fix OPENSSL_EXTRA + NO_MD5 build, fixes issue #26

2015-03-26 13:52:06 -06:00
parent 0f4216360e
commit d4a3e83582
4 changed files with 119 additions and 55 deletions
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -2430,7 +2430,9 @@ static int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
 #else
        char  password[80];
        byte  key[AES_256_KEY_SIZE];
+        #ifndef NO_MD5
        byte  iv[AES_IV_SIZE];
+        #endif
 #endif

    #ifdef WOLFSSL_SMALL_STACK
@@ -2460,10 +2462,12 @@ static int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
                                                                         != 0) {
                ret = ASN_INPUT_E;
            }
+#ifndef NO_MD5
            else if ((ret = EVP_BytesToKey(info->name, "MD5", info->iv,
                           (byte*)password, passwordSz, 1, key, iv)) <= 0) {
                /* empty */
            }
+#endif
 #ifndef NO_DES3
            else if (XSTRNCMP(info->name, "DES-CBC", 7) == 0) {
                ret = wc_Des_CbcDecryptWithKey(der.buffer, der.buffer, der.length,
@@ -7031,6 +7035,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
        return 0;
    }

+#ifndef NO_MD5
+
    int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER* type,
                       const WOLFSSL_EVP_MD* md, const byte* salt,
                       const byte* data, int sz, int count, byte* key, byte* iv)
@@ -7133,6 +7139,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
        return keyOutput == (keyLen + ivLen) ? keyOutput : 0;
    }

+#endif /* NO_MD5 */
+
 #endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */


@@ -7152,6 +7160,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
    }


+#ifndef NO_MD5
    void wolfSSL_MD5_Init(WOLFSSL_MD5_CTX* md5)
    {
        typedef char md5_test[sizeof(MD5_CTX) >= sizeof(Md5) ? 1 : -1];
@@ -7175,6 +7184,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
        WOLFSSL_ENTER("MD5_Final");
        wc_Md5Final((Md5*)md5, input);
    }
+#endif /* NO_MD5 */


    void wolfSSL_SHA_Init(WOLFSSL_SHA_CTX* sha)
@@ -7313,6 +7323,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
    #endif /* WOLFSSL_SHA512 */


+    #ifndef NO_MD5
+
    const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void)
    {
        static const char* type = "MD5";
@@ -7320,6 +7332,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
        return type;
    }

+    #endif /* NO_MD5 */
+

    const WOLFSSL_EVP_MD* wolfSSL_EVP_sha1(void)
    {
@@ -7914,11 +7928,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
    int wolfSSL_EVP_DigestInit(WOLFSSL_EVP_MD_CTX* ctx, const WOLFSSL_EVP_MD* type)
    {
        WOLFSSL_ENTER("EVP_DigestInit");
-        if (XSTRNCMP(type, "MD5", 3) == 0) {
-             ctx->macType = MD5;
-             wolfSSL_MD5_Init((MD5_CTX*)&ctx->hash);
-        }
-        else if (XSTRNCMP(type, "SHA256", 6) == 0) {
+        if (XSTRNCMP(type, "SHA256", 6) == 0) {
             ctx->macType = SHA256;
             wolfSSL_SHA256_Init((SHA256_CTX*)&ctx->hash);
        }
@@ -7933,6 +7943,12 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
             ctx->macType = SHA512;
             wolfSSL_SHA512_Init((SHA512_CTX*)&ctx->hash);
        }
+    #endif
+    #ifndef NO_MD5
+        else if (XSTRNCMP(type, "MD5", 3) == 0) {
+            ctx->macType = MD5;
+            wolfSSL_MD5_Init((MD5_CTX*)&ctx->hash);
+        }
    #endif
        /* has to be last since would pick or 256, 384, or 512 too */
        else if (XSTRNCMP(type, "SHA", 3) == 0) {
@@ -7951,25 +7967,41 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
                                unsigned long sz)
    {
        WOLFSSL_ENTER("EVP_DigestUpdate");
-        if (ctx->macType == MD5)
-            wolfSSL_MD5_Update((MD5_CTX*)&ctx->hash, data, (unsigned long)sz);
-        else if (ctx->macType == SHA)
-            wolfSSL_SHA_Update((SHA_CTX*)&ctx->hash, data, (unsigned long)sz);
-        else if (ctx->macType == SHA256)
-            wolfSSL_SHA256_Update((SHA256_CTX*)&ctx->hash, data,
-                                 (unsigned long)sz);
-    #ifdef WOLFSSL_SHA384
-        else if (ctx->macType == SHA384)
-            wolfSSL_SHA384_Update((SHA384_CTX*)&ctx->hash, data,
-                                 (unsigned long)sz);
-    #endif
-    #ifdef WOLFSSL_SHA512
-        else if (ctx->macType == SHA512)
-            wolfSSL_SHA512_Update((SHA512_CTX*)&ctx->hash, data,
-                                 (unsigned long)sz);
-    #endif
-        else
-            return BAD_FUNC_ARG;
+
+        switch (ctx->macType) {
+#ifndef NO_MD5
+            case MD5:
+                wolfSSL_MD5_Update((MD5_CTX*)&ctx->hash, data,
+                                  (unsigned long)sz);
+                break;
+#endif
+#ifndef NO_SHA
+            case SHA:
+                wolfSSL_SHA_Update((SHA_CTX*)&ctx->hash, data,
+                                  (unsigned long)sz);
+                break;
+#endif
+#ifndef NO_SHA256
+            case SHA256:
+                wolfSSL_SHA256_Update((SHA256_CTX*)&ctx->hash, data,
+                                     (unsigned long)sz);
+                break;
+#endif
+#ifdef WOLFSSL_SHA384
+            case SHA384:
+                wolfSSL_SHA384_Update((SHA384_CTX*)&ctx->hash, data,
+                                     (unsigned long)sz);
+                break;
+#endif
+#ifdef WOLFSSL_SHA512
+            case SHA512:
+                wolfSSL_SHA512_Update((SHA512_CTX*)&ctx->hash, data,
+                                     (unsigned long)sz);
+                break;
+#endif
+            default:
+                return BAD_FUNC_ARG;
+        }

