Merge remote-tracking branch 'upstream-public/pr/1294' into development

This commit is contained in:
Jaeden Amero 2018-01-25 14:47:39 +00:00
commit 005239e3ed
36 changed files with 2175 additions and 682 deletions

View file

@ -47,12 +47,25 @@ API Changes
purpose or CRT and/or blinding.
* The configuration option MBEDTLS_RSA_ALT can be used to define alternative
implementations of the RSA interface declared in rsa.h.
* The following functions in the message digest modules (MD2, MD4, MD5,
SHA1, SHA256, SHA512) have been deprecated and replaced as shown below.
The new functions change the return type from void to int to allow
returning error codes when using MBEDTLS_<MODULE>_ALT.
mbedtls_<MODULE>_starts() -> mbedtls_<MODULE>_starts_ret()
mbedtls_<MODULE>_update() -> mbedtls_<MODULE>_update_ret()
mbedtls_<MODULE>_finish() -> mbedtls_<MODULE>_finish_ret()
mbedtls_<MODULE>_process() -> mbedtls_internal_<MODULE>_process()
New deprecations
* Deprecate usage of RSA primitives with non-matching key-type
(e.g., signing with a public key).
* Direct manipulation of structure fields of RSA contexts is deprecated.
Users are advised to use the extended RSA API instead.
* Deprecate usage of message digest functions that return void
(mbedtls_<MODULE>_starts, mbedtls_<MODULE>_update,
mbedtls_<MODULE>_finish and mbedtls_<MODULE>_process where <MODULE> is
any of MD2, MD4, MD5, SHA1, SHA256, SHA512) in favor of functions
that can return an error code.
Bugfix
* Fix ssl_parse_record_header() to silently discard invalid DTLS records
@ -109,6 +122,13 @@ Bugfix
* Fix bug in cipher decryption with MBEDTLS_PADDING_ONE_AND_ZEROS that
sometimes accepted invalid padding. (Not used in TLS.) Found and fixed
by Micha Kraus.
* Fix the entropy.c module to not call mbedtls_sha256_starts() or
mbedtls_sha512_starts() in the mbedtls_entropy_init() function.
* Fix the entropy.c module to ensure that mbedtls_sha256_init() or
mbedtls_sha512_init() is called before operating on the relevant context
structure. Do not assume that zeroizing a context is a correct way to
reset it. Found independently by ccli8 on Github.
* In mbedtls_entropy_free(), properly free the message digest context.
Changes
* Extend cert_write example program by options to set the CRT version
@ -122,6 +142,10 @@ Changes
* Tighten the RSA PKCS#1 v1.5 signature verification code and remove the
undeclared dependency of the RSA module on the ASN.1 module.
* Add mechanism to provide alternative implementation of the DHM module.
* Update all internal usage of deprecated message digest functions to the
new ones with return codes. In particular, this modifies the
mbedtls_md_info_t structure. Propagate errors from these functions
everywhere except some locations in the ssl_tls.c module.
= mbed TLS 2.6.0 branch released 2017-08-10

View file

@ -122,6 +122,7 @@ mbedtls_entropy_source_state;
*/
typedef struct
{
int accumulator_started;
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512_context accumulator;
#else

View file

@ -65,8 +65,15 @@
* NET 11 0x0042-0x0052 0x0043-0x0045
* ASN1 7 0x0060-0x006C
* PBKDF2 1 0x007C-0x007C
* HMAC_DRBG 4 0x0003-0x0009
* HMAC_DRBG 4 0x0003-0x0009
* CCM 2 0x000D-0x000F
* MD2 1 0x002B-0x002B
* MD4 1 0x002D-0x002D
* MD5 1 0x002F-0x002F
* RIPEMD160 1 0x0031-0x0031
* SHA1 1 0x0035-0x0035
* SHA256 1 0x0037-0x0037
* SHA512 1 0x0039-0x0039
*
* High-level module nr (3 bits - 0x0...-0x7...)
* Name ID Nr of Errors

View file

@ -32,6 +32,13 @@
#include <stddef.h>
#define MBEDTLS_ERR_MD2_HW_ACCEL_FAILED -0x002B /**< MD2 hardware accelerator failed */
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if !defined(MBEDTLS_MD2_ALT)
// Regular implementation
//
@ -79,25 +86,110 @@ void mbedtls_md2_clone( mbedtls_md2_context *dst,
* \brief MD2 context setup
*
* \param ctx context to be initialized
*
* \return 0 if successful
*/
void mbedtls_md2_starts( mbedtls_md2_context *ctx );
int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx );
/**
* \brief MD2 process buffer
*
* \param ctx MD2 context
* \param input buffer holding the data
* \param input buffer holding the data
* \param ilen length of the input data
*
* \return 0 if successful
*/
void mbedtls_md2_update( mbedtls_md2_context *ctx, const unsigned char *input, size_t ilen );
int mbedtls_md2_update_ret( mbedtls_md2_context *ctx,
const unsigned char *input,
size_t ilen );
/**
* \brief MD2 final digest
*
* \param ctx MD2 context
* \param output MD2 checksum result
*
* \return 0 if successful
*/
void mbedtls_md2_finish( mbedtls_md2_context *ctx, unsigned char output[16] );
int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx,
unsigned char output[16] );
/**
* \brief MD2 process data block (internal use only)
*
* \param ctx MD2 context
*
* \return 0 if successful
*/
int mbedtls_internal_md2_process( mbedtls_md2_context *ctx );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief MD2 context setup
*
* \deprecated Superseded by mbedtls_md2_starts_ret() in 2.7.0
*
* \param ctx context to be initialized
*/
MBEDTLS_DEPRECATED static inline void mbedtls_md2_starts(
mbedtls_md2_context *ctx )
{
mbedtls_md2_starts_ret( ctx );
}
/**
* \brief MD2 process buffer
*
* \deprecated Superseded by mbedtls_md2_update_ret() in 2.7.0
*
* \param ctx MD2 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
MBEDTLS_DEPRECATED static inline void mbedtls_md2_update(
mbedtls_md2_context *ctx,
const unsigned char *input,
size_t ilen )
{
mbedtls_md2_update_ret( ctx, input, ilen );
}
/**
* \brief MD2 final digest
*
* \deprecated Superseded by mbedtls_md2_finish_ret() in 2.7.0
*
* \param ctx MD2 context
* \param output MD2 checksum result
*/
MBEDTLS_DEPRECATED static inline void mbedtls_md2_finish(
mbedtls_md2_context *ctx,
unsigned char output[16] )
{
mbedtls_md2_finish_ret( ctx, output );
}
/**
* \brief MD2 process data block (internal use only)
*
* \deprecated Superseded by mbedtls_internal_md2_process() in 2.7.0
*
* \param ctx MD2 context
*/
MBEDTLS_DEPRECATED static inline void mbedtls_md2_process(
mbedtls_md2_context *ctx )
{
mbedtls_internal_md2_process( ctx );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#ifdef __cplusplus
}
@ -114,11 +206,38 @@ extern "C" {
/**
* \brief Output = MD2( input buffer )
*
* \param input buffer holding the data
* \param input buffer holding the data
* \param ilen length of the input data
* \param output MD2 checksum result
*/
void mbedtls_md2( const unsigned char *input, size_t ilen, unsigned char output[16] );
int mbedtls_md2_ret( const unsigned char *input,
size_t ilen,
unsigned char output[16] );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief Output = MD2( input buffer )
*
* \deprecated Superseded by mbedtls_md2_ret() in 2.7.0
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output MD2 checksum result
*/
MBEDTLS_DEPRECATED static inline void mbedtls_md2( const unsigned char *input,
size_t ilen,
unsigned char output[16] )
{
mbedtls_md2_ret( input, ilen, output );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
/**
* \brief Checkup routine
@ -127,9 +246,6 @@ void mbedtls_md2( const unsigned char *input, size_t ilen, unsigned char output[
*/
int mbedtls_md2_self_test( int verbose );
/* Internal use */
void mbedtls_md2_process( mbedtls_md2_context *ctx );
#ifdef __cplusplus
}
#endif

View file

@ -33,6 +33,13 @@
#include <stddef.h>
#include <stdint.h>
#define MBEDTLS_ERR_MD4_HW_ACCEL_FAILED -0x002D /**< MD4 hardware accelerator failed */
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if !defined(MBEDTLS_MD4_ALT)
// Regular implementation
//
@ -79,25 +86,114 @@ void mbedtls_md4_clone( mbedtls_md4_context *dst,
* \brief MD4 context setup
*
* \param ctx context to be initialized
*
* \return 0 if successful
*/
void mbedtls_md4_starts( mbedtls_md4_context *ctx );
int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx );
/**
* \brief MD4 process buffer
*
* \param ctx MD4 context
* \param input buffer holding the data
* \param input buffer holding the data
* \param ilen length of the input data
*
* \return 0 if successful
*/
void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, size_t ilen );
int mbedtls_md4_update_ret( mbedtls_md4_context *ctx,
const unsigned char *input,
size_t ilen );
/**
* \brief MD4 final digest
*
* \param ctx MD4 context
* \param output MD4 checksum result
*
* \return 0 if successful
*/
void mbedtls_md4_finish( mbedtls_md4_context *ctx, unsigned char output[16] );
int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx,
unsigned char output[16] );
/**
* \brief MD4 process data block (internal use only)
*
* \param ctx MD4 context
* \param data buffer holding one block of data
*
* \return 0 if successful
*/
int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
const unsigned char data[64] );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief MD4 context setup
*
* \deprecated Superseded by mbedtls_md4_starts_ret() in 2.7.0
*
* \param ctx context to be initialized
*/
MBEDTLS_DEPRECATED static inline void mbedtls_md4_starts(
mbedtls_md4_context *ctx )
{
mbedtls_md4_starts_ret( ctx );
}
/**
* \brief MD4 process buffer
*
* \deprecated Superseded by mbedtls_md4_update_ret() in 2.7.0
*
* \param ctx MD4 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
MBEDTLS_DEPRECATED static inline void mbedtls_md4_update(
mbedtls_md4_context *ctx,
const unsigned char *input,
size_t ilen )
{
mbedtls_md4_update_ret( ctx, input, ilen );
}
/**
* \brief MD4 final digest
*
* \deprecated Superseded by mbedtls_md4_finish_ret() in 2.7.0
*
* \param ctx MD4 context
* \param output MD4 checksum result
*/
MBEDTLS_DEPRECATED static inline void mbedtls_md4_finish(
mbedtls_md4_context *ctx,
unsigned char output[16] )
{
mbedtls_md4_finish_ret( ctx, output );
}
/**
* \brief MD4 process data block (internal use only)
*
* \deprecated Superseded by mbedtls_internal_md4_process() in 2.7.0
*
* \param ctx MD4 context
* \param data buffer holding one block of data
*/
MBEDTLS_DEPRECATED static inline void mbedtls_md4_process(
mbedtls_md4_context *ctx,
const unsigned char data[64] )
{
mbedtls_internal_md4_process( ctx, data );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#ifdef __cplusplus
}
@ -114,11 +210,40 @@ extern "C" {
/**
* \brief Output = MD4( input buffer )
*
* \param input buffer holding the data
* \param input buffer holding the data
* \param ilen length of the input data
* \param output MD4 checksum result
*
* \return 0 if successful
*/
int mbedtls_md4_ret( const unsigned char *input,
size_t ilen,
unsigned char output[16] );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief Output = MD4( input buffer )
*
* \deprecated Superseded by mbedtls_md4_ret() in 2.7.0
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output MD4 checksum result
*/
void mbedtls_md4( const unsigned char *input, size_t ilen, unsigned char output[16] );
MBEDTLS_DEPRECATED static inline void mbedtls_md4( const unsigned char *input,
size_t ilen,
unsigned char output[16] )
{
mbedtls_md4_ret( input, ilen, output );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
/**
* \brief Checkup routine
@ -127,9 +252,6 @@ void mbedtls_md4( const unsigned char *input, size_t ilen, unsigned char output[
*/
int mbedtls_md4_self_test( int verbose );
/* Internal use */
void mbedtls_md4_process( mbedtls_md4_context *ctx, const unsigned char data[64] );
#ifdef __cplusplus
}
#endif

View file

@ -33,10 +33,17 @@
#include <stddef.h>
#include <stdint.h>
#define MBEDTLS_ERR_MD5_HW_ACCEL_FAILED -0x002F /**< MD5 hardware accelerator failed */
#if !defined(MBEDTLS_MD5_ALT)
// Regular implementation
//
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#ifdef __cplusplus
extern "C" {
#endif
@ -79,28 +86,114 @@ void mbedtls_md5_clone( mbedtls_md5_context *dst,
* \brief MD5 context setup
*
* \param ctx context to be initialized
*
* \return 0 if successful
*/
void mbedtls_md5_starts( mbedtls_md5_context *ctx );
int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx );
/**
* \brief MD5 process buffer
*
* \param ctx MD5 context
* \param input buffer holding the data
* \param input buffer holding the data
* \param ilen length of the input data
*
* \return 0 if successful
*/
void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen );
int mbedtls_md5_update_ret( mbedtls_md5_context *ctx,
const unsigned char *input,
size_t ilen );
/**
* \brief MD5 final digest
*
* \param ctx MD5 context
* \param output MD5 checksum result
*
* \return 0 if successful
*/
void mbedtls_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] );
int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx,
unsigned char output[16] );
/* Internal use */
void mbedtls_md5_process( mbedtls_md5_context *ctx, const unsigned char data[64] );
/**
* \brief MD5 process data block (internal use only)
*
* \param ctx MD5 context
* \param data buffer holding one block of data
*
* \return 0 if successful
*/
int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
const unsigned char data[64] );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief MD5 context setup
*
* \deprecated Superseded by mbedtls_md5_starts_ret() in 2.7.0
*
* \param ctx context to be initialized
*/
MBEDTLS_DEPRECATED static inline void mbedtls_md5_starts(
mbedtls_md5_context *ctx )
{
mbedtls_md5_starts_ret( ctx );
}
/**
* \brief MD5 process buffer
*
* \deprecated Superseded by mbedtls_md5_update_ret() in 2.7.0
*
* \param ctx MD5 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
MBEDTLS_DEPRECATED static inline void mbedtls_md5_update(
mbedtls_md5_context *ctx,
const unsigned char *input,
size_t ilen )
{
mbedtls_md5_update_ret( ctx, input, ilen );
}
/**
* \brief MD5 final digest
*
* \deprecated Superseded by mbedtls_md5_finish_ret() in 2.7.0
*
* \param ctx MD5 context
* \param output MD5 checksum result
*/
MBEDTLS_DEPRECATED static inline void mbedtls_md5_finish(
mbedtls_md5_context *ctx,
unsigned char output[16] )
{
mbedtls_md5_finish_ret( ctx, output );
}
/**
* \brief MD5 process data block (internal use only)
*
* \deprecated Superseded by mbedtls_internal_md5_process() in 2.7.0
*
* \param ctx MD5 context
* \param data buffer holding one block of data
*/
MBEDTLS_DEPRECATED static inline void mbedtls_md5_process(
mbedtls_md5_context *ctx,
const unsigned char data[64] )
{
mbedtls_internal_md5_process( ctx, data );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#ifdef __cplusplus
}
@ -117,11 +210,40 @@ extern "C" {
/**
* \brief Output = MD5( input buffer )
*
* \param input buffer holding the data
* \param input buffer holding the data
* \param ilen length of the input data
* \param output MD5 checksum result
*
* \return 0 if successful
*/
int mbedtls_md5_ret( const unsigned char *input,
size_t ilen,
unsigned char output[16] );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief Output = MD5( input buffer )
*
* \deprecated Superseded by mbedtls_md5_ret() in 2.7.0
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output MD5 checksum result
*/
void mbedtls_md5( const unsigned char *input, size_t ilen, unsigned char output[16] );
MBEDTLS_DEPRECATED static inline void mbedtls_md5( const unsigned char *input,
size_t ilen,
unsigned char output[16] )
{
mbedtls_md5_ret( input, ilen, output );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
/**
* \brief Checkup routine

View file

@ -59,17 +59,17 @@ struct mbedtls_md_info_t
int block_size;
/** Digest initialisation function */
void (*starts_func)( void *ctx );
int (*starts_func)( void *ctx );
/** Digest update function */
void (*update_func)( void *ctx, const unsigned char *input, size_t ilen );
int (*update_func)( void *ctx, const unsigned char *input, size_t ilen );
/** Digest finalisation function */
void (*finish_func)( void *ctx, unsigned char *output );
int (*finish_func)( void *ctx, unsigned char *output );
/** Generic digest function */
void (*digest_func)( const unsigned char *input, size_t ilen,
unsigned char *output );
int (*digest_func)( const unsigned char *input, size_t ilen,
unsigned char *output );
/** Allocate a new context */
void * (*ctx_alloc_func)( void );
@ -81,7 +81,7 @@ struct mbedtls_md_info_t
void (*clone_func)( void *dst, const void *src );
/** Internal use only */
void (*process_func)( void *ctx, const unsigned char *input );
int (*process_func)( void *ctx, const unsigned char *input );
};
#if defined(MBEDTLS_MD2_C)

