From de14fac06922096f4b2c6b56364efab0b8e19679 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mois=C3=A9s=20Guimar=C3=A3es?= <moisesguimaraesm@gmail.com>
Date: Thu, 3 Jul 2014 10:59:01 -0300
Subject: [PATCH] add hash utility functions to promote cleaner code, smaller
 footprint, centralized logs and error handling.

---
 ctaocrypt/src/asn.c       | 137 ++++++++------------------------------
 ctaocrypt/src/md2.c       |  19 ++++++
 ctaocrypt/src/md5.c       |  18 +++++
 ctaocrypt/src/sha.c       |  25 +++++++
 ctaocrypt/src/sha256.c    |  26 ++++++++
 ctaocrypt/src/sha512.c    |  49 ++++++++++++++
 cyassl/ctaocrypt/md2.h    |   1 +
 cyassl/ctaocrypt/md5.h    |   2 +
 cyassl/ctaocrypt/sha.h    |   1 +
 cyassl/ctaocrypt/sha256.h |   7 +-
 cyassl/ctaocrypt/sha512.h |   2 +
 11 files changed, 174 insertions(+), 113 deletions(-)

diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c
index e3bbef88b..7c082a03a 100644
--- a/ctaocrypt/src/asn.c
+++ b/ctaocrypt/src/asn.c
@@ -2858,140 +2858,57 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
     (void)heap;
 
     switch (sigOID) {
-#ifndef NO_MD5
+    #ifndef NO_MD5
         case CTC_MD5wRSA:
-        {
-            DECLARE_VAR(Md5, md5);
-            
-            if (CREATE_VAR(Md5, md5)) {
-                InitMd5(md5);
-                Md5Update(md5, buf, bufSz);
-                Md5Final(md5, digest);
-            
-                typeH    = MD5h;
-                digestSz = MD5_DIGEST_SIZE;
-                DESTROY_VAR(md5);
-            }
-        }
-        break;
-#endif
-    #if defined(CYASSL_MD2)
-        case CTC_MD2wRSA:
-        {
-            DECLARE_VAR(Md2, md2);
-            
-            if (CREATE_VAR(Md2, md2)) {
-                InitMd2(md2);
-                Md2Update(md2, buf, bufSz);
-                Md2Final(md2, digest);
-            
-                typeH    = MD2h;
-                digestSz = MD2_DIGEST_SIZE;
-                DESTROY_VAR(md2);
-            }
+        if (Md5Hash(buf, bufSz, digest) == 0) {
+            typeH    = MD5h;
+            digestSz = MD5_DIGEST_SIZE;
         }
         break;
     #endif
-#ifndef NO_SHA
+    #if defined(CYASSL_MD2)
+        case CTC_MD2wRSA:
+        if (Md2Hash(buf, bufSz, digest) == 0) {
+            typeH    = MD2h;
+            digestSz = MD2_DIGEST_SIZE;
+        }
+        break;
+    #endif
+    #ifndef NO_SHA
         case CTC_SHAwRSA:
         case CTC_SHAwDSA:
         case CTC_SHAwECDSA:
-        {
-            DECLARE_VAR(Sha, sha);
-            
-            if (CREATE_VAR(Sha, sha)) {
-                if (InitSha(sha) != 0) {
-                    CYASSL_MSG("InitSha failed");
-                }
-                else {
-                    ShaUpdate(sha, buf, bufSz);
-                    ShaFinal(sha, digest);
-            
-                    typeH    = SHAh;
-                    digestSz = SHA_DIGEST_SIZE;                
-                }
-                
-                DESTROY_VAR(sha);
-            }
+        if (ShaHash(buf, bufSz, digest) == 0) {    
+            typeH    = SHAh;
+            digestSz = SHA_DIGEST_SIZE;                
         }
         break;
-#endif
+    #endif
     #ifndef NO_SHA256
         case CTC_SHA256wRSA:
         case CTC_SHA256wECDSA:
-        {
-            DECLARE_VAR(Sha256, sha256);
-            
-            if (CREATE_VAR(Sha256, sha256)) {
-                if (InitSha256(sha256) != 0) {
-                    CYASSL_MSG("InitSha256 failed");
-                }
-                else if (Sha256Update(sha256, buf, bufSz) != 0) {
-                    CYASSL_MSG("Sha256Update failed");
-                }
-                else if (Sha256Final(sha256, digest) != 0) {
-                    CYASSL_MSG("Sha256Final failed");
-                }
-                else {
-                    typeH    = SHA256h;
-                    digestSz = SHA256_DIGEST_SIZE;
-                }
-                
-                DESTROY_VAR(sha256);
-            }
+        if (Sha256Hash(buf, bufSz, digest) == 0) {    
+            typeH    = SHA256h;
+            digestSz = SHA256_DIGEST_SIZE;
         }
         break;
     #endif
     #ifdef CYASSL_SHA512
         case CTC_SHA512wRSA:
         case CTC_SHA512wECDSA:
-        {
-            DECLARE_VAR(Sha512, sha512);
-            
-            if (CREATE_VAR(Sha512, sha512)) {
-                if (InitSha512(sha512) != 0) {
-                    CYASSL_MSG("InitSha512 failed");
-                }
-                else if (Sha512Update(sha512, buf, bufSz) != 0) {
-                    CYASSL_MSG("Sha512Update failed");
-                }
-                else if (Sha512Final(sha512, digest) != 0) {
-                    CYASSL_MSG("Sha512Final failed");
-                }
-                else {
-                    typeH    = SHA512h;
-                    digestSz = SHA512_DIGEST_SIZE;
-                }
-                
-                DESTROY_VAR(sha512);
-            }
+        if (Sha512Hash(buf, bufSz, digest) == 0) {    
+            typeH    = SHA512h;
+            digestSz = SHA512_DIGEST_SIZE;
         }
         break;
     #endif
     #ifdef CYASSL_SHA384
         case CTC_SHA384wRSA:
         case CTC_SHA384wECDSA:
-        {
-            DECLARE_VAR(Sha384, sha384);
-            
-            if (CREATE_VAR(Sha384, sha384)) {
-                if (InitSha384(sha384) != 0) {
-                    CYASSL_MSG("InitSha384 failed");
-                }
-                else if (Sha384Update(sha384, buf, bufSz) != 0) {
-                    CYASSL_MSG("Sha384Update failed");
-                }
-                else if (Sha384Final(sha384, digest) != 0) {
-                    CYASSL_MSG("Sha384Final failed");
-                }
-                else {
-                    typeH    = SHA384h;
-                    digestSz = SHA384_DIGEST_SIZE;
-                }            
-
-                DESTROY_VAR(sha384);
-            }
-        }
+        if (Sha384Hash(buf, bufSz, digest) == 0) {    
+            typeH    = SHA384h;
+            digestSz = SHA384_DIGEST_SIZE;
+        }            
         break;
     #endif
         default:
diff --git a/ctaocrypt/src/md2.c b/ctaocrypt/src/md2.c
index 178287eec..30a1ec5f7 100644
--- a/ctaocrypt/src/md2.c
+++ b/ctaocrypt/src/md2.c
@@ -29,6 +29,8 @@
 #ifdef CYASSL_MD2
 
 #include <cyassl/ctaocrypt/md2.h>
+#include <cyassl/ctaocrypt/error-crypt.h>
+
 #ifdef NO_INLINE
     #include <cyassl/ctaocrypt/misc.h>
 #else
@@ -128,4 +130,21 @@ void Md2Final(Md2* md2, byte* hash)
 }
 
 
+int Md2Hash(const byte* data, word32 len, byte* hash)
+{
+    DECLARE_VAR(Md2, md2);
+
+    if (!CREATE_VAR(Md2, md2))
+        return MEMORY_E;
+
+    InitMd2(md2);
+    Md2Update(md2, data, len);
+    Md2Final(md2, hash);
+
+    DESTROY_VAR(md2);
+
+    return 0;
+}
+
+
 #endif /* CYASSL_MD2 */
diff --git a/ctaocrypt/src/md5.c b/ctaocrypt/src/md5.c
index 3da4cc6b6..1bf23f88e 100644
--- a/ctaocrypt/src/md5.c
+++ b/ctaocrypt/src/md5.c
@@ -35,6 +35,7 @@
 #endif
 
 #include <cyassl/ctaocrypt/md5.h>
+#include <cyassl/ctaocrypt/error-crypt.h>
 
 #ifdef NO_INLINE
     #include <cyassl/ctaocrypt/misc.h>
@@ -361,4 +362,21 @@ void Md5Final(Md5* md5, byte* hash)
 
 #endif /* STM32F2_HASH */
 
+
+int Md5Hash(const byte* data, word32 len, byte* hash)
+{
+    DECLARE_VAR(Md5, md5);
+
+    if (!CREATE_VAR(Md5, md5))
+        return MEMORY_E;
+
+    InitMd5(md5);
+    Md5Update(md5, data, len);
+    Md5Final(md5, hash);
+
+    DESTROY_VAR(md5);
+
+    return 0;
+}
+
 #endif /* NO_MD5 */
diff --git a/ctaocrypt/src/sha.c b/ctaocrypt/src/sha.c
index 9797b5317..9e9651433 100644
--- a/ctaocrypt/src/sha.c
+++ b/ctaocrypt/src/sha.c
@@ -40,6 +40,9 @@
 #endif
 
 #include <cyassl/ctaocrypt/sha.h>
+#include <cyassl/ctaocrypt/logging.h>
+#include <cyassl/ctaocrypt/error-crypt.h>
+
 #ifdef NO_INLINE
     #include <cyassl/ctaocrypt/misc.h>
 #else
@@ -392,4 +395,26 @@ int ShaFinal(Sha* sha, byte* hash)
 
 #endif /* STM32F2_HASH */
 
+
+int ShaHash(const byte* data, word32 len, byte* hash)
+{
+    int ret = 0;
+    DECLARE_VAR(Sha, sha);
+
+    if (!CREATE_VAR(Sha, sha))
+        return MEMORY_E;
+
+    if ((ret = InitSha(sha)) != 0) {
+        CYASSL_MSG("InitSha failed");
+    }
+    else {
+        ShaUpdate(sha, data, len);
+        ShaFinal(sha, hash);
+    }
+
+    DESTROY_VAR(sha);
+
+    return ret;
+}
+
 #endif /* NO_SHA */
diff --git a/ctaocrypt/src/sha256.c b/ctaocrypt/src/sha256.c
index 2a0d1f979..5aed4b325 100644
--- a/ctaocrypt/src/sha256.c
+++ b/ctaocrypt/src/sha256.c
@@ -42,7 +42,9 @@
 #endif
 
 #include <cyassl/ctaocrypt/sha256.h>
+#include <cyassl/ctaocrypt/logging.h>
 #include <cyassl/ctaocrypt/error-crypt.h>
+
 #ifdef NO_INLINE
     #include <cyassl/ctaocrypt/misc.h>
 #else
@@ -283,5 +285,29 @@ int Sha256Final(Sha256* sha256, byte* hash)
 }
 
 
+int Sha256Hash(const byte* data, word32 len, byte* hash)
+{
+    int ret = 0;
+    DECLARE_VAR(Sha256, sha256);
+
+    if (!CREATE_VAR(Sha256, sha256))
+        return MEMORY_E;
+
+    if ((ret = InitSha256(sha256)) != 0) {
+        CYASSL_MSG("InitSha256 failed");
+    }
+    else if ((ret = Sha256Update(sha256, data, len)) != 0) {
+        CYASSL_MSG("Sha256Update failed");
+    }
+    else if ((ret = Sha256Final(sha256, hash)) != 0) {
+        CYASSL_MSG("Sha256Final failed");
+    }
+
+    DESTROY_VAR(sha256);
+
+    return ret;
+}
+
+
 #endif /* NO_SHA256 */
 
diff --git a/ctaocrypt/src/sha512.c b/ctaocrypt/src/sha512.c
index ceb5a7e72..df3ddcda5 100644
--- a/ctaocrypt/src/sha512.c
+++ b/ctaocrypt/src/sha512.c
@@ -33,7 +33,9 @@
 #endif
 
 #include <cyassl/ctaocrypt/sha512.h>
+#include <cyassl/ctaocrypt/logging.h>
 #include <cyassl/ctaocrypt/error-crypt.h>
+
 #ifdef NO_INLINE
     #include <cyassl/ctaocrypt/misc.h>
 #else
@@ -296,6 +298,29 @@ int Sha512Final(Sha512* sha512, byte* hash)
 }
 
 
+int Sha512Hash(const byte* data, word32 len, byte* hash)
+{
+    int ret = 0;
+    DECLARE_VAR(Sha512, sha512);
+    
+    if (!CREATE_VAR(Sha512, sha512))
+        return MEMORY_E;
+    
+    if ((ret = InitSha512(sha512)) != 0) {
+        CYASSL_MSG("InitSha512 failed");
+    }
+    else if ((ret = Sha512Update(sha512, data, len)) != 0) {
+        CYASSL_MSG("Sha512Update failed");
+    }
+    else if ((ret = Sha512Final(sha512, hash)) != 0) {
+        CYASSL_MSG("Sha512Final failed");
+    }
+    
+    DESTROY_VAR(sha512);
+    
+    return ret;
+}
+
 
 #ifdef CYASSL_SHA384
 
@@ -470,6 +495,30 @@ int Sha384Final(Sha384* sha384, byte* hash)
     return InitSha384(sha384);  /* reset state */
 }
 
+
+int Sha384Hash(const byte* data, word32 len, byte* hash)
+{
+    int ret = 0;
+    DECLARE_VAR(Sha384, sha384);
+
+    if (!CREATE_VAR(Sha384, sha384))
+        return MEMORY_E;
+
+    if ((ret = InitSha384(sha384)) != 0) {
+        CYASSL_MSG("InitSha384 failed");
+    }
+    else if ((ret = Sha384Update(sha384, data, len)) != 0) {
+        CYASSL_MSG("Sha384Update failed");
+    }
+    else if ((ret = Sha384Final(sha384, hash)) != 0) {
+        CYASSL_MSG("Sha384Final failed");
+    }
+
+    DESTROY_VAR(sha384);
+
+    return ret;
+}
+
 #endif /* CYASSL_SHA384 */
 
 #endif /* CYASSL_SHA512 */
diff --git a/cyassl/ctaocrypt/md2.h b/cyassl/ctaocrypt/md2.h
index 0b99c43ba..2d55cd9ea 100644
--- a/cyassl/ctaocrypt/md2.h
+++ b/cyassl/ctaocrypt/md2.h
@@ -54,6 +54,7 @@ typedef struct Md2 {
 CYASSL_API void InitMd2(Md2*);
 CYASSL_API void Md2Update(Md2*, const byte*, word32);
 CYASSL_API void Md2Final(Md2*, byte*);
+CYASSL_API int  Md2Hash(const byte*, word32, byte*);
 
 
 #ifdef __cplusplus
diff --git a/cyassl/ctaocrypt/md5.h b/cyassl/ctaocrypt/md5.h
index 418d7b14d..f62ede96c 100644
--- a/cyassl/ctaocrypt/md5.h
+++ b/cyassl/ctaocrypt/md5.h
@@ -63,6 +63,8 @@ typedef struct Md5 {
 CYASSL_API void InitMd5(Md5*);
 CYASSL_API void Md5Update(Md5*, const byte*, word32);
 CYASSL_API void Md5Final(Md5*, byte*);
+CYASSL_API int  Md5Hash(const byte*, word32, byte*);
+
 
 #ifdef __cplusplus
     } /* extern "C" */
diff --git a/cyassl/ctaocrypt/sha.h b/cyassl/ctaocrypt/sha.h
index 749b728a5..f1820a6d9 100644
--- a/cyassl/ctaocrypt/sha.h
+++ b/cyassl/ctaocrypt/sha.h
@@ -65,6 +65,7 @@ typedef struct Sha {
 CYASSL_API int InitSha(Sha*);
 CYASSL_API int ShaUpdate(Sha*, const byte*, word32);
 CYASSL_API int ShaFinal(Sha*, byte*);
+CYASSL_API int ShaHash(const byte*, word32, byte*);
 
 
 #ifdef HAVE_FIPS
diff --git a/cyassl/ctaocrypt/sha256.h b/cyassl/ctaocrypt/sha256.h
index 5b709c23e..c619461a3 100644
--- a/cyassl/ctaocrypt/sha256.h
+++ b/cyassl/ctaocrypt/sha256.h
@@ -61,9 +61,10 @@ typedef struct Sha256 {
 } Sha256;
 
 
-CYASSL_API int  InitSha256(Sha256*);
-CYASSL_API int  Sha256Update(Sha256*, const byte*, word32);
-CYASSL_API int  Sha256Final(Sha256*, byte*);
+CYASSL_API int InitSha256(Sha256*);
+CYASSL_API int Sha256Update(Sha256*, const byte*, word32);
+CYASSL_API int Sha256Final(Sha256*, byte*);
+CYASSL_API int Sha256Hash(const byte*, word32, byte*);
 
 
 #ifdef HAVE_FIPS
diff --git a/cyassl/ctaocrypt/sha512.h b/cyassl/ctaocrypt/sha512.h
index 5a49942cb..143402439 100644
--- a/cyassl/ctaocrypt/sha512.h
+++ b/cyassl/ctaocrypt/sha512.h
@@ -54,6 +54,7 @@ typedef struct Sha512 {
 CYASSL_API int InitSha512(Sha512*);
 CYASSL_API int Sha512Update(Sha512*, const byte*, word32);
 CYASSL_API int Sha512Final(Sha512*, byte*);
+CYASSL_API int Sha512Hash(const byte*, word32, byte*);
 
 
 #if defined(CYASSL_SHA384) || defined(HAVE_AESGCM)
@@ -80,6 +81,7 @@ typedef struct Sha384 {
 CYASSL_API int InitSha384(Sha384*);
 CYASSL_API int Sha384Update(Sha384*, const byte*, word32);
 CYASSL_API int Sha384Final(Sha384*, byte*);
+CYASSL_API int Sha384Hash(const byte*, word32, byte*);
 
 
 #ifdef HAVE_FIPS