forked from wolfSSL/wolfssl
Merge pull request #2595 from dgarske/hmac_devid
Adds PBKDF2 and Hash wrapper heap ctx and crypto callback support
This commit is contained in:
toddouska
GitHub
@ -537,7 +537,8 @@ int wc_Hash(enum wc_HashType hash_type, const byte* data,
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type)
|
int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap,
|
||||||
|
int devId)
|
||||||
{
|
{
|
||||||
int ret = HASH_TYPE_E; /* Default to hash type error */
|
int ret = HASH_TYPE_E; /* Default to hash type error */
|
||||||
|
|
||||||
@ -547,53 +548,53 @@ int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type)
|
|||||||
switch (type) {
|
switch (type) {
|
||||||
case WC_HASH_TYPE_MD5:
|
case WC_HASH_TYPE_MD5:
|
||||||
#ifndef NO_MD5
|
#ifndef NO_MD5
|
||||||
ret = wc_InitMd5(&hash->md5);
|
ret = wc_InitMd5_ex(&hash->md5, heap, devId);
|
||||||
#endif
|
#endif
|
||||||
break;
|
break;
|
||||||
case WC_HASH_TYPE_SHA:
|
case WC_HASH_TYPE_SHA:
|
||||||
#ifndef NO_SHA
|
#ifndef NO_SHA
|
||||||
ret = wc_InitSha(&hash->sha);
|
ret = wc_InitSha_ex(&hash->sha, heap, devId);
|
||||||
#endif
|
#endif
|
||||||
break;
|
break;
|
||||||
case WC_HASH_TYPE_SHA224:
|
case WC_HASH_TYPE_SHA224:
|
||||||
#ifdef WOLFSSL_SHA224
|
#ifdef WOLFSSL_SHA224
|
||||||
ret = wc_InitSha224(&hash->sha224);
|
ret = wc_InitSha224_ex(&hash->sha224, heap, devId);
|
||||||
#endif
|
#endif
|
||||||
break;
|
break;
|
||||||
case WC_HASH_TYPE_SHA256:
|
case WC_HASH_TYPE_SHA256:
|
||||||
#ifndef NO_SHA256
|
#ifndef NO_SHA256
|
||||||
ret = wc_InitSha256(&hash->sha256);
|
ret = wc_InitSha256_ex(&hash->sha256, heap, devId);
|
||||||
#endif
|
#endif
|
||||||
break;
|
break;
|
||||||
case WC_HASH_TYPE_SHA384:
|
case WC_HASH_TYPE_SHA384:
|
||||||
#ifdef WOLFSSL_SHA384
|
#ifdef WOLFSSL_SHA384
|
||||||
ret = wc_InitSha384(&hash->sha384);
|
ret = wc_InitSha384_ex(&hash->sha384, heap, devId);
|
||||||
#endif
|
#endif
|
||||||
break;
|
break;
|
||||||
case WC_HASH_TYPE_SHA512:
|
case WC_HASH_TYPE_SHA512:
|
||||||
#ifdef WOLFSSL_SHA512
|
#ifdef WOLFSSL_SHA512
|
||||||
ret = wc_InitSha512(&hash->sha512);
|
ret = wc_InitSha512_ex(&hash->sha512, heap, devId);
|
||||||
#endif
|
#endif
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case WC_HASH_TYPE_SHA3_224:
|
case WC_HASH_TYPE_SHA3_224:
|
||||||
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
|
||||||
ret = wc_InitSha3_224(&hash->sha3, NULL, INVALID_DEVID);
|
ret = wc_InitSha3_224(&hash->sha3, heap, devId);
|
||||||
#endif
|
#endif
|
||||||
break;
|
break;
|
||||||
case WC_HASH_TYPE_SHA3_256:
|
case WC_HASH_TYPE_SHA3_256:
|
||||||
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
|
||||||
ret = wc_InitSha3_256(&hash->sha3, NULL, INVALID_DEVID);
|
ret = wc_InitSha3_256(&hash->sha3, heap, devId);
|
||||||
#endif
|
#endif
|
||||||
break;
|
break;
|
||||||
case WC_HASH_TYPE_SHA3_384:
|
case WC_HASH_TYPE_SHA3_384:
|
||||||
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
|
||||||
ret = wc_InitSha3_384(&hash->sha3, NULL, INVALID_DEVID);
|
ret = wc_InitSha3_384(&hash->sha3, heap, devId);
|
||||||
#endif
|
#endif
|
||||||
break;
|
break;
|
||||||
case WC_HASH_TYPE_SHA3_512:
|
case WC_HASH_TYPE_SHA3_512:
|
||||||
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
|
||||||
ret = wc_InitSha3_512(&hash->sha3, NULL, INVALID_DEVID);
|
ret = wc_InitSha3_512(&hash->sha3, heap, devId);
|
||||||
#endif
|
#endif
|
||||||
break;
|
break;
|
||||||
|
|
||||||
@ -611,6 +612,11 @@ int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type)
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type)
|
||||||
|
{
|
||||||
|
return wc_HashInit_ex(hash, type, NULL, INVALID_DEVID);
|
||||||
|
}
|
||||||
|
|
||||||
int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data,
|
int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data,
|
||||||
word32 dataSz)
|
word32 dataSz)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -85,7 +85,7 @@ int wc_PBKDF1_ex(byte* key, int keyLen, byte* iv, int ivLen,
|
|||||||
return MEMORY_E;
|
return MEMORY_E;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
err = wc_HashInit(hash, hashT);
|
err = wc_HashInit_ex(hash, hashT, heap, INVALID_DEVID);
|
||||||
if (err != 0) {
|
if (err != 0) {
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
XFREE(hash, heap, DYNAMIC_TYPE_HASHCTX);
|
XFREE(hash, heap, DYNAMIC_TYPE_HASHCTX);
|
||||||
@ -171,8 +171,8 @@ int wc_PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt,
|
|||||||
|
|
||||||
#ifdef HAVE_PBKDF2
|
#ifdef HAVE_PBKDF2
|
||||||
|
|
||||||
int wc_PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
|
int wc_PBKDF2_ex(byte* output, const byte* passwd, int pLen, const byte* salt,
|
||||||
int sLen, int iterations, int kLen, int hashType)
|
int sLen, int iterations, int kLen, int hashType, void* heap, int devId)
|
||||||
{
|
{
|
||||||
word32 i = 1;
|
word32 i = 1;
|
||||||
int hLen;
|
int hLen;
|
||||||
@ -199,17 +199,17 @@ int wc_PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
|
|||||||
return BAD_FUNC_ARG;
|
return BAD_FUNC_ARG;
|
||||||
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
buffer = (byte*)XMALLOC(WC_MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
buffer = (byte*)XMALLOC(WC_MAX_DIGEST_SIZE, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (buffer == NULL)
|
if (buffer == NULL)
|
||||||
return MEMORY_E;
|
return MEMORY_E;
|
||||||
hmac = (Hmac*)XMALLOC(sizeof(Hmac), NULL, DYNAMIC_TYPE_HMAC);
|
hmac = (Hmac*)XMALLOC(sizeof(Hmac), heap, DYNAMIC_TYPE_HMAC);
|
||||||
if (hmac == NULL) {
|
if (hmac == NULL) {
|
||||||
XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(buffer, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
return MEMORY_E;
|
return MEMORY_E;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
ret = wc_HmacInit(hmac, NULL, INVALID_DEVID);
|
ret = wc_HmacInit(hmac, heap, devId);
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
/* use int hashType here, since HMAC FIPS uses the old unique value */
|
/* use int hashType here, since HMAC FIPS uses the old unique value */
|
||||||
ret = wc_HmacSetKey(hmac, hashType, passwd, pLen);
|
ret = wc_HmacSetKey(hmac, hashType, passwd, pLen);
|
||||||
@ -263,13 +263,20 @@ int wc_PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(buffer, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
XFREE(hmac, NULL, DYNAMIC_TYPE_HMAC);
|
XFREE(hmac, heap, DYNAMIC_TYPE_HMAC);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int wc_PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
|
||||||
|
int sLen, int iterations, int kLen, int hashType)
|
||||||
|
{
|
||||||
|
return wc_PBKDF2_ex(output, passwd, pLen, salt, sLen, iterations, kLen,
|
||||||
|
hashType, NULL, INVALID_DEVID);
|
||||||
|
}
|
||||||
|
|
||||||
#endif /* HAVE_PBKDF2 */
|
#endif /* HAVE_PBKDF2 */
|
||||||
|
|
||||||
#ifdef HAVE_PKCS12
|
#ifdef HAVE_PKCS12
|
||||||
|
|||||||
@ -16018,6 +16018,7 @@ int pkcs12_test(void)
|
|||||||
}
|
}
|
||||||
#endif /* HAVE_PKCS12 */
|
#endif /* HAVE_PKCS12 */
|
||||||
|
|
||||||
|
#if defined(HAVE_PBKDF2) && !defined(NO_SHA256)
|
||||||
int pbkdf2_test(void)
|
int pbkdf2_test(void)
|
||||||
{
|
{
|
||||||
char passwd[] = "passwordpassword";
|
char passwd[] = "passwordpassword";
|
||||||
@ -16031,8 +16032,8 @@ int pbkdf2_test(void)
|
|||||||
0x2d, 0xd4, 0xf9, 0x37, 0xd4, 0x95, 0x16, 0xa7, 0x2a, 0x9a, 0x21, 0xd1
|
0x2d, 0xd4, 0xf9, 0x37, 0xd4, 0x95, 0x16, 0xa7, 0x2a, 0x9a, 0x21, 0xd1
|
||||||
};
|
};
|
||||||
|
|
||||||
int ret = wc_PBKDF2(derived, (byte*)passwd, (int)XSTRLEN(passwd), salt, 8,
|
int ret = wc_PBKDF2_ex(derived, (byte*)passwd, (int)XSTRLEN(passwd), salt,
|
||||||
iterations, kLen, WC_SHA256);
|
(int)sizeof(salt), iterations, kLen, WC_SHA256, HEAP_HINT, devId);
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
return ret;
|
return ret;
|
||||||
|
|
||||||
@ -16042,9 +16043,9 @@ int pbkdf2_test(void)
|
|||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
#endif /* HAVE_PBKDF2 && !NO_SHA256 */
|
||||||
|
|
||||||
|
#if defined(HAVE_PBKDF1) && !defined(NO_SHA)
|
||||||
#ifndef NO_SHA
|
|
||||||
int pbkdf1_test(void)
|
int pbkdf1_test(void)
|
||||||
{
|
{
|
||||||
char passwd[] = "password";
|
char passwd[] = "password";
|
||||||
@ -16054,33 +16055,37 @@ int pbkdf1_test(void)
|
|||||||
byte derived[16];
|
byte derived[16];
|
||||||
|
|
||||||
const byte verify[] = {
|
const byte verify[] = {
|
||||||
0xDC, 0x19, 0x84, 0x7E, 0x05, 0xC6, 0x4D, 0x2F, 0xAF, 0x10, 0xEB, 0xFB,
|
0xDC, 0x19, 0x84, 0x7E, 0x05, 0xC6, 0x4D, 0x2F,
|
||||||
0x4A, 0x3D, 0x2A, 0x20
|
0xAF, 0x10, 0xEB, 0xFB, 0x4A, 0x3D, 0x2A, 0x20
|
||||||
};
|
};
|
||||||
|
|
||||||
wc_PBKDF1(derived, (byte*)passwd, (int)XSTRLEN(passwd), salt, 8, iterations,
|
int ret = wc_PBKDF1_ex(derived, kLen, NULL, 0, (byte*)passwd,
|
||||||
kLen, WC_SHA);
|
(int)XSTRLEN(passwd), salt, (int)sizeof(salt), iterations, WC_SHA,
|
||||||
|
HEAP_HINT);
|
||||||
|
if (ret != 0)
|
||||||
|
return ret;
|
||||||
|
|
||||||
if (XMEMCMP(derived, verify, sizeof(verify)) != 0)
|
if (XMEMCMP(derived, verify, sizeof(verify)) != 0)
|
||||||
return -8100;
|
return -8100;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#endif
|
#endif /* HAVE_PBKDF2 && !NO_SHA */
|
||||||
|
|
||||||
|
|
||||||
int pwdbased_test(void)
|
int pwdbased_test(void)
|
||||||
{
|
{
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
|
|
||||||
#ifndef NO_SHA
|
#if defined(HAVE_PBKDF1) && !defined(NO_SHA)
|
||||||
ret = pbkdf1_test();
|
ret = pbkdf1_test();
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
return ret;
|
return ret;
|
||||||
#endif
|
#endif
|
||||||
|
#if defined(HAVE_PBKDF2) && !defined(NO_SHA256)
|
||||||
ret = pbkdf2_test();
|
ret = pbkdf2_test();
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
return ret;
|
return ret;
|
||||||
|
#endif
|
||||||
#ifdef HAVE_PKCS12
|
#ifdef HAVE_PKCS12
|
||||||
ret = pkcs12_test();
|
ret = pkcs12_test();
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
@ -25532,6 +25537,13 @@ int cryptocb_test(void)
|
|||||||
ret = hmac_sha256_test();
|
ret = hmac_sha256_test();
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
|
#ifndef NO_PWDBASED
|
||||||
|
#if defined(HAVE_PBKDF2) && !defined(NO_SHA256)
|
||||||
|
ret = pbkdf2_test();
|
||||||
|
if (ret != 0)
|
||||||
|
return ret;
|
||||||
|
#endif
|
||||||
|
#endif
|
||||||
|
|
||||||
/* reset devId */
|
/* reset devId */
|
||||||
devId = INVALID_DEVID;
|
devId = INVALID_DEVID;
|
||||||
|
|||||||
@ -158,6 +158,8 @@ WOLFSSL_API int wc_Hash(enum wc_HashType hash_type,
|
|||||||
byte* hash, word32 hash_len);
|
byte* hash, word32 hash_len);
|
||||||
|
|
||||||
/* generic hash operation wrappers */
|
/* generic hash operation wrappers */
|
||||||
|
WOLFSSL_API int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type,
|
||||||
|
void* heap, int devId);
|
||||||
WOLFSSL_API int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type);
|
WOLFSSL_API int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type);
|
||||||
WOLFSSL_API int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type,
|
WOLFSSL_API int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type,
|
||||||
const byte* data, word32 dataSz);
|
const byte* data, word32 dataSz);
|
||||||
|
|||||||
@ -46,6 +46,9 @@ WOLFSSL_API int wc_PBKDF1_ex(byte* key, int keyLen, byte* iv, int ivLen,
|
|||||||
WOLFSSL_API int wc_PBKDF1(byte* output, const byte* passwd, int pLen,
|
WOLFSSL_API int wc_PBKDF1(byte* output, const byte* passwd, int pLen,
|
||||||
const byte* salt, int sLen, int iterations, int kLen,
|
const byte* salt, int sLen, int iterations, int kLen,
|
||||||
int typeH);
|
int typeH);
|
||||||
|
WOLFSSL_API int wc_PBKDF2_ex(byte* output, const byte* passwd, int pLen,
|
||||||
|
const byte* salt, int sLen, int iterations, int kLen,
|
||||||
|
int typeH, void* heap, int devId);
|
||||||
WOLFSSL_API int wc_PBKDF2(byte* output, const byte* passwd, int pLen,
|
WOLFSSL_API int wc_PBKDF2(byte* output, const byte* passwd, int pLen,
|
||||||
const byte* salt, int sLen, int iterations, int kLen,
|
const byte* salt, int sLen, int iterations, int kLen,
|
||||||
int typeH);
|
int typeH);
|
||||||
|
|||||||
Reference in New Issue
Block a user