Exemplo n.º 1
0
int wc_RipeMdFinal(RipeMd* ripemd, byte* hash)
{
    byte* local;

    if (ripemd == NULL || hash == NULL) {
        return BAD_FUNC_ARG;
    }

    local = (byte*)ripemd->buffer;

    AddLength(ripemd, ripemd->buffLen);               /* before adding pads */

    local[ripemd->buffLen++] = 0x80;  /* add 1 */

    /* pad with zeros */
    if (ripemd->buffLen > RIPEMD_PAD_SIZE) {
        XMEMSET(&local[ripemd->buffLen], 0, RIPEMD_BLOCK_SIZE - ripemd->buffLen);
        ripemd->buffLen += RIPEMD_BLOCK_SIZE - ripemd->buffLen;

        #ifdef BIG_ENDIAN_ORDER
            ByteReverseWords(ripemd->buffer, ripemd->buffer, RIPEMD_BLOCK_SIZE);
        #endif
        Transform(ripemd);
        ripemd->buffLen = 0;
    }
    XMEMSET(&local[ripemd->buffLen], 0, RIPEMD_PAD_SIZE - ripemd->buffLen);

    /* put lengths in bits */
    ripemd->loLen = ripemd->loLen << 3;
    ripemd->hiLen = (ripemd->loLen >> (8*sizeof(ripemd->loLen) - 3)) +
                 (ripemd->hiLen << 3);

    /* store lengths */
    #ifdef BIG_ENDIAN_ORDER
        ByteReverseWords(ripemd->buffer, ripemd->buffer, RIPEMD_BLOCK_SIZE);
    #endif
    /* ! length ordering dependent on digest endian type ! */
    XMEMCPY(&local[RIPEMD_PAD_SIZE], &ripemd->loLen, sizeof(word32));
    XMEMCPY(&local[RIPEMD_PAD_SIZE + sizeof(word32)], &ripemd->hiLen,
           sizeof(word32));

    Transform(ripemd);
    #ifdef BIG_ENDIAN_ORDER
        ByteReverseWords(ripemd->digest, ripemd->digest, RIPEMD_DIGEST_SIZE);
    #endif
    XMEMCPY(hash, ripemd->digest, RIPEMD_DIGEST_SIZE);

    return wc_InitRipeMd(ripemd);  /* reset state */
}
Exemplo n.º 2
0
void ShaFinal(Sha* sha, byte* hash)
{
    byte* local = (byte*)sha->buffer;

    AddLength(sha, sha->buffLen);  /* before adding pads */

    local[sha->buffLen++] = 0x80;  /* add 1 */

    /* pad with zeros */
    if (sha->buffLen > SHA_PAD_SIZE) {
        XMEMSET(&local[sha->buffLen], 0, SHA_BLOCK_SIZE - sha->buffLen);
        sha->buffLen += SHA_BLOCK_SIZE - sha->buffLen;

        #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
            ByteReverseBytes(local, local, SHA_BLOCK_SIZE);
        #endif
        XTRANSFORM(sha, local);
        sha->buffLen = 0;
    }
    XMEMSET(&local[sha->buffLen], 0, SHA_PAD_SIZE - sha->buffLen);
   
    /* put lengths in bits */
    sha->hiLen = (sha->loLen >> (8*sizeof(sha->loLen) - 3)) + 
                 (sha->hiLen << 3);
    sha->loLen = sha->loLen << 3;

    /* store lengths */
    #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
        ByteReverseBytes(local, local, SHA_BLOCK_SIZE);
    #endif
    /* ! length ordering dependent on digest endian type ! */
    XMEMCPY(&local[SHA_PAD_SIZE], &sha->hiLen, sizeof(word32));
    XMEMCPY(&local[SHA_PAD_SIZE + sizeof(word32)], &sha->loLen, sizeof(word32));

    #ifdef FREESCALE_MMCAU
        /* Kinetis requires only these bytes reversed */
        ByteReverseBytes(&local[SHA_PAD_SIZE], &local[SHA_PAD_SIZE],
                2 * sizeof(word32));
    #endif

    XTRANSFORM(sha, local);
    #ifdef LITTLE_ENDIAN_ORDER
        ByteReverseWords(sha->digest, sha->digest, SHA_DIGEST_SIZE);
    #endif
    XMEMCPY(hash, sha->digest, SHA_DIGEST_SIZE);

    InitSha(sha);  /* reset state */
}
Exemplo n.º 3
0
int wc_Sha512Final(Sha512* sha512, byte* hash)
{
    byte* local = (byte*)sha512->buffer;
    int ret;

    AddLength(sha512, sha512->buffLen);               /* before adding pads */

    local[sha512->buffLen++] = 0x80;  /* add 1 */

    /* pad with zeros */
    if (sha512->buffLen > SHA512_PAD_SIZE) {
        XMEMSET(&local[sha512->buffLen], 0, SHA512_BLOCK_SIZE -sha512->buffLen);
        sha512->buffLen += SHA512_BLOCK_SIZE - sha512->buffLen;
        #if defined(LITTLE_ENDIAN_ORDER) 
            ByteReverseWords64(sha512->buffer,sha512->buffer,SHA512_BLOCK_SIZE);
        #endif
        ret = _Transform(sha512);
        if (ret != 0)
            return ret;

        sha512->buffLen = 0;
    }
    XMEMSET(&local[sha512->buffLen], 0, SHA512_PAD_SIZE - sha512->buffLen);
   
    /* put lengths in bits */
    sha512->hiLen = (sha512->loLen >> (8*sizeof(sha512->loLen) - 3)) + 
                 (sha512->hiLen << 3);
    sha512->loLen = sha512->loLen << 3;

    /* store lengths */
    #if defined(LITTLE_ENDIAN_ORDER)
        ByteReverseWords64(sha512->buffer, sha512->buffer, SHA512_PAD_SIZE);
    #endif
    /* ! length ordering dependent on digest endian type ! */
    sha512->buffer[SHA512_BLOCK_SIZE / sizeof(word64) - 2] = sha512->hiLen;
    sha512->buffer[SHA512_BLOCK_SIZE / sizeof(word64) - 1] = sha512->loLen;
    ret = _Transform(sha512);
    if (ret != 0)
        return ret;

    #ifdef LITTLE_ENDIAN_ORDER
        ByteReverseWords64(sha512->digest, sha512->digest, SHA512_DIGEST_SIZE);
    #endif
    XMEMCPY(hash, sha512->digest, SHA512_DIGEST_SIZE);

    return wc_InitSha512(sha512);  /* reset state */

}
Exemplo n.º 4
0
/* Initialize Hmac for use with async device */
int wc_HmacInit(Hmac* hmac, void* heap, int devId)
{
    int ret = 0;

    if (hmac == NULL)
        return BAD_FUNC_ARG;

    XMEMSET(hmac, 0, sizeof(Hmac));
    hmac->heap = heap;

#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC)
    hmac->keyLen = 0;
    #ifdef HAVE_CAVIUM
        hmac->dataLen = 0;
        hmac->data    = NULL;        /* buffered input data */
    #endif /* HAVE_CAVIUM */

    ret = wolfAsync_DevCtxInit(&hmac->asyncDev, WOLFSSL_ASYNC_MARKER_HMAC,
                                                         hmac->heap, devId);
#else
    (void)devId;
#endif /* WOLFSSL_ASYNC_CRYPT */

    return ret;
}
Exemplo n.º 5
0
/* The DTLS Generate Cookie callback
 *  return : number of bytes copied into buf, or error
 */
int EmbedGenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *ctx)
{
    WOLFSSL_DTLS_CTX* dtlsCtx = (WOLFSSL_DTLS_CTX*)ctx;
    struct sockaddr_storage peer;
    XSOCKLENT peerSz = sizeof(peer);
    byte digest[SHA_DIGEST_SIZE];
    int ret = 0;

    (void)ssl;

    if (dtlsCtx == NULL || dtlsCtx->peer.sz == 0 || dtlsCtx->peer.sa == NULL) {
        WOLFSSL_MSG("Peer address was not set for this session");
        return GEN_COOKIE_E;
    }

    /* Use peer's address as cookie. */
    XMEMSET(&peer, 0, sizeof(peer));
    XMEMCPY(&peer, dtlsCtx->peer.sa, dtlsCtx->peer.sz);

    ret = wc_ShaHash((byte*)&peer, peerSz, digest);
    if (ret != 0) {
        return ret;
    }

    if (sz > SHA_DIGEST_SIZE) {
        sz = SHA_DIGEST_SIZE;
    }
    XMEMCPY(buf, digest, sz);

    return sz;
}
Exemplo n.º 6
0
static int _InitSha(wc_Sha* sha, void* heap, int devId, word32 digestSz,
    word32 type)
{
    Buffer buf[1];
    word32 arg[4];
    int ret;

    (void)heap;
    (void)devId;

    if (sha == NULL) {
        return BAD_FUNC_ARG;
    }

    XMEMSET(sha, 0, sizeof(Sha));

    /* Set buffer for context */
    buf[0].BufferType = DataBuffer | LastBuffer;
    buf[0].TheAddress = (Address)sha->ctx;
    buf[0].Length     = digestSz + WC_CAAM_CTXLEN;
    buf[0].Transferred = 0;

    arg[0] = CAAM_ALG_INIT;
    arg[1] = digestSz + WC_CAAM_CTXLEN;

    if ((ret = wc_caamAddAndWait(buf, arg, type)) != 0) {
        WOLFSSL_MSG("Error with CAAM SHA init");
        return ret;
    }

    return 0;
}
Exemplo n.º 7
0
int wc_bigint_alloc(WC_BIGINT* a, word32 sz)
{
    int err = MP_OKAY;

    if (a == NULL)
        return BAD_FUNC_ARG;

    if (sz > 0) {
        if (a->buf && sz > a->len) {
            wc_bigint_free(a);
        }
        if (a->buf == NULL) {
            a->buf = (byte*)XMALLOC(sz, a->heap, DYNAMIC_TYPE_WOLF_BIGINT);
        }
        if (a->buf == NULL) {
            err = MP_MEM;
        }
        else {
            XMEMSET(a->buf, 0, sz);
        }
    }
    a->len = sz;

    return err;
}
Exemplo n.º 8
0
static int Hash_gen(RNG* rng, byte* out, word32 outSz, byte* V)
{
    byte data[DBRG_SEED_LEN];
    int i, ret;
    int len = (outSz / SHA256_DIGEST_SIZE)
        + ((outSz % SHA256_DIGEST_SIZE) ? 1 : 0);

    XMEMCPY(data, V, sizeof(data));
    for (i = 0; i < len; i++) {
        ret = InitSha256(&rng->sha);
        if (ret != 0) return ret;
        Sha256Update(&rng->sha, data, sizeof(data));
        Sha256Final(&rng->sha, rng->digest);
        if (outSz > SHA256_DIGEST_SIZE) {
            XMEMCPY(out, rng->digest, SHA256_DIGEST_SIZE);
            outSz -= SHA256_DIGEST_SIZE;
            out += SHA256_DIGEST_SIZE;
            array_add_one(data, DBRG_SEED_LEN);
        }
        else {
            XMEMCPY(out, rng->digest, outSz);
        }
    }
    XMEMSET(data, 0, sizeof(data));

    return 0;
}
Exemplo n.º 9
0
/* init PKCS7 struct with recipient cert, decode into DecodedCert */
int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz)
{
    int ret = 0;

    XMEMSET(pkcs7, 0, sizeof(PKCS7));
    if (cert != NULL && certSz > 0) {
        DecodedCert dCert;

        pkcs7->singleCert = cert;
        pkcs7->singleCertSz = certSz;
        InitDecodedCert(&dCert, cert, certSz, 0);

        ret = ParseCert(&dCert, CA_TYPE, NO_VERIFY, 0);
        if (ret < 0) {
            FreeDecodedCert(&dCert);
            return ret;
        }
        XMEMCPY(pkcs7->publicKey, dCert.publicKey, dCert.pubKeySize);
        pkcs7->publicKeySz = dCert.pubKeySize;
        XMEMCPY(pkcs7->issuerHash, dCert.issuerHash, SHA_SIZE);
        pkcs7->issuer = dCert.issuerRaw;
        pkcs7->issuerSz = dCert.issuerRawLen;
        XMEMCPY(pkcs7->issuerSn, dCert.serial, dCert.serialSz);
        pkcs7->issuerSnSz = dCert.serialSz;
        FreeDecodedCert(&dCert);
    }

    return ret;
}
Exemplo n.º 10
0
struct pdfObject *insertPdfObject( struct  pdfObject *curObjPtr ) {
  struct pdfObject *tmpObjPtr, *newObjPtr;

#ifdef DEBUG
  if ( config->debug >= 3 )
    display( LOG_DEBUG, "Inserting pdf object" );
#endif

  if ( ( newObjPtr = XMALLOC( sizeof( struct pdfObject ) ) ) EQ NULL ) {
    display( LOG_ERR, "Unable to allocate memory for pdf object" );
    return NULL;
  }
  XMEMSET( newObjPtr, 0, sizeof( struct pdfObject ) );

  if ( curObjPtr->child != NULL ) {
    /* already a child */
    tmpObjPtr = curObjPtr->child;
    while( tmpObjPtr->next != NULL ) {
      tmpObjPtr = tmpObjPtr->next;
    }
    newObjPtr->parent = curObjPtr;
    tmpObjPtr->next = newObjPtr;
  } else {
    /* new child */ 
    newObjPtr->parent = curObjPtr;
    curObjPtr->child = newObjPtr;
  }

#ifdef DEBUG
  if ( config->debug >= 3 )
    display( LOG_DEBUG, "Inserted new object [0x%08x] parent=0x%08x", newObjPtr, newObjPtr->parent );
#endif

  return newObjPtr;
}
Exemplo n.º 11
0
int wc_Stm32_Aes_Init(Aes* aes, CRYP_HandleTypeDef* hcryp)
{
    int ret;
    word32 keySize;

    ret = wc_AesGetKeySize(aes, &keySize);
    if (ret != 0)
        return ret;

    XMEMSET(hcryp, 0, sizeof(CRYP_HandleTypeDef));
    switch (keySize) {
        case 16: /* 128-bit key */
            hcryp->Init.KeySize = CRYP_KEYSIZE_128B;
            break;
    #ifdef CRYP_KEYSIZE_192B
        case 24: /* 192-bit key */
            hcryp->Init.KeySize = CRYP_KEYSIZE_192B;
            break;
    #endif
        case 32: /* 256-bit key */
            hcryp->Init.KeySize = CRYP_KEYSIZE_256B;
            break;
        default:
            break;
    }
    hcryp->Instance = CRYP;
    hcryp->Init.DataType = CRYP_DATATYPE_8B;
    hcryp->Init.pKey = (uint8_t*)aes->key;

    return 0;
}
Exemplo n.º 12
0
void wc_Des_SetIV(Des* des, const byte* iv)
{
    if (des && iv)
        XMEMCPY(des->reg, iv, DES_BLOCK_SIZE);
    else if (des)
        XMEMSET(des->reg,  0, DES_BLOCK_SIZE);
}
Exemplo n.º 13
0
int wolfSSL_GetMemStats(WOLFSSL_HEAP* heap, WOLFSSL_MEM_STATS* stats)
{
        word32     i;
        wc_Memory* pt;

        XMEMSET(stats, 0, sizeof(WOLFSSL_MEM_STATS));

        stats->totalAlloc = heap->alloc;
        stats->totalFr    = heap->frAlc;
        stats->curAlloc   = stats->totalAlloc - stats->totalFr;
        stats->maxHa      = heap->maxHa;
        stats->maxIO      = heap->maxIO;
        for (i = 0; i < WOLFMEM_MAX_BUCKETS; i++) {
            stats->blockSz[i] = heap->sizeList[i];
            for (pt = heap->ava[i]; pt != NULL; pt = pt->next) {
                stats->avaBlock[i] += 1;
            }
        }

        for (pt = heap->io; pt != NULL; pt = pt->next) {
            stats->avaIO++;
        }

        stats->flag       = heap->flag; /* flag used */

    return 1;
}
Exemplo n.º 14
0
/* Returns: DRBG_SUCCESS or DRBG_FAILURE */
static int Hash_gen(RNG* rng, byte* out, word32 outSz, const byte* V)
{
    byte data[DRBG_SEED_LEN];
    int i;
    int len = (outSz / OUTPUT_BLOCK_LEN)
        + ((outSz % OUTPUT_BLOCK_LEN) ? 1 : 0);

    XMEMCPY(data, V, sizeof(data));
    for (i = 0; i < len; i++) {
        if (InitSha256(&rng->sha) != 0 ||
            Sha256Update(&rng->sha, data, sizeof(data)) != 0 ||
            Sha256Final(&rng->sha, rng->digest) != 0) {

            return DRBG_FAILURE;
        }

        if (outSz > OUTPUT_BLOCK_LEN) {
            XMEMCPY(out, rng->digest, OUTPUT_BLOCK_LEN);
            outSz -= OUTPUT_BLOCK_LEN;
            out += OUTPUT_BLOCK_LEN;
            array_add_one(data, DRBG_SEED_LEN);
        }
        else {
            XMEMCPY(out, rng->digest, outSz);
        }
    }
    XMEMSET(data, 0, sizeof(data));

    return DRBG_SUCCESS;
}
Exemplo n.º 15
0
/**
  Generate a stream of random bytes via ChaCha
  @param st      The ChaCha20 state
  @param out     [out] The output buffer
  @param outlen  The output length
  @return CRYPT_OK on success
 */
int chacha_keystream(chacha_state *st, unsigned char *out, unsigned long outlen)
{
   if (outlen == 0) return CRYPT_OK; /* nothing to do */
   LTC_ARGCHK(out != NULL);
   XMEMSET(out, 0, outlen);
   return chacha_crypt(st, out, outlen, out);
}
Exemplo n.º 16
0
int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
                     RsaKey* key)
{
    int plainLen, ret;
    byte*  tmp;
    byte*  pad = 0;

#ifdef HAVE_CAVIUM
    if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
        return CaviumRsaSSL_Verify(in, inLen, out, outLen, key);
#endif

    tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA);
    if (tmp == NULL) {
        return MEMORY_E;
    }

    XMEMCPY(tmp, in, inLen);

    if ((ret = plainLen = RsaSSL_VerifyInline(tmp, inLen, &pad, key))
            < 0) {
        XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
        return ret;
    }

    if (plainLen > (int)outLen)
        plainLen = BAD_FUNC_ARG;
    else 
        XMEMCPY(out, pad, plainLen);
    XMEMSET(tmp, 0x00, inLen); 

    XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
    return plainLen;
}
Exemplo n.º 17
0
/* returns 0 if file found, -1 if no files or negative error */
int wc_ReadDirFirst(ReadDirCtx* ctx, const char* path, char** name)
{
    int ret = -1; /* default to no files found */

    if (name)
        *name = NULL;

    if (ctx == NULL || path == NULL) {
        return BAD_FUNC_ARG;
    }

    XMEMSET(ctx->name, 0, MAX_FILENAME_SZ);

#ifdef USE_WINDOWS_API
    XSTRNCPY(ctx->name, path, MAX_FILENAME_SZ - 4);
    XSTRNCAT(ctx->name, "\\*", 3);

    ctx->hFind = FindFirstFileA(ctx->name, &ctx->FindFileData);
    if (ctx->hFind == INVALID_HANDLE_VALUE) {
        WOLFSSL_MSG("FindFirstFile for path verify locations failed");
        return BAD_PATH_ERROR;
    }

    do {
        if (ctx->FindFileData.dwFileAttributes != FILE_ATTRIBUTE_DIRECTORY) {
            XSTRNCPY(ctx->name, path, MAX_FILENAME_SZ/2 - 3);
            XSTRNCAT(ctx->name, "\\", 2);
            XSTRNCAT(ctx->name, ctx->FindFileData.cFileName, MAX_FILENAME_SZ/2);
            if (name)
                *name = ctx->name;
            return 0;
        }
    } while (FindNextFileA(ctx->hFind, &ctx->FindFileData));
#else
    ctx->dir = opendir(path);
    if (ctx->dir == NULL) {
        WOLFSSL_MSG("opendir path verify locations failed");
        return BAD_PATH_ERROR;
    }

    while ((ctx->entry = readdir(ctx->dir)) != NULL) {
        XSTRNCPY(ctx->name, path, MAX_FILENAME_SZ/2 - 2);
        XSTRNCAT(ctx->name, "/", 1);
        XSTRNCAT(ctx->name, ctx->entry->d_name, MAX_FILENAME_SZ/2);

        if (stat(ctx->name, &ctx->s) != 0) {
            WOLFSSL_MSG("stat on name failed");
            ret = BAD_PATH_ERROR;
            break;
        } else if (ctx->s.st_mode & S_IFREG) {
            if (name)
                *name = ctx->name;
            return 0;
        }
    }
#endif
    wc_ReadDirClose(ctx);

    return ret;
}
Exemplo n.º 18
0
    /* HMAC-KDF-Extract.
     * RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF).
     *
     * type     The hash algorithm type.
     * salt     The optional salt value.
     * saltSz   The size of the salt.
     * inKey    The input keying material.
     * inKeySz  The size of the input keying material.
     * out      The pseudorandom key with the length that of the hash.
     * returns 0 on success, otherwise failure.
     */
    int wc_HKDF_Extract(int type, const byte* salt, word32 saltSz,
                        const byte* inKey, word32 inKeySz, byte* out)
    {
        byte   tmp[MAX_DIGEST_SIZE]; /* localSalt helper */
        Hmac   myHmac;
        int    ret;
        const  byte* localSalt;  /* either points to user input or tmp */
        int    hashSz;

        ret = wc_HmacSizeByType(type);
        if (ret < 0)
            return ret;

        hashSz = ret;
        localSalt = salt;
        if (localSalt == NULL) {
            XMEMSET(tmp, 0, hashSz);
            localSalt = tmp;
            saltSz    = hashSz;
        }

        ret = wc_HmacSetKey(&myHmac, type, localSalt, saltSz);
        if (ret == 0)
            ret = wc_HmacUpdate(&myHmac, inKey, inKeySz);
        if (ret == 0)
            ret = wc_HmacFinal(&myHmac,  out);

        return ret;
    }
Exemplo n.º 19
0
int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
                     RsaKey* key)
{
    int plainLen, ret;
    byte*  tmp;
    byte*  pad = 0;

    if ( !(tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA)) )
        return MEMORY_E;

    XMEMCPY(tmp, in, inLen);

    if ((ret = plainLen = RsaSSL_VerifyInline(tmp, inLen, &pad, key))
            < 0) {
        XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
        return ret;
    }

    if (plainLen > (int)outLen)
        plainLen = BAD_FUNC_ARG;
    else 
        XMEMCPY(out, pad, plainLen);
    XMEMSET(tmp, 0x00, inLen); 

    XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
    return plainLen;
}
Exemplo n.º 20
0
/* Is this correct? */
int blake2b_final( blake2b_state *S, byte *out, byte outlen )
{
  byte buffer[BLAKE2B_OUTBYTES];
  int     i;

  if( S->buflen > BLAKE2B_BLOCKBYTES )
  {
    blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES );

    if ( blake2b_compress( S, S->buf ) < 0 ) return -1;

    S->buflen -= BLAKE2B_BLOCKBYTES;
    XMEMCPY( S->buf, S->buf + BLAKE2B_BLOCKBYTES, (wolfssl_word)S->buflen );
  }

  blake2b_increment_counter( S, S->buflen );
  blake2b_set_lastblock( S );
  XMEMSET( S->buf + S->buflen, 0, (wolfssl_word)(2 * BLAKE2B_BLOCKBYTES - S->buflen) );
         /* Padding */
  if ( blake2b_compress( S, S->buf ) < 0 ) return -1;

  for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */
    store64( buffer + sizeof( S->h[i] ) * i, S->h[i] );

  XMEMCPY( out, buffer, outlen );
  return 0;
}
Exemplo n.º 21
0
static void RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock,
                   word32 pkcsBlockLen, byte padValue, RNG* rng)
{
    if (inputLen == 0) return;

    pkcsBlock[0] = 0x0;       /* set first byte to zero and advance */
    pkcsBlock++; pkcsBlockLen--;
    pkcsBlock[0] = padValue;  /* insert padValue */

    if (padValue == RSA_BLOCK_TYPE_1)
        /* pad with 0xff bytes */
        XMEMSET(&pkcsBlock[1], 0xFF, pkcsBlockLen - inputLen - 2);
    else {
        /* pad with non-zero random bytes */
        word32 padLen = pkcsBlockLen - inputLen - 1, i;
        RNG_GenerateBlock(rng, &pkcsBlock[1], padLen);

        /* remove zeros */
        for (i = 1; i < padLen; i++)
            if (pkcsBlock[i] == 0) pkcsBlock[i] = 0x01;
    }

    pkcsBlock[pkcsBlockLen-inputLen-1] = 0;     /* separator */
    XMEMCPY(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen);
}
Exemplo n.º 22
0
/* The DTLS Generate Cookie callback
 *  return : number of bytes copied into buf, or error
 */
int EmbedGenerateCookie(CYASSL* ssl, byte *buf, int sz, void *ctx)
{
    int sd = ssl->wfd;
    struct sockaddr_storage peer;
    XSOCKLENT peerSz = sizeof(peer);
    byte digest[SHA_DIGEST_SIZE];
    int  ret = 0;

    (void)ctx;

    XMEMSET(&peer, 0, sizeof(peer));
    if (getpeername(sd, (struct sockaddr*)&peer, &peerSz) != 0) {
        CYASSL_MSG("getpeername failed in EmbedGenerateCookie");
        return GEN_COOKIE_E;
    }

    ret = ShaHash((byte*)&peer, peerSz, digest);
    if (ret != 0)
        return ret;

    if (sz > SHA_DIGEST_SIZE)
        sz = SHA_DIGEST_SIZE;
    XMEMCPY(buf, digest, sz);

    return sz;
}
Exemplo n.º 23
0
int blake2s_done(hash_state *md, unsigned char *out)
{
   unsigned char buffer[BLAKE2S_OUTBYTES] = { 0 };
   unsigned long i;

   LTC_ARGCHK(md != NULL);
   LTC_ARGCHK(out != NULL);

   /* if(md->blake2s.outlen != outlen) return CRYPT_INVALID_ARG; */

   if (blake2s_is_lastblock(md))
      return CRYPT_ERROR;

   blake2s_increment_counter(md, md->blake2s.curlen);
   blake2s_set_lastblock(md);
   XMEMSET(md->blake2s.buf + md->blake2s.curlen, 0, BLAKE2S_BLOCKBYTES - md->blake2s.curlen); /* Padding */
   blake2s_compress(md, md->blake2s.buf);

   for (i = 0; i < 8; ++i) /* Output full hash to temp buffer */
      STORE32L(md->blake2s.h[i], buffer + i * 4);

   XMEMCPY(out, buffer, md->blake2s.outlen);
   zeromem(md, sizeof(hash_state));
#ifdef LTC_CLEAN_STACK
   zeromem(buffer, sizeof(buffer));
#endif
   return CRYPT_OK;
}
Exemplo n.º 24
0
int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key,
                      const byte keylen )
{
  blake2b_param P[1];

  if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return -1;

  if ( !key || !keylen || keylen > BLAKE2B_KEYBYTES ) return -1;

  P->digest_length = outlen;
  P->key_length    = keylen;
  P->fanout        = 1;
  P->depth         = 1;
  store32( &P->leaf_length, 0 );
  store64( &P->node_offset, 0 );
  P->node_depth    = 0;
  P->inner_length  = 0;
  XMEMSET( P->reserved, 0, sizeof( P->reserved ) );
  XMEMSET( P->salt,     0, sizeof( P->salt ) );
  XMEMSET( P->personal, 0, sizeof( P->personal ) );

  if( blake2b_init_param( S, P ) < 0 ) return -1;

  {
#ifdef WOLFSSL_SMALL_STACK
    byte* block;

    block = (byte*)XMALLOC(BLAKE2B_BLOCKBYTES, NULL, DYNAMIC_TYPE_TMP_BUFFER);

    if ( block == NULL ) return -1;
#else
    byte block[BLAKE2B_BLOCKBYTES];
#endif

    XMEMSET( block, 0, BLAKE2B_BLOCKBYTES );
    XMEMCPY( block, key, keylen );
    blake2b_update( S, block, BLAKE2B_BLOCKBYTES );
    secure_zero_memory( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from */
                                                     /* memory */

#ifdef WOLFSSL_SMALL_STACK
    XFREE(block, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
  }
  return 0;
}
Exemplo n.º 25
0
int ecc25519_init(ecc25519_key* key)
{
    word32 keySz;

    if (key == NULL)
       return ECC_BAD_ARG_E;

    /* currently the only format for curve25519 */
    key->f  = montgomery_x_le;
    key->dp = &ecc25519_sets[0];
    keySz   = key->dp->size;

    XMEMSET(key->k.point, 0, keySz);
    XMEMSET(key->p.point, 0, keySz);

    return 0;
}
Exemplo n.º 26
0
void XZEROMEM(void *s, SIZE_T n)
{
	if(NULL != xfun.xzeromem) {
		xfun.xzeromem(s, n);
	} else {
		XMEMSET(s, 0, n);
	}
}
Exemplo n.º 27
0
int wc_Sha256Final(Sha256 *sha256, byte *hash)
{
	byte *local = (byte *)sha256->buffer;
	int ret;

	AddLength(sha256, sha256->buffLen);  /* before adding pads */

	local[sha256->buffLen++] = 0x80;     /* add 1 */

	/* pad with zeros */
	if (sha256->buffLen > SHA256_PAD_SIZE) {
		XMEMSET(&local[sha256->buffLen], 0, SHA256_BLOCK_SIZE - sha256->buffLen);
		sha256->buffLen += SHA256_BLOCK_SIZE - sha256->buffLen;

		ByteReverseWords(sha256->buffer, sha256->buffer, SHA256_BLOCK_SIZE);

		ret = XTRANSFORM(sha256, local);
		if (ret != 0)
			return ret;

		sha256->buffLen = 0;
	}
	XMEMSET(&local[sha256->buffLen], 0, SHA256_PAD_SIZE - sha256->buffLen);

	/* put lengths in bits */
	sha256->hiLen = (sha256->loLen >> (8 * sizeof(sha256->loLen) - 3)) +
				 (sha256->hiLen << 3);
	sha256->loLen = sha256->loLen << 3;

	/* store lengths */
	ByteReverseWords(sha256->buffer, sha256->buffer, SHA256_BLOCK_SIZE);

	/* ! length ordering dependent on digest endian type ! */
	XMEMCPY(&local[SHA256_PAD_SIZE], &sha256->hiLen, sizeof(word32));
	XMEMCPY(&local[SHA256_PAD_SIZE + sizeof(word32)], &sha256->loLen,
			sizeof(word32));

	ret = XTRANSFORM(sha256, local);
	if (ret != 0)
		return ret;

	ByteReverseWords(sha256->digest, sha256->digest, SHA256_DIGEST_SIZE);
	XMEMCPY(hash, sha256->digest, SHA256_DIGEST_SIZE);

	return wc_InitSha256(sha256);  /* reset state */
}
Exemplo n.º 28
0
static void Transform(Sha512* sha512)
{
    const word64* K = K512;

    word32 j;
    word64 W[16];
    word64 T[8];

    /* Copy digest to working vars */
    XMEMCPY(T, sha512->digest, sizeof(T));

    /* 64 operations, partially loop unrolled */
    for (j = 0; j < 80; j += 16) {
        R( 0);
        R( 1);
        R( 2);
        R( 3);
        R( 4);
        R( 5);
        R( 6);
        R( 7);
        R( 8);
        R( 9);
        R(10);
        R(11);
        R(12);
        R(13);
        R(14);
        R(15);
    }

    /* Add the working vars back into digest */

    sha512->digest[0] += a(0);
    sha512->digest[1] += b(0);
    sha512->digest[2] += c(0);
    sha512->digest[3] += d(0);
    sha512->digest[4] += e(0);
    sha512->digest[5] += f(0);
    sha512->digest[6] += g(0);
    sha512->digest[7] += h(0);

    /* Wipe variables */
    XMEMSET(W, 0, sizeof(W));
    XMEMSET(T, 0, sizeof(T));
}
Exemplo n.º 29
0
static void blake2b_init0(hash_state *md)
{
   unsigned long i;
   XMEMSET(&md->blake2b, 0, sizeof(md->blake2b));

   for (i = 0; i < 8; ++i)
      md->blake2b.h[i] = blake2b_IV[i];
}
Exemplo n.º 30
0
static INLINE int blake2b_init0( blake2b_state *S )
{
  int i;
  XMEMSET( S, 0, sizeof( blake2b_state ) );

  for( i = 0; i < 8; ++i ) S->h[i] = blake2b_IV[i];

  return 0;
}