19 #include "keccak-tiny/keccak-tiny.h"
28 DISABLE_GCC_WARNING(
"-Wredundant-decls")
30 #include <openssl/hmac.h>
31 #include <openssl/sha.h>
33 ENABLE_GCC_WARNING(
"-Wredundant-decls")
46 if (SHA1((
const unsigned char*)m,len,(
unsigned char*)digest) == NULL) {
61 tor_assert(algorithm == DIGEST_SHA256 || algorithm == DIGEST_SHA3_256);
64 if (algorithm == DIGEST_SHA256) {
65 ret = (SHA256((
const uint8_t*)m,len,(uint8_t*)digest) != NULL);
67 #ifdef OPENSSL_HAS_SHA3
69 ret = EVP_Digest(m, len, (uint8_t*)digest, &dlen, EVP_sha3_256(), NULL);
71 ret = (sha3_256((uint8_t *)digest,
DIGEST256_LEN,(
const uint8_t *)m, len)
90 tor_assert(algorithm == DIGEST_SHA512 || algorithm == DIGEST_SHA3_512);
93 if (algorithm == DIGEST_SHA512) {
94 ret = (SHA512((
const unsigned char*)m,len,(
unsigned char*)digest)
97 #ifdef OPENSSL_HAS_SHA3
99 ret = EVP_Digest(m, len, (uint8_t*)digest, &dlen, EVP_sha3_512(), NULL);
101 ret = (sha3_512((uint8_t*)digest,
DIGEST512_LEN, (
const uint8_t*)m, len)
122 #ifdef OPENSSL_HAS_SHA3
130 #ifdef TOR_UNIT_TESTS
151 #define STRUCT_FIELD_SIZE(st, f) (sizeof( ((st*)0)->f ))
153 #define END_OF_FIELD(f) (offsetof(crypto_digest_t, f) + \
154 STRUCT_FIELD_SIZE(crypto_digest_t, f))
157 return END_OF_FIELD(d.sha1);
159 return END_OF_FIELD(d.sha2);
161 return END_OF_FIELD(d.sha512);
162 #ifdef OPENSSL_HAS_SHA3
163 case DIGEST_SHA3_256: FALLTHROUGH;
164 case DIGEST_SHA3_512:
165 return END_OF_FIELD(d.md);
167 case DIGEST_SHA3_256: FALLTHROUGH;
168 case DIGEST_SHA3_512:
169 return END_OF_FIELD(d.sha3);
176 #undef STRUCT_FIELD_SIZE
192 SHA1_Init(&r->
d.
sha1);
195 SHA256_Init(&r->
d.
sha2);
200 #ifdef OPENSSL_HAS_SHA3
201 case DIGEST_SHA3_256:
202 r->
d.md = EVP_MD_CTX_new();
203 if (!EVP_DigestInit(r->
d.md, EVP_sha3_256())) {
208 case DIGEST_SHA3_512:
209 r->
d.md = EVP_MD_CTX_new();
210 if (!EVP_DigestInit(r->
d.md, EVP_sha3_512())) {
216 case DIGEST_SHA3_256:
217 keccak_digest_init(&r->
d.
sha3, 256);
219 case DIGEST_SHA3_512:
220 keccak_digest_init(&r->
d.
sha3, 512);
224 tor_assert_unreached();
247 tor_assert(algorithm == DIGEST_SHA256 || algorithm == DIGEST_SHA3_256);
256 tor_assert(algorithm == DIGEST_SHA512 || algorithm == DIGEST_SHA3_512);
267 #ifdef OPENSSL_HAS_SHA3
268 if (digest->
algorithm == DIGEST_SHA3_256 ||
271 EVP_MD_CTX_free(digest->
d.md);
298 SHA1_Update(&digest->
d.
sha1, (
void*)data, len);
301 SHA256_Update(&digest->
d.
sha2, (
void*)data, len);
304 SHA512_Update(&digest->
d.
sha512, (
void*)data, len);
306 #ifdef OPENSSL_HAS_SHA3
307 case DIGEST_SHA3_256: FALLTHROUGH;
308 case DIGEST_SHA3_512: {
309 int r = EVP_DigestUpdate(digest->
d.md, data, len);
314 case DIGEST_SHA3_256: FALLTHROUGH;
315 case DIGEST_SHA3_512:
316 keccak_digest_update(&digest->
d.
sha3, (
const uint8_t *)data, len);
336 char *out,
size_t out_len)
345 if (digest->
algorithm == DIGEST_SHA3_256 ||
347 #ifdef OPENSSL_HAS_SHA3
348 unsigned dlen = (unsigned)
350 EVP_MD_CTX *tmp = EVP_MD_CTX_new();
351 EVP_MD_CTX_copy(tmp, digest->
d.md);
352 memset(r, 0xff,
sizeof(r));
353 int res = EVP_DigestFinal(tmp, r, &dlen);
354 EVP_MD_CTX_free(tmp);
360 keccak_digest_sum(&digest->
d.
sha3, (uint8_t *)out, out_len);
368 memcpy(&tmpenv, digest, alloc_bytes);
371 SHA1_Final(r, &tmpenv.
d.
sha1);
374 SHA256_Final(r, &tmpenv.
d.
sha2);
377 SHA512_Final(r, &tmpenv.
d.
sha512);
380 case DIGEST_SHA3_256: FALLTHROUGH;
381 case DIGEST_SHA3_512:
383 log_warn(
LD_BUG,
"Handling unexpected algorithm %d", digest->
algorithm);
385 tor_assert_unreached();
389 #ifdef OPENSSL_HAS_SHA3
392 memcpy(out, r, out_len);
409 #ifdef OPENSSL_HAS_SHA3
410 if (digest->
algorithm == DIGEST_SHA3_256 ||
412 result->
d.md = EVP_MD_CTX_new();
413 EVP_MD_CTX_copy(result->
d.md, digest->
d.md);
428 memcpy(checkpoint->
mem, digest, bytes);
439 memcpy(digest, checkpoint->
mem, bytes);
455 #ifdef OPENSSL_HAS_SHA3
456 if (from->
algorithm == DIGEST_SHA3_256 ||
458 EVP_MD_CTX_copy(into->
d.md, from->
d.md);
463 memcpy(into,from,alloc_bytes);
510 const char *key,
size_t key_len,
511 const char *msg,
size_t msg_len)
517 unsigned char *rv = NULL;
518 rv = HMAC(EVP_sha256(), key, (
int)key_len, (
unsigned char*)msg, (
int)msg_len,
519 (
unsigned char*)hmac_out, NULL);