diff --git a/src/ssl.c b/src/ssl.c index f1b5f1067..900e96dec 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -12977,7 +12977,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, #ifndef NO_MD4 {MD4, "MD4"}, #endif /* NO_MD4 */ - + #ifndef NO_MD5 {WC_MD5, "MD5"}, #endif /* NO_MD5 */ @@ -19479,16 +19479,16 @@ const char* wolfSSL_state_string_long(const WOLFSSL* ssl) break; case DTLS_MAJOR: switch (ssl->version.minor){ - case DTLS_MINOR: - protocol = DTLS_V1; - break; - case DTLSv1_2_MINOR: - protocol = DTLS_V1_2; - break; - default: - protocol = UNKNOWN; - } - break; + case DTLS_MINOR: + protocol = DTLS_V1; + break; + case DTLSv1_2_MINOR: + protocol = DTLS_V1_2; + break; + default: + protocol = UNKNOWN; + } + break; default: protocol = UNKNOWN; } @@ -24729,8 +24729,10 @@ int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_HMAC_CTX* src) des->hmac.heap = src->hmac.heap; des->hmac.macType = src->hmac.macType; des->hmac.innerHashKeyed = src->hmac.innerHashKeyed; - des->save_len = src->save_len; - XMEMCPY(des->save_key, src->save_key, src->save_len); + XMEMCPY((byte *)&des->save_ipad, (byte *)&src->hmac.ipad, + HMAC_BLOCK_SIZE); + XMEMCPY((byte *)&des->save_opad, (byte *)&src->hmac.opad, + HMAC_BLOCK_SIZE); #ifdef WOLFSSL_ASYNC_CRYPT XMEMCPY(des->hmac.asyncDev, src->hmac.asyncDev, sizeof(WC_ASYNC_DEV)); @@ -24749,7 +24751,67 @@ int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_HMAC_CTX* src) return SSL_SUCCESS; } +/* duplicate from wolfcrypt/src/hmac.c needs refactored */ +static int _InitHmac(Hmac* hmac, int type, void* heap) +{ + int ret = 0; + switch (type) { + #ifndef NO_MD5 + case MD5: + ret = wc_InitMd5(&hmac->hash.md5); + break; + #endif /* !NO_MD5 */ + + #ifndef NO_SHA + case SHA: + ret = wc_InitSha(&hmac->hash.sha); + break; + #endif /* !NO_SHA */ + + #ifdef WOLFSSL_SHA224 + case SHA224: + ret = wc_InitSha224(&hmac->hash.sha224); + break; + #endif /* WOLFSSL_SHA224 */ + + #ifndef NO_SHA256 + case SHA256: + ret = wc_InitSha256(&hmac->hash.sha256); + break; + #endif /* !NO_SHA256 */ + + #ifdef WOLFSSL_SHA512 + #ifdef WOLFSSL_SHA384 + case SHA384: + ret = wc_InitSha384(&hmac->hash.sha384); + break; + #endif /* WOLFSSL_SHA384 */ + case SHA512: + ret = wc_InitSha512(&hmac->hash.sha512); + break; + #endif /* WOLFSSL_SHA512 */ + + #ifdef HAVE_BLAKE2 + case BLAKE2B_ID: + ret = wc_InitBlake2b(&hmac->hash.blake2b, BLAKE2B_256); + break; + #endif /* HAVE_BLAKE2 */ + + default: + ret = BAD_FUNC_ARG; + break; + } + + /* default to NULL heap hint or test value */ +#ifdef WOLFSSL_HEAP_TEST + hmac->heap = (void)WOLFSSL_HEAP_TEST; +#else + hmac->heap = heap; +#endif /* WOLFSSL_HEAP_TEST */ + + return ret; +} int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen, const EVP_MD* type) { @@ -24761,10 +24823,6 @@ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen, WOLFSSL_MSG("no ctx on init"); return WOLFSSL_FAILURE; } - if (key && (keylen > HMAC_BLOCK_SIZE)) { - WOLFSSL_MSG("invalid keylen"); - return SSL_FAILURE; - } if (type) { WOLFSSL_MSG("init has type"); @@ -24810,15 +24868,25 @@ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen, wc_HmacFree(&ctx->hmac); return WOLFSSL_FAILURE; } - XMEMCPY((byte *)&ctx->save_key, (const byte*)key, (word32)keylen); - ctx->save_len = keylen; + XMEMCPY((byte *)&ctx->save_ipad, (byte *)&ctx->hmac.ipad, + HMAC_BLOCK_SIZE); + XMEMCPY((byte *)&ctx->save_opad, (byte *)&ctx->hmac.opad, + HMAC_BLOCK_SIZE); } /* OpenSSL compat, no error */ } else if(ctx->type >= 0) { /* MD5 == 0 */ WOLFSSL_MSG("recover hmac"); if (wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID) == 0) { - wc_HmacSetKey(&ctx->hmac, ctx->type, (byte *)&ctx->save_key, - (word32)ctx->save_len); + ctx->hmac.macType = ctx->type; + ctx->hmac.innerHashKeyed = 0; + XMEMCPY((byte *)&ctx->hmac.ipad, (byte *)&ctx->save_ipad, + HMAC_BLOCK_SIZE); + XMEMCPY((byte *)&ctx->hmac.opad, (byte *)&ctx->save_opad, + HMAC_BLOCK_SIZE); + if ((hmac_error = _InitHmac(&ctx->hmac, ctx->hmac.macType, ctx->hmac.heap)) + !=0) { + return hmac_error; + } } } diff --git a/tests/api.c b/tests/api.c index c40a76cf7..3f1a2d31f 100644 --- a/tests/api.c +++ b/tests/api.c @@ -16033,9 +16033,16 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest) unsigned char key[] = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" "\x0b\x0b\x0b\x0b\x0b\x0b\x0b"; + unsigned char long_key[] = + "0123456789012345678901234567890123456789" + "0123456789012345678901234567890123456789" + "0123456789012345678901234567890123456789" + "0123456789012345678901234567890123456789"; + unsigned char msg[] = "message to hash"; unsigned int digestSz = 64; int keySz = sizeof(key); + int long_keySz = sizeof(long_key); int msgSz = sizeof(msg); unsigned char digest2[64]; @@ -16059,7 +16066,9 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest) AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0); /* test HMAC_Init with NULL key */ - printf("test HMAC_Init with NULL key (1)\n"); + + /* init after copy */ + printf("test HMAC_Init with NULL key (0)\n"); HMAC_CTX_init(&ctx1); AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS); AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS); @@ -16075,12 +16084,36 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest) AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); - AssertIntEQ(HMAC_Final(&ctx2, digest, &digestSz), SSL_SUCCESS); + AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS); HMAC_CTX_cleanup(&ctx2); AssertIntEQ(digestSz, digestSz2); AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0); + /* long key */ + printf("test HMAC_Init with NULL key (1)\n"); + HMAC_CTX_init(&ctx1); + AssertIntEQ(HMAC_Init(&ctx1, (const void*)long_key, long_keySz, type), SSL_SUCCESS); + AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS); + AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS); + + AssertIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS); + + AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS); + AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS); + AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS); + + AssertIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS); + + AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); + AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); + AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS); + + HMAC_CTX_cleanup(&ctx2); + AssertIntEQ(digestSz, digestSz2); + AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0); + + /* init before copy */ printf("test HMAC_Init with NULL key (2)\n"); HMAC_CTX_init(&ctx1); AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS); @@ -16094,7 +16127,7 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest) AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); - AssertIntEQ(HMAC_Final(&ctx2, digest, &digestSz), SSL_SUCCESS); + AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS); HMAC_CTX_cleanup(&ctx2); AssertIntEQ(digestSz, digestSz2); diff --git a/wolfssl/openssl/hmac.h b/wolfssl/openssl/hmac.h index 37a78d154..0acee75c4 100644 --- a/wolfssl/openssl/hmac.h +++ b/wolfssl/openssl/hmac.h @@ -53,8 +53,8 @@ WOLFSSL_API unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md, typedef struct WOLFSSL_HMAC_CTX { Hmac hmac; int type; - byte save_key[HMAC_BLOCK_SIZE]; /* save initial hmac after wc_HmacSetKey */ - word32 save_len; + word32 save_ipad[HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/ + word32 save_opad[HMAC_BLOCK_SIZE / sizeof(word32)]; } WOLFSSL_HMAC_CTX;