[core] sys-crypto-md.h w/ inline message digest fn
sys-crypto-md.h w/ inline message digest functions; shared code
This commit is contained in:
parent
c18f442a63
commit
1fc8a3e1f2
|
@ -449,7 +449,8 @@ hdr = base64.h buffer.h burl.h network.h log.h http_kv.h keyvalue.h \
|
|||
mod_ssi.h mod_ssi_expr.h inet_ntop_cache.h \
|
||||
configparser.h mod_ssi_exprparser.h \
|
||||
rand.h \
|
||||
sys-crypto.h sys-endian.h sys-mmap.h sys-socket.h sys-strings.h \
|
||||
sys-crypto.h sys-crypto-md.h \
|
||||
sys-endian.h sys-mmap.h sys-socket.h sys-strings.h \
|
||||
mod_cml.h mod_cml_funcs.h \
|
||||
safe_memclear.h sock_addr.h splaytree.h status_counter.h \
|
||||
mod_magnet_cache.h
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
#include "first.h"
|
||||
typedef int innocuous_typedef_to_quiet_empty_translation_unit_compiler_warning;
|
||||
|
||||
#include "sys-crypto.h"
|
||||
#ifndef USE_LIB_CRYPTO
|
||||
#include "sys-crypto-md.h"
|
||||
#ifndef USE_LIB_CRYPTO_SHA1
|
||||
|
||||
#include "sys-endian.h"
|
||||
#include "algo_sha1.h"
|
||||
|
|
|
@ -2,75 +2,8 @@
|
|||
#define INCLUDED_ALGO_SHA1_H
|
||||
#include "first.h"
|
||||
|
||||
#include "sys-crypto.h" /* USE_LIB_CRYPTO */
|
||||
#ifdef USE_LIB_CRYPTO
|
||||
#if (!defined(USE_MBEDTLS_CRYPTO) || defined(MBEDTLS_SHA1_C))
|
||||
#define USE_LIB_CRYPTO_SHA1
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef USE_LIB_CRYPTO_SHA1
|
||||
|
||||
#ifdef USE_NETTLE_CRYPTO
|
||||
#include <nettle/sha.h>
|
||||
#ifndef SHA_DIGEST_LENGTH
|
||||
#define SHA_DIGEST_LENGTH 20
|
||||
#endif
|
||||
typedef struct sha1_ctx SHA_CTX;
|
||||
#define SHA1_Init(ctx) \
|
||||
sha1_init(ctx)
|
||||
#define SHA1_Final(digest, ctx) \
|
||||
sha1_digest((ctx),sizeof(digest),(digest))
|
||||
static void
|
||||
SHA1_Update(SHA_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
sha1_update(ctx, length, data);
|
||||
}
|
||||
|
||||
#elif defined(USE_MBEDTLS_CRYPTO) && defined(MBEDTLS_SHA1_C)
|
||||
|
||||
#include <mbedtls/sha1.h>
|
||||
#ifndef SHA_DIGEST_LENGTH
|
||||
#define SHA_DIGEST_LENGTH 20
|
||||
#endif
|
||||
typedef struct mbedtls_sha1_context SHA_CTX;
|
||||
#define SHA1_Init(ctx) \
|
||||
(mbedtls_sha1_init(ctx), mbedtls_sha1_starts_ret(ctx))
|
||||
#define SHA1_Final(digest, ctx) \
|
||||
(mbedtls_sha1_finish_ret((ctx),(digest)), mbedtls_sha1_free(ctx))
|
||||
static void
|
||||
SHA1_Update(SHA_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
mbedtls_sha1_update_ret(ctx, data, length);
|
||||
}
|
||||
|
||||
#elif defined(USE_OPENSSL_CRYPTO)
|
||||
|
||||
#include <openssl/sha.h>
|
||||
|
||||
#elif defined(USE_GNUTLS_CRYPTO)
|
||||
|
||||
#include <gnutls/crypto.h>
|
||||
#ifndef SHA_DIGEST_LENGTH
|
||||
#define SHA_DIGEST_LENGTH 20
|
||||
#endif
|
||||
typedef gnutls_hash_hd_t SHA_CTX;
|
||||
#define SHA1_Init(ctx) \
|
||||
do { \
|
||||
if (gnutls_hash_init((ctx), GNUTLS_DIG_SHA1) < 0) \
|
||||
SEGFAULT(); \
|
||||
} while (0)
|
||||
#define SHA1_Final(digest, ctx) \
|
||||
gnutls_hash_deinit(*(ctx),(digest))
|
||||
static void
|
||||
SHA1_Update(SHA_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
gnutls_hash(*ctx, data, length);
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
#else /* ! USE_LIB_CRYPTO */
|
||||
#include "sys-crypto-md.h"
|
||||
#ifndef USE_LIB_CRYPTO_SHA1
|
||||
|
||||
/*
|
||||
* sha.h
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
#include "first.h"
|
||||
|
||||
#include "sys-crypto-md.h"
|
||||
#ifndef USE_LIB_CRYPTO_MD5
|
||||
|
||||
/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
|
||||
*/
|
||||
|
||||
|
@ -32,11 +35,6 @@ documentation and/or software.
