feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

fix afalg/cryptodev + opensslextra build

Browse Source
This commit is contained in:
Jacob Barthelmeh
2018-12-20 10:52:17 -07:00
parent 48c267dda8
commit 164a762088
5 changed files with 173 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

213
src/ssl.c
View File

@ -13001,6 +13001,65 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
} }
/* Deep copy of EVP_MD hasher
* return WOLFSSL_SUCCESS on success */
static int wolfSSL_EVP_MD_Copy_Hasher(WOLFSSL_EVP_MD_CTX* des,
const WOLFSSL_EVP_MD_CTX* src)
{
if (src->macType == (NID_hmac & 0xFF)) {
wolfSSL_HmacCopy(&des->hash.hmac, (Hmac*)&src->hash.hmac);
}
else {
switch (src->macType) {
#ifndef NO_MD5
case WC_MD5:
wc_Md5Copy((wc_Md5*)&src->hash.digest,
(wc_Md5*)&des->hash.digest);
break;
#endif /* !NO_MD5 */
#ifndef NO_SHA
case WC_SHA:
wc_ShaCopy((wc_Sha*)&src->hash.digest,
(wc_Sha*)&des->hash.digest);
break;
#endif /* !NO_SHA */
#ifdef WOLFSSL_SHA224
case WC_SHA224:
wc_Sha224Copy((wc_Sha224*)&src->hash.digest,
(wc_Sha224*)&des->hash.digest);
break;
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
case WC_SHA256:
wc_Sha256Copy((wc_Sha256*)&src->hash.digest,
(wc_Sha256*)&des->hash.digest);
break;
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384
case WC_SHA384:
wc_Sha384Copy((wc_Sha384*)&src->hash.digest,
(wc_Sha384*)&des->hash.digest);
break;
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
case WC_SHA512:
wc_Sha512Copy((wc_Sha512*)&src->hash.digest,
(wc_Sha512*)&des->hash.digest);
break;
#endif /* WOLFSSL_SHA512 */
default:
return WOLFSSL_FAILURE;
}
}
return WOLFSSL_SUCCESS;
}
/* copies structure in to the structure out /* copies structure in to the structure out
* *
* returns WOLFSSL_SUCCESS on success */ * returns WOLFSSL_SUCCESS on success */
@ -13014,7 +13073,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
if (out->pctx == NULL) if (out->pctx == NULL)
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
return WOLFSSL_SUCCESS; return wolfSSL_EVP_MD_Copy_Hasher(out, (WOLFSSL_EVP_MD_CTX*)in);
} }
void wolfSSL_EVP_MD_CTX_init(WOLFSSL_EVP_MD_CTX* ctx) void wolfSSL_EVP_MD_CTX_init(WOLFSSL_EVP_MD_CTX* ctx)
@ -13199,6 +13258,51 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_ENTER("EVP_MD_CTX_cleanup"); WOLFSSL_ENTER("EVP_MD_CTX_cleanup");
if (ctx->pctx != NULL) if (ctx->pctx != NULL)
wolfSSL_EVP_PKEY_CTX_free(ctx->pctx); wolfSSL_EVP_PKEY_CTX_free(ctx->pctx);
if (ctx->macType == (NID_hmac & 0xFF)) {
wc_HmacFree(&ctx->hash.hmac);
}
else {
switch (ctx->macType) {
#ifndef NO_MD5
case WC_HASH_TYPE_MD5:
wc_Md5Free((wc_Md5*)&ctx->hash.digest);
break;
#endif /* !NO_MD5 */
#ifndef NO_SHA
case WC_HASH_TYPE_SHA:
wc_ShaFree((wc_Sha*)&ctx->hash.digest);
break;
#endif /* !NO_SHA */
#ifdef WOLFSSL_SHA224
case WC_HASH_TYPE_SHA224:
wc_Sha224Free((wc_Sha224*)&ctx->hash.digest);
break;
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
case WC_HASH_TYPE_SHA256:
wc_Sha256Free((wc_Sha256*)&ctx->hash.digest);
break;
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384
case WC_HASH_TYPE_SHA384:
