mbedtls: update usage of deprecated mbedtls_shaX APIs
The following mbedTLS APIs have been deprecated and replaced with the new ones which return error codes: mbedtls_shaX_starts -> mbedtls_shaX_starts_ret mbedtls_shaX_update -> mbedtls_shaX_update_ret mbedtls_shaX_finish -> mbedtls_shaX_finish_ret mbedtls_shaX_process -> mbedtls_shaX_internal_process Update hardware implementations of SHA functions, and other IDF components which used above functions, to use new versions.
This commit is contained in:
parent
e9cbf96bd1
commit
254e29aca4
|
@ -28,7 +28,7 @@ bootloader_sha256_handle_t bootloader_sha256_start()
|
|||
return NULL;
|
||||
}
|
||||
mbedtls_sha256_init(ctx);
|
||||
mbedtls_sha256_starts(ctx, false);
|
||||
assert(mbedtls_sha256_starts_ret(ctx, false) == 0);
|
||||
return ctx;
|
||||
}
|
||||
|
||||
|
@ -36,7 +36,7 @@ void bootloader_sha256_data(bootloader_sha256_handle_t handle, const void *data,
|
|||
{
|
||||
assert(handle != NULL);
|
||||
mbedtls_sha256_context *ctx = (mbedtls_sha256_context *)handle;
|
||||
mbedtls_sha256_update(ctx, data, data_len);
|
||||
assert(mbedtls_sha256_update_ret(ctx, data, data_len) == 0);
|
||||
}
|
||||
|
||||
void bootloader_sha256_finish(bootloader_sha256_handle_t handle, uint8_t *digest)
|
||||
|
@ -44,7 +44,7 @@ void bootloader_sha256_finish(bootloader_sha256_handle_t handle, uint8_t *digest
|
|||
assert(handle != NULL);
|
||||
mbedtls_sha256_context *ctx = (mbedtls_sha256_context *)handle;
|
||||
if (digest != NULL) {
|
||||
mbedtls_sha256_finish(ctx, digest);
|
||||
assert(mbedtls_sha256_finish_ret(ctx, digest) == 0);
|
||||
}
|
||||
mbedtls_sha256_free(ctx);
|
||||
free(handle);
|
||||
|
|
|
@ -63,7 +63,10 @@ crypto_hash_sha256_init(crypto_hash_sha256_state *state)
|
|||
{
|
||||
mbedtls_sha256_context ctx;
|
||||
mbedtls_sha256_init(&ctx);
|
||||
mbedtls_sha256_starts(&ctx, 0);
|
||||
int ret = mbedtls_sha256_starts_ret(&ctx, 0);
|
||||
if (ret != 0) {
|
||||
return ret;
|
||||
}
|
||||
sha256_mbedtls_to_libsodium(state, &ctx);
|
||||
return 0;
|
||||
}
|
||||
|
@ -74,7 +77,10 @@ crypto_hash_sha256_update(crypto_hash_sha256_state *state,
|
|||
{
|
||||
mbedtls_sha256_context ctx;
|
||||
sha256_libsodium_to_mbedtls(&ctx, state);
|
||||
mbedtls_sha256_update(&ctx, in, inlen);
|
||||
int ret = mbedtls_sha256_update_ret(&ctx, in, inlen);
|
||||
if (ret != 0) {
|
||||
return ret;
|
||||
}
|
||||
sha256_mbedtls_to_libsodium(state, &ctx);
|
||||
return 0;
|
||||
}
|
||||
|
@ -84,15 +90,12 @@ crypto_hash_sha256_final(crypto_hash_sha256_state *state, unsigned char *out)
|
|||
{
|
||||
mbedtls_sha256_context ctx;
|
||||
sha256_libsodium_to_mbedtls(&ctx, state);
|
||||
mbedtls_sha256_finish(&ctx, out);
|
||||
sha256_mbedtls_to_libsodium(state, &ctx);
|
||||
return 0;
|
||||
return mbedtls_sha256_finish_ret(&ctx, out);
|
||||
}
|
||||
|
||||
int
|
||||
crypto_hash_sha256(unsigned char *out, const unsigned char *in,
|
||||
unsigned long long inlen)
|
||||
{
|
||||
mbedtls_sha256(in, inlen, out, 0);
|
||||
return 0;
|
||||
return mbedtls_sha256_ret(in, inlen, out, 0);
|
||||
}
|
||||
|
|
|
@ -67,7 +67,10 @@ crypto_hash_sha512_init(crypto_hash_sha512_state *state)
|
|||
{
|
||||
mbedtls_sha512_context ctx;
|
||||
mbedtls_sha512_init(&ctx);
|
||||
mbedtls_sha512_starts(&ctx, 0);
|
||||
int ret = mbedtls_sha512_starts_ret(&ctx, 0);
|
||||
if (ret != 0) {
|
||||
return ret;
|
||||
}
|
||||
sha512_mbedtls_to_libsodium(state, &ctx);
|
||||
return 0;
|
||||
}
|
||||
|
@ -78,7 +81,10 @@ crypto_hash_sha512_update(crypto_hash_sha512_state *state,
|
|||
{
|
||||
mbedtls_sha512_context ctx;
|
||||
sha512_libsodium_to_mbedtls(&ctx, state);
|
||||
mbedtls_sha512_update(&ctx, in, inlen);
|
||||
int ret = mbedtls_sha512_update_ret(&ctx, in, inlen);
|
||||
if (ret != 0) {
|
||||
return ret;
|
||||
}
|
||||
sha512_mbedtls_to_libsodium(state, &ctx);
|
||||
return 0;
|
||||
}
|
||||
|
@ -88,14 +94,12 @@ crypto_hash_sha512_final(crypto_hash_sha512_state *state, unsigned char *out)
|
|||
{
|
||||
mbedtls_sha512_context ctx;
|
||||
sha512_libsodium_to_mbedtls(&ctx, state);
|
||||
mbedtls_sha512_finish(&ctx, out);
|
||||
return 0;
|
||||
return mbedtls_sha512_finish_ret(&ctx, out);
|
||||
}
|
||||
|
||||
int
|
||||
crypto_hash_sha512(unsigned char *out, const unsigned char *in,
|
||||
unsigned long long inlen)
|
||||
{
|
||||
mbedtls_sha512(in, inlen, out, 0);
|
||||
return 0;
|
||||
return mbedtls_sha512_ret(in, inlen, out, 0);
|
||||
}
|
||||
|
|
|
@ -111,7 +111,7 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
|
|||
/*
|
||||
* SHA-1 context setup
|
||||
*/
|
||||
void mbedtls_sha1_starts( mbedtls_sha1_context *ctx )
|
||||
int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx )
|
||||
{
|
||||
ctx->total[0] = 0;
|
||||
ctx->total[1] = 0;
|
||||
|
@ -126,11 +126,20 @@ void mbedtls_sha1_starts( mbedtls_sha1_context *ctx )
|
|||
esp_sha_unlock_engine(SHA1);
|
||||
}
|
||||
ctx->mode = ESP_MBEDTLS_SHA1_UNUSED;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
void mbedtls_sha1_starts( mbedtls_sha1_context *ctx )
|
||||
{
|
||||
mbedtls_sha1_starts_ret( ctx );
|
||||
}
|
||||
#endif
|
||||
|
||||
static void mbedtls_sha1_software_process( mbedtls_sha1_context *ctx, const unsigned char data[64] );
|
||||
|
||||
void mbedtls_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[64] )
|
||||
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[64] )
|
||||
{
|
||||
bool first_block = false;
|
||||
if (ctx->mode == ESP_MBEDTLS_SHA1_UNUSED) {
|
||||
|
@ -148,8 +157,18 @@ void mbedtls_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[6
|
|||
} else {
|
||||
mbedtls_sha1_software_process(ctx, data);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
void mbedtls_sha1_process( mbedtls_sha1_context *ctx,
|
||||
const unsigned char data[64] )
|
||||
{
|
||||
mbedtls_internal_sha1_process( ctx, data );
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
static void mbedtls_sha1_software_process( mbedtls_sha1_context *ctx, const unsigned char data[64] )
|
||||
{
|
||||
|
@ -310,13 +329,14 @@ static void mbedtls_sha1_software_process( mbedtls_sha1_context *ctx, const unsi
|
|||
/*
|
||||
* SHA-1 process buffer
|
||||
*/
|
||||
void mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen )
|
||||
int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
int ret;
|
||||
size_t fill;
|
||||
uint32_t left;
|
||||
|
||||
if( ilen == 0 )
|
||||
return;
|
||||
return 0;
|
||||
|
||||
left = ctx->total[0] & 0x3F;
|
||||
fill = 64 - left;
|
||||
|
@ -330,7 +350,11 @@ void mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input,
|
|||
if( left && ilen >= fill )
|
||||
{
|
||||
memcpy( (void *) (ctx->buffer + left), input, fill );
|
||||
mbedtls_sha1_process( ctx, ctx->buffer );
|
||||
|
||||
if ( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 ) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
input += fill;
|
||||
ilen -= fill;
|
||||
left = 0;
|
||||
|
@ -338,15 +362,29 @@ void mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input,
|
|||
|
||||
while( ilen >= 64 )
|
||||
{
|
||||
mbedtls_sha1_process( ctx, input );
|
||||
if ( ( ret = mbedtls_internal_sha1_process( ctx, input ) ) != 0 ) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
input += 64;
|
||||
ilen -= 64;
|
||||
}
|
||||
|
||||
if( ilen > 0 )
|
||||
memcpy( (void *) (ctx->buffer + left), input, ilen );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
|
||||
const unsigned char *input,
|
||||
size_t ilen )
|
||||
{
|
||||
mbedtls_sha1_update_ret( ctx, input, ilen );
|
||||
}
|
||||
#endif
|
||||
|
||||
static const unsigned char sha1_padding[64] =
|
||||
{
|
||||
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
|
@ -358,8 +396,9 @@ static const unsigned char sha1_padding[64] =
|
|||
/*
|
||||
* SHA-1 final digest
|
||||
*/
|
||||
void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] )
|
||||
int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, unsigned char output[20] )
|
||||
{
|
||||
int ret;
|
||||
uint32_t last, padn;
|
||||
uint32_t high, low;
|
||||
unsigned char msglen[8];
|
||||
|
@ -374,14 +413,16 @@ void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] )
|
|||
last = ctx->total[0] & 0x3F;
|
||||
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
|
||||
|
||||
mbedtls_sha1_update( ctx, sha1_padding, padn );
|
||||
mbedtls_sha1_update( ctx, msglen, 8 );
|
||||
if ( ( ret = mbedtls_sha1_update_ret( ctx, sha1_padding, padn ) ) != 0 ) {
|
||||
goto out;
|
||||
}
|
||||
if ( ( ret = mbedtls_sha1_update_ret( ctx, msglen, 8 ) ) != 0 ) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* if state is in hardware, read it out */
|
||||
if (ctx->mode == ESP_MBEDTLS_SHA1_HARDWARE) {
|
||||
esp_sha_read_digest_state(SHA1, ctx->state);
|
||||
esp_sha_unlock_engine(SHA1);
|
||||
ctx->mode = ESP_MBEDTLS_SHA1_SOFTWARE;
|
||||
}
|
||||
|
||||
PUT_UINT32_BE( ctx->state[0], output, 0 );
|
||||
|
@ -390,6 +431,21 @@ void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] )
|
|||
PUT_UINT32_BE( ctx->state[3], output, 12 );
|
||||
PUT_UINT32_BE( ctx->state[4], output, 16 );
|
||||
|
||||
out:
|
||||
if (ctx->mode == ESP_MBEDTLS_SHA1_HARDWARE) {
|
||||
esp_sha_unlock_engine(SHA1);
|
||||
ctx->mode = ESP_MBEDTLS_SHA1_SOFTWARE;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
|
||||
unsigned char output[20] )
|
||||
{
|
||||
mbedtls_sha1_finish_ret( ctx, output );
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_SHA1_C && MBEDTLS_SHA1_ALT */
|
||||
|
|
|
@ -111,7 +111,7 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
|
|||
/*
|
||||
* SHA-256 context setup
|
||||
*/
|
||||
void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
|
||||
int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 )
|
||||
{
|
||||
ctx->total[0] = 0;
|
||||
ctx->total[1] = 0;
|
||||
|
@ -146,9 +146,17 @@ void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
|
|||
esp_sha_unlock_engine(SHA2_256);
|
||||
}
|
||||
ctx->mode = ESP_MBEDTLS_SHA256_UNUSED;
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_SHA256_PROCESS_ALT)
|
||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
|
||||
int is224 )
|
||||
{
|
||||
mbedtls_sha256_starts_ret( ctx, is224 );
|
||||
}
|
||||
#endif
|
||||
|
||||
static const uint32_t K[] =
|
||||
{
|
||||
0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5,
|
||||
|
@ -196,7 +204,7 @@ static const uint32_t K[] =
|
|||
|
||||
static void mbedtls_sha256_software_process( mbedtls_sha256_context *ctx, const unsigned char data[64] );
|
||||
|
||||
void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] )
|
||||
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] )
|
||||
{
|
||||
bool first_block = false;
|
||||
|
||||
|
@ -215,8 +223,17 @@ void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char da
|
|||
} else {
|
||||
mbedtls_sha256_software_process(ctx, data);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
void mbedtls_sha256_process( mbedtls_sha256_context *ctx,
|
||||
const unsigned char data[64] )
|
||||
{
|
||||
mbedtls_internal_sha256_process( ctx, data );
|
||||
}
|
||||
#endif
|
||||
|
||||
static void mbedtls_sha256_software_process( mbedtls_sha256_context *ctx, const unsigned char data[64] )
|
||||
{
|
||||
|
@ -272,19 +289,19 @@ static void mbedtls_sha256_software_process( mbedtls_sha256_context *ctx, const
|
|||
for( i = 0; i < 8; i++ )
|
||||
ctx->state[i] += A[i];
|
||||
}
|
||||
#endif /* !MBEDTLS_SHA256_PROCESS_ALT */
|
||||
|
||||
/*
|
||||
* SHA-256 process buffer
|
||||
*/
|
||||
void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *input,
|
||||
int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, const unsigned char *input,
|
||||
size_t ilen )
|
||||
{
|
||||
int ret;
|
||||
size_t fill;
|
||||
uint32_t left;
|
||||
|
||||
if( ilen == 0 )
|
||||
return;
|
||||
return 0;
|
||||
|
||||
left = ctx->total[0] & 0x3F;
|
||||
fill = 64 - left;
|
||||
|
@ -298,7 +315,11 @@ void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *in
|
|||
if( left && ilen >= fill )
|
||||
{
|
||||
memcpy( (void *) (ctx->buffer + left), input, fill );
|
||||
mbedtls_sha256_process( ctx, ctx->buffer );
|
||||
|
||||
if ( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 ) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
input += fill;
|
||||
ilen -= fill;
|
||||
left = 0;
|
||||
|
@ -306,15 +327,29 @@ void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *in
|
|||
|
||||
while( ilen >= 64 )
|
||||
{
|
||||
mbedtls_sha256_process( ctx, input );
|
||||
if ( ( ret = mbedtls_internal_sha256_process( ctx, input ) ) != 0 ) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
input += 64;
|
||||
ilen -= 64;
|
||||
}
|
||||
|
||||
if( ilen > 0 )
|
||||
memcpy( (void *) (ctx->buffer + left), input, ilen );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
|
||||
const unsigned char *input,
|
||||
size_t ilen )
|
||||
{
|
||||
mbedtls_sha256_update_ret( ctx, input, ilen );
|
||||
}
|
||||
#endif
|
||||
|
||||
static const unsigned char sha256_padding[64] =
|
||||
{
|
||||
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
|
@ -326,8 +361,9 @@ static const unsigned char sha256_padding[64] =
|
|||
/*
|
||||
* SHA-256 final digest
|
||||
*/
|
||||
void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32] )
|
||||
int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, unsigned char output[32] )
|
||||
{
|
||||
int ret;
|
||||
uint32_t last, padn;
|
||||
uint32_t high, low;
|
||||
unsigned char msglen[8];
|
||||
|
@ -342,14 +378,17 @@ void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32
|
|||
last = ctx->total[0] & 0x3F;
|
||||
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
|
||||
|
||||
mbedtls_sha256_update( ctx, sha256_padding, padn );
|
||||
mbedtls_sha256_update( ctx, msglen, 8 );
|
||||
if ( ( ret = mbedtls_sha256_update_ret( ctx, sha256_padding, padn ) ) != 0 ) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
if ( ( ret = mbedtls_sha256_update_ret( ctx, msglen, 8 ) ) != 0 ) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* if state is in hardware, read it out */
|
||||
if (ctx->mode == ESP_MBEDTLS_SHA256_HARDWARE) {
|
||||
esp_sha_read_digest_state(SHA2_256, ctx->state);
|
||||
esp_sha_unlock_engine(SHA2_256);
|
||||
ctx->mode = ESP_MBEDTLS_SHA256_SOFTWARE;
|
||||
}
|
||||
|
||||
PUT_UINT32_BE( ctx->state[0], output, 0 );
|
||||
|
@ -362,6 +401,22 @@ void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32
|
|||
|
||||
if( ctx->is224 == 0 )
|
||||
PUT_UINT32_BE( ctx->state[7], output, 28 );
|
||||
|
||||
out:
|
||||
if (ctx->mode == ESP_MBEDTLS_SHA256_HARDWARE) {
|
||||
esp_sha_unlock_engine(SHA2_256);
|
||||
ctx->mode = ESP_MBEDTLS_SHA256_SOFTWARE;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
void mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
|
||||
unsigned char output[32] )
|
||||
{
|
||||
mbedtls_sha256_finish_ret( ctx, output );
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_SHA256_C && MBEDTLS_SHA256_ALT */
|
||||
|
|
|
@ -135,7 +135,7 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
|
|||
/*
|
||||
* SHA-512 context setup
|
||||
*/
|
||||
void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 )
|
||||
int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 )
|
||||
{
|
||||
ctx->total[0] = 0;
|
||||
ctx->total[1] = 0;
|
||||
|
@ -170,8 +170,17 @@ void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 )
|
|||
esp_sha_unlock_engine(sha_type(ctx));
|
||||
}
|
||||
ctx->mode = ESP_MBEDTLS_SHA512_UNUSED;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
void mbedtls_sha512_starts( mbedtls_sha512_context *ctx,
|
||||
int is384 )
|
||||
{
|
||||
mbedtls_sha512_starts_ret( ctx, is384 );
|
||||
}
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Round constants
|
||||
|
@ -222,7 +231,7 @@ static const uint64_t K[80] =
|
|||
|
||||
static void mbedtls_sha512_software_process( mbedtls_sha512_context *ctx, const unsigned char data[128] );
|
||||
|
||||
void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] )
|
||||
int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] )
|
||||
{
|
||||
bool first_block = false;
|
||||
|
||||
|
@ -241,8 +250,17 @@ void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char da
|
|||
} else {
|
||||
mbedtls_sha512_software_process(ctx, data);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
void mbedtls_sha512_process( mbedtls_sha512_context *ctx,
|
||||
const unsigned char data[128] )
|
||||
{
|
||||
mbedtls_internal_sha512_process( ctx, data );
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
static void mbedtls_sha512_software_process( mbedtls_sha512_context *ctx, const unsigned char data[128] )
|
||||
|
@ -317,14 +335,15 @@ static void mbedtls_sha512_software_process( mbedtls_sha512_context *ctx, const
|
|||
/*
|
||||
* SHA-512 process buffer
|
||||
*/
|
||||
void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input,
|
||||
int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, const unsigned char *input,
|
||||
size_t ilen )
|
||||
{
|
||||
int ret;
|
||||
size_t fill;
|
||||
unsigned int left;
|
||||
|
||||
if( ilen == 0 )
|
||||
return;
|
||||
return 0;
|
||||
|
||||
left = (unsigned int) (ctx->total[0] & 0x7F);
|
||||
fill = 128 - left;
|
||||
|
@ -337,7 +356,10 @@ void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *in
|
|||
if( left && ilen >= fill )
|
||||
{
|
||||
memcpy( (void *) (ctx->buffer + left), input, fill );
|
||||
mbedtls_sha512_process( ctx, ctx->buffer );
|
||||
if ( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 ) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
input += fill;
|
||||
ilen -= fill;
|
||||
left = 0;
|
||||
|
@ -345,15 +367,30 @@ void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *in
|
|||
|
||||
while( ilen >= 128 )
|
||||
{
|
||||
mbedtls_sha512_process( ctx, input );
|
||||
if ( ( ret = mbedtls_internal_sha512_process( ctx, input ) ) != 0 ) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
input += 128;
|
||||
ilen -= 128;
|
||||
}
|
||||
|
||||
if( ilen > 0 )
|
||||
memcpy( (void *) (ctx->buffer + left), input, ilen );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
void mbedtls_sha512_update( mbedtls_sha512_context *ctx,
|
||||
const unsigned char *input,
|
||||
size_t ilen )
|
||||
{
|
||||
mbedtls_sha512_update_ret( ctx, input, ilen );
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
static const unsigned char sha512_padding[128] =
|
||||
{
|
||||
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
|
@ -369,8 +406,9 @@ static const unsigned char sha512_padding[128] =
|
|||
/*
|
||||
* SHA-512 final digest
|
||||
*/
|
||||
void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64] )
|
||||
int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, unsigned char output[64] )
|
||||
{
|
||||
int ret;
|
||||
size_t last, padn;
|
||||
uint64_t high, low;
|
||||
unsigned char msglen[16];
|
||||
|
@ -385,14 +423,17 @@ void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64
|
|||
last = (size_t)( ctx->total[0] & 0x7F );
|
||||
padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last );
|
||||
|
||||
mbedtls_sha512_update( ctx, sha512_padding, padn );
|
||||
mbedtls_sha512_update( ctx, msglen, 16 );
|
||||
if ( ( ret = mbedtls_sha512_update_ret( ctx, sha512_padding, padn ) ) != 0 ) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
if ( ( ret = mbedtls_sha512_update_ret( ctx, msglen, 16 ) ) != 0 ) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* if state is in hardware, read it out */
|
||||
if (ctx->mode == ESP_MBEDTLS_SHA512_HARDWARE) {
|
||||
esp_sha_read_digest_state(sha_type(ctx), ctx->state);
|
||||
esp_sha_unlock_engine(sha_type(ctx));
|
||||
ctx->mode = ESP_MBEDTLS_SHA512_SOFTWARE;
|
||||
}
|
||||
|
||||
PUT_UINT64_BE( ctx->state[0], output, 0 );
|
||||
|
@ -407,6 +448,22 @@ void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64
|
|||
PUT_UINT64_BE( ctx->state[6], output, 48 );
|
||||
PUT_UINT64_BE( ctx->state[7], output, 56 );
|
||||
}
|
||||
|
||||
out:
|
||||
if (ctx->mode == ESP_MBEDTLS_SHA512_HARDWARE) {
|
||||
esp_sha_unlock_engine(sha_type(ctx));
|
||||
ctx->mode = ESP_MBEDTLS_SHA512_SOFTWARE;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
void mbedtls_sha512_finish( mbedtls_sha512_context *ctx,
|
||||
unsigned char output[64] )
|
||||
{
|
||||
mbedtls_sha512_finish_ret( ctx, output );
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_SHA512_C && MBEDTLS_SHA512_ALT */
|
||||
|
|
|
@ -62,19 +62,19 @@ TEST_CASE("mbedtls SHA interleaving", "[mbedtls]")
|
|||
mbedtls_sha256_init(&sha256_ctx);
|
||||
mbedtls_sha512_init(&sha512_ctx);
|
||||
|
||||
mbedtls_sha1_starts(&sha1_ctx);
|
||||
mbedtls_sha256_starts(&sha256_ctx, false);
|
||||
mbedtls_sha512_starts(&sha512_ctx, false);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha1_starts_ret(&sha1_ctx));
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha256_starts_ret(&sha256_ctx, false));
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha512_starts_ret(&sha512_ctx, false));
|
||||
|
||||
for (int i = 0; i < 10; i++) {
|
||||
mbedtls_sha1_update(&sha1_ctx, one_hundred_as, 100);
|
||||
mbedtls_sha256_update(&sha256_ctx, one_hundred_as, 100);
|
||||
mbedtls_sha512_update(&sha512_ctx, one_hundred_bs, 100);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha1_update_ret(&sha1_ctx, one_hundred_as, 100));
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha256_update_ret(&sha256_ctx, one_hundred_as, 100));
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha512_update_ret(&sha512_ctx, one_hundred_bs, 100));
|
||||
}
|
||||
|
||||
mbedtls_sha1_finish(&sha1_ctx, sha1);
|
||||
mbedtls_sha256_finish(&sha256_ctx, sha256);
|
||||
mbedtls_sha512_finish(&sha512_ctx, sha512);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha1_finish_ret(&sha1_ctx, sha1));
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha256_finish_ret(&sha256_ctx, sha256));
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish_ret(&sha512_ctx, sha512));
|
||||
|
||||
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_thousand_bs, sha512, 64, "SHA512 calculation");
|
||||
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_as, sha256, 32, "SHA256 calculation");
|
||||
|
@ -89,11 +89,11 @@ static void tskRunSHA1Test(void *pvParameters)
|
|||
|
||||
for (int i = 0; i < 1000; i++) {
|
||||
mbedtls_sha1_init(&sha1_ctx);
|
||||
mbedtls_sha1_starts(&sha1_ctx);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha1_starts_ret(&sha1_ctx));
|
||||
for (int j = 0; j < 10; j++) {
|
||||
mbedtls_sha1_update(&sha1_ctx, (unsigned char *)one_hundred_as, 100);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha1_update_ret(&sha1_ctx, (unsigned char *)one_hundred_as, 100));
|
||||
}
|
||||
mbedtls_sha1_finish(&sha1_ctx, sha1);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha1_finish_ret(&sha1_ctx, sha1));
|
||||
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha1_thousand_as, sha1, 20, "SHA1 calculation");
|
||||
}
|
||||
xSemaphoreGive(done_sem);
|
||||
|
@ -107,11 +107,11 @@ static void tskRunSHA256Test(void *pvParameters)
|
|||
|
||||
for (int i = 0; i < 1000; i++) {
|
||||
mbedtls_sha256_init(&sha256_ctx);
|
||||
mbedtls_sha256_starts(&sha256_ctx, false);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha256_starts_ret(&sha256_ctx, false));
|
||||
for (int j = 0; j < 10; j++) {
|
||||
mbedtls_sha256_update(&sha256_ctx, (unsigned char *)one_hundred_bs, 100);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha256_update_ret(&sha256_ctx, (unsigned char *)one_hundred_bs, 100));
|
||||
}
|
||||
mbedtls_sha256_finish(&sha256_ctx, sha256);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha256_finish_ret(&sha256_ctx, sha256));
|
||||
|
||||
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_bs, sha256, 32, "SHA256 calculation");
|
||||
}
|
||||
|
@ -187,21 +187,21 @@ TEST_CASE("mbedtls SHA512 clone", "[mbedtls]")
|
|||
unsigned char sha512[64];
|
||||
|
||||
mbedtls_sha512_init(&ctx);
|
||||
mbedtls_sha512_starts(&ctx, false);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha512_starts_ret(&ctx, false));
|
||||
for (int i = 0; i < 5; i++) {
|
||||
mbedtls_sha512_update(&ctx, one_hundred_bs, 100);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha512_update_ret(&ctx, one_hundred_bs, 100));
|
||||
}
|
||||
|
||||
mbedtls_sha512_clone(&clone, &ctx);
|
||||
for (int i = 0; i < 5; i++) {
|
||||
mbedtls_sha512_update(&ctx, one_hundred_bs, 100);
|
||||
mbedtls_sha512_update(&clone, one_hundred_bs, 100);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha512_update_ret(&ctx, one_hundred_bs, 100));
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha512_update_ret(&clone, one_hundred_bs, 100));
|
||||
}
|
||||
mbedtls_sha512_finish(&ctx, sha512);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish_ret(&ctx, sha512));
|
||||
|
||||
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_thousand_bs, sha512, 64, "SHA512 original calculation");
|
||||
|
||||
mbedtls_sha512_finish(&clone, sha512);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish_ret(&clone, sha512));
|
||||
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_thousand_bs, sha512, 64, "SHA512 cloned calculation");
|
||||
}
|
||||
|
||||
|
@ -212,21 +212,21 @@ TEST_CASE("mbedtls SHA384 clone", "[mbedtls]")
|
|||
unsigned char sha384[48];
|
||||
|
||||
mbedtls_sha512_init(&ctx);
|
||||
mbedtls_sha512_starts(&ctx, true);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha512_starts_ret(&ctx, true));
|
||||
for (int i = 0; i < 5; i++) {
|
||||
mbedtls_sha512_update(&ctx, one_hundred_bs, 100);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha512_update_ret(&ctx, one_hundred_bs, 100));
|
||||
}
|
||||
|
||||
mbedtls_sha512_clone(&clone, &ctx);
|
||||
for (int i = 0; i < 5; i++) {
|
||||
mbedtls_sha512_update(&ctx, one_hundred_bs, 100);
|
||||
mbedtls_sha512_update(&clone, one_hundred_bs, 100);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha512_update_ret(&ctx, one_hundred_bs, 100));
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha512_update_ret(&clone, one_hundred_bs, 100));
|
||||
}
|
||||
mbedtls_sha512_finish(&ctx, sha384);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish_ret(&ctx, sha384));
|
||||
|
||||
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha384_thousand_bs, sha384, 48, "SHA512 original calculation");
|
||||
|
||||
mbedtls_sha512_finish(&clone, sha384);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish_ret(&clone, sha384));
|
||||
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha384_thousand_bs, sha384, 48, "SHA512 cloned calculation");
|
||||
}
|
||||
|
||||
|
@ -238,20 +238,20 @@ TEST_CASE("mbedtls SHA256 clone", "[mbedtls]")
|
|||
unsigned char sha256[64];
|
||||
|
||||
mbedtls_sha256_init(&ctx);
|
||||
mbedtls_sha256_starts(&ctx, false);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha256_starts_ret(&ctx, false));
|
||||
for (int i = 0; i < 5; i++) {
|
||||
mbedtls_sha256_update(&ctx, one_hundred_as, 100);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha256_update_ret(&ctx, one_hundred_as, 100));
|
||||
}
|
||||
|
||||
mbedtls_sha256_clone(&clone, &ctx);
|
||||
for (int i = 0; i < 5; i++) {
|
||||
mbedtls_sha256_update(&ctx, one_hundred_as, 100);
|
||||
mbedtls_sha256_update(&clone, one_hundred_as, 100);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha256_update_ret(&ctx, one_hundred_as, 100));
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha256_update_ret(&clone, one_hundred_as, 100));
|
||||
}
|
||||
mbedtls_sha256_finish(&ctx, sha256);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha256_finish_ret(&ctx, sha256));
|
||||
|
||||
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_as, sha256, 32, "SHA256 original calculation");
|
||||
|
||||
mbedtls_sha256_finish(&clone, sha256);
|
||||
TEST_ASSERT_EQUAL(0, mbedtls_sha256_finish_ret(&clone, sha256));
|
||||
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_as, sha256, 32, "SHA256 cloned calculation");
|
||||
}
|
||||
|
|
|
@ -28,21 +28,31 @@ int
|
|||
fast_sha256_vector(size_t num_elem, const uint8_t *addr[], const size_t *len,
|
||||
uint8_t *mac)
|
||||
{
|
||||
int ret = 0;
|
||||
mbedtls_sha256_context ctx;
|
||||
|
||||
mbedtls_sha256_init(&ctx);
|
||||
|
||||
mbedtls_sha256_starts(&ctx, 0);
|
||||
|
||||
for(size_t index = 0; index < num_elem; index++) {
|
||||
mbedtls_sha256_update(&ctx, addr[index], len[index]);
|
||||
if (mbedtls_sha256_starts_ret(&ctx, 0) != 0) {
|
||||
ret = -1;
|
||||
goto out;
|
||||
}
|
||||
|
||||
mbedtls_sha256_finish(&ctx, mac);
|
||||
for(size_t index = 0; index < num_elem; index++) {
|
||||
if (mbedtls_sha256_update_ret(&ctx, addr[index], len[index]) != 0) {
|
||||
ret = -1;
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
|
||||
if (mbedtls_sha256_finish_ret(&ctx, mac) != 0) {
|
||||
ret = -1;
|
||||
goto out;
|
||||
}
|
||||
|
||||
out:
|
||||
mbedtls_sha256_free(&ctx);
|
||||
|
||||
return 0;
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue