diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index b7bfc70b..ccc3d132 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -185,6 +185,7 @@ if (WITH_GCRYPT) pki_gcrypt.c ecdh_gcrypt.c getrandom_gcrypt.c + md_gcrypt.c dh_key.c pki_ed25519.c external/ed25519.c @@ -209,6 +210,7 @@ elseif (WITH_MBEDTLS) pki_mbedcrypto.c ecdh_mbedcrypto.c getrandom_mbedcrypto.c + md_mbedcrypto.c dh_key.c pki_ed25519.c external/ed25519.c @@ -232,6 +234,7 @@ else (WITH_GCRYPT) pki_crypto.c ecdh_crypto.c getrandom_crypto.c + md_crypto.c libcrypto.c dh_crypto.c ) diff --git a/src/libcrypto.c b/src/libcrypto.c index e0f87d51..aa2d845c 100644 --- a/src/libcrypto.c +++ b/src/libcrypto.c @@ -93,43 +93,6 @@ void ssh_reseed(void){ #endif } -SHACTX sha1_init(void) -{ - int rc; - SHACTX c = EVP_MD_CTX_new(); - if (c == NULL) { - return NULL; - } - rc = EVP_DigestInit_ex(c, EVP_sha1(), NULL); - if (rc == 0) { - EVP_MD_CTX_free(c); - c = NULL; - } - return c; -} - -void sha1_update(SHACTX c, const void *data, size_t len) -{ - EVP_DigestUpdate(c, data, len); -} - -void sha1_final(unsigned char *md, SHACTX c) -{ - unsigned int mdlen = 0; - - EVP_DigestFinal(c, md, &mdlen); - EVP_MD_CTX_free(c); -} - -void sha1(const unsigned char *digest, size_t len, unsigned char *hash) -{ - SHACTX c = sha1_init(); - if (c != NULL) { - sha1_update(c, digest, len); - sha1_final(hash, c); - } -} - #ifdef HAVE_OPENSSL_ECC static const EVP_MD *nid_to_evpmd(int nid) { @@ -184,145 +147,6 @@ void evp_final(EVPCTX ctx, unsigned char *md, unsigned int *mdlen) } #endif /* HAVE_OPENSSL_ECC */ -SHA256CTX sha256_init(void) -{ - int rc; - SHA256CTX c = EVP_MD_CTX_new(); - if (c == NULL) { - return NULL; - } - rc = EVP_DigestInit_ex(c, EVP_sha256(), NULL); - if (rc == 0) { - EVP_MD_CTX_free(c); - c = NULL; - } - return c; -} - -void sha256_update(SHA256CTX c, const void *data, size_t len) -{ - EVP_DigestUpdate(c, data, len); -} - -void sha256_final(unsigned char *md, SHA256CTX c) -{ - unsigned int mdlen = 0; - - EVP_DigestFinal(c, md, &mdlen); - EVP_MD_CTX_free(c); -} - -void sha256(const unsigned char *digest, size_t len, unsigned char *hash) -{ - SHA256CTX c = sha256_init(); - if (c != NULL) { - sha256_update(c, digest, len); - sha256_final(hash, c); - } -} - -SHA384CTX sha384_init(void) -{ - int rc; - SHA384CTX c = EVP_MD_CTX_new(); - if (c == NULL) { - return NULL; - } - rc = EVP_DigestInit_ex(c, EVP_sha384(), NULL); - if (rc == 0) { - EVP_MD_CTX_free(c); - c = NULL; - } - return c; -} - -void sha384_update(SHA384CTX c, const void *data, size_t len) -{ - EVP_DigestUpdate(c, data, len); -} - -void sha384_final(unsigned char *md, SHA384CTX c) -{ - unsigned int mdlen = 0; - - EVP_DigestFinal(c, md, &mdlen); - EVP_MD_CTX_free(c); -} - -void sha384(const unsigned char *digest, size_t len, unsigned char *hash) -{ - SHA384CTX c = sha384_init(); - if (c != NULL) { - sha384_update(c, digest, len); - sha384_final(hash, c); - } -} - -SHA512CTX sha512_init(void) -{ - int rc = 0; - SHA512CTX c = EVP_MD_CTX_new(); - if (c == NULL) { - return NULL; - } - rc = EVP_DigestInit_ex(c, EVP_sha512(), NULL); - if (rc == 0) { - EVP_MD_CTX_free(c); - c = NULL; - } - return c; -} - -void sha512_update(SHA512CTX c, const void *data, size_t len) -{ - EVP_DigestUpdate(c, data, len); -} - -void sha512_final(unsigned char *md, SHA512CTX c) -{ - unsigned int mdlen = 0; - - EVP_DigestFinal(c, md, &mdlen); - EVP_MD_CTX_free(c); -} - -void sha512(const unsigned char *digest, size_t len, unsigned char *hash) -{ - SHA512CTX c = sha512_init(); - if (c != NULL) { - sha512_update(c, digest, len); - sha512_final(hash, c); - } -} - -MD5CTX md5_init(void) -{ - int rc; - MD5CTX c = EVP_MD_CTX_new(); - if (c == NULL) { - return NULL; - } - rc = EVP_DigestInit_ex(c, EVP_md5(), NULL); - if(rc == 0) { - EVP_MD_CTX_free(c); - c = NULL; - } - return c; -} - -void md5_update(MD5CTX c, const void *data, size_t len) -{ - EVP_DigestUpdate(c, data, len); -} - -void md5_final(unsigned char *md, MD5CTX c) -{ - unsigned int mdlen = 0; - - EVP_DigestFinal(c, md, &mdlen); - EVP_MD_CTX_free(c); -} - #ifdef HAVE_OPENSSL_EVP_KDF_CTX #if OPENSSL_VERSION_NUMBER < 0x30000000L static const EVP_MD *sshkdf_digest_to_md(enum ssh_kdf_digest digest_type) @@ -451,7 +275,7 @@ int ssh_kdf(struct ssh_crypto_struct *crypto, rc = -1; goto out; } - + rc = EVP_KDF_derive(ctx, output, requested_len, params); if (rc != 1) { rc = -1; diff --git a/src/libgcrypt.c b/src/libgcrypt.c index d1660418..b8b86593 100644 --- a/src/libgcrypt.c +++ b/src/libgcrypt.c @@ -69,27 +69,6 @@ static int alloc_key(struct ssh_cipher_struct *cipher) { void ssh_reseed(void){ } -SHACTX sha1_init(void) { - SHACTX ctx = NULL; - gcry_md_open(&ctx, GCRY_MD_SHA1, 0); - - return ctx; -} - -void sha1_update(SHACTX c, const void *data, size_t len) { - gcry_md_write(c, data, len); -} - -void sha1_final(unsigned char *md, SHACTX c) { - gcry_md_final(c); - memcpy(md, gcry_md_read(c, 0), SHA_DIGEST_LEN); - gcry_md_close(c); -} - -void sha1(const unsigned char *digest, size_t len, unsigned char *hash) { - gcry_md_hash_buffer(GCRY_MD_SHA1, hash, digest, len); -} - #ifdef HAVE_GCRYPT_ECC static int nid_to_md_algo(int nid) { @@ -143,86 +122,6 @@ void evp_final(EVPCTX ctx, unsigned char *md, unsigned int *mdlen) } #endif -SHA256CTX sha256_init(void) { - SHA256CTX ctx = NULL; - gcry_md_open(&ctx, GCRY_MD_SHA256, 0); - - return ctx; -} - -void sha256_update(SHACTX c, const void *data, size_t len) { - gcry_md_write(c, data, len); -} - -void sha256_final(unsigned char *md, SHACTX c) { - gcry_md_final(c); - memcpy(md, gcry_md_read(c, 0), SHA256_DIGEST_LEN); - gcry_md_close(c); -} - -void sha256(const unsigned char *digest, size_t len, unsigned char *hash){ - gcry_md_hash_buffer(GCRY_MD_SHA256, hash, digest, len); -} - -SHA384CTX sha384_init(void) { - SHA384CTX ctx = NULL; - gcry_md_open(&ctx, GCRY_MD_SHA384, 0); - - return ctx; -} - -void sha384_update(SHACTX c, const void *data, size_t len) { - gcry_md_write(c, data, len); -} - -void sha384_final(unsigned char *md, SHACTX c) { - gcry_md_final(c); - memcpy(md, gcry_md_read(c, 0), SHA384_DIGEST_LEN); - gcry_md_close(c); -} - -void sha384(const unsigned char *digest, size_t len, unsigned char *hash) { - gcry_md_hash_buffer(GCRY_MD_SHA384, hash, digest, len); -} - -SHA512CTX sha512_init(void) { - SHA512CTX ctx = NULL; - gcry_md_open(&ctx, GCRY_MD_SHA512, 0); - - return ctx; -} - -void sha512_update(SHACTX c, const void *data, size_t len) { - gcry_md_write(c, data, len); -} - -void sha512_final(unsigned char *md, SHACTX c) { - gcry_md_final(c); - memcpy(md, gcry_md_read(c, 0), SHA512_DIGEST_LEN); - gcry_md_close(c); -} - -void sha512(const unsigned char *digest, size_t len, unsigned char *hash) { - gcry_md_hash_buffer(GCRY_MD_SHA512, hash, digest, len); -} - -MD5CTX md5_init(void) { - MD5CTX c = NULL; - gcry_md_open(&c, GCRY_MD_MD5, 