feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

add missing gating around WOLFSSL_NO_SHAKE256, WOLFSSL_NOSHA512_224, and WOLFSSL_NOSHA512_256.

Browse Source
This commit is contained in:
Daniel Pouzzner
2021-09-27 13:18:04 -05:00
parent 7b40cd6cef
commit 8c3cbf84f9
8 changed files with 160 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
configure.ac
View File

@@ -3382,6 +3382,8 @@ AS_CASE([$FIPS_VERSION],
# Shake256 is a SHA-3 algorithm not in our FIPS algorithm list
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_SHAKE256"
ENABLED_SHAKE256=no
# SHA512-224 and SHA512-256 are a SHA-2 algorithms not in our FIPS algorithm list
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NOSHA512_224 -DWOLFSSL_NOSHA512_256"
AS_IF([test "x$ENABLED_AESCCM" != "xyes"],
[ENABLED_AESCCM="yes"; AM_CFLAGS="$AM_CFLAGS -DHAVE_AESCCM"])
AS_IF([test "x$ENABLED_RSAPSS" != "xyes"],

42
wolfcrypt/src/evp.c
View File

@@ -4042,24 +4042,28 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
ret = NOT_COMPILED_IN;
#endif /* WOLFSSL_SHA512 */
break;
#ifndef WOLFSSL_NOSHA512_224
case WC_HASH_TYPE_SHA512_224:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
defined(WOLFSSL_SHA512)
ret = wc_Sha512_224Copy((wc_Sha512*)&src->hash.digest,
(wc_Sha512*)&des->hash.digest);
#else
ret = NOT_COMPILED_IN;
#endif
break;
#endif /* !WOLFSSL_NOSHA512_224 */
#ifndef WOLFSSL_NOSHA512_256
case WC_HASH_TYPE_SHA512_256:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
defined(WOLFSSL_SHA512)
ret = wc_Sha512_256Copy((wc_Sha512*)&src->hash.digest,
(wc_Sha512*)&des->hash.digest);
#else
ret = NOT_COMPILED_IN;
#endif
break;
#endif /* !WOLFSSL_NOSHA512_256 */
case WC_HASH_TYPE_SHA3_224:
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
ret = wc_Sha3_224_Copy((wc_Sha3*)&src->hash.digest,
@@ -4098,8 +4102,10 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
case WC_HASH_TYPE_MD5_SHA:
case WC_HASH_TYPE_BLAKE2B:
case WC_HASH_TYPE_BLAKE2S:
#ifndef WOLFSSL_NO_SHAKE256
case WC_HASH_TYPE_SHAKE128:
case WC_HASH_TYPE_SHAKE256:
#endif
default:
ret = BAD_FUNC_ARG;
break;
@@ -4574,18 +4580,22 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
wc_Sha512Free((wc_Sha512*)&ctx->hash.digest);
#endif /* WOLFSSL_SHA512 */
break;
#ifndef WOLFSSL_NOSHA512_224
case WC_HASH_TYPE_SHA512_224:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
defined(WOLFSSL_SHA512)
wc_Sha512_224Free((wc_Sha512*)&ctx->hash.digest);
#endif
break;
#endif /* !WOLFSSL_NOSHA512_224 */
#ifndef WOLFSSL_NOSHA512_256
case WC_HASH_TYPE_SHA512_256:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
defined(WOLFSSL_SHA512)
wc_Sha512_256Free((wc_Sha512*)&ctx->hash.digest);
#endif
break;
#endif /* !WOLFSSL_NOSHA512_256 */
case WC_HASH_TYPE_SHA3_224:
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
wc_Sha3_224_Free((wc_Sha3*)&ctx->hash.digest);
@@ -4615,8 +4625,10 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
case WC_HASH_TYPE_MD5_SHA:
case WC_HASH_TYPE_BLAKE2B:
case WC_HASH_TYPE_BLAKE2S:
#ifndef WOLFSSL_NO_SHAKE256
case WC_HASH_TYPE_SHAKE128:
case WC_HASH_TYPE_SHAKE256:
#endif
default:
ret = WOLFSSL_FAILURE;
break;
@@ -6341,21 +6353,25 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_SHA512 */
break;
#ifndef WOLFSSL_NOSHA512_224
case WC_HASH_TYPE_SHA512_224:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
defined(WOLFSSL_SHA512)
ret = wolfSSL_SHA512_224_Update((SHA512_CTX*)&ctx->hash, data,
(unsigned long)sz);
#endif
break;
#endif /* !WOLFSSL_NOSHA512_224 */
#ifndef WOLFSSL_NOSHA512_256
case WC_HASH_TYPE_SHA512_256:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
defined(WOLFSSL_SHA512)
ret = wolfSSL_SHA512_256_Update((SHA512_CTX*)&ctx->hash, data,
(unsigned long)sz);
#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256*/
#endif /* WOLFSSL_SHA512 */
break;
#endif /* !WOLFSSL_NOSHA512_256 */
case WC_HASH_TYPE_SHA3_224:
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
@@ -6386,8 +6402,10 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
case WC_HASH_TYPE_MD5_SHA:
case WC_HASH_TYPE_BLAKE2B:
case WC_HASH_TYPE_BLAKE2S:
#ifndef WOLFSSL_NO_SHAKE256
case WC_HASH_TYPE_SHAKE128:
case WC_HASH_TYPE_SHAKE256:
#endif
default:
return WOLFSSL_FAILURE;
}
@@ -6448,20 +6466,24 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
if (s) *s = WC_SHA512_DIGEST_SIZE;
#endif /* WOLFSSL_SHA512 */
break;
#ifndef WOLFSSL_NOSHA512_224
case WC_HASH_TYPE_SHA512_224:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
defined(WOLFSSL_SHA512)
ret = wolfSSL_SHA512_224_Final(md, (SHA512_CTX*)&ctx->hash);
if (s) *s = WC_SHA512_224_DIGEST_SIZE;
#endif
break;
#endif /* !WOLFSSL_NOSHA512_224 */
#ifndef WOLFSSL_NOSHA512_256
case WC_HASH_TYPE_SHA512_256:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
defined(WOLFSSL_SHA512)
ret = wolfSSL_SHA512_256_Final(md, (SHA512_CTX*)&ctx->hash);
if (s) *s = WC_SHA512_256_DIGEST_SIZE;
#endif
break;
#endif /* !WOLFSSL_NOSHA512_256 */
case WC_HASH_TYPE_SHA3_224:
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
ret = wolfSSL_SHA3_224_Final(md, (SHA3_224_CTX*)&ctx->hash);
@@ -6491,8 +6513,10 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
case WC_HASH_TYPE_MD5_SHA:
case WC_HASH_TYPE_BLAKE2B:
case WC_HASH_TYPE_BLAKE2S:
#ifndef WOLFSSL_NO_SHAKE256
case WC_HASH_TYPE_SHAKE128:
case WC_HASH_TYPE_SHAKE256:
#endif
default:
return WOLFSSL_FAILURE;
}

