From b91934f06521d4f3a95ebb780829d8f8a5c96c5f Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Thu, 1 Jan 2015 14:48:33 -0700 Subject: [PATCH] change to header files and update of function calls in src folder --- src/internal.c | 156 +++++++++++++++++------------------ src/ssl.c | 8 +- src/tls.c | 2 +- testsuite/testsuite.c | 12 +-- wolfcrypt/src/des3.c | 66 +++++++-------- wolfcrypt/src/random.c | 14 ++-- wolfssl/wolfcrypt/hmac.h | 46 +++++------ wolfssl/wolfcrypt/logging.h | 2 +- wolfssl/wolfcrypt/random.h | 77 +++++++++++++++++ wolfssl/wolfcrypt/rsa.h | 40 ++++++++- wolfssl/wolfcrypt/settings.h | 5 ++ wolfssl/wolfcrypt/sha256.h | 34 +++++++- wolfssl/wolfcrypt/sha512.h | 10 ++- 13 files changed, 310 insertions(+), 162 deletions(-) diff --git a/src/internal.c b/src/internal.c index ecd288b3d..875d3b935 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1802,14 +1802,14 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) wc_InitMd5(&ssl->hashMd5); #endif #ifndef NO_SHA - ret = InitSha(&ssl->hashSha); + ret = wc_InitSha(&ssl->hashSha); if (ret != 0) { return ret; } #endif #endif #ifndef NO_SHA256 - ret = InitSha256(&ssl->hashSha256); + ret = wc_InitSha256(&ssl->hashSha256); if (ret != 0) { return ret; } @@ -1881,7 +1881,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx) WOLFSSL_MSG("PeerRsaKey Memory error"); return MEMORY_E; } - ret = InitRsaKey(ssl->peerRsaKey, ctx->heap); + ret = wc_InitRsaKey(ssl->peerRsaKey, ctx->heap); if (ret != 0) return ret; #endif #ifndef NO_CERTS @@ -1991,7 +1991,7 @@ void SSL_ResourceFree(WOLFSSL* ssl) #endif #ifndef NO_RSA if (ssl->peerRsaKey) { - FreeRsaKey(ssl->peerRsaKey); + wc_FreeRsaKey(ssl->peerRsaKey); XFREE(ssl->peerRsaKey, ssl->heap, DYNAMIC_TYPE_RSA); } #endif @@ -2106,7 +2106,7 @@ void FreeHandshakeResources(WOLFSSL* ssl) #ifndef NO_RSA /* peerRsaKey */ if (ssl->peerRsaKey) { - FreeRsaKey(ssl->peerRsaKey); + wc_FreeRsaKey(ssl->peerRsaKey); XFREE(ssl->peerRsaKey, ssl->heap, DYNAMIC_TYPE_RSA); ssl->peerRsaKey = NULL; } @@ -2620,7 +2620,7 @@ static int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz) #endif #ifndef NO_OLD_TLS #ifndef NO_SHA - ShaUpdate(&ssl->hashSha, adj, sz); + wc_ShaUpdate(&ssl->hashSha, adj, sz); #endif #ifndef NO_MD5 wc_Md5Update(&ssl->hashMd5, adj, sz); @@ -2631,7 +2631,7 @@ static int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz) int ret; #ifndef NO_SHA256 - ret = Sha256Update(&ssl->hashSha256, adj, sz); + ret = wc_Sha256Update(&ssl->hashSha256, adj, sz); if (ret != 0) return ret; #endif @@ -2661,7 +2661,7 @@ static int HashInput(WOLFSSL* ssl, const byte* input, int sz) #ifndef NO_OLD_TLS #ifndef NO_SHA - ShaUpdate(&ssl->hashSha, adj, sz); + wc_ShaUpdate(&ssl->hashSha, adj, sz); #endif #ifndef NO_MD5 wc_Md5Update(&ssl->hashMd5, adj, sz); @@ -2672,7 +2672,7 @@ static int HashInput(WOLFSSL* ssl, const byte* input, int sz) int ret; #ifndef NO_SHA256 - ret = Sha256Update(&ssl->hashSha256, adj, sz); + ret = wc_Sha256Update(&ssl->hashSha256, adj, sz); if (ret != 0) return ret; #endif @@ -3215,15 +3215,15 @@ static void BuildSHA(WOLFSSL* ssl, Hashes* hashes, const byte* sender) byte sha_result[SHA_DIGEST_SIZE]; /* make sha inner */ - ShaUpdate(&ssl->hashSha, sender, SIZEOF_SENDER); - ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN); - ShaUpdate(&ssl->hashSha, PAD1, PAD_SHA); + wc_ShaUpdate(&ssl->hashSha, sender, SIZEOF_SENDER); + wc_ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN); + wc_ShaUpdate(&ssl->hashSha, PAD1, PAD_SHA); ShaFinal(&ssl->hashSha, sha_result); /* make sha outer */ - ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN); - ShaUpdate(&ssl->hashSha, PAD2, PAD_SHA); - ShaUpdate(&ssl->hashSha, sha_result, SHA_DIGEST_SIZE); + wc_ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN); + wc_ShaUpdate(&ssl->hashSha, PAD2, PAD_SHA); + wc_ShaUpdate(&ssl->hashSha, sha_result, SHA_DIGEST_SIZE); ShaFinal(&ssl->hashSha, hashes->sha); } @@ -4412,12 +4412,12 @@ static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx, int keyRet = 0; if (ssl->peerRsaKeyPresent) { /* don't leak on reuse */ - FreeRsaKey(ssl->peerRsaKey); + wc_FreeRsaKey(ssl->peerRsaKey); ssl->peerRsaKeyPresent = 0; - keyRet = InitRsaKey(ssl->peerRsaKey, ssl->heap); + keyRet = wc_InitRsaKey(ssl->peerRsaKey, ssl->heap); } - if (keyRet != 0 || RsaPublicKeyDecode(dCert->publicKey, + if (keyRet != 0 || wc_RsaPublicKeyDecode(dCert->publicKey, &idx, ssl->peerRsaKey, dCert->pubKeySize) != 0) { ret = PEER_KEY_ERROR; } @@ -6003,10 +6003,10 @@ static INLINE void ShaRounds(int rounds, const byte* data, int sz) Sha sha; int i; - InitSha(&sha); /* no error check on purpose, dummy round */ + wc_InitSha(&sha); /* no error check on purpose, dummy round */ for (i = 0; i < rounds; i++) - ShaUpdate(&sha, data, sz); + wc_ShaUpdate(&sha, data, sz); } #endif @@ -6018,10 +6018,10 @@ static INLINE void Sha256Rounds(int rounds, const byte* data, int sz) Sha256 sha256; int i; - InitSha256(&sha256); /* no error check on purpose, dummy round */ + wc_InitSha256(&sha256); /* no error check on purpose, dummy round */ for (i = 0; i < rounds; i++) { - Sha256Update(&sha256, data, sz); + wc_Sha256Update(&sha256, data, sz); /* no error check on purpose, dummy round */ } @@ -10137,12 +10137,12 @@ static void PickHashSigAlgo(WOLFSSL* ssl, if (sha == NULL) ERROR_OUT(MEMORY_E, done); #endif - ret = InitSha(sha); + ret = wc_InitSha(sha); if (ret != 0) goto done; - ShaUpdate(sha, ssl->arrays->clientRandom, RAN_LEN); - ShaUpdate(sha, ssl->arrays->serverRandom, RAN_LEN); - ShaUpdate(sha, messageVerify, verifySz); + wc_ShaUpdate(sha, ssl->arrays->clientRandom, RAN_LEN); + wc_ShaUpdate(sha, ssl->arrays->serverRandom, RAN_LEN); + wc_ShaUpdate(sha, messageVerify, verifySz); ShaFinal(sha, hash + MD5_DIGEST_SIZE); #endif @@ -10155,10 +10155,10 @@ static void PickHashSigAlgo(WOLFSSL* ssl, if (sha256 == NULL || hash256 == NULL) ERROR_OUT(MEMORY_E, done); #endif - if (!(ret = InitSha256(sha256)) - && !(ret = Sha256Update(sha256, ssl->arrays->clientRandom, RAN_LEN)) - && !(ret = Sha256Update(sha256, ssl->arrays->serverRandom, RAN_LEN)) - && !(ret = Sha256Update(sha256, messageVerify, verifySz))) + if (!(ret = wc_InitSha256(sha256)) + && !(ret = wc_Sha256Update(sha256, ssl->arrays->clientRandom, RAN_LEN)) + && !(ret = wc_Sha256Update(sha256, ssl->arrays->serverRandom, RAN_LEN)) + && !(ret = wc_Sha256Update(sha256, messageVerify, verifySz))) ret = Sha256Final(sha256, hash256); if (ret != 0) goto done; @@ -10209,7 +10209,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl, #endif /*HAVE_PK_CALLBACKS */ } else - verifiedSz = RsaSSL_VerifyInline((byte *)input + *inOutIdx, + verifiedSz = wc_RsaSSL_VerifyInline((byte *)input + *inOutIdx, length, &out, ssl->peerRsaKey); if (IsAtLeastTLSv1_2(ssl)) { @@ -10441,7 +10441,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl, #endif /*HAVE_PK_CALLBACKS */ } else { - ret = RsaPublicEncrypt(ssl->arrays->preMasterSecret, + ret = wc_RsaPublicEncrypt(ssl->arrays->preMasterSecret, SECRET_LEN, encSecret, MAX_ENCRYPT_SZ, ssl->peerRsaKey, ssl->rng); if (ret > 0) { @@ -10928,13 +10928,13 @@ static void PickHashSigAlgo(WOLFSSL* ssl, wc_ecc_init(&eccKey); #endif #ifndef NO_RSA - ret = InitRsaKey(&key, ssl->heap); + ret = wc_InitRsaKey(&key, ssl->heap); if (ret == 0) initRsaKey = 1; if (ret == 0) - ret = RsaPrivateKeyDecode(ssl->buffers.key.buffer, &idx, &key, + ret = wc_RsaPrivateKeyDecode(ssl->buffers.key.buffer, &idx, &key, ssl->buffers.key.length); if (ret == 0) - sigOutSz = RsaEncryptSize(&key); + sigOutSz = wc_RsaEncryptSize(&key); else #endif { @@ -10976,7 +10976,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl, if (encodedSig == NULL) { #ifndef NO_RSA if (initRsaKey) - FreeRsaKey(&key); + wc_FreeRsaKey(&key); #endif #ifdef HAVE_ECC wc_ecc_free(&eccKey); @@ -11127,7 +11127,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl, #endif /*HAVE_PK_CALLBACKS */ } else { - ret = RsaSSL_Sign(signBuffer, signSz, verify + extraSz + + ret = wc_RsaSSL_Sign(signBuffer, signSz, verify + extraSz + VERIFY_HEADER, ENCRYPT_LEN, &key, ssl->rng); } @@ -11184,7 +11184,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl, } #ifndef NO_RSA if (initRsaKey) - FreeRsaKey(&key); + wc_FreeRsaKey(&key); #endif #ifdef HAVE_ECC wc_ecc_free(&eccKey); @@ -11671,7 +11671,7 @@ int DoSessionTicket(WOLFSSL* ssl, preSigIdx = idx; #ifndef NO_RSA - ret = InitRsaKey(&rsaKey, ssl->heap); + ret = wc_InitRsaKey(&rsaKey, ssl->heap); if (ret != 0) goto done_a; #endif @@ -11683,7 +11683,7 @@ int DoSessionTicket(WOLFSSL* ssl, if (!ssl->buffers.key.buffer) { #ifndef NO_RSA - FreeRsaKey(&rsaKey); + wc_FreeRsaKey(&rsaKey); #endif wc_ecc_free(&dsaKey); ERROR_OUT(NO_PRIVATE_KEY, done_a); @@ -11693,11 +11693,11 @@ int DoSessionTicket(WOLFSSL* ssl, if (ssl->specs.sig_algo == rsa_sa_algo) { /* rsa sig size */ word32 i = 0; - ret = RsaPrivateKeyDecode(ssl->buffers.key.buffer, &i, + ret = wc_RsaPrivateKeyDecode(ssl->buffers.key.buffer, &i, &rsaKey, ssl->buffers.key.length); if (ret != 0) goto done_a; - sigSz = RsaEncryptSize(&rsaKey); + sigSz = wc_RsaEncryptSize(&rsaKey); } else #endif @@ -11829,12 +11829,12 @@ int DoSessionTicket(WOLFSSL* ssl, if (sha == NULL) ERROR_OUT(MEMORY_E, done_a2); #endif - ret = InitSha(sha); + ret = wc_InitSha(sha); if (ret != 0) goto done_a2; - ShaUpdate(sha, ssl->arrays->clientRandom, RAN_LEN); - ShaUpdate(sha, ssl->arrays->serverRandom, RAN_LEN); - ShaUpdate(sha, output + preSigIdx, preSigSz); + wc_ShaUpdate(sha, ssl->arrays->clientRandom, RAN_LEN); + wc_ShaUpdate(sha, ssl->arrays->serverRandom, RAN_LEN); + wc_ShaUpdate(sha, output + preSigIdx, preSigSz); ShaFinal(sha, &hash[MD5_DIGEST_SIZE]); #endif @@ -11848,12 +11848,12 @@ int DoSessionTicket(WOLFSSL* ssl, ERROR_OUT(MEMORY_E, done_a2); #endif - if (!(ret = InitSha256(sha256)) - && !(ret = Sha256Update(sha256, ssl->arrays->clientRandom, + if (!(ret = wc_InitSha256(sha256)) + && !(ret = wc_Sha256Update(sha256, ssl->arrays->clientRandom, RAN_LEN)) - && !(ret = Sha256Update(sha256, ssl->arrays->serverRandom, + && !(ret = wc_Sha256Update(sha256, ssl->arrays->serverRandom, RAN_LEN)) - && !(ret = Sha256Update(sha256, output + preSigIdx, preSigSz))) + && !(ret = wc_Sha256Update(sha256, output + preSigIdx, preSigSz))) ret = Sha256Final(sha256, hash256); if (ret != 0) @@ -11944,10 +11944,10 @@ int DoSessionTicket(WOLFSSL* ssl, #endif /*HAVE_PK_CALLBACKS */ } else - ret = RsaSSL_Sign(signBuffer, signSz, output + idx, + ret = wc_RsaSSL_Sign(signBuffer, signSz, output + idx, sigSz, &rsaKey, ssl->rng); - FreeRsaKey(&rsaKey); + wc_FreeRsaKey(&rsaKey); wc_ecc_free(&dsaKey); #ifdef WOLFSSL_SMALL_STACK @@ -12010,7 +12010,7 @@ int DoSessionTicket(WOLFSSL* ssl, output + LENGTH_SZ + idx, &sz, ssl->rng, &dsaKey); } #ifndef NO_RSA - FreeRsaKey(&rsaKey); + wc_FreeRsaKey(&rsaKey); #endif wc_ecc_free(&dsaKey); @@ -12135,7 +12135,7 @@ int DoSessionTicket(WOLFSSL* ssl, preSigSz = length; if (!ssl->options.usingAnon_cipher) { - ret = InitRsaKey(&rsaKey, ssl->heap); + ret = wc_InitRsaKey(&rsaKey, ssl->heap); if (ret != 0) return ret; /* sig length */ @@ -12144,14 +12144,14 @@ int DoSessionTicket(WOLFSSL* ssl, if (!ssl->buffers.key.buffer) return NO_PRIVATE_KEY; - ret = RsaPrivateKeyDecode(ssl->buffers.key.buffer, &i, &rsaKey, + ret = wc_RsaPrivateKeyDecode(ssl->buffers.key.buffer, &i, &rsaKey, ssl->buffers.key.length); if (ret == 0) { - sigSz = RsaEncryptSize(&rsaKey); + sigSz = wc_RsaEncryptSize(&rsaKey); length += sigSz; } else { - FreeRsaKey(&rsaKey); + wc_FreeRsaKey(&rsaKey); return ret; } @@ -12172,7 +12172,7 @@ int DoSessionTicket(WOLFSSL* ssl, /* check for available size */ if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) { if (!ssl->options.usingAnon_cipher) - FreeRsaKey(&rsaKey); + wc_FreeRsaKey(&rsaKey); return ret; } @@ -12284,12 +12284,12 @@ int DoSessionTicket(WOLFSSL* ssl, ERROR_OUT(MEMORY_E, done_b); #endif - if ((ret = InitSha(sha)) != 0) + if ((ret = wc_InitSha(sha)) != 0) goto done_b; - ShaUpdate(sha, ssl->arrays->clientRandom, RAN_LEN); - ShaUpdate(sha, ssl->arrays->serverRandom, RAN_LEN); - ShaUpdate(sha, output + preSigIdx, preSigSz); + wc_ShaUpdate(sha, ssl->arrays->clientRandom, RAN_LEN); + wc_ShaUpdate(sha, ssl->arrays->serverRandom, RAN_LEN); + wc_ShaUpdate(sha, output + preSigIdx, preSigSz); ShaFinal(sha, &hash[MD5_DIGEST_SIZE]); #endif @@ -12303,12 +12303,12 @@ int DoSessionTicket(WOLFSSL* ssl, ERROR_OUT(MEMORY_E, done_b); #endif - if (!(ret = InitSha256(sha256)) - && !(ret = Sha256Update(sha256, ssl->arrays->clientRandom, + if (!(ret = wc_InitSha256(sha256)) + && !(ret = wc_Sha256Update(sha256, ssl->arrays->clientRandom, RAN_LEN)) - && !(ret = Sha256Update(sha256, ssl->arrays->serverRandom, + && !(ret = wc_Sha256Update(sha256, ssl->arrays->serverRandom, RAN_LEN)) - && !(ret = Sha256Update(sha256, output + preSigIdx, preSigSz))) + && !(ret = wc_Sha256Update(sha256, output + preSigIdx, preSigSz))) ret = Sha256Final(sha256, hash256); if (ret != 0) @@ -12395,10 +12395,10 @@ int DoSessionTicket(WOLFSSL* ssl, #endif } else - ret = RsaSSL_Sign(signBuffer, signSz, output + idx, + ret = wc_RsaSSL_Sign(signBuffer, signSz, output + idx, sigSz, &rsaKey, ssl->rng); - FreeRsaKey(&rsaKey); + wc_FreeRsaKey(&rsaKey); #ifdef WOLFSSL_SMALL_STACK XFREE(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER); @@ -12618,12 +12618,12 @@ int DoSessionTicket(WOLFSSL* ssl, wc_Md5Update(&ssl->hashMd5, input + idx, sz); #endif #ifndef NO_SHA - ShaUpdate(&ssl->hashSha, input + idx, sz); + wc_ShaUpdate(&ssl->hashSha, input + idx, sz); #endif #endif #ifndef NO_SHA256 if (IsAtLeastTLSv1_2(ssl)) { - int shaRet = Sha256Update(&ssl->hashSha256, input + idx, sz); + int shaRet = wc_Sha256Update(&ssl->hashSha256, input + idx, sz); if (shaRet != 0) return shaRet; @@ -13122,7 +13122,7 @@ int DoSessionTicket(WOLFSSL* ssl, #endif /*HAVE_PK_CALLBACKS */ } else { - outLen = RsaSSL_VerifyInline(input + *inOutIdx, sz, &out, + outLen = wc_RsaSSL_VerifyInline(input + *inOutIdx, sz, &out, ssl->peerRsaKey); } @@ -13391,17 +13391,17 @@ int DoSessionTicket(WOLFSSL* ssl, doUserRsa = 1; #endif - ret = InitRsaKey(&key, ssl->heap); + ret = wc_InitRsaKey(&key, ssl->heap); if (ret != 0) return ret; if (ssl->buffers.key.buffer) - ret = RsaPrivateKeyDecode(ssl->buffers.key.buffer, &idx, + ret = wc_RsaPrivateKeyDecode(ssl->buffers.key.buffer, &idx, &key, ssl->buffers.key.length); else return NO_PRIVATE_KEY; if (ret == 0) { - length = RsaEncryptSize(&key); + length = wc_RsaEncryptSize(&key); ssl->arrays->preMasterSz = SECRET_LEN; if (ssl->options.tls) { @@ -13415,14 +13415,14 @@ int DoSessionTicket(WOLFSSL* ssl, if ((word32) check != length) { WOLFSSL_MSG("RSA explicit size doesn't match"); - FreeRsaKey(&key); + wc_FreeRsaKey(&key); return RSA_PRIVATE_ERROR; } } if ((*inOutIdx - begin) + length > size) { WOLFSSL_MSG("RSA message too big"); - FreeRsaKey(&key); + wc_FreeRsaKey(&key); return BUFFER_ERROR; } @@ -13436,7 +13436,7 @@ int DoSessionTicket(WOLFSSL* ssl, #endif } else { - ret = RsaPrivateDecryptInline(input + *inOutIdx, length, + ret = wc_RsaPrivateDecryptInline(input + *inOutIdx, length, &out, &key); } @@ -13457,7 +13457,7 @@ int DoSessionTicket(WOLFSSL* ssl, } } - FreeRsaKey(&key); + wc_FreeRsaKey(&key); } break; #endif diff --git a/src/ssl.c b/src/ssl.c index cb174fde9..0d4267db4 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -2516,9 +2516,9 @@ static int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, return MEMORY_E; #endif - ret = InitRsaKey(key, 0); + ret = wc_InitRsaKey(key, 0); if (ret == 0) { - if (RsaPrivateKeyDecode(der.buffer, &idx, key, der.length) != + if (wc_RsaPrivateKeyDecode(der.buffer, &idx, key, der.length) != 0) { #ifdef HAVE_ECC /* could have DER ECC (or pkcs8 ecc), no easy way to tell */ @@ -2532,7 +2532,7 @@ static int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, } } - FreeRsaKey(key); + wc_FreeRsaKey(key); #ifdef WOLFSSL_SMALL_STACK XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); @@ -11192,7 +11192,7 @@ void wolfSSL_RSA_free(WOLFSSL_RSA* rsa) if (rsa) { if (rsa->internal) { - FreeRsaKey((RsaKey*)rsa->internal); + wc_FreeRsaKey((RsaKey*)rsa->internal); XFREE(rsa->internal, NULL, DYNAMIC_TYPE_RSA); rsa->internal = NULL; } diff --git a/src/tls.c b/src/tls.c index e899f070b..3017500d7 100644 --- a/src/tls.c +++ b/src/tls.c @@ -336,7 +336,7 @@ int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) if (IsAtLeastTLSv1_2(ssl)) { #ifndef NO_SHA256 if (ssl->specs.mac_algorithm <= sha256_mac) { - int ret = Sha256Final(&ssl->hashSha256, handshake_hash); + int ret = wc_Sha256Final(&ssl->hashSha256, handshake_hash); if (ret != 0) return ret; diff --git a/testsuite/testsuite.c b/testsuite/testsuite.c index f301c83a1..abd41f319 100644 --- a/testsuite/testsuite.c +++ b/testsuite/testsuite.c @@ -364,9 +364,9 @@ void file_test(const char* file, byte* check) byte buf[1024]; byte shasum[SHA256_DIGEST_SIZE]; - ret = InitSha256(&sha256); + ret = wc_InitSha256(&sha256); if (ret != 0) { - printf("Can't InitSha256 %d\n", ret); + printf("Can't wc_InitSha256 %d\n", ret); return; } if( !( f = fopen( file, "rb" ) )) { @@ -374,16 +374,16 @@ void file_test(const char* file, byte* check) return; } while( ( i = (int)fread(buf, 1, sizeof(buf), f )) > 0 ) { - ret = Sha256Update(&sha256, buf, i); + ret = wc_Sha256Update(&sha256, buf, i); if (ret != 0) { - printf("Can't Sha256Update %d\n", ret); + printf("Can't wc_Sha256Update %d\n", ret); return; } } - ret = Sha256Final(&sha256, shasum); + ret = wc_Sha256Final(&sha256, shasum); if (ret != 0) { - printf("Can't Sha256Final %d\n", ret); + printf("Can't wc_Sha256Final %d\n", ret); return; } diff --git a/wolfcrypt/src/des3.c b/wolfcrypt/src/des3.c index 4d89b9006..6069b2000 100644 --- a/wolfcrypt/src/des3.c +++ b/wolfcrypt/src/des3.c @@ -140,10 +140,10 @@ void wc_Des3_FreeCavium(Des3* des3) #ifdef HAVE_CAVIUM - static int Des3_CaviumSetKey(Des3* des3, const byte* key, const byte* iv); - static int Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in, + static int wc_Des3_CaviumSetKey(Des3* des3, const byte* key, const byte* iv); + static int wc_Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in, word32 length); - static int Des3_CaviumCbcDecrypt(Des3* des3, byte* out, const byte* in, + static int wc_Des3_CaviumCbcDecrypt(Des3* des3, byte* out, const byte* in, word32 length); #endif @@ -171,7 +171,7 @@ void wc_Des3_FreeCavium(Des3* des3) return 0; } - int Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) + int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) { word32 *dkey1 = des->key[0]; word32 *dkey2 = des->key[1]; @@ -185,7 +185,7 @@ void wc_Des3_FreeCavium(Des3* des3) ByteReverseWords(dkey2, dkey2, 8); ByteReverseWords(dkey3, dkey3, 8); - return Des3_SetIV(des, iv); + return wc_Des3_SetIV(des, iv); } void DesCrypt(Des* des, byte* out, const byte* in, word32 sz, @@ -361,13 +361,13 @@ void wc_Des3_FreeCavium(Des3* des3) } - int Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) + int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) { Des3Crypt(des, out, in, sz, DES_ENCRYPTION); return 0; } - int Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) + int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) { Des3Crypt(des, out, in, sz, DES_DECRYPTION); return 0; @@ -501,14 +501,14 @@ int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz) return 0; } -int Des3_CbcEncrypt(Des3* des3, byte* out, const byte* in, word32 sz) +int wc_Des3_CbcEncrypt(Des3* des3, byte* out, const byte* in, word32 sz) { wc_Des_Cbc(out, in, sz, (byte *)des3->key, (byte *)des3->reg, SEC_DESC_DES3_CBC_ENCRYPT) ; return 0; } -int Des3_CbcDecrypt(Des3* des3, byte* out, const byte* in, word32 sz) +int wc_Des3_CbcDecrypt(Des3* des3, byte* out, const byte* in, word32 sz) { wc_Des_Cbc(out, in, sz, (byte *)des3->key, (byte *)des3->reg, SEC_DESC_DES3_CBC_DECRYPT) ; return 0; @@ -566,7 +566,7 @@ int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir) return 0; } -int Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir) +int wc_Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir) { if(desBuffIn == NULL) { @@ -630,7 +630,7 @@ int Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir) return 0; } - int Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) + int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) { int i = 0, ret = 0; byte* dkey1 = (byte*)des->key[0]; @@ -641,7 +641,7 @@ int Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir) XMEMCPY(dkey2, key + 8, 8); /* set key 2 */ XMEMCPY(dkey3, key + 16, 8); /* set key 3 */ - ret = Des3_SetIV(des, iv); + ret = wc_Des3_SetIV(des, iv); if (ret != 0) return ret; @@ -728,7 +728,7 @@ int Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir) return 0; } - int Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) + int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) { int i; int offset = 0; @@ -766,7 +766,7 @@ int Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir) return 0; } - int Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) + int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) { int i; int offset = 0; @@ -810,7 +810,7 @@ int Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir) #include "wolfssl/ctaocrypt/port/pic32/pic32mz-crypt.h" void wc_Des_SetIV(Des* des, const byte* iv); -int Des3_SetIV(Des3* des, const byte* iv); +int wc_Des3_SetIV(Des3* des, const byte* iv); int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir) { @@ -825,7 +825,7 @@ int Des3_SetIV(Des3* des, const byte* iv); return 0; } - int Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) + int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) { word32 *dkey1 = des->key[0]; word32 *dreg = des->reg ; @@ -930,14 +930,14 @@ int Des3_SetIV(Des3* des, const byte* iv); return 0; } - int Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) + int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) { DesCrypt(des->key[0], des->reg, out, in, sz, PIC32_ENCRYPTION, PIC32_ALGO_TDES, PIC32_CRYPTOALGO_TCBC); return 0; } - int Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) + int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) { DesCrypt(des->key[0], des->reg, out, in, sz, PIC32_DECRYPTION, PIC32_ALGO_TDES, PIC32_CRYPTOALGO_TCBC); @@ -1267,13 +1267,13 @@ int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir) } -int Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) +int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) { int ret; #ifdef HAVE_CAVIUM if (des->magic == WOLFSSL_3DES_CAVIUM_MAGIC) - return Des3_CaviumSetKey(des, key, iv); + return wc_Des3_CaviumSetKey(des, key, iv); #endif ret = DesSetKey(key + (dir == DES_ENCRYPTION ? 0:16), dir, des->key[0]); @@ -1288,7 +1288,7 @@ int Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) if (ret != 0) return ret; - return Des3_SetIV(des, iv); + return wc_Des3_SetIV(des, iv); } @@ -1412,13 +1412,13 @@ int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz) } -int Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) +int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) { word32 blocks; #ifdef HAVE_CAVIUM if (des->magic == WOLFSSL_3DES_CAVIUM_MAGIC) - return Des3_CaviumCbcEncrypt(des, out, in, sz); + return wc_Des3_CaviumCbcEncrypt(des, out, in, sz); #endif blocks = sz / DES_BLOCK_SIZE; @@ -1434,13 +1434,13 @@ int Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) } -int Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) +int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) { word32 blocks; #ifdef HAVE_CAVIUM if (des->magic == WOLFSSL_3DES_CAVIUM_MAGIC) - return Des3_CaviumCbcDecrypt(des, out, in, sz); + return wc_Des3_CaviumCbcDecrypt(des, out, in, sz); #endif blocks = sz / DES_BLOCK_SIZE; @@ -1513,7 +1513,7 @@ int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz, } -int Des3_SetIV(Des3* des, const byte* iv) +int wc_Des3_SetIV(Des3* des, const byte* iv) { if (des && iv) XMEMCPY(des->reg, iv, DES_BLOCK_SIZE); @@ -1524,7 +1524,7 @@ int Des3_SetIV(Des3* des, const byte* iv) } -int Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz, +int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz, const byte* key, const byte* iv) { int ret = 0; @@ -1540,9 +1540,9 @@ int Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz, return MEMORY_E; #endif - ret = Des3_SetKey(des3, key, iv, DES_DECRYPTION); + ret = wc_Des3_SetKey(des3, key, iv, DES_DECRYPTION); if (ret == 0) - ret = Des3_CbcDecrypt(des3, out, in, sz); + ret = wc_Des3_CbcDecrypt(des3, out, in, sz); #ifdef WOLFSSL_SMALL_STACK XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER); @@ -1586,7 +1586,7 @@ void wc_Des3_FreeCavium(Des3* des3) } -static int Des3_CaviumSetKey(Des3* des3, const byte* key, const byte* iv) +static int wc_Des3_CaviumSetKey(Des3* des3, const byte* key, const byte* iv) { if (des3 == NULL) return -1; @@ -1594,11 +1594,11 @@ static int Des3_CaviumSetKey(Des3* des3, const byte* key, const byte* iv) /* key[0] holds key, iv in reg */ XMEMCPY(des3->key[0], key, DES_BLOCK_SIZE*3); - return Des3_SetIV(des3, iv); + return wc_Des3_SetIV(des3, iv); } -static int Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in, +static int wc_Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in, word32 length) { wolfssl_word offset = 0; @@ -1632,7 +1632,7 @@ static int Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in, return 0; } -static int Des3_CaviumCbcDecrypt(Des3* des3, byte* out, const byte* in, +static int wc_Des3_CaviumCbcDecrypt(Des3* des3, byte* out, const byte* in, word32 length) { word32 requestId; diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index 89e89b2d0..e6e07811a 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -306,9 +306,9 @@ static int Hash_gen(DRBG* drbg, byte* out, word32 outSz, const byte* V) XMEMCPY(data, V, sizeof(data)); for (i = 0; i < len; i++) { - if (InitSha256(&drbg->sha) != 0 || - Sha256Update(&drbg->sha, data, sizeof(data)) != 0 || - Sha256Final(&drbg->sha, drbg->digest) != 0) { + if (wc_InitSha256(&drbg->sha) != 0 || + wc_Sha256Update(&drbg->sha, data, sizeof(data)) != 0 || + wc_Sha256Final(&drbg->sha, drbg->digest) != 0) { return DRBG_FAILURE; } @@ -381,10 +381,10 @@ static int Hash_DRBG_Generate(DRBG* drbg, byte* out, word32 outSz) ret = Hash_gen(drbg, out, outSz, drbg->V); if (ret == DRBG_SUCCESS) { - if (InitSha256(&drbg->sha) != 0 || - Sha256Update(&drbg->sha, &type, sizeof(type)) != 0 || - Sha256Update(&drbg->sha, drbg->V, sizeof(drbg->V)) != 0 || - Sha256Final(&drbg->sha, drbg->digest) != 0) { + if (wc_InitSha256(&drbg->sha) != 0 || + wc_Sha256Update(&drbg->sha, &type, sizeof(type)) != 0 || + wc_Sha256Update(&drbg->sha, drbg->V, sizeof(drbg->V)) != 0 || + wc_Sha256Final(&drbg->sha, drbg->digest) != 0) { ret = DRBG_FAILURE; } diff --git a/wolfssl/wolfcrypt/hmac.h b/wolfssl/wolfcrypt/hmac.h index 6a80cf5e7..a32e9b48e 100644 --- a/wolfssl/wolfcrypt/hmac.h +++ b/wolfssl/wolfcrypt/hmac.h @@ -27,32 +27,32 @@ #include +#include + +#ifndef NO_MD5 + #include +#endif + +//#ifndef NO_SHA + #include +//#endif + +//#ifndef NO_SHA256 + #include +//#endif + +//#ifdef WOLFSSL_SHA512 + #include +//#endif + +#ifdef HAVE_BLAKE2 + #include +#endif + #ifdef HAVE_FIPS /* for fips */ #include -#else - #include - - #ifndef NO_MD5 - #include - #endif - - //#ifndef NO_SHA - #include - //#endif - - //#ifndef NO_SHA256 - #include - //#endif - - //#ifdef WOLFSSL_SHA512 - #include - //#endif - - #ifdef HAVE_BLAKE2 - #include - #endif -#endif /* HAVE_FIPS */ +#endif #ifdef HAVE_CAVIUM #include diff --git a/wolfssl/wolfcrypt/logging.h b/wolfssl/wolfcrypt/logging.h index cb0126cef..8b7f32dd4 100644 --- a/wolfssl/wolfcrypt/logging.h +++ b/wolfssl/wolfcrypt/logging.h @@ -84,5 +84,5 @@ #define WOLFSSL_ENTER CYASSL_ENTER #define WOLFSSL_MSG CYASSL_MSG #endif -#endif /* WOLFSSL_MEMORY_H */ +#endif /* WOLFSSL_LOGGING_H */ diff --git a/wolfssl/wolfcrypt/random.h b/wolfssl/wolfcrypt/random.h index 119a0d75c..117ff7983 100644 --- a/wolfssl/wolfcrypt/random.h +++ b/wolfssl/wolfcrypt/random.h @@ -25,13 +25,90 @@ #include +#ifdef HAVE_FIPS /* for fips */ #include +#endif #ifdef __cplusplus extern "C" { #endif +#ifndef HAVE_FIPS +#if defined(HAVE_HASHDRBG) || defined(NO_RC4) + #ifdef NO_SHA256 + #error "Hash DRBG requires SHA-256." + #endif /* NO_SHA256 */ + + #include +#else /* HAVE_HASHDRBG || NO_RC4 */ + #include +#endif /* HAVE_HASHDRBG || NO_RC4 */ + +#if defined(USE_WINDOWS_API) + #if defined(_WIN64) + typedef unsigned __int64 ProviderHandle; + /* type HCRYPTPROV, avoid #include */ + #else + typedef unsigned long ProviderHandle; + #endif +#endif + + +/* OS specific seeder */ +typedef struct OS_Seed { + #if defined(USE_WINDOWS_API) + ProviderHandle handle; + #else + int fd; + #endif +} OS_Seed; + + +#if defined(WOLFSSL_MDK_ARM) +#undef RNG +#define RNG wolfSSL_RNG /* for avoiding name conflict in "stm32f2xx.h" */ +#endif + + +#if defined(HAVE_HASHDRBG) || defined(NO_RC4) + + +#define DRBG_SEED_LEN (440/8) + + +struct DRBG; /* Private DRBG state */ + + +/* Hash-based Deterministic Random Bit Generator */ +typedef struct RNG { + OS_Seed seed; + struct DRBG* drbg; + byte status; +} RNG; + + +#else /* HAVE_HASHDRBG || NO_RC4 */ + + +#define WOLFSSL_RNG_CAVIUM_MAGIC 0xBEEF0004 + +/* secure Random Number Generator */ + + +typedef struct RNG { + OS_Seed seed; + Arc4 cipher; +#ifdef HAVE_CAVIUM + int devId; /* nitrox device id */ + word32 magic; /* using cavium magic */ +#endif +} RNG; + + +#endif /* HAVE_HASH_DRBG || NO_RC4 */ + +#endif /* HAVE_FIPS */ WOLFSSL_LOCAL int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz); diff --git a/wolfssl/wolfcrypt/rsa.h b/wolfssl/wolfcrypt/rsa.h index 923d93408..3840af174 100644 --- a/wolfssl/wolfcrypt/rsa.h +++ b/wolfssl/wolfcrypt/rsa.h @@ -24,19 +24,53 @@ #ifndef WOLF_CRYPT_RSA_H #define WOLF_CRYPT_RSA_H -#include - +#ifdef HAVE_FIPS /* for fips @wc_fips */ #include #if defined(CYASSL_KEY_GEN) && !defined(WOLFSSL_KEY_GEN) #define WOLFSSL_KEY_GEN #endif - +#else + #include + #include + #include +#endif #ifdef __cplusplus extern "C" { #endif +#ifndef HAVE_FIPS +#define WOLFSSL_RSA_CAVIUM_MAGIC 0xBEEF0006 + +enum { + RSA_PUBLIC = 0, + RSA_PRIVATE = 1 +}; + +/* RSA */ +typedef struct RsaKey { + mp_int n, e, d, p, q, dP, dQ, u; + int type; /* public or private */ + void* heap; /* for user memory overrides */ +#ifdef HAVE_CAVIUM + int devId; /* nitrox device id */ + word32 magic; /* using cavium magic */ + word64 contextHandle; /* nitrox context memory handle */ + byte* c_n; /* cavium byte buffers for key parts */ + byte* c_e; + byte* c_d; + byte* c_p; + byte* c_q; + byte* c_dP; + byte* c_dQ; + byte* c_u; /* sizes in bytes */ + word16 c_nSz, c_eSz, c_dSz, c_pSz, c_qSz, c_dP_Sz, c_dQ_Sz, c_uSz; +#endif +} RsaKey; +#endif /*HAVE_FIPS */ + + WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void*); WOLFSSL_API int wc_FreeRsaKey(RsaKey* key); diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 474a17f26..7b186e0eb 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -30,6 +30,11 @@ extern "C" { #endif +#define CYASSL_SHA512 +//WOLFSSL_SHA512 +#define CYASSL_SHA384 +//WOLFSSL_SHA384 + /* Uncomment next line if using IPHONE */ /* #define IPHONE */ diff --git a/wolfssl/wolfcrypt/sha256.h b/wolfssl/wolfcrypt/sha256.h index 33dbd8154..8df852de6 100644 --- a/wolfssl/wolfcrypt/sha256.h +++ b/wolfssl/wolfcrypt/sha256.h @@ -26,16 +26,46 @@ #ifndef WOLF_CRYPT_SHA256_H #define WOLF_CRYPT_SHA256_H - +#ifdef HAVE_FIPS /* for fips */ #include +#endif -//#ifndef HAVE_FIPS #include + #ifdef __cplusplus extern "C" { #endif +#ifndef HAVE_FIPS +#ifdef WOLFSSL_PIC32MZ_HASH +#include "port/pic32/pic32mz-crypt.h" +#endif + + +/* in bytes */ +enum { + SHA256 = 2, /* hash type unique */ + SHA256_BLOCK_SIZE = 64, + SHA256_DIGEST_SIZE = 32, + SHA256_PAD_SIZE = 56 +}; + + +/* Sha256 digest */ +typedef struct Sha256 { + word32 buffLen; /* in bytes */ + word32 loLen; /* length in bytes */ + word32 hiLen; /* length in bytes */ + word32 digest[SHA256_DIGEST_SIZE / sizeof(word32)]; + word32 buffer[SHA256_BLOCK_SIZE / sizeof(word32)]; + #ifdef WOLFSSL_PIC32MZ_HASH + pic32mz_desc desc ; /* Crypt Engine descripter */ + #endif +} Sha256; + +#endif /* HAVE_FIPS */ + WOLFSSL_API int wc_InitSha256(Sha256*); WOLFSSL_API int wc_Sha256Update(Sha256*, const byte*, word32); WOLFSSL_API int wc_Sha256Final(Sha256*, byte*); diff --git a/wolfssl/wolfcrypt/sha512.h b/wolfssl/wolfcrypt/sha512.h index 927345695..fe4f7b3e2 100644 --- a/wolfssl/wolfcrypt/sha512.h +++ b/wolfssl/wolfcrypt/sha512.h @@ -27,7 +27,7 @@ #define WOLFSSL_SHA384 #endif -#ifdef WOLFSSL_SHA512 +//#ifdef WOLFSSL_SHA512 #ifndef WOLF_CRYPT_SHA512_H #define WOLF_CRYPT_SHA512_H @@ -41,6 +41,7 @@ #if !defined(CYASSL_SHA384) && defined(WOLFSSL_SHA384) #define CYASSL_SHA384 #endif + /* for fips */ #ifdef HAVE_FIPS #include @@ -76,7 +77,7 @@ WOLFSSL_API int wc_Sha512Update(Sha512*, const byte*, word32); WOLFSSL_API int wc_Sha512Final(Sha512*, byte*); WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*); -#if defined(WOLFSSL_SHA384) || defined(HAVE_AESGCM) +//#if defined(WOLFSSL_SHA384) || defined(HAVE_AESGCM) #ifndef HAVE_FIPS /* in bytes */ @@ -130,11 +131,12 @@ WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*); #endif /* HAVE_FIPS */ -#endif /* WOLFSSL_SHA384 */ +//#endif /* WOLFSSL_SHA384 */ #ifdef __cplusplus } /* extern "C" */ #endif #endif /* WOLF_CRYPT_SHA512_H */ -#endif /* WOLFSSL_SHA512 */ +//#endif /* WOLFSSL_SHA512 */ +