eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #6784 from valeriosetti/issue6702

Browse source 
Make SHA224_C/SHA384_C independent from SHA256_C/SHA512_C
This commit is contained in:
Manuel Pégourié-Gonnard 2023-01-03 09:36:58 +01:00 committed by GitHub
commit 7a389ddc84
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
21 changed files with 259 additions and 177 deletions
Download patch file Download diff file Expand all files Collapse all files

98
library/sha256.c
View file

@ -24,7 +24,7 @@
#include "common.h"
#if defined(MBEDTLS_SHA256_C)
#if defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA224_C)
#include "mbedtls/sha256.h"
#include "mbedtls/platform_util.h"
@ -167,12 +167,15 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
*/
int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
{
#if defined(MBEDTLS_SHA224_C)
#if defined(MBEDTLS_SHA224_C) && defined(MBEDTLS_SHA256_C)
if( is224 != 0 && is224 != 1 )
return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA;
#else
#elif defined(MBEDTLS_SHA256_C)
if( is224 != 0 )
return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA;
#else /* defined MBEDTLS_SHA224_C only */
if( is224 == 0 )
return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA;
#endif
ctx->total[0] = 0;
@ -180,7 +183,7 @@ int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
if( is224 == 0 )
{
/* SHA-256 */
#if defined(MBEDTLS_SHA256_C)
ctx->state[0] = 0x6A09E667;
ctx->state[1] = 0xBB67AE85;
ctx->state[2] = 0x3C6EF372;
@ -189,11 +192,11 @@ int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
ctx->state[5] = 0x9B05688C;
ctx->state[6] = 0x1F83D9AB;
ctx->state[7] = 0x5BE0CD19;
#endif
}
else
{
#if defined(MBEDTLS_SHA224_C)
/* SHA-224 */
ctx->state[0] = 0xC1059ED8;
ctx->state[1] = 0x367CD507;
ctx->state[2] = 0x3070DD17;
@ -205,7 +208,9 @@ int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
#endif
}
#if defined(MBEDTLS_SHA224_C)
ctx->is224 = is224;
#endif
return( 0 );
}
@ -678,12 +683,15 @@ int mbedtls_sha256( const unsigned char *input,
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_sha256_context ctx;
#if defined(MBEDTLS_SHA224_C)
#if defined(MBEDTLS_SHA224_C) && defined(MBEDTLS_SHA256_C)
if( is224 != 0 && is224 != 1 )
return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA;
#else
#elif defined(MBEDTLS_SHA256_C)
if( is224 != 0 )
return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA;
#else /* defined MBEDTLS_SHA224_C only */
if( is224 == 0 )
return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA;
#endif
mbedtls_sha256_init( &ctx );
@ -707,23 +715,26 @@ exit:
/*
* FIPS-180-2 test vectors
*/
static const unsigned char sha256_test_buf[3][57] =
static const unsigned char sha_test_buf[3][57] =
{
{ "abc" },
{ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
{ "" }
};
static const size_t sha256_test_buflen[3] =
static const size_t sha_test_buflen[3] =
{
3, 56, 1000
};
static const unsigned char sha256_test_sum[6][32] =
typedef const unsigned char (sha_test_sum_t)[32];
/*
* SHA-224 test vectors
*/
#if defined(MBEDTLS_SHA224_C)
static sha_test_sum_t sha224_test_sum[] =
{
/*
* SHA-224 test vectors
*/
{ 0x23, 0x09, 0x7D, 0x22, 0x34, 0x05, 0xD8, 0x22,
0x86, 0x42, 0xA4, 0x77, 0xBD, 0xA2, 0x55, 0xB3,
0x2A, 0xAD, 0xBC, 0xE4, 0xBD, 0xA0, 0xB3, 0xF7,
@ -735,11 +746,16 @@ static const unsigned char sha256_test_sum[6][32] =
{ 0x20, 0x79, 0x46, 0x55, 0x98, 0x0C, 0x91, 0xD8,
0xBB, 0xB4, 0xC1, 0xEA, 0x97, 0x61, 0x8A, 0x4B,
0xF0, 0x3F, 0x42, 0x58, 0x19, 0x48, 0xB2, 0xEE,
0x4E, 0xE7, 0xAD, 0x67 },
0x4E, 0xE7, 0xAD, 0x67 }
};
#endif
/*
* SHA-256 test vectors
*/
/*
* SHA-256 test vectors
*/
#if defined(MBEDTLS_SHA256_C)
static sha_test_sum_t sha256_test_sum[] =
{
{ 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA,
0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23,
0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17, 0x7A, 0x9C,
@ -753,17 +769,26 @@ static const unsigned char sha256_test_sum[6][32] =
0xF1, 0x80, 0x9A, 0x48, 0xA4, 0x97, 0x20, 0x0E,
0x04, 0x6D, 0x39, 0xCC, 0xC7, 0x11, 0x2C, 0xD0 }
};
#endif
/*
* Checkup routine
*/
int mbedtls_sha256_self_test( int verbose )
static int mbedtls_sha256_common_self_test( int verbose, int is224 )
{
int i, j, k, buflen, ret = 0;
int i, buflen, ret = 0;
unsigned char *buf;
unsigned char sha256sum[32];
mbedtls_sha256_context ctx;
#if defined(MBEDTLS_SHA224_C) && defined(MBEDTLS_SHA256_C)
sha_test_sum_t* sha_test_sum = ( is224 ) ? sha224_test_sum : sha256_test_sum;
#elif defined(MBEDTLS_SHA256_C)
sha_test_sum_t* sha_test_sum = sha256_test_sum;
#else
sha_test_sum_t* sha_test_sum = sha224_test_sum;
#endif
buf = mbedtls_calloc( 1024, sizeof(unsigned char) );
if( NULL == buf )
{
@ -775,22 +800,19 @@ int mbedtls_sha256_self_test( int verbose )
mbedtls_sha256_init( &ctx );
for( i = 0; i < 6; i++ )
for( i = 0; i < 3; i++ )
{
j = i % 3;
k = i < 3;
if( verbose != 0 )
mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 );
mbedtls_printf( " SHA-%d test #%d: ", 256 - is224 * 32, i + 1 );
if( ( ret = mbedtls_sha256_starts( &ctx, k ) ) != 0 )
if( ( ret = mbedtls_sha256_starts( &ctx, is224 ) ) != 0 )
goto fail;
if( j == 2 )
if( i == 2 )
{
memset( buf, 'a', buflen = 1000 );
for( j = 0; j < 1000; j++ )
for( int j = 0; j < 1000; j++ )
{
ret = mbedtls_sha256_update( &ctx, buf, buflen );
if( ret != 0 )
@ -800,8 +822,8 @@ int mbedtls_sha256_self_test( int verbose )
}
else
{
ret = mbedtls_sha256_update( &ctx, sha256_test_buf[j],
sha256_test_buflen[j] );
ret = mbedtls_sha256_update( &ctx, sha_test_buf[i],
sha_test_buflen[i] );
if( ret != 0 )
goto fail;
}
@ -810,7 +832,7 @@ int mbedtls_sha256_self_test( int verbose )
goto fail;
if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 )
if( memcmp( sha256sum, sha_test_sum[i], 32 - is224 * 4 ) != 0 )
{
ret = 1;
goto fail;
@ -836,6 +858,20 @@ exit:
return( ret );
}
#if defined(MBEDTLS_SHA256_C)
int mbedtls_sha256_self_test( int verbose )
{
return mbedtls_sha256_common_self_test( verbose, 0 );
}
#endif /* MBEDTLS_SHA256_C */
#if defined(MBEDTLS_SHA224_C)
int mbedtls_sha224_self_test( int verbose )
{
return mbedtls_sha256_common_self_test( verbose, 1 );
}
#endif /* MBEDTLS_SHA224_C */
#endif /* MBEDTLS_SELF_TEST */
#endif /* MBEDTLS_SHA256_C */
#endif /* MBEDTLS_SHA256_C || MBEDTLS_SHA224_C */

107
library/sha512.c
View file

@ -24,7 +24,7 @@
#include "common.h"
#if defined(MBEDTLS_SHA512_C)
#if defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_SHA384_C)
#include "mbedtls/sha512.h"
#include "mbedtls/platform_util.h"
@ -191,12 +191,15 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
*/
int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 )
{
#if defined(MBEDTLS_SHA384_C)
#if defined(MBEDTLS_SHA384_C) && defined(MBEDTLS_SHA512_C)
if( is384 != 0 && is384 != 1 )
return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
#else
#elif defined(MBEDTLS_SHA512_C)
if( is384 != 0 )
return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
#else /* defined MBEDTLS_SHA384_C only */
if( is384 == 0 )
return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
#endif
ctx->total[0] = 0;
@ -204,7 +207,7 @@ int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 )
if( is384 == 0 )
{
/* SHA-512 */
#if defined(MBEDTLS_SHA512_C)
ctx->state[0] = UL64(0x6A09E667F3BCC908);
ctx->state[1] = UL64(0xBB67AE8584CAA73B);
ctx->state[2] = UL64(0x3C6EF372FE94F82B);
@ -213,13 +216,11 @@ int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 )
ctx->state[5] = UL64(0x9B05688C2B3E6C1F);
ctx->state[6] = UL64(0x1F83D9ABFB41BD6B);
ctx->state[7] = UL64(0x5BE0CD19137E2179);
#endif /* MBEDTLS_SHA512_C */
}
else
{
#if !defined(MBEDTLS_SHA384_C)
return( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA );
#else
/* SHA-384 */
#if defined(MBEDTLS_SHA384_C)
ctx->state[0] = UL64(0xCBBB9D5DC1059ED8);
ctx->state[1] = UL64(0x629A292A367CD507);
ctx->state[2] = UL64(0x9159015A3070DD17);
@ -836,12 +837,15 @@ int mbedtls_sha512( const unsigned char *input,
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_sha512_context ctx;
#if defined(MBEDTLS_SHA384_C)
#if defined(MBEDTLS_SHA384_C) && defined(MBEDTLS_SHA512_C)
if( is384 != 0 && is384 != 1 )
return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
#else
#elif defined(MBEDTLS_SHA512_C)
if( is384 != 0 )
return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
#else /* defined MBEDTLS_SHA384_C only */
if( is384 == 0 )
return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
#endif
mbedtls_sha512_init( &ctx );
@ -866,24 +870,26 @@ exit:
/*
* FIPS-180-2 test vectors
*/
static const unsigned char sha512_test_buf[3][113] =
static const unsigned char sha_test_buf[3][113] =
{
{ "abc" },
{ "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" },
{ "" }
};
static const size_t sha512_test_buflen[3] =
static const size_t sha_test_buflen[3] =
{
3, 112, 1000
};
static const unsigned char sha512_test_sum[][64] =
{
typedef const unsigned char (sha_test_sum_t)[64];
/*
* SHA-384 test vectors
*/
#if defined(MBEDTLS_SHA384_C)
/*
* SHA-384 test vectors
*/
static sha_test_sum_t sha384_test_sum[] =
{
{ 0xCB, 0x00, 0x75, 0x3F, 0x45, 0xA3, 0x5E, 0x8B,
0xB5, 0xA0, 0x3D, 0x69, 0x9A, 0xC6, 0x50, 0x07,
0x27, 0x2C, 0x32, 0xAB, 0x0E, 0xDE, 0xD1, 0x63,
@ -901,12 +907,16 @@ static const unsigned char sha512_test_sum[][64] =
0xED, 0x14, 0x9E, 0x9C, 0x00, 0xF2, 0x48, 0x52,
0x79, 0x72, 0xCE, 0xC5, 0x70, 0x4C, 0x2A, 0x5B,
0x07, 0xB8, 0xB3, 0xDC, 0x38, 0xEC, 0xC4, 0xEB,
0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 },
0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 }
};
#endif /* MBEDTLS_SHA384_C */
/*
* SHA-512 test vectors
*/
/*
* SHA-512 test vectors
*/
#if defined(MBEDTLS_SHA512_C)
static sha_test_sum_t sha512_test_sum[] =
{
{ 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA,
0xCC, 0x41, 0x73, 0x49, 0xAE, 0x20, 0x41, 0x31,
0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
@ -932,19 +942,25 @@ static const unsigned char sha512_test_sum[][64] =
0xEB, 0x00, 0x9C, 0x5C, 0x2C, 0x49, 0xAA, 0x2E,
0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B }
};
#endif /* MBEDTLS_SHA512_C */
#define ARRAY_LENGTH( a ) ( sizeof( a ) / sizeof( ( a )[0] ) )
/*
* Checkup routine
*/
int mbedtls_sha512_self_test( int verbose )
static int mbedtls_sha512_common_self_test( int verbose, int is384 )
{
int i, j, k, buflen, ret = 0;
int i, buflen, ret = 0;
unsigned char *buf;
unsigned char sha512sum[64];
mbedtls_sha512_context ctx;
#if defined(MBEDTLS_SHA384_C) && defined(MBEDTLS_SHA512_C)
sha_test_sum_t* sha_test_sum = ( is384 ) ? sha384_test_sum : sha512_test_sum;
#elif defined(MBEDTLS_SHA512_C)
sha_test_sum_t* sha_test_sum = sha512_test_sum;
#else
sha_test_sum_t* sha_test_sum = sha384_test_sum;
#endif
buf = mbedtls_calloc( 1024, sizeof(unsigned char) );
if( NULL == buf )
{
@ -956,26 +972,19 @@ int mbedtls_sha512_self_test( int verbose )
mbedtls_sha512_init( &ctx );
for( i = 0; i < (int) ARRAY_LENGTH(sha512_test_sum); i++ )
for( i = 0; i < 3; i++ )
{
j = i % 3;
#if defined(MBEDTLS_SHA384_C)
k = i < 3;
#else
k = 0;
#endif
if( verbose != 0 )
mbedtls_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 );
mbedtls_printf( " SHA-%d test #%d: ", 512 - is384 * 128, i + 1 );
if( ( ret = mbedtls_sha512_starts( &ctx, k ) ) != 0 )
if( ( ret = mbedtls_sha512_starts( &ctx, is384 ) ) != 0 )
goto fail;
if( j == 2 )
if( i == 2 )
{
memset( buf, 'a', buflen = 1000 );
for( j = 0; j < 1000; j++ )
for( int j = 0; j < 1000; j++ )
{
ret = mbedtls_sha512_update( &ctx, buf, buflen );
if( ret != 0 )
@ -984,8 +993,8 @@ int mbedtls_sha512_self_test( int verbose )
}
else
{
ret = mbedtls_sha512_update( &ctx, sha512_test_buf[j],
sha512_test_buflen[j] );
ret = mbedtls_sha512_update( &ctx, sha_test_buf[i],
sha_test_buflen[i] );
if( ret != 0 )
goto fail;
}
@ -993,7 +1002,7 @@ int mbedtls_sha512_self_test( int verbose )
if( ( ret = mbedtls_sha512_finish( &ctx, sha512sum ) ) != 0 )
goto fail;
if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 )
if( memcmp( sha512sum, sha_test_sum[i], 64 - is384 * 16 ) != 0 )
{
ret = 1;
goto fail;
@ -1019,8 +1028,22 @@ exit:
return( ret );
}
#if defined(MBEDTLS_SHA512_C)
int mbedtls_sha512_self_test( int verbose )
{
return mbedtls_sha512_common_self_test( verbose, 0 );
}
#endif /* MBEDTLS_SHA512_C */
#if defined(MBEDTLS_SHA384_C)
int mbedtls_sha384_self_test( int verbose )
{
return mbedtls_sha512_common_self_test( verbose, 1 );
}
#endif /* MBEDTLS_SHA384_C */
#undef ARRAY_LENGTH
#endif /* MBEDTLS_SELF_TEST */
#endif /* MBEDTLS_SHA512_C */
#endif /* MBEDTLS_SHA512_C || MBEDTLS_SHA384_C */

14
library/ssl_cookie.c
View file

@ -38,23 +38,19 @@
#include <string.h>
/*
* If DTLS is in use, then at least one of SHA-1, SHA-256, SHA-384 is
* available. Try SHA-256 first, 384 wastes resources
* If DTLS is in use, then at least one of SHA-256 or SHA-384 is
* available. Try SHA-256 first as 384 wastes resources
*/
#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA)
#define COOKIE_MD MBEDTLS_MD_SHA224
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)
#define COOKIE_MD MBEDTLS_MD_SHA256
#define COOKIE_MD_OUTLEN 32
#define COOKIE_HMAC_LEN 28
#elif defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA)
#define COOKIE_MD MBEDTLS_MD_SHA384
#define COOKIE_MD_OUTLEN 48
#define COOKIE_HMAC_LEN 28
#elif defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
#define COOKIE_MD MBEDTLS_MD_SHA1
#define COOKIE_MD_OUTLEN 20
#define COOKIE_HMAC_LEN 20
#else
#error "DTLS hello verify needs SHA-1 or SHA-2"
#error "DTLS hello verify needs SHA-256 or SHA-384"
#endif
/*