95
wolfcrypt/src/hash.c
View File

@@ -178,17 +178,20 @@ int wc_HashGetOID(enum wc_HashType hash_type)
oid = SHA512h;
#endif
break;
#ifndef WOLFSSL_NOSHA512_224
case WC_HASH_TYPE_SHA512_224:
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
oid = SHA512_224h;
#endif
break;
#endif
#ifndef WOLFSSL_NOSHA512_256
case WC_HASH_TYPE_SHA512_256:
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
oid = SHA512_256h;
#endif
break;
#endif
case WC_HASH_TYPE_SHA3_224:
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
oid = SHA3_224h;
@@ -209,6 +212,7 @@ int wc_HashGetOID(enum wc_HashType hash_type)
oid = SHA3_512h;
#endif
break;
#ifndef WOLFSSL_NO_SHAKE256
case WC_HASH_TYPE_SHAKE128:
#if defined(WOLFSSL_SHA3) && defined(WOLFSSL_SHAKE128)
oid = SHAKE128h;
@@ -219,6 +223,7 @@ int wc_HashGetOID(enum wc_HashType hash_type)
oid = SHAKE256h;
#endif
break;
#endif
/* Not Supported */
case WC_HASH_TYPE_MD4:
@@ -341,20 +346,24 @@ int wc_HashGetDigestSize(enum wc_HashType hash_type)
dig_size = WC_SHA512_DIGEST_SIZE;
#endif
break;
#ifndef WOLFSSL_NOSHA512_224
case WC_HASH_TYPE_SHA512_224:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
dig_size = WC_SHA512_224_DIGEST_SIZE;
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
break;
#endif
#ifndef WOLFSSL_NOSHA512_256
case WC_HASH_TYPE_SHA512_256:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
dig_size = WC_SHA512_256_DIGEST_SIZE;
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
break;
#endif
case WC_HASH_TYPE_MD5_SHA: /* Old TLS Specific */
#if !defined(NO_MD5) && !defined(NO_SHA)
dig_size = (int)WC_MD5_DIGEST_SIZE + (int)WC_SHA_DIGEST_SIZE;
@@ -389,8 +398,10 @@ int wc_HashGetDigestSize(enum wc_HashType hash_type)
break;
/* Not Supported */
#ifndef WOLFSSL_NO_SHAKE256
case WC_HASH_TYPE_SHAKE128:
case WC_HASH_TYPE_SHAKE256:
#endif
case WC_HASH_TYPE_NONE:
default:
dig_size = BAD_FUNC_ARG;
@@ -446,20 +457,24 @@ int wc_HashGetBlockSize(enum wc_HashType hash_type)
block_size = WC_SHA512_BLOCK_SIZE;
#endif
break;
#ifndef WOLFSSL_NOSHA512_224
case WC_HASH_TYPE_SHA512_224:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
block_size = WC_SHA512_224_BLOCK_SIZE;
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
break;
#endif
#ifndef WOLFSSL_NOSHA512_256
case WC_HASH_TYPE_SHA512_256:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
block_size = WC_SHA512_256_BLOCK_SIZE;
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
break;
#endif
case WC_HASH_TYPE_MD5_SHA: /* Old TLS Specific */
#if !defined(NO_MD5) && !defined(NO_SHA)
block_size = (int)WC_MD5_BLOCK_SIZE + (int)WC_SHA_BLOCK_SIZE;
@@ -494,8 +509,10 @@ int wc_HashGetBlockSize(enum wc_HashType hash_type)
break;
/* Not Supported */
#ifndef WOLFSSL_NO_SHAKE256
case WC_HASH_TYPE_SHAKE128:
case WC_HASH_TYPE_SHAKE256:
#endif
case WC_HASH_TYPE_NONE:
default:
block_size = BAD_FUNC_ARG;
@@ -555,20 +572,24 @@ int wc_Hash(enum wc_HashType hash_type, const byte* data,
ret = wc_Sha512Hash(data, data_len, hash);
#endif
break;
#ifndef WOLFSSL_NOSHA512_224
case WC_HASH_TYPE_SHA512_224:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
ret = wc_Sha512_224Hash(data, data_len, hash);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
break;
#endif
#ifndef WOLFSSL_NOSHA512_256
case WC_HASH_TYPE_SHA512_256:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
ret = wc_Sha512_256Hash(data, data_len, hash);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
break;
#endif
case WC_HASH_TYPE_MD5_SHA:
#if !defined(NO_MD5) && !defined(NO_SHA)
ret = wc_Md5Hash(data, data_len, hash);
@@ -604,8 +625,10 @@ int wc_Hash(enum wc_HashType hash_type, const byte* data,
case WC_HASH_TYPE_MD4:
case WC_HASH_TYPE_BLAKE2B:
case WC_HASH_TYPE_BLAKE2S:
#ifndef WOLFSSL_NO_SHAKE256
case WC_HASH_TYPE_SHAKE128:
case WC_HASH_TYPE_SHAKE256:
#endif
case WC_HASH_TYPE_NONE:
default:
ret = BAD_FUNC_ARG;
@@ -653,21 +676,24 @@ int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap,
ret = wc_InitSha512_ex(&hash->sha512, heap, devId);
#endif
break;
#ifndef WOLFSSL_NOSHA512_224
case WC_HASH_TYPE_SHA512_224:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
ret = wc_InitSha512_224_ex(&hash->sha512, heap, devId);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
break;
#endif
#ifndef WOLFSSL_NOSHA512_256
case WC_HASH_TYPE_SHA512_256:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
ret = wc_InitSha512_256_ex(&hash->sha512, heap, devId);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
break;
#endif
case WC_HASH_TYPE_SHA3_224:
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
ret = wc_InitSha3_224(&hash->sha3, heap, devId);
@@ -695,8 +721,10 @@ int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap,
case WC_HASH_TYPE_MD4:
case WC_HASH_TYPE_BLAKE2B:
case WC_HASH_TYPE_BLAKE2S:
#ifndef WOLFSSL_NO_SHAKE256
case WC_HASH_TYPE_SHAKE128:
case WC_HASH_TYPE_SHAKE256:
#endif
case WC_HASH_TYPE_NONE:
default:
ret = BAD_FUNC_ARG;
@@ -752,21 +780,24 @@ int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data,
ret = wc_Sha512Update(&hash->sha512, data, dataSz);
#endif
break;
#ifndef WOLFSSL_NOSHA512_224
case WC_HASH_TYPE_SHA512_224:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
ret = wc_Sha512_224Update(&hash->sha512, data, dataSz);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
break;
#endif
#ifndef WOLFSSL_NOSHA512_256
case WC_HASH_TYPE_SHA512_256:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
ret = wc_Sha512_256Update(&hash->sha512, data, dataSz);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
break;
#endif
case WC_HASH_TYPE_SHA3_224:
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
ret = wc_Sha3_224_Update(&hash->sha3, data, dataSz);
@@ -794,8 +825,10 @@ int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data,
case WC_HASH_TYPE_MD4:
case WC_HASH_TYPE_BLAKE2B:
case WC_HASH_TYPE_BLAKE2S:
#ifndef WOLFSSL_NO_SHAKE256
case WC_HASH_TYPE_SHAKE128:
case WC_HASH_TYPE_SHAKE256:
#endif
case WC_HASH_TYPE_NONE:
default:
ret = BAD_FUNC_ARG;
@@ -842,21 +875,24 @@ int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out)
ret = wc_Sha512Final(&hash->sha512, out);
#endif
break;
#ifndef WOLFSSL_NOSHA512_224
case WC_HASH_TYPE_SHA512_224:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
ret = wc_Sha512_224Final(&hash->sha512, out);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
break;
#endif
#ifndef WOLFSSL_NOSHA512_256
case WC_HASH_TYPE_SHA512_256:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
ret = wc_Sha512_256Final(&hash->sha512, out);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
break;
#endif
case WC_HASH_TYPE_SHA3_224:
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
ret = wc_Sha3_224_Final(&hash->sha3, out);
@@ -884,8 +920,10 @@ int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out)
case WC_HASH_TYPE_MD4:
case WC_HASH_TYPE_BLAKE2B:
case WC_HASH_TYPE_BLAKE2S:
#ifndef WOLFSSL_NO_SHAKE256
case WC_HASH_TYPE_SHAKE128:
case WC_HASH_TYPE_SHAKE256:
#endif
case WC_HASH_TYPE_NONE:
default:
ret = BAD_FUNC_ARG;
@@ -938,14 +976,17 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type)
ret = 0;
#endif
break;
#ifndef WOLFSSL_NOSHA512_224
case WC_HASH_TYPE_SHA512_224:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
wc_Sha512_224Free(&hash->sha512);
ret = 0;
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
break;
#endif
#ifndef WOLFSSL_NOSHA512_256
case WC_HASH_TYPE_SHA512_256:
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
@@ -954,7 +995,7 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type)
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
break;
#endif
case WC_HASH_TYPE_SHA3_224:
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
wc_Sha3_224_Free(&hash->sha3);
@@ -986,8 +1027,10 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type)
case WC_HASH_TYPE_MD4:
case WC_HASH_TYPE_BLAKE2B:
case WC_HASH_TYPE_BLAKE2S:
#ifndef WOLFSSL_NO_SHAKE256
case WC_HASH_TYPE_SHAKE128:
case WC_HASH_TYPE_SHAKE256:
#endif
case WC_HASH_TYPE_NONE:
default:
ret = BAD_FUNC_ARG;
@@ -1031,8 +1074,12 @@ int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type, word32 flags)
#endif
break;
case WC_HASH_TYPE_SHA512:
#ifndef WOLFSSL_NOSHA512_224
case WC_HASH_TYPE_SHA512_224:
#endif
#ifndef WOLFSSL_NOSHA512_256
case WC_HASH_TYPE_SHA512_256:
#endif
#ifdef WOLFSSL_SHA512
ret = wc_Sha512SetFlags(&hash->sha512, flags);
#endif
@@ -1054,8 +1101,10 @@ int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type, word32 flags)
case WC_HASH_TYPE_BLAKE2B:
case WC_HASH_TYPE_BLAKE2S:
case WC_HASH_TYPE_NONE:
#ifndef WOLFSSL_NO_SHAKE256
case WC_HASH_TYPE_SHAKE128:
case WC_HASH_TYPE_SHAKE256:
#endif
default:
ret = BAD_FUNC_ARG;
};
@@ -1096,8 +1145,12 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags)
#endif
break;
case WC_HASH_TYPE_SHA512:
#ifndef WOLFSSL_NOSHA512_224
case WC_HASH_TYPE_SHA512_224:
#endif
#ifndef WOLFSSL_NOSHA512_256
case WC_HASH_TYPE_SHA512_256:
#endif
#ifdef WOLFSSL_SHA512
ret = wc_Sha512GetFlags(&hash->sha512, flags);
#endif
@@ -1118,8 +1171,10 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags)
case WC_HASH_TYPE_MD4:
case WC_HASH_TYPE_BLAKE2B:
case WC_HASH_TYPE_BLAKE2S:
#ifndef WOLFSSL_NO_SHAKE256
case WC_HASH_TYPE_SHAKE128:
case WC_HASH_TYPE_SHAKE256:
#endif
case WC_HASH_TYPE_NONE:
default:
ret = BAD_FUNC_ARG;

14
wolfcrypt/src/rsa.c
View File

@@ -1838,16 +1838,22 @@ int wc_hash2mgf(enum wc_HashType hType)
case WC_HASH_TYPE_MD4:
case WC_HASH_TYPE_MD5:
case WC_HASH_TYPE_MD5_SHA:
case WC_HASH_TYPE_SHA512_224:
case WC_HASH_TYPE_SHA512_256:
#ifndef WOLFSSL_NOSHA512_224
case WC_HASH_TYPE_SHA512_224:
#endif
#ifndef WOLFSSL_NOSHA512_256
case WC_HASH_TYPE_SHA512_256:
#endif
case WC_HASH_TYPE_SHA3_224:
case WC_HASH_TYPE_SHA3_256:
case WC_HASH_TYPE_SHA3_384:
case WC_HASH_TYPE_SHA3_512:
case WC_HASH_TYPE_BLAKE2B:
case WC_HASH_TYPE_BLAKE2S:
case WC_HASH_TYPE_SHAKE128:
case WC_HASH_TYPE_SHAKE256:
#ifndef WOLFSSL_NO_SHAKE256
case WC_HASH_TYPE_SHAKE128:
case WC_HASH_TYPE_SHAKE256:
#endif
default:
break;
}

4
wolfssl/wolfcrypt/hmac.h
View File

@@ -80,8 +80,12 @@ enum {
#endif
#ifndef WOLFSSL_SHA512
WC_SHA512 = WC_HASH_TYPE_SHA512,
#ifndef WOLFSSL_NOSHA512_224
WC_SHA512_224 = WC_HASH_TYPE_SHA512_224,
#endif
#ifndef WOLFSSL_NOSHA512_256
WC_SHA512_256 = WC_HASH_TYPE_SHA512_256,
#endif
#endif
#ifndef WOLFSSL_SHA384
WC_SHA384 = WC_HASH_TYPE_SHA384,