        return SSL_SUCCESS;
    }
@@ -7980,32 +8012,40 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
                               unsigned int* s)
    {
        WOLFSSL_ENTER("EVP_DigestFinal");
-        if (ctx->macType == MD5) {
-            wolfSSL_MD5_Final(md, (MD5_CTX*)&ctx->hash);
-            if (s) *s = MD5_DIGEST_SIZE;
+        switch (ctx->macType) {
+#ifndef NO_MD5
+            case MD5:
+                wolfSSL_MD5_Final(md, (MD5_CTX*)&ctx->hash);
+                if (s) *s = MD5_DIGEST_SIZE;
+                break;
+#endif
+#ifndef NO_SHA
+            case SHA:
+                wolfSSL_SHA_Final(md, (SHA_CTX*)&ctx->hash);
+                if (s) *s = SHA_DIGEST_SIZE;
+                break;
+#endif
+#ifndef NO_SHA256
+            case SHA256:
+                wolfSSL_SHA256_Final(md, (SHA256_CTX*)&ctx->hash);
+                if (s) *s = SHA256_DIGEST_SIZE;
+                break;
+#endif
+#ifdef WOLFSSL_SHA384
+            case SHA384:
+                wolfSSL_SHA384_Final(md, (SHA384_CTX*)&ctx->hash);
+                if (s) *s = SHA384_DIGEST_SIZE;
+                break;
+#endif
+#ifdef WOLFSSL_SHA512
+            case SHA512:
+                wolfSSL_SHA512_Final(md, (SHA512_CTX*)&ctx->hash);
+                if (s) *s = SHA512_DIGEST_SIZE;
+                break;
+#endif
+            default:
+                return BAD_FUNC_ARG;
        }
-        else if (ctx->macType == SHA) {
-            wolfSSL_SHA_Final(md, (SHA_CTX*)&ctx->hash);
-            if (s) *s = SHA_DIGEST_SIZE;
-        }
-        else if (ctx->macType == SHA256) {
-            wolfSSL_SHA256_Final(md, (SHA256_CTX*)&ctx->hash);
-            if (s) *s = SHA256_DIGEST_SIZE;
-        }
-    #ifdef WOLFSSL_SHA384
-        else if (ctx->macType == SHA384) {
-            wolfSSL_SHA384_Final(md, (SHA384_CTX*)&ctx->hash);
-            if (s) *s = SHA384_DIGEST_SIZE;
-        }
-    #endif
-    #ifdef WOLFSSL_SHA512
-        else if (ctx->macType == SHA512) {
-            wolfSSL_SHA512_Final(md, (SHA512_CTX*)&ctx->hash);
-            if (s) *s = SHA512_DIGEST_SIZE;
-        }
-    #endif
-        else
-            return BAD_FUNC_ARG;

        return SSL_SUCCESS;
    }
@@ -11926,12 +11966,14 @@ const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int id)
    WOLFSSL_MSG("wolfSSL_get_digestbynid");

    switch(id) {
+#ifndef NO_MD5
        case NID_md5:
            return wolfSSL_EVP_md5();
-
+#endif
+#ifndef NO_SHA
        case NID_sha1:
            return wolfSSL_EVP_sha1();
-
+#endif
        default:
            WOLFSSL_MSG("Bad digest id value");
    }
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -4393,9 +4393,13 @@ int openssl_test(void)
    testVector a, b, c, d, e, f;
    byte       hash[SHA_DIGEST_SIZE*4];  /* max size */

