From a5cedbcd3fc3b5953416bdad1c20ec6901ec5f7d Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 17 Jul 2019 11:21:02 +0100 Subject: [PATCH] Introduce MD handle type As has been previously done for ciphersuites, this commit introduces a zero-cost abstraction layer around the type mbedtls_md_info const * whose valid values represent implementations of message digest algorithms. Access to a particular digest implementation can be requested by name or digest ID through the API mbedtls_md_info_from_xxx(), which either returns a valid implementation or NULL, representing failure. This commit replaces such uses of `mbedtls_md_info const *` by an abstract type `mbedtls_md_handle_t` whose valid values represent digest implementations, and which has a designated invalid value MBEDTLS_MD_INVALID_HANDLE. The purpose of this abstraction layer is to pave the way for builds which support precisely one digest algorithm. In this case, mbedtls_md_handle_t can be implemented as a two-valued type, with one value representing the invalid handle, and the unique valid value representing the unique enabled digest. --- include/mbedtls/ecjpake.h | 2 +- include/mbedtls/hkdf.h | 6 +- include/mbedtls/hmac_drbg.h | 4 +- include/mbedtls/md.h | 26 ++++---- library/ecdsa.c | 7 +- library/ecjpake.c | 25 ++++---- library/hkdf.c | 6 +- library/hmac_drbg.c | 6 +- library/md.c | 75 ++++++++++++++-------- library/pk.c | 7 +- library/pkcs11.c | 4 +- library/pkcs12.c | 4 +- library/pkcs5.c | 8 +-- library/rsa.c | 24 +++---- library/ssl_tls.c | 39 +++++++---- library/x509.c | 2 +- library/x509_crt.c | 4 +- programs/aes/crypt_and_hash.c | 4 +- programs/hash/generic_sum.c | 10 +-- programs/test/benchmark.c | 12 +++- tests/suites/test_suite_ecdsa.function | 8 +-- tests/suites/test_suite_hkdf.function | 12 ++-- tests/suites/test_suite_hmac_drbg.function | 24 +++---- tests/suites/test_suite_md.function | 66 ++++++++++--------- tests/suites/test_suite_pk.function | 6 +- tests/suites/test_suite_pkcs1_v15.function | 9 ++- tests/suites/test_suite_pkcs1_v21.function | 8 ++- tests/suites/test_suite_pkcs5.function | 4 +- tests/suites/test_suite_rsa.function | 8 ++- tests/suites/test_suite_ssl.function | 4 +- 30 files changed, 247 insertions(+), 177 deletions(-) diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h index 3d8d02ae6..00e752b23 100644 --- a/include/mbedtls/ecjpake.h +++ b/include/mbedtls/ecjpake.h @@ -75,7 +75,7 @@ typedef enum { */ typedef struct mbedtls_ecjpake_context { - const mbedtls_md_info_t *md_info; /**< Hash to use */ + mbedtls_md_handle_t md_info; /**< Hash to use */ mbedtls_ecp_group grp; /**< Elliptic curve */ mbedtls_ecjpake_role role; /**< Are we client or server? */ int point_format; /**< Format for point export */ diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h index 40ee64eb0..ebf5e12ea 100644 --- a/include/mbedtls/hkdf.h +++ b/include/mbedtls/hkdf.h @@ -70,7 +70,7 @@ extern "C" { * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * MD layer. */ -int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, +int mbedtls_hkdf( mbedtls_md_handle_t md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len ); @@ -99,7 +99,7 @@ int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * MD layer. */ -int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, +int mbedtls_hkdf_extract( mbedtls_md_handle_t md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, unsigned char *prk ); @@ -130,7 +130,7 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * MD layer. */ -int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk, +int mbedtls_hkdf_expand( mbedtls_md_handle_t md, const unsigned char *prk, size_t prk_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len ); diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index f1289cb30..ed0385455 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -138,7 +138,7 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED. */ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, + mbedtls_md_handle_t md_info, int (*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, @@ -158,7 +158,7 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, * MBEDTLS_ERR_MD_ALLOC_FAILED. */ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, + mbedtls_md_handle_t md_info, const unsigned char *data, size_t data_len ); /** diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 69ab21f40..40624e44a 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -85,13 +85,17 @@ typedef enum { */ typedef struct mbedtls_md_info_t mbedtls_md_info_t; + +typedef struct mbedtls_md_info_t const * mbedtls_md_handle_t; +#define MBEDTLS_MD_INVALID_HANDLE ( (mbedtls_md_handle_t) NULL ) + /** * The generic message-digest context. */ typedef struct mbedtls_md_context_t { /** Information about the associated message digest. */ - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; /** The digest-specific context. */ void *md_ctx; @@ -120,7 +124,7 @@ const int *mbedtls_md_list( void ); * \return The message-digest information associated with \p md_name. * \return NULL if the associated message-digest information is not found. */ -const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ); +mbedtls_md_handle_t mbedtls_md_info_from_string( const char *md_name ); /** * \brief This function returns the message-digest information @@ -131,7 +135,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ); * \return The message-digest information associated with \p md_type. * \return NULL if the associated message-digest information is not found. */ -const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ); +mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type ); /** * \brief This function initializes a message-digest context without @@ -182,7 +186,7 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ); * failure. * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. */ -int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED; +int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info ) MBEDTLS_DEPRECATED; #undef MBEDTLS_DEPRECATED #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -205,7 +209,7 @@ int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_ * failure. * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. */ -int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ); +int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac ); /** * \brief This function clones the state of an message-digest @@ -238,7 +242,7 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, * * \return The size of the message-digest output in Bytes. */ -unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ); +unsigned char mbedtls_md_get_size( mbedtls_md_handle_t md_info ); /** * \brief This function extracts the message-digest type from the @@ -249,7 +253,7 @@ unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ); * * \return The type of the message digest. */ -mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ); +mbedtls_md_type_t mbedtls_md_get_type( mbedtls_md_handle_t md_info ); /** * \brief This function extracts the message-digest name from the @@ -260,7 +264,7 @@ mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ); * * \return The name of the message digest. */ -const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ); +const char *mbedtls_md_get_name( mbedtls_md_handle_t md_info ); /** * \brief This function starts a message-digest computation. @@ -333,7 +337,7 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ -int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, +int mbedtls_md( mbedtls_md_handle_t md_info, const unsigned char *input, size_t ilen, unsigned char *output ); #if defined(MBEDTLS_FS_IO) @@ -354,7 +358,7 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si * the file pointed by \p path. * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL. */ -int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, +int mbedtls_md_file( mbedtls_md_handle_t md_info, const char *path, unsigned char *output ); #endif /* MBEDTLS_FS_IO */ @@ -460,7 +464,7 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ -int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen, +int mbedtls_md_hmac( mbedtls_md_handle_t md_info, const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char *output ); diff --git a/library/ecdsa.c b/library/ecdsa.c index 58e1a5fce..94bb7f0f4 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -412,11 +412,14 @@ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, mbedtls_hmac_drbg_context *p_rng = &rng_ctx; unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES]; size_t grp_len = ( grp->nbits + 7 ) / 8; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_mpi h; - if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + } mbedtls_mpi_init( &h ); mbedtls_hmac_drbg_init( &rng_ctx ); diff --git a/library/ecjpake.c b/library/ecjpake.c index b276514e8..ea28e6d42 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -63,7 +63,7 @@ void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx ) { ECJPAKE_VALIDATE( ctx != NULL ); - ctx->md_info = NULL; + ctx->md_info = MBEDTLS_MD_INVALID_HANDLE; mbedtls_ecp_group_init( &ctx->grp ); ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; @@ -86,7 +86,7 @@ void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx ) if( ctx == NULL ) return; - ctx->md_info = NULL; + ctx->md_info = MBEDTLS_MD_INVALID_HANDLE; mbedtls_ecp_group_free( &ctx->grp ); mbedtls_ecp_point_free( &ctx->Xm1 ); @@ -119,8 +119,11 @@ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, ctx->role = role; - if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) == NULL ) + if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE ); + } MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ctx->grp, curve ) ); @@ -140,7 +143,7 @@ int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx ) { ECJPAKE_VALIDATE_RET( ctx != NULL ); - if( ctx->md_info == NULL || + if( ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || ctx->grp.id == MBEDTLS_ECP_DP_NONE || ctx->s.p == NULL ) { @@ -190,7 +193,7 @@ static int ecjpake_write_len_point( unsigned char **p, /* * Compute hash for ZKP (7.4.2.2.2.1) */ -static int ecjpake_hash( const mbedtls_md_info_t *md_info, +static int ecjpake_hash( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -240,7 +243,7 @@ cleanup: /* * Parse a ECShnorrZKP (7.4.2.2.2) and verify it (7.4.2.3.3) */ -static int ecjpake_zkp_read( const mbedtls_md_info_t *md_info, +static int ecjpake_zkp_read( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -312,7 +315,7 @@ cleanup: /* * Generate ZKP (7.4.2.3.2) and write it as ECSchnorrZKP (7.4.2.2.2) */ -static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info, +static int ecjpake_zkp_write( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -373,7 +376,7 @@ cleanup: * Parse a ECJPAKEKeyKP (7.4.2.2.1) and check proof * Output: verified public key X */ -static int ecjpake_kkp_read( const mbedtls_md_info_t *md_info, +static int ecjpake_kkp_read( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -410,7 +413,7 @@ cleanup: * Generate an ECJPAKEKeyKP * Output: the serialized structure, plus private/public key pair */ -static int ecjpake_kkp_write( const mbedtls_md_info_t *md_info, +static int ecjpake_kkp_write( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -447,7 +450,7 @@ cleanup: * Read a ECJPAKEKeyKPPairList (7.4.2.3) and check proofs * Ouputs: verified peer public keys Xa, Xb */ -static int ecjpake_kkpp_read( const mbedtls_md_info_t *md_info, +static int ecjpake_kkpp_read( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -480,7 +483,7 @@ cleanup: * Generate a ECJPAKEKeyKPPairList * Outputs: the serialized structure, plus two private/public key pairs */ -static int ecjpake_kkpp_write( const mbedtls_md_info_t *md_info, +static int ecjpake_kkpp_write( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, diff --git a/library/hkdf.c b/library/hkdf.c index 82d8a429f..d64dc4da1 100644 --- a/library/hkdf.c +++ b/library/hkdf.c @@ -30,7 +30,7 @@ #include "mbedtls/hkdf.h" #include "mbedtls/platform_util.h" -int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, +int mbedtls_hkdf( mbedtls_md_handle_t md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len ) @@ -51,7 +51,7 @@ int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, return( ret ); } -int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, +int mbedtls_hkdf_extract( mbedtls_md_handle_t md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, unsigned char *prk ) @@ -81,7 +81,7 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, return( mbedtls_md_hmac( md, salt, salt_len, ikm, ikm_len, prk ) ); } -int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk, +int mbedtls_hkdf_expand( mbedtls_md_handle_t md, const unsigned char *prk, size_t prk_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len ) { diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index 34f18155e..c9c541d83 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -124,7 +124,7 @@ void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, * Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA) */ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, + mbedtls_md_handle_t md_info, const unsigned char *data, size_t data_len ) { int ret; @@ -246,7 +246,7 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, * from the entropy source as suggested in 8.6.7. */ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, + mbedtls_md_handle_t md_info, int (*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, @@ -564,7 +564,7 @@ int mbedtls_hmac_drbg_self_test( int verbose ) { mbedtls_hmac_drbg_context ctx; unsigned char buf[OUTPUT_LEN]; - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); + mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); mbedtls_hmac_drbg_init( &ctx ); diff --git a/library/md.c b/library/md.c index b3525be3f..d634606a2 100644 --- a/library/md.c +++ b/library/md.c @@ -94,7 +94,7 @@ const int *mbedtls_md_list( void ) return( supported_digests ); } -const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ) +mbedtls_md_handle_t mbedtls_md_info_from_string( const char *md_name ) { if( NULL == md_name ) return( NULL ); @@ -137,7 +137,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ) return( NULL ); } -const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) +mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) { switch( md_type ) { @@ -187,7 +187,7 @@ void mbedtls_md_init( mbedtls_md_context_t *ctx ) void mbedtls_md_free( mbedtls_md_context_t *ctx ) { - if( ctx == NULL || ctx->md_info == NULL ) + if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) return; if( ctx->md_ctx != NULL ) @@ -206,8 +206,8 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) int mbedtls_md_clone( mbedtls_md_context_t *dst, const mbedtls_md_context_t *src ) { - if( dst == NULL || dst->md_info == NULL || - src == NULL || src->md_info == NULL || + if( dst == NULL || dst->md_info == MBEDTLS_MD_INVALID_HANDLE || + src == NULL || src->md_info == MBEDTLS_MD_INVALID_HANDLE || dst->md_info != src->md_info ) { return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); @@ -219,15 +219,15 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, } #if ! defined(MBEDTLS_DEPRECATED_REMOVED) -int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) +int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info ) { return mbedtls_md_setup( ctx, md_info, 1 ); } #endif -int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ) +int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac ) { - if( md_info == NULL || ctx == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE || ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL ) @@ -250,7 +250,7 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf int mbedtls_md_starts( mbedtls_md_context_t *ctx ) { - if( ctx == NULL || ctx->md_info == NULL ) + if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); return( ctx->md_info->starts_func( ctx->md_ctx ) ); @@ -258,7 +258,7 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx ) int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) { - if( ctx == NULL || ctx->md_info == NULL ) + if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) ); @@ -266,23 +266,23 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) { - if( ctx == NULL || ctx->md_info == NULL ) + if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); return( ctx->md_info->finish_func( ctx->md_ctx, output ) ); } -int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, +int mbedtls_md( mbedtls_md_handle_t md_info, const unsigned char *input, size_t ilen, unsigned char *output ) { - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); return( md_info->digest_func( input, ilen, output ) ); } #if defined(MBEDTLS_FS_IO) -int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output ) +int mbedtls_md_file( mbedtls_md_handle_t md_info, const char *path, unsigned char *output ) { int ret; FILE *f; @@ -290,7 +290,7 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigne mbedtls_md_context_t ctx; unsigned char buf[1024]; - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); if( ( f = fopen( path, "rb" ) ) == NULL ) @@ -329,8 +329,12 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, unsigned char *ipad, *opad; size_t i; - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) + if( ctx == NULL || + ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || + ctx->hmac_ctx == NULL ) + { return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } if( keylen > (size_t) ctx->md_info->block_size ) { @@ -371,8 +375,12 @@ cleanup: int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) { - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) + if( ctx == NULL || + ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || + ctx->hmac_ctx == NULL ) + { return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) ); } @@ -383,8 +391,12 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; unsigned char *opad; - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) + if( ctx == NULL || + ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || + ctx->hmac_ctx == NULL ) + { return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size; @@ -406,8 +418,12 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) int ret; unsigned char *ipad; - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) + if( ctx == NULL || + ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || + ctx->hmac_ctx == NULL ) + { return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } ipad = (unsigned char *) ctx->hmac_ctx; @@ -417,7 +433,7 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) ctx->md_info->block_size ) ); } -int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, +int mbedtls_md_hmac( mbedtls_md_handle_t md_info, const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char *output ) @@ -425,7 +441,7 @@ int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, mbedtls_md_context_t ctx; int ret; - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); mbedtls_md_init( &ctx ); @@ -448,31 +464,34 @@ cleanup: int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) { - if( ctx == NULL || ctx->md_info == NULL ) + if( ctx == NULL || + ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } return( ctx->md_info->process_func( ctx->md_ctx, data ) ); } -unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ) +unsigned char mbedtls_md_get_size( mbedtls_md_handle_t md_info ) { - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( 0 ); return md_info->size; } -mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ) +mbedtls_md_type_t mbedtls_md_get_type( mbedtls_md_handle_t md_info ) { - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_MD_NONE ); return md_info->type; } -const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ) +const char *mbedtls_md_get_name( mbedtls_md_handle_t md_info ) { - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( NULL ); return md_info->name; diff --git a/library/pk.c b/library/pk.c index 161a135f1..93c57642d 100644 --- a/library/pk.c +++ b/library/pk.c @@ -205,13 +205,16 @@ int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ) */ static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len ) { - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; if( *hash_len != 0 ) return( 0 ); - if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( -1 ); + } *hash_len = mbedtls_md_get_size( md_info ); return( 0 ); diff --git a/library/pkcs11.c b/library/pkcs11.c index 0ea64252e..9ef53533f 100644 --- a/library/pkcs11.c +++ b/library/pkcs11.c @@ -183,8 +183,8 @@ int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, if( md_alg != MBEDTLS_MD_NONE ) { - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) + mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( md_alg ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) diff --git a/library/pkcs12.c b/library/pkcs12.c index 7edf064c1..e16d0a934 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -261,7 +261,7 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, size_t hlen, use_len, v, i; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; // This version only allows max of 64 bytes of password or salt @@ -269,7 +269,7 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); md_info = mbedtls_md_info_from_type( md_type ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); mbedtls_md_init( &md_ctx ); diff --git a/library/pkcs5.c b/library/pkcs5.c index 50133435c..2717aaa56 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -122,7 +122,7 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1; unsigned char key[32], iv[32]; size_t olen = 0; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; const mbedtls_cipher_info_t *cipher_info; mbedtls_md_context_t md_ctx; mbedtls_cipher_type_t cipher_alg; @@ -157,7 +157,7 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, } md_info = mbedtls_md_info_from_type( md_type ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); if( ( ret = mbedtls_asn1_get_alg( &p, end, &enc_scheme_oid, @@ -356,14 +356,14 @@ static const unsigned char result_key[MAX_TESTS][32] = int mbedtls_pkcs5_self_test( int verbose ) { mbedtls_md_context_t sha1_ctx; - const mbedtls_md_info_t *info_sha1; + mbedtls_md_handle_t info_sha1; int ret, i; unsigned char key[64]; mbedtls_md_init( &sha1_ctx ); info_sha1 = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); - if( info_sha1 == NULL ) + if( info_sha1 == MBEDTLS_MD_INVALID_HANDLE ) { ret = 1; goto exit; diff --git a/library/rsa.c b/library/rsa.c index af1a87859..2674c1094 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1128,7 +1128,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, int ret; unsigned char *p = output; unsigned int hlen; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; RSA_VALIDATE_RET( ctx != NULL ); @@ -1145,7 +1145,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); olen = ctx->len; @@ -1326,7 +1326,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; unsigned char lhash[MBEDTLS_MD_MAX_SIZE]; unsigned int hlen; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; RSA_VALIDATE_RET( ctx != NULL ); @@ -1349,7 +1349,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); hlen = mbedtls_md_get_size( md_info ); @@ -1767,7 +1767,7 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, size_t slen, min_slen, hlen, offset = 0; int ret; size_t msb; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; RSA_VALIDATE_RET( ctx != NULL ); RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || @@ -1789,14 +1789,14 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, { /* Gather length of hash to sign */ md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); hashlen = mbedtls_md_get_size( md_info ); } md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); hlen = mbedtls_md_get_size( md_info ); @@ -1910,8 +1910,8 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, /* Are we signing hashed or raw data? */ if( md_alg != MBEDTLS_MD_NONE ) { - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) + mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( md_alg ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) @@ -2150,7 +2150,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, unsigned char zeros[8]; unsigned int hlen; size_t observed_salt_len, msb; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; @@ -2186,14 +2186,14 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, { /* Gather length of hash to sign */ md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); hashlen = mbedtls_md_get_size( md_info ); } md_info = mbedtls_md_info_from_type( mgf1_hash_id ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); hlen = mbedtls_md_get_size( md_info ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index e47c45657..b17e33d61 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -660,7 +660,7 @@ MBEDTLS_NO_INLINE static int tls1_prf( const unsigned char *secret, size_t slen, const unsigned char *S1, *S2; unsigned char tmp[128]; unsigned char h_i[20]; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; int ret; @@ -681,8 +681,11 @@ MBEDTLS_NO_INLINE static int tls1_prf( const unsigned char *secret, size_t slen, /* * First compute P_md5(secret,label+random)[0..dlen] */ - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) return( ret ); @@ -712,8 +715,11 @@ MBEDTLS_NO_INLINE static int tls1_prf( const unsigned char *secret, size_t slen, /* * XOR out with P_sha1(secret,label+random)[0..dlen] */ - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) return( ret ); @@ -763,14 +769,17 @@ int tls_prf_generic( mbedtls_md_type_t md_type, size_t i, j, k, md_len; unsigned char tmp[128]; unsigned char h_i[MBEDTLS_MD_MAX_SIZE]; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; int ret; mbedtls_md_init( &md_ctx ); - if( ( md_info = mbedtls_md_info_from_type( md_type ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( md_type ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } md_len = mbedtls_md_get_size( md_info ); @@ -1244,7 +1253,7 @@ int ssl_populate_transform( mbedtls_ssl_transform *transform, unsigned keylen; mbedtls_ssl_ciphersuite_handle_t ciphersuite_info; const mbedtls_cipher_info_t *cipher_info; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; #if !defined(MBEDTLS_SSL_HW_RECORD_ACCEL) && \ !defined(MBEDTLS_SSL_EXPORT_KEYS) && \ @@ -1293,7 +1302,7 @@ int ssl_populate_transform( mbedtls_ssl_transform *transform, md_info = mbedtls_md_info_from_type( mbedtls_ssl_suite_get_mac( ciphersuite_info ) ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %d not found", mbedtls_ssl_suite_get_mac( ciphersuite_info ) ) ); @@ -3368,7 +3377,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, memset( tmp, 0, sizeof( tmp ) ); - switch( mbedtls_md_get_type( transform->md_ctx_dec.md_info ) ) + switch( mbedtls_md_get_type( + mbedtls_md_get_handle( &transform->md_ctx_dec ) ) ) { #if defined(MBEDTLS_MD5_C) || defined(MBEDTLS_SHA1_C) || \ defined(MBEDTLS_SHA256_C) @@ -6890,13 +6900,16 @@ static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, ssl->session->peer_cert_digest; mbedtls_md_type_t const peer_cert_digest_type = ssl->session->peer_cert_digest_type; - mbedtls_md_info_t const * const digest_info = + mbedtls_md_handle_t digest_info = mbedtls_md_info_from_type( peer_cert_digest_type ); unsigned char tmp_digest[MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN]; size_t digest_len; - if( peer_cert_digest == NULL || digest_info == NULL ) + if( peer_cert_digest == NULL || + digest_info == MBEDTLS_MD_INVALID_HANDLE ) + { return( -1 ); + } digest_len = mbedtls_md_get_size( digest_info ); if( digest_len > MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN ) @@ -10110,9 +10123,9 @@ static int ssl_session_load( mbedtls_ssl_session *session, if( session->peer_cert_digest_len != 0 ) { - const mbedtls_md_info_t *md_info = + mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( session->peer_cert_digest_type ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); if( session->peer_cert_digest_len != mbedtls_md_get_size( md_info ) ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -12484,7 +12497,7 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, { int ret = 0; mbedtls_md_context_t ctx; - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); + mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( md_alg ); *hashlen = mbedtls_md_get_size( md_info ); mbedtls_md_init( &ctx ); diff --git a/library/x509.c b/library/x509.c index 19cc64b79..ec83017f8 100644 --- a/library/x509.c +++ b/library/x509.c @@ -1065,7 +1065,7 @@ int mbedtls_x509_sig_alg_gets( char *buf, size_t size, mbedtls_pk_type_t pk_alg, if( pk_alg == MBEDTLS_PK_RSASSA_PSS ) { const mbedtls_pk_rsassa_pss_options *pss_opts; - const mbedtls_md_info_t *md_info, *mgf_md_info; + mbedtls_md_handle_t md_info, mgf_md_info; pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts; diff --git a/library/x509_crt.c b/library/x509_crt.c index 0089ef2a3..2960638fb 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -2088,7 +2088,7 @@ static void x509_crt_free_sig_info( mbedtls_x509_crt_sig_info *info ) static int x509_crt_get_sig_info( mbedtls_x509_crt_frame const *frame, mbedtls_x509_crt_sig_info *info ) { - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; md_info = mbedtls_md_info_from_type( frame->sig_md ); if( mbedtls_md( md_info, frame->tbs.p, frame->tbs.len, @@ -2705,7 +2705,7 @@ static int x509_crt_verifycrl( unsigned char *crt_serial, int ret; int flags = 0; unsigned char hash[MBEDTLS_MD_MAX_SIZE]; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_x509_buf_raw ca_subject; mbedtls_pk_context *pk; int can_sign; diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index a5acf5b8b..8d671abf2 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -100,7 +100,7 @@ int main( int argc, char *argv[] ) unsigned char diff; const mbedtls_cipher_info_t *cipher_info; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_cipher_context_t cipher_ctx; mbedtls_md_context_t md_ctx; #if defined(_WIN32_WCE) @@ -192,7 +192,7 @@ int main( int argc, char *argv[] ) } md_info = mbedtls_md_info_from_string( argv[5] ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) { mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[5] ); goto exit; diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c index 709a149e0..ed5357f08 100644 --- a/programs/hash/generic_sum.c +++ b/programs/hash/generic_sum.c @@ -53,7 +53,7 @@ int main( void ) #else -static int generic_wrapper( const mbedtls_md_info_t *md_info, char *filename, unsigned char *sum ) +static int generic_wrapper( mbedtls_md_handle_t md_info, char *filename, unsigned char *sum ) { int ret = mbedtls_md_file( md_info, filename, sum ); @@ -66,7 +66,7 @@ static int generic_wrapper( const mbedtls_md_info_t *md_info, char *filename, un return( ret ); } -static int generic_print( const mbedtls_md_info_t *md_info, char *filename ) +static int generic_print( mbedtls_md_handle_t md_info, char *filename ) { int i; unsigned char sum[MBEDTLS_MD_MAX_SIZE]; @@ -81,7 +81,7 @@ static int generic_print( const mbedtls_md_info_t *md_info, char *filename ) return( 0 ); } -static int generic_check( const mbedtls_md_info_t *md_info, char *filename ) +static int generic_check( mbedtls_md_handle_t md_info, char *filename ) { int i; size_t n; @@ -177,7 +177,7 @@ int main( int argc, char *argv[] ) { int ret = 1, i; int exit_code = MBEDTLS_EXIT_FAILURE; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; mbedtls_md_init( &md_ctx ); @@ -210,7 +210,7 @@ int main( int argc, char *argv[] ) * Read the MD from the command line */ md_info = mbedtls_md_info_from_string( argv[1] ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) { mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[1] ); return( exit_code ); diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 2b8656692..88e3290d0 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -693,13 +693,16 @@ int main( int argc, char *argv[] ) if( todo.hmac_drbg ) { mbedtls_hmac_drbg_context hmac_drbg; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_init( &hmac_drbg ); #if defined(MBEDTLS_SHA1_C) - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { mbedtls_exit(1); + } if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) mbedtls_exit(1); @@ -715,8 +718,11 @@ int main( int argc, char *argv[] ) #endif #if defined(MBEDTLS_SHA256_C) - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { mbedtls_exit(1); + } if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) mbedtls_exit(1); diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function index 22d92b6df..fa77dfad3 100644 --- a/tests/suites/test_suite_ecdsa.function +++ b/tests/suites/test_suite_ecdsa.function @@ -307,7 +307,7 @@ void ecdsa_det_test_vectors( int id, char * d_str, int md_alg, char * msg, mbedtls_mpi d, r, s, r_check, s_check; unsigned char hash[MBEDTLS_MD_MAX_SIZE]; size_t hlen; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_ecp_group_init( &grp ); mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); @@ -320,7 +320,7 @@ void ecdsa_det_test_vectors( int id, char * d_str, int md_alg, char * msg, TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 ); md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); hlen = mbedtls_md_get_size( md_info ); TEST_ASSERT( mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash ) == 0 ); @@ -476,7 +476,7 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, unsigned char sig[MBEDTLS_ECDSA_MAX_LEN]; unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN]; size_t hlen, slen, slen_check; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_ecdsa_restart_init( &rs_ctx ); mbedtls_ecdsa_init( &ctx ); @@ -489,7 +489,7 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, slen_check = unhexify( sig_check, sig_str ); md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); hlen = mbedtls_md_get_size( md_info ); mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash ); diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index 3e8720734..7e83b57e6 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -25,8 +25,8 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string, */ unsigned char okm_hex[257] = { '\0' }; - const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md != NULL ); + mbedtls_md_handle_t md = mbedtls_md_info_from_type( md_alg ); + TEST_ASSERT( md != MBEDTLS_MD_INVALID_HANDLE ); ikm_len = unhexify( ikm, hex_ikm_string ); salt_len = unhexify( salt, hex_salt_string ); @@ -54,8 +54,8 @@ void test_hkdf_extract( int md_alg, char *hex_ikm_string, unsigned char *output_prk = NULL; size_t ikm_len, salt_len, prk_len, output_prk_len; - const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md != NULL ); + mbedtls_md_handle_t md = mbedtls_md_info_from_type( md_alg ); + TEST_ASSERT( md != MBEDTLS_MD_INVALID_HANDLE ); output_prk_len = mbedtls_md_get_size( md ); output_prk = mbedtls_calloc( 1, output_prk_len ); @@ -90,8 +90,8 @@ void test_hkdf_expand( int md_alg, char *hex_info_string, unsigned char *output_okm = NULL; size_t info_len, prk_len, okm_len; - const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md != NULL ); + mbedtls_md_handle_t md = mbedtls_md_info_from_type( md_alg ); + TEST_ASSERT( md != MBEDTLS_MD_INVALID_HANDLE ); output_okm = mbedtls_calloc( OKM_LEN, 1 ); diff --git a/tests/suites/test_suite_hmac_drbg.function b/tests/suites/test_suite_hmac_drbg.function index 13bc40062..da280dbd9 100644 --- a/tests/suites/test_suite_hmac_drbg.function +++ b/tests/suites/test_suite_hmac_drbg.function @@ -34,7 +34,7 @@ void hmac_drbg_entropy_usage( int md_alg ) { unsigned char out[16]; unsigned char buf[1024]; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; entropy_ctx entropy; size_t last_len, i, reps = 10; @@ -47,7 +47,7 @@ void hmac_drbg_entropy_usage( int md_alg ) entropy.p = buf; md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); /* Init must use entropy */ last_len = entropy.len; @@ -112,13 +112,13 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ void hmac_drbg_seed_file( int md_alg, char * path, int ret ) { - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; mbedtls_hmac_drbg_init( &ctx ); md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, rnd_std_rand, NULL, NULL, 0 ) == 0 ); @@ -136,7 +136,7 @@ void hmac_drbg_buf( int md_alg ) { unsigned char out[16]; unsigned char buf[100]; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; size_t i; @@ -145,7 +145,7 @@ void hmac_drbg_buf( int md_alg ) memset( out, 0, sizeof( out ) ); md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_hmac_drbg_seed_buf( &ctx, md_info, buf, sizeof( buf ) ) == 0 ); /* Make sure it never tries to reseed (would segfault otherwise) */ @@ -168,7 +168,7 @@ void hmac_drbg_no_reseed( int md_alg, data_t * entropy, unsigned char data[1024]; unsigned char my_output[512]; entropy_ctx p_entropy; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; mbedtls_hmac_drbg_init( &ctx ); @@ -177,7 +177,7 @@ void hmac_drbg_no_reseed( int md_alg, data_t * entropy, p_entropy.len = entropy->len; md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); /* Test the simplified buffer-based variant */ memcpy( data, entropy->x, p_entropy.len ); @@ -215,7 +215,7 @@ void hmac_drbg_nopr( int md_alg, data_t * entropy, data_t * custom, { unsigned char my_output[512]; entropy_ctx p_entropy; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; mbedtls_hmac_drbg_init( &ctx ); @@ -224,7 +224,7 @@ void hmac_drbg_nopr( int md_alg, data_t * entropy, data_t * custom, p_entropy.len = entropy->len; md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy, custom->x, custom->len ) == 0 ); @@ -247,7 +247,7 @@ void hmac_drbg_pr( int md_alg, data_t * entropy, data_t * custom, { unsigned char my_output[512]; entropy_ctx p_entropy; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; mbedtls_hmac_drbg_init( &ctx ); @@ -256,7 +256,7 @@ void hmac_drbg_pr( int md_alg, data_t * entropy, data_t * custom, p_entropy.len = entropy->len; md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy, custom->x, custom->len ) == 0 ); diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index 11cf88ae7..515a28cfc 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -11,7 +11,7 @@ void mbedtls_md_process( ) { const int *md_type_ptr; - const mbedtls_md_info_t *info; + mbedtls_md_handle_t info; mbedtls_md_context_t ctx; unsigned char buf[150]; @@ -28,7 +28,7 @@ void mbedtls_md_process( ) for( md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++ ) { info = mbedtls_md_info_from_type( *md_type_ptr ); - TEST_ASSERT( info != NULL ); + TEST_ASSERT( info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_md_setup( &ctx, info, 0 ) == 0 ); TEST_ASSERT( mbedtls_md_process( &ctx, buf ) == 0 ); mbedtls_md_free( &ctx ); @@ -43,18 +43,22 @@ exit: void md_null_args( ) { mbedtls_md_context_t ctx; - const mbedtls_md_info_t *info = mbedtls_md_info_from_type( *( mbedtls_md_list() ) ); + mbedtls_md_handle_t info = mbedtls_md_info_from_type( *( mbedtls_md_list() ) ); unsigned char buf[1] = { 0 }; mbedtls_md_init( &ctx ); - TEST_ASSERT( mbedtls_md_get_size( NULL ) == 0 ); - TEST_ASSERT( mbedtls_md_get_type( NULL ) == MBEDTLS_MD_NONE ); - TEST_ASSERT( mbedtls_md_get_name( NULL ) == NULL ); + TEST_ASSERT( mbedtls_md_get_size( MBEDTLS_MD_INVALID_HANDLE ) + == 0 ); + TEST_ASSERT( mbedtls_md_get_type( MBEDTLS_MD_INVALID_HANDLE ) + == MBEDTLS_MD_NONE ); + TEST_ASSERT( mbedtls_md_get_name( MBEDTLS_MD_INVALID_HANDLE ) + == NULL ); - TEST_ASSERT( mbedtls_md_info_from_string( NULL ) == NULL ); + TEST_ASSERT( mbedtls_md_info_from_string( NULL ) == MBEDTLS_MD_INVALID_HANDLE ); - TEST_ASSERT( mbedtls_md_setup( &ctx, NULL, 0 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT( mbedtls_md_setup( &ctx, MBEDTLS_MD_INVALID_HANDLE, 0 ) + == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_setup( NULL, info, 0 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_starts( NULL ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); @@ -66,10 +70,12 @@ void md_null_args( ) TEST_ASSERT( mbedtls_md_finish( NULL, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_finish( &ctx, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md( NULL, buf, 1, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT( mbedtls_md( MBEDTLS_MD_INVALID_HANDLE, + buf, 1, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); #if defined(MBEDTLS_FS_IO) - TEST_ASSERT( mbedtls_md_file( NULL, "", buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT( mbedtls_md_file( MBEDTLS_MD_INVALID_HANDLE, + "", buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); #endif TEST_ASSERT( mbedtls_md_hmac_starts( NULL, buf, 1 ) @@ -90,27 +96,29 @@ void md_null_args( ) TEST_ASSERT( mbedtls_md_hmac_reset( NULL ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_hmac_reset( &ctx ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_hmac( NULL, buf, 1, buf, 1, buf ) + TEST_ASSERT( mbedtls_md_hmac( MBEDTLS_MD_INVALID_HANDLE, buf, 1, buf, 1, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_process( NULL, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_process( &ctx, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); /* Ok, this is not NULL arg but NULL return... */ - TEST_ASSERT( mbedtls_md_info_from_type( MBEDTLS_MD_NONE ) == NULL ); - TEST_ASSERT( mbedtls_md_info_from_string( "no such md" ) == NULL ); + TEST_ASSERT( mbedtls_md_info_from_type( MBEDTLS_MD_NONE ) == + MBEDTLS_MD_INVALID_HANDLE ); + TEST_ASSERT( mbedtls_md_info_from_string( "no such md" ) == + MBEDTLS_MD_INVALID_HANDLE ); } /* END_CASE */ /* BEGIN_CASE */ void md_info( int md_type, char * md_name, int md_size ) { - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; const int *md_type_ptr; int found; md_info = mbedtls_md_info_from_type( md_type ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( md_info == mbedtls_md_info_from_string( md_name ) ); TEST_ASSERT( mbedtls_md_get_type( md_info ) == (mbedtls_md_type_t) md_type ); @@ -132,7 +140,7 @@ void md_text( char * text_md_name, char * text_src_string, char md_name[100]; unsigned char src_str[1000]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; memset( md_name, 0x00, 100 ); memset( src_str, 0x00, 1000 ); @@ -141,7 +149,7 @@ void