Add generic message digest API (isc_md) to replace specific MD functions md5/sha1/sha256

This commit is contained in:
Ondřej Surý 2018-06-01 09:31:59 +02:00
parent 4b636bf74e
commit 7fd3dc63de
62 changed files with 1519 additions and 1999 deletions

View file

@ -257,6 +257,7 @@ build:debian:jessie:amd64:
variables:
CC: gcc
CFLAGS: "-Wall -Wextra -O2 -g"
EXTRA_CONFIGURE: --without-cmocka
<<: *debian_jessie_amd64_image
<<: *build_job

View file

@ -40,6 +40,7 @@
#include <isc/file.h>
#include <isc/hash.h>
#include <isc/hex.h>
#include <isc/md.h>
#include <isc/mem.h>
#include <isc/mutex.h>
#include <isc/os.h>

View file

@ -41,7 +41,6 @@
#include <isc/print.h>
#include <isc/refcount.h>
#include <isc/resource.h>
#include <isc/sha2.h>
#include <isc/socket.h>
#include <isc/stat.h>
#include <isc/stats.h>
@ -9011,6 +9010,7 @@ load_configuration(const char *filename, named_server_t *server,
bool first = true;
isc_buffer_t b;
unsigned int usedlength;
unsigned int expectedlength;
for (element = cfg_list_first(obj);
element != NULL;
@ -9056,21 +9056,26 @@ load_configuration(const char *filename, named_server_t *server,
usedlength = isc_buffer_usedlength(&b);
switch (server->sctx->cookiealg) {
case ns_cookiealg_aes:
if (usedlength != ISC_AES128_KEYLENGTH) {
expectedlength = ISC_AES128_KEYLENGTH;
if (usedlength != expectedlength) {
CHECKM(ISC_R_RANGE,
"AES cookie-secret must be "
"128 bits");
}
break;
case ns_cookiealg_sha1:
if (usedlength != ISC_SHA1_DIGESTLENGTH) {
expectedlength =
isc_md_type_get_size(ISC_MD_SHA1);
if (usedlength != expectedlength) {
CHECKM(ISC_R_RANGE,
"SHA1 cookie-secret must be "
"160 bits");
}
break;
case ns_cookiealg_sha256:
if (usedlength != ISC_SHA256_DIGESTLENGTH) {
expectedlength =
isc_md_type_get_size(ISC_MD_SHA256);
if (usedlength != expectedlength) {
CHECKM(ISC_R_RANGE,
"SHA256 cookie-secret must be "
"256 bits");

View file

@ -17,8 +17,6 @@
#include <isc/hmacmd5.h>
#include <isc/hmacsha.h>
#include <isc/md5.h>
#include <isc/sha1.h>
#include <isc/util.h>
#include <isc/print.h>
#include <isc/string.h>
@ -42,16 +40,13 @@ print_digest(const char *s, const char *hash, unsigned char *d,
int
main(int argc, char **argv) {
isc_sha1_t sha1;
isc_sha224_t sha224;
isc_md5_t md5;
isc_hmacmd5_t hmacmd5;
isc_hmacsha1_t hmacsha1;
isc_hmacsha224_t hmacsha224;
isc_hmacsha256_t hmacsha256;
isc_hmacsha384_t hmacsha384;
isc_hmacsha512_t hmacsha512;
unsigned char digest[ISC_SHA512_DIGESTLENGTH];
unsigned char digest[ISC_MAX_MD_SIZE];
unsigned char buffer[1024];
const char *s;
unsigned char key[20];
@ -59,41 +54,6 @@ main(int argc, char **argv) {
UNUSED(argc);
UNUSED(argv);
s = "abc";
isc_sha1_init(&sha1);
memmove(buffer, s, strlen(s));
isc_sha1_update(&sha1, buffer, strlen(s));
isc_sha1_final(&sha1, digest);
print_digest(s, "sha1", digest, ISC_SHA1_DIGESTLENGTH/4);
s = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
isc_sha1_init(&sha1);
memmove(buffer, s, strlen(s));
isc_sha1_update(&sha1, buffer, strlen(s));
isc_sha1_final(&sha1, digest);
print_digest(s, "sha1", digest, ISC_SHA1_DIGESTLENGTH/4);
s = "abc";
isc_sha224_init(&sha224);
memmove(buffer, s, strlen(s));
isc_sha224_update(&sha224, buffer, strlen(s));
isc_sha224_final(digest, &sha224);
print_digest(s, "sha224", digest, ISC_SHA224_DIGESTLENGTH/4);
s = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
isc_sha224_init(&sha224);
memmove(buffer, s, strlen(s));
isc_sha224_update(&sha224, buffer, strlen(s));
isc_sha224_final(digest, &sha224);
print_digest(s, "sha224", digest, ISC_SHA224_DIGESTLENGTH/4);
s = "abc";
isc_md5_init(&md5);
memmove(buffer, s, strlen(s));
isc_md5_update(&md5, buffer, strlen(s));
isc_md5_final(&md5, digest);
print_digest(s, "md5", digest, 4);
/*
* The 3 HMAC-MD5 examples from RFC2104
*/

View file

@ -69,6 +69,9 @@
/* Define if clock_gettime is available. */
#undef HAVE_CLOCK_GETTIME
/* Use cmocka */
#undef HAVE_CMOCKA
/* Define to 1 if you have the <cmocka.h> header file. */
#undef HAVE_CMOCKA_H

68
configure vendored
View file

@ -19541,19 +19541,19 @@ case $with_cmocka in #(
yes) :
pkg_failed=no
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for cmocka" >&5
$as_echo_n "checking for cmocka... " >&6; }
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for cmocka >= 1.0.0" >&5
$as_echo_n "checking for cmocka >= 1.0.0... " >&6; }
if test -n "$CMOCKA_CFLAGS"; then
pkg_cv_CMOCKA_CFLAGS="$CMOCKA_CFLAGS"
elif test -n "$PKG_CONFIG"; then
if test -n "$PKG_CONFIG" && \
{ { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"cmocka\""; } >&5
($PKG_CONFIG --exists --print-errors "cmocka") 2>&5
{ { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"cmocka >= 1.0.0\""; } >&5
($PKG_CONFIG --exists --print-errors "cmocka >= 1.0.0") 2>&5
ac_status=$?
$as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
test $ac_status = 0; }; then
pkg_cv_CMOCKA_CFLAGS=`$PKG_CONFIG --cflags "cmocka" 2>/dev/null`
pkg_cv_CMOCKA_CFLAGS=`$PKG_CONFIG --cflags "cmocka >= 1.0.0" 2>/dev/null`
test "x$?" != "x0" && pkg_failed=yes
else
pkg_failed=yes
@ -19565,12 +19565,12 @@ if test -n "$CMOCKA_LIBS"; then
pkg_cv_CMOCKA_LIBS="$CMOCKA_LIBS"
elif test -n "$PKG_CONFIG"; then
if test -n "$PKG_CONFIG" && \
{ { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"cmocka\""; } >&5
($PKG_CONFIG --exists --print-errors "cmocka") 2>&5
{ { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"cmocka >= 1.0.0\""; } >&5
($PKG_CONFIG --exists --print-errors "cmocka >= 1.0.0") 2>&5
ac_status=$?
$as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
test $ac_status = 0; }; then
pkg_cv_CMOCKA_LIBS=`$PKG_CONFIG --libs "cmocka" 2>/dev/null`
pkg_cv_CMOCKA_LIBS=`$PKG_CONFIG --libs "cmocka >= 1.0.0" 2>/dev/null`
test "x$?" != "x0" && pkg_failed=yes
else
pkg_failed=yes
@ -19591,14 +19591,14 @@ else
_pkg_short_errors_supported=no
fi
if test $_pkg_short_errors_supported = yes; then
CMOCKA_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "cmocka" 2>&1`
CMOCKA_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "cmocka >= 1.0.0" 2>&1`
else
CMOCKA_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "cmocka" 2>&1`
CMOCKA_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "cmocka >= 1.0.0" 2>&1`
fi
# Put the nasty error message in config.log where it belongs
echo "$CMOCKA_PKG_ERRORS" >&5
as_fn_error $? "Package requirements (cmocka) were not met:
as_fn_error $? "Package requirements (cmocka >= 1.0.0) were not met:
$CMOCKA_PKG_ERRORS
@ -19629,6 +19629,8 @@ else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
$as_echo "#define HAVE_CMOCKA 1" >>confdefs.h
fi ;; #(
*) :
@ -19711,6 +19713,9 @@ if test "$ac_res" != no; then :
CMOCKA_CFLAGS="-I$with_cmocka/include"
CMOCKA_LIBS="-L$with_cmocka/lib -lcmocka"
$as_echo "#define HAVE_CMOCKA 1" >>confdefs.h
else
as_fn_error $? "cmocka unit testing framework not found in $with_cmocka path" "$LINENO" 5
fi
@ -19761,6 +19766,47 @@ rm -f core conftest.err conftest.$ac_objext \
# AM_CONDITIONAL([LD_WRAP], [test $enable_ld_wrap = yes])
LDFLAGS=$save_LDFLAGS
#
# Check for -Wl,--wrap= support
#
save_LDFLAGS=$LDFLAGS
LDFLAGS="--wrap=printf"
LD_WRAP_TESTS=false
enable_ld_wrap=no
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for linker support for --wrap option" >&5
$as_echo_n "checking for linker support for --wrap option... " >&6; }
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
#include <stdio.h>
int
main ()
{
__wrap_printf("success"); return (0);
;
return 0;
}
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
enable_ld_wrap=yes
LD_WRAP_TESTS=true
$as_echo "#define LD_WRAP 1" >>confdefs.h
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
fi
rm -f core conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
# AM_CONDITIONAL([LD_WRAP], [test $enable_ld_wrap = yes])
LDFLAGS=$save_LDFLAGS
#

View file

@ -2390,7 +2390,8 @@ AC_ARG_WITH([cmocka],
AS_CASE([$with_cmocka],
[no],[:],
[yes],[PKG_CHECK_MODULES([CMOCKA], [cmocka])],
[yes],[PKG_CHECK_MODULES([CMOCKA], [cmocka >= 1.0.0],
[AC_DEFINE([HAVE_CMOCKA], [1], [Use cmocka])])],
[*],[
save_CFLAGS="$CFLAGS"
save_LIBS="$LIBS"
@ -2408,6 +2409,7 @@ AS_CASE([$with_cmocka],
[
CMOCKA_CFLAGS="-I$with_cmocka/include"
CMOCKA_LIBS="-L$with_cmocka/lib -lcmocka"
AC_DEFINE([HAVE_CMOCKA], [1], [Use cmocka])
],
[AC_MSG_ERROR([cmocka unit testing framework not found in $with_cmocka path])])
])
@ -2436,6 +2438,28 @@ AC_SUBST([LD_WRAP_TESTS])
LDFLAGS=$save_LDFLAGS
#
# Check for -Wl,--wrap= support
#
save_LDFLAGS=$LDFLAGS
LDFLAGS="--wrap=printf"
LD_WRAP_TESTS=false
enable_ld_wrap=no
AC_MSG_CHECKING([for linker support for --wrap option])
AC_LINK_IFELSE(
[AC_LANG_PROGRAM([#include <stdio.h>], [__wrap_printf("success"); return (0);])],
[enable_ld_wrap=yes
LD_WRAP_TESTS=true
AC_DEFINE([LD_WRAP], [1], [define if the linker supports --wrap option])
AC_MSG_RESULT([yes])],
[AC_MSG_RESULT([no])])
# AM_CONDITIONAL([LD_WRAP], [test $enable_ld_wrap = yes])
AC_SUBST([LD_WRAP_TESTS])
LDFLAGS=$save_LDFLAGS
#
# Check whether to build Automated Test Framework unit tests
#

View file

@ -23,6 +23,7 @@
#include <isc/file.h>
#include <isc/hex.h>
#include <isc/log.h>
#include <isc/md.h>
#include <isc/mem.h>
#include <isc/netaddr.h>
#include <isc/parseint.h>
@ -30,8 +31,6 @@
#include <isc/print.h>
#include <isc/region.h>
#include <isc/result.h>
#include <isc/sha1.h>
#include <isc/sha2.h>
#include <isc/sockaddr.h>
#include <isc/string.h>
#include <isc/symtab.h>

View file

@ -53,7 +53,7 @@
</PrecompiledHeader>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>WIN32;USE_MD5;_DEBUG;_WINDOWS;_USRDLL;LIBBIND9_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;LIBBIND9_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>./;../../../;include;../include;../../isc/win32;../../isc/win32/include;../../isc/include;../../isccfg/include;../../dns/include;@LIBXML2_INC@@OPENSSL_INC@@GEOIP_INC@%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeaderOutputFile>.\$(Configuration)\$(TargetName).pch</PrecompiledHeaderOutputFile>
@ -81,7 +81,7 @@
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>@INTRINSIC@</IntrinsicFunctions>
<PreprocessorDefinitions>WIN32;USE_MD5;NDEBUG;_WINDOWS;_USRDLL;LIBBIND9_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;LIBBIND9_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>./;../../../;include;../include;../../isc/win32;../../isc/win32/include;../../isc/include;../../isccfg/include;../../dns/include;@LIBXML2_INC@@OPENSSL_INC@@GEOIP_INC@%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
<WholeProgramOptimization>false</WholeProgramOptimization>

View file

@ -29,7 +29,7 @@ USE_ISC_SPNEGO = @USE_ISC_SPNEGO@
CINCLUDES = -I. -I${top_srcdir}/lib/dns -Iinclude ${DNS_INCLUDES} \
${ISC_INCLUDES} @OPENSSL_INCLUDES@ @DST_GSSAPI_INC@
CDEFINES = -DUSE_MD5 @USE_GSSAPI@ ${USE_ISC_SPNEGO}
CDEFINES = @USE_GSSAPI@ ${USE_ISC_SPNEGO}
CWARNINGS =

View file

@ -17,11 +17,11 @@
#include <stdbool.h>
#include <isc/hex.h>
#include <isc/md.h>
#include <isc/mem.h>
#include <isc/parseint.h>
#include <isc/print.h>
#include <isc/result.h>
#include <isc/sha2.h>
#include <isc/task.h>
#include <isc/util.h>
@ -1420,12 +1420,27 @@ dns_catz_update_process(dns_catz_zones_t *catzs, dns_catz_zone_t *zone,
return (result);
}
static isc_result_t
digest2hex(unsigned char *digest, unsigned int digestlen,
char *hash, size_t hashlen)
{
unsigned int i;
int ret;
for (i = 0; i < digestlen; i++) {
size_t left = hashlen - i * 2;
ret = snprintf(hash + i * 2, left, "%02x", digest[i]);
if (ret < 0 || (size_t)ret >= left) {
return (ISC_R_NOSPACE);
}
}
return (ISC_R_SUCCESS);
}
isc_result_t
dns_catz_generate_masterfilename(dns_catz_zone_t *zone, dns_catz_entry_t *entry,
isc_buffer_t **buffer)
{
isc_buffer_t *tbuf = NULL;
isc_sha256_t sha256;
isc_region_t r;
isc_result_t result;
size_t rlen;
@ -1453,7 +1468,7 @@ dns_catz_generate_masterfilename(dns_catz_zone_t *zone, dns_catz_entry_t *entry,
goto cleanup;
/* __catz__<digest>.db */
rlen = ISC_SHA256_DIGESTSTRINGLENGTH + 12;
rlen = (isc_md_type_get_size(ISC_MD_SHA256) * 2 + 1) + 12;
/* optionally prepend with <zonedir>/ */
if (entry->opts.zonedir != NULL)
@ -1470,11 +1485,20 @@ dns_catz_generate_masterfilename(dns_catz_zone_t *zone, dns_catz_entry_t *entry,
isc_buffer_usedregion(tbuf, &r);
isc_buffer_putstr(*buffer, "__catz__");
if (tbuf->used > ISC_SHA256_DIGESTSTRINGLENGTH) {
isc_sha256_init(&sha256);
isc_sha256_update(&sha256, r.base, r.length);
if (tbuf->used > ISC_SHA256_DIGESTLENGTH * 2 + 1) {
unsigned char digest[ISC_MAX_MD_SIZE];
unsigned int digestlen;
/* we can do that because digest string < 2 * DNS_NAME */
isc_sha256_end(&sha256, (char *) r.base);
result = isc_md(ISC_MD_SHA256, r.base, r.length,
digest, &digestlen);
if (result != ISC_R_SUCCESS) {
goto cleanup;
}
result = digest2hex(digest, digestlen, (char *)r.base,
ISC_SHA256_DIGESTLENGTH * 2 + 1);
if (result != ISC_R_SUCCESS) {
goto cleanup;
}
isc_buffer_putstr(*buffer, (char *) r.base);
} else {
isc_buffer_copyregion(*buffer, &r);