+    (void)a;
+    (void)c;
    (void)e;
    (void)f;

+#ifndef NO_MD5
+
    a.input  = "1234567890123456789012345678901234567890123456789012345678"
               "9012345678901234567890";
    a.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6"
@@ -4412,6 +4416,8 @@ int openssl_test(void)
    if (memcmp(hash, a.output, MD5_DIGEST_SIZE) != 0)
        return -71;

+#endif /* NO_MD5 */
+
    b.input  = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
               "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
               "aaaaaaaaaa";
@@ -4493,6 +4499,7 @@ int openssl_test(void)
 #endif /* WOLFSSL_SHA512 */


+#ifndef NO_MD5
    if (RAND_bytes(hash, sizeof(hash)) != 1)
        return -73;

@@ -4507,6 +4514,8 @@ int openssl_test(void)
    if (memcmp(hash, c.output, MD5_DIGEST_SIZE) != 0)
        return -74;

+#endif /* NO_MD5 */
+
 #ifndef NO_DES3
    { /* des test */
    const byte vector[] = { /* "now is the time for all " w/o trailing 0 */
--- a/wolfssl/openssl/evp.h
+++ b/wolfssl/openssl/evp.h
@@ -34,7 +34,9 @@
 #include "prefix_evp.h"
 #endif

-#include <wolfssl/openssl/md5.h>
+#ifndef NO_MD5
+    #include <wolfssl/openssl/md5.h>
+#endif
 #include <wolfssl/openssl/sha.h>
 #include <wolfssl/openssl/ripemd.h>
 #include <wolfssl/openssl/rsa.h>
@@ -52,7 +54,9 @@
 typedef char WOLFSSL_EVP_MD;
 typedef char WOLFSSL_EVP_CIPHER;

-WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void);
+#ifndef NO_MD5
+    WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void);
+#endif
 WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha1(void);
 WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha256(void);
 WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha384(void);
@@ -72,7 +76,9 @@ WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_enc_null(void);


 typedef union {
-    WOLFSSL_MD5_CTX    md5;
+    #ifndef NO_MD5
+        WOLFSSL_MD5_CTX    md5;
+    #endif
    WOLFSSL_SHA_CTX    sha;
    WOLFSSL_SHA256_CTX sha256;
    #ifdef WOLFSSL_SHA384
@@ -148,10 +154,12 @@ WOLFSSL_API int wolfSSL_EVP_DigestFinal(WOLFSSL_EVP_MD_CTX* ctx, unsigned char*
                                      unsigned int* s);
 WOLFSSL_API int wolfSSL_EVP_DigestFinal_ex(WOLFSSL_EVP_MD_CTX* ctx,
                                            unsigned char* md, unsigned int* s);
+#ifndef NO_MD5
 WOLFSSL_API int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER*,
                              const WOLFSSL_EVP_MD*, const unsigned char*,
                              const unsigned char*, int, int, unsigned char*,
                              unsigned char*);
+#endif

 WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_init(WOLFSSL_EVP_CIPHER_CTX* ctx);
 WOLFSSL_API int  wolfSSL_EVP_CIPHER_CTX_cleanup(WOLFSSL_EVP_CIPHER_CTX* ctx);
@@ -195,7 +203,9 @@ typedef WOLFSSL_EVP_CIPHER     EVP_CIPHER;
 typedef WOLFSSL_EVP_MD_CTX     EVP_MD_CTX;
 typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;

-#define EVP_md5       wolfSSL_EVP_md5
+#ifndef NO_MD5
+    #define EVP_md5       wolfSSL_EVP_md5
+#endif
 #define EVP_sha1      wolfSSL_EVP_sha1
 #define EVP_sha256    wolfSSL_EVP_sha256
 #define EVP_sha384    wolfSSL_EVP_sha384
--- a/wolfssl/openssl/md5.h
+++ b/wolfssl/openssl/md5.h
@@ -6,6 +6,8 @@

 #include <wolfssl/wolfcrypt/settings.h>

+#ifndef NO_MD5
+
 #ifdef WOLFSSL_PREFIX
 #include "prefix_md5.h"
 #endif
@@ -34,6 +36,7 @@ typedef WOLFSSL_MD5_CTX MD5_CTX;
    }  /* extern "C" */ 
 #endif

+#endif /* NO_MD5 */

 #endif /* WOLFSSL_MD5_H_ */