int wc_Sha256Final(wc_Sha256* sha256, byte* hash) { CRYSError_t ret = 0; CRYS_HASH_Result_t hashResult; if (sha256 == NULL || hash == NULL) { return BAD_FUNC_ARG; } ret = CRYS_HASH_Finish(&sha256->ctx, hashResult); if (ret != SA_SILIB_RET_OK){ WOLFSSL_MSG("Error CRYS_HASH_Finish failed"); return ret; } XMEMCPY(sha256->digest, hashResult, WC_SHA256_DIGEST_SIZE); XMEMCPY(hash, sha256->digest, WC_SHA256_DIGEST_SIZE); /* reset state */ return wc_InitSha256_ex(sha256, NULL, INVALID_DEVID); }
int wc_InitSha256(Sha256* sha256) { return wc_InitSha256_ex(sha256, NULL, INVALID_DEVID); }
/* Returns: DRBG_SUCCESS or DRBG_FAILURE */ static int Hash_gen(DRBG* drbg, byte* out, word32 outSz, const byte* V) { int ret = DRBG_FAILURE; byte data[DRBG_SEED_LEN]; int i; int len; word32 checkBlock; Sha256 sha; DECLARE_VAR(digest, byte, SHA256_DIGEST_SIZE, drbg->heap); /* Special case: outSz is 0 and out is NULL. wc_Generate a block to save for * the continuous test. */ if (outSz == 0) outSz = 1; len = (outSz / OUTPUT_BLOCK_LEN) + ((outSz % OUTPUT_BLOCK_LEN) ? 1 : 0); XMEMCPY(data, V, sizeof(data)); for (i = 0; i < len; i++) { #ifdef WOLFSSL_ASYNC_CRYPT ret = wc_InitSha256_ex(&sha, drbg->heap, drbg->devId); #else ret = wc_InitSha256(&sha); #endif if (ret == 0) ret = wc_Sha256Update(&sha, data, sizeof(data)); if (ret == 0) ret = wc_Sha256Final(&sha, digest); wc_Sha256Free(&sha); if (ret == 0) { XMEMCPY(&checkBlock, digest, sizeof(word32)); if (drbg->reseedCtr > 1 && checkBlock == drbg->lastBlock) { if (drbg->matchCount == 1) { return DRBG_CONT_FAILURE; } else { if (i == len) { len++; } drbg->matchCount = 1; } } else { drbg->matchCount = 0; drbg->lastBlock = checkBlock; } if (out != NULL && outSz != 0) { if (outSz >= OUTPUT_BLOCK_LEN) { XMEMCPY(out, digest, OUTPUT_BLOCK_LEN); outSz -= OUTPUT_BLOCK_LEN; out += OUTPUT_BLOCK_LEN; array_add_one(data, DRBG_SEED_LEN); } else { XMEMCPY(out, digest, outSz); outSz = 0; } } } } ForceZero(data, sizeof(data)); FREE_VAR(digest, drbg->heap); return (ret == 0) ? DRBG_SUCCESS : DRBG_FAILURE; }
/* Returns: DRBG_SUCCESS or DRBG_FAILURE */ static int Hash_df(DRBG* drbg, byte* out, word32 outSz, byte type, const byte* inA, word32 inASz, const byte* inB, word32 inBSz) { int ret = DRBG_FAILURE; byte ctr; int i; int len; word32 bits = (outSz * 8); /* reverse byte order */ Sha256 sha; DECLARE_VAR(digest, byte, SHA256_DIGEST_SIZE, drbg->heap); (void)drbg; #ifdef WOLFSSL_ASYNC_CRYPT if (digest == NULL) return DRBG_FAILURE; #endif #ifdef LITTLE_ENDIAN_ORDER bits = ByteReverseWord32(bits); #endif len = (outSz / OUTPUT_BLOCK_LEN) + ((outSz % OUTPUT_BLOCK_LEN) ? 1 : 0); for (i = 0, ctr = 1; i < len; i++, ctr++) { #ifdef WOLFSSL_ASYNC_CRYPT ret = wc_InitSha256_ex(&sha, drbg->heap, drbg->devId); #else ret = wc_InitSha256(&sha); #endif if (ret != 0) break; if (ret == 0) ret = wc_Sha256Update(&sha, &ctr, sizeof(ctr)); if (ret == 0) ret = wc_Sha256Update(&sha, (byte*)&bits, sizeof(bits)); if (ret == 0) { /* churning V is the only string that doesn't have the type added */ if (type != drbgInitV) ret = wc_Sha256Update(&sha, &type, sizeof(type)); } if (ret == 0) ret = wc_Sha256Update(&sha, inA, inASz); if (ret == 0) { if (inB != NULL && inBSz > 0) ret = wc_Sha256Update(&sha, inB, inBSz); } if (ret == 0) ret = wc_Sha256Final(&sha, digest); wc_Sha256Free(&sha); if (ret == 0) { if (outSz > OUTPUT_BLOCK_LEN) { XMEMCPY(out, digest, OUTPUT_BLOCK_LEN); outSz -= OUTPUT_BLOCK_LEN; out += OUTPUT_BLOCK_LEN; } else { XMEMCPY(out, digest, outSz); } } } ForceZero(digest, SHA256_DIGEST_SIZE); FREE_VAR(digest, drbg->heap); return (ret == 0) ? DRBG_SUCCESS : DRBG_FAILURE; }