feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

add SHA1 fips mode

Browse Source
This commit is contained in:
toddouska
2014-03-25 16:01:17 -07:00
parent 8c5d958a8b
commit 3607db9077
17 changed files with 230 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ctaocrypt/benchmark/benchmark.c
View File

@@ -586,9 +586,13 @@ void bench_sha(void)
Sha hash; Sha hash;
byte digest[SHA_DIGEST_SIZE]; byte digest[SHA_DIGEST_SIZE];
double start, total, persec; double start, total, persec;
int i; int i, ret;
InitSha(&hash); ret = InitSha(&hash);
if (ret != 0) {
printf("InitSha failed, ret = %d\n", ret);
return;
}
start = current_time(1); start = current_time(1);
for(i = 0; i < numBlocks; i++) for(i = 0; i < numBlocks; i++)

44
ctaocrypt/src/asn.c
View File

@@ -1587,6 +1587,7 @@ static int GetName(DecodedCert* cert, int nameType)
Sha sha; /* MUST have SHA-1 hash for cert names */ Sha sha; /* MUST have SHA-1 hash for cert names */
int length; /* length of all distinguished names */ int length; /* length of all distinguished names */
int dummy; int dummy;
int ret;
char* full = (nameType == ISSUER) ? cert->issuer : cert->subject; char* full = (nameType == ISSUER) ? cert->issuer : cert->subject;
word32 idx; word32 idx;
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
@@ -1613,7 +1614,9 @@ static int GetName(DecodedCert* cert, int nameType)
if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0) if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return ret;
ShaUpdate(&sha, &cert->source[idx], length + cert->srcIdx - idx); ShaUpdate(&sha, &cert->source[idx], length + cert->srcIdx - idx);
if (nameType == ISSUER) if (nameType == ISSUER)
ShaFinal(&sha, cert->issuerHash); ShaFinal(&sha, cert->issuerHash);
@@ -2664,7 +2667,11 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
case CTC_SHAwECDSA: case CTC_SHAwECDSA:
{ {
Sha sha; Sha sha;
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0) {
CYASSL_MSG("InitSha failed");
return 0; /* not confirmed */
}
ShaUpdate(&sha, buf, bufSz); ShaUpdate(&sha, buf, bufSz);
ShaFinal(&sha, digest); ShaFinal(&sha, digest);
typeH = SHAh; typeH = SHAh;
@@ -3152,7 +3159,7 @@ static int DecodeAuthInfo(byte* input, int sz, DecodedCert* cert)
static int DecodeAuthKeyId(byte* input, int sz, DecodedCert* cert) static int DecodeAuthKeyId(byte* input, int sz, DecodedCert* cert)
{ {
word32 idx = 0; word32 idx = 0;
int length = 0; int length = 0, ret = 0;
CYASSL_ENTER("DecodeAuthKeyId"); CYASSL_ENTER("DecodeAuthKeyId");
@@ -3181,7 +3188,9 @@ static int DecodeAuthKeyId(byte* input, int sz, DecodedCert* cert)
} }
else { else {
Sha sha; Sha sha;
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return ret;
ShaUpdate(&sha, input + idx, length); ShaUpdate(&sha, input + idx, length);
ShaFinal(&sha, cert->extAuthKeyId); ShaFinal(&sha, cert->extAuthKeyId);
} }
@@ -3193,7 +3202,7 @@ static int DecodeAuthKeyId(byte* input, int sz, DecodedCert* cert)
static int DecodeSubjKeyId(byte* input, int sz, DecodedCert* cert) static int DecodeSubjKeyId(byte* input, int sz, DecodedCert* cert)
{ {
word32 idx = 0; word32 idx = 0;
int length = 0; int length = 0, ret = 0;
CYASSL_ENTER("DecodeSubjKeyId"); CYASSL_ENTER("DecodeSubjKeyId");
@@ -3217,12 +3226,14 @@ static int DecodeSubjKeyId(byte* input, int sz, DecodedCert* cert)
} }
else { else {
Sha sha; Sha sha;
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return ret;
ShaUpdate(&sha, input + idx, length); ShaUpdate(&sha, input + idx, length);
ShaFinal(&sha, cert->extSubjKeyId); ShaFinal(&sha, cert->extSubjKeyId);
} }
return 0; return ret;
} }
@@ -3604,7 +3615,9 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
if (cert->extSubjKeyIdSet == 0 if (cert->extSubjKeyIdSet == 0
&& cert->publicKey != NULL && cert->pubKeySize > 0) { && cert->publicKey != NULL && cert->pubKeySize > 0) {
Sha sha; Sha sha;
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return ret;
ShaUpdate(&sha, cert->publicKey, cert->pubKeySize); ShaUpdate(&sha, cert->publicKey, cert->pubKeySize);
ShaFinal(&sha, cert->extSubjKeyId); ShaFinal(&sha, cert->extSubjKeyId);
} }
@@ -3627,7 +3640,9 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
/* Need the ca's public key hash for OCSP */ /* Need the ca's public key hash for OCSP */
{ {
Sha sha; Sha sha;
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return ret;
ShaUpdate(&sha, ca->publicKey, ca->pubKeySize); ShaUpdate(&sha, ca->publicKey, ca->pubKeySize);
ShaFinal(&sha, cert->issuerKeyHash); ShaFinal(&sha, cert->issuerKeyHash);
} }
@@ -4718,7 +4733,7 @@ static int MakeSignature(const byte* buffer, int sz, byte* sig, int sigSz,
{ {
byte digest[SHA256_DIGEST_SIZE]; /* max size */ byte digest[SHA256_DIGEST_SIZE]; /* max size */
byte encSig[MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ]; byte encSig[MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ];
int encSigSz, digestSz, typeH; int encSigSz, digestSz, typeH, ret = 0;
(void)eccKey; (void)eccKey;
@@ -4732,7 +4747,9 @@ static int MakeSignature(const byte* buffer, int sz, byte* sig, int sigSz,
} }
else if (sigAlgoType == CTC_SHAwRSA || sigAlgoType == CTC_SHAwECDSA) { else if (sigAlgoType == CTC_SHAwRSA || sigAlgoType == CTC_SHAwECDSA) {
Sha sha; Sha sha;
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return ret;
ShaUpdate(&sha, buffer, sz); ShaUpdate(&sha, buffer, sz);
ShaFinal(&sha, digest); ShaFinal(&sha, digest);
digestSz = SHA_DIGEST_SIZE; digestSz = SHA_DIGEST_SIZE;
@@ -6202,6 +6219,7 @@ CYASSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
{ {
Sha sha; Sha sha;
int length; /* length of all distinguished names */ int length; /* length of all distinguished names */
int ret = 0;
word32 dummy; word32 dummy;
CYASSL_ENTER("GetNameHash"); CYASSL_ENTER("GetNameHash");
@@ -6223,7 +6241,9 @@ CYASSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
if (GetSequence(source, idx, &length, maxIdx) < 0) if (GetSequence(source, idx, &length, maxIdx) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return ret;
ShaUpdate(&sha, source + dummy, length + *idx - dummy); ShaUpdate(&sha, source + dummy, length + *idx - dummy);
ShaFinal(&sha, hash); ShaFinal(&sha, hash);

