From a5cedbcd3fc3b5953416bdad1c20ec6901ec5f7d Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 17 Jul 2019 11:21:02 +0100 Subject: [PATCH 01/37] Introduce MD handle type As has been previously done for ciphersuites, this commit introduces a zero-cost abstraction layer around the type mbedtls_md_info const * whose valid values represent implementations of message digest algorithms. Access to a particular digest implementation can be requested by name or digest ID through the API mbedtls_md_info_from_xxx(), which either returns a valid implementation or NULL, representing failure. This commit replaces such uses of `mbedtls_md_info const *` by an abstract type `mbedtls_md_handle_t` whose valid values represent digest implementations, and which has a designated invalid value MBEDTLS_MD_INVALID_HANDLE. The purpose of this abstraction layer is to pave the way for builds which support precisely one digest algorithm. In this case, mbedtls_md_handle_t can be implemented as a two-valued type, with one value representing the invalid handle, and the unique valid value representing the unique enabled digest. --- include/mbedtls/ecjpake.h | 2 +- include/mbedtls/hkdf.h | 6 +- include/mbedtls/hmac_drbg.h | 4 +- include/mbedtls/md.h | 26 ++++---- library/ecdsa.c | 7 +- library/ecjpake.c | 25 ++++---- library/hkdf.c | 6 +- library/hmac_drbg.c | 6 +- library/md.c | 75 ++++++++++++++-------- library/pk.c | 7 +- library/pkcs11.c | 4 +- library/pkcs12.c | 4 +- library/pkcs5.c | 8 +-- library/rsa.c | 24 +++---- library/ssl_tls.c | 39 +++++++---- library/x509.c | 2 +- library/x509_crt.c | 4 +- programs/aes/crypt_and_hash.c | 4 +- programs/hash/generic_sum.c | 10 +-- programs/test/benchmark.c | 12 +++- tests/suites/test_suite_ecdsa.function | 8 +-- tests/suites/test_suite_hkdf.function | 12 ++-- tests/suites/test_suite_hmac_drbg.function | 24 +++---- tests/suites/test_suite_md.function | 66 ++++++++++--------- tests/suites/test_suite_pk.function | 6 +- tests/suites/test_suite_pkcs1_v15.function | 9 ++- tests/suites/test_suite_pkcs1_v21.function | 8 ++- tests/suites/test_suite_pkcs5.function | 4 +- tests/suites/test_suite_rsa.function | 8 ++- tests/suites/test_suite_ssl.function | 4 +- 30 files changed, 247 insertions(+), 177 deletions(-) diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h index 3d8d02ae6..00e752b23 100644 --- a/include/mbedtls/ecjpake.h +++ b/include/mbedtls/ecjpake.h @@ -75,7 +75,7 @@ typedef enum { */ typedef struct mbedtls_ecjpake_context { - const mbedtls_md_info_t *md_info; /**< Hash to use */ + mbedtls_md_handle_t md_info; /**< Hash to use */ mbedtls_ecp_group grp; /**< Elliptic curve */ mbedtls_ecjpake_role role; /**< Are we client or server? */ int point_format; /**< Format for point export */ diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h index 40ee64eb0..ebf5e12ea 100644 --- a/include/mbedtls/hkdf.h +++ b/include/mbedtls/hkdf.h @@ -70,7 +70,7 @@ extern "C" { * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * MD layer. */ -int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, +int mbedtls_hkdf( mbedtls_md_handle_t md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len ); @@ -99,7 +99,7 @@ int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * MD layer. */ -int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, +int mbedtls_hkdf_extract( mbedtls_md_handle_t md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, unsigned char *prk ); @@ -130,7 +130,7 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * MD layer. */ -int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk, +int mbedtls_hkdf_expand( mbedtls_md_handle_t md, const unsigned char *prk, size_t prk_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len ); diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index f1289cb30..ed0385455 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -138,7 +138,7 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED. */ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, + mbedtls_md_handle_t md_info, int (*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, @@ -158,7 +158,7 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, * MBEDTLS_ERR_MD_ALLOC_FAILED. */ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, + mbedtls_md_handle_t md_info, const unsigned char *data, size_t data_len ); /** diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 69ab21f40..40624e44a 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -85,13 +85,17 @@ typedef enum { */ typedef struct mbedtls_md_info_t mbedtls_md_info_t; + +typedef struct mbedtls_md_info_t const * mbedtls_md_handle_t; +#define MBEDTLS_MD_INVALID_HANDLE ( (mbedtls_md_handle_t) NULL ) + /** * The generic message-digest context. */ typedef struct mbedtls_md_context_t { /** Information about the associated message digest. */ - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; /** The digest-specific context. */ void *md_ctx; @@ -120,7 +124,7 @@ const int *mbedtls_md_list( void ); * \return The message-digest information associated with \p md_name. * \return NULL if the associated message-digest information is not found. */ -const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ); +mbedtls_md_handle_t mbedtls_md_info_from_string( const char *md_name ); /** * \brief This function returns the message-digest information @@ -131,7 +135,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ); * \return The message-digest information associated with \p md_type. * \return NULL if the associated message-digest information is not found. */ -const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ); +mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type ); /** * \brief This function initializes a message-digest context without @@ -182,7 +186,7 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ); * failure. * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. */ -int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED; +int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info ) MBEDTLS_DEPRECATED; #undef MBEDTLS_DEPRECATED #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -205,7 +209,7 @@ int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_ * failure. * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. */ -int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ); +int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac ); /** * \brief This function clones the state of an message-digest @@ -238,7 +242,7 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, * * \return The size of the message-digest output in Bytes. */ -unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ); +unsigned char mbedtls_md_get_size( mbedtls_md_handle_t md_info ); /** * \brief This function extracts the message-digest type from the @@ -249,7 +253,7 @@ unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ); * * \return The type of the message digest. */ -mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ); +mbedtls_md_type_t mbedtls_md_get_type( mbedtls_md_handle_t md_info ); /** * \brief This function extracts the message-digest name from the @@ -260,7 +264,7 @@ mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ); * * \return The name of the message digest. */ -const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ); +const char *mbedtls_md_get_name( mbedtls_md_handle_t md_info ); /** * \brief This function starts a message-digest computation. @@ -333,7 +337,7 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ -int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, +int mbedtls_md( mbedtls_md_handle_t md_info, const unsigned char *input, size_t ilen, unsigned char *output ); #if defined(MBEDTLS_FS_IO) @@ -354,7 +358,7 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si * the file pointed by \p path. * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL. */ -int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, +int mbedtls_md_file( mbedtls_md_handle_t md_info, const char *path, unsigned char *output ); #endif /* MBEDTLS_FS_IO */ @@ -460,7 +464,7 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ -int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen, +int mbedtls_md_hmac( mbedtls_md_handle_t md_info, const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char *output ); diff --git a/library/ecdsa.c b/library/ecdsa.c index 58e1a5fce..94bb7f0f4 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -412,11 +412,14 @@ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, mbedtls_hmac_drbg_context *p_rng = &rng_ctx; unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES]; size_t grp_len = ( grp->nbits + 7 ) / 8; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_mpi h; - if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + } mbedtls_mpi_init( &h ); mbedtls_hmac_drbg_init( &rng_ctx ); diff --git a/library/ecjpake.c b/library/ecjpake.c index b276514e8..ea28e6d42 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -63,7 +63,7 @@ void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx ) { ECJPAKE_VALIDATE( ctx != NULL ); - ctx->md_info = NULL; + ctx->md_info = MBEDTLS_MD_INVALID_HANDLE; mbedtls_ecp_group_init( &ctx->grp ); ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; @@ -86,7 +86,7 @@ void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx ) if( ctx == NULL ) return; - ctx->md_info = NULL; + ctx->md_info = MBEDTLS_MD_INVALID_HANDLE; mbedtls_ecp_group_free( &ctx->grp ); mbedtls_ecp_point_free( &ctx->Xm1 ); @@ -119,8 +119,11 @@ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, ctx->role = role; - if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) == NULL ) + if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE ); + } MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ctx->grp, curve ) ); @@ -140,7 +143,7 @@ int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx ) { ECJPAKE_VALIDATE_RET( ctx != NULL ); - if( ctx->md_info == NULL || + if( ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || ctx->grp.id == MBEDTLS_ECP_DP_NONE || ctx->s.p == NULL ) { @@ -190,7 +193,7 @@ static int ecjpake_write_len_point( unsigned char **p, /* * Compute hash for ZKP (7.4.2.2.2.1) */ -static int ecjpake_hash( const mbedtls_md_info_t *md_info, +static int ecjpake_hash( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -240,7 +243,7 @@ cleanup: /* * Parse a ECShnorrZKP (7.4.2.2.2) and verify it (7.4.2.3.3) */ -static int ecjpake_zkp_read( const mbedtls_md_info_t *md_info, +static int ecjpake_zkp_read( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -312,7 +315,7 @@ cleanup: /* * Generate ZKP (7.4.2.3.2) and write it as ECSchnorrZKP (7.4.2.2.2) */ -static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info, +static int ecjpake_zkp_write( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -373,7 +376,7 @@ cleanup: * Parse a ECJPAKEKeyKP (7.4.2.2.1) and check proof * Output: verified public key X */ -static int ecjpake_kkp_read( const mbedtls_md_info_t *md_info, +static int ecjpake_kkp_read( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -410,7 +413,7 @@ cleanup: * Generate an ECJPAKEKeyKP * Output: the serialized structure, plus private/public key pair */ -static int ecjpake_kkp_write( const mbedtls_md_info_t *md_info, +static int ecjpake_kkp_write( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -447,7 +450,7 @@ cleanup: * Read a ECJPAKEKeyKPPairList (7.4.2.3) and check proofs * Ouputs: verified peer public keys Xa, Xb */ -static int ecjpake_kkpp_read( const mbedtls_md_info_t *md_info, +static int ecjpake_kkpp_read( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -480,7 +483,7 @@ cleanup: * Generate a ECJPAKEKeyKPPairList * Outputs: the serialized structure, plus two private/public key pairs */ -static int ecjpake_kkpp_write( const mbedtls_md_info_t *md_info, +static int ecjpake_kkpp_write( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, diff --git a/library/hkdf.c b/library/hkdf.c index 82d8a429f..d64dc4da1 100644 --- a/library/hkdf.c +++ b/library/hkdf.c @@ -30,7 +30,7 @@ #include "mbedtls/hkdf.h" #include "mbedtls/platform_util.h" -int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, +int mbedtls_hkdf( mbedtls_md_handle_t md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len ) @@ -51,7 +51,7 @@ int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, return( ret ); } -int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, +int mbedtls_hkdf_extract( mbedtls_md_handle_t md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, unsigned char *prk ) @@ -81,7 +81,7 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, return( mbedtls_md_hmac( md, salt, salt_len, ikm, ikm_len, prk ) ); } -int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk, +int mbedtls_hkdf_expand( mbedtls_md_handle_t md, const unsigned char *prk, size_t prk_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len ) { diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index 34f18155e..c9c541d83 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -124,7 +124,7 @@ void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, * Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA) */ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, + mbedtls_md_handle_t md_info, const unsigned char *data, size_t data_len ) { int ret; @@ -246,7 +246,7 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, * from the entropy source as suggested in 8.6.7. */ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, + mbedtls_md_handle_t md_info, int (*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, @@ -564,7 +564,7 @@ int mbedtls_hmac_drbg_self_test( int verbose ) { mbedtls_hmac_drbg_context ctx; unsigned char buf[OUTPUT_LEN]; - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); + mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); mbedtls_hmac_drbg_init( &ctx ); diff --git a/library/md.c b/library/md.c index b3525be3f..d634606a2 100644 --- a/library/md.c +++ b/library/md.c @@ -94,7 +94,7 @@ const int *mbedtls_md_list( void ) return( supported_digests ); } -const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ) +mbedtls_md_handle_t mbedtls_md_info_from_string( const char *md_name ) { if( NULL == md_name ) return( NULL ); @@ -137,7 +137,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ) return( NULL ); } -const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) +mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) { switch( md_type ) { @@ -187,7 +187,7 @@ void mbedtls_md_init( mbedtls_md_context_t *ctx ) void mbedtls_md_free( mbedtls_md_context_t *ctx ) { - if( ctx == NULL || ctx->md_info == NULL ) + if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) return; if( ctx->md_ctx != NULL ) @@ -206,8 +206,8 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) int mbedtls_md_clone( mbedtls_md_context_t *dst, const mbedtls_md_context_t *src ) { - if( dst == NULL || dst->md_info == NULL || - src == NULL || src->md_info == NULL || + if( dst == NULL || dst->md_info == MBEDTLS_MD_INVALID_HANDLE || + src == NULL || src->md_info == MBEDTLS_MD_INVALID_HANDLE || dst->md_info != src->md_info ) { return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); @@ -219,15 +219,15 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, } #if ! defined(MBEDTLS_DEPRECATED_REMOVED) -int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) +int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info ) { return mbedtls_md_setup( ctx, md_info, 1 ); } #endif -int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ) +int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac ) { - if( md_info == NULL || ctx == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE || ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL ) @@ -250,7 +250,7 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf int mbedtls_md_starts( mbedtls_md_context_t *ctx ) { - if( ctx == NULL || ctx->md_info == NULL ) + if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); return( ctx->md_info->starts_func( ctx->md_ctx ) ); @@ -258,7 +258,7 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx ) int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) { - if( ctx == NULL || ctx->md_info == NULL ) + if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) ); @@ -266,23 +266,23 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) { - if( ctx == NULL || ctx->md_info == NULL ) + if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); return( ctx->md_info->finish_func( ctx->md_ctx, output ) ); } -int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, +int mbedtls_md( mbedtls_md_handle_t md_info, const unsigned char *input, size_t ilen, unsigned char *output ) { - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); return( md_info->digest_func( input, ilen, output ) ); } #if defined(MBEDTLS_FS_IO) -int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output ) +int mbedtls_md_file( mbedtls_md_handle_t md_info, const char *path, unsigned char *output ) { int ret; FILE *f; @@ -290,7 +290,7 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigne mbedtls_md_context_t ctx; unsigned char buf[1024]; - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); if( ( f = fopen( path, "rb" ) ) == NULL ) @@ -329,8 +329,12 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, unsigned char *ipad, *opad; size_t i; - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) + if( ctx == NULL || + ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || + ctx->hmac_ctx == NULL ) + { return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } if( keylen > (size_t) ctx->md_info->block_size ) { @@ -371,8 +375,12 @@ cleanup: int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) { - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) + if( ctx == NULL || + ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || + ctx->hmac_ctx == NULL ) + { return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) ); } @@ -383,8 +391,12 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; unsigned char *opad; - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) + if( ctx == NULL || + ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || + ctx->hmac_ctx == NULL ) + { return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size; @@ -406,8 +418,12 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) int ret; unsigned char *ipad; - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) + if( ctx == NULL || + ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || + ctx->hmac_ctx == NULL ) + { return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } ipad = (unsigned char *) ctx->hmac_ctx; @@ -417,7 +433,7 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) ctx->md_info->block_size ) ); } -int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, +int mbedtls_md_hmac( mbedtls_md_handle_t md_info, const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char *output ) @@ -425,7 +441,7 @@ int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, mbedtls_md_context_t ctx; int ret; - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); mbedtls_md_init( &ctx ); @@ -448,31 +464,34 @@ cleanup: int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) { - if( ctx == NULL || ctx->md_info == NULL ) + if( ctx == NULL || + ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } return( ctx->md_info->process_func( ctx->md_ctx, data ) ); } -unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ) +unsigned char mbedtls_md_get_size( mbedtls_md_handle_t md_info ) { - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( 0 ); return md_info->size; } -mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ) +mbedtls_md_type_t mbedtls_md_get_type( mbedtls_md_handle_t md_info ) { - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_MD_NONE ); return md_info->type; } -const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ) +const char *mbedtls_md_get_name( mbedtls_md_handle_t md_info ) { - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( NULL ); return md_info->name; diff --git a/library/pk.c b/library/pk.c index 161a135f1..93c57642d 100644 --- a/library/pk.c +++ b/library/pk.c @@ -205,13 +205,16 @@ int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ) */ static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len ) { - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; if( *hash_len != 0 ) return( 0 ); - if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( -1 ); + } *hash_len = mbedtls_md_get_size( md_info ); return( 0 ); diff --git a/library/pkcs11.c b/library/pkcs11.c index 0ea64252e..9ef53533f 100644 --- a/library/pkcs11.c +++ b/library/pkcs11.c @@ -183,8 +183,8 @@ int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, if( md_alg != MBEDTLS_MD_NONE ) { - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) + mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( md_alg ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) diff --git a/library/pkcs12.c b/library/pkcs12.c index 7edf064c1..e16d0a934 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -261,7 +261,7 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, size_t hlen, use_len, v, i; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; // This version only allows max of 64 bytes of password or salt @@ -269,7 +269,7 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); md_info = mbedtls_md_info_from_type( md_type ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); mbedtls_md_init( &md_ctx ); diff --git a/library/pkcs5.c b/library/pkcs5.c index 50133435c..2717aaa56 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -122,7 +122,7 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1; unsigned char key[32], iv[32]; size_t olen = 0; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; const mbedtls_cipher_info_t *cipher_info; mbedtls_md_context_t md_ctx; mbedtls_cipher_type_t cipher_alg; @@ -157,7 +157,7 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, } md_info = mbedtls_md_info_from_type( md_type ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); if( ( ret = mbedtls_asn1_get_alg( &p, end, &enc_scheme_oid, @@ -356,14 +356,14 @@ static const unsigned char result_key[MAX_TESTS][32] = int mbedtls_pkcs5_self_test( int verbose ) { mbedtls_md_context_t sha1_ctx; - const mbedtls_md_info_t *info_sha1; + mbedtls_md_handle_t info_sha1; int ret, i; unsigned char key[64]; mbedtls_md_init( &sha1_ctx ); info_sha1 = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); - if( info_sha1 == NULL ) + if( info_sha1 == MBEDTLS_MD_INVALID_HANDLE ) { ret = 1; goto exit; diff --git a/library/rsa.c b/library/rsa.c index af1a87859..2674c1094 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1128,7 +1128,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, int ret; unsigned char *p = output; unsigned int hlen; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; RSA_VALIDATE_RET( ctx != NULL ); @@ -1145,7 +1145,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); olen = ctx->len; @@ -1326,7 +1326,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; unsigned char lhash[MBEDTLS_MD_MAX_SIZE]; unsigned int hlen; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; RSA_VALIDATE_RET( ctx != NULL ); @@ -1349,7 +1349,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); hlen = mbedtls_md_get_size( md_info ); @@ -1767,7 +1767,7 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, size_t slen, min_slen, hlen, offset = 0; int ret; size_t msb; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; RSA_VALIDATE_RET( ctx != NULL ); RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || @@ -1789,14 +1789,14 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, { /* Gather length of hash to sign */ md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); hashlen = mbedtls_md_get_size( md_info ); } md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); hlen = mbedtls_md_get_size( md_info ); @@ -1910,8 +1910,8 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, /* Are we signing hashed or raw data? */ if( md_alg != MBEDTLS_MD_NONE ) { - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) + mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( md_alg ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) @@ -2150,7 +2150,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, unsigned char zeros[8]; unsigned int hlen; size_t observed_salt_len, msb; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; @@ -2186,14 +2186,14 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, { /* Gather length of hash to sign */ md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); hashlen = mbedtls_md_get_size( md_info ); } md_info = mbedtls_md_info_from_type( mgf1_hash_id ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); hlen = mbedtls_md_get_size( md_info ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index e47c45657..b17e33d61 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -660,7 +660,7 @@ MBEDTLS_NO_INLINE static int tls1_prf( const unsigned char *secret, size_t slen, const unsigned char *S1, *S2; unsigned char tmp[128]; unsigned char h_i[20]; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; int ret; @@ -681,8 +681,11 @@ MBEDTLS_NO_INLINE static int tls1_prf( const unsigned char *secret, size_t slen, /* * First compute P_md5(secret,label+random)[0..dlen] */ - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) return( ret ); @@ -712,8 +715,11 @@ MBEDTLS_NO_INLINE static int tls1_prf( const unsigned char *secret, size_t slen, /* * XOR out with P_sha1(secret,label+random)[0..dlen] */ - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) return( ret ); @@ -763,14 +769,17 @@ int tls_prf_generic( mbedtls_md_type_t md_type, size_t i, j, k, md_len; unsigned char tmp[128]; unsigned char h_i[MBEDTLS_MD_MAX_SIZE]; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; int ret; mbedtls_md_init( &md_ctx ); - if( ( md_info = mbedtls_md_info_from_type( md_type ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( md_type ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } md_len = mbedtls_md_get_size( md_info ); @@ -1244,7 +1253,7 @@ int ssl_populate_transform( mbedtls_ssl_transform *transform, unsigned keylen; mbedtls_ssl_ciphersuite_handle_t ciphersuite_info; const mbedtls_cipher_info_t *cipher_info; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; #if !defined(MBEDTLS_SSL_HW_RECORD_ACCEL) && \ !defined(MBEDTLS_SSL_EXPORT_KEYS) && \ @@ -1293,7 +1302,7 @@ int ssl_populate_transform( mbedtls_ssl_transform *transform, md_info = mbedtls_md_info_from_type( mbedtls_ssl_suite_get_mac( ciphersuite_info ) ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %d not found", mbedtls_ssl_suite_get_mac( ciphersuite_info ) ) ); @@ -3368,7 +3377,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, memset( tmp, 0, sizeof( tmp ) ); - switch( mbedtls_md_get_type( transform->md_ctx_dec.md_info ) ) + switch( mbedtls_md_get_type( + mbedtls_md_get_handle( &transform->md_ctx_dec ) ) ) { #if defined(MBEDTLS_MD5_C) || defined(MBEDTLS_SHA1_C) || \ defined(MBEDTLS_SHA256_C) @@ -6890,13 +6900,16 @@ static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, ssl->session->peer_cert_digest; mbedtls_md_type_t const peer_cert_digest_type = ssl->session->peer_cert_digest_type; - mbedtls_md_info_t const * const digest_info = + mbedtls_md_handle_t digest_info = mbedtls_md_info_from_type( peer_cert_digest_type ); unsigned char tmp_digest[MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN]; size_t digest_len; - if( peer_cert_digest == NULL || digest_info == NULL ) + if( peer_cert_digest == NULL || + digest_info == MBEDTLS_MD_INVALID_HANDLE ) + { return( -1 ); + } digest_len = mbedtls_md_get_size( digest_info ); if( digest_len > MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN ) @@ -10110,9 +10123,9 @@ static int ssl_session_load( mbedtls_ssl_session *session, if( session->peer_cert_digest_len != 0 ) { - const mbedtls_md_info_t *md_info = + mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( session->peer_cert_digest_type ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); if( session->peer_cert_digest_len != mbedtls_md_get_size( md_info ) ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -12484,7 +12497,7 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, { int ret = 0; mbedtls_md_context_t ctx; - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); + mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( md_alg ); *hashlen = mbedtls_md_get_size( md_info ); mbedtls_md_init( &ctx ); diff --git a/library/x509.c b/library/x509.c index 19cc64b79..ec83017f8 100644 --- a/library/x509.c +++ b/library/x509.c @@ -1065,7 +1065,7 @@ int mbedtls_x509_sig_alg_gets( char *buf, size_t size, mbedtls_pk_type_t pk_alg, if( pk_alg == MBEDTLS_PK_RSASSA_PSS ) { const mbedtls_pk_rsassa_pss_options *pss_opts; - const mbedtls_md_info_t *md_info, *mgf_md_info; + mbedtls_md_handle_t md_info, mgf_md_info; pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts; diff --git a/library/x509_crt.c b/library/x509_crt.c index 0089ef2a3..2960638fb 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -2088,7 +2088,7 @@ static void x509_crt_free_sig_info( mbedtls_x509_crt_sig_info *info ) static int x509_crt_get_sig_info( mbedtls_x509_crt_frame const *frame, mbedtls_x509_crt_sig_info *info ) { - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; md_info = mbedtls_md_info_from_type( frame->sig_md ); if( mbedtls_md( md_info, frame->tbs.p, frame->tbs.len, @@ -2705,7 +2705,7 @@ static int x509_crt_verifycrl( unsigned char *crt_serial, int ret; int flags = 0; unsigned char hash[MBEDTLS_MD_MAX_SIZE]; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_x509_buf_raw ca_subject; mbedtls_pk_context *pk; int can_sign; diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index a5acf5b8b..8d671abf2 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -100,7 +100,7 @@ int main( int argc, char *argv[] ) unsigned char diff; const mbedtls_cipher_info_t *cipher_info; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_cipher_context_t cipher_ctx; mbedtls_md_context_t md_ctx; #if defined(_WIN32_WCE) @@ -192,7 +192,7 @@ int main( int argc, char *argv[] ) } md_info = mbedtls_md_info_from_string( argv[5] ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) { mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[5] ); goto exit; diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c index 709a149e0..ed5357f08 100644 --- a/programs/hash/generic_sum.c +++ b/programs/hash/generic_sum.c @@ -53,7 +53,7 @@ int main( void ) #else -static int generic_wrapper( const mbedtls_md_info_t *md_info, char *filename, unsigned char *sum ) +static int generic_wrapper( mbedtls_md_handle_t md_info, char *filename, unsigned char *sum ) { int ret = mbedtls_md_file( md_info, filename, sum ); @@ -66,7 +66,7 @@ static int generic_wrapper( const mbedtls_md_info_t *md_info, char *filename, un return( ret ); } -static int generic_print( const mbedtls_md_info_t *md_info, char *filename ) +static int generic_print( mbedtls_md_handle_t md_info, char *filename ) { int i; unsigned char sum[MBEDTLS_MD_MAX_SIZE]; @@ -81,7 +81,7 @@ static int generic_print( const mbedtls_md_info_t *md_info, char *filename ) return( 0 ); } -static int generic_check( const mbedtls_md_info_t *md_info, char *filename ) +static int generic_check( mbedtls_md_handle_t md_info, char *filename ) { int i; size_t n; @@ -177,7 +177,7 @@ int main( int argc, char *argv[] ) { int ret = 1, i; int exit_code = MBEDTLS_EXIT_FAILURE; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; mbedtls_md_init( &md_ctx ); @@ -210,7 +210,7 @@ int main( int argc, char *argv[] ) * Read the MD from the command line */ md_info = mbedtls_md_info_from_string( argv[1] ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) { mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[1] ); return( exit_code ); diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 2b8656692..88e3290d0 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -693,13 +693,16 @@ int main( int argc, char *argv[] ) if( todo.hmac_drbg ) { mbedtls_hmac_drbg_context hmac_drbg; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_init( &hmac_drbg ); #if defined(MBEDTLS_SHA1_C) - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { mbedtls_exit(1); + } if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) mbedtls_exit(1); @@ -715,8 +718,11 @@ int main( int argc, char *argv[] ) #endif #if defined(MBEDTLS_SHA256_C) - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { mbedtls_exit(1); + } if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) mbedtls_exit(1); diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function index 22d92b6df..fa77dfad3 100644 --- a/tests/suites/test_suite_ecdsa.function +++ b/tests/suites/test_suite_ecdsa.function @@ -307,7 +307,7 @@ void ecdsa_det_test_vectors( int id, char * d_str, int md_alg, char * msg, mbedtls_mpi d, r, s, r_check, s_check; unsigned char hash[MBEDTLS_MD_MAX_SIZE]; size_t hlen; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_ecp_group_init( &grp ); mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); @@ -320,7 +320,7 @@ void ecdsa_det_test_vectors( int id, char * d_str, int md_alg, char * msg, TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 ); md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); hlen = mbedtls_md_get_size( md_info ); TEST_ASSERT( mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash ) == 0 ); @@ -476,7 +476,7 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, unsigned char sig[MBEDTLS_ECDSA_MAX_LEN]; unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN]; size_t hlen, slen, slen_check; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_ecdsa_restart_init( &rs_ctx ); mbedtls_ecdsa_init( &ctx ); @@ -489,7 +489,7 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, slen_check = unhexify( sig_check, sig_str ); md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); hlen = mbedtls_md_get_size( md_info ); mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash ); diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index 3e8720734..7e83b57e6 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -25,8 +25,8 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string, */ unsigned char okm_hex[257] = { '\0' }; - const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md != NULL ); + mbedtls_md_handle_t md = mbedtls_md_info_from_type( md_alg ); + TEST_ASSERT( md != MBEDTLS_MD_INVALID_HANDLE ); ikm_len = unhexify( ikm, hex_ikm_string ); salt_len = unhexify( salt, hex_salt_string ); @@ -54,8 +54,8 @@ void test_hkdf_extract( int md_alg, char *hex_ikm_string, unsigned char *output_prk = NULL; size_t ikm_len, salt_len, prk_len, output_prk_len; - const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md != NULL ); + mbedtls_md_handle_t md = mbedtls_md_info_from_type( md_alg ); + TEST_ASSERT( md != MBEDTLS_MD_INVALID_HANDLE ); output_prk_len = mbedtls_md_get_size( md ); output_prk = mbedtls_calloc( 1, output_prk_len ); @@ -90,8 +90,8 @@ void test_hkdf_expand( int md_alg, char *hex_info_string, unsigned char *output_okm = NULL; size_t info_len, prk_len, okm_len; - const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md != NULL ); + mbedtls_md_handle_t md = mbedtls_md_info_from_type( md_alg ); + TEST_ASSERT( md != MBEDTLS_MD_INVALID_HANDLE ); output_okm = mbedtls_calloc( OKM_LEN, 1 ); diff --git a/tests/suites/test_suite_hmac_drbg.function b/tests/suites/test_suite_hmac_drbg.function index 13bc40062..da280dbd9 100644 --- a/tests/suites/test_suite_hmac_drbg.function +++ b/tests/suites/test_suite_hmac_drbg.function @@ -34,7 +34,7 @@ void hmac_drbg_entropy_usage( int md_alg ) { unsigned char out[16]; unsigned char buf[1024]; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; entropy_ctx entropy; size_t last_len, i, reps = 10; @@ -47,7 +47,7 @@ void hmac_drbg_entropy_usage( int md_alg ) entropy.p = buf; md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); /* Init must use entropy */ last_len = entropy.len; @@ -112,13 +112,13 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ void hmac_drbg_seed_file( int md_alg, char * path, int ret ) { - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; mbedtls_hmac_drbg_init( &ctx ); md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, rnd_std_rand, NULL, NULL, 0 ) == 0 ); @@ -136,7 +136,7 @@ void hmac_drbg_buf( int md_alg ) { unsigned char out[16]; unsigned char buf[100]; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; size_t i; @@ -145,7 +145,7 @@ void hmac_drbg_buf( int md_alg ) memset( out, 0, sizeof( out ) ); md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_hmac_drbg_seed_buf( &ctx, md_info, buf, sizeof( buf ) ) == 0 ); /* Make sure it never tries to reseed (would segfault otherwise) */ @@ -168,7 +168,7 @@ void hmac_drbg_no_reseed( int md_alg, data_t * entropy, unsigned char data[1024]; unsigned char my_output[512]; entropy_ctx p_entropy; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; mbedtls_hmac_drbg_init( &ctx ); @@ -177,7 +177,7 @@ void hmac_drbg_no_reseed( int md_alg, data_t * entropy, p_entropy.len = entropy->len; md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); /* Test the simplified buffer-based variant */ memcpy( data, entropy->x, p_entropy.len ); @@ -215,7 +215,7 @@ void hmac_drbg_nopr( int md_alg, data_t * entropy, data_t * custom, { unsigned char my_output[512]; entropy_ctx p_entropy; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; mbedtls_hmac_drbg_init( &ctx ); @@ -224,7 +224,7 @@ void hmac_drbg_nopr( int md_alg, data_t * entropy, data_t * custom, p_entropy.len = entropy->len; md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy, custom->x, custom->len ) == 0 ); @@ -247,7 +247,7 @@ void hmac_drbg_pr( int md_alg, data_t * entropy, data_t * custom, { unsigned char my_output[512]; entropy_ctx p_entropy; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; mbedtls_hmac_drbg_init( &ctx ); @@ -256,7 +256,7 @@ void hmac_drbg_pr( int md_alg, data_t * entropy, data_t * custom, p_entropy.len = entropy->len; md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy, custom->x, custom->len ) == 0 ); diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index 11cf88ae7..515a28cfc 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -11,7 +11,7 @@ void mbedtls_md_process( ) { const int *md_type_ptr; - const mbedtls_md_info_t *info; + mbedtls_md_handle_t info; mbedtls_md_context_t ctx; unsigned char buf[150]; @@ -28,7 +28,7 @@ void mbedtls_md_process( ) for( md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++ ) { info = mbedtls_md_info_from_type( *md_type_ptr ); - TEST_ASSERT( info != NULL ); + TEST_ASSERT( info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_md_setup( &ctx, info, 0 ) == 0 ); TEST_ASSERT( mbedtls_md_process( &ctx, buf ) == 0 ); mbedtls_md_free( &ctx ); @@ -43,18 +43,22 @@ exit: void md_null_args( ) { mbedtls_md_context_t ctx; - const mbedtls_md_info_t *info = mbedtls_md_info_from_type( *( mbedtls_md_list() ) ); + mbedtls_md_handle_t info = mbedtls_md_info_from_type( *( mbedtls_md_list() ) ); unsigned char buf[1] = { 0 }; mbedtls_md_init( &ctx ); - TEST_ASSERT( mbedtls_md_get_size( NULL ) == 0 ); - TEST_ASSERT( mbedtls_md_get_type( NULL ) == MBEDTLS_MD_NONE ); - TEST_ASSERT( mbedtls_md_get_name( NULL ) == NULL ); + TEST_ASSERT( mbedtls_md_get_size( MBEDTLS_MD_INVALID_HANDLE ) + == 0 ); + TEST_ASSERT( mbedtls_md_get_type( MBEDTLS_MD_INVALID_HANDLE ) + == MBEDTLS_MD_NONE ); + TEST_ASSERT( mbedtls_md_get_name( MBEDTLS_MD_INVALID_HANDLE ) + == NULL ); - TEST_ASSERT( mbedtls_md_info_from_string( NULL ) == NULL ); + TEST_ASSERT( mbedtls_md_info_from_string( NULL ) == MBEDTLS_MD_INVALID_HANDLE ); - TEST_ASSERT( mbedtls_md_setup( &ctx, NULL, 0 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT( mbedtls_md_setup( &ctx, MBEDTLS_MD_INVALID_HANDLE, 0 ) + == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_setup( NULL, info, 0 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_starts( NULL ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); @@ -66,10 +70,12 @@ void md_null_args( ) TEST_ASSERT( mbedtls_md_finish( NULL, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_finish( &ctx, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md( NULL, buf, 1, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT( mbedtls_md( MBEDTLS_MD_INVALID_HANDLE, + buf, 1, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); #if defined(MBEDTLS_FS_IO) - TEST_ASSERT( mbedtls_md_file( NULL, "", buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT( mbedtls_md_file( MBEDTLS_MD_INVALID_HANDLE, + "", buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); #endif TEST_ASSERT( mbedtls_md_hmac_starts( NULL, buf, 1 ) @@ -90,27 +96,29 @@ void md_null_args( ) TEST_ASSERT( mbedtls_md_hmac_reset( NULL ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_hmac_reset( &ctx ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_hmac( NULL, buf, 1, buf, 1, buf ) + TEST_ASSERT( mbedtls_md_hmac( MBEDTLS_MD_INVALID_HANDLE, buf, 1, buf, 1, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_process( NULL, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_process( &ctx, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); /* Ok, this is not NULL arg but NULL return... */ - TEST_ASSERT( mbedtls_md_info_from_type( MBEDTLS_MD_NONE ) == NULL ); - TEST_ASSERT( mbedtls_md_info_from_string( "no such md" ) == NULL ); + TEST_ASSERT( mbedtls_md_info_from_type( MBEDTLS_MD_NONE ) == + MBEDTLS_MD_INVALID_HANDLE ); + TEST_ASSERT( mbedtls_md_info_from_string( "no such md" ) == + MBEDTLS_MD_INVALID_HANDLE ); } /* END_CASE */ /* BEGIN_CASE */ void md_info( int md_type, char * md_name, int md_size ) { - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; const int *md_type_ptr; int found; md_info = mbedtls_md_info_from_type( md_type ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( md_info == mbedtls_md_info_from_string( md_name ) ); TEST_ASSERT( mbedtls_md_get_type( md_info ) == (mbedtls_md_type_t) md_type ); @@ -132,7 +140,7 @@ void md_text( char * text_md_name, char * text_src_string, char md_name[100]; unsigned char src_str[1000]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; memset( md_name, 0x00, 100 ); memset( src_str, 0x00, 1000 ); @@ -141,7 +149,7 @@ void md_text( char * text_md_name, char * text_src_string, strncpy( (char *) src_str, text_src_string, sizeof( src_str ) - 1 ); strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string(md_name); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str, strlen( (char *) src_str ), output ) ); @@ -155,14 +163,14 @@ void md_hex( char * text_md_name, data_t * src_str, { char md_name[100]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; memset( md_name, 0x00, 100 ); memset( output, 0x00, 100 ); strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str->x, src_str->len, output ) ); @@ -181,7 +189,7 @@ void md_text_multi( char * text_md_name, char * text_src_string, unsigned char output[100]; int halfway, len; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; mbedtls_md_context_t ctx, ctx_copy; mbedtls_md_init( &ctx ); @@ -197,7 +205,7 @@ void md_text_multi( char * text_md_name, char * text_src_string, halfway = len / 2; md_info = mbedtls_md_info_from_string(md_name); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) ); TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) ); @@ -230,7 +238,7 @@ void md_hex_multi( char * text_md_name, data_t * src_str, { char md_name[100]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; mbedtls_md_context_t ctx, ctx_copy; int halfway; @@ -242,7 +250,7 @@ void md_hex_multi( char * text_md_name, data_t * src_str, strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string(md_name); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) ); TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) ); @@ -277,14 +285,14 @@ void mbedtls_md_hmac( char * text_md_name, int trunc_size, { char md_name[100]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; memset( md_name, 0x00, 100 ); memset( output, 0x00, 100 ); strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( mbedtls_md_hmac( md_info, key_str->x, key_str->len, src_str->x, src_str->len, output ) == 0 ); @@ -299,7 +307,7 @@ void md_hmac_multi( char * text_md_name, int trunc_size, data_t * key_str, { char md_name[100]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; mbedtls_md_context_t ctx; int halfway; @@ -310,7 +318,7 @@ void md_hmac_multi( char * text_md_name, int trunc_size, data_t * key_str, strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 1 ) ); halfway = src_str->len / 2; @@ -344,14 +352,14 @@ void mbedtls_md_file( char * text_md_name, char * filename, { char md_name[100]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; memset( md_name, 0x00, 100 ); memset( output, 0x00, 100 ); strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_md_file( md_info, filename, output ) == 0 ); diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 8b95baba9..fc917d003 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -593,7 +593,7 @@ void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod, TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); TEST_ASSERT( mbedtls_pk_verify( &pk, digest, hash_result, 0, @@ -709,7 +709,7 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, unsigned char sig[MBEDTLS_ECDSA_MAX_LEN]; unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN]; size_t hlen, slen, slen_check; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_pk_restart_init( &rs_ctx ); mbedtls_pk_init( &prv ); @@ -729,7 +729,7 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, slen_check = unhexify( sig_check, sig_str ); md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); hlen = mbedtls_md_get_size( md_info ); mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash ); diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 0723623a5..58c25bf67 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -275,8 +275,10 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q, TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PRIVATE, digest, 0, hash_result, output ) == result ); if( result == 0 ) @@ -313,9 +315,10 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N, TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); - - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 99be08ac0..a9635e17d 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -128,8 +128,10 @@ void pkcs1_rsassa_pss_sign( int mod, int radix_P, char * input_P, int radix_Q, TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PRIVATE, digest, 0, hash_result, output ) == result ); @@ -169,8 +171,10 @@ void pkcs1_rsassa_pss_verify( int mod, int radix_N, char * input_N, TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function index 26f1d3331..a8f052384 100644 --- a/tests/suites/test_suite_pkcs5.function +++ b/tests/suites/test_suite_pkcs5.function @@ -12,14 +12,14 @@ void pbkdf2_hmac( int hash, data_t * pw_str, data_t * salt_str, int it_cnt, int key_len, data_t * result_key_string ) { mbedtls_md_context_t ctx; - const mbedtls_md_info_t *info; + mbedtls_md_handle_t info; unsigned char key[100]; mbedtls_md_init( &ctx ); info = mbedtls_md_info_from_type( hash ); - TEST_ASSERT( info != NULL ); + TEST_ASSERT( info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_md_setup( &ctx, info, 1 ) == 0 ); TEST_ASSERT( mbedtls_pkcs5_pbkdf2_hmac( &ctx, pw_str->x, pw_str->len, salt_str->x, salt_str->len, it_cnt, key_len, key ) == 0 ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index f2a9b9878..4d22c9b35 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -497,8 +497,10 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, digest, 0, @@ -538,8 +540,10 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index b177779e7..80f5f16ca 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -102,12 +102,12 @@ static int build_transforms( mbedtls_ssl_transform *t_in, if( cipher_info->mode == MBEDTLS_MODE_CBC || cipher_info->mode == MBEDTLS_MODE_STREAM ) { - mbedtls_md_info_t const *md_info; + mbedtls_md_handle_t md_info; unsigned char *md0, *md1; /* Pick hash */ md_info = mbedtls_md_info_from_type( hash_id ); - CHK( md_info != NULL ); + CHK( md_info != MBEDTLS_MD_INVALID_HANDLE ); /* Pick hash keys */ maclen = mbedtls_md_get_size( md_info ); From 530387eaa3f488ef6edd00a2df1f940c8fa15fec Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 17 Jul 2019 14:10:26 +0100 Subject: [PATCH 02/37] Introduce getter functions for MD info fields This commit continues the introduction of the MD digest implementation abstraction layer given by `mbedtls_md_handle_t` by adding getter functions returning the various properties of an implementation (e.g. name, digest type, digest size). For the existing implementation, these are just structure field accesses; however, in configurations hardcoding the choice of a fixed digest algorithm, we'll be able to implement them as inline functions returning compile-time constants. --- include/mbedtls/md_internal.h | 108 ++++++++++++++++++++-- library/md.c | 127 +++++++++++++++++--------- tests/suites/test_suite_hkdf.function | 4 +- 3 files changed, 185 insertions(+), 54 deletions(-) diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index 698477b35..72a8e4645 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -44,6 +44,21 @@ extern "C" { * Message digest information. * Allows message digest functions to be called in a generic way. */ + +typedef int mbedtls_md_starts_func_t( void *ctx ); +typedef int mbedtls_md_update_func_t( void *ctx, + const unsigned char *input, + size_t ilen ); +typedef int mbedtls_md_finish_func_t( void *ctx, unsigned char *output ); +typedef int mbedtls_md_digest_func_t( const unsigned char *input, + size_t ilen, + unsigned char *output ); +typedef void* mbedtls_md_ctx_alloc_func_t( void ); +typedef void mbedtls_md_ctx_free_func_t( void *ctx ); +typedef void mbedtls_md_clone_func_t( void *st, const void *src ); +typedef int mbedtls_md_process_func_t( void *ctx, + const unsigned char *input ); + struct mbedtls_md_info_t { /** Digest identifier */ @@ -59,31 +74,106 @@ struct mbedtls_md_info_t int block_size; /** Digest initialisation function */ - int (*starts_func)( void *ctx ); + mbedtls_md_starts_func_t *starts_func; /** Digest update function */ - int (*update_func)( void *ctx, const unsigned char *input, size_t ilen ); + mbedtls_md_update_func_t *update_func; /** Digest finalisation function */ - int (*finish_func)( void *ctx, unsigned char *output ); + mbedtls_md_finish_func_t *finish_func; /** Generic digest function */ - int (*digest_func)( const unsigned char *input, size_t ilen, - unsigned char *output ); + mbedtls_md_digest_func_t *digest_func; /** Allocate a new context */ - void * (*ctx_alloc_func)( void ); + mbedtls_md_ctx_alloc_func_t *ctx_alloc_func; /** Free the given context */ - void (*ctx_free_func)( void *ctx ); + mbedtls_md_ctx_free_func_t *ctx_free_func; /** Clone state from a context */ - void (*clone_func)( void *dst, const void *src ); + mbedtls_md_clone_func_t *clone_func; /** Internal use only */ - int (*process_func)( void *ctx, const unsigned char *input ); + mbedtls_md_process_func_t *process_func; }; +/* + * Getter functions for MD info structure. + */ + +static inline mbedtls_md_type_t mbedtls_md_info_type( + mbedtls_md_handle_t info ) +{ + return( info->type ); +} + +static inline const char * mbedtls_md_info_name( + mbedtls_md_handle_t info ) +{ + return( info->name ); +} + +static inline int mbedtls_md_info_size( + mbedtls_md_handle_t info ) +{ + return( info->size ); +} + +static inline int mbedtls_md_info_block_size( + mbedtls_md_handle_t info ) +{ + return( info->block_size ); +} + +static inline mbedtls_md_starts_func_t *mbedtls_md_info_starts_func( + mbedtls_md_handle_t info ) +{ + return( info->starts_func ); +} + +static inline mbedtls_md_update_func_t *mbedtls_md_info_update_func( + mbedtls_md_handle_t info ) +{ + return( info->update_func ); +} + +static inline mbedtls_md_finish_func_t *mbedtls_md_info_finish_func( + mbedtls_md_handle_t info ) +{ + return( info->finish_func ); +} + +static inline mbedtls_md_digest_func_t *mbedtls_md_info_digest_func( + mbedtls_md_handle_t info ) +{ + return( info->digest_func ); +} + +static inline mbedtls_md_ctx_alloc_func_t *mbedtls_md_info_ctx_alloc_func( + mbedtls_md_handle_t info ) +{ + return( info->ctx_alloc_func ); +} + +static inline mbedtls_md_ctx_free_func_t *mbedtls_md_info_ctx_free_func( + mbedtls_md_handle_t info ) +{ + return( info->ctx_free_func ); +} + +static inline mbedtls_md_clone_func_t *mbedtls_md_info_clone_func( + mbedtls_md_handle_t info ) +{ + return( info->clone_func ); +} + +static inline mbedtls_md_process_func_t *mbedtls_md_info_process_func( + mbedtls_md_handle_t info ) +{ + return( info->process_func ); +} + #if defined(MBEDTLS_MD2_C) extern const mbedtls_md_info_t mbedtls_md2_info; #endif diff --git a/library/md.c b/library/md.c index d634606a2..3bb4bafa7 100644 --- a/library/md.c +++ b/library/md.c @@ -191,12 +191,12 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) return; if( ctx->md_ctx != NULL ) - ctx->md_info->ctx_free_func( ctx->md_ctx ); + mbedtls_md_info_ctx_free_func( ctx->md_info )( ctx->md_ctx ); if( ctx->hmac_ctx != NULL ) { mbedtls_platform_zeroize( ctx->hmac_ctx, - 2 * ctx->md_info->block_size ); + 2 * mbedtls_md_info_block_size( ctx->md_info ) ); mbedtls_free( ctx->hmac_ctx ); } @@ -213,8 +213,7 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); } - dst->md_info->clone_func( dst->md_ctx, src->md_ctx ); - + mbedtls_md_info_clone_func( dst->md_info )( dst->md_ctx, src->md_ctx ); return( 0 ); } @@ -230,15 +229,16 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, in if( md_info == MBEDTLS_MD_INVALID_HANDLE || ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL ) + ctx->md_ctx = mbedtls_md_info_ctx_alloc_func( md_info )(); + if( ctx->md_ctx == NULL ) return( MBEDTLS_ERR_MD_ALLOC_FAILED ); if( hmac != 0 ) { - ctx->hmac_ctx = mbedtls_calloc( 2, md_info->block_size ); + ctx->hmac_ctx = mbedtls_calloc( 2, mbedtls_md_info_block_size( md_info ) ); if( ctx->hmac_ctx == NULL ) { - md_info->ctx_free_func( ctx->md_ctx ); + mbedtls_md_info_ctx_free_func( md_info )( ctx->md_ctx ); return( MBEDTLS_ERR_MD_ALLOC_FAILED ); } } @@ -253,7 +253,7 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx ) if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( ctx->md_info->starts_func( ctx->md_ctx ) ); + return( mbedtls_md_info_starts_func( ctx->md_info )( ctx->md_ctx ) ); } int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) @@ -261,7 +261,8 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) ); + return( mbedtls_md_info_update_func( ctx->md_info )( ctx->md_ctx, + input, ilen ) ); } int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) @@ -269,7 +270,8 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( ctx->md_info->finish_func( ctx->md_ctx, output ) ); + return( mbedtls_md_info_finish_func( ctx->md_info )( ctx->md_ctx, + output ) ); } int mbedtls_md( mbedtls_md_handle_t md_info, const unsigned char *input, size_t ilen, @@ -278,7 +280,8 @@ int mbedtls_md( mbedtls_md_handle_t md_info, const unsigned char *input, size_t if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( md_info->digest_func( input, ilen, output ) ); + return( mbedtls_md_info_digest_func( md_info )( + input, ilen, output) ); } #if defined(MBEDTLS_FS_IO) @@ -301,17 +304,27 @@ int mbedtls_md_file( mbedtls_md_handle_t md_info, const char *path, unsigned cha if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 ) goto cleanup; - if( ( ret = md_info->starts_func( ctx.md_ctx ) ) != 0 ) + ret = mbedtls_md_info_starts_func( md_info )( ctx.md_ctx ); + if( ret != 0 ) goto cleanup; while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) - if( ( ret = md_info->update_func( ctx.md_ctx, buf, n ) ) != 0 ) + { + ret = mbedtls_md_info_update_func( md_info )( ctx.md_ctx, + buf, n ); + if( ret != 0 ) goto cleanup; + } if( ferror( f ) != 0 ) + { ret = MBEDTLS_ERR_MD_FILE_IO_ERROR; + } else - ret = md_info->finish_func( ctx.md_ctx, output ); + { + ret = mbedtls_md_info_finish_func( md_info )( ctx.md_ctx, + output ); + } cleanup: mbedtls_platform_zeroize( buf, sizeof( buf ) ); @@ -329,6 +342,10 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, unsigned char *ipad, *opad; size_t i; + mbedtls_md_starts_func_t *starts; + mbedtls_md_update_func_t *update; + mbedtls_md_finish_func_t *finish; + if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || ctx->hmac_ctx == NULL ) @@ -336,24 +353,30 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); } - if( keylen > (size_t) ctx->md_info->block_size ) + starts = mbedtls_md_info_starts_func( ctx->md_info ); + update = mbedtls_md_info_update_func( ctx->md_info ); + finish = mbedtls_md_info_finish_func( ctx->md_info ); + + if( keylen > (size_t) mbedtls_md_info_block_size( ctx->md_info ) ) { - if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 ) - goto cleanup; - if( ( ret = ctx->md_info->update_func( ctx->md_ctx, key, keylen ) ) != 0 ) - goto cleanup; - if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, sum ) ) != 0 ) + if( ( ret = starts( ctx->md_ctx ) ) != 0 ) goto cleanup; - keylen = ctx->md_info->size; + if( ( ret = update( ctx->md_ctx, key, keylen ) ) ) + goto cleanup; + + if( ( ret = finish( ctx->md_ctx, sum ) ) != 0 ) + goto cleanup; + + keylen = mbedtls_md_info_size( ctx->md_info ); key = sum; } ipad = (unsigned char *) ctx->hmac_ctx; - opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size; + opad = (unsigned char *) ctx->hmac_ctx + mbedtls_md_info_block_size( ctx->md_info ); - memset( ipad, 0x36, ctx->md_info->block_size ); - memset( opad, 0x5C, ctx->md_info->block_size ); + memset( ipad, 0x36, mbedtls_md_info_block_size( ctx->md_info ) ); + memset( opad, 0x5C, mbedtls_md_info_block_size( ctx->md_info ) ); for( i = 0; i < keylen; i++ ) { @@ -361,10 +384,10 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, opad[i] = (unsigned char)( opad[i] ^ key[i] ); } - if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 ) + if( ( ret = starts( ctx->md_ctx ) ) != 0 ) goto cleanup; - if( ( ret = ctx->md_info->update_func( ctx->md_ctx, ipad, - ctx->md_info->block_size ) ) != 0 ) + + if( ( ret = update( ctx->md_ctx, ipad, mbedtls_md_info_block_size( ctx->md_info ) ) ) != 0 ) goto cleanup; cleanup: @@ -382,7 +405,8 @@ int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *inpu return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); } - return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) ); + return( mbedtls_md_info_update_func( ctx->md_info )( + ctx->md_ctx, input, ilen ) ); } int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) @@ -391,6 +415,10 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; unsigned char *opad; + mbedtls_md_starts_func_t *starts; + mbedtls_md_update_func_t *update; + mbedtls_md_finish_func_t *finish; + if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || ctx->hmac_ctx == NULL ) @@ -398,19 +426,28 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); } - opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size; + starts = mbedtls_md_info_starts_func( ctx->md_info ); + update = mbedtls_md_info_update_func( ctx->md_info ); + finish = mbedtls_md_info_finish_func( ctx->md_info ); - if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, tmp ) ) != 0 ) + opad = (unsigned char *) ctx->hmac_ctx + mbedtls_md_info_block_size( ctx->md_info ); + + if( ( ret = finish( ctx->md_ctx, tmp ) ) != 0 ) return( ret ); - if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 ) + + if( ( ret = starts( ctx->md_ctx ) ) != 0 ) return( ret ); - if( ( ret = ctx->md_info->update_func( ctx->md_ctx, opad, - ctx->md_info->block_size ) ) != 0 ) + + if( ( ret = update( ctx->md_ctx, opad, mbedtls_md_info_block_size( ctx->md_info ) ) ) != 0 ) return( ret ); - if( ( ret = ctx->md_info->update_func( ctx->md_ctx, tmp, - ctx->md_info->size ) ) != 0 ) + + if( ( ret = update( ctx->md_ctx, tmp, mbedtls_md_info_size( ctx->md_info ) ) ) != 0 ) return( ret ); - return( ctx->md_info->finish_func( ctx->md_ctx, output ) ); + + if( ( ret = finish( ctx->md_ctx, output ) ) != 0 ) + return( ret ); + + return( 0 ); } int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) @@ -427,10 +464,13 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) ipad = (unsigned char *) ctx->hmac_ctx; - if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 ) + ret = mbedtls_md_info_starts_func( ctx->md_info )( ctx->md_ctx ); + if( ret != 0 ) return( ret ); - return( ctx->md_info->update_func( ctx->md_ctx, ipad, - ctx->md_info->block_size ) ); + + ret = mbedtls_md_info_update_func( ctx->md_info )( + ctx->md_ctx, ipad, mbedtls_md_info_block_size( ctx->md_info ) ); + return( ret ); } int mbedtls_md_hmac( mbedtls_md_handle_t md_info, @@ -470,7 +510,8 @@ int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); } - return( ctx->md_info->process_func( ctx->md_ctx, data ) ); + return( mbedtls_md_info_process_func( ctx->md_info )( + ctx->md_ctx, data ) ); } unsigned char mbedtls_md_get_size( mbedtls_md_handle_t md_info ) @@ -478,7 +519,7 @@ unsigned char mbedtls_md_get_size( mbedtls_md_handle_t md_info ) if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( 0 ); - return md_info->size; + return mbedtls_md_info_size( md_info ); } mbedtls_md_type_t mbedtls_md_get_type( mbedtls_md_handle_t md_info ) @@ -486,7 +527,7 @@ mbedtls_md_type_t mbedtls_md_get_type( mbedtls_md_handle_t md_info ) if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_MD_NONE ); - return md_info->type; + return mbedtls_md_info_type( md_info ); } const char *mbedtls_md_get_name( mbedtls_md_handle_t md_info ) @@ -494,7 +535,7 @@ const char *mbedtls_md_get_name( mbedtls_md_handle_t md_info ) if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( NULL ); - return md_info->name; + return mbedtls_md_info_name( md_info ); } #endif /* MBEDTLS_MD_C */ diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index 7e83b57e6..e9673639f 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -114,7 +114,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:!MBEDTLS_MD_SINGLE_HASH */ void test_hkdf_extract_ret( int hash_len, int ret ) { int output_ret; @@ -141,7 +141,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:!MBEDTLS_MD_SINGLE_HASH */ void test_hkdf_expand_ret( int hash_len, int prk_len, int okm_len, int ret ) { int output_ret; From 0e7fc3166de7d678f4c849263a4e708ffc676622 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 17 Jul 2019 11:23:12 +0100 Subject: [PATCH 03/37] Inline md_wrap.c in md.c md_wrap.c doesn't expose any public functionality and doesn't need to be present as a separate compilation unit. --- library/CMakeLists.txt | 1 - library/Makefile | 2 +- library/md.c | 2 ++ 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 461843b05..bb975cd35 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -38,7 +38,6 @@ set(src_crypto md2.c md4.c md5.c - md_wrap.c memory_buffer_alloc.c nist_kw.c oid.c diff --git a/library/Makefile b/library/Makefile index 50faed9ca..062846b7b 100644 --- a/library/Makefile +++ b/library/Makefile @@ -77,7 +77,7 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ error.o gcm.o havege.o \ hkdf.o \ hmac_drbg.o md.o md2.o \ - md4.o md5.o md_wrap.o \ + md4.o md5.o \ memory_buffer_alloc.o nist_kw.o \ oid.o padlock.o pem.o \ pk.o pk_wrap.o pkcs12.o \ diff --git a/library/md.c b/library/md.c index 3bb4bafa7..e1d7e9d01 100644 --- a/library/md.c +++ b/library/md.c @@ -49,6 +49,8 @@ #include #endif +#include "md_wrap.c" + /* * Reminder: update profiles in x509_crt.c when adding a new hash! */ From 62a44d43b013a780f964ffc1593464038b3383e5 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 17 Jul 2019 14:14:01 +0100 Subject: [PATCH 04/37] Allow defining MD information structs through macros In builds enabling only a single MD digest, we want to be able to implement the MD info getter functions by returning compile-time constants matching the fields of the MD info structures used so far. To avoid information duplication hardening maintainability, this commit introduces the possibility of providing the various aspects of a particular digest implementation by defining macros MBEDTLS_MD_INFO_DIGEST_FIELD (e.g. MBEDTLS_MD_INFO_SHA256_SIZE) and to generate the corresponding mbedtls_md_info instance from this set of macros, via the new macro MBEDTLS_MD_INFO(). This way, we'll be able to switch between MD info based builds and single-digest builds without information duplication. --- include/mbedtls/md_internal.h | 71 +++++++++++++++++++++++++++++++++++ library/md_wrap.c | 16 +------- 2 files changed, 73 insertions(+), 14 deletions(-) diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index 72a8e4645..43ee48fb4 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -40,6 +40,59 @@ extern "C" { #endif +/* + * Message-digest information macro definition + */ + +/* SHA-256 */ +#define MBEDTLS_MD_INFO_SHA256_TYPE MBEDTLS_MD_SHA256 +#define MBEDTLS_MD_INFO_SHA256_NAME "SHA256" +#define MBEDTLS_MD_INFO_SHA256_SIZE 32 +#define MBEDTLS_MD_INFO_SHA256_BLOCKSIZE 64 +#define MBEDTLS_MD_INFO_SHA256_STARTS_FUNC sha256_starts_wrap +#define MBEDTLS_MD_INFO_SHA256_UPDATE_FUNC sha224_update_wrap +#define MBEDTLS_MD_INFO_SHA256_FINISH_FUNC sha224_finish_wrap +#define MBEDTLS_MD_INFO_SHA256_DIGEST_FUNC sha256_wrap +#define MBEDTLS_MD_INFO_SHA256_ALLOC_FUNC sha224_ctx_alloc +#define MBEDTLS_MD_INFO_SHA256_FREE_FUNC sha224_ctx_free +#define MBEDTLS_MD_INFO_SHA256_CLONE_FUNC sha224_clone_wrap +#define MBEDTLS_MD_INFO_SHA256_PROCESS_FUNC sha224_process_wrap + +/* + * Helper macros to extract fields from ciphersuites. + */ + +#define MBEDTLS_MD_INFO_TYPE_T( MD ) MD ## _TYPE +#define MBEDTLS_MD_INFO_NAME_T( MD ) MD ## _NAME +#define MBEDTLS_MD_INFO_SIZE_T( MD ) MD ## _SIZE +#define MBEDTLS_MD_INFO_BLOCKSIZE_T( MD ) MD ## _BLOCKSIZE +#define MBEDTLS_MD_INFO_STARTS_FUNC_T( MD ) MD ## _STARTS_FUNC +#define MBEDTLS_MD_INFO_UPDATE_FUNC_T( MD ) MD ## _UPDATE_FUNC +#define MBEDTLS_MD_INFO_FINISH_FUNC_T( MD ) MD ## _FINISH_FUNC +#define MBEDTLS_MD_INFO_DIGEST_FUNC_T( MD ) MD ## _DIGEST_FUNC +#define MBEDTLS_MD_INFO_ALLOC_FUNC_T( MD ) MD ## _ALLOC_FUNC +#define MBEDTLS_MD_INFO_FREE_FUNC_T( MD ) MD ## _FREE_FUNC +#define MBEDTLS_MD_INFO_CLONE_FUNC_T( MD ) MD ## _CLONE_FUNC +#define MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD ) MD ## _PROCESS_FUNC + +/* Wrapper around MBEDTLS_MD_INFO_XXX_T() which makes sure that + * the argument is macro-expanded before concatenated with the + * field name. This allows to call these macros as + * MBEDTLS_MD_INFO_XXX( MBEDTLS_SSL_CONF_SINGLE_HASH ). + * where MBEDTLS_SSL_CONF_SINGLE_HASH expands to MBEDTLS_MD_INFO_XXX. */ +#define MBEDTLS_MD_INFO_TYPE( MD ) MBEDTLS_MD_INFO_TYPE_T( MD ) +#define MBEDTLS_MD_INFO_NAME( MD ) MBEDTLS_MD_INFO_NAME_T( MD ) +#define MBEDTLS_MD_INFO_SIZE( MD ) MBEDTLS_MD_INFO_SIZE_T( MD ) +#define MBEDTLS_MD_INFO_BLOCKSIZE( MD ) MBEDTLS_MD_INFO_BLOCKSIZE_T( MD ) +#define MBEDTLS_MD_INFO_STARTS_FUNC( MD ) MBEDTLS_MD_INFO_STARTS_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_UPDATE_FUNC( MD ) MBEDTLS_MD_INFO_UPDATE_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_FINISH_FUNC( MD ) MBEDTLS_MD_INFO_FINISH_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_DIGEST_FUNC( MD ) MBEDTLS_MD_INFO_DIGEST_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_ALLOC_FUNC( MD ) MBEDTLS_MD_INFO_ALLOC_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_FREE_FUNC( MD ) MBEDTLS_MD_INFO_FREE_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_CLONE_FUNC( MD ) MBEDTLS_MD_INFO_CLONE_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD ) + /** * Message digest information. * Allows message digest functions to be called in a generic way. @@ -98,6 +151,24 @@ struct mbedtls_md_info_t mbedtls_md_process_func_t *process_func; }; +/** + * \brief This macro builds an instance of ::mbedtls_md_info_t + * from an \c MBEDTLS_MD_INFO_XXX identifier. + */ +#define MBEDTLS_MD_INFO( MD ) \ + { MBEDTLS_MD_INFO_TYPE( MD ), \ + MBEDTLS_MD_INFO_NAME( MD ), \ + MBEDTLS_MD_INFO_SIZE( MD ), \ + MBEDTLS_MD_INFO_BLOCKSIZE( MD ), \ + MBEDTLS_MD_INFO_STARTS_FUNC( MD ), \ + MBEDTLS_MD_INFO_UPDATE_FUNC( MD ), \ + MBEDTLS_MD_INFO_FINISH_FUNC( MD ), \ + MBEDTLS_MD_INFO_DIGEST_FUNC( MD ), \ + MBEDTLS_MD_INFO_ALLOC_FUNC( MD ), \ + MBEDTLS_MD_INFO_FREE_FUNC( MD ), \ + MBEDTLS_MD_INFO_CLONE_FUNC( MD ), \ + MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) } + /* * Getter functions for MD info structure. */ diff --git a/library/md_wrap.c b/library/md_wrap.c index 0f8132fbf..f974ba0c6 100644 --- a/library/md_wrap.c +++ b/library/md_wrap.c @@ -475,20 +475,8 @@ static int sha256_wrap( const unsigned char *input, size_t ilen, return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); } -const mbedtls_md_info_t mbedtls_sha256_info = { - MBEDTLS_MD_SHA256, - "SHA256", - 32, - 64, - sha256_starts_wrap, - sha224_update_wrap, - sha224_finish_wrap, - sha256_wrap, - sha224_ctx_alloc, - sha224_ctx_free, - sha224_clone_wrap, - sha224_process_wrap, -}; +const mbedtls_md_info_t mbedtls_sha256_info = + MBEDTLS_MD_INFO( MBEDTLS_MD_INFO_SHA256 ); #endif /* MBEDTLS_SHA256_C */ From d3827c74d54f2fa0523fab16c6edf6f3f8c203dc Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 3 Sep 2019 12:56:37 +0100 Subject: [PATCH 05/37] Introduce getter for MD handle from MD context --- include/mbedtls/md.h | 6 ++ library/hmac_drbg.c | 6 +- library/md.c | 167 +++++++++++++++++++++++++++---------------- library/pkcs5.c | 2 +- library/rsa.c | 2 +- 5 files changed, 117 insertions(+), 66 deletions(-) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 40624e44a..111427f39 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -104,6 +104,12 @@ typedef struct mbedtls_md_context_t void *hmac_ctx; } mbedtls_md_context_t; +static inline mbedtls_md_handle_t mbedtls_md_get_handle( + struct mbedtls_md_context_t const *ctx ) +{ + return( ctx->md_info ); +} + /** * \brief This function returns the list of digests supported by the * generic digest module. diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index c9c541d83..b51e9b18d 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -70,7 +70,8 @@ int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t add_len ) { - size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); + size_t md_len = mbedtls_md_get_size( + mbedtls_md_get_handle( &ctx->md_ctx ) ); unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1; unsigned char sep[1]; unsigned char K[MBEDTLS_MD_MAX_SIZE]; @@ -329,7 +330,8 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng, { int ret; mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng; - size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); + size_t md_len = mbedtls_md_get_size( + mbedtls_md_get_handle( &ctx->md_ctx ) ); size_t left = out_len; unsigned char *out = output; diff --git a/library/md.c b/library/md.c index e1d7e9d01..81e30235c 100644 --- a/library/md.c +++ b/library/md.c @@ -189,16 +189,19 @@ void mbedtls_md_init( mbedtls_md_context_t *ctx ) void mbedtls_md_free( mbedtls_md_context_t *ctx ) { - if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) + if( ctx == NULL || mbedtls_md_get_handle( ctx ) == MBEDTLS_MD_INVALID_HANDLE ) return; if( ctx->md_ctx != NULL ) - mbedtls_md_info_ctx_free_func( ctx->md_info )( ctx->md_ctx ); + { + mbedtls_md_info_ctx_free_func( + mbedtls_md_get_handle( ctx ) )( ctx->md_ctx ); + } if( ctx->hmac_ctx != NULL ) { mbedtls_platform_zeroize( ctx->hmac_ctx, - 2 * mbedtls_md_info_block_size( ctx->md_info ) ); + 2 * mbedtls_md_info_block_size( mbedtls_md_get_handle( ctx ) ) ); mbedtls_free( ctx->hmac_ctx ); } @@ -208,14 +211,15 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) int mbedtls_md_clone( mbedtls_md_context_t *dst, const mbedtls_md_context_t *src ) { - if( dst == NULL || dst->md_info == MBEDTLS_MD_INVALID_HANDLE || - src == NULL || src->md_info == MBEDTLS_MD_INVALID_HANDLE || - dst->md_info != src->md_info ) + if( dst == NULL || mbedtls_md_get_handle( dst ) == MBEDTLS_MD_INVALID_HANDLE || + src == NULL || mbedtls_md_get_handle( src ) == MBEDTLS_MD_INVALID_HANDLE || + mbedtls_md_get_handle( dst ) != mbedtls_md_get_handle( src ) ) { return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); } - mbedtls_md_info_clone_func( dst->md_info )( dst->md_ctx, src->md_ctx ); + mbedtls_md_info_clone_func( mbedtls_md_get_handle( dst ) ) + ( dst->md_ctx, src->md_ctx ); return( 0 ); } @@ -237,7 +241,8 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, in if( hmac != 0 ) { - ctx->hmac_ctx = mbedtls_calloc( 2, mbedtls_md_info_block_size( md_info ) ); + ctx->hmac_ctx = mbedtls_calloc( 2, + mbedtls_md_info_block_size( md_info ) ); if( ctx->hmac_ctx == NULL ) { mbedtls_md_info_ctx_free_func( md_info )( ctx->md_ctx ); @@ -252,28 +257,43 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, in int mbedtls_md_starts( mbedtls_md_context_t *ctx ) { - if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) + mbedtls_md_handle_t md_info; + if( ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( mbedtls_md_info_starts_func( ctx->md_info )( ctx->md_ctx ) ); + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_starts_func( md_info )( ctx->md_ctx ) ); } int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) { - if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) + mbedtls_md_handle_t md_info; + if( ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( mbedtls_md_info_update_func( ctx->md_info )( ctx->md_ctx, - input, ilen ) ); + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_update_func( md_info )( ctx->md_ctx, + input, ilen ) ); } int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) { - if( ctx == NULL || ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) + mbedtls_md_handle_t md_info; + if( ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( mbedtls_md_info_finish_func( ctx->md_info )( ctx->md_ctx, - output ) ); + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_finish_func( md_info )( ctx->md_ctx, + output ) ); } int mbedtls_md( mbedtls_md_handle_t md_info, const unsigned char *input, size_t ilen, @@ -348,18 +368,20 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, mbedtls_md_update_func_t *update; mbedtls_md_finish_func_t *finish; - if( ctx == NULL || - ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || - ctx->hmac_ctx == NULL ) - { + mbedtls_md_handle_t md_info; + + if( ctx == NULL || ctx->hmac_ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - } - starts = mbedtls_md_info_starts_func( ctx->md_info ); - update = mbedtls_md_info_update_func( ctx->md_info ); - finish = mbedtls_md_info_finish_func( ctx->md_info ); + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - if( keylen > (size_t) mbedtls_md_info_block_size( ctx->md_info ) ) + starts = mbedtls_md_info_starts_func( md_info ); + update = mbedtls_md_info_update_func( md_info ); + finish = mbedtls_md_info_finish_func( md_info ); + + if( keylen > (size_t) mbedtls_md_info_block_size( md_info ) ) { if( ( ret = starts( ctx->md_ctx ) ) != 0 ) goto cleanup; @@ -370,15 +392,16 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, if( ( ret = finish( ctx->md_ctx, sum ) ) != 0 ) goto cleanup; - keylen = mbedtls_md_info_size( ctx->md_info ); + keylen = mbedtls_md_info_size( md_info ); key = sum; } ipad = (unsigned char *) ctx->hmac_ctx; - opad = (unsigned char *) ctx->hmac_ctx + mbedtls_md_info_block_size( ctx->md_info ); + opad = (unsigned char *) ctx->hmac_ctx + + mbedtls_md_info_block_size( md_info ); - memset( ipad, 0x36, mbedtls_md_info_block_size( ctx->md_info ) ); - memset( opad, 0x5C, mbedtls_md_info_block_size( ctx->md_info ) ); + memset( ipad, 0x36, mbedtls_md_info_block_size( md_info ) ); + memset( opad, 0x5C, mbedtls_md_info_block_size( md_info ) ); for( i = 0; i < keylen; i++ ) { @@ -389,8 +412,11 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, if( ( ret = starts( ctx->md_ctx ) ) != 0 ) goto cleanup; - if( ( ret = update( ctx->md_ctx, ipad, mbedtls_md_info_block_size( ctx->md_info ) ) ) != 0 ) + if( ( ret = update( ctx->md_ctx, ipad, + mbedtls_md_info_block_size( md_info ) ) ) != 0 ) + { goto cleanup; + } cleanup: mbedtls_platform_zeroize( sum, sizeof( sum ) ); @@ -398,16 +424,19 @@ cleanup: return( ret ); } -int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) +int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, + const unsigned char *input, size_t ilen ) { - if( ctx == NULL || - ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || - ctx->hmac_ctx == NULL ) - { - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - } + mbedtls_md_handle_t md_info; - return( mbedtls_md_info_update_func( ctx->md_info )( + if( ctx == NULL || ctx->hmac_ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_update_func( md_info )( ctx->md_ctx, input, ilen ) ); } @@ -421,18 +450,21 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) mbedtls_md_update_func_t *update; mbedtls_md_finish_func_t *finish; - if( ctx == NULL || - ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || - ctx->hmac_ctx == NULL ) - { + mbedtls_md_handle_t md_info; + + if( ctx == NULL || ctx->hmac_ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - } - starts = mbedtls_md_info_starts_func( ctx->md_info ); - update = mbedtls_md_info_update_func( ctx->md_info ); - finish = mbedtls_md_info_finish_func( ctx->md_info ); + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - opad = (unsigned char *) ctx->hmac_ctx + mbedtls_md_info_block_size( ctx->md_info ); + starts = mbedtls_md_info_starts_func( md_info ); + update = mbedtls_md_info_update_func( md_info ); + finish = mbedtls_md_info_finish_func( md_info ); + + opad = (unsigned char *) ctx->hmac_ctx + + mbedtls_md_info_block_size( md_info ); if( ( ret = finish( ctx->md_ctx, tmp ) ) != 0 ) return( ret ); @@ -440,11 +472,17 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) if( ( ret = starts( ctx->md_ctx ) ) != 0 ) return( ret ); - if( ( ret = update( ctx->md_ctx, opad, mbedtls_md_info_block_size( ctx->md_info ) ) ) != 0 ) + if( ( ret = update( ctx->md_ctx, opad, + mbedtls_md_info_block_size( md_info ) ) ) != 0 ) + { return( ret ); + } - if( ( ret = update( ctx->md_ctx, tmp, mbedtls_md_info_size( ctx->md_info ) ) ) != 0 ) + if( ( ret = update( ctx->md_ctx, tmp, + mbedtls_md_info_size( md_info ) ) ) != 0 ) + { return( ret ); + } if( ( ret = finish( ctx->md_ctx, output ) ) != 0 ) return( ret ); @@ -457,21 +495,24 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) int ret; unsigned char *ipad; - if( ctx == NULL || - ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || - ctx->hmac_ctx == NULL ) - { + mbedtls_md_handle_t md_info; + + if( ctx == NULL || ctx->hmac_ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - } ipad = (unsigned char *) ctx->hmac_ctx; - ret = mbedtls_md_info_starts_func( ctx->md_info )( ctx->md_ctx ); + ret = mbedtls_md_info_starts_func( md_info )( ctx->md_ctx ); if( ret != 0 ) return( ret ); - ret = mbedtls_md_info_update_func( ctx->md_info )( - ctx->md_ctx, ipad, mbedtls_md_info_block_size( ctx->md_info ) ); + ret = mbedtls_md_info_update_func( md_info )( + ctx->md_ctx, ipad, + mbedtls_md_info_block_size( md_info ) ); return( ret ); } @@ -506,13 +547,15 @@ cleanup: int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) { - if( ctx == NULL || - ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ) - { + mbedtls_md_handle_t md_info; + if( ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - } - return( mbedtls_md_info_process_func( ctx->md_info )( + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_process_func( md_info )( ctx->md_ctx, data ) ); } diff --git a/library/pkcs5.c b/library/pkcs5.c index 2717aaa56..a517778a4 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -226,7 +226,7 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p unsigned int i; unsigned char md1[MBEDTLS_MD_MAX_SIZE]; unsigned char work[MBEDTLS_MD_MAX_SIZE]; - unsigned char md_size = mbedtls_md_get_size( ctx->md_info ); + unsigned char md_size = mbedtls_md_get_size( mbedtls_md_get_handle( ctx ) ); size_t use_len; unsigned char *out_p = output; unsigned char counter[4]; diff --git a/library/rsa.c b/library/rsa.c index 2674c1094..3bfc73ec5 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1076,7 +1076,7 @@ static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, memset( mask, 0, MBEDTLS_MD_MAX_SIZE ); memset( counter, 0, 4 ); - hlen = mbedtls_md_get_size( md_ctx->md_info ); + hlen = mbedtls_md_get_size( mbedtls_md_get_handle( md_ctx ) ); /* Generate and apply dbMask */ p = dst; From d03949e2a48ca7b9b6a1e5995daaf923b3bb2048 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 26 Jul 2019 14:38:44 +0100 Subject: [PATCH 06/37] Remove md_wrap.c and md_internal.h --- include/mbedtls/md.h | 2 +- include/mbedtls/md_internal.h | 278 --------- library/md.c | 773 +++++++++++++++++++++++++- library/md_wrap.c | 580 ------------------- programs/test/cpp_dummy_build.cpp | 1 - tests/suites/test_suite_hkdf.function | 1 - visualc/VS2010/mbedTLS.vcxproj | 1 - 7 files changed, 772 insertions(+), 864 deletions(-) delete mode 100644 include/mbedtls/md_internal.h delete mode 100644 library/md_wrap.c diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 111427f39..c28ee1fd0 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -81,7 +81,7 @@ typedef enum { #endif /** - * Opaque struct defined in md_internal.h. + * Opaque struct defined in md.c. */ typedef struct mbedtls_md_info_t mbedtls_md_info_t; diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h deleted file mode 100644 index 43ee48fb4..000000000 --- a/include/mbedtls/md_internal.h +++ /dev/null @@ -1,278 +0,0 @@ -/** - * \file md_internal.h - * - * \brief Message digest wrappers. - * - * \warning This in an internal header. Do not include directly. - * - * \author Adriaan de Jong - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#ifndef MBEDTLS_MD_WRAP_H -#define MBEDTLS_MD_WRAP_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include "md.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * Message-digest information macro definition - */ - -/* SHA-256 */ -#define MBEDTLS_MD_INFO_SHA256_TYPE MBEDTLS_MD_SHA256 -#define MBEDTLS_MD_INFO_SHA256_NAME "SHA256" -#define MBEDTLS_MD_INFO_SHA256_SIZE 32 -#define MBEDTLS_MD_INFO_SHA256_BLOCKSIZE 64 -#define MBEDTLS_MD_INFO_SHA256_STARTS_FUNC sha256_starts_wrap -#define MBEDTLS_MD_INFO_SHA256_UPDATE_FUNC sha224_update_wrap -#define MBEDTLS_MD_INFO_SHA256_FINISH_FUNC sha224_finish_wrap -#define MBEDTLS_MD_INFO_SHA256_DIGEST_FUNC sha256_wrap -#define MBEDTLS_MD_INFO_SHA256_ALLOC_FUNC sha224_ctx_alloc -#define MBEDTLS_MD_INFO_SHA256_FREE_FUNC sha224_ctx_free -#define MBEDTLS_MD_INFO_SHA256_CLONE_FUNC sha224_clone_wrap -#define MBEDTLS_MD_INFO_SHA256_PROCESS_FUNC sha224_process_wrap - -/* - * Helper macros to extract fields from ciphersuites. - */ - -#define MBEDTLS_MD_INFO_TYPE_T( MD ) MD ## _TYPE -#define MBEDTLS_MD_INFO_NAME_T( MD ) MD ## _NAME -#define MBEDTLS_MD_INFO_SIZE_T( MD ) MD ## _SIZE -#define MBEDTLS_MD_INFO_BLOCKSIZE_T( MD ) MD ## _BLOCKSIZE -#define MBEDTLS_MD_INFO_STARTS_FUNC_T( MD ) MD ## _STARTS_FUNC -#define MBEDTLS_MD_INFO_UPDATE_FUNC_T( MD ) MD ## _UPDATE_FUNC -#define MBEDTLS_MD_INFO_FINISH_FUNC_T( MD ) MD ## _FINISH_FUNC -#define MBEDTLS_MD_INFO_DIGEST_FUNC_T( MD ) MD ## _DIGEST_FUNC -#define MBEDTLS_MD_INFO_ALLOC_FUNC_T( MD ) MD ## _ALLOC_FUNC -#define MBEDTLS_MD_INFO_FREE_FUNC_T( MD ) MD ## _FREE_FUNC -#define MBEDTLS_MD_INFO_CLONE_FUNC_T( MD ) MD ## _CLONE_FUNC -#define MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD ) MD ## _PROCESS_FUNC - -/* Wrapper around MBEDTLS_MD_INFO_XXX_T() which makes sure that - * the argument is macro-expanded before concatenated with the - * field name. This allows to call these macros as - * MBEDTLS_MD_INFO_XXX( MBEDTLS_SSL_CONF_SINGLE_HASH ). - * where MBEDTLS_SSL_CONF_SINGLE_HASH expands to MBEDTLS_MD_INFO_XXX. */ -#define MBEDTLS_MD_INFO_TYPE( MD ) MBEDTLS_MD_INFO_TYPE_T( MD ) -#define MBEDTLS_MD_INFO_NAME( MD ) MBEDTLS_MD_INFO_NAME_T( MD ) -#define MBEDTLS_MD_INFO_SIZE( MD ) MBEDTLS_MD_INFO_SIZE_T( MD ) -#define MBEDTLS_MD_INFO_BLOCKSIZE( MD ) MBEDTLS_MD_INFO_BLOCKSIZE_T( MD ) -#define MBEDTLS_MD_INFO_STARTS_FUNC( MD ) MBEDTLS_MD_INFO_STARTS_FUNC_T( MD ) -#define MBEDTLS_MD_INFO_UPDATE_FUNC( MD ) MBEDTLS_MD_INFO_UPDATE_FUNC_T( MD ) -#define MBEDTLS_MD_INFO_FINISH_FUNC( MD ) MBEDTLS_MD_INFO_FINISH_FUNC_T( MD ) -#define MBEDTLS_MD_INFO_DIGEST_FUNC( MD ) MBEDTLS_MD_INFO_DIGEST_FUNC_T( MD ) -#define MBEDTLS_MD_INFO_ALLOC_FUNC( MD ) MBEDTLS_MD_INFO_ALLOC_FUNC_T( MD ) -#define MBEDTLS_MD_INFO_FREE_FUNC( MD ) MBEDTLS_MD_INFO_FREE_FUNC_T( MD ) -#define MBEDTLS_MD_INFO_CLONE_FUNC( MD ) MBEDTLS_MD_INFO_CLONE_FUNC_T( MD ) -#define MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD ) - -/** - * Message digest information. - * Allows message digest functions to be called in a generic way. - */ - -typedef int mbedtls_md_starts_func_t( void *ctx ); -typedef int mbedtls_md_update_func_t( void *ctx, - const unsigned char *input, - size_t ilen ); -typedef int mbedtls_md_finish_func_t( void *ctx, unsigned char *output ); -typedef int mbedtls_md_digest_func_t( const unsigned char *input, - size_t ilen, - unsigned char *output ); -typedef void* mbedtls_md_ctx_alloc_func_t( void ); -typedef void mbedtls_md_ctx_free_func_t( void *ctx ); -typedef void mbedtls_md_clone_func_t( void *st, const void *src ); -typedef int mbedtls_md_process_func_t( void *ctx, - const unsigned char *input ); - -struct mbedtls_md_info_t -{ - /** Digest identifier */ - mbedtls_md_type_t type; - - /** Name of the message digest */ - const char * name; - - /** Output length of the digest function in bytes */ - int size; - - /** Block length of the digest function in bytes */ - int block_size; - - /** Digest initialisation function */ - mbedtls_md_starts_func_t *starts_func; - - /** Digest update function */ - mbedtls_md_update_func_t *update_func; - - /** Digest finalisation function */ - mbedtls_md_finish_func_t *finish_func; - - /** Generic digest function */ - mbedtls_md_digest_func_t *digest_func; - - /** Allocate a new context */ - mbedtls_md_ctx_alloc_func_t *ctx_alloc_func; - - /** Free the given context */ - mbedtls_md_ctx_free_func_t *ctx_free_func; - - /** Clone state from a context */ - mbedtls_md_clone_func_t *clone_func; - - /** Internal use only */ - mbedtls_md_process_func_t *process_func; -}; - -/** - * \brief This macro builds an instance of ::mbedtls_md_info_t - * from an \c MBEDTLS_MD_INFO_XXX identifier. - */ -#define MBEDTLS_MD_INFO( MD ) \ - { MBEDTLS_MD_INFO_TYPE( MD ), \ - MBEDTLS_MD_INFO_NAME( MD ), \ - MBEDTLS_MD_INFO_SIZE( MD ), \ - MBEDTLS_MD_INFO_BLOCKSIZE( MD ), \ - MBEDTLS_MD_INFO_STARTS_FUNC( MD ), \ - MBEDTLS_MD_INFO_UPDATE_FUNC( MD ), \ - MBEDTLS_MD_INFO_FINISH_FUNC( MD ), \ - MBEDTLS_MD_INFO_DIGEST_FUNC( MD ), \ - MBEDTLS_MD_INFO_ALLOC_FUNC( MD ), \ - MBEDTLS_MD_INFO_FREE_FUNC( MD ), \ - MBEDTLS_MD_INFO_CLONE_FUNC( MD ), \ - MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) } - -/* - * Getter functions for MD info structure. - */ - -static inline mbedtls_md_type_t mbedtls_md_info_type( - mbedtls_md_handle_t info ) -{ - return( info->type ); -} - -static inline const char * mbedtls_md_info_name( - mbedtls_md_handle_t info ) -{ - return( info->name ); -} - -static inline int mbedtls_md_info_size( - mbedtls_md_handle_t info ) -{ - return( info->size ); -} - -static inline int mbedtls_md_info_block_size( - mbedtls_md_handle_t info ) -{ - return( info->block_size ); -} - -static inline mbedtls_md_starts_func_t *mbedtls_md_info_starts_func( - mbedtls_md_handle_t info ) -{ - return( info->starts_func ); -} - -static inline mbedtls_md_update_func_t *mbedtls_md_info_update_func( - mbedtls_md_handle_t info ) -{ - return( info->update_func ); -} - -static inline mbedtls_md_finish_func_t *mbedtls_md_info_finish_func( - mbedtls_md_handle_t info ) -{ - return( info->finish_func ); -} - -static inline mbedtls_md_digest_func_t *mbedtls_md_info_digest_func( - mbedtls_md_handle_t info ) -{ - return( info->digest_func ); -} - -static inline mbedtls_md_ctx_alloc_func_t *mbedtls_md_info_ctx_alloc_func( - mbedtls_md_handle_t info ) -{ - return( info->ctx_alloc_func ); -} - -static inline mbedtls_md_ctx_free_func_t *mbedtls_md_info_ctx_free_func( - mbedtls_md_handle_t info ) -{ - return( info->ctx_free_func ); -} - -static inline mbedtls_md_clone_func_t *mbedtls_md_info_clone_func( - mbedtls_md_handle_t info ) -{ - return( info->clone_func ); -} - -static inline mbedtls_md_process_func_t *mbedtls_md_info_process_func( - mbedtls_md_handle_t info ) -{ - return( info->process_func ); -} - -#if defined(MBEDTLS_MD2_C) -extern const mbedtls_md_info_t mbedtls_md2_info; -#endif -#if defined(MBEDTLS_MD4_C) -extern const mbedtls_md_info_t mbedtls_md4_info; -#endif -#if defined(MBEDTLS_MD5_C) -extern const mbedtls_md_info_t mbedtls_md5_info; -#endif -#if defined(MBEDTLS_RIPEMD160_C) -extern const mbedtls_md_info_t mbedtls_ripemd160_info; -#endif -#if defined(MBEDTLS_SHA1_C) -extern const mbedtls_md_info_t mbedtls_sha1_info; -#endif -#if defined(MBEDTLS_SHA256_C) -#if !defined(MBEDTLS_SHA256_NO_SHA224) -extern const mbedtls_md_info_t mbedtls_sha224_info; -#endif -extern const mbedtls_md_info_t mbedtls_sha256_info; -#endif -#if defined(MBEDTLS_SHA512_C) -extern const mbedtls_md_info_t mbedtls_sha384_info; -extern const mbedtls_md_info_t mbedtls_sha512_info; -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* MBEDTLS_MD_WRAP_H */ diff --git a/library/md.c b/library/md.c index 81e30235c..2271a766e 100644 --- a/library/md.c +++ b/library/md.c @@ -32,7 +32,6 @@ #if defined(MBEDTLS_MD_C) #include "mbedtls/md.h" -#include "mbedtls/md_internal.h" #include "mbedtls/platform_util.h" #if defined(MBEDTLS_PLATFORM_C) @@ -49,7 +48,777 @@ #include #endif -#include "md_wrap.c" +#if defined(MBEDTLS_MD2_C) +#include "mbedtls/md2.h" +#endif + +#if defined(MBEDTLS_MD4_C) +#include "mbedtls/md4.h" +#endif + +#if defined(MBEDTLS_MD5_C) +#include "mbedtls/md5.h" +#endif + +#if defined(MBEDTLS_RIPEMD160_C) +#include "mbedtls/ripemd160.h" +#endif + +#if defined(MBEDTLS_SHA1_C) +#include "mbedtls/sha1.h" +#endif + +#if defined(MBEDTLS_SHA256_C) +#include "mbedtls/sha256.h" +#endif + +#if defined(MBEDTLS_SHA512_C) +#include "mbedtls/sha512.h" +#endif + +/* + * Message-digest information macro definition + */ + +/* SHA-256 */ +#define MBEDTLS_MD_INFO_SHA256_TYPE MBEDTLS_MD_SHA256 +#define MBEDTLS_MD_INFO_SHA256_NAME "SHA256" +#define MBEDTLS_MD_INFO_SHA256_SIZE 32 +#define MBEDTLS_MD_INFO_SHA256_BLOCKSIZE 64 +#define MBEDTLS_MD_INFO_SHA256_STARTS_FUNC sha256_starts_wrap +#define MBEDTLS_MD_INFO_SHA256_UPDATE_FUNC sha224_update_wrap +#define MBEDTLS_MD_INFO_SHA256_FINISH_FUNC sha224_finish_wrap +#define MBEDTLS_MD_INFO_SHA256_DIGEST_FUNC sha256_wrap +#define MBEDTLS_MD_INFO_SHA256_ALLOC_FUNC sha224_ctx_alloc +#define MBEDTLS_MD_INFO_SHA256_FREE_FUNC sha224_ctx_free +#define MBEDTLS_MD_INFO_SHA256_CLONE_FUNC sha224_clone_wrap +#define MBEDTLS_MD_INFO_SHA256_PROCESS_FUNC sha224_process_wrap + +/* + * Helper macros to extract fields from ciphersuites. + */ + +#define MBEDTLS_MD_INFO_TYPE_T( MD ) MD ## _TYPE +#define MBEDTLS_MD_INFO_NAME_T( MD ) MD ## _NAME +#define MBEDTLS_MD_INFO_SIZE_T( MD ) MD ## _SIZE +#define MBEDTLS_MD_INFO_BLOCKSIZE_T( MD ) MD ## _BLOCKSIZE +#define MBEDTLS_MD_INFO_STARTS_FUNC_T( MD ) MD ## _STARTS_FUNC +#define MBEDTLS_MD_INFO_UPDATE_FUNC_T( MD ) MD ## _UPDATE_FUNC +#define MBEDTLS_MD_INFO_FINISH_FUNC_T( MD ) MD ## _FINISH_FUNC +#define MBEDTLS_MD_INFO_DIGEST_FUNC_T( MD ) MD ## _DIGEST_FUNC +#define MBEDTLS_MD_INFO_ALLOC_FUNC_T( MD ) MD ## _ALLOC_FUNC +#define MBEDTLS_MD_INFO_FREE_FUNC_T( MD ) MD ## _FREE_FUNC +#define MBEDTLS_MD_INFO_CLONE_FUNC_T( MD ) MD ## _CLONE_FUNC +#define MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD ) MD ## _PROCESS_FUNC + +/* Wrapper around MBEDTLS_MD_INFO_XXX_T() which makes sure that + * the argument is macro-expanded before concatenated with the + * field name. This allows to call these macros as + * MBEDTLS_MD_INFO_XXX( MBEDTLS_SSL_CONF_SINGLE_HASH ). + * where MBEDTLS_SSL_CONF_SINGLE_HASH expands to MBEDTLS_MD_INFO_XXX. */ +#define MBEDTLS_MD_INFO_TYPE( MD ) MBEDTLS_MD_INFO_TYPE_T( MD ) +#define MBEDTLS_MD_INFO_NAME( MD ) MBEDTLS_MD_INFO_NAME_T( MD ) +#define MBEDTLS_MD_INFO_SIZE( MD ) MBEDTLS_MD_INFO_SIZE_T( MD ) +#define MBEDTLS_MD_INFO_BLOCKSIZE( MD ) MBEDTLS_MD_INFO_BLOCKSIZE_T( MD ) +#define MBEDTLS_MD_INFO_STARTS_FUNC( MD ) MBEDTLS_MD_INFO_STARTS_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_UPDATE_FUNC( MD ) MBEDTLS_MD_INFO_UPDATE_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_FINISH_FUNC( MD ) MBEDTLS_MD_INFO_FINISH_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_DIGEST_FUNC( MD ) MBEDTLS_MD_INFO_DIGEST_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_ALLOC_FUNC( MD ) MBEDTLS_MD_INFO_ALLOC_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_FREE_FUNC( MD ) MBEDTLS_MD_INFO_FREE_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_CLONE_FUNC( MD ) MBEDTLS_MD_INFO_CLONE_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD ) + +/** + * Message digest information. + * Allows message digest functions to be called in a generic way. + */ + +typedef int mbedtls_md_starts_func_t( void *ctx ); +typedef int mbedtls_md_update_func_t( void *ctx, + const unsigned char *input, + size_t ilen ); +typedef int mbedtls_md_finish_func_t( void *ctx, unsigned char *output ); +typedef int mbedtls_md_digest_func_t( const unsigned char *input, + size_t ilen, + unsigned char *output ); +typedef void* mbedtls_md_ctx_alloc_func_t( void ); +typedef void mbedtls_md_ctx_free_func_t( void *ctx ); +typedef void mbedtls_md_clone_func_t( void *st, const void *src ); +typedef int mbedtls_md_process_func_t( void *ctx, + const unsigned char *input ); + +struct mbedtls_md_info_t +{ + /** Digest identifier */ + mbedtls_md_type_t type; + + /** Name of the message digest */ + const char * name; + + /** Output length of the digest function in bytes */ + int size; + + /** Block length of the digest function in bytes */ + int block_size; + + /** Digest initialisation function */ + mbedtls_md_starts_func_t *starts_func; + + /** Digest update function */ + mbedtls_md_update_func_t *update_func; + + /** Digest finalisation function */ + mbedtls_md_finish_func_t *finish_func; + + /** Generic digest function */ + mbedtls_md_digest_func_t *digest_func; + + /** Allocate a new context */ + mbedtls_md_ctx_alloc_func_t *ctx_alloc_func; + + /** Free the given context */ + mbedtls_md_ctx_free_func_t *ctx_free_func; + + /** Clone state from a context */ + mbedtls_md_clone_func_t *clone_func; + + /** Internal use only */ + mbedtls_md_process_func_t *process_func; +}; + +/** + * \brief This macro builds an instance of ::mbedtls_md_info_t + * from an \c MBEDTLS_MD_INFO_XXX identifier. + */ +#define MBEDTLS_MD_INFO( MD ) \ + { MBEDTLS_MD_INFO_TYPE( MD ), \ + MBEDTLS_MD_INFO_NAME( MD ), \ + MBEDTLS_MD_INFO_SIZE( MD ), \ + MBEDTLS_MD_INFO_BLOCKSIZE( MD ), \ + MBEDTLS_MD_INFO_STARTS_FUNC( MD ), \ + MBEDTLS_MD_INFO_UPDATE_FUNC( MD ), \ + MBEDTLS_MD_INFO_FINISH_FUNC( MD ), \ + MBEDTLS_MD_INFO_DIGEST_FUNC( MD ), \ + MBEDTLS_MD_INFO_ALLOC_FUNC( MD ), \ + MBEDTLS_MD_INFO_FREE_FUNC( MD ), \ + MBEDTLS_MD_INFO_CLONE_FUNC( MD ), \ + MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) } + +/* + * + * Definitions of MD information structures for various digests. + * + */ + +/* + * MD-2 + */ + +#if defined(MBEDTLS_MD2_C) + +static int md2_starts_wrap( void *ctx ) +{ + return( mbedtls_md2_starts_ret( (mbedtls_md2_context *) ctx ) ); +} + +static int md2_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_md2_update_ret( (mbedtls_md2_context *) ctx, input, ilen ) ); +} + +static int md2_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_md2_finish_ret( (mbedtls_md2_context *) ctx, output ) ); +} + +static void *md2_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md2_context ) ); + + if( ctx != NULL ) + mbedtls_md2_init( (mbedtls_md2_context *) ctx ); + + return( ctx ); +} + +static void md2_ctx_free( void *ctx ) +{ + mbedtls_md2_free( (mbedtls_md2_context *) ctx ); + mbedtls_free( ctx ); +} + +static void md2_clone_wrap( void *dst, const void *src ) +{ + mbedtls_md2_clone( (mbedtls_md2_context *) dst, + (const mbedtls_md2_context *) src ); +} + +static int md2_process_wrap( void *ctx, const unsigned char *data ) +{ + ((void) data); + + return( mbedtls_internal_md2_process( (mbedtls_md2_context *) ctx ) ); +} + +const mbedtls_md_info_t mbedtls_md2_info = { + MBEDTLS_MD_MD2, + "MD2", + 16, + 16, + md2_starts_wrap, + md2_update_wrap, + md2_finish_wrap, + mbedtls_md2_ret, + md2_ctx_alloc, + md2_ctx_free, + md2_clone_wrap, + md2_process_wrap, +}; + +#endif /* MBEDTLS_MD2_C */ + +/* + * MD-4 + */ + +#if defined(MBEDTLS_MD4_C) + +static int md4_starts_wrap( void *ctx ) +{ + return( mbedtls_md4_starts_ret( (mbedtls_md4_context *) ctx ) ); +} + +static int md4_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_md4_update_ret( (mbedtls_md4_context *) ctx, input, ilen ) ); +} + +static int md4_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_md4_finish_ret( (mbedtls_md4_context *) ctx, output ) ); +} + +static void *md4_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md4_context ) ); + + if( ctx != NULL ) + mbedtls_md4_init( (mbedtls_md4_context *) ctx ); + + return( ctx ); +} + +static void md4_ctx_free( void *ctx ) +{ + mbedtls_md4_free( (mbedtls_md4_context *) ctx ); + mbedtls_free( ctx ); +} + +static void md4_clone_wrap( void *dst, const void *src ) +{ + mbedtls_md4_clone( (mbedtls_md4_context *) dst, + (const mbedtls_md4_context *) src ); +} + +static int md4_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) ); +} + +const mbedtls_md_info_t mbedtls_md4_info = { + MBEDTLS_MD_MD4, + "MD4", + 16, + 64, + md4_starts_wrap, + md4_update_wrap, + md4_finish_wrap, + mbedtls_md4_ret, + md4_ctx_alloc, + md4_ctx_free, + md4_clone_wrap, + md4_process_wrap, +}; + +#endif /* MBEDTLS_MD4_C */ + +/* + * MD-5 + */ + +#if defined(MBEDTLS_MD5_C) + +static int md5_starts_wrap( void *ctx ) +{ + return( mbedtls_md5_starts_ret( (mbedtls_md5_context *) ctx ) ); +} + +static int md5_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_md5_update_ret( (mbedtls_md5_context *) ctx, input, ilen ) ); +} + +static int md5_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_md5_finish_ret( (mbedtls_md5_context *) ctx, output ) ); +} + +static void *md5_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md5_context ) ); + + if( ctx != NULL ) + mbedtls_md5_init( (mbedtls_md5_context *) ctx ); + + return( ctx ); +} + +static void md5_ctx_free( void *ctx ) +{ + mbedtls_md5_free( (mbedtls_md5_context *) ctx ); + mbedtls_free( ctx ); +} + +static void md5_clone_wrap( void *dst, const void *src ) +{ + mbedtls_md5_clone( (mbedtls_md5_context *) dst, + (const mbedtls_md5_context *) src ); +} + +static int md5_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) ); +} + +const mbedtls_md_info_t mbedtls_md5_info = { + MBEDTLS_MD_MD5, + "MD5", + 16, + 64, + md5_starts_wrap, + md5_update_wrap, + md5_finish_wrap, + mbedtls_md5_ret, + md5_ctx_alloc, + md5_ctx_free, + md5_clone_wrap, + md5_process_wrap, +}; + +#endif /* MBEDTLS_MD5_C */ + +/* + * RIPEMD-160 + */ + +#if defined(MBEDTLS_RIPEMD160_C) + +static int ripemd160_starts_wrap( void *ctx ) +{ + return( mbedtls_ripemd160_starts_ret( (mbedtls_ripemd160_context *) ctx ) ); +} + +static int ripemd160_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_ripemd160_update_ret( (mbedtls_ripemd160_context *) ctx, + input, ilen ) ); +} + +static int ripemd160_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_ripemd160_finish_ret( (mbedtls_ripemd160_context *) ctx, + output ) ); +} + +static void *ripemd160_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ripemd160_context ) ); + + if( ctx != NULL ) + mbedtls_ripemd160_init( (mbedtls_ripemd160_context *) ctx ); + + return( ctx ); +} + +static void ripemd160_ctx_free( void *ctx ) +{ + mbedtls_ripemd160_free( (mbedtls_ripemd160_context *) ctx ); + mbedtls_free( ctx ); +} + +static void ripemd160_clone_wrap( void *dst, const void *src ) +{ + mbedtls_ripemd160_clone( (mbedtls_ripemd160_context *) dst, + (const mbedtls_ripemd160_context *) src ); +} + +static int ripemd160_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_ripemd160_process( + (mbedtls_ripemd160_context *) ctx, data ) ); +} + +const mbedtls_md_info_t mbedtls_ripemd160_info = { + MBEDTLS_MD_RIPEMD160, + "RIPEMD160", + 20, + 64, + ripemd160_starts_wrap, + ripemd160_update_wrap, + ripemd160_finish_wrap, + mbedtls_ripemd160_ret, + ripemd160_ctx_alloc, + ripemd160_ctx_free, + ripemd160_clone_wrap, + ripemd160_process_wrap, +}; + +#endif /* MBEDTLS_RIPEMD160_C */ + +/* + * SHA-1 + */ + +#if defined(MBEDTLS_SHA1_C) + +static int sha1_starts_wrap( void *ctx ) +{ + return( mbedtls_sha1_starts_ret( (mbedtls_sha1_context *) ctx ) ); +} + +static int sha1_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_sha1_update_ret( (mbedtls_sha1_context *) ctx, + input, ilen ) ); +} + +static int sha1_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_sha1_finish_ret( (mbedtls_sha1_context *) ctx, output ) ); +} + +static void *sha1_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha1_context ) ); + + if( ctx != NULL ) + mbedtls_sha1_init( (mbedtls_sha1_context *) ctx ); + + return( ctx ); +} + +static void sha1_clone_wrap( void *dst, const void *src ) +{ + mbedtls_sha1_clone( (mbedtls_sha1_context *) dst, + (const mbedtls_sha1_context *) src ); +} + +static void sha1_ctx_free( void *ctx ) +{ + mbedtls_sha1_free( (mbedtls_sha1_context *) ctx ); + mbedtls_free( ctx ); +} + +static int sha1_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_sha1_process( (mbedtls_sha1_context *) ctx, + data ) ); +} + +const mbedtls_md_info_t mbedtls_sha1_info = { + MBEDTLS_MD_SHA1, + "SHA1", + 20, + 64, + sha1_starts_wrap, + sha1_update_wrap, + sha1_finish_wrap, + mbedtls_sha1_ret, + sha1_ctx_alloc, + sha1_ctx_free, + sha1_clone_wrap, + sha1_process_wrap, +}; + +#endif /* MBEDTLS_SHA1_C */ + +/* + * SHA-224 and SHA-256 + */ + +#if defined(MBEDTLS_SHA256_C) + +#if !defined(MBEDTLS_SHA256_NO_SHA224) +static int sha224_starts_wrap( void *ctx ) +{ + return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) ); +} +#endif /* !MBEDTLS_SHA256_NO_SHA224 */ + +static int sha224_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_sha256_update_ret( (mbedtls_sha256_context *) ctx, + input, ilen ) ); +} + +static int sha224_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_sha256_finish_ret( (mbedtls_sha256_context *) ctx, + output ) ); +} + +#if !defined(MBEDTLS_SHA256_NO_SHA224) +static int sha224_wrap( const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + return( mbedtls_sha256_ret( input, ilen, output, 1 ) ); +} +#endif /* !MBEDTLS_SHA256_NO_SHA224 */ + +static void *sha224_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha256_context ) ); + + if( ctx != NULL ) + mbedtls_sha256_init( (mbedtls_sha256_context *) ctx ); + + return( ctx ); +} + +static void sha224_ctx_free( void *ctx ) +{ + mbedtls_sha256_free( (mbedtls_sha256_context *) ctx ); + mbedtls_free( ctx ); +} + +static void sha224_clone_wrap( void *dst, const void *src ) +{ + mbedtls_sha256_clone( (mbedtls_sha256_context *) dst, + (const mbedtls_sha256_context *) src ); +} + +static int sha224_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_sha256_process( (mbedtls_sha256_context *) ctx, + data ) ); +} + +#if !defined(MBEDTLS_SHA256_NO_SHA224) +const mbedtls_md_info_t mbedtls_sha224_info = { + MBEDTLS_MD_SHA224, + "SHA224", + 28, + 64, + sha224_starts_wrap, + sha224_update_wrap, + sha224_finish_wrap, + sha224_wrap, + sha224_ctx_alloc, + sha224_ctx_free, + sha224_clone_wrap, + sha224_process_wrap, +}; +#endif /* !MBEDTLS_SHA256_NO_SHA224 */ + +static int sha256_starts_wrap( void *ctx ) +{ + return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 0 ) ); +} + +static int sha256_wrap( const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); +} + +const mbedtls_md_info_t mbedtls_sha256_info = + MBEDTLS_MD_INFO( MBEDTLS_MD_INFO_SHA256 ); + +#endif /* MBEDTLS_SHA256_C */ + +/* + * SHA-384 and SHA-512 + */ + +#if defined(MBEDTLS_SHA512_C) + +static int sha384_starts_wrap( void *ctx ) +{ + return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 1 ) ); +} + +static int sha384_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_sha512_update_ret( (mbedtls_sha512_context *) ctx, + input, ilen ) ); +} + +static int sha384_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_sha512_finish_ret( (mbedtls_sha512_context *) ctx, + output ) ); +} + +static int sha384_wrap( const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + return( mbedtls_sha512_ret( input, ilen, output, 1 ) ); +} + +static void *sha384_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha512_context ) ); + + if( ctx != NULL ) + mbedtls_sha512_init( (mbedtls_sha512_context *) ctx ); + + return( ctx ); +} + +static void sha384_ctx_free( void *ctx ) +{ + mbedtls_sha512_free( (mbedtls_sha512_context *) ctx ); + mbedtls_free( ctx ); +} + +static void sha384_clone_wrap( void *dst, const void *src ) +{ + mbedtls_sha512_clone( (mbedtls_sha512_context *) dst, + (const mbedtls_sha512_context *) src ); +} + +static int sha384_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_sha512_process( (mbedtls_sha512_context *) ctx, + data ) ); +} + +const mbedtls_md_info_t mbedtls_sha384_info = { + MBEDTLS_MD_SHA384, + "SHA384", + 48, + 128, + sha384_starts_wrap, + sha384_update_wrap, + sha384_finish_wrap, + sha384_wrap, + sha384_ctx_alloc, + sha384_ctx_free, + sha384_clone_wrap, + sha384_process_wrap, +}; + +static int sha512_starts_wrap( void *ctx ) +{ + return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 0 ) ); +} + +static int sha512_wrap( const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + return( mbedtls_sha512_ret( input, ilen, output, 0 ) ); +} + +const mbedtls_md_info_t mbedtls_sha512_info = { + MBEDTLS_MD_SHA512, + "SHA512", + 64, + 128, + sha512_starts_wrap, + sha384_update_wrap, + sha384_finish_wrap, + sha512_wrap, + sha384_ctx_alloc, + sha384_ctx_free, + sha384_clone_wrap, + sha384_process_wrap, +}; + +#endif /* MBEDTLS_SHA512_C */ + +/* + * Getter functions for MD info structure. + */ + +static inline mbedtls_md_type_t mbedtls_md_info_type( + mbedtls_md_handle_t info ) +{ + return( info->type ); +} + +static inline const char * mbedtls_md_info_name( + mbedtls_md_handle_t info ) +{ + return( info->name ); +} + +static inline int mbedtls_md_info_size( + mbedtls_md_handle_t info ) +{ + return( info->size ); +} + +static inline int mbedtls_md_info_block_size( + mbedtls_md_handle_t info ) +{ + return( info->block_size ); +} + +static inline mbedtls_md_starts_func_t *mbedtls_md_info_starts_func( + mbedtls_md_handle_t info ) +{ + return( info->starts_func ); +} + +static inline mbedtls_md_update_func_t *mbedtls_md_info_update_func( + mbedtls_md_handle_t info ) +{ + return( info->update_func ); +} + +static inline mbedtls_md_finish_func_t *mbedtls_md_info_finish_func( + mbedtls_md_handle_t info ) +{ + return( info->finish_func ); +} + +static inline mbedtls_md_digest_func_t *mbedtls_md_info_digest_func( + mbedtls_md_handle_t info ) +{ + return( info->digest_func ); +} + +static inline mbedtls_md_ctx_alloc_func_t *mbedtls_md_info_ctx_alloc_func( + mbedtls_md_handle_t info ) +{ + return( info->ctx_alloc_func ); +} + +static inline mbedtls_md_ctx_free_func_t *mbedtls_md_info_ctx_free_func( + mbedtls_md_handle_t info ) +{ + return( info->ctx_free_func ); +} + +static inline mbedtls_md_clone_func_t *mbedtls_md_info_clone_func( + mbedtls_md_handle_t info ) +{ + return( info->clone_func ); +} + +static inline mbedtls_md_process_func_t *mbedtls_md_info_process_func( + mbedtls_md_handle_t info ) +{ + return( info->process_func ); +} /* * Reminder: update profiles in x509_crt.c when adding a new hash! diff --git a/library/md_wrap.c b/library/md_wrap.c deleted file mode 100644 index f974ba0c6..000000000 --- a/library/md_wrap.c +++ /dev/null @@ -1,580 +0,0 @@ -/** - * \file md_wrap.c - * - * \brief Generic message digest wrapper for mbed TLS - * - * \author Adriaan de Jong - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_MD_C) - -#include "mbedtls/md_internal.h" - -#if defined(MBEDTLS_MD2_C) -#include "mbedtls/md2.h" -#endif - -#if defined(MBEDTLS_MD4_C) -#include "mbedtls/md4.h" -#endif - -#if defined(MBEDTLS_MD5_C) -#include "mbedtls/md5.h" -#endif - -#if defined(MBEDTLS_RIPEMD160_C) -#include "mbedtls/ripemd160.h" -#endif - -#if defined(MBEDTLS_SHA1_C) -#include "mbedtls/sha1.h" -#endif - -#if defined(MBEDTLS_SHA256_C) -#include "mbedtls/sha256.h" -#endif - -#if defined(MBEDTLS_SHA512_C) -#include "mbedtls/sha512.h" -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - -#if defined(MBEDTLS_MD2_C) - -static int md2_starts_wrap( void *ctx ) -{ - return( mbedtls_md2_starts_ret( (mbedtls_md2_context *) ctx ) ); -} - -static int md2_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_md2_update_ret( (mbedtls_md2_context *) ctx, input, ilen ) ); -} - -static int md2_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_md2_finish_ret( (mbedtls_md2_context *) ctx, output ) ); -} - -static void *md2_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md2_context ) ); - - if( ctx != NULL ) - mbedtls_md2_init( (mbedtls_md2_context *) ctx ); - - return( ctx ); -} - -static void md2_ctx_free( void *ctx ) -{ - mbedtls_md2_free( (mbedtls_md2_context *) ctx ); - mbedtls_free( ctx ); -} - -static void md2_clone_wrap( void *dst, const void *src ) -{ - mbedtls_md2_clone( (mbedtls_md2_context *) dst, - (const mbedtls_md2_context *) src ); -} - -static int md2_process_wrap( void *ctx, const unsigned char *data ) -{ - ((void) data); - - return( mbedtls_internal_md2_process( (mbedtls_md2_context *) ctx ) ); -} - -const mbedtls_md_info_t mbedtls_md2_info = { - MBEDTLS_MD_MD2, - "MD2", - 16, - 16, - md2_starts_wrap, - md2_update_wrap, - md2_finish_wrap, - mbedtls_md2_ret, - md2_ctx_alloc, - md2_ctx_free, - md2_clone_wrap, - md2_process_wrap, -}; - -#endif /* MBEDTLS_MD2_C */ - -#if defined(MBEDTLS_MD4_C) - -static int md4_starts_wrap( void *ctx ) -{ - return( mbedtls_md4_starts_ret( (mbedtls_md4_context *) ctx ) ); -} - -static int md4_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_md4_update_ret( (mbedtls_md4_context *) ctx, input, ilen ) ); -} - -static int md4_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_md4_finish_ret( (mbedtls_md4_context *) ctx, output ) ); -} - -static void *md4_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md4_context ) ); - - if( ctx != NULL ) - mbedtls_md4_init( (mbedtls_md4_context *) ctx ); - - return( ctx ); -} - -static void md4_ctx_free( void *ctx ) -{ - mbedtls_md4_free( (mbedtls_md4_context *) ctx ); - mbedtls_free( ctx ); -} - -static void md4_clone_wrap( void *dst, const void *src ) -{ - mbedtls_md4_clone( (mbedtls_md4_context *) dst, - (const mbedtls_md4_context *) src ); -} - -static int md4_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) ); -} - -const mbedtls_md_info_t mbedtls_md4_info = { - MBEDTLS_MD_MD4, - "MD4", - 16, - 64, - md4_starts_wrap, - md4_update_wrap, - md4_finish_wrap, - mbedtls_md4_ret, - md4_ctx_alloc, - md4_ctx_free, - md4_clone_wrap, - md4_process_wrap, -}; - -#endif /* MBEDTLS_MD4_C */ - -#if defined(MBEDTLS_MD5_C) - -static int md5_starts_wrap( void *ctx ) -{ - return( mbedtls_md5_starts_ret( (mbedtls_md5_context *) ctx ) ); -} - -static int md5_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_md5_update_ret( (mbedtls_md5_context *) ctx, input, ilen ) ); -} - -static int md5_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_md5_finish_ret( (mbedtls_md5_context *) ctx, output ) ); -} - -static void *md5_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md5_context ) ); - - if( ctx != NULL ) - mbedtls_md5_init( (mbedtls_md5_context *) ctx ); - - return( ctx ); -} - -static void md5_ctx_free( void *ctx ) -{ - mbedtls_md5_free( (mbedtls_md5_context *) ctx ); - mbedtls_free( ctx ); -} - -static void md5_clone_wrap( void *dst, const void *src ) -{ - mbedtls_md5_clone( (mbedtls_md5_context *) dst, - (const mbedtls_md5_context *) src ); -} - -static int md5_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) ); -} - -const mbedtls_md_info_t mbedtls_md5_info = { - MBEDTLS_MD_MD5, - "MD5", - 16, - 64, - md5_starts_wrap, - md5_update_wrap, - md5_finish_wrap, - mbedtls_md5_ret, - md5_ctx_alloc, - md5_ctx_free, - md5_clone_wrap, - md5_process_wrap, -}; - -#endif /* MBEDTLS_MD5_C */ - -#if defined(MBEDTLS_RIPEMD160_C) - -static int ripemd160_starts_wrap( void *ctx ) -{ - return( mbedtls_ripemd160_starts_ret( (mbedtls_ripemd160_context *) ctx ) ); -} - -static int ripemd160_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_ripemd160_update_ret( (mbedtls_ripemd160_context *) ctx, - input, ilen ) ); -} - -static int ripemd160_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_ripemd160_finish_ret( (mbedtls_ripemd160_context *) ctx, - output ) ); -} - -static void *ripemd160_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ripemd160_context ) ); - - if( ctx != NULL ) - mbedtls_ripemd160_init( (mbedtls_ripemd160_context *) ctx ); - - return( ctx ); -} - -static void ripemd160_ctx_free( void *ctx ) -{ - mbedtls_ripemd160_free( (mbedtls_ripemd160_context *) ctx ); - mbedtls_free( ctx ); -} - -static void ripemd160_clone_wrap( void *dst, const void *src ) -{ - mbedtls_ripemd160_clone( (mbedtls_ripemd160_context *) dst, - (const mbedtls_ripemd160_context *) src ); -} - -static int ripemd160_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_ripemd160_process( - (mbedtls_ripemd160_context *) ctx, data ) ); -} - -const mbedtls_md_info_t mbedtls_ripemd160_info = { - MBEDTLS_MD_RIPEMD160, - "RIPEMD160", - 20, - 64, - ripemd160_starts_wrap, - ripemd160_update_wrap, - ripemd160_finish_wrap, - mbedtls_ripemd160_ret, - ripemd160_ctx_alloc, - ripemd160_ctx_free, - ripemd160_clone_wrap, - ripemd160_process_wrap, -}; - -#endif /* MBEDTLS_RIPEMD160_C */ - -#if defined(MBEDTLS_SHA1_C) - -static int sha1_starts_wrap( void *ctx ) -{ - return( mbedtls_sha1_starts_ret( (mbedtls_sha1_context *) ctx ) ); -} - -static int sha1_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_sha1_update_ret( (mbedtls_sha1_context *) ctx, - input, ilen ) ); -} - -static int sha1_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_sha1_finish_ret( (mbedtls_sha1_context *) ctx, output ) ); -} - -static void *sha1_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha1_context ) ); - - if( ctx != NULL ) - mbedtls_sha1_init( (mbedtls_sha1_context *) ctx ); - - return( ctx ); -} - -static void sha1_clone_wrap( void *dst, const void *src ) -{ - mbedtls_sha1_clone( (mbedtls_sha1_context *) dst, - (const mbedtls_sha1_context *) src ); -} - -static void sha1_ctx_free( void *ctx ) -{ - mbedtls_sha1_free( (mbedtls_sha1_context *) ctx ); - mbedtls_free( ctx ); -} - -static int sha1_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_sha1_process( (mbedtls_sha1_context *) ctx, - data ) ); -} - -const mbedtls_md_info_t mbedtls_sha1_info = { - MBEDTLS_MD_SHA1, - "SHA1", - 20, - 64, - sha1_starts_wrap, - sha1_update_wrap, - sha1_finish_wrap, - mbedtls_sha1_ret, - sha1_ctx_alloc, - sha1_ctx_free, - sha1_clone_wrap, - sha1_process_wrap, -}; - -#endif /* MBEDTLS_SHA1_C */ - -/* - * Wrappers for generic message digests - */ -#if defined(MBEDTLS_SHA256_C) - -#if !defined(MBEDTLS_SHA256_NO_SHA224) -static int sha224_starts_wrap( void *ctx ) -{ - return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) ); -} -#endif /* !MBEDTLS_SHA256_NO_SHA224 */ - -static int sha224_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_sha256_update_ret( (mbedtls_sha256_context *) ctx, - input, ilen ) ); -} - -static int sha224_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_sha256_finish_ret( (mbedtls_sha256_context *) ctx, - output ) ); -} - -#if !defined(MBEDTLS_SHA256_NO_SHA224) -static int sha224_wrap( const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - return( mbedtls_sha256_ret( input, ilen, output, 1 ) ); -} -#endif /* !MBEDTLS_SHA256_NO_SHA224 */ - -static void *sha224_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha256_context ) ); - - if( ctx != NULL ) - mbedtls_sha256_init( (mbedtls_sha256_context *) ctx ); - - return( ctx ); -} - -static void sha224_ctx_free( void *ctx ) -{ - mbedtls_sha256_free( (mbedtls_sha256_context *) ctx ); - mbedtls_free( ctx ); -} - -static void sha224_clone_wrap( void *dst, const void *src ) -{ - mbedtls_sha256_clone( (mbedtls_sha256_context *) dst, - (const mbedtls_sha256_context *) src ); -} - -static int sha224_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_sha256_process( (mbedtls_sha256_context *) ctx, - data ) ); -} - -#if !defined(MBEDTLS_SHA256_NO_SHA224) -const mbedtls_md_info_t mbedtls_sha224_info = { - MBEDTLS_MD_SHA224, - "SHA224", - 28, - 64, - sha224_starts_wrap, - sha224_update_wrap, - sha224_finish_wrap, - sha224_wrap, - sha224_ctx_alloc, - sha224_ctx_free, - sha224_clone_wrap, - sha224_process_wrap, -}; -#endif /* !MBEDTLS_SHA256_NO_SHA224 */ - -static int sha256_starts_wrap( void *ctx ) -{ - return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 0 ) ); -} - -static int sha256_wrap( const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); -} - -const mbedtls_md_info_t mbedtls_sha256_info = - MBEDTLS_MD_INFO( MBEDTLS_MD_INFO_SHA256 ); - -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - -static int sha384_starts_wrap( void *ctx ) -{ - return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 1 ) ); -} - -static int sha384_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_sha512_update_ret( (mbedtls_sha512_context *) ctx, - input, ilen ) ); -} - -static int sha384_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_sha512_finish_ret( (mbedtls_sha512_context *) ctx, - output ) ); -} - -static int sha384_wrap( const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - return( mbedtls_sha512_ret( input, ilen, output, 1 ) ); -} - -static void *sha384_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha512_context ) ); - - if( ctx != NULL ) - mbedtls_sha512_init( (mbedtls_sha512_context *) ctx ); - - return( ctx ); -} - -static void sha384_ctx_free( void *ctx ) -{ - mbedtls_sha512_free( (mbedtls_sha512_context *) ctx ); - mbedtls_free( ctx ); -} - -static void sha384_clone_wrap( void *dst, const void *src ) -{ - mbedtls_sha512_clone( (mbedtls_sha512_context *) dst, - (const mbedtls_sha512_context *) src ); -} - -static int sha384_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_sha512_process( (mbedtls_sha512_context *) ctx, - data ) ); -} - -const mbedtls_md_info_t mbedtls_sha384_info = { - MBEDTLS_MD_SHA384, - "SHA384", - 48, - 128, - sha384_starts_wrap, - sha384_update_wrap, - sha384_finish_wrap, - sha384_wrap, - sha384_ctx_alloc, - sha384_ctx_free, - sha384_clone_wrap, - sha384_process_wrap, -}; - -static int sha512_starts_wrap( void *ctx ) -{ - return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 0 ) ); -} - -static int sha512_wrap( const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - return( mbedtls_sha512_ret( input, ilen, output, 0 ) ); -} - -const mbedtls_md_info_t mbedtls_sha512_info = { - MBEDTLS_MD_SHA512, - "SHA512", - 64, - 128, - sha512_starts_wrap, - sha384_update_wrap, - sha384_finish_wrap, - sha512_wrap, - sha384_ctx_alloc, - sha384_ctx_free, - sha384_clone_wrap, - sha384_process_wrap, -}; - -#endif /* MBEDTLS_SHA512_C */ - -#endif /* MBEDTLS_MD_C */ diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp index 3c9c2786f..dcbd5ff4a 100644 --- a/programs/test/cpp_dummy_build.cpp +++ b/programs/test/cpp_dummy_build.cpp @@ -66,7 +66,6 @@ #include "mbedtls/md2.h" #include "mbedtls/md4.h" #include "mbedtls/md5.h" -#include "mbedtls/md_internal.h" #include "mbedtls/net.h" #include "mbedtls/net_sockets.h" #include "mbedtls/nist_kw.h" diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index e9673639f..77f0d5d54 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -1,6 +1,5 @@ /* BEGIN_HEADER */ #include "mbedtls/hkdf.h" -#include "mbedtls/md_internal.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 2ec9178af..e6f9ec815 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -264,7 +264,6 @@ - From 1292c35c0305c10f47a14d05bffe8425978ab3fa Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 13 Aug 2019 15:43:26 +0100 Subject: [PATCH 07/37] Add config.h option to hardcode choice of single MD algorithm This commit introduces the configuration option MBEDTLS_MD_SINGLE_HASH which can be used to hardcode support for a single digest algorithm at compile-time, at the benefit of reduced code-size. To use, it needs to be defined to evaluate to a macro of the form MBEDTLS_MD_INFO_{DIGEST}, and macros MBEDTLS_MD_INFO_{DIGEST}_FIELD must be defined, giving rise to the various aspects (name, type, size, ...) of the chosen digest algorithm. MBEDTLS_MD_INFO_SHA256 provides an example, but other algorithms can be added if needed. At the moment, the effect of using MBEDTLS_MD_SINGLE_HASH is that the implementation of the MD API (e.g. mbedtls_md_update()) need no longer to through the abstraction of the mbedtls_md_info structures by calling their corresponding function pointers fields (akin to virtual functions in C++), but the directly call the corresponding core digest function (such as mbedtls_sha256_update()). Therefore, MBEDTLS_MD_SINGLE_HASH so far removes the second layer of indirection in the chain User calls MD API -> MD API calls underlying digest impl'n -> Core digest impl'n does the actual work, but the first indirection remains, as the MD API remains untouched and cannot yet be inlined. Studying to what extend inlining the shortened MD API implementations would lead to further code-savings is left for a later commit. --- include/mbedtls/config.h | 14 ++++ include/mbedtls/md.h | 10 +++ library/md.c | 148 ++++++++++++++++++++++++++++++++++++ programs/ssl/query_config.c | 8 ++ 4 files changed, 180 insertions(+) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 83405245e..c820e2ab2 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3815,6 +3815,20 @@ //#define MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_MD_ID //#define MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_TLS_ID +/* Set this to MBEDTLS_MD_INFO_{DIGEST} support of a single message + * digest at compile-time, at the benefit of code-size. + * + * On highly constrained systems with large control over the configuration of + * the connection endpoints, this option can be used to hardcode support for + * a single hash algorithm. + * + * You need to make sure that the corresponding digest algorithm attributes + * are defined through macros in md.c. See the definitions + * MBEDTLS_MD_INFO_SHA256_XXX for example. + * + */ +//#define MBEDTLS_MD_SINGLE_HASH MBEDTLS_MD_INFO_SHA256 + /* \} SECTION: Compile-time SSL configuration */ /* Target and application specific configurations diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index c28ee1fd0..97d3b0696 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -80,6 +80,8 @@ typedef enum { #define MBEDTLS_MD_MAX_BLOCK_SIZE 64 #endif +#if !defined(MBEDTLS_MD_SINGLE_HASH) + /** * Opaque struct defined in md.c. */ @@ -89,6 +91,14 @@ typedef struct mbedtls_md_info_t mbedtls_md_info_t; typedef struct mbedtls_md_info_t const * mbedtls_md_handle_t; #define MBEDTLS_MD_INVALID_HANDLE ( (mbedtls_md_handle_t) NULL ) +#else /* !MBEDTLS_MD_SINGLE_HASH */ + +typedef int mbedtls_md_handle_t; +#define MBEDTLS_MD_INVALID_HANDLE ( (mbedtls_md_handle_t) 0 ) +#define MBEDTLS_MD_UNIQUE_VALID_HANDLE ( (mbedtls_md_handle_t) 1 ) + +#endif /* !MBEDTLS_MD_SINGLE_HASH */ + /** * The generic message-digest context. */ diff --git a/library/md.c b/library/md.c index 2271a766e..abc2ad3f5 100644 --- a/library/md.c +++ b/library/md.c @@ -148,6 +148,7 @@ typedef void mbedtls_md_clone_func_t( void *st, const void *src ); typedef int mbedtls_md_process_func_t( void *ctx, const unsigned char *input ); +#if !defined(MBEDTLS_MD_SINGLE_HASH) struct mbedtls_md_info_t { /** Digest identifier */ @@ -205,6 +206,8 @@ struct mbedtls_md_info_t MBEDTLS_MD_INFO_CLONE_FUNC( MD ), \ MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) } +#endif /* !MBEDTLS_MD_SINGLE_HASH */ + /* * * Definitions of MD information structures for various digests. @@ -262,6 +265,7 @@ static int md2_process_wrap( void *ctx, const unsigned char *data ) return( mbedtls_internal_md2_process( (mbedtls_md2_context *) ctx ) ); } +#if !defined(MBEDTLS_MD_SINGLE_HASH) const mbedtls_md_info_t mbedtls_md2_info = { MBEDTLS_MD_MD2, "MD2", @@ -276,6 +280,7 @@ const mbedtls_md_info_t mbedtls_md2_info = { md2_clone_wrap, md2_process_wrap, }; +#endif /* !MBEDTLS_MD_SINGLE_HASH */ #endif /* MBEDTLS_MD2_C */ @@ -328,6 +333,7 @@ static int md4_process_wrap( void *ctx, const unsigned char *data ) return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) ); } +#if !defined(MBEDTLS_MD_SINGLE_HASH) const mbedtls_md_info_t mbedtls_md4_info = { MBEDTLS_MD_MD4, "MD4", @@ -342,6 +348,7 @@ const mbedtls_md_info_t mbedtls_md4_info = { md4_clone_wrap, md4_process_wrap, }; +#endif /* MBEDTLS_MD_SINGLE_HASH */ #endif /* MBEDTLS_MD4_C */ @@ -394,6 +401,7 @@ static int md5_process_wrap( void *ctx, const unsigned char *data ) return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) ); } +#if !defined(MBEDTLS_MD_SINGLE_HASH) const mbedtls_md_info_t mbedtls_md5_info = { MBEDTLS_MD_MD5, "MD5", @@ -408,6 +416,7 @@ const mbedtls_md_info_t mbedtls_md5_info = { md5_clone_wrap, md5_process_wrap, }; +#endif /* MBEDTLS_MD_SINGLE_HASH */ #endif /* MBEDTLS_MD5_C */ @@ -463,6 +472,7 @@ static int ripemd160_process_wrap( void *ctx, const unsigned char *data ) (mbedtls_ripemd160_context *) ctx, data ) ); } +#if !defined(MBEDTLS_MD_SINGLE_HASH) const mbedtls_md_info_t mbedtls_ripemd160_info = { MBEDTLS_MD_RIPEMD160, "RIPEMD160", @@ -477,6 +487,7 @@ const mbedtls_md_info_t mbedtls_ripemd160_info = { ripemd160_clone_wrap, ripemd160_process_wrap, }; +#endif /* !MBEDTLS_MD_SINGLE_HASH */ #endif /* MBEDTLS_RIPEMD160_C */ @@ -531,6 +542,7 @@ static int sha1_process_wrap( void *ctx, const unsigned char *data ) data ) ); } +#if !defined(MBEDTLS_MD_SINGLE_HASH) const mbedtls_md_info_t mbedtls_sha1_info = { MBEDTLS_MD_SHA1, "SHA1", @@ -545,6 +557,7 @@ const mbedtls_md_info_t mbedtls_sha1_info = { sha1_clone_wrap, sha1_process_wrap, }; +#endif /* !MBEDTLS_MD_SINGLE_HASH */ #endif /* MBEDTLS_SHA1_C */ @@ -610,6 +623,7 @@ static int sha224_process_wrap( void *ctx, const unsigned char *data ) data ) ); } +#if !defined(MBEDTLS_MD_SINGLE_HASH) #if !defined(MBEDTLS_SHA256_NO_SHA224) const mbedtls_md_info_t mbedtls_sha224_info = { MBEDTLS_MD_SHA224, @@ -626,6 +640,7 @@ const mbedtls_md_info_t mbedtls_sha224_info = { sha224_process_wrap, }; #endif /* !MBEDTLS_SHA256_NO_SHA224 */ +#endif /* !MBEDTLS_MD_SINGLE_HASH */ static int sha256_starts_wrap( void *ctx ) { @@ -638,8 +653,10 @@ static int sha256_wrap( const unsigned char *input, size_t ilen, return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); } +#if !defined(MBEDTLS_MD_SINGLE_HASH) const mbedtls_md_info_t mbedtls_sha256_info = MBEDTLS_MD_INFO( MBEDTLS_MD_INFO_SHA256 ); +#endif /* !MBEDTLS_MD_SINGLE_HASH */ #endif /* MBEDTLS_SHA256_C */ @@ -701,6 +718,7 @@ static int sha384_process_wrap( void *ctx, const unsigned char *data ) data ) ); } +#if !defined(MBEDTLS_MD_SINGLE_HASH) const mbedtls_md_info_t mbedtls_sha384_info = { MBEDTLS_MD_SHA384, "SHA384", @@ -715,6 +733,7 @@ const mbedtls_md_info_t mbedtls_sha384_info = { sha384_clone_wrap, sha384_process_wrap, }; +#endif /* MBEDTLS_MD_SINGLE_HASH */ static int sha512_starts_wrap( void *ctx ) { @@ -727,6 +746,7 @@ static int sha512_wrap( const unsigned char *input, size_t ilen, return( mbedtls_sha512_ret( input, ilen, output, 0 ) ); } +#if !defined(MBEDTLS_MD_SINGLE_HASH) const mbedtls_md_info_t mbedtls_sha512_info = { MBEDTLS_MD_SHA512, "SHA512", @@ -741,6 +761,7 @@ const mbedtls_md_info_t mbedtls_sha512_info = { sha384_clone_wrap, sha384_process_wrap, }; +#endif /* MBEDTLS_MD_SINGLE_HASH */ #endif /* MBEDTLS_SHA512_C */ @@ -748,6 +769,8 @@ const mbedtls_md_info_t mbedtls_sha512_info = { * Getter functions for MD info structure. */ +#if !defined(MBEDTLS_MD_SINGLE_HASH) + static inline mbedtls_md_type_t mbedtls_md_info_type( mbedtls_md_handle_t info ) { @@ -820,6 +843,96 @@ static inline mbedtls_md_process_func_t *mbedtls_md_info_process_func( return( info->process_func ); } +#else /* !MBEDTLS_MD_SINGLE_HASH */ + +static inline mbedtls_md_type_t mbedtls_md_info_type( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_TYPE( MBEDTLS_MD_SINGLE_HASH ) ); +} + +static inline const char * mbedtls_md_info_name( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_NAME( MBEDTLS_MD_SINGLE_HASH ) ); +} + +static inline int mbedtls_md_info_size( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_SIZE( MBEDTLS_MD_SINGLE_HASH ) ); +} + +static inline int mbedtls_md_info_block_size( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_BLOCKSIZE( MBEDTLS_MD_SINGLE_HASH ) ); +} + +static inline mbedtls_md_starts_func_t *mbedtls_md_info_starts_func( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_STARTS_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); +} + +static inline mbedtls_md_update_func_t *mbedtls_md_info_update_func( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_UPDATE_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); +} + +static inline mbedtls_md_finish_func_t *mbedtls_md_info_finish_func( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_FINISH_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); +} + +static inline mbedtls_md_digest_func_t *mbedtls_md_info_digest_func( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_DIGEST_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); +} + +static inline mbedtls_md_ctx_alloc_func_t *mbedtls_md_info_ctx_alloc_func( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_ALLOC_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); +} + +static inline mbedtls_md_ctx_free_func_t *mbedtls_md_info_ctx_free_func( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_FREE_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); +} + +static inline mbedtls_md_clone_func_t *mbedtls_md_info_clone_func( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_CLONE_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); +} + +static inline mbedtls_md_process_func_t *mbedtls_md_info_process_func( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_PROCESS_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); +} + +#endif /* MBEDTLS_MD_SINGLE_HASH */ + +#if !defined(MBEDTLS_MD_SINGLE_HASH) + /* * Reminder: update profiles in x509_crt.c when adding a new hash! */ @@ -951,6 +1064,41 @@ mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) } } +#else /* MBEDTLS_MD_SINGLE_HASH */ + +const int *mbedtls_md_list( void ) +{ + static int single_hash[2] = + { MBEDTLS_MD_INFO_TYPE( MBEDTLS_MD_SINGLE_HASH ), + MBEDTLS_MD_INVALID_HANDLE }; + + return( single_hash ); +} + +mbedtls_md_handle_t mbedtls_md_info_from_string( const char *md_name ) +{ + static const char * const hash_name = + MBEDTLS_MD_INFO_NAME( MBEDTLS_MD_SINGLE_HASH ); + + if( md_name != NULL && strcmp( hash_name, md_name ) == 0 ) + return( MBEDTLS_MD_UNIQUE_VALID_HANDLE ); + + return( MBEDTLS_MD_INVALID_HANDLE ); +} + +mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) +{ + static const mbedtls_md_type_t hash_type = + MBEDTLS_MD_INFO_TYPE( MBEDTLS_MD_SINGLE_HASH ); + + if( hash_type == md_type ) + return( MBEDTLS_MD_UNIQUE_VALID_HANDLE ); + + return( MBEDTLS_MD_INVALID_HANDLE ); +} + +#endif /* MBEDTLS_MD_SINGLE_HASH */ + void mbedtls_md_init( mbedtls_md_context_t *ctx ) { memset( ctx, 0, sizeof( mbedtls_md_context_t ) ); diff --git a/programs/ssl/query_config.c b/programs/ssl/query_config.c index 627934fc3..c151d3128 100644 --- a/programs/ssl/query_config.c +++ b/programs/ssl/query_config.c @@ -2906,6 +2906,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_TLS_ID */ +#if defined(MBEDTLS_MD_SINGLE_HASH) + if( strcmp( "MBEDTLS_MD_SINGLE_HASH", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_MD_SINGLE_HASH ); + return( 0 ); + } +#endif /* MBEDTLS_MD_SINGLE_HASH */ + /* If the symbol is not found, return an error */ return( 1 ); } From ccb2b62f0ae97b8561cc9887e3c078a658106a25 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 3 Sep 2019 13:19:14 +0100 Subject: [PATCH 08/37] Remove handle from MD context in single hash config --- include/mbedtls/md.h | 11 +++++++++++ library/md.c | 2 ++ 2 files changed, 13 insertions(+) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 97d3b0696..2810a9180 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -104,8 +104,10 @@ typedef int mbedtls_md_handle_t; */ typedef struct mbedtls_md_context_t { +#if !defined(MBEDTLS_MD_SINGLE_HASH) /** Information about the associated message digest. */ mbedtls_md_handle_t md_info; +#endif /** The digest-specific context. */ void *md_ctx; @@ -114,11 +116,20 @@ typedef struct mbedtls_md_context_t void *hmac_ctx; } mbedtls_md_context_t; +#if !defined(MBEDTLS_MD_SINGLE_HASH) static inline mbedtls_md_handle_t mbedtls_md_get_handle( struct mbedtls_md_context_t const *ctx ) { return( ctx->md_info ); } +#else /* !MBEDTLS_MD_SINGLE_HASH */ +static inline mbedtls_md_handle_t mbedtls_md_get_handle( + struct mbedtls_md_context_t const *ctx ) +{ + ((void) ctx); + return( MBEDTLS_MD_UNIQUE_VALID_HANDLE ); +} +#endif /* !MBEDTLS_MD_SINGLE_HASH */ /** * \brief This function returns the list of digests supported by the diff --git a/library/md.c b/library/md.c index abc2ad3f5..cbe92dd68 100644 --- a/library/md.c +++ b/library/md.c @@ -1167,7 +1167,9 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, in } } +#if !defined(MBEDTLS_MD_SINGLE_HASH) ctx->md_info = md_info; +#endif return( 0 ); } From d806d9da89a124a99afc1689e66269ae1ca63c76 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 13 Aug 2019 16:09:10 +0100 Subject: [PATCH 09/37] Use SHA-256 as single hardcoded hash in baremetal configuration --- configs/baremetal.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/configs/baremetal.h b/configs/baremetal.h index 8bed9a8ae..4a17de072 100644 --- a/configs/baremetal.h +++ b/configs/baremetal.h @@ -52,6 +52,8 @@ #define MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_MD_ID MBEDTLS_MD_SHA256 #define MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_TLS_ID MBEDTLS_SSL_HASH_SHA256 +#define MBEDTLS_MD_SINGLE_HASH MBEDTLS_MD_INFO_SHA256 + /* Key exchanges */ #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 From c94fc6c0c2db62293bd4f96b5a2c701facb126aa Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 14 Aug 2019 11:28:30 +0100 Subject: [PATCH 10/37] Add MBEDTLS_ALWAYS_INLINE macro to platform_util.h --- include/mbedtls/platform_util.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h index 09d096518..98384add7 100644 --- a/include/mbedtls/platform_util.h +++ b/include/mbedtls/platform_util.h @@ -113,6 +113,12 @@ void mbedtls_param_failed( const char *failure_condition, #endif /* MBEDTLS_CHECK_PARAMS */ +#if defined(__GNUC__) || defined(__arm__) +#define MBEDTLS_ALWAYS_INLINE __attribute__((always_inline)) +#else +#define MBEDTLS_ALWAYS_INLINE +#endif + /* Internal helper macros for deprecating API constants. */ #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) From d9bf9357252eb74c30de853c76c19d3b8dd8f4d8 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 3 Sep 2019 13:37:29 +0100 Subject: [PATCH 11/37] Disable invalid argument MD test case With the removal of the MD handle from the MD context, it's a precondition for any MD API outside of mbedtls_md_init() and mbedtls_md_setup() that the MD context has been successfully setup by precisely those functions beforehand, and hence must be bound to the single enabled valid MD handle. --- tests/suites/test_suite_md.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index 515a28cfc..31d5aaf17 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -39,7 +39,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:!MBEDTLS_MD_SINGLE_HASH */ void md_null_args( ) { mbedtls_md_context_t ctx; From bdaf0ea5d94c2f6bd56032e6d60455d606bbe5c5 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 14 Aug 2019 11:33:43 +0100 Subject: [PATCH 12/37] Make MD info getters always inline --- library/md.c | 48 ++++++++++++++++++++++++------------------------ 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/library/md.c b/library/md.c index cbe92dd68..ab66744e6 100644 --- a/library/md.c +++ b/library/md.c @@ -771,73 +771,73 @@ const mbedtls_md_info_t mbedtls_sha512_info = { #if !defined(MBEDTLS_MD_SINGLE_HASH) -static inline mbedtls_md_type_t mbedtls_md_info_type( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_type_t mbedtls_md_info_type( mbedtls_md_handle_t info ) { return( info->type ); } -static inline const char * mbedtls_md_info_name( +MBEDTLS_ALWAYS_INLINE static inline const char * mbedtls_md_info_name( mbedtls_md_handle_t info ) { return( info->name ); } -static inline int mbedtls_md_info_size( +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_size( mbedtls_md_handle_t info ) { return( info->size ); } -static inline int mbedtls_md_info_block_size( +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_block_size( mbedtls_md_handle_t info ) { return( info->block_size ); } -static inline mbedtls_md_starts_func_t *mbedtls_md_info_starts_func( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_starts_func_t *mbedtls_md_info_starts_func( mbedtls_md_handle_t info ) { return( info->starts_func ); } -static inline mbedtls_md_update_func_t *mbedtls_md_info_update_func( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_update_func_t *mbedtls_md_info_update_func( mbedtls_md_handle_t info ) { return( info->update_func ); } -static inline mbedtls_md_finish_func_t *mbedtls_md_info_finish_func( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_finish_func_t *mbedtls_md_info_finish_func( mbedtls_md_handle_t info ) { return( info->finish_func ); } -static inline mbedtls_md_digest_func_t *mbedtls_md_info_digest_func( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_digest_func_t *mbedtls_md_info_digest_func( mbedtls_md_handle_t info ) { return( info->digest_func ); } -static inline mbedtls_md_ctx_alloc_func_t *mbedtls_md_info_ctx_alloc_func( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_ctx_alloc_func_t *mbedtls_md_info_ctx_alloc_func( mbedtls_md_handle_t info ) { return( info->ctx_alloc_func ); } -static inline mbedtls_md_ctx_free_func_t *mbedtls_md_info_ctx_free_func( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_ctx_free_func_t *mbedtls_md_info_ctx_free_func( mbedtls_md_handle_t info ) { return( info->ctx_free_func ); } -static inline mbedtls_md_clone_func_t *mbedtls_md_info_clone_func( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_clone_func_t *mbedtls_md_info_clone_func( mbedtls_md_handle_t info ) { return( info->clone_func ); } -static inline mbedtls_md_process_func_t *mbedtls_md_info_process_func( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_process_func_t *mbedtls_md_info_process_func( mbedtls_md_handle_t info ) { return( info->process_func ); @@ -845,84 +845,84 @@ static inline mbedtls_md_process_func_t *mbedtls_md_info_process_func( #else /* !MBEDTLS_MD_SINGLE_HASH */ -static inline mbedtls_md_type_t mbedtls_md_info_type( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_type_t mbedtls_md_info_type( mbedtls_md_handle_t info ) { ((void) info); return( MBEDTLS_MD_INFO_TYPE( MBEDTLS_MD_SINGLE_HASH ) ); } -static inline const char * mbedtls_md_info_name( +MBEDTLS_ALWAYS_INLINE static inline const char * mbedtls_md_info_name( mbedtls_md_handle_t info ) { ((void) info); return( MBEDTLS_MD_INFO_NAME( MBEDTLS_MD_SINGLE_HASH ) ); } -static inline int mbedtls_md_info_size( +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_size( mbedtls_md_handle_t info ) { ((void) info); return( MBEDTLS_MD_INFO_SIZE( MBEDTLS_MD_SINGLE_HASH ) ); } -static inline int mbedtls_md_info_block_size( +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_block_size( mbedtls_md_handle_t info ) { ((void) info); return( MBEDTLS_MD_INFO_BLOCKSIZE( MBEDTLS_MD_SINGLE_HASH ) ); } -static inline mbedtls_md_starts_func_t *mbedtls_md_info_starts_func( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_starts_func_t *mbedtls_md_info_starts_func( mbedtls_md_handle_t info ) { ((void) info); return( MBEDTLS_MD_INFO_STARTS_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); } -static inline mbedtls_md_update_func_t *mbedtls_md_info_update_func( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_update_func_t *mbedtls_md_info_update_func( mbedtls_md_handle_t info ) { ((void) info); return( MBEDTLS_MD_INFO_UPDATE_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); } -static inline mbedtls_md_finish_func_t *mbedtls_md_info_finish_func( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_finish_func_t *mbedtls_md_info_finish_func( mbedtls_md_handle_t info ) { ((void) info); return( MBEDTLS_MD_INFO_FINISH_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); } -static inline mbedtls_md_digest_func_t *mbedtls_md_info_digest_func( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_digest_func_t *mbedtls_md_info_digest_func( mbedtls_md_handle_t info ) { ((void) info); return( MBEDTLS_MD_INFO_DIGEST_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); } -static inline mbedtls_md_ctx_alloc_func_t *mbedtls_md_info_ctx_alloc_func( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_ctx_alloc_func_t *mbedtls_md_info_ctx_alloc_func( mbedtls_md_handle_t info ) { ((void) info); return( MBEDTLS_MD_INFO_ALLOC_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); } -static inline mbedtls_md_ctx_free_func_t *mbedtls_md_info_ctx_free_func( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_ctx_free_func_t *mbedtls_md_info_ctx_free_func( mbedtls_md_handle_t info ) { ((void) info); return( MBEDTLS_MD_INFO_FREE_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); } -static inline mbedtls_md_clone_func_t *mbedtls_md_info_clone_func( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_clone_func_t *mbedtls_md_info_clone_func( mbedtls_md_handle_t info ) { ((void) info); return( MBEDTLS_MD_INFO_CLONE_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); } -static inline mbedtls_md_process_func_t *mbedtls_md_info_process_func( +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_process_func_t *mbedtls_md_info_process_func( mbedtls_md_handle_t info ) { ((void) info); From c763e9dc70e46d69bef778a555d9a95a7d665a02 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 3 Sep 2019 12:46:51 +0100 Subject: [PATCH 13/37] Add test for MD hardcoding to all.sh --- tests/scripts/all.sh | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1e3287c46..f1317e7c3 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -904,6 +904,34 @@ component_test_hardcoded_elliptic_curve_cmake_clang() { if_build_succeeded tests/ssl-opt.sh -f '^Default$\|^Default, DTLS$' } +component_test_hardcoded_hash_cmake_clang() { + msg "build: cmake, full config + MBEDTLS_MD_SINGLE_HASH, clang" # ~ 50s + scripts/config.pl full + scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests + scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.pl unset MBEDTLS_SHA1_C + scripts/config.pl unset MBEDTLS_SHA512_C + scripts/config.pl set MBEDTLS_SHA256_NO_SHA224 + scripts/config.pl unset MBEDTLS_MD2_C + scripts/config.pl unset MBEDTLS_MD4_C + scripts/config.pl unset MBEDTLS_MD5_C + scripts/config.pl unset MBEDTLS_RIPEMD160_C + scripts/config.pl unset MBEDTLS_SSL_PROTO_SSL3 + scripts/config.pl unset MBEDTLS_SSL_PROTO_TLS1 + scripts/config.pl unset MBEDTLS_SSL_PROTO_TLS1_1 + scripts/config.pl unset MBEDTLS_SSL_CBC_RECORD_SPLITTING + scripts/config.pl set MBEDTLS_MD_SINGLE_HASH MBEDTLS_MD_INFO_SHA256 + + CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check -D ENABLE_TESTING=On . + make + + msg "test: main suites (full config + MBEDTLS_MD_SINGLE_HASH)" # ~ 5s + make test + + msg "test: ssl-opt.sh default (full config + MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)" # ~ 5s + if_build_succeeded tests/ssl-opt.sh -f '^Default$\|^Default, DTLS$' +} + component_build_deprecated () { msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s scripts/config.pl full From 8fbacf941ffe0fee817001b47000cf876b44d411 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 3 Sep 2019 13:55:19 +0100 Subject: [PATCH 14/37] check_config.h: Check MBEDTLS_MD_SINGLE_HASH is used with single MD This commit modifies check_config.h to check that precisely one hash is enabled if MBEDTLS_MD_SINGLE_HASH is set. This is not only a reasonable expectation, it is also necessary, because test suites assume that if a digest is enabled, it is also accessible through the MD abstraction layer. --- include/mbedtls/check_config.h | 67 ++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 6807ff33b..6955246b0 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -786,6 +786,73 @@ #define MBEDTLS_THREADING_IMPL #endif +/* Ensurethat precisely one hash is enabled. */ +#if defined(MBEDTLS_MD_SINGLE_HASH) + +#if defined(MBEDTLS_SHA256_C) +#define MBEDTLS_SHA256_ENABLED 1 +#else +#define MBEDTLS_SHA256_ENABLED 0 +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA256_NO_SHA224) +#define MBEDTLS_SHA224_ENABLED 1 +#else +#define MBEDTLS_SHA224_ENABLED 0 +#endif /* MBEDTLS_SHA256_C && !MBEDTLS_SHA256_NO_SHA224 */ + +#if defined(MBEDTLS_SHA512_C) +#define MBEDTLS_SHA512_ENABLED 2 +#else +#define MBEDTLS_SHA512_ENABLED 0 +#endif /* MBEDTLS_SHA512_C */ + +#if defined(MBEDTLS_SHA1_C) +#define MBEDTLS_SHA1_ENABLED 1 +#else +#define MBEDTLS_SHA1_ENABLED 0 +#endif /* MBEDTLS_SHA1_C */ + +#if defined(MBEDTLS_MD2_C) +#define MBEDTLS_MD2_ENABLED 1 +#else +#define MBEDTLS_MD2_ENABLED 0 +#endif /* MBEDTLS_MD2_C */ + +#if defined(MBEDTLS_MD4_C) +#define MBEDTLS_MD4_ENABLED 1 +#else +#define MBEDTLS_MD4_ENABLED 0 +#endif /* MBEDTLS_MD4_C */ + +#if defined(MBEDTLS_MD5_C) +#define MBEDTLS_MD5_ENABLED 1 +#else +#define MBEDTLS_MD5_ENABLED 0 +#endif /* MBEDTLS_MD5_C */ + +#if defined(MBEDTLS_RIPEMD160_C) +#define MBEDTLS_RIPEMD160_ENABLED 1 +#else +#define MBEDTLS_RIPEMD160_ENABLED 0 +#endif /* MBEDTLS_RIPEMD160_C */ + +#define MBEDTLS_HASHES_ENABLED \ + ( MBEDTLS_MD2_ENABLED + \ + MBEDTLS_MD4_ENABLED + \ + MBEDTLS_MD5_ENABLED + \ + MBEDTLS_RIPEMD160_ENABLED + \ + MBEDTLS_SHA1_ENABLED + \ + MBEDTLS_SHA256_ENABLED + \ + MBEDTLS_SHA512_ENABLED ) + +#if MBEDTLS_HASHES_ENABLED != 1 +#error "MBEDTLS_MD_SINGLE_HASH must be used with precisely one hash algorithm enabled." +#endif + +#undef MBEDTLS_HASHES_ENABLED +#endif /* MBEDTLS_MD_SINGLE_HASH */ + #if defined(MBEDTLS_THREADING_ALT) #if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL) #error "MBEDTLS_THREADING_ALT defined, but not all prerequisites" From 08cf43a9ecaacf2e0ad2567205c132bb53367d57 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 4 Sep 2019 11:27:56 +0100 Subject: [PATCH 15/37] Fix typo MBEDTLS_SSL_CONF_SINGLE_HASH -> MBEDTLS_MD_SINGLE_HASH --- library/md.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/md.c b/library/md.c index ab66744e6..ca23167c5 100644 --- a/library/md.c +++ b/library/md.c @@ -114,8 +114,8 @@ /* Wrapper around MBEDTLS_MD_INFO_XXX_T() which makes sure that * the argument is macro-expanded before concatenated with the * field name. This allows to call these macros as - * MBEDTLS_MD_INFO_XXX( MBEDTLS_SSL_CONF_SINGLE_HASH ). - * where MBEDTLS_SSL_CONF_SINGLE_HASH expands to MBEDTLS_MD_INFO_XXX. */ + * MBEDTLS_MD_INFO_XXX( MBEDTLS_MD_SINGLE_HASH ). + * where MBEDTLS_MD_SINGLE_HASH expands to MBEDTLS_MD_INFO_XXX. */ #define MBEDTLS_MD_INFO_TYPE( MD ) MBEDTLS_MD_INFO_TYPE_T( MD ) #define MBEDTLS_MD_INFO_NAME( MD ) MBEDTLS_MD_INFO_NAME_T( MD ) #define MBEDTLS_MD_INFO_SIZE( MD ) MBEDTLS_MD_INFO_SIZE_T( MD ) From 3a98eab2c4750709159265cda0ece5b9b9c6dbff Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 4 Sep 2019 11:15:02 +0100 Subject: [PATCH 16/37] Don't return function pointers from MD info getters ARMC5 appears to use the heuristic that as soon as a function's address is taken, the function can no longer be removed from the resulting object file (which is not necessarily true if all uses of the functions address can be inlined). Circumvent this lack of optimization by not returning function pointers. --- library/md.c | 204 ++++++++++++++++++++++++++------------------------- 1 file changed, 103 insertions(+), 101 deletions(-) diff --git a/library/md.c b/library/md.c index ca23167c5..6fb5e4932 100644 --- a/library/md.c +++ b/library/md.c @@ -795,52 +795,58 @@ MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_block_size( return( info->block_size ); } -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_starts_func_t *mbedtls_md_info_starts_func( - mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_starts( mbedtls_md_handle_t info, + void *ctx ) { - return( info->starts_func ); + return( info->starts_func( ctx ) ); } -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_update_func_t *mbedtls_md_info_update_func( - mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update( mbedtls_md_handle_t info, + void *ctx, + const unsigned char *input, + size_t ilen ) { - return( info->update_func ); + return( info->update_func( ctx, input, ilen ) ); } -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_finish_func_t *mbedtls_md_info_finish_func( - mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish( mbedtls_md_handle_t info, + void *ctx, + unsigned char *output ) { - return( info->finish_func ); + return( info->finish_func( ctx, output ) ); } -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_digest_func_t *mbedtls_md_info_digest_func( - mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_digest( mbedtls_md_handle_t info, + const unsigned char *input, + size_t ilen, + unsigned char *output ) { - return( info->digest_func ); + return( info->digest_func( input, ilen, output ) ); } -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_ctx_alloc_func_t *mbedtls_md_info_ctx_alloc_func( - mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline void* mbedtls_md_info_ctx_alloc( mbedtls_md_handle_t info ) { - return( info->ctx_alloc_func ); + return( info->ctx_alloc_func() ); } -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_ctx_free_func_t *mbedtls_md_info_ctx_free_func( - mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_ctx_free( mbedtls_md_handle_t info, + void *ctx ) { - return( info->ctx_free_func ); + info->ctx_free_func( ctx ); } -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_clone_func_t *mbedtls_md_info_clone_func( - mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_clone( mbedtls_md_handle_t info, + void *dst, + const void *src ) { - return( info->clone_func ); + info->clone_func( dst, src ); } -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_process_func_t *mbedtls_md_info_process_func( - mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_process( mbedtls_md_handle_t info, + void *ctx, + const unsigned char *input ) { - return( info->process_func ); + return( info->process_func( ctx, input ) ); } #else /* !MBEDTLS_MD_SINGLE_HASH */ @@ -873,60 +879,70 @@ MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_block_size( return( MBEDTLS_MD_INFO_BLOCKSIZE( MBEDTLS_MD_SINGLE_HASH ) ); } -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_starts_func_t *mbedtls_md_info_starts_func( - mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_starts( mbedtls_md_handle_t info, + void *ctx ) { ((void) info); - return( MBEDTLS_MD_INFO_STARTS_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); + return( MBEDTLS_MD_INFO_STARTS_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx ) ); } -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_update_func_t *mbedtls_md_info_update_func( - mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update( mbedtls_md_handle_t info, + void *ctx, + const unsigned char *input, + size_t ilen ) { ((void) info); - return( MBEDTLS_MD_INFO_UPDATE_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); + return( MBEDTLS_MD_INFO_UPDATE_FUNC( MBEDTLS_MD_SINGLE_HASH ) + ( ctx, input, ilen ) ); } -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_finish_func_t *mbedtls_md_info_finish_func( - mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish( mbedtls_md_handle_t info, + void *ctx, + unsigned char *output ) { ((void) info); - return( MBEDTLS_MD_INFO_FINISH_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); + return( MBEDTLS_MD_INFO_FINISH_FUNC( MBEDTLS_MD_SINGLE_HASH ) + ( ctx, output ) ); } -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_digest_func_t *mbedtls_md_info_digest_func( - mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_digest( mbedtls_md_handle_t info, + const unsigned char *input, + size_t ilen, + unsigned char *output ) { ((void) info); - return( MBEDTLS_MD_INFO_DIGEST_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); + return( MBEDTLS_MD_INFO_DIGEST_FUNC( MBEDTLS_MD_SINGLE_HASH ) + ( input, ilen, output ) ); } -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_ctx_alloc_func_t *mbedtls_md_info_ctx_alloc_func( - mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline void* mbedtls_md_info_ctx_alloc( mbedtls_md_handle_t info ) { ((void) info); - return( MBEDTLS_MD_INFO_ALLOC_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); + return( MBEDTLS_MD_INFO_ALLOC_FUNC( MBEDTLS_MD_SINGLE_HASH )() ); } -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_ctx_free_func_t *mbedtls_md_info_ctx_free_func( - mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_ctx_free( mbedtls_md_handle_t info, + void *ctx ) { ((void) info); - return( MBEDTLS_MD_INFO_FREE_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); + MBEDTLS_MD_INFO_FREE_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx ); } -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_clone_func_t *mbedtls_md_info_clone_func( - mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_clone( mbedtls_md_handle_t info, + void *dst, + const void *src ) { ((void) info); - return( MBEDTLS_MD_INFO_CLONE_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); + MBEDTLS_MD_INFO_CLONE_FUNC( MBEDTLS_MD_SINGLE_HASH )( dst, src ); } -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_process_func_t *mbedtls_md_info_process_func( - mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_process( mbedtls_md_handle_t info, + void *ctx, + const unsigned char *input ) { ((void) info); - return( MBEDTLS_MD_INFO_PROCESS_FUNC( MBEDTLS_MD_SINGLE_HASH ) ); + return( MBEDTLS_MD_INFO_PROCESS_FUNC( MBEDTLS_MD_SINGLE_HASH ) + ( ctx, input ) ); } #endif /* MBEDTLS_MD_SINGLE_HASH */ @@ -1111,8 +1127,7 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) if( ctx->md_ctx != NULL ) { - mbedtls_md_info_ctx_free_func( - mbedtls_md_get_handle( ctx ) )( ctx->md_ctx ); + mbedtls_md_info_ctx_free( mbedtls_md_get_handle( ctx ), ctx->md_ctx ); } if( ctx->hmac_ctx != NULL ) @@ -1135,8 +1150,8 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); } - mbedtls_md_info_clone_func( mbedtls_md_get_handle( dst ) ) - ( dst->md_ctx, src->md_ctx ); + mbedtls_md_info_clone( mbedtls_md_get_handle( dst ), + dst->md_ctx, src->md_ctx ); return( 0 ); } @@ -1152,7 +1167,7 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, in if( md_info == MBEDTLS_MD_INVALID_HANDLE || ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - ctx->md_ctx = mbedtls_md_info_ctx_alloc_func( md_info )(); + ctx->md_ctx = mbedtls_md_info_ctx_alloc( md_info ); if( ctx->md_ctx == NULL ) return( MBEDTLS_ERR_MD_ALLOC_FAILED ); @@ -1162,7 +1177,7 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, in mbedtls_md_info_block_size( md_info ) ); if( ctx->hmac_ctx == NULL ) { - mbedtls_md_info_ctx_free_func( md_info )( ctx->md_ctx ); + mbedtls_md_info_ctx_free( md_info, ctx->md_ctx ); return( MBEDTLS_ERR_MD_ALLOC_FAILED ); } } @@ -1184,7 +1199,7 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx ) if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( mbedtls_md_info_starts_func( md_info )( ctx->md_ctx ) ); + return( mbedtls_md_info_starts( md_info, ctx->md_ctx ) ); } int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) @@ -1197,8 +1212,8 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( mbedtls_md_info_update_func( md_info )( ctx->md_ctx, - input, ilen ) ); + return( mbedtls_md_info_update( md_info, ctx->md_ctx, + input, ilen ) ); } int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) @@ -1211,8 +1226,8 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( mbedtls_md_info_finish_func( md_info )( ctx->md_ctx, - output ) ); + return( mbedtls_md_info_finish( md_info, ctx->md_ctx, + output ) ); } int mbedtls_md( mbedtls_md_handle_t md_info, const unsigned char *input, size_t ilen, @@ -1221,8 +1236,8 @@ int mbedtls_md( mbedtls_md_handle_t md_info, const unsigned char *input, size_t if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( mbedtls_md_info_digest_func( md_info )( - input, ilen, output) ); + return( mbedtls_md_info_digest( md_info, input, + ilen, output) ); } #if defined(MBEDTLS_FS_IO) @@ -1245,14 +1260,14 @@ int mbedtls_md_file( mbedtls_md_handle_t md_info, const char *path, unsigned cha if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 ) goto cleanup; - ret = mbedtls_md_info_starts_func( md_info )( ctx.md_ctx ); + ret = mbedtls_md_info_starts( md_info, ctx.md_ctx ); if( ret != 0 ) goto cleanup; while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) { - ret = mbedtls_md_info_update_func( md_info )( ctx.md_ctx, - buf, n ); + ret = mbedtls_md_info_update( md_info, ctx.md_ctx, + buf, n ); if( ret != 0 ) goto cleanup; } @@ -1263,8 +1278,8 @@ int mbedtls_md_file( mbedtls_md_handle_t md_info, const char *path, unsigned cha } else { - ret = mbedtls_md_info_finish_func( md_info )( ctx.md_ctx, - output ); + ret = mbedtls_md_info_finish( md_info, ctx.md_ctx, + output ); } cleanup: @@ -1283,10 +1298,6 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, unsigned char *ipad, *opad; size_t i; - mbedtls_md_starts_func_t *starts; - mbedtls_md_update_func_t *update; - mbedtls_md_finish_func_t *finish; - mbedtls_md_handle_t md_info; if( ctx == NULL || ctx->hmac_ctx == NULL ) @@ -1296,19 +1307,18 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - starts = mbedtls_md_info_starts_func( md_info ); - update = mbedtls_md_info_update_func( md_info ); - finish = mbedtls_md_info_finish_func( md_info ); - if( keylen > (size_t) mbedtls_md_info_block_size( md_info ) ) { - if( ( ret = starts( ctx->md_ctx ) ) != 0 ) + if( ( ret = mbedtls_md_info_starts( md_info, ctx->md_ctx ) ) != 0 ) goto cleanup; - if( ( ret = update( ctx->md_ctx, key, keylen ) ) ) + if( ( ret = mbedtls_md_info_update( md_info, ctx->md_ctx, + key, keylen ) ) != 0 ) + { goto cleanup; + } - if( ( ret = finish( ctx->md_ctx, sum ) ) != 0 ) + if( ( ret = mbedtls_md_info_finish( md_info, ctx->md_ctx, sum ) ) != 0 ) goto cleanup; keylen = mbedtls_md_info_size( md_info ); @@ -1328,10 +1338,10 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, opad[i] = (unsigned char)( opad[i] ^ key[i] ); } - if( ( ret = starts( ctx->md_ctx ) ) != 0 ) + if( ( ret = mbedtls_md_info_starts( md_info, ctx->md_ctx ) ) != 0 ) goto cleanup; - if( ( ret = update( ctx->md_ctx, ipad, + if( ( ret = mbedtls_md_info_update( md_info, ctx->md_ctx, ipad, mbedtls_md_info_block_size( md_info ) ) ) != 0 ) { goto cleanup; @@ -1355,8 +1365,9 @@ int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( mbedtls_md_info_update_func( md_info )( - ctx->md_ctx, input, ilen ) ); + return( mbedtls_md_info_update( md_info, + ctx->md_ctx, input, + ilen ) ); } int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) @@ -1365,10 +1376,6 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; unsigned char *opad; - mbedtls_md_starts_func_t *starts; - mbedtls_md_update_func_t *update; - mbedtls_md_finish_func_t *finish; - mbedtls_md_handle_t md_info; if( ctx == NULL || ctx->hmac_ctx == NULL ) @@ -1378,32 +1385,28 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - starts = mbedtls_md_info_starts_func( md_info ); - update = mbedtls_md_info_update_func( md_info ); - finish = mbedtls_md_info_finish_func( md_info ); - opad = (unsigned char *) ctx->hmac_ctx + mbedtls_md_info_block_size( md_info ); - if( ( ret = finish( ctx->md_ctx, tmp ) ) != 0 ) + if( ( ret = mbedtls_md_info_finish( md_info, ctx->md_ctx, tmp ) ) != 0 ) return( ret ); - if( ( ret = starts( ctx->md_ctx ) ) != 0 ) + if( ( ret = mbedtls_md_info_starts( md_info, ctx->md_ctx ) ) != 0 ) return( ret ); - if( ( ret = update( ctx->md_ctx, opad, - mbedtls_md_info_block_size( md_info ) ) ) != 0 ) + if( ( ret = mbedtls_md_info_update( md_info, ctx->md_ctx, opad, + mbedtls_md_info_block_size( md_info ) ) ) != 0 ) { return( ret ); } - if( ( ret = update( ctx->md_ctx, tmp, + if( ( ret = mbedtls_md_info_update( md_info, ctx->md_ctx, tmp, mbedtls_md_info_size( md_info ) ) ) != 0 ) { return( ret ); } - if( ( ret = finish( ctx->md_ctx, output ) ) != 0 ) + if( ( ret = mbedtls_md_info_finish( md_info, ctx->md_ctx, output ) ) != 0 ) return( ret ); return( 0 ); @@ -1425,13 +1428,13 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) ipad = (unsigned char *) ctx->hmac_ctx; - ret = mbedtls_md_info_starts_func( md_info )( ctx->md_ctx ); + ret = mbedtls_md_info_starts( md_info, ctx->md_ctx ); if( ret != 0 ) return( ret ); - ret = mbedtls_md_info_update_func( md_info )( - ctx->md_ctx, ipad, - mbedtls_md_info_block_size( md_info ) ); + ret = mbedtls_md_info_update( md_info, + ctx->md_ctx, ipad, + mbedtls_md_info_block_size( md_info ) ); return( ret ); } @@ -1474,8 +1477,7 @@ int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( mbedtls_md_info_process_func( md_info )( - ctx->md_ctx, data ) ); + return( mbedtls_md_info_process( md_info, ctx->md_ctx, data ) ); } unsigned char mbedtls_md_get_size( mbedtls_md_handle_t md_info ) From 3f7d270c18192a0ae2a5a58038fdc439f8ac5b10 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 4 Sep 2019 11:52:46 +0100 Subject: [PATCH 17/37] md.c: Avoid overly long lines --- library/md.c | 104 +++++++++++++++++++++++++++++---------------------- 1 file changed, 60 insertions(+), 44 deletions(-) diff --git a/library/md.c b/library/md.c index 6fb5e4932..8d8f3371a 100644 --- a/library/md.c +++ b/library/md.c @@ -795,56 +795,64 @@ MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_block_size( return( info->block_size ); } -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_starts( mbedtls_md_handle_t info, - void *ctx ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_starts( + mbedtls_md_handle_t info, + void *ctx ) { return( info->starts_func( ctx ) ); } -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update( mbedtls_md_handle_t info, - void *ctx, - const unsigned char *input, - size_t ilen ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update( + mbedtls_md_handle_t info, + void *ctx, + const unsigned char *input, + size_t ilen ) { return( info->update_func( ctx, input, ilen ) ); } -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish( mbedtls_md_handle_t info, - void *ctx, - unsigned char *output ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish( + mbedtls_md_handle_t info, + void *ctx, + unsigned char *output ) { return( info->finish_func( ctx, output ) ); } -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_digest( mbedtls_md_handle_t info, - const unsigned char *input, - size_t ilen, - unsigned char *output ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_digest( + mbedtls_md_handle_t info, + const unsigned char *input, + size_t ilen, + unsigned char *output ) { return( info->digest_func( input, ilen, output ) ); } -MBEDTLS_ALWAYS_INLINE static inline void* mbedtls_md_info_ctx_alloc( mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline void* mbedtls_md_info_ctx_alloc( + mbedtls_md_handle_t info ) { return( info->ctx_alloc_func() ); } -MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_ctx_free( mbedtls_md_handle_t info, - void *ctx ) +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_ctx_free( + mbedtls_md_handle_t info, + void *ctx ) { info->ctx_free_func( ctx ); } -MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_clone( mbedtls_md_handle_t info, - void *dst, - const void *src ) +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_clone( + mbedtls_md_handle_t info, + void *dst, + const void *src ) { info->clone_func( dst, src ); } -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_process( mbedtls_md_handle_t info, - void *ctx, - const unsigned char *input ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_process( + mbedtls_md_handle_t info, + void *ctx, + const unsigned char *input ) { return( info->process_func( ctx, input ) ); } @@ -879,66 +887,74 @@ MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_block_size( return( MBEDTLS_MD_INFO_BLOCKSIZE( MBEDTLS_MD_SINGLE_HASH ) ); } -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_starts( mbedtls_md_handle_t info, - void *ctx ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_starts( + mbedtls_md_handle_t info, + void *ctx ) { ((void) info); return( MBEDTLS_MD_INFO_STARTS_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx ) ); } -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update( mbedtls_md_handle_t info, - void *ctx, - const unsigned char *input, - size_t ilen ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update( + mbedtls_md_handle_t info, + void *ctx, + const unsigned char *input, + size_t ilen ) { ((void) info); return( MBEDTLS_MD_INFO_UPDATE_FUNC( MBEDTLS_MD_SINGLE_HASH ) ( ctx, input, ilen ) ); } -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish( mbedtls_md_handle_t info, - void *ctx, - unsigned char *output ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish( + mbedtls_md_handle_t info, + void *ctx, + unsigned char *output ) { ((void) info); return( MBEDTLS_MD_INFO_FINISH_FUNC( MBEDTLS_MD_SINGLE_HASH ) ( ctx, output ) ); } -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_digest( mbedtls_md_handle_t info, - const unsigned char *input, - size_t ilen, - unsigned char *output ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_digest( + mbedtls_md_handle_t info, + const unsigned char *input, + size_t ilen, + unsigned char *output ) { ((void) info); return( MBEDTLS_MD_INFO_DIGEST_FUNC( MBEDTLS_MD_SINGLE_HASH ) ( input, ilen, output ) ); } -MBEDTLS_ALWAYS_INLINE static inline void* mbedtls_md_info_ctx_alloc( mbedtls_md_handle_t info ) +MBEDTLS_ALWAYS_INLINE static inline void* mbedtls_md_info_ctx_alloc( + mbedtls_md_handle_t info ) { ((void) info); return( MBEDTLS_MD_INFO_ALLOC_FUNC( MBEDTLS_MD_SINGLE_HASH )() ); } -MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_ctx_free( mbedtls_md_handle_t info, - void *ctx ) +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_ctx_free( + mbedtls_md_handle_t info, + void *ctx ) { ((void) info); MBEDTLS_MD_INFO_FREE_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx ); } -MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_clone( mbedtls_md_handle_t info, - void *dst, - const void *src ) +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_clone( + mbedtls_md_handle_t info, + void *dst, + const void *src ) { ((void) info); MBEDTLS_MD_INFO_CLONE_FUNC( MBEDTLS_MD_SINGLE_HASH )( dst, src ); } -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_process( mbedtls_md_handle_t info, - void *ctx, - const unsigned char *input ) +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_process( + mbedtls_md_handle_t info, + void *ctx, + const unsigned char *input ) { ((void) info); return( MBEDTLS_MD_INFO_PROCESS_FUNC( MBEDTLS_MD_SINGLE_HASH ) From c4e4210aaba69c0a250331bc8608070d590daa65 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 4 Sep 2019 12:43:22 +0100 Subject: [PATCH 18/37] Introduce md_internal.h Recall that in the default configuration, Mbed TLS provides access digest implementations through two layers of indirection: 1) Call of MD API (e.g. mbedtls_md_update()) 2) Call of function pointer from MD info structure 3) Actual digest implementation (e.g. mbedtls_sha256_update()). Ideally, if only a single digest is enabled - say SHA-256 - then calling mbedtls_md_update() should _directly_ jump to mbedtls_sha256_update(), with both layers of indirection removed. So far, however, setting MBEDTLS_MD_SINGLE_HASH will only remove the second - function pointer - layer of indirection, while keeping the non-inlined stub implementations of e.g. mbedtls_md_update() around. This commit is a step towards allowing to define implementations of the MD API as `static inline` in case we know that they are so small that they should be defined in md.h and not in md.c. In a nutshell, the approach is as follows: For an MD API function mbedtls_md_xxx() that should be inlin-able, introduce its implementation as a `static inline` wrapper `mbedtls_md_xxx_internal()` in md.h, and then define mbedtls_md_xxx() either in md.h or in md.c, by just calling mbedtls_md_xxx_internal(). Moving the implementations of those MD API functions that should be inlinable to md.h requires the presence of both the MD info struct and all specific digest wrapper functions in md.h, and this is what this commit ensures, by moving them from md.c into a new internal header file md_internal.h. Implementing the aforementioned wrappers for those MD API that should be inlinable is left for subsequent commits. --- include/mbedtls/md.h | 2 + include/mbedtls/md_internal.h | 820 ++++++++++++++++++++++++++++++++ library/md.c | 864 +++------------------------------- 3 files changed, 881 insertions(+), 805 deletions(-) create mode 100644 include/mbedtls/md_internal.h diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 2810a9180..120473d94 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -131,6 +131,8 @@ static inline mbedtls_md_handle_t mbedtls_md_get_handle( } #endif /* !MBEDTLS_MD_SINGLE_HASH */ +#include "md_internal.h" + /** * \brief This function returns the list of digests supported by the * generic digest module. diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h new file mode 100644 index 000000000..568c9714b --- /dev/null +++ b/include/mbedtls/md_internal.h @@ -0,0 +1,820 @@ + /** + * \file md.h + * + * \brief This file contains the generic message-digest wrapper. + * + * \author Adriaan de Jong + */ +/* + * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of Mbed TLS (https://tls.mbed.org) + */ + +#ifndef MBEDTLS_MD_INTERNAL_H +#define MBEDTLS_MD_INTERNAL_H + +#if defined(MBEDTLS_MD2_C) +#include "mbedtls/md2.h" +#endif + +#if defined(MBEDTLS_MD4_C) +#include "mbedtls/md4.h" +#endif + +#if defined(MBEDTLS_MD5_C) +#include "mbedtls/md5.h" +#endif + +#if defined(MBEDTLS_RIPEMD160_C) +#include "mbedtls/ripemd160.h" +#endif + +#if defined(MBEDTLS_SHA1_C) +#include "mbedtls/sha1.h" +#endif + +#if defined(MBEDTLS_SHA256_C) +#include "mbedtls/sha256.h" +#endif + +#if defined(MBEDTLS_SHA512_C) +#include "mbedtls/sha512.h" +#endif + +#include "mbedtls/platform_util.h" + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * Message-digest information macro definition + */ + +/* SHA-256 */ +#define MBEDTLS_MD_INFO_SHA256_TYPE MBEDTLS_MD_SHA256 +#define MBEDTLS_MD_INFO_SHA256_NAME "SHA256" +#define MBEDTLS_MD_INFO_SHA256_SIZE 32 +#define MBEDTLS_MD_INFO_SHA256_BLOCKSIZE 64 +#define MBEDTLS_MD_INFO_SHA256_STARTS_FUNC mbedtls_sha256_starts_wrap +#define MBEDTLS_MD_INFO_SHA256_UPDATE_FUNC mbedtls_sha224_update_wrap +#define MBEDTLS_MD_INFO_SHA256_FINISH_FUNC mbedtls_sha224_finish_wrap +#define MBEDTLS_MD_INFO_SHA256_DIGEST_FUNC mbedtls_sha256_wrap +#define MBEDTLS_MD_INFO_SHA256_ALLOC_FUNC mbedtls_sha224_ctx_alloc +#define MBEDTLS_MD_INFO_SHA256_FREE_FUNC mbedtls_sha224_ctx_free +#define MBEDTLS_MD_INFO_SHA256_CLONE_FUNC mbedtls_sha224_clone_wrap +#define MBEDTLS_MD_INFO_SHA256_PROCESS_FUNC mbedtls_sha224_process_wrap + +/* + * Helper macros to extract fields from ciphersuites. + */ + +#define MBEDTLS_MD_INFO_TYPE_T( MD ) MD ## _TYPE +#define MBEDTLS_MD_INFO_NAME_T( MD ) MD ## _NAME +#define MBEDTLS_MD_INFO_SIZE_T( MD ) MD ## _SIZE +#define MBEDTLS_MD_INFO_BLOCKSIZE_T( MD ) MD ## _BLOCKSIZE +#define MBEDTLS_MD_INFO_STARTS_FUNC_T( MD ) MD ## _STARTS_FUNC +#define MBEDTLS_MD_INFO_UPDATE_FUNC_T( MD ) MD ## _UPDATE_FUNC +#define MBEDTLS_MD_INFO_FINISH_FUNC_T( MD ) MD ## _FINISH_FUNC +#define MBEDTLS_MD_INFO_DIGEST_FUNC_T( MD ) MD ## _DIGEST_FUNC +#define MBEDTLS_MD_INFO_ALLOC_FUNC_T( MD ) MD ## _ALLOC_FUNC +#define MBEDTLS_MD_INFO_FREE_FUNC_T( MD ) MD ## _FREE_FUNC +#define MBEDTLS_MD_INFO_CLONE_FUNC_T( MD ) MD ## _CLONE_FUNC +#define MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD ) MD ## _PROCESS_FUNC + +/* Wrapper around MBEDTLS_MD_INFO_XXX_T() which makes sure that + * the argument is macro-expanded before concatenated with the + * field name. This allows to call these macros as + * MBEDTLS_MD_INFO_XXX( MBEDTLS_MD_SINGLE_HASH ). + * where MBEDTLS_MD_SINGLE_HASH expands to MBEDTLS_MD_INFO_XXX. */ +#define MBEDTLS_MD_INFO_TYPE( MD ) MBEDTLS_MD_INFO_TYPE_T( MD ) +#define MBEDTLS_MD_INFO_NAME( MD ) MBEDTLS_MD_INFO_NAME_T( MD ) +#define MBEDTLS_MD_INFO_SIZE( MD ) MBEDTLS_MD_INFO_SIZE_T( MD ) +#define MBEDTLS_MD_INFO_BLOCKSIZE( MD ) MBEDTLS_MD_INFO_BLOCKSIZE_T( MD ) +#define MBEDTLS_MD_INFO_STARTS_FUNC( MD ) MBEDTLS_MD_INFO_STARTS_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_UPDATE_FUNC( MD ) MBEDTLS_MD_INFO_UPDATE_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_FINISH_FUNC( MD ) MBEDTLS_MD_INFO_FINISH_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_DIGEST_FUNC( MD ) MBEDTLS_MD_INFO_DIGEST_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_ALLOC_FUNC( MD ) MBEDTLS_MD_INFO_ALLOC_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_FREE_FUNC( MD ) MBEDTLS_MD_INFO_FREE_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_CLONE_FUNC( MD ) MBEDTLS_MD_INFO_CLONE_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD ) + +/** + * Message digest information. + * Allows message digest functions to be called in a generic way. + */ + +typedef int mbedtls_md_starts_func_t( void *ctx ); +typedef int mbedtls_md_update_func_t( void *ctx, + const unsigned char *input, + size_t ilen ); +typedef int mbedtls_md_finish_func_t( void *ctx, unsigned char *output ); +typedef int mbedtls_md_digest_func_t( const unsigned char *input, + size_t ilen, + unsigned char *output ); +typedef void* mbedtls_md_ctx_alloc_func_t( void ); +typedef void mbedtls_md_ctx_free_func_t( void *ctx ); +typedef void mbedtls_md_clone_func_t( void *st, const void *src ); +typedef int mbedtls_md_process_func_t( void *ctx, + const unsigned char *input ); + +#if !defined(MBEDTLS_MD_SINGLE_HASH) +struct mbedtls_md_info_t +{ + /** Digest identifier */ + mbedtls_md_type_t type; + + /** Name of the message digest */ + const char * name; + + /** Output length of the digest function in bytes */ + int size; + + /** Block length of the digest function in bytes */ + int block_size; + + /** Digest initialisation function */ + mbedtls_md_starts_func_t *starts_func; + + /** Digest update function */ + mbedtls_md_update_func_t *update_func; + + /** Digest finalisation function */ + mbedtls_md_finish_func_t *finish_func; + + /** Generic digest function */ + mbedtls_md_digest_func_t *digest_func; + + /** Allocate a new context */ + mbedtls_md_ctx_alloc_func_t *ctx_alloc_func; + + /** Free the given context */ + mbedtls_md_ctx_free_func_t *ctx_free_func; + + /** Clone state from a context */ + mbedtls_md_clone_func_t *clone_func; + + /** Internal use only */ + mbedtls_md_process_func_t *process_func; +}; + +/** + * \brief This macro builds an instance of ::mbedtls_md_info_t + * from an \c MBEDTLS_MD_INFO_XXX identifier. + */ +#define MBEDTLS_MD_INFO( MD ) \ + { MBEDTLS_MD_INFO_TYPE( MD ), \ + MBEDTLS_MD_INFO_NAME( MD ), \ + MBEDTLS_MD_INFO_SIZE( MD ), \ + MBEDTLS_MD_INFO_BLOCKSIZE( MD ), \ + MBEDTLS_MD_INFO_STARTS_FUNC( MD ), \ + MBEDTLS_MD_INFO_UPDATE_FUNC( MD ), \ + MBEDTLS_MD_INFO_FINISH_FUNC( MD ), \ + MBEDTLS_MD_INFO_DIGEST_FUNC( MD ), \ + MBEDTLS_MD_INFO_ALLOC_FUNC( MD ), \ + MBEDTLS_MD_INFO_FREE_FUNC( MD ), \ + MBEDTLS_MD_INFO_CLONE_FUNC( MD ), \ + MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) } + +#endif /* !MBEDTLS_MD_SINGLE_HASH */ + +/* + * + * Definitions of MD information structures for various digests. + * + */ + +/* + * MD-2 + */ + +#if defined(MBEDTLS_MD2_C) + +static int mbedtls_md2_starts_wrap( void *ctx ) +{ + return( mbedtls_md2_starts_ret( (mbedtls_md2_context *) ctx ) ); +} + +static int mbedtls_md2_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_md2_update_ret( (mbedtls_md2_context *) ctx, input, ilen ) ); +} + +static int mbedtls_md2_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_md2_finish_ret( (mbedtls_md2_context *) ctx, output ) ); +} + +static void* mbedtls_md2_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md2_context ) ); + + if( ctx != NULL ) + mbedtls_md2_init( (mbedtls_md2_context *) ctx ); + + return( ctx ); +} + +static void mbedtls_md2_ctx_free( void *ctx ) +{ + mbedtls_md2_free( (mbedtls_md2_context *) ctx ); + mbedtls_free( ctx ); +} + +static void mbedtls_md2_clone_wrap( void *dst, const void *src ) +{ + mbedtls_md2_clone( (mbedtls_md2_context *) dst, + (const mbedtls_md2_context *) src ); +} + +static int mbedtls_md2_process_wrap( void *ctx, const unsigned char *data ) +{ + ((void) data); + + return( mbedtls_internal_md2_process( (mbedtls_md2_context *) ctx ) ); +} + +#endif /* MBEDTLS_MD2_C */ + +/* + * MD-4 + */ + +#if defined(MBEDTLS_MD4_C) + +static int mbedtls_md4_starts_wrap( void *ctx ) +{ + return( mbedtls_md4_starts_ret( (mbedtls_md4_context *) ctx ) ); +} + +static int mbedtls_md4_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_md4_update_ret( (mbedtls_md4_context *) ctx, input, ilen ) ); +} + +static int mbedtls_md4_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_md4_finish_ret( (mbedtls_md4_context *) ctx, output ) ); +} + +static void* mbedtls_md4_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md4_context ) ); + + if( ctx != NULL ) + mbedtls_md4_init( (mbedtls_md4_context *) ctx ); + + return( ctx ); +} + +static void mbedtls_md4_ctx_free( void *ctx ) +{ + mbedtls_md4_free( (mbedtls_md4_context *) ctx ); + mbedtls_free( ctx ); +} + +static void mbedtls_md4_clone_wrap( void *dst, const void *src ) +{ + mbedtls_md4_clone( (mbedtls_md4_context *) dst, + (const mbedtls_md4_context *) src ); +} + +static int mbedtls_md4_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) ); +} + +#endif /* MBEDTLS_MD4_C */ + +/* + * MD-5 + */ + +#if defined(MBEDTLS_MD5_C) + +static int mbedtls_md5_starts_wrap( void *ctx ) +{ + return( mbedtls_md5_starts_ret( (mbedtls_md5_context *) ctx ) ); +} + +static int mbedtls_md5_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_md5_update_ret( (mbedtls_md5_context *) ctx, input, ilen ) ); +} + +static int mbedtls_md5_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_md5_finish_ret( (mbedtls_md5_context *) ctx, output ) ); +} + +static void* mbedtls_md5_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md5_context ) ); + + if( ctx != NULL ) + mbedtls_md5_init( (mbedtls_md5_context *) ctx ); + + return( ctx ); +} + +static void mbedtls_md5_ctx_free( void *ctx ) +{ + mbedtls_md5_free( (mbedtls_md5_context *) ctx ); + mbedtls_free( ctx ); +} + +static void mbedtls_md5_clone_wrap( void *dst, const void *src ) +{ + mbedtls_md5_clone( (mbedtls_md5_context *) dst, + (const mbedtls_md5_context *) src ); +} + +static int mbedtls_md5_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) ); +} + +#endif /* MBEDTLS_MD5_C */ + +/* + * RIPEMD-160 + */ + +#if defined(MBEDTLS_RIPEMD160_C) + +static int mbedtls_ripemd160_starts_wrap( void *ctx ) +{ + return( mbedtls_ripemd160_starts_ret( (mbedtls_ripemd160_context *) ctx ) ); +} + +static int mbedtls_ripemd160_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_ripemd160_update_ret( (mbedtls_ripemd160_context *) ctx, + input, ilen ) ); +} + +static int mbedtls_ripemd160_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_ripemd160_finish_ret( (mbedtls_ripemd160_context *) ctx, + output ) ); +} + +static void* mbedtls_ripemd160_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ripemd160_context ) ); + + if( ctx != NULL ) + mbedtls_ripemd160_init( (mbedtls_ripemd160_context *) ctx ); + + return( ctx ); +} + +static void mbedtls_ripemd160_ctx_free( void *ctx ) +{ + mbedtls_ripemd160_free( (mbedtls_ripemd160_context *) ctx ); + mbedtls_free( ctx ); +} + +static void mbedtls_ripemd160_clone_wrap( void *dst, const void *src ) +{ + mbedtls_ripemd160_clone( (mbedtls_ripemd160_context *) dst, + (const mbedtls_ripemd160_context *) src ); +} + +static int mbedtls_ripemd160_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_ripemd160_process( + (mbedtls_ripemd160_context *) ctx, data ) ); +} + +#endif /* MBEDTLS_RIPEMD160_C */ + +/* + * SHA-1 + */ + +#if defined(MBEDTLS_SHA1_C) + +static int mbedtls_sha1_starts_wrap( void *ctx ) +{ + return( mbedtls_sha1_starts_ret( (mbedtls_sha1_context *) ctx ) ); +} + +static int mbedtls_sha1_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_sha1_update_ret( (mbedtls_sha1_context *) ctx, + input, ilen ) ); +} + +static int mbedtls_sha1_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_sha1_finish_ret( (mbedtls_sha1_context *) ctx, output ) ); +} + +static void* mbedtls_sha1_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha1_context ) ); + + if( ctx != NULL ) + mbedtls_sha1_init( (mbedtls_sha1_context *) ctx ); + + return( ctx ); +} + +static void mbedtls_sha1_clone_wrap( void *dst, const void *src ) +{ + mbedtls_sha1_clone( (mbedtls_sha1_context *) dst, + (const mbedtls_sha1_context *) src ); +} + +static void mbedtls_sha1_ctx_free( void *ctx ) +{ + mbedtls_sha1_free( (mbedtls_sha1_context *) ctx ); + mbedtls_free( ctx ); +} + +static int mbedtls_sha1_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_sha1_process( (mbedtls_sha1_context *) ctx, + data ) ); +} + +#endif /* MBEDTLS_SHA1_C */ + +/* + * SHA-224 and SHA-256 + */ + +#if defined(MBEDTLS_SHA256_C) + +#if !defined(MBEDTLS_SHA256_NO_SHA224) +static int mbedtls_sha224_starts_wrap( void *ctx ) +{ + return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) ); +} +#endif /* !MBEDTLS_SHA256_NO_SHA224 */ + +static int mbedtls_sha224_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_sha256_update_ret( (mbedtls_sha256_context *) ctx, + input, ilen ) ); +} + +static int mbedtls_sha224_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_sha256_finish_ret( (mbedtls_sha256_context *) ctx, + output ) ); +} + +#if !defined(MBEDTLS_SHA256_NO_SHA224) +static int mbedtls_sha224_wrap( const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + return( mbedtls_sha256_ret( input, ilen, output, 1 ) ); +} +#endif /* !MBEDTLS_SHA256_NO_SHA224 */ + +static void* mbedtls_sha224_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha256_context ) ); + + if( ctx != NULL ) + mbedtls_sha256_init( (mbedtls_sha256_context *) ctx ); + + return( ctx ); +} + +static void mbedtls_sha224_ctx_free( void *ctx ) +{ + mbedtls_sha256_free( (mbedtls_sha256_context *) ctx ); + mbedtls_free( ctx ); +} + +static void mbedtls_sha224_clone_wrap( void *dst, const void *src ) +{ + mbedtls_sha256_clone( (mbedtls_sha256_context *) dst, + (const mbedtls_sha256_context *) src ); +} + +static int mbedtls_sha224_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_sha256_process( (mbedtls_sha256_context *) ctx, + data ) ); +} + +static int mbedtls_sha256_starts_wrap( void *ctx ) +{ + return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 0 ) ); +} + +static int mbedtls_sha256_wrap( const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); +} + +#endif /* MBEDTLS_SHA256_C */ + +/* + * SHA-384 and SHA-512 + */ + +#if defined(MBEDTLS_SHA512_C) + +static int mbedtls_sha384_starts_wrap( void *ctx ) +{ + return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 1 ) ); +} + +static int mbedtls_sha384_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_sha512_update_ret( (mbedtls_sha512_context *) ctx, + input, ilen ) ); +} + +static int mbedtls_sha384_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_sha512_finish_ret( (mbedtls_sha512_context *) ctx, + output ) ); +} + +static int mbedtls_sha384_wrap( const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + return( mbedtls_sha512_ret( input, ilen, output, 1 ) ); +} + +static void* mbedtls_sha384_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha512_context ) ); + + if( ctx != NULL ) + mbedtls_sha512_init( (mbedtls_sha512_context *) ctx ); + + return( ctx ); +} + +static void mbedtls_sha384_ctx_free( void *ctx ) +{ + mbedtls_sha512_free( (mbedtls_sha512_context *) ctx ); + mbedtls_free( ctx ); +} + +static void mbedtls_sha384_clone_wrap( void *dst, const void *src ) +{ + mbedtls_sha512_clone( (mbedtls_sha512_context *) dst, + (const mbedtls_sha512_context *) src ); +} + +static int mbedtls_sha384_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_sha512_process( (mbedtls_sha512_context *) ctx, + data ) ); +} + +static int mbedtls_sha512_starts_wrap( void *ctx ) +{ + return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 0 ) ); +} + +static int mbedtls_sha512_wrap( const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + return( mbedtls_sha512_ret( input, ilen, output, 0 ) ); +} + +#endif /* MBEDTLS_SHA512_C */ + +/* + * Getter functions for MD info structure. + */ + +#if !defined(MBEDTLS_MD_SINGLE_HASH) + +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_type_t mbedtls_md_info_type( + mbedtls_md_handle_t info ) +{ + return( info->type ); +} + +MBEDTLS_ALWAYS_INLINE static inline const char * mbedtls_md_info_name( + mbedtls_md_handle_t info ) +{ + return( info->name ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_size( + mbedtls_md_handle_t info ) +{ + return( info->size ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_block_size( + mbedtls_md_handle_t info ) +{ + return( info->block_size ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_starts( + mbedtls_md_handle_t info, + void *ctx ) +{ + return( info->starts_func( ctx ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update( + mbedtls_md_handle_t info, + void *ctx, + const unsigned char *input, + size_t ilen ) +{ + return( info->update_func( ctx, input, ilen ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish( + mbedtls_md_handle_t info, + void *ctx, + unsigned char *output ) +{ + return( info->finish_func( ctx, output ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_digest( + mbedtls_md_handle_t info, + const unsigned char *input, + size_t ilen, + unsigned char *output ) +{ + return( info->digest_func( input, ilen, output ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline void* mbedtls_md_info_ctx_alloc( + mbedtls_md_handle_t info ) +{ + return( info->ctx_alloc_func() ); +} + +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_ctx_free( + mbedtls_md_handle_t info, + void *ctx ) +{ + info->ctx_free_func( ctx ); +} + +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_clone( + mbedtls_md_handle_t info, + void *dst, + const void *src ) +{ + info->clone_func( dst, src ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_process( + mbedtls_md_handle_t info, + void *ctx, + const unsigned char *input ) +{ + return( info->process_func( ctx, input ) ); +} + +#else /* !MBEDTLS_MD_SINGLE_HASH */ + +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_type_t mbedtls_md_info_type( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_TYPE( MBEDTLS_MD_SINGLE_HASH ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline const char * mbedtls_md_info_name( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_NAME( MBEDTLS_MD_SINGLE_HASH ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_size( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_SIZE( MBEDTLS_MD_SINGLE_HASH ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_block_size( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_BLOCKSIZE( MBEDTLS_MD_SINGLE_HASH ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_starts( + mbedtls_md_handle_t info, + void *ctx ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_STARTS_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update( + mbedtls_md_handle_t info, + void *ctx, + const unsigned char *input, + size_t ilen ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_UPDATE_FUNC( MBEDTLS_MD_SINGLE_HASH ) + ( ctx, input, ilen ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish( + mbedtls_md_handle_t info, + void *ctx, + unsigned char *output ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_FINISH_FUNC( MBEDTLS_MD_SINGLE_HASH ) + ( ctx, output ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_digest( + mbedtls_md_handle_t info, + const unsigned char *input, + size_t ilen, + unsigned char *output ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_DIGEST_FUNC( MBEDTLS_MD_SINGLE_HASH ) + ( input, ilen, output ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline void* mbedtls_md_info_ctx_alloc( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_ALLOC_FUNC( MBEDTLS_MD_SINGLE_HASH )() ); +} + +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_ctx_free( + mbedtls_md_handle_t info, + void *ctx ) +{ + ((void) info); + MBEDTLS_MD_INFO_FREE_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx ); +} + +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_clone( + mbedtls_md_handle_t info, + void *dst, + const void *src ) +{ + ((void) info); + MBEDTLS_MD_INFO_CLONE_FUNC( MBEDTLS_MD_SINGLE_HASH )( dst, src ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_process( + mbedtls_md_handle_t info, + void *ctx, + const unsigned char *input ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_PROCESS_FUNC( MBEDTLS_MD_SINGLE_HASH ) + ( ctx, input ) ); +} + +#endif /* MBEDTLS_MD_SINGLE_HASH */ + +#ifdef __cplusplus +} +#endif + +#endif /* MBEDTLS_MD_INTERNAL_H */ diff --git a/library/md.c b/library/md.c index 8d8f3371a..f81a1a9e3 100644 --- a/library/md.c +++ b/library/md.c @@ -48,166 +48,7 @@ #include #endif -#if defined(MBEDTLS_MD2_C) -#include "mbedtls/md2.h" -#endif - -#if defined(MBEDTLS_MD4_C) -#include "mbedtls/md4.h" -#endif - -#if defined(MBEDTLS_MD5_C) -#include "mbedtls/md5.h" -#endif - -#if defined(MBEDTLS_RIPEMD160_C) -#include "mbedtls/ripemd160.h" -#endif - -#if defined(MBEDTLS_SHA1_C) -#include "mbedtls/sha1.h" -#endif - -#if defined(MBEDTLS_SHA256_C) -#include "mbedtls/sha256.h" -#endif - -#if defined(MBEDTLS_SHA512_C) -#include "mbedtls/sha512.h" -#endif - -/* - * Message-digest information macro definition - */ - -/* SHA-256 */ -#define MBEDTLS_MD_INFO_SHA256_TYPE MBEDTLS_MD_SHA256 -#define MBEDTLS_MD_INFO_SHA256_NAME "SHA256" -#define MBEDTLS_MD_INFO_SHA256_SIZE 32 -#define MBEDTLS_MD_INFO_SHA256_BLOCKSIZE 64 -#define MBEDTLS_MD_INFO_SHA256_STARTS_FUNC sha256_starts_wrap -#define MBEDTLS_MD_INFO_SHA256_UPDATE_FUNC sha224_update_wrap -#define MBEDTLS_MD_INFO_SHA256_FINISH_FUNC sha224_finish_wrap -#define MBEDTLS_MD_INFO_SHA256_DIGEST_FUNC sha256_wrap -#define MBEDTLS_MD_INFO_SHA256_ALLOC_FUNC sha224_ctx_alloc -#define MBEDTLS_MD_INFO_SHA256_FREE_FUNC sha224_ctx_free -#define MBEDTLS_MD_INFO_SHA256_CLONE_FUNC sha224_clone_wrap -#define MBEDTLS_MD_INFO_SHA256_PROCESS_FUNC sha224_process_wrap - -/* - * Helper macros to extract fields from ciphersuites. - */ - -#define MBEDTLS_MD_INFO_TYPE_T( MD ) MD ## _TYPE -#define MBEDTLS_MD_INFO_NAME_T( MD ) MD ## _NAME -#define MBEDTLS_MD_INFO_SIZE_T( MD ) MD ## _SIZE -#define MBEDTLS_MD_INFO_BLOCKSIZE_T( MD ) MD ## _BLOCKSIZE -#define MBEDTLS_MD_INFO_STARTS_FUNC_T( MD ) MD ## _STARTS_FUNC -#define MBEDTLS_MD_INFO_UPDATE_FUNC_T( MD ) MD ## _UPDATE_FUNC -#define MBEDTLS_MD_INFO_FINISH_FUNC_T( MD ) MD ## _FINISH_FUNC -#define MBEDTLS_MD_INFO_DIGEST_FUNC_T( MD ) MD ## _DIGEST_FUNC -#define MBEDTLS_MD_INFO_ALLOC_FUNC_T( MD ) MD ## _ALLOC_FUNC -#define MBEDTLS_MD_INFO_FREE_FUNC_T( MD ) MD ## _FREE_FUNC -#define MBEDTLS_MD_INFO_CLONE_FUNC_T( MD ) MD ## _CLONE_FUNC -#define MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD ) MD ## _PROCESS_FUNC - -/* Wrapper around MBEDTLS_MD_INFO_XXX_T() which makes sure that - * the argument is macro-expanded before concatenated with the - * field name. This allows to call these macros as - * MBEDTLS_MD_INFO_XXX( MBEDTLS_MD_SINGLE_HASH ). - * where MBEDTLS_MD_SINGLE_HASH expands to MBEDTLS_MD_INFO_XXX. */ -#define MBEDTLS_MD_INFO_TYPE( MD ) MBEDTLS_MD_INFO_TYPE_T( MD ) -#define MBEDTLS_MD_INFO_NAME( MD ) MBEDTLS_MD_INFO_NAME_T( MD ) -#define MBEDTLS_MD_INFO_SIZE( MD ) MBEDTLS_MD_INFO_SIZE_T( MD ) -#define MBEDTLS_MD_INFO_BLOCKSIZE( MD ) MBEDTLS_MD_INFO_BLOCKSIZE_T( MD ) -#define MBEDTLS_MD_INFO_STARTS_FUNC( MD ) MBEDTLS_MD_INFO_STARTS_FUNC_T( MD ) -#define MBEDTLS_MD_INFO_UPDATE_FUNC( MD ) MBEDTLS_MD_INFO_UPDATE_FUNC_T( MD ) -#define MBEDTLS_MD_INFO_FINISH_FUNC( MD ) MBEDTLS_MD_INFO_FINISH_FUNC_T( MD ) -#define MBEDTLS_MD_INFO_DIGEST_FUNC( MD ) MBEDTLS_MD_INFO_DIGEST_FUNC_T( MD ) -#define MBEDTLS_MD_INFO_ALLOC_FUNC( MD ) MBEDTLS_MD_INFO_ALLOC_FUNC_T( MD ) -#define MBEDTLS_MD_INFO_FREE_FUNC( MD ) MBEDTLS_MD_INFO_FREE_FUNC_T( MD ) -#define MBEDTLS_MD_INFO_CLONE_FUNC( MD ) MBEDTLS_MD_INFO_CLONE_FUNC_T( MD ) -#define MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD ) - -/** - * Message digest information. - * Allows message digest functions to be called in a generic way. - */ - -typedef int mbedtls_md_starts_func_t( void *ctx ); -typedef int mbedtls_md_update_func_t( void *ctx, - const unsigned char *input, - size_t ilen ); -typedef int mbedtls_md_finish_func_t( void *ctx, unsigned char *output ); -typedef int mbedtls_md_digest_func_t( const unsigned char *input, - size_t ilen, - unsigned char *output ); -typedef void* mbedtls_md_ctx_alloc_func_t( void ); -typedef void mbedtls_md_ctx_free_func_t( void *ctx ); -typedef void mbedtls_md_clone_func_t( void *st, const void *src ); -typedef int mbedtls_md_process_func_t( void *ctx, - const unsigned char *input ); - #if !defined(MBEDTLS_MD_SINGLE_HASH) -struct mbedtls_md_info_t -{ - /** Digest identifier */ - mbedtls_md_type_t type; - - /** Name of the message digest */ - const char * name; - - /** Output length of the digest function in bytes */ - int size; - - /** Block length of the digest function in bytes */ - int block_size; - - /** Digest initialisation function */ - mbedtls_md_starts_func_t *starts_func; - - /** Digest update function */ - mbedtls_md_update_func_t *update_func; - - /** Digest finalisation function */ - mbedtls_md_finish_func_t *finish_func; - - /** Generic digest function */ - mbedtls_md_digest_func_t *digest_func; - - /** Allocate a new context */ - mbedtls_md_ctx_alloc_func_t *ctx_alloc_func; - - /** Free the given context */ - mbedtls_md_ctx_free_func_t *ctx_free_func; - - /** Clone state from a context */ - mbedtls_md_clone_func_t *clone_func; - - /** Internal use only */ - mbedtls_md_process_func_t *process_func; -}; - -/** - * \brief This macro builds an instance of ::mbedtls_md_info_t - * from an \c MBEDTLS_MD_INFO_XXX identifier. - */ -#define MBEDTLS_MD_INFO( MD ) \ - { MBEDTLS_MD_INFO_TYPE( MD ), \ - MBEDTLS_MD_INFO_NAME( MD ), \ - MBEDTLS_MD_INFO_SIZE( MD ), \ - MBEDTLS_MD_INFO_BLOCKSIZE( MD ), \ - MBEDTLS_MD_INFO_STARTS_FUNC( MD ), \ - MBEDTLS_MD_INFO_UPDATE_FUNC( MD ), \ - MBEDTLS_MD_INFO_FINISH_FUNC( MD ), \ - MBEDTLS_MD_INFO_DIGEST_FUNC( MD ), \ - MBEDTLS_MD_INFO_ALLOC_FUNC( MD ), \ - MBEDTLS_MD_INFO_FREE_FUNC( MD ), \ - MBEDTLS_MD_INFO_CLONE_FUNC( MD ), \ - MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) } - -#endif /* !MBEDTLS_MD_SINGLE_HASH */ - /* * * Definitions of MD information structures for various digests. @@ -217,71 +58,21 @@ struct mbedtls_md_info_t /* * MD-2 */ - #if defined(MBEDTLS_MD2_C) - -static int md2_starts_wrap( void *ctx ) -{ - return( mbedtls_md2_starts_ret( (mbedtls_md2_context *) ctx ) ); -} - -static int md2_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_md2_update_ret( (mbedtls_md2_context *) ctx, input, ilen ) ); -} - -static int md2_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_md2_finish_ret( (mbedtls_md2_context *) ctx, output ) ); -} - -static void *md2_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md2_context ) ); - - if( ctx != NULL ) - mbedtls_md2_init( (mbedtls_md2_context *) ctx ); - - return( ctx ); -} - -static void md2_ctx_free( void *ctx ) -{ - mbedtls_md2_free( (mbedtls_md2_context *) ctx ); - mbedtls_free( ctx ); -} - -static void md2_clone_wrap( void *dst, const void *src ) -{ - mbedtls_md2_clone( (mbedtls_md2_context *) dst, - (const mbedtls_md2_context *) src ); -} - -static int md2_process_wrap( void *ctx, const unsigned char *data ) -{ - ((void) data); - - return( mbedtls_internal_md2_process( (mbedtls_md2_context *) ctx ) ); -} - -#if !defined(MBEDTLS_MD_SINGLE_HASH) const mbedtls_md_info_t mbedtls_md2_info = { MBEDTLS_MD_MD2, "MD2", 16, 16, - md2_starts_wrap, - md2_update_wrap, - md2_finish_wrap, + mbedtls_md2_starts_wrap, + mbedtls_md2_update_wrap, + mbedtls_md2_finish_wrap, mbedtls_md2_ret, - md2_ctx_alloc, - md2_ctx_free, - md2_clone_wrap, - md2_process_wrap, + mbedtls_md2_ctx_alloc, + mbedtls_md2_ctx_free, + mbedtls_md2_clone_wrap, + mbedtls_md2_process_wrap, }; -#endif /* !MBEDTLS_MD_SINGLE_HASH */ - #endif /* MBEDTLS_MD2_C */ /* @@ -289,67 +80,20 @@ const mbedtls_md_info_t mbedtls_md2_info = { */ #if defined(MBEDTLS_MD4_C) - -static int md4_starts_wrap( void *ctx ) -{ - return( mbedtls_md4_starts_ret( (mbedtls_md4_context *) ctx ) ); -} - -static int md4_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_md4_update_ret( (mbedtls_md4_context *) ctx, input, ilen ) ); -} - -static int md4_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_md4_finish_ret( (mbedtls_md4_context *) ctx, output ) ); -} - -static void *md4_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md4_context ) ); - - if( ctx != NULL ) - mbedtls_md4_init( (mbedtls_md4_context *) ctx ); - - return( ctx ); -} - -static void md4_ctx_free( void *ctx ) -{ - mbedtls_md4_free( (mbedtls_md4_context *) ctx ); - mbedtls_free( ctx ); -} - -static void md4_clone_wrap( void *dst, const void *src ) -{ - mbedtls_md4_clone( (mbedtls_md4_context *) dst, - (const mbedtls_md4_context *) src ); -} - -static int md4_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) ); -} - -#if !defined(MBEDTLS_MD_SINGLE_HASH) const mbedtls_md_info_t mbedtls_md4_info = { MBEDTLS_MD_MD4, "MD4", 16, 64, - md4_starts_wrap, - md4_update_wrap, - md4_finish_wrap, + mbedtls_md4_starts_wrap, + mbedtls_md4_update_wrap, + mbedtls_md4_finish_wrap, mbedtls_md4_ret, - md4_ctx_alloc, - md4_ctx_free, - md4_clone_wrap, - md4_process_wrap, + mbedtls_md4_ctx_alloc, + mbedtls_md4_ctx_free, + mbedtls_md4_clone_wrap, + mbedtls_md4_process_wrap, }; -#endif /* MBEDTLS_MD_SINGLE_HASH */ - #endif /* MBEDTLS_MD4_C */ /* @@ -357,67 +101,20 @@ const mbedtls_md_info_t mbedtls_md4_info = { */ #if defined(MBEDTLS_MD5_C) - -static int md5_starts_wrap( void *ctx ) -{ - return( mbedtls_md5_starts_ret( (mbedtls_md5_context *) ctx ) ); -} - -static int md5_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_md5_update_ret( (mbedtls_md5_context *) ctx, input, ilen ) ); -} - -static int md5_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_md5_finish_ret( (mbedtls_md5_context *) ctx, output ) ); -} - -static void *md5_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md5_context ) ); - - if( ctx != NULL ) - mbedtls_md5_init( (mbedtls_md5_context *) ctx ); - - return( ctx ); -} - -static void md5_ctx_free( void *ctx ) -{ - mbedtls_md5_free( (mbedtls_md5_context *) ctx ); - mbedtls_free( ctx ); -} - -static void md5_clone_wrap( void *dst, const void *src ) -{ - mbedtls_md5_clone( (mbedtls_md5_context *) dst, - (const mbedtls_md5_context *) src ); -} - -static int md5_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) ); -} - -#if !defined(MBEDTLS_MD_SINGLE_HASH) const mbedtls_md_info_t mbedtls_md5_info = { MBEDTLS_MD_MD5, "MD5", 16, 64, - md5_starts_wrap, - md5_update_wrap, - md5_finish_wrap, + mbedtls_md5_starts_wrap, + mbedtls_md5_update_wrap, + mbedtls_md5_finish_wrap, mbedtls_md5_ret, - md5_ctx_alloc, - md5_ctx_free, - md5_clone_wrap, - md5_process_wrap, + mbedtls_md5_ctx_alloc, + mbedtls_md5_ctx_free, + mbedtls_md5_clone_wrap, + mbedtls_md5_process_wrap, }; -#endif /* MBEDTLS_MD_SINGLE_HASH */ - #endif /* MBEDTLS_MD5_C */ /* @@ -425,70 +122,20 @@ const mbedtls_md_info_t mbedtls_md5_info = { */ #if defined(MBEDTLS_RIPEMD160_C) - -static int ripemd160_starts_wrap( void *ctx ) -{ - return( mbedtls_ripemd160_starts_ret( (mbedtls_ripemd160_context *) ctx ) ); -} - -static int ripemd160_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_ripemd160_update_ret( (mbedtls_ripemd160_context *) ctx, - input, ilen ) ); -} - -static int ripemd160_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_ripemd160_finish_ret( (mbedtls_ripemd160_context *) ctx, - output ) ); -} - -static void *ripemd160_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ripemd160_context ) ); - - if( ctx != NULL ) - mbedtls_ripemd160_init( (mbedtls_ripemd160_context *) ctx ); - - return( ctx ); -} - -static void ripemd160_ctx_free( void *ctx ) -{ - mbedtls_ripemd160_free( (mbedtls_ripemd160_context *) ctx ); - mbedtls_free( ctx ); -} - -static void ripemd160_clone_wrap( void *dst, const void *src ) -{ - mbedtls_ripemd160_clone( (mbedtls_ripemd160_context *) dst, - (const mbedtls_ripemd160_context *) src ); -} - -static int ripemd160_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_ripemd160_process( - (mbedtls_ripemd160_context *) ctx, data ) ); -} - -#if !defined(MBEDTLS_MD_SINGLE_HASH) const mbedtls_md_info_t mbedtls_ripemd160_info = { MBEDTLS_MD_RIPEMD160, "RIPEMD160", 20, 64, - ripemd160_starts_wrap, - ripemd160_update_wrap, - ripemd160_finish_wrap, + mbedtls_ripemd160_starts_wrap, + mbedtls_ripemd160_update_wrap, + mbedtls_ripemd160_finish_wrap, mbedtls_ripemd160_ret, - ripemd160_ctx_alloc, - ripemd160_ctx_free, - ripemd160_clone_wrap, - ripemd160_process_wrap, + mbedtls_ripemd160_ctx_alloc, + mbedtls_ripemd160_ctx_free, + mbedtls_ripemd160_clone_wrap, + mbedtls_ripemd160_process_wrap, }; -#endif /* !MBEDTLS_MD_SINGLE_HASH */ - #endif /* MBEDTLS_RIPEMD160_C */ /* @@ -496,69 +143,20 @@ const mbedtls_md_info_t mbedtls_ripemd160_info = { */ #if defined(MBEDTLS_SHA1_C) - -static int sha1_starts_wrap( void *ctx ) -{ - return( mbedtls_sha1_starts_ret( (mbedtls_sha1_context *) ctx ) ); -} - -static int sha1_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_sha1_update_ret( (mbedtls_sha1_context *) ctx, - input, ilen ) ); -} - -static int sha1_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_sha1_finish_ret( (mbedtls_sha1_context *) ctx, output ) ); -} - -static void *sha1_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha1_context ) ); - - if( ctx != NULL ) - mbedtls_sha1_init( (mbedtls_sha1_context *) ctx ); - - return( ctx ); -} - -static void sha1_clone_wrap( void *dst, const void *src ) -{ - mbedtls_sha1_clone( (mbedtls_sha1_context *) dst, - (const mbedtls_sha1_context *) src ); -} - -static void sha1_ctx_free( void *ctx ) -{ - mbedtls_sha1_free( (mbedtls_sha1_context *) ctx ); - mbedtls_free( ctx ); -} - -static int sha1_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_sha1_process( (mbedtls_sha1_context *) ctx, - data ) ); -} - -#if !defined(MBEDTLS_MD_SINGLE_HASH) const mbedtls_md_info_t mbedtls_sha1_info = { MBEDTLS_MD_SHA1, "SHA1", 20, 64, - sha1_starts_wrap, - sha1_update_wrap, - sha1_finish_wrap, + mbedtls_sha1_starts_wrap, + mbedtls_sha1_update_wrap, + mbedtls_sha1_finish_wrap, mbedtls_sha1_ret, - sha1_ctx_alloc, - sha1_ctx_free, - sha1_clone_wrap, - sha1_process_wrap, + mbedtls_sha1_ctx_alloc, + mbedtls_sha1_ctx_free, + mbedtls_sha1_clone_wrap, + mbedtls_sha1_process_wrap, }; -#endif /* !MBEDTLS_MD_SINGLE_HASH */ - #endif /* MBEDTLS_SHA1_C */ /* @@ -566,98 +164,24 @@ const mbedtls_md_info_t mbedtls_sha1_info = { */ #if defined(MBEDTLS_SHA256_C) - -#if !defined(MBEDTLS_SHA256_NO_SHA224) -static int sha224_starts_wrap( void *ctx ) -{ - return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) ); -} -#endif /* !MBEDTLS_SHA256_NO_SHA224 */ - -static int sha224_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_sha256_update_ret( (mbedtls_sha256_context *) ctx, - input, ilen ) ); -} - -static int sha224_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_sha256_finish_ret( (mbedtls_sha256_context *) ctx, - output ) ); -} - -#if !defined(MBEDTLS_SHA256_NO_SHA224) -static int sha224_wrap( const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - return( mbedtls_sha256_ret( input, ilen, output, 1 ) ); -} -#endif /* !MBEDTLS_SHA256_NO_SHA224 */ - -static void *sha224_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha256_context ) ); - - if( ctx != NULL ) - mbedtls_sha256_init( (mbedtls_sha256_context *) ctx ); - - return( ctx ); -} - -static void sha224_ctx_free( void *ctx ) -{ - mbedtls_sha256_free( (mbedtls_sha256_context *) ctx ); - mbedtls_free( ctx ); -} - -static void sha224_clone_wrap( void *dst, const void *src ) -{ - mbedtls_sha256_clone( (mbedtls_sha256_context *) dst, - (const mbedtls_sha256_context *) src ); -} - -static int sha224_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_sha256_process( (mbedtls_sha256_context *) ctx, - data ) ); -} - -#if !defined(MBEDTLS_MD_SINGLE_HASH) #if !defined(MBEDTLS_SHA256_NO_SHA224) const mbedtls_md_info_t mbedtls_sha224_info = { MBEDTLS_MD_SHA224, "SHA224", 28, 64, - sha224_starts_wrap, - sha224_update_wrap, - sha224_finish_wrap, - sha224_wrap, - sha224_ctx_alloc, - sha224_ctx_free, - sha224_clone_wrap, - sha224_process_wrap, + mbedtls_sha224_starts_wrap, + mbedtls_sha224_update_wrap, + mbedtls_sha224_finish_wrap, + mbedtls_sha224_wrap, + mbedtls_sha224_ctx_alloc, + mbedtls_sha224_ctx_free, + mbedtls_sha224_clone_wrap, + mbedtls_sha224_process_wrap, }; #endif /* !MBEDTLS_SHA256_NO_SHA224 */ -#endif /* !MBEDTLS_MD_SINGLE_HASH */ - -static int sha256_starts_wrap( void *ctx ) -{ - return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 0 ) ); -} - -static int sha256_wrap( const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); -} - -#if !defined(MBEDTLS_MD_SINGLE_HASH) const mbedtls_md_info_t mbedtls_sha256_info = MBEDTLS_MD_INFO( MBEDTLS_MD_INFO_SHA256 ); -#endif /* !MBEDTLS_MD_SINGLE_HASH */ - #endif /* MBEDTLS_SHA256_C */ /* @@ -665,306 +189,36 @@ const mbedtls_md_info_t mbedtls_sha256_info = */ #if defined(MBEDTLS_SHA512_C) - -static int sha384_starts_wrap( void *ctx ) -{ - return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 1 ) ); -} - -static int sha384_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_sha512_update_ret( (mbedtls_sha512_context *) ctx, - input, ilen ) ); -} - -static int sha384_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_sha512_finish_ret( (mbedtls_sha512_context *) ctx, - output ) ); -} - -static int sha384_wrap( const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - return( mbedtls_sha512_ret( input, ilen, output, 1 ) ); -} - -static void *sha384_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha512_context ) ); - - if( ctx != NULL ) - mbedtls_sha512_init( (mbedtls_sha512_context *) ctx ); - - return( ctx ); -} - -static void sha384_ctx_free( void *ctx ) -{ - mbedtls_sha512_free( (mbedtls_sha512_context *) ctx ); - mbedtls_free( ctx ); -} - -static void sha384_clone_wrap( void *dst, const void *src ) -{ - mbedtls_sha512_clone( (mbedtls_sha512_context *) dst, - (const mbedtls_sha512_context *) src ); -} - -static int sha384_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_sha512_process( (mbedtls_sha512_context *) ctx, - data ) ); -} - -#if !defined(MBEDTLS_MD_SINGLE_HASH) const mbedtls_md_info_t mbedtls_sha384_info = { MBEDTLS_MD_SHA384, "SHA384", 48, 128, - sha384_starts_wrap, - sha384_update_wrap, - sha384_finish_wrap, - sha384_wrap, - sha384_ctx_alloc, - sha384_ctx_free, - sha384_clone_wrap, - sha384_process_wrap, + mbedtls_sha384_starts_wrap, + mbedtls_sha384_update_wrap, + mbedtls_sha384_finish_wrap, + mbedtls_sha384_wrap, + mbedtls_sha384_ctx_alloc, + mbedtls_sha384_ctx_free, + mbedtls_sha384_clone_wrap, + mbedtls_sha384_process_wrap, }; -#endif /* MBEDTLS_MD_SINGLE_HASH */ - -static int sha512_starts_wrap( void *ctx ) -{ - return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 0 ) ); -} - -static int sha512_wrap( const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - return( mbedtls_sha512_ret( input, ilen, output, 0 ) ); -} - -#if !defined(MBEDTLS_MD_SINGLE_HASH) const mbedtls_md_info_t mbedtls_sha512_info = { MBEDTLS_MD_SHA512, "SHA512", 64, 128, - sha512_starts_wrap, - sha384_update_wrap, - sha384_finish_wrap, - sha512_wrap, - sha384_ctx_alloc, - sha384_ctx_free, - sha384_clone_wrap, - sha384_process_wrap, + mbedtls_sha512_starts_wrap, + mbedtls_sha384_update_wrap, + mbedtls_sha384_finish_wrap, + mbedtls_sha512_wrap, + mbedtls_sha384_ctx_alloc, + mbedtls_sha384_ctx_free, + mbedtls_sha384_clone_wrap, + mbedtls_sha384_process_wrap, }; -#endif /* MBEDTLS_MD_SINGLE_HASH */ - #endif /* MBEDTLS_SHA512_C */ -/* - * Getter functions for MD info structure. - */ - -#if !defined(MBEDTLS_MD_SINGLE_HASH) - -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_type_t mbedtls_md_info_type( - mbedtls_md_handle_t info ) -{ - return( info->type ); -} - -MBEDTLS_ALWAYS_INLINE static inline const char * mbedtls_md_info_name( - mbedtls_md_handle_t info ) -{ - return( info->name ); -} - -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_size( - mbedtls_md_handle_t info ) -{ - return( info->size ); -} - -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_block_size( - mbedtls_md_handle_t info ) -{ - return( info->block_size ); -} - -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_starts( - mbedtls_md_handle_t info, - void *ctx ) -{ - return( info->starts_func( ctx ) ); -} - -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update( - mbedtls_md_handle_t info, - void *ctx, - const unsigned char *input, - size_t ilen ) -{ - return( info->update_func( ctx, input, ilen ) ); -} - -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish( - mbedtls_md_handle_t info, - void *ctx, - unsigned char *output ) -{ - return( info->finish_func( ctx, output ) ); -} - -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_digest( - mbedtls_md_handle_t info, - const unsigned char *input, - size_t ilen, - unsigned char *output ) -{ - return( info->digest_func( input, ilen, output ) ); -} - -MBEDTLS_ALWAYS_INLINE static inline void* mbedtls_md_info_ctx_alloc( - mbedtls_md_handle_t info ) -{ - return( info->ctx_alloc_func() ); -} - -MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_ctx_free( - mbedtls_md_handle_t info, - void *ctx ) -{ - info->ctx_free_func( ctx ); -} - -MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_clone( - mbedtls_md_handle_t info, - void *dst, - const void *src ) -{ - info->clone_func( dst, src ); -} - -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_process( - mbedtls_md_handle_t info, - void *ctx, - const unsigned char *input ) -{ - return( info->process_func( ctx, input ) ); -} - -#else /* !MBEDTLS_MD_SINGLE_HASH */ - -MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_type_t mbedtls_md_info_type( - mbedtls_md_handle_t info ) -{ - ((void) info); - return( MBEDTLS_MD_INFO_TYPE( MBEDTLS_MD_SINGLE_HASH ) ); -} - -MBEDTLS_ALWAYS_INLINE static inline const char * mbedtls_md_info_name( - mbedtls_md_handle_t info ) -{ - ((void) info); - return( MBEDTLS_MD_INFO_NAME( MBEDTLS_MD_SINGLE_HASH ) ); -} - -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_size( - mbedtls_md_handle_t info ) -{ - ((void) info); - return( MBEDTLS_MD_INFO_SIZE( MBEDTLS_MD_SINGLE_HASH ) ); -} - -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_block_size( - mbedtls_md_handle_t info ) -{ - ((void) info); - return( MBEDTLS_MD_INFO_BLOCKSIZE( MBEDTLS_MD_SINGLE_HASH ) ); -} - -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_starts( - mbedtls_md_handle_t info, - void *ctx ) -{ - ((void) info); - return( MBEDTLS_MD_INFO_STARTS_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx ) ); -} - -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update( - mbedtls_md_handle_t info, - void *ctx, - const unsigned char *input, - size_t ilen ) -{ - ((void) info); - return( MBEDTLS_MD_INFO_UPDATE_FUNC( MBEDTLS_MD_SINGLE_HASH ) - ( ctx, input, ilen ) ); -} - -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish( - mbedtls_md_handle_t info, - void *ctx, - unsigned char *output ) -{ - ((void) info); - return( MBEDTLS_MD_INFO_FINISH_FUNC( MBEDTLS_MD_SINGLE_HASH ) - ( ctx, output ) ); -} - -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_digest( - mbedtls_md_handle_t info, - const unsigned char *input, - size_t ilen, - unsigned char *output ) -{ - ((void) info); - return( MBEDTLS_MD_INFO_DIGEST_FUNC( MBEDTLS_MD_SINGLE_HASH ) - ( input, ilen, output ) ); -} - -MBEDTLS_ALWAYS_INLINE static inline void* mbedtls_md_info_ctx_alloc( - mbedtls_md_handle_t info ) -{ - ((void) info); - return( MBEDTLS_MD_INFO_ALLOC_FUNC( MBEDTLS_MD_SINGLE_HASH )() ); -} - -MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_ctx_free( - mbedtls_md_handle_t info, - void *ctx ) -{ - ((void) info); - MBEDTLS_MD_INFO_FREE_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx ); -} - -MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_clone( - mbedtls_md_handle_t info, - void *dst, - const void *src ) -{ - ((void) info); - MBEDTLS_MD_INFO_CLONE_FUNC( MBEDTLS_MD_SINGLE_HASH )( dst, src ); -} - -MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_process( - mbedtls_md_handle_t info, - void *ctx, - const unsigned char *input ) -{ - ((void) info); - return( MBEDTLS_MD_INFO_PROCESS_FUNC( MBEDTLS_MD_SINGLE_HASH ) - ( ctx, input ) ); -} - -#endif /* MBEDTLS_MD_SINGLE_HASH */ - -#if !defined(MBEDTLS_MD_SINGLE_HASH) - /* * Reminder: update profiles in x509_crt.c when adding a new hash! */ From 7a7b7227cba34aca0e8bb7898ed92427470b8fd9 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 4 Sep 2019 12:47:48 +0100 Subject: [PATCH 19/37] Add dummy def of MBEDTLS_MD_INFO_SHA256 to make check-names.sh happy --- include/mbedtls/md_internal.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index 568c9714b..b1bb7e332 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -73,6 +73,9 @@ extern "C" { * Message-digest information macro definition */ +/* Dummy definition to keep check-names.sh happy - don't uncomment */ +//#define MBEDTLS_MD_INFO_SHA256 + /* SHA-256 */ #define MBEDTLS_MD_INFO_SHA256_TYPE MBEDTLS_MD_SHA256 #define MBEDTLS_MD_INFO_SHA256_NAME "SHA256" From 527f7c9307d83122ba303af4c682d84e1959c311 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 4 Sep 2019 12:46:07 +0100 Subject: [PATCH 20/37] MD: Demonstrate config-dep'n API inlining for mbedtls_md_starts() --- include/mbedtls/md.h | 34 +++++++++++++++++++++++++++++++++- library/md.c | 12 +++--------- 2 files changed, 36 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 120473d94..b1caca8b7 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -82,6 +82,8 @@ typedef enum { #if !defined(MBEDTLS_MD_SINGLE_HASH) +#define MBEDTLS_MD_INLINABLE_API + /** * Opaque struct defined in md.c. */ @@ -93,6 +95,8 @@ typedef struct mbedtls_md_info_t const * mbedtls_md_handle_t; #else /* !MBEDTLS_MD_SINGLE_HASH */ +#define MBEDTLS_MD_INLINABLE_API MBEDTLS_ALWAYS_INLINE static inline + typedef int mbedtls_md_handle_t; #define MBEDTLS_MD_INVALID_HANDLE ( (mbedtls_md_handle_t) 0 ) #define MBEDTLS_MD_UNIQUE_VALID_HANDLE ( (mbedtls_md_handle_t) 1 ) @@ -308,7 +312,7 @@ const char *mbedtls_md_get_name( mbedtls_md_handle_t md_info ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ -int mbedtls_md_starts( mbedtls_md_context_t *ctx ); +MBEDTLS_MD_INLINABLE_API int mbedtls_md_starts( mbedtls_md_context_t *ctx ); /** * \brief This function feeds an input buffer into an ongoing @@ -500,6 +504,34 @@ int mbedtls_md_hmac( mbedtls_md_handle_t md_info, const unsigned char *key, size /* Internal use */ int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ); +/* + * Internal wrapper functions for those MD API functions which should be + * inlined in some but not all configurations. The actual MD API will be + * implemented either here or in md.c, and forward to the wrappers. + */ + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_starts_internal( + mbedtls_md_context_t *ctx ) +{ + mbedtls_md_handle_t md_info; + if( ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_starts( md_info, ctx->md_ctx ) ); +} + +#if defined(MBEDTLS_MD_SINGLE_HASH) +MBEDTLS_MD_INLINABLE_API int mbedtls_md_starts( + mbedtls_md_context_t *ctx ) +{ + return( mbedtls_md_starts_internal( ctx ) ); +} +#endif /* MBEDTLS_MD_SINGLE_HASH */ + #ifdef __cplusplus } #endif diff --git a/library/md.c b/library/md.c index f81a1a9e3..bf90b502b 100644 --- a/library/md.c +++ b/library/md.c @@ -459,18 +459,12 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, in return( 0 ); } +#if !defined(MBEDTLS_MD_SINGLE_HASH) int mbedtls_md_starts( mbedtls_md_context_t *ctx ) { - mbedtls_md_handle_t md_info; - if( ctx == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - - md_info = mbedtls_md_get_handle( ctx ); - if( md_info == MBEDTLS_MD_INVALID_HANDLE ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - - return( mbedtls_md_info_starts( md_info, ctx->md_ctx ) ); + return( mbedtls_md_starts_internal( ctx ) ); } +#endif /* !MBEDTLS_MD_SINGLE_HASH */ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) { From fdef5ac13b77dc8645e78d6aba7dead9dd91ce3e Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 4 Sep 2019 13:20:05 +0100 Subject: [PATCH 21/37] MD: Implement config dep'n inlining of mbedtls_md_update() --- include/mbedtls/md.h | 29 ++++++++++++++++++++++++++++- library/md.c | 17 +++++------------ 2 files changed, 33 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index b1caca8b7..cc04f2210 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -330,7 +330,9 @@ MBEDTLS_MD_INLINABLE_API int mbedtls_md_starts( mbedtls_md_context_t *ctx ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ -int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ); +MBEDTLS_MD_INLINABLE_API int mbedtls_md_update( mbedtls_md_context_t *ctx, + const unsigned char *input, + size_t ilen ); /** * \brief This function finishes the digest operation, @@ -524,12 +526,37 @@ MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_starts_internal( return( mbedtls_md_info_starts( md_info, ctx->md_ctx ) ); } +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_update_internal( + mbedtls_md_context_t *ctx, + const unsigned char *input, + size_t ilen ) +{ + mbedtls_md_handle_t md_info; + if( ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_update( md_info, ctx->md_ctx, + input, ilen ) ); +} + #if defined(MBEDTLS_MD_SINGLE_HASH) MBEDTLS_MD_INLINABLE_API int mbedtls_md_starts( mbedtls_md_context_t *ctx ) { return( mbedtls_md_starts_internal( ctx ) ); } + +MBEDTLS_MD_INLINABLE_API int mbedtls_md_update( + mbedtls_md_context_t *ctx, + const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_md_update_internal( ctx, input, ilen ) ); +} #endif /* MBEDTLS_MD_SINGLE_HASH */ #ifdef __cplusplus diff --git a/library/md.c b/library/md.c index bf90b502b..aa14f838d 100644 --- a/library/md.c +++ b/library/md.c @@ -464,21 +464,14 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx ) { return( mbedtls_md_starts_internal( ctx ) ); } -#endif /* !MBEDTLS_MD_SINGLE_HASH */ -int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) +int mbedtls_md_update( mbedtls_md_context_t *ctx, + const unsigned char *input, + size_t ilen ) { - mbedtls_md_handle_t md_info; - if( ctx == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - - md_info = mbedtls_md_get_handle( ctx ); - if( md_info == MBEDTLS_MD_INVALID_HANDLE ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - - return( mbedtls_md_info_update( md_info, ctx->md_ctx, - input, ilen ) ); + return( mbedtls_md_update_internal( ctx, input, ilen ) ); } +#endif /* !MBEDTLS_MD_SINGLE_HASH */ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) { From 993691d9ba9d9b3d984724802c6f12643d09ac72 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 4 Sep 2019 13:24:44 +0100 Subject: [PATCH 22/37] MD: Implement config dep'n inlining of mbedtls_md_finish() --- include/mbedtls/md.h | 54 +++++++++++++++++++++++++++++++++++++++++--- library/md.c | 19 +++------------- 2 files changed, 54 insertions(+), 19 deletions(-) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index cc04f2210..899623f7a 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -352,7 +352,8 @@ MBEDTLS_MD_INLINABLE_API int mbedtls_md_update( mbedtls_md_context_t *ctx, * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ -int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ); +MBEDTLS_MD_INLINABLE_API int mbedtls_md_finish( mbedtls_md_context_t *ctx, + unsigned char *output ); /** * \brief This function calculates the message-digest of a buffer, @@ -372,8 +373,11 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ -int mbedtls_md( mbedtls_md_handle_t md_info, const unsigned char *input, size_t ilen, - unsigned char *output ); +MBEDTLS_MD_INLINABLE_API int mbedtls_md( + mbedtls_md_handle_t md_info, + const unsigned char *input, + size_t ilen, + unsigned char *output ); #if defined(MBEDTLS_FS_IO) /** @@ -543,6 +547,34 @@ MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_update_internal( input, ilen ) ); } +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_finish_internal( + mbedtls_md_context_t *ctx, unsigned char *output ) +{ + mbedtls_md_handle_t md_info; + if( ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_finish( md_info, ctx->md_ctx, + output ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_internal( + mbedtls_md_handle_t md_info, + const unsigned char *input, + size_t ilen, + unsigned char *output ) +{ + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_digest( md_info, input, + ilen, output) ); +} + #if defined(MBEDTLS_MD_SINGLE_HASH) MBEDTLS_MD_INLINABLE_API int mbedtls_md_starts( mbedtls_md_context_t *ctx ) @@ -557,6 +589,22 @@ MBEDTLS_MD_INLINABLE_API int mbedtls_md_update( { return( mbedtls_md_update_internal( ctx, input, ilen ) ); } + +MBEDTLS_MD_INLINABLE_API int mbedtls_md_finish( + mbedtls_md_context_t *ctx, unsigned char *output ) +{ + return( mbedtls_md_finish_internal( ctx, output ) ); +} + +MBEDTLS_MD_INLINABLE_API int mbedtls_md( + mbedtls_md_handle_t md_info, + const unsigned char *input, + size_t ilen, + unsigned char *output ) +{ + return( mbedtls_md_internal( md_info, input, ilen, output ) ); +} + #endif /* MBEDTLS_MD_SINGLE_HASH */ #ifdef __cplusplus diff --git a/library/md.c b/library/md.c index aa14f838d..b648baabc 100644 --- a/library/md.c +++ b/library/md.c @@ -471,31 +471,18 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, { return( mbedtls_md_update_internal( ctx, input, ilen ) ); } -#endif /* !MBEDTLS_MD_SINGLE_HASH */ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) { - mbedtls_md_handle_t md_info; - if( ctx == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - - md_info = mbedtls_md_get_handle( ctx ); - if( md_info == MBEDTLS_MD_INVALID_HANDLE ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - - return( mbedtls_md_info_finish( md_info, ctx->md_ctx, - output ) ); + return( mbedtls_md_finish_internal( ctx, output ) ); } int mbedtls_md( mbedtls_md_handle_t md_info, const unsigned char *input, size_t ilen, unsigned char *output ) { - if( md_info == MBEDTLS_MD_INVALID_HANDLE ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - - return( mbedtls_md_info_digest( md_info, input, - ilen, output) ); + return( mbedtls_md_internal( md_info, input, ilen, output ) ); } +#endif /* !MBEDTLS_MD_SINGLE_HASH */ #if defined(MBEDTLS_FS_IO) int mbedtls_md_file( mbedtls_md_handle_t md_info, const char *path, unsigned char *output ) From 53ade9fa628a4db49acb6225c69a50476370e914 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 4 Sep 2019 13:44:51 +0100 Subject: [PATCH 23/37] MD: Implement config dep'n inlining of mbedtls_md_process() --- include/mbedtls/md.h | 23 ++++++++++++++++++++++- library/md.c | 12 +++--------- 2 files changed, 25 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 899623f7a..104c5777a 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -508,7 +508,8 @@ int mbedtls_md_hmac( mbedtls_md_handle_t md_info, const unsigned char *key, size unsigned char *output ); /* Internal use */ -int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ); +MBEDTLS_MD_INLINABLE_API int mbedtls_md_process( mbedtls_md_context_t *ctx, + const unsigned char *data ); /* * Internal wrapper functions for those MD API functions which should be @@ -575,6 +576,20 @@ MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_internal( ilen, output) ); } +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_process_internal( + mbedtls_md_context_t *ctx, const unsigned char *data ) +{ + mbedtls_md_handle_t md_info; + if( ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_process( md_info, ctx->md_ctx, data ) ); +} + #if defined(MBEDTLS_MD_SINGLE_HASH) MBEDTLS_MD_INLINABLE_API int mbedtls_md_starts( mbedtls_md_context_t *ctx ) @@ -605,6 +620,12 @@ MBEDTLS_MD_INLINABLE_API int mbedtls_md( return( mbedtls_md_internal( md_info, input, ilen, output ) ); } +MBEDTLS_MD_INLINABLE_API int mbedtls_md_process( + mbedtls_md_context_t *ctx, const unsigned char *data ) +{ + return( mbedtls_md_process_internal( ctx, data ) ); +} + #endif /* MBEDTLS_MD_SINGLE_HASH */ #ifdef __cplusplus diff --git a/library/md.c b/library/md.c index b648baabc..09985328f 100644 --- a/library/md.c +++ b/library/md.c @@ -711,18 +711,12 @@ cleanup: return( ret ); } +#if !defined(MBEDTLS_MD_SINGLE_HASH) int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) { - mbedtls_md_handle_t md_info; - if( ctx == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - - md_info = mbedtls_md_get_handle( ctx ); - if( md_info == MBEDTLS_MD_INVALID_HANDLE ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - - return( mbedtls_md_info_process( md_info, ctx->md_ctx, data ) ); + return( mbedtls_md_process_internal( ctx, data ) ); } +#endif /* !MBEDTLS_MD_SINGLE_HASH */ unsigned char mbedtls_md_get_size( mbedtls_md_handle_t md_info ) { From d73aabd1c23c8c3debd3eb2b29ab25cecf72bcb6 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 4 Sep 2019 15:14:51 +0100 Subject: [PATCH 24/37] Fixup: Declare digest info structures as static They're defined and used within library/md.c only and hence need not be of external linkage. --- library/md.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/library/md.c b/library/md.c index 09985328f..5e9c5b404 100644 --- a/library/md.c +++ b/library/md.c @@ -59,7 +59,7 @@ * MD-2 */ #if defined(MBEDTLS_MD2_C) -const mbedtls_md_info_t mbedtls_md2_info = { +static const mbedtls_md_info_t mbedtls_md2_info = { MBEDTLS_MD_MD2, "MD2", 16, @@ -80,7 +80,7 @@ const mbedtls_md_info_t mbedtls_md2_info = { */ #if defined(MBEDTLS_MD4_C) -const mbedtls_md_info_t mbedtls_md4_info = { +static const mbedtls_md_info_t mbedtls_md4_info = { MBEDTLS_MD_MD4, "MD4", 16, @@ -101,7 +101,7 @@ const mbedtls_md_info_t mbedtls_md4_info = { */ #if defined(MBEDTLS_MD5_C) -const mbedtls_md_info_t mbedtls_md5_info = { +static const mbedtls_md_info_t mbedtls_md5_info = { MBEDTLS_MD_MD5, "MD5", 16, @@ -122,7 +122,7 @@ const mbedtls_md_info_t mbedtls_md5_info = { */ #if defined(MBEDTLS_RIPEMD160_C) -const mbedtls_md_info_t mbedtls_ripemd160_info = { +static const mbedtls_md_info_t mbedtls_ripemd160_info = { MBEDTLS_MD_RIPEMD160, "RIPEMD160", 20, @@ -143,7 +143,7 @@ const mbedtls_md_info_t mbedtls_ripemd160_info = { */ #if defined(MBEDTLS_SHA1_C) -const mbedtls_md_info_t mbedtls_sha1_info = { +static const mbedtls_md_info_t mbedtls_sha1_info = { MBEDTLS_MD_SHA1, "SHA1", 20, @@ -165,7 +165,7 @@ const mbedtls_md_info_t mbedtls_sha1_info = { #if defined(MBEDTLS_SHA256_C) #if !defined(MBEDTLS_SHA256_NO_SHA224) -const mbedtls_md_info_t mbedtls_sha224_info = { +static const mbedtls_md_info_t mbedtls_sha224_info = { MBEDTLS_MD_SHA224, "SHA224", 28, @@ -180,7 +180,7 @@ const mbedtls_md_info_t mbedtls_sha224_info = { mbedtls_sha224_process_wrap, }; #endif /* !MBEDTLS_SHA256_NO_SHA224 */ -const mbedtls_md_info_t mbedtls_sha256_info = +static const mbedtls_md_info_t mbedtls_sha256_info = MBEDTLS_MD_INFO( MBEDTLS_MD_INFO_SHA256 ); #endif /* MBEDTLS_SHA256_C */ @@ -189,7 +189,7 @@ const mbedtls_md_info_t mbedtls_sha256_info = */ #if defined(MBEDTLS_SHA512_C) -const mbedtls_md_info_t mbedtls_sha384_info = { +static const mbedtls_md_info_t mbedtls_sha384_info = { MBEDTLS_MD_SHA384, "SHA384", 48, @@ -203,7 +203,7 @@ const mbedtls_md_info_t mbedtls_sha384_info = { mbedtls_sha384_clone_wrap, mbedtls_sha384_process_wrap, }; -const mbedtls_md_info_t mbedtls_sha512_info = { +static const mbedtls_md_info_t mbedtls_sha512_info = { MBEDTLS_MD_SHA512, "SHA512", 64, From 7a78fe409bc74cbc9168291d6b9870274a040923 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 4 Sep 2019 15:41:21 +0100 Subject: [PATCH 25/37] Fixup: Avoid unused function warning for MD wrappers --- include/mbedtls/md_internal.h | 112 +++++++++++++++++----------------- 1 file changed, 57 insertions(+), 55 deletions(-) diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index b1bb7e332..53742fd9a 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -69,6 +69,8 @@ extern "C" { #endif +#define MBEDTLS_MD_WRAPPER MBEDTLS_ALWAYS_INLINE static inline + /* * Message-digest information macro definition */ @@ -216,23 +218,23 @@ struct mbedtls_md_info_t #if defined(MBEDTLS_MD2_C) -static int mbedtls_md2_starts_wrap( void *ctx ) +MBEDTLS_MD_WRAPPER int mbedtls_md2_starts_wrap( void *ctx ) { return( mbedtls_md2_starts_ret( (mbedtls_md2_context *) ctx ) ); } -static int mbedtls_md2_update_wrap( void *ctx, const unsigned char *input, +MBEDTLS_MD_WRAPPER int mbedtls_md2_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { return( mbedtls_md2_update_ret( (mbedtls_md2_context *) ctx, input, ilen ) ); } -static int mbedtls_md2_finish_wrap( void *ctx, unsigned char *output ) +MBEDTLS_MD_WRAPPER int mbedtls_md2_finish_wrap( void *ctx, unsigned char *output ) { return( mbedtls_md2_finish_ret( (mbedtls_md2_context *) ctx, output ) ); } -static void* mbedtls_md2_ctx_alloc( void ) +MBEDTLS_MD_WRAPPER void* mbedtls_md2_ctx_alloc( void ) { void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md2_context ) ); @@ -242,19 +244,19 @@ static void* mbedtls_md2_ctx_alloc( void ) return( ctx ); } -static void mbedtls_md2_ctx_free( void *ctx ) +MBEDTLS_MD_WRAPPER void mbedtls_md2_ctx_free( void *ctx ) { mbedtls_md2_free( (mbedtls_md2_context *) ctx ); mbedtls_free( ctx ); } -static void mbedtls_md2_clone_wrap( void *dst, const void *src ) +MBEDTLS_MD_WRAPPER void mbedtls_md2_clone_wrap( void *dst, const void *src ) { mbedtls_md2_clone( (mbedtls_md2_context *) dst, (const mbedtls_md2_context *) src ); } -static int mbedtls_md2_process_wrap( void *ctx, const unsigned char *data ) +MBEDTLS_MD_WRAPPER int mbedtls_md2_process_wrap( void *ctx, const unsigned char *data ) { ((void) data); @@ -269,23 +271,23 @@ static int mbedtls_md2_process_wrap( void *ctx, const unsigned char *data ) #if defined(MBEDTLS_MD4_C) -static int mbedtls_md4_starts_wrap( void *ctx ) +MBEDTLS_MD_WRAPPER int mbedtls_md4_starts_wrap( void *ctx ) { return( mbedtls_md4_starts_ret( (mbedtls_md4_context *) ctx ) ); } -static int mbedtls_md4_update_wrap( void *ctx, const unsigned char *input, +MBEDTLS_MD_WRAPPER int mbedtls_md4_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { return( mbedtls_md4_update_ret( (mbedtls_md4_context *) ctx, input, ilen ) ); } -static int mbedtls_md4_finish_wrap( void *ctx, unsigned char *output ) +MBEDTLS_MD_WRAPPER int mbedtls_md4_finish_wrap( void *ctx, unsigned char *output ) { return( mbedtls_md4_finish_ret( (mbedtls_md4_context *) ctx, output ) ); } -static void* mbedtls_md4_ctx_alloc( void ) +MBEDTLS_MD_WRAPPER void* mbedtls_md4_ctx_alloc( void ) { void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md4_context ) ); @@ -295,19 +297,19 @@ static void* mbedtls_md4_ctx_alloc( void ) return( ctx ); } -static void mbedtls_md4_ctx_free( void *ctx ) +MBEDTLS_MD_WRAPPER void mbedtls_md4_ctx_free( void *ctx ) { mbedtls_md4_free( (mbedtls_md4_context *) ctx ); mbedtls_free( ctx ); } -static void mbedtls_md4_clone_wrap( void *dst, const void *src ) +MBEDTLS_MD_WRAPPER void mbedtls_md4_clone_wrap( void *dst, const void *src ) { mbedtls_md4_clone( (mbedtls_md4_context *) dst, (const mbedtls_md4_context *) src ); } -static int mbedtls_md4_process_wrap( void *ctx, const unsigned char *data ) +MBEDTLS_MD_WRAPPER int mbedtls_md4_process_wrap( void *ctx, const unsigned char *data ) { return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) ); } @@ -320,23 +322,23 @@ static int mbedtls_md4_process_wrap( void *ctx, const unsigned char *data ) #if defined(MBEDTLS_MD5_C) -static int mbedtls_md5_starts_wrap( void *ctx ) +MBEDTLS_MD_WRAPPER int mbedtls_md5_starts_wrap( void *ctx ) { return( mbedtls_md5_starts_ret( (mbedtls_md5_context *) ctx ) ); } -static int mbedtls_md5_update_wrap( void *ctx, const unsigned char *input, +MBEDTLS_MD_WRAPPER int mbedtls_md5_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { return( mbedtls_md5_update_ret( (mbedtls_md5_context *) ctx, input, ilen ) ); } -static int mbedtls_md5_finish_wrap( void *ctx, unsigned char *output ) +MBEDTLS_MD_WRAPPER int mbedtls_md5_finish_wrap( void *ctx, unsigned char *output ) { return( mbedtls_md5_finish_ret( (mbedtls_md5_context *) ctx, output ) ); } -static void* mbedtls_md5_ctx_alloc( void ) +MBEDTLS_MD_WRAPPER void* mbedtls_md5_ctx_alloc( void ) { void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md5_context ) ); @@ -346,19 +348,19 @@ static void* mbedtls_md5_ctx_alloc( void ) return( ctx ); } -static void mbedtls_md5_ctx_free( void *ctx ) +MBEDTLS_MD_WRAPPER void mbedtls_md5_ctx_free( void *ctx ) { mbedtls_md5_free( (mbedtls_md5_context *) ctx ); mbedtls_free( ctx ); } -static void mbedtls_md5_clone_wrap( void *dst, const void *src ) +MBEDTLS_MD_WRAPPER void mbedtls_md5_clone_wrap( void *dst, const void *src ) { mbedtls_md5_clone( (mbedtls_md5_context *) dst, (const mbedtls_md5_context *) src ); } -static int mbedtls_md5_process_wrap( void *ctx, const unsigned char *data ) +MBEDTLS_MD_WRAPPER int mbedtls_md5_process_wrap( void *ctx, const unsigned char *data ) { return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) ); } @@ -371,25 +373,25 @@ static int mbedtls_md5_process_wrap( void *ctx, const unsigned char *data ) #if defined(MBEDTLS_RIPEMD160_C) -static int mbedtls_ripemd160_starts_wrap( void *ctx ) +MBEDTLS_MD_WRAPPER int mbedtls_ripemd160_starts_wrap( void *ctx ) { return( mbedtls_ripemd160_starts_ret( (mbedtls_ripemd160_context *) ctx ) ); } -static int mbedtls_ripemd160_update_wrap( void *ctx, const unsigned char *input, +MBEDTLS_MD_WRAPPER int mbedtls_ripemd160_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { return( mbedtls_ripemd160_update_ret( (mbedtls_ripemd160_context *) ctx, input, ilen ) ); } -static int mbedtls_ripemd160_finish_wrap( void *ctx, unsigned char *output ) +MBEDTLS_MD_WRAPPER int mbedtls_ripemd160_finish_wrap( void *ctx, unsigned char *output ) { return( mbedtls_ripemd160_finish_ret( (mbedtls_ripemd160_context *) ctx, output ) ); } -static void* mbedtls_ripemd160_ctx_alloc( void ) +MBEDTLS_MD_WRAPPER void* mbedtls_ripemd160_ctx_alloc( void ) { void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ripemd160_context ) ); @@ -399,19 +401,19 @@ static void* mbedtls_ripemd160_ctx_alloc( void ) return( ctx ); } -static void mbedtls_ripemd160_ctx_free( void *ctx ) +MBEDTLS_MD_WRAPPER void mbedtls_ripemd160_ctx_free( void *ctx ) { mbedtls_ripemd160_free( (mbedtls_ripemd160_context *) ctx ); mbedtls_free( ctx ); } -static void mbedtls_ripemd160_clone_wrap( void *dst, const void *src ) +MBEDTLS_MD_WRAPPER void mbedtls_ripemd160_clone_wrap( void *dst, const void *src ) { mbedtls_ripemd160_clone( (mbedtls_ripemd160_context *) dst, (const mbedtls_ripemd160_context *) src ); } -static int mbedtls_ripemd160_process_wrap( void *ctx, const unsigned char *data ) +MBEDTLS_MD_WRAPPER int mbedtls_ripemd160_process_wrap( void *ctx, const unsigned char *data ) { return( mbedtls_internal_ripemd160_process( (mbedtls_ripemd160_context *) ctx, data ) ); @@ -425,24 +427,24 @@ static int mbedtls_ripemd160_process_wrap( void *ctx, const unsigned char *data #if defined(MBEDTLS_SHA1_C) -static int mbedtls_sha1_starts_wrap( void *ctx ) +MBEDTLS_MD_WRAPPER int mbedtls_sha1_starts_wrap( void *ctx ) { return( mbedtls_sha1_starts_ret( (mbedtls_sha1_context *) ctx ) ); } -static int mbedtls_sha1_update_wrap( void *ctx, const unsigned char *input, +MBEDTLS_MD_WRAPPER int mbedtls_sha1_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { return( mbedtls_sha1_update_ret( (mbedtls_sha1_context *) ctx, input, ilen ) ); } -static int mbedtls_sha1_finish_wrap( void *ctx, unsigned char *output ) +MBEDTLS_MD_WRAPPER int mbedtls_sha1_finish_wrap( void *ctx, unsigned char *output ) { return( mbedtls_sha1_finish_ret( (mbedtls_sha1_context *) ctx, output ) ); } -static void* mbedtls_sha1_ctx_alloc( void ) +MBEDTLS_MD_WRAPPER void* mbedtls_sha1_ctx_alloc( void ) { void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha1_context ) ); @@ -452,19 +454,19 @@ static void* mbedtls_sha1_ctx_alloc( void ) return( ctx ); } -static void mbedtls_sha1_clone_wrap( void *dst, const void *src ) +MBEDTLS_MD_WRAPPER void mbedtls_sha1_clone_wrap( void *dst, const void *src ) { mbedtls_sha1_clone( (mbedtls_sha1_context *) dst, (const mbedtls_sha1_context *) src ); } -static void mbedtls_sha1_ctx_free( void *ctx ) +MBEDTLS_MD_WRAPPER void mbedtls_sha1_ctx_free( void *ctx ) { mbedtls_sha1_free( (mbedtls_sha1_context *) ctx ); mbedtls_free( ctx ); } -static int mbedtls_sha1_process_wrap( void *ctx, const unsigned char *data ) +MBEDTLS_MD_WRAPPER int mbedtls_sha1_process_wrap( void *ctx, const unsigned char *data ) { return( mbedtls_internal_sha1_process( (mbedtls_sha1_context *) ctx, data ) ); @@ -479,34 +481,34 @@ static int mbedtls_sha1_process_wrap( void *ctx, const unsigned char *data ) #if defined(MBEDTLS_SHA256_C) #if !defined(MBEDTLS_SHA256_NO_SHA224) -static int mbedtls_sha224_starts_wrap( void *ctx ) +MBEDTLS_MD_WRAPPER int mbedtls_sha224_starts_wrap( void *ctx ) { return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) ); } #endif /* !MBEDTLS_SHA256_NO_SHA224 */ -static int mbedtls_sha224_update_wrap( void *ctx, const unsigned char *input, +MBEDTLS_MD_WRAPPER int mbedtls_sha224_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { return( mbedtls_sha256_update_ret( (mbedtls_sha256_context *) ctx, input, ilen ) ); } -static int mbedtls_sha224_finish_wrap( void *ctx, unsigned char *output ) +MBEDTLS_MD_WRAPPER int mbedtls_sha224_finish_wrap( void *ctx, unsigned char *output ) { return( mbedtls_sha256_finish_ret( (mbedtls_sha256_context *) ctx, output ) ); } #if !defined(MBEDTLS_SHA256_NO_SHA224) -static int mbedtls_sha224_wrap( const unsigned char *input, size_t ilen, +MBEDTLS_MD_WRAPPER int mbedtls_sha224_wrap( const unsigned char *input, size_t ilen, unsigned char *output ) { return( mbedtls_sha256_ret( input, ilen, output, 1 ) ); } #endif /* !MBEDTLS_SHA256_NO_SHA224 */ -static void* mbedtls_sha224_ctx_alloc( void ) +MBEDTLS_MD_WRAPPER void* mbedtls_sha224_ctx_alloc( void ) { void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha256_context ) ); @@ -516,30 +518,30 @@ static void* mbedtls_sha224_ctx_alloc( void ) return( ctx ); } -static void mbedtls_sha224_ctx_free( void *ctx ) +MBEDTLS_MD_WRAPPER void mbedtls_sha224_ctx_free( void *ctx ) { mbedtls_sha256_free( (mbedtls_sha256_context *) ctx ); mbedtls_free( ctx ); } -static void mbedtls_sha224_clone_wrap( void *dst, const void *src ) +MBEDTLS_MD_WRAPPER void mbedtls_sha224_clone_wrap( void *dst, const void *src ) { mbedtls_sha256_clone( (mbedtls_sha256_context *) dst, (const mbedtls_sha256_context *) src ); } -static int mbedtls_sha224_process_wrap( void *ctx, const unsigned char *data ) +MBEDTLS_MD_WRAPPER int mbedtls_sha224_process_wrap( void *ctx, const unsigned char *data ) { return( mbedtls_internal_sha256_process( (mbedtls_sha256_context *) ctx, data ) ); } -static int mbedtls_sha256_starts_wrap( void *ctx ) +MBEDTLS_MD_WRAPPER int mbedtls_sha256_starts_wrap( void *ctx ) { return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 0 ) ); } -static int mbedtls_sha256_wrap( const unsigned char *input, size_t ilen, +MBEDTLS_MD_WRAPPER int mbedtls_sha256_wrap( const unsigned char *input, size_t ilen, unsigned char *output ) { return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); @@ -553,31 +555,31 @@ static int mbedtls_sha256_wrap( const unsigned char *input, size_t ilen, #if defined(MBEDTLS_SHA512_C) -static int mbedtls_sha384_starts_wrap( void *ctx ) +MBEDTLS_MD_WRAPPER int mbedtls_sha384_starts_wrap( void *ctx ) { return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 1 ) ); } -static int mbedtls_sha384_update_wrap( void *ctx, const unsigned char *input, +MBEDTLS_MD_WRAPPER int mbedtls_sha384_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { return( mbedtls_sha512_update_ret( (mbedtls_sha512_context *) ctx, input, ilen ) ); } -static int mbedtls_sha384_finish_wrap( void *ctx, unsigned char *output ) +MBEDTLS_MD_WRAPPER int mbedtls_sha384_finish_wrap( void *ctx, unsigned char *output ) { return( mbedtls_sha512_finish_ret( (mbedtls_sha512_context *) ctx, output ) ); } -static int mbedtls_sha384_wrap( const unsigned char *input, size_t ilen, +MBEDTLS_MD_WRAPPER int mbedtls_sha384_wrap( const unsigned char *input, size_t ilen, unsigned char *output ) { return( mbedtls_sha512_ret( input, ilen, output, 1 ) ); } -static void* mbedtls_sha384_ctx_alloc( void ) +MBEDTLS_MD_WRAPPER void* mbedtls_sha384_ctx_alloc( void ) { void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha512_context ) ); @@ -587,30 +589,30 @@ static void* mbedtls_sha384_ctx_alloc( void ) return( ctx ); } -static void mbedtls_sha384_ctx_free( void *ctx ) +MBEDTLS_MD_WRAPPER void mbedtls_sha384_ctx_free( void *ctx ) { mbedtls_sha512_free( (mbedtls_sha512_context *) ctx ); mbedtls_free( ctx ); } -static void mbedtls_sha384_clone_wrap( void *dst, const void *src ) +MBEDTLS_MD_WRAPPER void mbedtls_sha384_clone_wrap( void *dst, const void *src ) { mbedtls_sha512_clone( (mbedtls_sha512_context *) dst, (const mbedtls_sha512_context *) src ); } -static int mbedtls_sha384_process_wrap( void *ctx, const unsigned char *data ) +MBEDTLS_MD_WRAPPER int mbedtls_sha384_process_wrap( void *ctx, const unsigned char *data ) { return( mbedtls_internal_sha512_process( (mbedtls_sha512_context *) ctx, data ) ); } -static int mbedtls_sha512_starts_wrap( void *ctx ) +MBEDTLS_MD_WRAPPER int mbedtls_sha512_starts_wrap( void *ctx ) { return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 0 ) ); } -static int mbedtls_sha512_wrap( const unsigned char *input, size_t ilen, +MBEDTLS_MD_WRAPPER int mbedtls_sha512_wrap( const unsigned char *input, size_t ilen, unsigned char *output ) { return( mbedtls_sha512_ret( input, ilen, output, 0 ) ); From c290847719f897ffd5cfe58ae59d2dc3aec58aea Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 4 Sep 2019 16:56:11 +0100 Subject: [PATCH 26/37] Fixup md.h: Fix use of `inline` keyword in MSVC --- include/mbedtls/md.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 104c5777a..277656884 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -35,6 +35,11 @@ #include MBEDTLS_CONFIG_FILE #endif +#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ + !defined(inline) && !defined(__cplusplus) +#define inline __inline +#endif + #define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */ #define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */ From 6deddf761a18e58df6f9c430dae1fba1d8658f1f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 5 Sep 2019 11:17:30 +0100 Subject: [PATCH 27/37] MD: Introduce macro for underlying context type --- include/mbedtls/md_internal.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index 53742fd9a..4c08f8501 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -80,6 +80,7 @@ extern "C" { /* SHA-256 */ #define MBEDTLS_MD_INFO_SHA256_TYPE MBEDTLS_MD_SHA256 +#define MBEDTLS_MD_INFO_SHA256_CTX_TYPE mbedtls_sha256_context #define MBEDTLS_MD_INFO_SHA256_NAME "SHA256" #define MBEDTLS_MD_INFO_SHA256_SIZE 32 #define MBEDTLS_MD_INFO_SHA256_BLOCKSIZE 64 @@ -96,6 +97,7 @@ extern "C" { * Helper macros to extract fields from ciphersuites. */ +#define MBEDTLS_MD_INFO_CTX_TYPE_T( MD ) MD ## _CTX_TYPE #define MBEDTLS_MD_INFO_TYPE_T( MD ) MD ## _TYPE #define MBEDTLS_MD_INFO_NAME_T( MD ) MD ## _NAME #define MBEDTLS_MD_INFO_SIZE_T( MD ) MD ## _SIZE @@ -114,6 +116,7 @@ extern "C" { * field name. This allows to call these macros as * MBEDTLS_MD_INFO_XXX( MBEDTLS_MD_SINGLE_HASH ). * where MBEDTLS_MD_SINGLE_HASH expands to MBEDTLS_MD_INFO_XXX. */ +#define MBEDTLS_MD_INFO_CTX_TYPE( MD ) MBEDTLS_MD_INFO_CTX_TYPE_T( MD ) #define MBEDTLS_MD_INFO_TYPE( MD ) MBEDTLS_MD_INFO_TYPE_T( MD ) #define MBEDTLS_MD_INFO_NAME( MD ) MBEDTLS_MD_INFO_NAME_T( MD ) #define MBEDTLS_MD_INFO_SIZE( MD ) MBEDTLS_MD_INFO_SIZE_T( MD ) From 4a99765f941a6dd6e36fae7c28ee4e12e977720a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 5 Sep 2019 11:55:25 +0100 Subject: [PATCH 28/37] MD: Introduce macro for initialization function --- include/mbedtls/md_internal.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index 4c08f8501..2cd518577 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -81,6 +81,7 @@ extern "C" { /* SHA-256 */ #define MBEDTLS_MD_INFO_SHA256_TYPE MBEDTLS_MD_SHA256 #define MBEDTLS_MD_INFO_SHA256_CTX_TYPE mbedtls_sha256_context +#define MBEDTLS_MD_INFO_SHA256_INIT_FUNC mbedtls_sha256_init #define MBEDTLS_MD_INFO_SHA256_NAME "SHA256" #define MBEDTLS_MD_INFO_SHA256_SIZE 32 #define MBEDTLS_MD_INFO_SHA256_BLOCKSIZE 64 @@ -98,6 +99,7 @@ extern "C" { */ #define MBEDTLS_MD_INFO_CTX_TYPE_T( MD ) MD ## _CTX_TYPE +#define MBEDTLS_MD_INFO_INIT_FUNC_T( MD ) MD ## _INIT_FUNC #define MBEDTLS_MD_INFO_TYPE_T( MD ) MD ## _TYPE #define MBEDTLS_MD_INFO_NAME_T( MD ) MD ## _NAME #define MBEDTLS_MD_INFO_SIZE_T( MD ) MD ## _SIZE @@ -117,6 +119,7 @@ extern "C" { * MBEDTLS_MD_INFO_XXX( MBEDTLS_MD_SINGLE_HASH ). * where MBEDTLS_MD_SINGLE_HASH expands to MBEDTLS_MD_INFO_XXX. */ #define MBEDTLS_MD_INFO_CTX_TYPE( MD ) MBEDTLS_MD_INFO_CTX_TYPE_T( MD ) +#define MBEDTLS_MD_INFO_INIT_FUNC( MD ) MBEDTLS_MD_INFO_INIT_FUNC_T( MD ) #define MBEDTLS_MD_INFO_TYPE( MD ) MBEDTLS_MD_INFO_TYPE_T( MD ) #define MBEDTLS_MD_INFO_NAME( MD ) MBEDTLS_MD_INFO_NAME_T( MD ) #define MBEDTLS_MD_INFO_SIZE( MD ) MBEDTLS_MD_INFO_SIZE_T( MD ) @@ -764,6 +767,14 @@ MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update( ( ctx, input, ilen ) ); } +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_init( + mbedtls_md_handle_t info, + void *ctx ) +{ + ((void) info); + MBEDTLS_MD_INFO_INIT_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx ); +} + MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish( mbedtls_md_handle_t info, void *ctx, From 52e36bc1a1d40d023f66cfec371200ac4a089d5d Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 5 Sep 2019 13:02:52 +0100 Subject: [PATCH 29/37] MD: Embed digest context structure into MD wrapper context --- include/mbedtls/md.h | 13 +++++++++++-- library/md.c | 11 ++++++++++- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 277656884..942d1f53e 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -108,6 +108,8 @@ typedef int mbedtls_md_handle_t; #endif /* !MBEDTLS_MD_SINGLE_HASH */ +#include "md_internal.h" + /** * The generic message-digest context. */ @@ -118,11 +120,20 @@ typedef struct mbedtls_md_context_t mbedtls_md_handle_t md_info; #endif +#if !defined(MBEDTLS_MD_SINGLE_HASH) /** The digest-specific context. */ void *md_ctx; /** The HMAC part of the context. */ void *hmac_ctx; +#else + unsigned char md_ctx[ sizeof( MBEDTLS_MD_INFO_CTX_TYPE( + MBEDTLS_MD_SINGLE_HASH ) ) ]; + + unsigned char hmac_ctx[ 2 * MBEDTLS_MD_INFO_BLOCKSIZE( + MBEDTLS_MD_SINGLE_HASH ) ]; + +#endif /* MBEDTLS_MD_SINGLE_HASH */ } mbedtls_md_context_t; #if !defined(MBEDTLS_MD_SINGLE_HASH) @@ -140,8 +151,6 @@ static inline mbedtls_md_handle_t mbedtls_md_get_handle( } #endif /* !MBEDTLS_MD_SINGLE_HASH */ -#include "md_internal.h" - /** * \brief This function returns the list of digests supported by the * generic digest module. diff --git a/library/md.c b/library/md.c index 5e9c5b404..accf301ba 100644 --- a/library/md.c +++ b/library/md.c @@ -388,6 +388,11 @@ mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) void mbedtls_md_init( mbedtls_md_context_t *ctx ) { memset( ctx, 0, sizeof( mbedtls_md_context_t ) ); + +#if defined(MBEDTLS_MD_SINGLE_HASH) + mbedtls_md_info_init( mbedtls_md_get_handle( ctx ), + ctx->md_ctx ); +#endif } void mbedtls_md_free( mbedtls_md_context_t *ctx ) @@ -395,6 +400,7 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) if( ctx == NULL || mbedtls_md_get_handle( ctx ) == MBEDTLS_MD_INVALID_HANDLE ) return; +#if !defined(MBEDTLS_MD_SINGLE_HASH) if( ctx->md_ctx != NULL ) { mbedtls_md_info_ctx_free( mbedtls_md_get_handle( ctx ), ctx->md_ctx ); @@ -406,6 +412,7 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) 2 * mbedtls_md_info_block_size( mbedtls_md_get_handle( ctx ) ) ); mbedtls_free( ctx->hmac_ctx ); } +#endif /* MBEDTLS_MD_SINGLE_HASH */ mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md_context_t ) ); } @@ -437,6 +444,7 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, in if( md_info == MBEDTLS_MD_INVALID_HANDLE || ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); +#if !defined(MBEDTLS_MD_SINGLE_HASH) ctx->md_ctx = mbedtls_md_info_ctx_alloc( md_info ); if( ctx->md_ctx == NULL ) return( MBEDTLS_ERR_MD_ALLOC_FAILED ); @@ -452,8 +460,9 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, in } } -#if !defined(MBEDTLS_MD_SINGLE_HASH) ctx->md_info = md_info; +#else + ((void) hmac); #endif return( 0 ); From 64b0623cbbd0b9ee397d5137324376c426b4e8d3 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 5 Sep 2019 13:02:32 +0100 Subject: [PATCH 30/37] MD: Implement config dep'n inlining of mbedtls_md_setup() --- include/mbedtls/md.h | 41 ++++++++++++++++++++++++++++++++++++++++- library/md.c | 28 ++-------------------------- 2 files changed, 42 insertions(+), 27 deletions(-) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 942d1f53e..3b847b4a0 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -256,7 +256,9 @@ int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info * failure. * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. */ -int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac ); +MBEDTLS_MD_INLINABLE_API int mbedtls_md_setup( mbedtls_md_context_t *ctx, + mbedtls_md_handle_t md_info, + int hmac ); /** * \brief This function clones the state of an message-digest @@ -531,6 +533,36 @@ MBEDTLS_MD_INLINABLE_API int mbedtls_md_process( mbedtls_md_context_t *ctx, * implemented either here or in md.c, and forward to the wrappers. */ +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_setup_internal( + mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac ) +{ + if( md_info == MBEDTLS_MD_INVALID_HANDLE || ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + +#if !defined(MBEDTLS_MD_SINGLE_HASH) + ctx->md_ctx = mbedtls_md_info_ctx_alloc( md_info ); + if( ctx->md_ctx == NULL ) + return( MBEDTLS_ERR_MD_ALLOC_FAILED ); + + if( hmac != 0 ) + { + ctx->hmac_ctx = mbedtls_calloc( 2, + mbedtls_md_info_block_size( md_info ) ); + if( ctx->hmac_ctx == NULL ) + { + mbedtls_md_info_ctx_free( md_info, ctx->md_ctx); + return( MBEDTLS_ERR_MD_ALLOC_FAILED ); + } + } + + ctx->md_info = md_info; +#else + ((void) hmac); +#endif /* MBEDTLS_MD_SINGLE_HASH */ + + return( 0 ); +} + MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_starts_internal( mbedtls_md_context_t *ctx ) { @@ -605,6 +637,13 @@ MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_process_internal( } #if defined(MBEDTLS_MD_SINGLE_HASH) + +MBEDTLS_MD_INLINABLE_API int mbedtls_md_setup( + mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac ) +{ + return( mbedtls_md_setup_internal( ctx, md_info, hmac ) ); +} + MBEDTLS_MD_INLINABLE_API int mbedtls_md_starts( mbedtls_md_context_t *ctx ) { diff --git a/library/md.c b/library/md.c index accf301ba..df010ae27 100644 --- a/library/md.c +++ b/library/md.c @@ -439,36 +439,12 @@ int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info } #endif +#if !defined(MBEDTLS_MD_SINGLE_HASH) int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac ) { - if( md_info == MBEDTLS_MD_INVALID_HANDLE || ctx == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - -#if !defined(MBEDTLS_MD_SINGLE_HASH) - ctx->md_ctx = mbedtls_md_info_ctx_alloc( md_info ); - if( ctx->md_ctx == NULL ) - return( MBEDTLS_ERR_MD_ALLOC_FAILED ); - - if( hmac != 0 ) - { - ctx->hmac_ctx = mbedtls_calloc( 2, - mbedtls_md_info_block_size( md_info ) ); - if( ctx->hmac_ctx == NULL ) - { - mbedtls_md_info_ctx_free( md_info, ctx->md_ctx ); - return( MBEDTLS_ERR_MD_ALLOC_FAILED ); - } - } - - ctx->md_info = md_info; -#else - ((void) hmac); -#endif - - return( 0 ); + return( mbedtls_md_setup_internal( ctx, md_info, hmac ) ); } -#if !defined(MBEDTLS_MD_SINGLE_HASH) int mbedtls_md_starts( mbedtls_md_context_t *ctx ) { return( mbedtls_md_starts_internal( ctx ) ); From 94f48e00523ad931f9db4a34b02b92c28298101f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 5 Sep 2019 13:02:57 +0100 Subject: [PATCH 31/37] MD: Use no-op for context SHA-256 init() and free() When MBEDTLS_MD_SINGLE_HASH is set, the underlying digest's context is embedded into mbedtls_md_context_t, which is zeroized before the underlying digest's init() function is called. For those digests where initialization is zeroization, the init() call can therefore be omitted. Similarly, when free()-ing an mbedtls_md_context_t, the entire context is zeroized in the end, hence if the underlying digest's free() function is zeroization, it can be omitted. --- include/mbedtls/md_internal.h | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index 2cd518577..d44c8af73 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -79,9 +79,21 @@ extern "C" { //#define MBEDTLS_MD_INFO_SHA256 /* SHA-256 */ +static inline void mbedtls_md_sha256_init_free_dummy( void* ctx ) +{ + /* Zero-initialization can be skipped. */ + ((void) ctx); +} #define MBEDTLS_MD_INFO_SHA256_TYPE MBEDTLS_MD_SHA256 #define MBEDTLS_MD_INFO_SHA256_CTX_TYPE mbedtls_sha256_context +#if defined(MBEDTLS_MD_SINGLE_HASH) +/* mbedtls_md_sha256_init() only zeroizes, which is redundant + * because mbedtls_md_context is zeroized in mbedtls_md_init(), + * and the mbedtls_sha256_context is embedded in mbedtls_md_context_t. */ +#define MBEDTLS_MD_INFO_SHA256_INIT_FUNC mbedtls_md_sha256_init_free_dummy +#else #define MBEDTLS_MD_INFO_SHA256_INIT_FUNC mbedtls_sha256_init +#endif /* MBEDTLS_MD_SINGLE_HASH */ #define MBEDTLS_MD_INFO_SHA256_NAME "SHA256" #define MBEDTLS_MD_INFO_SHA256_SIZE 32 #define MBEDTLS_MD_INFO_SHA256_BLOCKSIZE 64 @@ -90,7 +102,14 @@ extern "C" { #define MBEDTLS_MD_INFO_SHA256_FINISH_FUNC mbedtls_sha224_finish_wrap #define MBEDTLS_MD_INFO_SHA256_DIGEST_FUNC mbedtls_sha256_wrap #define MBEDTLS_MD_INFO_SHA256_ALLOC_FUNC mbedtls_sha224_ctx_alloc +#if defined(MBEDTLS_MD_SINGLE_HASH) +/* mbedtls_md_sha256_free() only zeroizes, which is redundant + * because mbedtls_md_context is zeroized in mbedtls_md_init(), + * and the mbedtls_sha256_context is embedded in mbedtls_md_context_t. */ +#define MBEDTLS_MD_INFO_SHA256_FREE_FUNC mbedtls_md_sha256_init_free_dummy +#else #define MBEDTLS_MD_INFO_SHA256_FREE_FUNC mbedtls_sha224_ctx_free +#endif /* MBEDTLS_MD_SINGLE_HASH */ #define MBEDTLS_MD_INFO_SHA256_CLONE_FUNC mbedtls_sha224_clone_wrap #define MBEDTLS_MD_INFO_SHA256_PROCESS_FUNC mbedtls_sha224_process_wrap From 3252c4d913fa58157950d75ced27f6e7aaa1ebb5 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 5 Sep 2019 15:03:56 +0100 Subject: [PATCH 32/37] Fixup MD: Avoid always-false pointer comparison When MBEDTLS_MD_SINGLE_HASH is set, both the underlying digest context and the HMAC data are embedded into the mbedtls_md_context; otherwise, they're dynamically allocated and referenced from mbedtls_md_context. When the HMAC data is embedded in mbedtls_md_context, it's unnecessary to check whether mbedtls_md_context::hmac_ctx is NULL, because that's never the case in defined behaviour, but the check has kept for uniformity so far. However, contrary to the expectation that compilers would silently remove this check as always false, ARMC6 complains about it, breaking some tests in all.sh. This commit fixes this by guarding checks for mbedtls_md_context::hmac_ctx == NULL by !MBEDTLS_MD_SINGLE_HASH. --- library/md.c | 28 ++++++++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/library/md.c b/library/md.c index df010ae27..882942e13 100644 --- a/library/md.c +++ b/library/md.c @@ -529,9 +529,14 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, mbedtls_md_handle_t md_info; - if( ctx == NULL || ctx->hmac_ctx == NULL ) + if( ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); +#if !defined(MBEDTLS_MD_SINGLE_HASH) + if( ctx->hmac_ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); +#endif /* !MBEDTLS_MD_SINGLE_HASH */ + md_info = mbedtls_md_get_handle( ctx ); if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); @@ -587,9 +592,14 @@ int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, { mbedtls_md_handle_t md_info; - if( ctx == NULL || ctx->hmac_ctx == NULL ) + if( ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); +#if !defined(MBEDTLS_MD_SINGLE_HASH) + if( ctx->hmac_ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); +#endif /* !MBEDTLS_MD_SINGLE_HASH */ + md_info = mbedtls_md_get_handle( ctx ); if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); @@ -607,9 +617,14 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) mbedtls_md_handle_t md_info; - if( ctx == NULL || ctx->hmac_ctx == NULL ) + if( ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); +#if !defined(MBEDTLS_MD_SINGLE_HASH) + if( ctx->hmac_ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); +#endif /* !MBEDTLS_MD_SINGLE_HASH */ + md_info = mbedtls_md_get_handle( ctx ); if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); @@ -648,9 +663,14 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) mbedtls_md_handle_t md_info; - if( ctx == NULL || ctx->hmac_ctx == NULL ) + if( ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); +#if !defined(MBEDTLS_MD_SINGLE_HASH) + if( ctx->hmac_ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); +#endif /* !MBEDTLS_MD_SINGLE_HASH */ + md_info = mbedtls_md_get_handle( ctx ); if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); From 55fdae04f705fe71353cbe0e65a32db7a58a9497 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 6 Sep 2019 11:57:32 +0100 Subject: [PATCH 33/37] Fixup: Improve comment on helper macros in md_internal.h --- include/mbedtls/md_internal.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index d44c8af73..38f89dbea 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -132,11 +132,11 @@ static inline void mbedtls_md_sha256_init_free_dummy( void* ctx ) #define MBEDTLS_MD_INFO_CLONE_FUNC_T( MD ) MD ## _CLONE_FUNC #define MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD ) MD ## _PROCESS_FUNC -/* Wrapper around MBEDTLS_MD_INFO_XXX_T() which makes sure that +/* Wrapper around MBEDTLS_MD_INFO_{FIELD}_T() which makes sure that * the argument is macro-expanded before concatenated with the * field name. This allows to call these macros as - * MBEDTLS_MD_INFO_XXX( MBEDTLS_MD_SINGLE_HASH ). - * where MBEDTLS_MD_SINGLE_HASH expands to MBEDTLS_MD_INFO_XXX. */ + * MBEDTLS_MD_INFO_{FIELD}( MBEDTLS_MD_SINGLE_HASH ). + * where MBEDTLS_MD_SINGLE_HASH expands to MBEDTLS_MD_INFO_{DIGEST}. */ #define MBEDTLS_MD_INFO_CTX_TYPE( MD ) MBEDTLS_MD_INFO_CTX_TYPE_T( MD ) #define MBEDTLS_MD_INFO_INIT_FUNC( MD ) MBEDTLS_MD_INFO_INIT_FUNC_T( MD ) #define MBEDTLS_MD_INFO_TYPE( MD ) MBEDTLS_MD_INFO_TYPE_T( MD ) From f207562cdca8d9fb94f2f34adf2998a2fc921499 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 6 Sep 2019 11:58:41 +0100 Subject: [PATCH 34/37] Fixup: Typo in all.sh component description for single-MD hardcoding --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f1317e7c3..eec23a8a7 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -928,7 +928,7 @@ component_test_hardcoded_hash_cmake_clang() { msg "test: main suites (full config + MBEDTLS_MD_SINGLE_HASH)" # ~ 5s make test - msg "test: ssl-opt.sh default (full config + MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)" # ~ 5s + msg "test: ssl-opt.sh default (full config + MBEDTLS_MD_SINGLE_HASH)" # ~ 5s if_build_succeeded tests/ssl-opt.sh -f '^Default$\|^Default, DTLS$' } From f6cc3cd2a5132c2fb5feb68c414cf56e848d8bb4 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 6 Sep 2019 11:59:11 +0100 Subject: [PATCH 35/37] Fixup: Typo in check_config.h entry for single hash encoding --- include/mbedtls/check_config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 6955246b0..96340e88b 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -786,7 +786,7 @@ #define MBEDTLS_THREADING_IMPL #endif -/* Ensurethat precisely one hash is enabled. */ +/* Ensure that precisely one hash is enabled. */ #if defined(MBEDTLS_MD_SINGLE_HASH) #if defined(MBEDTLS_SHA256_C) From 18c8936a7338c0981838eb41ec426ed48b19128a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 6 Sep 2019 11:59:39 +0100 Subject: [PATCH 36/37] Fixup: Correct Doxygen file name primitive in md_internal.h --- include/mbedtls/md_internal.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index 38f89dbea..87f78375e 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -1,5 +1,5 @@ /** - * \file md.h + * \file md_internal.h * * \brief This file contains the generic message-digest wrapper. * From 56d1b2389ca76712769c44b506de83e652aa2d8b Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 6 Sep 2019 12:01:23 +0100 Subject: [PATCH 37/37] Fixup: Don't assume that alt SHA256 impln's have trivial init/free --- include/mbedtls/md_internal.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index 87f78375e..84944ee44 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -86,14 +86,14 @@ static inline void mbedtls_md_sha256_init_free_dummy( void* ctx ) } #define MBEDTLS_MD_INFO_SHA256_TYPE MBEDTLS_MD_SHA256 #define MBEDTLS_MD_INFO_SHA256_CTX_TYPE mbedtls_sha256_context -#if defined(MBEDTLS_MD_SINGLE_HASH) +#if defined(MBEDTLS_MD_SINGLE_HASH) && !defined(MBEDTLS_SHA256_ALT) /* mbedtls_md_sha256_init() only zeroizes, which is redundant * because mbedtls_md_context is zeroized in mbedtls_md_init(), * and the mbedtls_sha256_context is embedded in mbedtls_md_context_t. */ #define MBEDTLS_MD_INFO_SHA256_INIT_FUNC mbedtls_md_sha256_init_free_dummy #else #define MBEDTLS_MD_INFO_SHA256_INIT_FUNC mbedtls_sha256_init -#endif /* MBEDTLS_MD_SINGLE_HASH */ +#endif /* MBEDTLS_MD_SINGLE_HASH && !MBEDTLS_SHA256_ALT */ #define MBEDTLS_MD_INFO_SHA256_NAME "SHA256" #define MBEDTLS_MD_INFO_SHA256_SIZE 32 #define MBEDTLS_MD_INFO_SHA256_BLOCKSIZE 64 @@ -102,14 +102,14 @@ static inline void mbedtls_md_sha256_init_free_dummy( void* ctx ) #define MBEDTLS_MD_INFO_SHA256_FINISH_FUNC mbedtls_sha224_finish_wrap #define MBEDTLS_MD_INFO_SHA256_DIGEST_FUNC mbedtls_sha256_wrap #define MBEDTLS_MD_INFO_SHA256_ALLOC_FUNC mbedtls_sha224_ctx_alloc -#if defined(MBEDTLS_MD_SINGLE_HASH) +#if defined(MBEDTLS_MD_SINGLE_HASH) && !defined(MBEDTLS_SHA256_ALT) /* mbedtls_md_sha256_free() only zeroizes, which is redundant * because mbedtls_md_context is zeroized in mbedtls_md_init(), * and the mbedtls_sha256_context is embedded in mbedtls_md_context_t. */ #define MBEDTLS_MD_INFO_SHA256_FREE_FUNC mbedtls_md_sha256_init_free_dummy #else #define MBEDTLS_MD_INFO_SHA256_FREE_FUNC mbedtls_sha224_ctx_free -#endif /* MBEDTLS_MD_SINGLE_HASH */ +#endif /* MBEDTLS_MD_SINGLE_HASH && !MBEDTLS_SHA256_ALT */ #define MBEDTLS_MD_INFO_SHA256_CLONE_FUNC mbedtls_sha224_clone_wrap #define MBEDTLS_MD_INFO_SHA256_PROCESS_FUNC mbedtls_sha224_process_wrap