17
wolfssl/wolfcrypt/sha3.h
View File

@@ -58,8 +58,11 @@ enum {
WC_SHA3_512_DIGEST_SIZE = 64,
WC_SHA3_512_COUNT = 9,
WC_SHAKE128 = WC_HASH_TYPE_SHAKE128,
WC_SHAKE256 = WC_HASH_TYPE_SHAKE256,
#ifndef WOLFSSL_NO_SHAKE256
WC_SHAKE128 = WC_HASH_TYPE_SHAKE128,
WC_SHAKE256 = WC_HASH_TYPE_SHAKE256,
#endif
#if !defined(HAVE_SELFTEST) || \
defined(HAVE_SELFTEST_VERSION) && (HAVE_SELFTEST_VERSION >= 2)
/* These values are used for HMAC, not SHA-3 directly.
@@ -81,8 +84,10 @@ enum {
#define SHA3_512 WC_SHA3_512
#define SHA3_512_DIGEST_SIZE WC_SHA3_512_DIGEST_SIZE
#define Sha3 wc_Sha3
#define SHAKE128 WC_SHAKE128
#define SHAKE256 WC_SHAKE256
#ifndef WOLFSSL_NO_SHAKE256
#define SHAKE128 WC_SHAKE128
#define SHAKE256 WC_SHAKE256
#endif
#endif
@@ -119,7 +124,9 @@ struct wc_Sha3 {
#endif
#ifndef WOLFSSL_NO_SHAKE256
typedef wc_Sha3 wc_Shake;
#endif
WOLFSSL_API int wc_InitSha3_224(wc_Sha3*, void*, int);
@@ -150,11 +157,13 @@ WOLFSSL_API void wc_Sha3_512_Free(wc_Sha3*);
WOLFSSL_API int wc_Sha3_512_GetHash(wc_Sha3*, byte*);
WOLFSSL_API int wc_Sha3_512_Copy(wc_Sha3* src, wc_Sha3* dst);
#ifndef WOLFSSL_NO_SHAKE256
WOLFSSL_API int wc_InitShake256(wc_Shake*, void*, int);
WOLFSSL_API int wc_Shake256_Update(wc_Shake*, const byte*, word32);
WOLFSSL_API int wc_Shake256_Final(wc_Shake*, byte*, word32);
WOLFSSL_API void wc_Shake256_Free(wc_Shake*);
WOLFSSL_API int wc_Shake256_Copy(wc_Shake* src, wc_Sha3* dst);
#endif
#ifdef WOLFSSL_HASH_FLAGS
WOLFSSL_API int wc_Sha3_SetFlags(wc_Sha3* sha3, word32 flags);

4
wolfssl/wolfcrypt/sha512.h
View File

@@ -118,8 +118,12 @@
enum {
#ifdef WOLFSSL_SHA512
WC_SHA512 = WC_HASH_TYPE_SHA512,
#ifndef WOLFSSL_NOSHA512_224
WC_SHA512_224 = WC_HASH_TYPE_SHA512_224,
#endif
#ifndef WOLFSSL_NOSHA512_256
WC_SHA512_256 = WC_HASH_TYPE_SHA512_256,
#endif
#endif
WC_SHA512_BLOCK_SIZE = 128,
WC_SHA512_DIGEST_SIZE = 64,

25
wolfssl/wolfcrypt/types.h
View File

@@ -917,12 +917,25 @@ decouple library dependencies with standard string, memory and so on.
WC_HASH_TYPE_SHA3_512 = 13,
WC_HASH_TYPE_BLAKE2B = 14,
WC_HASH_TYPE_BLAKE2S = 15,
WC_HASH_TYPE_SHA512_224 = 16,
WC_HASH_TYPE_SHA512_256 = 17,
WC_HASH_TYPE_SHAKE128 = 18,
WC_HASH_TYPE_SHAKE256 = 19,
WC_HASH_TYPE_MAX = WC_HASH_TYPE_SHAKE256
#define _WC_HASH_TYPE_MAX WC_HASH_TYPE_BLAKE2S
#ifndef WOLFSSL_NOSHA512_224
WC_HASH_TYPE_SHA512_224 = 16,
#undef _WC_HASH_TYPE_MAX
#define _WC_HASH_TYPE_MAX WC_HASH_TYPE_SHA512_224
#endif
#ifndef WOLFSSL_NOSHA512_256
WC_HASH_TYPE_SHA512_256 = 17,
#undef _WC_HASH_TYPE_MAX
#define _WC_HASH_TYPE_MAX WC_HASH_TYPE_SHA512_256
#endif
#ifndef WOLFSSL_NO_SHAKE256
WC_HASH_TYPE_SHAKE128 = 18,
WC_HASH_TYPE_SHAKE256 = 19,
#undef _WC_HASH_TYPE_MAX
#define _WC_HASH_TYPE_MAX WC_HASH_TYPE_SHAKE256
#endif
WC_HASH_TYPE_MAX = _WC_HASH_TYPE_MAX
#undef _WC_HASH_TYPE_MAX
#endif /* HAVE_SELFTEST */
};