|
|||
#define UINT2 uint16_t
|
||||
#define POINTER unsigned char *
|
||||
|
||||
#if 0 /* Note: not defined here or in lighttpd local "md5.h" */
|
||||
#include "sys-crypto.h" /* USE_LIB_CRYPTO */
|
||||
#endif
|
||||
|
||||
#ifndef USE_LIB_CRYPTO
|
||||
#include <string.h>
|
||||
|
||||
/* Constants for MD5Transform routine.
|
||||
|
@ -340,4 +338,5 @@ static void MD5_memset (POINTER output, int value, unsigned int len)
|
|||
((char *)output)[i] = (char)value;
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
|
12
src/md5.h
12
src/md5.h
|
@ -2,6 +2,9 @@
|
|||
#define LI_MD5_H
|
||||
#include "first.h"
|
||||
|
||||
#include "sys-crypto-md.h"
|
||||
#ifndef USE_LIB_CRYPTO_MD5
|
||||
|
||||
/* MD5.H - header file for MD5C.C
|
||||
*/
|
||||
|
||||
|
@ -42,4 +45,13 @@ void li_MD5_Init (li_MD5_CTX *);
|
|||
void li_MD5_Update (li_MD5_CTX *, const void *, unsigned int);
|
||||
void li_MD5_Final (unsigned char [MD5_DIGEST_LENGTH], li_MD5_CTX *);
|
||||
|
||||
#else /* USE_LIB_CRYPTO_MD5 */
|
||||
|
||||
#define li_MD5_CTX MD5_CTX
|
||||
#define li_MD5_Init MD5_Init
|
||||
#define li_MD5_Update MD5_Update
|
||||
#define li_MD5_Final MD5_Final
|
||||
|
||||
#endif /* USE_LIB_CRYPTO_MD5 */
|
||||
|
||||
#endif
|
||||
|
|
|
@ -1,86 +1,16 @@
|
|||
#include "first.h"
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "sys-crypto-md.h" /* USE_LIB_CRYPTO */
|
||||
|
||||
#include "base.h"
|
||||
#include "plugin.h"
|
||||
#include "http_auth.h"
|
||||
#include "http_header.h"
|
||||
#include "log.h"
|
||||
|
||||
#include "sys-crypto.h" /* USE_LIB_CRYPTO */
|
||||
#ifdef USE_LIB_CRYPTO
|
||||
|
||||
#if defined(USE_NETTLE_CRYPTO)
|
||||
|
||||
#include <nettle/sha.h>
|
||||
typedef struct sha256_ctx SHA256_CTX;
|
||||
#define SHA256_Init(ctx) \
|
||||
sha256_init(ctx)
|
||||
#define SHA256_Final(digest, ctx) \
|
||||
sha256_digest((ctx),sizeof(digest),(digest))
|
||||
static void
|
||||
SHA256_Update(SHA256_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
sha256_update(ctx, length, data);
|
||||
}
|
||||
|
||||
#ifndef SHA512_256_DIGEST_LENGTH
|
||||
#define SHA512_256_DIGEST_LENGTH 32
|
||||
#endif
|
||||
typedef struct sha512_ctx SHA512_CTX;
|
||||
#define SHA512_256_Init(ctx) \
|
||||
sha512_256_init(ctx)
|
||||
#define SHA512_256_Final(digest, ctx) \
|
||||
sha512_256_digest((ctx),sizeof(digest),(digest))
|
||||
static void
|
||||
SHA512_256_Update(SHA512_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
sha512_256_update(ctx, length, data);
|
||||
}
|
||||
|
||||
#elif defined(USE_MBEDTLS_CRYPTO)
|
||||
|
||||
#include <mbedtls/sha256.h>
|
||||
#ifdef MBEDTLS_SHA256_C
|
||||
typedef struct mbedtls_sha256_context SHA256_CTX;
|
||||
#define SHA256_Init(ctx) \
|
||||
(mbedtls_sha256_init(ctx), mbedtls_sha256_starts_ret((ctx),0))
|
||||
#define SHA256_Final(digest, ctx) \
|
||||
(mbedtls_sha256_finish_ret((ctx),(digest)), mbedtls_sha256_free(ctx))
|
||||
static void
|
||||
SHA256_Update(SHA256_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
mbedtls_sha256_update_ret(ctx, data, length);
|
||||
}
|
||||
#endif
|
||||
|
||||
#elif defined(USE_OPENSSL_CRYPTO)
|
||||
|
||||
#include <openssl/sha.h>
|
||||
|
||||
#elif defined(USE_GNUTLS_CRYPTO)
|
||||
|
||||
#include <gnutls/crypto.h>
|
||||
typedef gnutls_hash_hd_t SHA256_CTX;
