diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2009-12-05 09:58:55 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2009-12-05 09:58:55 +0200 |
| commit | 73d29186d2c962ec53aae56e0d1aeb2cab073628 (patch) | |
| tree | adc1eb45eabad38d028873a4f52b7fcd774934eb | |
| parent | 8d7fd3776ca104cf92a8ebae05ef7a270bd8e95b (diff) | |
| download | gnutls-73d29186d2c962ec53aae56e0d1aeb2cab073628.tar.gz | |
Revert "Added plain MD5 hash check and corrected gnutls_hash_fast() usage in openssl.c"
This reverts commit 54486afbfcf3398846d5c20d3094bdb7d0a43ff2.
| -rw-r--r-- | lib/gnutls_hash_int.c | 19 | ||||
| -rw-r--r-- | lib/includes/gnutls/crypto.h | 3 | ||||
| -rw-r--r-- | lib/mac-libgcrypt.c | 16 | ||||
| -rw-r--r-- | libextra/gnutls_openssl.c | 4 | ||||
| -rw-r--r-- | tests/gc.c | 16 |
5 files changed, 30 insertions, 28 deletions
diff --git a/lib/gnutls_hash_int.c b/lib/gnutls_hash_int.c index 682cb2347c..c70fa8f81b 100644 --- a/lib/gnutls_hash_int.c +++ b/lib/gnutls_hash_int.c @@ -110,25 +110,40 @@ _gnutls_hash_init (hash_hd_st * dig, gnutls_digest_algorithm_t algorithm, dig->registered = 1; dig->hd.rh.cc = cc; - if (cc->init (algorithm, &dig->hd.rh.ctx, key, keylen) < 0) + if (cc->init (algorithm, &dig->hd.rh.ctx) < 0) { gnutls_assert (); return GNUTLS_E_HASH_FAILED; } + if (key) + { + if (cc->setkey == NULL || cc->setkey (dig->hd.rh.ctx, key, keylen) < 0) + { + gnutls_assert (); + cc->deinit (dig->hd.rh.ctx); + return GNUTLS_E_HASH_FAILED; + } + } + dig->active = 1; return 0; } dig->registered = 0; - result = _gnutls_mac_ops.init (algorithm, &dig->hd.gc, key, keylen); + result = _gnutls_mac_ops.init (algorithm, &dig->hd.gc); if (result < 0) { gnutls_assert (); return result; } + if (key) + { + _gnutls_mac_ops.setkey (dig->hd.gc, key, keylen); + } + dig->active = 1; return 0; } diff --git a/lib/includes/gnutls/crypto.h b/lib/includes/gnutls/crypto.h index ac67386fdf..d348864519 100644 --- a/lib/includes/gnutls/crypto.h +++ b/lib/includes/gnutls/crypto.h @@ -70,7 +70,8 @@ typedef struct typedef struct { - int (*init) (gnutls_mac_algorithm_t, void **ctx, const void* key, size_t keysize); + int (*init) (gnutls_mac_algorithm_t, void **ctx); + int (*setkey) (void *ctx, const void *key, size_t keysize); int (*hash) (void *ctx, const void *text, size_t textsize); int (*copy) (void **dst_ctx, void *src_ctx); int (*output) (void *src_ctx, void *digest, size_t digestsize); diff --git a/lib/mac-libgcrypt.c b/lib/mac-libgcrypt.c index 75f5fccd16..acb9deba1d 100644 --- a/lib/mac-libgcrypt.c +++ b/lib/mac-libgcrypt.c @@ -31,12 +31,10 @@ #include <gcrypt.h> static int -wrap_gcry_mac_init (gnutls_digest_algorithm_t algo, void **ctx, const void* key, size_t keylen) +wrap_gcry_mac_init (gnutls_digest_algorithm_t algo, void **ctx) { int err; - unsigned int flags = 0; - - if (key) flags = GCRY_MD_FLAG_HMAC; + unsigned int flags = GCRY_MD_FLAG_HMAC; switch (algo) { @@ -66,9 +64,6 @@ wrap_gcry_mac_init (gnutls_digest_algorithm_t algo, void **ctx, const void* key, return GNUTLS_E_INVALID_REQUEST; } - if (key) - gcry_md_setkey ((gcry_md_hd_t) *ctx, key, keylen); - if (err == 0) return 0; @@ -77,6 +72,12 @@ wrap_gcry_mac_init (gnutls_digest_algorithm_t algo, void **ctx, const void* key, } static int +wrap_gcry_md_setkey (void *ctx, const void *key, size_t keylen) +{ + return gcry_md_setkey ((gcry_md_hd_t) ctx, key, keylen); +} + +static int wrap_gcry_md_write (void *ctx, const void *text, size_t textsize) { gcry_md_write (ctx, text, textsize); @@ -118,6 +119,7 @@ int crypto_mac_prio = INT_MAX; gnutls_crypto_digest_st _gnutls_mac_ops = { .init = wrap_gcry_mac_init, + .setkey = wrap_gcry_md_setkey, .hash = wrap_gcry_md_write, .copy = wrap_gcry_md_copy, .output = wrap_gcry_mac_output, diff --git a/libextra/gnutls_openssl.c b/libextra/gnutls_openssl.c index edec49528f..56aa0dbee7 100644 --- a/libextra/gnutls_openssl.c +++ b/libextra/gnutls_openssl.c @@ -1034,7 +1034,7 @@ MD5 (const unsigned char *buf, unsigned long len, unsigned char *md) if (!md) return NULL; - _gnutls_hash_fast (GNUTLS_DIG_MD5, NULL, 0, buf, len, md); + _gnutls_hash_fast (GNUTLS_DIG_MD5, buf, len, NULL, 0, md); return md; } @@ -1067,7 +1067,7 @@ RIPEMD160 (const unsigned char *buf, unsigned long len, unsigned char *md) if (!md) return NULL; - _gnutls_hash_fast (GNUTLS_DIG_RMD160, NULL, 0, buf, len, md); + _gnutls_hash_fast (GNUTLS_DIG_RMD160, buf, len, NULL, 0, md); return md; } diff --git a/tests/gc.c b/tests/gc.c index 9330ac2fc3..86614ac6a1 100644 --- a/tests/gc.c +++ b/tests/gc.c @@ -42,22 +42,6 @@ doit (void) gnutls_global_init (); err = - _gnutls_hash_fast (GNUTLS_MAC_MD5, NULL, 0, "testtest", 8, digest); - if (err < 0) - fail ("_gnutls_hash_fast(MD5) failed: %d\n", err); - else - { - if (memcmp (digest, "\x05\xa6\x71\xc6\x6a\xef\xea\x12\x4c\xc0\x8b\x76\xea\x6d\x30\xbb", 16) == 0) - success ("HASH: _gnutls_hash_fast(MD5) OK\n"); - else - { - hexprint (digest, 16); - fail ("HASH: _gnutls_hash_fast(MD5) failure\n"); - } - } - - - err = _gnutls_hash_fast (GNUTLS_MAC_MD5, "keykeykey", 9, "abcdefgh", 8, digest); if (err < 0) fail ("_gnutls_hash_fast(MD5) failed: %d\n", err); |