diff --git a/components/bootloader_support/src/bootloader_sha.c b/components/bootloader_support/src/bootloader_sha.c index 079093ef8a..be23f7f26a 100644 --- a/components/bootloader_support/src/bootloader_sha.c +++ b/components/bootloader_support/src/bootloader_sha.c @@ -28,7 +28,7 @@ bootloader_sha256_handle_t bootloader_sha256_start() return NULL; } mbedtls_sha256_init(ctx); - mbedtls_sha256_starts(ctx, false); + assert(mbedtls_sha256_starts_ret(ctx, false) == 0); return ctx; } @@ -36,7 +36,7 @@ void bootloader_sha256_data(bootloader_sha256_handle_t handle, const void *data, { assert(handle != NULL); mbedtls_sha256_context *ctx = (mbedtls_sha256_context *)handle; - mbedtls_sha256_update(ctx, data, data_len); + assert(mbedtls_sha256_update_ret(ctx, data, data_len) == 0); } void bootloader_sha256_finish(bootloader_sha256_handle_t handle, uint8_t *digest) @@ -44,7 +44,7 @@ void bootloader_sha256_finish(bootloader_sha256_handle_t handle, uint8_t *digest assert(handle != NULL); mbedtls_sha256_context *ctx = (mbedtls_sha256_context *)handle; if (digest != NULL) { - mbedtls_sha256_finish(ctx, digest); + assert(mbedtls_sha256_finish_ret(ctx, digest) == 0); } mbedtls_sha256_free(ctx); free(handle); diff --git a/components/libsodium/port/crypto_hash_mbedtls/crypto_hash_sha256_mbedtls.c b/components/libsodium/port/crypto_hash_mbedtls/crypto_hash_sha256_mbedtls.c index b4fb442699..39c36c70a0 100644 --- a/components/libsodium/port/crypto_hash_mbedtls/crypto_hash_sha256_mbedtls.c +++ b/components/libsodium/port/crypto_hash_mbedtls/crypto_hash_sha256_mbedtls.c @@ -63,7 +63,10 @@ crypto_hash_sha256_init(crypto_hash_sha256_state *state) { mbedtls_sha256_context ctx; mbedtls_sha256_init(&ctx); - mbedtls_sha256_starts(&ctx, 0); + int ret = mbedtls_sha256_starts_ret(&ctx, 0); + if (ret != 0) { + return ret; + } sha256_mbedtls_to_libsodium(state, &ctx); return 0; } @@ -74,7 +77,10 @@ crypto_hash_sha256_update(crypto_hash_sha256_state *state, { mbedtls_sha256_context ctx; sha256_libsodium_to_mbedtls(&ctx, state); - mbedtls_sha256_update(&ctx, in, inlen); + int ret = mbedtls_sha256_update_ret(&ctx, in, inlen); + if (ret != 0) { + return ret; + } sha256_mbedtls_to_libsodium(state, &ctx); return 0; } @@ -84,15 +90,12 @@ crypto_hash_sha256_final(crypto_hash_sha256_state *state, unsigned char *out) { mbedtls_sha256_context ctx; sha256_libsodium_to_mbedtls(&ctx, state); - mbedtls_sha256_finish(&ctx, out); - sha256_mbedtls_to_libsodium(state, &ctx); - return 0; + return mbedtls_sha256_finish_ret(&ctx, out); } int crypto_hash_sha256(unsigned char *out, const unsigned char *in, unsigned long long inlen) { - mbedtls_sha256(in, inlen, out, 0); - return 0; + return mbedtls_sha256_ret(in, inlen, out, 0); } diff --git a/components/libsodium/port/crypto_hash_mbedtls/crypto_hash_sha512_mbedtls.c b/components/libsodium/port/crypto_hash_mbedtls/crypto_hash_sha512_mbedtls.c index 49fee0ca69..48d31a61e4 100644 --- a/components/libsodium/port/crypto_hash_mbedtls/crypto_hash_sha512_mbedtls.c +++ b/components/libsodium/port/crypto_hash_mbedtls/crypto_hash_sha512_mbedtls.c @@ -67,7 +67,10 @@ crypto_hash_sha512_init(crypto_hash_sha512_state *state) { mbedtls_sha512_context ctx; mbedtls_sha512_init(&ctx); - mbedtls_sha512_starts(&ctx, 0); + int ret = mbedtls_sha512_starts_ret(&ctx, 0); + if (ret != 0) { + return ret; + } sha512_mbedtls_to_libsodium(state, &ctx); return 0; } @@ -78,7 +81,10 @@ crypto_hash_sha512_update(crypto_hash_sha512_state *state, { mbedtls_sha512_context ctx; sha512_libsodium_to_mbedtls(&ctx, state); - mbedtls_sha512_update(&ctx, in, inlen); + int ret = mbedtls_sha512_update_ret(&ctx, in, inlen); + if (ret != 0) { + return ret; + } sha512_mbedtls_to_libsodium(state, &ctx); return 0; } @@ -88,14 +94,12 @@ crypto_hash_sha512_final(crypto_hash_sha512_state *state, unsigned char *out) { mbedtls_sha512_context ctx; sha512_libsodium_to_mbedtls(&ctx, state); - mbedtls_sha512_finish(&ctx, out); - return 0; + return mbedtls_sha512_finish_ret(&ctx, out); } int crypto_hash_sha512(unsigned char *out, const unsigned char *in, unsigned long long inlen) { - mbedtls_sha512(in, inlen, out, 0); - return 0; + return mbedtls_sha512_ret(in, inlen, out, 0); } diff --git a/components/mbedtls/port/esp_sha1.c b/components/mbedtls/port/esp_sha1.c index 6751596933..fddc32dd5d 100644 --- a/components/mbedtls/port/esp_sha1.c +++ b/components/mbedtls/port/esp_sha1.c @@ -111,7 +111,7 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst, /* * SHA-1 context setup */ -void mbedtls_sha1_starts( mbedtls_sha1_context *ctx ) +int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -126,11 +126,20 @@ void mbedtls_sha1_starts( mbedtls_sha1_context *ctx ) esp_sha_unlock_engine(SHA1); } ctx->mode = ESP_MBEDTLS_SHA1_UNUSED; + + return 0; } +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +void mbedtls_sha1_starts( mbedtls_sha1_context *ctx ) +{ + mbedtls_sha1_starts_ret( ctx ); +} +#endif + static void mbedtls_sha1_software_process( mbedtls_sha1_context *ctx, const unsigned char data[64] ); -void mbedtls_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[64] ) +int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[64] ) { bool first_block = false; if (ctx->mode == ESP_MBEDTLS_SHA1_UNUSED) { @@ -148,8 +157,18 @@ void mbedtls_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[6 } else { mbedtls_sha1_software_process(ctx, data); } + + return 0; } +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +void mbedtls_sha1_process( mbedtls_sha1_context *ctx, + const unsigned char data[64] ) +{ + mbedtls_internal_sha1_process( ctx, data ); +} +#endif + static void mbedtls_sha1_software_process( mbedtls_sha1_context *ctx, const unsigned char data[64] ) { @@ -310,13 +329,14 @@ static void mbedtls_sha1_software_process( mbedtls_sha1_context *ctx, const unsi /* * SHA-1 process buffer */ -void mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen ) +int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen ) { + int ret; size_t fill; uint32_t left; if( ilen == 0 ) - return; + return 0; left = ctx->total[0] & 0x3F; fill = 64 - left; @@ -330,7 +350,11 @@ void mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input, if( left && ilen >= fill ) { memcpy( (void *) (ctx->buffer + left), input, fill ); - mbedtls_sha1_process( ctx, ctx->buffer ); + + if ( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 ) { + return ret; + } + input += fill; ilen -= fill; left = 0; @@ -338,15 +362,29 @@ void mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input, while( ilen >= 64 ) { - mbedtls_sha1_process( ctx, input ); + if ( ( ret = mbedtls_internal_sha1_process( ctx, input ) ) != 0 ) { + return ret; + } + input += 64; ilen -= 64; } if( ilen > 0 ) memcpy( (void *) (ctx->buffer + left), input, ilen ); + + return 0; } +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +void mbedtls_sha1_update( mbedtls_sha1_context *ctx, + const unsigned char *input, + size_t ilen ) +{ + mbedtls_sha1_update_ret( ctx, input, ilen ); +} +#endif + static const unsigned char sha1_padding[64] = { 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, @@ -358,8 +396,9 @@ static const unsigned char sha1_padding[64] = /* * SHA-1 final digest */ -void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] ) +int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, unsigned char output[20] ) { + int ret; uint32_t last, padn; uint32_t high, low; unsigned char msglen[8]; @@ -374,14 +413,16 @@ void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] ) last = ctx->total[0] & 0x3F; padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); - mbedtls_sha1_update( ctx, sha1_padding, padn ); - mbedtls_sha1_update( ctx, msglen, 8 ); + if ( ( ret = mbedtls_sha1_update_ret( ctx, sha1_padding, padn ) ) != 0 ) { + goto out; + } + if ( ( ret = mbedtls_sha1_update_ret( ctx, msglen, 8 ) ) != 0 ) { + goto out; + } /* if state is in hardware, read it out */ if (ctx->mode == ESP_MBEDTLS_SHA1_HARDWARE) { esp_sha_read_digest_state(SHA1, ctx->state); - esp_sha_unlock_engine(SHA1); - ctx->mode = ESP_MBEDTLS_SHA1_SOFTWARE; } PUT_UINT32_BE( ctx->state[0], output, 0 ); @@ -390,6 +431,21 @@ void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] ) PUT_UINT32_BE( ctx->state[3], output, 12 ); PUT_UINT32_BE( ctx->state[4], output, 16 ); +out: + if (ctx->mode == ESP_MBEDTLS_SHA1_HARDWARE) { + esp_sha_unlock_engine(SHA1); + ctx->mode = ESP_MBEDTLS_SHA1_SOFTWARE; + } + + return ret; } +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, + unsigned char output[20] ) +{ + mbedtls_sha1_finish_ret( ctx, output ); +} +#endif + #endif /* MBEDTLS_SHA1_C && MBEDTLS_SHA1_ALT */ diff --git a/components/mbedtls/port/esp_sha256.c b/components/mbedtls/port/esp_sha256.c index fd136062a4..4eb37c077d 100644 --- a/components/mbedtls/port/esp_sha256.c +++ b/components/mbedtls/port/esp_sha256.c @@ -111,7 +111,7 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst, /* * SHA-256 context setup */ -void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 ) +int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -146,9 +146,17 @@ void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 ) esp_sha_unlock_engine(SHA2_256); } ctx->mode = ESP_MBEDTLS_SHA256_UNUSED; + return 0; } -#if !defined(MBEDTLS_SHA256_PROCESS_ALT) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, + int is224 ) +{ + mbedtls_sha256_starts_ret( ctx, is224 ); +} +#endif + static const uint32_t K[] = { 0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5, @@ -196,7 +204,7 @@ static const uint32_t K[] = static void mbedtls_sha256_software_process( mbedtls_sha256_context *ctx, const unsigned char data[64] ); -void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] ) +int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] ) { bool first_block = false; @@ -215,8 +223,17 @@ void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char da } else { mbedtls_sha256_software_process(ctx, data); } + + return 0; } +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +void mbedtls_sha256_process( mbedtls_sha256_context *ctx, + const unsigned char data[64] ) +{ + mbedtls_internal_sha256_process( ctx, data ); +} +#endif static void mbedtls_sha256_software_process( mbedtls_sha256_context *ctx, const unsigned char data[64] ) { @@ -272,19 +289,19 @@ static void mbedtls_sha256_software_process( mbedtls_sha256_context *ctx, const for( i = 0; i < 8; i++ ) ctx->state[i] += A[i]; } -#endif /* !MBEDTLS_SHA256_PROCESS_ALT */ /* * SHA-256 process buffer */ -void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *input, +int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, const unsigned char *input, size_t ilen ) { + int ret; size_t fill; uint32_t left; if( ilen == 0 ) - return; + return 0; left = ctx->total[0] & 0x3F; fill = 64 - left; @@ -298,7 +315,11 @@ void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *in if( left && ilen >= fill ) { memcpy( (void *) (ctx->buffer + left), input, fill ); - mbedtls_sha256_process( ctx, ctx->buffer ); + + if ( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 ) { + return ret; + } + input += fill; ilen -= fill; left = 0; @@ -306,15 +327,29 @@ void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *in while( ilen >= 64 ) { - mbedtls_sha256_process( ctx, input ); + if ( ( ret = mbedtls_internal_sha256_process( ctx, input ) ) != 0 ) { + return ret; + } + input += 64; ilen -= 64; } if( ilen > 0 ) memcpy( (void *) (ctx->buffer + left), input, ilen ); + + return 0; } +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +void mbedtls_sha256_update( mbedtls_sha256_context *ctx, + const unsigned char *input, + size_t ilen ) +{ + mbedtls_sha256_update_ret( ctx, input, ilen ); +} +#endif + static const unsigned char sha256_padding[64] = { 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, @@ -326,8 +361,9 @@ static const unsigned char sha256_padding[64] = /* * SHA-256 final digest */ -void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32] ) +int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, unsigned char output[32] ) { + int ret; uint32_t last, padn; uint32_t high, low; unsigned char msglen[8]; @@ -342,14 +378,17 @@ void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32 last = ctx->total[0] & 0x3F; padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); - mbedtls_sha256_update( ctx, sha256_padding, padn ); - mbedtls_sha256_update( ctx, msglen, 8 ); + if ( ( ret = mbedtls_sha256_update_ret( ctx, sha256_padding, padn ) ) != 0 ) { + goto out; + } + + if ( ( ret = mbedtls_sha256_update_ret( ctx, msglen, 8 ) ) != 0 ) { + goto out; + } /* if state is in hardware, read it out */ if (ctx->mode == ESP_MBEDTLS_SHA256_HARDWARE) { esp_sha_read_digest_state(SHA2_256, ctx->state); - esp_sha_unlock_engine(SHA2_256); - ctx->mode = ESP_MBEDTLS_SHA256_SOFTWARE; } PUT_UINT32_BE( ctx->state[0], output, 0 ); @@ -362,6 +401,22 @@ void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32 if( ctx->is224 == 0 ) PUT_UINT32_BE( ctx->state[7], output, 28 ); + +out: + if (ctx->mode == ESP_MBEDTLS_SHA256_HARDWARE) { + esp_sha_unlock_engine(SHA2_256); + ctx->mode = ESP_MBEDTLS_SHA256_SOFTWARE; + } + + return ret; } +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, + unsigned char output[32] ) +{ + mbedtls_sha256_finish_ret( ctx, output ); +} +#endif + #endif /* MBEDTLS_SHA256_C && MBEDTLS_SHA256_ALT */ diff --git a/components/mbedtls/port/esp_sha512.c b/components/mbedtls/port/esp_sha512.c index 7a2bb15cb7..a61f5f5c2e 100644 --- a/components/mbedtls/port/esp_sha512.c +++ b/components/mbedtls/port/esp_sha512.c @@ -135,7 +135,7 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, /* * SHA-512 context setup */ -void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ) +int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -170,8 +170,17 @@ void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ) esp_sha_unlock_engine(sha_type(ctx)); } ctx->mode = ESP_MBEDTLS_SHA512_UNUSED; + + return 0; } +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, + int is384 ) +{ + mbedtls_sha512_starts_ret( ctx, is384 ); +} +#endif /* * Round constants @@ -222,7 +231,7 @@ static const uint64_t K[80] = static void mbedtls_sha512_software_process( mbedtls_sha512_context *ctx, const unsigned char data[128] ); -void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] ) +int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] ) { bool first_block = false; @@ -241,8 +250,17 @@ void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char da } else { mbedtls_sha512_software_process(ctx, data); } + + return 0; } +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +void mbedtls_sha512_process( mbedtls_sha512_context *ctx, + const unsigned char data[128] ) +{ + mbedtls_internal_sha512_process( ctx, data ); +} +#endif static void mbedtls_sha512_software_process( mbedtls_sha512_context *ctx, const unsigned char data[128] ) @@ -317,14 +335,15 @@ static void mbedtls_sha512_software_process( mbedtls_sha512_context *ctx, const /* * SHA-512 process buffer */ -void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input, +int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, const unsigned char *input, size_t ilen ) { + int ret; size_t fill; unsigned int left; if( ilen == 0 ) - return; + return 0; left = (unsigned int) (ctx->total[0] & 0x7F); fill = 128 - left; @@ -337,7 +356,10 @@ void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *in if( left && ilen >= fill ) { memcpy( (void *) (ctx->buffer + left), input, fill ); - mbedtls_sha512_process( ctx, ctx->buffer ); + if ( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 ) { + return ret; + } + input += fill; ilen -= fill; left = 0; @@ -345,15 +367,30 @@ void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *in while( ilen >= 128 ) { - mbedtls_sha512_process( ctx, input ); + if ( ( ret = mbedtls_internal_sha512_process( ctx, input ) ) != 0 ) { + return ret; + } + input += 128; ilen -= 128; } if( ilen > 0 ) memcpy( (void *) (ctx->buffer + left), input, ilen ); + + return 0; } +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +void mbedtls_sha512_update( mbedtls_sha512_context *ctx, + const unsigned char *input, + size_t ilen ) +{ + mbedtls_sha512_update_ret( ctx, input, ilen ); +} +#endif + + static const unsigned char sha512_padding[128] = { 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, @@ -369,8 +406,9 @@ static const unsigned char sha512_padding[128] = /* * SHA-512 final digest */ -void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64] ) +int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, unsigned char output[64] ) { + int ret; size_t last, padn; uint64_t high, low; unsigned char msglen[16]; @@ -385,14 +423,17 @@ void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64 last = (size_t)( ctx->total[0] & 0x7F ); padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last ); - mbedtls_sha512_update( ctx, sha512_padding, padn ); - mbedtls_sha512_update( ctx, msglen, 16 ); + if ( ( ret = mbedtls_sha512_update_ret( ctx, sha512_padding, padn ) ) != 0 ) { + goto out; + } + + if ( ( ret = mbedtls_sha512_update_ret( ctx, msglen, 16 ) ) != 0 ) { + goto out; + } /* if state is in hardware, read it out */ if (ctx->mode == ESP_MBEDTLS_SHA512_HARDWARE) { esp_sha_read_digest_state(sha_type(ctx), ctx->state); - esp_sha_unlock_engine(sha_type(ctx)); - ctx->mode = ESP_MBEDTLS_SHA512_SOFTWARE; } PUT_UINT64_BE( ctx->state[0], output, 0 ); @@ -407,6 +448,22 @@ void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64 PUT_UINT64_BE( ctx->state[6], output, 48 ); PUT_UINT64_BE( ctx->state[7], output, 56 ); } + +out: + if (ctx->mode == ESP_MBEDTLS_SHA512_HARDWARE) { + esp_sha_unlock_engine(sha_type(ctx)); + ctx->mode = ESP_MBEDTLS_SHA512_SOFTWARE; + } + + return ret; } +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, + unsigned char output[64] ) +{ + mbedtls_sha512_finish_ret( ctx, output ); +} +#endif + #endif /* MBEDTLS_SHA512_C && MBEDTLS_SHA512_ALT */ diff --git a/components/mbedtls/test/test_mbedtls_sha.c b/components/mbedtls/test/test_mbedtls_sha.c index fba16ef0b5..aa81d63032 100644 --- a/components/mbedtls/test/test_mbedtls_sha.c +++ b/components/mbedtls/test/test_mbedtls_sha.c @@ -62,19 +62,19 @@ TEST_CASE("mbedtls SHA interleaving", "[mbedtls]") mbedtls_sha256_init(&sha256_ctx); mbedtls_sha512_init(&sha512_ctx); - mbedtls_sha1_starts(&sha1_ctx); - mbedtls_sha256_starts(&sha256_ctx, false); - mbedtls_sha512_starts(&sha512_ctx, false); + TEST_ASSERT_EQUAL(0, mbedtls_sha1_starts_ret(&sha1_ctx)); + TEST_ASSERT_EQUAL(0, mbedtls_sha256_starts_ret(&sha256_ctx, false)); + TEST_ASSERT_EQUAL(0, mbedtls_sha512_starts_ret(&sha512_ctx, false)); for (int i = 0; i < 10; i++) { - mbedtls_sha1_update(&sha1_ctx, one_hundred_as, 100); - mbedtls_sha256_update(&sha256_ctx, one_hundred_as, 100); - mbedtls_sha512_update(&sha512_ctx, one_hundred_bs, 100); + TEST_ASSERT_EQUAL(0, mbedtls_sha1_update_ret(&sha1_ctx, one_hundred_as, 100)); + TEST_ASSERT_EQUAL(0, mbedtls_sha256_update_ret(&sha256_ctx, one_hundred_as, 100)); + TEST_ASSERT_EQUAL(0, mbedtls_sha512_update_ret(&sha512_ctx, one_hundred_bs, 100)); } - mbedtls_sha1_finish(&sha1_ctx, sha1); - mbedtls_sha256_finish(&sha256_ctx, sha256); - mbedtls_sha512_finish(&sha512_ctx, sha512); + TEST_ASSERT_EQUAL(0, mbedtls_sha1_finish_ret(&sha1_ctx, sha1)); + TEST_ASSERT_EQUAL(0, mbedtls_sha256_finish_ret(&sha256_ctx, sha256)); + TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish_ret(&sha512_ctx, sha512)); TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_thousand_bs, sha512, 64, "SHA512 calculation"); TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_as, sha256, 32, "SHA256 calculation"); @@ -89,11 +89,11 @@ static void tskRunSHA1Test(void *pvParameters) for (int i = 0; i < 1000; i++) { mbedtls_sha1_init(&sha1_ctx); - mbedtls_sha1_starts(&sha1_ctx); + TEST_ASSERT_EQUAL(0, mbedtls_sha1_starts_ret(&sha1_ctx)); for (int j = 0; j < 10; j++) { - mbedtls_sha1_update(&sha1_ctx, (unsigned char *)one_hundred_as, 100); + TEST_ASSERT_EQUAL(0, mbedtls_sha1_update_ret(&sha1_ctx, (unsigned char *)one_hundred_as, 100)); } - mbedtls_sha1_finish(&sha1_ctx, sha1); + TEST_ASSERT_EQUAL(0, mbedtls_sha1_finish_ret(&sha1_ctx, sha1)); TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha1_thousand_as, sha1, 20, "SHA1 calculation"); } xSemaphoreGive(done_sem); @@ -107,11 +107,11 @@ static void tskRunSHA256Test(void *pvParameters) for (int i = 0; i < 1000; i++) { mbedtls_sha256_init(&sha256_ctx); - mbedtls_sha256_starts(&sha256_ctx, false); + TEST_ASSERT_EQUAL(0, mbedtls_sha256_starts_ret(&sha256_ctx, false)); for (int j = 0; j < 10; j++) { - mbedtls_sha256_update(&sha256_ctx, (unsigned char *)one_hundred_bs, 100); + TEST_ASSERT_EQUAL(0, mbedtls_sha256_update_ret(&sha256_ctx, (unsigned char *)one_hundred_bs, 100)); } - mbedtls_sha256_finish(&sha256_ctx, sha256); + TEST_ASSERT_EQUAL(0, mbedtls_sha256_finish_ret(&sha256_ctx, sha256)); TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_bs, sha256, 32, "SHA256 calculation"); } @@ -187,21 +187,21 @@ TEST_CASE("mbedtls SHA512 clone", "[mbedtls]") unsigned char sha512[64]; mbedtls_sha512_init(&ctx); - mbedtls_sha512_starts(&ctx, false); + TEST_ASSERT_EQUAL(0, mbedtls_sha512_starts_ret(&ctx, false)); for (int i = 0; i < 5; i++) { - mbedtls_sha512_update(&ctx, one_hundred_bs, 100); + TEST_ASSERT_EQUAL(0, mbedtls_sha512_update_ret(&ctx, one_hundred_bs, 100)); } mbedtls_sha512_clone(&clone, &ctx); for (int i = 0; i < 5; i++) { - mbedtls_sha512_update(&ctx, one_hundred_bs, 100); - mbedtls_sha512_update(&clone, one_hundred_bs, 100); + TEST_ASSERT_EQUAL(0, mbedtls_sha512_update_ret(&ctx, one_hundred_bs, 100)); + TEST_ASSERT_EQUAL(0, mbedtls_sha512_update_ret(&clone, one_hundred_bs, 100)); } - mbedtls_sha512_finish(&ctx, sha512); + TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish_ret(&ctx, sha512)); TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_thousand_bs, sha512, 64, "SHA512 