diff --git a/src/ssl.c b/src/ssl.c index bc9bb2d4c..96e7c95db 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -18281,6 +18281,98 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, } #endif /* !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \ (HAVE_FIPS_VERSION > 2)) */ + +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if !defined(WOLFSSL_NOSHA512_224) + int wolfSSL_SHA512_224_Init(WOLFSSL_SHA512_224_CTX* sha) + { + int ret; + + WOLFSSL_ENTER("wolfSSL_SHA512_224_Init"); + ret = wc_InitSha512_224((wc_Sha512*)sha); + + /* return WOLFSSL_SUCCESS on success, WOLFSSL_FAILURE otherwise */ + if (ret == 0) + return WOLFSSL_SUCCESS; + + return WOLFSSL_FAILURE; + } + + int wolfSSL_SHA512_224_Update(WOLFSSL_SHA512_224_CTX* sha, + const void* input, unsigned long sz) + { + int ret; + + WOLFSSL_ENTER("wolfSSL_SHA512_224_Update"); + ret = wc_Sha512_224Update((wc_Sha512*)sha, (const byte*)input, (word32)sz); + + /* return WOLFSSL_SUCCESS on success, WOLFSSL_FAILURE otherwise */ + if (ret == 0) + return WOLFSSL_SUCCESS; + + return WOLFSSL_FAILURE; + } + + int wolfSSL_SHA512_224_Final(byte* input, WOLFSSL_SHA512_224_CTX* sha) + { + int ret; + + WOLFSSL_ENTER("wolfSSL_SHA512_224_Final"); + ret = wc_Sha512_224Final((wc_Sha512*)sha, input); + + /* return WOLFSSL_SUCCESS on success, WOLFSSL_FAILURE otherwise */ + if (ret == 0) + return WOLFSSL_SUCCESS; + + return WOLFSSL_FAILURE; + } +#endif /* !WOLFSSL_NOSHA512_224 */ +#if !defined(WOLFSSL_NOSHA512_256) + int wolfSSL_SHA512_256_Init(WOLFSSL_SHA512_256_CTX* sha) + { + int ret; + + WOLFSSL_ENTER("wolfSSL_SHA512_256_Init"); + ret = wc_InitSha512_256((wc_Sha512*)sha); + + /* return WOLFSSL_SUCCESS on success, WOLFSSL_FAILURE otherwise */ + if (ret == 0) + return WOLFSSL_SUCCESS; + + return WOLFSSL_FAILURE; + } + + int wolfSSL_SHA512_256_Update(WOLFSSL_SHA512_256_CTX* sha, + const void* input, unsigned long sz) + { + int ret; + + WOLFSSL_ENTER("wolfSSL_SHA512_256_Update"); + ret = wc_Sha512_256Update((wc_Sha512*)sha, (const byte*)input, (word32)sz); + + /* return WOLFSSL_SUCCESS on success, WOLFSSL_FAILURE otherwise */ + if (ret == 0) + return WOLFSSL_SUCCESS; + + return WOLFSSL_FAILURE; + } + + int wolfSSL_SHA512_256_Final(byte* input, WOLFSSL_SHA512_256_CTX* sha) + { + int ret; + + WOLFSSL_ENTER("wolfSSL_SHA512_256_Final"); + ret = wc_Sha512_256Final((wc_Sha512*)sha, input); + + /* return WOLFSSL_SUCCESS on success, 0 otherwise */ + if (ret == 0) + return WOLFSSL_SUCCESS; + + return WOLFSSL_FAILURE; + } +#endif /* !WOLFSSL_NOSHA512_256 */ +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + #endif /* WOLFSSL_SHA512 */ #ifdef WOLFSSL_SHA3 diff --git a/tests/api.c b/tests/api.c index fb3a044d0..65363d5fa 100644 --- a/tests/api.c +++ b/tests/api.c @@ -8785,7 +8785,99 @@ static int test_wc_Sha512Update (void) } /* END test_wc_Sha512Update */ +#ifdef WOLFSSL_SHA512 +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ + (!defined(WOLFSSL_NOSHA512_224) || !defined(WOLFSSL_NOSHA512_256)) +/* Perfoms test for + * - wc_Sha512Final/wc_Sha512FinalRaw + * - wc_Sha512_224Final/wc_Sha512_224Final + * - wc_Sha512_256Final/wc_Sha512_256Final + * parameter: + * - type : must be one of WC_HASH_TYPE_SHA512, WC_HASH_TYPE_SHA512_224 or + * WC_HASH_TYPE_SHA512_256 + * - isRaw: if is non-zero, xxxFinalRaw function will be tested + *return 0 on success + */ +static int test_Sha512_Family_Final(int type, int isRaw) +{ + wc_Sha512 sha512; + byte* hash_test[3]; + byte hash1[WC_SHA512_DIGEST_SIZE]; + byte hash2[2*WC_SHA512_DIGEST_SIZE]; + byte hash3[5*WC_SHA512_DIGEST_SIZE]; + int times, i, ret; + int(*initFp)(wc_Sha512*); + int(*finalFp)(wc_Sha512*, byte*); + void(*freeFp)(wc_Sha512*); + + if (type == WC_HASH_TYPE_SHA512) { + initFp = wc_InitSha512; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) + finalFp = (isRaw)? wc_Sha512FinalRaw : wc_Sha512Final; +#else + finalFp = (isRaw)? NULL : wc_Sha512Final; +#endif + freeFp = wc_Sha512Free; + } +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if !defined(WOLFSSL_NOSHA512_224) + else if (type == WC_HASH_TYPE_SHA512_224) { + initFp = wc_InitSha512_224; + finalFp = (isRaw)? wc_Sha512_224FinalRaw : wc_Sha512_224Final; + freeFp = wc_Sha512_224Free; + } +#endif +#if !defined(WOLFSSL_NOSHA512_256) + else if (type == WC_HASH_TYPE_SHA512_256) { + initFp = wc_InitSha512_256; + finalFp = (isRaw)? wc_Sha512_256FinalRaw : wc_Sha512_256Final; + freeFp = wc_Sha512_256Free; + } +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + else + return BAD_FUNC_ARG; + + /* Initialize */ + ret = initFp(&sha512); + + if (!ret) { + hash_test[0] = hash1; + hash_test[1] = hash2; + hash_test[2] = hash3; + } + + times = sizeof(hash_test) / sizeof(byte *); + + /* Good test args. */ + for (i = 0; i < times && ret == 0; i++) { + ret = finalFp(&sha512, hash_test[i]); + } + /* Test bad args. */ + if (!ret) { + if (finalFp(NULL, NULL) != BAD_FUNC_ARG) { + ret = WOLFSSL_FATAL_ERROR; + } + } + if (!ret) { + if (finalFp(NULL, hash1) != BAD_FUNC_ARG) { + ret = WOLFSSL_FATAL_ERROR; + } + } + + if (!ret) { + if (finalFp(&sha512, NULL) != BAD_FUNC_ARG) { + ret = WOLFSSL_FATAL_ERROR; + } + } + + freeFp(&sha512); + return ret; +} +#endif /* !HAVE_FIPS && !HAVE_SELFTEST && + (!WOLFSSL_NOSHA512_224 || !WOLFSSL_NOSHA512_256) */ +#endif /* WOLFSSL_SHA512 */ /* * Unit test function for wc_Sha512Final() */ @@ -8970,7 +9062,74 @@ static int test_wc_Sha512Free (void) return flag; } /* END test_wc_Sha512Free */ +#ifdef WOLFSSL_SHA512 +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ + (!defined(WOLFSSL_NOSHA512_224) || !defined(WOLFSSL_NOSHA512_256)) +static int test_Sha512_Family_GetHash(int type ) +{ + int flag = 0; + int(*initFp)(wc_Sha512*); + int(*ghashFp)(wc_Sha512*, byte*); + wc_Sha512 sha512; + byte hash1[WC_SHA512_DIGEST_SIZE]; + + if (type == WC_HASH_TYPE_SHA512) { + initFp = wc_InitSha512; + ghashFp = wc_Sha512GetHash; + } +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if !defined(WOLFSSL_NOSHA512_224) + else if (type == WC_HASH_TYPE_SHA512_224) { + initFp = wc_InitSha512_224; + ghashFp = wc_Sha512_224GetHash; + } +#endif +#if !defined(WOLFSSL_NOSHA512_256) + else if (type == WC_HASH_TYPE_SHA512_256) { + initFp = wc_InitSha512_256; + ghashFp = wc_Sha512_256GetHash; + } +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + else { + initFp = NULL; + ghashFp = NULL; + } + + if (initFp == NULL || ghashFp == NULL) + return WOLFSSL_FATAL_ERROR; + + if (!flag) { + flag = initFp(&sha512); + } + + if (!flag) { + flag = ghashFp(&sha512, hash1); + } + + /*test bad arguements*/ + if (!flag) { + if (ghashFp(NULL, NULL) != BAD_FUNC_ARG ) + flag = WOLFSSL_FATAL_ERROR; + } + + if (!flag) { + if (ghashFp(NULL, hash1) != BAD_FUNC_ARG ) + flag = WOLFSSL_FATAL_ERROR; + } + + if (!flag) { + if (ghashFp(&sha512, NULL) != BAD_FUNC_ARG ) + flag = WOLFSSL_FATAL_ERROR; + } + + wc_Sha512Free(&sha512); + return flag; +} +#endif /* !HAVE_FIPS && !HAVE_SELFTEST && + (!WOLFSSL_NOSHA512_224 || !WOLFSSL_NOSHA512_256) */ +#endif /* WOLFSSL_SHA512 */ /* * Unit test function for wc_Sha512GetHash() */ @@ -9065,6 +9224,543 @@ static int test_wc_Sha512Copy (void) return flag; } /* END test_wc_Sha512Copy */ + +static int test_wc_InitSha512_224 (void) +{ + int flag = 0; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + wc_Sha512 sha512; + int ret; + + printf(testingFmt, "wc_InitSha512_224()"); + + /* Test good arg. */ + ret = wc_InitSha512_224(&sha512); + if (ret != 0) { + flag = WOLFSSL_FATAL_ERROR; + } + + /* Test bad arg. */ + if (!flag) { + ret = wc_InitSha512_224(NULL); + if (ret != BAD_FUNC_ARG) { + flag = WOLFSSL_FATAL_ERROR; + } + } + + wc_Sha512_224Free(&sha512); + + printf(resultFmt, flag == 0 ? passed : failed); + +#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */ +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + return flag; + +} + +static int test_wc_Sha512_224Update (void) +{ + int flag = 0; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + wc_Sha512 sha512; + byte hash[WC_SHA512_DIGEST_SIZE]; + testVector a, c; + int ret; + + ret = wc_InitSha512_224(&sha512); + if (ret != 0) { + flag = ret; + } + + printf(testingFmt, "wc_Sha512_224Update()"); + + /* Input. */ + if (!flag) { + a.input = "a"; + a.inLen = XSTRLEN(a.input); + + ret = wc_Sha512_224Update(&sha512, NULL, 0); + if (ret != 0) { + flag = ret; + } + + ret = wc_Sha512_224Update(&sha512,(byte*)a.input, 0); + if (ret != 0) { + flag = ret; + } + + ret = wc_Sha512_224Update(&sha512, (byte*)a.input, (word32)a.inLen); + if (ret != 0) { + flag = ret; + } + + ret = wc_Sha512_224Final(&sha512, hash); + if (ret != 0) { + flag = ret; + } + } + + /* Update input. */ + if (!flag) { + a.input = "abc"; + a.output = "\x46\x34\x27\x0f\x70\x7b\x6a\x54\xda\xae\x75\x30\x46\x08" + "\x42\xe2\x0e\x37\xed\x26\x5c\xee\xe9\xa4\x3e\x89\x24\xaa"; + + a.inLen = XSTRLEN(a.input); + a.outLen = XSTRLEN(a.output); + + ret = wc_Sha512_224Update(&sha512, (byte*) a.input, (word32) a.inLen); + if (ret != 0) { + flag = ret; + } + } + + if (!flag) { + ret = wc_Sha512_224Final(&sha512, hash); + if (ret != 0) { + flag = ret; + } + } + + if (!flag) { + if (XMEMCMP(hash, a.output, WC_SHA512_224_DIGEST_SIZE) != 0) { + flag = WOLFSSL_FATAL_ERROR; + } + } + + if (!flag) { + c.input = NULL; + c.inLen = WC_SHA512_224_DIGEST_SIZE; + + ret = wc_Sha512_224Update(&sha512, (byte*)c.input, (word32)c.inLen); + if (ret != BAD_FUNC_ARG) { + flag = WOLFSSL_FATAL_ERROR; + } + } + + if (!flag) { + ret = wc_Sha512_224Update(NULL, (byte*)a.input, (word32)a.inLen); + if (ret != BAD_FUNC_ARG) { + flag = WOLFSSL_FATAL_ERROR; + } + } + + wc_Sha512_224Free(&sha512); + + /* If not returned then the unit test passed test vectors. */ + printf(resultFmt, flag == 0 ? passed : failed); +#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */ +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + return flag; + +} + +static int test_wc_Sha512_224Final (void) +{ + int flag = 0; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + printf(testingFmt, "wc_Sha512_224Final()"); + flag = test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_224, 0); + printf(resultFmt, flag == 0 ? passed : failed); +#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */ +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + return flag; +} + +static int test_wc_Sha512_224GetFlags (void) +{ + int flag = 0; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) && \ + (defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)) + wc_Sha512 sha512, copy; + word32 flags = 0; + + printf(testingFmt, "wc_Sha512_224GetFlags()"); + + /* Initialize */ + flag = wc_InitSha512_224(&sha512); + if (!flag) { + flag = wc_InitSha512_224(©); + } + if (!flag) { + flag = wc_Sha512_224Copy(&sha512, ©); + } + if (!flag) { + flag = wc_Sha512_224GetFlags(©, &flags); + } + if (!flag) { + if (flags & WC_HASH_FLAG_ISCOPY) + flag = 0; + else + flag = WOLFSSL_FATAL_ERROR; + } + wc_Sha512_224Free(©); + wc_Sha512_224Free(&sha512); + + printf(resultFmt, flag == 0 ? passed : failed); +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + return flag; + +} + +static int test_wc_Sha512_224FinalRaw (void) +{ + int flag = 0; + +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ + defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + printf(testingFmt, "wc_Sha512_224FinalRaw()"); + flag = test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_224, 1); + printf(resultFmt, flag == 0 ? passed : failed); +#endif + return flag; + +} + +static int test_wc_Sha512_224Free (void) +{ + int flag = 0; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + printf(testingFmt, "wc_Sha512_224Free()"); + wc_Sha512_224Free(NULL); + + printf(resultFmt, passed); +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + return flag; + +} + +static int test_wc_Sha512_224GetHash (void) +{ + int flag = 0; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + printf(testingFmt, "wc_Sha512_224GetHash()"); + flag = test_Sha512_Family_GetHash(WC_HASH_TYPE_SHA512_224); + printf(resultFmt, flag == 0 ? passed : failed); +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + return flag; + +} +static int test_wc_Sha512_224Copy (void) +{ + int flag = 0; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + wc_Sha512 sha512; + wc_Sha512 temp; + + printf(testingFmt, "wc_Sha512_224Copy()"); + + /* Initialize */ + flag = wc_InitSha512_224(&sha512); + if (flag == 0) { + flag = wc_InitSha512_224(&temp); + } + if (flag == 0) { + flag = wc_Sha512_224Copy(&sha512, &temp); + } + /*test bad arguements*/ + if (flag == 0) { + if (wc_Sha512_224Copy(NULL, NULL) != BAD_FUNC_ARG) + flag = WOLFSSL_FATAL_ERROR; + } + if (flag == 0) { + if (wc_Sha512_224Copy(NULL, &temp) != BAD_FUNC_ARG) + flag = WOLFSSL_FATAL_ERROR; + } + if (flag == 0) { + if (wc_Sha512_224Copy(&sha512, NULL) != BAD_FUNC_ARG) + flag = WOLFSSL_FATAL_ERROR; + } + + wc_Sha512_224Free(&sha512); + wc_Sha512_224Free(&temp); + + printf(resultFmt, flag == 0 ? passed : failed); +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + return flag; + +} + +static int test_wc_InitSha512_256 (void) +{ + int flag = 0; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + wc_Sha512 sha512; + int ret; + + printf(testingFmt, "wc_InitSha512_256()"); + + /* Test good arg. */ + ret = wc_InitSha512_256(&sha512); + if (ret != 0) { + flag = WOLFSSL_FATAL_ERROR; + } + + /* Test bad arg. */ + if (!flag) { + ret = wc_InitSha512_256(NULL); + if (ret != BAD_FUNC_ARG) { + flag = WOLFSSL_FATAL_ERROR; + } + } + + wc_Sha512_256Free(&sha512); + + printf(resultFmt, flag == 0 ? passed : failed); + +#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */ +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + return flag; + +} + +static int test_wc_Sha512_256Update (void) +{ + int flag = 0; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + wc_Sha512 sha512; + byte hash[WC_SHA512_DIGEST_SIZE]; + testVector a, c; + int ret; + + ret = wc_InitSha512_256(&sha512); + if (ret != 0) { + flag = ret; + } + + printf(testingFmt, "wc_Sha512_256Update()"); + + /* Input. */ + if (!flag) { + a.input = "a"; + a.inLen = XSTRLEN(a.input); + + ret = wc_Sha512_256Update(&sha512, NULL, 0); + if (ret != 0) { + flag = ret; + } + + ret = wc_Sha512_256Update(&sha512,(byte*)a.input, 0); + if (ret != 0) { + flag = ret; + } + + ret = wc_Sha512_256Update(&sha512, (byte*)a.input, (word32)a.inLen); + if (ret != 0) { + flag = ret; + } + + ret = wc_Sha512_256Final(&sha512, hash); + if (ret != 0) { + flag = ret; + } + } + + /* Update input. */ + if (!flag) { + a.input = "abc"; + a.output = "\x53\x04\x8e\x26\x81\x94\x1e\xf9\x9b\x2e\x29\xb7\x6b\x4c" + "\x7d\xab\xe4\xc2\xd0\xc6\x34\xfc\x6d\x46\xe0\xe2\xf1\x31" + "\x07\xe7\xaf\x23"; + + a.inLen = XSTRLEN(a.input); + a.outLen = XSTRLEN(a.output); + + ret = wc_Sha512_256Update(&sha512, (byte*) a.input, (word32) a.inLen); + if (ret != 0) { + flag = ret; + } + } + + if (!flag) { + ret = wc_Sha512_256Final(&sha512, hash); + if (ret != 0) { + flag = ret; + } + } + + if (!flag) { + if (XMEMCMP(hash, a.output, WC_SHA512_256_DIGEST_SIZE) != 0) { + flag = WOLFSSL_FATAL_ERROR; + } + } + + if (!flag) { + c.input = NULL; + c.inLen = WC_SHA512_256_DIGEST_SIZE; + + ret = wc_Sha512_256Update(&sha512, (byte*)c.input, (word32)c.inLen); + if (ret != BAD_FUNC_ARG) { + flag = WOLFSSL_FATAL_ERROR; + } + } + + if (!flag) { + ret = wc_Sha512_256Update(NULL, (byte*)a.input, (word32)a.inLen); + if (ret != BAD_FUNC_ARG) { + flag = WOLFSSL_FATAL_ERROR; + } + } + + wc_Sha512_256Free(&sha512); + + /* If not returned then the unit test passed test vectors. */ + printf(resultFmt, flag == 0 ? passed : failed); +#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */ +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + return flag; + +} + +static int test_wc_Sha512_256Final (void) +{ + int flag = 0; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + printf(testingFmt, "wc_Sha512_256Final()"); + flag = test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_256, 0); + printf(resultFmt, flag == 0 ? passed : failed); +#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */ +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + return flag; +} + +static int test_wc_Sha512_256GetFlags (void) +{ + int flag = 0; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) && \ + (defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)) + wc_Sha512 sha512, copy; + word32 flags = 0; + + printf(testingFmt, "wc_Sha512_256GetFlags()"); + + /* Initialize */ + flag = wc_InitSha512_256(&sha512); + if (!flag ) { + flag = wc_InitSha512_256(©); + } + if (!flag ) { + flag = wc_Sha512_256Copy(&sha512, ©); + } + if (!flag ) { + flag = wc_Sha512_256GetFlags(©, &flags); + } + if (!flag) { + if (flags & WC_HASH_FLAG_ISCOPY) + flag = 0; + else + flag = WOLFSSL_FATAL_ERROR; + } + + wc_Sha512_256Free(&sha512); + + printf(resultFmt, flag == 0 ? passed : failed); +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + return flag; + +} + +static int test_wc_Sha512_256FinalRaw (void) +{ + int flag = 0; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ + defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + printf(testingFmt, "wc_Sha512_256FinalRaw()"); + flag = test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_256, 1); + printf(resultFmt, flag == 0 ? passed : failed); +#endif + return flag; + +} + +static int test_wc_Sha512_256Free (void) +{ + int flag = 0; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + printf(testingFmt, "wc_Sha512_256Free()"); + wc_Sha512_256Free(NULL); + + printf(resultFmt, passed); +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + return flag; + +} + +static int test_wc_Sha512_256GetHash (void) +{ + int flag = 0; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + printf(testingFmt, "wc_Sha512_256GetHash()"); + flag = test_Sha512_Family_GetHash(WC_HASH_TYPE_SHA512_256); + printf(resultFmt, flag == 0 ? passed : failed); +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + return flag; + +} +static int test_wc_Sha512_256Copy (void) +{ + int flag = 0; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + wc_Sha512 sha512; + wc_Sha512 temp; + + printf(testingFmt, "wc_Sha512_256Copy()"); + + /* Initialize */ + flag = wc_InitSha512_256(&sha512); + if (flag == 0) { + flag = wc_InitSha512_256(&temp); + } + if (flag == 0) { + flag = wc_Sha512_256Copy(&sha512, &temp); + } + /*test bad arguements*/ + if (flag == 0) { + if (wc_Sha512_256Copy(NULL, NULL) != BAD_FUNC_ARG) + flag = WOLFSSL_FATAL_ERROR; + } + if (flag == 0) { + if (wc_Sha512_256Copy(NULL, &temp) != BAD_FUNC_ARG) + flag = WOLFSSL_FATAL_ERROR; + } + if (flag == 0) { + if (wc_Sha512_256Copy(&sha512, NULL) != BAD_FUNC_ARG) + flag = WOLFSSL_FATAL_ERROR; + } + + wc_Sha512_256Free(&sha512); + wc_Sha512_256Free(&temp); + + printf(resultFmt, flag == 0 ? passed : failed); +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + return flag; + +} + + + /* * Testing wc_InitSha384() */ @@ -29269,6 +29965,12 @@ static void test_wolfSSL_EVP_Digest_all(void) #ifdef WOLFSSL_SHA512 "SHA512", #endif +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + "SHA512_224", +#endif +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + "SHA512_256", +#endif #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 "SHA3_224", @@ -48235,6 +48937,24 @@ void ApiTest(void) AssertFalse(test_wc_Sha512Free()); AssertFalse(test_wc_Sha512GetHash()); AssertFalse(test_wc_Sha512Copy()); + + AssertFalse(test_wc_InitSha512_224()); + AssertFalse(test_wc_Sha512_224Update()); + AssertFalse(test_wc_Sha512_224Final()); + AssertFalse(test_wc_Sha512_224GetFlags()); + AssertFalse(test_wc_Sha512_224FinalRaw()); + AssertFalse(test_wc_Sha512_224Free()); + AssertFalse(test_wc_Sha512_224GetHash()); + AssertFalse(test_wc_Sha512_224Copy()); + AssertFalse(test_wc_InitSha512_256()); + AssertFalse(test_wc_Sha512_256Update()); + AssertFalse(test_wc_Sha512_256Final()); + AssertFalse(test_wc_Sha512_256GetFlags()); + AssertFalse(test_wc_Sha512_256FinalRaw()); + AssertFalse(test_wc_Sha512_256Free()); + AssertFalse(test_wc_Sha512_256GetHash()); + AssertFalse(test_wc_Sha512_256Copy()); + AssertFalse(test_wc_InitSha384()); AssertFalse(test_wc_Sha384Update()); AssertFalse(test_wc_Sha384Final()); diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 3bd37d79d..8c95b4f3b 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -2390,9 +2390,19 @@ static const struct s_ent { #ifdef WOLFSSL_SHA384 {WC_HASH_TYPE_SHA384, NID_sha384, "SHA384"}, #endif /* WOLFSSL_SHA384 */ + #ifdef WOLFSSL_SHA512 {WC_HASH_TYPE_SHA512, NID_sha512, "SHA512"}, #endif /* WOLFSSL_SHA512 */ + +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + {WC_HASH_TYPE_SHA512_224, NID_sha512_224, "SHA512_224"}, +#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */ + +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + {WC_HASH_TYPE_SHA512_256, NID_sha512_256, "SHA512_256"}, +#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */ + #ifndef WOLFSSL_NOSHA3_224 {WC_HASH_TYPE_SHA3_224, NID_sha3_224, "SHA3_224"}, #endif @@ -3761,6 +3771,25 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) return EVP_get_digestbyname("SHA512"); } +#ifndef WOLFSSL_NOSHA512_224 + + const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512_224(void) + { + WOLFSSL_ENTER("EVP_sha512_224"); + return EVP_get_digestbyname("SHA512_224"); + } + +#endif /* !WOLFSSL_NOSHA512_224 */ + +#ifndef WOLFSSL_NOSHA512_224 + const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512_256(void) + { + WOLFSSL_ENTER("EVP_sha512_256"); + return EVP_get_digestbyname("SHA512_256"); + } + +#endif /* !WOLFSSL_NOSHA512_224 */ + #endif /* WOLFSSL_SHA512 */ #ifdef WOLFSSL_SHA3 @@ -3936,6 +3965,24 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) ret = NOT_COMPILED_IN; #endif /* WOLFSSL_SHA512 */ break; + case WC_HASH_TYPE_SHA512_224: + #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ + defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + ret = wc_Sha512_224Copy((wc_Sha512*)&src->hash.digest, + (wc_Sha512*)&des->hash.digest); + #else + ret = NOT_COMPILED_IN; + #endif + break; + case WC_HASH_TYPE_SHA512_256: + #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ + defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + ret = wc_Sha512_256Copy((wc_Sha512*)&src->hash.digest, + (wc_Sha512*)&des->hash.digest); + #else + ret = NOT_COMPILED_IN; + #endif + break; case WC_HASH_TYPE_SHA3_224: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) ret = wc_Sha3_224_Copy((wc_Sha3*)&src->hash.digest, @@ -4451,6 +4498,18 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) wc_Sha512Free((wc_Sha512*)&ctx->hash.digest); #endif /* WOLFSSL_SHA512 */ break; + case WC_HASH_TYPE_SHA512_224: + #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ + defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + wc_Sha512_224Free((wc_Sha512*)&ctx->hash.digest); + #endif + break; + case WC_HASH_TYPE_SHA512_256: + #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ + defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + wc_Sha512_256Free((wc_Sha512*)&ctx->hash.digest); + #endif + break; case WC_HASH_TYPE_SHA3_224: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) wc_Sha3_224_Free((wc_Sha3*)&ctx->hash.digest); @@ -6045,6 +6104,18 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) ret = wolfSSL_SHA384_Init(&(ctx->hash.digest.sha384)); } #endif + #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ + defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + else if (XSTRNCMP(md, "SHA512_224", 10) == 0) { + ret = wolfSSL_SHA512_224_Init(&(ctx->hash.digest.sha512)); + } + #endif + #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ + defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + else if (XSTRNCMP(md, "SHA512_256", 10) == 0) { + ret = wolfSSL_SHA512_256_Init(&(ctx->hash.digest.sha512)); + } + #endif #ifdef WOLFSSL_SHA512 else if (XSTRNCMP(md, "SHA512", 6) == 0) { ret = wolfSSL_SHA512_Init(&(ctx->hash.digest.sha512)); @@ -6150,6 +6221,23 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) (unsigned long)sz); #endif /* WOLFSSL_SHA512 */ break; + + case WC_HASH_TYPE_SHA512_224: + #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ + defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + ret = wolfSSL_SHA512_224_Update((SHA512_CTX*)&ctx->hash, data, + (unsigned long)sz); + #endif + break; + + case WC_HASH_TYPE_SHA512_256: + #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ + defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + ret = wolfSSL_SHA512_256_Update((SHA512_CTX*)&ctx->hash, data, + (unsigned long)sz); + #endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256*/ + break; + case WC_HASH_TYPE_SHA3_224: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) ret = wolfSSL_SHA3_224_Update((SHA3_224_CTX*)&ctx->hash, data, @@ -6241,6 +6329,20 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) if (s) *s = WC_SHA512_DIGEST_SIZE; #endif /* WOLFSSL_SHA512 */ break; + case WC_HASH_TYPE_SHA512_224: + #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ + defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + ret = wolfSSL_SHA512_224_Final(md, (SHA512_CTX*)&ctx->hash); + if (s) *s = WC_SHA512_224_DIGEST_SIZE; + #endif + break; + case WC_HASH_TYPE_SHA512_256: + #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ + defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + ret = wolfSSL_SHA512_256_Final(md, (SHA512_CTX*)&ctx->hash); + if (s) *s = WC_SHA512_256_DIGEST_SIZE; + #endif + break; case WC_HASH_TYPE_SHA3_224: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) ret = wolfSSL_SHA3_224_Final(md, (SHA3_224_CTX*)&ctx->hash); diff --git a/wolfcrypt/src/hash.c b/wolfcrypt/src/hash.c index db8217080..c34ef0528 100644 --- a/wolfcrypt/src/hash.c +++ b/wolfcrypt/src/hash.c @@ -52,6 +52,8 @@ enum Hash_Sum { SHA256h = 414, SHA384h = 415, SHA512h = 416, + SHA512_224h = 418, + SHA512_256h = 419, SHA3_224h = 420, SHA3_256h = 421, SHA3_384h = 422, @@ -103,6 +105,7 @@ enum wc_HashType wc_HashTypeConvert(int hashType) case WC_SHA512: eHashType = WC_HASH_TYPE_SHA512; break; + #endif /* WOLFSSL_SHA512 */ #ifdef WOLFSSL_SHA3 case WC_SHA3_224: @@ -175,6 +178,17 @@ int wc_HashGetOID(enum wc_HashType hash_type) oid = SHA512h; #endif break; + case WC_HASH_TYPE_SHA512_224: + #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + oid = SHA512_224h; + #endif + break; + case WC_HASH_TYPE_SHA512_256: + #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + oid = SHA512_256h; + #endif + break; + case WC_HASH_TYPE_SHA3_224: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) oid = SHA3_224h; @@ -327,6 +341,20 @@ int wc_HashGetDigestSize(enum wc_HashType hash_type) dig_size = WC_SHA512_DIGEST_SIZE; #endif break; + case WC_HASH_TYPE_SHA512_224: +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) + #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + dig_size = WC_SHA512_224_DIGEST_SIZE; + #endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + break; + case WC_HASH_TYPE_SHA512_256: +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) + #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + dig_size = WC_SHA512_256_DIGEST_SIZE; + #endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + break; case WC_HASH_TYPE_MD5_SHA: /* Old TLS Specific */ #if !defined(NO_MD5) && !defined(NO_SHA) dig_size = (int)WC_MD5_DIGEST_SIZE + (int)WC_SHA_DIGEST_SIZE; @@ -418,6 +446,20 @@ int wc_HashGetBlockSize(enum wc_HashType hash_type) block_size = WC_SHA512_BLOCK_SIZE; #endif break; + case WC_HASH_TYPE_SHA512_224: +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) + #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + block_size = WC_SHA512_224_BLOCK_SIZE; + #endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + break; + case WC_HASH_TYPE_SHA512_256: +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) + #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + block_size = WC_SHA512_256_BLOCK_SIZE; + #endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + break; case WC_HASH_TYPE_MD5_SHA: /* Old TLS Specific */ #if !defined(NO_MD5) && !defined(NO_SHA) block_size = (int)WC_MD5_BLOCK_SIZE + (int)WC_SHA_BLOCK_SIZE; @@ -513,6 +555,20 @@ int wc_Hash(enum wc_HashType hash_type, const byte* data, ret = wc_Sha512Hash(data, data_len, hash); #endif break; + case WC_HASH_TYPE_SHA512_224: +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + ret = wc_Sha512_224Hash(data, data_len, hash); +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + break; + case WC_HASH_TYPE_SHA512_256: +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + ret = wc_Sha512_256Hash(data, data_len, hash); +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + break; case WC_HASH_TYPE_MD5_SHA: #if !defined(NO_MD5) && !defined(NO_SHA) ret = wc_Md5Hash(data, data_len, hash); @@ -597,6 +653,20 @@ int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap, ret = wc_InitSha512_ex(&hash->sha512, heap, devId); #endif break; + case WC_HASH_TYPE_SHA512_224: +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + ret = wc_InitSha512_224_ex(&hash->sha512, heap, devId); +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + break; + case WC_HASH_TYPE_SHA512_256: +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + ret = wc_InitSha512_256_ex(&hash->sha512, heap, devId); +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + break; case WC_HASH_TYPE_SHA3_224: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) @@ -682,6 +752,20 @@ int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data, ret = wc_Sha512Update(&hash->sha512, data, dataSz); #endif break; + case WC_HASH_TYPE_SHA512_224: +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + ret = wc_Sha512_224Update(&hash->sha512, data, dataSz); +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + break; + case WC_HASH_TYPE_SHA512_256: +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + ret = wc_Sha512_256Update(&hash->sha512, data, dataSz); +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + break; case WC_HASH_TYPE_SHA3_224: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) @@ -758,6 +842,20 @@ int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out) ret = wc_Sha512Final(&hash->sha512, out); #endif break; + case WC_HASH_TYPE_SHA512_224: +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + ret = wc_Sha512_224Final(&hash->sha512, out); +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + break; + case WC_HASH_TYPE_SHA512_256: +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + ret = wc_Sha512_256Final(&hash->sha512, out); +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + break; case WC_HASH_TYPE_SHA3_224: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) @@ -840,6 +938,22 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type) ret = 0; #endif break; + case WC_HASH_TYPE_SHA512_224: +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + wc_Sha512_224Free(&hash->sha512); + ret = 0; +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + break; + case WC_HASH_TYPE_SHA512_256: +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + wc_Sha512_256Free(&hash->sha512); + ret = 0; +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + break; case WC_HASH_TYPE_SHA3_224: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) @@ -917,6 +1031,8 @@ int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type, word32 flags) #endif break; case WC_HASH_TYPE_SHA512: + case WC_HASH_TYPE_SHA512_224: + case WC_HASH_TYPE_SHA512_256: #ifdef WOLFSSL_SHA512 ret = wc_Sha512SetFlags(&hash->sha512, flags); #endif @@ -980,6 +1096,8 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) #endif break; case WC_HASH_TYPE_SHA512: + case WC_HASH_TYPE_SHA512_224: + case WC_HASH_TYPE_SHA512_256: #ifdef WOLFSSL_SHA512 ret = wc_Sha512GetFlags(&hash->sha512, flags); #endif @@ -1218,6 +1336,86 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) return ret; } +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#ifndef WOLFSSL_NOSHA512_224 + int wc_Sha512_224Hash(const byte* data, word32 len, byte* hash) + { + int ret = 0; + #ifdef WOLFSSL_SMALL_STACK + wc_Sha512* sha512; + #else + wc_Sha512 sha512[1]; + #endif + + #ifdef WOLFSSL_SMALL_STACK + sha512 = (wc_Sha512*)XMALLOC(sizeof(wc_Sha512), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (sha512 == NULL) + return MEMORY_E; + #endif + + if ((ret = wc_InitSha512_224(sha512)) != 0) { + WOLFSSL_MSG("wc_InitSha512_224 failed"); + } + else { + if ((ret = wc_Sha512_224Update(sha512, data, len)) != 0) { + WOLFSSL_MSG("wc_Sha512_224_Update failed"); + } + else if ((ret = wc_Sha512_224Final(sha512, hash)) != 0) { + WOLFSSL_MSG("wc_Sha512_224_Final failed"); + } + wc_Sha512_224Free(sha512); + } + + #ifdef WOLFSSL_SMALL_STACK + XFREE(sha512, NULL, DYNAMIC_TYPE_TMP_BUFFER); + #endif + + return ret; + } +#endif /* !WOLFSSL_NOSHA512_224 */ +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#ifndef WOLFSSL_NOSHA512_256 + int wc_Sha512_256Hash(const byte* data, word32 len, byte* hash) + { + int ret = 0; + #ifdef WOLFSSL_SMALL_STACK + wc_Sha512* sha512; + #else + wc_Sha512 sha512[1]; + #endif + + #ifdef WOLFSSL_SMALL_STACK + sha512 = (wc_Sha512*)XMALLOC(sizeof(wc_Sha512), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (sha512 == NULL) + return MEMORY_E; + #endif + + if ((ret = wc_InitSha512_256(sha512)) != 0) { + WOLFSSL_MSG("wc_InitSha512_256 failed"); + } + else { + if ((ret = wc_Sha512_256Update(sha512, data, len)) != 0) { + WOLFSSL_MSG("wc_Sha512_256_Update failed"); + } + else if ((ret = wc_Sha512_256Final(sha512, hash)) != 0) { + WOLFSSL_MSG("wc_Sha512_256_Final failed"); + } + wc_Sha512_256Free(sha512); + } + + #ifdef WOLFSSL_SMALL_STACK + XFREE(sha512, NULL, DYNAMIC_TYPE_TMP_BUFFER); + #endif + + return ret; + } +#endif /* !WOLFSSL_NOSHA512_256 */ +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + #endif /* WOLFSSL_SHA512 */ #if defined(WOLFSSL_SHA384) diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 985119fd1..7ed7543c4 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -1854,6 +1854,8 @@ int wc_hash2mgf(enum wc_HashType hType) case WC_HASH_TYPE_MD4: case WC_HASH_TYPE_MD5: case WC_HASH_TYPE_MD5_SHA: + case WC_HASH_TYPE_SHA512_224: + case WC_HASH_TYPE_SHA512_256: case WC_HASH_TYPE_SHA3_224: case WC_HASH_TYPE_SHA3_256: case WC_HASH_TYPE_SHA3_384: diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c index 20890e98f..7d059c774 100644 --- a/wolfcrypt/src/sha512.c +++ b/wolfcrypt/src/sha512.c @@ -239,6 +239,104 @@ static int InitSha512(wc_Sha512* sha512) return 0; } +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if !defined(WOLFSSL_NOSHA512_224) +/** + * Initialize given wc_Sha512 structure with value specific to sha512/224. + * Note that sha512/224 has different initial hash value from sha512. + * The initial hash value consists of eight 64bit words. They are given + * in FIPS180-4. + */ +static int InitSha512_224(wc_Sha512* sha512) +{ + if (sha512 == NULL) + return BAD_FUNC_ARG; + + sha512->digest[0] = W64LIT(0x8c3d37c819544da2); + sha512->digest[1] = W64LIT(0x73e1996689dcd4d6); + sha512->digest[2] = W64LIT(0x1dfab7ae32ff9c82); + sha512->digest[3] = W64LIT(0x679dd514582f9fcf); + sha512->digest[4] = W64LIT(0x0f6d2b697bd44da8); + sha512->digest[5] = W64LIT(0x77e36f7304c48942); + sha512->digest[6] = W64LIT(0x3f9d85a86a1d36c8); + sha512->digest[7] = W64LIT(0x1112e6ad91d692a1); + + sha512->buffLen = 0; + sha512->loLen = 0; + sha512->hiLen = 0; + +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + + sha512->ctx.sha_type = SHA2_512; + /* always start firstblock = 1 when using hw engine */ + sha512->ctx.isfirstblock = 1; + if(sha512->ctx.mode == ESP32_SHA_HW) { + /* release hw */ + esp_sha_hw_unlock(); + } + /* always set mode as INIT + * whether using HW or SW is determined at first call of update() + */ + sha512->ctx.mode = ESP32_SHA_INIT; +#endif +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + sha512->flags = 0; +#endif + return 0; +} +#endif /* !WOLFSSL_NOSHA512_224 */ +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if !defined(WOLFSSL_NOSHA512_256) +/** + * Initialize given wc_Sha512 structure with value specific to sha512/256. + * Note that sha512/256 has different initial hash value from sha512. + * The initial hash value consists of eight 64bit words. They are given + * in FIPS180-4. + */ +static int InitSha512_256(wc_Sha512* sha512) +{ + if (sha512 == NULL) + return BAD_FUNC_ARG; + + sha512->digest[0] = W64LIT(0x22312194fc2bf72c); + sha512->digest[1] = W64LIT(0x9f555fa3c84c64c2); + sha512->digest[2] = W64LIT(0x2393b86b6f53b151); + sha512->digest[3] = W64LIT(0x963877195940eabd); + sha512->digest[4] = W64LIT(0x96283ee2a88effe3); + sha512->digest[5] = W64LIT(0xbe5e1e2553863992); + sha512->digest[6] = W64LIT(0x2b0199fc2c85b8aa); + sha512->digest[7] = W64LIT(0x0eb72ddc81c52ca2); + + sha512->buffLen = 0; + sha512->loLen = 0; + sha512->hiLen = 0; + +#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ + !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) + + sha512->ctx.sha_type = SHA2_512; + /* always start firstblock = 1 when using hw engine */ + sha512->ctx.isfirstblock = 1; + if(sha512->ctx.mode == ESP32_SHA_HW) { + /* release hw */ + esp_sha_hw_unlock(); + } + /* always set mode as INIT + * whether using HW or SW is determined at first call of update() + */ + sha512->ctx.mode = ESP32_SHA_INIT; +#endif +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + sha512->flags = 0; +#endif + return 0; +} +#endif /* !WOLFSSL_NOSHA512_256 */ +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + #endif /* WOLFSSL_SHA512 */ /* Hardware Acceleration */ @@ -423,9 +521,10 @@ static int InitSha512(wc_Sha512* sha512) #ifdef WOLFSSL_SHA512 -int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId) +static int InitSha512_Family(wc_Sha512* sha512, void* heap, int devId, + enum wc_HashType type) { - int ret = 0; + int ret = 0; if (sha512 == NULL) return BAD_FUNC_ARG; @@ -439,7 +538,24 @@ int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId) sha512->devCtx = NULL; #endif - ret = InitSha512(sha512); + if (type == WC_HASH_TYPE_SHA512) { + ret = InitSha512(sha512); + } +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if !defined(WOLFSSL_NOSHA512_224) + else if (type == WC_HASH_TYPE_SHA512_224) { + ret = InitSha512_224(sha512); + } +#endif +#if !defined(WOLFSSL_NOSHA512_256) + else if (type == WC_HASH_TYPE_SHA512_256) { + ret = InitSha512_256(sha512); + } +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + else + ret = BAD_FUNC_ARG; + if (ret != 0) return ret; @@ -455,9 +571,32 @@ int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId) (void)devId; #endif /* WOLFSSL_ASYNC_CRYPT */ - return ret; + return ret; } +int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId) +{ + return InitSha512_Family(sha512, heap, devId, WC_HASH_TYPE_SHA512); +} + +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if !defined(WOLFSSL_NOSHA512_224) +int wc_InitSha512_224_ex(wc_Sha512* sha512, void* heap, int devId) +{ + return InitSha512_Family(sha512, heap, devId, WC_HASH_TYPE_SHA512_224); +} +#endif /* !WOLFSSL_NOSHA512_224 */ +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if !defined(WOLFSSL_NOSHA512_256) +int wc_InitSha512_256_ex(wc_Sha512* sha512, void* heap, int devId) +{ + return InitSha512_Family(sha512, heap, devId, WC_HASH_TYPE_SHA512_256); +} +#endif /* !WOLFSSL_NOSHA512_256 */ +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + #endif /* WOLFSSL_SHA512 */ @@ -895,13 +1034,40 @@ int wc_Sha512FinalRaw(wc_Sha512* sha512, byte* hash) return 0; } -int wc_Sha512Final(wc_Sha512* sha512, byte* hash) +static int Sha512_Family_Final(wc_Sha512* sha512, byte* hash, + enum wc_HashType type) { int ret; + int digestSz; + int (*initfp)(wc_Sha512*); + + (void)initfp; if (sha512 == NULL || hash == NULL) { return BAD_FUNC_ARG; } + + if (type == WC_HASH_TYPE_SHA512) { + initfp = InitSha512; + digestSz = WC_SHA512_DIGEST_SIZE; + } +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if !defined(WOLFSSL_NOSHA512_224) + else if (type == WC_HASH_TYPE_SHA512_224) { + initfp = InitSha512_224; + digestSz = WC_SHA512_224_DIGEST_SIZE; + } +#endif +#if !defined(WOLFSSL_NOSHA512_256) + else if (type == WC_HASH_TYPE_SHA512_256) { + initfp = InitSha512_256; + digestSz = WC_SHA512_256_DIGEST_SIZE; + } +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + else + return BAD_FUNC_ARG; + #ifdef WOLF_CRYPTO_CB if (sha512->devId != INVALID_DEVID) { ret = wc_CryptoCb_Sha512Hash(sha512, NULL, 0, hash); @@ -913,8 +1079,7 @@ int wc_Sha512Final(wc_Sha512* sha512, byte* hash) #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA512) if (sha512->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA512) { #if defined(HAVE_INTEL_QA) - return IntelQaSymSha512(&sha512->asyncDev, hash, NULL, - WC_SHA512_DIGEST_SIZE); + return IntelQaSymSha512(&sha512->asyncDev, hash, NULL, digestSz); #endif } #endif /* WOLFSSL_ASYNC_CRYPT */ @@ -923,9 +1088,18 @@ int wc_Sha512Final(wc_Sha512* sha512, byte* hash) if (ret != 0) return ret; - XMEMCPY(hash, sha512->digest, WC_SHA512_DIGEST_SIZE); + XMEMCPY(hash, sha512->digest, digestSz); - return InitSha512(sha512); /* reset state */ + /* initialize Sha512 structure for the next use */ + if (initfp != NULL) { + ret = initfp(sha512); + } + return ret; +} + +int wc_Sha512Final(wc_Sha512* sha512, byte* hash) +{ + return Sha512_Family_Final(sha512, hash, WC_HASH_TYPE_SHA512); } int wc_InitSha512(wc_Sha512* sha512) @@ -1208,14 +1382,34 @@ void wc_Sha384Free(wc_Sha384* sha384) #ifdef WOLFSSL_SHA512 -int wc_Sha512GetHash(wc_Sha512* sha512, byte* hash) +static int Sha512_Family_GetHash(wc_Sha512* sha512, byte* hash, + enum wc_HashType type ) { + int (*finalfp)(wc_Sha512*, byte*); int ret; wc_Sha512 tmpSha512; if (sha512 == NULL || hash == NULL) return BAD_FUNC_ARG; + if (type == WC_HASH_TYPE_SHA512) + finalfp = wc_Sha512Final; +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if !defined(WOLFSSL_NOSHA512_224) + else if (type == WC_HASH_TYPE_SHA512_224) + finalfp = wc_Sha512_224Final; +#endif +#if !defined(WOLFSSL_NOSHA512_256) + else if (type == WC_HASH_TYPE_SHA512_256) + finalfp = wc_Sha512_256Final; +#endif +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + else + finalfp = NULL; + + if (finalfp == NULL) + return BAD_FUNC_ARG; + #if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) if(sha512->ctx.mode == ESP32_SHA_INIT) { @@ -1227,7 +1421,7 @@ int wc_Sha512GetHash(wc_Sha512* sha512, byte* hash) ret = wc_Sha512Copy(sha512, &tmpSha512); if (ret == 0) { - ret = wc_Sha512Final(&tmpSha512, hash); + ret = finalfp(&tmpSha512, hash); #if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \ !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) sha512->ctx.mode = ESP32_SHA_SW;; @@ -1237,6 +1431,11 @@ int wc_Sha512GetHash(wc_Sha512* sha512, byte* hash) return ret; } +int wc_Sha512GetHash(wc_Sha512* sha512, byte* hash) +{ + return Sha512_Family_GetHash(sha512, hash, WC_HASH_TYPE_SHA512); +} + int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst) { int ret = 0; @@ -1285,7 +1484,110 @@ int wc_Sha512GetFlags(wc_Sha512* sha512, word32* flags) } return 0; } -#endif +#endif /* WOLFSSL_HASH_FLAGS || WOLF_CRYPTO_CB */ + +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) + +#if !defined(WOLFSSL_NOSHA512_224) +int wc_InitSha512_224(wc_Sha512* sha) +{ + return wc_InitSha512_224_ex(sha, NULL, INVALID_DEVID); +} +int wc_Sha512_224Update(wc_Sha512* sha, const byte* data, word32 len) +{ + return wc_Sha512Update(sha, data, len); +} +int wc_Sha512_224FinalRaw(wc_Sha512* sha, byte* hash) +{ + return wc_Sha512FinalRaw(sha, hash); +} +int wc_Sha512_224Final(wc_Sha512* sha512, byte* hash) +{ + return Sha512_Family_Final(sha512, hash, WC_HASH_TYPE_SHA512_224); +} +void wc_Sha512_224Free(wc_Sha512* sha) +{ + wc_Sha512Free(sha); +} +int wc_Sha512_224GetHash(wc_Sha512* sha512, byte* hash) +{ + return Sha512_Family_GetHash(sha512, hash, WC_HASH_TYPE_SHA512_224); +} +int wc_Sha512_224Copy(wc_Sha512* src, wc_Sha512* dst) +{ + return wc_Sha512Copy(src, dst); +} + +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) +int wc_Sha512_224SetFlags(wc_Sha512* sha, word32 flags) +{ + return wc_Sha512SetFlags(sha, flags); +} +int wc_Sha512_224GetFlags(wc_Sha512* sha, word32* flags) +{ + return wc_Sha512GetFlags(sha, flags); +} +#endif /* WOLFSSL_HASH_FLAGS || WOLF_CRYPTO_CB */ + +#if defined(OPENSSL_EXTRA) +int wc_Sha512_224Transform(wc_Sha512* sha, const unsigned char* data) +{ + return wc_Sha512Transform(sha, data); +} +#endif /* OPENSSL_EXTRA */ + +#endif /* !WOLFSSL_NOSHA512_224 */ + +#if !defined(WOLFSSL_NOSHA512_256) +int wc_InitSha512_256(wc_Sha512* sha) +{ + return wc_InitSha512_256_ex(sha, NULL, INVALID_DEVID); +} +int wc_Sha512_256Update(wc_Sha512* sha, const byte* data, word32 len) +{ + return wc_Sha512Update(sha, data, len); +} +int wc_Sha512_256FinalRaw(wc_Sha512* sha, byte* hash) +{ + return wc_Sha512FinalRaw(sha, hash); +} +int wc_Sha512_256Final(wc_Sha512* sha512, byte* hash) +{ + return Sha512_Family_Final(sha512, hash, WC_HASH_TYPE_SHA512_256); +} +void wc_Sha512_256Free(wc_Sha512* sha) +{ + wc_Sha512Free(sha); +} +int wc_Sha512_256GetHash(wc_Sha512* sha512, byte* hash) +{ + return Sha512_Family_GetHash(sha512, hash, WC_HASH_TYPE_SHA512_256); +} +int wc_Sha512_256Copy(wc_Sha512* src, wc_Sha512* dst) +{ + return wc_Sha512Copy(src, dst); +} + +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) +int wc_Sha512_256SetFlags(wc_Sha512* sha, word32 flags) +{ + return wc_Sha512SetFlags(sha, flags); +} +int wc_Sha512_256GetFlags(wc_Sha512* sha, word32* flags) +{ + return wc_Sha512GetFlags(sha, flags); +} +#endif /* WOLFSSL_HASH_FLAGS || WOLF_CRYPTO_CB */ + +#if defined(OPENSSL_EXTRA) +int wc_Sha512_256Transform(wc_Sha512* sha, const unsigned char* data) +{ + return wc_Sha512Transform(sha, data); +} +#endif /* OPENSSL_EXTRA */ + +#endif /* !WOLFSSL_NOSHA512_224 */ +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ #endif /* WOLFSSL_SHA512 */ diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index fa26ff740..d5469c451 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -18464,6 +18464,55 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void) } #endif /* WOLFSSL_SHA512 */ +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) + f.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" + "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + f.output = "\x23\xfe\xc5\xbb\x94\xd6\x0b\x23\x30\x81\x92\x64\x0b\x0c\x45" + "\x33\x35\xd6\x64\x73\x4f\xe4\x0e\x72\x68\x67\x4a\xf9"; + f.inLen = XSTRLEN(f.input); + f.outLen = WC_SHA512_224_DIGEST_SIZE; + + EVP_MD_CTX_init(&md_ctx); + ret = EVP_DigestInit(&md_ctx, EVP_sha512_224()); + if (ret == WOLFSSL_SUCCESS) { + ret = EVP_DigestUpdate(&md_ctx, f.input, (unsigned long)f.inLen); + if (ret == WOLFSSL_SUCCESS) + ret = EVP_DigestFinal(&md_ctx, hash, 0); + } + EVP_MD_CTX_cleanup(&md_ctx); + if (ret != WOLFSSL_SUCCESS || + XMEMCMP(hash, f.output, WC_SHA512_224_DIGEST_SIZE) != 0) { + return -8722; + } +#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */ +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + +#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) +#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) + f.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" + "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + f.output = "\x39\x28\xe1\x84\xfb\x86\x90\xf8\x40\xda\x39\x88\x12\x1d\x31" + "\xbe\x65\xcb\x9d\x3e\xf8\x3e\xe6\x14\x6f\xea\xc8\x61\xe1\x9b" + "\x56\x3a"; + f.inLen = XSTRLEN(f.input); + f.outLen = WC_SHA512_256_DIGEST_SIZE; + + EVP_MD_CTX_init(&md_ctx); + ret = EVP_DigestInit(&md_ctx, EVP_sha512_256()); + if (ret == WOLFSSL_SUCCESS) { + ret = EVP_DigestUpdate(&md_ctx, f.input, (unsigned long)f.inLen); + if (ret == WOLFSSL_SUCCESS) + ret = EVP_DigestFinal(&md_ctx, hash, 0); + } + EVP_MD_CTX_cleanup(&md_ctx); + if (ret != WOLFSSL_SUCCESS || + XMEMCMP(hash, f.output, WC_SHA512_256_DIGEST_SIZE) != 0) { + return -8723; + } +#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */ +#endif /* !HAVE_FIPS && !HAVE_SELFTEST */ + #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 e.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" diff --git a/wolfssl/openssl/evp.h b/wolfssl/openssl/evp.h index a37391521..3e71e4283 100644 --- a/wolfssl/openssl/evp.h +++ b/wolfssl/openssl/evp.h @@ -92,9 +92,11 @@ WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha224(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha256(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha384(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512(void); -WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_ripemd160(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_shake128(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_shake256(void); +WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_EVP_sha512_224(void); +WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_EVP_sha512_256(void); +WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_EVP_ripemd160(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_224(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_256(void); @@ -776,6 +778,8 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX; #define EVP_sha256 wolfSSL_EVP_sha256 #define EVP_sha384 wolfSSL_EVP_sha384 #define EVP_sha512 wolfSSL_EVP_sha512 +#define EVP_sha512_224 wolfSSL_EVP_sha512_224 +#define EVP_sha512_256 wolfSSL_EVP_sha512_256 #define EVP_ripemd160 wolfSSL_EVP_ripemd160 #define EVP_shake128 wolfSSL_EVP_shake128 #define EVP_shake256 wolfSSL_EVP_shake256 diff --git a/wolfssl/openssl/sha.h b/wolfssl/openssl/sha.h index d7078d4f8..9e717d1ca 100644 --- a/wolfssl/openssl/sha.h +++ b/wolfssl/openssl/sha.h @@ -212,6 +212,51 @@ typedef WOLFSSL_SHA512_CTX SHA512_CTX; * build. */ #define SHA512 wolfSSL_SHA512 #endif + +#if !defined(WOLFSSL_NOSHA512_224) +typedef struct WOLFSSL_SHA512_CTX WOLFSSL_SHA512_224_CTX; +typedef WOLFSSL_SHA512_224_CTX SHA512_224_CTX; + +WOLFSSL_API int wolfSSL_SHA512_224_Init(WOLFSSL_SHA512_CTX*); +WOLFSSL_API int wolfSSL_SHA512_224_Update(WOLFSSL_SHA512_CTX*, const void*, + unsigned long); +WOLFSSL_API int wolfSSL_SHA512_224_Final(unsigned char*, WOLFSSL_SHA512_CTX*); +WOLFSSL_API int wolfSSL_SHA512_224_Transform(WOLFSSL_SHA512_CTX*, + const unsigned char*); + + +#define SHA512_224_Init wolfSSL_SHA512_224_Init +#define SHA512_224_Update wolfSSL_SHA512_224_Update +#define SHA512_224_Final wolfSSL_SHA512_224_Final +#define SHA512_224_Transform wolfSSL_SHA512_224_Transform + +#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) + #define SHA512_224 wolfSSL_SHA512_224 +#endif +#endif /* !WOLFSSL_NOSHA512_224 */ + +#if !defined(WOLFSSL_NOSHA512_256) +typedef struct WOLFSSL_SHA512_CTX WOLFSSL_SHA512_256_CTX; +typedef WOLFSSL_SHA512_256_CTX SHA512_256_CTX; + +WOLFSSL_API int wolfSSL_SHA512_256_Init(WOLFSSL_SHA512_CTX*); +WOLFSSL_API int wolfSSL_SHA512_256_Update(WOLFSSL_SHA512_CTX*, const void*, + unsigned long); +WOLFSSL_API int wolfSSL_SHA512_256_Final(unsigned char*, WOLFSSL_SHA512_CTX*); +WOLFSSL_API int wolfSSL_SHA512_256_Transform(WOLFSSL_SHA512_CTX*, + const unsigned char*); + +#define SHA512_256_Init wolfSSL_SHA512_256_Init +#define SHA512_256_Update wolfSSL_SHA512_256_Update +#define SHA512_256_Final wolfSSL_SHA512_256_Final +#define SHA512_256_Transform wolfSSL_SHA512_256_Transform + +#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) + #define SHA512_256 wolfSSL_SHA512_256 +#endif +#endif /* !WOLFSSL_NOSHA512_256 */ + + #endif /* WOLFSSL_SHA512 */ diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index 333e8f66c..d025bce4d 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -675,6 +675,8 @@ enum NID_sha256 = 672, NID_sha384 = 673, NID_sha512 = 674, + NID_sha512_224 = 1094, + NID_sha512_256 = 1095, NID_pkcs9_challengePassword = 54, NID_hw_name_oid = 73, NID_id_pkix_OCSP_basic = 74, @@ -923,6 +925,8 @@ enum Hash_Sum { SHA256h = 414, SHA384h = 415, SHA512h = 416, + SHA512_224h = 418, + SHA512_256h = 419, SHA3_224h = 420, SHA3_256h = 421, SHA3_384h = 422, diff --git a/wolfssl/wolfcrypt/hash.h b/wolfssl/wolfcrypt/hash.h index 0c6bc772f..0144eeab5 100644 --- a/wolfssl/wolfcrypt/hash.h +++ b/wolfssl/wolfcrypt/hash.h @@ -205,6 +205,8 @@ WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*); #ifdef WOLFSSL_SHA512 #include WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*); +WOLFSSL_API int wc_Sha512_224Hash(const byte*, word32, byte*); +WOLFSSL_API int wc_Sha512_256Hash(const byte*, word32, byte*); #endif /* WOLFSSL_SHA512 */ #ifdef WOLFSSL_SHA3 diff --git a/wolfssl/wolfcrypt/hmac.h b/wolfssl/wolfcrypt/hmac.h index a8d12a7ab..67b3bf843 100644 --- a/wolfssl/wolfcrypt/hmac.h +++ b/wolfssl/wolfcrypt/hmac.h @@ -80,6 +80,8 @@ enum { #endif #ifndef WOLFSSL_SHA512 WC_SHA512 = WC_HASH_TYPE_SHA512, + WC_SHA512_224 = WC_HASH_TYPE_SHA512_224, + WC_SHA512_256 = WC_HASH_TYPE_SHA512_256, #endif #ifndef WOLFSSL_SHA384 WC_SHA384 = WC_HASH_TYPE_SHA384, diff --git a/wolfssl/wolfcrypt/sha512.h b/wolfssl/wolfcrypt/sha512.h index 81da52ebb..7d9374923 100644 --- a/wolfssl/wolfcrypt/sha512.h +++ b/wolfssl/wolfcrypt/sha512.h @@ -45,6 +45,8 @@ #define WC_SHA512_BLOCK_SIZE SHA512_BLOCK_SIZE #define WC_SHA512_DIGEST_SIZE SHA512_DIGEST_SIZE #define WC_SHA512_PAD_SIZE SHA512_PAD_SIZE + #define wc_Sha512_224 Sha512_224 + #define wc_Sha512_256 Sha512_256 #endif /* WOLFSSL_SHA512 */ #ifdef WOLFSSL_SHA384 #define wc_Sha384 Sha384 @@ -113,10 +115,20 @@ enum { #ifdef WOLFSSL_SHA512 WC_SHA512 = WC_HASH_TYPE_SHA512, + WC_SHA512_224 = WC_HASH_TYPE_SHA512_224, + WC_SHA512_256 = WC_HASH_TYPE_SHA512_256, #endif WC_SHA512_BLOCK_SIZE = 128, WC_SHA512_DIGEST_SIZE = 64, - WC_SHA512_PAD_SIZE = 112 + WC_SHA512_PAD_SIZE = 112, + + WC_SHA512_224_BLOCK_SIZE = WC_SHA512_BLOCK_SIZE, + WC_SHA512_224_DIGEST_SIZE = 28, + WC_SHA512_224_PAD_SIZE = WC_SHA512_PAD_SIZE, + + WC_SHA512_256_BLOCK_SIZE = WC_SHA512_BLOCK_SIZE, + WC_SHA512_256_DIGEST_SIZE = 32, + WC_SHA512_256_PAD_SIZE = WC_SHA512_PAD_SIZE, }; @@ -162,11 +174,15 @@ struct wc_Sha512 { #endif /* WOLFSSL_PSOC6_CRYPTO */ }; + #ifndef WC_SHA512_TYPE_DEFINED typedef struct wc_Sha512 wc_Sha512; - #define WC_SHA512_TYPE_DEFINED -#endif + typedef struct wc_Sha512 wc_Sha512_224; + typedef struct wc_Sha512 wc_Sha512_256; + +#define WC_SHA512_TYPE_DEFINED #endif +#endif /* WOLFSSL_IMX6_CAAM && !WOLFSSL_QNX_CAAM */ #endif /* HAVE_FIPS */ @@ -196,6 +212,49 @@ WOLFSSL_API int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst); #if defined(OPENSSL_EXTRA) WOLFSSL_API int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data); #endif + +#if !defined(WOLFSSL_NOSHA512_224) +WOLFSSL_API int wc_InitSha512_224(wc_Sha512*); +WOLFSSL_API int wc_InitSha512_224_ex(wc_Sha512*, void*, int); +WOLFSSL_API int wc_Sha512_224Update(wc_Sha512*, const byte*, word32); +WOLFSSL_API int wc_Sha512_224FinalRaw(wc_Sha512*, byte*); +WOLFSSL_API int wc_Sha512_224Final(wc_Sha512*, byte*); +WOLFSSL_API void wc_Sha512_224Free(wc_Sha512*); +WOLFSSL_API int wc_Sha512_224GetHash(wc_Sha512*, byte*); +WOLFSSL_API int wc_Sha512_224Copy(wc_Sha512* src, wc_Sha512* dst); +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + WOLFSSL_API int wc_Sha512_224SetFlags(wc_Sha512* sha512, word32 flags); + WOLFSSL_API int wc_Sha512_224GetFlags(wc_Sha512* sha512, word32* flags); +#endif + +#if defined(OPENSSL_EXTRA) +WOLFSSL_API int wc_Sha512_224Transform(wc_Sha512* sha, + const unsigned char* data); +#endif +#endif /* !WOLFSSL_NOSHA512_224 */ + +#if !defined(WOLFSSL_NOSHA512_256) +WOLFSSL_API int wc_InitSha512_256(wc_Sha512*); +WOLFSSL_API int wc_InitSha512_256_ex(wc_Sha512*, void*, int); +WOLFSSL_API int wc_Sha512_256Update(wc_Sha512*, const byte*, word32); +WOLFSSL_API int wc_Sha512_256FinalRaw(wc_Sha512*, byte*); +WOLFSSL_API int wc_Sha512_256Final(wc_Sha512*, byte*); +WOLFSSL_API void wc_Sha512_256Free(wc_Sha512*); +WOLFSSL_API int wc_Sha512_256GetHash(wc_Sha512*, byte*); +WOLFSSL_API int wc_Sha512_256Copy(wc_Sha512* src, wc_Sha512* dst); +#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB) + WOLFSSL_API int wc_Sha512_256SetFlags(wc_Sha512* sha512, word32 flags); + WOLFSSL_API int wc_Sha512_256GetFlags(wc_Sha512* sha512, word32* flags); +#endif + +#if defined(OPENSSL_EXTRA) +WOLFSSL_API int wc_Sha512_256Transform(wc_Sha512* sha, + const unsigned char* data); +#endif +#endif /* !WOLFSSL_NOSHA512_256 */ + + + #endif /* WOLFSSL_SHA512 */ #if defined(WOLFSSL_SHA384) diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index 893d019b5..e0e12c196 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -867,8 +867,11 @@ decouple library dependencies with standard string, memory and so on. WC_HASH_TYPE_SHA3_512 = 13, WC_HASH_TYPE_BLAKE2B = 14, WC_HASH_TYPE_BLAKE2S = 19, + WC_HASH_TYPE_SHA512_224 = 20, + WC_HASH_TYPE_SHA512_256 = 21, WC_HASH_TYPE_SHAKE128 = 22, WC_HASH_TYPE_SHAKE256 = 23, + WC_HASH_TYPE_MAX = WC_HASH_TYPE_SHAKE256 #else WC_HASH_TYPE_NONE = 0, @@ -887,9 +890,13 @@ decouple library dependencies with standard string, memory and so on. WC_HASH_TYPE_SHA3_512 = 13, WC_HASH_TYPE_BLAKE2B = 14, WC_HASH_TYPE_BLAKE2S = 15, + WC_HASH_TYPE_SHA512_224 = 16, + WC_HASH_TYPE_SHA512_256 = 17, WC_HASH_TYPE_SHAKE128 = 18, WC_HASH_TYPE_SHAKE256 = 19, + WC_HASH_TYPE_MAX = WC_HASH_TYPE_SHAKE256 + #endif /* HAVE_SELFTEST */ };