View file

@ -33,6 +33,13 @@
#include <stddef.h>
#include <stdint.h>
#define MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED -0x0031 /**< RIPEMD160 hardware accelerator failed */
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if !defined(MBEDTLS_RIPEMD160_ALT)
// Regular implementation
//
@ -79,36 +86,121 @@ void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst,
* \brief RIPEMD-160 context setup
*
* \param ctx context to be initialized
*
* \return 0 if successful
*/
void mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx );
int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx );
/**
* \brief RIPEMD-160 process buffer
*
* \param ctx RIPEMD-160 context
* \param input buffer holding the data
* \param input buffer holding the data
* \param ilen length of the input data
*
* \return 0 if successful
*/
void mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx,
const unsigned char *input, size_t ilen );
int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx,
const unsigned char *input,
size_t ilen );
/**
* \brief RIPEMD-160 final digest
*
* \param ctx RIPEMD-160 context
* \param output RIPEMD-160 checksum result
*
* \return 0 if successful
*/
void mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, unsigned char output[20] );
int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx,
unsigned char output[20] );
/* Internal use */
void mbedtls_ripemd160_process( mbedtls_ripemd160_context *ctx, const unsigned char data[64] );
/**
* \brief RIPEMD-160 process data block (internal use only)
*
* \param ctx RIPEMD-160 context
* \param data buffer holding one block of data
*
* \return 0 if successful
*/
int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
const unsigned char data[64] );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief RIPEMD-160 context setup
*
* \deprecated Superseded by mbedtls_ripemd160_starts_ret() in 2.7.0
*
* \param ctx context to be initialized
*/
MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160_starts(
mbedtls_ripemd160_context *ctx )
{
mbedtls_ripemd160_starts_ret( ctx );
}
/**
* \brief RIPEMD-160 process buffer
*
* \deprecated Superseded by mbedtls_ripemd160_update_ret() in 2.7.0
*
* \param ctx RIPEMD-160 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160_update(
mbedtls_ripemd160_context *ctx,
const unsigned char *input,
size_t ilen )
{
mbedtls_ripemd160_update_ret( ctx, input, ilen );
}
/**
* \brief RIPEMD-160 final digest
*
* \deprecated Superseded by mbedtls_ripemd160_finish_ret() in 2.7.0
*
* \param ctx RIPEMD-160 context
* \param output RIPEMD-160 checksum result
*/
MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160_finish(
mbedtls_ripemd160_context *ctx,
unsigned char output[20] )
{
mbedtls_ripemd160_finish_ret( ctx, output );
}
/**
* \brief RIPEMD-160 process data block (internal use only)
*
* \deprecated Superseded by mbedtls_internal_ripemd160_process() in 2.7.0
*
* \param ctx RIPEMD-160 context
* \param data buffer holding one block of data
*/
MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160_process(
mbedtls_ripemd160_context *ctx,
const unsigned char data[64] )
{
mbedtls_internal_ripemd160_process( ctx, data );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#ifdef __cplusplus
}
#endif
#else /* MBEDTLS_RIPEMD160_ALT */
#include "ripemd160.h"
#include "ripemd160_alt.h"
#endif /* MBEDTLS_RIPEMD160_ALT */
#ifdef __cplusplus
@ -118,12 +210,41 @@ extern "C" {
/**
* \brief Output = RIPEMD-160( input buffer )
*
* \param input buffer holding the data
* \param input buffer holding the data
* \param ilen length of the input data
* \param output RIPEMD-160 checksum result
*
* \return 0 if successful
*/
int mbedtls_ripemd160_ret( const unsigned char *input,
size_t ilen,
unsigned char output[20] );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief Output = RIPEMD-160( input buffer )
*
* \deprecated Superseded by mbedtls_ripemd160_ret() in 2.7.0
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output RIPEMD-160 checksum result
*/
void mbedtls_ripemd160( const unsigned char *input, size_t ilen,
unsigned char output[20] );
MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160(
const unsigned char *input,
size_t ilen,
unsigned char output[20] )
{
mbedtls_ripemd160_ret( input, ilen, output );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
/**
* \brief Checkup routine

View file

@ -33,6 +33,13 @@
#include <stddef.h>
#include <stdint.h>
#define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED -0x0035 /**< SHA-1 hardware accelerator failed */
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if !defined(MBEDTLS_SHA1_ALT)
// Regular implementation
//
@ -79,28 +86,114 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
* \brief SHA-1 context setup
*
* \param ctx context to be initialized
*
* \return 0 if successful
*/
void mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx );
/**
* \brief SHA-1 process buffer
*
* \param ctx SHA-1 context
* \param input buffer holding the data
* \param input buffer holding the data
* \param ilen length of the input data
*
* \return 0 if successful
*/
void mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen );
int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
const unsigned char *input,
size_t ilen );
/**
* \brief SHA-1 final digest
*
* \param ctx SHA-1 context
* \param output SHA-1 checksum result
*
* \return 0 if successful
*/
void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] );
int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
unsigned char output[20] );
/* Internal use */
void mbedtls_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[64] );
/**
* \brief SHA-1 process data block (internal use only)
*
* \param ctx SHA-1 context
* \param data buffer holding one block of data
*
* \return 0 if successful
*/
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
const unsigned char data[64] );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief SHA-1 context setup
*
* \deprecated Superseded by mbedtls_sha1_starts_ret() in 2.7.0
*
* \param ctx context to be initialized
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha1_starts(
mbedtls_sha1_context *ctx )
{
mbedtls_sha1_starts_ret( ctx );
}
/**
* \brief SHA-1 process buffer
*
* \deprecated Superseded by mbedtls_sha1_update_ret() in 2.7.0
*
* \param ctx SHA-1 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha1_update(
mbedtls_sha1_context *ctx,
const unsigned char *input,
size_t ilen )
{
mbedtls_sha1_update_ret( ctx, input, ilen );
}
/**
* \brief SHA-1 final digest
*
* \deprecated Superseded by mbedtls_sha1_finish_ret() in 2.7.0
*
* \param ctx SHA-1 context
* \param output SHA-1 checksum result
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha1_finish(
mbedtls_sha1_context *ctx,
unsigned char output[20] )
{
mbedtls_sha1_finish_ret( ctx, output );
}
/**
* \brief SHA-1 process data block (internal use only)
*
* \deprecated Superseded by mbedtls_internal_sha1_process() in 2.7.0
*
* \param ctx SHA-1 context
* \param data buffer holding one block of data
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha1_process(
mbedtls_sha1_context *ctx,
const unsigned char data[64] )
{
mbedtls_internal_sha1_process( ctx, data );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#ifdef __cplusplus
}
@ -117,11 +210,40 @@ extern "C" {
/**
* \brief Output = SHA-1( input buffer )
*
* \param input buffer holding the data
* \param input buffer holding the data
* \param ilen length of the input data
* \param output SHA-1 checksum result
*
* \return 0 if successful
*/
int mbedtls_sha1_ret( const unsigned char *input,
size_t ilen,
unsigned char output[20] );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief Output = SHA-1( input buffer )
*
* \deprecated Superseded by mbedtls_sha1_ret() in 2.7.0
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output SHA-1 checksum result
*/
void mbedtls_sha1( const unsigned char *input, size_t ilen, unsigned char output[20] );
MBEDTLS_DEPRECATED static inline void mbedtls_sha1( const unsigned char *input,
size_t ilen,
unsigned char output[20] )
{
mbedtls_sha1_ret( input, ilen, output );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
/**
* \brief Checkup routine

View file

@ -33,6 +33,13 @@
#include <stddef.h>
#include <stdint.h>
#define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED -0x0037 /**< SHA-256 hardware accelerator failed */
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if !defined(MBEDTLS_SHA256_ALT)
// Regular implementation
//
@ -81,29 +88,116 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
*
* \param ctx context to be initialized
* \param is224 0 = use SHA256, 1 = use SHA224
*
* \return 0 if successful
*/
void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 );
int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 );
/**
* \brief SHA-256 process buffer
*
* \param ctx SHA-256 context
* \param input buffer holding the data
* \param input buffer holding the data
* \param ilen length of the input data
*
* \return 0 if successful
*/
void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *input,
size_t ilen );
int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
const unsigned char *input,
size_t ilen );
/**
* \brief SHA-256 final digest
*
* \param ctx SHA-256 context
* \param output SHA-224/256 checksum result
*
* \return 0 if successful
*/
void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32] );
int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
unsigned char output[32] );
/* Internal use */
void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] );
/**
* \brief SHA-256 process data block (internal use only)
*
* \param ctx SHA-256 context
* \param data buffer holding one block of data
*
* \return 0 if successful
*/
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
const unsigned char data[64] );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief SHA-256 context setup
*
* \deprecated Superseded by mbedtls_sha256_starts_ret() in 2.7.0
*
* \param ctx context to be initialized
* \param is224 0 = use SHA256, 1 = use SHA224
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha256_starts(
mbedtls_sha256_context *ctx,
int is224 )
{
mbedtls_sha256_starts_ret( ctx, is224 );
}
/**
* \brief SHA-256 process buffer
*
* \deprecated Superseded by mbedtls_sha256_update_ret() in 2.7.0
*
* \param ctx SHA-256 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha256_update(
mbedtls_sha256_context *ctx,
const unsigned char *input,
size_t ilen )
{
mbedtls_sha256_update_ret( ctx, input, ilen );
}
/**
* \brief SHA-256 final digest
*
* \deprecated Superseded by mbedtls_sha256_finish_ret() in 2.7.0
*
* \param ctx SHA-256 context
* \param output SHA-224/256 checksum result
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha256_finish(
mbedtls_sha256_context *ctx,
unsigned char output[32] )
{
mbedtls_sha256_finish_ret( ctx, output );
}
/**
* \brief SHA-256 process data block (internal use only)
*
* \deprecated Superseded by mbedtls_internal_sha256_process() in 2.7.0
*
* \param ctx SHA-256 context
* \param data buffer holding one block of data
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha256_process(
mbedtls_sha256_context *ctx,
const unsigned char data[64] )
{
mbedtls_internal_sha256_process( ctx, data );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#ifdef __cplusplus
}
@ -120,13 +214,45 @@ extern "C" {
/**
* \brief Output = SHA-256( input buffer )
*
* \param input buffer holding the data
* \param input buffer holding the data
* \param ilen length of the input data
* \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224
*
* \return 0 if successful
*/
int mbedtls_sha256_ret( const unsigned char *input,
size_t ilen,
unsigned char output[32],
int is224 );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief Output = SHA-256( input buffer )
*
* \deprecated Superseded by mbedtls_sha256_ret() in 2.7.0
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224
*/
void mbedtls_sha256( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 );
MBEDTLS_DEPRECATED static inline void mbedtls_sha256(
const unsigned char *input,
size_t ilen,
unsigned char output[32],
int is224 )
{
mbedtls_sha256_ret( input, ilen, output, is224 );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
/**
* \brief Checkup routine

View file

@ -33,6 +33,13 @@
#include <stddef.h>
#include <stdint.h>
#define MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED -0x0039 /**< SHA-512 hardware accelerator failed */
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if !defined(MBEDTLS_SHA512_ALT)
// Regular implementation
//
@ -81,26 +88,116 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
*
* \param ctx context to be initialized
* \param is384 0 = use SHA512, 1 = use SHA384
*
* \return 0 if successful
*/
void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 );
int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 );
/**
* \brief SHA-512 process buffer
*
* \param ctx SHA-512 context
* \param input buffer holding the data
* \param input buffer holding the data
* \param ilen length of the input data
*
* \return 0 if successful
*/
void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input,
size_t ilen );
int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx,
const unsigned char *input,
size_t ilen );
/**
* \brief SHA-512 final digest
*
* \param ctx SHA-512 context
* \param output SHA-384/512 checksum result
*
* \return 0 if successful
*/
void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64] );
int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
unsigned char output[64] );
/**
* \brief SHA-512 process data block (internal use only)
*
* \param ctx SHA-512 context
* \param data buffer holding one block of data
*
* \return 0 if successful
*/
int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
const unsigned char data[128] );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief SHA-512 context setup
*
* \deprecated Superseded by mbedtls_sha512_starts_ret() in 2.7.0
*
* \param ctx context to be initialized
* \param is384 0 = use SHA512, 1 = use SHA384
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha512_starts(
mbedtls_sha512_context *ctx,
int is384 )
{
mbedtls_sha512_starts_ret( ctx, is384 );
}
/**
* \brief SHA-512 process buffer
*
* \deprecated Superseded by mbedtls_sha512_update_ret() in 2.7.0
*
* \param ctx SHA-512 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha512_update(
mbedtls_sha512_context *ctx,
const unsigned char *input,
size_t ilen )
{
mbedtls_sha512_update_ret( ctx, input, ilen );
}
/**
* \brief SHA-512 final digest
*
* \deprecated Superseded by mbedtls_sha512_finish_ret() in 2.7.0
*
* \param ctx SHA-512 context
* \param output SHA-384/512 checksum result
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha512_finish(
mbedtls_sha512_context *ctx,
unsigned char output[64] )
{
mbedtls_sha512_finish_ret( ctx, output );
}
/**
* \brief SHA-512 process data block (internal use only)
*
* \deprecated Superseded by mbedtls_internal_sha512_process() in 2.7.0
*
* \param ctx SHA-512 context
* \param data buffer holding one block of data
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha512_process(
mbedtls_sha512_context *ctx,
const unsigned char data[128] )
{
mbedtls_internal_sha512_process( ctx, data );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#ifdef __cplusplus
}
@ -117,13 +214,45 @@ extern "C" {
/**
* \brief Output = SHA-512( input buffer )
*
* \param input buffer holding the data
* \param input buffer holding the data
* \param ilen length of the input data
* \param output SHA-384/512 checksum result
* \param is384 0 = use SHA512, 1 = use SHA384
*
* \return 0 if successful
*/
int mbedtls_sha512_ret( const unsigned char *input,
size_t ilen,
unsigned char output[64],
int is384 );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief Output = SHA-512( input buffer )
*
* \deprecated Superseded by mbedtls_sha512_ret() in 2.7.0
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output SHA-384/512 checksum result
* \param is384 0 = use SHA512, 1 = use SHA384
*/
void mbedtls_sha512( const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 );
MBEDTLS_DEPRECATED static inline void mbedtls_sha512(
const unsigned char *input,
size_t ilen,
unsigned char output[64],
int is384 )
{
mbedtls_sha512_ret( input, ilen, output, is384 );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
/**
* \brief Checkup routine
@ -132,9 +261,6 @@ void mbedtls_sha512( const unsigned char *input, size_t ilen,
*/
int mbedtls_sha512_self_test( int verbose );
/* Internal use */
void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] );
#ifdef __cplusplus
}
#endif

View file

@ -611,6 +611,23 @@ static inline int mbedtls_ssl_safer_memcmp( const void *a, const void *b, size_t
return( diff );
}
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_1)
int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl,
unsigned char *output,
unsigned char *data, size_t data_len );
#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
MBEDTLS_SSL_PROTO_TLS1_1 */
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_2)
int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
unsigned char *output,
unsigned char *data, size_t data_len,
mbedtls_md_type_t md_alg );
#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
MBEDTLS_SSL_PROTO_TLS1_2 */
#ifdef __cplusplus
}
#endif

View file

@ -68,16 +68,18 @@ static void mbedtls_zeroize( void *v, size_t n ) {
void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
{
memset( ctx, 0, sizeof(mbedtls_entropy_context) );
ctx->source_count = 0;
memset( ctx->source, 0, sizeof( ctx->source ) );
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_init( &ctx->mutex );
#endif
ctx->accumulator_started = 0;
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512_starts( &ctx->accumulator, 0 );
mbedtls_sha512_init( &ctx->accumulator );
#else
mbedtls_sha256_starts( &ctx->accumulator, 0 );
mbedtls_sha256_init( &ctx->accumulator );
#endif
#if defined(MBEDTLS_HAVEGE_C)
mbedtls_havege_init( &ctx->havege_data );
@ -116,6 +118,7 @@ void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL,
MBEDTLS_ENTROPY_BLOCK_SIZE,
MBEDTLS_ENTROPY_SOURCE_STRONG );
ctx->initial_entropy_run = 0;
#endif
#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */
}
@ -128,7 +131,17 @@ void mbedtls_entropy_free( mbedtls_entropy_context *ctx )
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_free( &ctx->mutex );
#endif
mbedtls_zeroize( ctx, sizeof( mbedtls_entropy_context ) );
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512_free( &ctx->accumulator );
#else
mbedtls_sha256_free( &ctx->accumulator );
#endif
#if defined(MBEDTLS_ENTROPY_NV_SEED)
ctx->initial_entropy_run = 0;
#endif
ctx->source_count = 0;
mbedtls_zeroize( ctx->source, sizeof( ctx->source ) );
ctx->accumulator_started = 0;
}
int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
@ -175,13 +188,16 @@ static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id
unsigned char tmp[MBEDTLS_ENTROPY_BLOCK_SIZE];
size_t use_len = len;
const unsigned char *p = data;
int ret;
if( use_len > MBEDTLS_ENTROPY_BLOCK_SIZE )
{
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512( data, len, tmp, 0 );
if( ( ret = mbedtls_sha512_ret( data, len, tmp, 0 ) ) != 0 )
return( ret );
#else
mbedtls_sha256( data, len, tmp, 0 );
if( ( ret = mbedtls_sha256_ret( data, len, tmp, 0 ) ) != 0 )
return( ret );
#endif
p = tmp;
use_len = MBEDTLS_ENTROPY_BLOCK_SIZE;
@ -190,15 +206,30 @@ static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id
header[0] = source_id;
header[1] = use_len & 0xFF;
/*
* Start the accumulator if this has not already happened. Note that
* it is sufficient to start the accumulator here only because all calls to
* gather entropy eventually execute this code.
*/
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512_update( &ctx->accumulator, header, 2 );
mbedtls_sha512_update( &ctx->accumulator, p, use_len );
if( ctx->accumulator_started == 0 &&
( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
return( ret );
else
ctx->accumulator_started = 1;
if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, header, 2 ) ) != 0 )
return( ret );
return( mbedtls_sha512_update_ret( &ctx->accumulator, p, use_len ) );
#else
mbedtls_sha256_update( &ctx->accumulator, header, 2 );
mbedtls_sha256_update( &ctx->accumulator, p, use_len );
if( ctx->accumulator_started == 0 &&
( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
return( ret );
else
ctx->accumulator_started = 1;
if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, header, 2 ) ) != 0 )
return( ret );
return( mbedtls_sha256_update_ret( &ctx->accumulator, p, use_len ) );
#endif
return( 0 );
}
int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
@ -253,7 +284,9 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx )
*/
if( olen > 0 )
{
entropy_update( ctx, (unsigned char) i, buf, olen );
if( ( ret = entropy_update( ctx, (unsigned char) i,
buf, olen ) ) != 0 )
return( ret );
ctx->source[i].size += olen;
}
}
@ -336,33 +369,52 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len )
memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512_finish( &ctx->accumulator, buf );
/*
* Note that at this stage it is assumed that the accumulator was started
* in a previous call to entropy_update(). If this is not guaranteed, the
* code below will fail.
*/
if( ( ret = mbedtls_sha512_finish_ret( &ctx->accumulator, buf ) ) != 0 )
goto exit;
/*
* Reset accumulator and counters and recycle existing entropy
*/
memset( &ctx->accumulator, 0, sizeof( mbedtls_sha512_context ) );
mbedtls_sha512_starts( &ctx->accumulator, 0 );
mbedtls_sha512_update( &ctx->accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
mbedtls_sha512_free( &ctx->accumulator );
mbedtls_sha512_init( &ctx->accumulator );
if( ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
goto exit;
if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, buf,
MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
goto exit;
/*
* Perform second SHA-512 on entropy
*/
mbedtls_sha512( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, buf, 0 );
if( ( ret = mbedtls_sha512_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
buf, 0 ) ) != 0 )
goto exit;
#else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
mbedtls_sha256_finish( &ctx->accumulator, buf );
if( ( ret = mbedtls_sha256_finish_ret( &ctx->accumulator, buf ) ) != 0 )
goto exit;
/*
* Reset accumulator and counters and recycle existing entropy
*/
memset( &ctx->accumulator, 0, sizeof( mbedtls_sha256_context ) );
mbedtls_sha256_starts( &ctx->accumulator, 0 );
mbedtls_sha256_update( &ctx->accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
mbedtls_sha256_free( &ctx->accumulator );
mbedtls_sha256_init( &ctx->accumulator );
if( ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
goto exit;
if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, buf,
MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
goto exit;
/*
* Perform second SHA-256 on entropy
*/
mbedtls_sha256( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, buf, 0 );
if( ( ret = mbedtls_sha256_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
buf, 0 ) ) != 0 )
goto exit;
#endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
for( i = 0; i < ctx->source_count; i++ )

View file

@ -101,6 +101,18 @@
#include "mbedtls/md.h"
#endif
#if defined(MBEDTLS_MD2_C)
#include "mbedtls/md2.h"
#endif
#if defined(MBEDTLS_MD4_C)
#include "mbedtls/md4.h"
#endif
#if defined(MBEDTLS_MD5_C)
#include "mbedtls/md5.h"
#endif
#if defined(MBEDTLS_NET_C)
#include "mbedtls/net_sockets.h"
#endif
@ -129,10 +141,26 @@
#include "mbedtls/pkcs5.h"
#endif
#if defined(MBEDTLS_RIPEMD160_C)
#include "mbedtls/ripemd160.h"
#endif
#if defined(MBEDTLS_RSA_C)
#include "mbedtls/rsa.h"
#endif
#if defined(MBEDTLS_SHA1_C)
#include "mbedtls/sha1.h"
#endif
#if defined(MBEDTLS_SHA256_C)
#include "mbedtls/sha256.h"
#endif
#if defined(MBEDTLS_SHA512_C)
#include "mbedtls/sha512.h"
#endif
#if defined(MBEDTLS_SSL_TLS_C)
#include "mbedtls/ssl.h"
#endif
@ -635,6 +663,21 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
mbedtls_snprintf( buf, buflen, "HMAC_DRBG - The entropy source failed" );
#endif /* MBEDTLS_HMAC_DRBG_C */
#if defined(MBEDTLS_MD2_C)
if( use_ret == -(MBEDTLS_ERR_MD2_HW_ACCEL_FAILED) )
mbedtls_snprintf( buf, buflen, "MD2 - MD2 hardware accelerator failed" );
#endif /* MBEDTLS_MD2_C */
#if defined(MBEDTLS_MD4_C)
if( use_ret == -(MBEDTLS_ERR_MD4_HW_ACCEL_FAILED) )
mbedtls_snprintf( buf, buflen, "MD4 - MD4 hardware accelerator failed" );
#endif /* MBEDTLS_MD4_C */
#if defined(MBEDTLS_MD5_C)
if( use_ret == -(MBEDTLS_ERR_MD5_HW_ACCEL_FAILED) )
mbedtls_snprintf( buf, buflen, "MD5 - MD5 hardware accelerator failed" );
#endif /* MBEDTLS_MD5_C */
#if defined(MBEDTLS_NET_C)
if( use_ret == -(MBEDTLS_ERR_NET_SOCKET_FAILED) )
mbedtls_snprintf( buf, buflen, "NET - Failed to open a socket" );
@ -672,6 +715,26 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
mbedtls_snprintf( buf, buflen, "PADLOCK - Input data should be aligned" );
#endif /* MBEDTLS_PADLOCK_C */
#if defined(MBEDTLS_RIPEMD160_C)
if( use_ret == -(MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED) )
mbedtls_snprintf( buf, buflen, "RIPEMD160 - RIPEMD160 hardware accelerator failed" );
#endif /* MBEDTLS_RIPEMD160_C */
#if defined(MBEDTLS_SHA1_C)
if( use_ret == -(MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED) )
mbedtls_snprintf( buf, buflen, "SHA1 - SHA-1 hardware accelerator failed" );
#endif /* MBEDTLS_SHA1_C */
#if defined(MBEDTLS_SHA256_C)
if( use_ret == -(MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED) )
mbedtls_snprintf( buf, buflen, "SHA256 - SHA-256 hardware accelerator failed" );
#endif /* MBEDTLS_SHA256_C */
#if defined(MBEDTLS_SHA512_C)
if( use_ret == -(MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED) )
mbedtls_snprintf( buf, buflen, "SHA512 - SHA-512 hardware accelerator failed" );
#endif /* MBEDTLS_SHA512_C */
#if defined(MBEDTLS_THREADING_C)
if( use_ret == -(MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE) )
mbedtls_snprintf( buf, buflen, "THREADING - The selected feature is not available" );

View file

@ -250,9 +250,7 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx )
if( ctx == NULL || ctx->md_info == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->starts_func( ctx->md_ctx );
return( 0 );
return( ctx->md_info->starts_func( ctx->md_ctx ) );
}
int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
@ -260,9 +258,7 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si
if( ctx == NULL || ctx->md_info == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->update_func( ctx->md_ctx, input, ilen );
return( 0 );
return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) );
}
int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
@ -270,9 +266,7 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
if( ctx == NULL || ctx->md_info == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->finish_func( ctx->md_ctx, output );
return( 0 );
return( ctx->md_info->finish_func( ctx->md_ctx, output ) );
}
int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
@ -281,9 +275,7 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si
if( md_info == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
md_info->digest_func( input, ilen, output );
return( 0 );
return( md_info->digest_func( input, ilen, output ) );
}
#if defined(MBEDTLS_FS_IO)
@ -306,10 +298,12 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigne
if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
goto cleanup;
md_info->starts_func( ctx.md_ctx );
if( ( ret = md_info->starts_func( ctx.md_ctx ) ) != 0 )
goto cleanup;
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
md_info->update_func( ctx.md_ctx, buf, n );
if( ( ret = md_info->update_func( ctx.md_ctx, buf, n ) ) != 0 )
goto cleanup;
if( ferror( f ) != 0 )
{
@ -317,7 +311,7 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigne
goto cleanup;
}
md_info->finish_func( ctx.md_ctx, output );
ret = md_info->finish_func( ctx.md_ctx, output );
cleanup:
fclose( f );
@ -329,6 +323,7 @@ cleanup:
int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen )
{
int ret;
unsigned char sum[MBEDTLS_MD_MAX_SIZE];
unsigned char *ipad, *opad;
size_t i;
@ -338,9 +333,12 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
if( keylen > (size_t) ctx->md_info->block_size )
{
ctx->md_info->starts_func( ctx->md_ctx );
ctx->md_info->update_func( ctx->md_ctx, key, keylen );
ctx->md_info->finish_func( ctx->md_ctx, sum );
if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
goto cleanup;
if( ( ret = ctx->md_info->update_func( ctx->md_ctx, key, keylen ) ) != 0 )
goto cleanup;
if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, sum ) ) != 0 )
goto cleanup;
keylen = ctx->md_info->size;
key = sum;
@ -358,12 +356,16 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
opad[i] = (unsigned char)( opad[i] ^ key[i] );
}
if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
goto cleanup;
if( ( ret = ctx->md_info->update_func( ctx->md_ctx, ipad,
ctx->md_info->block_size ) ) != 0 )
goto cleanup;
cleanup:
mbedtls_zeroize( sum, sizeof( sum ) );
ctx->md_info->starts_func( ctx->md_ctx );
ctx->md_info->update_func( ctx->md_ctx, ipad, ctx->md_info->block_size );
return( 0 );
return( ret );
}
int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
@ -371,13 +373,12 @@ int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *inpu
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->update_func( ctx->md_ctx, input, ilen );
return( 0 );
return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) );
}
int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
{
int ret;
unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
unsigned char *opad;
@ -386,17 +387,22 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
ctx->md_info->finish_func( ctx->md_ctx, tmp );
ctx->md_info->starts_func( ctx->md_ctx );
ctx->md_info->update_func( ctx->md_ctx, opad, ctx->md_info->block_size );
ctx->md_info->update_func( ctx->md_ctx, tmp, ctx->md_info->size );
ctx->md_info->finish_func( ctx->md_ctx, output );
return( 0 );
if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, tmp ) ) != 0 )
return( ret );
if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
return( ret );
if( ( ret = ctx->md_info->update_func( ctx->md_ctx, opad,
ctx->md_info->block_size ) ) != 0 )
return( ret );
if( ( ret = ctx->md_info->update_func( ctx->md_ctx, tmp,
ctx->md_info->size ) ) != 0 )
return( ret );
return( ctx->md_info->finish_func( ctx->md_ctx, output ) );
}
int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
{
int ret;
unsigned char *ipad;
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
@ -404,15 +410,16 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
ipad = (unsigned char *) ctx->hmac_ctx;
ctx->md_info->starts_func( ctx->md_ctx );
ctx->md_info->update_func( ctx->md_ctx, ipad, ctx->md_info->block_size );
return( 0 );
if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
return( ret );
return( ctx->md_info->update_func( ctx->md_ctx, ipad,
ctx->md_info->block_size ) );
}
int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output )
int mbedtls_md_hmac( const mbedtls_md_info_t *md_info,
const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output )
{
mbedtls_md_context_t ctx;
int ret;
@ -423,15 +430,19 @@ int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key,
mbedtls_md_init( &ctx );
if( ( ret = mbedtls_md_setup( &ctx, md_info, 1 ) ) != 0 )
return( ret );
goto cleanup;
mbedtls_md_hmac_starts( &ctx, key, keylen );
mbedtls_md_hmac_update( &ctx, input, ilen );
mbedtls_md_hmac_finish( &ctx, output );
if( ( ret = mbedtls_md_hmac_starts( &ctx, key, keylen ) ) != 0 )
goto cleanup;
if( ( ret = mbedtls_md_hmac_update( &ctx, input, ilen ) ) != 0 )
goto cleanup;
if( ( ret = mbedtls_md_hmac_finish( &ctx, output ) ) != 0 )
goto cleanup;
cleanup:
mbedtls_md_free( &ctx );
return( 0 );
return( ret );
}
int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
@ -439,9 +450,7 @@ int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
if( ctx == NULL || ctx->md_info == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->process_func( ctx->md_ctx, data );
return( 0 );
return( ctx->md_info->process_func( ctx->md_ctx, data ) );
}
unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info )

View file

@ -105,16 +105,18 @@ void mbedtls_md2_clone( mbedtls_md2_context *dst,
/*
* MD2 context setup
*/
void mbedtls_md2_starts( mbedtls_md2_context *ctx )
int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx )
{
memset( ctx->cksum, 0, 16 );
memset( ctx->state, 0, 46 );
memset( ctx->buffer, 0, 16 );
ctx->left = 0;
return( 0 );
}
#if !defined(MBEDTLS_MD2_PROCESS_ALT)
void mbedtls_md2_process( mbedtls_md2_context *ctx )
int mbedtls_internal_md2_process( mbedtls_md2_context *ctx )
{
int i, j;
unsigned char t = 0;
@ -146,14 +148,19 @@ void mbedtls_md2_process( mbedtls_md2_context *ctx )
( ctx->cksum[i] ^ PI_SUBST[ctx->buffer[i] ^ t] );
t = ctx->cksum[i];
}
return( 0 );
}
#endif /* !MBEDTLS_MD2_PROCESS_ALT */
/*
* MD2 process buffer
*/
void mbedtls_md2_update( mbedtls_md2_context *ctx, const unsigned char *input, size_t ilen )
int mbedtls_md2_update_ret( mbedtls_md2_context *ctx,
const unsigned char *input,
size_t ilen )
{
int ret;
size_t fill;
while( ilen > 0 )
@ -172,16 +179,21 @@ void mbedtls_md2_update( mbedtls_md2_context *ctx, const unsigned char *input, s
if( ctx->left == 16 )
{
ctx->left = 0;
mbedtls_md2_process( ctx );
if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
return( ret );
}
}
return( 0 );
}
/*
* MD2 final digest
*/
void mbedtls_md2_finish( mbedtls_md2_context *ctx, unsigned char output[16] )
int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx,
unsigned char output[16] )
{
int ret;
size_t i;
unsigned char x;
@ -190,12 +202,16 @@ void mbedtls_md2_finish( mbedtls_md2_context *ctx, unsigned char output[16] )
for( i = ctx->left; i < 16; i++ )
ctx->buffer[i] = x;
mbedtls_md2_process( ctx );
if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
return( ret );
memcpy( ctx->buffer, ctx->cksum, 16 );
mbedtls_md2_process( ctx );
if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
return( ret );
memcpy( output, ctx->state, 16 );
return( 0 );
}
#endif /* !MBEDTLS_MD2_ALT */
@ -203,15 +219,28 @@ void mbedtls_md2_finish( mbedtls_md2_context *ctx, unsigned char output[16] )
/*
* output = MD2( input buffer )
*/
void mbedtls_md2( const unsigned char *input, size_t ilen, unsigned char output[16] )
int mbedtls_md2_ret( const unsigned char *input,
size_t ilen,
unsigned char output[16] )
{
int ret;
mbedtls_md2_context ctx;
mbedtls_md2_init( &ctx );
mbedtls_md2_starts( &ctx );
mbedtls_md2_update( &ctx, input, ilen );
mbedtls_md2_finish( &ctx, output );
if( ( ret = mbedtls_md2_starts_ret( &ctx ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md2_update_ret( &ctx, input, ilen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md2_finish_ret( &ctx, output ) ) != 0 )
goto exit;
exit:
mbedtls_md2_free( &ctx );
return( ret );
}
#if defined(MBEDTLS_SELF_TEST)
@ -219,7 +248,7 @@ void mbedtls_md2( const unsigned char *input, size_t ilen, unsigned char output[
/*
* RFC 1319 test vectors
*/
static const char md2_test_str[7][81] =
static const unsigned char md2_test_str[7][81] =
{
{ "" },
{ "a" },
@ -227,10 +256,15 @@ static const char md2_test_str[7][81] =
{ "message digest" },
{ "abcdefghijklmnopqrstuvwxyz" },
{ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
{ "12345678901234567890123456789012345678901234567890123456789012" \
{ "12345678901234567890123456789012345678901234567890123456789012"
"345678901234567890" }
};
static const size_t md2_test_strlen[7] =
{
0, 1, 3, 14, 26, 62, 80
};
static const unsigned char md2_test_sum[7][16] =
{
{ 0x83, 0x50, 0xE5, 0xA3, 0xE2, 0x4C, 0x15, 0x3D,
@ -254,7 +288,7 @@ static const unsigned char md2_test_sum[7][16] =
*/
int mbedtls_md2_self_test( int verbose )
{
int i;
int i, ret = 0;
unsigned char md2sum[16];
for( i = 0; i < 7; i++ )
@ -262,15 +296,14 @@ int mbedtls_md2_self_test( int verbose )
if( verbose != 0 )
mbedtls_printf( " MD2 test #%d: ", i + 1 );
mbedtls_md2( (unsigned char *) md2_test_str[i],
strlen( md2_test_str[i] ), md2sum );
ret = mbedtls_md2_ret( md2_test_str[i], md2_test_strlen[i], md2sum );
if( ret != 0 )
goto fail;
if( memcmp( md2sum, md2_test_sum[i], 16 ) != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
return( 1 );
ret = 1;
goto fail;
}
if( verbose != 0 )
@ -281,6 +314,12 @@ int mbedtls_md2_self_test( int verbose )
mbedtls_printf( "\n" );
return( 0 );
fail:
if( verbose != 0 )
mbedtls_printf( "failed\n" );
return( ret );
}
#endif /* MBEDTLS_SELF_TEST */

