feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

uses most recent version of cyassl

Browse Source
This commit is contained in:
JacobBarthelmeh
2014-07-10 11:18:49 -06:00
parent 0a2a56db57
commit c322cb05ad
66 changed files with 5270 additions and 2254 deletions
Download Patch File Download Diff File Expand all files Collapse all files

137
ctaocrypt/benchmark/benchmark.c
View File

@@ -53,6 +53,9 @@
#include "cavium_common.h"
#include "cavium_ioctl.h"
#endif
#ifdef HAVE_NTRU
#include "ntru_crypto.h"
#endif
#if defined(CYASSL_MDK_ARM)
extern FILE * CyaSSL_fopen(const char *fname, const char *mode) ;
@@ -105,6 +108,9 @@ void bench_dh(void);
void bench_eccKeyGen(void);
void bench_eccKeyAgree(void);
#endif
#ifdef HAVE_NTRU
void bench_ntruKeyGen(void);
#endif
double current_time(int);
@@ -132,6 +138,9 @@ static int OpenNitroxDevice(int dma_mode,int dev_id)
#endif
#if defined(DEBUG_CYASSL) && !defined(HAVE_VALGRIND)
CYASSL_API int CyaSSL_Debugging_ON();
#endif
/* so embedded projects can pull in tests on their own */
#if !defined(NO_MAIN_DRIVER)
@@ -146,6 +155,10 @@ int benchmark_test(void *args)
{
#endif
#if defined(DEBUG_CYASSL) && !defined(HAVE_VALGRIND)
CyaSSL_Debugging_ON();
#endif
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0) {
@@ -225,6 +238,10 @@ int benchmark_test(void *args)
bench_rsaKeyGen();
#endif
#ifdef HAVE_NTRU
bench_ntruKeyGen();
#endif
#ifdef HAVE_ECC
bench_eccKeyGen();
bench_eccKeyAgree();
@@ -850,15 +867,14 @@ static RNG rng;
#ifndef NO_RSA
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \
defined(CYASSL_MDK_SHELL)
static char *certRSAname = "certs/rsa2048.der" ;
static void set_Bench_RSA_File(char * cert) { certRSAname = cert ; }
/* set by shell command */
#elif defined(CYASSL_MDK_SHELL)
/* nothing */
#else
static const char *certRSAname = "certs/rsa2048.der" ;
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
#if defined(CYASSL_MDK_SHELL)
static char *certRSAname = "certs/rsa2048.der";
/* set by shell command */
static void set_Bench_RSA_File(char * cert) { certRSAname = cert ; }
#else
static const char *certRSAname = "certs/rsa2048.der";
#endif
#endif
void bench_rsa(void)
@@ -955,20 +971,22 @@ void bench_rsa(void)
#ifndef NO_DH
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \
defined(CYASSL_MDK_SHELL)
static char *certDHname = "certs/dh2048.der" ;
void set_Bench_DH_File(char * cert) { certDHname = cert ; }
/* set by shell command */
#elif defined(CYASSL_MDK_SHELL)
/* nothing */
#else
static const char *certDHname = "certs/dh2048.der" ;
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
#if defined(CYASSL_MDK_SHELL)
static char *certDHname = "certs/dh2048.der";
/* set by shell command */
void set_Bench_DH_File(char * cert) { certDHname = cert ; }
#else
static const char *certDHname = "certs/dh2048.der";
#endif
#endif
void bench_dh(void)
{
int i, ret;
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
int ret;
#endif
int i ;
byte tmp[1024];
size_t bytes;
word32 idx = 0, pubSz, privSz = 0, pubSz2, privSz2, agreeSz;
@@ -1089,6 +1107,74 @@ void bench_rsaKeyGen(void)
" iterations\n", milliEach, genTimes);
}
#endif /* CYASSL_KEY_GEN */
#ifdef HAVE_NTRU
byte GetEntropy(ENTROPY_CMD cmd, byte* out);
byte GetEntropy(ENTROPY_CMD cmd, byte* out)
{
if (cmd == INIT)
return (InitRng(&rng) == 0) ? 1 : 0;
if (out == NULL)
return 0;
if (cmd == GET_BYTE_OF_ENTROPY)
return (RNG_GenerateBlock(&rng, out, 1) == 0) ? 1 : 0;
if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) {
*out = 1;
return 1;
}
return 0;
}
void bench_ntruKeyGen(void)
{
double start, total, each, milliEach;
int i;
byte public_key[5951]; /* 2048 key equivalent to rsa */
word16 public_key_len;
byte private_key[5951];
word16 private_key_len = sizeof(private_key);
DRBG_HANDLE drbg;
static uint8_t const pers_str[] = {
'C', 'y', 'a', 'S', 'S', 'L', ' ', 't', 'e', 's', 't'
};
word32 rc = ntru_crypto_drbg_instantiate(112, pers_str, sizeof(pers_str), GetEntropy, &drbg);
if(rc != DRBG_OK) {
printf("NTRU drbg instantiate failed\n");
return;
}
start = current_time(1);
for(i = 0; i < genTimes; i++) {
ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
public_key, &private_key_len, private_key);
}
total = current_time(0) - start;
rc = ntru_crypto_drbg_uninstantiate(drbg);
if (rc != NTRU_OK) {
printf("NTRU drbg uninstantiate failed\n");
return;
}
each = total / genTimes;
milliEach = each * 1000;
printf("\n");
printf("NTRU 112 key generation %6.3f milliseconds, avg over %d"
" iterations\n", milliEach, genTimes);
}
#endif
#ifdef HAVE_ECC
void bench_eccKeyGen(void)
@@ -1211,7 +1297,6 @@ void bench_eccKeyAgree(void)
}
#endif /* HAVE_ECC */
#ifdef _WIN32
#define WIN32_LEAN_AND_MEAN
@@ -1238,10 +1323,10 @@ void bench_eccKeyAgree(void)
#elif defined MICROCHIP_PIC32
#if defined(CYASSL_MICROCHIP_PIC32MZ)
#define CLOCK 8000000.0
#define CLOCK 80000000.0
#else
#include <peripheral/timer.h>
#define CLOCK 4000000.0
#define CLOCK 40000000.0
#endif
double current_time(int reset)
@@ -1259,10 +1344,10 @@ void bench_eccKeyAgree(void)
return ( ns / CLOCK * 2.0);
}
#elif defined CYASSL_MDK_ARM
extern double current_time(int reset) ;
#elif defined(CYASSL_IAR_ARM) || defined (CYASSL_MDK_ARM)
#warning "Write your current_time()"
double current_time(int reset) { return 0.0 ; }
#elif defined FREERTOS
double current_time(int reset)

52
ctaocrypt/src/aes.c
View File

@@ -804,6 +804,11 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
iv = (byte*)aes->reg;
enc_key = (byte*)aes->key;
if ((word)out % CYASSL_MMCAU_ALIGNMENT) {
CYASSL_MSG("Bad cau_aes_encrypt alignment");
return BAD_ALIGN_E;
}
while (len > 0)
{
XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
@@ -836,6 +841,11 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
iv = (byte*)aes->reg;
dec_key = (byte*)aes->key;
if ((word)out % CYASSL_MMCAU_ALIGNMENT) {
CYASSL_MSG("Bad cau_aes_decrypt alignment");
return BAD_ALIGN_E;
}
while (len > 0)
{
XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
@@ -1541,31 +1551,34 @@ static const word32 Td[5][256] = {
#ifdef CYASSL_AESNI
/* Each platform needs to query info type 1 from cpuid to see if aesni is
* supported. Also, let's setup a macro for proper linkage w/o ABI conflicts
*/
#ifndef _MSC_VER
#define cpuid(func,ax,bx,cx,dx)\
#define cpuid(reg, func)\
__asm__ __volatile__ ("cpuid":\
"=a" (ax), "=b" (bx), "=c" (cx), "=d" (dx) : "a" (func));
"=a" (reg[0]), "=b" (reg[1]), "=c" (reg[2]), "=d" (reg[3]) :\
"a" (func));
#define XASM_LINK(f) asm(f)
#else
#define cpuid(func,ax,bx,cx,dx)\
__asm mov eax, func \
__asm cpuid \
__asm mov ax, eax \
__asm mov bx, ebx \
__asm mov cx, ecx \
__asm mov dx, edx
#include <intrin.h>
#define cpuid(a,b) __cpuid((int*)a,b)
#define XASM_LINK(f)
#endif /* _MSC_VER */
static int Check_CPU_support_AES(void)
{
unsigned int a,b,c,d;
cpuid(1,a,b,c,d);
unsigned int reg[4]; /* put a,b,c,d into 0,1,2,3 */
cpuid(reg, 1); /* query info 1 */
if (c & 0x2000000)
if (reg[2] & 0x2000000)
return 1;
return 0;
@@ -1580,34 +1593,34 @@ static int haveAESNI = 0;
void AES_CBC_encrypt(const unsigned char* in, unsigned char* out,
unsigned char* ivec, unsigned long length,
const unsigned char* KS, int nr)
asm ("AES_CBC_encrypt");
XASM_LINK("AES_CBC_encrypt");
void AES_CBC_decrypt(const unsigned char* in, unsigned char* out,
unsigned char* ivec, unsigned long length,
const unsigned char* KS, int nr)
asm ("AES_CBC_decrypt");
XASM_LINK("AES_CBC_decrypt");
void AES_ECB_encrypt(const unsigned char* in, unsigned char* out,
unsigned long length, const unsigned char* KS, int nr)
asm ("AES_ECB_encrypt");
XASM_LINK("AES_ECB_encrypt");
void AES_ECB_decrypt(const unsigned char* in, unsigned char* out,
unsigned long length, const unsigned char* KS, int nr)
asm ("AES_ECB_decrypt");
XASM_LINK("AES_ECB_decrypt");
void AES_128_Key_Expansion(const unsigned char* userkey,
unsigned char* key_schedule)
asm ("AES_128_Key_Expansion");
XASM_LINK("AES_128_Key_Expansion");
void AES_192_Key_Expansion(const unsigned char* userkey,
unsigned char* key_schedule)
asm ("AES_192_Key_Expansion");
XASM_LINK("AES_192_Key_Expansion");
void AES_256_Key_Expansion(const unsigned char* userkey,
unsigned char* key_schedule)
asm ("AES_256_Key_Expansion");
XASM_LINK("AES_256_Key_Expansion");
static int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
@@ -2228,6 +2241,7 @@ int AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
if ((word)in % 16) {
#ifndef NO_CYASSL_ALLOC_ALIGN
byte* tmp = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
CYASSL_MSG("AES-CBC encrypt with bad alignment");
if (tmp == NULL) return MEMORY_E;
XMEMCPY(tmp, in, sz);

