diff --git a/doc/dox_comments/header_files/hmac.h b/doc/dox_comments/header_files/hmac.h index fbc80ec00..da0d40360 100644 --- a/doc/dox_comments/header_files/hmac.h +++ b/doc/dox_comments/header_files/hmac.h @@ -6,7 +6,8 @@ \return 0 Returned on successfully initializing the Hmac object \return BAD_FUNC_ARG Returned if the input type is invalid. Valid options - are: MD5, SHA, SHA256, SHA384, SHA512, BLAKE2B_ID + are: MD5, SHA, SHA256, SHA384, SHA512, SHA3-224, SHA3-256, SHA3-384, + SHA3-512 \return MEMORY_E Returned if there is an error allocating memory for the structure to use for hashing \return HMAC_MIN_KEYLEN_E May be returned when using a FIPS implementation @@ -15,7 +16,8 @@ \param hmac pointer to the Hmac object to initialize \param type type specifying which encryption method the Hmac object - should use. Valid options are: MD5, SHA, SHA256, SHA384, SHA512, BLAKE2B_ID + should use. Valid options are: MD5, SHA, SHA256, SHA384, SHA512, SHA3-224, + SHA3-256, SHA3-384, SHA3-512 \param key pointer to a buffer containing the key with which to initialize the Hmac object \param length length of the key @@ -131,14 +133,15 @@ WOLFSSL_API int wolfSSL_GetHmacMaxSize(void); \return 0 Returned upon successfully generating a key with the given inputs \return BAD_FUNC_ARG Returned if an invalid hash type is given as - argument. Valid types are: MD5, SHA, SHA256, SHA384, SHA512, BLAKE2B_ID + argument. Valid types are: MD5, SHA, SHA256, SHA384, SHA512, SHA3-224, + SHA3-256, SHA3-384, SHA3-512 \return MEMORY_E Returned if there is an error allocating memory \return HMAC_MIN_KEYLEN_E May be returned when using a FIPS implementation and the key length specified is shorter than the minimum acceptable FIPS standard \param type hash type to use for the HKDF. Valid types are: MD5, SHA, - SHA256, SHA384, SHA512, BLAKE2B_ID + SHA256, SHA384, SHA512, SHA3-224, SHA3-256, SHA3-384, SHA3-512 \param inKey pointer to the buffer containing the key to use for KDF \param inKeySz length of the input key \param salt pointer to a buffer containing an optional salt. Use NULL diff --git a/src/internal.c b/src/internal.c index 3000b1912..939d25290 100644 --- a/src/internal.c +++ b/src/internal.c @@ -3126,27 +3126,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA, } #endif -#ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256 - if (!dtls && tls && haveRSA) { - suites->suites[idx++] = CIPHER_BYTE; - suites->suites[idx++] = TLS_RSA_WITH_HC_128_B2B256; - } -#endif - -#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256 - if (tls && haveRSA) { - suites->suites[idx++] = CIPHER_BYTE; - suites->suites[idx++] = TLS_RSA_WITH_AES_128_CBC_B2B256; - } -#endif - -#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256 - if (tls && haveRSA) { - suites->suites[idx++] = CIPHER_BYTE; - suites->suites[idx++] = TLS_RSA_WITH_AES_256_CBC_B2B256; - } -#endif - #ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA if (!dtls && tls && haveRSA) { suites->suites[idx++] = CIPHER_BYTE; @@ -8678,21 +8657,8 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) if (requirement == REQUIRES_RSA) return 1; break; - - case TLS_RSA_WITH_HC_128_B2B256: - if (requirement == REQUIRES_RSA) - return 1; - break; #endif /* NO_HC128 */ -#ifdef HAVE_BLAKE2 - case TLS_RSA_WITH_AES_128_CBC_B2B256: - case TLS_RSA_WITH_AES_256_CBC_B2B256: - if (requirement == REQUIRES_RSA) - return 1; - break; -#endif /* HAVE_BLAKE2 */ - #ifndef NO_RABBIT case TLS_RSA_WITH_RABBIT_SHA : if (requirement == REQUIRES_RSA) @@ -17486,18 +17452,6 @@ static const CipherSuiteInfo cipher_names[] = SUITE_INFO("HC128-SHA","TLS_RSA_WITH_HC_128_SHA",CIPHER_BYTE,TLS_RSA_WITH_HC_128_SHA), #endif -#ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256 - SUITE_INFO("HC128-B2B256","TLS_RSA_WITH_HC_128_B2B256",CIPHER_BYTE,TLS_RSA_WITH_HC_128_B2B256), -#endif - -#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256 - SUITE_INFO("AES128-B2B256","TLS_RSA_WITH_AES_128_CBC_B2B256",CIPHER_BYTE,TLS_RSA_WITH_AES_128_CBC_B2B256), -#endif - -#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256 - SUITE_INFO("AES256-B2B256","TLS_RSA_WITH_AES_256_CBC_B2B256",CIPHER_BYTE,TLS_RSA_WITH_AES_256_CBC_B2B256), -#endif - #ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA SUITE_INFO("RABBIT-SHA","TLS_RSA_WITH_RABBIT_SHA",CIPHER_BYTE,TLS_RSA_WITH_RABBIT_SHA), #endif diff --git a/src/keys.c b/src/keys.c index c1cf23496..b28fe72b1 100644 --- a/src/keys.c +++ b/src/keys.c @@ -1866,57 +1866,6 @@ int SetCipherSpecs(WOLFSSL* ssl) break; #endif -#ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256 - case TLS_RSA_WITH_HC_128_B2B256: - ssl->specs.bulk_cipher_algorithm = wolfssl_hc128; - ssl->specs.cipher_type = stream; - ssl->specs.mac_algorithm = blake2b_mac; - ssl->specs.kea = rsa_kea; - ssl->specs.sig_algo = rsa_sa_algo; - ssl->specs.hash_size = BLAKE2B_256; - ssl->specs.pad_size = PAD_SHA; - ssl->specs.static_ecdh = 0; - ssl->specs.key_size = HC_128_KEY_SIZE; - ssl->specs.block_size = 0; - ssl->specs.iv_size = HC_128_IV_SIZE; - - break; -#endif - -#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256 - case TLS_RSA_WITH_AES_128_CBC_B2B256: - ssl->specs.bulk_cipher_algorithm = wolfssl_aes; - ssl->specs.cipher_type = block; - ssl->specs.mac_algorithm = blake2b_mac; - ssl->specs.kea = rsa_kea; - ssl->specs.sig_algo = rsa_sa_algo; - ssl->specs.hash_size = BLAKE2B_256; - ssl->specs.pad_size = PAD_SHA; - ssl->specs.static_ecdh = 0; - ssl->specs.key_size = AES_128_KEY_SIZE; - ssl->specs.iv_size = AES_IV_SIZE; - ssl->specs.block_size = AES_BLOCK_SIZE; - - break; -#endif - -#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256 - case TLS_RSA_WITH_AES_256_CBC_B2B256: - ssl->specs.bulk_cipher_algorithm = wolfssl_aes; - ssl->specs.cipher_type = block; - ssl->specs.mac_algorithm = blake2b_mac; - ssl->specs.kea = rsa_kea; - ssl->specs.sig_algo = rsa_sa_algo; - ssl->specs.hash_size = BLAKE2B_256; - ssl->specs.pad_size = PAD_SHA; - ssl->specs.static_ecdh = 0; - ssl->specs.key_size = AES_256_KEY_SIZE; - ssl->specs.iv_size = AES_IV_SIZE; - ssl->specs.block_size = AES_BLOCK_SIZE; - - break; -#endif - #ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA case TLS_RSA_WITH_RABBIT_SHA : ssl->specs.bulk_cipher_algorithm = wolfssl_rabbit; diff --git a/src/ssl.c b/src/ssl.c index b228b639e..820c2e5d5 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -21444,11 +21444,6 @@ char* wolfSSL_CIPHER_description(const WOLFSSL_CIPHER* cipher, char* in, case sha512_mac: macStr = "SHA512"; break; -#endif -#ifdef HAVE_BLAKE2 - case blake2b_mac: - macStr = "BLAKE2b"; - break; #endif default: macStr = "unknown"; @@ -29356,12 +29351,6 @@ static int _HMAC_Init(Hmac* hmac, int type, void* heap) break; #endif /* WOLFSSL_SHA512 */ - #ifdef HAVE_BLAKE2 - case BLAKE2B_ID: - ret = wc_InitBlake2b(&hmac->hash.blake2b, BLAKE2B_256); - break; - #endif /* HAVE_BLAKE2 */ - #ifdef WOLFSSL_SHA3 case WC_SHA3_224: ret = wc_InitSha3_224(&hmac->hash.sha3, heap, INVALID_DEVID); diff --git a/tests/test-qsh.conf b/tests/test-qsh.conf index 365fbf159..61f8ea031 100644 --- a/tests/test-qsh.conf +++ b/tests/test-qsh.conf @@ -875,30 +875,6 @@ -v 1 -l QSH:HC128-MD5 -# server TLSv1 HC128-B2B256 --v 1 --l QSH:HC128-B2B256 - -# client TLSv1 HC128-B2B256 --v 1 --l QSH:HC128-B2B256 - -# server TLSv1 AES128-B2B256 --v 1 --l QSH:AES128-B2B256 - -# client TLSv1 AES128-B2B256 --v 1 --l QSH:AES128-B2B256 - -# server TLSv1 AES256-B2B256 --v 1 --l QSH:AES256-B2B256 - -# client TLSv1 AES256-B2B256 --v 1 --l QSH:AES256-B2B256 - # server TLSv1.1 HC128-SHA -v 2 -l QSH:HC128-SHA @@ -915,30 +891,6 @@ -v 2 -l QSH:HC128-MD5 -# server TLSv1.1 HC128-B2B256 --v 2 --l QSH:HC128-B2B256 - -# client TLSv1.1 HC128-B2B256 --v 2 --l QSH:HC128-B2B256 - -# server TLSv1.1 AES128-B2B256 --v 2 --l QSH:AES128-B2B256 - -# client TLSv1.1 AES128-B2B256 --v 2 --l QSH:AES128-B2B256 - -# server TLSv1.1 AES256-B2B256 --v 2 --l QSH:AES256-B2B256 - -# client TLSv1.1 AES256-B2B256 --v 2 --l QSH:AES256-B2B256 - # server TLSv1.2 HC128-SHA -v 3 -l QSH:HC128-SHA @@ -955,30 +907,6 @@ -v 3 -l QSH:HC128-MD5 -# server TLSv1.2 HC128-B2B256 --v 3 --l QSH:HC128-B2B256 - -# client TLSv1.2 HC128-B2B256 --v 3 --l QSH:HC128-B2B256 - -# server TLSv1.2 AES128-B2B256 --v 3 --l QSH:AES128-B2B256 - -# client TLSv1.2 AES128-B2B256 --v 3 --l QSH:AES128-B2B256 - -# server TLSv1.2 AES256-B2B256 --v 3 --l QSH:AES256-B2B256 - -# client TLSv1.2 AES256-B2B256 --v 3 --l QSH:AES256-B2B256 - # server TLSv1 RABBIT-SHA -v 1 -l QSH:RABBIT-SHA diff --git a/tests/test.conf b/tests/test.conf index 69a18af02..2e43aa8ee 100644 --- a/tests/test.conf +++ b/tests/test.conf @@ -875,30 +875,6 @@ -v 1 -l HC128-MD5 -# server TLSv1 HC128-B2B256 --v 1 --l HC128-B2B256 - -# client TLSv1 HC128-B2B256 --v 1 --l HC128-B2B256 - -# server TLSv1 AES128-B2B256 --v 1 --l AES128-B2B256 - -# client TLSv1 AES128-B2B256 --v 1 --l AES128-B2B256 - -# server TLSv1 AES256-B2B256 --v 1 --l AES256-B2B256 - -# client TLSv1 AES256-B2B256 --v 1 --l AES256-B2B256 - # server TLSv1.1 HC128-SHA -v 2 -l HC128-SHA @@ -915,30 +891,6 @@ -v 2 -l HC128-MD5 -# server TLSv1.1 HC128-B2B256 --v 2 --l HC128-B2B256 - -# client TLSv1.1 HC128-B2B256 --v 2 --l HC128-B2B256 - -# server TLSv1.1 AES128-B2B256 --v 2 --l AES128-B2B256 - -# client TLSv1.1 AES128-B2B256 --v 2 --l AES128-B2B256 - -# server TLSv1.1 AES256-B2B256 --v 2 --l AES256-B2B256 - -# client TLSv1.1 AES256-B2B256 --v 2 --l AES256-B2B256 - # server TLSv1.2 HC128-SHA -v 3 -l HC128-SHA @@ -955,30 +907,6 @@ -v 3 -l HC128-MD5 -# server TLSv1.2 HC128-B2B256 --v 3 --l HC128-B2B256 - -# client TLSv1.2 HC128-B2B256 --v 3 --l HC128-B2B256 - -# server TLSv1.2 AES128-B2B256 --v 3 --l AES128-B2B256 - -# client TLSv1.2 AES128-B2B256 --v 3 --l AES128-B2B256 - -# server TLSv1.2 AES256-B2B256 --v 3 --l AES256-B2B256 - -# client TLSv1.2 AES256-B2B256 --v 3 --l AES256-B2B256 - # server TLSv1 RABBIT-SHA -v 1 -l RABBIT-SHA diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c index 457370af4..45200b06b 100644 --- a/wolfcrypt/src/hmac.c +++ b/wolfcrypt/src/hmac.c @@ -65,8 +65,7 @@ { if (hmac == NULL || (key == NULL && keySz != 0) || !(type == WC_MD5 || type == WC_SHA || type == WC_SHA256 || - type == WC_SHA384 || type == WC_SHA512 || - type == BLAKE2B_ID)) { + type == WC_SHA384 || type == WC_SHA512)) { return BAD_FUNC_ARG; } @@ -131,8 +130,7 @@ int wc_HmacSizeByType(int type) type == WC_SHA224 || type == WC_SHA256 || type == WC_SHA384 || type == WC_SHA512 || type == WC_SHA3_224 || type == WC_SHA3_256 || - type == WC_SHA3_384 || type == WC_SHA3_512 || - type == BLAKE2B_ID)) { + type == WC_SHA3_384 || type == WC_SHA3_512)) { return BAD_FUNC_ARG; } @@ -172,12 +170,6 @@ int wc_HmacSizeByType(int type) break; #endif /* WOLFSSL_SHA512 */ - #ifdef HAVE_BLAKE2 - case BLAKE2B_ID: - ret = BLAKE2B_OUTBYTES; - break; - #endif /* HAVE_BLAKE2 */ - #ifdef WOLFSSL_SHA3 case WC_SHA3_224: ret = WC_SHA3_224_DIGEST_SIZE; @@ -245,12 +237,6 @@ int _InitHmac(Hmac* hmac, int type, void* heap) break; #endif /* WOLFSSL_SHA512 */ - #ifdef HAVE_BLAKE2 - case BLAKE2B_ID: - ret = wc_InitBlake2b(&hmac->hash.blake2b, BLAKE2B_256); - break; - #endif /* HAVE_BLAKE2 */ - #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 case WC_SHA3_224: @@ -303,8 +289,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) type == WC_SHA224 || type == WC_SHA256 || type == WC_SHA384 || type == WC_SHA512 || type == WC_SHA3_224 || type == WC_SHA3_256 || - type == WC_SHA3_384 || type == WC_SHA3_512 || - type == BLAKE2B_ID)) { + type == WC_SHA3_384 || type == WC_SHA3_512)) { return BAD_FUNC_ARG; } @@ -457,27 +442,6 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) break; #endif /* WOLFSSL_SHA512 */ - #ifdef HAVE_BLAKE2 - case BLAKE2B_ID: - hmac_block_size = BLAKE2B_BLOCKBYTES; - if (length <= BLAKE2B_BLOCKBYTES) { - if (key != NULL) { - XMEMCPY(ip, key, length); - } - } - else { - ret = wc_Blake2bUpdate(&hmac->hash.blake2b, key, length); - if (ret != 0) - break; - ret = wc_Blake2bFinal(&hmac->hash.blake2b, ip, BLAKE2B_256); - if (ret != 0) - break; - - length = BLAKE2B_256; - } - break; - #endif /* HAVE_BLAKE2 */ - #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 case WC_SHA3_224: @@ -643,13 +607,6 @@ static int HmacKeyInnerHash(Hmac* hmac) break; #endif /* WOLFSSL_SHA512 */ - #ifdef HAVE_BLAKE2 - case BLAKE2B_ID: - ret = wc_Blake2bUpdate(&hmac->hash.blake2b, (byte*)hmac->ipad, - BLAKE2B_BLOCKBYTES); - break; - #endif /* HAVE_BLAKE2 */ - #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 case WC_SHA3_224: @@ -760,12 +717,6 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length) break; #endif /* WOLFSSL_SHA512 */ - #ifdef HAVE_BLAKE2 - case BLAKE2B_ID: - ret = wc_Blake2bUpdate(&hmac->hash.blake2b, msg, length); - break; - #endif /* HAVE_BLAKE2 */ - #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 case WC_SHA3_224: @@ -939,24 +890,6 @@ int wc_HmacFinal(Hmac* hmac, byte* hash) break; #endif /* WOLFSSL_SHA512 */ - #ifdef HAVE_BLAKE2 - case BLAKE2B_ID: - ret = wc_Blake2bFinal(&hmac->hash.blake2b, (byte*)hmac->innerHash, - BLAKE2B_256); - if (ret != 0) - break; - ret = wc_Blake2bUpdate(&hmac->hash.blake2b, (byte*)hmac->opad, - BLAKE2B_BLOCKBYTES); - if (ret != 0) - break; - ret = wc_Blake2bUpdate(&hmac->hash.blake2b, (byte*)hmac->innerHash, - BLAKE2B_256); - if (ret != 0) - break; - ret = wc_Blake2bFinal(&hmac->hash.blake2b, hash, BLAKE2B_256); - break; - #endif /* HAVE_BLAKE2 */ - #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 case WC_SHA3_224: @@ -1136,11 +1069,6 @@ void wc_HmacFree(Hmac* hmac) break; #endif /* WOLFSSL_SHA512 */ - #ifdef HAVE_BLAKE2 - case BLAKE2B_ID: - break; - #endif /* HAVE_BLAKE2 */ - #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 case WC_SHA3_224: diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 272543f6d..872689c9a 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -289,7 +289,6 @@ int hmac_sha224_test(void); int hmac_sha256_test(void); int hmac_sha384_test(void); int hmac_sha512_test(void); -int hmac_blake2b_test(void); int hmac_sha3_test(void); int hkdf_test(void); int x963kdf_test(void); @@ -749,13 +748,6 @@ initDefaultName(); test_pass("HMAC-SHA512 test passed!\n"); #endif - #ifdef HAVE_BLAKE2 - if ( (ret = hmac_blake2b_test()) != 0) - return err_sys("HMAC-BLAKE2 test failed!\n", ret); - else - test_pass("HMAC-BLAKE2 test passed!\n"); - #endif - #if !defined(NO_HMAC) && defined(WOLFSSL_SHA3) && \ !defined(WOLFSSL_NOSHA3_224) && !defined(WOLFSSL_NOSHA3_256) && \ !defined(WOLFSSL_NOSHA3_384) && !defined(WOLFSSL_NOSHA3_512) @@ -3684,95 +3676,6 @@ int hmac_sha256_test(void) #endif -#if !defined(NO_HMAC) && defined(HAVE_BLAKE2) -int hmac_blake2b_test(void) -{ - Hmac hmac; - byte hash[BLAKE2B_256]; - - const char* keys[]= - { - "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" - "\x0b\x0b\x0b", - "Jefe", - "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" - "\xAA\xAA\xAA" - }; - - testVector a, b, c; - testVector test_hmac[3]; - - int ret; - int times = sizeof(test_hmac) / sizeof(testVector), i; - - a.input = "Hi There"; - a.output = "\x72\x93\x0d\xdd\xf5\xf7\xe1\x78\x38\x07\x44\x18\x0b\x3f\x51" - "\x37\x25\xb5\x82\xc2\x08\x83\x2f\x1c\x99\xfd\x03\xa0\x16\x75" - "\xac\xfd"; - a.inLen = XSTRLEN(a.input); - a.outLen = BLAKE2B_256; - - b.input = "what do ya want for nothing?"; - b.output = "\x3d\x20\x50\x71\x05\xc0\x8c\x0c\x38\x44\x1e\xf7\xf9\xd1\x67" - "\x21\xff\x64\xf5\x94\x00\xcf\xf9\x75\x41\xda\x88\x61\x9d\x7c" - "\xda\x2b"; - b.inLen = XSTRLEN(b.input); - b.outLen = BLAKE2B_256; - - c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD"; - c.output = "\xda\xfe\x2a\x24\xfc\xe7\xea\x36\x34\xbe\x41\x92\xc7\x11\xa7" - "\x00\xae\x53\x9c\x11\x9c\x80\x74\x55\x22\x25\x4a\xb9\x55\xd3" - "\x0f\x87"; - c.inLen = XSTRLEN(c.input); - c.outLen = BLAKE2B_256; - - test_hmac[0] = a; - test_hmac[1] = b; - test_hmac[2] = c; - - for (i = 0; i < times; ++i) { -#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM) - if (i == 1) - continue; /* cavium can't handle short keys, fips not allowed */ -#endif - - #if !defined(HAVE_CAVIUM_V) - /* Blake2 only supported on Cavium Nitrox III */ - if (wc_HmacInit(&hmac, HEAP_HINT, devId) != 0) - return -3600; - #endif - - ret = wc_HmacSetKey(&hmac, BLAKE2B_ID, (byte*)keys[i], - (word32)XSTRLEN(keys[i])); - if (ret != 0) - return -3601; - ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input, - (word32)test_hmac[i].inLen); - if (ret != 0) - return -3602; - ret = wc_HmacFinal(&hmac, hash); - if (ret != 0) - return -3603; - - if (XMEMCMP(hash, test_hmac[i].output, BLAKE2B_256) != 0) - return -3604 - i; - - wc_HmacFree(&hmac); - } - -#ifndef HAVE_FIPS - if (wc_HmacSizeByType(BLAKE2B_ID) != BLAKE2B_OUTBYTES) - return -3614; -#endif - - return 0; -} -#endif - - #if !defined(NO_HMAC) && defined(WOLFSSL_SHA384) int hmac_sha384_test(void) { diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 75e10fc61..3dd9d32f4 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -344,14 +344,6 @@ #define BUILD_TLS_RSA_WITH_AES_256_CCM_8 #endif #endif - #if defined(HAVE_BLAKE2) && defined(HAVE_AES_CBC) - #ifdef WOLFSSL_AES_128 - #define BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256 - #endif - #ifdef WOLFSSL_AES_256 - #define BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256 - #endif - #endif #endif #endif @@ -456,9 +448,6 @@ #if !defined(NO_SHA) #define BUILD_TLS_RSA_WITH_HC_128_SHA #endif - #if defined(HAVE_BLAKE2) - #define BUILD_TLS_RSA_WITH_HC_128_B2B256 - #endif #endif #if !defined(NO_RABBIT) && !defined(NO_TLS) && !defined(NO_RSA) @@ -879,8 +868,7 @@ #endif #if defined(BUILD_TLS_RSA_WITH_HC_128_SHA) || \ - defined(BUILD_TLS_RSA_WITH_HC_128_MD5) || \ - defined(BUILD_TLS_RSA_WITH_HC_128_B2B256) + defined(BUILD_TLS_RSA_WITH_HC_128_MD5) #define BUILD_HC128 #endif @@ -991,11 +979,6 @@ enum { TLS_RSA_WITH_RABBIT_SHA = 0xFD, WDM_WITH_NULL_SHA256 = 0xFE, /* wolfSSL DTLS Multicast */ - /* wolfSSL extension - Blake2b 256 */ - TLS_RSA_WITH_AES_128_CBC_B2B256 = 0xF8, - TLS_RSA_WITH_AES_256_CBC_B2B256 = 0xF9, - TLS_RSA_WITH_HC_128_B2B256 = 0xFA, /* eSTREAM too */ - /* wolfSSL extension - NTRU */ TLS_NTRU_RSA_WITH_RC4_128_SHA = 0xe5, TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA = 0xe6, diff --git a/wolfssl/wolfcrypt/hmac.h b/wolfssl/wolfcrypt/hmac.h index 83c93699b..02a758668 100644 --- a/wolfssl/wolfcrypt/hmac.h +++ b/wolfssl/wolfcrypt/hmac.h @@ -84,12 +84,6 @@ enum { #ifndef WOLFSSL_SHA384 WC_SHA384 = WC_HASH_TYPE_SHA384, #endif -#ifndef HAVE_BLAKE2B - BLAKE2B_ID = WC_HASH_TYPE_BLAKE2B, -#endif -#ifndef HAVE_BLAKE2S - BLAKE2S_ID = WC_HASH_TYPE_BLAKE2S, -#endif #ifndef WOLFSSL_SHA224 WC_SHA224 = WC_HASH_TYPE_SHA224, #endif @@ -107,9 +101,9 @@ enum { /* Select the largest available hash for the buffer size. */ #define WC_HMAC_BLOCK_SIZE WC_MAX_BLOCK_SIZE -#if !defined(WOLFSSL_SHA3) && !defined(WOLFSSL_SHA512) && !defined(HAVE_BLAKE2) && \ - !defined(WOLFSSL_SHA384) && defined(NO_SHA256) && defined(WOLFSSL_SHA224) && \ - defined(NO_SHA) && defined(NO_MD5) +#if !defined(WOLFSSL_SHA3) && !defined(WOLFSSL_SHA512) && \ + !defined(WOLFSSL_SHA384) && defined(NO_SHA256) && \ + defined(WOLFSSL_SHA224) && defined(NO_SHA) && defined(NO_MD5) #error "You have to have some kind of hash if you want to use HMAC." #endif @@ -134,9 +128,6 @@ typedef union { #ifdef WOLFSSL_SHA512 wc_Sha512 sha512; #endif -#ifdef HAVE_BLAKE2 - Blake2b blake2b; -#endif #ifdef WOLFSSL_SHA3 wc_Sha3 sha3; #endif