Add _init() and _free() for hash modules

This commit is contained in:
Paul Bakker 2014-06-26 12:09:34 +02:00
parent 8cfd9d8c59
commit 5b4af39a36
19 changed files with 346 additions and 73 deletions

View file

@ -60,6 +60,20 @@ typedef struct
}
md2_context;
/**
* \brief Initialize MD2 context
*
* \param ctx MD2 context to be initialized
*/
void md2_init( md2_context *ctx );
/**
* \brief Clear MD2 context
*
* \param ctx MD2 context to be cleared
*/
void md2_free( md2_context *ctx );
/**
* \brief MD2 context setup
*

View file

@ -66,6 +66,20 @@ typedef struct
}
md4_context;
/**
* \brief Initialize MD4 context
*
* \param ctx MD4 context to be initialized
*/
void md4_init( md4_context *ctx );
/**
* \brief Clear MD4 context
*
* \param ctx MD4 context to be cleared
*/
void md4_free( md4_context *ctx );
/**
* \brief MD4 context setup
*

View file

@ -66,6 +66,20 @@ typedef struct
}
md5_context;
/**
* \brief Initialize MD5 context
*
* \param ctx MD5 context to be initialized
*/
void md5_init( md5_context *ctx );
/**
* \brief Clear MD5 context
*
* \param ctx MD5 context to be cleared
*/
void md5_free( md5_context *ctx );
/**
* \brief MD5 context setup
*

View file

@ -66,6 +66,20 @@ typedef struct
}
ripemd160_context;
/**
* \brief Initialize RIPEMD-160 context
*
* \param ctx RIPEMD-160 context to be initialized
*/
void ripemd160_init( ripemd160_context *ctx );
/**
* \brief Clear RIPEMD-160 context
*
* \param ctx RIPEMD-160 context to be cleared
*/
void ripemd160_free( ripemd160_context *ctx );
/**
* \brief RIPEMD-160 context setup
*

View file

@ -66,6 +66,20 @@ typedef struct
}
sha1_context;
/**
* \brief Initialize SHA-1 context
*
* \param ctx SHA-1 context to be initialized
*/
void sha1_init( sha1_context *ctx );
/**
* \brief Clear SHA-1 context
*
* \param ctx SHA-1 context to be cleared
*/
void sha1_free( sha1_context *ctx );
/**
* \brief SHA-1 context setup
*

View file

@ -67,6 +67,20 @@ typedef struct
}
sha256_context;
/**
* \brief Initialize SHA-256 context
*
* \param ctx SHA-256 context to be initialized
*/
void sha256_init( sha256_context *ctx );
/**
* \brief Clear SHA-256 context
*
* \param ctx SHA-256 context to be cleared
*/
void sha256_free( sha256_context *ctx );
/**
* \brief SHA-256 context setup
*

View file

@ -68,6 +68,20 @@ typedef struct
}
sha512_context;
/**
* \brief Initialize SHA-512 context
*
* \param ctx SHA-512 context to be initialized
*/
void sha512_init( sha512_context *ctx );
/**
* \brief Clear SHA-512 context
*
* \param ctx SHA-512 context to be cleared
*/
void sha512_free( sha512_context *ctx );
/**
* \brief SHA-512 context setup
*

View file

@ -86,6 +86,19 @@ static const unsigned char PI_SUBST[256] =
0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14
};
void md2_init( md2_context *ctx )
{
memset( ctx, 0, sizeof( md2_context ) );
}
void md2_free( md2_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( md2_context ) );
}
/*
* MD2 context setup
*/
@ -189,11 +202,11 @@ void md2( const unsigned char *input, size_t ilen, unsigned char output[16] )
{
md2_context ctx;
md2_init( &ctx );
md2_starts( &ctx );
md2_update( &ctx, input, ilen );
md2_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md2_context ) );
md2_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
@ -210,14 +223,14 @@ int md2_file( const char *path, unsigned char output[16] )
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_MD2_FILE_IO_ERROR );
md2_init( &ctx );
md2_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
md2_update( &ctx, buf, n );
md2_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md2_context ) );
md2_free( &ctx );
if( ferror( f ) != 0 )
{
@ -304,11 +317,11 @@ void md2_hmac( const unsigned char *key, size_t keylen,
{
md2_context ctx;
md2_init( &ctx );
md2_hmac_starts( &ctx, key, keylen );
md2_hmac_update( &ctx, input, ilen );
md2_hmac_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md2_context ) );
md2_free( &ctx );
}
#if defined(POLARSSL_SELF_TEST)

View file

@ -79,6 +79,19 @@ static void polarssl_zeroize( void *v, size_t n ) {
}
#endif
void md4_init( md4_context *ctx )
{
memset( ctx, 0, sizeof( md4_context ) );
}
void md4_free( md4_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( md4_context ) );
}
/*
* MD4 context setup
*/
@ -285,11 +298,11 @@ void md4( const unsigned char *input, size_t ilen, unsigned char output[16] )
{
md4_context ctx;
md4_init( &ctx );
md4_starts( &ctx );
md4_update( &ctx, input, ilen );
md4_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md4_context ) );
md4_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
@ -306,14 +319,14 @@ int md4_file( const char *path, unsigned char output[16] )
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_MD4_FILE_IO_ERROR );
md4_init( &ctx );
md4_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
md4_update( &ctx, buf, n );
md4_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md4_context ) );
md4_free( &ctx );
if( ferror( f ) != 0 )
{
@ -400,11 +413,11 @@ void md4_hmac( const unsigned char *key, size_t keylen,
{
md4_context ctx;
md4_init( &ctx );
md4_hmac_starts( &ctx, key, keylen );
md4_hmac_update( &ctx, input, ilen );
md4_hmac_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md4_context ) );
md4_free( &ctx );
}
#if defined(POLARSSL_SELF_TEST)

View file

@ -78,6 +78,19 @@ static void polarssl_zeroize( void *v, size_t n ) {
}
#endif
void md5_init( md5_context *ctx )
{
memset( ctx, 0, sizeof( md5_context ) );
}
void md5_free( md5_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( md5_context ) );
}
/*
* MD5 context setup
*/
@ -302,11 +315,11 @@ void md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
{
md5_context ctx;
md5_init( &ctx );
md5_starts( &ctx );
md5_update( &ctx, input, ilen );
md5_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md5_context ) );
md5_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
@ -323,14 +336,14 @@ int md5_file( const char *path, unsigned char output[16] )
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_MD5_FILE_IO_ERROR );
md5_init( &ctx );
md5_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
md5_update( &ctx, buf, n );
md5_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md5_context ) );
md5_free( &ctx );
if( ferror( f ) != 0 )
{
@ -417,11 +430,11 @@ void md5_hmac( const unsigned char *key, size_t keylen,
{
md5_context ctx;
md5_init( &ctx );
md5_hmac_starts( &ctx, key, keylen );
md5_hmac_update( &ctx, input, ilen );
md5_hmac_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md5_context ) );
md5_free( &ctx );
}
#if defined(POLARSSL_SELF_TEST)

View file

@ -398,12 +398,20 @@ static void ripemd160_hmac_reset_wrap( void *ctx )
static void * ripemd160_ctx_alloc( void )
{
return polarssl_malloc( sizeof( ripemd160_context ) );
ripemd160_context *ctx;
ctx = (ripemd160_context *) polarssl_malloc( sizeof( ripemd160_context ) );
if( ctx == NULL )
return( NULL );
ripemd160_init( ctx );
return( ctx );
}
static void ripemd160_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( ripemd160_context ) );
ripemd160_free( (ripemd160_context *) ctx );
polarssl_free( ctx );
}
@ -486,12 +494,20 @@ static void sha1_hmac_reset_wrap( void *ctx )
static void * sha1_ctx_alloc( void )
{
return polarssl_malloc( sizeof( sha1_context ) );
sha1_context *ctx;
ctx = (sha1_context *) polarssl_malloc( sizeof( sha1_context ) );
if( ctx == NULL )
return( NULL );
sha1_init( ctx );
return( ctx );
}
static void sha1_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( sha1_context ) );
sha1_free( (sha1_context *) ctx );
polarssl_free( ctx );
}
@ -687,12 +703,20 @@ static void sha256_hmac_wrap( const unsigned char *key, size_t keylen,
static void * sha256_ctx_alloc( void )
{
return polarssl_malloc( sizeof( sha256_context ) );
sha256_context *ctx;
ctx = (sha256_context *) polarssl_malloc( sizeof( sha256_context ) );
if( ctx == NULL )
return( NULL );
sha256_init( ctx );
return( ctx );
}
static void sha256_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( sha256_context ) );
sha256_free( (sha256_context *) ctx );
polarssl_free( ctx );
}
@ -885,12 +909,20 @@ static void sha512_hmac_wrap( const unsigned char *key, size_t keylen,
static void * sha512_ctx_alloc( void )
{
return polarssl_malloc( sizeof( sha512_context ) );
sha512_context *ctx;
ctx = (sha512_context *) polarssl_malloc( sizeof( sha512_context ) );
if( ctx == NULL )
return( NULL );
sha512_init( ctx );
return( ctx );
}
static void sha512_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( sha512_context ) );
sha512_free( (sha512_context *) ctx );
polarssl_free( ctx );
}

View file

@ -92,6 +92,8 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
unsigned char md5sum[16];
size_t use_len;
md5_init( &md5_ctx );
/*
* key[ 0..15] = MD5(pwd || IV)
*/
@ -104,7 +106,7 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
{
memcpy( key, md5sum, keylen );
polarssl_zeroize( &md5_ctx, sizeof( md5_ctx ) );
md5_free( &md5_ctx );
polarssl_zeroize( md5sum, 16 );
return;
}
@ -126,7 +128,7 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
memcpy( key + 16, md5sum, use_len );
polarssl_zeroize( &md5_ctx, sizeof( md5_ctx ) );
md5_free( &md5_ctx );
polarssl_zeroize( md5sum, 16 );
}

View file

@ -81,6 +81,19 @@ static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
void ripemd160_init( ripemd160_context *ctx )
{
memset( ctx, 0, sizeof( ripemd160_context ) );
}
void ripemd160_free( ripemd160_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( ripemd160_context ) );
}
/*
* RIPEMD-160 context setup
*/
@ -364,11 +377,11 @@ void ripemd160( const unsigned char *input, size_t ilen,
{
ripemd160_context ctx;
ripemd160_init( &ctx );
ripemd160_starts( &ctx );
ripemd160_update( &ctx, input, ilen );
ripemd160_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( ripemd160_context ) );
ripemd160_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
@ -385,14 +398,14 @@ int ripemd160_file( const char *path, unsigned char output[20] )
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR );
ripemd160_init( &ctx );
ripemd160_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
ripemd160_update( &ctx, buf, n );
ripemd160_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( ripemd160_context ) );
ripemd160_free( &ctx );
if( ferror( f ) != 0 )
{
@ -479,11 +492,11 @@ void ripemd160_hmac( const unsigned char *key, size_t keylen,
{
ripemd160_context ctx;
ripemd160_init( &ctx );
ripemd160_hmac_starts( &ctx, key, keylen );
ripemd160_hmac_update( &ctx, input, ilen );
ripemd160_hmac_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( ripemd160_context ) );
ripemd160_free( &ctx );
}

View file

@ -78,6 +78,19 @@ static void polarssl_zeroize( void *v, size_t n ) {
}
#endif
void sha1_init( sha1_context *ctx )
{
memset( ctx, 0, sizeof( sha1_context ) );
}
void sha1_free( sha1_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( sha1_context ) );
}
/*
* SHA-1 context setup
*/
@ -335,11 +348,11 @@ void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
{
sha1_context ctx;
sha1_init( &ctx );
sha1_starts( &ctx );
sha1_update( &ctx, input, ilen );
sha1_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha1_context ) );
sha1_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
@ -356,14 +369,14 @@ int sha1_file( const char *path, unsigned char output[20] )
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
sha1_init( &ctx );
sha1_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
sha1_update( &ctx, buf, n );
sha1_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha1_context ) );
sha1_free( &ctx );
if( ferror( f ) != 0 )
{
@ -450,11 +463,11 @@ void sha1_hmac( const unsigned char *key, size_t keylen,
{
sha1_context ctx;
sha1_init( &ctx );
sha1_hmac_starts( &ctx, key, keylen );
sha1_hmac_update( &ctx, input, ilen );
sha1_hmac_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha1_context ) );
sha1_free( &ctx );
}
#if defined(POLARSSL_SELF_TEST)
@ -554,11 +567,13 @@ static const unsigned char sha1_hmac_test_sum[7][20] =
*/
int sha1_self_test( int verbose )
{
int i, j, buflen;
int i, j, buflen, ret = 0;
unsigned char buf[1024];
unsigned char sha1sum[20];
sha1_context ctx;
sha1_init( &ctx );
/*
* SHA-1
*/
@ -587,7 +602,8 @@ int sha1_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -623,7 +639,8 @@ int sha1_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -633,7 +650,10 @@ int sha1_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "\n" );
return( 0 );
exit:
sha1_free( &ctx );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */

View file

@ -78,6 +78,19 @@ static void polarssl_zeroize( void *v, size_t n ) {
}
#endif
void sha256_init( sha256_context *ctx )
{
memset( ctx, 0, sizeof( sha256_context ) );
}
void sha256_free( sha256_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( sha256_context ) );
}
/*
* SHA-256 context setup
*/
@ -338,11 +351,11 @@ void sha256( const unsigned char *input, size_t ilen,
{
sha256_context ctx;
sha256_init( &ctx );
sha256_starts( &ctx, is224 );
sha256_update( &ctx, input, ilen );
sha256_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha256_context ) );
sha256_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
@ -359,14 +372,14 @@ int sha256_file( const char *path, unsigned char output[32], int is224 )
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_SHA256_FILE_IO_ERROR );
sha256_init( &ctx );
sha256_starts( &ctx, is224 );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
sha256_update( &ctx, buf, n );
sha256_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha256_context ) );
sha256_free( &ctx );
if( ferror( f ) != 0 )
{
@ -457,11 +470,11 @@ void sha256_hmac( const unsigned char *key, size_t keylen,
{
sha256_context ctx;
sha256_init( &ctx );
sha256_hmac_starts( &ctx, key, keylen, is224 );
sha256_hmac_update( &ctx, input, ilen );
sha256_hmac_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha256_context ) );
sha256_free( &ctx );
}
#if defined(POLARSSL_SELF_TEST)
@ -632,11 +645,13 @@ static const unsigned char sha256_hmac_test_sum[14][32] =
*/
int sha256_self_test( int verbose )
{
int i, j, k, buflen;
int i, j, k, buflen, ret = 0;
unsigned char buf[1024];
unsigned char sha256sum[32];
sha256_context ctx;
sha256_init( &ctx );
for( i = 0; i < 6; i++ )
{
j = i % 3;
@ -665,7 +680,8 @@ int sha256_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -704,7 +720,8 @@ int sha256_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -714,7 +731,10 @@ int sha256_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "\n" );
return( 0 );
exit:
sha256_free( &ctx );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */

View file

@ -133,6 +133,19 @@ static const uint64_t K[80] =
UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817)
};
void sha512_init( sha512_context *ctx )
{
memset( ctx, 0, sizeof( sha512_context ) );
}
void sha512_free( sha512_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( sha512_context ) );
}
/*
* SHA-512 context setup
*/
@ -336,11 +349,11 @@ void sha512( const unsigned char *input, size_t ilen,
{
sha512_context ctx;
sha512_init( &ctx );
sha512_starts( &ctx, is384 );
sha512_update( &ctx, input, ilen );
sha512_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha512_context ) );
sha512_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
@ -357,14 +370,14 @@ int sha512_file( const char *path, unsigned char output[64], int is384 )
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_SHA512_FILE_IO_ERROR );
sha512_init( &ctx );
sha512_starts( &ctx, is384 );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
sha512_update( &ctx, buf, n );
sha512_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha512_context ) );
sha512_free( &ctx );
if( ferror( f ) != 0 )
{
@ -455,11 +468,11 @@ void sha512_hmac( const unsigned char *key, size_t keylen,
{
sha512_context ctx;
sha512_init( &ctx );
sha512_hmac_starts( &ctx, key, keylen, is384 );
sha512_hmac_update( &ctx, input, ilen );
sha512_hmac_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha512_context ) );
sha512_free( &ctx );
}
#if defined(POLARSSL_SELF_TEST)
@ -686,11 +699,13 @@ static const unsigned char sha512_hmac_test_sum[14][64] =
*/
int sha512_self_test( int verbose )
{
int i, j, k, buflen;
int i, j, k, buflen, ret = 0;
unsigned char buf[1024];
unsigned char sha512sum[64];
sha512_context ctx;
sha512_init( &ctx );
for( i = 0; i < 6; i++ )
{
j = i % 3;
@ -719,7 +734,8 @@ int sha512_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -758,7 +774,8 @@ int sha512_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -768,7 +785,10 @@ int sha512_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "\n" );
return( 0 );
exit:
sha512_free( &ctx );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */

View file

@ -1718,6 +1718,9 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
md5_context md5;
sha1_context sha1;
md5_init( &md5 );
sha1_init( &sha1 );
hashlen = 36;
/*
@ -1742,6 +1745,9 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
sha1_update( &sha1, ssl->handshake->randbytes, 64 );
sha1_update( &sha1, ssl->in_msg + 4, params_len );
sha1_finish( &sha1, hash + 16 );
md5_free( &md5 );
sha1_free( &sha1 );
}
else
#endif /* POLARSSL_SSL_PROTO_SSL3 || POLARSSL_SSL_PROTO_TLS1 || \

View file

@ -2337,6 +2337,9 @@ curve_matching_done:
md5_context md5;
sha1_context sha1;
md5_init( &md5 );
sha1_init( &sha1 );
/*
* digitally-signed struct {
* opaque md5_hash[16];
@ -2361,6 +2364,9 @@ curve_matching_done:
sha1_finish( &sha1, hash + 16 );
hashlen = 36;
md5_free( &md5 );
sha1_free( &sha1 );
}
else
#endif /* POLARSSL_SSL_PROTO_SSL3 || POLARSSL_SSL_PROTO_TLS1 || \

View file

@ -156,6 +156,9 @@ static int ssl3_prf( const unsigned char *secret, size_t slen,
unsigned char sha1sum[20];
((void)label);
md5_init( &md5 );
sha1_init( &sha1 );
/*
* SSLv3:
* block =
@ -180,8 +183,8 @@ static int ssl3_prf( const unsigned char *secret, size_t slen,
md5_finish( &md5, dstbuf + i * 16 );
}
polarssl_zeroize( &md5, sizeof( md5 ) );
polarssl_zeroize( &sha1, sizeof( sha1 ) );
md5_free( &md5 );
sha1_free( &sha1 );
polarssl_zeroize( padding, sizeof( padding ) );
polarssl_zeroize( sha1sum, sizeof( sha1sum ) );
@ -805,6 +808,9 @@ void ssl_calc_verify_ssl( ssl_context *ssl, unsigned char hash[36] )
SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 );
SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
md5_free( &md5 );
sha1_free( &sha1 );
return;
}
#endif /* POLARSSL_SSL_PROTO_SSL3 */
@ -826,6 +832,9 @@ void ssl_calc_verify_tls( ssl_context *ssl, unsigned char hash[36] )
SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 );
SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
md5_free( &md5 );
sha1_free( &sha1 );
return;
}
#endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 */
@ -844,6 +853,8 @@ void ssl_calc_verify_tls_sha256( ssl_context *ssl, unsigned char hash[32] )
SSL_DEBUG_BUF( 3, "calculated verify result", hash, 32 );
SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
sha256_free( &sha256 );
return;
}
#endif /* POLARSSL_SHA256_C */
@ -861,6 +872,8 @@ void ssl_calc_verify_tls_sha384( ssl_context *ssl, unsigned char hash[48] )
SSL_DEBUG_BUF( 3, "calculated verify result", hash, 48 );
SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
sha512_free( &sha512 );
return;
}
#endif /* POLARSSL_SHA512_C */
@ -2878,8 +2891,8 @@ static void ssl_calc_finished_ssl(
SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 );
polarssl_zeroize( &md5, sizeof( md5_context ) );
polarssl_zeroize( &sha1, sizeof( sha1_context ) );
md5_free( &md5 );
sha1_free( &sha1 );
polarssl_zeroize( padbuf, sizeof( padbuf ) );
polarssl_zeroize( md5sum, sizeof( md5sum ) );
@ -2936,8 +2949,8 @@ static void ssl_calc_finished_tls(
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
polarssl_zeroize( &md5, sizeof( md5_context ) );
polarssl_zeroize( &sha1, sizeof( sha1_context ) );
md5_free( &md5 );
sha1_free( &sha1 );
polarssl_zeroize( padbuf, sizeof( padbuf ) );
@ -2985,7 +2998,7 @@ static void ssl_calc_finished_tls_sha256(
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
polarssl_zeroize( &sha256, sizeof( sha256_context ) );
sha256_free( &sha256 );
polarssl_zeroize( padbuf, sizeof( padbuf ) );
@ -3032,7 +3045,7 @@ static void ssl_calc_finished_tls_sha384(
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
polarssl_zeroize( &sha512, sizeof( sha512_context ) );
sha512_free( &sha512 );
polarssl_zeroize( padbuf, sizeof( padbuf ) );
@ -3302,14 +3315,18 @@ static int ssl_handshake_init( ssl_context *ssl )
#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
defined(POLARSSL_SSL_PROTO_TLS1_1)
md5_starts( &ssl->handshake->fin_md5 );
md5_init( &ssl->handshake->fin_md5 );
sha1_init( &ssl->handshake->fin_sha1 );
md5_starts( &ssl->handshake->fin_md5 );
sha1_starts( &ssl->handshake->fin_sha1 );
#endif
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
#if defined(POLARSSL_SHA256_C)
sha256_init( &ssl->handshake->fin_sha256 );
sha256_starts( &ssl->handshake->fin_sha256, 0 );
#endif
#if defined(POLARSSL_SHA512_C)
sha512_init( &ssl->handshake->fin_sha512 );
sha512_starts( &ssl->handshake->fin_sha512, 1 );
#endif
#endif /* POLARSSL_SSL_PROTO_TLS1_2 */