diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 567ac05a9f..4c4ff60eb8 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -257,6 +257,7 @@ build:debian:jessie:amd64: variables: CC: gcc CFLAGS: "-Wall -Wextra -O2 -g" + EXTRA_CONFIGURE: --without-cmocka <<: *debian_jessie_amd64_image <<: *build_job diff --git a/bin/dnssec/dnssec-signzone.c b/bin/dnssec/dnssec-signzone.c index 39ccb4e57d..92374fdba0 100644 --- a/bin/dnssec/dnssec-signzone.c +++ b/bin/dnssec/dnssec-signzone.c @@ -40,6 +40,7 @@ #include #include #include +#include #include #include #include diff --git a/bin/named/server.c b/bin/named/server.c index 0c6224fd84..58b8b4678a 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -41,7 +41,6 @@ #include #include #include -#include #include #include #include @@ -9011,6 +9010,7 @@ load_configuration(const char *filename, named_server_t *server, bool first = true; isc_buffer_t b; unsigned int usedlength; + unsigned int expectedlength; for (element = cfg_list_first(obj); element != NULL; @@ -9056,21 +9056,26 @@ load_configuration(const char *filename, named_server_t *server, usedlength = isc_buffer_usedlength(&b); switch (server->sctx->cookiealg) { case ns_cookiealg_aes: - if (usedlength != ISC_AES128_KEYLENGTH) { + expectedlength = ISC_AES128_KEYLENGTH; + if (usedlength != expectedlength) { CHECKM(ISC_R_RANGE, "AES cookie-secret must be " "128 bits"); } break; case ns_cookiealg_sha1: - if (usedlength != ISC_SHA1_DIGESTLENGTH) { + expectedlength = + isc_md_type_get_size(ISC_MD_SHA1); + if (usedlength != expectedlength) { CHECKM(ISC_R_RANGE, "SHA1 cookie-secret must be " "160 bits"); } break; case ns_cookiealg_sha256: - if (usedlength != ISC_SHA256_DIGESTLENGTH) { + expectedlength = + isc_md_type_get_size(ISC_MD_SHA256); + if (usedlength != expectedlength) { CHECKM(ISC_R_RANGE, "SHA256 cookie-secret must be " "256 bits"); diff --git a/bin/tests/optional/hash_test.c b/bin/tests/optional/hash_test.c index 0f370c2b61..64a0839e1a 100644 --- a/bin/tests/optional/hash_test.c +++ b/bin/tests/optional/hash_test.c @@ -17,8 +17,6 @@ #include #include -#include -#include #include #include #include @@ -42,16 +40,13 @@ print_digest(const char *s, const char *hash, unsigned char *d, int main(int argc, char **argv) { - isc_sha1_t sha1; - isc_sha224_t sha224; - isc_md5_t md5; isc_hmacmd5_t hmacmd5; isc_hmacsha1_t hmacsha1; isc_hmacsha224_t hmacsha224; isc_hmacsha256_t hmacsha256; isc_hmacsha384_t hmacsha384; isc_hmacsha512_t hmacsha512; - unsigned char digest[ISC_SHA512_DIGESTLENGTH]; + unsigned char digest[ISC_MAX_MD_SIZE]; unsigned char buffer[1024]; const char *s; unsigned char key[20]; @@ -59,41 +54,6 @@ main(int argc, char **argv) { UNUSED(argc); UNUSED(argv); - s = "abc"; - isc_sha1_init(&sha1); - memmove(buffer, s, strlen(s)); - isc_sha1_update(&sha1, buffer, strlen(s)); - isc_sha1_final(&sha1, digest); - print_digest(s, "sha1", digest, ISC_SHA1_DIGESTLENGTH/4); - - s = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; - isc_sha1_init(&sha1); - memmove(buffer, s, strlen(s)); - isc_sha1_update(&sha1, buffer, strlen(s)); - isc_sha1_final(&sha1, digest); - print_digest(s, "sha1", digest, ISC_SHA1_DIGESTLENGTH/4); - - s = "abc"; - isc_sha224_init(&sha224); - memmove(buffer, s, strlen(s)); - isc_sha224_update(&sha224, buffer, strlen(s)); - isc_sha224_final(digest, &sha224); - print_digest(s, "sha224", digest, ISC_SHA224_DIGESTLENGTH/4); - - s = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; - isc_sha224_init(&sha224); - memmove(buffer, s, strlen(s)); - isc_sha224_update(&sha224, buffer, strlen(s)); - isc_sha224_final(digest, &sha224); - print_digest(s, "sha224", digest, ISC_SHA224_DIGESTLENGTH/4); - - s = "abc"; - isc_md5_init(&md5); - memmove(buffer, s, strlen(s)); - isc_md5_update(&md5, buffer, strlen(s)); - isc_md5_final(&md5, digest); - print_digest(s, "md5", digest, 4); - /* * The 3 HMAC-MD5 examples from RFC2104 */ diff --git a/config.h.in b/config.h.in index 75fbd002e7..83ad03e4d7 100644 --- a/config.h.in +++ b/config.h.in @@ -69,6 +69,9 @@ /* Define if clock_gettime is available. */ #undef HAVE_CLOCK_GETTIME +/* Use cmocka */ +#undef HAVE_CMOCKA + /* Define to 1 if you have the header file. */ #undef HAVE_CMOCKA_H diff --git a/configure b/configure index efbe6855fc..bcacafecaf 100755 --- a/configure +++ b/configure @@ -19541,19 +19541,19 @@ case $with_cmocka in #( yes) : pkg_failed=no -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for cmocka" >&5 -$as_echo_n "checking for cmocka... " >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for cmocka >= 1.0.0" >&5 +$as_echo_n "checking for cmocka >= 1.0.0... " >&6; } if test -n "$CMOCKA_CFLAGS"; then pkg_cv_CMOCKA_CFLAGS="$CMOCKA_CFLAGS" elif test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ - { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"cmocka\""; } >&5 - ($PKG_CONFIG --exists --print-errors "cmocka") 2>&5 + { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"cmocka >= 1.0.0\""; } >&5 + ($PKG_CONFIG --exists --print-errors "cmocka >= 1.0.0") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then - pkg_cv_CMOCKA_CFLAGS=`$PKG_CONFIG --cflags "cmocka" 2>/dev/null` + pkg_cv_CMOCKA_CFLAGS=`$PKG_CONFIG --cflags "cmocka >= 1.0.0" 2>/dev/null` test "x$?" != "x0" && pkg_failed=yes else pkg_failed=yes @@ -19565,12 +19565,12 @@ if test -n "$CMOCKA_LIBS"; then pkg_cv_CMOCKA_LIBS="$CMOCKA_LIBS" elif test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ - { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"cmocka\""; } >&5 - ($PKG_CONFIG --exists --print-errors "cmocka") 2>&5 + { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"cmocka >= 1.0.0\""; } >&5 + ($PKG_CONFIG --exists --print-errors "cmocka >= 1.0.0") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then - pkg_cv_CMOCKA_LIBS=`$PKG_CONFIG --libs "cmocka" 2>/dev/null` + pkg_cv_CMOCKA_LIBS=`$PKG_CONFIG --libs "cmocka >= 1.0.0" 2>/dev/null` test "x$?" != "x0" && pkg_failed=yes else pkg_failed=yes @@ -19591,14 +19591,14 @@ else _pkg_short_errors_supported=no fi if test $_pkg_short_errors_supported = yes; then - CMOCKA_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "cmocka" 2>&1` + CMOCKA_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "cmocka >= 1.0.0" 2>&1` else - CMOCKA_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "cmocka" 2>&1` + CMOCKA_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "cmocka >= 1.0.0" 2>&1` fi # Put the nasty error message in config.log where it belongs echo "$CMOCKA_PKG_ERRORS" >&5 - as_fn_error $? "Package requirements (cmocka) were not met: + as_fn_error $? "Package requirements (cmocka >= 1.0.0) were not met: $CMOCKA_PKG_ERRORS @@ -19629,6 +19629,8 @@ else { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } +$as_echo "#define HAVE_CMOCKA 1" >>confdefs.h + fi ;; #( *) : @@ -19711,6 +19713,9 @@ if test "$ac_res" != no; then : CMOCKA_CFLAGS="-I$with_cmocka/include" CMOCKA_LIBS="-L$with_cmocka/lib -lcmocka" +$as_echo "#define HAVE_CMOCKA 1" >>confdefs.h + + else as_fn_error $? "cmocka unit testing framework not found in $with_cmocka path" "$LINENO" 5 fi @@ -19761,6 +19766,47 @@ rm -f core conftest.err conftest.$ac_objext \ # AM_CONDITIONAL([LD_WRAP], [test $enable_ld_wrap = yes]) +LDFLAGS=$save_LDFLAGS + +# +# Check for -Wl,--wrap= support +# + +save_LDFLAGS=$LDFLAGS +LDFLAGS="--wrap=printf" + +LD_WRAP_TESTS=false +enable_ld_wrap=no +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for linker support for --wrap option" >&5 +$as_echo_n "checking for linker support for --wrap option... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +__wrap_printf("success"); return (0); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + enable_ld_wrap=yes + LD_WRAP_TESTS=true + +$as_echo "#define LD_WRAP 1" >>confdefs.h + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +# AM_CONDITIONAL([LD_WRAP], [test $enable_ld_wrap = yes]) + + LDFLAGS=$save_LDFLAGS # diff --git a/configure.ac b/configure.ac index 914e5ae2c1..326c430fc8 100644 --- a/configure.ac +++ b/configure.ac @@ -2390,7 +2390,8 @@ AC_ARG_WITH([cmocka], AS_CASE([$with_cmocka], [no],[:], - [yes],[PKG_CHECK_MODULES([CMOCKA], [cmocka])], + [yes],[PKG_CHECK_MODULES([CMOCKA], [cmocka >= 1.0.0], + [AC_DEFINE([HAVE_CMOCKA], [1], [Use cmocka])])], [*],[ save_CFLAGS="$CFLAGS" save_LIBS="$LIBS" @@ -2408,6 +2409,7 @@ AS_CASE([$with_cmocka], [ CMOCKA_CFLAGS="-I$with_cmocka/include" CMOCKA_LIBS="-L$with_cmocka/lib -lcmocka" + AC_DEFINE([HAVE_CMOCKA], [1], [Use cmocka]) ], [AC_MSG_ERROR([cmocka unit testing framework not found in $with_cmocka path])]) ]) @@ -2436,6 +2438,28 @@ AC_SUBST([LD_WRAP_TESTS]) LDFLAGS=$save_LDFLAGS +# +# Check for -Wl,--wrap= support +# + +save_LDFLAGS=$LDFLAGS +LDFLAGS="--wrap=printf" + +LD_WRAP_TESTS=false +enable_ld_wrap=no +AC_MSG_CHECKING([for linker support for --wrap option]) +AC_LINK_IFELSE( + [AC_LANG_PROGRAM([#include ], [__wrap_printf("success"); return (0);])], + [enable_ld_wrap=yes + LD_WRAP_TESTS=true + AC_DEFINE([LD_WRAP], [1], [define if the linker supports --wrap option]) + AC_MSG_RESULT([yes])], + [AC_MSG_RESULT([no])]) +# AM_CONDITIONAL([LD_WRAP], [test $enable_ld_wrap = yes]) +AC_SUBST([LD_WRAP_TESTS]) + +LDFLAGS=$save_LDFLAGS + # # Check whether to build Automated Test Framework unit tests # diff --git a/lib/bind9/check.c b/lib/bind9/check.c index ab944ebd78..8928e10a5e 100644 --- a/lib/bind9/check.c +++ b/lib/bind9/check.c @@ -23,6 +23,7 @@ #include #include #include +#include #include #include #include @@ -30,8 +31,6 @@ #include #include #include -#include -#include #include #include #include diff --git a/lib/bind9/win32/libbind9.vcxproj.in b/lib/bind9/win32/libbind9.vcxproj.in index fd2e47ff91..261986a238 100644 --- a/lib/bind9/win32/libbind9.vcxproj.in +++ b/lib/bind9/win32/libbind9.vcxproj.in @@ -53,7 +53,7 @@ Level3 Disabled - WIN32;USE_MD5;_DEBUG;_WINDOWS;_USRDLL;LIBBIND9_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) + WIN32;_DEBUG;_WINDOWS;_USRDLL;LIBBIND9_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) ./;../../../;include;../include;../../isc/win32;../../isc/win32/include;../../isc/include;../../isccfg/include;../../dns/include;@LIBXML2_INC@@OPENSSL_INC@@GEOIP_INC@%(AdditionalIncludeDirectories) true .\$(Configuration)\$(TargetName).pch @@ -81,7 +81,7 @@ MaxSpeed true @INTRINSIC@ - WIN32;USE_MD5;NDEBUG;_WINDOWS;_USRDLL;LIBBIND9_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) + WIN32;NDEBUG;_WINDOWS;_USRDLL;LIBBIND9_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) ./;../../../;include;../include;../../isc/win32;../../isc/win32/include;../../isc/include;../../isccfg/include;../../dns/include;@LIBXML2_INC@@OPENSSL_INC@@GEOIP_INC@%(AdditionalIncludeDirectories) OnlyExplicitInline false diff --git a/lib/dns/Makefile.in b/lib/dns/Makefile.in index 3235d4fd2a..e8ab447fd6 100644 --- a/lib/dns/Makefile.in +++ b/lib/dns/Makefile.in @@ -29,7 +29,7 @@ USE_ISC_SPNEGO = @USE_ISC_SPNEGO@ CINCLUDES = -I. -I${top_srcdir}/lib/dns -Iinclude ${DNS_INCLUDES} \ ${ISC_INCLUDES} @OPENSSL_INCLUDES@ @DST_GSSAPI_INC@ -CDEFINES = -DUSE_MD5 @USE_GSSAPI@ ${USE_ISC_SPNEGO} +CDEFINES = @USE_GSSAPI@ ${USE_ISC_SPNEGO} CWARNINGS = diff --git a/lib/dns/catz.c b/lib/dns/catz.c index cabaec822e..848e42a2b5 100644 --- a/lib/dns/catz.c +++ b/lib/dns/catz.c @@ -17,11 +17,11 @@ #include #include +#include #include #include #include #include -#include #include #include @@ -1420,12 +1420,27 @@ dns_catz_update_process(dns_catz_zones_t *catzs, dns_catz_zone_t *zone, return (result); } +static isc_result_t +digest2hex(unsigned char *digest, unsigned int digestlen, + char *hash, size_t hashlen) +{ + unsigned int i; + int ret; + for (i = 0; i < digestlen; i++) { + size_t left = hashlen - i * 2; + ret = snprintf(hash + i * 2, left, "%02x", digest[i]); + if (ret < 0 || (size_t)ret >= left) { + return (ISC_R_NOSPACE); + } + } + return (ISC_R_SUCCESS); +} + isc_result_t dns_catz_generate_masterfilename(dns_catz_zone_t *zone, dns_catz_entry_t *entry, isc_buffer_t **buffer) { isc_buffer_t *tbuf = NULL; - isc_sha256_t sha256; isc_region_t r; isc_result_t result; size_t rlen; @@ -1453,7 +1468,7 @@ dns_catz_generate_masterfilename(dns_catz_zone_t *zone, dns_catz_entry_t *entry, goto cleanup; /* __catz__.db */ - rlen = ISC_SHA256_DIGESTSTRINGLENGTH + 12; + rlen = (isc_md_type_get_size(ISC_MD_SHA256) * 2 + 1) + 12; /* optionally prepend with / */ if (entry->opts.zonedir != NULL) @@ -1470,11 +1485,20 @@ dns_catz_generate_masterfilename(dns_catz_zone_t *zone, dns_catz_entry_t *entry, isc_buffer_usedregion(tbuf, &r); isc_buffer_putstr(*buffer, "__catz__"); - if (tbuf->used > ISC_SHA256_DIGESTSTRINGLENGTH) { - isc_sha256_init(&sha256); - isc_sha256_update(&sha256, r.base, r.length); + if (tbuf->used > ISC_SHA256_DIGESTLENGTH * 2 + 1) { + unsigned char digest[ISC_MAX_MD_SIZE]; + unsigned int digestlen; /* we can do that because digest string < 2 * DNS_NAME */ - isc_sha256_end(&sha256, (char *) r.base); + result = isc_md(ISC_MD_SHA256, r.base, r.length, + digest, &digestlen); + if (result != ISC_R_SUCCESS) { + goto cleanup; + } + result = digest2hex(digest, digestlen, (char *)r.base, + ISC_SHA256_DIGESTLENGTH * 2 + 1); + if (result != ISC_R_SUCCESS) { + goto cleanup; + } isc_buffer_putstr(*buffer, (char *) r.base); } else { isc_buffer_copyregion(*buffer, &r); diff --git a/lib/dns/ds.c b/lib/dns/ds.c index 05c3f71ab1..2c8d543fd0 100644 --- a/lib/dns/ds.c +++ b/lib/dns/ds.c @@ -18,8 +18,7 @@ #include #include -#include -#include +#include #include #include @@ -38,19 +37,21 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key, { dns_fixedname_t fname; dns_name_t *name; - unsigned char digest[ISC_SHA384_DIGESTLENGTH]; + unsigned char digest[ISC_MAX_MD_SIZE]; + unsigned int digestlen; isc_region_t r; isc_buffer_t b; dns_rdata_ds_t ds; - isc_sha1_t sha1; - isc_sha256_t sha256; - isc_sha384_t sha384; + isc_md_t *md; + isc_md_type_t md_type = 0; + isc_result_t ret; REQUIRE(key != NULL); REQUIRE(key->type == dns_rdatatype_dnskey); - if (!dst_ds_digest_supported(digest_type)) + if (!dst_ds_digest_supported(digest_type)) { return (ISC_R_NOTIMPLEMENTED); + } name = dns_fixedname_initname(&fname); (void)dns_name_downcase(owner, name, NULL); @@ -58,61 +59,65 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key, memset(buffer, 0, DNS_DS_BUFFERSIZE); isc_buffer_init(&b, buffer, DNS_DS_BUFFERSIZE); + md = isc_md_new(); + if (md == NULL) { + return (ISC_R_NOMEMORY); + } + switch (digest_type) { case DNS_DSDIGEST_SHA1: - isc_sha1_init(&sha1); - dns_name_toregion(name, &r); - isc_sha1_update(&sha1, r.base, r.length); - dns_rdata_toregion(key, &r); - INSIST(r.length >= 4); - isc_sha1_update(&sha1, r.base, r.length); - isc_sha1_final(&sha1, digest); + md_type = ISC_MD_SHA1; break; case DNS_DSDIGEST_SHA384: - isc_sha384_init(&sha384); - dns_name_toregion(name, &r); - isc_sha384_update(&sha384, r.base, r.length); - dns_rdata_toregion(key, &r); - INSIST(r.length >= 4); - isc_sha384_update(&sha384, r.base, r.length); - isc_sha384_final(digest, &sha384); + md_type = ISC_MD_SHA384; break; case DNS_DSDIGEST_SHA256: default: - isc_sha256_init(&sha256); - dns_name_toregion(name, &r); - isc_sha256_update(&sha256, r.base, r.length); - dns_rdata_toregion(key, &r); - INSIST(r.length >= 4); - isc_sha256_update(&sha256, r.base, r.length); - isc_sha256_final(digest, &sha256); + md_type = ISC_MD_SHA256; break; } + ret = isc_md_init(md, md_type); + if (ret != ISC_R_SUCCESS) { + goto end; + } + + dns_name_toregion(name, &r); + + ret = isc_md_update(md, r.base, r.length); + if (ret != ISC_R_SUCCESS) { + goto end; + } + + dns_rdata_toregion(key, &r); + INSIST(r.length >= 4); + + ret = isc_md_update(md, r.base, r.length); + if (ret != ISC_R_SUCCESS) { + goto end; + } + + ret = isc_md_final(md, digest, &digestlen); + if (ret != ISC_R_SUCCESS) { + goto end; + } + ds.mctx = NULL; ds.common.rdclass = key->rdclass; ds.common.rdtype = dns_rdatatype_ds; ds.algorithm = r.base[3]; ds.key_tag = dst_region_computeid(&r, ds.algorithm); ds.digest_type = digest_type; - switch (digest_type) { - case DNS_DSDIGEST_SHA1: - ds.length = ISC_SHA1_DIGESTLENGTH; - break; - - case DNS_DSDIGEST_SHA384: - ds.length = ISC_SHA384_DIGESTLENGTH; - break; - - case DNS_DSDIGEST_SHA256: - default: - ds.length = ISC_SHA256_DIGESTLENGTH; - break; - } ds.digest = digest; + ds.length = digestlen; - return (dns_rdata_fromstruct(rdata, key->rdclass, dns_rdatatype_ds, - &ds, &b)); + ret = dns_rdata_fromstruct(rdata, key->rdclass, dns_rdatatype_ds, + &ds, &b); +end: + if (md != NULL) { + isc_md_free(md); + } + return (ret); } diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c index c0684d903c..82b619fdaa 100644 --- a/lib/dns/dst_api.c +++ b/lib/dns/dst_api.c @@ -1202,22 +1202,22 @@ dst_key_sigsize(const dst_key_t *key, unsigned int *n) { *n = DNS_SIG_ED448SIZE; break; case DST_ALG_HMACMD5: - *n = 16; + *n = isc_md_type_get_size(ISC_MD_MD5); break; case DST_ALG_HMACSHA1: - *n = ISC_SHA1_DIGESTLENGTH; + *n = isc_md_type_get_size(ISC_MD_SHA1); break; case DST_ALG_HMACSHA224: - *n = ISC_SHA224_DIGESTLENGTH; + *n = isc_md_type_get_size(ISC_MD_SHA224); break; case DST_ALG_HMACSHA256: - *n = ISC_SHA256_DIGESTLENGTH; + *n = isc_md_type_get_size(ISC_MD_SHA256); break; case DST_ALG_HMACSHA384: - *n = ISC_SHA384_DIGESTLENGTH; + *n = isc_md_type_get_size(ISC_MD_SHA384); break; case DST_ALG_HMACSHA512: - *n = ISC_SHA512_DIGESTLENGTH; + *n = isc_md_type_get_size(ISC_MD_SHA512); break; case DST_ALG_GSSAPI: *n = 128; /*%< XXX */ diff --git a/lib/dns/dst_internal.h b/lib/dns/dst_internal.h index 75635c87f1..b8ef410128 100644 --- a/lib/dns/dst_internal.h +++ b/lib/dns/dst_internal.h @@ -33,12 +33,10 @@ #include #include #include +#include #include #include -#include #include -#include -#include #include #include #include @@ -148,10 +146,6 @@ struct dst_context { union { void *generic; dst_gssapi_signverifyctx_t *gssctx; - isc_md5_t *md5ctx; - isc_sha1_t *sha1ctx; - isc_sha256_t *sha256ctx; - isc_sha512_t *sha512ctx; isc_hmacmd5_t *hmacmd5ctx; isc_hmacsha1_t *hmacsha1ctx; isc_hmacsha224_t *hmacsha224ctx; diff --git a/lib/dns/hmac_link.c b/lib/dns/hmac_link.c index de8f386706..80fb179a08 100644 --- a/lib/dns/hmac_link.c +++ b/lib/dns/hmac_link.c @@ -30,10 +30,9 @@ #include #include #include -#include #include #include -#include +#include #include #include #include @@ -52,7 +51,7 @@ static isc_result_t hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data); struct dst_hmacmd5_key { - unsigned char key[ISC_MD5_BLOCK_LENGTH]; + unsigned char key[ISC_HMAC_MAX_MD_CBLOCK]; }; static isc_result_t @@ -206,9 +205,9 @@ hmacmd5_todns(const dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data) { dst_hmacmd5_key_t *hkey; - int keylen; + unsigned int keylen; isc_region_t r; - isc_md5_t md5ctx; + isc_result_t res; isc_buffer_remainingregion(data, &r); if (r.length == 0) @@ -221,10 +220,11 @@ hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data) { memset(hkey->key, 0, sizeof(hkey->key)); if (r.length > ISC_MD5_BLOCK_LENGTH) { - isc_md5_init(&md5ctx); - isc_md5_update(&md5ctx, r.base, r.length); - isc_md5_final(&md5ctx, hkey->key); - keylen = ISC_MD5_DIGESTLENGTH; + res = isc_md(ISC_MD_MD5, r.base, r.length, + hkey->key, &keylen); + if (res != ISC_R_SUCCESS) { + return (res); + } } else { memmove(hkey->key, r.base, r.length); keylen = r.length; @@ -357,7 +357,6 @@ dst__hmacmd5_init(dst_func_t **funcp) { * Prevent use of incorrect crypto */ - RUNTIME_CHECK(isc_md5_check(false)); RUNTIME_CHECK(isc_hmacmd5_check(0)); REQUIRE(funcp != NULL); @@ -369,7 +368,7 @@ dst__hmacmd5_init(dst_func_t **funcp) { static isc_result_t hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data); struct dst_hmacsha1_key { - unsigned char key[ISC_SHA1_BLOCK_LENGTH]; + unsigned char key[ISC_HMAC_MAX_MD_CBLOCK]; }; static isc_result_t @@ -512,9 +511,9 @@ hmacsha1_todns(const dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data) { dst_hmacsha1_key_t *hkey; - int keylen; + unsigned int keylen; isc_region_t r; - isc_sha1_t sha1ctx; + isc_result_t res; isc_buffer_remainingregion(data, &r); if (r.length == 0) @@ -527,10 +526,12 @@ hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data) { memset(hkey->key, 0, sizeof(hkey->key)); if (r.length > ISC_SHA1_BLOCK_LENGTH) { - isc_sha1_init(&sha1ctx); - isc_sha1_update(&sha1ctx, r.base, r.length); - isc_sha1_final(&sha1ctx, hkey->key); - keylen = ISC_SHA1_DIGESTLENGTH; + res = isc_md(ISC_MD_SHA1, r.base, r.length, + hkey->key, &keylen); + REQUIRE(res != ISC_R_SUCCESS); + if (res != ISC_R_SUCCESS) { + return (res); + } } else { memmove(hkey->key, r.base, r.length); keylen = r.length; @@ -647,7 +648,6 @@ dst__hmacsha1_init(dst_func_t **funcp) { /* * Prevent use of incorrect crypto */ - RUNTIME_CHECK(isc_sha1_check(false)); RUNTIME_CHECK(isc_hmacsha1_check(0)); REQUIRE(funcp != NULL); @@ -659,7 +659,7 @@ dst__hmacsha1_init(dst_func_t **funcp) { static isc_result_t hmacsha224_fromdns(dst_key_t *key, isc_buffer_t *data); struct dst_hmacsha224_key { - unsigned char key[ISC_SHA224_BLOCK_LENGTH]; + unsigned char key[ISC_HMAC_MAX_MD_CBLOCK]; }; static isc_result_t @@ -802,9 +802,9 @@ hmacsha224_todns(const dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacsha224_fromdns(dst_key_t *key, isc_buffer_t *data) { dst_hmacsha224_key_t *hkey; - int keylen; + unsigned int keylen; isc_region_t r; - isc_sha224_t sha224ctx; + isc_result_t res; isc_buffer_remainingregion(data, &r); if (r.length == 0) @@ -817,10 +817,12 @@ hmacsha224_fromdns(dst_key_t *key, isc_buffer_t *data) { memset(hkey->key, 0, sizeof(hkey->key)); if (r.length > ISC_SHA224_BLOCK_LENGTH) { - isc_sha224_init(&sha224ctx); - isc_sha224_update(&sha224ctx, r.base, r.length); - isc_sha224_final(hkey->key, &sha224ctx); - keylen = ISC_SHA224_DIGESTLENGTH; + res = isc_md(ISC_MD_SHA224, r.base, r.length, + hkey->key, &keylen); + REQUIRE(res != ISC_R_SUCCESS); + if (res != ISC_R_SUCCESS) { + return (res); + } } else { memmove(hkey->key, r.base, r.length); keylen = r.length; @@ -943,7 +945,7 @@ dst__hmacsha224_init(dst_func_t **funcp) { static isc_result_t hmacsha256_fromdns(dst_key_t *key, isc_buffer_t *data); struct dst_hmacsha256_key { - unsigned char key[ISC_SHA256_BLOCK_LENGTH]; + unsigned char key[ISC_HMAC_MAX_MD_CBLOCK]; }; static isc_result_t @@ -1086,9 +1088,9 @@ hmacsha256_todns(const dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacsha256_fromdns(dst_key_t *key, isc_buffer_t *data) { dst_hmacsha256_key_t *hkey; - int keylen; + unsigned int keylen; isc_region_t r; - isc_sha256_t sha256ctx; + isc_result_t res; isc_buffer_remainingregion(data, &r); if (r.length == 0) @@ -1101,10 +1103,12 @@ hmacsha256_fromdns(dst_key_t *key, isc_buffer_t *data) { memset(hkey->key, 0, sizeof(hkey->key)); if (r.length > ISC_SHA256_BLOCK_LENGTH) { - isc_sha256_init(&sha256ctx); - isc_sha256_update(&sha256ctx, r.base, r.length); - isc_sha256_final(hkey->key, &sha256ctx); - keylen = ISC_SHA256_DIGESTLENGTH; + res = isc_md(ISC_MD_SHA256, r.base, r.length, + hkey->key, &keylen); + REQUIRE(res != ISC_R_SUCCESS); + if (res != ISC_R_SUCCESS) { + return (res); + } } else { memmove(hkey->key, r.base, r.length); keylen = r.length; @@ -1227,7 +1231,7 @@ dst__hmacsha256_init(dst_func_t **funcp) { static isc_result_t hmacsha384_fromdns(dst_key_t *key, isc_buffer_t *data); struct dst_hmacsha384_key { - unsigned char key[ISC_SHA384_BLOCK_LENGTH]; + unsigned char key[ISC_HMAC_MAX_MD_CBLOCK]; }; static isc_result_t @@ -1370,9 +1374,9 @@ hmacsha384_todns(const dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacsha384_fromdns(dst_key_t *key, isc_buffer_t *data) { dst_hmacsha384_key_t *hkey; - int keylen; + unsigned int keylen; isc_region_t r; - isc_sha384_t sha384ctx; + isc_result_t res; isc_buffer_remainingregion(data, &r); if (r.length == 0) @@ -1385,10 +1389,12 @@ hmacsha384_fromdns(dst_key_t *key, isc_buffer_t *data) { memset(hkey->key, 0, sizeof(hkey->key)); if (r.length > ISC_SHA384_BLOCK_LENGTH) { - isc_sha384_init(&sha384ctx); - isc_sha384_update(&sha384ctx, r.base, r.length); - isc_sha384_final(hkey->key, &sha384ctx); - keylen = ISC_SHA384_DIGESTLENGTH; + res = isc_md(ISC_MD_SHA384, r.base, r.length, + hkey->key, &keylen); + REQUIRE(res != ISC_R_SUCCESS); + if (res != ISC_R_SUCCESS) { + return (res); + } } else { memmove(hkey->key, r.base, r.length); keylen = r.length; @@ -1511,7 +1517,7 @@ dst__hmacsha384_init(dst_func_t **funcp) { static isc_result_t hmacsha512_fromdns(dst_key_t *key, isc_buffer_t *data); struct dst_hmacsha512_key { - unsigned char key[ISC_SHA512_BLOCK_LENGTH]; + unsigned char key[ISC_HMAC_MAX_MD_CBLOCK]; }; static isc_result_t @@ -1654,9 +1660,9 @@ hmacsha512_todns(const dst_key_t *key, isc_buffer_t *data) { static isc_result_t hmacsha512_fromdns(dst_key_t *key, isc_buffer_t *data) { dst_hmacsha512_key_t *hkey; - int keylen; + unsigned int keylen; isc_region_t r; - isc_sha512_t sha512ctx; + isc_result_t res; isc_buffer_remainingregion(data, &r); if (r.length == 0) @@ -1669,10 +1675,12 @@ hmacsha512_fromdns(dst_key_t *key, isc_buffer_t *data) { memset(hkey->key, 0, sizeof(hkey->key)); if (r.length > ISC_SHA512_BLOCK_LENGTH) { - isc_sha512_init(&sha512ctx); - isc_sha512_update(&sha512ctx, r.base, r.length); - isc_sha512_final(hkey->key, &sha512ctx); - keylen = ISC_SHA512_DIGESTLENGTH; + res = isc_md(ISC_MD_SHA512, r.base, r.length, + hkey->key, &keylen); + REQUIRE(res != ISC_R_SUCCESS); + if (res != ISC_R_SUCCESS) { + return (res); + } } else { memmove(hkey->key, r.base, r.length); keylen = r.length; diff --git a/lib/dns/nsec3.c b/lib/dns/nsec3.c index 871ec6dcaf..ec226e7744 100644 --- a/lib/dns/nsec3.c +++ b/lib/dns/nsec3.c @@ -20,6 +20,7 @@ #include #include #include +#include #include #include #include diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c index df6d886138..d16063359f 100644 --- a/lib/dns/opensslecdsa_link.c +++ b/lib/dns/opensslecdsa_link.c @@ -19,7 +19,6 @@ #include #include -#include #include #include diff --git a/lib/dns/openssleddsa_link.c b/lib/dns/openssleddsa_link.c index 4298df1c2c..d19af94395 100644 --- a/lib/dns/openssleddsa_link.c +++ b/lib/dns/openssleddsa_link.c @@ -19,7 +19,6 @@ #include #include -#include #include #include #include diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c index da8f536193..fabdd2f59e 100644 --- a/lib/dns/opensslrsa_link.c +++ b/lib/dns/opensslrsa_link.c @@ -16,11 +16,8 @@ #include #include -#include #include #include -#include -#include #include #include diff --git a/lib/dns/pkcs11ecdsa_link.c b/lib/dns/pkcs11ecdsa_link.c index 881fab7209..6bc5e25b18 100644 --- a/lib/dns/pkcs11ecdsa_link.c +++ b/lib/dns/pkcs11ecdsa_link.c @@ -19,7 +19,6 @@ #include #include -#include #include #include diff --git a/lib/dns/pkcs11eddsa_link.c b/lib/dns/pkcs11eddsa_link.c index 7bfdd5f431..7381a6a878 100644 --- a/lib/dns/pkcs11eddsa_link.c +++ b/lib/dns/pkcs11eddsa_link.c @@ -20,7 +20,6 @@ #include #include -#include #include #include diff --git a/lib/dns/pkcs11rsa_link.c b/lib/dns/pkcs11rsa_link.c index d4a8b8b162..7343ed3508 100644 --- a/lib/dns/pkcs11rsa_link.c +++ b/lib/dns/pkcs11rsa_link.c @@ -18,9 +18,7 @@ #include #include -#include -#include -#include +#include #include #include #include diff --git a/lib/dns/rdata/generic/cds_59.c b/lib/dns/rdata/generic/cds_59.c index 1999cead7d..f94c6a6a3f 100644 --- a/lib/dns/rdata/generic/cds_59.c +++ b/lib/dns/rdata/generic/cds_59.c @@ -16,9 +16,6 @@ #define RRTYPE_CDS_ATTRIBUTES 0 -#include -#include - #include static inline isc_result_t diff --git a/lib/dns/rdata/generic/dlv_32769.c b/lib/dns/rdata/generic/dlv_32769.c index efdcec9049..d61206aa8c 100644 --- a/lib/dns/rdata/generic/dlv_32769.c +++ b/lib/dns/rdata/generic/dlv_32769.c @@ -17,9 +17,6 @@ #define RRTYPE_DLV_ATTRIBUTES 0 -#include -#include - #include static inline isc_result_t diff --git a/lib/dns/rdata/generic/ds_43.c b/lib/dns/rdata/generic/ds_43.c index 5dfaaa0daa..1927ee46b8 100644 --- a/lib/dns/rdata/generic/ds_43.c +++ b/lib/dns/rdata/generic/ds_43.c @@ -18,8 +18,7 @@ #define RRTYPE_DS_ATTRIBUTES \ (DNS_RDATATYPEATTR_DNSSEC|DNS_RDATATYPEATTR_ATPARENT) -#include -#include +#include #include diff --git a/lib/dns/tests/Makefile.in b/lib/dns/tests/Makefile.in index 205c74f4c4..703b66ebf4 100644 --- a/lib/dns/tests/Makefile.in +++ b/lib/dns/tests/Makefile.in @@ -30,6 +30,12 @@ DNSDEPLIBS = ../libdns.@A@ LIBS = @LIBS@ @ATFLIBS@ +CMOCKA_CFLAGS = @CMOCKA_CFLAGS@ +CMOCKA_LIBS = @CMOCKA_LIBS@ +ifeq ($(LD_WRAP),true) +CMOCKA_MEM = -Wl,--wrap=isc__mem_put,--wrap=isc__mem_get,--wrap=isc_mem_attach,--wrap=isc_mem_detach +endif + OBJS = dnstest.@O@ SRCS = acl_test.c \ db_test.c \ diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c index 909ffe6df1..87d1b48353 100644 --- a/lib/dns/tkey.c +++ b/lib/dns/tkey.c @@ -16,7 +16,7 @@ #include #include -#include +#include #include #include #include @@ -236,50 +236,112 @@ static isc_result_t compute_secret(isc_buffer_t *shared, isc_region_t *queryrandomness, isc_region_t *serverrandomness, isc_buffer_t *secret) { - isc_md5_t md5ctx; + isc_md_t *md; isc_region_t r, r2; - unsigned char digests[32]; + unsigned char digests[ISC_MAX_MD_SIZE*2]; + unsigned char *digest1, *digest2; + unsigned int digestslen, digestlen1 = 0, digestlen2 = 0; unsigned int i; + isc_result_t result; isc_buffer_usedregion(shared, &r); + md = isc_md_new(); + if (md == NULL) { + return (ISC_R_NOSPACE); + } + /* * MD5 ( query data | DH value ). */ - isc_md5_init(&md5ctx); - isc_md5_update(&md5ctx, queryrandomness->base, - queryrandomness->length); - isc_md5_update(&md5ctx, r.base, r.length); - isc_md5_final(&md5ctx, digests); + digest1 = digests; + + result = isc_md_init(md, ISC_MD_MD5); + if (result != ISC_R_SUCCESS) { + goto end; + } + + result = isc_md_update(md, + queryrandomness->base, + queryrandomness->length); + if (result != ISC_R_SUCCESS) { + goto end; + } + + result = isc_md_update(md, r.base, r.length); + if (result != ISC_R_SUCCESS) { + goto end; + } + + result = isc_md_final(md, digest1, &digestlen1); + if (result != ISC_R_SUCCESS) { + goto end; + } + + result = isc_md_reset(md); + if (result != ISC_R_SUCCESS) { + goto end; + } /* * MD5 ( server data | DH value ). */ - isc_md5_init(&md5ctx); - isc_md5_update(&md5ctx, serverrandomness->base, - serverrandomness->length); - isc_md5_update(&md5ctx, r.base, r.length); - isc_md5_final(&md5ctx, &digests[ISC_MD5_DIGESTLENGTH]); + digest2 = digests + digestlen1; + + result = isc_md_init(md, ISC_MD_MD5); + if (result != ISC_R_SUCCESS) { + goto end; + } + + result = isc_md_update(md, + serverrandomness->base, + serverrandomness->length); + if (result != ISC_R_SUCCESS) { + goto end; + } + + result = isc_md_update(md, r.base, r.length); + if (result != ISC_R_SUCCESS) { + goto end; + } + + result = isc_md_final(md, digest2, &digestlen2); + if (result != ISC_R_SUCCESS) { + goto end; + } + + isc_md_free(md); + md = NULL; + + digestslen = digestlen1 + digestlen2; /* * XOR ( DH value, MD5-1 | MD5-2). */ isc_buffer_availableregion(secret, &r); isc_buffer_usedregion(shared, &r2); - if (r.length < sizeof(digests) || r.length < r2.length) + if (r.length < digestslen || r.length < r2.length) { return (ISC_R_NOSPACE); - if (r2.length > sizeof(digests)) { + } + if (r2.length > digestslen) { memmove(r.base, r2.base, r2.length); - for (i = 0; i < sizeof(digests); i++) + for (i = 0; i < digestslen; i++) { r.base[i] ^= digests[i]; + } isc_buffer_add(secret, r2.length); } else { - memmove(r.base, digests, sizeof(digests)); - for (i = 0; i < r2.length; i++) + memmove(r.base, digests, digestslen); + for (i = 0; i < r2.length; i++) { r.base[i] ^= r2.base[i]; - isc_buffer_add(secret, sizeof(digests)); + } + isc_buffer_add(secret, digestslen); } - return (ISC_R_SUCCESS); + result = ISC_R_SUCCESS; +end: + if (md != NULL) { + isc_md_free(md); + } + return (result); } static isc_result_t diff --git a/lib/dns/validator.c b/lib/dns/validator.c index 9894059143..d898394704 100644 --- a/lib/dns/validator.c +++ b/lib/dns/validator.c @@ -16,8 +16,8 @@ #include #include +#include #include -#include #include #include #include diff --git a/lib/dns/view.c b/lib/dns/view.c index 2ac81bdcca..b1d66d3b81 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -25,7 +25,6 @@ #include #include #include -#include #include #include /* Required for HP/UX (and others?) */ #include diff --git a/lib/dns/win32/libdns.vcxproj.in b/lib/dns/win32/libdns.vcxproj.in index c6fcd949b5..bba2ad3eff 100644 --- a/lib/dns/win32/libdns.vcxproj.in +++ b/lib/dns/win32/libdns.vcxproj.in @@ -53,7 +53,7 @@ Level3 Disabled - BIND9;WIN32;USE_MD5;@USE_GSSAPI@@USE_ISC_SPNEGO@_DEBUG;_WINDOWS;_USRDLL;LIBDNS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions);%(PreprocessorDefinitions) + BIND9;WIN32;@USE_GSSAPI@@USE_ISC_SPNEGO@_DEBUG;_WINDOWS;_USRDLL;LIBDNS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions);%(PreprocessorDefinitions) .\;..\..\..\;include;..\include;..\..\isc;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;@LIBXML2_INC@@OPENSSL_INC@@GSSAPI_INC@@GEOIP_INC@%(AdditionalIncludeDirectories) true .\$(Configuration)\$(TargetName).pch @@ -81,7 +81,7 @@ MaxSpeed true @INTRINSIC@ - BIND9;WIN32;USE_MD5;@USE_GSSAPI@@USE_ISC_SPNEGO@NDEBUG;_WINDOWS;_USRDLL;LIBDNS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions);%(PreprocessorDefinitions) + BIND9;WIN32;@USE_GSSAPI@@USE_ISC_SPNEGO@NDEBUG;_WINDOWS;_USRDLL;LIBDNS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions);%(PreprocessorDefinitions) .\;..\..\..\;include;..\include;..\..\isc;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;@LIBXML2_INC@@OPENSSL_INC@@GSSAPI_INC@@GEOIP_INC@%(AdditionalIncludeDirectories) OnlyExplicitInline true diff --git a/lib/irs/win32/libirs.vcxproj.in b/lib/irs/win32/libirs.vcxproj.in index 4bea9e44f6..284a48a3d2 100644 --- a/lib/irs/win32/libirs.vcxproj.in +++ b/lib/irs/win32/libirs.vcxproj.in @@ -53,7 +53,7 @@ Level3 Disabled - WIN32;USE_MD5;_DEBUG;_WINDOWS;_USRDLL;LIBIRS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) + WIN32;_DEBUG;_WINDOWS;_USRDLL;LIBIRS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) .\;..\..\..\;include;..\include;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;..\..\isccfg\include;..\..\dns\include;@LIBXML2_INC@@OPENSSL_INC@@GEOIP_INC@%(AdditionalIncludeDirectories) true .\$(Configuration)\$(TargetName).pch @@ -81,7 +81,7 @@ MaxSpeed true @INTRINSIC@ - WIN32;USE_MD5;NDEBUG;_WINDOWS;_USRDLL;LIBIRS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) + WIN32;NDEBUG;_WINDOWS;_USRDLL;LIBIRS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) .\;..\..\..\;include;..\include;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;..\..\isccfg\include;..\..\dns\include;@LIBXML2_INC@@OPENSSL_INC@@GEOIP_INC@%(AdditionalIncludeDirectories) OnlyExplicitInline false diff --git a/lib/isc/Makefile.in b/lib/isc/Makefile.in index 2e9fedfca8..69216a91f0 100644 --- a/lib/isc/Makefile.in +++ b/lib/isc/Makefile.in @@ -50,12 +50,12 @@ OBJS = pk11.@O@ pk11_result.@O@ \ event.@O@ hash.@O@ ht.@O@ heap.@O@ hex.@O@ hmacmd5.@O@ \ hmacsha.@O@ httpd.@O@ iterated_hash.@O@ \ lex.@O@ lfsr.@O@ lib.@O@ log.@O@ \ - md5.@O@ mem.@O@ mutexblock.@O@ \ + md.@O@ mem.@O@ mutexblock.@O@ \ netaddr.@O@ netscope.@O@ nonce.@O@ openssl_shim.@O@ pool.@O@ \ parseint.@O@ portset.@O@ quota.@O@ radix.@O@ random.@O@ \ ratelimiter.@O@ region.@O@ regex.@O@ result.@O@ \ rwlock.@O@ \ - serial.@O@ sha1.@O@ sha2.@O@ sockaddr.@O@ stats.@O@ \ + serial.@O@ sockaddr.@O@ stats.@O@ \ string.@O@ symtab.@O@ task.@O@ taskpool.@O@ \ tm.@O@ timer.@O@ version.@O@ \ ${UNIXOBJS} ${NLSOBJS} ${THREADOBJS} @@ -68,11 +68,11 @@ SRCS = pk11.c pk11_result.c \ entropy.c error.c event.c hash.c ht.c heap.c hex.c hmacmd5.c \ hmacsha.c httpd.c iterated_hash.c \ lex.c lfsr.c lib.c log.c \ - md5.c mem.c mutexblock.c \ + md.c mem.c mutexblock.c \ netaddr.c netscope.c nonce.c openssl_shim.c pool.c \ parseint.c portset.c quota.c radix.c random.c \ ratelimiter.c region.c regex.c result.c rwlock.c \ - serial.c sha1.c sha2.c sockaddr.c stats.c string.c \ + serial.c sockaddr.c stats.c string.c \ symtab.c task.c taskpool.c timer.c \ tm.c version.c diff --git a/lib/isc/hmacmd5.c b/lib/isc/hmacmd5.c index 6999feaad7..3f48bc00b7 100644 --- a/lib/isc/hmacmd5.c +++ b/lib/isc/hmacmd5.c @@ -17,7 +17,6 @@ #include #include -#include #include #include #include diff --git a/lib/isc/hmacsha.c b/lib/isc/hmacsha.c index 2e3618a49a..6f621c9dba 100644 --- a/lib/isc/hmacsha.c +++ b/lib/isc/hmacsha.c @@ -23,8 +23,6 @@ #include #include #include -#include -#include #include #include #include diff --git a/lib/isc/include/isc/Makefile.in b/lib/isc/include/isc/Makefile.in index 1c38844c9e..fa127e2e95 100644 --- a/lib/isc/include/isc/Makefile.in +++ b/lib/isc/include/isc/Makefile.in @@ -26,12 +26,12 @@ HEADERS = aes.h app.h assertions.h atomic.h backtrace.h base32.h base64.h \ hash.h heap.h hex.h hmacmd5.h hmacsha.h ht.h httpd.h \ interfaceiter.h iterated_hash.h \ json.h lang.h lex.h lfsr.h lib.h likely.h list.h log.h \ - magic.h md5.h mem.h meminfo.h msgcat.h msgs.h mutexblock.h \ + magic.h mem.h meminfo.h msgcat.h msgs.h mutexblock.h \ netaddr.h netscope.h nonce.h os.h parseint.h \ pool.h portset.h print.h queue.h quota.h \ radix.h random.h ratelimiter.h refcount.h regex.h \ region.h resource.h result.h resultclass.h rwlock.h \ - safe.h serial.h sha1.h sha2.h sockaddr.h socket.h \ + safe.h serial.h sockaddr.h socket.h \ stats.h stdio.h strerr.h string.h symtab.h \ task.h taskpool.h timer.h tm.h types.h util.h version.h \ xml.h diff --git a/lib/isc/include/isc/hmacmd5.h b/lib/isc/include/isc/hmacmd5.h index 0305265050..0f87b2a1b7 100644 --- a/lib/isc/include/isc/hmacmd5.h +++ b/lib/isc/include/isc/hmacmd5.h @@ -20,7 +20,7 @@ #include #include -#include +#include #include #include diff --git a/lib/isc/include/isc/hmacsha.h b/lib/isc/include/isc/hmacsha.h index 8bb4866037..346dc20251 100644 --- a/lib/isc/include/isc/hmacsha.h +++ b/lib/isc/include/isc/hmacsha.h @@ -21,11 +21,10 @@ #include #include -#include -#include +#include #include -#define ISC_HMACSHA1_KEYLENGTH ISC_SHA1_BLOCK_LENGTH +#define ISC_HMACSHA1_KEYLENGTH ISC_SHA1_BLOCK_LENGTH #define ISC_HMACSHA224_KEYLENGTH ISC_SHA224_BLOCK_LENGTH #define ISC_HMACSHA256_KEYLENGTH ISC_SHA256_BLOCK_LENGTH #define ISC_HMACSHA384_KEYLENGTH ISC_SHA384_BLOCK_LENGTH @@ -34,6 +33,8 @@ #include #include +#define ISC_HMAC_MAX_MD_CBLOCK HMAC_MAX_MD_CBLOCK + typedef struct { HMAC_CTX *ctx; #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) diff --git a/lib/isc/include/isc/iterated_hash.h b/lib/isc/include/isc/iterated_hash.h index a43ae69d45..0848b803a7 100644 --- a/lib/isc/include/isc/iterated_hash.h +++ b/lib/isc/include/isc/iterated_hash.h @@ -9,12 +9,9 @@ * information regarding copyright ownership. */ - -#ifndef ISC_ITERATED_HASH_H -#define ISC_ITERATED_HASH_H 1 +#pragma once #include -#include /* * The maximal hash length that can be encoded in a name @@ -30,12 +27,10 @@ ISC_LANG_BEGINDECLS -int isc_iterated_hash(unsigned char out[NSEC3_MAX_HASH_LENGTH], - unsigned int hashalg, int iterations, - const unsigned char *salt, int saltlength, - const unsigned char *in, int inlength); - +int +isc_iterated_hash(unsigned char *out, + const unsigned int hashalg, const int iterations, + const unsigned char *salt, const int saltlength, + const unsigned char *in, const int inlength); ISC_LANG_ENDDECLS - -#endif /* ISC_ITERATED_HASH_H */ diff --git a/lib/isc/include/isc/md.h b/lib/isc/include/isc/md.h new file mode 100644 index 0000000000..a3f16ebd5b --- /dev/null +++ b/lib/isc/include/isc/md.h @@ -0,0 +1,194 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +/*! + * \file isc/md.h + * \brief This is the header file for message digest algorithms. + */ + +#pragma once + +#include + +#include +#include +#include +#include + +#include + +typedef EVP_MD_CTX isc_md_t; + +/** + * isc_md_type_t: + * @ISC_MD_MD5: MD5 + * @ISC_MD_SHA1: SHA-1 + * @ISC_MD_SHA224: SHA-224 + * @ISC_MD_SHA256: SHA-256 + * @ISC_MD_SHA384: SHA-384 + * @ISC_MD_SHA512: SHA-512 + * + * Enumeration of supported message digest algorithms. + */ +typedef const EVP_MD * isc_md_type_t; + +#define ISC_MD_MD5 EVP_md5() +#define ISC_MD_SHA1 EVP_sha1() +#define ISC_MD_SHA224 EVP_sha224() +#define ISC_MD_SHA256 EVP_sha256() +#define ISC_MD_SHA384 EVP_sha384() +#define ISC_MD_SHA512 EVP_sha512() + +#define ISC_MD5_DIGESTLENGTH isc_md_type_get_size(ISC_MD_MD5) +#define ISC_MD5_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_MD5) +#define ISC_SHA1_DIGESTLENGTH isc_md_type_get_size(ISC_MD_SHA1) +#define ISC_SHA1_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_SHA1) +#define ISC_SHA224_DIGESTLENGTH isc_md_type_get_size(ISC_MD_SHA224) +#define ISC_SHA224_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_SHA224) +#define ISC_SHA256_DIGESTLENGTH isc_md_type_get_size(ISC_MD_SHA256) +#define ISC_SHA256_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_SHA256) +#define ISC_SHA384_DIGESTLENGTH isc_md_type_get_size(ISC_MD_SHA384) +#define ISC_SHA384_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_SHA384) +#define ISC_SHA512_DIGESTLENGTH isc_md_type_get_size(ISC_MD_SHA512) +#define ISC_SHA512_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_SHA512) + +#define ISC_MAX_MD_SIZE EVP_MAX_MD_SIZE +#define ISC_MAX_BLOCK_SIZE 128U /* ISC_SHA512_BLOCK_LENGTH */ + +/** + * isc_md: + * @type: the digest type + * @buf: the data to hash + * @len: the length of the data to hash + * @digest: the output buffer + * @digestlen: the length of the data written to @digest + * + * This function hashes @len bytes of data at @buf and places the result in + * @digest. If the @digestlen parameter is not NULL then the number of bytes of + * data written (i.e. the length of the digest) will be written to the integer + * at @digestlen, at most ISC_MAX_MD_SIZE bytes will be written. + */ +isc_result_t +isc_md(isc_md_type_t type, const unsigned char *buf, const size_t len, + unsigned char *digest, unsigned int *digestlen); + +/** + * isc_md_new: + * + * This function allocates, initializes and returns a digest context. + */ +isc_md_t * +isc_md_new(void); + +/** + * isc_md_free: + * @md: message digest context + * + * This function cleans up digest context ctx and frees up the space allocated + * to it. + */ +void +isc_md_free(isc_md_t *); + +/** + * isc_md_init: + * @md: message digest context + * @type: digest type + * + * This function sets up digest context @md to use a digest @type. @md must be + * initialized before calling this function. + */ +isc_result_t +isc_md_init(isc_md_t *, const isc_md_type_t md_type); + +/** + * isc_md_reset: + * @md: message digest context + * + * This function resets the digest context ctx. This can be used to reuse an + * already existing context. + */ +isc_result_t +isc_md_reset(isc_md_t *md); + +/** + * isc_md_update: + * @md: message digest context + * @buf: data to hash + * @len: length of the data to hash + * + * This function hashes @len bytes of data at @buf into the digest context @md. + * This function can be called several times on the same @md to hash additional + * data. + */ +isc_result_t +isc_md_update(isc_md_t *md, const unsigned char *buf, const size_t len); + +/** + * isc_md_final: + * @md: message digest context + * @digest: the output buffer + * @digestlen: the length of the data written to @digest + * + * This function retrieves the digest value from @md and places it in @digest. + * If the @digestlen parameter is not NULL then the number of bytes of data + * written (i.e. the length of the digest) will be written to the integer at + * @digestlen, at most ISC_MAX_MD_SIZE bytes will be written. After calling + * this function no additional calls to isc_md_update() can be made. + */ +isc_result_t +isc_md_final(isc_md_t *md, unsigned char *digest, unsigned int *digestlen); + +/** + * isc_md_get_type: + * @md: message digest contezt + * + * This function return the isc_md_type_t previously set for the supplied + * message digest context or NULL if no isc_md_type_t has been set. + */ +isc_md_type_t +isc_md_get_md_type(isc_md_t *md); + +/** + * isc_md_size: + * + * This function return the size of the message digest when passed an isc_md_t + * structure, i.e. the size of the hash. + */ +size_t +isc_md_get_size(isc_md_t *md); + +/** + * isc_md_block_size: + * + * This function return the block size of the message digest when passed an + * isc_md_t structure. + */ +size_t +isc_md_get_block_size(isc_md_t *md); + +/** + * isc_md_size: + * + * This function return the size of the message digest when passed an + * isc_md_type_t , i.e. the size of the hash. + */ +size_t +isc_md_type_get_size(isc_md_type_t md_type); + +/** + * isc_md_block_size: + * + * This function return the block size of the message digest when passed an + * isc_md_type_t. + */ +size_t +isc_md_type_get_block_size(isc_md_type_t md_type); diff --git a/lib/isc/include/isc/md5.h b/lib/isc/include/isc/md5.h deleted file mode 100644 index 02fa904d87..0000000000 --- a/lib/isc/include/isc/md5.h +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - - -/*! \file isc/md5.h - * \brief This is the header file for the MD5 message-digest algorithm. - */ - -#pragma once - -#include - -#include -#include -#include - -#define ISC_MD5_DIGESTLENGTH 16U -#define ISC_MD5_BLOCK_LENGTH 64U - -#include -#include - -typedef struct { - EVP_MD_CTX *ctx; -#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - EVP_MD_CTX _ctx; -#endif -} isc_md5_t; - -ISC_LANG_BEGINDECLS - -void -isc_md5_init(isc_md5_t *ctx); - -void -isc_md5_invalidate(isc_md5_t *ctx); - -void -isc_md5_update(isc_md5_t *ctx, const unsigned char *buf, unsigned int len); - -void -isc_md5_final(isc_md5_t *ctx, unsigned char *digest); - -bool -isc_md5_check(bool testing); - -ISC_LANG_ENDDECLS diff --git a/lib/isc/include/isc/result.h b/lib/isc/include/isc/result.h index 9e7d058a89..b54df56acf 100644 --- a/lib/isc/include/isc/result.h +++ b/lib/isc/include/isc/result.h @@ -84,9 +84,10 @@ #define ISC_R_MULTIPLE 62 /*%< multiple */ #define ISC_R_WOULDBLOCK 63 /*%< would block */ #define ISC_R_COMPLETE 64 /*%< complete */ +#define ISC_R_CRYPTOFAILURE 65 /*%< cryptography library failure */ /*% Not a result code: the number of results. */ -#define ISC_R_NRESULTS 65 +#define ISC_R_NRESULTS 66 ISC_LANG_BEGINDECLS diff --git a/lib/isc/include/isc/sha1.h b/lib/isc/include/isc/sha1.h deleted file mode 100644 index fb4a4baeac..0000000000 --- a/lib/isc/include/isc/sha1.h +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -#pragma once - -/*! \file isc/sha1.h - * \brief SHA-1 in C - */ - -#include - -#include -#include -#include - -#define ISC_SHA1_DIGESTLENGTH 20U -#define ISC_SHA1_BLOCK_LENGTH 64U - -#include -#include - -typedef struct { - EVP_MD_CTX *ctx; -#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - EVP_MD_CTX _ctx; -#endif -} isc_sha1_t; - -ISC_LANG_BEGINDECLS - -void -isc_sha1_init(isc_sha1_t *ctx); - -void -isc_sha1_invalidate(isc_sha1_t *ctx); - -void -isc_sha1_update(isc_sha1_t *ctx, const unsigned char *data, unsigned int len); - -void -isc_sha1_final(isc_sha1_t *ctx, unsigned char *digest); - -bool -isc_sha1_check(bool testing); - -ISC_LANG_ENDDECLS diff --git a/lib/isc/include/isc/sha2.h b/lib/isc/include/isc/sha2.h deleted file mode 100644 index ba06c55e2a..0000000000 --- a/lib/isc/include/isc/sha2.h +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -#pragma once - -#include - -#include -#include -#include - -/*** SHA-224/256/384/512 Various Length Definitions ***********************/ - -#define ISC_SHA224_BLOCK_LENGTH 64U -#define ISC_SHA224_DIGESTLENGTH 28U -#define ISC_SHA224_DIGESTSTRINGLENGTH (ISC_SHA224_DIGESTLENGTH * 2 + 1) -#define ISC_SHA256_BLOCK_LENGTH 64U -#define ISC_SHA256_DIGESTLENGTH 32U -#define ISC_SHA256_DIGESTSTRINGLENGTH (ISC_SHA256_DIGESTLENGTH * 2 + 1) -#define ISC_SHA384_BLOCK_LENGTH 128 -#define ISC_SHA384_DIGESTLENGTH 48U -#define ISC_SHA384_DIGESTSTRINGLENGTH (ISC_SHA384_DIGESTLENGTH * 2 + 1) -#define ISC_SHA512_BLOCK_LENGTH 128U -#define ISC_SHA512_DIGESTLENGTH 64U -#define ISC_SHA512_DIGESTSTRINGLENGTH (ISC_SHA512_DIGESTLENGTH * 2 + 1) - -/*** SHA-256/384/512 Context Structures *******************************/ - -#include -#include - -typedef struct { - EVP_MD_CTX *ctx; -#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - EVP_MD_CTX _ctx; -#endif -} isc_sha2_t; - -typedef isc_sha2_t isc_sha256_t; -typedef isc_sha2_t isc_sha512_t; - -typedef isc_sha256_t isc_sha224_t; -typedef isc_sha512_t isc_sha384_t; - -ISC_LANG_BEGINDECLS - -/*** SHA-224/256/384/512 Function Prototypes ******************************/ - -void isc_sha224_init (isc_sha224_t *); -void isc_sha224_invalidate (isc_sha224_t *); -void isc_sha224_update (isc_sha224_t *, const uint8_t *, size_t); -void isc_sha224_final (uint8_t[ISC_SHA224_DIGESTLENGTH], isc_sha224_t *); -char *isc_sha224_end (isc_sha224_t *, char[ISC_SHA224_DIGESTSTRINGLENGTH]); -char *isc_sha224_data (const uint8_t *, size_t, char[ISC_SHA224_DIGESTSTRINGLENGTH]); - -void isc_sha256_init (isc_sha256_t *); -void isc_sha256_invalidate (isc_sha256_t *); -void isc_sha256_update (isc_sha256_t *, const uint8_t *, size_t); -void isc_sha256_final (uint8_t[ISC_SHA256_DIGESTLENGTH], isc_sha256_t *); -char *isc_sha256_end (isc_sha256_t *, char[ISC_SHA256_DIGESTSTRINGLENGTH]); -char *isc_sha256_data (const uint8_t *, size_t, char[ISC_SHA256_DIGESTSTRINGLENGTH]); - -void isc_sha384_init (isc_sha384_t *); -void isc_sha384_invalidate (isc_sha384_t *); -void isc_sha384_update (isc_sha384_t *, const uint8_t *, size_t); -void isc_sha384_final (uint8_t[ISC_SHA384_DIGESTLENGTH], isc_sha384_t *); -char *isc_sha384_end (isc_sha384_t *, char[ISC_SHA384_DIGESTSTRINGLENGTH]); -char *isc_sha384_data (const uint8_t *, size_t, char[ISC_SHA384_DIGESTSTRINGLENGTH]); - -void isc_sha512_init (isc_sha512_t *); -void isc_sha512_invalidate (isc_sha512_t *); -void isc_sha512_update (isc_sha512_t *, const uint8_t *, size_t); -void isc_sha512_final (uint8_t[ISC_SHA512_DIGESTLENGTH], isc_sha512_t *); -char *isc_sha512_end (isc_sha512_t *, char[ISC_SHA512_DIGESTSTRINGLENGTH]); -char *isc_sha512_data (const uint8_t *, size_t, char[ISC_SHA512_DIGESTSTRINGLENGTH]); - -ISC_LANG_ENDDECLS diff --git a/lib/isc/iterated_hash.c b/lib/isc/iterated_hash.c index 45a8a76f20..b32d667104 100644 --- a/lib/isc/iterated_hash.c +++ b/lib/isc/iterated_hash.c @@ -14,29 +14,65 @@ #include -#include +#include #include +#include int -isc_iterated_hash(unsigned char out[ISC_SHA1_DIGESTLENGTH], - unsigned int hashalg, int iterations, - const unsigned char *salt, int saltlength, - const unsigned char *in, int inlength) +isc_iterated_hash(unsigned char *out, + const unsigned int hashalg, const int iterations, + const unsigned char *salt, const int saltlength, + const unsigned char *in, const int inlength) { - isc_sha1_t ctx; + isc_md_t *md; + isc_result_t result; int n = 0; + unsigned int outlength = 0; + size_t len; + const unsigned char *buf; - if (hashalg != 1) + REQUIRE(out != NULL); + + if (hashalg != 1) { return (0); + } + if ((md = isc_md_new()) == NULL) { + return (0); + } + + len = inlength; + buf = in; do { - isc_sha1_init(&ctx); - isc_sha1_update(&ctx, in, inlength); - isc_sha1_update(&ctx, salt, saltlength); - isc_sha1_final(&ctx, out); - in = out; - inlength = ISC_SHA1_DIGESTLENGTH; + result = isc_md_init(md, ISC_MD_SHA1); + if (result != ISC_R_SUCCESS) { + goto md_fail; + } + result = isc_md_update(md, buf, len); + if (result != ISC_R_SUCCESS) { + goto md_fail; + } + result = isc_md_update(md, salt, saltlength); + if (result != ISC_R_SUCCESS) { + goto md_fail; + } + result = isc_md_final(md, out, &outlength); + if (result != ISC_R_SUCCESS) { + goto md_fail; + } + result = isc_md_reset(md); + if (result != ISC_R_SUCCESS) { + goto md_fail; + } + buf = out; + len = outlength; } while (n++ < iterations); - return (ISC_SHA1_DIGESTLENGTH); + isc_md_free(md); + + return (outlength); +md_fail: + isc_md_free(md); + return (0); } +#undef RETERR diff --git a/lib/isc/lib.c b/lib/isc/lib.c index ae5a24ba13..0dcc27701d 100644 --- a/lib/isc/lib.c +++ b/lib/isc/lib.c @@ -17,6 +17,8 @@ #include #include +#include + #include #include #include diff --git a/lib/isc/md.c b/lib/isc/md.c new file mode 100644 index 0000000000..ba310d3cf5 --- /dev/null +++ b/lib/isc/md.c @@ -0,0 +1,160 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +#include + +#include + +#include +#include + +#include +#include +#include + +#include "openssl_shim.h" + +isc_md_t * +isc_md_new(void) { + isc_md_t *md = EVP_MD_CTX_new(); + RUNTIME_CHECK(md != NULL); + return (md); +} + +void +isc_md_free(isc_md_t *md) { + if (ISC_UNLIKELY(md == NULL)) { + return; + } + + EVP_MD_CTX_free(md); +} + +isc_result_t +isc_md_init(isc_md_t *md, const isc_md_type_t md_type) { + REQUIRE(md != NULL); + + if (md_type == NULL) { + return (ISC_R_NOTIMPLEMENTED); + } + + if (EVP_DigestInit_ex(md, md_type, NULL) != 1) { + return (ISC_R_CRYPTOFAILURE); + } + + return (ISC_R_SUCCESS); +} + +isc_result_t +isc_md_reset(isc_md_t *md) { + REQUIRE(md != NULL); + + if (EVP_MD_CTX_reset(md) != 1) { + return (ISC_R_CRYPTOFAILURE); + } + + return (ISC_R_SUCCESS); +} + +isc_result_t +isc_md_update(isc_md_t *md, const unsigned char *buf, const size_t len) { + REQUIRE(md != NULL); + + if (ISC_UNLIKELY(buf == NULL || len == 0)) { + return (ISC_R_SUCCESS); + } + + if (EVP_DigestUpdate(md, buf, len) != 1) { + return (ISC_R_CRYPTOFAILURE); + } + + return (ISC_R_SUCCESS); +} + +isc_result_t +isc_md_final(isc_md_t *md, unsigned char *digest, unsigned int *digestlen) { + REQUIRE(md != NULL); + REQUIRE(digest != NULL); + + if (EVP_DigestFinal_ex(md, digest, digestlen) != 1) { + return (ISC_R_CRYPTOFAILURE); + } + + return (ISC_R_SUCCESS); +} + +isc_md_type_t +isc_md_get_md_type(isc_md_t *md) { + REQUIRE(md != NULL); + + return (EVP_MD_CTX_md(md)); +} + +size_t +isc_md_get_size(isc_md_t *md) { + REQUIRE(md != NULL); + + return (EVP_MD_CTX_size(md)); +} + +size_t +isc_md_get_block_size(isc_md_t *md) { + REQUIRE(md != NULL); + + return (EVP_MD_CTX_block_size(md)); +} + +size_t +isc_md_type_get_size(isc_md_type_t md_type) { + if (md_type != NULL) { + return ((size_t)EVP_MD_size(md_type)); + } + + return (ISC_MAX_MD_SIZE); +} + +size_t +isc_md_type_get_block_size(isc_md_type_t md_type) { + if (md_type != NULL) { + return ((size_t)EVP_MD_block_size(md_type)); + } + + return (ISC_MAX_MD_SIZE); +} + +isc_result_t +isc_md(isc_md_type_t md_type, const unsigned char *buf, const size_t len, + unsigned char *digest, unsigned int *digestlen) +{ + isc_md_t *md; + isc_result_t res; + + md = isc_md_new(); + + res = isc_md_init(md, md_type); + if (res != ISC_R_SUCCESS) { + goto end; + } + + res = isc_md_update(md, buf, len); + if (res != ISC_R_SUCCESS) { + goto end; + } + + res = isc_md_final(md, digest, digestlen); + if (res != ISC_R_SUCCESS) { + goto end; + } + end: + isc_md_free(md); + + return (res); +} diff --git a/lib/isc/md5.c b/lib/isc/md5.c deleted file mode 100644 index 98ff9b0537..0000000000 --- a/lib/isc/md5.c +++ /dev/null @@ -1,117 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - - -/*! \file - * This code implements the MD5 message-digest algorithm. - * The algorithm is due to Ron Rivest. This code was - * written by Colin Plumb in 1993, no copyright is claimed. - * This code is in the public domain; do with it what you wish. - * - * Equivalent code is available from RSA Data Security, Inc. - * This code has been tested against that, and is equivalent, - * except that you don't need to include two pages of legalese - * with every copy. - * - * To compute the message digest of a chunk of bytes, declare an - * MD5Context structure, pass it to MD5Init, call MD5Update as - * needed on buffers full of bytes, and then call MD5Final, which - * will fill a supplied 16-byte array with the digest. - */ - -#include - -#include - -#include -#include -#include -#include -#include -#include - -#include - -#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) -#define EVP_MD_CTX_new() &(ctx->_ctx) -#define EVP_MD_CTX_free(ptr) EVP_MD_CTX_cleanup(ptr) -#endif - -void -isc_md5_init(isc_md5_t *ctx) { - ctx->ctx = EVP_MD_CTX_new(); - RUNTIME_CHECK(ctx->ctx != NULL); - if (EVP_DigestInit(ctx->ctx, EVP_md5()) != 1) { - FATAL_ERROR(__FILE__, __LINE__, "Cannot initialize MD5."); - } -} - -void -isc_md5_invalidate(isc_md5_t *ctx) { - EVP_MD_CTX_free(ctx->ctx); - ctx->ctx = NULL; -} - -void -isc_md5_update(isc_md5_t *ctx, const unsigned char *buf, unsigned int len) { - if (len == 0U) - return; - RUNTIME_CHECK(EVP_DigestUpdate(ctx->ctx, - (const void *) buf, - (size_t) len) == 1); -} - -void -isc_md5_final(isc_md5_t *ctx, unsigned char *digest) { - RUNTIME_CHECK(EVP_DigestFinal(ctx->ctx, digest, NULL) == 1); - EVP_MD_CTX_free(ctx->ctx); - ctx->ctx = NULL; -} - -/* - * Check for MD5 support; if it does not work, raise a fatal error. - * - * Use "a" as the test vector. - * - * Standard use is testing false and result true. - * Testing use is testing true and result false; - */ -bool -isc_md5_check(bool testing) { - isc_md5_t ctx; - unsigned char input = 'a'; - unsigned char digest[ISC_MD5_DIGESTLENGTH]; - unsigned char expected[] = { - 0x0c, 0xc1, 0x75, 0xb9, 0xc0, 0xf1, 0xb6, 0xa8, - 0x31, 0xc3, 0x99, 0xe2, 0x69, 0x77, 0x26, 0x61 - }; - - INSIST(sizeof(expected) == ISC_MD5_DIGESTLENGTH); - - /* - * Introduce a fault for testing. - */ - if (testing) { - input ^= 0x01; - } - - /* - * These functions do not return anything; any failure will be fatal. - */ - isc_md5_init(&ctx); - isc_md5_update(&ctx, &input, 1U); - isc_md5_final(&ctx, digest); - - /* - * Must return true in standard case, should return false for testing. - */ - return (memcmp(digest, expected, ISC_MD5_DIGESTLENGTH) == 0); -} diff --git a/lib/isc/sha1.c b/lib/isc/sha1.c deleted file mode 100644 index e5fdf6346d..0000000000 --- a/lib/isc/sha1.c +++ /dev/null @@ -1,112 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -/*! \file */ - -#include - -#include - -#include -#include -#include -#include -#include -#include -#include - -#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) -#define EVP_MD_CTX_new() &(context->_ctx) -#define EVP_MD_CTX_free(ptr) EVP_MD_CTX_cleanup(ptr) -#endif - -void -isc_sha1_init(isc_sha1_t *context) -{ - INSIST(context != NULL); - - context->ctx = EVP_MD_CTX_new(); - RUNTIME_CHECK(context->ctx != NULL); - if (EVP_DigestInit(context->ctx, EVP_sha1()) != 1) { - FATAL_ERROR(__FILE__, __LINE__, "Cannot initialize SHA1."); - } -} - -void -isc_sha1_invalidate(isc_sha1_t *context) { - EVP_MD_CTX_free(context->ctx); - context->ctx = NULL; -} - -void -isc_sha1_update(isc_sha1_t *context, const unsigned char *data, - unsigned int len) -{ - INSIST(context != 0); - INSIST(context->ctx != 0); - INSIST(data != 0); - - RUNTIME_CHECK(EVP_DigestUpdate(context->ctx, - (const void *) data, - (size_t) len) == 1); -} - -void -isc_sha1_final(isc_sha1_t *context, unsigned char *digest) { - INSIST(digest != 0); - INSIST(context != 0); - INSIST(context->ctx != 0); - - RUNTIME_CHECK(EVP_DigestFinal(context->ctx, digest, NULL) == 1); - EVP_MD_CTX_free(context->ctx); - context->ctx = NULL; -} - -/* - * Check for SHA-1 support; if it does not work, raise a fatal error. - * - * Use "a" as the test vector. - * - * Standard use is testing false and result true. - * Testing use is testing true and result false; - */ -bool -isc_sha1_check(bool testing) { - isc_sha1_t ctx; - unsigned char input = 'a'; - unsigned char digest[ISC_SHA1_DIGESTLENGTH]; - unsigned char expected[] = { - 0x86, 0xf7, 0xe4, 0x37, 0xfa, 0xa5, 0xa7, 0xfc, - 0xe1, 0x5d, 0x1d, 0xdc, 0xb9, 0xea, 0xea, 0xea, - 0x37, 0x76, 0x67, 0xb8 - }; - - INSIST(sizeof(expected) == ISC_SHA1_DIGESTLENGTH); - - /* - * Introduce a fault for testing. - */ - if (testing) { - input ^= 0x01; - } - - /* - * These functions do not return anything; any failure will be fatal. - */ - isc_sha1_init(&ctx); - isc_sha1_update(&ctx, &input, 1U); - isc_sha1_final(&ctx, digest); - - /* - * Must return true in standard case, should return false for testing. - */ - return (memcmp(digest, expected, ISC_SHA1_DIGESTLENGTH) == 0); -} diff --git a/lib/isc/sha2.c b/lib/isc/sha2.c deleted file mode 100644 index 2a62ac2cd5..0000000000 --- a/lib/isc/sha2.c +++ /dev/null @@ -1,363 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -#include - -#include - -#include -#include -#include -#include -#include -#include - -#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) -#define EVP_MD_CTX_new() &(context->_ctx) -#define EVP_MD_CTX_free(ptr) EVP_MD_CTX_cleanup(ptr) -#define EVP_MD_CTX_reset(c) EVP_MD_CTX_cleanup(c) -#endif - -void -isc_sha224_init(isc_sha224_t *context) { - if (context == (isc_sha224_t *)0) { - return; - } - context->ctx = EVP_MD_CTX_new(); - RUNTIME_CHECK(context->ctx != NULL); - if (EVP_DigestInit(context->ctx, EVP_sha224()) != 1) { - FATAL_ERROR(__FILE__, __LINE__, "Cannot initialize SHA224."); - } -} - -void -isc_sha224_invalidate(isc_sha224_t *context) { - EVP_MD_CTX_free(context->ctx); - context->ctx = NULL; -} - -void -isc_sha224_update(isc_sha224_t *context, const uint8_t* data, size_t len) { - if (len == 0U) { - /* Calling with no data is valid - we do nothing */ - return; - } - - /* Sanity check: */ - REQUIRE(context != (isc_sha224_t *)0); - REQUIRE(context->ctx != (EVP_MD_CTX *)0); - REQUIRE(data != (uint8_t*)0); - - RUNTIME_CHECK(EVP_DigestUpdate(context->ctx, - (const void *) data, len) == 1); -} - -void -isc_sha224_final(uint8_t digest[], isc_sha224_t *context) { - /* Sanity check: */ - REQUIRE(context != (isc_sha224_t *)0); - REQUIRE(context->ctx != (EVP_MD_CTX *)0); - - /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != (uint8_t*)0) - RUNTIME_CHECK(EVP_DigestFinal(context->ctx, - digest, NULL) == 1); - EVP_MD_CTX_free(context->ctx); - context->ctx = NULL; -} - -void -isc_sha256_init(isc_sha256_t *context) { - if (context == (isc_sha256_t *)0) { - return; - } - context->ctx = EVP_MD_CTX_new(); - RUNTIME_CHECK(context->ctx != NULL); - if (EVP_DigestInit(context->ctx, EVP_sha256()) != 1) { - FATAL_ERROR(__FILE__, __LINE__, "Cannot initialize SHA256."); - } -} - -void -isc_sha256_invalidate(isc_sha256_t *context) { - EVP_MD_CTX_free(context->ctx); - context->ctx = NULL; -} - -void -isc_sha256_update(isc_sha256_t *context, const uint8_t *data, size_t len) { - if (len == 0U) { - /* Calling with no data is valid - we do nothing */ - return; - } - - /* Sanity check: */ - REQUIRE(context != (isc_sha256_t *)0); - REQUIRE(context->ctx != (EVP_MD_CTX *)0); - REQUIRE(data != (uint8_t*)0); - - RUNTIME_CHECK(EVP_DigestUpdate(context->ctx, - (const void *) data, len) == 1); -} - -void -isc_sha256_final(uint8_t digest[], isc_sha256_t *context) { - /* Sanity check: */ - REQUIRE(context != (isc_sha256_t *)0); - REQUIRE(context->ctx != (EVP_MD_CTX *)0); - - /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != (uint8_t*)0) - RUNTIME_CHECK(EVP_DigestFinal(context->ctx, - digest, NULL) == 1); - EVP_MD_CTX_free(context->ctx); - context->ctx = NULL; -} - -void -isc_sha512_init(isc_sha512_t *context) { - if (context == (isc_sha512_t *)0) { - return; - } - context->ctx = EVP_MD_CTX_new(); - RUNTIME_CHECK(context->ctx != NULL); - if (EVP_DigestInit(context->ctx, EVP_sha512()) != 1) { - FATAL_ERROR(__FILE__, __LINE__, "Cannot initialize SHA512."); - } -} - -void -isc_sha512_invalidate(isc_sha512_t *context) { - EVP_MD_CTX_free(context->ctx); - context->ctx = NULL; -} - -void isc_sha512_update(isc_sha512_t *context, const uint8_t *data, size_t len) { - if (len == 0U) { - /* Calling with no data is valid - we do nothing */ - return; - } - - /* Sanity check: */ - REQUIRE(context != (isc_sha512_t *)0); - REQUIRE(context->ctx != (EVP_MD_CTX *)0); - REQUIRE(data != (uint8_t*)0); - - RUNTIME_CHECK(EVP_DigestUpdate(context->ctx, - (const void *) data, len) == 1); -} - -void isc_sha512_final(uint8_t digest[], isc_sha512_t *context) { - /* Sanity check: */ - REQUIRE(context != (isc_sha512_t *)0); - REQUIRE(context->ctx != (EVP_MD_CTX *)0); - - /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != (uint8_t*)0) - RUNTIME_CHECK(EVP_DigestFinal(context->ctx, - digest, NULL) == 1); - EVP_MD_CTX_free(context->ctx); - context->ctx = NULL; -} - -void -isc_sha384_init(isc_sha384_t *context) { - if (context == (isc_sha384_t *)0) { - return; - } - context->ctx = EVP_MD_CTX_new(); - RUNTIME_CHECK(context->ctx != NULL); - if (EVP_DigestInit(context->ctx, EVP_sha384()) != 1) { - FATAL_ERROR(__FILE__, __LINE__, "Cannot initialize SHA384."); - } -} - -void -isc_sha384_invalidate(isc_sha384_t *context) { - EVP_MD_CTX_free(context->ctx); - context->ctx = NULL; -} - -void -isc_sha384_update(isc_sha384_t *context, const uint8_t* data, size_t len) { - if (len == 0U) { - /* Calling with no data is valid - we do nothing */ - return; - } - - /* Sanity check: */ - REQUIRE(context != (isc_sha512_t *)0); - REQUIRE(context->ctx != (EVP_MD_CTX *)0); - REQUIRE(data != (uint8_t*)0); - - RUNTIME_CHECK(EVP_DigestUpdate(context->ctx, - (const void *) data, len) == 1); -} - -void -isc_sha384_final(uint8_t digest[], isc_sha384_t *context) { - /* Sanity check: */ - REQUIRE(context != (isc_sha384_t *)0); - REQUIRE(context->ctx != (EVP_MD_CTX *)0); - - /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != (uint8_t*)0) - RUNTIME_CHECK(EVP_DigestFinal(context->ctx, - digest, NULL) == 1); - EVP_MD_CTX_free(context->ctx); - context->ctx = NULL; -} - -/* - * Constant used by SHA256/384/512_End() functions for converting the - * digest to a readable hexadecimal character string: - */ -static const char *sha2_hex_digits = "0123456789abcdef"; - -char * -isc_sha224_end(isc_sha224_t *context, char buffer[]) { - uint8_t digest[ISC_SHA224_DIGESTLENGTH], *d = digest; - unsigned int i; - - /* Sanity check: */ - REQUIRE(context != (isc_sha224_t *)0); - - if (buffer != (char*)0) { - isc_sha224_final(digest, context); - - for (i = 0; i < ISC_SHA224_DIGESTLENGTH; i++) { - *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4]; - *buffer++ = sha2_hex_digits[*d & 0x0f]; - d++; - } - *buffer = (char)0; - } else { - EVP_MD_CTX_reset(context->ctx); - } - isc_safe_memwipe(digest, sizeof(digest)); - return buffer; -} - -char * -isc_sha224_data(const uint8_t *data, size_t len, - char digest[ISC_SHA224_DIGESTSTRINGLENGTH]) -{ - isc_sha224_t context; - - isc_sha224_init(&context); - isc_sha224_update(&context, data, len); - return (isc_sha224_end(&context, digest)); -} - -char * -isc_sha256_end(isc_sha256_t *context, char buffer[]) { - uint8_t digest[ISC_SHA256_DIGESTLENGTH], *d = digest; - unsigned int i; - - /* Sanity check: */ - REQUIRE(context != (isc_sha256_t *)0); - - if (buffer != (char*)0) { - isc_sha256_final(digest, context); - - for (i = 0; i < ISC_SHA256_DIGESTLENGTH; i++) { - *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4]; - *buffer++ = sha2_hex_digits[*d & 0x0f]; - d++; - } - *buffer = (char)0; - } else { - EVP_MD_CTX_reset(context->ctx); - } - isc_safe_memwipe(digest, sizeof(digest)); - return buffer; -} - -char * -isc_sha256_data(const uint8_t* data, size_t len, - char digest[ISC_SHA256_DIGESTSTRINGLENGTH]) -{ - isc_sha256_t context; - - isc_sha256_init(&context); - isc_sha256_update(&context, data, len); - return (isc_sha256_end(&context, digest)); -} - -char * -isc_sha512_end(isc_sha512_t *context, char buffer[]) { - uint8_t digest[ISC_SHA512_DIGESTLENGTH], *d = digest; - unsigned int i; - - /* Sanity check: */ - REQUIRE(context != (isc_sha512_t *)0); - - if (buffer != (char*)0) { - isc_sha512_final(digest, context); - - for (i = 0; i < ISC_SHA512_DIGESTLENGTH; i++) { - *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4]; - *buffer++ = sha2_hex_digits[*d & 0x0f]; - d++; - } - *buffer = (char)0; - } else { - EVP_MD_CTX_reset(context->ctx); - } - isc_safe_memwipe(digest, sizeof(digest)); - return buffer; -} - -char * -isc_sha512_data(const uint8_t *data, size_t len, - char digest[ISC_SHA512_DIGESTSTRINGLENGTH]) -{ - isc_sha512_t context; - - isc_sha512_init(&context); - isc_sha512_update(&context, data, len); - return (isc_sha512_end(&context, digest)); -} - -char * -isc_sha384_end(isc_sha384_t *context, char buffer[]) { - uint8_t digest[ISC_SHA384_DIGESTLENGTH], *d = digest; - unsigned int i; - - /* Sanity check: */ - REQUIRE(context != (isc_sha384_t *)0); - - if (buffer != (char*)0) { - isc_sha384_final(digest, context); - - for (i = 0; i < ISC_SHA384_DIGESTLENGTH; i++) { - *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4]; - *buffer++ = sha2_hex_digits[*d & 0x0f]; - d++; - } - *buffer = (char)0; - } else { - EVP_MD_CTX_reset(context->ctx); - } - isc_safe_memwipe(digest, sizeof(digest)); - return buffer; -} - -char * -isc_sha384_data(const uint8_t *data, size_t len, - char digest[ISC_SHA384_DIGESTSTRINGLENGTH]) -{ - isc_sha384_t context; - - isc_sha384_init(&context); - isc_sha384_update(&context, data, len); - return (isc_sha384_end(&context, digest)); -} diff --git a/lib/isc/tests/Kyuafile b/lib/isc/tests/Kyuafile index 401cbe5d1d..ed92a77532 100644 --- a/lib/isc/tests/Kyuafile +++ b/lib/isc/tests/Kyuafile @@ -10,6 +10,7 @@ atf_test_program{name='hash_test'} atf_test_program{name='heap_test'} atf_test_program{name='ht_test'} atf_test_program{name='lex_test'} +tap_test_program{name='md_test'} atf_test_program{name='mem_test'} atf_test_program{name='netaddr_test'} atf_test_program{name='parse_test'} diff --git a/lib/isc/tests/Makefile.in b/lib/isc/tests/Makefile.in index 4f585af9b3..1a84de0df9 100644 --- a/lib/isc/tests/Makefile.in +++ b/lib/isc/tests/Makefile.in @@ -31,10 +31,11 @@ CMOCKA_CFLAGS = @CMOCKA_CFLAGS@ CMOCKA_LIBS = @CMOCKA_LIBS@ OBJS = isctest.@O@ + SRCS = isctest.c aes_test.c buffer_test.c \ counter_test.c errno_test.c file_test.c hash_test.c \ heap_test.c ht_test.c lex_test.c \ - mem_test.c netaddr_test.c parse_test.c pool_test.c \ + mem_test.c md_test.c netaddr_test.c parse_test.c pool_test.c \ queue_test.c radix_test.c random_test.c \ regex_test.c result_test.c safe_test.c sockaddr_test.c \ socket_test.c socket_test.c symtab_test.c task_test.c \ @@ -44,7 +45,7 @@ SUBDIRS = TARGETS = aes_test@EXEEXT@ buffer_test@EXEEXT@ \ counter_test@EXEEXT@ errno_test@EXEEXT@ file_test@EXEEXT@ \ hash_test@EXEEXT@ heap_test@EXEEXT@ ht_test@EXEEXT@ \ - lex_test@EXEEXT@ mem_test@EXEEXT@ \ + lex_test@EXEEXT@ mem_test@EXEEXT@ md_test@EXEEXT@ \ netaddr_test@EXEEXT@ parse_test@EXEEXT@ pool_test@EXEEXT@ \ queue_test@EXEEXT@ radix_test@EXEEXT@ \ random_test@EXEEXT@ regex_test@EXEEXT@ result_test@EXEEXT@ \ @@ -90,6 +91,10 @@ lex_test@EXEEXT@: lex_test.@O@ ${ISCDEPLIBS} ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \ lex_test.@O@ ${ISCLIBS} ${LIBS} +md_test@EXEEXT@: md_test.@O@ ${ISCDEPLIBS} + ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${CMOCKA_CFLAGS} ${LDFLAGS} -o $@ \ + md_test.@O@ ${ISCLIBS} ${LIBS} ${CMOCKA_LIBS} + mem_test@EXEEXT@: mem_test.@O@ isctest.@O@ ${ISCDEPLIBS} ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \ mem_test.@O@ isctest.@O@ ${ISCLIBS} ${LIBS} diff --git a/lib/isc/tests/hash_test.c b/lib/isc/tests/hash_test.c index 75e4f382dc..3745dfbbbe 100644 --- a/lib/isc/tests/hash_test.c +++ b/lib/isc/tests/hash_test.c @@ -19,13 +19,15 @@ #include #include +#include #include +#include +#include #include #include #include -#include -#include +#include #include #include #include @@ -36,39 +38,26 @@ * Test data from RFC6234 */ -unsigned char digest[ISC_SHA512_DIGESTLENGTH]; +unsigned char digest[ISC_MAX_MD_SIZE]; unsigned char buffer[1024]; const char *s; -char str[2 * ISC_SHA512_DIGESTLENGTH + 3]; +char str[2 * ISC_MAX_MD_SIZE + 3]; unsigned char key[20]; -/* - * Precondition: a hexadecimal number in *d, the length of that number in len, - * and a pointer to a character array to put the output (*out). - * Postcondition: A String representation of the given hexadecimal number is - * placed into the array *out - * - * 'out' MUST point to an array of at least len * 2 + 1 - * - * Return values: ISC_R_SUCCESS if the operation is sucessful - */ -static isc_result_t -tohexstr(unsigned char *d, unsigned int len, char *out, size_t out_size) { - char c_ret[] = "AA"; - unsigned int i; - - out[0] = '\0'; - strlcat(out, "0x", out_size); - for (i = 0; i < len; i++) { - snprintf(c_ret, sizeof(c_ret), "%02X", d[i]); - strlcat(out, c_ret, out_size); - } - return (ISC_R_SUCCESS); -} - - #define TEST_INPUT(x) (x), sizeof(x)-1 +static isc_result_t +tohexstr(unsigned char *in, size_t inlen, + char *out, const size_t outlen) +{ + isc_buffer_t b; + isc_region_t r = { .base = in, + .length = inlen }; + + isc_buffer_init(&b, out, outlen); + return (isc_hex_totext(&r, 0, "", &b)); +} + typedef struct hash_testcase { const char *input; size_t input_len; @@ -81,768 +70,6 @@ typedef struct hash_test_key { const int len; } hash_test_key_t; -/* non-hmac tests */ - -ATF_TC(isc_sha1); -ATF_TC_HEAD(isc_sha1, tc) { - atf_tc_set_md_var(tc, "descr", "sha1 examples from RFC4634"); -} -ATF_TC_BODY(isc_sha1, tc) { - isc_sha1_t sha1; - int i; - - UNUSED(tc); - - /* - * These are the various test vectors. All of these are passed - * through the hash function and the results are compared to the - * result specified here. - */ - hash_testcase_t testcases[] = { - /* Test 1 */ - { - TEST_INPUT("abc"), - "0xA9993E364706816ABA3E25717850C26C9CD0D89D", - 1 - }, - /* Test 2 */ - { - TEST_INPUT("abcdbcdecdefdefgefghfghighijhijkijk" - "ljklmklmnlmnomnopnopq"), - "0x84983E441C3BD26EBAAE4AA1F95129E5E54670F1", - 1 - }, - /* Test 3 */ - { - TEST_INPUT("a") /* times 1000000 */, - "0x34AA973CD4C4DAA4F61EEB2BDBAD27316534016F", - 1000000 - }, - /* Test 4 -- exact multiple of 512 bits */ - { - TEST_INPUT("01234567012345670123456701234567"), - "0xDEA356A2CDDD90C7A7ECEDC5EBB563934F460452", - 20 /* 20 times */ - }, -#if 0 - /* Test 5 -- optional feature, not implemented */ - { - TEST_INPUT(""), - /* "extrabits": 0x98 , "numberextrabits": 5 */ - "0x29826B003B906E660EFF4027CE98AF3531AC75BA", - 1 - }, -#endif - /* Test 6 */ - { - TEST_INPUT("\x5e"), - "0x5E6F80A34A9798CAFC6A5DB96CC57BA4C4DB59C2", - 1 - }, -#if 0 - /* Test 7 -- optional feature, not implemented */ - { - TEST_INPUT("\x49\xb2\xae\xc2\x59\x4b\xbe\x3a" - "\x3b\x11\x75\x42\xd9\x4a\xc8"), - /* "extrabits": 0x80, "numberextrabits": 3 */ - "0x6239781E03729919C01955B3FFA8ACB60B988340", 1 }, -#endif - /* Test 8 */ - { - TEST_INPUT("\x9a\x7d\xfd\xf1\xec\xea\xd0\x6e\xd6\x46" - "\xaa\x55\xfe\x75\x71\x46"), - "0x82ABFF6605DBE1C17DEF12A394FA22A82B544A35", - 1 - }, -#if 0 - /* Test 9 -- optional feature, not implemented */ - { - TEST_INPUT("\x65\xf9\x32\x99\x5b\xa4\xce\x2c\xb1\xb4" - "\xa2\xe7\x1a\xe7\x02\x20\xaa\xce\xc8\x96" - "\x2d\xd4\x49\x9c\xbd\x7c\x88\x7a\x94\xea" - "\xaa\x10\x1e\xa5\xaa\xbc\x52\x9b\x4e\x7e" - "\x43\x66\x5a\x5a\xf2\xcd\x03\xfe\x67\x8e" - "\xa6\xa5\x00\x5b\xba\x3b\x08\x22\x04\xc2" - "\x8b\x91\x09\xf4\x69\xda\xc9\x2a\xaa\xb3" - "\xaa\x7c\x11\xa1\xb3\x2a"), - /* "extrabits": 0xE0 , "numberextrabits": 3 */ - "0x8C5B2A5DDAE5A97FC7F9D85661C672ADBF7933D4", - 1 - }, -#endif - /* Test 10 */ - { - TEST_INPUT("\xf7\x8f\x92\x14\x1b\xcd\x17\x0a\xe8\x9b" - "\x4f\xba\x15\xa1\xd5\x9f\x3f\xd8\x4d\x22" - "\x3c\x92\x51\xbd\xac\xbb\xae\x61\xd0\x5e" - "\xd1\x15\xa0\x6a\x7c\xe1\x17\xb7\xbe\xea" - "\xd2\x44\x21\xde\xd9\xc3\x25\x92\xbd\x57" - "\xed\xea\xe3\x9c\x39\xfa\x1f\xe8\x94\x6a" - "\x84\xd0\xcf\x1f\x7b\xee\xad\x17\x13\xe2" - "\xe0\x95\x98\x97\x34\x7f\x67\xc8\x0b\x04" - "\x00\xc2\x09\x81\x5d\x6b\x10\xa6\x83\x83" - "\x6f\xd5\x56\x2a\x56\xca\xb1\xa2\x8e\x81" - "\xb6\x57\x66\x54\x63\x1c\xf1\x65\x66\xb8" - "\x6e\x3b\x33\xa1\x08\xb0\x53\x07\xc0\x0a" - "\xff\x14\xa7\x68\xed\x73\x50\x60\x6a\x0f" - "\x85\xe6\xa9\x1d\x39\x6f\x5b\x5c\xbe\x57" - "\x7f\x9b\x38\x80\x7c\x7d\x52\x3d\x6d\x79" - "\x2f\x6e\xbc\x24\xa4\xec\xf2\xb3\xa4\x27" - "\xcd\xbb\xfb"), - "0xCB0082C8F197D260991BA6A460E76E202BAD27B3", - 1 - }, - { NULL, 0, NULL, 1 } - }; - - hash_testcase_t *testcase = testcases; - - while (testcase->input != NULL && testcase->result != NULL) { - isc_sha1_init(&sha1); - for(i = 0; i < testcase->repeats; i++) { - isc_sha1_update(&sha1, - (const uint8_t *) testcase->input, - testcase->input_len); - } - isc_sha1_final(&sha1, digest); - tohexstr(digest, ISC_SHA1_DIGESTLENGTH, str, sizeof(str)); - ATF_CHECK_STREQ(str, testcase->result); - - testcase++; - } -} - -ATF_TC(isc_sha224); -ATF_TC_HEAD(isc_sha224, tc) { - atf_tc_set_md_var(tc, "descr", "sha224 examples from RFC4634"); -} -ATF_TC_BODY(isc_sha224, tc) { - isc_sha224_t sha224; - int i; - - UNUSED(tc); - - /* - * These are the various test vectors. All of these are passed - * through the hash function and the results are compared to the - * result specified here. - */ - hash_testcase_t testcases[] = { - /* Test 1 */ - { - TEST_INPUT("abc"), - "0x23097D223405D8228642A477BDA255B32AADBCE4BDA0B3F7" - "E36C9DA7", - 1 - }, - /* Test 2 */ - { - TEST_INPUT("abcdbcdecdefdefgefghfghighijhijkijklj" - "klmklmnlmnomnopnopq"), - "0x75388B16512776CC5DBA5DA1FD890150B0C6455CB4F58B" - "1952522525", - 1 - }, - /* Test 3 */ - { - TEST_INPUT("a"), - "0x20794655980C91D8BBB4C1EA97618A4BF03F42581948B2" - "EE4EE7AD67", - 1000000 - }, - /* Test 4 */ - { - TEST_INPUT("01234567012345670123456701234567"), - "0x567F69F168CD7844E65259CE658FE7AADFA25216E68ECA" - "0EB7AB8262", - 20 - }, -#if 0 - /* Test 5 -- unimplemented optional functionality */ - { - TEST_INPUT(""), - "0xXXX", - 1 - }, -#endif - /* Test 6 */ - { - TEST_INPUT("\x07"), - "0x00ECD5F138422B8AD74C9799FD826C531BAD2FCABC7450" - "BEE2AA8C2A", - 1 - }, -#if 0 - /* Test 7 -- unimplemented optional functionality */ - { - TEST_INPUT(""), - "0xXXX", - 1 - }, -#endif - /* Test 8 */ - { - TEST_INPUT("\x18\x80\x40\x05\xdd\x4f\xbd\x15\x56\x29" - "\x9d\x6f\x9d\x93\xdf\x62"), - "0xDF90D78AA78821C99B40BA4C966921ACCD8FFB1E98AC38" - "8E56191DB1", - 1 - }, -#if 0 - /* Test 9 */ - { - TEST_INPUT(""), - "0xXXX", - 1 - }, -#endif - /* Test 10 */ - { - TEST_INPUT("\x55\xb2\x10\x07\x9c\x61\xb5\x3a\xdd\x52" - "\x06\x22\xd1\xac\x97\xd5\xcd\xbe\x8c\xb3" - "\x3a\xa0\xae\x34\x45\x17\xbe\xe4\xd7\xba" - "\x09\xab\xc8\x53\x3c\x52\x50\x88\x7a\x43" - "\xbe\xbb\xac\x90\x6c\x2e\x18\x37\xf2\x6b" - "\x36\xa5\x9a\xe3\xbe\x78\x14\xd5\x06\x89" - "\x6b\x71\x8b\x2a\x38\x3e\xcd\xac\x16\xb9" - "\x61\x25\x55\x3f\x41\x6f\xf3\x2c\x66\x74" - "\xc7\x45\x99\xa9\x00\x53\x86\xd9\xce\x11" - "\x12\x24\x5f\x48\xee\x47\x0d\x39\x6c\x1e" - "\xd6\x3b\x92\x67\x0c\xa5\x6e\xc8\x4d\xee" - "\xa8\x14\xb6\x13\x5e\xca\x54\x39\x2b\xde" - "\xdb\x94\x89\xbc\x9b\x87\x5a\x8b\xaf\x0d" - "\xc1\xae\x78\x57\x36\x91\x4a\xb7\xda\xa2" - "\x64\xbc\x07\x9d\x26\x9f\x2c\x0d\x7e\xdd" - "\xd8\x10\xa4\x26\x14\x5a\x07\x76\xf6\x7c" - "\x87\x82\x73"), - "0x0B31894EC8937AD9B91BDFBCBA294D9ADEFAA18E09305E" - "9F20D5C3A4", - 1 - }, - { NULL, 0, NULL, 1 } - }; - - hash_testcase_t *testcase = testcases; - - while (testcase->input != NULL && testcase->result != NULL) { - isc_sha224_init(&sha224); - for(i = 0; i < testcase->repeats; i++) { - isc_sha224_update(&sha224, - (const uint8_t *) testcase->input, - testcase->input_len); - } - isc_sha224_final(digest, &sha224); - /* - *API inconsistency BUG HERE - * in order to be consistant with the other isc_hash_final - * functions the call should be - * isc_sha224_final(&sha224, digest); - */ - tohexstr(digest, ISC_SHA224_DIGESTLENGTH, str, sizeof(str)); - ATF_CHECK_STREQ(str, testcase->result); - - testcase++; - } -} - -ATF_TC(isc_sha256); -ATF_TC_HEAD(isc_sha256, tc) { - atf_tc_set_md_var(tc, "descr", "sha224 examples from RFC4634"); -} -ATF_TC_BODY(isc_sha256, tc) { - isc_sha256_t sha256; - int i; - - UNUSED(tc); - - /* - * These are the various test vectors. All of these are passed - * through the hash function and the results are compared to the - * result specified here. - */ - hash_testcase_t testcases[] = { - /* Test 1 */ - { - TEST_INPUT("abc"), - "0xBA7816BF8F01CFEA414140DE5DAE2223B00361A396177A" - "9CB410FF61F20015AD", - 1 - }, - /* Test 2 */ - { - TEST_INPUT("abcdbcdecdefdefgefghfghighijhijkijkljk" - "lmklmnlmnomnopnopq"), - "0x248D6A61D20638B8E5C026930C3E6039A33CE45964FF21" - "67F6ECEDD419DB06C1", - 1 - }, - /* Test 3 */ - { - TEST_INPUT("a"), - "0xCDC76E5C9914FB9281A1C7E284D73E67F1809A48A49720" - "0E046D39CCC7112CD0", - 1000000 }, - /* Test 4 */ - { - TEST_INPUT("01234567012345670123456701234567"), - "0x594847328451BDFA85056225462CC1D867D877FB388DF0" - "CE35F25AB5562BFBB5", - 20 - }, -#if 0 - /* Test 5 -- unimplemented optional functionality */ - { - TEST_INPUT(""), - "0xXXX", - 1 - }, -#endif - /* Test 6 */ - { - TEST_INPUT("\x19"), - "0x68AA2E2EE5DFF96E3355E6C7EE373E3D6A4E17F75F9518" - "D843709C0C9BC3E3D4", - 1 - }, -#if 0 - /* Test 7 -- unimplemented optional functionality */ - { - TEST_INPUT(""), - "0xXXX", - 1 - }, -#endif - /* Test 8 */ - { - TEST_INPUT("\xe3\xd7\x25\x70\xdc\xdd\x78\x7c\xe3" - "\x88\x7a\xb2\xcd\x68\x46\x52"), - "0x175EE69B02BA9B58E2B0A5FD13819CEA573F3940A94F82" - "5128CF4209BEABB4E8", - 1 - }, -#if 0 - /* Test 9 -- unimplemented optional functionality */ - { - TEST_INPUT(""), - "0xXXX", - 1 - }, -#endif - /* Test 10 */ - { - TEST_INPUT("\x83\x26\x75\x4e\x22\x77\x37\x2f\x4f\xc1" - "\x2b\x20\x52\x7a\xfe\xf0\x4d\x8a\x05\x69" - "\x71\xb1\x1a\xd5\x71\x23\xa7\xc1\x37\x76" - "\x00\x00\xd7\xbe\xf6\xf3\xc1\xf7\xa9\x08" - "\x3a\xa3\x9d\x81\x0d\xb3\x10\x77\x7d\xab" - "\x8b\x1e\x7f\x02\xb8\x4a\x26\xc7\x73\x32" - "\x5f\x8b\x23\x74\xde\x7a\x4b\x5a\x58\xcb" - "\x5c\x5c\xf3\x5b\xce\xe6\xfb\x94\x6e\x5b" - "\xd6\x94\xfa\x59\x3a\x8b\xeb\x3f\x9d\x65" - "\x92\xec\xed\xaa\x66\xca\x82\xa2\x9d\x0c" - "\x51\xbc\xf9\x33\x62\x30\xe5\xd7\x84\xe4" - "\xc0\xa4\x3f\x8d\x79\xa3\x0a\x16\x5c\xba" - "\xbe\x45\x2b\x77\x4b\x9c\x71\x09\xa9\x7d" - "\x13\x8f\x12\x92\x28\x96\x6f\x6c\x0a\xdc" - "\x10\x6a\xad\x5a\x9f\xdd\x30\x82\x57\x69" - "\xb2\xc6\x71\xaf\x67\x59\xdf\x28\xeb\x39" - "\x3d\x54\xd6"), - "0x97DBCA7DF46D62C8A422C941DD7E835B8AD3361763F7E9" - "B2D95F4F0DA6E1CCBC", - 1 - }, - { NULL, 0, NULL, 1 } - }; - - hash_testcase_t *testcase = testcases; - - while (testcase->input != NULL && testcase->result != NULL) { - isc_sha256_init(&sha256); - for(i = 0; i < testcase->repeats; i++) { - isc_sha256_update(&sha256, - (const uint8_t *) testcase->input, - testcase->input_len); - } - isc_sha256_final(digest, &sha256); - /* - *API inconsistency BUG HERE - * in order to be consistant with the other isc_hash_final - * functions the call should be - * isc_sha224_final(&sha224, digest); - */ - tohexstr(digest, ISC_SHA256_DIGESTLENGTH, str, sizeof(str)); - ATF_CHECK_STREQ(str, testcase->result); - - testcase++; - } -} - -ATF_TC(isc_sha384); -ATF_TC_HEAD(isc_sha384, tc) { - atf_tc_set_md_var(tc, "descr", "sha224 examples from RFC4634"); -} -ATF_TC_BODY(isc_sha384, tc) { - isc_sha384_t sha384; - int i; - - UNUSED(tc); - - /* - * These are the various test vectors. All of these are passed - * through the hash function and the results are compared to the - * result specified here. - */ - hash_testcase_t testcases[] = { - /* Test 1 */ - { - TEST_INPUT("abc"), - "0xCB00753F45A35E8BB5A03D699AC65007272C32AB0EDED1" - "631A8B605A43FF5BED8086072BA1E7CC2358BAEC" - "A134C825A7", - 1 - }, - /* Test 2 */ - { - TEST_INPUT("abcdefghbcdefghicdefghijdefghijkefghijkl" - "fghijklmghijklmnhijklmnoijklmnopjklmnopq" - "klmnopqrlmnopqrsmnopqrstnopqrstu"), - "0x09330C33F71147E83D192FC782CD1B4753111B173B3B05" - "D22FA08086E3B0F712FCC7C71A557E2DB966C3E9" - "FA91746039", - 1 - }, - /* Test 3 */ - { - TEST_INPUT("a"), - "0x9D0E1809716474CB086E834E310A4A1CED149E9C00F248" - "527972CEC5704C2A5B07B8B3DC38ECC4EBAE97DD" - "D87F3D8985", - 1000000 - }, - /* Test 4 */ - { - TEST_INPUT("01234567012345670123456701234567"), - "0x2FC64A4F500DDB6828F6A3430B8DD72A368EB7F3A8322A" - "70BC84275B9C0B3AB00D27A5CC3C2D224AA6B61A" - "0D79FB4596", - 20 - }, -#if 0 - /* Test 5 -- unimplemented optional functionality */ - { - TEST_INPUT(""), - "0xXXX", - 1 - }, -#endif - /* Test 6 */ - { TEST_INPUT("\xb9"), - "0xBC8089A19007C0B14195F4ECC74094FEC64F01F9092928" - "2C2FB392881578208AD466828B1C6C283D2722CF" - "0AD1AB6938", - 1 - }, -#if 0 - /* Test 7 -- unimplemented optional functionality */ - { - TEST_INPUT(""), - "0xXXX", - 1 - }, -#endif - /* Test 8 */ - { - TEST_INPUT("\xa4\x1c\x49\x77\x79\xc0\x37\x5f\xf1" - "\x0a\x7f\x4e\x08\x59\x17\x39"), - "0xC9A68443A005812256B8EC76B00516F0DBB74FAB26D665" - "913F194B6FFB0E91EA9967566B58109CBC675CC2" - "08E4C823F7", - 1 - }, -#if 0 - /* Test 9 -- unimplemented optional functionality */ - { - TEST_INPUT(""), - "0xXXX", - 1 - }, -#endif - /* Test 10 */ - { - TEST_INPUT("\x39\x96\x69\xe2\x8f\x6b\x9c\x6d\xbc\xbb" - "\x69\x12\xec\x10\xff\xcf\x74\x79\x03\x49" - "\xb7\xdc\x8f\xbe\x4a\x8e\x7b\x3b\x56\x21" - "\xdb\x0f\x3e\x7d\xc8\x7f\x82\x32\x64\xbb" - "\xe4\x0d\x18\x11\xc9\xea\x20\x61\xe1\xc8" - "\x4a\xd1\x0a\x23\xfa\xc1\x72\x7e\x72\x02" - "\xfc\x3f\x50\x42\xe6\xbf\x58\xcb\xa8\xa2" - "\x74\x6e\x1f\x64\xf9\xb9\xea\x35\x2c\x71" - "\x15\x07\x05\x3c\xf4\xe5\x33\x9d\x52\x86" - "\x5f\x25\xcc\x22\xb5\xe8\x77\x84\xa1\x2f" - "\xc9\x61\xd6\x6c\xb6\xe8\x95\x73\x19\x9a" - "\x2c\xe6\x56\x5c\xbd\xf1\x3d\xca\x40\x38" - "\x32\xcf\xcb\x0e\x8b\x72\x11\xe8\x3a\xf3" - "\x2a\x11\xac\x17\x92\x9f\xf1\xc0\x73\xa5" - "\x1c\xc0\x27\xaa\xed\xef\xf8\x5a\xad\x7c" - "\x2b\x7c\x5a\x80\x3e\x24\x04\xd9\x6d\x2a" - "\x77\x35\x7b\xda\x1a\x6d\xae\xed\x17\x15" - "\x1c\xb9\xbc\x51\x25\xa4\x22\xe9\x41\xde" - "\x0c\xa0\xfc\x50\x11\xc2\x3e\xcf\xfe\xfd" - "\xd0\x96\x76\x71\x1c\xf3\xdb\x0a\x34\x40" - "\x72\x0e\x16\x15\xc1\xf2\x2f\xbc\x3c\x72" - "\x1d\xe5\x21\xe1\xb9\x9b\xa1\xbd\x55\x77" - "\x40\x86\x42\x14\x7e\xd0\x96"), - "0x4F440DB1E6EDD2899FA335F09515AA025EE177A79F4B4A" - "AF38E42B5C4DE660F5DE8FB2A5B2FBD2A3CBFFD2" - "0CFF1288C0", - 1 - }, - { NULL, 0, NULL, 1 } - }; - - hash_testcase_t *testcase = testcases; - - while (testcase->input != NULL && testcase->result != NULL) { - isc_sha384_init(&sha384); - for(i = 0; i < testcase->repeats; i++) { - isc_sha384_update(&sha384, - (const uint8_t *) testcase->input, - testcase->input_len); - } - isc_sha384_final(digest, &sha384); - /* - *API inconsistency BUG HERE - * in order to be consistant with the other isc_hash_final - * functions the call should be - * isc_sha224_final(&sha224, digest); - */ - tohexstr(digest, ISC_SHA384_DIGESTLENGTH, str, sizeof(str)); - ATF_CHECK_STREQ(str, testcase->result); - - testcase++; - } -} - -ATF_TC(isc_sha512); -ATF_TC_HEAD(isc_sha512, tc) { - atf_tc_set_md_var(tc, "descr", "sha224 examples from RFC4634"); -} -ATF_TC_BODY(isc_sha512, tc) { - isc_sha512_t sha512; - int i; - - UNUSED(tc); - - /* - * These are the various test vectors. All of these are passed - * through the hash function and the results are compared to the - * result specified here. - */ - hash_testcase_t testcases[] = { - /* Test 1 */ - { - TEST_INPUT("abc"), - "0xDDAF35A193617ABACC417349AE20413112E6FA4E89A97E" - "A20A9EEEE64B55D39A2192992A274FC1A836BA3C" - "23A3FEEBBD454D4423643CE80E2A9AC94FA54CA49F", - 1 - }, - /* Test 2 */ - { - TEST_INPUT("abcdefghbcdefghicdefghijdefghijkefghijkl" - "fghijklmghijklmnhijklmnoijklmnopjklmnopq" - "klmnopqrlmnopqrsmnopqrstnopqrstu"), - "0x8E959B75DAE313DA8CF4F72814FC143F8F7779C6EB9F7F" - "A17299AEADB6889018501D289E4900F7E4331B99" - "DEC4B5433AC7D329EEB6DD26545E96E55B874BE909", - 1 - }, - /* Test 3 */ - { - TEST_INPUT("a"), - "0xE718483D0CE769644E2E42C7BC15B4638E1F98B13B2044" - "285632A803AFA973EBDE0FF244877EA60A4CB043" - "2CE577C31BEB009C5C2C49AA2E4EADB217AD8CC09B", - 1000000 - }, - /* Test 4 */ - { - TEST_INPUT("01234567012345670123456701234567"), - "0x89D05BA632C699C31231DED4FFC127D5A894DAD412C0E0" - "24DB872D1ABD2BA8141A0F85072A9BE1E2AA04CF" - "33C765CB510813A39CD5A84C4ACAA64D3F3FB7BAE9", - 20 - }, -#if 0 - /* Test 5 -- unimplemented optional functionality */ - { - TEST_INPUT(""), - "0xXXX", - 1 - }, -#endif - /* Test 6 */ - { - TEST_INPUT("\xD0"), - "0x9992202938E882E73E20F6B69E68A0A7149090423D93C8" - "1BAB3F21678D4ACEEEE50E4E8CAFADA4C85A54EA" - "8306826C4AD6E74CECE9631BFA8A549B4AB3FBBA15", - 1 - }, -#if 0 - /* Test 7 -- unimplemented optional functionality */ - { - TEST_INPUT(""), - "0xXXX", - 1 - }, -#endif - /* Test 8 */ - { - TEST_INPUT("\x8d\x4e\x3c\x0e\x38\x89\x19\x14\x91\x81" - "\x6e\x9d\x98\xbf\xf0\xa0"), - "0xCB0B67A4B8712CD73C9AABC0B199E9269B20844AFB75AC" - "BDD1C153C9828924C3DDEDAAFE669C5FDD0BC66F" - "630F6773988213EB1B16F517AD0DE4B2F0C95C90F8", - 1 - }, -#if 0 - /* Test 9 -- unimplemented optional functionality */ - { - TEST_INPUT(""), - "0xXXX", - 1 - }, -#endif - /* Test 10 */ - { - TEST_INPUT("\xa5\x5f\x20\xc4\x11\xaa\xd1\x32\x80\x7a" - "\x50\x2d\x65\x82\x4e\x31\xa2\x30\x54\x32" - "\xaa\x3d\x06\xd3\xe2\x82\xa8\xd8\x4e\x0d" - "\xe1\xde\x69\x74\xbf\x49\x54\x69\xfc\x7f" - "\x33\x8f\x80\x54\xd5\x8c\x26\xc4\x93\x60" - "\xc3\xe8\x7a\xf5\x65\x23\xac\xf6\xd8\x9d" - "\x03\xe5\x6f\xf2\xf8\x68\x00\x2b\xc3\xe4" - "\x31\xed\xc4\x4d\xf2\xf0\x22\x3d\x4b\xb3" - "\xb2\x43\x58\x6e\x1a\x7d\x92\x49\x36\x69" - "\x4f\xcb\xba\xf8\x8d\x95\x19\xe4\xeb\x50" - "\xa6\x44\xf8\xe4\xf9\x5e\xb0\xea\x95\xbc" - "\x44\x65\xc8\x82\x1a\xac\xd2\xfe\x15\xab" - "\x49\x81\x16\x4b\xbb\x6d\xc3\x2f\x96\x90" - "\x87\xa1\x45\xb0\xd9\xcc\x9c\x67\xc2\x2b" - "\x76\x32\x99\x41\x9c\xc4\x12\x8b\xe9\xa0" - "\x77\xb3\xac\xe6\x34\x06\x4e\x6d\x99\x28" - "\x35\x13\xdc\x06\xe7\x51\x5d\x0d\x73\x13" - "\x2e\x9a\x0d\xc6\xd3\xb1\xf8\xb2\x46\xf1" - "\xa9\x8a\x3f\xc7\x29\x41\xb1\xe3\xbb\x20" - "\x98\xe8\xbf\x16\xf2\x68\xd6\x4f\x0b\x0f" - "\x47\x07\xfe\x1e\xa1\xa1\x79\x1b\xa2\xf3" - "\xc0\xc7\x58\xe5\xf5\x51\x86\x3a\x96\xc9" - "\x49\xad\x47\xd7\xfb\x40\xd2"), - "0xC665BEFB36DA189D78822D10528CBF3B12B3EEF7260399" - "09C1A16A270D48719377966B957A878E72058477" - "9A62825C18DA26415E49A7176A894E7510FD1451F5", - 1 - }, - { NULL, 0, NULL, 1 } - }; - - hash_testcase_t *testcase = testcases; - - while (testcase->input != NULL && testcase->result != NULL) { - isc_sha512_init(&sha512); - for(i = 0; i < testcase->repeats; i++) { - isc_sha512_update(&sha512, - (const uint8_t *) testcase->input, - testcase->input_len); - } - isc_sha512_final(digest, &sha512); - /* - *API inconsistency BUG HERE - * in order to be consistant with the other isc_hash_final - * functions the call should be - * isc_sha224_final(&sha224, digest); - */ - tohexstr(digest, ISC_SHA512_DIGESTLENGTH, str, sizeof(str)); - ATF_CHECK_STREQ(str, testcase->result); - - testcase++; - } -} - -ATF_TC(isc_md5); -ATF_TC_HEAD(isc_md5, tc) { - atf_tc_set_md_var(tc, "descr", "md5 example from RFC1321"); -} -ATF_TC_BODY(isc_md5, tc) { - isc_md5_t md5; - int i; - - UNUSED(tc); - - /* - * These are the various test vectors. All of these are passed - * through the hash function and the results are compared to the - * result specified here. - */ - hash_testcase_t testcases[] = { - { - TEST_INPUT(""), - "0xD41D8CD98F00B204E9800998ECF8427E", - 1 - }, - { - TEST_INPUT("a"), - "0x0CC175B9C0F1B6A831C399E269772661", - 1 - }, - { - TEST_INPUT("abc"), - "0x900150983CD24FB0D6963F7D28E17F72", - 1 - }, - { - TEST_INPUT("message digest"), - "0xF96B697D7CB7938D525A2F31AAF161D0", - 1 - }, - { - TEST_INPUT("abcdefghijklmnopqrstuvwxyz"), - "0xC3FCD3D76192E4007DFB496CCA67E13B", - 1 - }, - { - TEST_INPUT("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklm" - "nopqrstuvwxyz0123456789"), - "0xD174AB98D277D9F5A5611C2C9F419D9F", - 1 - }, - { - TEST_INPUT("123456789012345678901234567890123456789" - "01234567890123456789012345678901234567890"), - "0x57EDF4A22BE3C955AC49DA2E2107B67A", - 1 - }, - { NULL, 0, NULL, 1 } - }; - - hash_testcase_t *testcase = testcases; - - while (testcase->input != NULL && testcase->result != NULL) { - isc_md5_init(&md5); - for(i = 0; i < testcase->repeats; i++) { - isc_md5_update(&md5, - (const uint8_t *) testcase->input, - testcase->input_len); - } - isc_md5_final(&md5, digest); - tohexstr(digest, ISC_MD5_DIGESTLENGTH, str, sizeof(str)); - ATF_CHECK_STREQ(str, testcase->result); - - testcase++; - } -} - /* HMAC-SHA1 test */ ATF_TC(isc_hmacsha1); ATF_TC_HEAD(isc_hmacsha1, tc) { @@ -861,7 +88,7 @@ ATF_TC_BODY(isc_hmacsha1, tc) { /* Test 1 */ { TEST_INPUT("\x48\x69\x20\x54\x68\x65\x72\x65"), - "0xB617318655057264E28BC0B6FB378C8EF146BE00", + "B617318655057264E28BC0B6FB378C8EF146BE00", 1 }, /* Test 2 */ @@ -869,7 +96,7 @@ ATF_TC_BODY(isc_hmacsha1, tc) { TEST_INPUT("\x77\x68\x61\x74\x20\x64\x6f\x20\x79\x61" "\x20\x77\x61\x6e\x74\x20\x66\x6f\x72\x20" "\x6e\x6f\x74\x68\x69\x6e\x67\x3f"), - "0xEFFCDF6AE5EB2FA2D27416D5F184DF9C259A7C79", + "EFFCDF6AE5EB2FA2D27416D5F184DF9C259A7C79", 1 }, /* Test 3 */ @@ -879,7 +106,7 @@ ATF_TC_BODY(isc_hmacsha1, tc) { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"), - "0x125D7342B9AC11CD91A39AF48AA17B4F63F175D3", + "125D7342B9AC11CD91A39AF48AA17B4F63F175D3", 1 }, /* Test 4 */ @@ -889,14 +116,14 @@ ATF_TC_BODY(isc_hmacsha1, tc) { "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"), - "0x4C9007F4026250C6BC8414F9BF50C86C2D7235DA", + "4C9007F4026250C6BC8414F9BF50C86C2D7235DA", 1 }, #if 0 /* Test 5 -- unimplemented optional functionality */ { TEST_INPUT("Test With Truncation"), - "0x4C1A03424B55E07FE7F27BE1", + "4C1A03424B55E07FE7F27BE1", 1 }, #endif @@ -904,12 +131,12 @@ ATF_TC_BODY(isc_hmacsha1, tc) { { TEST_INPUT("Test Using Larger Than Block-Size Key - " "Hash Key First"), - "0xAA4AE5E15272D00E95705637CE8A3B55ED402112", 1 }, + "AA4AE5E15272D00E95705637CE8A3B55ED402112", 1 }, /* Test 7 */ { TEST_INPUT("Test Using Larger Than Block-Size Key and " "Larger Than One Block-Size Data"), - "0xE8E99D0F45237D786D6BBAA7965C7808BBFF1A91", + "E8E99D0F45237D786D6BBAA7965C7808BBFF1A91", 1 }, { NULL, 0, NULL, 1 } @@ -992,7 +219,7 @@ ATF_TC_BODY(isc_hmacsha224, tc) { /* Test 1 */ { TEST_INPUT("\x48\x69\x20\x54\x68\x65\x72\x65"), - "0x896FB1128ABBDF196832107CD49DF33F47B4B1169912BA" + "896FB1128ABBDF196832107CD49DF33F47B4B1169912BA" "4F53684B22", 1 }, @@ -1001,7 +228,7 @@ ATF_TC_BODY(isc_hmacsha224, tc) { TEST_INPUT("\x77\x68\x61\x74\x20\x64\x6f\x20\x79\x61" "\x20\x77\x61\x6e\x74\x20\x66\x6f\x72\x20" "\x6e\x6f\x74\x68\x69\x6e\x67\x3f"), - "0xA30E01098BC6DBBF45690F3A7E9E6D0F8BBEA2A39E61480" + "A30E01098BC6DBBF45690F3A7E9E6D0F8BBEA2A39E61480" "08FD05E44", 1 }, @@ -1012,7 +239,7 @@ ATF_TC_BODY(isc_hmacsha224, tc) { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"), - "0x7FB3CB3588C6C1F6FFA9694D7D6AD2649365B0C1F65D69" + "7FB3CB3588C6C1F6FFA9694D7D6AD2649365B0C1F65D69" "D1EC8333EA", 1 }, @@ -1023,7 +250,7 @@ ATF_TC_BODY(isc_hmacsha224, tc) { "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"), - "0x6C11506874013CAC6A2ABC1BB382627CEC6A90D86EFC01" + "6C11506874013CAC6A2ABC1BB382627CEC6A90D86EFC01" "2DE7AFEC5A", 1 }, @@ -1031,7 +258,7 @@ ATF_TC_BODY(isc_hmacsha224, tc) { /* Test 5 -- unimplemented optional functionality */ { TEST_INPUT("Test With Truncation"), - "0x4C1A03424B55E07FE7F27BE1", + "4C1A03424B55E07FE7F27BE1", 1 }, #endif @@ -1039,7 +266,7 @@ ATF_TC_BODY(isc_hmacsha224, tc) { { TEST_INPUT("Test Using Larger Than Block-Size Key - " "Hash Key First"), - "0x95E9A0DB962095ADAEBE9B2D6F0DBCE2D499F112F2D2B7" + "95E9A0DB962095ADAEBE9B2D6F0DBCE2D499F112F2D2B7" "273FA6870E", 1 }, @@ -1061,7 +288,7 @@ ATF_TC_BODY(isc_hmacsha224, tc) { "\x62\x79\x20\x74\x68\x65\x20\x48\x4d\x41" "\x43\x20\x61\x6c\x67\x6f\x72\x69\x74\x68" "\x6d\x2e"), - "0x3A854166AC5D9F023F54D517D0B39DBD946770DB9C2B95" + "3A854166AC5D9F023F54D517D0B39DBD946770DB9C2B95" "C9F6F565D1", 1 }, @@ -1155,7 +382,7 @@ ATF_TC_BODY(isc_hmacsha256, tc) { /* Test 1 */ { TEST_INPUT("\x48\x69\x20\x54\x68\x65\x72\x65"), - "0xB0344C61D8DB38535CA8AFCEAF0BF12B881DC200C9833D" + "B0344C61D8DB38535CA8AFCEAF0BF12B881DC200C9833D" "A726E9376C2E32CFF7", 1 }, @@ -1164,7 +391,7 @@ ATF_TC_BODY(isc_hmacsha256, tc) { TEST_INPUT("\x77\x68\x61\x74\x20\x64\x6f\x20\x79\x61" "\x20\x77\x61\x6e\x74\x20\x66\x6f\x72\x20" "\x6e\x6f\x74\x68\x69\x6e\x67\x3f"), - "0x5BDCC146BF60754E6A042426089575C75A003F089D2739" + "5BDCC146BF60754E6A042426089575C75A003F089D2739" "839DEC58B964EC3843", 1 }, @@ -1175,7 +402,7 @@ ATF_TC_BODY(isc_hmacsha256, tc) { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"), - "0x773EA91E36800E46854DB8EBD09181A72959098B3EF8C1" + "773EA91E36800E46854DB8EBD09181A72959098B3EF8C1" "22D9635514CED565FE", 1 }, @@ -1186,7 +413,7 @@ ATF_TC_BODY(isc_hmacsha256, tc) { "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"), - "0x82558A389A443C0EA4CC819899F2083A85F0FAA3E578F8" + "82558A389A443C0EA4CC819899F2083A85F0FAA3E578F8" "077A2E3FF46729665B", 1 }, @@ -1194,7 +421,7 @@ ATF_TC_BODY(isc_hmacsha256, tc) { /* Test 5 -- unimplemented optional functionality */ { TEST_INPUT("Test With Truncation"), - "0x4C1A03424B55E07FE7F27BE1", + "4C1A03424B55E07FE7F27BE1", 1 }, #endif @@ -1202,7 +429,7 @@ ATF_TC_BODY(isc_hmacsha256, tc) { { TEST_INPUT("Test Using Larger Than Block-Size Key - " "Hash Key First"), - "0x60E431591EE0B67F0D8A26AACBF5B77F8E0BC6213728C5" + "60E431591EE0B67F0D8A26AACBF5B77F8E0BC6213728C5" "140546040F0EE37F54", 1 }, @@ -1224,7 +451,7 @@ ATF_TC_BODY(isc_hmacsha256, tc) { "\x62\x79\x20\x74\x68\x65\x20\x48\x4d\x41" "\x43\x20\x61\x6c\x67\x6f\x72\x69\x74\x68" "\x6d\x2e"), - "0x9B09FFA71B942FCB27635FBCD5B0E944BFDC63644F0713" + "9B09FFA71B942FCB27635FBCD5B0E944BFDC63644F0713" "938A7F51535C3A35E2", 1 }, @@ -1318,7 +545,7 @@ ATF_TC_BODY(isc_hmacsha384, tc) { /* Test 1 */ { TEST_INPUT("\x48\x69\x20\x54\x68\x65\x72\x65"), - "0xAFD03944D84895626B0825F4AB46907F15F9DADBE4101E" + "AFD03944D84895626B0825F4AB46907F15F9DADBE4101E" "C682AA034C7CEBC59CFAEA9EA9076EDE7F4AF152" "E8B2FA9CB6", 1 @@ -1328,7 +555,7 @@ ATF_TC_BODY(isc_hmacsha384, tc) { TEST_INPUT("\x77\x68\x61\x74\x20\x64\x6f\x20\x79\x61" "\x20\x77\x61\x6e\x74\x20\x66\x6f\x72\x20" "\x6e\x6f\x74\x68\x69\x6e\x67\x3f"), - "0xAF45D2E376484031617F78D2B58A6B1B9C7EF464F5A01B" + "AF45D2E376484031617F78D2B58A6B1B9C7EF464F5A01B" "47E42EC3736322445E8E2240CA5E69E2C78B3239" "ECFAB21649", 1 @@ -1340,7 +567,7 @@ ATF_TC_BODY(isc_hmacsha384, tc) { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"), - "0x88062608D3E6AD8A0AA2ACE014C8A86F0AA635D947AC9F" + "88062608D3E6AD8A0AA2ACE014C8A86F0AA635D947AC9F" "EBE83EF4E55966144B2A5AB39DC13814B94E3AB6" "E101A34F27", 1 @@ -1352,7 +579,7 @@ ATF_TC_BODY(isc_hmacsha384, tc) { "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"), - "0x3E8A69B7783C25851933AB6290AF6CA77A998148085000" + "3E8A69B7783C25851933AB6290AF6CA77A998148085000" "9CC5577C6E1F573B4E6801DD23C4A7D679CCF8A3" "86C674CFFB", 1 @@ -1361,7 +588,7 @@ ATF_TC_BODY(isc_hmacsha384, tc) { /* Test 5 -- unimplemented optional functionality */ { TEST_INPUT("Test With Truncation"), - "0x4C1A03424B55E07FE7F27BE1", + "4C1A03424B55E07FE7F27BE1", 1 }, #endif @@ -1369,7 +596,7 @@ ATF_TC_BODY(isc_hmacsha384, tc) { { TEST_INPUT("Test Using Larger Than Block-Size Key - " "Hash Key First"), - "0x4ECE084485813E9088D2C63A041BC5B44F9EF1012A2B58" + "4ECE084485813E9088D2C63A041BC5B44F9EF1012A2B58" "8F3CD11F05033AC4C60C2EF6AB4030FE8296248D" "F163F44952", 1 @@ -1392,7 +619,7 @@ ATF_TC_BODY(isc_hmacsha384, tc) { "\x62\x79\x20\x74\x68\x65\x20\x48\x4d\x41" "\x43\x20\x61\x6c\x67\x6f\x72\x69\x74\x68" "\x6d\x2e"), - "0x6617178E941F020D351E2F254E8FD32C602420FEB0B8FB" + "6617178E941F020D351E2F254E8FD32C602420FEB0B8FB" "9ADCCEBB82461E99C5A678CC31E799176D3860E6" "110C46523E", 1 @@ -1487,7 +714,7 @@ ATF_TC_BODY(isc_hmacsha512, tc) { /* Test 1 */ { TEST_INPUT("\x48\x69\x20\x54\x68\x65\x72\x65"), - "0x87AA7CDEA5EF619D4FF0B4241A1D6CB02379F4E2CE4EC2" + "87AA7CDEA5EF619D4FF0B4241A1D6CB02379F4E2CE4EC2" "787AD0B30545E17CDEDAA833B7D6B8A702038B27" "4EAEA3F4E4BE9D914EEB61F1702E696C203A126854", 1 @@ -1497,7 +724,7 @@ ATF_TC_BODY(isc_hmacsha512, tc) { TEST_INPUT("\x77\x68\x61\x74\x20\x64\x6f\x20\x79\x61" "\x20\x77\x61\x6e\x74\x20\x66\x6f\x72\x20" "\x6e\x6f\x74\x68\x69\x6e\x67\x3f"), - "0x164B7A7BFCF819E2E395FBE73B56E0A387BD64222E831F" + "164B7A7BFCF819E2E395FBE73B56E0A387BD64222E831F" "D610270CD7EA2505549758BF75C05A994A6D034F" "65F8F0E6FDCAEAB1A34D4A6B4B636E070A38BCE737", 1 @@ -1509,7 +736,7 @@ ATF_TC_BODY(isc_hmacsha512, tc) { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"), - "0xFA73B0089D56A284EFB0F0756C890BE9B1B5DBDD8EE81A" + "FA73B0089D56A284EFB0F0756C890BE9B1B5DBDD8EE81A" "3655F83E33B2279D39BF3E848279A722C806B485" "A47E67C807B946A337BEE8942674278859E13292FB", 1 @@ -1521,7 +748,7 @@ ATF_TC_BODY(isc_hmacsha512, tc) { "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"), - "0xB0BA465637458C6990E5A8C5F61D4AF7E576D97FF94B87" + "B0BA465637458C6990E5A8C5F61D4AF7E576D97FF94B87" "2DE76F8050361EE3DBA91CA5C11AA25EB4D67927" "5CC5788063A5F19741120C4F2DE2ADEBEB10A298DD", 1 @@ -1530,7 +757,7 @@ ATF_TC_BODY(isc_hmacsha512, tc) { /* Test 5 -- unimplemented optional functionality */ { TEST_INPUT("Test With Truncation"), - "0x4C1A03424B55E07FE7F27BE1", + "4C1A03424B55E07FE7F27BE1", 1 }, #endif @@ -1538,7 +765,7 @@ ATF_TC_BODY(isc_hmacsha512, tc) { { TEST_INPUT("Test Using Larger Than Block-Size Key - " "Hash Key First"), - "0x80B24263C7C1A3EBB71493C1DD7BE8B49B46D1F41B4AEE" + "80B24263C7C1A3EBB71493C1DD7BE8B49B46D1F41B4AEE" "C1121B013783F8F3526B56D037E05F2598BD0FD2" "215D6A1E5295E64F73F63F0AEC8B915A985D786598", 1 @@ -1561,7 +788,7 @@ ATF_TC_BODY(isc_hmacsha512, tc) { "\x62\x79\x20\x74\x68\x65\x20\x48\x4d\x41" "\x43\x20\x61\x6c\x67\x6f\x72\x69\x74\x68" "\x6d\x2e"), - "0xE37B6A775DC87DBAA4DFA9F96E5E3FFDDEBD71F8867289" + "E37B6A775DC87DBAA4DFA9F96E5E3FFDDEBD71F8867289" "865DF5A32D20CDC944B6022CAC3C4982B10D5EEB" "55C3E4DE15134676FB6DE0446065C97440FA8C6A58", 1 @@ -1657,7 +884,7 @@ ATF_TC_BODY(isc_hmacmd5, tc) { /* Test 1 */ { TEST_INPUT("\x48\x69\x20\x54\x68\x65\x72\x65"), - "0x9294727A3638BB1C13F48EF8158BFC9D", + "9294727A3638BB1C13F48EF8158BFC9D", 1 }, /* Test 2 */ @@ -1665,7 +892,7 @@ ATF_TC_BODY(isc_hmacmd5, tc) { TEST_INPUT("\x77\x68\x61\x74\x20\x64\x6f\x20\x79" "\x61\x20\x77\x61\x6e\x74\x20\x66\x6f" "\x72\x20\x6e\x6f\x74\x68\x69\x6e\x67\x3f"), - "0x750C783E6AB0B503EAA86E310A5DB738", 1 + "750C783E6AB0B503EAA86E310A5DB738", 1 }, /* Test 3 */ { @@ -1674,7 +901,7 @@ ATF_TC_BODY(isc_hmacmd5, tc) { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"), - "0x56BE34521D144C88DBB8C733F0E8B3F6", + "56BE34521D144C88DBB8C733F0E8B3F6", 1 }, /* Test 4 */ @@ -1684,28 +911,28 @@ ATF_TC_BODY(isc_hmacmd5, tc) { "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"), - "0x697EAF0ACA3A3AEA3A75164746FFAA79", + "697EAF0ACA3A3AEA3A75164746FFAA79", 1 }, #if 0 /* Test 5 -- unimplemented optional functionality */ { TEST_INPUT("Test With Truncation"), - "0x4C1A03424B55E07FE7F27BE1", + "4C1A03424B55E07FE7F27BE1", 1 }, /* Test 6 -- unimplemented optional functionality */ { TEST_INPUT("Test Using Larger Than Block-Size Key - " "Hash Key First"), - "0xAA4AE5E15272D00E95705637CE8A3B55ED402112", + "AA4AE5E15272D00E95705637CE8A3B55ED402112", 1 }, /* Test 7 -- unimplemented optional functionality */ { TEST_INPUT("Test Using Larger Than Block-Size Key and " "Larger Than One