mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

save iPad, oPad. test long key

This commit is contained in:
Takashi Kojo 2017-12-02 04:30:36 +09:00 committed by Jacob Barthelmeh
parent 30e6ec5396
commit 56efe657fc
3 changed files with 127 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
src/ssl.c
View File

@ -12977,7 +12977,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
#ifndef NO_MD4
{MD4, "MD4"},
#endif /* NO_MD4 */
#ifndef NO_MD5
{WC_MD5, "MD5"},
#endif /* NO_MD5 */
@ -19479,16 +19479,16 @@ const char* wolfSSL_state_string_long(const WOLFSSL* ssl)
break;
case DTLS_MAJOR:
switch (ssl->version.minor){
case DTLS_MINOR:
protocol = DTLS_V1;
break;
case DTLSv1_2_MINOR:
protocol = DTLS_V1_2;
break;
default:
protocol = UNKNOWN;
}
break;
case DTLS_MINOR:
protocol = DTLS_V1;
break;
case DTLSv1_2_MINOR:
protocol = DTLS_V1_2;
break;
default:
protocol = UNKNOWN;
}
break;
default:
protocol = UNKNOWN;
}
@ -24729,8 +24729,10 @@ int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_HMAC_CTX* src)
des->hmac.heap = src->hmac.heap;
des->hmac.macType = src->hmac.macType;
des->hmac.innerHashKeyed = src->hmac.innerHashKeyed;
des->save_len = src->save_len;
XMEMCPY(des->save_key, src->save_key, src->save_len);
XMEMCPY((byte *)&des->save_ipad, (byte *)&src->hmac.ipad,
HMAC_BLOCK_SIZE);
XMEMCPY((byte *)&des->save_opad, (byte *)&src->hmac.opad,
HMAC_BLOCK_SIZE);
#ifdef WOLFSSL_ASYNC_CRYPT
XMEMCPY(des->hmac.asyncDev, src->hmac.asyncDev, sizeof(WC_ASYNC_DEV));
@ -24749,7 +24751,67 @@ int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_HMAC_CTX* src)
return SSL_SUCCESS;
}
/* duplicate from wolfcrypt/src/hmac.c needs refactored */
static int _InitHmac(Hmac* hmac, int type, void* heap)
{
int ret = 0;
switch (type) {
#ifndef NO_MD5
case MD5:
ret = wc_InitMd5(&hmac->hash.md5);
break;
#endif /* !NO_MD5 */
#ifndef NO_SHA
case SHA:
ret = wc_InitSha(&hmac->hash.sha);
break;
#endif /* !NO_SHA */
#ifdef WOLFSSL_SHA224
case SHA224:
ret = wc_InitSha224(&hmac->hash.sha224);
break;
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
case SHA256:
ret = wc_InitSha256(&hmac->hash.sha256);
break;
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA512
#ifdef WOLFSSL_SHA384
case SHA384:
ret = wc_InitSha384(&hmac->hash.sha384);
break;
#endif /* WOLFSSL_SHA384 */
case SHA512:
ret = wc_InitSha512(&hmac->hash.sha512);
break;
#endif /* WOLFSSL_SHA512 */
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
ret = wc_InitBlake2b(&hmac->hash.blake2b, BLAKE2B_256);
break;
#endif /* HAVE_BLAKE2 */
default:
ret = BAD_FUNC_ARG;
break;
}
/* default to NULL heap hint or test value */
#ifdef WOLFSSL_HEAP_TEST
hmac->heap = (void)WOLFSSL_HEAP_TEST;
#else
hmac->heap = heap;
#endif /* WOLFSSL_HEAP_TEST */
return ret;
}
int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
const EVP_MD* type)
{
@ -24761,10 +24823,6 @@ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
WOLFSSL_MSG("no ctx on init");
return WOLFSSL_FAILURE;
}
if (key && (keylen > HMAC_BLOCK_SIZE)) {
WOLFSSL_MSG("invalid keylen");
return SSL_FAILURE;
}
if (type) {
WOLFSSL_MSG("init has type");
@ -24810,15 +24868,25 @@ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
wc_HmacFree(&ctx->hmac);
return WOLFSSL_FAILURE;
}
XMEMCPY((byte *)&ctx->save_key, (const byte*)key, (word32)keylen);
ctx->save_len = keylen;
XMEMCPY((byte *)&ctx->save_ipad, (byte *)&ctx->hmac.ipad,
HMAC_BLOCK_SIZE);
XMEMCPY((byte *)&ctx->save_opad, (byte *)&ctx->hmac.opad,
HMAC_BLOCK_SIZE);
}
/* OpenSSL compat, no error */
} else if(ctx->type >= 0) { /* MD5 == 0 */
WOLFSSL_MSG("recover hmac");
if (wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID) == 0) {
wc_HmacSetKey(&ctx->hmac, ctx->type, (byte *)&ctx->save_key,
(word32)ctx->save_len);
ctx->hmac.macType = ctx->type;
ctx->hmac.innerHashKeyed = 0;
XMEMCPY((byte *)&ctx->hmac.ipad, (byte *)&ctx->save_ipad,
HMAC_BLOCK_SIZE);
XMEMCPY((byte *)&ctx->hmac.opad, (byte *)&ctx->save_opad,
HMAC_BLOCK_SIZE);
if ((hmac_error = _InitHmac(&ctx->hmac, ctx->hmac.macType, ctx->hmac.heap))
!=0) {
return hmac_error;
}
}
}

39
tests/api.c
View File

@ -16033,9 +16033,16 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
unsigned char key[] = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
unsigned char long_key[] =
"0123456789012345678901234567890123456789"
"0123456789012345678901234567890123456789"
"0123456789012345678901234567890123456789"
"0123456789012345678901234567890123456789";
unsigned char msg[] = "message to hash";
unsigned int digestSz = 64;
int keySz = sizeof(key);
int long_keySz = sizeof(long_key);
int msgSz = sizeof(msg);
unsigned char digest2[64];
@ -16059,7 +16066,9 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
/* test HMAC_Init with NULL key */
printf("test HMAC_Init with NULL key (1)\n");
/* init after copy */
printf("test HMAC_Init with NULL key (0)\n");
HMAC_CTX_init(&ctx1);
AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
@ -16075,12 +16084,36 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Final(&ctx2, digest, &digestSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
HMAC_CTX_cleanup(&ctx2);
AssertIntEQ(digestSz, digestSz2);
AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
/* long key */
printf("test HMAC_Init with NULL key (1)\n");
HMAC_CTX_init(&ctx1);
AssertIntEQ(HMAC_Init(&ctx1, (const void*)long_key, long_keySz, type), SSL_SUCCESS);
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
AssertIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
HMAC_CTX_cleanup(&ctx2);
AssertIntEQ(digestSz, digestSz2);
AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
/* init before copy */
printf("test HMAC_Init with NULL key (2)\n");
HMAC_CTX_init(&ctx1);
AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
@ -16094,7 +16127,7 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Final(&ctx2, digest, &digestSz), SSL_SUCCESS);
AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
HMAC_CTX_cleanup(&ctx2);
AssertIntEQ(digestSz, digestSz2);

4
wolfssl/openssl/hmac.h
View File

@ -53,8 +53,8 @@ WOLFSSL_API unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md,
typedef struct WOLFSSL_HMAC_CTX {
Hmac hmac;
int type;
byte save_key[HMAC_BLOCK_SIZE]; /* save initial hmac after wc_HmacSetKey */
word32 save_len;
word32 save_ipad[HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
word32 save_opad[HMAC_BLOCK_SIZE / sizeof(word32)];
} WOLFSSL_HMAC_CTX;