diff options
author | Joe Orton <joe@manyfish.co.uk> | 2020-06-09 18:59:59 +0100 |
---|---|---|
committer | Joe Orton <jorton@apache.org> | 2020-06-18 08:01:27 +0100 |
commit | 564b8cb16b1f2ea59796792050962e8a74eacb52 (patch) | |
tree | adcafa957cb70864b2d272e66b941a4961207f15 | |
parent | 261ca93783b7ff405902b746c9968db6bc5f3fdb (diff) | |
download | neon-git-564b8cb16b1f2ea59796792050962e8a74eacb52.tar.gz |
Rename NE_STRHASH_MD5 to NE_HASH_MD5, add NE_HASH_SHA256 (for OpenSSL
only).
* src/ne_openssl.c (hash2hex): New function.
(ne_vstrhash): Support SHA256.
* src/ne_string.c: Adjust accordingly.
* test/auth.c: Adjust accordingly.
* test/string-tests.c (strhash): Adjust and also test SHA256.
-rw-r--r-- | src/ne_openssl.c | 31 | ||||
-rw-r--r-- | src/ne_string.c | 4 | ||||
-rw-r--r-- | src/ne_string.h | 8 | ||||
-rw-r--r-- | test/auth.c | 4 | ||||
-rw-r--r-- | test/string-tests.c | 26 |
5 files changed, 45 insertions, 28 deletions
diff --git a/src/ne_openssl.c b/src/ne_openssl.c index 73fc29f..108f36b 100644 --- a/src/ne_openssl.c +++ b/src/ne_openssl.c @@ -1139,31 +1139,44 @@ int ne_ssl_cert_digest(const ne_ssl_certificate *cert, char *digest) return 0; } -#ifdef HAVE_OPENSSL +static char *hash2hex(unsigned char *digest, size_t len) +{ + char *rv = ne_malloc(len * 2 + 1); + size_t n; + + for (n = 0; n < len; n++) { + rv[n*2] = NE_HEX2ASC(digest[n] >> 4); + rv[n*2+1] = NE_HEX2ASC(digest[n] & 0x0f); + } + + rv[len*2] = '\0'; + return rv; +} + char *ne_vstrhash(unsigned int flags, va_list ap) { EVP_MD_CTX *ctx = EVP_MD_CTX_new(); const EVP_MD *md; unsigned char v[EVP_MAX_MD_SIZE]; - char ret[33]; + unsigned int vlen; const char *arg; - if (flags != NE_STRHASH_MD5) return NULL; - - md = EVP_md5(); + switch (flags) { + case NE_HASH_MD5: md = EVP_md5(); break; + case NE_HASH_SHA256: md = EVP_sha256(); break; + default: return NULL; + } if (EVP_DigestInit(ctx, md) != 1) return NULL; while ((arg = va_arg(ap, const char *)) != NULL) EVP_DigestUpdate(ctx, arg, strlen(arg)); - EVP_DigestFinal_ex(ctx, v, NULL); - ne_md5_to_ascii(v, ret); + EVP_DigestFinal_ex(ctx, v, &vlen); EVP_MD_CTX_free(ctx); - return ne_strdup(ret); + return hash2hex(v, vlen); } -#endif #if defined(NE_HAVE_TS_SSL) && OPENSSL_VERSION_NUMBER < 0x10100000L /* From OpenSSL 1.1.0 locking callbacks are no longer needed. */ diff --git a/src/ne_string.c b/src/ne_string.c index b800569..613c9cd 100644 --- a/src/ne_string.c +++ b/src/ne_string.c @@ -624,8 +624,6 @@ char *ne_strhash(unsigned int flags, ...) { va_list ap; char *rv; - - if (flags != NE_STRHASH_MD5) return NULL; va_start(ap, flags); rv = ne_vstrhash(flags, ap); @@ -641,7 +639,7 @@ char *ne_vstrhash(unsigned int flags, va_list ap) const char *arg; struct ne_md5_ctx *ctx; - if (flags != NE_STRHASH_MD5) return NULL; + if (flags != NE_HASH_MD5) return NULL; ctx = ne_md5_create_ctx(); if (!ctx) return NULL; diff --git a/src/ne_string.h b/src/ne_string.h index 8baea5a..e94291d 100644 --- a/src/ne_string.h +++ b/src/ne_string.h @@ -152,9 +152,11 @@ char *ne_concat(const char *str, ...) /* Calculate hash over concatenation of NUL-terminated const char * * string arguments, up to a terminating NULL pointer, and return as a * malloc-allocated ASCII hex string. Uses hash type specified by - * 'flags', which must be non-zero. Returns NULL if the hash type is - * not supported or an internal error occurs. */ -#define NE_STRHASH_MD5 (0x0001) + * 'flags', which must be equal one of the NE_HASH_ values below. + * Returns NULL if the hash type is not supported or an internal error + * occurs. */ +#define NE_HASH_MD5 (0x0001) +#define NE_HASH_SHA256 (0x0002) char *ne_strhash(unsigned int flags, ...) ne_attribute_sentinel; /* Equivalent of ne_strhash(), taking va_list argument; the behaviour diff --git a/test/auth.c b/test/auth.c index 622b945..05bb058 100644 --- a/test/auth.c +++ b/test/auth.c @@ -427,10 +427,10 @@ static char *hash(struct digest_parms *p, char digest[33], ...) switch (p->alg) { case ALG_SHA256_SESS: case ALG_SHA256: - abort(); + flags = NE_HASH_SHA256; break; default: - flags = NE_STRHASH_MD5; + flags = NE_HASH_MD5; break; } diff --git a/test/string-tests.c b/test/string-tests.c index a0975e7..03911c4 100644 --- a/test/string-tests.c +++ b/test/string-tests.c @@ -36,7 +36,7 @@ #include "tests.h" #undef ONCMP -#define ONCMP(a,b) ONV(strcmp(a, b), \ +#define ONCMP(a,b) ONV(!a || strcmp(a, b), \ ("result was [%s] not [%s]", a, b)) static int simple(void) { @@ -497,7 +497,7 @@ static int printing(void) ret = ne_snprintf(buf, ts[n].pass, "%s", ts[n].in); - ONCMP(buf, ts[n].out); + ONCMP(ts[n].out, buf); ONV(ret != ts[n].ret, ("got return value %" NE_FMT_SIZE_T " not %" NE_FMT_SIZE_T, ret, ts[n].ret)); @@ -662,21 +662,25 @@ static char *test_vstrhash(unsigned int flags, ...) return rv; } +#define TEST1 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +#define TEST1_SHA "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1" + +#define ONVEC(args, expect) \ + do { char *h = ne_strhash args; ONCMP(h, expect); ne_free(h); } while (0) + static int strhash(void) { - char *h; - ONN("zero flags must return NULL", ne_strhash(0, "", NULL) != NULL); - ONN("zero flags must return NULL for vstrhash", test_vstrhash(0, "", NULL) != NULL); - h = ne_strhash(NE_STRHASH_MD5, "", NULL); - ONCMP(h, "d41d8cd98f00b204e9800998ecf8427e"); - ne_free(h); + ONVEC((NE_HASH_MD5, "", NULL), "d41d8cd98f00b204e9800998ecf8427e"); + ONVEC((NE_HASH_MD5, "foo", "ba", "r", NULL), "3858f62230ac3c915f300c664312c63f"); - h = ne_strhash(NE_STRHASH_MD5, "foo", "ba", "r", NULL); - ONCMP(h, "3858f62230ac3c915f300c664312c63f"); - ne_free(h); +#ifdef HAVE_OPENSSL + ONVEC((NE_HASH_SHA256, TEST1, NULL), TEST1_SHA); + ONVEC((NE_HASH_SHA256, "foobar", "foo", "bar", "f", "oobar", NULL), + "d173c93898d3ca8455a4526e0af2a1aee9b91c8ec19adac16e6e8be2da09436c"); +#endif return OK; } |