Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2025-12-23 15:55:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly

Browse source 
The SHA4 name was not clear with regards to the new SHA-3 standard. So
SHA2 and SHA4 have been renamed to better represent what they are:
SHA256 and SHA512 modules.
This commit is contained in:
Paul Bakker 2013-06-30 14:34:05 +02:00
parent 3866b9f4b5
commit 9e36f0475f
32 changed files with 700 additions and 697 deletions
Download patch file Download diff file Expand all files Collapse all files

20
library/entropy.c
View file

@ -40,7 +40,7 @@ void entropy_init( entropy_context *ctx )
{
memset( ctx, 0, sizeof(entropy_context) );
sha4_starts( &ctx->accumulator, 0 );
sha512_starts( &ctx->accumulator, 0 );
#if defined(POLARSSL_HAVEGE_C)
havege_init( &ctx->havege_data );
#endif
@ -91,7 +91,7 @@ static int entropy_update( entropy_context *ctx, unsigned char source_id,
if( use_len > ENTROPY_BLOCK_SIZE )
{
sha4( data, len, tmp, 0 );
sha512( data, len, tmp, 0 );
p = tmp;
use_len = ENTROPY_BLOCK_SIZE;
@ -100,8 +100,8 @@ static int entropy_update( entropy_context *ctx, unsigned char source_id,
header[0] = source_id;
header[1] = use_len & 0xFF;
sha4_update( &ctx->accumulator, header, 2 );
sha4_update( &ctx->accumulator, p, use_len );
sha512_update( &ctx->accumulator, header, 2 );
sha512_update( &ctx->accumulator, p, use_len );
return( 0 );
}
@ -179,19 +179,19 @@ int entropy_func( void *data, unsigned char *output, size_t len )
memset( buf, 0, ENTROPY_BLOCK_SIZE );
sha4_finish( &ctx->accumulator, buf );
sha512_finish( &ctx->accumulator, buf );
/*
* Perform second SHA-512 on entropy
*/
sha4( buf, ENTROPY_BLOCK_SIZE, buf, 0 );
sha512( buf, ENTROPY_BLOCK_SIZE, buf, 0 );
/*
* Reset accumulator and counters and recycle existing entropy
*/
memset( &ctx->accumulator, 0, sizeof( sha4_context ) );
sha4_starts( &ctx->accumulator, 0 );
sha4_update( &ctx->accumulator, buf, ENTROPY_BLOCK_SIZE );
memset( &ctx->accumulator, 0, sizeof( sha512_context ) );
sha512_starts( &ctx->accumulator, 0 );
sha512_update( &ctx->accumulator, buf, ENTROPY_BLOCK_SIZE );
for( i = 0; i < ctx->source_count; i++ )
ctx->source[i].size = 0;

20
library/error.c
View file

@ -129,11 +129,11 @@
#include "polarssl/sha1.h"
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
#include "polarssl/sha2.h"
#endif
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
#include "polarssl/sha4.h"
#endif
@ -594,15 +594,15 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
snprintf( buf, buflen, "SHA1 - Read/write error in file" );
#endif /* POLARSSL_SHA1_C */
#if defined(POLARSSL_SHA2_C)
if( use_ret == -(POLARSSL_ERR_SHA2_FILE_IO_ERROR) )
snprintf( buf, buflen, "SHA2 - Read/write error in file" );
#endif /* POLARSSL_SHA2_C */
#if defined(POLARSSL_SHA256_C)
if( use_ret == -(POLARSSL_ERR_SHA256_FILE_IO_ERROR) )
snprintf( buf, buflen, "SHA256 - Read/write error in file" );
#endif /* POLARSSL_SHA256_C */
#if defined(POLARSSL_SHA4_C)
if( use_ret == -(POLARSSL_ERR_SHA4_FILE_IO_ERROR) )
snprintf( buf, buflen, "SHA4 - Read/write error in file" );
#endif /* POLARSSL_SHA4_C */
#if defined(POLARSSL_SHA512_C)
if( use_ret == -(POLARSSL_ERR_SHA512_FILE_IO_ERROR) )
snprintf( buf, buflen, "SHA512 - Read/write error in file" );
#endif /* POLARSSL_SHA512_C */
#if defined(POLARSSL_XTEA_C)
if( use_ret == -(POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH) )

12
library/md.c
View file

@ -58,12 +58,12 @@ static const int supported_digests[] = {
POLARSSL_MD_SHA1,
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
POLARSSL_MD_SHA224,
POLARSSL_MD_SHA256,
#endif
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
POLARSSL_MD_SHA384,
POLARSSL_MD_SHA512,
#endif
@ -98,13 +98,13 @@ const md_info_t *md_info_from_string( const char *md_name )
if( !strcasecmp( "SHA1", md_name ) || !strcasecmp( "SHA", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA1 );
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
if( !strcasecmp( "SHA224", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA224 );
if( !strcasecmp( "SHA256", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA256 );
#endif
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
if( !strcasecmp( "SHA384", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA384 );
if( !strcasecmp( "SHA512", md_name ) )
@ -133,13 +133,13 @@ const md_info_t *md_info_from_type( md_type_t md_type )
case POLARSSL_MD_SHA1:
return &sha1_info;
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
case POLARSSL_MD_SHA224:
return &sha224_info;
case POLARSSL_MD_SHA256:
return &sha256_info;
#endif
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
case POLARSSL_MD_SHA384:
return &sha384_info;
case POLARSSL_MD_SHA512:

