From: Niels Möller Date: Sat, 24 Aug 2024 18:03:31 +0000 (+0200) Subject: Delete length argument to nettle_hash_digest_func. X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=d4cac403adc243ae29b66b36d078030e3b1721d8;p=thirdparty%2Fnettle.git Delete length argument to nettle_hash_digest_func. --- diff --git a/balloon.c b/balloon.c index c744160a..807dc2e6 100644 --- a/balloon.c +++ b/balloon.c @@ -53,7 +53,6 @@ static void hash(void *ctx, nettle_hash_update_func *update, nettle_hash_digest_func *digest, - size_t digest_size, uint64_t cnt, size_t a_len, const uint8_t *a, size_t b_len, const uint8_t *b, @@ -66,14 +65,13 @@ hash(void *ctx, update(ctx, a_len, a); if (b && b_len) update(ctx, b_len, b); - digest(ctx, digest_size, dst); + digest(ctx, dst); } static void hash_ints(void *ctx, nettle_hash_update_func *update, nettle_hash_digest_func *digest, - size_t digest_size, uint64_t i, uint64_t j, uint64_t k, uint8_t *dst) { @@ -82,7 +80,7 @@ hash_ints(void *ctx, LE_WRITE_UINT64(tmp + 8, j); LE_WRITE_UINT64(tmp + 16, k); update(ctx, sizeof(tmp), tmp); - digest(ctx, digest_size, dst); + digest(ctx, dst); } /* Takes length bytes long big number stored @@ -114,25 +112,25 @@ balloon(void *hash_ctx, uint8_t *buf = scratch + BS; size_t i, j, k, cnt = 0; - hash(hash_ctx, update, digest, digest_size, + hash(hash_ctx, update, digest, cnt++, passwd_length, passwd, salt_length, salt, buf); for (i = 1; i < s_cost; ++i) - hash(hash_ctx, update, digest, digest_size, + hash(hash_ctx, update, digest, cnt++, BS, buf + (i - 1) * BS, 0, NULL, buf + i * BS); for (i = 0; i < t_cost; ++i) { for (j = 0; j < s_cost; ++j) { - hash(hash_ctx, update, digest, digest_size, + hash(hash_ctx, update, digest, cnt++, BS, buf + (j ? j - 1 : s_cost - 1) * BS, BS, buf + j * BS, buf + j * BS); for (k = 0; k < DELTA; ++k) { - hash_ints(hash_ctx, update, digest, digest_size, i, j, k, block); - hash(hash_ctx, update, digest, digest_size, + hash_ints(hash_ctx, update, digest, i, j, k, block); + hash(hash_ctx, update, digest, cnt++, salt_length, salt, BS, block, block); - hash(hash_ctx, update, digest, digest_size, + hash(hash_ctx, update, digest, cnt++, BS, buf + j * BS, BS, buf + block_to_int(BS, block, s_cost) * BS, buf + j * BS); diff --git a/chacha-poly1305.c b/chacha-poly1305.c index ea8b2952..27f18a2c 100644 --- a/chacha-poly1305.c +++ b/chacha-poly1305.c @@ -154,7 +154,7 @@ chacha_poly1305_decrypt (struct chacha_poly1305_ctx *ctx, void chacha_poly1305_digest (struct chacha_poly1305_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { uint8_t buf[16]; @@ -165,5 +165,5 @@ chacha_poly1305_digest (struct chacha_poly1305_ctx *ctx, _nettle_poly1305_block (&ctx->poly1305, buf, 1); _nettle_poly1305_digest (&ctx->poly1305, &ctx->s); - memcpy (digest, &ctx->s.b, length); + memcpy (digest, &ctx->s.b, CHACHA_POLY1305_DIGEST_SIZE); } diff --git a/chacha-poly1305.h b/chacha-poly1305.h index ce40b77a..03f12e03 100644 --- a/chacha-poly1305.h +++ b/chacha-poly1305.h @@ -89,7 +89,7 @@ chacha_poly1305_decrypt (struct chacha_poly1305_ctx *ctx, void chacha_poly1305_digest (struct chacha_poly1305_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); #ifdef __cplusplus } diff --git a/cmac-aes128.c b/cmac-aes128.c index e53e114e..bb2983de 100644 --- a/cmac-aes128.c +++ b/cmac-aes128.c @@ -54,7 +54,7 @@ cmac_aes128_update (struct cmac_aes128_ctx *ctx, void cmac_aes128_digest(struct cmac_aes128_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - CMAC128_DIGEST(ctx, aes128_encrypt, length, digest); + CMAC128_DIGEST(ctx, aes128_encrypt, digest); } diff --git a/cmac-aes256.c b/cmac-aes256.c index ec3b50db..e6400ab6 100644 --- a/cmac-aes256.c +++ b/cmac-aes256.c @@ -54,7 +54,7 @@ cmac_aes256_update (struct cmac_aes256_ctx *ctx, void cmac_aes256_digest(struct cmac_aes256_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - CMAC128_DIGEST(ctx, aes256_encrypt, length, digest); + CMAC128_DIGEST(ctx, aes256_encrypt, digest); } diff --git a/cmac-des3.c b/cmac-des3.c index 3715d5ee..deb95610 100644 --- a/cmac-des3.c +++ b/cmac-des3.c @@ -54,8 +54,8 @@ cmac_des3_update (struct cmac_des3_ctx *ctx, void cmac_des3_digest (struct cmac_des3_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - CMAC64_DIGEST (ctx, des3_encrypt, length, digest); + CMAC64_DIGEST (ctx, des3_encrypt, digest); } diff --git a/cmac.c b/cmac.c index af9b3c2c..e39c8c5d 100644 --- a/cmac.c +++ b/cmac.c @@ -118,7 +118,7 @@ cmac128_update(struct cmac128_ctx *ctx, const void *cipher, void cmac128_digest(struct cmac128_ctx *ctx, const struct cmac128_key *key, const void *cipher, nettle_cipher_func *encrypt, - unsigned length, uint8_t *dst) + uint8_t *dst) { union nettle_block16 Y; @@ -137,16 +137,7 @@ cmac128_digest(struct cmac128_ctx *ctx, const struct cmac128_key *key, block16_xor3 (&Y, &ctx->block, &ctx->X); - assert(length <= 16); - if (length == 16) - { - encrypt(cipher, 16, dst, Y.b); - } - else - { - encrypt(cipher, 16, ctx->block.b, Y.b); - memcpy(dst, ctx->block.b, length); - } + encrypt(cipher, 16, dst, Y.b); /* reset state for re-use */ cmac128_init(ctx); diff --git a/cmac.h b/cmac.h index ecad3778..a25ea0d6 100644 --- a/cmac.h +++ b/cmac.h @@ -112,7 +112,7 @@ cmac128_update(struct cmac128_ctx *ctx, const void *cipher, void cmac128_digest(struct cmac128_ctx *ctx, const struct cmac128_key *key, const void *cipher, nettle_cipher_func *encrypt, - unsigned length, uint8_t *digest); + uint8_t *digest); #define CMAC128_CTX(type) \ @@ -136,13 +136,13 @@ cmac128_digest(struct cmac128_ctx *ctx, const struct cmac128_key *key, (nettle_cipher_func *)encrypt, \ (length), (src))) -#define CMAC128_DIGEST(self, encrypt, length, digest) \ +#define CMAC128_DIGEST(self, encrypt, digest) \ (0 ? (encrypt)(&(self)->cipher, ~(size_t) 0, \ (uint8_t *) 0, (const uint8_t *) 0) \ : cmac128_digest(&(self)->ctx, &(self)->key, \ &(self)->cipher, \ (nettle_cipher_func *) (encrypt), \ - (length), (digest))) + (digest))) void cmac64_set_key(struct cmac64_key *key, const void *cipher, @@ -159,7 +159,7 @@ cmac64_update(struct cmac64_ctx *ctx, const void *cipher, void cmac64_digest(struct cmac64_ctx *ctx, const struct cmac64_key *key, const void *cipher, nettle_cipher_func *encrypt, - unsigned length, uint8_t *digest); + uint8_t *digest); #define CMAC64_CTX(type) \ @@ -183,13 +183,13 @@ cmac64_digest(struct cmac64_ctx *ctx, const struct cmac64_key *key, (nettle_cipher_func *)encrypt, \ (length), (src))) -#define CMAC64_DIGEST(self, encrypt, length, digest) \ +#define CMAC64_DIGEST(self, encrypt, digest) \ (0 ? (encrypt)(&(self)->cipher, ~(size_t) 0, \ (uint8_t *) 0, (const uint8_t *) 0) \ : cmac64_digest(&(self)->ctx, &(self)->key, \ &(self)->cipher, \ (nettle_cipher_func *) (encrypt), \ - (length), (digest))) + (digest))) struct cmac_aes128_ctx CMAC128_CTX(struct aes128_ctx); @@ -202,7 +202,7 @@ cmac_aes128_update(struct cmac_aes128_ctx *ctx, void cmac_aes128_digest(struct cmac_aes128_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); struct cmac_aes256_ctx CMAC128_CTX(struct aes256_ctx); @@ -215,7 +215,7 @@ cmac_aes256_update(struct cmac_aes256_ctx *ctx, void cmac_aes256_digest(struct cmac_aes256_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); struct cmac_des3_ctx CMAC64_CTX(struct des3_ctx); @@ -228,7 +228,7 @@ cmac_des3_update(struct cmac_des3_ctx *ctx, void cmac_des3_digest(struct cmac_des3_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); #ifdef __cplusplus } diff --git a/cmac64.c b/cmac64.c index e4be1b54..a45615bb 100644 --- a/cmac64.c +++ b/cmac64.c @@ -118,7 +118,7 @@ cmac64_update(struct cmac64_ctx *ctx, const void *cipher, void cmac64_digest(struct cmac64_ctx *ctx, const struct cmac64_key *key, const void *cipher, nettle_cipher_func *encrypt, - unsigned length, uint8_t *dst) + uint8_t *dst) { union nettle_block8 Y; @@ -136,17 +136,7 @@ cmac64_digest(struct cmac64_ctx *ctx, const struct cmac64_key *key, } block8_xor3(&Y, &ctx->block, &ctx->X); - - assert(length <= 8); - if (length == 8) - { - encrypt(cipher, 8, dst, Y.b); - } - else - { - encrypt(cipher, 8, ctx->block.b, Y.b); - memcpy(dst, ctx->block.b, length); - } + encrypt(cipher, 8, dst, Y.b); /* reset state for re-use */ memset(&ctx->X, 0, sizeof(ctx->X)); diff --git a/eax-aes128.c b/eax-aes128.c index 6165110e..606e0b10 100644 --- a/eax-aes128.c +++ b/eax-aes128.c @@ -72,7 +72,7 @@ eax_aes128_decrypt(struct eax_aes128_ctx *ctx, void eax_aes128_digest(struct eax_aes128_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - EAX_DIGEST(ctx, aes128_encrypt, length, digest); + EAX_DIGEST(ctx, aes128_encrypt, digest); } diff --git a/eax.c b/eax.c index f0b6fac5..eb7f1dbf 100644 --- a/eax.c +++ b/eax.c @@ -135,13 +135,11 @@ eax_decrypt (struct eax_ctx *eax, const struct eax_key *key, void eax_digest (struct eax_ctx *eax, const struct eax_key *key, const void *cipher, nettle_cipher_func *f, - size_t length, uint8_t *digest) + uint8_t *digest) { - assert (length > 0); - assert (length <= EAX_BLOCK_SIZE); omac_final (&eax->omac_data, key, cipher, f); omac_final (&eax->omac_message, key, cipher, f); block16_xor (&eax->omac_nonce, &eax->omac_data); - memxor3 (digest, eax->omac_nonce.b, eax->omac_message.b, length); + memxor3 (digest, eax->omac_nonce.b, eax->omac_message.b, EAX_DIGEST_SIZE); } diff --git a/eax.h b/eax.h index e9747f3c..874ace9e 100644 --- a/eax.h +++ b/eax.h @@ -104,7 +104,7 @@ eax_decrypt (struct eax_ctx *eax, const struct eax_key *key, void eax_digest (struct eax_ctx *eax, const struct eax_key *key, const void *cipher, nettle_cipher_func *f, - size_t length, uint8_t *digest); + uint8_t *digest); /* Put the cipher last, to get cipher-independent offsets for the EAX * state. */ @@ -147,12 +147,12 @@ eax_digest (struct eax_ctx *eax, const struct eax_key *key, &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \ (length), (dst), (src))) -#define EAX_DIGEST(ctx, encrypt, length, digest) \ +#define EAX_DIGEST(ctx, encrypt, digest) \ (0 ? (encrypt) (&(ctx)->cipher, ~(size_t) 0, \ (uint8_t *) 0, (const uint8_t *) 0) \ : eax_digest (&(ctx)->eax, &(ctx)->key, \ &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \ - (length), (digest))) + (digest))) struct eax_aes128_ctx EAX_CTX(struct aes128_ctx); @@ -176,7 +176,7 @@ eax_aes128_decrypt(struct eax_aes128_ctx *ctx, size_t length, uint8_t *dst, const uint8_t *src); void -eax_aes128_digest(struct eax_aes128_ctx *ctx, size_t length, uint8_t *digest); +eax_aes128_digest(struct eax_aes128_ctx *ctx, uint8_t *digest); #ifdef __cplusplus } diff --git a/ed448-shake256.c b/ed448-shake256.c index 25d878f0..4522a158 100644 --- a/ed448-shake256.c +++ b/ed448-shake256.c @@ -33,6 +33,7 @@ # include "config.h" #endif +#include "eddsa.h" #include "eddsa-internal.h" #include "nettle-types.h" @@ -50,10 +51,16 @@ ed448_dom(void *ctx) sha3_256_update (ctx, DOM_SIZE, dom); } +static void +ed448_digest(struct sha3_256_ctx *ctx, uint8_t *digest) +{ + sha3_256_shake(ctx, 2*ED448_KEY_SIZE, digest); +} + const struct ecc_eddsa _nettle_ed448_shake256 = { (nettle_hash_update_func *) sha3_256_update, - (nettle_hash_digest_func *) sha3_256_shake, + (nettle_hash_digest_func *) ed448_digest, ed448_dom, ~(mp_limb_t) 3, (mp_limb_t) 1 << (447 % GMP_NUMB_BITS), diff --git a/eddsa-expand.c b/eddsa-expand.c index ca7fe717..07c6c0fa 100644 --- a/eddsa-expand.c +++ b/eddsa-expand.c @@ -55,7 +55,7 @@ _eddsa_expand_key (const struct ecc_curve *ecc, size_t nbytes = 1 + ecc->p.bit_size / 8; eddsa->update (ctx, nbytes, key); - eddsa->digest (ctx, 2*nbytes, digest); + eddsa->digest (ctx, digest); /* For ed448, ignores the most significant byte. */ mpn_set_base256_le (k2, ecc->p.size, digest, (ecc->p.bit_size + 7) / 8); diff --git a/eddsa-internal.h b/eddsa-internal.h index 098ab39c..002dbfc3 100644 --- a/eddsa-internal.h +++ b/eddsa-internal.h @@ -57,7 +57,7 @@ typedef void nettle_eddsa_dom_func(void *ctx); struct ecc_eddsa { - /* Hash function to use */ + /* Hash function to use, digest size must be 2*key-size. */ nettle_hash_update_func *update; nettle_hash_digest_func *digest; nettle_eddsa_dom_func *dom; diff --git a/eddsa-sign.c b/eddsa-sign.c index 007b2af9..b471fd5f 100644 --- a/eddsa-sign.c +++ b/eddsa-sign.c @@ -78,7 +78,7 @@ _eddsa_sign (const struct ecc_curve *ecc, eddsa->dom (ctx); eddsa->update (ctx, nbytes, k1); eddsa->update (ctx, length, msg); - eddsa->digest (ctx, 2*nbytes, hash); + eddsa->digest (ctx, hash); _eddsa_hash (&ecc->q, rp, 2*nbytes, hash); ecc->mul_g (ecc, P, rp, scratch_out); @@ -88,7 +88,7 @@ _eddsa_sign (const struct ecc_curve *ecc, eddsa->update (ctx, nbytes, signature); eddsa->update (ctx, nbytes, pub); eddsa->update (ctx, length, msg); - eddsa->digest (ctx, 2*nbytes, hash); + eddsa->digest (ctx, hash); _eddsa_hash (&ecc->q, hp, 2*nbytes, hash); ecc_mod_mul (&ecc->q, sp, hp, k2, sp); diff --git a/eddsa-verify.c b/eddsa-verify.c index 10d075ee..fcbb8c15 100644 --- a/eddsa-verify.c +++ b/eddsa-verify.c @@ -105,7 +105,7 @@ _eddsa_verify (const struct ecc_curve *ecc, eddsa->update (ctx, nbytes, signature); eddsa->update (ctx, nbytes, pub); eddsa->update (ctx, length, msg); - eddsa->digest (ctx, 2*nbytes, hash); + eddsa->digest (ctx, hash); _eddsa_hash (&ecc->q, hp, 2*nbytes, hash); /* Compute h A + R - s G, which should be the neutral point */ diff --git a/examples/hogweed-benchmark.c b/examples/hogweed-benchmark.c index 3f858833..57809924 100644 --- a/examples/hogweed-benchmark.c +++ b/examples/hogweed-benchmark.c @@ -98,7 +98,7 @@ hash_string (const struct nettle_hash *hash, const char *s) uint8_t *digest = xalloc (hash->digest_size); hash->init (ctx); hash->update (ctx, strlen(s), (const uint8_t *) s); - hash->digest (ctx, hash->digest_size, digest); + hash->digest (ctx, digest); free (ctx); return digest; diff --git a/examples/nettle-benchmark.c b/examples/nettle-benchmark.c index 2a11a694..70c4513e 100644 --- a/examples/nettle-benchmark.c +++ b/examples/nettle-benchmark.c @@ -475,7 +475,6 @@ struct bench_hmac_info nettle_hash_update_func *update; nettle_hash_digest_func *digest; size_t length; - size_t digest_length; const uint8_t *data; }; @@ -493,7 +492,7 @@ bench_hmac(void *arg) length : BENCH_BLOCK - pos; info->update(info->ctx, single, info->data + pos); - info->digest(info->ctx, info->digest_length, digest); + info->digest(info->ctx, digest); } } @@ -525,7 +524,6 @@ time_hmac_md5(void) info.ctx = &md5_ctx; info.update = (nettle_hash_update_func *) hmac_md5_update; info.digest = (nettle_hash_digest_func *) hmac_md5_digest; - info.digest_length = MD5_DIGEST_SIZE; for (pos = 0; hmac_tests[pos].length != 0; pos++) { @@ -550,7 +548,6 @@ time_hmac_sha1(void) info.ctx = &sha1_ctx; info.update = (nettle_hash_update_func *) hmac_sha1_update; info.digest = (nettle_hash_digest_func *) hmac_sha1_digest; - info.digest_length = SHA1_DIGEST_SIZE; for (pos = 0; hmac_tests[pos].length != 0; pos++) { @@ -575,7 +572,6 @@ time_hmac_sha256(void) info.ctx = &sha256_ctx; info.update = (nettle_hash_update_func *) hmac_sha256_update; info.digest = (nettle_hash_digest_func *) hmac_sha256_digest; - info.digest_length = SHA256_DIGEST_SIZE; for (pos = 0; hmac_tests[pos].length != 0; pos++) { @@ -600,7 +596,6 @@ time_hmac_sha512(void) info.ctx = &sha512_ctx; info.update = (nettle_hash_update_func *) hmac_sha512_update; info.digest = (nettle_hash_digest_func *) hmac_sha512_digest; - info.digest_length = SHA512_DIGEST_SIZE; for (pos = 0; hmac_tests[pos].length != 0; pos++) { diff --git a/examples/nettle-openssl.c b/examples/nettle-openssl.c index cb179416..232f08b7 100644 --- a/examples/nettle-openssl.c +++ b/examples/nettle-openssl.c @@ -123,10 +123,10 @@ openssl_evp_update(void *p, size_t length, const uint8_t *src) /* This will work for encryption only! */ static void -openssl_evp_gcm_digest(void *p, size_t length, uint8_t *dst) +openssl_evp_gcm_digest(void *p, uint8_t *dst) { const struct openssl_cipher_ctx *ctx = p; - int ret = EVP_CIPHER_CTX_ctrl(ctx->evp, EVP_CTRL_GCM_GET_TAG, length, dst); + int ret = EVP_CIPHER_CTX_ctrl(ctx->evp, EVP_CTRL_GCM_GET_TAG, 16, dst); assert(ret == 1); } @@ -303,11 +303,9 @@ openssl_##name##_init(void *p) \ } \ \ static void \ -openssl_##name##_digest(void *p, \ - size_t length, uint8_t *dst) \ +openssl_##name##_digest(void *p, uint8_t *dst) \ { \ struct openssl_hash_ctx *ctx = p; \ - assert(length == NAME##_DIGEST_SIZE); \ \ EVP_DigestFinal(ctx->evp, dst, NULL); \ EVP_DigestInit(ctx->evp, EVP_##name()); \ diff --git a/examples/rsa-decrypt.c b/examples/rsa-decrypt.c index ab727bc1..d8777802 100644 --- a/examples/rsa-decrypt.c +++ b/examples/rsa-decrypt.c @@ -182,7 +182,7 @@ process_file(struct rsa_session *ctx, return 0; } } - hmac_sha1_digest(&ctx->hmac, SHA1_DIGEST_SIZE, digest); + hmac_sha1_digest(&ctx->hmac, digest); if (!memeql_sec(digest, buffer + AES_BLOCK_SIZE, SHA1_DIGEST_SIZE)) { werror("Decryption failed: Invalid mac.\n"); diff --git a/examples/rsa-encrypt.c b/examples/rsa-encrypt.c index 63059ce6..d69e465f 100644 --- a/examples/rsa-encrypt.c +++ b/examples/rsa-encrypt.c @@ -140,7 +140,7 @@ process_file(struct rsa_session *ctx, assert (size + SHA1_DIGEST_SIZE <= sizeof(buffer)); - hmac_sha1_digest(&ctx->hmac, SHA1_DIGEST_SIZE, buffer + size); + hmac_sha1_digest(&ctx->hmac, buffer + size); size += SHA1_DIGEST_SIZE; if (!write_data(out, size, buffer)) diff --git a/gcm-aes128.c b/gcm-aes128.c index 7ff06199..f2444328 100644 --- a/gcm-aes128.c +++ b/gcm-aes128.c @@ -86,7 +86,7 @@ gcm_aes128_decrypt(struct gcm_aes128_ctx *ctx, void gcm_aes128_digest(struct gcm_aes128_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - GCM_DIGEST(ctx, aes128_encrypt, length, digest); + GCM_DIGEST(ctx, aes128_encrypt, digest); } diff --git a/gcm-aes192.c b/gcm-aes192.c index 83c32e02..673e76f5 100644 --- a/gcm-aes192.c +++ b/gcm-aes192.c @@ -86,7 +86,7 @@ gcm_aes192_decrypt(struct gcm_aes192_ctx *ctx, void gcm_aes192_digest(struct gcm_aes192_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - GCM_DIGEST(ctx, aes192_encrypt, length, digest); + GCM_DIGEST(ctx, aes192_encrypt, digest); } diff --git a/gcm-aes256.c b/gcm-aes256.c index 4974001f..f2eabf3d 100644 --- a/gcm-aes256.c +++ b/gcm-aes256.c @@ -86,7 +86,7 @@ gcm_aes256_decrypt(struct gcm_aes256_ctx *ctx, void gcm_aes256_digest(struct gcm_aes256_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - GCM_DIGEST(ctx, aes256_encrypt, length, digest); + GCM_DIGEST(ctx, aes256_encrypt, digest); } diff --git a/gcm-camellia128.c b/gcm-camellia128.c index e6630f52..24f286ba 100644 --- a/gcm-camellia128.c +++ b/gcm-camellia128.c @@ -73,7 +73,7 @@ gcm_camellia128_decrypt(struct gcm_camellia128_ctx *ctx, void gcm_camellia128_digest(struct gcm_camellia128_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - GCM_DIGEST(ctx, camellia128_crypt, length, digest); + GCM_DIGEST(ctx, camellia128_crypt, digest); } diff --git a/gcm-camellia256.c b/gcm-camellia256.c index c725ef45..a682989b 100644 --- a/gcm-camellia256.c +++ b/gcm-camellia256.c @@ -73,7 +73,7 @@ gcm_camellia256_decrypt(struct gcm_camellia256_ctx *ctx, void gcm_camellia256_digest(struct gcm_camellia256_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - GCM_DIGEST(ctx, camellia256_crypt, length, digest); + GCM_DIGEST(ctx, camellia256_crypt, digest); } diff --git a/gcm-sm4.c b/gcm-sm4.c index 19d91ae9..427593cc 100644 --- a/gcm-sm4.c +++ b/gcm-sm4.c @@ -75,7 +75,7 @@ gcm_sm4_decrypt(struct gcm_sm4_ctx *ctx, void gcm_sm4_digest(struct gcm_sm4_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - GCM_DIGEST(ctx, sm4_crypt, length, digest); + GCM_DIGEST(ctx, sm4_crypt, digest); } diff --git a/gcm.c b/gcm.c index 1e015b9d..ab74b72d 100644 --- a/gcm.c +++ b/gcm.c @@ -231,17 +231,16 @@ gcm_decrypt(struct gcm_ctx *ctx, const struct gcm_key *key, void gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key, const void *cipher, nettle_cipher_func *f, - size_t length, uint8_t *digest) + uint8_t *digest) { + /* FIXME: Reuse digest area? */ union nettle_block16 buffer; - assert (length <= GCM_BLOCK_SIZE); - gcm_hash_sizes(key, &ctx->x, ctx->auth_size, ctx->data_size); f (cipher, GCM_BLOCK_SIZE, buffer.b, ctx->iv.b); block16_xor (&buffer, &ctx->x); - memcpy (digest, buffer.b, length); + memcpy (digest, buffer.b, GCM_DIGEST_SIZE); return; } diff --git a/gcm.h b/gcm.h index 040ddd82..ca3f9c40 100644 --- a/gcm.h +++ b/gcm.h @@ -151,7 +151,7 @@ gcm_decrypt(struct gcm_ctx *ctx, const struct gcm_key *key, void gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key, const void *cipher, nettle_cipher_func *f, - size_t length, uint8_t *digest); + uint8_t *digest); /* Convenience macrology (not sure how useful it is) */ /* All-in-one context, with hash subkey, message state, and cipher. */ @@ -188,12 +188,12 @@ gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key, (nettle_cipher_func *) (encrypt), \ (length), (dst), (src))) -#define GCM_DIGEST(ctx, encrypt, length, digest) \ +#define GCM_DIGEST(ctx, encrypt, digest) \ (0 ? (encrypt)(&(ctx)->cipher, ~(size_t) 0, \ (uint8_t *) 0, (const uint8_t *) 0) \ : gcm_digest(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \ (nettle_cipher_func *) (encrypt), \ - (length), (digest))) + (digest))) struct gcm_aes128_ctx GCM_CTX(struct aes128_ctx); @@ -219,7 +219,7 @@ gcm_aes128_decrypt(struct gcm_aes128_ctx *ctx, void gcm_aes128_digest(struct gcm_aes128_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); struct gcm_aes192_ctx GCM_CTX(struct aes192_ctx); @@ -243,7 +243,7 @@ gcm_aes192_decrypt(struct gcm_aes192_ctx *ctx, void gcm_aes192_digest(struct gcm_aes192_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); struct gcm_aes256_ctx GCM_CTX(struct aes256_ctx); @@ -267,7 +267,7 @@ gcm_aes256_decrypt(struct gcm_aes256_ctx *ctx, void gcm_aes256_digest(struct gcm_aes256_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); struct gcm_camellia128_ctx GCM_CTX(struct camellia128_ctx); @@ -283,7 +283,7 @@ void gcm_camellia128_encrypt(struct gcm_camellia128_ctx *ctx, void gcm_camellia128_decrypt(struct gcm_camellia128_ctx *ctx, size_t length, uint8_t *dst, const uint8_t *src); void gcm_camellia128_digest(struct gcm_camellia128_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); struct gcm_camellia256_ctx GCM_CTX(struct camellia256_ctx); @@ -299,7 +299,7 @@ void gcm_camellia256_encrypt(struct gcm_camellia256_ctx *ctx, void gcm_camellia256_decrypt(struct gcm_camellia256_ctx *ctx, size_t length, uint8_t *dst, const uint8_t *src); void gcm_camellia256_digest(struct gcm_camellia256_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); struct gcm_sm4_ctx GCM_CTX(struct sm4_ctx); @@ -314,7 +314,7 @@ void gcm_sm4_encrypt(struct gcm_sm4_ctx *ctx, void gcm_sm4_decrypt(struct gcm_sm4_ctx *ctx, size_t length, uint8_t *dst, const uint8_t *src); void gcm_sm4_digest(struct gcm_sm4_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); #ifdef __cplusplus diff --git a/gosthash94.c b/gosthash94.c index 81663e7f..3a9b86ed 100644 --- a/gosthash94.c +++ b/gosthash94.c @@ -341,13 +341,11 @@ gosthash94cp_update (struct gosthash94_ctx *ctx, */ static void gosthash94_write_digest (struct gosthash94_ctx *ctx, - size_t length, uint8_t *result, + uint8_t *result, const uint32_t sbox[4][256]) { uint32_t msg32[GOSTHASH94_BLOCK_SIZE / 4]; - assert(length <= GOSTHASH94_DIGEST_SIZE); - /* pad the last block with zeroes and hash it */ if (ctx->index > 0) { @@ -364,22 +362,22 @@ gosthash94_write_digest (struct gosthash94_ctx *ctx, gost_block_compress (ctx, ctx->sum, sbox); /* convert hash state to result bytes */ - _nettle_write_le32(length, result, ctx->hash); + _nettle_write_le32(GOSTHASH94_DIGEST_SIZE, result, ctx->hash); gosthash94_init (ctx); } void gosthash94_digest (struct gosthash94_ctx *ctx, - size_t length, uint8_t *result) + uint8_t *result) { - gosthash94_write_digest (ctx, length, result, + gosthash94_write_digest (ctx, result, _nettle_gost28147_param_test_3411.sbox); } void gosthash94cp_digest (struct gosthash94_ctx *ctx, - size_t length, uint8_t *result) + uint8_t *result) { - gosthash94_write_digest (ctx, length, result, + gosthash94_write_digest (ctx, result, _nettle_gost28147_param_CryptoPro_3411.sbox); } diff --git a/gosthash94.h b/gosthash94.h index 0efd6412..4231c528 100644 --- a/gosthash94.h +++ b/gosthash94.h @@ -97,13 +97,13 @@ void gosthash94_init(struct gosthash94_ctx *ctx); void gosthash94_update(struct gosthash94_ctx *ctx, size_t length, const uint8_t *msg); void gosthash94_digest(struct gosthash94_ctx *ctx, - size_t length, uint8_t *result); + uint8_t *result); #define gosthash94cp_init gosthash94_init void gosthash94cp_update(struct gosthash94_ctx *ctx, size_t length, const uint8_t *msg); void gosthash94cp_digest(struct gosthash94_ctx *ctx, - size_t length, uint8_t *result); + uint8_t *result); #ifdef __cplusplus } diff --git a/hkdf.c b/hkdf.c index 2d7336a5..775644d5 100644 --- a/hkdf.c +++ b/hkdf.c @@ -38,20 +38,23 @@ # include "config.h" #endif +#include + #include "hkdf.h" +#include "nettle-internal.h" + /* hkdf_extract: Outputs a PRK of digest_size */ void hkdf_extract(void *mac_ctx, nettle_hash_update_func *update, nettle_hash_digest_func *digest, - size_t digest_size, size_t secret_size, const uint8_t *secret, uint8_t *dst) { update(mac_ctx, secret_size, secret); - digest(mac_ctx, digest_size, dst); + digest(mac_ctx, dst); } /* hkdf_expand: Outputs an arbitrary key of size specified by length @@ -64,6 +67,7 @@ hkdf_expand(void *mac_ctx, size_t info_size, const uint8_t *info, size_t length, uint8_t *dst) { + TMP_DECL(buf, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE); uint8_t i = 1; if (!length) @@ -73,12 +77,15 @@ hkdf_expand(void *mac_ctx, { update(mac_ctx, info_size, info); update(mac_ctx, 1, &i); - if (length <= digest_size) + if (length < digest_size) break; - digest(mac_ctx, digest_size, dst); + digest(mac_ctx, dst); + if (length == digest_size) + return; update(mac_ctx, digest_size, dst); } - - digest(mac_ctx, length, dst); + TMP_ALLOC (buf, digest_size); + digest(mac_ctx, buf); + memcpy (dst, buf, length); } diff --git a/hkdf.h b/hkdf.h index 43b16ad4..486552b0 100644 --- a/hkdf.h +++ b/hkdf.h @@ -48,7 +48,6 @@ void hkdf_extract(void *mac_ctx, nettle_hash_update_func *update, nettle_hash_digest_func *digest, - size_t digest_size, size_t secret_size, const uint8_t *secret, uint8_t *dst); diff --git a/hmac-gosthash94.c b/hmac-gosthash94.c index 66b62854..ea72470c 100644 --- a/hmac-gosthash94.c +++ b/hmac-gosthash94.c @@ -53,9 +53,9 @@ hmac_gosthash94_update(struct hmac_gosthash94_ctx *ctx, void hmac_gosthash94_digest(struct hmac_gosthash94_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - HMAC_DIGEST(ctx, &nettle_gosthash94, length, digest); + HMAC_DIGEST(ctx, &nettle_gosthash94, digest); } void @@ -73,7 +73,7 @@ hmac_gosthash94cp_update(struct hmac_gosthash94cp_ctx *ctx, } void hmac_gosthash94cp_digest(struct hmac_gosthash94cp_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - HMAC_DIGEST(ctx, &nettle_gosthash94cp, length, digest); + HMAC_DIGEST(ctx, &nettle_gosthash94cp, digest); } diff --git a/hmac-md5.c b/hmac-md5.c index a27e64f6..afbdc521 100644 --- a/hmac-md5.c +++ b/hmac-md5.c @@ -53,7 +53,7 @@ hmac_md5_update(struct hmac_md5_ctx *ctx, void hmac_md5_digest(struct hmac_md5_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - HMAC_DIGEST(ctx, &nettle_md5, length, digest); + HMAC_DIGEST(ctx, &nettle_md5, digest); } diff --git a/hmac-ripemd160.c b/hmac-ripemd160.c index 24e2cbe7..4776ae86 100644 --- a/hmac-ripemd160.c +++ b/hmac-ripemd160.c @@ -53,7 +53,7 @@ hmac_ripemd160_update(struct hmac_ripemd160_ctx *ctx, void hmac_ripemd160_digest(struct hmac_ripemd160_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - HMAC_DIGEST(ctx, &nettle_ripemd160, length, digest); + HMAC_DIGEST(ctx, &nettle_ripemd160, digest); } diff --git a/hmac-sha1.c b/hmac-sha1.c index 5e7188f9..108f9216 100644 --- a/hmac-sha1.c +++ b/hmac-sha1.c @@ -53,7 +53,7 @@ hmac_sha1_update(struct hmac_sha1_ctx *ctx, void hmac_sha1_digest(struct hmac_sha1_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - HMAC_DIGEST(ctx, &nettle_sha1, length, digest); + HMAC_DIGEST(ctx, &nettle_sha1, digest); } diff --git a/hmac-sha224.c b/hmac-sha224.c index c5bc8750..b1d6e594 100644 --- a/hmac-sha224.c +++ b/hmac-sha224.c @@ -46,7 +46,7 @@ hmac_sha224_set_key(struct hmac_sha224_ctx *ctx, void hmac_sha224_digest(struct hmac_sha224_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - HMAC_DIGEST(ctx, &nettle_sha224, length, digest); + HMAC_DIGEST(ctx, &nettle_sha224, digest); } diff --git a/hmac-sha256.c b/hmac-sha256.c index af5cc0f1..caa55f4d 100644 --- a/hmac-sha256.c +++ b/hmac-sha256.c @@ -53,7 +53,7 @@ hmac_sha256_update(struct hmac_sha256_ctx *ctx, void hmac_sha256_digest(struct hmac_sha256_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - HMAC_DIGEST(ctx, &nettle_sha256, length, digest); + HMAC_DIGEST(ctx, &nettle_sha256, digest); } diff --git a/hmac-sha384.c b/hmac-sha384.c index 30008b5f..9fbfb19f 100644 --- a/hmac-sha384.c +++ b/hmac-sha384.c @@ -46,7 +46,7 @@ hmac_sha384_set_key(struct hmac_sha512_ctx *ctx, void hmac_sha384_digest(struct hmac_sha512_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - HMAC_DIGEST(ctx, &nettle_sha384, length, digest); + HMAC_DIGEST(ctx, &nettle_sha384, digest); } diff --git a/hmac-sha512.c b/hmac-sha512.c index de64637a..e7a43e7d 100644 --- a/hmac-sha512.c +++ b/hmac-sha512.c @@ -53,7 +53,7 @@ hmac_sha512_update(struct hmac_sha512_ctx *ctx, void hmac_sha512_digest(struct hmac_sha512_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - HMAC_DIGEST(ctx, &nettle_sha512, length, digest); + HMAC_DIGEST(ctx, &nettle_sha512, digest); } diff --git a/hmac-sm3.c b/hmac-sm3.c index decb4a2d..67a21dde 100644 --- a/hmac-sm3.c +++ b/hmac-sm3.c @@ -53,7 +53,7 @@ hmac_sm3_update(struct hmac_sm3_ctx *ctx, void hmac_sm3_digest(struct hmac_sm3_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - HMAC_DIGEST(ctx, &nettle_sm3, length, digest); + HMAC_DIGEST(ctx, &nettle_sm3, digest); } diff --git a/hmac-streebog.c b/hmac-streebog.c index 3b07b95d..ab5da308 100644 --- a/hmac-streebog.c +++ b/hmac-streebog.c @@ -53,9 +53,9 @@ hmac_streebog512_update(struct hmac_streebog512_ctx *ctx, void hmac_streebog512_digest(struct hmac_streebog512_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - HMAC_DIGEST(ctx, &nettle_streebog512, length, digest); + HMAC_DIGEST(ctx, &nettle_streebog512, digest); } void @@ -67,7 +67,7 @@ hmac_streebog256_set_key(struct hmac_streebog256_ctx *ctx, void hmac_streebog256_digest(struct hmac_streebog256_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { - HMAC_DIGEST(ctx, &nettle_streebog256, length, digest); + HMAC_DIGEST(ctx, &nettle_streebog256, digest); } diff --git a/hmac.c b/hmac.c index ea356970..c6877cb8 100644 --- a/hmac.c +++ b/hmac.c @@ -67,7 +67,7 @@ hmac_set_key(void *outer, void *inner, void *state, hash->init(state); hash->update(state, key_length, key); - hash->digest(state, hash->digest_size, digest); + hash->digest(state, digest); key = digest; key_length = hash->digest_size; @@ -99,17 +99,18 @@ hmac_update(void *state, void hmac_digest(const void *outer, const void *inner, void *state, const struct nettle_hash *hash, - size_t length, uint8_t *dst) + uint8_t *dst) { + /* FIXME: Use dst area instead? */ TMP_DECL(digest, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE); TMP_ALLOC(digest, hash->digest_size); - hash->digest(state, hash->digest_size, digest); + hash->digest(state, digest); memcpy(state, outer, hash->context_size); hash->update(state, hash->digest_size, digest); - hash->digest(state, length, dst); + hash->digest(state, dst); memcpy(state, inner, hash->context_size); } diff --git a/hmac.h b/hmac.h index 453a67af..7e41b5b4 100644 --- a/hmac.h +++ b/hmac.h @@ -101,7 +101,7 @@ hmac_update(void *state, void hmac_digest(const void *outer, const void *inner, void *state, const struct nettle_hash *hash, - size_t length, uint8_t *digest); + uint8_t *digest); #define HMAC_CTX(type) \ @@ -111,9 +111,9 @@ hmac_digest(const void *outer, const void *inner, void *state, hmac_set_key( &(ctx)->outer, &(ctx)->inner, &(ctx)->state, \ (hash), (length), (key) ) -#define HMAC_DIGEST(ctx, hash, length, digest) \ +#define HMAC_DIGEST(ctx, hash, digest) \ hmac_digest( &(ctx)->outer, &(ctx)->inner, &(ctx)->state, \ - (hash), (length), (digest) ) + (hash), (digest) ) /* HMAC using specific hash functions */ @@ -130,7 +130,7 @@ hmac_md5_update(struct hmac_md5_ctx *ctx, void hmac_md5_digest(struct hmac_md5_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); /* hmac-ripemd160 */ @@ -146,7 +146,7 @@ hmac_ripemd160_update(struct hmac_ripemd160_ctx *ctx, void hmac_ripemd160_digest(struct hmac_ripemd160_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); /* hmac-sha1 */ @@ -162,7 +162,7 @@ hmac_sha1_update(struct hmac_sha1_ctx *ctx, void hmac_sha1_digest(struct hmac_sha1_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); /* hmac-sha256 */ struct hmac_sha256_ctx HMAC_CTX(struct sha256_ctx); @@ -177,7 +177,7 @@ hmac_sha256_update(struct hmac_sha256_ctx *ctx, void hmac_sha256_digest(struct hmac_sha256_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); /* hmac-sha224 */ #define hmac_sha224_ctx hmac_sha256_ctx @@ -190,7 +190,7 @@ hmac_sha224_set_key(struct hmac_sha224_ctx *ctx, void hmac_sha224_digest(struct hmac_sha224_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); /* hmac-sha512 */ struct hmac_sha512_ctx HMAC_CTX(struct sha512_ctx); @@ -205,7 +205,7 @@ hmac_sha512_update(struct hmac_sha512_ctx *ctx, void hmac_sha512_digest(struct hmac_sha512_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); /* hmac-sha384 */ #define hmac_sha384_ctx hmac_sha512_ctx @@ -218,7 +218,7 @@ hmac_sha384_set_key(struct hmac_sha512_ctx *ctx, void hmac_sha384_digest(struct hmac_sha512_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); /* hmac-gosthash94 */ struct hmac_gosthash94_ctx HMAC_CTX(struct gosthash94_ctx); @@ -233,7 +233,7 @@ hmac_gosthash94_update(struct hmac_gosthash94_ctx *ctx, void hmac_gosthash94_digest(struct hmac_gosthash94_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); struct hmac_gosthash94cp_ctx HMAC_CTX(struct gosthash94cp_ctx); @@ -247,7 +247,7 @@ hmac_gosthash94cp_update(struct hmac_gosthash94cp_ctx *ctx, void hmac_gosthash94cp_digest(struct hmac_gosthash94cp_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); /* hmac-streebog */ @@ -263,7 +263,7 @@ hmac_streebog512_update(struct hmac_streebog512_ctx *ctx, void hmac_streebog512_digest(struct hmac_streebog512_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); #define hmac_streebog256_ctx hmac_streebog512_ctx @@ -275,7 +275,7 @@ hmac_streebog256_set_key(struct hmac_streebog256_ctx *ctx, void hmac_streebog256_digest(struct hmac_streebog256_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); /* hmac-sm3 */ struct hmac_sm3_ctx HMAC_CTX(struct sm3_ctx); @@ -290,7 +290,7 @@ hmac_sm3_update(struct hmac_sm3_ctx *ctx, void hmac_sm3_digest(struct hmac_sm3_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); #ifdef __cplusplus } diff --git a/md2.c b/md2.c index a0cb1b64..6c067410 100644 --- a/md2.c +++ b/md2.c @@ -122,18 +122,15 @@ md2_update(struct md2_ctx *ctx, void md2_digest(struct md2_ctx *ctx, - size_t length, uint8_t *digest) { unsigned left; - assert(length <= MD2_DIGEST_SIZE); - left = MD2_BLOCK_SIZE - ctx->index; memset(ctx->block + ctx->index, left, left); md2_transform(ctx, ctx->block); md2_transform(ctx, ctx->C); - memcpy(digest, ctx->X, length); + memcpy(digest, ctx->X, MD2_DIGEST_SIZE); md2_init(ctx); } diff --git a/md2.h b/md2.h index 0fb9611b..84d31a61 100644 --- a/md2.h +++ b/md2.h @@ -68,7 +68,6 @@ md2_update(struct md2_ctx *ctx, void md2_digest(struct md2_ctx *ctx, - size_t length, uint8_t *digest); diff --git a/md4.c b/md4.c index f6330d17..240ce370 100644 --- a/md4.c +++ b/md4.c @@ -83,15 +83,12 @@ md4_update(struct md4_ctx *ctx, void md4_digest(struct md4_ctx *ctx, - size_t length, uint8_t *digest) { uint64_t bit_count; uint32_t data[MD4_DATA_LENGTH]; unsigned i; - assert(length <= MD4_DIGEST_SIZE); - MD_PAD(ctx, 8, md4_compress); for (i = 0; i < MD4_DATA_LENGTH - 2; i++) data[i] = LE_READ_UINT32(ctx->block + 4*i); @@ -103,7 +100,7 @@ md4_digest(struct md4_ctx *ctx, data[MD4_DATA_LENGTH-1] = bit_count >> 32; md4_transform(ctx->state, data); - _nettle_write_le32(length, digest, ctx->state); + _nettle_write_le32(MD4_DIGEST_SIZE, digest, ctx->state); md4_init(ctx); } diff --git a/md4.h b/md4.h index fa30b237..131079d7 100644 --- a/md4.h +++ b/md4.h @@ -72,7 +72,6 @@ md4_update(struct md4_ctx *ctx, void md4_digest(struct md4_ctx *ctx, - size_t length, uint8_t *digest); diff --git a/md5.c b/md5.c index 57cca826..0006a96e 100644 --- a/md5.c +++ b/md5.c @@ -73,13 +73,10 @@ md5_update(struct md5_ctx *ctx, void md5_digest(struct md5_ctx *ctx, - size_t length, uint8_t *digest) { uint64_t bit_count; - assert(length <= MD5_DIGEST_SIZE); - MD_PAD(ctx, 8, COMPRESS); /* There are 512 = 2^9 bits in one block */ @@ -88,7 +85,7 @@ md5_digest(struct md5_ctx *ctx, LE_WRITE_UINT64(ctx->block + (MD5_BLOCK_SIZE - 8), bit_count); nettle_md5_compress(ctx->state, ctx->block); - _nettle_write_le32(length, digest, ctx->state); + _nettle_write_le32(MD5_DIGEST_SIZE, digest, ctx->state); md5_init(ctx); } diff --git a/md5.h b/md5.h index 94098ab2..ab3e86d1 100644 --- a/md5.h +++ b/md5.h @@ -72,7 +72,6 @@ md5_update(struct md5_ctx *ctx, void md5_digest(struct md5_ctx *ctx, - size_t length, uint8_t *digest); /* MD5 compression function. STATE points to 4 uint32_t words, diff --git a/nettle-types.h b/nettle-types.h index 93a68f3b..3151bb2d 100644 --- a/nettle-types.h +++ b/nettle-types.h @@ -100,8 +100,7 @@ typedef void nettle_hash_init_func(void *ctx); typedef void nettle_hash_update_func(void *ctx, size_t length, const uint8_t *src); -typedef void nettle_hash_digest_func(void *ctx, - size_t length, uint8_t *dst); +typedef void nettle_hash_digest_func(void *ctx, uint8_t *dst); /* ASCII armor codecs. NOTE: Experimental and subject to change. */ diff --git a/non-nettle.c b/non-nettle.c index ba2d2977..6ab1a098 100644 --- a/non-nettle.c +++ b/non-nettle.c @@ -290,9 +290,9 @@ ocb_aes128_decrypt_wrapper (struct ocb_aes128_ctx *ctx, } static void -ocb_aes128_digest_wrapper (struct ocb_aes128_ctx *ctx, size_t length, uint8_t *digest) +ocb_aes128_digest_wrapper (struct ocb_aes128_ctx *ctx, uint8_t *digest) { - ocb_aes128_digest (&ctx->ocb, &ctx->key, length, digest); + ocb_aes128_digest (&ctx->ocb, &ctx->key, OCB_DIGEST_SIZE, digest); } const struct nettle_aead @@ -308,3 +308,31 @@ nettle_ocb_aes128 = (nettle_crypt_func *) ocb_aes128_decrypt_wrapper, (nettle_hash_digest_func *) ocb_aes128_digest_wrapper }; + +/* For 96-bit tag */ +static void +ocb_aes128_t96_set_nonce (struct ocb_aes128_ctx *ctx, const uint8_t *nonce) +{ + ocb_aes128_set_nonce (&ctx->ocb, &ctx->key, + 12, OCB_NONCE_SIZE, nonce); +} + +static void +ocb_aes128_t96_digest (struct ocb_aes128_ctx *ctx, uint8_t *digest) +{ + ocb_aes128_digest (&ctx->ocb, &ctx->key, 12, digest); +} + +const struct nettle_aead +nettle_ocb_aes128_t96 = + { "ocb_aes128", sizeof(struct ocb_aes128_ctx), + OCB_BLOCK_SIZE, AES128_KEY_SIZE, + OCB_NONCE_SIZE, 12, + (nettle_set_key_func *) ocb_aes128_set_encrypt_key_wrapper, + (nettle_set_key_func *) ocb_aes128_set_decrypt_key_wrapper, + (nettle_set_key_func *) ocb_aes128_t96_set_nonce, + (nettle_hash_update_func *) ocb_aes128_update_wrapper, + (nettle_crypt_func *) ocb_aes128_encrypt_wrapper, + (nettle_crypt_func *) ocb_aes128_decrypt_wrapper, + (nettle_hash_digest_func *) ocb_aes128_t96_digest, + }; diff --git a/non-nettle.h b/non-nettle.h index 91670847..e36c8f9c 100644 --- a/non-nettle.h +++ b/non-nettle.h @@ -90,6 +90,7 @@ struct ocb_aes128_ctx }; extern const struct nettle_aead nettle_ocb_aes128; +extern const struct nettle_aead nettle_ocb_aes128_t96; #endif /* NETTLE_NON_NETTLE_H_INCLUDED */ diff --git a/oaep.c b/oaep.c index 5ebf8ba0..f025c377 100644 --- a/oaep.c +++ b/oaep.c @@ -160,7 +160,7 @@ _oaep_decode_mgf1 (const uint8_t *em, hash->init (hash_ctx); hash->update (hash_ctx, label_length, label); - hash->digest (hash_ctx, hash->digest_size, lhash); + hash->digest (hash_ctx, lhash); ok &= memeql_sec (db_mask, lhash, hash->digest_size); @@ -204,7 +204,7 @@ _oaep_encode_mgf1 (mpz_t m, size_t key_size, memset (db, 0, db_length); hash->init (hash_ctx); hash->update (hash_ctx, label_length, label); - hash->digest (hash_ctx, hash->digest_size, db); + hash->digest (hash_ctx, db); memcpy (&db[db_length - message_length], message, message_length); db[db_length - message_length - 1] = 0x01; diff --git a/pbkdf2.c b/pbkdf2.c index 291d138a..737b847e 100644 --- a/pbkdf2.c +++ b/pbkdf2.c @@ -77,14 +77,14 @@ pbkdf2 (void *mac_ctx, update (mac_ctx, salt_length, salt); update (mac_ctx, sizeof(tmp), tmp); - digest (mac_ctx, digest_size, T); + digest (mac_ctx, T); prev = T; for (u = 1; u < iterations; u++, prev = U) { update (mac_ctx, digest_size, prev); - digest (mac_ctx, digest_size, U); + digest (mac_ctx, U); memxor (T, U, digest_size); } diff --git a/pbkdf2.h b/pbkdf2.h index e9cea8b8..8791657b 100644 --- a/pbkdf2.h +++ b/pbkdf2.h @@ -60,7 +60,7 @@ pbkdf2 (void *mac_ctx, #define PBKDF2(ctx, update, digest, digest_size, \ iterations, salt_length, salt, length, dst) \ (0 ? ((update)((ctx), 0, (uint8_t *) 0), \ - (digest)((ctx), 0, (uint8_t *) 0)) \ + (digest)((ctx), (uint8_t *) 0)) \ : pbkdf2 ((ctx), \ (nettle_hash_update_func *)(update), \ (nettle_hash_digest_func *)(digest), \ diff --git a/pkcs1-rsa-md5.c b/pkcs1-rsa-md5.c index 4b44155d..e20541b3 100644 --- a/pkcs1-rsa-md5.c +++ b/pkcs1-rsa-md5.c @@ -84,7 +84,7 @@ pkcs1_rsa_md5_encode(mpz_t m, size_t key_size, struct md5_ctx *hash) MD5_DIGEST_SIZE); if (p) { - md5_digest(hash, MD5_DIGEST_SIZE, p); + md5_digest(hash, p); nettle_mpz_set_str_256_u(m, key_size, em); TMP_GMP_FREE(em); return 1; diff --git a/pkcs1-rsa-sha1.c b/pkcs1-rsa-sha1.c index b9ac83aa..494f830e 100644 --- a/pkcs1-rsa-sha1.c +++ b/pkcs1-rsa-sha1.c @@ -84,7 +84,7 @@ pkcs1_rsa_sha1_encode(mpz_t m, size_t key_size, struct sha1_ctx *hash) SHA1_DIGEST_SIZE); if (p) { - sha1_digest(hash, SHA1_DIGEST_SIZE, p); + sha1_digest(hash, p); nettle_mpz_set_str_256_u(m, key_size, em); TMP_GMP_FREE(em); return 1; diff --git a/pkcs1-rsa-sha256.c b/pkcs1-rsa-sha256.c index 3c524318..47a1f461 100644 --- a/pkcs1-rsa-sha256.c +++ b/pkcs1-rsa-sha256.c @@ -82,7 +82,7 @@ pkcs1_rsa_sha256_encode(mpz_t m, size_t key_size, struct sha256_ctx *hash) SHA256_DIGEST_SIZE); if (p) { - sha256_digest(hash, SHA256_DIGEST_SIZE, p); + sha256_digest(hash, p); nettle_mpz_set_str_256_u(m, key_size, em); TMP_GMP_FREE(em); return 1; diff --git a/pkcs1-rsa-sha512.c b/pkcs1-rsa-sha512.c index b9e788f3..79f019c7 100644 --- a/pkcs1-rsa-sha512.c +++ b/pkcs1-rsa-sha512.c @@ -82,7 +82,7 @@ pkcs1_rsa_sha512_encode(mpz_t m, size_t key_size, struct sha512_ctx *hash) SHA512_DIGEST_SIZE); if (p) { - sha512_digest(hash, SHA512_DIGEST_SIZE, p); + sha512_digest(hash, p); nettle_mpz_set_str_256_u(m, key_size, em); TMP_GMP_FREE(em); return 1; diff --git a/poly1305-aes.c b/poly1305-aes.c index 374d5a78..a9688554 100644 --- a/poly1305-aes.c +++ b/poly1305-aes.c @@ -66,7 +66,7 @@ poly1305_aes_update (struct poly1305_aes_ctx *ctx, void poly1305_aes_digest (struct poly1305_aes_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { union nettle_block16 s; /* final bytes */ @@ -83,7 +83,7 @@ poly1305_aes_digest (struct poly1305_aes_ctx *ctx, aes128_encrypt(&ctx->aes, POLY1305_BLOCK_SIZE, s.b, ctx->nonce); _nettle_poly1305_digest (&ctx->pctx, &s); - memcpy (digest, s.b, length); + memcpy (digest, s.b, POLY1305_AES_DIGEST_SIZE); INCREMENT (16, ctx->nonce); ctx->index = 0; diff --git a/poly1305.h b/poly1305.h index 99c63c8a..bbe6c2f4 100644 --- a/poly1305.h +++ b/poly1305.h @@ -105,7 +105,7 @@ poly1305_aes_update (struct poly1305_aes_ctx *ctx, size_t length, const uint8_t /* Also increments the nonce */ void poly1305_aes_digest (struct poly1305_aes_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); #ifdef __cplusplus } diff --git a/pss-mgf1.c b/pss-mgf1.c index 3f5e204b..e6395736 100644 --- a/pss-mgf1.c +++ b/pss-mgf1.c @@ -55,7 +55,7 @@ pss_mgf1(const void *seed, const struct nettle_hash *hash, TMP_ALLOC(h, hash->digest_size); TMP_ALLOC_ALIGN(state, hash->context_size); - for (i = 0;; + for (i = 0; length > 0; i++, mask += hash->digest_size, length -= hash->digest_size) { WRITE_UINT32(c, i); @@ -63,11 +63,12 @@ pss_mgf1(const void *seed, const struct nettle_hash *hash, memcpy(state, seed, hash->context_size); hash->update(state, 4, c); - if (length <= hash->digest_size) + if (length < hash->digest_size) { - hash->digest(state, length, mask); + hash->digest(state, h); + memcpy(mask, h, length); return; } - hash->digest(state, hash->digest_size, mask); + hash->digest(state, mask); } } diff --git a/pss.c b/pss.c index d28e7b13..404ab6f0 100644 --- a/pss.c +++ b/pss.c @@ -87,7 +87,7 @@ pss_encode_mgf1(mpz_t m, size_t bits, hash->update(state, salt_length, salt); /* Store H in EM, right after maskedDB. */ - hash->digest(state, hash->digest_size, em + key_size - hash->digest_size - 1); + hash->digest(state, em + key_size - hash->digest_size - 1); /* Compute dbMask. */ hash->init(state); @@ -185,7 +185,7 @@ pss_verify_mgf1(const mpz_t m, size_t bits, hash->update(state, sizeof(pss_pad), pss_pad); hash->update(state, hash->digest_size, digest); hash->update(state, salt_length, salt); - hash->digest(state, hash->digest_size, h2); + hash->digest(state, h2); /* Check if H' = H. */ if (memcmp(h2, h, hash->digest_size) != 0) diff --git a/ripemd160.c b/ripemd160.c index 56ffee33..84515f2e 100644 --- a/ripemd160.c +++ b/ripemd160.c @@ -183,12 +183,10 @@ ripemd160_update(struct ripemd160_ctx *ctx, size_t length, const uint8_t *data) } void -ripemd160_digest(struct ripemd160_ctx *ctx, size_t length, uint8_t *digest) +ripemd160_digest(struct ripemd160_ctx *ctx, uint8_t *digest) { uint64_t bit_count; - assert(length <= RIPEMD160_DIGEST_SIZE); - MD_PAD(ctx, 8, COMPRESS); /* There are 2^9 bits in one block */ @@ -198,6 +196,6 @@ ripemd160_digest(struct ripemd160_ctx *ctx, size_t length, uint8_t *digest) LE_WRITE_UINT64(ctx->block + 56, bit_count); _nettle_ripemd160_compress(ctx->state, ctx->block); - _nettle_write_le32(length, digest, ctx->state); + _nettle_write_le32(RIPEMD160_DIGEST_SIZE, digest, ctx->state); ripemd160_init(ctx); } diff --git a/ripemd160.h b/ripemd160.h index 238c5ee7..f54fb9db 100644 --- a/ripemd160.h +++ b/ripemd160.h @@ -73,7 +73,6 @@ ripemd160_update(struct ripemd160_ctx *ctx, void ripemd160_digest(struct ripemd160_ctx *ctx, - size_t length, uint8_t *digest); #ifdef __cplusplus diff --git a/sha1.c b/sha1.c index af73096c..0089ca3d 100644 --- a/sha1.c +++ b/sha1.c @@ -79,13 +79,10 @@ sha1_update(struct sha1_ctx *ctx, void sha1_digest(struct sha1_ctx *ctx, - size_t length, uint8_t *digest) { uint64_t bit_count; - assert(length <= SHA1_DIGEST_SIZE); - MD_PAD(ctx, 8, COMPRESS); /* There are 512 = 2^9 bits in one block */ @@ -95,6 +92,6 @@ sha1_digest(struct sha1_ctx *ctx, WRITE_UINT64(ctx->block + (SHA1_BLOCK_SIZE - 8), bit_count); nettle_sha1_compress(ctx->state, ctx->block); - _nettle_write_be32(length, digest, ctx->state); + _nettle_write_be32(SHA1_DIGEST_SIZE, digest, ctx->state); sha1_init(ctx); } diff --git a/sha1.h b/sha1.h index 32b79dc7..d9ba79b0 100644 --- a/sha1.h +++ b/sha1.h @@ -74,7 +74,6 @@ sha1_update(struct sha1_ctx *ctx, void sha1_digest(struct sha1_ctx *ctx, - size_t length, uint8_t *digest); /* SHA1 compression function. STATE points to 5 uint32_t words, diff --git a/sha2.h b/sha2.h index 3a7be71f..d5d8e5a4 100644 --- a/sha2.h +++ b/sha2.h @@ -90,7 +90,6 @@ sha256_update(struct sha256_ctx *ctx, void sha256_digest(struct sha256_ctx *ctx, - size_t length, uint8_t *digest); void @@ -109,7 +108,6 @@ sha224_init(struct sha256_ctx *ctx); void sha224_digest(struct sha256_ctx *ctx, - size_t length, uint8_t *digest); @@ -139,7 +137,6 @@ sha512_update(struct sha512_ctx *ctx, void sha512_digest(struct sha512_ctx *ctx, - size_t length, uint8_t *digest); void @@ -158,7 +155,6 @@ sha384_init(struct sha512_ctx *ctx); void sha384_digest(struct sha512_ctx *ctx, - size_t length, uint8_t *digest); @@ -176,7 +172,6 @@ sha512_224_init(struct sha512_224_ctx *ctx); void sha512_224_digest(struct sha512_224_ctx *ctx, - size_t length, uint8_t *digest); #define SHA512_256_DIGEST_SIZE 32 @@ -190,7 +185,6 @@ sha512_256_init(struct sha512_256_ctx *ctx); void sha512_256_digest(struct sha512_256_ctx *ctx, - size_t length, uint8_t *digest); #ifdef __cplusplus diff --git a/sha256.c b/sha256.c index 44551224..a2a5d423 100644 --- a/sha256.c +++ b/sha256.c @@ -150,10 +150,9 @@ sha256_write_digest(struct sha256_ctx *ctx, void sha256_digest(struct sha256_ctx *ctx, - size_t length, uint8_t *digest) { - sha256_write_digest(ctx, length, digest); + sha256_write_digest(ctx, SHA256_DIGEST_SIZE, digest); sha256_init(ctx); } @@ -180,9 +179,8 @@ sha224_init(struct sha256_ctx *ctx) void sha224_digest(struct sha256_ctx *ctx, - size_t length, uint8_t *digest) { - sha256_write_digest(ctx, length, digest); + sha256_write_digest(ctx, SHA224_DIGEST_SIZE, digest); sha224_init(ctx); } diff --git a/sha3-224.c b/sha3-224.c index 87f4aa37..0ed26d88 100644 --- a/sha3-224.c +++ b/sha3-224.c @@ -61,10 +61,9 @@ sha3_224_update (struct sha3_224_ctx *ctx, void sha3_224_digest(struct sha3_224_ctx *ctx, - size_t length, uint8_t *digest) { _sha3_pad_hash (&ctx->state, SHA3_224_BLOCK_SIZE, ctx->block, ctx->index); - _nettle_write_le64 (length, digest, ctx->state.a); + _nettle_write_le64 (SHA3_224_DIGEST_SIZE, digest, ctx->state.a); sha3_224_init (ctx); } diff --git a/sha3-256.c b/sha3-256.c index 534fd1b2..1d891900 100644 --- a/sha3-256.c +++ b/sha3-256.c @@ -61,10 +61,9 @@ sha3_256_update (struct sha3_256_ctx *ctx, void sha3_256_digest(struct sha3_256_ctx *ctx, - size_t length, uint8_t *digest) { _sha3_pad_hash (&ctx->state, SHA3_256_BLOCK_SIZE, ctx->block, ctx->index); - _nettle_write_le64 (length, digest, ctx->state.a); + _nettle_write_le64 (SHA3_256_DIGEST_SIZE, digest, ctx->state.a); sha3_256_init (ctx); } diff --git a/sha3-384.c b/sha3-384.c index 62860248..0f58892f 100644 --- a/sha3-384.c +++ b/sha3-384.c @@ -61,10 +61,9 @@ sha3_384_update (struct sha3_384_ctx *ctx, void sha3_384_digest(struct sha3_384_ctx *ctx, - size_t length, uint8_t *digest) { _sha3_pad_hash (&ctx->state, SHA3_384_BLOCK_SIZE, ctx->block, ctx->index); - _nettle_write_le64 (length, digest, ctx->state.a); + _nettle_write_le64 (SHA3_384_DIGEST_SIZE, digest, ctx->state.a); sha3_384_init (ctx); } diff --git a/sha3-512.c b/sha3-512.c index 24ab37a3..2f0a62b3 100644 --- a/sha3-512.c +++ b/sha3-512.c @@ -61,10 +61,9 @@ sha3_512_update (struct sha3_512_ctx *ctx, void sha3_512_digest(struct sha3_512_ctx *ctx, - size_t length, uint8_t *digest) { _sha3_pad_hash (&ctx->state, SHA3_512_BLOCK_SIZE, ctx->block, ctx->index); - _nettle_write_le64 (length, digest, ctx->state.a); + _nettle_write_le64 (SHA3_512_DIGEST_SIZE, digest, ctx->state.a); sha3_512_init (ctx); } diff --git a/sha3.h b/sha3.h index f40248eb..95c13472 100644 --- a/sha3.h +++ b/sha3.h @@ -146,7 +146,6 @@ sha3_224_update (struct sha3_224_ctx *ctx, void sha3_224_digest(struct sha3_224_ctx *ctx, - size_t length, uint8_t *digest); struct sha3_256_ctx @@ -166,7 +165,6 @@ sha3_256_update (struct sha3_256_ctx *ctx, void sha3_256_digest(struct sha3_256_ctx *ctx, - size_t length, uint8_t *digest); /* Alternative digest function implementing shake256, with arbitrary @@ -200,7 +198,6 @@ sha3_384_update (struct sha3_384_ctx *ctx, void sha3_384_digest(struct sha3_384_ctx *ctx, - size_t length, uint8_t *digest); struct sha3_512_ctx @@ -220,7 +217,6 @@ sha3_512_update (struct sha3_512_ctx *ctx, void sha3_512_digest(struct sha3_512_ctx *ctx, - size_t length, uint8_t *digest); #ifdef __cplusplus diff --git a/sha512.c b/sha512.c index 76fa8cf3..8a79e2a7 100644 --- a/sha512.c +++ b/sha512.c @@ -197,12 +197,9 @@ sha512_write_digest(struct sha512_ctx *ctx, void sha512_digest(struct sha512_ctx *ctx, - size_t length, uint8_t *digest) { - assert(length <= SHA512_DIGEST_SIZE); - - sha512_write_digest(ctx, length, digest); + sha512_write_digest(ctx, SHA512_DIGEST_SIZE, digest); sha512_init(ctx); } @@ -238,12 +235,9 @@ sha384_init(struct sha512_ctx *ctx) void sha384_digest(struct sha512_ctx *ctx, - size_t length, uint8_t *digest) { - assert(length <= SHA384_DIGEST_SIZE); - - sha512_write_digest(ctx, length, digest); + sha512_write_digest(ctx, SHA384_DIGEST_SIZE, digest); sha384_init(ctx); } @@ -271,12 +265,9 @@ sha512_224_init(struct sha512_224_ctx *ctx) void sha512_224_digest(struct sha512_224_ctx *ctx, - size_t length, uint8_t *digest) { - assert(length <= SHA224_DIGEST_SIZE); - - sha512_write_digest(ctx, length, digest); + sha512_write_digest(ctx, SHA512_224_DIGEST_SIZE, digest); sha512_224_init(ctx); } @@ -304,12 +295,9 @@ sha512_256_init(struct sha512_256_ctx *ctx) void sha512_256_digest(struct sha512_256_ctx *ctx, - size_t length, uint8_t *digest) { - assert(length <= SHA256_DIGEST_SIZE); - - sha512_write_digest(ctx, length, digest); + sha512_write_digest(ctx, SHA512_256_DIGEST_SIZE, digest); sha512_256_init(ctx); } diff --git a/siv-cmac.c b/siv-cmac.c index 8205c320..b6798f9a 100644 --- a/siv-cmac.c +++ b/siv-cmac.c @@ -64,16 +64,16 @@ _siv_s2v (const struct nettle_cipher *nc, cmac128_init(&cmac_ctx); cmac128_update (&cmac_ctx, cmac_cipher, nc->encrypt, 16, const_zero.b); - cmac128_digest (&cmac_ctx, cmac_key, cmac_cipher, nc->encrypt, 16, D.b); + cmac128_digest (&cmac_ctx, cmac_key, cmac_cipher, nc->encrypt, D.b); block16_mulx_be (&D, &D); cmac128_update (&cmac_ctx, cmac_cipher, nc->encrypt, alength, adata); - cmac128_digest (&cmac_ctx, cmac_key, cmac_cipher, nc->encrypt, 16, S.b); + cmac128_digest (&cmac_ctx, cmac_key, cmac_cipher, nc->encrypt, S.b); block16_xor (&D, &S); block16_mulx_be (&D, &D); cmac128_update (&cmac_ctx, cmac_cipher, nc->encrypt, nlength, nonce); - cmac128_digest (&cmac_ctx, cmac_key, cmac_cipher, nc->encrypt, 16, S.b); + cmac128_digest (&cmac_ctx, cmac_key, cmac_cipher, nc->encrypt, S.b); block16_xor (&D, &S); /* Sn */ @@ -99,7 +99,7 @@ _siv_s2v (const struct nettle_cipher *nc, } cmac128_update (&cmac_ctx, cmac_cipher, nc->encrypt, 16, T.b); - cmac128_digest (&cmac_ctx, cmac_key, cmac_cipher, nc->encrypt, 16, v); + cmac128_digest (&cmac_ctx, cmac_key, cmac_cipher, nc->encrypt, v); } void diff --git a/sm3.c b/sm3.c index ac58cb38..e2c61001 100644 --- a/sm3.c +++ b/sm3.c @@ -243,9 +243,8 @@ sm3_write_digest(struct sm3_ctx *ctx, void sm3_digest(struct sm3_ctx *ctx, - size_t length, uint8_t *digest) { - sm3_write_digest(ctx, length, digest); + sm3_write_digest(ctx, SM3_DIGEST_SIZE, digest); sm3_init(ctx); } diff --git a/sm3.h b/sm3.h index 0660f820..6b9c9f4b 100644 --- a/sm3.h +++ b/sm3.h @@ -70,7 +70,6 @@ sm3_update(struct sm3_ctx *ctx, void sm3_digest(struct sm3_ctx *ctx, - size_t length, uint8_t *digest); #ifdef __cplusplus diff --git a/streebog.c b/streebog.c index 7ad619d5..002fd4d5 100644 --- a/streebog.c +++ b/streebog.c @@ -1282,12 +1282,9 @@ streebog512_write_digest(struct streebog512_ctx *ctx, void streebog512_digest(struct streebog512_ctx *ctx, - size_t length, uint8_t *digest) { - assert(length <= STREEBOG512_DIGEST_SIZE); - - streebog512_write_digest(ctx, 0, length, digest); + streebog512_write_digest(ctx, 0, STREEBOG512_DIGEST_SIZE, digest); streebog512_init(ctx); } @@ -1304,14 +1301,11 @@ streebog256_init(struct streebog256_ctx *ctx) void streebog256_digest(struct streebog256_ctx *ctx, - size_t length, uint8_t *digest) { - assert(length <= STREEBOG256_DIGEST_SIZE); - streebog512_write_digest(ctx, 4, - length, + STREEBOG256_DIGEST_SIZE, digest); streebog256_init(ctx); } diff --git a/streebog.h b/streebog.h index 69ac0d5c..16dba85f 100644 --- a/streebog.h +++ b/streebog.h @@ -74,7 +74,6 @@ streebog512_update(struct streebog512_ctx *ctx, void streebog512_digest(struct streebog512_ctx *ctx, - size_t length, uint8_t *digest); @@ -89,7 +88,6 @@ streebog256_init(struct streebog256_ctx *ctx); void streebog256_digest(struct streebog256_ctx *ctx, - size_t length, uint8_t *digest); #ifdef __cplusplus diff --git a/testsuite/cxx-test.cxx b/testsuite/cxx-test.cxx index b0235666..c3cc39db 100644 --- a/testsuite/cxx-test.cxx +++ b/testsuite/cxx-test.cxx @@ -13,7 +13,7 @@ test_main(void) md5_init (&md5); md5_update (&md5, 14, reinterpret_cast ("message digest")); - md5_digest (&md5, MD5_DIGEST_SIZE, digest); + md5_digest (&md5, digest); ASSERT (MEMEQ (MD5_DIGEST_SIZE, digest, H("F96B697D7CB7938D 525A2F31AAF161D0"))); diff --git a/testsuite/gcm-test.c b/testsuite/gcm-test.c index d4ab249d..db3b8090 100644 --- a/testsuite/gcm-test.c +++ b/testsuite/gcm-test.c @@ -8,13 +8,13 @@ test_gcm_hash (const struct tstring *msg, const struct tstring *ref) { struct gcm_aes128_ctx ctx; const uint8_t z16[16] = { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 }; - uint8_t digest[16]; + uint8_t digest[GCM_DIGEST_SIZE]; ASSERT (ref->length == sizeof(digest)); gcm_aes128_set_key (&ctx, z16); gcm_aes128_set_iv (&ctx, 16, z16); gcm_aes128_update (&ctx, msg->length, msg->data); - gcm_aes128_digest (&ctx, sizeof(digest), digest); + gcm_aes128_digest (&ctx, digest); if (!MEMEQ (ref->length, ref->data, digest)) { fprintf (stderr, "gcm_hash failed, msg: %s\nOutput: ", msg->data); diff --git a/testsuite/gostdsa-vko-test.c b/testsuite/gostdsa-vko-test.c index 5d65cd4d..4fc27170 100644 --- a/testsuite/gostdsa-vko-test.c +++ b/testsuite/gostdsa-vko-test.c @@ -43,7 +43,7 @@ test_vko (const struct ecc_curve *ecc, { hash->init (hash_ctx); hash->update (hash_ctx, out_len, out); - hash->digest (hash_ctx, hash->digest_size, out); + hash->digest (hash_ctx, out); ASSERT (hash->digest_size == res->length); ASSERT (MEMEQ (res->length, out, res->data)); diff --git a/testsuite/hkdf-test.c b/testsuite/hkdf-test.c index 80f4c813..57338344 100644 --- a/testsuite/hkdf-test.c +++ b/testsuite/hkdf-test.c @@ -17,7 +17,6 @@ test_hkdf_sha256(const struct tstring *ikm, hkdf_extract(&ctx, (nettle_hash_update_func*) hmac_sha256_update, (nettle_hash_digest_func*) hmac_sha256_digest, - SHA256_DIGEST_SIZE, ikm->length, ikm->data, prk); if (MEMEQ(SHA256_DIGEST_SIZE, prk, extract_output->data) == 0) @@ -63,7 +62,6 @@ test_hkdf_sha1(const struct tstring *ikm, hkdf_extract(&ctx, (nettle_hash_update_func*) hmac_sha1_update, (nettle_hash_digest_func*) hmac_sha1_digest, - SHA1_DIGEST_SIZE, ikm->length, ikm->data, prk); diff --git a/testsuite/ocb-test.c b/testsuite/ocb-test.c index dd476eee..767dd39a 100644 --- a/testsuite/ocb-test.c +++ b/testsuite/ocb-test.c @@ -52,15 +52,6 @@ ocb_aes128_message = { (nettle_decrypt_message_func*) ocb_aes128_decrypt_message_wrapper, }; -/* For 96-bit tag */ -static void -set_nonce_tag96 (struct ocb_aes128_ctx *ctx, size_t length, const uint8_t *nonce) -{ - ASSERT (length == OCB_NONCE_SIZE); - ocb_aes128_set_nonce (&ctx->ocb, &ctx->key, - 12, OCB_NONCE_SIZE, nonce); -} - void test_main(void) { @@ -206,7 +197,7 @@ test_main(void) SHEX("479AD363AC366B95 A98CA5F3000B1479")); /* tag */ /* Test with 96-bit tag. */ - test_aead(&nettle_ocb_aes128, (nettle_hash_update_func *) set_nonce_tag96, + test_aead(&nettle_ocb_aes128_t96, NULL, SHEX("0F0E0D0C0B0A09080706050403020100"), /* key */ SHEX("000102030405060708090A0B0C0D0E0F1011121314151617" "18191A1B1C1D1E1F2021222324252627"), /* auth data */ @@ -218,7 +209,7 @@ test_main(void) SHEX("D0C515F4D1CDD4FDAC4F02AA")); /* tag */ /* 16 blocks, not verified with other implementations or any - authoritative test vector.not an authoritative test vector. */ + authoritative test vector. */ test_aead(&nettle_ocb_aes128, NULL, SHEX("000102030405060708090A0B0C0D0E0F"), /* key */ SHEX(""), /* auth data */ @@ -299,7 +290,7 @@ test_main(void) SHEX("6820B3657B6F615A5725BDA0D3B4EB3A257C9AF1F8F03009")); /* ciphertext */ /* Test-vector from libgcrypt:tests/basic.c: */ - test_aead(&nettle_ocb_aes128, (nettle_hash_update_func *) set_nonce_tag96, + test_aead(&nettle_ocb_aes128_t96, NULL, SHEX("0F0E0D0C0B0A09080706050403020100"), /* key */ SHEX("000102030405060708090A0B0C0D0E0F1011121314151617" "18191A1B1C1D1E1F2021222324252627"), /* auth data */ diff --git a/testsuite/poly1305-test.c b/testsuite/poly1305-test.c index 7b239439..50305164 100644 --- a/testsuite/poly1305-test.c +++ b/testsuite/poly1305-test.c @@ -9,8 +9,8 @@ check_digest (const char *name, void *ctx, nettle_hash_digest_func *f, const struct tstring *ref) { uint8_t tag[16]; - ASSERT (ref->length <= 16); - f(ctx, ref->length, tag); + ASSERT (ref->length == POLY1305_AES_DIGEST_SIZE); + f(ctx, tag); if (!MEMEQ(ref->length, ref->data, tag)) { printf ("%s failed\n", name); diff --git a/testsuite/rsa-pss-sign-tr-test.c b/testsuite/rsa-pss-sign-tr-test.c index 6dfba734..f485d4a0 100644 --- a/testsuite/rsa-pss-sign-tr-test.c +++ b/testsuite/rsa-pss-sign-tr-test.c @@ -37,7 +37,7 @@ test_rsa_pss_sign_tr(struct rsa_public_key *pub, hash->init(ctx); hash->update(ctx, length, message); - hash->digest(ctx, hash->digest_size, digest); + hash->digest(ctx, digest); mpz_init(signature); diff --git a/testsuite/shake128-test.c b/testsuite/shake128-test.c index f147e606..c724b9f3 100644 --- a/testsuite/shake128-test.c +++ b/testsuite/shake128-test.c @@ -41,8 +41,8 @@ const struct nettle_xof nettle_shake128 = SHA3_128_BLOCK_SIZE, (nettle_hash_init_func *) sha3_128_init, (nettle_hash_update_func *) sha3_128_update, - (nettle_hash_digest_func *) sha3_128_shake, - (nettle_hash_digest_func *) sha3_128_shake_output, + (nettle_random_func *) sha3_128_shake, + (nettle_random_func *) sha3_128_shake_output, }; void diff --git a/testsuite/shake256-test.c b/testsuite/shake256-test.c index 942291a6..1421239f 100644 --- a/testsuite/shake256-test.c +++ b/testsuite/shake256-test.c @@ -43,8 +43,8 @@ const struct nettle_xof nettle_shake256 = SHA3_256_BLOCK_SIZE, (nettle_hash_init_func *) sha3_256_init, (nettle_hash_update_func *) sha3_256_update, - (nettle_hash_digest_func *) sha3_256_shake, - (nettle_hash_digest_func *) sha3_256_shake_output, + (nettle_random_func *) sha3_256_shake, + (nettle_random_func *) sha3_256_shake_output, }; void diff --git a/testsuite/testutils.c b/testsuite/testutils.c index 85b3deb5..1274331d 100644 --- a/testsuite/testutils.c +++ b/testsuite/testutils.c @@ -889,9 +889,9 @@ test_aead(const struct nettle_aead *aead, } if (digest) { - ASSERT (digest->length <= aead->digest_size); + ASSERT (digest->length == aead->digest_size); memset(buffer, 0, aead->digest_size); - aead->digest(ctx, digest->length, buffer); + aead->digest(ctx, buffer); if (!MEMEQ(digest->length, buffer, digest->data)) { fprintf(stderr, "aead->digest failed (offset = %u):\n got: ", @@ -930,8 +930,9 @@ test_aead(const struct nettle_aead *aead, if (digest) { + ASSERT (digest->length == aead->digest_size); memset(buffer, 0, aead->digest_size); - aead->digest(ctx, digest->length, buffer); + aead->digest(ctx, buffer); ASSERT(MEMEQ(digest->length, buffer, digest->data)); } } @@ -1112,7 +1113,7 @@ test_hash(const struct nettle_hash *hash, hash->update(ctx, 0, NULL); hash->update(ctx, msg->length - offset, msg->data + offset); - hash->digest(ctx, digest->length, buffer); + hash->digest(ctx, buffer); if (MEMEQ(digest->length, digest->data, buffer) == 0) { @@ -1124,23 +1125,13 @@ test_hash(const struct nettle_hash *hash, } } - memset(buffer, 0, digest->length); - - hash->update(ctx, msg->length, msg->data); - ASSERT(digest->length > 0); - hash->digest(ctx, digest->length - 1, buffer); - - ASSERT(MEMEQ(digest->length - 1, digest->data, buffer)); - - ASSERT(buffer[digest->length - 1] == 0); - input = xalloc (msg->length + 16); for (offset = 0; offset < 16; offset++) { memset (input, 0, msg->length + 16); memcpy (input + offset, msg->data, msg->length); hash->update (ctx, msg->length, input + offset); - hash->digest (ctx, digest->length, buffer); + hash->digest (ctx, buffer); if (MEMEQ(digest->length, digest->data, buffer) == 0) { fprintf(stdout, "hash input address: %p\nGot:\n", input + offset); @@ -1264,7 +1255,7 @@ test_hash_large(const struct nettle_hash *hash, } fprintf (stderr, "\n"); - hash->digest(ctx, hash->digest_size, buffer); + hash->digest(ctx, buffer); print_hex(hash->digest_size, buffer); @@ -1295,7 +1286,7 @@ test_mac(const struct nettle_mac *mac, mac->set_key (ctx, key->data); } mac->update (ctx, msg->length, msg->data); - mac->digest (ctx, digest->length, hash); + mac->digest (ctx, hash); if (!MEMEQ (digest->length, digest->data, hash)) { @@ -1311,7 +1302,7 @@ test_mac(const struct nettle_mac *mac, /* attempt to re-use the structure */ mac->update (ctx, msg->length, msg->data); - mac->digest (ctx, digest->length, hash); + mac->digest (ctx, hash); if (!MEMEQ (digest->length, digest->data, hash)) { fprintf (stderr, "test_mac: failed on re-use, msg: "); @@ -1327,7 +1318,7 @@ test_mac(const struct nettle_mac *mac, /* attempt byte-by-byte hashing */ for (i=0;ilength;i++) mac->update (ctx, 1, msg->data+i); - mac->digest (ctx, digest->length, hash); + mac->digest (ctx, hash); if (!MEMEQ (digest->length, digest->data, hash)) { fprintf (stderr, "test_mac failed on byte-by-byte, msg: "); @@ -1504,7 +1495,7 @@ xalloc_limbs (mp_size_t n) ASSERT(mpz_cmp (signature, expected) == 0); \ \ hash##_update(&hash, LDATA(msg)); \ - hash##_digest(&hash, sizeof(digest), digest); \ + hash##_digest(&hash, digest); \ ASSERT(rsa_##hash##_sign_digest(key, digest, signature)); \ ASSERT(mpz_cmp (signature, expected) == 0); \ \ @@ -1994,7 +1985,7 @@ test_rsa_key(struct rsa_public_key *pub, /* Requires that the context is named like the hash algorithm. */ #define DSA_VERIFY(params, key, hash, buf, msg, signature) \ (hash##_update(&hash, LDATA(msg)), \ - hash##_digest(&hash, sizeof(buf), buf), \ + hash##_digest(&hash, buf), \ dsa_verify(params, key, sizeof(buf), buf, signature)) void @@ -2012,7 +2003,7 @@ test_dsa160(const struct dsa_params *params, knuth_lfib_init(&lfib, 1111); sha1_update(&sha1, LDATA("The magic words are squeamish ossifrage")); - sha1_digest(&sha1, sizeof(digest), digest); + sha1_digest(&sha1, digest); ASSERT (dsa_sign(params, key, &lfib, (nettle_random_func *) knuth_lfib_random, sizeof(digest), digest, &signature)); @@ -2064,7 +2055,7 @@ test_dsa256(const struct dsa_params *params, knuth_lfib_init(&lfib, 1111); sha256_update(&sha256, LDATA("The magic words are squeamish ossifrage")); - sha256_digest(&sha256, sizeof(digest), digest); + sha256_digest(&sha256, digest); ASSERT (dsa_sign(params, key, &lfib, (nettle_random_func *) knuth_lfib_random, sizeof(digest), digest, &signature)); @@ -2176,7 +2167,7 @@ test_dsa_verify(const struct dsa_params *params, hash->init(ctx); hash->update (ctx, msg->length, msg->data); - hash->digest (ctx, hash->digest_size, digest); + hash->digest (ctx, digest); mpz_set (signature.r, ref->r); mpz_set (signature.s, ref->s); diff --git a/testsuite/testutils.h b/testsuite/testutils.h index 6a8827cb..84b4998c 100644 --- a/testsuite/testutils.h +++ b/testsuite/testutils.h @@ -114,8 +114,9 @@ struct nettle_xof { unsigned block_size; nettle_hash_init_func *init; nettle_hash_update_func *update; - nettle_hash_digest_func *digest; - nettle_hash_digest_func *output; + /* FIXME: Rename to, e.g., nettle_output_func. */ + nettle_random_func *digest; + nettle_random_func *output; }; void diff --git a/testsuite/umac-test.c b/testsuite/umac-test.c index 0fb97cbc..01d04a1f 100644 --- a/testsuite/umac-test.c +++ b/testsuite/umac-test.c @@ -22,7 +22,7 @@ check_digest (const char *name, void *ctx, nettle_hash_digest_func *f, size_t tag_length, const uint8_t *ref) { uint8_t tag[16]; - f(ctx, tag_length, tag); + f(ctx, tag); if (memcmp (tag, ref, tag_length) != 0) { printf ("%s failed\n", name); diff --git a/testsuite/yarrow-test.c b/testsuite/yarrow-test.c index facc4fd4..2310dbb9 100644 --- a/testsuite/yarrow-test.c +++ b/testsuite/yarrow-test.c @@ -174,7 +174,7 @@ test_main(void) printf(" sha256:"); } - sha256_digest(&input_hash, sizeof(digest), digest); + sha256_digest(&input_hash, digest); if (verbose) { @@ -200,7 +200,7 @@ test_main(void) printf(" sha256:"); } - sha256_digest(&output_hash, sizeof(digest), digest); + sha256_digest(&output_hash, digest); if (verbose) { diff --git a/tools/nettle-hash.c b/tools/nettle-hash.c index 87330783..559328f4 100644 --- a/tools/nettle-hash.c +++ b/tools/nettle-hash.c @@ -94,8 +94,8 @@ digest_file(const struct nettle_hash *alg, return 0; } - digest = xalloc(digest_length); - alg->digest(ctx, digest_length, digest); + digest = xalloc(alg->digest_size); + alg->digest(ctx, digest); free(ctx); if (raw) diff --git a/tools/output.c b/tools/output.c index 80a44a97..41af74a4 100644 --- a/tools/output.c +++ b/tools/output.c @@ -303,7 +303,7 @@ sexp_put_digest(struct sexp_output *output) assert(output->hash); - output->hash->digest(output->ctx, output->hash->digest_size, digest); + output->hash->digest(output->ctx, digest); sexp_put_code_start(output, &nettle_base16); sexp_put_data(output, output->hash->digest_size, digest); diff --git a/umac.h b/umac.h index 0db87221..c026c935 100644 --- a/umac.h +++ b/umac.h @@ -169,16 +169,16 @@ umac128_update (struct umac128_ctx *ctx, /* The _digest functions increment the nonce */ void umac32_digest (struct umac32_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); void umac64_digest (struct umac64_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); void umac96_digest (struct umac96_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); void umac128_digest (struct umac128_ctx *ctx, - size_t length, uint8_t *digest); + uint8_t *digest); /* Internal functions */ diff --git a/umac128.c b/umac128.c index c555eb4f..86dddb22 100644 --- a/umac128.c +++ b/umac128.c @@ -88,14 +88,11 @@ umac128_update (struct umac128_ctx *ctx, void umac128_digest (struct umac128_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { uint32_t tag[4]; unsigned i; - assert (length > 0); - assert (length <= 16); - if (ctx->index > 0 || ctx->count == 0) { /* Zero pad to multiple of 32 */ @@ -122,7 +119,7 @@ umac128_digest (struct umac128_ctx *ctx, tag[i] ^= ctx->l3_key2[i] ^ _nettle_umac_l3 (ctx->l3_key1 + 8*i, ctx->l2_state + 2*i); - memcpy (digest, tag, length); + memcpy (digest, tag, UMAC128_DIGEST_SIZE); /* Reinitialize */ ctx->count = ctx->index = 0; diff --git a/umac32.c b/umac32.c index 47e5585e..18b32262 100644 --- a/umac32.c +++ b/umac32.c @@ -87,14 +87,10 @@ umac32_update (struct umac32_ctx *ctx, void -umac32_digest (struct umac32_ctx *ctx, - size_t length, uint8_t *digest) +umac32_digest (struct umac32_ctx *ctx, uint8_t *digest) { uint32_t pad; - assert (length > 0); - assert (length <= 4); - if (ctx->index > 0 || ctx->count == 0) { /* Zero pad to multiple of 32 */ @@ -131,7 +127,7 @@ umac32_digest (struct umac32_ctx *ctx, _nettle_umac_l2_final (ctx->l2_key, ctx->l2_state, 1, ctx->count); pad ^= ctx->l3_key2[0] ^ _nettle_umac_l3 (ctx->l3_key1, ctx->l2_state); - memcpy (digest, &pad, length); + memcpy (digest, &pad, UMAC32_DIGEST_SIZE); /* Reinitialize */ ctx->count = ctx->index = 0; diff --git a/umac64.c b/umac64.c index 718dd61a..1b830717 100644 --- a/umac64.c +++ b/umac64.c @@ -89,14 +89,11 @@ umac64_update (struct umac64_ctx *ctx, void umac64_digest (struct umac64_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { uint32_t tag[2]; uint32_t *pad; - assert (length > 0); - assert (length <= 8); - if (ctx->index > 0 || ctx->count == 0) { /* Zero pad to multiple of 32 */ @@ -136,7 +133,7 @@ umac64_digest (struct umac64_ctx *ctx, ctx->l2_state); tag[1] = pad[1] ^ ctx->l3_key2[1] ^ _nettle_umac_l3 (ctx->l3_key1 + 8, ctx->l2_state + 2); - memcpy (digest, tag, length); + memcpy (digest, tag, UMAC64_DIGEST_SIZE); /* Reinitialize */ ctx->count = ctx->index = 0; diff --git a/umac96.c b/umac96.c index eaa733b4..9577a6ee 100644 --- a/umac96.c +++ b/umac96.c @@ -87,14 +87,11 @@ umac96_update (struct umac96_ctx *ctx, void umac96_digest (struct umac96_ctx *ctx, - size_t length, uint8_t *digest) + uint8_t *digest) { uint32_t tag[4]; unsigned i; - assert (length > 0); - assert (length <= 12); - if (ctx->index > 0 || ctx->count == 0) { /* Zero pad to multiple of 32 */ @@ -120,7 +117,7 @@ umac96_digest (struct umac96_ctx *ctx, tag[i] ^= ctx->l3_key2[i] ^ _nettle_umac_l3 (ctx->l3_key1 + 8*i, ctx->l2_state + 2*i); - memcpy (digest, tag, length); + memcpy (digest, tag, UMAC96_DIGEST_SIZE); /* Reinitialize */ ctx->count = ctx->index = 0; diff --git a/yarrow256.c b/yarrow256.c index 5d872ac9..6c721a41 100644 --- a/yarrow256.c +++ b/yarrow256.c @@ -165,7 +165,7 @@ yarrow_iterate(uint8_t *digest) sha256_update(&hash, sizeof(v0), v0); sha256_update(&hash, sizeof(count), count); - sha256_digest(&hash, SHA256_DIGEST_SIZE, digest); + sha256_digest(&hash, digest); } } @@ -193,7 +193,7 @@ yarrow256_fast_reseed(struct yarrow256_ctx *ctx) sha256_update(&ctx->pools[YARROW_FAST], sizeof(blocks), blocks); } - sha256_digest(&ctx->pools[YARROW_FAST], sizeof(digest), digest); + sha256_digest(&ctx->pools[YARROW_FAST], digest); /* Iterate */ yarrow_iterate(digest); @@ -221,7 +221,7 @@ yarrow256_slow_reseed(struct yarrow256_ctx *ctx) #endif /* Get digest of the slow pool*/ - sha256_digest(&ctx->pools[YARROW_SLOW], sizeof(digest), digest); + sha256_digest(&ctx->pools[YARROW_SLOW], digest); /* Feed it into the fast pool */ sha256_update(&ctx->pools[YARROW_FAST], sizeof(digest), digest);