wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 12:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

save iPad, oPad. test long key

Browse Source
This commit is contained in:
Takashi Kojo
2017-12-02 04:30:36 +09:00
committed by Jacob Barthelmeh
parent 30e6ec5396
commit 56efe657fc
3 changed files with 127 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

108
src/ssl.c
View File

@@ -19479,16 +19479,16 @@ const char* wolfSSL_state_string_long(const WOLFSSL* ssl)
break; break;
case DTLS_MAJOR: case DTLS_MAJOR:
switch (ssl->version.minor){ switch (ssl->version.minor){
case DTLS_MINOR: case DTLS_MINOR:
protocol = DTLS_V1; protocol = DTLS_V1;
break; break;
case DTLSv1_2_MINOR: case DTLSv1_2_MINOR:
protocol = DTLS_V1_2; protocol = DTLS_V1_2;
break; break;
default: default:
protocol = UNKNOWN; protocol = UNKNOWN;
} }
break; break;
default: default:
protocol = UNKNOWN; protocol = UNKNOWN;
} }
@@ -24729,8 +24729,10 @@ int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_HMAC_CTX* src)
des->hmac.heap = src->hmac.heap; des->hmac.heap = src->hmac.heap;
des->hmac.macType = src->hmac.macType; des->hmac.macType = src->hmac.macType;
des->hmac.innerHashKeyed = src->hmac.innerHashKeyed; des->hmac.innerHashKeyed = src->hmac.innerHashKeyed;
des->save_len = src->save_len; XMEMCPY((byte *)&des->save_ipad, (byte *)&src->hmac.ipad,
XMEMCPY(des->save_key, src->save_key, src->save_len); HMAC_BLOCK_SIZE);
XMEMCPY((byte *)&des->save_opad, (byte *)&src->hmac.opad,
HMAC_BLOCK_SIZE);
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
XMEMCPY(des->hmac.asyncDev, src->hmac.asyncDev, sizeof(WC_ASYNC_DEV)); XMEMCPY(des->hmac.asyncDev, src->hmac.asyncDev, sizeof(WC_ASYNC_DEV));
@@ -24749,7 +24751,67 @@ int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_HMAC_CTX* src)
return SSL_SUCCESS; return SSL_SUCCESS;
} }
/* duplicate from wolfcrypt/src/hmac.c needs refactored */
static int _InitHmac(Hmac* hmac, int type, void* heap)
{
int ret = 0;
switch (type) {
#ifndef NO_MD5
case MD5:
ret = wc_InitMd5(&hmac->hash.md5);
break;
#endif /* !NO_MD5 */
#ifndef NO_SHA
case SHA:
ret = wc_InitSha(&hmac->hash.sha);
break;
#endif /* !NO_SHA */
#ifdef WOLFSSL_SHA224
case SHA224:
ret = wc_InitSha224(&hmac->hash.sha224);
break;
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
case SHA256:
ret = wc_InitSha256(&hmac->hash.sha256);
break;
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA512
#ifdef WOLFSSL_SHA384
case SHA384:
ret = wc_InitSha384(&hmac->hash.sha384);
break;
#endif /* WOLFSSL_SHA384 */
case SHA512:
ret = wc_InitSha512(&hmac->hash.sha512);
break;
#endif /* WOLFSSL_SHA512 */
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
ret = wc_InitBlake2b(&hmac->hash.blake2b, BLAKE2B_256);
break;
#endif /* HAVE_BLAKE2 */
default:
ret = BAD_FUNC_ARG;
break;
}
/* default to NULL heap hint or test value */
#ifdef WOLFSSL_HEAP_TEST
hmac->heap = (void)WOLFSSL_HEAP_TEST;
#else
hmac->heap = heap;
#endif /* WOLFSSL_HEAP_TEST */
return ret;
}
int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen, int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
const EVP_MD* type) const EVP_MD* type)
{ {
@@ -24761,10 +24823,6 @@ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
WOLFSSL_MSG("no ctx on init"); WOLFSSL_MSG("no ctx on init");
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
if (key && (keylen > HMAC_BLOCK_SIZE)) {
WOLFSSL_MSG("invalid keylen");
return SSL_FAILURE;
}
if (type) { if (type) {
WOLFSSL_MSG("init has type"); WOLFSSL_MSG("init has type");
@@ -24810,15 +24868,25 @@ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
wc_HmacFree(&ctx->hmac); wc_HmacFree(&ctx->hmac);
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
XMEMCPY((byte *)&ctx->save_key, (const byte*)key, (word32)keylen); XMEMCPY((byte *)&ctx->save_ipad, (byte *)&ctx->hmac.ipad,
ctx->save_len = keylen; HMAC_BLOCK_SIZE);
XMEMCPY((byte *)&ctx->save_opad, (byte *)&ctx->hmac.opad,
HMAC_BLOCK_SIZE);
} }
/* OpenSSL compat, no error */ /* OpenSSL compat, no error */
} else if(ctx->type >= 0) { /* MD5 == 0 */ } else if(ctx->type >= 0) { /* MD5 == 0 */
WOLFSSL_MSG("recover hmac"); WOLFSSL_MSG("recover hmac");
if (wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID) == 0) { if (wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID) == 0) {
wc_HmacSetKey(&ctx->hmac, ctx->type, (byte *)&ctx->save_key, ctx->hmac.macType = ctx->type;
(word32)ctx->save_len); ctx->hmac.innerHashKeyed = 0;
XMEMCPY((byte *)&ctx->hmac.ipad, (byte *)&ctx->save_ipad,
HMAC_BLOCK_SIZE);
XMEMCPY((byte *)&ctx->hmac.opad, (byte *)&ctx->save_opad,
HMAC_BLOCK_SIZE);
if ((hmac_error = _InitHmac(&ctx->hmac, ctx->hmac.macType, ctx->hmac.heap))
!=0) {
return hmac_error;
}
} }
} }

39
tests/api.c
View File

@@ -16033,9 +16033,16 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
unsigned char key[] = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" unsigned char key[] = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b"; "\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
unsigned char long_key[] =
"0123456789012345678901234567890123456789"
"0123456789012345678901234567890123456789"
"0123456789012345678901234567890123456789"
"0123456789012345678901234567890123456789";
unsigned char msg[] = "message to hash"; unsigned char msg[] = "message to hash";
unsigned int digestSz = 64; unsigned int digestSz = 64;
int keySz = sizeof(key); int keySz = sizeof(key);
int long_keySz = sizeof(long_key);
int msgSz = sizeof(msg); int msgSz = sizeof(msg);
unsigned char digest2[64]; unsigned char digest2[64];
@@ -16059,7 +16066,9 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0); AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
/* test HMAC_Init with NULL key */ /* test HMAC_Init with NULL key */
printf("test HMAC_Init with NULL key (1)\n");
/* init after copy */
printf("test HMAC_Init with NULL key (0)\n");
HMAC_CTX_init(&ctx1); HMAC_CTX_init(&ctx1);
AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS); AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS); AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
@@ -16075,12 +16084,36 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Final(&ctx2, digest, &digestSz), SSL_SUCCESS); AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
HMAC_CTX_cleanup(&ctx2); HMAC_CTX_cleanup(&ctx2);
AssertIntEQ(digestSz, digestSz2); AssertIntEQ(digestSz, digestSz2);
AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0); AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
/* long key */
printf("test HMAC_Init with NULL key (1)\n");
HMAC_CTX_init(&ctx1);
AssertIntEQ(HMAC_Init(&ctx1, (const void*)long_key, long_keySz, type), SSL_SUCCESS);
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
AssertIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
HMAC_CTX_cleanup(&ctx2);
AssertIntEQ(digestSz, digestSz2);
AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
/* init before copy */
printf("test HMAC_Init with NULL key (2)\n"); printf("test HMAC_Init with NULL key (2)\n");
HMAC_CTX_init(&ctx1); HMAC_CTX_init(&ctx1);
AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS); AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
@@ -16094,7 +16127,7 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Final(&ctx2, digest, &digestSz), SSL_SUCCESS); AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
HMAC_CTX_cleanup(&ctx2); HMAC_CTX_cleanup(&ctx2);
AssertIntEQ(digestSz, digestSz2); AssertIntEQ(digestSz, digestSz2);

4
wolfssl/openssl/hmac.h
View File

@@ -53,8 +53,8 @@ WOLFSSL_API unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md,
typedef struct WOLFSSL_HMAC_CTX { typedef struct WOLFSSL_HMAC_CTX {
Hmac hmac; Hmac hmac;
int type; int type;
byte save_key[HMAC_BLOCK_SIZE]; /* save initial hmac after wc_HmacSetKey */ word32 save_ipad[HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
word32 save_len; word32 save_opad[HMAC_BLOCK_SIZE / sizeof(word32)];
} WOLFSSL_HMAC_CTX; } WOLFSSL_HMAC_CTX;