From d5f3fa2ff8287615f56a6b2a40e71c9c95386909 Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 2 Jul 2019 10:11:33 -0700 Subject: [PATCH 1/2] Added DES3 Crypto callback support. --- wolfcrypt/src/cryptocb.c | 66 ++++++++++++++++++++++++++++++++++++ wolfcrypt/src/des3.c | 31 +++++++++++++++-- wolfcrypt/test/test.c | 38 +++++++++++++++++++-- wolfssl/wolfcrypt/cryptocb.h | 23 +++++++++++-- wolfssl/wolfcrypt/des3.h | 4 +++ 5 files changed, 156 insertions(+), 6 deletions(-) diff --git a/wolfcrypt/src/cryptocb.c b/wolfcrypt/src/cryptocb.c index 514555361..004c87e52 100644 --- a/wolfcrypt/src/cryptocb.c +++ b/wolfcrypt/src/cryptocb.c @@ -434,6 +434,72 @@ int wc_CryptoCb_AesCbcDecrypt(Aes* aes, byte* out, #endif /* HAVE_AES_CBC */ #endif /* !NO_AES */ +#ifndef NO_DES3 +int wc_CryptoCb_Des3Encrypt(Des3* des3, byte* out, + const byte* in, word32 sz) +{ + int ret = CRYPTOCB_UNAVAILABLE; + CryptoCb* dev; + + /* locate registered callback */ + if (des3) { + dev = wc_CryptoCb_FindDevice(des3->devId); + } + else { + /* locate first callback and try using it */ + dev = wc_CryptoCb_FindDeviceByIndex(0); + } + + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; + cryptoInfo.cipher.type = WC_CIPHER_DES3; + cryptoInfo.cipher.enc = 1; + cryptoInfo.cipher.des3.des = des3; + cryptoInfo.cipher.des3.out = out; + cryptoInfo.cipher.des3.in = in; + cryptoInfo.cipher.des3.sz = sz; + + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); + } + + return wc_CryptoCb_TranslateErrorCode(ret); +} + +int wc_CryptoCb_Des3Decrypt(Des3* des3, byte* out, + const byte* in, word32 sz) +{ + int ret = CRYPTOCB_UNAVAILABLE; + CryptoCb* dev; + + /* locate registered callback */ + if (des3) { + dev = wc_CryptoCb_FindDevice(des3->devId); + } + else { + /* locate first callback and try using it */ + dev = wc_CryptoCb_FindDeviceByIndex(0); + } + + if (dev && dev->cb) { + wc_CryptoInfo cryptoInfo; + XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); + cryptoInfo.algo_type = WC_ALGO_TYPE_CIPHER; + cryptoInfo.cipher.type = WC_CIPHER_DES3; + cryptoInfo.cipher.enc = 0; + cryptoInfo.cipher.des3.des = des3; + cryptoInfo.cipher.des3.out = out; + cryptoInfo.cipher.des3.in = in; + cryptoInfo.cipher.des3.sz = sz; + + ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); + } + + return wc_CryptoCb_TranslateErrorCode(ret); +} +#endif /* !NO_DES3 */ + #ifndef NO_SHA int wc_CryptoCb_ShaHash(wc_Sha* sha, const byte* in, word32 inSz, byte* digest) diff --git a/wolfcrypt/src/des3.c b/wolfcrypt/src/des3.c index 60bdf86eb..fdd18e0ed 100644 --- a/wolfcrypt/src/des3.c +++ b/wolfcrypt/src/des3.c @@ -45,6 +45,10 @@ #include +#ifdef WOLF_CRYPTO_CB + #include +#endif + /* fips wrapper calls, user can call direct */ #if defined(HAVE_FIPS) && \ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) @@ -1587,6 +1591,15 @@ return BAD_FUNC_ARG; } + #ifdef WOLF_CRYPTO_CB + if (des->devId != INVALID_DEVID) { + int ret = wc_CryptoCb_Des3Encrypt(des, out, in, sz); + if (ret != CRYPTOCB_UNAVAILABLE) + return ret; + /* fall-through when unavailable */ + } + #endif + #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES) if (des->asyncDev.marker == WOLFSSL_ASYNC_MARKER_3DES && sz >= WC_ASYNC_THRESH_DES3_CBC) { @@ -1629,6 +1642,15 @@ return BAD_FUNC_ARG; } + #ifdef WOLF_CRYPTO_CB + if (des->devId != INVALID_DEVID) { + int ret = wc_CryptoCb_Des3Decrypt(des, out, in, sz); + if (ret != CRYPTOCB_UNAVAILABLE) + return ret; + /* fall-through when unavailable */ + } + #endif + #if defined(WOLFSSL_ASYNC_CRYPT) if (des->asyncDev.marker == WOLFSSL_ASYNC_MARKER_3DES && sz >= WC_ASYNC_THRESH_DES3_CBC) { @@ -1734,11 +1756,16 @@ int wc_Des3Init(Des3* des3, void* heap, int devId) des3->heap = heap; +#ifdef WOLF_CRYPTO_CB + des3->devId = devId; + des3->devCtx = NULL; +#else + (void)devId; +#endif + #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES) ret = wolfAsync_DevCtxInit(&des3->asyncDev, WOLFSSL_ASYNC_MARKER_3DES, des3->heap, devId); -#else - (void)devId; #endif return ret; diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 7139c505e..1aa66e7c8 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -24334,7 +24334,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) #endif /* HAVE_ECC */ } else if (info->algo_type == WC_ALGO_TYPE_CIPHER) { -#ifndef NO_AES +#if !defined(NO_AES) || !defined(NO_DES3) #ifdef HAVE_AESGCM if (info->cipher.type == WC_CIPHER_AES_GCM) { if (info->cipher.enc) { @@ -24407,7 +24407,37 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) } } #endif /* HAVE_AES_CBC */ -#endif /* !NO_AES */ + #ifndef NO_DES3 + if (info->cipher.type == WC_CIPHER_DES3) { + if (info->cipher.enc) { + /* set devId to invalid, so software is used */ + info->cipher.des3.des->devId = INVALID_DEVID; + + ret = wc_Des3_CbcEncrypt( + info->cipher.des3.des, + info->cipher.des3.out, + info->cipher.des3.in, + info->cipher.des3.sz); + + /* reset devId */ + info->cipher.des3.des->devId = devIdArg; + } + else { + /* set devId to invalid, so software is used */ + info->cipher.des3.des->devId = INVALID_DEVID; + + ret = wc_Des3_CbcDecrypt( + info->cipher.des3.des, + info->cipher.des3.out, + info->cipher.des3.in, + info->cipher.des3.sz); + + /* reset devId */ + info->cipher.des3.des->devId = devIdArg; + } + } + #endif /* !NO_DES3 */ +#endif /* !NO_AES || !NO_DES3 */ } #if !defined(NO_SHA) || !defined(NO_SHA256) else if (info->algo_type == WC_ALGO_TYPE_HASH) { @@ -24527,6 +24557,10 @@ int cryptocb_test(void) ret = aes_test(); #endif #endif /* !NO_AES */ +#ifndef NO_DES3 + if (ret == 0) + ret = des3_test(); +#endif /* !NO_DES3 */ #if !defined(NO_SHA) || !defined(NO_SHA256) #ifndef NO_SHA if (ret == 0) diff --git a/wolfssl/wolfcrypt/cryptocb.h b/wolfssl/wolfcrypt/cryptocb.h index badbc248b..389c2d0b7 100644 --- a/wolfssl/wolfcrypt/cryptocb.h +++ b/wolfssl/wolfcrypt/cryptocb.h @@ -55,6 +55,10 @@ #ifndef WC_NO_RNG #include #endif +#ifndef NO_DES3 + #include +#endif + /* Crypto Information Structure for callbacks */ typedef struct wc_CryptoInfo { @@ -115,7 +119,7 @@ typedef struct wc_CryptoInfo { }; } pk; #endif /* !NO_RSA || HAVE_ECC */ -#ifndef NO_AES +#if !defined(NO_AES) || !defined(NO_DES3) struct { int type; /* enum wc_CipherType */ int enc; @@ -154,9 +158,17 @@ typedef struct wc_CryptoInfo { word32 sz; } aescbc; #endif /* HAVE_AES_CBC */ + #ifndef NO_DES3 + struct { + Des3* des; + byte* out; + const byte* in; + word32 sz; + } des3; + #endif }; } cipher; -#endif /* !NO_AES */ +#endif /* !NO_AES || !NO_DES3 */ #if !defined(NO_SHA) || !defined(NO_SHA256) struct { int type; /* enum wc_HashType */ @@ -252,6 +264,13 @@ WOLFSSL_LOCAL int wc_CryptoCb_AesCbcDecrypt(Aes* aes, byte* out, #endif /* HAVE_AES_CBC */ #endif /* !NO_AES */ +#ifndef NO_DES3 +WOLFSSL_LOCAL int wc_CryptoCb_Des3Encrypt(Des3* des3, byte* out, + const byte* in, word32 sz); +WOLFSSL_LOCAL int wc_CryptoCb_Des3Decrypt(Des3* des3, byte* out, + const byte* in, word32 sz); +#endif /* !NO_DES3 */ + #ifndef NO_SHA WOLFSSL_LOCAL int wc_CryptoCb_ShaHash(wc_Sha* sha, const byte* in, word32 inSz, byte* digest); diff --git a/wolfssl/wolfcrypt/des3.h b/wolfssl/wolfcrypt/des3.h index b169f346c..4072454be 100644 --- a/wolfssl/wolfcrypt/des3.h +++ b/wolfssl/wolfcrypt/des3.h @@ -103,6 +103,10 @@ typedef struct Des3 { const byte* key_raw; const byte* iv_raw; WC_ASYNC_DEV asyncDev; +#endif +#ifdef WOLF_CRYPTO_CB + int devId; + void* devCtx; #endif void* heap; } Des3; From 58fe2781f1a14eb657cf53dd9d427b6eb4fb5d40 Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 2 Jul 2019 14:08:59 -0700 Subject: [PATCH 2/2] Fix for `wc_CryptoCb_AesCbcEncrypt` with improper find device logic. Fix for HMAC scan-build with `ret`. Cleanup of HMAC formatting. --- wolfcrypt/src/cryptocb.c | 1 - wolfcrypt/src/hmac.c | 166 ++++++++++++++++++--------------------- 2 files changed, 78 insertions(+), 89 deletions(-) diff --git a/wolfcrypt/src/cryptocb.c b/wolfcrypt/src/cryptocb.c index 004c87e52..5e7c8fb23 100644 --- a/wolfcrypt/src/cryptocb.c +++ b/wolfcrypt/src/cryptocb.c @@ -382,7 +382,6 @@ int wc_CryptoCb_AesCbcEncrypt(Aes* aes, byte* out, dev = wc_CryptoCb_FindDeviceByIndex(0); } - dev = wc_CryptoCb_FindDevice(aes->devId); if (dev && dev->cb) { wc_CryptoInfo cryptoInfo; XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo)); diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c index 5957e6bb4..457370af4 100644 --- a/wolfcrypt/src/hmac.c +++ b/wolfcrypt/src/hmac.c @@ -252,26 +252,26 @@ int _InitHmac(Hmac* hmac, int type, void* heap) #endif /* HAVE_BLAKE2 */ #ifdef WOLFSSL_SHA3 - #ifndef WOLFSSL_NOSHA3_224 + #ifndef WOLFSSL_NOSHA3_224 case WC_SHA3_224: ret = wc_InitSha3_224(&hmac->hash.sha3, heap, INVALID_DEVID); break; - #endif - #ifndef WOLFSSL_NOSHA3_256 + #endif + #ifndef WOLFSSL_NOSHA3_256 case WC_SHA3_256: ret = wc_InitSha3_256(&hmac->hash.sha3, heap, INVALID_DEVID); break; - #endif - #ifndef WOLFSSL_NOSHA3_384 + #endif + #ifndef WOLFSSL_NOSHA3_384 case WC_SHA3_384: ret = wc_InitSha3_384(&hmac->hash.sha3, heap, INVALID_DEVID); break; - #endif - #ifndef WOLFSSL_NOSHA3_512 + #endif + #ifndef WOLFSSL_NOSHA3_512 case WC_SHA3_512: ret = wc_InitSha3_512(&hmac->hash.sha3, heap, INVALID_DEVID); break; - #endif + #endif #endif default: @@ -377,7 +377,6 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) #ifdef WOLFSSL_SHA224 case WC_SHA224: - { hmac_block_size = WC_SHA224_BLOCK_SIZE; if (length <= WC_SHA224_BLOCK_SIZE) { if (key != NULL) { @@ -394,13 +393,11 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) length = WC_SHA224_DIGEST_SIZE; } - } - break; + break; #endif /* WOLFSSL_SHA224 */ - #ifndef NO_SHA256 case WC_SHA256: - hmac_block_size = WC_SHA256_BLOCK_SIZE; + hmac_block_size = WC_SHA256_BLOCK_SIZE; if (length <= WC_SHA256_BLOCK_SIZE) { if (key != NULL) { XMEMCPY(ip, key, length); @@ -482,7 +479,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) #endif /* HAVE_BLAKE2 */ #ifdef WOLFSSL_SHA3 - #ifndef WOLFSSL_NOSHA3_224 + #ifndef WOLFSSL_NOSHA3_224 case WC_SHA3_224: hmac_block_size = WC_SHA3_224_BLOCK_SIZE; if (length <= WC_SHA3_224_BLOCK_SIZE) { @@ -501,8 +498,8 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) length = WC_SHA3_224_DIGEST_SIZE; } break; - #endif - #ifndef WOLFSSL_NOSHA3_256 + #endif + #ifndef WOLFSSL_NOSHA3_256 case WC_SHA3_256: hmac_block_size = WC_SHA3_256_BLOCK_SIZE; if (length <= WC_SHA3_256_BLOCK_SIZE) { @@ -521,8 +518,8 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) length = WC_SHA3_256_DIGEST_SIZE; } break; - #endif - #ifndef WOLFSSL_NOSHA3_384 + #endif + #ifndef WOLFSSL_NOSHA3_384 case WC_SHA3_384: hmac_block_size = WC_SHA3_384_BLOCK_SIZE; if (length <= WC_SHA3_384_BLOCK_SIZE) { @@ -541,8 +538,8 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) length = WC_SHA3_384_DIGEST_SIZE; } break; - #endif - #ifndef WOLFSSL_NOSHA3_512 + #endif + #ifndef WOLFSSL_NOSHA3_512 case WC_SHA3_512: hmac_block_size = WC_SHA3_512_BLOCK_SIZE; if (length <= WC_SHA3_512_BLOCK_SIZE) { @@ -561,7 +558,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) length = WC_SHA3_512_DIGEST_SIZE; } break; - #endif + #endif #endif /* WOLFSSL_SHA3 */ default: @@ -609,7 +606,7 @@ static int HmacKeyInnerHash(Hmac* hmac) #ifndef NO_MD5 case WC_MD5: ret = wc_Md5Update(&hmac->hash.md5, (byte*)hmac->ipad, - WC_MD5_BLOCK_SIZE); + WC_MD5_BLOCK_SIZE); break; #endif /* !NO_MD5 */ @@ -623,27 +620,26 @@ static int HmacKeyInnerHash(Hmac* hmac) #ifdef WOLFSSL_SHA224 case WC_SHA224: ret = wc_Sha224Update(&hmac->hash.sha224, (byte*)hmac->ipad, - WC_SHA224_BLOCK_SIZE); + WC_SHA224_BLOCK_SIZE); break; #endif /* WOLFSSL_SHA224 */ - #ifndef NO_SHA256 case WC_SHA256: ret = wc_Sha256Update(&hmac->hash.sha256, (byte*)hmac->ipad, - WC_SHA256_BLOCK_SIZE); + WC_SHA256_BLOCK_SIZE); break; #endif /* !NO_SHA256 */ #ifdef WOLFSSL_SHA384 case WC_SHA384: ret = wc_Sha384Update(&hmac->hash.sha384, (byte*)hmac->ipad, - WC_SHA384_BLOCK_SIZE); + WC_SHA384_BLOCK_SIZE); break; #endif /* WOLFSSL_SHA384 */ #ifdef WOLFSSL_SHA512 case WC_SHA512: ret = wc_Sha512Update(&hmac->hash.sha512, (byte*)hmac->ipad, - WC_SHA512_BLOCK_SIZE); + WC_SHA512_BLOCK_SIZE); break; #endif /* WOLFSSL_SHA512 */ @@ -655,30 +651,30 @@ static int HmacKeyInnerHash(Hmac* hmac) #endif /* HAVE_BLAKE2 */ #ifdef WOLFSSL_SHA3 - #ifndef WOLFSSL_NOSHA3_224 + #ifndef WOLFSSL_NOSHA3_224 case WC_SHA3_224: ret = wc_Sha3_224_Update(&hmac->hash.sha3, (byte*)hmac->ipad, - WC_SHA3_224_BLOCK_SIZE); + WC_SHA3_224_BLOCK_SIZE); break; - #endif - #ifndef WOLFSSL_NOSHA3_256 + #endif + #ifndef WOLFSSL_NOSHA3_256 case WC_SHA3_256: ret = wc_Sha3_256_Update(&hmac->hash.sha3, (byte*)hmac->ipad, - WC_SHA3_256_BLOCK_SIZE); + WC_SHA3_256_BLOCK_SIZE); break; - #endif - #ifndef WOLFSSL_NOSHA3_384 + #endif + #ifndef WOLFSSL_NOSHA3_384 case WC_SHA3_384: ret = wc_Sha3_384_Update(&hmac->hash.sha3, (byte*)hmac->ipad, - WC_SHA3_384_BLOCK_SIZE); + WC_SHA3_384_BLOCK_SIZE); break; - #endif - #ifndef WOLFSSL_NOSHA3_512 + #endif + #ifndef WOLFSSL_NOSHA3_512 case WC_SHA3_512: ret = wc_Sha3_512_Update(&hmac->hash.sha3, (byte*)hmac->ipad, - WC_SHA3_512_BLOCK_SIZE); + WC_SHA3_512_BLOCK_SIZE); break; - #endif + #endif #endif /* WOLFSSL_SHA3 */ default: @@ -771,26 +767,26 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length) #endif /* HAVE_BLAKE2 */ #ifdef WOLFSSL_SHA3 - #ifndef WOLFSSL_NOSHA3_224 + #ifndef WOLFSSL_NOSHA3_224 case WC_SHA3_224: ret = wc_Sha3_224_Update(&hmac->hash.sha3, msg, length); break; - #endif - #ifndef WOLFSSL_NOSHA3_256 + #endif + #ifndef WOLFSSL_NOSHA3_256 case WC_SHA3_256: ret = wc_Sha3_256_Update(&hmac->hash.sha3, msg, length); break; - #endif - #ifndef WOLFSSL_NOSHA3_384 + #endif + #ifndef WOLFSSL_NOSHA3_384 case WC_SHA3_384: ret = wc_Sha3_384_Update(&hmac->hash.sha3, msg, length); break; - #endif - #ifndef WOLFSSL_NOSHA3_512 + #endif + #ifndef WOLFSSL_NOSHA3_512 case WC_SHA3_512: ret = wc_Sha3_512_Update(&hmac->hash.sha3, msg, length); break; - #endif + #endif #endif /* WOLFSSL_SHA3 */ default: @@ -815,7 +811,6 @@ int wc_HmacFinal(Hmac* hmac, byte* hash) if (ret != CRYPTOCB_UNAVAILABLE) return ret; /* fall-through when unavailable */ - ret = 0; /* reset error code */ } #endif #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC) @@ -848,11 +843,11 @@ int wc_HmacFinal(Hmac* hmac, byte* hash) if (ret != 0) break; ret = wc_Md5Update(&hmac->hash.md5, (byte*)hmac->opad, - WC_MD5_BLOCK_SIZE); + WC_MD5_BLOCK_SIZE); if (ret != 0) break; ret = wc_Md5Update(&hmac->hash.md5, (byte*)hmac->innerHash, - WC_MD5_DIGEST_SIZE); + WC_MD5_DIGEST_SIZE); if (ret != 0) break; ret = wc_Md5Final(&hmac->hash.md5, hash); @@ -878,36 +873,33 @@ int wc_HmacFinal(Hmac* hmac, byte* hash) #ifdef WOLFSSL_SHA224 case WC_SHA224: - { ret = wc_Sha224Final(&hmac->hash.sha224, (byte*)hmac->innerHash); if (ret != 0) break; ret = wc_Sha224Update(&hmac->hash.sha224, (byte*)hmac->opad, - WC_SHA224_BLOCK_SIZE); + WC_SHA224_BLOCK_SIZE); if (ret != 0) break; ret = wc_Sha224Update(&hmac->hash.sha224, (byte*)hmac->innerHash, - WC_SHA224_DIGEST_SIZE); + WC_SHA224_DIGEST_SIZE); if (ret != 0) break; ret = wc_Sha224Final(&hmac->hash.sha224, hash); if (ret != 0) break; - } - break; + break; #endif /* WOLFSSL_SHA224 */ - #ifndef NO_SHA256 case WC_SHA256: ret = wc_Sha256Final(&hmac->hash.sha256, (byte*)hmac->innerHash); if (ret != 0) break; ret = wc_Sha256Update(&hmac->hash.sha256, (byte*)hmac->opad, - WC_SHA256_BLOCK_SIZE); + WC_SHA256_BLOCK_SIZE); if (ret != 0) break; ret = wc_Sha256Update(&hmac->hash.sha256, (byte*)hmac->innerHash, - WC_SHA256_DIGEST_SIZE); + WC_SHA256_DIGEST_SIZE); if (ret != 0) break; ret = wc_Sha256Final(&hmac->hash.sha256, hash); @@ -920,11 +912,11 @@ int wc_HmacFinal(Hmac* hmac, byte* hash) if (ret != 0) break; ret = wc_Sha384Update(&hmac->hash.sha384, (byte*)hmac->opad, - WC_SHA384_BLOCK_SIZE); + WC_SHA384_BLOCK_SIZE); if (ret != 0) break; ret = wc_Sha384Update(&hmac->hash.sha384, (byte*)hmac->innerHash, - WC_SHA384_DIGEST_SIZE); + WC_SHA384_DIGEST_SIZE); if (ret != 0) break; ret = wc_Sha384Final(&hmac->hash.sha384, hash); @@ -936,11 +928,11 @@ int wc_HmacFinal(Hmac* hmac, byte* hash) if (ret != 0) break; ret = wc_Sha512Update(&hmac->hash.sha512, (byte*)hmac->opad, - WC_SHA512_BLOCK_SIZE); + WC_SHA512_BLOCK_SIZE); if (ret != 0) break; ret = wc_Sha512Update(&hmac->hash.sha512, (byte*)hmac->innerHash, - WC_SHA512_DIGEST_SIZE); + WC_SHA512_DIGEST_SIZE); if (ret != 0) break; ret = wc_Sha512Final(&hmac->hash.sha512, hash); @@ -966,70 +958,70 @@ int wc_HmacFinal(Hmac* hmac, byte* hash) #endif /* HAVE_BLAKE2 */ #ifdef WOLFSSL_SHA3 - #ifndef WOLFSSL_NOSHA3_224 + #ifndef WOLFSSL_NOSHA3_224 case WC_SHA3_224: ret = wc_Sha3_224_Final(&hmac->hash.sha3, (byte*)hmac->innerHash); if (ret != 0) break; ret = wc_Sha3_224_Update(&hmac->hash.sha3, (byte*)hmac->opad, - WC_SHA3_224_BLOCK_SIZE); + WC_SHA3_224_BLOCK_SIZE); if (ret != 0) break; ret = wc_Sha3_224_Update(&hmac->hash.sha3, (byte*)hmac->innerHash, - WC_SHA3_224_DIGEST_SIZE); + WC_SHA3_224_DIGEST_SIZE); if (ret != 0) break; ret = wc_Sha3_224_Final(&hmac->hash.sha3, hash); break; - #endif - #ifndef WOLFSSL_NOSHA3_256 + #endif + #ifndef WOLFSSL_NOSHA3_256 case WC_SHA3_256: ret = wc_Sha3_256_Final(&hmac->hash.sha3, (byte*)hmac->innerHash); if (ret != 0) break; ret = wc_Sha3_256_Update(&hmac->hash.sha3, (byte*)hmac->opad, - WC_SHA3_256_BLOCK_SIZE); + WC_SHA3_256_BLOCK_SIZE); if (ret != 0) break; ret = wc_Sha3_256_Update(&hmac->hash.sha3, (byte*)hmac->innerHash, - WC_SHA3_256_DIGEST_SIZE); + WC_SHA3_256_DIGEST_SIZE); if (ret != 0) break; ret = wc_Sha3_256_Final(&hmac->hash.sha3, hash); break; - #endif - #ifndef WOLFSSL_NOSHA3_384 + #endif + #ifndef WOLFSSL_NOSHA3_384 case WC_SHA3_384: ret = wc_Sha3_384_Final(&hmac->hash.sha3, (byte*)hmac->innerHash); if (ret != 0) break; ret = wc_Sha3_384_Update(&hmac->hash.sha3, (byte*)hmac->opad, - WC_SHA3_384_BLOCK_SIZE); + WC_SHA3_384_BLOCK_SIZE); if (ret != 0) break; ret = wc_Sha3_384_Update(&hmac->hash.sha3, (byte*)hmac->innerHash, - WC_SHA3_384_DIGEST_SIZE); + WC_SHA3_384_DIGEST_SIZE); if (ret != 0) break; ret = wc_Sha3_384_Final(&hmac->hash.sha3, hash); break; - #endif - #ifndef WOLFSSL_NOSHA3_512 + #endif + #ifndef WOLFSSL_NOSHA3_512 case WC_SHA3_512: ret = wc_Sha3_512_Final(&hmac->hash.sha3, (byte*)hmac->innerHash); if (ret != 0) break; ret = wc_Sha3_512_Update(&hmac->hash.sha3, (byte*)hmac->opad, - WC_SHA3_512_BLOCK_SIZE); + WC_SHA3_512_BLOCK_SIZE); if (ret != 0) break; ret = wc_Sha3_512_Update(&hmac->hash.sha3, (byte*)hmac->innerHash, - WC_SHA3_512_DIGEST_SIZE); + WC_SHA3_512_DIGEST_SIZE); if (ret != 0) break; ret = wc_Sha3_512_Final(&hmac->hash.sha3, hash); break; - #endif + #endif #endif /* WOLFSSL_SHA3 */ default: @@ -1127,7 +1119,6 @@ void wc_HmacFree(Hmac* hmac) wc_Sha224Free(&hmac->hash.sha224); break; #endif /* WOLFSSL_SHA224 */ - #ifndef NO_SHA256 case WC_SHA256: wc_Sha256Free(&hmac->hash.sha256); @@ -1151,26 +1142,26 @@ void wc_HmacFree(Hmac* hmac) #endif /* HAVE_BLAKE2 */ #ifdef WOLFSSL_SHA3 - #ifndef WOLFSSL_NOSHA3_224 + #ifndef WOLFSSL_NOSHA3_224 case WC_SHA3_224: wc_Sha3_224_Free(&hmac->hash.sha3); break; - #endif - #ifndef WOLFSSL_NOSHA3_256 + #endif + #ifndef WOLFSSL_NOSHA3_256 case WC_SHA3_256: wc_Sha3_256_Free(&hmac->hash.sha3); break; - #endif - #ifndef WOLFSSL_NOSHA3_384 + #endif + #ifndef WOLFSSL_NOSHA3_384 case WC_SHA3_384: wc_Sha3_384_Free(&hmac->hash.sha3); break; - #endif - #ifndef WOLFSSL_NOSHA3_512 + #endif + #ifndef WOLFSSL_NOSHA3_512 case WC_SHA3_512: wc_Sha3_512_Free(&hmac->hash.sha3); break; - #endif + #endif #endif /* WOLFSSL_SHA3 */ default: @@ -1199,7 +1190,6 @@ void wc_HmacFree(Hmac* hmac) wc_Sha224Free(&hmac->hash.sha224); break; #endif /* WOLFSSL_SHA224 */ - #ifndef NO_SHA256 case WC_SHA256: wc_Sha256Free(&hmac->hash.sha256);