Lines Matching +full:out +full:- +full:functions
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
38 * # Hash Functions
40 * This file documents the API for hash functions.
48 * - `br_xxx_vtable`
52 * - `br_xxx_SIZE`
57 * - `br_xxx_ID`
63 * NOTE: for the "standard" hash functions defined in [the TLS
64 * standard](https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1),
66 * 1 to 6 for MD5, SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512,
69 * - `br_xxx_context`
72 * caller, and a pointer to it is passed to all functions. A
80 * - `br_xxx_init(br_xxx_context *ctx)`
88 * - `br_xxx_update(br_xxx_context *ctx, const void *data, size_t len)`
93 * - `br_xxx_out(const br_xxx_context *ctx, void *out)`
101 * - `br_xxx_state(const br_xxx_context *ctx, void *out)`
104 * MD functions (MD5, SHA-1, SHA-2 family), this is the running state
108 * - `br_xxx_set_state(br_xxx_context *ctx, const void *stb, uint64_t count)`
121 * ## Object-Oriented API
124 * above, an object-oriented API is also provided. In that API, function
126 * incarnates object-oriented programming. An introduction on the OOP
130 * The vtable offers functions called `init()`, `update()`, `out()`,
131 * `set()` and `set_state()`, which are in fact the functions from
134 * - `context_size`
140 * - `desc`
146 * Users of this object-oriented API (in particular generic HMAC
149 * - Hash output size is no more than 64 bytes.
150 * - Hash internal state size is no more than 64 bytes.
151 * - Internal block size is a power of two, no less than 16 and no more
155 * ## Implemented Hash Functions
157 * Implemented hash functions are:
160 * | :-------- | :------ | :-----------: | :----------: |
162 * | SHA-1 | sha1 | 20 | 20 |
163 * | SHA-224 | sha224 | 28 | 32 |
164 * | SHA-256 | sha256 | 32 | 32 |
165 * | SHA-384 | sha384 | 48 | 64 |
166 * | SHA-512 | sha512 | 64 | 64 |
167 * | MD5+SHA-1 | md5sha1 | 36 | 36 |
169 * (MD5+SHA-1 is the concatenation of MD5 and SHA-1 computed over the
171 * shared, thus making it more memory-efficient than separate MD5 and
172 * SHA-1. It can be useful in implementing SSL 3.0, TLS 1.0 and TLS
176 * ## Multi-Hasher
179 * hash functions in parallel. It uses `br_multihash_context` and a
181 * that it should use; it will then compute all these hash functions in
186 * Only the standard hash functions (MD5, SHA-1, SHA-224, SHA-256, SHA-384
187 * and SHA-512) are supported by the multi-hasher.
202 * The `y` pointer refers to a 16-byte value which is used as input, and
203 * receives the output of the GHASH invocation. `h` is a 16-byte secret
206 * Three GHASH implementations are provided, all constant-time, based on
218 * Vtables are used to support object-oriented programming, as
237 * (hf->desc >> BR_HASHDESC_xxx_OFF) & BR_HASHDESC_xxx_MASK
241 * - `ID`: the symbolic identifier for the function, as defined
242 * in [TLS](https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1)
243 * (MD5 = 1, SHA-1 = 2,...).
245 * - `OUT`: hash output size, in bytes.
247 * - `STATE`: internal running state size, in bytes.
249 * - `LBLEN`: base-2 logarithm for the internal block size, as
250 * defined for HMAC processing (this is 6 for MD5, SHA-1, SHA-224
251 * and SHA-256, since these functions use 64-byte blocks; for
252 * SHA-384 and SHA-512, this is 7, corresponding to their
253 * 128-byte blocks).
300 void (*out)(const br_hash_class *const *ctx, void *dst); member
307 * hash function; for Merkle-Damgård hash functions (like
308 * MD5 or SHA-1), this is the output obtained after processing
354 * Specific hash functions.
357 * -- No interior pointer.
358 * -- No pointer to external dynamically allocated resources.
359 * -- First field is called 'vtable' and is a pointer to a
360 * const-qualified br_hash_class instance (pointer is set by init()).
361 * -- SHA-224 and SHA-256 contexts are identical.
362 * -- SHA-384 and SHA-512 contexts are identical.
429 * computed and written in the buffer pointed to by `out`. The context
434 * \param out destination buffer for the hash output.
436 void br_md5_out(const br_md5_context *ctx, void *out);
442 * processing) is written in the buffer pointed to by `out`. The
447 * \param out destination buffer for the running state.
450 uint64_t br_md5_state(const br_md5_context *ctx, void *out);
464 * \brief Symbolic identifier for SHA-1.
469 * \brief SHA-1 output size (in bytes).
474 * \brief Constant vtable for SHA-1.
479 * \brief SHA-1 context.
497 * \brief SHA-1 context initialisation.
499 * This function initialises or resets a context for a new SHA-1
507 * \brief Inject some data bytes in a running SHA-1 computation.
520 * \brief Compute SHA-1 output.
522 * The SHA-1 output for the concatenation of all bytes injected in the
524 * computed and written in the buffer pointed to by `out`. The context
529 * \param out destination buffer for the hash output.
531 void br_sha1_out(const br_sha1_context *ctx, void *out);
534 * \brief Save SHA-1 running state.
536 * The running state for SHA-1 (output of the last internal block
537 * processing) is written in the buffer pointed to by `out`. The
542 * \param out destination buffer for the running state.
545 uint64_t br_sha1_state(const br_sha1_context *ctx, void *out);
548 * \brief Restore SHA-1 running state.
550 * The running state for SHA-1 is set to the provided values.
559 * \brief Symbolic identifier for SHA-224.
564 * \brief SHA-224 output size (in bytes).
569 * \brief Constant vtable for SHA-224.
574 * \brief SHA-224 context.
592 * \brief SHA-224 context initialisation.
594 * This function initialises or resets a context for a new SHA-224
602 * \brief Inject some data bytes in a running SHA-224 computation.
615 * \brief Compute SHA-224 output.
617 * The SHA-224 output for the concatenation of all bytes injected in the
619 * computed and written in the buffer pointed to by `out`. The context
624 * \param out destination buffer for the hash output.
626 void br_sha224_out(const br_sha224_context *ctx, void *out);
629 * \brief Save SHA-224 running state.
631 * The running state for SHA-224 (output of the last internal block
632 * processing) is written in the buffer pointed to by `out`. The
637 * \param out destination buffer for the running state.
640 uint64_t br_sha224_state(const br_sha224_context *ctx, void *out);
643 * \brief Restore SHA-224 running state.
645 * The running state for SHA-224 is set to the provided values.
655 * \brief Symbolic identifier for SHA-256.
660 * \brief SHA-256 output size (in bytes).
665 * \brief Constant vtable for SHA-256.
671 * \brief SHA-256 context.
687 * \brief SHA-256 context initialisation.
689 * This function initialises or resets a context for a new SHA-256
698 * \brief Inject some data bytes in a running SHA-256 computation.
714 * \brief Compute SHA-256 output.
716 * The SHA-256 output for the concatenation of all bytes injected in the
718 * computed and written in the buffer pointed to by `out`. The context
723 * \param out destination buffer for the hash output.
725 void br_sha256_out(const br_sha256_context *ctx, void *out);
729 * \brief Save SHA-256 running state.
731 * The running state for SHA-256 (output of the last internal block
732 * processing) is written in the buffer pointed to by `out`. The
737 * \param out destination buffer for the running state.
740 uint64_t br_sha256_state(const br_sha256_context *ctx, void *out);
747 * \brief Restore SHA-256 running state.
749 * The running state for SHA-256 is set to the provided values.
762 * \brief Symbolic identifier for SHA-384.
767 * \brief SHA-384 output size (in bytes).
772 * \brief Constant vtable for SHA-384.
777 * \brief SHA-384 context.
795 * \brief SHA-384 context initialisation.
797 * This function initialises or resets a context for a new SHA-384
805 * \brief Inject some data bytes in a running SHA-384 computation.
818 * \brief Compute SHA-384 output.
820 * The SHA-384 output for the concatenation of all bytes injected in the
822 * computed and written in the buffer pointed to by `out`. The context
827 * \param out destination buffer for the hash output.
829 void br_sha384_out(const br_sha384_context *ctx, void *out);
832 * \brief Save SHA-384 running state.
834 * The running state for SHA-384 (output of the last internal block
835 * processing) is written in the buffer pointed to by `out`. The
840 * \param out destination buffer for the running state.
843 uint64_t br_sha384_state(const br_sha384_context *ctx, void *out);
846 * \brief Restore SHA-384 running state.
848 * The running state for SHA-384 is set to the provided values.
858 * \brief Symbolic identifier for SHA-512.
863 * \brief SHA-512 output size (in bytes).
868 * \brief Constant vtable for SHA-512.
874 * \brief SHA-512 context.
890 * \brief SHA-512 context initialisation.
892 * This function initialises or resets a context for a new SHA-512
901 * \brief Inject some data bytes in a running SHA-512 computation.
917 * \brief Compute SHA-512 output.
919 * The SHA-512 output for the concatenation of all bytes injected in the
921 * computed and written in the buffer pointed to by `out`. The context
926 * \param out destination buffer for the hash output.
928 void br_sha512_out(const br_sha512_context *ctx, void *out);
932 * \brief Save SHA-512 running state.
934 * The running state for SHA-512 (output of the last internal block
935 * processing) is written in the buffer pointed to by `out`. The
940 * \param out destination buffer for the running state.
943 uint64_t br_sha512_state(const br_sha512_context *ctx, void *out);
950 * \brief Restore SHA-512 running state.
952 * The running state for SHA-512 is set to the provided values.
965 * "md5sha1" is a special hash function that computes both MD5 and SHA-1
966 * on the same input, and produces a 36-byte output (MD5 and SHA-1
971 * \brief Symbolic identifier for MD5+SHA-1.
973 * MD5+SHA-1 is the concatenation of MD5 and SHA-1, computed over the
974 * same input. It is not one of the functions identified in TLS, so
980 * \brief MD5+SHA-1 output size (in bytes).
985 * \brief Constant vtable for MD5+SHA-1.
990 * \brief MD5+SHA-1 context.
1009 * \brief MD5+SHA-1 context initialisation.
1011 * This function initialises or resets a context for a new SHA-512
1019 * \brief Inject some data bytes in a running MD5+SHA-1 computation.
1032 * \brief Compute MD5+SHA-1 output.
1034 * The MD5+SHA-1 output for the concatenation of all bytes injected in the
1036 * computed and written in the buffer pointed to by `out`. The context
1041 * \param out destination buffer for the hash output.
1043 void br_md5sha1_out(const br_md5sha1_context *ctx, void *out);
1046 * \brief Save MD5+SHA-1 running state.
1048 * The running state for MD5+SHA-1 (output of the last internal block
1049 * processing) is written in the buffer pointed to by `out`. The
1054 * \param out destination buffer for the running state.
1057 uint64_t br_md5sha1_state(const br_md5sha1_context *ctx, void *out);
1060 * \brief Restore MD5+SHA-1 running state.
1062 * The running state for MD5+SHA-1 is set to the provided values.
1075 * serve as context for all standard hash functions defined above.
1089 * The multi-hasher is a construct that handles hashing of the same input
1090 * data with several hash functions, with a single shared input buffer.
1091 * It can handle MD5, SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512
1092 * simultaneously, though which functions are activated depends on
1097 * \brief Multi-hasher context structure.
1099 * The multi-hasher runs up to six hash functions in the standard TLS list
1100 * (MD5, SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512) in parallel, over
1103 * The multi-hasher does _not_ follow the OOP structure with a vtable.
1104 * Instead, it is configured with the vtables of the hash functions it
1118 * \brief Clear a multi-hasher context.
1123 * \param ctx the multi-hasher context.
1133 * MUST be one of the standard hash functions (MD5, SHA-1, SHA-224,
1134 * SHA-256, SHA-384 or SHA-512); it may also be `NULL` to remove
1135 * an implementation from the multi-hasher.
1137 * \param ctx the multi-hasher context.
1146 * This code relies on hash functions ID being values 1 to 6, in br_multihash_setimpl()
1147 * in the MD5 to SHA-512 order. in br_multihash_setimpl()
1149 ctx->impl[id - 1] = impl; in br_multihash_setimpl()
1157 * the provided multi-hasher context, then this function returns `NULL`.
1159 * \param ctx the multi-hasher context.
1166 return ctx->impl[id - 1]; in br_multihash_getimpl()
1170 * \brief Reset a multi-hasher context.
1175 * \param ctx the multi-hasher context.
1180 * \brief Inject some data bytes in a running multi-hashing computation.
1194 * \brief Compute a hash output from a multi-hasher.
1200 * hash functions. If that hash function was indeed configured in the
1201 * multi-hasher context, the corresponding hash value is written in
1220 * combination with a block cipher (with 16-byte blocks).
1223 * a complete GHASH run, it starts with an all-zero value. `h` is a 16-byte
1231 * for the ciphertext, respectively; the zero-padding implements exactly
1242 * \brief GHASH implementation using multiplications (mixed 32-bit).
1244 * This implementation uses multiplications of 32-bit values, with a
1245 * 64-bit result. It is constant-time (if multiplications are
1246 * constant-time).
1256 * \brief GHASH implementation using multiplications (strict 32-bit).
1258 * This implementation uses multiplications of 32-bit values, with a
1259 * 32-bit result. It is usually somewhat slower than `br_ghash_ctmul()`,
1261 * 32-bit multiplication opcode does not yield the upper 32 bits of the
1262 * product. It is constant-time (if multiplications are constant-time).
1272 * \brief GHASH implementation using multiplications (64-bit).
1274 * This implementation uses multiplications of 64-bit values, with a
1275 * 64-bit result. It is constant-time (if multiplications are
1276 * constant-time). It is substantially faster than `br_ghash_ctmul()`
1277 * and `br_ghash_ctmul32()` on most 64-bit architectures.
1288 * AES-NI instructions).
1291 * compiler supports the relevant intrinsic functions. Even if the
1292 * compiler supports these functions, the local CPU might not support