2
ctaocrypt/src/aes_asm.s
View File

@@ -24,6 +24,8 @@
* by Intel Mobility Group, Israel Development Center, Israel Shay Gueron
*/
/* This file is in at&t asm syntax, see .asm for intel syntax */
/*
AES_CBC_encrypt (const unsigned char *in,

1501
ctaocrypt/src/asn.c
View File

File diff suppressed because it is too large Load Diff

68
ctaocrypt/src/des3.c
View File

@@ -34,6 +34,7 @@
#include <cyassl/ctaocrypt/des3.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#include <cyassl/ctaocrypt/logging.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
@@ -169,19 +170,22 @@
CRYP_Cmd(DISABLE);
}
void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
int Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
{
DesCrypt(des, out, in, sz, DES_ENCRYPTION, DES_CBC);
return 0;
}
void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
int Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
{
DesCrypt(des, out, in, sz, DES_DECRYPTION, DES_CBC);
return 0;
}
void Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
int Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
{
DesCrypt(des, out, in, sz, DES_ENCRYPTION, DES_ECB);
return 0;
}
void Des3Crypt(Des3* des, byte* out, const byte* in, word32 sz,
@@ -389,14 +393,16 @@ static void Des_Cbc(byte* out, const byte* in, word32 sz,
}
void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
int Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
{
Des_Cbc(out, in, sz, (byte *)des->key, (byte *)des->reg, SEC_DESC_DES_CBC_ENCRYPT) ;
return 0;
}
void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
int Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
{
Des_Cbc(out, in, sz, (byte *)des->key, (byte *)des->reg, SEC_DESC_DES_CBC_DECRYPT) ;
return 0;
}
int Des3_CbcEncrypt(Des3* des3, byte* out, const byte* in, word32 sz)
@@ -556,7 +562,7 @@ int Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir)
return ret;
}
void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
int Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
{
int i;
int offset = 0;
@@ -566,6 +572,11 @@ int Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir)
iv = (byte*)des->reg;
if ((word)out % CYASSL_MMCAU_ALIGNMENT) {
CYASSL_MSG("Bad cau_des_encrypt alignment");
return BAD_ALIGN_E;
}
while (len > 0)
{
XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
@@ -583,10 +594,10 @@ int Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir)
XMEMCPY(iv, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
}
return;
return 0;
}
void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
int Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
{
int i;
int offset = 0;
@@ -596,6 +607,11 @@ int Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir)
iv = (byte*)des->reg;
if ((word)out % CYASSL_MMCAU_ALIGNMENT) {
CYASSL_MSG("Bad cau_des_decrypt alignment");
return BAD_ALIGN_E;
}
while (len > 0)
{
XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
@@ -613,7 +629,7 @@ int Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir)
offset += DES_BLOCK_SIZE;
}
return;
return 0;
}
int Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
@@ -627,6 +643,11 @@ int Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir)
iv = (byte*)des->reg;
if ((word)out % CYASSL_MMCAU_ALIGNMENT) {
CYASSL_MSG("Bad 3ede cau_des_encrypt alignment");
return BAD_ALIGN_E;
}
while (len > 0)
{
XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
@@ -660,6 +681,11 @@ int Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir)
iv = (byte*)des->reg;
if ((word)out % CYASSL_MMCAU_ALIGNMENT) {
CYASSL_MSG("Bad 3ede cau_des_decrypt alignment");
return BAD_ALIGN_E;
}
while (len > 0)
{
XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
@@ -761,9 +787,9 @@ int Des3_SetIV(Des3* des, const byte* iv);
bd_p->BD_CTRL.LAST_BD = 1;
bd_p->BD_CTRL.DESC_EN = 1;
bd_p->SA_ADDR = (unsigned int)KVA_TO_PA(&sa) ; // (unsigned int)sa_p ;
bd_p->SRCADDR = (unsigned int)KVA_TO_PA(in) ; // (unsigned int)in_p ;
bd_p->DSTADDR = (unsigned int)KVA_TO_PA(out); // (unsigned int)out_p ;
bd_p->SA_ADDR = (unsigned int)KVA_TO_PA(&sa) ; /* (unsigned int)sa_p; */
bd_p->SRCADDR = (unsigned int)KVA_TO_PA(in) ; /* (unsigned int)in_p; */
bd_p->DSTADDR = (unsigned int)KVA_TO_PA(out); /* (unsigned int)out_p; */
bd_p->NXTPTR = (unsigned int)KVA_TO_PA(&bd);
bd_p->MSGLEN = sz ;
@@ -772,7 +798,7 @@ int Des3_SetIV(Des3* des, const byte* iv);
while (CECON);
/* Run the engine */
CEBDPADDR = (unsigned int)KVA_TO_PA(&bd) ; // (unsigned int)bd_p ;
CEBDPADDR = (unsigned int)KVA_TO_PA(&bd) ; /* (unsigned int)bd_p ; */
CEINTEN = 0x07;
CECON = 0x27;
@@ -793,16 +819,18 @@ int Des3_SetIV(Des3* des, const byte* iv);
ByteReverseWords((word32*)out, (word32 *)KVA0_TO_KVA1(out), sz);
}
void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
int Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
{
DesCrypt(des->key, des->reg, out, in, sz,
PIC32_ENCRYPTION, PIC32_ALGO_DES, PIC32_CRYPTOALGO_CBC );
return 0;
}
void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
int Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
{
DesCrypt(des->key, des->reg, out, in, sz,
PIC32_DECRYPTION, PIC32_ALGO_DES, PIC32_CRYPTOALGO_CBC);
return 0;
}
int Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
@@ -1250,7 +1278,7 @@ static void Des3ProcessBlock(Des3* des, const byte* in, byte* out)
}
void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
int Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
{
word32 blocks = sz / DES_BLOCK_SIZE;
@@ -1262,10 +1290,11 @@ void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
out += DES_BLOCK_SIZE;
in += DES_BLOCK_SIZE;
}
return 0;
}
void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
int Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
{
word32 blocks = sz / DES_BLOCK_SIZE;
byte hold[DES_BLOCK_SIZE];
@@ -1282,6 +1311,7 @@ void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
out += DES_BLOCK_SIZE;
in += DES_BLOCK_SIZE;
}
return 0;
}
@@ -1332,7 +1362,7 @@ int Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
#ifdef CYASSL_DES_ECB
/* One block, compatibility only */
void Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
int Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
{
word32 blocks = sz / DES_BLOCK_SIZE;
@@ -1342,6 +1372,7 @@ void Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
out += DES_BLOCK_SIZE;
in += DES_BLOCK_SIZE;
}
return 0;
}
#endif /* CYASSL_DES_ECB */
@@ -1370,7 +1401,6 @@ int Des3_SetIV(Des3* des, const byte* iv)
#ifdef HAVE_CAVIUM
#include <cyassl/ctaocrypt/logging.h>
#include "cavium_common.h"
/* Initiliaze Des3 for use with Nitrox device */

26
ctaocrypt/src/ecc.c
View File

@@ -3629,9 +3629,9 @@ enum ecSrvState {
struct ecEncCtx {
byte* kdfSalt; /* optional salt for kdf */
byte* kdfInfo; /* optional info for kdf */
byte* macSalt; /* optional salt for mac */
const byte* kdfSalt; /* optional salt for kdf */
const byte* kdfInfo; /* optional info for kdf */
const byte* macSalt; /* optional salt for mac */
word32 kdfSaltSz; /* size of kdfSalt */
word32 kdfInfoSz; /* size of kdfInfo */
word32 macSaltSz; /* size of macSalt */
@@ -3676,6 +3676,19 @@ const byte* ecc_ctx_get_own_salt(ecEncCtx* ctx)
}
/* optional set info, can be called before or after set_peer_salt */
int ecc_ctx_set_info(ecEncCtx* ctx, const byte* info, int sz)
{
if (ctx == NULL || info == 0 || sz < 0)
return BAD_FUNC_ARG;
ctx->kdfInfo = info;
ctx->kdfInfoSz = sz;
return 0;
}
static const char* exchange_info = "Secure Message Exchange";
int ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt)
@@ -3717,8 +3730,11 @@ int ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt)
ctx->macSalt = ctx->serverSalt;
ctx->macSaltSz = EXCHANGE_SALT_SZ;
ctx->kdfInfo = (byte*)exchange_info;
ctx->kdfInfoSz = EXCHANGE_INFO_SZ;
if (ctx->kdfInfo == NULL) {
/* default info */
ctx->kdfInfo = (const byte*)exchange_info;
ctx->kdfInfoSz = EXCHANGE_INFO_SZ;
}
return 0;
}

268
ctaocrypt/src/error.c
View File

@@ -22,7 +22,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#include <cyassl/ctaocrypt/error-crypt.h>
@@ -32,334 +32,264 @@
#pragma warning(disable: 4996)
#endif
void CTaoCryptErrorString(int error, char* buffer)
const char* CTaoCryptGetErrorString(int error)
{
const int max = CYASSL_MAX_ERROR_SZ; /* shorthand */
#ifdef NO_ERROR_STRINGS
(void)error;
XSTRNCPY(buffer, "no support for error strings built in", max);
return "no support for error strings built in";
#else
switch (error) {
case OPEN_RAN_E :
XSTRNCPY(buffer, "opening random device error", max);
break;
case OPEN_RAN_E :
return "opening random device error";
case READ_RAN_E :
XSTRNCPY(buffer, "reading random device error", max);
break;
return "reading random device error";
case WINCRYPT_E :
XSTRNCPY(buffer, "windows crypt init error", max);
break;
return "windows crypt init error";
case CRYPTGEN_E :
XSTRNCPY(buffer, "windows crypt generation error", max);
break;
case CRYPTGEN_E :
return "windows crypt generation error";
case RAN_BLOCK_E :
XSTRNCPY(buffer, "random device read would block error", max);
break;
case RAN_BLOCK_E :
return "random device read would block error";
case BAD_MUTEX_E :
XSTRNCPY(buffer, "Bad mutex, operation failed", max);
break;
case BAD_MUTEX_E :
return "Bad mutex, operation failed";
case MP_INIT_E :
XSTRNCPY(buffer, "mp_init error state", max);
break;
return "mp_init error state";
case MP_READ_E :
XSTRNCPY(buffer, "mp_read error state", max);
break;
return "mp_read error state";
case MP_EXPTMOD_E :
XSTRNCPY(buffer, "mp_exptmod error state", max);
break;
return "mp_exptmod error state";
case MP_TO_E :
XSTRNCPY(buffer, "mp_to_xxx error state, can't convert", max);
break;
return "mp_to_xxx error state, can't convert";
case MP_SUB_E :
XSTRNCPY(buffer, "mp_sub error state, can't subtract", max);
break;
return "mp_sub error state, can't subtract";
case MP_ADD_E :
XSTRNCPY(buffer, "mp_add error state, can't add", max);
break;
return "mp_add error state, can't add";
case MP_MUL_E :
XSTRNCPY(buffer, "mp_mul error state, can't multiply", max);
break;
return "mp_mul error state, can't multiply";
case MP_MULMOD_E :
XSTRNCPY(buffer, "mp_mulmod error state, can't multiply mod", max);
break;
return "mp_mulmod error state, can't multiply mod";
case MP_MOD_E :
XSTRNCPY(buffer, "mp_mod error state, can't mod", max);
break;
return "mp_mod error state, can't mod";
case MP_INVMOD_E :
XSTRNCPY(buffer, "mp_invmod error state, can't inv mod", max);
break;
return "mp_invmod error state, can't inv mod";
case MP_CMP_E :
XSTRNCPY(buffer, "mp_cmp error state", max);
break;
return "mp_cmp error state";
case MP_ZERO_E :
XSTRNCPY(buffer, "mp zero result, not expected", max);
break;
return "mp zero result, not expected";
case MEMORY_E :
XSTRNCPY(buffer, "out of memory error", max);
break;
return "out of memory error";
case RSA_WRONG_TYPE_E :
XSTRNCPY(buffer, "RSA wrong block type for RSA function", max);
break;
return "RSA wrong block type for RSA function";
case RSA_BUFFER_E :
XSTRNCPY(buffer, "RSA buffer error, output too small or input too big",
max);
break;
return "RSA buffer error, output too small or input too big";
case BUFFER_E :
XSTRNCPY(buffer, "Buffer error, output too small or input too big",max);
break;
return "Buffer error, output too small or input too big";
case ALGO_ID_E :
XSTRNCPY(buffer, "Setting Cert AlogID error", max);
break;
return "Setting Cert AlogID error";
case PUBLIC_KEY_E :
XSTRNCPY(buffer, "Setting Cert Public Key error", max);
break;
return "Setting Cert Public Key error";
case DATE_E :
XSTRNCPY(buffer, "Setting Cert Date validity error", max);
break;
return "Setting Cert Date validity error";
case SUBJECT_E :
XSTRNCPY(buffer, "Setting Cert Subject name error", max);
break;
return "Setting Cert Subject name error";
case ISSUER_E :
XSTRNCPY(buffer, "Setting Cert Issuer name error", max);
break;
return "Setting Cert Issuer name error";
case CA_TRUE_E :
XSTRNCPY(buffer, "Setting basic constraint CA true error", max);
break;
return "Setting basic constraint CA true error";
case EXTENSIONS_E :
XSTRNCPY(buffer, "Setting extensions error", max);
break;
return "Setting extensions error";
case ASN_PARSE_E :
XSTRNCPY(buffer, "ASN parsing error, invalid input", max);
break;
return "ASN parsing error, invalid input";
case ASN_VERSION_E :
XSTRNCPY(buffer, "ASN version error, invalid number", max);
break;
return "ASN version error, invalid number";
case ASN_GETINT_E :
XSTRNCPY(buffer, "ASN get big int error, invalid data", max);
break;
return "ASN get big int error, invalid data";
case ASN_RSA_KEY_E :
XSTRNCPY(buffer, "ASN key init error, invalid input", max);
break;
return "ASN key init error, invalid input";
case ASN_OBJECT_ID_E :
XSTRNCPY(buffer, "ASN object id error, invalid id", max);
break;
return "ASN object id error, invalid id";
case ASN_TAG_NULL_E :
XSTRNCPY(buffer, "ASN tag error, not null", max);
break;
return "ASN tag error, not null";
case ASN_EXPECT_0_E :
XSTRNCPY(buffer, "ASN expect error, not zero", max);
break;
return "ASN expect error, not zero";
case ASN_BITSTR_E :
XSTRNCPY(buffer, "ASN bit string error, wrong id", max);
break;
return "ASN bit string error, wrong id";
case ASN_UNKNOWN_OID_E :
XSTRNCPY(buffer, "ASN oid error, unknown sum id", max);
break;
return "ASN oid error, unknown sum id";
case ASN_DATE_SZ_E :
XSTRNCPY(buffer, "ASN date error, bad size", max);
break;
return "ASN date error, bad size";
case ASN_BEFORE_DATE_E :
XSTRNCPY(buffer, "ASN date error, current date before", max);
break;
return "ASN date error, current date before";
case ASN_AFTER_DATE_E :
XSTRNCPY(buffer, "ASN date error, current date after", max);
break;
return "ASN date error, current date after";
case ASN_SIG_OID_E :
XSTRNCPY(buffer, "ASN signature error, mismatched oid", max);
break;
return "ASN signature error, mismatched oid";
case ASN_TIME_E :
XSTRNCPY(buffer, "ASN time error, unkown time type", max);
break;
return "ASN time error, unkown time type";
case ASN_INPUT_E :
XSTRNCPY(buffer, "ASN input error, not enough data", max);
break;
return "ASN input error, not enough data";
case ASN_SIG_CONFIRM_E :
XSTRNCPY(buffer, "ASN sig error, confirm failure", max);
break;
return "ASN sig error, confirm failure";
case ASN_SIG_HASH_E :
XSTRNCPY(buffer, "ASN sig error, unsupported hash type", max);
break;
return "ASN sig error, unsupported hash type";
case ASN_SIG_KEY_E :
XSTRNCPY(buffer, "ASN sig error, unsupported key type", max);
break;
return "ASN sig error, unsupported key type";
case ASN_DH_KEY_E :
XSTRNCPY(buffer, "ASN key init error, invalid input", max);
break;
return "ASN key init error, invalid input";
case ASN_NTRU_KEY_E :
XSTRNCPY(buffer, "ASN NTRU key decode error, invalid input", max);
break;
return "ASN NTRU key decode error, invalid input";
case ASN_CRIT_EXT_E:
XSTRNCPY(buffer, "X.509 Critical extension ignored", max);
break;
return "X.509 Critical extension ignored";
case ECC_BAD_ARG_E :
XSTRNCPY(buffer, "ECC input argument wrong type, invalid input", max);
break;
return "ECC input argument wrong type, invalid input";
case ASN_ECC_KEY_E :
XSTRNCPY(buffer, "ECC ASN1 bad key data, invalid input", max);
break;
return "ECC ASN1 bad key data, invalid input";
case ECC_CURVE_OID_E :
XSTRNCPY(buffer, "ECC curve sum OID unsupported, invalid input", max);
break;
return "ECC curve sum OID unsupported, invalid input";
case BAD_FUNC_ARG :
XSTRNCPY(buffer, "Bad function argument", max);
break;
return "Bad function argument";
case NOT_COMPILED_IN :
XSTRNCPY(buffer, "Feature not compiled in", max);
break;
return "Feature not compiled in";
case UNICODE_SIZE_E :
XSTRNCPY(buffer, "Unicode password too big", max);
break;
return "Unicode password too big";
case NO_PASSWORD :
XSTRNCPY(buffer, "No password provided by user", max);
break;
return "No password provided by user";
case ALT_NAME_E :
XSTRNCPY(buffer, "Alt Name problem, too big", max);
break;
return "Alt Name problem, too big";
case AES_GCM_AUTH_E:
XSTRNCPY(buffer, "AES-GCM Authentication check fail", max);
break;
return "AES-GCM Authentication check fail";
case AES_CCM_AUTH_E:
XSTRNCPY(buffer, "AES-CCM Authentication check fail", max);
break;
return "AES-CCM Authentication check fail";
case CAVIUM_INIT_E:
XSTRNCPY(buffer, "Cavium Init type error", max);
break;
return "Cavium Init type error";
case COMPRESS_INIT_E:
XSTRNCPY(buffer, "Compress Init error", max);
break;
return "Compress Init error";
case COMPRESS_E:
XSTRNCPY(buffer, "Compress error", max);
break;
return "Compress error";
case DECOMPRESS_INIT_E:
XSTRNCPY(buffer, "DeCompress Init error", max);
break;
return "DeCompress Init error";
case DECOMPRESS_E:
XSTRNCPY(buffer, "DeCompress error", max);
break;
return "DeCompress error";
case BAD_ALIGN_E:
XSTRNCPY(buffer, "Bad alignment error, no alloc help", max);
break;
return "Bad alignment error, no alloc help";
case ASN_NO_SIGNER_E :
XSTRNCPY(buffer, "ASN no signer error to confirm failure", max);
break;
return "ASN no signer error to confirm failure";
case ASN_CRL_CONFIRM_E :
XSTRNCPY(buffer, "ASN CRL sig error, confirm failure", max);
break;
return "ASN CRL sig error, confirm failure";
case ASN_CRL_NO_SIGNER_E :
XSTRNCPY(buffer, "ASN CRL no signer error to confirm failure", max);
break;
return "ASN CRL no signer error to confirm failure";
case ASN_OCSP_CONFIRM_E :
XSTRNCPY(buffer, "ASN OCSP sig error, confirm failure", max);
break;
return "ASN OCSP sig error, confirm failure";
case BAD_ENC_STATE_E:
XSTRNCPY(buffer, "Bad ecc encrypt state operation", max);
break;
return "Bad ecc encrypt state operation";
case BAD_PADDING_E:
XSTRNCPY(buffer, "Bad padding, message wrong length", max);
break;
return "Bad padding, message wrong length";
case REQ_ATTRIBUTE_E:
XSTRNCPY(buffer, "Setting cert request attributes error", max);
break;
return "Setting cert request attributes error";
case PKCS7_OID_E:
XSTRNCPY(buffer, "PKCS#7 error: mismatched OID value", max);
break;
return "PKCS#7 error: mismatched OID value";
case PKCS7_RECIP_E:
XSTRNCPY(buffer, "PKCS#7 error: no matching recipient found", max);
break;
return "PKCS#7 error: no matching recipient found";
case FIPS_NOT_ALLOWED_E:
XSTRNCPY(buffer, "FIPS mode not allowed error", max);
break;
return "FIPS mode not allowed error";
case ASN_NAME_INVALID_E:
XSTRNCPY(buffer, "Name Constraint error", max);
break;
return "Name Constraint error";
case RNG_FAILURE_E:
return "Random Number Generator failed";
case HMAC_MIN_KEYLEN_E:
return "FIPS Mode HMAC Minimum Key Length error";
default:
XSTRNCPY(buffer, "unknown error number", max);
return "unknown error number";
}
#endif /* NO_ERROR_STRINGS */
}
void CTaoCryptErrorString(int error, char* buffer)
{
XSTRNCPY(buffer, CTaoCryptGetErrorString(error), CYASSL_MAX_ERROR_SZ);
}

