mirror of https://github.com/wolfSSL/wolfssl
save iPad, oPad. test long key
This commit is contained in:
parent
30e6ec5396
commit
56efe657fc
110
src/ssl.c
110
src/ssl.c
|
@ -12977,7 +12977,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
|
|||
#ifndef NO_MD4
|
||||
{MD4, "MD4"},
|
||||
#endif /* NO_MD4 */
|
||||
|
||||
|
||||
#ifndef NO_MD5
|
||||
{WC_MD5, "MD5"},
|
||||
#endif /* NO_MD5 */
|
||||
|
@ -19479,16 +19479,16 @@ const char* wolfSSL_state_string_long(const WOLFSSL* ssl)
|
|||
break;
|
||||
case DTLS_MAJOR:
|
||||
switch (ssl->version.minor){
|
||||
case DTLS_MINOR:
|
||||
protocol = DTLS_V1;
|
||||
break;
|
||||
case DTLSv1_2_MINOR:
|
||||
protocol = DTLS_V1_2;
|
||||
break;
|
||||
default:
|
||||
protocol = UNKNOWN;
|
||||
}
|
||||
break;
|
||||
case DTLS_MINOR:
|
||||
protocol = DTLS_V1;
|
||||
break;
|
||||
case DTLSv1_2_MINOR:
|
||||
protocol = DTLS_V1_2;
|
||||
break;
|
||||
default:
|
||||
protocol = UNKNOWN;
|
||||
}
|
||||
break;
|
||||
default:
|
||||
protocol = UNKNOWN;
|
||||
}
|
||||
|
@ -24729,8 +24729,10 @@ int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_HMAC_CTX* src)
|
|||
des->hmac.heap = src->hmac.heap;
|
||||
des->hmac.macType = src->hmac.macType;
|
||||
des->hmac.innerHashKeyed = src->hmac.innerHashKeyed;
|
||||
des->save_len = src->save_len;
|
||||
XMEMCPY(des->save_key, src->save_key, src->save_len);
|
||||
XMEMCPY((byte *)&des->save_ipad, (byte *)&src->hmac.ipad,
|
||||
HMAC_BLOCK_SIZE);
|
||||
XMEMCPY((byte *)&des->save_opad, (byte *)&src->hmac.opad,
|
||||
HMAC_BLOCK_SIZE);
|
||||
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
XMEMCPY(des->hmac.asyncDev, src->hmac.asyncDev, sizeof(WC_ASYNC_DEV));
|
||||
|
@ -24749,7 +24751,67 @@ int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_HMAC_CTX* src)
|
|||
return SSL_SUCCESS;
|
||||
}
|
||||
|
||||
/* duplicate from wolfcrypt/src/hmac.c needs refactored */
|
||||
static int _InitHmac(Hmac* hmac, int type, void* heap)
|
||||
{
|
||||
int ret = 0;
|
||||
|
||||
switch (type) {
|
||||
#ifndef NO_MD5
|
||||
case MD5:
|
||||
ret = wc_InitMd5(&hmac->hash.md5);
|
||||
break;
|
||||
#endif /* !NO_MD5 */
|
||||
|
||||
#ifndef NO_SHA
|
||||
case SHA:
|
||||
ret = wc_InitSha(&hmac->hash.sha);
|
||||
break;
|
||||
#endif /* !NO_SHA */
|
||||
|
||||
#ifdef WOLFSSL_SHA224
|
||||
case SHA224:
|
||||
ret = wc_InitSha224(&hmac->hash.sha224);
|
||||
break;
|
||||
#endif /* WOLFSSL_SHA224 */
|
||||
|
||||
#ifndef NO_SHA256
|
||||
case SHA256:
|
||||
ret = wc_InitSha256(&hmac->hash.sha256);
|
||||
break;
|
||||
#endif /* !NO_SHA256 */
|
||||
|
||||
#ifdef WOLFSSL_SHA512
|
||||
#ifdef WOLFSSL_SHA384
|
||||
case SHA384:
|
||||
ret = wc_InitSha384(&hmac->hash.sha384);
|
||||
break;
|
||||
#endif /* WOLFSSL_SHA384 */
|
||||
case SHA512:
|
||||
ret = wc_InitSha512(&hmac->hash.sha512);
|
||||
break;
|
||||
#endif /* WOLFSSL_SHA512 */
|
||||
|
||||
#ifdef HAVE_BLAKE2
|
||||
case BLAKE2B_ID:
|
||||
ret = wc_InitBlake2b(&hmac->hash.blake2b, BLAKE2B_256);
|
||||
break;
|
||||
#endif /* HAVE_BLAKE2 */
|
||||
|
||||
default:
|
||||
ret = BAD_FUNC_ARG;
|
||||
break;
|
||||
}
|
||||
|
||||
/* default to NULL heap hint or test value */
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
hmac->heap = (void)WOLFSSL_HEAP_TEST;
|
||||
#else
|
||||
hmac->heap = heap;
|
||||
#endif /* WOLFSSL_HEAP_TEST */
|
||||
|
||||
return ret;
|
||||
}
|
||||
int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
|
||||
const EVP_MD* type)
|
||||
{
|
||||
|
@ -24761,10 +24823,6 @@ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
|
|||
WOLFSSL_MSG("no ctx on init");
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
if (key && (keylen > HMAC_BLOCK_SIZE)) {
|
||||
WOLFSSL_MSG("invalid keylen");
|
||||
return SSL_FAILURE;
|
||||
}
|
||||
if (type) {
|
||||
WOLFSSL_MSG("init has type");
|
||||
|
||||
|
@ -24810,15 +24868,25 @@ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
|
|||
wc_HmacFree(&ctx->hmac);
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
XMEMCPY((byte *)&ctx->save_key, (const byte*)key, (word32)keylen);
|
||||
ctx->save_len = keylen;
|
||||
XMEMCPY((byte *)&ctx->save_ipad, (byte *)&ctx->hmac.ipad,
|
||||
HMAC_BLOCK_SIZE);
|
||||
XMEMCPY((byte *)&ctx->save_opad, (byte *)&ctx->hmac.opad,
|
||||
HMAC_BLOCK_SIZE);
|
||||
}
|
||||
/* OpenSSL compat, no error */
|
||||
} else if(ctx->type >= 0) { /* MD5 == 0 */
|
||||
WOLFSSL_MSG("recover hmac");
|
||||
if (wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID) == 0) {
|
||||
wc_HmacSetKey(&ctx->hmac, ctx->type, (byte *)&ctx->save_key,
|
||||
(word32)ctx->save_len);
|
||||
ctx->hmac.macType = ctx->type;
|
||||
ctx->hmac.innerHashKeyed = 0;
|
||||
XMEMCPY((byte *)&ctx->hmac.ipad, (byte *)&ctx->save_ipad,
|
||||
HMAC_BLOCK_SIZE);
|
||||
XMEMCPY((byte *)&ctx->hmac.opad, (byte *)&ctx->save_opad,
|
||||
HMAC_BLOCK_SIZE);
|
||||
if ((hmac_error = _InitHmac(&ctx->hmac, ctx->hmac.macType, ctx->hmac.heap))
|
||||
!=0) {
|
||||
return hmac_error;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
39
tests/api.c
39
tests/api.c
|
@ -16033,9 +16033,16 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
|
|||
|
||||
unsigned char key[] = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
|
||||
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
|
||||
unsigned char long_key[] =
|
||||
"0123456789012345678901234567890123456789"
|
||||
"0123456789012345678901234567890123456789"
|
||||
"0123456789012345678901234567890123456789"
|
||||
"0123456789012345678901234567890123456789";
|
||||
|
||||
unsigned char msg[] = "message to hash";
|
||||
unsigned int digestSz = 64;
|
||||
int keySz = sizeof(key);
|
||||
int long_keySz = sizeof(long_key);
|
||||
int msgSz = sizeof(msg);
|
||||
|
||||
unsigned char digest2[64];
|
||||
|
@ -16059,7 +16066,9 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
|
|||
AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
|
||||
|
||||
/* test HMAC_Init with NULL key */
|
||||
printf("test HMAC_Init with NULL key (1)\n");
|
||||
|
||||
/* init after copy */
|
||||
printf("test HMAC_Init with NULL key (0)\n");
|
||||
HMAC_CTX_init(&ctx1);
|
||||
AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
|
||||
|
@ -16075,12 +16084,36 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
|
|||
|
||||
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Final(&ctx2, digest, &digestSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
|
||||
|
||||
HMAC_CTX_cleanup(&ctx2);
|
||||
AssertIntEQ(digestSz, digestSz2);
|
||||
AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
|
||||
|
||||
/* long key */
|
||||
printf("test HMAC_Init with NULL key (1)\n");
|
||||
HMAC_CTX_init(&ctx1);
|
||||
AssertIntEQ(HMAC_Init(&ctx1, (const void*)long_key, long_keySz, type), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
|
||||
|
||||
AssertIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
|
||||
|
||||
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
|
||||
|
||||
AssertIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
|
||||
|
||||
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
|
||||
|
||||
HMAC_CTX_cleanup(&ctx2);
|
||||
AssertIntEQ(digestSz, digestSz2);
|
||||
AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
|
||||
|
||||
/* init before copy */
|
||||
printf("test HMAC_Init with NULL key (2)\n");
|
||||
HMAC_CTX_init(&ctx1);
|
||||
AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
|
||||
|
@ -16094,7 +16127,7 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
|
|||
|
||||
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Final(&ctx2, digest, &digestSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
|
||||
|
||||
HMAC_CTX_cleanup(&ctx2);
|
||||
AssertIntEQ(digestSz, digestSz2);
|
||||
|
|
|
@ -53,8 +53,8 @@ WOLFSSL_API unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md,
|
|||
typedef struct WOLFSSL_HMAC_CTX {
|
||||
Hmac hmac;
|
||||
int type;
|
||||
byte save_key[HMAC_BLOCK_SIZE]; /* save initial hmac after wc_HmacSetKey */
|
||||
word32 save_len;
|
||||
word32 save_ipad[HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
|
||||
word32 save_opad[HMAC_BLOCK_SIZE / sizeof(word32)];
|
||||
} WOLFSSL_HMAC_CTX;
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue