Kenji Arai / mbed-os_TYBLE16

Dependents:   TYBLE16_simple_data_logger TYBLE16_MP3_Air

Embed: (wiki syntax)

« Back to documentation index

Show/hide line numbers sha256.c Source File

sha256.c

00001 /*
00002  *  FIPS-180-2 compliant SHA-256 implementation
00003  *
00004  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
00005  *  SPDX-License-Identifier: Apache-2.0
00006  *
00007  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
00008  *  not use this file except in compliance with the License.
00009  *  You may obtain a copy of the License at
00010  *
00011  *  http://www.apache.org/licenses/LICENSE-2.0
00012  *
00013  *  Unless required by applicable law or agreed to in writing, software
00014  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
00015  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00016  *  See the License for the specific language governing permissions and
00017  *  limitations under the License.
00018  *
00019  *  This file is part of mbed TLS (https://tls.mbed.org)
00020  */
00021 /*
00022  *  The SHA-256 Secure Hash Standard was published by NIST in 2002.
00023  *
00024  *  http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
00025  */
00026 
00027 #if !defined(MBEDTLS_CONFIG_FILE)
00028 #include "mbedtls/config.h"
00029 #else
00030 #include MBEDTLS_CONFIG_FILE
00031 #endif
00032 
00033 #if defined(MBEDTLS_SHA256_C)
00034 
00035 #include "mbedtls/sha256.h"
00036 #include "mbedtls/platform_util.h"
00037 
00038 #include <string.h>
00039 
00040 #if defined(MBEDTLS_SELF_TEST)
00041 #if defined(MBEDTLS_PLATFORM_C)
00042 #include "mbedtls/platform.h"
00043 #else
00044 #include <stdio.h>
00045 #include <stdlib.h>
00046 #define mbedtls_printf printf
00047 #define mbedtls_calloc    calloc
00048 #define mbedtls_free       free
00049 #endif /* MBEDTLS_PLATFORM_C */
00050 #endif /* MBEDTLS_SELF_TEST */
00051 
00052 #define SHA256_VALIDATE_RET(cond)                           \
00053     MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA256_BAD_INPUT_DATA )
00054 #define SHA256_VALIDATE(cond)  MBEDTLS_INTERNAL_VALIDATE( cond )
00055 
00056 #if !defined(MBEDTLS_SHA256_ALT)
00057 
00058 /*
00059  * 32-bit integer manipulation macros (big endian)
00060  */
00061 #ifndef GET_UINT32_BE
00062 #define GET_UINT32_BE(n,b,i)                            \
00063 do {                                                    \
00064     (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
00065         | ( (uint32_t) (b)[(i) + 1] << 16 )             \
00066         | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
00067         | ( (uint32_t) (b)[(i) + 3]       );            \
00068 } while( 0 )
00069 #endif
00070 
00071 #ifndef PUT_UINT32_BE
00072 #define PUT_UINT32_BE(n,b,i)                            \
00073 do {                                                    \
00074     (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
00075     (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
00076     (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
00077     (b)[(i) + 3] = (unsigned char) ( (n)       );       \
00078 } while( 0 )
00079 #endif
00080 
00081 void mbedtls_sha256_init( mbedtls_sha256_context *ctx )
00082 {
00083     SHA256_VALIDATE( ctx != NULL );
00084 
00085     memset( ctx, 0, sizeof( mbedtls_sha256_context ) );
00086 }
00087 
00088 void mbedtls_sha256_free( mbedtls_sha256_context *ctx )
00089 {
00090     if( ctx == NULL )
00091         return;
00092 
00093     mbedtls_platform_zeroize( ctx, sizeof( mbedtls_sha256_context ) );
00094 }
00095 
00096 void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
00097                            const mbedtls_sha256_context *src )
00098 {
00099     SHA256_VALIDATE( dst != NULL );
00100     SHA256_VALIDATE( src != NULL );
00101 
00102     *dst = *src;
00103 }
00104 
00105 /*
00106  * SHA-256 context setup
00107  */
00108 int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 )
00109 {
00110     SHA256_VALIDATE_RET( ctx != NULL );
00111     SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 );
00112 
00113     ctx->total [0] = 0;
00114     ctx->total [1] = 0;
00115 
00116     if( is224 == 0 )
00117     {
00118         /* SHA-256 */
00119         ctx->state [0] = 0x6A09E667;
00120         ctx->state [1] = 0xBB67AE85;
00121         ctx->state [2] = 0x3C6EF372;
00122         ctx->state [3] = 0xA54FF53A;
00123         ctx->state [4] = 0x510E527F;
00124         ctx->state [5] = 0x9B05688C;
00125         ctx->state [6] = 0x1F83D9AB;
00126         ctx->state [7] = 0x5BE0CD19;
00127     }
00128     else
00129     {
00130         /* SHA-224 */
00131         ctx->state [0] = 0xC1059ED8;
00132         ctx->state [1] = 0x367CD507;
00133         ctx->state [2] = 0x3070DD17;
00134         ctx->state [3] = 0xF70E5939;
00135         ctx->state [4] = 0xFFC00B31;
00136         ctx->state [5] = 0x68581511;
00137         ctx->state [6] = 0x64F98FA7;
00138         ctx->state [7] = 0xBEFA4FA4;
00139     }
00140 
00141     ctx->is224  = is224;
00142 
00143     return( 0 );
00144 }
00145 
00146 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
00147 void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
00148                             int is224 )
00149 {
00150     mbedtls_sha256_starts_ret( ctx, is224 );
00151 }
00152 #endif
00153 
00154 #if !defined(MBEDTLS_SHA256_PROCESS_ALT)
00155 static const uint32_t K[] =
00156 {
00157     0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5,
00158     0x3956C25B, 0x59F111F1, 0x923F82A4, 0xAB1C5ED5,
00159     0xD807AA98, 0x12835B01, 0x243185BE, 0x550C7DC3,
00160     0x72BE5D74, 0x80DEB1FE, 0x9BDC06A7, 0xC19BF174,
00161     0xE49B69C1, 0xEFBE4786, 0x0FC19DC6, 0x240CA1CC,
00162     0x2DE92C6F, 0x4A7484AA, 0x5CB0A9DC, 0x76F988DA,
00163     0x983E5152, 0xA831C66D, 0xB00327C8, 0xBF597FC7,
00164     0xC6E00BF3, 0xD5A79147, 0x06CA6351, 0x14292967,
00165     0x27B70A85, 0x2E1B2138, 0x4D2C6DFC, 0x53380D13,
00166     0x650A7354, 0x766A0ABB, 0x81C2C92E, 0x92722C85,
00167     0xA2BFE8A1, 0xA81A664B, 0xC24B8B70, 0xC76C51A3,
00168     0xD192E819, 0xD6990624, 0xF40E3585, 0x106AA070,
00169     0x19A4C116, 0x1E376C08, 0x2748774C, 0x34B0BCB5,
00170     0x391C0CB3, 0x4ED8AA4A, 0x5B9CCA4F, 0x682E6FF3,
00171     0x748F82EE, 0x78A5636F, 0x84C87814, 0x8CC70208,
00172     0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2,
00173 };
00174 
00175 #define  SHR(x,n) (((x) & 0xFFFFFFFF) >> (n))
00176 #define ROTR(x,n) (SHR(x,n) | ((x) << (32 - (n))))
00177 
00178 #define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^  SHR(x, 3))
00179 #define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^  SHR(x,10))
00180 
00181 #define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22))
00182 #define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25))
00183 
00184 #define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
00185 #define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
00186 
00187 #define R(t)                                    \
00188     (                                           \
00189         W[t] = S1(W[(t) -  2]) + W[(t) -  7] +  \
00190                S0(W[(t) - 15]) + W[(t) - 16]    \
00191     )
00192 
00193 #define P(a,b,c,d,e,f,g,h,x,K)                          \
00194     do                                                  \
00195     {                                                   \
00196         temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x);      \
00197         temp2 = S2(a) + F0((a),(b),(c));                        \
00198         (d) += temp1; (h) = temp1 + temp2;              \
00199     } while( 0 )
00200 
00201 int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
00202                                 const unsigned char data[64] )
00203 {
00204     uint32_t temp1, temp2, W[64];
00205     uint32_t A[8];
00206     unsigned int i;
00207 
00208     SHA256_VALIDATE_RET( ctx != NULL );
00209     SHA256_VALIDATE_RET( (const unsigned char *)data != NULL );
00210 
00211     for( i = 0; i < 8; i++ )
00212         A[i] = ctx->state [i];
00213 
00214 #if defined(MBEDTLS_SHA256_SMALLER)
00215     for( i = 0; i < 64; i++ )
00216     {
00217         if( i < 16 )
00218             GET_UINT32_BE( W[i], data, 4 * i );
00219         else
00220             R( i );
00221 
00222         P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i], K[i] );
00223 
00224         temp1 = A[7]; A[7] = A[6]; A[6] = A[5]; A[5] = A[4]; A[4] = A[3];
00225         A[3] = A[2]; A[2] = A[1]; A[1] = A[0]; A[0] = temp1;
00226     }
00227 #else /* MBEDTLS_SHA256_SMALLER */
00228     for( i = 0; i < 16; i++ )
00229         GET_UINT32_BE( W[i], data, 4 * i );
00230 
00231     for( i = 0; i < 16; i += 8 )
00232     {
00233         P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i+0], K[i+0] );
00234         P( A[7], A[0], A[1], A[2], A[3], A[4], A[5], A[6], W[i+1], K[i+1] );
00235         P( A[6], A[7], A[0], A[1], A[2], A[3], A[4], A[5], W[i+2], K[i+2] );
00236         P( A[5], A[6], A[7], A[0], A[1], A[2], A[3], A[4], W[i+3], K[i+3] );
00237         P( A[4], A[5], A[6], A[7], A[0], A[1], A[2], A[3], W[i+4], K[i+4] );
00238         P( A[3], A[4], A[5], A[6], A[7], A[0], A[1], A[2], W[i+5], K[i+5] );
00239         P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], W[i+6], K[i+6] );
00240         P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], W[i+7], K[i+7] );
00241     }
00242 
00243     for( i = 16; i < 64; i += 8 )
00244     {
00245         P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], R(i+0), K[i+0] );
00246         P( A[7], A[0], A[1], A[2], A[3], A[4], A[5], A[6], R(i+1), K[i+1] );
00247         P( A[6], A[7], A[0], A[1], A[2], A[3], A[4], A[5], R(i+2), K[i+2] );
00248         P( A[5], A[6], A[7], A[0], A[1], A[2], A[3], A[4], R(i+3), K[i+3] );
00249         P( A[4], A[5], A[6], A[7], A[0], A[1], A[2], A[3], R(i+4), K[i+4] );
00250         P( A[3], A[4], A[5], A[6], A[7], A[0], A[1], A[2], R(i+5), K[i+5] );
00251         P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], R(i+6), K[i+6] );
00252         P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], R(i+7), K[i+7] );
00253     }
00254 #endif /* MBEDTLS_SHA256_SMALLER */
00255 
00256     for( i = 0; i < 8; i++ )
00257         ctx->state [i] += A[i];
00258 
00259     return( 0 );
00260 }
00261 
00262 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
00263 void mbedtls_sha256_process( mbedtls_sha256_context *ctx,
00264                              const unsigned char data[64] )
00265 {
00266     mbedtls_internal_sha256_process( ctx, data );
00267 }
00268 #endif
00269 #endif /* !MBEDTLS_SHA256_PROCESS_ALT */
00270 
00271 /*
00272  * SHA-256 process buffer
00273  */
00274 int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
00275                                const unsigned char *input,
00276                                size_t ilen )
00277 {
00278     int ret;
00279     size_t fill;
00280     uint32_t left;
00281 
00282     SHA256_VALIDATE_RET( ctx != NULL );
00283     SHA256_VALIDATE_RET( ilen == 0 || input != NULL );
00284 
00285     if( ilen == 0 )
00286         return( 0 );
00287 
00288     left = ctx->total [0] & 0x3F;
00289     fill = 64 - left;
00290 
00291     ctx->total [0] += (uint32_t) ilen;
00292     ctx->total [0] &= 0xFFFFFFFF;
00293 
00294     if( ctx->total [0] < (uint32_t) ilen )
00295         ctx->total [1]++;
00296 
00297     if( left && ilen >= fill )
00298     {
00299         memcpy( (void *) (ctx->buffer  + left), input, fill );
00300 
00301         if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer  ) ) != 0 )
00302             return( ret );
00303 
00304         input += fill;
00305         ilen  -= fill;
00306         left = 0;
00307     }
00308 
00309     while( ilen >= 64 )
00310     {
00311         if( ( ret = mbedtls_internal_sha256_process( ctx, input ) ) != 0 )
00312             return( ret );
00313 
00314         input += 64;
00315         ilen  -= 64;
00316     }
00317 
00318     if( ilen > 0 )
00319         memcpy( (void *) (ctx->buffer  + left), input, ilen );
00320 
00321     return( 0 );
00322 }
00323 
00324 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
00325 void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
00326                             const unsigned char *input,
00327                             size_t ilen )
00328 {
00329     mbedtls_sha256_update_ret( ctx, input, ilen );
00330 }
00331 #endif
00332 
00333 /*
00334  * SHA-256 final digest
00335  */
00336 int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
00337                                unsigned char output[32] )
00338 {
00339     int ret;
00340     uint32_t used;
00341     uint32_t high, low;
00342 
00343     SHA256_VALIDATE_RET( ctx != NULL );
00344     SHA256_VALIDATE_RET( (unsigned char *)output != NULL );
00345 
00346     /*
00347      * Add padding: 0x80 then 0x00 until 8 bytes remain for the length
00348      */
00349     used = ctx->total [0] & 0x3F;
00350 
00351     ctx->buffer [used++] = 0x80;
00352 
00353     if( used <= 56 )
00354     {
00355         /* Enough room for padding + length in current block */
00356         memset( ctx->buffer  + used, 0, 56 - used );
00357     }
00358     else
00359     {
00360         /* We'll need an extra block */
00361         memset( ctx->buffer  + used, 0, 64 - used );
00362 
00363         if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer  ) ) != 0 )
00364             return( ret );
00365 
00366         memset( ctx->buffer , 0, 56 );
00367     }
00368 
00369     /*
00370      * Add message length
00371      */
00372     high = ( ctx->total [0] >> 29 )
00373          | ( ctx->total [1] <<  3 );
00374     low  = ( ctx->total [0] <<  3 );
00375 
00376     PUT_UINT32_BE( high, ctx->buffer , 56 );
00377     PUT_UINT32_BE( low,  ctx->buffer , 60 );
00378 
00379     if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer  ) ) != 0 )
00380         return( ret );
00381 
00382     /*
00383      * Output final state
00384      */
00385     PUT_UINT32_BE( ctx->state [0], output,  0 );
00386     PUT_UINT32_BE( ctx->state [1], output,  4 );
00387     PUT_UINT32_BE( ctx->state [2], output,  8 );
00388     PUT_UINT32_BE( ctx->state [3], output, 12 );
00389     PUT_UINT32_BE( ctx->state [4], output, 16 );
00390     PUT_UINT32_BE( ctx->state [5], output, 20 );
00391     PUT_UINT32_BE( ctx->state [6], output, 24 );
00392 
00393     if( ctx->is224  == 0 )
00394         PUT_UINT32_BE( ctx->state [7], output, 28 );
00395 
00396     return( 0 );
00397 }
00398 
00399 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
00400 void mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
00401                             unsigned char output[32] )
00402 {
00403     mbedtls_sha256_finish_ret( ctx, output );
00404 }
00405 #endif
00406 
00407 #endif /* !MBEDTLS_SHA256_ALT */
00408 
00409 /*
00410  * output = SHA-256( input buffer )
00411  */
00412 int mbedtls_sha256_ret( const unsigned char *input,
00413                         size_t ilen,
00414                         unsigned char output[32],
00415                         int is224 )
00416 {
00417     int ret;
00418     mbedtls_sha256_context ctx;
00419 
00420     SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 );
00421     SHA256_VALIDATE_RET( ilen == 0 || input != NULL );
00422     SHA256_VALIDATE_RET( (unsigned char *)output != NULL );
00423 
00424     mbedtls_sha256_init( &ctx );
00425 
00426     if( ( ret = mbedtls_sha256_starts_ret( &ctx, is224 ) ) != 0 )
00427         goto exit;
00428 
00429     if( ( ret = mbedtls_sha256_update_ret( &ctx, input, ilen ) ) != 0 )
00430         goto exit;
00431 
00432     if( ( ret = mbedtls_sha256_finish_ret( &ctx, output ) ) != 0 )
00433         goto exit;
00434 
00435 exit:
00436     mbedtls_sha256_free( &ctx );
00437 
00438     return( ret );
00439 }
00440 
00441 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
00442 void mbedtls_sha256( const unsigned char *input,
00443                      size_t ilen,
00444                      unsigned char output[32],
00445                      int is224 )
00446 {
00447     mbedtls_sha256_ret( input, ilen, output, is224 );
00448 }
00449 #endif
00450 
00451 #if defined(MBEDTLS_SELF_TEST)
00452 /*
00453  * FIPS-180-2 test vectors
00454  */
00455 static const unsigned char sha256_test_buf[3][57] =
00456 {
00457     { "abc" },
00458     { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
00459     { "" }
00460 };
00461 
00462 static const size_t sha256_test_buflen[3] =
00463 {
00464     3, 56, 1000
00465 };
00466 
00467 static const unsigned char sha256_test_sum[6][32] =
00468 {
00469     /*
00470      * SHA-224 test vectors
00471      */
00472     { 0x23, 0x09, 0x7D, 0x22, 0x34, 0x05, 0xD8, 0x22,
00473       0x86, 0x42, 0xA4, 0x77, 0xBD, 0xA2, 0x55, 0xB3,
00474       0x2A, 0xAD, 0xBC, 0xE4, 0xBD, 0xA0, 0xB3, 0xF7,
00475       0xE3, 0x6C, 0x9D, 0xA7 },
00476     { 0x75, 0x38, 0x8B, 0x16, 0x51, 0x27, 0x76, 0xCC,
00477       0x5D, 0xBA, 0x5D, 0xA1, 0xFD, 0x89, 0x01, 0x50,
00478       0xB0, 0xC6, 0x45, 0x5C, 0xB4, 0xF5, 0x8B, 0x19,
00479       0x52, 0x52, 0x25, 0x25 },
00480     { 0x20, 0x79, 0x46, 0x55, 0x98, 0x0C, 0x91, 0xD8,
00481       0xBB, 0xB4, 0xC1, 0xEA, 0x97, 0x61, 0x8A, 0x4B,
00482       0xF0, 0x3F, 0x42, 0x58, 0x19, 0x48, 0xB2, 0xEE,
00483       0x4E, 0xE7, 0xAD, 0x67 },
00484 
00485     /*
00486      * SHA-256 test vectors
00487      */
00488     { 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA,
00489       0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23,
00490       0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17, 0x7A, 0x9C,
00491       0xB4, 0x10, 0xFF, 0x61, 0xF2, 0x00, 0x15, 0xAD },
00492     { 0x24, 0x8D, 0x6A, 0x61, 0xD2, 0x06, 0x38, 0xB8,
00493       0xE5, 0xC0, 0x26, 0x93, 0x0C, 0x3E, 0x60, 0x39,
00494       0xA3, 0x3C, 0xE4, 0x59, 0x64, 0xFF, 0x21, 0x67,
00495       0xF6, 0xEC, 0xED, 0xD4, 0x19, 0xDB, 0x06, 0xC1 },
00496     { 0xCD, 0xC7, 0x6E, 0x5C, 0x99, 0x14, 0xFB, 0x92,
00497       0x81, 0xA1, 0xC7, 0xE2, 0x84, 0xD7, 0x3E, 0x67,
00498       0xF1, 0x80, 0x9A, 0x48, 0xA4, 0x97, 0x20, 0x0E,
00499       0x04, 0x6D, 0x39, 0xCC, 0xC7, 0x11, 0x2C, 0xD0 }
00500 };
00501 
00502 /*
00503  * Checkup routine
00504  */
00505 int mbedtls_sha256_self_test( int verbose )
00506 {
00507     int i, j, k, buflen, ret = 0;
00508     unsigned char *buf;
00509     unsigned char sha256sum[32];
00510     mbedtls_sha256_context ctx;
00511 
00512     buf = mbedtls_calloc( 1024, sizeof(unsigned char) );
00513     if( NULL == buf )
00514     {
00515         if( verbose != 0 )
00516             mbedtls_printf( "Buffer allocation failed\n" );
00517 
00518         return( 1 );
00519     }
00520 
00521     mbedtls_sha256_init( &ctx );
00522 
00523     for( i = 0; i < 6; i++ )
00524     {
00525         j = i % 3;
00526         k = i < 3;
00527 
00528         if( verbose != 0 )
00529             mbedtls_printf( "  SHA-%d test #%d: ", 256 - k * 32, j + 1 );
00530 
00531         if( ( ret = mbedtls_sha256_starts_ret( &ctx, k ) ) != 0 )
00532             goto fail;
00533 
00534         if( j == 2 )
00535         {
00536             memset( buf, 'a', buflen = 1000 );
00537 
00538             for( j = 0; j < 1000; j++ )
00539             {
00540                 ret = mbedtls_sha256_update_ret( &ctx, buf, buflen );
00541                 if( ret != 0 )
00542                     goto fail;
00543             }
00544 
00545         }
00546         else
00547         {
00548             ret = mbedtls_sha256_update_ret( &ctx, sha256_test_buf[j],
00549                                              sha256_test_buflen[j] );
00550             if( ret != 0 )
00551                  goto fail;
00552         }
00553 
00554         if( ( ret = mbedtls_sha256_finish_ret( &ctx, sha256sum ) ) != 0 )
00555             goto fail;
00556 
00557 
00558         if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 )
00559         {
00560             ret = 1;
00561             goto fail;
00562         }
00563 
00564         if( verbose != 0 )
00565             mbedtls_printf( "passed\n" );
00566     }
00567 
00568     if( verbose != 0 )
00569         mbedtls_printf( "\n" );
00570 
00571     goto exit;
00572 
00573 fail:
00574     if( verbose != 0 )
00575         mbedtls_printf( "failed\n" );
00576 
00577 exit:
00578     mbedtls_sha256_free( &ctx );
00579     mbedtls_free( buf );
00580 
00581     return( ret );
00582 }
00583 
00584 #endif /* MBEDTLS_SELF_TEST */
00585 
00586 #endif /* MBEDTLS_SHA256_C */