5
ctaocrypt/src/hmac.c
View File

@@ -131,6 +131,11 @@ int HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
if (ret != 0)
return ret;
#ifdef HAVE_FIPS
if (length < HMAC_FIPS_MIN_KEY)
return HMAC_MIN_KEYLEN_E;
#endif
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:

3
ctaocrypt/src/include.am
View File

@@ -2,7 +2,8 @@
# All paths should be given relative to the root
EXTRA_DIST += ctaocrypt/src/misc.c
EXTRA_DIST += ctaocrypt/src/asm.c
EXTRA_DIST += ctaocrypt/src/asm.c
EXTRA_DIST += ctaocrypt/src/aes_asm.asm
EXTRA_DIST += \
ctaocrypt/src/ecc_fp.c \

16
ctaocrypt/src/integer.c
View File

@@ -1854,15 +1854,15 @@ int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y,
}
/* compute the value at M[1<<(winsize-1)] by squaring M[1] (winsize-1) times*/
if ((err = mp_copy (&M[1], &M[1 << (winsize - 1)])) != MP_OKAY) {
if ((err = mp_copy (&M[1], &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) {
goto LBL_RES;
}
for (x = 0; x < (winsize - 1); x++) {
if ((err = mp_sqr (&M[1 << (winsize - 1)], &M[1 << (winsize - 1)])) != MP_OKAY) {
if ((err = mp_sqr (&M[(mp_digit)(1 << (winsize - 1))], &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) {
goto LBL_RES;
}
if ((err = redux (&M[1 << (winsize - 1)], P, mp)) != MP_OKAY) {
if ((err = redux (&M[(mp_digit)(1 << (winsize - 1))], P, mp)) != MP_OKAY) {
goto LBL_RES;
}
}
@@ -3250,19 +3250,19 @@ int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode)
/* compute the value at M[1<<(winsize-1)] by squaring
* M[1] (winsize-1) times
*/
if ((err = mp_copy (&M[1], &M[1 << (winsize - 1)])) != MP_OKAY) {
if ((err = mp_copy (&M[1], &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) {
goto LBL_MU;
}
for (x = 0; x < (winsize - 1); x++) {
/* square it */
if ((err = mp_sqr (&M[1 << (winsize - 1)],
&M[1 << (winsize - 1)])) != MP_OKAY) {
if ((err = mp_sqr (&M[(mp_digit)(1 << (winsize - 1))],
&M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) {
goto LBL_MU;
}
/* reduce modulo P */
if ((err = redux (&M[1 << (winsize - 1)], P, &mu)) != MP_OKAY) {
if ((err = redux (&M[(mp_digit)(1 << (winsize - 1))], P, &mu)) != MP_OKAY) {
goto LBL_MU;
}
}
@@ -3765,7 +3765,7 @@ int mp_sqrmod (mp_int * a, mp_int * b, mp_int * c)
#endif
#if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(CYASSL_SNIFFER) || defined(CYASSL_HAVE_WOLFSCEP)
#if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(CYASSL_SNIFFER) || defined(CYASSL_HAVE_WOLFSCEP) || defined(CYASSL_KEY_GEN)
/* single digit addition */
int mp_add_d (mp_int* a, mp_digit b, mp_int* c)

28
ctaocrypt/src/md2.c
View File

@@ -29,6 +29,8 @@
#ifdef CYASSL_MD2
#include <cyassl/ctaocrypt/md2.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
#else
@@ -128,4 +130,30 @@ void Md2Final(Md2* md2, byte* hash)
}
int Md2Hash(const byte* data, word32 len, byte* hash)
{
#ifdef CYASSL_SMALL_STACK
Md2* md2;
#else
Md2 md2[1];
#endif
#ifdef CYASSL_SMALL_STACK
md2 = (Md2*)XMALLOC(sizeof(Md2), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (md2 == NULL)
return MEMORY_E;
#endif
InitMd2(md2);
Md2Update(md2, data, len);
Md2Final(md2, hash);
#ifdef CYASSL_SMALL_STACK
XFREE(md2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return 0;
}
#endif /* CYASSL_MD2 */

27
ctaocrypt/src/md5.c
View File

@@ -35,6 +35,7 @@
#endif
#include <cyassl/ctaocrypt/md5.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
@@ -361,4 +362,30 @@ void Md5Final(Md5* md5, byte* hash)
#endif /* STM32F2_HASH */
int Md5Hash(const byte* data, word32 len, byte* hash)
{
#ifdef CYASSL_SMALL_STACK
Md5* md5;
#else
Md5 md5[1];
#endif
#ifdef CYASSL_SMALL_STACK
md5 = (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (md5 == NULL)
return MEMORY_E;
#endif
InitMd5(md5);
Md5Update(md5, data, len);
Md5Final(md5, hash);
#ifdef CYASSL_SMALL_STACK
XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return 0;
}
#endif /* NO_MD5 */

2
ctaocrypt/src/misc.c
View File

@@ -45,6 +45,8 @@
#include <stdlib.h> /* get intrinsic definitions */
/* for non visual studio probably need no long version, 32 bit only
* i.e., _rotl and _rotr */
#pragma intrinsic(_lrotl, _lrotr)
STATIC INLINE word32 rotlFixed(word32 x, word32 y)

914
ctaocrypt/src/pkcs7.c
View File

File diff suppressed because it is too large Load Diff

280
ctaocrypt/src/random.c
View File

@@ -30,10 +30,16 @@
*/
#ifdef HAVE_FIPS
/* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
#define FIPS_NO_WRAPPERS
#endif
#include <cyassl/ctaocrypt/random.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
#include <cyassl/ctaocrypt/sha256.h>
#ifdef NO_INLINE
@@ -74,9 +80,16 @@
#define NONCE_SZ (ENTROPY_SZ/2)
#define ENTROPY_NONCE_SZ (ENTROPY_SZ+NONCE_SZ)
#define DRBG_SUCCESS 0
#define DRBG_ERROR 1
#define DRBG_NEED_RESEED 2
/* Internal return codes */
#define DRBG_SUCCESS 0
#define DRBG_ERROR 1
#define DRBG_FAILURE 2
#define DRBG_NEED_RESEED 3
/* RNG health states */
#define DRBG_NOT_INIT 0
#define DRBG_OK 1
#define DRBG_FAILED 2
enum {
@@ -88,10 +101,11 @@ enum {
};
/* Hash Derivation Function */
/* Returns: DRBG_SUCCESS or DRBG_FAILURE */
static int Hash_df(RNG* rng, byte* out, word32 outSz, byte type,
byte* inA, word32 inASz,
byte* inB, word32 inBSz,
byte* inC, word32 inCSz)
const byte* inA, word32 inASz,
const byte* inB, word32 inBSz)
{
byte ctr;
int i;
@@ -107,33 +121,29 @@ static int Hash_df(RNG* rng, byte* out, word32 outSz, byte type,
for (i = 0, ctr = 1; i < len; i++, ctr++)
{
if (InitSha256(&rng->sha) != 0)
return DRBG_ERROR;
return DRBG_FAILURE;
if (Sha256Update(&rng->sha, &ctr, sizeof(ctr)) != 0)
return DRBG_ERROR;
return DRBG_FAILURE;
if (Sha256Update(&rng->sha, (byte*)&bits, sizeof(bits)) != 0)
return DRBG_ERROR;
return DRBG_FAILURE;
/* churning V is the only string that doesn't have
* the type added */
if (type != drbgInitV)
if (Sha256Update(&rng->sha, &type, sizeof(type)) != 0)
return DRBG_ERROR;
return DRBG_FAILURE;
if (Sha256Update(&rng->sha, inA, inASz) != 0)
return DRBG_ERROR;
return DRBG_FAILURE;
if (inB != NULL && inBSz > 0)
if (Sha256Update(&rng->sha, inB, inBSz) != 0)
return DRBG_ERROR;
if (inC != NULL && inCSz > 0)
if (Sha256Update(&rng->sha, inC, inCSz) != 0)
return DRBG_ERROR;
return DRBG_FAILURE;
if (Sha256Final(&rng->sha, rng->digest) != 0)
return DRBG_ERROR;
return DRBG_FAILURE;
if (outSz > OUTPUT_BLOCK_LEN) {
XMEMCPY(out, rng->digest, OUTPUT_BLOCK_LEN);
@@ -149,26 +159,26 @@ static int Hash_df(RNG* rng, byte* out, word32 outSz, byte type,
}
static int Hash_DRBG_Reseed(RNG* rng, byte* entropy, word32 entropySz)
/* Returns: DRBG_SUCCESS or DRBG_FAILURE */
static int Hash_DRBG_Reseed(RNG* rng, const byte* entropy, word32 entropySz)
{
int ret;
byte seed[DRBG_SEED_LEN];
ret = Hash_df(rng, seed, sizeof(seed), drbgReseed, rng->V, sizeof(rng->V),
entropy, entropySz, NULL, 0);
if (ret != 0)
return ret;
if (Hash_df(rng, seed, sizeof(seed), drbgReseed, rng->V, sizeof(rng->V),
entropy, entropySz) != DRBG_SUCCESS) {
return DRBG_FAILURE;
}
XMEMCPY(rng->V, seed, sizeof(rng->V));
XMEMSET(seed, 0, sizeof(seed));
ret = Hash_df(rng, rng->C, sizeof(rng->C), drbgInitC, rng->V,
sizeof(rng->V), NULL, 0, NULL, 0);
if (ret != 0)
return ret;
if (Hash_df(rng, rng->C, sizeof(rng->C), drbgInitC, rng->V,
sizeof(rng->V), NULL, 0) != DRBG_SUCCESS) {
return DRBG_FAILURE;
}
rng->reseedCtr = 1;
return 0;
return DRBG_SUCCESS;
}
static INLINE void array_add_one(byte* data, word32 dataSz)
@@ -182,26 +192,23 @@ static INLINE void array_add_one(byte* data, word32 dataSz)
}
}
static int Hash_gen(RNG* rng, byte* out, word32 outSz, byte* V)
/* Returns: DRBG_SUCCESS or DRBG_FAILURE */
static int Hash_gen(RNG* rng, byte* out, word32 outSz, const byte* V)
{
byte data[DRBG_SEED_LEN];
int i, ret;
int i;
int len = (outSz / OUTPUT_BLOCK_LEN)
+ ((outSz % OUTPUT_BLOCK_LEN) ? 1 : 0);
XMEMCPY(data, V, sizeof(data));
for (i = 0; i < len; i++) {
ret = InitSha256(&rng->sha);
if (ret != 0)
return ret;
if (InitSha256(&rng->sha) != 0 ||
Sha256Update(&rng->sha, data, sizeof(data)) != 0 ||
Sha256Final(&rng->sha, rng->digest) != 0) {
ret = Sha256Update(&rng->sha, data, sizeof(data));
if (ret != 0)
return ret;
ret = Sha256Final(&rng->sha, rng->digest);
if (ret != 0)
return ret;
return DRBG_FAILURE;
}
if (outSz > OUTPUT_BLOCK_LEN) {
XMEMCPY(out, rng->digest, OUTPUT_BLOCK_LEN);
@@ -215,11 +222,11 @@ static int Hash_gen(RNG* rng, byte* out, word32 outSz, byte* V)
}
XMEMSET(data, 0, sizeof(data));
return 0;
return DRBG_SUCCESS;
}
static INLINE void array_add(byte* d, word32 dLen, byte* s, word32 sLen)
static INLINE void array_add(byte* d, word32 dLen, const byte* s, word32 sLen)
{
word16 carry = 0;
@@ -238,74 +245,67 @@ static INLINE void array_add(byte* d, word32 dLen, byte* s, word32 sLen)
}
/* Returns: DRBG_SUCCESS, DRBG_NEED_RESEED, or DRBG_FAILURE */
static int Hash_DRBG_Generate(RNG* rng, byte* out, word32 outSz)
{
int ret;
int ret = DRBG_NEED_RESEED;
if (rng->reseedCtr != RESEED_INTERVAL) {
byte type = drbgGenerateH;
word32 reseedCtr = rng->reseedCtr;
rng->reseedCtr++;
if (Hash_gen(rng, out, outSz, rng->V) != 0)
return DRBG_ERROR;
if (InitSha256(&rng->sha) != 0)
return DRBG_ERROR;
if (Sha256Update(&rng->sha, &type, sizeof(type)) != 0)
return DRBG_ERROR;
if (Sha256Update(&rng->sha, rng->V, sizeof(rng->V)) != 0)
return DRBG_ERROR;
if (Sha256Final(&rng->sha, rng->digest) != 0)
return DRBG_ERROR;
if (Hash_gen(rng, out, outSz, rng->V) != 0 ||
InitSha256(&rng->sha) != 0 ||
Sha256Update(&rng->sha, &type, sizeof(type)) != 0 ||
Sha256Update(&rng->sha, rng->V, sizeof(rng->V)) != 0 ||
Sha256Final(&rng->sha, rng->digest) != 0) {
array_add(rng->V, sizeof(rng->V), rng->digest, sizeof(rng->digest));
array_add(rng->V, sizeof(rng->V), rng->C, sizeof(rng->C));
#ifdef LITTLE_ENDIAN_ORDER
reseedCtr = ByteReverseWord32(reseedCtr);
#endif
array_add(rng->V, sizeof(rng->V), (byte*)&reseedCtr, sizeof(reseedCtr));
ret = DRBG_SUCCESS;
}
else {
ret = DRBG_NEED_RESEED;
ret = DRBG_FAILURE;
}
else {
array_add(rng->V, sizeof(rng->V), rng->digest, sizeof(rng->digest));
array_add(rng->V, sizeof(rng->V), rng->C, sizeof(rng->C));
#ifdef LITTLE_ENDIAN_ORDER
reseedCtr = ByteReverseWord32(reseedCtr);
#endif
array_add(rng->V, sizeof(rng->V),
(byte*)&reseedCtr, sizeof(reseedCtr));
ret = DRBG_SUCCESS;
}
}
return ret;
}
static int Hash_DRBG_Instantiate(RNG* rng, byte* seed, word32 seedSz,
byte* nonce, word32 nonceSz, byte* personal, word32 personalSz)
/* Returns: DRBG_SUCCESS or DRBG_FAILURE */
static int Hash_DRBG_Instantiate(RNG* rng, const byte* seed, word32 seedSz,
const byte* nonce, word32 nonceSz)
{
int ret;
int ret = DRBG_FAILURE;
XMEMSET(rng, 0, sizeof(*rng));
ret = Hash_df(rng, rng->V, sizeof(rng->V), drbgInitV, seed, seedSz,
nonce, nonceSz, personal, personalSz);
if (ret != 0)
return ret;
if (Hash_df(rng, rng->V, sizeof(rng->V), drbgInitV, seed, seedSz,
nonce, nonceSz) == DRBG_SUCCESS &&
Hash_df(rng, rng->C, sizeof(rng->C), drbgInitC, rng->V,
sizeof(rng->V), NULL, 0) == DRBG_SUCCESS) {
ret = Hash_df(rng, rng->C, sizeof(rng->C), drbgInitC, rng->V,
sizeof(rng->V), NULL, 0, NULL, 0);
if (ret != 0)
return ret;
rng->reseedCtr = 1;
ret = DRBG_SUCCESS;
}
rng->reseedCtr = 1;
return 0;
return ret;
}
/* Returns: DRBG_SUCCESS */
static int Hash_DRBG_Uninstantiate(RNG* rng)
{
int result = DRBG_ERROR;
XMEMSET(rng, 0, sizeof(*rng));
if (rng != NULL) {
XMEMSET(rng, 0, sizeof(*rng));
result = DRBG_SUCCESS;
}
return result;
return DRBG_SUCCESS;
}
/* End NIST DRBG Code */
@@ -314,17 +314,27 @@ static int Hash_DRBG_Uninstantiate(RNG* rng)
/* Get seed and key cipher */
int InitRng(RNG* rng)
{
byte entropy[ENTROPY_NONCE_SZ];
int ret = DRBG_ERROR;
int ret = BAD_FUNC_ARG;
/* This doesn't use a separate nonce. The entropy input will be
* the default size plus the size of the nonce making the seed
* size. */
if (GenerateSeed(&rng->seed, entropy, ENTROPY_NONCE_SZ) == 0)
ret = Hash_DRBG_Instantiate(rng, entropy, ENTROPY_NONCE_SZ,
NULL, 0, NULL, 0);
if (rng != NULL) {
byte entropy[ENTROPY_NONCE_SZ];
XMEMSET(entropy, 0, ENTROPY_NONCE_SZ);
/* This doesn't use a separate nonce. The entropy input will be
* the default size plus the size of the nonce making the seed
* size. */
if (GenerateSeed(&rng->seed, entropy, ENTROPY_NONCE_SZ) == 0 &&
Hash_DRBG_Instantiate(rng, entropy, ENTROPY_NONCE_SZ,
NULL, 0) == DRBG_SUCCESS) {
rng->status = DRBG_OK;
ret = 0;
}
else {
rng->status = DRBG_FAILED;
ret = RNG_FAILURE_E;
}
XMEMSET(entropy, 0, ENTROPY_NONCE_SZ);
}
return ret;
}
@@ -335,24 +345,36 @@ int RNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
{
int ret;
XMEMSET(output, 0, sz);
ret = Hash_DRBG_Generate(rng, output, sz);
if (rng == NULL || output == NULL || sz > MAX_REQUEST_LEN)
return BAD_FUNC_ARG;
if (ret == DRBG_NEED_RESEED) {
if (rng->status != DRBG_OK)
return RNG_FAILURE_E;
ret = Hash_DRBG_Generate(rng, output, sz);
if (ret == DRBG_SUCCESS) {
ret = 0;
}
else if (ret == DRBG_NEED_RESEED) {
byte entropy[ENTROPY_SZ];
ret = GenerateSeed(&rng->seed, entropy, ENTROPY_SZ);
if (ret == 0) {
ret = Hash_DRBG_Reseed(rng, entropy, ENTROPY_SZ);
if (GenerateSeed(&rng->seed, entropy, ENTROPY_SZ) == 0 &&
Hash_DRBG_Reseed(rng, entropy, ENTROPY_SZ) == DRBG_SUCCESS &&
Hash_DRBG_Generate(rng, output, sz) == DRBG_SUCCESS) {
if (ret == 0)
ret = Hash_DRBG_Generate(rng, output, sz);
ret = 0;
}
else {
ret = RNG_FAILURE_E;
rng->status = DRBG_FAILED;
}
else
ret = DRBG_ERROR;
XMEMSET(entropy, 0, ENTROPY_SZ);
}
else {
ret = RNG_FAILURE_E;
rng->status = DRBG_FAILED;
}
return ret;
}
@@ -364,11 +386,59 @@ int RNG_GenerateByte(RNG* rng, byte* b)
}
void FreeRng(RNG* rng)
int FreeRng(RNG* rng)
{
Hash_DRBG_Uninstantiate(rng);
int ret = BAD_FUNC_ARG;
if (rng != NULL) {
if (Hash_DRBG_Uninstantiate(rng) == DRBG_SUCCESS)
ret = 0;
else
ret = RNG_FAILURE_E;
}
return ret;
}
int RNG_HealthTest(int reseed, const byte* entropyA, word32 entropyASz,
const byte* entropyB, word32 entropyBSz,
const byte* output, word32 outputSz)
{
RNG rng;
byte check[SHA256_DIGEST_SIZE * 4];
if (Hash_DRBG_Instantiate(&rng, entropyA, entropyASz, NULL, 0) != 0)
return -1;
if (reseed) {
if (Hash_DRBG_Reseed(&rng, entropyB, entropyBSz) != 0) {
Hash_DRBG_Uninstantiate(&rng);
return -1;
}
}
if (Hash_DRBG_Generate(&rng, check, sizeof(check)) != 0) {
Hash_DRBG_Uninstantiate(&rng);
return -1;
}
if (Hash_DRBG_Generate(&rng, check, sizeof(check)) != 0) {
Hash_DRBG_Uninstantiate(&rng);
return -1;
}
if (outputSz != sizeof(check) || XMEMCMP(output, check, sizeof(check))) {
Hash_DRBG_Uninstantiate(&rng);
return -1;
}
Hash_DRBG_Uninstantiate(&rng);
return 0;
}
#else /* HAVE_HASHDRBG || NO_RC4 */
/* Get seed and key cipher */

34
ctaocrypt/src/sha.c
View File

@@ -40,6 +40,9 @@
#endif
#include <cyassl/ctaocrypt/sha.h>
#include <cyassl/ctaocrypt/logging.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
#else
@@ -392,4 +395,35 @@ int ShaFinal(Sha* sha, byte* hash)
#endif /* STM32F2_HASH */
int ShaHash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef CYASSL_SMALL_STACK
Sha* sha;
#else
Sha sha[1];
#endif
#ifdef CYASSL_SMALL_STACK
sha = (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha == NULL)
return MEMORY_E;
#endif
if ((ret = InitSha(sha)) != 0) {
CYASSL_MSG("InitSha failed");
}
else {
ShaUpdate(sha, data, len);
ShaFinal(sha, hash);
}
#ifdef CYASSL_SMALL_STACK
XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#endif /* NO_SHA */

35
ctaocrypt/src/sha256.c
View File

@@ -42,7 +42,9 @@
#endif
#include <cyassl/ctaocrypt/sha256.h>
#include <cyassl/ctaocrypt/logging.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
#else
@@ -283,5 +285,38 @@ int Sha256Final(Sha256* sha256, byte* hash)
}
int Sha256Hash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef CYASSL_SMALL_STACK
Sha256* sha256;
#else
Sha256 sha256[1];
#endif
#ifdef CYASSL_SMALL_STACK
sha256 = (Sha256*)XMALLOC(sizeof(Sha256), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha256 == NULL)
return MEMORY_E;
#endif
if ((ret = InitSha256(sha256)) != 0) {
CYASSL_MSG("InitSha256 failed");
}
else if ((ret = Sha256Update(sha256, data, len)) != 0) {
CYASSL_MSG("Sha256Update failed");
}
else if ((ret = Sha256Final(sha256, hash)) != 0) {
CYASSL_MSG("Sha256Final failed");
}
#ifdef CYASSL_SMALL_STACK
XFREE(sha256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#endif /* NO_SHA256 */

67
ctaocrypt/src/sha512.c
View File

@@ -33,7 +33,9 @@
#endif
#include <cyassl/ctaocrypt/sha512.h>
#include <cyassl/ctaocrypt/logging.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
#else
@@ -296,6 +298,38 @@ int Sha512Final(Sha512* sha512, byte* hash)
}
int Sha512Hash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef CYASSL_SMALL_STACK
Sha512* sha512;
#else
Sha512 sha512[1];
#endif
#ifdef CYASSL_SMALL_STACK
sha512 = (Sha512*)XMALLOC(sizeof(Sha512), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha512 == NULL)
return MEMORY_E;
#endif
if ((ret = InitSha512(sha512)) != 0) {
CYASSL_MSG("InitSha512 failed");
}
else if ((ret = Sha512Update(sha512, data, len)) != 0) {
CYASSL_MSG("Sha512Update failed");
}
else if ((ret = Sha512Final(sha512, hash)) != 0) {
CYASSL_MSG("Sha512Final failed");
}
#ifdef CYASSL_SMALL_STACK
XFREE(sha512, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#ifdef CYASSL_SHA384
@@ -470,6 +504,39 @@ int Sha384Final(Sha384* sha384, byte* hash)
return InitSha384(sha384); /* reset state */
}
int Sha384Hash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef CYASSL_SMALL_STACK
Sha384* sha384;
#else
Sha384 sha384[1];
#endif
#ifdef CYASSL_SMALL_STACK
sha384 = (Sha384*)XMALLOC(sizeof(Sha384), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha384 == NULL)
return MEMORY_E;
#endif
if ((ret = InitSha384(sha384)) != 0) {
CYASSL_MSG("InitSha384 failed");
}
else if ((ret = Sha384Update(sha384, data, len)) != 0) {
CYASSL_MSG("Sha384Update failed");
}
else if ((ret = Sha384Final(sha384, hash)) != 0) {
CYASSL_MSG("Sha384Final failed");
}
#ifdef CYASSL_SMALL_STACK
XFREE(sha384, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#endif /* CYASSL_SHA384 */
#endif /* CYASSL_SHA512 */

