Lines Matching +full:multi +full:- +full:function
45 * For each implemented hash function, of name "`xxx`", the following
48 * - `br_xxx_vtable`
52 * - `br_xxx_SIZE`
55 * hash function.
57 * - `br_xxx_ID`
60 * function. Such identifiers are used with HMAC and signature
64 * standard](https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1),
66 * 1 to 6 for MD5, SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512,
69 * - `br_xxx_context`
75 * capture the function state at some point. Computations that use
80 * - `br_xxx_init(br_xxx_context *ctx)`
88 * - `br_xxx_update(br_xxx_context *ctx, const void *data, size_t len)`
93 * - `br_xxx_out(const br_xxx_context *ctx, void *out)`
98 * function can be used to get a "partial hash" while still keeping
101 * - `br_xxx_state(const br_xxx_context *ctx, void *out)`
104 * MD functions (MD5, SHA-1, SHA-2 family), this is the running state
108 * - `br_xxx_set_state(br_xxx_context *ctx, const void *stb, uint64_t count)`
117 * Hash function implementations are purely software and don't reserve
121 * ## Object-Oriented API
123 * For each hash function that follows the procedural API described
124 * above, an object-oriented API is also provided. In that API, function
126 * incarnates object-oriented programming. An introduction on the OOP
134 * - `context_size`
140 * - `desc`
143 * function: symbolic identifier, output size, state size,
146 * Users of this object-oriented API (in particular generic HMAC
149 * - Hash output size is no more than 64 bytes.
150 * - Hash internal state size is no more than 64 bytes.
151 * - Internal block size is a power of two, no less than 16 and no more
159 * | Function | Name | Output length | State length |
160 * | :-------- | :------ | :-----------: | :----------: |
162 * | SHA-1 | sha1 | 20 | 20 |
163 * | SHA-224 | sha224 | 28 | 32 |
164 * | SHA-256 | sha256 | 32 | 32 |
165 * | SHA-384 | sha384 | 48 | 64 |
166 * | SHA-512 | sha512 | 64 | 64 |
167 * | MD5+SHA-1 | md5sha1 | 36 | 36 |
169 * (MD5+SHA-1 is the concatenation of MD5 and SHA-1 computed over the
171 * shared, thus making it more memory-efficient than separate MD5 and
172 * SHA-1. It can be useful in implementing SSL 3.0, TLS 1.0 and TLS
176 * ## Multi-Hasher
183 * hash of an object will be used, but the exact hash function is not
186 * Only the standard hash functions (MD5, SHA-1, SHA-224, SHA-256, SHA-384
187 * and SHA-512) are supported by the multi-hasher.
192 * GHASH is not a generic hash function; it is a _universal_ hash function,
194 * places where a hash function is needed. GHASH is used within the GCM
197 * A GHASH implementation is basically a function that uses the type defined
202 * The `y` pointer refers to a 16-byte value which is used as input, and
203 * receives the output of the GHASH invocation. `h` is a 16-byte secret
206 * Three GHASH implementations are provided, all constant-time, based on
212 * \brief Class type for hash function implementations.
215 * function. Constant instances of this structure are defined for each
216 * implemented hash function. Such instances are also called "vtables".
218 * Vtables are used to support object-oriented programming, as
225 * computing this hash function.
231 * function.
237 * (hf->desc >> BR_HASHDESC_xxx_OFF) & BR_HASHDESC_xxx_MASK
241 * - `ID`: the symbolic identifier for the function, as defined
242 * in [TLS](https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1)
243 * (MD5 = 1, SHA-1 = 2,...).
245 * - `OUT`: hash output size, in bytes.
247 * - `STATE`: internal running state size, in bytes.
249 * - `LBLEN`: base-2 logarithm for the internal block size, as
250 * defined for HMAC processing (this is 6 for MD5, SHA-1, SHA-224
251 * and SHA-256, since these functions use 64-byte blocks; for
252 * SHA-384 and SHA-512, this is 7, corresponding to their
253 * 128-byte blocks).
293 * on the implemented hash function (e.g. 16 bytes for MD5).
307 * hash function; for Merkle-Damgård hash functions (like
308 * MD5 or SHA-1), this is the output obtained after processing
321 * This methods replaces the running state for the function.
357 * -- No interior pointer.
358 * -- No pointer to external dynamically allocated resources.
359 * -- First field is called 'vtable' and is a pointer to a
360 * const-qualified br_hash_class instance (pointer is set by init()).
361 * -- SHA-224 and SHA-256 contexts are identical.
362 * -- SHA-384 and SHA-512 contexts are identical.
364 * Thus, contexts can be moved and cloned to capture the hash function
365 * current state; and there is no need for any explicit "release" function.
387 * function. Other fields are not supposed to be accessed by user code.
404 * This function initialises or resets a context for a new MD5
416 * and may be `NULL`, and this function does nothing.
464 * \brief Symbolic identifier for SHA-1.
469 * \brief SHA-1 output size (in bytes).
474 * \brief Constant vtable for SHA-1.
479 * \brief SHA-1 context.
482 * function. Other fields are not supposed to be accessed by user code.
497 * \brief SHA-1 context initialisation.
499 * This function initialises or resets a context for a new SHA-1
507 * \brief Inject some data bytes in a running SHA-1 computation.
511 * and may be `NULL`, and this function does nothing.
520 * \brief Compute SHA-1 output.
522 * The SHA-1 output for the concatenation of all bytes injected in the
534 * \brief Save SHA-1 running state.
536 * The running state for SHA-1 (output of the last internal block
548 * \brief Restore SHA-1 running state.
550 * The running state for SHA-1 is set to the provided values.
559 * \brief Symbolic identifier for SHA-224.
564 * \brief SHA-224 output size (in bytes).
569 * \brief Constant vtable for SHA-224.
574 * \brief SHA-224 context.
577 * function. Other fields are not supposed to be accessed by user code.
592 * \brief SHA-224 context initialisation.
594 * This function initialises or resets a context for a new SHA-224
602 * \brief Inject some data bytes in a running SHA-224 computation.
606 * and may be `NULL`, and this function does nothing.
615 * \brief Compute SHA-224 output.
617 * The SHA-224 output for the concatenation of all bytes injected in the
629 * \brief Save SHA-224 running state.
631 * The running state for SHA-224 (output of the last internal block
643 * \brief Restore SHA-224 running state.
645 * The running state for SHA-224 is set to the provided values.
655 * \brief Symbolic identifier for SHA-256.
660 * \brief SHA-256 output size (in bytes).
665 * \brief Constant vtable for SHA-256.
671 * \brief SHA-256 context.
674 * function. Other fields are not supposed to be accessed by user code.
687 * \brief SHA-256 context initialisation.
689 * This function initialises or resets a context for a new SHA-256
698 * \brief Inject some data bytes in a running SHA-256 computation.
702 * and may be `NULL`, and this function does nothing.
714 * \brief Compute SHA-256 output.
716 * The SHA-256 output for the concatenation of all bytes injected in the
729 * \brief Save SHA-256 running state.
731 * The running state for SHA-256 (output of the last internal block
747 * \brief Restore SHA-256 running state.
749 * The running state for SHA-256 is set to the provided values.
762 * \brief Symbolic identifier for SHA-384.
767 * \brief SHA-384 output size (in bytes).
772 * \brief Constant vtable for SHA-384.
777 * \brief SHA-384 context.
780 * function. Other fields are not supposed to be accessed by user code.
795 * \brief SHA-384 context initialisation.
797 * This function initialises or resets a context for a new SHA-384
805 * \brief Inject some data bytes in a running SHA-384 computation.
809 * and may be `NULL`, and this function does nothing.
818 * \brief Compute SHA-384 output.
820 * The SHA-384 output for the concatenation of all bytes injected in the
832 * \brief Save SHA-384 running state.
834 * The running state for SHA-384 (output of the last internal block
846 * \brief Restore SHA-384 running state.
848 * The running state for SHA-384 is set to the provided values.
858 * \brief Symbolic identifier for SHA-512.
863 * \brief SHA-512 output size (in bytes).
868 * \brief Constant vtable for SHA-512.
874 * \brief SHA-512 context.
877 * function. Other fields are not supposed to be accessed by user code.
890 * \brief SHA-512 context initialisation.
892 * This function initialises or resets a context for a new SHA-512
901 * \brief Inject some data bytes in a running SHA-512 computation.
905 * and may be `NULL`, and this function does nothing.
917 * \brief Compute SHA-512 output.
919 * The SHA-512 output for the concatenation of all bytes injected in the
932 * \brief Save SHA-512 running state.
934 * The running state for SHA-512 (output of the last internal block
950 * \brief Restore SHA-512 running state.
952 * The running state for SHA-512 is set to the provided values.
965 * "md5sha1" is a special hash function that computes both MD5 and SHA-1
966 * on the same input, and produces a 36-byte output (MD5 and SHA-1
971 * \brief Symbolic identifier for MD5+SHA-1.
973 * MD5+SHA-1 is the concatenation of MD5 and SHA-1, computed over the
980 * \brief MD5+SHA-1 output size (in bytes).
985 * \brief Constant vtable for MD5+SHA-1.
990 * \brief MD5+SHA-1 context.
993 * function. Other fields are not supposed to be accessed by user code.
1009 * \brief MD5+SHA-1 context initialisation.
1011 * This function initialises or resets a context for a new SHA-512
1019 * \brief Inject some data bytes in a running MD5+SHA-1 computation.
1023 * and may be `NULL`, and this function does nothing.
1032 * \brief Compute MD5+SHA-1 output.
1034 * The MD5+SHA-1 output for the concatenation of all bytes injected in the
1046 * \brief Save MD5+SHA-1 running state.
1048 * The running state for MD5+SHA-1 (output of the last internal block
1060 * \brief Restore MD5+SHA-1 running state.
1062 * The running state for MD5+SHA-1 is set to the provided values.
1072 * \brief Aggregate context for configurable hash function support.
1089 * The multi-hasher is a construct that handles hashing of the same input
1091 * It can handle MD5, SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512
1097 * \brief Multi-hasher context structure.
1099 * The multi-hasher runs up to six hash functions in the standard TLS list
1100 * (MD5, SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512) in parallel, over
1103 * The multi-hasher does _not_ follow the OOP structure with a vtable.
1118 * \brief Clear a multi-hasher context.
1123 * \param ctx the multi-hasher context.
1128 * \brief Set a hash function implementation.
1132 * (with `br_multihash_init()`). The hash function implementation
1133 * MUST be one of the standard hash functions (MD5, SHA-1, SHA-224,
1134 * SHA-256, SHA-384 or SHA-512); it may also be `NULL` to remove
1135 * an implementation from the multi-hasher.
1137 * \param ctx the multi-hasher context.
1138 * \param id the hash function symbolic identifier.
1139 * \param impl the hash function vtable, or `NULL`.
1147 * in the MD5 to SHA-512 order. in br_multihash_setimpl()
1149 ctx->impl[id - 1] = impl; in br_multihash_setimpl()
1153 * \brief Get a hash function implementation.
1155 * This function returns the currently configured vtable for a given
1156 * hash function (by symbolic ID). If no such function was configured in
1157 * the provided multi-hasher context, then this function returns `NULL`.
1159 * \param ctx the multi-hasher context.
1160 * \param id the hash function symbolic identifier.
1161 * \return the hash function vtable, or `NULL`.
1166 return ctx->impl[id - 1]; in br_multihash_getimpl()
1170 * \brief Reset a multi-hasher context.
1172 * This function prepares the context for a new hashing computation,
1175 * \param ctx the multi-hasher context.
1180 * \brief Inject some data bytes in a running multi-hashing computation.
1184 * and may be `NULL`, and this function does nothing.
1194 * \brief Compute a hash output from a multi-hasher.
1199 * function to use is identified by `id` and must be one of the standard
1200 * hash functions. If that hash function was indeed configured in the
1201 * multi-hasher context, the corresponding hash value is written in
1202 * `dst` and its length (in bytes) is returned. If the hash function
1210 * \param id the hash function symbolic identifier.
1220 * combination with a block cipher (with 16-byte blocks).
1223 * a complete GHASH run, it starts with an all-zero value. `h` is a 16-byte
1231 * for the ciphertext, respectively; the zero-padding implements exactly
1242 * \brief GHASH implementation using multiplications (mixed 32-bit).
1244 * This implementation uses multiplications of 32-bit values, with a
1245 * 64-bit result. It is constant-time (if multiplications are
1246 * constant-time).
1256 * \brief GHASH implementation using multiplications (strict 32-bit).
1258 * This implementation uses multiplications of 32-bit values, with a
1259 * 32-bit result. It is usually somewhat slower than `br_ghash_ctmul()`,
1261 * 32-bit multiplication opcode does not yield the upper 32 bits of the
1262 * product. It is constant-time (if multiplications are constant-time).
1272 * \brief GHASH implementation using multiplications (64-bit).
1274 * This implementation uses multiplications of 64-bit values, with a
1275 * 64-bit result. It is constant-time (if multiplications are
1276 * constant-time). It is substantially faster than `br_ghash_ctmul()`
1277 * and `br_ghash_ctmul32()` on most 64-bit architectures.
1288 * AES-NI instructions).
1295 * function when supported (or 0 otherwise), use `br_ghash_pclmul_get()`.
1309 * opcode, then this function will return a pointer to the
1310 * `br_ghash_pclmul()` function. Otherwise, it will return `0`.
1320 * To safely obtain a pointer to this function when supported (or 0
1335 * opcode, then this function will return a pointer to the
1336 * `br_ghash_pwr8()` function. Otherwise, it will return `0`.