studio/cli
2
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 4 Wiki Activity

chore: checkpoint before Python removal

Browse Source
This commit is contained in:
Sienna Meridian Satterwhite
2026-03-26 22:33:59 +00:00
parent 683cec9307
commit e568ddf82a
29972 changed files with 11269302 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

317
vendor/aws-lc-sys/aws-lc/crypto/fipsmodule/digest/digest.c vendored Normal file
View File

@@ -0,0 +1,317 @@
// Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved.
// SPDX-License-Identifier: Apache-2.0
#include <assert.h>
#include <openssl/digest.h>
#include <openssl/err.h>
#include "../../internal.h"
#include "../evp/internal.h"
#include "internal.h"
void EVP_MD_unstable_sha3_enable(bool enable) { // no-op
}
bool EVP_MD_unstable_sha3_is_enabled(void) { return true; }
int EVP_MD_type(const EVP_MD *md) { return md->type; }
int EVP_MD_nid(const EVP_MD *md) { return EVP_MD_type(md); }
uint32_t EVP_MD_flags(const EVP_MD *md) { return md->flags; }
size_t EVP_MD_size(const EVP_MD *md) { return md->md_size; }
size_t EVP_MD_block_size(const EVP_MD *md) { return md->block_size; }
void EVP_MD_CTX_init(EVP_MD_CTX *ctx) {
OPENSSL_memset(ctx, 0, sizeof(EVP_MD_CTX));
}
EVP_MD_CTX *EVP_MD_CTX_new(void) {
EVP_MD_CTX *ctx = OPENSSL_zalloc(sizeof(EVP_MD_CTX));
if (ctx) {
// NO-OP: struct already zeroed
//EVP_MD_CTX_init(ctx);
}
return ctx;
}
EVP_MD_CTX *EVP_MD_CTX_create(void) { return EVP_MD_CTX_new(); }
int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) {
if (ctx == NULL) {
return 1;
}
OPENSSL_free(ctx->md_data);
assert(ctx->pctx == NULL || ctx->pctx_ops != NULL);
// |pctx| should be freed by the user of |EVP_MD_CTX| if
// |EVP_MD_CTX_FLAG_KEEP_PKEY_CTX| is set. Everything other than the external |pctx| that |ctx->pctx| was pointing to is cleaned up when the flag is set.
if (ctx->pctx_ops && !(ctx->flags & EVP_MD_CTX_FLAG_KEEP_PKEY_CTX)) {
ctx->pctx_ops->free(ctx->pctx);
}
EVP_MD_CTX_init(ctx);
return 1;
}
void EVP_MD_CTX_cleanse(EVP_MD_CTX *ctx) {
if (ctx == NULL || ctx->md_data == NULL || ctx->digest == NULL) {
return;
}
OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
EVP_MD_CTX_cleanup(ctx);
}
void EVP_MD_CTX_free(EVP_MD_CTX *ctx) {
if (!ctx) {
return;
}
EVP_MD_CTX_cleanup(ctx);
OPENSSL_free(ctx);
}
void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx) { EVP_MD_CTX_free(ctx); }
// EVP_DigestFinalXOF is a single-call XOF output generation function.
// The |ctx->digest| check prevents calling EVP_DigestFinalXOF consecutively.
// To catch single-call XOF EVP_DigestFinalXOF calls after |EVP_DigestSqueeze|,
// the return |SHAKE_Final| value is used (the check is internally performed via
// the |KECCAK1600_CTX *ctx| state flag).
int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, uint8_t *out, size_t len) {
if (ctx->digest == NULL) {
return 0;
}
if ((EVP_MD_flags(ctx->digest) & EVP_MD_FLAG_XOF) == 0) {
OPENSSL_PUT_ERROR(DIGEST, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
int ok = ctx->digest->finalXOF(ctx, out, len);
EVP_MD_CTX_cleanse(ctx);
return ok;
}
// EVP_DigestSqueeze is a streaming XOF output squeeze function
// It can be called multiple times to generate an output of length
// |len| bytes.
int EVP_DigestSqueeze(EVP_MD_CTX *ctx, uint8_t *out, size_t len) {
if (ctx->digest == NULL) {
return 0;
}
if ((EVP_MD_flags(ctx->digest) & EVP_MD_FLAG_XOF) == 0) {
OPENSSL_PUT_ERROR(DIGEST, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
ctx->digest->squeezeXOF(ctx, out, len);
return 1;
}
uint32_t EVP_MD_meth_get_flags(const EVP_MD *md) { return EVP_MD_flags(md); }
void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags) {}
int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) {
// |in->digest| may be NULL if this is a signing |EVP_MD_CTX| for, e.g.,
// Ed25519 which does not hash with |EVP_MD_CTX|.
