1693 lines
46 KiB
C
1693 lines
46 KiB
C
|
/* hash.c
|
||
|
*
|
||
|
* Copyright (C) 2006-2020 wolfSSL Inc.
|
||
|
*
|
||
|
* This file is part of wolfSSL.
|
||
|
*
|
||
|
* wolfSSL is free software; you can redistribute it and/or modify
|
||
|
* it under the terms of the GNU General Public License as published by
|
||
|
* the Free Software Foundation; either version 2 of the License, or
|
||
|
* (at your option) any later version.
|
||
|
*
|
||
|
* wolfSSL is distributed in the hope that it will be useful,
|
||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
|
* GNU General Public License for more details.
|
||
|
*
|
||
|
* You should have received a copy of the GNU General Public License
|
||
|
* along with this program; if not, write to the Free Software
|
||
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||
|
*/
|
||
|
|
||
|
|
||
|
#ifdef HAVE_CONFIG_H
|
||
|
#include <config.h>
|
||
|
#endif
|
||
|
|
||
|
#include <wolfssl/wolfcrypt/settings.h>
|
||
|
#include <wolfssl/wolfcrypt/logging.h>
|
||
|
#include <wolfssl/wolfcrypt/error-crypt.h>
|
||
|
#ifndef NO_ASN
|
||
|
#include <wolfssl/wolfcrypt/asn.h>
|
||
|
#endif
|
||
|
|
||
|
#include <wolfssl/wolfcrypt/hash.h>
|
||
|
#include <wolfssl/wolfcrypt/hmac.h>
|
||
|
#include <wolfssl/wolfcrypt/cryptocb.h>
|
||
|
|
||
|
#ifdef NO_INLINE
|
||
|
#include <wolfssl/wolfcrypt/misc.h>
|
||
|
#else
|
||
|
#define WOLFSSL_MISC_INCLUDED
|
||
|
#include <wolfcrypt/src/misc.c>
|
||
|
#endif
|
||
|
|
||
|
|
||
|
#ifdef NO_ASN
|
||
|
enum Hash_Sum {
|
||
|
MD2h = 646,
|
||
|
MD5h = 649,
|
||
|
SHAh = 88,
|
||
|
SHA224h = 417,
|
||
|
SHA256h = 414,
|
||
|
SHA384h = 415,
|
||
|
SHA512h = 416,
|
||
|
SHA3_224h = 420,
|
||
|
SHA3_256h = 421,
|
||
|
SHA3_384h = 422,
|
||
|
SHA3_512h = 423
|
||
|
};
|
||
|
#endif /* !NO_ASN */
|
||
|
|
||
|
#if !defined(NO_PWDBASED) || !defined(NO_ASN)
|
||
|
/* function converts int hash type to enum */
|
||
|
enum wc_HashType wc_HashTypeConvert(int hashType)
|
||
|
{
|
||
|
/* Default to hash type none as error */
|
||
|
enum wc_HashType eHashType = WC_HASH_TYPE_NONE;
|
||
|
#if defined(HAVE_FIPS) || defined(HAVE_SELFTEST)
|
||
|
/* original FIPSv1 and CAVP selftest require a mapping for unique hash
|
||
|
type to wc_HashType */
|
||
|
switch (hashType) {
|
||
|
#ifndef NO_MD5
|
||
|
case WC_MD5:
|
||
|
eHashType = WC_HASH_TYPE_MD5;
|
||
|
break;
|
||
|
#endif /* !NO_MD5 */
|
||
|
#ifndef NO_SHA
|
||
|
case WC_SHA:
|
||
|
eHashType = WC_HASH_TYPE_SHA;
|
||
|
break;
|
||
|
#endif /* !NO_SHA */
|
||
|
|
||
|
#ifdef WOLFSSL_SHA224
|
||
|
case WC_SHA224:
|
||
|
eHashType = WC_HASH_TYPE_SHA224;
|
||
|
break;
|
||
|
#endif /* WOLFSSL_SHA224 */
|
||
|
|
||
|
#ifndef NO_SHA256
|
||
|
case WC_SHA256:
|
||
|
eHashType = WC_HASH_TYPE_SHA256;
|
||
|
break;
|
||
|
#endif /* !NO_SHA256 */
|
||
|
|
||
|
#ifdef WOLFSSL_SHA384
|
||
|
case WC_SHA384:
|
||
|
eHashType = WC_HASH_TYPE_SHA384;
|
||
|
break;
|
||
|
#endif /* WOLFSSL_SHA384 */
|
||
|
#ifdef WOLFSSL_SHA512
|
||
|
case WC_SHA512:
|
||
|
eHashType = WC_HASH_TYPE_SHA512;
|
||
|
break;
|
||
|
#endif /* WOLFSSL_SHA512 */
|
||
|
#ifdef WOLFSSL_SHA3
|
||
|
case WC_SHA3_224:
|
||
|
eHashType = WC_HASH_TYPE_SHA3_224;
|
||
|
break;
|
||
|
case WC_SHA3_256:
|
||
|
eHashType = WC_HASH_TYPE_SHA3_256;
|
||
|
break;
|
||
|
case WC_SHA3_384:
|
||
|
eHashType = WC_HASH_TYPE_SHA3_384;
|
||
|
break;
|
||
|
case WC_SHA3_512:
|
||
|
eHashType = WC_HASH_TYPE_SHA3_512;
|
||
|
break;
|
||
|
#endif /* WOLFSSL_SHA3 */
|
||
|
default:
|
||
|
eHashType = WC_HASH_TYPE_NONE;
|
||
|
break;
|
||
|
}
|
||
|
#else
|
||
|
/* current master uses same unique types as wc_HashType */
|
||
|
if (hashType > 0 && hashType <= WC_HASH_TYPE_MAX) {
|
||
|
eHashType = (enum wc_HashType)hashType;
|
||
|
}
|
||
|
#endif
|
||
|
return eHashType;
|
||
|
}
|
||
|
#endif /* !NO_PWDBASED || !NO_ASN */
|
||
|
|
||
|
#if !defined(NO_ASN) || !defined(NO_DH) || defined(HAVE_ECC)
|
||
|
|
||
|
int wc_HashGetOID(enum wc_HashType hash_type)
|
||
|
{
|
||
|
int oid = HASH_TYPE_E; /* Default to hash type error */
|
||
|
switch(hash_type)
|
||
|
{
|
||
|
case WC_HASH_TYPE_MD2:
|
||
|
#ifdef WOLFSSL_MD2
|
||
|
oid = MD2h;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_MD5_SHA:
|
||
|
case WC_HASH_TYPE_MD5:
|
||
|
#ifndef NO_MD5
|
||
|
oid = MD5h;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA:
|
||
|
#ifndef NO_SHA
|
||
|
oid = SHAh;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA224:
|
||
|
#ifdef WOLFSSL_SHA224
|
||
|
oid = SHA224h;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA256:
|
||
|
#ifndef NO_SHA256
|
||
|
oid = SHA256h;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA384:
|
||
|
#ifdef WOLFSSL_SHA384
|
||
|
oid = SHA384h;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA512:
|
||
|
#ifdef WOLFSSL_SHA512
|
||
|
oid = SHA512h;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_224:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
|
||
|
oid = SHA3_224h;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_256:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
|
||
|
oid = SHA3_256h;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_384:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
|
||
|
oid = SHA3_384h;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_512:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
|
||
|
oid = SHA3_512h;
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
/* Not Supported */
|
||
|
case WC_HASH_TYPE_MD4:
|
||
|
case WC_HASH_TYPE_BLAKE2B:
|
||
|
case WC_HASH_TYPE_BLAKE2S:
|
||
|
case WC_HASH_TYPE_NONE:
|
||
|
default:
|
||
|
oid = BAD_FUNC_ARG;
|
||
|
break;
|
||
|
}
|
||
|
return oid;
|
||
|
}
|
||
|
|
||
|
enum wc_HashType wc_OidGetHash(int oid)
|
||
|
{
|
||
|
enum wc_HashType hash_type = WC_HASH_TYPE_NONE;
|
||
|
switch (oid)
|
||
|
{
|
||
|
#ifdef WOLFSSL_MD2
|
||
|
case MD2h:
|
||
|
hash_type = WC_HASH_TYPE_MD2;
|
||
|
break;
|
||
|
#endif
|
||
|
case MD5h:
|
||
|
#ifndef NO_MD5
|
||
|
hash_type = WC_HASH_TYPE_MD5;
|
||
|
#endif
|
||
|
break;
|
||
|
case SHAh:
|
||
|
#ifndef NO_SHA
|
||
|
hash_type = WC_HASH_TYPE_SHA;
|
||
|
#endif
|
||
|
break;
|
||
|
case SHA224h:
|
||
|
#ifdef WOLFSSL_SHA224
|
||
|
hash_type = WC_HASH_TYPE_SHA224;
|
||
|
#endif
|
||
|
break;
|
||
|
case SHA256h:
|
||
|
#ifndef NO_SHA256
|
||
|
hash_type = WC_HASH_TYPE_SHA256;
|
||
|
#endif
|
||
|
break;
|
||
|
case SHA384h:
|
||
|
#ifdef WOLFSSL_SHA384
|
||
|
hash_type = WC_HASH_TYPE_SHA384;
|
||
|
#endif
|
||
|
break;
|
||
|
case SHA512h:
|
||
|
#ifdef WOLFSSL_SHA512
|
||
|
hash_type = WC_HASH_TYPE_SHA512;
|
||
|
#endif
|
||
|
break;
|
||
|
#ifdef WOLFSSL_SHA3
|
||
|
case SHA3_224h:
|
||
|
hash_type = WC_HASH_TYPE_SHA3_224;
|
||
|
break;
|
||
|
case SHA3_256h:
|
||
|
hash_type = WC_HASH_TYPE_SHA3_256;
|
||
|
break;
|
||
|
case SHA3_384h:
|
||
|
hash_type = WC_HASH_TYPE_SHA3_384;
|
||
|
break;
|
||
|
case SHA3_512h:
|
||
|
hash_type = WC_HASH_TYPE_SHA3_512;
|
||
|
break;
|
||
|
#endif /* WOLFSSL_SHA3 */
|
||
|
default:
|
||
|
break;
|
||
|
}
|
||
|
return hash_type;
|
||
|
}
|
||
|
#endif /* !NO_ASN || !NO_DH || HAVE_ECC */
|
||
|
|
||
|
#ifndef NO_HASH_WRAPPER
|
||
|
|
||
|
/* Get Hash digest size */
|
||
|
int wc_HashGetDigestSize(enum wc_HashType hash_type)
|
||
|
{
|
||
|
int dig_size = HASH_TYPE_E; /* Default to hash type error */
|
||
|
switch(hash_type)
|
||
|
{
|
||
|
case WC_HASH_TYPE_MD2:
|
||
|
#ifdef WOLFSSL_MD2
|
||
|
dig_size = MD2_DIGEST_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_MD4:
|
||
|
#ifndef NO_MD4
|
||
|
dig_size = MD4_DIGEST_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_MD5:
|
||
|
#ifndef NO_MD5
|
||
|
dig_size = WC_MD5_DIGEST_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA:
|
||
|
#ifndef NO_SHA
|
||
|
dig_size = WC_SHA_DIGEST_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA224:
|
||
|
#ifdef WOLFSSL_SHA224
|
||
|
dig_size = WC_SHA224_DIGEST_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA256:
|
||
|
#ifndef NO_SHA256
|
||
|
dig_size = WC_SHA256_DIGEST_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA384:
|
||
|
#ifdef WOLFSSL_SHA384
|
||
|
dig_size = WC_SHA384_DIGEST_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA512:
|
||
|
#ifdef WOLFSSL_SHA512
|
||
|
dig_size = WC_SHA512_DIGEST_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_MD5_SHA: /* Old TLS Specific */
|
||
|
#if !defined(NO_MD5) && !defined(NO_SHA)
|
||
|
dig_size = (int)WC_MD5_DIGEST_SIZE + (int)WC_SHA_DIGEST_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
case WC_HASH_TYPE_SHA3_224:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
|
||
|
dig_size = WC_SHA3_224_DIGEST_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_256:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
|
||
|
dig_size = WC_SHA3_256_DIGEST_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_384:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
|
||
|
dig_size = WC_SHA3_384_DIGEST_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_512:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
|
||
|
dig_size = WC_SHA3_512_DIGEST_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_BLAKE2B:
|
||
|
case WC_HASH_TYPE_BLAKE2S:
|
||
|
#if defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S)
|
||
|
dig_size = BLAKE2S_OUTBYTES;
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
/* Not Supported */
|
||
|
case WC_HASH_TYPE_NONE:
|
||
|
default:
|
||
|
dig_size = BAD_FUNC_ARG;
|
||
|
break;
|
||
|
}
|
||
|
return dig_size;
|
||
|
}
|
||
|
|
||
|
|
||
|
/* Get Hash block size */
|
||
|
int wc_HashGetBlockSize(enum wc_HashType hash_type)
|
||
|
{
|
||
|
int block_size = HASH_TYPE_E; /* Default to hash type error */
|
||
|
switch (hash_type)
|
||
|
{
|
||
|
case WC_HASH_TYPE_MD2:
|
||
|
#ifdef WOLFSSL_MD2
|
||
|
block_size = MD2_BLOCK_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_MD4:
|
||
|
#ifndef NO_MD4
|
||
|
block_size = MD4_BLOCK_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_MD5:
|
||
|
#ifndef NO_MD5
|
||
|
block_size = WC_MD5_BLOCK_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA:
|
||
|
#ifndef NO_SHA
|
||
|
block_size = WC_SHA_BLOCK_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA224:
|
||
|
#ifdef WOLFSSL_SHA224
|
||
|
block_size = WC_SHA224_BLOCK_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA256:
|
||
|
#ifndef NO_SHA256
|
||
|
block_size = WC_SHA256_BLOCK_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA384:
|
||
|
#ifdef WOLFSSL_SHA384
|
||
|
block_size = WC_SHA384_BLOCK_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA512:
|
||
|
#ifdef WOLFSSL_SHA512
|
||
|
block_size = WC_SHA512_BLOCK_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_MD5_SHA: /* Old TLS Specific */
|
||
|
#if !defined(NO_MD5) && !defined(NO_SHA)
|
||
|
block_size = (int)WC_MD5_BLOCK_SIZE + (int)WC_SHA_BLOCK_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
case WC_HASH_TYPE_SHA3_224:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
|
||
|
block_size = WC_SHA3_224_BLOCK_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_256:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
|
||
|
block_size = WC_SHA3_256_BLOCK_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_384:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
|
||
|
block_size = WC_SHA3_384_BLOCK_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_512:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
|
||
|
block_size = WC_SHA3_512_BLOCK_SIZE;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_BLAKE2B:
|
||
|
case WC_HASH_TYPE_BLAKE2S:
|
||
|
#if defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S)
|
||
|
block_size = BLAKE2S_BLOCKBYTES;
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
/* Not Supported */
|
||
|
case WC_HASH_TYPE_NONE:
|
||
|
default:
|
||
|
block_size = BAD_FUNC_ARG;
|
||
|
break;
|
||
|
}
|
||
|
return block_size;
|
||
|
}
|
||
|
|
||
|
/* Generic Hashing Wrapper */
|
||
|
