1*6236dae4SAndroid Build Coastguard Worker /***************************************************************************
2*6236dae4SAndroid Build Coastguard Worker * _ _ ____ _
3*6236dae4SAndroid Build Coastguard Worker * Project ___| | | | _ \| |
4*6236dae4SAndroid Build Coastguard Worker * / __| | | | |_) | |
5*6236dae4SAndroid Build Coastguard Worker * | (__| |_| | _ <| |___
6*6236dae4SAndroid Build Coastguard Worker * \___|\___/|_| \_\_____|
7*6236dae4SAndroid Build Coastguard Worker *
8*6236dae4SAndroid Build Coastguard Worker * Copyright (C) Florin Petriuc, <[email protected]>
9*6236dae4SAndroid Build Coastguard Worker * Copyright (C) Daniel Stenberg, <[email protected]>, et al.
10*6236dae4SAndroid Build Coastguard Worker *
11*6236dae4SAndroid Build Coastguard Worker * This software is licensed as described in the file COPYING, which
12*6236dae4SAndroid Build Coastguard Worker * you should have received as part of this distribution. The terms
13*6236dae4SAndroid Build Coastguard Worker * are also available at https://curl.se/docs/copyright.html.
14*6236dae4SAndroid Build Coastguard Worker *
15*6236dae4SAndroid Build Coastguard Worker * You may opt to use, copy, modify, merge, publish, distribute and/or sell
16*6236dae4SAndroid Build Coastguard Worker * copies of the Software, and permit persons to whom the Software is
17*6236dae4SAndroid Build Coastguard Worker * furnished to do so, under the terms of the COPYING file.
18*6236dae4SAndroid Build Coastguard Worker *
19*6236dae4SAndroid Build Coastguard Worker * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
20*6236dae4SAndroid Build Coastguard Worker * KIND, either express or implied.
21*6236dae4SAndroid Build Coastguard Worker *
22*6236dae4SAndroid Build Coastguard Worker * SPDX-License-Identifier: curl
23*6236dae4SAndroid Build Coastguard Worker *
24*6236dae4SAndroid Build Coastguard Worker ***************************************************************************/
25*6236dae4SAndroid Build Coastguard Worker
26*6236dae4SAndroid Build Coastguard Worker #include "curl_setup.h"
27*6236dae4SAndroid Build Coastguard Worker
28*6236dae4SAndroid Build Coastguard Worker #if !defined(CURL_DISABLE_AWS) || !defined(CURL_DISABLE_DIGEST_AUTH) \
29*6236dae4SAndroid Build Coastguard Worker || defined(USE_LIBSSH2)
30*6236dae4SAndroid Build Coastguard Worker
31*6236dae4SAndroid Build Coastguard Worker #include "warnless.h"
32*6236dae4SAndroid Build Coastguard Worker #include "curl_sha256.h"
33*6236dae4SAndroid Build Coastguard Worker #include "curl_hmac.h"
34*6236dae4SAndroid Build Coastguard Worker
35*6236dae4SAndroid Build Coastguard Worker #ifdef USE_WOLFSSL
36*6236dae4SAndroid Build Coastguard Worker #include <wolfssl/options.h>
37*6236dae4SAndroid Build Coastguard Worker #endif
38*6236dae4SAndroid Build Coastguard Worker
39*6236dae4SAndroid Build Coastguard Worker #if defined(USE_OPENSSL)
40*6236dae4SAndroid Build Coastguard Worker
41*6236dae4SAndroid Build Coastguard Worker #include <openssl/opensslv.h>
42*6236dae4SAndroid Build Coastguard Worker
43*6236dae4SAndroid Build Coastguard Worker #if (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
44*6236dae4SAndroid Build Coastguard Worker #define USE_OPENSSL_SHA256
45*6236dae4SAndroid Build Coastguard Worker #endif
46*6236dae4SAndroid Build Coastguard Worker
47*6236dae4SAndroid Build Coastguard Worker #endif /* USE_OPENSSL */
48*6236dae4SAndroid Build Coastguard Worker
49*6236dae4SAndroid Build Coastguard Worker #ifdef USE_MBEDTLS
50*6236dae4SAndroid Build Coastguard Worker #include <mbedtls/version.h>
51*6236dae4SAndroid Build Coastguard Worker
52*6236dae4SAndroid Build Coastguard Worker #if(MBEDTLS_VERSION_NUMBER >= 0x02070000) && \
53*6236dae4SAndroid Build Coastguard Worker (MBEDTLS_VERSION_NUMBER < 0x03000000)
54*6236dae4SAndroid Build Coastguard Worker #define HAS_MBEDTLS_RESULT_CODE_BASED_FUNCTIONS
55*6236dae4SAndroid Build Coastguard Worker #endif
56*6236dae4SAndroid Build Coastguard Worker #endif /* USE_MBEDTLS */
57*6236dae4SAndroid Build Coastguard Worker
58*6236dae4SAndroid Build Coastguard Worker #if defined(USE_OPENSSL_SHA256)
59*6236dae4SAndroid Build Coastguard Worker
60*6236dae4SAndroid Build Coastguard Worker /* When OpenSSL or wolfSSL is available we use their SHA256-functions. */
61*6236dae4SAndroid Build Coastguard Worker #if defined(USE_OPENSSL)
62*6236dae4SAndroid Build Coastguard Worker #include <openssl/evp.h>
63*6236dae4SAndroid Build Coastguard Worker #elif defined(USE_WOLFSSL)
64*6236dae4SAndroid Build Coastguard Worker #include <wolfssl/openssl/evp.h>
65*6236dae4SAndroid Build Coastguard Worker #endif
66*6236dae4SAndroid Build Coastguard Worker
67*6236dae4SAndroid Build Coastguard Worker #elif defined(USE_GNUTLS)
68*6236dae4SAndroid Build Coastguard Worker #include <nettle/sha.h>
69*6236dae4SAndroid Build Coastguard Worker #elif defined(USE_MBEDTLS)
70*6236dae4SAndroid Build Coastguard Worker #include <mbedtls/sha256.h>
71*6236dae4SAndroid Build Coastguard Worker #elif (defined(__MAC_OS_X_VERSION_MAX_ALLOWED) && \
72*6236dae4SAndroid Build Coastguard Worker (__MAC_OS_X_VERSION_MAX_ALLOWED >= 1040)) || \
73*6236dae4SAndroid Build Coastguard Worker (defined(__IPHONE_OS_VERSION_MAX_ALLOWED) && \
74*6236dae4SAndroid Build Coastguard Worker (__IPHONE_OS_VERSION_MAX_ALLOWED >= 20000))
75*6236dae4SAndroid Build Coastguard Worker #include <CommonCrypto/CommonDigest.h>
76*6236dae4SAndroid Build Coastguard Worker #define AN_APPLE_OS
77*6236dae4SAndroid Build Coastguard Worker #elif defined(USE_WIN32_CRYPTO)
78*6236dae4SAndroid Build Coastguard Worker #include <wincrypt.h>
79*6236dae4SAndroid Build Coastguard Worker #endif
80*6236dae4SAndroid Build Coastguard Worker
81*6236dae4SAndroid Build Coastguard Worker /* The last 3 #include files should be in this order */
82*6236dae4SAndroid Build Coastguard Worker #include "curl_printf.h"
83*6236dae4SAndroid Build Coastguard Worker #include "curl_memory.h"
84*6236dae4SAndroid Build Coastguard Worker #include "memdebug.h"
85*6236dae4SAndroid Build Coastguard Worker
86*6236dae4SAndroid Build Coastguard Worker /* Please keep the SSL backend-specific #if branches in this order:
87*6236dae4SAndroid Build Coastguard Worker *
88*6236dae4SAndroid Build Coastguard Worker * 1. USE_OPENSSL
89*6236dae4SAndroid Build Coastguard Worker * 2. USE_GNUTLS
90*6236dae4SAndroid Build Coastguard Worker * 3. USE_MBEDTLS
91*6236dae4SAndroid Build Coastguard Worker * 4. USE_COMMON_CRYPTO
92*6236dae4SAndroid Build Coastguard Worker * 5. USE_WIN32_CRYPTO
93*6236dae4SAndroid Build Coastguard Worker *
94*6236dae4SAndroid Build Coastguard Worker * This ensures that the same SSL branch gets activated throughout this source
95*6236dae4SAndroid Build Coastguard Worker * file even if multiple backends are enabled at the same time.
96*6236dae4SAndroid Build Coastguard Worker */
97*6236dae4SAndroid Build Coastguard Worker
98*6236dae4SAndroid Build Coastguard Worker #if defined(USE_OPENSSL_SHA256)
99*6236dae4SAndroid Build Coastguard Worker
100*6236dae4SAndroid Build Coastguard Worker struct ossl_sha256_ctx {
101*6236dae4SAndroid Build Coastguard Worker EVP_MD_CTX *openssl_ctx;
102*6236dae4SAndroid Build Coastguard Worker };
103*6236dae4SAndroid Build Coastguard Worker typedef struct ossl_sha256_ctx my_sha256_ctx;
104*6236dae4SAndroid Build Coastguard Worker
my_sha256_init(void * in)105*6236dae4SAndroid Build Coastguard Worker static CURLcode my_sha256_init(void *in)
106*6236dae4SAndroid Build Coastguard Worker {
107*6236dae4SAndroid Build Coastguard Worker my_sha256_ctx *ctx = (my_sha256_ctx *)in;
108*6236dae4SAndroid Build Coastguard Worker ctx->openssl_ctx = EVP_MD_CTX_create();
109*6236dae4SAndroid Build Coastguard Worker if(!ctx->openssl_ctx)
110*6236dae4SAndroid Build Coastguard Worker return CURLE_OUT_OF_MEMORY;
111*6236dae4SAndroid Build Coastguard Worker
112*6236dae4SAndroid Build Coastguard Worker if(!EVP_DigestInit_ex(ctx->openssl_ctx, EVP_sha256(), NULL)) {
113*6236dae4SAndroid Build Coastguard Worker EVP_MD_CTX_destroy(ctx->openssl_ctx);
114*6236dae4SAndroid Build Coastguard Worker return CURLE_FAILED_INIT;
115*6236dae4SAndroid Build Coastguard Worker }
116*6236dae4SAndroid Build Coastguard Worker return CURLE_OK;
117*6236dae4SAndroid Build Coastguard Worker }
118*6236dae4SAndroid Build Coastguard Worker
my_sha256_update(void * in,const unsigned char * data,unsigned int length)119*6236dae4SAndroid Build Coastguard Worker static void my_sha256_update(void *in,
120*6236dae4SAndroid Build Coastguard Worker const unsigned char *data,
121*6236dae4SAndroid Build Coastguard Worker unsigned int length)
122*6236dae4SAndroid Build Coastguard Worker {
123*6236dae4SAndroid Build Coastguard Worker my_sha256_ctx *ctx = (my_sha256_ctx *)in;
124*6236dae4SAndroid Build Coastguard Worker EVP_DigestUpdate(ctx->openssl_ctx, data, length);
125*6236dae4SAndroid Build Coastguard Worker }
126*6236dae4SAndroid Build Coastguard Worker
my_sha256_final(unsigned char * digest,void * in)127*6236dae4SAndroid Build Coastguard Worker static void my_sha256_final(unsigned char *digest, void *in)
128*6236dae4SAndroid Build Coastguard Worker {
129*6236dae4SAndroid Build Coastguard Worker my_sha256_ctx *ctx = (my_sha256_ctx *)in;
130*6236dae4SAndroid Build Coastguard Worker EVP_DigestFinal_ex(ctx->openssl_ctx, digest, NULL);
131*6236dae4SAndroid Build Coastguard Worker EVP_MD_CTX_destroy(ctx->openssl_ctx);
132*6236dae4SAndroid Build Coastguard Worker }
133*6236dae4SAndroid Build Coastguard Worker
134*6236dae4SAndroid Build Coastguard Worker #elif defined(USE_GNUTLS)
135*6236dae4SAndroid Build Coastguard Worker
136*6236dae4SAndroid Build Coastguard Worker typedef struct sha256_ctx my_sha256_ctx;
137*6236dae4SAndroid Build Coastguard Worker
my_sha256_init(void * ctx)138*6236dae4SAndroid Build Coastguard Worker static CURLcode my_sha256_init(void *ctx)
139*6236dae4SAndroid Build Coastguard Worker {
140*6236dae4SAndroid Build Coastguard Worker sha256_init(ctx);
