Fixes for HMAC_CTX cleanup not being called to free SHA2 resources with WOLFSSL_SMALL_STACK_CACHE
. Added return code checking and cleanup for openssl_test
.
This commit is contained in:
parent
5c76afc41c
commit
6d5731b8e9
@ -1305,6 +1305,7 @@ int wolfSSL_BIO_reset(WOLFSSL_BIO *bio)
|
||||
if (bio->ptr != NULL) {
|
||||
const WOLFSSL_EVP_MD* md =
|
||||
wolfSSL_EVP_MD_CTX_md((WOLFSSL_EVP_MD_CTX*)bio->ptr);
|
||||
wolfSSL_EVP_MD_CTX_cleanup((WOLFSSL_EVP_MD_CTX*)bio->ptr);
|
||||
wolfSSL_EVP_MD_CTX_init((WOLFSSL_EVP_MD_CTX*)bio->ptr);
|
||||
wolfSSL_EVP_DigestInit((WOLFSSL_EVP_MD_CTX*)bio->ptr, md);
|
||||
}
|
||||
|
27
src/ssl.c
27
src/ssl.c
@ -14661,7 +14661,6 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
||||
{
|
||||
int r = 0;
|
||||
SrpSide srp_side = SRP_CLIENT_SIDE;
|
||||
WC_RNG rng;
|
||||
byte salt[SRP_SALT_SIZE];
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_CTX_set_srp_username");
|
||||
@ -31152,6 +31151,10 @@ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
|
||||
}
|
||||
}
|
||||
|
||||
/* Make sure and free if needed */
|
||||
if (ctx->hmac.macType != WC_HASH_TYPE_NONE) {
|
||||
wc_HmacFree(&ctx->hmac);
|
||||
}
|
||||
if (key && keylen) {
|
||||
WOLFSSL_MSG("keying hmac");
|
||||
|
||||
@ -31168,9 +31171,9 @@ int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
|
||||
WC_HMAC_BLOCK_SIZE);
|
||||
}
|
||||
/* OpenSSL compat, no error */
|
||||
} else if(ctx->type >= 0) { /* MD5 == 0 */
|
||||
}
|
||||
else if (ctx->type >= 0) { /* MD5 == 0 */
|
||||
WOLFSSL_MSG("recover hmac");
|
||||
wc_HmacFree(&ctx->hmac);
|
||||
if (wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID) == 0) {
|
||||
ctx->hmac.macType = (byte)ctx->type;
|
||||
ctx->hmac.innerHashKeyed = 0;
|
||||
@ -31289,20 +31292,26 @@ int wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx)
|
||||
{
|
||||
WOLFSSL_MSG("wolfSSL_HMAC_cleanup");
|
||||
|
||||
if (ctx)
|
||||
if (ctx) {
|
||||
wc_HmacFree(&ctx->hmac);
|
||||
}
|
||||
|
||||
return SSL_SUCCESS;
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
|
||||
void wolfSSL_HMAC_CTX_cleanup(WOLFSSL_HMAC_CTX* ctx)
|
||||
{
|
||||
if (ctx) {
|
||||
wolfSSL_HMAC_cleanup(ctx);
|
||||
}
|
||||
}
|
||||
|
||||
void wolfSSL_HMAC_CTX_free(WOLFSSL_HMAC_CTX* ctx)
|
||||
{
|
||||
if (!ctx) {
|
||||
return;
|
||||
if (ctx) {
|
||||
wolfSSL_HMAC_CTX_cleanup(ctx);
|
||||
XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
}
|
||||
wolfSSL_HMAC_cleanup(ctx);
|
||||
XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
}
|
||||
|
||||
size_t wolfSSL_HMAC_size(const WOLFSSL_HMAC_CTX *ctx)
|
||||
|
14
tests/api.c
14
tests/api.c
@ -30118,18 +30118,17 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
|
||||
AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
|
||||
|
||||
AssertIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
|
||||
|
||||
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
|
||||
HMAC_CTX_cleanup(&ctx1);
|
||||
|
||||
AssertIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
|
||||
|
||||
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
|
||||
|
||||
HMAC_CTX_cleanup(&ctx2);
|
||||
|
||||
AssertIntEQ(digestSz, digestSz2);
|
||||
AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
|
||||
|
||||
@ -30141,18 +30140,17 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
|
||||
AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
|
||||
|
||||
AssertIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
|
||||
|
||||
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
|
||||
HMAC_CTX_cleanup(&ctx1);
|
||||
|
||||
AssertIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
|
||||
|
||||
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
|
||||
|
||||
HMAC_CTX_cleanup(&ctx2);
|
||||
|
||||
AssertIntEQ(digestSz, digestSz2);
|
||||
AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
|
||||
|
||||
@ -30167,13 +30165,13 @@ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
|
||||
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
|
||||
HMAC_CTX_cleanup(&ctx1);
|
||||
|
||||
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
|
||||
AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
|
||||
|
||||
HMAC_CTX_cleanup(&ctx1);
|
||||
HMAC_CTX_cleanup(&ctx2);
|
||||
|
||||
AssertIntEQ(digestSz, digestSz2);
|
||||
AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
|
||||
|
||||
|
@ -3369,9 +3369,9 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
|
||||
{
|
||||
if (ctx) {
|
||||
WOLFSSL_ENTER("EVP_MD_CTX_free");
|
||||
wolfSSL_EVP_MD_CTX_cleanup(ctx);
|
||||
XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
}
|
||||
wolfSSL_EVP_MD_CTX_cleanup(ctx);
|
||||
XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
}
|
||||
}
|
||||
|
||||
/* returns the NID of message digest used by the ctx */
|
||||
|
@ -15692,6 +15692,7 @@ static int openssl_aes_test(void)
|
||||
|
||||
int openssl_test(void)
|
||||
{
|
||||
int ret;
|
||||
EVP_MD_CTX md_ctx;
|
||||
testVector a, b, c, d, e, f;
|
||||
byte hash[WC_SHA256_DIGEST_SIZE*2]; /* max size */
|
||||
@ -15718,7 +15719,6 @@ int openssl_test(void)
|
||||
}
|
||||
|
||||
#ifndef NO_MD5
|
||||
|
||||
a.input = "1234567890123456789012345678901234567890123456789012345678"
|
||||
"9012345678901234567890";
|
||||
a.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6"
|
||||
@ -15727,18 +15727,20 @@ int openssl_test(void)
|
||||
a.outLen = WC_MD5_DIGEST_SIZE;
|
||||
|
||||
EVP_MD_CTX_init(&md_ctx);
|
||||
EVP_DigestInit(&md_ctx, EVP_md5());
|
||||
|
||||
EVP_DigestUpdate(&md_ctx, a.input, (unsigned long)a.inLen);
|
||||
EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
|
||||
if (XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE) != 0)
|
||||
return -8401;
|
||||
|
||||
ret = EVP_DigestInit(&md_ctx, EVP_md5());
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_DigestUpdate(&md_ctx, a.input, (unsigned long)a.inLen);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
ret = EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
}
|
||||
EVP_MD_CTX_cleanup(&md_ctx);
|
||||
if (ret != WOLFSSL_SUCCESS ||
|
||||
XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE) != 0) {
|
||||
return -8402;
|
||||
}
|
||||
#endif /* NO_MD5 */
|
||||
|
||||
#ifndef NO_SHA
|
||||
|
||||
b.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
||||
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
||||
"aaaaaaaaaa";
|
||||
@ -15748,18 +15750,20 @@ int openssl_test(void)
|
||||
b.outLen = WC_SHA_DIGEST_SIZE;
|
||||
|
||||
EVP_MD_CTX_init(&md_ctx);
|
||||
EVP_DigestInit(&md_ctx, EVP_sha1());
|
||||
|
||||
EVP_DigestUpdate(&md_ctx, b.input, (unsigned long)b.inLen);
|
||||
EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
|
||||
if (XMEMCMP(hash, b.output, WC_SHA_DIGEST_SIZE) != 0)
|
||||
ret = EVP_DigestInit(&md_ctx, EVP_sha1());
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_DigestUpdate(&md_ctx, b.input, (unsigned long)b.inLen);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
ret = EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
}
|
||||
EVP_MD_CTX_cleanup(&md_ctx);
|
||||
if (ret != WOLFSSL_SUCCESS ||
|
||||
XMEMCMP(hash, b.output, WC_SHA_DIGEST_SIZE) != 0) {
|
||||
return -8402;
|
||||
|
||||
}
|
||||
#endif /* NO_SHA */
|
||||
|
||||
#ifdef WOLFSSL_SHA224
|
||||
|
||||
e.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
|
||||
"jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
|
||||
e.output = "\xc9\x7c\xa9\xa5\x59\x85\x0c\xe9\x7a\x04\xa9\x6d\xef\x6d\x99"
|
||||
@ -15768,17 +15772,20 @@ int openssl_test(void)
|
||||
e.outLen = WC_SHA224_DIGEST_SIZE;
|
||||
|
||||
EVP_MD_CTX_init(&md_ctx);
|
||||
EVP_DigestInit(&md_ctx, EVP_sha224());
|
||||
|
||||
EVP_DigestUpdate(&md_ctx, e.input, (unsigned long)e.inLen);
|
||||
EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
|
||||
if (XMEMCMP(hash, e.output, WC_SHA224_DIGEST_SIZE) != 0)
|
||||
ret = EVP_DigestInit(&md_ctx, EVP_sha224());
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_DigestUpdate(&md_ctx, e.input, (unsigned long)e.inLen);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
ret = EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
}
|
||||
EVP_MD_CTX_cleanup(&md_ctx);
|
||||
if (ret != WOLFSSL_SUCCESS ||
|
||||
XMEMCMP(hash, e.output, WC_SHA224_DIGEST_SIZE) != 0) {
|
||||
return -8403;
|
||||
|
||||
}
|
||||
#endif /* WOLFSSL_SHA224 */
|
||||
|
||||
|
||||
#ifndef NO_SHA256
|
||||
d.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
|
||||
d.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
|
||||
"\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
|
||||
@ -15787,16 +15794,20 @@ int openssl_test(void)
|
||||
d.outLen = WC_SHA256_DIGEST_SIZE;
|
||||
|
||||
EVP_MD_CTX_init(&md_ctx);
|
||||
EVP_DigestInit(&md_ctx, EVP_sha256());
|
||||
|
||||
EVP_DigestUpdate(&md_ctx, d.input, (unsigned long)d.inLen);
|
||||
EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
|
||||
if (XMEMCMP(hash, d.output, WC_SHA256_DIGEST_SIZE) != 0)
|
||||
ret = EVP_DigestInit(&md_ctx, EVP_sha256());
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_DigestUpdate(&md_ctx, d.input, (unsigned long)d.inLen);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
ret = EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
}
|
||||
EVP_MD_CTX_cleanup(&md_ctx);
|
||||
if (ret != WOLFSSL_SUCCESS ||
|
||||
XMEMCMP(hash, d.output, WC_SHA256_DIGEST_SIZE) != 0) {
|
||||
return -8404;
|
||||
}
|
||||
#endif /* !NO_SHA256 */
|
||||
|
||||
#ifdef WOLFSSL_SHA384
|
||||
|
||||
e.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
|
||||
"jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
|
||||
e.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b"
|
||||
@ -15807,19 +15818,20 @@ int openssl_test(void)
|
||||
e.outLen = WC_SHA384_DIGEST_SIZE;
|
||||
|
||||
EVP_MD_CTX_init(&md_ctx);
|
||||
EVP_DigestInit(&md_ctx, EVP_sha384());
|
||||
|
||||
EVP_DigestUpdate(&md_ctx, e.input, (unsigned long)e.inLen);
|
||||
EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
|
||||
if (XMEMCMP(hash, e.output, WC_SHA384_DIGEST_SIZE) != 0)
|
||||
ret = EVP_DigestInit(&md_ctx, EVP_sha384());
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_DigestUpdate(&md_ctx, e.input, (unsigned long)e.inLen);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
ret = EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
}
|
||||
EVP_MD_CTX_cleanup(&md_ctx);
|
||||
if (ret != WOLFSSL_SUCCESS ||
|
||||
XMEMCMP(hash, e.output, WC_SHA384_DIGEST_SIZE) != 0) {
|
||||
return -8405;
|
||||
|
||||
}
|
||||
#endif /* WOLFSSL_SHA384 */
|
||||
|
||||
|
||||
#ifdef WOLFSSL_SHA512
|
||||
|
||||
f.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
|
||||
"jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
|
||||
f.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14"
|
||||
@ -15831,36 +15843,42 @@ int openssl_test(void)
|
||||
f.outLen = WC_SHA512_DIGEST_SIZE;
|
||||
|
||||
EVP_MD_CTX_init(&md_ctx);
|
||||
EVP_DigestInit(&md_ctx, EVP_sha512());
|
||||
|
||||
EVP_DigestUpdate(&md_ctx, f.input, (unsigned long)f.inLen);
|
||||
EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
|
||||
if (XMEMCMP(hash, f.output, WC_SHA512_DIGEST_SIZE) != 0)
|
||||
ret = EVP_DigestInit(&md_ctx, EVP_sha512());
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_DigestUpdate(&md_ctx, f.input, (unsigned long)f.inLen);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
ret = EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
}
|
||||
EVP_MD_CTX_cleanup(&md_ctx);
|
||||
if (ret != WOLFSSL_SUCCESS ||
|
||||
XMEMCMP(hash, f.output, WC_SHA512_DIGEST_SIZE) != 0) {
|
||||
return -8406;
|
||||
|
||||
}
|
||||
#endif /* WOLFSSL_SHA512 */
|
||||
|
||||
#ifdef WOLFSSL_SHA3
|
||||
#ifndef WOLFSSL_NOSHA3_224
|
||||
|
||||
e.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
|
||||
"jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
|
||||
e.output = "\x54\x3e\x68\x68\xe1\x66\x6c\x1a\x64\x36\x30\xdf\x77\x36\x7a\xe5\xa6\x2a\x85\x07\x0a\x51\xc1\x4c\xbf\x66\x5c\xbc";
|
||||
e.output = "\x54\x3e\x68\x68\xe1\x66\x6c\x1a\x64\x36\x30\xdf\x77\x36\x7a"
|
||||
"\xe5\xa6\x2a\x85\x07\x0a\x51\xc1\x4c\xbf\x66\x5c\xbc";
|
||||
e.inLen = XSTRLEN(e.input);
|
||||
e.outLen = WC_SHA3_224_DIGEST_SIZE;
|
||||
|
||||
EVP_MD_CTX_init(&md_ctx);
|
||||
EVP_DigestInit(&md_ctx, EVP_sha3_224());
|
||||
|
||||
EVP_DigestUpdate(&md_ctx, e.input, (unsigned long)e.inLen);
|
||||
EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
|
||||
if (XMEMCMP(hash, e.output, WC_SHA3_224_DIGEST_SIZE) != 0)
|
||||
ret = EVP_DigestInit(&md_ctx, EVP_sha3_224());
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_DigestUpdate(&md_ctx, e.input, (unsigned long)e.inLen);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
ret = EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
}
|
||||
EVP_MD_CTX_cleanup(&md_ctx);
|
||||
if (ret != WOLFSSL_SUCCESS ||
|
||||
XMEMCMP(hash, e.output, WC_SHA3_224_DIGEST_SIZE) != 0) {
|
||||
return -8407;
|
||||
|
||||
}
|
||||
#endif /* WOLFSSL_NOSHA3_224 */
|
||||
|
||||
|
||||
#ifndef WOLFSSL_NOSHA3_256
|
||||
d.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
|
||||
"jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
|
||||
@ -15871,69 +15889,85 @@ int openssl_test(void)
|
||||
d.outLen = WC_SHA3_256_DIGEST_SIZE;
|
||||
|
||||
EVP_MD_CTX_init(&md_ctx);
|
||||
EVP_DigestInit(&md_ctx, EVP_sha3_256());
|
||||
|
||||
EVP_DigestUpdate(&md_ctx, d.input, (unsigned long)d.inLen);
|
||||
EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
|
||||
if (XMEMCMP(hash, d.output, WC_SHA3_256_DIGEST_SIZE) != 0)
|
||||
ret = EVP_DigestInit(&md_ctx, EVP_sha3_256());
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_DigestUpdate(&md_ctx, d.input, (unsigned long)d.inLen);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
ret = EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
}
|
||||
EVP_MD_CTX_cleanup(&md_ctx);
|
||||
if (ret != WOLFSSL_SUCCESS ||
|
||||
XMEMCMP(hash, d.output, WC_SHA3_256_DIGEST_SIZE) != 0) {
|
||||
return -8408;
|
||||
}
|
||||
#endif /* WOLFSSL_NOSHA3_256 */
|
||||
|
||||
|
||||
e.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
|
||||
"jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
|
||||
e.output = "\x79\x40\x7d\x3b\x59\x16\xb5\x9c\x3e\x30\xb0\x98\x22\x97\x47\x91\xc3\x13\xfb\x9e\xcc\x84\x9e\x40\x6f\x23\x59\x2d\x04\xf6\x25\xdc\x8c\x70\x9b\x98\xb4\x3b\x38\x52\xb3\x37\x21\x61\x79\xaa\x7f\xc7";
|
||||
e.output = "\x79\x40\x7d\x3b\x59\x16\xb5\x9c\x3e\x30\xb0\x98\x22\x97\x47"
|
||||
"\x91\xc3\x13\xfb\x9e\xcc\x84\x9e\x40\x6f\x23\x59\x2d\x04\xf6"
|
||||
"\x25\xdc\x8c\x70\x9b\x98\xb4\x3b\x38\x52\xb3\x37\x21\x61\x79"
|
||||
"\xaa\x7f\xc7";
|
||||
e.inLen = XSTRLEN(e.input);
|
||||
e.outLen = WC_SHA3_384_DIGEST_SIZE;
|
||||
|
||||
EVP_MD_CTX_init(&md_ctx);
|
||||
EVP_DigestInit(&md_ctx, EVP_sha3_384());
|
||||
|
||||
EVP_DigestUpdate(&md_ctx, e.input, (unsigned long)e.inLen);
|
||||
EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
|
||||
if (XMEMCMP(hash, e.output, WC_SHA3_384_DIGEST_SIZE) != 0)
|
||||
ret = EVP_DigestInit(&md_ctx, EVP_sha3_384());
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_DigestUpdate(&md_ctx, e.input, (unsigned long)e.inLen);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
ret = EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
}
|
||||
EVP_MD_CTX_cleanup(&md_ctx);
|
||||
if (ret != WOLFSSL_SUCCESS ||
|
||||
XMEMCMP(hash, e.output, WC_SHA3_384_DIGEST_SIZE) != 0) {
|
||||
return -8409;
|
||||
|
||||
|
||||
}
|
||||
|
||||
#ifndef WOLFSSL_NOSHA3_512
|
||||
|
||||
f.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
|
||||
"jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
|
||||
f.output = "\xaf\xeb\xb2\xef\x54\x2e\x65\x79\xc5\x0c\xad\x06\xd2\xe5\x78\xf9\xf8\xdd\x68\x81\xd7\xdc\x82\x4d\x26\x36\x0f\xee\xbf\x18\xa4\xfa\x73\xe3\x26\x11\x22\x94\x8e\xfc\xfd\x49\x2e\x74\xe8\x2e\x21\x89\xed\x0f\xb4\x40\xd1\x87\xf3\x82\x27\x0c\xb4\x55\xf2\x1d\xd1\x85";
|
||||
f.output = "\xaf\xeb\xb2\xef\x54\x2e\x65\x79\xc5\x0c\xad\x06\xd2\xe5\x78"
|
||||
"\xf9\xf8\xdd\x68\x81\xd7\xdc\x82\x4d\x26\x36\x0f\xee\xbf\x18"
|
||||
"\xa4\xfa\x73\xe3\x26\x11\x22\x94\x8e\xfc\xfd\x49\x2e\x74\xe8"
|
||||
"\x2e\x21\x89\xed\x0f\xb4\x40\xd1\x87\xf3\x82\x27\x0c\xb4\x55"
|
||||
"\xf2\x1d\xd1\x85";
|
||||
f.inLen = XSTRLEN(f.input);
|
||||
f.outLen = WC_SHA3_512_DIGEST_SIZE;
|
||||
|
||||
EVP_MD_CTX_init(&md_ctx);
|
||||
EVP_DigestInit(&md_ctx, EVP_sha3_512());
|
||||
|
||||
EVP_DigestUpdate(&md_ctx, f.input, (unsigned long)f.inLen);
|
||||
EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
|
||||
if (XMEMCMP(hash, f.output, WC_SHA3_512_DIGEST_SIZE) != 0)
|
||||
ret = EVP_DigestInit(&md_ctx, EVP_sha3_512());
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_DigestUpdate(&md_ctx, f.input, (unsigned long)f.inLen);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
ret = EVP_DigestFinal(&md_ctx, hash, 0);
|
||||
}
|
||||
EVP_MD_CTX_cleanup(&md_ctx);
|
||||
if (ret != WOLFSSL_SUCCESS ||
|
||||
XMEMCMP(hash, f.output, WC_SHA3_512_DIGEST_SIZE) != 0) {
|
||||
return -8410;
|
||||
|
||||
}
|
||||
#endif /* WOLFSSL_NOSHA3_512 */
|
||||
#endif /* WOLFSSL_SHA3 */
|
||||
|
||||
#ifndef NO_MD5
|
||||
if (RAND_bytes(hash, sizeof(hash)) != 1)
|
||||
#ifndef WC_NO_RNG
|
||||
if (RAND_bytes(hash, sizeof(hash)) != WOLFSSL_SUCCESS)
|
||||
return -8411;
|
||||
#endif
|
||||
|
||||
#ifndef NO_MD5
|
||||
c.input = "what do ya want for nothing?";
|
||||
c.output = "\x55\x78\xe8\x48\x4b\xcc\x93\x80\x93\xec\x53\xaf\x22\xd6\x14"
|
||||
"\x76";
|
||||
c.inLen = XSTRLEN(c.input);
|
||||
c.outLen = WC_MD5_DIGEST_SIZE;
|
||||
|
||||
HMAC(EVP_md5(),
|
||||
"JefeJefeJefeJefe", 16, (byte*)c.input, (int)c.inLen, hash, 0);
|
||||
|
||||
if (XMEMCMP(hash, c.output, WC_MD5_DIGEST_SIZE) != 0)
|
||||
if (HMAC(EVP_md5(), "JefeJefeJefeJefe", 16, (byte*)c.input, (int)c.inLen,
|
||||
hash, 0) == NULL ||
|
||||
XMEMCMP(hash, c.output, WC_MD5_DIGEST_SIZE) != 0)
|
||||
{
|
||||
return -8412;
|
||||
|
||||
}
|
||||
#endif /* NO_MD5 */
|
||||
|
||||
#ifndef NO_DES3
|
||||
@ -15943,24 +15977,16 @@ int openssl_test(void)
|
||||
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
|
||||
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
|
||||
};
|
||||
|
||||
byte plain[24];
|
||||
byte cipher[24];
|
||||
|
||||
const_DES_cblock key =
|
||||
{
|
||||
const_DES_cblock key = {
|
||||
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
|
||||
};
|
||||
|
||||
DES_cblock iv =
|
||||
{
|
||||
DES_cblock iv = {
|
||||
0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
|
||||
};
|
||||
|
||||
DES_key_schedule sched;
|
||||
|
||||
const byte verify[] =
|
||||
{
|
||||
const byte verify[] = {
|
||||
0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8,
|
||||
0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73,
|
||||
0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b
|
||||
@ -15985,158 +16011,160 @@ int openssl_test(void)
|
||||
return -8415;
|
||||
|
||||
} /* end des test */
|
||||
|
||||
#endif /* NO_DES3 */
|
||||
|
||||
#if !defined(NO_AES) && !defined(WOLFCRYPT_ONLY)
|
||||
if (openssl_aes_test() != 0) {
|
||||
return -8416;
|
||||
}
|
||||
if (openssl_aes_test() != 0) {
|
||||
return -8416;
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_AES_128) && defined(HAVE_AES_CBC)
|
||||
{ /* evp_cipher test: EVP_aes_128_cbc */
|
||||
{ /* evp_cipher test: EVP_aes_128_cbc */
|
||||
EVP_CIPHER_CTX ctx;
|
||||
int idx, cipherSz, plainSz;
|
||||
|
||||
const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */
|
||||
0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
|
||||
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
|
||||
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
|
||||
};
|
||||
|
||||
const byte verify[] =
|
||||
{
|
||||
const byte verify[] = {
|
||||
0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53,
|
||||
0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb,
|
||||
0x3b,0x5d,0x41,0x97,0x94,0x25,0xa4,0xb4,
|
||||
0xae,0x7b,0x34,0xd0,0x3f,0x0c,0xbc,0x06
|
||||
};
|
||||
|
||||
const byte verify2[] =
|
||||
{
|
||||
const byte verify2[] = {
|
||||
0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53,
|
||||
0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb,
|
||||
0x7d,0x37,0x7b,0x0b,0x44,0xaa,0xb5,0xf0,
|
||||
0x5f,0x34,0xb4,0xde,0xb5,0xbd,0x2a,0xbb
|
||||
};
|
||||
|
||||
byte key[] = "0123456789abcdef "; /* align */
|
||||
byte iv[] = "1234567890abcdef "; /* align */
|
||||
|
||||
byte cipher[AES_BLOCK_SIZE * 4];
|
||||
byte plain [AES_BLOCK_SIZE * 4];
|
||||
|
||||
cipherSz = 0;
|
||||
EVP_CIPHER_CTX_init(&ctx);
|
||||
if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 1) == 0)
|
||||
ret = EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 1);
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_CipherUpdate(&ctx, cipher, &idx, (byte*)msg, sizeof(msg));
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
cipherSz += idx;
|
||||
}
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_CipherFinal(&ctx, cipher + cipherSz, &idx);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
cipherSz += idx;
|
||||
}
|
||||
EVP_CIPHER_CTX_cleanup(&ctx);
|
||||
if (ret != WOLFSSL_SUCCESS)
|
||||
return -8417;
|
||||
|
||||
if (EVP_CipherUpdate(&ctx, cipher, &idx, (byte*)msg, sizeof(msg)) == 0)
|
||||
if (cipherSz != (int)sizeof(verify) || XMEMCMP(cipher, verify, cipherSz))
|
||||
return -8418;
|
||||
|
||||
cipherSz = idx;
|
||||
if (EVP_CipherFinal(&ctx, cipher + cipherSz, &idx) == 0)
|
||||
return -8419;
|
||||
cipherSz += idx;
|
||||
|
||||
if ((cipherSz != (int)sizeof(verify)) &&
|
||||
XMEMCMP(cipher, verify, cipherSz))
|
||||
return -8420;
|
||||
|
||||
EVP_CIPHER_CTX_init(&ctx);
|
||||
if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 0) == 0)
|
||||
return -8421;
|
||||
|
||||
/* check partial decrypt (not enough padding for full block) */
|
||||
if (EVP_CipherUpdate(&ctx, plain, &idx, cipher, 1) == 0)
|
||||
plainSz = 0;
|
||||
EVP_CIPHER_CTX_init(&ctx);
|
||||
ret = EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 0);
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_CipherUpdate(&ctx, plain, &idx, cipher, 1);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
plainSz += idx;
|
||||
}
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
/* this test should fail... not enough padding for full block */
|
||||
ret = EVP_CipherFinal(&ctx, plain + plainSz, &idx);
|
||||
if (plainSz == 0 && ret != WOLFSSL_SUCCESS)
|
||||
ret = WOLFSSL_SUCCESS;
|
||||
else
|
||||
ret = -8419;
|
||||
}
|
||||
else
|
||||
ret = -8420;
|
||||
EVP_CIPHER_CTX_cleanup(&ctx);
|
||||
if (ret != WOLFSSL_SUCCESS)
|
||||
return ret;
|
||||
|
||||
plainSz = 0;
|
||||
EVP_CIPHER_CTX_init(&ctx);
|
||||
ret = EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 0);
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_CipherUpdate(&ctx, plain, &idx, cipher, cipherSz);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
plainSz += idx;
|
||||
}
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_CipherFinal(&ctx, plain + plainSz, &idx);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
plainSz += idx;
|
||||
}
|
||||
EVP_CIPHER_CTX_cleanup(&ctx);
|
||||
if (ret != WOLFSSL_SUCCESS)
|
||||
return -8421;
|
||||
if (plainSz != (int)sizeof(msg) || XMEMCMP(plain, msg, sizeof(msg)))
|
||||
return -8422;
|
||||
|
||||
plainSz = idx;
|
||||
if (EVP_CipherFinal(&ctx, plain + plainSz, &idx) != 0)
|
||||
cipherSz = 0;
|
||||
EVP_CIPHER_CTX_init(&ctx);
|
||||
ret = EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 1);
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_CipherUpdate(&ctx, cipher, &idx, msg, AES_BLOCK_SIZE);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
cipherSz += idx;
|
||||
}
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ret = EVP_CipherFinal(&ctx, cipher + cipherSz, &idx);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
cipherSz += idx;
|
||||
}
|
||||
EVP_CIPHER_CTX_cleanup(&ctx);
|
||||
if (ret != WOLFSSL_SUCCESS)
|
||||
return -8423;
|
||||
|
||||
EVP_CIPHER_CTX_init(&ctx);
|
||||
if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 0) == 0)
|
||||
if (cipherSz != (int)sizeof(verify2) || XMEMCMP(cipher, verify2, cipherSz))
|
||||
return -8424;
|
||||
|
||||
if (EVP_CipherUpdate(&ctx, plain, &idx, cipher, cipherSz) == 0)
|
||||
return -8425;
|
||||
|
||||
plainSz = idx;
|
||||
if (EVP_CipherFinal(&ctx, plain + plainSz, &idx) == 0)
|
||||
return -8426;
|
||||
plainSz += idx;
|
||||
|
||||
if ((plainSz != sizeof(msg)) || XMEMCMP(plain, msg, sizeof(msg)))
|
||||
return -8427;
|
||||
|
||||
EVP_CIPHER_CTX_init(&ctx);
|
||||
if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 1) == 0)
|
||||
return -8428;
|
||||
|
||||
if (EVP_CipherUpdate(&ctx, cipher, &idx, msg, AES_BLOCK_SIZE) == 0)
|
||||
return -8429;
|
||||
|
||||
cipherSz = idx;
|
||||
if (EVP_CipherFinal(&ctx, cipher + cipherSz, &idx) == 0)
|
||||
return -8430;
|
||||
cipherSz += idx;
|
||||
|
||||
if ((cipherSz != (int)sizeof(verify2)) ||
|
||||
XMEMCMP(cipher, verify2, cipherSz))
|
||||
return -8431;
|
||||
|
||||
} /* end evp_cipher test: EVP_aes_128_cbc*/
|
||||
#endif /* WOLFSSL_AES_128 && HAVE_AES_CBC */
|
||||
|
||||
#if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_256)
|
||||
{ /* evp_cipher test: EVP_aes_256_ecb*/
|
||||
{ /* evp_cipher test: EVP_aes_256_ecb*/
|
||||
EVP_CIPHER_CTX ctx;
|
||||
const byte msg[] =
|
||||
{
|
||||
const byte msg[] = {
|
||||
0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
|
||||
0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
|
||||
};
|
||||
|
||||
const byte verify[] =
|
||||
{
|
||||
const byte verify[] = {
|
||||
0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c,
|
||||
0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8
|
||||
};
|
||||
|
||||
const byte key[] =
|
||||
{
|
||||
const byte key[] = {
|
||||
0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
|
||||
0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
|
||||
0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
|
||||
0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
|
||||
};
|
||||
|
||||
|
||||
byte cipher[AES_BLOCK_SIZE * 4];
|
||||
byte plain [AES_BLOCK_SIZE * 4];
|
||||
|
||||
EVP_CIPHER_CTX_init(&ctx);
|
||||
if (EVP_CipherInit(&ctx, EVP_aes_256_ecb(), (unsigned char*)key,
|
||||
NULL, 1) == 0)
|
||||
return -8432;
|
||||
|
||||
if (EVP_Cipher(&ctx, cipher, (byte*)msg, 16) == 0)
|
||||
return -8433;
|
||||
|
||||
ret = EVP_CipherInit(&ctx, EVP_aes_256_ecb(), (unsigned char*)key, NULL, 1);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
ret = EVP_Cipher(&ctx, cipher, (byte*)msg, 16);
|
||||
EVP_CIPHER_CTX_cleanup(&ctx);
|
||||
if (ret != WOLFSSL_SUCCESS)
|
||||
return -8430;
|
||||
if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE))
|
||||
return -8434;
|
||||
return -8431;
|
||||
|
||||
EVP_CIPHER_CTX_init(&ctx);
|
||||
if (EVP_CipherInit(&ctx, EVP_aes_256_ecb(), (unsigned char*)key,
|
||||
NULL, 0) == 0)
|
||||
return -8435;
|
||||
|
||||
if (EVP_Cipher(&ctx, plain, cipher, 16) == 0)
|
||||
ret = EVP_CipherInit(&ctx, EVP_aes_256_ecb(), (unsigned char*)key, NULL, 0);
|
||||
if (ret == WOLFSSL_SUCCESS)
|
||||
ret = EVP_Cipher(&ctx, plain, cipher, 16);
|
||||
EVP_CIPHER_CTX_cleanup(&ctx);
|
||||
if (ret != WOLFSSL_SUCCESS)
|
||||
return -8436;
|
||||
|
||||
if (XMEMCMP(plain, msg, AES_BLOCK_SIZE))
|
||||
return -8437;
|
||||
|
||||
} /* end evp_cipher test */
|
||||
#endif /* HAVE_AES_ECB && WOLFSSL_AES_128 */
|
||||
|
||||
|
@ -72,6 +72,7 @@ WOLFSSL_API int wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx,
|
||||
WOLFSSL_API int wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash,
|
||||
unsigned int* len);
|
||||
WOLFSSL_API int wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx);
|
||||
WOLFSSL_API void wolfSSL_HMAC_CTX_cleanup(WOLFSSL_HMAC_CTX* ctx);
|
||||
WOLFSSL_API void wolfSSL_HMAC_CTX_free(WOLFSSL_HMAC_CTX* ctx);
|
||||
WOLFSSL_API size_t wolfSSL_HMAC_size(const WOLFSSL_HMAC_CTX *ctx);
|
||||
|
||||
@ -83,6 +84,7 @@ typedef struct WOLFSSL_HMAC_CTX HMAC_CTX;
|
||||
#define HMAC_CTX_init wolfSSL_HMAC_CTX_Init
|
||||
#define HMAC_CTX_copy wolfSSL_HMAC_CTX_copy
|
||||
#define HMAC_CTX_free wolfSSL_HMAC_CTX_free
|
||||
#define HMAC_CTX_cleanup wolfSSL_HMAC_CTX_cleanup
|
||||
#define HMAC_CTX_reset wolfSSL_HMAC_cleanup
|
||||
#define HMAC_Init_ex wolfSSL_HMAC_Init_ex
|
||||
#define HMAC_Init wolfSSL_HMAC_Init
|
||||
|
@ -861,7 +861,6 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
||||
/*#if OPENSSL_API_COMPAT < 0x10100000L*/
|
||||
#define CONF_modules_free()
|
||||
#define ENGINE_cleanup()
|
||||
#define HMAC_CTX_cleanup wolfSSL_HMAC_cleanup
|
||||
#define SSL_CTX_need_tmp_RSA(ctx) 0
|
||||
#define SSL_CTX_set_tmp_rsa(ctx,rsa) 1
|
||||
#define SSL_need_tmp_RSA(ssl) 0
|
||||
|
Loading…
x
Reference in New Issue
Block a user