int wc_Hash(enum wc_HashType hash_type, const byte* data,
|
||
|
word32 data_len, byte* hash, word32 hash_len)
|
||
|
{
|
||
|
int ret = HASH_TYPE_E; /* Default to hash type error */
|
||
|
word32 dig_size;
|
||
|
|
||
|
/* Validate hash buffer size */
|
||
|
dig_size = wc_HashGetDigestSize(hash_type);
|
||
|
if (hash_len < dig_size) {
|
||
|
return BUFFER_E;
|
||
|
}
|
||
|
|
||
|
/* Suppress possible unused arg if all hashing is disabled */
|
||
|
(void)data;
|
||
|
(void)data_len;
|
||
|
(void)hash;
|
||
|
(void)hash_len;
|
||
|
|
||
|
switch(hash_type)
|
||
|
{
|
||
|
case WC_HASH_TYPE_MD5:
|
||
|
#ifndef NO_MD5
|
||
|
ret = wc_Md5Hash(data, data_len, hash);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA:
|
||
|
#ifndef NO_SHA
|
||
|
ret = wc_ShaHash(data, data_len, hash);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA224:
|
||
|
#ifdef WOLFSSL_SHA224
|
||
|
ret = wc_Sha224Hash(data, data_len, hash);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA256:
|
||
|
#ifndef NO_SHA256
|
||
|
ret = wc_Sha256Hash(data, data_len, hash);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA384:
|
||
|
#ifdef WOLFSSL_SHA384
|
||
|
ret = wc_Sha384Hash(data, data_len, hash);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA512:
|
||
|
#ifdef WOLFSSL_SHA512
|
||
|
ret = wc_Sha512Hash(data, data_len, hash);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_MD5_SHA:
|
||
|
#if !defined(NO_MD5) && !defined(NO_SHA)
|
||
|
ret = wc_Md5Hash(data, data_len, hash);
|
||
|
if (ret == 0) {
|
||
|
ret = wc_ShaHash(data, data_len, &hash[WC_MD5_DIGEST_SIZE]);
|
||
|
}
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
case WC_HASH_TYPE_SHA3_224:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
|
||
|
ret = wc_Sha3_224Hash(data, data_len, hash);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_256:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
|
||
|
ret = wc_Sha3_256Hash(data, data_len, hash);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_384:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
|
||
|
ret = wc_Sha3_384Hash(data, data_len, hash);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_512:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
|
||
|
ret = wc_Sha3_512Hash(data, data_len, hash);
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
/* Not Supported */
|
||
|
case WC_HASH_TYPE_MD2:
|
||
|
case WC_HASH_TYPE_MD4:
|
||
|
case WC_HASH_TYPE_BLAKE2B:
|
||
|
case WC_HASH_TYPE_BLAKE2S:
|
||
|
case WC_HASH_TYPE_NONE:
|
||
|
default:
|
||
|
ret = BAD_FUNC_ARG;
|
||
|
break;
|
||
|
}
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap,
|
||
|
int devId)
|
||
|
{
|
||
|
int ret = HASH_TYPE_E; /* Default to hash type error */
|
||
|
|
||
|
if (hash == NULL)
|
||
|
return BAD_FUNC_ARG;
|
||
|
|
||
|
switch (type) {
|
||
|
case WC_HASH_TYPE_MD5:
|
||
|
#ifndef NO_MD5
|
||
|
ret = wc_InitMd5_ex(&hash->md5, heap, devId);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA:
|
||
|
#ifndef NO_SHA
|
||
|
ret = wc_InitSha_ex(&hash->sha, heap, devId);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA224:
|
||
|
#ifdef WOLFSSL_SHA224
|
||
|
ret = wc_InitSha224_ex(&hash->sha224, heap, devId);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA256:
|
||
|
#ifndef NO_SHA256
|
||
|
ret = wc_InitSha256_ex(&hash->sha256, heap, devId);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA384:
|
||
|
#ifdef WOLFSSL_SHA384
|
||
|
ret = wc_InitSha384_ex(&hash->sha384, heap, devId);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA512:
|
||
|
#ifdef WOLFSSL_SHA512
|
||
|
ret = wc_InitSha512_ex(&hash->sha512, heap, devId);
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
case WC_HASH_TYPE_SHA3_224:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
|
||
|
ret = wc_InitSha3_224(&hash->sha3, heap, devId);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_256:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
|
||
|
ret = wc_InitSha3_256(&hash->sha3, heap, devId);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_384:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
|
||
|
ret = wc_InitSha3_384(&hash->sha3, heap, devId);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_512:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
|
||
|
ret = wc_InitSha3_512(&hash->sha3, heap, devId);
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
/* not supported */
|
||
|
case WC_HASH_TYPE_MD5_SHA:
|
||
|
case WC_HASH_TYPE_MD2:
|
||
|
case WC_HASH_TYPE_MD4:
|
||
|
case WC_HASH_TYPE_BLAKE2B:
|
||
|
case WC_HASH_TYPE_BLAKE2S:
|
||
|
case WC_HASH_TYPE_NONE:
|
||
|
default:
|
||
|
ret = BAD_FUNC_ARG;
|
||
|
};
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type)
|
||
|
{
|
||
|
return wc_HashInit_ex(hash, type, NULL, INVALID_DEVID);
|
||
|
}
|
||
|
|
||
|
int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data,
|
||
|
word32 dataSz)
|
||
|
{
|
||
|
int ret = HASH_TYPE_E; /* Default to hash type error */
|
||
|
|
||
|
if (hash == NULL || (data == NULL && dataSz > 0))
|
||
|
return BAD_FUNC_ARG;
|
||
|
|
||
|
switch (type) {
|
||
|
case WC_HASH_TYPE_MD5:
|
||
|
#ifndef NO_MD5
|
||
|
ret = wc_Md5Update(&hash->md5, data, dataSz);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA:
|
||
|
#ifndef NO_SHA
|
||
|
ret = wc_ShaUpdate(&hash->sha, data, dataSz);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA224:
|
||
|
#ifdef WOLFSSL_SHA224
|
||
|
ret = wc_Sha224Update(&hash->sha224, data, dataSz);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA256:
|
||
|
#ifndef NO_SHA256
|
||
|
ret = wc_Sha256Update(&hash->sha256, data, dataSz);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA384:
|
||
|
#ifdef WOLFSSL_SHA384
|
||
|
ret = wc_Sha384Update(&hash->sha384, data, dataSz);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA512:
|
||
|
#ifdef WOLFSSL_SHA512
|
||
|
ret = wc_Sha512Update(&hash->sha512, data, dataSz);
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
case WC_HASH_TYPE_SHA3_224:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
|
||
|
ret = wc_Sha3_224_Update(&hash->sha3, data, dataSz);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_256:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
|
||
|
ret = wc_Sha3_256_Update(&hash->sha3, data, dataSz);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_384:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
|
||
|
ret = wc_Sha3_384_Update(&hash->sha3, data, dataSz);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_512:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
|
||
|
ret = wc_Sha3_512_Update(&hash->sha3, data, dataSz);
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
/* not supported */
|
||
|
case WC_HASH_TYPE_MD5_SHA:
|
||
|
case WC_HASH_TYPE_MD2:
|
||
|
case WC_HASH_TYPE_MD4:
|
||
|
case WC_HASH_TYPE_BLAKE2B:
|
||
|
case WC_HASH_TYPE_BLAKE2S:
|
||
|
case WC_HASH_TYPE_NONE:
|
||
|
default:
|
||
|
ret = BAD_FUNC_ARG;
|
||
|
};
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out)
|
||
|
{
|
||
|
int ret = HASH_TYPE_E; /* Default to hash type error */
|
||
|
|
||
|
if (hash == NULL || out == NULL)
|
||
|
return BAD_FUNC_ARG;
|
||
|
|
||
|
switch (type) {
|
||
|
case WC_HASH_TYPE_MD5:
|
||
|
#ifndef NO_MD5
|
||
|
ret = wc_Md5Final(&hash->md5, out);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA:
|
||
|
#ifndef NO_SHA
|
||
|
ret = wc_ShaFinal(&hash->sha, out);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA224:
|
||
|
#ifdef WOLFSSL_SHA224
|
||
|
ret = wc_Sha224Final(&hash->sha224, out);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA256:
|
||
|
#ifndef NO_SHA256
|
||
|
ret = wc_Sha256Final(&hash->sha256, out);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA384:
|
||
|
#ifdef WOLFSSL_SHA384
|
||
|
ret = wc_Sha384Final(&hash->sha384, out);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA512:
|
||
|
#ifdef WOLFSSL_SHA512
|
||
|
ret = wc_Sha512Final(&hash->sha512, out);
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
case WC_HASH_TYPE_SHA3_224:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
|
||
|
ret = wc_Sha3_224_Final(&hash->sha3, out);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_256:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
|
||
|
ret = wc_Sha3_256_Final(&hash->sha3, out);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_384:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
|
||
|
ret = wc_Sha3_384_Final(&hash->sha3, out);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_512:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
|
||
|
ret = wc_Sha3_512_Final(&hash->sha3, out);
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
/* not supported */
|
||
|
case WC_HASH_TYPE_MD5_SHA:
|
||
|
case WC_HASH_TYPE_MD2:
|
||
|
case WC_HASH_TYPE_MD4:
|
||
|
case WC_HASH_TYPE_BLAKE2B:
|
||
|
case WC_HASH_TYPE_BLAKE2S:
|
||
|
case WC_HASH_TYPE_NONE:
|
||
|
default:
|
||
|
ret = BAD_FUNC_ARG;
|
||
|
};
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type)
|
||
|
{
|
||
|
int ret = HASH_TYPE_E; /* Default to hash type error */
|
||
|
|
||
|
if (hash == NULL)
|
||
|
return BAD_FUNC_ARG;
|
||
|
|
||
|
switch (type) {
|
||
|
case WC_HASH_TYPE_MD5:
|
||
|
#ifndef NO_MD5
|
||
|
wc_Md5Free(&hash->md5);
|
||
|
ret = 0;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA:
|
||
|
#ifndef NO_SHA
|
||
|
wc_ShaFree(&hash->sha);
|
||
|
ret = 0;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA224:
|
||
|
#ifdef WOLFSSL_SHA224
|
||
|
wc_Sha224Free(&hash->sha224);
|
||
|
ret = 0;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA256:
|
||
|
#ifndef NO_SHA256
|
||
|
wc_Sha256Free(&hash->sha256);
|
||
|
ret = 0;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA384:
|
||
|
#ifdef WOLFSSL_SHA384
|
||
|
wc_Sha384Free(&hash->sha384);
|
||
|
ret = 0;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA512:
|
||
|
#ifdef WOLFSSL_SHA512
|
||
|
wc_Sha512Free(&hash->sha512);
|
||
|
ret = 0;
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
case WC_HASH_TYPE_SHA3_224:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
|
||
|
wc_Sha3_224_Free(&hash->sha3);
|
||
|
ret = 0;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_256:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
|
||
|
wc_Sha3_256_Free(&hash->sha3);
|
||
|
ret = 0;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_384:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
|
||
|
wc_Sha3_384_Free(&hash->sha3);
|
||
|
ret = 0;
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA3_512:
|
||
|
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
|
||
|
wc_Sha3_512_Free(&hash->sha3);
|
||
|
ret = 0;
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
/* not supported */
|
||
|
case WC_HASH_TYPE_MD5_SHA:
|
||
|
case WC_HASH_TYPE_MD2:
|
||
|
case WC_HASH_TYPE_MD4:
|
||
|
case WC_HASH_TYPE_BLAKE2B:
|
||
|
case WC_HASH_TYPE_BLAKE2S:
|
||
|
case WC_HASH_TYPE_NONE:
|
||
|
default:
|
||
|
ret = BAD_FUNC_ARG;
|
||
|
};
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
#if defined(WOLFSSL_HASH_FLAGS) || defined(WOLF_CRYPTO_CB)
|
||
|
int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type, word32 flags)
|
||
|
{
|
||
|
int ret = HASH_TYPE_E; /* Default to hash type error */
|
||
|
|
||
|
if (hash == NULL)
|
||
|
return BAD_FUNC_ARG;
|
||
|
|
||
|
switch (type) {
|
||
|
case WC_HASH_TYPE_MD5:
|
||
|
#ifndef NO_MD5
|
||
|
ret = wc_Md5SetFlags(&hash->md5, flags);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA:
|
||
|
#ifndef NO_SHA
|
||
|
ret = wc_ShaSetFlags(&hash->sha, flags);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA224:
|
||
|
#ifdef WOLFSSL_SHA224
|
||
|
ret = wc_Sha224SetFlags(&hash->sha224, flags);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA256:
|
||
|
#ifndef NO_SHA256
|
||
|
ret = wc_Sha256SetFlags(&hash->sha256, flags);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA384:
|
||
|
#ifdef WOLFSSL_SHA384
|
||
|
ret = wc_Sha384SetFlags(&hash->sha384, flags);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA512:
