From: Jeremy Harris Date: Thu, 2 Jun 2016 15:18:54 +0000 (+0100) Subject: Promote the pdkim variant-implementation sha routines to toplevel X-Git-Tag: exim-4_88_RC1~92 X-Git-Url: https://git.exim.org/users/jgh/exim.git/commitdiff_plain/63af6f3a15c5c4779761761bd4d6185e4679eafc?ds=sidebyside Promote the pdkim variant-implementation sha routines to toplevel --- diff --git a/src/OS/Makefile-Base b/src/OS/Makefile-Base index 3965ba36f..37126869d 100644 --- a/src/OS/Makefile-Base +++ b/src/OS/Makefile-Base @@ -331,7 +331,7 @@ OBJ_LOOKUPS = lookups/lf_quote.o lookups/lf_check_file.o lookups/lf_sqlperform.o OBJ_EXIM = acl.o base64.o child.o crypt16.o daemon.o dbfn.o debug.o deliver.o \ directory.o dns.o drtables.o enq.o exim.o expand.o filter.o \ - filtertest.o globals.o dkim.o \ + filtertest.o globals.o dkim.o hash.o \ header.o host.o ip.o log.o lss.o match.o moan.o \ os.o parse.o queue.o \ rda.o readconf.o receive.o retry.o rewrite.o rfc2047.o \ @@ -599,6 +599,7 @@ environment.o: $(HDRS) environment.c filter.o: $(HDRS) filter.c filtertest.o: $(HDRS) filtertest.c globals.o: $(HDRS) globals.c +hash.o: $(HDRS) sha_ver.h hash.h blob.h hash.c header.o: $(HDRS) header.c host.o: $(HDRS) host.c ip.o: $(HDRS) ip.c diff --git a/src/scripts/MakeLinks b/src/scripts/MakeLinks index 68cecf0a9..7a5649ef8 100755 --- a/src/scripts/MakeLinks +++ b/src/scripts/MakeLinks @@ -95,13 +95,14 @@ cd .. # but local_scan.c does not, because its location is taken from the build-time # configuration. Likewise for the os.c file, which gets build dynamically. -for f in dbfunctions.h dbstuff.h exim.h functions.h globals.h local_scan.h \ - macros.h mytypes.h osfunctions.h store.h structs.h lookupapi.h \ +for f in blob.h dbfunctions.h dbstuff.h exim.h functions.h globals.h \ + hash.h local_scan.h \ + macros.h mytypes.h osfunctions.h store.h structs.h lookupapi.h sha_ver.h \ \ acl.c buildconfig.c base64.c child.c crypt16.c daemon.c dbfn.c debug.c deliver.c \ directory.c dns.c drtables.c dummies.c enq.c exim.c exim_dbmbuild.c \ exim_dbutil.c exim_lock.c expand.c filter.c filtertest.c globals.c \ - header.c host.c ip.c log.c lss.c match.c moan.c parse.c perl.c queue.c \ + hash.c header.c host.c ip.c log.c lss.c match.c moan.c parse.c perl.c queue.c \ rda.c readconf.c receive.c retry.c rewrite.c rfc2047.c route.c search.c \ setenv.c environment.c \ sieve.c smtp_in.c smtp_out.c spool_in.c spool_out.c std-crypto.c store.c \ @@ -118,12 +119,6 @@ do ln -s ../src/$f $f done -# WITH_OLD_DEMIME -for f in demime.c demime.h -do - ln -s ../src/$f $f -done - # EXPERIMENTAL_* for f in bmi_spam.c bmi_spam.h dcc.c dcc.h dane.c dane-gnu.c dane-openssl.c \ danessl.h imap_utf7.c spf.c spf.h srs.c srs.h utf8.c diff --git a/src/src/blob.h b/src/src/blob.h new file mode 100644 index 000000000..a3f1e24d4 --- /dev/null +++ b/src/src/blob.h @@ -0,0 +1,15 @@ +/* + * Blob - a general pointer/size item for a memory chunk + * + * Copyright (C) 2016 Exim maintainers + */ + +#ifndef BLOB_H /* entire file */ +#define BLOB_H + +typedef struct { + uschar * data; + size_t len; +} blob; + +#endif diff --git a/src/src/hash.c b/src/src/hash.c new file mode 100644 index 000000000..628df5b4b --- /dev/null +++ b/src/src/hash.c @@ -0,0 +1,176 @@ +/* + * Exim - an Internet mail transport agent + * + * Copyright (C) 2016 Exim maintainers + * + * Hash interface functions + */ + +#include "exim.h" + +#ifndef SUPPORT_TLS +# error Need SUPPORT_TLS for DKIM +#endif + +#include "sha_ver.h" +#include "hash.h" + + +#ifdef notdef +#ifdef RSA_OPENSSL +# include +# include +# include +#elif defined(RSA_GNUTLS) +# include +# include +# ifdef RSA_VERIFY_GNUTLS +# include +# endif +#endif +#endif + + +/******************************************************************************/ +#ifdef SHA_OPENSSL + +void +exim_sha_init(hctx * h, BOOL sha1) +{ +h->sha1 = sha1; +h->hashlen = sha1 ? 20 : 32; +if (h->sha1) + SHA1_Init (&h->u.sha1); +else + SHA256_Init(&h->u.sha2); +} + + +void +exim_sha_update(hctx * h, const uschar * data, int len) +{ +if (h->sha1) + SHA1_Update (&h->u.sha1, data, len); +else + SHA256_Update(&h->u.sha2, data, len); +} + + +void +exim_sha_finish(hctx * h, blob * b) +{ +b->data = store_get(b->len = h->hashlen); + +if (h->sha1) + SHA1_Final (b->data, &h->u.sha1); +else + SHA256_Final(b->data, &h->u.sha2); +} + + + +#elif defined(SHA_GNUTLS) +/******************************************************************************/ + +void +exim_sha_init(hctx * h, BOOL sha1) +{ +h->sha1 = sha1; +h->hashlen = sha1 ? 20 : 32; +gnutls_hash_init(&h->sha, sha1 ? GNUTLS_DIG_SHA1 : GNUTLS_DIG_SHA256); +} + + +void +exim_sha_update(hctx * h, const uschar * data, int len) +{ +gnutls_hash(h->sha, data, len); +} + + +void +exim_sha_finish(hctx * h, blob * b) +{ +b->data = store_get(b->len = h->hashlen); +gnutls_hash_output(h->sha, b->data); +} + + + +#elif defined(SHA_GCRYPT) +/******************************************************************************/ + +void +exim_sha_init(hctx * h, BOOL sha1) +{ +h->sha1 = sha1; +h->hashlen = sha1 ? 20 : 32; +gcry_md_open(&h->sha, sha1 ? GCRY_MD_SHA1 : GCRY_MD_SHA256, 0); +} + + +void +exim_sha_update(hctx * h, const uschar * data, int len) +{ +gcry_md_write(h->sha, data, len); +} + + +void +exim_sha_finish(hctx * h, blob * b) +{ +b->data = store_get(b->len = h->hashlen); +memcpy(b->data, gcry_md_read(h->sha, 0), h->hashlen); +} + + + + +#elif defined(SHA_POLARSSL) +/******************************************************************************/ + +void +exim_sha_init(hctx * h, BOOL sha1) +{ +h->sha1 = sha1; +h->hashlen = sha1 ? 20 : 32; +if (h->sha1) + sha1_starts(&h->u.sha1); +else + sha2_starts(&h->u.sha2, 0); +} + + +void +exim_sha_update(hctx * h, const uschar * data, int len) +{ +if (h->sha1) + sha1_update(h->u.sha1, US data, len); +else + sha2_update(h->u.sha2, US data, len); +} + + +void +exim_sha_finish(hctx * h, blob * b) +{ +b->data = store_get(b->len = h->hashlen); + +if (h->sha1) + sha1_finish(h->u.sha1, b->data); +else + sha2_finish(h->u.sha2, b->data); +} + +#endif +/******************************************************************************/ + +/* Common to all library versions */ +int +exim_sha_hashlen(hctx * h) +{ +return h->sha1 ? 20 : 32; +} + + +/* End of File */ diff --git a/src/src/hash.h b/src/src/hash.h new file mode 100644 index 000000000..d3531ccd9 --- /dev/null +++ b/src/src/hash.h @@ -0,0 +1,63 @@ +/* + * Exim - an Internet mail transport agent + * + * Copyright (C) 2016 Exim maintainers + * + * Hash interface functions + */ + +#include "exim.h" + +#if !defined(HASH_H) /* entire file */ +#define HASH_H + +#include "sha_ver.h" +#include "blob.h" + +#ifdef SHA_OPENSSL +# include +#elif defined SHA_GNUTLS +# include +#elif defined(SHA_GCRYPT) +# include +#elif defined(SHA_POLARSSL) +# include "pdkim/pdkim.h" /*XXX ugly */ +# include "pdkim/polarssl/sha1.h" +# include "pdkim/polarssl/sha2.h" +#endif + + +/* Hash context for the exim_sha_* routines */ + +typedef struct { + int sha1; + int hashlen; + +#ifdef SHA_OPENSSL + union { + SHA_CTX sha1; /* SHA1 block */ + SHA256_CTX sha2; /* SHA256 block */ + } u; + +#elif defined(SHA_GNUTLS) + gnutls_hash_hd_t sha; /* Either SHA1 or SHA256 block */ + +#elif defined(SHA_GCRYPT) + gcry_md_hd_t sha; /* Either SHA1 or SHA256 block */ + +#elif defined(SHA_POLARSSL) + union { + sha1_context sha1; /* SHA1 block */ + sha2_context sha2; /* SHA256 block */ + } u; +#endif + +} hctx; + +extern void exim_sha_init(hctx *, BOOL); +extern void exim_sha_update(hctx *, const uschar *a, int); +extern void exim_sha_finish(hctx *, blob *); +extern int exim_sha_hashlen(hctx *); + +#endif +/* End of File */ diff --git a/src/src/pdkim/Makefile b/src/src/pdkim/Makefile index c72a9426b..61625bd49 100644 --- a/src/src/pdkim/Makefile +++ b/src/src/pdkim/Makefile @@ -1,6 +1,6 @@ # Make file for building the pdkim library. -OBJ = pdkim.o hash.o rsa.o +OBJ = pdkim.o rsa.o pdkim.a: $(OBJ) @$(RM_COMMAND) -f pdkim.a @@ -12,8 +12,7 @@ pdkim.a: $(OBJ) .c.o:; @echo "$(CC) $*.c" $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) -I. $*.c -pdkim.o: $(HDRS) crypt_ver.h hash.h blob.h pdkim.h pdkim.c -hash.o: $(HDRS) crypt_ver.h hash.h blob.h pdkim.h hash.c -rsa.o: $(HDRS) crypt_ver.h rsa.h blob.h rsa.c +pdkim.o: $(HDRS) ../sha_ver.h crypt_ver.h ../hash.h ../blob.h pdkim.h pdkim.c +rsa.o: $(HDRS) ../sha_ver.h crypt_ver.h rsa.h ../blob.h rsa.c # End diff --git a/src/src/pdkim/blob.h b/src/src/pdkim/blob.h deleted file mode 100644 index e1481c9f4..000000000 --- a/src/src/pdkim/blob.h +++ /dev/null @@ -1,17 +0,0 @@ -/* - * PDKIM - a RFC4871 (DKIM) implementation - * - * Copyright (C) 2016 Exim maintainers - * - * RSA signing/verification interface - */ - -#ifndef BLOB_H /* entire file */ -#define BLOB_H - -typedef struct { - uschar * data; - size_t len; -} blob; - -#endif diff --git a/src/src/pdkim/crypt_ver.h b/src/src/pdkim/crypt_ver.h index 0e1db894f..cd2171c82 100644 --- a/src/src/pdkim/crypt_ver.h +++ b/src/src/pdkim/crypt_ver.h @@ -8,6 +8,7 @@ /* RSA and SHA routine selection for PDKIM */ #include "../exim.h" +#include "../sha_ver.h" #ifdef USE_GNUTLS @@ -19,14 +20,7 @@ # define RSA_GCRYPT # endif -# if GNUTLS_VERSION_NUMBER >= 0x020a00 -# define SHA_GNUTLS -# else -# define SHA_GCRYPT -# endif - #else # define RSA_OPENSSL -# define SHA_OPENSSL #endif diff --git a/src/src/pdkim/hash.c b/src/src/pdkim/hash.c deleted file mode 100644 index 0f7d0f6d4..000000000 --- a/src/src/pdkim/hash.c +++ /dev/null @@ -1,181 +0,0 @@ -/* - * PDKIM - a RFC4871 (DKIM) implementation - * - * Copyright (C) 2016 Exim maintainers - * - * Hash interface functions - */ - -#include "../exim.h" - -#ifndef DISABLE_DKIM /* entire file */ - -#ifndef SUPPORT_TLS -# error Need SUPPORT_TLS for DKIM -#endif - -#include "crypt_ver.h" - -#ifdef RSA_OPENSSL -# include -# include -# include -#elif defined(RSA_GNUTLS) -# include -# include -# ifdef RSA_VERIFY_GNUTLS -# include -# endif -#endif - -#ifdef SHA_GNUTLS -# include -#endif - -#include "hash.h" - - -/******************************************************************************/ -#ifdef SHA_OPENSSL - -void -exim_sha_init(hctx * h, BOOL sha1) -{ -h->sha1 = sha1; -h->hashlen = sha1 ? 20 : 32; -if (h->sha1) - SHA1_Init (&h->u.sha1); -else - SHA256_Init(&h->u.sha2); -} - - -void -exim_sha_update(hctx * h, const uschar * data, int len) -{ -if (h->sha1) - SHA1_Update (&h->u.sha1, data, len); -else - SHA256_Update(&h->u.sha2, data, len); -} - - -void -exim_sha_finish(hctx * h, blob * b) -{ -b->data = store_get(b->len = h->hashlen); - -if (h->sha1) - SHA1_Final (b->data, &h->u.sha1); -else - SHA256_Final(b->data, &h->u.sha2); -} - - - -#elif defined(SHA_GNUTLS) -/******************************************************************************/ - -void -exim_sha_init(hctx * h, BOOL sha1) -{ -h->sha1 = sha1; -h->hashlen = sha1 ? 20 : 32; -gnutls_hash_init(&h->sha, sha1 ? GNUTLS_DIG_SHA1 : GNUTLS_DIG_SHA256); -} - - -void -exim_sha_update(hctx * h, const uschar * data, int len) -{ -gnutls_hash(h->sha, data, len); -} - - -void -exim_sha_finish(hctx * h, blob * b) -{ -b->data = store_get(b->len = h->hashlen); -gnutls_hash_output(h->sha, b->data); -} - - - -#elif defined(SHA_GCRYPT) -/******************************************************************************/ - -void -exim_sha_init(hctx * h, BOOL sha1) -{ -h->sha1 = sha1; -h->hashlen = sha1 ? 20 : 32; -gcry_md_open(&h->sha, sha1 ? GCRY_MD_SHA1 : GCRY_MD_SHA256, 0); -} - - -void -exim_sha_update(hctx * h, const uschar * data, int len) -{ -gcry_md_write(h->sha, data, len); -} - - -void -exim_sha_finish(hctx * h, blob * b) -{ -b->data = store_get(b->len = h->hashlen); -memcpy(b->data, gcry_md_read(h->sha, 0), h->hashlen); -} - - - - -#elif defined(SHA_POLARSSL) -/******************************************************************************/ - -void -exim_sha_init(hctx * h, BOOL sha1) -{ -h->sha1 = sha1; -h->hashlen = sha1 ? 20 : 32; -if (h->sha1) - sha1_starts(&h->u.sha1); -else - sha2_starts(&h->u.sha2, 0); -} - - -void -exim_sha_update(hctx * h, const uschar * data, int len) -{ -if (h->sha1) - sha1_update(h->u.sha1, US data, len); -else - sha2_update(h->u.sha2, US data, len); -} - - -void -exim_sha_finish(hctx * h, blob * b) -{ -b->data = store_get(b->len = h->hashlen); - -if (h->sha1) - sha1_finish(h->u.sha1, b->data); -else - sha2_finish(h->u.sha2, b->data); -} - -#endif -/******************************************************************************/ - -/* Common to all library versions */ -int -exim_sha_hashlen(hctx * h) -{ -return h->sha1 ? 20 : 32; -} - - -#endif /*DISABLE_DKIM*/ -/* End of File */ diff --git a/src/src/pdkim/hash.h b/src/src/pdkim/hash.h deleted file mode 100644 index 52a5507c3..000000000 --- a/src/src/pdkim/hash.h +++ /dev/null @@ -1,79 +0,0 @@ -/* - * PDKIM - a RFC4871 (DKIM) implementation - * - * Copyright (C) 2016 Exim maintainers - * - * Hash interface functions - */ - -#include "../exim.h" - -#if !defined(DISABLE_DKIM) && !defined(PDKIM_HASH_H) /* entire file */ -#define PDKIM_HASH_H - -#ifndef SUPPORT_TLS -# error Need SUPPORT_TLS for DKIM -#endif - -#include "crypt_ver.h" -#include "blob.h" - -#ifdef RSA_OPENSSL -# include -# include -# include -#elif defined(RSA_GNUTLS) -# include -# include -#endif - -#ifdef SHA_GNUTLS -# include -#elif defined(SHA_GCRYPT) -# include -#elif defined(SHA_POLARSSL) -# include "pdkim.h" -# include "polarssl/sha1.h" -# include "polarssl/sha2.h" -#endif - -/* Hash context */ -typedef struct { - int sha1; - int hashlen; - -#ifdef SHA_OPENSSL - union { - SHA_CTX sha1; /* SHA1 block */ - SHA256_CTX sha2; /* SHA256 block */ - } u; - -#elif defined(SHA_GNUTLS) - gnutls_hash_hd_t sha; /* Either SHA1 or SHA256 block */ - -#elif defined(SHA_GCRYPT) - gcry_md_hd_t sha; /* Either SHA1 or SHA256 block */ - -#elif defined(SHA_POLARSSL) - union { - sha1_context sha1; /* SHA1 block */ - sha2_context sha2; /* SHA256 block */ - } u; -#endif - -} hctx; - -#if defined(SHA_OPENSSL) -# include "pdkim.h" -#elif defined(SHA_GCRYPT) -# include "pdkim.h" -#endif - - -extern void exim_sha_init(hctx *, BOOL); -extern void exim_sha_update(hctx *, const uschar *a, int); -extern void exim_sha_finish(hctx *, blob *); -extern int exim_sha_hashlen(hctx *); - -#endif /*DISABLE_DKIM*/ -/* End of File */ diff --git a/src/src/pdkim/pdkim.h b/src/src/pdkim/pdkim.h index 58f9c1353..ba984c1d9 100644 --- a/src/src/pdkim/pdkim.h +++ b/src/src/pdkim/pdkim.h @@ -23,8 +23,8 @@ #ifndef PDKIM_H #define PDKIM_H -#include "blob.h" -#include "hash.h" +#include "../blob.h" +#include "../hash.h" /* -------------------------------------------------------------------------- */ /* Length of the preallocated buffer for the "answer" from the dns/txt diff --git a/src/src/pdkim/pdkim_hash.h b/src/src/pdkim/pdkim_hash.h new file mode 100644 index 000000000..143cd19df --- /dev/null +++ b/src/src/pdkim/pdkim_hash.h @@ -0,0 +1,38 @@ +/* + * PDKIM - a RFC4871 (DKIM) implementation + * + * Copyright (C) 2016 Exim maintainers + * + * Hash interface functions + */ + +#include "../exim.h" + +#if !defined(HASH_H) /* entire file */ +#define HASH_H + +#ifndef SUPPORT_TLS +# error Need SUPPORT_TLS for DKIM +#endif + +#include "crypt_ver.h" +#include "../blob.h" +#include "../hash.h" + +#ifdef RSA_OPENSSL +# include +# include +# include +#elif defined(RSA_GNUTLS) +# include +# include +#endif + +#if defined(SHA_OPENSSL) +# include "pdkim.h" +#elif defined(SHA_GCRYPT) +# include "pdkim.h" +#endif + +#endif +/* End of File */ diff --git a/src/src/pdkim/rsa.h b/src/src/pdkim/rsa.h index 32631fdac..6018eba64 100644 --- a/src/src/pdkim/rsa.h +++ b/src/src/pdkim/rsa.h @@ -25,7 +25,7 @@ # include #endif -#include "blob.h" +#include "../blob.h" #ifdef RSA_OPENSSL diff --git a/src/src/sha_ver.h b/src/src/sha_ver.h new file mode 100644 index 000000000..630c78d41 --- /dev/null +++ b/src/src/sha_ver.h @@ -0,0 +1,32 @@ +/************************************************* +* Exim - an Internet mail transport agent * +*************************************************/ + +/* Copyright (c) Jeremy Harris 2016 */ +/* See the file NOTICE for conditions of use and distribution. */ + +/* SHA routine selection */ + +#include "exim.h" + +#ifdef SUPPORT_TLS + +# define EXIM_HAVE_SHA2 + +# ifdef USE_GNUTLS +# include + +# if GNUTLS_VERSION_NUMBER >= 0x020a00 +# define SHA_GNUTLS +# else +# define SHA_GCRYPT +# endif + +# else +# define SHA_OPENSSL +# endif + +#else +# define SHA_NATIVE +#endif +