104
library/md_wrap.c
View file

@ -49,11 +49,11 @@
#include "polarssl/sha1.h"
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
#include "polarssl/sha2.h"
#endif
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
#include "polarssl/sha4.h"
#endif
@ -400,33 +400,33 @@ const md_info_t sha1_info = {
/*
* Wrappers for generic message digests
*/
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
static void sha224_starts_wrap( void *ctx )
{
sha2_starts( (sha2_context *) ctx, 1 );
sha256_starts( (sha256_context *) ctx, 1 );
}
static void sha224_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_update( (sha2_context *) ctx, input, ilen );
sha256_update( (sha256_context *) ctx, input, ilen );
}
static void sha224_finish_wrap( void *ctx, unsigned char *output )
{
sha2_finish( (sha2_context *) ctx, output );
sha256_finish( (sha256_context *) ctx, output );
}
static void sha224_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2( input, ilen, output, 1 );
sha256( input, ilen, output, 1 );
}
static int sha224_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return sha2_file( path, output, 1 );
return sha256_file( path, output, 1 );
#else
((void) path);
((void) output);
@ -436,34 +436,34 @@ static int sha224_file_wrap( const char *path, unsigned char *output )
static void sha224_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 1 );
sha256_hmac_starts( (sha256_context *) ctx, key, keylen, 1 );
}
static void sha224_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_hmac_update( (sha2_context *) ctx, input, ilen );
sha256_hmac_update( (sha256_context *) ctx, input, ilen );
}
static void sha224_hmac_finish_wrap( void *ctx, unsigned char *output )
{
sha2_hmac_finish( (sha2_context *) ctx, output );
sha256_hmac_finish( (sha256_context *) ctx, output );
}
static void sha224_hmac_reset_wrap( void *ctx )
{
sha2_hmac_reset( (sha2_context *) ctx );
sha256_hmac_reset( (sha256_context *) ctx );
}
static void sha224_hmac_wrap( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2_hmac( key, keylen, input, ilen, output, 1 );
sha256_hmac( key, keylen, input, ilen, output, 1 );
}
static void * sha224_ctx_alloc( void )
{
return malloc( sizeof( sha2_context ) );
return malloc( sizeof( sha256_context ) );
}
static void sha224_ctx_free( void *ctx )
@ -473,7 +473,7 @@ static void sha224_ctx_free( void *ctx )
static void sha224_process_wrap( void *ctx, const unsigned char *data )
{
sha2_process( (sha2_context *) ctx, data );
sha256_process( (sha256_context *) ctx, data );
}
const md_info_t sha224_info = {
@ -497,29 +497,29 @@ const md_info_t sha224_info = {
static void sha256_starts_wrap( void *ctx )
{
sha2_starts( (sha2_context *) ctx, 0 );
sha256_starts( (sha256_context *) ctx, 0 );
}
static void sha256_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_update( (sha2_context *) ctx, input, ilen );
sha256_update( (sha256_context *) ctx, input, ilen );
}
static void sha256_finish_wrap( void *ctx, unsigned char *output )
{
sha2_finish( (sha2_context *) ctx, output );
sha256_finish( (sha256_context *) ctx, output );
}
static void sha256_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2( input, ilen, output, 0 );
sha256( input, ilen, output, 0 );
}
static int sha256_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return sha2_file( path, output, 0 );
return sha256_file( path, output, 0 );
#else
((void) path);
((void) output);
@ -529,34 +529,34 @@ static int sha256_file_wrap( const char *path, unsigned char *output )
static void sha256_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 0 );
sha256_hmac_starts( (sha256_context *) ctx, key, keylen, 0 );
}
static void sha256_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_hmac_update( (sha2_context *) ctx, input, ilen );
sha256_hmac_update( (sha256_context *) ctx, input, ilen );
}
static void sha256_hmac_finish_wrap( void *ctx, unsigned char *output )
{
sha2_hmac_finish( (sha2_context *) ctx, output );
sha256_hmac_finish( (sha256_context *) ctx, output );
}
static void sha256_hmac_reset_wrap( void *ctx )
{
sha2_hmac_reset( (sha2_context *) ctx );
sha256_hmac_reset( (sha256_context *) ctx );
}
static void sha256_hmac_wrap( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2_hmac( key, keylen, input, ilen, output, 0 );
sha256_hmac( key, keylen, input, ilen, output, 0 );
}
static void * sha256_ctx_alloc( void )
{
return malloc( sizeof( sha2_context ) );
return malloc( sizeof( sha256_context ) );
}
static void sha256_ctx_free( void *ctx )
@ -566,7 +566,7 @@ static void sha256_ctx_free( void *ctx )
static void sha256_process_wrap( void *ctx, const unsigned char *data )
{
sha2_process( (sha2_context *) ctx, data );
sha256_process( (sha256_context *) ctx, data );
}
const md_info_t sha256_info = {
@ -590,33 +590,33 @@ const md_info_t sha256_info = {
#endif
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
static void sha384_starts_wrap( void *ctx )
{
sha4_starts( (sha4_context *) ctx, 1 );
sha512_starts( (sha512_context *) ctx, 1 );
}
static void sha384_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha4_update( (sha4_context *) ctx, input, ilen );
sha512_update( (sha512_context *) ctx, input, ilen );
}
static void sha384_finish_wrap( void *ctx, unsigned char *output )
{
sha4_finish( (sha4_context *) ctx, output );
sha512_finish( (sha512_context *) ctx, output );
}
static void sha384_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha4( input, ilen, output, 1 );
sha512( input, ilen, output, 1 );
}
static int sha384_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return sha4_file( path, output, 1 );
return sha512_file( path, output, 1 );
#else
((void) path);
((void) output);
@ -626,34 +626,34 @@ static int sha384_file_wrap( const char *path, unsigned char *output )
static void sha384_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha4_hmac_starts( (sha4_context *) ctx, key, keylen, 1 );
sha512_hmac_starts( (sha512_context *) ctx, key, keylen, 1 );
}
static void sha384_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha4_hmac_update( (sha4_context *) ctx, input, ilen );
sha512_hmac_update( (sha512_context *) ctx, input, ilen );
}
static void sha384_hmac_finish_wrap( void *ctx, unsigned char *output )
{
sha4_hmac_finish( (sha4_context *) ctx, output );
sha512_hmac_finish( (sha512_context *) ctx, output );
}
static void sha384_hmac_reset_wrap( void *ctx )
{
sha4_hmac_reset( (sha4_context *) ctx );
sha512_hmac_reset( (sha512_context *) ctx );
}
static void sha384_hmac_wrap( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha4_hmac( key, keylen, input, ilen, output, 1 );
sha512_hmac( key, keylen, input, ilen, output, 1 );
}
static void * sha384_ctx_alloc( void )
{
return malloc( sizeof( sha4_context ) );
return malloc( sizeof( sha512_context ) );
}
static void sha384_ctx_free( void *ctx )
@ -663,7 +663,7 @@ static void sha384_ctx_free( void *ctx )
static void sha384_process_wrap( void *ctx, const unsigned char *data )
{
sha4_process( (sha4_context *) ctx, data );
sha512_process( (sha512_context *) ctx, data );
}
const md_info_t sha384_info = {
@ -687,29 +687,29 @@ const md_info_t sha384_info = {
static void sha512_starts_wrap( void *ctx )
{
sha4_starts( (sha4_context *) ctx, 0 );
sha512_starts( (sha512_context *) ctx, 0 );
}
static void sha512_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha4_update( (sha4_context *) ctx, input, ilen );
sha512_update( (sha512_context *) ctx, input, ilen );
}
static void sha512_finish_wrap( void *ctx, unsigned char *output )
{
sha4_finish( (sha4_context *) ctx, output );
sha512_finish( (sha512_context *) ctx, output );
}
static void sha512_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha4( input, ilen, output, 0 );
sha512( input, ilen, output, 0 );
}
static int sha512_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return sha4_file( path, output, 0 );
return sha512_file( path, output, 0 );
#else
((void) path);
((void) output);
@ -719,34 +719,34 @@ static int sha512_file_wrap( const char *path, unsigned char *output )
static void sha512_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha4_hmac_starts( (sha4_context *) ctx, key, keylen, 0 );
sha512_hmac_starts( (sha512_context *) ctx, key, keylen, 0 );
}
static void sha512_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha4_hmac_update( (sha4_context *) ctx, input, ilen );
sha512_hmac_update( (sha512_context *) ctx, input, ilen );
}
static void sha512_hmac_finish_wrap( void *ctx, unsigned char *output )
{
sha4_hmac_finish( (sha4_context *) ctx, output );
sha512_hmac_finish( (sha512_context *) ctx, output );
}
static void sha512_hmac_reset_wrap( void *ctx )
{
sha4_hmac_reset( (sha4_context *) ctx );
sha512_hmac_reset( (sha512_context *) ctx );
}
static void sha512_hmac_wrap( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha4_hmac( key, keylen, input, ilen, output, 0 );
sha512_hmac( key, keylen, input, ilen, output, 0 );
}
static void * sha512_ctx_alloc( void )
{
return malloc( sizeof( sha4_context ) );
return malloc( sizeof( sha512_context ) );
}
static void sha512_ctx_free( void *ctx )
@ -756,7 +756,7 @@ static void sha512_ctx_free( void *ctx )
static void sha512_process_wrap( void *ctx, const unsigned char *data )
{
sha4_process( (sha4_context *) ctx, data );
sha512_process( (sha512_context *) ctx, data );
}
const md_info_t sha512_info = {

150
library/sha2.c
View file

@ -30,7 +30,7 @@
#include "polarssl/config.h"
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
#include "polarssl/sha2.h"
@ -38,7 +38,7 @@
#include <stdio.h>
#endif
#if !defined(POLARSSL_SHA2_ALT)
#if !defined(POLARSSL_SHA256_ALT)
/*
* 32-bit integer manipulation macros (big endian)
@ -66,7 +66,7 @@
/*
* SHA-256 context setup
*/
void sha2_starts( sha2_context *ctx, int is224 )
void sha256_starts( sha256_context *ctx, int is224 )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@ -99,7 +99,7 @@ void sha2_starts( sha2_context *ctx, int is224 )
ctx->is224 = is224;
}
void sha2_process( sha2_context *ctx, const unsigned char data[64] )
void sha256_process( sha256_context *ctx, const unsigned char data[64] )
{
uint32_t temp1, temp2, W[64];
uint32_t A, B, C, D, E, F, G, H;
@ -233,7 +233,7 @@ void sha2_process( sha2_context *ctx, const unsigned char data[64] )
/*
* SHA-256 process buffer
*/
void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen )
void sha256_update( sha256_context *ctx, const unsigned char *input, size_t ilen )
{
size_t fill;
uint32_t left;
@ -253,7 +253,7 @@ void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen )
if( left && ilen >= fill )
{
memcpy( (void *) (ctx->buffer + left), input, fill );
sha2_process( ctx, ctx->buffer );
sha256_process( ctx, ctx->buffer );
input += fill;
ilen -= fill;
left = 0;
@ -261,7 +261,7 @@ void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen )
while( ilen >= 64 )
{
sha2_process( ctx, input );
sha256_process( ctx, input );
input += 64;
ilen -= 64;
}
@ -270,7 +270,7 @@ void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen )
memcpy( (void *) (ctx->buffer + left), input, ilen );
}
static const unsigned char sha2_padding[64] =
static const unsigned char sha256_padding[64] =
{
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
@ -281,7 +281,7 @@ static const unsigned char sha2_padding[64] =
/*
* SHA-256 final digest
*/
void sha2_finish( sha2_context *ctx, unsigned char output[32] )
void sha256_finish( sha256_context *ctx, unsigned char output[32] )
{
uint32_t last, padn;
uint32_t high, low;
@ -297,8 +297,8 @@ void sha2_finish( sha2_context *ctx, unsigned char output[32] )
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
sha2_update( ctx, sha2_padding, padn );
sha2_update( ctx, msglen, 8 );
sha256_update( ctx, sha256_padding, padn );
sha256_update( ctx, msglen, 8 );
PUT_UINT32_BE( ctx->state[0], output, 0 );
PUT_UINT32_BE( ctx->state[1], output, 4 );
@ -312,50 +312,50 @@ void sha2_finish( sha2_context *ctx, unsigned char output[32] )
PUT_UINT32_BE( ctx->state[7], output, 28 );
}
#endif /* !POLARSSL_SHA2_ALT */
#endif /* !POLARSSL_SHA256_ALT */
/*
* output = SHA-256( input buffer )
*/
void sha2( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 )
void sha256( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 )
{
sha2_context ctx;
sha256_context ctx;
sha2_starts( &ctx, is224 );
sha2_update( &ctx, input, ilen );
sha2_finish( &ctx, output );
sha256_starts( &ctx, is224 );
sha256_update( &ctx, input, ilen );
sha256_finish( &ctx, output );
memset( &ctx, 0, sizeof( sha2_context ) );
memset( &ctx, 0, sizeof( sha256_context ) );
}
#if defined(POLARSSL_FS_IO)
/*
* output = SHA-256( file contents )
*/
int sha2_file( const char *path, unsigned char output[32], int is224 )
int sha256_file( const char *path, unsigned char output[32], int is224 )
{
FILE *f;
size_t n;
sha2_context ctx;
sha256_context ctx;
unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_SHA2_FILE_IO_ERROR );
return( POLARSSL_ERR_SHA256_FILE_IO_ERROR );
sha2_starts( &ctx, is224 );
sha256_starts( &ctx, is224 );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
sha2_update( &ctx, buf, n );
sha256_update( &ctx, buf, n );
sha2_finish( &ctx, output );
sha256_finish( &ctx, output );
memset( &ctx, 0, sizeof( sha2_context ) );
memset( &ctx, 0, sizeof( sha256_context ) );
if( ferror( f ) != 0 )
{
fclose( f );
return( POLARSSL_ERR_SHA2_FILE_IO_ERROR );
return( POLARSSL_ERR_SHA256_FILE_IO_ERROR );
}
fclose( f );
@ -366,15 +366,15 @@ int sha2_file( const char *path, unsigned char output[32], int is224 )
/*
* SHA-256 HMAC context setup
*/
void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keylen,
int is224 )
void sha256_hmac_starts( sha256_context *ctx, const unsigned char *key,
size_t keylen, int is224 )
{
size_t i;
unsigned char sum[32];
if( keylen > 64 )
{
sha2( key, keylen, sum, is224 );
sha256( key, keylen, sum, is224 );
keylen = ( is224 ) ? 28 : 32;
key = sum;
}
@ -388,8 +388,8 @@ void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keyle
ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
}
sha2_starts( ctx, is224 );
sha2_update( ctx, ctx->ipad, 64 );
sha256_starts( ctx, is224 );
sha256_update( ctx, ctx->ipad, 64 );
memset( sum, 0, sizeof( sum ) );
}
@ -397,15 +397,15 @@ void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keyle
/*
* SHA-256 HMAC process buffer
*/
void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, size_t ilen )
void sha256_hmac_update( sha256_context *ctx, const unsigned char *input, size_t ilen )
{
sha2_update( ctx, input, ilen );
sha256_update( ctx, input, ilen );
}
/*
* SHA-256 HMAC final digest
*/
void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] )
void sha256_hmac_finish( sha256_context *ctx, unsigned char output[32] )
{
int is224, hlen;
unsigned char tmpbuf[32];
@ -413,11 +413,11 @@ void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] )
is224 = ctx->is224;
hlen = ( is224 == 0 ) ? 32 : 28;
sha2_finish( ctx, tmpbuf );
sha2_starts( ctx, is224 );
sha2_update( ctx, ctx->opad, 64 );
sha2_update( ctx, tmpbuf, hlen );
sha2_finish( ctx, output );
sha256_finish( ctx, tmpbuf );
sha256_starts( ctx, is224 );
sha256_update( ctx, ctx->opad, 64 );
sha256_update( ctx, tmpbuf, hlen );
sha256_finish( ctx, output );
memset( tmpbuf, 0, sizeof( tmpbuf ) );
}
@ -425,45 +425,45 @@ void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] )
/*
* SHA-256 HMAC context reset
*/
void sha2_hmac_reset( sha2_context *ctx )
void sha256_hmac_reset( sha256_context *ctx )
{
sha2_starts( ctx, ctx->is224 );
sha2_update( ctx, ctx->ipad, 64 );
sha256_starts( ctx, ctx->is224 );
sha256_update( ctx, ctx->ipad, 64 );
}
/*
* output = HMAC-SHA-256( hmac key, input buffer )
*/
void sha2_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 )
void sha256_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 )
{
sha2_context ctx;
sha256_context ctx;
sha2_hmac_starts( &ctx, key, keylen, is224 );
sha2_hmac_update( &ctx, input, ilen );
sha2_hmac_finish( &ctx, output );
sha256_hmac_starts( &ctx, key, keylen, is224 );
sha256_hmac_update( &ctx, input, ilen );
sha256_hmac_finish( &ctx, output );
memset( &ctx, 0, sizeof( sha2_context ) );
memset( &ctx, 0, sizeof( sha256_context ) );
}
#if defined(POLARSSL_SELF_TEST)
/*
* FIPS-180-2 test vectors
*/
static unsigned char sha2_test_buf[3][57] =
static unsigned char sha256_test_buf[3][57] =
{
{ "abc" },
{ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
{ "" }
};
static const int sha2_test_buflen[3] =
static const int sha256_test_buflen[3] =
{
3, 56, 1000
};
static const unsigned char sha2_test_sum[6][32] =
static const unsigned char sha256_test_sum[6][32] =
{
/*
* SHA-224 test vectors
@ -501,7 +501,7 @@ static const unsigned char sha2_test_sum[6][32] =
/*
* RFC 4231 test vectors
*/
static unsigned char sha2_hmac_test_key[7][26] =
static unsigned char sha256_hmac_test_key[7][26] =
{
{ "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
"\x0B\x0B\x0B\x0B" },
@ -516,12 +516,12 @@ static unsigned char sha2_hmac_test_key[7][26] =
{ "" }
};
static const int sha2_hmac_test_keylen[7] =
static const int sha256_hmac_test_keylen[7] =
{
20, 4, 20, 25, 20, 131, 131
};
static unsigned char sha2_hmac_test_buf[7][153] =
static unsigned char sha256_hmac_test_buf[7][153] =
{
{ "Hi There" },
{ "what do ya want for nothing?" },
@ -542,12 +542,12 @@ static unsigned char sha2_hmac_test_buf[7][153] =
"be hashed before being used by the HMAC algorithm." }
};
static const int sha2_hmac_test_buflen[7] =
static const int sha256_hmac_test_buflen[7] =
{
8, 28, 50, 50, 20, 54, 152
};
static const unsigned char sha2_hmac_test_sum[14][32] =
static const unsigned char sha256_hmac_test_sum[14][32] =
{
/*
* HMAC-SHA-224 test vectors
@ -613,12 +613,12 @@ static const unsigned char sha2_hmac_test_sum[14][32] =
/*
* Checkup routine
*/
int sha2_self_test( int verbose )
int sha256_self_test( int verbose )
{
int i, j, k, buflen;
unsigned char buf[1024];
unsigned char sha2sum[32];
sha2_context ctx;
unsigned char sha256sum[32];
sha256_context ctx;
for( i = 0; i < 6; i++ )
{
@ -628,22 +628,22 @@ int sha2_self_test( int verbose )
if( verbose != 0 )
printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 );
sha2_starts( &ctx, k );
sha256_starts( &ctx, k );
if( j == 2 )
{
memset( buf, 'a', buflen = 1000 );
for( j = 0; j < 1000; j++ )
sha2_update( &ctx, buf, buflen );
sha256_update( &ctx, buf, buflen );
}
else
sha2_update( &ctx, sha2_test_buf[j],
sha2_test_buflen[j] );
sha256_update( &ctx, sha256_test_buf[j],
sha256_test_buflen[j] );
sha2_finish( &ctx, sha2sum );
sha256_finish( &ctx, sha256sum );
if( memcmp( sha2sum, sha2_test_sum[i], 32 - k * 4 ) != 0 )
if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
@ -669,20 +669,20 @@ int sha2_self_test( int verbose )
if( j == 5 || j == 6 )
{
memset( buf, '\xAA', buflen = 131 );
sha2_hmac_starts( &ctx, buf, buflen, k );
sha256_hmac_starts( &ctx, buf, buflen, k );
}
else
sha2_hmac_starts( &ctx, sha2_hmac_test_key[j],
sha2_hmac_test_keylen[j], k );
sha256_hmac_starts( &ctx, sha256_hmac_test_key[j],
sha256_hmac_test_keylen[j], k );
sha2_hmac_update( &ctx, sha2_hmac_test_buf[j],
sha2_hmac_test_buflen[j] );
sha256_hmac_update( &ctx, sha256_hmac_test_buf[j],
sha256_hmac_test_buflen[j] );
sha2_hmac_finish( &ctx, sha2sum );
sha256_hmac_finish( &ctx, sha256sum );
buflen = ( j == 4 ) ? 16 : 32 - k * 4;
if( memcmp( sha2sum, sha2_hmac_test_sum[i], buflen ) != 0 )
if( memcmp( sha256sum, sha256_hmac_test_sum[i], buflen ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );

148
library/sha4.c
View file

@ -30,7 +30,7 @@
#include "polarssl/config.h"
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
#include "polarssl/sha4.h"
@ -38,7 +38,7 @@
#include <stdio.h>
#endif
#if !defined(POLARSSL_SHA4_ALT)
#if !defined(POLARSSL_SHA512_ALT)
/*
* 64-bit integer manipulation macros (big endian)
@ -121,7 +121,7 @@ static const uint64_t K[80] =
/*
* SHA-512 context setup
*/
void sha4_starts( sha4_context *ctx, int is384 )
void sha512_starts( sha512_context *ctx, int is384 )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@ -154,7 +154,7 @@ void sha4_starts( sha4_context *ctx, int is384 )
ctx->is384 = is384;
}
void sha4_process( sha4_context *ctx, const unsigned char data[128] )
void sha512_process( sha512_context *ctx, const unsigned char data[128] )
{
int i;
uint64_t temp1, temp2, W[80];
@ -226,7 +226,7 @@ void sha4_process( sha4_context *ctx, const unsigned char data[128] )
/*
* SHA-512 process buffer
*/
void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen )
void sha512_update( sha512_context *ctx, const unsigned char *input, size_t ilen )
{
size_t fill;
unsigned int left;
@ -245,7 +245,7 @@ void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen )
if( left && ilen >= fill )
{
memcpy( (void *) (ctx->buffer + left), input, fill );
sha4_process( ctx, ctx->buffer );
sha512_process( ctx, ctx->buffer );
input += fill;
ilen -= fill;
left = 0;
@ -253,7 +253,7 @@ void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen )
while( ilen >= 128 )
{
sha4_process( ctx, input );
sha512_process( ctx, input );
input += 128;
ilen -= 128;
}
@ -262,7 +262,7 @@ void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen )
memcpy( (void *) (ctx->buffer + left), input, ilen );
}
static const unsigned char sha4_padding[128] =
static const unsigned char sha512_padding[128] =
{
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
@ -277,7 +277,7 @@ static const unsigned char sha4_padding[128] =
/*
* SHA-512 final digest
*/
void sha4_finish( sha4_context *ctx, unsigned char output[64] )
void sha512_finish( sha512_context *ctx, unsigned char output[64] )
{
size_t last, padn;
uint64_t high, low;
@ -293,8 +293,8 @@ void sha4_finish( sha4_context *ctx, unsigned char output[64] )
last = (size_t)( ctx->total[0] & 0x7F );
padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last );
sha4_update( ctx, sha4_padding, padn );
sha4_update( ctx, msglen, 16 );
sha512_update( ctx, sha512_padding, padn );
sha512_update( ctx, msglen, 16 );
PUT_UINT64_BE( ctx->state[0], output, 0 );
PUT_UINT64_BE( ctx->state[1], output, 8 );
@ -310,50 +310,50 @@ void sha4_finish( sha4_context *ctx, unsigned char output[64] )
}
}
#endif /* !POLARSSL_SHA4_ALT */
#endif /* !POLARSSL_SHA512_ALT */
/*
* output = SHA-512( input buffer )
*/
void sha4( const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 )
void sha512( const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 )
{
sha4_context ctx;
sha512_context ctx;
sha4_starts( &ctx, is384 );
sha4_update( &ctx, input, ilen );
sha4_finish( &ctx, output );
sha512_starts( &ctx, is384 );
sha512_update( &ctx, input, ilen );
sha512_finish( &ctx, output );
memset( &ctx, 0, sizeof( sha4_context ) );
memset( &ctx, 0, sizeof( sha512_context ) );
}
#if defined(POLARSSL_FS_IO)
/*
* output = SHA-512( file contents )
*/
int sha4_file( const char *path, unsigned char output[64], int is384 )
int sha512_file( const char *path, unsigned char output[64], int is384 )
{
FILE *f;
size_t n;
sha4_context ctx;
sha512_context ctx;
unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_SHA4_FILE_IO_ERROR );
return( POLARSSL_ERR_SHA512_FILE_IO_ERROR );
sha4_starts( &ctx, is384 );
sha512_starts( &ctx, is384 );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
sha4_update( &ctx, buf, n );
sha512_update( &ctx, buf, n );
sha4_finish( &ctx, output );
sha512_finish( &ctx, output );
memset( &ctx, 0, sizeof( sha4_context ) );
memset( &ctx, 0, sizeof( sha512_context ) );
if( ferror( f ) != 0 )
{
fclose( f );
return( POLARSSL_ERR_SHA4_FILE_IO_ERROR );
return( POLARSSL_ERR_SHA512_FILE_IO_ERROR );
}
fclose( f );
@ -364,15 +364,15 @@ int sha4_file( const char *path, unsigned char output[64], int is384 )
/*
* SHA-512 HMAC context setup
*/
void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keylen,
int is384 )
void sha512_hmac_starts( sha512_context *ctx, const unsigned char *key,
size_t keylen, int is384 )
{
size_t i;
unsigned char sum[64];
if( keylen > 128 )
{
sha4( key, keylen, sum, is384 );
sha512( key, keylen, sum, is384 );
keylen = ( is384 ) ? 48 : 64;
key = sum;
}
@ -386,8 +386,8 @@ void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keyle
ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
}
sha4_starts( ctx, is384 );
sha4_update( ctx, ctx->ipad, 128 );
sha512_starts( ctx, is384 );
sha512_update( ctx, ctx->ipad, 128 );
memset( sum, 0, sizeof( sum ) );
}
@ -395,16 +395,16 @@ void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keyle
/*
* SHA-512 HMAC process buffer
*/
void sha4_hmac_update( sha4_context *ctx,
const unsigned char *input, size_t ilen )
void sha512_hmac_update( sha512_context *ctx,
const unsigned char *input, size_t ilen )
{
sha4_update( ctx, input, ilen );
sha512_update( ctx, input, ilen );
}
/*
* SHA-512 HMAC final digest
*/
void sha4_hmac_finish( sha4_context *ctx, unsigned char output[64] )
void sha512_hmac_finish( sha512_context *ctx, unsigned char output[64] )
{
int is384, hlen;
unsigned char tmpbuf[64];
@ -412,11 +412,11 @@ void sha4_hmac_finish( sha4_context *ctx, unsigned char output[64] )
is384 = ctx->is384;
hlen = ( is384 == 0 ) ? 64 : 48;
sha4_finish( ctx, tmpbuf );
sha4_starts( ctx, is384 );
sha4_update( ctx, ctx->opad, 128 );
sha4_update( ctx, tmpbuf, hlen );
sha4_finish( ctx, output );
sha512_finish( ctx, tmpbuf );
sha512_starts( ctx, is384 );
sha512_update( ctx, ctx->opad, 128 );
sha512_update( ctx, tmpbuf, hlen );
sha512_finish( ctx, output );
memset( tmpbuf, 0, sizeof( tmpbuf ) );
}
@ -424,26 +424,26 @@ void sha4_hmac_finish( sha4_context *ctx, unsigned char output[64] )
/*
* SHA-512 HMAC context reset
*/
void sha4_hmac_reset( sha4_context *ctx )
void sha512_hmac_reset( sha512_context *ctx )
{
sha4_starts( ctx, ctx->is384 );
sha4_update( ctx, ctx->ipad, 128 );
sha512_starts( ctx, ctx->is384 );
sha512_update( ctx, ctx->ipad, 128 );
}
/*
* output = HMAC-SHA-512( hmac key, input buffer )
*/
void sha4_hmac( const unsigned char *key, size_t keylen,
void sha512_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 )
{
sha4_context ctx;
sha512_context ctx;
sha4_hmac_starts( &ctx, key, keylen, is384 );
sha4_hmac_update( &ctx, input, ilen );
sha4_hmac_finish( &ctx, output );
sha512_hmac_starts( &ctx, key, keylen, is384 );
sha512_hmac_update( &ctx, input, ilen );
sha512_hmac_finish( &ctx, output );
memset( &ctx, 0, sizeof( sha4_context ) );
memset( &ctx, 0, sizeof( sha512_context ) );
}
#if defined(POLARSSL_SELF_TEST)
@ -451,7 +451,7 @@ void sha4_hmac( const unsigned char *key, size_t keylen,
/*
* FIPS-180-2 test vectors
*/
static unsigned char sha4_test_buf[3][113] =
static unsigned char sha512_test_buf[3][113] =
{
{ "abc" },
{ "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
@ -459,12 +459,12 @@ static unsigned char sha4_test_buf[3][113] =
{ "" }
};
static const int sha4_test_buflen[3] =
static const int sha512_test_buflen[3] =
{
3, 112, 1000
};
static const unsigned char sha4_test_sum[6][64] =
static const unsigned char sha512_test_sum[6][64] =
{
/*
* SHA-384 test vectors
@ -520,7 +520,7 @@ static const unsigned char sha4_test_sum[6][64] =
/*
* RFC 4231 test vectors
*/
static unsigned char sha4_hmac_test_key[7][26] =
static unsigned char sha512_hmac_test_key[7][26] =
{
{ "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
"\x0B\x0B\x0B\x0B" },
@ -535,12 +535,12 @@ static unsigned char sha4_hmac_test_key[7][26] =
{ "" }
};
static const int sha4_hmac_test_keylen[7] =
static const int sha512_hmac_test_keylen[7] =
{
20, 4, 20, 25, 20, 131, 131
};
static unsigned char sha4_hmac_test_buf[7][153] =
static unsigned char sha512_hmac_test_buf[7][153] =
{
{ "Hi There" },
{ "what do ya want for nothing?" },
@ -561,12 +561,12 @@ static unsigned char sha4_hmac_test_buf[7][153] =
"be hashed before being used by the HMAC algorithm." }
};
static const int sha4_hmac_test_buflen[7] =
static const int sha512_hmac_test_buflen[7] =
{
8, 28, 50, 50, 20, 54, 152
};
static const unsigned char sha4_hmac_test_sum[14][64] =
static const unsigned char sha512_hmac_test_sum[14][64] =
{
/*
* HMAC-SHA-384 test vectors
@ -668,12 +668,12 @@ static const unsigned char sha4_hmac_test_sum[14][64] =
/*
* Checkup routine
*/
int sha4_self_test( int verbose )
int sha512_self_test( int verbose )
{
int i, j, k, buflen;
unsigned char buf[1024];
unsigned char sha4sum[64];
sha4_context ctx;
unsigned char sha512sum[64];
sha512_context ctx;
for( i = 0; i < 6; i++ )
{
@ -683,22 +683,22 @@ int sha4_self_test( int verbose )
if( verbose != 0 )
printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 );
sha4_starts( &ctx, k );
sha512_starts( &ctx, k );
if( j == 2 )
{
memset( buf, 'a', buflen = 1000 );
for( j = 0; j < 1000; j++ )
sha4_update( &ctx, buf, buflen );
sha512_update( &ctx, buf, buflen );
}
else
sha4_update( &ctx, sha4_test_buf[j],
sha4_test_buflen[j] );
sha512_update( &ctx, sha512_test_buf[j],
sha512_test_buflen[j] );
sha4_finish( &ctx, sha4sum );
sha512_finish( &ctx, sha512sum );
if( memcmp( sha4sum, sha4_test_sum[i], 64 - k * 16 ) != 0 )
if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
@ -724,20 +724,20 @@ int sha4_self_test( int verbose )
if( j == 5 || j == 6 )
{
memset( buf, '\xAA', buflen = 131 );
sha4_hmac_starts( &ctx, buf, buflen, k );
sha512_hmac_starts( &ctx, buf, buflen, k );
}
else
sha4_hmac_starts( &ctx, sha4_hmac_test_key[j],
sha4_hmac_test_keylen[j], k );
sha512_hmac_starts( &ctx, sha512_hmac_test_key[j],
sha512_hmac_test_keylen[j], k );
sha4_hmac_update( &ctx, sha4_hmac_test_buf[j],
sha4_hmac_test_buflen[j] );
sha512_hmac_update( &ctx, sha512_hmac_test_buf[j],
sha512_hmac_test_buflen[j] );
sha4_hmac_finish( &ctx, sha4sum );
sha512_hmac_finish( &ctx, sha512sum );
buflen = ( j == 4 ) ? 16 : 64 - k * 16;
if( memcmp( sha4sum, sha4_hmac_test_sum[i], buflen ) != 0 )
if( memcmp( sha512sum, sha512_hmac_test_sum[i], buflen ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );

88
library/ssl_ciphersuites.c
View file

@ -161,7 +161,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
POLARSSL_CIPHERSUITE_EC },
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
{ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
@ -174,8 +174,8 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
POLARSSL_CIPHERSUITE_EC },
#endif /* POLARSSL_GCM_C */
#endif /* POLARSSL_SHA2_C */
#if defined(POLARSSL_SHA4_C)
#endif /* POLARSSL_SHA256_C */
#if defined(POLARSSL_SHA512_C)
{ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
@ -188,24 +188,24 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
POLARSSL_CIPHERSUITE_EC },
#endif /* POLARSSL_GCM_C */
#endif /* POLARSSL_SHA4_C */
#endif /* POLARSSL_SHA512_C */
#endif /* POLARSSL_AES_C */
#if defined(POLARSSL_CAMELLIA_C)
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
{ TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
POLARSSL_CIPHERSUITE_EC },
#endif /* POLARSSL_SHA2_C */
#if defined(POLARSSL_SHA4_C)
#endif /* POLARSSL_SHA256_C */
#if defined(POLARSSL_SHA512_C)
{ TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
POLARSSL_CIPHERSUITE_EC },
#endif /* POLARSSL_SHA4_C */
#endif /* POLARSSL_SHA512_C */
#endif /* POLARSSL_CAMELLIA_C */
#if defined(POLARSSL_DES_C)
@ -235,15 +235,15 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
#if defined(POLARSSL_AES_C)
#if defined(POLARSSL_SHA4_C) && defined(POLARSSL_GCM_C)
#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
{ TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA4_C && POLARSSL_GCM_C */
#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
#if defined(POLARSSL_GCM_C)
{ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
@ -263,7 +263,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA2_C */
#endif /* POLARSSL_SHA256_C */
{ TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
@ -279,7 +279,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
#endif /* POLARSSL_AES_C */
#if defined(POLARSSL_CAMELLIA_C)
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
{ TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
@ -291,7 +291,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA2_C */
#endif /* POLARSSL_SHA256_C */
{ TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
@ -317,15 +317,15 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
#if defined(POLARSSL_AES_C)
#if defined(POLARSSL_SHA4_C) && defined(POLARSSL_GCM_C)
#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
{ TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA4_C && POLARSSL_GCM_C */
#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
#if defined(POLARSSL_GCM_C)
{ TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
@ -345,7 +345,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA2_C */
#endif /* POLARSSL_SHA256_C */
{ TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
@ -361,7 +361,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
#endif /* POLARSSL_AES_C */
#if defined(POLARSSL_CAMELLIA_C)
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
{ TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
@ -373,7 +373,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA2_C */
#endif /* POLARSSL_SHA256_C */
{ TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
@ -414,38 +414,38 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
#if defined(POLARSSL_AES_C)
#if defined(POLARSSL_GCM_C)
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
{ TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA2_C */
#endif /* POLARSSL_SHA256_C */
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
{ TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA4_C */
#endif /* POLARSSL_SHA512_C */
#endif /* POLARSSL_GCM_C */
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
{ TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA2_C */
#endif /* POLARSSL_SHA256_C */
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
{ TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA4_C */
#endif /* POLARSSL_SHA512_C */
{ TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
@ -480,38 +480,38 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
#if defined(POLARSSL_AES_C)
#if defined(POLARSSL_GCM_C)
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
{ TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA2_C */
#endif /* POLARSSL_SHA256_C */
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
{ TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA4_C */
#endif /* POLARSSL_SHA512_C */
#endif /* POLARSSL_GCM_C */
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
{ TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA2_C */
#endif /* POLARSSL_SHA256_C */
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
{ TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA4_C */
#endif /* POLARSSL_SHA512_C */
{ TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
@ -546,38 +546,38 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
#if defined(POLARSSL_AES_C)
#if defined(POLARSSL_GCM_C)
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
{ TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA2_C */
#endif /* POLARSSL_SHA256_C */
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
{ TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA4_C */
#endif /* POLARSSL_SHA512_C */
#endif /* POLARSSL_GCM_C */
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
{ TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA2_C */
#endif /* POLARSSL_SHA256_C */
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
{ TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_SHA4_C */
#endif /* POLARSSL_SHA512_C */
{ TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,

8
library/ssl_cli.c
View file

@ -130,13 +130,13 @@ static void ssl_write_signature_algorithms_ext( ssl_context *ssl,
/*
* Prepare signature_algorithms extension (TLS 1.2)
*/
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA512;
sig_alg_list[sig_alg_len++] = SSL_SIG_RSA;
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA384;
sig_alg_list[sig_alg_len++] = SSL_SIG_RSA;
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA256;
sig_alg_list[sig_alg_len++] = SSL_SIG_RSA;
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA224;
@ -892,7 +892,7 @@ static int ssl_parse_signature_algorithm( ssl_context *ssl,
*md_alg = POLARSSL_MD_SHA1;
break;
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
case SSL_HASH_SHA224:
*md_alg = POLARSSL_MD_SHA224;
break;
@ -900,7 +900,7 @@ static int ssl_parse_signature_algorithm( ssl_context *ssl,
*md_alg = POLARSSL_MD_SHA256;
break;
#endif
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
case SSL_HASH_SHA384:
*md_alg = POLARSSL_MD_SHA384;
break;

8
library/ssl_srv.c
View file

@ -149,7 +149,7 @@ static int ssl_parse_signature_algorithms_ext( ssl_context *ssl,
p += 2;
continue;
}
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
if( p[0] == SSL_HASH_SHA512 )
{
ssl->handshake->sig_alg = SSL_HASH_SHA512;
@ -161,7 +161,7 @@ static int ssl_parse_signature_algorithms_ext( ssl_context *ssl,
break;
}
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
if( p[0] == SSL_HASH_SHA256 )
{
ssl->handshake->sig_alg = SSL_HASH_SHA256;
@ -1380,7 +1380,7 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
md_alg = POLARSSL_MD_SHA1;
break;
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
case SSL_HASH_SHA224:
md_alg = POLARSSL_MD_SHA224;
break;
@ -1388,7 +1388,7 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
md_alg = POLARSSL_MD_SHA256;
break;
#endif
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
case SSL_HASH_SHA384:
md_alg = POLARSSL_MD_SHA384;
break;

82
library/ssl_tls.c
View file

@ -223,12 +223,12 @@ static int tls_prf_sha256( const unsigned char *secret, size_t slen,
/*
* Compute P_<hash>(secret, label + random)[0..dlen]
*/
sha2_hmac( secret, slen, tmp + 32, nb, tmp, 0 );
sha256_hmac( secret, slen, tmp + 32, nb, tmp, 0 );
for( i = 0; i < dlen; i += 32 )
{
sha2_hmac( secret, slen, tmp, 32 + nb, h_i, 0 );
sha2_hmac( secret, slen, tmp, 32, tmp, 0 );
sha256_hmac( secret, slen, tmp, 32 + nb, h_i, 0 );
sha256_hmac( secret, slen, tmp, 32, tmp, 0 );
k = ( i + 32 > dlen ) ? dlen % 32 : 32;
@ -242,7 +242,7 @@ static int tls_prf_sha256( const unsigned char *secret, size_t slen,
return( 0 );
}
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
static int tls_prf_sha384( const unsigned char *secret, size_t slen,
const char *label,
const unsigned char *random, size_t rlen,
@ -264,12 +264,12 @@ static int tls_prf_sha384( const unsigned char *secret, size_t slen,
/*
* Compute P_<hash>(secret, label + random)[0..dlen]
*/
sha4_hmac( secret, slen, tmp + 48, nb, tmp, 1 );
sha512_hmac( secret, slen, tmp + 48, nb, tmp, 1 );
for( i = 0; i < dlen; i += 48 )
{
sha4_hmac( secret, slen, tmp, 48 + nb, h_i, 1 );
sha4_hmac( secret, slen, tmp, 48, tmp, 1 );
sha512_hmac( secret, slen, tmp, 48 + nb, h_i, 1 );
sha512_hmac( secret, slen, tmp, 48, tmp, 1 );
k = ( i + 48 > dlen ) ? dlen % 48 : 48;
@ -296,7 +296,7 @@ static void ssl_calc_finished_ssl(ssl_context *,unsigned char *,int);
static void ssl_calc_finished_tls(ssl_context *,unsigned char *,int);
static void ssl_calc_finished_tls_sha256(ssl_context *,unsigned char *,int);
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
static void ssl_update_checksum_sha384(ssl_context *, const unsigned char *, size_t);
static void ssl_calc_verify_tls_sha384(ssl_context *,unsigned char *);
static void ssl_calc_finished_tls_sha384(ssl_context *,unsigned char *,int);
@ -351,7 +351,7 @@ int ssl_derive_keys( ssl_context *ssl )
handshake->calc_verify = ssl_calc_verify_tls;
handshake->calc_finished = ssl_calc_finished_tls;
}
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
else if( transform->ciphersuite_info->mac ==
POLARSSL_MD_SHA384 )
{
@ -681,12 +681,12 @@ void ssl_calc_verify_tls( ssl_context *ssl, unsigned char hash[36] )
void ssl_calc_verify_tls_sha256( ssl_context *ssl, unsigned char hash[32] )
{
sha2_context sha2;
sha256_context sha256;
SSL_DEBUG_MSG( 2, ( "=> calc verify sha256" ) );
memcpy( &sha2, &ssl->handshake->fin_sha2, sizeof(sha2_context) );
sha2_finish( &sha2, hash );
memcpy( &sha256, &ssl->handshake->fin_sha256, sizeof(sha256_context) );
sha256_finish( &sha256, hash );
SSL_DEBUG_BUF( 3, "calculated verify result", hash, 32 );
SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
@ -694,15 +694,15 @@ void ssl_calc_verify_tls_sha256( ssl_context *ssl, unsigned char hash[32] )
return;
}
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
void ssl_calc_verify_tls_sha384( ssl_context *ssl, unsigned char hash[48] )
{
sha4_context sha4;
sha512_context sha512;
SSL_DEBUG_MSG( 2, ( "=> calc verify sha384" ) );
memcpy( &sha4, &ssl->handshake->fin_sha4, sizeof(sha4_context) );
sha4_finish( &sha4, hash );
memcpy( &sha512, &ssl->handshake->fin_sha512, sizeof(sha512_context) );
sha512_finish( &sha512, hash );
SSL_DEBUG_BUF( 3, "calculated verify result", hash, 48 );
SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
@ -2217,13 +2217,13 @@ int ssl_parse_change_cipher_spec( ssl_context *ssl )
void ssl_optimize_checksum( ssl_context *ssl,
const ssl_ciphersuite_t *ciphersuite_info )
{
#if !defined(POLARSSL_SHA4_C)
#if !defined(POLARSSL_SHA512_C)
((void) ciphersuite);
#endif
if( ssl->minor_ver < SSL_MINOR_VERSION_3 )
ssl->handshake->update_checksum = ssl_update_checksum_md5sha1;
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
else if( ciphersuite_info->mac == POLARSSL_MD_SHA384 )
{
ssl->handshake->update_checksum = ssl_update_checksum_sha384;
@ -2238,9 +2238,9 @@ static void ssl_update_checksum_start( ssl_context *ssl,
{
md5_update( &ssl->handshake->fin_md5 , buf, len );
sha1_update( &ssl->handshake->fin_sha1, buf, len );
sha2_update( &ssl->handshake->fin_sha2, buf, len );
#if defined(POLARSSL_SHA4_C)
sha4_update( &ssl->handshake->fin_sha4, buf, len );
sha256_update( &ssl->handshake->fin_sha256, buf, len );
#if defined(POLARSSL_SHA512_C)
sha512_update( &ssl->handshake->fin_sha512, buf, len );
#endif
}
@ -2254,14 +2254,14 @@ static void ssl_update_checksum_md5sha1( ssl_context *ssl,
static void ssl_update_checksum_sha256( ssl_context *ssl,
const unsigned char *buf, size_t len )
{
sha2_update( &ssl->handshake->fin_sha2, buf, len );
sha256_update( &ssl->handshake->fin_sha256, buf, len );
}
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
static void ssl_update_checksum_sha384( ssl_context *ssl,
const unsigned char *buf, size_t len )
{
sha4_update( &ssl->handshake->fin_sha4, buf, len );
sha512_update( &ssl->handshake->fin_sha512, buf, len );
}
#endif
@ -2404,7 +2404,7 @@ static void ssl_calc_finished_tls_sha256(
{
int len = 12;
const char *sender;
sha2_context sha2;
sha256_context sha256;
unsigned char padbuf[32];
ssl_session *session = ssl->session_negotiate;
@ -2413,7 +2413,7 @@ static void ssl_calc_finished_tls_sha256(
SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha256" ) );
memcpy( &sha2, &ssl->handshake->fin_sha2, sizeof(sha2_context) );
memcpy( &sha256, &ssl->handshake->fin_sha256, sizeof(sha256_context) );
/*
* TLSv1.2:
@ -2421,36 +2421,36 @@ static void ssl_calc_finished_tls_sha256(
* Hash( handshake ) )[0.11]
*/
#if !defined(POLARSSL_SHA2_ALT)
#if !defined(POLARSSL_SHA256_ALT)
SSL_DEBUG_BUF( 4, "finished sha2 state", (unsigned char *)
sha2.state, sizeof( sha2.state ) );
sha256.state, sizeof( sha256.state ) );
#endif
sender = ( from == SSL_IS_CLIENT )
? "client finished"
: "server finished";
sha2_finish( &sha2, padbuf );
sha256_finish( &sha256, padbuf );
ssl->handshake->tls_prf( session->master, 48, sender,
padbuf, 32, buf, len );
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
memset( &sha2, 0, sizeof( sha2_context ) );
memset( &sha256, 0, sizeof( sha256_context ) );
memset( padbuf, 0, sizeof( padbuf ) );
SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
}
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
static void ssl_calc_finished_tls_sha384(
ssl_context *ssl, unsigned char *buf, int from )
{
int len = 12;
const char *sender;
sha4_context sha4;
sha512_context sha512;
unsigned char padbuf[48];
ssl_session *session = ssl->session_negotiate;
@ -2459,7 +2459,7 @@ static void ssl_calc_finished_tls_sha384(
SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha384" ) );
memcpy( &sha4, &ssl->handshake->fin_sha4, sizeof(sha4_context) );
memcpy( &sha512, &ssl->handshake->fin_sha512, sizeof(sha512_context) );
/*
* TLSv1.2:
@ -2467,23 +2467,23 @@ static void ssl_calc_finished_tls_sha384(
* Hash( handshake ) )[0.11]
*/
#if !defined(POLARSSL_SHA4_ALT)
SSL_DEBUG_BUF( 4, "finished sha4 state", (unsigned char *)
sha4.state, sizeof( sha4.state ) );
#if !defined(POLARSSL_SHA512_ALT)
SSL_DEBUG_BUF( 4, "finished sha512 state", (unsigned char *)
sha512.state, sizeof( sha512.state ) );
#endif
sender = ( from == SSL_IS_CLIENT )
? "client finished"
: "server finished";
sha4_finish( &sha4, padbuf );
sha512_finish( &sha512, padbuf );
ssl->handshake->tls_prf( session->master, 48, sender,
padbuf, 48, buf, len );
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
memset( &sha4, 0, sizeof( sha4_context ) );
memset( &sha512, 0, sizeof( sha512_context ) );
memset( padbuf, 0, sizeof( padbuf ) );
@ -2724,9 +2724,9 @@ static int ssl_handshake_init( ssl_context *ssl )
md5_starts( &ssl->handshake->fin_md5 );
sha1_starts( &ssl->handshake->fin_sha1 );
sha2_starts( &ssl->handshake->fin_sha2, 0 );
#if defined(POLARSSL_SHA4_C)
sha4_starts( &ssl->handshake->fin_sha4, 1 );
sha256_starts( &ssl->handshake->fin_sha256, 0 );
#if defined(POLARSSL_SHA512_C)
sha512_starts( &ssl->handshake->fin_sha512, 1 );
#endif
ssl->handshake->update_checksum = ssl_update_checksum_start;

4
library/x509parse.c
View file

@ -55,10 +55,10 @@
#if defined(POLARSSL_SHA1_C)
#include "polarssl/sha1.h"
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
#include "polarssl/sha2.h"
#endif
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
#include "polarssl/sha4.h"
#endif
#include "polarssl/dhm.h"