diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 2291c1405..e0d471e28 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -2721,7 +2721,11 @@ static int ConfirmSignature(const byte* buf, word32 bufSz, case CTC_SHA384wECDSA: { Sha384 sha384; - InitSha384(&sha384); + ret = InitSha384(&sha384); + if (ret != 0) { + CYASSL_MSG("InitSha384 failed"); + return 0; /* not confirmed */ + } Sha384Update(&sha384, buf, bufSz); Sha384Final(&sha384, digest); typeH = SHA384h; diff --git a/ctaocrypt/src/hmac.c b/ctaocrypt/src/hmac.c index 113061c58..f4ffd5541 100644 --- a/ctaocrypt/src/hmac.c +++ b/ctaocrypt/src/hmac.c @@ -86,7 +86,7 @@ static int InitHmac(Hmac* hmac, int type) #ifdef CYASSL_SHA384 case SHA384: - InitSha384(&hmac->hash.sha384); + ret = InitSha384(&hmac->hash.sha384); break; #endif diff --git a/ctaocrypt/src/sha512.c b/ctaocrypt/src/sha512.c index a1759f53b..125337229 100644 --- a/ctaocrypt/src/sha512.c +++ b/ctaocrypt/src/sha512.c @@ -271,7 +271,7 @@ int Sha512Final(Sha512* sha512, byte* hash) #ifdef CYASSL_SHA384 -void InitSha384(Sha384* sha384) +int InitSha384(Sha384* sha384) { sha384->digest[0] = W64LIT(0xcbbb9d5dc1059ed8); sha384->digest[1] = W64LIT(0x629a292a367cd507); @@ -285,6 +285,8 @@ void InitSha384(Sha384* sha384) sha384->buffLen = 0; sha384->loLen = 0; sha384->hiLen = 0; + + return 0; } @@ -343,7 +345,7 @@ static INLINE void AddLength384(Sha384* sha384, word32 len) } -void Sha384Update(Sha384* sha384, const byte* data, word32 len) +int Sha384Update(Sha384* sha384, const byte* data, word32 len) { /* do block size increments */ byte* local = (byte*)sha384->buffer; @@ -366,10 +368,11 @@ void Sha384Update(Sha384* sha384, const byte* data, word32 len) sha384->buffLen = 0; } } + return 0; } -void Sha384Final(Sha384* sha384, byte* hash) +int Sha384Final(Sha384* sha384, byte* hash) { byte* local = (byte*)sha384->buffer; @@ -409,7 +412,7 @@ void Sha384Final(Sha384* sha384, byte* hash) #endif XMEMCPY(hash, sha384->digest, SHA384_DIGEST_SIZE); - InitSha384(sha384); /* reset state */ + return InitSha384(sha384); /* reset state */ } #endif /* CYASSL_SHA384 */ diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index d4bc3411d..734cdf868 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -1041,6 +1041,7 @@ int sha384_test(void) { Sha384 sha; byte hash[SHA384_DIGEST_SIZE]; + int ret; testVector a, b; testVector test_sha[2]; @@ -1066,7 +1067,9 @@ int sha384_test(void) test_sha[0] = a; test_sha[1] = b; - InitSha384(&sha); + ret = InitSha384(&sha); + if (ret != 0) + return -4010; for (i = 0; i < times; ++i) { Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); diff --git a/cyassl/ctaocrypt/sha512.h b/cyassl/ctaocrypt/sha512.h index bf88e4ceb..de6afa0cb 100644 --- a/cyassl/ctaocrypt/sha512.h +++ b/cyassl/ctaocrypt/sha512.h @@ -77,9 +77,9 @@ typedef struct Sha384 { } Sha384; -CYASSL_API void InitSha384(Sha384*); -CYASSL_API void Sha384Update(Sha384*, const byte*, word32); -CYASSL_API void Sha384Final(Sha384*, byte*); +CYASSL_API int InitSha384(Sha384*); +CYASSL_API int Sha384Update(Sha384*, const byte*, word32); +CYASSL_API int Sha384Final(Sha384*, byte*); #ifdef HAVE_FIPS @@ -94,6 +94,17 @@ CYASSL_API void Sha384Final(Sha384*, byte*); #define Sha512Final Sha512Final_fips #endif /* FIPS_NO_WRAPPERS */ + /* fips wrapper calls, user can call direct */ + CYASSL_API int InitSha384_fips(Sha384*); + CYASSL_API int Sha384Update_fips(Sha384*, const byte*, word32); + CYASSL_API int Sha384Final_fips(Sha384*, byte*); + #ifndef FIPS_NO_WRAPPERS + /* if not impl or fips.c impl wrapper force fips calls if fips build */ + #define InitSha384 InitSha384_fips + #define Sha384Update Sha384Update_fips + #define Sha384Final Sha384Final_fips + #endif /* FIPS_NO_WRAPPERS */ + #endif /* HAVE_FIPS */ diff --git a/mcapi/crypto.c b/mcapi/crypto.c index 64a719a57..cc7d5bb3c 100644 --- a/mcapi/crypto.c +++ b/mcapi/crypto.c @@ -102,9 +102,7 @@ int CRYPT_SHA_DataAdd(CRYPT_SHA_CTX* sha, const unsigned char* input, if (sha == NULL || input == NULL) return BAD_FUNC_ARG; - ShaUpdate((Sha*)sha, input, sz); - - return 0; + return ShaUpdate((Sha*)sha, input, sz); } @@ -114,9 +112,7 @@ int CRYPT_SHA_Finalize(CRYPT_SHA_CTX* sha, unsigned char* digest) if (sha == NULL || digest == NULL) return BAD_FUNC_ARG; - ShaFinal((Sha*)sha, digest); - - return 0; + return ShaFinal((Sha*)sha, digest); } @@ -140,9 +136,7 @@ int CRYPT_SHA256_DataAdd(CRYPT_SHA256_CTX* sha256, const unsigned char* input, if (sha256 == NULL || input == NULL) return BAD_FUNC_ARG; - Sha256Update((Sha256*)sha256, input, sz); - - return 0; + return Sha256Update((Sha256*)sha256, input, sz); } @@ -152,9 +146,7 @@ int CRYPT_SHA256_Finalize(CRYPT_SHA256_CTX* sha256, unsigned char* digest) if (sha256 == NULL || digest == NULL) return BAD_FUNC_ARG; - Sha256Final((Sha256*)sha256, digest); - - return 0; + return Sha256Final((Sha256*)sha256, digest); } @@ -167,9 +159,7 @@ int CRYPT_SHA384_Initialize(CRYPT_SHA384_CTX* sha384) if (sha384 == NULL) return BAD_FUNC_ARG; - InitSha384((Sha384*)sha384); - - return 0; + return InitSha384((Sha384*)sha384); } @@ -180,9 +170,7 @@ int CRYPT_SHA384_DataAdd(CRYPT_SHA384_CTX* sha384, const unsigned char* input, if (sha384 == NULL || input == NULL) return BAD_FUNC_ARG; - Sha384Update((Sha384*)sha384, input, sz); - - return 0; + return Sha384Update((Sha384*)sha384, input, sz); } @@ -192,9 +180,7 @@ int CRYPT_SHA384_Finalize(CRYPT_SHA384_CTX* sha384, unsigned char* digest) if (sha384 == NULL || digest == NULL) return BAD_FUNC_ARG; - Sha384Final((Sha384*)sha384, digest); - - return 0; + return Sha384Final((Sha384*)sha384, digest); } @@ -218,9 +204,7 @@ int CRYPT_SHA512_DataAdd(CRYPT_SHA512_CTX* sha512, const unsigned char* input, if (sha512 == NULL || input == NULL) return BAD_FUNC_ARG; - Sha512Update((Sha512*)sha512, input, sz); - - return 0; + return Sha512Update((Sha512*)sha512, input, sz); } @@ -230,9 +214,7 @@ int CRYPT_SHA512_Finalize(CRYPT_SHA512_CTX* sha512, unsigned char* digest) if (sha512 == NULL || digest == NULL) return BAD_FUNC_ARG; - Sha512Final((Sha512*)sha512, digest); - - return 0; + return Sha512Final((Sha512*)sha512, digest); } diff --git a/mcapi/mcapi_test.c b/mcapi/mcapi_test.c index 597083b9c..2aad4c222 100644 --- a/mcapi/mcapi_test.c +++ b/mcapi/mcapi_test.c @@ -304,11 +304,16 @@ static int check_sha384(void) { CRYPT_SHA384_CTX mcSha384; Sha384 defSha384; + int ret; byte mcDigest[CRYPT_SHA384_DIGEST_SIZE]; byte defDigest[SHA384_DIGEST_SIZE]; CRYPT_SHA384_Initialize(&mcSha384); - InitSha384(&defSha384); + ret = InitSha384(&defSha384); + if (ret != 0) { + printf("sha384 init default failed\n"); + return -1; + } CRYPT_SHA384_DataAdd(&mcSha384, ourData, OUR_DATA_SIZE); Sha384Update(&defSha384, ourData, OUR_DATA_SIZE); @@ -331,6 +336,7 @@ static int check_sha512(void) { CRYPT_SHA512_CTX mcSha512; Sha512 defSha512; + int ret; byte mcDigest[CRYPT_SHA512_DIGEST_SIZE]; byte defDigest[SHA512_DIGEST_SIZE]; diff --git a/src/internal.c b/src/internal.c index 92d8a30dd..a746fbadb 