wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-03 20:54:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

debugging on name change

Browse Source
This commit is contained in:
Jacob Barthelmeh
2015-01-01 07:33:07 -07:00
parent 98fa85ed83
commit 5365bdb06c
22 changed files with 1189 additions and 7539 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
Makefile.am
View File

@@ -75,7 +75,6 @@ include wolfcrypt/test/include.am
if BUILD_FIPS if BUILD_FIPS
include ctaocrypt/src/include.am include ctaocrypt/src/include.am
include ctaocrypt/test/include.am
endif endif
include examples/client/include.am include examples/client/include.am
@@ -137,7 +136,7 @@ maintainer-clean-local:
-rm m4/ltsugar.m4 -rm m4/ltsugar.m4
-rm m4/ltversion.m4 -rm m4/ltversion.m4
-rm m4/lt~obsolete.m4 -rm m4/lt~obsolete.m4
-rm support/cyassl.pc -rm support/wolfssl.pc
find . -type f -name '*~' -exec rm -f '{}' \; find . -type f -name '*~' -exec rm -f '{}' \;
-rm -f @PACKAGE@-*.tar.gz -rm -f @PACKAGE@-*.tar.gz
-rm -f @PACKAGE@-*.rpm -rm -f @PACKAGE@-*.rpm

1595
ctaocrypt/benchmark/benchmark.c
View File

File diff suppressed because it is too large Load Diff

20
ctaocrypt/benchmark/benchmark.sln
View File

@@ -1,20 +0,0 @@

Microsoft Visual Studio Solution File, Format Version 9.00
# Visual C++ Express 2005
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "benchmark", "benchmark.vcproj", "{615AEC46-5595-4DEA-9490-DBD5DE0F8772}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Win32 = Debug|Win32
Release|Win32 = Release|Win32
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{615AEC46-5595-4DEA-9490-DBD5DE0F8772}.Debug|Win32.ActiveCfg = Debug|Win32
{615AEC46-5595-4DEA-9490-DBD5DE0F8772}.Debug|Win32.Build.0 = Debug|Win32
{615AEC46-5595-4DEA-9490-DBD5DE0F8772}.Release|Win32.ActiveCfg = Release|Win32
{615AEC46-5595-4DEA-9490-DBD5DE0F8772}.Release|Win32.Build.0 = Release|Win32
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
EndGlobal

195
ctaocrypt/benchmark/benchmark.vcproj
View File

@@ -1,195 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<VisualStudioProject
ProjectType="Visual C++"
Version="8.00"
Name="benchmark"
ProjectGUID="{615AEC46-5595-4DEA-9490-DBD5DE0F8772}"
Keyword="Win32Proj"
>
<Platforms>
<Platform
Name="Win32"
/>
</Platforms>
<ToolFiles>
</ToolFiles>
<Configurations>
<Configuration
Name="Debug|Win32"
OutputDirectory="Debug"
IntermediateDirectory="Debug"
ConfigurationType="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="../include"
PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
UsePrecompiledHeader="0"
WarningLevel="3"
Detect64BitPortabilityProblems="true"
DebugInformationFormat="4"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLinkerTool"
LinkIncremental="2"
GenerateDebugInformation="true"
SubSystem="1"
TargetMachine="1"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCManifestTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCAppVerifierTool"
/>
<Tool
Name="VCWebDeploymentTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
<Configuration
Name="Release|Win32"
OutputDirectory="Release"
IntermediateDirectory="Release"
ConfigurationType="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
AdditionalIncludeDirectories="../include"
PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;"
RuntimeLibrary="2"
UsePrecompiledHeader="0"
WarningLevel="3"
Detect64BitPortabilityProblems="true"
DebugInformationFormat="3"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLinkerTool"
LinkIncremental="2"
GenerateDebugInformation="true"
SubSystem="1"
OptimizeReferences="2"
EnableCOMDATFolding="2"
TargetMachine="1"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCManifestTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCAppVerifierTool"
/>
<Tool
Name="VCWebDeploymentTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
</Configurations>
<References>
</References>
<Files>
<Filter
Name="Header Files"
Filter="h;hpp;hxx;hm;inl;inc;xsd"
UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
>
</Filter>
<Filter
Name="Resource Files"
Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx"
UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
>
</Filter>
<Filter
Name="Source Files"
Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
>
<File
RelativePath=".\benchmark.c"
>
</File>
</Filter>
</Files>
<Globals>
</Globals>
</VisualStudioProject>

10
ctaocrypt/benchmark/include.am
View File

@@ -1,10 +0,0 @@
# vim:ft=automake
# All paths should be given relative to the root
noinst_PROGRAMS += ctaocrypt/benchmark/benchmark
ctaocrypt_benchmark_benchmark_SOURCES = ctaocrypt/benchmark/benchmark.c
ctaocrypt_benchmark_benchmark_LDADD = src/libwolfssl.la
ctaocrypt_benchmark_benchmark_DEPENDENCIES = src/libwolfssl.la
EXTRA_DIST += ctaocrypt/benchmark/benchmark.sln
EXTRA_DIST += ctaocrypt/benchmark/benchmark.vcproj
DISTCLEANFILES+= ctaocrypt/benchmark/.libs/benchmark

11
ctaocrypt/test/include.am
View File

@@ -1,11 +0,0 @@
# vim:ft=automake
# All paths should be given relative to the root
noinst_PROGRAMS+= ctaocrypt/test/testctaocrypt
ctaocrypt_test_testctaocrypt_SOURCES = ctaocrypt/test/test.c
ctaocrypt_test_testctaocrypt_LDADD = src/libwolfssl.la
ctaocrypt_test_testctaocrypt_DEPENDENCIES = src/libwolfssl.la
noinst_HEADERS += ctaocrypt/test/test.h
EXTRA_DIST += ctaocrypt/test/test.sln
EXTRA_DIST += ctaocrypt/test/test.vcproj
DISTCLEANFILES+= ctaocrypt/test/.libs/testctaocrypt

5293
ctaocrypt/test/test.c
View File

File diff suppressed because it is too large Load Diff

33
ctaocrypt/test/test.h
View File

@@ -1,33 +0,0 @@
/* ctaocrypt/test/test.h
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#pragma once
#ifdef __cplusplus
extern "C" {
#endif
int ctaocrypt_test(void* args);
#ifdef __cplusplus
} /* extern "C" */
#endif

20
ctaocrypt/test/test.sln
View File

@@ -1,20 +0,0 @@

Microsoft Visual Studio Solution File, Format Version 9.00
# Visual C++ Express 2005
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "test", "test.vcproj", "{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Win32 = Debug|Win32
Release|Win32 = Release|Win32
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}.Debug|Win32.ActiveCfg = Debug|Win32
{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}.Debug|Win32.Build.0 = Debug|Win32
{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}.Release|Win32.ActiveCfg = Release|Win32
{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}.Release|Win32.Build.0 = Release|Win32
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
EndGlobal

195
ctaocrypt/test/test.vcproj
View File

@@ -1,195 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<VisualStudioProject
ProjectType="Visual C++"
Version="8.00"
Name="test"
ProjectGUID="{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}"
Keyword="Win32Proj"
>
<Platforms>
<Platform
Name="Win32"
/>
</Platforms>
<ToolFiles>
</ToolFiles>
<Configurations>
<Configuration
Name="Debug|Win32"
OutputDirectory="Debug"
IntermediateDirectory="Debug"
ConfigurationType="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="../include;../../include/openssl"
PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
UsePrecompiledHeader="0"
WarningLevel="3"
Detect64BitPortabilityProblems="true"
DebugInformationFormat="4"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLinkerTool"
LinkIncremental="2"
GenerateDebugInformation="true"
SubSystem="1"
TargetMachine="1"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCManifestTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCAppVerifierTool"
/>
<Tool
Name="VCWebDeploymentTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
<Configuration
Name="Release|Win32"
OutputDirectory="Release"
IntermediateDirectory="Release"
ConfigurationType="1"
>
<Tool
Name="VCPreBuildEventTool"
/>
<Tool
Name="VCCustomBuildTool"
/>
<Tool
Name="VCXMLDataGeneratorTool"
/>
<Tool
Name="VCWebServiceProxyGeneratorTool"
/>
<Tool
Name="VCMIDLTool"
/>
<Tool
Name="VCCLCompilerTool"
AdditionalIncludeDirectories="../include;../../include/openssl"
PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;"
RuntimeLibrary="2"
UsePrecompiledHeader="0"
WarningLevel="3"
Detect64BitPortabilityProblems="true"
DebugInformationFormat="3"
/>
<Tool
Name="VCManagedResourceCompilerTool"
/>
<Tool
Name="VCResourceCompilerTool"
/>
<Tool
Name="VCPreLinkEventTool"
/>
<Tool
Name="VCLinkerTool"
LinkIncremental="2"
GenerateDebugInformation="true"
SubSystem="1"
OptimizeReferences="2"
EnableCOMDATFolding="2"
TargetMachine="1"
/>
<Tool
Name="VCALinkTool"
/>
<Tool
Name="VCManifestTool"
/>
<Tool
Name="VCXDCMakeTool"
/>
<Tool
Name="VCBscMakeTool"
/>
<Tool
Name="VCFxCopTool"
/>
<Tool
Name="VCAppVerifierTool"
/>
<Tool
Name="VCWebDeploymentTool"
/>
<Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
</Configurations>
<References>
</References>
<Files>
<Filter
Name="Header Files"
Filter="h;hpp;hxx;hm;inl;inc;xsd"
UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
>
</Filter>
<Filter
Name="Resource Files"
Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx"
UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
>
</Filter>
<Filter
Name="Source Files"
Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
>
<File
RelativePath=".\test.c"
>
</File>
</Filter>
</Files>
<Globals>
</Globals>
</VisualStudioProject>

