diff options
author | louiz’ <louiz@louiz.org> | 2017-03-06 00:51:43 +0100 |
---|---|---|
committer | louiz’ <louiz@louiz.org> | 2017-03-06 00:57:33 +0100 |
commit | 99a4ddedaf903d27b781341108433ae2d9533ad1 (patch) | |
tree | 2662dddda921d84f6fd348e46f154261ad46c17a /louloulibs | |
parent | d81c3ad5ac2c12130d90044b7597bf962a7cfe9e (diff) | |
download | biboumi-99a4ddedaf903d27b781341108433ae2d9533ad1.tar.gz biboumi-99a4ddedaf903d27b781341108433ae2d9533ad1.tar.bz2 biboumi-99a4ddedaf903d27b781341108433ae2d9533ad1.tar.xz biboumi-99a4ddedaf903d27b781341108433ae2d9533ad1.zip |
Remove the embedded sha1 code, and use one of botan or gcrypt
This adds a hard dependency on one of Botan or gcrypt. Botan is already a
recommended dependency, and gcrypt is probably packaged almost everywhere,
so this should not be a big deal.
ref #3241
Diffstat (limited to 'louloulibs')
-rw-r--r-- | louloulibs/CMakeLists.txt | 11 | ||||
-rw-r--r-- | louloulibs/cmake/Modules/FindGCRYPT.cmake | 35 | ||||
-rw-r--r-- | louloulibs/louloulibs.h.cmake | 1 | ||||
-rw-r--r-- | louloulibs/utils/sha1.cpp | 151 | ||||
-rw-r--r-- | louloulibs/utils/sha1.hpp | 34 | ||||
-rw-r--r-- | louloulibs/xmpp/auth.cpp | 15 |
6 files changed, 82 insertions, 165 deletions
diff --git a/louloulibs/CMakeLists.txt b/louloulibs/CMakeLists.txt index f672833..2268571 100644 --- a/louloulibs/CMakeLists.txt +++ b/louloulibs/CMakeLists.txt @@ -33,6 +33,10 @@ elseif(NOT WITHOUT_BOTAN) find_package(BOTAN) endif() +if(NOT BOTAN_FOUND) + find_package(GCRYPT REQUIRED) +endif() + if(WITH_UDNS) find_package(UDNS REQUIRED) elseif(NOT WITHOUT_UDNS) @@ -67,6 +71,11 @@ if(BOTAN_FOUND) set(BOTAN_FOUND ${BOTAN_FOUND} PARENT_SCOPE) set(BOTAN_INCLUDE_DIRS ${BOTAN_INCLUDE_DIRS} PARENT_SCOPE) endif() +if(GCRYPT_FOUND) + include_directories(SYSTEM ${GCRYPT_INCLUDE_DIRS}) + set(GCRYPT_FOUND ${GCRYPT_FOUND} PARENT_SCOPE) + set(GCRYPT_INCLUDE_DIRS ${GCRYPT_INCLUDE_DIRS} PARENT_SCOPE) +endif() if(UDNS_FOUND) include_directories(${UDNS_INCLUDE_DIRS}) @@ -117,6 +126,8 @@ add_library(network STATIC ${source_network}) target_link_libraries(network logger) if(BOTAN_FOUND) target_link_libraries(network ${BOTAN_LIBRARIES}) +elseif(GCRYPT_FOUND) + target_link_libraries(network ${GCRYPT_LIBRARIES}) endif() if(UDNS_FOUND) target_link_libraries(network ${UDNS_LIBRARIES}) diff --git a/louloulibs/cmake/Modules/FindGCRYPT.cmake b/louloulibs/cmake/Modules/FindGCRYPT.cmake new file mode 100644 index 0000000..bb1bc67 --- /dev/null +++ b/louloulibs/cmake/Modules/FindGCRYPT.cmake @@ -0,0 +1,35 @@ +# - Find gcrypt +# Find the gcrypt cryptographic library +# +# This module defines the following variables: +# GCRYPT_FOUND - True if library and include directory are found +# If set to TRUE, the following are also defined: +# GCRYPT_INCLUDE_DIRS - The directory where to find the header file +# GCRYPT_LIBRARIES - Where to find the library file +# +# For conveniance, these variables are also set. They have the same values +# than the variables above. The user can thus choose his/her prefered way +# to write them. +# GCRYPT_LIBRARY +# GCRYPT_INCLUDE_DIR +# +# This file is in the public domain + +find_path(GCRYPT_INCLUDE_DIRS NAMES gcrypt.h + PATH_SUFFIXES gcrypt + DOC "The gcrypt include directory") + +find_library(GCRYPT_LIBRARIES NAMES gcrypt + DOC "The gcrypt library") + +# Use some standard module to handle the QUIETLY and REQUIRED arguments, and +# set GCRYPT_FOUND to TRUE if these two variables are set. +include(FindPackageHandleStandardArgs) +find_package_handle_standard_args(GCRYPT REQUIRED_VARS GCRYPT_LIBRARIES GCRYPT_INCLUDE_DIRS) + +if(GCRYPT_FOUND) + set(GCRYPT_LIBRARY ${GCRYPT_LIBRARIES}) + set(GCRYPT_INCLUDE_DIR ${GCRYPT_INCLUDE_DIRS}) +endif() + +mark_as_advanced(GCRYPT_INCLUDE_DIRS GCRYPT_LIBRARIES) diff --git a/louloulibs/louloulibs.h.cmake b/louloulibs/louloulibs.h.cmake index e2b2e25..5777d92 100644 --- a/louloulibs/louloulibs.h.cmake +++ b/louloulibs/louloulibs.h.cmake @@ -3,6 +3,7 @@ #cmakedefine SYSTEMD_FOUND #cmakedefine POLLER ${POLLER} #cmakedefine BOTAN_FOUND +#cmakedefine GCRYPT_FOUND #cmakedefine UDNS_FOUND #cmakedefine SOFTWARE_VERSION "${SOFTWARE_VERSION}" #cmakedefine PROJECT_NAME "${PROJECT_NAME}" diff --git a/louloulibs/utils/sha1.cpp b/louloulibs/utils/sha1.cpp index f75bc2a..71ad18d 100644 --- a/louloulibs/utils/sha1.cpp +++ b/louloulibs/utils/sha1.cpp @@ -1,121 +1,32 @@ -/* This code is public-domain - it is based on libcrypt - * placed in the public domain by Wei Dai and other contributors. - */ - -#include "sha1.hpp" - -#define SHA1_K0 0x5a827999 -#define SHA1_K20 0x6ed9eba1 -#define SHA1_K40 0x8f1bbcdc -#define SHA1_K60 0xca62c1d6 - -const uint8_t sha1InitState[] = { - 0x01,0x23,0x45,0x67, // H0 - 0x89,0xab,0xcd,0xef, // H1 - 0xfe,0xdc,0xba,0x98, // H2 - 0x76,0x54,0x32,0x10, // H3 - 0xf0,0xe1,0xd2,0xc3 // H4 -}; - -void sha1_init(sha1nfo *s) { - memcpy(s->state.b,sha1InitState,HASH_LENGTH); - s->byteCount = 0; - s->bufferOffset = 0; -} - -uint32_t sha1_rol32(uint32_t number, uint8_t bits) { - return ((number << bits) | (number >> (32-bits))); -} - -void sha1_hashBlock(sha1nfo *s) { - uint8_t i; - uint32_t a,b,c,d,e,t; - - a=s->state.w[0]; - b=s->state.w[1]; - c=s->state.w[2]; - d=s->state.w[3]; - e=s->state.w[4]; - for (i=0; i<80; i++) { - if (i>=16) { - t = s->buffer.w[(i+13)&15] ^ s->buffer.w[(i+8)&15] ^ s->buffer.w[(i+2)&15] ^ s->buffer.w[i&15]; - s->buffer.w[i&15] = sha1_rol32(t,1); - } - if (i<20) { - t = (d ^ (b & (c ^ d))) + SHA1_K0; - } else if (i<40) { - t = (b ^ c ^ d) + SHA1_K20; - } else if (i<60) { - t = ((b & c) | (d & (b | c))) + SHA1_K40; - } else { - t = (b ^ c ^ d) + SHA1_K60; - } - t+=sha1_rol32(a,5) + e + s->buffer.w[i&15]; - e=d; - d=c; - c=sha1_rol32(b,30); - b=a; - a=t; - } - s->state.w[0] += a; - s->state.w[1] += b; - s->state.w[2] += c; - s->state.w[3] += d; - s->state.w[4] += e; -} - -void sha1_addUncounted(sha1nfo *s, uint8_t data) { - s->buffer.b[s->bufferOffset ^ 3] = data; - s->bufferOffset++; - if (s->bufferOffset == BLOCK_LENGTH) { - sha1_hashBlock(s); - s->bufferOffset = 0; - } -} - -void sha1_writebyte(sha1nfo *s, uint8_t data) { - ++s->byteCount; - sha1_addUncounted(s, data); -} - -void sha1_write(sha1nfo *s, const char *data, size_t len) { - for (;len--;) sha1_writebyte(s, (uint8_t) *data++); -} - -void sha1_pad(sha1nfo *s) { - // Implement SHA-1 padding (fips180-2 §5.1.1) - - // Pad with 0x80 followed by 0x00 until the end of the block - sha1_addUncounted(s, 0x80); - while (s->bufferOffset != 56) sha1_addUncounted(s, 0x00); - - // Append length in the last 8 bytes - sha1_addUncounted(s, 0); // We're only using 32 bit lengths - sha1_addUncounted(s, 0); // But SHA-1 supports 64 bit lengths - sha1_addUncounted(s, 0); // So zero pad the top bits - sha1_addUncounted(s, s->byteCount >> 29); // Shifting to multiply by 8 - sha1_addUncounted(s, s->byteCount >> 21); // as SHA-1 supports bitstreams as well as - sha1_addUncounted(s, s->byteCount >> 13); // byte. - sha1_addUncounted(s, s->byteCount >> 5); - sha1_addUncounted(s, s->byteCount << 3); -} - -uint8_t* sha1_result(sha1nfo *s) { - int i; - // Pad to complete the last block - sha1_pad(s); - - // Swap byte order back - for (i=0; i<5; i++) { - uint32_t a,b; - a=s->state.w[i]; - b=a<<24; - b|=(a<<8) & 0x00ff0000; - b|=(a>>8) & 0x0000ff00; - b|=a>>24; - s->state.w[i]=b; - } - - // Return pointer to hash (20 characters) - return s->state.b; +#include <utils/sha1.hpp> + +#include <louloulibs.h> + +#ifdef BOTAN_FOUND +# include <botan/hash.h> +# include <botan/hex.h> +#endif +#ifdef GCRYPT_FOUND +# include <gcrypt.h> +# include <vector> +# include <iomanip> +# include <sstream> +#endif + +std::string sha1(const std::string& input) +{ +#ifdef BOTAN_FOUND + auto sha1 = Botan::HashFunction::create_or_throw("SHA-1"); + sha1->update(input); + return Botan::hex_encode(sha1->final(), false); +#endif +#ifdef GCRYPT_FOUND + const auto hash_length = gcry_md_get_algo_dlen(GCRY_MD_SHA1); + std::vector<uint8_t> output(hash_length, {}); + gcry_md_hash_buffer(GCRY_MD_SHA1, output.data(), input.data(), input.size()); + std::ostringstream digest; + for (std::size_t i = 0; i < hash_length; i++) + digest << std::hex << std::setfill('0') << std::setw(2) << static_cast<int>(output[i]); + return digest.str(); +#endif } diff --git a/louloulibs/utils/sha1.hpp b/louloulibs/utils/sha1.hpp index d436782..6c551ac 100644 --- a/louloulibs/utils/sha1.hpp +++ b/louloulibs/utils/sha1.hpp @@ -1,33 +1,5 @@ -/* This code is public-domain - it is based on libcrypt - * placed in the public domain by Wei Dai and other contributors. - */ +#pragma once -#include <stdint.h> -#include <string.h> +#include <string> -#define HASH_LENGTH 20 -#define BLOCK_LENGTH 64 - -union _buffer { - uint8_t b[BLOCK_LENGTH]; - uint32_t w[BLOCK_LENGTH/4]; -}; - -union _state { - uint8_t b[HASH_LENGTH]; - uint32_t w[HASH_LENGTH/4]; -}; - -typedef struct sha1nfo { - union _buffer buffer; - uint8_t bufferOffset; - union _state state; - uint32_t byteCount; - uint8_t keyBuffer[BLOCK_LENGTH]; - uint8_t innerHash[HASH_LENGTH]; -} sha1nfo; - -void sha1_init(sha1nfo *s); -void sha1_writebyte(sha1nfo *s, uint8_t data); -void sha1_write(sha1nfo *s, const char *data, size_t len); -uint8_t* sha1_result(sha1nfo *s); +std::string sha1(const std::string& input); diff --git a/louloulibs/xmpp/auth.cpp b/louloulibs/xmpp/auth.cpp index c20f95d..8a34a4e 100644 --- a/louloulibs/xmpp/auth.cpp +++ b/louloulibs/xmpp/auth.cpp @@ -2,20 +2,7 @@ #include <utils/sha1.hpp> -#include <iomanip> -#include <sstream> - std::string get_handshake_digest(const std::string& stream_id, const std::string& secret) { - sha1nfo sha1; - sha1_init(&sha1); - sha1_write(&sha1, stream_id.data(), stream_id.size()); - sha1_write(&sha1, secret.data(), secret.size()); - const uint8_t* result = sha1_result(&sha1); - - std::ostringstream digest; - for (int i = 0; i < HASH_LENGTH; i++) - digest << std::hex << std::setfill('0') << std::setw(2) << static_cast<int>(result[i]); - - return digest.str(); + return sha1(stream_id + secret); } |