feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

SHA256, SHA384 and SHA512 error propagation. Major impact on Hmac functions with error propagation.

Browse Source
This commit is contained in:
Moisés Guimarães
2014-04-14 10:36:17 -03:00
parent 644bb9c524
commit 32e2d7016f
8 changed files with 303 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
ctaocrypt/src/ecc.c
View File

@@ -3834,9 +3834,15 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
ret = HmacSetKey(&hmac, SHA256, macKey, SHA256_DIGEST_SIZE); ret = HmacSetKey(&hmac, SHA256, macKey, SHA256_DIGEST_SIZE);
if (ret != 0) if (ret != 0)
return ret; return ret;
HmacUpdate(&hmac, out, msgSz); ret = HmacUpdate(&hmac, out, msgSz);
HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz); if (ret != 0)
HmacFinal(&hmac, out+msgSz); return ret;
ret = HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz);
if (ret != 0)
return ret;
ret = HmacFinal(&hmac, out+msgSz);
if (ret != 0)
return ret;
} }
break; break;
@@ -3939,9 +3945,15 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
ret = HmacSetKey(&hmac, SHA256, macKey, SHA256_DIGEST_SIZE); ret = HmacSetKey(&hmac, SHA256, macKey, SHA256_DIGEST_SIZE);
if (ret != 0) if (ret != 0)
return ret; return ret;
HmacUpdate(&hmac, msg, msgSz-digestSz); ret = HmacUpdate(&hmac, msg, msgSz-digestSz);
HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz); if (ret != 0)
HmacFinal(&hmac, verify); return ret;
ret = HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz);
if (ret != 0)
return ret;
ret = HmacFinal(&hmac, verify);
if (ret != 0)
return ret;
if (memcmp(verify, msg + msgSz - digestSz, digestSz) != 0) { if (memcmp(verify, msg + msgSz - digestSz, digestSz) != 0) {
return -1; return -1;

172
ctaocrypt/src/hmac.c
View File

@@ -172,8 +172,14 @@ int HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
XMEMCPY(ip, key, length); XMEMCPY(ip, key, length);
} }
else { else {
Sha256Update(&hmac->hash.sha256, key, length); ret = Sha256Update(&hmac->hash.sha256, key, length);
Sha256Final(&hmac->hash.sha256, ip); if (ret != 0)
return ret;
ret = Sha256Final(&hmac->hash.sha256, ip);
if (ret != 0)
return ret;
length = SHA256_DIGEST_SIZE; length = SHA256_DIGEST_SIZE;
} }
} }
@@ -188,8 +194,14 @@ int HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
XMEMCPY(ip, key, length); XMEMCPY(ip, key, length);
} }
else { else {
Sha384Update(&hmac->hash.sha384, key, length); ret = Sha384Update(&hmac->hash.sha384, key, length);
Sha384Final(&hmac->hash.sha384, ip); if (ret != 0)
return ret;
ret = Sha384Final(&hmac->hash.sha384, ip);
if (ret != 0)
return ret;
length = SHA384_DIGEST_SIZE; length = SHA384_DIGEST_SIZE;
} }
} }
@@ -204,8 +216,14 @@ int HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
XMEMCPY(ip, key, length); XMEMCPY(ip, key, length);
} }
else { else {
Sha512Update(&hmac->hash.sha512, key, length); ret = Sha512Update(&hmac->hash.sha512, key, length);
Sha512Final(&hmac->hash.sha512, ip); if (ret != 0)
return ret;
ret = Sha512Final(&hmac->hash.sha512, ip);
if (ret != 0)
return ret;
length = SHA512_DIGEST_SIZE; length = SHA512_DIGEST_SIZE;
} }
} }
@@ -242,8 +260,10 @@ int HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
} }
static void HmacKeyInnerHash(Hmac* hmac) static int HmacKeyInnerHash(Hmac* hmac)
{ {
int ret = 0;
switch (hmac->macType) { switch (hmac->macType) {
#ifndef NO_MD5 #ifndef NO_MD5
case MD5: case MD5:
@@ -259,22 +279,28 @@ static void HmacKeyInnerHash(Hmac* hmac)
#ifndef NO_SHA256 #ifndef NO_SHA256
case SHA256: case SHA256:
Sha256Update(&hmac->hash.sha256, ret = Sha256Update(&hmac->hash.sha256,
(byte*) hmac->ipad, SHA256_BLOCK_SIZE); (byte*) hmac->ipad, SHA256_BLOCK_SIZE);
if (ret != 0)
return ret;
break; break;
#endif #endif
#ifdef CYASSL_SHA384 #ifdef CYASSL_SHA384
case SHA384: case SHA384:
Sha384Update(&hmac->hash.sha384, ret = Sha384Update(&hmac->hash.sha384,
(byte*) hmac->ipad, SHA384_BLOCK_SIZE); (byte*) hmac->ipad, SHA384_BLOCK_SIZE);
if (ret != 0)
return ret;
break; break;
#endif #endif
#ifdef CYASSL_SHA512 #ifdef CYASSL_SHA512
case SHA512: case SHA512:
Sha512Update(&hmac->hash.sha512, ret = Sha512Update(&hmac->hash.sha512,
(byte*) hmac->ipad, SHA512_BLOCK_SIZE); (byte*) hmac->ipad, SHA512_BLOCK_SIZE);
if (ret != 0)
return ret;
break; break;
#endif #endif
@@ -290,18 +316,25 @@ static void HmacKeyInnerHash(Hmac* hmac)
} }
hmac->innerHashKeyed = 1; hmac->innerHashKeyed = 1;
return ret;
} }
int HmacUpdate(Hmac* hmac, const byte* msg, word32 length) int HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
{ {
int ret;
#ifdef HAVE_CAVIUM #ifdef HAVE_CAVIUM
if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC) if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumUpdate(hmac, msg, length); return HmacCaviumUpdate(hmac, msg, length);
#endif #endif
if (!hmac->innerHashKeyed) if (!hmac->innerHashKeyed) {
HmacKeyInnerHash(hmac); ret = HmacKeyInnerHash(hmac);
if (ret != 0)
return ret;
}
switch (hmac->macType) { switch (hmac->macType) {
#ifndef NO_MD5 #ifndef NO_MD5
@@ -318,19 +351,25 @@ int HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
#ifndef NO_SHA256 #ifndef NO_SHA256
case SHA256: case SHA256:
Sha256Update(&hmac->hash.sha256, msg, length); ret = Sha256Update(&hmac->hash.sha256, msg, length);
if (ret != 0)
return ret;
break; break;
#endif #endif
#ifdef CYASSL_SHA384 #ifdef CYASSL_SHA384
case SHA384: case SHA384:
Sha384Update(&hmac->hash.sha384, msg, length); ret = Sha384Update(&hmac->hash.sha384, msg, length);
if (ret != 0)
return ret;
break; break;
#endif #endif
#ifdef CYASSL_SHA512 #ifdef CYASSL_SHA512
case SHA512: case SHA512:
Sha512Update(&hmac->hash.sha512, msg, length); ret = Sha512Update(&hmac->hash.sha512, msg, length);
if (ret != 0)
return ret;
break; break;
#endif #endif
@@ -350,13 +389,18 @@ int HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
int HmacFinal(Hmac* hmac, byte* hash) int HmacFinal(Hmac* hmac, byte* hash)
{ {
int ret;
#ifdef HAVE_CAVIUM #ifdef HAVE_CAVIUM
if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC) if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumFinal(hmac, hash); return HmacCaviumFinal(hmac, hash);
#endif #endif
if (!hmac->innerHashKeyed) if (!hmac->innerHashKeyed) {
HmacKeyInnerHash(hmac); ret = HmacKeyInnerHash(hmac);
if (ret != 0)
return ret;
}
switch (hmac->macType) { switch (hmac->macType) {
#ifndef NO_MD5 #ifndef NO_MD5
@@ -390,14 +434,23 @@ int HmacFinal(Hmac* hmac, byte* hash)
#ifndef NO_SHA256 #ifndef NO_SHA256
case SHA256: case SHA256:
{ {
Sha256Final(&hmac->hash.sha256, (byte*) hmac->innerHash); ret = Sha256Final(&hmac->hash.sha256, (byte*) hmac->innerHash);
if (ret != 0)
return ret;
Sha256Update(&hmac->hash.sha256, ret = Sha256Update(&hmac->hash.sha256,
(byte*) hmac->opad, SHA256_BLOCK_SIZE); (byte*) hmac->opad, SHA256_BLOCK_SIZE);
Sha256Update(&hmac->hash.sha256, if (ret != 0)
(byte*) hmac->innerHash, SHA256_DIGEST_SIZE); return ret;
Sha256Final(&hmac->hash.sha256, hash); ret = Sha256Update(&hmac->hash.sha256,
(byte*) hmac->innerHash, SHA256_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = Sha256Final(&hmac->hash.sha256, hash);
if (ret != 0)
return ret;
} }
break; break;
#endif #endif
@@ -405,14 +458,23 @@ int HmacFinal(Hmac* hmac, byte* hash)
#ifdef CYASSL_SHA384 #ifdef CYASSL_SHA384
case SHA384: case SHA384:
{ {
Sha384Final(&hmac->hash.sha384, (byte*) hmac->innerHash); ret = Sha384Final(&hmac->hash.sha384, (byte*) hmac->innerHash);
if (ret != 0)
return ret;
Sha384Update(&hmac->hash.sha384, ret = Sha384Update(&hmac->hash.sha384,
(byte*) hmac->opad, SHA384_BLOCK_SIZE); (byte*) hmac->opad, SHA384_BLOCK_SIZE);
Sha384Update(&hmac->hash.sha384, if (ret != 0)
(byte*) hmac->innerHash, SHA384_DIGEST_SIZE); return ret;
Sha384Final(&hmac->hash.sha384, hash); ret = Sha384Update(&hmac->hash.sha384,
(byte*) hmac->innerHash, SHA384_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = Sha384Final(&hmac->hash.sha384, hash);
if (ret != 0)
return ret;
} }
break; break;
#endif #endif
@@ -420,14 +482,23 @@ int HmacFinal(Hmac* hmac, byte* hash)
#ifdef CYASSL_SHA512 #ifdef CYASSL_SHA512
case SHA512: case SHA512:
{ {
Sha512Final(&hmac->hash.sha512, (byte*) hmac->innerHash); ret = Sha512Final(&hmac->hash.sha512, (byte*) hmac->innerHash);
if (ret != 0)
return ret;
Sha512Update(&hmac->hash.sha512, ret = Sha512Update(&hmac->hash.sha512,
(byte*) hmac->opad, SHA512_BLOCK_SIZE); (byte*) hmac->opad, SHA512_BLOCK_SIZE);
Sha512Update(&hmac->hash.sha512, if (ret != 0)
(byte*) hmac->innerHash, SHA512_DIGEST_SIZE); return ret;
Sha512Final(&hmac->hash.sha512, hash); ret = Sha512Update(&hmac->hash.sha512,
(byte*) hmac->innerHash, SHA512_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = Sha512Final(&hmac->hash.sha512, hash);
if (ret != 0)
return ret;
} }
break; break;
#endif #endif
@@ -646,6 +717,7 @@ int HKDF(int type, const byte* inKey, word32 inKeySz,
int hashSz = GetHashSizeByType(type); int hashSz = GetHashSizeByType(type);
word32 outIdx = 0; word32 outIdx = 0;
byte n = 0x1; byte n = 0x1;
int ret;
if (hashSz < 0) if (hashSz < 0)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
@@ -657,23 +729,35 @@ int HKDF(int type, const byte* inKey, word32 inKeySz,
saltSz = hashSz; saltSz = hashSz;
} }
if (HmacSetKey(&myHmac, type, localSalt, saltSz) != 0) ret = HmacSetKey(&myHmac, type, localSalt, saltSz);
return BAD_FUNC_ARG; if (ret != 0)
return ret;
HmacUpdate(&myHmac, inKey, inKeySz); ret = HmacUpdate(&myHmac, inKey, inKeySz);
HmacFinal(&myHmac, prk); if (ret != 0)
return ret;
ret = HmacFinal(&myHmac, prk);
if (ret != 0)
return ret;
while (outIdx < outSz) { while (outIdx < outSz) {
int tmpSz = (n == 1) ? 0 : hashSz; int tmpSz = (n == 1) ? 0 : hashSz;
word32 left = outSz - outIdx; word32 left = outSz - outIdx;
if (HmacSetKey(&myHmac, type, prk, hashSz) != 0) ret = HmacSetKey(&myHmac, type, prk, hashSz);
return BAD_FUNC_ARG; if (ret != 0)
return ret;
HmacUpdate(&myHmac, tmp, tmpSz); ret = HmacUpdate(&myHmac, tmp, tmpSz);
HmacUpdate(&myHmac, info, infoSz); if (ret != 0)
HmacUpdate(&myHmac, &n, 1); return ret;
HmacFinal(&myHmac, tmp); ret = HmacUpdate(&myHmac, info, infoSz);
if (ret != 0)
return ret;
ret = HmacUpdate(&myHmac, &n, 1);
if (ret != 0)
return ret;
ret = HmacFinal(&myHmac, tmp);
if (ret != 0)
return ret;
left = min(left, (word32)hashSz); left = min(left, (word32)hashSz);
XMEMCPY(out+outIdx, tmp, left); XMEMCPY(out+outIdx, tmp, left);

23
ctaocrypt/src/pwdbased.c
View File

@@ -151,21 +151,34 @@ int PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
while (kLen) { while (kLen) {
int currentLen; int currentLen;
HmacUpdate(&hmac, salt, sLen);
ret = HmacUpdate(&hmac, salt, sLen);
if (ret != 0)
return ret;
/* encode i */ /* encode i */
for (j = 0; j < 4; j++) { for (j = 0; j < 4; j++) {
byte b = (byte)(i >> ((3-j) * 8)); byte b = (byte)(i >> ((3-j) * 8));
HmacUpdate(&hmac, &b, 1);
ret = HmacUpdate(&hmac, &b, 1);
if (ret != 0)
return ret;
} }
HmacFinal(&hmac, buffer);
ret = HmacFinal(&hmac, buffer);
if (ret != 0)
return ret;
currentLen = min(kLen, hLen); currentLen = min(kLen, hLen);
XMEMCPY(output, buffer, currentLen); XMEMCPY(output, buffer, currentLen);
for (j = 1; j < iterations; j++) { for (j = 1; j < iterations; j++) {
HmacUpdate(&hmac, buffer, hLen); ret = HmacUpdate(&hmac, buffer, hLen);
HmacFinal(&hmac, buffer); if (ret != 0)
return ret;
ret = HmacFinal(&hmac, buffer);
if (ret != 0)
return ret;
xorbuf(output, buffer, currentLen); xorbuf(output, buffer, currentLen);
} }

60
ctaocrypt/test/test.c
View File

@@ -1149,10 +1149,14 @@ int hmac_md5_test(void)
#endif #endif
ret = HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i])); ret = HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i]));
if (ret != 0) if (ret != 0)
return -4011; return -4015;
HmacUpdate(&hmac, (byte*)test_hmac[i].input, ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen); (word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash); if (ret != 0)
return -4016;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4017;
if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0) if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0)
return -20 - i; return -20 - i;
@@ -1220,10 +1224,14 @@ int hmac_sha_test(void)
#endif #endif
ret = HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i])); ret = HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i]));
if (ret != 0) if (ret != 0)
return -4012; return -4018;
HmacUpdate(&hmac, (byte*)test_hmac[i].input, ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen); (word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash); if (ret != 0)
return -4019;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4020;
if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0) if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0)
return -20 - i; return -20 - i;
@@ -1295,10 +1303,14 @@ int hmac_sha256_test(void)
#endif #endif
ret = HmacSetKey(&hmac, SHA256, (byte*)keys[i],(word32)strlen(keys[i])); ret = HmacSetKey(&hmac, SHA256, (byte*)keys[i],(word32)strlen(keys[i]));
if (ret != 0) if (ret != 0)
return -4013; return -4021;
HmacUpdate(&hmac, (byte*)test_hmac[i].input, ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen); (word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash); if (ret != 0)
return -4022;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4023;
if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0) if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0)
return -20 - i; return -20 - i;
@@ -1371,10 +1383,14 @@ int hmac_blake2b_test(void)
ret = HmacSetKey(&hmac, BLAKE2B_ID, (byte*)keys[i], ret = HmacSetKey(&hmac, BLAKE2B_ID, (byte*)keys[i],
(word32)strlen(keys[i])); (word32)strlen(keys[i]));
if (ret != 0) if (ret != 0)
return -4014; return -4024;
HmacUpdate(&hmac, (byte*)test_hmac[i].input, ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen); (word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash); if (ret != 0)
return -4025;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4026;
if (memcmp(hash, test_hmac[i].output, BLAKE2B_256) != 0) if (memcmp(hash, test_hmac[i].output, BLAKE2B_256) != 0)
return -20 - i; return -20 - i;
@@ -1443,10 +1459,14 @@ int hmac_sha384_test(void)
for (i = 0; i < times; ++i) { for (i = 0; i < times; ++i) {
ret = HmacSetKey(&hmac, SHA384, (byte*)keys[i],(word32)strlen(keys[i])); ret = HmacSetKey(&hmac, SHA384, (byte*)keys[i],(word32)strlen(keys[i]));
if (ret != 0) if (ret != 0)
return -4015; return -4027;
HmacUpdate(&hmac, (byte*)test_hmac[i].input, ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen); (word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash); if (ret != 0)
return -4028;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4029;
if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0) if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0)
return -20 - i; return -20 - i;
@@ -1515,10 +1535,14 @@ int hmac_sha512_test(void)
for (i = 0; i < times; ++i) { for (i = 0; i < times; ++i) {
ret = HmacSetKey(&hmac, SHA512, (byte*)keys[i],(word32)strlen(keys[i])); ret = HmacSetKey(&hmac, SHA512, (byte*)keys[i],(word32)strlen(keys[i]));
if (ret != 0) if (ret != 0)
return -4016; return -4030;
HmacUpdate(&hmac, (byte*)test_hmac[i].input, ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen); (word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash); if (ret != 0)
return -4031;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4032;
if (memcmp(hash, test_hmac[i].output, SHA512_DIGEST_SIZE) != 0) if (memcmp(hash, test_hmac[i].output, SHA512_DIGEST_SIZE) != 0)
return -20 - i; return -20 - i;

24
cyassl/test.h
View File

@@ -1345,9 +1345,15 @@ static INLINE int myMacEncryptCb(CYASSL* ssl, unsigned char* macOut,
CyaSSL_GetMacSecret(ssl, macVerify), CyaSSL_GetHmacSize(ssl)); CyaSSL_GetMacSecret(ssl, macVerify), CyaSSL_GetHmacSize(ssl));
if (ret != 0) if (ret != 0)
return ret; return ret;
HmacUpdate(&hmac, myInner, sizeof(myInner)); ret = HmacUpdate(&hmac, myInner, sizeof(myInner));
HmacUpdate(&hmac, macIn, macInSz); if (ret != 0)
HmacFinal(&hmac, macOut); return ret;
ret = HmacUpdate(&hmac, macIn, macInSz);
if (ret != 0)
return ret;
ret = HmacFinal(&hmac, macOut);
if (ret != 0)
return ret;
/* encrypt setup on first time */ /* encrypt setup on first time */
@@ -1454,9 +1460,15 @@ static INLINE int myDecryptVerifyCb(CYASSL* ssl,
CyaSSL_GetMacSecret(ssl, macVerify), digestSz); CyaSSL_GetMacSecret(ssl, macVerify), digestSz);
if (ret != 0) if (ret != 0)
return ret; return ret;
HmacUpdate(&hmac, myInner, sizeof(myInner)); ret = HmacUpdate(&hmac, myInner, sizeof(myInner));
HmacUpdate(&hmac, decOut + ivExtra, macInSz); if (ret != 0)
HmacFinal(&hmac, verify); return ret;
ret = HmacUpdate(&hmac, decOut + ivExtra, macInSz);
if (ret != 0)
return ret;
ret = HmacFinal(&hmac, verify);
if (ret != 0)
return ret;
if (memcmp(verify, decOut + decSz - digestSz - pad - padByte, if (memcmp(verify, decOut + decSz - digestSz - pad - padByte,
digestSz) != 0) { digestSz) != 0) {

48
mcapi/mcapi_test.c
View File

@@ -407,10 +407,18 @@ static int check_hmac(void)
} }
CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE); CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE);
HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE); ret = HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE);
if (ret != 0) {
printf("hmac sha update default failed\n");
return -1;
}
CRYPT_HMAC_Finalize(&mcHmac, mcDigest); CRYPT_HMAC_Finalize(&mcHmac, mcDigest);
HmacFinal(&defHmac, defDigest); ret = HmacFinal(&defHmac, defDigest);
if (ret != 0) {
printf("hmac sha final default failed\n");
return -1;
}
if (memcmp(mcDigest, defDigest, CRYPT_SHA_DIGEST_SIZE) != 0) { if (memcmp(mcDigest, defDigest, CRYPT_SHA_DIGEST_SIZE) != 0) {
printf("hmac sha final memcmp fialed\n"); printf("hmac sha final memcmp fialed\n");
@@ -427,10 +435,18 @@ static int check_hmac(void)
} }
CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE); CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE);
HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE); ret = HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE);
if (ret != 0) {
printf("hmac sha256 update default failed\n");
return -1;
}
CRYPT_HMAC_Finalize(&mcHmac, mcDigest); CRYPT_HMAC_Finalize(&mcHmac, mcDigest);
HmacFinal(&defHmac, defDigest); ret = HmacFinal(&defHmac, defDigest);
if (ret != 0) {
printf("hmac sha256 final default failed\n");
return -1;
}
if (memcmp(mcDigest, defDigest, CRYPT_SHA256_DIGEST_SIZE) != 0) { if (memcmp(mcDigest, defDigest, CRYPT_SHA256_DIGEST_SIZE) != 0) {
printf("hmac sha256 final memcmp fialed\n"); printf("hmac sha256 final memcmp fialed\n");
@@ -447,10 +463,18 @@ static int check_hmac(void)
} }
CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE); CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE);
HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE); ret = HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE);
if (ret != 0) {
printf("hmac sha384 update default failed\n");
return -1;
}
CRYPT_HMAC_Finalize(&mcHmac, mcDigest); CRYPT_HMAC_Finalize(&mcHmac, mcDigest);
HmacFinal(&defHmac, defDigest); ret = HmacFinal(&defHmac, defDigest);
if (ret != 0) {
printf("hmac sha384 final default failed\n");
return -1;
}
if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) { if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) {
printf("hmac sha384 final memcmp fialed\n"); printf("hmac sha384 final memcmp fialed\n");
@@ -467,10 +491,18 @@ static int check_hmac(void)
} }
CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE); CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE);
HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE); ret = HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE);
if (ret != 0) {
printf("hmac sha512 update default failed\n");
return -1;
}
CRYPT_HMAC_Finalize(&mcHmac, mcDigest); CRYPT_HMAC_Finalize(&mcHmac, mcDigest);
HmacFinal(&defHmac, defDigest); ret = HmacFinal(&defHmac, defDigest);
if (ret != 0) {
printf("hmac sha512 final default failed\n");
return -1;
}
if (memcmp(mcDigest, defDigest, CRYPT_SHA512_DIGEST_SIZE) != 0) { if (memcmp(mcDigest, defDigest, CRYPT_SHA512_DIGEST_SIZE) != 0) {
printf("hmac sha512 final memcmp fialed\n"); printf("hmac sha512 final memcmp fialed\n");

19
src/ssl.c
View File

@@ -7342,28 +7342,31 @@ int CyaSSL_set_compression(CYASSL* ssl)
unsigned char* md, unsigned int* md_len) unsigned char* md, unsigned int* md_len)
{ {
Hmac hmac; Hmac hmac;
int ret;
CYASSL_ENTER("HMAC"); CYASSL_ENTER("HMAC");
if (!md) return NULL; /* no static buffer support */ if (!md) return NULL; /* no static buffer support */
if (XSTRNCMP(evp_md, "MD5", 3) == 0) { if (XSTRNCMP(evp_md, "MD5", 3) == 0) {
ret = HmacSetKey(&hmac, MD5, (const byte*)key, key_len); if (HmacSetKey(&hmac, MD5, (const byte*)key, key_len) != 0)
return NULL;
if (md_len) *md_len = MD5_DIGEST_SIZE; if (md_len) *md_len = MD5_DIGEST_SIZE;
} }
else if (XSTRNCMP(evp_md, "SHA", 3) == 0) { else if (XSTRNCMP(evp_md, "SHA", 3) == 0) {
ret = HmacSetKey(&hmac, SHA, (const byte*)key, key_len); if (HmacSetKey(&hmac, SHA, (const byte*)key, key_len) != 0)
return NULL;
if (md_len) *md_len = SHA_DIGEST_SIZE; if (md_len) *md_len = SHA_DIGEST_SIZE;
} }
else else
return NULL; return NULL;
if (ret != 0) if (HmacUpdate(&hmac, d, n) != 0)
return NULL; return NULL;
HmacUpdate(&hmac, d, n); if (HmacFinal(&hmac, md) != 0)
HmacFinal(&hmac, md); return NULL;
return md; return md;
} }
@@ -10847,6 +10850,7 @@ static int initGlobalRNG = 0;
if (ctx && data) { if (ctx && data) {
CYASSL_MSG("updating hmac"); CYASSL_MSG("updating hmac");
HmacUpdate(&ctx->hmac, data, (word32)len); HmacUpdate(&ctx->hmac, data, (word32)len);
/* OpenSSL compat, no error */
} }
} }
@@ -10859,6 +10863,7 @@ static int initGlobalRNG = 0;
if (ctx && hash) { if (ctx && hash) {
CYASSL_MSG("final hmac"); CYASSL_MSG("final hmac");
HmacFinal(&ctx->hmac, hash); HmacFinal(&ctx->hmac, hash);
/* OpenSSL compat, no error */
if (len) { if (len) {
CYASSL_MSG("setting output len"); CYASSL_MSG("setting output len");

38
tests/hash.c
View File

@@ -611,9 +611,13 @@ int hmac_md5_test(void)
ret = HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i])); ret = HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i]));
if (ret != 0) if (ret != 0)
return -4014; return -4014;
HmacUpdate(&hmac, (byte*)test_hmac[i].input, ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen); (word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash); if (ret != 0)
return -4015;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4016;
if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0) if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0)
return -20 - i; return -20 - i;
@@ -672,10 +676,14 @@ int hmac_sha_test(void)
for (i = 0; i < times; ++i) { for (i = 0; i < times; ++i) {
ret = HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i])); ret = HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i]));
if (ret != 0) if (ret != 0)
return -4015; return -4017;
HmacUpdate(&hmac, (byte*)test_hmac[i].input, ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen); (word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash); if (ret != 0)
return -4018;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4019;
if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0) if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0)
return -20 - i; return -20 - i;
@@ -737,10 +745,14 @@ int hmac_sha256_test(void)
for (i = 0; i < times; ++i) { for (i = 0; i < times; ++i) {
ret = HmacSetKey(&hmac,SHA256, (byte*)keys[i], (word32)strlen(keys[i])); ret = HmacSetKey(&hmac,SHA256, (byte*)keys[i], (word32)strlen(keys[i]));
if (ret != 0) if (ret != 0)
return -4016; return -4020;
HmacUpdate(&hmac, (byte*)test_hmac[i].input, ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen); (word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash); if (ret != 0)
return -4021;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4022;
if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0) if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0)
return -20 - i; return -20 - i;
@@ -806,10 +818,14 @@ int hmac_sha384_test(void)
for (i = 0; i < times; ++i) { for (i = 0; i < times; ++i) {
ret = HmacSetKey(&hmac,SHA384, (byte*)keys[i], (word32)strlen(keys[i])); ret = HmacSetKey(&hmac,SHA384, (byte*)keys[i], (word32)strlen(keys[i]));
if (ret != 0) if (ret != 0)
return -4017; return -4023;
HmacUpdate(&hmac, (byte*)test_hmac[i].input, ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen); (word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash); if (ret != 0)
return -4024;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4025;
if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0) if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0)
return -20 - i; return -20 - i;