diff options
author | Robert Sloan <varomodt@google.com> | 2019-04-08 12:43:32 -0700 |
---|---|---|
committer | Robert Sloan <varomodt@google.com> | 2019-04-08 12:43:32 -0700 |
commit | 4726ed3660caaf209857097358032c4257d910ad (patch) | |
tree | 136306c03b9a35b373e83ea9feac30f841aa9b6f /src/crypto/fipsmodule | |
parent | 59e995095fe954f27310a76663bba2ae6032eb5d (diff) | |
download | boringssl-4726ed3660caaf209857097358032c4257d910ad.tar.gz |
external/boringssl: Sync to 387b07b78dac785a341eeb2ff86e29393ffe8627.android-q-preview-6android-q-preview-5android-q-preview-4android-q-preview-2.5
This includes the following changes:
https://boringssl.googlesource.com/boringssl/+log/df11bed9ee05141b54da7b88cc5b7960ca858164..387b07b78dac785a341eeb2ff86e29393ffe8627
Test: atest CtsLibcoreTestCases (TODO)
Change-Id: I815f6f838a77041a4b71abfa2a03d409f106e71a
Diffstat (limited to 'src/crypto/fipsmodule')
-rw-r--r-- | src/crypto/fipsmodule/digest/md32_common.h | 6 | ||||
-rw-r--r-- | src/crypto/fipsmodule/md4/md4.c | 4 | ||||
-rw-r--r-- | src/crypto/fipsmodule/md5/md5.c | 4 | ||||
-rw-r--r-- | src/crypto/fipsmodule/sha/sha1.c | 4 | ||||
-rw-r--r-- | src/crypto/fipsmodule/sha/sha256.c | 14 | ||||
-rw-r--r-- | src/crypto/fipsmodule/sha/sha512.c | 50 |
6 files changed, 49 insertions, 33 deletions
diff --git a/src/crypto/fipsmodule/digest/md32_common.h b/src/crypto/fipsmodule/digest/md32_common.h index a0c3665d..07d39d9d 100644 --- a/src/crypto/fipsmodule/digest/md32_common.h +++ b/src/crypto/fipsmodule/digest/md32_common.h @@ -223,12 +223,12 @@ int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len) { } -void HASH_TRANSFORM(HASH_CTX *c, const uint8_t *data) { +void HASH_TRANSFORM(HASH_CTX *c, const uint8_t data[HASH_CBLOCK]) { HASH_BLOCK_DATA_ORDER(c->h, data, 1); } -int HASH_FINAL(uint8_t *md, HASH_CTX *c) { +int HASH_FINAL(uint8_t out[HASH_DIGEST_LENGTH], HASH_CTX *c) { // |c->data| always has room for at least one byte. A full block would have // been consumed. size_t n = c->num; @@ -258,7 +258,7 @@ int HASH_FINAL(uint8_t *md, HASH_CTX *c) { c->num = 0; OPENSSL_memset(c->data, 0, HASH_CBLOCK); - HASH_MAKE_STRING(c, md); + HASH_MAKE_STRING(c, out); return 1; } diff --git a/src/crypto/fipsmodule/md4/md4.c b/src/crypto/fipsmodule/md4/md4.c index f0c1dcdf..cc2a6314 100644 --- a/src/crypto/fipsmodule/md4/md4.c +++ b/src/crypto/fipsmodule/md4/md4.c @@ -62,7 +62,7 @@ #include "../../internal.h" -uint8_t *MD4(const uint8_t *data, size_t len, uint8_t *out) { +uint8_t *MD4(const uint8_t *data, size_t len, uint8_t out[MD4_DIGEST_LENGTH]) { MD4_CTX ctx; MD4_Init(&ctx); MD4_Update(&ctx, data, len); @@ -88,6 +88,7 @@ void md4_block_data_order(uint32_t *state, const uint8_t *data, size_t num); #define HASH_CTX MD4_CTX #define HASH_CBLOCK 64 +#define HASH_DIGEST_LENGTH 16 #define HASH_UPDATE MD4_Update #define HASH_TRANSFORM MD4_Transform #define HASH_FINAL MD4_Final @@ -238,6 +239,7 @@ void md4_block_data_order(uint32_t *state, const uint8_t *data, size_t num) { #undef DATA_ORDER_IS_LITTLE_ENDIAN #undef HASH_CTX #undef HASH_CBLOCK +#undef HASH_DIGEST_LENGTH #undef HASH_UPDATE #undef HASH_TRANSFORM #undef HASH_FINAL diff --git a/src/crypto/fipsmodule/md5/md5.c b/src/crypto/fipsmodule/md5/md5.c index 66c65a6b..a48d7043 100644 --- a/src/crypto/fipsmodule/md5/md5.c +++ b/src/crypto/fipsmodule/md5/md5.c @@ -64,7 +64,7 @@ #include "../../internal.h" -uint8_t *MD5(const uint8_t *data, size_t len, uint8_t *out) { +uint8_t *MD5(const uint8_t *data, size_t len, uint8_t out[MD5_DIGEST_LENGTH]) { MD5_CTX ctx; MD5_Init(&ctx); MD5_Update(&ctx, data, len); @@ -94,6 +94,7 @@ static void md5_block_data_order(uint32_t *state, const uint8_t *data, #define HASH_CTX MD5_CTX #define HASH_CBLOCK 64 +#define HASH_DIGEST_LENGTH 16 #define HASH_UPDATE MD5_Update #define HASH_TRANSFORM MD5_Transform #define HASH_FINAL MD5_Final @@ -281,6 +282,7 @@ static void md5_block_data_order(uint32_t *state, const uint8_t *data, #undef DATA_ORDER_IS_LITTLE_ENDIAN #undef HASH_CTX #undef HASH_CBLOCK +#undef HASH_DIGEST_LENGTH #undef HASH_UPDATE #undef HASH_TRANSFORM #undef HASH_FINAL diff --git a/src/crypto/fipsmodule/sha/sha1.c b/src/crypto/fipsmodule/sha/sha1.c index a3b771a9..cc1243be 100644 --- a/src/crypto/fipsmodule/sha/sha1.c +++ b/src/crypto/fipsmodule/sha/sha1.c @@ -74,7 +74,7 @@ int SHA1_Init(SHA_CTX *sha) { return 1; } -uint8_t *SHA1(const uint8_t *data, size_t len, uint8_t *out) { +uint8_t *SHA1(const uint8_t *data, size_t len, uint8_t out[SHA_DIGEST_LENGTH]) { SHA_CTX ctx; SHA1_Init(&ctx); SHA1_Update(&ctx, data, len); @@ -87,6 +87,7 @@ uint8_t *SHA1(const uint8_t *data, size_t len, uint8_t *out) { #define HASH_CTX SHA_CTX #define HASH_CBLOCK 64 +#define HASH_DIGEST_LENGTH 20 #define HASH_MAKE_STRING(c, s) \ do { \ uint32_t ll; \ @@ -343,6 +344,7 @@ static void sha1_block_data_order(uint32_t *state, const uint8_t *data, #undef DATA_ORDER_IS_BIG_ENDIAN #undef HASH_CTX #undef HASH_CBLOCK +#undef HASH_DIGEST_LENGTH #undef HASH_MAKE_STRING #undef HASH_UPDATE #undef HASH_TRANSFORM diff --git a/src/crypto/fipsmodule/sha/sha256.c b/src/crypto/fipsmodule/sha/sha256.c index 92a52956..0e424461 100644 --- a/src/crypto/fipsmodule/sha/sha256.c +++ b/src/crypto/fipsmodule/sha/sha256.c @@ -92,7 +92,8 @@ int SHA256_Init(SHA256_CTX *sha) { return 1; } -uint8_t *SHA224(const uint8_t *data, size_t len, uint8_t *out) { +uint8_t *SHA224(const uint8_t *data, size_t len, + uint8_t out[SHA224_DIGEST_LENGTH]) { SHA256_CTX ctx; SHA224_Init(&ctx); SHA224_Update(&ctx, data, len); @@ -101,7 +102,8 @@ uint8_t *SHA224(const uint8_t *data, size_t len, uint8_t *out) { return out; } -uint8_t *SHA256(const uint8_t *data, size_t len, uint8_t *out) { +uint8_t *SHA256(const uint8_t *data, size_t len, + uint8_t out[SHA256_DIGEST_LENGTH]) { SHA256_CTX ctx; SHA256_Init(&ctx); SHA256_Update(&ctx, data, len); @@ -114,14 +116,17 @@ int SHA224_Update(SHA256_CTX *ctx, const void *data, size_t len) { return SHA256_Update(ctx, data, len); } -int SHA224_Final(uint8_t *md, SHA256_CTX *ctx) { - return SHA256_Final(md, ctx); +int SHA224_Final(uint8_t out[SHA224_DIGEST_LENGTH], SHA256_CTX *ctx) { + // SHA224_Init sets |ctx->md_len| to |SHA224_DIGEST_LENGTH|, so this has a + // smaller output. + return SHA256_Final(out, ctx); } #define DATA_ORDER_IS_BIG_ENDIAN #define HASH_CTX SHA256_CTX #define HASH_CBLOCK 64 +#define HASH_DIGEST_LENGTH 32 // Note that FIPS180-2 discusses "Truncation of the Hash Function Output." // default: case below covers for it. It's not clear however if it's permitted @@ -319,6 +324,7 @@ void SHA256_TransformBlocks(uint32_t state[8], const uint8_t *data, #undef DATA_ORDER_IS_BIG_ENDIAN #undef HASH_CTX #undef HASH_CBLOCK +#undef HASH_DIGEST_LENGTH #undef HASH_MAKE_STRING #undef HASH_UPDATE #undef HASH_TRANSFORM diff --git a/src/crypto/fipsmodule/sha/sha512.c b/src/crypto/fipsmodule/sha/sha512.c index f96cfbd8..848f3b62 100644 --- a/src/crypto/fipsmodule/sha/sha512.c +++ b/src/crypto/fipsmodule/sha/sha512.c @@ -105,7 +105,8 @@ int SHA512_Init(SHA512_CTX *sha) { return 1; } -uint8_t *SHA384(const uint8_t *data, size_t len, uint8_t *out) { +uint8_t *SHA384(const uint8_t *data, size_t len, + uint8_t out[SHA384_DIGEST_LENGTH]) { SHA512_CTX ctx; SHA384_Init(&ctx); SHA384_Update(&ctx, data, len); @@ -114,7 +115,8 @@ uint8_t *SHA384(const uint8_t *data, size_t len, uint8_t *out) { return out; } -uint8_t *SHA512(const uint8_t *data, size_t len, uint8_t *out) { +uint8_t *SHA512(const uint8_t *data, size_t len, + uint8_t out[SHA512_DIGEST_LENGTH]) { SHA512_CTX ctx; SHA512_Init(&ctx); SHA512_Update(&ctx, data, len); @@ -129,15 +131,17 @@ static void sha512_block_data_order(uint64_t *state, const uint8_t *in, #endif -int SHA384_Final(uint8_t *md, SHA512_CTX *sha) { - return SHA512_Final(md, sha); +int SHA384_Final(uint8_t out[SHA384_DIGEST_LENGTH], SHA512_CTX *sha) { + // |SHA384_Init| sets |sha->md_len| to |SHA384_DIGEST_LENGTH|, so this has a + // |smaller output. + return SHA512_Final(out, sha); } int SHA384_Update(SHA512_CTX *sha, const void *data, size_t len) { return SHA512_Update(sha, data, len); } -void SHA512_Transform(SHA512_CTX *c, const uint8_t *block) { +void SHA512_Transform(SHA512_CTX *c, const uint8_t block[SHA512_CBLOCK]) { sha512_block_data_order(c->h, block, 1); } @@ -189,7 +193,7 @@ int SHA512_Update(SHA512_CTX *c, const void *in_data, size_t len) { return 1; } -int SHA512_Final(uint8_t *md, SHA512_CTX *sha) { +int SHA512_Final(uint8_t out[SHA512_DIGEST_LENGTH], SHA512_CTX *sha) { uint8_t *p = sha->p; size_t n = sha->num; @@ -221,7 +225,7 @@ int SHA512_Final(uint8_t *md, SHA512_CTX *sha) { sha512_block_data_order(sha->h, p, 1); - if (md == NULL) { + if (out == NULL) { // TODO(davidben): This NULL check is absent in other low-level hash 'final' // functions and is one of the few places one can fail. return 0; @@ -233,28 +237,28 @@ int SHA512_Final(uint8_t *md, SHA512_CTX *sha) { for (n = 0; n < SHA384_DIGEST_LENGTH / 8; n++) { uint64_t t = sha->h[n]; - *(md++) = (uint8_t)(t >> 56); - *(md++) = (uint8_t)(t >> 48); - *(md++) = (uint8_t)(t >> 40); - *(md++) = (uint8_t)(t >> 32); - *(md++) = (uint8_t)(t >> 24); - *(md++) = (uint8_t)(t >> 16); - *(md++) = (uint8_t)(t >> 8); - *(md++) = (uint8_t)(t); + *(out++) = (uint8_t)(t >> 56); + *(out++) = (uint8_t)(t >> 48); + *(out++) = (uint8_t)(t >> 40); + *(out++) = (uint8_t)(t >> 32); + *(out++) = (uint8_t)(t >> 24); + *(out++) = (uint8_t)(t >> 16); + *(out++) = (uint8_t)(t >> 8); + *(out++) = (uint8_t)(t); } break; case SHA512_DIGEST_LENGTH: for (n = 0; n < SHA512_DIGEST_LENGTH / 8; n++) { uint64_t t = sha->h[n]; - *(md++) = (uint8_t)(t >> 56); - *(md++) = (uint8_t)(t >> 48); - *(md++) = (uint8_t)(t >> 40); - *(md++) = (uint8_t)(t >> 32); - *(md++) = (uint8_t)(t >> 24); - *(md++) = (uint8_t)(t >> 16); - *(md++) = (uint8_t)(t >> 8); - *(md++) = (uint8_t)(t); + *(out++) = (uint8_t)(t >> 56); + *(out++) = (uint8_t)(t >> 48); + *(out++) = (uint8_t)(t >> 40); + *(out++) = (uint8_t)(t >> 32); + *(out++) = (uint8_t)(t >> 24); + *(out++) = (uint8_t)(t >> 16); + *(out++) = (uint8_t)(t >> 8); + *(out++) = (uint8_t)(t); } break; // ... as well as make sure md_len is not abused. |