Support added for these two digests, available only via the EVP interface.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5093)
Changes between 1.1.0f and 1.1.1 [xx XXX xxxx]
+ *) Added SHA512/224 and SHA512/256 algorithm support.
+ [Paul Dale]
+
*) The last traces of Netware support, first removed in 1.1.0, have
now been removed.
[Rich Salz]
/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
EVP_add_digest(EVP_sha256());
EVP_add_digest(EVP_sha384());
EVP_add_digest(EVP_sha512());
+ EVP_add_digest(EVP_sha512_224());
+ EVP_add_digest(EVP_sha512_256());
#ifndef OPENSSL_NO_WHIRLPOOL
EVP_add_digest(EVP_whirlpool());
#endif
/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#include <openssl/sha.h>
#include <openssl/rsa.h>
#include "internal/evp_int.h"
+#include "internal/sha.h"
static int init(EVP_MD_CTX *ctx)
{
return &sha256_md;
}
+static int init512_224(EVP_MD_CTX *ctx)
+{
+ return sha512_224_init(EVP_MD_CTX_md_data(ctx));
+}
+
+static int init512_256(EVP_MD_CTX *ctx)
+{
+ return sha512_256_init(EVP_MD_CTX_md_data(ctx));
+}
+
static int init384(EVP_MD_CTX *ctx)
{
return SHA384_Init(EVP_MD_CTX_md_data(ctx));
return SHA512_Final(md, EVP_MD_CTX_md_data(ctx));
}
+static const EVP_MD sha512_224_md = {
+ NID_sha512_224,
+ NID_sha512_224WithRSAEncryption,
+ SHA224_DIGEST_LENGTH,
+ EVP_MD_FLAG_DIGALGID_ABSENT,
+ init512_224,
+ update512,
+ final512,
+ NULL,
+ NULL,
+ SHA512_CBLOCK,
+ sizeof(EVP_MD *) + sizeof(SHA512_CTX),
+};
+
+const EVP_MD *EVP_sha512_224(void)
+{
+ return &sha512_224_md;
+}
+
+static const EVP_MD sha512_256_md = {
+ NID_sha512_256,
+ NID_sha512_256WithRSAEncryption,
+ SHA256_DIGEST_LENGTH,
+ EVP_MD_FLAG_DIGALGID_ABSENT,
+ init512_256,
+ update512,
+ final512,
+ NULL,
+ NULL,
+ SHA512_CBLOCK,
+ sizeof(EVP_MD *) + sizeof(SHA512_CTX),
+};
+
+const EVP_MD *EVP_sha512_256(void)
+{
+ return &sha512_256_md;
+}
+
static const EVP_MD sha384_md = {
NID_sha384,
NID_sha384WithRSAEncryption,
--- /dev/null
+/*
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_INTERNAL_SHA_H
+# define HEADER_INTERNAL_SHA_H
+
+# include <openssl/opensslconf.h>
+
+int sha512_224_init(SHA512_CTX *);
+int sha512_256_init(SHA512_CTX *);
+
+#endif
*/
/* Serialized OID's */
-static const unsigned char so[7324] = {
+static const unsigned char so[7342] = {
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */
0x2A,0x81,0x1C,0xCF,0x55,0x01, /* [ 7301] OBJ_sm_scheme */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x83,0x11, /* [ 7307] OBJ_sm3 */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x83,0x78, /* [ 7315] OBJ_sm3WithRSAEncryption */
+ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0F, /* [ 7323] OBJ_sha512_224WithRSAEncryption */
+ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x10, /* [ 7332] OBJ_sha512_256WithRSAEncryption */
};
-#define NUM_NID 1145
+#define NUM_NID 1147
static const ASN1_OBJECT nid_objs[NUM_NID] = {
{"UNDEF", "undefined", NID_undef},
{"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]},
{"sm-scheme", "sm-scheme", NID_sm_scheme, 6, &so[7301]},
{"SM3", "sm3", NID_sm3, 8, &so[7307]},
{"RSA-SM3", "sm3WithRSAEncryption", NID_sm3WithRSAEncryption, 8, &so[7315]},
+ {"RSA-SHA512/224", "sha512-224WithRSAEncryption", NID_sha512_224WithRSAEncryption, 9, &so[7323]},
+ {"RSA-SHA512/256", "sha512-256WithRSAEncryption", NID_sha512_256WithRSAEncryption, 9, &so[7332]},
};
-#define NUM_SN 1136
+#define NUM_SN 1138
static const unsigned int sn_objs[NUM_SN] = {
364, /* "AD_DVCS" */
419, /* "AES-128-CBC" */
668, /* "RSA-SHA256" */
669, /* "RSA-SHA384" */
670, /* "RSA-SHA512" */
+ 1145, /* "RSA-SHA512/224" */
+ 1146, /* "RSA-SHA512/256" */
1144, /* "RSA-SM3" */
919, /* "RSAES-OAEP" */
912, /* "RSASSA-PSS" */
1093, /* "x509ExtAdmission" */
};
-#define NUM_LN 1136
+#define NUM_LN 1138
static const unsigned int ln_objs[NUM_LN] = {
363, /* "AD Time Stamping" */
405, /* "ANSI X9.62" */
669, /* "sha384WithRSAEncryption" */
674, /* "sha512" */
1094, /* "sha512-224" */
+ 1145, /* "sha512-224WithRSAEncryption" */
1095, /* "sha512-256" */
+ 1146, /* "sha512-256WithRSAEncryption" */
670, /* "sha512WithRSAEncryption" */
42, /* "shaWithRSAEncryption" */
1100, /* "shake128" */
125, /* "zlib compression" */
};
-#define NUM_OBJ 1025
+#define NUM_OBJ 1027
static const unsigned int obj_objs[NUM_OBJ] = {
0, /* OBJ_undef 0 */
181, /* OBJ_iso 1 */
669, /* OBJ_sha384WithRSAEncryption 1 2 840 113549 1 1 12 */
670, /* OBJ_sha512WithRSAEncryption 1 2 840 113549 1 1 13 */
671, /* OBJ_sha224WithRSAEncryption 1 2 840 113549 1 1 14 */
+ 1145, /* OBJ_sha512_224WithRSAEncryption 1 2 840 113549 1 1 15 */
+ 1146, /* OBJ_sha512_256WithRSAEncryption 1 2 840 113549 1 1 16 */
28, /* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */
9, /* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */
10, /* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */
sm_scheme 1142
sm3 1143
sm3WithRSAEncryption 1144
+sha512_224WithRSAEncryption 1145
+sha512_256WithRSAEncryption 1146
pkcs1 12 : RSA-SHA384 : sha384WithRSAEncryption
pkcs1 13 : RSA-SHA512 : sha512WithRSAEncryption
pkcs1 14 : RSA-SHA224 : sha224WithRSAEncryption
+pkcs1 15 : RSA-SHA512/224 : sha512-224WithRSAEncryption
+pkcs1 16 : RSA-SHA512/256 : sha512-256WithRSAEncryption
pkcs 3 : pkcs3
pkcs3 1 : : dhKeyAgreement
/*
- * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#include <openssl/opensslv.h>
#include "internal/cryptlib.h"
+#include "internal/sha.h"
#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
defined(__x86_64) || defined(_M_AMD64) || defined(_M_X64) || \
# define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
#endif
+int sha512_224_init(SHA512_CTX *c)
+{
+ c->h[0] = U64(0x8c3d37c819544da2);
+ c->h[1] = U64(0x73e1996689dcd4d6);
+ c->h[2] = U64(0x1dfab7ae32ff9c82);
+ c->h[3] = U64(0x679dd514582f9fcf);
+ c->h[4] = U64(0x0f6d2b697bd44da8);
+ c->h[5] = U64(0x77e36f7304c48942);
+ c->h[6] = U64(0x3f9d85a86a1d36c8);
+ c->h[7] = U64(0x1112e6ad91d692a1);
+
+ c->Nl = 0;
+ c->Nh = 0;
+ c->num = 0;
+ c->md_len = SHA224_DIGEST_LENGTH;
+ return 1;
+}
+
+int sha512_256_init(SHA512_CTX *c)
+{
+ c->h[0] = U64(0x22312194fc2bf72c);
+ c->h[1] = U64(0x9f555fa3c84c64c2);
+ c->h[2] = U64(0x2393b86b6f53b151);
+ c->h[3] = U64(0x963877195940eabd);
+ c->h[4] = U64(0x96283ee2a88effe3);
+ c->h[5] = U64(0xbe5e1e2553863992);
+ c->h[6] = U64(0x2b0199fc2c85b8aa);
+ c->h[7] = U64(0x0eb72ddc81c52ca2);
+
+ c->Nl = 0;
+ c->Nh = 0;
+ c->num = 0;
+ c->md_len = SHA256_DIGEST_LENGTH;
+ return 1;
+}
+
int SHA384_Init(SHA512_CTX *c)
{
c->h[0] = U64(0xcbbb9d5dc1059ed8);
switch (c->md_len) {
/* Let compiler decide if it's appropriate to unroll... */
+ case SHA224_DIGEST_LENGTH:
+ for (n = 0; n < SHA224_DIGEST_LENGTH / 8; n++) {
+ SHA_LONG64 t = c->h[n];
+
+ *(md++) = (unsigned char)(t >> 56);
+ *(md++) = (unsigned char)(t >> 48);
+ *(md++) = (unsigned char)(t >> 40);
+ *(md++) = (unsigned char)(t >> 32);
+ *(md++) = (unsigned char)(t >> 24);
+ *(md++) = (unsigned char)(t >> 16);
+ *(md++) = (unsigned char)(t >> 8);
+ *(md++) = (unsigned char)(t);
+ }
+ /*
+ * For 224 bits, there are four bytes left over that have to be
+ * processed separately.
+ */
+ {
+ SHA_LONG64 t = c->h[SHA224_DIGEST_LENGTH / 8];
+
+ *(md++) = (unsigned char)(t >> 56);
+ *(md++) = (unsigned char)(t >> 48);
+ *(md++) = (unsigned char)(t >> 40);
+ *(md++) = (unsigned char)(t >> 32);
+ }
+ break;
+ case SHA256_DIGEST_LENGTH:
+ for (n = 0; n < SHA256_DIGEST_LENGTH / 8; n++) {
+ SHA_LONG64 t = c->h[n];
+
+ *(md++) = (unsigned char)(t >> 56);
+ *(md++) = (unsigned char)(t >> 48);
+ *(md++) = (unsigned char)(t >> 40);
+ *(md++) = (unsigned char)(t >> 32);
+ *(md++) = (unsigned char)(t >> 24);
+ *(md++) = (unsigned char)(t >> 16);
+ *(md++) = (unsigned char)(t >> 8);
+ *(md++) = (unsigned char)(t);
+ }
+ break;
case SHA384_DIGEST_LENGTH:
for (n = 0; n < SHA384_DIGEST_LENGTH / 8; n++) {
SHA_LONG64 t = c->h[n];
EVP_sha224,
EVP_sha256,
+EVP_sha512_224,
+EVP_sha512_256,
EVP_sha384,
EVP_sha512
- SHA-2 For EVP
const EVP_MD *EVP_sha224(void);
const EVP_MD *EVP_sha256(void);
+ const EVP_MD *EVP_sha512_224(void);
+ const EVP_MD *EVP_sha512_256(void);
const EVP_MD *EVP_sha384(void);
const EVP_MD *EVP_sha512(void);
=item EVP_sha224(),
EVP_sha256(),
+EVP_sha512_224,
+EVP_sha512_256,
EVP_sha384(),
EVP_sha512()
-The SHA-2 SHA-224, SHA-256, SHA-384, SHA-512 algorithms respectively, which
-generates 224, 256, 384 and 512 bits of output from a given input.
+The SHA-2 SHA-224, SHA-256, SHA-512/224, SHA512/256, SHA-384 and SHA-512
+algorithms, which generate 224, 256, 224, 256, 384 and 512 bits
+respectively of output from a given input.
+
+The two algorithms: SHA-512/224 and SHA512/256 are truncated forms of the
+SHA-512 algorithm. They are distinct from SHA-224 and SHA-256 even though
+their outputs are of the same size.
=back
=head1 COPYRIGHT
-Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
OBJ_sm_scheme="\x2A\x81\x1C\xCF\x55\x01"
OBJ_sm3="\x2A\x81\x1C\xCF\x55\x01\x83\x11"
OBJ_sm3WithRSAEncryption="\x2A\x81\x1C\xCF\x55\x01\x83\x78"
+OBJ_sha512_224WithRSAEncryption="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0F"
+OBJ_sha512_256WithRSAEncryption="\x2A\x86\x48\x86\xF7\x0D\x01\x01\x10"
/*
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
const EVP_MD *EVP_sha256(void);
const EVP_MD *EVP_sha384(void);
const EVP_MD *EVP_sha512(void);
+const EVP_MD *EVP_sha512_224(void);
+const EVP_MD *EVP_sha512_256(void);
const EVP_MD *EVP_sha3_224(void);
const EVP_MD *EVP_sha3_256(void);
const EVP_MD *EVP_sha3_384(void);
#define NID_sha224WithRSAEncryption 671
#define OBJ_sha224WithRSAEncryption OBJ_pkcs1,14L
+#define SN_sha512_224WithRSAEncryption "RSA-SHA512/224"
+#define LN_sha512_224WithRSAEncryption "sha512-224WithRSAEncryption"
+#define NID_sha512_224WithRSAEncryption 1145
+#define OBJ_sha512_224WithRSAEncryption OBJ_pkcs1,15L
+
+#define SN_sha512_256WithRSAEncryption "RSA-SHA512/256"
+#define LN_sha512_256WithRSAEncryption "sha512-256WithRSAEncryption"
+#define NID_sha512_256WithRSAEncryption 1146
+#define OBJ_sha512_256WithRSAEncryption OBJ_pkcs1,16L
+
#define SN_pkcs3 "pkcs3"
#define NID_pkcs3 27
#define OBJ_pkcs3 OBJ_pkcs,3L
#
-# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
Ncopy = 64
Output = e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973ebde0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b
+# Some of the test vectors from the SHS CAVP for FIPS 180-4
+Digest = SHA512-224
+Input =
+Output = 6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4
+
+Digest = SHA512-224
+Input = cf
+Output = 4199239e87d47b6feda016802bf367fb6e8b5655eff6225cb2668f4a
+
+Digest = SHA512-224
+Input = ca2d
+Output = 392b99b593b85e147f031986c2a9edfdb4ffd9f24c77c452d339c9fc
+
+Digest = SHA512-224
+Input = 6963446913771410
+Output = 21f6c373637e6a5e89d6e88811110c5c3fa12e497144912914c546e1
+
+Digest = SHA512-224
+Input = 44c6c75e377f21fc9cd7c164ca5c4cb82c5538a58dfb323992e6bcf588c61b246053706bf88725a09d0a8adfcdeec0db419cd7732b0e3386bc3f3407e9e016546f4d15c314bfd57e30c302926deb3342cbc315a1e706c5607c127de42a9a739b
+Output = b9b62986eebdb35c88b12e0257537a05394ef5a16fad01c2fec57d6f
+
+# The two examples from: https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/SHA512_224.pdf
+Digest = SHA512-224
+Input = "abc"
+Output = 4634270f707b6a54daae7530460842e20e37ed265ceee9a43e8924aa
+
+Digest = SHA512-224
+Input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+Output = 23fec5bb94d60b23308192640b0c453335d664734fe40e7268674af9
+
+# Some of the test vectors from the SHS CAVP for FIPS 180-4
+Digest = SHA512-256
+Input =
+Output = c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a
+
+Digest = SHA512-256
+Input = fa
+Output = c4ef36923c64e51e875720e550298a5ab8a3f2f875b1e1a4c9b95babf7344fef
+
+Digest = SHA512-256
+Input = 74e4
+Output = 0c994228b8d3bd5ea5b5259157a9bba7a193118ad22817e6fbed2df1a32a4148
+
+Digest = SHA512-256
+Input = b4e2e8501f54be91
+Output = d25265bf9cbc0dd2f108a2f5e8f69db7d15e5b8fe9100fe887dae20b6e054fe8
+
+Digest = SHA512-256
+Input = 63188781f4e9cbd1e89a54a65da053b93722e1106f00f024ad1582421ab919326f8a6e17536d6596e3cf413a9231141733e37aae540f8711cefafe489a87c4f2e6fd942f6809f3bef3076763487de48c2ee88733c5bc870617a668c6f01471ed
+Output = 91a8e285029085e224987078066486b6c605cbac27e49e84f4639710ddd05d33
+
+# The two examples from https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/SHA512_256.pdf
+Digest = SHA512-256
+Input = "abc"
+Output = 53048e2681941ef99b2e29b76b4c7dabe4c2d0c634fc6d46e0e2f13107e7af23
+
+Digest = SHA512-256
+Input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+Output = 3928e184fb8690f840da3988121d31be65cb9d3ef83ee6146feac861e19b563a
+
Title = MD5 tests
Digest = MD5
ADMISSIONS_set0_namingAuthority 4439 1_1_1 EXIST::FUNCTION:
ADMISSIONS_get0_professionInfos 4440 1_1_1 EXIST::FUNCTION:
ADMISSION_SYNTAX_new 4441 1_1_1 EXIST::FUNCTION:
+EVP_sha512_256 4442 1_1_1 EXIST::FUNCTION:
+EVP_sha512_224 4443 1_1_1 EXIST::FUNCTION:
projects / oweals / openssl.git / commitdiff