From 85640149832ce3281a86b0718ba5e78f88882777 Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 20 Mar 2013 10:14:06 -0700 Subject: [PATCH] add mcapi hash with tests --- .gitignore | 1 + Makefile.am | 1 + configure.ac | 20 ++++ cyassl/openssl/sha.h | 2 +- mcapi/crypto.c | 189 +++++++++++++++++++++++++++++++++++ mcapi/crypto.h | 112 +++++++++++++++++++++ mcapi/include.am | 14 +++ mcapi/test.c | 231 +++++++++++++++++++++++++++++++++++++++++++ 8 files changed, 569 insertions(+), 1 deletion(-) create mode 100644 mcapi/crypto.c create mode 100644 mcapi/crypto.h create mode 100644 mcapi/include.am create mode 100644 mcapi/test.c diff --git a/.gitignore b/.gitignore index 1d8b7f5bd..bf1d9b1e1 100644 --- a/.gitignore +++ b/.gitignore @@ -37,6 +37,7 @@ examples/echoserver/echoserver examples/server/server snifftest output +mcapi/test testsuite/testsuite tests/unit testsuite/*.der diff --git a/Makefile.am b/Makefile.am index c4a8bf788..05a6c655d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -63,6 +63,7 @@ include mqx/util_lib/Sources/include.am include mplabx/ctaocrypt_benchmark.X/nbproject/include.am include mplabx/ctaocrypt_test.X/nbproject/include.am include mplabx/cyassl.X/nbproject/include.am +include mcapi/include.am if USE_VALGRIND TESTS_ENVIRONMENT=./valgrind-error.sh diff --git a/configure.ac b/configure.ac index 63a1cc0b4..4f2c2f66a 100644 --- a/configure.ac +++ b/configure.ac @@ -1022,6 +1022,26 @@ fi AM_CONDITIONAL([USE_VALGRIND], [test "x$ENABLED_VALGRIND" = "xyes"]) +# microchip api +AC_ARG_ENABLE([mcapi], + [ --enable-mcapi Enable Microchip API (default: disabled)], + [ ENABLED_MCAPI=$enableval ], + [ ENABLED_MCAPI=no ] + ) + +if test "$ENABLED_MCAPI" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_MCAPI" +fi + +if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_SHA512" = "no" +then + AC_MSG_ERROR([please enable sha512 if enabling mcapi.]) +fi + +AM_CONDITIONAL([BUILD_MCAPI], [test "x$ENABLED_MCAPI" = "xyes"]) + + # Test certs, use internal cert functions for extra testing AC_ARG_ENABLE([testcert], [ --enable-testcert Enable Test Cert (default: disabled)], diff --git a/cyassl/openssl/sha.h b/cyassl/openssl/sha.h index 0b37a9bbf..9545795e2 100644 --- a/cyassl/openssl/sha.h +++ b/cyassl/openssl/sha.h @@ -54,7 +54,7 @@ CYASSL_API void CyaSSL_SHA256_Update(CYASSL_SHA256_CTX*, const void*, CYASSL_API void CyaSSL_SHA256_Final(unsigned char*, CYASSL_SHA256_CTX*); enum { - SHA256_DIGEST_LENGTH = 20 + SHA256_DIGEST_LENGTH = 32 }; diff --git a/mcapi/crypto.c b/mcapi/crypto.c new file mode 100644 index 000000000..5c4c07b9f --- /dev/null +++ b/mcapi/crypto.c @@ -0,0 +1,189 @@ +/* crypto.c + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +/* Implements Microchip CRYPTO API layer */ + + + +#include "crypto.h" + +#include +#include +#include +#include + + +/* Initialize MD5 */ +int CRYPT_MD5_Initialize(CRYPT_MD5_CTX* md5) +{ + typedef char md5_test[sizeof(CRYPT_MD5_CTX) >= sizeof(Md5) ? 1 : -1]; + (void)sizeof(md5_test); + + InitMd5((Md5*)md5); + + return 0; +} + + +/* Add data to MD5 */ +int CRYPT_MD5_DataAdd(CRYPT_MD5_CTX* md5, const unsigned char* input, + unsigned int sz) +{ + Md5Update((Md5*)md5, input, sz); + + return 0; +} + + +/* Get MD5 Final into digest */ +int CRYPT_MD5_Finalize(CRYPT_MD5_CTX* md5, unsigned char* digest) +{ + Md5Final((Md5*)md5, digest); + + return 0; +} + + +/* Initialize SHA */ +int CRYPT_SHA_Initialize(CRYPT_SHA_CTX* sha) +{ + typedef char sha_test[sizeof(CRYPT_SHA_CTX) >= sizeof(Sha) ? 1 : -1]; + (void)sizeof(sha_test); + + InitSha((Sha*)sha); + + return 0; +} + + +/* Add data to SHA */ +int CRYPT_SHA_DataAdd(CRYPT_SHA_CTX* sha, const unsigned char* input, + unsigned int sz) +{ + ShaUpdate((Sha*)sha, input, sz); + + return 0; +} + + +/* Get SHA Final into digest */ +int CRYPT_SHA_Finalize(CRYPT_SHA_CTX* sha, unsigned char* digest) +{ + ShaFinal((Sha*)sha, digest); + + return 0; +} + + +/* Initialize SHA-256 */ +int CRYPT_SHA256_Initialize(CRYPT_SHA256_CTX* sha256) +{ + typedef char sha_test[sizeof(CRYPT_SHA256_CTX) >= sizeof(Sha256) ? 1 : -1]; + (void)sizeof(sha_test); + + InitSha256((Sha256*)sha256); + + return 0; +} + + +/* Add data to SHA-256 */ +int CRYPT_SHA256_DataAdd(CRYPT_SHA256_CTX* sha256, const unsigned char* input, + unsigned int sz) +{ + Sha256Update((Sha256*)sha256, input, sz); + + return 0; +} + + +/* Get SHA-256 Final into digest */ +int CRYPT_SHA256_Finalize(CRYPT_SHA256_CTX* sha256, unsigned char* digest) +{ + Sha256Final((Sha256*)sha256, digest); + + return 0; +} + + +/* Initialize SHA-384 */ +int CRYPT_SHA384_Initialize(CRYPT_SHA384_CTX* sha384) +{ + typedef char sha_test[sizeof(CRYPT_SHA384_CTX) >= sizeof(Sha384) ? 1 : -1]; + (void)sizeof(sha_test); + + InitSha384((Sha384*)sha384); + + return 0; +} + + +/* Add data to SHA-384 */ +int CRYPT_SHA384_DataAdd(CRYPT_SHA384_CTX* sha384, const unsigned char* input, + unsigned int sz) +{ + Sha384Update((Sha384*)sha384, input, sz); + + return 0; +} + + +/* Get SHA-384 Final into digest */ +int CRYPT_SHA384_Finalize(CRYPT_SHA384_CTX* sha384, unsigned char* digest) +{ + Sha384Final((Sha384*)sha384, digest); + + return 0; +} + + +/* Initialize SHA-512 */ +int CRYPT_SHA512_Initialize(CRYPT_SHA512_CTX* sha512) +{ + typedef char sha_test[sizeof(CRYPT_SHA512_CTX) >= sizeof(Sha512) ? 1 : -1]; + (void)sizeof(sha_test); + + InitSha512((Sha512*)sha512); + + return 0; +} + + +/* Add data to SHA-512 */ +int CRYPT_SHA512_DataAdd(CRYPT_SHA512_CTX* sha512, const unsigned char* input, + unsigned int sz) +{ + Sha512Update((Sha512*)sha512, input, sz); + + return 0; +} + + +/* Get SHA-512 Final into digest */ +int CRYPT_SHA512_Finalize(CRYPT_SHA512_CTX* sha512, unsigned char* digest) +{ + Sha512Final((Sha512*)sha512, digest); + + return 0; +} + + diff --git a/mcapi/crypto.h b/mcapi/crypto.h new file mode 100644 index 000000000..f30b3b711 --- /dev/null +++ b/mcapi/crypto.h @@ -0,0 +1,112 @@ +/* crypto.h + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +/* Defines Microchip CRYPTO API layer */ + + +#ifndef MC_CRYPTO_API_H +#define MC_CRYPTO_API_H + + +#ifdef __cplusplus + extern "C" { +#endif + +/* MD5 */ +typedef struct CRYPT_MD5_CTX { + int holder[24]; /* big enough to hold internal, but check on init */ +} CRYPT_MD5_CTX; + +int CRYPT_MD5_Initialize(CRYPT_MD5_CTX*); +int CRYPT_MD5_DataAdd(CRYPT_MD5_CTX*, const unsigned char*, unsigned int); +int CRYPT_MD5_Finalize(CRYPT_MD5_CTX*, unsigned char*); + +enum { + CRYPT_MD5_DIGEST_SIZE = 16 +}; + + +/* SHA */ +typedef struct CRYPT_SHA_CTX { + int holder[24]; /* big enough to hold internal, but check on init */ +} CRYPT_SHA_CTX; + +int CRYPT_SHA_Initialize(CRYPT_SHA_CTX*); +int CRYPT_SHA_DataAdd(CRYPT_SHA_CTX*, const unsigned char*, unsigned int); +int CRYPT_SHA_Finalize(CRYPT_SHA_CTX*, unsigned char*); + +enum { + CRYPT_SHA_DIGEST_SIZE = 20 +}; + + +/* SHA-256 */ +typedef struct CRYPT_SHA256_CTX { + int holder[28]; /* big enough to hold internal, but check on init */ +} CRYPT_SHA256_CTX; + +int CRYPT_SHA256_Initialize(CRYPT_SHA256_CTX*); +int CRYPT_SHA256_DataAdd(CRYPT_SHA256_CTX*, const unsigned char*, unsigned int); +int CRYPT_SHA256_Finalize(CRYPT_SHA256_CTX*, unsigned char*); + +enum { + CRYPT_SHA256_DIGEST_SIZE = 32 +}; + + +/* SHA-384 */ +typedef struct CRYPT_SHA384_CTX { + long long holder[32]; /* big enough to hold internal, but check on init */ +} CRYPT_SHA384_CTX; + +int CRYPT_SHA384_Initialize(CRYPT_SHA384_CTX*); +int CRYPT_SHA384_DataAdd(CRYPT_SHA384_CTX*, const unsigned char*, unsigned int); +int CRYPT_SHA384_Finalize(CRYPT_SHA384_CTX*, unsigned char*); + +enum { + CRYPT_SHA384_DIGEST_SIZE = 48 +}; + + +/* SHA-512 */ +typedef struct CRYPT_SHA512_CTX { + long long holder[36]; /* big enough to hold internal, but check on init */ +} CRYPT_SHA512_CTX; + +int CRYPT_SHA512_Initialize(CRYPT_SHA512_CTX*); +int CRYPT_SHA512_DataAdd(CRYPT_SHA512_CTX*, const unsigned char*, unsigned int); +int CRYPT_SHA512_Finalize(CRYPT_SHA512_CTX*, unsigned char*); + +enum { + CRYPT_SHA512_DIGEST_SIZE = 64 +}; + + + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* MC_CRYPTO_API_H */ + diff --git a/mcapi/include.am b/mcapi/include.am new file mode 100644 index 000000000..7486c0fd5 --- /dev/null +++ b/mcapi/include.am @@ -0,0 +1,14 @@ +# vim:ft=automake +# included from Top Level Makefile.am +# All paths should be given relative to the root + +if BUILD_MCAPI +check_PROGRAMS += mcapi/test +noinst_PROGRAMS += mcapi/test +mcapi_test_SOURCES = mcapi/crypto.c \ + mcapi/test.c +mcapi_test_LDADD = src/libcyassl.la +mcapi_test_DEPENDENCIES = src/libcyassl.la +endif + +noinst_HEADERS += mcapi/crypto.h diff --git a/mcapi/test.c b/mcapi/test.c new file mode 100644 index 000000000..03705ee4c --- /dev/null +++ b/mcapi/test.c @@ -0,0 +1,231 @@ +/* test.c + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +/* Tests Microchip CRYPTO API layer */ + + + +/* mc api header */ +#include "crypto.h" + +/* sanity test against our default implementation, cyassl headers */ +#include +#include +#include +#include + +/* c stdlib headers */ +#include + + +#define OUR_DATA_SIZE 1024 +static byte ourData[OUR_DATA_SIZE]; + +static int check_md5(void); +static int check_sha(void); +static int check_sha256(void); +static int check_sha384(void); +static int check_sha512(void); + + +int main(int argc, char** argv) +{ + int ret; + int i; + + (void)argc; + (void)argv; + + for (i = 0; i < OUR_DATA_SIZE; i++) + ourData[i] = (byte)i; + + ret = check_md5(); + if (ret != 0) { + printf("mcapi check_md5 failed\n"); + return -1; + } + + ret = check_sha(); + if (ret != 0) { + printf("mcapi check_sha failed\n"); + return -1; + } + + ret = check_sha256(); + if (ret != 0) { + printf("mcapi check_sha256 failed\n"); + return -1; + } + + ret = check_sha384(); + if (ret != 0) { + printf("mcapi check_sha384 failed\n"); + return -1; + } + + ret = check_sha512(); + if (ret != 0) { + printf("mcapi check_sha512 failed\n"); + return -1; + } + + + + return 0; +} + + +/* check mcapi md5 against internal */ +static int check_md5(void) +{ + CRYPT_MD5_CTX mcMd5; + Md5 defMd5; + byte mcDigest[CRYPT_MD5_DIGEST_SIZE]; + byte defDigest[MD5_DIGEST_SIZE]; + + CRYPT_MD5_Initialize(&mcMd5); + InitMd5(&defMd5); + + CRYPT_MD5_DataAdd(&mcMd5, ourData, OUR_DATA_SIZE); + Md5Update(&defMd5, ourData, OUR_DATA_SIZE); + + CRYPT_MD5_Finalize(&mcMd5, mcDigest); + Md5Final(&defMd5, defDigest); + + if (memcmp(mcDigest, defDigest, CRYPT_MD5_DIGEST_SIZE) != 0) { + printf("md5 final memcmp fialed\n"); + return -1; + } + printf("md5 mcapi test passed\n"); + + return 0; +} + + +/* check mcapi sha against internal */ +static int check_sha(void) +{ + CRYPT_SHA_CTX mcSha; + Sha defSha; + byte mcDigest[CRYPT_SHA_DIGEST_SIZE]; + byte defDigest[SHA_DIGEST_SIZE]; + + CRYPT_SHA_Initialize(&mcSha); + InitSha(&defSha); + + CRYPT_SHA_DataAdd(&mcSha, ourData, OUR_DATA_SIZE); + ShaUpdate(&defSha, ourData, OUR_DATA_SIZE); + + CRYPT_SHA_Finalize(&mcSha, mcDigest); + ShaFinal(&defSha, defDigest); + + if (memcmp(mcDigest, defDigest, CRYPT_SHA_DIGEST_SIZE) != 0) { + printf("sha final memcmp fialed\n"); + return -1; + } + printf("sha mcapi test passed\n"); + + return 0; +} + + +/* check mcapi sha256 against internal */ +static int check_sha256(void) +{ + CRYPT_SHA256_CTX mcSha256; + Sha256 defSha256; + byte mcDigest[CRYPT_SHA256_DIGEST_SIZE]; + byte defDigest[SHA256_DIGEST_SIZE]; + + CRYPT_SHA256_Initialize(&mcSha256); + InitSha256(&defSha256); + + CRYPT_SHA256_DataAdd(&mcSha256, ourData, OUR_DATA_SIZE); + Sha256Update(&defSha256, ourData, OUR_DATA_SIZE); + + CRYPT_SHA256_Finalize(&mcSha256, mcDigest); + Sha256Final(&defSha256, defDigest); + + if (memcmp(mcDigest, defDigest, CRYPT_SHA256_DIGEST_SIZE) != 0) { + printf("sha256 final memcmp fialed\n"); + return -1; + } + printf("sha256 mcapi test passed\n"); + + return 0; +} + + +/* check mcapi sha384 against internal */ +static int check_sha384(void) +{ + CRYPT_SHA384_CTX mcSha384; + Sha384 defSha384; + byte mcDigest[CRYPT_SHA384_DIGEST_SIZE]; + byte defDigest[SHA384_DIGEST_SIZE]; + + CRYPT_SHA384_Initialize(&mcSha384); + InitSha384(&defSha384); + + CRYPT_SHA384_DataAdd(&mcSha384, ourData, OUR_DATA_SIZE); + Sha384Update(&defSha384, ourData, OUR_DATA_SIZE); + + CRYPT_SHA384_Finalize(&mcSha384, mcDigest); + Sha384Final(&defSha384, defDigest); + + if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) { + printf("sha384 final memcmp fialed\n"); + return -1; + } + printf("sha384 mcapi test passed\n"); + + return 0; +} + + +/* check mcapi sha512 against internal */ +static int check_sha512(void) +{ + CRYPT_SHA512_CTX mcSha512; + Sha512 defSha512; + byte mcDigest[CRYPT_SHA512_DIGEST_SIZE]; + byte defDigest[SHA512_DIGEST_SIZE]; + + CRYPT_SHA512_Initialize(&mcSha512); + InitSha512(&defSha512); + + CRYPT_SHA512_DataAdd(&mcSha512, ourData, OUR_DATA_SIZE); + Sha512Update(&defSha512, ourData, OUR_DATA_SIZE); + + CRYPT_SHA512_Finalize(&mcSha512, mcDigest); + Sha512Final(&defSha512, defDigest); + + if (memcmp(mcDigest, defDigest, CRYPT_SHA512_DIGEST_SIZE) != 0) { + printf("sha512 final memcmp fialed\n"); + return -1; + } + printf("sha512 mcapi test passed\n"); + + return 0; +} + +