feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Support for building without SHA256 with NO_OLD_TLS and SHA384/512. Although TLS 1.2 default digest for certs is SHA256 and our test cert signatures use SHA256, so make check will fail. Also requires disabling the P-RNG which uses SHA256. Added missing "wc_InitRng_ex" when using "CUSTOM_RAND_GENERATE_BLOCK". Cleanup of the BuildCertHashes, DoRounds, HashInput, HashOutput and HashOutputRaw return codes.

Browse Source
This commit is contained in:
David Garske
2016-11-14 12:47:24 -08:00
parent fa816f0460
commit 82e8210208
4 changed files with 78 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
src/internal.c
View File

@@ -4659,6 +4659,11 @@ ProtocolVersion MakeDTLSv1_2(void)
#ifndef NO_CERTS #ifndef NO_CERTS
static int HashOutputRaw(WOLFSSL* ssl, const byte* output, int sz) static int HashOutputRaw(WOLFSSL* ssl, const byte* output, int sz)
{ {
int ret = 0;
(void)output;
(void)sz;
#ifdef HAVE_FUZZER #ifdef HAVE_FUZZER
if (ssl->fuzzerCb) if (ssl->fuzzerCb)
ssl->fuzzerCb(ssl, output, sz, FUZZ_HASH, ssl->fuzzerCtx); ssl->fuzzerCb(ssl, output, sz, FUZZ_HASH, ssl->fuzzerCtx);
@@ -4670,11 +4675,9 @@ static int HashOutputRaw(WOLFSSL* ssl, const byte* output, int sz)
#ifndef NO_MD5 #ifndef NO_MD5
wc_Md5Update(&ssl->hsHashes->hashMd5, output, sz); wc_Md5Update(&ssl->hsHashes->hashMd5, output, sz);
#endif #endif
#endif #endif /* NO_OLD_TLS */
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
int ret;
#ifndef NO_SHA256 #ifndef NO_SHA256
ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, output, sz); ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, output, sz);
if (ret != 0) if (ret != 0)
@@ -4692,7 +4695,7 @@ static int HashOutputRaw(WOLFSSL* ssl, const byte* output, int sz)
#endif #endif
} }
return 0; return ret;
} }
#endif /* NO_CERTS */ #endif /* NO_CERTS */
@@ -4700,7 +4703,10 @@ static int HashOutputRaw(WOLFSSL* ssl, const byte* output, int sz)
/* add output to md5 and sha handshake hashes, exclude record header */ /* add output to md5 and sha handshake hashes, exclude record header */
static int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz) static int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz)
{ {
const byte* adj = output + RECORD_HEADER_SZ + ivSz; int ret = 0;
const byte* adj;
adj = output + RECORD_HEADER_SZ + ivSz;
sz -= RECORD_HEADER_SZ; sz -= RECORD_HEADER_SZ;
#ifdef HAVE_FUZZER #ifdef HAVE_FUZZER
@@ -4723,8 +4729,6 @@ static int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz)
#endif #endif
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
int ret;
#ifndef NO_SHA256 #ifndef NO_SHA256
ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, adj, sz); ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, adj, sz);
if (ret != 0) if (ret != 0)
@@ -4742,16 +4746,19 @@ static int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz)
#endif #endif
} }
return 0; return ret;
} }
/* add input to md5 and sha handshake hashes, include handshake header */ /* add input to md5 and sha handshake hashes, include handshake header */
static int HashInput(WOLFSSL* ssl, const byte* input, int sz) static int HashInput(WOLFSSL* ssl, const byte* input, int sz)
{ {
int ret = 0;
const byte* adj = input - HANDSHAKE_HEADER_SZ; const byte* adj = input - HANDSHAKE_HEADER_SZ;
sz += HANDSHAKE_HEADER_SZ; sz += HANDSHAKE_HEADER_SZ;
(void)adj;
#ifdef WOLFSSL_DTLS #ifdef WOLFSSL_DTLS
if (ssl->options.dtls) { if (ssl->options.dtls) {
adj -= DTLS_HANDSHAKE_EXTRA; adj -= DTLS_HANDSHAKE_EXTRA;
@@ -4769,8 +4776,6 @@ static int HashInput(WOLFSSL* ssl, const byte* input, int sz)
#endif #endif
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
int ret;
