X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fsrc%2Fhash.c;h=19ab1efd09b5782bbfa4fa57256d91ec59e6bfdc;hb=0d68983b8b7c2040e81090f1d5aa8d2c4043eab3;hp=806ad7c1f2aa3113a35f86637cbe554423bc2a65;hpb=5fb822fc4839e253d2f839ba7966bc25a5329ac1;p=user%2Fhenk%2Fcode%2Fexim.git diff --git a/src/src/hash.c b/src/src/hash.c index 806ad7c1f..19ab1efd0 100644 --- a/src/src/hash.c +++ b/src/src/hash.c @@ -25,51 +25,40 @@ typedef struct sha1 { sha1; #endif /*STAND_ALONE*/ - - -#ifndef SUPPORT_TLS -# error Need SUPPORT_TLS for DKIM -#endif - - - -#ifdef notdef -#ifdef RSA_OPENSSL -# include -# include -# include -#elif defined(RSA_GNUTLS) -# include -# include -# ifdef RSA_VERIFY_GNUTLS -# include -# endif -#endif -#endif - +#include /******************************************************************************/ #ifdef SHA_OPENSSL -void -exim_sha_init(hctx * h, BOOL is_sha1) +BOOL +exim_sha_init(hctx * h, hashmethod m) { -h->is_sha1 = is_sha1; -h->hashlen = is_sha1 ? 20 : 32; -if (h->is_sha1) - SHA1_Init (&h->u.sha1); -else - SHA256_Init(&h->u.sha2); +/*XXX extend for sha512 */ +switch (h->method = m) + { + case HASH_SHA1: h->hashlen = 20; SHA1_Init (&h->u.sha1); break; + case HASH_SHA2_256: h->hashlen = 32; SHA256_Init(&h->u.sha2_256); break; + case HASH_SHA2_384: h->hashlen = 48; SHA384_Init(&h->u.sha2_512); break; + case HASH_SHA2_512: h->hashlen = 64; SHA512_Init(&h->u.sha2_512); break; + default: h->hashlen = 0; return FALSE; + } +return TRUE; } void exim_sha_update(hctx * h, const uschar * data, int len) { -if (h->is_sha1) - SHA1_Update (&h->u.sha1, data, len); -else - SHA256_Update(&h->u.sha2, data, len); +switch (h->method) + { + case HASH_SHA1: SHA1_Update (&h->u.sha1, data, len); break; + case HASH_SHA2_256: SHA256_Update(&h->u.sha2_256, data, len); break; + case HASH_SHA2_384: SHA384_Update(&h->u.sha2_512, data, len); break; + case HASH_SHA2_512: SHA512_Update(&h->u.sha2_512, data, len); break; + /* should be blocked by init not handling these, but be explicit to + guard against accidents later (and hush up clang -Wswitch) */ + default: assert(0); + } } @@ -77,11 +66,14 @@ void exim_sha_finish(hctx * h, blob * b) { b->data = store_get(b->len = h->hashlen); - -if (h->is_sha1) - SHA1_Final (b->data, &h->u.sha1); -else - SHA256_Final(b->data, &h->u.sha2); +switch (h->method) + { + case HASH_SHA1: SHA1_Final (b->data, &h->u.sha1); break; + case HASH_SHA2_256: SHA256_Final(b->data, &h->u.sha2_256); break; + case HASH_SHA2_384: SHA384_Final(b->data, &h->u.sha2_512); break; + case HASH_SHA2_512: SHA512_Final(b->data, &h->u.sha2_512); break; + default: assert(0); + } } @@ -89,12 +81,24 @@ else #elif defined(SHA_GNUTLS) /******************************************************************************/ -void -exim_sha_init(hctx * h, BOOL is_sha1) +BOOL +exim_sha_init(hctx * h, hashmethod m) { -h->is_sha1 = is_sha1; -h->hashlen = is_sha1 ? 20 : 32; -gnutls_hash_init(&h->sha, is_sha1 ? GNUTLS_DIG_SHA1 : GNUTLS_DIG_SHA256); +/*XXX extend for sha512 */ +switch (h->method = m) + { + case HASH_SHA1: h->hashlen = 20; gnutls_hash_init(&h->sha, GNUTLS_DIG_SHA1); break; + case HASH_SHA2_256: h->hashlen = 32; gnutls_hash_init(&h->sha, GNUTLS_DIG_SHA256); break; + case HASH_SHA2_384: h->hashlen = 48; gnutls_hash_init(&h->sha, GNUTLS_DIG_SHA384); break; + case HASH_SHA2_512: h->hashlen = 64; gnutls_hash_init(&h->sha, GNUTLS_DIG_SHA512); break; +#ifdef EXIM_HAVE_SHA3 + case HASH_SHA3_256: h->hashlen = 32; gnutls_hash_init(&h->sha, GNUTLS_DIG_SHA3_256); break; + case HASH_SHA3_384: h->hashlen = 48; gnutls_hash_init(&h->sha, GNUTLS_DIG_SHA3_384); break; + case HASH_SHA3_512: h->hashlen = 64; gnutls_hash_init(&h->sha, GNUTLS_DIG_SHA3_512); break; +#endif + default: h->hashlen = 0; return FALSE; + } +return TRUE; } @@ -117,12 +121,22 @@ gnutls_hash_output(h->sha, b->data); #elif defined(SHA_GCRYPT) /******************************************************************************/ -void -exim_sha_init(hctx * h, BOOL is_sha1) +BOOL +exim_sha_init(hctx * h, hashmethod m) { -h->is_sha1 = is_sha1; -h->hashlen = is_sha1 ? 20 : 32; -gcry_md_open(&h->sha, is_sha1 ? GCRY_MD_SHA1 : GCRY_MD_SHA256, 0); +/*XXX extend for sha512 */ +switch (h->method = m) + { + case HASH_SHA1: h->hashlen = 20; gcry_md_open(&h->sha, GCRY_MD_SHA1, 0); break; + case HASH_SHA2_256: h->hashlen = 32; gcry_md_open(&h->sha, GCRY_MD_SHA256, 0); break; + case HASH_SHA2_384: h->hashlen = 48; gcry_md_open(&h->sha, GCRY_MD_SHA384, 0); break; + case HASH_SHA2_512: h->hashlen = 64; gcry_md_open(&h->sha, GCRY_MD_SHA512, 0); break; + case HASH_SHA3_256: h->hashlen = 32; gcry_md_open(&h->sha, GCRY_MD_SHA3_256, 0); break; + case HASH_SHA3_384: h->hashlen = 48; gcry_md_open(&h->sha, GCRY_MD_SHA3_384, 0); break; + case HASH_SHA3_512: h->hashlen = 64; gcry_md_open(&h->sha, GCRY_MD_SHA3_512, 0); break; + default: h->hashlen = 0; return FALSE; + } +return TRUE; } @@ -146,25 +160,28 @@ memcpy(b->data, gcry_md_read(h->sha, 0), h->hashlen); #elif defined(SHA_POLARSSL) /******************************************************************************/ -void -exim_sha_init(hctx * h, BOOL is_sha1) +BOOL +exim_sha_init(hctx * h, hashmethod m) { -h->is_sha1 = is_sha1; -h->hashlen = is_sha1 ? 20 : 32; -if (h->is_sha1) - sha1_starts(&h->u.sha1); -else - sha2_starts(&h->u.sha2, 0); +/*XXX extend for sha512 */ +switch (h->method = m) + { + case HASH_SHA1: h->hashlen = 20; sha1_starts(&h->u.sha1); break; + case HASH_SHA2_256: h->hashlen = 32; sha2_starts(&h->u.sha2, 0); break; + default: h->hashlen = 0; return FALSE; + } +return TRUE; } void exim_sha_update(hctx * h, const uschar * data, int len) { -if (h->is_sha1) - sha1_update(h->u.sha1, US data, len); -else - sha2_update(h->u.sha2, US data, len); +switch (h->method) + { + case HASH_SHA1: sha1_update(h->u.sha1, US data, len); break; + case HASH_SHA2_256: sha2_update(h->u.sha2, US data, len); break; + } } @@ -172,11 +189,11 @@ void exim_sha_finish(hctx * h, blob * b) { b->data = store_get(b->len = h->hashlen); - -if (h->is_sha1) - sha1_finish(h->u.sha1, b->data); -else - sha2_finish(h->u.sha2, b->data); +switch (h->method) + { + case HASH_SHA1: sha1_finish(h->u.sha1, b->data); break; + case HASH_SHA2_256: sha2_finish(h->u.sha2, b->data); break; + } } @@ -392,11 +409,12 @@ for (i = 0; i < 5; i++) # ifdef notdef -void -exim_sha_init(hctx * h, BOOL is_sha1) +BOOL +exim_sha_init(hctx * h, hashmethod m) { h->hashlen = 20; native_sha1_start(&h->sha1); +return TRUE; } @@ -418,14 +436,6 @@ native_sha1_end(&h->sha1, NULL, 0, b->data); #endif -/******************************************************************************/ - -/* Common to all library versions */ -int -exim_sha_hashlen(hctx * h) -{ -return h->is_sha1 ? 20 : 32; -} /******************************************************************************/ @@ -460,7 +470,7 @@ native_sha1_end(&h->sha1, data, len, digest); void sha1_start(hctx * h) { -exim_sha_init(h, TRUE); +(void) exim_sha_init(h, HASH_SHA1); } void @@ -775,7 +785,7 @@ int main(void) sha1 base; int j; int i = 0x01020304; -uschar *ctest = (uschar *)(&i); +uschar *ctest = US (&i); uschar buffer[256]; uschar digest[20]; uschar s[41];