cryptocb: support WOLF_CRYPTO_CB_ONLY_SHA512

This commit is contained in:
Marco Oliverio
2026-05-20 22:01:34 +02:00
parent 5744df1c77
commit 0314b3fed2
14 changed files with 968 additions and 13 deletions
+15 -1
View File
@@ -33,6 +33,19 @@ jobs:
# the software path via cryptocb.
- name: SHA256
cppflags: -DWOLF_CRYPTO_CB_ONLY_SHA256
# WOLF_CRYPTO_CB_ONLY_SHA512: strips software SHA-512 family (SHA-384,
# SHA-512/224, SHA-512/256, SHA-512); swdev handles every variant
# explicitly via cryptocb.
- name: SHA512
cppflags: -DWOLF_CRYPTO_CB_ONLY_SHA512
# Same as SHA512 but tells swdev to refuse the SHA-384 / SHA-512/224 /
# SHA-512/256 variant callbacks (WOLFSSL_SWDEV_SHA512_GENERAL_ONLY). That
# forces the cryptocb dispatcher's fallback-to-plain-SHA-512-with-
# truncation path. The SHA512 entry above instead has swdev handle
# every variant end-to-end, so the dispatcher fallback is otherwise
# uncovered.
- name: SHA512_via_general
cppflags: -DWOLF_CRYPTO_CB_ONLY_SHA512 -DWOLFSSL_SWDEV_SHA512_GENERAL_ONLY
# WOLF_CRYPTO_CB_ONLY_AES: strips software AES; swdev provides the
# software path via cryptocb.
- name: AES
@@ -51,7 +64,8 @@ jobs:
- name: ALL
cppflags: >-
-DWOLF_CRYPTO_CB_ONLY_ECC -DWOLF_CRYPTO_CB_ONLY_RSA
-DWOLF_CRYPTO_CB_ONLY_SHA256 -DWOLF_CRYPTO_CB_ONLY_AES
-DWOLF_CRYPTO_CB_ONLY_SHA256 -DWOLF_CRYPTO_CB_ONLY_SHA512
-DWOLF_CRYPTO_CB_ONLY_AES
name: make check (${{ matrix.name }})
if: ${{ (github.repository_owner == 'wolfssl') && (github.event_name != 'pull_request' || github.event.pull_request.draft == false) }}
runs-on: ubuntu-24.04
+2
View File
@@ -966,6 +966,8 @@ WOLFSSL_XIL_MSG_NO_SLEEP
WOLFSSL_ZEPHYR
WOLF_ALLOW_BUILTIN
WOLF_CRYPTO_CB_CMD
WOLF_CRYPTO_CB_NO_SHA512_FALLBACK
WOLF_CRYPTO_CB_ONLY_SHA512
WOLF_CRYPTO_DEV
WOLF_NO_TRAILING_ENUM_COMMAS
WindowsCE
+6 -3
View File
@@ -611,7 +611,8 @@ int wolfSSL_SHA512_Final(byte* output, WOLFSSL_SHA512_CTX* sha512)
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
!defined(WOLFSSL_KCAPI_HASH) /* doesn't support direct transform */
!defined(WOLFSSL_KCAPI_HASH) /* doesn't support direct transform */ && \
!defined(WOLF_CRYPTO_CB_ONLY_SHA512) /* no wc_Sha512Transform in CB-only */
/* Apply SHA-512 transformation to the data.
*
* @param [in, out] sha512 SHA512 context object.
@@ -687,7 +688,8 @@ int wolfSSL_SHA512_224_Final(byte* output, WOLFSSL_SHA512_224_CTX* sha512)
}
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
!defined(WOLF_CRYPTO_CB_ONLY_SHA512) /* no wc_Sha512_224Transform in CB-only */
/* Apply SHA-512-224 transformation to the data.
*
* @param [in, out] sha512 SHA512 context object.
@@ -765,7 +767,8 @@ int wolfSSL_SHA512_256_Final(byte* output, WOLFSSL_SHA512_256_CTX* sha512)
}
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
!defined(WOLF_CRYPTO_CB_ONLY_SHA512) /* no wc_Sha512_256Transform in CB-only */
/* Apply SHA-512-256 transformation to the data.
*
* @param [in, out] sha512 SHA512 context object.
+4 -2
View File
@@ -27527,7 +27527,8 @@ static int test_SSL_CIPHER_get_xxx(void)
#if defined(WOLF_CRYPTO_CB) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
(!defined(WOLF_CRYPTO_CB_ONLY_SHA256) && !defined(WOLF_CRYPTO_CB_ONLY_AES) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC) && !defined(WOLF_CRYPTO_CB_ONLY_RSA))
!defined(WOLF_CRYPTO_CB_ONLY_ECC) && !defined(WOLF_CRYPTO_CB_ONLY_RSA) && \
!defined(WOLF_CRYPTO_CB_ONLY_SHA512))
static int load_pem_key_file_as_der(const char* privKeyFile, DerBuffer** pDer,
int* keyFormat)
@@ -28531,7 +28532,8 @@ static int test_wc_CryptoCb(void)
EXPECT_DECLS;
#if defined(WOLF_CRYPTO_CB) && \
(!defined(WOLF_CRYPTO_CB_ONLY_SHA256) && !defined(WOLF_CRYPTO_CB_ONLY_AES) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC) && !defined(WOLF_CRYPTO_CB_ONLY_RSA))
!defined(WOLF_CRYPTO_CB_ONLY_ECC) && !defined(WOLF_CRYPTO_CB_ONLY_RSA) && \
!defined(WOLF_CRYPTO_CB_ONLY_SHA512))
/* TODO: Add crypto callback API tests */
#ifdef HAVE_IO_TESTS_DEPENDENCIES
+97
View File
@@ -1058,3 +1058,100 @@ int test_wc_sha512_cryptocb_fallback(void)
return EXPECT_RESULT();
}
/* Regression test for the no-_ex SHA-512/224 and SHA-512/256 initializers under
* WOLF_CRYPTO_CB_ONLY_SHA512. With the software path stripped, they must adopt
* the registered default CryptoCb device just like wc_InitSha512() and
* wc_InitSha384(); otherwise devId stays INVALID_DEVID and the public streaming
* API returns NO_VALID_DEVID even though a default device is registered. */
int test_wc_sha512_variants_default_devid(void)
{
EXPECT_DECLS;
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_ONLY_SHA512) && \
defined(WOLFSSL_SHA512) && !defined(NO_SHA2_CRYPTO_CB) && \
!defined(WC_NO_DEFAULT_DEVID) && \
(!defined(WOLFSSL_NOSHA512_224) || !defined(WOLFSSL_NOSHA512_256))
typedef struct {
const char* name;
int (*initFn)(wc_Sha512* sha);
} Sha512VariantCase;
static const Sha512VariantCase cases[] = {
#ifndef WOLFSSL_NOSHA512_224
{ "SHA-512/224", wc_InitSha512_224 },
#endif
#ifndef WOLFSSL_NOSHA512_256
{ "SHA-512/256", wc_InitSha512_256 },
#endif
};
Sha512DevCbCtx cbCtx;
int defaultDevId;
wc_Sha512 sha;
const Sha512VariantCase* tc;
size_t c;
XMEMSET(&cbCtx, 0, sizeof(cbCtx));
ExpectIntEQ(wc_CryptoCb_RegisterDevice(TEST_CRYPTOCB_SHA512_DEVID,
sha512_dev_cb, &cbCtx), 0);
defaultDevId = wc_CryptoCb_DefaultDevID();
ExpectIntNE(defaultDevId, INVALID_DEVID);
for (c = 0; c < sizeof(cases) / sizeof(cases[0]); c++) {
tc = &cases[c];
XMEMSET(&sha, 0, sizeof(sha));
sha.devId = INVALID_DEVID;
/* the no-_ex initializer must adopt the default device rather than
* leaving devId INVALID_DEVID (which the stripped software path would
* surface as NO_VALID_DEVID from the public streaming API) */
ExpectIntEQ(tc->initFn(&sha), 0);
ExpectIntEQ(sha.devId, defaultDevId);
wc_Sha512Free(&sha);
}
wc_CryptoCb_UnRegisterDevice(TEST_CRYPTOCB_SHA512_DEVID);
#endif
return EXPECT_RESULT();
}
/* WOLF_CRYPTO_CB_FREE under WOLF_CRYPTO_CB_ONLY_SHA512: the
* stripped-software wc_Sha512Free()/wc_Sha384Free() must route through the
* crypto callback. */
int test_wc_sha512_cryptocb_free(void)
{
EXPECT_DECLS;
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE) && \
defined(WOLF_CRYPTO_CB_ONLY_SHA512) && defined(WOLFSSL_SHA512)
Sha512DevCbCtx cbCtx;
wc_Sha512 sha512;
#ifdef WOLFSSL_SHA384
wc_Sha384 sha384;
#endif
XMEMSET(&cbCtx, 0, sizeof(cbCtx));
ExpectIntEQ(wc_CryptoCb_RegisterDevice(TEST_CRYPTOCB_SHA512_DEVID,
sha512_dev_cb, &cbCtx), 0);
XMEMSET(&sha512, 0, sizeof(sha512));
ExpectIntEQ(wc_InitSha512_ex(&sha512, HEAP_HINT,
TEST_CRYPTOCB_SHA512_DEVID), 0);
wc_Sha512Free(&sha512);
/* the free must reach the device callback */
ExpectIntEQ(cbCtx.freeSeen, 1);
#ifdef WOLFSSL_SHA384
cbCtx.freeSeen = 0;
XMEMSET(&sha384, 0, sizeof(sha384));
ExpectIntEQ(wc_InitSha384_ex(&sha384, HEAP_HINT,
TEST_CRYPTOCB_SHA512_DEVID), 0);
wc_Sha384Free(&sha384);
ExpectIntEQ(cbCtx.freeSeen, 1);
#endif
wc_CryptoCb_UnRegisterDevice(TEST_CRYPTOCB_SHA512_DEVID);
#endif
return EXPECT_RESULT();
}
+5 -1
View File
@@ -67,6 +67,8 @@ int test_wc_Sha384Copy(void);
int test_wc_Sha384GetHash(void);
int test_wc_Sha384_Flags(void);
int test_wc_sha512_cryptocb_fallback(void);
int test_wc_sha512_variants_default_devid(void);
int test_wc_sha512_cryptocb_free(void);
#define TEST_SHA512_DECLS \
TEST_DECL_GROUP("sha512", test_wc_InitSha512), \
@@ -79,7 +81,9 @@ int test_wc_sha512_cryptocb_fallback(void);
TEST_DECL_GROUP("sha512", test_wc_Sha512GetHash), \
TEST_DECL_GROUP("sha512", test_wc_Sha512Transform), \
TEST_DECL_GROUP("sha512", test_wc_Sha512_Flags), \
TEST_DECL_GROUP("sha512", test_wc_sha512_cryptocb_fallback)
TEST_DECL_GROUP("sha512", test_wc_sha512_cryptocb_fallback), \
TEST_DECL_GROUP("sha512", test_wc_sha512_variants_default_devid), \
TEST_DECL_GROUP("sha512", test_wc_sha512_cryptocb_free)
#define TEST_SHA512_224_DECLS \
TEST_DECL_GROUP("sha512_224", test_wc_InitSha512_224), \
+193 -1
View File
@@ -249,6 +249,177 @@ out:
#endif /* WOLFSSL_SHA224 */
#endif /* !NO_SHA256 */
#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
/* Copy hash state between caller's wc_Sha512 and swdev's shadow, leaving
* admin fields (heap, devId, devCtx, W, async, HW ctx) per-side. The same
* helper works for SHA-384, SHA-512/224, SHA-512/256 since they all typedef
* to wc_Sha512. */
static void swdev_sha512_copy_state(wc_Sha512* dst, const wc_Sha512* src)
{
XMEMCPY(dst->digest, src->digest, sizeof(dst->digest));
XMEMCPY(dst->buffer, src->buffer, sizeof(dst->buffer));
dst->buffLen = src->buffLen;
dst->loLen = src->loLen;
dst->hiLen = src->hiLen;
#ifdef WC_C_DYNAMIC_FALLBACK
dst->sha_method = src->sha_method;
#endif
#ifdef WOLFSSL_HASH_FLAGS
dst->flags = src->flags;
#endif
#if defined(WOLFSSL_SHA512_HASHTYPE)
dst->hashType = src->hashType;
#endif
}
#endif /* WOLFSSL_SHA512 || WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
static int swdev_sha512(wc_CryptoInfo* info)
{
wc_Sha512* sha512 = info->hash.sha512;
wc_Sha512 shadow;
int ret;
if (sha512 == NULL)
return BAD_FUNC_ARG;
ret = wc_InitSha512(&shadow);
if (ret != 0)
return ret;
swdev_sha512_copy_state(&shadow, sha512);
if (info->hash.in != NULL) {
ret = wc_Sha512Update(&shadow, info->hash.in, info->hash.inSz);
if (ret != 0)
goto out;
}
if (info->hash.digest != NULL) {
ret = wc_Sha512Final(&shadow, info->hash.digest);
if (ret != 0)
goto out;
}
swdev_sha512_copy_state(sha512, &shadow);
out:
wc_Sha512Free(&shadow);
return ret;
}
#if !defined(WOLFSSL_NOSHA512_224) && \
!defined(WOLFSSL_SWDEV_SHA512_GENERAL_ONLY)
static int swdev_sha512_224(wc_CryptoInfo* info)
{
wc_Sha512 shadow;
wc_Sha512* sha = info->hash.sha512;
int ret;
if (sha == NULL)
return BAD_FUNC_ARG;
ret = wc_InitSha512_224(&shadow);
if (ret != 0)
return ret;
swdev_sha512_copy_state(&shadow, sha);
if (info->hash.in != NULL) {
ret = wc_Sha512_224Update(&shadow, info->hash.in, info->hash.inSz);
if (ret != 0)
goto out;
}
if (info->hash.digest != NULL) {
ret = wc_Sha512_224Final(&shadow, info->hash.digest);
if (ret != 0)
goto out;
}
swdev_sha512_copy_state(sha, &shadow);
out:
wc_Sha512_224Free(&shadow);
return ret;
}
#endif
#if !defined(WOLFSSL_NOSHA512_256) && \
!defined(WOLFSSL_SWDEV_SHA512_GENERAL_ONLY)
static int swdev_sha512_256(wc_CryptoInfo* info)
{
wc_Sha512 shadow;
wc_Sha512* sha = info->hash.sha512;
int ret;
if (sha == NULL)
return BAD_FUNC_ARG;
ret = wc_InitSha512_256(&shadow);
if (ret != 0)
return ret;
swdev_sha512_copy_state(&shadow, sha);
if (info->hash.in != NULL) {
ret = wc_Sha512_256Update(&shadow, info->hash.in, info->hash.inSz);
if (ret != 0)
goto out;
}
if (info->hash.digest != NULL) {
ret = wc_Sha512_256Final(&shadow, info->hash.digest);
if (ret != 0)
goto out;
}
swdev_sha512_copy_state(sha, &shadow);
out:
wc_Sha512_256Free(&shadow);
return ret;
}
#endif
#endif /* WOLFSSL_SHA512 */
#if defined(WOLFSSL_SHA384) && !defined(WOLFSSL_SWDEV_SHA512_GENERAL_ONLY)
/* SHA-384 is SHA-512 with a different IV/truncation; wc_Sha384 is a typedef
* of wc_Sha512, so the shadow/copy-state dance is identical to swdev_sha512.
* When WOLFSSL_SWDEV_SHA512_GENERAL_ONLY is set this is omitted so swdev declines
* SHA-384 and the cryptocb dispatcher's SHA-512 fallback path is exercised. */
static int swdev_sha384(wc_CryptoInfo* info)
{
wc_Sha384* sha384 = info->hash.sha384;
wc_Sha384 shadow;
int ret;
if (sha384 == NULL)
return BAD_FUNC_ARG;
ret = wc_InitSha384(&shadow);
if (ret != 0)
return ret;
swdev_sha512_copy_state(&shadow, sha384);
if (info->hash.in != NULL) {
ret = wc_Sha384Update(&shadow, info->hash.in, info->hash.inSz);
if (ret != 0)
goto out;
}
if (info->hash.digest != NULL) {
ret = wc_Sha384Final(&shadow, info->hash.digest);
if (ret != 0)
goto out;
}
swdev_sha512_copy_state(sha384, &shadow);
out:
wc_Sha384Free(&shadow);
return ret;
}
#endif /* WOLFSSL_SHA384 && !WOLFSSL_SWDEV_SHA512_GENERAL_ONLY */
#ifndef NO_AES
/* Rebuild a software AES shadow from the caller's raw devKey, since the
* caller's Aes has no software round-key schedule under CB_ONLY_AES. */
@@ -546,14 +717,35 @@ WC_SWDEV_EXPORT int wc_SwDev_Callback(int devId, wc_CryptoInfo* info,
return CRYPTOCB_UNAVAILABLE;
}
#endif
#ifndef NO_SHA256
#if !defined(NO_SHA256) || defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
case WC_ALGO_TYPE_HASH:
switch (info->hash.type) {
#ifndef NO_SHA256
case WC_HASH_TYPE_SHA256:
return swdev_sha256(info);
#endif
#ifdef WOLFSSL_SHA224
case WC_HASH_TYPE_SHA224:
return swdev_sha224(info);
#endif
#ifdef WOLFSSL_SHA512
case WC_HASH_TYPE_SHA512:
return swdev_sha512(info);
#if !defined(WOLFSSL_NOSHA512_224) && \
!defined(WOLFSSL_SWDEV_SHA512_GENERAL_ONLY)
case WC_HASH_TYPE_SHA512_224:
return swdev_sha512_224(info);
#endif
#if !defined(WOLFSSL_NOSHA512_256) && \
!defined(WOLFSSL_SWDEV_SHA512_GENERAL_ONLY)
case WC_HASH_TYPE_SHA512_256:
return swdev_sha512_256(info);
#endif
#endif
#if defined(WOLFSSL_SHA384) && \
!defined(WOLFSSL_SWDEV_SHA512_GENERAL_ONLY)
case WC_HASH_TYPE_SHA384:
return swdev_sha384(info);
#endif
default:
return CRYPTOCB_UNAVAILABLE;
+1
View File
@@ -25,6 +25,7 @@
#undef WOLF_CRYPTO_CB_ONLY_RSA
#undef WOLF_CRYPTO_CB_ONLY_ECC
#undef WOLF_CRYPTO_CB_ONLY_SHA256
#undef WOLF_CRYPTO_CB_ONLY_SHA512
#undef WOLF_CRYPTO_CB_ONLY_AES
#ifndef WOLF_CRYPTO_CB
+3 -2
View File
@@ -62,6 +62,7 @@ Crypto Callback Build Options:
* WOLF_CRYPTO_CB_ONLY_ECC: Use only callbacks for ECC default: off
* WOLF_CRYPTO_CB_ONLY_RSA: Use only callbacks for RSA default: off
* WOLF_CRYPTO_CB_ONLY_SHA256: Use only callbacks for SHA-256 default: off
* WOLF_CRYPTO_CB_ONLY_SHA512: Use only callbacks for SHA-512 default: off
* WOLF_CRYPTO_CB_ONLY_AES: Use only callbacks for AES default: off
*/
@@ -2154,7 +2155,7 @@ int wc_CryptoCb_Sha512Hash(wc_Sha512* sha512, const byte* in,
if (ret == 0 && digest != NULL && digestSz != WC_SHA512_DIGEST_SIZE) {
XMEMCPY(digest, localHash, digestSz);
#if !defined(WOLFSSL_NOSHA512_224)
if (digestSz == WC_SHA512_224_DIGEST_SIZE) {
if (sha512 != NULL && digestSz == WC_SHA512_224_DIGEST_SIZE) {
sha512->digest[0] = W64LIT(0x8c3d37c819544da2);
sha512->digest[1] = W64LIT(0x73e1996689dcd4d6);
sha512->digest[2] = W64LIT(0x1dfab7ae32ff9c82);
@@ -2166,7 +2167,7 @@ int wc_CryptoCb_Sha512Hash(wc_Sha512* sha512, const byte* in,
}
#endif
#if !defined(WOLFSSL_NOSHA512_256)
if (digestSz == WC_SHA512_256_DIGEST_SIZE) {
if (sha512 != NULL && digestSz == WC_SHA512_256_DIGEST_SIZE) {
sha512->digest[0] = W64LIT(0x22312194fc2bf72c);
sha512->digest[1] = W64LIT(0x9f555fa3c84c64c2);
sha512->digest[2] = W64LIT(0x2393b86b6f53b151);
+586
View File
@@ -56,6 +56,12 @@
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
#if (defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)) && \
defined(WOLF_CRYPTO_CB_ONLY_SHA512) && defined(WOLFSSL_RISCV_ASM)
#error "WOLF_CRYPTO_CB_ONLY_SHA512 is incompatible with SHA-512 hardware" \
" acceleration backends"
#endif
#if (defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)) && \
!defined(WOLFSSL_RISCV_ASM)
@@ -159,6 +165,45 @@
/* #define DEBUG_YMM */
#endif
#ifdef WOLF_CRYPTO_CB_ONLY_SHA512
/* WOLF_CRYPTO_CB_ONLY_SHA512 strips the software SHA-512 implementation and
* routes every operation (SHA-512, SHA-384, SHA-512/224, SHA-512/256) through
* the crypto callback. It is mutually exclusive with any in-tree SHA-512
* hardware/asm backend: keep this list in sync with the backend dispatch
* chains in sha512.c. The RISC-V asm guard lives before the outer file guard;
* these guards live before the dispatch chain so they are evaluated before a
* hardware backend wins the #elif chain (in which case the
* WOLF_CRYPTO_CB_ONLY_SHA512 branch itself is never compiled). */
#if (defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH) && \
!defined(WOLFSSL_QNX_CAAM)) || \
defined(WOLFSSL_SILABS_SHA512) || \
defined(WOLFSSL_KCAPI_HASH) || \
(defined(WOLFSSL_RENESAS_RSIP) && \
!defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)) || \
defined(MAX3266X_SHA) || \
(defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)) || \
defined(STM32_HASH_SHA512) || \
defined(PSOC6_HASH_SHA2) || \
defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) || \
defined(WOLFSSL_ARMASM) || \
(defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
(defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2)))
#error "WOLF_CRYPTO_CB_ONLY_SHA512 is incompatible with SHA-512 hardware" \
" acceleration backends"
#endif
#if defined(HAVE_FIPS)
#error "WOLF_CRYPTO_CB_ONLY_SHA512 is incompatible with FIPS builds"
#endif
/* WOLFSSL_HASH_KEEP accumulates all Update data into sha->msg and passes it
* all to hardware in Final. That pattern is driven by port-specific backends
* (e.g. CAAM) which are already excluded above; the crypto-callback Update
* path dispatches each chunk directly to the callback instead, so the two
* mechanisms are incompatible. */
#ifdef WOLFSSL_HASH_KEEP
#error "WOLF_CRYPTO_CB_ONLY_SHA512 is incompatible with WOLFSSL_HASH_KEEP"
#endif
#endif /* WOLF_CRYPTO_CB_ONLY_SHA512 */
#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH) && \
!defined(WOLFSSL_QNX_CAAM)
/* functions defined in wolfcrypt/src/port/caam/caam_sha.c */
@@ -318,6 +363,544 @@
#elif defined(PSOC6_HASH_SHA2)
/* Functions defined in wolfcrypt/src/port/cypress/psoc6_crypto.c */
#elif defined(WOLF_CRYPTO_CB_ONLY_SHA512)
static int Sha512_CbReset(wc_Sha512* sha512, const word64* initDigest,
int hashType)
{
int i;
if (sha512 == NULL)
return BAD_FUNC_ARG;
for (i = 0; i < 8; i++)
sha512->digest[i] = initDigest[i];
sha512->buffLen = 0;
XMEMSET(sha512->buffer, 0, sizeof(sha512->buffer));
sha512->loLen = 0;
sha512->hiLen = 0;
#ifdef WOLFSSL_HASH_FLAGS
sha512->flags = 0;
#endif
#if defined(WOLFSSL_SHA512_HASHTYPE)
sha512->hashType = hashType;
#else
(void)hashType;
#endif
return 0;
}
static int Sha512_CbInit(wc_Sha512* sha512, const word64* initDigest,
void* heap, int devId, int hashType)
{
int ret;
/* Zero the whole struct first so fields not touched by the callback path
* (e.g. asyncDev, W, devCtx) never expose uninitialized stack data to a
* callback; the admin fields below are then set explicitly. */
if (sha512 != NULL)
XMEMSET(sha512, 0, sizeof(*sha512));
ret = Sha512_CbReset(sha512, initDigest, hashType);
if (ret != 0)
return ret;
sha512->heap = heap;
sha512->devId = devId;
sha512->devCtx = NULL;
return 0;
}
#ifdef WOLFSSL_SHA512
static const word64 sha512Init[8] = {
W64LIT(0x6a09e667f3bcc908), W64LIT(0xbb67ae8584caa73b),
W64LIT(0x3c6ef372fe94f82b), W64LIT(0xa54ff53a5f1d36f1),
W64LIT(0x510e527fade682d1), W64LIT(0x9b05688c2b3e6c1f),
W64LIT(0x1f83d9abfb41bd6b), W64LIT(0x5be0cd19137e2179)
};
static int Sha512_CbFinal(wc_Sha512* sha512, byte* hash, size_t digestSz)
{
if (sha512 == NULL || hash == NULL)
return BAD_FUNC_ARG;
#ifndef WOLF_CRYPTO_CB_FIND
if (sha512->devId != INVALID_DEVID)
#endif
{
int ret = wc_CryptoCb_Sha512Hash(sha512, NULL, 0, hash, digestSz);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
}
return NO_VALID_DEVID;
}
int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId)
{
return Sha512_CbInit(sha512, sha512Init, heap, devId,
WC_HASH_TYPE_SHA512);
}
int wc_InitSha512(wc_Sha512* sha512)
{
int devId = INVALID_DEVID;
#ifdef WOLF_CRYPTO_CB
devId = wc_CryptoCb_DefaultDevID();