6
ctaocrypt/src/hmac.c
View File

@@ -56,6 +56,8 @@
static int InitHmac(Hmac* hmac, int type) static int InitHmac(Hmac* hmac, int type)
{ {
int ret = 0;
hmac->innerHashKeyed = 0; hmac->innerHashKeyed = 0;
hmac->macType = (byte)type; hmac->macType = (byte)type;
@@ -72,7 +74,7 @@ static int InitHmac(Hmac* hmac, int type)
#ifndef NO_SHA #ifndef NO_SHA
case SHA: case SHA:
InitSha(&hmac->hash.sha); ret = InitSha(&hmac->hash.sha);
break; break;
#endif #endif
@@ -104,7 +106,7 @@ static int InitHmac(Hmac* hmac, int type)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
return 0; return ret;
} }

12
ctaocrypt/src/pkcs7.c
View File

@@ -328,7 +328,7 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
ESD esd; ESD esd;
word32 signerInfoSz = 0; word32 signerInfoSz = 0;
word32 totalSz = 0; word32 totalSz = 0;
int idx = 0; int idx = 0, ret = 0;
byte* flatSignedAttribs = NULL; byte* flatSignedAttribs = NULL;
word32 flatSignedAttribsSz = 0; word32 flatSignedAttribsSz = 0;
word32 innerOidSz = sizeof(innerOid); word32 innerOidSz = sizeof(innerOid);
@@ -342,7 +342,9 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
XMEMSET(&esd, 0, sizeof(esd)); XMEMSET(&esd, 0, sizeof(esd));
InitSha(&esd.sha); ret = InitSha(&esd.sha);
if (ret != 0)
return ret;
if (pkcs7->contentSz != 0) if (pkcs7->contentSz != 0)
{ {
@@ -431,7 +433,11 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
attribSetSz = SetSet(flatSignedAttribsSz, attribSet); attribSetSz = SetSet(flatSignedAttribsSz, attribSet);
InitSha(&esd.sha); ret = InitSha(&esd.sha);
if (result < 0) {
XFREE(flatSignedAttribs, 0, NULL);
return ret;
}
ShaUpdate(&esd.sha, attribSet, attribSetSz); ShaUpdate(&esd.sha, attribSet, attribSetSz);
ShaUpdate(&esd.sha, flatSignedAttribs, flatSignedAttribsSz); ShaUpdate(&esd.sha, flatSignedAttribs, flatSignedAttribsSz);
} }

10
ctaocrypt/src/pwdbased.c
View File

@@ -74,7 +74,7 @@ int PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt,
Md5 md5; Md5 md5;
Sha sha; Sha sha;
int hLen = (hashType == MD5) ? (int)MD5_DIGEST_SIZE : (int)SHA_DIGEST_SIZE; int hLen = (hashType == MD5) ? (int)MD5_DIGEST_SIZE : (int)SHA_DIGEST_SIZE;
int i; int i, ret = 0;
byte buffer[SHA_DIGEST_SIZE]; /* max size */ byte buffer[SHA_DIGEST_SIZE]; /* max size */
if (hashType != MD5 && hashType != SHA) if (hashType != MD5 && hashType != SHA)
@@ -93,7 +93,9 @@ int PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt,
Md5Final(&md5, buffer); Md5Final(&md5, buffer);
} }
else { else {
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return ret;
ShaUpdate(&sha, passwd, pLen); ShaUpdate(&sha, passwd, pLen);
ShaUpdate(&sha, salt, sLen); ShaUpdate(&sha, salt, sLen);
ShaFinal(&sha, buffer); ShaFinal(&sha, buffer);
@@ -269,7 +271,9 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
else if (hashType == SHA) { else if (hashType == SHA) {
Sha sha; Sha sha;
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
break;
ShaUpdate(&sha, buffer, totalLen); ShaUpdate(&sha, buffer, totalLen);
ShaFinal(&sha, Ai); ShaFinal(&sha, Ai);

21
ctaocrypt/src/sha.c
View File

@@ -34,6 +34,11 @@
#define ShaFinal ShaFinal_sw #define ShaFinal ShaFinal_sw
#endif #endif
#ifdef HAVE_FIPS
/* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
#define FIPS_NO_WRAPPERS
#endif
#include <cyassl/ctaocrypt/sha.h> #include <cyassl/ctaocrypt/sha.h>
#ifdef NO_INLINE #ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h> #include <cyassl/ctaocrypt/misc.h>
@@ -58,7 +63,7 @@
#include "stm32f2xx.h" #include "stm32f2xx.h"
#include "stm32f2xx_hash.h" #include "stm32f2xx_hash.h"
void InitSha(Sha* sha) int InitSha(Sha* sha)
{ {
/* STM32F2 struct notes: /* STM32F2 struct notes:
* sha->buffer = first 4 bytes used to hold partial block if needed * sha->buffer = first 4 bytes used to hold partial block if needed
@@ -79,9 +84,11 @@
/* reset HASH processor */ /* reset HASH processor */
HASH->CR |= HASH_CR_INIT; HASH->CR |= HASH_CR_INIT;
return 0;
} }
void ShaUpdate(Sha* sha, const byte* data, word32 len) int ShaUpdate(Sha* sha, const byte* data, word32 len)
{ {
word32 i = 0; word32 i = 0;
word32 fill = 0; word32 fill = 0;
@@ -125,6 +132,8 @@
/* keep track of total data length thus far */ /* keep track of total data length thus far */
sha->loLen += (len - sha->buffLen); sha->loLen += (len - sha->buffLen);
return 0;
} }
void ShaFinal(Sha* sha, byte* hash) void ShaFinal(Sha* sha, byte* hash)
@@ -175,7 +184,7 @@
#endif /* min */ #endif /* min */
void InitSha(Sha* sha) int InitSha(Sha* sha)
{ {
#ifdef FREESCALE_MMCAU #ifdef FREESCALE_MMCAU
cau_sha1_initialize_output(sha->digest); cau_sha1_initialize_output(sha->digest);
@@ -190,6 +199,8 @@ void InitSha(Sha* sha)
sha->buffLen = 0; sha->buffLen = 0;
sha->loLen = 0; sha->loLen = 0;
sha->hiLen = 0; sha->hiLen = 0;
return 0;
} }
#ifndef FREESCALE_MMCAU #ifndef FREESCALE_MMCAU
@@ -302,7 +313,7 @@ static INLINE void AddLength(Sha* sha, word32 len)
} }
void ShaUpdate(Sha* sha, const byte* data, word32 len) int ShaUpdate(Sha* sha, const byte* data, word32 len)
{ {
/* do block size increments */ /* do block size increments */
byte* local = (byte*)sha->buffer; byte* local = (byte*)sha->buffer;
@@ -324,6 +335,8 @@ void ShaUpdate(Sha* sha, const byte* data, word32 len)
sha->buffLen = 0; sha->buffLen = 0;
} }
} }
return 0;
} }

13
ctaocrypt/test/test.c
View File

@@ -767,6 +767,7 @@ int sha_test(void)
testVector a, b, c, d; testVector a, b, c, d;
testVector test_sha[4]; testVector test_sha[4];
int ret;
int times = sizeof(test_sha) / sizeof(struct testVector), i; int times = sizeof(test_sha) / sizeof(struct testVector), i;
a.input = "abc"; a.input = "abc";
@@ -801,7 +802,9 @@ int sha_test(void)
test_sha[2] = c; test_sha[2] = c;
test_sha[3] = d; test_sha[3] = d;
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return -4001;
for (i = 0; i < times; ++i) { for (i = 0; i < times; ++i) {
ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen); ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen);
@@ -3310,7 +3313,9 @@ int dsa_test(void)
fclose(file); fclose(file);
#endif /* USE_CERT_BUFFERS */ #endif /* USE_CERT_BUFFERS */
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return -4002;
ShaUpdate(&sha, tmp, bytes); ShaUpdate(&sha, tmp, bytes);
ShaFinal(&sha, hash); ShaFinal(&sha, hash);
@@ -4273,7 +4278,9 @@ int pkcs7signed_test(void)
transId[0] = 0x13; transId[0] = 0x13;
transId[1] = SHA_DIGEST_SIZE * 2; transId[1] = SHA_DIGEST_SIZE * 2;
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return -4003;
ShaUpdate(&sha, msg.publicKey, msg.publicKeySz); ShaUpdate(&sha, msg.publicKey, msg.publicKeySz);
ShaFinal(&sha, digest); ShaFinal(&sha, digest);

25
cyassl/ctaocrypt/sha.h
View File

@@ -54,19 +54,34 @@ typedef struct Sha {
word32 hiLen; /* length in bytes */ word32 hiLen; /* length in bytes */
word32 buffer[SHA_BLOCK_SIZE / sizeof(word32)]; word32 buffer[SHA_BLOCK_SIZE / sizeof(word32)];
#ifndef CYASSL_PIC32MZ_HASH #ifndef CYASSL_PIC32MZ_HASH
word32 digest[SHA_DIGEST_SIZE / sizeof(word32)]; word32 digest[SHA_DIGEST_SIZE / sizeof(word32)];
#else #else
word32 digest[PIC32_HASH_SIZE / sizeof(word32)]; word32 digest[PIC32_HASH_SIZE / sizeof(word32)];
pic32mz_desc desc ; /* Crypt Engine descripter */ pic32mz_desc desc; /* Crypt Engine descripter */
#endif #endif
} Sha; } Sha;
CYASSL_API void InitSha(Sha*); CYASSL_API int InitSha(Sha*);
CYASSL_API void ShaUpdate(Sha*, const byte*, word32); CYASSL_API int ShaUpdate(Sha*, const byte*, word32);
CYASSL_API void ShaFinal(Sha*, byte*); CYASSL_API void ShaFinal(Sha*, byte*);
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
CYASSL_API int InitSha_fips(Sha*);
CYASSL_API int ShaUpdate_fips(Sha*, const byte*, word32);
CYASSL_API int ShaFinal_fips(Sha*, byte*);
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define InitSha InitSha_fips
#define ShaUpdate ShaUpdate_fips
#define ShaFinal ShaFinal_fips
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

