diff --git a/src/internal.c b/src/internal.c index 1f6f302ba..6e0275f73 100644 --- a/src/internal.c +++ b/src/internal.c @@ -3576,10 +3576,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) #ifndef NO_OLD_TLS #ifndef NO_MD5 - ret = wc_InitMd5(&ssl->hsHashes->hashMd5); - if (ret != 0) { - return ret; - } + wc_InitMd5(&ssl->hsHashes->hashMd5); #endif #ifndef NO_SHA ret = wc_InitSha(&ssl->hsHashes->hashSha); @@ -4800,10 +4797,7 @@ static int HashOutputRaw(WOLFSSL* ssl, const byte* output, int sz) wc_ShaUpdate(&ssl->hsHashes->hashSha, output, sz); #endif #ifndef NO_MD5 - ret = wc_Md5Update(&ssl->hsHashes->hashMd5, output, sz); - if (ret != 0) { - return ret; - } + wc_Md5Update(&ssl->hsHashes->hashMd5, output, sz); #endif #endif /* NO_OLD_TLS */ @@ -4851,16 +4845,10 @@ static int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz) #endif #ifndef NO_OLD_TLS #ifndef NO_SHA - ret = wc_ShaUpdate(&ssl->hsHashes->hashSha, adj, sz); - if (ret != 0) { - return ret; - } + wc_ShaUpdate(&ssl->hsHashes->hashSha, adj, sz); #endif #ifndef NO_MD5 - ret = wc_Md5Update(&ssl->hsHashes->hashMd5, adj, sz); - if (ret != 0) { - return ret; - } + wc_Md5Update(&ssl->hsHashes->hashMd5, adj, sz); #endif #endif @@ -5530,7 +5518,7 @@ static const byte PAD2[PAD_MD5] = static int BuildMD5(WOLFSSL* ssl, Hashes* hashes, const byte* sender) { - int ret; + byte md5_result[MD5_DIGEST_SIZE]; #ifdef WOLFSSL_SMALL_STACK @@ -5554,75 +5542,18 @@ static int BuildMD5(WOLFSSL* ssl, Hashes* hashes, const byte* sender) /* make md5 inner */ md5[0] = ssl->hsHashes->hashMd5 ; /* Save current position */ - ret = wc_Md5Update(&ssl->hsHashes->hashMd5, sender, SIZEOF_SENDER); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5_2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } - ret = wc_Md5Update(&ssl->hsHashes->hashMd5, ssl->arrays->masterSecret, - SECRET_LEN); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5_2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } - ret = wc_Md5Update(&ssl->hsHashes->hashMd5, PAD1, PAD_MD5); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5_2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } + wc_Md5Update(&ssl->hsHashes->hashMd5, sender, SIZEOF_SENDER); + wc_Md5Update(&ssl->hsHashes->hashMd5, ssl->arrays->masterSecret,SECRET_LEN); + wc_Md5Update(&ssl->hsHashes->hashMd5, PAD1, PAD_MD5); wc_Md5GetHash(&ssl->hsHashes->hashMd5, md5_result); wc_Md5RestorePos(&ssl->hsHashes->hashMd5, md5) ; /* Restore current position */ /* make md5 outer */ - ret = wc_InitMd5(md5_2) ; - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5_2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } - ret = wc_Md5Update(md5_2, ssl->arrays->masterSecret,SECRET_LEN); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5_2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } - ret = wc_Md5Update(md5_2, PAD2, PAD_MD5); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5_2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } - ret = wc_Md5Update(md5_2, md5_result, MD5_DIGEST_SIZE); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5_2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } - ret = wc_Md5Final(md5_2, hashes->md5); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5_2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } + wc_InitMd5(md5_2) ; + wc_Md5Update(md5_2, ssl->arrays->masterSecret,SECRET_LEN); + wc_Md5Update(md5_2, PAD2, PAD_MD5); + wc_Md5Update(md5_2, md5_result, MD5_DIGEST_SIZE); + wc_Md5Final(md5_2, hashes->md5); #ifdef WOLFSSL_SMALL_STACK XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); @@ -10217,9 +10148,10 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, byte result[MAX_DIGEST_SIZE]; word32 digestSz = ssl->specs.hash_size; /* actual sizes */ word32 padSz = ssl->specs.pad_size; + int ret = 0; + Md5 md5; Sha sha; - int ret; /* data */ byte seq[SEQ_SZ]; @@ -10237,109 +10169,45 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, WriteSEQ(ssl, verify, seq); if (ssl->specs.mac_algorithm == md5_mac) { - ret = wc_InitMd5(&md5); - if (ret != 0) { - return ret; - } + wc_InitMd5(&md5); /* inner */ - ret = wc_Md5Update(&md5, macSecret, digestSz); - if (ret != 0) { - return ret; - } - ret = wc_Md5Update(&md5, PAD1, padSz); - if (ret != 0) { - return ret; - } - ret = wc_Md5Update(&md5, seq, SEQ_SZ); - if (ret != 0) { - return ret; - } - ret = wc_Md5Update(&md5, conLen, sizeof(conLen)); - if (ret != 0) { - return ret; - } + wc_Md5Update(&md5, macSecret, digestSz); + wc_Md5Update(&md5, PAD1, padSz); + wc_Md5Update(&md5, seq, SEQ_SZ); + wc_Md5Update(&md5, conLen, sizeof(conLen)); /* in buffer */ - ret = wc_Md5Update(&md5, in, sz); - if (ret != 0) { - return ret; - } - ret = wc_Md5Final(&md5, result); - if (ret != 0) { - return ret; - } + wc_Md5Update(&md5, in, sz); + wc_Md5Final(&md5, result); /* outer */ - ret = wc_Md5Update(&md5, macSecret, digestSz); - if (ret != 0) { - return ret; - } - ret = wc_Md5Update(&md5, PAD2, padSz); - if (ret != 0) { - return ret; - } - ret = wc_Md5Update(&md5, result, digestSz); - if (ret != 0) { - return ret; - } - ret = wc_Md5Final(&md5, digest); - if (ret != 0) { - return ret; - } + wc_Md5Update(&md5, macSecret, digestSz); + wc_Md5Update(&md5, PAD2, padSz); + wc_Md5Update(&md5, result, digestSz); + wc_Md5Final(&md5, digest); } else { ret = wc_InitSha(&sha); if (ret != 0) return ret; /* inner */ - ret = wc_ShaUpdate(&sha, macSecret, digestSz); - if (ret != 0) { - return ret; - } - ret = wc_ShaUpdate(&sha, PAD1, padSz); - if (ret != 0) { - return ret; - } - ret = wc_ShaUpdate(&sha, seq, SEQ_SZ); - if (ret != 0) { - return ret; - } - ret = wc_ShaUpdate(&sha, conLen, sizeof(conLen)); - if (ret != 0) { - return ret; - } + wc_ShaUpdate(&sha, macSecret, digestSz); + wc_ShaUpdate(&sha, PAD1, padSz); + wc_ShaUpdate(&sha, seq, SEQ_SZ); + wc_ShaUpdate(&sha, conLen, sizeof(conLen)); /* in buffer */ - ret = wc_ShaUpdate(&sha, in, sz); - if (ret != 0) { - return ret; - } - ret = wc_ShaFinal(&sha, result); - if (ret != 0) { - return ret; - } + wc_ShaUpdate(&sha, in, sz); + wc_ShaFinal(&sha, result); /* outer */ - ret = wc_ShaUpdate(&sha, macSecret, digestSz); - if (ret != 0) { - return ret; - } - ret = wc_ShaUpdate(&sha, PAD2, padSz); - if (ret != 0) { - return ret; - } - ret = wc_ShaUpdate(&sha, result, digestSz); - if (ret != 0) { - return ret; - } - ret = wc_ShaFinal(&sha, digest); - if (ret != 0) { - return ret; - } + wc_ShaUpdate(&sha, macSecret, digestSz); + wc_ShaUpdate(&sha, PAD2, padSz); + wc_ShaUpdate(&sha, result, digestSz); + wc_ShaFinal(&sha, digest); } - return ret; + return 0; } #ifndef NO_CERTS -static int BuildMD5_CertVerify(WOLFSSL* ssl, byte* digest) +static void BuildMD5_CertVerify(WOLFSSL* ssl, byte* digest) { - int ret; byte md5_result[MD5_DIGEST_SIZE]; #ifdef WOLFSSL_SMALL_STACK @@ -10352,75 +10220,23 @@ static int BuildMD5_CertVerify(WOLFSSL* ssl, byte* digest) /* make md5 inner */ md5[0] = ssl->hsHashes->hashMd5 ; /* Save current position */ - ret = wc_Md5Update(&ssl->hsHashes->hashMd5, ssl->arrays->masterSecret, - SECRET_LEN); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5_2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } - ret = wc_Md5Update(&ssl->hsHashes->hashMd5, PAD1, PAD_MD5); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5_2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } + wc_Md5Update(&ssl->hsHashes->hashMd5, ssl->arrays->masterSecret,SECRET_LEN); + wc_Md5Update(&ssl->hsHashes->hashMd5, PAD1, PAD_MD5); wc_Md5GetHash(&ssl->hsHashes->hashMd5, md5_result); wc_Md5RestorePos(&ssl->hsHashes->hashMd5, md5) ; /* Restore current position */ /* make md5 outer */ - ret = wc_InitMd5(md5_2) ; - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5_2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } - ret = wc_Md5Update(md5_2, ssl->arrays->masterSecret, SECRET_LEN); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5_2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } - ret = wc_Md5Update(md5_2, PAD2, PAD_MD5); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5_2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } - ret = wc_Md5Update(md5_2, md5_result, MD5_DIGEST_SIZE); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5_2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } + wc_InitMd5(md5_2) ; + wc_Md5Update(md5_2, ssl->arrays->masterSecret, SECRET_LEN); + wc_Md5Update(md5_2, PAD2, PAD_MD5); + wc_Md5Update(md5_2, md5_result, MD5_DIGEST_SIZE); - ret = wc_Md5Final(md5_2, digest); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5_2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } + wc_Md5Final(md5_2, digest); #ifdef WOLFSSL_SMALL_STACK XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(md5_2, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif - - return ret; } @@ -10497,10 +10313,7 @@ static int BuildCertHashes(WOLFSSL* ssl, Hashes* hashes) } #if ! defined( NO_OLD_TLS ) else { - ret = BuildMD5_CertVerify(ssl, hashes->md5); - if (ret != 0) { - return ret; - } + BuildMD5_CertVerify(ssl, hashes->md5); BuildSHA_CertVerify(ssl, hashes->sha); } #endif diff --git a/src/ssl.c b/src/ssl.c index d30a98bd0..2d5fb50a5 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1669,10 +1669,7 @@ int wolfSSL_Rehandshake(WOLFSSL* ssl) #ifndef NO_OLD_TLS #ifndef NO_MD5 - ret = wc_InitMd5(&ssl->hsHashes->hashMd5); - if (ret != 0) { - return ret; - } + wc_InitMd5(&ssl->hsHashes->hashMd5); #endif #ifndef NO_SHA ret = wc_InitSha(&ssl->hsHashes->hashSha); @@ -7768,9 +7765,6 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, int wolfSSL_connect(WOLFSSL* ssl) { int neededState; - #if !defined(NO_OLD_TLS) && defined(WOLFSSL_DTLS) - int