wc_Sha384Free((wc_Sha384*)&ctx->hash.digest);
break;
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
case WC_HASH_TYPE_SHA512:
wc_Sha512Free((wc_Sha512*)&ctx->hash.digest);
break;
#endif /* WOLFSSL_SHA512 */
default:
return WOLFSSL_FAILURE;
}
}
ForceZero(ctx, sizeof(*ctx)); ForceZero(ctx, sizeof(*ctx));
ctx->macType = 0xFF; ctx->macType = 0xFF;
return 1; return 1;
@ -25292,106 +25396,112 @@ int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key,
} }
/* Deep copy of information from src to des structure /* helper function for Deep copy of internal wolfSSL hmac structure
* * returns WOLFSSL_SUCCESS on success */
* des destination to copy information to int wolfSSL_HmacCopy(Hmac* des, Hmac* src)
* src structure to get infromation from
*
* Returns SSL_SUCCESS on success and SSL_FAILURE on error
*/
int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_HMAC_CTX* src)
{ {
int ret = 0;
void* heap = NULL; void* heap = NULL;
WOLFSSL_ENTER("wolfSSL_HMAC_CTX_copy");
if (des == NULL || src == NULL) {
return SSL_FAILURE;
}
#ifndef HAVE_FIPS #ifndef HAVE_FIPS
heap = src->hmac.heap; heap = src->heap;
#endif #endif
if ((ret = wc_HmacInit(des, heap, 0)) != 0) {
if (wc_HmacInit(&des->hmac, heap, 0) != 0) { return WOLFSSL_FAILURE;
WOLFSSL_MSG("Error initializing HMAC");
return SSL_FAILURE;
} }
des->type = src->type;
/* requires that hash structures have no dynamic parts to them */ /* requires that hash structures have no dynamic parts to them */
switch (src->hmac.macType) { switch (src->macType) {
#ifndef NO_MD5 #ifndef NO_MD5
case WC_MD5: case WC_MD5:
wc_Md5Copy(&src->hmac.hash.md5, &des->hmac.hash.md5); wc_Md5Copy(&src->hash.md5, &des->hash.md5);
break; break;
#endif /* !NO_MD5 */ #endif /* !NO_MD5 */
#ifndef NO_SHA #ifndef NO_SHA
case WC_SHA: case WC_SHA:
wc_ShaCopy(&src->hmac.hash.sha, &des->hmac.hash.sha); wc_ShaCopy(&src->hash.sha, &des->hash.sha);
break; break;
#endif /* !NO_SHA */ #endif /* !NO_SHA */
#ifdef WOLFSSL_SHA224 #ifdef WOLFSSL_SHA224
case WC_SHA224: case WC_SHA224:
wc_Sha224Copy(&src->hmac.hash.sha224, &des->hmac.hash.sha224); wc_Sha224Copy(&src->hash.sha224, &des->hash.sha224);
break; break;
#endif /* WOLFSSL_SHA224 */ #endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256 #ifndef NO_SHA256
case WC_SHA256: case WC_SHA256:
wc_Sha256Copy(&src->hmac.hash.sha256, &des->hmac.hash.sha256); wc_Sha256Copy(&src->hash.sha256, &des->hash.sha256);
break; break;
#endif /* !NO_SHA256 */ #endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384 #ifdef WOLFSSL_SHA384
case WC_SHA384: case WC_SHA384:
wc_Sha384Copy(&src->hmac.hash.sha384, &des->hmac.hash.sha384); wc_Sha384Copy(&src->hash.sha384, &des->hash.sha384);
break; break;
#endif /* WOLFSSL_SHA384 */ #endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512 #ifdef WOLFSSL_SHA512
case WC_SHA512: case WC_SHA512:
wc_Sha512Copy(&src->hmac.hash.sha512, &des->hmac.hash.sha512); wc_Sha512Copy(&src->hash.sha512, &des->hash.sha512);
break; break;
#endif /* WOLFSSL_SHA512 */ #endif /* WOLFSSL_SHA512 */
default: default:
WOLFSSL_MSG("Unknown or unsupported hash type");
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
XMEMCPY((byte*)des->hmac.ipad, (byte*)src->hmac.ipad, WC_HMAC_BLOCK_SIZE); XMEMCPY((byte*)des->ipad, (byte*)src->ipad, WC_HMAC_BLOCK_SIZE);
XMEMCPY((byte*)des->hmac.opad, (byte*)src->hmac.opad, WC_HMAC_BLOCK_SIZE); XMEMCPY((byte*)des->opad, (byte*)src->opad, WC_HMAC_BLOCK_SIZE);
XMEMCPY((byte*)des->hmac.innerHash, (byte*)src->hmac.innerHash, XMEMCPY((byte*)des->innerHash, (byte*)src->innerHash, WC_MAX_DIGEST_SIZE);
WC_MAX_DIGEST_SIZE);
#ifndef HAVE_FIPS #ifndef HAVE_FIPS
des->hmac.heap = heap; des->heap = heap;
#endif #endif
des->hmac.macType = src->hmac.macType; des->macType = src->macType;
des->hmac.innerHashKeyed = src->hmac.innerHashKeyed; des->innerHashKeyed = src->innerHashKeyed;
#ifdef WOLFSSL_ASYNC_CRYPT
XMEMCPY(&des->asyncDev, &src->asyncDev, sizeof(WC_ASYNC_DEV));
des->keyLen = src->keyLen;
#ifdef HAVE_CAVIUM
des->data = (byte*)XMALLOC(src->dataLen, des->heap,
DYNAMIC_TYPE_HMAC);
if (des->data == NULL) {
return BUFFER_E;
}
XMEMCPY(des->data, src->data, src->dataLen);
des->dataLen = src->dataLen;
#endif /* HAVE_CAVIUM */
#endif /* WOLFSSL_ASYNC_CRYPT */
return WOLFSSL_SUCCESS;
}
/* Deep copy of information from src to des structure
*
* des destination to copy information to
* src structure to get infromation from
*
* Returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on error
*/
int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_HMAC_CTX* src)
{
WOLFSSL_ENTER("wolfSSL_HMAC_CTX_copy");
if (des == NULL || src == NULL) {
return WOLFSSL_FAILURE;
}
des->type = src->type;
XMEMCPY((byte *)&des->save_ipad, (byte *)&src->hmac.ipad, XMEMCPY((byte *)&des->save_ipad, (byte *)&src->hmac.ipad,
WC_HMAC_BLOCK_SIZE); WC_HMAC_BLOCK_SIZE);
XMEMCPY((byte *)&des->save_opad, (byte *)&src->hmac.opad, XMEMCPY((byte *)&des->save_opad, (byte *)&src->hmac.opad,
WC_HMAC_BLOCK_SIZE); WC_HMAC_BLOCK_SIZE);
#ifdef WOLFSSL_ASYNC_CRYPT return wolfSSL_HmacCopy(&des->hmac, &src->hmac);
XMEMCPY(&des->hmac.asyncDev, &src->hmac.asyncDev, sizeof(WC_ASYNC_DEV));
des->hmac.keyLen = src->hmac.keyLen;
#ifdef HAVE_CAVIUM
des->hmac.data = (byte*)XMALLOC(src->hmac.dataLen, des->hmac.heap,
DYNAMIC_TYPE_HMAC);
if (des->hmac.data == NULL) {
return BUFFER_E;
}
XMEMCPY(des->hmac.data, src->hmac.data, src->hmac.dataLen);
des->hmac.dataLen = src->hmac.dataLen;
#endif /* HAVE_CAVIUM */
#endif /* WOLFSSL_ASYNC_CRYPT */
return WOLFSSL_SUCCESS;
} }
#if defined(HAVE_FIPS) && \ #if defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
@ -25559,6 +25669,7 @@ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
/* OpenSSL compat, no error */ /* OpenSSL compat, no error */
} else if(ctx->type >= 0) { /* MD5 == 0 */ } else if(ctx->type >= 0) { /* MD5 == 0 */
WOLFSSL_MSG("recover hmac"); WOLFSSL_MSG("recover hmac");
wc_HmacFree(&ctx->hmac);
if (wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID) == 0) { if (wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID) == 0) {
ctx->hmac.macType = (byte)ctx->type; ctx->hmac.macType = (byte)ctx->type;
ctx->hmac.innerHashKeyed = 0; ctx->hmac.innerHashKeyed = 0;

3
tests/api.c
View File

@ -17475,6 +17475,7 @@ static void test_wolfSSL_EVP_MD_hmac_signing(void)
1); 1);
AssertIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, testResult, checkSz), 1); AssertIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, testResult, checkSz), 1);
AssertIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx); wolfSSL_EVP_MD_CTX_init(&mdCtx);
AssertIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), AssertIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, key), 1); NULL, key), 1);
@ -17489,6 +17490,7 @@ static void test_wolfSSL_EVP_MD_hmac_signing(void)
AssertIntEQ((int)checkSz,(int)sizeof(testResult)); AssertIntEQ((int)checkSz,(int)sizeof(testResult));
AssertIntEQ(XMEMCMP(testResult, check, sizeof(testResult)), 0); AssertIntEQ(XMEMCMP(testResult, check, sizeof(testResult)), 0);
AssertIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
AssertIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), AssertIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, key), 1); NULL, key), 1);
AssertIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, 4), 1); AssertIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, 4), 1);
@ -20355,6 +20357,7 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS); AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
HMAC_CTX_cleanup(&ctx1);
HMAC_CTX_cleanup(&ctx2); HMAC_CTX_cleanup(&ctx2);
AssertIntEQ(digestSz, digestSz2); AssertIntEQ(digestSz, digestSz2);
AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0); AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);

7
wolfcrypt/src/evp.c
View File

@ -1133,6 +1133,7 @@ const unsigned char* wolfSSL_EVP_PKEY_get0_hmac(const WOLFSSL_EVP_PKEY* pkey,
return (const unsigned char*)pkey->pkey.ptr; return (const unsigned char*)pkey->pkey.ptr;
} }
/* Initialize an EVP_DigestSign/Verify operation. /* Initialize an EVP_DigestSign/Verify operation.
* Initialize a digest for RSA and ECC keys, or HMAC for HMAC key. * Initialize a digest for RSA and ECC keys, or HMAC for HMAC key.
*/ */
@ -1240,10 +1241,10 @@ static int wolfssl_evp_digest_pk_final(WOLFSSL_EVP_MD_CTX *ctx,
if (ctx->macType != (NID_hmac & 0xFF)) if (ctx->macType != (NID_hmac & 0xFF))
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
XMEMCPY(&hmacCopy, &ctx->hash.hmac, sizeof(hmacCopy)); if (wolfSSL_HmacCopy(&hmacCopy, &ctx->hash.hmac) != WOLFSSL_SUCCESS)
return WOLFSSL_FAILURE;
ret = wc_HmacFinal(&hmacCopy, md) == 0; ret = wc_HmacFinal(&hmacCopy, md) == 0;
wc_HmacFree(&hmacCopy);
ForceZero(&hmacCopy, sizeof(hmacCopy));
return ret; return ret;
} }
else { else {

3
wolfssl/openssl/aes.h
View File

@ -53,6 +53,9 @@ typedef struct WOLFSSL_AES_KEY {
/* large enough for additional devcrypto information */ /* large enough for additional devcrypto information */
void* devKey[288 / sizeof(void*)]; void* devKey[288 / sizeof(void*)];
#endif #endif
#ifdef WOLFSSL_AFALG
void* afalg_holder[288 / sizeof(void*)];
#endif
} WOLFSSL_AES_KEY; } WOLFSSL_AES_KEY;
typedef WOLFSSL_AES_KEY AES_KEY; typedef WOLFSSL_AES_KEY AES_KEY;

1
wolfssl/openssl/hmac.h
View File

@ -61,6 +61,7 @@ typedef struct WOLFSSL_HMAC_CTX {
WOLFSSL_API int wolfSSL_HMAC_CTX_Init(WOLFSSL_HMAC_CTX* ctx); WOLFSSL_API int wolfSSL_HMAC_CTX_Init(WOLFSSL_HMAC_CTX* ctx);
WOLFSSL_API int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_API int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des,
WOLFSSL_HMAC_CTX* src); WOLFSSL_HMAC_CTX* src);
WOLFSSL_LOCAL int wolfSSL_HmacCopy(Hmac* des, Hmac* src);
WOLFSSL_API int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, WOLFSSL_API int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key,
int keylen, const EVP_MD* type); int keylen, const EVP_MD* type);
WOLFSSL_API int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key, WOLFSSL_API int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key,