Radish alpha
H
HardenedBSD-pkg
rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9
HardenedBSD Package Manager
Radicle
Git
Commits 2aa99e8
Drop dependency on openssl for sha256
Baptiste Daroussin committed 9 years ago
commit 2aa99e8cae633ffca97b24478065498da424b986
parent 316abac
3 files changed +26 -25
modified libpkg/Makefile.am
@@ -64,7 +64,8 @@ libpkg_la_SOURCES= pkg.c \
			plugins.c \

			pkg_old.c \

			merge3.c \
- 
			diff.c
+ 
			diff.c \
+ 
			sha256.c



if HAVE_ELF_ABI

libpkg_la_SOURCES+=	elfhints.c \
modified libpkg/pkg_checksum.c
@@ -31,7 +31,7 @@
#include "pkg.h"

#include "private/pkg.h"

#include "private/event.h"
- 
#include <openssl/sha.h>
+ 
#include "sha256.h"

#include "blake2.h"



struct pkg_checksum_entry {
@@ -44,7 +44,7 @@ struct pkg_checksum_entry {
#define PKG_CKSUM_SEPARATOR '$'



/* Hash is in format <version>:<typeid>:<hexhash> */
- 
#define PKG_CHECKSUM_SHA256_LEN (SHA256_DIGEST_LENGTH * 2 + 1)
+ 
#define PKG_CHECKSUM_SHA256_LEN (SHA256_BLOCK_SIZE * 2 + 1)

#define PKG_CHECKSUM_BLAKE2_LEN (BLAKE2B_OUTBYTES * 8 / 5 + sizeof("100") * 2 + 2)

#define PKG_CHECKSUM_CUR_VERSION 2
@@ -109,7 +109,7 @@ static const struct _pkg_cksum_type {
	},

	[PKG_HASH_TYPE_SHA256_RAW] = {

		"sha256_raw",
- 
		SHA256_DIGEST_LENGTH,
+ 
		SHA256_BLOCK_SIZE,

		pkg_checksum_hash_sha256,

		pkg_checksum_hash_sha256_bulk,

		pkg_checksum_hash_sha256_file,
@@ -349,17 +349,17 @@ pkg_checksum_hash_sha256(struct pkg_checksum_entry *entries,
{

	SHA256_CTX sign_ctx;
- 
	SHA256_Init(&sign_ctx);
+ 
	sha256_init(&sign_ctx);



	while(entries) {
- 
		SHA256_Update(&sign_ctx, entries->field, strlen(entries->field));
- 
		SHA256_Update(&sign_ctx, entries->value, strlen(entries->value));
+ 
		sha256_update(&sign_ctx, entries->field, strlen(entries->field));
+ 
		sha256_update(&sign_ctx, entries->value, strlen(entries->value));

		entries = entries->next;

	}
- 
	*out = malloc(SHA256_DIGEST_LENGTH);
+ 
	*out = malloc(SHA256_BLOCK_SIZE);

	if (*out != NULL) {
- 
		SHA256_Final(*out, &sign_ctx);
- 
		*outlen = SHA256_DIGEST_LENGTH;
+ 
		sha256_final(&sign_ctx, *out);
+ 
		*outlen = SHA256_BLOCK_SIZE;

	}

	else {

		pkg_emit_errno("malloc", "pkg_checksum_hash_sha256");
@@ -373,11 +373,11 @@ pkg_checksum_hash_sha256_bulk(const unsigned char *in, size_t inlen,
{

	SHA256_CTX sign_ctx;
- 
	*out = malloc(SHA256_DIGEST_LENGTH);
- 
	SHA256_Init(&sign_ctx);
- 
	SHA256_Update(&sign_ctx, in, inlen);
- 
	SHA256_Final(*out, &sign_ctx);
- 
	*outlen = SHA256_DIGEST_LENGTH;
+ 
	*out = malloc(SHA256_BLOCK_SIZE);
+ 
	sha256_init(&sign_ctx);
+ 
	sha256_update(&sign_ctx, in, inlen);
+ 
	sha256_final(&sign_ctx, *out);
+ 
	*outlen = SHA256_BLOCK_SIZE;

}



static void
@@ -387,12 +387,12 @@ pkg_checksum_hash_sha256_file(int fd, unsigned char **out, size_t *outlen)
	size_t r;



	SHA256_CTX sign_ctx;
- 
	*out = malloc(SHA256_DIGEST_LENGTH);
- 
	SHA256_Init(&sign_ctx);
+ 
	*out = malloc(SHA256_BLOCK_SIZE);
+ 
	sha256_init(&sign_ctx);

	while ((r = read(fd, buffer, sizeof(buffer))) > 0)
- 
		SHA256_Update(&sign_ctx, buffer, r);
- 
	SHA256_Final(*out, &sign_ctx);
- 
	*outlen = SHA256_DIGEST_LENGTH;
+ 
		sha256_update(&sign_ctx, buffer, r);
+ 
	sha256_final(&sign_ctx, *out);
+ 
	*outlen = SHA256_BLOCK_SIZE;

}



static void
modified libpkg/pkg_manifest.c
@@ -37,8 +37,8 @@
#include <stdlib.h>

#include <string.h>

#include <ucl.h>
- 
#include <openssl/sha.h>
+ 
#include "sha256.h"

#include "pkg.h"

#include "private/event.h"

#include "private/pkg.h"
@@ -1296,14 +1296,14 @@ pkg_emit_manifest_generic(struct pkg *pkg, void *out, short flags,
	    char **pdigest, bool out_is_a_sbuf)

{

	struct sbuf *output = NULL;
- 
	unsigned char digest[SHA256_DIGEST_LENGTH];
+ 
	unsigned char digest[SHA256_BLOCK_SIZE];

	SHA256_CTX *sign_ctx = NULL;

	int rc;



	if (pdigest != NULL) {

		*pdigest = malloc(sizeof(digest) * 2 + 1);

		sign_ctx = malloc(sizeof(SHA256_CTX));
- 
		SHA256_Init(sign_ctx);
+ 
		sha256_init(sign_ctx);

	}



	if (out_is_a_sbuf)
@@ -1312,13 +1312,13 @@ pkg_emit_manifest_generic(struct pkg *pkg, void *out, short flags,
	rc = emit_manifest(pkg, &output, flags);



	if (sign_ctx != NULL)
- 
		SHA256_Update(sign_ctx, sbuf_data(output), sbuf_len(output));
+ 
		sha256_update(sign_ctx, sbuf_data(output), sbuf_len(output));



	if (!out_is_a_sbuf)

		fprintf(out, "%s\n", sbuf_data(output));



	if (pdigest != NULL) {
- 
		SHA256_Final(digest, sign_ctx);
+ 
		sha256_final(sign_ctx, digest);

		pkg_emit_manifest_digest(digest, sizeof(digest), *pdigest);

		free(sign_ctx);

	}