4
cyassl/internal.h
View File

@@ -1524,7 +1524,7 @@ CYASSL_SESSION* GetSession(CYASSL*, byte*);
CYASSL_LOCAL CYASSL_LOCAL
int SetSession(CYASSL*, CYASSL_SESSION*); int SetSession(CYASSL*, CYASSL_SESSION*);
typedef void (*hmacfp) (CYASSL*, byte*, const byte*, word32, int, int); typedef int (*hmacfp) (CYASSL*, byte*, const byte*, word32, int, int);
#ifndef NO_CLIENT_CACHE #ifndef NO_CLIENT_CACHE
CYASSL_SESSION* GetSessionClient(CYASSL*, const byte*, int); CYASSL_SESSION* GetSessionClient(CYASSL*, const byte*, int);
@@ -2078,7 +2078,7 @@ CYASSL_LOCAL int GrowInputBuffer(CYASSL* ssl, int size, int usedLength);
#ifndef NO_TLS #ifndef NO_TLS
CYASSL_LOCAL int MakeTlsMasterSecret(CYASSL*); CYASSL_LOCAL int MakeTlsMasterSecret(CYASSL*);
CYASSL_LOCAL void TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, CYASSL_LOCAL int TLS_hmac(CYASSL* ssl, byte* digest, const byte* in,
word32 sz, int content, int verify); word32 sz, int content, int verify);
#endif #endif

4
mcapi/crypto.c
View File

@@ -91,9 +91,7 @@ int CRYPT_SHA_Initialize(CRYPT_SHA_CTX* sha)
if (sha == NULL) if (sha == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
InitSha((Sha*)sha); return InitSha((Sha*)sha);
return 0;
} }

9
mcapi/mcapi_test.c
View File

@@ -240,11 +240,16 @@ static int check_sha(void)
{ {
CRYPT_SHA_CTX mcSha; CRYPT_SHA_CTX mcSha;
Sha defSha; Sha defSha;
int ret = 0;
byte mcDigest[CRYPT_SHA_DIGEST_SIZE]; byte mcDigest[CRYPT_SHA_DIGEST_SIZE];
byte defDigest[SHA_DIGEST_SIZE]; byte defDigest[SHA_DIGEST_SIZE];
CRYPT_SHA_Initialize(&mcSha); CRYPT_SHA_Initialize(&mcSha);
InitSha(&defSha); ret = InitSha(&defSha);
if (ret != 0) {
printf("sha init default failed\n");
return -1;
}
CRYPT_SHA_DataAdd(&mcSha, ourData, OUR_DATA_SIZE); CRYPT_SHA_DataAdd(&mcSha, ourData, OUR_DATA_SIZE);
ShaUpdate(&defSha, ourData, OUR_DATA_SIZE); ShaUpdate(&defSha, ourData, OUR_DATA_SIZE);
@@ -253,7 +258,7 @@ static int check_sha(void)
ShaFinal(&defSha, defDigest); ShaFinal(&defSha, defDigest);
if (memcmp(mcDigest, defDigest, CRYPT_SHA_DIGEST_SIZE) != 0) { if (memcmp(mcDigest, defDigest, CRYPT_SHA_DIGEST_SIZE) != 0) {
printf("sha final memcmp fialed\n"); printf("sha final memcmp failed\n");
return -1; return -1;
} }
printf("sha mcapi test passed\n"); printf("sha mcapi test passed\n");

73
src/internal.c
View File

@@ -107,8 +107,8 @@ typedef enum {
} processReply; } processReply;
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
static void SSL_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz, static int SSL_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
int content, int verify); int content, int verify);
#endif #endif
@@ -1444,7 +1444,10 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
InitMd5(&ssl->hashMd5); InitMd5(&ssl->hashMd5);
#endif #endif
#ifndef NO_SHA #ifndef NO_SHA
InitSha(&ssl->hashSha); ret = InitSha(&ssl->hashSha);
if (ret != 0) {
return ret;
}
#endif #endif
#endif #endif
#ifndef NO_SHA256 #ifndef NO_SHA256
@@ -3647,6 +3650,8 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx,
static int DoHelloRequest(CYASSL* ssl, const byte* input, word32* inOutIdx, static int DoHelloRequest(CYASSL* ssl, const byte* input, word32* inOutIdx,
word32 size, word32 totalSz) word32 size, word32 totalSz)
{ {
int ret = 0;
if (size) /* must be 0 */ if (size) /* must be 0 */
return BUFFER_ERROR; return BUFFER_ERROR;
@@ -3655,8 +3660,10 @@ static int DoHelloRequest(CYASSL* ssl, const byte* input, word32* inOutIdx,
int padSz = ssl->keys.encryptSz - HANDSHAKE_HEADER_SZ - int padSz = ssl->keys.encryptSz - HANDSHAKE_HEADER_SZ -
ssl->specs.hash_size; ssl->specs.hash_size;
ssl->hmac(ssl, verify, input + *inOutIdx - HANDSHAKE_HEADER_SZ, ret = ssl->hmac(ssl, verify, input + *inOutIdx - HANDSHAKE_HEADER_SZ,
HANDSHAKE_HEADER_SZ, handshake, 1); HANDSHAKE_HEADER_SZ, handshake, 1);
if (ret != 0)
return ret;
if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) if (ssl->options.tls1_1 && ssl->specs.cipher_type == block)
padSz -= ssl->specs.block_size; padSz -= ssl->specs.block_size;
@@ -4413,12 +4420,13 @@ static INLINE void Md5Rounds(int rounds, const byte* data, int sz)
/* do a dummy sha round */
static INLINE void ShaRounds(int rounds, const byte* data, int sz) static INLINE void ShaRounds(int rounds, const byte* data, int sz)
{ {
Sha sha; Sha sha;
int i; int i;
InitSha(&sha); InitSha(&sha); /* no error check on purpose, dummy round */
for (i = 0; i < rounds; i++) for (i = 0; i < rounds; i++)
ShaUpdate(&sha, data, sz); ShaUpdate(&sha, data, sz);
@@ -4490,6 +4498,7 @@ static INLINE void RmdRounds(int rounds, const byte* data, int sz)
#endif #endif
/* Do dummy rounds */
static INLINE void DoRounds(int type, int rounds, const byte* data, int sz) static INLINE void DoRounds(int type, int rounds, const byte* data, int sz)
{ {
switch (type) { switch (type) {
@@ -4625,13 +4634,14 @@ static int TimingPadVerify(CYASSL* ssl, const byte* input, int padLen, int t,
{ {
byte verify[MAX_DIGEST_SIZE]; byte verify[MAX_DIGEST_SIZE];
byte dummy[MAX_PAD_SIZE]; byte dummy[MAX_PAD_SIZE];
int ret = 0;
XMEMSET(dummy, 1, sizeof(dummy)); XMEMSET(dummy, 1, sizeof(dummy));
if ( (t + padLen + 1) > pLen) { if ( (t + padLen + 1) > pLen) {
CYASSL_MSG("Plain Len not long enough for pad/mac"); CYASSL_MSG("Plain Len not long enough for pad/mac");
PadCheck(dummy, (byte)padLen, MAX_PAD_SIZE); PadCheck(dummy, (byte)padLen, MAX_PAD_SIZE);
ssl->hmac(ssl, verify, input, pLen - t, content, 1); ssl->hmac(ssl, verify, input, pLen - t, content, 1); /* still compare */
ConstantCompare(verify, input + pLen - t, t); ConstantCompare(verify, input + pLen - t, t);
return VERIFY_MAC_ERROR; return VERIFY_MAC_ERROR;
@@ -4640,14 +4650,14 @@ static int TimingPadVerify(CYASSL* ssl, const byte* input, int padLen, int t,
if (PadCheck(input + pLen - (padLen + 1), (byte)padLen, padLen + 1) != 0) { if (PadCheck(input + pLen - (padLen + 1), (byte)padLen, padLen + 1) != 0) {
CYASSL_MSG("PadCheck failed"); CYASSL_MSG("PadCheck failed");
PadCheck(dummy, (byte)padLen, MAX_PAD_SIZE - padLen - 1); PadCheck(dummy, (byte)padLen, MAX_PAD_SIZE - padLen - 1);
ssl->hmac(ssl, verify, input, pLen - t, content, 1); ssl->hmac(ssl, verify, input, pLen - t, content, 1); /* still compare */
ConstantCompare(verify, input + pLen - t, t); ConstantCompare(verify, input + pLen - t, t);
return VERIFY_MAC_ERROR; return VERIFY_MAC_ERROR;
} }
PadCheck(dummy, (byte)padLen, MAX_PAD_SIZE - padLen - 1); PadCheck(dummy, (byte)padLen, MAX_PAD_SIZE - padLen - 1);
ssl->hmac(ssl, verify, input, pLen - padLen - 1 - t, content, 1); ret = ssl->hmac(ssl, verify, input, pLen - padLen - 1 - t, content, 1);
CompressRounds(ssl, GetRounds(pLen, padLen, t), dummy); CompressRounds(ssl, GetRounds(pLen, padLen, t), dummy);
@@ -4656,7 +4666,7 @@ static int TimingPadVerify(CYASSL* ssl, const byte* input, int padLen, int t,
return VERIFY_MAC_ERROR; return VERIFY_MAC_ERROR;
} }
return 0; return ret;
} }
@@ -4849,18 +4859,22 @@ static INLINE int VerifyMac(CYASSL* ssl, const byte* input, word32 msgSz,
return ret; return ret;
} }
else { /* sslv3, some implementations have bad padding */ else { /* sslv3, some implementations have bad padding */
ssl->hmac(ssl, verify, input, msgSz - digestSz - pad - 1, ret = ssl->hmac(ssl, verify, input, msgSz - digestSz - pad - 1,
content, 1); content, 1);
if (ConstantCompare(verify, input + msgSz - digestSz - pad - 1, if (ConstantCompare(verify, input + msgSz - digestSz - pad - 1,
digestSz) != 0) digestSz) != 0)
return VERIFY_MAC_ERROR; return VERIFY_MAC_ERROR;
if (ret != 0)
return VERIFY_MAC_ERROR;
} }
} }
else if (ssl->specs.cipher_type == stream) { else if (ssl->specs.cipher_type == stream) {
ssl->hmac(ssl, verify, input, msgSz - digestSz, content, 1); ret = ssl->hmac(ssl, verify, input, msgSz - digestSz, content, 1);
if (ConstantCompare(verify, input + msgSz - digestSz, digestSz) != 0){ if (ConstantCompare(verify, input + msgSz - digestSz, digestSz) != 0){
return VERIFY_MAC_ERROR; return VERIFY_MAC_ERROR;
} }
if (ret != 0)
return VERIFY_MAC_ERROR;
} }
if (ssl->specs.cipher_type == aead) { if (ssl->specs.cipher_type == aead) {
@@ -5281,12 +5295,13 @@ int SendChangeCipher(CYASSL* ssl)
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
static void SSL_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz, static int SSL_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
int content, int verify) int content, int verify)
{ {
byte result[MAX_DIGEST_SIZE]; byte result[MAX_DIGEST_SIZE];
word32 digestSz = ssl->specs.hash_size; /* actual sizes */ word32 digestSz = ssl->specs.hash_size; /* actual sizes */
word32 padSz = ssl->specs.pad_size; word32 padSz = ssl->specs.pad_size;
int ret = 0;
Md5 md5; Md5 md5;
Sha sha; Sha sha;
@@ -5318,7 +5333,9 @@ static void SSL_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
Md5Final(&md5, digest); Md5Final(&md5, digest);
} }
else { else {
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return ret;
/* inner */ /* inner */
ShaUpdate(&sha, macSecret, digestSz); ShaUpdate(&sha, macSecret, digestSz);
ShaUpdate(&sha, PAD1, padSz); ShaUpdate(&sha, PAD1, padSz);
@@ -5333,6 +5350,7 @@ static void SSL_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
ShaUpdate(&sha, result, digestSz); ShaUpdate(&sha, result, digestSz);
ShaFinal(&sha, digest); ShaFinal(&sha, digest);
} }
return 0;
} }
#ifndef NO_CERTS #ifndef NO_CERTS
@@ -5516,14 +5534,16 @@ static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz,
if (ssl->truncated_hmac && ssl->specs.hash_size > digestSz) { if (ssl->truncated_hmac && ssl->specs.hash_size > digestSz) {
byte hmac[MAX_DIGEST_SIZE]; byte hmac[MAX_DIGEST_SIZE];
ssl->hmac(ssl, hmac, output + headerSz + ivSz, inSz, type, 0); ret = ssl->hmac(ssl, hmac, output + headerSz + ivSz, inSz,
type, 0);
XMEMCPY(output + idx, hmac, digestSz); XMEMCPY(output + idx, hmac, digestSz);
} else } else
#endif #endif
ssl->hmac(ssl, output+idx, output + headerSz + ivSz, inSz, ret = ssl->hmac(ssl, output+idx, output + headerSz + ivSz, inSz,
type, 0); type, 0);
} }
if (ret != 0)
return ret;
if ( (ret = Encrypt(ssl, output + headerSz, output+headerSz,size)) != 0) if ( (ret = Encrypt(ssl, output + headerSz, output+headerSz,size)) != 0)
return ret; return ret;
@@ -7746,12 +7766,14 @@ static void PickHashSigAlgo(CYASSL* ssl,
{ {
word16 length = 0; word16 length = 0;
word32 begin = *inOutIdx; word32 begin = *inOutIdx;
int ret = 0;
(void)length; /* shut up compiler warnings */ (void)length; /* shut up compiler warnings */
(void)begin; (void)begin;
(void)ssl; (void)ssl;
(void)input; (void)input;
(void)size; (void)size;
(void)ret;
#ifdef CYASSL_CALLBACKS #ifdef CYASSL_CALLBACKS
if (ssl->hsInfoOn) if (ssl->hsInfoOn)
@@ -7938,7 +7960,9 @@ static void PickHashSigAlgo(CYASSL* ssl,
Md5Final(&md5, hash); Md5Final(&md5, hash);
/* sha */ /* sha */
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return ret;
ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN); ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN);
ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN); ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN);
ShaUpdate(&sha, messageVerify, verifySz); ShaUpdate(&sha, messageVerify, verifySz);
@@ -7965,7 +7989,6 @@ static void PickHashSigAlgo(CYASSL* ssl,
/* rsa */ /* rsa */
if (sigAlgo == rsa_sa_algo) if (sigAlgo == rsa_sa_algo)
{ {
int ret = 0;
byte* out = NULL; byte* out = NULL;
byte doUserRsa = 0; byte doUserRsa = 0;
@@ -8042,7 +8065,7 @@ static void PickHashSigAlgo(CYASSL* ssl,
#ifdef HAVE_ECC #ifdef HAVE_ECC
/* ecdsa */ /* ecdsa */
if (sigAlgo == ecc_dsa_sa_algo) { if (sigAlgo == ecc_dsa_sa_algo) {
int verify = 0, ret = 0; int verify = 0;
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
byte* digest = &hash[MD5_DIGEST_SIZE]; byte* digest = &hash[MD5_DIGEST_SIZE];
word32 digestSz = SHA_DIGEST_SIZE; word32 digestSz = SHA_DIGEST_SIZE;
@@ -8985,7 +9008,9 @@ static void PickHashSigAlgo(CYASSL* ssl,
Md5Final(&md5, hash); Md5Final(&md5, hash);
/* sha */ /* sha */
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return ret;
ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN); ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN);
ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN); ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN);
ShaUpdate(&sha, output + preSigIdx, preSigSz); ShaUpdate(&sha, output + preSigIdx, preSigSz);
@@ -9309,7 +9334,9 @@ static void PickHashSigAlgo(CYASSL* ssl,
Md5Final(&md5, hash); Md5Final(&md5, hash);
/* sha */ /* sha */
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return ret;
ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN); ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN);
ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN); ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN);
ShaUpdate(&sha, output + preSigIdx, preSigSz); ShaUpdate(&sha, output + preSigIdx, preSigSz);