0); - - return c; -} - -void md5_update(MD5CTX c, const void *data, size_t len) { - gcry_md_write(c,data,len); -} - -void md5_final(unsigned char *md, MD5CTX c) { - gcry_md_final(c); - memcpy(md, gcry_md_read(c, 0), MD5_DIGEST_LEN); - gcry_md_close(c); -} - int ssh_kdf(struct ssh_crypto_struct *crypto, unsigned char *key, size_t key_len, int key_type, unsigned char *output, diff --git a/src/libmbedcrypto.c b/src/libmbedcrypto.c index cbd2bfb6..c8137ce0 100644 --- a/src/libmbedcrypto.c +++ b/src/libmbedcrypto.c @@ -51,60 +51,6 @@ void ssh_reseed(void) mbedtls_ctr_drbg_reseed(&ssh_mbedtls_ctr_drbg, NULL, 0); } -SHACTX sha1_init(void) -{ - SHACTX ctx = NULL; - int rc; - const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); - - if (md_info == NULL) { - return NULL; - } - - ctx = malloc(sizeof(mbedtls_md_context_t)); - if (ctx == NULL) { - return NULL; - } - - mbedtls_md_init(ctx); - - rc = mbedtls_md_setup(ctx, md_info, 0); - if (rc != 0) { - SAFE_FREE(ctx); - return NULL; - } - - rc = mbedtls_md_starts(ctx); - if (rc != 0) { - SAFE_FREE(ctx); - return NULL; - } - - return ctx; -} - -void sha1_update(SHACTX c, const void *data, size_t len) -{ - mbedtls_md_update(c, data, len); -} - -void sha1_final(unsigned char *md, SHACTX c) -{ - mbedtls_md_finish(c, md); - mbedtls_md_free(c); - SAFE_FREE(c); -} - -void sha1(const unsigned char *digest, size_t len, unsigned char *hash) -{ - const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); - if (md_info != NULL) { - mbedtls_md(md_info, digest, len, hash); - } -} - static mbedtls_md_type_t nid_to_md_algo(int nid) { switch (nid) { @@ -179,211 +125,6 @@ void evp_final(EVPCTX ctx, unsigned char *md, unsigned int *mdlen) SAFE_FREE(ctx); } -SHA256CTX sha256_init(void) -{ - SHA256CTX ctx = NULL; - int rc; - const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); - - if (md_info == NULL) { - return NULL; - } - - ctx = malloc(sizeof(mbedtls_md_context_t)); - if(ctx == NULL) { - return NULL; - } - - mbedtls_md_init(ctx); - - rc = mbedtls_md_setup(ctx, md_info, 0); - if (rc != 0) { - SAFE_FREE(ctx); - return NULL; - } - - rc = mbedtls_md_starts(ctx); - if (rc != 0) { - SAFE_FREE(ctx); - return NULL; - } - - return ctx; -} - -void sha256_update(SHA256CTX c, const void *data, size_t len) -{ - mbedtls_md_update(c, data, len); -} - -void sha256_final(unsigned char *md, SHA256CTX c) -{ - mbedtls_md_finish(c, md); - mbedtls_md_free(c); - SAFE_FREE(c); -} - -void sha256(const unsigned char *digest, size_t len, unsigned char *hash) -{ - const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); - if (md_info != NULL) { - mbedtls_md(md_info, digest, len, hash); - } -} - -SHA384CTX sha384_init(void) -{ - SHA384CTX ctx = NULL; - int rc; - const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type(MBEDTLS_MD_SHA384); - - if (md_info == NULL) { - return NULL; - } - - ctx = malloc(sizeof(mbedtls_md_context_t)); - if (ctx == NULL) { - return NULL; - } - - mbedtls_md_init(ctx); - - rc = mbedtls_md_setup(ctx, md_info, 0); - if (rc != 0) { - SAFE_FREE(ctx); - return NULL; - } - - rc = mbedtls_md_starts(ctx); - if (rc != 0) { - SAFE_FREE(ctx); - return NULL; - } - - return ctx; -} - -void sha384_update(SHA384CTX c, const void *data, size_t len) -{ - mbedtls_md_update(c, data, len); -} - -void sha384_final(unsigned char *md, SHA384CTX c) -{ - mbedtls_md_finish(c, md); - mbedtls_md_free(c); - SAFE_FREE(c); -} - -void