View file

@ -18,8 +18,7 @@
#include <isc/buffer.h>
#include <isc/region.h>
#include <isc/sha1.h>
#include <isc/sha2.h>
#include <isc/md.h>
#include <isc/util.h>
#include <dns/ds.h>
@ -38,19 +37,21 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
{
dns_fixedname_t fname;
dns_name_t *name;
unsigned char digest[ISC_SHA384_DIGESTLENGTH];
unsigned char digest[ISC_MAX_MD_SIZE];
unsigned int digestlen;
isc_region_t r;
isc_buffer_t b;
dns_rdata_ds_t ds;
isc_sha1_t sha1;
isc_sha256_t sha256;
isc_sha384_t sha384;
isc_md_t *md;
isc_md_type_t md_type = 0;
isc_result_t ret;
REQUIRE(key != NULL);
REQUIRE(key->type == dns_rdatatype_dnskey);
if (!dst_ds_digest_supported(digest_type))
if (!dst_ds_digest_supported(digest_type)) {
return (ISC_R_NOTIMPLEMENTED);
}
name = dns_fixedname_initname(&fname);
(void)dns_name_downcase(owner, name, NULL);
@ -58,61 +59,65 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key,
memset(buffer, 0, DNS_DS_BUFFERSIZE);
isc_buffer_init(&b, buffer, DNS_DS_BUFFERSIZE);
md = isc_md_new();
if (md == NULL) {
return (ISC_R_NOMEMORY);
}
switch (digest_type) {
case DNS_DSDIGEST_SHA1:
isc_sha1_init(&sha1);
dns_name_toregion(name, &r);
isc_sha1_update(&sha1, r.base, r.length);
dns_rdata_toregion(key, &r);
INSIST(r.length >= 4);
isc_sha1_update(&sha1, r.base, r.length);
isc_sha1_final(&sha1, digest);
md_type = ISC_MD_SHA1;
break;
case DNS_DSDIGEST_SHA384:
isc_sha384_init(&sha384);
dns_name_toregion(name, &r);
isc_sha384_update(&sha384, r.base, r.length);
dns_rdata_toregion(key, &r);
INSIST(r.length >= 4);
isc_sha384_update(&sha384, r.base, r.length);
isc_sha384_final(digest, &sha384);
md_type = ISC_MD_SHA384;
break;
case DNS_DSDIGEST_SHA256:
default:
isc_sha256_init(&sha256);
dns_name_toregion(name, &r);
isc_sha256_update(&sha256, r.base, r.length);
dns_rdata_toregion(key, &r);
INSIST(r.length >= 4);
isc_sha256_update(&sha256, r.base, r.length);
isc_sha256_final(digest, &sha256);
md_type = ISC_MD_SHA256;
break;
}
ret = isc_md_init(md, md_type);
if (ret != ISC_R_SUCCESS) {
goto end;
}
dns_name_toregion(name, &r);
ret = isc_md_update(md, r.base, r.length);
if (ret != ISC_R_SUCCESS) {
goto end;
}
dns_rdata_toregion(key, &r);
INSIST(r.length >= 4);
ret = isc_md_update(md, r.base, r.length);
if (ret != ISC_R_SUCCESS) {
goto end;
}
ret = isc_md_final(md, digest, &digestlen);
if (ret != ISC_R_SUCCESS) {
goto end;
}
ds.mctx = NULL;
ds.common.rdclass = key->rdclass;
ds.common.rdtype = dns_rdatatype_ds;
ds.algorithm = r.base[3];
ds.key_tag = dst_region_computeid(&r, ds.algorithm);
ds.digest_type = digest_type;
switch (digest_type) {
case DNS_DSDIGEST_SHA1:
ds.length = ISC_SHA1_DIGESTLENGTH;
break;
case DNS_DSDIGEST_SHA384:
ds.length = ISC_SHA384_DIGESTLENGTH;
break;
case DNS_DSDIGEST_SHA256:
default:
ds.length = ISC_SHA256_DIGESTLENGTH;
break;
}
ds.digest = digest;
ds.length = digestlen;
return (dns_rdata_fromstruct(rdata, key->rdclass, dns_rdatatype_ds,
&ds, &b));
ret = dns_rdata_fromstruct(rdata, key->rdclass, dns_rdatatype_ds,
&ds, &b);
end:
if (md != NULL) {
isc_md_free(md);
}
return (ret);
}

View file

@ -1202,22 +1202,22 @@ dst_key_sigsize(const dst_key_t *key, unsigned int *n) {
*n = DNS_SIG_ED448SIZE;
break;
case DST_ALG_HMACMD5:
*n = 16;
*n = isc_md_type_get_size(ISC_MD_MD5);
break;
case DST_ALG_HMACSHA1:
*n = ISC_SHA1_DIGESTLENGTH;
*n = isc_md_type_get_size(ISC_MD_SHA1);
break;
case DST_ALG_HMACSHA224:
*n = ISC_SHA224_DIGESTLENGTH;
*n = isc_md_type_get_size(ISC_MD_SHA224);
break;
case DST_ALG_HMACSHA256:
*n = ISC_SHA256_DIGESTLENGTH;
*n = isc_md_type_get_size(ISC_MD_SHA256);
break;
case DST_ALG_HMACSHA384:
*n = ISC_SHA384_DIGESTLENGTH;
*n = isc_md_type_get_size(ISC_MD_SHA384);
break;
case DST_ALG_HMACSHA512:
*n = ISC_SHA512_DIGESTLENGTH;
*n = isc_md_type_get_size(ISC_MD_SHA512);
break;
case DST_ALG_GSSAPI:
*n = 128; /*%< XXX */

View file

@ -33,12 +33,10 @@
#include <isc/lang.h>
#include <isc/buffer.h>
#include <isc/magic.h>
#include <isc/md.h>
#include <isc/region.h>
#include <isc/types.h>
#include <isc/md5.h>
#include <isc/refcount.h>
#include <isc/sha1.h>
#include <isc/sha2.h>
#include <isc/stdtime.h>
#include <isc/hmacmd5.h>
#include <isc/hmacsha.h>
@ -148,10 +146,6 @@ struct dst_context {
union {
void *generic;
dst_gssapi_signverifyctx_t *gssctx;
isc_md5_t *md5ctx;
isc_sha1_t *sha1ctx;
isc_sha256_t *sha256ctx;
isc_sha512_t *sha512ctx;
isc_hmacmd5_t *hmacmd5ctx;
isc_hmacsha1_t *hmacsha1ctx;
isc_hmacsha224_t *hmacsha224ctx;

View file

@ -30,10 +30,9 @@
#include <isc/buffer.h>
#include <isc/hmacmd5.h>
#include <isc/hmacsha.h>
#include <isc/md5.h>
#include <isc/nonce.h>
#include <isc/random.h>
#include <isc/sha1.h>
#include <isc/md.h>
#include <isc/mem.h>
#include <isc/safe.h>
#include <isc/string.h>
@ -52,7 +51,7 @@
static isc_result_t hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data);
struct dst_hmacmd5_key {
unsigned char key[ISC_MD5_BLOCK_LENGTH];
unsigned char key[ISC_HMAC_MAX_MD_CBLOCK];
};
static isc_result_t
@ -206,9 +205,9 @@ hmacmd5_todns(const dst_key_t *key, isc_buffer_t *data) {
static isc_result_t
hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data) {
dst_hmacmd5_key_t *hkey;
int keylen;
unsigned int keylen;
isc_region_t r;
isc_md5_t md5ctx;
isc_result_t res;
isc_buffer_remainingregion(data, &r);
if (r.length == 0)
@ -221,10 +220,11 @@ hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data) {
memset(hkey->key, 0, sizeof(hkey->key));
if (r.length > ISC_MD5_BLOCK_LENGTH) {
isc_md5_init(&md5ctx);
isc_md5_update(&md5ctx, r.base, r.length);
isc_md5_final(&md5ctx, hkey->key);
keylen = ISC_MD5_DIGESTLENGTH;
res = isc_md(ISC_MD_MD5, r.base, r.length,
hkey->key, &keylen);
if (res != ISC_R_SUCCESS) {
return (res);
}
} else {
memmove(hkey->key, r.base, r.length);
keylen = r.length;
@ -357,7 +357,6 @@ dst__hmacmd5_init(dst_func_t **funcp) {
* Prevent use of incorrect crypto
*/
RUNTIME_CHECK(isc_md5_check(false));
RUNTIME_CHECK(isc_hmacmd5_check(0));
REQUIRE(funcp != NULL);
@ -369,7 +368,7 @@ dst__hmacmd5_init(dst_func_t **funcp) {
static isc_result_t hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data);
struct dst_hmacsha1_key {
unsigned char key[ISC_SHA1_BLOCK_LENGTH];
unsigned char key[ISC_HMAC_MAX_MD_CBLOCK];
};
static isc_result_t
@ -512,9 +511,9 @@ hmacsha1_todns(const dst_key_t *key, isc_buffer_t *data) {
static isc_result_t
hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data) {
dst_hmacsha1_key_t *hkey;
int keylen;
unsigned int keylen;
isc_region_t r;
isc_sha1_t sha1ctx;
isc_result_t res;
isc_buffer_remainingregion(data, &r);
if (r.length == 0)
@ -527,10 +526,12 @@ hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data) {
memset(hkey->key, 0, sizeof(hkey->key));
if (r.length > ISC_SHA1_BLOCK_LENGTH) {
isc_sha1_init(&sha1ctx);
isc_sha1_update(&sha1ctx, r.base, r.length);
isc_sha1_final(&sha1ctx, hkey->key);
keylen = ISC_SHA1_DIGESTLENGTH;
res = isc_md(ISC_MD_SHA1, r.base, r.length,
hkey->key, &keylen);
REQUIRE(res != ISC_R_SUCCESS);
if (res != ISC_R_SUCCESS) {
return (res);
}
} else {
memmove(hkey->key, r.base, r.length);
keylen = r.length;
@ -647,7 +648,6 @@ dst__hmacsha1_init(dst_func_t **funcp) {
/*
* Prevent use of incorrect crypto
*/
RUNTIME_CHECK(isc_sha1_check(false));
RUNTIME_CHECK(isc_hmacsha1_check(0));
REQUIRE(funcp != NULL);
@ -659,7 +659,7 @@ dst__hmacsha1_init(dst_func_t **funcp) {
static isc_result_t hmacsha224_fromdns(dst_key_t *key, isc_buffer_t *data);
struct dst_hmacsha224_key {
unsigned char key[ISC_SHA224_BLOCK_LENGTH];
unsigned char key[ISC_HMAC_MAX_MD_CBLOCK];
};
static isc_result_t
@ -802,9 +802,9 @@ hmacsha224_todns(const dst_key_t *key, isc_buffer_t *data) {
static isc_result_t
hmacsha224_fromdns(dst_key_t *key, isc_buffer_t *data) {
dst_hmacsha224_key_t *hkey;
int keylen;
unsigned int keylen;
isc_region_t r;
isc_sha224_t sha224ctx;
isc_result_t res;
isc_buffer_remainingregion(data, &r);
if (r.length == 0)
@ -817,10 +817,12 @@ hmacsha224_fromdns(dst_key_t *key, isc_buffer_t *data) {
memset(hkey->key, 0, sizeof(hkey->key));
if (r.length > ISC_SHA224_BLOCK_LENGTH) {
isc_sha224_init(&sha224ctx);
isc_sha224_update(&sha224ctx, r.base, r.length);
isc_sha224_final(hkey->key, &sha224ctx);
keylen = ISC_SHA224_DIGESTLENGTH;
res = isc_md(ISC_MD_SHA224, r.base, r.length,
hkey->key, &keylen);
REQUIRE(res != ISC_R_SUCCESS);
if (res != ISC_R_SUCCESS) {
return (res);
}
} else {
memmove(hkey->key, r.base, r.length);
keylen = r.length;
@ -943,7 +945,7 @@ dst__hmacsha224_init(dst_func_t **funcp) {
static isc_result_t hmacsha256_fromdns(dst_key_t *key, isc_buffer_t *data);
struct dst_hmacsha256_key {
unsigned char key[ISC_SHA256_BLOCK_LENGTH];
unsigned char key[ISC_HMAC_MAX_MD_CBLOCK];
};
static isc_result_t
@ -1086,9 +1088,9 @@ hmacsha256_todns(const dst_key_t *key, isc_buffer_t *data) {
static isc_result_t
hmacsha256_fromdns(dst_key_t *key, isc_buffer_t *data) {
dst_hmacsha256_key_t *hkey;
int keylen;
unsigned int keylen;
isc_region_t r;
isc_sha256_t sha256ctx;
isc_result_t res;
isc_buffer_remainingregion(data, &r);
if (r.length == 0)
@ -1101,10 +1103,12 @@ hmacsha256_fromdns(dst_key_t *key, isc_buffer_t *data) {
memset(hkey->key, 0, sizeof(hkey->key));
if (r.length > ISC_SHA256_BLOCK_LENGTH) {
isc_sha256_init(&sha256ctx);
isc_sha256_update(&sha256ctx, r.base, r.length);
isc_sha256_final(hkey->key, &sha256ctx);
keylen = ISC_SHA256_DIGESTLENGTH;
res = isc_md(ISC_MD_SHA256, r.base, r.length,
hkey->key, &keylen);
REQUIRE(res != ISC_R_SUCCESS);
if (res != ISC_R_SUCCESS) {
return (res);
}
} else {
memmove(hkey->key, r.base, r.length);
keylen = r.length;
@ -1227,7 +1231,7 @@ dst__hmacsha256_init(dst_func_t **funcp) {
static isc_result_t hmacsha384_fromdns(dst_key_t *key, isc_buffer_t *data);
struct dst_hmacsha384_key {
unsigned char key[ISC_SHA384_BLOCK_LENGTH];
unsigned char key[ISC_HMAC_MAX_MD_CBLOCK];
};
static isc_result_t
@ -1370,9 +1374,9 @@ hmacsha384_todns(const dst_key_t *key, isc_buffer_t *data) {
static isc_result_t
hmacsha384_fromdns(dst_key_t *key, isc_buffer_t *data) {
dst_hmacsha384_key_t *hkey;
int keylen;
unsigned int keylen;
isc_region_t r;
isc_sha384_t sha384ctx;
isc_result_t res;
isc_buffer_remainingregion(data, &r);
if (r.length == 0)
@ -1385,10 +1389,12 @@ hmacsha384_fromdns(dst_key_t *key, isc_buffer_t *data) {
memset(hkey->key, 0, sizeof(hkey->key));
if (r.length > ISC_SHA384_BLOCK_LENGTH) {
isc_sha384_init(&sha384ctx);
isc_sha384_update(&sha384ctx, r.base, r.length);
isc_sha384_final(hkey->key, &sha384ctx);
keylen = ISC_SHA384_DIGESTLENGTH;
res = isc_md(ISC_MD_SHA384, r.base, r.length,
hkey->key, &keylen);
REQUIRE(res != ISC_R_SUCCESS);
if (res != ISC_R_SUCCESS) {
return (res);
}
} else {
memmove(hkey->key, r.base, r.length);
keylen = r.length;
@ -1511,7 +1517,7 @@ dst__hmacsha384_init(dst_func_t **funcp) {
static isc_result_t hmacsha512_fromdns(dst_key_t *key, isc_buffer_t *data);
struct dst_hmacsha512_key {
unsigned char key[ISC_SHA512_BLOCK_LENGTH];
unsigned char key[ISC_HMAC_MAX_MD_CBLOCK];
};
static isc_result_t
@ -1654,9 +1660,9 @@ hmacsha512_todns(const dst_key_t *key, isc_buffer_t *data) {
static isc_result_t
hmacsha512_fromdns(dst_key_t *key, isc_buffer_t *data) {
dst_hmacsha512_key_t *hkey;
int keylen;
unsigned int keylen;
isc_region_t r;
isc_sha512_t sha512ctx;
isc_result_t res;
isc_buffer_remainingregion(data, &r);
if (r.length == 0)
@ -1669,10 +1675,12 @@ hmacsha512_fromdns(dst_key_t *key, isc_buffer_t *data) {
memset(hkey->key, 0, sizeof(hkey->key));
if (r.length > ISC_SHA512_BLOCK_LENGTH) {
isc_sha512_init(&sha512ctx);
isc_sha512_update(&sha512ctx, r.base, r.length);
isc_sha512_final(hkey->key, &sha512ctx);
keylen = ISC_SHA512_DIGESTLENGTH;
res = isc_md(ISC_MD_SHA512, r.base, r.length,
hkey->key, &keylen);
REQUIRE(res != ISC_R_SUCCESS);
if (res != ISC_R_SUCCESS) {
return (res);
}
} else {
memmove(hkey->key, r.base, r.length);
keylen = r.length;

View file

@ -20,6 +20,7 @@
#include <isc/hex.h>
#include <isc/iterated_hash.h>
#include <isc/log.h>
#include <isc/md.h>
#include <isc/string.h>
#include <isc/util.h>
#include <isc/safe.h>

View file

@ -19,7 +19,6 @@
#include <isc/mem.h>
#include <isc/safe.h>
#include <isc/sha2.h>
#include <isc/string.h>
#include <isc/util.h>

View file

@ -19,7 +19,6 @@
#include <isc/mem.h>
#include <isc/safe.h>
#include <isc/sha2.h>
#include <isc/result.h>
#include <isc/string.h>
#include <isc/util.h>

View file

@ -16,11 +16,8 @@
#include <inttypes.h>
#include <stdbool.h>
#include <isc/md5.h>
#include <isc/mem.h>
#include <isc/safe.h>
#include <isc/sha1.h>
#include <isc/sha2.h>
#include <isc/string.h>
#include <isc/util.h>

View file

@ -19,7 +19,6 @@
#include <isc/mem.h>
#include <isc/safe.h>
#include <isc/sha2.h>
#include <isc/string.h>
#include <isc/util.h>

View file

@ -20,7 +20,6 @@
#include <isc/mem.h>
#include <isc/safe.h>
#include <isc/sha2.h>
#include <isc/string.h>
#include <isc/util.h>

View file

@ -18,9 +18,7 @@
#include <inttypes.h>
#include <stdbool.h>
#include <isc/md5.h>
#include <isc/sha1.h>
#include <isc/sha2.h>
#include <isc/hmacmd5.h>
#include <isc/mem.h>
#include <isc/safe.h>
#include <isc/string.h>

View file

@ -16,9 +16,6 @@
#define RRTYPE_CDS_ATTRIBUTES 0
#include <isc/sha1.h>
#include <isc/sha2.h>
#include <dns/ds.h>
static inline isc_result_t

View file

@ -17,9 +17,6 @@
#define RRTYPE_DLV_ATTRIBUTES 0
#include <isc/sha1.h>
#include <isc/sha2.h>
#include <dns/ds.h>
static inline isc_result_t

View file

@ -18,8 +18,7 @@
#define RRTYPE_DS_ATTRIBUTES \
(DNS_RDATATYPEATTR_DNSSEC|DNS_RDATATYPEATTR_ATPARENT)
#include <isc/sha1.h>
#include <isc/sha2.h>
#include <isc/md.h>
#include <dns/ds.h>

View file

@ -30,6 +30,12 @@ DNSDEPLIBS = ../libdns.@A@
LIBS = @LIBS@ @ATFLIBS@
CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
CMOCKA_LIBS = @CMOCKA_LIBS@
ifeq ($(LD_WRAP),true)
CMOCKA_MEM = -Wl,--wrap=isc__mem_put,--wrap=isc__mem_get,--wrap=isc_mem_attach,--wrap=isc_mem_detach
endif
OBJS = dnstest.@O@
SRCS = acl_test.c \
db_test.c \

View file

@ -16,7 +16,7 @@
#include <stdbool.h>
#include <isc/buffer.h>
#include <isc/md5.h>
#include <isc/md.h>
#include <isc/mem.h>
#include <isc/nonce.h>
#include <isc/print.h>
@ -236,50 +236,112 @@ static isc_result_t
compute_secret(isc_buffer_t *shared, isc_region_t *queryrandomness,
isc_region_t *serverrandomness, isc_buffer_t *secret)
{
isc_md5_t md5ctx;
isc_md_t *md;
isc_region_t r, r2;
unsigned char digests[32];
unsigned char digests[ISC_MAX_MD_SIZE*2];
unsigned char *digest1, *digest2;
unsigned int digestslen, digestlen1 = 0, digestlen2 = 0;
unsigned int i;
isc_result_t result;
isc_buffer_usedregion(shared, &r);
md = isc_md_new();
if (md == NULL) {
return (ISC_R_NOSPACE);
}
/*
* MD5 ( query data | DH value ).
*/
isc_md5_init(&md5ctx);
isc_md5_update(&md5ctx, queryrandomness->base,
queryrandomness->length);
isc_md5_update(&md5ctx, r.base, r.length);
isc_md5_final(&md5ctx, digests);
digest1 = digests;
result = isc_md_init(md, ISC_MD_MD5);
if (result != ISC_R_SUCCESS) {
goto end;
}
result = isc_md_update(md,
queryrandomness->base,
queryrandomness->length);
if (result != ISC_R_SUCCESS) {
goto end;
}
result = isc_md_update(md, r.base, r.length);
if (result != ISC_R_SUCCESS) {
goto end;
}
result = isc_md_final(md, digest1, &digestlen1);
if (result != ISC_R_SUCCESS) {
goto end;
}
result = isc_md_reset(md);
if (result != ISC_R_SUCCESS) {
goto end;
}
/*
* MD5 ( server data | DH value ).
*/
isc_md5_init(&md5ctx);
isc_md5_update(&md5ctx, serverrandomness->base,
serverrandomness->length);
isc_md5_update(&md5ctx, r.base, r.length);
isc_md5_final(&md5ctx, &digests[ISC_MD5_DIGESTLENGTH]);
digest2 = digests + digestlen1;
result = isc_md_init(md, ISC_MD_MD5);
if (result != ISC_R_SUCCESS) {
goto end;
}
result = isc_md_update(md,
serverrandomness->base,
serverrandomness->length);
if (result != ISC_R_SUCCESS) {
goto end;
}
result = isc_md_update(md, r.base, r.length);
if (result != ISC_R_SUCCESS) {
goto end;
}
result = isc_md_final(md, digest2, &digestlen2);
if (result != ISC_R_SUCCESS) {
goto end;
}
isc_md_free(md);
md = NULL;
digestslen = digestlen1 + digestlen2;
/*
* XOR ( DH value, MD5-1 | MD5-2).
*/
isc_buffer_availableregion(secret, &r);
isc_buffer_usedregion(shared, &r2);
if (r.length < sizeof(digests) || r.length < r2.length)
if (r.length < digestslen || r.length < r2.length) {
return (ISC_R_NOSPACE);
if (r2.length > sizeof(digests)) {
}
if (r2.length > digestslen) {
memmove(r.base, r2.base, r2.length);
for (i = 0; i < sizeof(digests); i++)
for (i = 0; i < digestslen; i++) {
r.base[i] ^= digests[i];
}
isc_buffer_add(secret, r2.length);
} else {
memmove(r.base, digests, sizeof(digests));
for (i = 0; i < r2.length; i++)
memmove(r.base, digests, digestslen);
for (i = 0; i < r2.length; i++) {
r.base[i] ^= r2.base[i];
isc_buffer_add(secret, sizeof(digests));
}
isc_buffer_add(secret, digestslen);
}
return (ISC_R_SUCCESS);
result = ISC_R_SUCCESS;
end:
if (md != NULL) {
isc_md_free(md);
}
return (result);
}
static isc_result_t

View file

@ -16,8 +16,8 @@
#include <isc/base32.h>
#include <isc/mem.h>
#include <isc/md.h>
#include <isc/print.h>
#include <isc/sha2.h>
#include <isc/string.h>
#include <isc/task.h>
#include <isc/util.h>

View file

@ -25,7 +25,6 @@
#include <isc/hash.h>
#include <isc/lex.h>
#include <isc/print.h>
#include <isc/sha2.h>
#include <isc/stats.h>
#include <isc/string.h> /* Required for HP/UX (and others?) */
#include <isc/task.h>

View file

@ -53,7 +53,7 @@
</PrecompiledHeader>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>BIND9;WIN32;USE_MD5;@USE_GSSAPI@@USE_ISC_SPNEGO@_DEBUG;_WINDOWS;_USRDLL;LIBDNS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<PreprocessorDefinitions>BIND9;WIN32;@USE_GSSAPI@@USE_ISC_SPNEGO@_DEBUG;_WINDOWS;_USRDLL;LIBDNS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>.\;..\..\..\;include;..\include;..\..\isc;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;@LIBXML2_INC@@OPENSSL_INC@@GSSAPI_INC@@GEOIP_INC@%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeaderOutputFile>.\$(Configuration)\$(TargetName).pch</PrecompiledHeaderOutputFile>
@ -81,7 +81,7 @@
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>@INTRINSIC@</IntrinsicFunctions>
<PreprocessorDefinitions>BIND9;WIN32;USE_MD5;@USE_GSSAPI@@USE_ISC_SPNEGO@NDEBUG;_WINDOWS;_USRDLL;LIBDNS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<PreprocessorDefinitions>BIND9;WIN32;@USE_GSSAPI@@USE_ISC_SPNEGO@NDEBUG;_WINDOWS;_USRDLL;LIBDNS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>.\;..\..\..\;include;..\include;..\..\isc;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;@LIBXML2_INC@@OPENSSL_INC@@GSSAPI_INC@@GEOIP_INC@%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
<StringPooling>true</StringPooling>

View file

@ -53,7 +53,7 @@
</PrecompiledHeader>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>WIN32;USE_MD5;_DEBUG;_WINDOWS;_USRDLL;LIBIRS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;LIBIRS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>.\;..\..\..\;include;..\include;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;..\..\isccfg\include;..\..\dns\include;@LIBXML2_INC@@OPENSSL_INC@@GEOIP_INC@%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeaderOutputFile>.\$(Configuration)\$(TargetName).pch</PrecompiledHeaderOutputFile>
@ -81,7 +81,7 @@
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>@INTRINSIC@</IntrinsicFunctions>
<PreprocessorDefinitions>WIN32;USE_MD5;NDEBUG;_WINDOWS;_USRDLL;LIBIRS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;LIBIRS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>.\;..\..\..\;include;..\include;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;..\..\isccfg\include;..\..\dns\include;@LIBXML2_INC@@OPENSSL_INC@@GEOIP_INC@%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
<WholeProgramOptimization>false</WholeProgramOptimization>

View file

@ -50,12 +50,12 @@ OBJS = pk11.@O@ pk11_result.@O@ \
event.@O@ hash.@O@ ht.@O@ heap.@O@ hex.@O@ hmacmd5.@O@ \
hmacsha.@O@ httpd.@O@ iterated_hash.@O@ \
lex.@O@ lfsr.@O@ lib.@O@ log.@O@ \
md5.@O@ mem.@O@ mutexblock.@O@ \
md.@O@ mem.@O@ mutexblock.@O@ \
netaddr.@O@ netscope.@O@ nonce.@O@ openssl_shim.@O@ pool.@O@ \
parseint.@O@ portset.@O@ quota.@O@ radix.@O@ random.@O@ \
ratelimiter.@O@ region.@O@ regex.@O@ result.@O@ \
rwlock.@O@ \
serial.@O@ sha1.@O@ sha2.@O@ sockaddr.@O@ stats.@O@ \
serial.@O@ sockaddr.@O@ stats.@O@ \
string.@O@ symtab.@O@ task.@O@ taskpool.@O@ \
tm.@O@ timer.@O@ version.@O@ \
${UNIXOBJS} ${NLSOBJS} ${THREADOBJS}
@ -68,11 +68,11 @@ SRCS = pk11.c pk11_result.c \
entropy.c error.c event.c hash.c ht.c heap.c hex.c hmacmd5.c \
hmacsha.c httpd.c iterated_hash.c \
lex.c lfsr.c lib.c log.c \
md5.c mem.c mutexblock.c \
md.c mem.c mutexblock.c \
netaddr.c netscope.c nonce.c openssl_shim.c pool.c \
parseint.c portset.c quota.c radix.c random.c \
ratelimiter.c region.c regex.c result.c rwlock.c \
serial.c sha1.c sha2.c sockaddr.c stats.c string.c \
serial.c sockaddr.c stats.c string.c \
symtab.c task.c taskpool.c timer.c \
tm.c version.c

View file

@ -17,7 +17,6 @@
#include <isc/assertions.h>
#include <isc/hmacmd5.h>
#include <isc/md5.h>
#include <isc/platform.h>
#include <isc/safe.h>
#include <isc/string.h>

View file

@ -23,8 +23,6 @@
#include <isc/hmacsha.h>
#include <isc/platform.h>
#include <isc/safe.h>
#include <isc/sha1.h>
#include <isc/sha2.h>
#include <isc/string.h>
#include <isc/types.h>
#include <isc/util.h>

View file

@ -26,12 +26,12 @@ HEADERS = aes.h app.h assertions.h atomic.h backtrace.h base32.h base64.h \
hash.h heap.h hex.h hmacmd5.h hmacsha.h ht.h httpd.h \
interfaceiter.h iterated_hash.h \
json.h lang.h lex.h lfsr.h lib.h likely.h list.h log.h \
magic.h md5.h mem.h meminfo.h msgcat.h msgs.h mutexblock.h \
magic.h mem.h meminfo.h msgcat.h msgs.h mutexblock.h \
netaddr.h netscope.h nonce.h os.h parseint.h \
pool.h portset.h print.h queue.h quota.h \
radix.h random.h ratelimiter.h refcount.h regex.h \
region.h resource.h result.h resultclass.h rwlock.h \
safe.h serial.h sha1.h sha2.h sockaddr.h socket.h \
safe.h serial.h sockaddr.h socket.h \
stats.h stdio.h strerr.h string.h symtab.h \
task.h taskpool.h timer.h tm.h types.h util.h version.h \
xml.h

View file

@ -20,7 +20,7 @@
#include <stdbool.h>
#include <isc/lang.h>
#include <isc/md5.h>
#include <isc/md.h>
#include <isc/platform.h>
#include <isc/types.h>

View file

@ -21,11 +21,10 @@
#include <isc/lang.h>
#include <isc/platform.h>
#include <isc/sha1.h>
#include <isc/sha2.h>
#include <isc/md.h>
#include <isc/types.h>
#define ISC_HMACSHA1_KEYLENGTH ISC_SHA1_BLOCK_LENGTH
#define ISC_HMACSHA1_KEYLENGTH ISC_SHA1_BLOCK_LENGTH
#define ISC_HMACSHA224_KEYLENGTH ISC_SHA224_BLOCK_LENGTH
#define ISC_HMACSHA256_KEYLENGTH ISC_SHA256_BLOCK_LENGTH
#define ISC_HMACSHA384_KEYLENGTH ISC_SHA384_BLOCK_LENGTH
@ -34,6 +33,8 @@
#include <openssl/opensslv.h>
#include <openssl/hmac.h>
#define ISC_HMAC_MAX_MD_CBLOCK HMAC_MAX_MD_CBLOCK
typedef struct {
HMAC_CTX *ctx;
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

View file

@ -9,12 +9,9 @@
* information regarding copyright ownership.
*/
#ifndef ISC_ITERATED_HASH_H
#define ISC_ITERATED_HASH_H 1
#pragma once
#include <isc/lang.h>
#include <isc/sha1.h>
/*
* The maximal hash length that can be encoded in a name
@ -30,12 +27,10 @@
ISC_LANG_BEGINDECLS
int isc_iterated_hash(unsigned char out[NSEC3_MAX_HASH_LENGTH],
unsigned int hashalg, int iterations,
const unsigned char *salt, int saltlength,
const unsigned char *in, int inlength);
int
isc_iterated_hash(unsigned char *out,
const unsigned int hashalg, const int iterations,
const unsigned char *salt, const int saltlength,
const unsigned char *in, const int inlength);
ISC_LANG_ENDDECLS
#endif /* ISC_ITERATED_HASH_H */

