Home Explore Help
Sign In
BlitzNG
/
net.mod
mirror of https://github.com/bmx-ng/net.mod.git
2
0
Fork 0
Files Issues 0 Wiki
Branch: master
Branches Tags
net.mod
/
mbedtls.mod
/
mbedtls
/
library
/
psa_crypto_hash.c

psa_crypto_hash.c 18 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617 
  1. /*
    2. 

  2.  *  PSA hashing layer on top of Mbed TLS software crypto
    3. 

  3.  */
    4. 

  4. /*
    5. 

  5.  *  Copyright The Mbed TLS Contributors
    6. 

  6.  *  SPDX-License-Identifier: Apache-2.0
    7. 

  7.  *
    8. 

  8.  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
    9. 

  9.  *  not use this file except in compliance with the License.
    10. 

  10.  *  You may obtain a copy of the License at
    11. 

  11.  *
    12. 

  12.  *  http://www.apache.org/licenses/LICENSE-2.0
    13. 

  13.  *
    14. 

  14.  *  Unless required by applicable law or agreed to in writing, software
    15. 

  15.  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
    16. 

  16.  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    17. 

  17.  *  See the License for the specific language governing permissions and
    18. 

  18.  *  limitations under the License.
    19. 

  19.  */
    20. 

  20. 

  21. #include "common.h"
    22. 

  22. 

  23. #if defined(MBEDTLS_PSA_CRYPTO_C)
    24. 

  24. 

  25. #include <psa/crypto.h>
    26. 

  26. #include "psa_crypto_core.h"
    27. 

  27. #include "psa_crypto_hash.h"
    28. 

  28. 

  29. #include <mbedtls/error.h>
    30. 

  30. #include <string.h>
    31. 

  31. 

  32. /* Use builtin defines specific to this compilation unit, since the test driver
    33. 

  33.  * relies on the software driver. */
    34. 

  34. #if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \
    35. 

  35.     ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD5) ) )
    36. 

  36. #define BUILTIN_ALG_MD5         1
    37. 

  37. #endif
    38. 

  38. #if( defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \
    39. 

  39.     ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) ) )
    40. 

  40. #define BUILTIN_ALG_RIPEMD160   1
    41. 

  41. #endif
    42. 

  42. #if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \
    43. 

  43.     ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) ) )
    44. 

  44. #define BUILTIN_ALG_SHA_1       1
    45. 

  45. #endif
    46. 

  46. #if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \
    47. 

  47.     ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) ) )
    48. 

  48. #define BUILTIN_ALG_SHA_224     1
    49. 

  49. #endif
    50. 

  50. #if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
    51. 

  51.     ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) ) )
    52. 

  52. #define BUILTIN_ALG_SHA_256     1
    53. 

  53. #endif
    54. 

  54. #if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \
    55. 

  55.     ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) ) )
    56. 

  56. #define BUILTIN_ALG_SHA_384     1
    57. 

  57. #endif
    58. 

  58. #if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
    59. 

  59.     ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) ) )
    60. 

  60. #define BUILTIN_ALG_SHA_512     1
    61. 

  61. #endif
    62. 

  62. 

  63. #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
    64. 

  64.     defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
    65. 

  65.     defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
    66. 

  66.     defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
    67. 

  67. const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg )
    68. 

  68. {
    69. 

  69.     switch( alg )
    70. 

  70.     {
    71. 

  71. #if defined(MBEDTLS_MD5_C)
    72. 

  72.         case PSA_ALG_MD5:
    73. 

  73.             return( &mbedtls_md5_info );
    74. 

  74. #endif
    75. 

  75. #if defined(MBEDTLS_RIPEMD160_C)
    76. 

  76.         case PSA_ALG_RIPEMD160:
    77. 

  77.             return( &mbedtls_ripemd160_info );
    78. 

  78. #endif
    79. 

  79. #if defined(MBEDTLS_SHA1_C)
    80. 

  80.         case PSA_ALG_SHA_1:
    81. 

  81.             return( &mbedtls_sha1_info );
    82. 

