Commit 1bd3ae82 authored by Paul Bakker's avatar Paul Bakker
Browse files

Added md_process() to MD layer for generic internal access to hash

process functions

Access to process functions is needed to reduce possible timing attacks
on SSL MAC checks. As SSL is set to move to using the dynamic MD layer,
the MD layer needs access to these process functions as well.
parent 90f042d4
......@@ -111,6 +111,8 @@ typedef struct {
/** Free the given context */
void (*ctx_free_func)( void *ctx );
/** Internal use only */
void (*process_func)( void *ctx, const unsigned char *input );
} md_info_t;
/**
......@@ -347,6 +349,9 @@ int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output );
/* Internal use */
int md_process( md_context_t *ctx, const unsigned char *data );
#ifdef __cplusplus
}
#endif
......
......@@ -146,6 +146,9 @@ void md2_hmac( const unsigned char *key, size_t keylen,
*/
int md2_self_test( int verbose );
/* Internal use */
void md2_process( md2_context *ctx );
#ifdef __cplusplus
}
#endif
......
......@@ -152,6 +152,9 @@ void md4_hmac( const unsigned char *key, size_t keylen,
*/
int md4_self_test( int verbose );
/* Internal use */
void md4_process( md4_context *ctx, const unsigned char data[64] );
#ifdef __cplusplus
}
#endif
......
......@@ -161,6 +161,9 @@ void sha4_hmac( const unsigned char *key, size_t keylen,
*/
int sha4_self_test( int verbose );
/* Internal use */
void sha4_process( sha4_context *ctx, const unsigned char data[128] );
#ifdef __cplusplus
}
#endif
......
......@@ -294,4 +294,14 @@ int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
return 0;
}
int md_process( md_context_t *ctx, const unsigned char *data )
{
if( ctx == NULL || ctx->md_info == NULL )
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
ctx->md_info->process_func( ctx->md_ctx, data );
return 0;
}
#endif
......@@ -80,7 +80,7 @@ void md2_starts( md2_context *ctx )
ctx->left = 0;
}
static void md2_process( md2_context *ctx )
void md2_process( md2_context *ctx )
{
int i, j;
unsigned char t = 0;
......
......@@ -76,7 +76,7 @@ void md4_starts( md4_context *ctx )
ctx->state[3] = 0x10325476;
}
static void md4_process( md4_context *ctx, const unsigned char data[64] )
void md4_process( md4_context *ctx, const unsigned char data[64] )
{
uint32_t X[16], A, B, C, D;
......
......@@ -117,6 +117,13 @@ static void md2_ctx_free( void *ctx )
free( ctx );
}
static void md2_process_wrap( void *ctx, const unsigned char *data )
{
((void) data);
md2_process( (md2_context *) ctx );
}
const md_info_t md2_info = {
POLARSSL_MD_MD2,
"MD2",
......@@ -133,6 +140,7 @@ const md_info_t md2_info = {
md2_hmac,
md2_ctx_alloc,
md2_ctx_free,
md2_process_wrap,
};
#endif
......@@ -195,6 +203,11 @@ void md4_ctx_free( void *ctx )
free( ctx );
}
void md4_process_wrap( void *ctx, const unsigned char *data )
{
md4_process( (md4_context *) ctx, data );
}
const md_info_t md4_info = {
POLARSSL_MD_MD4,
"MD4",
......@@ -211,6 +224,7 @@ const md_info_t md4_info = {
md4_hmac,
md4_ctx_alloc,
md4_ctx_free,
md4_process_wrap,
};
#endif
......@@ -273,6 +287,11 @@ static void md5_ctx_free( void *ctx )
free( ctx );
}
static void md5_process_wrap( void *ctx, const unsigned char *data )
{
md5_process( (md5_context *) ctx, data );
}
const md_info_t md5_info = {
POLARSSL_MD_MD5,
"MD5",
......@@ -289,6 +308,7 @@ const md_info_t md5_info = {
md5_hmac,
md5_ctx_alloc,
md5_ctx_free,
md5_process_wrap,
};
#endif
......@@ -351,6 +371,11 @@ void sha1_ctx_free( void *ctx )
free( ctx );
}
void sha1_process_wrap( void *ctx, const unsigned char *data )
{
sha1_process( (sha1_context *) ctx, data );
}
const md_info_t sha1_info = {
POLARSSL_MD_SHA1,
"SHA1",
......@@ -367,6 +392,7 @@ const md_info_t sha1_info = {
sha1_hmac,
sha1_ctx_alloc,
sha1_ctx_free,
sha1_process_wrap,
};
#endif
......@@ -445,6 +471,11 @@ void sha224_ctx_free( void *ctx )
free( ctx );
}
void sha224_process_wrap( void *ctx, const unsigned char *data )
{
sha2_process( (sha2_context *) ctx, data );
}
const md_info_t sha224_info = {
POLARSSL_MD_SHA224,
"SHA224",
......@@ -461,6 +492,7 @@ const md_info_t sha224_info = {
sha224_hmac_wrap,
sha224_ctx_alloc,
sha224_ctx_free,
sha224_process_wrap,
};
void sha256_starts_wrap( void *ctx )
......@@ -532,6 +564,11 @@ void sha256_ctx_free( void *ctx )
free( ctx );
}
void sha256_process_wrap( void *ctx, const unsigned char *data )
{
sha2_process( (sha2_context *) ctx, data );
}
const md_info_t sha256_info = {
POLARSSL_MD_SHA256,
"SHA256",
......@@ -548,6 +585,7 @@ const md_info_t sha256_info = {
sha256_hmac_wrap,
sha256_ctx_alloc,
sha256_ctx_free,
sha256_process_wrap,
};
#endif
......@@ -623,6 +661,11 @@ void sha384_ctx_free( void *ctx )
free( ctx );
}
void sha384_process_wrap( void *ctx, const unsigned char *data )
{
sha4_process( (sha4_context *) ctx, data );
}
const md_info_t sha384_info = {
POLARSSL_MD_SHA384,
"SHA384",
......@@ -639,6 +682,7 @@ const md_info_t sha384_info = {
sha384_hmac_wrap,
sha384_ctx_alloc,
sha384_ctx_free,
sha384_process_wrap,
};
void sha512_starts_wrap( void *ctx )
......@@ -710,6 +754,11 @@ void sha512_ctx_free( void *ctx )
free( ctx );
}
void sha512_process_wrap( void *ctx, const unsigned char *data )
{
sha4_process( (sha4_context *) ctx, data );
}
const md_info_t sha512_info = {
POLARSSL_MD_SHA512,
"SHA512",
......@@ -726,6 +775,7 @@ const md_info_t sha512_info = {
sha512_hmac_wrap,
sha512_ctx_alloc,
sha512_ctx_free,
sha512_process_wrap,
};
#endif
......
......@@ -152,7 +152,7 @@ void sha4_starts( sha4_context *ctx, int is384 )
ctx->is384 = is384;
}
static void sha4_process( sha4_context *ctx, const unsigned char data[128] )
void sha4_process( sha4_context *ctx, const unsigned char data[128] )
{
int i;
uint64_t temp1, temp2, W[80];
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment