From: liuhan Date: Mon, 15 Aug 2016 13:04:57 +0000 (+0800) Subject: 1. multi thread verify bignum AES and SHA X-Git-Tag: v0.9~41^2~27 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0f83831c743801960242525bc19ed15383e091e7;p=esp-idf 1. multi thread verify bignum AES and SHA --- diff --git a/components/esp32/aes.c b/components/esp32/aes.c index 10a5025a56..0b0a7ce3cc 100644 --- a/components/esp32/aes.c +++ b/components/esp32/aes.c @@ -24,16 +24,14 @@ * http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf * http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf */ - -#include "aes.h" - #include -#include "esp_thread.h" +#include "aes.h" +#include "esp_crypto.h" /* Implementation that should never be optimized out by the compiler */ -static void esp_aes_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; -} +//static void bzero( void *v, size_t n ) { +// volatile unsigned char *p = v; while( n-- ) *p++ = 0; +//} void esp_aes_init( AES_CTX *ctx ) { @@ -50,7 +48,7 @@ void esp_aes_free( AES_CTX *ctx ) if( ctx == NULL ) return; - esp_aes_zeroize( ctx, sizeof( AES_CTX ) ); + bzero( ctx, sizeof( AES_CTX ) ); AES_LOCK(); AES_GIVE(); @@ -84,8 +82,9 @@ int esp_aes_setkey_enc( AES_CTX *ctx, const unsigned char *key, ctx->enc.keybites = keybits; memset(ctx->enc.key, 0, sizeof(ctx->enc.key)); memcpy(ctx->enc.key, key, keybyte); + } else { + ets_aes_setkey_enc(key, keybit); } - ets_aes_setkey_enc(key, keybit); return 0; } @@ -114,8 +113,9 @@ int esp_aes_setkey_dec( AES_CTX *ctx, const unsigned char *key, ctx->dec.keybites = keybits; memset(ctx->dec.key, 0, sizeof(ctx->dec.key)); memcpy(ctx->dec.key, key, keybyte); + } else { + ets_aes_setkey_dec(key, keybit); } - ets_aes_setkey_dec(key, keybit); return 0; } @@ -169,10 +169,19 @@ int esp_aes_crypt_ecb( AES_CTX *ctx, const unsigned char input[16], unsigned char output[16] ) { + AES_LOCK(); + + esp_aes_process_enable(ctx, mode); + if( mode == AES_ENCRYPT ) esp_aes_encrypt( ctx, input, output ); else esp_aes_decrypt( ctx, input, output ); + + esp_aes_process_disable(ctx, mode); + + AES_UNLOCK(); + return 0; } @@ -193,9 +202,6 @@ int esp_aes_crypt_cbc( AES_CTX *ctx, if( length % 16 ) return( ERR_AES_INVALID_INPUT_LENGTH ); - AES_LOCK(); - - esp_aes_process_enable(ctx, mode); if( mode == AES_DECRYPT ) { while( length > 0 ) @@ -228,9 +234,6 @@ int esp_aes_crypt_cbc( AES_CTX *ctx, length -= 16; } } - esp_aes_process_disable(ctx, mode); - - AES_UNLOCK(); return 0; } @@ -249,9 +252,6 @@ int esp_aes_crypt_cfb128( AES_CTX *ctx, int c; size_t n = *iv_off; - AES_LOCK(); - - esp_aes_process_enable(ctx, mode); if( mode == AES_DECRYPT ) { while( length-- ) @@ -280,9 +280,6 @@ int esp_aes_crypt_cfb128( AES_CTX *ctx, } *iv_off = n; - esp_aes_process_disable(ctx, mode); - - AES_UNLOCK(); return 0; } @@ -300,9 +297,6 @@ int esp_aes_crypt_cfb8( AES_CTX *ctx, unsigned char c; unsigned char ov[17]; - AES_LOCK(); - - esp_aes_process_enable(ctx, mode); while( length-- ) { memcpy( ov, iv, 16 ); @@ -318,9 +312,6 @@ int esp_aes_crypt_cfb8( AES_CTX *ctx, memcpy( iv, ov + 1, 16 ); } - esp_aes_process_disable(ctx, mode); - - AES_UNLOCK(); return 0; } @@ -339,10 +330,6 @@ int esp_aes_crypt_ctr( AES_CTX *ctx, int c, i; size_t n = *nc_off; - AES_LOCK(); - - esp_aes_process_enable(ctx, AES_ENCRYPT); - while( length-- ) { if( n == 0 ) { @@ -359,9 +346,6 @@ int esp_aes_crypt_ctr( AES_CTX *ctx, } *nc_off = n; - esp_aes_process_disable(ctx, AES_ENCRYPT); - - AES_UNLOCK(); return 0; } diff --git a/components/esp32/bignum.c b/components/esp32/bignum.c index 02d5a9c3d2..049116206d 100644 --- a/components/esp32/bignum.c +++ b/components/esp32/bignum.c @@ -33,17 +33,16 @@ * https://gmplib.org/manual/index.html * */ -#include "bignum.h" -#if defined(ESP_BIGNUM_ALT) #include #include -#include "esp_thread.h" +#include "bignum.h" +#include "esp_crypto.h" /* Implementation that should never be optimized out by the compiler */ -static void esp_mpi_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; -} +//static void bzero( void *v, size_t n ) { +// volatile unsigned char *p = v; while( n-- ) *p++ = 0; +//} #define ciL (sizeof(esp_mpi_uint)) /* chars in limb */ #define biL (ciL << 3) /* bits in limb */ @@ -85,7 +84,7 @@ void esp_mpi_free( mpi *X ) if( X->p != NULL ) { - esp_mpi_zeroize( X->p, X->n * ciL ); + bzero( X->p, X->n * ciL ); free( X->p ); } @@ -117,7 +116,7 @@ int esp_mpi_grow( mpi *X, size_t nblimbs ) if( X->p != NULL ) { memcpy( p, X->p, X->n * ciL ); - esp_mpi_zeroize( X->p, X->n * ciL ); + bzero( X->p, X->n * ciL ); free( X->p ); } @@ -155,7 +154,7 @@ int esp_mpi_shrink( mpi *X, size_t nblimbs ) if( X->p != NULL ) { memcpy( p, X->p, i * ciL ); - esp_mpi_zeroize( X->p, X->n * ciL ); + bzero( X->p, X->n * ciL ); free( X->p ); } @@ -1015,11 +1014,76 @@ static void esp_mpi_mul_hlp( size_t i, esp_mpi_uint *s, esp_mpi_uint *d, esp_mpi /* * Baseline multiplication: X = A * B (HAC 14.12) */ + +static int mul_pram_alloc( mpi *X, const mpi *A, const mpi *B, char **pA, char **pB, char **pX, size_t *bites) +{ + char *sa, *sb, *sx; + int algn; + int words, bytes; + int abytes, bbytes, cbytes; + + if (A->n > B->n) + words = A->n; + else + words = B->n; + + bytes = (words / 16 + ((words % 16) ? 1 : 0 )) * 16 * 4 * 2; + + abytes = A->n * 4; + bbytes = B->n * 4; + + sa = malloc(bytes); + if (!sa) { + return -1; + } + + sb = malloc(bytes); + if (!sb) { + free(sa); + return -1; + } + + sx = malloc(bytes); + if (!sx) { + free(sa); + free(sb); + return -1; + } + + memcpy(sa, A->p, abytes); + memset(sa + abytes, 0, bytes - abytes); + + memcpy(sb, B->p, bbytes); + memset(sb + bbytes, 0, bytes - bbytes); + + *pA = sa; + *pB = sb; + + *pX = sx; + + *bites = bytes * 4; + + return 0; +} + +void mul_pram_free(char **pA, char **pB, char **pX) +{ + free(*pA); + *pA = NULL; + + free(*pB); + *pB = NULL; + + free(*pX); + *pX = NULL; +} + int esp_mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ) { - int ret; + int ret = -1; size_t i, j; - size_t n = 0; + char *s1 = NULL, *s2 = NULL, *dest = NULL; + size_t bites; mpi TA, TB; @@ -1039,14 +1103,19 @@ int esp_mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ) MPI_CHK( esp_mpi_grow( X, i + j ) ); MPI_CHK( esp_mpi_lset( X, 0 ) ); - n = j; -// for( i++; j > 0; j-- ) - esp_mpi_mul_hlp( i - 1, A->p, X->p + j - 1, B->p[j - 1] ); + if (mul_pram_alloc(X, A, B, &s1, &s2, &dest, &bites)) { + goto cleanup; + } - BIGNUM_LOCK(); - if (ets_bigint_mult_prepare(A->p, B->p, n)){ - ets_bigint_wait_finish(); - ets_bigint_mult_getz(X->p, n); + BIGNUM_LOCK(); + if (ets_bigint_mult_prepare((uint32_t *)s1, (uint32_t *)s2, bites)){ + ets_bigint_wait_finish(); + if (ets_bigint_mult_getz((uint32_t *)dest, bites) == true) { + memcpy(X->p, dest, (i + j) * 4); + ret = 0; + } else { + esp_mpi_printf("ets_bigint_mult_getz failed\n"); + } } else{ esp_mpi_printf("Baseline multiplication failed\n"); } @@ -1054,6 +1123,8 @@ int esp_mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ) X->s = A->s * B->s; + mul_pram_free(&s1, &s2, &dest); + cleanup: esp_mpi_free( &TB ); esp_mpi_free( &TA ); diff --git a/components/esp32/esp_crypto.c b/components/esp32/esp_crypto.c new file mode 100644 index 0000000000..f0e2cdcb13 --- /dev/null +++ b/components/esp32/esp_crypto.c @@ -0,0 +1,64 @@ +#include "esp_crypto.h" +#include "freertos/FreeRTOS.h" +#include "freertos/semphr.h" + +static SemaphoreHandle_t esp_crypto_mutex[MUTEX_MAX_NUM]; +static int esp_crypto_sig[MUTEX_MAX_NUM]; + +#if 0 + #define ESP_DEBUG ets_printf +#else + #define ESP_DEBUG(...) +#endif + +int esp_crypto_init(void) +{ + int i; + + for (i = 0; i < MUTEX_MAX_NUM; i++) { + esp_crypto_mutex[i] = xSemaphoreCreateMutex(); + ESP_DEBUG("init num %d mutex %p\n", i, esp_crypto_mutex[i]); + if (!esp_crypto_mutex[i]) { + goto failed1; + } + esp_crypto_sig[i] = 0; + } + + return 0; + +failed1: + ESP_DEBUG("esp_crypto_init failed\n"); + for (i--; i >= 0; i--) + vQueueDelete(esp_crypto_mutex[i]); + + return -1; +} + +void esp_crypto_lock(unsigned int num) +{ + ESP_DEBUG("1num %d, mutex %p\n", num, esp_crypto_mutex[num]); + xSemaphoreTake(esp_crypto_mutex[num], portMAX_DELAY); +} + +void esp_crypto_unlock(unsigned int num) +{ + ESP_DEBUG("2num %d, mutex %p\n", num, esp_crypto_mutex[num]); + xSemaphoreGive(esp_crypto_mutex[num]); +} + +void esp_crypto_take(unsigned int num) +{ + esp_crypto_sig[num]++; +} + +void esp_crypto_give(unsigned int num) +{ + if (esp_crypto_sig[num]) + esp_crypto_sig[num]--; +} + +bool esp_crypto_is_used(unsigned int num) +{ + return (esp_crypto_sig[num] != 0) ? true : false; +} + diff --git a/components/esp32/esp_thread.c b/components/esp32/esp_thread.c deleted file mode 100644 index e72dc996bb..0000000000 --- a/components/esp32/esp_thread.c +++ /dev/null @@ -1,53 +0,0 @@ -#include "esp_thread.h" -#include "freertos/FreeRTOS.h" -#include "freertos/semphr.h" - -static xSemaphoreHandle esp_thread_mutex[MUTEX_MAX_NUM]; -static int esp_thread_sig[MUTEX_MAX_NUM]; - -int esp_thread_init(void) -{ - int i; - - for (i = 0; i < MUTEX_MAX_NUM; i++) { - esp_thread_mutex[i] = xSemaphoreCreateMutex(); - if (!esp_thread_mutex[i]) { - goto failed1; - } - esp_thread_sig[i] = 0; - } - - return 0; - -failed1: - for (i--; i >= 0; i--) - vQueueDelete(esp_thread_mutex[i]); - - return -1; -} - -void esp_thread_lock(unsigned int num) -{ - xSemaphoreTake(esp_thread_mutex[num], portMAX_DELAY); -} - -void esp_thread_unlock(unsigned int num) -{ - xSemaphoreGive(esp_thread_mutex[num]); -} - -void esp_thread_take(unsigned int num) -{ - esp_thread_sig[num]++; -} - -void esp_thread_give(unsigned int num) -{ - esp_thread_sig[num]--; -} - -bool esp_thread_is_used(unsigned int num) -{ - return (esp_thread_sig[num] != 0) ? true : false; -} - diff --git a/components/esp32/include/bignum.h b/components/esp32/include/bignum.h index 4cb1ca88f1..fc1a5932c5 100644 --- a/components/esp32/include/bignum.h +++ b/components/esp32/include/bignum.h @@ -27,9 +27,9 @@ #include "rom/ets_sys.h" #include "rom/bigint.h" -#define ESP_BIGNUM_ALT + #define MPI_DEBUG_ALT -#if defined(ESP_BIGNUM_ALT) + #define ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */ #define ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to function. */ @@ -700,7 +700,7 @@ int esp_mpi_is_prime( const mpi *X, int esp_mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); -#endif + #endif diff --git a/components/esp32/include/esp_thread.h b/components/esp32/include/esp_crypto.h similarity index 61% rename from components/esp32/include/esp_thread.h rename to components/esp32/include/esp_crypto.h index 7716f00f19..ef6d86ac0d 100644 --- a/components/esp32/include/esp_thread.h +++ b/components/esp32/include/esp_crypto.h @@ -1,5 +1,5 @@ -#ifndef _MULTI_THREAD_H_ -#define _MULTI_THREAD_H_ +#ifndef _MULTI_CRYPTO_H_ +#define _MULTI_CRYPTO_H_ #include "c_types.h" #include "rom/ets_sys.h" @@ -16,21 +16,21 @@ enum { MUTEX_MAX_NUM, }; -int esp_thread_init(void); +int esp_crypto_init(void); -void esp_thread_lock(unsigned int num); -void esp_thread_unlock(unsigned int num); +void esp_crypto_lock(unsigned int num); +void esp_crypto_unlock(unsigned int num); -void esp_thread_take(unsigned int num); -void esp_thread_give(unsigned int num); -bool esp_thread_is_used(unsigned int num); +void esp_crypto_take(unsigned int num); +void esp_crypto_give(unsigned int num); +bool esp_crypto_is_used(unsigned int num); -#define MUTEX_LOCK(num) esp_thread_lock(num) -#define MUTEX_UNLOCK(num) esp_thread_unlock(num) +#define MUTEX_LOCK(num) esp_crypto_lock(num) +#define MUTEX_UNLOCK(num) esp_crypto_unlock(num) -#define SIG_TAKE(num) esp_thread_take(num) -#define SIG_GIVE(num) esp_thread_give(num) -#define SIG_IS_USED(num) esp_thread_is_used(num) +#define SIG_TAKE(num) esp_crypto_take(num) +#define SIG_GIVE(num) esp_crypto_give(num) +#define SIG_IS_USED(num) esp_crypto_is_used(num) #define AES_LOCK() MUTEX_LOCK(AES_MUTEX) #define AES_UNLOCK() MUTEX_UNLOCK(AES_MUTEX) @@ -53,4 +53,4 @@ bool esp_thread_is_used(unsigned int num); } #endif -#endif /* esp_thread.h */ +#endif /* esp_crypto.h */ diff --git a/components/esp32/sha.c b/components/esp32/sha.c index 9c28ca9c44..2e98de3693 100644 --- a/components/esp32/sha.c +++ b/components/esp32/sha.c @@ -23,15 +23,14 @@ * http://www.itl.nist.gov/fipspubs/fip180-1.htm */ -#include "sha.h" - #include -#include "esp_thread.h" +#include "sha.h" +#include "esp_crypto.h" /* Implementation that should never be optimized out by the compiler */ -static void esp_sha_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; -} +//static void bzero( void *v, size_t n ) { +// volatile unsigned char *p = v; while( n-- ) *p++ = 0; +//} void esp_sha1_init( SHA1_CTX *ctx ) { @@ -48,7 +47,7 @@ void esp_sha1_free( SHA1_CTX *ctx ) if( ctx == NULL ) return; - esp_sha_zeroize( ctx, sizeof( SHA1_CTX ) ); + bzero( ctx, sizeof( SHA1_CTX ) ); SHA_LOCK(); SHA_GIVE(); @@ -74,7 +73,6 @@ void esp_sha1_starts( SHA1_CTX *ctx ) { SHA_LOCK(); ets_sha_init(&ctx->context); - SHA_UNLOCK(); ctx->context_type = SHA1; } @@ -84,7 +82,6 @@ void esp_sha1_starts( SHA1_CTX *ctx ) */ void esp_sha1_update( SHA1_CTX *ctx, const unsigned char *input, size_t ilen ) { - SHA_LOCK(); ets_sha_update(&ctx->context, ctx->context_type, input, ilen * 8); } @@ -133,7 +130,7 @@ void esp_sha256_free( SHA256_CTX *ctx ) if( ctx == NULL ) return; - esp_sha_zeroize( ctx, sizeof( SHA256_CTX ) ); + bzero( ctx, sizeof( SHA256_CTX ) ); SHA_LOCK(); SHA_GIVE(); @@ -154,7 +151,6 @@ void esp_sha256_starts( SHA256_CTX *ctx, int is224 ) { SHA_LOCK(); ets_sha_init(&ctx->context); - SHA_UNLOCK(); if( is224 == 0 ) { @@ -171,7 +167,6 @@ void esp_sha256_starts( SHA256_CTX *ctx, int is224 ) */ void esp_sha256_update( SHA256_CTX *ctx, const unsigned char *input, size_t ilen ) { - SHA_LOCK(); ets_sha_update(&ctx->context, ctx->context_type, input, ilen * 8); } @@ -215,7 +210,7 @@ void esp_sha512_free( SHA512_CTX *ctx ) if( ctx == NULL ) return; - esp_sha_zeroize( ctx, sizeof( SHA512_CTX ) ); + bzero( ctx, sizeof( SHA512_CTX ) ); SHA_LOCK(); SHA_GIVE(); @@ -236,7 +231,7 @@ void esp_sha512_starts( SHA512_CTX *ctx, int is384 ) { SHA_LOCK(); ets_sha_init(&ctx->context); - SHA_UNLOCK(); + if( is384 == 0 ) { /* SHA-512 */ @@ -254,7 +249,6 @@ void esp_sha512_starts( SHA512_CTX *ctx, int is384 ) */ void esp_sha512_update( SHA512_CTX *ctx, const unsigned char *input,size_t ilen ) { - SHA_LOCK(); ets_sha_update(&ctx->context, ctx->context_type, input, ilen * 8); } diff --git a/components/mbedtls/library/aes.c b/components/mbedtls/library/aes.c index a186dee981..6903585194 100644 --- a/components/mbedtls/library/aes.c +++ b/components/mbedtls/library/aes.c @@ -1237,9 +1237,8 @@ int mbedtls_aes_self_test( int verbose ) unsigned char stream_block[16]; #endif mbedtls_aes_context ctx; - - memset( key, 0, 32 ); - mbedtls_aes_init( &ctx ); + + memset( key, 0, 32 ); /* * ECB mode @@ -1255,6 +1254,8 @@ int mbedtls_aes_self_test( int verbose ) memset( buf, 0, 16 ); + mbedtls_aes_init( &ctx ); + if( v == MBEDTLS_AES_DECRYPT ) { mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 ); @@ -1267,6 +1268,7 @@ int mbedtls_aes_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "failed\n" ); + mbedtls_aes_free( &ctx ); ret = 1; goto exit; } @@ -1283,6 +1285,8 @@ int mbedtls_aes_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "failed\n" ); + mbedtls_aes_free( &ctx ); + ret = 1; goto exit; } @@ -1290,6 +1294,8 @@ int mbedtls_aes_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "passed\n" ); + + mbedtls_aes_free( &ctx ); } if( verbose != 0 ) @@ -1312,6 +1318,8 @@ int mbedtls_aes_self_test( int verbose ) memset( prv, 0, 16 ); memset( buf, 0, 16 ); + mbedtls_aes_init( &ctx ); + if( v == MBEDTLS_AES_DECRYPT ) { mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 ); @@ -1324,6 +1332,8 @@ int mbedtls_aes_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "failed\n" ); + mbedtls_aes_free( &ctx ); + ret = 1; goto exit; } @@ -1348,6 +1358,8 @@ int mbedtls_aes_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "failed\n" ); + mbedtls_aes_free( &ctx ); + ret = 1; goto exit; } @@ -1355,6 +1367,8 @@ int mbedtls_aes_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "passed\n" ); + + mbedtls_aes_free( &ctx ); } if( verbose != 0 ) @@ -1377,6 +1391,8 @@ int mbedtls_aes_self_test( int verbose ) memcpy( iv, aes_test_cfb128_iv, 16 ); memcpy( key, aes_test_cfb128_key[u], 16 + u * 8 ); + mbedtls_aes_init( &ctx ); + offset = 0; mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 ); @@ -1433,6 +1449,8 @@ int mbedtls_aes_self_test( int verbose ) memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 ); memcpy( key, aes_test_ctr_key[u], 16 ); + mbedtls_aes_init( &ctx ); + offset = 0; mbedtls_aes_setkey_enc( &ctx, key, 128 ); diff --git a/components/mbedtls/library/sha1.c b/components/mbedtls/library/sha1.c index 2ccf2a2f52..46ed34f943 100644 --- a/components/mbedtls/library/sha1.c +++ b/components/mbedtls/library/sha1.c @@ -396,13 +396,13 @@ int mbedtls_sha1_self_test( int verbose ) unsigned char sha1sum[20]; mbedtls_sha1_context ctx; - mbedtls_sha1_init( &ctx ); - /* * SHA-1 */ for( i = 0; i < 3; i++ ) { + mbedtls_sha1_init( &ctx ); + if( verbose != 0 ) mbedtls_printf( " SHA-1 test #%d: ", i + 1 ); @@ -426,19 +426,22 @@ int mbedtls_sha1_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "failed\n" ); + mbedtls_sha1_free( &ctx ); + ret = 1; goto exit; } if( verbose != 0 ) mbedtls_printf( "passed\n" ); + + mbedtls_sha1_free( &ctx ); } if( verbose != 0 ) mbedtls_printf( "\n" ); exit: - mbedtls_sha1_free( &ctx ); return( ret ); } diff --git a/components/mbedtls/library/sha256.c b/components/mbedtls/library/sha256.c index 4e82c0b793..cc6bd335df 100644 --- a/components/mbedtls/library/sha256.c +++ b/components/mbedtls/library/sha256.c @@ -393,13 +393,13 @@ int mbedtls_sha256_self_test( int verbose ) unsigned char sha256sum[32]; mbedtls_sha256_context ctx; - mbedtls_sha256_init( &ctx ); - for( i = 0; i < 6; i++ ) { j = i % 3; k = i < 3; + mbedtls_sha256_init( &ctx ); + if( verbose != 0 ) mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 ); @@ -423,19 +423,22 @@ int mbedtls_sha256_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "failed\n" ); + mbedtls_sha256_free( &ctx ); + ret = 1; goto exit; } if( verbose != 0 ) mbedtls_printf( "passed\n" ); + + mbedtls_sha256_free( &ctx ); } if( verbose != 0 ) mbedtls_printf( "\n" ); exit: - mbedtls_sha256_free( &ctx ); return( ret ); } diff --git a/components/mbedtls/library/sha512.c b/components/mbedtls/library/sha512.c index 0f9e1e5352..245ede0eb2 100644 --- a/components/mbedtls/library/sha512.c +++ b/components/mbedtls/library/sha512.c @@ -449,13 +449,13 @@ int mbedtls_sha512_self_test( int verbose ) unsigned char sha512sum[64]; mbedtls_sha512_context ctx; - mbedtls_sha512_init( &ctx ); - for( i = 0; i < 6; i++ ) { j = i % 3; k = i < 3; + mbedtls_sha512_init( &ctx ); + if( verbose != 0 ) mbedtls_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 ); @@ -479,19 +479,23 @@ int mbedtls_sha512_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "failed\n" ); + mbedtls_sha512_free( &ctx ); + ret = 1; goto exit; } if( verbose != 0 ) mbedtls_printf( "passed\n" ); + + mbedtls_sha512_free( &ctx ); } if( verbose != 0 ) mbedtls_printf( "\n" ); exit: - mbedtls_sha512_free( &ctx ); + return( ret ); }