5
src/io.c
View File

@@ -475,6 +475,7 @@ int EmbedGenerateCookie(CYASSL* ssl, byte *buf, int sz, void *ctx)
XSOCKLENT peerSz = sizeof(peer); XSOCKLENT peerSz = sizeof(peer);
Sha sha; Sha sha;
byte digest[SHA_DIGEST_SIZE]; byte digest[SHA_DIGEST_SIZE];
int ret = 0;
(void)ctx; (void)ctx;
@@ -484,7 +485,9 @@ int EmbedGenerateCookie(CYASSL* ssl, byte *buf, int sz, void *ctx)
return GEN_COOKIE_E; return GEN_COOKIE_E;
} }
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return ret;
ShaUpdate(&sha, (byte*)&peer, peerSz); ShaUpdate(&sha, (byte*)&peer, peerSz);
ShaFinal(&sha, digest); ShaFinal(&sha, digest);

9
src/keys.c
View File

@@ -1835,6 +1835,7 @@ int DeriveKeys(CYASSL* ssl)
2 * ssl->specs.key_size + 2 * ssl->specs.key_size +
2 * ssl->specs.iv_size; 2 * ssl->specs.iv_size;
int rounds = (length + MD5_DIGEST_SIZE - 1 ) / MD5_DIGEST_SIZE, i; int rounds = (length + MD5_DIGEST_SIZE - 1 ) / MD5_DIGEST_SIZE, i;
int ret = 0;
byte shaOutput[SHA_DIGEST_SIZE]; byte shaOutput[SHA_DIGEST_SIZE];
byte md5Input[SECRET_LEN + SHA_DIGEST_SIZE]; byte md5Input[SECRET_LEN + SHA_DIGEST_SIZE];
@@ -1846,7 +1847,9 @@ int DeriveKeys(CYASSL* ssl)
byte keyData[KEY_PREFIX * MD5_DIGEST_SIZE]; /* max size */ byte keyData[KEY_PREFIX * MD5_DIGEST_SIZE]; /* max size */
InitMd5(&md5); InitMd5(&md5);
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return ret;
XMEMCPY(md5Input, ssl->arrays->masterSecret, SECRET_LEN); XMEMCPY(md5Input, ssl->arrays->masterSecret, SECRET_LEN);
@@ -1915,7 +1918,9 @@ static int MakeSslMasterSecret(CYASSL* ssl)
#endif #endif
InitMd5(&md5); InitMd5(&md5);
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return ret;
XMEMCPY(md5Input, ssl->arrays->preMasterSecret, pmsSz); XMEMCPY(md5Input, ssl->arrays->preMasterSecret, pmsSz);

59
src/ssl.c
View File

@@ -4460,7 +4460,10 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl)
/* re-init hashes, exclude first hello and verify request */ /* re-init hashes, exclude first hello and verify request */
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
InitMd5(&ssl->hashMd5); InitMd5(&ssl->hashMd5);
InitSha(&ssl->hashSha); if ( (ssl->error = InitSha(&ssl->hashSha)) != 0) {
CYASSL_ERROR(ssl->error);
return SSL_FATAL_ERROR;
}
#endif #endif
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
#ifndef NO_SHA256 #ifndef NO_SHA256
@@ -4731,7 +4734,10 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl)
/* re-init hashes, exclude first hello and verify request */ /* re-init hashes, exclude first hello and verify request */
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
InitMd5(&ssl->hashMd5); InitMd5(&ssl->hashMd5);
InitSha(&ssl->hashSha); if ( (ssl->error = InitSha(&ssl->hashSha)) != 0) {
CYASSL_ERROR(ssl->error);
return SSL_FATAL_ERROR;
}
#endif #endif
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
#ifndef NO_SHA256 #ifndef NO_SHA256
@@ -4899,11 +4905,13 @@ int CyaSSL_Cleanup(void)
/* some session IDs aren't random afterall, let's make them random */ /* some session IDs aren't random afterall, let's make them random */
static INLINE word32 HashSession(const byte* sessionID, word32 len) static INLINE word32 HashSession(const byte* sessionID, word32 len, int* error)
{ {
byte digest[MD5_DIGEST_SIZE]; byte digest[MD5_DIGEST_SIZE];
Md5 md5; Md5 md5;
(void)error;
InitMd5(&md5); InitMd5(&md5);
Md5Update(&md5, sessionID, len); Md5Update(&md5, sessionID, len);
Md5Final(&md5, digest); Md5Final(&md5, digest);
@@ -4913,12 +4921,18 @@ static INLINE word32 HashSession(const byte* sessionID, word32 len)
#elif !defined(NO_SHA) #elif !defined(NO_SHA)
static INLINE word32 HashSession(const byte* sessionID, word32 len) /* 0 on failure */
static INLINE word32 HashSession(const byte* sessionID, word32 len, int* error)
{ {
byte digest[SHA_DIGEST_SIZE]; byte digest[SHA_DIGEST_SIZE];
Sha sha; Sha sha;
int ret = 0;
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0) {
*error = ret;
return 0;
}
ShaUpdate(&sha, sessionID, len); ShaUpdate(&sha, sessionID, len);
ShaFinal(&sha, digest); ShaFinal(&sha, digest);
@@ -4927,11 +4941,13 @@ static INLINE word32 HashSession(const byte* sessionID, word32 len)
#elif !defined(NO_SHA256) #elif !defined(NO_SHA256)
static INLINE word32 HashSession(const byte* sessionID, word32 len) static INLINE word32 HashSession(const byte* sessionID, word32 len, int* error)
{ {
byte digest[SHA256_DIGEST_SIZE]; byte digest[SHA256_DIGEST_SIZE];
Sha256 sha256; Sha256 sha256;
(void)error;
InitSha256(&sha256); InitSha256(&sha256);
Sha256Update(&sha256, sessionID, len); Sha256Update(&sha256, sessionID, len);
Sha256Final(&sha256, digest); Sha256Final(&sha256, digest);
@@ -4987,6 +5003,7 @@ CYASSL_SESSION* GetSessionClient(CYASSL* ssl, const byte* id, int len)
word32 row; word32 row;
int idx; int idx;
int count; int count;
int error = 0;
CYASSL_ENTER("GetSessionClient"); CYASSL_ENTER("GetSessionClient");
@@ -4994,7 +5011,11 @@ CYASSL_SESSION* GetSessionClient(CYASSL* ssl, const byte* id, int len)
return NULL; return NULL;
len = min(SERVER_ID_LEN, (word32)len); len = min(SERVER_ID_LEN, (word32)len);
row = HashSession(id, len) % SESSION_ROWS; row = HashSession(id, len, &error) % SESSION_ROWS;
if (error != 0) {
CYASSL_MSG("Hash session failed");
return NULL;
}
if (LockMutex(&session_mutex) != 0) { if (LockMutex(&session_mutex) != 0) {
CYASSL_MSG("Lock session mutex failed"); CYASSL_MSG("Lock session mutex failed");
@@ -5048,6 +5069,7 @@ CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret)
word32 row; word32 row;
int idx; int idx;
int count; int count;
int error = 0;
if (ssl->options.sessionCacheOff) if (ssl->options.sessionCacheOff)
return NULL; return NULL;
@@ -5060,7 +5082,11 @@ CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret)
else else
id = ssl->session.sessionID; id = ssl->session.sessionID;
row = HashSession(id, ID_LEN) % SESSION_ROWS; row = HashSession(id, ID_LEN, &error) % SESSION_ROWS;
if (error != 0) {
CYASSL_MSG("Hash session failed");
return NULL;
}
if (LockMutex(&session_mutex) != 0) if (LockMutex(&session_mutex) != 0)
return 0; return 0;
@@ -5126,6 +5152,7 @@ int SetSession(CYASSL* ssl, CYASSL_SESSION* session)
int AddSession(CYASSL* ssl) int AddSession(CYASSL* ssl)
{ {
word32 row, idx; word32 row, idx;
int error = 0;
if (ssl->options.sessionCacheOff) if (ssl->options.sessionCacheOff)
return 0; return 0;
@@ -5133,7 +5160,11 @@ int AddSession(CYASSL* ssl)
if (ssl->options.haveSessionId == 0) if (ssl->options.haveSessionId == 0)
return 0; return 0;
row = HashSession(ssl->arrays->sessionID, ID_LEN) % SESSION_ROWS; row = HashSession(ssl->arrays->sessionID, ID_LEN, &error) % SESSION_ROWS;
if (error != 0) {
CYASSL_MSG("Hash session failed");
return error;
}
if (LockMutex(&session_mutex) != 0) if (LockMutex(&session_mutex) != 0)
return BAD_MUTEX_E; return BAD_MUTEX_E;
@@ -5175,8 +5206,12 @@ int AddSession(CYASSL* ssl)
XMEMCPY(SessionCache[row].Sessions[idx].serverID, ssl->session.serverID, XMEMCPY(SessionCache[row].Sessions[idx].serverID, ssl->session.serverID,
ssl->session.idLen); ssl->session.idLen);
clientRow = HashSession(ssl->session.serverID, ssl->session.idLen) clientRow = HashSession(ssl->session.serverID, ssl->session.idLen,
% SESSION_ROWS; &error) % SESSION_ROWS;
if (error != 0) {
CYASSL_MSG("Hash session failed");
return error;
}
clientIdx = ClientCache[clientRow].nextIdx++; clientIdx = ClientCache[clientRow].nextIdx++;
ClientCache[clientRow].Clients[clientIdx].serverRow = (word16)row; ClientCache[clientRow].Clients[clientIdx].serverRow = (word16)row;
@@ -6443,7 +6478,7 @@ int CyaSSL_set_compression(CYASSL* ssl)
(void)sizeof(sha_test); (void)sizeof(sha_test);
CYASSL_ENTER("SHA_Init"); CYASSL_ENTER("SHA_Init");
InitSha((Sha*)sha); InitSha((Sha*)sha); /* OpenSSL compat, no ret */
} }

4
src/tls.c
View File

@@ -498,7 +498,7 @@ int CyaSSL_SetTlsHmacInner(CYASSL* ssl, byte* inner, word32 sz, int content,
/* TLS type HMAC */ /* TLS type HMAC */
void TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz, int TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
int content, int verify) int content, int verify)
{ {
Hmac hmac; Hmac hmac;
@@ -511,6 +511,8 @@ void TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
HmacUpdate(&hmac, myInner, sizeof(myInner)); HmacUpdate(&hmac, myInner, sizeof(myInner));
HmacUpdate(&hmac, in, sz); /* content */ HmacUpdate(&hmac, in, sz); /* content */
HmacFinal(&hmac, digest); HmacFinal(&hmac, digest);
return 0;
} }
#ifdef HAVE_TLS_EXTENSIONS #ifdef HAVE_TLS_EXTENSIONS

5
tests/hash.c
View File

@@ -302,6 +302,7 @@ int sha_test(void)
testVector a, b, c, d; testVector a, b, c, d;
testVector test_sha[4]; testVector test_sha[4];
int ret = 0;
int times = sizeof(test_sha) / sizeof(struct testVector), i; int times = sizeof(test_sha) / sizeof(struct testVector), i;
a.input = "abc"; a.input = "abc";
@@ -336,7 +337,9 @@ int sha_test(void)
test_sha[2] = c; test_sha[2] = c;
test_sha[3] = d; test_sha[3] = d;
InitSha(&sha); ret = InitSha(&sha);
if (ret != 0)
return ret;
for (i = 0; i < times; ++i) { for (i = 0; i < times; ++i) {
ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen); ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen);