1*62c56f98SSadaf Ebrahimi /*
2*62c56f98SSadaf Ebrahimi * PSA hashing layer on top of Mbed TLS software crypto
3*62c56f98SSadaf Ebrahimi */
4*62c56f98SSadaf Ebrahimi /*
5*62c56f98SSadaf Ebrahimi * Copyright The Mbed TLS Contributors
6*62c56f98SSadaf Ebrahimi * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
7*62c56f98SSadaf Ebrahimi */
8*62c56f98SSadaf Ebrahimi
9*62c56f98SSadaf Ebrahimi #include "common.h"
10*62c56f98SSadaf Ebrahimi
11*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_CRYPTO_C)
12*62c56f98SSadaf Ebrahimi
13*62c56f98SSadaf Ebrahimi #include <psa/crypto.h>
14*62c56f98SSadaf Ebrahimi #include "psa_crypto_core.h"
15*62c56f98SSadaf Ebrahimi #include "psa_crypto_hash.h"
16*62c56f98SSadaf Ebrahimi
17*62c56f98SSadaf Ebrahimi #include <mbedtls/error.h>
18*62c56f98SSadaf Ebrahimi #include <string.h>
19*62c56f98SSadaf Ebrahimi
20*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_HASH)
mbedtls_psa_hash_abort(mbedtls_psa_hash_operation_t * operation)21*62c56f98SSadaf Ebrahimi psa_status_t mbedtls_psa_hash_abort(
22*62c56f98SSadaf Ebrahimi mbedtls_psa_hash_operation_t *operation)
23*62c56f98SSadaf Ebrahimi {
24*62c56f98SSadaf Ebrahimi switch (operation->alg) {
25*62c56f98SSadaf Ebrahimi case 0:
26*62c56f98SSadaf Ebrahimi /* The object has (apparently) been initialized but it is not
27*62c56f98SSadaf Ebrahimi * in use. It's ok to call abort on such an object, and there's
28*62c56f98SSadaf Ebrahimi * nothing to do. */
29*62c56f98SSadaf Ebrahimi break;
30*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
31*62c56f98SSadaf Ebrahimi case PSA_ALG_MD5:
32*62c56f98SSadaf Ebrahimi mbedtls_md5_free(&operation->ctx.md5);
33*62c56f98SSadaf Ebrahimi break;
34*62c56f98SSadaf Ebrahimi #endif
35*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
36*62c56f98SSadaf Ebrahimi case PSA_ALG_RIPEMD160:
37*62c56f98SSadaf Ebrahimi mbedtls_ripemd160_free(&operation->ctx.ripemd160);
38*62c56f98SSadaf Ebrahimi break;
39*62c56f98SSadaf Ebrahimi #endif
40*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
41*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_1:
42*62c56f98SSadaf Ebrahimi mbedtls_sha1_free(&operation->ctx.sha1);
43*62c56f98SSadaf Ebrahimi break;
44*62c56f98SSadaf Ebrahimi #endif
45*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
46*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_224:
47*62c56f98SSadaf Ebrahimi mbedtls_sha256_free(&operation->ctx.sha256);
48*62c56f98SSadaf Ebrahimi break;
49*62c56f98SSadaf Ebrahimi #endif
50*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
51*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_256:
52*62c56f98SSadaf Ebrahimi mbedtls_sha256_free(&operation->ctx.sha256);
53*62c56f98SSadaf Ebrahimi break;
54*62c56f98SSadaf Ebrahimi #endif
55*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
56*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_384:
57*62c56f98SSadaf Ebrahimi mbedtls_sha512_free(&operation->ctx.sha512);
58*62c56f98SSadaf Ebrahimi break;
59*62c56f98SSadaf Ebrahimi #endif
60*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
61*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_512:
62*62c56f98SSadaf Ebrahimi mbedtls_sha512_free(&operation->ctx.sha512);
63*62c56f98SSadaf Ebrahimi break;
64*62c56f98SSadaf Ebrahimi #endif
65*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224)
66*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_224:
67*62c56f98SSadaf Ebrahimi #endif
68*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256)
69*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_256:
70*62c56f98SSadaf Ebrahimi #endif
71*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384)
72*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_384:
73*62c56f98SSadaf Ebrahimi #endif
74*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
75*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_512:
76*62c56f98SSadaf Ebrahimi #endif
77*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
78*62c56f98SSadaf Ebrahimi defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
79*62c56f98SSadaf Ebrahimi defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
80*62c56f98SSadaf Ebrahimi defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
81*62c56f98SSadaf Ebrahimi mbedtls_sha3_free(&operation->ctx.sha3);
82*62c56f98SSadaf Ebrahimi break;
83*62c56f98SSadaf Ebrahimi #endif
84*62c56f98SSadaf Ebrahimi default:
85*62c56f98SSadaf Ebrahimi return PSA_ERROR_BAD_STATE;
86*62c56f98SSadaf Ebrahimi }
87*62c56f98SSadaf Ebrahimi operation->alg = 0;
88*62c56f98SSadaf Ebrahimi return PSA_SUCCESS;
89*62c56f98SSadaf Ebrahimi }
90*62c56f98SSadaf Ebrahimi
mbedtls_psa_hash_setup(mbedtls_psa_hash_operation_t * operation,psa_algorithm_t alg)91*62c56f98SSadaf Ebrahimi psa_status_t mbedtls_psa_hash_setup(
92*62c56f98SSadaf Ebrahimi mbedtls_psa_hash_operation_t *operation,
93*62c56f98SSadaf Ebrahimi psa_algorithm_t alg)
94*62c56f98SSadaf Ebrahimi {
95*62c56f98SSadaf Ebrahimi int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
96*62c56f98SSadaf Ebrahimi
97*62c56f98SSadaf Ebrahimi /* A context must be freshly initialized before it can be set up. */
98*62c56f98SSadaf Ebrahimi if (operation->alg != 0) {
99*62c56f98SSadaf Ebrahimi return PSA_ERROR_BAD_STATE;
100*62c56f98SSadaf Ebrahimi }
101*62c56f98SSadaf Ebrahimi
102*62c56f98SSadaf Ebrahimi switch (alg) {
103*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
104*62c56f98SSadaf Ebrahimi case PSA_ALG_MD5:
105*62c56f98SSadaf Ebrahimi mbedtls_md5_init(&operation->ctx.md5);
106*62c56f98SSadaf Ebrahimi ret = mbedtls_md5_starts(&operation->ctx.md5);
107*62c56f98SSadaf Ebrahimi break;
108*62c56f98SSadaf Ebrahimi #endif
109*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
110*62c56f98SSadaf Ebrahimi case PSA_ALG_RIPEMD160:
111*62c56f98SSadaf Ebrahimi mbedtls_ripemd160_init(&operation->ctx.ripemd160);
112*62c56f98SSadaf Ebrahimi ret = mbedtls_ripemd160_starts(&operation->ctx.ripemd160);
113*62c56f98SSadaf Ebrahimi break;
114*62c56f98SSadaf Ebrahimi #endif
115*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
116*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_1:
117*62c56f98SSadaf Ebrahimi mbedtls_sha1_init(&operation->ctx.sha1);
118*62c56f98SSadaf Ebrahimi ret = mbedtls_sha1_starts(&operation->ctx.sha1);
119*62c56f98SSadaf Ebrahimi break;
120*62c56f98SSadaf Ebrahimi #endif
121*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
122*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_224:
123*62c56f98SSadaf Ebrahimi mbedtls_sha256_init(&operation->ctx.sha256);
124*62c56f98SSadaf Ebrahimi ret = mbedtls_sha256_starts(&operation->ctx.sha256, 1);
125*62c56f98SSadaf Ebrahimi break;
126*62c56f98SSadaf Ebrahimi #endif
127*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
128*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_256:
129*62c56f98SSadaf Ebrahimi mbedtls_sha256_init(&operation->ctx.sha256);
130*62c56f98SSadaf Ebrahimi ret = mbedtls_sha256_starts(&operation->ctx.sha256, 0);
131*62c56f98SSadaf Ebrahimi break;
132*62c56f98SSadaf Ebrahimi #endif
133*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
134*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_384:
135*62c56f98SSadaf Ebrahimi mbedtls_sha512_init(&operation->ctx.sha512);
136*62c56f98SSadaf Ebrahimi ret = mbedtls_sha512_starts(&operation->ctx.sha512, 1);
137*62c56f98SSadaf Ebrahimi break;
138*62c56f98SSadaf Ebrahimi #endif
139*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
140*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_512:
141*62c56f98SSadaf Ebrahimi mbedtls_sha512_init(&operation->ctx.sha512);
142*62c56f98SSadaf Ebrahimi ret = mbedtls_sha512_starts(&operation->ctx.sha512, 0);
143*62c56f98SSadaf Ebrahimi break;
144*62c56f98SSadaf Ebrahimi #endif
145*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224)
146*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_224:
147*62c56f98SSadaf Ebrahimi mbedtls_sha3_init(&operation->ctx.sha3);
148*62c56f98SSadaf Ebrahimi ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_224);
149*62c56f98SSadaf Ebrahimi break;
150*62c56f98SSadaf Ebrahimi #endif
151*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256)
152*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_256:
153*62c56f98SSadaf Ebrahimi mbedtls_sha3_init(&operation->ctx.sha3);
154*62c56f98SSadaf Ebrahimi ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_256);
155*62c56f98SSadaf Ebrahimi break;
156*62c56f98SSadaf Ebrahimi #endif
157*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384)
158*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_384:
159*62c56f98SSadaf Ebrahimi mbedtls_sha3_init(&operation->ctx.sha3);
160*62c56f98SSadaf Ebrahimi ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_384);
161*62c56f98SSadaf Ebrahimi break;
162*62c56f98SSadaf Ebrahimi #endif
163*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
164*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_512:
165*62c56f98SSadaf Ebrahimi mbedtls_sha3_init(&operation->ctx.sha3);
166*62c56f98SSadaf Ebrahimi ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_512);
167*62c56f98SSadaf Ebrahimi break;
168*62c56f98SSadaf Ebrahimi #endif
169*62c56f98SSadaf Ebrahimi default:
170*62c56f98SSadaf Ebrahimi return PSA_ALG_IS_HASH(alg) ?
171*62c56f98SSadaf Ebrahimi PSA_ERROR_NOT_SUPPORTED :
172*62c56f98SSadaf Ebrahimi PSA_ERROR_INVALID_ARGUMENT;
173*62c56f98SSadaf Ebrahimi }
174*62c56f98SSadaf Ebrahimi if (ret == 0) {
175*62c56f98SSadaf Ebrahimi operation->alg = alg;
176*62c56f98SSadaf Ebrahimi } else {
177*62c56f98SSadaf Ebrahimi mbedtls_psa_hash_abort(operation);
178*62c56f98SSadaf Ebrahimi }
179*62c56f98SSadaf Ebrahimi return mbedtls_to_psa_error(ret);
180*62c56f98SSadaf Ebrahimi }
181*62c56f98SSadaf Ebrahimi
mbedtls_psa_hash_clone(const mbedtls_psa_hash_operation_t * source_operation,mbedtls_psa_hash_operation_t * target_operation)182*62c56f98SSadaf Ebrahimi psa_status_t mbedtls_psa_hash_clone(
183*62c56f98SSadaf Ebrahimi const mbedtls_psa_hash_operation_t *source_operation,
184*62c56f98SSadaf Ebrahimi mbedtls_psa_hash_operation_t *target_operation)
185*62c56f98SSadaf Ebrahimi {
186*62c56f98SSadaf Ebrahimi switch (source_operation->alg) {
187*62c56f98SSadaf Ebrahimi case 0:
188*62c56f98SSadaf Ebrahimi return PSA_ERROR_BAD_STATE;
189*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
190*62c56f98SSadaf Ebrahimi case PSA_ALG_MD5:
191*62c56f98SSadaf Ebrahimi mbedtls_md5_clone(&target_operation->ctx.md5,
192*62c56f98SSadaf Ebrahimi &source_operation->ctx.md5);
193*62c56f98SSadaf Ebrahimi break;
194*62c56f98SSadaf Ebrahimi #endif
195*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
196*62c56f98SSadaf Ebrahimi case PSA_ALG_RIPEMD160:
197*62c56f98SSadaf Ebrahimi mbedtls_ripemd160_clone(&target_operation->ctx.ripemd160,
198*62c56f98SSadaf Ebrahimi &source_operation->ctx.ripemd160);
199*62c56f98SSadaf Ebrahimi break;
200*62c56f98SSadaf Ebrahimi #endif
201*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
202*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_1:
203*62c56f98SSadaf Ebrahimi mbedtls_sha1_clone(&target_operation->ctx.sha1,
204*62c56f98SSadaf Ebrahimi &source_operation->ctx.sha1);
205*62c56f98SSadaf Ebrahimi break;
206*62c56f98SSadaf Ebrahimi #endif
207*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
208*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_224:
209*62c56f98SSadaf Ebrahimi mbedtls_sha256_clone(&target_operation->ctx.sha256,
210*62c56f98SSadaf Ebrahimi &source_operation->ctx.sha256);
211*62c56f98SSadaf Ebrahimi break;
212*62c56f98SSadaf Ebrahimi #endif
213*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
214*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_256:
215*62c56f98SSadaf Ebrahimi mbedtls_sha256_clone(&target_operation->ctx.sha256,
216*62c56f98SSadaf Ebrahimi &source_operation->ctx.sha256);
217*62c56f98SSadaf Ebrahimi break;
218*62c56f98SSadaf Ebrahimi #endif
219*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
220*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_384:
221*62c56f98SSadaf Ebrahimi mbedtls_sha512_clone(&target_operation->ctx.sha512,
222*62c56f98SSadaf Ebrahimi &source_operation->ctx.sha512);
223*62c56f98SSadaf Ebrahimi break;
224*62c56f98SSadaf Ebrahimi #endif
225*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
226*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_512:
227*62c56f98SSadaf Ebrahimi mbedtls_sha512_clone(&target_operation->ctx.sha512,
228*62c56f98SSadaf Ebrahimi &source_operation->ctx.sha512);
229*62c56f98SSadaf Ebrahimi break;
230*62c56f98SSadaf Ebrahimi #endif
231*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224)
232*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_224:
233*62c56f98SSadaf Ebrahimi #endif
234*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256)
235*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_256:
236*62c56f98SSadaf Ebrahimi #endif
237*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384)
238*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_384:
239*62c56f98SSadaf Ebrahimi #endif
240*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
241*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_512:
242*62c56f98SSadaf Ebrahimi #endif
243*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
244*62c56f98SSadaf Ebrahimi defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
245*62c56f98SSadaf Ebrahimi defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
246*62c56f98SSadaf Ebrahimi defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
247*62c56f98SSadaf Ebrahimi mbedtls_sha3_clone(&target_operation->ctx.sha3,
248*62c56f98SSadaf Ebrahimi &source_operation->ctx.sha3);
249*62c56f98SSadaf Ebrahimi break;
250*62c56f98SSadaf Ebrahimi #endif
251*62c56f98SSadaf Ebrahimi default:
252*62c56f98SSadaf Ebrahimi (void) source_operation;
253*62c56f98SSadaf Ebrahimi (void) target_operation;
254*62c56f98SSadaf Ebrahimi return PSA_ERROR_NOT_SUPPORTED;
255*62c56f98SSadaf Ebrahimi }
256*62c56f98SSadaf Ebrahimi
257*62c56f98SSadaf Ebrahimi target_operation->alg = source_operation->alg;
258*62c56f98SSadaf Ebrahimi return PSA_SUCCESS;
259*62c56f98SSadaf Ebrahimi }
260*62c56f98SSadaf Ebrahimi
mbedtls_psa_hash_update(mbedtls_psa_hash_operation_t * operation,const uint8_t * input,size_t input_length)261*62c56f98SSadaf Ebrahimi psa_status_t mbedtls_psa_hash_update(
262*62c56f98SSadaf Ebrahimi mbedtls_psa_hash_operation_t *operation,
263*62c56f98SSadaf Ebrahimi const uint8_t *input,
264*62c56f98SSadaf Ebrahimi size_t input_length)
265*62c56f98SSadaf Ebrahimi {
266*62c56f98SSadaf Ebrahimi int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
267*62c56f98SSadaf Ebrahimi
268*62c56f98SSadaf Ebrahimi switch (operation->alg) {
269*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
270*62c56f98SSadaf Ebrahimi case PSA_ALG_MD5:
271*62c56f98SSadaf Ebrahimi ret = mbedtls_md5_update(&operation->ctx.md5,
272*62c56f98SSadaf Ebrahimi input, input_length);
273*62c56f98SSadaf Ebrahimi break;
274*62c56f98SSadaf Ebrahimi #endif
275*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
276*62c56f98SSadaf Ebrahimi case PSA_ALG_RIPEMD160:
277*62c56f98SSadaf Ebrahimi ret = mbedtls_ripemd160_update(&operation->ctx.ripemd160,
278*62c56f98SSadaf Ebrahimi input, input_length);
279*62c56f98SSadaf Ebrahimi break;
280*62c56f98SSadaf Ebrahimi #endif
281*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
282*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_1:
283*62c56f98SSadaf Ebrahimi ret = mbedtls_sha1_update(&operation->ctx.sha1,
284*62c56f98SSadaf Ebrahimi input, input_length);
285*62c56f98SSadaf Ebrahimi break;
286*62c56f98SSadaf Ebrahimi #endif
287*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
288*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_224:
289*62c56f98SSadaf Ebrahimi ret = mbedtls_sha256_update(&operation->ctx.sha256,
290*62c56f98SSadaf Ebrahimi input, input_length);
291*62c56f98SSadaf Ebrahimi break;
292*62c56f98SSadaf Ebrahimi #endif
293*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
294*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_256:
295*62c56f98SSadaf Ebrahimi ret = mbedtls_sha256_update(&operation->ctx.sha256,
296*62c56f98SSadaf Ebrahimi input, input_length);
297*62c56f98SSadaf Ebrahimi break;
298*62c56f98SSadaf Ebrahimi #endif
299*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
300*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_384:
301*62c56f98SSadaf Ebrahimi ret = mbedtls_sha512_update(&operation->ctx.sha512,
302*62c56f98SSadaf Ebrahimi input, input_length);
303*62c56f98SSadaf Ebrahimi break;
304*62c56f98SSadaf Ebrahimi #endif
305*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
306*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_512:
307*62c56f98SSadaf Ebrahimi ret = mbedtls_sha512_update(&operation->ctx.sha512,
308*62c56f98SSadaf Ebrahimi input, input_length);
309*62c56f98SSadaf Ebrahimi break;
310*62c56f98SSadaf Ebrahimi #endif
311*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224)
312*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_224:
313*62c56f98SSadaf Ebrahimi #endif
314*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256)
315*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_256:
316*62c56f98SSadaf Ebrahimi #endif
317*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384)
318*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_384:
319*62c56f98SSadaf Ebrahimi #endif
320*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
321*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_512:
322*62c56f98SSadaf Ebrahimi #endif
323*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
324*62c56f98SSadaf Ebrahimi defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
325*62c56f98SSadaf Ebrahimi defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
326*62c56f98SSadaf Ebrahimi defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
327*62c56f98SSadaf Ebrahimi ret = mbedtls_sha3_update(&operation->ctx.sha3,
328*62c56f98SSadaf Ebrahimi input, input_length);
329*62c56f98SSadaf Ebrahimi break;
330*62c56f98SSadaf Ebrahimi #endif
331*62c56f98SSadaf Ebrahimi default:
332*62c56f98SSadaf Ebrahimi (void) input;
333*62c56f98SSadaf Ebrahimi (void) input_length;
334*62c56f98SSadaf Ebrahimi return PSA_ERROR_BAD_STATE;
335*62c56f98SSadaf Ebrahimi }
336*62c56f98SSadaf Ebrahimi
337*62c56f98SSadaf Ebrahimi return mbedtls_to_psa_error(ret);
338*62c56f98SSadaf Ebrahimi }
339*62c56f98SSadaf Ebrahimi
mbedtls_psa_hash_finish(mbedtls_psa_hash_operation_t * operation,uint8_t * hash,size_t hash_size,size_t * hash_length)340*62c56f98SSadaf Ebrahimi psa_status_t mbedtls_psa_hash_finish(
341*62c56f98SSadaf Ebrahimi mbedtls_psa_hash_operation_t *operation,
342*62c56f98SSadaf Ebrahimi uint8_t *hash,
343*62c56f98SSadaf Ebrahimi size_t hash_size,
344*62c56f98SSadaf Ebrahimi size_t *hash_length)
345*62c56f98SSadaf Ebrahimi {
346*62c56f98SSadaf Ebrahimi psa_status_t status;
347*62c56f98SSadaf Ebrahimi int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
348*62c56f98SSadaf Ebrahimi size_t actual_hash_length = PSA_HASH_LENGTH(operation->alg);
349*62c56f98SSadaf Ebrahimi
350*62c56f98SSadaf Ebrahimi /* Fill the output buffer with something that isn't a valid hash
351*62c56f98SSadaf Ebrahimi * (barring an attack on the hash and deliberately-crafted input),
352*62c56f98SSadaf Ebrahimi * in case the caller doesn't check the return status properly. */
353*62c56f98SSadaf Ebrahimi *hash_length = hash_size;
354*62c56f98SSadaf Ebrahimi /* If hash_size is 0 then hash may be NULL and then the
355*62c56f98SSadaf Ebrahimi * call to memset would have undefined behavior. */
356*62c56f98SSadaf Ebrahimi if (hash_size != 0) {
357*62c56f98SSadaf Ebrahimi memset(hash, '!', hash_size);
358*62c56f98SSadaf Ebrahimi }
359*62c56f98SSadaf Ebrahimi
360*62c56f98SSadaf Ebrahimi if (hash_size < actual_hash_length) {
361*62c56f98SSadaf Ebrahimi status = PSA_ERROR_BUFFER_TOO_SMALL;
362*62c56f98SSadaf Ebrahimi goto exit;
363*62c56f98SSadaf Ebrahimi }
364*62c56f98SSadaf Ebrahimi
365*62c56f98SSadaf Ebrahimi switch (operation->alg) {
366*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
367*62c56f98SSadaf Ebrahimi case PSA_ALG_MD5:
368*62c56f98SSadaf Ebrahimi ret = mbedtls_md5_finish(&operation->ctx.md5, hash);
369*62c56f98SSadaf Ebrahimi break;
370*62c56f98SSadaf Ebrahimi #endif
371*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
372*62c56f98SSadaf Ebrahimi case PSA_ALG_RIPEMD160:
373*62c56f98SSadaf Ebrahimi ret = mbedtls_ripemd160_finish(&operation->ctx.ripemd160, hash);
374*62c56f98SSadaf Ebrahimi break;
375*62c56f98SSadaf Ebrahimi #endif
376*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
377*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_1:
378*62c56f98SSadaf Ebrahimi ret = mbedtls_sha1_finish(&operation->ctx.sha1, hash);
379*62c56f98SSadaf Ebrahimi break;
380*62c56f98SSadaf Ebrahimi #endif
381*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
382*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_224:
383*62c56f98SSadaf Ebrahimi ret = mbedtls_sha256_finish(&operation->ctx.sha256, hash);
384*62c56f98SSadaf Ebrahimi break;
385*62c56f98SSadaf Ebrahimi #endif
386*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
387*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_256:
388*62c56f98SSadaf Ebrahimi ret = mbedtls_sha256_finish(&operation->ctx.sha256, hash);
389*62c56f98SSadaf Ebrahimi break;
390*62c56f98SSadaf Ebrahimi #endif
391*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
392*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_384:
393*62c56f98SSadaf Ebrahimi ret = mbedtls_sha512_finish(&operation->ctx.sha512, hash);
394*62c56f98SSadaf Ebrahimi break;
395*62c56f98SSadaf Ebrahimi #endif
396*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
397*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA_512:
398*62c56f98SSadaf Ebrahimi ret = mbedtls_sha512_finish(&operation->ctx.sha512, hash);
399*62c56f98SSadaf Ebrahimi break;
400*62c56f98SSadaf Ebrahimi #endif
401*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224)
402*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_224:
403*62c56f98SSadaf Ebrahimi #endif
404*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256)
405*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_256:
406*62c56f98SSadaf Ebrahimi #endif
407*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384)
408*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_384:
409*62c56f98SSadaf Ebrahimi #endif
410*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
411*62c56f98SSadaf Ebrahimi case PSA_ALG_SHA3_512:
412*62c56f98SSadaf Ebrahimi #endif
413*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
414*62c56f98SSadaf Ebrahimi defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
415*62c56f98SSadaf Ebrahimi defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
416*62c56f98SSadaf Ebrahimi defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
417*62c56f98SSadaf Ebrahimi ret = mbedtls_sha3_finish(&operation->ctx.sha3, hash, hash_size);
418*62c56f98SSadaf Ebrahimi break;
419*62c56f98SSadaf Ebrahimi #endif
420*62c56f98SSadaf Ebrahimi default:
421*62c56f98SSadaf Ebrahimi (void) hash;
422*62c56f98SSadaf Ebrahimi return PSA_ERROR_BAD_STATE;
423*62c56f98SSadaf Ebrahimi }
424*62c56f98SSadaf Ebrahimi status = mbedtls_to_psa_error(ret);
425*62c56f98SSadaf Ebrahimi
426*62c56f98SSadaf Ebrahimi exit:
427*62c56f98SSadaf Ebrahimi if (status == PSA_SUCCESS) {
428*62c56f98SSadaf Ebrahimi *hash_length = actual_hash_length;
429*62c56f98SSadaf Ebrahimi }
430*62c56f98SSadaf Ebrahimi return status;
431*62c56f98SSadaf Ebrahimi }
432*62c56f98SSadaf Ebrahimi
mbedtls_psa_hash_compute(psa_algorithm_t alg,const uint8_t * input,size_t input_length,uint8_t * hash,size_t hash_size,size_t * hash_length)433*62c56f98SSadaf Ebrahimi psa_status_t mbedtls_psa_hash_compute(
434*62c56f98SSadaf Ebrahimi psa_algorithm_t alg,
435*62c56f98SSadaf Ebrahimi const uint8_t *input,
436*62c56f98SSadaf Ebrahimi size_t input_length,
437*62c56f98SSadaf Ebrahimi uint8_t *hash,
438*62c56f98SSadaf Ebrahimi size_t hash_size,
439*62c56f98SSadaf Ebrahimi size_t *hash_length)
440*62c56f98SSadaf Ebrahimi {
441*62c56f98SSadaf Ebrahimi mbedtls_psa_hash_operation_t operation = MBEDTLS_PSA_HASH_OPERATION_INIT;
442*62c56f98SSadaf Ebrahimi psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
443*62c56f98SSadaf Ebrahimi psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
444*62c56f98SSadaf Ebrahimi
445*62c56f98SSadaf Ebrahimi *hash_length = hash_size;
446*62c56f98SSadaf Ebrahimi status = mbedtls_psa_hash_setup(&operation, alg);
447*62c56f98SSadaf Ebrahimi if (status != PSA_SUCCESS) {
448*62c56f98SSadaf Ebrahimi goto exit;
449*62c56f98SSadaf Ebrahimi }
450*62c56f98SSadaf Ebrahimi status = mbedtls_psa_hash_update(&operation, input, input_length);
451*62c56f98SSadaf Ebrahimi if (status != PSA_SUCCESS) {
452*62c56f98SSadaf Ebrahimi goto exit;
453*62c56f98SSadaf Ebrahimi }
454*62c56f98SSadaf Ebrahimi status = mbedtls_psa_hash_finish(&operation, hash, hash_size, hash_length);
455*62c56f98SSadaf Ebrahimi if (status != PSA_SUCCESS) {
456*62c56f98SSadaf Ebrahimi goto exit;
457*62c56f98SSadaf Ebrahimi }
458*62c56f98SSadaf Ebrahimi
459*62c56f98SSadaf Ebrahimi exit:
460*62c56f98SSadaf Ebrahimi abort_status = mbedtls_psa_hash_abort(&operation);
461*62c56f98SSadaf Ebrahimi if (status == PSA_SUCCESS) {
462*62c56f98SSadaf Ebrahimi return abort_status;
463*62c56f98SSadaf Ebrahimi } else {
464*62c56f98SSadaf Ebrahimi return status;
465*62c56f98SSadaf Ebrahimi }
466*62c56f98SSadaf Ebrahimi
467*62c56f98SSadaf Ebrahimi }
468*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_PSA_BUILTIN_HASH */
469*62c56f98SSadaf Ebrahimi
470*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_PSA_CRYPTO_C */
471