AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add int return values to SHA-256 function calls

Browse Source 
The following function calls are being deprecated to introduce int
return values.
    * mbedtls_sha256()
    * mbedtls_sha256_starts()
    * mbedtls_sha256_update()
    * mbedtls_sha256_finish()
    * mbedtls_sha256_process()
The return codes can be used to return error values. This is important
when using hardware accelerators.
This commit is contained in:
Andres Amaya Garcia 2017-05-02 11:38:47 +01:00
parent b1a8bf9725
commit 72a7f53064
2 changed files with 202 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

138
include/mbedtls/sha256.h
View File

@ -32,6 +32,11 @@
#include <stddef.h> #include <stddef.h>
#include <stdint.h> #include <stdint.h>
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if !defined(MBEDTLS_SHA256_ALT) #if !defined(MBEDTLS_SHA256_ALT)
// Regular implementation // Regular implementation
// //
@ -80,8 +85,10 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
* *
* \param ctx context to be initialized * \param ctx context to be initialized
* \param is224 0 = use SHA256, 1 = use SHA224 * \param is224 0 = use SHA256, 1 = use SHA224
*
* \return 0 if successful
*/ */
void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 ); int mbedtls_sha256_starts_ext( mbedtls_sha256_context *ctx, int is224 );
/** /**
* \brief SHA-256 process buffer * \brief SHA-256 process buffer
@ -89,8 +96,11 @@ void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 );
* \param ctx SHA-256 context * \param ctx SHA-256 context
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*
* \return 0 if successful
*/ */
void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *input, int mbedtls_sha256_update_ext( mbedtls_sha256_context *ctx,
const unsigned char *input,
size_t ilen ); size_t ilen );
/** /**
@ -98,11 +108,93 @@ void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *in
* *
* \param ctx SHA-256 context * \param ctx SHA-256 context
* \param output SHA-224/256 checksum result * \param output SHA-224/256 checksum result
*
* \return 0 if successful
*/ */
void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32] ); int mbedtls_sha256_finish_ext( mbedtls_sha256_context *ctx,
unsigned char output[32] );
/* Internal use */ /**
void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] ); * \brief SHA-256 process data block (internal use only)
*
* \param ctx SHA-256 context
* \param data buffer holding one block of data
*
* \return 0 if successful
*/
int mbedtls_sha256_process_ext( mbedtls_sha256_context *ctx,
const unsigned char data[64] );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief SHA-256 context setup
*
* \deprecated Superseded by mbedtls_sha256_starts_ext() in 2.5.0
*
* \param ctx context to be initialized
* \param is224 0 = use SHA256, 1 = use SHA224
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha256_starts(
mbedtls_sha256_context *ctx,
int is224 )
{
mbedtls_sha256_starts_ext( ctx, is224 );
}
/**
* \brief SHA-256 process buffer
*
* \deprecated Superseded by mbedtls_sha256_update_ext() in 2.5.0
*
* \param ctx SHA-256 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha256_update(
mbedtls_sha256_context *ctx,
const unsigned char *input,
size_t ilen )
{
mbedtls_sha256_update_ext( ctx, input, ilen );
}
/**
* \brief SHA-256 final digest
*
* \deprecated Superseded by mbedtls_sha256_finish_ext() in 2.5.0
*
* \param ctx SHA-256 context
* \param output SHA-224/256 checksum result
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha256_finish(
mbedtls_sha256_context *ctx,
unsigned char output[32] )
{
mbedtls_sha256_finish_ext( ctx, output );
}
/**
* \brief SHA-256 process data block (internal use only)
*
* \deprecated Superseded by mbedtls_sha256_process_ext() in 2.5.0
*
* \param ctx SHA-256 context
* \param data buffer holding one block of data
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha256_process(
mbedtls_sha256_context *ctx,
const unsigned char data[64] )
{
mbedtls_sha256_process_ext( ctx, data );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#ifdef __cplusplus #ifdef __cplusplus
} }
@ -123,9 +215,41 @@ extern "C" {
* \param ilen length of the input data * \param ilen length of the input data
* \param output SHA-224/256 checksum result * \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224 * \param is224 0 = use SHA256, 1 = use SHA224
*
* \return 0 if successful
*/ */
void mbedtls_sha256( const unsigned char *input, size_t ilen, int mbedtls_sha256_ext( const unsigned char *input,
unsigned char output[32], int is224 ); size_t ilen,
unsigned char output[32],
int is224 );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief Output = SHA-256( input buffer )
*
* \deprecated Superseded by mbedtls_sha256_ext() in 2.5.0
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224
*/
MBEDTLS_DEPRECATED static inline void mbedtls_sha256(
const unsigned char *input,
size_t ilen,
unsigned char output[32],
int is224 )
{
mbedtls_sha256_ext( input, ilen, output, is224 );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
/** /**
* \brief Checkup routine * \brief Checkup routine

95
library/sha256.c
View File

@ -100,7 +100,7 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
/* /*
* SHA-256 context setup * SHA-256 context setup
*/ */
void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 ) int mbedtls_sha256_starts_ext( mbedtls_sha256_context *ctx, int is224 )
{ {
ctx->total[0] = 0; ctx->total[0] = 0;
ctx->total[1] = 0; ctx->total[1] = 0;
@ -131,6 +131,8 @@ void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
} }
ctx->is224 = is224; ctx->is224 = is224;
return( 0 );
} }
#if !defined(MBEDTLS_SHA256_PROCESS_ALT) #if !defined(MBEDTLS_SHA256_PROCESS_ALT)
@ -179,7 +181,8 @@ static const uint32_t K[] =
d += temp1; h = temp1 + temp2; \ d += temp1; h = temp1 + temp2; \
} }
void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] ) int mbedtls_sha256_process_ext( mbedtls_sha256_context *ctx,
const unsigned char data[64] )
{ {
uint32_t temp1, temp2, W[64]; uint32_t temp1, temp2, W[64];
uint32_t A[8]; uint32_t A[8];
@ -232,20 +235,24 @@ void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char da
for( i = 0; i < 8; i++ ) for( i = 0; i < 8; i++ )
ctx->state[i] += A[i]; ctx->state[i] += A[i];
return( 0 );
} }
#endif /* !MBEDTLS_SHA256_PROCESS_ALT */ #endif /* !MBEDTLS_SHA256_PROCESS_ALT */
/* /*
* SHA-256 process buffer * SHA-256 process buffer
*/ */
void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *input, int mbedtls_sha256_update_ext( mbedtls_sha256_context *ctx,
const unsigned char *input,
size_t ilen ) size_t ilen )
{ {
int ret;
size_t fill; size_t fill;
uint32_t left; uint32_t left;
if( ilen == 0 ) if( ilen == 0 )
return; return( 0 );
left = ctx->total[0] & 0x3F; left = ctx->total[0] & 0x3F;
fill = 64 - left; fill = 64 - left;
@ -259,7 +266,10 @@ void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *in
if( left && ilen >= fill ) if( left && ilen >= fill )
{ {
memcpy( (void *) (ctx->buffer + left), input, fill ); memcpy( (void *) (ctx->buffer + left), input, fill );
mbedtls_sha256_process( ctx, ctx->buffer );
if( ( ret = mbedtls_sha256_process_ext( ctx, ctx->buffer ) ) != 0 )
return( ret );
input += fill; input += fill;
ilen -= fill; ilen -= fill;
left = 0; left = 0;
@ -267,13 +277,17 @@ void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *in
while( ilen >= 64 ) while( ilen >= 64 )
{ {
mbedtls_sha256_process( ctx, input ); if( ( ret = mbedtls_sha256_process_ext( ctx, input ) ) != 0 )
return( ret );
input += 64; input += 64;
ilen -= 64; ilen -= 64;
} }
if( ilen > 0 ) if( ilen > 0 )
memcpy( (void *) (ctx->buffer + left), input, ilen ); memcpy( (void *) (ctx->buffer + left), input, ilen );
return( 0 );
} }
static const unsigned char sha256_padding[64] = static const unsigned char sha256_padding[64] =
@ -287,8 +301,10 @@ static const unsigned char sha256_padding[64] =
/* /*
* SHA-256 final digest * SHA-256 final digest
*/ */
void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32] ) int mbedtls_sha256_finish_ext( mbedtls_sha256_context *ctx,
unsigned char output[32] )
{ {
int ret;
uint32_t last, padn; uint32_t last, padn;
uint32_t high, low; uint32_t high, low;
unsigned char msglen[8]; unsigned char msglen[8];
@ -303,8 +319,11 @@ void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32
last = ctx->total[0] & 0x3F; last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
mbedtls_sha256_update( ctx, sha256_padding, padn ); if( ( ret = mbedtls_sha256_update_ext( ctx, sha256_padding, padn ) ) != 0 )
mbedtls_sha256_update( ctx, msglen, 8 ); return( ret );
if( ( ret = mbedtls_sha256_update_ext( ctx, msglen, 8 ) ) != 0 )
return( ret );
PUT_UINT32_BE( ctx->state[0], output, 0 ); PUT_UINT32_BE( ctx->state[0], output, 0 );
PUT_UINT32_BE( ctx->state[1], output, 4 ); PUT_UINT32_BE( ctx->state[1], output, 4 );
@ -316,6 +335,8 @@ void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32
if( ctx->is224 == 0 ) if( ctx->is224 == 0 )
PUT_UINT32_BE( ctx->state[7], output, 28 ); PUT_UINT32_BE( ctx->state[7], output, 28 );
return( 0 );
} }
#endif /* !MBEDTLS_SHA256_ALT */ #endif /* !MBEDTLS_SHA256_ALT */
@ -323,16 +344,28 @@ void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32
/* /*
* output = SHA-256( input buffer ) * output = SHA-256( input buffer )
*/ */
void mbedtls_sha256( const unsigned char *input, size_t ilen, int mbedtls_sha256_ext( const unsigned char *input,
unsigned char output[32], int is224 ) size_t ilen,
unsigned char output[32],
int is224 )
{ {
int ret;
mbedtls_sha256_context ctx; mbedtls_sha256_context ctx;
mbedtls_sha256_init( &ctx ); mbedtls_sha256_init( &ctx );
mbedtls_sha256_starts( &ctx, is224 );
mbedtls_sha256_update( &ctx, input, ilen ); if( ( ret = mbedtls_sha256_starts_ext( &ctx, is224 ) ) != 0 )
mbedtls_sha256_finish( &ctx, output ); return( ret );
if( ( ret = mbedtls_sha256_update_ext( &ctx, input, ilen ) ) != 0 )
return( ret );
if( ( ret = mbedtls_sha256_finish_ext( &ctx, output ) ) != 0 )
return( ret );
mbedtls_sha256_free( &ctx ); mbedtls_sha256_free( &ctx );
return( 0 );
} }
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -415,29 +448,31 @@ int mbedtls_sha256_self_test( int verbose )
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 ); mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 );
mbedtls_sha256_starts( &ctx, k ); if( mbedtls_sha256_starts_ext( &ctx, k ) != 0 )
goto fail;
if( j == 2 ) if( j == 2 )
{ {
memset( buf, 'a', buflen = 1000 ); memset( buf, 'a', buflen = 1000 );
for( j = 0; j < 1000; j++ ) for( j = 0; j < 1000; j++ )
mbedtls_sha256_update( &ctx, buf, buflen ); if( mbedtls_sha256_update_ext( &ctx, buf, buflen ) != 0 )
goto fail;
} }
else else
mbedtls_sha256_update( &ctx, sha256_test_buf[j], {
sha256_test_buflen[j] ); if( mbedtls_sha256_update_ext( &ctx, sha256_test_buf[j],
sha256_test_buflen[j] ) != 0 )
goto fail;
}
if( mbedtls_sha256_finish_ext( &ctx, sha256sum ) != 0 )
goto fail;
mbedtls_sha256_finish( &ctx, sha256sum );
if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 ) if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 )
{ goto fail;
if( verbose != 0 )
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
}
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( "passed\n" ); mbedtls_printf( "passed\n" );
@ -446,6 +481,14 @@ int mbedtls_sha256_self_test( int verbose )
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( "\n" ); mbedtls_printf( "\n" );
goto exit;
fail:
if( verbose != 0 )
mbedtls_printf( "failed\n" );
ret = 1;
exit: exit:
mbedtls_sha256_free( &ctx ); mbedtls_sha256_free( &ctx );
mbedtls_free( buf ); mbedtls_free( buf );