diff --git a/src/tls/val_secalgo.c b/src/tls/val_secalgo.c index e4d8787a..c41b9a06 100644 --- a/src/tls/val_secalgo.c +++ b/src/tls/val_secalgo.c @@ -138,6 +138,69 @@ secalgo_hash_sha256(unsigned char* buf, size_t len, unsigned char* res) #endif } +/** hash structure for keeping track of running hashes */ +struct secalgo_hash { + /** the openssl message digest context */ + EVP_MD_CTX* ctx; +}; + +/** create secalgo hash with hash type */ +static struct secalgo_hash* secalgo_hash_create_md(const EVP_MD* md) +{ + struct secalgo_hash* h; + if(!md) + return NULL; + h = calloc(1, sizeof(*h)); + if(!h) + return NULL; + h->ctx = EVP_MD_CTX_create(); + if(!h->ctx) { + free(h); + return NULL; + } + if(!EVP_DigestInit_ex(h->ctx, md, NULL)) { + EVP_MD_CTX_destroy(h->ctx); + free(h); + return NULL; + } + return h; +} + +struct secalgo_hash* secalgo_hash_create_sha384(void) +{ + return secalgo_hash_create_md(EVP_sha384()); +} + +struct secalgo_hash* secalgo_hash_create_sha512(void) +{ + return secalgo_hash_create_md(EVP_sha512()); +} + +int secalgo_hash_update(struct secalgo_hash* hash, uint8_t* data, size_t len) +{ + return EVP_DigestUpdate(hash->ctx, (unsigned char*)data, + (unsigned int)len); +} + +int secalgo_hash_final(struct secalgo_hash* hash, uint8_t* result, + size_t maxlen, size_t* resultlen) +{ + if(EVP_MD_CTX_size(hash->ctx) > (int)maxlen) { + *resultlen = 0; + log_err("secalgo_hash_final: hash buffer too small"); + return 0; + } + *resultlen = EVP_MD_CTX_size(hash->ctx); + return EVP_DigestFinal_ex(hash->ctx, result, NULL); +} + +void secalgo_hash_delete(struct secalgo_hash* hash) +{ + if(!hash) return; + EVP_MD_CTX_destroy(hash->ctx); + free(hash); +} + /** * Return size of DS digest according to its hash algorithm. * @param algo: DS digest algo. @@ -820,6 +883,64 @@ secalgo_hash_sha256(unsigned char* buf, size_t len, unsigned char* res) (void)HASH_HashBuf(HASH_AlgSHA256, res, buf, (unsigned long)len); } +/** the secalgo hash structure */ +struct secalgo_hash { + /** hash context */ + HASHContext* ctx; +}; + +/** create hash struct of type */ +static struct secalgo_hash* secalgo_hash_create_type(HASH_HashType tp) +{ + struct secalgo_hash* h = calloc(1, sizeof(*h)); + if(!h) + return NULL; + h->ctx = HASH_Create(tp); + if(!h->ctx) { + free(h); + return NULL; + } + return h; +} + +struct secalgo_hash* secalgo_hash_create_sha384(void) +{ + return secalgo_hash_create_type(HASH_AlgSHA384); +} + +struct secalgo_hash* secalgo_hash_create_sha512(void) +{ + return secalgo_hash_create_type(HASH_AlgSHA512); +} + +int secalgo_hash_update(struct secalgo_hash* hash, uint8_t* data, size_t len) +{ + HASH_Update(hash->ctx, (unsigned char*)data, (unsigned int)len); + return 1; +} + +int secalgo_hash_final(struct secalgo_hash* hash, uint8_t* result, + size_t maxlen, size_t* resultlen) +{ + unsigned int reslen = 0; + if(HASH_ResultLenContext(hash->ctx) > (unsigned int)maxlen) { + *resultlen = 0; + log_err("secalgo_hash_final: hash buffer too small"); + return 0; + } + HASH_End(hash->ctx, (unsigned char*)result, &reslen, + (unsigned int)maxlen); + *resultlen = (size_t)reslen; + return 1; +} + +void secalgo_hash_delete(struct secalgo_hash* hash) +{ + if(!hash) return; + HASH_Destroy(hash->ctx); + free(hash); +} + size_t ds_digest_size_supported(int algo) { @@ -987,6 +1108,7 @@ static SECKEYPublicKey* nss_buf2ecdsa(unsigned char* key, size_t len, int algo) return pk; } +#if defined(USE_DSA) && defined(USE_SHA1) static SECKEYPublicKey* nss_buf2dsa(unsigned char* key, size_t len) { SECKEYPublicKey* pk; @@ -1047,6 +1169,7 @@ static SECKEYPublicKey* nss_buf2dsa(unsigned char* key, size_t len) } return pk; } +#endif /* USE_DSA && USE_SHA1 */ static SECKEYPublicKey* nss_buf2rsa(unsigned char* key, size_t len) { @@ -1446,6 +1569,82 @@ secalgo_hash_sha256(unsigned char* buf, size_t len, unsigned char* res) _digest_nettle(SHA256_DIGEST_SIZE, (uint8_t*)buf, len, res); } +/** secalgo hash structure */ +struct secalgo_hash { + /** if it is 384 or 512 */ + int active; + /** context for sha384 */ + struct sha384_ctx ctx384; + /** context for sha512 */ + struct sha512_ctx ctx512; +}; + +struct secalgo_hash* secalgo_hash_create_sha384(void) +{ + struct secalgo_hash* h = calloc(1, sizeof(*h)); + if(!h) + return NULL; + h->active = 384; + sha384_init(&h->ctx384); + return h; +} + +struct secalgo_hash* secalgo_hash_create_sha512(void) +{ + struct secalgo_hash* h = calloc(1, sizeof(*h)); + if(!h) + return NULL; + h->active = 512; + sha512_init(&h->ctx512); + return h; +} + +int secalgo_hash_update(struct secalgo_hash* hash, uint8_t* data, size_t len) +{ + if(hash->active == 384) { + sha384_update(&hash->ctx384, len, data); + } else if(hash->active == 512) { + sha512_update(&hash->ctx512, len, data); + } else { + return 0; + } + return 1; +} + +int secalgo_hash_final(struct secalgo_hash* hash, uint8_t* result, + size_t maxlen, size_t* resultlen) +{ + if(hash->active == 384) { + if(SHA384_DIGEST_SIZE > maxlen) { + *resultlen = 0; + log_err("secalgo_hash_final: hash buffer too small"); + return 0; + } + *resultlen = SHA384_DIGEST_SIZE; + sha384_digest(&hash->ctx384, SHA384_DIGEST_SIZE, + (unsigned char*)result); + } else if(hash->active == 512) { + if(SHA512_DIGEST_SIZE > maxlen) { + *resultlen = 0; + log_err("secalgo_hash_final: hash buffer too small"); + return 0; + } + *resultlen = SHA512_DIGEST_SIZE; + sha512_digest(&hash->ctx512, SHA512_DIGEST_SIZE, + (unsigned char*)result); + } else { + *resultlen = 0; + return 0; + } + return 1; +} + +void secalgo_hash_delete(struct secalgo_hash* hash) +{ + if(!hash) return; + free(hash); +} + /** * Return size of DS digest according to its hash algorithm. * @param algo: DS digest algo. diff --git a/src/util/locks.c b/src/util/locks.c index e6e848a2..b65a02bd 100644 --- a/src/util/locks.c +++ b/src/util/locks.c @@ -42,7 +42,6 @@ #include "config.h" #include "util/locks.h" #include -#include #ifdef HAVE_SYS_WAIT_H #include #endif diff --git a/src/util/lookup3.c b/src/util/lookup3.c index 5a826193..bb25eb43 100644 --- a/src/util/lookup3.c +++ b/src/util/lookup3.c @@ -53,18 +53,21 @@ on 1 byte), but shoehorning those bytes into integers efficiently is messy. #include "util/storage/lookup3.h" #include /* defines printf for tests */ #include /* defines time_t for timings in the test */ - -#if defined(HAVE_TARGET_ENDIANNESS) -# if defined(TARGET_IS_BIG_ENDIAN) -# define HASH_LITTLE_ENDIAN 0 -# define HASH_BIG_ENDIAN 1 -# else -# define HASH_LITTLE_ENDIAN 1 -# define HASH_BIG_ENDIAN 0 -# endif -#else -# error "Target endianness required." -#endif /* defined(HAVE_TARGET_ENDIANNESS) */ +/*#include defines uint32_t etc (from config.h) */ +#include /* attempt to define endianness */ +#ifdef HAVE_SYS_TYPES_H +# include /* attempt to define endianness (solaris) */ +#endif +#if defined(linux) || defined(__OpenBSD__) +# ifdef HAVE_ENDIAN_H +# include /* attempt to define endianness */ +# else +# include /* on older OpenBSD */ +# endif +#endif +#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__DragonFly__) +#include /* attempt to define endianness */ +#endif /* random initial value */ static uint32_t raninit = (uint32_t)0xdeadbeef; @@ -75,6 +78,36 @@ hash_set_raninit(uint32_t v) raninit = v; } +/* + * My best guess at if you are big-endian or little-endian. This may + * need adjustment. + */ +#if (defined(__BYTE_ORDER) && defined(__LITTLE_ENDIAN) && \ + __BYTE_ORDER == __LITTLE_ENDIAN) || \ + (defined(i386) || defined(__i386__) || defined(__i486__) || \ + defined(__i586__) || defined(__i686__) || defined(vax) || defined(MIPSEL) || defined(__x86)) +# define HASH_LITTLE_ENDIAN 1 +# define HASH_BIG_ENDIAN 0 +#elif (defined(__BYTE_ORDER) && defined(__BIG_ENDIAN) && \ + __BYTE_ORDER == __BIG_ENDIAN) || \ + (defined(sparc) || defined(__sparc) || defined(__sparc__) || defined(POWERPC) || defined(mc68000) || defined(sel)) +# define HASH_LITTLE_ENDIAN 0 +# define HASH_BIG_ENDIAN 1 +#elif defined(_MACHINE_ENDIAN_H_) +/* test for machine_endian_h protects failure if some are empty strings */ +# if defined(_BYTE_ORDER) && defined(_BIG_ENDIAN) && _BYTE_ORDER == _BIG_ENDIAN +# define HASH_LITTLE_ENDIAN 0 +# define HASH_BIG_ENDIAN 1 +# endif +# if defined(_BYTE_ORDER) && defined(_LITTLE_ENDIAN) && _BYTE_ORDER == _LITTLE_ENDIAN +# define HASH_LITTLE_ENDIAN 1 +# define HASH_BIG_ENDIAN 0 +# endif /* _MACHINE_ENDIAN_H_ */ +#else +# define HASH_LITTLE_ENDIAN 0 +# define HASH_BIG_ENDIAN 0 +#endif + #define hashsize(n) ((uint32_t)1<<(n)) #define hashmask(n) (hashsize(n)-1) #define rot(x,k) (((x)<<(k)) | ((x)>>(32-(k)))) diff --git a/src/util/lruhash.c b/src/util/lruhash.c index 2c21ad2d..0968663e 100644 --- a/src/util/lruhash.c +++ b/src/util/lruhash.c @@ -40,8 +40,6 @@ * */ -#include - #include "config.h" #include "util/storage/lruhash.h" #include "util/fptr_wlist.h" @@ -401,12 +399,12 @@ lruhash_remove(struct lruhash* table, hashvalue_type hash, void* key) } table->num--; table->space_used -= (*table->sizefunc)(entry->key, entry->data); - lock_quick_unlock(&table->lock); lock_rw_wrlock(&entry->lock); if(table->markdelfunc) (*table->markdelfunc)(entry->key); lock_rw_unlock(&entry->lock); lock_quick_unlock(&bin->lock); + lock_quick_unlock(&table->lock); /* finish removal */ d = entry->data; (*table->delkeyfunc)(entry->key, table->cb_arg); diff --git a/src/util/orig-headers/locks.h b/src/util/orig-headers/locks.h index 7e61bcc0..d86ee492 100644 --- a/src/util/orig-headers/locks.h +++ b/src/util/orig-headers/locks.h @@ -36,8 +36,6 @@ #ifndef UTIL_LOCKS_H #define UTIL_LOCKS_H -#include - /** * \file * Locking primitives. @@ -221,7 +219,6 @@ void* ub_thread_key_get(ub_thread_key_type key); #else /* we do not HAVE_SOLARIS_THREADS and no PTHREADS */ /******************* WINDOWS THREADS ************************/ #ifdef HAVE_WINDOWS_THREADS -#include #include /* Use a mutex */ diff --git a/src/util/orig-headers/val_secalgo.h b/src/util/orig-headers/val_secalgo.h index 52aaeb9f..8b6080dc 100644 --- a/src/util/orig-headers/val_secalgo.h +++ b/src/util/orig-headers/val_secalgo.h @@ -43,6 +43,7 @@ #ifndef VALIDATOR_VAL_SECALGO_H #define VALIDATOR_VAL_SECALGO_H struct sldns_buffer; +struct secalgo_hash; /** Return size of nsec3 hash algorithm, 0 if not supported */ size_t nsec3_hash_algo_size_supported(int id); @@ -67,6 +68,48 @@ int secalgo_nsec3_hash(int algo, unsigned char* buf, size_t len, */ void secalgo_hash_sha256(unsigned char* buf, size_t len, unsigned char* res); +/** + * Start a hash of type sha384. Allocates structure, then inits it, + * so that a series of updates can be performed, before the final result. + * @return hash structure. NULL on malloc failure or no support. + */ +struct secalgo_hash* secalgo_hash_create_sha384(void); + +/** + * Start a hash of type sha512. Allocates structure, then inits it, + * so that a series of updates can be performed, before the final result. + * @return hash structure. NULL on malloc failure or no support. + */ +struct secalgo_hash* secalgo_hash_create_sha512(void); + +/** + * Update a hash with more information to add to it. + * @param hash: the hash that is updated. + * @param data: data to add. + * @param len: length of data. + * @return false on failure. + */ +int secalgo_hash_update(struct secalgo_hash* hash, uint8_t* data, size_t len); + +/** + * Get the final result of the hash. + * @param hash: the hash that has had updates to it. + * @param result: where to store the result. + * @param maxlen: length of the result buffer, eg. size of the allocation. + * If not large enough the routine fails. + * @param resultlen: the length of the result, returned to the caller. + * How much of maxlen is used. + * @return false on failure. + */ +int secalgo_hash_final(struct secalgo_hash* hash, uint8_t* result, + size_t maxlen, size_t* resultlen); + +/** + * Delete the hash structure. + * @param hash: the hash to delete. + */ +void secalgo_hash_delete(struct secalgo_hash* hash); + /** * Return size of DS digest according to its hash algorithm. * @param algo: DS digest algo. diff --git a/src/util/rbtree.c b/src/util/rbtree.c index b1a94b78..ff4e3e46 100644 --- a/src/util/rbtree.c +++ b/src/util/rbtree.c @@ -39,8 +39,6 @@ * Implementation of a redblack tree. */ -#include - #include "config.h" #include "log.h" #include "fptr_wlist.h"