
size_t key_len,
511 const char *msg,
size_t msg_len)
517 unsigned char *rv = NULL;
518 rv = HMAC(EVP_sha256(), key, (
int)key_len, (
unsigned char*)msg, (
int)msg_len,
519 (
unsigned char*)hmac_out, NULL);
Inline functions for reading and writing multibyte values from the middle of strings,...
size_t crypto_digest_algorithm_get_length(digest_algorithm_t alg)
Headers for crypto_digest.c.
#define crypto_digest_free(d)
void crypto_digest_checkpoint(crypto_digest_checkpoint_t *checkpoint, const crypto_digest_t *digest)
int crypto_digest512(char *digest, const char *m, size_t len, digest_algorithm_t algorithm)
static crypto_digest_t * crypto_digest_new_internal(digest_algorithm_t algorithm)
int crypto_digest256(char *digest, const char *m, size_t len, digest_algorithm_t algorithm)
void crypto_hmac_sha256(char *hmac_out, const char *key, size_t key_len, const char *msg, size_t msg_len)
void crypto_digest_restore(crypto_digest_t *digest, const crypto_digest_checkpoint_t *checkpoint)
void crypto_digest_get_digest(crypto_digest_t *digest, char *out, size_t out_len)
void crypto_digest_assign(crypto_digest_t *into, const crypto_digest_t *from)
void crypto_digest_smartlist(char *digest_out, size_t len_out, const smartlist_t *lst, const char *append, digest_algorithm_t alg)
crypto_digest_t * crypto_digest256_new(digest_algorithm_t algorithm)
static size_t crypto_digest_alloc_bytes(digest_algorithm_t alg)
crypto_digest_t * crypto_digest_dup(const crypto_digest_t *digest)
int crypto_digest(char *digest, const char *m, size_t len)
crypto_digest_t * crypto_digest_new(void)
void crypto_digest_free_(crypto_digest_t *digest)
void crypto_digest_add_bytes(crypto_digest_t *digest, const char *data, size_t len)
void crypto_digest_smartlist_prefix(char *digest_out, size_t len_out, const char *prepend, const smartlist_t *lst, const char *append, digest_algorithm_t alg)
crypto_digest_t * crypto_digest512_new(digest_algorithm_t algorithm)
Headers for crypto_openssl_mgt.c.
void memwipe(void *mem, uint8_t byte, size_t sz)
Common functions for cryptographic routines.
#define SMARTLIST_FOREACH(sl, type, var, cmd)
uint8_t mem[DIGEST_CHECKPOINT_BYTES]
digest_algorithm_t algorithm
union crypto_digest_t::@24 d
#define MOCK_IMPL(rv, funcname, arglist)
Macros to manage assertions, fatal and non-fatal.
#define tor_fragile_assert()