From 0dc98b8299043dd7f6b021bf7168eb94e43cd308 Mon Sep 17 00:00:00 2001 From: TakayukiMatsuo Date: Sun, 1 Aug 2021 04:09:55 +0900 Subject: [PATCH] Add support for EVP_shake128/256 --- tests/api.c | 27 +++++++++++++++++++++++++++ wolfcrypt/src/evp.c | 33 +++++++++++++++++++++++++++++++++ wolfcrypt/src/hash.c | 32 +++++++++++++++++++++++++++++++- wolfcrypt/src/rsa.c | 2 ++ wolfssl/openssl/evp.h | 6 ++++++ wolfssl/wolfcrypt/asn.h | 4 +++- wolfssl/wolfcrypt/sha3.h | 4 ++++ wolfssl/wolfcrypt/types.h | 10 ++++++---- 8 files changed, 112 insertions(+), 6 deletions(-) diff --git a/tests/api.c b/tests/api.c index 2468f3195..627ad9764 100644 --- a/tests/api.c +++ b/tests/api.c @@ -46109,6 +46109,31 @@ static void test_wolfSSL_ERR_strings(void) printf(resultFmt, passed); #endif } +static void test_wolfSSL_EVP_shake128() +{ +#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA3) && \ + defined(WOLFSSL_SHAKE128) + printf(testingFmt, "test_wolfSSL_EVP_shake128"); + const EVP_MD* md = NULL; + md = EVP_shake128(); + AssertTrue(md != NULL); + AssertIntEQ(XSTRNCMP(md, "SHAKE128", XSTRLEN("SHAKE128")), 0); + printf(resultFmt, passed); +#endif +} + +static void test_wolfSSL_EVP_shake256() +{ +#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA3) && \ + defined(WOLFSSL_SHAKE256) + printf(testingFmt, "test_wolfSSL_EVP_shake256"); + const EVP_MD* md = NULL; + md = EVP_shake256(); + AssertTrue(md != NULL); + AssertIntEQ(XSTRNCMP(md, "SHAKE256", XSTRLEN("SHAKE256")), 0); + printf(resultFmt, passed); +#endif +} static void test_EVP_blake2() { @@ -46154,6 +46179,8 @@ void ApiTest(void) test_for_double_Free(); #endif test_wolfSSL_ERR_strings(); + test_wolfSSL_EVP_shake128(); + test_wolfSSL_EVP_shake256(); test_EVP_blake2(); test_wolfSSL_CTX_use_certificate_file(); AssertIntEQ(test_wolfSSL_CTX_use_certificate_buffer(), WOLFSSL_SUCCESS); diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 91a895797..08d498344 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -2351,6 +2351,12 @@ static const struct s_ent { #endif #ifdef HAVE_BLAKE2S {WC_HASH_TYPE_BLAKE2S, NID_blake2s256, "BLAKE2S256"}, +#endif +#ifdef WOLFSSL_SHAKE128 + {WC_HASH_TYPE_SHAKE128, NID_shake128, "SHAKE128"}, +#endif +#ifdef WOLFSSL_SHAKE256 + {WC_HASH_TYPE_SHAKE256, NID_shake256, "SHAKE256"}, #endif {WC_HASH_TYPE_NONE, 0, NULL} }; @@ -3736,8 +3742,27 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) return EVP_get_digestbyname("SHA3_512"); } #endif /* WOLFSSL_NOSHA3_512 */ + +#ifdef WOLFSSL_SHAKE128 + const WOLFSSL_EVP_MD* wolfSSL_EVP_shake128(void) + { + WOLFSSL_ENTER("EVP_shake128"); + return EVP_get_digestbyname("SHAKE128"); + } +#endif /* WOLFSSL_SHAKE128 */ + +#ifdef WOLFSSL_SHAKE256 + const WOLFSSL_EVP_MD* wolfSSL_EVP_shake256(void) + { + WOLFSSL_ENTER("EVP_shake256"); + return EVP_get_digestbyname("SHAKE256"); + } +#endif /* WOLFSSL_SHAKE256 */ + #endif /* WOLFSSL_SHA3 */ + + WOLFSSL_EVP_MD_CTX *wolfSSL_EVP_MD_CTX_new(void) { WOLFSSL_EVP_MD_CTX* ctx; @@ -3895,6 +3920,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) case WC_HASH_TYPE_MD5_SHA: case WC_HASH_TYPE_BLAKE2B: case WC_HASH_TYPE_BLAKE2S: + case WC_HASH_TYPE_SHAKE128: + case WC_HASH_TYPE_SHAKE256: default: ret = BAD_FUNC_ARG; break; @@ -4294,6 +4321,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) case WC_HASH_TYPE_MD5_SHA: case WC_HASH_TYPE_BLAKE2B: case WC_HASH_TYPE_BLAKE2S: + case WC_HASH_TYPE_SHAKE128: + case WC_HASH_TYPE_SHAKE256: default: ret = WOLFSSL_FAILURE; break; @@ -5988,6 +6017,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) case WC_HASH_TYPE_MD5_SHA: case WC_HASH_TYPE_BLAKE2B: case WC_HASH_TYPE_BLAKE2S: + case WC_HASH_TYPE_SHAKE128: + case WC_HASH_TYPE_SHAKE256: default: return WOLFSSL_FAILURE; } @@ -6077,6 +6108,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) case WC_HASH_TYPE_MD5_SHA: case WC_HASH_TYPE_BLAKE2B: case WC_HASH_TYPE_BLAKE2S: + case WC_HASH_TYPE_SHAKE128: + case WC_HASH_TYPE_SHAKE256: default: return WOLFSSL_FAILURE; } diff --git a/wolfcrypt/src/hash.c b/wolfcrypt/src/hash.c index b58a2c33a..db8217080 100644 --- a/wolfcrypt/src/hash.c +++ b/wolfcrypt/src/hash.c @@ -55,7 +55,9 @@ enum Hash_Sum { SHA3_224h = 420, SHA3_256h = 421, SHA3_384h = 422, - SHA3_512h = 423 + SHA3_512h = 423, + SHAKE128h = 424, + SHAKE256h = 425 }; #endif /* !NO_ASN */ @@ -193,6 +195,16 @@ int wc_HashGetOID(enum wc_HashType hash_type) oid = SHA3_512h; #endif break; + case WC_HASH_TYPE_SHAKE128: + #if defined(WOLFSSL_SHA3) && defined(WOLFSSL_SHAKE128) + oid = SHAKE128h; + #endif + break; + case WC_HASH_TYPE_SHAKE256: + #if defined(WOLFSSL_SHA3) && defined(WOLFSSL_SHAKE256) + oid = SHAKE256h; + #endif + break; /* Not Supported */ case WC_HASH_TYPE_MD4: @@ -349,6 +361,8 @@ int wc_HashGetDigestSize(enum wc_HashType hash_type) break; /* Not Supported */ + case WC_HASH_TYPE_SHAKE128: + case WC_HASH_TYPE_SHAKE256: case WC_HASH_TYPE_NONE: default: dig_size = BAD_FUNC_ARG; @@ -438,6 +452,8 @@ int wc_HashGetBlockSize(enum wc_HashType hash_type) break; /* Not Supported */ + case WC_HASH_TYPE_SHAKE128: + case WC_HASH_TYPE_SHAKE256: case WC_HASH_TYPE_NONE: default: block_size = BAD_FUNC_ARG; @@ -532,6 +548,8 @@ int wc_Hash(enum wc_HashType hash_type, const byte* data, case WC_HASH_TYPE_MD4: case WC_HASH_TYPE_BLAKE2B: case WC_HASH_TYPE_BLAKE2S: + case WC_HASH_TYPE_SHAKE128: + case WC_HASH_TYPE_SHAKE256: case WC_HASH_TYPE_NONE: default: ret = BAD_FUNC_ARG; @@ -607,6 +625,8 @@ int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap, case WC_HASH_TYPE_MD4: case WC_HASH_TYPE_BLAKE2B: case WC_HASH_TYPE_BLAKE2S: + case WC_HASH_TYPE_SHAKE128: + case WC_HASH_TYPE_SHAKE256: case WC_HASH_TYPE_NONE: default: ret = BAD_FUNC_ARG; @@ -690,6 +710,8 @@ int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data, case WC_HASH_TYPE_MD4: case WC_HASH_TYPE_BLAKE2B: case WC_HASH_TYPE_BLAKE2S: + case WC_HASH_TYPE_SHAKE128: + case WC_HASH_TYPE_SHAKE256: case WC_HASH_TYPE_NONE: default: ret = BAD_FUNC_ARG; @@ -764,6 +786,8 @@ int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out) case WC_HASH_TYPE_MD4: case WC_HASH_TYPE_BLAKE2B: case WC_HASH_TYPE_BLAKE2S: + case WC_HASH_TYPE_SHAKE128: + case WC_HASH_TYPE_SHAKE256: case WC_HASH_TYPE_NONE: default: ret = BAD_FUNC_ARG; @@ -848,6 +872,8 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type) case WC_HASH_TYPE_MD4: case WC_HASH_TYPE_BLAKE2B: case WC_HASH_TYPE_BLAKE2S: + case WC_HASH_TYPE_SHAKE128: + case WC_HASH_TYPE_SHAKE256: case WC_HASH_TYPE_NONE: default: ret = BAD_FUNC_ARG; @@ -912,6 +938,8 @@ int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type, word32 flags) case WC_HASH_TYPE_BLAKE2B: case WC_HASH_TYPE_BLAKE2S: case WC_HASH_TYPE_NONE: + case WC_HASH_TYPE_SHAKE128: + case WC_HASH_TYPE_SHAKE256: default: ret = BAD_FUNC_ARG; }; @@ -972,6 +1000,8 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) case WC_HASH_TYPE_MD4: case WC_HASH_TYPE_BLAKE2B: case WC_HASH_TYPE_BLAKE2S: + case WC_HASH_TYPE_SHAKE128: + case WC_HASH_TYPE_SHAKE256: case WC_HASH_TYPE_NONE: default: ret = BAD_FUNC_ARG; diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 60dabae18..22158a551 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -1860,6 +1860,8 @@ int wc_hash2mgf(enum wc_HashType hType) case WC_HASH_TYPE_SHA3_512: case WC_HASH_TYPE_BLAKE2B: case WC_HASH_TYPE_BLAKE2S: + case WC_HASH_TYPE_SHAKE128: + case WC_HASH_TYPE_SHAKE256: default: break; } diff --git a/wolfssl/openssl/evp.h b/wolfssl/openssl/evp.h index 2cdf6fa8f..1a412ca37 100644 --- a/wolfssl/openssl/evp.h +++ b/wolfssl/openssl/evp.h @@ -93,6 +93,8 @@ WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha256(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha384(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_ripemd160(void); +WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_shake128(void); +WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_shake256(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_224(void); WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_256(void); @@ -293,6 +295,8 @@ enum { NID_sha3_512 = 1099, NID_blake2b512 = 1056, NID_blake2s256 = 1057, + NID_shake128 = 1100, + NID_shake256 = 1101, }; enum { @@ -737,6 +741,8 @@ typedef WOLFSSL_ASN1_PCTX ASN1_PCTX; #define EVP_sha384 wolfSSL_EVP_sha384 #define EVP_sha512 wolfSSL_EVP_sha512 #define EVP_ripemd160 wolfSSL_EVP_ripemd160 +#define EVP_shake128 wolfSSL_EVP_shake128 +#define EVP_shake256 wolfSSL_EVP_shake256 #define EVP_set_pw_prompt wolfSSL_EVP_set_pw_prompt #define EVP_sha3_224 wolfSSL_EVP_sha3_224 diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index 3d8967897..0be5b9b7f 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -457,7 +457,9 @@ enum Hash_Sum { SHA3_224h = 420, SHA3_256h = 421, SHA3_384h = 422, - SHA3_512h = 423 + SHA3_512h = 423, + SHAKE128h = 424, + SHAKE256h = 425 }; diff --git a/wolfssl/wolfcrypt/sha3.h b/wolfssl/wolfcrypt/sha3.h index 19347b049..f719a5700 100644 --- a/wolfssl/wolfcrypt/sha3.h +++ b/wolfssl/wolfcrypt/sha3.h @@ -58,6 +58,8 @@ enum { WC_SHA3_512_DIGEST_SIZE = 64, WC_SHA3_512_COUNT = 9, + WC_SHAKE128 = WC_HASH_TYPE_SHAKE128, + WC_SHAKE256 = WC_HASH_TYPE_SHAKE256, #if !defined(HAVE_SELFTEST) || \ defined(HAVE_SELFTEST_VERSION) && (HAVE_SELFTEST_VERSION >= 2) /* These values are used for HMAC, not SHA-3 directly. @@ -79,6 +81,8 @@ enum { #define SHA3_512 WC_SHA3_512 #define SHA3_512_DIGEST_SIZE WC_SHA3_512_DIGEST_SIZE #define Sha3 wc_Sha3 + #define SHAKE128 WC_SHAKE128 + #define SHAKE256 WC_SHAKE256 #endif diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index f125707d8..7bc885194 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -851,8 +851,9 @@ decouple library dependencies with standard string, memory and so on. WC_HASH_TYPE_SHA3_512 = 13, WC_HASH_TYPE_BLAKE2B = 14, WC_HASH_TYPE_BLAKE2S = 19, - - WC_HASH_TYPE_MAX = WC_HASH_TYPE_BLAKE2S + WC_HASH_TYPE_SHAKE128 = 22, + WC_HASH_TYPE_SHAKE256 = 23, + WC_HASH_TYPE_MAX = WC_HASH_TYPE_SHAKE256 #else WC_HASH_TYPE_NONE = 0, WC_HASH_TYPE_MD2 = 1, @@ -870,8 +871,9 @@ decouple library dependencies with standard string, memory and so on. WC_HASH_TYPE_SHA3_512 = 13, WC_HASH_TYPE_BLAKE2B = 14, WC_HASH_TYPE_BLAKE2S = 15, - - WC_HASH_TYPE_MAX = WC_HASH_TYPE_BLAKE2S + WC_HASH_TYPE_SHAKE128 = 18, + WC_HASH_TYPE_SHAKE256 = 19, + WC_HASH_TYPE_MAX = WC_HASH_TYPE_SHAKE256 #endif /* HAVE_SELFTEST */ };