Abstract SHA1 calculation.

src/dnssec.c

@@ -209,6 +209,7 @@
 #include "list.h"
 #include "util/val_secalgo.h"
 #include "anchor.h"
+#include "tls.h"
 
 #define SIGNATURE_VERIFIED         0x10000
 #define NSEC3_ITERATION_COUNT_HIGH 0x20000
@@ -1582,12 +1583,12 @@ static uint8_t *_getdns_nsec3_hash_label(uint8_t *label, size_t label_len,
 	(void)memcpy(dst, salt + 1, *salt);
 	dst += *salt;
 
-	(void)SHA1(buf, dst - buf, md);
+	_getdns_tls_sha1(buf, dst - buf, md);
 	if (iterations) {
 		(void)memcpy(buf + SHA_DIGEST_LENGTH, salt + 1, *salt);
 		while (iterations--) {
 			(void)memcpy(buf, md, SHA_DIGEST_LENGTH);
-			SHA1(buf, SHA_DIGEST_LENGTH + *salt, md);
+			_getdns_tls_sha1(buf, SHA_DIGEST_LENGTH + *salt, md);
 		}
 	}
 	*label = gldns_b32_ntop_extended_hex(

src/openssl/tls.c

@@ -747,4 +747,9 @@ unsigned char* _getdns_tls_hmac_end(struct mem_funcs* mfs, _getdns_tls_hmac* h,
 	return res;
 }
 
+void _getdns_tls_sha1(const void* data, size_t data_size, unsigned char* buf)
+{
+	SHA1(data, data_size, buf);
+}
+
 /* tls.c */

src/tls.h

@@ -378,4 +378,14 @@ getdns_return_t _getdns_tls_hmac_add(_getdns_tls_hmac* h, const void* data, size
  */
 unsigned char* _getdns_tls_hmac_end(struct mem_funcs* mfs, _getdns_tls_hmac* h, size_t* output_size);
 
+/**
+ * Calculate a SHA1 hash.
+ *
+ * @param data		the data to hash.
+ * @param data_size	the size of the data to hash.
+ * @param buf		the buffer to receive the hash. Must be at least
+ * 			SHA_DIGEST_LENGTH bytes.
+ */
+void _getdns_tls_sha1(const void* data, size_t data_size, unsigned char* buf);
+
 #endif /* _GETDNS_TLS_H */