mirror of
https://github.com/curl/curl.git
synced 2026-04-11 12:01:42 +08:00
sha256, sha512_256: switch to wolfCrypt API
Replacing the OpenSSL-like compatibility interface, and syncing with existing API use within lib/wolfssl.c for SHA-256. Ref: https://www.wolfssl.com/documentation/manuals/wolfssl/group__SHA.html Follow-up to28f0932073#21077 Follow-up to988b352f91#21078 Closes #21090
This commit is contained in:
Viktor Szakats
parent
988b352f91
commit
ff3251a538
@ -31,9 +31,9 @@
|
||||
* 1. USE_OPENSSL
|
||||
* 2. USE_WOLFSSL
|
||||
* 3. USE_GNUTLS
|
||||
* 4. USE_MBEDTLS
|
||||
* 5. USE_RUSTLS
|
||||
* 6. USE_WIN32_CRYPTO
|
||||
* 4. USE_MBEDTLS (TBD)
|
||||
* 5. USE_RUSTLS (TBD)
|
||||
* 6. USE_WIN32_CRYPTO (TBD)
|
||||
* Skip the backend if it does not support the required algorithm */
|
||||
|
||||
#ifdef USE_OPENSSL
|
||||
@ -64,16 +64,14 @@
|
||||
# endif
|
||||
# endif
|
||||
# endif
|
||||
#elif defined(USE_WOLFSSL)
|
||||
# include <wolfssl/version.h>
|
||||
# if defined(LIBWOLFSSL_VERSION_HEX) && LIBWOLFSSL_VERSION_HEX >= 0x05000000
|
||||
#endif /* USE_OPENSSL */
|
||||
|
||||
#if !defined(HAS_SHA512_256_IMPLEMENTATION) && defined(USE_WOLFSSL)
|
||||
# include <wolfssl/options.h>
|
||||
# include <wolfssl/openssl/evp.h>
|
||||
# ifndef WOLFSSL_NOSHA512_256
|
||||
# define USE_OPENSSL_SHA512_256 1
|
||||
# define USE_WOLFSSL_SHA512_256 1
|
||||
# define HAS_SHA512_256_IMPLEMENTATION 1
|
||||
# endif
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#if !defined(HAS_SHA512_256_IMPLEMENTATION) && defined(USE_GNUTLS)
|
||||
@ -101,11 +99,7 @@
|
||||
/**
|
||||
* Context type used for SHA-512/256 calculations
|
||||
*/
|
||||
#ifdef USE_OPENSSL
|
||||
typedef EVP_MD_CTX *Curl_sha512_256_ctx;
|
||||
#else
|
||||
typedef WOLFSSL_EVP_MD_CTX *Curl_sha512_256_ctx;
|
||||
#endif
|
||||
|
||||
/**
|
||||
* Initialise structure for SHA-512/256 calculation.
|
||||
@ -118,36 +112,21 @@ static CURLcode Curl_sha512_256_init(void *context)
|
||||
{
|
||||
Curl_sha512_256_ctx * const ctx = (Curl_sha512_256_ctx *)context;
|
||||
|
||||
#ifdef USE_OPENSSL
|
||||
*ctx = EVP_MD_CTX_create();
|
||||
#else
|
||||
*ctx = wolfSSL_EVP_MD_CTX_new();
|
||||
#endif
|
||||
if(!*ctx)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
|
||||
#ifdef USE_OPENSSL
|
||||
if(EVP_DigestInit_ex(*ctx, EVP_sha512_256(), NULL)) {
|
||||
/* Check whether the header and this file use the same numbers */
|
||||
DEBUGASSERT(EVP_MD_CTX_size(*ctx) == CURL_SHA512_256_DIGEST_SIZE);
|
||||
/* Check whether the block size is correct */
|
||||
DEBUGASSERT(EVP_MD_CTX_block_size(*ctx) == CURL_SHA512_256_BLOCK_SIZE);
|
||||
#else
|
||||
if(wolfSSL_EVP_DigestInit_ex(*ctx, wolfSSL_EVP_sha512_256(), NULL)) {
|
||||
/* Check whether the header and this file use the same numbers */
|
||||
DEBUGASSERT(wolfSSL_EVP_MD_CTX_size(*ctx) == CURL_SHA512_256_DIGEST_SIZE);
|
||||
/* wolfSSL_EVP_MD_CTX_block_size() returns zero as of v5.9.0 */
|
||||
#endif
|
||||
|
||||
return CURLE_OK; /* Success */
|
||||
}
|
||||
|
||||
/* Cleanup */
|
||||
#ifdef USE_OPENSSL
|
||||
EVP_MD_CTX_destroy(*ctx);
|
||||
#else
|
||||
wolfSSL_EVP_MD_CTX_free(*ctx);
|
||||
#endif
|
||||
return CURLE_FAILED_INIT;
|
||||
}
|
||||
|
||||
@ -165,11 +144,7 @@ static CURLcode Curl_sha512_256_update(void *context,
|
||||
{
|
||||
Curl_sha512_256_ctx * const ctx = (Curl_sha512_256_ctx *)context;
|
||||
|
||||
#ifdef USE_OPENSSL
|
||||
if(!EVP_DigestUpdate(*ctx, data, length))
|
||||
#else
|
||||
if(!wolfSSL_EVP_DigestUpdate(*ctx, data, length))
|
||||
#endif
|
||||
return CURLE_SSL_CIPHER;
|
||||
|
||||
return CURLE_OK;
|
||||
@ -199,24 +174,46 @@ static CURLcode Curl_sha512_256_finish(unsigned char *digest, void *context)
|
||||
memcpy(digest, tmp_digest, CURL_SHA512_256_DIGEST_SIZE);
|
||||
explicit_memset(tmp_digest, 0, sizeof(tmp_digest));
|
||||
#else /* !NEED_NETBSD_SHA512_256_WORKAROUND */
|
||||
#ifdef USE_OPENSSL
|
||||
ret = EVP_DigestFinal_ex(*ctx, digest, NULL) ? CURLE_OK : CURLE_SSL_CIPHER;
|
||||
#else
|
||||
ret = wolfSSL_EVP_DigestFinal_ex(*ctx, digest, NULL) ?
|
||||
CURLE_OK : CURLE_SSL_CIPHER;
|
||||
#endif
|
||||
#endif /* NEED_NETBSD_SHA512_256_WORKAROUND */
|
||||
|
||||
#ifdef USE_OPENSSL
|
||||
EVP_MD_CTX_destroy(*ctx);
|
||||
#else
|
||||
wolfSSL_EVP_MD_CTX_free(*ctx);
|
||||
#endif
|
||||
*ctx = NULL;
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#elif defined(USE_WOLFSSL_SHA512_256)
|
||||
#include <wolfssl/wolfcrypt/sha512.h>
|
||||
|
||||
#define CURL_SHA512_256_DIGEST_SIZE WC_SHA512_256_DIGEST_SIZE
|
||||
#define CURL_SHA512_256_BLOCK_SIZE WC_SHA512_256_BLOCK_SIZE
|
||||
|
||||
typedef struct wc_Sha512 Curl_sha512_256_ctx;
|
||||
|
||||
static CURLcode Curl_sha512_256_init(void *ctx)
|
||||
{
|
||||
if(wc_InitSha512_256(ctx))
|
||||
return CURLE_FAILED_INIT;
|
||||
return CURLE_OK;
|
||||
}
|
||||
|
||||
static CURLcode Curl_sha512_256_update(void *ctx,
|
||||
const unsigned char *data,
|
||||
size_t length)
|
||||
{
|
||||
if(wc_Sha512_256Update(ctx, data, (word32)length))
|
||||
return CURLE_SSL_CIPHER;
|
||||
return CURLE_OK;
|
||||
}
|
||||
|
||||
static CURLcode Curl_sha512_256_finish(unsigned char *digest, void *ctx)
|
||||
{
|
||||
if(wc_Sha512_256Final(ctx, digest))
|
||||
return CURLE_SSL_CIPHER;
|
||||
return CURLE_OK;
|
||||
}
|
||||
|
||||
#elif defined(USE_GNUTLS_SHA512_256)
|
||||
|
||||
#define CURL_SHA512_256_BLOCK_SIZE SHA512_256_BLOCK_SIZE
|
||||
|
||||
52
lib/sha256.c
52
lib/sha256.c
@ -50,41 +50,23 @@
|
||||
* file even if multiple backends are enabled at the same time.
|
||||
*/
|
||||
|
||||
#if defined(USE_OPENSSL) || defined(USE_WOLFSSL)
|
||||
#ifdef USE_OPENSSL
|
||||
#include <openssl/evp.h>
|
||||
#else
|
||||
#include <wolfssl/options.h>
|
||||
#include <wolfssl/openssl/evp.h>
|
||||
#endif
|
||||
|
||||
struct ossl_sha256_ctx {
|
||||
#ifdef USE_OPENSSL
|
||||
EVP_MD_CTX *openssl_ctx;
|
||||
#else
|
||||
WOLFSSL_EVP_MD_CTX *openssl_ctx;
|
||||
#endif
|
||||
};
|
||||
typedef struct ossl_sha256_ctx my_sha256_ctx;
|
||||
|
||||
static CURLcode my_sha256_init(void *in)
|
||||
{
|
||||
my_sha256_ctx *ctx = (my_sha256_ctx *)in;
|
||||
#ifdef USE_OPENSSL
|
||||
ctx->openssl_ctx = EVP_MD_CTX_create();
|
||||
#else
|
||||
ctx->openssl_ctx = wolfSSL_EVP_MD_CTX_new();
|
||||
#endif
|
||||
if(!ctx->openssl_ctx)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
|
||||
#ifdef USE_OPENSSL
|
||||
if(!EVP_DigestInit_ex(ctx->openssl_ctx, EVP_sha256(), NULL)) {
|
||||
EVP_MD_CTX_destroy(ctx->openssl_ctx);
|
||||
#else
|
||||
if(!wolfSSL_EVP_DigestInit_ex(ctx->openssl_ctx, EVP_sha256(), NULL)) {
|
||||
wolfSSL_EVP_MD_CTX_free(ctx->openssl_ctx);
|
||||
#endif
|
||||
return CURLE_FAILED_INIT;
|
||||
}
|
||||
return CURLE_OK;
|
||||
@ -95,23 +77,39 @@ static void my_sha256_update(void *in,
|
||||
unsigned int length)
|
||||
{
|
||||
my_sha256_ctx *ctx = (my_sha256_ctx *)in;
|
||||
#ifdef USE_OPENSSL
|
||||
EVP_DigestUpdate(ctx->openssl_ctx, data, length);
|
||||
#else
|
||||
wolfSSL_EVP_DigestUpdate(ctx->openssl_ctx, data, length);
|
||||
#endif
|
||||
}
|
||||
|
||||
static void my_sha256_final(unsigned char *digest, void *in)
|
||||
{
|
||||
my_sha256_ctx *ctx = (my_sha256_ctx *)in;
|
||||
#ifdef USE_OPENSSL
|
||||
EVP_DigestFinal_ex(ctx->openssl_ctx, digest, NULL);
|
||||
EVP_MD_CTX_destroy(ctx->openssl_ctx);
|
||||
#else
|
||||
wolfSSL_EVP_DigestFinal_ex(ctx->openssl_ctx, digest, NULL);
|
||||
wolfSSL_EVP_MD_CTX_free(ctx->openssl_ctx);
|
||||
#endif
|
||||
}
|
||||
|
||||
#elif defined(USE_WOLFSSL)
|
||||
#include <wolfssl/options.h>
|
||||
#include <wolfssl/wolfcrypt/sha256.h>
|
||||
|
||||
typedef struct wc_Sha256 my_sha256_ctx;
|
||||
|
||||
static CURLcode my_sha256_init(void *in)
|
||||
{
|
||||
if(wc_InitSha256(in))
|
||||
return CURLE_FAILED_INIT;
|
||||
return CURLE_OK;
|
||||
}
|
||||
|
||||
static void my_sha256_update(void *in,
|
||||
const unsigned char *data,
|
||||
unsigned int length)
|
||||
{
|
||||
(void)wc_Sha256Update(in, data, (word32)length);
|
||||
}
|
||||
|
||||
static void my_sha256_final(unsigned char *digest, void *in)
|
||||
{
|
||||
(void)wc_Sha256Final(in, digest);
|
||||
}
|
||||
|
||||
#elif defined(USE_GNUTLS)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user