2
fips-check.sh
View File

@@ -44,7 +44,7 @@ done
make make
[ $? -ne 0 ] && echo -e "\n\nMake failed. Debris left for analysis." && exit 1 [ $? -ne 0 ] && echo -e "\n\nMake failed. Debris left for analysis." && exit 1
NEWHASH=`./ctaocrypt/test/testctaocrypt | sed -n 's/hash = \(.*\)/\1/p'` NEWHASH=`./wolfcrypt/test/testwolfcrypt | sed -n 's/hash = \(.*\)/\1/p'`
if [ -n "$NEWHASH" ]; then if [ -n "$NEWHASH" ]; then
sed -i.bak "s/^\".*\";/\"${NEWHASH}\";/" $WC_SRC_PATH/fips_test.c sed -i.bak "s/^\".*\";/\"${NEWHASH}\";/" $WC_SRC_PATH/fips_test.c
make clean make clean

198
src/internal.c
View File

@@ -1799,7 +1799,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
#ifndef NO_MD5 #ifndef NO_MD5
InitMd5(&ssl->hashMd5); wc_InitMd5(&ssl->hashMd5);
#endif #endif
#ifndef NO_SHA #ifndef NO_SHA
ret = InitSha(&ssl->hashSha); ret = InitSha(&ssl->hashSha);
@@ -1815,7 +1815,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
} }
#endif #endif
#ifdef WOLFSSL_SHA384 #ifdef WOLFSSL_SHA384
ret = InitSha384(&ssl->hashSha384); ret = wc_InitSha384(&ssl->hashSha384);
if (ret != 0) { if (ret != 0) {
return ret; return ret;
} }
@@ -1859,7 +1859,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
return MEMORY_E; return MEMORY_E;
} }
if ( (ret = InitRng(ssl->rng)) != 0) { if ( (ret = wc_InitRng(ssl->rng)) != 0) {
WOLFSSL_MSG("RNG Init error"); WOLFSSL_MSG("RNG Init error");
return ret; return ret;
} }
@@ -1967,7 +1967,7 @@ void SSL_ResourceFree(WOLFSSL* ssl)
FreeCiphers(ssl); FreeCiphers(ssl);
FreeArrays(ssl, 0); FreeArrays(ssl, 0);
#if defined(HAVE_HASHDRBG) || defined(NO_RC4) #if defined(HAVE_HASHDRBG) || defined(NO_RC4)
FreeRng(ssl->rng); wc_FreeRng(ssl->rng);
#endif #endif
XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG); XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES); XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES);
@@ -2084,7 +2084,7 @@ void FreeHandshakeResources(WOLFSSL* ssl)
/* RNG */ /* RNG */
if (ssl->specs.cipher_type == stream || ssl->options.tls1_1 == 0) { if (ssl->specs.cipher_type == stream || ssl->options.tls1_1 == 0) {
#if defined(HAVE_HASHDRBG) || defined(NO_RC4) #if defined(HAVE_HASHDRBG) || defined(NO_RC4)
FreeRng(ssl->rng); wc_FreeRng(ssl->rng);
#endif #endif
XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG); XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
ssl->rng = NULL; ssl->rng = NULL;
@@ -2623,7 +2623,7 @@ static int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz)
ShaUpdate(&ssl->hashSha, adj, sz); ShaUpdate(&ssl->hashSha, adj, sz);
#endif #endif
#ifndef NO_MD5 #ifndef NO_MD5
Md5Update(&ssl->hashMd5, adj, sz); wc_Md5Update(&ssl->hashMd5, adj, sz);
#endif #endif
#endif #endif
@@ -2636,7 +2636,7 @@ static int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz)
return ret; return ret;
#endif #endif
#ifdef WOLFSSL_SHA384 #ifdef WOLFSSL_SHA384
ret = Sha384Update(&ssl->hashSha384, adj, sz); ret = wc_Sha384Update(&ssl->hashSha384, adj, sz);
if (ret != 0) if (ret != 0)
return ret; return ret;
#endif #endif
@@ -2664,7 +2664,7 @@ static int HashInput(WOLFSSL* ssl, const byte* input, int sz)
ShaUpdate(&ssl->hashSha, adj, sz); ShaUpdate(&ssl->hashSha, adj, sz);
#endif #endif
#ifndef NO_MD5 #ifndef NO_MD5
Md5Update(&ssl->hashMd5, adj, sz); wc_Md5Update(&ssl->hashMd5, adj, sz);
#endif #endif
#endif #endif
@@ -2677,7 +2677,7 @@ static int HashInput(WOLFSSL* ssl, const byte* input, int sz)
return ret; return ret;
#endif #endif
#ifdef WOLFSSL_SHA384 #ifdef WOLFSSL_SHA384
ret = Sha384Update(&ssl->hashSha384, adj, sz); ret = wc_Sha384Update(&ssl->hashSha384, adj, sz);
if (ret != 0) if (ret != 0)
return ret; return ret;
#endif #endif
@@ -3195,17 +3195,17 @@ static void BuildMD5(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
byte md5_result[MD5_DIGEST_SIZE]; byte md5_result[MD5_DIGEST_SIZE];
/* make md5 inner */ /* make md5 inner */
Md5Update(&ssl->hashMd5, sender, SIZEOF_SENDER); wc_Md5Update(&ssl->hashMd5, sender, SIZEOF_SENDER);
Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN); wc_Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN);
Md5Update(&ssl->hashMd5, PAD1, PAD_MD5); wc_Md5Update(&ssl->hashMd5, PAD1, PAD_MD5);
Md5Final(&ssl->hashMd5, md5_result); wc_Md5Final(&ssl->hashMd5, md5_result);
/* make md5 outer */ /* make md5 outer */
Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN); wc_Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN);
Md5Update(&ssl->hashMd5, PAD2, PAD_MD5); wc_Md5Update(&ssl->hashMd5, PAD2, PAD_MD5);
Md5Update(&ssl->hashMd5, md5_result, MD5_DIGEST_SIZE); wc_Md5Update(&ssl->hashMd5, md5_result, MD5_DIGEST_SIZE);
Md5Final(&ssl->hashMd5, hashes->md5); wc_Md5Final(&ssl->hashMd5, hashes->md5);
} }
@@ -5989,10 +5989,10 @@ static INLINE void Md5Rounds(int rounds, const byte* data, int sz)
Md5 md5; Md5 md5;
int i; int i;
InitMd5(&md5); wc_InitMd5(&md5);
for (i = 0; i < rounds; i++) for (i = 0; i < rounds; i++)
Md5Update(&md5, data, sz); wc_Md5Update(&md5, data, sz);
} }
@@ -6037,10 +6037,10 @@ static INLINE void Sha384Rounds(int rounds, const byte* data, int sz)
Sha384 sha384; Sha384 sha384;
int i; int i;
InitSha384(&sha384); /* no error check on purpose, dummy round */ wc_InitSha384(&sha384); /* no error check on purpose, dummy round */
for (i = 0; i < rounds; i++) { for (i = 0; i < rounds; i++) {
Sha384Update(&sha384, data, sz); wc_Sha384Update(&sha384, data, sz);
/* no error check on purpose, dummy round */ /* no error check on purpose, dummy round */
} }
} }
@@ -6055,10 +6055,10 @@ static INLINE void Sha512Rounds(int rounds, const byte* data, int sz)
Sha512 sha512; Sha512 sha512;
int i; int i;
InitSha512(&sha512); /* no error check on purpose, dummy round */ wc_InitSha512(&sha512); /* no error check on purpose, dummy round */
for (i = 0; i < rounds; i++) { for (i = 0; i < rounds; i++) {
Sha512Update(&sha512, data, sz); wc_Sha512Update(&sha512, data, sz);
/* no error check on purpose, dummy round */ /* no error check on purpose, dummy round */
} }
} }
@@ -6996,38 +6996,38 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
c32toa(GetSEQIncrement(ssl, verify), &seq[sizeof(word32)]); c32toa(GetSEQIncrement(ssl, verify), &seq[sizeof(word32)]);
if (ssl->specs.mac_algorithm == md5_mac) { if (ssl->specs.mac_algorithm == md5_mac) {
InitMd5(&md5); wc_InitMd5(&md5);
/* inner */ /* inner */
Md5Update(&md5, macSecret, digestSz); wc_Md5Update(&md5, macSecret, digestSz);
Md5Update(&md5, PAD1, padSz); wc_Md5Update(&md5, PAD1, padSz);
Md5Update(&md5, seq, SEQ_SZ); wc_Md5Update(&md5, seq, SEQ_SZ);
Md5Update(&md5, conLen, sizeof(conLen)); wc_Md5Update(&md5, conLen, sizeof(conLen));
/* in buffer */ /* in buffer */
Md5Update(&md5, in, sz); wc_Md5Update(&md5, in, sz);
Md5Final(&md5, result); wc_Md5Final(&md5, result);
/* outer */ /* outer */
Md5Update(&md5, macSecret, digestSz); wc_Md5Update(&md5, macSecret, digestSz);
Md5Update(&md5, PAD2, padSz); wc_Md5Update(&md5, PAD2, padSz);
Md5Update(&md5, result, digestSz); wc_Md5Update(&md5, result, digestSz);
Md5Final(&md5, digest); wc_Md5Final(&md5, digest);
} }
else { else {
ret = InitSha(&sha); ret = wc_InitSha(&sha);
if (ret != 0) if (ret != 0)
return ret; return ret;
/* inner */ /* inner */
ShaUpdate(&sha, macSecret, digestSz); wc_ShaUpdate(&sha, macSecret, digestSz);
ShaUpdate(&sha, PAD1, padSz); wc_ShaUpdate(&sha, PAD1, padSz);
ShaUpdate(&sha, seq, SEQ_SZ); wc_ShaUpdate(&sha, seq, SEQ_SZ);
ShaUpdate(&sha, conLen, sizeof(conLen)); wc_ShaUpdate(&sha, conLen, sizeof(conLen));
/* in buffer */ /* in buffer */
ShaUpdate(&sha, in, sz); wc_ShaUpdate(&sha, in, sz);
ShaFinal(&sha, result); wc_ShaFinal(&sha, result);
/* outer */ /* outer */
ShaUpdate(&sha, macSecret, digestSz); wc_ShaUpdate(&sha, macSecret, digestSz);
ShaUpdate(&sha, PAD2, padSz); wc_ShaUpdate(&sha, PAD2, padSz);
ShaUpdate(&sha, result, digestSz); wc_ShaUpdate(&sha, result, digestSz);
ShaFinal(&sha, digest); wc_ShaFinal(&sha, digest);
} }
return 0; return 0;
} }
@@ -7038,16 +7038,16 @@ static void BuildMD5_CertVerify(WOLFSSL* ssl, byte* digest)
byte md5_result[MD5_DIGEST_SIZE]; byte md5_result[MD5_DIGEST_SIZE];
/* make md5 inner */ /* make md5 inner */
Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN); wc_Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN);
Md5Update(&ssl->hashMd5, PAD1, PAD_MD5); wc_Md5Update(&ssl->hashMd5, PAD1, PAD_MD5);
Md5Final(&ssl->hashMd5, md5_result); wc_Md5Final(&ssl->hashMd5, md5_result);
/* make md5 outer */ /* make md5 outer */
Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN); wc_Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN);
Md5Update(&ssl->hashMd5, PAD2, PAD_MD5); wc_Md5Update(&ssl->hashMd5, PAD2, PAD_MD5);
Md5Update(&ssl->hashMd5, md5_result, MD5_DIGEST_SIZE); wc_Md5Update(&ssl->hashMd5, md5_result, MD5_DIGEST_SIZE);
Md5Final(&ssl->hashMd5, digest); wc_Md5Final(&ssl->hashMd5, digest);
} }
@@ -7056,16 +7056,16 @@ static void BuildSHA_CertVerify(WOLFSSL* ssl, byte* digest)
byte sha_result[SHA_DIGEST_SIZE]; byte sha_result[SHA_DIGEST_SIZE];
/* make sha inner */ /* make sha inner */
ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN); wc_ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN);
ShaUpdate(&ssl->hashSha, PAD1, PAD_SHA); wc_ShaUpdate(&ssl->hashSha, PAD1, PAD_SHA);
ShaFinal(&ssl->hashSha, sha_result); wc_ShaFinal(&ssl->hashSha, sha_result);
/* make sha outer */ /* make sha outer */
ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN); wc_ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN);
ShaUpdate(&ssl->hashSha, PAD2, PAD_SHA); wc_ShaUpdate(&ssl->hashSha, PAD2, PAD_SHA);
ShaUpdate(&ssl->hashSha, sha_result, SHA_DIGEST_SIZE); wc_ShaUpdate(&ssl->hashSha, sha_result, SHA_DIGEST_SIZE);
ShaFinal(&ssl->hashSha, digest); wc_ShaFinal(&ssl->hashSha, digest);
} }
#endif /* NO_CERTS */ #endif /* NO_CERTS */
#endif /* NO_OLD_TLS */ #endif /* NO_OLD_TLS */
@@ -7089,19 +7089,19 @@ static int BuildCertHashes(WOLFSSL* ssl, Hashes* hashes)
if (ssl->options.tls) { if (ssl->options.tls) {
#if ! defined( NO_OLD_TLS ) #if ! defined( NO_OLD_TLS )
Md5Final(&ssl->hashMd5, hashes->md5); wc_Md5Final(&ssl->hashMd5, hashes->md5);
ShaFinal(&ssl->hashSha, hashes->sha); wc_ShaFinal(&ssl->hashSha, hashes->sha);
#endif #endif
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
int ret; int ret;
#ifndef NO_SHA256 #ifndef NO_SHA256
ret = Sha256Final(&ssl->hashSha256, hashes->sha256); ret = wc_Sha256Final(&ssl->hashSha256, hashes->sha256);
if (ret != 0) if (ret != 0)
return ret; return ret;
#endif #endif
#ifdef WOLFSSL_SHA384 #ifdef WOLFSSL_SHA384
ret = Sha384Final(&ssl->hashSha384, hashes->sha384); ret = wc_Sha384Final(&ssl->hashSha384, hashes->sha384);
if (ret != 0) if (ret != 0)
return ret; return ret;
#endif #endif
@@ -7173,7 +7173,7 @@ static int BuildMessage(WOLFSSL* ssl, byte* output, int outSz,
if (ivSz > (word32)sizeof(iv)) if (ivSz > (word32)sizeof(iv))
return BUFFER_E; return BUFFER_E;
ret = RNG_GenerateBlock(ssl->rng, iv, ivSz); ret = wc_RNG_GenerateBlock(ssl->rng, iv, ivSz);
if (ret != 0) if (ret != 0)
return ret; return ret;
@@ -9312,7 +9312,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
/* then random */ /* then random */
if (ssl->options.connectState == CONNECT_BEGIN) { if (ssl->options.connectState == CONNECT_BEGIN) {
ret = RNG_GenerateBlock(ssl->rng, output + idx, RAN_LEN); ret = wc_RNG_GenerateBlock(ssl->rng, output + idx, RAN_LEN);
if (ret != 0) if (ret != 0)
return ret; return ret;
@@ -10125,11 +10125,11 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
if (md5 == NULL) if (md5 == NULL)
ERROR_OUT(MEMORY_E, done); ERROR_OUT(MEMORY_E, done);
#endif #endif
InitMd5(md5); wc_InitMd5(md5);
Md5Update(md5, ssl->arrays->clientRandom, RAN_LEN); wc_Md5Update(md5, ssl->arrays->clientRandom, RAN_LEN);
Md5Update(md5, ssl->arrays->serverRandom, RAN_LEN); wc_Md5Update(md5, ssl->arrays->serverRandom, RAN_LEN);
Md5Update(md5, messageVerify, verifySz); wc_Md5Update(md5, messageVerify, verifySz);
Md5Final(md5, hash); wc_Md5Final(md5, hash);
/* sha */ /* sha */
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
@@ -10173,10 +10173,10 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
if (sha384 == NULL || hash384 == NULL) if (sha384 == NULL || hash384 == NULL)
ERROR_OUT(MEMORY_E, done); ERROR_OUT(MEMORY_E, done);
#endif #endif
if (!(ret = InitSha384(sha384)) if (!(ret = wc_InitSha384(sha384))
&& !(ret = Sha384Update(sha384, ssl->arrays->clientRandom, RAN_LEN)) && !(ret = wc_Sha384Update(sha384, ssl->arrays->clientRandom, RAN_LEN))
&& !(ret = Sha384Update(sha384, ssl->arrays->serverRandom, RAN_LEN)) && !(ret = wc_Sha384Update(sha384, ssl->arrays->serverRandom, RAN_LEN))
&& !(ret = Sha384Update(sha384, messageVerify, verifySz))) && !(ret = wc_Sha384Update(sha384, messageVerify, verifySz)))
ret = Sha384Final(sha384, hash384); ret = Sha384Final(sha384, hash384);
if (ret != 0) if (ret != 0)
goto done; goto done;
@@ -10406,7 +10406,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
switch (ssl->specs.kea) { switch (ssl->specs.kea) {
#ifndef NO_RSA #ifndef NO_RSA
case rsa_kea: case rsa_kea:
ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret,
SECRET_LEN); SECRET_LEN);
if (ret != 0) { if (ret != 0) {
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
@@ -10648,7 +10648,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
'C', 'y', 'a', 'S', 'S', 'L', ' ', 'N', 'T', 'R', 'U' 'C', 'y', 'a', 'S', 'S', 'L', ' ', 'N', 'T', 'R', 'U'
}; };
ret = RNG_GenerateBlock(ssl->rng, ret = wc_RNG_GenerateBlock(ssl->rng,
ssl->arrays->preMasterSecret, SECRET_LEN); ssl->arrays->preMasterSecret, SECRET_LEN);
if (ret != 0) { if (ret != 0) {
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
@@ -11321,7 +11321,7 @@ int DoSessionTicket(WOLFSSL* ssl,
/* then random */ /* then random */
if (!ssl->options.resuming) { if (!ssl->options.resuming) {
ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom,
RAN_LEN); RAN_LEN);
if (ret != 0) if (ret != 0)
return ret; return ret;
@@ -11343,7 +11343,7 @@ int DoSessionTicket(WOLFSSL* ssl,
output[idx++] = ID_LEN; output[idx++] = ID_LEN;
if (!ssl->options.resuming) { if (!ssl->options.resuming) {
ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->sessionID, ID_LEN); ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->sessionID, ID_LEN);
if (ret != 0) if (ret != 0)
return ret; return ret;
} }
@@ -11817,11 +11817,11 @@ int DoSessionTicket(WOLFSSL* ssl,
if (md5 == NULL) if (md5 == NULL)
ERROR_OUT(MEMORY_E, done_a2); ERROR_OUT(MEMORY_E, done_a2);
#endif #endif
InitMd5(md5); wc_InitMd5(md5);
Md5Update(md5, ssl->arrays->clientRandom, RAN_LEN); wc_Md5Update(md5, ssl->arrays->clientRandom, RAN_LEN);
Md5Update(md5, ssl->arrays->serverRandom, RAN_LEN); wc_Md5Update(md5, ssl->arrays->serverRandom, RAN_LEN);
Md5Update(md5, output + preSigIdx, preSigSz); wc_Md5Update(md5, output + preSigIdx, preSigSz);
Md5Final(md5, hash); wc_Md5Final(md5, hash);
/* sha */ /* sha */
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
@@ -11870,12 +11870,12 @@ int DoSessionTicket(WOLFSSL* ssl,
ERROR_OUT(MEMORY_E, done_a2); ERROR_OUT(MEMORY_E, done_a2);
#endif #endif
if (!(ret = InitSha384(sha384)) if (!(ret = wc_InitSha384(sha384))
&& !(ret = Sha384Update(sha384, ssl->arrays->clientRandom, && !(ret = wc_Sha384Update(sha384, ssl->arrays->clientRandom,
RAN_LEN)) RAN_LEN))
&& !(ret = Sha384Update(sha384, ssl->arrays->serverRandom, && !(ret = wc_Sha384Update(sha384, ssl->arrays->serverRandom,
RAN_LEN)) RAN_LEN))
&& !(ret = Sha384Update(sha384, output + preSigIdx, preSigSz))) && !(ret = wc_Sha384Update(sha384, output + preSigIdx, preSigSz)))
ret = Sha384Final(sha384, hash384); ret = Sha384Final(sha384, hash384);
if (ret != 0) if (ret != 0)
@@ -12271,11 +12271,11 @@ int DoSessionTicket(WOLFSSL* ssl,
if (md5 == NULL) if (md5 == NULL)
ERROR_OUT(MEMORY_E, done_b); ERROR_OUT(MEMORY_E, done_b);
#endif #endif
InitMd5(md5); wc_InitMd5(md5);
Md5Update(md5, ssl->arrays->clientRandom, RAN_LEN); wc_Md5Update(md5, ssl->arrays->clientRandom, RAN_LEN);
Md5Update(md5, ssl->arrays->serverRandom, RAN_LEN); wc_Md5Update(md5, ssl->arrays->serverRandom, RAN_LEN);
Md5Update(md5, output + preSigIdx, preSigSz); wc_Md5Update(md5, output + preSigIdx, preSigSz);
Md5Final(md5, hash); wc_Md5Final(md5, hash);
/* sha */ /* sha */
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
@@ -12325,12 +12325,12 @@ int DoSessionTicket(WOLFSSL* ssl,
ERROR_OUT(MEMORY_E, done_b); ERROR_OUT(MEMORY_E, done_b);
#endif #endif
if (!(ret = InitSha384(sha384)) if (!(ret = wc_InitSha384(sha384))
&& !(ret = Sha384Update(sha384, ssl->arrays->clientRandom, && !(ret = wc_Sha384Update(sha384, ssl->arrays->clientRandom,
RAN_LEN)) RAN_LEN))
&& !(ret = Sha384Update(sha384, ssl->arrays->serverRandom, && !(ret = wc_Sha384Update(sha384, ssl->arrays->serverRandom,
RAN_LEN)) RAN_LEN))
&& !(ret = Sha384Update(sha384, output + preSigIdx, preSigSz))) && !(ret = wc_Sha384Update(sha384, output + preSigIdx, preSigSz)))
ret = Sha384Final(sha384, hash384); ret = Sha384Final(sha384, hash384);
if (ret != 0) if (ret != 0)
@@ -12615,7 +12615,7 @@ int DoSessionTicket(WOLFSSL* ssl,
/* manually hash input since different format */ /* manually hash input since different format */
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
#ifndef NO_MD5 #ifndef NO_MD5
Md5Update(&ssl->hashMd5, input + idx, sz); wc_Md5Update(&ssl->hashMd5, input + idx, sz);
#endif #endif
#ifndef NO_SHA #ifndef NO_SHA
ShaUpdate(&ssl->hashSha, input + idx, sz); ShaUpdate(&ssl->hashSha, input + idx, sz);
@@ -12749,7 +12749,7 @@ int DoSessionTicket(WOLFSSL* ssl,
ssl->session = *session; /* restore session certs. */ ssl->session = *session; /* restore session certs. */
#endif #endif
ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom,
RAN_LEN); RAN_LEN);
if (ret != 0) if (ret != 0)
return ret; return ret;
@@ -13040,7 +13040,7 @@ int DoSessionTicket(WOLFSSL* ssl,
ssl->session = *session; /* restore session certs. */ ssl->session = *session; /* restore session certs. */
#endif #endif
ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom,
RAN_LEN); RAN_LEN);
if (ret != 0) if (ret != 0)
return ret; return ret;

14
src/keys.c
View File

@@ -2509,7 +2509,7 @@ int DeriveKeys(WOLFSSL* ssl)
} }
#endif #endif
InitMd5(md5); wc_InitMd5(md5);
ret = InitSha(sha); ret = InitSha(sha);
@@ -2536,8 +2536,8 @@ int DeriveKeys(WOLFSSL* ssl)
ShaFinal(sha, shaOutput); ShaFinal(sha, shaOutput);
XMEMCPY(md5Input + SECRET_LEN, shaOutput, SHA_DIGEST_SIZE); XMEMCPY(md5Input + SECRET_LEN, shaOutput, SHA_DIGEST_SIZE);
Md5Update(md5, md5Input, SECRET_LEN + SHA_DIGEST_SIZE); wc_Md5Update(md5, md5Input, SECRET_LEN + SHA_DIGEST_SIZE);
Md5Final(md5, keyData + i * MD5_DIGEST_SIZE); wc_Md5Final(md5, keyData + i * MD5_DIGEST_SIZE);
} }
if (ret == 0) if (ret == 0)
@@ -2564,7 +2564,7 @@ static int CleanPreMaster(WOLFSSL* ssl)
for (i = 0; i < sz; i++) for (i = 0; i < sz; i++)
ssl->arrays->preMasterSecret[i] = 0; ssl->arrays->preMasterSecret[i] = 0;
ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, sz); ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, sz);
if (ret != 0) if (ret != 0)
return ret; return ret;
@@ -2628,7 +2628,7 @@ static int MakeSslMasterSecret(WOLFSSL* ssl)
} }
#endif #endif
InitMd5(md5); wc_InitMd5(md5);
ret = InitSha(sha); ret = InitSha(sha);
@@ -2658,8 +2658,8 @@ static int MakeSslMasterSecret(WOLFSSL* ssl)
idx = pmsSz; /* preSz */ idx = pmsSz; /* preSz */
XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE); XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE);
idx += SHA_DIGEST_SIZE; idx += SHA_DIGEST_SIZE;
Md5Update(md5, md5Input, idx); wc_Md5Update(md5, md5Input, idx);
Md5Final(md5, &ssl->arrays->masterSecret[i * MD5_DIGEST_SIZE]); wc_Md5Final(md5, &ssl->arrays->masterSecret[i * MD5_DIGEST_SIZE]);
} }
#ifdef SHOW_SECRETS #ifdef SHOW_SECRETS

14
src/ssl.c
View File

@@ -5511,7 +5511,7 @@ static INLINE word32 HashSession(const byte* sessionID, word32 len, int* error)
byte digest[MD5_DIGEST_SIZE]; byte digest[MD5_DIGEST_SIZE];
#ifndef NO_MD5 #ifndef NO_MD5
*error = Md5Hash(sessionID, len, digest); *error = wc_Md5Hash(sessionID, len, digest);
#elif !defined(NO_SHA) #elif !defined(NO_SHA)
*error = ShaHash(sessionID, len, digest); *error = ShaHash(sessionID, len, digest);
#elif !defined(NO_SHA256) #elif !defined(NO_SHA256)
@@ -7934,9 +7934,9 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
return NULL; return NULL;
#endif #endif
if (HmacSetKey(hmac, type, (const byte*)key, key_len) == 0) if (wc_HmacSetKey(hmac, type, (const byte*)key, key_len) == 0)
if (HmacUpdate(hmac, d, n) == 0) if (wc_HmacUpdate(hmac, d, n) == 0)
if (HmacFinal(hmac, md) == 0) { if (wc_HmacFinal(hmac, md) == 0) {
if (md_len) if (md_len)
*md_len = (type == MD5) ? (int)MD5_DIGEST_SIZE *md_len = (type == MD5) ? (int)MD5_DIGEST_SIZE
: (int)SHA_DIGEST_SIZE; : (int)SHA_DIGEST_SIZE;
@@ -11682,7 +11682,7 @@ void wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
if (key && keylen) { if (key && keylen) {
WOLFSSL_MSG("keying hmac"); WOLFSSL_MSG("keying hmac");
HmacSetKey(&ctx->hmac, ctx->type, (const byte*)key, (word32)keylen); wc_HmacSetKey(&ctx->hmac, ctx->type, (const byte*)key, (word32)keylen);
/* OpenSSL compat, no error */ /* OpenSSL compat, no error */
} }
} }
@@ -11695,7 +11695,7 @@ void wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx, const unsigned char* data,
if (ctx && data) { if (ctx && data) {
WOLFSSL_MSG("updating hmac"); WOLFSSL_MSG("updating hmac");
HmacUpdate(&ctx->hmac, data, (word32)len); wc_HmacUpdate(&ctx->hmac, data, (word32)len);
/* OpenSSL compat, no error */ /* OpenSSL compat, no error */
} }
} }
@@ -11708,7 +11708,7 @@ void wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash,
if (ctx && hash) { if (ctx && hash) {
WOLFSSL_MSG("final hmac"); WOLFSSL_MSG("final hmac");
HmacFinal(&ctx->hmac, hash); wc_HmacFinal(&ctx->hmac, hash);
/* OpenSSL compat, no error */ /* OpenSSL compat, no error */
if (len) { if (len) {

28
src/tls.c
View File

@@ -126,17 +126,17 @@ static int p_hash(byte* result, word32 resLen, const byte* secret,
lastTime = times - 1; lastTime = times - 1;
if ((ret = HmacSetKey(hmac, hash, secret, secLen)) == 0) { if ((ret = wc_HmacSetKey(hmac, hash, secret, secLen)) == 0) {
if ((ret = HmacUpdate(hmac, seed, seedLen)) == 0) { /* A0 = seed */ if ((ret = wc_HmacUpdate(hmac, seed, seedLen)) == 0) { /* A0 = seed */
if ((ret = HmacFinal(hmac, previous)) == 0) { /* A1 */ if ((ret = wc_HmacFinal(hmac, previous)) == 0) { /* A1 */
for (i = 0; i < times; i++) { for (i = 0; i < times; i++) {
ret = HmacUpdate(hmac, previous, len); ret = wc_HmacUpdate(hmac, previous, len);
if (ret != 0) if (ret != 0)
break; break;
ret = HmacUpdate(hmac, seed, seedLen); ret = wc_HmacUpdate(hmac, seed, seedLen);
if (ret != 0) if (ret != 0)
break; break;
ret = HmacFinal(hmac, current); ret = wc_HmacFinal(hmac, current);
if (ret != 0) if (ret != 0)
break; break;
@@ -146,10 +146,10 @@ static int p_hash(byte* result, word32 resLen, const byte* secret,
else { else {
XMEMCPY(&result[idx], current, len); XMEMCPY(&result[idx], current, len);
idx += len; idx += len;
ret = HmacUpdate(hmac, previous, len); ret = wc_HmacUpdate(hmac, previous, len);
if (ret != 0) if (ret != 0)
break; break;
ret = HmacFinal(hmac, previous); ret = wc_HmacFinal(hmac, previous);
if (ret != 0) if (ret != 0)
break; break;
} }
@@ -329,7 +329,7 @@ int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
word32 hashSz = FINISHED_SZ; word32 hashSz = FINISHED_SZ;
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
Md5Final(&ssl->hashMd5, handshake_hash); wc_Md5Final(&ssl->hashMd5, handshake_hash);
ShaFinal(&ssl->hashSha, &handshake_hash[MD5_DIGEST_SIZE]); ShaFinal(&ssl->hashSha, &handshake_hash[MD5_DIGEST_SIZE]);
#endif #endif
@@ -346,7 +346,7 @@ int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
#endif #endif
#ifdef WOLFSSL_SHA384 #ifdef WOLFSSL_SHA384
if (ssl->specs.mac_algorithm == sha384_mac) { if (ssl->specs.mac_algorithm == sha384_mac) {
int ret = Sha384Final(&ssl->hashSha384, handshake_hash); int ret = wc_Sha384Final(&ssl->hashSha384, handshake_hash);
if (ret != 0) if (ret != 0)
return ret; return ret;
@@ -688,17 +688,17 @@ int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
wolfSSL_SetTlsHmacInner(ssl, myInner, sz, content, verify); wolfSSL_SetTlsHmacInner(ssl, myInner, sz, content, verify);
ret = HmacSetKey(&hmac, wolfSSL_GetHmacType(ssl), ret = wc_HmacSetKey(&hmac, wolfSSL_GetHmacType(ssl),
wolfSSL_GetMacSecret(ssl, verify), ssl->specs.hash_size); wolfSSL_GetMacSecret(ssl, verify), ssl->specs.hash_size);
if (ret != 0) if (ret != 0)
return ret; return ret;
ret = HmacUpdate(&hmac, myInner, sizeof(myInner)); ret = wc_HmacUpdate(&hmac, myInner, sizeof(myInner));
if (ret != 0) if (ret != 0)
return ret; return ret;
ret = HmacUpdate(&hmac, in, sz); /* content */ ret = wc_HmacUpdate(&hmac, in, sz); /* content */
if (ret != 0) if (ret != 0)
return ret; return ret;
ret = HmacFinal(&hmac, digest); ret = wc_HmacFinal(&hmac, digest);
if (ret != 0) if (ret != 0)
return ret; return ret;

18
wolfcrypt/src/asn.c
View File

@@ -2982,7 +2982,7 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
#ifndef NO_SHA256 #ifndef NO_SHA256
case CTC_SHA256wRSA: case CTC_SHA256wRSA:
case CTC_SHA256wECDSA: case CTC_SHA256wECDSA:
if (Sha256Hash(buf, bufSz, digest) == 0) { if (wc_Sha256Hash(buf, bufSz, digest) == 0) {
typeH = SHA256h; typeH = SHA256h;
digestSz = SHA256_DIGEST_SIZE; digestSz = SHA256_DIGEST_SIZE;
} }
@@ -2991,7 +2991,7 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
#ifdef WOLFSSL_SHA512 #ifdef WOLFSSL_SHA512
case CTC_SHA512wRSA: case CTC_SHA512wRSA:
case CTC_SHA512wECDSA: case CTC_SHA512wECDSA:
if (Sha512Hash(buf, bufSz, digest) == 0) { if (wc_Sha512Hash(buf, bufSz, digest) == 0) {
typeH = SHA512h; typeH = SHA512h;
digestSz = SHA512_DIGEST_SIZE; digestSz = SHA512_DIGEST_SIZE;
} }
@@ -3000,7 +3000,7 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
#ifdef WOLFSSL_SHA384 #ifdef WOLFSSL_SHA384
case CTC_SHA384wRSA: case CTC_SHA384wRSA:
case CTC_SHA384wECDSA: case CTC_SHA384wECDSA:
if (Sha384Hash(buf, bufSz, digest) == 0) { if (wc_Sha384Hash(buf, bufSz, digest) == 0) {
typeH = SHA384h; typeH = SHA384h;
digestSz = SHA384_DIGEST_SIZE; digestSz = SHA384_DIGEST_SIZE;
} }
@@ -4291,11 +4291,11 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
if (cert->extSubjKeyIdSet == 0 if (cert->extSubjKeyIdSet == 0
&& cert->publicKey != NULL && cert->pubKeySize > 0) { && cert->publicKey != NULL && cert->pubKeySize > 0) {
Sha sha; Sha sha;
ret = InitSha(&sha); ret = wc_InitSha(&sha);
if (ret != 0) if (ret != 0)
return ret; return ret;
ShaUpdate(&sha, cert->publicKey, cert->pubKeySize); wc_ShaUpdate(&sha, cert->publicKey, cert->pubKeySize);
ShaFinal(&sha, cert->extSubjKeyId); wc_ShaFinal(&sha, cert->extSubjKeyId);
} }
#endif #endif
@@ -4316,11 +4316,11 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
/* Need the ca's public key hash for OCSP */ /* Need the ca's public key hash for OCSP */
{ {
Sha sha; Sha sha;
ret = InitSha(&sha); ret = wc_InitSha(&sha);
if (ret != 0) if (ret != 0)
return ret; return ret;
ShaUpdate(&sha, ca->publicKey, ca->pubKeySize); wc_ShaUpdate(&sha, ca->publicKey, ca->pubKeySize);
ShaFinal(&sha, cert->issuerKeyHash); wc_ShaFinal(&sha, cert->issuerKeyHash);
} }
#endif /* HAVE_OCSP */ #endif /* HAVE_OCSP */
/* try to confirm/verify signature */ /* try to confirm/verify signature */

800
wolfcrypt/src/hmac.c
View File

@@ -19,7 +19,6 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/ */
#ifdef HAVE_CONFIG_H #ifdef HAVE_CONFIG_H
#include <config.h> #include <config.h>
#endif #endif
@@ -30,11 +29,7 @@
#include <wolfssl/wolfcrypt/hmac.h> #include <wolfssl/wolfcrypt/hmac.h>
#ifdef __cplusplus #ifdef HAVE_FIPS
extern "C" {
#endif
/* does init */ /* does init */
int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz) int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz)
{ {
@@ -112,11 +107,800 @@ int wc_HmacFinal_fips(Hmac* hmac, byte* out)
#endif /* FIPS_NO_WRAPPERS */ #endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */ #endif /* HAVE_FIPS */
#else
#ifdef CYASSL_PIC32MZ_HASH
#define wc_InitMd5 wc_InitMd5_sw
#define wc_Md5Update wc_Md5Update_sw
#define wc_Md5Final wc_Md5Final_sw
#define wc_InitSha wc_InitSha_sw
#define wc_ShaUpdate wc_ShaUpdate_sw
#define wc_ShaFinal wc_ShaFinal_sw
#define wc_InitSha256 wc_InitSha256_sw
#define wc_Sha256Update wc_Sha256Update_sw
#define wc_Sha256Final wc_Sha256Final_sw
#ifdef __cplusplus
} /* extern "C" */
#endif #endif
#ifdef HAVE_FIPS
/* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
#define FIPS_NO_WRAPPERS
#endif
#include <wolfssl/wolfcrypt/error-crypt.h>
#ifdef HAVE_CAVIUM
static void HmacCaviumFinal(Hmac* hmac, byte* hash);
static void HmacCaviumUpdate(Hmac* hmac, const byte* msg, word32 length);
static void HmacCaviumSetKey(Hmac* hmac, int type, const byte* key,
word32 length);
#endif
static int InitHmac(Hmac* hmac, int type)
{
int ret = 0;
hmac->innerHashKeyed = 0;
hmac->macType = (byte)type;
if (!(type == MD5 || type == SHA || type == SHA256 || type == SHA384
|| type == SHA512 || type == BLAKE2B_ID))
return BAD_FUNC_ARG;
switch (type) {
#ifndef NO_MD5
case MD5:
wc_InitMd5(&hmac->hash.md5);
break;
#endif
#ifndef NO_SHA
case SHA:
ret = wc_InitSha(&hmac->hash.sha);
break;
#endif
#ifndef NO_SHA256
case SHA256:
ret = wc_InitSha256(&hmac->hash.sha256);
break;
#endif
#ifdef WOLFSSL_SHA384
case SHA384:
ret = wc_InitSha384(&hmac->hash.sha384);
break;
#endif
#ifdef WOLFSSL_SHA512
case SHA512:
ret = wc_InitSha512(&hmac->hash.sha512);
break;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
ret = wc_InitBlake2b(&hmac->hash.blake2b, BLAKE2B_256);
break;
#endif
default:
return BAD_FUNC_ARG;
}
return ret;
}
int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
{
byte* ip = (byte*) hmac->ipad;
byte* op = (byte*) hmac->opad;
word32 i, hmac_block_size = 0;
int ret;
#ifdef HAVE_CAVIUM
if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumSetKey(hmac, type, key, length);
#endif
ret = InitHmac(hmac, type);
if (ret != 0)
return ret;
#ifdef HAVE_FIPS
if (length < HMAC_FIPS_MIN_KEY)
return HMAC_MIN_KEYLEN_E;
#endif
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
{
hmac_block_size = MD5_BLOCK_SIZE;
if (length <= MD5_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
wc_Md5Update(&hmac->hash.md5, key, length);
wc_Md5Final(&hmac->hash.md5, ip);
length = MD5_DIGEST_SIZE;
}
}
break;
#endif
#ifndef NO_SHA
case SHA:
{
hmac_block_size = SHA_BLOCK_SIZE;
if (length <= SHA_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
wc_ShaUpdate(&hmac->hash.sha, key, length);
wc_ShaFinal(&hmac->hash.sha, ip);
length = SHA_DIGEST_SIZE;
}
}
break;
#endif
#ifndef NO_SHA256
case SHA256:
{
hmac_block_size = SHA256_BLOCK_SIZE;
if (length <= SHA256_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
ret = wc_Sha256Update(&hmac->hash.sha256, key, length);
if (ret != 0)
return ret;
ret = wc_Sha256Final(&hmac->hash.sha256, ip);
if (ret != 0)
return ret;
length = SHA256_DIGEST_SIZE;
}
}
break;
#endif
#ifdef WOLFSSL_SHA384
case SHA384:
{
hmac_block_size = SHA384_BLOCK_SIZE;
if (length <= SHA384_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
ret = wc_Sha384Update(&hmac->hash.sha384, key, length);
if (ret != 0)
return ret;
ret = wc_Sha384Final(&hmac->hash.sha384, ip);
if (ret != 0)
return ret;
length = SHA384_DIGEST_SIZE;
}
}
break;
#endif
#ifdef WOLFSSL_SHA512
case SHA512:
{
hmac_block_size = SHA512_BLOCK_SIZE;
if (length <= SHA512_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
ret = wc_Sha512Update(&hmac->hash.sha512, key, length);
if (ret != 0)
return ret;
ret = wc_Sha512Final(&hmac->hash.sha512, ip);
if (ret != 0)
return ret;
length = SHA512_DIGEST_SIZE;
}
}
break;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
{
hmac_block_size = BLAKE2B_BLOCKBYTES;
if (length <= BLAKE2B_BLOCKBYTES) {
XMEMCPY(ip, key, length);
}
else {
ret = wc_Blake2bUpdate(&hmac->hash.blake2b, key, length);
if (ret != 0)
return ret;
ret = wc_Blake2bFinal(&hmac->hash.blake2b, ip, BLAKE2B_256);
if (ret != 0)
return ret;
length = BLAKE2B_256;
}
}
break;
#endif
default:
return BAD_FUNC_ARG;
}
if (length < hmac_block_size)
XMEMSET(ip + length, 0, hmac_block_size - length);
for(i = 0; i < hmac_block_size; i++) {
op[i] = ip[i] ^ OPAD;
ip[i] ^= IPAD;
}
return 0;
}
static int HmacKeyInnerHash(Hmac* hmac)
{
int ret = 0;
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
wc_Md5Update(&hmac->hash.md5, (byte*) hmac->ipad, MD5_BLOCK_SIZE);
break;
#endif
#ifndef NO_SHA
case SHA:
wc_ShaUpdate(&hmac->hash.sha, (byte*) hmac->ipad, SHA_BLOCK_SIZE);
break;
#endif
#ifndef NO_SHA256
case SHA256:
ret = wc_Sha256Update(&hmac->hash.sha256,
(byte*) hmac->ipad, SHA256_BLOCK_SIZE);
if (ret != 0)
return ret;
break;
#endif
#ifdef WOLFSSL_SHA384
case SHA384:
ret = wc_Sha384Update(&hmac->hash.sha384,
(byte*) hmac->ipad, SHA384_BLOCK_SIZE);
if (ret != 0)
return ret;
break;
#endif
#ifdef WOLFSSL_SHA512
case SHA512:
ret = wc_Sha512Update(&hmac->hash.sha512,
(byte*) hmac->ipad, SHA512_BLOCK_SIZE);
if (ret != 0)
return ret;
break;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
ret = wc_Blake2bUpdate(&hmac->hash.blake2b,
(byte*) hmac->ipad,BLAKE2B_BLOCKBYTES);
if (ret != 0)
return ret;
break;
#endif
default:
break;
}
hmac->innerHashKeyed = 1;
return ret;
}
int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
{
int ret;
#ifdef HAVE_CAVIUM
if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumUpdate(hmac, msg, length);
#endif
if (!hmac->innerHashKeyed) {
ret = HmacKeyInnerHash(hmac);
if (ret != 0)
return ret;
}
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
wc_Md5Update(&hmac->hash.md5, msg, length);
break;
#endif
#ifndef NO_SHA
case SHA:
wc_ShaUpdate(&hmac->hash.sha, msg, length);
break;
#endif
#ifndef NO_SHA256
case SHA256:
ret = wc_Sha256Update(&hmac->hash.sha256, msg, length);
if (ret != 0)
return ret;
break;
#endif
#ifdef WOLFSSL_SHA384
case SHA384:
ret = wc_Sha384Update(&hmac->hash.sha384, msg, length);
if (ret != 0)
return ret;
break;
#endif
#ifdef WOLFSSL_SHA512
case SHA512:
ret = wc_Sha512Update(&hmac->hash.sha512, msg, length);
if (ret != 0)
return ret;
break;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
ret = wc_Blake2bUpdate(&hmac->hash.blake2b, msg, length);
if (ret != 0)
return ret;
break;
#endif
default:
break;
}
return 0;
}
int wc_HmacFinal(Hmac* hmac, byte* hash)
{
int ret;
#ifdef HAVE_CAVIUM
if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumFinal(hmac, hash);
#endif
if (!hmac->innerHashKeyed) {
ret = HmacKeyInnerHash(hmac);
if (ret != 0)
return ret;
}
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
{
wc_Md5Final(&hmac->hash.md5, (byte*) hmac->innerHash);
wc_Md5Update(&hmac->hash.md5, (byte*) hmac->opad, MD5_BLOCK_SIZE);
wc_Md5Update(&hmac->hash.md5,
(byte*) hmac->innerHash, MD5_DIGEST_SIZE);
wc_Md5Final(&hmac->hash.md5, hash);
}
break;
#endif
#ifndef NO_SHA
case SHA:
{
wc_ShaFinal(&hmac->hash.sha, (byte*) hmac->innerHash);
wc_ShaUpdate(&hmac->hash.sha, (byte*) hmac->opad, SHA_BLOCK_SIZE);
wc_ShaUpdate(&hmac->hash.sha,
(byte*) hmac->innerHash, SHA_DIGEST_SIZE);
wc_ShaFinal(&hmac->hash.sha, hash);
}
break;
#endif
#ifndef NO_SHA256
case SHA256:
{
ret = wc_Sha256Final(&hmac->hash.sha256, (byte*) hmac->innerHash);
if (ret != 0)
return ret;
ret = wc_Sha256Update(&hmac->hash.sha256,
(byte*) hmac->opad, SHA256_BLOCK_SIZE);
if (ret != 0)
return ret;
ret = wc_Sha256Update(&hmac->hash.sha256,
(byte*) hmac->innerHash, SHA256_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = wc_Sha256Final(&hmac->hash.sha256, hash);
if (ret != 0)
return ret;
}
break;
#endif
#ifdef WOLFSSL_SHA384
case SHA384:
{
ret = wc_Sha384Final(&hmac->hash.sha384, (byte*) hmac->innerHash);
if (ret != 0)
return ret;
ret = wc_Sha384Update(&hmac->hash.sha384,
(byte*) hmac->opad, SHA384_BLOCK_SIZE);
if (ret != 0)
return ret;
ret = wc_Sha384Update(&hmac->hash.sha384,
(byte*) hmac->innerHash, SHA384_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = wc_Sha384Final(&hmac->hash.sha384, hash);
if (ret != 0)
return ret;
}
break;
#endif
#ifdef WOLFSSL_SHA512
case SHA512:
{
ret = wc_Sha512Final(&hmac->hash.sha512, (byte*) hmac->innerHash);
if (ret != 0)
return ret;
ret = wc_Sha512Update(&hmac->hash.sha512,
(byte*) hmac->opad, SHA512_BLOCK_SIZE);
if (ret != 0)
return ret;
ret = wc_Sha512Update(&hmac->hash.sha512,
(byte*) hmac->innerHash, SHA512_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = wc_Sha512Final(&hmac->hash.sha512, hash);
if (ret != 0)
return ret;
}
break;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
{
ret = wc_Blake2bFinal(&hmac->hash.blake2b, (byte*) hmac->innerHash,
BLAKE2B_256);
if (ret != 0)
return ret;
ret = wc_Blake2bUpdate(&hmac->hash.blake2b,
(byte*) hmac->opad, BLAKE2B_BLOCKBYTES);
if (ret != 0)
return ret;
ret = wc_Blake2bUpdate(&hmac->hash.blake2b,
(byte*) hmac->innerHash, BLAKE2B_256);
if (ret != 0)
return ret;
ret = wc_Blake2bFinal(&hmac->hash.blake2b, hash, BLAKE2B_256);
if (ret != 0)
return ret;
}
break;
#endif
default:
break;
}
hmac->innerHashKeyed = 0;
return 0;
}
#ifdef HAVE_CAVIUM
/* Initiliaze Hmac for use with Nitrox device */
int wc_HmacInitCavium(Hmac* hmac, int devId)
{
if (hmac == NULL)
return -1;
if (CspAllocContext(CONTEXT_SSL, &hmac->contextHandle, devId) != 0)
return -1;
hmac->keyLen = 0;
hmac->dataLen = 0;
hmac->type = 0;
hmac->devId = devId;
hmac->magic = CYASSL_HMAC_CAVIUM_MAGIC;
hmac->data = NULL; /* buffered input data */
hmac->innerHashKeyed = 0;
return 0;
}
/* Free Hmac from use with Nitrox device */
void wc_HmacFreeCavium(Hmac* hmac)
{
if (hmac == NULL)
return;
CspFreeContext(CONTEXT_SSL, hmac->contextHandle, hmac->devId);
hmac->magic = 0;
XFREE(hmac->data, NULL, DYNAMIC_TYPE_CAVIUM_TMP);
hmac->data = NULL;
}
static void HmacCaviumFinal(Hmac* hmac, byte* hash)
{
word32 requestId;
if (CspHmac(CAVIUM_BLOCKING, hmac->type, NULL, hmac->keyLen,
(byte*)hmac->ipad, hmac->dataLen, hmac->data, hash, &requestId,
hmac->devId) != 0) {
CYASSL_MSG("Cavium Hmac failed");
}
hmac->innerHashKeyed = 0; /* tell update to start over if used again */
}
static void HmacCaviumUpdate(Hmac* hmac, const byte* msg, word32 length)
{
word16 add = (word16)length;
word32 total;
byte* tmp;
if (length > CYASSL_MAX_16BIT) {
CYASSL_MSG("Too big msg for cavium hmac");
return;
}
if (hmac->innerHashKeyed == 0) { /* starting new */
hmac->dataLen = 0;
hmac->innerHashKeyed = 1;
}
total = add + hmac->dataLen;
if (total > CYASSL_MAX_16BIT) {
CYASSL_MSG("Too big msg for cavium hmac");
return;
}
tmp = XMALLOC(hmac->dataLen + add, NULL,DYNAMIC_TYPE_CAVIUM_TMP);
if (tmp == NULL) {
CYASSL_MSG("Out of memory for cavium update");
return;
}
if (hmac->dataLen)
XMEMCPY(tmp, hmac->data, hmac->dataLen);
XMEMCPY(tmp + hmac->dataLen, msg, add);
hmac->dataLen += add;
XFREE(hmac->data, NULL, DYNAMIC_TYPE_CAVIUM_TMP);
hmac->data = tmp;
}
static void HmacCaviumSetKey(Hmac* hmac, int type, const byte* key,
word32 length)
{
hmac->macType = (byte)type;
if (type == MD5)
hmac->type = MD5_TYPE;
else if (type == SHA)
hmac->type = SHA1_TYPE;
else if (type == SHA256)
hmac->type = SHA256_TYPE;
else {
CYASSL_MSG("unsupported cavium hmac type");
}
hmac->innerHashKeyed = 0; /* should we key Startup flag */
hmac->keyLen = (word16)length;
/* store key in ipad */
XMEMCPY(hmac->ipad, key, length);
}
#endif /* HAVE_CAVIUM */
int wc_wolfSSL_GetHmacMaxSize(void)
{
return MAX_DIGEST_SIZE;
}
#ifdef HAVE_HKDF
#ifndef min
static INLINE word32 min(word32 a, word32 b)
{
return a > b ? b : a;
}
#endif /* min */
static INLINE int GetHashSizeByType(int type)
{
if (!(type == MD5 || type == SHA || type == SHA256 || type == SHA384
|| type == SHA512 || type == BLAKE2B_ID))
return BAD_FUNC_ARG;
switch (type) {
#ifndef NO_MD5
case MD5:
return MD5_DIGEST_SIZE;
break;
#endif
#ifndef NO_SHA
case SHA:
return SHA_DIGEST_SIZE;
break;
#endif
#ifndef NO_SHA256
case SHA256:
return SHA256_DIGEST_SIZE;
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
return SHA384_DIGEST_SIZE;
break;
#endif
#ifdef CYASSL_SHA512
case SHA512:
return SHA512_DIGEST_SIZE;
break;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
return BLAKE2B_OUTBYTES;
break;
#endif
default:
return BAD_FUNC_ARG;
break;
}
}
/* HMAC-KDF with hash type, optional salt and info, return 0 on success */
int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
const byte* salt, word32 saltSz,
const byte* info, word32 infoSz,
byte* out, word32 outSz)
{
Hmac myHmac;
#ifdef CYASSL_SMALL_STACK
byte* tmp;
byte* prk;
#else
byte tmp[MAX_DIGEST_SIZE]; /* localSalt helper and T */
byte prk[MAX_DIGEST_SIZE];
#endif
const byte* localSalt; /* either points to user input or tmp */
int hashSz = GetHashSizeByType(type);
word32 outIdx = 0;
byte n = 0x1;
int ret;
if (hashSz < 0)
return BAD_FUNC_ARG;
#ifdef CYASSL_SMALL_STACK
tmp = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp == NULL)
return MEMORY_E;
prk = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (prk == NULL) {
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
#endif
localSalt = salt;
if (localSalt == NULL) {
XMEMSET(tmp, 0, hashSz);
localSalt = tmp;
saltSz = hashSz;
}
do {
ret = wc_HmacSetKey(&myHmac, type, localSalt, saltSz);
if (ret != 0)
break;
ret = wc_HmacUpdate(&myHmac, inKey, inKeySz);
if (ret != 0)
break;
ret = wc_HmacFinal(&myHmac, prk);
} while (0);
if (ret == 0) {
while (outIdx < outSz) {
int tmpSz = (n == 1) ? 0 : hashSz;
word32 left = outSz - outIdx;
ret = wc_HmacSetKey(&myHmac, type, prk, hashSz);
if (ret != 0)
break;
ret = wc_HmacUpdate(&myHmac, tmp, tmpSz);
if (ret != 0)
break;
ret = wc_HmacUpdate(&myHmac, info, infoSz);
if (ret != 0)
break;
ret = wc_HmacUpdate(&myHmac, &n, 1);
if (ret != 0)
break;
ret = wc_HmacFinal(&myHmac, tmp);
if (ret != 0)
break;
left = min(left, (word32)hashSz);
XMEMCPY(out+outIdx, tmp, left);
outIdx += hashSz;
n++;
}
}
#ifdef CYASSL_SMALL_STACK
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(prk, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#endif /* HAVE_HKDF */
#endif /* HAVE_FIPS */
#endif /* NO_HMAC */ #endif /* NO_HMAC */

14
wolfcrypt/src/random.c
View File

@@ -214,29 +214,29 @@ static int Hash_df(DRBG* drbg, byte* out, word32 outSz, byte type,
for (i = 0, ctr = 1; i < len; i++, ctr++) for (i = 0, ctr = 1; i < len; i++, ctr++)
{ {
if (InitSha256(&drbg->sha) != 0) if (wc_InitSha256(&drbg->sha) != 0)
return DRBG_FAILURE; return DRBG_FAILURE;
if (Sha256Update(&drbg->sha, &ctr, sizeof(ctr)) != 0) if (wc_Sha256Update(&drbg->sha, &ctr, sizeof(ctr)) != 0)
return DRBG_FAILURE; return DRBG_FAILURE;
if (Sha256Update(&drbg->sha, (byte*)&bits, sizeof(bits)) != 0) if (wc_Sha256Update(&drbg->sha, (byte*)&bits, sizeof(bits)) != 0)
return DRBG_FAILURE; return DRBG_FAILURE;
/* churning V is the only string that doesn't have /* churning V is the only string that doesn't have
* the type added */ * the type added */
if (type != drbgInitV) if (type != drbgInitV)
if (Sha256Update(&drbg->sha, &type, sizeof(type)) != 0) if (wc_Sha256Update(&drbg->sha, &type, sizeof(type)) != 0)
return DRBG_FAILURE; return DRBG_FAILURE;
if (Sha256Update(&drbg->sha, inA, inASz) != 0) if (wc_Sha256Update(&drbg->sha, inA, inASz) != 0)
return DRBG_FAILURE; return DRBG_FAILURE;
if (inB != NULL && inBSz > 0) if (inB != NULL && inBSz > 0)
if (Sha256Update(&drbg->sha, inB, inBSz) != 0) if (wc_Sha256Update(&drbg->sha, inB, inBSz) != 0)
return DRBG_FAILURE; return DRBG_FAILURE;
if (Sha256Final(&drbg->sha, drbg->digest) != 0) if (wc_Sha256Final(&drbg->sha, drbg->digest) != 0)
return DRBG_FAILURE; return DRBG_FAILURE;
if (outSz > OUTPUT_BLOCK_LEN) { if (outSz > OUTPUT_BLOCK_LEN) {

4
wolfcrypt/src/rsa.c
View File

@@ -341,7 +341,7 @@ static int wc_RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock,
else { else {
/* pad with non-zero random bytes */ /* pad with non-zero random bytes */
word32 padLen = pkcsBlockLen - inputLen - 1, i; word32 padLen = pkcsBlockLen - inputLen - 1, i;
int ret = RNG_GenerateBlock(rng, &pkcsBlock[1], padLen); int ret = wc_RNG_GenerateBlock(rng, &pkcsBlock[1], padLen);
if (ret != 0) if (ret != 0)
return ret; return ret;
@@ -741,7 +741,7 @@ static int rand_prime(mp_int* N, int len, RNG* rng, void* heap)
fflush(stdout); fflush(stdout);
#endif #endif
/* generate value */ /* generate value */
err = RNG_GenerateBlock(rng, buf, len); err = wc_RNG_GenerateBlock(rng, buf, len);
if (err != 0) { if (err != 0) {
XFREE(buf, heap, DYNAMIC_TYPE_RSA); XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return err; return err;

85
wolfssl/wolfcrypt/aes.h
View File

@@ -29,6 +29,7 @@
#include <wolfssl/wolfcrypt/types.h> #include <wolfssl/wolfcrypt/types.h>
/* included for fips @wc_fips */ /* included for fips @wc_fips */
#ifdef HAVE_FIPS
#include <cyassl/ctaocrypt/aes.h> #include <cyassl/ctaocrypt/aes.h>
#if defined(CYASSL_AES_COUNTER) && !defined(WOLFSSL_AES_COUNTER) #if defined(CYASSL_AES_COUNTER) && !defined(WOLFSSL_AES_COUNTER)
#define WOLFSSL_AES_COUNTER #define WOLFSSL_AES_COUNTER
@@ -36,14 +37,96 @@
#if !defined(WOLFSSL_AES_DIRECT) && defined(CYASSL_AES_DIRECT) #if !defined(WOLFSSL_AES_DIRECT) && defined(CYASSL_AES_DIRECT)
#define WOLFSSL_AES_DIRECT #define WOLFSSL_AES_DIRECT
#endif #endif
#endif
#ifndef HAVE_FIPS
#ifdef HAVE_CAVIUM
#include <wolfssl/ctaocrypt/logging.h>
#include "cavium_common.h"
#endif
#ifdef WOLFSSL_AESNI
#include <wmmintrin.h>
#if !defined (ALIGN16)
#if defined (__GNUC__)
#define ALIGN16 __attribute__ ( (aligned (16)))
#elif defined(_MSC_VER)
/* disable align warning, we want alignment ! */
#pragma warning(disable: 4324)
#define ALIGN16 __declspec (align (16))
#else
#define ALIGN16
#endif
#endif
#endif /* WOLFSSL_AESNI */
#if !defined (ALIGN16)
#define ALIGN16
#endif
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
#define WOLFSSL_AES_CAVIUM_MAGIC 0xBEEF0002
enum {
AES_ENC_TYPE = 1, /* cipher unique type */
AES_ENCRYPTION = 0,
AES_DECRYPTION = 1,
AES_BLOCK_SIZE = 16
};
typedef struct Aes {
/* AESNI needs key first, rounds 2nd, not sure why yet */
ALIGN16 word32 key[60];
word32 rounds;
ALIGN16 word32 reg[AES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
ALIGN16 word32 tmp[AES_BLOCK_SIZE / sizeof(word32)]; /* same */
#ifdef HAVE_AESGCM
ALIGN16 byte H[AES_BLOCK_SIZE];
#ifdef GCM_TABLE
/* key-based fast multiplication table. */
ALIGN16 byte M0[256][AES_BLOCK_SIZE];
#endif /* GCM_TABLE */
#endif /* HAVE_AESGCM */
#ifdef WOLFSSL_AESNI
byte use_aesni;
#endif /* WOLFSSL_AESNI */
#ifdef HAVE_CAVIUM
AesType type; /* aes key type */
int devId; /* nitrox device id */
word32 magic; /* using cavium magic */
word64 contextHandle; /* nitrox context memory handle */
#endif
#ifdef WOLFSSL_AES_COUNTER
word32 left; /* unsued bytes left from last call */
#endif
#ifdef WOLFSSL_PIC32MZ_CRYPT
word32 key_ce[AES_BLOCK_SIZE*2/sizeof(word32)] ;
word32 iv_ce [AES_BLOCK_SIZE /sizeof(word32)] ;
int keylen ;
#endif
} Aes;
#ifdef HAVE_AESGCM
typedef struct Gmac {
Aes aes;
} Gmac;
#endif /* HAVE_AESGCM */
#endif /* HAVE_FIPS */
WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv, WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
int dir); int dir);
WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv); WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv);
WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz); WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz); WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
WOLFSSL_API int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz, WOLFSSL_API int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,

132
wolfssl/wolfcrypt/hmac.h
View File

@@ -25,9 +25,34 @@
#ifndef WOLF_CRYPT_HMAC_H #ifndef WOLF_CRYPT_HMAC_H
#define WOLF_CRYPT_HMAC_H #define WOLF_CRYPT_HMAC_H
/* for fips */ #include <wolfssl/wolfcrypt/types.h>
#include <cyassl/ctaocrypt/hmac.h>
#ifdef HAVE_FIPS
/* for fips */
#include <cyassl/ctaocrypt/hmac.h>
#else
#include <wolfssl/wolfcrypt/types.h>
#ifndef NO_MD5
#include <wolfssl/wolfcrypt/md5.h>
#endif
//#ifndef NO_SHA
#include <wolfssl/wolfcrypt/sha.h>
//#endif
//#ifndef NO_SHA256
#include <wolfssl/wolfcrypt/sha256.h>
//#endif
//#ifdef WOLFSSL_SHA512
#include <wolfssl/wolfcrypt/sha512.h>
//#endif
#ifdef HAVE_BLAKE2
#include <wolfssl/wolfcrypt/blake2.h>
#endif
#endif /* HAVE_FIPS */
#ifdef HAVE_CAVIUM #ifdef HAVE_CAVIUM
#include <wolfssl/wolfcrypt/logging.h> #include <wolfssl/wolfcrypt/logging.h>
@@ -38,6 +63,102 @@
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
#ifndef HAVE_FIPS
#define WOLFSSL_HMAC_CAVIUM_MAGIC 0xBEEF0005
enum {
HMAC_FIPS_MIN_KEY = 14, /* 112 bit key length minimum */
IPAD = 0x36,
OPAD = 0x5C,
/* If any hash is not enabled, add the ID here. */
#ifdef NO_MD5
MD5 = 0,
#endif
#ifdef NO_SHA
SHA = 1,
#endif
#ifdef NO_SHA256
SHA256 = 2,
#endif
#ifndef WOLFSSL_SHA512
SHA512 = 4,
#endif
#ifndef WOLFSSL_SHA384
SHA384 = 5,
#endif
#ifndef HAVE_BLAKE2
BLAKE2B_ID = 7,
#endif
/* Select the largest available hash for the buffer size. */
#if defined(WOLFSSL_SHA512)
MAX_DIGEST_SIZE = SHA512_DIGEST_SIZE,
HMAC_BLOCK_SIZE = SHA512_BLOCK_SIZE
#elif defined(HAVE_BLAKE2)
MAX_DIGEST_SIZE = BLAKE2B_OUTBYTES,
HMAC_BLOCK_SIZE = BLAKE2B_BLOCKBYTES,
#elif defined(WOLFSSL_SHA384)
MAX_DIGEST_SIZE = SHA384_DIGEST_SIZE,
HMAC_BLOCK_SIZE = SHA384_BLOCK_SIZE
#elif !defined(NO_SHA256)
MAX_DIGEST_SIZE = SHA256_DIGEST_SIZE,
HMAC_BLOCK_SIZE = SHA256_BLOCK_SIZE
#elif !defined(NO_SHA)
MAX_DIGEST_SIZE = SHA_DIGEST_SIZE,
HMAC_BLOCK_SIZE = SHA_BLOCK_SIZE
#elif !defined(NO_MD5)
MAX_DIGEST_SIZE = MD5_DIGEST_SIZE,
HMAC_BLOCK_SIZE = MD5_BLOCK_SIZE
#else
#error "You have to have some kind of hash if you want to use HMAC."
#endif
};
/* hash union */
typedef union {
#ifndef NO_MD5
Md5 md5;
#endif
#ifndef NO_SHA
Sha sha;
#endif
#ifndef NO_SHA256
Sha256 sha256;
#endif
#ifdef WOLFSSL_SHA384
Sha384 sha384;
#endif
#ifdef WOLFSSL_SHA512
Sha512 sha512;
#endif
#ifdef HAVE_BLAKE2
Blake2b blake2b;
#endif
} Hash;
/* Hmac digest */
typedef struct Hmac {
Hash hash;
word32 ipad[HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
word32 opad[HMAC_BLOCK_SIZE / sizeof(word32)];
word32 innerHash[MAX_DIGEST_SIZE / sizeof(word32)];
byte macType; /* md5 sha or sha256 */
byte innerHashKeyed; /* keyed flag */
#ifdef HAVE_CAVIUM
word16 keyLen; /* hmac key length */
word16 dataLen;
HashType type; /* hmac key type */
int devId; /* nitrox device id */
word32 magic; /* using cavium magic */
word64 contextHandle; /* nitrox context memory handle */
byte* data; /* buffered input data for one call */
#endif
} Hmac;
#endif /* HAVE_FIPS */
/* does init */ /* does init */
WOLFSSL_API int wc_HmacSetKey(Hmac*, int type, const byte* key, word32 keySz); WOLFSSL_API int wc_HmacSetKey(Hmac*, int type, const byte* key, word32 keySz);
@@ -68,13 +189,6 @@ WOLFSSL_API int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
word32 keySz); word32 keySz);
WOLFSSL_API int wc_HmacUpdate_fips(Hmac*, const byte*, word32); WOLFSSL_API int wc_HmacUpdate_fips(Hmac*, const byte*, word32);
WOLFSSL_API int wc_HmacFinal_fips(Hmac*, byte*); WOLFSSL_API int wc_HmacFinal_fips(Hmac*, byte*);
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define HmacSetKey HmacSetKey_fips
#define HmacUpdate HmacUpdate_fips
#define HmacFinal HmacFinal_fips
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */ #endif /* HAVE_FIPS */

44
wolfssl/wolfcrypt/sha512.h
View File

@@ -42,13 +42,35 @@
#define CYASSL_SHA384 #define CYASSL_SHA384
#endif #endif
/* for fips */ /* for fips */
#ifdef HAVE_FIPS
#include <cyassl/ctaocrypt/sha512.h> #include <cyassl/ctaocrypt/sha512.h>
#endif
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
#ifndef HAVE_FIPS
/* in bytes */
enum {
SHA512 = 4, /* hash type unique */
SHA512_BLOCK_SIZE = 128,
SHA512_DIGEST_SIZE = 64,
SHA512_PAD_SIZE = 112
};
/* Sha512 digest */
typedef struct Sha512 {
word32 buffLen; /* in bytes */
word32 loLen; /* length in bytes */
word32 hiLen; /* length in bytes */
word64 digest[SHA512_DIGEST_SIZE / sizeof(word64)];
word64 buffer[SHA512_BLOCK_SIZE / sizeof(word64)];
} Sha512;
#endif /* HAVE_FIPS */
WOLFSSL_API int wc_InitSha512(Sha512*); WOLFSSL_API int wc_InitSha512(Sha512*);
WOLFSSL_API int wc_Sha512Update(Sha512*, const byte*, word32); WOLFSSL_API int wc_Sha512Update(Sha512*, const byte*, word32);
WOLFSSL_API int wc_Sha512Final(Sha512*, byte*); WOLFSSL_API int wc_Sha512Final(Sha512*, byte*);
@@ -56,6 +78,26 @@ WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*);
#if defined(WOLFSSL_SHA384) || defined(HAVE_AESGCM) #if defined(WOLFSSL_SHA384) || defined(HAVE_AESGCM)
#ifndef HAVE_FIPS
/* in bytes */
enum {
SHA384 = 5, /* hash type unique */
SHA384_BLOCK_SIZE = 128,
SHA384_DIGEST_SIZE = 48,
SHA384_PAD_SIZE = 112
};
/* Sha384 digest */
typedef struct Sha384 {
word32 buffLen; /* in bytes */
word32 loLen; /* length in bytes */
word32 hiLen; /* length in bytes */
word64 digest[SHA512_DIGEST_SIZE / sizeof(word64)]; /* for transform 512 */
word64 buffer[SHA384_BLOCK_SIZE / sizeof(word64)];
} Sha384;
#endif /* HAVE_FIPS */
WOLFSSL_API int wc_InitSha384(Sha384*); WOLFSSL_API int wc_InitSha384(Sha384*);
WOLFSSL_API int wc_Sha384Update(Sha384*, const byte*, word32); WOLFSSL_API int wc_Sha384Update(Sha384*, const byte*, word32);
WOLFSSL_API int wc_Sha384Final(Sha384*, byte*); WOLFSSL_API int wc_Sha384Final(Sha384*, byte*);