Switched crypto module to use ROM SHA1/MD5.

Also disabled MD2 support by default (see MD2_ENABLE in user_config.h).
This commit is contained in:
Johny Mattsson 2015-06-05 12:12:24 +10:00
parent d855584bae
commit 223a936779
3 changed files with 36 additions and 13 deletions

View File

@ -29,35 +29,43 @@
*/ */
#include "digests.h" #include "digests.h"
#include "user_config.h" #include "user_config.h"
#include "rom.h"
#include "lwip/mem.h" #include "lwip/mem.h"
#include "lwip/arch.h"
#include "ssl/ssl_crypto.h"
#include "sha2.h"
#include <string.h> #include <string.h>
#include <c_errno.h> #include <c_errno.h>
#ifdef MD2_ENABLE
#include "ssl/ssl_crypto.h"
#endif
#ifdef SHA2_ENABLE
#include "sha2.h"
#endif
typedef char ensure_int_and_size_t_same[(sizeof(int)==sizeof(size_t)) ? 0 : -1]; typedef char ensure_int_and_size_t_same[(sizeof(int)==sizeof(size_t)) ? 0 : -1];
/* None of the functions match the prototype fully due to the void *, and in /* None of the functions match the prototype fully due to the void *, and in
some cases also the int vs size_t len, so wrap declarations in a macro. */ some cases also the int vs size_t len, so wrap declarations in a macro. */
#define MECH(pfx, ds, bs) \ #define MECH(pfx, u, ds, bs) \
{ #pfx, \ { #pfx, \
(create_ctx_fn)pfx ## _Init, \ (create_ctx_fn)pfx ## u ## Init, \
(update_ctx_fn)pfx ## _Update, \ (update_ctx_fn)pfx ## u ## Update, \
(finalize_ctx_fn)pfx ## _Final, \ (finalize_ctx_fn)pfx ## u ## Final, \
sizeof(pfx ## _CTX), \ sizeof(pfx ## _CTX), \
ds, \ ds, \
bs } bs }
static const digest_mech_info_t hash_mechs[] = static const digest_mech_info_t hash_mechs[] =
{ {
MECH(MD2, MD2_SIZE, 16) #ifdef MD2_ENABLE
,MECH(MD5, MD5_SIZE, 64) MECH(MD2, _ , MD2_SIZE, 16),
,MECH(SHA1, SHA1_SIZE, 64) #endif
MECH(MD5, , MD5_DIGEST_LENGTH, 64)
,MECH(SHA1, , SHA1_DIGEST_LENGTH, 64)
#ifdef SHA2_ENABLE #ifdef SHA2_ENABLE
,MECH(SHA256, SHA256_DIGEST_LENGTH, SHA256_BLOCK_LENGTH) ,MECH(SHA256, _ , SHA256_DIGEST_LENGTH, SHA256_BLOCK_LENGTH)
,MECH(SHA384, SHA384_DIGEST_LENGTH, SHA384_BLOCK_LENGTH) ,MECH(SHA384, _ , SHA384_DIGEST_LENGTH, SHA384_BLOCK_LENGTH)
,MECH(SHA512, SHA512_DIGEST_LENGTH, SHA512_BLOCK_LENGTH) ,MECH(SHA512, _ , SHA512_DIGEST_LENGTH, SHA512_BLOCK_LENGTH)
#endif #endif
}; };

View File

@ -15,6 +15,20 @@ extern void SHA1Init(SHA1_CTX *);
extern void SHA1Final(uint8_t[SHA1_DIGEST_LENGTH], SHA1_CTX *); extern void SHA1Final(uint8_t[SHA1_DIGEST_LENGTH], SHA1_CTX *);
extern void SHA1Update(SHA1_CTX *, const uint8_t *, unsigned int); extern void SHA1Update(SHA1_CTX *, const uint8_t *, unsigned int);
// MD5 is assumed to match the NetBSD md5.h header
#define MD5_DIGEST_LENGTH 16
typedef struct
{
uint32_t state[5];
uint32_t count[2];
uint8_t buffer[64];
} MD5_CTX;
extern void MD5Init(MD5_CTX *);
extern void MD5Update(MD5_CTX *, const unsigned char *, unsigned int);
extern void MD5Final(unsigned char[MD5_DIGEST_LENGTH], MD5_CTX *);
// base64_encode/decode derived by Cal // base64_encode/decode derived by Cal
// Appears to match base64.h from netbsd wpa utils. // Appears to match base64.h from netbsd wpa utils.
extern unsigned char * base64_encode(const unsigned char *src, size_t len, size_t *out_len); extern unsigned char * base64_encode(const unsigned char *src, size_t len, size_t *out_len);

View File

@ -41,6 +41,7 @@
#define CLIENT_SSL_ENABLE #define CLIENT_SSL_ENABLE
#define GPIO_INTERRUPT_ENABLE #define GPIO_INTERRUPT_ENABLE
//#define MD2_ENABLE
#define SHA2_ENABLE #define SHA2_ENABLE
// #define BUILD_WOFS 1 // #define BUILD_WOFS 1