#ifndef NO_SHA256 #ifndef NO_SHA256
ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, adj, sz); ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, adj, sz);
if (ret != 0) if (ret != 0)
@@ -4788,7 +4793,7 @@ static int HashInput(WOLFSSL* ssl, const byte* input, int sz)
#endif #endif
} }
return 0; return ret;
} }
@@ -8881,8 +8886,11 @@ static INLINE void RmdRounds(int rounds, const byte* data, int sz)
/* Do dummy rounds */ /* Do dummy rounds */
static INLINE void DoRounds(int type, int rounds, const byte* data, int sz) static INLINE void DoRounds(int type, int rounds, const byte* data, int sz)
{ {
switch (type) { (void)rounds;
(void)data;
(void)sz;
switch (type) {
case no_mac : case no_mac :
break; break;
@@ -9907,6 +9915,7 @@ static void BuildSHA_CertVerify(WOLFSSL* ssl, byte* digest)
static int BuildCertHashes(WOLFSSL* ssl, Hashes* hashes) static int BuildCertHashes(WOLFSSL* ssl, Hashes* hashes)
{ {
int ret = 0;
/* store current states, building requires get_digest which resets state */ /* store current states, building requires get_digest which resets state */
#ifdef WOLFSSL_SHA384 #ifdef WOLFSSL_SHA384
Sha384 sha384 = ssl->hsHashes->hashSha384; Sha384 sha384 = ssl->hsHashes->hashSha384;
@@ -9915,14 +9924,14 @@ static int BuildCertHashes(WOLFSSL* ssl, Hashes* hashes)
Sha512 sha512 = ssl->hsHashes->hashSha512; Sha512 sha512 = ssl->hsHashes->hashSha512;
#endif #endif
(void)hashes;
if (ssl->options.tls) { if (ssl->options.tls) {
#if ! defined( NO_OLD_TLS ) #if ! defined( NO_OLD_TLS )
wc_Md5GetHash(&ssl->hsHashes->hashMd5, hashes->md5); wc_Md5GetHash(&ssl->hsHashes->hashMd5, hashes->md5);
wc_ShaGetHash(&ssl->hsHashes->hashSha, hashes->sha); wc_ShaGetHash(&ssl->hsHashes->hashSha, hashes->sha);
#endif #endif
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
int ret;
#ifndef NO_SHA256 #ifndef NO_SHA256
ret = wc_Sha256GetHash(&ssl->hsHashes->hashSha256,hashes->sha256); ret = wc_Sha256GetHash(&ssl->hsHashes->hashSha256,hashes->sha256);
if (ret != 0) if (ret != 0)
@@ -9957,7 +9966,7 @@ static int BuildCertHashes(WOLFSSL* ssl, Hashes* hashes)
#endif #endif
} }
return 0; return ret;
} }
#endif /* WOLFSSL_LEANPSK */ #endif /* WOLFSSL_LEANPSK */
@@ -15774,8 +15783,8 @@ int SendCertificateVerify(WOLFSSL* ssl)
case KEYSHARE_BUILD: case KEYSHARE_BUILD:
{ {
int keySz; int keySz;
int typeH; int typeH = 0;
ret = BuildCertHashes(ssl, &ssl->hsHashes->certHashes); ret = BuildCertHashes(ssl, &ssl->hsHashes->certHashes);
if (ret != 0) { if (ret != 0) {
@@ -15878,17 +15887,21 @@ int SendCertificateVerify(WOLFSSL* ssl)
} }
#endif #endif
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
#ifndef NO_SHA
/* old tls default */ /* old tls default */
ssl->buffers.digest.length = SHA_DIGEST_SIZE; ssl->buffers.digest.length = SHA_DIGEST_SIZE;
ssl->buffers.digest.buffer = ssl->hsHashes->certHashes.sha; ssl->buffers.digest.buffer = ssl->hsHashes->certHashes.sha;
typeH = SHAh; typeH = SHAh;
#else #endif
#else
#ifndef NO_SHA256
/* new tls default */ /* new tls default */
ssl->buffers.digest.length = SHA256_DIGEST_SIZE; ssl->buffers.digest.length = SHA256_DIGEST_SIZE;
ssl->buffers.digest.buffer = ssl->hsHashes->certHashes.sha256; ssl->buffers.digest.buffer = ssl->hsHashes->certHashes.sha256;
typeH = SHA256h; typeH = SHA256h;
#endif #endif
#endif /* !NO_OLD_TLS */
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
verify[0] = ssl->suites->hashAlgo; verify[0] = ssl->suites->hashAlgo;
@@ -15935,7 +15948,9 @@ int SendCertificateVerify(WOLFSSL* ssl)
} }
#endif #endif
(void)typeH; if (typeH == 0) {
ERROR_OUT(ALGO_ID_E, exit_scv);
}
#ifndef NO_RSA #ifndef NO_RSA
if (ssl->sigType == DYNAMIC_TYPE_RSA) { if (ssl->sigType == DYNAMIC_TYPE_RSA) {

33
src/tls.c
View File

@@ -53,6 +53,18 @@
#ifndef NO_TLS #ifndef NO_TLS
/* Digest enable checks */
#ifdef NO_OLD_TLS /* TLS 1.2 only */
#if defined(NO_SHA256) && !defined(WOLFSSL_SHA384) && \
!defined(WOLFSSL_SHA512)
#error Must have SHA256, SHA384 or SHA512 enabled for TLS 1.2
#endif
#else /* TLS 1.1 or older */
#if defined(NO_MD5) && defined(NO_SHA)
#error Must have SHA1 and MD5 enabled for old TLS
#endif
#endif
#ifndef WOLFSSL_HAVE_MIN #ifndef WOLFSSL_HAVE_MIN
#define WOLFSSL_HAVE_MIN #define WOLFSSL_HAVE_MIN
@@ -4857,7 +4869,6 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte isRequest,
#endif /* !NO_OLD_TLS */ #endif /* !NO_OLD_TLS */
#ifndef NO_SHA256 /* can't use without SHA256 */
WOLFSSL_METHOD* wolfTLSv1_2_client_method(void) WOLFSSL_METHOD* wolfTLSv1_2_client_method(void)
{ {
@@ -4874,7 +4885,6 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte isRequest,
InitSSL_Method(method, MakeTLSv1_2()); InitSSL_Method(method, MakeTLSv1_2());
return method; return method;
} }
#endif
WOLFSSL_METHOD* wolfSSLv23_client_method(void) WOLFSSL_METHOD* wolfSSLv23_client_method(void)
@@ -4890,10 +4900,12 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte isRequest,
heap, DYNAMIC_TYPE_METHOD); heap, DYNAMIC_TYPE_METHOD);
(void)heap; (void)heap;
if (method) { if (method) {
#ifndef NO_SHA256 /* 1.2 requires SHA256 */ #if !defined(NO_SHA256) || defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512)
InitSSL_Method(method, MakeTLSv1_2()); InitSSL_Method(method, MakeTLSv1_2());
#else #else
#ifndef NO_OLD_TLS
InitSSL_Method(method, MakeTLSv1_1()); InitSSL_Method(method, MakeTLSv1_1());
#endif
#endif #endif
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
method->downgrade = 1; method->downgrade = 1;
@@ -4947,7 +4959,6 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte isRequest,
} }
#endif /* !NO_OLD_TLS */ #endif /* !NO_OLD_TLS */
#ifndef NO_SHA256 /* can't use without SHA256 */
WOLFSSL_METHOD* wolfTLSv1_2_server_method(void) WOLFSSL_METHOD* wolfTLSv1_2_server_method(void)
{ {
@@ -4957,7 +4968,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte isRequest,
WOLFSSL_METHOD* wolfTLSv1_2_server_method_ex(void* heap) WOLFSSL_METHOD* wolfTLSv1_2_server_method_ex(void* heap)
{ {
WOLFSSL_METHOD* method = WOLFSSL_METHOD* method =
(WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD),
heap, DYNAMIC_TYPE_METHOD); heap, DYNAMIC_TYPE_METHOD);
(void)heap; (void)heap;
if (method) { if (method) {
@@ -4967,8 +4978,6 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte isRequest,
return method; return method;
} }
#endif
WOLFSSL_METHOD* wolfSSLv23_server_method(void) WOLFSSL_METHOD* wolfSSLv23_server_method(void)
{ {
@@ -4982,15 +4991,19 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte isRequest,
heap, DYNAMIC_TYPE_METHOD); heap, DYNAMIC_TYPE_METHOD);
(void)heap; (void)heap;
if (method) { if (method) {
#ifndef NO_SHA256 /* 1.2 requires SHA256 */ #if !defined(NO_SHA256) || defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512)
InitSSL_Method(method, MakeTLSv1_2()); InitSSL_Method(method, MakeTLSv1_2());
#else #else
#ifndef NO_OLD_TLS
InitSSL_Method(method, MakeTLSv1_1()); InitSSL_Method(method, MakeTLSv1_1());
#else
#error Must have SHA256, SHA384 or SHA512 enabled for TLS 1.2
#endif
#endif #endif
method->side = WOLFSSL_SERVER_END;
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
method->downgrade = 1; method->downgrade = 1;
#endif /* !NO_OLD_TLS */ #endif
method->side = WOLFSSL_SERVER_END;
} }
return method; return method;
} }