ret; - #endif WOLFSSL_ENTER("SSL_connect()"); @@ -7862,17 +7856,14 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, #ifdef WOLFSSL_DTLS if (IsDtlsNotSctpMode(ssl)) { /* re-init hashes, exclude first hello and verify request */ - #ifndef NO_OLD_TLS - ret = wc_InitMd5(&ssl->hsHashes->hashMd5); - if (ret) { - return ret; - } +#ifndef NO_OLD_TLS + wc_InitMd5(&ssl->hsHashes->hashMd5); if ( (ssl->error = wc_InitSha(&ssl->hsHashes->hashSha)) != 0) { WOLFSSL_ERROR(ssl->error); return SSL_FATAL_ERROR; } - #endif +#endif if (IsAtLeastTLSv1_2(ssl)) { #ifndef NO_SHA256 if ( (ssl->error = wc_InitSha256( @@ -10704,7 +10695,6 @@ int wolfSSL_set_compression(WOLFSSL* ssl) int keyLeft; int ivLeft; int keyOutput = 0; - int ret; byte digest[MD5_DIGEST_SIZE]; #ifdef WOLFSSL_SMALL_STACK Md5* md5 = NULL; @@ -10721,10 +10711,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) (void)type; WOLFSSL_ENTER("wolfSSL_EVP_BytesToKey"); - ret = wc_InitMd5(md5); - if (ret != 0) { - return ret; - } + wc_InitMd5(md5); /* only support MD5 for now */ if (XSTRNCMP(md, "MD5", 3) != 0) return 0; @@ -10769,56 +10756,18 @@ int wolfSSL_set_compression(WOLFSSL* ssl) while (keyOutput < (keyLen + ivLen)) { int digestLeft = MD5_DIGEST_SIZE; /* D_(i - 1) */ - if (keyOutput) { /* first time D_0 is empty */ - ret = wc_Md5Update(md5, digest, MD5_DIGEST_SIZE); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } - } + if (keyOutput) /* first time D_0 is empty */ + wc_Md5Update(md5, digest, MD5_DIGEST_SIZE); /* data */ - ret = wc_Md5Update(md5, data, sz); - if (ret !=0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } + wc_Md5Update(md5, data, sz); /* salt */ - if (salt) { - ret = wc_Md5Update(md5, salt, EVP_SALT_SIZE); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } - } - ret = wc_Md5Final(md5, digest); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } + if (salt) + wc_Md5Update(md5, salt, EVP_SALT_SIZE); + wc_Md5Final(md5, digest); /* count */ for (j = 1; j < count; j++) { - ret = wc_Md5Update(md5, digest, MD5_DIGEST_SIZE); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } - ret = wc_Md5Final(md5, digest); - if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif - return ret; - } + wc_Md5Update(md5, digest, MD5_DIGEST_SIZE); + wc_Md5Final(md5, digest); } if (keyLeft) { diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 339eb531e..326d89971 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -1132,7 +1132,6 @@ int md5_test(void) testVector a, b, c, d, e; testVector test_md5[5]; int times = sizeof(test_md5) / sizeof(testVector), i; - int ret; a.input = "abc"; a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f" @@ -1172,21 +1171,11 @@ int md5_test(void) test_md5[3] = d; test_md5[4] = e; - ret = wc_InitMd5(&md5); - if (ret != 0) { - return ret; - } + wc_InitMd5(&md5); for (i = 0; i < times; ++i) { - ret = wc_Md5Update(&md5, (byte*)test_md5[i].input, - (word32)test_md5[i].inLen); - if (ret != 0) { - return ret; - } - ret = wc_Md5Final(&md5, hash); - if (ret != 0){ - return ret; - } + wc_Md5Update(&md5, (byte*)test_md5[i].input, (word32)test_md5[i].inLen); + wc_Md5Final(&md5, hash); if (XMEMCMP(hash, test_md5[i].output, MD5_DIGEST_SIZE) != 0) return -5 - i;