feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

compile option to leave out MD5 and SSL code

Browse Source
This commit is contained in:
John Safranek
2012-11-26 18:40:43 -08:00
parent b828ac047a
commit f8f7f69f48
20 changed files with 445 additions and 196 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
configure.ac
View File

@@ -217,7 +217,7 @@ AC_ARG_ENABLE(leanpsk,
if test "$ENABLED_LEANPSK" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DCYASSL_LEANPSK -DHAVE_NULL_CIPHER -DNO_AES -DNO_FILESYSTEM -DNO_RSA -DNO_DSA -DNO_DH -DNO_CERTS -DNO_PWDBASED -DNO_DES3 -DNO_MD4 -DNO_ERROR_STRINGS"
AM_CFLAGS="$AM_CFLAGS -DCYASSL_LEANPSK -DHAVE_NULL_CIPHER -DNO_AES -DNO_FILESYSTEM -DNO_RSA -DNO_DSA -DNO_DH -DNO_CERTS -DNO_PWDBASED -DNO_DES3 -DNO_MD4 -DNO_MD5 -DNO_ERROR_STRINGS -DNO_OLD_TLS"
ENABLED_SLOWMATH="no"
fi

9
ctaocrypt/src/asn.c
View File

@@ -4941,15 +4941,16 @@ int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
{
int version, len;
word32 oid, idx = 0;
Md5 md5;
Sha sha;
Signer* ca;
CYASSL_MSG("ParseCRL");
/* raw crl hash */
InitMd5(&md5);
Md5Update(&md5, buff, sz);
Md5Final(&md5, dcrl->crlHash);
/* hash here if needed for optimized comparisons
* InitSha(&sha);
* ShaUpdate(&sha, buff, sz);
* ShaFinal(&sha, dcrl->crlHash); */
if (GetSequence(buff, &idx, &len, sz) < 0)
return ASN_PARSE_E;