  82. #endif
    83. 

  83. #if defined(MBEDTLS_SHA224_C)
    84. 

  84.         case PSA_ALG_SHA_224:
    85. 

  85.             return( &mbedtls_sha224_info );
    86. 

  86. #endif
    87. 

  87. #if defined(MBEDTLS_SHA256_C)
    88. 

  88.         case PSA_ALG_SHA_256:
    89. 

  89.             return( &mbedtls_sha256_info );
    90. 

  90. #endif
    91. 

  91. #if defined(MBEDTLS_SHA384_C)
    92. 

  92.         case PSA_ALG_SHA_384:
    93. 

  93.             return( &mbedtls_sha384_info );
    94. 

  94. #endif
    95. 

  95. #if defined(MBEDTLS_SHA512_C)
    96. 

  96.         case PSA_ALG_SHA_512:
    97. 

  97.             return( &mbedtls_sha512_info );
    98. 

  98. #endif
    99. 

  99.         default:
    100. 

  100.             return( NULL );
    101. 

  101.     }
    102. 

  102. }
    103. 

  103. #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
    104. 

  104.         * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
    105. 

  105.         * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
    106. 

  106.         * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
    107. 

  107. 

  108. /* Implement the PSA driver hash interface on top of mbed TLS if either the
    109. 

  109.  * software driver or the test driver requires it. */
    110. 

  110. #if defined(MBEDTLS_PSA_BUILTIN_HASH) || defined(PSA_CRYPTO_DRIVER_TEST)
    111. 

  111. static psa_status_t hash_abort(
    112. 

  112.     mbedtls_psa_hash_operation_t *operation )
    113. 

  113. {
    114. 

  114.     switch( operation->alg )
    115. 

  115.     {
    116. 

  116.         case 0:
    117. 

  117.             /* The object has (apparently) been initialized but it is not
    118. 

  118.              * in use. It's ok to call abort on such an object, and there's
    119. 

  119.              * nothing to do. */
    120. 

  120.             break;
    121. 

  121. #if defined(BUILTIN_ALG_MD5)
    122. 

  122.         case PSA_ALG_MD5:
    123. 

  123.             mbedtls_md5_free( &operation->ctx.md5 );
    124. 

  124.             break;
    125. 

  125. #endif
    126. 

  126. #if defined(BUILTIN_ALG_RIPEMD160)
    127. 

  127.         case PSA_ALG_RIPEMD160:
    128. 

  128.             mbedtls_ripemd160_free( &operation->ctx.ripemd160 );
    129. 

  129.             break;
    130. 

  130. #endif
    131. 

  131. #if defined(BUILTIN_ALG_SHA_1)
    132. 

  132.         case PSA_ALG_SHA_1:
    133. 

  133.             mbedtls_sha1_free( &operation->ctx.sha1 );
    134. 

  134.             break;
    135. 

  135. #endif
    136. 

  136. #if defined(BUILTIN_ALG_SHA_224)
    137. 

  137.         case PSA_ALG_SHA_224:
    138. 

  138.             mbedtls_sha256_free( &operation->ctx.sha256 );
    139. 

  139.             break;
    140. 

  140. #endif
    141. 

  141. #if defined(BUILTIN_ALG_SHA_256)
    142. 

  142.         case PSA_ALG_SHA_256:
    143. 

  143.             mbedtls_sha256_free( &operation->ctx.sha256 );
    144. 

  144.             break;
    145. 

  145. #endif
    146. 

  146. #if defined(BUILTIN_ALG_SHA_384)
    147. 

  147.         case PSA_ALG_SHA_384:
    148. 

  148.             mbedtls_sha512_free( &operation->ctx.sha512 );
    149. 

  149.             break;
    150. 

  150. #endif
    151. 

  151. #if defined(BUILTIN_ALG_SHA_512)
    152. 

  152.         case PSA_ALG_SHA_512:
    153. 

  153.             mbedtls_sha512_free( &operation->ctx.sha512 );
    154. 

  154.             break;
    155. 

  155. #endif
    156. 

  156.         default:
    157. 

  157.             return( PSA_ERROR_BAD_STATE );
    158. 

  158.     }
    159. 

  159.     operation->alg = 0;
    160. 

  160.     return( PSA_SUCCESS );
    161. 

  161. }
    162. 

  162. 

  163. static psa_status_t hash_setup(
    164. 

  164.     mbedtls_psa_hash_operation_t *operation,
    165. 

  165.     psa_algorithm_t alg )
    166. 

  166. {
    167. 

  167.     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
    168. 

  168. 

  169.     /* A context must be freshly initialized before it can be set up. */
    170. 

  170.     if( operation->alg != 0 )
    171. 

  171.     {
    172. 

  172.         return( PSA_ERROR_BAD_STATE );
    173. 

  173.     }
    174. 

  174. 

  175.     switch( alg )
    176. 

  176.     {
    177. 

  177. #if defined(BUILTIN_ALG_MD5)
    178. 

  178.         case PSA_ALG_MD5:
    179. 

  179.             mbedtls_md5_init( &operation->ctx.md5 );
    180. 

  180.             ret = mbedtls_md5_starts( &operation->ctx.md5 );
    181. 

  181.             break;
    182. 

  182. #endif
    183. 

  183. #if defined(BUILTIN_ALG_RIPEMD160)
    184. 

  184.         case PSA_ALG_RIPEMD160:
    185. 

  185.             mbedtls_ripemd160_init( &operation->ctx.ripemd160 );
    186. 

  186.             ret = mbedtls_ripemd160_starts( &operation->ctx.ripemd160 );
    187. 

  187.             break;
    188. 

  188. #endif
    189. 

  189. #if defined(BUILTIN_ALG_SHA_1)
    190. 

  190.         case PSA_ALG_SHA_1:
    191. 

  191.             mbedtls_sha1_init( &operation->ctx.sha1 );
    192. 

  192.             ret = mbedtls_sha1_starts( &operation->ctx.sha1 );
    193. 

  193.             break;
    194. 

  194. #endif
    195. 

  195. #if defined(BUILTIN_ALG_SHA_224)
    196. 

  196.         case PSA_ALG_SHA_224:
    197. 

  197.             mbedtls_sha256_init( &operation->ctx.sha256 );
    198. 

  198.             ret = mbedtls_sha256_starts( &operation->ctx.sha256, 1 );
    199. 

  199.             break;
    200. 

  200. #endif
    201. 

  201. #if defined(BUILTIN_ALG_SHA_256)
    202. 

  202.         case PSA_ALG_SHA_256:
    203. 

  203.             mbedtls_sha256_init( &operation->ctx.sha256 );
    204. 

  204.             ret = mbedtls_sha256_starts( &operation->ctx.sha256, 0 );
    205. 

  205.             break;
    206. 

  206. #endif
    207. 

  207. #if defined(BUILTIN_ALG_SHA_384)
    208. 

  208.         case PSA_ALG_SHA_384:
    209. 

  209.             mbedtls_sha512_init( &operation->ctx.sha512 );
    210. 

  210.             ret = mbedtls_sha512_starts( &operation->ctx.sha512, 1 );
    211. 

  211.             break;
    212. 

  212. #endif
    213. 

  213. #if defined(BUILTIN_ALG_SHA_512)
    214. 

  214.         case PSA_ALG_SHA_512:
    215. 

  215.             mbedtls_sha512_init( &operation->ctx.sha512 );
    216. 

  216.             ret = mbedtls_sha512_starts( &operation->ctx.sha512, 0 );
    217. 

  217.             break;
    218. 

  218. #endif
    219. 

  219.         default:
    220. 

  220.             return( PSA_ALG_IS_HASH( alg ) ?
    221. 

  221.                     PSA_ERROR_NOT_SUPPORTED :
    222. 

  222.                     PSA_ERROR_INVALID_ARGUMENT );
    223. 

  223.     }
    224. 

  224.     if( ret == 0 )
    225. 