View file

@ -98,7 +98,7 @@ void mbedtls_md4_clone( mbedtls_md4_context *dst,
/*
* MD4 context setup
*/
void mbedtls_md4_starts( mbedtls_md4_context *ctx )
int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@ -107,10 +107,13 @@ void mbedtls_md4_starts( mbedtls_md4_context *ctx )
ctx->state[1] = 0xEFCDAB89;
ctx->state[2] = 0x98BADCFE;
ctx->state[3] = 0x10325476;
return( 0 );
}
#if !defined(MBEDTLS_MD4_PROCESS_ALT)
void mbedtls_md4_process( mbedtls_md4_context *ctx, const unsigned char data[64] )
int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
const unsigned char data[64] )
{
uint32_t X[16], A, B, C, D;
@ -211,19 +214,24 @@ void mbedtls_md4_process( mbedtls_md4_context *ctx, const unsigned char data[64]
ctx->state[1] += B;
ctx->state[2] += C;
ctx->state[3] += D;
return( 0 );
}
#endif /* !MBEDTLS_MD4_PROCESS_ALT */
/*
* MD4 process buffer
*/
void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, size_t ilen )
int mbedtls_md4_update_ret( mbedtls_md4_context *ctx,
const unsigned char *input,
size_t ilen )
{
int ret;
size_t fill;
uint32_t left;
if( ilen == 0 )
return;
return( 0 );
left = ctx->total[0] & 0x3F;
fill = 64 - left;
@ -238,7 +246,10 @@ void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, s
{
memcpy( (void *) (ctx->buffer + left),
(void *) input, fill );
mbedtls_md4_process( ctx, ctx->buffer );
if( ( ret = mbedtls_internal_md4_process( ctx, ctx->buffer ) ) != 0 )
return( ret );
input += fill;
ilen -= fill;
left = 0;
@ -246,7 +257,9 @@ void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, s
while( ilen >= 64 )
{
mbedtls_md4_process( ctx, input );
if( ( ret = mbedtls_internal_md4_process( ctx, input ) ) != 0 )
return( ret );
input += 64;
ilen -= 64;
}
@ -256,6 +269,8 @@ void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, s
memcpy( (void *) (ctx->buffer + left),
(void *) input, ilen );
}
return( 0 );
}
static const unsigned char md4_padding[64] =
@ -269,8 +284,10 @@ static const unsigned char md4_padding[64] =
/*
* MD4 final digest
*/
void mbedtls_md4_finish( mbedtls_md4_context *ctx, unsigned char output[16] )
int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx,
unsigned char output[16] )
{
int ret;
uint32_t last, padn;
uint32_t high, low;
unsigned char msglen[8];
@ -285,13 +302,20 @@ void mbedtls_md4_finish( mbedtls_md4_context *ctx, unsigned char output[16] )
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
mbedtls_md4_update( ctx, (unsigned char *) md4_padding, padn );
mbedtls_md4_update( ctx, msglen, 8 );
ret = mbedtls_md4_update_ret( ctx, (unsigned char *)md4_padding, padn );
if( ret != 0 )
return( ret );
if( ( ret = mbedtls_md4_update_ret( ctx, msglen, 8 ) ) != 0 )
return( ret );
PUT_UINT32_LE( ctx->state[0], output, 0 );
PUT_UINT32_LE( ctx->state[1], output, 4 );
PUT_UINT32_LE( ctx->state[2], output, 8 );
PUT_UINT32_LE( ctx->state[3], output, 12 );
return( 0 );
}
#endif /* !MBEDTLS_MD4_ALT */
@ -299,15 +323,28 @@ void mbedtls_md4_finish( mbedtls_md4_context *ctx, unsigned char output[16] )
/*
* output = MD4( input buffer )
*/
void mbedtls_md4( const unsigned char *input, size_t ilen, unsigned char output[16] )
int mbedtls_md4_ret( const unsigned char *input,
size_t ilen,
unsigned char output[16] )
{
int ret;
mbedtls_md4_context ctx;
mbedtls_md4_init( &ctx );
mbedtls_md4_starts( &ctx );
mbedtls_md4_update( &ctx, input, ilen );
mbedtls_md4_finish( &ctx, output );
if( ( ret = mbedtls_md4_starts_ret( &ctx ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md4_update_ret( &ctx, input, ilen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md4_finish_ret( &ctx, output ) ) != 0 )
goto exit;
exit:
mbedtls_md4_free( &ctx );
return( ret );
}
#if defined(MBEDTLS_SELF_TEST)
@ -315,7 +352,7 @@ void mbedtls_md4( const unsigned char *input, size_t ilen, unsigned char output[
/*
* RFC 1320 test vectors
*/
static const char md4_test_str[7][81] =
static const unsigned char md4_test_str[7][81] =
{
{ "" },
{ "a" },
@ -323,10 +360,15 @@ static const char md4_test_str[7][81] =
{ "message digest" },
{ "abcdefghijklmnopqrstuvwxyz" },
{ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
{ "12345678901234567890123456789012345678901234567890123456789012" \
{ "12345678901234567890123456789012345678901234567890123456789012"
"345678901234567890" }
};
static const size_t md4_test_strlen[7] =
{
0, 1, 3, 14, 26, 62, 80
};
static const unsigned char md4_test_sum[7][16] =
{
{ 0x31, 0xD6, 0xCF, 0xE0, 0xD1, 0x6A, 0xE9, 0x31,
@ -350,7 +392,7 @@ static const unsigned char md4_test_sum[7][16] =
*/
int mbedtls_md4_self_test( int verbose )
{
int i;
int i, ret = 0;
unsigned char md4sum[16];
for( i = 0; i < 7; i++ )
@ -358,15 +400,14 @@ int mbedtls_md4_self_test( int verbose )
if( verbose != 0 )
mbedtls_printf( " MD4 test #%d: ", i + 1 );
mbedtls_md4( (unsigned char *) md4_test_str[i],
strlen( md4_test_str[i] ), md4sum );
ret = mbedtls_md4_ret( md4_test_str[i], md4_test_strlen[i], md4sum );
if( ret != 0 )
goto fail;
if( memcmp( md4sum, md4_test_sum[i], 16 ) != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
return( 1 );
ret = 1;
goto fail;
}
if( verbose != 0 )
@ -377,6 +418,12 @@ int mbedtls_md4_self_test( int verbose )
mbedtls_printf( "\n" );
return( 0 );
fail:
if( verbose != 0 )
mbedtls_printf( "failed\n" );
return( ret );
}
#endif /* MBEDTLS_SELF_TEST */

View file

@ -97,7 +97,7 @@ void mbedtls_md5_clone( mbedtls_md5_context *dst,
/*
* MD5 context setup
*/
void mbedtls_md5_starts( mbedtls_md5_context *ctx )
int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@ -106,10 +106,13 @@ void mbedtls_md5_starts( mbedtls_md5_context *ctx )
ctx->state[1] = 0xEFCDAB89;
ctx->state[2] = 0x98BADCFE;
ctx->state[3] = 0x10325476;
return( 0 );
}
#if !defined(MBEDTLS_MD5_PROCESS_ALT)
void mbedtls_md5_process( mbedtls_md5_context *ctx, const unsigned char data[64] )
int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
const unsigned char data[64] )
{
uint32_t X[16], A, B, C, D;
@ -230,19 +233,24 @@ void mbedtls_md5_process( mbedtls_md5_context *ctx, const unsigned char data[64]
ctx->state[1] += B;
ctx->state[2] += C;
ctx->state[3] += D;
return( 0 );
}
#endif /* !MBEDTLS_MD5_PROCESS_ALT */
/*
* MD5 process buffer
*/
void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen )
int mbedtls_md5_update_ret( mbedtls_md5_context *ctx,
const unsigned char *input,
size_t ilen )
{
int ret;
size_t fill;
uint32_t left;
if( ilen == 0 )
return;
return( 0 );
left = ctx->total[0] & 0x3F;
fill = 64 - left;
@ -256,7 +264,9 @@ void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, s
if( left && ilen >= fill )
{
memcpy( (void *) (ctx->buffer + left), input, fill );
mbedtls_md5_process( ctx, ctx->buffer );
if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 )
return( ret );
input += fill;
ilen -= fill;
left = 0;
@ -264,7 +274,9 @@ void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, s
while( ilen >= 64 )
{
mbedtls_md5_process( ctx, input );
if( ( ret = mbedtls_internal_md5_process( ctx, input ) ) != 0 )
return( ret );
input += 64;
ilen -= 64;
}
@ -273,6 +285,8 @@ void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, s
{
memcpy( (void *) (ctx->buffer + left), input, ilen );
}
return( 0 );
}
static const unsigned char md5_padding[64] =
@ -286,8 +300,10 @@ static const unsigned char md5_padding[64] =
/*
* MD5 final digest
*/
void mbedtls_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] )
int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx,
unsigned char output[16] )
{
int ret;
uint32_t last, padn;
uint32_t high, low;
unsigned char msglen[8];
@ -302,13 +318,18 @@ void mbedtls_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] )
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
mbedtls_md5_update( ctx, md5_padding, padn );
mbedtls_md5_update( ctx, msglen, 8 );
if( ( ret = mbedtls_md5_update_ret( ctx, md5_padding, padn ) ) != 0 )
return( ret );
if( ( ret = mbedtls_md5_update_ret( ctx, msglen, 8 ) ) != 0 )
return( ret );
PUT_UINT32_LE( ctx->state[0], output, 0 );
PUT_UINT32_LE( ctx->state[1], output, 4 );
PUT_UINT32_LE( ctx->state[2], output, 8 );
PUT_UINT32_LE( ctx->state[3], output, 12 );
return( 0 );
}
#endif /* !MBEDTLS_MD5_ALT */
@ -316,15 +337,28 @@ void mbedtls_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] )
/*
* output = MD5( input buffer )
*/
void mbedtls_md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
int mbedtls_md5_ret( const unsigned char *input,
size_t ilen,
unsigned char output[16] )
{
int ret;
mbedtls_md5_context ctx;
mbedtls_md5_init( &ctx );
mbedtls_md5_starts( &ctx );
mbedtls_md5_update( &ctx, input, ilen );
mbedtls_md5_finish( &ctx, output );
if( ( ret = mbedtls_md5_starts_ret( &ctx ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_update_ret( &ctx, input, ilen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_finish_ret( &ctx, output ) ) != 0 )
goto exit;
exit:
mbedtls_md5_free( &ctx );
return( ret );
}
#if defined(MBEDTLS_SELF_TEST)
@ -339,11 +373,11 @@ static const unsigned char md5_test_buf[7][81] =
{ "message digest" },
{ "abcdefghijklmnopqrstuvwxyz" },
{ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
{ "12345678901234567890123456789012345678901234567890123456789012" \
{ "12345678901234567890123456789012345678901234567890123456789012"
"345678901234567890" }
};
static const int md5_test_buflen[7] =
static const size_t md5_test_buflen[7] =
{
0, 1, 3, 14, 26, 62, 80
};
@ -371,7 +405,7 @@ static const unsigned char md5_test_sum[7][16] =
*/
int mbedtls_md5_self_test( int verbose )
{
int i;
int i, ret = 0;
unsigned char md5sum[16];
for( i = 0; i < 7; i++ )
@ -379,14 +413,14 @@ int mbedtls_md5_self_test( int verbose )
if( verbose != 0 )
mbedtls_printf( " MD5 test #%d: ", i + 1 );
mbedtls_md5( md5_test_buf[i], md5_test_buflen[i], md5sum );
ret = mbedtls_md5_ret( md5_test_buf[i], md5_test_buflen[i], md5sum );
if( ret != 0 )
goto fail;
if( memcmp( md5sum, md5_test_sum[i], 16 ) != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
return( 1 );
ret = 1;
goto fail;
}
if( verbose != 0 )
@ -397,6 +431,12 @@ int mbedtls_md5_self_test( int verbose )
mbedtls_printf( "\n" );
return( 0 );
fail:
if( verbose != 0 )
mbedtls_printf( "failed\n" );
return( ret );
}
#endif /* MBEDTLS_SELF_TEST */

View file

@ -71,20 +71,20 @@
#if defined(MBEDTLS_MD2_C)
static void md2_starts_wrap( void *ctx )
static int md2_starts_wrap( void *ctx )
{
mbedtls_md2_starts( (mbedtls_md2_context *) ctx );
return( mbedtls_md2_starts_ret( (mbedtls_md2_context *) ctx ) );
}
static void md2_update_wrap( void *ctx, const unsigned char *input,
static int md2_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
mbedtls_md2_update( (mbedtls_md2_context *) ctx, input, ilen );
return( mbedtls_md2_update_ret( (mbedtls_md2_context *) ctx, input, ilen ) );
}
static void md2_finish_wrap( void *ctx, unsigned char *output )
static int md2_finish_wrap( void *ctx, unsigned char *output )
{
mbedtls_md2_finish( (mbedtls_md2_context *) ctx, output );
return( mbedtls_md2_finish_ret( (mbedtls_md2_context *) ctx, output ) );
}
static void *md2_ctx_alloc( void )
@ -109,11 +109,11 @@ static void md2_clone_wrap( void *dst, const void *src )
(const mbedtls_md2_context *) src );
}
static void md2_process_wrap( void *ctx, const unsigned char *data )
static int md2_process_wrap( void *ctx, const unsigned char *data )
{
((void) data);
mbedtls_md2_process( (mbedtls_md2_context *) ctx );
return( mbedtls_internal_md2_process( (mbedtls_md2_context *) ctx ) );
}
const mbedtls_md_info_t mbedtls_md2_info = {
@ -124,7 +124,7 @@ const mbedtls_md_info_t mbedtls_md2_info = {
md2_starts_wrap,
md2_update_wrap,
md2_finish_wrap,
mbedtls_md2,
mbedtls_md2_ret,
md2_ctx_alloc,
md2_ctx_free,
md2_clone_wrap,
@ -135,20 +135,20 @@ const mbedtls_md_info_t mbedtls_md2_info = {
#if defined(MBEDTLS_MD4_C)
static void md4_starts_wrap( void *ctx )
static int md4_starts_wrap( void *ctx )
{
mbedtls_md4_starts( (mbedtls_md4_context *) ctx );
return( mbedtls_md4_starts_ret( (mbedtls_md4_context *) ctx ) );
}
static void md4_update_wrap( void *ctx, const unsigned char *input,
static int md4_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
mbedtls_md4_update( (mbedtls_md4_context *) ctx, input, ilen );
return( mbedtls_md4_update_ret( (mbedtls_md4_context *) ctx, input, ilen ) );
}
static void md4_finish_wrap( void *ctx, unsigned char *output )
static int md4_finish_wrap( void *ctx, unsigned char *output )
{
mbedtls_md4_finish( (mbedtls_md4_context *) ctx, output );
return( mbedtls_md4_finish_ret( (mbedtls_md4_context *) ctx, output ) );
}
static void *md4_ctx_alloc( void )
@ -170,12 +170,12 @@ static void md4_ctx_free( void *ctx )
static void md4_clone_wrap( void *dst, const void *src )
{
mbedtls_md4_clone( (mbedtls_md4_context *) dst,
(const mbedtls_md4_context *) src );
(const mbedtls_md4_context *) src );
}
static void md4_process_wrap( void *ctx, const unsigned char *data )
static int md4_process_wrap( void *ctx, const unsigned char *data )
{
mbedtls_md4_process( (mbedtls_md4_context *) ctx, data );
return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) );
}
const mbedtls_md_info_t mbedtls_md4_info = {
@ -186,7 +186,7 @@ const mbedtls_md_info_t mbedtls_md4_info = {
md4_starts_wrap,
md4_update_wrap,
md4_finish_wrap,
mbedtls_md4,
mbedtls_md4_ret,
md4_ctx_alloc,
md4_ctx_free,
md4_clone_wrap,
@ -197,20 +197,20 @@ const mbedtls_md_info_t mbedtls_md4_info = {
#if defined(MBEDTLS_MD5_C)
static void md5_starts_wrap( void *ctx )
static int md5_starts_wrap( void *ctx )
{
mbedtls_md5_starts( (mbedtls_md5_context *) ctx );
return( mbedtls_md5_starts_ret( (mbedtls_md5_context *) ctx ) );
}
static void md5_update_wrap( void *ctx, const unsigned char *input,
static int md5_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
mbedtls_md5_update( (mbedtls_md5_context *) ctx, input, ilen );
return( mbedtls_md5_update_ret( (mbedtls_md5_context *) ctx, input, ilen ) );
}
static void md5_finish_wrap( void *ctx, unsigned char *output )
static int md5_finish_wrap( void *ctx, unsigned char *output )
{
mbedtls_md5_finish( (mbedtls_md5_context *) ctx, output );
return( mbedtls_md5_finish_ret( (mbedtls_md5_context *) ctx, output ) );
}
static void *md5_ctx_alloc( void )
@ -232,12 +232,12 @@ static void md5_ctx_free( void *ctx )
static void md5_clone_wrap( void *dst, const void *src )
{
mbedtls_md5_clone( (mbedtls_md5_context *) dst,
(const mbedtls_md5_context *) src );
(const mbedtls_md5_context *) src );
}
static void md5_process_wrap( void *ctx, const unsigned char *data )
static int md5_process_wrap( void *ctx, const unsigned char *data )
{
mbedtls_md5_process( (mbedtls_md5_context *) ctx, data );
return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) );
}
const mbedtls_md_info_t mbedtls_md5_info = {
@ -248,7 +248,7 @@ const mbedtls_md_info_t mbedtls_md5_info = {
md5_starts_wrap,
md5_update_wrap,
md5_finish_wrap,
mbedtls_md5,
mbedtls_md5_ret,
md5_ctx_alloc,
md5_ctx_free,
md5_clone_wrap,
@ -259,20 +259,22 @@ const mbedtls_md_info_t mbedtls_md5_info = {
#if defined(MBEDTLS_RIPEMD160_C)
static void ripemd160_starts_wrap( void *ctx )
static int ripemd160_starts_wrap( void *ctx )
{
mbedtls_ripemd160_starts( (mbedtls_ripemd160_context *) ctx );
return( mbedtls_ripemd160_starts_ret( (mbedtls_ripemd160_context *) ctx ) );
}
static void ripemd160_update_wrap( void *ctx, const unsigned char *input,
static int ripemd160_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
mbedtls_ripemd160_update( (mbedtls_ripemd160_context *) ctx, input, ilen );
return( mbedtls_ripemd160_update_ret( (mbedtls_ripemd160_context *) ctx,
input, ilen ) );
}
static void ripemd160_finish_wrap( void *ctx, unsigned char *output )
static int ripemd160_finish_wrap( void *ctx, unsigned char *output )
{
mbedtls_ripemd160_finish( (mbedtls_ripemd160_context *) ctx, output );
return( mbedtls_ripemd160_finish_ret( (mbedtls_ripemd160_context *) ctx,
output ) );
}
static void *ripemd160_ctx_alloc( void )
@ -297,9 +299,10 @@ static void ripemd160_clone_wrap( void *dst, const void *src )
(const mbedtls_ripemd160_context *) src );
}
static void ripemd160_process_wrap( void *ctx, const unsigned char *data )
static int ripemd160_process_wrap( void *ctx, const unsigned char *data )
{
mbedtls_ripemd160_process( (mbedtls_ripemd160_context *) ctx, data );
return( mbedtls_internal_ripemd160_process(
(mbedtls_ripemd160_context *) ctx, data ) );
}
const mbedtls_md_info_t mbedtls_ripemd160_info = {
@ -310,7 +313,7 @@ const mbedtls_md_info_t mbedtls_ripemd160_info = {
ripemd160_starts_wrap,
ripemd160_update_wrap,
ripemd160_finish_wrap,
mbedtls_ripemd160,
mbedtls_ripemd160_ret,
ripemd160_ctx_alloc,
ripemd160_ctx_free,
ripemd160_clone_wrap,
@ -321,20 +324,21 @@ const mbedtls_md_info_t mbedtls_ripemd160_info = {
#if defined(MBEDTLS_SHA1_C)
static void sha1_starts_wrap( void *ctx )
static int sha1_starts_wrap( void *ctx )
{
mbedtls_sha1_starts( (mbedtls_sha1_context *) ctx );
return( mbedtls_sha1_starts_ret( (mbedtls_sha1_context *) ctx ) );
}
static void sha1_update_wrap( void *ctx, const unsigned char *input,
static int sha1_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
mbedtls_sha1_update( (mbedtls_sha1_context *) ctx, input, ilen );
return( mbedtls_sha1_update_ret( (mbedtls_sha1_context *) ctx,
input, ilen ) );
}
static void sha1_finish_wrap( void *ctx, unsigned char *output )
static int sha1_finish_wrap( void *ctx, unsigned char *output )
{
mbedtls_sha1_finish( (mbedtls_sha1_context *) ctx, output );
return( mbedtls_sha1_finish_ret( (mbedtls_sha1_context *) ctx, output ) );
}
static void *sha1_ctx_alloc( void )
@ -359,9 +363,10 @@ static void sha1_ctx_free( void *ctx )
mbedtls_free( ctx );
}
static void sha1_process_wrap( void *ctx, const unsigned char *data )
static int sha1_process_wrap( void *ctx, const unsigned char *data )
{
mbedtls_sha1_process( (mbedtls_sha1_context *) ctx, data );
return( mbedtls_internal_sha1_process( (mbedtls_sha1_context *) ctx,
data ) );
}
const mbedtls_md_info_t mbedtls_sha1_info = {
@ -372,7 +377,7 @@ const mbedtls_md_info_t mbedtls_sha1_info = {
sha1_starts_wrap,
sha1_update_wrap,
sha1_finish_wrap,
mbedtls_sha1,
mbedtls_sha1_ret,
sha1_ctx_alloc,
sha1_ctx_free,
sha1_clone_wrap,
@ -386,26 +391,28 @@ const mbedtls_md_info_t mbedtls_sha1_info = {
*/
#if defined(MBEDTLS_SHA256_C)
static void sha224_starts_wrap( void *ctx )
static int sha224_starts_wrap( void *ctx )
{
mbedtls_sha256_starts( (mbedtls_sha256_context *) ctx, 1 );
return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) );
}
static void sha224_update_wrap( void *ctx, const unsigned char *input,
static int sha224_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
mbedtls_sha256_update( (mbedtls_sha256_context *) ctx, input, ilen );
return( mbedtls_sha256_update_ret( (mbedtls_sha256_context *) ctx,
input, ilen ) );
}
static void sha224_finish_wrap( void *ctx, unsigned char *output )
static int sha224_finish_wrap( void *ctx, unsigned char *output )
{
mbedtls_sha256_finish( (mbedtls_sha256_context *) ctx, output );
return( mbedtls_sha256_finish_ret( (mbedtls_sha256_context *) ctx,
output ) );
}
static void sha224_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
static int sha224_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
mbedtls_sha256( input, ilen, output, 1 );
return( mbedtls_sha256_ret( input, ilen, output, 1 ) );
}
static void *sha224_ctx_alloc( void )
@ -430,9 +437,10 @@ static void sha224_clone_wrap( void *dst, const void *src )
(const mbedtls_sha256_context *) src );
}
static void sha224_process_wrap( void *ctx, const unsigned char *data )
static int sha224_process_wrap( void *ctx, const unsigned char *data )
{
mbedtls_sha256_process( (mbedtls_sha256_context *) ctx, data );
return( mbedtls_internal_sha256_process( (mbedtls_sha256_context *) ctx,
data ) );
}
const mbedtls_md_info_t mbedtls_sha224_info = {
@ -450,15 +458,15 @@ const mbedtls_md_info_t mbedtls_sha224_info = {
sha224_process_wrap,
};
static void sha256_starts_wrap( void *ctx )
static int sha256_starts_wrap( void *ctx )
{
mbedtls_sha256_starts( (mbedtls_sha256_context *) ctx, 0 );
return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 0 ) );
}
static void sha256_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
static int sha256_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
mbedtls_sha256( input, ilen, output, 0 );
return( mbedtls_sha256_ret( input, ilen, output, 0 ) );
}
const mbedtls_md_info_t mbedtls_sha256_info = {
@ -480,26 +488,28 @@ const mbedtls_md_info_t mbedtls_sha256_info = {
#if defined(MBEDTLS_SHA512_C)
static void sha384_starts_wrap( void *ctx )
static int sha384_starts_wrap( void *ctx )
{
mbedtls_sha512_starts( (mbedtls_sha512_context *) ctx, 1 );
return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 1 ) );
}
static void sha384_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
static int sha384_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
mbedtls_sha512_update( (mbedtls_sha512_context *) ctx, input, ilen );
return( mbedtls_sha512_update_ret( (mbedtls_sha512_context *) ctx,
input, ilen ) );
}
static void sha384_finish_wrap( void *ctx, unsigned char *output )
static int sha384_finish_wrap( void *ctx, unsigned char *output )
{
mbedtls_sha512_finish( (mbedtls_sha512_context *) ctx, output );
return( mbedtls_sha512_finish_ret( (mbedtls_sha512_context *) ctx,
output ) );
}
static void sha384_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
static int sha384_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
mbedtls_sha512( input, ilen, output, 1 );
return( mbedtls_sha512_ret( input, ilen, output, 1 ) );
}
static void *sha384_ctx_alloc( void )
@ -524,9 +534,10 @@ static void sha384_clone_wrap( void *dst, const void *src )
(const mbedtls_sha512_context *) src );
}
static void sha384_process_wrap( void *ctx, const unsigned char *data )
static int sha384_process_wrap( void *ctx, const unsigned char *data )
{
mbedtls_sha512_process( (mbedtls_sha512_context *) ctx, data );
return( mbedtls_internal_sha512_process( (mbedtls_sha512_context *) ctx,
data ) );
}
const mbedtls_md_info_t mbedtls_sha384_info = {
@ -544,15 +555,15 @@ const mbedtls_md_info_t mbedtls_sha384_info = {
sha384_process_wrap,
};
static void sha512_starts_wrap( void *ctx )
static int sha512_starts_wrap( void *ctx )
{
mbedtls_sha512_starts( (mbedtls_sha512_context *) ctx, 0 );
return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 0 ) );
}
static void sha512_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
static int sha512_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
mbedtls_sha512( input, ilen, output, 0 );
return( mbedtls_sha512_ret( input, ilen, output, 0 ) );
}
const mbedtls_md_info_t mbedtls_sha512_info = {

View file

@ -82,31 +82,33 @@ static int pem_get_iv( const unsigned char *s, unsigned char *iv,
return( 0 );
}
static void pem_pbkdf1( unsigned char *key, size_t keylen,
unsigned char *iv,
const unsigned char *pwd, size_t pwdlen )
static int pem_pbkdf1( unsigned char *key, size_t keylen,
unsigned char *iv,
const unsigned char *pwd, size_t pwdlen )
{
mbedtls_md5_context md5_ctx;
unsigned char md5sum[16];
size_t use_len;
int ret;
mbedtls_md5_init( &md5_ctx );
/*
* key[ 0..15] = MD5(pwd || IV)
*/
mbedtls_md5_starts( &md5_ctx );
mbedtls_md5_update( &md5_ctx, pwd, pwdlen );
mbedtls_md5_update( &md5_ctx, iv, 8 );
mbedtls_md5_finish( &md5_ctx, md5sum );
if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 )
goto exit;
if( keylen <= 16 )
{
memcpy( key, md5sum, keylen );
mbedtls_md5_free( &md5_ctx );
mbedtls_zeroize( md5sum, 16 );
return;
goto exit;
}
memcpy( key, md5sum, 16 );
@ -114,11 +116,16 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
/*
* key[16..23] = MD5(key[ 0..15] || pwd || IV])
*/
mbedtls_md5_starts( &md5_ctx );
mbedtls_md5_update( &md5_ctx, md5sum, 16 );
mbedtls_md5_update( &md5_ctx, pwd, pwdlen );
mbedtls_md5_update( &md5_ctx, iv, 8 );
mbedtls_md5_finish( &md5_ctx, md5sum );
if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_update_ret( &md5_ctx, md5sum, 16 ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 )
goto exit;
use_len = 16;
if( keylen < 32 )
@ -126,8 +133,11 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
memcpy( key + 16, md5sum, use_len );
exit:
mbedtls_md5_free( &md5_ctx );
mbedtls_zeroize( md5sum, 16 );
return( ret );
}
#if defined(MBEDTLS_DES_C)
@ -144,7 +154,8 @@ static int pem_des_decrypt( unsigned char des_iv[8],
mbedtls_des_init( &des_ctx );
pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen );
if( ( ret = pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_des_setkey_dec( &des_ctx, des_key ) ) != 0 )
goto exit;
@ -171,7 +182,8 @@ static int pem_des3_decrypt( unsigned char des3_iv[8],
mbedtls_des3_init( &des3_ctx );
pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen );
if( ( ret = pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_des3_set3key_dec( &des3_ctx, des3_key ) ) != 0 )
goto exit;
@ -200,7 +212,8 @@ static int pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen,
mbedtls_aes_init( &aes_ctx );
pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen );
if( ( ret = pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 ) ) != 0 )
goto exit;

View file

@ -46,6 +46,8 @@
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
#if !defined(MBEDTLS_RIPEMD160_ALT)
/*
* 32-bit integer manipulation macros (little endian)
*/
@ -96,7 +98,7 @@ void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst,
/*
* RIPEMD-160 context setup
*/
void mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx )
int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@ -106,13 +108,16 @@ void mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx )
ctx->state[2] = 0x98BADCFE;
ctx->state[3] = 0x10325476;
ctx->state[4] = 0xC3D2E1F0;
return( 0 );
}
#if !defined(MBEDTLS_RIPEMD160_PROCESS_ALT)
/*
* Process one block
*/
void mbedtls_ripemd160_process( mbedtls_ripemd160_context *ctx, const unsigned char data[64] )
int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
const unsigned char data[64] )
{
uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16];
@ -287,20 +292,24 @@ void mbedtls_ripemd160_process( mbedtls_ripemd160_context *ctx, const unsigned c
ctx->state[3] = ctx->state[4] + A + Bp;
ctx->state[4] = ctx->state[0] + B + Cp;
ctx->state[0] = C;
return( 0 );
}
#endif /* !MBEDTLS_RIPEMD160_PROCESS_ALT */
/*
* RIPEMD-160 process buffer
*/
void mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx,
const unsigned char *input, size_t ilen )
int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx,
const unsigned char *input,
size_t ilen )
{
int ret;
size_t fill;
uint32_t left;
if( ilen == 0 )
return;
return( 0 );
left = ctx->total[0] & 0x3F;
fill = 64 - left;
@ -314,7 +323,10 @@ void mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx,
if( left && ilen >= fill )
{
memcpy( (void *) (ctx->buffer + left), input, fill );
mbedtls_ripemd160_process( ctx, ctx->buffer );
if( ( ret = mbedtls_internal_ripemd160_process( ctx, ctx->buffer ) ) != 0 )
return( ret );
input += fill;
ilen -= fill;
left = 0;
@ -322,7 +334,9 @@ void mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx,
while( ilen >= 64 )
{
mbedtls_ripemd160_process( ctx, input );
if( ( ret = mbedtls_internal_ripemd160_process( ctx, input ) ) != 0 )
return( ret );
input += 64;
ilen -= 64;
}
@ -331,6 +345,8 @@ void mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx,
{
memcpy( (void *) (ctx->buffer + left), input, ilen );
}
return( 0 );
}
static const unsigned char ripemd160_padding[64] =
@ -344,8 +360,10 @@ static const unsigned char ripemd160_padding[64] =
/*
* RIPEMD-160 final digest
*/
void mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, unsigned char output[20] )
int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx,
unsigned char output[20] )
{
int ret;
uint32_t last, padn;
uint32_t high, low;
unsigned char msglen[8];
@ -360,29 +378,50 @@ void mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, unsigned char out
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
mbedtls_ripemd160_update( ctx, ripemd160_padding, padn );
mbedtls_ripemd160_update( ctx, msglen, 8 );
ret = mbedtls_ripemd160_update_ret( ctx, ripemd160_padding, padn );
if( ret != 0 )
return( ret );
ret = mbedtls_ripemd160_update_ret( ctx, msglen, 8 );
if( ret != 0 )
return( ret );
PUT_UINT32_LE( ctx->state[0], output, 0 );
PUT_UINT32_LE( ctx->state[1], output, 4 );
PUT_UINT32_LE( ctx->state[2], output, 8 );
PUT_UINT32_LE( ctx->state[3], output, 12 );
PUT_UINT32_LE( ctx->state[4], output, 16 );
return( 0 );
}
#endif /* ! MBEDTLS_RIPEMD160_ALT */
/*
* output = RIPEMD-160( input buffer )
*/
void mbedtls_ripemd160( const unsigned char *input, size_t ilen,
unsigned char output[20] )
int mbedtls_ripemd160_ret( const unsigned char *input,
size_t ilen,
unsigned char output[20] )
{
int ret;
mbedtls_ripemd160_context ctx;
mbedtls_ripemd160_init( &ctx );
mbedtls_ripemd160_starts( &ctx );
mbedtls_ripemd160_update( &ctx, input, ilen );
mbedtls_ripemd160_finish( &ctx, output );
if( ( ret = mbedtls_ripemd160_starts_ret( &ctx ) ) != 0 )
goto exit;
if( ( ret = mbedtls_ripemd160_update_ret( &ctx, input, ilen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_ripemd160_finish_ret( &ctx, output ) ) != 0 )
goto exit;
exit:
mbedtls_ripemd160_free( &ctx );
return( ret );
}
#if defined(MBEDTLS_SELF_TEST)
@ -391,18 +430,22 @@ void mbedtls_ripemd160( const unsigned char *input, size_t ilen,
* http://homes.esat.kuleuven.be/~bosselae/mbedtls_ripemd160.html#HMAC
*/
#define TESTS 8
#define KEYS 2
static const char *ripemd160_test_input[TESTS] =
static const unsigned char ripemd160_test_str[TESTS][81] =
{
"",
"a",
"abc",
"message digest",
"abcdefghijklmnopqrstuvwxyz",
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
"1234567890123456789012345678901234567890"
"1234567890123456789012345678901234567890",
{ "" },
{ "a" },
{ "abc" },
{ "message digest" },
{ "abcdefghijklmnopqrstuvwxyz" },
{ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
{ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
{ "12345678901234567890123456789012345678901234567890123456789012"
"345678901234567890" },
};
static const size_t ripemd160_test_strlen[TESTS] =
{
0, 1, 3, 14, 26, 56, 62, 80
};
static const unsigned char ripemd160_test_md[TESTS][20] =
@ -430,7 +473,7 @@ static const unsigned char ripemd160_test_md[TESTS][20] =
*/
int mbedtls_ripemd160_self_test( int verbose )
{
int i;
int i, ret = 0;
unsigned char output[20];
memset( output, 0, sizeof output );
@ -440,16 +483,15 @@ int mbedtls_ripemd160_self_test( int verbose )
if( verbose != 0 )
mbedtls_printf( " RIPEMD-160 test #%d: ", i + 1 );
mbedtls_ripemd160( (const unsigned char *) ripemd160_test_input[i],
strlen( ripemd160_test_input[i] ),
output );
ret = mbedtls_ripemd160_ret( ripemd160_test_str[i],
ripemd160_test_strlen[i], output );
if( ret != 0 )
goto fail;
if( memcmp( output, ripemd160_test_md[i], 20 ) != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
return( 1 );
ret = 1;
goto fail;
}
if( verbose != 0 )
@ -460,6 +502,12 @@ int mbedtls_ripemd160_self_test( int verbose )
mbedtls_printf( "\n" );
return( 0 );
fail:
if( verbose != 0 )
mbedtls_printf( "failed\n" );
return( ret );
}
#endif /* MBEDTLS_SELF_TEST */

View file

@ -942,7 +942,7 @@ cleanup:
* \param slen length of the source buffer
* \param md_ctx message digest context to use
*/
static void mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src,
static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src,
size_t slen, mbedtls_md_context_t *md_ctx )
{
unsigned char mask[MBEDTLS_MD_MAX_SIZE];
@ -950,6 +950,7 @@ static void mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src,
unsigned char *p;
unsigned int hlen;
size_t i, use_len;
int ret = 0;
memset( mask, 0, MBEDTLS_MD_MAX_SIZE );
memset( counter, 0, 4 );
@ -965,10 +966,14 @@ static void mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src,
if( dlen < hlen )
use_len = dlen;
mbedtls_md_starts( md_ctx );
mbedtls_md_update( md_ctx, src, slen );
mbedtls_md_update( md_ctx, counter, 4 );
mbedtls_md_finish( md_ctx, mask );
if( ( ret = mbedtls_md_starts( md_ctx ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md_update( md_ctx, src, slen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md_update( md_ctx, counter, 4 ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md_finish( md_ctx, mask ) ) != 0 )
goto exit;
for( i = 0; i < use_len; ++i )
*p++ ^= mask[i];
@ -978,7 +983,10 @@ static void mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src,
dlen -= use_len;
}
exit:
mbedtls_zeroize( mask, sizeof( mask ) );
return( ret );
}
#endif /* MBEDTLS_PKCS1_V21 */
@ -1030,7 +1038,8 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
p += hlen;
/* Construct DB */
mbedtls_md( md_info, label, label_len, p );
if( ( ret = mbedtls_md( md_info, label, label_len, p ) ) != 0 )
return( ret );
p += hlen;
p += olen - 2 * hlen - 2 - ilen;
*p++ = 1;
@ -1038,21 +1047,24 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
mbedtls_md_init( &md_ctx );
if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
{
mbedtls_md_free( &md_ctx );
return( ret );
}
goto exit;
/* maskedDB: Apply dbMask to DB */
mgf_mask( output + hlen + 1, olen - hlen - 1, output + 1, hlen,
&md_ctx );
if( ( ret = mgf_mask( output + hlen + 1, olen - hlen - 1, output + 1, hlen,
&md_ctx ) ) != 0 )
goto exit;
/* maskedSeed: Apply seedMask to seed */
mgf_mask( output + 1, hlen, output + hlen + 1, olen - hlen - 1,
&md_ctx );
if( ( ret = mgf_mask( output + 1, hlen, output + hlen + 1, olen - hlen - 1,
&md_ctx ) ) != 0 )
goto exit;
exit:
mbedtls_md_free( &md_ctx );
if( ret != 0 )
return( ret );
return( ( mode == MBEDTLS_RSA_PUBLIC )
? mbedtls_rsa_public( ctx, output, output )
: mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) );
@ -1219,20 +1231,23 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
goto cleanup;
}
/* Generate lHash */
mbedtls_md( md_info, label, label_len, lhash );
/* seed: Apply seedMask to maskedSeed */
mgf_mask( buf + 1, hlen, buf + hlen + 1, ilen - hlen - 1,
&md_ctx );
if( ( ret = mgf_mask( buf + 1, hlen, buf + hlen + 1, ilen - hlen - 1,
&md_ctx ) ) != 0 ||
/* DB: Apply dbMask to maskedDB */
mgf_mask( buf + hlen + 1, ilen - hlen - 1, buf + 1, hlen,
&md_ctx );
( ret = mgf_mask( buf + hlen + 1, ilen - hlen - 1, buf + 1, hlen,
&md_ctx ) ) != 0 )
{
mbedtls_md_free( &md_ctx );
goto cleanup;
}
mbedtls_md_free( &md_ctx );
/* Generate lHash */
if( ( ret = mbedtls_md( md_info, label, label_len, lhash ) ) != 0 )
goto cleanup;
/*
* Check contents, in "constant-time"
*/
@ -1483,28 +1498,28 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
mbedtls_md_init( &md_ctx );
if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
{
mbedtls_md_free( &md_ctx );
/* No need to zeroize salt: we didn't use it. */
return( ret );
}
goto exit;
/* Generate H = Hash( M' ) */
mbedtls_md_starts( &md_ctx );
mbedtls_md_update( &md_ctx, p, 8 );
mbedtls_md_update( &md_ctx, hash, hashlen );
mbedtls_md_update( &md_ctx, salt, slen );
mbedtls_md_finish( &md_ctx, p );
mbedtls_zeroize( salt, sizeof( salt ) );
if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md_update( &md_ctx, p, 8 ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md_update( &md_ctx, hash, hashlen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md_update( &md_ctx, salt, slen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md_finish( &md_ctx, p ) ) != 0 )
goto exit;
/* Compensate for boundary condition when applying mask */
if( msb % 8 == 0 )
offset = 1;
/* maskedDB: Apply dbMask to DB */
mgf_mask( sig + offset, olen - hlen - 1 - offset, p, hlen, &md_ctx );
mbedtls_md_free( &md_ctx );
if( ( ret = mgf_mask( sig + offset, olen - hlen - 1 - offset, p, hlen,
&md_ctx ) ) != 0 )
goto exit;
msb = mbedtls_mpi_bitlen( &ctx->N ) - 1;
sig[0] &= 0xFF >> ( olen * 8 - msb );
@ -1512,6 +1527,14 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
p += hlen;
*p++ = 0xBC;
mbedtls_zeroize( salt, sizeof( salt ) );
exit:
mbedtls_md_free( &md_ctx );
if( ret != 0 )
return( ret );
return( ( mode == MBEDTLS_RSA_PUBLIC )
? mbedtls_rsa_public( ctx, sig, sig )
: mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig ) );
@ -1837,23 +1860,21 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
mbedtls_md_init( &md_ctx );
if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
{
mbedtls_md_free( &md_ctx );
return( ret );
}
goto exit;
mgf_mask( p, siglen - hlen - 1, p + siglen - hlen - 1, hlen, &md_ctx );
if( ( ret = mgf_mask( p, siglen - hlen - 1, p + siglen - hlen - 1, hlen,
&md_ctx ) ) != 0 )
goto exit;
buf[0] &= 0xFF >> ( siglen * 8 - msb );
while( p < buf + siglen && *p == 0 )
p++;
if( p == buf + siglen ||
*p++ != 0x01 )
if( p == buf + siglen || *p++ != 0x01 )
{
mbedtls_md_free( &md_ctx );
return( MBEDTLS_ERR_RSA_INVALID_PADDING );
ret = MBEDTLS_ERR_RSA_INVALID_PADDING;
goto exit;
}
/* Actual salt len */
@ -1862,25 +1883,34 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
if( expected_salt_len != MBEDTLS_RSA_SALT_LEN_ANY &&
slen != (size_t) expected_salt_len )
{
mbedtls_md_free( &md_ctx );
return( MBEDTLS_ERR_RSA_INVALID_PADDING );
ret = MBEDTLS_ERR_RSA_INVALID_PADDING;
goto exit;
}
/*
* Generate H = Hash( M' )
*/
mbedtls_md_starts( &md_ctx );
mbedtls_md_update( &md_ctx, zeros, 8 );
mbedtls_md_update( &md_ctx, hash, hashlen );
mbedtls_md_update( &md_ctx, p, slen );
mbedtls_md_finish( &md_ctx, result );
if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md_update( &md_ctx, zeros, 8 ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md_update( &md_ctx, hash, hashlen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md_update( &md_ctx, p, slen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md_finish( &md_ctx, result ) ) != 0 )
goto exit;
if( memcmp( p + slen, result, hlen ) != 0 )
{
ret = MBEDTLS_ERR_RSA_VERIFY_FAILED;
goto exit;
}
exit:
mbedtls_md_free( &md_ctx );
if( memcmp( p + slen, result, hlen ) == 0 )
return( 0 );
else
return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
return( ret );
}
/*
@ -2229,7 +2259,13 @@ int mbedtls_rsa_self_test( int verbose )
if( verbose != 0 )
mbedtls_printf( " PKCS#1 data sign : " );
mbedtls_sha1( rsa_plaintext, PT_LEN, sha1sum );
if( mbedtls_sha1_ret( rsa_plaintext, PT_LEN, sha1sum ) != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
return( 1 );
}
if( mbedtls_rsa_pkcs1_sign( &rsa, myrand, NULL,
MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0,

View file

@ -97,7 +97,7 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
/*
* SHA-1 context setup
*/
void mbedtls_sha1_starts( mbedtls_sha1_context *ctx )
int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@ -107,10 +107,13 @@ void mbedtls_sha1_starts( mbedtls_sha1_context *ctx )
ctx->state[2] = 0x98BADCFE;
ctx->state[3] = 0x10325476;
ctx->state[4] = 0xC3D2E1F0;
return( 0 );
}
#if !defined(MBEDTLS_SHA1_PROCESS_ALT)
void mbedtls_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[64] )
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
const unsigned char data[64] )
{
uint32_t temp, W[16], A, B, C, D, E;
@ -264,19 +267,24 @@ void mbedtls_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[6
ctx->state[2] += C;
ctx->state[3] += D;
ctx->state[4] += E;
return( 0 );
}
#endif /* !MBEDTLS_SHA1_PROCESS_ALT */
/*
* SHA-1 process buffer
*/
void mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen )
int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
const unsigned char *input,
size_t ilen )
{
int ret;
size_t fill;
uint32_t left;
if( ilen == 0 )
return;
return( 0 );
left = ctx->total[0] & 0x3F;
fill = 64 - left;
@ -290,7 +298,10 @@ void mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input,
if( left && ilen >= fill )
{
memcpy( (void *) (ctx->buffer + left), input, fill );
mbedtls_sha1_process( ctx, ctx->buffer );
if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 )
return( ret );
input += fill;
ilen -= fill;
left = 0;
@ -298,13 +309,17 @@ void mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input,
while( ilen >= 64 )
{
mbedtls_sha1_process( ctx, input );
if( ( ret = mbedtls_internal_sha1_process( ctx, input ) ) != 0 )
return( ret );
input += 64;
ilen -= 64;
}
if( ilen > 0 )
memcpy( (void *) (ctx->buffer + left), input, ilen );
return( 0 );
}
static const unsigned char sha1_padding[64] =
@ -318,8 +333,10 @@ static const unsigned char sha1_padding[64] =
/*
* SHA-1 final digest
*/
void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] )
int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
unsigned char output[20] )
{
int ret;
uint32_t last, padn;
uint32_t high, low;
unsigned char msglen[8];
@ -334,14 +351,18 @@ void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] )
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
mbedtls_sha1_update( ctx, sha1_padding, padn );
mbedtls_sha1_update( ctx, msglen, 8 );
if( ( ret = mbedtls_sha1_update_ret( ctx, sha1_padding, padn ) ) != 0 )
return( ret );
if( ( ret = mbedtls_sha1_update_ret( ctx, msglen, 8 ) ) != 0 )
return( ret );
PUT_UINT32_BE( ctx->state[0], output, 0 );
PUT_UINT32_BE( ctx->state[1], output, 4 );
PUT_UINT32_BE( ctx->state[2], output, 8 );
PUT_UINT32_BE( ctx->state[3], output, 12 );
PUT_UINT32_BE( ctx->state[4], output, 16 );
return( 0 );
}
#endif /* !MBEDTLS_SHA1_ALT */
@ -349,15 +370,28 @@ void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] )
/*
* output = SHA-1( input buffer )
*/
void mbedtls_sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
int mbedtls_sha1_ret( const unsigned char *input,
size_t ilen,
unsigned char output[20] )
{
int ret;
mbedtls_sha1_context ctx;
mbedtls_sha1_init( &ctx );
mbedtls_sha1_starts( &ctx );
mbedtls_sha1_update( &ctx, input, ilen );
mbedtls_sha1_finish( &ctx, output );
if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 )
goto exit;
if( ( ret = mbedtls_sha1_update_ret( &ctx, input, ilen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_sha1_finish_ret( &ctx, output ) ) != 0 )
goto exit;
exit:
mbedtls_sha1_free( &ctx );
return( ret );
}
#if defined(MBEDTLS_SELF_TEST)
@ -371,7 +405,7 @@ static const unsigned char sha1_test_buf[3][57] =
{ "" }
};
static const int sha1_test_buflen[3] =
static const size_t sha1_test_buflen[3] =
{
3, 56, 1000
};
@ -406,28 +440,35 @@ int mbedtls_sha1_self_test( int verbose )
if( verbose != 0 )
mbedtls_printf( " SHA-1 test #%d: ", i + 1 );
mbedtls_sha1_starts( &ctx );
if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 )
goto fail;
if( i == 2 )
{
memset( buf, 'a', buflen = 1000 );
for( j = 0; j < 1000; j++ )
mbedtls_sha1_update( &ctx, buf, buflen );
{
ret = mbedtls_sha1_update_ret( &ctx, buf, buflen );
if( ret != 0 )
goto fail;
}
}
else
mbedtls_sha1_update( &ctx, sha1_test_buf[i],
sha1_test_buflen[i] );
{
ret = mbedtls_sha1_update_ret( &ctx, sha1_test_buf[i],
sha1_test_buflen[i] );
if( ret != 0 )
goto fail;
}
mbedtls_sha1_finish( &ctx, sha1sum );
if( ( ret = mbedtls_sha1_finish_ret( &ctx, sha1sum ) ) != 0 )
goto fail;
if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
goto fail;
}
if( verbose != 0 )
@ -437,6 +478,12 @@ int mbedtls_sha1_self_test( int verbose )
if( verbose != 0 )
mbedtls_printf( "\n" );
goto exit;
fail:
if( verbose != 0 )
mbedtls_printf( "failed\n" );
exit:
mbedtls_sha1_free( &ctx );

View file

@ -100,7 +100,7 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
/*
* SHA-256 context setup
*/
void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@ -131,6 +131,8 @@ void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
}
ctx->is224 = is224;
return( 0 );
}
#if !defined(MBEDTLS_SHA256_PROCESS_ALT)
@ -179,7 +181,8 @@ static const uint32_t K[] =
d += temp1; h = temp1 + temp2; \
}
void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] )
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
const unsigned char data[64] )
{
uint32_t temp1, temp2, W[64];
uint32_t A[8];
@ -232,20 +235,24 @@ void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char da
for( i = 0; i < 8; i++ )
ctx->state[i] += A[i];
return( 0 );
}
#endif /* !MBEDTLS_SHA256_PROCESS_ALT */
/*
* SHA-256 process buffer
*/
void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *input,
size_t ilen )
int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
const unsigned char *input,
size_t ilen )
{
int ret;
size_t fill;
uint32_t left;
if( ilen == 0 )
return;
return( 0 );
left = ctx->total[0] & 0x3F;
fill = 64 - left;
@ -259,7 +266,10 @@ void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *in
if( left && ilen >= fill )
{
memcpy( (void *) (ctx->buffer + left), input, fill );
mbedtls_sha256_process( ctx, ctx->buffer );
if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 )
return( ret );
input += fill;
ilen -= fill;
left = 0;
@ -267,13 +277,17 @@ void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *in
while( ilen >= 64 )
{
mbedtls_sha256_process( ctx, input );
if( ( ret = mbedtls_internal_sha256_process( ctx, input ) ) != 0 )
return( ret );
input += 64;
ilen -= 64;
}
if( ilen > 0 )
memcpy( (void *) (ctx->buffer + left), input, ilen );
return( 0 );
}
static const unsigned char sha256_padding[64] =
@ -287,8 +301,10 @@ static const unsigned char sha256_padding[64] =
/*
* SHA-256 final digest
*/
void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32] )
int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
unsigned char output[32] )
{
int ret;
uint32_t last, padn;
uint32_t high, low;
unsigned char msglen[8];
@ -303,8 +319,11 @@ void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
mbedtls_sha256_update( ctx, sha256_padding, padn );
mbedtls_sha256_update( ctx, msglen, 8 );
if( ( ret = mbedtls_sha256_update_ret( ctx, sha256_padding, padn ) ) != 0 )
return( ret );
if( ( ret = mbedtls_sha256_update_ret( ctx, msglen, 8 ) ) != 0 )
return( ret );
PUT_UINT32_BE( ctx->state[0], output, 0 );
PUT_UINT32_BE( ctx->state[1], output, 4 );
@ -316,6 +335,8 @@ void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32
if( ctx->is224 == 0 )
PUT_UINT32_BE( ctx->state[7], output, 28 );
return( 0 );
}
#endif /* !MBEDTLS_SHA256_ALT */
@ -323,16 +344,29 @@ void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32
/*
* output = SHA-256( input buffer )
*/
void mbedtls_sha256( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 )
int mbedtls_sha256_ret( const unsigned char *input,
size_t ilen,
unsigned char output[32],
int is224 )
{
int ret;
mbedtls_sha256_context ctx;
mbedtls_sha256_init( &ctx );
mbedtls_sha256_starts( &ctx, is224 );
mbedtls_sha256_update( &ctx, input, ilen );
mbedtls_sha256_finish( &ctx, output );
if( ( ret = mbedtls_sha256_starts_ret( &ctx, is224 ) ) != 0 )
goto exit;
if( ( ret = mbedtls_sha256_update_ret( &ctx, input, ilen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_sha256_finish_ret( &ctx, output ) ) != 0 )
goto exit;
exit:
mbedtls_sha256_free( &ctx );
return( ret );
}
#if defined(MBEDTLS_SELF_TEST)
@ -346,7 +380,7 @@ static const unsigned char sha256_test_buf[3][57] =
{ "" }
};
static const int sha256_test_buflen[3] =
static const size_t sha256_test_buflen[3] =
{
3, 56, 1000
};
@ -415,28 +449,37 @@ int mbedtls_sha256_self_test( int verbose )
if( verbose != 0 )
mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 );
mbedtls_sha256_starts( &ctx, k );
if( ( ret = mbedtls_sha256_starts_ret( &ctx, k ) ) != 0 )
goto fail;
if( j == 2 )
{
memset( buf, 'a', buflen = 1000 );
for( j = 0; j < 1000; j++ )
mbedtls_sha256_update( &ctx, buf, buflen );
{
ret = mbedtls_sha256_update_ret( &ctx, buf, buflen );
if( ret != 0 )
goto fail;
}
}
else
mbedtls_sha256_update( &ctx, sha256_test_buf[j],
sha256_test_buflen[j] );
{
ret = mbedtls_sha256_update_ret( &ctx, sha256_test_buf[j],
sha256_test_buflen[j] );
if( ret != 0 )
goto fail;
}
if( ( ret = mbedtls_sha256_finish_ret( &ctx, sha256sum ) ) != 0 )
goto fail;
mbedtls_sha256_finish( &ctx, sha256sum );
if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
goto fail;
}
if( verbose != 0 )
@ -446,6 +489,12 @@ int mbedtls_sha256_self_test( int verbose )
if( verbose != 0 )
mbedtls_printf( "\n" );
goto exit;
fail:
if( verbose != 0 )
mbedtls_printf( "failed\n" );
exit:
mbedtls_sha256_free( &ctx );
mbedtls_free( buf );

