Add _init() and _free() for hash modules

include/polarssl/md2.h

@@ -60,6 +60,20 @@ typedef struct
 }
 md2_context;
 
+/**
+ * \brief          Initialize MD2 context
+ *
+ * \param ctx      MD2 context to be initialized
+ */
+void md2_init( md2_context *ctx );
+
+/**
+ * \brief          Clear MD2 context
+ *
+ * \param ctx      MD2 context to be cleared
+ */
+void md2_free( md2_context *ctx );
+
 /**
  * \brief          MD2 context setup
  *

include/polarssl/md4.h

@@ -66,6 +66,20 @@ typedef struct
 }
 md4_context;
 
+/**
+ * \brief          Initialize MD4 context
+ *
+ * \param ctx      MD4 context to be initialized
+ */
+void md4_init( md4_context *ctx );
+
+/**
+ * \brief          Clear MD4 context
+ *
+ * \param ctx      MD4 context to be cleared
+ */
+void md4_free( md4_context *ctx );
+
 /**
  * \brief          MD4 context setup
  *

include/polarssl/md5.h

@@ -66,6 +66,20 @@ typedef struct
 }
 md5_context;
 
+/**
+ * \brief          Initialize MD5 context
+ *
+ * \param ctx      MD5 context to be initialized
+ */
+void md5_init( md5_context *ctx );
+
+/**
+ * \brief          Clear MD5 context
+ *
+ * \param ctx      MD5 context to be cleared
+ */
+void md5_free( md5_context *ctx );
+
 /**
  * \brief          MD5 context setup
  *

include/polarssl/ripemd160.h

@@ -66,6 +66,20 @@ typedef struct
 }
 ripemd160_context;
 
+/**
+ * \brief          Initialize RIPEMD-160 context
+ *
+ * \param ctx      RIPEMD-160 context to be initialized
+ */
+void ripemd160_init( ripemd160_context *ctx );
+
+/**
+ * \brief          Clear RIPEMD-160 context
+ *
+ * \param ctx      RIPEMD-160 context to be cleared
+ */
+void ripemd160_free( ripemd160_context *ctx );
+
 /**
  * \brief          RIPEMD-160 context setup
  *

include/polarssl/sha1.h

@@ -66,6 +66,20 @@ typedef struct
 }
 sha1_context;
 
+/**
+ * \brief          Initialize SHA-1 context
+ *
+ * \param ctx      SHA-1 context to be initialized
+ */
+void sha1_init( sha1_context *ctx );
+
+/**
+ * \brief          Clear SHA-1 context
+ *
+ * \param ctx      SHA-1 context to be cleared
+ */
+void sha1_free( sha1_context *ctx );
+
 /**
  * \brief          SHA-1 context setup
  *

include/polarssl/sha256.h

@@ -67,6 +67,20 @@ typedef struct
 }
 sha256_context;
 
+/**
+ * \brief          Initialize SHA-256 context
+ *
+ * \param ctx      SHA-256 context to be initialized
+ */
+void sha256_init( sha256_context *ctx );
+
+/**
+ * \brief          Clear SHA-256 context
+ *
+ * \param ctx      SHA-256 context to be cleared
+ */
+void sha256_free( sha256_context *ctx );
+
 /**
  * \brief          SHA-256 context setup
  *

include/polarssl/sha512.h

@@ -68,6 +68,20 @@ typedef struct
 }
 sha512_context;
 
+/**
+ * \brief          Initialize SHA-512 context
+ *
+ * \param ctx      SHA-512 context to be initialized
+ */
+void sha512_init( sha512_context *ctx );
+
+/**
+ * \brief          Clear SHA-512 context
+ *
+ * \param ctx      SHA-512 context to be cleared
+ */
+void sha512_free( sha512_context *ctx );
+
 /**
  * \brief          SHA-512 context setup
  *

library/md2.c

@@ -86,6 +86,19 @@ static const unsigned char PI_SUBST[256] =
     0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14
 };
 
+void md2_init( md2_context *ctx )
+{
+    memset( ctx, 0, sizeof( md2_context ) );
+}
+
+void md2_free( md2_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    polarssl_zeroize( ctx, sizeof( md2_context ) );
+}
+
 /*
  * MD2 context setup
  */
@@ -189,11 +202,11 @@ void md2( const unsigned char *input, size_t ilen, unsigned char output[16] )
 {
     md2_context ctx;
 
+    md2_init( &ctx );
     md2_starts( &ctx );
     md2_update( &ctx, input, ilen );
     md2_finish( &ctx, output );
-
+    md2_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( md2_context ) );
 }
 
 #if defined(POLARSSL_FS_IO)
@@ -210,14 +223,14 @@ int md2_file( const char *path, unsigned char output[16] )
     if( ( f = fopen( path, "rb" ) ) == NULL )
         return( POLARSSL_ERR_MD2_FILE_IO_ERROR );
 
+    md2_init( &ctx );
     md2_starts( &ctx );
 
     while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
         md2_update( &ctx, buf, n );
 
     md2_finish( &ctx, output );
-
+    md2_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( md2_context ) );
 
     if( ferror( f ) != 0 )
     {
@@ -304,11 +317,11 @@ void md2_hmac( const unsigned char *key, size_t keylen,
 {
     md2_context ctx;
 
+    md2_init( &ctx );
     md2_hmac_starts( &ctx, key, keylen );
     md2_hmac_update( &ctx, input, ilen );
     md2_hmac_finish( &ctx, output );
-
+    md2_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( md2_context ) );
 }
 
 #if defined(POLARSSL_SELF_TEST)

library/md4.c

@@ -79,6 +79,19 @@ static void polarssl_zeroize( void *v, size_t n ) {
 }
 #endif
 
+void md4_init( md4_context *ctx )
+{
+    memset( ctx, 0, sizeof( md4_context ) );
+}
+
+void md4_free( md4_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    polarssl_zeroize( ctx, sizeof( md4_context ) );
+}
+
 /*
  * MD4 context setup
  */
@@ -285,11 +298,11 @@ void md4( const unsigned char *input, size_t ilen, unsigned char output[16] )
 {
     md4_context ctx;
 
+    md4_init( &ctx );
     md4_starts( &ctx );
     md4_update( &ctx, input, ilen );
     md4_finish( &ctx, output );
-
+    md4_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( md4_context ) );
 }
 
 #if defined(POLARSSL_FS_IO)
@@ -306,14 +319,14 @@ int md4_file( const char *path, unsigned char output[16] )
     if( ( f = fopen( path, "rb" ) ) == NULL )
         return( POLARSSL_ERR_MD4_FILE_IO_ERROR );
 
+    md4_init( &ctx );
     md4_starts( &ctx );
 
     while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
         md4_update( &ctx, buf, n );
 
     md4_finish( &ctx, output );
-
+    md4_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( md4_context ) );
 
     if( ferror( f ) != 0 )
     {
@@ -400,11 +413,11 @@ void md4_hmac( const unsigned char *key, size_t keylen,
 {
     md4_context ctx;
 
+    md4_init( &ctx );
     md4_hmac_starts( &ctx, key, keylen );
     md4_hmac_update( &ctx, input, ilen );
     md4_hmac_finish( &ctx, output );
-
+    md4_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( md4_context ) );
 }
 
 #if defined(POLARSSL_SELF_TEST)

library/md5.c

@@ -78,6 +78,19 @@ static void polarssl_zeroize( void *v, size_t n ) {
 }
 #endif
 
+void md5_init( md5_context *ctx )
+{
+    memset( ctx, 0, sizeof( md5_context ) );
+}
+
+void md5_free( md5_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    polarssl_zeroize( ctx, sizeof( md5_context ) );
+}
+
 /*
  * MD5 context setup
  */
@@ -302,11 +315,11 @@ void md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
 {
     md5_context ctx;
 
+    md5_init( &ctx );
     md5_starts( &ctx );
     md5_update( &ctx, input, ilen );
     md5_finish( &ctx, output );
-
+    md5_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( md5_context ) );
 }
 
 #if defined(POLARSSL_FS_IO)
@@ -323,14 +336,14 @@ int md5_file( const char *path, unsigned char output[16] )
     if( ( f = fopen( path, "rb" ) ) == NULL )
         return( POLARSSL_ERR_MD5_FILE_IO_ERROR );
 
+    md5_init( &ctx );
     md5_starts( &ctx );
 
     while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
         md5_update( &ctx, buf, n );
 
     md5_finish( &ctx, output );
-
+    md5_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( md5_context ) );
 
     if( ferror( f ) != 0 )
     {
@@ -417,11 +430,11 @@ void md5_hmac( const unsigned char *key, size_t keylen,
 {
     md5_context ctx;
 
+    md5_init( &ctx );
     md5_hmac_starts( &ctx, key, keylen );
     md5_hmac_update( &ctx, input, ilen );
     md5_hmac_finish( &ctx, output );
-
+    md5_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( md5_context ) );
 }
 
 #if defined(POLARSSL_SELF_TEST)

library/md_wrap.c

@@ -398,12 +398,20 @@ static void ripemd160_hmac_reset_wrap( void *ctx )
 
 static void * ripemd160_ctx_alloc( void )
 {
-    return polarssl_malloc( sizeof( ripemd160_context ) );
+    ripemd160_context *ctx;
+    ctx = (ripemd160_context *) polarssl_malloc( sizeof( ripemd160_context ) );
+
+    if( ctx == NULL )
+        return( NULL );
+
+    ripemd160_init( ctx );
+
+    return( ctx );
 }
 
 static void ripemd160_ctx_free( void *ctx )
 {
-    polarssl_zeroize( ctx, sizeof( ripemd160_context ) );
+    ripemd160_free( (ripemd160_context *) ctx );
     polarssl_free( ctx );
 }
 
@@ -486,12 +494,20 @@ static void sha1_hmac_reset_wrap( void *ctx )
 
 static void * sha1_ctx_alloc( void )
 {
-    return polarssl_malloc( sizeof( sha1_context ) );
+    sha1_context *ctx;
+    ctx = (sha1_context *) polarssl_malloc( sizeof( sha1_context ) );
+
+    if( ctx == NULL )
+        return( NULL );
+
+    sha1_init( ctx );
+
+    return( ctx );
 }
 
 static void sha1_ctx_free( void *ctx )
 {
-    polarssl_zeroize( ctx, sizeof( sha1_context ) );
+    sha1_free( (sha1_context *) ctx );
     polarssl_free( ctx );
 }
 
@@ -687,12 +703,20 @@ static void sha256_hmac_wrap( const unsigned char *key, size_t keylen,
 
 static void * sha256_ctx_alloc( void )
 {
-    return polarssl_malloc( sizeof( sha256_context ) );
+    sha256_context *ctx;
+    ctx = (sha256_context *) polarssl_malloc( sizeof( sha256_context ) );
+
+    if( ctx == NULL )
+        return( NULL );
+
+    sha256_init( ctx );
+
+    return( ctx );
 }
 
 static void sha256_ctx_free( void *ctx )
 {
-    polarssl_zeroize( ctx, sizeof( sha256_context ) );
+    sha256_free( (sha256_context *) ctx );
     polarssl_free( ctx );
 }
 
@@ -885,12 +909,20 @@ static void sha512_hmac_wrap( const unsigned char *key, size_t keylen,
 
 static void * sha512_ctx_alloc( void )
 {
-    return polarssl_malloc( sizeof( sha512_context ) );
+    sha512_context *ctx;
+    ctx = (sha512_context *) polarssl_malloc( sizeof( sha512_context ) );
+
+    if( ctx == NULL )
+        return( NULL );
+
+    sha512_init( ctx );
+
+    return( ctx );
 }
 
 static void sha512_ctx_free( void *ctx )
 {
-    polarssl_zeroize( ctx, sizeof( sha512_context ) );
+    sha512_free( (sha512_context *) ctx );
     polarssl_free( ctx );
 }
 

library/pem.c

@@ -92,6 +92,8 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
     unsigned char md5sum[16];
     size_t use_len;
 
+    md5_init( &md5_ctx );
+
     /*
      * key[ 0..15] = MD5(pwd || IV)
      */
@@ -104,7 +106,7 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
     {
         memcpy( key, md5sum, keylen );
 
-        polarssl_zeroize( &md5_ctx, sizeof(  md5_ctx ) );
+        md5_free( &md5_ctx );
         polarssl_zeroize( md5sum, 16 );
         return;
     }
@@ -126,7 +128,7 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
 
     memcpy( key + 16, md5sum, use_len );
 
-    polarssl_zeroize( &md5_ctx, sizeof(  md5_ctx ) );
+    md5_free( &md5_ctx );
     polarssl_zeroize( md5sum, 16 );
 }
 

library/ripemd160.c

@@ -81,6 +81,19 @@ static void polarssl_zeroize( void *v, size_t n ) {
     volatile unsigned char *p = v; while( n-- ) *p++ = 0;
 }
 
+void ripemd160_init( ripemd160_context *ctx )
+{
+    memset( ctx, 0, sizeof( ripemd160_context ) );
+}
+
+void ripemd160_free( ripemd160_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    polarssl_zeroize( ctx, sizeof( ripemd160_context ) );
+}
+
 /*
  * RIPEMD-160 context setup
  */
@@ -364,11 +377,11 @@ void ripemd160( const unsigned char *input, size_t ilen,
 {
     ripemd160_context ctx;
 
+    ripemd160_init( &ctx );
     ripemd160_starts( &ctx );
     ripemd160_update( &ctx, input, ilen );
     ripemd160_finish( &ctx, output );
-
+    ripemd160_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( ripemd160_context ) );
 }
 
 #if defined(POLARSSL_FS_IO)
@@ -385,14 +398,14 @@ int ripemd160_file( const char *path, unsigned char output[20] )
     if( ( f = fopen( path, "rb" ) ) == NULL )
         return( POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR );
 
+    ripemd160_init( &ctx );
     ripemd160_starts( &ctx );
 
     while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
         ripemd160_update( &ctx, buf, n );
 
     ripemd160_finish( &ctx, output );
-
+    ripemd160_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( ripemd160_context ) );
 
     if( ferror( f ) != 0 )
     {
@@ -479,11 +492,11 @@ void ripemd160_hmac( const unsigned char *key, size_t keylen,
 {
     ripemd160_context ctx;
 
+    ripemd160_init( &ctx );
     ripemd160_hmac_starts( &ctx, key, keylen );
     ripemd160_hmac_update( &ctx, input, ilen );
     ripemd160_hmac_finish( &ctx, output );
-
+    ripemd160_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( ripemd160_context ) );
 }
 
 

library/sha1.c

@@ -78,6 +78,19 @@ static void polarssl_zeroize( void *v, size_t n ) {
 }
 #endif
 
+void sha1_init( sha1_context *ctx )
+{
+    memset( ctx, 0, sizeof( sha1_context ) );
+}
+
+void sha1_free( sha1_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    polarssl_zeroize( ctx, sizeof( sha1_context ) );
+}
+
 /*
  * SHA-1 context setup
  */
@@ -335,11 +348,11 @@ void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
 {
     sha1_context ctx;
 
+    sha1_init( &ctx );
     sha1_starts( &ctx );
     sha1_update( &ctx, input, ilen );
     sha1_finish( &ctx, output );
-
+    sha1_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( sha1_context ) );
 }
 
 #if defined(POLARSSL_FS_IO)
@@ -356,14 +369,14 @@ int sha1_file( const char *path, unsigned char output[20] )
     if( ( f = fopen( path, "rb" ) ) == NULL )
         return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
 
+    sha1_init( &ctx );
     sha1_starts( &ctx );
 
     while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
         sha1_update( &ctx, buf, n );
 
     sha1_finish( &ctx, output );
-
+    sha1_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( sha1_context ) );
 
     if( ferror( f ) != 0 )
     {
@@ -450,11 +463,11 @@ void sha1_hmac( const unsigned char *key, size_t keylen,
 {
     sha1_context ctx;
 
+    sha1_init( &ctx );
     sha1_hmac_starts( &ctx, key, keylen );
     sha1_hmac_update( &ctx, input, ilen );
     sha1_hmac_finish( &ctx, output );
-
+    sha1_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( sha1_context ) );
 }
 
 #if defined(POLARSSL_SELF_TEST)
@@ -554,11 +567,13 @@ static const unsigned char sha1_hmac_test_sum[7][20] =
  */
 int sha1_self_test( int verbose )
 {
-    int i, j, buflen;
+    int i, j, buflen, ret = 0;
     unsigned char buf[1024];
     unsigned char sha1sum[20];
     sha1_context ctx;
 
+    sha1_init( &ctx );
+
     /*
      * SHA-1
      */
@@ -587,7 +602,8 @@ int sha1_self_test( int verbose )
             if( verbose != 0 )
                 polarssl_printf( "failed\n" );
 
-            return( 1 );
+            ret = 1;
+            goto exit;
         }
 
         if( verbose != 0 )
@@ -623,7 +639,8 @@ int sha1_self_test( int verbose )
             if( verbose != 0 )
                 polarssl_printf( "failed\n" );
 
-            return( 1 );
+            ret = 1;
+            goto exit;
         }
 
         if( verbose != 0 )
@@ -633,7 +650,10 @@ int sha1_self_test( int verbose )
     if( verbose != 0 )
         polarssl_printf( "\n" );
 
-    return( 0 );
+exit:
+    sha1_free( &ctx );
+
+    return( ret );
 }
 
 #endif /* POLARSSL_SELF_TEST */

library/sha256.c

@@ -78,6 +78,19 @@ static void polarssl_zeroize( void *v, size_t n ) {
 }
 #endif
 
+void sha256_init( sha256_context *ctx )
+{
+    memset( ctx, 0, sizeof( sha256_context ) );
+}
+
+void sha256_free( sha256_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    polarssl_zeroize( ctx, sizeof( sha256_context ) );
+}
+
 /*
  * SHA-256 context setup
  */
@@ -338,11 +351,11 @@ void sha256( const unsigned char *input, size_t ilen,
 {
     sha256_context ctx;
 
+    sha256_init( &ctx );
     sha256_starts( &ctx, is224 );
     sha256_update( &ctx, input, ilen );
     sha256_finish( &ctx, output );
-
+    sha256_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( sha256_context ) );
 }
 
 #if defined(POLARSSL_FS_IO)
@@ -359,14 +372,14 @@ int sha256_file( const char *path, unsigned char output[32], int is224 )
     if( ( f = fopen( path, "rb" ) ) == NULL )
         return( POLARSSL_ERR_SHA256_FILE_IO_ERROR );
 
+    sha256_init( &ctx );
     sha256_starts( &ctx, is224 );
 
     while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
         sha256_update( &ctx, buf, n );
 
     sha256_finish( &ctx, output );
-
+    sha256_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( sha256_context ) );
 
     if( ferror( f ) != 0 )
     {
@@ -457,11 +470,11 @@ void sha256_hmac( const unsigned char *key, size_t keylen,
 {
     sha256_context ctx;
 
+    sha256_init( &ctx );
     sha256_hmac_starts( &ctx, key, keylen, is224 );
     sha256_hmac_update( &ctx, input, ilen );
     sha256_hmac_finish( &ctx, output );
-
+    sha256_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( sha256_context ) );
 }
 
 #if defined(POLARSSL_SELF_TEST)
@@ -632,11 +645,13 @@ static const unsigned char sha256_hmac_test_sum[14][32] =
  */
 int sha256_self_test( int verbose )
 {
-    int i, j, k, buflen;
+    int i, j, k, buflen, ret = 0;
     unsigned char buf[1024];
     unsigned char sha256sum[32];
     sha256_context ctx;
 
+    sha256_init( &ctx );
+
     for( i = 0; i < 6; i++ )
     {
         j = i % 3;
@@ -665,7 +680,8 @@ int sha256_self_test( int verbose )
             if( verbose != 0 )
                 polarssl_printf( "failed\n" );
 
-            return( 1 );
+            ret = 1;
+            goto exit;
         }
 
         if( verbose != 0 )
@@ -704,7 +720,8 @@ int sha256_self_test( int verbose )
             if( verbose != 0 )
                 polarssl_printf( "failed\n" );
 
-            return( 1 );
+            ret = 1;
+            goto exit;
         }
 
         if( verbose != 0 )
@@ -714,7 +731,10 @@ int sha256_self_test( int verbose )
     if( verbose != 0 )
         polarssl_printf( "\n" );
 
-    return( 0 );
+exit:
+    sha256_free( &ctx );
+
+    return( ret );
 }
 
 #endif /* POLARSSL_SELF_TEST */

library/sha512.c

@@ -133,6 +133,19 @@ static const uint64_t K[80] =
     UL64(0x5FCB6FAB3AD6FAEC),  UL64(0x6C44198C4A475817)
 };
 
+void sha512_init( sha512_context *ctx )
+{
+    memset( ctx, 0, sizeof( sha512_context ) );
+}
+
+void sha512_free( sha512_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    polarssl_zeroize( ctx, sizeof( sha512_context ) );
+}
+
 /*
  * SHA-512 context setup
  */
@@ -336,11 +349,11 @@ void sha512( const unsigned char *input, size_t ilen,
 {
     sha512_context ctx;
 
+    sha512_init( &ctx );
     sha512_starts( &ctx, is384 );
     sha512_update( &ctx, input, ilen );
     sha512_finish( &ctx, output );
-
+    sha512_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( sha512_context ) );
 }
 
 #if defined(POLARSSL_FS_IO)
@@ -357,14 +370,14 @@ int sha512_file( const char *path, unsigned char output[64], int is384 )
     if( ( f = fopen( path, "rb" ) ) == NULL )
         return( POLARSSL_ERR_SHA512_FILE_IO_ERROR );
 
+    sha512_init( &ctx );
     sha512_starts( &ctx, is384 );
 
     while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
         sha512_update( &ctx, buf, n );
 
     sha512_finish( &ctx, output );
-
+    sha512_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( sha512_context ) );
 
     if( ferror( f ) != 0 )
     {
@@ -455,11 +468,11 @@ void sha512_hmac( const unsigned char *key, size_t keylen,
 {
     sha512_context ctx;
 
+    sha512_init( &ctx );
     sha512_hmac_starts( &ctx, key, keylen, is384 );
     sha512_hmac_update( &ctx, input, ilen );
     sha512_hmac_finish( &ctx, output );
-
+    sha512_free( &ctx );
-    polarssl_zeroize( &ctx, sizeof( sha512_context ) );
 }
 
 #if defined(POLARSSL_SELF_TEST)
@@ -686,11 +699,13 @@ static const unsigned char sha512_hmac_test_sum[14][64] =
  */
 int sha512_self_test( int verbose )
 {
-    int i, j, k, buflen;
+    int i, j, k, buflen, ret = 0;
     unsigned char buf[1024];
     unsigned char sha512sum[64];
     sha512_context ctx;
 
+    sha512_init( &ctx );
+
     for( i = 0; i < 6; i++ )
     {
         j = i % 3;
@@ -719,7 +734,8 @@ int sha512_self_test( int verbose )
             if( verbose != 0 )
                 polarssl_printf( "failed\n" );
 
-            return( 1 );
+            ret = 1;
+            goto exit;
         }
 
         if( verbose != 0 )
@@ -758,7 +774,8 @@ int sha512_self_test( int verbose )
             if( verbose != 0 )
                 polarssl_printf( "failed\n" );
 
-            return( 1 );
+            ret = 1;
+            goto exit;
         }
 
         if( verbose != 0 )
@@ -768,7 +785,10 @@ int sha512_self_test( int verbose )
     if( verbose != 0 )
         polarssl_printf( "\n" );
 
-    return( 0 );
+exit:
+    sha512_free( &ctx );
+
+    return( ret );
 }
 
 #endif /* POLARSSL_SELF_TEST */

library/ssl_cli.c

@@ -1718,6 +1718,9 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
             md5_context md5;
             sha1_context sha1;
 
+            md5_init(  &md5  );
+            sha1_init( &sha1 );
+
             hashlen = 36;
 
             /*
@@ -1742,6 +1745,9 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
             sha1_update( &sha1, ssl->handshake->randbytes, 64 );
             sha1_update( &sha1, ssl->in_msg + 4, params_len );
             sha1_finish( &sha1, hash + 16 );
+
+            md5_free(  &md5  );
+            sha1_free( &sha1 );
         }
         else
 #endif /* POLARSSL_SSL_PROTO_SSL3 || POLARSSL_SSL_PROTO_TLS1 || \

library/ssl_srv.c

@@ -2337,6 +2337,9 @@ curve_matching_done:
             md5_context md5;
             sha1_context sha1;
 
+            md5_init(  &md5  );
+            sha1_init( &sha1 );
+
             /*
              * digitally-signed struct {
              *     opaque md5_hash[16];
@@ -2361,6 +2364,9 @@ curve_matching_done:
             sha1_finish( &sha1, hash + 16 );
 
             hashlen = 36;
+
+            md5_free(  &md5  );
+            sha1_free( &sha1 );
         }
         else
 #endif /* POLARSSL_SSL_PROTO_SSL3 || POLARSSL_SSL_PROTO_TLS1 || \

library/ssl_tls.c

@@ -156,6 +156,9 @@ static int ssl3_prf( const unsigned char *secret, size_t slen,
     unsigned char sha1sum[20];
     ((void)label);
 
