Add int return values to SHA-256 function calls
The following function calls are being deprecated to introduce int
return values.
* mbedtls_sha256()
* mbedtls_sha256_starts()
* mbedtls_sha256_update()
* mbedtls_sha256_finish()
* mbedtls_sha256_process()
The return codes can be used to return error values. This is important
when using hardware accelerators.
diff --git a/library/sha256.c b/library/sha256.c
index ad25d38..337b8e6 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -100,7 +100,7 @@
/*
* SHA-256 context setup
*/
-void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
+int mbedtls_sha256_starts_ext( mbedtls_sha256_context *ctx, int is224 )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@@ -131,6 +131,8 @@
}
ctx->is224 = is224;
+
+ return( 0 );
}
#if !defined(MBEDTLS_SHA256_PROCESS_ALT)
@@ -179,7 +181,8 @@
d += temp1; h = temp1 + temp2; \
}
-void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] )
+int mbedtls_sha256_process_ext( mbedtls_sha256_context *ctx,
+ const unsigned char data[64] )
{
uint32_t temp1, temp2, W[64];
uint32_t A[8];
@@ -232,20 +235,24 @@
for( i = 0; i < 8; i++ )
ctx->state[i] += A[i];
+
+ return( 0 );
}
#endif /* !MBEDTLS_SHA256_PROCESS_ALT */
/*
* SHA-256 process buffer
*/
-void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *input,
- size_t ilen )
+int mbedtls_sha256_update_ext( mbedtls_sha256_context *ctx,
+ const unsigned char *input,
+ size_t ilen )
{
+ int ret;
size_t fill;
uint32_t left;
if( ilen == 0 )
- return;
+ return( 0 );
left = ctx->total[0] & 0x3F;
fill = 64 - left;
@@ -259,7 +266,10 @@
if( left && ilen >= fill )
{
memcpy( (void *) (ctx->buffer + left), input, fill );
- mbedtls_sha256_process( ctx, ctx->buffer );
+
+ if( ( ret = mbedtls_sha256_process_ext( ctx, ctx->buffer ) ) != 0 )
+ return( ret );
+
input += fill;
ilen -= fill;
left = 0;
@@ -267,13 +277,17 @@
while( ilen >= 64 )
{
- mbedtls_sha256_process( ctx, input );
+ if( ( ret = mbedtls_sha256_process_ext( ctx, input ) ) != 0 )
+ return( ret );
+
input += 64;
ilen -= 64;
}
if( ilen > 0 )
memcpy( (void *) (ctx->buffer + left), input, ilen );
+
+ return( 0 );
}
static const unsigned char sha256_padding[64] =
@@ -287,8 +301,10 @@
/*
* SHA-256 final digest
*/
-void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32] )
+int mbedtls_sha256_finish_ext( mbedtls_sha256_context *ctx,
+ unsigned char output[32] )
{
+ int ret;
uint32_t last, padn;
uint32_t high, low;
unsigned char msglen[8];
@@ -303,8 +319,11 @@
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
- mbedtls_sha256_update( ctx, sha256_padding, padn );
- mbedtls_sha256_update( ctx, msglen, 8 );
+ if( ( ret = mbedtls_sha256_update_ext( ctx, sha256_padding, padn ) ) != 0 )
+ return( ret );
+
+ if( ( ret = mbedtls_sha256_update_ext( ctx, msglen, 8 ) ) != 0 )
+ return( ret );
PUT_UINT32_BE( ctx->state[0], output, 0 );
PUT_UINT32_BE( ctx->state[1], output, 4 );
@@ -316,6 +335,8 @@
if( ctx->is224 == 0 )
PUT_UINT32_BE( ctx->state[7], output, 28 );
+
+ return( 0 );
}
#endif /* !MBEDTLS_SHA256_ALT */
@@ -323,16 +344,28 @@
/*
* output = SHA-256( input buffer )
*/
-void mbedtls_sha256( const unsigned char *input, size_t ilen,
- unsigned char output[32], int is224 )
+int mbedtls_sha256_ext( const unsigned char *input,
+ size_t ilen,
+ unsigned char output[32],
+ int is224 )
{
+ int ret;
mbedtls_sha256_context ctx;
mbedtls_sha256_init( &ctx );
- mbedtls_sha256_starts( &ctx, is224 );
- mbedtls_sha256_update( &ctx, input, ilen );
- mbedtls_sha256_finish( &ctx, output );
+
+ if( ( ret = mbedtls_sha256_starts_ext( &ctx, is224 ) ) != 0 )
+ return( ret );
+
+ if( ( ret = mbedtls_sha256_update_ext( &ctx, input, ilen ) ) != 0 )
+ return( ret );
+
+ if( ( ret = mbedtls_sha256_finish_ext( &ctx, output ) ) != 0 )
+ return( ret );
+
mbedtls_sha256_free( &ctx );
+
+ return( 0 );
}
#if defined(MBEDTLS_SELF_TEST)
@@ -415,29 +448,31 @@
if( verbose != 0 )
mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 );
- mbedtls_sha256_starts( &ctx, k );
+ if( mbedtls_sha256_starts_ext( &ctx, k ) != 0 )
+ goto fail;
if( j == 2 )
{
memset( buf, 'a', buflen = 1000 );
for( j = 0; j < 1000; j++ )
- mbedtls_sha256_update( &ctx, buf, buflen );
+ if( mbedtls_sha256_update_ext( &ctx, buf, buflen ) != 0 )
+ goto fail;
+
}
else
- mbedtls_sha256_update( &ctx, sha256_test_buf[j],
- sha256_test_buflen[j] );
+ {
+ if( mbedtls_sha256_update_ext( &ctx, sha256_test_buf[j],
+ sha256_test_buflen[j] ) != 0 )
+ goto fail;
+ }
- mbedtls_sha256_finish( &ctx, sha256sum );
+ if( mbedtls_sha256_finish_ext( &ctx, sha256sum ) != 0 )
+ goto fail;
+
if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 )
- {
- if( verbose != 0 )
- mbedtls_printf( "failed\n" );
-
- ret = 1;
- goto exit;
- }
+ goto fail;
if( verbose != 0 )
mbedtls_printf( "passed\n" );
@@ -446,6 +481,14 @@
if( verbose != 0 )
mbedtls_printf( "\n" );
+ goto exit;
+
+fail:
+ if( verbose != 0 )
+ mbedtls_printf( "failed\n" );
+
+ ret = 1;
+
exit:
mbedtls_sha256_free( &ctx );
mbedtls_free( buf );