xref: /linux/include/crypto/sha1.h (revision 37a93dd5c49b5fda807fd204edf2547c3493319c)
1 /* SPDX-License-Identifier: GPL-2.0 */
2 /*
3  * Common values for SHA-1 algorithms
4  */
5 
6 #ifndef _CRYPTO_SHA1_H
7 #define _CRYPTO_SHA1_H
8 
9 #include <linux/types.h>
10 
11 #define SHA1_DIGEST_SIZE        20
12 #define SHA1_BLOCK_SIZE         64
13 #define SHA1_STATE_SIZE         offsetof(struct sha1_state, buffer)
14 
15 #define SHA1_H0		0x67452301UL
16 #define SHA1_H1		0xefcdab89UL
17 #define SHA1_H2		0x98badcfeUL
18 #define SHA1_H3		0x10325476UL
19 #define SHA1_H4		0xc3d2e1f0UL
20 
21 extern const u8 sha1_zero_message_hash[SHA1_DIGEST_SIZE];
22 
23 struct sha1_state {
24 	u32 state[SHA1_DIGEST_SIZE / 4];
25 	u64 count;
26 	u8 buffer[SHA1_BLOCK_SIZE];
27 };
28 
29 /* State for the SHA-1 compression function */
30 struct sha1_block_state {
31 	u32 h[SHA1_DIGEST_SIZE / 4];
32 };
33 
34 /**
35  * struct sha1_ctx - Context for hashing a message with SHA-1
36  * @state: the compression function state
37  * @bytecount: number of bytes processed so far
38  * @buf: partial block buffer; bytecount % SHA1_BLOCK_SIZE bytes are valid
39  */
40 struct sha1_ctx {
41 	struct sha1_block_state state;
42 	u64 bytecount;
43 	u8 buf[SHA1_BLOCK_SIZE];
44 };
45 
46 /**
47  * sha1_init() - Initialize a SHA-1 context for a new message
48  * @ctx: the context to initialize
49  *
50  * If you don't need incremental computation, consider sha1() instead.
51  *
52  * Context: Any context.
53  */
54 void sha1_init(struct sha1_ctx *ctx);
55 
56 /**
57  * sha1_update() - Update a SHA-1 context with message data
58  * @ctx: the context to update; must have been initialized
59  * @data: the message data
60  * @len: the data length in bytes
61  *
62  * This can be called any number of times.
63  *
64  * Context: Any context.
65  */
66 void sha1_update(struct sha1_ctx *ctx, const u8 *data, size_t len);
67 
68 /**
69  * sha1_final() - Finish computing a SHA-1 message digest
70  * @ctx: the context to finalize; must have been initialized
71  * @out: (output) the resulting SHA-1 message digest
72  *
73  * After finishing, this zeroizes @ctx.  So the caller does not need to do it.
74  *
75  * Context: Any context.
76  */
77 void sha1_final(struct sha1_ctx *ctx, u8 out[at_least SHA1_DIGEST_SIZE]);
78 
79 /**
80  * sha1() - Compute SHA-1 message digest in one shot
81  * @data: the message data
82  * @len: the data length in bytes
83  * @out: (output) the resulting SHA-1 message digest
84  *
85  * Context: Any context.
86  */
87 void sha1(const u8 *data, size_t len, u8 out[at_least SHA1_DIGEST_SIZE]);
88 
89 /**
90  * struct hmac_sha1_key - Prepared key for HMAC-SHA1
91  * @istate: private
92  * @ostate: private
93  */
94 struct hmac_sha1_key {
95 	struct sha1_block_state istate;
96 	struct sha1_block_state ostate;
97 };
98 
99 /**
100  * struct hmac_sha1_ctx - Context for computing HMAC-SHA1 of a message
101  * @sha_ctx: private
102  * @ostate: private
103  */
104 struct hmac_sha1_ctx {
105 	struct sha1_ctx sha_ctx;
106 	struct sha1_block_state ostate;
107 };
108 
109 /**
110  * hmac_sha1_preparekey() - Prepare a key for HMAC-SHA1
111  * @key: (output) the key structure to initialize
112  * @raw_key: the raw HMAC-SHA1 key
113  * @raw_key_len: the key length in bytes.  All key lengths are supported.
114  *
115  * Note: the caller is responsible for zeroizing both the struct hmac_sha1_key
116  * and the raw key once they are no longer needed.
117  *
118  * Context: Any context.
119  */
120 void hmac_sha1_preparekey(struct hmac_sha1_key *key,
121 			  const u8 *raw_key, size_t raw_key_len);
122 
123 /**
124  * hmac_sha1_init() - Initialize an HMAC-SHA1 context for a new message
125  * @ctx: (output) the HMAC context to initialize
126  * @key: the prepared HMAC key
127  *
128  * If you don't need incremental computation, consider hmac_sha1() instead.
129  *
130  * Context: Any context.
131  */
132 void hmac_sha1_init(struct hmac_sha1_ctx *ctx, const struct hmac_sha1_key *key);
133 
134 /**
135  * hmac_sha1_init_usingrawkey() - Initialize an HMAC-SHA1 context for a new
136  *				  message, using a raw key
137  * @ctx: (output) the HMAC context to initialize
138  * @raw_key: the raw HMAC-SHA1 key
139  * @raw_key_len: the key length in bytes.  All key lengths are supported.
140  *
141  * If you don't need incremental computation, consider hmac_sha1_usingrawkey()
142  * instead.
143  *
144  * Context: Any context.
145  */
146 void hmac_sha1_init_usingrawkey(struct hmac_sha1_ctx *ctx,
147 				const u8 *raw_key, size_t raw_key_len);
148 
149 /**
150  * hmac_sha1_update() - Update an HMAC-SHA1 context with message data
151  * @ctx: the HMAC context to update; must have been initialized
152  * @data: the message data
153  * @data_len: the data length in bytes
154  *
155  * This can be called any number of times.
156  *
157  * Context: Any context.
158  */
159 static inline void hmac_sha1_update(struct hmac_sha1_ctx *ctx,
160 				    const u8 *data, size_t data_len)
161 {
162 	sha1_update(&ctx->sha_ctx, data, data_len);
163 }
164 
165 /**
166  * hmac_sha1_final() - Finish computing an HMAC-SHA1 value
167  * @ctx: the HMAC context to finalize; must have been initialized
168  * @out: (output) the resulting HMAC-SHA1 value
169  *
170  * After finishing, this zeroizes @ctx.  So the caller does not need to do it.
171  *
172  * Context: Any context.
173  */
174 void hmac_sha1_final(struct hmac_sha1_ctx *ctx,
175 		     u8 out[at_least SHA1_DIGEST_SIZE]);
176 
177 /**
178  * hmac_sha1() - Compute HMAC-SHA1 in one shot, using a prepared key
179  * @key: the prepared HMAC key
180  * @data: the message data
181  * @data_len: the data length in bytes
182  * @out: (output) the resulting HMAC-SHA1 value
183  *
184  * If you're using the key only once, consider using hmac_sha1_usingrawkey().
185  *
186  * Context: Any context.
187  */
188 void hmac_sha1(const struct hmac_sha1_key *key,
189 	       const u8 *data, size_t data_len,
190 	       u8 out[at_least SHA1_DIGEST_SIZE]);
191 
192 /**
193  * hmac_sha1_usingrawkey() - Compute HMAC-SHA1 in one shot, using a raw key
194  * @raw_key: the raw HMAC-SHA1 key
195  * @raw_key_len: the key length in bytes.  All key lengths are supported.
196  * @data: the message data
197  * @data_len: the data length in bytes
198  * @out: (output) the resulting HMAC-SHA1 value
199  *
200  * If you're using the key multiple times, prefer to use hmac_sha1_preparekey()
201  * followed by multiple calls to hmac_sha1() instead.
202  *
203  * Context: Any context.
204  */
205 void hmac_sha1_usingrawkey(const u8 *raw_key, size_t raw_key_len,
206 			   const u8 *data, size_t data_len,
207 			   u8 out[at_least SHA1_DIGEST_SIZE]);
208 
209 #endif /* _CRYPTO_SHA1_H */
210