mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-10 15:40:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge init / free usage pattern for all public contexts

Browse Source
This commit is contained in:
Paul Bakker 2014-07-09 10:20:10 +02:00
commit bd68e90f02
95 changed files with 1271 additions and 287 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -33,6 +33,8 @@ Changes
* md_list() now returns hashes strongest first
* Selection of hash for signing ServerKeyExchange in TLS 1.2 now picks
strongest offered by client.
* All public contexts have _init() and _free() functions now for simpler
usage pattern
Bugfix
* Fix in debug_print_msg()

14
include/polarssl/aes.h
View File

@ -73,6 +73,20 @@ typedef struct
}
aes_context;
/**
* \brief Initialize AES context
*
* \param ctx AES context to be initialized
*/
void aes_init( aes_context *ctx );
/**
* \brief Clear AES context
*
* \param ctx AES context to be cleared
*/
void aes_free( aes_context *ctx );
/**
* \brief AES key schedule (encryption)
*

16
include/polarssl/arc4.h
View File

@ -55,9 +55,23 @@ typedef struct
arc4_context;
/**
* \brief ARC4 key schedule
* \brief Initialize ARC4 context
*
* \param ctx ARC4 context to be initialized
*/
void arc4_init( arc4_context *ctx );
/**
* \brief Clear ARC4 context
*
* \param ctx ARC4 context to be cleared
*/
void arc4_free( arc4_context *ctx );
/**
* \brief ARC4 key schedule
*
* \param ctx ARC4 context to be setup
* \param key the secret key
* \param keylen length of the key, in bytes
*/

14
include/polarssl/blowfish.h
View File

@ -70,6 +70,20 @@ typedef struct
}
blowfish_context;
/**
* \brief Initialize Blowfish context
*
* \param ctx Blowfish context to be initialized
*/
void blowfish_init( blowfish_context *ctx );
/**
* \brief Clear Blowfish context
*
* \param ctx Blowfish context to be cleared
*/
void blowfish_free( blowfish_context *ctx );
/**
* \brief Blowfish key schedule
*

14
include/polarssl/camellia.h
View File

@ -66,6 +66,20 @@ typedef struct
}
camellia_context;
/**
* \brief Initialize CAMELLIA context
*
* \param ctx CAMELLIA context to be initialized
*/
void camellia_init( camellia_context *ctx );
/**
* \brief Clear CAMELLIA context
*
* \param ctx CAMELLIA context to be cleared
*/
void camellia_free( camellia_context *ctx );
/**
* \brief CAMELLIA key schedule (encryption)
*

21
include/polarssl/cipher.h
View File

@ -331,10 +331,26 @@ const cipher_info_t *cipher_info_from_values( const cipher_id_t cipher_id,
int key_length,
const cipher_mode_t mode );
/**
* \brief Initialize a cipher_context (as NONE)
*/
void cipher_init( cipher_context_t *ctx );
/**
* \brief Free and clear the cipher-specific context of ctx.
* Freeing ctx itself remains the responsibility of the
* caller.
*/
void cipher_free( cipher_context_t *ctx );
/**
* \brief Initialises and fills the cipher context structure with
* the appropriate values.
*
* \note Currently also clears structure. In future versions you
* will be required to call cipher_init() on the structure
* first.
*
* \param ctx context to initialise. May not be NULL.
* \param cipher_info cipher to use.
*
@ -349,10 +365,11 @@ int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info );
* \brief Free the cipher-specific context of ctx. Freeing ctx
* itself remains the responsibility of the caller.
*
* \note Deprecated: Redirects to cipher_free()
*
* \param ctx Free the cipher-specific context
*
* \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if
* parameter verification fails.
* \returns 0
*/
int cipher_free_ctx( cipher_context_t *ctx );

7
include/polarssl/ctr_drbg.h
View File

@ -130,6 +130,13 @@ int ctr_drbg_init( ctr_drbg_context *ctx,
const unsigned char *custom,
size_t len );
/**
* \brief Clear CTR_CRBG context data
*
* \param ctx CTR_DRBG context to clear
*/
void ctr_drbg_free( ctr_drbg_context *ctx );
/**
* \brief Enable / disable prediction resistance (Default: Off)
*

28
include/polarssl/des.h
View File

@ -77,6 +77,34 @@ typedef struct
}
des3_context;
/**
* \brief Initialize DES context
*
* \param ctx DES context to be initialized
*/
void des_init( des_context *ctx );
/**
* \brief Clear DES context
*
* \param ctx DES context to be cleared
*/
void des_free( des_context *ctx );
/**
* \brief Initialize Triple-DES context
*
* \param ctx DES3 context to be initialized
*/
void des3_init( des3_context *ctx );
/**
* \brief Clear Triple-DES context
*
* \param ctx DES3 context to be cleared
*/
void des3_free( des3_context *ctx );
/**
* \brief Set key parity on the given key to odd.
*

11
include/polarssl/dhm.h
View File

@ -169,6 +169,13 @@ typedef struct
}
dhm_context;
/**
* \brief Initialize DHM context
*
* \param ctx DHM context to be initialized
*/
void dhm_init( dhm_context *ctx );
/**
* \brief Parse the ServerKeyExchange parameters
*
@ -256,7 +263,9 @@ int dhm_calc_secret( dhm_context *ctx,
void *p_rng );
/**
* \brief Free the components of a DHM key
* \brief Free and clear the components of a DHM key
*
* \param ctx DHM context to free and clear
*/
void dhm_free( dhm_context *ctx );

7
include/polarssl/havege.h
View File

@ -53,6 +53,13 @@ havege_state;
*/
void havege_init( havege_state *hs );
/**
* \brief Clear HAVEGE state
*
* \param hs HAVEGE state to be cleared
*/
void havege_free( havege_state *hs );
/**
* \brief HAVEGE rand function
*

21
include/polarssl/md.h
View File

@ -172,10 +172,26 @@ const md_info_t *md_info_from_string( const char *md_name );
*/
const md_info_t *md_info_from_type( md_type_t md_type );
/**
* \brief Initialize a md_context (as NONE)
*/
void md_init( md_context_t *ctx );
/**
* \brief Free and clear the message-specific context of ctx.
* Freeing ctx itself remains the responsibility of the
* caller.
*/
void md_free( md_context_t *ctx );
/**
* \brief Initialises and fills the message digest context structure
* with the appropriate values.
*
* \note Currently also clears structure. In future versions you
* will be required to call md_init() on the structure
* first.
*
* \param ctx context to initialise. May not be NULL. The
* digest-specific context (ctx->md_ctx) must be NULL. It will
* be allocated, and must be freed using md_free_ctx() later.
@ -191,10 +207,11 @@ int md_init_ctx( md_context_t *ctx, const md_info_t *md_info );
* \brief Free the message-specific context of ctx. Freeing ctx itself
* remains the responsibility of the caller.
*
* \note Deprecated: Redirects to md_free()
*
* \param ctx Free the message-specific context
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
* \returns 0
*/
int md_free_ctx( md_context_t *ctx );

14
include/polarssl/md2.h
View File

@ -60,6 +60,20 @@ typedef struct
}
md2_context;
/**
* \brief Initialize MD2 context
*
* \param ctx MD2 context to be initialized
*/
void md2_init( md2_context *ctx );
/**
* \brief Clear MD2 context
*
* \param ctx MD2 context to be cleared
*/
void md2_free( md2_context *ctx );
/**
* \brief MD2 context setup
*

14
include/polarssl/md4.h
View File

@ -66,6 +66,20 @@ typedef struct
}
md4_context;
/**
* \brief Initialize MD4 context
*
* \param ctx MD4 context to be initialized
*/
void md4_init( md4_context *ctx );
/**
* \brief Clear MD4 context
*
* \param ctx MD4 context to be cleared
*/
void md4_free( md4_context *ctx );
/**
* \brief MD4 context setup
*

14
include/polarssl/md5.h
View File

@ -66,6 +66,20 @@ typedef struct
}
md5_context;
/**
* \brief Initialize MD5 context
*
* \param ctx MD5 context to be initialized
*/
void md5_init( md5_context *ctx );
/**
* \brief Clear MD5 context
*
* \param ctx MD5 context to be cleared
*/
void md5_free( md5_context *ctx );
/**
* \brief MD5 context setup
*

14
include/polarssl/ripemd160.h
View File

@ -66,6 +66,20 @@ typedef struct
}
ripemd160_context;
/**
* \brief Initialize RIPEMD-160 context
*
* \param ctx RIPEMD-160 context to be initialized
*/
void ripemd160_init( ripemd160_context *ctx );
/**
* \brief Clear RIPEMD-160 context
*
* \param ctx RIPEMD-160 context to be cleared
*/
void ripemd160_free( ripemd160_context *ctx );
/**
* \brief RIPEMD-160 context setup
*

14
include/polarssl/sha1.h
View File

@ -66,6 +66,20 @@ typedef struct
}
sha1_context;
/**
* \brief Initialize SHA-1 context
*
* \param ctx SHA-1 context to be initialized
*/
void sha1_init( sha1_context *ctx );
/**
* \brief Clear SHA-1 context
*
* \param ctx SHA-1 context to be cleared
*/
void sha1_free( sha1_context *ctx );
/**
* \brief SHA-1 context setup
*

14
include/polarssl/sha256.h
View File

@ -67,6 +67,20 @@ typedef struct
}
sha256_context;
/**
* \brief Initialize SHA-256 context
*
* \param ctx SHA-256 context to be initialized
*/
void sha256_init( sha256_context *ctx );
/**
* \brief Clear SHA-256 context
*
* \param ctx SHA-256 context to be cleared
*/
void sha256_free( sha256_context *ctx );
/**
* \brief SHA-256 context setup
*

14
include/polarssl/sha512.h
View File

@ -68,6 +68,20 @@ typedef struct
}
sha512_context;
/**
* \brief Initialize SHA-512 context
*
* \param ctx SHA-512 context to be initialized
*/
void sha512_init( sha512_context *ctx );
/**
* \brief Clear SHA-512 context
*
* \param ctx SHA-512 context to be cleared
*/
void sha512_free( sha512_context *ctx );
/**
* \brief SHA-512 context setup
*

7
include/polarssl/ssl.h
View File

@ -1682,6 +1682,13 @@ int ssl_close_notify( ssl_context *ssl );
*/
void ssl_free( ssl_context *ssl );
/**
* \brief Initialize SSL session structure
*
* \param session SSL session
*/
void ssl_session_init( ssl_session *session );
/**
* \brief Free referenced items in an SSL session including the
* peer certificate and clear memory

14
include/polarssl/xtea.h
View File

@ -64,6 +64,20 @@ typedef struct
}
xtea_context;
/**
* \brief Initialize XTEA context
*
* \param ctx XTEA context to be initialized
*/
void xtea_init( xtea_context *ctx );
/**
* \brief Clear XTEA context
*
* \param ctx XTEA context to be cleared
*/
void xtea_free( xtea_context *ctx );
/**
* \brief XTEA key schedule
*

64
library/aes.c
View File

@ -463,6 +463,19 @@ static void aes_gen_tables( void )
#endif /* POLARSSL_AES_ROM_TABLES */
void aes_init( aes_context *ctx )
{
memset( ctx, 0, sizeof( aes_context ) );
}
void aes_free( aes_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( aes_context ) );
}
/*
* AES key schedule (encryption)
*/
@ -581,11 +594,12 @@ int aes_setkey_enc( aes_context *ctx, const unsigned char *key,
int aes_setkey_dec( aes_context *ctx, const unsigned char *key,
unsigned int keysize )
{
int i, j;
int i, j, ret;
aes_context cty;
uint32_t *RK;
uint32_t *SK;
int ret;
aes_init( &cty );
#if defined(POLARSSL_PADLOCK_C) && defined(PADLOCK_ALIGN16)
if( aes_padlock_ace == -1 )
@ -599,7 +613,7 @@ int aes_setkey_dec( aes_context *ctx, const unsigned char *key,
/* Also checks keysize */
if( ( ret = aes_setkey_enc( &cty, key, keysize ) ) != 0 )
return( ret );
goto exit;
ctx->nr = cty.nr;
@ -608,7 +622,7 @@ int aes_setkey_dec( aes_context *ctx, const unsigned char *key,
{
aesni_inverse_key( (unsigned char *) ctx->rk,
(const unsigned char *) cty.rk, ctx->nr );
goto done;
goto exit;
}
#endif
@ -635,12 +649,10 @@ int aes_setkey_dec( aes_context *ctx, const unsigned char *key,
*RK++ = *SK++;
*RK++ = *SK++;
#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64)
done:
#endif
polarssl_zeroize( &cty, sizeof( aes_context ) );
exit:
aes_free( &cty );
return( 0 );
return( ret );
}
#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \
@ -1171,7 +1183,7 @@ static const int aes_test_ctr_len[3] =
*/
int aes_self_test( int verbose )
{
int i, j, u, v;
int ret = 0, i, j, u, v;
unsigned char key[32];
unsigned char buf[64];
unsigned char iv[16];
@ -1189,6 +1201,7 @@ int aes_self_test( int verbose )
aes_context ctx;
memset( key, 0, 32 );
aes_init( &ctx );
/*
* ECB mode
@ -1216,7 +1229,8 @@ int aes_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
}
else
@ -1231,7 +1245,8 @@ int aes_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
}
@ -1271,7 +1286,8 @@ int aes_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
}
else
@ -1294,7 +1310,8 @@ int aes_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
}
@ -1335,7 +1352,8 @@ int aes_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
}
else
@ -1348,7 +1366,8 @@ int aes_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
}
@ -1392,7 +1411,8 @@ int aes_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
}
else
@ -1408,7 +1428,8 @@ int aes_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
}
@ -1420,7 +1441,12 @@ int aes_self_test( int verbose )
polarssl_printf( "\n" );
#endif /* POLARSSL_CIPHER_MODE_CTR */
return( 0 );
ret = 0;
exit:
aes_free( &ctx );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */

30
library/arc4.c
View File

@ -46,6 +46,24 @@
#if !defined(POLARSSL_ARC4_ALT)
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
void arc4_init( arc4_context *ctx )
{
memset( ctx, 0, sizeof( arc4_context ) );
}
void arc4_free( arc4_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( arc4_context ) );
}
/*
* ARC4 key schedule
*/
@ -146,11 +164,13 @@ static const unsigned char arc4_test_ct[3][8] =
*/
int arc4_self_test( int verbose )
{
int i;
int i, ret = 0;
unsigned char ibuf[8];
unsigned char obuf[8];
arc4_context ctx;
arc4_init( &ctx );
for( i = 0; i < 3; i++ )
{
if( verbose != 0 )
@ -166,7 +186,8 @@ int arc4_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -176,7 +197,10 @@ int arc4_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "\n" );
return( 0 );
exit:
arc4_free( &ctx );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */

18
library/blowfish.c
View File

@ -41,6 +41,11 @@
#if !defined(POLARSSL_BLOWFISH_ALT)
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* 32-bit integer manipulation macros (big endian)
*/
@ -152,6 +157,19 @@ static void blowfish_dec( blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
*xr = Xr;
}
void blowfish_init( blowfish_context *ctx )
{
memset( ctx, 0, sizeof( blowfish_context ) );
}
void blowfish_free( blowfish_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( blowfish_context ) );
}
/*
* Blowfish key schedule
*/

25
library/camellia.c
View File

@ -322,6 +322,19 @@ static void camellia_feistel( const uint32_t x[2], const uint32_t k[2],
z[1] ^= I0;
}
void camellia_init( camellia_context *ctx )
{
memset( ctx, 0, sizeof( camellia_context ) );
}
void camellia_free( camellia_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( camellia_context ) );
}
/*
* Camellia key schedule (encryption)
*/
@ -433,16 +446,17 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key,
int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key,
unsigned int keysize )
{
int idx;
int idx, ret;
size_t i;
camellia_context cty;
uint32_t *RK;
uint32_t *SK;
int ret;
camellia_init( &cty );
/* Also checks keysize */
if( ( ret = camellia_setkey_enc( &cty, key, keysize ) ) )
return( ret );
goto exit;
ctx->nr = cty.nr;
idx = ( ctx->nr == 4 );
@ -468,9 +482,10 @@ int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key,
*RK++ = *SK++;
*RK++ = *SK++;
polarssl_zeroize( &cty, sizeof( camellia_context ) );
exit:
camellia_free( &cty );
return( 0 );
return( ret );
}
/*

4
library/ccm.c
View File

@ -61,6 +61,8 @@ int ccm_init( ccm_context *ctx, cipher_id_t cipher,
memset( ctx, 0, sizeof( ccm_context ) );
cipher_init( &ctx->cipher_ctx );
cipher_info = cipher_info_from_values( cipher, keysize, POLARSSL_MODE_ECB );
if( cipher_info == NULL )
return( POLARSSL_ERR_CCM_BAD_INPUT );
@ -85,7 +87,7 @@ int ccm_init( ccm_context *ctx, cipher_id_t cipher,
*/
void ccm_free( ccm_context *ctx )
{
(void) cipher_free_ctx( &ctx->cipher_ctx );
cipher_free( &ctx->cipher_ctx );
polarssl_zeroize( ctx, sizeof( ccm_context ) );
}

23
library/cipher.c
View File

@ -125,6 +125,22 @@ const cipher_info_t *cipher_info_from_values( const cipher_id_t cipher_id,
return( NULL );
}
void cipher_init( cipher_context_t *ctx )
{
memset( ctx, 0, sizeof( cipher_context_t ) );
}
void cipher_free( cipher_context_t *ctx )
{
if( ctx == NULL )
return;
if( ctx->cipher_ctx )
ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx );
polarssl_zeroize( ctx, sizeof(cipher_context_t) );
}
int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info )
{
if( NULL == cipher_info || NULL == ctx )
@ -151,13 +167,10 @@ int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info )
return( 0 );
}
/* Deprecated, redirects to cipher_free() */
int cipher_free_ctx( cipher_context_t *ctx )
{
if( ctx == NULL || ctx->cipher_info == NULL )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx );
polarssl_zeroize( ctx, sizeof(cipher_context_t) );
cipher_free( ctx );
return( 0 );
}

81
library/cipher_wrap.c
View File

@ -74,11 +74,6 @@
#include <stdlib.h>
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
#if defined(POLARSSL_GCM_C)
/* shared by all GCM ciphers */
static void *gcm_ctx_alloc( void )
@ -187,12 +182,19 @@ static int aes_setkey_enc_wrap( void *ctx, const unsigned char *key,
static void * aes_ctx_alloc( void )
{
return polarssl_malloc( sizeof( aes_context ) );
aes_context *aes = (aes_context *) polarssl_malloc( sizeof( aes_context ) );
if( aes == NULL )
return( NULL );
aes_init( aes );
return( aes );
}
static void aes_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( aes_context ) );
aes_free( (aes_context *) ctx );
polarssl_free( ctx );
}
@ -541,12 +543,20 @@ static int camellia_setkey_enc_wrap( void *ctx, const unsigned char *key,
static void * camellia_ctx_alloc( void )
{
return polarssl_malloc( sizeof( camellia_context ) );
camellia_context *ctx;
ctx = (camellia_context *) polarssl_malloc( sizeof( camellia_context ) );
if( ctx == NULL )
return( NULL );
camellia_init( ctx );
return( ctx );
}
static void camellia_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( camellia_context ) );
camellia_free( (camellia_context *) ctx );
polarssl_free( ctx );
}
@ -915,23 +925,38 @@ static int des3_set3key_enc_wrap( void *ctx, const unsigned char *key,
static void * des_ctx_alloc( void )
{
return polarssl_malloc( sizeof( des_context ) );
}
des_context *des = (des_context *) polarssl_malloc( sizeof( des_context ) );
static void * des3_ctx_alloc( void )
{
return polarssl_malloc( sizeof( des3_context ) );
if( des == NULL )
return( NULL );
des_init( des );
return( des );
}
static void des_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( des_context ) );
des_free( (des_context *) ctx );
polarssl_free( ctx );
}
static void * des3_ctx_alloc( void )
{
des3_context *des3;
des3 = (des3_context *) polarssl_malloc( sizeof( des3_context ) );
if( des3 == NULL )
return( NULL );
des3_init( des3 );
return( des3 );
}
static void des3_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( des3_context ) );
des3_free( (des3_context *) ctx );
polarssl_free( ctx );
}
@ -1122,12 +1147,20 @@ static int blowfish_setkey_wrap( void *ctx, const unsigned char *key,
static void * blowfish_ctx_alloc( void )
{
return polarssl_malloc( sizeof( blowfish_context ) );
blowfish_context *ctx;
ctx = (blowfish_context *) polarssl_malloc( sizeof( blowfish_context ) );
if( ctx == NULL )
return( NULL );
blowfish_init( ctx );
return( ctx );
}
static void blowfish_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( blowfish_context ) );
blowfish_free( (blowfish_context *) ctx );
polarssl_free( ctx );
}
@ -1216,12 +1249,20 @@ static int arc4_setkey_wrap( void *ctx, const unsigned char *key,
static void * arc4_ctx_alloc( void )
{
return polarssl_malloc( sizeof( arc4_context ) );
arc4_context *ctx;
ctx = (arc4_context *) polarssl_malloc( sizeof( arc4_context ) );
if( ctx == NULL )
return( NULL );
arc4_init( ctx );
return( ctx );
}
static void arc4_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( arc4_context ) );
arc4_free( (arc4_context *) ctx );
polarssl_free( ctx );
}

19
library/ctr_drbg.c
View File

@ -48,6 +48,11 @@
#define polarssl_printf printf
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* Non-public function wrapped by ctr_crbg_init(). Necessary to allow NIST
* tests to succeed (which require known length fixed entropy)
@ -66,6 +71,8 @@ int ctr_drbg_init_entropy_len(
memset( ctx, 0, sizeof(ctr_drbg_context) );
memset( key, 0, CTR_DRBG_KEYSIZE );
aes_init( &ctx->aes_ctx );
ctx->f_entropy = f_entropy;
ctx->p_entropy = p_entropy;
@ -93,6 +100,15 @@ int ctr_drbg_init( ctr_drbg_context *ctx,
CTR_DRBG_ENTROPY_LEN ) );
}
void ctr_drbg_free( ctr_drbg_context *ctx )
{
if( ctx == NULL )
return;
aes_free( &ctx->aes_ctx );
polarssl_zeroize( ctx, sizeof( ctr_drbg_context ) );
}
void ctr_drbg_set_prediction_resistance( ctr_drbg_context *ctx, int resistance )
{
ctx->prediction_resistance = resistance;
@ -122,6 +138,7 @@ static int block_cipher_df( unsigned char *output,
size_t buf_len, use_len;
memset( buf, 0, CTR_DRBG_MAX_SEED_INPUT + CTR_DRBG_BLOCKSIZE + 16 );
aes_init( &aes_ctx );
/*
* Construct IV (16 bytes) and S in buffer
@ -189,6 +206,8 @@ static int block_cipher_df( unsigned char *output,
p += CTR_DRBG_BLOCKSIZE;
}
aes_free( &aes_ctx );
return( 0 );
}

42
library/des.c
View File

@ -305,6 +305,32 @@ static const uint32_t RHs[16] =
#define SWAP(a,b) { uint32_t t = a; a = b; b = t; t = 0; }
void des_init( des_context *ctx )
{
memset( ctx, 0, sizeof( des_context ) );
}
void des_free( des_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( des_context ) );
}
void des3_init( des3_context *ctx )
{
memset( ctx, 0, sizeof( des3_context ) );
}
void des3_free( des3_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( des3_context ) );
}
static const unsigned char odd_parity_table[128] = { 1, 2, 4, 7, 8,
11, 13, 14, 16, 19, 21, 22, 25, 26, 28, 31, 32, 35, 37, 38, 41, 42, 44,
47, 49, 50, 52, 55, 56, 59, 61, 62, 64, 67, 69, 70, 73, 74, 76, 79, 81,
@ -839,7 +865,7 @@ static const unsigned char des3_test_cbc_enc[3][8] =
*/
int des_self_test( int verbose )
{
int i, j, u, v;
int i, j, u, v, ret = 0;
des_context ctx;
des3_context ctx3;
unsigned char buf[8];
@ -848,6 +874,8 @@ int des_self_test( int verbose )
unsigned char iv[8];
#endif
des_init( &ctx );
des3_init( &ctx3 );
/*
* ECB mode
*/
@ -909,7 +937,8 @@ int des_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -1004,7 +1033,8 @@ int des_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -1015,7 +1045,11 @@ int des_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "\n" );
return( 0 );
exit:
des_free( &ctx );
des3_free( &ctx3 );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */

15
library/dhm.c
View File

@ -116,6 +116,11 @@ cleanup:
return( ret );
}
void dhm_init( dhm_context *ctx )
{
memset( ctx, 0, sizeof( dhm_context ) );
}
/*
* Parse the ServerKeyExchange parameters
*/
@ -125,8 +130,6 @@ int dhm_read_params( dhm_context *ctx,
{
int ret;
dhm_free( ctx );
if( ( ret = dhm_read_bignum( &ctx->P, p, end ) ) != 0 ||
( ret = dhm_read_bignum( &ctx->G, p, end ) ) != 0 ||
( ret = dhm_read_bignum( &ctx->GY, p, end ) ) != 0 )
@ -417,7 +420,6 @@ int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin,
pem_context pem;
pem_init( &pem );
memset( dhm, 0, sizeof( dhm_context ) );
ret = pem_read_buffer( &pem,
"-----BEGIN DH PARAMETERS-----",
@ -561,6 +563,8 @@ int dhm_self_test( int verbose )
int ret;
dhm_context dhm;
dhm_init( &dhm );
if( verbose != 0 )
polarssl_printf( " DHM parameter load: " );
@ -570,15 +574,16 @@ int dhm_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( ret );
goto exit;
}
if( verbose != 0 )
polarssl_printf( "passed\n\n" );
exit:
dhm_free( &dhm );
return( 0 );
return( ret );
#else
if( verbose != 0 )
polarssl_printf( " DHM parameter load: skipped\n" );

3
library/entropy.c
View File

@ -83,6 +83,9 @@ void entropy_init( entropy_context *ctx )
void entropy_free( entropy_context *ctx )
{
#if defined(POLARSSL_HAVEGE_C)
havege_free( &ctx->havege_data );
#endif
polarssl_zeroize( ctx, sizeof( entropy_context ) );
#if defined(POLARSSL_THREADING_C)
polarssl_mutex_free( &ctx->mutex );

4
library/gcm.c
View File

@ -157,6 +157,8 @@ int gcm_init( gcm_context *ctx, cipher_id_t cipher, const unsigned char *key,
memset( ctx, 0, sizeof(gcm_context) );
cipher_init( &ctx->cipher_ctx );
cipher_info = cipher_info_from_values( cipher, keysize, POLARSSL_MODE_ECB );
if( cipher_info == NULL )
return( POLARSSL_ERR_GCM_BAD_INPUT );
@ -493,7 +495,7 @@ int gcm_auth_decrypt( gcm_context *ctx,
void gcm_free( gcm_context *ctx )
{
(void) cipher_free_ctx( &ctx->cipher_ctx );
cipher_free( &ctx->cipher_ctx );
polarssl_zeroize( ctx, sizeof( gcm_context ) );
}

13
library/havege.c
View File

@ -43,6 +43,11 @@
#include <string.h>
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/* ------------------------------------------------------------------------
* On average, one iteration accesses two 8-word blocks in the havege WALK
* table, and generates 16 words in the RES array.
@ -200,6 +205,14 @@ void havege_init( havege_state *hs )
havege_fill( hs );
}
void havege_free( havege_state *hs )
{
if( hs == NULL )
return;
polarssl_zeroize( hs, sizeof( havege_state ) );
}
/*
* HAVEGE rand function
*/

4
library/hmac_drbg.c
View File

@ -93,6 +93,8 @@ int hmac_drbg_init_buf( hmac_drbg_context *ctx,
memset( ctx, 0, sizeof( hmac_drbg_context ) );
md_init( &ctx->md_ctx );
if( ( ret = md_init_ctx( &ctx->md_ctx, md_info ) ) != 0 )
return( ret );
@ -165,6 +167,8 @@ int hmac_drbg_init( hmac_drbg_context *ctx,
memset( ctx, 0, sizeof( hmac_drbg_context ) );
md_init( &ctx->md_ctx );
if( ( ret = md_init_ctx( &ctx->md_ctx, md_info ) ) != 0 )
return( ret );

23
library/md.c
View File

@ -172,6 +172,22 @@ const md_info_t *md_info_from_type( md_type_t md_type )
}
}
void md_init( md_context_t *ctx )
{
memset( ctx, 0, sizeof( md_context_t ) );
}
void md_free( md_context_t *ctx )
{
if( ctx == NULL )
return;
if( ctx->md_ctx )
ctx->md_info->ctx_free_func( ctx->md_ctx );
polarssl_zeroize( ctx, sizeof( md_context_t ) );
}
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info )
{
if( md_info == NULL || ctx == NULL )
@ -191,12 +207,7 @@ int md_init_ctx( md_context_t *ctx, const md_info_t *md_info )
int md_free_ctx( md_context_t *ctx )
{
if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->ctx_free_func( ctx->md_ctx );
polarssl_zeroize( ctx, sizeof( md_context_t ) );
md_free( ctx );
return( 0 );
}

25
library/md2.c
View File

@ -86,6 +86,19 @@ static const unsigned char PI_SUBST[256] =
0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14
};
void md2_init( md2_context *ctx )
{
memset( ctx, 0, sizeof( md2_context ) );
}
void md2_free( md2_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( md2_context ) );
}
/*
* MD2 context setup
*/
@ -189,11 +202,11 @@ void md2( const unsigned char *input, size_t ilen, unsigned char output[16] )
{
md2_context ctx;
md2_init( &ctx );
md2_starts( &ctx );
md2_update( &ctx, input, ilen );
md2_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md2_context ) );
md2_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
@ -210,14 +223,14 @@ int md2_file( const char *path, unsigned char output[16] )
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_MD2_FILE_IO_ERROR );
md2_init( &ctx );
md2_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
md2_update( &ctx, buf, n );
md2_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md2_context ) );
md2_free( &ctx );
if( ferror( f ) != 0 )
{
@ -304,11 +317,11 @@ void md2_hmac( const unsigned char *key, size_t keylen,
{
md2_context ctx;
md2_init( &ctx );
md2_hmac_starts( &ctx, key, keylen );
md2_hmac_update( &ctx, input, ilen );
md2_hmac_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md2_context ) );
md2_free( &ctx );
}
#if defined(POLARSSL_SELF_TEST)

25
library/md4.c
View File

@ -79,6 +79,19 @@ static void polarssl_zeroize( void *v, size_t n ) {
}
#endif
void md4_init( md4_context *ctx )
{
memset( ctx, 0, sizeof( md4_context ) );
}
void md4_free( md4_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( md4_context ) );
}
/*
* MD4 context setup
*/
@ -285,11 +298,11 @@ void md4( const unsigned char *input, size_t ilen, unsigned char output[16] )
{
md4_context ctx;
md4_init( &ctx );
md4_starts( &ctx );
md4_update( &ctx, input, ilen );
md4_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md4_context ) );
md4_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
@ -306,14 +319,14 @@ int md4_file( const char *path, unsigned char output[16] )
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_MD4_FILE_IO_ERROR );
md4_init( &ctx );
md4_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
md4_update( &ctx, buf, n );
md4_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md4_context ) );
md4_free( &ctx );
if( ferror( f ) != 0 )
{
@ -400,11 +413,11 @@ void md4_hmac( const unsigned char *key, size_t keylen,
{
md4_context ctx;
md4_init( &ctx );
md4_hmac_starts( &ctx, key, keylen );
md4_hmac_update( &ctx, input, ilen );
md4_hmac_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md4_context ) );
md4_free( &ctx );
}
#if defined(POLARSSL_SELF_TEST)

25
library/md5.c
View File

@ -78,6 +78,19 @@ static void polarssl_zeroize( void *v, size_t n ) {
}
#endif
void md5_init( md5_context *ctx )
{
memset( ctx, 0, sizeof( md5_context ) );
}
void md5_free( md5_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( md5_context ) );
}
/*
* MD5 context setup
*/
@ -302,11 +315,11 @@ void md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
{
md5_context ctx;
md5_init( &ctx );
md5_starts( &ctx );
md5_update( &ctx, input, ilen );
md5_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md5_context ) );
md5_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
@ -323,14 +336,14 @@ int md5_file( const char *path, unsigned char output[16] )
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_MD5_FILE_IO_ERROR );
md5_init( &ctx );
md5_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
md5_update( &ctx, buf, n );
md5_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md5_context ) );
md5_free( &ctx );
if( ferror( f ) != 0 )
{
@ -417,11 +430,11 @@ void md5_hmac( const unsigned char *key, size_t keylen,
{
md5_context ctx;
md5_init( &ctx );
md5_hmac_starts( &ctx, key, keylen );
md5_hmac_update( &ctx, input, ilen );
md5_hmac_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( md5_context ) );
md5_free( &ctx );
}
#if defined(POLARSSL_SELF_TEST)

48
library/md_wrap.c
View File

@ -398,12 +398,20 @@ static void ripemd160_hmac_reset_wrap( void *ctx )
static void * ripemd160_ctx_alloc( void )
{
return polarssl_malloc( sizeof( ripemd160_context ) );
ripemd160_context *ctx;
ctx = (ripemd160_context *) polarssl_malloc( sizeof( ripemd160_context ) );
if( ctx == NULL )
return( NULL );
ripemd160_init( ctx );
return( ctx );
}
static void ripemd160_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( ripemd160_context ) );
ripemd160_free( (ripemd160_context *) ctx );
polarssl_free( ctx );
}
@ -486,12 +494,20 @@ static void sha1_hmac_reset_wrap( void *ctx )
static void * sha1_ctx_alloc( void )
{
return polarssl_malloc( sizeof( sha1_context ) );
sha1_context *ctx;
ctx = (sha1_context *) polarssl_malloc( sizeof( sha1_context ) );
if( ctx == NULL )
return( NULL );
sha1_init( ctx );
return( ctx );
}
static void sha1_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( sha1_context ) );
sha1_free( (sha1_context *) ctx );
polarssl_free( ctx );
}
@ -687,12 +703,20 @@ static void sha256_hmac_wrap( const unsigned char *key, size_t keylen,
static void * sha256_ctx_alloc( void )
{
return polarssl_malloc( sizeof( sha256_context ) );
sha256_context *ctx;
ctx = (sha256_context *) polarssl_malloc( sizeof( sha256_context ) );
if( ctx == NULL )
return( NULL );
sha256_init( ctx );
return( ctx );
}
static void sha256_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( sha256_context ) );
sha256_free( (sha256_context *) ctx );
polarssl_free( ctx );
}
@ -885,12 +909,20 @@ static void sha512_hmac_wrap( const unsigned char *key, size_t keylen,
static void * sha512_ctx_alloc( void )
{
return polarssl_malloc( sizeof( sha512_context ) );
sha512_context *ctx;
ctx = (sha512_context *) polarssl_malloc( sizeof( sha512_context ) );
if( ctx == NULL )
return( NULL );
sha512_init( ctx );
return( ctx );
}
static void sha512_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( sha512_context ) );
sha512_free( (sha512_context *) ctx );
polarssl_free( ctx );
}

18
library/pem.c
View File

@ -92,6 +92,8 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
unsigned char md5sum[16];
size_t use_len;
md5_init( &md5_ctx );
/*
* key[ 0..15] = MD5(pwd || IV)
*/
@ -104,7 +106,7 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
{
memcpy( key, md5sum, keylen );
polarssl_zeroize( &md5_ctx, sizeof( md5_ctx ) );
md5_free( &md5_ctx );
polarssl_zeroize( md5sum, 16 );
return;
}
@ -126,7 +128,7 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
memcpy( key + 16, md5sum, use_len );
polarssl_zeroize( &md5_ctx, sizeof( md5_ctx ) );
md5_free( &md5_ctx );
polarssl_zeroize( md5sum, 16 );
}
@ -141,13 +143,15 @@ static void pem_des_decrypt( unsigned char des_iv[8],
des_context des_ctx;
unsigned char des_key[8];
des_init( &des_ctx );
pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen );
des_setkey_dec( &des_ctx, des_key );
des_crypt_cbc( &des_ctx, DES_DECRYPT, buflen,
des_iv, buf, buf );
polarssl_zeroize( &des_ctx, sizeof( des_ctx ) );
des_free( &des_ctx );
polarssl_zeroize( des_key, 8 );
}
@ -161,13 +165,15 @@ static void pem_des3_decrypt( unsigned char des3_iv[8],
des3_context des3_ctx;
unsigned char des3_key[24];
des3_init( &des3_ctx );
pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen );
des3_set3key_dec( &des3_ctx, des3_key );
des3_crypt_cbc( &des3_ctx, DES_DECRYPT, buflen,
des3_iv, buf, buf );
polarssl_zeroize( &des3_ctx, sizeof( des3_ctx ) );
des3_free( &des3_ctx );
polarssl_zeroize( des3_key, 24 );
}
#endif /* POLARSSL_DES_C */
@ -183,13 +189,15 @@ static void pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen,
aes_context aes_ctx;
unsigned char aes_key[32];
aes_init( &aes_ctx );
pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen );
aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 );
aes_crypt_cbc( &aes_ctx, AES_DECRYPT, buflen,
aes_iv, buf, buf );
polarssl_zeroize( &aes_ctx, sizeof( aes_ctx ) );
aes_free( &aes_ctx );
polarssl_zeroize( aes_key, keylen );
}
#endif /* POLARSSL_AES_C */

18
library/pkcs12.c
View File

@ -147,6 +147,8 @@ int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode,
arc4_context ctx;
((void) mode);
arc4_init( &ctx );
if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, POLARSSL_MD_SHA1,
pwd, pwdlen,
key, 16, NULL, 0 ) ) != 0 )
@ -156,9 +158,13 @@ int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode,
arc4_setup( &ctx, key, 16 );
if( ( ret = arc4_crypt( &ctx, len, data, output ) ) != 0 )
return( ret );
goto exit;
return( 0 );
exit:
polarssl_zeroize( key, sizeof( key ) );
arc4_free( &ctx );
return( ret );
#endif /* POLARSSL_ARC4_C */
}
@ -188,6 +194,8 @@ int pkcs12_pbe( asn1_buf *pbe_params, int mode,
return( ret );
}
cipher_init( &cipher_ctx );
if( ( ret = cipher_init_ctx( &cipher_ctx, cipher_info ) ) != 0 )
goto exit;
@ -212,7 +220,7 @@ int pkcs12_pbe( asn1_buf *pbe_params, int mode,
exit:
polarssl_zeroize( key, sizeof( key ) );
polarssl_zeroize( iv, sizeof( iv ) );
cipher_free_ctx( &cipher_ctx );
cipher_free( &cipher_ctx );
return( ret );
}
@ -259,6 +267,8 @@ int pkcs12_derivation( unsigned char *data, size_t datalen,
if( md_info == NULL )
return( POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE );
md_init( &md_ctx );
if( ( ret = md_init_ctx( &md_ctx, md_info ) ) != 0 )
return( ret );
hlen = md_get_size( md_info );
@ -342,7 +352,7 @@ exit:
polarssl_zeroize( hash_block, sizeof( hash_block ) );
polarssl_zeroize( hash_output, sizeof( hash_output ) );
md_free_ctx( &md_ctx );
md_free( &md_ctx );
return( ret );
}

29
library/pkcs5.c
View File

@ -130,9 +130,6 @@ int pkcs5_pbes2( asn1_buf *pbe_params, int mode,
p = pbe_params->p;
end = p + pbe_params->len;
memset( &md_ctx, 0, sizeof(md_context_t) );
memset( &cipher_ctx, 0, sizeof(cipher_context_t) );
/*
* PBES2-params ::= SEQUENCE {
* keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
@ -187,6 +184,9 @@ int pkcs5_pbes2( asn1_buf *pbe_params, int mode,
return( POLARSSL_ERR_PKCS5_INVALID_FORMAT );
}
md_init( &md_ctx );
cipher_init( &cipher_ctx );
memcpy( iv, enc_scheme_params.p, enc_scheme_params.len );
if( ( ret = md_init_ctx( &md_ctx, md_info ) ) != 0 )
@ -209,8 +209,8 @@ int pkcs5_pbes2( asn1_buf *pbe_params, int mode,
ret = POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH;
exit:
md_free_ctx( &md_ctx );
cipher_free_ctx( &cipher_ctx );
md_free( &md_ctx );
cipher_free( &cipher_ctx );
return( ret );
}
@ -364,12 +364,20 @@ int pkcs5_self_test( int verbose )
int ret, i;
unsigned char key[64];
md_init( &sha1_ctx );
info_sha1 = md_info_from_type( POLARSSL_MD_SHA1 );
if( info_sha1 == NULL )
return( 1 );
{
ret = 1;
goto exit;
}
if( ( ret = md_init_ctx( &sha1_ctx, info_sha1 ) ) != 0 )
return( 1 );
{
ret = 1;
goto exit;
}
if( verbose != 0 )
polarssl_printf( " PBKDF2 note: test #3 may be slow!\n" );
@ -387,7 +395,8 @@ int pkcs5_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -396,8 +405,8 @@ int pkcs5_self_test( int verbose )
polarssl_printf( "\n" );
if( ( ret = md_free_ctx( &sha1_ctx ) ) != 0 )
return( 1 );
exit:
md_free( &sha1_ctx );
return( 0 );
}

25
library/ripemd160.c
View File

@ -81,6 +81,19 @@ static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
void ripemd160_init( ripemd160_context *ctx )
{
memset( ctx, 0, sizeof( ripemd160_context ) );
}
void ripemd160_free( ripemd160_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( ripemd160_context ) );
}
/*
* RIPEMD-160 context setup
*/
@ -364,11 +377,11 @@ void ripemd160( const unsigned char *input, size_t ilen,
{
ripemd160_context ctx;
ripemd160_init( &ctx );
ripemd160_starts( &ctx );
ripemd160_update( &ctx, input, ilen );
ripemd160_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( ripemd160_context ) );
ripemd160_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
@ -385,14 +398,14 @@ int ripemd160_file( const char *path, unsigned char output[20] )
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR );
ripemd160_init( &ctx );
ripemd160_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
ripemd160_update( &ctx, buf, n );
ripemd160_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( ripemd160_context ) );
ripemd160_free( &ctx );
if( ferror( f ) != 0 )
{
@ -479,11 +492,11 @@ void ripemd160_hmac( const unsigned char *key, size_t keylen,
{
ripemd160_context ctx;
ripemd160_init( &ctx );
ripemd160_hmac_starts( &ctx, key, keylen );
ripemd160_hmac_update( &ctx, input, ilen );
ripemd160_hmac_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( ripemd160_context ) );
ripemd160_free( &ctx );
}

16
library/rsa.c
View File

@ -540,6 +540,7 @@ int rsa_rsaes_oaep_encrypt( rsa_context *ctx,
*p++ = 1;
memcpy( p, input, ilen );
md_init( &md_ctx );
md_init_ctx( &md_ctx, md_info );
// maskedDB: Apply dbMask to DB
@ -552,7 +553,7 @@ int rsa_rsaes_oaep_encrypt( rsa_context *ctx,
mgf_mask( output + 1, hlen, output + hlen + 1, olen - hlen - 1,
&md_ctx );
md_free_ctx( &md_ctx );
md_free( &md_ctx );
return( ( mode == RSA_PUBLIC )
? rsa_public( ctx, output, output )
@ -708,6 +709,7 @@ int rsa_rsaes_oaep_decrypt( rsa_context *ctx,
*/
hlen = md_get_size( md_info );
md_init( &md_ctx );
md_init_ctx( &md_ctx, md_info );
/* Generate lHash */
@ -721,7 +723,7 @@ int rsa_rsaes_oaep_decrypt( rsa_context *ctx,
mgf_mask( buf + hlen + 1, ilen - hlen - 1, buf + 1, hlen,
&md_ctx );
md_free_ctx( &md_ctx );
md_free( &md_ctx );
/*
* Check contents, in "constant-time"
@ -951,6 +953,7 @@ int rsa_rsassa_pss_sign( rsa_context *ctx,
memcpy( p, salt, slen );
p += slen;
md_init( &md_ctx );
md_init_ctx( &md_ctx, md_info );
// Generate H = Hash( M' )
@ -970,7 +973,7 @@ int rsa_rsassa_pss_sign( rsa_context *ctx,
//
mgf_mask( sig + offset, olen - hlen - 1 - offset, p, hlen, &md_ctx );
md_free_ctx( &md_ctx );
md_free( &md_ctx );
msb = mpi_msb( &ctx->N ) - 1;
sig[0] &= 0xFF >> ( olen * 8 - msb );
@ -1182,6 +1185,7 @@ int rsa_rsassa_pss_verify_ext( rsa_context *ctx,
if( buf[0] >> ( 8 - siglen * 8 + msb ) )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
md_init( &md_ctx );
md_init_ctx( &md_ctx, md_info );
mgf_mask( p, siglen - hlen - 1, p + siglen - hlen - 1, hlen, &md_ctx );
@ -1194,7 +1198,7 @@ int rsa_rsassa_pss_verify_ext( rsa_context *ctx,
if( p == buf + siglen ||
*p++ != 0x01 )
{
md_free_ctx( &md_ctx );
md_free( &md_ctx );
return( POLARSSL_ERR_RSA_INVALID_PADDING );
}
@ -1204,7 +1208,7 @@ int rsa_rsassa_pss_verify_ext( rsa_context *ctx,
if( expected_salt_len != RSA_SALT_LEN_ANY &&
slen != (size_t) expected_salt_len )
{
md_free_ctx( &md_ctx );
md_free( &md_ctx );
return( POLARSSL_ERR_RSA_INVALID_PADDING );
}
@ -1216,7 +1220,7 @@ int rsa_rsassa_pss_verify_ext( rsa_context *ctx,
md_update( &md_ctx, p, slen );
md_finish( &md_ctx, result );
md_free_ctx( &md_ctx );
md_free( &md_ctx );
if( memcmp( p + slen, result, hlen ) == 0 )
return( 0 );

40
library/sha1.c
View File

@ -78,6 +78,19 @@ static void polarssl_zeroize( void *v, size_t n ) {
}
#endif
void sha1_init( sha1_context *ctx )
{
memset( ctx, 0, sizeof( sha1_context ) );
}
void sha1_free( sha1_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( sha1_context ) );
}
/*
* SHA-1 context setup
*/
@ -335,11 +348,11 @@ void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
{
sha1_context ctx;
sha1_init( &ctx );
sha1_starts( &ctx );
sha1_update( &ctx, input, ilen );
sha1_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha1_context ) );
sha1_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
@ -356,14 +369,14 @@ int sha1_file( const char *path, unsigned char output[20] )
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
sha1_init( &ctx );
sha1_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
sha1_update( &ctx, buf, n );
sha1_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha1_context ) );
sha1_free( &ctx );
if( ferror( f ) != 0 )
{
@ -450,11 +463,11 @@ void sha1_hmac( const unsigned char *key, size_t keylen,
{
sha1_context ctx;
sha1_init( &ctx );
sha1_hmac_starts( &ctx, key, keylen );
sha1_hmac_update( &ctx, input, ilen );
sha1_hmac_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha1_context ) );
sha1_free( &ctx );
}
#if defined(POLARSSL_SELF_TEST)
@ -554,11 +567,13 @@ static const unsigned char sha1_hmac_test_sum[7][20] =
*/
int sha1_self_test( int verbose )
{
int i, j, buflen;
int i, j, buflen, ret = 0;
unsigned char buf[1024];
unsigned char sha1sum[20];
sha1_context ctx;
sha1_init( &ctx );
/*
* SHA-1
*/
@ -587,7 +602,8 @@ int sha1_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -623,7 +639,8 @@ int sha1_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -633,7 +650,10 @@ int sha1_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "\n" );
return( 0 );
exit:
sha1_free( &ctx );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */

40
library/sha256.c
View File

@ -78,6 +78,19 @@ static void polarssl_zeroize( void *v, size_t n ) {
}
#endif
void sha256_init( sha256_context *ctx )
{
memset( ctx, 0, sizeof( sha256_context ) );
}
void sha256_free( sha256_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( sha256_context ) );
}
/*
* SHA-256 context setup
*/
@ -338,11 +351,11 @@ void sha256( const unsigned char *input, size_t ilen,
{
sha256_context ctx;
sha256_init( &ctx );
sha256_starts( &ctx, is224 );
sha256_update( &ctx, input, ilen );
sha256_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha256_context ) );
sha256_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
@ -359,14 +372,14 @@ int sha256_file( const char *path, unsigned char output[32], int is224 )
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_SHA256_FILE_IO_ERROR );
sha256_init( &ctx );
sha256_starts( &ctx, is224 );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
sha256_update( &ctx, buf, n );
sha256_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha256_context ) );
sha256_free( &ctx );
if( ferror( f ) != 0 )
{
@ -457,11 +470,11 @@ void sha256_hmac( const unsigned char *key, size_t keylen,
{
sha256_context ctx;
sha256_init( &ctx );
sha256_hmac_starts( &ctx, key, keylen, is224 );
sha256_hmac_update( &ctx, input, ilen );
sha256_hmac_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha256_context ) );
sha256_free( &ctx );
}
#if defined(POLARSSL_SELF_TEST)
@ -632,11 +645,13 @@ static const unsigned char sha256_hmac_test_sum[14][32] =
*/
int sha256_self_test( int verbose )
{
int i, j, k, buflen;
int i, j, k, buflen, ret = 0;
unsigned char buf[1024];
unsigned char sha256sum[32];
sha256_context ctx;
sha256_init( &ctx );
for( i = 0; i < 6; i++ )
{
j = i % 3;
@ -665,7 +680,8 @@ int sha256_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -704,7 +720,8 @@ int sha256_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -714,7 +731,10 @@ int sha256_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "\n" );
return( 0 );
exit:
sha256_free( &ctx );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */

40
library/sha512.c
View File

@ -133,6 +133,19 @@ static const uint64_t K[80] =
UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817)
};
void sha512_init( sha512_context *ctx )
{
memset( ctx, 0, sizeof( sha512_context ) );
}
void sha512_free( sha512_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( sha512_context ) );
}
/*
* SHA-512 context setup
*/
@ -336,11 +349,11 @@ void sha512( const unsigned char *input, size_t ilen,
{
sha512_context ctx;
sha512_init( &ctx );
sha512_starts( &ctx, is384 );
sha512_update( &ctx, input, ilen );
sha512_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha512_context ) );
sha512_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
@ -357,14 +370,14 @@ int sha512_file( const char *path, unsigned char output[64], int is384 )
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_SHA512_FILE_IO_ERROR );
sha512_init( &ctx );
sha512_starts( &ctx, is384 );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
sha512_update( &ctx, buf, n );
sha512_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha512_context ) );
sha512_free( &ctx );
if( ferror( f ) != 0 )
{
@ -455,11 +468,11 @@ void sha512_hmac( const unsigned char *key, size_t keylen,
{
sha512_context ctx;
sha512_init( &ctx );
sha512_hmac_starts( &ctx, key, keylen, is384 );
sha512_hmac_update( &ctx, input, ilen );
sha512_hmac_finish( &ctx, output );
polarssl_zeroize( &ctx, sizeof( sha512_context ) );
sha512_free( &ctx );
}
#if defined(POLARSSL_SELF_TEST)
@ -686,11 +699,13 @@ static const unsigned char sha512_hmac_test_sum[14][64] =
*/
int sha512_self_test( int verbose )
{
int i, j, k, buflen;
int i, j, k, buflen, ret = 0;
unsigned char buf[1024];
unsigned char sha512sum[64];
sha512_context ctx;
sha512_init( &ctx );
for( i = 0; i < 6; i++ )
{
j = i % 3;
@ -719,7 +734,8 @@ int sha512_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -758,7 +774,8 @@ int sha512_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -768,7 +785,10 @@ int sha512_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "\n" );
return( 0 );
exit:
sha512_free( &ctx );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */

10
library/ssl_cli.c
View File

@ -1718,6 +1718,9 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
md5_context md5;
sha1_context sha1;
md5_init( &md5 );
sha1_init( &sha1 );
hashlen = 36;
/*
@ -1742,6 +1745,9 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
sha1_update( &sha1, ssl->handshake->randbytes, 64 );
sha1_update( &sha1, ssl->in_msg + 4, params_len );
sha1_finish( &sha1, hash + 16 );
md5_free( &md5 );
sha1_free( &sha1 );
}
else
#endif /* POLARSSL_SSL_PROTO_SSL3 || POLARSSL_SSL_PROTO_TLS1 || \
@ -1752,6 +1758,8 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
{
md_context_t ctx;
md_init( &ctx );
/* Info from md_alg will be used instead */
hashlen = 0;
@ -1773,7 +1781,7 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
md_update( &ctx, ssl->handshake->randbytes, 64 );
md_update( &ctx, ssl->in_msg + 4, params_len );
md_finish( &ctx, hash );
md_free_ctx( &ctx );
md_free( &ctx );
}
else
#endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 || \

18
library/ssl_srv.c
View File

@ -343,6 +343,8 @@ static int ssl_parse_ticket( ssl_context *ssl,
ssl_session_free( ssl->session_negotiate );
memcpy( ssl->session_negotiate, &session, sizeof( ssl_session ) );
/* Zeroize instead of free as we copied the content */
polarssl_zeroize( &session, sizeof( ssl_session ) );
return( 0 );
@ -2337,6 +2339,9 @@ curve_matching_done:
md5_context md5;
sha1_context sha1;
md5_init( &md5 );
sha1_init( &sha1 );
/*
* digitally-signed struct {
* opaque md5_hash[16];
@ -2361,6 +2366,9 @@ curve_matching_done:
sha1_finish( &sha1, hash + 16 );
hashlen = 36;
md5_free( &md5 );
sha1_free( &sha1 );
}
else
#endif /* POLARSSL_SSL_PROTO_SSL3 || POLARSSL_SSL_PROTO_TLS1 || \
@ -2372,6 +2380,8 @@ curve_matching_done:
md_context_t ctx;
const md_info_t *md_info = md_info_from_type( md_alg );
md_init( &ctx );
/* Info from md_alg will be used instead */
hashlen = 0;
@ -2392,13 +2402,7 @@ curve_matching_done:
md_update( &ctx, ssl->handshake->randbytes, 64 );
md_update( &ctx, dig_signed, dig_signed_len );
md_finish( &ctx, hash );
if( ( ret = md_free_ctx( &ctx ) ) != 0 )
{
SSL_DEBUG_RET( 1, "md_free_ctx", ret );
return( ret );
}
md_free( &ctx );
}
else
#endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 || \

190
library/ssl_tls.c
View File

@ -156,6 +156,9 @@ static int ssl3_prf( const unsigned char *secret, size_t slen,
unsigned char sha1sum[20];
((void)label);
md5_init( &md5 );
sha1_init( &sha1 );
/*
* SSLv3:
* block =
@ -180,8 +183,8 @@ static int ssl3_prf( const unsigned char *secret, size_t slen,
md5_finish( &md5, dstbuf + i * 16 );
}
polarssl_zeroize( &md5, sizeof( md5 ) );
polarssl_zeroize( &sha1, sizeof( sha1 ) );
md5_free( &md5 );
sha1_free( &sha1 );
polarssl_zeroize( padding, sizeof( padding ) );
polarssl_zeroize( sha1sum, sizeof( sha1sum ) );
@ -805,6 +808,9 @@ void ssl_calc_verify_ssl( ssl_context *ssl, unsigned char hash[36] )
SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 );
SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
md5_free( &md5 );
sha1_free( &sha1 );
return;
}
#endif /* POLARSSL_SSL_PROTO_SSL3 */
@ -826,6 +832,9 @@ void ssl_calc_verify_tls( ssl_context *ssl, unsigned char hash[36] )
SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 );
SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
md5_free( &md5 );
sha1_free( &sha1 );
return;
}
#endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 */
@ -844,6 +853,8 @@ void ssl_calc_verify_tls_sha256( ssl_context *ssl, unsigned char hash[32] )
SSL_DEBUG_BUF( 3, "calculated verify result", hash, 32 );
SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
sha256_free( &sha256 );
return;
}
#endif /* POLARSSL_SHA256_C */
@ -861,6 +872,8 @@ void ssl_calc_verify_tls_sha384( ssl_context *ssl, unsigned char hash[48] )
SSL_DEBUG_BUF( 3, "calculated verify result", hash, 48 );
SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
sha512_free( &sha512 );
return;
}
#endif /* POLARSSL_SHA512_C */
@ -2878,8 +2891,8 @@ static void ssl_calc_finished_ssl(
SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 );
polarssl_zeroize( &md5, sizeof( md5_context ) );
polarssl_zeroize( &sha1, sizeof( sha1_context ) );
md5_free( &md5 );
sha1_free( &sha1 );
polarssl_zeroize( padbuf, sizeof( padbuf ) );
polarssl_zeroize( md5sum, sizeof( md5sum ) );
@ -2936,8 +2949,8 @@ static void ssl_calc_finished_tls(
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
polarssl_zeroize( &md5, sizeof( md5_context ) );
polarssl_zeroize( &sha1, sizeof( sha1_context ) );
md5_free( &md5 );
sha1_free( &sha1 );
polarssl_zeroize( padbuf, sizeof( padbuf ) );
@ -2985,7 +2998,7 @@ static void ssl_calc_finished_tls_sha256(
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
polarssl_zeroize( &sha256, sizeof( sha256_context ) );
sha256_free( &sha256 );
polarssl_zeroize( padbuf, sizeof( padbuf ) );
@ -3032,7 +3045,7 @@ static void ssl_calc_finished_tls_sha384(
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
polarssl_zeroize( &sha512, sizeof( sha512_context ) );
sha512_free( &sha512 );
polarssl_zeroize( padbuf, sizeof( padbuf ) );
@ -3257,73 +3270,114 @@ int ssl_parse_finished( ssl_context *ssl )
return( 0 );
}
static void ssl_handshake_params_init( ssl_handshake_params *handshake,
ssl_key_cert *key_cert )
{
memset( handshake, 0, sizeof( ssl_handshake_params ) );
#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
defined(POLARSSL_SSL_PROTO_TLS1_1)
md5_init( &handshake->fin_md5 );
sha1_init( &handshake->fin_sha1 );
md5_starts( &handshake->fin_md5 );
sha1_starts( &handshake->fin_sha1 );
#endif
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
#if defined(POLARSSL_SHA256_C)
sha256_init( &handshake->fin_sha256 );
sha256_starts( &handshake->fin_sha256, 0 );
#endif
#if defined(POLARSSL_SHA512_C)
sha512_init( &handshake->fin_sha512 );
sha512_starts( &handshake->fin_sha512, 1 );
#endif
#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
handshake->update_checksum = ssl_update_checksum_start;
handshake->sig_alg = SSL_HASH_SHA1;
#if defined(POLARSSL_DHM_C)
dhm_init( &handshake->dhm_ctx );
#endif
#if defined(POLARSSL_ECDH_C)
ecdh_init( &handshake->ecdh_ctx );
#endif
#if defined(POLARSSL_X509_CRT_PARSE_C)
handshake->key_cert = key_cert;
#endif
}
static void ssl_transform_init( ssl_transform *transform )
{
memset( transform, 0, sizeof(ssl_transform) );
cipher_init( &transform->cipher_ctx_enc );
cipher_init( &transform->cipher_ctx_dec );
md_init( &transform->md_ctx_enc );
md_init( &transform->md_ctx_dec );
}
void ssl_session_init( ssl_session *session )
{
memset( session, 0, sizeof(ssl_session) );
}
static int ssl_handshake_init( ssl_context *ssl )
{
/* Clear old handshake information if present */
if( ssl->transform_negotiate )
ssl_transform_free( ssl->transform_negotiate );
else
if( ssl->session_negotiate )
ssl_session_free( ssl->session_negotiate );
if( ssl->handshake )
ssl_handshake_free( ssl->handshake );
/*
* Either the pointers are now NULL or cleared properly and can be freed.
* Now allocate missing structures.
*/
if( ssl->transform_negotiate == NULL )
{
ssl->transform_negotiate =
(ssl_transform *) polarssl_malloc( sizeof(ssl_transform) );
if( ssl->transform_negotiate != NULL )
memset( ssl->transform_negotiate, 0, sizeof(ssl_transform) );
}
if( ssl->session_negotiate )
ssl_session_free( ssl->session_negotiate );
else
if( ssl->session_negotiate == NULL )
{
ssl->session_negotiate =
(ssl_session *) polarssl_malloc( sizeof(ssl_session) );
if( ssl->session_negotiate != NULL )
memset( ssl->session_negotiate, 0, sizeof(ssl_session) );
}
if( ssl->handshake )
ssl_handshake_free( ssl->handshake );
else
if( ssl->handshake == NULL)
{
ssl->handshake = (ssl_handshake_params *)
polarssl_malloc( sizeof(ssl_handshake_params) );
if( ssl->handshake != NULL )
memset( ssl->handshake, 0, sizeof(ssl_handshake_params) );
}
/* All pointers should exist and can be directly freed without issue */
if( ssl->handshake == NULL ||
ssl->transform_negotiate == NULL ||
ssl->session_negotiate == NULL )
{
SSL_DEBUG_MSG( 1, ( "malloc() of ssl sub-contexts failed" ) );
polarssl_free( ssl->handshake );
polarssl_free( ssl->transform_negotiate );
polarssl_free( ssl->session_negotiate );
ssl->handshake = NULL;
ssl->transform_negotiate = NULL;
ssl->session_negotiate = NULL;
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
}
#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
defined(POLARSSL_SSL_PROTO_TLS1_1)
md5_starts( &ssl->handshake->fin_md5 );
sha1_starts( &ssl->handshake->fin_sha1 );
#endif
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
#if defined(POLARSSL_SHA256_C)
sha256_starts( &ssl->handshake->fin_sha256, 0 );
#endif
#if defined(POLARSSL_SHA512_C)
sha512_starts( &ssl->handshake->fin_sha512, 1 );
#endif
#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
ssl->handshake->update_checksum = ssl_update_checksum_start;
ssl->handshake->sig_alg = SSL_HASH_SHA1;
#if defined(POLARSSL_ECDH_C)
ecdh_init( &ssl->handshake->ecdh_ctx );
#endif
#if defined(POLARSSL_X509_CRT_PARSE_C)
ssl->handshake->key_cert = ssl->key_cert;
#endif
/* Initialize structures */
ssl_session_init( ssl->session_negotiate );
ssl_transform_init( ssl->transform_negotiate );
ssl_handshake_params_init( ssl->handshake, ssl->key_cert );
return( 0 );
}
@ -3482,6 +3536,14 @@ int ssl_session_reset( ssl_context *ssl )
}
#if defined(POLARSSL_SSL_SESSION_TICKETS)
static void ssl_ticket_keys_free( ssl_ticket_keys *tkeys )
{
aes_free( &tkeys->enc );
aes_free( &tkeys->dec );
polarssl_zeroize( tkeys, sizeof(ssl_ticket_keys) );
}
/*
* Allocate and initialize ticket keys
*/
@ -3498,8 +3560,12 @@ static int ssl_ticket_keys_init( ssl_context *ssl )
if( tkeys == NULL )
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
aes_init( &tkeys->enc );
aes_init( &tkeys->dec );
if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->key_name, 16 ) ) != 0 )
{
ssl_ticket_keys_free( tkeys );
polarssl_free( tkeys );
return( ret );
}
@ -3508,12 +3574,14 @@ static int ssl_ticket_keys_init( ssl_context *ssl )
( ret = aes_setkey_enc( &tkeys->enc, buf, 128 ) ) != 0 ||
( ret = aes_setkey_dec( &tkeys->dec, buf, 128 ) ) != 0 )
{
ssl_ticket_keys_free( tkeys );
polarssl_free( tkeys );
return( ret );
}
if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->mac_key, 16 ) ) != 0 )
{
ssl_ticket_keys_free( tkeys );
polarssl_free( tkeys );
return( ret );
}
@ -4436,16 +4504,19 @@ int ssl_close_notify( ssl_context *ssl )
void ssl_transform_free( ssl_transform *transform )
{
if( transform == NULL )
return;
#if defined(POLARSSL_ZLIB_SUPPORT)
deflateEnd( &transform->ctx_deflate );
inflateEnd( &transform->ctx_inflate );
#endif
cipher_free_ctx( &transform->cipher_ctx_enc );
cipher_free_ctx( &transform->cipher_ctx_dec );
cipher_free( &transform->cipher_ctx_enc );
cipher_free( &transform->cipher_ctx_dec );
md_free_ctx( &transform->md_ctx_enc );
md_free_ctx( &transform->md_ctx_dec );
md_free( &transform->md_ctx_enc );
md_free( &transform->md_ctx_dec );
polarssl_zeroize( transform, sizeof( ssl_transform ) );
}
@ -4473,6 +4544,9 @@ static void ssl_key_cert_free( ssl_key_cert *key_cert )
void ssl_handshake_free( ssl_handshake_params *handshake )
{
if( handshake == NULL )
return;
#if defined(POLARSSL_DHM_C)
dhm_free( &handshake->dhm_ctx );
#endif
@ -4509,6 +4583,9 @@ void ssl_handshake_free( ssl_handshake_params *handshake )
void ssl_session_free( ssl_session *session )
{
if( session == NULL )
return;
#if defined(POLARSSL_X509_CRT_PARSE_C)
if( session->peer_cert != NULL )
{
@ -4529,6 +4606,9 @@ void ssl_session_free( ssl_session *session )
*/
void ssl_free( ssl_context *ssl )
{
if( ssl == NULL )
return;
SSL_DEBUG_MSG( 2, ( "=> free" ) );
if( ssl->out_ctr != NULL )
@ -4580,7 +4660,11 @@ void ssl_free( ssl_context *ssl )
}
#if defined(POLARSSL_SSL_SESSION_TICKETS)
polarssl_free( ssl->ticket_keys );
if( ssl->ticket_keys )
{
ssl_ticket_keys_free( ssl->ticket_keys );
polarssl_free( ssl->ticket_keys );
}
#endif
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)

29
library/xtea.c
View File

@ -41,6 +41,11 @@
#if !defined(POLARSSL_XTEA_ALT)
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* 32-bit integer manipulation macros (big endian)
*/
@ -64,6 +69,19 @@
}
#endif
void xtea_init( xtea_context *ctx )
{
memset( ctx, 0, sizeof( xtea_context ) );
}
void xtea_free( xtea_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( xtea_context ) );
}
/*
* XTEA key schedule
*/
@ -223,10 +241,11 @@ static const unsigned char xtea_test_ct[6][8] =
*/
int xtea_self_test( int verbose )
{
int i;
int i, ret = 0;
unsigned char buf[8];
xtea_context ctx;
xtea_init( &ctx );
for( i = 0; i < 6; i++ )
{
if( verbose != 0 )
@ -242,7 +261,8 @@ int xtea_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
ret = 1;
goto exit;
}
if( verbose != 0 )
@ -252,7 +272,10 @@ int xtea_self_test( int verbose )
if( verbose != 0 )
polarssl_printf( "\n" );
return( 0 );
exit:
xtea_free( &ctx );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */

9
programs/aes/aescrypt2.c
View File

@ -93,6 +93,9 @@ int main( int argc, char *argv[] )
off_t filesize, offset;
#endif
aes_init( &aes_ctx );
sha256_init( &sha_ctx );
/*
* Parse the command-line arguments.
*/
@ -357,7 +360,7 @@ int main( int argc, char *argv[] )
}
memset( key, 0, sizeof( key ) );
aes_setkey_dec( &aes_ctx, digest, 256 );
aes_setkey_dec( &aes_ctx, digest, 256 );
sha256_hmac_starts( &sha_ctx, digest, 32, 0 );
/*
@ -426,8 +429,8 @@ exit:
memset( buffer, 0, sizeof( buffer ) );
memset( digest, 0, sizeof( digest ) );
memset( &aes_ctx, 0, sizeof( aes_context ) );
memset( &sha_ctx, 0, sizeof( sha256_context ) );
aes_free( &aes_ctx );
sha256_free( &sha_ctx );
return( ret );
}

8
programs/aes/crypt_and_hash.c
View File

@ -95,8 +95,8 @@ int main( int argc, char *argv[] )
off_t filesize, offset;
#endif
memset( &cipher_ctx, 0, sizeof( cipher_context_t ));
memset( &md_ctx, 0, sizeof( md_context_t ));
cipher_init( &cipher_ctx );
md_init( &md_ctx );
/*
* Parse the command-line arguments.
@ -533,8 +533,8 @@ exit:
memset( buffer, 0, sizeof( buffer ) );
memset( digest, 0, sizeof( digest ) );
cipher_free_ctx( &cipher_ctx );
md_free_ctx( &md_ctx );
cipher_free( &cipher_ctx );
md_free( &md_ctx );
return( ret );
}

4
programs/hash/generic_sum.c
View File

@ -165,7 +165,7 @@ int main( int argc, char *argv[] )
const md_info_t *md_info;
md_context_t md_ctx;
memset( &md_ctx, 0, sizeof( md_context_t ));
md_init( &md_ctx );
if( argc == 1 )
{
@ -217,7 +217,7 @@ int main( int argc, char *argv[] )
ret |= generic_print( md_info, argv[i] );
exit:
md_free_ctx( &md_ctx );
md_free( &md_ctx );
return( ret );
}

5
programs/pkey/dh_client.c
View File

@ -82,7 +82,8 @@ int main( int argc, char *argv[] )
((void) argv);
memset( &rsa, 0, sizeof( rsa ) );
memset( &dhm, 0, sizeof( dhm ) );
dhm_init( &dhm );
aes_init( &aes );
/*
* 1. Setup the RNG
@ -279,8 +280,10 @@ exit:
if( server_fd != -1 )
net_close( server_fd );
aes_free( &aes );
rsa_free( &rsa );
dhm_free( &dhm );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(_WIN32)

1
programs/pkey/dh_genprime.c
View File

@ -154,6 +154,7 @@ int main( int argc, char *argv[] )
exit:
mpi_free( &G ); mpi_free( &P ); mpi_free( &Q );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(_WIN32)

5
programs/pkey/dh_server.c
View File

@ -83,7 +83,8 @@ int main( int argc, char *argv[] )
((void) argv);
memset( &rsa, 0, sizeof( rsa ) );
memset( &dhm, 0, sizeof( dhm ) );
dhm_init( &dhm );
aes_init( &aes );
/*
* 1. Setup the RNG
@ -280,8 +281,10 @@ exit:
if( client_fd != -1 )
net_close( client_fd );
aes_free( &aes );
rsa_free( &rsa );
dhm_free( &dhm );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(_WIN32)

1
programs/pkey/ecdsa.c
View File

@ -229,6 +229,7 @@ exit:
ecdsa_free( &ctx_verify );
ecdsa_free( &ctx_sign );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
return( ret );

1
programs/pkey/gen_key.c
View File

@ -388,6 +388,7 @@ exit:
}
pk_free( &key );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(_WIN32)

1
programs/pkey/pk_decrypt.c
View File

@ -140,6 +140,7 @@ int main( int argc, char *argv[] )
ret = 0;
exit:
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(POLARSSL_ERROR_C)

1
programs/pkey/pk_encrypt.c
View File

@ -140,6 +140,7 @@ int main( int argc, char *argv[] )
printf( "\n . Done (created \"%s\")\n\n", "result-enc.txt" );
exit:
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(POLARSSL_ERROR_C)

1
programs/pkey/pk_sign.c
View File

@ -151,6 +151,7 @@ int main( int argc, char *argv[] )
exit:
pk_free( &pk );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(POLARSSL_ERROR_C)

1
programs/pkey/rsa_decrypt.c
View File

@ -164,6 +164,7 @@ int main( int argc, char *argv[] )
ret = 0;
exit:
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(_WIN32)

1
programs/pkey/rsa_encrypt.c
View File

@ -152,6 +152,7 @@ int main( int argc, char *argv[] )
printf( "\n . Done (created \"%s\")\n\n", "result-enc.txt" );
exit:
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(_WIN32)

1
programs/pkey/rsa_genkey.c
View File

@ -154,6 +154,7 @@ exit:
fclose( fpriv );
rsa_free( &rsa );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(_WIN32)

1
programs/pkey/rsa_sign_pss.c
View File

@ -161,6 +161,7 @@ int main( int argc, char *argv[] )
exit:
pk_free( &pk );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(_WIN32)

1
programs/random/gen_random_ctr_drbg.c
View File

@ -115,6 +115,7 @@ cleanup:
printf("\n");
fclose( f );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
return( ret );

11
programs/random/gen_random_havege.c
View File

@ -48,7 +48,7 @@ int main( int argc, char *argv[] )
{
FILE *f;
time_t t;
int i, k;
int i, k, ret = 0;
havege_state hs;
unsigned char buf[1024];
@ -73,8 +73,9 @@ int main( int argc, char *argv[] )
if( havege_random( &hs, buf, sizeof( buf ) ) != 0 )
{
printf( "Failed to get random from source.\n" );
fclose( f );
return( 1 );
ret = 1;
goto exit;
}
fwrite( buf, sizeof( buf ), 1, f );
@ -89,7 +90,9 @@ int main( int argc, char *argv[] )
printf(" \n ");
exit:
havege_free( &hs );
fclose( f );
return( 0 );
return( ret );
}
#endif /* POLARSSL_HAVEGE_C */

1
programs/ssl/ssl_client1.c
View File

@ -290,6 +290,7 @@ exit:
x509_crt_free( &cacert );
ssl_free( &ssl );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
memset( &ssl, 0, sizeof( ssl ) );

1
programs/ssl/ssl_client2.c
View File

@ -1209,6 +1209,7 @@ exit:
#endif
ssl_session_free( &saved_session );
ssl_free( &ssl );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
memset( &ssl, 0, sizeof( ssl ) );

1
programs/ssl/ssl_fork_server.c
View File

@ -376,6 +376,7 @@ exit:
x509_crt_free( &srvcert );
pk_free( &pkey );
ssl_free( &ssl );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(_WIN32)

1
programs/ssl/ssl_mail_client.c
View File

@ -816,6 +816,7 @@ exit:
x509_crt_free( &cacert );
pk_free( &pkey );
ssl_free( &ssl );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(_WIN32)

1
programs/ssl/ssl_pthread_server.c
View File

@ -492,6 +492,7 @@ exit:
#if defined(POLARSSL_SSL_CACHE_C)
ssl_cache_free( &cache );
#endif
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
polarssl_mutex_free( &debug_mutex );

1
programs/ssl/ssl_server.c
View File

@ -373,6 +373,7 @@ exit:
#if defined(POLARSSL_SSL_CACHE_C)
ssl_cache_free( &cache );
#endif
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(_WIN32)

6
programs/ssl/ssl_server2.c
View File

@ -626,7 +626,7 @@ int main( int argc, char *argv[] )
pk_init( &pkey2 );
#endif
#if defined(POLARSSL_DHM_C) && defined(POLARSSL_FS_IO)
memset( &dhm, 0, sizeof( dhm_context ) );
dhm_init( &dhm );
#endif
#if defined(POLARSSL_SSL_CACHE_C)
ssl_cache_init( &cache );
@ -1655,6 +1655,9 @@ exit:
if( client_fd != -1 )
net_close( client_fd );
#if defined(POLARSSL_DHM_C) && defined(POLARSSL_FS_IO)
dhm_free( &dhm );
#endif
#if defined(POLARSSL_X509_CRT_PARSE_C)
x509_crt_free( &cacert );
x509_crt_free( &srvcert );
@ -1673,6 +1676,7 @@ exit:
#endif
ssl_free( &ssl );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(POLARSSL_SSL_CACHE_C)

18
programs/test/benchmark.c
View File

@ -273,8 +273,10 @@ int main( int argc, char *argv[] )
if( todo.arc4 )
{
arc4_context arc4;
arc4_init( &arc4 );
arc4_setup( &arc4, tmp, 32 );
TIME_AND_TSC( "ARC4", arc4_crypt( &arc4, BUFSIZE, buf, buf ) );
arc4_free( &arc4 );
}
#endif
@ -282,17 +284,21 @@ int main( int argc, char *argv[] )
if( todo.des3 )
{
des3_context des3;
des3_init( &des3 );
des3_set3key_enc( &des3, tmp );
TIME_AND_TSC( "3DES",
des3_crypt_cbc( &des3, DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
des3_free( &des3 );
}
if( todo.des )
{
des_context des;
des_init( &des );
des_setkey_enc( &des, tmp );
TIME_AND_TSC( "DES",
des_crypt_cbc( &des, DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
des_free( &des );
}
#endif
@ -301,6 +307,7 @@ int main( int argc, char *argv[] )
if( todo.aes_cbc )
{
aes_context aes;
aes_init( &aes );
for( keysize = 128; keysize <= 256; keysize += 64 )
{
snprintf( title, sizeof( title ), "AES-CBC-%d", keysize );
@ -312,6 +319,7 @@ int main( int argc, char *argv[] )
TIME_AND_TSC( title,
aes_crypt_cbc( &aes, AES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
}
aes_free( &aes );
}
#endif
#if defined(POLARSSL_GCM_C)
@ -360,6 +368,7 @@ int main( int argc, char *argv[] )
if( todo.camellia )
{
camellia_context camellia;
camellia_init( &camellia );
for( keysize = 128; keysize <= 256; keysize += 64 )
{
snprintf( title, sizeof( title ), "CAMELLIA-CBC-%d", keysize );
@ -372,6 +381,7 @@ int main( int argc, char *argv[] )
camellia_crypt_cbc( &camellia, CAMELLIA_ENCRYPT,
BUFSIZE, tmp, buf, buf ) );
}
camellia_free( &camellia );
}
#endif
@ -379,6 +389,8 @@ int main( int argc, char *argv[] )
if( todo.blowfish )
{
blowfish_context blowfish;
blowfish_init( &blowfish );
for( keysize = 128; keysize <= 256; keysize += 64 )
{
snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize );
@ -391,6 +403,8 @@ int main( int argc, char *argv[] )
blowfish_crypt_cbc( &blowfish, BLOWFISH_ENCRYPT, BUFSIZE,
tmp, buf, buf ) );
}
blowfish_free( &blowfish );
}
#endif
@ -400,6 +414,7 @@ int main( int argc, char *argv[] )
havege_state hs;
havege_init( &hs );
TIME_AND_TSC( "HAVEGE", havege_random( &hs, buf, BUFSIZE ) );
havege_free( &hs );
}
#endif
@ -420,6 +435,7 @@ int main( int argc, char *argv[] )
TIME_AND_TSC( "CTR_DRBG (PR)",
if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
exit(1) );
ctr_drbg_free( &ctr_drbg );
}
#endif
@ -517,7 +533,7 @@ int main( int argc, char *argv[] )
size_t olen;
for( i = 0; i < DHM_SIZES; i++ )
{
memset( &dhm, 0, sizeof( dhm_context ) );
dhm_init( &dhm );
if( mpi_read_string( &dhm.P, 16, dhm_P[i] ) != 0 ||
mpi_read_string( &dhm.G, 16, dhm_G[i] ) != 0 )

1
programs/test/o_p_test.c
View File

@ -258,6 +258,7 @@ int main( int argc, char *argv[] )
printf( "String value (PolarSSL Private Encrypt, OpenSSL Public Decrypt): '%s'\n", o_priv_decrypted );
exit:
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#ifdef WIN32

1
programs/test/ssl_test.c
View File

@ -417,6 +417,7 @@ exit:
x509_crt_free( &srvcert );
pk_free( &pkey );
ssl_free( &ssl );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
if( client_fd != -1 )

1
programs/x509/cert_app.c
View File

@ -492,6 +492,7 @@ exit:
x509_crl_free( &cacrl );
#endif
pk_free( &pkey );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(_WIN32)

1
programs/x509/cert_req.c
View File

@ -329,6 +329,7 @@ exit:
x509write_csr_free( &req );
pk_free( &key );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(_WIN32)

1
programs/x509/cert_write.c
View File

@ -652,6 +652,7 @@ exit:
pk_free( &loaded_subject_key );
pk_free( &loaded_issuer_key );
mpi_free( &serial );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
#if defined(_WIN32)

24
tests/suites/test_suite_aes.function
View File

@ -22,6 +22,7 @@ void aes_encrypt_ecb( char *hex_key_string, char *hex_src_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
aes_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( src_str, hex_src_string );
@ -34,6 +35,8 @@ void aes_encrypt_ecb( char *hex_key_string, char *hex_src_string,
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
}
aes_free( &ctx );
}
/* END_CASE */
@ -52,6 +55,7 @@ void aes_decrypt_ecb( char *hex_key_string, char *hex_src_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
aes_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( src_str, hex_src_string );
@ -64,6 +68,8 @@ void aes_decrypt_ecb( char *hex_key_string, char *hex_src_string,
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
}
aes_free( &ctx );
}
/* END_CASE */
@ -85,6 +91,7 @@ void aes_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
aes_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -98,6 +105,8 @@ void aes_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
}
aes_free( &ctx );
}
/* END_CASE */
@ -119,6 +128,7 @@ void aes_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
aes_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -132,6 +142,8 @@ void aes_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
}
aes_free( &ctx );
}
/* END_CASE */
@ -153,6 +165,7 @@ void aes_encrypt_cfb128( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
aes_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -163,6 +176,8 @@ void aes_encrypt_cfb128( char *hex_key_string, char *hex_iv_string,
hexify( dst_str, output, 16 );
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
aes_free( &ctx );
}
/* END_CASE */
@ -184,6 +199,7 @@ void aes_decrypt_cfb128( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
aes_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -194,6 +210,8 @@ void aes_decrypt_cfb128( char *hex_key_string, char *hex_iv_string,
hexify( dst_str, output, 16 );
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
aes_free( &ctx );
}
/* END_CASE */
@ -214,6 +232,7 @@ void aes_encrypt_cfb8( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
aes_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -224,6 +243,8 @@ void aes_encrypt_cfb8( char *hex_key_string, char *hex_iv_string,
hexify( dst_str, output, src_len );
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
aes_free( &ctx );
}
/* END_CASE */
@ -244,6 +265,7 @@ void aes_decrypt_cfb8( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
aes_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -254,6 +276,8 @@ void aes_decrypt_cfb8( char *hex_key_string, char *hex_iv_string,
hexify( dst_str, output, src_len );
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
aes_free( &ctx );
}
/* END_CASE */

3
tests/suites/test_suite_arc4.function
View File

@ -22,6 +22,7 @@ void arc4_crypt( char *hex_src_string, char *hex_key_string,
memset(key_str, 0x00, 1000);
memset(dst_str, 0x00, 1000);
memset(dst_hexstr, 0x00, 2000);
arc4_init( &ctx );
src_len = unhexify( src_str, hex_src_string );
key_len = unhexify( key_str, hex_key_string );
@ -31,6 +32,8 @@ void arc4_crypt( char *hex_src_string, char *hex_key_string,
hexify( dst_hexstr, dst_str, src_len );
TEST_ASSERT( strcmp( (char *) dst_hexstr, hex_dst_string ) == 0 );
arc4_free( &ctx );
}
/* END_CASE */

21
tests/suites/test_suite_blowfish.function
View File

@ -22,6 +22,7 @@ void blowfish_encrypt_ecb( char *hex_key_string, char *hex_src_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
blowfish_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( src_str, hex_src_string );
@ -34,6 +35,8 @@ void blowfish_encrypt_ecb( char *hex_key_string, char *hex_src_string,
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
}
blowfish_free( &ctx );
}
/* END_CASE */
@ -52,6 +55,7 @@ void blowfish_decrypt_ecb( char *hex_key_string, char *hex_src_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
blowfish_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( src_str, hex_src_string );
@ -64,6 +68,8 @@ void blowfish_decrypt_ecb( char *hex_key_string, char *hex_src_string,
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
}
blowfish_free( &ctx );
}
/* END_CASE */
@ -85,6 +91,7 @@ void blowfish_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
blowfish_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -99,6 +106,8 @@ void blowfish_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
}
blowfish_free( &ctx );
}
/* END_CASE */
@ -120,6 +129,7 @@ void blowfish_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
blowfish_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -133,6 +143,8 @@ void blowfish_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
}
blowfish_free( &ctx );
}
/* END_CASE */
@ -154,6 +166,7 @@ void blowfish_encrypt_cfb64( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
blowfish_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -164,6 +177,8 @@ void blowfish_encrypt_cfb64( char *hex_key_string, char *hex_iv_string,
hexify( dst_str, output, src_len );
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
blowfish_free( &ctx );
}
/* END_CASE */
@ -185,6 +200,7 @@ void blowfish_decrypt_cfb64( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
blowfish_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -195,6 +211,8 @@ void blowfish_decrypt_cfb64( char *hex_key_string, char *hex_iv_string,
hexify( dst_str, output, src_len );
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
blowfish_free( &ctx );
}
/* END_CASE */
@ -218,6 +236,7 @@ void blowfish_encrypt_ctr( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
blowfish_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -228,5 +247,7 @@ void blowfish_encrypt_ctr( char *hex_key_string, char *hex_iv_string,
hexify( dst_str, output, src_len );
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
blowfish_free( &ctx );
}
/* END_CASE */

18
tests/suites/test_suite_camellia.function
View File

@ -22,6 +22,7 @@ void camellia_encrypt_ecb( char *hex_key_string, char *hex_src_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
camellia_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( src_str, hex_src_string );
@ -34,6 +35,8 @@ void camellia_encrypt_ecb( char *hex_key_string, char *hex_src_string,
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
}
camellia_free( &ctx );
}
/* END_CASE */
@ -52,6 +55,7 @@ void camellia_decrypt_ecb( char *hex_key_string, char *hex_src_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
camellia_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( src_str, hex_src_string );
@ -64,6 +68,8 @@ void camellia_decrypt_ecb( char *hex_key_string, char *hex_src_string,
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
}
camellia_free( &ctx );
}
/* END_CASE */
@ -85,6 +91,7 @@ void camellia_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
camellia_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -98,6 +105,8 @@ void camellia_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
}
camellia_free( &ctx );
}
/* END_CASE */
@ -119,6 +128,7 @@ void camellia_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
camellia_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -132,6 +142,8 @@ void camellia_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
}
camellia_free( &ctx );
}
/* END_CASE */
@ -153,6 +165,7 @@ void camellia_encrypt_cfb128( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
camellia_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -163,6 +176,8 @@ void camellia_encrypt_cfb128( char *hex_key_string, char *hex_iv_string,
hexify( dst_str, output, 16 );
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
camellia_free( &ctx );
}
/* END_CASE */
@ -184,6 +199,7 @@ void camellia_decrypt_cfb128( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
camellia_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -194,6 +210,8 @@ void camellia_decrypt_cfb128( char *hex_key_string, char *hex_iv_string,
hexify( dst_str, output, 16 );
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
camellia_free( &ctx );
}
/* END_CASE */

58
tests/suites/test_suite_cipher.function
View File

@ -29,7 +29,7 @@ void cipher_null_args( )
unsigned char buf[1] = { 0 };
size_t olen;
memset( &ctx, 0, sizeof( cipher_context_t ) );
cipher_init( &ctx );
TEST_ASSERT( cipher_get_block_size( NULL ) == 0 );
TEST_ASSERT( cipher_get_block_size( &ctx ) == 0 );
@ -111,8 +111,8 @@ void enc_dec_buf( int cipher_id, char *cipher_string, int key_len,
/*
* Prepare contexts
*/
memset( &ctx_dec, 0, sizeof( ctx_dec ) );
memset( &ctx_enc, 0, sizeof( ctx_enc ) );
cipher_init( &ctx_dec );
cipher_init( &ctx_enc );
memset( key, 0x2a, sizeof( key ) );
@ -207,8 +207,8 @@ void enc_dec_buf( int cipher_id, char *cipher_string, int key_len,
/*
* Done
*/
TEST_ASSERT( 0 == cipher_free_ctx( &ctx_dec ) );
TEST_ASSERT( 0 == cipher_free_ctx( &ctx_enc ) );
cipher_free( &ctx_dec );
cipher_free( &ctx_enc );
}
/* END_CASE */
@ -231,7 +231,7 @@ void enc_fail( int cipher_id, int pad_mode, int key_len,
memset( key, 0, 32 );
memset( iv , 0, 16 );
memset( &ctx, 0, sizeof( ctx ) );
cipher_init( &ctx );
memset( inbuf, 5, 64 );
memset( encbuf, 0, 64 );
@ -259,7 +259,7 @@ void enc_fail( int cipher_id, int pad_mode, int key_len,
TEST_ASSERT( ret == cipher_finish( &ctx, encbuf + outlen, &outlen ) );
/* done */
TEST_ASSERT( 0 == cipher_free_ctx( &ctx ) );
cipher_free( &ctx );
}
/* END_CASE */
@ -279,16 +279,16 @@ void dec_empty_buf()
memset( key, 0, 32 );
memset( iv , 0, 16 );
memset( &ctx_dec, 0, sizeof( ctx_dec ) );
cipher_init( &ctx_dec );
memset( encbuf, 0, 64 );
memset( decbuf, 0, 64 );
/* Initialise context */
cipher_info = cipher_info_from_type( POLARSSL_CIPHER_AES_128_CBC );
TEST_ASSERT( NULL != cipher_info);
TEST_ASSERT( 0 == cipher_init_ctx( &ctx_dec, cipher_info ) );
TEST_ASSERT( 0 == cipher_setkey( &ctx_dec, key, 128, POLARSSL_DECRYPT ) );
@ -308,7 +308,7 @@ void dec_empty_buf()
&ctx_dec, decbuf + outlen, &outlen ) );
TEST_ASSERT( 0 == outlen );
TEST_ASSERT( 0 == cipher_free_ctx( &ctx_dec ) );
cipher_free( &ctx_dec );
}
/* END_CASE */
@ -335,10 +335,10 @@ void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val,
memset( key, 0, 32 );
memset( iv , 0, 16 );
memset( &ctx_dec, 0, sizeof( ctx_dec ) );
memset( &ctx_enc, 0, sizeof( ctx_enc ) );
cipher_init( &ctx_dec );
cipher_init( &ctx_enc );
memset( inbuf, 5, 64 );
memset( encbuf, 0, 64 );
memset( decbuf, 0, 64 );
@ -346,10 +346,10 @@ void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val,
/* Initialise enc and dec contexts */
cipher_info = cipher_info_from_type( cipher_id );
TEST_ASSERT( NULL != cipher_info);
TEST_ASSERT( 0 == cipher_init_ctx( &ctx_dec, cipher_info ) );
TEST_ASSERT( 0 == cipher_init_ctx( &ctx_enc, cipher_info ) );
TEST_ASSERT( 0 == cipher_setkey( &ctx_dec, key, key_len, POLARSSL_DECRYPT ) );
TEST_ASSERT( 0 == cipher_setkey( &ctx_enc, key, key_len, POLARSSL_ENCRYPT ) );
@ -397,8 +397,8 @@ void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val,
TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) );
TEST_ASSERT( 0 == cipher_free_ctx( &ctx_dec ) );
TEST_ASSERT( 0 == cipher_free_ctx( &ctx_enc ) );
cipher_free( &ctx_dec );
cipher_free( &ctx_enc );
}
/* END_CASE */
@ -423,6 +423,8 @@ void decrypt_test_vec( int cipher_id, int pad_mode,
unsigned char output[200];
size_t outlen, total_len;
cipher_init( &ctx );
memset( key, 0x00, sizeof( key ) );
memset( iv, 0x00, sizeof( iv ) );
memset( cipher, 0x00, sizeof( cipher ) );
@ -477,7 +479,7 @@ void decrypt_test_vec( int cipher_id, int pad_mode,
TEST_ASSERT( 0 == memcmp( output, clear, clear_len ) );
}
cipher_free_ctx( &ctx );
cipher_free( &ctx );
}
/* END_CASE */
@ -499,6 +501,8 @@ void auth_crypt_tv( int cipher_id, char *hex_key, char *hex_iv,
unsigned char output[200];
size_t outlen;
cipher_init( &ctx );
memset( key, 0x00, sizeof( key ) );
memset( iv, 0x00, sizeof( iv ) );
memset( cipher, 0x00, sizeof( cipher ) );
@ -563,7 +567,7 @@ void auth_crypt_tv( int cipher_id, char *hex_key, char *hex_iv,
cleanup:
cipher_free_ctx( &ctx );
cipher_free( &ctx );
}
/* END_CASE */
@ -580,6 +584,8 @@ void test_vec_ecb( int cipher_id, int operation, char *hex_key,
unsigned char output[32];
size_t outlen;
cipher_init( &ctx );
memset( key, 0x00, sizeof( key ) );
memset( input, 0x00, sizeof( input ) );
memset( result, 0x00, sizeof( result ) );
@ -610,7 +616,7 @@ void test_vec_ecb( int cipher_id, int operation, char *hex_key,
TEST_ASSERT( 0 == memcmp( output, result,
cipher_get_block_size( &ctx ) ) );
cipher_free_ctx( &ctx );
cipher_free( &ctx );
}
/* END_CASE */
@ -620,13 +626,15 @@ void set_padding( int cipher_id, int pad_mode, int ret )
const cipher_info_t *cipher_info;
cipher_context_t ctx;
cipher_init( &ctx );
cipher_info = cipher_info_from_type( cipher_id );
TEST_ASSERT( NULL != cipher_info );
TEST_ASSERT( 0 == cipher_init_ctx( &ctx, cipher_info ) );
TEST_ASSERT( ret == cipher_set_padding_mode( &ctx, pad_mode ) );
TEST_ASSERT( 0 == cipher_free_ctx( &ctx ) );
cipher_free( &ctx );
}
/* END_CASE */
@ -639,7 +647,7 @@ void check_padding( int pad_mode, char *input_str, int ret, int dlen_check )
size_t ilen, dlen;
/* build a fake context just for getting access to get_padding */
memset( &ctx, 0, sizeof( ctx ) );
cipher_init( &ctx );
cipher_info.mode = POLARSSL_MODE_CBC;
ctx.cipher_info = &cipher_info;

8
tests/suites/test_suite_ctr_drbg.function
View File

@ -45,6 +45,8 @@ void ctr_drbg_validate_pr( char *add_init_string, char *entropy_string,
TEST_ASSERT( ctr_drbg_random_with_add( &ctx, buf, 16, add2, add2_len ) == 0 );
hexify( output_str, buf, 16 );
TEST_ASSERT( strcmp( (char *) output_str, result_str ) == 0 );
ctr_drbg_free( &ctx );
}
/* END_CASE */
@ -79,6 +81,8 @@ void ctr_drbg_validate_nopr( char *add_init_string, char *entropy_string,
TEST_ASSERT( ctr_drbg_random_with_add( &ctx, buf, 16, add2, add2_len ) == 0 );
hexify( output_str, buf, 16 );
TEST_ASSERT( strcmp( (char *) output_str, result_str ) == 0 );
ctr_drbg_free( &ctx );
}
/* END_CASE */
@ -150,6 +154,8 @@ void ctr_drbg_entropy_usage( )
last_idx = test_offset_idx;
TEST_ASSERT( ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
TEST_ASSERT( test_offset_idx - last_idx == 13 );
ctr_drbg_free( &ctx );
}
/* END_CASE */
@ -161,6 +167,8 @@ void ctr_drbg_seed_file( char *path, int ret )
TEST_ASSERT( ctr_drbg_init( &ctx, rnd_std_rand, NULL, NULL, 0 ) == 0 );
TEST_ASSERT( ctr_drbg_write_seed_file( &ctx, path ) == ret );
TEST_ASSERT( ctr_drbg_update_seed_file( &ctx, path ) == ret );
ctr_drbg_free( &ctx );
}
/* END_CASE */

24
tests/suites/test_suite_des.function
View File

@ -34,6 +34,7 @@ void des_encrypt_ecb( char *hex_key_string, char *hex_src_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
des_init( &ctx );
unhexify( key_str, hex_key_string );
unhexify( src_str, hex_src_string );
@ -43,6 +44,8 @@ void des_encrypt_ecb( char *hex_key_string, char *hex_src_string,
hexify( dst_str, output, 8 );
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
des_free( &ctx );
}
/* END_CASE */
@ -60,6 +63,7 @@ void des_decrypt_ecb( char *hex_key_string, char *hex_src_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
des_init( &ctx );
unhexify( key_str, hex_key_string );
unhexify( src_str, hex_src_string );
@ -69,6 +73,8 @@ void des_decrypt_ecb( char *hex_key_string, char *hex_src_string,
hexify( dst_str, output, 8 );
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
des_free( &ctx );
}
/* END_CASE */
@ -89,6 +95,7 @@ void des_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
des_init( &ctx );
unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -102,6 +109,8 @@ void des_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
}
des_free( &ctx );
}
/* END_CASE */
@ -122,6 +131,7 @@ void des_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
des_init( &ctx );
unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -135,6 +145,8 @@ void des_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
}
des_free( &ctx );
}
/* END_CASE */
@ -152,6 +164,7 @@ void des3_encrypt_ecb( int key_count, char *hex_key_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
des3_init( &ctx );
unhexify( key_str, hex_key_string );
unhexify( src_str, hex_src_string );
@ -167,6 +180,8 @@ void des3_encrypt_ecb( int key_count, char *hex_key_string,
hexify( dst_str, output, 8 );
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
des3_free( &ctx );
}
/* END_CASE */
@ -184,6 +199,7 @@ void des3_decrypt_ecb( int key_count, char *hex_key_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
des3_init( &ctx );
unhexify( key_str, hex_key_string );
unhexify( src_str, hex_src_string );
@ -199,6 +215,8 @@ void des3_decrypt_ecb( int key_count, char *hex_key_string,
hexify( dst_str, output, 8 );
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
des3_free( &ctx );
}
/* END_CASE */
@ -220,6 +238,7 @@ void des3_encrypt_cbc( int key_count, char *hex_key_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
des3_init( &ctx );
unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -240,6 +259,8 @@ void des3_encrypt_cbc( int key_count, char *hex_key_string,
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
}
des3_free( &ctx );
}
/* END_CASE */
@ -261,6 +282,7 @@ void des3_decrypt_cbc( int key_count, char *hex_key_string,
memset(src_str, 0x00, 100);
memset(dst_str, 0x00, 100);
memset(output, 0x00, 100);
des3_init( &ctx );
unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
@ -281,6 +303,8 @@ void des3_decrypt_cbc( int key_count, char *hex_key_string,
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
}
des3_free( &ctx );
}
/* END_CASE */

6
tests/suites/test_suite_dhm.function
View File

@ -25,8 +25,8 @@ void dhm_do_dhm( int radix_P, char *input_P,
int x_size, i;
rnd_pseudo_info rnd_info;
memset( &ctx_srv, 0x00, sizeof( dhm_context ) );
memset( &ctx_cli, 0x00, sizeof( dhm_context ) );
dhm_init( &ctx_srv );
dhm_init( &ctx_cli );
memset( ske, 0x00, 1000 );
memset( pub_cli, 0x00, 1000 );
memset( sec_srv, 0x00, 1000 );
@ -103,7 +103,7 @@ void dhm_file( char *filename, char *p, char *g, int len )
dhm_context ctx;
mpi P, G;
memset( &ctx, 0, sizeof ctx );
dhm_init( &ctx );
mpi_init( &P ); mpi_init( &G );
TEST_ASSERT( mpi_read_string( &P, 16, p ) == 0 );

15
tests/suites/test_suite_hmac_shax.function
View File

@ -17,6 +17,7 @@ void sha1_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
memset(src_str, 0x00, sizeof src_str);
memset(key_str, 0x00, sizeof key_str);
sha1_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
@ -56,6 +57,8 @@ void sha1_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
sha1_free( &ctx );
}
/* END_CASE */
@ -72,6 +75,7 @@ void sha224_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
memset(src_str, 0x00, sizeof src_str);
memset(key_str, 0x00, sizeof key_str);
sha256_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
@ -111,6 +115,8 @@ void sha224_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
sha256_free( &ctx );
}
/* END_CASE */
@ -127,6 +133,7 @@ void sha256_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
memset(src_str, 0x00, sizeof src_str);
memset(key_str, 0x00, sizeof key_str);
sha256_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
@ -166,6 +173,8 @@ void sha256_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
sha256_free( &ctx );
}
/* END_CASE */
@ -182,6 +191,7 @@ void sha384_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
memset(src_str, 0x00, sizeof src_str);
memset(key_str, 0x00, sizeof key_str);
sha512_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
@ -221,6 +231,8 @@ void sha384_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
sha512_free( &ctx );
}
/* END_CASE */
@ -237,6 +249,7 @@ void sha512_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
memset(src_str, 0x00, sizeof src_str);
memset(key_str, 0x00, sizeof key_str);
sha512_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
@ -276,5 +289,7 @@ void sha512_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
sha512_free( &ctx );
}
/* END_CASE */

32
tests/suites/test_suite_md.function
View File

@ -15,7 +15,7 @@ void md_process( )
md_context_t ctx;
unsigned char buf[150];
memset( &ctx, 0, sizeof ctx );
md_init( &ctx );
/*
* Very minimal testing of md_process, just make sure the various
@ -31,7 +31,7 @@ void md_process( )
TEST_ASSERT( info != NULL );
TEST_ASSERT( md_init_ctx( &ctx, info ) == 0 );
TEST_ASSERT( md_process( &ctx, buf ) == 0 );
TEST_ASSERT( md_free_ctx( &ctx ) == 0 );
md_free( &ctx );
}
}
/* END_CASE */
@ -43,7 +43,7 @@ void md_null_args( )
const md_info_t *info = md_info_from_type( *( md_list() ) );
unsigned char buf[1] = { 0 };
memset( &ctx, 0, sizeof( md_context_t ) );
md_init( &ctx );
TEST_ASSERT( md_get_size( NULL ) == 0 );
@ -177,9 +177,11 @@ void md_text_multi( char *text_md_name, char *text_src_string,
unsigned char src_str[1000];
unsigned char hash_str[1000];
unsigned char output[100];
const md_info_t *md_info = NULL;
md_context_t ctx = MD_CONTEXT_T_INIT;
md_context_t ctx;
md_init( &ctx );
memset(md_name, 0x00, 100);
memset(src_str, 0x00, 1000);
@ -196,8 +198,8 @@ void md_text_multi( char *text_md_name, char *text_src_string,
TEST_ASSERT ( ctx.md_ctx != NULL );
TEST_ASSERT ( 0 == md_update( &ctx, src_str, strlen( (char *) src_str ) ) );
TEST_ASSERT ( 0 == md_finish( &ctx, output ) );
TEST_ASSERT ( 0 == md_free_ctx( &ctx ) );
md_free( &ctx );
hexify( hash_str, output, md_get_size(md_info) );
TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
@ -214,7 +216,9 @@ void md_hex_multi( char *text_md_name, char *hex_src_string,
unsigned char output[100];
int src_len;
const md_info_t *md_info = NULL;
md_context_t ctx = MD_CONTEXT_T_INIT;
md_context_t ctx;
md_init( &ctx );
memset(md_name, 0x00, 100);
memset(src_str, 0x00, 10000);
@ -227,13 +231,13 @@ void md_hex_multi( char *text_md_name, char *hex_src_string,
TEST_ASSERT ( 0 == md_init_ctx( &ctx, md_info ) );
src_len = unhexify( src_str, hex_src_string );
TEST_ASSERT ( 0 == md_starts( &ctx ) );
TEST_ASSERT ( ctx.md_ctx != NULL );
TEST_ASSERT ( 0 == md_update( &ctx, src_str, src_len ) );
TEST_ASSERT ( 0 == md_finish( &ctx, output ) );
TEST_ASSERT ( 0 == md_free_ctx( &ctx ) );
md_free( &ctx );
hexify( hash_str, output, md_get_size(md_info) );
TEST_ASSERT( strcmp( (char *) hash_str, hex_hash_string ) == 0 );
@ -283,7 +287,9 @@ void md_hmac_multi( char *text_md_name, int trunc_size, char *hex_key_string,
unsigned char output[100];
int key_len, src_len;
const md_info_t *md_info = NULL;
md_context_t ctx = MD_CONTEXT_T_INIT;
md_context_t ctx;
md_init( &ctx );
memset(md_name, 0x00, 100);
memset(src_str, 0x00, 10000);
@ -314,7 +320,7 @@ void md_hmac_multi( char *text_md_name, int trunc_size, char *hex_key_string,
TEST_ASSERT ( 0 == md_hmac_reset( &ctx ) );
TEST_ASSERT ( 0 == md_hmac_update( &ctx, src_str, src_len ) );
TEST_ASSERT ( 0 == md_hmac_finish( &ctx, output ) );
TEST_ASSERT ( 0 == md_free_ctx( &ctx ) );
md_free( &ctx );
hexify( hash_str, output, md_get_size(md_info) );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );

12
tests/suites/test_suite_mdx.function
View File

@ -98,6 +98,7 @@ void md2_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
memset( src_str, 0x00, sizeof src_str );
memset( key_str, 0x00, sizeof key_str );
md2_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
@ -137,6 +138,8 @@ void md2_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
md2_free( &ctx );
}
/* END_CASE */
@ -153,6 +156,7 @@ void md4_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
memset( src_str, 0x00, sizeof src_str );
memset( key_str, 0x00, sizeof key_str );
md4_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
@ -192,6 +196,8 @@ void md4_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
md4_free( &ctx );
}
/* END_CASE */
@ -208,6 +214,7 @@ void md5_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
memset( src_str, 0x00, sizeof src_str );
memset( key_str, 0x00, sizeof key_str );
md5_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
@ -247,6 +254,8 @@ void md5_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
md5_free( &ctx );
}
/* END_CASE */
@ -263,6 +272,7 @@ void ripemd160_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
memset( src_str, 0x00, sizeof src_str );
memset( key_str, 0x00, sizeof key_str );
ripemd160_init( &ctx );
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
@ -302,6 +312,8 @@ void ripemd160_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
ripemd160_free( &ctx );
}
/* END_CASE */

6
tests/suites/test_suite_pbkdf2.function
View File

@ -17,10 +17,12 @@ void pbkdf2_hmac( int hash, char *hex_password_string, char *hex_salt_string,
md_context_t ctx;
const md_info_t *info;
int pw_len, salt_len;
unsigned char key[100];
md_init( &ctx );
memset(pw_str, 0x00, 100);
memset(salt_str, 0x00, 100);
memset(dst_str, 0x00, 100);
@ -36,7 +38,7 @@ void pbkdf2_hmac( int hash, char *hex_password_string, char *hex_salt_string,
TEST_ASSERT( md_init_ctx( &ctx, info ) == 0 );
TEST_ASSERT( pbkdf2_hmac( &ctx, pw_str, pw_len, salt_str, salt_len,
it_cnt, key_len, key ) == 0 );
TEST_ASSERT( md_free_ctx( &ctx ) == 0 );
md_free( &ctx );
hexify( dst_str, key, key_len );
TEST_ASSERT( strcmp( (char *) dst_str, result_key_string ) == 0 );

4
tests/suites/test_suite_pkcs5.function
View File

@ -22,6 +22,8 @@ void pbkdf2_hmac( int hash, char *hex_password_string,
int pw_len, salt_len;
unsigned char key[100];
md_init( &ctx );
memset(pw_str, 0x00, 100);
memset(salt_str, 0x00, 100);
memset(dst_str, 0x00, 100);
@ -37,7 +39,7 @@ void pbkdf2_hmac( int hash, char *hex_password_string,
TEST_ASSERT( md_init_ctx( &ctx, info ) == 0 );
TEST_ASSERT( pkcs5_pbkdf2_hmac( &ctx, pw_str, pw_len, salt_str, salt_len,
it_cnt, key_len, key ) == 0 );
TEST_ASSERT( md_free_ctx( &ctx ) == 0 );
md_free( &ctx );
hexify( dst_str, key, key_len );
TEST_ASSERT( strcmp( (char *) dst_str, result_key_string ) == 0 );

1
tests/suites/test_suite_rsa.function
View File

@ -597,6 +597,7 @@ void rsa_gen_key( int nrbits, int exponent, int result)
}
rsa_free( &ctx );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
}
/* END_CASE */