sha384(const unsigned char *digest, size_t len, unsigned char *hash) -{ - const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type(MBEDTLS_MD_SHA384); - if (md_info != NULL) { - mbedtls_md(md_info, digest, len, hash); - } -} - -SHA512CTX sha512_init(void) -{ - SHA512CTX ctx = NULL; - int rc; - const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); - if (md_info == NULL) { - return NULL; - } - - ctx = malloc(sizeof(mbedtls_md_context_t)); - if (ctx == NULL) { - return NULL; - } - - mbedtls_md_init(ctx); - - rc = mbedtls_md_setup(ctx, md_info, 0); - if (rc != 0) { - SAFE_FREE(ctx); - return NULL; - } - - rc = mbedtls_md_starts(ctx); - if (rc != 0) { - SAFE_FREE(ctx); - return NULL; - } - - return ctx; -} - -void sha512_update(SHA512CTX c, const void *data, size_t len) -{ - mbedtls_md_update(c, data, len); -} - -void sha512_final(unsigned char *md, SHA512CTX c) -{ - mbedtls_md_finish(c, md); - mbedtls_md_free(c); - SAFE_FREE(c); -} - -void sha512(const unsigned char *digest, size_t len, unsigned char *hash) -{ - const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); - if (md_info != NULL) { - mbedtls_md(md_info, digest, len, hash); - } -} - -MD5CTX md5_init(void) -{ - MD5CTX ctx = NULL; - int rc; - const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type(MBEDTLS_MD_MD5); - if (md_info == NULL) { - return NULL; - } - - ctx = malloc(sizeof(mbedtls_md_context_t)); - if (ctx == NULL) { - return NULL; - } - - mbedtls_md_init(ctx); - - rc = mbedtls_md_setup(ctx, md_info, 0); - if (rc != 0) { - SAFE_FREE(ctx); - return NULL; - } - - rc = mbedtls_md_starts(ctx); - if (rc != 0) { - SAFE_FREE(ctx); - return NULL; - } - - return ctx; -} - - -void md5_update(MD5CTX c, const void *data, size_t len) { - mbedtls_md_update(c, data, len); -} - -void md5_final(unsigned char *md, MD5CTX c) -{ - mbedtls_md_finish(c, md); - mbedtls_md_free(c); - SAFE_FREE(c); -} - int ssh_kdf(struct ssh_crypto_struct *crypto, unsigned char *key, size_t key_len, int key_type, unsigned char *output, diff --git a/src/md_crypto.c b/src/md_crypto.c new file mode 100644 index 00000000..f5104f04 --- /dev/null +++ b/src/md_crypto.c @@ -0,0 +1,225 @@ +/* + * This file is part of the SSH Library + * + * Copyright (c) 2009 by Aris Adamantiadis + * + * The SSH Library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The SSH Library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the SSH Library; see the file COPYING. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +#include "config.h" + +#include "libcrypto-compat.h" +#include "libssh/crypto.h" +#include "libssh/wrapper.h" + +#include +#include +#include + +SHACTX +sha1_init(void) +{ + int rc; + SHACTX c = EVP_MD_CTX_new(); + if (c == NULL) { + return NULL; + } + rc = EVP_DigestInit_ex(c, EVP_sha1(), NULL); + if (rc == 0) { + EVP_MD_CTX_free(c); + c = NULL; + } + return c; +} + +void +sha1_update(SHACTX c, const void *data, size_t len) +{ + EVP_DigestUpdate(c, data, len); +} + +void +sha1_final(unsigned char *md, SHACTX c) +{ + unsigned int mdlen = 0; + + EVP_DigestFinal(c, md, &mdlen); + EVP_MD_CTX_free(c); +} + +void +sha1(const unsigned char *digest, size_t len, unsigned char *hash) +{ + SHACTX c = sha1_init(); + if (c != NULL) { + sha1_update(c, digest, len); + sha1_final(hash, c); + } +} + +SHA256CTX +sha256_init(void) +{ + int rc; + SHA256CTX c = EVP_MD_CTX_new(); + if (c == NULL) { + return NULL; + } + rc = EVP_DigestInit_ex(c, EVP_sha256(), NULL); + if (rc == 0) { + EVP_MD_CTX_free(c); + c = NULL; + } + return c; +} + +void +sha256_update(SHA256CTX c, const void *data, size_t len) +{ + EVP_DigestUpdate(c, data, len); +} + +void +sha256_final(unsigned char *md, SHA256CTX c) +{ + unsigned int mdlen = 0; + + EVP_DigestFinal(c, md, &mdlen); + EVP_MD_CTX_free(c); +} + +void +sha256(const unsigned char *digest, size_t len, unsigned char *hash) +{ + SHA256CTX c = sha256_init(); + if (c != NULL) { + sha256_update(c, digest, len); + sha256_final(hash, c); + } +} + +SHA384CTX +sha384_init(void) +{ + int rc; + SHA384CTX c = EVP_MD_CTX_new(); + if (c == NULL) { + return NULL; + } + rc = EVP_DigestInit_ex(c, EVP_sha384(), NULL); + if (rc == 0) { + EVP_MD_CTX_free(c); + c = NULL; + } + return c; +} + +void +sha384_update(SHA384CTX c, const void *data, size_t len) +{ + EVP_DigestUpdate(c, data, len); +} + +void +sha384_final(unsigned char *md, SHA384CTX c) +{ + unsigned int mdlen = 0; + + EVP_DigestFinal(c, md, &mdlen); + EVP_MD_CTX_free(c); +} + +void +sha384(const unsigned char *digest, size_t len, unsigned char *hash) +{ + SHA384CTX c = sha384_init(); + if (c != NULL) { + sha384_update(c, digest, len); + sha384_final(hash, c); + } +} + +SHA512CTX +sha512_init(void) +{ + int rc = 0; + SHA512CTX c = EVP_MD_CTX_new(); + if (c == NULL) { + return NULL; + } + rc = EVP_DigestInit_ex(c, EVP_sha512(), NULL); + if (rc == 0) { + EVP_MD_CTX_free(c); + c = NULL; + } + return c; +} + +void +sha512_update(SHA512CTX c, const void *data, size_t len) +{ + EVP_DigestUpdate(c, data, len); +} + +void +sha512_final(unsigned char *md, SHA512CTX c) +{ + unsigned int mdlen = 0; + + EVP_DigestFinal(c, md, &mdlen); + EVP_MD_CTX_free(c); +} + +void +sha512(const unsigned char *digest, size_t len, unsigned char *hash) +{ + SHA512CTX c = sha512_init(); + if (c != NULL) { + sha512_update(c, digest, len); + sha512_final(hash, c); + } +} + +MD5CTX +md5_init(void) +{ + int rc; + MD5CTX c = EVP_MD_CTX_new(); + if (c == NULL) { + return NULL; + } + rc = EVP_DigestInit_ex(c, EVP_md5(), NULL); + if (rc == 0) { + EVP_MD_CTX_free(c); + c = NULL; + } + return c; +} + +void +md5_update(MD5CTX c, const void *data, size_t len) +{ + EVP_DigestUpdate(c, data, len); +} + +void +md5_final(unsigned char *md, MD5CTX c) +{ + unsigned int mdlen = 0; + + EVP_DigestFinal(c, md, &mdlen); + EVP_MD_CTX_free(c); +} diff --git a/src/md_gcrypt.c b/src/md_gcrypt.c new file mode 100644 index 00000000..1f0a71f3 --- /dev/null +++ b/src/md_gcrypt.c @@ -0,0 +1,167 @@ +/* + * This file is part of the SSH Library + * + * Copyright (c) 2009 by Aris Adamantiadis + * Copyright (C) 2016 g10 Code GmbH + * + * The SSH Library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The SSH Library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the SSH Library; see the file COPYING. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +#include "config.h" + +#include "libssh/crypto.h" +#include "libssh/wrapper.h" + +#include + +SHACTX +sha1_init(void) +{ + SHACTX ctx = NULL; + gcry_md_open(&ctx, GCRY_MD_SHA1, 0); + + return ctx; +} + +void +sha1_update(SHACTX c, const void *data, size_t len) +{ + gcry_md_write(c, data, len); +} + +void +sha1_final(unsigned char *md, SHACTX c) +{ + gcry_md_final(c); + memcpy(md, gcry_md_read(c, 0), SHA_DIGEST_LEN); + gcry_md_close(c); +} + +void +sha1(const unsigned char *digest, size_t len, unsigned