  225.         operation->alg = alg;
    226. 

  226.     else
    227. 

  227.         hash_abort( operation );
    228. 

  228.     return( mbedtls_to_psa_error( ret ) );
    229. 

  229. }
    230. 

  230. 

  231. static psa_status_t hash_clone(
    232. 

  232.     const mbedtls_psa_hash_operation_t *source_operation,
    233. 

  233.     mbedtls_psa_hash_operation_t *target_operation )
    234. 

  234. {
    235. 

  235.     switch( source_operation->alg )
    236. 

  236.     {
    237. 

  237.         case 0:
    238. 

  238.             return( PSA_ERROR_BAD_STATE );
    239. 

  239. #if defined(BUILTIN_ALG_MD5)
    240. 

  240.         case PSA_ALG_MD5:
    241. 

  241.             mbedtls_md5_clone( &target_operation->ctx.md5,
    242. 

  242.                                &source_operation->ctx.md5 );
    243. 

  243.             break;
    244. 

  244. #endif
    245. 

  245. #if defined(BUILTIN_ALG_RIPEMD160)
    246. 

  246.         case PSA_ALG_RIPEMD160:
    247. 

  247.             mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160,
    248. 

  248.                                      &source_operation->ctx.ripemd160 );
    249. 

  249.             break;
    250. 

  250. #endif
    251. 

  251. #if defined(BUILTIN_ALG_SHA_1)
    252. 

  252.         case PSA_ALG_SHA_1:
    253. 

  253.             mbedtls_sha1_clone( &target_operation->ctx.sha1,
    254. 

  254.                                 &source_operation->ctx.sha1 );
    255. 

  255.             break;
    256. 

  256. #endif
    257. 

  257. #if defined(BUILTIN_ALG_SHA_224)
    258. 

  258.         case PSA_ALG_SHA_224:
    259. 

  259.             mbedtls_sha256_clone( &target_operation->ctx.sha256,
    260. 

  260.                                   &source_operation->ctx.sha256 );
    261. 

  261.             break;
    262. 

  262. #endif
    263. 

  263. #if defined(BUILTIN_ALG_SHA_256)
    264. 

  264.         case PSA_ALG_SHA_256:
    265. 

  265.             mbedtls_sha256_clone( &target_operation->ctx.sha256,
    266. 

  266.                                   &source_operation->ctx.sha256 );
    267. 

  267.             break;
    268. 

  268. #endif
    269. 

  269. #if defined(BUILTIN_ALG_SHA_384)
    270. 

  270.         case PSA_ALG_SHA_384:
    271. 

  271.             mbedtls_sha512_clone( &target_operation->ctx.sha512,
    272. 

  272.                                   &source_operation->ctx.sha512 );
    273. 

  273.             break;
    274. 

  274. #endif
    275. 

  275. #if defined(BUILTIN_ALG_SHA_512)
    276. 

  276.         case PSA_ALG_SHA_512:
    277. 

  277.             mbedtls_sha512_clone( &target_operation->ctx.sha512,
    278. 

  278.                                   &source_operation->ctx.sha512 );
    279. 

  279.             break;
    280. 

  280. #endif
    281. 

  281.         default:
    282. 

  282.             (void) source_operation;
    283. 

  283.             (void) target_operation;
    284. 

  284.             return( PSA_ERROR_NOT_SUPPORTED );
    285. 

  285.     }
    286. 

  286. 

  287.     target_operation->alg = source_operation->alg;
    288. 

  288.     return( PSA_SUCCESS );
    289. 

  289. }
    290. 

  290. 

  291. static psa_status_t hash_update(
    292. 

  292.     mbedtls_psa_hash_operation_t *operation,
    293. 

  293.     const uint8_t *input,
    294. 

  294.     size_t input_length )
    295. 

  295. {
    296. 

  296.     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
    297. 

  297. 

  298.     switch( operation->alg )
    299. 

  299.     {
    300. 

  300. #if defined(BUILTIN_ALG_MD5)
    301. 

  301.         case PSA_ALG_MD5:
    302. 

  302.             ret = mbedtls_md5_update( &operation->ctx.md5,
    303. 

  303.                                           input, input_length );
    304. 

  304.             break;
    305. 

  305. #endif
    306. 

  306. #if defined(BUILTIN_ALG_RIPEMD160)
    307. 

  307.         case PSA_ALG_RIPEMD160:
    308. 

  308.             ret = mbedtls_ripemd160_update( &operation->ctx.ripemd160,
    309. 

  309.                                                 input, input_length );
    310. 

  310.             break;
    311. 

  311. #endif
    312. 

  312. #if defined(BUILTIN_ALG_SHA_1)
    313. 

  313.         case PSA_ALG_SHA_1:
    314. 

  314.             ret = mbedtls_sha1_update( &operation->ctx.sha1,
    315. 

  315.                                            input, input_length );
    316. 

  316.             break;
    317. 

  317. #endif
    318. 

  318. #if defined(BUILTIN_ALG_SHA_224)
    319. 

  319.         case PSA_ALG_SHA_224:
    320. 

  320.             ret = mbedtls_sha256_update( &operation->ctx.sha256,
    321. 

  321.                                              input, input_length );
    322. 

  322.             break;
    323. 

  323. #endif
    324. 

  324. #if defined(BUILTIN_ALG_SHA_256)
    325. 

  325.         case PSA_ALG_SHA_256:
    326. 

  326.             ret = mbedtls_sha256_update( &operation->ctx.sha256,
    327. 

  327.                                              input, input_length );
    328. 

  328.             break;
    329. 

  329. #endif
    330. 

  330. #if defined(BUILTIN_ALG_SHA_384)
    331. 

  331.         case PSA_ALG_SHA_384:
    332. 

  332.             ret = mbedtls_sha512_update( &operation->ctx.sha512,
    333. 

  333.                                              input, input_length );
    334. 

  334.             break;
    335. 

  335. #endif
    336. 

  336. #if defined(BUILTIN_ALG_SHA_512)
    337. 

  337.         case PSA_ALG_SHA_512:
    338. 

  338.             ret = mbedtls_sha512_update( &operation->ctx.sha512,
    339. 

  339.                                              input, input_length );
    340. 

  340.             break;
    341. 

  341. #endif
    342. 

  342.         default:
    343. 

  343.             (void) input;
    344. 

  344.             (void) input_length;
    345. 

  345.             return( PSA_ERROR_BAD_STATE );
    346. 

  346.     }
    347. 

  347. 

  348.     return( mbedtls_to_psa_error( ret ) );
    349. 

  349. }
    350. 

  350. 

  351. static psa_status_t hash_finish(
    352. 

  352.     mbedtls_psa_hash_operation_t *operation,
    353. 

  353.     uint8_t *hash,
    354. 

  354.     size_t hash_size,
    355. 

  355.     size_t *hash_length )
    356. 

  356. {
    357. 

  357.     psa_status_t status;
    358. 

  358.     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
    359. 

  359.     size_t actual_hash_length = PSA_HASH_LENGTH( operation->alg );
    360. 

  360. 

  361.     /* Fill the output buffer with something that isn't a valid hash
    362. 

  362.      * (barring an attack on the hash and deliberately-crafted input),
    363. 

  363.      * in case the caller doesn't check the return status properly. */
    364. 

  364.     *hash_length = hash_size;
    365. 

  365.     /* If hash_size is 0 then hash may be NULL and then the
    366. 

  366.      * call to memset would have undefined behavior. */
    367. 

  367.     if( hash_size != 0 )
    368. 

  368.         memset( hash, '!', hash_size );
    369. 

  369. 

  370.     if( hash_size < actual_hash_length )
    371. 

  371.     {
    372. 

  372.         status = PSA_ERROR_BUFFER_TOO_SMALL;
    373. 

  373.         goto exit;
    374. 

  374.     }
    375. 

  375. 

  376.     switch( operation->alg )
    377. 

  377.     {
    378. 

  378. #if defined(BUILTIN_ALG_MD5)
    379. 

  379.         case PSA_ALG_MD5:
    380. 

  380.             ret = mbedtls_md5_finish( &operation->ctx.md5, hash );
    381. 

  381.             break;
    382. 

  382. #endif
    383. 

  383. #if defined(BUILTIN_ALG_RIPEMD160)
    384. 

  384.         case PSA_ALG_RIPEMD160:
    385. 

  385.             ret = mbedtls_ripemd160_finish( &operation->ctx.ripemd160, hash );
    386. 

  386.             break;
    387. 

  387. #endif
    388. 

  388. #if defined(BUILTIN_ALG_SHA_1)
    389. 

  389.         case PSA_ALG_SHA_1:
    390. 

  390.             ret = mbedtls_sha1_finish( &operation->ctx.sha1, hash );
    391. 

  391.             break;
    392. 

  392. #endif
    393. 

  393. #if defined(BUILTIN_ALG_SHA_224)
    394. 

  394.         case PSA_ALG_SHA_224:
    395. 

  395.             ret = mbedtls_sha256_finish( &operation->ctx.sha256, hash );
    396. 

  396.             break;
    397. 

  397. #endif
    398. 

  398. #if defined(BUILTIN_ALG_SHA_256)
    399. 

  399.         case PSA_ALG_SHA_256:
    400. 

  400.             ret = mbedtls_sha256_finish( &operation->ctx.sha256, hash );
    401. 

  401.             break;
    402. 

  402. #endif
    403. 

  403. #if defined(BUILTIN_ALG_SHA_384)
    404. 

  404.         case PSA_ALG_SHA_384:
    405. 

  405.             ret = mbedtls_sha512_finish( &operation->ctx.sha512, hash );
    406. 

  406.             break;
    407. 

  407. #endif
    408. 

  408. #if defined(BUILTIN_ALG_SHA_512)
    409. 

  409.         case PSA_ALG_SHA_512:
    410. 

  410.             ret = mbedtls_sha512_finish( &operation->ctx.sha512, hash );
    411. 

  411.             break;
    412. 

  412. #endif
    413. 

  413.         default:
    414. 

  414.             (void) hash;
    415. 

  415.             return( PSA_ERROR_BAD_STATE );
    416. 

  416.     }
    417. 

  417.     status = mbedtls_to_psa_error( ret );
    418. 

  418. 

  419. exit:
    420. 

  420.     if( status == PSA_SUCCESS )
    421. 

  421.         *hash_length = actual_hash_length;
    422. 

  422.     return( status );
    423. 

  423. }
    424. 

  424. 

  425. static psa_status_t hash_compute(
    426. 

  426.     psa_algorithm_t alg,
    427. 

  427.     const uint8_t *input,
    428. 

  428.     size_t input_length,
    429. 

  429.     uint8_t *hash,
    430. 

  430.     size_t hash_size,
    431. 

  431.     size_t *hash_length)
    432. 

  432. {
    433. 

  433.     mbedtls_psa_hash_operation_t operation = MBEDTLS_PSA_HASH_OPERATION_INIT;
    434. 

  434.     psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
    435. 

  435.     psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
    436. 

  436. 

  437.     *hash_length = hash_size;
    438. 

  438.     status = hash_setup( &operation, alg );
    439. 

  439.     if( status != PSA_SUCCESS )
    440. 

  440.         goto exit;
    441. 

  441.     status = hash_update( &operation, input, input_length );
    442. 

  442.     if( status != PSA_SUCCESS )
    443. 

  443.         goto exit;
    444. 

  444.     status = hash_finish( &operation, hash, hash_size, hash_length );
    445. 

  445.     if( status != PSA_SUCCESS )
    446. 

  446.         goto exit;
    447. 

  447. 

  448. exit:
    449. 

  449.     abort_status = hash_abort( &operation );
    450. 

  450.     if( status == PSA_SUCCESS )
    451. 

  451.         return( abort_status );
    452. 

  452.     else
    453. 

  453.         return( status );
    454. 

  454. 

  455. }
    456. 

  456. #endif /* MBEDTLS_PSA_BUILTIN_HASH || PSA_CRYPTO_DRIVER_TEST */
    457. 

  457. 

  458. #if defined(MBEDTLS_PSA_BUILTIN_HASH)
    459. 

  459. psa_status_t mbedtls_psa_hash_compute(
    460. 

  460.     psa_algorithm_t alg,
    461. 

  461.     const uint8_t *input,
    462. 

  462.     size_t input_length,
    463. 

  463.     uint8_t *hash,
    464. 

  464.     size_t hash_size,
    465. 

  465.     size_t *hash_length)
    466. 

  466. {
    467. 

  467.     return( hash_compute( alg, input, input_length,
    468. 

  468.                           hash, hash_size, hash_length ) );
    469. 

  469. }
    470. 

  470. 

  471. psa_status_t mbedtls_psa_hash_setup(
    472. 

  472.     mbedtls_psa_hash_operation_t *operation,
    473. 

  473.     psa_algorithm_t alg )
    474. 

  474. {
    475. 

  475.     return( hash_setup( operation, alg ) );
    476. 

  476. }
    477. 

  477. 

  478. psa_status_t mbedtls_psa_hash_clone(
    479. 

  479.     const mbedtls_psa_hash_operation_t *source_operation,
    480. 

  480.     mbedtls_psa_hash_operation_t *target_operation )
    481. 

  481. {
    482. 

  482.     return( hash_clone( source_operation, target_operation ) );
    483. 

  483. }
    484. 

  484. 

  485. psa_status_t mbedtls_psa_hash_update(
    486. 

  486.     mbedtls_psa_hash_operation_t *operation,
    487. 

  487.     const uint8_t *input,
    488. 

  488.     size_t input_length )
    489. 

  489. {
    490. 

  490.     return( hash_update( operation, input, input_length ) );
    491. 

  491. }
    492. 

  492. 

  493. psa_status_t mbedtls_psa_hash_finish(
    494. 

  494.     mbedtls_psa_hash_operation_t *operation,
    495. 

  495.     uint8_t *hash,
    496. 

  496.     size_t hash_size,
    497. 

  497.     size_t *hash_length )
    498. 

  498. {
    499. 

  499.     return( hash_finish( operation, hash, hash_size, hash_length ) );
    500. 

  500. }
    501. 

  501. 

  502. psa_status_t mbedtls_psa_hash_abort(
    503. 

  503.     mbedtls_psa_hash_operation_t *operation )
    504. 

  504. {
    505. 

  505.     return( hash_abort( operation ) );
    506. 

  506. }
    507. 

  507. #endif /* MBEDTLS_PSA_BUILTIN_HASH */
    508. 

  508. 

  509.  /*
    510. 

  510.   * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
    511. 

  511.   */
    512. 

  512. #if defined(PSA_CRYPTO_DRIVER_TEST)
    513. 

  513. 

  514. static int is_hash_accelerated( psa_algorithm_t alg )
    515. 

  515. {
    516. 

  516.     switch( alg )
    517. 

  517.     {
    518. 

  518. #if defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
    519. 

  519.         case PSA_ALG_MD5:
    520. 

  520.             return( 1 );
    521. 

  521. #endif
    522. 

  522. #if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
    523. 

  523.         case PSA_ALG_RIPEMD160:
    524. 

  524.             return( 1 );
    525. 

  525. #endif
    526. 

  526. #if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
    527. 

  527.         case PSA_ALG_SHA_1:
    528. 

  528.             return( 1 );
    529. 

  529. #endif
    530. 

  530. #if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
    531. 

  531.         case PSA_ALG_SHA_224:
    532. 

  532.             return( 1 );
    533. 

  533. #endif
    534. 

  534. #if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
    535. 

  535.         case PSA_ALG_SHA_256:
    536. 

  536.             return( 1 );
    537. 

  537. #endif
    538. 

  538. #if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
    539. 

  539.         case PSA_ALG_SHA_384:
    540. 

  540.             return( 1 );
    541. 

  541. #endif
    542. 

  542. #if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
    543. 

  543.         case PSA_ALG_SHA_512:
    544. 

  544.             return( 1 );
    545. 

  545. #endif
    546. 

  546.         default:
    547. 

  547.             return( 0 );
    548. 

  548.     }
    549. 

  549. }
    550. 

  550. 

  551. psa_status_t mbedtls_transparent_test_driver_hash_compute(
    552. 

  552.     psa_algorithm_t alg,
    553. 

  553.     const uint8_t *input,
    554. 

  554.     size_t input_length,
    555. 

  555.     uint8_t *hash,
    556. 

  556.     size_t hash_size,
    557. 

  557.     size_t *hash_length)
    558. 

  558. {
    559. 

  559.     if( is_hash_accelerated( alg ) )
    560. 

  560.         return( hash_compute( alg, input, input_length,
    561. 

  561.                               hash, hash_size, hash_length ) );
    562. 

  562.     else
    563. 

  563.         return( PSA_ERROR_NOT_SUPPORTED );
    564. 

  564. }
    565. 

  565. 

  566. psa_status_t mbedtls_transparent_test_driver_hash_setup(
    567. 

  567.     mbedtls_transparent_test_driver_hash_operation_t *operation,
    568. 

  568.     psa_algorithm_t alg )
    569. 

  569. {
    570. 

  570.     if( is_hash_accelerated( alg ) )
    571. 

  571.         return( hash_setup( operation, alg ) );
    572. 

  572.     else
    573. 

  573.         return( PSA_ERROR_NOT_SUPPORTED );
    574. 

  574. }
    575. 

  575. 

  576. psa_status_t mbedtls_transparent_test_driver_hash_clone(
    577. 

  577.     const mbedtls_transparent_test_driver_hash_operation_t *source_operation,
    578. 

  578.     mbedtls_transparent_test_driver_hash_operation_t *target_operation )
    579. 

  579. {
    580. 

  580.     if( is_hash_accelerated( source_operation->alg ) )
    581. 

  581.         return( hash_clone( source_operation, target_operation ) );
    582. 

  582.     else
    583. 

  583.         return( PSA_ERROR_BAD_STATE );
    584. 

  584. }
    585. 

  585. 

  586. psa_status_t mbedtls_transparent_test_driver_hash_update(
    587. 

  587.     mbedtls_transparent_test_driver_hash_operation_t *operation,
    588. 

  588.     const uint8_t *input,
    589. 

  589.     size_t input_length )
    590. 

  590. {
    591. 

  591.     if( is_hash_accelerated( operation->alg ) )
    592. 

  592.         return( hash_update( operation, input, input_length ) );
    593. 

  593.     else
    594. 

  594.         return( PSA_ERROR_BAD_STATE );
    595. 

  595. }
    596. 

  596. 

  597. psa_status_t mbedtls_transparent_test_driver_hash_finish(
    598. 

  598.     mbedtls_transparent_test_driver_hash_operation_t *operation,
    599. 

  599.     uint8_t *hash,
    600. 

  600.     size_t hash_size,
    601. 

  601.     size_t *hash_length )
    602. 

  602. {
    603. 

  603.     if( is_hash_accelerated( operation->alg ) )
    604. 

  604.         return( hash_finish( operation, hash, hash_size, hash_length ) );
    605. 

  605.     else
    606. 

  606.         return( PSA_ERROR_BAD_STATE );
    607. 

  607. }
    608. 

  608. 

  609. psa_status_t mbedtls_transparent_test_driver_hash_abort(
    610. 

  610.     mbedtls_transparent_test_driver_hash_operation_t *operation )
    611. 

  611. {
    612. 

  612.     return( hash_abort( operation ) );
    613. 

  613. }
    614. 

  614. 

  615. #endif /* PSA_CRYPTO_DRIVER_TEST */
    616. 

  616. 

  617. #endif /* MBEDTLS_PSA_CRYPTO_C */
    618.