Merge branch 'master' into ti

Makefile.am

@@ -96,7 +96,7 @@ TESTS_ENVIRONMENT=./valgrind-error.sh
 endif
 
 TEST_EXTENSIONS=.test
-TESTS += $(check_PROGRAMS)
+TESTS += $(check_PROGRAMS) ./client-test.sh
 test: check
 tests/unit.log: testsuite/testsuite.log
 

ctaocrypt/src/md2.c

@@ -29,6 +29,8 @@
 #ifdef CYASSL_MD2
 
 #include <cyassl/ctaocrypt/md2.h>
+#include <cyassl/ctaocrypt/error-crypt.h>
+
 #ifdef NO_INLINE
     #include <cyassl/ctaocrypt/misc.h>
 #else
@@ -128,4 +130,21 @@ void Md2Final(Md2* md2, byte* hash)
 }
 
 
+int Md2Hash(const byte* data, word32 len, byte* hash)
+{
+    DECLARE_VAR(Md2, md2);
+
+    if (!CREATE_VAR(Md2, md2))
+        return MEMORY_E;
+
+    InitMd2(md2);
+    Md2Update(md2, data, len);
+    Md2Final(md2, hash);
+
+    DESTROY_VAR(md2);
+
+    return 0;
+}
+
+
 #endif /* CYASSL_MD2 */

ctaocrypt/src/md5.c

@@ -35,6 +35,7 @@
 #endif
 
 #include <cyassl/ctaocrypt/md5.h>
+#include <cyassl/ctaocrypt/error-crypt.h>
 
 #ifdef NO_INLINE
     #include <cyassl/ctaocrypt/misc.h>
@@ -361,4 +362,21 @@ void Md5Final(Md5* md5, byte* hash)
 
 #endif /* STM32F2_HASH */
 
+
+int Md5Hash(const byte* data, word32 len, byte* hash)
+{
+    DECLARE_VAR(Md5, md5);
+
+    if (!CREATE_VAR(Md5, md5))
+        return MEMORY_E;
+
+    InitMd5(md5);
+    Md5Update(md5, data, len);
+    Md5Final(md5, hash);
+
+    DESTROY_VAR(md5);
+
+    return 0;
+}
+
 #endif /* NO_MD5 */

ctaocrypt/src/sha.c

@@ -40,6 +40,9 @@
 #endif
 
 #include <cyassl/ctaocrypt/sha.h>
+#include <cyassl/ctaocrypt/logging.h>
+#include <cyassl/ctaocrypt/error-crypt.h>
+
 #ifdef NO_INLINE
     #include <cyassl/ctaocrypt/misc.h>
 #else
@@ -392,4 +395,26 @@ int ShaFinal(Sha* sha, byte* hash)
 
 #endif /* STM32F2_HASH */
 
+
+int ShaHash(const byte* data, word32 len, byte* hash)
+{
+    int ret = 0;
+    DECLARE_VAR(Sha, sha);
+
+    if (!CREATE_VAR(Sha, sha))
+        return MEMORY_E;
+
+    if ((ret = InitSha(sha)) != 0) {
+        CYASSL_MSG("InitSha failed");
+    }
+    else {
+        ShaUpdate(sha, data, len);
+        ShaFinal(sha, hash);
+    }
+
+    DESTROY_VAR(sha);
+
+    return ret;
+}
+
 #endif /* NO_SHA */

ctaocrypt/src/sha256.c

@@ -42,7 +42,9 @@
 #endif
 
 #include <cyassl/ctaocrypt/sha256.h>
+#include <cyassl/ctaocrypt/logging.h>
 #include <cyassl/ctaocrypt/error-crypt.h>
+
 #ifdef NO_INLINE
     #include <cyassl/ctaocrypt/misc.h>
 #else
@@ -283,5 +285,29 @@ int Sha256Final(Sha256* sha256, byte* hash)
 }
 
 
+int Sha256Hash(const byte* data, word32 len, byte* hash)
+{
+    int ret = 0;
+    DECLARE_VAR(Sha256, sha256);
+
+    if (!CREATE_VAR(Sha256, sha256))
+        return MEMORY_E;
+
+    if ((ret = InitSha256(sha256)) != 0) {
+        CYASSL_MSG("InitSha256 failed");
+    }
+    else if ((ret = Sha256Update(sha256, data, len)) != 0) {
+        CYASSL_MSG("Sha256Update failed");
+    }
+    else if ((ret = Sha256Final(sha256, hash)) != 0) {
+        CYASSL_MSG("Sha256Final failed");
+    }
+
+    DESTROY_VAR(sha256);
+
+    return ret;
+}
+
+
 #endif /* NO_SHA256 */
 

ctaocrypt/src/sha512.c

@@ -33,7 +33,9 @@
 #endif
 
 #include <cyassl/ctaocrypt/sha512.h>
+#include <cyassl/ctaocrypt/logging.h>
 #include <cyassl/ctaocrypt/error-crypt.h>
+
 #ifdef NO_INLINE
     #include <cyassl/ctaocrypt/misc.h>
 #else
@@ -296,6 +298,29 @@ int Sha512Final(Sha512* sha512, byte* hash)
 }
 
 
+int Sha512Hash(const byte* data, word32 len, byte* hash)
+{
+    int ret = 0;
+    DECLARE_VAR(Sha512, sha512);
+    
+    if (!CREATE_VAR(Sha512, sha512))
+        return MEMORY_E;
+    
+    if ((ret = InitSha512(sha512)) != 0) {
+        CYASSL_MSG("InitSha512 failed");
+    }
+    else if ((ret = Sha512Update(sha512, data, len)) != 0) {
+        CYASSL_MSG("Sha512Update failed");
+    }
+    else if ((ret = Sha512Final(sha512, hash)) != 0) {
+        CYASSL_MSG("Sha512Final failed");
+    }
+    
+    DESTROY_VAR(sha512);
+    
+    return ret;
+}
+
 
 #ifdef CYASSL_SHA384
 
@@ -470,6 +495,30 @@ int Sha384Final(Sha384* sha384, byte* hash)
     return InitSha384(sha384);  /* reset state */
 }
 
+
+int Sha384Hash(const byte* data, word32 len, byte* hash)
+{
+    int ret = 0;
+    DECLARE_VAR(Sha384, sha384);
+
+    if (!CREATE_VAR(Sha384, sha384))
+        return MEMORY_E;
+
+    if ((ret = InitSha384(sha384)) != 0) {
+        CYASSL_MSG("InitSha384 failed");
+    }
+    else if ((ret = Sha384Update(sha384, data, len)) != 0) {
+        CYASSL_MSG("Sha384Update failed");
+    }
+    else if ((ret = Sha384Final(sha384, hash)) != 0) {
+        CYASSL_MSG("Sha384Final failed");
+    }
+
+    DESTROY_VAR(sha384);
+
+    return ret;
+}
+
 #endif /* CYASSL_SHA384 */
 
 #endif /* CYASSL_SHA512 */

cyassl/ctaocrypt/md2.h

@@ -54,6 +54,7 @@ typedef struct Md2 {
 CYASSL_API void InitMd2(Md2*);
 CYASSL_API void Md2Update(Md2*, const byte*, word32);
 CYASSL_API void Md2Final(Md2*, byte*);
+CYASSL_API int  Md2Hash(const byte*, word32, byte*);
 
 
 #ifdef __cplusplus

cyassl/ctaocrypt/md5.h

@@ -63,6 +63,8 @@ typedef struct Md5 {
 CYASSL_API void InitMd5(Md5*);
 CYASSL_API void Md5Update(Md5*, const byte*, word32);
 CYASSL_API void Md5Final(Md5*, byte*);
+CYASSL_API int  Md5Hash(const byte*, word32, byte*);
+
 
 #ifdef __cplusplus
     } /* extern "C" */

cyassl/ctaocrypt/settings.h

@@ -257,6 +257,25 @@
     #define XREALLOC    yaXREALLOC
 #endif
 
+#ifdef CYASSL_SMALL_STACK
+    #define DECLARE_ARRAY(type, var, size) \
+        type* var = NULL
+
+    #define CREATE_ARRAY(type, var, size) \
+        (var = (type*)XMALLOC(sizeof(type) * size, NULL, \
+                              DYNAMIC_TYPE_TMP_BUFFER))
+
+    #define DESTROY_ARRAY(var) \
+        XFREE(var, NULL, DYNAMIC_TYPE_TMP_BUFFER)
+#else
+    #define DECLARE_ARRAY(type, var, size) type var[size]
+    #define CREATE_ARRAY(type, var, size) 1
+    #define DESTROY_ARRAY(var)
+#endif
+
+#define DECLARE_VAR(type, var) DECLARE_ARRAY(type, var, 1)
+#define CREATE_VAR(type, var)  CREATE_ARRAY(type, var, 1)
+#define DESTROY_VAR(var)       DESTROY_ARRAY(var)
 
 #ifdef FREERTOS
     #ifndef NO_WRITEV

cyassl/ctaocrypt/sha.h

@@ -65,6 +65,7 @@ typedef struct Sha {
 CYASSL_API int InitSha(Sha*);
 CYASSL_API int ShaUpdate(Sha*, const byte*, word32);
 CYASSL_API int ShaFinal(Sha*, byte*);
+CYASSL_API int ShaHash(const byte*, word32, byte*);
 
 
 #ifdef HAVE_FIPS

cyassl/ctaocrypt/sha256.h

@@ -64,6 +64,7 @@ typedef struct Sha256 {
 CYASSL_API int InitSha256(Sha256*);
 CYASSL_API int Sha256Update(Sha256*, const byte*, word32);
 CYASSL_API int Sha256Final(Sha256*, byte*);
+CYASSL_API int Sha256Hash(const byte*, word32, byte*);
 
 
 #ifdef HAVE_FIPS

cyassl/ctaocrypt/sha512.h

@@ -54,6 +54,7 @@ typedef struct Sha512 {
 CYASSL_API int InitSha512(Sha512*);
 CYASSL_API int Sha512Update(Sha512*, const byte*, word32);
 CYASSL_API int Sha512Final(Sha512*, byte*);
+CYASSL_API int Sha512Hash(const byte*, word32, byte*);
 
 
 #if defined(CYASSL_SHA384) || defined(HAVE_AESGCM)
@@ -80,6 +81,7 @@ typedef struct Sha384 {
 CYASSL_API int InitSha384(Sha384*);
 CYASSL_API int Sha384Update(Sha384*, const byte*, word32);
 CYASSL_API int Sha384Final(Sha384*, byte*);
+CYASSL_API int Sha384Hash(const byte*, word32, byte*);
 
 
 #ifdef HAVE_FIPS

src/internal.c

@@ -4167,8 +4167,6 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx,
     if (anyError != 0 && ret == 0)
         ret = anyError;
 
-    if (ret == 0 && ssl->options.side == CYASSL_CLIENT_END)
-        ssl->options.serverState = SERVER_CERT_COMPLETE;
 
     if (ret != 0) {
         if (!ssl->options.verifyNone) {
@@ -4244,6 +4242,15 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx,
     }
 #endif
 
+    if (ssl->options.verifyNone &&
+                              (ret == CRL_MISSING || ret == CRL_CERT_REVOKED)) {
+        CYASSL_MSG("Ignoring CRL problem based on verify setting");
+        ret = ssl->error = 0;
+    }
+
+    if (ret == 0 && ssl->options.side == CYASSL_CLIENT_END)
+        ssl->options.serverState = SERVER_CERT_COMPLETE;
+
     return ret;
 }