194
lib/isc/include/isc/md.h Normal file
View file

@ -0,0 +1,194 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
/*!
* \file isc/md.h
* \brief This is the header file for message digest algorithms.
*/
#pragma once
#include <config.h>
#include <isc/lang.h>
#include <isc/platform.h>
#include <isc/types.h>
#include <isc/result.h>
#include <openssl/evp.h>
typedef EVP_MD_CTX isc_md_t;
/**
* isc_md_type_t:
* @ISC_MD_MD5: MD5
* @ISC_MD_SHA1: SHA-1
* @ISC_MD_SHA224: SHA-224
* @ISC_MD_SHA256: SHA-256
* @ISC_MD_SHA384: SHA-384
* @ISC_MD_SHA512: SHA-512
*
* Enumeration of supported message digest algorithms.
*/
typedef const EVP_MD * isc_md_type_t;
#define ISC_MD_MD5 EVP_md5()
#define ISC_MD_SHA1 EVP_sha1()
#define ISC_MD_SHA224 EVP_sha224()
#define ISC_MD_SHA256 EVP_sha256()
#define ISC_MD_SHA384 EVP_sha384()
#define ISC_MD_SHA512 EVP_sha512()
#define ISC_MD5_DIGESTLENGTH isc_md_type_get_size(ISC_MD_MD5)
#define ISC_MD5_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_MD5)
#define ISC_SHA1_DIGESTLENGTH isc_md_type_get_size(ISC_MD_SHA1)
#define ISC_SHA1_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_SHA1)
#define ISC_SHA224_DIGESTLENGTH isc_md_type_get_size(ISC_MD_SHA224)
#define ISC_SHA224_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_SHA224)
#define ISC_SHA256_DIGESTLENGTH isc_md_type_get_size(ISC_MD_SHA256)
#define ISC_SHA256_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_SHA256)
#define ISC_SHA384_DIGESTLENGTH isc_md_type_get_size(ISC_MD_SHA384)
#define ISC_SHA384_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_SHA384)
#define ISC_SHA512_DIGESTLENGTH isc_md_type_get_size(ISC_MD_SHA512)
#define ISC_SHA512_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_SHA512)
#define ISC_MAX_MD_SIZE EVP_MAX_MD_SIZE
#define ISC_MAX_BLOCK_SIZE 128U /* ISC_SHA512_BLOCK_LENGTH */
/**
* isc_md:
* @type: the digest type
* @buf: the data to hash
* @len: the length of the data to hash
* @digest: the output buffer
* @digestlen: the length of the data written to @digest
*
* This function hashes @len bytes of data at @buf and places the result in
* @digest. If the @digestlen parameter is not NULL then the number of bytes of
* data written (i.e. the length of the digest) will be written to the integer
* at @digestlen, at most ISC_MAX_MD_SIZE bytes will be written.
*/
isc_result_t
isc_md(isc_md_type_t type, const unsigned char *buf, const size_t len,
unsigned char *digest, unsigned int *digestlen);
/**
* isc_md_new:
*
* This function allocates, initializes and returns a digest context.
*/
isc_md_t *
isc_md_new(void);
/**
* isc_md_free:
* @md: message digest context
*
* This function cleans up digest context ctx and frees up the space allocated
* to it.
*/
void
isc_md_free(isc_md_t *);
/**
* isc_md_init:
* @md: message digest context
* @type: digest type
*
* This function sets up digest context @md to use a digest @type. @md must be
* initialized before calling this function.
*/
isc_result_t
isc_md_init(isc_md_t *, const isc_md_type_t md_type);
/**
* isc_md_reset:
* @md: message digest context
*
* This function resets the digest context ctx. This can be used to reuse an
* already existing context.
*/
isc_result_t
isc_md_reset(isc_md_t *md);
/**
* isc_md_update:
* @md: message digest context
* @buf: data to hash
* @len: length of the data to hash
*
* This function hashes @len bytes of data at @buf into the digest context @md.
* This function can be called several times on the same @md to hash additional
* data.
*/
isc_result_t
isc_md_update(isc_md_t *md, const unsigned char *buf, const size_t len);
/**
* isc_md_final:
* @md: message digest context
* @digest: the output buffer
* @digestlen: the length of the data written to @digest
*
* This function retrieves the digest value from @md and places it in @digest.
* If the @digestlen parameter is not NULL then the number of bytes of data
* written (i.e. the length of the digest) will be written to the integer at
* @digestlen, at most ISC_MAX_MD_SIZE bytes will be written. After calling
* this function no additional calls to isc_md_update() can be made.
*/
isc_result_t
isc_md_final(isc_md_t *md, unsigned char *digest, unsigned int *digestlen);
/**
* isc_md_get_type:
* @md: message digest contezt
*
* This function return the isc_md_type_t previously set for the supplied
* message digest context or NULL if no isc_md_type_t has been set.
*/
isc_md_type_t
isc_md_get_md_type(isc_md_t *md);
/**
* isc_md_size:
*
* This function return the size of the message digest when passed an isc_md_t
* structure, i.e. the size of the hash.
*/
size_t
isc_md_get_size(isc_md_t *md);
/**
* isc_md_block_size:
*
* This function return the block size of the message digest when passed an
* isc_md_t structure.
*/
size_t
isc_md_get_block_size(isc_md_t *md);
/**
* isc_md_size:
*
* This function return the size of the message digest when passed an
* isc_md_type_t , i.e. the size of the hash.
*/
size_t
isc_md_type_get_size(isc_md_type_t md_type);
/**
* isc_md_block_size:
*
* This function return the block size of the message digest when passed an
* isc_md_type_t.
*/
size_t
isc_md_type_get_block_size(isc_md_type_t md_type);

View file

@ -1,55 +0,0 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
/*! \file isc/md5.h
* \brief This is the header file for the MD5 message-digest algorithm.
*/
#pragma once
#include <stdbool.h>
#include <isc/lang.h>
#include <isc/platform.h>
#include <isc/types.h>
#define ISC_MD5_DIGESTLENGTH 16U
#define ISC_MD5_BLOCK_LENGTH 64U
#include <openssl/opensslv.h>
#include <openssl/evp.h>
typedef struct {
EVP_MD_CTX *ctx;
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_MD_CTX _ctx;
#endif
} isc_md5_t;
ISC_LANG_BEGINDECLS
void
isc_md5_init(isc_md5_t *ctx);
void
isc_md5_invalidate(isc_md5_t *ctx);
void
isc_md5_update(isc_md5_t *ctx, const unsigned char *buf, unsigned int len);
void
isc_md5_final(isc_md5_t *ctx, unsigned char *digest);
bool
isc_md5_check(bool testing);
ISC_LANG_ENDDECLS

View file

@ -84,9 +84,10 @@
#define ISC_R_MULTIPLE 62 /*%< multiple */
#define ISC_R_WOULDBLOCK 63 /*%< would block */
#define ISC_R_COMPLETE 64 /*%< complete */
#define ISC_R_CRYPTOFAILURE 65 /*%< cryptography library failure */
/*% Not a result code: the number of results. */
#define ISC_R_NRESULTS 65
#define ISC_R_NRESULTS 66
ISC_LANG_BEGINDECLS

View file

@ -1,54 +0,0 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
#pragma once
/*! \file isc/sha1.h
* \brief SHA-1 in C
*/
#include <stdbool.h>
#include <isc/lang.h>
#include <isc/platform.h>
#include <isc/types.h>
#define ISC_SHA1_DIGESTLENGTH 20U
#define ISC_SHA1_BLOCK_LENGTH 64U
#include <openssl/opensslv.h>
#include <openssl/evp.h>
typedef struct {
EVP_MD_CTX *ctx;
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_MD_CTX _ctx;
#endif
} isc_sha1_t;
ISC_LANG_BEGINDECLS
void
isc_sha1_init(isc_sha1_t *ctx);
void
isc_sha1_invalidate(isc_sha1_t *ctx);
void
isc_sha1_update(isc_sha1_t *ctx, const unsigned char *data, unsigned int len);
void
isc_sha1_final(isc_sha1_t *ctx, unsigned char *digest);
bool
isc_sha1_check(bool testing);
ISC_LANG_ENDDECLS

View file

@ -1,85 +0,0 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
#pragma once
#include <inttypes.h>
#include <isc/lang.h>
#include <isc/platform.h>
#include <isc/types.h>
/*** SHA-224/256/384/512 Various Length Definitions ***********************/
#define ISC_SHA224_BLOCK_LENGTH 64U
#define ISC_SHA224_DIGESTLENGTH 28U
#define ISC_SHA224_DIGESTSTRINGLENGTH (ISC_SHA224_DIGESTLENGTH * 2 + 1)
#define ISC_SHA256_BLOCK_LENGTH 64U
#define ISC_SHA256_DIGESTLENGTH 32U
#define ISC_SHA256_DIGESTSTRINGLENGTH (ISC_SHA256_DIGESTLENGTH * 2 + 1)
#define ISC_SHA384_BLOCK_LENGTH 128
#define ISC_SHA384_DIGESTLENGTH 48U
#define ISC_SHA384_DIGESTSTRINGLENGTH (ISC_SHA384_DIGESTLENGTH * 2 + 1)
#define ISC_SHA512_BLOCK_LENGTH 128U
#define ISC_SHA512_DIGESTLENGTH 64U
#define ISC_SHA512_DIGESTSTRINGLENGTH (ISC_SHA512_DIGESTLENGTH * 2 + 1)
/*** SHA-256/384/512 Context Structures *******************************/
#include <openssl/opensslv.h>
#include <openssl/evp.h>
typedef struct {
EVP_MD_CTX *ctx;
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_MD_CTX _ctx;
#endif
} isc_sha2_t;
typedef isc_sha2_t isc_sha256_t;
typedef isc_sha2_t isc_sha512_t;
typedef isc_sha256_t isc_sha224_t;
typedef isc_sha512_t isc_sha384_t;
ISC_LANG_BEGINDECLS
/*** SHA-224/256/384/512 Function Prototypes ******************************/
void isc_sha224_init (isc_sha224_t *);
void isc_sha224_invalidate (isc_sha224_t *);
void isc_sha224_update (isc_sha224_t *, const uint8_t *, size_t);
void isc_sha224_final (uint8_t[ISC_SHA224_DIGESTLENGTH], isc_sha224_t *);
char *isc_sha224_end (isc_sha224_t *, char[ISC_SHA224_DIGESTSTRINGLENGTH]);
char *isc_sha224_data (const uint8_t *, size_t, char[ISC_SHA224_DIGESTSTRINGLENGTH]);
void isc_sha256_init (isc_sha256_t *);
void isc_sha256_invalidate (isc_sha256_t *);
void isc_sha256_update (isc_sha256_t *, const uint8_t *, size_t);
void isc_sha256_final (uint8_t[ISC_SHA256_DIGESTLENGTH], isc_sha256_t *);
char *isc_sha256_end (isc_sha256_t *, char[ISC_SHA256_DIGESTSTRINGLENGTH]);
char *isc_sha256_data (const uint8_t *, size_t, char[ISC_SHA256_DIGESTSTRINGLENGTH]);
void isc_sha384_init (isc_sha384_t *);
void isc_sha384_invalidate (isc_sha384_t *);
void isc_sha384_update (isc_sha384_t *, const uint8_t *, size_t);
void isc_sha384_final (uint8_t[ISC_SHA384_DIGESTLENGTH], isc_sha384_t *);
char *isc_sha384_end (isc_sha384_t *, char[ISC_SHA384_DIGESTSTRINGLENGTH]);
char *isc_sha384_data (const uint8_t *, size_t, char[ISC_SHA384_DIGESTSTRINGLENGTH]);
void isc_sha512_init (isc_sha512_t *);
void isc_sha512_invalidate (isc_sha512_t *);
void isc_sha512_update (isc_sha512_t *, const uint8_t *, size_t);
void isc_sha512_final (uint8_t[ISC_SHA512_DIGESTLENGTH], isc_sha512_t *);
char *isc_sha512_end (isc_sha512_t *, char[ISC_SHA512_DIGESTSTRINGLENGTH]);
char *isc_sha512_data (const uint8_t *, size_t, char[ISC_SHA512_DIGESTSTRINGLENGTH]);
ISC_LANG_ENDDECLS

View file

@ -14,29 +14,65 @@
#include <stdio.h>
#include <isc/sha1.h>
#include <isc/md.h>
#include <isc/iterated_hash.h>
#include <isc/util.h>
int
isc_iterated_hash(unsigned char out[ISC_SHA1_DIGESTLENGTH],
unsigned int hashalg, int iterations,
const unsigned char *salt, int saltlength,
const unsigned char *in, int inlength)
isc_iterated_hash(unsigned char *out,
const unsigned int hashalg, const int iterations,
const unsigned char *salt, const int saltlength,
const unsigned char *in, const int inlength)
{
isc_sha1_t ctx;
isc_md_t *md;
isc_result_t result;
int n = 0;
unsigned int outlength = 0;
size_t len;
const unsigned char *buf;
if (hashalg != 1)
REQUIRE(out != NULL);
if (hashalg != 1) {
return (0);
}
if ((md = isc_md_new()) == NULL) {
return (0);
}
len = inlength;
buf = in;
do {
isc_sha1_init(&ctx);
isc_sha1_update(&ctx, in, inlength);
isc_sha1_update(&ctx, salt, saltlength);
isc_sha1_final(&ctx, out);
in = out;
inlength = ISC_SHA1_DIGESTLENGTH;
result = isc_md_init(md, ISC_MD_SHA1);
if (result != ISC_R_SUCCESS) {
goto md_fail;
}
result = isc_md_update(md, buf, len);
if (result != ISC_R_SUCCESS) {
goto md_fail;
}
result = isc_md_update(md, salt, saltlength);
if (result != ISC_R_SUCCESS) {
goto md_fail;
}
result = isc_md_final(md, out, &outlength);
if (result != ISC_R_SUCCESS) {
goto md_fail;
}
result = isc_md_reset(md);
if (result != ISC_R_SUCCESS) {
goto md_fail;
}
buf = out;
len = outlength;
} while (n++ < iterations);
return (ISC_SHA1_DIGESTLENGTH);
isc_md_free(md);
return (outlength);
md_fail:
isc_md_free(md);
return (0);
}
#undef RETERR

View file

@ -17,6 +17,8 @@
#include <stdio.h>
#include <stdlib.h>
#include <openssl/evp.h>
#include <isc/app.h>
#include <isc/lib.h>
#include <isc/mem.h>

160
lib/isc/md.c Normal file
View file

@ -0,0 +1,160 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
#include <config.h>
#include <stdio.h>
#include <isc/md.h>
#include <isc/util.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/opensslv.h>
#include "openssl_shim.h"
isc_md_t *
isc_md_new(void) {
isc_md_t *md = EVP_MD_CTX_new();
RUNTIME_CHECK(md != NULL);
return (md);
}
void
isc_md_free(isc_md_t *md) {
if (ISC_UNLIKELY(md == NULL)) {
return;
}
EVP_MD_CTX_free(md);
}
isc_result_t
isc_md_init(isc_md_t *md, const isc_md_type_t md_type) {
REQUIRE(md != NULL);
if (md_type == NULL) {
return (ISC_R_NOTIMPLEMENTED);
}
if (EVP_DigestInit_ex(md, md_type, NULL) != 1) {
return (ISC_R_CRYPTOFAILURE);
}
return (ISC_R_SUCCESS);
}
isc_result_t
isc_md_reset(isc_md_t *md) {
REQUIRE(md != NULL);
if (EVP_MD_CTX_reset(md) != 1) {
return (ISC_R_CRYPTOFAILURE);
}
return (ISC_R_SUCCESS);
}
isc_result_t
isc_md_update(isc_md_t *md, const unsigned char *buf, const size_t len) {
REQUIRE(md != NULL);
if (ISC_UNLIKELY(buf == NULL || len == 0)) {
return (ISC_R_SUCCESS);
}
if (EVP_DigestUpdate(md, buf, len) != 1) {
return (ISC_R_CRYPTOFAILURE);
}
return (ISC_R_SUCCESS);
}
isc_result_t
isc_md_final(isc_md_t *md, unsigned char *digest, unsigned int *digestlen) {
REQUIRE(md != NULL);
REQUIRE(digest != NULL);
if (EVP_DigestFinal_ex(md, digest, digestlen) != 1) {
return (ISC_R_CRYPTOFAILURE);
}
return (ISC_R_SUCCESS);
}
isc_md_type_t
isc_md_get_md_type(isc_md_t *md) {
REQUIRE(md != NULL);
return (EVP_MD_CTX_md(md));
}
size_t
isc_md_get_size(isc_md_t *md) {
REQUIRE(md != NULL);
return (EVP_MD_CTX_size(md));
}
size_t
isc_md_get_block_size(isc_md_t *md) {
REQUIRE(md != NULL);
return (EVP_MD_CTX_block_size(md));
}
size_t
isc_md_type_get_size(isc_md_type_t md_type) {
if (md_type != NULL) {
return ((size_t)EVP_MD_size(md_type));
}
return (ISC_MAX_MD_SIZE);
}
size_t
isc_md_type_get_block_size(isc_md_type_t md_type) {
if (md_type != NULL) {
return ((size_t)EVP_MD_block_size(md_type));
}
return (ISC_MAX_MD_SIZE);
}
isc_result_t
isc_md(isc_md_type_t md_type, const unsigned char *buf, const size_t len,
unsigned char *digest, unsigned int *digestlen)
{
isc_md_t *md;
isc_result_t res;
md = isc_md_new();
res = isc_md_init(md, md_type);
if (res != ISC_R_SUCCESS) {
goto end;
}
res = isc_md_update(md, buf, len);
if (res != ISC_R_SUCCESS) {
goto end;
}
res = isc_md_final(md, digest, digestlen);
if (res != ISC_R_SUCCESS) {
goto end;
}
end:
isc_md_free(md);
return (res);
}

View file

@ -1,117 +0,0 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
/*! \file
* This code implements the MD5 message-digest algorithm.
* The algorithm is due to Ron Rivest. This code was
* written by Colin Plumb in 1993, no copyright is claimed.
* This code is in the public domain; do with it what you wish.
*
* Equivalent code is available from RSA Data Security, Inc.
* This code has been tested against that, and is equivalent,
* except that you don't need to include two pages of legalese
* with every copy.
*
* To compute the message digest of a chunk of bytes, declare an
* MD5Context structure, pass it to MD5Init, call MD5Update as
* needed on buffers full of bytes, and then call MD5Final, which
* will fill a supplied 16-byte array with the digest.
*/
#include <config.h>
#include <stdbool.h>
#include <isc/assertions.h>
#include <isc/md5.h>
#include <isc/platform.h>
#include <isc/safe.h>
#include <isc/string.h>
#include <isc/types.h>
#include <isc/util.h>
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#define EVP_MD_CTX_new() &(ctx->_ctx)
#define EVP_MD_CTX_free(ptr) EVP_MD_CTX_cleanup(ptr)
#endif
void
isc_md5_init(isc_md5_t *ctx) {
ctx->ctx = EVP_MD_CTX_new();
RUNTIME_CHECK(ctx->ctx != NULL);
if (EVP_DigestInit(ctx->ctx, EVP_md5()) != 1) {
FATAL_ERROR(__FILE__, __LINE__, "Cannot initialize MD5.");
}
}
void
isc_md5_invalidate(isc_md5_t *ctx) {
EVP_MD_CTX_free(ctx->ctx);
ctx->ctx = NULL;
}
void
isc_md5_update(isc_md5_t *ctx, const unsigned char *buf, unsigned int len) {
if (len == 0U)
return;
RUNTIME_CHECK(EVP_DigestUpdate(ctx->ctx,
(const void *) buf,
(size_t) len) == 1);
}
void
isc_md5_final(isc_md5_t *ctx, unsigned char *digest) {
RUNTIME_CHECK(EVP_DigestFinal(ctx->ctx, digest, NULL) == 1);
EVP_MD_CTX_free(ctx->ctx);
ctx->ctx = NULL;
}
/*
* Check for MD5 support; if it does not work, raise a fatal error.
*
* Use "a" as the test vector.
*
* Standard use is testing false and result true.
* Testing use is testing true and result false;
*/
bool
isc_md5_check(bool testing) {
isc_md5_t ctx;
unsigned char input = 'a';
unsigned char digest[ISC_MD5_DIGESTLENGTH];
unsigned char expected[] = {
0x0c, 0xc1, 0x75, 0xb9, 0xc0, 0xf1, 0xb6, 0xa8,
0x31, 0xc3, 0x99, 0xe2, 0x69, 0x77, 0x26, 0x61
};
INSIST(sizeof(expected) == ISC_MD5_DIGESTLENGTH);
/*
* Introduce a fault for testing.
*/
if (testing) {
input ^= 0x01;
}
/*
* These functions do not return anything; any failure will be fatal.
*/
isc_md5_init(&ctx);
isc_md5_update(&ctx, &input, 1U);
isc_md5_final(&ctx, digest);
/*
* Must return true in standard case, should return false for testing.
*/
return (memcmp(digest, expected, ISC_MD5_DIGESTLENGTH) == 0);
}

View file

@ -1,112 +0,0 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
/*! \file */
#include <config.h>
#include <stdbool.h>
#include <isc/assertions.h>
#include <isc/platform.h>
#include <isc/safe.h>
#include <isc/sha1.h>
#include <isc/string.h>
#include <isc/types.h>
#include <isc/util.h>
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#define EVP_MD_CTX_new() &(context->_ctx)
#define EVP_MD_CTX_free(ptr) EVP_MD_CTX_cleanup(ptr)
#endif
void
isc_sha1_init(isc_sha1_t *context)
{
INSIST(context != NULL);
context->ctx = EVP_MD_CTX_new();
RUNTIME_CHECK(context->ctx != NULL);
if (EVP_DigestInit(context->ctx, EVP_sha1()) != 1) {
FATAL_ERROR(__FILE__, __LINE__, "Cannot initialize SHA1.");
}
}
void
isc_sha1_invalidate(isc_sha1_t *context) {
EVP_MD_CTX_free(context->ctx);
context->ctx = NULL;
}
void
isc_sha1_update(isc_sha1_t *context, const unsigned char *data,
unsigned int len)
{
INSIST(context != 0);
INSIST(context->ctx != 0);
INSIST(data != 0);
RUNTIME_CHECK(EVP_DigestUpdate(context->ctx,
(const void *) data,
(size_t) len) == 1);
}
void
isc_sha1_final(isc_sha1_t *context, unsigned char *digest) {
INSIST(digest != 0);
INSIST(context != 0);
INSIST(context->ctx != 0);
RUNTIME_CHECK(EVP_DigestFinal(context->ctx, digest, NULL) == 1);
EVP_MD_CTX_free(context->ctx);
context->ctx = NULL;
}
/*
* Check for SHA-1 support; if it does not work, raise a fatal error.
*
* Use "a" as the test vector.
*
* Standard use is testing false and result true.
* Testing use is testing true and result false;
*/
bool
isc_sha1_check(bool testing) {
isc_sha1_t ctx;
unsigned char input = 'a';
unsigned char digest[ISC_SHA1_DIGESTLENGTH];
unsigned char expected[] = {
0x86, 0xf7, 0xe4, 0x37, 0xfa, 0xa5, 0xa7, 0xfc,
0xe1, 0x5d, 0x1d, 0xdc, 0xb9, 0xea, 0xea, 0xea,
0x37, 0x76, 0x67, 0xb8
};
INSIST(sizeof(expected) == ISC_SHA1_DIGESTLENGTH);
/*
* Introduce a fault for testing.
*/
if (testing) {
input ^= 0x01;
}
/*
* These functions do not return anything; any failure will be fatal.
*/
isc_sha1_init(&ctx);
isc_sha1_update(&ctx, &input, 1U);
isc_sha1_final(&ctx, digest);
/*
* Must return true in standard case, should return false for testing.
*/
return (memcmp(digest, expected, ISC_SHA1_DIGESTLENGTH) == 0);
}

View file

@ -1,363 +0,0 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
#include <config.h>
#include <inttypes.h>
#include <isc/assertions.h>
#include <isc/platform.h>
#include <isc/safe.h>
#include <isc/sha2.h>
#include <isc/string.h>
#include <isc/util.h>
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#define EVP_MD_CTX_new() &(context->_ctx)
#define EVP_MD_CTX_free(ptr) EVP_MD_CTX_cleanup(ptr)
#define EVP_MD_CTX_reset(c) EVP_MD_CTX_cleanup(c)
#endif
void
isc_sha224_init(isc_sha224_t *context) {
if (context == (isc_sha224_t *)0) {
return;
}
context->ctx = EVP_MD_CTX_new();
RUNTIME_CHECK(context->ctx != NULL);
if (EVP_DigestInit(context->ctx, EVP_sha224()) != 1) {
FATAL_ERROR(__FILE__, __LINE__, "Cannot initialize SHA224.");
}
}
void
isc_sha224_invalidate(isc_sha224_t *context) {
EVP_MD_CTX_free(context->ctx);
context->ctx = NULL;
}
void
isc_sha224_update(isc_sha224_t *context, const uint8_t* data, size_t len) {
if (len == 0U) {
/* Calling with no data is valid - we do nothing */
return;
}
/* Sanity check: */
REQUIRE(context != (isc_sha224_t *)0);
REQUIRE(context->ctx != (EVP_MD_CTX *)0);
REQUIRE(data != (uint8_t*)0);
RUNTIME_CHECK(EVP_DigestUpdate(context->ctx,
(const void *) data, len) == 1);
}
void
isc_sha224_final(uint8_t digest[], isc_sha224_t *context) {
/* Sanity check: */
REQUIRE(context != (isc_sha224_t *)0);
REQUIRE(context->ctx != (EVP_MD_CTX *)0);
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != (uint8_t*)0)
RUNTIME_CHECK(EVP_DigestFinal(context->ctx,
digest, NULL) == 1);
EVP_MD_CTX_free(context->ctx);
context->ctx = NULL;
}
void
isc_sha256_init(isc_sha256_t *context) {
if (context == (isc_sha256_t *)0) {
return;
}
context->ctx = EVP_MD_CTX_new();
RUNTIME_CHECK(context->ctx != NULL);
if (EVP_DigestInit(context->ctx, EVP_sha256()) != 1) {
FATAL_ERROR(__FILE__, __LINE__, "Cannot initialize SHA256.");
}
}
void
isc_sha256_invalidate(isc_sha256_t *context) {
EVP_MD_CTX_free(context->ctx);
context->ctx = NULL;
}
void
isc_sha256_update(isc_sha256_t *context, const uint8_t *data, size_t len) {
if (len == 0U) {
/* Calling with no data is valid - we do nothing */
return;
}
/* Sanity check: */
REQUIRE(context != (isc_sha256_t *)0);
REQUIRE(context->ctx != (EVP_MD_CTX *)0);
REQUIRE(data != (uint8_t*)0);
RUNTIME_CHECK(EVP_DigestUpdate(context->ctx,
(const void *) data, len) == 1);
}
void
isc_sha256_final(uint8_t digest[], isc_sha256_t *context) {
/* Sanity check: */
REQUIRE(context != (isc_sha256_t *)0);
REQUIRE(context->ctx != (EVP_MD_CTX *)0);
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != (uint8_t*)0)
RUNTIME_CHECK(EVP_DigestFinal(context->ctx,
digest, NULL) == 1);
EVP_MD_CTX_free(context->ctx);
context->ctx = NULL;
}
void
isc_sha512_init(isc_sha512_t *context) {
if (context == (isc_sha512_t *)0) {
return;
}
context->ctx = EVP_MD_CTX_new();
RUNTIME_CHECK(context->ctx != NULL);
if (EVP_DigestInit(context->ctx, EVP_sha512()) != 1) {
FATAL_ERROR(__FILE__, __LINE__, "Cannot initialize SHA512.");
}
}
void
isc_sha512_invalidate(isc_sha512_t *context) {
EVP_MD_CTX_free(context->ctx);
context->ctx = NULL;
}
void isc_sha512_update(isc_sha512_t *context, const uint8_t *data, size_t len) {
if (len == 0U) {
/* Calling with no data is valid - we do nothing */
return;
}
/* Sanity check: */
REQUIRE(context != (isc_sha512_t *)0);
REQUIRE(context->ctx != (EVP_MD_CTX *)0);
REQUIRE(data != (uint8_t*)0);
RUNTIME_CHECK(EVP_DigestUpdate(context->ctx,
(const void *) data, len) == 1);
}
void isc_sha512_final(uint8_t digest[], isc_sha512_t *context) {
/* Sanity check: */
REQUIRE(context != (isc_sha512_t *)0);
REQUIRE(context->ctx != (EVP_MD_CTX *)0);
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != (uint8_t*)0)
RUNTIME_CHECK(EVP_DigestFinal(context->ctx,
digest, NULL) == 1);
EVP_MD_CTX_free(context->ctx);
context->ctx = NULL;
}
void
isc_sha384_init(isc_sha384_t *context) {
if (context == (isc_sha384_t *)0) {
return;
}
context->ctx = EVP_MD_CTX_new();
RUNTIME_CHECK(context->ctx != NULL);
if (EVP_DigestInit(context->ctx, EVP_sha384()) != 1) {
FATAL_ERROR(__FILE__, __LINE__, "Cannot initialize SHA384.");
}
}
void
isc_sha384_invalidate(isc_sha384_t *context) {
EVP_MD_CTX_free(context->ctx);
context->ctx = NULL;
}
void
isc_sha384_update(isc_sha384_t *context, const uint8_t* data, size_t len) {
if (len == 0U) {
/* Calling with no data is valid - we do nothing */
return;
}
/* Sanity check: */
REQUIRE(context != (isc_sha512_t *)0);
REQUIRE(context->ctx != (EVP_MD_CTX *)0);
REQUIRE(data != (uint8_t*)0);
RUNTIME_CHECK(EVP_DigestUpdate(context->ctx,
(const void *) data, len) == 1);
}
void
isc_sha384_final(uint8_t digest[], isc_sha384_t *context) {
/* Sanity check: */
REQUIRE(context != (isc_sha384_t *)0);
REQUIRE(context->ctx != (EVP_MD_CTX *)0);
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != (uint8_t*)0)
RUNTIME_CHECK(EVP_DigestFinal(context->ctx,
digest, NULL) == 1);
EVP_MD_CTX_free(context->ctx);
context->ctx = NULL;
}
/*
* Constant used by SHA256/384/512_End() functions for converting the
* digest to a readable hexadecimal character string:
*/
static const char *sha2_hex_digits = "0123456789abcdef";
char *
isc_sha224_end(isc_sha224_t *context, char buffer[]) {
uint8_t digest[ISC_SHA224_DIGESTLENGTH], *d = digest;
unsigned int i;
/* Sanity check: */
REQUIRE(context != (isc_sha224_t *)0);
if (buffer != (char*)0) {
isc_sha224_final(digest, context);
for (i = 0; i < ISC_SHA224_DIGESTLENGTH; i++) {
*buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4];
*buffer++ = sha2_hex_digits[*d & 0x0f];
d++;
}
*buffer = (char)0;
} else {
EVP_MD_CTX_reset(context->ctx);
}
isc_safe_memwipe(digest, sizeof(digest));
return buffer;
}
char *
isc_sha224_data(const uint8_t *data, size_t len,
char digest[ISC_SHA224_DIGESTSTRINGLENGTH])
{
isc_sha224_t context;
isc_sha224_init(&context);
isc_sha224_update(&context, data, len);
return (isc_sha224_end(&context, digest));
}
char *
isc_sha256_end(isc_sha256_t *context, char buffer[]) {
uint8_t digest[ISC_SHA256_DIGESTLENGTH], *d = digest;
unsigned int i;
/* Sanity check: */
REQUIRE(context != (isc_sha256_t *)0);
if (buffer != (char*)0) {
isc_sha256_final(digest, context);
for (i = 0; i < ISC_SHA256_DIGESTLENGTH; i++) {
*buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4];
*buffer++ = sha2_hex_digits[*d & 0x0f];
d++;
}
*buffer = (char)0;
} else {
EVP_MD_CTX_reset(context->ctx);
}
isc_safe_memwipe(digest, sizeof(digest));
return buffer;
}
char *
isc_sha256_data(const uint8_t* data, size_t len,
char digest[ISC_SHA256_DIGESTSTRINGLENGTH])
{
isc_sha256_t context;
isc_sha256_init(&context);
isc_sha256_update(&context, data, len);
return (isc_sha256_end(&context, digest));
}
char *
isc_sha512_end(isc_sha512_t *context, char buffer[]) {
uint8_t digest[ISC_SHA512_DIGESTLENGTH], *d = digest;
unsigned int i;
/* Sanity check: */
REQUIRE(context != (isc_sha512_t *)0);
if (buffer != (char*)0) {
isc_sha512_final(digest, context);
for (i = 0; i < ISC_SHA512_DIGESTLENGTH; i++) {
*buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4];
*buffer++ = sha2_hex_digits[*d & 0x0f];
d++;
}
*buffer = (char)0;
} else {
EVP_MD_CTX_reset(context->ctx);
}
isc_safe_memwipe(digest, sizeof(digest));
return buffer;
}
char *
isc_sha512_data(const uint8_t *data, size_t len,
char digest[ISC_SHA512_DIGESTSTRINGLENGTH])
{
isc_sha512_t context;
isc_sha512_init(&context);
isc_sha512_update(&context, data, len);
return (isc_sha512_end(&context, digest));
}
char *
isc_sha384_end(isc_sha384_t *context, char buffer[]) {
uint8_t digest[ISC_SHA384_DIGESTLENGTH], *d = digest;
unsigned int i;
/* Sanity check: */
REQUIRE(context != (isc_sha384_t *)0);
if (buffer != (char*)0) {
isc_sha384_final(digest, context);
for (i = 0; i < ISC_SHA384_DIGESTLENGTH; i++) {
*buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4];
*buffer++ = sha2_hex_digits[*d & 0x0f];
d++;
}
*buffer = (char)0;
} else {
EVP_MD_CTX_reset(context->ctx);
}
isc_safe_memwipe(digest, sizeof(digest));
return buffer;
}
char *
isc_sha384_data(const uint8_t *data, size_t len,
char digest[ISC_SHA384_DIGESTSTRINGLENGTH])
{
isc_sha384_t context;
isc_sha384_init(&context);
isc_sha384_update(&context, data, len);
return (isc_sha384_end(&context, digest));
}

View file

@ -10,6 +10,7 @@ atf_test_program{name='hash_test'}
atf_test_program{name='heap_test'}
atf_test_program{name='ht_test'}
atf_test_program{name='lex_test'}
tap_test_program{name='md_test'}
atf_test_program{name='mem_test'}
atf_test_program{name='netaddr_test'}
atf_test_program{name='parse_test'}

View file

@ -31,10 +31,11 @@ CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
CMOCKA_LIBS = @CMOCKA_LIBS@
OBJS = isctest.@O@
SRCS = isctest.c aes_test.c buffer_test.c \
counter_test.c errno_test.c file_test.c hash_test.c \
heap_test.c ht_test.c lex_test.c \
mem_test.c netaddr_test.c parse_test.c pool_test.c \
mem_test.c md_test.c netaddr_test.c parse_test.c pool_test.c \
queue_test.c radix_test.c random_test.c \
regex_test.c result_test.c safe_test.c sockaddr_test.c \
socket_test.c socket_test.c symtab_test.c task_test.c \
@ -44,7 +45,7 @@ SUBDIRS =
TARGETS = aes_test@EXEEXT@ buffer_test@EXEEXT@ \
counter_test@EXEEXT@ errno_test@EXEEXT@ file_test@EXEEXT@ \
hash_test@EXEEXT@ heap_test@EXEEXT@ ht_test@EXEEXT@ \
lex_test@EXEEXT@ mem_test@EXEEXT@ \
lex_test@EXEEXT@ mem_test@EXEEXT@ md_test@EXEEXT@ \
netaddr_test@EXEEXT@ parse_test@EXEEXT@ pool_test@EXEEXT@ \
queue_test@EXEEXT@ radix_test@EXEEXT@ \
random_test@EXEEXT@ regex_test@EXEEXT@ result_test@EXEEXT@ \
@ -90,6 +91,10 @@ lex_test@EXEEXT@: lex_test.@O@ ${ISCDEPLIBS}
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \
lex_test.@O@ ${ISCLIBS} ${LIBS}
md_test@EXEEXT@: md_test.@O@ ${ISCDEPLIBS}
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${CMOCKA_CFLAGS} ${LDFLAGS} -o $@ \
md_test.@O@ ${ISCLIBS} ${LIBS} ${CMOCKA_LIBS}
mem_test@EXEEXT@: mem_test.@O@ isctest.@O@ ${ISCDEPLIBS}
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \
mem_test.@O@ isctest.@O@ ${ISCLIBS} ${LIBS}

