Rename NE_STRHASH_MD5 to NE_HASH_MD5, add NE_HASH_SHA256 (for OpenSSL

only).

* src/ne_openssl.c (hash2hex): New function.
  (ne_vstrhash): Support SHA256.

* src/ne_string.c: Adjust accordingly.

* test/auth.c: Adjust accordingly.

* test/string-tests.c (strhash): Adjust and also test SHA256.

5 files changed, 45 insertions, 28 deletions

diff --git a/src/ne_openssl.c b/src/ne_openssl.c
index 73fc29f..108f36b 100644
--- a/src/ne_openssl.c
+++ b/src/ne_openssl.c
@@ -1139,31 +1139,44 @@ int ne_ssl_cert_digest(const ne_ssl_certificate *cert, char *digest)
     return 0;
 }
 
-#ifdef HAVE_OPENSSL
+static char *hash2hex(unsigned char *digest, size_t len)
+{
+    char *rv = ne_malloc(len * 2 + 1);
+    size_t n;
+
+    for (n = 0; n < len; n++) {
+	rv[n*2] = NE_HEX2ASC(digest[n] >> 4);
+	rv[n*2+1] = NE_HEX2ASC(digest[n] & 0x0f);
+    }
+
+    rv[len*2] = '\0';
+    return rv;
+}
+
 char *ne_vstrhash(unsigned int flags, va_list ap)
 {
     EVP_MD_CTX *ctx = EVP_MD_CTX_new();
     const EVP_MD *md;
     unsigned char v[EVP_MAX_MD_SIZE];
-    char ret[33];
+    unsigned int vlen;
     const char *arg;
 
-    if (flags != NE_STRHASH_MD5) return NULL;
-
-    md = EVP_md5();
+    switch (flags) {
+    case NE_HASH_MD5: md = EVP_md5(); break;
+    case NE_HASH_SHA256: md = EVP_sha256(); break;
+    default: return NULL;
+    }
 
     if (EVP_DigestInit(ctx, md) != 1) return NULL;
 
     while ((arg = va_arg(ap, const char *)) != NULL)
         EVP_DigestUpdate(ctx, arg, strlen(arg));
 
-    EVP_DigestFinal_ex(ctx, v, NULL);
-    ne_md5_to_ascii(v, ret);
+    EVP_DigestFinal_ex(ctx, v, &vlen);
     EVP_MD_CTX_free(ctx);
 
-    return ne_strdup(ret);
+    return hash2hex(v, vlen);
 }
-#endif
 
 #if defined(NE_HAVE_TS_SSL) && OPENSSL_VERSION_NUMBER < 0x10100000L
 /* From OpenSSL 1.1.0 locking callbacks are no longer needed. */
diff --git a/src/ne_string.c b/src/ne_string.c
index b800569..613c9cd 100644
--- a/src/ne_string.c
+++ b/src/ne_string.c
@@ -624,8 +624,6 @@ char *ne_strhash(unsigned int flags, ...)
 {
     va_list ap;
     char *rv;
-
-    if (flags != NE_STRHASH_MD5) return NULL;
     
     va_start(ap, flags);
     rv = ne_vstrhash(flags, ap);
@@ -641,7 +639,7 @@ char *ne_vstrhash(unsigned int flags, va_list ap)
     const char *arg;
     struct ne_md5_ctx *ctx;
 
-    if (flags != NE_STRHASH_MD5) return NULL;
+    if (flags != NE_HASH_MD5) return NULL;
 
     ctx = ne_md5_create_ctx();
     if (!ctx) return NULL;
diff --git a/src/ne_string.h b/src/ne_string.h
index 8baea5a..e94291d 100644
--- a/src/ne_string.h
+++ b/src/ne_string.h
@@ -152,9 +152,11 @@ char *ne_concat(const char *str, ...)
 /* Calculate hash over concatenation of NUL-terminated const char *
  * string arguments, up to a terminating NULL pointer, and return as a
  * malloc-allocated ASCII hex string.  Uses hash type specified by
- * 'flags', which must be non-zero.  Returns NULL if the hash type is
- * not supported or an internal error occurs. */
-#define NE_STRHASH_MD5     (0x0001)
+ * 'flags', which must be equal one of the NE_HASH_ values below.
+ * Returns NULL if the hash type is not supported or an internal error
+ * occurs. */
+#define NE_HASH_MD5       (0x0001)
+#define NE_HASH_SHA256    (0x0002)
 char *ne_strhash(unsigned int flags, ...)
     ne_attribute_sentinel;
 /* Equivalent of ne_strhash(), taking va_list argument; the behaviour
diff --git a/test/auth.c b/test/auth.c
index 622b945..05bb058 100644
--- a/test/auth.c
+++ b/test/auth.c
@@ -427,10 +427,10 @@ static char *hash(struct digest_parms *p, char digest[33], ...)
     switch (p->alg) {
     case ALG_SHA256_SESS:
     case ALG_SHA256:
-        abort();
+        flags = NE_HASH_SHA256;
         break;
     default:
-        flags = NE_STRHASH_MD5;
+        flags = NE_HASH_MD5;
         break;
     }
 
diff --git a/test/string-tests.c b/test/string-tests.c
index a0975e7..03911c4 100644
--- a/test/string-tests.c
+++ b/test/string-tests.c
@@ -36,7 +36,7 @@
 #include "tests.h"
 
 #undef ONCMP
-#define ONCMP(a,b) ONV(strcmp(a, b), \
+#define ONCMP(a,b) ONV(!a || strcmp(a, b), \
 		       ("result was [%s] not [%s]", a, b))
 
 static int simple(void) {
@@ -497,7 +497,7 @@ static int printing(void)
 
         ret = ne_snprintf(buf, ts[n].pass, "%s", ts[n].in);
         
-        ONCMP(buf, ts[n].out);
+        ONCMP(ts[n].out, buf);
         ONV(ret != ts[n].ret, 
             ("got return value %" NE_FMT_SIZE_T " not %" NE_FMT_SIZE_T,
              ret, ts[n].ret));
@@ -662,21 +662,25 @@ static char *test_vstrhash(unsigned int flags, ...)
     return rv;
 }
 
+#define TEST1 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+#define TEST1_SHA "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1"
+
+#define ONVEC(args, expect) \
+    do { char *h = ne_strhash args; ONCMP(h, expect); ne_free(h); } while (0)
+
 static int strhash(void)
 {
-    char *h;
-
     ONN("zero flags must return NULL", ne_strhash(0, "", NULL) != NULL);
-
     ONN("zero flags must return NULL for vstrhash", test_vstrhash(0, "", NULL) != NULL);
     
-    h = ne_strhash(NE_STRHASH_MD5, "", NULL);
-    ONCMP(h, "d41d8cd98f00b204e9800998ecf8427e");
-    ne_free(h);
+    ONVEC((NE_HASH_MD5, "", NULL), "d41d8cd98f00b204e9800998ecf8427e");
+    ONVEC((NE_HASH_MD5, "foo", "ba", "r", NULL), "3858f62230ac3c915f300c664312c63f");
 
-    h = ne_strhash(NE_STRHASH_MD5, "foo", "ba", "r", NULL);
-    ONCMP(h, "3858f62230ac3c915f300c664312c63f");
-    ne_free(h);
+#ifdef HAVE_OPENSSL
+    ONVEC((NE_HASH_SHA256, TEST1, NULL), TEST1_SHA);
+    ONVEC((NE_HASH_SHA256, "foobar", "foo", "bar", "f", "oobar", NULL),
+          "d173c93898d3ca8455a4526e0af2a1aee9b91c8ec19adac16e6e8be2da09436c");
+#endif
 
     return OK;
 }