char *hash) +{ + gcry_md_hash_buffer(GCRY_MD_SHA1, hash, digest, len); +} + +SHA256CTX +sha256_init(void) +{ + SHA256CTX ctx = NULL; + gcry_md_open(&ctx, GCRY_MD_SHA256, 0); + + return ctx; +} + +void +sha256_update(SHACTX c, const void *data, size_t len) +{ + gcry_md_write(c, data, len); +} + +void +sha256_final(unsigned char *md, SHACTX c) +{ + gcry_md_final(c); + memcpy(md, gcry_md_read(c, 0), SHA256_DIGEST_LEN); + gcry_md_close(c); +} + +void +sha256(const unsigned char *digest, size_t len, unsigned char *hash) +{ + gcry_md_hash_buffer(GCRY_MD_SHA256, hash, digest, len); +} + +SHA384CTX +sha384_init(void) +{ + SHA384CTX ctx = NULL; + gcry_md_open(&ctx, GCRY_MD_SHA384, 0); + + return ctx; +} + +void +sha384_update(SHACTX c, const void *data, size_t len) +{ + gcry_md_write(c, data, len); +} + +void +sha384_final(unsigned char *md, SHACTX c) +{ + gcry_md_final(c); + memcpy(md, gcry_md_read(c, 0), SHA384_DIGEST_LEN); + gcry_md_close(c); +} + +void +sha384(const unsigned char *digest, size_t len, unsigned char *hash) +{ + gcry_md_hash_buffer(GCRY_MD_SHA384, hash, digest, len); +} + +SHA512CTX +sha512_init(void) +{ + SHA512CTX ctx = NULL; + gcry_md_open(&ctx, GCRY_MD_SHA512, 0); + + return ctx; +} + +void +sha512_update(SHACTX c, const void *data, size_t len) +{ + gcry_md_write(c, data, len); +} + +void +sha512_final(unsigned char *md, SHACTX c) +{ + gcry_md_final(c); + memcpy(md, gcry_md_read(c, 0), SHA512_DIGEST_LEN); + gcry_md_close(c); +} + +void +sha512(const unsigned char *digest, size_t len, unsigned char *hash) +{ + gcry_md_hash_buffer(GCRY_MD_SHA512, hash, digest, len); +} + +MD5CTX +md5_init(void) +{ + MD5CTX c = NULL; + gcry_md_open(&c, GCRY_MD_MD5, 0); + + return c; +} + +void +md5_update(MD5CTX c, const void *data, size_t len) +{ + gcry_md_write(c, data, len); +} + +void +md5_final(unsigned char *md, MD5CTX c) +{ + gcry_md_final(c); + memcpy(md, gcry_md_read(c, 0), MD5_DIGEST_LEN); + gcry_md_close(c); +} diff --git a/src/md_mbedcrypto.c b/src/md_mbedcrypto.c new file mode 100644 index 00000000..227e20ab --- /dev/null +++ b/src/md_mbedcrypto.c @@ -0,0 +1,308 @@ +/* + * This file is part of the SSH Library + * + * Copyright (c) 2017 Sartura d.o.o. + * + * Author: Juraj Vijtiuk + * + * The SSH Library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The SSH Library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the SSH Library; see the file COPYING. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +#include "config.h" + +#include "libssh/crypto.h" +#include "libssh/wrapper.h" +#include "mbedcrypto-compat.h" + +#include + +SHACTX +sha1_init(void) +{ + SHACTX ctx = NULL; + int rc; + const mbedtls_md_info_t *md_info = + mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); + + if (md_info == NULL) { + return NULL; + } + + ctx = malloc(sizeof(mbedtls_md_context_t)); + if (ctx == NULL) { + return NULL; + } + + mbedtls_md_init(ctx); + + rc = mbedtls_md_setup(ctx, md_info, 0); + if (rc != 0) { + SAFE_FREE(ctx); + return NULL; + } + + rc = mbedtls_md_starts(ctx); + if (rc != 0) { + SAFE_FREE(ctx); + return NULL; + } + + return ctx; +} + +void +sha1_update(SHACTX c, const void *data, size_t len) +{ + mbedtls_md_update(c, data, len); +} + +void +sha1_final(unsigned char *md, SHACTX c) +{ + mbedtls_md_finish(c, md); + mbedtls_md_free(c); + SAFE_FREE(c); +} + +void +sha1(const unsigned char *digest, size_t len, unsigned char *hash) +{ + const mbedtls_md_info_t *md_info = + mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); + if (md_info != NULL) { + mbedtls_md(md_info, digest, len, hash); + } +} + +SHA256CTX +sha256_init(void) +{ + SHA256CTX ctx = NULL; + int rc; + const mbedtls_md_info_t *md_info = + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); + + if (md_info == NULL) { + return NULL; + } + + ctx = malloc(sizeof(mbedtls_md_context_t)); + if (ctx == NULL) { + return NULL; + } + + mbedtls_md_init(ctx); + + rc = mbedtls_md_setup(ctx, md_info, 0); + if (rc != 0) { + SAFE_FREE(ctx); + return NULL; + } + + rc = mbedtls_md_starts(ctx); + if (rc != 0) { + SAFE_FREE(ctx); + return NULL; + } + + return ctx; +} + +void +sha256_update(SHA256CTX c, const void *data, size_t len) +{ + mbedtls_md_update(c, data, len); +} + +void +sha256_final(unsigned char *md, SHA256CTX c) +{ + mbedtls_md_finish(c, md); + mbedtls_md_free(c); + SAFE_FREE(c); +} + +void +sha256(const unsigned char *digest, size_t len, unsigned char *hash) +{ + const mbedtls_md_info_t *md_info = + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); + if (md_info != NULL) { + mbedtls_md(md_info, digest, len, hash); + } +} + +SHA384CTX +sha384_init(void) +{ + SHA384CTX ctx = NULL; + int rc; + const mbedtls_md_info_t *md_info = + mbedtls_md_info_from_type(MBEDTLS_MD_SHA384); + + if (md_info == NULL) { + return NULL; + } + + ctx = malloc(sizeof(mbedtls_md_context_t)); + if (ctx == NULL) { + return NULL; + } + + mbedtls_md_init(ctx); + + rc = mbedtls_md_setup(ctx, md_info, 0); + if (rc != 0) { + SAFE_FREE(ctx); + return NULL; + } + + rc = mbedtls_md_starts(ctx); + if (rc != 0) { + SAFE_FREE(ctx); + return NULL; + } + + return ctx; +} + +void +sha384_update(SHA384CTX c, const void *data, size_t len) +{ + mbedtls_md_update(c, data, len); +} + +void +sha384_final(unsigned char *md, SHA384CTX c) +{ + mbedtls_md_finish(c, md); + mbedtls_md_free(c); + SAFE_FREE(c); +} + +void +sha384(const unsigned char *digest, size_t len, unsigned char *hash) +{ + const mbedtls_md_info_t *md_info = + mbedtls_md_info_from_type(MBEDTLS_MD_SHA384); + if (md_info != NULL) { + mbedtls_md(md_info, digest, len, hash); + } +} + +SHA512CTX +sha512_init(void) +{ + SHA512CTX ctx = NULL; + int rc; + const mbedtls_md_info_t *md_info = + mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); + if (md_info == NULL) { + return NULL; + } + + ctx = malloc(sizeof(mbedtls_md_context_t)); + if (ctx == NULL) { + return NULL; + } + + mbedtls_md_init(ctx); + + rc = mbedtls_md_setup(ctx, md_info, 0); + if (rc != 0) { + SAFE_FREE(ctx); + return NULL; + } + + rc = mbedtls_md_starts(ctx); + if (rc != 0) { + SAFE_FREE(ctx); + return NULL; + } + + return ctx; +} + +void +sha512_update(SHA512CTX c, const void *data, size_t len) +{ + mbedtls_md_update(c, data, len); +} + +void +sha512_final(unsigned char *md, SHA512CTX c) +{ + mbedtls_md_finish(c, md); + mbedtls_md_free(c); + SAFE_FREE(c); +} + +void +sha512(const unsigned char *digest, size_t len, unsigned char *hash) +{ + const mbedtls_md_info_t *md_info = + mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); + if (md_info != NULL) { + mbedtls_md(md_info, digest, len, hash); + } +} + +MD5CTX +md5_init(void) +{ + MD5CTX ctx = NULL; + int rc; + const mbedtls_md_info_t *md_info = + mbedtls_md_info_from_type(MBEDTLS_MD_MD5); + if (md_info == NULL) { + return NULL; + } + + ctx = malloc(sizeof(mbedtls_md_context_t)); + if (ctx == NULL) { + return NULL; + } + + mbedtls_md_init(ctx); + + rc = mbedtls_md_setup(ctx, md_info, 0); + if (rc != 0) { + SAFE_FREE(ctx); + return NULL; + } + + rc = mbedtls_md_starts(ctx); + if (rc != 0) { + SAFE_FREE(ctx); + return NULL; + } + + return ctx; +} + +void +md5_update(MD5CTX c, const void *data, size_t len) +{ + mbedtls_md_update(c, data, len); +} + +void +md5_final(unsigned char *md, MD5CTX c) +{ + mbedtls_md_finish(c, md); + mbedtls_md_free(c); + SAFE_FREE(c); +} diff --git a/tests/external_override/CMakeLists.txt b/tests/external_override/CMakeLists.txt index 90990ab8..81d10c53 100644 --- a/tests/external_override/CMakeLists.txt +++ b/tests/external_override/CMakeLists.txt @@ -22,54 +22,58 @@ add_library(poly1305_override SHARED set(POLY1305_OVERRIDE_LIBRARY ${libssh_BINARY_DIR}/lib/${CMAKE_SHARED_LIBRARY_PREFIX}poly1305_override${CMAKE_SHARED_LIBRARY_SUFFIX}) +if (WITH_GCRYPT) + set (override_src + ${libssh_SOURCE_DIR}/src/getrandom_gcrypt.c + ${libssh_SOURCE_DIR}/src/md_gcrypt.c + ) + set(override_libs + ${GCRYPT_LIBRARIES} + ) +elseif (WITH_MBEDTLS) + set (override_src + ${libssh_SOURCE_DIR}/src/getrandom_mbedcrypto.c + ${libssh_SOURCE_DIR}/src/md_mbedcrypto.c + ) + set(override_libs + ${MBEDTLS_CRYPTO_LIBRARY} + ) +else () + set (override_src + ${libssh_SOURCE_DIR}/src/getrandom_crypto.c + ${libssh_SOURCE_DIR}/src/md_crypto.c + ) + set(override_libs + ${OPENSSL_CRYPTO_LIBRARIES} + ) +endif (WITH_GCRYPT) + # ed25519_override add_library(ed25519_override SHARED - ed25519_override.c - ${libssh_SOURCE_DIR}/src/external/fe25519.c - ${libssh_SOURCE_DIR}/src/external/ge25519.c - ${libssh_SOURCE_DIR}/src/external/sc25519.c - ${libssh_SOURCE_DIR}/src/external/ed25519.c - ) + ed25519_override.c + ${libssh_SOURCE_DIR}/src/external/fe25519.c + ${libssh_SOURCE_DIR}/src/external/ge25519.c + ${libssh_SOURCE_DIR}/src/external/sc25519.c + ${libssh_SOURCE_DIR}/src/external/ed25519.c + ${override_src} + ) +target_link_libraries(ed25519_override + PRIVATE ${override_libs}) set(ED25519_OVERRIDE_LIBRARY ${libssh_BINARY_DIR}/lib/${CMAKE_SHARED_LIBRARY_PREFIX}ed25519_override${CMAKE_SHARED_LIBRARY_SUFFIX}) # curve25519_override -set (curve25519_override_src +add_library(curve25519_override SHARED curve25519_override.c ${libssh_SOURCE_DIR}/src/external/curve25519_ref.c ${libssh_SOURCE_DIR}/src/external/fe25519.c ${libssh_SOURCE_DIR}/src/external/ge25519.c ${libssh_SOURCE_DIR}/src/external/sc25519.c ${libssh_SOURCE_DIR}/src/external/ed25519.c + ${override_src} ) -if (WITH_GCRYPT) - set (curve25519_override_src - ${curve25519_override_src} - ${libssh_SOURCE_DIR}/src/getrandom_gcrypt.c - ) - set(curve25519_override_libs - ${GCRYPT_LIBRARIES} - ) -elseif (WITH_MBEDTLS) - set (curve25519_override_src - ${curve25519_override_src} - ${libssh_SOURCE_DIR}/src/getrandom_mbedcrypto.c - ) - set(curve25519_override_libs - ${MBEDTLS_CRYPTO_LIBRARY} - ) -else () - set (curve25519_override_src - ${curve25519_override_src} - ${libssh_SOURCE_DIR}/src/getrandom_crypto.c - ) - set(curve25519_override_libs - ${OPENSSL_CRYPTO_LIBRARIES} - ) -endif (WITH_GCRYPT) -add_library(curve25519_override SHARED ${curve25519_override_src}) target_link_libraries(curve25519_override - PRIVATE ${curve25519_override_libs}) + PRIVATE ${override_libs}) set(CURVE25519_OVERRIDE_LIBRARY ${libssh_BINARY_DIR}/lib/${CMAKE_SHARED_LIBRARY_PREFIX}curve25519_override${CMAKE_SHARED_LIBRARY_SUFFIX})