13
testsuite/testsuite.c
View File

@@ -42,7 +42,9 @@
#include "examples/client/client.h" #include "examples/client/client.h"
#ifndef NO_SHA256
void file_test(const char* file, byte* hash); void file_test(const char* file, byte* hash);
#endif
void simple_test(func_args*); void simple_test(func_args*);
@@ -102,7 +104,7 @@ int testsuite_test(int argc, char** argv)
#endif #endif
#if !defined(WOLFSSL_TIRTOS) #if !defined(WOLFSSL_TIRTOS)
ChangeToWolfRoot(); ChangeToWolfRoot();
#endif #endif
#ifdef WOLFSSL_TIRTOS #ifdef WOLFSSL_TIRTOS
@@ -181,14 +183,18 @@ int testsuite_test(int argc, char** argv)
/* validate output equals input */ /* validate output equals input */
{ {
#ifndef NO_SHA256
byte input[SHA256_DIGEST_SIZE]; byte input[SHA256_DIGEST_SIZE];
byte output[SHA256_DIGEST_SIZE]; byte output[SHA256_DIGEST_SIZE];
file_test("input", input); file_test("input", input);
file_test(outputName, output); file_test(outputName, output);
#endif
remove(outputName); remove(outputName);
#ifndef NO_SHA256
if (memcmp(input, output, sizeof(input)) != 0) if (memcmp(input, output, sizeof(input)) != 0)
return EXIT_FAILURE; return EXIT_FAILURE;
#endif
} }
wolfSSL_Cleanup(); wolfSSL_Cleanup();
@@ -325,7 +331,7 @@ void join_thread(THREAD_TYPE thread)
#elif defined(WOLFSSL_TIRTOS) #elif defined(WOLFSSL_TIRTOS)
while(1) { while(1) {
if (Task_getMode(thread) == Task_Mode_TERMINATED) { if (Task_getMode(thread) == Task_Mode_TERMINATED) {
Task_sleep(5); Task_sleep(5);
break; break;
} }
Task_yield(); Task_yield();
@@ -340,6 +346,7 @@ void join_thread(THREAD_TYPE thread)
} }
#ifndef NO_SHA256
void file_test(const char* file, byte* check) void file_test(const char* file, byte* check)
{ {
FILE* f; FILE* f;
@@ -382,7 +389,7 @@ void file_test(const char* file, byte* check)
fclose(f); fclose(f);
} }
#endif
#else /* SINGLE_THREADED */ #else /* SINGLE_THREADED */

14
wolfcrypt/src/random.c
View File

@@ -88,12 +88,18 @@ int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
/* Allow custom RNG system */ /* Allow custom RNG system */
#ifdef CUSTOM_RAND_GENERATE_BLOCK #ifdef CUSTOM_RAND_GENERATE_BLOCK
int wc_InitRng(WC_RNG* rng) int wc_InitRng_ex(WC_RNG* rng, void* heap)
{ {
(void)rng; (void)rng;
(void)heap;
return 0; return 0;
} }
int wc_InitRng(WC_RNG* rng)
{
return wc_InitRng_ex(rng, NULL);
}
int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz) int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
{ {
(void)rng; (void)rng;
@@ -201,7 +207,7 @@ int wc_FreeRng(WC_RNG* rng)
#if RNG_MAX_BLOCK_LEN > MAX_REQUEST_LEN #if RNG_MAX_BLOCK_LEN > MAX_REQUEST_LEN
#error RNG_MAX_BLOCK_LEN is larger than NIST DBRG max request length #error RNG_MAX_BLOCK_LEN is larger than NIST DBRG max request length
#endif #endif
enum { enum {
drbgInitC = 0, drbgInitC = 0,
@@ -676,7 +682,7 @@ int wc_RNG_HealthTest(int reseed, const byte* entropyA, word32 entropyASz,
if (Hash_DRBG_Generate(drbg, output, outputSz) != 0) { if (Hash_DRBG_Generate(drbg, output, outputSz) != 0) {
goto exit_rng_ht; goto exit_rng_ht;
} }
/* Mark success */ /* Mark success */
ret = 0; ret = 0;
@@ -776,7 +782,7 @@ static int wc_RNG_HealthTestLocal(int reseed)
NULL, 0, NULL, 0,
check, RNG_HEALTH_TEST_CHECK_SIZE); check, RNG_HEALTH_TEST_CHECK_SIZE);
if (ret == 0) { if (ret == 0) {
if (ConstantCompare(check, outputB, if (ConstantCompare(check, outputB,
RNG_HEALTH_TEST_CHECK_SIZE) != 0) RNG_HEALTH_TEST_CHECK_SIZE) != 0)
ret = -1; ret = -1;
} }