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1457,7 +1457,10 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) } #endif #ifdef CYASSL_SHA384 - InitSha384(&ssl->hashSha384); + ret = InitSha384(&ssl->hashSha384); + if (ret != 0) { + return ret; + } #endif #ifndef NO_RSA ssl->peerRsaKey = NULL; @@ -4470,7 +4473,7 @@ static INLINE void Sha384Rounds(int rounds, const byte* data, int sz) Sha384 sha384; int i; - InitSha384(&sha384); + InitSha384(&sha384); /* no error check on purpose, dummy round */ for (i = 0; i < rounds; i++) Sha384Update(&sha384, data, sz); @@ -8026,7 +8029,9 @@ static void PickHashSigAlgo(CYASSL* ssl, #endif #ifdef CYASSL_SHA384 - InitSha384(&sha384); + ret = InitSha384(&sha384); + if (ret != 0) + return ret; Sha384Update(&sha384, ssl->arrays->clientRandom, RAN_LEN); Sha384Update(&sha384, ssl->arrays->serverRandom, RAN_LEN); Sha384Update(&sha384, messageVerify, verifySz); @@ -9076,7 +9081,9 @@ static void PickHashSigAlgo(CYASSL* ssl, #endif #ifdef CYASSL_SHA384 - InitSha384(&sha384); + ret = InitSha384(&sha384); + if (ret != 0) + return ret; Sha384Update(&sha384, ssl->arrays->clientRandom, RAN_LEN); Sha384Update(&sha384, ssl->arrays->serverRandom, RAN_LEN); Sha384Update(&sha384, output + preSigIdx, preSigSz); @@ -9404,7 +9411,9 @@ static void PickHashSigAlgo(CYASSL* ssl, #endif #ifdef CYASSL_SHA384 - InitSha384(&sha384); + ret = InitSha384(&sha384); + if (ret != 0) + return ret; Sha384Update(&sha384, ssl->arrays->clientRandom, RAN_LEN); Sha384Update(&sha384, ssl->arrays->serverRandom, RAN_LEN); Sha384Update(&sha384, output + preSigIdx, preSigSz); diff --git a/src/ssl.c b/src/ssl.c index 1fb458e8c..559d0f8e9 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -4474,7 +4474,11 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl) } #endif #ifdef CYASSL_SHA384 - InitSha384(&ssl->hashSha384); + if ( (ssl->error = + InitSha384(&ssl->hashSha384)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } #endif } if ( (ssl->error = SendClientHello(ssl)) != 0) { @@ -4745,14 +4749,18 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl) #endif if (IsAtLeastTLSv1_2(ssl)) { #ifndef NO_SHA256 - if ( (ssl->error = + if ( (ssl->error = InitSha256(&ssl->hashSha256)) != 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } #endif #ifdef CYASSL_SHA384 - InitSha384(&ssl->hashSha384); + if ( (ssl->error = + InitSha384(&ssl->hashSha384)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } #endif } @@ -6563,7 +6571,7 @@ int CyaSSL_set_compression(CYASSL* ssl) (void)sizeof(sha_test); CYASSL_ENTER("SHA384_Init"); - InitSha384((Sha384*)sha); + InitSha384((Sha384*)sha); /* OpenSSL compat, no error */ } diff --git a/tests/hash.c b/tests/hash.c index a17d2695f..d392f81a4 100644 --- a/tests/hash.c +++ b/tests/hash.c @@ -402,11 +402,11 @@ int sha512_test(void) { Sha512 sha; byte hash[SHA512_DIGEST_SIZE]; - int ret; testVector a, b; testVector test_sha[2]; int times = sizeof(test_sha) / sizeof(struct testVector), i; + int ret; a.input = "abc"; a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41" @@ -455,6 +455,7 @@ int sha384_test() testVector a, b; testVector test_sha[2]; int times = sizeof(test_sha) / sizeof(struct testVector), i; + int ret; a.input = "abc"; a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50" @@ -476,7 +477,9 @@ int sha384_test() test_sha[0] = a; test_sha[1] = b; - InitSha384(&sha); + ret = InitSha384(&sha); + if (ret != 0) + return ret; for (i = 0; i < times; ++i) { Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);