141*6236dae4SAndroid Build Coastguard Worker return CURLE_OK;
142*6236dae4SAndroid Build Coastguard Worker }
143*6236dae4SAndroid Build Coastguard Worker
my_sha256_update(void * ctx,const unsigned char * data,unsigned int length)144*6236dae4SAndroid Build Coastguard Worker static void my_sha256_update(void *ctx,
145*6236dae4SAndroid Build Coastguard Worker const unsigned char *data,
146*6236dae4SAndroid Build Coastguard Worker unsigned int length)
147*6236dae4SAndroid Build Coastguard Worker {
148*6236dae4SAndroid Build Coastguard Worker sha256_update(ctx, length, data);
149*6236dae4SAndroid Build Coastguard Worker }
150*6236dae4SAndroid Build Coastguard Worker
my_sha256_final(unsigned char * digest,void * ctx)151*6236dae4SAndroid Build Coastguard Worker static void my_sha256_final(unsigned char *digest, void *ctx)
152*6236dae4SAndroid Build Coastguard Worker {
153*6236dae4SAndroid Build Coastguard Worker sha256_digest(ctx, SHA256_DIGEST_SIZE, digest);
154*6236dae4SAndroid Build Coastguard Worker }
155*6236dae4SAndroid Build Coastguard Worker
156*6236dae4SAndroid Build Coastguard Worker #elif defined(USE_MBEDTLS)
157*6236dae4SAndroid Build Coastguard Worker
158*6236dae4SAndroid Build Coastguard Worker typedef mbedtls_sha256_context my_sha256_ctx;
159*6236dae4SAndroid Build Coastguard Worker
my_sha256_init(void * ctx)160*6236dae4SAndroid Build Coastguard Worker static CURLcode my_sha256_init(void *ctx)
161*6236dae4SAndroid Build Coastguard Worker {
162*6236dae4SAndroid Build Coastguard Worker #if !defined(HAS_MBEDTLS_RESULT_CODE_BASED_FUNCTIONS)
163*6236dae4SAndroid Build Coastguard Worker (void) mbedtls_sha256_starts(ctx, 0);
164*6236dae4SAndroid Build Coastguard Worker #else
165*6236dae4SAndroid Build Coastguard Worker (void) mbedtls_sha256_starts_ret(ctx, 0);
166*6236dae4SAndroid Build Coastguard Worker #endif
167*6236dae4SAndroid Build Coastguard Worker return CURLE_OK;
168*6236dae4SAndroid Build Coastguard Worker }
169*6236dae4SAndroid Build Coastguard Worker
my_sha256_update(void * ctx,const unsigned char * data,unsigned int length)170*6236dae4SAndroid Build Coastguard Worker static void my_sha256_update(void *ctx,
171*6236dae4SAndroid Build Coastguard Worker const unsigned char *data,
172*6236dae4SAndroid Build Coastguard Worker unsigned int length)
173*6236dae4SAndroid Build Coastguard Worker {
174*6236dae4SAndroid Build Coastguard Worker #if !defined(HAS_MBEDTLS_RESULT_CODE_BASED_FUNCTIONS)
175*6236dae4SAndroid Build Coastguard Worker (void) mbedtls_sha256_update(ctx, data, length);
176*6236dae4SAndroid Build Coastguard Worker #else
177*6236dae4SAndroid Build Coastguard Worker (void) mbedtls_sha256_update_ret(ctx, data, length);
178*6236dae4SAndroid Build Coastguard Worker #endif
179*6236dae4SAndroid Build Coastguard Worker }
180*6236dae4SAndroid Build Coastguard Worker
my_sha256_final(unsigned char * digest,void * ctx)181*6236dae4SAndroid Build Coastguard Worker static void my_sha256_final(unsigned char *digest, void *ctx)
182*6236dae4SAndroid Build Coastguard Worker {
183*6236dae4SAndroid Build Coastguard Worker #if !defined(HAS_MBEDTLS_RESULT_CODE_BASED_FUNCTIONS)
184*6236dae4SAndroid Build Coastguard Worker (void) mbedtls_sha256_finish(ctx, digest);
185*6236dae4SAndroid Build Coastguard Worker #else
186*6236dae4SAndroid Build Coastguard Worker (void) mbedtls_sha256_finish_ret(ctx, digest);
187*6236dae4SAndroid Build Coastguard Worker #endif
188*6236dae4SAndroid Build Coastguard Worker }
189*6236dae4SAndroid Build Coastguard Worker
190*6236dae4SAndroid Build Coastguard Worker #elif defined(AN_APPLE_OS)
191*6236dae4SAndroid Build Coastguard Worker typedef CC_SHA256_CTX my_sha256_ctx;
192*6236dae4SAndroid Build Coastguard Worker
my_sha256_init(void * ctx)193*6236dae4SAndroid Build Coastguard Worker static CURLcode my_sha256_init(void *ctx)
194*6236dae4SAndroid Build Coastguard Worker {
195*6236dae4SAndroid Build Coastguard Worker (void) CC_SHA256_Init(ctx);
196*6236dae4SAndroid Build Coastguard Worker return CURLE_OK;
197*6236dae4SAndroid Build Coastguard Worker }
198*6236dae4SAndroid Build Coastguard Worker
my_sha256_update(void * ctx,const unsigned char * data,unsigned int length)199*6236dae4SAndroid Build Coastguard Worker static void my_sha256_update(void *ctx,
200*6236dae4SAndroid Build Coastguard Worker const unsigned char *data,
201*6236dae4SAndroid Build Coastguard Worker unsigned int length)
202*6236dae4SAndroid Build Coastguard Worker {
203*6236dae4SAndroid Build Coastguard Worker (void) CC_SHA256_Update(ctx, data, length);
204*6236dae4SAndroid Build Coastguard Worker }
205*6236dae4SAndroid Build Coastguard Worker
my_sha256_final(unsigned char * digest,void * ctx)206*6236dae4SAndroid Build Coastguard Worker static void my_sha256_final(unsigned char *digest, void *ctx)
207*6236dae4SAndroid Build Coastguard Worker {
208*6236dae4SAndroid Build Coastguard Worker (void) CC_SHA256_Final(digest, ctx);
209*6236dae4SAndroid Build Coastguard Worker }
210*6236dae4SAndroid Build Coastguard Worker
211*6236dae4SAndroid Build Coastguard Worker #elif defined(USE_WIN32_CRYPTO)
212*6236dae4SAndroid Build Coastguard Worker
213*6236dae4SAndroid Build Coastguard Worker struct sha256_ctx {
214*6236dae4SAndroid Build Coastguard Worker HCRYPTPROV hCryptProv;
215*6236dae4SAndroid Build Coastguard Worker HCRYPTHASH hHash;
216*6236dae4SAndroid Build Coastguard Worker };
217*6236dae4SAndroid Build Coastguard Worker typedef struct sha256_ctx my_sha256_ctx;
218*6236dae4SAndroid Build Coastguard Worker
219*6236dae4SAndroid Build Coastguard Worker #if !defined(CALG_SHA_256)
220*6236dae4SAndroid Build Coastguard Worker #define CALG_SHA_256 0x0000800c
221*6236dae4SAndroid Build Coastguard Worker #endif
222*6236dae4SAndroid Build Coastguard Worker
my_sha256_init(void * in)223*6236dae4SAndroid Build Coastguard Worker static CURLcode my_sha256_init(void *in)
224*6236dae4SAndroid Build Coastguard Worker {
225*6236dae4SAndroid Build Coastguard Worker my_sha256_ctx *ctx = (my_sha256_ctx *)in;
226*6236dae4SAndroid Build Coastguard Worker if(!CryptAcquireContext(&ctx->hCryptProv, NULL, NULL, PROV_RSA_AES,
227*6236dae4SAndroid Build Coastguard Worker CRYPT_VERIFYCONTEXT | CRYPT_SILENT))
228*6236dae4SAndroid Build Coastguard Worker return CURLE_OUT_OF_MEMORY;
229*6236dae4SAndroid Build Coastguard Worker
230*6236dae4SAndroid Build Coastguard Worker if(!CryptCreateHash(ctx->hCryptProv, CALG_SHA_256, 0, 0, &ctx->hHash)) {
231*6236dae4SAndroid Build Coastguard Worker CryptReleaseContext(ctx->hCryptProv, 0);
232*6236dae4SAndroid Build Coastguard Worker ctx->hCryptProv = 0;
233*6236dae4SAndroid Build Coastguard Worker return CURLE_FAILED_INIT;
234*6236dae4SAndroid Build Coastguard Worker }
235*6236dae4SAndroid Build Coastguard Worker
236*6236dae4SAndroid Build Coastguard Worker return CURLE_OK;
237*6236dae4SAndroid Build Coastguard Worker }
238*6236dae4SAndroid Build Coastguard Worker
my_sha256_update(void * in,const unsigned char * data,unsigned int length)239*6236dae4SAndroid Build Coastguard Worker static void my_sha256_update(void *in,
240*6236dae4SAndroid Build Coastguard Worker const unsigned char *data,
241*6236dae4SAndroid Build Coastguard Worker unsigned int length)
242*6236dae4SAndroid Build Coastguard Worker {
243*6236dae4SAndroid Build Coastguard Worker my_sha256_ctx *ctx = (my_sha256_ctx *)in;
244*6236dae4SAndroid Build Coastguard Worker CryptHashData(ctx->hHash, (unsigned char *) data, length, 0);
245*6236dae4SAndroid Build Coastguard Worker }
246*6236dae4SAndroid Build Coastguard Worker
my_sha256_final(unsigned char * digest,void * in)247*6236dae4SAndroid Build Coastguard Worker static void my_sha256_final(unsigned char *digest, void *in)
248*6236dae4SAndroid Build Coastguard Worker {
249*6236dae4SAndroid Build Coastguard Worker my_sha256_ctx *ctx = (my_sha256_ctx *)in;
250*6236dae4SAndroid Build Coastguard Worker unsigned long length = 0;
251*6236dae4SAndroid Build Coastguard Worker
252*6236dae4SAndroid Build Coastguard Worker CryptGetHashParam(ctx->hHash, HP_HASHVAL, NULL, &length, 0);
253*6236dae4SAndroid Build Coastguard Worker if(length == CURL_SHA256_DIGEST_LENGTH)
254*6236dae4SAndroid Build Coastguard Worker CryptGetHashParam(ctx->hHash, HP_HASHVAL, digest, &length, 0);
255*6236dae4SAndroid Build Coastguard Worker
256*6236dae4SAndroid Build Coastguard Worker if(ctx->hHash)
257*6236dae4SAndroid Build Coastguard Worker CryptDestroyHash(ctx->hHash);
258*6236dae4SAndroid Build Coastguard Worker
259*6236dae4SAndroid Build Coastguard Worker if(ctx->hCryptProv)
260*6236dae4SAndroid Build Coastguard Worker CryptReleaseContext(ctx->hCryptProv, 0);
261*6236dae4SAndroid Build Coastguard Worker }
262*6236dae4SAndroid Build Coastguard Worker
263*6236dae4SAndroid Build Coastguard Worker #else
264*6236dae4SAndroid Build Coastguard Worker
265*6236dae4SAndroid Build Coastguard Worker /* When no other crypto library is available we use this code segment */
266*6236dae4SAndroid Build Coastguard Worker
267*6236dae4SAndroid Build Coastguard Worker /* This is based on SHA256 implementation in LibTomCrypt that was released into
268*6236dae4SAndroid Build Coastguard Worker * public domain by Tom St Denis. */
269*6236dae4SAndroid Build Coastguard Worker
270*6236dae4SAndroid Build Coastguard Worker #define WPA_GET_BE32(a) ((((unsigned long)(a)[0]) << 24) | \
271*6236dae4SAndroid Build Coastguard Worker (((unsigned long)(a)[1]) << 16) | \
272*6236dae4SAndroid Build Coastguard Worker (((unsigned long)(a)[2]) << 8) | \
273*6236dae4SAndroid Build Coastguard Worker ((unsigned long)(a)[3]))
274*6236dae4SAndroid Build Coastguard Worker #define WPA_PUT_BE32(a, val) \
275*6236dae4SAndroid Build Coastguard Worker do { \
276*6236dae4SAndroid Build Coastguard Worker (a)[0] = (unsigned char)((((unsigned long) (val)) >> 24) & 0xff); \
277*6236dae4SAndroid Build Coastguard Worker (a)[1] = (unsigned char)((((unsigned long) (val)) >> 16) & 0xff); \
278*6236dae4SAndroid Build Coastguard Worker (a)[2] = (unsigned char)((((unsigned long) (val)) >> 8) & 0xff); \
279*6236dae4SAndroid Build Coastguard Worker (a)[3] = (unsigned char)(((unsigned long) (val)) & 0xff); \
280*6236dae4SAndroid Build Coastguard Worker } while(0)
281*6236dae4SAndroid Build Coastguard Worker
282*6236dae4SAndroid Build Coastguard Worker #ifdef HAVE_LONGLONG
283*6236dae4SAndroid Build Coastguard Worker #define WPA_PUT_BE64(a, val) \
284*6236dae4SAndroid Build Coastguard Worker do { \
285*6236dae4SAndroid Build Coastguard Worker (a)[0] = (unsigned char)(((unsigned long long)(val)) >> 56); \
286*6236dae4SAndroid Build Coastguard Worker (a)[1] = (unsigned char)(((unsigned long long)(val)) >> 48); \
287*6236dae4SAndroid Build Coastguard Worker (a)[2] = (unsigned char)(((unsigned long long)(val)) >> 40); \
288*6236dae4SAndroid Build Coastguard Worker (a)[3] = (unsigned char)(((unsigned long long)(val)) >> 32); \
289*6236dae4SAndroid Build Coastguard Worker (a)[4] = (unsigned char)(((unsigned long long)(val)) >> 24); \
290*6236dae4SAndroid Build Coastguard Worker (a)[5] = (unsigned char)(((unsigned long long)(val)) >> 16); \
291*6236dae4SAndroid Build Coastguard Worker (a)[6] = (unsigned char)(((unsigned long long)(val)) >> 8); \
292*6236dae4SAndroid Build Coastguard Worker (a)[7] = (unsigned char)(((unsigned long long)(val)) & 0xff); \
293*6236dae4SAndroid Build Coastguard Worker } while(0)
294*6236dae4SAndroid Build Coastguard Worker #else
295*6236dae4SAndroid Build Coastguard Worker #define WPA_PUT_BE64(a, val) \
296*6236dae4SAndroid Build Coastguard Worker do { \
297*6236dae4SAndroid Build Coastguard Worker (a)[0] = (unsigned char)(((unsigned __int64)(val)) >> 56); \
298*6236dae4SAndroid Build Coastguard Worker (a)[1] = (unsigned char)(((unsigned __int64)(val)) >> 48); \
299*6236dae4SAndroid Build Coastguard Worker (a)[2] = (unsigned char)(((unsigned __int64)(val)) >> 40); \
300*6236dae4SAndroid Build Coastguard Worker (a)[3] = (unsigned char)(((unsigned __int64)(val)) >> 32); \
301*6236dae4SAndroid Build Coastguard Worker (a)[4] = (unsigned char)(((unsigned __int64)(val)) >> 24); \
302*6236dae4SAndroid Build Coastguard Worker (a)[5] = (unsigned char)(((unsigned __int64)(val)) >> 16); \
303*6236dae4SAndroid Build Coastguard Worker (a)[6] = (unsigned char)(((unsigned __int64)(val)) >> 8); \
304*6236dae4SAndroid Build Coastguard Worker (a)[7] = (unsigned char)(((unsigned __int64)(val)) & 0xff); \
305*6236dae4SAndroid Build Coastguard Worker } while(0)
306*6236dae4SAndroid Build Coastguard Worker #endif
307*6236dae4SAndroid Build Coastguard Worker
308*6236dae4SAndroid Build Coastguard Worker struct sha256_state {
309*6236dae4SAndroid Build Coastguard Worker #ifdef HAVE_LONGLONG
310*6236dae4SAndroid Build Coastguard Worker unsigned long long length;
311*6236dae4SAndroid Build Coastguard Worker #else
312*6236dae4SAndroid Build Coastguard Worker unsigned __int64 length;
313*6236dae4SAndroid Build Coastguard Worker #endif
314*6236dae4SAndroid Build Coastguard Worker unsigned long state[8], curlen;
315*6236dae4SAndroid Build Coastguard Worker unsigned char buf[64];
316*6236dae4SAndroid Build Coastguard Worker };
317*6236dae4SAndroid Build Coastguard Worker typedef struct sha256_state my_sha256_ctx;
318*6236dae4SAndroid Build Coastguard Worker
319*6236dae4SAndroid Build Coastguard Worker /* The K array */
320*6236dae4SAndroid Build Coastguard Worker static const unsigned long K[64] = {
321*6236dae4SAndroid Build Coastguard Worker 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 0x3956c25bUL,
322*6236dae4SAndroid Build Coastguard Worker 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, 0xd807aa98UL, 0x12835b01UL,
323*6236dae4SAndroid Build Coastguard Worker 0x243185beUL, 0x550c7dc3UL, 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL,
324*6236dae4SAndroid Build Coastguard Worker 0xc19bf174UL, 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
325*6236dae4SAndroid Build Coastguard Worker 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, 0x983e5152UL,
326*6236dae4SAndroid Build Coastguard Worker 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, 0xc6e00bf3UL, 0xd5a79147UL,
327*6236dae4SAndroid Build Coastguard Worker 0x06ca6351UL, 0x14292967UL, 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL,
328*6236dae4SAndroid Build Coastguard Worker 0x53380d13UL, 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
329*6236dae4SAndroid Build Coastguard Worker 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, 0xd192e819UL,
330*6236dae4SAndroid Build Coastguard Worker 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, 0x19a4c116UL, 0x1e376c08UL,
331*6236dae4SAndroid Build Coastguard Worker 0x2748774cUL, 0x34b0bcb5UL, 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL,
332*6236dae4SAndroid Build Coastguard Worker 0x682e6ff3UL, 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
333*6236dae4SAndroid Build Coastguard Worker 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
334*6236dae4SAndroid Build Coastguard Worker };
335*6236dae4SAndroid Build Coastguard Worker
336*6236dae4SAndroid Build Coastguard Worker /* Various logical functions */
337*6236dae4SAndroid Build Coastguard Worker #define RORc(x, y) \
338*6236dae4SAndroid Build Coastguard Worker (((((unsigned long)(x) & 0xFFFFFFFFUL) >> (unsigned long)((y) & 31)) | \
339*6236dae4SAndroid Build Coastguard Worker ((unsigned long)(x) << (unsigned long)(32 - ((y) & 31)))) & 0xFFFFFFFFUL)
340*6236dae4SAndroid Build Coastguard Worker #define Sha256_Ch(x,y,z) (z ^ (x & (y ^ z)))
341*6236dae4SAndroid Build Coastguard Worker #define Sha256_Maj(x,y,z) (((x | y) & z) | (x & y))
342*6236dae4SAndroid Build Coastguard Worker #define Sha256_S(x, n) RORc((x), (n))
343*6236dae4SAndroid Build Coastguard Worker #define Sha256_R(x, n) (((x)&0xFFFFFFFFUL)>>(n))
344*6236dae4SAndroid Build Coastguard Worker #define Sigma0(x) (Sha256_S(x, 2) ^ Sha256_S(x, 13) ^ Sha256_S(x, 22))
345*6236dae4SAndroid Build Coastguard Worker #define Sigma1(x) (Sha256_S(x, 6) ^ Sha256_S(x, 11) ^ Sha256_S(x, 25))
346*6236dae4SAndroid Build Coastguard Worker #define Gamma0(x) (Sha256_S(x, 7) ^ Sha256_S(x, 18) ^ Sha256_R(x, 3))
347*6236dae4SAndroid Build Coastguard Worker #define Gamma1(x) (Sha256_S(x, 17) ^ Sha256_S(x, 19) ^ Sha256_R(x, 10))
348*6236dae4SAndroid Build Coastguard Worker
349*6236dae4SAndroid Build Coastguard Worker /* Compress 512-bits */
sha256_compress(struct sha256_state * md,unsigned char * buf)350*6236dae4SAndroid Build Coastguard Worker static int sha256_compress(struct sha256_state *md,
351*6236dae4SAndroid Build Coastguard Worker unsigned char *buf)
352*6236dae4SAndroid Build Coastguard Worker {
353*6236dae4SAndroid Build Coastguard Worker unsigned long S[8], W[64];
354*6236dae4SAndroid Build Coastguard Worker int i;
355*6236dae4SAndroid Build Coastguard Worker
356*6236dae4SAndroid Build Coastguard Worker /* Copy state into S */
357*6236dae4SAndroid Build Coastguard Worker for(i = 0; i < 8; i++) {
358*6236dae4SAndroid Build Coastguard Worker S[i] = md->state[i];
359*6236dae4SAndroid Build Coastguard Worker }
360*6236dae4SAndroid Build Coastguard Worker /* copy the state into 512-bits into W[0..15] */
361*6236dae4SAndroid Build Coastguard Worker for(i = 0; i < 16; i++)
362*6236dae4SAndroid Build Coastguard Worker W[i] = WPA_GET_BE32(buf + (4 * i));
363*6236dae4SAndroid Build Coastguard Worker /* fill W[16..63] */
364*6236dae4SAndroid Build Coastguard Worker for(i = 16; i < 64; i++) {
365*6236dae4SAndroid Build Coastguard Worker W[i] = Gamma1(W[i - 2]) + W[i - 7] + Gamma0(W[i - 15]) +
366*6236dae4SAndroid Build Coastguard Worker W[i - 16];
367*6236dae4SAndroid Build Coastguard Worker }
368*6236dae4SAndroid Build Coastguard Worker
369*6236dae4SAndroid Build Coastguard Worker /* Compress */
370*6236dae4SAndroid Build Coastguard Worker #define RND(a,b,c,d,e,f,g,h,i) \
371*6236dae4SAndroid Build Coastguard Worker do { \
372*6236dae4SAndroid Build Coastguard Worker unsigned long t0 = h + Sigma1(e) + Sha256_Ch(e, f, g) + K[i] + W[i]; \
373*6236dae4SAndroid Build Coastguard Worker unsigned long t1 = Sigma0(a) + Sha256_Maj(a, b, c); \
374*6236dae4SAndroid Build Coastguard Worker d += t0; \
375*6236dae4SAndroid Build Coastguard Worker h = t0 + t1; \
376*6236dae4SAndroid Build Coastguard Worker } while(0)
377*6236dae4SAndroid Build Coastguard Worker
378*6236dae4SAndroid Build Coastguard Worker for(i = 0; i < 64; ++i) {
379*6236dae4SAndroid Build Coastguard Worker unsigned long t;
380*6236dae4SAndroid Build Coastguard Worker RND(S[0], S[1], S[2], S[3], S[4], S[5], S[6], S[7], i);
381*6236dae4SAndroid Build Coastguard Worker t = S[7]; S[7] = S[6]; S[6] = S[5]; S[5] = S[4];
382*6236dae4SAndroid Build Coastguard Worker S[4] = S[3]; S[3] = S[2]; S[2] = S[1]; S[1] = S[0]; S[0] = t;
383*6236dae4SAndroid Build Coastguard Worker }
384*6236dae4SAndroid Build Coastguard Worker
385*6236dae4SAndroid Build Coastguard Worker /* Feedback */
386*6236dae4SAndroid Build Coastguard Worker for(i = 0; i < 8; i++) {
387*6236dae4SAndroid Build Coastguard Worker md->state[i] = md->state[i] + S[i];
388*6236dae4SAndroid Build Coastguard Worker }
389*6236dae4SAndroid Build Coastguard Worker
390*6236dae4SAndroid Build Coastguard Worker return 0;
391*6236dae4SAndroid Build Coastguard Worker }
392*6236dae4SAndroid Build Coastguard Worker
393*6236dae4SAndroid Build Coastguard Worker /* Initialize the hash state */
my_sha256_init(void * in)394*6236dae4SAndroid Build Coastguard Worker static CURLcode my_sha256_init(void *in)
395*6236dae4SAndroid Build Coastguard Worker {
396*6236dae4SAndroid Build Coastguard Worker struct sha256_state *md = (struct sha256_state *)in;
397*6236dae4SAndroid Build Coastguard Worker md->curlen = 0;
398*6236dae4SAndroid Build Coastguard Worker md->length = 0;
399*6236dae4SAndroid Build Coastguard Worker md->state[0] = 0x6A09E667UL;
400*6236dae4SAndroid Build Coastguard Worker md->state[1] = 0xBB67AE85UL;
401*6236dae4SAndroid Build Coastguard Worker md->state[2] = 0x3C6EF372UL;
402*6236dae4SAndroid Build Coastguard Worker md->state[3] = 0xA54FF53AUL;
403*6236dae4SAndroid Build Coastguard Worker md->state[4] = 0x510E527FUL;
404*6236dae4SAndroid Build Coastguard Worker md->state[5] = 0x9B05688CUL;
405*6236dae4SAndroid Build Coastguard Worker md->state[6] = 0x1F83D9ABUL;
406*6236dae4SAndroid Build Coastguard Worker md->state[7] = 0x5BE0CD19UL;
407*6236dae4SAndroid Build Coastguard Worker
408*6236dae4SAndroid Build Coastguard Worker return CURLE_OK;
409*6236dae4SAndroid Build Coastguard Worker }
410*6236dae4SAndroid Build Coastguard Worker
411*6236dae4SAndroid Build Coastguard Worker /*
412*6236dae4SAndroid Build Coastguard Worker Process a block of memory though the hash
413*6236dae4SAndroid Build Coastguard Worker @param md The hash state
414*6236dae4SAndroid Build Coastguard Worker @param in The data to hash
415*6236dae4SAndroid Build Coastguard Worker @param inlen The length of the data (octets)
416*6236dae4SAndroid Build Coastguard Worker */
my_sha256_update(void * ctx,const unsigned char * in,unsigned int len)417*6236dae4SAndroid Build Coastguard Worker static void my_sha256_update(void *ctx,
418*6236dae4SAndroid Build Coastguard Worker const unsigned char *in,
419*6236dae4SAndroid Build Coastguard Worker unsigned int len)
420*6236dae4SAndroid Build Coastguard Worker {
421*6236dae4SAndroid Build Coastguard Worker unsigned long inlen = len;
422*6236dae4SAndroid Build Coastguard Worker unsigned long n;
423*6236dae4SAndroid Build Coastguard Worker struct sha256_state *md = (struct sha256_state *)ctx;
424*6236dae4SAndroid Build Coastguard Worker #define CURL_SHA256_BLOCK_SIZE 64
425*6236dae4SAndroid Build Coastguard Worker if(md->curlen > sizeof(md->buf))
426*6236dae4SAndroid Build Coastguard Worker return;
427*6236dae4SAndroid Build Coastguard Worker while(inlen > 0) {
428*6236dae4SAndroid Build Coastguard Worker if(md->curlen == 0 && inlen >= CURL_SHA256_BLOCK_SIZE) {
429*6236dae4SAndroid Build Coastguard Worker if(sha256_compress(md, (unsigned char *)in) < 0)
430*6236dae4SAndroid Build Coastguard Worker return;
431*6236dae4SAndroid Build Coastguard Worker md->length += CURL_SHA256_BLOCK_SIZE * 8;
432*6236dae4SAndroid Build Coastguard Worker in += CURL_SHA256_BLOCK_SIZE;
433*6236dae4SAndroid Build Coastguard Worker inlen -= CURL_SHA256_BLOCK_SIZE;
434*6236dae4SAndroid Build Coastguard Worker }
435*6236dae4SAndroid Build Coastguard Worker else {
436*6236dae4SAndroid Build Coastguard Worker n = CURLMIN(inlen, (CURL_SHA256_BLOCK_SIZE - md->curlen));
437*6236dae4SAndroid Build Coastguard Worker memcpy(md->buf + md->curlen, in, n);
438*6236dae4SAndroid Build Coastguard Worker md->curlen += n;
439*6236dae4SAndroid Build Coastguard Worker in += n;
440*6236dae4SAndroid Build Coastguard Worker inlen -= n;
441*6236dae4SAndroid Build Coastguard Worker if(md->curlen == CURL_SHA256_BLOCK_SIZE) {
442*6236dae4SAndroid Build Coastguard Worker if(sha256_compress(md, md->buf) < 0)
443*6236dae4SAndroid Build Coastguard Worker return;
444*6236dae4SAndroid Build Coastguard Worker md->length += 8 * CURL_SHA256_BLOCK_SIZE;
445*6236dae4SAndroid Build Coastguard Worker md->curlen = 0;
446*6236dae4SAndroid Build Coastguard Worker }
447*6236dae4SAndroid Build Coastguard Worker }
448*6236dae4SAndroid Build Coastguard Worker }
449*6236dae4SAndroid Build Coastguard Worker }
450*6236dae4SAndroid Build Coastguard Worker
451*6236dae4SAndroid Build Coastguard Worker /*
452*6236dae4SAndroid Build Coastguard Worker Terminate the hash to get the digest
453*6236dae4SAndroid Build Coastguard Worker @param md The hash state
454*6236dae4SAndroid Build Coastguard Worker @param out [out] The destination of the hash (32 bytes)
455*6236dae4SAndroid Build Coastguard Worker @return 0 if successful
456*6236dae4SAndroid Build Coastguard Worker */
my_sha256_final(unsigned char * out,void * ctx)457*6236dae4SAndroid Build Coastguard Worker static void my_sha256_final(unsigned char *out, void *ctx)
458*6236dae4SAndroid Build Coastguard Worker {
459*6236dae4SAndroid Build Coastguard Worker struct sha256_state *md = ctx;
460*6236dae4SAndroid Build Coastguard Worker int i;
461*6236dae4SAndroid Build Coastguard Worker
462*6236dae4SAndroid Build Coastguard Worker if(md->curlen >= sizeof(md->buf))
463*6236dae4SAndroid Build Coastguard Worker return;
464*6236dae4SAndroid Build Coastguard Worker
465*6236dae4SAndroid Build Coastguard Worker /* Increase the length of the message */
466*6236dae4SAndroid Build Coastguard Worker md->length += md->curlen * 8;
467*6236dae4SAndroid Build Coastguard Worker
468*6236dae4SAndroid Build Coastguard Worker /* Append the '1' bit */
469*6236dae4SAndroid Build Coastguard Worker md->buf[md->curlen++] = (unsigned char)0x80;
470*6236dae4SAndroid Build Coastguard Worker
471*6236dae4SAndroid Build Coastguard Worker /* If the length is currently above 56 bytes we append zeros
472*6236dae4SAndroid Build Coastguard Worker * then compress. Then we can fall back to padding zeros and length
473*6236dae4SAndroid Build Coastguard Worker * encoding like normal.
474*6236dae4SAndroid Build Coastguard Worker */
475*6236dae4SAndroid Build Coastguard Worker if(md->curlen > 56) {
476*6236dae4SAndroid Build Coastguard Worker while(md->curlen < 64) {
477*6236dae4SAndroid Build Coastguard Worker md->buf[md->curlen++] = (unsigned char)0;
478*6236dae4SAndroid Build Coastguard Worker }
479*6236dae4SAndroid Build Coastguard Worker sha256_compress(md, md->buf);
480*6236dae4SAndroid Build Coastguard Worker md->curlen = 0;
481*6236dae4SAndroid Build Coastguard Worker }
482*6236dae4SAndroid Build Coastguard Worker
483*6236dae4SAndroid Build Coastguard Worker /* Pad up to 56 bytes of zeroes */
484*6236dae4SAndroid Build Coastguard Worker while(md->curlen < 56) {
485*6236dae4SAndroid Build Coastguard Worker md->buf[md->curlen++] = (unsigned char)0;
486*6236dae4SAndroid Build Coastguard Worker }
487*6236dae4SAndroid Build Coastguard Worker
488*6236dae4SAndroid Build Coastguard Worker /* Store length */
489*6236dae4SAndroid Build Coastguard Worker WPA_PUT_BE64(md->buf + 56, md->length);
490*6236dae4SAndroid Build Coastguard Worker sha256_compress(md, md->buf);
491*6236dae4SAndroid Build Coastguard Worker
492*6236dae4SAndroid Build Coastguard Worker /* Copy output */
493*6236dae4SAndroid Build Coastguard Worker for(i = 0; i < 8; i++)
494*6236dae4SAndroid Build Coastguard Worker WPA_PUT_BE32(out + (4 * i), md->state[i]);
495*6236dae4SAndroid Build Coastguard Worker }
496*6236dae4SAndroid Build Coastguard Worker
497*6236dae4SAndroid Build Coastguard Worker #endif /* CRYPTO LIBS */
498*6236dae4SAndroid Build Coastguard Worker
499*6236dae4SAndroid Build Coastguard Worker /*
500*6236dae4SAndroid Build Coastguard Worker * Curl_sha256it()
501*6236dae4SAndroid Build Coastguard Worker *
502*6236dae4SAndroid Build Coastguard Worker * Generates a SHA256 hash for the given input data.
503*6236dae4SAndroid Build Coastguard Worker *
504*6236dae4SAndroid Build Coastguard Worker * Parameters:
505*6236dae4SAndroid Build Coastguard Worker *
506*6236dae4SAndroid Build Coastguard Worker * output [in/out] - The output buffer.
507*6236dae4SAndroid Build Coastguard Worker * input [in] - The input data.
508*6236dae4SAndroid Build Coastguard Worker * length [in] - The input length.
509*6236dae4SAndroid Build Coastguard Worker *
510*6236dae4SAndroid Build Coastguard Worker * Returns CURLE_OK on success.
511*6236dae4SAndroid Build Coastguard Worker */
Curl_sha256it(unsigned char * output,const unsigned char * input,const size_t length)512*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_sha256it(unsigned char *output, const unsigned char *input,
513*6236dae4SAndroid Build Coastguard Worker const size_t length)
514*6236dae4SAndroid Build Coastguard Worker {
515*6236dae4SAndroid Build Coastguard Worker CURLcode result;
516*6236dae4SAndroid Build Coastguard Worker my_sha256_ctx ctx;
517*6236dae4SAndroid Build Coastguard Worker
518*6236dae4SAndroid Build Coastguard Worker result = my_sha256_init(&ctx);
519*6236dae4SAndroid Build Coastguard Worker if(!result) {
520*6236dae4SAndroid Build Coastguard Worker my_sha256_update(&ctx, input, curlx_uztoui(length));
521*6236dae4SAndroid Build Coastguard Worker my_sha256_final(output, &ctx);
522*6236dae4SAndroid Build Coastguard Worker }
523*6236dae4SAndroid Build Coastguard Worker return result;
524*6236dae4SAndroid Build Coastguard Worker }
525*6236dae4SAndroid Build Coastguard Worker
526*6236dae4SAndroid Build Coastguard Worker
527*6236dae4SAndroid Build Coastguard Worker const struct HMAC_params Curl_HMAC_SHA256 = {
528*6236dae4SAndroid Build Coastguard Worker my_sha256_init, /* Hash initialization function. */
529*6236dae4SAndroid Build Coastguard Worker my_sha256_update, /* Hash update function. */
530*6236dae4SAndroid Build Coastguard Worker my_sha256_final, /* Hash computation end function. */
531*6236dae4SAndroid Build Coastguard Worker sizeof(my_sha256_ctx), /* Size of hash context structure. */
532*6236dae4SAndroid Build Coastguard Worker 64, /* Maximum key length. */
533*6236dae4SAndroid Build Coastguard Worker 32 /* Result size. */
534*6236dae4SAndroid Build Coastguard Worker };
535*6236dae4SAndroid Build Coastguard Worker
536*6236dae4SAndroid Build Coastguard Worker
537*6236dae4SAndroid Build Coastguard Worker #endif /* AWS, DIGEST, or libssh2 */
538