#endif
return wc_InitSha512_ex(sha512, NULL, devId);
}
int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)
{
if (sha512 == NULL)
return BAD_FUNC_ARG;
if (data == NULL && len == 0)
return 0;
if (data == NULL)
return BAD_FUNC_ARG;
#ifndef WOLF_CRYPTO_CB_FIND
if (sha512->devId != INVALID_DEVID)
#endif
{
int ret = wc_CryptoCb_Sha512Hash(sha512, data, len, NULL, 0);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
}
return NO_VALID_DEVID;
}
int wc_Sha512Final(wc_Sha512* sha512, byte* hash)
{
return Sha512_CbFinal(sha512, hash, WC_SHA512_DIGEST_SIZE);
}
void wc_Sha512Free(wc_Sha512* sha512)
{
#ifdef WOLF_CRYPTO_CB_FREE
int ret = 0;
#endif
if (sha512 == NULL)
return;
#ifdef WOLF_CRYPTO_CB_FREE
#ifndef WOLF_CRYPTO_CB_FIND
if (sha512->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_Free(sha512->devId, WC_ALGO_TYPE_HASH,
WC_HASH_TYPE_SHA512, 0, (void*)sha512);
/* If they want the standard free, they can call it themselves */
/* via their callback setting devId to INVALID_DEVID */
/* otherwise assume the callback handled it */
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return;
/* fall-through when unavailable */
}
/* silence compiler warning */
(void)ret;
#endif /* WOLF_CRYPTO_CB_FREE */
ForceZero(sha512, sizeof(*sha512));
}
int wc_Sha512GetHash(wc_Sha512* sha512, byte* hash)
{
int ret;
WC_DECLARE_VAR(tmpSha512, wc_Sha512, 1, 0);
if (sha512 == NULL || hash == NULL)
return BAD_FUNC_ARG;
WC_CALLOC_VAR_EX(tmpSha512, wc_Sha512, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
return MEMORY_E);
ret = wc_Sha512Copy(sha512, tmpSha512);
if (ret == 0) {
ret = wc_Sha512Final(tmpSha512, hash);
wc_Sha512Free(tmpSha512);
}
WC_FREE_VAR_EX(tmpSha512, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst)
{
int ret = 0;
if (src == NULL || dst == NULL)
return BAD_FUNC_ARG;
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY)
#ifndef WOLF_CRYPTO_CB_FIND
if (src->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH,
WC_HASH_TYPE_SHA512, (void*)src, (void*)dst);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when the callback is unavailable */
}
ret = 0; /* discard CRYPTOCB_UNAVAILABLE before the plain struct copy */
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */
wc_Sha512Free(dst);
XMEMCPY(dst, src, sizeof(wc_Sha512));
#ifdef WOLFSSL_HASH_FLAGS
dst->flags |= WC_HASH_FLAG_ISCOPY;
#endif
return ret;
}
#ifdef WOLFSSL_HASH_FLAGS
int wc_Sha512SetFlags(wc_Sha512* sha512, word32 flags)
{
if (sha512)
sha512->flags = flags;
return 0;
}
int wc_Sha512GetFlags(wc_Sha512* sha512, word32* flags)
{
if (sha512 && flags)
*flags = sha512->flags;
return 0;
}
#endif /* WOLFSSL_HASH_FLAGS */
#if !defined(WOLFSSL_NOSHA512_224) && !defined(HAVE_SELFTEST)
static const word64 sha512_224Init[8] = {
W64LIT(0x8c3d37c819544da2), W64LIT(0x73e1996689dcd4d6),
W64LIT(0x1dfab7ae32ff9c82), W64LIT(0x679dd514582f9fcf),
W64LIT(0x0f6d2b697bd44da8), W64LIT(0x77e36f7304c48942),
W64LIT(0x3f9d85a86a1d36c8), W64LIT(0x1112e6ad91d692a1)
};
int wc_InitSha512_224_ex(wc_Sha512* sha512, void* heap, int devId)
{
return Sha512_CbInit(sha512, sha512_224Init, heap, devId,
WC_HASH_TYPE_SHA512_224);
}
int wc_InitSha512_224(wc_Sha512* sha512)
{
int devId = INVALID_DEVID;
#ifdef WOLF_CRYPTO_CB
devId = wc_CryptoCb_DefaultDevID();
#endif
return wc_InitSha512_224_ex(sha512, NULL, devId);
}
int wc_Sha512_224Update(wc_Sha512* sha512, const byte* data, word32 len)
{
return wc_Sha512Update(sha512, data, len);
}
int wc_Sha512_224Final(wc_Sha512* sha512, byte* hash)
{
return Sha512_CbFinal(sha512, hash, WC_SHA512_224_DIGEST_SIZE);
}
void wc_Sha512_224Free(wc_Sha512* sha512)
{
wc_Sha512Free(sha512);
}
int wc_Sha512_224Copy(wc_Sha512* src, wc_Sha512* dst)
{
return wc_Sha512Copy(src, dst);
}
int wc_Sha512_224GetHash(wc_Sha512* sha512, byte* hash)
{
int ret;
WC_DECLARE_VAR(tmpSha512, wc_Sha512, 1, 0);
if (sha512 == NULL || hash == NULL)
return BAD_FUNC_ARG;
WC_CALLOC_VAR_EX(tmpSha512, wc_Sha512, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
return MEMORY_E);
ret = wc_Sha512_224Copy(sha512, tmpSha512);
if (ret == 0) {
ret = wc_Sha512_224Final(tmpSha512, hash);
wc_Sha512_224Free(tmpSha512);
}
WC_FREE_VAR_EX(tmpSha512, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
#ifdef WOLFSSL_HASH_FLAGS
int wc_Sha512_224SetFlags(wc_Sha512* sha512, word32 flags)
{
return wc_Sha512SetFlags(sha512, flags);
}
int wc_Sha512_224GetFlags(wc_Sha512* sha512, word32* flags)
{
return wc_Sha512GetFlags(sha512, flags);
}
#endif /* WOLFSSL_HASH_FLAGS */
#endif /* !WOLFSSL_NOSHA512_224 && !HAVE_SELFTEST */
#if !defined(WOLFSSL_NOSHA512_256) && !defined(HAVE_SELFTEST)
static const word64 sha512_256Init[8] = {
W64LIT(0x22312194fc2bf72c), W64LIT(0x9f555fa3c84c64c2),
W64LIT(0x2393b86b6f53b151), W64LIT(0x963877195940eabd),
W64LIT(0x96283ee2a88effe3), W64LIT(0xbe5e1e2553863992),
W64LIT(0x2b0199fc2c85b8aa), W64LIT(0x0eb72ddc81c52ca2)
};
int wc_InitSha512_256_ex(wc_Sha512* sha512, void* heap, int devId)
{
return Sha512_CbInit(sha512, sha512_256Init, heap, devId,
WC_HASH_TYPE_SHA512_256);
}
int wc_InitSha512_256(wc_Sha512* sha512)
{
int devId = INVALID_DEVID;
#ifdef WOLF_CRYPTO_CB
devId = wc_CryptoCb_DefaultDevID();
#endif
return wc_InitSha512_256_ex(sha512, NULL, devId);
}
int wc_Sha512_256Update(wc_Sha512* sha512, const byte* data, word32 len)
{
return wc_Sha512Update(sha512, data, len);
}
int wc_Sha512_256Final(wc_Sha512* sha512, byte* hash)
{
return Sha512_CbFinal(sha512, hash, WC_SHA512_256_DIGEST_SIZE);
}
void wc_Sha512_256Free(wc_Sha512* sha512)
{
wc_Sha512Free(sha512);
}
int wc_Sha512_256Copy(wc_Sha512* src, wc_Sha512* dst)
{
return wc_Sha512Copy(src, dst);
}
int wc_Sha512_256GetHash(wc_Sha512* sha512, byte* hash)
{
int ret;
WC_DECLARE_VAR(tmpSha512, wc_Sha512, 1, 0);
if (sha512 == NULL || hash == NULL)
return BAD_FUNC_ARG;
WC_CALLOC_VAR_EX(tmpSha512, wc_Sha512, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
return MEMORY_E);
ret = wc_Sha512_256Copy(sha512, tmpSha512);
if (ret == 0) {
ret = wc_Sha512_256Final(tmpSha512, hash);
wc_Sha512_256Free(tmpSha512);
}
WC_FREE_VAR_EX(tmpSha512, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
#ifdef WOLFSSL_HASH_FLAGS
int wc_Sha512_256SetFlags(wc_Sha512* sha512, word32 flags)
{
return wc_Sha512SetFlags(sha512, flags);
}
int wc_Sha512_256GetFlags(wc_Sha512* sha512, word32* flags)
{
return wc_Sha512GetFlags(sha512, flags);
}
#endif /* WOLFSSL_HASH_FLAGS */
#endif /* !WOLFSSL_NOSHA512_256 && !HAVE_SELFTEST */
#endif /* WOLFSSL_SHA512 */
#ifdef WOLFSSL_SHA384
static const word64 sha384Init[8] = {
W64LIT(0xcbbb9d5dc1059ed8), W64LIT(0x629a292a367cd507),
W64LIT(0x9159015a3070dd17), W64LIT(0x152fecd8f70e5939),
W64LIT(0x67332667ffc00b31), W64LIT(0x8eb44a8768581511),
W64LIT(0xdb0c2e0d64f98fa7), W64LIT(0x47b5481dbefa4fa4)
};
int wc_InitSha384_ex(wc_Sha384* sha384, void* heap, int devId)
{
return Sha512_CbInit(sha384, sha384Init, heap, devId,
WC_HASH_TYPE_SHA384);
}
int wc_InitSha384(wc_Sha384* sha384)
{
int devId = INVALID_DEVID;
#ifdef WOLF_CRYPTO_CB
devId = wc_CryptoCb_DefaultDevID();
#endif
return wc_InitSha384_ex(sha384, NULL, devId);
}
int wc_Sha384Update(wc_Sha384* sha384, const byte* data, word32 len)
{
if (sha384 == NULL)
return BAD_FUNC_ARG;
if (data == NULL && len == 0)
return 0;
if (data == NULL)
return BAD_FUNC_ARG;
#ifndef WOLF_CRYPTO_CB_FIND
if (sha384->devId != INVALID_DEVID)
#endif
{
int ret = wc_CryptoCb_Sha384Hash(sha384, data, len, NULL);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
}
return NO_VALID_DEVID;
}
int wc_Sha384Final(wc_Sha384* sha384, byte* hash)
{
if (sha384 == NULL || hash == NULL)
return BAD_FUNC_ARG;
#ifndef WOLF_CRYPTO_CB_FIND
if (sha384->devId != INVALID_DEVID)
#endif
{
int ret = wc_CryptoCb_Sha384Hash(sha384, NULL, 0, hash);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
}
return NO_VALID_DEVID;
}
void wc_Sha384Free(wc_Sha384* sha384)
{
#ifdef WOLF_CRYPTO_CB_FREE
int ret = 0;
#endif
if (sha384 == NULL)
return;
#ifdef WOLF_CRYPTO_CB_FREE
#ifndef WOLF_CRYPTO_CB_FIND
if (sha384->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_Free(sha384->devId, WC_ALGO_TYPE_HASH,
WC_HASH_TYPE_SHA384, 0, (void*)sha384);
/* If they want the standard free, they can call it themselves */
/* via their callback setting devId to INVALID_DEVID */
/* otherwise assume the callback handled it */
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return;
/* fall-through when unavailable */
}
/* silence compiler warning */
(void)ret;
#endif /* WOLF_CRYPTO_CB_FREE */
ForceZero(sha384, sizeof(*sha384));
}
int wc_Sha384GetHash(wc_Sha384* sha384, byte* hash)
{
int ret;
WC_DECLARE_VAR(tmpSha384, wc_Sha384, 1, 0);
if (sha384 == NULL || hash == NULL)
return BAD_FUNC_ARG;
WC_CALLOC_VAR_EX(tmpSha384, wc_Sha384, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
return MEMORY_E);
ret = wc_Sha384Copy(sha384, tmpSha384);
if (ret == 0) {
ret = wc_Sha384Final(tmpSha384, hash);
wc_Sha384Free(tmpSha384);
}
WC_FREE_VAR_EX(tmpSha384, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst)
{
int ret = 0;
if (src == NULL || dst == NULL)
return BAD_FUNC_ARG;
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY)
#ifndef WOLF_CRYPTO_CB_FIND
if (src->devId != INVALID_DEVID)
#endif
{
ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH,
WC_HASH_TYPE_SHA384, (void*)src, (void*)dst);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when the callback is unavailable */
}
ret = 0; /* discard CRYPTOCB_UNAVAILABLE before the plain struct copy */
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */
wc_Sha384Free(dst);
XMEMCPY(dst, src, sizeof(wc_Sha384));
#ifdef WOLFSSL_HASH_FLAGS
dst->flags |= WC_HASH_FLAG_ISCOPY;
#endif
return ret;
}
#ifdef WOLFSSL_HASH_FLAGS
int wc_Sha384SetFlags(wc_Sha384* sha384, word32 flags)
{
if (sha384)
sha384->flags = flags;
return 0;
}
int wc_Sha384GetFlags(wc_Sha384* sha384, word32* flags)
{
if (sha384 && flags)
*flags = sha384->flags;
return 0;
}
#endif /* WOLFSSL_HASH_FLAGS */
#endif /* WOLFSSL_SHA384 */
#else
#ifdef WOLFSSL_SHA512
@@ -1393,6 +1976,7 @@ int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)
#endif /* WOLFSSL_IMX6_CAAM || WOLFSSL_SILABS_SHA512 */
#ifndef WOLF_CRYPTO_CB_ONLY_SHA512
#if defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
@@ -2857,4 +3441,6 @@ int wc_Sha384_Grow(wc_Sha384* sha384, const byte* in, int inSz)
}
#endif /* WOLFSSL_SHA384 */
#endif /* WOLFSSL_HASH_KEEP */
#endif /* !WOLF_CRYPTO_CB_ONLY_SHA512 */
#endif /* WOLFSSL_SHA512 || WOLFSSL_SHA384 */
+18
View File
@@ -73231,6 +73231,15 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
/* set devId to invalid, so software is used */
info->hash.sha384->devId = INVALID_DEVID;
#endif
#if defined(WOLF_CRYPTO_CB_ONLY_SHA512)
#ifdef DEBUG_WOLFSSL
printf("CryptoDevCb: exampleVar %d\n", myCtx->exampleVar);
#endif
if (myCtx->exampleVar == 99) {
info->hash.sha384->devId = devIdArg;
return 0;
}
#endif
if (info->hash.in != NULL) {
ret = wc_Sha384Update(
@@ -73260,6 +73269,15 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
/* set devId to invalid, so software is used */
info->hash.sha512->devId = INVALID_DEVID;
#endif
#if defined(WOLF_CRYPTO_CB_ONLY_SHA512)
#ifdef DEBUG_WOLFSSL
printf("CryptoDevCb: exampleVar %d\n", myCtx->exampleVar);
#endif
if (myCtx->exampleVar == 99) {
info->hash.sha512->devId = devIdArg;
return 0;
}
#endif
if (info->hash.in != NULL) {
ret = wc_Sha512Update(
+12
View File
@@ -254,8 +254,10 @@ WOLFSSL_API int wolfSSL_SHA512_Init(WOLFSSL_SHA512_CTX* sha);
WOLFSSL_API int wolfSSL_SHA512_Update(WOLFSSL_SHA512_CTX* sha,
const void* input, unsigned long sz);
WOLFSSL_API int wolfSSL_SHA512_Final(byte* output, WOLFSSL_SHA512_CTX* sha);
#ifndef WOLF_CRYPTO_CB_ONLY_SHA512 /* no underlying wc_Sha512Transform */
WOLFSSL_API int wolfSSL_SHA512_Transform(WOLFSSL_SHA512_CTX* sha512,
const unsigned char* data);
#endif
#if !defined(OPENSSL_COEXIST) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL))
enum {
SHA512_DIGEST_LENGTH = 64
@@ -266,7 +268,9 @@ typedef WOLFSSL_SHA512_CTX SHA512_CTX;
#define SHA512_Init wolfSSL_SHA512_Init
#define SHA512_Update wolfSSL_SHA512_Update
#define SHA512_Final wolfSSL_SHA512_Final
#ifndef WOLF_CRYPTO_CB_ONLY_SHA512 /* no underlying wc_Sha512Transform */
#define SHA512_Transform wolfSSL_SHA512_Transform
#endif
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
/* SHA512 is only available in non-fips mode because of SHA512 enum in FIPS
* build. */
@@ -283,14 +287,18 @@ WOLFSSL_API int wolfSSL_SHA512_224_Update(WOLFSSL_SHA512_224_CTX* sha,
const void* input, unsigned long sz);
WOLFSSL_API int wolfSSL_SHA512_224_Final(byte* output,
WOLFSSL_SHA512_224_CTX* sha);
#ifndef WOLF_CRYPTO_CB_ONLY_SHA512 /* no underlying wc_Sha512_224Transform */
WOLFSSL_API int wolfSSL_SHA512_224_Transform(WOLFSSL_SHA512_CTX* sha512,
const unsigned char* data);
#endif
#if !defined(OPENSSL_COEXIST) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL))
#define SHA512_224_Init wolfSSL_SHA512_224_Init
#define SHA512_224_Update wolfSSL_SHA512_224_Update
#define SHA512_224_Final wolfSSL_SHA512_224_Final
#ifndef WOLF_CRYPTO_CB_ONLY_SHA512 /* no underlying wc_Sha512_224Transform */
#define SHA512_224_Transform wolfSSL_SHA512_224_Transform
#endif
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#define SHA512_224 wolfSSL_SHA512_224
@@ -306,14 +314,18 @@ WOLFSSL_API int wolfSSL_SHA512_256_Init(WOLFSSL_SHA512_CTX* sha);
WOLFSSL_API int wolfSSL_SHA512_256_Update(WOLFSSL_SHA512_256_CTX* sha,
const void* input, unsigned long sz);
WOLFSSL_API int wolfSSL_SHA512_256_Final(byte* output, WOLFSSL_SHA512_256_CTX* sha);
#ifndef WOLF_CRYPTO_CB_ONLY_SHA512 /* no underlying wc_Sha512_256Transform */
WOLFSSL_API int wolfSSL_SHA512_256_Transform(WOLFSSL_SHA512_CTX* sha512,
const unsigned char* data);
#endif
#if !defined(OPENSSL_COEXIST) && (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL))
#define SHA512_256_Init wolfSSL_SHA512_256_Init
#define SHA512_256_Update wolfSSL_SHA512_256_Update
#define SHA512_256_Final wolfSSL_SHA512_256_Final
#ifndef WOLF_CRYPTO_CB_ONLY_SHA512 /* no underlying wc_Sha512_256Transform */
#define SHA512_256_Transform wolfSSL_SHA512_256_Transform
#endif
#if defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#define SHA512_256 wolfSSL_SHA512_256
+6
View File
@@ -5224,6 +5224,12 @@ blinding by defining WC_BLINDING_NO_RNG_ACKNOWLEDGE_WEAKNESS."
#if defined(WOLF_CRYPTO_CB_ONLY_SHA256) && !defined(WOLF_CRYPTO_CB)
#error "WOLF_CRYPTO_CB_ONLY_SHA256 requires WOLF_CRYPTO_CB"
#endif
#if defined(WOLF_CRYPTO_CB_ONLY_SHA512) && !defined(WOLF_CRYPTO_CB)
#error "WOLF_CRYPTO_CB_ONLY_SHA512 requires WOLF_CRYPTO_CB"
#endif
#if defined(WOLF_CRYPTO_CB_ONLY_SHA512) && defined(HAVE_FIPS)
#error "WOLF_CRYPTO_CB_ONLY_SHA512 is incompatible with FIPS builds"
#endif
#if defined(WOLF_CRYPTO_CB_ONLY_AES) && !defined(WOLF_CRYPTO_CB)
#error "WOLF_CRYPTO_CB_ONLY_AES requires WOLF_CRYPTO_CB"
#endif
+20 -3
View File
@@ -80,6 +80,12 @@
#include <wolfssl/wolfcrypt/port/st/stm32.h>
#endif
/* no raw hash access when software transform is stripped */
#if defined(WOLF_CRYPTO_CB_ONLY_SHA512)
#undef WOLFSSL_NO_HASH_RAW
#define WOLFSSL_NO_HASH_RAW
#endif
#define SHA512_NOINLINE WC_NO_INLINE
#ifdef WOLFSSL_SHA512
@@ -238,7 +244,9 @@ WOLFSSL_LOCAL void Transform_Sha512_Len_base(wc_Sha512* sha512,
WOLFSSL_API int wc_InitSha512(wc_Sha512* sha);
WOLFSSL_API int wc_InitSha512_ex(wc_Sha512* sha, void* heap, int devId);
WOLFSSL_API int wc_Sha512Update(wc_Sha512* sha, const byte* data, word32 len);
#if !defined(WOLF_CRYPTO_CB_ONLY_SHA512)
WOLFSSL_API int wc_Sha512FinalRaw(wc_Sha512* sha512, byte* hash);
#endif
WOLFSSL_API int wc_Sha512Final(wc_Sha512* sha512, byte* hash);
WOLFSSL_API void wc_Sha512Free(wc_Sha512* sha);
@@ -253,7 +261,8 @@ WOLFSSL_API int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst);
WOLFSSL_API int wc_Sha512GetFlags(wc_Sha512* sha512, word32* flags);
#endif
#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
#if (defined(OPENSSL_EXTRA) || defined(HAVE_CURL)) && \
!defined(WOLF_CRYPTO_CB_ONLY_SHA512)
WOLFSSL_API int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data);
#endif
@@ -262,7 +271,9 @@ WOLFSSL_API int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data);
WOLFSSL_API int wc_InitSha512_224(wc_Sha512* sha);
WOLFSSL_API int wc_InitSha512_224_ex(wc_Sha512* sha, void* heap, int devId);
WOLFSSL_API int wc_Sha512_224Update(wc_Sha512* sha, const byte* data, word32 len);
#if !defined(WOLF_CRYPTO_CB_ONLY_SHA512)
WOLFSSL_API int wc_Sha512_224FinalRaw(wc_Sha512* sha512, byte* hash);
#endif
WOLFSSL_API int wc_Sha512_224Final(wc_Sha512* sha512, byte* hash);
WOLFSSL_API void wc_Sha512_224Free(wc_Sha512* sha);
WOLFSSL_API int wc_Sha512_224GetHash(wc_Sha512* sha512, byte* hash);
@@ -272,7 +283,8 @@ WOLFSSL_API int wc_Sha512_224Copy(wc_Sha512* src, wc_Sha512* dst);
WOLFSSL_API int wc_Sha512_224GetFlags(wc_Sha512* sha512, word32* flags);
#endif
#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
#if (defined(OPENSSL_EXTRA) || defined(HAVE_CURL)) && \
!defined(WOLF_CRYPTO_CB_ONLY_SHA512)
WOLFSSL_API int wc_Sha512_224Transform(wc_Sha512* sha,
const unsigned char* data);
#endif /* OPENSSL_EXTRA */
@@ -283,7 +295,9 @@ WOLFSSL_API int wc_Sha512_224Transform(wc_Sha512* sha,
WOLFSSL_API int wc_InitSha512_256(wc_Sha512* sha);
WOLFSSL_API int wc_InitSha512_256_ex(wc_Sha512* sha, void* heap, int devId);
WOLFSSL_API int wc_Sha512_256Update(wc_Sha512* sha, const byte* data, word32 len);
#if !defined(WOLF_CRYPTO_CB_ONLY_SHA512)
WOLFSSL_API int wc_Sha512_256FinalRaw(wc_Sha512* sha512, byte* hash);
#endif
WOLFSSL_API int wc_Sha512_256Final(wc_Sha512* sha512, byte* hash);
WOLFSSL_API void wc_Sha512_256Free(wc_Sha512* sha);
WOLFSSL_API int wc_Sha512_256GetHash(wc_Sha512* sha512, byte* hash);
@@ -293,7 +307,8 @@ WOLFSSL_API int wc_Sha512_256Copy(wc_Sha512* src, wc_Sha512* dst);
WOLFSSL_API int wc_Sha512_256GetFlags(wc_Sha512* sha512, word32* flags);
#endif
#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
#if (defined(OPENSSL_EXTRA) || defined(HAVE_CURL)) && \
!defined(WOLF_CRYPTO_CB_ONLY_SHA512)
WOLFSSL_API int wc_Sha512_256Transform(wc_Sha512* sha,
const unsigned char* data);
#endif /* OPENSSL_EXTRA */
@@ -334,7 +349,9 @@ WOLFSSL_API int wc_Sha512_256Transform(wc_Sha512* sha,
WOLFSSL_API int wc_InitSha384(wc_Sha384* sha);
WOLFSSL_API int wc_InitSha384_ex(wc_Sha384* sha, void* heap, int devId);
WOLFSSL_API int wc_Sha384Update(wc_Sha384* sha, const byte* data, word32 len);
#if !defined(WOLF_CRYPTO_CB_ONLY_SHA512)
WOLFSSL_API int wc_Sha384FinalRaw(wc_Sha384* sha384, byte* hash);
#endif
WOLFSSL_API int wc_Sha384Final(wc_Sha384* sha384, byte* hash);
WOLFSSL_API void wc_Sha384Free(wc_Sha384* sha);