md_text( char * text_md_name, char * text_src_string, strncpy( (char *) src_str, text_src_string, sizeof( src_str ) - 1 ); strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string(md_name); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str, strlen( (char *) src_str ), output ) ); @@ -155,14 +163,14 @@ void md_hex( char * text_md_name, data_t * src_str, { char md_name[100]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; memset( md_name, 0x00, 100 ); memset( output, 0x00, 100 ); strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str->x, src_str->len, output ) ); @@ -181,7 +189,7 @@ void md_text_multi( char * text_md_name, char * text_src_string, unsigned char output[100]; int halfway, len; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; mbedtls_md_context_t ctx, ctx_copy; mbedtls_md_init( &ctx ); @@ -197,7 +205,7 @@ void md_text_multi( char * text_md_name, char * text_src_string, halfway = len / 2; md_info = mbedtls_md_info_from_string(md_name); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) ); TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) ); @@ -230,7 +238,7 @@ void md_hex_multi( char * text_md_name, data_t * src_str, { char md_name[100]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; mbedtls_md_context_t ctx, ctx_copy; int halfway; @@ -242,7 +250,7 @@ void md_hex_multi( char * text_md_name, data_t * src_str, strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string(md_name); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) ); TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) ); @@ -277,14 +285,14 @@ void mbedtls_md_hmac( char * text_md_name, int trunc_size, { char md_name[100]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; memset( md_name, 0x00, 100 ); memset( output, 0x00, 100 ); strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( mbedtls_md_hmac( md_info, key_str->x, key_str->len, src_str->x, src_str->len, output ) == 0 ); @@ -299,7 +307,7 @@ void md_hmac_multi( char * text_md_name, int trunc_size, data_t * key_str, { char md_name[100]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; mbedtls_md_context_t ctx; int halfway; @@ -310,7 +318,7 @@ void md_hmac_multi( char * text_md_name, int trunc_size, data_t * key_str, strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 1 ) ); halfway = src_str->len / 2; @@ -344,14 +352,14 @@ void mbedtls_md_file( char * text_md_name, char * filename, { char md_name[100]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; memset( md_name, 0x00, 100 ); memset( output, 0x00, 100 ); strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_md_file( md_info, filename, output ) == 0 ); diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 8b95baba9..fc917d003 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -593,7 +593,7 @@ void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod, TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); TEST_ASSERT( mbedtls_pk_verify( &pk, digest, hash_result, 0, @@ -709,7 +709,7 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, unsigned char sig[MBEDTLS_ECDSA_MAX_LEN]; unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN]; size_t hlen, slen, slen_check; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_pk_restart_init( &rs_ctx ); mbedtls_pk_init( &prv ); @@ -729,7 +729,7 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, slen_check = unhexify( sig_check, sig_str ); md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); hlen = mbedtls_md_get_size( md_info ); mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash ); diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 0723623a5..58c25bf67 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -275,8 +275,10 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q, TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PRIVATE, digest, 0, hash_result, output ) == result ); if( result == 0 ) @@ -313,9 +315,10 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N, TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); - - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 99be08ac0..a9635e17d 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -128,8 +128,10 @@ void pkcs1_rsassa_pss_sign( int mod, int radix_P, char * input_P, int radix_Q, TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PRIVATE, digest, 0, hash_result, output ) == result ); @@ -169,8 +171,10 @@ void pkcs1_rsassa_pss_verify( int mod, int radix_N, char * input_N, TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function index 26f1d3331..a8f052384 100644 --- a/tests/suites/test_suite_pkcs5.function +++ b/tests/suites/test_suite_pkcs5.function @@ -12,14 +12,14 @@ void pbkdf2_hmac( int hash, data_t * pw_str, data_t * salt_str, int it_cnt, int key_len, data_t * result_key_string ) { mbedtls_md_context_t ctx; - const mbedtls_md_info_t *info; + mbedtls_md_handle_t info; unsigned char key[100]; mbedtls_md_init( &ctx ); info = mbedtls_md_info_from_type( hash ); - TEST_ASSERT( info != NULL ); + TEST_ASSERT( info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_md_setup( &ctx, info, 1 ) == 0 ); TEST_ASSERT( mbedtls_pkcs5_pbkdf2_hmac( &ctx, pw_str->x, pw_str->len, salt_str->x, salt_str->len, it_cnt, key_len, key ) == 0 ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index f2a9b9878..4d22c9b35 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -497,8 +497,10 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, digest, 0, @@ -538,8 +540,10 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index b177779e7..80f5f16ca 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -102,12 +102,12 @@ static int build_transforms( mbedtls_ssl_transform *t_in, if( cipher_info->mode == MBEDTLS_MODE_CBC || cipher_info->mode == MBEDTLS_MODE_STREAM ) { - mbedtls_md_info_t const *md_info; + mbedtls_md_handle_t md_info; unsigned char *md0, *md1; /* Pick hash */ md_info = mbedtls_md_info_from_type( hash_id ); - CHK( md_info != NULL ); + CHK( md_info != MBEDTLS_MD_INVALID_HANDLE ); /* Pick hash keys */ maclen = mbedtls_md_get_size( md_info );