File sha256.h

This file contains SHA-224 and SHA-256 definitions and functions.

The Secure Hash Algorithms 224 and 256 (SHA-224 and SHA-256) cryptographic hash functions are defined in FIPS 180-4: Secure Hash Standard (SHS).

Defines

MBEDTLS_ERR_SHA256_BAD_INPUT_DATA

SHA-256 input data was malformed.

Typedefs

typedef struct mbedtls_sha256_context mbedtls_sha256_context

The SHA-256 context structure.

            The structure is used both for SHA-256 and for SHA-224
            checksum calculations. The choice between these two is
            made in the call to mbedtls_sha256_starts().

Functions

void mbedtls_sha256_init(mbedtls_sha256_context *ctx)

This function initializes a SHA-256 context.

Parameters:

ctx – The SHA-256 context to initialize. This must not be NULL.

void mbedtls_sha256_free(mbedtls_sha256_context *ctx)

This function clears a SHA-256 context.

Parameters:

ctx – The SHA-256 context to clear. This may be NULL, in which case this function returns immediately. If it is not NULL, it must point to an initialized SHA-256 context.

void mbedtls_sha256_clone(mbedtls_sha256_context *dst, const mbedtls_sha256_context *src)

This function clones the state of a SHA-256 context.

Parameters:
  • dst – The destination context. This must be initialized.

  • src – The context to clone. This must be initialized.

int mbedtls_sha256_starts(mbedtls_sha256_context *ctx, int is224)

This function starts a SHA-224 or SHA-256 checksum calculation.

Note

is224 must be defined accordingly to the enabled MBEDTLS_SHA224_C/MBEDTLS_SHA256_C symbols otherwise the function will return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA.

Parameters:
  • ctx – The context to use. This must be initialized.

  • is224 – This determines which function to use. This must be either 0 for SHA-256, or 1 for SHA-224.

Returns:

0 on success.

Returns:

A negative error code on failure.

int mbedtls_sha256_update(mbedtls_sha256_context *ctx, const unsigned char *input, size_t ilen)

This function feeds an input buffer into an ongoing SHA-256 checksum calculation.

Parameters:
  • ctx – The SHA-256 context. This must be initialized and have a hash operation started.

  • input – The buffer holding the data. This must be a readable buffer of length ilen Bytes.

  • ilen – The length of the input data in Bytes.

Returns:

0 on success.

Returns:

A negative error code on failure.

int mbedtls_sha256_finish(mbedtls_sha256_context *ctx, unsigned char *output)

This function finishes the SHA-256 operation, and writes the result to the output buffer.

Parameters:
  • ctx – The SHA-256 context. This must be initialized and have a hash operation started.

  • output – The SHA-224 or SHA-256 checksum result. This must be a writable buffer of length 32 bytes for SHA-256, 28 bytes for SHA-224.

Returns:

0 on success.

Returns:

A negative error code on failure.

int mbedtls_sha256(const unsigned char *input, size_t ilen, unsigned char *output, int is224)

This function calculates the SHA-224 or SHA-256 checksum of a buffer.

The function allocates the context, performs the calculation, and frees the context.

The SHA-256 result is calculated as output = SHA-256(input buffer).

Parameters:
  • input – The buffer holding the data. This must be a readable buffer of length ilen Bytes.

  • ilen – The length of the input data in Bytes.

  • output – The SHA-224 or SHA-256 checksum result. This must be a writable buffer of length 32 bytes for SHA-256, 28 bytes for SHA-224.

  • is224 – Determines which function to use. This must be either 0 for SHA-256, or 1 for SHA-224.

Returns:

0 on success.

Returns:

A negative error code on failure.

int mbedtls_sha224_self_test(int verbose)

The SHA-224 checkup routine.

Returns:

0 on success.

Returns:

1 on failure.

int mbedtls_sha256_self_test(int verbose)

The SHA-256 checkup routine.

Returns:

0 on success.

Returns:

1 on failure.

struct mbedtls_sha256_context
#include <sha256.h>

The SHA-256 context structure.

            The structure is used both for SHA-256 and for SHA-224
            checksum calculations. The choice between these two is
            made in the call to mbedtls_sha256_starts().

Public Members

unsigned char private_buffer[64]

The data block being processed.

uint32_t private_total[2]

The number of Bytes processed.

uint32_t private_state[8]

The intermediate digest state.

int private_is224

Determines which function to use: 0: Use SHA-256, or 1: Use SHA-224.