feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #2595 from dgarske/hmac_devid

Browse Source 
Adds PBKDF2 and Hash wrapper heap ctx and crypto callback support
This commit is contained in:
toddouska
2019-11-18 15:16:19 -08:00
committed by GitHub
parent 6ffd931db1 b780982aa4
commit 12dfe027ed
5 changed files with 61 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
wolfcrypt/src/hash.c
View File

@ -537,7 +537,8 @@ int wc_Hash(enum wc_HashType hash_type, const byte* data,
return ret;
}
int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type)
int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap,
int devId)
{
int ret = HASH_TYPE_E; /* Default to hash type error */
@ -547,53 +548,53 @@ int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type)
switch (type) {
case WC_HASH_TYPE_MD5:
#ifndef NO_MD5
ret = wc_InitMd5(&hash->md5);
ret = wc_InitMd5_ex(&hash->md5, heap, devId);
#endif
break;
case WC_HASH_TYPE_SHA:
#ifndef NO_SHA
ret = wc_InitSha(&hash->sha);
ret = wc_InitSha_ex(&hash->sha, heap, devId);
#endif
break;
case WC_HASH_TYPE_SHA224:
#ifdef WOLFSSL_SHA224
ret = wc_InitSha224(&hash->sha224);
ret = wc_InitSha224_ex(&hash->sha224, heap, devId);
#endif
break;
case WC_HASH_TYPE_SHA256:
#ifndef NO_SHA256
ret = wc_InitSha256(&hash->sha256);
ret = wc_InitSha256_ex(&hash->sha256, heap, devId);
#endif
break;
case WC_HASH_TYPE_SHA384:
#ifdef WOLFSSL_SHA384
ret = wc_InitSha384(&hash->sha384);
ret = wc_InitSha384_ex(&hash->sha384, heap, devId);
#endif
break;
case WC_HASH_TYPE_SHA512:
#ifdef WOLFSSL_SHA512
ret = wc_InitSha512(&hash->sha512);
ret = wc_InitSha512_ex(&hash->sha512, heap, devId);
#endif
break;
case WC_HASH_TYPE_SHA3_224:
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
ret = wc_InitSha3_224(&hash->sha3, NULL, INVALID_DEVID);
ret = wc_InitSha3_224(&hash->sha3, heap, devId);
#endif
break;
case WC_HASH_TYPE_SHA3_256:
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
ret = wc_InitSha3_256(&hash->sha3, NULL, INVALID_DEVID);
ret = wc_InitSha3_256(&hash->sha3, heap, devId);
#endif
break;
case WC_HASH_TYPE_SHA3_384:
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
ret = wc_InitSha3_384(&hash->sha3, NULL, INVALID_DEVID);
ret = wc_InitSha3_384(&hash->sha3, heap, devId);
#endif
break;
case WC_HASH_TYPE_SHA3_512:
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
ret = wc_InitSha3_512(&hash->sha3, NULL, INVALID_DEVID);
ret = wc_InitSha3_512(&hash->sha3, heap, devId);
#endif
break;
@ -611,6 +612,11 @@ int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type)
return ret;
}
int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type)
{
return wc_HashInit_ex(hash, type, NULL, INVALID_DEVID);
}
int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data,
word32 dataSz)
{

25
wolfcrypt/src/pwdbased.c
View File

@ -85,7 +85,7 @@ int wc_PBKDF1_ex(byte* key, int keyLen, byte* iv, int ivLen,
return MEMORY_E;
#endif
err = wc_HashInit(hash, hashT);
err = wc_HashInit_ex(hash, hashT, heap, INVALID_DEVID);
if (err != 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(hash, heap, DYNAMIC_TYPE_HASHCTX);
@ -171,8 +171,8 @@ int wc_PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt,
#ifdef HAVE_PBKDF2
int wc_PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
int sLen, int iterations, int kLen, int hashType)
int wc_PBKDF2_ex(byte* output, const byte* passwd, int pLen, const byte* salt,
int sLen, int iterations, int kLen, int hashType, void* heap, int devId)
{
word32 i = 1;
int hLen;
@ -199,17 +199,17 @@ int wc_PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
return BAD_FUNC_ARG;
#ifdef WOLFSSL_SMALL_STACK
buffer = (byte*)XMALLOC(WC_MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
buffer = (byte*)XMALLOC(WC_MAX_DIGEST_SIZE, heap, DYNAMIC_TYPE_TMP_BUFFER);
if (buffer == NULL)
return MEMORY_E;
hmac = (Hmac*)XMALLOC(sizeof(Hmac), NULL, DYNAMIC_TYPE_HMAC);
hmac = (Hmac*)XMALLOC(sizeof(Hmac), heap, DYNAMIC_TYPE_HMAC);
if (hmac == NULL) {
XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(buffer, heap, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
#endif
ret = wc_HmacInit(hmac, NULL, INVALID_DEVID);
ret = wc_HmacInit(hmac, heap, devId);
if (ret == 0) {
/* use int hashType here, since HMAC FIPS uses the old unique value */
ret = wc_HmacSetKey(hmac, hashType, passwd, pLen);
@ -263,13 +263,20 @@ int wc_PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(hmac, NULL, DYNAMIC_TYPE_HMAC);
XFREE(buffer, heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(hmac, heap, DYNAMIC_TYPE_HMAC);
#endif
return ret;
}
int wc_PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
int sLen, int iterations, int kLen, int hashType)
{
return wc_PBKDF2_ex(output, passwd, pLen, salt, sLen, iterations, kLen,
hashType, NULL, INVALID_DEVID);
}
#endif /* HAVE_PBKDF2 */
#ifdef HAVE_PKCS12