if (in == NULL || (in->pctx == NULL && in->digest == NULL)) {
OPENSSL_PUT_ERROR(DIGEST, DIGEST_R_INPUT_NOT_INITIALIZED);
return 0;
}
EVP_PKEY_CTX *pctx = NULL;
assert(in->pctx == NULL || in->pctx_ops != NULL);
if (in->pctx) {
pctx = in->pctx_ops->dup(in->pctx);
if (!pctx) {
return 0;
}
}
uint8_t *tmp_buf = NULL;
if (in->digest != NULL) {
if (out->digest != in->digest) {
assert(in->digest->ctx_size != 0);
tmp_buf = OPENSSL_malloc(in->digest->ctx_size);
if (tmp_buf == NULL) {
if (pctx) {
in->pctx_ops->free(pctx);
}
return 0;
}
} else {
// |md_data| will be the correct size in this case. It's removed from
// |out| so that |EVP_MD_CTX_cleanup| doesn't free it, and then it's
// reused.
tmp_buf = out->md_data;
out->md_data = NULL;
}
}
EVP_MD_CTX_cleanup(out);
out->digest = in->digest;
out->md_data = tmp_buf;
if (in->digest != NULL && in->md_data != NULL) {
OPENSSL_memcpy(out->md_data, in->md_data, in->digest->ctx_size);
}
out->update = in->update;
out->flags = in->flags;
// copied |EVP_MD_CTX| should free its newly allocated |EVP_PKEY_CTX|.
out->flags &= ~EVP_MD_CTX_FLAG_KEEP_PKEY_CTX;
out->pctx = pctx;
out->pctx_ops = in->pctx_ops;
assert(out->pctx == NULL || out->pctx_ops != NULL);
return 1;
}
void EVP_MD_CTX_move(EVP_MD_CTX *out, EVP_MD_CTX *in) {
EVP_MD_CTX_cleanup(out);
// While not guaranteed, |EVP_MD_CTX| is currently safe to move with |memcpy|.
OPENSSL_memcpy(out, in, sizeof(EVP_MD_CTX));
EVP_MD_CTX_init(in);
}
int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) {
EVP_MD_CTX_init(out);
return EVP_MD_CTX_copy_ex(out, in);
}
int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) {
EVP_MD_CTX_cleanup(ctx);
EVP_MD_CTX_init(ctx);
return 1;
}
int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *engine) {
if (ctx->digest != type) {
ctx->digest = type;
if (!used_for_hmac(ctx)) {
assert(type->ctx_size != 0);
ctx->update = type->update;
uint8_t *md_data = OPENSSL_malloc(type->ctx_size);
if (md_data == NULL) {
return 0;
}
OPENSSL_free(ctx->md_data);
ctx->md_data = md_data;
}
}
assert(ctx->pctx == NULL || ctx->pctx_ops != NULL);
if (used_for_hmac(ctx)) {
// These configurations are specific to |EVP_PKEY_HMAC|. |HMAC_PKEY_CTX| is
// newly allocated by |EVP_DigestSignInit| at this point. The actual key
// data is stored in |ctx->pkey| as |HMAC_KEY|.
if (ctx->pctx == NULL || ctx->pctx->data == NULL ||
ctx->pctx->pkey == NULL || ctx->pctx->pkey->pkey.ptr == NULL) {
return 0;
}
const HMAC_KEY *key = ctx->pctx->pkey->pkey.ptr;
HMAC_PKEY_CTX *hmac_pctx = ctx->pctx->data;
if (!HMAC_Init_ex(&hmac_pctx->ctx, key->key, key->key_len, hmac_pctx->md,
ctx->pctx->engine)) {
return 0;
}
return 1;
}
ctx->digest->init(ctx);
return 1;
}
int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) {
EVP_MD_CTX_init(ctx);
return EVP_DigestInit_ex(ctx, type, NULL);
}
int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t len) {
if (ctx->update == NULL) {
return 0;
}
return ctx->update(ctx, data, len);
}
int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, uint8_t *md_out, unsigned int *size) {
if (ctx->digest == NULL) {
return 0;
}
if (EVP_MD_flags(ctx->digest) & EVP_MD_FLAG_XOF) {
OPENSSL_PUT_ERROR(DIGEST, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
ctx->digest->final(ctx, md_out);
if (size != NULL) {
*size = ctx->digest->md_size;
}
OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
return 1;
}
int EVP_DigestFinal(EVP_MD_CTX *ctx, uint8_t *md, unsigned int *size) {
int ok = EVP_DigestFinal_ex(ctx, md, size);
EVP_MD_CTX_cleanup(ctx);
return ok;
}
int EVP_Digest(const void *data, size_t count, uint8_t *out_md,