View file

@ -114,7 +114,7 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
/*
* SHA-512 context setup
*/
void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 )
int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@ -145,6 +145,8 @@ void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 )
}
ctx->is384 = is384;
return( 0 );
}
#if !defined(MBEDTLS_SHA512_PROCESS_ALT)
@ -196,7 +198,8 @@ static const uint64_t K[80] =
UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817)
};
void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] )
int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
const unsigned char data[128] )
{
int i;
uint64_t temp1, temp2, W[80];
@ -263,20 +266,24 @@ void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char da
ctx->state[5] += F;
ctx->state[6] += G;
ctx->state[7] += H;
return( 0 );
}
#endif /* !MBEDTLS_SHA512_PROCESS_ALT */
/*
* SHA-512 process buffer
*/
void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input,
size_t ilen )
int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx,
const unsigned char *input,
size_t ilen )
{
int ret;
size_t fill;
unsigned int left;
if( ilen == 0 )
return;
return( 0 );
left = (unsigned int) (ctx->total[0] & 0x7F);
fill = 128 - left;
@ -289,7 +296,10 @@ void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *in
if( left && ilen >= fill )
{
memcpy( (void *) (ctx->buffer + left), input, fill );
mbedtls_sha512_process( ctx, ctx->buffer );
if( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 )
return( ret );
input += fill;
ilen -= fill;
left = 0;
@ -297,13 +307,17 @@ void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *in
while( ilen >= 128 )
{
mbedtls_sha512_process( ctx, input );
if( ( ret = mbedtls_internal_sha512_process( ctx, input ) ) != 0 )
return( ret );
input += 128;
ilen -= 128;
}
if( ilen > 0 )
memcpy( (void *) (ctx->buffer + left), input, ilen );
return( 0 );
}
static const unsigned char sha512_padding[128] =
@ -321,8 +335,10 @@ static const unsigned char sha512_padding[128] =
/*
* SHA-512 final digest
*/
void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64] )
int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
unsigned char output[64] )
{
int ret;
size_t last, padn;
uint64_t high, low;
unsigned char msglen[16];
@ -337,8 +353,11 @@ void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64
last = (size_t)( ctx->total[0] & 0x7F );
padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last );
mbedtls_sha512_update( ctx, sha512_padding, padn );
mbedtls_sha512_update( ctx, msglen, 16 );
if( ( ret = mbedtls_sha512_update_ret( ctx, sha512_padding, padn ) ) != 0 )
return( ret );
if( ( ret = mbedtls_sha512_update_ret( ctx, msglen, 16 ) ) != 0 )
return( ret );
PUT_UINT64_BE( ctx->state[0], output, 0 );
PUT_UINT64_BE( ctx->state[1], output, 8 );
@ -352,6 +371,8 @@ void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64
PUT_UINT64_BE( ctx->state[6], output, 48 );
PUT_UINT64_BE( ctx->state[7], output, 56 );
}
return( 0 );
}
#endif /* !MBEDTLS_SHA512_ALT */
@ -359,16 +380,29 @@ void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64
/*
* output = SHA-512( input buffer )
*/
void mbedtls_sha512( const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 )
int mbedtls_sha512_ret( const unsigned char *input,
size_t ilen,
unsigned char output[64],
int is384 )
{
int ret;
mbedtls_sha512_context ctx;
mbedtls_sha512_init( &ctx );
mbedtls_sha512_starts( &ctx, is384 );
mbedtls_sha512_update( &ctx, input, ilen );
mbedtls_sha512_finish( &ctx, output );
if( ( ret = mbedtls_sha512_starts_ret( &ctx, is384 ) ) != 0 )
goto exit;
if( ( ret = mbedtls_sha512_update_ret( &ctx, input, ilen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_sha512_finish_ret( &ctx, output ) ) != 0 )
goto exit;
exit:
mbedtls_sha512_free( &ctx );
return( ret );
}
#if defined(MBEDTLS_SELF_TEST)
@ -384,7 +418,7 @@ static const unsigned char sha512_test_buf[3][113] =
{ "" }
};
static const int sha512_test_buflen[3] =
static const size_t sha512_test_buflen[3] =
{
3, 112, 1000
};
@ -471,28 +505,35 @@ int mbedtls_sha512_self_test( int verbose )
if( verbose != 0 )
mbedtls_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 );
mbedtls_sha512_starts( &ctx, k );
if( ( ret = mbedtls_sha512_starts_ret( &ctx, k ) ) != 0 )
goto fail;
if( j == 2 )
{
memset( buf, 'a', buflen = 1000 );
for( j = 0; j < 1000; j++ )
mbedtls_sha512_update( &ctx, buf, buflen );
{
ret = mbedtls_sha512_update_ret( &ctx, buf, buflen );
if( ret != 0 )
goto fail;
}
}
else
mbedtls_sha512_update( &ctx, sha512_test_buf[j],
sha512_test_buflen[j] );
{
ret = mbedtls_sha512_update_ret( &ctx, sha512_test_buf[j],
sha512_test_buflen[j] );
if( ret != 0 )
goto fail;
}
mbedtls_sha512_finish( &ctx, sha512sum );
if( ( ret = mbedtls_sha512_finish_ret( &ctx, sha512sum ) ) != 0 )
goto fail;
if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
goto fail;
}
if( verbose != 0 )
@ -502,6 +543,12 @@ int mbedtls_sha512_self_test( int verbose )
if( verbose != 0 )
mbedtls_printf( "\n" );
goto exit;
fail:
if( verbose != 0 )
mbedtls_printf( "failed\n" );
exit:
mbedtls_sha512_free( &ctx );
mbedtls_free( buf );

View file

@ -2498,39 +2498,11 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
defined(MBEDTLS_SSL_PROTO_TLS1_1)
if( md_alg == MBEDTLS_MD_NONE )
{
mbedtls_md5_context mbedtls_md5;
mbedtls_sha1_context mbedtls_sha1;
mbedtls_md5_init( &mbedtls_md5 );
mbedtls_sha1_init( &mbedtls_sha1 );
hashlen = 36;
/*
* digitally-signed struct {
* opaque md5_hash[16];
* opaque sha_hash[20];
* };
*
* md5_hash
* MD5(ClientHello.random + ServerHello.random
* + ServerParams);
* sha_hash
* SHA(ClientHello.random + ServerHello.random
* + ServerParams);
*/
mbedtls_md5_starts( &mbedtls_md5 );
mbedtls_md5_update( &mbedtls_md5, ssl->handshake->randbytes, 64 );
mbedtls_md5_update( &mbedtls_md5, params, params_len );
mbedtls_md5_finish( &mbedtls_md5, hash );
mbedtls_sha1_starts( &mbedtls_sha1 );
mbedtls_sha1_update( &mbedtls_sha1, ssl->handshake->randbytes, 64 );
mbedtls_sha1_update( &mbedtls_sha1, params, params_len );
mbedtls_sha1_finish( &mbedtls_sha1, hash + 16 );
mbedtls_md5_free( &mbedtls_md5 );
mbedtls_sha1_free( &mbedtls_sha1 );
ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash, params,
params_len );
if( ret != 0 )
return( ret );
}
else
#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
@ -2539,34 +2511,12 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( md_alg != MBEDTLS_MD_NONE )
{
mbedtls_md_context_t ctx;
mbedtls_md_init( &ctx );
/* Info from md_alg will be used instead */
hashlen = 0;
/*
* digitally-signed struct {
* opaque client_random[32];
* opaque server_random[32];
* ServerDHParams params;
* };
*/
if( ( ret = mbedtls_md_setup( &ctx,
mbedtls_md_info_from_type( md_alg ), 0 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret );
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, params,
params_len, md_alg );
if( ret != 0 )
return( ret );
}
mbedtls_md_starts( &ctx );
mbedtls_md_update( &ctx, ssl->handshake->randbytes, 64 );
mbedtls_md_update( &ctx, params, params_len );
mbedtls_md_finish( &ctx, hash );
mbedtls_md_free( &ctx );
}
else
#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \

View file

@ -3093,40 +3093,12 @@ curve_matching_done:
defined(MBEDTLS_SSL_PROTO_TLS1_1)
if( md_alg == MBEDTLS_MD_NONE )
{
mbedtls_md5_context mbedtls_md5;
mbedtls_sha1_context mbedtls_sha1;
mbedtls_md5_init( &mbedtls_md5 );
mbedtls_sha1_init( &mbedtls_sha1 );
/*
* digitally-signed struct {
* opaque md5_hash[16];
* opaque sha_hash[20];
* };
*
* md5_hash
* MD5(ClientHello.random + ServerHello.random
* + ServerParams);
* sha_hash
* SHA(ClientHello.random + ServerHello.random
* + ServerParams);
*/
mbedtls_md5_starts( &mbedtls_md5 );
mbedtls_md5_update( &mbedtls_md5, ssl->handshake->randbytes, 64 );
mbedtls_md5_update( &mbedtls_md5, dig_signed, dig_signed_len );
mbedtls_md5_finish( &mbedtls_md5, hash );
mbedtls_sha1_starts( &mbedtls_sha1 );
mbedtls_sha1_update( &mbedtls_sha1, ssl->handshake->randbytes, 64 );
mbedtls_sha1_update( &mbedtls_sha1, dig_signed, dig_signed_len );
mbedtls_sha1_finish( &mbedtls_sha1, hash + 16 );
hashlen = 36;
mbedtls_md5_free( &mbedtls_md5 );
mbedtls_sha1_free( &mbedtls_sha1 );
ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash,
dig_signed,
dig_signed_len );
if( ret != 0 )
return( ret );
}
else
#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
@ -3135,32 +3107,14 @@ curve_matching_done:
defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( md_alg != MBEDTLS_MD_NONE )
{
mbedtls_md_context_t ctx;
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
mbedtls_md_init( &ctx );
/* Info from md_alg will be used instead */
hashlen = 0;
/*
* digitally-signed struct {
* opaque client_random[32];
* opaque server_random[32];
* ServerDHParams params;
* };
*/
if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret );
ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash,
dig_signed,
dig_signed_len,
md_alg );
if( ret != 0 )
return( ret );
}
mbedtls_md_starts( &ctx );
mbedtls_md_update( &ctx, ssl->handshake->randbytes, 64 );
mbedtls_md_update( &ctx, dig_signed, dig_signed_len );
mbedtls_md_finish( &ctx, hash );
mbedtls_md_free( &ctx );
}
else
#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \

View file

@ -221,6 +221,7 @@ static int ssl3_prf( const unsigned char *secret, size_t slen,
const unsigned char *random, size_t rlen,
unsigned char *dstbuf, size_t dlen )
{
int ret = 0;
size_t i;
mbedtls_md5_context md5;
mbedtls_sha1_context sha1;
@ -243,25 +244,35 @@ static int ssl3_prf( const unsigned char *secret, size_t slen,
{
memset( padding, (unsigned char) ('A' + i), 1 + i );
mbedtls_sha1_starts( &sha1 );
mbedtls_sha1_update( &sha1, padding, 1 + i );
mbedtls_sha1_update( &sha1, secret, slen );
mbedtls_sha1_update( &sha1, random, rlen );
mbedtls_sha1_finish( &sha1, sha1sum );
if( ( ret = mbedtls_sha1_starts_ret( &sha1 ) ) != 0 )
goto exit;
if( ( ret = mbedtls_sha1_update_ret( &sha1, padding, 1 + i ) ) != 0 )
goto exit;
if( ( ret = mbedtls_sha1_update_ret( &sha1, secret, slen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_sha1_update_ret( &sha1, random, rlen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_sha1_finish_ret( &sha1, sha1sum ) ) != 0 )
goto exit;
mbedtls_md5_starts( &md5 );
mbedtls_md5_update( &md5, secret, slen );
mbedtls_md5_update( &md5, sha1sum, 20 );
mbedtls_md5_finish( &md5, dstbuf + i * 16 );
if( ( ret = mbedtls_md5_starts_ret( &md5 ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_update_ret( &md5, secret, slen ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_update_ret( &md5, sha1sum, 20 ) ) != 0 )
goto exit;
if( ( ret = mbedtls_md5_finish_ret( &md5, dstbuf + i * 16 ) ) != 0 )
goto exit;
}
exit:
mbedtls_md5_free( &md5 );
mbedtls_sha1_free( &sha1 );
mbedtls_zeroize( padding, sizeof( padding ) );
mbedtls_zeroize( sha1sum, sizeof( sha1sum ) );
return( 0 );
return( ret );
}
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
@ -978,25 +989,25 @@ void ssl_calc_verify_ssl( mbedtls_ssl_context *ssl, unsigned char hash[36] )
memset( pad_1, 0x36, 48 );
memset( pad_2, 0x5C, 48 );
mbedtls_md5_update( &md5, ssl->session_negotiate->master, 48 );
mbedtls_md5_update( &md5, pad_1, 48 );
mbedtls_md5_finish( &md5, hash );
mbedtls_md5_update_ret( &md5, ssl->session_negotiate->master, 48 );
mbedtls_md5_update_ret( &md5, pad_1, 48 );
mbedtls_md5_finish_ret( &md5, hash );
mbedtls_md5_starts( &md5 );
mbedtls_md5_update( &md5, ssl->session_negotiate->master, 48 );
mbedtls_md5_update( &md5, pad_2, 48 );
mbedtls_md5_update( &md5, hash, 16 );
mbedtls_md5_finish( &md5, hash );
mbedtls_md5_starts_ret( &md5 );
mbedtls_md5_update_ret( &md5, ssl->session_negotiate->master, 48 );
mbedtls_md5_update_ret( &md5, pad_2, 48 );
mbedtls_md5_update_ret( &md5, hash, 16 );
mbedtls_md5_finish_ret( &md5, hash );
mbedtls_sha1_update( &sha1, ssl->session_negotiate->master, 48 );
mbedtls_sha1_update( &sha1, pad_1, 40 );
mbedtls_sha1_finish( &sha1, hash + 16 );
mbedtls_sha1_update_ret( &sha1, ssl->session_negotiate->master, 48 );
mbedtls_sha1_update_ret( &sha1, pad_1, 40 );
mbedtls_sha1_finish_ret( &sha1, hash + 16 );
mbedtls_sha1_starts( &sha1 );
mbedtls_sha1_update( &sha1, ssl->session_negotiate->master, 48 );
mbedtls_sha1_update( &sha1, pad_2, 40 );
mbedtls_sha1_update( &sha1, hash + 16, 20 );
mbedtls_sha1_finish( &sha1, hash + 16 );
mbedtls_sha1_starts_ret( &sha1 );
mbedtls_sha1_update_ret( &sha1, ssl->session_negotiate->master, 48 );
mbedtls_sha1_update_ret( &sha1, pad_2, 40 );
mbedtls_sha1_update_ret( &sha1, hash + 16, 20 );
mbedtls_sha1_finish_ret( &sha1, hash + 16 );
MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
@ -1022,8 +1033,8 @@ void ssl_calc_verify_tls( mbedtls_ssl_context *ssl, unsigned char hash[36] )
mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 );
mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 );
mbedtls_md5_finish( &md5, hash );
mbedtls_sha1_finish( &sha1, hash + 16 );
mbedtls_md5_finish_ret( &md5, hash );
mbedtls_sha1_finish_ret( &sha1, hash + 16 );
MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
@ -1046,7 +1057,7 @@ void ssl_calc_verify_tls_sha256( mbedtls_ssl_context *ssl, unsigned char hash[32
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha256" ) );
mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 );
mbedtls_sha256_finish( &sha256, hash );
mbedtls_sha256_finish_ret( &sha256, hash );
MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 32 );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
@ -1067,7 +1078,7 @@ void ssl_calc_verify_tls_sha384( mbedtls_ssl_context *ssl, unsigned char hash[48
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha384" ) );
mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 );
mbedtls_sha512_finish( &sha512, hash );
mbedtls_sha512_finish_ret( &sha512, hash );
MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 48 );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
@ -4843,15 +4854,15 @@ void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl )
{
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_1)
mbedtls_md5_starts( &ssl->handshake->fin_md5 );
mbedtls_sha1_starts( &ssl->handshake->fin_sha1 );
mbedtls_md5_starts_ret( &ssl->handshake->fin_md5 );
mbedtls_sha1_starts_ret( &ssl->handshake->fin_sha1 );
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
#if defined(MBEDTLS_SHA256_C)
mbedtls_sha256_starts( &ssl->handshake->fin_sha256, 0 );
mbedtls_sha256_starts_ret( &ssl->handshake->fin_sha256, 0 );
#endif
#if defined(MBEDTLS_SHA512_C)
mbedtls_sha512_starts( &ssl->handshake->fin_sha512, 1 );
mbedtls_sha512_starts_ret( &ssl->handshake->fin_sha512, 1 );
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
}
@ -4861,15 +4872,15 @@ static void ssl_update_checksum_start( mbedtls_ssl_context *ssl,
{
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_1)
mbedtls_md5_update( &ssl->handshake->fin_md5 , buf, len );
mbedtls_sha1_update( &ssl->handshake->fin_sha1, buf, len );
mbedtls_md5_update_ret( &ssl->handshake->fin_md5 , buf, len );
mbedtls_sha1_update_ret( &ssl->handshake->fin_sha1, buf, len );
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
#if defined(MBEDTLS_SHA256_C)
mbedtls_sha256_update( &ssl->handshake->fin_sha256, buf, len );
mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len );
#endif
#if defined(MBEDTLS_SHA512_C)
mbedtls_sha512_update( &ssl->handshake->fin_sha512, buf, len );
mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len );
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
}
@ -4879,8 +4890,8 @@ static void ssl_update_checksum_start( mbedtls_ssl_context *ssl,
static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *ssl,
const unsigned char *buf, size_t len )
{
mbedtls_md5_update( &ssl->handshake->fin_md5 , buf, len );
mbedtls_sha1_update( &ssl->handshake->fin_sha1, buf, len );
mbedtls_md5_update_ret( &ssl->handshake->fin_md5 , buf, len );
mbedtls_sha1_update_ret( &ssl->handshake->fin_sha1, buf, len );
}
#endif
@ -4889,7 +4900,7 @@ static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *ssl,
static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl,
const unsigned char *buf, size_t len )
{
mbedtls_sha256_update( &ssl->handshake->fin_sha256, buf, len );
mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len );
}
#endif
@ -4897,7 +4908,7 @@ static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl,
static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl,
const unsigned char *buf, size_t len )
{
mbedtls_sha512_update( &ssl->handshake->fin_sha512, buf, len );
mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len );
}
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
@ -4950,29 +4961,29 @@ static void ssl_calc_finished_ssl(
memset( padbuf, 0x36, 48 );
mbedtls_md5_update( &md5, (const unsigned char *) sender, 4 );
mbedtls_md5_update( &md5, session->master, 48 );
mbedtls_md5_update( &md5, padbuf, 48 );
mbedtls_md5_finish( &md5, md5sum );
mbedtls_md5_update_ret( &md5, (const unsigned char *) sender, 4 );
mbedtls_md5_update_ret( &md5, session->master, 48 );
mbedtls_md5_update_ret( &md5, padbuf, 48 );
mbedtls_md5_finish_ret( &md5, md5sum );
mbedtls_sha1_update( &sha1, (const unsigned char *) sender, 4 );
mbedtls_sha1_update( &sha1, session->master, 48 );
mbedtls_sha1_update( &sha1, padbuf, 40 );
mbedtls_sha1_finish( &sha1, sha1sum );
mbedtls_sha1_update_ret( &sha1, (const unsigned char *) sender, 4 );
mbedtls_sha1_update_ret( &sha1, session->master, 48 );
mbedtls_sha1_update_ret( &sha1, padbuf, 40 );
mbedtls_sha1_finish_ret( &sha1, sha1sum );
memset( padbuf, 0x5C, 48 );
mbedtls_md5_starts( &md5 );
mbedtls_md5_update( &md5, session->master, 48 );
mbedtls_md5_update( &md5, padbuf, 48 );
mbedtls_md5_update( &md5, md5sum, 16 );
mbedtls_md5_finish( &md5, buf );
mbedtls_md5_starts_ret( &md5 );
mbedtls_md5_update_ret( &md5, session->master, 48 );
mbedtls_md5_update_ret( &md5, padbuf, 48 );
mbedtls_md5_update_ret( &md5, md5sum, 16 );
mbedtls_md5_finish_ret( &md5, buf );
mbedtls_sha1_starts( &sha1 );
mbedtls_sha1_update( &sha1, session->master, 48 );
mbedtls_sha1_update( &sha1, padbuf , 40 );
mbedtls_sha1_update( &sha1, sha1sum, 20 );
mbedtls_sha1_finish( &sha1, buf + 16 );
mbedtls_sha1_starts_ret( &sha1 );
mbedtls_sha1_update_ret( &sha1, session->master, 48 );
mbedtls_sha1_update_ret( &sha1, padbuf , 40 );
mbedtls_sha1_update_ret( &sha1, sha1sum, 20 );
mbedtls_sha1_finish_ret( &sha1, buf + 16 );
MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 );
@ -5029,8 +5040,8 @@ static void ssl_calc_finished_tls(
? "client finished"
: "server finished";
mbedtls_md5_finish( &md5, padbuf );
mbedtls_sha1_finish( &sha1, padbuf + 16 );
mbedtls_md5_finish_ret( &md5, padbuf );
mbedtls_sha1_finish_ret( &sha1, padbuf + 16 );
ssl->handshake->tls_prf( session->master, 48, sender,
padbuf, 36, buf, len );
@ -5081,7 +5092,7 @@ static void ssl_calc_finished_tls_sha256(
? "client finished"
: "server finished";
mbedtls_sha256_finish( &sha256, padbuf );
mbedtls_sha256_finish_ret( &sha256, padbuf );
ssl->handshake->tls_prf( session->master, 48, sender,
padbuf, 32, buf, len );
@ -5130,7 +5141,7 @@ static void ssl_calc_finished_tls_sha384(
? "client finished"
: "server finished";
mbedtls_sha512_finish( &sha512, padbuf );
mbedtls_sha512_finish_ret( &sha512, padbuf );
ssl->handshake->tls_prf( session->master, 48, sender,
padbuf, 48, buf, len );
@ -5444,17 +5455,17 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake )
defined(MBEDTLS_SSL_PROTO_TLS1_1)
mbedtls_md5_init( &handshake->fin_md5 );
mbedtls_sha1_init( &handshake->fin_sha1 );
mbedtls_md5_starts( &handshake->fin_md5 );
mbedtls_sha1_starts( &handshake->fin_sha1 );
mbedtls_md5_starts_ret( &handshake->fin_md5 );
mbedtls_sha1_starts_ret( &handshake->fin_sha1 );
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
#if defined(MBEDTLS_SHA256_C)
mbedtls_sha256_init( &handshake->fin_sha256 );
mbedtls_sha256_starts( &handshake->fin_sha256, 0 );
mbedtls_sha256_starts_ret( &handshake->fin_sha256, 0 );
#endif
#if defined(MBEDTLS_SHA512_C)
mbedtls_sha512_init( &handshake->fin_sha512 );
mbedtls_sha512_starts( &handshake->fin_sha512, 1 );
mbedtls_sha512_starts_ret( &handshake->fin_sha512, 1 );
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
@ -8058,4 +8069,148 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md )
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
}
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_1)
int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl,
unsigned char *output,
unsigned char *data, size_t data_len )
{
int ret = 0;
mbedtls_md5_context mbedtls_md5;
mbedtls_sha1_context mbedtls_sha1;
mbedtls_md5_init( &mbedtls_md5 );
mbedtls_sha1_init( &mbedtls_sha1 );
/*
* digitally-signed struct {
* opaque md5_hash[16];
* opaque sha_hash[20];
* };
*
* md5_hash
* MD5(ClientHello.random + ServerHello.random
* + ServerParams);
* sha_hash
* SHA(ClientHello.random + ServerHello.random
* + ServerParams);
*/
if( ( ret = mbedtls_md5_starts_ret( &mbedtls_md5 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_starts_ret", ret );
goto exit;
}
if( ( ret = mbedtls_md5_update_ret( &mbedtls_md5,
ssl->handshake->randbytes, 64 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_update_ret", ret );
goto exit;
}
if( ( ret = mbedtls_md5_update_ret( &mbedtls_md5, data, data_len ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_update_ret", ret );
goto exit;
}
if( ( ret = mbedtls_md5_finish_ret( &mbedtls_md5, output ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_finish_ret", ret );
goto exit;
}
if( ( ret = mbedtls_sha1_starts_ret( &mbedtls_sha1 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_starts_ret", ret );
goto exit;
}
if( ( ret = mbedtls_sha1_update_ret( &mbedtls_sha1,
ssl->handshake->randbytes, 64 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_update_ret", ret );
goto exit;
}
if( ( ret = mbedtls_sha1_update_ret( &mbedtls_sha1, data,
data_len ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_update_ret", ret );
goto exit;
}
if( ( ret = mbedtls_sha1_finish_ret( &mbedtls_sha1,
output + 16 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_finish_ret", ret );
goto exit;
}
exit:
mbedtls_md5_free( &mbedtls_md5 );
mbedtls_sha1_free( &mbedtls_sha1 );
if( ret != 0 )
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
return( ret );
}
#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
MBEDTLS_SSL_PROTO_TLS1_1 */
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_2)
int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
unsigned char *output,
unsigned char *data, size_t data_len,
mbedtls_md_type_t md_alg )
{
int ret = 0;
mbedtls_md_context_t ctx;
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
mbedtls_md_init( &ctx );
/*
* digitally-signed struct {
* opaque client_random[32];
* opaque server_random[32];
* ServerDHParams params;
* };
*/
if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret );
goto exit;
}
if( ( ret = mbedtls_md_starts( &ctx ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_starts", ret );
goto exit;
}
if( ( ret = mbedtls_md_update( &ctx, ssl->handshake->randbytes, 64 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_update", ret );
goto exit;
}
if( ( ret = mbedtls_md_update( &ctx, data, data_len ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_update", ret );
goto exit;
}
if( ( ret = mbedtls_md_finish( &ctx, output ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_finish", ret );
goto exit;
}
exit:
mbedtls_md_free( &ctx );
if( ret != 0 )
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
return( ret );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
MBEDTLS_SSL_PROTO_TLS1_2 */
#endif /* MBEDTLS_SSL_TLS_C */

View file

@ -177,8 +177,11 @@ int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ct
memset( buf, 0, sizeof(buf) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->subject_key ) );
mbedtls_sha1( buf + sizeof(buf) - len, len, buf + sizeof(buf) - 20 );
c = buf + sizeof(buf) - 20;
ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len,
buf + sizeof( buf ) - 20 );
if( ret != 0 )
return( ret );
c = buf + sizeof( buf ) - 20;
len = 20;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
@ -199,7 +202,10 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *
memset( buf, 0, sizeof(buf) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->issuer_key ) );
mbedtls_sha1( buf + sizeof( buf ) - len, len, buf + sizeof( buf ) - 20 );
ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len,
buf + sizeof( buf ) - 20 );
if( ret != 0 )
return( ret );
c = buf + sizeof( buf ) - 20;
len = 20;
@ -414,7 +420,11 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf,
/*
* Make signature
*/
mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );
if( ( ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c,
len, hash ) ) != 0 )
{
return( ret );
}
if( ( ret = mbedtls_pk_sign( ctx->issuer_key, ctx->md_alg, hash, 0, sig, &sig_len,
f_rng, p_rng ) ) != 0 )

View file

@ -28,8 +28,11 @@
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#include <stdio.h>
#define mbedtls_printf printf
#define mbedtls_printf printf
#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
#endif
#if defined(MBEDTLS_MD5_C)
@ -45,13 +48,14 @@ int main( void )
#else
int main( void )
{
int i;
int i, ret;
unsigned char digest[16];
char str[] = "Hello, world!";
mbedtls_printf( "\n MD5('%s') = ", str );
mbedtls_md5( (unsigned char *) str, 13, digest );
if( ( ret = mbedtls_md5_ret( (unsigned char *) str, 13, digest ) ) != 0 )
return( MBEDTLS_EXIT_FAILURE );
for( i = 0; i < 16; i++ )
mbedtls_printf( "%02x", digest[i] );
@ -63,6 +67,6 @@ int main( void )
fflush( stdout ); getchar();
#endif
return( 0 );
return( MBEDTLS_EXIT_SUCCESS );
}
#endif /* MBEDTLS_MD5_C */

View file

@ -212,7 +212,11 @@ int main( void )
goto exit;
}
mbedtls_sha1( buf, (int)( p - 2 - buf ), hash );
if( ( ret = mbedtls_sha1_ret( buf, (int)( p - 2 - buf ), hash ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret );
goto exit;
}
if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC,
MBEDTLS_MD_SHA256, 0, hash, p ) ) != 0 )

View file

@ -217,7 +217,11 @@ int main( void )
/*
* 5. Sign the parameters and send them
*/
mbedtls_sha1( buf, n, hash );
if( ( ret = mbedtls_sha1_ret( buf, n, hash ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret );
goto exit;
}
buf[n ] = (unsigned char)( rsa.len >> 8 );
buf[n + 1] = (unsigned char)( rsa.len );

View file

@ -102,7 +102,6 @@ int main( int argc, char *argv[] )
mbedtls_ecdsa_context ctx_sign, ctx_verify;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_sha256_context sha256_ctx;
unsigned char message[100];
unsigned char hash[32];
unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
@ -113,7 +112,6 @@ int main( int argc, char *argv[] )
mbedtls_ecdsa_init( &ctx_sign );
mbedtls_ecdsa_init( &ctx_verify );
mbedtls_ctr_drbg_init( &ctr_drbg );
mbedtls_sha256_init( &sha256_ctx );
memset( sig, 0, sizeof( sig ) );
memset( message, 0x25, sizeof( message ) );
@ -165,9 +163,11 @@ int main( int argc, char *argv[] )
mbedtls_printf( " . Computing message hash..." );
fflush( stdout );
mbedtls_sha256_starts( &sha256_ctx, 0 );
mbedtls_sha256_update( &sha256_ctx, message, sizeof( message ) );
mbedtls_sha256_finish( &sha256_ctx, hash );
if( ( ret = mbedtls_sha256_ret( message, sizeof( message ), hash, 0 ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_sha256_ret returned %d\n", ret );
goto exit;
}
mbedtls_printf( " ok\n" );
@ -242,7 +242,6 @@ exit:
mbedtls_ecdsa_free( &ctx_sign );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
mbedtls_sha256_free( &sha256_ctx );
return( ret );
}

View file

@ -327,32 +327,32 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_MD4_C)
if( todo.md4 )
TIME_AND_TSC( "MD4", mbedtls_md4( buf, BUFSIZE, tmp ) );
TIME_AND_TSC( "MD4", mbedtls_md4_ret( buf, BUFSIZE, tmp ) );
#endif
#if defined(MBEDTLS_MD5_C)
if( todo.md5 )
TIME_AND_TSC( "MD5", mbedtls_md5( buf, BUFSIZE, tmp ) );
TIME_AND_TSC( "MD5", mbedtls_md5_ret( buf, BUFSIZE, tmp ) );
#endif
#if defined(MBEDTLS_RIPEMD160_C)
if( todo.ripemd160 )
TIME_AND_TSC( "RIPEMD160", mbedtls_ripemd160( buf, BUFSIZE, tmp ) );
TIME_AND_TSC( "RIPEMD160", mbedtls_ripemd160_ret( buf, BUFSIZE, tmp ) );
#endif
#if defined(MBEDTLS_SHA1_C)
if( todo.sha1 )
TIME_AND_TSC( "SHA-1", mbedtls_sha1( buf, BUFSIZE, tmp ) );
TIME_AND_TSC( "SHA-1", mbedtls_sha1_ret( buf, BUFSIZE, tmp ) );
#endif
#if defined(MBEDTLS_SHA256_C)
if( todo.sha256 )
TIME_AND_TSC( "SHA-256", mbedtls_sha256( buf, BUFSIZE, tmp, 0 ) );
TIME_AND_TSC( "SHA-256", mbedtls_sha256_ret( buf, BUFSIZE, tmp, 0 ) );
#endif
#if defined(MBEDTLS_SHA512_C)
if( todo.sha512 )
TIME_AND_TSC( "SHA-512", mbedtls_sha512( buf, BUFSIZE, tmp, 0 ) );
TIME_AND_TSC( "SHA-512", mbedtls_sha512_ret( buf, BUFSIZE, tmp, 0 ) );
#endif
#if defined(MBEDTLS_ARC4_C)

View file

@ -8,6 +8,7 @@
/* BEGIN_CASE depends_on:MBEDTLS_MD2_C */
void md2_text( char *text_src_string, char *hex_hash_string )
{
int ret;
unsigned char src_str[100];
unsigned char hash_str[33];
unsigned char output[16];
@ -18,7 +19,8 @@ void md2_text( char *text_src_string, char *hex_hash_string )
strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
mbedtls_md2( src_str, strlen( (char *) src_str ), output );
ret = mbedtls_md2_ret( src_str, strlen( (char *) src_str ), output );
TEST_ASSERT( ret == 0 ) ;
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
@ -28,6 +30,7 @@ void md2_text( char *text_src_string, char *hex_hash_string )
/* BEGIN_CASE depends_on:MBEDTLS_MD4_C */
void md4_text( char *text_src_string, char *hex_hash_string )
{
int ret;
unsigned char src_str[100];
unsigned char hash_str[33];
unsigned char output[16];
@ -38,7 +41,8 @@ void md4_text( char *text_src_string, char *hex_hash_string )
strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
mbedtls_md4( src_str, strlen( (char *) src_str ), output );
ret = mbedtls_md4_ret( src_str, strlen( (char *) src_str ), output );
TEST_ASSERT( ret == 0 );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
@ -48,6 +52,7 @@ void md4_text( char *text_src_string, char *hex_hash_string )
/* BEGIN_CASE depends_on:MBEDTLS_MD5_C */
void md5_text( char *text_src_string, char *hex_hash_string )
{
int ret;
unsigned char src_str[100];
unsigned char hash_str[33];
unsigned char output[16];
@ -58,7 +63,8 @@ void md5_text( char *text_src_string, char *hex_hash_string )
strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
mbedtls_md5( src_str, strlen( (char *) src_str ), output );
ret = mbedtls_md5_ret( src_str, strlen( (char *) src_str ), output );
TEST_ASSERT( ret == 0 );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
@ -68,6 +74,7 @@ void md5_text( char *text_src_string, char *hex_hash_string )
/* BEGIN_CASE depends_on:MBEDTLS_RIPEMD160_C */
void ripemd160_text( char *text_src_string, char *hex_hash_string )
{
int ret;
unsigned char src_str[100];
unsigned char hash_str[41];
unsigned char output[20];
@ -78,7 +85,8 @@ void ripemd160_text( char *text_src_string, char *hex_hash_string )
strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
mbedtls_ripemd160( src_str, strlen( (char *) src_str ), output );
ret = mbedtls_ripemd160_ret( src_str, strlen( (char *) src_str ), output );
TEST_ASSERT( ret == 0 );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );

View file

@ -18,7 +18,7 @@ void mbedtls_sha1( char *hex_src_string, char *hex_hash_string )
src_len = unhexify( src_str, hex_src_string );
mbedtls_sha1( src_str, src_len, output );
TEST_ASSERT( mbedtls_sha1_ret( src_str, src_len, output ) == 0 );
hexify( hash_str, output, 20 );
TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
@ -39,7 +39,7 @@ void sha224(char *hex_src_string, char *hex_hash_string )
src_len = unhexify( src_str, hex_src_string );
mbedtls_sha256( src_str, src_len, output, 1 );
TEST_ASSERT( mbedtls_sha256_ret( src_str, src_len, output, 1 ) == 0 );
hexify( hash_str, output, 28 );
TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
@ -60,7 +60,7 @@ void mbedtls_sha256(char *hex_src_string, char *hex_hash_string )
src_len = unhexify( src_str, hex_src_string );
mbedtls_sha256( src_str, src_len, output, 0 );
TEST_ASSERT( mbedtls_sha256_ret( src_str, src_len, output, 0 ) == 0 );
hexify( hash_str, output, 32 );
TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
@ -81,7 +81,7 @@ void sha384(char *hex_src_string, char *hex_hash_string )
src_len = unhexify( src_str, hex_src_string );
mbedtls_sha512( src_str, src_len, output, 1 );
TEST_ASSERT( mbedtls_sha512_ret( src_str, src_len, output, 1 ) == 0 );
hexify( hash_str, output, 48 );
TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
@ -102,7 +102,7 @@ void mbedtls_sha512(char *hex_src_string, char *hex_hash_string )
src_len = unhexify( src_str, hex_src_string );
mbedtls_sha512( src_str, src_len, output, 0);
TEST_ASSERT( mbedtls_sha512_ret( src_str, src_len, output, 0 ) == 0 );
hexify( hash_str, output, 64 );
TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );