centralizing MAX_DIGEST_SIZE definition in hmac.h

ctaocrypt/src/pwdbased.c

@@ -106,11 +106,7 @@ int PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
     int    hLen;
     int    j;
     Hmac   hmac;
-#ifdef CYASSL_SHA512
-    byte   buffer[SHA512_DIGEST_SIZE];
-#else
-    byte   buffer[INNER_HASH_SIZE];  /* max size, doesn't handle 512 yet */
-#endif
+    byte   buffer[MAX_DIGEST_SIZE];
 
     if (hashType == MD5) {
         hLen = MD5_DIGEST_SIZE;

cyassl/ctaocrypt/hmac.h

@@ -78,19 +78,19 @@ enum {
 
 /* Select the largest available hash for the buffer size. */
 #if defined(CYASSL_SHA512)
-    INNER_HASH_SIZE = SHA512_DIGEST_SIZE,
+    MAX_DIGEST_SIZE = SHA512_DIGEST_SIZE,
     HMAC_BLOCK_SIZE = SHA512_BLOCK_SIZE
 #elif defined(CYASSL_SHA384)
-    INNER_HASH_SIZE = SHA384_DIGEST_SIZE,
+    MAX_DIGEST_SIZE = SHA384_DIGEST_SIZE,
     HMAC_BLOCK_SIZE = SHA384_BLOCK_SIZE
 #elif !defined(NO_SHA256)
-    INNER_HASH_SIZE = SHA256_DIGEST_SIZE,
+    MAX_DIGEST_SIZE = SHA256_DIGEST_SIZE,
     HMAC_BLOCK_SIZE = SHA256_BLOCK_SIZE
 #elif !defined(NO_SHA)
-    INNER_HASH_SIZE = SHA_DIGEST_SIZE,
+    MAX_DIGEST_SIZE = SHA_DIGEST_SIZE,
     HMAC_BLOCK_SIZE = SHA_BLOCK_SIZE
 #elif !defined(NO_MD5)
-    INNER_HASH_SIZE = MD5_DIGEST_SIZE,
+    MAX_DIGEST_SIZE = MD5_DIGEST_SIZE,
     HMAC_BLOCK_SIZE = MD5_BLOCK_SIZE
 #else
     #error "You have to have some kind of hash if you want to use HMAC."
@@ -122,7 +122,7 @@ typedef struct Hmac {
     Hash    hash;
     word32  ipad[HMAC_BLOCK_SIZE  / sizeof(word32)];  /* same block size all*/
     word32  opad[HMAC_BLOCK_SIZE  / sizeof(word32)];
-    word32  innerHash[INNER_HASH_SIZE / sizeof(word32)]; /* max size */
+    word32  innerHash[MAX_DIGEST_SIZE / sizeof(word32)];
     byte    macType;                                     /* md5 sha or sha256 */
     byte    innerHashKeyed;                              /* keyed flag */
 #ifdef HAVE_CAVIUM

cyassl/internal.h

@@ -37,6 +37,7 @@
 #include <cyassl/ctaocrypt/aes.h>
 #include <cyassl/ctaocrypt/camellia.h>
 #include <cyassl/ctaocrypt/logging.h>
+#include <cyassl/ctaocrypt/hmac.h>
 #ifndef NO_RC4
     #include <cyassl/ctaocrypt/arc4.h>
 #endif
@@ -519,17 +520,6 @@ enum {
 };
 
 
-#if defined(CYASSL_SHA384)
-    #define MAX_DIGEST_SIZE SHA384_DIGEST_SIZE
-#elif !defined(NO_SHA256)
-    #define MAX_DIGEST_SIZE SHA256_DIGEST_SIZE
-#elif !defined(NO_MD5) && !defined(NO_SHA)
-    #define MAX_DIGEST_SIZE (SHA_DIGEST_SIZE + MD5_DIGEST_SIZE)
-#else
-    #error "You have configured the build so there isn't any hashing."
-#endif
-
-
 enum Misc {
     ECC_BYTE =  0xC0,           /* ECC first cipher suite byte */
 

cyassl/test.h

@@ -1389,7 +1389,7 @@ static INLINE int myDecryptVerifyCb(CYASSL* ssl,
     unsigned int padByte = 0;
     Hmac hmac;
     byte myInner[CYASSL_TLS_HMAC_INNER_SZ];
-    byte verify[INNER_HASH_SIZE];
+    byte verify[MAX_DIGEST_SIZE];
     const char* tlsStr = "TLS";
 
     /* example supports (d)tls aes */

src/internal.c

@@ -98,7 +98,7 @@ typedef enum {
 } processReply;
 
 #ifndef NO_OLD_TLS
-static void Hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
+static void SSL_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
                  int content, int verify);
 
 #endif
@@ -1416,7 +1416,7 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
     ssl->options.resuming = 0;
     ssl->options.haveSessionId = 0;
     #ifndef NO_OLD_TLS
-        ssl->hmac = Hmac;         /* default to SSLv3 */
+        ssl->hmac = SSL_hmac; /* default to SSLv3 */
     #else
         ssl->hmac = TLS_hmac;
     #endif
@@ -3422,7 +3422,7 @@ static int DoHelloRequest(CYASSL* ssl, const byte* input, word32* inOutIdx)
         const byte* mac;
         int         padSz = ssl->keys.encryptSz - HANDSHAKE_HEADER_SZ - 
                             ssl->specs.hash_size;
-        byte        verify[SHA256_DIGEST_SIZE];
+        byte        verify[MAX_DIGEST_SIZE];
        
         ssl->hmac(ssl, verify, input + *inOutIdx - HANDSHAKE_HEADER_SZ,
                   HANDSHAKE_HEADER_SZ, handshake, 1);
@@ -4954,7 +4954,7 @@ int SendChangeCipher(CYASSL* ssl)
 
 
 #ifndef NO_OLD_TLS
-static void Hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
+static void SSL_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
                  int content, int verify)
 {
     byte   result[MAX_DIGEST_SIZE];