mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-04-16 08:42:50 +00:00
Entropy collector and CTR-DRBG now also work on SHA-256 if SHA-512 not available
This commit is contained in:
Paul Bakker
parent
0a20171d52
commit
fb08fd2e23
@ -1326,7 +1326,7 @@
|
|||||||
|
|
||||||
// CTR_DRBG options
|
// CTR_DRBG options
|
||||||
//
|
//
|
||||||
#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default */
|
#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
|
||||||
#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
|
#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
|
||||||
#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
|
#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
|
||||||
#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
|
#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
|
||||||
@ -1382,9 +1382,18 @@
|
|||||||
#error "POLARSSL_ECP_C defined, but not all prerequisites"
|
#error "POLARSSL_ECP_C defined, but not all prerequisites"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(POLARSSL_ENTROPY_C) && !defined(POLARSSL_SHA512_C)
|
#if defined(POLARSSL_ENTROPY_C) && (!defined(POLARSSL_SHA512_C) && \
|
||||||
|
!defined(POLARSSL_SHA256_C))
|
||||||
#error "POLARSSL_ENTROPY_C defined, but not all prerequisites"
|
#error "POLARSSL_ENTROPY_C defined, but not all prerequisites"
|
||||||
#endif
|
#endif
|
||||||
|
#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SHA512_C) && \
|
||||||
|
defined(POLARSSL_CONFIG_OPTIONS) && (CTR_DRBG_ENTROPY_LEN > 64)
|
||||||
|
#error "CTR_DRBG_ENTROPY_LEN value too high"
|
||||||
|
#endif
|
||||||
|
#if defined(POLARSSL_ENTROPY_C) && !defined(POLARSSL_SHA512_C) && \
|
||||||
|
defined(POLARSSL_CONFIG_OPTIONS) && (CTR_DRBG_ENTROPY_LEN > 32)
|
||||||
|
#error "CTR_DRBG_ENTROPY_LEN value too high"
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(POLARSSL_GCM_C) && !defined(POLARSSL_AES_C)
|
#if defined(POLARSSL_GCM_C) && !defined(POLARSSL_AES_C)
|
||||||
#error "POLARSSL_GCM_C defined, but not all prerequisites"
|
#error "POLARSSL_GCM_C defined, but not all prerequisites"
|
||||||
|
|||||||
@ -43,7 +43,11 @@
|
|||||||
/**< The seed length (counter + AES key) */
|
/**< The seed length (counter + AES key) */
|
||||||
|
|
||||||
#if !defined(POLARSSL_CONFIG_OPTIONS)
|
#if !defined(POLARSSL_CONFIG_OPTIONS)
|
||||||
#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default */
|
#if defined(POLARSSL_SHA512_C)
|
||||||
|
#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
|
||||||
|
#else
|
||||||
|
#define CTR_DRBG_ENTROPY_LEN 32 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
|
||||||
|
#endif
|
||||||
#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
|
#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
|
||||||
#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
|
#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
|
||||||
#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
|
#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
|
||||||
|
|||||||
@ -31,7 +31,16 @@
|
|||||||
|
|
||||||
#include "config.h"
|
#include "config.h"
|
||||||
|
|
||||||
|
#if defined(POLARSSL_SHA512_C)
|
||||||
#include "sha512.h"
|
#include "sha512.h"
|
||||||
|
#define POLARSSL_ENTROPY_SHA512_ACCUMULATOR
|
||||||
|
#else
|
||||||
|
#if defined(POLARSSL_SHA256_C)
|
||||||
|
#define POLARSSL_ENTROPY_SHA256_ACCUMULATOR
|
||||||
|
#include "sha256.h"
|
||||||
|
#endif
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(POLARSSL_HAVEGE_C)
|
#if defined(POLARSSL_HAVEGE_C)
|
||||||
#include "havege.h"
|
#include "havege.h"
|
||||||
#endif
|
#endif
|
||||||
@ -45,7 +54,11 @@
|
|||||||
#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
|
#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
|
||||||
#endif /* !POLARSSL_CONFIG_OPTIONS */
|
#endif /* !POLARSSL_CONFIG_OPTIONS */
|
||||||
|
|
||||||
|
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
|
||||||
#define ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */
|
#define ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */
|
||||||
|
#else
|
||||||
|
#define ENTROPY_BLOCK_SIZE 32 /**< Block size of entropy accumulator (SHA-256) */
|
||||||
|
#endif
|
||||||
|
|
||||||
#define ENTROPY_SOURCE_MANUAL ENTROPY_MAX_SOURCES
|
#define ENTROPY_SOURCE_MANUAL ENTROPY_MAX_SOURCES
|
||||||
|
|
||||||
@ -83,7 +96,11 @@ source_state;
|
|||||||
*/
|
*/
|
||||||
typedef struct
|
typedef struct
|
||||||
{
|
{
|
||||||
|
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
|
||||||
sha512_context accumulator;
|
sha512_context accumulator;
|
||||||
|
#else
|
||||||
|
sha256_context accumulator;
|
||||||
|
#endif
|
||||||
int source_count;
|
int source_count;
|
||||||
source_state source[ENTROPY_MAX_SOURCES];
|
source_state source[ENTROPY_MAX_SOURCES];
|
||||||
#if defined(POLARSSL_HAVEGE_C)
|
#if defined(POLARSSL_HAVEGE_C)
|
||||||
|
|||||||
@ -439,7 +439,9 @@ struct _ssl_handshake_params
|
|||||||
md5_context fin_md5;
|
md5_context fin_md5;
|
||||||
sha1_context fin_sha1;
|
sha1_context fin_sha1;
|
||||||
sha256_context fin_sha256;
|
sha256_context fin_sha256;
|
||||||
|
#if defined(POLARSSL_SHA512_C)
|
||||||
sha512_context fin_sha512;
|
sha512_context fin_sha512;
|
||||||
|
#endif
|
||||||
|
|
||||||
void (*update_checksum)(ssl_context *, const unsigned char *, size_t);
|
void (*update_checksum)(ssl_context *, const unsigned char *, size_t);
|
||||||
void (*calc_verify)(ssl_context *, unsigned char *);
|
void (*calc_verify)(ssl_context *, unsigned char *);
|
||||||
|
|||||||
@ -40,7 +40,11 @@ void entropy_init( entropy_context *ctx )
|
|||||||
{
|
{
|
||||||
memset( ctx, 0, sizeof(entropy_context) );
|
memset( ctx, 0, sizeof(entropy_context) );
|
||||||
|
|
||||||
|
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
|
||||||
sha512_starts( &ctx->accumulator, 0 );
|
sha512_starts( &ctx->accumulator, 0 );
|
||||||
|
#else
|
||||||
|
sha256_starts( &ctx->accumulator, 0 );
|
||||||
|
#endif
|
||||||
#if defined(POLARSSL_HAVEGE_C)
|
#if defined(POLARSSL_HAVEGE_C)
|
||||||
havege_init( &ctx->havege_data );
|
havege_init( &ctx->havege_data );
|
||||||
#endif
|
#endif
|
||||||
@ -91,8 +95,11 @@ static int entropy_update( entropy_context *ctx, unsigned char source_id,
|
|||||||
|
|
||||||
if( use_len > ENTROPY_BLOCK_SIZE )
|
if( use_len > ENTROPY_BLOCK_SIZE )
|
||||||
{
|
{
|
||||||
|
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
|
||||||
sha512( data, len, tmp, 0 );
|
sha512( data, len, tmp, 0 );
|
||||||
|
#else
|
||||||
|
sha256( data, len, tmp, 0 );
|
||||||
|
#endif
|
||||||
p = tmp;
|
p = tmp;
|
||||||
use_len = ENTROPY_BLOCK_SIZE;
|
use_len = ENTROPY_BLOCK_SIZE;
|
||||||
}
|
}
|
||||||
@ -100,8 +107,13 @@ static int entropy_update( entropy_context *ctx, unsigned char source_id,
|
|||||||
header[0] = source_id;
|
header[0] = source_id;
|
||||||
header[1] = use_len & 0xFF;
|
header[1] = use_len & 0xFF;
|
||||||
|
|
||||||
|
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
|
||||||
sha512_update( &ctx->accumulator, header, 2 );
|
sha512_update( &ctx->accumulator, header, 2 );
|
||||||
sha512_update( &ctx->accumulator, p, use_len );
|
sha512_update( &ctx->accumulator, p, use_len );
|
||||||
|
#else
|
||||||
|
sha256_update( &ctx->accumulator, header, 2 );
|
||||||
|
sha256_update( &ctx->accumulator, p, use_len );
|
||||||
|
#endif
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
@ -179,6 +191,7 @@ int entropy_func( void *data, unsigned char *output, size_t len )
|
|||||||
|
|
||||||
memset( buf, 0, ENTROPY_BLOCK_SIZE );
|
memset( buf, 0, ENTROPY_BLOCK_SIZE );
|
||||||
|
|
||||||
|
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
|
||||||
sha512_finish( &ctx->accumulator, buf );
|
sha512_finish( &ctx->accumulator, buf );
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -192,6 +205,21 @@ int entropy_func( void *data, unsigned char *output, size_t len )
|
|||||||
memset( &ctx->accumulator, 0, sizeof( sha512_context ) );
|
memset( &ctx->accumulator, 0, sizeof( sha512_context ) );
|
||||||
sha512_starts( &ctx->accumulator, 0 );
|
sha512_starts( &ctx->accumulator, 0 );
|
||||||
sha512_update( &ctx->accumulator, buf, ENTROPY_BLOCK_SIZE );
|
sha512_update( &ctx->accumulator, buf, ENTROPY_BLOCK_SIZE );
|
||||||
|
#else /* POLARSSL_ENTROPY_SHA512_ACCUMULATOR */
|
||||||
|
sha256_finish( &ctx->accumulator, buf );
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Perform second SHA-256 on entropy
|
||||||
|
*/
|
||||||
|
sha256( buf, ENTROPY_BLOCK_SIZE, buf, 0 );
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Reset accumulator and counters and recycle existing entropy
|
||||||
|
*/
|
||||||
|
memset( &ctx->accumulator, 0, sizeof( sha256_context ) );
|
||||||
|
sha256_starts( &ctx->accumulator, 0 );
|
||||||
|
sha256_update( &ctx->accumulator, buf, ENTROPY_BLOCK_SIZE );
|
||||||
|
#endif /* POLARSSL_ENTROPY_SHA512_ACCUMULATOR */
|
||||||
|
|
||||||
for( i = 0; i < ctx->source_count; i++ )
|
for( i = 0; i < ctx->source_count; i++ )
|
||||||
ctx->source[i].size = 0;
|
ctx->source[i].size = 0;
|
||||||
|
|||||||
@ -2318,7 +2318,7 @@ void ssl_optimize_checksum( ssl_context *ssl,
|
|||||||
const ssl_ciphersuite_t *ciphersuite_info )
|
const ssl_ciphersuite_t *ciphersuite_info )
|
||||||
{
|
{
|
||||||
#if !defined(POLARSSL_SHA512_C)
|
#if !defined(POLARSSL_SHA512_C)
|
||||||
((void) ciphersuite);
|
((void) ciphersuite_info);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if( ssl->minor_ver < SSL_MINOR_VERSION_3 )
|
if( ssl->minor_ver < SSL_MINOR_VERSION_3 )
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user