xref: /linux/include/crypto/sha1.h (revision a032fe30cf09b6723ab61a05aee057311b00f9e1) 
1 /* SPDX-License-Identifier: GPL-2.0 */
2 /*
3  * Common values for SHA-1 algorithms
4  */
5 
6 #ifndef _CRYPTO_SHA1_H
7 #define _CRYPTO_SHA1_H
8 
9 #include <linux/types.h>
10 
11 #define SHA1_DIGEST_SIZE        20
12 #define SHA1_BLOCK_SIZE         64
13 #define SHA1_STATE_SIZE         offsetof(struct sha1_state, buffer)
14 
15 #define SHA1_H0		0x67452301UL
16 #define SHA1_H1		0xefcdab89UL
17 #define SHA1_H2		0x98badcfeUL
18 #define SHA1_H3		0x10325476UL
19 #define SHA1_H4		0xc3d2e1f0UL
20 
21 extern const u8 sha1_zero_message_hash[SHA1_DIGEST_SIZE];
22 
23 struct sha1_state {
24 	u32 state[SHA1_DIGEST_SIZE / 4];
25 	u64 count;
26 	u8 buffer[SHA1_BLOCK_SIZE];
27 };
28 
29 /*
30  * An implementation of SHA-1's compression function.  Don't use in new code!
31  * You shouldn't be using SHA-1, and even if you *have* to use SHA-1, this isn't
32  * the correct way to hash something with SHA-1 (use crypto_shash instead).
33  */
34 #define SHA1_DIGEST_WORDS	(SHA1_DIGEST_SIZE / 4)
35 #define SHA1_WORKSPACE_WORDS	16
36 void sha1_init_raw(__u32 *buf);
37 void sha1_transform(__u32 *digest, const char *data, __u32 *W);
38 
39 /* State for the SHA-1 compression function */
40 struct sha1_block_state {
41 	u32 h[SHA1_DIGEST_SIZE / 4];
42 };
43 
44 /**
45  * struct sha1_ctx - Context for hashing a message with SHA-1
46  * @state: the compression function state
47  * @bytecount: number of bytes processed so far
48  * @buf: partial block buffer; bytecount % SHA1_BLOCK_SIZE bytes are valid
49  */
50 struct sha1_ctx {
51 	struct sha1_block_state state;
52 	u64 bytecount;
53 	u8 buf[SHA1_BLOCK_SIZE];
54 };
55 
56 /**
57  * sha1_init() - Initialize a SHA-1 context for a new message
58  * @ctx: the context to initialize
59  *
60  * If you don't need incremental computation, consider sha1() instead.
61  *
62  * Context: Any context.
63  */
64 void sha1_init(struct sha1_ctx *ctx);
65 
66 /**
67  * sha1_update() - Update a SHA-1 context with message data
68  * @ctx: the context to update; must have been initialized
69  * @data: the message data
70  * @len: the data length in bytes
71  *
72  * This can be called any number of times.
73  *
74  * Context: Any context.
75  */
76 void sha1_update(struct sha1_ctx *ctx, const u8 *data, size_t len);
77 
78 /**
79  * sha1_final() - Finish computing a SHA-1 message digest
80  * @ctx: the context to finalize; must have been initialized
81  * @out: (output) the resulting SHA-1 message digest
82  *
83  * After finishing, this zeroizes @ctx.  So the caller does not need to do it.
84  *
85  * Context: Any context.
86  */
87 void sha1_final(struct sha1_ctx *ctx, u8 out[SHA1_DIGEST_SIZE]);
88 
89 /**
90  * sha1() - Compute SHA-1 message digest in one shot
91  * @data: the message data
92  * @len: the data length in bytes
93  * @out: (output) the resulting SHA-1 message digest
94  *
95  * Context: Any context.
96  */
97 void sha1(const u8 *data, size_t len, u8 out[SHA1_DIGEST_SIZE]);
98 
99 /**
100  * struct hmac_sha1_key - Prepared key for HMAC-SHA1
101  * @istate: private
102  * @ostate: private
103  */
104 struct hmac_sha1_key {
105 	struct sha1_block_state istate;
106 	struct sha1_block_state ostate;
107 };
108 
109 /**
110  * struct hmac_sha1_ctx - Context for computing HMAC-SHA1 of a message
111  * @sha_ctx: private
112  * @ostate: private
113  */
114 struct hmac_sha1_ctx {
115 	struct sha1_ctx sha_ctx;
116 	struct sha1_block_state ostate;
117 };
118 
119 /**
120  * hmac_sha1_preparekey() - Prepare a key for HMAC-SHA1
121  * @key: (output) the key structure to initialize
122  * @raw_key: the raw HMAC-SHA1 key
123  * @raw_key_len: the key length in bytes.  All key lengths are supported.
124  *
125  * Note: the caller is responsible for zeroizing both the struct hmac_sha1_key
126  * and the raw key once they are no longer needed.
127  *
128  * Context: Any context.
129  */
130 void hmac_sha1_preparekey(struct hmac_sha1_key *key,
131 			  const u8 *raw_key, size_t raw_key_len);
132 
133 /**
134  * hmac_sha1_init() - Initialize an HMAC-SHA1 context for a new message
135  * @ctx: (output) the HMAC context to initialize
136  * @key: the prepared HMAC key
137  *
138  * If you don't need incremental computation, consider hmac_sha1() instead.
139  *
140  * Context: Any context.
141  */
142 void hmac_sha1_init(struct hmac_sha1_ctx *ctx, const struct hmac_sha1_key *key);
143 
144 /**
145  * hmac_sha1_init_usingrawkey() - Initialize an HMAC-SHA1 context for a new
146  *				  message, using a raw key
147  * @ctx: (output) the HMAC context to initialize
148  * @raw_key: the raw HMAC-SHA1 key
149  * @raw_key_len: the key length in bytes.  All key lengths are supported.
150  *
151  * If you don't need incremental computation, consider hmac_sha1_usingrawkey()
152  * instead.
153  *
154  * Context: Any context.
155  */
156 void hmac_sha1_init_usingrawkey(struct hmac_sha1_ctx *ctx,
157 				const u8 *raw_key, size_t raw_key_len);
158 
159 /**
160  * hmac_sha1_update() - Update an HMAC-SHA1 context with message data
161  * @ctx: the HMAC context to update; must have been initialized
162  * @data: the message data
163  * @data_len: the data length in bytes
164  *
165  * This can be called any number of times.
166  *
167  * Context: Any context.
168  */
169 static inline void hmac_sha1_update(struct hmac_sha1_ctx *ctx,
170 				    const u8 *data, size_t data_len)
171 {
172 	sha1_update(&ctx->sha_ctx, data, data_len);
173 }
174 
175 /**
176  * hmac_sha1_final() - Finish computing an HMAC-SHA1 value
177  * @ctx: the HMAC context to finalize; must have been initialized
178  * @out: (output) the resulting HMAC-SHA1 value
179  *
180  * After finishing, this zeroizes @ctx.  So the caller does not need to do it.
181  *
182  * Context: Any context.
183  */
184 void hmac_sha1_final(struct hmac_sha1_ctx *ctx, u8 out[SHA1_DIGEST_SIZE]);
185 
186 /**
187  * hmac_sha1() - Compute HMAC-SHA1 in one shot, using a prepared key
188  * @key: the prepared HMAC key
189  * @data: the message data
190  * @data_len: the data length in bytes
191  * @out: (output) the resulting HMAC-SHA1 value
192  *
193  * If you're using the key only once, consider using hmac_sha1_usingrawkey().
194  *
195  * Context: Any context.
196  */
197 void hmac_sha1(const struct hmac_sha1_key *key,
198 	       const u8 *data, size_t data_len, u8 out[SHA1_DIGEST_SIZE]);
199 
200 /**
201  * hmac_sha1_usingrawkey() - Compute HMAC-SHA1 in one shot, using a raw key
202  * @raw_key: the raw HMAC-SHA1 key
203  * @raw_key_len: the key length in bytes.  All key lengths are supported.
204  * @data: the message data
205  * @data_len: the data length in bytes
206  * @out: (output) the resulting HMAC-SHA1 value
207  *
208  * If you're using the key multiple times, prefer to use hmac_sha1_preparekey()
209  * followed by multiple calls to hmac_sha1() instead.
210  *
211  * Context: Any context.
212  */
213 void hmac_sha1_usingrawkey(const u8 *raw_key, size_t raw_key_len,
214 			   const u8 *data, size_t data_len,
215 			   u8 out[SHA1_DIGEST_SIZE]);
216 
217 #endif /* _CRYPTO_SHA1_H */
218