feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #1490 from dgarske/hashoid_cleanup

Browse Source 
Hash OID cleanup
This commit is contained in:
toddouska
2018-04-12 13:46:47 -07:00
committed by GitHub
parent d85580691b 1f7b954d47
commit 8f1e8be2d0
5 changed files with 78 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
wolfcrypt/src/asn.c
View File

@ -4897,38 +4897,15 @@ word32 wc_EncodeSignature(byte* out, const byte* digest, word32 digSz,
int wc_GetCTC_HashOID(int type) int wc_GetCTC_HashOID(int type)
{ {
switch (type) { int ret;
#ifdef WOLFSSL_MD2 enum wc_HashType hType;
case MD2:
return MD2h; hType = wc_HashTypeConvert(type);
#endif ret = wc_HashGetOID(hType);
#ifndef NO_MD5 if (ret < 0)
case WC_MD5: ret = 0; /* backwards compatibility */
return MD5h;
#endif return ret;
#ifndef NO_SHA
case WC_SHA:
return SHAh;
#endif
#ifdef WOLFSSL_SHA224
case WC_SHA224:
return SHA224h;
#endif
#ifndef NO_SHA256
case WC_SHA256:
return SHA256h;
#endif
#ifdef WOLFSSL_SHA384
case WC_SHA384:
return SHA384h;
#endif
#ifdef WOLFSSL_SHA512
case WC_SHA512:
return SHA512h;
#endif
default:
return 0;
};
} }
void InitSignatureCtx(SignatureCtx* sigCtx, void* heap, int devId) void InitSignatureCtx(SignatureCtx* sigCtx, void* heap, int devId)

50
wolfcrypt/src/hash.c
View File

@ -126,7 +126,7 @@ int wc_HashGetOID(enum wc_HashType hash_type)
#endif #endif
break; break;
case WC_HASH_TYPE_SHA224: case WC_HASH_TYPE_SHA224:
#if defined(WOLFSSL_SHA224) #ifdef WOLFSSL_SHA224
oid = SHA224h; oid = SHA224h;
#endif #endif
break; break;
@ -136,7 +136,7 @@ int wc_HashGetOID(enum wc_HashType hash_type)
#endif #endif
break; break;
case WC_HASH_TYPE_SHA384: case WC_HASH_TYPE_SHA384:
#if defined(WOLFSSL_SHA512) && defined(WOLFSSL_SHA384) #ifdef WOLFSSL_SHA384
oid = SHA384h; oid = SHA384h;
#endif #endif
break; break;
@ -160,6 +160,52 @@ int wc_HashGetOID(enum wc_HashType hash_type)
} }
return oid; return oid;
} }
enum wc_HashType wc_OidGetHash(int oid)
{
enum wc_HashType hash_type = WC_HASH_TYPE_NONE;
switch (oid)
{
case MD2h:
#ifdef WOLFSSL_MD2
hash_type = WC_HASH_TYPE_MD2;
#endif
break;
case MD5h:
#ifndef NO_MD5
hash_type = WC_HASH_TYPE_MD5;
#endif
break;
case SHAh:
#ifndef NO_SHA
hash_type = WC_HASH_TYPE_SHA;
#endif
break;
case SHA224h:
#if defined(WOLFSSL_SHA224)
hash_type = WC_HASH_TYPE_SHA224;
#endif
break;
case SHA256h:
#ifndef NO_SHA256
hash_type = WC_HASH_TYPE_SHA256;
#endif
break;
case SHA384h:
#ifdef WOLFSSL_SHA384
hash_type = WC_HASH_TYPE_SHA384;
#endif
break;
case SHA512h:
#ifdef WOLFSSL_SHA512
hash_type = WC_HASH_TYPE_SHA512;
#endif
break;
default:
break;
}
return hash_type;
}
#endif /* !NO_ASN || !NO_DH || HAVE_ECC */ #endif /* !NO_ASN || !NO_DH || HAVE_ECC */

