Secure Hashing
Module Functionality
Provides secure hashing functionality. Hashes are non-reversible cryptographic algorithms that take a stream of bytes as input and return a bytearray of fixed length called a digest. Hashes are also deterministic — a single input maps to a single output — meaning that if the input changes, even slightly, the digest also changes. A hash can detect if the content of something — like a file or an Internet packet — changes and reveal tampering if the change was not authorized. Hashes can also be used as a form of digital signature.
Enumerations
Macros
-
CRYPTX_DIGESTLEN_SHA1
digest length for SHA-1 hash
-
CRYPTX_DIGESTLEN_SHA256
digest length for SHA-256 hash
Functions
-
bool cryptx_hash_init(struct cryptx_hash_ctx *context, uint8_t hash_alg)
Initializes a context for a specific hash algorithm.
- Parameters
context – Pointer to a ontext.
hash_alg – The numeric ID of the hashing algorithm to use. See cryptx_hash_algorithms.
- Returns
true if hash initialization succeeded, false if failed.
-
void cryptx_hash_update(struct cryptx_hash_ctx *context, const void *data, size_t len)
Updates the context for a given block of data.
- Parameters
context – Pointer to a context.
data – Pointer to a block of data to hash..
len – Size of the data to hash.
-
void cryptx_hash_digest(struct cryptx_hash_ctx *context, void *digest)
Output digest for current context (preserves state).
- Parameters
context – Pointer to a context.
digest – Pointer to a buffer to write digest to.
char *msg = "Hash this string";
crytx_hash_ctx h;
// initialize hash
cryptx_hash_init(&h, SHA256);
// allocate buffer for digest
uint8_t digest[h.digest_len];
// hash the string
cryptx_hash_update(&h, msg, strlen(msg));
// return the digest
cryptx_hash_digest(&h, digest);
Mask Generation Function One (MGF1) is a hash function that can return a digest of a variable given length. It is generally not used standalone but is a mask-generating algorithm used within the RSA module. Nonetheless, if you have need of it, feel free to use it.
-
void cryptx_hash_mgf1(const void *data, size_t datalen, void *outbuf, size_t outlen, uint8_t hash_alg)
Computes a digest of arbitrary length for a given block of data.
- Parameters
data – Pointer to data to hash.
datalen – Size of data to hash.
outbuf – Pointer to buffer to write digest to.
outlen – Number of bytes to write to outbuf.
hash_alg – The numeric ID of the hashing algorithm to use. See cryptx_hash_algorithms.
char *msg = "Hash this string";
#define MASK_LEN 48
uint8_t mask_buf[MASK_LEN];
cryptx_hash_mgf1(msg, strlen(msg), mask_buf, MASK_LEN, SHA256);
Warning
Do not use this function to derive a mask for a key by hashing a password. Use cryptx_hmac_pbkdf2 for this instead.
Notes
After initialization the hash context holds the digest length for the selected algorithm. You can read it by accessing
context.digest_len
. This is the only reason you should be accessing a member of the hash context.This API uses 516 bytes of fastMem starting at
0xE30800
for scratch memory. Do not use it for anything else if you are using this module.