187
ctaocrypt/src/hmac.c
View File

@@ -37,18 +37,32 @@ static int InitHmac(Hmac* hmac, int type)
if (!(type == MD5 || type == SHA || type == SHA256 || type == SHA384))
return BAD_FUNC_ARG;
if (type == MD5)
switch (type) {
#ifndef NO_MD5
case MD5:
InitMd5(&hmac->hash.md5);
else if (type == SHA)
break;
#endif
case SHA:
InitSha(&hmac->hash.sha);
#ifndef NO_SHA256
else if (type == SHA256)
break;
#ifndef NO_SHA256
case SHA256:
InitSha256(&hmac->hash.sha256);
#endif
#ifdef CYASSL_SHA384
else if (type == SHA384)
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
InitSha384(&hmac->hash.sha384);
#endif
break;
#endif
default:
break;
}
return 0;
}
@@ -58,11 +72,15 @@ void HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
{
byte* ip = (byte*) hmac->ipad;
byte* op = (byte*) hmac->opad;
word32 i, hmac_block_size = MD5_BLOCK_SIZE;
word32 i, hmac_block_size = SHA_BLOCK_SIZE;
InitHmac(hmac, type);
if (hmac->macType == MD5) {
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
{
hmac_block_size = MD5_BLOCK_SIZE;
if (length <= MD5_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
@@ -72,8 +90,11 @@ void HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
length = MD5_DIGEST_SIZE;
}
}
else if (hmac->macType == SHA) {
hmac_block_size = SHA_BLOCK_SIZE;
break;
#endif
case SHA:
{
if (length <= SHA_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
@@ -83,8 +104,11 @@ void HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
length = SHA_DIGEST_SIZE;
}
}
#ifndef NO_SHA256
else if (hmac->macType == SHA256) {
break;
#ifndef NO_SHA256
case SHA256:
{
hmac_block_size = SHA256_BLOCK_SIZE;
if (length <= SHA256_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
@@ -95,9 +119,12 @@ void HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
length = SHA256_DIGEST_SIZE;
}
}
#endif
#ifdef CYASSL_SHA384
else if (hmac->macType == SHA384) {
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
{
hmac_block_size = SHA384_BLOCK_SIZE;
if (length <= SHA384_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
@@ -108,7 +135,12 @@ void HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
length = SHA384_DIGEST_SIZE;
}
}
#endif
break;
#endif
default:
break;
}
XMEMSET(ip + length, 0, hmac_block_size - length);
for(i = 0; i < hmac_block_size; i++) {
@@ -120,18 +152,34 @@ void HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
static void HmacKeyInnerHash(Hmac* hmac)
{
if (hmac->macType == MD5)
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
Md5Update(&hmac->hash.md5, (byte*) hmac->ipad, MD5_BLOCK_SIZE);
else if (hmac->macType == SHA)
break;
#endif
case SHA:
ShaUpdate(&hmac->hash.sha, (byte*) hmac->ipad, SHA_BLOCK_SIZE);
#ifndef NO_SHA256
else if (hmac->macType == SHA256)
Sha256Update(&hmac->hash.sha256, (byte*) hmac->ipad, SHA256_BLOCK_SIZE);
#endif
#ifdef CYASSL_SHA384
else if (hmac->macType == SHA384)
Sha384Update(&hmac->hash.sha384, (byte*) hmac->ipad, SHA384_BLOCK_SIZE);
#endif
break;
#ifndef NO_SHA256
case SHA256:
Sha256Update(&hmac->hash.sha256,
(byte*) hmac->ipad, SHA256_BLOCK_SIZE);
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
Sha384Update(&hmac->hash.sha384,
(byte*) hmac->ipad, SHA384_BLOCK_SIZE);
break;
#endif
default:
break;
}
hmac->innerHashKeyed = 1;
}
@@ -142,18 +190,32 @@ void HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
if (!hmac->innerHashKeyed)
HmacKeyInnerHash(hmac);
if (hmac->macType == MD5)
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
Md5Update(&hmac->hash.md5, msg, length);
else if (hmac->macType == SHA)
break;
#endif
case SHA:
ShaUpdate(&hmac->hash.sha, msg, length);
#ifndef NO_SHA256
else if (hmac->macType == SHA256)
break;
#ifndef NO_SHA256
case SHA256:
Sha256Update(&hmac->hash.sha256, msg, length);
#endif
#ifdef CYASSL_SHA384
else if (hmac->macType == SHA384)
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
Sha384Update(&hmac->hash.sha384, msg, length);
#endif
break;
#endif
default:
break;
}
}
@@ -163,44 +225,65 @@ void HmacFinal(Hmac* hmac, byte* hash)
if (!hmac->innerHashKeyed)
HmacKeyInnerHash(hmac);
if (hmac->macType == MD5) {
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
{
Md5Final(&hmac->hash.md5, (byte*) hmac->innerHash);
Md5Update(&hmac->hash.md5, (byte*) hmac->opad, MD5_BLOCK_SIZE);
Md5Update(&hmac->hash.md5, (byte*) hmac->innerHash, MD5_DIGEST_SIZE);
Md5Update(&hmac->hash.md5,
(byte*) hmac->innerHash, MD5_DIGEST_SIZE);
Md5Final(&hmac->hash.md5, hash);
}
else if (hmac->macType == SHA) {
break;
#endif
case SHA:
{
ShaFinal(&hmac->hash.sha, (byte*) hmac->innerHash);
ShaUpdate(&hmac->hash.sha, (byte*) hmac->opad, SHA_BLOCK_SIZE);
ShaUpdate(&hmac->hash.sha, (byte*) hmac->innerHash, SHA_DIGEST_SIZE);
ShaUpdate(&hmac->hash.sha,
(byte*) hmac->innerHash, SHA_DIGEST_SIZE);
ShaFinal(&hmac->hash.sha, hash);
}
#ifndef NO_SHA256
else if (hmac->macType == SHA256) {
break;
#ifndef NO_SHA256
case SHA256:
{
Sha256Final(&hmac->hash.sha256, (byte*) hmac->innerHash);
Sha256Update(&hmac->hash.sha256, (byte*) hmac->opad, SHA256_BLOCK_SIZE);
Sha256Update(&hmac->hash.sha256, (byte*) hmac->innerHash,
SHA256_DIGEST_SIZE);
Sha256Update(&hmac->hash.sha256,
(byte*) hmac->opad, SHA256_BLOCK_SIZE);
Sha256Update(&hmac->hash.sha256,
(byte*) hmac->innerHash, SHA256_DIGEST_SIZE);
Sha256Final(&hmac->hash.sha256, hash);
}
#endif
#ifdef CYASSL_SHA384
else if (hmac->macType == SHA384) {
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
{
Sha384Final(&hmac->hash.sha384, (byte*) hmac->innerHash);
Sha384Update(&hmac->hash.sha384, (byte*) hmac->opad, SHA384_BLOCK_SIZE);
Sha384Update(&hmac->hash.sha384, (byte*) hmac->innerHash,
SHA384_DIGEST_SIZE);
Sha384Update(&hmac->hash.sha384,
(byte*) hmac->opad, SHA384_BLOCK_SIZE);
Sha384Update(&hmac->hash.sha384,
(byte*) hmac->innerHash, SHA384_DIGEST_SIZE);
Sha384Final(&hmac->hash.sha384, hash);
}
#endif
#endif
default:
break;
}
hmac->innerHashKeyed = 0;
}

2
cyassl/ctaocrypt/asn.h
View File

@@ -462,7 +462,7 @@ struct DecodedCRL {
word32 signatureOID; /* sum of algorithm object id */
byte* signature; /* pointer into raw source, not owned */
byte issuerHash[SHA_DIGEST_SIZE]; /* issuer hash */
byte crlHash[MD5_DIGEST_SIZE]; /* raw crl data hash */
byte crlHash[SHA_DIGEST_SIZE]; /* raw crl data hash */
byte lastDate[MAX_DATE_SIZE]; /* last date updated */
byte nextDate[MAX_DATE_SIZE]; /* next update date */
byte lastDateFormat; /* format of last date */

10
cyassl/ctaocrypt/hmac.h
View File

@@ -25,7 +25,10 @@
#ifndef CTAO_CRYPT_HMAC_H
#define CTAO_CRYPT_HMAC_H
#include <cyassl/ctaocrypt/md5.h>
#ifndef NO_MD5
#include <cyassl/ctaocrypt/md5.h>
#endif
#include <cyassl/ctaocrypt/sha.h>
#ifndef NO_SHA256
@@ -44,6 +47,9 @@
enum {
IPAD = 0x36,
OPAD = 0x5C,
#ifdef NO_MD5
MD5 = 0,
#endif
#if defined(CYASSL_SHA384)
INNER_HASH_SIZE = SHA384_DIGEST_SIZE,
HMAC_BLOCK_SIZE = SHA384_BLOCK_SIZE
@@ -62,7 +68,9 @@ enum {
/* hash union */
typedef union {
#ifndef NO_MD5
Md5 md5;
#endif
Sha sha;
#ifndef NO_SHA256
Sha256 sha256;

3
cyassl/ctaocrypt/md5.h
View File

@@ -19,6 +19,7 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef NO_MD5
#ifndef CTAO_CRYPT_MD5_H
#define CTAO_CRYPT_MD5_H
@@ -59,4 +60,4 @@ CYASSL_API void Md5Final(Md5*, byte*);
#endif
#endif /* CTAO_CRYPT_MD5_H */
#endif /* NO_MD5 */

15
cyassl/internal.h
View File

@@ -374,7 +374,11 @@ enum Misc {
SECRET_LEN = 48, /* pre RSA and all master */
ENCRYPT_LEN = 512, /* allow 4096 bit static buffer */
SIZEOF_SENDER = 4, /* clnt or srvr */
#ifndef NO_MD5
FINISHED_SZ = MD5_DIGEST_SIZE + SHA_DIGEST_SIZE,
#else
FINISHED_SZ = 36,
#endif
MAX_RECORD_SIZE = 16384, /* 2^14, max size by standard */
MAX_MSG_EXTRA = 70, /* max added to msg, mac + pad from */
/* RECORD_HEADER_SZ + BLOCK_SZ (pad) + SHA_256
@@ -781,7 +785,8 @@ typedef struct CRL_Entry CRL_Entry;
struct CRL_Entry {
CRL_Entry* next; /* next entry */
byte issuerHash[SHA_DIGEST_SIZE]; /* issuer hash */
byte crlHash[MD5_DIGEST_SIZE]; /* raw crl data hash */
/* byte crlHash[SHA_DIGEST_SIZE]; raw crl data hash */
/* restore the hash here if needed for optimized comparisons */
byte lastDate[MAX_DATE_SIZE]; /* last date updated */
byte nextDate[MAX_DATE_SIZE]; /* next update date */
byte lastDateFormat; /* last date format */
@@ -1069,8 +1074,12 @@ CYASSL_LOCAL void FreeCiphers(CYASSL* ssl);
/* hashes type */
typedef struct Hashes {
#ifndef NO_MD5
byte md5[MD5_DIGEST_SIZE];
byte sha[SHA_DIGEST_SIZE];
#else
byte hash[FINISHED_SZ];
#endif
} Hashes;
@@ -1308,8 +1317,10 @@ struct CYASSL {
void* IOCB_ReadCtx;
void* IOCB_WriteCtx;
RNG* rng;
Md5 hashMd5; /* md5 hash of handshake msgs */
Sha hashSha; /* sha hash of handshake msgs */
#ifndef NO_MD5
Md5 hashMd5; /* md5 hash of handshake msgs */
#endif
#ifndef NO_SHA256
Sha256 hashSha256; /* sha256 hash of handshake msgs */
#endif

