tls: add NSS version for SHA1 computing function.

14 years ago · 3df20d0544
parent 9071bcf983
commit 3df20d0544
2 changed files with 50 additions and 11 deletions
--- a/src/util-crypt.c
+++ b/src/util-crypt.c
@ -22,9 +22,18 @@
 *
 * Implements cryptographic functions.
 * Based on the libtomcrypt library ( http://libtom.org/?page=features&newsitems=5&whatfile=crypt )
+ * 
+ * Implementation of function using NSS is not linked with libtomcrypt.
 */

+#include "suricata-common.h"
+#include "suricata.h"
 #include "util-crypt.h"
+#ifdef HAVE_NSS
+#include <sechash.h>
+#endif
+
+#ifndef HAVE_NSS

 #define F0(x,y,z)  (z ^ (x & (y ^ z)))
 #define F1(x,y,z)  (x ^ y ^ z)
@ -227,6 +236,32 @@ unsigned char* ComputeSHA1(unsigned char* buff, int bufflen)
    return lResult;
 }

+#else /* HAVE_NSS */
+
+unsigned char* ComputeSHA1(unsigned char* buff, int bufflen)
+{
+    HASHContext *sha1_ctx = HASH_Create(HASH_AlgSHA1);
+    unsigned char* lResult = NULL;
+    unsigned int rlen;
+    if (sha1_ctx == NULL) {
+        return NULL;
+    }
+
+    lResult = (unsigned char*) SCMalloc((sizeof(unsigned char) * 20));
+    if (lResult == NULL) {
+        HASH_Destroy(sha1_ctx);
+        return NULL;
+    }
+    HASH_Begin(sha1_ctx);
+    HASH_Update(sha1_ctx, buff, bufflen);
+    HASH_End(sha1_ctx, lResult, &rlen, (sizeof(unsigned char) * 20));
+    HASH_Destroy(sha1_ctx);
+
+    return lResult;
+}
+
+#endif /* HAVE_NSS */
+
 static const char *b64codes = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";

 int Base64Encode(const unsigned char *in,  unsigned long inlen,
--- a/src/util-crypt.h
+++ b/src/util-crypt.h
@ -29,6 +29,19 @@

 #include "suricata-common.h"

+typedef enum {
+    SC_SHA_1_OK,
+    SC_SHA_1_NOK,
+    SC_SHA_1_INVALID_ARG,
+
+    SC_BASE64_OK,
+    SC_BASE64_INVALID_ARG,
+    SC_BASE64_OVERFLOW,
+
+} CryptId;
+
+#ifndef HAVE_NSS
+
 #define LOAD32H(x, y)                            \
     { x = ((unsigned long)((y)[0] & 255)<<24) | \
           ((unsigned long)((y)[1] & 255)<<16) | \
@ -49,17 +62,6 @@
 #define ROLc(x, y) ( (((unsigned long)(x)<<(unsigned long)((y)&31)) | (((unsigned long)(x)&0xFFFFFFFFUL)>>(unsigned long)(32-((y)&31)))) & 0xFFFFFFFFUL)
 #define MIN(x, y) ( ((x)<(y))?(x):(y) )

-typedef enum {
-    SC_SHA_1_OK,
-    SC_SHA_1_NOK,
-    SC_SHA_1_INVALID_ARG,
-
-    SC_BASE64_OK,
-    SC_BASE64_INVALID_ARG,
-    SC_BASE64_OVERFLOW,
-
-} CryptId;
-
 typedef struct Sha1State_ {
    uint64_t length;
    uint32_t state[5], curlen;
@ -72,6 +74,8 @@ typedef union HashState_ {
    void *data;
 } HashState;

+#endif /* don't HAVE_NSS */
+
 unsigned char* ComputeSHA1(unsigned char* buff, int bufflen);
 int Base64Encode(const unsigned char *in,  unsigned long inlen, unsigned char *out, unsigned long *outlen);