|
||||
#define SHA256_Init(ctx) \
|
||||
do { \
|
||||
if (gnutls_hash_init((ctx), GNUTLS_DIG_SHA256) < 0) \
|
||||
SEGFAULT(); \
|
||||
} while (0)
|
||||
#define SHA256_Final(digest, ctx) \
|
||||
gnutls_hash_deinit(*(ctx),(digest))
|
||||
static void
|
||||
SHA256_Update(SHA256_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
gnutls_hash(*ctx, data, length);
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
#endif /* USE_LIB_CRYPTO */
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
/**
|
||||
* auth framework
|
||||
*/
|
||||
|
@ -210,7 +140,7 @@ static int mod_auth_algorithm_parse(http_auth_info_t *ai, const char *s) {
|
|||
ai->dlen = HTTP_AUTH_DIGEST_SHA256_BINLEN;
|
||||
return 1;
|
||||
}
|
||||
#ifdef SHA512_256_DIGEST_LENGTH
|
||||
#ifdef USE_LIB_CRYPTO_SHA512_256
|
||||
if (len == 11 && 0 == memcmp(s+4, "512-256", 7)) {
|
||||
ai->dalgo |= HTTP_AUTH_DIGEST_SHA512_256;
|
||||
ai->dlen = HTTP_AUTH_DIGEST_SHA512_256_BINLEN;
|
||||
|
@ -579,8 +509,8 @@ int mod_auth_plugin_init(plugin *p) {
|
|||
* (could be in separate file from mod_auth.c as long as registration occurs)
|
||||
*/
|
||||
|
||||
#include "sys-crypto-md.h"
|
||||
#include "base64.h"
|
||||
#include "md5.h"
|
||||
#include "rand.h"
|
||||
#include "http_header.h"
|
||||
|
||||
|
@ -753,7 +683,7 @@ static void mod_auth_digest_nonce_sha256(buffer *b, time_t cur_ts, int rnd, cons
|
|||
buffer_append_string_len(b, hh, sizeof(hh)-1);
|
||||
}
|
||||
|
||||
#ifdef SHA512_256_DIGEST_LENGTH
|
||||
#ifdef USE_LIB_CRYPTO_SHA512_256
|
||||
|
||||
static void mod_auth_digest_mutate_sha512_256(http_auth_info_t *ai, const char *m, const char *uri, const char *nonce, const char *cnonce, const char *nc, const char *qop) {
|
||||
SHA512_CTX ctx;
|
||||
|
@ -826,7 +756,7 @@ static void mod_auth_digest_nonce_sha512_256(buffer *b, time_t cur_ts, int rnd,
|
|||
buffer_append_string_len(b, hh, sizeof(hh)-1);
|
||||
}
|
||||
|
||||
#endif /* SHA512_256_DIGEST_LENGTH */
|
||||
#endif /* USE_LIB_CRYPTO_SHA512_256 */
|
||||
|
||||
#endif /* USE_LIB_CRYPTO */
|
||||
|
||||
|
@ -909,7 +839,7 @@ static void mod_auth_digest_mutate(http_auth_info_t *ai, const char *m, const ch
|
|||
#ifdef USE_LIB_CRYPTO
|
||||
else if (ai->dalgo & HTTP_AUTH_DIGEST_SHA256)
|
||||
mod_auth_digest_mutate_sha256(ai, m, uri, nonce, cnonce, nc, qop);
|
||||
#ifdef SHA512_256_DIGEST_LENGTH
|
||||
#ifdef USE_LIB_CRYPTO_SHA512_256
|
||||
else if (ai->dalgo & HTTP_AUTH_DIGEST_SHA512_256)
|
||||
mod_auth_digest_mutate_sha512_256(ai, m, uri, nonce, cnonce, nc, qop);
|
||||
#endif
|
||||
|
@ -932,7 +862,7 @@ static void mod_auth_append_nonce(buffer *b, time_t cur_ts, const struct http_au
|
|||
}
|
||||
switch (dalgo) {
|
||||
#ifdef USE_LIB_CRYPTO
|
||||
#ifdef SHA512_256_DIGEST_LENGTH
|
||||
#ifdef USE_LIB_CRYPTO_SHA512_256
|
||||
case HTTP_AUTH_DIGEST_SHA512_256:
|
||||
mod_auth_digest_nonce_sha512_256(b, cur_ts, rnd, nonce_secret);
|
||||
break;
|
||||
|
@ -955,7 +885,7 @@ static void mod_auth_digest_www_authenticate(buffer *b, time_t cur_ts, const str
|
|||
unsigned int algolen[3];
|
||||
const char *algoname[3];
|
||||
#ifdef USE_LIB_CRYPTO
|
||||
#ifdef SHA512_256_DIGEST_LENGTH
|
||||
#ifdef USE_LIB_CRYPTO_SHA512_256
|
||||
if (algos & HTTP_AUTH_DIGEST_SHA512_256) {
|
||||
algoid[n] = HTTP_AUTH_DIGEST_SHA512_256;
|
||||
algoname[n] = "SHA-512-256";
|
||||
|
|
|
@ -14,124 +14,18 @@
|
|||
# define HAVE_CRYPT
|
||||
#endif
|
||||
|
||||
#include "sys-crypto.h" /* USE_LIB_CRYPTO */
|
||||
#ifdef USE_LIB_CRYPTO
|
||||
|
||||
#if defined(USE_NETTLE_CRYPTO)
|
||||
|
||||
#include <nettle/md4.h>
|
||||
#include <nettle/sha.h>
|
||||
|
||||
typedef struct md4_ctx MD4_CTX;
|
||||
#define MD4_Init(ctx) \
|
||||
md4_init(ctx)
|
||||
#define MD4_Final(digest, ctx) \
|
||||
md4_digest((ctx),sizeof(digest),(digest))
|
||||
static void
|
||||
MD4_Update(MD4_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
md4_update(ctx, length, data);
|
||||
}
|
||||
|
||||
typedef struct sha256_ctx SHA256_CTX;
|
||||
#define SHA256_Init(ctx) \
|
||||
sha256_init(ctx)
|
||||
#define SHA256_Final(digest, ctx) \
|
||||
sha256_digest((ctx),sizeof(digest),(digest))
|
||||
static void
|
||||
SHA256_Update(SHA256_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
sha256_update(ctx, length, data);
|
||||
}
|
||||
|
||||
#ifndef SHA512_256_DIGEST_LENGTH
|
||||
#define SHA512_256_DIGEST_LENGTH 32
|
||||
#endif
|
||||
typedef struct sha512_ctx SHA512_CTX;
|
||||
#define SHA512_256_Init(ctx) \
|
||||
sha512_256_init(ctx)
|
||||
#define SHA512_256_Final(digest, ctx) \
|
||||
sha512_256_digest((ctx),sizeof(digest),(digest))
|
||||
static void
|
||||
SHA512_256_Update(SHA512_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
sha512_256_update(ctx, length, data);
|
||||
}
|
||||
|
||||
#elif defined(USE_MBEDTLS_CRYPTO)
|
||||
|
||||
#include <mbedtls/md4.h>
|
||||
#ifdef MBEDTLS_MD4_C
|
||||
typedef struct mbedtls_md4_context MD4_CTX;
|
||||
#define MD4_Init(ctx) \
|
||||
(mbedtls_md4_init(ctx), mbedtls_md4_starts_ret(ctx))
|
||||
#define MD4_Final(digest, ctx) \
|
||||
(mbedtls_md4_finish_ret((ctx),(digest)), mbedtls_md4_free(ctx))
|
||||
static void
|
||||
MD4_Update(MD4_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
mbedtls_md4_update_ret(ctx, data, length);
|
||||
}
|
||||
#else /*(mbedTLS built without MD4)*/
|
||||
#define NO_MD4
|
||||
#endif
|
||||
|
||||
#include <mbedtls/sha256.h>
|
||||
#ifdef MBEDTLS_SHA256_C
|
||||
typedef struct mbedtls_sha256_context SHA256_CTX;
|
||||
#define SHA256_Init(ctx) \
|
||||
(mbedtls_sha256_init(ctx), mbedtls_sha256_starts_ret((ctx),0))
|
||||
#define SHA256_Final(digest, ctx) \
|
||||
(mbedtls_sha256_finish_ret((ctx),(digest)), mbedtls_sha256_free(ctx))
|
||||
static void
|
||||
SHA256_Update(SHA256_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
mbedtls_sha256_update_ret(ctx, data, length);
|
||||
}
|
||||
#endif
|
||||
|
||||
#elif defined(USE_OPENSSL_CRYPTO)
|
||||
|
||||
#include <openssl/md4.h>
|
||||
#include <openssl/sha.h>
|
||||
|
||||
#elif defined(USE_GNUTLS_CRYPTO)
|
||||
|
||||
#include <gnutls/crypto.h>
|
||||
#define NO_MD4
|
||||
typedef gnutls_hash_hd_t SHA256_CTX;
|
||||
#define SHA256_Init(ctx) \
|
||||
do { \
|
||||
if (gnutls_hash_init((ctx), GNUTLS_DIG_SHA256) < 0) \
|
||||
SEGFAULT(); \
|
||||
} while (0)
|
||||
#define SHA256_Final(digest, ctx) \
|
||||
gnutls_hash_deinit(*(ctx),(digest))
|
||||
static void
|
||||
SHA256_Update(SHA256_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
gnutls_hash(*ctx, data, length);
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
#endif /* USE_LIB_CRYPTO */
|
||||
#include "sys-crypto-md.h" /* USE_LIB_CRYPTO */
|
||||
|
||||
#include "safe_memclear.h"
|
||||
/*(htpasswd)*/
|
||||
|
||||
|
||||
#include "base.h"
|
||||
#include "plugin.h"
|
||||
#include "http_auth.h"
|
||||
#include "log.h"
|
||||
|
||||
#include "algo_sha1.h"
|
||||
#include "base64.h"
|
||||
#include "md5.h"
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <sys/stat.h>
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
|
@ -270,7 +164,7 @@ static void mod_authn_file_digest_sha256(http_auth_info_t *ai, const char *pw, s
|
|||
SHA256_Final(ai->digest, &ctx);
|
||||
}
|
||||
|
||||
#ifdef SHA512_256_DIGEST_LENGTH
|
||||
#ifdef USE_LIB_CRYPTO_SHA512_256
|
||||
static void mod_authn_file_digest_sha512_256(http_auth_info_t *ai, const char *pw, size_t pwlen) {
|
||||
SHA512_CTX ctx;
|
||||
SHA512_256_Init(&ctx);
|
||||
|
@ -303,7 +197,7 @@ static void mod_authn_file_digest(http_auth_info_t *ai, const char *pw, size_t p
|
|||
#ifdef USE_LIB_CRYPTO
|
||||
else if (ai->dalgo & HTTP_AUTH_DIGEST_SHA256)
|
||||
mod_authn_file_digest_sha256(ai, pw, pwlen);
|
||||
#ifdef SHA512_256_DIGEST_LENGTH
|
||||
#ifdef USE_LIB_CRYPTO_SHA512_256
|
||||
else if (ai->dalgo & HTTP_AUTH_DIGEST_SHA512_256)
|
||||
mod_authn_file_digest_sha512_256(ai, pw, pwlen);
|
||||
#endif
|
||||
|
@ -742,8 +636,7 @@ static handler_t mod_authn_file_htpasswd_basic(request_st * const r, void *p_d,
|
|||
crypt_tmp_data.initialized = 0;
|
||||
#endif
|
||||
#endif
|
||||
#ifdef USE_LIB_CRYPTO /*(for MD4_*() (e.g. MD4_Update()))*/
|
||||
#ifndef NO_MD4 /*(e.g. wolfSSL built without MD4)*/
|
||||
#ifdef USE_LIB_CRYPTO_MD4 /*(for MD4_*() (e.g. MD4_Update()))*/
|
||||
if (0 == memcmp(password->ptr, CONST_STR_LEN("$1+ntlm$"))) {
|
||||
/* CRYPT-MD5-NTLM algorithm
|
||||
* This algorithm allows for the construction of (slight more)
|
||||
|
@ -795,7 +688,6 @@ static handler_t mod_authn_file_htpasswd_basic(request_st * const r, void *p_d,
|
|||
}
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#endif
|
||||
{
|
||||
#if defined(HAVE_CRYPT_R)
|
||||
|
|
|
@ -23,7 +23,6 @@
|
|||
#include "base.h"
|
||||
#include "http_auth.h"
|
||||
#include "log.h"
|
||||
#include "md5.h"
|
||||
#include "plugin.h"
|
||||
|
||||
#include <stdio.h>
|
||||
|
@ -37,6 +36,8 @@
|
|||
#include <crypt.h>
|
||||
#endif
|
||||
|
||||
#include "sys-crypto-md.h"
|
||||
|
||||
typedef struct {
|
||||
int auth_mysql_port;
|
||||
const char *auth_mysql_host;
|
||||
|
|
|
@ -10,6 +10,8 @@
|
|||
|
||||
#include <lauxlib.h>
|
||||
|
||||
#include "sys-crypto-md.h"
|
||||
|
||||
#include "mod_cml_funcs.h"
|
||||
#include "mod_cml.h"
|
||||
|
||||
|
@ -17,8 +19,6 @@
|
|||
#include "log.h"
|
||||
#include "plugin.h"
|
||||
|
||||
#include "md5.h"
|
||||
|
||||
#define HASHLEN 16
|
||||
typedef unsigned char HASH[HASHLEN];
|
||||
#define HASHHEXLEN 32
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "sys-crypto.h"
|
||||
#include "sys-crypto-md.h"
|
||||
#ifdef USE_LIB_CRYPTO
|
||||
#if defined(USE_NETTLE_CRYPTO)
|
||||
#include <nettle/hmac.h>
|
||||
|
@ -25,8 +25,6 @@
|
|||
#endif
|
||||
#endif
|
||||
|
||||
#include "md5.h"
|
||||
|
||||
/*
|
||||
* mod_secdownload verifies a checksum associated with a timestamp
|
||||
* and a path.
|
||||
|
|
|
@ -8,11 +8,11 @@
|
|||
|
||||
#include "plugin.h"
|
||||
|
||||
#include "sys-crypto-md.h"
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "md5.h"
|
||||
|
||||
typedef struct {
|
||||
const buffer *cookie_name;
|
||||
const buffer *cookie_attrs;
|
||||
|
|
|
@ -650,8 +650,8 @@ int mod_wstunnel_plugin_init(plugin *p) {
|
|||
|
||||
#ifdef _MOD_WEBSOCKET_SPEC_IETF_00_
|
||||
|
||||
#include "sys-endian.h" /* lighttpd */
|
||||
#include "md5.h" /* lighttpd */
|
||||
#include "sys-crypto-md.h" /* lighttpd */
|
||||
#include "sys-endian.h" /* lighttpd */
|
||||
|
||||
static int get_key3(request_st * const r, char *buf) {
|
||||
/* 8 bytes should have been sent with request
|
||||
|
@ -787,8 +787,8 @@ static int create_response_ietf_00(handler_ctx *hctx) {
|
|||
|
||||
#ifdef _MOD_WEBSOCKET_SPEC_RFC_6455_
|
||||
|
||||
#include "algo_sha1.h" /* lighttpd */
|
||||
#include "base64.h" /* lighttpd */
|
||||
#include "sys-crypto-md.h" /* lighttpd */
|
||||
#include "base64.h" /* lighttpd */
|
||||
|
||||
static int create_response_rfc_6455(handler_ctx *hctx) {
|
||||
request_st * const r = hctx->gw.r;
|
||||
|
|
|
@ -0,0 +1,239 @@
|
|||
/* sys-crypto-md.h - message digest (MD) wrapper
|
||||
*
|
||||
* message digest (MD) algorithms are not necessarily cryptographically secure
|
||||
* (often provided by crypto libraries, hence this file named sys-crypto-md.h)
|
||||
*
|
||||
* Copyright(c) 2020 Glenn Strauss gstrauss()gluelogic.com All rights reserved
|
||||
* License: BSD 3-clause (same as lighttpd)
|
||||
*/
|
||||
#ifndef LI_SYS_CRYPTO_MD_H
|
||||
#define LI_SYS_CRYPTO_MD_H
|
||||
#include "first.h"
|
||||
|
||||
#include "sys-crypto.h" /* USE_LIB_CRYPTO */
|
||||
#ifdef USE_LIB_CRYPTO
|
||||
|
||||
#if defined(USE_NETTLE_CRYPTO)
|
||||
|
||||
#include <nettle/md4.h>
|
||||
#include <nettle/md5.h>
|
||||
#include <nettle/sha.h>
|
||||
|
||||
#define USE_LIB_CRYPTO_MD4
|
||||
typedef struct md4_ctx MD4_CTX;
|
||||
#define MD4_Init(ctx) \
|
||||
nettle_md4_init(ctx)
|
||||
#define MD4_Final(digest, ctx) \
|
||||
nettle_md4_digest((ctx),sizeof(digest),(digest))
|
||||
static inline void
|
||||
MD4_Update(MD4_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
nettle_md4_update(ctx, length, data);
|
||||
}
|
||||
|
||||
#define USE_LIB_CRYPTO_MD5
|
||||
typedef struct md5_ctx MD5_CTX;
|
||||
#define MD5_Init(ctx) \
|
||||
nettle_md5_init(ctx)
|
||||
#define MD5_Final(digest, ctx) \
|
||||
nettle_md5_digest((ctx),sizeof(digest),(digest))
|
||||
static inline void
|
||||
MD5_Update(MD5_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
nettle_md5_update(ctx, length, data);
|
||||
}
|
||||
|
||||
#define USE_LIB_CRYPTO_SHA1
|
||||
typedef struct sha1_ctx SHA_CTX;
|
||||
#define SHA1_Init(ctx) \
|
||||
nettle_sha1_init(ctx)
|
||||
#define SHA1_Final(digest, ctx) \
|
||||
nettle_sha1_digest((ctx),sizeof(digest),(digest))
|
||||
static inline void
|
||||
SHA1_Update(SHA_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
nettle_sha1_update(ctx, length, data);
|
||||
}
|
||||
|
||||
#define USE_LIB_CRYPTO_SHA256
|
||||
typedef struct sha256_ctx SHA256_CTX;
|
||||
#define SHA256_Init(ctx) \
|
||||
nettle_sha256_init(ctx)
|
||||
#define SHA256_Final(digest, ctx) \
|
||||
nettle_sha256_digest((ctx),sizeof(digest),(digest))
|
||||
static inline void
|
||||
SHA256_Update(SHA256_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
nettle_sha256_update(ctx, length, data);
|
||||
}
|
||||
|
||||
#define USE_LIB_CRYPTO_SHA512_256
|
||||
#ifndef SHA512_256_DIGEST_LENGTH
|
||||
#define SHA512_256_DIGEST_LENGTH 32
|
||||
#endif
|
||||
typedef struct sha512_256_ctx SHA512_CTX; /*(yes, SHA512_CTX)*/
|
||||
#define SHA512_256_Init(ctx) \
|
||||
nettle_sha512_256_init(ctx)
|
||||
#define SHA512_256_Final(digest, ctx) \
|
||||
nettle_sha512_256_digest((ctx),sizeof(digest),(digest))
|
||||
static inline void
|
||||
SHA512_256_Update(SHA512_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
nettle_sha512_update(ctx, length, data); /*(yes, nettle_sha512_update())*/
|
||||
}
|
||||
|
||||
#elif defined(USE_MBEDTLS_CRYPTO)
|
||||
|
||||
#ifdef MBEDTLS_MD4_C
|
||||
#define USE_LIB_CRYPTO_MD4
|
||||
#include <mbedtls/md4.h>
|
||||
typedef struct mbedtls_md4_context MD4_CTX;
|
||||
#define MD4_Init(ctx) \
|
||||
(mbedtls_md4_init(ctx), mbedtls_md4_starts_ret(ctx))
|
||||
#define MD4_Final(digest, ctx) \
|
||||
(mbedtls_md4_finish_ret((ctx),(digest)), mbedtls_md4_free(ctx))
|
||||
static inline void
|
||||
MD4_Update(MD4_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
mbedtls_md4_update_ret(ctx, data, length);
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_MD5_C
|
||||
#define USE_LIB_CRYPTO_MD5
|
||||
#include <mbedtls/md5.h>
|
||||
typedef struct mbedtls_md5_context MD5_CTX;
|
||||
#define MD5_Init(ctx) \
|
||||
(mbedtls_md5_init(ctx), mbedtls_md5_starts_ret(ctx))
|
||||
#define MD5_Final(digest, ctx) \
|
||||
(mbedtls_md5_finish_ret((ctx),(digest)), mbedtls_md5_free(ctx))
|
||||
static inline void
|
||||
MD5_Update(MD5_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
mbedtls_md5_update_ret(ctx, data, length);
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA1_C
|
||||
#define USE_LIB_CRYPTO_SHA1
|
||||
#include <mbedtls/sha1.h>
|
||||
typedef struct mbedtls_sha1_context SHA_CTX;
|
||||
#define SHA1_Init(ctx) \
|
||||
(mbedtls_sha1_init(ctx), mbedtls_sha1_starts_ret(ctx))
|
||||
#define SHA1_Final(digest, ctx) \
|
||||
(mbedtls_sha1_finish_ret((ctx),(digest)), mbedtls_sha1_free(ctx))
|
||||
static inline void
|
||||
SHA1_Update(SHA_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
mbedtls_sha1_update_ret(ctx, data, length);
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA256_C
|
||||
#define USE_LIB_CRYPTO_SHA256
|
||||
#include <mbedtls/sha256.h>
|
||||
typedef struct mbedtls_sha256_context SHA256_CTX;
|
||||
#define SHA256_Init(ctx) \
|
||||
(mbedtls_sha256_init(ctx), mbedtls_sha256_starts_ret((ctx),0))
|
||||
#define SHA256_Final(digest, ctx) \
|
||||
(mbedtls_sha256_finish_ret((ctx),(digest)), mbedtls_sha256_free(ctx))
|
||||
static inline void
|
||||
SHA256_Update(SHA256_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
mbedtls_sha256_update_ret(ctx, data, length);
|
||||
}
|
||||
#endif
|
||||
|
||||
#elif defined(USE_OPENSSL_CRYPTO)
|
||||
|
||||
#include <openssl/md4.h>
|
||||
#include <openssl/md5.h>
|
||||
#include <openssl/sha.h>
|
||||
#ifndef OPENSSL_NO_MD4
|
||||
#ifndef NO_MD4 /*(e.g. wolfSSL built without MD4)*/
|
||||
#define USE_LIB_CRYPTO_MD4
|
||||
#endif
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_MD5
|
||||
#define USE_LIB_CRYPTO_MD5
|
||||
#endif
|
||||
#define USE_LIB_CRYPTO_SHA1
|
||||
#define USE_LIB_CRYPTO_SHA256
|
||||
#ifdef SHA512_256_DIGEST_LENGTH
|
||||
#define USE_LIB_CRYPTO_SHA512_256
|
||||
#endif
|
||||
|
||||
#elif defined(USE_GNUTLS_CRYPTO)
|
||||
|
||||
#include <gnutls/crypto.h>
|
||||
|
||||
#define USE_LIB_CRYPTO_MD5
|
||||
typedef gnutls_hash_hd_t MD5_CTX;
|
||||
#define MD5_Init(ctx) \
|
||||
do { \
|
||||
if (gnutls_hash_init((ctx), GNUTLS_DIG_MD5) < 0) \
|
||||
SEGFAULT(); \
|
||||
} while (0)
|
||||
#define MD5_Final(digest, ctx) \
|
||||
gnutls_hash_deinit(*(ctx),(digest))
|
||||
static inline void
|
||||
MD5_Update(MD5_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
gnutls_hash(*ctx, data, length);
|
||||
}
|
||||
|
||||
#define USE_LIB_CRYPTO_SHA1
|
||||
typedef gnutls_hash_hd_t SHA_CTX;
|
||||
#define SHA1_Init(ctx) \
|
||||
do { \
|
||||
if (gnutls_hash_init((ctx), GNUTLS_DIG_SHA1) < 0) \
|
||||
SEGFAULT(); \
|
||||
} while (0)
|
||||
#define SHA1_Final(digest, ctx) \
|
||||
gnutls_hash_deinit(*(ctx),(digest))
|
||||
static inline void
|
||||
SHA1_Update(SHA_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
gnutls_hash(*ctx, data, length);
|
||||
}
|
||||
|
||||
#define USE_LIB_CRYPTO_SHA256
|
||||
typedef gnutls_hash_hd_t SHA256_CTX;
|
||||
#define SHA256_Init(ctx) \
|
||||
do { \
|
||||
if (gnutls_hash_init((ctx), GNUTLS_DIG_SHA256) < 0) \
|
||||
SEGFAULT(); \
|
||||
} while (0)
|
||||
#define SHA256_Final(digest, ctx) \
|
||||
gnutls_hash_deinit(*(ctx),(digest))
|
||||
static inline void
|
||||
SHA256_Update(SHA256_CTX *ctx, const void *data, size_t length)
|
||||
{
|
||||
gnutls_hash(*ctx, data, length);
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
#endif /* USE_LIB_CRYPTO */
|
||||
|
||||
|
||||
#ifdef USE_LIB_CRYPTO_MD5
|
||||
#ifndef MD5_DIGEST_LENGTH
|
||||
#define MD5_DIGEST_LENGTH 16
|
||||
#endif
|
||||
#include "md5.h" /*(for legacy li_MD5_*() name mangling)*/
|
||||
#else
|
||||
#include "md5.h"
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef USE_LIB_CRYPTO_SHA1
|
||||
#ifndef SHA_DIGEST_LENGTH
|
||||
#define SHA_DIGEST_LENGTH 20
|
||||
#endif
|
||||
#else
|
||||
#include "algo_sha1.h"
|
||||
#endif
|
||||
|
||||
|
||||
#endif /* LI_SYS_CRYPTO_MD_H */
|
Loading…
Reference in New Issue