File diff suppressed because it is too large Load diff

589
lib/isc/tests/md_test.c Normal file
View file

@ -0,0 +1,589 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
#include <config.h>
#if HAVE_CMOCKA
#include <stdarg.h>
#include <stddef.h>
#include <setjmp.h>
#include <string.h>
/* For FIPS_mode() */
#include <openssl/crypto.h>
#define UNIT_TESTING
#include <cmocka.h>
#include <isc/buffer.h>
#include <isc/hex.h>
#include <isc/region.h>
#include <isc/result.h>
#include <isc/md.h>
#include "../md.c"
#define TEST_INPUT(x) (x), sizeof(x)-1
static int
_setup(void **state) {
isc_md_t *md = isc_md_new();
if (md == NULL) {
return (-1);
}
*state = md;
return (0);
}
static int
_teardown(void **state) {
if (*state == NULL) {
return (-1);
}
isc_md_free(*state);
return (0);
}
static int
_reset(void **state) {
if (*state == NULL) {
return (-1);
}
if (isc_md_reset(*state) != ISC_R_SUCCESS) {
return (-1);
}
return (0);
}
static void
isc_md_new_test(void **state) {
UNUSED(state);
isc_md_t *md = isc_md_new();
assert_non_null(md);
isc_md_free(md); /* Cleanup */
}
static void
isc_md_free_test(void **state) {
UNUSED(state);
isc_md_t *md = isc_md_new();
assert_non_null(md);
isc_md_free(md); /* Test freeing valid message digest context */
isc_md_free(NULL); /* Test freeing NULL argument */
}
static void
isc_md_test(isc_md_t *md, isc_md_type_t type, const char *buf, size_t buflen,
const char *result, const int repeats)
{
assert_non_null(md);
assert_int_equal(isc_md_init(md, type), ISC_R_SUCCESS);
int i;
for (i = 0; i < repeats; i++) {
assert_int_equal(
isc_md_update(md, (const unsigned char *)buf, buflen),
ISC_R_SUCCESS);
}
unsigned char digest[ISC_MAX_MD_SIZE];
unsigned int digestlen;
assert_int_equal(isc_md_final(md, digest, &digestlen), ISC_R_SUCCESS);
char hexdigest[ISC_MAX_MD_SIZE * 2 + 3];
isc_region_t r = { .base = digest,
.length = digestlen };
isc_buffer_t b;
isc_buffer_init(&b, hexdigest, sizeof(hexdigest));
assert_return_code(isc_hex_totext(&r, 0, "", &b), ISC_R_SUCCESS);
assert_memory_equal(hexdigest, result, (result?strlen(result):0));
assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS);
}
static void
isc_md_init_test(void **state) {
isc_md_t *md = *state;
assert_non_null(md);
expect_assert_failure(isc_md_init(NULL, ISC_MD_MD5));
assert_int_equal(isc_md_init(md, NULL), ISC_R_NOTIMPLEMENTED);
assert_int_equal(isc_md_init(md, ISC_MD_MD5), ISC_R_SUCCESS);
assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS);
assert_int_equal(isc_md_init(md, ISC_MD_SHA1), ISC_R_SUCCESS);
assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS);
assert_int_equal(isc_md_init(md, ISC_MD_SHA224), ISC_R_SUCCESS);
assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS);
assert_int_equal(isc_md_init(md, ISC_MD_SHA256), ISC_R_SUCCESS);
assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS);
assert_int_equal(isc_md_init(md, ISC_MD_SHA384), ISC_R_SUCCESS);
assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS);
assert_int_equal(isc_md_init(md, ISC_MD_SHA512), ISC_R_SUCCESS);
assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS);
}
static void
isc_md_update_test(void **state) {
isc_md_t *md = *state;
assert_non_null(md);
/* Uses message digest context initialized in isc_md_init_test() */
expect_assert_failure(isc_md_update(NULL, NULL, 0));
assert_int_equal(isc_md_update(md, NULL, 100), ISC_R_SUCCESS);
assert_int_equal(isc_md_update(md, (const unsigned char *)"", 0),
ISC_R_SUCCESS);
}
static void
isc_md_reset_test(void **state) {
isc_md_t *md = *state;
unsigned char digest[ISC_MAX_MD_SIZE] __attribute((unused));
unsigned int digestlen __attribute((unused));
assert_non_null(md);
assert_int_equal(isc_md_init(md, ISC_MD_SHA512), ISC_R_SUCCESS);
assert_int_equal(isc_md_update(md, (const unsigned char *)"a", 1),
ISC_R_SUCCESS);
assert_int_equal(isc_md_update(md, (const unsigned char *)"b", 1),
ISC_R_SUCCESS);
assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS);
#if 0
/*
* This test would require OpenSSL compiled with mock_assert(),
* so this could be only manually checked that the test will
* segfault when called by hand
*/
expect_assert_failure(isc_md_final(md, digest, &digestlen));
#endif
}
static void
isc_md_final_test(void **state) {
isc_md_t *md = *state;
assert_non_null(md);
unsigned char digest[ISC_MAX_MD_SIZE];
unsigned int digestlen;
/* Fail when message digest context is empty */
expect_assert_failure(isc_md_final(NULL, digest, &digestlen));
/* Fail when output buffer is empty */
expect_assert_failure(isc_md_final(md, NULL, &digestlen));
assert_int_equal(isc_md_init(md, ISC_MD_SHA512), ISC_R_SUCCESS);
assert_int_equal(isc_md_final(md, digest, NULL), ISC_R_SUCCESS);
}
static void
isc_md_md5_test(void **state) {
isc_md_t *md = *state;
isc_md_test(md, ISC_MD_MD5, NULL, 0, NULL, 0);
isc_md_test(md, ISC_MD_MD5, TEST_INPUT(""),
"D41D8CD98F00B204E9800998ECF8427E", 1);
isc_md_test(md, ISC_MD_MD5, TEST_INPUT("a"),
"0CC175B9C0F1B6A831C399E269772661", 1);
isc_md_test(md, ISC_MD_MD5, TEST_INPUT("abc"),
"900150983CD24FB0D6963F7D28E17F72", 1);
isc_md_test(md, ISC_MD_MD5, TEST_INPUT("message digest"),
"F96B697D7CB7938D525A2F31AAF161D0", 1);
isc_md_test(md, ISC_MD_MD5, TEST_INPUT("abcdefghijklmnopqrstuvwxyz"),
"C3FCD3D76192E4007DFB496CCA67E13B", 1);
isc_md_test(md, ISC_MD_MD5,
TEST_INPUT("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklm"
"nopqrstuvwxyz0123456789"),
"D174AB98D277D9F5A5611C2C9F419D9F", 1);
isc_md_test(md, ISC_MD_MD5,
TEST_INPUT("123456789012345678901234567890123456789"
"01234567890123456789012345678901234567890"),
"57EDF4A22BE3C955AC49DA2E2107B67A", 1);
}
static void
isc_md_sha1_test(void **state) {
isc_md_t *md = *state;
isc_md_test(md, ISC_MD_SHA1, NULL, 0, NULL, 0);
isc_md_test(md, ISC_MD_SHA1, TEST_INPUT(""),
"DA39A3EE5E6B4B0D3255BFEF95601890AFD80709", 1);
isc_md_test(md, ISC_MD_SHA1, TEST_INPUT("abc"),
"A9993E364706816ABA3E25717850C26C9CD0D89D", 1);
isc_md_test(md, ISC_MD_SHA1,
TEST_INPUT("abcdbcdecdefdefgefghfghighijhijkijk"
"ljklmklmnlmnomnopnopq"),
"84983E441C3BD26EBAAE4AA1F95129E5E54670F1", 1);
isc_md_test(md, ISC_MD_SHA1, TEST_INPUT("a"),
"34AA973CD4C4DAA4F61EEB2BDBAD27316534016F",
1000000);
isc_md_test(md, ISC_MD_SHA1,
TEST_INPUT("01234567012345670123456701234567"),
"DEA356A2CDDD90C7A7ECEDC5EBB563934F460452",
20);
isc_md_test(md, ISC_MD_SHA1, TEST_INPUT("\x5e"),
"5E6F80A34A9798CAFC6A5DB96CC57BA4C4DB59C2",
1);
isc_md_test(md, ISC_MD_SHA1,
TEST_INPUT("\x9a\x7d\xfd\xf1\xec\xea\xd0\x6e\xd6\x46"
"\xaa\x55\xfe\x75\x71\x46"),
"82ABFF6605DBE1C17DEF12A394FA22A82B544A35",
1);
isc_md_test(md, ISC_MD_SHA1,
TEST_INPUT("\xf7\x8f\x92\x14\x1b\xcd\x17\x0a\xe8\x9b"
"\x4f\xba\x15\xa1\xd5\x9f\x3f\xd8\x4d\x22"
"\x3c\x92\x51\xbd\xac\xbb\xae\x61\xd0\x5e"
"\xd1\x15\xa0\x6a\x7c\xe1\x17\xb7\xbe\xea"
"\xd2\x44\x21\xde\xd9\xc3\x25\x92\xbd\x57"
"\xed\xea\xe3\x9c\x39\xfa\x1f\xe8\x94\x6a"
"\x84\xd0\xcf\x1f\x7b\xee\xad\x17\x13\xe2"
"\xe0\x95\x98\x97\x34\x7f\x67\xc8\x0b\x04"
"\x00\xc2\x09\x81\x5d\x6b\x10\xa6\x83\x83"
"\x6f\xd5\x56\x2a\x56\xca\xb1\xa2\x8e\x81"
"\xb6\x57\x66\x54\x63\x1c\xf1\x65\x66\xb8"
"\x6e\x3b\x33\xa1\x08\xb0\x53\x07\xc0\x0a"
"\xff\x14\xa7\x68\xed\x73\x50\x60\x6a\x0f"
"\x85\xe6\xa9\x1d\x39\x6f\x5b\x5c\xbe\x57"
"\x7f\x9b\x38\x80\x7c\x7d\x52\x3d\x6d\x79"
"\x2f\x6e\xbc\x24\xa4\xec\xf2\xb3\xa4\x27"
"\xcd\xbb\xfb"),
"CB0082C8F197D260991BA6A460E76E202BAD27B3", 1);
}
static void
isc_md_sha224_test(void **state) {
isc_md_t *md = *state;
isc_md_test(md, ISC_MD_SHA224, NULL, 0, NULL, 0);
isc_md_test(md, ISC_MD_SHA224, TEST_INPUT(""),
"D14A028C2A3A2BC9476102BB288234C415A2B01F828EA62AC5B3E42F",
1);
isc_md_test(md, ISC_MD_SHA224, TEST_INPUT("abc"),
"23097D223405D8228642A477BDA255B32AADBCE4BDA0B3F7"
"E36C9DA7",
1);
isc_md_test(md, ISC_MD_SHA224,
TEST_INPUT("abcdbcdecdefdefgefghfghighijhijkijklj"
"klmklmnlmnomnopnopq"),
"75388B16512776CC5DBA5DA1FD890150B0C6455CB4F58B"
"1952522525",
1);
isc_md_test(md, ISC_MD_SHA224, TEST_INPUT("a"),
"20794655980C91D8BBB4C1EA97618A4BF03F42581948B2"
"EE4EE7AD67",
1000000);
isc_md_test(md, ISC_MD_SHA224,
TEST_INPUT("01234567012345670123456701234567"),
"567F69F168CD7844E65259CE658FE7AADFA25216E68ECA"
"0EB7AB8262",
20);
isc_md_test(md, ISC_MD_SHA224, TEST_INPUT("\x07"),
"00ECD5F138422B8AD74C9799FD826C531BAD2FCABC7450"
"BEE2AA8C2A",
1);
isc_md_test(md, ISC_MD_SHA224,
TEST_INPUT("\x18\x80\x40\x05\xdd\x4f\xbd\x15\x56\x29"
"\x9d\x6f\x9d\x93\xdf\x62"),
"DF90D78AA78821C99B40BA4C966921ACCD8FFB1E98AC38"
"8E56191DB1",
1);
isc_md_test(md, ISC_MD_SHA224,
TEST_INPUT("\x55\xb2\x10\x07\x9c\x61\xb5\x3a\xdd\x52"
"\x06\x22\xd1\xac\x97\xd5\xcd\xbe\x8c\xb3"
"\x3a\xa0\xae\x34\x45\x17\xbe\xe4\xd7\xba"
"\x09\xab\xc8\x53\x3c\x52\x50\x88\x7a\x43"
"\xbe\xbb\xac\x90\x6c\x2e\x18\x37\xf2\x6b"
"\x36\xa5\x9a\xe3\xbe\x78\x14\xd5\x06\x89"
"\x6b\x71\x8b\x2a\x38\x3e\xcd\xac\x16\xb9"
"\x61\x25\x55\x3f\x41\x6f\xf3\x2c\x66\x74"
"\xc7\x45\x99\xa9\x00\x53\x86\xd9\xce\x11"
"\x12\x24\x5f\x48\xee\x47\x0d\x39\x6c\x1e"
"\xd6\x3b\x92\x67\x0c\xa5\x6e\xc8\x4d\xee"
"\xa8\x14\xb6\x13\x5e\xca\x54\x39\x2b\xde"
"\xdb\x94\x89\xbc\x9b\x87\x5a\x8b\xaf\x0d"
"\xc1\xae\x78\x57\x36\x91\x4a\xb7\xda\xa2"
"\x64\xbc\x07\x9d\x26\x9f\x2c\x0d\x7e\xdd"
"\xd8\x10\xa4\x26\x14\x5a\x07\x76\xf6\x7c"
"\x87\x82\x73"),
"0B31894EC8937AD9B91BDFBCBA294D9ADEFAA18E09305E"
"9F20D5C3A4",
1);
}
static void
isc_md_sha256_test(void **state) {
isc_md_t *md = *state;
isc_md_test(md, ISC_MD_SHA256, NULL, 0, NULL, 0);
isc_md_test(md, ISC_MD_SHA256, TEST_INPUT(""),
"E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B93"
"4CA495991B7852B855",
1);
isc_md_test(md, ISC_MD_SHA256, TEST_INPUT("abc"),
"BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A"
"9CB410FF61F20015AD",
1);
isc_md_test(md, ISC_MD_SHA256,
TEST_INPUT("abcdbcdecdefdefgefghfghighijhijkijkljk"
"lmklmnlmnomnopnopq"),
"248D6A61D20638B8E5C026930C3E6039A33CE45964FF21"
"67F6ECEDD419DB06C1",
1);
isc_md_test(md, ISC_MD_SHA256, TEST_INPUT("a"),
"CDC76E5C9914FB9281A1C7E284D73E67F1809A48A49720"
"0E046D39CCC7112CD0", 1000000);
isc_md_test(md, ISC_MD_SHA256,
TEST_INPUT("01234567012345670123456701234567"),
"594847328451BDFA85056225462CC1D867D877FB388DF0"
"CE35F25AB5562BFBB5",
20);
isc_md_test(md, ISC_MD_SHA256, TEST_INPUT("\x19"),
"68AA2E2EE5DFF96E3355E6C7EE373E3D6A4E17F75F9518"
"D843709C0C9BC3E3D4",
1);
isc_md_test(md, ISC_MD_SHA256,
TEST_INPUT("\xe3\xd7\x25\x70\xdc\xdd\x78\x7c\xe3"
"\x88\x7a\xb2\xcd\x68\x46\x52"),
"175EE69B02BA9B58E2B0A5FD13819CEA573F3940A94F82"
"5128CF4209BEABB4E8",
1);
isc_md_test(md, ISC_MD_SHA256,
TEST_INPUT("\x83\x26\x75\x4e\x22\x77\x37\x2f\x4f\xc1"
"\x2b\x20\x52\x7a\xfe\xf0\x4d\x8a\x05\x69"
"\x71\xb1\x1a\xd5\x71\x23\xa7\xc1\x37\x76"
"\x00\x00\xd7\xbe\xf6\xf3\xc1\xf7\xa9\x08"
"\x3a\xa3\x9d\x81\x0d\xb3\x10\x77\x7d\xab"
"\x8b\x1e\x7f\x02\xb8\x4a\x26\xc7\x73\x32"
"\x5f\x8b\x23\x74\xde\x7a\x4b\x5a\x58\xcb"
"\x5c\x5c\xf3\x5b\xce\xe6\xfb\x94\x6e\x5b"
"\xd6\x94\xfa\x59\x3a\x8b\xeb\x3f\x9d\x65"
"\x92\xec\xed\xaa\x66\xca\x82\xa2\x9d\x0c"
"\x51\xbc\xf9\x33\x62\x30\xe5\xd7\x84\xe4"
"\xc0\xa4\x3f\x8d\x79\xa3\x0a\x16\x5c\xba"
"\xbe\x45\x2b\x77\x4b\x9c\x71\x09\xa9\x7d"
"\x13\x8f\x12\x92\x28\x96\x6f\x6c\x0a\xdc"
"\x10\x6a\xad\x5a\x9f\xdd\x30\x82\x57\x69"
"\xb2\xc6\x71\xaf\x67\x59\xdf\x28\xeb\x39"
"\x3d\x54\xd6"),
"97DBCA7DF46D62C8A422C941DD7E835B8AD3361763F7E9"
"B2D95F4F0DA6E1CCBC",
1);
}
static void
isc_md_sha384_test(void **state) {
isc_md_t *md = *state;
isc_md_test(md, ISC_MD_SHA384, NULL, 0, NULL, 0);
isc_md_test(md, ISC_MD_SHA384, TEST_INPUT(""),
"38B060A751AC96384CD9327EB1B1E36A21FDB71114BE07"
"434C0CC7BF63F6E1DA274EDEBFE76F65FBD51AD2F14898"
"B95B"
"",
1);
isc_md_test(md, ISC_MD_SHA384, TEST_INPUT("abc"),
"CB00753F45A35E8BB5A03D699AC65007272C32AB0EDED1"
"631A8B605A43FF5BED8086072BA1E7CC2358BAEC"
"A134C825A7",
1);
isc_md_test(md, ISC_MD_SHA384,
TEST_INPUT("abcdefghbcdefghicdefghijdefghijkefghijkl"
"fghijklmghijklmnhijklmnoijklmnopjklmnopq"
"klmnopqrlmnopqrsmnopqrstnopqrstu"),
"09330C33F71147E83D192FC782CD1B4753111B173B3B05"
"D22FA08086E3B0F712FCC7C71A557E2DB966C3E9"
"FA91746039",
1);
isc_md_test(md, ISC_MD_SHA384, TEST_INPUT("a"),
"9D0E1809716474CB086E834E310A4A1CED149E9C00F248"
"527972CEC5704C2A5B07B8B3DC38ECC4EBAE97DD"
"D87F3D8985",
1000000);
isc_md_test(md, ISC_MD_SHA384,
TEST_INPUT("01234567012345670123456701234567"),
"2FC64A4F500DDB6828F6A3430B8DD72A368EB7F3A8322A"
"70BC84275B9C0B3AB00D27A5CC3C2D224AA6B61A"
"0D79FB4596",
20);
isc_md_test(md, ISC_MD_SHA384, TEST_INPUT("\xb9"),
"BC8089A19007C0B14195F4ECC74094FEC64F01F9092928"
"2C2FB392881578208AD466828B1C6C283D2722CF"
"0AD1AB6938",
1);
isc_md_test(md, ISC_MD_SHA384,
TEST_INPUT("\xa4\x1c\x49\x77\x79\xc0\x37\x5f\xf1"
"\x0a\x7f\x4e\x08\x59\x17\x39"),
"C9A68443A005812256B8EC76B00516F0DBB74FAB26D665"
"913F194B6FFB0E91EA9967566B58109CBC675CC2"
"08E4C823F7",
1);
isc_md_test(md, ISC_MD_SHA384,
TEST_INPUT("\x39\x96\x69\xe2\x8f\x6b\x9c\x6d\xbc\xbb"
"\x69\x12\xec\x10\xff\xcf\x74\x79\x03\x49"
"\xb7\xdc\x8f\xbe\x4a\x8e\x7b\x3b\x56\x21"
"\xdb\x0f\x3e\x7d\xc8\x7f\x82\x32\x64\xbb"
"\xe4\x0d\x18\x11\xc9\xea\x20\x61\xe1\xc8"
"\x4a\xd1\x0a\x23\xfa\xc1\x72\x7e\x72\x02"
"\xfc\x3f\x50\x42\xe6\xbf\x58\xcb\xa8\xa2"
"\x74\x6e\x1f\x64\xf9\xb9\xea\x35\x2c\x71"
"\x15\x07\x05\x3c\xf4\xe5\x33\x9d\x52\x86"
"\x5f\x25\xcc\x22\xb5\xe8\x77\x84\xa1\x2f"
"\xc9\x61\xd6\x6c\xb6\xe8\x95\x73\x19\x9a"
"\x2c\xe6\x56\x5c\xbd\xf1\x3d\xca\x40\x38"
"\x32\xcf\xcb\x0e\x8b\x72\x11\xe8\x3a\xf3"
"\x2a\x11\xac\x17\x92\x9f\xf1\xc0\x73\xa5"
"\x1c\xc0\x27\xaa\xed\xef\xf8\x5a\xad\x7c"
"\x2b\x7c\x5a\x80\x3e\x24\x04\xd9\x6d\x2a"
"\x77\x35\x7b\xda\x1a\x6d\xae\xed\x17\x15"
"\x1c\xb9\xbc\x51\x25\xa4\x22\xe9\x41\xde"
"\x0c\xa0\xfc\x50\x11\xc2\x3e\xcf\xfe\xfd"
"\xd0\x96\x76\x71\x1c\xf3\xdb\x0a\x34\x40"
"\x72\x0e\x16\x15\xc1\xf2\x2f\xbc\x3c\x72"
"\x1d\xe5\x21\xe1\xb9\x9b\xa1\xbd\x55\x77"
"\x40\x86\x42\x14\x7e\xd0\x96"),
"4F440DB1E6EDD2899FA335F09515AA025EE177A79F4B4A"
"AF38E42B5C4DE660F5DE8FB2A5B2FBD2A3CBFFD2"
"0CFF1288C0",
1);
}
static void
isc_md_sha512_test(void **state) {
isc_md_t *md = *state;
isc_md_test(md, ISC_MD_SHA512, NULL, 0, NULL, 0);
isc_md_test(md, ISC_MD_SHA512, TEST_INPUT(""),
"CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715"
"DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877E"
"EC2F63B931BD47417A81A538327AF927DA3E",
1);
isc_md_test(md, ISC_MD_SHA512, TEST_INPUT("abc"),
"DDAF35A193617ABACC417349AE20413112E6FA4E89A97E"
"A20A9EEEE64B55D39A2192992A274FC1A836BA3C"
"23A3FEEBBD454D4423643CE80E2A9AC94FA54CA49F",
1);
isc_md_test(md, ISC_MD_SHA512,
TEST_INPUT("abcdefghbcdefghicdefghijdefghijkefghijkl"
"fghijklmghijklmnhijklmnoijklmnopjklmnopq"
"klmnopqrlmnopqrsmnopqrstnopqrstu"),
"8E959B75DAE313DA8CF4F72814FC143F8F7779C6EB9F7F"
"A17299AEADB6889018501D289E4900F7E4331B99"
"DEC4B5433AC7D329EEB6DD26545E96E55B874BE909",
1);
isc_md_test(md, ISC_MD_SHA512, TEST_INPUT("a"),
"E718483D0CE769644E2E42C7BC15B4638E1F98B13B2044"
"285632A803AFA973EBDE0FF244877EA60A4CB043"
"2CE577C31BEB009C5C2C49AA2E4EADB217AD8CC09B",
1000000);
isc_md_test(md, ISC_MD_SHA512,
TEST_INPUT("01234567012345670123456701234567"),
"89D05BA632C699C31231DED4FFC127D5A894DAD412C0E0"
"24DB872D1ABD2BA8141A0F85072A9BE1E2AA04CF"
"33C765CB510813A39CD5A84C4ACAA64D3F3FB7BAE9",
20);
isc_md_test(md, ISC_MD_SHA512, TEST_INPUT("\xD0"),
"9992202938E882E73E20F6B69E68A0A7149090423D93C8"
"1BAB3F21678D4ACEEEE50E4E8CAFADA4C85A54EA"
"8306826C4AD6E74CECE9631BFA8A549B4AB3FBBA15",
1);
isc_md_test(md, ISC_MD_SHA512,
TEST_INPUT("\x8d\x4e\x3c\x0e\x38\x89\x19\x14\x91\x81"
"\x6e\x9d\x98\xbf\xf0\xa0"),
"CB0B67A4B8712CD73C9AABC0B199E9269B20844AFB75AC"
"BDD1C153C9828924C3DDEDAAFE669C5FDD0BC66F"
"630F6773988213EB1B16F517AD0DE4B2F0C95C90F8",
1);
isc_md_test(md, ISC_MD_SHA512,
TEST_INPUT("\xa5\x5f\x20\xc4\x11\xaa\xd1\x32\x80\x7a"
"\x50\x2d\x65\x82\x4e\x31\xa2\x30\x54\x32"
"\xaa\x3d\x06\xd3\xe2\x82\xa8\xd8\x4e\x0d"
"\xe1\xde\x69\x74\xbf\x49\x54\x69\xfc\x7f"
"\x33\x8f\x80\x54\xd5\x8c\x26\xc4\x93\x60"
"\xc3\xe8\x7a\xf5\x65\x23\xac\xf6\xd8\x9d"
"\x03\xe5\x6f\xf2\xf8\x68\x00\x2b\xc3\xe4"
"\x31\xed\xc4\x4d\xf2\xf0\x22\x3d\x4b\xb3"
"\xb2\x43\x58\x6e\x1a\x7d\x92\x49\x36\x69"
"\x4f\xcb\xba\xf8\x8d\x95\x19\xe4\xeb\x50"
"\xa6\x44\xf8\xe4\xf9\x5e\xb0\xea\x95\xbc"
"\x44\x65\xc8\x82\x1a\xac\xd2\xfe\x15\xab"
"\x49\x81\x16\x4b\xbb\x6d\xc3\x2f\x96\x90"
"\x87\xa1\x45\xb0\xd9\xcc\x9c\x67\xc2\x2b"
"\x76\x32\x99\x41\x9c\xc4\x12\x8b\xe9\xa0"
"\x77\xb3\xac\xe6\x34\x06\x4e\x6d\x99\x28"
"\x35\x13\xdc\x06\xe7\x51\x5d\x0d\x73\x13"
"\x2e\x9a\x0d\xc6\xd3\xb1\xf8\xb2\x46\xf1"
"\xa9\x8a\x3f\xc7\x29\x41\xb1\xe3\xbb\x20"
"\x98\xe8\xbf\x16\xf2\x68\xd6\x4f\x0b\x0f"
"\x47\x07\xfe\x1e\xa1\xa1\x79\x1b\xa2\xf3"
"\xc0\xc7\x58\xe5\xf5\x51\x86\x3a\x96\xc9"
"\x49\xad\x47\xd7\xfb\x40\xd2"),
"C665BEFB36DA189D78822D10528CBF3B12B3EEF7260399"
"09C1A16A270D48719377966B957A878E72058477"
"9A62825C18DA26415E49A7176A894E7510FD1451F5",
1);
}
int main(void) {
const struct CMUnitTest tests[] = {
/* isc_md_new() */
cmocka_unit_test(isc_md_new_test),
/* isc_md_init() */
cmocka_unit_test_setup_teardown(isc_md_init_test,
_reset, _reset),
/* isc_md_reset() */
cmocka_unit_test_setup_teardown(isc_md_reset_test,
_reset, _reset),
/* isc_md_init() -> isc_md_update() -> isc_md_final() */
cmocka_unit_test(isc_md_md5_test),
cmocka_unit_test(isc_md_sha1_test),
cmocka_unit_test(isc_md_sha224_test),
cmocka_unit_test(isc_md_sha256_test),
cmocka_unit_test(isc_md_sha384_test),
cmocka_unit_test(isc_md_sha512_test),
cmocka_unit_test_setup_teardown(isc_md_update_test,
_reset, _reset),
cmocka_unit_test_setup_teardown(isc_md_final_test,
_reset, _reset),
cmocka_unit_test(isc_md_free_test),
};
return (cmocka_run_group_tests(tests, _setup, _teardown));
}
#else /* HAVE_CMOCKA */
#include <stdio.h>
int main(void) {
printf("1..0 # Skipped: cmocka not available\n");
return (0);
}
#endif

View file

@ -63,10 +63,10 @@
#include <isc/dir.h>
#include <isc/file.h>
#include <isc/log.h>
#include <isc/md.h>
#include <isc/mem.h>
#include <isc/print.h>
#include <isc/random.h>
#include <isc/sha2.h>
#include <isc/string.h>
#include <isc/time.h>
#include <isc/util.h>
@ -703,12 +703,32 @@ isc_file_munmap(void *addr, size_t len) {
#define PATH_MAX 1024
#endif
static isc_result_t
digest2hex(unsigned char *digest, unsigned int digestlen,
char *hash, size_t hashlen)
{
unsigned int i;
int ret;
for (i = 0; i < digestlen; i++) {
size_t left = hashlen - i * 2;
ret = snprintf(hash + i * 2, left, "%02x", digest[i]);
if (ret < 0 || (size_t)ret >= left) {
return (ISC_R_NOSPACE);
}
}
return (ISC_R_SUCCESS);
}
isc_result_t
isc_file_sanitize(const char *dir, const char *base, const char *ext,
char *path, size_t length)
{
char buf[PATH_MAX], hash[ISC_SHA256_DIGESTSTRINGLENGTH];
char buf[PATH_MAX];
unsigned char digest[ISC_MAX_MD_SIZE];
unsigned int digestlen;
char hash[ISC_MAX_MD_SIZE * 2 + 1];
size_t l = 0;
isc_result_t err;
REQUIRE(base != NULL);
REQUIRE(path != NULL);
@ -731,7 +751,17 @@ isc_file_sanitize(const char *dir, const char *base, const char *ext,
return (ISC_R_NOSPACE);
/* Check whether the full-length SHA256 hash filename exists */
isc_sha256_data((const void *) base, strlen(base), hash);
err = isc_md(ISC_MD_SHA256, (const unsigned char *)base,
strlen(base), digest, &digestlen);
if (err != ISC_R_SUCCESS) {
return (err);
}
err = digest2hex(digest, digestlen, hash, sizeof(hash));
if (err != ISC_R_SUCCESS) {
return (err);
}
snprintf(buf, sizeof(buf), "%s%s%s%s%s",
dir != NULL ? dir : "", dir != NULL ? "/" : "",
hash, ext != NULL ? "." : "", ext != NULL ? ext : "");

View file

@ -26,11 +26,11 @@
#include <sys/utime.h>
#include <isc/file.h>
#include <isc/md.h>
#include <isc/mem.h>
#include <isc/print.h>
#include <isc/random.h>
#include <isc/result.h>
#include <isc/sha2.h>
#include <isc/stat.h>
#include <isc/string.h>
#include <isc/time.h>
@ -780,12 +780,32 @@ isc_file_munmap(void *addr, size_t len) {
#define PATH_MAX 1024
#endif
static isc_result_t
digest2hex(unsigned char *digest, unsigned int digestlen,
char *hash, size_t hashlen)
{
unsigned int i;
int ret;
for (i = 0; i < digestlen; i++) {
size_t left = hashlen - i * 2;
ret = snprintf(hash + i * 2, left, "%02x", digest[i]);
if (ret < 0 || (size_t)ret >= left) {
return (ISC_R_NOSPACE);
}
}
return (ISC_R_SUCCESS);
}
isc_result_t
isc_file_sanitize(const char *dir, const char *base, const char *ext,
char *path, size_t length)
{
char buf[PATH_MAX], hash[ISC_SHA256_DIGESTSTRINGLENGTH];
char buf[PATH_MAX];
unsigned char digest[ISC_MAX_MD_SIZE];
unsigned int digestlen;
char hash[ISC_MAX_MD_SIZE * 2 + 1];
size_t l = 0;
isc_result_t err;
REQUIRE(base != NULL);
REQUIRE(path != NULL);
@ -808,7 +828,17 @@ isc_file_sanitize(const char *dir, const char *base, const char *ext,
return (ISC_R_NOSPACE);
/* Check whether the full-length SHA256 hash filename exists */
isc_sha256_data((const void *) base, strlen(base), hash);
err = isc_md(ISC_MD_SHA256, (const unsigned char *)base,
strlen(base), digest, &digestlen);
if (err != ISC_R_SUCCESS) {
return (err);
}
err = digest2hex(digest, digestlen, hash, sizeof(hash));
if (err != ISC_R_SUCCESS) {
return (err);
}
snprintf(buf, sizeof(buf), "%s%s%s%s%s",
dir != NULL ? dir : "", dir != NULL ? "/" : "",
hash, ext != NULL ? "." : "", ext != NULL ? ext : "");

View file

@ -42,6 +42,12 @@ typedef uint32_t socklen_t;
#endif
/*
* Remove __attribute__ ((foo)) on Windows
*/
#define __attribute__(attribute) /* do nothing */
/***
*** Network.
***/

View file

@ -371,11 +371,18 @@ isc_logconfig_destroy
isc_logconfig_get
isc_logconfig_use
isc_logfile_roll
isc_md5_check
isc_md5_final
isc_md5_init
isc_md5_invalidate
isc_md5_update
isc_md_new
isc_md_init
isc_md_reset
isc_md_update
isc_md_final
isc_md_free
isc_md_get_md_type
isc_md_get_size
isc_md_get_block_size
isc_md_type_get_size
isc_md_type_get_block_size
isc_md
isc_mem_attach
isc_mem_checkdestroyed
isc_mem_create
@ -527,35 +534,6 @@ isc_serial_gt
isc_serial_le
isc_serial_lt
isc_serial_ne
isc_sha1_check
isc_sha1_final
isc_sha1_init
isc_sha1_invalidate
isc_sha1_update
isc_sha224_data
isc_sha224_end
isc_sha224_final
isc_sha224_init
isc_sha224_invalidate
isc_sha224_update
isc_sha256_data
isc_sha256_end
isc_sha256_final
isc_sha256_init
isc_sha256_invalidate
isc_sha256_update
isc_sha384_data
isc_sha384_end
isc_sha384_final
isc_sha384_init
isc_sha384_invalidate
isc_sha384_update
isc_sha512_data
isc_sha512_end
isc_sha512_final
isc_sha512_init
isc_sha512_invalidate
isc_sha512_update
isc_sockaddr_any
isc_sockaddr_any6
isc_sockaddr_anyofpf

View file

@ -140,9 +140,6 @@
<ClInclude Include="..\include\isc\magic.h">
<Filter>Library Header Files</Filter>
</ClInclude>
<ClInclude Include="..\include\isc\md5.h">
<Filter>Library Header Files</Filter>
</ClInclude>
<ClInclude Include="..\include\isc\mem.h">
<Filter>Library Header Files</Filter>
</ClInclude>
@ -224,12 +221,6 @@
<ClInclude Include="..\include\isc\serial.h">
<Filter>Library Header Files</Filter>
</ClInclude>
<ClInclude Include="..\include\isc\sha1.h">
<Filter>Library Header Files</Filter>
</ClInclude>
<ClInclude Include="..\include\isc\sha2.h">
<Filter>Library Header Files</Filter>
</ClInclude>
<ClInclude Include="..\include\isc\sockaddr.h">
<Filter>Library Header Files</Filter>
</ClInclude>
@ -550,9 +541,6 @@
<ClCompile Include="..\log.c">
<Filter>Library Source Files</Filter>
</ClCompile>
<ClCompile Include="..\md5.c">
<Filter>Library Source Files</Filter>
</ClCompile>
<ClCompile Include="..\mem.c">
<Filter>Library Source Files</Filter>
</ClCompile>
@ -610,12 +598,6 @@
<ClCompile Include="..\serial.c">
<Filter>Library Source Files</Filter>
</ClCompile>
<ClCompile Include="..\sha1.c">
<Filter>Library Source Files</Filter>
</ClCompile>
<ClCompile Include="..\sha2.c">
<Filter>Library Source Files</Filter>
</ClCompile>
<ClCompile Include="..\sockaddr.c">
<Filter>Library Source Files</Filter>
</ClCompile>

View file

@ -328,7 +328,6 @@ copy InstallFiles ..\Build\Release\
<ClInclude Include="..\include\isc\list.h" />
<ClInclude Include="..\include\isc\log.h" />
<ClInclude Include="..\include\isc\magic.h" />
<ClInclude Include="..\include\isc\md5.h" />
<ClInclude Include="..\include\isc\mem.h" />
<ClInclude Include="..\include\isc\meminfo.h" />
<ClInclude Include="..\include\isc\msgcat.h" />
@ -356,8 +355,6 @@ copy InstallFiles ..\Build\Release\
<ClInclude Include="..\include\isc\rwlock.h" />
<ClInclude Include="..\include\isc\safe.h" />
<ClInclude Include="..\include\isc\serial.h" />
<ClInclude Include="..\include\isc\sha1.h" />
<ClInclude Include="..\include\isc\sha2.h" />
<ClInclude Include="..\include\isc\sockaddr.h" />
<ClInclude Include="..\include\isc\socket.h" />
<ClInclude Include="..\include\isc\stats.h" />
@ -442,7 +439,6 @@ copy InstallFiles ..\Build\Release\
<ClCompile Include="..\lfsr.c" />
<ClCompile Include="..\lib.c" />
<ClCompile Include="..\log.c" />
<ClCompile Include="..\md5.c" />
<ClCompile Include="..\mem.c" />
<ClCompile Include="..\mutexblock.c" />
<ClCompile Include="..\netaddr.c" />
@ -462,8 +458,6 @@ copy InstallFiles ..\Build\Release\
<ClCompile Include="..\result.c" />
<ClCompile Include="..\rwlock.c" />
<ClCompile Include="..\serial.c" />
<ClCompile Include="..\sha1.c" />
<ClCompile Include="..\sha2.c" />
<ClCompile Include="..\sockaddr.c" />
<ClCompile Include="..\stats.c" />
<ClCompile Include="..\string.c" />

View file

@ -53,7 +53,7 @@
</PrecompiledHeader>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>WIN32;USE_MD5;_DEBUG;_WINDOWS;_USRDLL;LIBISCCC_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;LIBISCCC_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@@OPENSSL_INC@include;..\include;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;..\..\dns\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeaderOutputFile>.\$(Configuration)\$(TargetName).pch</PrecompiledHeaderOutputFile>
@ -81,7 +81,7 @@
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>@INTRINSIC@</IntrinsicFunctions>
<PreprocessorDefinitions>WIN32;USE_MD5;NDEBUG;_WINDOWS;_USRDLL;LIBISCCC_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;LIBISCCC_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@@OPENSSL_INC@include;..\include;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;..\..\dns\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
<StringPooling>true</StringPooling>

View file

@ -53,7 +53,7 @@
</PrecompiledHeader>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>WIN32;USE_MD5;_DEBUG;_WINDOWS;_USRDLL;LIBISCCFG_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;LIBISCCFG_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>.\;..\..\..\;include;..\include;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;..\..\dns\include;@LIBXML2_INC@@GEOIP_INC@%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeaderOutputFile>.\$(Configuration)\$(TargetName).pch</PrecompiledHeaderOutputFile>
@ -81,7 +81,7 @@
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>@INTRINSIC@</IntrinsicFunctions>
<PreprocessorDefinitions>WIN32;USE_MD5;NDEBUG;_WINDOWS;_USRDLL;LIBISCCFG_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;LIBISCCFG_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>.\;..\..\..\;include;..\include;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;..\..\dns\include;@LIBXML2_INC@@GEOIP_INC@%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
<StringPooling>true</StringPooling>

View file

@ -3402,7 +3402,7 @@
./lib/isc/include/isc/list.h C 1997,1998,1999,2000,2001,2002,2004,2006,2007,2011,2012,2013,2016,2018
./lib/isc/include/isc/log.h C 1999,2000,2001,2002,2004,2005,2006,2007,2009,2014,2016,2017,2018
./lib/isc/include/isc/magic.h C 1999,2000,2001,2004,2005,2006,2007,2016,2017,2018
./lib/isc/include/isc/md5.h C 2000,2001,2004,2005,2006,2007,2009,2010,2014,2016,2017,2018
./lib/isc/include/isc/md.h C 2018
./lib/isc/include/isc/mem.h C 1997,1998,1999,2000,2001,2004,2005,2006,2007,2008,2009,2010,2011,2012,2013,2015,2016,2017,2018
./lib/isc/include/isc/meminfo.h C 2015,2016,2018
./lib/isc/include/isc/msgcat.h C 1999,2000,2001,2004,2005,2007,2016,2018
@ -3431,8 +3431,6 @@
./lib/isc/include/isc/rwlock.h C 1998,1999,2000,2001,2003,2004,2005,2006,2007,2016,2017,2018
./lib/isc/include/isc/safe.h C 2013,2015,2016,2017,2018
./lib/isc/include/isc/serial.h C 1999,2000,2001,2004,2005,2006,2007,2009,2016,2018
./lib/isc/include/isc/sha1.h C 2000,2001,2004,2005,2006,2007,2009,2014,2016,2017,2018
./lib/isc/include/isc/sha2.h C 2005,2006,2007,2009,2014,2016,2017,2018
./lib/isc/include/isc/sockaddr.h C 1998,1999,2000,2001,2002,2003,2004,2005,2006,2007,2009,2012,2015,2016,2018
./lib/isc/include/isc/socket.h C 1998,1999,2000,2001,2002,2004,2005,2006,2007,2008,2009,2011,2012,2013,2014,2016,2018
./lib/isc/include/isc/stats.h C 2009,2012,2016,2018
@ -3463,7 +3461,7 @@
./lib/isc/lfsr.c C 1999,2000,2001,2002,2004,2005,2007,2016,2018
./lib/isc/lib.c C 1999,2000,2001,2004,2005,2007,2009,2013,2014,2015,2016,2018
./lib/isc/log.c C 1999,2000,2001,2002,2003,2004,2005,2006,2007,2009,2011,2012,2013,2014,2016,2017,2018
./lib/isc/md5.c C 2000,2001,2004,2005,2007,2009,2014,2015,2016,2017,2018
./lib/isc/md.c C 2018
./lib/isc/mem.c C 1997,1998,1999,2000,2001,2002,2003,2004,2005,2006,2007,2008,2009,2010,2012,2013,2014,2015,2016,2017,2018
./lib/isc/mem_p.h C 2018
./lib/isc/mutexblock.c C 1999,2000,2001,2004,2005,2007,2011,2012,2016,2018
@ -3495,8 +3493,6 @@
./lib/isc/result.c C 1998,1999,2000,2001,2003,2004,2005,2007,2008,2012,2014,2015,2016,2017,2018
./lib/isc/rwlock.c C 1998,1999,2000,2001,2003,2004,2005,2007,2009,2011,2012,2015,2016,2017,2018
./lib/isc/serial.c C 1999,2000,2001,2004,2005,2007,2016,2018
./lib/isc/sha1.c C 2000,2001,2003,2004,2005,2007,2009,2011,2012,2014,2016,2017,2018
./lib/isc/sha2.c C 2005,2006,2007,2009,2011,2012,2014,2016,2017,2018
./lib/isc/sockaddr.c C 1999,2000,2001,2002,2003,2004,2005,2006,2007,2010,2011,2012,2014,2015,2016,2017,2018
./lib/isc/stats.c C 2009,2012,2013,2014,2015,2016,2017,2018
./lib/isc/string.c C 1999,2000,2001,2003,2004,2005,2006,2007,2011,2012,2014,2015,2016,2018
@ -3517,6 +3513,7 @@
./lib/isc/tests/isctest.c C 2011,2012,2013,2014,2016,2017,2018
./lib/isc/tests/isctest.h C 2011,2012,2016,2018
./lib/isc/tests/lex_test.c C 2013,2016,2018
./lib/isc/tests/md_test.c C 2018
./lib/isc/tests/mem_test.c C 2015,2016,2017,2018
./lib/isc/tests/netaddr_test.c C 2016,2018
./lib/isc/tests/parse_test.c C 2012,2013,2016,2018