From d3827c74d54f2fa0523fab16c6edf6f3f8c203dc Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 3 Sep 2019 12:56:37 +0100 Subject: [PATCH] Introduce getter for MD handle from MD context --- include/mbedtls/md.h | 6 ++ library/hmac_drbg.c | 6 +- library/md.c | 167 +++++++++++++++++++++++++++---------------- library/pkcs5.c | 2 +- library/rsa.c | 2 +- 5 files changed, 117 insertions(+), 66 deletions(-) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 40624e44a..111427f39 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -104,6 +104,12 @@ typedef struct mbedtls_md_context_t void *hmac_ctx; } mbedtls_md_context_t; +static inline mbedtls_md_handle_t mbedtls_md_get_handle( + struct mbedtls_md_context_t const *ctx ) +{ + return( ctx->md_info ); +} + /** * \brief This function returns the list of digests supported by the * generic digest module. diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index c9c541d83..b51e9b18d 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -70,7 +70,8 @@ int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t add_len ) { - size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); + size_t md_len = mbedtls_md_get_size( + mbedtls_md_get_handle( &ctx->md_ctx ) ); unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1; unsigned char sep[1]; unsigned char K[MBEDTLS_MD_MAX_SIZE]; @@ -329,7 +330,8 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng, { int ret; mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng; - size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); + size_t md_len = mbedtls_md_get_size( + mbedtls_md_get_handle( &ctx->md_ctx ) ); size_t left = out_len; unsigned char *out = output; diff --git a/library/md.c b/library/md.c index e1d7e9d01..81e30235c 100644 --- a/library/md.c +++ b/library/md.c @@ -189,16 +189,19 @@ void mbedtls_md_init( mbedtls_md_context_t *ctx ) void mbedtls_md_free( mbedtls_md_context_t *ctx ) { - if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) + if( ctx == NULL || mbedtls_md_get_handle( ctx ) == MBEDTLS_MD_INVALID_HANDLE ) return; if( ctx->md_ctx != NULL ) - mbedtls_md_info_ctx_free_func( ctx->md_info )( ctx->md_ctx ); + { + mbedtls_md_info_ctx_free_func( + mbedtls_md_get_handle( ctx ) )( ctx->md_ctx ); + } if( ctx->hmac_ctx != NULL ) { mbedtls_platform_zeroize( ctx->hmac_ctx, - 2 * mbedtls_md_info_block_size( ctx->md_info ) ); + 2 * mbedtls_md_info_block_size( mbedtls_md_get_handle( ctx ) ) ); mbedtls_free( ctx->hmac_ctx ); } @@ -208,14 +211,15 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) int mbedtls_md_clone( mbedtls_md_context_t *dst, const mbedtls_md_context_t *src ) { - if( dst == NULL || dst->md_info == MBEDTLS_MD_INVALID_HANDLE || - src == NULL || src->md_info == MBEDTLS_MD_INVALID_HANDLE || - dst->md_info != src->md_info ) + if( dst == NULL || mbedtls_md_get_handle( dst ) == MBEDTLS_MD_INVALID_HANDLE || + src == NULL || mbedtls_md_get_handle( src ) == MBEDTLS_MD_INVALID_HANDLE || + mbedtls_md_get_handle( dst ) != mbedtls_md_get_handle( src ) ) { return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); } - mbedtls_md_info_clone_func( dst->md_info )( dst->md_ctx, src->md_ctx ); + mbedtls_md_info_clone_func( mbedtls_md_get_handle( dst ) ) + ( dst->md_ctx, src->md_ctx ); return( 0 ); } @@ -237,7 +241,8 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, in if( hmac != 0 ) { - ctx->hmac_ctx = mbedtls_calloc( 2, mbedtls_md_info_block_size( md_info ) ); + ctx->hmac_ctx = mbedtls_calloc( 2, + mbedtls_md_info_block_size( md_info ) ); if( ctx->hmac_ctx == NULL ) { mbedtls_md_info_ctx_free_func( md_info )( ctx->md_ctx ); @@ -252,28 +257,43 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, in int mbedtls_md_starts( mbedtls_md_context_t *ctx ) { - if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) + mbedtls_md_handle_t md_info; + if( ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( mbedtls_md_info_starts_func( ctx->md_info )( ctx->md_ctx ) ); + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_starts_func( md_info )( ctx->md_ctx ) ); } int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) { - if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) + mbedtls_md_handle_t md_info; + if( ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( mbedtls_md_info_update_func( ctx->md_info )( ctx->md_ctx, - input, ilen ) ); + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_update_func( md_info )( ctx->md_ctx, + input, ilen ) ); } int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) { - if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) + mbedtls_md_handle_t md_info; + if( ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( mbedtls_md_info_finish_func( ctx->md_info )( ctx->md_ctx, - output ) ); + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_finish_func( md_info )( ctx->md_ctx, + output ) ); } int mbedtls_md( mbedtls_md_handle_t md_info, const unsigned char *input, size_t ilen, @@ -348,18 +368,20 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, mbedtls_md_update_func_t *update; mbedtls_md_finish_func_t *finish; - if( ctx == NULL || - ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || - ctx->hmac_ctx == NULL ) - { + mbedtls_md_handle_t md_info; + + if( ctx == NULL || ctx->hmac_ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - } - starts = mbedtls_md_info_starts_func( ctx->md_info ); - update = mbedtls_md_info_update_func( ctx->md_info ); - finish = mbedtls_md_info_finish_func( ctx->md_info ); + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - if( keylen > (size_t) mbedtls_md_info_block_size( ctx->md_info ) ) + starts = mbedtls_md_info_starts_func( md_info ); + update = mbedtls_md_info_update_func( md_info ); + finish = mbedtls_md_info_finish_func( md_info ); + + if( keylen > (size_t) mbedtls_md_info_block_size( md_info ) ) { if( ( ret = starts( ctx->md_ctx ) ) != 0 ) goto cleanup; @@ -370,15 +392,16 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, if( ( ret = finish( ctx->md_ctx, sum ) ) != 0 ) goto cleanup; - keylen = mbedtls_md_info_size( ctx->md_info ); + keylen = mbedtls_md_info_size( md_info ); key = sum; } ipad = (unsigned char *) ctx->hmac_ctx; - opad = (unsigned char *) ctx->hmac_ctx + mbedtls_md_info_block_size( ctx->md_info ); + opad = (unsigned char *) ctx->hmac_ctx + + mbedtls_md_info_block_size( md_info ); - memset( ipad, 0x36, mbedtls_md_info_block_size( ctx->md_info ) ); - memset( opad, 0x5C, mbedtls_md_info_block_size( ctx->md_info ) ); + memset( ipad, 0x36, mbedtls_md_info_block_size( md_info ) ); + memset( opad, 0x5C, mbedtls_md_info_block_size( md_info ) ); for( i = 0; i < keylen; i++ ) { @@ -389,8 +412,11 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, if( ( ret = starts( ctx->md_ctx ) ) != 0 ) goto cleanup; - if( ( ret = update( ctx->md_ctx, ipad, mbedtls_md_info_block_size( ctx->md_info ) ) ) != 0 ) + if( ( ret = update( ctx->md_ctx, ipad, + mbedtls_md_info_block_size( md_info ) ) ) != 0 ) + { goto cleanup; + } cleanup: mbedtls_platform_zeroize( sum, sizeof( sum ) ); @@ -398,16 +424,19 @@ cleanup: return( ret ); } -int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) +int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, + const unsigned char *input, size_t ilen ) { - if( ctx == NULL || - ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || - ctx->hmac_ctx == NULL ) - { - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - } + mbedtls_md_handle_t md_info; - return( mbedtls_md_info_update_func( ctx->md_info )( + if( ctx == NULL || ctx->hmac_ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_update_func( md_info )( ctx->md_ctx, input, ilen ) ); } @@ -421,18 +450,21 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) mbedtls_md_update_func_t *update; mbedtls_md_finish_func_t *finish; - if( ctx == NULL || - ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || - ctx->hmac_ctx == NULL ) - { + mbedtls_md_handle_t md_info; + + if( ctx == NULL || ctx->hmac_ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - } - starts = mbedtls_md_info_starts_func( ctx->md_info ); - update = mbedtls_md_info_update_func( ctx->md_info ); - finish = mbedtls_md_info_finish_func( ctx->md_info ); + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - opad = (unsigned char *) ctx->hmac_ctx + mbedtls_md_info_block_size( ctx->md_info ); + starts = mbedtls_md_info_starts_func( md_info ); + update = mbedtls_md_info_update_func( md_info ); + finish = mbedtls_md_info_finish_func( md_info ); + + opad = (unsigned char *) ctx->hmac_ctx + + mbedtls_md_info_block_size( md_info ); if( ( ret = finish( ctx->md_ctx, tmp ) ) != 0 ) return( ret ); @@ -440,11 +472,17 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) if( ( ret = starts( ctx->md_ctx ) ) != 0 ) return( ret ); - if( ( ret = update( ctx->md_ctx, opad, mbedtls_md_info_block_size( ctx->md_info ) ) ) != 0 ) + if( ( ret = update( ctx->md_ctx, opad, + mbedtls_md_info_block_size( md_info ) ) ) != 0 ) + { return( ret ); + } - if( ( ret = update( ctx->md_ctx, tmp, mbedtls_md_info_size( ctx->md_info ) ) ) != 0 ) + if( ( ret = update( ctx->md_ctx, tmp, + mbedtls_md_info_size( md_info ) ) ) != 0 ) + { return( ret ); + } if( ( ret = finish( ctx->md_ctx, output ) ) != 0 ) return( ret ); @@ -457,21 +495,24 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) int ret; unsigned char *ipad; - if( ctx == NULL || - ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || - ctx->hmac_ctx == NULL ) - { + mbedtls_md_handle_t md_info; + + if( ctx == NULL || ctx->hmac_ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - } ipad = (unsigned char *) ctx->hmac_ctx; - ret = mbedtls_md_info_starts_func( ctx->md_info )( ctx->md_ctx ); + ret = mbedtls_md_info_starts_func( md_info )( ctx->md_ctx ); if( ret != 0 ) return( ret ); - ret = mbedtls_md_info_update_func( ctx->md_info )( - ctx->md_ctx, ipad, mbedtls_md_info_block_size( ctx->md_info ) ); + ret = mbedtls_md_info_update_func( md_info )( + ctx->md_ctx, ipad, + mbedtls_md_info_block_size( md_info ) ); return( ret ); } @@ -506,13 +547,15 @@ cleanup: int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) { - if( ctx == NULL || - ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) - { + mbedtls_md_handle_t md_info; + if( ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - } - return( mbedtls_md_info_process_func( ctx->md_info )( + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_process_func( md_info )( ctx->md_ctx, data ) ); } diff --git a/library/pkcs5.c b/library/pkcs5.c index 2717aaa56..a517778a4 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -226,7 +226,7 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p unsigned int i; unsigned char md1[MBEDTLS_MD_MAX_SIZE]; unsigned char work[MBEDTLS_MD_MAX_SIZE]; - unsigned char md_size = mbedtls_md_get_size( ctx->md_info ); + unsigned char md_size = mbedtls_md_get_size( mbedtls_md_get_handle( ctx ) ); size_t use_len; unsigned char *out_p = output; unsigned char counter[4]; diff --git a/library/rsa.c b/library/rsa.c index 2674c1094..3bfc73ec5 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1076,7 +1076,7 @@ static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, memset( mask, 0, MBEDTLS_MD_MAX_SIZE ); memset( counter, 0, 4 ); - hlen = mbedtls_md_get_size( md_ctx->md_info ); + hlen = mbedtls_md_get_size( mbedtls_md_get_handle( md_ctx ) ); /* Generate and apply dbMask */ p = dst;