2
examples/client/client.c
View File

@@ -237,6 +237,7 @@ void client_test(void* args)
myoptind = 0; /* reset for test cases */
switch (version) {
#ifndef NO_OLD_TLS
case 0:
method = CyaSSLv3_client_method();
break;
@@ -248,6 +249,7 @@ void client_test(void* args)
case 2:
method = CyaTLSv1_1_client_method();
break;
#endif
case 3:
method = CyaTLSv1_2_client_method();

2
examples/server/server.c
View File

@@ -205,6 +205,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
myoptind = 0; /* reset for test cases */
switch (version) {
#ifndef NO_OLD_TLS
case 0:
method = SSLv3_server_method();
break;
@@ -216,6 +217,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
case 2:
method = TLSv1_1_server_method();
break;
#endif
case 3:
method = TLSv1_2_server_method();

3
src/crl.c
View File

@@ -58,7 +58,8 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl)
CYASSL_ENTER("InitCRL_Entry");
XMEMCPY(crle->issuerHash, dcrl->issuerHash, SHA_DIGEST_SIZE);
XMEMCPY(crle->crlHash, dcrl->crlHash, MD5_DIGEST_SIZE);
/* XMEMCPY(crle->crlHash, dcrl->crlHash, SHA_DIGEST_SIZE);
* copy the hash here if needed for optimized comparisons */
XMEMCPY(crle->lastDate, dcrl->lastDate, MAX_DATE_SIZE);
XMEMCPY(crle->nextDate, dcrl->nextDate, MAX_DATE_SIZE);
crle->lastDateFormat = dcrl->lastDateFormat;

2
src/include.am
View File

@@ -10,7 +10,6 @@ src_libcyassl_la_SOURCES = \
src/ssl.c \
src/tls.c \
ctaocrypt/src/coding.c \
ctaocrypt/src/md5.c \
ctaocrypt/src/hmac.c \
ctaocrypt/src/random.c \
ctaocrypt/src/sha.c \
@@ -28,6 +27,7 @@ if !BUILD_LEANPSK
src_libcyassl_la_SOURCES += ctaocrypt/src/rsa.c \
ctaocrypt/src/des3.c \
ctaocrypt/src/md4.c \
ctaocrypt/src/md5.c \
ctaocrypt/src/asn.c \
ctaocrypt/src/dh.c \
ctaocrypt/src/dsa.c \

46
src/internal.c
View File

@@ -90,10 +90,12 @@ typedef enum {
runProcessingOneMessage
} processReply;
#ifndef NO_MD5
static void Hmac(CYASSL* ssl, byte* digest, const byte* buffer, word32 sz,
int content, int verify);
static void BuildCertHashes(CYASSL* ssl, Hashes* hashes);
#endif
#ifndef min
@@ -1019,7 +1021,9 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
ssl->IOCB_ReadCtx = &ssl->rfd; /* prevent invalid pointer access if not */
ssl->IOCB_WriteCtx = &ssl->wfd; /* correctly set */
#ifndef NO_MD5
InitMd5(&ssl->hashMd5);
#endif
InitSha(&ssl->hashSha);
#ifndef NO_SHA256
InitSha256(&ssl->hashSha256);
@@ -1088,7 +1092,11 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
ssl->options.resuming = 0;
ssl->options.haveSessionId = 0;
#ifndef NO_OLD_TLS
ssl->hmac = Hmac; /* default to SSLv3 */
#else
ssl->hmac = TLS_hmac;
#endif
ssl->heap = ctx->heap; /* defaults to self */
ssl->options.tls = 0;
ssl->options.tls1_1 = 0;
@@ -1578,8 +1586,11 @@ static void HashOutput(CYASSL* ssl, const byte* output, int sz, int ivSz)
}
#endif
Md5Update(&ssl->hashMd5, adj, sz);
ShaUpdate(&ssl->hashSha, adj, sz);
#ifndef NO_MD5
Md5Update(&ssl->hashMd5, adj, sz);
#endif
if (IsAtLeastTLSv1_2(ssl)) {
#ifndef NO_SHA256
Sha256Update(&ssl->hashSha256, adj, sz);
@@ -1604,8 +1615,11 @@ static void HashInput(CYASSL* ssl, const byte* input, int sz)
}
#endif
Md5Update(&ssl->hashMd5, adj, sz);
ShaUpdate(&ssl->hashSha, adj, sz);
#ifndef NO_MD5
Md5Update(&ssl->hashMd5, adj, sz);
#endif
if (IsAtLeastTLSv1_2(ssl)) {
#ifndef NO_SHA256
Sha256Update(&ssl->hashSha256, adj, sz);
@@ -2024,6 +2038,7 @@ static int GetDtlsHandShakeHeader(CYASSL* ssl, const byte* input,
#endif
#ifndef NO_MD5
/* fill with MD5 pad size since biggest required */
static const byte PAD1[PAD_MD5] =
{ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
@@ -2080,12 +2095,15 @@ static void BuildSHA(CYASSL* ssl, Hashes* hashes, const byte* sender)
ShaFinal(&ssl->hashSha, hashes->sha);
}
#endif
static void BuildFinished(CYASSL* ssl, Hashes* hashes, const byte* sender)
{
/* store current states, building requires get_digest which resets state */
#ifndef NO_MD5
Md5 md5 = ssl->hashMd5;
#endif
Sha sha = ssl->hashSha;
#ifndef NO_SHA256
Sha256 sha256;
@@ -2107,13 +2125,17 @@ static void BuildFinished(CYASSL* ssl, Hashes* hashes, const byte* sender)
if (ssl->options.tls)
BuildTlsFinished(ssl, hashes, sender);
#ifndef NO_MD5
else {
BuildMD5(ssl, hashes, sender);
BuildSHA(ssl, hashes, sender);
}
#endif
/* restore */
#ifndef NO_MD5
ssl->hashMd5 = md5;
#endif
ssl->hashSha = sha;
if (IsAtLeastTLSv1_2(ssl)) {
#ifndef NO_SHA256
@@ -3545,7 +3567,7 @@ static INLINE const byte* GetMacSecret(CYASSL* ssl, int verify)
return ssl->keys.server_write_MAC_secret;
}
#ifndef NO_OLD_TLS
static void Hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
int content, int verify)
{
@@ -3665,7 +3687,7 @@ static void BuildCertHashes(CYASSL* ssl, Hashes* hashes)
ssl->hashSha256 = sha256;
#endif
}
#endif
/* Build SSL Message, encrypted */
static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz,
@@ -5416,10 +5438,14 @@ int SetCipherList(Suites* s, const char* list)
int ret;
XMEMCPY(ssl->arrays->masterSecret,
ssl->session.masterSecret, SECRET_LEN);
#ifndef NO_OLD_TLS
if (ssl->options.tls)
ret = DeriveTlsKeys(ssl);
else
ret = DeriveKeys(ssl);
#else
ret = DeriveTlsKeys(ssl);
#endif
ssl->options.serverState = SERVER_HELLODONE_COMPLETE;
return ret;
}
@@ -7117,7 +7143,9 @@ int SetCipherList(Suites* s, const char* list)
#endif
/* manually hash input since different format */
#ifndef NO_MD5
Md5Update(&ssl->hashMd5, input + idx, sz);
#endif
ShaUpdate(&ssl->hashSha, input + idx, sz);
#ifndef NO_SHA256
if (IsAtLeastTLSv1_2(ssl))
@@ -7236,10 +7264,14 @@ int SetCipherList(Suites* s, const char* list)
}
RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, RAN_LEN);
#ifndef NO_OLD_TLS
if (ssl->options.tls)
ret = DeriveTlsKeys(ssl);
else
ret = DeriveKeys(ssl);
#else
ret = DeriveTlsKeys(ssl);
#endif
ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE;
return ret;
@@ -7405,10 +7437,14 @@ int SetCipherList(Suites* s, const char* list)
}
RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, RAN_LEN);
#ifndef NO_OLD_TLS
if (ssl->options.tls)
ret = DeriveTlsKeys(ssl);
else
ret = DeriveKeys(ssl);
#else
ret = DeriveTlsKeys(ssl);
#endif
ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE;
return ret;
@@ -7800,8 +7836,10 @@ int SetCipherList(Suites* s, const char* list)
if (ret == 0) {
ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE;
#ifndef NO_CERTS
if (ssl->options.verifyPeer)
BuildCertHashes(ssl, &ssl->certHashes);
#endif
}
return ret;

12
src/keys.c
View File

@@ -970,7 +970,7 @@ enum KeyStuff {
};
#ifndef NO_OLD_TLS
/* true or false, zero for error */
static int SetPrefix(byte* sha_input, int idx)
{
@@ -1002,6 +1002,7 @@ static int SetPrefix(byte* sha_input, int idx)
}
return 1;
}
#endif
static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
@@ -1212,7 +1213,7 @@ int StoreKeys(CYASSL* ssl, const byte* keyData)
ssl->options.side, ssl->heap, ssl->rng);
}
#ifndef NO_OLD_TLS
int DeriveKeys(CYASSL* ssl)
{
int length = 2 * ssl->specs.hash_size +
@@ -1344,15 +1345,20 @@ static int MakeSslMasterSecret(CYASSL* ssl)
return ret;
}
#endif
/* Master wrapper, doesn't use SSL stack space in TLS mode */
int MakeMasterSecret(CYASSL* ssl)
{
#ifndef NO_TLS
#ifdef NO_OLD_TLS
return MakeTlsMasterSecret(ssl);
#elif !defined(NO_TLS)
if (ssl->options.tls) return MakeTlsMasterSecret(ssl);
#endif
#ifndef NO_OLD_TLS
return MakeSslMasterSecret(ssl);
#endif
}

103
src/tls.c
View File

@@ -43,16 +43,6 @@
#endif /* min */
/* calculate XOR for TLSv1 PRF */
static INLINE void get_xor(byte *digest, word32 digLen, byte* md5, byte* sha)
{
word32 i;
for (i = 0; i < digLen; i++)
digest[i] = md5[i] ^ sha[i];
}
#ifdef CYASSL_SHA384
#define PHASH_MAX_DIGEST_SIZE SHA384_DIGEST_SIZE
#else
@@ -63,7 +53,7 @@ static INLINE void get_xor(byte *digest, word32 digLen, byte* md5, byte* sha)
static void p_hash(byte* result, word32 resLen, const byte* secret,
word32 secLen, const byte* seed, word32 seedLen, int hash)
{
word32 len = MD5_DIGEST_SIZE;
word32 len = SHA_DIGEST_SIZE;
word32 times;
word32 lastLen;
word32 lastTime;
@@ -74,23 +64,39 @@ static void p_hash(byte* result, word32 resLen, const byte* secret,
Hmac hmac;
if (hash == md5_mac) {
switch (hash) {
#ifndef NO_MD5
case md5_mac:
{
len = MD5_DIGEST_SIZE;
hash = MD5;
}
else if (hash == sha_mac) {
len = SHA_DIGEST_SIZE;
hash = SHA;
} else if (hash == sha256_mac) {
break;
#endif
#ifndef NO_SHA256
case sha256_mac:
{
len = SHA256_DIGEST_SIZE;
hash = SHA256;
}
#ifdef CYASSL_SHA384
else if (hash == sha384_mac)
break;
#endif
#ifdef CYASSL_SHA384
case sha384_mac:
{
len = SHA384_DIGEST_SIZE;
hash = SHA384;
}
#endif
break;
#endif
case sha_mac:
default:
{
len = SHA_DIGEST_SIZE;
hash = SHA;
}
break;
}
times = resLen / len;
lastLen = resLen % len;
@@ -119,6 +125,18 @@ static void p_hash(byte* result, word32 resLen, const byte* secret,
#ifndef NO_MD5
/* calculate XOR for TLSv1 PRF */
static INLINE void get_xor(byte *digest, word32 digLen, byte* md5, byte* sha)
{
word32 i;
for (i = 0; i < digLen; i++)
digest[i] = md5[i] ^ sha[i];
}
/* compute TLSv1 PRF (pseudo random function using HMAC) */
static void doPRF(byte* digest, word32 digLen, const byte* secret,word32 secLen,
const byte* label, word32 labLen, const byte* seed, word32 seedLen)
@@ -151,6 +169,8 @@ static void doPRF(byte* digest, word32 digLen, const byte* secret,word32 secLen,
get_xor(digest, digLen, md5_result, sha_result);
}
#endif
/* Wrapper to call straight thru to p_hash in TSL 1.2 cases to remove stack
use */
@@ -174,8 +194,10 @@ static void PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen,
p_hash(digest, digLen, secret, secLen, labelSeed, labLen + seedLen,
hash_type);
}
#ifndef NO_MD5
else
doPRF(digest, digLen, secret, secLen, label, labLen, seed, seedLen);
#endif
}
@@ -192,8 +214,11 @@ void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, const byte* sender)
byte handshake_hash[HSHASH_SZ];
word32 hashSz = FINISHED_SZ;
#ifndef NO_MD5
Md5Final(&ssl->hashMd5, handshake_hash);
ShaFinal(&ssl->hashSha, &handshake_hash[MD5_DIGEST_SIZE]);
#endif
if (IsAtLeastTLSv1_2(ssl)) {
#ifndef NO_SHA256
if (ssl->specs.mac_algorithm <= sha256_mac) {
@@ -214,9 +239,15 @@ void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, const byte* sender)
else
side = tls_server;
#ifndef NO_MD5
PRF(hashes->md5, TLS_FINISHED_SZ, ssl->arrays->masterSecret, SECRET_LEN,
side, FINISHED_LABEL_SZ, handshake_hash, hashSz, IsAtLeastTLSv1_2(ssl),
ssl->specs.mac_algorithm);
#else
PRF(hashes->hash, TLS_FINISHED_SZ, ssl->arrays->masterSecret, SECRET_LEN,
side, FINISHED_LABEL_SZ, handshake_hash, hashSz, IsAtLeastTLSv1_2(ssl),
ssl->specs.mac_algorithm);
#endif
}
@@ -378,12 +409,28 @@ void TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
#endif
c32toa(GetSEQIncrement(ssl, verify), &seq[sizeof(word32)]);
if (ssl->specs.mac_algorithm == md5_mac)
switch (ssl->specs.mac_algorithm) {
#ifndef NO_MD5
case md5_mac:
{
type = MD5;
else if (ssl->specs.mac_algorithm == sha_mac)
type = SHA;
else
}
break;
#endif
#ifndef NO_SHA256
case sha256_mac:
{
type = SHA256;
}
break;
#endif
case sha_mac:
default:
{
type = SHA;
}
break;
}
HmacSetKey(&hmac, type, GetMacSecret(ssl, verify), ssl->specs.hash_size);
HmacUpdate(&hmac, seq, SEQ_SZ); /* seq_num */
@@ -399,6 +446,8 @@ void TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
#ifndef NO_CYASSL_CLIENT
#ifndef NO_OLD_TLS
CYASSL_METHOD* CyaTLSv1_client_method(void)
{
CYASSL_METHOD* method =
@@ -420,6 +469,7 @@ void TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
return method;
}
#endif /* !NO_OLD_TLS */
#ifndef NO_SHA256 /* can't use without SHA256 */
@@ -447,7 +497,9 @@ void TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
#else
InitSSL_Method(method, MakeTLSv1_1());
#endif
#ifndef NO_OLD_TLS
method->downgrade = 1;
#endif
}
return method;
}
@@ -459,6 +511,8 @@ void TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
#ifndef NO_CYASSL_SERVER
#ifndef NO_OLD_TLS
CYASSL_METHOD* CyaTLSv1_server_method(void)
{
CYASSL_METHOD* method =
@@ -484,6 +538,7 @@ void TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
return method;
}
#endif /* !NO_OLD_TLS */
#ifndef NO_SHA256 /* can't use without SHA256 */
@@ -514,7 +569,9 @@ void TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
InitSSL_Method(method, MakeTLSv1_1());
#endif
method->side = SERVER_END;
#ifndef NO_OLD_TLS
method->downgrade = 1;
#endif /* !NO_OLD_TLS */
}
return method;
}

2
tests/api.c
View File

@@ -147,12 +147,14 @@ int test_method2(CYASSL_METHOD *method, const char *name)
int test_CyaSSL_Method_Allocators(void)
{
#ifndef NO_OLD_TLS
test_method(CyaSSLv3_server_method(), "CyaSSLv3_server_method()");
test_method(CyaSSLv3_client_method(), "CyaSSLv3_client_method()");
test_method(CyaTLSv1_server_method(), "CyaTLSv1_server_method()");
test_method(CyaTLSv1_client_method(), "CyaTLSv1_client_method()");
test_method(CyaTLSv1_1_server_method(), "CyaTLSv1_1_server_method()");
test_method(CyaTLSv1_1_client_method(), "CyaTLSv1_1_client_method()");
#endif /* NO_OLD_TLS */
test_method(CyaTLSv1_2_server_method(), "CyaTLSv1_2_server_method()");
test_method(CyaTLSv1_2_client_method(), "CyaTLSv1_2_client_method()");
test_method(CyaSSLv23_client_method(), "CyaSSLv23_client_method()");

