[libgit2.git] / src / util / hash / rfc6234 / sha.h

/**************************** sha.h ****************************/
/***************** See RFC 6234 for details. *******************/
/*
   Copyright (c) 2011 IETF Trust and the persons identified as
   authors of the code.  All rights reserved.

   Redistribution and use in source and binary forms, with or
   without modification, are permitted provided that the following
   conditions are met:

   - Redistributions of source code must retain the above
     copyright notice, this list of conditions and
     the following disclaimer.

   - Redistributions in binary form must reproduce the above
     copyright notice, this list of conditions and the following
     disclaimer in the documentation and/or other materials provided
     with the distribution.

   - Neither the name of Internet Society, IETF or IETF Trust, nor
     the names of specific contributors, may be used to endorse or
     promote products derived from this software without specific
     prior written permission.

   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
   CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
   INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
   MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
   DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR
   CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
   NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
   LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
   CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
   OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
   EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _SHA_H_
#define _SHA_H_

/*
 *  Description:
 *      This file implements the Secure Hash Algorithms
 *      as defined in the U.S. National Institute of Standards
 *      and Technology Federal Information Processing Standards
 *      Publication (FIPS PUB) 180-3 published in October 2008
 *      and formerly defined in its predecessors, FIPS PUB 180-1
 *      and FIP PUB 180-2.
 *
 *      A combined document showing all algorithms is available at
 *              http://csrc.nist.gov/publications/fips/
 *                     fips180-3/fips180-3_final.pdf
 *
 *      The five hashes are defined in these sizes:
 *              SHA-1           20 byte / 160 bit
 *              SHA-224         28 byte / 224 bit
 *              SHA-256         32 byte / 256 bit
 *              SHA-384         48 byte / 384 bit
 *              SHA-512         64 byte / 512 bit
 *
 *  Compilation Note:
 *    These files may be compiled with two options:
 *        USE_32BIT_ONLY - use 32-bit arithmetic only, for systems
 *                         without 64-bit integers
 *
 *        USE_MODIFIED_MACROS - use alternate form of the SHA_Ch()
 *                         and SHA_Maj() macros that are equivalent
 *                         and potentially faster on many systems
 *
 */

#include <stdint.h>
/*
 * If you do not have the ISO standard stdint.h header file, then you
 * must typedef the following:
 *    name              meaning
 *  uint64_t         unsigned 64-bit integer
 *  uint32_t         unsigned 32-bit integer
 *  uint8_t          unsigned 8-bit integer (i.e., unsigned char)
 *  int_least16_t    integer of >= 16 bits
 *
 * See stdint-example.h
 */

#ifndef _SHA_enum_
#define _SHA_enum_
/*
 *  All SHA functions return one of these values.
 */
enum {
    shaSuccess = 0,
    shaNull,            /* Null pointer parameter */
    shaInputTooLong,    /* input data too long */
    shaStateError,      /* called Input after FinalBits or Result */
    shaBadParam         /* passed a bad parameter */
};
#endif /* _SHA_enum_ */

/*
 *  These constants hold size information for each of the SHA
 *  hashing operations
 */
enum {
    SHA1_Message_Block_Size = 64, SHA224_Message_Block_Size = 64,
    SHA256_Message_Block_Size = 64, SHA384_Message_Block_Size = 128,
    SHA512_Message_Block_Size = 128,
    USHA_Max_Message_Block_Size = SHA512_Message_Block_Size,
    SHA1HashSize = 20, SHA224HashSize = 28, SHA256HashSize = 32,
    SHA384HashSize = 48, SHA512HashSize = 64,
    USHAMaxHashSize = SHA512HashSize,

    SHA1HashSizeBits = 160, SHA224HashSizeBits = 224,
    SHA256HashSizeBits = 256, SHA384HashSizeBits = 384,
    SHA512HashSizeBits = 512, USHAMaxHashSizeBits = SHA512HashSizeBits
};

/*
 *  These constants are used in the USHA (Unified SHA) functions.
 */
typedef enum SHAversion {
    SHA1, SHA224, SHA256, SHA384, SHA512
} SHAversion;

