mirror of
https://github.com/jakcron/nstool
synced 2024-12-23 21:21:11 +00:00
[crypto] Add RSA-2048-PSS verification.
This commit is contained in:
parent
9073c4a6d8
commit
81e4f06048
7 changed files with 1513 additions and 2 deletions
|
@ -107,5 +107,18 @@ namespace crypto
|
|||
int rsaSign(const sRsa4096Key& key, sha::HashType hash_type, const uint8_t* hash, uint8_t signature[kRsa4096Size]);
|
||||
int rsaVerify(const sRsa4096Key& key, sha::HashType hash_type, const uint8_t* hash, const uint8_t signature[kRsa4096Size]);
|
||||
}
|
||||
|
||||
namespace pss
|
||||
{
|
||||
// rsa1024
|
||||
//int rsaSign(const sRsa1024Key& key, sha::HashType hash_type, const uint8_t* hash, uint8_t signature[kRsa1024Size]);
|
||||
//int rsaVerify(const sRsa1024Key& key, sha::HashType hash_type, const uint8_t* hash, const uint8_t signature[kRsa1024Size]);
|
||||
// rsa2048
|
||||
//int rsaSign(const sRsa2048Key& key, sha::HashType hash_type, const uint8_t* hash, uint8_t signature[kRsa2048Size]);
|
||||
int rsaVerify(const sRsa2048Key& key, sha::HashType hash_type, const uint8_t* hash, const uint8_t signature[kRsa2048Size]);
|
||||
// rsa4096
|
||||
//int rsaSign(const sRsa4096Key& key, sha::HashType hash_type, const uint8_t* hash, uint8_t signature[kRsa4096Size]);
|
||||
//int rsaVerify(const sRsa4096Key& key, sha::HashType hash_type, const uint8_t* hash, const uint8_t signature[kRsa4096Size]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -248,7 +248,7 @@
|
|||
* Enable support for PKCS#1 v2.1 encoding.
|
||||
* This enables support for RSAES-OAEP and RSASSA-PSS operations.
|
||||
*/
|
||||
//#define POLARSSL_PKCS1_V21
|
||||
#define POLARSSL_PKCS1_V21
|
||||
|
||||
/**
|
||||
* \def POLARSSL_RSA_NO_CRT
|
||||
|
@ -641,7 +641,7 @@
|
|||
*
|
||||
* Uncomment to enable generic message digest wrappers.
|
||||
*/
|
||||
//#define POLARSSL_MD_C
|
||||
#define POLARSSL_MD_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_MD2_C
|
||||
|
|
357
lib/libcrypto/source/libpolarssl/include/polarssl/md.h
Normal file
357
lib/libcrypto/source/libpolarssl/include/polarssl/md.h
Normal file
|
@ -0,0 +1,357 @@
|
|||
/**
|
||||
* \file md.h
|
||||
*
|
||||
* \brief Generic message digest wrapper
|
||||
*
|
||||
* \author Adriaan de Jong <dejong@fox-it.com>
|
||||
*
|
||||
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
|
||||
*
|
||||
* This file is part of mbed TLS (https://polarssl.org)
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_MD_H
|
||||
#define POLARSSL_MD_H
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
|
||||
!defined(inline) && !defined(__cplusplus)
|
||||
#define inline __inline
|
||||
#endif
|
||||
|
||||
#define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */
|
||||
#define POLARSSL_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */
|
||||
#define POLARSSL_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */
|
||||
#define POLARSSL_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */
|
||||
|
||||
typedef enum {
|
||||
POLARSSL_MD_NONE=0,
|
||||
POLARSSL_MD_MD2,
|
||||
POLARSSL_MD_MD4,
|
||||
POLARSSL_MD_MD5,
|
||||
POLARSSL_MD_SHA1,
|
||||
POLARSSL_MD_SHA224,
|
||||
POLARSSL_MD_SHA256,
|
||||
POLARSSL_MD_SHA384,
|
||||
POLARSSL_MD_SHA512,
|
||||
} md_type_t;
|
||||
|
||||
#define POLARSSL_MD_MAX_SIZE 64 /* longest known is SHA512 */
|
||||
|
||||
/**
|
||||
* Message digest information. Allows message digest functions to be called
|
||||
* in a generic way.
|
||||
*/
|
||||
typedef struct {
|
||||
/** Digest identifier */
|
||||
md_type_t type;
|
||||
|
||||
/** Name of the message digest */
|
||||
const char * name;
|
||||
|
||||
/** Output length of the digest function */
|
||||
int size;
|
||||
|
||||
/** Digest initialisation function */
|
||||
void (*starts_func)( void *ctx );
|
||||
|
||||
/** Digest update function */
|
||||
void (*update_func)( void *ctx, const unsigned char *input, size_t ilen );
|
||||
|
||||
/** Digest finalisation function */
|
||||
void (*finish_func)( void *ctx, unsigned char *output );
|
||||
|
||||
/** Generic digest function */
|
||||
void (*digest_func)( const unsigned char *input, size_t ilen,
|
||||
unsigned char *output );
|
||||
|
||||
/** Generic file digest function */
|
||||
int (*file_func)( const char *path, unsigned char *output );
|
||||
|
||||
/** HMAC Initialisation function */
|
||||
void (*hmac_starts_func)( void *ctx, const unsigned char *key, size_t keylen );
|
||||
|
||||
/** HMAC update function */
|
||||
void (*hmac_update_func)( void *ctx, const unsigned char *input, size_t ilen );
|
||||
|
||||
/** HMAC finalisation function */
|
||||
void (*hmac_finish_func)( void *ctx, unsigned char *output);
|
||||
|
||||
/** HMAC context reset function */
|
||||
void (*hmac_reset_func)( void *ctx );
|
||||
|
||||
/** Generic HMAC function */
|
||||
void (*hmac_func)( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output );
|
||||
|
||||
/** Allocate a new context */
|
||||
void * (*ctx_alloc_func)( void );
|
||||
|
||||
/** Free the given context */
|
||||
void (*ctx_free_func)( void *ctx );
|
||||
|
||||
} md_info_t;
|
||||
|
||||
/**
|
||||
* Generic message digest context.
|
||||
*/
|
||||
typedef struct {
|
||||
/** Information about the associated message digest */
|
||||
const md_info_t *md_info;
|
||||
|
||||
/** Digest-specific context */
|
||||
void *md_ctx;
|
||||
} md_context_t;
|
||||
|
||||
#define MD_CONTEXT_T_INIT { \
|
||||
NULL, /* md_info */ \
|
||||
NULL, /* md_ctx */ \
|
||||
}
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Returns the list of digests supported by the generic digest module.
|
||||
*
|
||||
* \return a statically allocated array of digests, the last entry
|
||||
* is 0.
|
||||
*/
|
||||
const int *md_list( void );
|
||||
|
||||
/**
|
||||
* \brief Returns the message digest information associated with the
|
||||
* given digest name.
|
||||
*
|
||||
* \param md_name Name of the digest to search for.
|
||||
*
|
||||
* \return The message digest information associated with md_name or
|
||||
* NULL if not found.
|
||||
*/
|
||||
const md_info_t *md_info_from_string( const char *md_name );
|
||||
|
||||
/**
|
||||
* \brief Returns the message digest information associated with the
|
||||
* given digest type.
|
||||
*
|
||||
* \param md_type type of digest to search for.
|
||||
*
|
||||
* \return The message digest information associated with md_type or
|
||||
* NULL if not found.
|
||||
*/
|
||||
const md_info_t *md_info_from_type( md_type_t md_type );
|
||||
|
||||
/**
|
||||
* \brief Initialises and fills the message digest context structure with
|
||||
* the appropriate values.
|
||||
*
|
||||
* \param ctx context to initialise. May not be NULL. The
|
||||
* digest-specific context (ctx->md_ctx) must be NULL. It will
|
||||
* be allocated, and must be freed using md_free_ctx() later.
|
||||
* \param md_info message digest to use.
|
||||
*
|
||||
* \returns \c 0 on success, \c POLARSSL_ERR_MD_BAD_INPUT_DATA on
|
||||
* parameter failure, \c POLARSSL_ERR_MD_ALLOC_FAILED if
|
||||
* allocation of the digest-specific context failed.
|
||||
*/
|
||||
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info );
|
||||
|
||||
/**
|
||||
* \brief Free the message-specific context of ctx. Freeing ctx itself
|
||||
* remains the responsibility of the caller.
|
||||
*
|
||||
* \param ctx Free the message-specific context
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_free_ctx( md_context_t *ctx );
|
||||
|
||||
/**
|
||||
* \brief Returns the size of the message digest output.
|
||||
*
|
||||
* \param md_info message digest info
|
||||
*
|
||||
* \return size of the message digest output.
|
||||
*/
|
||||
static inline unsigned char md_get_size( const md_info_t *md_info )
|
||||
{
|
||||
if( md_info == NULL )
|
||||
return( 0 );
|
||||
|
||||
return md_info->size;
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Returns the type of the message digest output.
|
||||
*
|
||||
* \param md_info message digest info
|
||||
*
|
||||
* \return type of the message digest output.
|
||||
*/
|
||||
static inline md_type_t md_get_type( const md_info_t *md_info )
|
||||
{
|
||||
if( md_info == NULL )
|
||||
return( POLARSSL_MD_NONE );
|
||||
|
||||
return md_info->type;
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Returns the name of the message digest output.
|
||||
*
|
||||
* \param md_info message digest info
|
||||
*
|
||||
* \return name of the message digest output.
|
||||
*/
|
||||
static inline const char *md_get_name( const md_info_t *md_info )
|
||||
{
|
||||
if( md_info == NULL )
|
||||
return( NULL );
|
||||
|
||||
return md_info->name;
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Set-up the given context for a new message digest
|
||||
*
|
||||
* \param ctx generic message digest context.
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_starts( md_context_t *ctx );
|
||||
|
||||
/**
|
||||
* \brief Generic message digest process buffer
|
||||
*
|
||||
* \param ctx Generic message digest context
|
||||
* \param input buffer holding the datal
|
||||
* \param ilen length of the input data
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen );
|
||||
|
||||
/**
|
||||
* \brief Generic message digest final digest
|
||||
*
|
||||
* \param ctx Generic message digest context
|
||||
* \param output Generic message digest checksum result
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_finish( md_context_t *ctx, unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief Output = message_digest( input buffer )
|
||||
*
|
||||
* \param md_info message digest info
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
* \param output Generic message digest checksum result
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
|
||||
unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief Output = message_digest( file contents )
|
||||
*
|
||||
* \param md_info message digest info
|
||||
* \param path input file name
|
||||
* \param output generic message digest checksum result
|
||||
*
|
||||
* \return 0 if successful, POLARSSL_ERR_MD_FILE_OPEN_FAILED if fopen
|
||||
* failed, POLARSSL_ERR_MD_FILE_READ_FAILED if fread failed,
|
||||
* POLARSSL_ERR_MD_BAD_INPUT_DATA if md_info was NULL.
|
||||
*/
|
||||
int md_file( const md_info_t *md_info, const char *path, unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief Generic HMAC context setup
|
||||
*
|
||||
* \param ctx HMAC context to be initialized
|
||||
* \param key HMAC secret key
|
||||
* \param keylen length of the HMAC key
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen );
|
||||
|
||||
/**
|
||||
* \brief Generic HMAC process buffer
|
||||
*
|
||||
* \param ctx HMAC context
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen );
|
||||
|
||||
/**
|
||||
* \brief Generic HMAC final digest
|
||||
*
|
||||
* \param ctx HMAC context
|
||||
* \param output Generic HMAC checksum result
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_hmac_finish( md_context_t *ctx, unsigned char *output);
|
||||
|
||||
/**
|
||||
* \brief Generic HMAC context reset
|
||||
*
|
||||
* \param ctx HMAC context to be reset
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_hmac_reset( md_context_t *ctx );
|
||||
|
||||
/**
|
||||
* \brief Output = Generic_HMAC( hmac key, input buffer )
|
||||
*
|
||||
* \param md_info message digest info
|
||||
* \param key HMAC secret key
|
||||
* \param keylen length of the HMAC key
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
* \param output Generic HMAC-result
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* POLARSSL_MD_H */
|
61
lib/libcrypto/source/libpolarssl/include/polarssl/md_wrap.h
Normal file
61
lib/libcrypto/source/libpolarssl/include/polarssl/md_wrap.h
Normal file
|
@ -0,0 +1,61 @@
|
|||
/**
|
||||
* \file md_wrap.h
|
||||
*
|
||||
* \brief Message digest wrappers.
|
||||
*
|
||||
* \author Adriaan de Jong <dejong@fox-it.com>
|
||||
*
|
||||
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
|
||||
*
|
||||
* This file is part of mbed TLS (https://polarssl.org)
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_MD_WRAP_H
|
||||
#define POLARSSL_MD_WRAP_H
|
||||
|
||||
#include "config.h"
|
||||
#include "md.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
extern const md_info_t md2_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
extern const md_info_t md4_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
extern const md_info_t md5_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
extern const md_info_t sha1_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA2_C)
|
||||
extern const md_info_t sha224_info;
|
||||
extern const md_info_t sha256_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA4_C)
|
||||
extern const md_info_t sha384_info;
|
||||
extern const md_info_t sha512_info;
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* POLARSSL_MD_WRAP_H */
|
300
lib/libcrypto/source/libpolarssl/source/polar_md.c
Normal file
300
lib/libcrypto/source/libpolarssl/source/polar_md.c
Normal file
|
@ -0,0 +1,300 @@
|
|||
/**
|
||||
* \file md.c
|
||||
*
|
||||
* \brief Generic message digest wrapper for PolarSSL
|
||||
*
|
||||
* \author Adriaan de Jong <dejong@fox-it.com>
|
||||
*
|
||||
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
|
||||
*
|
||||
* This file is part of mbed TLS (https://polarssl.org)
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#if defined(POLARSSL_MD_C)
|
||||
|
||||
#include "polarssl/md.h"
|
||||
#include "polarssl/md_wrap.h"
|
||||
|
||||
#include <stdlib.h>
|
||||
|
||||
#if defined _MSC_VER && !defined strcasecmp
|
||||
#define strcasecmp _stricmp
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
static const int supported_digests[] = {
|
||||
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
POLARSSL_MD_MD2,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
POLARSSL_MD_MD4,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
POLARSSL_MD_MD5,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
POLARSSL_MD_SHA1,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA2_C)
|
||||
POLARSSL_MD_SHA224,
|
||||
POLARSSL_MD_SHA256,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA4_C)
|
||||
POLARSSL_MD_SHA384,
|
||||
POLARSSL_MD_SHA512,
|
||||
#endif
|
||||
|
||||
0
|
||||
};
|
||||
|
||||
const int *md_list( void )
|
||||
{
|
||||
return supported_digests;
|
||||
}
|
||||
|
||||
const md_info_t *md_info_from_string( const char *md_name )
|
||||
{
|
||||
if( NULL == md_name )
|
||||
return NULL;
|
||||
|
||||
/* Get the appropriate digest information */
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
if( !strcasecmp( "MD2", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_MD2 );
|
||||
#endif
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
if( !strcasecmp( "MD4", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_MD4 );
|
||||
#endif
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
if( !strcasecmp( "MD5", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_MD5 );
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
if( !strcasecmp( "SHA1", md_name ) || !strcasecmp( "SHA", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_SHA1 );
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA2_C)
|
||||
if( !strcasecmp( "SHA224", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_SHA224 );
|
||||
if( !strcasecmp( "SHA256", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_SHA256 );
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA4_C)
|
||||
if( !strcasecmp( "SHA384", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_SHA384 );
|
||||
if( !strcasecmp( "SHA512", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_SHA512 );
|
||||
#endif
|
||||
return NULL;
|
||||
}
|
||||
|
||||
const md_info_t *md_info_from_type( md_type_t md_type )
|
||||
{
|
||||
switch( md_type )
|
||||
{
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
case POLARSSL_MD_MD2:
|
||||
return &md2_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
case POLARSSL_MD_MD4:
|
||||
return &md4_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
case POLARSSL_MD_MD5:
|
||||
return &md5_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
case POLARSSL_MD_SHA1:
|
||||
return &sha1_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA2_C)
|
||||
case POLARSSL_MD_SHA224:
|
||||
return &sha224_info;
|
||||
case POLARSSL_MD_SHA256:
|
||||
return &sha256_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA4_C)
|
||||
case POLARSSL_MD_SHA384:
|
||||
return &sha384_info;
|
||||
case POLARSSL_MD_SHA512:
|
||||
return &sha512_info;
|
||||
#endif
|
||||
default:
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info )
|
||||
{
|
||||
if( md_info == NULL || ctx == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
memset( ctx, 0, sizeof( md_context_t ) );
|
||||
|
||||
if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
|
||||
return POLARSSL_ERR_MD_ALLOC_FAILED;
|
||||
|
||||
ctx->md_info = md_info;
|
||||
|
||||
md_info->starts_func( ctx->md_ctx );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_free_ctx( md_context_t *ctx )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->ctx_free_func( ctx->md_ctx );
|
||||
|
||||
polarssl_zeroize( ctx, sizeof( md_context_t ) );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_starts( md_context_t *ctx )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->starts_func( ctx->md_ctx );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->update_func( ctx->md_ctx, input, ilen );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_finish( md_context_t *ctx, unsigned char *output )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->finish_func( ctx->md_ctx, output );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
if ( md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
md_info->digest_func( input, ilen, output );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_file( const md_info_t *md_info, const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
int ret;
|
||||
#endif
|
||||
|
||||
if( md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
ret = md_info->file_func( path, output );
|
||||
if( ret != 0 )
|
||||
return( POLARSSL_ERR_MD_FILE_IO_ERROR + ret );
|
||||
|
||||
return( ret );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->hmac_starts_func( ctx->md_ctx, key, keylen);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->hmac_update_func( ctx->md_ctx, input, ilen );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_hmac_finish( md_context_t *ctx, unsigned char *output)
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->hmac_finish_func( ctx->md_ctx, output);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_hmac_reset( md_context_t *ctx )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->hmac_reset_func( ctx->md_ctx);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
if( md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
md_info->hmac_func( key, keylen, input, ilen, output );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#endif
|
743
lib/libcrypto/source/libpolarssl/source/polar_md_wrap.c
Normal file
743
lib/libcrypto/source/libpolarssl/source/polar_md_wrap.c
Normal file
|
@ -0,0 +1,743 @@
|
|||
/**
|
||||
* \file md_wrap.c
|
||||
|
||||
* \brief Generic message digest wrapper for PolarSSL
|
||||
*
|
||||
* \author Adriaan de Jong <dejong@fox-it.com>
|
||||
*
|
||||
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
|
||||
*
|
||||
* This file is part of mbed TLS (https://polarssl.org)
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#if defined(POLARSSL_MD_C)
|
||||
|
||||
#include "polarssl/md_wrap.h"
|
||||
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
#include "polarssl/md2.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
#include "polarssl/md4.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
#include "polarssl/md5.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
#include "polarssl/sha1.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA2_C)
|
||||
#include "polarssl/sha2.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA4_C)
|
||||
#include "polarssl/sha4.h"
|
||||
#endif
|
||||
|
||||
#include <stdlib.h>
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
|
||||
static void md2_starts_wrap( void *ctx )
|
||||
{
|
||||
md2_starts( (md2_context *) ctx );
|
||||
}
|
||||
|
||||
static void md2_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
md2_update( (md2_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void md2_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
md2_finish( (md2_context *) ctx, output );
|
||||
}
|
||||
|
||||
static int md2_file_wrap( const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
return md2_file( path, output );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
static void md2_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
md2_hmac_starts( (md2_context *) ctx, key, keylen );
|
||||
}
|
||||
|
||||
static void md2_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
md2_hmac_update( (md2_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void md2_hmac_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
md2_hmac_finish( (md2_context *) ctx, output );
|
||||
}
|
||||
|
||||
static void md2_hmac_reset_wrap( void *ctx )
|
||||
{
|
||||
md2_hmac_reset( (md2_context *) ctx );
|
||||
}
|
||||
|
||||
static void * md2_ctx_alloc( void )
|
||||
{
|
||||
return malloc( sizeof( md2_context ) );
|
||||
}
|
||||
|
||||
static void md2_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( md2_context ) );
|
||||
free( ctx );
|
||||
}
|
||||
|
||||
const md_info_t md2_info = {
|
||||
POLARSSL_MD_MD2,
|
||||
"MD2",
|
||||
16,
|
||||
md2_starts_wrap,
|
||||
md2_update_wrap,
|
||||
md2_finish_wrap,
|
||||
md2,
|
||||
md2_file_wrap,
|
||||
md2_hmac_starts_wrap,
|
||||
md2_hmac_update_wrap,
|
||||
md2_hmac_finish_wrap,
|
||||
md2_hmac_reset_wrap,
|
||||
md2_hmac,
|
||||
md2_ctx_alloc,
|
||||
md2_ctx_free,
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
|
||||
static void md4_starts_wrap( void *ctx )
|
||||
{
|
||||
md4_starts( (md4_context *) ctx );
|
||||
}
|
||||
|
||||
static void md4_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
md4_update( (md4_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void md4_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
md4_finish( (md4_context *) ctx, output );
|
||||
}
|
||||
|
||||
static int md4_file_wrap( const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
return md4_file( path, output );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
static void md4_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
md4_hmac_starts( (md4_context *) ctx, key, keylen );
|
||||
}
|
||||
|
||||
static void md4_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
md4_hmac_update( (md4_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void md4_hmac_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
md4_hmac_finish( (md4_context *) ctx, output );
|
||||
}
|
||||
|
||||
static void md4_hmac_reset_wrap( void *ctx )
|
||||
{
|
||||
md4_hmac_reset( (md4_context *) ctx );
|
||||
}
|
||||
|
||||
static void *md4_ctx_alloc( void )
|
||||
{
|
||||
return malloc( sizeof( md4_context ) );
|
||||
}
|
||||
|
||||
static void md4_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( md4_context ) );
|
||||
free( ctx );
|
||||
}
|
||||
|
||||
const md_info_t md4_info = {
|
||||
POLARSSL_MD_MD4,
|
||||
"MD4",
|
||||
16,
|
||||
md4_starts_wrap,
|
||||
md4_update_wrap,
|
||||
md4_finish_wrap,
|
||||
md4,
|
||||
md4_file_wrap,
|
||||
md4_hmac_starts_wrap,
|
||||
md4_hmac_update_wrap,
|
||||
md4_hmac_finish_wrap,
|
||||
md4_hmac_reset_wrap,
|
||||
md4_hmac,
|
||||
md4_ctx_alloc,
|
||||
md4_ctx_free,
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
|
||||
static void md5_starts_wrap( void *ctx )
|
||||
{
|
||||
md5_starts( (md5_context *) ctx );
|
||||
}
|
||||
|
||||
static void md5_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
md5_update( (md5_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void md5_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
md5_finish( (md5_context *) ctx, output );
|
||||
}
|
||||
|
||||
static int md5_file_wrap( const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
return md5_file( path, output );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
static void md5_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
md5_hmac_starts( (md5_context *) ctx, key, keylen );
|
||||
}
|
||||
|
||||
static void md5_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
md5_hmac_update( (md5_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void md5_hmac_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
md5_hmac_finish( (md5_context *) ctx, output );
|
||||
}
|
||||
|
||||
static void md5_hmac_reset_wrap( void *ctx )
|
||||
{
|
||||
md5_hmac_reset( (md5_context *) ctx );
|
||||
}
|
||||
|
||||
static void * md5_ctx_alloc( void )
|
||||
{
|
||||
return malloc( sizeof( md5_context ) );
|
||||
}
|
||||
|
||||
static void md5_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( md5_context ) );
|
||||
free( ctx );
|
||||
}
|
||||
|
||||
const md_info_t md5_info = {
|
||||
POLARSSL_MD_MD5,
|
||||
"MD5",
|
||||
16,
|
||||
md5_starts_wrap,
|
||||
md5_update_wrap,
|
||||
md5_finish_wrap,
|
||||
md5,
|
||||
md5_file_wrap,
|
||||
md5_hmac_starts_wrap,
|
||||
md5_hmac_update_wrap,
|
||||
md5_hmac_finish_wrap,
|
||||
md5_hmac_reset_wrap,
|
||||
md5_hmac,
|
||||
md5_ctx_alloc,
|
||||
md5_ctx_free,
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
|
||||
static void sha1_starts_wrap( void *ctx )
|
||||
{
|
||||
sha1_starts( (sha1_context *) ctx );
|
||||
}
|
||||
|
||||
static void sha1_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha1_update( (sha1_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void sha1_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha1_finish( (sha1_context *) ctx, output );
|
||||
}
|
||||
|
||||
static int sha1_file_wrap( const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
return sha1_file( path, output );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
static void sha1_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
sha1_hmac_starts( (sha1_context *) ctx, key, keylen );
|
||||
}
|
||||
|
||||
static void sha1_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha1_hmac_update( (sha1_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void sha1_hmac_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha1_hmac_finish( (sha1_context *) ctx, output );
|
||||
}
|
||||
|
||||
static void sha1_hmac_reset_wrap( void *ctx )
|
||||
{
|
||||
sha1_hmac_reset( (sha1_context *) ctx );
|
||||
}
|
||||
|
||||
static void * sha1_ctx_alloc( void )
|
||||
{
|
||||
return malloc( sizeof( sha1_context ) );
|
||||
}
|
||||
|
||||
static void sha1_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( sha1_context ) );
|
||||
free( ctx );
|
||||
}
|
||||
|
||||
const md_info_t sha1_info = {
|
||||
POLARSSL_MD_SHA1,
|
||||
"SHA1",
|
||||
20,
|
||||
sha1_starts_wrap,
|
||||
sha1_update_wrap,
|
||||
sha1_finish_wrap,
|
||||
sha1,
|
||||
sha1_file_wrap,
|
||||
sha1_hmac_starts_wrap,
|
||||
sha1_hmac_update_wrap,
|
||||
sha1_hmac_finish_wrap,
|
||||
sha1_hmac_reset_wrap,
|
||||
sha1_hmac,
|
||||
sha1_ctx_alloc,
|
||||
sha1_ctx_free,
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Wrappers for generic message digests
|
||||
*/
|
||||
#if defined(POLARSSL_SHA2_C)
|
||||
|
||||
static void sha224_starts_wrap( void *ctx )
|
||||
{
|
||||
sha2_starts( (sha2_context *) ctx, 1 );
|
||||
}
|
||||
|
||||
static void sha224_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha2_update( (sha2_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void sha224_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha2_finish( (sha2_context *) ctx, output );
|
||||
}
|
||||
|
||||
static void sha224_wrap( const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
sha2( input, ilen, output, 1 );
|
||||
}
|
||||
|
||||
static int sha224_file_wrap( const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
return sha2_file( path, output, 1 );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
static void sha224_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 1 );
|
||||
}
|
||||
|
||||
static void sha224_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha2_hmac_update( (sha2_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void sha224_hmac_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha2_hmac_finish( (sha2_context *) ctx, output );
|
||||
}
|
||||
|
||||
static void sha224_hmac_reset_wrap( void *ctx )
|
||||
{
|
||||
sha2_hmac_reset( (sha2_context *) ctx );
|
||||
}
|
||||
|
||||
static void sha224_hmac_wrap( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
sha2_hmac( key, keylen, input, ilen, output, 1 );
|
||||
}
|
||||
|
||||
static void * sha224_ctx_alloc( void )
|
||||
{
|
||||
return malloc( sizeof( sha2_context ) );
|
||||
}
|
||||
|
||||
static void sha224_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( sha2_context ) );
|
||||
free( ctx );
|
||||
}
|
||||
|
||||
const md_info_t sha224_info = {
|
||||
POLARSSL_MD_SHA224,
|
||||
"SHA224",
|
||||
28,
|
||||
sha224_starts_wrap,
|
||||
sha224_update_wrap,
|
||||
sha224_finish_wrap,
|
||||
sha224_wrap,
|
||||
sha224_file_wrap,
|
||||
sha224_hmac_starts_wrap,
|
||||
sha224_hmac_update_wrap,
|
||||
sha224_hmac_finish_wrap,
|
||||
sha224_hmac_reset_wrap,
|
||||
sha224_hmac_wrap,
|
||||
sha224_ctx_alloc,
|
||||
sha224_ctx_free,
|
||||
};
|
||||
|
||||
static void sha256_starts_wrap( void *ctx )
|
||||
{
|
||||
sha2_starts( (sha2_context *) ctx, 0 );
|
||||
}
|
||||
|
||||
static void sha256_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha2_update( (sha2_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void sha256_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha2_finish( (sha2_context *) ctx, output );
|
||||
}
|
||||
|
||||
static void sha256_wrap( const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
sha2( input, ilen, output, 0 );
|
||||
}
|
||||
|
||||
static int sha256_file_wrap( const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
return sha2_file( path, output, 0 );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
static void sha256_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 0 );
|
||||
}
|
||||
|
||||
static void sha256_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha2_hmac_update( (sha2_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void sha256_hmac_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha2_hmac_finish( (sha2_context *) ctx, output );
|
||||
}
|
||||
|
||||
static void sha256_hmac_reset_wrap( void *ctx )
|
||||
{
|
||||
sha2_hmac_reset( (sha2_context *) ctx );
|
||||
}
|
||||
|
||||
static void sha256_hmac_wrap( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
sha2_hmac( key, keylen, input, ilen, output, 0 );
|
||||
}
|
||||
|
||||
static void * sha256_ctx_alloc( void )
|
||||
{
|
||||
return malloc( sizeof( sha2_context ) );
|
||||
}
|
||||
|
||||
static void sha256_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( sha2_context ) );
|
||||
free( ctx );
|
||||
}
|
||||
|
||||
const md_info_t sha256_info = {
|
||||
POLARSSL_MD_SHA256,
|
||||
"SHA256",
|
||||
32,
|
||||
sha256_starts_wrap,
|
||||
sha256_update_wrap,
|
||||
sha256_finish_wrap,
|
||||
sha256_wrap,
|
||||
sha256_file_wrap,
|
||||
sha256_hmac_starts_wrap,
|
||||
sha256_hmac_update_wrap,
|
||||
sha256_hmac_finish_wrap,
|
||||
sha256_hmac_reset_wrap,
|
||||
sha256_hmac_wrap,
|
||||
sha256_ctx_alloc,
|
||||
sha256_ctx_free,
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA4_C)
|
||||
|
||||
static void sha384_starts_wrap( void *ctx )
|
||||
{
|
||||
sha4_starts( (sha4_context *) ctx, 1 );
|
||||
}
|
||||
|
||||
static void sha384_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha4_update( (sha4_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void sha384_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha4_finish( (sha4_context *) ctx, output );
|
||||
}
|
||||
|
||||
static void sha384_wrap( const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
sha4( input, ilen, output, 1 );
|
||||
}
|
||||
|
||||
static int sha384_file_wrap( const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
return sha4_file( path, output, 1 );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
static void sha384_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
sha4_hmac_starts( (sha4_context *) ctx, key, keylen, 1 );
|
||||
}
|
||||
|
||||
static void sha384_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha4_hmac_update( (sha4_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void sha384_hmac_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha4_hmac_finish( (sha4_context *) ctx, output );
|
||||
}
|
||||
|
||||
static void sha384_hmac_reset_wrap( void *ctx )
|
||||
{
|
||||
sha4_hmac_reset( (sha4_context *) ctx );
|
||||
}
|
||||
|
||||
static void sha384_hmac_wrap( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
sha4_hmac( key, keylen, input, ilen, output, 1 );
|
||||
}
|
||||
|
||||
static void * sha384_ctx_alloc( void )
|
||||
{
|
||||
return malloc( sizeof( sha4_context ) );
|
||||
}
|
||||
|
||||
static void sha384_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( sha4_context ) );
|
||||
free( ctx );
|
||||
}
|
||||
|
||||
const md_info_t sha384_info = {
|
||||
POLARSSL_MD_SHA384,
|
||||
"SHA384",
|
||||
48,
|
||||
sha384_starts_wrap,
|
||||
sha384_update_wrap,
|
||||
sha384_finish_wrap,
|
||||
sha384_wrap,
|
||||
sha384_file_wrap,
|
||||
sha384_hmac_starts_wrap,
|
||||
sha384_hmac_update_wrap,
|
||||
sha384_hmac_finish_wrap,
|
||||
sha384_hmac_reset_wrap,
|
||||
sha384_hmac_wrap,
|
||||
sha384_ctx_alloc,
|
||||
sha384_ctx_free,
|
||||
};
|
||||
|
||||
static void sha512_starts_wrap( void *ctx )
|
||||
{
|
||||
sha4_starts( (sha4_context *) ctx, 0 );
|
||||
}
|
||||
|
||||
static void sha512_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha4_update( (sha4_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void sha512_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha4_finish( (sha4_context *) ctx, output );
|
||||
}
|
||||
|
||||
static void sha512_wrap( const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
sha4( input, ilen, output, 0 );
|
||||
}
|
||||
|
||||
static int sha512_file_wrap( const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
return sha4_file( path, output, 0 );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
static void sha512_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
sha4_hmac_starts( (sha4_context *) ctx, key, keylen, 0 );
|
||||
}
|
||||
|
||||
static void sha512_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha4_hmac_update( (sha4_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void sha512_hmac_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha4_hmac_finish( (sha4_context *) ctx, output );
|
||||
}
|
||||
|
||||
static void sha512_hmac_reset_wrap( void *ctx )
|
||||
{
|
||||
sha4_hmac_reset( (sha4_context *) ctx );
|
||||
}
|
||||
|
||||
static void sha512_hmac_wrap( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
sha4_hmac( key, keylen, input, ilen, output, 0 );
|
||||
}
|
||||
|
||||
static void * sha512_ctx_alloc( void )
|
||||
{
|
||||
return malloc( sizeof( sha4_context ) );
|
||||
}
|
||||
|
||||
static void sha512_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( sha4_context ) );
|
||||
free( ctx );
|
||||
}
|
||||
|
||||
const md_info_t sha512_info = {
|
||||
POLARSSL_MD_SHA512,
|
||||
"SHA512",
|
||||
64,
|
||||
sha512_starts_wrap,
|
||||
sha512_update_wrap,
|
||||
sha512_finish_wrap,
|
||||
sha512_wrap,
|
||||
sha512_file_wrap,
|
||||
sha512_hmac_starts_wrap,
|
||||
sha512_hmac_update_wrap,
|
||||
sha512_hmac_finish_wrap,
|
||||
sha512_hmac_reset_wrap,
|
||||
sha512_hmac_wrap,
|
||||
sha512_ctx_alloc,
|
||||
sha512_ctx_free,
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
#endif
|
|
@ -1,5 +1,6 @@
|
|||
#include <crypto/rsa.h>
|
||||
#include <polarssl/rsa.h>
|
||||
#include <polarssl/md.h>
|
||||
|
||||
using namespace crypto::rsa;
|
||||
using namespace crypto::sha;
|
||||
|
@ -21,6 +22,23 @@ int getWrappedHashType(HashType type)
|
|||
return 0;
|
||||
}
|
||||
|
||||
int getMdWrappedHashType(HashType type)
|
||||
{
|
||||
switch (type)
|
||||
{
|
||||
case HASH_SHA1:
|
||||
return POLARSSL_MD_SHA1;
|
||||
break;
|
||||
case HASH_SHA256:
|
||||
return POLARSSL_MD_SHA256;
|
||||
break;
|
||||
default:
|
||||
return POLARSSL_MD_NONE;
|
||||
break;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
uint32_t getWrappedHashSize(HashType type)
|
||||
{
|
||||
uint32_t size = 0;
|
||||
|
@ -144,5 +162,24 @@ int crypto::rsa::pkcs::rsaVerify(const sRsa4096Key & key, HashType hash_type, co
|
|||
|
||||
rsa_free(&ctx);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
int crypto::rsa::pss::rsaVerify(const sRsa2048Key & key, HashType hash_type, const uint8_t * hash, const uint8_t signature[kRsa2048Size])
|
||||
{
|
||||
static const uint8_t public_exponent[3] = { 0x01, 0x00, 0x01 };
|
||||
|
||||
int ret;
|
||||
rsa_context ctx;
|
||||
rsa_init(&ctx, RSA_PKCS_V21, getMdWrappedHashType(hash_type));
|
||||
|
||||
ctx.len = kRsa2048Size;
|
||||
mpi_read_binary(&ctx.E, public_exponent, sizeof(public_exponent));
|
||||
mpi_read_binary(&ctx.N, key.modulus, ctx.len);
|
||||
|
||||
ret = rsa_rsassa_pss_verify(&ctx, RSA_PUBLIC, getWrappedHashType(hash_type), getWrappedHashSize(hash_type), hash, signature);
|
||||
|
||||
rsa_free(&ctx);
|
||||
|
||||
return ret;
|
||||
}
|
Loading…
Reference in a new issue