41
wolfcrypt/src/pkcs12.c
View File

@ -41,6 +41,7 @@
#endif #endif
#include <wolfssl/wolfcrypt/pkcs12.h> #include <wolfssl/wolfcrypt/pkcs12.h>
#include <wolfssl/wolfcrypt/pwdbased.h> #include <wolfssl/wolfcrypt/pwdbased.h>
#include <wolfssl/wolfcrypt/hash.h>
#define ERROR_OUT(err, eLabel) { ret = (err); goto eLabel; } #define ERROR_OUT(err, eLabel) { ret = (err); goto eLabel; }
@ -480,7 +481,8 @@ static int wc_PKCS12_create_mac(WC_PKCS12* pkcs12, byte* data, word32 dataSz,
{ {
Hmac hmac; Hmac hmac;
MacData* mac; MacData* mac;
int ret, typeH, kLen; int ret, kLen;
enum wc_HashType hashT;
int idx = 0; int idx = 0;
int id = 3; /* value from RFC 7292 indicating key is used for MAC */ int id = 3; /* value from RFC 7292 indicating key is used for MAC */
word32 i; word32 i;
@ -509,35 +511,12 @@ static int wc_PKCS12_create_mac(WC_PKCS12* pkcs12, byte* data, word32 dataSz,
unicodePasswd[idx++] = 0x00; unicodePasswd[idx++] = 0x00;
/* get hash type used and resulting size of HMAC key */ /* get hash type used and resulting size of HMAC key */
switch (mac->oid) { hashT = wc_OidGetHash(mac->oid);
#ifndef NO_SHA if (hashT == WC_HASH_TYPE_NONE) {
case SHAh: /* 88 */ WOLFSSL_MSG("Unsupported hash used");
typeH = WC_SHA; return BAD_FUNC_ARG;
kLen = WC_SHA_DIGEST_SIZE;
break;
#endif
#ifndef NO_SHA256
case SHA256h: /* 414 */
typeH = WC_SHA256;
kLen = WC_SHA256_DIGEST_SIZE;
break;
#endif
#ifdef WOLFSSL_SHA384
case SHA384h: /* 415 */
typeH = WC_SHA384;
kLen = WC_SHA384_DIGEST_SIZE;
break;
#endif
#ifdef WOLFSSL_SHA512
case SHA512h: /* 416 */
typeH = WC_SHA512;
kLen = WC_SHA512_DIGEST_SIZE;
break;
#endif
default: /* May be SHA224 or was just not built in */
WOLFSSL_MSG("Unsupported hash used");
return BAD_FUNC_ARG;
} }
kLen = wc_HashGetDigestSize(hashT);
/* check out buffer is large enough */ /* check out buffer is large enough */
if (kLen < 0 || outSz < (word32)kLen) { if (kLen < 0 || outSz < (word32)kLen) {
@ -546,7 +525,7 @@ static int wc_PKCS12_create_mac(WC_PKCS12* pkcs12, byte* data, word32 dataSz,
/* idx contains size of unicodePasswd */ /* idx contains size of unicodePasswd */
if ((ret = wc_PKCS12_PBKDF_ex(key, unicodePasswd, idx, mac->salt, if ((ret = wc_PKCS12_PBKDF_ex(key, unicodePasswd, idx, mac->salt,
mac->saltSz, mac->itt, kLen, typeH, id, pkcs12->heap)) < 0) { mac->saltSz, mac->itt, kLen, (int)hashT, id, pkcs12->heap)) < 0) {
return ret; return ret;
} }
@ -554,7 +533,7 @@ static int wc_PKCS12_create_mac(WC_PKCS12* pkcs12, byte* data, word32 dataSz,
if ((ret = wc_HmacInit(&hmac, pkcs12->heap, INVALID_DEVID)) != 0) { if ((ret = wc_HmacInit(&hmac, pkcs12->heap, INVALID_DEVID)) != 0) {
return ret; return ret;
} }
ret = wc_HmacSetKey(&hmac, typeH, key, kLen); ret = wc_HmacSetKey(&hmac, (int)hashT, key, kLen);
if (ret == 0) if (ret == 0)
ret = wc_HmacUpdate(&hmac, data, dataSz); ret = wc_HmacUpdate(&hmac, data, dataSz);
if (ret == 0) if (ret == 0)

68
wolfcrypt/src/pkcs7.c
View File

@ -994,58 +994,6 @@ static int wc_PKCS7_SignedDataBuildSignature(PKCS7* pkcs7,
return ret; return ret;
} }
/* sets the wc_HashType in ESD struct based on pkcs7->hashOID
*
* pkcs7 - pointer to initialized PKCS7 struct
* type - [OUT] pointer to wc_HashType for output
*
* returns hash digest size on success, negative on error */
static int wc_PKCS7_SetHashType(PKCS7* pkcs7, enum wc_HashType* type)
{
if (pkcs7 == NULL || type == NULL)
return BAD_FUNC_ARG;
switch (pkcs7->hashOID) {
#ifndef NO_MD5
case MD5h:
*type = WC_HASH_TYPE_MD5;
break;
#endif
#ifndef NO_SHA
case SHAh:
*type = WC_HASH_TYPE_SHA;
break;
#endif
#ifdef WOLFSSL_SHA224
case SHA224h:
*type = WC_HASH_TYPE_SHA224;
break;
#endif
#ifndef NO_SHA256
case SHA256h:
*type = WC_HASH_TYPE_SHA256;
break;
#endif
#ifdef WOLFSSL_SHA384
case SHA384h:
*type = WC_HASH_TYPE_SHA384;
break;
#endif
#ifdef WOLFSSL_SHA512
case SHA512h:
*type = WC_HASH_TYPE_SHA512;
break;
#endif
default:
return BAD_FUNC_ARG;
}
return wc_HashGetDigestSize(*type);
}
/* build PKCS#7 signedData content type */ /* build PKCS#7 signedData content type */
int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
{ {
@ -1097,13 +1045,15 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
XMEMSET(esd, 0, sizeof(ESD)); XMEMSET(esd, 0, sizeof(ESD));
hashSz = wc_PKCS7_SetHashType(pkcs7, &esd->hashType); esd->hashType = wc_OidGetHash(pkcs7->hashOID);
if (hashSz < 0) { ret = wc_HashGetDigestSize(esd->hashType);
if (ret < 0) {
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
return hashSz; return ret;
} }
hashSz = ret;
ret = wc_HashInit(&esd->hash, esd->hashType); ret = wc_HashInit(&esd->hash, esd->hashType);
if (ret != 0) { if (ret != 0) {
@ -1521,13 +1471,15 @@ static int wc_PKCS7_BuildSignedDataDigest(PKCS7* pkcs7, byte* signedAttrib,
XMEMSET(digest, 0, WC_MAX_DIGEST_SIZE); XMEMSET(digest, 0, WC_MAX_DIGEST_SIZE);
XMEMSET(digestInfo, 0, MAX_PKCS7_DIGEST_SZ); XMEMSET(digestInfo, 0, MAX_PKCS7_DIGEST_SZ);
hashSz = wc_PKCS7_SetHashType(pkcs7, &hashType); hashType = wc_OidGetHash(pkcs7->hashOID);
if (hashSz < 0) { ret = wc_HashGetDigestSize(hashType);
if (ret < 0) {
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(digestInfo, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(digestInfo, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
return hashSz; return ret;
} }
hashSz = ret;
/* calculate digest */ /* calculate digest */
ret = wc_HashInit(&hash, hashType); ret = wc_HashInit(&hash, hashType);

1
wolfssl/wolfcrypt/hash.h
View File

@ -117,6 +117,7 @@ typedef union {
#if !defined(NO_ASN) || !defined(NO_DH) || defined(HAVE_ECC) #if !defined(NO_ASN) || !defined(NO_DH) || defined(HAVE_ECC)
WOLFSSL_API int wc_HashGetOID(enum wc_HashType hash_type); WOLFSSL_API int wc_HashGetOID(enum wc_HashType hash_type);
WOLFSSL_API enum wc_HashType wc_OidGetHash(int oid);
#endif #endif
WOLFSSL_API enum wc_HashType wc_HashTypeConvert(int hashType); WOLFSSL_API enum wc_HashType wc_HashTypeConvert(int hashType);