/*
 *  This structure will hold context information for the SHA-1
 *  hashing operation.
 */
typedef struct SHA1Context {
    uint32_t Intermediate_Hash[SHA1HashSize/4]; /* Message Digest */

    uint32_t Length_High;               /* Message length in bits */
    uint32_t Length_Low;                /* Message length in bits */

    int_least16_t Message_Block_Index;  /* Message_Block array index */
                                        /* 512-bit message blocks */
    uint8_t Message_Block[SHA1_Message_Block_Size];

    int Computed;                   /* Is the hash computed? */
    int Corrupted;                  /* Cumulative corruption code */
} SHA1Context;

/*
 *  This structure will hold context information for the SHA-256
 *  hashing operation.
 */
typedef struct SHA256Context {
    uint32_t Intermediate_Hash[SHA256HashSize/4]; /* Message Digest */

    uint32_t Length_High;               /* Message length in bits */
    uint32_t Length_Low;                /* Message length in bits */

    int_least16_t Message_Block_Index;  /* Message_Block array index */
                                        /* 512-bit message blocks */
    uint8_t Message_Block[SHA256_Message_Block_Size];

    int Computed;                   /* Is the hash computed? */
    int Corrupted;                  /* Cumulative corruption code */
} SHA256Context;

/*
 *  This structure will hold context information for the SHA-512
 *  hashing operation.
 */
typedef struct SHA512Context {
#ifdef USE_32BIT_ONLY
    uint32_t Intermediate_Hash[SHA512HashSize/4]; /* Message Digest  */
    uint32_t Length[4];                 /* Message length in bits */
#else /* !USE_32BIT_ONLY */
    uint64_t Intermediate_Hash[SHA512HashSize/8]; /* Message Digest */
    uint64_t Length_High, Length_Low;   /* Message length in bits */
#endif /* USE_32BIT_ONLY */

    int_least16_t Message_Block_Index;  /* Message_Block array index */
                                        /* 1024-bit message blocks */
    uint8_t Message_Block[SHA512_Message_Block_Size];

    int Computed;                   /* Is the hash computed?*/
    int Corrupted;                  /* Cumulative corruption code */
} SHA512Context;

/*
 *  This structure will hold context information for the SHA-224
 *  hashing operation.  It uses the SHA-256 structure for computation.
 */
typedef struct SHA256Context SHA224Context;

/*
 *  This structure will hold context information for the SHA-384
 *  hashing operation.  It uses the SHA-512 structure for computation.
 */
typedef struct SHA512Context SHA384Context;

/*
 *  This structure holds context information for all SHA
 *  hashing operations.
 */
typedef struct USHAContext {
    int whichSha;               /* which SHA is being used */
    union {
      SHA1Context sha1Context;
      SHA224Context sha224Context; SHA256Context sha256Context;
      SHA384Context sha384Context; SHA512Context sha512Context;
    } ctx;
} USHAContext;

/*
 *  This structure will hold context information for the HMAC
 *  keyed-hashing operation.
 */
typedef struct HMACContext {
    int whichSha;               /* which SHA is being used */
    int hashSize;               /* hash size of SHA being used */
    int blockSize;              /* block size of SHA being used */
    USHAContext shaContext;     /* SHA context */
    unsigned char k_opad[USHA_Max_Message_Block_Size];
                        /* outer padding - key XORd with opad */
    int Computed;               /* Is the MAC computed? */
    int Corrupted;              /* Cumulative corruption code */

} HMACContext;

/*
 *  This structure will hold context information for the HKDF
 *  extract-and-expand Key Derivation Functions.
 */
typedef struct HKDFContext {
    int whichSha;               /* which SHA is being used */
    HMACContext hmacContext;
    int hashSize;               /* hash size of SHA being used */
    unsigned char prk[USHAMaxHashSize];
                        /* pseudo-random key - output of hkdfInput */
    int Computed;               /* Is the key material computed? */
    int Corrupted;              /* Cumulative corruption code */
} HKDFContext;

/*
 *  Function Prototypes
 */

/* SHA-1 */
extern int SHA1Reset(SHA1Context *);
extern int SHA1Input(SHA1Context *, const uint8_t *bytes,
                     unsigned int bytecount);
extern int SHA1FinalBits(SHA1Context *, uint8_t bits,
                         unsigned int bit_count);
extern int SHA1Result(SHA1Context *,
                      uint8_t Message_Digest[SHA1HashSize]);

/* SHA-224 */
extern int SHA224Reset(SHA224Context *);
extern int SHA224Input(SHA224Context *, const uint8_t *bytes,
                       unsigned int bytecount);
extern int SHA224FinalBits(SHA224Context *, uint8_t bits,
                           unsigned int bit_count);
extern int SHA224Result(SHA224Context *,
                        uint8_t Message_Digest[SHA224HashSize]);

/* SHA-256 */
extern int SHA256Reset(SHA256Context *);
extern int SHA256Input(SHA256Context *, const uint8_t *bytes,
                       unsigned int bytecount);
extern int SHA256FinalBits(SHA256Context *, uint8_t bits,
                           unsigned int bit_count);
extern int SHA256Result(SHA256Context *,
                        uint8_t Message_Digest[SHA256HashSize]);

/* SHA-384 */
extern int SHA384Reset(SHA384Context *);
extern int SHA384Input(SHA384Context *, const uint8_t *bytes,
                       unsigned int bytecount);
extern int SHA384FinalBits(SHA384Context *, uint8_t bits,
                           unsigned int bit_count);
extern int SHA384Result(SHA384Context *,
                        uint8_t Message_Digest[SHA384HashSize]);

/* SHA-512 */
extern int SHA512Reset(SHA512Context *);
extern int SHA512Input(SHA512Context *, const uint8_t *bytes,
                       unsigned int bytecount);
extern int SHA512FinalBits(SHA512Context *, uint8_t bits,
                           unsigned int bit_count);
extern int SHA512Result(SHA512Context *,
                        uint8_t Message_Digest[SHA512HashSize]);

/* Unified SHA functions, chosen by whichSha */
extern int USHAReset(USHAContext *context, SHAversion whichSha);
extern int USHAInput(USHAContext *context,
                     const uint8_t *bytes, unsigned int bytecount);
extern int USHAFinalBits(USHAContext *context,
                         uint8_t bits, unsigned int bit_count);
extern int USHAResult(USHAContext *context,
                      uint8_t Message_Digest[USHAMaxHashSize]);
extern int USHABlockSize(enum SHAversion whichSha);
extern int USHAHashSize(enum SHAversion whichSha);
extern int USHAHashSizeBits(enum SHAversion whichSha);
extern const char *USHAHashName(enum SHAversion whichSha);

/*
 * HMAC Keyed-Hashing for Message Authentication, RFC 2104,
 * for all SHAs.
 * This interface allows a fixed-length text input to be used.
 */
extern int hmac(SHAversion whichSha, /* which SHA algorithm to use */
    const unsigned char *text,     /* pointer to data stream */
    int text_len,                  /* length of data stream */
    const unsigned char *key,      /* pointer to authentication key */
    int key_len,                   /* length of authentication key */
    uint8_t digest[USHAMaxHashSize]); /* caller digest to fill in */

/*
 * HMAC Keyed-Hashing for Message Authentication, RFC 2104,
 * for all SHAs.
 * This interface allows any length of text input to be used.
 */
extern int hmacReset(HMACContext *context, enum SHAversion whichSha,
                     const unsigned char *key, int key_len);
extern int hmacInput(HMACContext *context, const unsigned char *text,
                     int text_len);
extern int hmacFinalBits(HMACContext *context, uint8_t bits,
                         unsigned int bit_count);
extern int hmacResult(HMACContext *context,
                      uint8_t digest[USHAMaxHashSize]);

/*
 * HKDF HMAC-based Extract-and-Expand Key Derivation Function,
 * RFC 5869, for all SHAs.
 */
extern int hkdf(SHAversion whichSha, const unsigned char *salt,
                int salt_len, const unsigned char *ikm, int ikm_len,
                const unsigned char *info, int info_len,
                uint8_t okm[ ], int okm_len);
extern int hkdfExtract(SHAversion whichSha, const unsigned char *salt,
                       int salt_len, const unsigned char *ikm,
                       int ikm_len, uint8_t prk[USHAMaxHashSize]);
extern int hkdfExpand(SHAversion whichSha, const uint8_t prk[ ],
                      int prk_len, const unsigned char *info,
                      int info_len, uint8_t okm[ ], int okm_len);

/*
 * HKDF HMAC-based Extract-and-Expand Key Derivation Function,
 * RFC 5869, for all SHAs.
 * This interface allows any length of text input to be used.
 */
extern int hkdfReset(HKDFContext *context, enum SHAversion whichSha,
                     const unsigned char *salt, int salt_len);
extern int hkdfInput(HKDFContext *context, const unsigned char *ikm,
                     int ikm_len);
extern int hkdfFinalBits(HKDFContext *context, uint8_t ikm_bits,
                         unsigned int ikm_bit_count);
extern int hkdfResult(HKDFContext *context,
                      uint8_t prk[USHAMaxHashSize],
                      const unsigned char *info, int info_len,
                      uint8_t okm[USHAMaxHashSize], int okm_len);
#endif /* _SHA_H_ */
Commit	Line	Data
ad5611d8 TR	1	/************************** sha.h **************************/
	2	/*************** See RFC 6234 for details. *****************/
	3	/*
	4	Copyright (c) 2011 IETF Trust and the persons identified as
	5	authors of the code. All rights reserved.
	6
	7	Redistribution and use in source and binary forms, with or
	8	without modification, are permitted provided that the following
	9	conditions are met:
	10
	11	- Redistributions of source code must retain the above
	12	copyright notice, this list of conditions and
	13	the following disclaimer.
	14
	15	- Redistributions in binary form must reproduce the above
	16	copyright notice, this list of conditions and the following
	17	disclaimer in the documentation and/or other materials provided
	18	with the distribution.
	19
	20	- Neither the name of Internet Society, IETF or IETF Trust, nor
	21	the names of specific contributors, may be used to endorse or
	22	promote products derived from this software without specific
	23	prior written permission.
	24
	25	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
	26	CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
	27	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
	28	MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
	29	DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
	30	CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	31	SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	32	NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	33	LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	34	HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
	35	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
	36	OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	37	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	38	*/
	39	#ifndef _SHA_H_
	40	#define _SHA_H_
	41
	42	/*
	43	* Description:
	44	* This file implements the Secure Hash Algorithms
	45	* as defined in the U.S. National Institute of Standards
	46	* and Technology Federal Information Processing Standards
	47	* Publication (FIPS PUB) 180-3 published in October 2008
	48	* and formerly defined in its predecessors, FIPS PUB 180-1
	49	* and FIP PUB 180-2.
	50	*
	51	* A combined document showing all algorithms is available at
	52	* http://csrc.nist.gov/publications/fips/
	53	* fips180-3/fips180-3_final.pdf
	54	*
	55	* The five hashes are defined in these sizes:
	56	* SHA-1 20 byte / 160 bit
	57	* SHA-224 28 byte / 224 bit
	58	* SHA-256 32 byte / 256 bit
	59	* SHA-384 48 byte / 384 bit
	60	* SHA-512 64 byte / 512 bit
	61	*
	62	* Compilation Note:
	63	* These files may be compiled with two options:
	64	* USE_32BIT_ONLY - use 32-bit arithmetic only, for systems
65	* without 64-bit integers
66	*
67	* USE_MODIFIED_MACROS - use alternate form of the SHA_Ch()
68	* and SHA_Maj() macros that are equivalent
69	* and potentially faster on many systems
70	*
71	*/
72
73	#include <stdint.h>
74	/*
75	* If you do not have the ISO standard stdint.h header file, then you
76	* must typedef the following:
77	* name meaning
78	* uint64_t unsigned 64-bit integer
79	* uint32_t unsigned 32-bit integer
80	* uint8_t unsigned 8-bit integer (i.e., unsigned char)
81	* int_least16_t integer of >= 16 bits
82	*
83	* See stdint-example.h
84	*/
85
86	#ifndef _SHA_enum_
87	#define _SHA_enum_
88	/*
89	* All SHA functions return one of these values.
90	*/
91	enum {
92	shaSuccess = 0,
93	shaNull, /* Null pointer parameter */
94	shaInputTooLong, /* input data too long */
95	shaStateError, /* called Input after FinalBits or Result */
96	shaBadParam /* passed a bad parameter */
97	};
98	#endif /* _SHA_enum_ */
99
100	/*
101	* These constants hold size information for each of the SHA
102	* hashing operations
103	*/
104	enum {
105	SHA1_Message_Block_Size = 64, SHA224_Message_Block_Size = 64,
106	SHA256_Message_Block_Size = 64, SHA384_Message_Block_Size = 128,
107	SHA512_Message_Block_Size = 128,
108	USHA_Max_Message_Block_Size = SHA512_Message_Block_Size,
109	SHA1HashSize = 20, SHA224HashSize = 28, SHA256HashSize = 32,
110	SHA384HashSize = 48, SHA512HashSize = 64,
111	USHAMaxHashSize = SHA512HashSize,
112
113	SHA1HashSizeBits = 160, SHA224HashSizeBits = 224,
114	SHA256HashSizeBits = 256, SHA384HashSizeBits = 384,
115	SHA512HashSizeBits = 512, USHAMaxHashSizeBits = SHA512HashSizeBits
116	};
117
118	/*
119	* These constants are used in the USHA (Unified SHA) functions.
120	*/
121	typedef enum SHAversion {
122	SHA1, SHA224, SHA256, SHA384, SHA512
123	} SHAversion;
124
125	/*
126	* This structure will hold context information for the SHA-1
127	* hashing operation.
128	*/
129	typedef struct SHA1Context {
130	uint32_t Intermediate_Hash[SHA1HashSize/4]; /* Message Digest */
131
132	uint32_t Length_High; /* Message length in bits */
133	uint32_t Length_Low; /* Message length in bits */
134
135	int_least16_t Message_Block_Index; /* Message_Block array index */
136	/* 512-bit message blocks */
137	uint8_t Message_Block[SHA1_Message_Block_Size];
138
139	int Computed; /* Is the hash computed? */
140	int Corrupted; /* Cumulative corruption code */
141	} SHA1Context;
142
143	/*
144	* This structure will hold context information for the SHA-256
145	* hashing operation.
146	*/
147	typedef struct SHA256Context {
148	uint32_t Intermediate_Hash[SHA256HashSize/4]; /* Message Digest */
149
150	uint32_t Length_High; /* Message length in bits */
151	uint32_t Length_Low; /* Message length in bits */
152
153	int_least16_t Message_Block_Index; /* Message_Block array index */
154	/* 512-bit message blocks */
155	uint8_t Message_Block[SHA256_Message_Block_Size];
156
157	int Computed; /* Is the hash computed? */
158	int Corrupted; /* Cumulative corruption code */
159	} SHA256Context;
160
161	/*
162	* This structure will hold context information for the SHA-512
163	* hashing operation.
164	*/
165	typedef struct SHA512Context {
166	#ifdef USE_32BIT_ONLY
167	uint32_t Intermediate_Hash[SHA512HashSize/4]; /* Message Digest */
168	uint32_t Length[4]; /* Message length in bits */
169	#else /* !USE_32BIT_ONLY */
170	uint64_t Intermediate_Hash[SHA512HashSize/8]; /* Message Digest */
171	uint64_t Length_High, Length_Low; /* Message length in bits */
172	#endif /* USE_32BIT_ONLY */
173
174	int_least16_t Message_Block_Index; /* Message_Block array index */
175	/* 1024-bit message blocks */
176	uint8_t Message_Block[SHA512_Message_Block_Size];
177
178	int Computed; /* Is the hash computed?*/
179	int Corrupted; /* Cumulative corruption code */
180	} SHA512Context;
181
182	/*
183	* This structure will hold context information for the SHA-224
184	* hashing operation. It uses the SHA-256 structure for computation.
185	*/
186	typedef struct SHA256Context SHA224Context;
187
188	/*
189	* This structure will hold context information for the SHA-384
190	* hashing operation. It uses the SHA-512 structure for computation.
191	*/
192	typedef struct SHA512Context SHA384Context;
193
194	/*
195	* This structure holds context information for all SHA
196	* hashing operations.
197	*/
198	typedef struct USHAContext {
199	int whichSha; /* which SHA is being used */
200	union {
201	SHA1Context sha1Context;
202	SHA224Context sha224Context; SHA256Context sha256Context;
203	SHA384Context sha384Context; SHA512Context sha512Context;
204	} ctx;
205	} USHAContext;
206
207	/*
208	* This structure will hold context information for the HMAC
209	* keyed-hashing operation.
210	*/
211	typedef struct HMACContext {
212	int whichSha; /* which SHA is being used */
213	int hashSize; /* hash size of SHA being used */
214	int blockSize; /* block size of SHA being used */
215	USHAContext shaContext; /* SHA context */
216	unsigned char k_opad[USHA_Max_Message_Block_Size];
217	/* outer padding - key XORd with opad */
218	int Computed; /* Is the MAC computed? */
219	int Corrupted; /* Cumulative corruption code */
220
221	} HMACContext;
222
223	/*
224	* This structure will hold context information for the HKDF
225	* extract-and-expand Key Derivation Functions.
226	*/
227	typedef struct HKDFContext {
228	int whichSha; /* which SHA is being used */
229	HMACContext hmacContext;
230	int hashSize; /* hash size of SHA being used */
231	unsigned char prk[USHAMaxHashSize];
232	/* pseudo-random key - output of hkdfInput */
233	int Computed; /* Is the key material computed? */
234	int Corrupted; /* Cumulative corruption code */
235	} HKDFContext;
236
237	/*
238	* Function Prototypes
239	*/
240
241	/* SHA-1 */
242	extern int SHA1Reset(SHA1Context *);
243	extern int SHA1Input(SHA1Context , const uint8_t bytes,
244	unsigned int bytecount);
245	extern int SHA1FinalBits(SHA1Context *, uint8_t bits,
246	unsigned int bit_count);
247	extern int SHA1Result(SHA1Context *,
248	uint8_t Message_Digest[SHA1HashSize]);
249
250	/* SHA-224 */
251	extern int SHA224Reset(SHA224Context *);
252	extern int SHA224Input(SHA224Context , const uint8_t bytes,
253	unsigned int bytecount);
254	extern int SHA224FinalBits(SHA224Context *, uint8_t bits,
255	unsigned int bit_count);
256	extern int SHA224Result(SHA224Context *,
257	uint8_t Message_Digest[SHA224HashSize]);
258
259	/* SHA-256 */
260	extern int SHA256Reset(SHA256Context *);
261	extern int SHA256Input(SHA256Context , const uint8_t bytes,
262	unsigned int bytecount);
263	extern int SHA256FinalBits(SHA256Context *, uint8_t bits,
264	unsigned int bit_count);
265	extern int SHA256Result(SHA256Context *,
266	uint8_t Message_Digest[SHA256HashSize]);
267
268	/* SHA-384 */
269	extern int SHA384Reset(SHA384Context *);
270	extern int SHA384Input(SHA384Context , const uint8_t bytes,
271	unsigned int bytecount);
272	extern int SHA384FinalBits(SHA384Context *, uint8_t bits,
273	unsigned int bit_count);
274	extern int SHA384Result(SHA384Context *,
275	uint8_t Message_Digest[SHA384HashSize]);
276
277	/* SHA-512 */
278	extern int SHA512Reset(SHA512Context *);
279	extern int SHA512Input(SHA512Context , const uint8_t bytes,
280	unsigned int bytecount);
281	extern int SHA512FinalBits(SHA512Context *, uint8_t bits,
282	unsigned int bit_count);
283	extern int SHA512Result(SHA512Context *,
284	uint8_t Message_Digest[SHA512HashSize]);
285
286	/* Unified SHA functions, chosen by whichSha */
287	extern int USHAReset(USHAContext *context, SHAversion whichSha);
288	extern int USHAInput(USHAContext *context,
289	const uint8_t *bytes, unsigned int bytecount);
290	extern int USHAFinalBits(USHAContext *context,
291	uint8_t bits, unsigned int bit_count);
292	extern int USHAResult(USHAContext *context,
293	uint8_t Message_Digest[USHAMaxHashSize]);
294	extern int USHABlockSize(enum SHAversion whichSha);
295	extern int USHAHashSize(enum SHAversion whichSha);
296	extern int USHAHashSizeBits(enum SHAversion whichSha);
297	extern const char *USHAHashName(enum SHAversion whichSha);
298
299	/*
300	* HMAC Keyed-Hashing for Message Authentication, RFC 2104,
301	* for all SHAs.
302	* This interface allows a fixed-length text input to be used.
303	*/
304	extern int hmac(SHAversion whichSha, /* which SHA algorithm to use */
305	const unsigned char text, / pointer to data stream */
306	int text_len, /* length of data stream */
307	const unsigned char key, / pointer to authentication key */
308	int key_len, /* length of authentication key */
309	uint8_t digest[USHAMaxHashSize]); /* caller digest to fill in */
310
311	/*
312	* HMAC Keyed-Hashing for Message Authentication, RFC 2104,
313	* for all SHAs.
314	* This interface allows any length of text input to be used.
315	*/
316	extern int hmacReset(HMACContext *context, enum SHAversion whichSha,
317	const unsigned char *key, int key_len);
318	extern int hmacInput(HMACContext context, const unsigned char text,
319	int text_len);
320	extern int hmacFinalBits(HMACContext *context, uint8_t bits,
321	unsigned int bit_count);
322	extern int hmacResult(HMACContext *context,
323	uint8_t digest[USHAMaxHashSize]);
324
325	/*
326	* HKDF HMAC-based Extract-and-Expand Key Derivation Function,
327	* RFC 5869, for all SHAs.
328	*/
329	extern int hkdf(SHAversion whichSha, const unsigned char *salt,
330	int salt_len, const unsigned char *ikm, int ikm_len,
331	const unsigned char *info, int info_len,
332	uint8_t okm[ ], int okm_len);
333	extern int hkdfExtract(SHAversion whichSha, const unsigned char *salt,
334	int salt_len, const unsigned char *ikm,
335	int ikm_len, uint8_t prk[USHAMaxHashSize]);
336	extern int hkdfExpand(SHAversion whichSha, const uint8_t prk[ ],
337	int prk_len, const unsigned char *info,
338	int info_len, uint8_t okm[ ], int okm_len);
339
340	/*
341	* HKDF HMAC-based Extract-and-Expand Key Derivation Function,
342	* RFC 5869, for all SHAs.
343	* This interface allows any length of text input to be used.
344	*/
345	extern int hkdfReset(HKDFContext *context, enum SHAversion whichSha,
346	const unsigned char *salt, int salt_len);
347	extern int hkdfInput(HKDFContext context, const unsigned char ikm,
348	int ikm_len);
349	extern int hkdfFinalBits(HKDFContext *context, uint8_t ikm_bits,
350	unsigned int ikm_bit_count);
351	extern int hkdfResult(HKDFContext *context,
352	uint8_t prk[USHAMaxHashSize],
353	const unsigned char *info, int info_len,
354	uint8_t okm[USHAMaxHashSize], int okm_len);
355	#endif /* _SHA_H_ */