|
||
|
#ifdef WOLFSSL_SHA512
|
||
|
ret = wc_Sha512SetFlags(&hash->sha512, flags);
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
case WC_HASH_TYPE_SHA3_224:
|
||
|
case WC_HASH_TYPE_SHA3_256:
|
||
|
case WC_HASH_TYPE_SHA3_384:
|
||
|
case WC_HASH_TYPE_SHA3_512:
|
||
|
#ifdef WOLFSSL_SHA3
|
||
|
ret = wc_Sha3_SetFlags(&hash->sha3, flags);
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
/* not supported */
|
||
|
case WC_HASH_TYPE_MD5_SHA:
|
||
|
case WC_HASH_TYPE_MD2:
|
||
|
case WC_HASH_TYPE_MD4:
|
||
|
case WC_HASH_TYPE_BLAKE2B:
|
||
|
case WC_HASH_TYPE_BLAKE2S:
|
||
|
case WC_HASH_TYPE_NONE:
|
||
|
default:
|
||
|
ret = BAD_FUNC_ARG;
|
||
|
};
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags)
|
||
|
{
|
||
|
int ret = HASH_TYPE_E; /* Default to hash type error */
|
||
|
|
||
|
if (hash == NULL)
|
||
|
return BAD_FUNC_ARG;
|
||
|
|
||
|
switch (type) {
|
||
|
case WC_HASH_TYPE_MD5:
|
||
|
#ifndef NO_MD5
|
||
|
ret = wc_Md5GetFlags(&hash->md5, flags);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA:
|
||
|
#ifndef NO_SHA
|
||
|
ret = wc_ShaGetFlags(&hash->sha, flags);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA224:
|
||
|
#ifdef WOLFSSL_SHA224
|
||
|
ret = wc_Sha224GetFlags(&hash->sha224, flags);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA256:
|
||
|
#ifndef NO_SHA256
|
||
|
ret = wc_Sha256GetFlags(&hash->sha256, flags);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA384:
|
||
|
#ifdef WOLFSSL_SHA384
|
||
|
ret = wc_Sha384GetFlags(&hash->sha384, flags);
|
||
|
#endif
|
||
|
break;
|
||
|
case WC_HASH_TYPE_SHA512:
|
||
|
#ifdef WOLFSSL_SHA512
|
||
|
ret = wc_Sha512GetFlags(&hash->sha512, flags);
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
case WC_HASH_TYPE_SHA3_224:
|
||
|
case WC_HASH_TYPE_SHA3_256:
|
||
|
case WC_HASH_TYPE_SHA3_384:
|
||
|
case WC_HASH_TYPE_SHA3_512:
|
||
|
#ifdef WOLFSSL_SHA3
|
||
|
ret = wc_Sha3_GetFlags(&hash->sha3, flags);
|
||
|
#endif
|
||
|
break;
|
||
|
|
||
|
/* not supported */
|
||
|
case WC_HASH_TYPE_MD5_SHA:
|
||
|
case WC_HASH_TYPE_MD2:
|
||
|
case WC_HASH_TYPE_MD4:
|
||
|
case WC_HASH_TYPE_BLAKE2B:
|
||
|
case WC_HASH_TYPE_BLAKE2S:
|
||
|
case WC_HASH_TYPE_NONE:
|
||
|
default:
|
||
|
ret = BAD_FUNC_ARG;
|
||
|
};
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
#endif
|
||
|
|
||
|
|
||
|
#if !defined(WOLFSSL_TI_HASH)
|
||
|
|
||
|
#if !defined(NO_MD5)
|
||
|
int wc_Md5Hash(const byte* data, word32 len, byte* hash)
|
||
|
{
|
||
|
int ret;
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
wc_Md5* md5;
|
||
|
#else
|
||
|
wc_Md5 md5[1];
|
||
|
#endif
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
md5 = (wc_Md5*)XMALLOC(sizeof(wc_Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
if (md5 == NULL)
|
||
|
return MEMORY_E;
|
||
|
#endif
|
||
|
|
||
|
if ((ret = wc_InitMd5(md5)) != 0) {
|
||
|
WOLFSSL_MSG("InitMd5 failed");
|
||
|
}
|
||
|
else {
|
||
|
if ((ret = wc_Md5Update(md5, data, len)) != 0) {
|
||
|
WOLFSSL_MSG("Md5Update failed");
|
||
|
}
|
||
|
else if ((ret = wc_Md5Final(md5, hash)) != 0) {
|
||
|
WOLFSSL_MSG("Md5Final failed");
|
||
|
}
|
||
|
wc_Md5Free(md5);
|
||
|
}
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
#endif
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
#endif /* !NO_MD5 */
|
||
|
|
||
|
#if !defined(NO_SHA)
|
||
|
int wc_ShaHash(const byte* data, word32 len, byte* hash)
|
||
|
{
|
||
|
int ret = 0;
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
wc_Sha* sha;
|
||
|
#else
|
||
|
wc_Sha sha[1];
|
||
|
#endif
|
||
|
int devId = INVALID_DEVID;
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
sha = (wc_Sha*)XMALLOC(sizeof(wc_Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
if (sha == NULL)
|
||
|
return MEMORY_E;
|
||
|
#endif
|
||
|
|
||
|
#ifdef WOLF_CRYPTO_CB
|
||
|
/* only use devId if its not an empty hash */
|
||
|
if (data != NULL && len > 0)
|
||
|
devId = wc_CryptoCb_GetDevIdAtIndex(0);
|
||
|
#endif
|
||
|
|
||
|
if ((ret = wc_InitSha_ex(sha, NULL, devId)) != 0) {
|
||
|
WOLFSSL_MSG("InitSha failed");
|
||
|
}
|
||
|
else {
|
||
|
if ((ret = wc_ShaUpdate(sha, data, len)) != 0) {
|
||
|
WOLFSSL_MSG("ShaUpdate failed");
|
||
|
}
|
||
|
else if ((ret = wc_ShaFinal(sha, hash)) != 0) {
|
||
|
WOLFSSL_MSG("ShaFinal failed");
|
||
|
}
|
||
|
wc_ShaFree(sha);
|
||
|
}
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
#endif
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
#endif /* !NO_SHA */
|
||
|
|
||
|
#if defined(WOLFSSL_SHA224)
|
||
|
int wc_Sha224Hash(const byte* data, word32 len, byte* hash)
|
||
|
{
|
||
|
int ret = 0;
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
wc_Sha224* sha224;
|
||
|
#else
|
||
|
wc_Sha224 sha224[1];
|
||
|
#endif
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
sha224 = (wc_Sha224*)XMALLOC(sizeof(wc_Sha224), NULL,
|
||
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
if (sha224 == NULL)
|
||
|
return MEMORY_E;
|
||
|
#endif
|
||
|
|
||
|
if ((ret = wc_InitSha224(sha224)) != 0) {
|
||
|
WOLFSSL_MSG("InitSha224 failed");
|
||
|
}
|
||
|
else {
|
||
|
if ((ret = wc_Sha224Update(sha224, data, len)) != 0) {
|
||
|
WOLFSSL_MSG("Sha224Update failed");
|
||
|
}
|
||
|
else if ((ret = wc_Sha224Final(sha224, hash)) != 0) {
|
||
|
WOLFSSL_MSG("Sha224Final failed");
|
||
|
}
|
||
|
wc_Sha224Free(sha224);
|
||
|
}
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
XFREE(sha224, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
#endif
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
#endif /* WOLFSSL_SHA224 */
|
||
|
|
||
|
#if !defined(NO_SHA256)
|
||
|
int wc_Sha256Hash(const byte* data, word32 len, byte* hash)
|
||
|
{
|
||
|
int ret = 0;
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
wc_Sha256* sha256;
|
||
|
#else
|
||
|
wc_Sha256 sha256[1];
|
||
|
#endif
|
||
|
int devId = INVALID_DEVID;
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
sha256 = (wc_Sha256*)XMALLOC(sizeof(wc_Sha256), NULL,
|
||
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
if (sha256 == NULL)
|
||
|
return MEMORY_E;
|
||
|
#endif
|
||
|
|
||
|
#ifdef WOLF_CRYPTO_CB
|
||
|
/* only use devId if its not an empty hash */
|
||
|
if (data != NULL && len > 0)
|
||
|
devId = wc_CryptoCb_GetDevIdAtIndex(0);
|
||
|
#endif
|
||
|
|
||
|
if ((ret = wc_InitSha256_ex(sha256, NULL, devId)) != 0) {
|
||
|
WOLFSSL_MSG("InitSha256 failed");
|
||
|
}
|
||
|
else {
|
||
|
if ((ret = wc_Sha256Update(sha256, data, len)) != 0) {
|
||
|
WOLFSSL_MSG("Sha256Update failed");
|
||
|
}
|
||
|
else if ((ret = wc_Sha256Final(sha256, hash)) != 0) {
|
||
|
WOLFSSL_MSG("Sha256Final failed");
|
||
|
}
|
||
|
wc_Sha256Free(sha256);
|
||
|
}
|
||
|
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
XFREE(sha256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
#endif
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
#endif /* !NO_SHA256 */
|
||
|
|
||
|
#endif /* !defined(WOLFSSL_TI_HASH) */
|
||
|
|
||
|
|
||
|
#if defined(WOLFSSL_SHA512)
|
||
|
int wc_Sha512Hash(const byte* data, word32 len, byte* hash)
|
||
|
{
|
||
|
int ret = 0;
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
wc_Sha512* sha512;
|
||
|
#else
|
||
|
wc_Sha512 sha512[1];
|
||
|
#endif
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
sha512 = (wc_Sha512*)XMALLOC(sizeof(wc_Sha512), NULL,
|
||
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
if (sha512 == NULL)
|
||
|
return MEMORY_E;
|
||
|
#endif
|
||
|
|
||
|
if ((ret = wc_InitSha512(sha512)) != 0) {
|
||
|
WOLFSSL_MSG("InitSha512 failed");
|
||
|
}
|
||
|
else {
|
||
|
if ((ret = wc_Sha512Update(sha512, data, len)) != 0) {
|
||
|
WOLFSSL_MSG("Sha512Update failed");
|
||
|
}
|
||
|
else if ((ret = wc_Sha512Final(sha512, hash)) != 0) {
|
||
|
WOLFSSL_MSG("Sha512Final failed");
|
||
|
}
|
||
|
wc_Sha512Free(sha512);
|
||
|
}
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
XFREE(sha512, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
#endif
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
#endif /* WOLFSSL_SHA512 */
|
||
|
|
||
|
#if defined(WOLFSSL_SHA384)
|
||
|
int wc_Sha384Hash(const byte* data, word32 len, byte* hash)
|
||
|
{
|
||
|
int ret = 0;
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
wc_Sha384* sha384;
|
||
|
#else
|
||
|
wc_Sha384 sha384[1];
|
||
|
#endif
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
sha384 = (wc_Sha384*)XMALLOC(sizeof(wc_Sha384), NULL,
|
||
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
if (sha384 == NULL)
|
||
|
return MEMORY_E;
|
||
|
#endif
|
||
|
|
||
|
if ((ret = wc_InitSha384(sha384)) != 0) {
|
||
|
WOLFSSL_MSG("InitSha384 failed");
|
||
|
}
|
||
|
else {
|
||
|
if ((ret = wc_Sha384Update(sha384, data, len)) != 0) {
|
||
|
WOLFSSL_MSG("Sha384Update failed");
|
||
|
}
|
||
|
else if ((ret = wc_Sha384Final(sha384, hash)) != 0) {
|
||
|
WOLFSSL_MSG("Sha384Final failed");
|
||
|
}
|
||
|
wc_Sha384Free(sha384);
|
||
|
}
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
XFREE(sha384, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
#endif
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
#endif /* WOLFSSL_SHA384 */
|
||
|
|
||
|
#if defined(WOLFSSL_SHA3)
|
||
|
#if !defined(WOLFSSL_NOSHA3_224)
|
||
|
int wc_Sha3_224Hash(const byte* data, word32 len, byte* hash)
|
||
|
{
|
||
|
int ret = 0;
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
wc_Sha3* sha3;
|
||
|
#else
|
||
|
wc_Sha3 sha3[1];
|
||
|
#endif
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
sha3 = (wc_Sha3*)XMALLOC(sizeof(wc_Sha3), NULL,
|
||
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
if (sha3 == NULL)
|
||
|
return MEMORY_E;
|
||
|
#endif
|
||
|
|
||
|
if ((ret = wc_InitSha3_224(sha3, NULL, INVALID_DEVID)) != 0) {
|
||
|
WOLFSSL_MSG("InitSha3_224 failed");
|
||
|
}
|
||
|
else {
|
||
|
if ((ret = wc_Sha3_224_Update(sha3, data, len)) != 0) {
|
||
|
WOLFSSL_MSG("Sha3_224_Update failed");
|
||
|
}
|
||
|
else if ((ret = wc_Sha3_224_Final(sha3, hash)) != 0) {
|
||
|
WOLFSSL_MSG("Sha3_224_Final failed");
|
||
|
}
|
||
|
wc_Sha3_224_Free(sha3);
|
||
|
}
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
XFREE(sha3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
#endif
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
#endif /* !WOLFSSL_NOSHA3_224 */
|
||
|
|
||
|
#if !defined(WOLFSSL_NOSHA3_256)
|
||
|
int wc_Sha3_256Hash(const byte* data, word32 len, byte* hash)
|
||
|
{
|
||
|
int ret = 0;
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
wc_Sha3* sha3;
|
||
|
#else
|
||
|
wc_Sha3 sha3[1];
|
||
|
#endif
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
sha3 = (wc_Sha3*)XMALLOC(sizeof(wc_Sha3), NULL,
|
||
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
if (sha3 == NULL)
|
||
|
return MEMORY_E;
|
||
|
#endif
|
||
|
|
||
|
if ((ret = wc_InitSha3_256(sha3, NULL, INVALID_DEVID)) != 0) {
|
||
|
WOLFSSL_MSG("InitSha3_256 failed");
|
||
|
}
|
||
|
else {
|
||
|
if ((ret = wc_Sha3_256_Update(sha3, data, len)) != 0) {
|
||
|
WOLFSSL_MSG("Sha3_256_Update failed");
|
||
|
}
|
||
|
else if ((ret = wc_Sha3_256_Final(sha3, hash)) != 0) {
|
||
|
WOLFSSL_MSG("Sha3_256_Final failed");
|
||
|
}
|
||
|
wc_Sha3_256_Free(sha3);
|
||
|
}
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
XFREE(sha3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
#endif
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
#endif /* !WOLFSSL_NOSHA3_256 */
|
||
|
|
||
|
#if !defined(WOLFSSL_NOSHA3_384)
|
||
|
int wc_Sha3_384Hash(const byte* data, word32 len, byte* hash)
|
||
|
{
|
||
|
int ret = 0;
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
wc_Sha3* sha3;
|
||
|
#else
|
||
|
wc_Sha3 sha3[1];
|
||
|
#endif
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
sha3 = (wc_Sha3*)XMALLOC(sizeof(wc_Sha3), NULL,
|
||
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
if (sha3 == NULL)
|
||
|
return MEMORY_E;
|
||
|
#endif
|
||
|
|
||
|
if ((ret = wc_InitSha3_384(sha3, NULL, INVALID_DEVID)) != 0) {
|
||
|
WOLFSSL_MSG("InitSha3_384 failed");
|
||
|
}
|
||
|
else {
|
||
|
if ((ret = wc_Sha3_384_Update(sha3, data, len)) != 0) {
|
||
|
WOLFSSL_MSG("Sha3_384_Update failed");
|
||
|
}
|
||
|
else if ((ret = wc_Sha3_384_Final(sha3, hash)) != 0) {
|
||
|
WOLFSSL_MSG("Sha3_384_Final failed");
|
||
|
}
|
||
|
wc_Sha3_384_Free(sha3);
|
||
|
}
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
XFREE(sha3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
#endif
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
#endif /* !WOLFSSL_NOSHA3_384 */
|
||
|
|
||
|
#if !defined(WOLFSSL_NOSHA3_512)
|
||
|
int wc_Sha3_512Hash(const byte* data, word32 len, byte* hash)
|
||
|
{
|
||
|
int ret = 0;
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
wc_Sha3* sha3;
|
||
|
#else
|
||
|
wc_Sha3 sha3[1];
|
||
|
#endif
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
sha3 = (wc_Sha3*)XMALLOC(sizeof(wc_Sha3), NULL,
|
||
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
if (sha3 == NULL)
|
||
|
return MEMORY_E;
|
||
|
#endif
|
||
|
|
||
|
if ((ret = wc_InitSha3_512(sha3, NULL, INVALID_DEVID)) != 0) {
|
||
|
WOLFSSL_MSG("InitSha3_512 failed");
|
||
|
}
|
||
|
else {
|
||
|
if ((ret = wc_Sha3_512_Update(sha3, data, len)) != 0) {
|
||
|
WOLFSSL_MSG("Sha3_512_Update failed");
|
||
|
}
|
||
|
else if ((ret = wc_Sha3_512_Final(sha3, hash)) != 0) {
|
||
|
WOLFSSL_MSG("Sha3_512_Final failed");
|
||
|
}
|
||
|
wc_Sha3_512_Free(sha3);
|
||
|
}
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
XFREE(sha3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
#endif
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
#endif /* !WOLFSSL_NOSHA3_512 */
|
||
|
|
||
|
#if defined(WOLFSSL_SHAKE256) && !defined(WOLFSSL_NO_SHAKE256)
|
||
|
int wc_Shake256Hash(const byte* data, word32 len, byte* hash,
|
||
|
word32 hashLen)
|
||
|
{
|
||
|
int ret = 0;
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
wc_Shake* shake;
|
||
|
#else
|
||
|
wc_Shake shake[1];
|
||
|
#endif
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
shake = (wc_Shake*)XMALLOC(sizeof(wc_Shake), NULL,
|
||
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
if (shake == NULL)
|
||
|
return MEMORY_E;
|
||
|
#endif
|
||
|
|
||
|
if ((ret = wc_InitShake256(shake, NULL, INVALID_DEVID)) != 0) {
|
||
|
WOLFSSL_MSG("InitShake256 failed");
|
||
|
}
|
||
|
else {
|
||
|
if ((ret = wc_Shake256_Update(shake, data, len)) != 0) {
|
||
|
WOLFSSL_MSG("Shake256_Update failed");
|
||
|
}
|
||
|
else if ((ret = wc_Shake256_Final(shake, hash, hashLen)) != 0) {
|
||
|
WOLFSSL_MSG("Shake256_Final failed");
|
||
|
}
|
||
|
wc_Shake256_Free(shake);
|
||
|
}
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
XFREE(shake, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||
|
#endif
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
#endif /* WOLFSSL_SHAKE_256 && !WOLFSSL_NO_SHAKE256 */
|
||
|
#endif /* WOLFSSL_SHA3 */
|
||
|
|
||
|
#endif /* !NO_HASH_WRAPPER */
|
||
|
|
||
|
#ifdef WOLFSSL_HAVE_PRF
|
||
|
|
||
|
#ifdef WOLFSSL_SHA384
|
||
|
#define P_HASH_MAX_SIZE WC_SHA384_DIGEST_SIZE
|
||
|
#else
|
||
|
#define P_HASH_MAX_SIZE WC_SHA256_DIGEST_SIZE
|
||
|
#endif
|
||
|
|
||
|
/* Pseudo Random Function for MD5, SHA-1, SHA-256, or SHA-384 */
|
||
|
int wc_PRF(byte* result, word32 resLen, const byte* secret,
|
||
|
word32 secLen, const byte* seed, word32 seedLen, int hash,
|
||
|
void* heap, int devId)
|
||
|
{
|
||
|
word32 len = P_HASH_MAX_SIZE;
|
||
|
word32 times;
|
||
|
word32 lastLen;
|
||
|
word32 lastTime;
|
||
|
word32 i;
|
||
|
word32 idx = 0;
|
||
|
int ret = 0;
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
byte* previous;
|
||
|
byte* current;
|
||
|
Hmac* hmac;
|
||
|
#else
|
||
|
byte previous[P_HASH_MAX_SIZE]; /* max size */
|
||
|
byte current[P_HASH_MAX_SIZE]; /* max size */
|
||
|
Hmac hmac[1];
|
||
|
#endif
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
previous = (byte*)XMALLOC(P_HASH_MAX_SIZE, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
current = (byte*)XMALLOC(P_HASH_MAX_SIZE, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
hmac = (Hmac*)XMALLOC(sizeof(Hmac), heap, DYNAMIC_TYPE_HMAC);
|
||
|
|
||
|
if (previous == NULL || current == NULL || hmac == NULL) {
|
||
|
if (previous) XFREE(previous, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
if (current) XFREE(current, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
if (hmac) XFREE(hmac, heap, DYNAMIC_TYPE_HMAC);
|
||
|
|
||
|
return MEMORY_E;
|
||
|
}
|
||
|
#endif
|
||
|
|
||
|
switch (hash) {
|
||
|
#ifndef NO_MD5
|
||
|
case md5_mac:
|
||
|
hash = WC_MD5;
|
||
|
len = WC_MD5_DIGEST_SIZE;
|
||
|
break;
|
||
|
#endif
|
||
|
|
||
|
#ifndef NO_SHA256
|
||
|
case sha256_mac:
|
||
|
hash = WC_SHA256;
|
||
|
len = WC_SHA256_DIGEST_SIZE;
|
||
|
break;
|
||
|
#endif
|
||
|
|
||
|
#ifdef WOLFSSL_SHA384
|
||
|
case sha384_mac:
|
||
|
hash = WC_SHA384;
|
||
|
len = WC_SHA384_DIGEST_SIZE;
|
||
|
break;
|
||
|
#endif
|
||
|
|
||
|
#ifndef NO_SHA
|
||
|
case sha_mac:
|
||
|
default:
|
||
|
hash = WC_SHA;
|
||
|
len = WC_SHA_DIGEST_SIZE;
|
||
|
break;
|
||
|
#endif
|
||
|
}
|
||
|
|
||
|
times = resLen / len;
|
||
|
lastLen = resLen % len;
|
||
|
|
||
|
if (lastLen)
|
||
|
times += 1;
|
||
|
|
||
|
lastTime = times - 1;
|
||
|
|
||
|
ret = wc_HmacInit(hmac, heap, devId);
|
||
|
if (ret == 0) {
|
||
|
ret = wc_HmacSetKey(hmac, hash, secret, secLen);
|
||
|
if (ret == 0)
|
||
|
ret = wc_HmacUpdate(hmac, seed, seedLen); /* A0 = seed */
|
||
|
if (ret == 0)
|
||
|
ret = wc_HmacFinal(hmac, previous); /* A1 */
|
||
|
if (ret == 0) {
|
||
|
for (i = 0; i < times; i++) {
|
||
|
ret = wc_HmacUpdate(hmac, previous, len);
|
||
|
if (ret != 0)
|
||
|
break;
|
||
|
ret = wc_HmacUpdate(hmac, seed, seedLen);
|
||
|
if (ret != 0)
|
||
|
break;
|
||
|
ret = wc_HmacFinal(hmac, current);
|
||
|
if (ret != 0)
|
||
|
break;
|
||
|
|
||
|
if ((i == lastTime) && lastLen)
|
||
|
XMEMCPY(&result[idx], current,
|
||
|
min(lastLen, P_HASH_MAX_SIZE));
|
||
|
else {
|
||
|
XMEMCPY(&result[idx], current, len);
|
||
|
idx += len;
|
||
|
ret = wc_HmacUpdate(hmac, previous, len);
|
||
|
if (ret != 0)
|
||
|
break;
|
||
|
ret = wc_HmacFinal(hmac, previous);
|
||
|
if (ret != 0)
|
||
|
break;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
wc_HmacFree(hmac);
|
||
|
}
|
||
|
|
||
|
ForceZero(previous, P_HASH_MAX_SIZE);
|
||
|
ForceZero(current, P_HASH_MAX_SIZE);
|
||
|
ForceZero(hmac, sizeof(Hmac));
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
XFREE(previous, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
XFREE(current, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
XFREE(hmac, heap, DYNAMIC_TYPE_HMAC);
|
||
|
#endif
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
#undef P_HASH_MAX_SIZE
|
||
|
|
||
|
/* compute PRF (pseudo random function) using SHA1 and MD5 for TLSv1 */
|
||
|
int wc_PRF_TLSv1(byte* digest, word32 digLen, const byte* secret,
|
||
|
word32 secLen, const byte* label, word32 labLen,
|
||
|
const byte* seed, word32 seedLen, void* heap, int devId)
|
||
|
{
|
||
|
int ret = 0;
|
||
|
word32 half = (secLen + 1) / 2;
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
byte* md5_half;
|
||
|
byte* sha_half;
|
||
|
byte* md5_result;
|
||
|
byte* sha_result;
|
||
|
#else
|
||
|
byte md5_half[MAX_PRF_HALF]; /* half is real size */
|
||
|
byte sha_half[MAX_PRF_HALF]; /* half is real size */
|
||
|
byte md5_result[MAX_PRF_DIG]; /* digLen is real size */
|
||
|
byte sha_result[MAX_PRF_DIG]; /* digLen is real size */
|
||
|
#endif
|
||
|
#if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH)
|
||
|
DECLARE_VAR(labelSeed, byte, MAX_PRF_LABSEED, heap);
|
||
|
if (labelSeed == NULL)
|
||
|
return MEMORY_E;
|
||
|
#else
|
||
|
byte labelSeed[MAX_PRF_LABSEED];
|
||
|
#endif
|
||
|
|
||
|
if (half > MAX_PRF_HALF ||
|
||
|
labLen + seedLen > MAX_PRF_LABSEED ||
|
||
|
digLen > MAX_PRF_DIG)
|
||
|
{
|
||
|
#if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH)
|
||
|
FREE_VAR(labelSeed, heap);
|
||
|
#endif
|
||
|
return BUFFER_E;
|
||
|
}
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
md5_half = (byte*)XMALLOC(MAX_PRF_HALF, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
sha_half = (byte*)XMALLOC(MAX_PRF_HALF, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
md5_result = (byte*)XMALLOC(MAX_PRF_DIG, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
sha_result = (byte*)XMALLOC(MAX_PRF_DIG, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
|
||
|
if (md5_half == NULL || sha_half == NULL || md5_result == NULL ||
|
||
|
sha_result == NULL) {
|
||
|
if (md5_half) XFREE(md5_half, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
if (sha_half) XFREE(sha_half, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
if (md5_result) XFREE(md5_result, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
if (sha_result) XFREE(sha_result, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
#if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH)
|
||
|
FREE_VAR(labelSeed, heap);
|
||
|
#endif
|
||
|
|
||
|
return MEMORY_E;
|
||
|
}
|
||
|
#endif
|
||
|
|
||
|
XMEMSET(md5_result, 0, digLen);
|
||
|
XMEMSET(sha_result, 0, digLen);
|
||
|
|
||
|
XMEMCPY(md5_half, secret, half);
|
||
|
XMEMCPY(sha_half, secret + half - secLen % 2, half);
|
||
|
|
||
|
XMEMCPY(labelSeed, label, labLen);
|
||
|
XMEMCPY(labelSeed + labLen, seed, seedLen);
|
||
|
|
||
|
if ((ret = wc_PRF(md5_result, digLen, md5_half, half, labelSeed,
|
||
|
labLen + seedLen, md5_mac, heap, devId)) == 0) {
|
||
|
if ((ret = wc_PRF(sha_result, digLen, sha_half, half, labelSeed,
|
||
|
labLen + seedLen, sha_mac, heap, devId)) == 0) {
|
||
|
/* calculate XOR for TLSv1 PRF */
|
||
|
XMEMCPY(digest, md5_result, digLen);
|
||
|
xorbuf(digest, sha_result, digLen);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
#ifdef WOLFSSL_SMALL_STACK
|
||
|
XFREE(md5_half, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
XFREE(sha_half, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
XFREE(md5_result, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
XFREE(sha_result, heap, DYNAMIC_TYPE_DIGEST);
|
||
|
#endif
|
||
|
|
||
|
#if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH)
|
||
|
FREE_VAR(labelSeed, heap);
|
||
|
#endif
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
/* Wrapper for TLS 1.2 and TLSv1 cases to calculate PRF */
|
||
|
/* In TLS 1.2 case call straight thru to wc_PRF */
|
||
|
int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen,
|
||
|
const byte* label, word32 labLen, const byte* seed, word32 seedLen,
|
||
|
int useAtLeastSha256, int hash_type, void* heap, int devId)
|
||
|
{
|
||
|
int ret = 0;
|
||
|
|
||
|
if (useAtLeastSha256) {
|
||
|
#if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH)
|
||
|
DECLARE_VAR(labelSeed, byte, MAX_PRF_LABSEED, heap);
|
||
|
if (labelSeed == NULL)
|
||
|
return MEMORY_E;
|
||
|
#else
|
||
|
byte labelSeed[MAX_PRF_LABSEED];
|
||
|
#endif
|
||
|
|
||
|
if (labLen + seedLen > MAX_PRF_LABSEED)
|
||
|
return BUFFER_E;
|
||
|
|
||
|
XMEMCPY(labelSeed, label, labLen);
|
||
|
XMEMCPY(labelSeed + labLen, seed, seedLen);
|
||
|
|
||
|
/* If a cipher suite wants an algorithm better than sha256, it
|
||
|
* should use better. */
|
||
|
if (hash_type < sha256_mac || hash_type == blake2b_mac)
|
||
|
hash_type = sha256_mac;
|
||
|
/* compute PRF for MD5, SHA-1, SHA-256, or SHA-384 for TLSv1.2 PRF */
|
||
|
ret = wc_PRF(digest, digLen, secret, secLen, labelSeed,
|
||
|
labLen + seedLen, hash_type, heap, devId);
|
||
|
|
||
|
#if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH)
|
||
|
FREE_VAR(labelSeed, heap);
|
||
|
#endif
|
||
|
}
|
||
|
#ifndef NO_OLD_TLS
|
||
|
else {
|
||
|
/* compute TLSv1 PRF (pseudo random function using HMAC) */
|
||
|
ret = wc_PRF_TLSv1(digest, digLen, secret, secLen, label, labLen, seed,
|
||
|
seedLen, heap, devId);
|
||
|
}
|
||
|
#endif
|
||
|
|
||
|
return ret;
|
||
|
}
|
||
|
#endif /* WOLFSSL_HAVE_PRF */
|