unsigned int *out_size, const EVP_MD *type, ENGINE *impl) {
EVP_MD_CTX ctx;
int ret;
if ((EVP_MD_flags(type) & EVP_MD_FLAG_XOF) && out_size == NULL) {
OPENSSL_PUT_ERROR(DIGEST, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
EVP_MD_CTX_init(&ctx);
ret = EVP_DigestInit_ex(&ctx, type, impl) &&
EVP_DigestUpdate(&ctx, data, count);
if (ret == 0) {
EVP_MD_CTX_cleanup(&ctx);
return 0;
}
if (EVP_MD_flags(type) & EVP_MD_FLAG_XOF) {
ret &= EVP_DigestFinalXOF(&ctx, out_md, *out_size);
} else {
ret &= EVP_DigestFinal(&ctx, out_md, out_size);
}
return ret;
}
const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx) {
if (ctx == NULL) {
return NULL;
}
return ctx->digest;
}
size_t EVP_MD_CTX_size(const EVP_MD_CTX *ctx) {
return EVP_MD_size(EVP_MD_CTX_md(ctx));
}
size_t EVP_MD_CTX_block_size(const EVP_MD_CTX *ctx) {
return EVP_MD_block_size(EVP_MD_CTX_md(ctx));
}
int EVP_MD_CTX_type(const EVP_MD_CTX *ctx) {
return EVP_MD_type(EVP_MD_CTX_md(ctx));
}
int EVP_add_digest(const EVP_MD *digest) { return 1; }

493
vendor/aws-lc-sys/aws-lc/crypto/fipsmodule/digest/digests.c vendored Normal file
View File

@@ -0,0 +1,493 @@
// Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved.
// SPDX-License-Identifier: Apache-2.0
#include <openssl/digest.h>
#include <assert.h>
#include <string.h>
#include <openssl/md5.h>
#include <openssl/nid.h>
#include <openssl/ripemd.h>
#include <openssl/sha.h>
#include "../../internal.h"
#include "../sha/internal.h"
#include "internal.h"
static void md5_init(EVP_MD_CTX *ctx) {
AWSLC_ASSERT(MD5_Init(ctx->md_data));
}
static int md5_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
// MD5_Update always returns 1. Internally called function
// |crypto_md32_update| is void. For test consistency and future
// compatibility, the return value is propagated and returned
return MD5_Update(ctx->md_data, data, count);
}
static void md5_final(EVP_MD_CTX *ctx, uint8_t *out) {
AWSLC_ASSERT(MD5_Final(out, ctx->md_data));
}
DEFINE_METHOD_FUNCTION(EVP_MD, EVP_md5) {
out->type = NID_md5;
out->md_size = MD5_DIGEST_LENGTH;
out->flags = 0;
out->init = md5_init;
out->update = md5_update;
out->final = md5_final;
out->squeezeXOF = NULL;
out->finalXOF = NULL;
out->block_size = 64;
out->ctx_size = sizeof(MD5_CTX);
}
static void ripemd160_init(EVP_MD_CTX *ctx) {
AWSLC_ASSERT(RIPEMD160_Init(ctx->md_data));
}
static int ripemd160_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
// RIPEMD160_Update always returns 1. Internally called function
// |crypto_md32_update| is void. For test consistency and future
// compatibility, the return value is propagated and returned
return RIPEMD160_Update(ctx->md_data, data, count);
}
static void ripemd160_final(EVP_MD_CTX *ctx, uint8_t *out) {
AWSLC_ASSERT(RIPEMD160_Final(out, ctx->md_data));
}
DEFINE_METHOD_FUNCTION(EVP_MD, EVP_ripemd160) {
out->type = NID_ripemd160;
out->md_size = RIPEMD160_DIGEST_LENGTH;
out->flags = 0;
out->init = ripemd160_init;
out->update = ripemd160_update;
out->final = ripemd160_final;
out->squeezeXOF = NULL;
out->finalXOF = NULL;
out->block_size = 64;
out->ctx_size = sizeof(RIPEMD160_CTX);
}
static void sha1_init(EVP_MD_CTX *ctx) {
AWSLC_ASSERT(SHA1_Init(ctx->md_data));
}
static int sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
// SHA1_Update always returns 1. Internally called function
// |crypto_md32_update| is void. For test consistency and future
// compatibility, the return value is propagated and returned
return SHA1_Update(ctx->md_data, data, count);
}
static void sha1_final(EVP_MD_CTX *ctx, uint8_t *md) {
AWSLC_ASSERT(SHA1_Final(md, ctx->md_data));
}
DEFINE_METHOD_FUNCTION(EVP_MD, EVP_sha1) {
out->type = NID_sha1;
out->md_size = SHA_DIGEST_LENGTH;
out->flags = 0;
out->init = sha1_init;
out->update = sha1_update;
out->final = sha1_final;
out->squeezeXOF = NULL;
out->finalXOF = NULL;
out->block_size = 64;
out->ctx_size = sizeof(SHA_CTX);
}
static void sha224_init(EVP_MD_CTX *ctx) {
AWSLC_ASSERT(SHA224_Init(ctx->md_data));
}
static int sha224_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
// SHA224_Update always returns 1. Internally called function
// |crypto_md32_update| through |SHA256_Update| is void. For test consistency
// and future compatibility, the return value is propagated and returned
return SHA224_Update(ctx->md_data, data, count);
}
static void sha224_final(EVP_MD_CTX *ctx, uint8_t *md) {
AWSLC_ASSERT(SHA224_Final(md, ctx->md_data));
}
DEFINE_METHOD_FUNCTION(EVP_MD, EVP_sha224) {
out->type = NID_sha224;
out->md_size = SHA224_DIGEST_LENGTH;
out->flags = 0;
out->init = sha224_init;
out->update = sha224_update;
out->final = sha224_final;
out->squeezeXOF = NULL;
out->finalXOF = NULL;
out->block_size = 64;
out->ctx_size = sizeof(SHA256_CTX);
}
static void sha256_init(EVP_MD_CTX *ctx) {
AWSLC_ASSERT(SHA256_Init(ctx->md_data));
}
static int sha256_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
// SHA256_Update always returns 1. Internally called function
// |crypto_md32_update| is void. For test consistency and future
// compatibility, the return value is propagated and returned
return SHA256_Update(ctx->md_data, data, count);
}
static void sha256_final(EVP_MD_CTX *ctx, uint8_t *md) {
AWSLC_ASSERT(SHA256_Final(md, ctx->md_data));
}
DEFINE_METHOD_FUNCTION(EVP_MD, EVP_sha256) {
out->type = NID_sha256;
out->md_size = SHA256_DIGEST_LENGTH;
out->flags = 0;
out->init = sha256_init;
out->update = sha256_update;
out->final = sha256_final;
out->squeezeXOF = NULL;
out->finalXOF = NULL;
out->block_size = 64;
out->ctx_size = sizeof(SHA256_CTX);
}
static void sha384_init(EVP_MD_CTX *ctx) {
AWSLC_ASSERT(SHA384_Init(ctx->md_data));
}
static int sha384_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
// SHA384_Update always returns 1. Internally called function
// |SHA512_Update| always returns 1. For test consistency
// and future compatibility, the return value is propagated and returned
return SHA384_Update(ctx->md_data, data, count);
}
static void sha384_final(EVP_MD_CTX *ctx, uint8_t *md) {
AWSLC_ASSERT(SHA384_Final(md, ctx->md_data));
}
DEFINE_METHOD_FUNCTION(EVP_MD, EVP_sha384) {
out->type = NID_sha384;
out->md_size = SHA384_DIGEST_LENGTH;
out->flags = 0;
out->init = sha384_init;
out->update = sha384_update;
out->final = sha384_final;
out->squeezeXOF = NULL;
out->finalXOF = NULL;
out->block_size = 128;
out->ctx_size = sizeof(SHA512_CTX);
}
static void sha512_init(EVP_MD_CTX *ctx) {
AWSLC_ASSERT(SHA512_Init(ctx->md_data));
}
static int sha512_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
// SHA512_Update always returns 1. For test consistency
// and future compatibility, the return value is propagated and returned
return SHA512_Update(ctx->md_data, data, count);
}
static void sha512_final(EVP_MD_CTX *ctx, uint8_t *md) {
AWSLC_ASSERT(SHA512_Final(md, ctx->md_data));
}
DEFINE_METHOD_FUNCTION(EVP_MD, EVP_sha512) {
out->type = NID_sha512;
out->md_size = SHA512_DIGEST_LENGTH;
out->flags = 0;
out->init = sha512_init;
out->update = sha512_update;
out->final = sha512_final;
out->squeezeXOF = NULL;
out->finalXOF = NULL;
out->block_size = 128;
out->ctx_size = sizeof(SHA512_CTX);
}
static void sha512_224_init(EVP_MD_CTX *ctx) {
AWSLC_ASSERT(SHA512_224_Init(ctx->md_data));
}
static int sha512_224_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
// SHA512_224_Update always returns 1. Internally called function
// |SHA512_Update| always returns 1. For test consistency
// and future compatibility, the return value is propagated and returned
return SHA512_224_Update(ctx->md_data, data, count);
}
static void sha512_224_final(EVP_MD_CTX *ctx, uint8_t *md) {
AWSLC_ASSERT(SHA512_224_Final(md, ctx->md_data));
}
DEFINE_METHOD_FUNCTION(EVP_MD, EVP_sha512_224) {
out->type = NID_sha512_224;
out->md_size = SHA512_224_DIGEST_LENGTH;
out->flags = 0;
out->init = sha512_224_init;
out->update = sha512_224_update;
out->final = sha512_224_final;
out->squeezeXOF = NULL;
out->finalXOF = NULL;
out->block_size = 128;
out->ctx_size = sizeof(SHA512_CTX);
}
static void sha512_256_init(EVP_MD_CTX *ctx) {
AWSLC_ASSERT(SHA512_256_Init(ctx->md_data));
}
static int sha512_256_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
// SHA512_256_Update always returns 1. Internally called function
// |SHA512_Update| always returns 1. For test consistency
// and future compatibility, the return value is propagated and returned
return SHA512_256_Update(ctx->md_data, data, count);
}
static void sha512_256_final(EVP_MD_CTX *ctx, uint8_t *md) {
AWSLC_ASSERT(SHA512_256_Final(md, ctx->md_data));
}
DEFINE_METHOD_FUNCTION(EVP_MD, EVP_sha512_256) {
out->type = NID_sha512_256;
out->md_size = SHA512_256_DIGEST_LENGTH;
out->flags = 0;
out->init = sha512_256_init;
out->update = sha512_256_update;
out->final = sha512_256_final;
out->squeezeXOF = NULL;
out->finalXOF = NULL;
out->block_size = 128;
out->ctx_size = sizeof(SHA512_CTX);
}
static void sha3_224_init(EVP_MD_CTX *ctx) {
AWSLC_ASSERT(SHA3_Init(ctx->md_data, SHA3_224_DIGEST_BITLENGTH));
}
static int sha3_224_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
// SHA3_Update returns 1 on success and 0 on failure.
return SHA3_Update(ctx->md_data, data, count);
}
static void sha3_224_final(EVP_MD_CTX *ctx, uint8_t *md) {
AWSLC_ASSERT(SHA3_Final(md, ctx->md_data));
}
DEFINE_METHOD_FUNCTION(EVP_MD, EVP_sha3_224) {
out->type = NID_sha3_224;
out->md_size = SHA3_224_DIGEST_LENGTH;
out->flags = 0;
out->init = sha3_224_init;
out->update = sha3_224_update;
out->final = sha3_224_final;
out->squeezeXOF = NULL;
out->finalXOF = NULL;
out->block_size = SHA3_BLOCKSIZE(SHA3_224_DIGEST_BITLENGTH);
out->ctx_size = sizeof(KECCAK1600_CTX);
}
static void sha3_256_init(EVP_MD_CTX *ctx) {
AWSLC_ASSERT(SHA3_Init(ctx->md_data, SHA3_256_DIGEST_BITLENGTH));
}
static int sha3_256_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
// SHA3_Update returns 1 on success and 0 on failure.
return SHA3_Update(ctx->md_data, data, count);
}
static void sha3_256_final(EVP_MD_CTX *ctx, uint8_t *md) {
AWSLC_ASSERT(SHA3_Final(md, ctx->md_data));
}
DEFINE_METHOD_FUNCTION(EVP_MD, EVP_sha3_256) {
out->type = NID_sha3_256;
out->md_size = SHA3_256_DIGEST_LENGTH;
out->flags = 0;
out->init = sha3_256_init;
out->update = sha3_256_update;
out->final = sha3_256_final;
out->squeezeXOF = NULL;
out->finalXOF = NULL;
out->block_size = SHA3_BLOCKSIZE(SHA3_256_DIGEST_BITLENGTH);
out->ctx_size = sizeof(KECCAK1600_CTX);
}
static void sha3_384_init(EVP_MD_CTX *ctx) {
AWSLC_ASSERT(SHA3_Init(ctx->md_data, SHA3_384_DIGEST_BITLENGTH));
}
static int sha3_384_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
// SHA3_Update returns 1 on success and 0 on failure.
return SHA3_Update(ctx->md_data, data, count);
}
static void sha3_384_final(EVP_MD_CTX *ctx, uint8_t *md) {
AWSLC_ASSERT(SHA3_Final(md, ctx->md_data));
}
DEFINE_METHOD_FUNCTION(EVP_MD, EVP_sha3_384) {
out->type = NID_sha3_384;
out->md_size = SHA3_384_DIGEST_LENGTH;
out->flags = 0;
out->init = sha3_384_init;
out->update = sha3_384_update;
out->final = sha3_384_final;
out->squeezeXOF = NULL;
out->finalXOF = NULL;
out->block_size = SHA3_BLOCKSIZE(SHA3_384_DIGEST_BITLENGTH);
out->ctx_size = sizeof(KECCAK1600_CTX);
}
static void sha3_512_init(EVP_MD_CTX *ctx) {
AWSLC_ASSERT(SHA3_Init(ctx->md_data, SHA3_512_DIGEST_BITLENGTH));
}
static int sha3_512_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
// SHA3_Update returns 1 on success and 0 on failure.
return SHA3_Update(ctx->md_data, data, count);
}
static void sha3_512_final(EVP_MD_CTX *ctx, uint8_t *md) {
AWSLC_ASSERT(SHA3_Final(md, ctx->md_data));
}
DEFINE_METHOD_FUNCTION(EVP_MD, EVP_sha3_512) {
out->type = NID_sha3_512;
out->md_size = SHA3_512_DIGEST_LENGTH;
out->flags = 0;
out->init = sha3_512_init;
out->update = sha3_512_update;
out->final = sha3_512_final;
out->squeezeXOF = NULL;
out->finalXOF = NULL;
out->block_size = SHA3_BLOCKSIZE(SHA3_512_DIGEST_BITLENGTH);
out->ctx_size = sizeof(KECCAK1600_CTX);
}
static void shake128_init(EVP_MD_CTX *ctx) {
AWSLC_ASSERT(SHAKE_Init(ctx->md_data, SHAKE128_BLOCKSIZE));
}
// shake128_update returns 1 on success and 0 on failure, returned
// from |SHAKE_Absorb|, to restrict update calls after |squeezeXOF|.
static int shake128_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
return SHAKE_Absorb(ctx->md_data, data, count);
}
// shake128_final returns 1 on success and 0 on failure,
// returned from |SHAKE_Final|, to restrict single-call SHAKE_Final
// calls after |squeezeXOF|.
static int shake128_final(EVP_MD_CTX *ctx, uint8_t *md, size_t len) {
return SHAKE_Final(md, ctx->md_data, len);
}
static void shake128_squeeze(EVP_MD_CTX *ctx, uint8_t *md, size_t len) {
AWSLC_ASSERT(SHAKE_Squeeze(md, ctx->md_data, len));
}
DEFINE_METHOD_FUNCTION(EVP_MD, EVP_shake128) {
out->type = NID_shake128;
out->md_size = 0;
out->flags = EVP_MD_FLAG_XOF;
out->init = shake128_init;
out->update = shake128_update;
out->final = NULL;
out->squeezeXOF = shake128_squeeze;
out->finalXOF = shake128_final;
out->block_size = SHAKE128_BLOCKSIZE;
out->ctx_size = sizeof(KECCAK1600_CTX);
}
static void shake256_init(EVP_MD_CTX *ctx) {
AWSLC_ASSERT(SHAKE_Init(ctx->md_data, SHAKE256_BLOCKSIZE));
}
// shake256_update returns 1 on success and 0 on failure, returned
// from |SHAKE_Absorb|, to restrict update calls after |squeezeXOF|.
static int shake256_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
return SHAKE_Absorb(ctx->md_data, data, count);
}
// shake256_final returns 1 on success and 0 on failure,
// returned from |SHAKE_Final|, to restrict single-call SHAKE_Final
// calls after |squeezeXOF|.
static int shake256_final(EVP_MD_CTX *ctx, uint8_t *md, size_t len) {
return SHAKE_Final(md, ctx->md_data, len);
}
static void shake256_squeeze(EVP_MD_CTX *ctx, uint8_t *md, size_t len) {
AWSLC_ASSERT(SHAKE_Squeeze(md, ctx->md_data, len));
}
DEFINE_METHOD_FUNCTION(EVP_MD, EVP_shake256) {
out->type = NID_shake256;
out->md_size = 0;
out->flags = EVP_MD_FLAG_XOF;
out->init = shake256_init;
out->update = shake256_update;
out->final = NULL;
out->squeezeXOF = shake256_squeeze;
out->finalXOF = shake256_final;
out->block_size = SHAKE256_BLOCKSIZE;
out->ctx_size = sizeof(KECCAK1600_CTX);
}
typedef struct {
MD5_CTX md5;
SHA_CTX sha1;
} MD5_SHA1_CTX;
static void md5_sha1_init(EVP_MD_CTX *md_ctx) {
MD5_SHA1_CTX *ctx = md_ctx->md_data;
AWSLC_ASSERT(MD5_Init(&ctx->md5) && SHA1_Init(&ctx->sha1));
}
static int md5_sha1_update(EVP_MD_CTX *md_ctx, const void *data,
size_t count) {
MD5_SHA1_CTX *ctx = md_ctx->md_data;
// MD5_Update and SHA1_Update always return 1. Internally called function
// |crypto_md32_update| always returns 1. For test consistency
// and future compatibility, the return value is propagated and returned
int ok = MD5_Update(&ctx->md5, data, count) &&
SHA1_Update(&ctx->sha1, data, count);
return ok;
}
static void md5_sha1_final(EVP_MD_CTX *md_ctx, uint8_t *out) {
MD5_SHA1_CTX *ctx = md_ctx->md_data;
AWSLC_ASSERT(MD5_Final(out, &ctx->md5) &&
SHA1_Final(out + MD5_DIGEST_LENGTH, &ctx->sha1));
}
DEFINE_METHOD_FUNCTION(EVP_MD, EVP_md5_sha1) {
out->type = NID_md5_sha1;
out->md_size = MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH;
out->flags = 0;
out->init = md5_sha1_init;
out->update = md5_sha1_update;
out->final = md5_sha1_final;
out->squeezeXOF = NULL;
out->finalXOF = NULL;
out->block_size = 64;
out->ctx_size = sizeof(MD5_SHA1_CTX);
}

76
vendor/aws-lc-sys/aws-lc/crypto/fipsmodule/digest/internal.h vendored Normal file
View File

@@ -0,0 +1,76 @@
// Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved.
// SPDX-License-Identifier: Apache-2.0
#ifndef OPENSSL_HEADER_DIGEST_INTERNAL_H
#define OPENSSL_HEADER_DIGEST_INTERNAL_H
#include <openssl/base.h>
#if defined(__cplusplus)
extern "C" {
#endif
// env_md_st is typoed ("evp" -> "env"), but the typo comes from OpenSSL and
// some consumers forward-declare these structures so we're leaving it alone.
struct env_md_st {
// type contains a NID identifing the digest function. (For example,
// NID_md5.)
int type;
// md_size contains the size, in bytes, of the resulting digest.
unsigned md_size;
// flags contains the OR of |EVP_MD_FLAG_*| values.
uint32_t flags;
// init initialises the state in |ctx->md_data|.
void (*init)(EVP_MD_CTX *ctx);
// update hashes |len| bytes of |data| into the state in |ctx->md_data|.
// Digest update functions propagate the internal functions return value.
// update calls after |final| are restricted via |ctx| check (|final|
// cleanses the |ctx|). Digest XOF update returns 1 on success and 0 on
// failure. Failures can only occur on a digest XOF update if called after
// |squeezeXOF| or |finalXOF|.
int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count);
// final completes the hash and writes |md_size| bytes of digest to |out|.
void (*final)(EVP_MD_CTX *ctx, uint8_t *out);
// block_size contains the hash's native block size.
unsigned block_size;
// ctx_size contains the size, in bytes, of the state of the hash function.
unsigned ctx_size;
// finalXOF completes the hash and writes |len| bytes of digest extended
// output to |out|. Digest XOF finalXOF function propagates the return
// value from |SHAKE_Final|, that is 1 on success and 0 on failure,
// to restrict single-call finalXOF calls after |squeezeXOF|.
int (*finalXOF)(EVP_MD_CTX *ctx, uint8_t *out, size_t len);
// squeezeXOF incrementally generates |len| bytes of digest extended output
// to |out|.
void (*squeezeXOF)(EVP_MD_CTX *ctx, uint8_t *out, size_t len);
};
// evp_md_pctx_ops contains function pointers to allow the |pctx| member of
// |EVP_MD_CTX| to be manipulated without breaking layering by calling EVP
// functions.
struct evp_md_pctx_ops {
// free is called when an |EVP_MD_CTX| is being freed and the |pctx| also
// needs to be freed.
void (*free)(EVP_PKEY_CTX *pctx);
// dup is called when an |EVP_MD_CTX| is copied and so the |pctx| also needs
// to be copied.
EVP_PKEY_CTX *(*dup)(EVP_PKEY_CTX *pctx);
};
#if defined(__cplusplus)
} // extern C
#endif
#endif // OPENSSL_HEADER_DIGEST_INTERNAL

150
vendor/aws-lc-sys/aws-lc/crypto/fipsmodule/digest/md32_common.h vendored Normal file
View File

@@ -0,0 +1,150 @@
// Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
// SPDX-License-Identifier: Apache-2.0
#ifndef OPENSSL_HEADER_DIGEST_MD32_COMMON_H
#define OPENSSL_HEADER_DIGEST_MD32_COMMON_H
#include <openssl/base.h>
#include <assert.h>
#include "../../internal.h"
#if defined(__cplusplus)
extern "C" {
#endif
// This is a generic 32-bit "collector" for message digest algorithms. It
// collects input character stream into chunks of 32-bit values and invokes the
// block function that performs the actual hash calculations.
//
// To make use of this mechanism, the hash context should be defined with the
// following parameters.
//
// typedef struct <name>_state_st {
// uint32_t h[<chaining length> / sizeof(uint32_t)];
// uint32_t Nl, Nh;
// uint8_t data[<block size>];
// unsigned num;
// ...
// } <NAME>_CTX;
//
// <chaining length> is the output length of the hash in bytes, before
// any truncation (e.g. 32 for SHA-224 and SHA-256, 64 for SHA-384 and
// SHA-512).
//
// |h| is the hash state and is updated by a function of type
// |crypto_md32_block_func|. |data| is the partial unprocessed block and has
// |num| bytes. |Nl| and |Nh| maintain the number of bits processed so far.
// A crypto_md32_block_func should incorporate |num_blocks| of input from |data|
// into |state|. It is assumed the caller has sized |state| and |data| for the
// hash function.
typedef void (*crypto_md32_block_func)(uint32_t *state, const uint8_t *data,
size_t num_blocks);
// crypto_md32_update adds |len| bytes from |in| to the digest. |data| must be a
// buffer of length |block_size| with the first |*num| bytes containing a
// partial block. This function combines the partial block with |in| and
// incorporates any complete blocks into the digest state |h|. It then updates
// |data| and |*num| with the new partial block and updates |*Nh| and |*Nl| with
// the data consumed.
static inline void crypto_md32_update(crypto_md32_block_func block_func,
uint32_t *h, uint8_t *data,
size_t block_size, unsigned *num,
uint32_t *Nh, uint32_t *Nl,
const uint8_t *in, size_t len) {
if (len == 0) {
return;
}
uint32_t l = *Nl + (((uint32_t)len) << 3);
if (l < *Nl) {
// Handle carries.
(*Nh)++;
}
*Nh += (uint32_t)(len >> 29);
*Nl = l;
size_t n = *num;
if (n != 0) {
if (len >= block_size || len + n >= block_size) {
OPENSSL_memcpy(data + n, in, block_size - n);
block_func(h, data, 1);
n = block_size - n;
in += n;
len -= n;
*num = 0;
// Keep |data| zeroed when unused.
OPENSSL_memset(data, 0, block_size);
} else {
OPENSSL_memcpy(data + n, in, len);
*num += (unsigned)len;
return;
}
}
n = len / block_size;
if (n > 0) {
block_func(h, in, n);
n *= block_size;
in += n;
len -= n;
}
if (len != 0) {
*num = (unsigned)len;
OPENSSL_memcpy(data, in, len);
}
}
// crypto_md32_final incorporates the partial block and trailing length into the
// digest state |h|. The trailing length is encoded in little-endian if
// |is_big_endian| is zero and big-endian otherwise. |data| must be a buffer of
// length |block_size| with the first |*num| bytes containing a partial block.
// |Nh| and |Nl| contain the total number of bits processed. On return, this
// function clears the partial block in |data| and
// |*num|.
//
// This function does not serialize |h| into a final digest. This is the
// responsibility of the caller.
static inline void crypto_md32_final(crypto_md32_block_func block_func,
uint32_t *h, uint8_t *data,
size_t block_size, unsigned *num,
uint32_t Nh, uint32_t Nl,
int is_big_endian) {
// |data| always has room for at least one byte. A full block would have
// been consumed.
size_t n = *num;
assert(n < block_size);
data[n] = 0x80;
n++;
// Fill the block with zeros if there isn't room for a 64-bit length.
if (n > block_size - 8) {
OPENSSL_memset(data + n, 0, block_size - n);
n = 0;
block_func(h, data, 1);
}
OPENSSL_memset(data + n, 0, block_size - 8 - n);
// Append a 64-bit length to the block and process it.
if (is_big_endian) {
CRYPTO_store_u32_be(data + block_size - 8, Nh);
CRYPTO_store_u32_be(data + block_size - 4, Nl);
} else {
CRYPTO_store_u32_le(data + block_size - 8, Nl);
CRYPTO_store_u32_le(data + block_size - 4, Nh);
}
block_func(h, data, 1);
*num = 0;
OPENSSL_memset(data, 0, block_size);
}
#if defined(__cplusplus)
} // extern C
#endif
#endif // OPENSSL_HEADER_DIGEST_MD32_COMMON_H