34
wolfcrypt/test/test.c
View File

@ -16018,6 +16018,7 @@ int pkcs12_test(void)
}
#endif /* HAVE_PKCS12 */
#if defined(HAVE_PBKDF2) && !defined(NO_SHA256)
int pbkdf2_test(void)
{
char passwd[] = "passwordpassword";
@ -16031,8 +16032,8 @@ int pbkdf2_test(void)
0x2d, 0xd4, 0xf9, 0x37, 0xd4, 0x95, 0x16, 0xa7, 0x2a, 0x9a, 0x21, 0xd1
};
int ret = wc_PBKDF2(derived, (byte*)passwd, (int)XSTRLEN(passwd), salt, 8,
iterations, kLen, WC_SHA256);
int ret = wc_PBKDF2_ex(derived, (byte*)passwd, (int)XSTRLEN(passwd), salt,
(int)sizeof(salt), iterations, kLen, WC_SHA256, HEAP_HINT, devId);
if (ret != 0)
return ret;
@ -16042,9 +16043,9 @@ int pbkdf2_test(void)
return 0;
}
#endif /* HAVE_PBKDF2 && !NO_SHA256 */
#ifndef NO_SHA
#if defined(HAVE_PBKDF1) && !defined(NO_SHA)
int pbkdf1_test(void)
{
char passwd[] = "password";
@ -16054,33 +16055,37 @@ int pbkdf1_test(void)
byte derived[16];
const byte verify[] = {
0xDC, 0x19, 0x84, 0x7E, 0x05, 0xC6, 0x4D, 0x2F, 0xAF, 0x10, 0xEB, 0xFB,
0x4A, 0x3D, 0x2A, 0x20
0xDC, 0x19, 0x84, 0x7E, 0x05, 0xC6, 0x4D, 0x2F,
0xAF, 0x10, 0xEB, 0xFB, 0x4A, 0x3D, 0x2A, 0x20
};
wc_PBKDF1(derived, (byte*)passwd, (int)XSTRLEN(passwd), salt, 8, iterations,
kLen, WC_SHA);
int ret = wc_PBKDF1_ex(derived, kLen, NULL, 0, (byte*)passwd,
(int)XSTRLEN(passwd), salt, (int)sizeof(salt), iterations, WC_SHA,
HEAP_HINT);
if (ret != 0)
return ret;
if (XMEMCMP(derived, verify, sizeof(verify)) != 0)
return -8100;
return 0;
}
#endif
#endif /* HAVE_PBKDF2 && !NO_SHA */
int pwdbased_test(void)
{
int ret = 0;
#ifndef NO_SHA
#if defined(HAVE_PBKDF1) && !defined(NO_SHA)
ret = pbkdf1_test();
if (ret != 0)
return ret;
#endif
#if defined(HAVE_PBKDF2) && !defined(NO_SHA256)
ret = pbkdf2_test();
if (ret != 0)
return ret;
#endif
#ifdef HAVE_PKCS12
ret = pkcs12_test();
if (ret != 0)
@ -25532,6 +25537,13 @@ int cryptocb_test(void)
ret = hmac_sha256_test();
#endif
#endif
#ifndef NO_PWDBASED
#if defined(HAVE_PBKDF2) && !defined(NO_SHA256)
ret = pbkdf2_test();
if (ret != 0)
return ret;
#endif
#endif
/* reset devId */
devId = INVALID_DEVID;

2
wolfssl/wolfcrypt/hash.h
View File

@ -158,6 +158,8 @@ WOLFSSL_API int wc_Hash(enum wc_HashType hash_type,
byte* hash, word32 hash_len);
/* generic hash operation wrappers */
WOLFSSL_API int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type,
void* heap, int devId);
WOLFSSL_API int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type);
WOLFSSL_API int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type,
const byte* data, word32 dataSz);

3
wolfssl/wolfcrypt/pwdbased.h
View File

@ -46,6 +46,9 @@ WOLFSSL_API int wc_PBKDF1_ex(byte* key, int keyLen, byte* iv, int ivLen,
WOLFSSL_API int wc_PBKDF1(byte* output, const byte* passwd, int pLen,
const byte* salt, int sLen, int iterations, int kLen,
int typeH);
WOLFSSL_API int wc_PBKDF2_ex(byte* output, const byte* passwd, int pLen,
const byte* salt, int sLen, int iterations, int kLen,
int typeH, void* heap, int devId);
WOLFSSL_API int wc_PBKDF2(byte* output, const byte* passwd, int pLen,
const byte* salt, int sLen, int iterations, int kLen,
int typeH);