original calculation"); - mbedtls_sha512_finish(&clone, sha512); + TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish_ret(&clone, sha512)); TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_thousand_bs, sha512, 64, "SHA512 cloned calculation"); } @@ -212,21 +212,21 @@ TEST_CASE("mbedtls SHA384 clone", "[mbedtls]") unsigned char sha384[48]; mbedtls_sha512_init(&ctx); - mbedtls_sha512_starts(&ctx, true); + TEST_ASSERT_EQUAL(0, mbedtls_sha512_starts_ret(&ctx, true)); for (int i = 0; i < 5; i++) { - mbedtls_sha512_update(&ctx, one_hundred_bs, 100); + TEST_ASSERT_EQUAL(0, mbedtls_sha512_update_ret(&ctx, one_hundred_bs, 100)); } mbedtls_sha512_clone(&clone, &ctx); for (int i = 0; i < 5; i++) { - mbedtls_sha512_update(&ctx, one_hundred_bs, 100); - mbedtls_sha512_update(&clone, one_hundred_bs, 100); + TEST_ASSERT_EQUAL(0, mbedtls_sha512_update_ret(&ctx, one_hundred_bs, 100)); + TEST_ASSERT_EQUAL(0, mbedtls_sha512_update_ret(&clone, one_hundred_bs, 100)); } - mbedtls_sha512_finish(&ctx, sha384); + TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish_ret(&ctx, sha384)); TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha384_thousand_bs, sha384, 48, "SHA512 original calculation"); - mbedtls_sha512_finish(&clone, sha384); + TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish_ret(&clone, sha384)); TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha384_thousand_bs, sha384, 48, "SHA512 cloned calculation"); } @@ -238,20 +238,20 @@ TEST_CASE("mbedtls SHA256 clone", "[mbedtls]") unsigned char sha256[64]; mbedtls_sha256_init(&ctx); - mbedtls_sha256_starts(&ctx, false); + TEST_ASSERT_EQUAL(0, mbedtls_sha256_starts_ret(&ctx, false)); for (int i = 0; i < 5; i++) { - mbedtls_sha256_update(&ctx, one_hundred_as, 100); + TEST_ASSERT_EQUAL(0, mbedtls_sha256_update_ret(&ctx, one_hundred_as, 100)); } mbedtls_sha256_clone(&clone, &ctx); for (int i = 0; i < 5; i++) { - mbedtls_sha256_update(&ctx, one_hundred_as, 100); - mbedtls_sha256_update(&clone, one_hundred_as, 100); + TEST_ASSERT_EQUAL(0, mbedtls_sha256_update_ret(&ctx, one_hundred_as, 100)); + TEST_ASSERT_EQUAL(0, mbedtls_sha256_update_ret(&clone, one_hundred_as, 100)); } - mbedtls_sha256_finish(&ctx, sha256); + TEST_ASSERT_EQUAL(0, mbedtls_sha256_finish_ret(&ctx, sha256)); TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_as, sha256, 32, "SHA256 original calculation"); - mbedtls_sha256_finish(&clone, sha256); + TEST_ASSERT_EQUAL(0, mbedtls_sha256_finish_ret(&clone, sha256)); TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_as, sha256, 32, "SHA256 cloned calculation"); } diff --git a/components/wpa_supplicant/src/fast_crypto/fast_sha256-internal.c b/components/wpa_supplicant/src/fast_crypto/fast_sha256-internal.c index 587b9096fc..7650cb87ed 100644 --- a/components/wpa_supplicant/src/fast_crypto/fast_sha256-internal.c +++ b/components/wpa_supplicant/src/fast_crypto/fast_sha256-internal.c @@ -28,21 +28,31 @@ int fast_sha256_vector(size_t num_elem, const uint8_t *addr[], const size_t *len, uint8_t *mac) { + int ret = 0; mbedtls_sha256_context ctx; mbedtls_sha256_init(&ctx); - mbedtls_sha256_starts(&ctx, 0); - - for(size_t index = 0; index < num_elem; index++) { - mbedtls_sha256_update(&ctx, addr[index], len[index]); + if (mbedtls_sha256_starts_ret(&ctx, 0) != 0) { + ret = -1; + goto out; } - mbedtls_sha256_finish(&ctx, mac); + for(size_t index = 0; index < num_elem; index++) { + if (mbedtls_sha256_update_ret(&ctx, addr[index], len[index]) != 0) { + ret = -1; + goto out; + } + } + if (mbedtls_sha256_finish_ret(&ctx, mac) != 0) { + ret = -1; + goto out; + } + +out: mbedtls_sha256_free(&ctx); - return 0; + return ret; } -