mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 16:55:43 +01:00
Make hmac_ctx optional
Note from future self: actually md_init_ctx will be re-introduced with the same signature later, and a new function with the additional argument will be added.
This commit is contained in:
parent
dfb3dc8b53
commit
4063ceb281
@ -6,6 +6,7 @@ Features
|
||||
* Support for DTLS 1.0 and 1.2 (RFC 6347).
|
||||
|
||||
API Changes
|
||||
* md_init_ctx() gained a new argument for optional hmac usage
|
||||
* Removed individual mdX_hmac and shaX_hmac functions (use generic
|
||||
md_hmac functions from md.h)
|
||||
* Change md_info_t into an opaque structure (use md_get_xxx() accessors).
|
||||
|
@ -142,12 +142,14 @@ void md_free( md_context_t *ctx );
|
||||
* digest-specific context (ctx->md_ctx) must be NULL. It will
|
||||
* be allocated, and must be freed using md_free() later.
|
||||
* \param md_info message digest to use.
|
||||
* \param hmac non-zero if you want to use this context for hmac too,
|
||||
* zero otherwise (saves some memory).
|
||||
*
|
||||
* \returns \c 0 on success, \c POLARSSL_ERR_MD_BAD_INPUT_DATA on
|
||||
* parameter failure, \c POLARSSL_ERR_MD_ALLOC_FAILED if
|
||||
* allocation of the digest-specific context failed.
|
||||
*/
|
||||
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info );
|
||||
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info, int hmac );
|
||||
|
||||
/**
|
||||
* \brief Returns the size of the message digest output.
|
||||
|
@ -97,7 +97,7 @@ int hmac_drbg_init_buf( hmac_drbg_context *ctx,
|
||||
|
||||
md_init( &ctx->md_ctx );
|
||||
|
||||
if( ( ret = md_init_ctx( &ctx->md_ctx, md_info ) ) != 0 )
|
||||
if( ( ret = md_init_ctx( &ctx->md_ctx, md_info, 1 ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
/*
|
||||
@ -171,7 +171,7 @@ int hmac_drbg_init( hmac_drbg_context *ctx,
|
||||
|
||||
md_init( &ctx->md_ctx );
|
||||
|
||||
if( ( ret = md_init_ctx( &ctx->md_ctx, md_info ) ) != 0 )
|
||||
if( ( ret = md_init_ctx( &ctx->md_ctx, md_info, 1 ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
md_size = md_get_size( md_info );
|
||||
|
15
library/md.c
15
library/md.c
@ -199,7 +199,7 @@ void md_free( md_context_t *ctx )
|
||||
polarssl_zeroize( ctx, sizeof( md_context_t ) );
|
||||
}
|
||||
|
||||
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info )
|
||||
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info, int hmac )
|
||||
{
|
||||
if( md_info == NULL || ctx == NULL )
|
||||
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
@ -209,11 +209,14 @@ int md_init_ctx( md_context_t *ctx, const md_info_t *md_info )
|
||||
if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
|
||||
return( POLARSSL_ERR_MD_ALLOC_FAILED );
|
||||
|
||||
ctx->hmac_ctx = polarssl_malloc( 2 * md_info->block_size );
|
||||
if( ctx->hmac_ctx == NULL )
|
||||
if( hmac != 0 )
|
||||
{
|
||||
md_info->ctx_free_func( ctx->md_ctx );
|
||||
return( POLARSSL_ERR_MD_ALLOC_FAILED );
|
||||
ctx->hmac_ctx = polarssl_malloc( 2 * md_info->block_size );
|
||||
if( ctx->hmac_ctx == NULL )
|
||||
{
|
||||
md_info->ctx_free_func( ctx->md_ctx );
|
||||
return( POLARSSL_ERR_MD_ALLOC_FAILED );
|
||||
}
|
||||
}
|
||||
|
||||
ctx->md_info = md_info;
|
||||
@ -382,7 +385,7 @@ int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
|
||||
|
||||
md_init( &ctx );
|
||||
|
||||
if( ( ret = md_init_ctx( &ctx, md_info ) ) != 0 )
|
||||
if( ( ret = md_init_ctx( &ctx, md_info, 1 ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
md_hmac_starts( &ctx, key, keylen );
|
||||
|
@ -268,7 +268,7 @@ int pkcs12_derivation( unsigned char *data, size_t datalen,
|
||||
|
||||
md_init( &md_ctx );
|
||||
|
||||
if( ( ret = md_init_ctx( &md_ctx, md_info ) ) != 0 )
|
||||
if( ( ret = md_init_ctx( &md_ctx, md_info, 0 ) ) != 0 )
|
||||
return( ret );
|
||||
hlen = md_get_size( md_info );
|
||||
|
||||
|
@ -189,7 +189,7 @@ int pkcs5_pbes2( const asn1_buf *pbe_params, int mode,
|
||||
|
||||
memcpy( iv, enc_scheme_params.p, enc_scheme_params.len );
|
||||
|
||||
if( ( ret = md_init_ctx( &md_ctx, md_info ) ) != 0 )
|
||||
if( ( ret = md_init_ctx( &md_ctx, md_info, 1 ) ) != 0 )
|
||||
goto exit;
|
||||
|
||||
if( ( ret = pkcs5_pbkdf2_hmac( &md_ctx, pwd, pwdlen, salt.p, salt.len,
|
||||
@ -365,7 +365,7 @@ int pkcs5_self_test( int verbose )
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = md_init_ctx( &sha1_ctx, info_sha1 ) ) != 0 )
|
||||
if( ( ret = md_init_ctx( &sha1_ctx, info_sha1, 1 ) ) != 0 )
|
||||
{
|
||||
ret = 1;
|
||||
goto exit;
|
||||
|
@ -556,7 +556,7 @@ int rsa_rsaes_oaep_encrypt( rsa_context *ctx,
|
||||
memcpy( p, input, ilen );
|
||||
|
||||
md_init( &md_ctx );
|
||||
md_init_ctx( &md_ctx, md_info );
|
||||
md_init_ctx( &md_ctx, md_info, 0 );
|
||||
|
||||
// maskedDB: Apply dbMask to DB
|
||||
//
|
||||
@ -725,7 +725,7 @@ int rsa_rsaes_oaep_decrypt( rsa_context *ctx,
|
||||
hlen = md_get_size( md_info );
|
||||
|
||||
md_init( &md_ctx );
|
||||
md_init_ctx( &md_ctx, md_info );
|
||||
md_init_ctx( &md_ctx, md_info, 0 );
|
||||
|
||||
/* Generate lHash */
|
||||
md( md_info, label, label_len, lhash );
|
||||
@ -969,7 +969,7 @@ int rsa_rsassa_pss_sign( rsa_context *ctx,
|
||||
p += slen;
|
||||
|
||||
md_init( &md_ctx );
|
||||
md_init_ctx( &md_ctx, md_info );
|
||||
md_init_ctx( &md_ctx, md_info, 0 );
|
||||
|
||||
// Generate H = Hash( M' )
|
||||
//
|
||||
@ -1201,7 +1201,7 @@ int rsa_rsassa_pss_verify_ext( rsa_context *ctx,
|
||||
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
md_init( &md_ctx );
|
||||
md_init_ctx( &md_ctx, md_info );
|
||||
md_init_ctx( &md_ctx, md_info, 0 );
|
||||
|
||||
mgf_mask( p, siglen - hlen - 1, p + siglen - hlen - 1, hlen, &md_ctx );
|
||||
|
||||
|
@ -2173,7 +2173,7 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
|
||||
* };
|
||||
*/
|
||||
if( ( ret = md_init_ctx( &ctx,
|
||||
md_info_from_type( md_alg ) ) ) != 0 )
|
||||
md_info_from_type( md_alg ), 0 ) ) != 0 )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "md_init_ctx", ret );
|
||||
return( ret );
|
||||
|
@ -104,7 +104,7 @@ int ssl_cookie_setup( ssl_cookie_ctx *ctx,
|
||||
if( ( ret = f_rng( p_rng, key, sizeof( key ) ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
ret = md_init_ctx( &ctx->hmac_ctx, md_info_from_type( COOKIE_MD ) );
|
||||
ret = md_init_ctx( &ctx->hmac_ctx, md_info_from_type( COOKIE_MD ), 1 );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
|
@ -3073,7 +3073,7 @@ curve_matching_done:
|
||||
* ServerDHParams params;
|
||||
* };
|
||||
*/
|
||||
if( ( ret = md_init_ctx( &ctx, md_info ) ) != 0 )
|
||||
if( ( ret = md_init_ctx( &ctx, md_info, 0 ) ) != 0 )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "md_init_ctx", ret );
|
||||
return( ret );
|
||||
|
@ -658,8 +658,8 @@ int ssl_derive_keys( ssl_context *ssl )
|
||||
int ret;
|
||||
|
||||
/* Initialize HMAC contexts */
|
||||
if( ( ret = md_init_ctx( &transform->md_ctx_enc, md_info ) ) != 0 ||
|
||||
( ret = md_init_ctx( &transform->md_ctx_dec, md_info ) ) != 0 )
|
||||
if( ( ret = md_init_ctx( &transform->md_ctx_enc, md_info, 1 ) ) != 0 ||
|
||||
( ret = md_init_ctx( &transform->md_ctx_dec, md_info, 1 ) ) != 0 )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "md_init_ctx", ret );
|
||||
return( ret );
|
||||
|
@ -101,7 +101,7 @@ int main( int argc, char *argv[] )
|
||||
aes_init( &aes_ctx );
|
||||
md_init( &sha_ctx );
|
||||
|
||||
ret = md_init_ctx( &sha_ctx, md_info_from_type( POLARSSL_MD_SHA256 ) );
|
||||
ret = md_init_ctx( &sha_ctx, md_info_from_type( POLARSSL_MD_SHA256 ), 1 );
|
||||
if( ret != 0 )
|
||||
{
|
||||
polarssl_printf( " ! md_init_ctx() returned -0x%04x\n", -ret );
|
||||
|
@ -185,7 +185,7 @@ int main( int argc, char *argv[] )
|
||||
polarssl_fprintf( stderr, "Message Digest '%s' not found\n", argv[5] );
|
||||
goto exit;
|
||||
}
|
||||
md_init_ctx( &md_ctx, md_info);
|
||||
md_init_ctx( &md_ctx, md_info, 1 );
|
||||
|
||||
/*
|
||||
* Read the secret key and clean the command line.
|
||||
|
@ -204,7 +204,7 @@ int main( int argc, char *argv[] )
|
||||
polarssl_fprintf( stderr, "Message Digest '%s' not found\n", argv[1] );
|
||||
return( 1 );
|
||||
}
|
||||
if( md_init_ctx( &md_ctx, md_info) )
|
||||
if( md_init_ctx( &md_ctx, md_info, 0 ) )
|
||||
{
|
||||
polarssl_fprintf( stderr, "Failed to initialize context.\n" );
|
||||
return( 1 );
|
||||
|
@ -29,7 +29,7 @@ void md_process( )
|
||||
{
|
||||
info = md_info_from_type( *md_type_ptr );
|
||||
TEST_ASSERT( info != NULL );
|
||||
TEST_ASSERT( md_init_ctx( &ctx, info ) == 0 );
|
||||
TEST_ASSERT( md_init_ctx( &ctx, info, 0 ) == 0 );
|
||||
TEST_ASSERT( md_process( &ctx, buf ) == 0 );
|
||||
md_free( &ctx );
|
||||
}
|
||||
@ -54,8 +54,8 @@ void md_null_args( )
|
||||
|
||||
TEST_ASSERT( md_info_from_string( NULL ) == NULL );
|
||||
|
||||
TEST_ASSERT( md_init_ctx( &ctx, NULL ) == POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
TEST_ASSERT( md_init_ctx( NULL, info ) == POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
TEST_ASSERT( md_init_ctx( &ctx, NULL, 0 ) == POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
TEST_ASSERT( md_init_ctx( NULL, info, 0 ) == POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
|
||||
TEST_ASSERT( md_starts( NULL ) == POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
TEST_ASSERT( md_starts( &ctx ) == POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
@ -195,7 +195,7 @@ void md_text_multi( char *text_md_name, char *text_src_string,
|
||||
strncpy( (char *) md_name, text_md_name, sizeof(md_name) - 1 );
|
||||
md_info = md_info_from_string(md_name);
|
||||
TEST_ASSERT( md_info != NULL );
|
||||
TEST_ASSERT ( 0 == md_init_ctx( &ctx, md_info ) );
|
||||
TEST_ASSERT ( 0 == md_init_ctx( &ctx, md_info, 0 ) );
|
||||
|
||||
TEST_ASSERT ( 0 == md_starts( &ctx ) );
|
||||
TEST_ASSERT ( ctx.md_ctx != NULL );
|
||||
@ -233,7 +233,7 @@ void md_hex_multi( char *text_md_name, char *hex_src_string,
|
||||
strncpy( (char *) md_name, text_md_name, sizeof(md_name) - 1 );
|
||||
md_info = md_info_from_string(md_name);
|
||||
TEST_ASSERT( md_info != NULL );
|
||||
TEST_ASSERT ( 0 == md_init_ctx( &ctx, md_info ) );
|
||||
TEST_ASSERT ( 0 == md_init_ctx( &ctx, md_info, 0 ) );
|
||||
|
||||
src_len = unhexify( src_str, hex_src_string );
|
||||
|
||||
@ -307,7 +307,7 @@ void md_hmac_multi( char *text_md_name, int trunc_size, char *hex_key_string,
|
||||
strncpy( (char *) md_name, text_md_name, sizeof(md_name) - 1 );
|
||||
md_info = md_info_from_string( md_name );
|
||||
TEST_ASSERT( md_info != NULL );
|
||||
TEST_ASSERT ( 0 == md_init_ctx( &ctx, md_info ) );
|
||||
TEST_ASSERT ( 0 == md_init_ctx( &ctx, md_info, 1 ) );
|
||||
|
||||
key_len = unhexify( key_str, hex_key_string );
|
||||
src_len = unhexify( src_str, hex_src_string );
|
||||
|
@ -36,7 +36,7 @@ void pbkdf2_hmac( int hash, char *hex_password_string,
|
||||
TEST_ASSERT( info != NULL );
|
||||
if( info == NULL )
|
||||
return;
|
||||
TEST_ASSERT( md_init_ctx( &ctx, info ) == 0 );
|
||||
TEST_ASSERT( md_init_ctx( &ctx, info, 1 ) == 0 );
|
||||
TEST_ASSERT( pkcs5_pbkdf2_hmac( &ctx, pw_str, pw_len, salt_str, salt_len,
|
||||
it_cnt, key_len, key ) == 0 );
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user