+    md5_init(  &md5  );
+    sha1_init( &sha1 );
+
     /*
      *  SSLv3:
      *    block =
@@ -180,8 +183,8 @@ static int ssl3_prf( const unsigned char *secret, size_t slen,
         md5_finish( &md5, dstbuf + i * 16 );
     }
 
-    polarssl_zeroize( &md5,  sizeof( md5  ) );
+    md5_free(  &md5  );
-    polarssl_zeroize( &sha1, sizeof( sha1 ) );
+    sha1_free( &sha1 );
 
     polarssl_zeroize( padding, sizeof( padding ) );
     polarssl_zeroize( sha1sum, sizeof( sha1sum ) );
@@ -805,6 +808,9 @@ void ssl_calc_verify_ssl( ssl_context *ssl, unsigned char hash[36] )
     SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 );
     SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
 
+    md5_free(  &md5  );
+    sha1_free( &sha1 );
+
     return;
 }
 #endif /* POLARSSL_SSL_PROTO_SSL3 */
@@ -826,6 +832,9 @@ void ssl_calc_verify_tls( ssl_context *ssl, unsigned char hash[36] )
     SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 );
     SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
 
+    md5_free(  &md5  );
+    sha1_free( &sha1 );
+
     return;
 }
 #endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 */
@@ -844,6 +853,8 @@ void ssl_calc_verify_tls_sha256( ssl_context *ssl, unsigned char hash[32] )
     SSL_DEBUG_BUF( 3, "calculated verify result", hash, 32 );
     SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
 
+    sha256_free( &sha256 );
+
     return;
 }
 #endif /* POLARSSL_SHA256_C */
@@ -861,6 +872,8 @@ void ssl_calc_verify_tls_sha384( ssl_context *ssl, unsigned char hash[48] )
     SSL_DEBUG_BUF( 3, "calculated verify result", hash, 48 );
     SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
 
+    sha512_free( &sha512 );
+
     return;
 }
 #endif /* POLARSSL_SHA512_C */
@@ -2878,8 +2891,8 @@ static void ssl_calc_finished_ssl(
 
     SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 );
 
-    polarssl_zeroize(  &md5, sizeof(  md5_context ) );
+    md5_free(  &md5  );
-    polarssl_zeroize( &sha1, sizeof( sha1_context ) );
+    sha1_free( &sha1 );
 
     polarssl_zeroize(  padbuf, sizeof(  padbuf ) );
     polarssl_zeroize(  md5sum, sizeof(  md5sum ) );
@@ -2936,8 +2949,8 @@ static void ssl_calc_finished_tls(
 
     SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
 
-    polarssl_zeroize(  &md5, sizeof(  md5_context ) );
+    md5_free(  &md5  );
-    polarssl_zeroize( &sha1, sizeof( sha1_context ) );
+    sha1_free( &sha1 );
 
     polarssl_zeroize(  padbuf, sizeof(  padbuf ) );
 
@@ -2985,7 +2998,7 @@ static void ssl_calc_finished_tls_sha256(
 
     SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
 
-    polarssl_zeroize( &sha256, sizeof( sha256_context ) );
+    sha256_free( &sha256 );
 
     polarssl_zeroize(  padbuf, sizeof(  padbuf ) );
 
@@ -3032,7 +3045,7 @@ static void ssl_calc_finished_tls_sha384(
 
     SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
 
-    polarssl_zeroize( &sha512, sizeof( sha512_context ) );
+    sha512_free( &sha512 );
 
     polarssl_zeroize(  padbuf, sizeof( padbuf ) );
 
@@ -3302,14 +3315,18 @@ static int ssl_handshake_init( ssl_context *ssl )
 
 #if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
     defined(POLARSSL_SSL_PROTO_TLS1_1)
+     md5_init(   &ssl->handshake->fin_md5  );
+    sha1_init(   &ssl->handshake->fin_sha1 );
      md5_starts( &ssl->handshake->fin_md5  );
     sha1_starts( &ssl->handshake->fin_sha1 );
 #endif
 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
 #if defined(POLARSSL_SHA256_C)
+    sha256_init(   &ssl->handshake->fin_sha256    );
     sha256_starts( &ssl->handshake->fin_sha256, 0 );
 #endif
 #if defined(POLARSSL_SHA512_C)
+    sha512_init(   &ssl->handshake->fin_sha512    );
     sha512_starts( &ssl->handshake->fin_sha512, 1 );
 #endif
 #endif /* POLARSSL_SSL_PROTO_TLS1_2 */