6
tests/hash.c
View File

@@ -68,11 +68,13 @@ int HashTest(void)
printf( " MD4 test passed!\n");
#endif
#ifndef NO_MD5
if ( (ret = md5_test()) ) {
printf( " MD5 test failed!\n");
return ret;
} else
printf( " MD5 test passed!\n");
#endif
if ( (ret = sha_test()) ) {
printf( " SHA test failed!\n");
@@ -224,6 +226,8 @@ int md4_test(void)
#endif /* NO_MD4 */
#ifndef NO_MD5
int md5_test(void)
{
Md5 md5;
@@ -284,6 +288,8 @@ int md5_test(void)
return 0;
}
#endif /* NO_MD5 */
int sha_test(void)
{
Sha sha;

3
tests/include.am
View File

@@ -28,4 +28,5 @@ EXTRA_DIST += tests/test.conf \
tests/test-dtls.conf \
tests/test-rabbit.conf \
tests/test-null.conf \
tests/test-psk-null.conf
tests/test-psk-null.conf \
tests/test-leanpsk.conf

12
tests/suites.c
View File

@@ -295,7 +295,7 @@ int SuiteTest(void)
}
#endif
#if !defined(NO_PSK) && defined(HAVE_NULL_CIPHER)
#if !defined(NO_PSK) && defined(HAVE_NULL_CIPHER) && !defined(NO_OLD_TLS)
strcpy(argv0[1], "tests/test-psk-null.conf");
printf("starting psk extra null cipher suite tests\n");
test_harness(&args);
@@ -305,6 +305,16 @@ int SuiteTest(void)
}
#endif
#ifdef CYASSL_LEANPSK
strcpy(argv0[1], "tests/test-leanpsk.conf");
printf("starting lean-psk cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#ifdef HAVE_NTRU
/* add ntru extra suites */
strcpy(argv0[1], "tests/test-ntru.conf");

20
tests/test-leanpsk.conf Normal file
View File

@@ -0,0 +1,20 @@
# server TLSv1.2 PSK-NULL
-s
-v 3
-l PSK-NULL-SHA
# client TLSv1.2 PSK-NULL
-s
-v 3
-l PSK-NULL-SHA
# server TLSv1.2 PSK-NULL-SHA256
-s
-v 3
-l PSK-NULL-SHA256
# client TLSv1.2 PSK-NULL-SHA256
-s
-v 3
-l PSK-NULL-SHA256

22
testsuite/testsuite.c
View File

@@ -25,7 +25,7 @@
#include <cyassl/openssl/ssl.h>
#include <cyassl/test.h>
#include <cyassl/ctaocrypt/md5.h>
#include <cyassl/ctaocrypt/sha.h>
#include "ctaocrypt/test/test.h"
@@ -132,8 +132,8 @@ int main(int argc, char** argv)
/* validate output equals input */
{
byte input[MD5_DIGEST_SIZE];
byte output[MD5_DIGEST_SIZE];
byte input[SHA_DIGEST_SIZE];
byte output[SHA_DIGEST_SIZE];
file_test("input", input);
file_test("output", output);
@@ -211,23 +211,23 @@ void file_test(const char* file, byte* check)
{
FILE* f;
int i = 0, j;
Md5 md5;
Sha sha;
byte buf[1024];
byte md5sum[MD5_DIGEST_SIZE];
byte shasum[SHA_DIGEST_SIZE];
InitMd5(&md5);
InitSha(&sha);
if( !( f = fopen( file, "rb" ) )) {
printf("Can't open %s\n", file);
return;
}
while( ( i = (int)fread(buf, 1, sizeof(buf), f )) > 0 )
Md5Update(&md5, buf, i);
ShaUpdate(&sha, buf, i);
Md5Final(&md5, md5sum);
memcpy(check, md5sum, sizeof(md5sum));
ShaFinal(&sha, shasum);
memcpy(check, shasum, sizeof(shasum));
for(j = 0; j < MD5_DIGEST_SIZE; ++j )
printf( "%02x", md5sum[j] );
for(j = 0; j < SHA_DIGEST_SIZE; ++j )
printf( "%02x", shasum[j] );
printf(" %s\n", file);