169
ctaocrypt/test/test.c
View File

@@ -103,7 +103,7 @@
#endif
#ifdef HAVE_NTRU
#include "crypto_ntru.h"
#include "ntru_crypto.h"
#endif
#ifdef HAVE_CAVIUM
#include "cavium_sysdep.h"
@@ -1167,9 +1167,11 @@ int hmac_md5_test(void)
test_hmac[2] = c;
for (i = 0; i < times; ++i) {
#ifdef HAVE_CAVIUM
#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM)
if (i == 1)
continue; /* driver can't handle keys <= bytes */
continue; /* cavium can't handle short keys, fips not allowed */
#endif
#ifdef HAVE_CAVIUM
if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
return -20009;
#endif
@@ -1242,9 +1244,11 @@ int hmac_sha_test(void)
test_hmac[2] = c;
for (i = 0; i < times; ++i) {
#ifdef HAVE_CAVIUM
#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM)
if (i == 1)
continue; /* driver can't handle keys <= bytes */
continue; /* cavium can't handle short keys, fips not allowed */
#endif
#ifdef HAVE_CAVIUM
if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
return -20010;
#endif
@@ -1321,9 +1325,11 @@ int hmac_sha256_test(void)
test_hmac[2] = c;
for (i = 0; i < times; ++i) {
#ifdef HAVE_CAVIUM
#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM)
if (i == 1)
continue; /* driver can't handle keys <= bytes */
continue; /* cavium can't handle short keys, fips not allowed */
#endif
#ifdef HAVE_CAVIUM
if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
return -20011;
#endif
@@ -1400,9 +1406,11 @@ int hmac_blake2b_test(void)
test_hmac[2] = c;
for (i = 0; i < times; ++i) {
#ifdef HAVE_CAVIUM
#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM)
if (i == 1)
continue; /* driver can't handle keys <= bytes */
continue; /* cavium can't handle short keys, fips not allowed */
#endif
#ifdef HAVE_CAVIUM
if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
return -20011;
#endif
@@ -1483,6 +1491,10 @@ int hmac_sha384_test(void)
test_hmac[2] = c;
for (i = 0; i < times; ++i) {
#if defined(HAVE_FIPS)
if (i == 1)
continue; /* fips not allowed */
#endif
ret = HmacSetKey(&hmac, SHA384, (byte*)keys[i],(word32)strlen(keys[i]));
if (ret != 0)
return -4027;
@@ -1559,6 +1571,10 @@ int hmac_sha512_test(void)
test_hmac[2] = c;
for (i = 0; i < times; ++i) {
#if defined(HAVE_FIPS)
if (i == 1)
continue; /* fips not allowed */
#endif
ret = HmacSetKey(&hmac, SHA512, (byte*)keys[i],(word32)strlen(keys[i]));
if (ret != 0)
return -4030;
@@ -2790,6 +2806,74 @@ int camellia_test(void)
#endif /* HAVE_CAMELLIA */
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
int random_test(void)
{
const byte test1Entropy[] =
{
0xa6, 0x5a, 0xd0, 0xf3, 0x45, 0xdb, 0x4e, 0x0e, 0xff, 0xe8, 0x75, 0xc3,
0xa2, 0xe7, 0x1f, 0x42, 0xc7, 0x12, 0x9d, 0x62, 0x0f, 0xf5, 0xc1, 0x19,
0xa9, 0xef, 0x55, 0xf0, 0x51, 0x85, 0xe0, 0xfb, 0x85, 0x81, 0xf9, 0x31,
0x75, 0x17, 0x27, 0x6e, 0x06, 0xe9, 0x60, 0x7d, 0xdb, 0xcb, 0xcc, 0x2e
};
const byte test1Output[] =
{
0xd3, 0xe1, 0x60, 0xc3, 0x5b, 0x99, 0xf3, 0x40, 0xb2, 0x62, 0x82, 0x64,
0xd1, 0x75, 0x10, 0x60, 0xe0, 0x04, 0x5d, 0xa3, 0x83, 0xff, 0x57, 0xa5,
0x7d, 0x73, 0xa6, 0x73, 0xd2, 0xb8, 0xd8, 0x0d, 0xaa, 0xf6, 0xa6, 0xc3,
0x5a, 0x91, 0xbb, 0x45, 0x79, 0xd7, 0x3f, 0xd0, 0xc8, 0xfe, 0xd1, 0x11,
0xb0, 0x39, 0x13, 0x06, 0x82, 0x8a, 0xdf, 0xed, 0x52, 0x8f, 0x01, 0x81,
0x21, 0xb3, 0xfe, 0xbd, 0xc3, 0x43, 0xe7, 0x97, 0xb8, 0x7d, 0xbb, 0x63,
0xdb, 0x13, 0x33, 0xde, 0xd9, 0xd1, 0xec, 0xe1, 0x77, 0xcf, 0xa6, 0xb7,
0x1f, 0xe8, 0xab, 0x1d, 0xa4, 0x66, 0x24, 0xed, 0x64, 0x15, 0xe5, 0x1c,
0xcd, 0xe2, 0xc7, 0xca, 0x86, 0xe2, 0x83, 0x99, 0x0e, 0xea, 0xeb, 0x91,
0x12, 0x04, 0x15, 0x52, 0x8b, 0x22, 0x95, 0x91, 0x02, 0x81, 0xb0, 0x2d,
0xd4, 0x31, 0xf4, 0xc9, 0xf7, 0x04, 0x27, 0xdf
};
const byte test2EntropyA[] =
{
0x63, 0x36, 0x33, 0x77, 0xe4, 0x1e, 0x86, 0x46, 0x8d, 0xeb, 0x0a, 0xb4,
0xa8, 0xed, 0x68, 0x3f, 0x6a, 0x13, 0x4e, 0x47, 0xe0, 0x14, 0xc7, 0x00,
0x45, 0x4e, 0x81, 0xe9, 0x53, 0x58, 0xa5, 0x69, 0x80, 0x8a, 0xa3, 0x8f,
0x2a, 0x72, 0xa6, 0x23, 0x59, 0x91, 0x5a, 0x9f, 0x8a, 0x04, 0xca, 0x68
};
const byte test2EntropyB[] =
{
0xe6, 0x2b, 0x8a, 0x8e, 0xe8, 0xf1, 0x41, 0xb6, 0x98, 0x05, 0x66, 0xe3,
0xbf, 0xe3, 0xc0, 0x49, 0x03, 0xda, 0xd4, 0xac, 0x2c, 0xdf, 0x9f, 0x22,
0x80, 0x01, 0x0a, 0x67, 0x39, 0xbc, 0x83, 0xd3
};
const byte test2Output[] =
{
0x04, 0xee, 0xc6, 0x3b, 0xb2, 0x31, 0xdf, 0x2c, 0x63, 0x0a, 0x1a, 0xfb,
0xe7, 0x24, 0x94, 0x9d, 0x00, 0x5a, 0x58, 0x78, 0x51, 0xe1, 0xaa, 0x79,
0x5e, 0x47, 0x73, 0x47, 0xc8, 0xb0, 0x56, 0x62, 0x1c, 0x18, 0xbd, 0xdc,
0xdd, 0x8d, 0x99, 0xfc, 0x5f, 0xc2, 0xb9, 0x20, 0x53, 0xd8, 0xcf, 0xac,
0xfb, 0x0b, 0xb8, 0x83, 0x12, 0x05, 0xfa, 0xd1, 0xdd, 0xd6, 0xc0, 0x71,
0x31, 0x8a, 0x60, 0x18, 0xf0, 0x3b, 0x73, 0xf5, 0xed, 0xe4, 0xd4, 0xd0,
0x71, 0xf9, 0xde, 0x03, 0xfd, 0x7a, 0xea, 0x10, 0x5d, 0x92, 0x99, 0xb8,
0xaf, 0x99, 0xaa, 0x07, 0x5b, 0xdb, 0x4d, 0xb9, 0xaa, 0x28, 0xc1, 0x8d,
0x17, 0x4b, 0x56, 0xee, 0x2a, 0x01, 0x4d, 0x09, 0x88, 0x96, 0xff, 0x22,
0x82, 0xc9, 0x55, 0xa8, 0x19, 0x69, 0xe0, 0x69, 0xfa, 0x8c, 0xe0, 0x07,
0xa1, 0x80, 0x18, 0x3a, 0x07, 0xdf, 0xae, 0x17
};
int ret;
ret = RNG_HealthTest(0, test1Entropy, sizeof(test1Entropy), NULL, 0,
test1Output, sizeof(test1Output));
if (ret != 0) return -39;
ret = RNG_HealthTest(1, test2EntropyA, sizeof(test2EntropyA),
test2EntropyB, sizeof(test2EntropyB),
test2Output, sizeof(test2Output));
if (ret != 0) return -40;
return 0;
}
#else /* HAVE_HASHDRBG || NO_RC4 */
int random_test(void)
{
RNG rng;
@@ -2809,6 +2893,8 @@ int random_test(void)
return 0;
}
#endif /* HAVE_HASHDRBG || NO_RC4 */
#ifdef HAVE_NTRU
@@ -2997,8 +3083,8 @@ int rsa_test(void)
int pemSz = 0;
RsaKey derIn;
RsaKey genKey;
FILE* keyFile;
FILE* pemFile;
FILE* keyFile;
FILE* pemFile;
ret = InitRsaKey(&genKey, 0);
if (ret != 0)
@@ -3192,7 +3278,7 @@ int rsa_test(void)
int pemSz;
size_t bytes3;
word32 idx3 = 0;
FILE* file3 ;
FILE* file3 ;
#ifdef CYASSL_TEST_CERT
DecodedCert decode;
#endif
@@ -3493,38 +3579,46 @@ int rsa_test(void)
static uint8_t const pers_str[] = {
'C', 'y', 'a', 'S', 'S', 'L', ' ', 't', 'e', 's', 't'
};
word32 rc = crypto_drbg_instantiate(112, pers_str, sizeof(pers_str),
GetEntropy, &drbg);
word32 rc = ntru_crypto_drbg_instantiate(112, pers_str,
sizeof(pers_str), GetEntropy, &drbg);
if (rc != DRBG_OK) {
free(derCert);
free(pem);
return -448;
}
rc = ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2,
&public_key_len, NULL,
&private_key_len, NULL);
if (rc != NTRU_OK) {
free(derCert);
free(pem);
return -449;
}
rc = ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2,
&public_key_len, public_key,
&private_key_len, private_key);
if (rc != NTRU_OK) {
free(derCert);
free(pem);
return -450;
}
rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
NULL, &private_key_len, NULL);
rc = ntru_crypto_drbg_uninstantiate(drbg);
if (rc != NTRU_OK) {
free(derCert);
free(pem);
return -451;
}
rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
public_key, &private_key_len, private_key);
crypto_drbg_uninstantiate(drbg);
if (rc != NTRU_OK) {
free(derCert);
free(pem);
return -452;
}
caFile = fopen(caKeyFile, "rb");
if (!caFile) {
free(derCert);
free(pem);
return -453;
return -452;
}
bytes = fread(tmp, 1, FOURK_BUF, caFile);
@@ -3534,7 +3628,7 @@ int rsa_test(void)
if (ret != 0) {
free(derCert);
free(pem);
return -459;
return -453;
}
ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes);
if (ret != 0) {
@@ -3911,7 +4005,7 @@ int openssl_test(void)
EVP_MD_CTX_init(&md_ctx);
EVP_DigestInit(&md_ctx, EVP_md5());
EVP_DigestUpdate(&md_ctx, a.input, a.inLen);
EVP_DigestUpdate(&md_ctx, a.input, (unsigned long)a.inLen);
EVP_DigestFinal(&md_ctx, hash, 0);
if (memcmp(hash, a.output, MD5_DIGEST_SIZE) != 0)
@@ -3928,7 +4022,7 @@ int openssl_test(void)
EVP_MD_CTX_init(&md_ctx);
EVP_DigestInit(&md_ctx, EVP_sha1());
EVP_DigestUpdate(&md_ctx, b.input, b.inLen);
EVP_DigestUpdate(&md_ctx, b.input, (unsigned long)b.inLen);
EVP_DigestFinal(&md_ctx, hash, 0);
if (memcmp(hash, b.output, SHA_DIGEST_SIZE) != 0)
@@ -3945,7 +4039,7 @@ int openssl_test(void)
EVP_MD_CTX_init(&md_ctx);
EVP_DigestInit(&md_ctx, EVP_sha256());
EVP_DigestUpdate(&md_ctx, d.input, d.inLen);
EVP_DigestUpdate(&md_ctx, d.input, (unsigned long)d.inLen);
EVP_DigestFinal(&md_ctx, hash, 0);
if (memcmp(hash, d.output, SHA256_DIGEST_SIZE) != 0)
@@ -3989,7 +4083,7 @@ int openssl_test(void)
EVP_MD_CTX_init(&md_ctx);
EVP_DigestInit(&md_ctx, EVP_sha512());
EVP_DigestUpdate(&md_ctx, f.input, f.inLen);
EVP_DigestUpdate(&md_ctx, f.input, (unsigned long)f.inLen);
EVP_DigestFinal(&md_ctx, hash, 0);
if (memcmp(hash, f.output, SHA512_DIGEST_SIZE) != 0)
@@ -4264,6 +4358,8 @@ int hkdf_test(void)
(void)res2;
(void)res3;
(void)res4;
(void)salt1;
(void)info1;
#ifndef NO_SHA
ret = HKDF(SHA, ikm1, 22, NULL, 0, NULL, 0, okm1, L);
@@ -4273,12 +4369,15 @@ int hkdf_test(void)
if (memcmp(okm1, res1, L) != 0)
return -2002;
#ifndef HAVE_FIPS
/* fips can't have key size under 14 bytes, salt is key too */
ret = HKDF(SHA, ikm1, 11, salt1, 13, info1, 10, okm1, L);
if (ret != 0)
return -2003;
if (memcmp(okm1, res2, L) != 0)
return -2004;
#endif /* HAVE_FIPS */
#endif /* NO_SHA */
#ifndef NO_SHA256
@@ -4289,12 +4388,15 @@ int hkdf_test(void)
if (memcmp(okm1, res3, L) != 0)
return -2006;
#ifndef HAVE_FIPS
/* fips can't have key size under 14 bytes, salt is key too */
ret = HKDF(SHA256, ikm1, 22, salt1, 13, info1, 10, okm1, L);
if (ret != 0)
return -2007;
if (memcmp(okm1, res4, L) != 0)
return -2007;
#endif /* HAVE_FIPS */
#endif /* NO_SHA256 */
return 0;
@@ -4473,6 +4575,9 @@ int ecc_encrypt_test(void)
ret = ecc_ctx_set_peer_salt(cliCtx, srvSalt);
ret += ecc_ctx_set_peer_salt(srvCtx, cliSalt);
ret += ecc_ctx_set_info(cliCtx, (byte*)"CyaSSL MSGE", 11);
ret += ecc_ctx_set_info(srvCtx, (byte*)"CyaSSL MSGE", 11);
if (ret != 0)
return -3008;