Merge remote-tracking branch 'origin/pr/654' into baremetal
diff --git a/configs/baremetal.h b/configs/baremetal.h
index bdd86bf..4a67c98 100644
--- a/configs/baremetal.h
+++ b/configs/baremetal.h
@@ -52,6 +52,8 @@
#define MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_MD_ID MBEDTLS_MD_SHA256
#define MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_TLS_ID MBEDTLS_SSL_HASH_SHA256
+#define MBEDTLS_MD_SINGLE_HASH MBEDTLS_MD_INFO_SHA256
+
/* Key exchanges */
#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 6807ff3..96340e8 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -786,6 +786,73 @@
#define MBEDTLS_THREADING_IMPL
#endif
+/* Ensure that precisely one hash is enabled. */
+#if defined(MBEDTLS_MD_SINGLE_HASH)
+
+#if defined(MBEDTLS_SHA256_C)
+#define MBEDTLS_SHA256_ENABLED 1
+#else
+#define MBEDTLS_SHA256_ENABLED 0
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA256_NO_SHA224)
+#define MBEDTLS_SHA224_ENABLED 1
+#else
+#define MBEDTLS_SHA224_ENABLED 0
+#endif /* MBEDTLS_SHA256_C && !MBEDTLS_SHA256_NO_SHA224 */
+
+#if defined(MBEDTLS_SHA512_C)
+#define MBEDTLS_SHA512_ENABLED 2
+#else
+#define MBEDTLS_SHA512_ENABLED 0
+#endif /* MBEDTLS_SHA512_C */
+
+#if defined(MBEDTLS_SHA1_C)
+#define MBEDTLS_SHA1_ENABLED 1
+#else
+#define MBEDTLS_SHA1_ENABLED 0
+#endif /* MBEDTLS_SHA1_C */
+
+#if defined(MBEDTLS_MD2_C)
+#define MBEDTLS_MD2_ENABLED 1
+#else
+#define MBEDTLS_MD2_ENABLED 0
+#endif /* MBEDTLS_MD2_C */
+
+#if defined(MBEDTLS_MD4_C)
+#define MBEDTLS_MD4_ENABLED 1
+#else
+#define MBEDTLS_MD4_ENABLED 0
+#endif /* MBEDTLS_MD4_C */
+
+#if defined(MBEDTLS_MD5_C)
+#define MBEDTLS_MD5_ENABLED 1
+#else
+#define MBEDTLS_MD5_ENABLED 0
+#endif /* MBEDTLS_MD5_C */
+
+#if defined(MBEDTLS_RIPEMD160_C)
+#define MBEDTLS_RIPEMD160_ENABLED 1
+#else
+#define MBEDTLS_RIPEMD160_ENABLED 0
+#endif /* MBEDTLS_RIPEMD160_C */
+
+#define MBEDTLS_HASHES_ENABLED \
+ ( MBEDTLS_MD2_ENABLED + \
+ MBEDTLS_MD4_ENABLED + \
+ MBEDTLS_MD5_ENABLED + \
+ MBEDTLS_RIPEMD160_ENABLED + \
+ MBEDTLS_SHA1_ENABLED + \
+ MBEDTLS_SHA256_ENABLED + \
+ MBEDTLS_SHA512_ENABLED )
+
+#if MBEDTLS_HASHES_ENABLED != 1
+#error "MBEDTLS_MD_SINGLE_HASH must be used with precisely one hash algorithm enabled."
+#endif
+
+#undef MBEDTLS_HASHES_ENABLED
+#endif /* MBEDTLS_MD_SINGLE_HASH */
+
#if defined(MBEDTLS_THREADING_ALT)
#if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL)
#error "MBEDTLS_THREADING_ALT defined, but not all prerequisites"
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 040dcd6..f2daf32 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -3826,6 +3826,20 @@
//#define MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_MD_ID
//#define MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_TLS_ID
+/* Set this to MBEDTLS_MD_INFO_{DIGEST} support of a single message
+ * digest at compile-time, at the benefit of code-size.
+ *
+ * On highly constrained systems with large control over the configuration of
+ * the connection endpoints, this option can be used to hardcode support for
+ * a single hash algorithm.
+ *
+ * You need to make sure that the corresponding digest algorithm attributes
+ * are defined through macros in md.c. See the definitions
+ * MBEDTLS_MD_INFO_SHA256_XXX for example.
+ *
+ */
+//#define MBEDTLS_MD_SINGLE_HASH MBEDTLS_MD_INFO_SHA256
+
/* \} SECTION: Compile-time SSL configuration */
/* Target and application specific configurations
diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h
index 3d8d02a..00e752b 100644
--- a/include/mbedtls/ecjpake.h
+++ b/include/mbedtls/ecjpake.h
@@ -75,7 +75,7 @@
*/
typedef struct mbedtls_ecjpake_context
{
- const mbedtls_md_info_t *md_info; /**< Hash to use */
+ mbedtls_md_handle_t md_info; /**< Hash to use */
mbedtls_ecp_group grp; /**< Elliptic curve */
mbedtls_ecjpake_role role; /**< Are we client or server? */
int point_format; /**< Format for point export */
diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h
index 40ee64e..ebf5e12 100644
--- a/include/mbedtls/hkdf.h
+++ b/include/mbedtls/hkdf.h
@@ -70,7 +70,7 @@
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer.
*/
-int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
+int mbedtls_hkdf( mbedtls_md_handle_t md, const unsigned char *salt,
size_t salt_len, const unsigned char *ikm, size_t ikm_len,
const unsigned char *info, size_t info_len,
unsigned char *okm, size_t okm_len );
@@ -99,7 +99,7 @@
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer.
*/
-int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
+int mbedtls_hkdf_extract( mbedtls_md_handle_t md,
const unsigned char *salt, size_t salt_len,
const unsigned char *ikm, size_t ikm_len,
unsigned char *prk );
@@ -130,7 +130,7 @@
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer.
*/
-int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk,
+int mbedtls_hkdf_expand( mbedtls_md_handle_t md, const unsigned char *prk,
size_t prk_len, const unsigned char *info,
size_t info_len, unsigned char *okm, size_t okm_len );
diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h
index f1289cb..ed03854 100644
--- a/include/mbedtls/hmac_drbg.h
+++ b/include/mbedtls/hmac_drbg.h
@@ -138,7 +138,7 @@
* MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED.
*/
int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
- const mbedtls_md_info_t * md_info,
+ mbedtls_md_handle_t md_info,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
const unsigned char *custom,
@@ -158,7 +158,7 @@
* MBEDTLS_ERR_MD_ALLOC_FAILED.
*/
int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
- const mbedtls_md_info_t * md_info,
+ mbedtls_md_handle_t md_info,
const unsigned char *data, size_t data_len );
/**
diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h
index 69ab21f..3b847b4 100644
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@@ -35,6 +35,11 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+ !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */
#define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */
#define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */
@@ -80,26 +85,72 @@
#define MBEDTLS_MD_MAX_BLOCK_SIZE 64
#endif
+#if !defined(MBEDTLS_MD_SINGLE_HASH)
+
+#define MBEDTLS_MD_INLINABLE_API
+
/**
- * Opaque struct defined in md_internal.h.
+ * Opaque struct defined in md.c.
*/
typedef struct mbedtls_md_info_t mbedtls_md_info_t;
+
+typedef struct mbedtls_md_info_t const * mbedtls_md_handle_t;
+#define MBEDTLS_MD_INVALID_HANDLE ( (mbedtls_md_handle_t) NULL )
+
+#else /* !MBEDTLS_MD_SINGLE_HASH */
+
+#define MBEDTLS_MD_INLINABLE_API MBEDTLS_ALWAYS_INLINE static inline
+
+typedef int mbedtls_md_handle_t;
+#define MBEDTLS_MD_INVALID_HANDLE ( (mbedtls_md_handle_t) 0 )
+#define MBEDTLS_MD_UNIQUE_VALID_HANDLE ( (mbedtls_md_handle_t) 1 )
+
+#endif /* !MBEDTLS_MD_SINGLE_HASH */
+
+#include "md_internal.h"
+
/**
* The generic message-digest context.
*/
typedef struct mbedtls_md_context_t
{
+#if !defined(MBEDTLS_MD_SINGLE_HASH)
/** Information about the associated message digest. */
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
+#endif
+#if !defined(MBEDTLS_MD_SINGLE_HASH)
/** The digest-specific context. */
void *md_ctx;
/** The HMAC part of the context. */
void *hmac_ctx;
+#else
+ unsigned char md_ctx[ sizeof( MBEDTLS_MD_INFO_CTX_TYPE(
+ MBEDTLS_MD_SINGLE_HASH ) ) ];
+
+ unsigned char hmac_ctx[ 2 * MBEDTLS_MD_INFO_BLOCKSIZE(
+ MBEDTLS_MD_SINGLE_HASH ) ];
+
+#endif /* MBEDTLS_MD_SINGLE_HASH */
} mbedtls_md_context_t;
+#if !defined(MBEDTLS_MD_SINGLE_HASH)
+static inline mbedtls_md_handle_t mbedtls_md_get_handle(
+ struct mbedtls_md_context_t const *ctx )
+{
+ return( ctx->md_info );
+}
+#else /* !MBEDTLS_MD_SINGLE_HASH */
+static inline mbedtls_md_handle_t mbedtls_md_get_handle(
+ struct mbedtls_md_context_t const *ctx )
+{
+ ((void) ctx);
+ return( MBEDTLS_MD_UNIQUE_VALID_HANDLE );
+}
+#endif /* !MBEDTLS_MD_SINGLE_HASH */
+
/**
* \brief This function returns the list of digests supported by the
* generic digest module.
@@ -120,7 +171,7 @@
* \return The message-digest information associated with \p md_name.
* \return NULL if the associated message-digest information is not found.
*/
-const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name );
+mbedtls_md_handle_t mbedtls_md_info_from_string( const char *md_name );
/**
* \brief This function returns the message-digest information
@@ -131,7 +182,7 @@
* \return The message-digest information associated with \p md_type.
* \return NULL if the associated message-digest information is not found.
*/
-const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type );
+mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type );
/**
* \brief This function initializes a message-digest context without
@@ -182,7 +233,7 @@
* failure.
* \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure.
*/
-int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED;
+int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info ) MBEDTLS_DEPRECATED;
#undef MBEDTLS_DEPRECATED
#endif /* MBEDTLS_DEPRECATED_REMOVED */
@@ -205,7 +256,9 @@
* failure.
* \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure.
*/
-int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac );
+MBEDTLS_MD_INLINABLE_API int mbedtls_md_setup( mbedtls_md_context_t *ctx,
+ mbedtls_md_handle_t md_info,
+ int hmac );
/**
* \brief This function clones the state of an message-digest
@@ -238,7 +291,7 @@
*
* \return The size of the message-digest output in Bytes.
*/
-unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info );
+unsigned char mbedtls_md_get_size( mbedtls_md_handle_t md_info );
/**
* \brief This function extracts the message-digest type from the
@@ -249,7 +302,7 @@
*
* \return The type of the message digest.
*/
-mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info );
+mbedtls_md_type_t mbedtls_md_get_type( mbedtls_md_handle_t md_info );
/**
* \brief This function extracts the message-digest name from the
@@ -260,7 +313,7 @@
*
* \return The name of the message digest.
*/
-const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info );
+const char *mbedtls_md_get_name( mbedtls_md_handle_t md_info );
/**
* \brief This function starts a message-digest computation.
@@ -275,7 +328,7 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
-int mbedtls_md_starts( mbedtls_md_context_t *ctx );
+MBEDTLS_MD_INLINABLE_API int mbedtls_md_starts( mbedtls_md_context_t *ctx );
/**
* \brief This function feeds an input buffer into an ongoing
@@ -293,7 +346,9 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
-int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen );
+MBEDTLS_MD_INLINABLE_API int mbedtls_md_update( mbedtls_md_context_t *ctx,
+ const unsigned char *input,
+ size_t ilen );
/**
* \brief This function finishes the digest operation,
@@ -313,7 +368,8 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
-int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output );
+MBEDTLS_MD_INLINABLE_API int mbedtls_md_finish( mbedtls_md_context_t *ctx,
+ unsigned char *output );
/**
* \brief This function calculates the message-digest of a buffer,
@@ -333,8 +389,11 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
-int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
- unsigned char *output );
+MBEDTLS_MD_INLINABLE_API int mbedtls_md(
+ mbedtls_md_handle_t md_info,
+ const unsigned char *input,
+ size_t ilen,
+ unsigned char *output );
#if defined(MBEDTLS_FS_IO)
/**
@@ -354,7 +413,7 @@
* the file pointed by \p path.
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL.
*/
-int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path,
+int mbedtls_md_file( mbedtls_md_handle_t md_info, const char *path,
unsigned char *output );
#endif /* MBEDTLS_FS_IO */
@@ -460,12 +519,167 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
-int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
+int mbedtls_md_hmac( mbedtls_md_handle_t md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output );
/* Internal use */
-int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data );
+MBEDTLS_MD_INLINABLE_API int mbedtls_md_process( mbedtls_md_context_t *ctx,
+ const unsigned char *data );
+
+/*
+ * Internal wrapper functions for those MD API functions which should be
+ * inlined in some but not all configurations. The actual MD API will be
+ * implemented either here or in md.c, and forward to the wrappers.
+ */
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_setup_internal(
+ mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac )
+{
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE || ctx == NULL )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+#if !defined(MBEDTLS_MD_SINGLE_HASH)
+ ctx->md_ctx = mbedtls_md_info_ctx_alloc( md_info );
+ if( ctx->md_ctx == NULL )
+ return( MBEDTLS_ERR_MD_ALLOC_FAILED );
+
+ if( hmac != 0 )
+ {
+ ctx->hmac_ctx = mbedtls_calloc( 2,
+ mbedtls_md_info_block_size( md_info ) );
+ if( ctx->hmac_ctx == NULL )
+ {
+ mbedtls_md_info_ctx_free( md_info, ctx->md_ctx);
+ return( MBEDTLS_ERR_MD_ALLOC_FAILED );
+ }
+ }
+
+ ctx->md_info = md_info;
+#else
+ ((void) hmac);
+#endif /* MBEDTLS_MD_SINGLE_HASH */
+
+ return( 0 );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_starts_internal(
+ mbedtls_md_context_t *ctx )
+{
+ mbedtls_md_handle_t md_info;
+ if( ctx == NULL )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+ md_info = mbedtls_md_get_handle( ctx );
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+ return( mbedtls_md_info_starts( md_info, ctx->md_ctx ) );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_update_internal(
+ mbedtls_md_context_t *ctx,
+ const unsigned char *input,
+ size_t ilen )
+{
+ mbedtls_md_handle_t md_info;
+ if( ctx == NULL )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+ md_info = mbedtls_md_get_handle( ctx );
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+ return( mbedtls_md_info_update( md_info, ctx->md_ctx,
+ input, ilen ) );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_finish_internal(
+ mbedtls_md_context_t *ctx, unsigned char *output )
+{
+ mbedtls_md_handle_t md_info;
+ if( ctx == NULL )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+ md_info = mbedtls_md_get_handle( ctx );
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+ return( mbedtls_md_info_finish( md_info, ctx->md_ctx,
+ output ) );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_internal(
+ mbedtls_md_handle_t md_info,
+ const unsigned char *input,
+ size_t ilen,
+ unsigned char *output )
+{
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+ return( mbedtls_md_info_digest( md_info, input,
+ ilen, output) );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_process_internal(
+ mbedtls_md_context_t *ctx, const unsigned char *data )
+{
+ mbedtls_md_handle_t md_info;
+ if( ctx == NULL )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+ md_info = mbedtls_md_get_handle( ctx );
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+ return( mbedtls_md_info_process( md_info, ctx->md_ctx, data ) );
+}
+
+#if defined(MBEDTLS_MD_SINGLE_HASH)
+
+MBEDTLS_MD_INLINABLE_API int mbedtls_md_setup(
+ mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac )
+{
+ return( mbedtls_md_setup_internal( ctx, md_info, hmac ) );
+}
+
+MBEDTLS_MD_INLINABLE_API int mbedtls_md_starts(
+ mbedtls_md_context_t *ctx )
+{
+ return( mbedtls_md_starts_internal( ctx ) );
+}
+
+MBEDTLS_MD_INLINABLE_API int mbedtls_md_update(
+ mbedtls_md_context_t *ctx,
+ const unsigned char *input,
+ size_t ilen )
+{
+ return( mbedtls_md_update_internal( ctx, input, ilen ) );
+}
+
+MBEDTLS_MD_INLINABLE_API int mbedtls_md_finish(
+ mbedtls_md_context_t *ctx, unsigned char *output )
+{
+ return( mbedtls_md_finish_internal( ctx, output ) );
+}
+
+MBEDTLS_MD_INLINABLE_API int mbedtls_md(
+ mbedtls_md_handle_t md_info,
+ const unsigned char *input,
+ size_t ilen,
+ unsigned char *output )
+{
+ return( mbedtls_md_internal( md_info, input, ilen, output ) );
+}
+
+MBEDTLS_MD_INLINABLE_API int mbedtls_md_process(
+ mbedtls_md_context_t *ctx, const unsigned char *data )
+{
+ return( mbedtls_md_process_internal( ctx, data ) );
+}
+
+#endif /* MBEDTLS_MD_SINGLE_HASH */
#ifdef __cplusplus
}
diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h
index 698477b..84944ee 100644
--- a/include/mbedtls/md_internal.h
+++ b/include/mbedtls/md_internal.h
@@ -1,14 +1,12 @@
-/**
+ /**
* \file md_internal.h
*
- * \brief Message digest wrappers.
- *
- * \warning This in an internal header. Do not include directly.
+ * \brief This file contains the generic message-digest wrapper.
*
* \author Adriaan de Jong <dejong@fox-it.com>
*/
/*
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
@@ -23,27 +21,157 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*
- * This file is part of mbed TLS (https://tls.mbed.org)
+ * This file is part of Mbed TLS (https://tls.mbed.org)
*/
-#ifndef MBEDTLS_MD_WRAP_H
-#define MBEDTLS_MD_WRAP_H
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
+#ifndef MBEDTLS_MD_INTERNAL_H
+#define MBEDTLS_MD_INTERNAL_H
+
+#if defined(MBEDTLS_MD2_C)
+#include "mbedtls/md2.h"
#endif
-#include "md.h"
+#if defined(MBEDTLS_MD4_C)
+#include "mbedtls/md4.h"
+#endif
+
+#if defined(MBEDTLS_MD5_C)
+#include "mbedtls/md5.h"
+#endif
+
+#if defined(MBEDTLS_RIPEMD160_C)
+#include "mbedtls/ripemd160.h"
+#endif
+
+#if defined(MBEDTLS_SHA1_C)
+#include "mbedtls/sha1.h"
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+#include "mbedtls/sha256.h"
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+#include "mbedtls/sha512.h"
+#endif
+
+#include "mbedtls/platform_util.h"
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc calloc
+#define mbedtls_free free
+#endif
#ifdef __cplusplus
extern "C" {
#endif
+#define MBEDTLS_MD_WRAPPER MBEDTLS_ALWAYS_INLINE static inline
+
+/*
+ * Message-digest information macro definition
+ */
+
+/* Dummy definition to keep check-names.sh happy - don't uncomment */
+//#define MBEDTLS_MD_INFO_SHA256
+
+/* SHA-256 */
+static inline void mbedtls_md_sha256_init_free_dummy( void* ctx )
+{
+ /* Zero-initialization can be skipped. */
+ ((void) ctx);
+}
+#define MBEDTLS_MD_INFO_SHA256_TYPE MBEDTLS_MD_SHA256
+#define MBEDTLS_MD_INFO_SHA256_CTX_TYPE mbedtls_sha256_context
+#if defined(MBEDTLS_MD_SINGLE_HASH) && !defined(MBEDTLS_SHA256_ALT)
+/* mbedtls_md_sha256_init() only zeroizes, which is redundant
+ * because mbedtls_md_context is zeroized in mbedtls_md_init(),
+ * and the mbedtls_sha256_context is embedded in mbedtls_md_context_t. */
+#define MBEDTLS_MD_INFO_SHA256_INIT_FUNC mbedtls_md_sha256_init_free_dummy
+#else
+#define MBEDTLS_MD_INFO_SHA256_INIT_FUNC mbedtls_sha256_init
+#endif /* MBEDTLS_MD_SINGLE_HASH && !MBEDTLS_SHA256_ALT */
+#define MBEDTLS_MD_INFO_SHA256_NAME "SHA256"
+#define MBEDTLS_MD_INFO_SHA256_SIZE 32
+#define MBEDTLS_MD_INFO_SHA256_BLOCKSIZE 64
+#define MBEDTLS_MD_INFO_SHA256_STARTS_FUNC mbedtls_sha256_starts_wrap
+#define MBEDTLS_MD_INFO_SHA256_UPDATE_FUNC mbedtls_sha224_update_wrap
+#define MBEDTLS_MD_INFO_SHA256_FINISH_FUNC mbedtls_sha224_finish_wrap
+#define MBEDTLS_MD_INFO_SHA256_DIGEST_FUNC mbedtls_sha256_wrap
+#define MBEDTLS_MD_INFO_SHA256_ALLOC_FUNC mbedtls_sha224_ctx_alloc
+#if defined(MBEDTLS_MD_SINGLE_HASH) && !defined(MBEDTLS_SHA256_ALT)
+/* mbedtls_md_sha256_free() only zeroizes, which is redundant
+ * because mbedtls_md_context is zeroized in mbedtls_md_init(),
+ * and the mbedtls_sha256_context is embedded in mbedtls_md_context_t. */
+#define MBEDTLS_MD_INFO_SHA256_FREE_FUNC mbedtls_md_sha256_init_free_dummy
+#else
+#define MBEDTLS_MD_INFO_SHA256_FREE_FUNC mbedtls_sha224_ctx_free
+#endif /* MBEDTLS_MD_SINGLE_HASH && !MBEDTLS_SHA256_ALT */
+#define MBEDTLS_MD_INFO_SHA256_CLONE_FUNC mbedtls_sha224_clone_wrap
+#define MBEDTLS_MD_INFO_SHA256_PROCESS_FUNC mbedtls_sha224_process_wrap
+
+/*
+ * Helper macros to extract fields from ciphersuites.
+ */
+
+#define MBEDTLS_MD_INFO_CTX_TYPE_T( MD ) MD ## _CTX_TYPE
+#define MBEDTLS_MD_INFO_INIT_FUNC_T( MD ) MD ## _INIT_FUNC
+#define MBEDTLS_MD_INFO_TYPE_T( MD ) MD ## _TYPE
+#define MBEDTLS_MD_INFO_NAME_T( MD ) MD ## _NAME
+#define MBEDTLS_MD_INFO_SIZE_T( MD ) MD ## _SIZE
+#define MBEDTLS_MD_INFO_BLOCKSIZE_T( MD ) MD ## _BLOCKSIZE
+#define MBEDTLS_MD_INFO_STARTS_FUNC_T( MD ) MD ## _STARTS_FUNC
+#define MBEDTLS_MD_INFO_UPDATE_FUNC_T( MD ) MD ## _UPDATE_FUNC
+#define MBEDTLS_MD_INFO_FINISH_FUNC_T( MD ) MD ## _FINISH_FUNC
+#define MBEDTLS_MD_INFO_DIGEST_FUNC_T( MD ) MD ## _DIGEST_FUNC
+#define MBEDTLS_MD_INFO_ALLOC_FUNC_T( MD ) MD ## _ALLOC_FUNC
+#define MBEDTLS_MD_INFO_FREE_FUNC_T( MD ) MD ## _FREE_FUNC
+#define MBEDTLS_MD_INFO_CLONE_FUNC_T( MD ) MD ## _CLONE_FUNC
+#define MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD ) MD ## _PROCESS_FUNC
+
+/* Wrapper around MBEDTLS_MD_INFO_{FIELD}_T() which makes sure that
+ * the argument is macro-expanded before concatenated with the
+ * field name. This allows to call these macros as
+ * MBEDTLS_MD_INFO_{FIELD}( MBEDTLS_MD_SINGLE_HASH ).
+ * where MBEDTLS_MD_SINGLE_HASH expands to MBEDTLS_MD_INFO_{DIGEST}. */
+#define MBEDTLS_MD_INFO_CTX_TYPE( MD ) MBEDTLS_MD_INFO_CTX_TYPE_T( MD )
+#define MBEDTLS_MD_INFO_INIT_FUNC( MD ) MBEDTLS_MD_INFO_INIT_FUNC_T( MD )
+#define MBEDTLS_MD_INFO_TYPE( MD ) MBEDTLS_MD_INFO_TYPE_T( MD )
+#define MBEDTLS_MD_INFO_NAME( MD ) MBEDTLS_MD_INFO_NAME_T( MD )
+#define MBEDTLS_MD_INFO_SIZE( MD ) MBEDTLS_MD_INFO_SIZE_T( MD )
+#define MBEDTLS_MD_INFO_BLOCKSIZE( MD ) MBEDTLS_MD_INFO_BLOCKSIZE_T( MD )
+#define MBEDTLS_MD_INFO_STARTS_FUNC( MD ) MBEDTLS_MD_INFO_STARTS_FUNC_T( MD )
+#define MBEDTLS_MD_INFO_UPDATE_FUNC( MD ) MBEDTLS_MD_INFO_UPDATE_FUNC_T( MD )
+#define MBEDTLS_MD_INFO_FINISH_FUNC( MD ) MBEDTLS_MD_INFO_FINISH_FUNC_T( MD )
+#define MBEDTLS_MD_INFO_DIGEST_FUNC( MD ) MBEDTLS_MD_INFO_DIGEST_FUNC_T( MD )
+#define MBEDTLS_MD_INFO_ALLOC_FUNC( MD ) MBEDTLS_MD_INFO_ALLOC_FUNC_T( MD )
+#define MBEDTLS_MD_INFO_FREE_FUNC( MD ) MBEDTLS_MD_INFO_FREE_FUNC_T( MD )
+#define MBEDTLS_MD_INFO_CLONE_FUNC( MD ) MBEDTLS_MD_INFO_CLONE_FUNC_T( MD )
+#define MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD )
+
/**
* Message digest information.
* Allows message digest functions to be called in a generic way.
*/
+
+typedef int mbedtls_md_starts_func_t( void *ctx );
+typedef int mbedtls_md_update_func_t( void *ctx,
+ const unsigned char *input,
+ size_t ilen );
+typedef int mbedtls_md_finish_func_t( void *ctx, unsigned char *output );
+typedef int mbedtls_md_digest_func_t( const unsigned char *input,
+ size_t ilen,
+ unsigned char *output );
+typedef void* mbedtls_md_ctx_alloc_func_t( void );
+typedef void mbedtls_md_ctx_free_func_t( void *ctx );
+typedef void mbedtls_md_clone_func_t( void *st, const void *src );
+typedef int mbedtls_md_process_func_t( void *ctx,
+ const unsigned char *input );
+
+#if !defined(MBEDTLS_MD_SINGLE_HASH)
struct mbedtls_md_info_t
{
/** Digest identifier */
@@ -59,59 +187,672 @@
int block_size;
/** Digest initialisation function */
- int (*starts_func)( void *ctx );
+ mbedtls_md_starts_func_t *starts_func;
/** Digest update function */
- int (*update_func)( void *ctx, const unsigned char *input, size_t ilen );
+ mbedtls_md_update_func_t *update_func;
/** Digest finalisation function */
- int (*finish_func)( void *ctx, unsigned char *output );
+ mbedtls_md_finish_func_t *finish_func;
/** Generic digest function */
- int (*digest_func)( const unsigned char *input, size_t ilen,
- unsigned char *output );
+ mbedtls_md_digest_func_t *digest_func;
/** Allocate a new context */
- void * (*ctx_alloc_func)( void );
+ mbedtls_md_ctx_alloc_func_t *ctx_alloc_func;
/** Free the given context */
- void (*ctx_free_func)( void *ctx );
+ mbedtls_md_ctx_free_func_t *ctx_free_func;
/** Clone state from a context */
- void (*clone_func)( void *dst, const void *src );
+ mbedtls_md_clone_func_t *clone_func;
/** Internal use only */
- int (*process_func)( void *ctx, const unsigned char *input );
+ mbedtls_md_process_func_t *process_func;
};
+/**
+ * \brief This macro builds an instance of ::mbedtls_md_info_t
+ * from an \c MBEDTLS_MD_INFO_XXX identifier.
+ */
+#define MBEDTLS_MD_INFO( MD ) \
+ { MBEDTLS_MD_INFO_TYPE( MD ), \
+ MBEDTLS_MD_INFO_NAME( MD ), \
+ MBEDTLS_MD_INFO_SIZE( MD ), \
+ MBEDTLS_MD_INFO_BLOCKSIZE( MD ), \
+ MBEDTLS_MD_INFO_STARTS_FUNC( MD ), \
+ MBEDTLS_MD_INFO_UPDATE_FUNC( MD ), \
+ MBEDTLS_MD_INFO_FINISH_FUNC( MD ), \
+ MBEDTLS_MD_INFO_DIGEST_FUNC( MD ), \
+ MBEDTLS_MD_INFO_ALLOC_FUNC( MD ), \
+ MBEDTLS_MD_INFO_FREE_FUNC( MD ), \
+ MBEDTLS_MD_INFO_CLONE_FUNC( MD ), \
+ MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) }
+
+#endif /* !MBEDTLS_MD_SINGLE_HASH */
+
+/*
+ *
+ * Definitions of MD information structures for various digests.
+ *
+ */
+
+/*
+ * MD-2
+ */
+
#if defined(MBEDTLS_MD2_C)
-extern const mbedtls_md_info_t mbedtls_md2_info;
-#endif
+
+MBEDTLS_MD_WRAPPER int mbedtls_md2_starts_wrap( void *ctx )
+{
+ return( mbedtls_md2_starts_ret( (mbedtls_md2_context *) ctx ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_md2_update_wrap( void *ctx, const unsigned char *input,
+ size_t ilen )
+{
+ return( mbedtls_md2_update_ret( (mbedtls_md2_context *) ctx, input, ilen ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_md2_finish_wrap( void *ctx, unsigned char *output )
+{
+ return( mbedtls_md2_finish_ret( (mbedtls_md2_context *) ctx, output ) );
+}
+
+MBEDTLS_MD_WRAPPER void* mbedtls_md2_ctx_alloc( void )
+{
+ void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md2_context ) );
+
+ if( ctx != NULL )
+ mbedtls_md2_init( (mbedtls_md2_context *) ctx );
+
+ return( ctx );
+}
+
+MBEDTLS_MD_WRAPPER void mbedtls_md2_ctx_free( void *ctx )
+{
+ mbedtls_md2_free( (mbedtls_md2_context *) ctx );
+ mbedtls_free( ctx );
+}
+
+MBEDTLS_MD_WRAPPER void mbedtls_md2_clone_wrap( void *dst, const void *src )
+{
+ mbedtls_md2_clone( (mbedtls_md2_context *) dst,
+ (const mbedtls_md2_context *) src );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_md2_process_wrap( void *ctx, const unsigned char *data )
+{
+ ((void) data);
+
+ return( mbedtls_internal_md2_process( (mbedtls_md2_context *) ctx ) );
+}
+
+#endif /* MBEDTLS_MD2_C */
+
+/*
+ * MD-4
+ */
+
#if defined(MBEDTLS_MD4_C)
-extern const mbedtls_md_info_t mbedtls_md4_info;
-#endif
+
+MBEDTLS_MD_WRAPPER int mbedtls_md4_starts_wrap( void *ctx )
+{
+ return( mbedtls_md4_starts_ret( (mbedtls_md4_context *) ctx ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_md4_update_wrap( void *ctx, const unsigned char *input,
+ size_t ilen )
+{
+ return( mbedtls_md4_update_ret( (mbedtls_md4_context *) ctx, input, ilen ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_md4_finish_wrap( void *ctx, unsigned char *output )
+{
+ return( mbedtls_md4_finish_ret( (mbedtls_md4_context *) ctx, output ) );
+}
+
+MBEDTLS_MD_WRAPPER void* mbedtls_md4_ctx_alloc( void )
+{
+ void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md4_context ) );
+
+ if( ctx != NULL )
+ mbedtls_md4_init( (mbedtls_md4_context *) ctx );
+
+ return( ctx );
+}
+
+MBEDTLS_MD_WRAPPER void mbedtls_md4_ctx_free( void *ctx )
+{
+ mbedtls_md4_free( (mbedtls_md4_context *) ctx );
+ mbedtls_free( ctx );
+}
+
+MBEDTLS_MD_WRAPPER void mbedtls_md4_clone_wrap( void *dst, const void *src )
+{
+ mbedtls_md4_clone( (mbedtls_md4_context *) dst,
+ (const mbedtls_md4_context *) src );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_md4_process_wrap( void *ctx, const unsigned char *data )
+{
+ return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) );
+}
+
+#endif /* MBEDTLS_MD4_C */
+
+/*
+ * MD-5
+ */
+
#if defined(MBEDTLS_MD5_C)
-extern const mbedtls_md_info_t mbedtls_md5_info;
-#endif
+
+MBEDTLS_MD_WRAPPER int mbedtls_md5_starts_wrap( void *ctx )
+{
+ return( mbedtls_md5_starts_ret( (mbedtls_md5_context *) ctx ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_md5_update_wrap( void *ctx, const unsigned char *input,
+ size_t ilen )
+{
+ return( mbedtls_md5_update_ret( (mbedtls_md5_context *) ctx, input, ilen ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_md5_finish_wrap( void *ctx, unsigned char *output )
+{
+ return( mbedtls_md5_finish_ret( (mbedtls_md5_context *) ctx, output ) );
+}
+
+MBEDTLS_MD_WRAPPER void* mbedtls_md5_ctx_alloc( void )
+{
+ void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md5_context ) );
+
+ if( ctx != NULL )
+ mbedtls_md5_init( (mbedtls_md5_context *) ctx );
+
+ return( ctx );
+}
+
+MBEDTLS_MD_WRAPPER void mbedtls_md5_ctx_free( void *ctx )
+{
+ mbedtls_md5_free( (mbedtls_md5_context *) ctx );
+ mbedtls_free( ctx );
+}
+
+MBEDTLS_MD_WRAPPER void mbedtls_md5_clone_wrap( void *dst, const void *src )
+{
+ mbedtls_md5_clone( (mbedtls_md5_context *) dst,
+ (const mbedtls_md5_context *) src );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_md5_process_wrap( void *ctx, const unsigned char *data )
+{
+ return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) );
+}
+
+#endif /* MBEDTLS_MD5_C */
+
+/*
+ * RIPEMD-160
+ */
+
#if defined(MBEDTLS_RIPEMD160_C)
-extern const mbedtls_md_info_t mbedtls_ripemd160_info;
-#endif
+
+MBEDTLS_MD_WRAPPER int mbedtls_ripemd160_starts_wrap( void *ctx )
+{
+ return( mbedtls_ripemd160_starts_ret( (mbedtls_ripemd160_context *) ctx ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_ripemd160_update_wrap( void *ctx, const unsigned char *input,
+ size_t ilen )
+{
+ return( mbedtls_ripemd160_update_ret( (mbedtls_ripemd160_context *) ctx,
+ input, ilen ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_ripemd160_finish_wrap( void *ctx, unsigned char *output )
+{
+ return( mbedtls_ripemd160_finish_ret( (mbedtls_ripemd160_context *) ctx,
+ output ) );
+}
+
+MBEDTLS_MD_WRAPPER void* mbedtls_ripemd160_ctx_alloc( void )
+{
+ void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ripemd160_context ) );
+
+ if( ctx != NULL )
+ mbedtls_ripemd160_init( (mbedtls_ripemd160_context *) ctx );
+
+ return( ctx );
+}
+
+MBEDTLS_MD_WRAPPER void mbedtls_ripemd160_ctx_free( void *ctx )
+{
+ mbedtls_ripemd160_free( (mbedtls_ripemd160_context *) ctx );
+ mbedtls_free( ctx );
+}
+
+MBEDTLS_MD_WRAPPER void mbedtls_ripemd160_clone_wrap( void *dst, const void *src )
+{
+ mbedtls_ripemd160_clone( (mbedtls_ripemd160_context *) dst,
+ (const mbedtls_ripemd160_context *) src );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_ripemd160_process_wrap( void *ctx, const unsigned char *data )
+{
+ return( mbedtls_internal_ripemd160_process(
+ (mbedtls_ripemd160_context *) ctx, data ) );
+}
+
+#endif /* MBEDTLS_RIPEMD160_C */
+
+/*
+ * SHA-1
+ */
+
#if defined(MBEDTLS_SHA1_C)
-extern const mbedtls_md_info_t mbedtls_sha1_info;
-#endif
+
+MBEDTLS_MD_WRAPPER int mbedtls_sha1_starts_wrap( void *ctx )
+{
+ return( mbedtls_sha1_starts_ret( (mbedtls_sha1_context *) ctx ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_sha1_update_wrap( void *ctx, const unsigned char *input,
+ size_t ilen )
+{
+ return( mbedtls_sha1_update_ret( (mbedtls_sha1_context *) ctx,
+ input, ilen ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_sha1_finish_wrap( void *ctx, unsigned char *output )
+{
+ return( mbedtls_sha1_finish_ret( (mbedtls_sha1_context *) ctx, output ) );
+}
+
+MBEDTLS_MD_WRAPPER void* mbedtls_sha1_ctx_alloc( void )
+{
+ void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha1_context ) );
+
+ if( ctx != NULL )
+ mbedtls_sha1_init( (mbedtls_sha1_context *) ctx );
+
+ return( ctx );
+}
+
+MBEDTLS_MD_WRAPPER void mbedtls_sha1_clone_wrap( void *dst, const void *src )
+{
+ mbedtls_sha1_clone( (mbedtls_sha1_context *) dst,
+ (const mbedtls_sha1_context *) src );
+}
+
+MBEDTLS_MD_WRAPPER void mbedtls_sha1_ctx_free( void *ctx )
+{
+ mbedtls_sha1_free( (mbedtls_sha1_context *) ctx );
+ mbedtls_free( ctx );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_sha1_process_wrap( void *ctx, const unsigned char *data )
+{
+ return( mbedtls_internal_sha1_process( (mbedtls_sha1_context *) ctx,
+ data ) );
+}
+
+#endif /* MBEDTLS_SHA1_C */
+
+/*
+ * SHA-224 and SHA-256
+ */
+
#if defined(MBEDTLS_SHA256_C)
+
#if !defined(MBEDTLS_SHA256_NO_SHA224)
-extern const mbedtls_md_info_t mbedtls_sha224_info;
-#endif
-extern const mbedtls_md_info_t mbedtls_sha256_info;
-#endif
+MBEDTLS_MD_WRAPPER int mbedtls_sha224_starts_wrap( void *ctx )
+{
+ return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) );
+}
+#endif /* !MBEDTLS_SHA256_NO_SHA224 */
+
+MBEDTLS_MD_WRAPPER int mbedtls_sha224_update_wrap( void *ctx, const unsigned char *input,
+ size_t ilen )
+{
+ return( mbedtls_sha256_update_ret( (mbedtls_sha256_context *) ctx,
+ input, ilen ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_sha224_finish_wrap( void *ctx, unsigned char *output )
+{
+ return( mbedtls_sha256_finish_ret( (mbedtls_sha256_context *) ctx,
+ output ) );
+}
+
+#if !defined(MBEDTLS_SHA256_NO_SHA224)
+MBEDTLS_MD_WRAPPER int mbedtls_sha224_wrap( const unsigned char *input, size_t ilen,
+ unsigned char *output )
+{
+ return( mbedtls_sha256_ret( input, ilen, output, 1 ) );
+}
+#endif /* !MBEDTLS_SHA256_NO_SHA224 */
+
+MBEDTLS_MD_WRAPPER void* mbedtls_sha224_ctx_alloc( void )
+{
+ void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha256_context ) );
+
+ if( ctx != NULL )
+ mbedtls_sha256_init( (mbedtls_sha256_context *) ctx );
+
+ return( ctx );
+}
+
+MBEDTLS_MD_WRAPPER void mbedtls_sha224_ctx_free( void *ctx )
+{
+ mbedtls_sha256_free( (mbedtls_sha256_context *) ctx );
+ mbedtls_free( ctx );
+}
+
+MBEDTLS_MD_WRAPPER void mbedtls_sha224_clone_wrap( void *dst, const void *src )
+{
+ mbedtls_sha256_clone( (mbedtls_sha256_context *) dst,
+ (const mbedtls_sha256_context *) src );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_sha224_process_wrap( void *ctx, const unsigned char *data )
+{
+ return( mbedtls_internal_sha256_process( (mbedtls_sha256_context *) ctx,
+ data ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_sha256_starts_wrap( void *ctx )
+{
+ return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 0 ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_sha256_wrap( const unsigned char *input, size_t ilen,
+ unsigned char *output )
+{
+ return( mbedtls_sha256_ret( input, ilen, output, 0 ) );
+}
+
+#endif /* MBEDTLS_SHA256_C */
+
+/*
+ * SHA-384 and SHA-512
+ */
+
#if defined(MBEDTLS_SHA512_C)
-extern const mbedtls_md_info_t mbedtls_sha384_info;
-extern const mbedtls_md_info_t mbedtls_sha512_info;
-#endif
+
+MBEDTLS_MD_WRAPPER int mbedtls_sha384_starts_wrap( void *ctx )
+{
+ return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 1 ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_sha384_update_wrap( void *ctx, const unsigned char *input,
+ size_t ilen )
+{
+ return( mbedtls_sha512_update_ret( (mbedtls_sha512_context *) ctx,
+ input, ilen ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_sha384_finish_wrap( void *ctx, unsigned char *output )
+{
+ return( mbedtls_sha512_finish_ret( (mbedtls_sha512_context *) ctx,
+ output ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_sha384_wrap( const unsigned char *input, size_t ilen,
+ unsigned char *output )
+{
+ return( mbedtls_sha512_ret( input, ilen, output, 1 ) );
+}
+
+MBEDTLS_MD_WRAPPER void* mbedtls_sha384_ctx_alloc( void )
+{
+ void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha512_context ) );
+
+ if( ctx != NULL )
+ mbedtls_sha512_init( (mbedtls_sha512_context *) ctx );
+
+ return( ctx );
+}
+
+MBEDTLS_MD_WRAPPER void mbedtls_sha384_ctx_free( void *ctx )
+{
+ mbedtls_sha512_free( (mbedtls_sha512_context *) ctx );
+ mbedtls_free( ctx );
+}
+
+MBEDTLS_MD_WRAPPER void mbedtls_sha384_clone_wrap( void *dst, const void *src )
+{
+ mbedtls_sha512_clone( (mbedtls_sha512_context *) dst,
+ (const mbedtls_sha512_context *) src );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_sha384_process_wrap( void *ctx, const unsigned char *data )
+{
+ return( mbedtls_internal_sha512_process( (mbedtls_sha512_context *) ctx,
+ data ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_sha512_starts_wrap( void *ctx )
+{
+ return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 0 ) );
+}
+
+MBEDTLS_MD_WRAPPER int mbedtls_sha512_wrap( const unsigned char *input, size_t ilen,
+ unsigned char *output )
+{
+ return( mbedtls_sha512_ret( input, ilen, output, 0 ) );
+}
+
+#endif /* MBEDTLS_SHA512_C */
+
+/*
+ * Getter functions for MD info structure.
+ */
+
+#if !defined(MBEDTLS_MD_SINGLE_HASH)
+
+MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_type_t mbedtls_md_info_type(
+ mbedtls_md_handle_t info )
+{
+ return( info->type );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline const char * mbedtls_md_info_name(
+ mbedtls_md_handle_t info )
+{
+ return( info->name );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_size(
+ mbedtls_md_handle_t info )
+{
+ return( info->size );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_block_size(
+ mbedtls_md_handle_t info )
+{
+ return( info->block_size );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_starts(
+ mbedtls_md_handle_t info,
+ void *ctx )
+{
+ return( info->starts_func( ctx ) );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update(
+ mbedtls_md_handle_t info,
+ void *ctx,
+ const unsigned char *input,
+ size_t ilen )
+{
+ return( info->update_func( ctx, input, ilen ) );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish(
+ mbedtls_md_handle_t info,
+ void *ctx,
+ unsigned char *output )
+{
+ return( info->finish_func( ctx, output ) );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_digest(
+ mbedtls_md_handle_t info,
+ const unsigned char *input,
+ size_t ilen,
+ unsigned char *output )
+{
+ return( info->digest_func( input, ilen, output ) );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline void* mbedtls_md_info_ctx_alloc(
+ mbedtls_md_handle_t info )
+{
+ return( info->ctx_alloc_func() );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_ctx_free(
+ mbedtls_md_handle_t info,
+ void *ctx )
+{
+ info->ctx_free_func( ctx );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_clone(
+ mbedtls_md_handle_t info,
+ void *dst,
+ const void *src )
+{
+ info->clone_func( dst, src );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_process(
+ mbedtls_md_handle_t info,
+ void *ctx,
+ const unsigned char *input )
+{
+ return( info->process_func( ctx, input ) );
+}
+
+#else /* !MBEDTLS_MD_SINGLE_HASH */
+
+MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_type_t mbedtls_md_info_type(
+ mbedtls_md_handle_t info )
+{
+ ((void) info);
+ return( MBEDTLS_MD_INFO_TYPE( MBEDTLS_MD_SINGLE_HASH ) );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline const char * mbedtls_md_info_name(
+ mbedtls_md_handle_t info )
+{
+ ((void) info);
+ return( MBEDTLS_MD_INFO_NAME( MBEDTLS_MD_SINGLE_HASH ) );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_size(
+ mbedtls_md_handle_t info )
+{
+ ((void) info);
+ return( MBEDTLS_MD_INFO_SIZE( MBEDTLS_MD_SINGLE_HASH ) );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_block_size(
+ mbedtls_md_handle_t info )
+{
+ ((void) info);
+ return( MBEDTLS_MD_INFO_BLOCKSIZE( MBEDTLS_MD_SINGLE_HASH ) );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_starts(
+ mbedtls_md_handle_t info,
+ void *ctx )
+{
+ ((void) info);
+ return( MBEDTLS_MD_INFO_STARTS_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx ) );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update(
+ mbedtls_md_handle_t info,
+ void *ctx,
+ const unsigned char *input,
+ size_t ilen )
+{
+ ((void) info);
+ return( MBEDTLS_MD_INFO_UPDATE_FUNC( MBEDTLS_MD_SINGLE_HASH )
+ ( ctx, input, ilen ) );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_init(
+ mbedtls_md_handle_t info,
+ void *ctx )
+{
+ ((void) info);
+ MBEDTLS_MD_INFO_INIT_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish(
+ mbedtls_md_handle_t info,
+ void *ctx,
+ unsigned char *output )
+{
+ ((void) info);
+ return( MBEDTLS_MD_INFO_FINISH_FUNC( MBEDTLS_MD_SINGLE_HASH )
+ ( ctx, output ) );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_digest(
+ mbedtls_md_handle_t info,
+ const unsigned char *input,
+ size_t ilen,
+ unsigned char *output )
+{
+ ((void) info);
+ return( MBEDTLS_MD_INFO_DIGEST_FUNC( MBEDTLS_MD_SINGLE_HASH )
+ ( input, ilen, output ) );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline void* mbedtls_md_info_ctx_alloc(
+ mbedtls_md_handle_t info )
+{
+ ((void) info);
+ return( MBEDTLS_MD_INFO_ALLOC_FUNC( MBEDTLS_MD_SINGLE_HASH )() );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_ctx_free(
+ mbedtls_md_handle_t info,
+ void *ctx )
+{
+ ((void) info);
+ MBEDTLS_MD_INFO_FREE_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_clone(
+ mbedtls_md_handle_t info,
+ void *dst,
+ const void *src )
+{
+ ((void) info);
+ MBEDTLS_MD_INFO_CLONE_FUNC( MBEDTLS_MD_SINGLE_HASH )( dst, src );
+}
+
+MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_process(
+ mbedtls_md_handle_t info,
+ void *ctx,
+ const unsigned char *input )
+{
+ ((void) info);
+ return( MBEDTLS_MD_INFO_PROCESS_FUNC( MBEDTLS_MD_SINGLE_HASH )
+ ( ctx, input ) );
+}
+
+#endif /* MBEDTLS_MD_SINGLE_HASH */
#ifdef __cplusplus
}
#endif
-#endif /* MBEDTLS_MD_WRAP_H */
+#endif /* MBEDTLS_MD_INTERNAL_H */
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index 461843b..bb975cd 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -38,7 +38,6 @@
md2.c
md4.c
md5.c
- md_wrap.c
memory_buffer_alloc.c
nist_kw.c
oid.c
diff --git a/library/Makefile b/library/Makefile
index 50faed9..062846b 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -77,7 +77,7 @@
error.o gcm.o havege.o \
hkdf.o \
hmac_drbg.o md.o md2.o \
- md4.o md5.o md_wrap.o \
+ md4.o md5.o \
memory_buffer_alloc.o nist_kw.o \
oid.o padlock.o pem.o \
pk.o pk_wrap.o pkcs12.o \
diff --git a/library/ecdsa.c b/library/ecdsa.c
index 58e1a5f..94bb7f0 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -412,11 +412,14 @@
mbedtls_hmac_drbg_context *p_rng = &rng_ctx;
unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES];
size_t grp_len = ( grp->nbits + 7 ) / 8;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_mpi h;
- if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
+ if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) ==
+ MBEDTLS_MD_INVALID_HANDLE )
+ {
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+ }
mbedtls_mpi_init( &h );
mbedtls_hmac_drbg_init( &rng_ctx );
diff --git a/library/ecjpake.c b/library/ecjpake.c
index b276514..ea28e6d 100644
--- a/library/ecjpake.c
+++ b/library/ecjpake.c
@@ -63,7 +63,7 @@
{
ECJPAKE_VALIDATE( ctx != NULL );
- ctx->md_info = NULL;
+ ctx->md_info = MBEDTLS_MD_INVALID_HANDLE;
mbedtls_ecp_group_init( &ctx->grp );
ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
@@ -86,7 +86,7 @@
if( ctx == NULL )
return;
- ctx->md_info = NULL;
+ ctx->md_info = MBEDTLS_MD_INVALID_HANDLE;
mbedtls_ecp_group_free( &ctx->grp );
mbedtls_ecp_point_free( &ctx->Xm1 );
@@ -119,8 +119,11 @@
ctx->role = role;
- if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) == NULL )
+ if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) ==
+ MBEDTLS_MD_INVALID_HANDLE )
+ {
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
+ }
MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ctx->grp, curve ) );
@@ -140,7 +143,7 @@
{
ECJPAKE_VALIDATE_RET( ctx != NULL );
- if( ctx->md_info == NULL ||
+ if( ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ||
ctx->grp.id == MBEDTLS_ECP_DP_NONE ||
ctx->s.p == NULL )
{
@@ -190,7 +193,7 @@
/*
* Compute hash for ZKP (7.4.2.2.2.1)
*/
-static int ecjpake_hash( const mbedtls_md_info_t *md_info,
+static int ecjpake_hash( mbedtls_md_handle_t md_info,
const mbedtls_ecp_group *grp,
const int pf,
const mbedtls_ecp_point *G,
@@ -240,7 +243,7 @@
/*
* Parse a ECShnorrZKP (7.4.2.2.2) and verify it (7.4.2.3.3)
*/
-static int ecjpake_zkp_read( const mbedtls_md_info_t *md_info,
+static int ecjpake_zkp_read( mbedtls_md_handle_t md_info,
const mbedtls_ecp_group *grp,
const int pf,
const mbedtls_ecp_point *G,
@@ -312,7 +315,7 @@
/*
* Generate ZKP (7.4.2.3.2) and write it as ECSchnorrZKP (7.4.2.2.2)
*/
-static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info,
+static int ecjpake_zkp_write( mbedtls_md_handle_t md_info,
const mbedtls_ecp_group *grp,
const int pf,
const mbedtls_ecp_point *G,
@@ -373,7 +376,7 @@
* Parse a ECJPAKEKeyKP (7.4.2.2.1) and check proof
* Output: verified public key X
*/
-static int ecjpake_kkp_read( const mbedtls_md_info_t *md_info,
+static int ecjpake_kkp_read( mbedtls_md_handle_t md_info,
const mbedtls_ecp_group *grp,
const int pf,
const mbedtls_ecp_point *G,
@@ -410,7 +413,7 @@
* Generate an ECJPAKEKeyKP
* Output: the serialized structure, plus private/public key pair
*/
-static int ecjpake_kkp_write( const mbedtls_md_info_t *md_info,
+static int ecjpake_kkp_write( mbedtls_md_handle_t md_info,
const mbedtls_ecp_group *grp,
const int pf,
const mbedtls_ecp_point *G,
@@ -447,7 +450,7 @@
* Read a ECJPAKEKeyKPPairList (7.4.2.3) and check proofs
* Ouputs: verified peer public keys Xa, Xb
*/
-static int ecjpake_kkpp_read( const mbedtls_md_info_t *md_info,
+static int ecjpake_kkpp_read( mbedtls_md_handle_t md_info,
const mbedtls_ecp_group *grp,
const int pf,
const mbedtls_ecp_point *G,
@@ -480,7 +483,7 @@
* Generate a ECJPAKEKeyKPPairList
* Outputs: the serialized structure, plus two private/public key pairs
*/
-static int ecjpake_kkpp_write( const mbedtls_md_info_t *md_info,
+static int ecjpake_kkpp_write( mbedtls_md_handle_t md_info,
const mbedtls_ecp_group *grp,
const int pf,
const mbedtls_ecp_point *G,
diff --git a/library/hkdf.c b/library/hkdf.c
index 82d8a42..d64dc4d 100644
--- a/library/hkdf.c
+++ b/library/hkdf.c
@@ -30,7 +30,7 @@
#include "mbedtls/hkdf.h"
#include "mbedtls/platform_util.h"
-int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
+int mbedtls_hkdf( mbedtls_md_handle_t md, const unsigned char *salt,
size_t salt_len, const unsigned char *ikm, size_t ikm_len,
const unsigned char *info, size_t info_len,
unsigned char *okm, size_t okm_len )
@@ -51,7 +51,7 @@
return( ret );
}
-int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
+int mbedtls_hkdf_extract( mbedtls_md_handle_t md,
const unsigned char *salt, size_t salt_len,
const unsigned char *ikm, size_t ikm_len,
unsigned char *prk )
@@ -81,7 +81,7 @@
return( mbedtls_md_hmac( md, salt, salt_len, ikm, ikm_len, prk ) );
}
-int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk,
+int mbedtls_hkdf_expand( mbedtls_md_handle_t md, const unsigned char *prk,
size_t prk_len, const unsigned char *info,
size_t info_len, unsigned char *okm, size_t okm_len )
{
diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c
index 34f1815..b51e9b1 100644
--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@@ -70,7 +70,8 @@
const unsigned char *additional,
size_t add_len )
{
- size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info );
+ size_t md_len = mbedtls_md_get_size(
+ mbedtls_md_get_handle( &ctx->md_ctx ) );
unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1;
unsigned char sep[1];
unsigned char K[MBEDTLS_MD_MAX_SIZE];
@@ -124,7 +125,7 @@
* Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA)
*/
int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
- const mbedtls_md_info_t * md_info,
+ mbedtls_md_handle_t md_info,
const unsigned char *data, size_t data_len )
{
int ret;
@@ -246,7 +247,7 @@
* from the entropy source as suggested in 8.6.7.
*/
int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
- const mbedtls_md_info_t * md_info,
+ mbedtls_md_handle_t md_info,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
const unsigned char *custom,
@@ -329,7 +330,8 @@
{
int ret;
mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng;
- size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info );
+ size_t md_len = mbedtls_md_get_size(
+ mbedtls_md_get_handle( &ctx->md_ctx ) );
size_t left = out_len;
unsigned char *out = output;
@@ -564,7 +566,7 @@
{
mbedtls_hmac_drbg_context ctx;
unsigned char buf[OUTPUT_LEN];
- const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
+ mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
mbedtls_hmac_drbg_init( &ctx );
diff --git a/library/md.c b/library/md.c
index b3525be..882942e 100644
--- a/library/md.c
+++ b/library/md.c
@@ -32,7 +32,6 @@
#if defined(MBEDTLS_MD_C)
#include "mbedtls/md.h"
-#include "mbedtls/md_internal.h"
#include "mbedtls/platform_util.h"
#if defined(MBEDTLS_PLATFORM_C)
@@ -49,6 +48,177 @@
#include <stdio.h>
#endif
+#if !defined(MBEDTLS_MD_SINGLE_HASH)
+/*
+ *
+ * Definitions of MD information structures for various digests.
+ *
+ */
+
+/*
+ * MD-2
+ */
+#if defined(MBEDTLS_MD2_C)
+static const mbedtls_md_info_t mbedtls_md2_info = {
+ MBEDTLS_MD_MD2,
+ "MD2",
+ 16,
+ 16,
+ mbedtls_md2_starts_wrap,
+ mbedtls_md2_update_wrap,
+ mbedtls_md2_finish_wrap,
+ mbedtls_md2_ret,
+ mbedtls_md2_ctx_alloc,
+ mbedtls_md2_ctx_free,
+ mbedtls_md2_clone_wrap,
+ mbedtls_md2_process_wrap,
+};
+#endif /* MBEDTLS_MD2_C */
+
+/*
+ * MD-4
+ */
+
+#if defined(MBEDTLS_MD4_C)
+static const mbedtls_md_info_t mbedtls_md4_info = {
+ MBEDTLS_MD_MD4,
+ "MD4",
+ 16,
+ 64,
+ mbedtls_md4_starts_wrap,
+ mbedtls_md4_update_wrap,
+ mbedtls_md4_finish_wrap,
+ mbedtls_md4_ret,
+ mbedtls_md4_ctx_alloc,
+ mbedtls_md4_ctx_free,
+ mbedtls_md4_clone_wrap,
+ mbedtls_md4_process_wrap,
+};
+#endif /* MBEDTLS_MD4_C */
+
+/*
+ * MD-5
+ */
+
+#if defined(MBEDTLS_MD5_C)
+static const mbedtls_md_info_t mbedtls_md5_info = {
+ MBEDTLS_MD_MD5,
+ "MD5",
+ 16,
+ 64,
+ mbedtls_md5_starts_wrap,
+ mbedtls_md5_update_wrap,
+ mbedtls_md5_finish_wrap,
+ mbedtls_md5_ret,
+ mbedtls_md5_ctx_alloc,
+ mbedtls_md5_ctx_free,
+ mbedtls_md5_clone_wrap,
+ mbedtls_md5_process_wrap,
+};
+#endif /* MBEDTLS_MD5_C */
+
+/*
+ * RIPEMD-160
+ */
+
+#if defined(MBEDTLS_RIPEMD160_C)
+static const mbedtls_md_info_t mbedtls_ripemd160_info = {
+ MBEDTLS_MD_RIPEMD160,
+ "RIPEMD160",
+ 20,
+ 64,
+ mbedtls_ripemd160_starts_wrap,
+ mbedtls_ripemd160_update_wrap,
+ mbedtls_ripemd160_finish_wrap,
+ mbedtls_ripemd160_ret,
+ mbedtls_ripemd160_ctx_alloc,
+ mbedtls_ripemd160_ctx_free,
+ mbedtls_ripemd160_clone_wrap,
+ mbedtls_ripemd160_process_wrap,
+};
+#endif /* MBEDTLS_RIPEMD160_C */
+
+/*
+ * SHA-1
+ */
+
+#if defined(MBEDTLS_SHA1_C)
+static const mbedtls_md_info_t mbedtls_sha1_info = {
+ MBEDTLS_MD_SHA1,
+ "SHA1",
+ 20,
+ 64,
+ mbedtls_sha1_starts_wrap,
+ mbedtls_sha1_update_wrap,
+ mbedtls_sha1_finish_wrap,
+ mbedtls_sha1_ret,
+ mbedtls_sha1_ctx_alloc,
+ mbedtls_sha1_ctx_free,
+ mbedtls_sha1_clone_wrap,
+ mbedtls_sha1_process_wrap,
+};
+#endif /* MBEDTLS_SHA1_C */
+
+/*
+ * SHA-224 and SHA-256
+ */
+
+#if defined(MBEDTLS_SHA256_C)
+#if !defined(MBEDTLS_SHA256_NO_SHA224)
+static const mbedtls_md_info_t mbedtls_sha224_info = {
+ MBEDTLS_MD_SHA224,
+ "SHA224",
+ 28,
+ 64,
+ mbedtls_sha224_starts_wrap,
+ mbedtls_sha224_update_wrap,
+ mbedtls_sha224_finish_wrap,
+ mbedtls_sha224_wrap,
+ mbedtls_sha224_ctx_alloc,
+ mbedtls_sha224_ctx_free,
+ mbedtls_sha224_clone_wrap,
+ mbedtls_sha224_process_wrap,
+};
+#endif /* !MBEDTLS_SHA256_NO_SHA224 */
+static const mbedtls_md_info_t mbedtls_sha256_info =
+ MBEDTLS_MD_INFO( MBEDTLS_MD_INFO_SHA256 );
+#endif /* MBEDTLS_SHA256_C */
+
+/*
+ * SHA-384 and SHA-512
+ */
+
+#if defined(MBEDTLS_SHA512_C)
+static const mbedtls_md_info_t mbedtls_sha384_info = {
+ MBEDTLS_MD_SHA384,
+ "SHA384",
+ 48,
+ 128,
+ mbedtls_sha384_starts_wrap,
+ mbedtls_sha384_update_wrap,
+ mbedtls_sha384_finish_wrap,
+ mbedtls_sha384_wrap,
+ mbedtls_sha384_ctx_alloc,
+ mbedtls_sha384_ctx_free,
+ mbedtls_sha384_clone_wrap,
+ mbedtls_sha384_process_wrap,
+};
+static const mbedtls_md_info_t mbedtls_sha512_info = {
+ MBEDTLS_MD_SHA512,
+ "SHA512",
+ 64,
+ 128,
+ mbedtls_sha512_starts_wrap,
+ mbedtls_sha384_update_wrap,
+ mbedtls_sha384_finish_wrap,
+ mbedtls_sha512_wrap,
+ mbedtls_sha384_ctx_alloc,
+ mbedtls_sha384_ctx_free,
+ mbedtls_sha384_clone_wrap,
+ mbedtls_sha384_process_wrap,
+};
+#endif /* MBEDTLS_SHA512_C */
+
/*
* Reminder: update profiles in x509_crt.c when adding a new hash!
*/
@@ -94,7 +264,7 @@
return( supported_digests );
}
-const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name )
+mbedtls_md_handle_t mbedtls_md_info_from_string( const char *md_name )
{
if( NULL == md_name )
return( NULL );
@@ -137,7 +307,7 @@
return( NULL );
}
-const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
+mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
{
switch( md_type )
{
@@ -180,25 +350,69 @@
}
}
+#else /* MBEDTLS_MD_SINGLE_HASH */
+
+const int *mbedtls_md_list( void )
+{
+ static int single_hash[2] =
+ { MBEDTLS_MD_INFO_TYPE( MBEDTLS_MD_SINGLE_HASH ),
+ MBEDTLS_MD_INVALID_HANDLE };
+
+ return( single_hash );
+}
+
+mbedtls_md_handle_t mbedtls_md_info_from_string( const char *md_name )
+{
+ static const char * const hash_name =
+ MBEDTLS_MD_INFO_NAME( MBEDTLS_MD_SINGLE_HASH );
+
+ if( md_name != NULL && strcmp( hash_name, md_name ) == 0 )
+ return( MBEDTLS_MD_UNIQUE_VALID_HANDLE );
+
+ return( MBEDTLS_MD_INVALID_HANDLE );
+}
+
+mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
+{
+ static const mbedtls_md_type_t hash_type =
+ MBEDTLS_MD_INFO_TYPE( MBEDTLS_MD_SINGLE_HASH );
+
+ if( hash_type == md_type )
+ return( MBEDTLS_MD_UNIQUE_VALID_HANDLE );
+
+ return( MBEDTLS_MD_INVALID_HANDLE );
+}
+
+#endif /* MBEDTLS_MD_SINGLE_HASH */
+
void mbedtls_md_init( mbedtls_md_context_t *ctx )
{
memset( ctx, 0, sizeof( mbedtls_md_context_t ) );
+
+#if defined(MBEDTLS_MD_SINGLE_HASH)
+ mbedtls_md_info_init( mbedtls_md_get_handle( ctx ),
+ ctx->md_ctx );
+#endif
}
void mbedtls_md_free( mbedtls_md_context_t *ctx )
{
- if( ctx == NULL || ctx->md_info == NULL )
+ if( ctx == NULL || mbedtls_md_get_handle( ctx ) == MBEDTLS_MD_INVALID_HANDLE )
return;
+#if !defined(MBEDTLS_MD_SINGLE_HASH)
if( ctx->md_ctx != NULL )
- ctx->md_info->ctx_free_func( ctx->md_ctx );
+ {
+ mbedtls_md_info_ctx_free( mbedtls_md_get_handle( ctx ), ctx->md_ctx );
+ }
if( ctx->hmac_ctx != NULL )
{
mbedtls_platform_zeroize( ctx->hmac_ctx,
- 2 * ctx->md_info->block_size );
+ 2 * mbedtls_md_info_block_size( mbedtls_md_get_handle( ctx ) ) );
mbedtls_free( ctx->hmac_ctx );
}
+#endif /* MBEDTLS_MD_SINGLE_HASH */
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md_context_t ) );
}
@@ -206,83 +420,57 @@
int mbedtls_md_clone( mbedtls_md_context_t *dst,
const mbedtls_md_context_t *src )
{
- if( dst == NULL || dst->md_info == NULL ||
- src == NULL || src->md_info == NULL ||
- dst->md_info != src->md_info )
+ if( dst == NULL || mbedtls_md_get_handle( dst ) == MBEDTLS_MD_INVALID_HANDLE ||
+ src == NULL || mbedtls_md_get_handle( src ) == MBEDTLS_MD_INVALID_HANDLE ||
+ mbedtls_md_get_handle( dst ) != mbedtls_md_get_handle( src ) )
{
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
}
- dst->md_info->clone_func( dst->md_ctx, src->md_ctx );
-
+ mbedtls_md_info_clone( mbedtls_md_get_handle( dst ),
+ dst->md_ctx, src->md_ctx );
return( 0 );
}
#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
-int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info )
+int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info )
{
return mbedtls_md_setup( ctx, md_info, 1 );
}
#endif
-int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac )
+#if !defined(MBEDTLS_MD_SINGLE_HASH)
+int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac )
{
- if( md_info == NULL || ctx == NULL )
- return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
- if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
- return( MBEDTLS_ERR_MD_ALLOC_FAILED );
-
- if( hmac != 0 )
- {
- ctx->hmac_ctx = mbedtls_calloc( 2, md_info->block_size );
- if( ctx->hmac_ctx == NULL )
- {
- md_info->ctx_free_func( ctx->md_ctx );
- return( MBEDTLS_ERR_MD_ALLOC_FAILED );
- }
- }
-
- ctx->md_info = md_info;
-
- return( 0 );
+ return( mbedtls_md_setup_internal( ctx, md_info, hmac ) );
}
int mbedtls_md_starts( mbedtls_md_context_t *ctx )
{
- if( ctx == NULL || ctx->md_info == NULL )
- return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
- return( ctx->md_info->starts_func( ctx->md_ctx ) );
+ return( mbedtls_md_starts_internal( ctx ) );
}
-int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
+int mbedtls_md_update( mbedtls_md_context_t *ctx,
+ const unsigned char *input,
+ size_t ilen )
{
- if( ctx == NULL || ctx->md_info == NULL )
- return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
- return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) );
+ return( mbedtls_md_update_internal( ctx, input, ilen ) );
}
int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
{
- if( ctx == NULL || ctx->md_info == NULL )
- return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
- return( ctx->md_info->finish_func( ctx->md_ctx, output ) );
+ return( mbedtls_md_finish_internal( ctx, output ) );
}
-int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
+int mbedtls_md( mbedtls_md_handle_t md_info, const unsigned char *input, size_t ilen,
unsigned char *output )
{
- if( md_info == NULL )
- return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
- return( md_info->digest_func( input, ilen, output ) );
+ return( mbedtls_md_internal( md_info, input, ilen, output ) );
}
+#endif /* !MBEDTLS_MD_SINGLE_HASH */
#if defined(MBEDTLS_FS_IO)
-int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output )
+int mbedtls_md_file( mbedtls_md_handle_t md_info, const char *path, unsigned char *output )
{
int ret;
FILE *f;
@@ -290,7 +478,7 @@
mbedtls_md_context_t ctx;
unsigned char buf[1024];
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
if( ( f = fopen( path, "rb" ) ) == NULL )
@@ -301,17 +489,27 @@
if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
goto cleanup;
- if( ( ret = md_info->starts_func( ctx.md_ctx ) ) != 0 )
+ ret = mbedtls_md_info_starts( md_info, ctx.md_ctx );
+ if( ret != 0 )
goto cleanup;
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
- if( ( ret = md_info->update_func( ctx.md_ctx, buf, n ) ) != 0 )
+ {
+ ret = mbedtls_md_info_update( md_info, ctx.md_ctx,
+ buf, n );
+ if( ret != 0 )
goto cleanup;
+ }
if( ferror( f ) != 0 )
+ {
ret = MBEDTLS_ERR_MD_FILE_IO_ERROR;
+ }
else
- ret = md_info->finish_func( ctx.md_ctx, output );
+ {
+ ret = mbedtls_md_info_finish( md_info, ctx.md_ctx,
+ output );
+ }
cleanup:
mbedtls_platform_zeroize( buf, sizeof( buf ) );
@@ -329,27 +527,44 @@
unsigned char *ipad, *opad;
size_t i;
- if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
+ mbedtls_md_handle_t md_info;
+
+ if( ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
- if( keylen > (size_t) ctx->md_info->block_size )
+#if !defined(MBEDTLS_MD_SINGLE_HASH)
+ if( ctx->hmac_ctx == NULL )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+#endif /* !MBEDTLS_MD_SINGLE_HASH */
+
+ md_info = mbedtls_md_get_handle( ctx );
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+ if( keylen > (size_t) mbedtls_md_info_block_size( md_info ) )
{
- if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
- goto cleanup;
- if( ( ret = ctx->md_info->update_func( ctx->md_ctx, key, keylen ) ) != 0 )
- goto cleanup;
- if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, sum ) ) != 0 )
+ if( ( ret = mbedtls_md_info_starts( md_info, ctx->md_ctx ) ) != 0 )
goto cleanup;
- keylen = ctx->md_info->size;
+ if( ( ret = mbedtls_md_info_update( md_info, ctx->md_ctx,
+ key, keylen ) ) != 0 )
+ {
+ goto cleanup;
+ }
+
+ if( ( ret = mbedtls_md_info_finish( md_info, ctx->md_ctx, sum ) ) != 0 )
+ goto cleanup;
+
+ keylen = mbedtls_md_info_size( md_info );
key = sum;
}
ipad = (unsigned char *) ctx->hmac_ctx;
- opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
+ opad = (unsigned char *) ctx->hmac_ctx +
+ mbedtls_md_info_block_size( md_info );
- memset( ipad, 0x36, ctx->md_info->block_size );
- memset( opad, 0x5C, ctx->md_info->block_size );
+ memset( ipad, 0x36, mbedtls_md_info_block_size( md_info ) );
+ memset( opad, 0x5C, mbedtls_md_info_block_size( md_info ) );
for( i = 0; i < keylen; i++ )
{
@@ -357,11 +572,14 @@
opad[i] = (unsigned char)( opad[i] ^ key[i] );
}
- if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
+ if( ( ret = mbedtls_md_info_starts( md_info, ctx->md_ctx ) ) != 0 )
goto cleanup;
- if( ( ret = ctx->md_info->update_func( ctx->md_ctx, ipad,
- ctx->md_info->block_size ) ) != 0 )
+
+ if( ( ret = mbedtls_md_info_update( md_info, ctx->md_ctx, ipad,
+ mbedtls_md_info_block_size( md_info ) ) ) != 0 )
+ {
goto cleanup;
+ }
cleanup:
mbedtls_platform_zeroize( sum, sizeof( sum ) );
@@ -369,12 +587,26 @@
return( ret );
}
-int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
+int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx,
+ const unsigned char *input, size_t ilen )
{
- if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
+ mbedtls_md_handle_t md_info;
+
+ if( ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
- return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) );
+#if !defined(MBEDTLS_MD_SINGLE_HASH)
+ if( ctx->hmac_ctx == NULL )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+#endif /* !MBEDTLS_MD_SINGLE_HASH */
+
+ md_info = mbedtls_md_get_handle( ctx );
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+ return( mbedtls_md_info_update( md_info,
+ ctx->md_ctx, input,
+ ilen ) );
}
int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
@@ -383,22 +615,45 @@
unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
unsigned char *opad;
- if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
+ mbedtls_md_handle_t md_info;
+
+ if( ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
- opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
+#if !defined(MBEDTLS_MD_SINGLE_HASH)
+ if( ctx->hmac_ctx == NULL )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+#endif /* !MBEDTLS_MD_SINGLE_HASH */
- if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, tmp ) ) != 0 )
+ md_info = mbedtls_md_get_handle( ctx );
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+ opad = (unsigned char *) ctx->hmac_ctx +
+ mbedtls_md_info_block_size( md_info );
+
+ if( ( ret = mbedtls_md_info_finish( md_info, ctx->md_ctx, tmp ) ) != 0 )
return( ret );
- if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
+
+ if( ( ret = mbedtls_md_info_starts( md_info, ctx->md_ctx ) ) != 0 )
return( ret );
- if( ( ret = ctx->md_info->update_func( ctx->md_ctx, opad,
- ctx->md_info->block_size ) ) != 0 )
+
+ if( ( ret = mbedtls_md_info_update( md_info, ctx->md_ctx, opad,
+ mbedtls_md_info_block_size( md_info ) ) ) != 0 )
+ {
return( ret );
- if( ( ret = ctx->md_info->update_func( ctx->md_ctx, tmp,
- ctx->md_info->size ) ) != 0 )
+ }
+
+ if( ( ret = mbedtls_md_info_update( md_info, ctx->md_ctx, tmp,
+ mbedtls_md_info_size( md_info ) ) ) != 0 )
+ {
return( ret );
- return( ctx->md_info->finish_func( ctx->md_ctx, output ) );
+ }
+
+ if( ( ret = mbedtls_md_info_finish( md_info, ctx->md_ctx, output ) ) != 0 )
+ return( ret );
+
+ return( 0 );
}
int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
@@ -406,18 +661,33 @@
int ret;
unsigned char *ipad;
- if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
+ mbedtls_md_handle_t md_info;
+
+ if( ctx == NULL )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+#if !defined(MBEDTLS_MD_SINGLE_HASH)
+ if( ctx->hmac_ctx == NULL )
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+#endif /* !MBEDTLS_MD_SINGLE_HASH */
+
+ md_info = mbedtls_md_get_handle( ctx );
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ipad = (unsigned char *) ctx->hmac_ctx;
- if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
+ ret = mbedtls_md_info_starts( md_info, ctx->md_ctx );
+ if( ret != 0 )
return( ret );
- return( ctx->md_info->update_func( ctx->md_ctx, ipad,
- ctx->md_info->block_size ) );
+
+ ret = mbedtls_md_info_update( md_info,
+ ctx->md_ctx, ipad,
+ mbedtls_md_info_block_size( md_info ) );
+ return( ret );
}
-int mbedtls_md_hmac( const mbedtls_md_info_t *md_info,
+int mbedtls_md_hmac( mbedtls_md_handle_t md_info,
const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output )
@@ -425,7 +695,7 @@
mbedtls_md_context_t ctx;
int ret;
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
mbedtls_md_init( &ctx );
@@ -446,36 +716,35 @@
return( ret );
}
+#if !defined(MBEDTLS_MD_SINGLE_HASH)
int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
{
- if( ctx == NULL || ctx->md_info == NULL )
- return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
- return( ctx->md_info->process_func( ctx->md_ctx, data ) );
+ return( mbedtls_md_process_internal( ctx, data ) );
}
+#endif /* !MBEDTLS_MD_SINGLE_HASH */
-unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info )
+unsigned char mbedtls_md_get_size( mbedtls_md_handle_t md_info )
{
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( 0 );
- return md_info->size;
+ return mbedtls_md_info_size( md_info );
}
-mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info )
+mbedtls_md_type_t mbedtls_md_get_type( mbedtls_md_handle_t md_info )
{
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_MD_NONE );
- return md_info->type;
+ return mbedtls_md_info_type( md_info );
}
-const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info )
+const char *mbedtls_md_get_name( mbedtls_md_handle_t md_info )
{
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( NULL );
- return md_info->name;
+ return mbedtls_md_info_name( md_info );
}
#endif /* MBEDTLS_MD_C */
diff --git a/library/md_wrap.c b/library/md_wrap.c
deleted file mode 100644
index 0f8132f..0000000
--- a/library/md_wrap.c
+++ /dev/null
@@ -1,592 +0,0 @@
-/**
- * \file md_wrap.c
- *
- * \brief Generic message digest wrapper for mbed TLS
- *
- * \author Adriaan de Jong <dejong@fox-it.com>
- *
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_MD_C)
-
-#include "mbedtls/md_internal.h"
-
-#if defined(MBEDTLS_MD2_C)
-#include "mbedtls/md2.h"
-#endif
-
-#if defined(MBEDTLS_MD4_C)
-#include "mbedtls/md4.h"
-#endif
-
-#if defined(MBEDTLS_MD5_C)
-#include "mbedtls/md5.h"
-#endif
-
-#if defined(MBEDTLS_RIPEMD160_C)
-#include "mbedtls/ripemd160.h"
-#endif
-
-#if defined(MBEDTLS_SHA1_C)
-#include "mbedtls/sha1.h"
-#endif
-
-#if defined(MBEDTLS_SHA256_C)
-#include "mbedtls/sha256.h"
-#endif
-
-#if defined(MBEDTLS_SHA512_C)
-#include "mbedtls/sha512.h"
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc calloc
-#define mbedtls_free free
-#endif
-
-#if defined(MBEDTLS_MD2_C)
-
-static int md2_starts_wrap( void *ctx )
-{
- return( mbedtls_md2_starts_ret( (mbedtls_md2_context *) ctx ) );
-}
-
-static int md2_update_wrap( void *ctx, const unsigned char *input,
- size_t ilen )
-{
- return( mbedtls_md2_update_ret( (mbedtls_md2_context *) ctx, input, ilen ) );
-}
-
-static int md2_finish_wrap( void *ctx, unsigned char *output )
-{
- return( mbedtls_md2_finish_ret( (mbedtls_md2_context *) ctx, output ) );
-}
-
-static void *md2_ctx_alloc( void )
-{
- void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md2_context ) );
-
- if( ctx != NULL )
- mbedtls_md2_init( (mbedtls_md2_context *) ctx );
-
- return( ctx );
-}
-
-static void md2_ctx_free( void *ctx )
-{
- mbedtls_md2_free( (mbedtls_md2_context *) ctx );
- mbedtls_free( ctx );
-}
-
-static void md2_clone_wrap( void *dst, const void *src )
-{
- mbedtls_md2_clone( (mbedtls_md2_context *) dst,
- (const mbedtls_md2_context *) src );
-}
-
-static int md2_process_wrap( void *ctx, const unsigned char *data )
-{
- ((void) data);
-
- return( mbedtls_internal_md2_process( (mbedtls_md2_context *) ctx ) );
-}
-
-const mbedtls_md_info_t mbedtls_md2_info = {
- MBEDTLS_MD_MD2,
- "MD2",
- 16,
- 16,
- md2_starts_wrap,
- md2_update_wrap,
- md2_finish_wrap,
- mbedtls_md2_ret,
- md2_ctx_alloc,
- md2_ctx_free,
- md2_clone_wrap,
- md2_process_wrap,
-};
-
-#endif /* MBEDTLS_MD2_C */
-
-#if defined(MBEDTLS_MD4_C)
-
-static int md4_starts_wrap( void *ctx )
-{
- return( mbedtls_md4_starts_ret( (mbedtls_md4_context *) ctx ) );
-}
-
-static int md4_update_wrap( void *ctx, const unsigned char *input,
- size_t ilen )
-{
- return( mbedtls_md4_update_ret( (mbedtls_md4_context *) ctx, input, ilen ) );
-}
-
-static int md4_finish_wrap( void *ctx, unsigned char *output )
-{
- return( mbedtls_md4_finish_ret( (mbedtls_md4_context *) ctx, output ) );
-}
-
-static void *md4_ctx_alloc( void )
-{
- void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md4_context ) );
-
- if( ctx != NULL )
- mbedtls_md4_init( (mbedtls_md4_context *) ctx );
-
- return( ctx );
-}
-
-static void md4_ctx_free( void *ctx )
-{
- mbedtls_md4_free( (mbedtls_md4_context *) ctx );
- mbedtls_free( ctx );
-}
-
-static void md4_clone_wrap( void *dst, const void *src )
-{
- mbedtls_md4_clone( (mbedtls_md4_context *) dst,
- (const mbedtls_md4_context *) src );
-}
-
-static int md4_process_wrap( void *ctx, const unsigned char *data )
-{
- return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) );
-}
-
-const mbedtls_md_info_t mbedtls_md4_info = {
- MBEDTLS_MD_MD4,
- "MD4",
- 16,
- 64,
- md4_starts_wrap,
- md4_update_wrap,
- md4_finish_wrap,
- mbedtls_md4_ret,
- md4_ctx_alloc,
- md4_ctx_free,
- md4_clone_wrap,
- md4_process_wrap,
-};
-
-#endif /* MBEDTLS_MD4_C */
-
-#if defined(MBEDTLS_MD5_C)
-
-static int md5_starts_wrap( void *ctx )
-{
- return( mbedtls_md5_starts_ret( (mbedtls_md5_context *) ctx ) );
-}
-
-static int md5_update_wrap( void *ctx, const unsigned char *input,
- size_t ilen )
-{
- return( mbedtls_md5_update_ret( (mbedtls_md5_context *) ctx, input, ilen ) );
-}
-
-static int md5_finish_wrap( void *ctx, unsigned char *output )
-{
- return( mbedtls_md5_finish_ret( (mbedtls_md5_context *) ctx, output ) );
-}
-
-static void *md5_ctx_alloc( void )
-{
- void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md5_context ) );
-
- if( ctx != NULL )
- mbedtls_md5_init( (mbedtls_md5_context *) ctx );
-
- return( ctx );
-}
-
-static void md5_ctx_free( void *ctx )
-{
- mbedtls_md5_free( (mbedtls_md5_context *) ctx );
- mbedtls_free( ctx );
-}
-
-static void md5_clone_wrap( void *dst, const void *src )
-{
- mbedtls_md5_clone( (mbedtls_md5_context *) dst,
- (const mbedtls_md5_context *) src );
-}
-
-static int md5_process_wrap( void *ctx, const unsigned char *data )
-{
- return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) );
-}
-
-const mbedtls_md_info_t mbedtls_md5_info = {
- MBEDTLS_MD_MD5,
- "MD5",
- 16,
- 64,
- md5_starts_wrap,
- md5_update_wrap,
- md5_finish_wrap,
- mbedtls_md5_ret,
- md5_ctx_alloc,
- md5_ctx_free,
- md5_clone_wrap,
- md5_process_wrap,
-};
-
-#endif /* MBEDTLS_MD5_C */
-
-#if defined(MBEDTLS_RIPEMD160_C)
-
-static int ripemd160_starts_wrap( void *ctx )
-{
- return( mbedtls_ripemd160_starts_ret( (mbedtls_ripemd160_context *) ctx ) );
-}
-
-static int ripemd160_update_wrap( void *ctx, const unsigned char *input,
- size_t ilen )
-{
- return( mbedtls_ripemd160_update_ret( (mbedtls_ripemd160_context *) ctx,
- input, ilen ) );
-}
-
-static int ripemd160_finish_wrap( void *ctx, unsigned char *output )
-{
- return( mbedtls_ripemd160_finish_ret( (mbedtls_ripemd160_context *) ctx,
- output ) );
-}
-
-static void *ripemd160_ctx_alloc( void )
-{
- void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ripemd160_context ) );
-
- if( ctx != NULL )
- mbedtls_ripemd160_init( (mbedtls_ripemd160_context *) ctx );
-
- return( ctx );
-}
-
-static void ripemd160_ctx_free( void *ctx )
-{
- mbedtls_ripemd160_free( (mbedtls_ripemd160_context *) ctx );
- mbedtls_free( ctx );
-}
-
-static void ripemd160_clone_wrap( void *dst, const void *src )
-{
- mbedtls_ripemd160_clone( (mbedtls_ripemd160_context *) dst,
- (const mbedtls_ripemd160_context *) src );
-}
-
-static int ripemd160_process_wrap( void *ctx, const unsigned char *data )
-{
- return( mbedtls_internal_ripemd160_process(
- (mbedtls_ripemd160_context *) ctx, data ) );
-}
-
-const mbedtls_md_info_t mbedtls_ripemd160_info = {
- MBEDTLS_MD_RIPEMD160,
- "RIPEMD160",
- 20,
- 64,
- ripemd160_starts_wrap,
- ripemd160_update_wrap,
- ripemd160_finish_wrap,
- mbedtls_ripemd160_ret,
- ripemd160_ctx_alloc,
- ripemd160_ctx_free,
- ripemd160_clone_wrap,
- ripemd160_process_wrap,
-};
-
-#endif /* MBEDTLS_RIPEMD160_C */
-
-#if defined(MBEDTLS_SHA1_C)
-
-static int sha1_starts_wrap( void *ctx )
-{
- return( mbedtls_sha1_starts_ret( (mbedtls_sha1_context *) ctx ) );
-}
-
-static int sha1_update_wrap( void *ctx, const unsigned char *input,
- size_t ilen )
-{
- return( mbedtls_sha1_update_ret( (mbedtls_sha1_context *) ctx,
- input, ilen ) );
-}
-
-static int sha1_finish_wrap( void *ctx, unsigned char *output )
-{
- return( mbedtls_sha1_finish_ret( (mbedtls_sha1_context *) ctx, output ) );
-}
-
-static void *sha1_ctx_alloc( void )
-{
- void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha1_context ) );
-
- if( ctx != NULL )
- mbedtls_sha1_init( (mbedtls_sha1_context *) ctx );
-
- return( ctx );
-}
-
-static void sha1_clone_wrap( void *dst, const void *src )
-{
- mbedtls_sha1_clone( (mbedtls_sha1_context *) dst,
- (const mbedtls_sha1_context *) src );
-}
-
-static void sha1_ctx_free( void *ctx )
-{
- mbedtls_sha1_free( (mbedtls_sha1_context *) ctx );
- mbedtls_free( ctx );
-}
-
-static int sha1_process_wrap( void *ctx, const unsigned char *data )
-{
- return( mbedtls_internal_sha1_process( (mbedtls_sha1_context *) ctx,
- data ) );
-}
-
-const mbedtls_md_info_t mbedtls_sha1_info = {
- MBEDTLS_MD_SHA1,
- "SHA1",
- 20,
- 64,
- sha1_starts_wrap,
- sha1_update_wrap,
- sha1_finish_wrap,
- mbedtls_sha1_ret,
- sha1_ctx_alloc,
- sha1_ctx_free,
- sha1_clone_wrap,
- sha1_process_wrap,
-};
-
-#endif /* MBEDTLS_SHA1_C */
-
-/*
- * Wrappers for generic message digests
- */
-#if defined(MBEDTLS_SHA256_C)
-
-#if !defined(MBEDTLS_SHA256_NO_SHA224)
-static int sha224_starts_wrap( void *ctx )
-{
- return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) );
-}
-#endif /* !MBEDTLS_SHA256_NO_SHA224 */
-
-static int sha224_update_wrap( void *ctx, const unsigned char *input,
- size_t ilen )
-{
- return( mbedtls_sha256_update_ret( (mbedtls_sha256_context *) ctx,
- input, ilen ) );
-}
-
-static int sha224_finish_wrap( void *ctx, unsigned char *output )
-{
- return( mbedtls_sha256_finish_ret( (mbedtls_sha256_context *) ctx,
- output ) );
-}
-
-#if !defined(MBEDTLS_SHA256_NO_SHA224)
-static int sha224_wrap( const unsigned char *input, size_t ilen,
- unsigned char *output )
-{
- return( mbedtls_sha256_ret( input, ilen, output, 1 ) );
-}
-#endif /* !MBEDTLS_SHA256_NO_SHA224 */
-
-static void *sha224_ctx_alloc( void )
-{
- void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha256_context ) );
-
- if( ctx != NULL )
- mbedtls_sha256_init( (mbedtls_sha256_context *) ctx );
-
- return( ctx );
-}
-
-static void sha224_ctx_free( void *ctx )
-{
- mbedtls_sha256_free( (mbedtls_sha256_context *) ctx );
- mbedtls_free( ctx );
-}
-
-static void sha224_clone_wrap( void *dst, const void *src )
-{
- mbedtls_sha256_clone( (mbedtls_sha256_context *) dst,
- (const mbedtls_sha256_context *) src );
-}
-
-static int sha224_process_wrap( void *ctx, const unsigned char *data )
-{
- return( mbedtls_internal_sha256_process( (mbedtls_sha256_context *) ctx,
- data ) );
-}
-
-#if !defined(MBEDTLS_SHA256_NO_SHA224)
-const mbedtls_md_info_t mbedtls_sha224_info = {
- MBEDTLS_MD_SHA224,
- "SHA224",
- 28,
- 64,
- sha224_starts_wrap,
- sha224_update_wrap,
- sha224_finish_wrap,
- sha224_wrap,
- sha224_ctx_alloc,
- sha224_ctx_free,
- sha224_clone_wrap,
- sha224_process_wrap,
-};
-#endif /* !MBEDTLS_SHA256_NO_SHA224 */
-
-static int sha256_starts_wrap( void *ctx )
-{
- return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 0 ) );
-}
-
-static int sha256_wrap( const unsigned char *input, size_t ilen,
- unsigned char *output )
-{
- return( mbedtls_sha256_ret( input, ilen, output, 0 ) );
-}
-
-const mbedtls_md_info_t mbedtls_sha256_info = {
- MBEDTLS_MD_SHA256,
- "SHA256",
- 32,
- 64,
- sha256_starts_wrap,
- sha224_update_wrap,
- sha224_finish_wrap,
- sha256_wrap,
- sha224_ctx_alloc,
- sha224_ctx_free,
- sha224_clone_wrap,
- sha224_process_wrap,
-};
-
-#endif /* MBEDTLS_SHA256_C */
-
-#if defined(MBEDTLS_SHA512_C)
-
-static int sha384_starts_wrap( void *ctx )
-{
- return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 1 ) );
-}
-
-static int sha384_update_wrap( void *ctx, const unsigned char *input,
- size_t ilen )
-{
- return( mbedtls_sha512_update_ret( (mbedtls_sha512_context *) ctx,
- input, ilen ) );
-}
-
-static int sha384_finish_wrap( void *ctx, unsigned char *output )
-{
- return( mbedtls_sha512_finish_ret( (mbedtls_sha512_context *) ctx,
- output ) );
-}
-
-static int sha384_wrap( const unsigned char *input, size_t ilen,
- unsigned char *output )
-{
- return( mbedtls_sha512_ret( input, ilen, output, 1 ) );
-}
-
-static void *sha384_ctx_alloc( void )
-{
- void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha512_context ) );
-
- if( ctx != NULL )
- mbedtls_sha512_init( (mbedtls_sha512_context *) ctx );
-
- return( ctx );
-}
-
-static void sha384_ctx_free( void *ctx )
-{
- mbedtls_sha512_free( (mbedtls_sha512_context *) ctx );
- mbedtls_free( ctx );
-}
-
-static void sha384_clone_wrap( void *dst, const void *src )
-{
- mbedtls_sha512_clone( (mbedtls_sha512_context *) dst,
- (const mbedtls_sha512_context *) src );
-}
-
-static int sha384_process_wrap( void *ctx, const unsigned char *data )
-{
- return( mbedtls_internal_sha512_process( (mbedtls_sha512_context *) ctx,
- data ) );
-}
-
-const mbedtls_md_info_t mbedtls_sha384_info = {
- MBEDTLS_MD_SHA384,
- "SHA384",
- 48,
- 128,
- sha384_starts_wrap,
- sha384_update_wrap,
- sha384_finish_wrap,
- sha384_wrap,
- sha384_ctx_alloc,
- sha384_ctx_free,
- sha384_clone_wrap,
- sha384_process_wrap,
-};
-
-static int sha512_starts_wrap( void *ctx )
-{
- return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 0 ) );
-}
-
-static int sha512_wrap( const unsigned char *input, size_t ilen,
- unsigned char *output )
-{
- return( mbedtls_sha512_ret( input, ilen, output, 0 ) );
-}
-
-const mbedtls_md_info_t mbedtls_sha512_info = {
- MBEDTLS_MD_SHA512,
- "SHA512",
- 64,
- 128,
- sha512_starts_wrap,
- sha384_update_wrap,
- sha384_finish_wrap,
- sha512_wrap,
- sha384_ctx_alloc,
- sha384_ctx_free,
- sha384_clone_wrap,
- sha384_process_wrap,
-};
-
-#endif /* MBEDTLS_SHA512_C */
-
-#endif /* MBEDTLS_MD_C */
diff --git a/library/pk.c b/library/pk.c
index 161a135..93c5764 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -205,13 +205,16 @@
*/
static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len )
{
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
if( *hash_len != 0 )
return( 0 );
- if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
+ if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) ==
+ MBEDTLS_MD_INVALID_HANDLE )
+ {
return( -1 );
+ }
*hash_len = mbedtls_md_get_size( md_info );
return( 0 );
diff --git a/library/pkcs11.c b/library/pkcs11.c
index 0ea6425..9ef5353 100644
--- a/library/pkcs11.c
+++ b/library/pkcs11.c
@@ -183,8 +183,8 @@
if( md_alg != MBEDTLS_MD_NONE )
{
- const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
- if( md_info == NULL )
+ mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( md_alg );
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 )
diff --git a/library/pkcs12.c b/library/pkcs12.c
index 7edf064..e16d0a9 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -261,7 +261,7 @@
size_t hlen, use_len, v, i;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
// This version only allows max of 64 bytes of password or salt
@@ -269,7 +269,7 @@
return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA );
md_info = mbedtls_md_info_from_type( md_type );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
mbedtls_md_init( &md_ctx );
diff --git a/library/pkcs5.c b/library/pkcs5.c
index 5013343..a517778 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c
@@ -122,7 +122,7 @@
mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1;
unsigned char key[32], iv[32];
size_t olen = 0;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
const mbedtls_cipher_info_t *cipher_info;
mbedtls_md_context_t md_ctx;
mbedtls_cipher_type_t cipher_alg;
@@ -157,7 +157,7 @@
}
md_info = mbedtls_md_info_from_type( md_type );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
if( ( ret = mbedtls_asn1_get_alg( &p, end, &enc_scheme_oid,
@@ -226,7 +226,7 @@
unsigned int i;
unsigned char md1[MBEDTLS_MD_MAX_SIZE];
unsigned char work[MBEDTLS_MD_MAX_SIZE];
- unsigned char md_size = mbedtls_md_get_size( ctx->md_info );
+ unsigned char md_size = mbedtls_md_get_size( mbedtls_md_get_handle( ctx ) );
size_t use_len;
unsigned char *out_p = output;
unsigned char counter[4];
@@ -356,14 +356,14 @@
int mbedtls_pkcs5_self_test( int verbose )
{
mbedtls_md_context_t sha1_ctx;
- const mbedtls_md_info_t *info_sha1;
+ mbedtls_md_handle_t info_sha1;
int ret, i;
unsigned char key[64];
mbedtls_md_init( &sha1_ctx );
info_sha1 = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
- if( info_sha1 == NULL )
+ if( info_sha1 == MBEDTLS_MD_INVALID_HANDLE )
{
ret = 1;
goto exit;
diff --git a/library/rsa.c b/library/rsa.c
index af1a878..3bfc73e 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -1076,7 +1076,7 @@
memset( mask, 0, MBEDTLS_MD_MAX_SIZE );
memset( counter, 0, 4 );
- hlen = mbedtls_md_get_size( md_ctx->md_info );
+ hlen = mbedtls_md_get_size( mbedtls_md_get_handle( md_ctx ) );
/* Generate and apply dbMask */
p = dst;
@@ -1128,7 +1128,7 @@
int ret;
unsigned char *p = output;
unsigned int hlen;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
RSA_VALIDATE_RET( ctx != NULL );
@@ -1145,7 +1145,7 @@
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
olen = ctx->len;
@@ -1326,7 +1326,7 @@
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
unsigned char lhash[MBEDTLS_MD_MAX_SIZE];
unsigned int hlen;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
RSA_VALIDATE_RET( ctx != NULL );
@@ -1349,7 +1349,7 @@
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
hlen = mbedtls_md_get_size( md_info );
@@ -1767,7 +1767,7 @@
size_t slen, min_slen, hlen, offset = 0;
int ret;
size_t msb;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
RSA_VALIDATE_RET( ctx != NULL );
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
@@ -1789,14 +1789,14 @@
{
/* Gather length of hash to sign */
md_info = mbedtls_md_info_from_type( md_alg );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
hashlen = mbedtls_md_get_size( md_info );
}
md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
hlen = mbedtls_md_get_size( md_info );
@@ -1910,8 +1910,8 @@
/* Are we signing hashed or raw data? */
if( md_alg != MBEDTLS_MD_NONE )
{
- const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
- if( md_info == NULL )
+ mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( md_alg );
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 )
@@ -2150,7 +2150,7 @@
unsigned char zeros[8];
unsigned int hlen;
size_t observed_salt_len, msb;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
@@ -2186,14 +2186,14 @@
{
/* Gather length of hash to sign */
md_info = mbedtls_md_info_from_type( md_alg );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
hashlen = mbedtls_md_get_size( md_info );
}
md_info = mbedtls_md_info_from_type( mgf1_hash_id );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
hlen = mbedtls_md_get_size( md_info );
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 56e0689..e9f6634 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -660,7 +660,7 @@
const unsigned char *S1, *S2;
unsigned char tmp[128];
unsigned char h_i[20];
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
int ret;
@@ -681,8 +681,11 @@
/*
* First compute P_md5(secret,label+random)[0..dlen]
*/
- if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == NULL )
+ if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) ==
+ MBEDTLS_MD_INVALID_HANDLE )
+ {
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
return( ret );
@@ -712,8 +715,11 @@
/*
* XOR out with P_sha1(secret,label+random)[0..dlen]
*/
- if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL )
+ if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) ==
+ MBEDTLS_MD_INVALID_HANDLE )
+ {
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
return( ret );
@@ -763,14 +769,17 @@
size_t i, j, k, md_len;
unsigned char tmp[128];
unsigned char h_i[MBEDTLS_MD_MAX_SIZE];
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
int ret;
mbedtls_md_init( &md_ctx );
- if( ( md_info = mbedtls_md_info_from_type( md_type ) ) == NULL )
+ if( ( md_info = mbedtls_md_info_from_type( md_type ) ) ==
+ MBEDTLS_MD_INVALID_HANDLE )
+ {
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
md_len = mbedtls_md_get_size( md_info );
@@ -1244,7 +1253,7 @@
unsigned keylen;
mbedtls_ssl_ciphersuite_handle_t ciphersuite_info;
const mbedtls_cipher_info_t *cipher_info;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
#if !defined(MBEDTLS_SSL_HW_RECORD_ACCEL) && \
!defined(MBEDTLS_SSL_EXPORT_KEYS) && \
@@ -1293,7 +1302,7 @@
md_info = mbedtls_md_info_from_type(
mbedtls_ssl_suite_get_mac( ciphersuite_info ) );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %d not found",
mbedtls_ssl_suite_get_mac( ciphersuite_info ) ) );
@@ -3376,7 +3385,8 @@
memset( tmp, 0, sizeof( tmp ) );
- switch( mbedtls_md_get_type( transform->md_ctx_dec.md_info ) )
+ switch( mbedtls_md_get_type(
+ mbedtls_md_get_handle( &transform->md_ctx_dec ) ) )
{
#if defined(MBEDTLS_MD5_C) || defined(MBEDTLS_SHA1_C) || \
defined(MBEDTLS_SHA256_C)
@@ -6899,13 +6909,16 @@
ssl->session->peer_cert_digest;
mbedtls_md_type_t const peer_cert_digest_type =
ssl->session->peer_cert_digest_type;
- mbedtls_md_info_t const * const digest_info =
+ mbedtls_md_handle_t digest_info =
mbedtls_md_info_from_type( peer_cert_digest_type );
unsigned char tmp_digest[MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN];
size_t digest_len;
- if( peer_cert_digest == NULL || digest_info == NULL )
+ if( peer_cert_digest == NULL ||
+ digest_info == MBEDTLS_MD_INVALID_HANDLE )
+ {
return( -1 );
+ }
digest_len = mbedtls_md_get_size( digest_info );
if( digest_len > MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN )
@@ -10133,9 +10146,9 @@
if( session->peer_cert_digest_len != 0 )
{
- const mbedtls_md_info_t *md_info =
+ mbedtls_md_handle_t md_info =
mbedtls_md_info_from_type( session->peer_cert_digest_type );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
if( session->peer_cert_digest_len != mbedtls_md_get_size( md_info ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@@ -12515,7 +12528,7 @@
{
int ret = 0;
mbedtls_md_context_t ctx;
- const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
+ mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( md_alg );
*hashlen = mbedtls_md_get_size( md_info );
mbedtls_md_init( &ctx );
diff --git a/library/x509.c b/library/x509.c
index beb2633..d570f71 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -1065,7 +1065,7 @@
if( pk_alg == MBEDTLS_PK_RSASSA_PSS )
{
const mbedtls_pk_rsassa_pss_options *pss_opts;
- const mbedtls_md_info_t *md_info, *mgf_md_info;
+ mbedtls_md_handle_t md_info, mgf_md_info;
pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts;
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 0676e64..dfd9111 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -2071,7 +2071,7 @@
static int x509_crt_get_sig_info( mbedtls_x509_crt_frame const *frame,
mbedtls_x509_crt_sig_info *info )
{
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
md_info = mbedtls_md_info_from_type( frame->sig_md );
if( mbedtls_md( md_info, frame->tbs.p, frame->tbs.len,
@@ -2688,7 +2688,7 @@
int ret;
int flags = 0;
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_x509_buf_raw ca_subject;
mbedtls_pk_context *pk;
int can_sign;
diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c
index a5acf5b..8d671ab 100644
--- a/programs/aes/crypt_and_hash.c
+++ b/programs/aes/crypt_and_hash.c
@@ -100,7 +100,7 @@
unsigned char diff;
const mbedtls_cipher_info_t *cipher_info;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_cipher_context_t cipher_ctx;
mbedtls_md_context_t md_ctx;
#if defined(_WIN32_WCE)
@@ -192,7 +192,7 @@
}
md_info = mbedtls_md_info_from_string( argv[5] );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
{
mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[5] );
goto exit;
diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c
index 709a149..ed5357f 100644
--- a/programs/hash/generic_sum.c
+++ b/programs/hash/generic_sum.c
@@ -53,7 +53,7 @@
#else
-static int generic_wrapper( const mbedtls_md_info_t *md_info, char *filename, unsigned char *sum )
+static int generic_wrapper( mbedtls_md_handle_t md_info, char *filename, unsigned char *sum )
{
int ret = mbedtls_md_file( md_info, filename, sum );
@@ -66,7 +66,7 @@
return( ret );
}
-static int generic_print( const mbedtls_md_info_t *md_info, char *filename )
+static int generic_print( mbedtls_md_handle_t md_info, char *filename )
{
int i;
unsigned char sum[MBEDTLS_MD_MAX_SIZE];
@@ -81,7 +81,7 @@
return( 0 );
}
-static int generic_check( const mbedtls_md_info_t *md_info, char *filename )
+static int generic_check( mbedtls_md_handle_t md_info, char *filename )
{
int i;
size_t n;
@@ -177,7 +177,7 @@
{
int ret = 1, i;
int exit_code = MBEDTLS_EXIT_FAILURE;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
mbedtls_md_init( &md_ctx );
@@ -210,7 +210,7 @@
* Read the MD from the command line
*/
md_info = mbedtls_md_info_from_string( argv[1] );
- if( md_info == NULL )
+ if( md_info == MBEDTLS_MD_INVALID_HANDLE )
{
mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[1] );
return( exit_code );
diff --git a/programs/ssl/query_config.c b/programs/ssl/query_config.c
index c2de82a..71a212d 100644
--- a/programs/ssl/query_config.c
+++ b/programs/ssl/query_config.c
@@ -2914,6 +2914,14 @@
}
#endif /* MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_TLS_ID */
+#if defined(MBEDTLS_MD_SINGLE_HASH)
+ if( strcmp( "MBEDTLS_MD_SINGLE_HASH", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MD_SINGLE_HASH );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MD_SINGLE_HASH */
+
/* If the symbol is not found, return an error */
return( 1 );
}
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index 2b86566..88e3290 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -693,13 +693,16 @@
if( todo.hmac_drbg )
{
mbedtls_hmac_drbg_context hmac_drbg;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_hmac_drbg_init( &hmac_drbg );
#if defined(MBEDTLS_SHA1_C)
- if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL )
+ if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) ==
+ MBEDTLS_MD_INVALID_HANDLE )
+ {
mbedtls_exit(1);
+ }
if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
@@ -715,8 +718,11 @@
#endif
#if defined(MBEDTLS_SHA256_C)
- if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) == NULL )
+ if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) ==
+ MBEDTLS_MD_INVALID_HANDLE )
+ {
mbedtls_exit(1);
+ }
if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp
index 3c9c278..dcbd5ff 100644
--- a/programs/test/cpp_dummy_build.cpp
+++ b/programs/test/cpp_dummy_build.cpp
@@ -66,7 +66,6 @@
#include "mbedtls/md2.h"
#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
-#include "mbedtls/md_internal.h"
#include "mbedtls/net.h"
#include "mbedtls/net_sockets.h"
#include "mbedtls/nist_kw.h"
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index ff0019b..977ee9c 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -904,6 +904,34 @@
if_build_succeeded tests/ssl-opt.sh -f '^Default$\|^Default, DTLS$'
}
+component_test_hardcoded_hash_cmake_clang() {
+ msg "build: cmake, full config + MBEDTLS_MD_SINGLE_HASH, clang" # ~ 50s
+ scripts/config.pl full
+ scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
+ scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ scripts/config.pl unset MBEDTLS_SHA1_C
+ scripts/config.pl unset MBEDTLS_SHA512_C
+ scripts/config.pl set MBEDTLS_SHA256_NO_SHA224
+ scripts/config.pl unset MBEDTLS_MD2_C
+ scripts/config.pl unset MBEDTLS_MD4_C
+ scripts/config.pl unset MBEDTLS_MD5_C
+ scripts/config.pl unset MBEDTLS_RIPEMD160_C
+ scripts/config.pl unset MBEDTLS_SSL_PROTO_SSL3
+ scripts/config.pl unset MBEDTLS_SSL_PROTO_TLS1
+ scripts/config.pl unset MBEDTLS_SSL_PROTO_TLS1_1
+ scripts/config.pl unset MBEDTLS_SSL_CBC_RECORD_SPLITTING
+ scripts/config.pl set MBEDTLS_MD_SINGLE_HASH MBEDTLS_MD_INFO_SHA256
+
+ CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check -D ENABLE_TESTING=On .
+ make
+
+ msg "test: main suites (full config + MBEDTLS_MD_SINGLE_HASH)" # ~ 5s
+ make test
+
+ msg "test: ssl-opt.sh default (full config + MBEDTLS_MD_SINGLE_HASH)" # ~ 5s
+ if_build_succeeded tests/ssl-opt.sh -f '^Default$\|^Default, DTLS$'
+}
+
component_build_deprecated () {
msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s
scripts/config.pl full
diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function
index 22d92b6..fa77dfa 100644
--- a/tests/suites/test_suite_ecdsa.function
+++ b/tests/suites/test_suite_ecdsa.function
@@ -307,7 +307,7 @@
mbedtls_mpi d, r, s, r_check, s_check;
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
size_t hlen;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_ecp_group_init( &grp );
mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s );
@@ -320,7 +320,7 @@
TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 );
md_info = mbedtls_md_info_from_type( md_alg );
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
hlen = mbedtls_md_get_size( md_info );
TEST_ASSERT( mbedtls_md( md_info, (const unsigned char *) msg,
strlen( msg ), hash ) == 0 );
@@ -476,7 +476,7 @@
unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN];
size_t hlen, slen, slen_check;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_ecdsa_restart_init( &rs_ctx );
mbedtls_ecdsa_init( &ctx );
@@ -489,7 +489,7 @@
slen_check = unhexify( sig_check, sig_str );
md_info = mbedtls_md_info_from_type( md_alg );
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
hlen = mbedtls_md_get_size( md_info );
mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash );
diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function
index 3e87207..77f0d5d 100644
--- a/tests/suites/test_suite_hkdf.function
+++ b/tests/suites/test_suite_hkdf.function
@@ -1,6 +1,5 @@
/* BEGIN_HEADER */
#include "mbedtls/hkdf.h"
-#include "mbedtls/md_internal.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -25,8 +24,8 @@
*/
unsigned char okm_hex[257] = { '\0' };
- const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg );
- TEST_ASSERT( md != NULL );
+ mbedtls_md_handle_t md = mbedtls_md_info_from_type( md_alg );
+ TEST_ASSERT( md != MBEDTLS_MD_INVALID_HANDLE );
ikm_len = unhexify( ikm, hex_ikm_string );
salt_len = unhexify( salt, hex_salt_string );
@@ -54,8 +53,8 @@
unsigned char *output_prk = NULL;
size_t ikm_len, salt_len, prk_len, output_prk_len;
- const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg );
- TEST_ASSERT( md != NULL );
+ mbedtls_md_handle_t md = mbedtls_md_info_from_type( md_alg );
+ TEST_ASSERT( md != MBEDTLS_MD_INVALID_HANDLE );
output_prk_len = mbedtls_md_get_size( md );
output_prk = mbedtls_calloc( 1, output_prk_len );
@@ -90,8 +89,8 @@
unsigned char *output_okm = NULL;
size_t info_len, prk_len, okm_len;
- const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg );
- TEST_ASSERT( md != NULL );
+ mbedtls_md_handle_t md = mbedtls_md_info_from_type( md_alg );
+ TEST_ASSERT( md != MBEDTLS_MD_INVALID_HANDLE );
output_okm = mbedtls_calloc( OKM_LEN, 1 );
@@ -114,7 +113,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:!MBEDTLS_MD_SINGLE_HASH */
void test_hkdf_extract_ret( int hash_len, int ret )
{
int output_ret;
@@ -141,7 +140,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:!MBEDTLS_MD_SINGLE_HASH */
void test_hkdf_expand_ret( int hash_len, int prk_len, int okm_len, int ret )
{
int output_ret;
diff --git a/tests/suites/test_suite_hmac_drbg.function b/tests/suites/test_suite_hmac_drbg.function
index 13bc400..da280db 100644
--- a/tests/suites/test_suite_hmac_drbg.function
+++ b/tests/suites/test_suite_hmac_drbg.function
@@ -34,7 +34,7 @@
{
unsigned char out[16];
unsigned char buf[1024];
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_hmac_drbg_context ctx;
entropy_ctx entropy;
size_t last_len, i, reps = 10;
@@ -47,7 +47,7 @@
entropy.p = buf;
md_info = mbedtls_md_info_from_type( md_alg );
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
/* Init must use entropy */
last_len = entropy.len;
@@ -112,13 +112,13 @@
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
void hmac_drbg_seed_file( int md_alg, char * path, int ret )
{
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_hmac_drbg_context ctx;
mbedtls_hmac_drbg_init( &ctx );
md_info = mbedtls_md_info_from_type( md_alg );
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, rnd_std_rand, NULL,
NULL, 0 ) == 0 );
@@ -136,7 +136,7 @@
{
unsigned char out[16];
unsigned char buf[100];
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_hmac_drbg_context ctx;
size_t i;
@@ -145,7 +145,7 @@
memset( out, 0, sizeof( out ) );
md_info = mbedtls_md_info_from_type( md_alg );
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( mbedtls_hmac_drbg_seed_buf( &ctx, md_info, buf, sizeof( buf ) ) == 0 );
/* Make sure it never tries to reseed (would segfault otherwise) */
@@ -168,7 +168,7 @@
unsigned char data[1024];
unsigned char my_output[512];
entropy_ctx p_entropy;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_hmac_drbg_context ctx;
mbedtls_hmac_drbg_init( &ctx );
@@ -177,7 +177,7 @@
p_entropy.len = entropy->len;
md_info = mbedtls_md_info_from_type( md_alg );
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
/* Test the simplified buffer-based variant */
memcpy( data, entropy->x, p_entropy.len );
@@ -215,7 +215,7 @@
{
unsigned char my_output[512];
entropy_ctx p_entropy;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_hmac_drbg_context ctx;
mbedtls_hmac_drbg_init( &ctx );
@@ -224,7 +224,7 @@
p_entropy.len = entropy->len;
md_info = mbedtls_md_info_from_type( md_alg );
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy,
custom->x, custom->len ) == 0 );
@@ -247,7 +247,7 @@
{
unsigned char my_output[512];
entropy_ctx p_entropy;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_hmac_drbg_context ctx;
mbedtls_hmac_drbg_init( &ctx );
@@ -256,7 +256,7 @@
p_entropy.len = entropy->len;
md_info = mbedtls_md_info_from_type( md_alg );
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy,
custom->x, custom->len ) == 0 );
diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function
index 11cf88a..31d5aaf 100644
--- a/tests/suites/test_suite_md.function
+++ b/tests/suites/test_suite_md.function
@@ -11,7 +11,7 @@
void mbedtls_md_process( )
{
const int *md_type_ptr;
- const mbedtls_md_info_t *info;
+ mbedtls_md_handle_t info;
mbedtls_md_context_t ctx;
unsigned char buf[150];
@@ -28,7 +28,7 @@
for( md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++ )
{
info = mbedtls_md_info_from_type( *md_type_ptr );
- TEST_ASSERT( info != NULL );
+ TEST_ASSERT( info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( mbedtls_md_setup( &ctx, info, 0 ) == 0 );
TEST_ASSERT( mbedtls_md_process( &ctx, buf ) == 0 );
mbedtls_md_free( &ctx );
@@ -39,22 +39,26 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:!MBEDTLS_MD_SINGLE_HASH */
void md_null_args( )
{
mbedtls_md_context_t ctx;
- const mbedtls_md_info_t *info = mbedtls_md_info_from_type( *( mbedtls_md_list() ) );
+ mbedtls_md_handle_t info = mbedtls_md_info_from_type( *( mbedtls_md_list() ) );
unsigned char buf[1] = { 0 };
mbedtls_md_init( &ctx );
- TEST_ASSERT( mbedtls_md_get_size( NULL ) == 0 );
- TEST_ASSERT( mbedtls_md_get_type( NULL ) == MBEDTLS_MD_NONE );
- TEST_ASSERT( mbedtls_md_get_name( NULL ) == NULL );
+ TEST_ASSERT( mbedtls_md_get_size( MBEDTLS_MD_INVALID_HANDLE )
+ == 0 );
+ TEST_ASSERT( mbedtls_md_get_type( MBEDTLS_MD_INVALID_HANDLE )
+ == MBEDTLS_MD_NONE );
+ TEST_ASSERT( mbedtls_md_get_name( MBEDTLS_MD_INVALID_HANDLE )
+ == NULL );
- TEST_ASSERT( mbedtls_md_info_from_string( NULL ) == NULL );
+ TEST_ASSERT( mbedtls_md_info_from_string( NULL ) == MBEDTLS_MD_INVALID_HANDLE );
- TEST_ASSERT( mbedtls_md_setup( &ctx, NULL, 0 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_md_setup( &ctx, MBEDTLS_MD_INVALID_HANDLE, 0 )
+ == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md_setup( NULL, info, 0 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md_starts( NULL ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@@ -66,10 +70,12 @@
TEST_ASSERT( mbedtls_md_finish( NULL, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md_finish( &ctx, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
- TEST_ASSERT( mbedtls_md( NULL, buf, 1, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_md( MBEDTLS_MD_INVALID_HANDLE,
+ buf, 1, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
#if defined(MBEDTLS_FS_IO)
- TEST_ASSERT( mbedtls_md_file( NULL, "", buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+ TEST_ASSERT( mbedtls_md_file( MBEDTLS_MD_INVALID_HANDLE,
+ "", buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
#endif
TEST_ASSERT( mbedtls_md_hmac_starts( NULL, buf, 1 )
@@ -90,27 +96,29 @@
TEST_ASSERT( mbedtls_md_hmac_reset( NULL ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md_hmac_reset( &ctx ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
- TEST_ASSERT( mbedtls_md_hmac( NULL, buf, 1, buf, 1, buf )
+ TEST_ASSERT( mbedtls_md_hmac( MBEDTLS_MD_INVALID_HANDLE, buf, 1, buf, 1, buf )
== MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md_process( NULL, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md_process( &ctx, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
/* Ok, this is not NULL arg but NULL return... */
- TEST_ASSERT( mbedtls_md_info_from_type( MBEDTLS_MD_NONE ) == NULL );
- TEST_ASSERT( mbedtls_md_info_from_string( "no such md" ) == NULL );
+ TEST_ASSERT( mbedtls_md_info_from_type( MBEDTLS_MD_NONE ) ==
+ MBEDTLS_MD_INVALID_HANDLE );
+ TEST_ASSERT( mbedtls_md_info_from_string( "no such md" ) ==
+ MBEDTLS_MD_INVALID_HANDLE );
}
/* END_CASE */
/* BEGIN_CASE */
void md_info( int md_type, char * md_name, int md_size )
{
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
const int *md_type_ptr;
int found;
md_info = mbedtls_md_info_from_type( md_type );
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( md_info == mbedtls_md_info_from_string( md_name ) );
TEST_ASSERT( mbedtls_md_get_type( md_info ) == (mbedtls_md_type_t) md_type );
@@ -132,7 +140,7 @@
char md_name[100];
unsigned char src_str[1000];
unsigned char output[100];
- const mbedtls_md_info_t *md_info = NULL;
+ mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE;
memset( md_name, 0x00, 100 );
memset( src_str, 0x00, 1000 );
@@ -141,7 +149,7 @@
strncpy( (char *) src_str, text_src_string, sizeof( src_str ) - 1 );
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
md_info = mbedtls_md_info_from_string(md_name);
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str, strlen( (char *) src_str ), output ) );
@@ -155,14 +163,14 @@
{
char md_name[100];
unsigned char output[100];
- const mbedtls_md_info_t *md_info = NULL;
+ mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE;
memset( md_name, 0x00, 100 );
memset( output, 0x00, 100 );
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
md_info = mbedtls_md_info_from_string( md_name );
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str->x, src_str->len, output ) );
@@ -181,7 +189,7 @@
unsigned char output[100];
int halfway, len;
- const mbedtls_md_info_t *md_info = NULL;
+ mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE;
mbedtls_md_context_t ctx, ctx_copy;
mbedtls_md_init( &ctx );
@@ -197,7 +205,7 @@
halfway = len / 2;
md_info = mbedtls_md_info_from_string(md_name);
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) );
TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) );
@@ -230,7 +238,7 @@
{
char md_name[100];
unsigned char output[100];
- const mbedtls_md_info_t *md_info = NULL;
+ mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE;
mbedtls_md_context_t ctx, ctx_copy;
int halfway;
@@ -242,7 +250,7 @@
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
md_info = mbedtls_md_info_from_string(md_name);
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) );
TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) );
@@ -277,14 +285,14 @@
{
char md_name[100];
unsigned char output[100];
- const mbedtls_md_info_t *md_info = NULL;
+ mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE;
memset( md_name, 0x00, 100 );
memset( output, 0x00, 100 );
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
md_info = mbedtls_md_info_from_string( md_name );
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT ( mbedtls_md_hmac( md_info, key_str->x, key_str->len, src_str->x, src_str->len, output ) == 0 );
@@ -299,7 +307,7 @@
{
char md_name[100];
unsigned char output[100];
- const mbedtls_md_info_t *md_info = NULL;
+ mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE;
mbedtls_md_context_t ctx;
int halfway;
@@ -310,7 +318,7 @@
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
md_info = mbedtls_md_info_from_string( md_name );
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 1 ) );
halfway = src_str->len / 2;
@@ -344,14 +352,14 @@
{
char md_name[100];
unsigned char output[100];
- const mbedtls_md_info_t *md_info = NULL;
+ mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE;
memset( md_name, 0x00, 100 );
memset( output, 0x00, 100 );
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
md_info = mbedtls_md_info_from_string( md_name );
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( mbedtls_md_file( md_info, filename, output ) == 0 );
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 8b95bab..fc917d0 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -593,7 +593,7 @@
TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
- if( mbedtls_md_info_from_type( digest ) != NULL )
+ if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
TEST_ASSERT( mbedtls_pk_verify( &pk, digest, hash_result, 0,
@@ -709,7 +709,7 @@
unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN];
size_t hlen, slen, slen_check;
- const mbedtls_md_info_t *md_info;
+ mbedtls_md_handle_t md_info;
mbedtls_pk_restart_init( &rs_ctx );
mbedtls_pk_init( &prv );
@@ -729,7 +729,7 @@
slen_check = unhexify( sig_check, sig_str );
md_info = mbedtls_md_info_from_type( md_alg );
- TEST_ASSERT( md_info != NULL );
+ TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
hlen = mbedtls_md_get_size( md_info );
mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash );
diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function
index 0723623..58c25bf 100644
--- a/tests/suites/test_suite_pkcs1_v15.function
+++ b/tests/suites/test_suite_pkcs1_v15.function
@@ -275,8 +275,10 @@
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
- if( mbedtls_md_info_from_type( digest ) != NULL )
+ if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
+ {
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
+ }
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PRIVATE, digest, 0, hash_result, output ) == result );
if( result == 0 )
@@ -313,9 +315,10 @@
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
-
- if( mbedtls_md_info_from_type( digest ) != NULL )
+ if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
+ {
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
+ }
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function
index 99be08a..a9635e1 100644
--- a/tests/suites/test_suite_pkcs1_v21.function
+++ b/tests/suites/test_suite_pkcs1_v21.function
@@ -128,8 +128,10 @@
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
- if( mbedtls_md_info_from_type( digest ) != NULL )
+ if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
+ {
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
+ }
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PRIVATE,
digest, 0, hash_result, output ) == result );
@@ -169,8 +171,10 @@
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
- if( mbedtls_md_info_from_type( digest ) != NULL )
+ if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
+ {
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
+ }
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function
index 26f1d33..a8f0523 100644
--- a/tests/suites/test_suite_pkcs5.function
+++ b/tests/suites/test_suite_pkcs5.function
@@ -12,14 +12,14 @@
int it_cnt, int key_len, data_t * result_key_string )
{
mbedtls_md_context_t ctx;
- const mbedtls_md_info_t *info;
+ mbedtls_md_handle_t info;
unsigned char key[100];
mbedtls_md_init( &ctx );
info = mbedtls_md_info_from_type( hash );
- TEST_ASSERT( info != NULL );
+ TEST_ASSERT( info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( mbedtls_md_setup( &ctx, info, 1 ) == 0 );
TEST_ASSERT( mbedtls_pkcs5_pbkdf2_hmac( &ctx, pw_str->x, pw_str->len, salt_str->x, salt_str->len,
it_cnt, key_len, key ) == 0 );
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index f2a9b98..4d22c9b 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -497,8 +497,10 @@
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
- if( mbedtls_md_info_from_type( digest ) != NULL )
+ if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
+ {
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
+ }
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
MBEDTLS_RSA_PRIVATE, digest, 0,
@@ -538,8 +540,10 @@
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
- if( mbedtls_md_info_from_type( digest ) != NULL )
+ if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
+ {
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
+ }
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 268d56c..9873dd8 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -102,12 +102,12 @@
if( cipher_info->mode == MBEDTLS_MODE_CBC ||
cipher_info->mode == MBEDTLS_MODE_STREAM )
{
- mbedtls_md_info_t const *md_info;
+ mbedtls_md_handle_t md_info;
unsigned char *md0, *md1;
/* Pick hash */
md_info = mbedtls_md_info_from_type( hash_id );
- CHK( md_info != NULL );
+ CHK( md_info != MBEDTLS_MD_INVALID_HANDLE );
/* Pick hash keys */
maclen = mbedtls_md_get_size( md_info );
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 2ec9178..e6f9ec8 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -264,7 +264,6 @@
<ClCompile Include="..\..\library\md2.c" />
<ClCompile Include="..\..\library\md4.c" />
<ClCompile Include="..\..\library\md5.c" />
- <ClCompile Include="..\..\library\md_wrap.c" />
<ClCompile Include="..\..\library\memory_buffer_alloc.c" />
<ClCompile Include="..\..\library\net_sockets.c" />
<ClCompile Include="..\..\library\nist_kw.c" />