From 02ee22e73be299121309c1474e31e51b2c2c266d Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 16 Oct 2017 09:57:22 -0700 Subject: [PATCH] Support for mapping to new names with old for FIPS build. Fix to revert HMAC SHA224 type check, since SHA224 type isn't in FIPS wolfCrypt. --- wolfcrypt/src/hmac.c | 5 ++--- wolfssl/wolfcrypt/sha.h | 6 ++++++ wolfssl/wolfcrypt/sha256.h | 16 +++++++++++++++- wolfssl/wolfcrypt/sha512.h | 13 +++++++++++++ 4 files changed, 36 insertions(+), 4 deletions(-) diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c index 560c33981..74ac602bc 100755 --- a/wolfcrypt/src/hmac.c +++ b/wolfcrypt/src/hmac.c @@ -45,9 +45,8 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz) { if (hmac == NULL || (key == NULL && keySz != 0) || - !(type == WC_MD5 || type == WC_SHA || type == WC_SHA224 || - type == WC_SHA256 || type == WC_SHA384 || type == WC_SHA512 || - type == BLAKE2B_ID)) { + !(type == WC_MD5 || type == WC_SHA || type == WC_SHA256 || + type == WC_SHA384 || type == WC_SHA512 || type == BLAKE2B_ID)) { return BAD_FUNC_ARG; } diff --git a/wolfssl/wolfcrypt/sha.h b/wolfssl/wolfcrypt/sha.h index 3088378f8..a35c0c55f 100644 --- a/wolfssl/wolfcrypt/sha.h +++ b/wolfssl/wolfcrypt/sha.h @@ -28,6 +28,12 @@ #ifndef NO_SHA #ifdef HAVE_FIPS +#define wc_Sha Sha +#define WC_SHA SHA +#define WC_SHA_BLOCK_SIZE SHA_BLOCK_SIZE +#define WC_SHA_DIGEST_SIZE SHA_DIGEST_SIZE +#define WC_SHA_PAD_SIZE SHA_PAD_SIZE + /* for fips @wc_fips */ #include #endif diff --git a/wolfssl/wolfcrypt/sha256.h b/wolfssl/wolfcrypt/sha256.h index b4b625213..2416d63a8 100644 --- a/wolfssl/wolfcrypt/sha256.h +++ b/wolfssl/wolfcrypt/sha256.h @@ -30,6 +30,20 @@ #ifndef NO_SHA256 #ifdef HAVE_FIPS + #define wc_Sha256 Sha256 + #define WC_SHA256 SHA256 + #define WC_SHA256_BLOCK_SIZE SHA256_BLOCK_SIZE + #define WC_SHA256_DIGEST_SIZE SHA256_DIGEST_SIZE + #define WC_SHA256_PAD_SIZE SHA256_PAD_SIZE + + #ifdef WOLFSSL_SHA224 + #define wc_Sha224 Sha224 + #define WC_SHA224 SHA224 + #define WC_SHA224_BLOCK_SIZE SHA224_BLOCK_SIZE + #define WC_SHA224_DIGEST_SIZE SHA224_DIGEST_SIZE + #define WC_SHA224_PAD_SIZE SHA224_PAD_SIZE + #endif + /* for fips @wc_fips */ #include #endif @@ -114,6 +128,7 @@ WOLFSSL_API void wc_Sha256SizeSet(wc_Sha256*, word32); #endif #ifdef WOLFSSL_SHA224 +#ifndef HAVE_FIPS /* avoid redefinition of structs */ #ifndef NO_OLD_WC_NAMES #define Sha224 wc_Sha224 @@ -123,7 +138,6 @@ WOLFSSL_API void wc_Sha256SizeSet(wc_Sha256*, word32); #define SHA224_PAD_SIZE WC_SHA224_PAD_SIZE #endif -#ifndef HAVE_FIPS /* avoid redefinition of structs */ /* in bytes */ enum { WC_SHA224 = 8, /* hash type unique */ diff --git a/wolfssl/wolfcrypt/sha512.h b/wolfssl/wolfcrypt/sha512.h index 69719eed8..8e9ea8eec 100644 --- a/wolfssl/wolfcrypt/sha512.h +++ b/wolfssl/wolfcrypt/sha512.h @@ -29,6 +29,19 @@ /* for fips @wc_fips */ #ifdef HAVE_FIPS + #define wc_Sha512 Sha512 + #define WC_SHA512 SHA512 + #define WC_SHA512_BLOCK_SIZE SHA512_BLOCK_SIZE + #define WC_SHA512_DIGEST_SIZE SHA512_DIGEST_SIZE + #define WC_SHA512_PAD_SIZE SHA512_PAD_SIZE + #ifdef WOLFSSL_SHA384 + #define wc_Sha384 Sha384 + #define WC_SHA384 SHA384 + #define WC_SHA384_BLOCK_SIZE SHA384_BLOCK_SIZE + #define WC_SHA384_DIGEST_SIZE SHA384_DIGEST_SIZE + #define WC_SHA384_PAD_SIZE SHA384_PAD_SIZE + #endif /* WOLFSSL_SHA384 */ + #define CYASSL_SHA512 #if defined(WOLFSSL_SHA384) #define CYASSL_SHA384