Block-Size Data"), - "0xE8E99D0F45237D786D6BBAA7965C7808BBFF1A91", + "E8E99D0F45237D786D6BBAA7965C7808BBFF1A91", 1 }, #endif @@ -1794,33 +1021,33 @@ ATF_TC_BODY(isc_crc64, tc) { hash_testcase_t testcases[] = { { TEST_INPUT(""), - "0x0000000000000000", 1 + "0000000000000000", 1 }, { TEST_INPUT("a"), - "0xCE73F427ACC0A99A", 1 + "CE73F427ACC0A99A", 1 }, { TEST_INPUT("abc"), - "0x048B813AF9F49702", 1 + "048B813AF9F49702", 1 }, { TEST_INPUT("message digest"), - "0x5273F9EA7A357BF4", 1 + "5273F9EA7A357BF4", 1 }, { TEST_INPUT("abcdefghijklmnopqrstuvwxyz"), - "0x59F079F9218BAAA1", 1 + "59F079F9218BAAA1", 1 }, { TEST_INPUT("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklm" "nopqrstuvwxyz0123456789"), - "0xA36DA8F71E78B6FB", 1 + "A36DA8F71E78B6FB", 1 }, { TEST_INPUT("123456789012345678901234567890123456789" "01234567890123456789012345678901234567890"), - "0x81E5EB73C8E7874A", 1 + "81E5EB73C8E7874A", 1 }, { NULL, 0, NULL, 1 } }; @@ -1960,40 +1187,6 @@ ATF_TC_BODY(isc_hash_initializer, tc) { ATF_CHECK_EQ(h1, h2); } -ATF_TC(md5_check); -ATF_TC_HEAD(md5_check, tc) { - atf_tc_set_md_var(tc, "descr", "Startup MD5 check test"); -} -ATF_TC_BODY(md5_check, tc) { - UNUSED(tc); - - ATF_REQUIRE(isc_md5_check(false)); - ATF_CHECK(!isc_md5_check(true)); - - ATF_REQUIRE(isc_hmacmd5_check(0)); - ATF_CHECK(!isc_hmacmd5_check(1)); - ATF_CHECK(!isc_hmacmd5_check(2)); - ATF_CHECK(!isc_hmacmd5_check(3)); - ATF_CHECK(!isc_hmacmd5_check(4)); -} - -ATF_TC(sha1_check); -ATF_TC_HEAD(sha1_check, tc) { - atf_tc_set_md_var(tc, "descr", "Startup SHA-1 check test"); -} -ATF_TC_BODY(sha1_check, tc) { - UNUSED(tc); - - ATF_REQUIRE(isc_sha1_check(false)); - ATF_CHECK(!isc_sha1_check(true)); - - ATF_REQUIRE(isc_hmacsha1_check(0)); - ATF_CHECK(!isc_hmacsha1_check(1)); - ATF_CHECK(!isc_hmacsha1_check(2)); - ATF_CHECK(!isc_hmacsha1_check(3)); - ATF_CHECK(!isc_hmacsha1_check(4)); -} - /* * Main */ @@ -2002,8 +1195,6 @@ ATF_TP_ADD_TCS(tp) { * Tests of hash functions, including isc_hash and the * various cryptographic hashes. */ - ATF_TP_ADD_TC(tp, md5_check); - ATF_TP_ADD_TC(tp, sha1_check); ATF_TP_ADD_TC(tp, isc_hash_function); ATF_TP_ADD_TC(tp, isc_hash_function_reverse); @@ -2014,12 +1205,7 @@ ATF_TP_ADD_TCS(tp) { ATF_TP_ADD_TC(tp, isc_hmacsha256); ATF_TP_ADD_TC(tp, isc_hmacsha384); ATF_TP_ADD_TC(tp, isc_hmacsha512); - ATF_TP_ADD_TC(tp, isc_md5); - ATF_TP_ADD_TC(tp, isc_sha1); - ATF_TP_ADD_TC(tp, isc_sha224); - ATF_TP_ADD_TC(tp, isc_sha256); - ATF_TP_ADD_TC(tp, isc_sha384); - ATF_TP_ADD_TC(tp, isc_sha512); + ATF_TP_ADD_TC(tp, isc_crc64); return (atf_no_error()); diff --git a/lib/isc/tests/md_test.c b/lib/isc/tests/md_test.c new file mode 100644 index 0000000000..55cd3b800c --- /dev/null +++ b/lib/isc/tests/md_test.c @@ -0,0 +1,589 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +#include + +#if HAVE_CMOCKA + +#include +#include +#include + +#include + +/* For FIPS_mode() */ +#include + +#define UNIT_TESTING +#include + +#include +#include +#include +#include +#include + +#include "../md.c" + +#define TEST_INPUT(x) (x), sizeof(x)-1 + +static int +_setup(void **state) { + isc_md_t *md = isc_md_new(); + if (md == NULL) { + return (-1); + } + *state = md; + return (0); +} + +static int +_teardown(void **state) { + if (*state == NULL) { + return (-1); + } + isc_md_free(*state); + return (0); +} + +static int +_reset(void **state) { + if (*state == NULL) { + return (-1); + } + if (isc_md_reset(*state) != ISC_R_SUCCESS) { + return (-1); + } + return (0); +} + +static void +isc_md_new_test(void **state) { + UNUSED(state); + + isc_md_t *md = isc_md_new(); + assert_non_null(md); + isc_md_free(md); /* Cleanup */ +} + +static void +isc_md_free_test(void **state) { + UNUSED(state); + + isc_md_t *md = isc_md_new(); + assert_non_null(md); + isc_md_free(md); /* Test freeing valid message digest context */ + isc_md_free(NULL); /* Test freeing NULL argument */ +} + +static void +isc_md_test(isc_md_t *md, isc_md_type_t type, const char *buf, size_t buflen, + const char *result, const int repeats) +{ + assert_non_null(md); + assert_int_equal(isc_md_init(md, type), ISC_R_SUCCESS); + + int i; + + for (i = 0; i < repeats; i++) { + assert_int_equal( + isc_md_update(md, (const unsigned char *)buf, buflen), + ISC_R_SUCCESS); + } + + unsigned char digest[ISC_MAX_MD_SIZE]; + unsigned int digestlen; + assert_int_equal(isc_md_final(md, digest, &digestlen), ISC_R_SUCCESS); + + char hexdigest[ISC_MAX_MD_SIZE * 2 + 3]; + isc_region_t r = { .base = digest, + .length = digestlen }; + isc_buffer_t b; + isc_buffer_init(&b, hexdigest, sizeof(hexdigest)); + + assert_return_code(isc_hex_totext(&r, 0, "", &b), ISC_R_SUCCESS); + + assert_memory_equal(hexdigest, result, (result?strlen(result):0)); + assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS); +} + +static void +isc_md_init_test(void **state) { + isc_md_t *md = *state; + assert_non_null(md); + + expect_assert_failure(isc_md_init(NULL, ISC_MD_MD5)); + + assert_int_equal(isc_md_init(md, NULL), ISC_R_NOTIMPLEMENTED); + + assert_int_equal(isc_md_init(md, ISC_MD_MD5), ISC_R_SUCCESS); + assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS); + + assert_int_equal(isc_md_init(md, ISC_MD_SHA1), ISC_R_SUCCESS); + assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS); + + assert_int_equal(isc_md_init(md, ISC_MD_SHA224), ISC_R_SUCCESS); + assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS); + + assert_int_equal(isc_md_init(md, ISC_MD_SHA256), ISC_R_SUCCESS); + assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS); + + assert_int_equal(isc_md_init(md, ISC_MD_SHA384), ISC_R_SUCCESS); + assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS); + + assert_int_equal(isc_md_init(md, ISC_MD_SHA512), ISC_R_SUCCESS); + assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS); +} + +static void +isc_md_update_test(void **state) { + isc_md_t *md = *state; + assert_non_null(md); + + /* Uses message digest context initialized in isc_md_init_test() */ + expect_assert_failure(isc_md_update(NULL, NULL, 0)); + + assert_int_equal(isc_md_update(md, NULL, 100), ISC_R_SUCCESS); + assert_int_equal(isc_md_update(md, (const unsigned char *)"", 0), + ISC_R_SUCCESS); +} + +static void +isc_md_reset_test(void **state) { + isc_md_t *md = *state; + unsigned char digest[ISC_MAX_MD_SIZE] __attribute((unused)); + unsigned int digestlen __attribute((unused)); + + assert_non_null(md); + + assert_int_equal(isc_md_init(md, ISC_MD_SHA512), ISC_R_SUCCESS); + assert_int_equal(isc_md_update(md, (const unsigned char *)"a", 1), + ISC_R_SUCCESS); + assert_int_equal(isc_md_update(md, (const unsigned char *)"b", 1), + ISC_R_SUCCESS); + + assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS); + +#if 0 + /* + * This test would require OpenSSL compiled with mock_assert(), + * so this could be only manually checked that the test will + * segfault when called by hand + */ + expect_assert_failure(isc_md_final(md, digest, &digestlen)); +#endif +} + +static void +isc_md_final_test(void **state) { + isc_md_t *md = *state; + assert_non_null(md); + + unsigned char digest[ISC_MAX_MD_SIZE]; + unsigned int digestlen; + + /* Fail when message digest context is empty */ + expect_assert_failure(isc_md_final(NULL, digest, &digestlen)); + /* Fail when output buffer is empty */ + expect_assert_failure(isc_md_final(md, NULL, &digestlen)); + + assert_int_equal(isc_md_init(md, ISC_MD_SHA512), ISC_R_SUCCESS); + assert_int_equal(isc_md_final(md, digest, NULL), ISC_R_SUCCESS); +} + +static void +isc_md_md5_test(void **state) { + isc_md_t *md = *state; + isc_md_test(md, ISC_MD_MD5, NULL, 0, NULL, 0); + isc_md_test(md, ISC_MD_MD5, TEST_INPUT(""), + "D41D8CD98F00B204E9800998ECF8427E", 1); + isc_md_test(md, ISC_MD_MD5, TEST_INPUT("a"), + "0CC175B9C0F1B6A831C399E269772661", 1); + isc_md_test(md, ISC_MD_MD5, TEST_INPUT("abc"), + "900150983CD24FB0D6963F7D28E17F72", 1); + isc_md_test(md, ISC_MD_MD5, TEST_INPUT("message digest"), + "F96B697D7CB7938D525A2F31AAF161D0", 1); + isc_md_test(md, ISC_MD_MD5, TEST_INPUT("abcdefghijklmnopqrstuvwxyz"), + "C3FCD3D76192E4007DFB496CCA67E13B", 1); + isc_md_test(md, ISC_MD_MD5, + TEST_INPUT("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklm" + "nopqrstuvwxyz0123456789"), + "D174AB98D277D9F5A5611C2C9F419D9F", 1); + isc_md_test(md, ISC_MD_MD5, + TEST_INPUT("123456789012345678901234567890123456789" + "01234567890123456789012345678901234567890"), + "57EDF4A22BE3C955AC49DA2E2107B67A", 1); +} + +static void +isc_md_sha1_test(void **state) { + isc_md_t *md = *state; + isc_md_test(md, ISC_MD_SHA1, NULL, 0, NULL, 0); + isc_md_test(md, ISC_MD_SHA1, TEST_INPUT(""), + "DA39A3EE5E6B4B0D3255BFEF95601890AFD80709", 1); + isc_md_test(md, ISC_MD_SHA1, TEST_INPUT("abc"), + "A9993E364706816ABA3E25717850C26C9CD0D89D", 1); + isc_md_test(md, ISC_MD_SHA1, + TEST_INPUT("abcdbcdecdefdefgefghfghighijhijkijk" + "ljklmklmnlmnomnopnopq"), + "84983E441C3BD26EBAAE4AA1F95129E5E54670F1", 1); + isc_md_test(md, ISC_MD_SHA1, TEST_INPUT("a"), + "34AA973CD4C4DAA4F61EEB2BDBAD27316534016F", + 1000000); + isc_md_test(md, ISC_MD_SHA1, + TEST_INPUT("01234567012345670123456701234567"), + "DEA356A2CDDD90C7A7ECEDC5EBB563934F460452", + 20); + isc_md_test(md, ISC_MD_SHA1, TEST_INPUT("\x5e"), + "5E6F80A34A9798CAFC6A5DB96CC57BA4C4DB59C2", + 1); + isc_md_test(md, ISC_MD_SHA1, + TEST_INPUT("\x9a\x7d\xfd\xf1\xec\xea\xd0\x6e\xd6\x46" + "\xaa\x55\xfe\x75\x71\x46"), + "82ABFF6605DBE1C17DEF12A394FA22A82B544A35", + 1); + isc_md_test(md, ISC_MD_SHA1, + TEST_INPUT("\xf7\x8f\x92\x14\x1b\xcd\x17\x0a\xe8\x9b" + "\x4f\xba\x15\xa1\xd5\x9f\x3f\xd8\x4d\x22" + "\x3c\x92\x51\xbd\xac\xbb\xae\x61\xd0\x5e" + "\xd1\x15\xa0\x6a\x7c\xe1\x17\xb7\xbe\xea" + "\xd2\x44\x21\xde\xd9\xc3\x25\x92\xbd\x57" + "\xed\xea\xe3\x9c\x39\xfa\x1f\xe8\x94\x6a" + "\x84\xd0\xcf\x1f\x7b\xee\xad\x17\x13\xe2" + "\xe0\x95\x98\x97\x34\x7f\x67\xc8\x0b\x04" + "\x00\xc2\x09\x81\x5d\x6b\x10\xa6\x83\x83" + "\x6f\xd5\x56\x2a\x56\xca\xb1\xa2\x8e\x81" + "\xb6\x57\x66\x54\x63\x1c\xf1\x65\x66\xb8" + "\x6e\x3b\x33\xa1\x08\xb0\x53\x07\xc0\x0a" + "\xff\x14\xa7\x68\xed\x73\x50\x60\x6a\x0f" + "\x85\xe6\xa9\x1d\x39\x6f\x5b\x5c\xbe\x57" + "\x7f\x9b\x38\x80\x7c\x7d\x52\x3d\x6d\x79" + "\x2f\x6e\xbc\x24\xa4\xec\xf2\xb3\xa4\x27" + "\xcd\xbb\xfb"), + "CB0082C8F197D260991BA6A460E76E202BAD27B3", 1); +} + +static void +isc_md_sha224_test(void **state) { + isc_md_t *md = *state; + + isc_md_test(md, ISC_MD_SHA224, NULL, 0, NULL, 0); + isc_md_test(md, ISC_MD_SHA224, TEST_INPUT(""), + "D14A028C2A3A2BC9476102BB288234C415A2B01F828EA62AC5B3E42F", + 1); + isc_md_test(md, ISC_MD_SHA224, TEST_INPUT("abc"), + "23097D223405D8228642A477BDA255B32AADBCE4BDA0B3F7" + "E36C9DA7", + 1); + isc_md_test(md, ISC_MD_SHA224, + TEST_INPUT("abcdbcdecdefdefgefghfghighijhijkijklj" + "klmklmnlmnomnopnopq"), + "75388B16512776CC5DBA5DA1FD890150B0C6455CB4F58B" + "1952522525", + 1); + isc_md_test(md, ISC_MD_SHA224, TEST_INPUT("a"), + "20794655980C91D8BBB4C1EA97618A4BF03F42581948B2" + "EE4EE7AD67", + 1000000); + isc_md_test(md, ISC_MD_SHA224, + TEST_INPUT("01234567012345670123456701234567"), + "567F69F168CD7844E65259CE658FE7AADFA25216E68ECA" + "0EB7AB8262", + 20); + isc_md_test(md, ISC_MD_SHA224, TEST_INPUT("\x07"), + "00ECD5F138422B8AD74C9799FD826C531BAD2FCABC7450" + "BEE2AA8C2A", + 1); + isc_md_test(md, ISC_MD_SHA224, + TEST_INPUT("\x18\x80\x40\x05\xdd\x4f\xbd\x15\x56\x29" + "\x9d\x6f\x9d\x93\xdf\x62"), + "DF90D78AA78821C99B40BA4C966921ACCD8FFB1E98AC38" + "8E56191DB1", + 1); + isc_md_test(md, ISC_MD_SHA224, + TEST_INPUT("\x55\xb2\x10\x07\x9c\x61\xb5\x3a\xdd\x52" + "\x06\x22\xd1\xac\x97\xd5\xcd\xbe\x8c\xb3" + "\x3a\xa0\xae\x34\x45\x17\xbe\xe4\xd7\xba" + "\x09\xab\xc8\x53\x3c\x52\x50\x88\x7a\x43" + "\xbe\xbb\xac\x90\x6c\x2e\x18\x37\xf2\x6b" + "\x36\xa5\x9a\xe3\xbe\x78\x14\xd5\x06\x89" + "\x6b\x71\x8b\x2a\x38\x3e\xcd\xac\x16\xb9" + "\x61\x25\x55\x3f\x41\x6f\xf3\x2c\x66\x74" + "\xc7\x45\x99\xa9\x00\x53\x86\xd9\xce\x11" + "\x12\x24\x5f\x48\xee\x47\x0d\x39\x6c\x1e" + "\xd6\x3b\x92\x67\x0c\xa5\x6e\xc8\x4d\xee" + "\xa8\x14\xb6\x13\x5e\xca\x54\x39\x2b\xde" + "\xdb\x94\x89\xbc\x9b\x87\x5a\x8b\xaf\x0d" + "\xc1\xae\x78\x57\x36\x91\x4a\xb7\xda\xa2" + "\x64\xbc\x07\x9d\x26\x9f\x2c\x0d\x7e\xdd" + "\xd8\x10\xa4\x26\x14\x5a\x07\x76\xf6\x7c" + "\x87\x82\x73"), + "0B31894EC8937AD9B91BDFBCBA294D9ADEFAA18E09305E" + "9F20D5C3A4", + 1); +} + +static void +isc_md_sha256_test(void **state) { + isc_md_t *md = *state; + + isc_md_test(md, ISC_MD_SHA256, NULL, 0, NULL, 0); + isc_md_test(md, ISC_MD_SHA256, TEST_INPUT(""), + "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B93" + "4CA495991B7852B855", + 1); + + isc_md_test(md, ISC_MD_SHA256, TEST_INPUT("abc"), + "BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A" + "9CB410FF61F20015AD", + 1); + isc_md_test(md, ISC_MD_SHA256, + TEST_INPUT("abcdbcdecdefdefgefghfghighijhijkijkljk" + "lmklmnlmnomnopnopq"), + "248D6A61D20638B8E5C026930C3E6039A33CE45964FF21" + "67F6ECEDD419DB06C1", + 1); + isc_md_test(md, ISC_MD_SHA256, TEST_INPUT("a"), + "CDC76E5C9914FB9281A1C7E284D73E67F1809A48A49720" + "0E046D39CCC7112CD0", 1000000); + isc_md_test(md, ISC_MD_SHA256, + TEST_INPUT("01234567012345670123456701234567"), + "594847328451BDFA85056225462CC1D867D877FB388DF0" + "CE35F25AB5562BFBB5", + 20); + isc_md_test(md, ISC_MD_SHA256, TEST_INPUT("\x19"), + "68AA2E2EE5DFF96E3355E6C7EE373E3D6A4E17F75F9518" + "D843709C0C9BC3E3D4", + 1); + isc_md_test(md, ISC_MD_SHA256, + TEST_INPUT("\xe3\xd7\x25\x70\xdc\xdd\x78\x7c\xe3" + "\x88\x7a\xb2\xcd\x68\x46\x52"), + "175EE69B02BA9B58E2B0A5FD13819CEA573F3940A94F82" + "5128CF4209BEABB4E8", + 1); + isc_md_test(md, ISC_MD_SHA256, + TEST_INPUT("\x83\x26\x75\x4e\x22\x77\x37\x2f\x4f\xc1" + "\x2b\x20\x52\x7a\xfe\xf0\x4d\x8a\x05\x69" + "\x71\xb1\x1a\xd5\x71\x23\xa7\xc1\x37\x76" + "\x00\x00\xd7\xbe\xf6\xf3\xc1\xf7\xa9\x08" + "\x3a\xa3\x9d\x81\x0d\xb3\x10\x77\x7d\xab" + "\x8b\x1e\x7f\x02\xb8\x4a\x26\xc7\x73\x32" + "\x5f\x8b\x23\x74\xde\x7a\x4b\x5a\x58\xcb" + "\x5c\x5c\xf3\x5b\xce\xe6\xfb\x94\x6e\x5b" + "\xd6\x94\xfa\x59\x3a\x8b\xeb\x3f\x9d\x65" + "\x92\xec\xed\xaa\x66\xca\x82\xa2\x9d\x0c" + "\x51\xbc\xf9\x33\x62\x30\xe5\xd7\x84\xe4" + "\xc0\xa4\x3f\x8d\x79\xa3\x0a\x16\x5c\xba" + "\xbe\x45\x2b\x77\x4b\x9c\x71\x09\xa9\x7d" + "\x13\x8f\x12\x92\x28\x96\x6f\x6c\x0a\xdc" + "\x10\x6a\xad\x5a\x9f\xdd\x30\x82\x57\x69" + "\xb2\xc6\x71\xaf\x67\x59\xdf\x28\xeb\x39" + "\x3d\x54\xd6"), + "97DBCA7DF46D62C8A422C941DD7E835B8AD3361763F7E9" + "B2D95F4F0DA6E1CCBC", + 1); +} + +static void +isc_md_sha384_test(void **state) { + isc_md_t *md = *state; + + isc_md_test(md, ISC_MD_SHA384, NULL, 0, NULL, 0); + isc_md_test(md, ISC_MD_SHA384, TEST_INPUT(""), + "38B060A751AC96384CD9327EB1B1E36A21FDB71114BE07" + "434C0CC7BF63F6E1DA274EDEBFE76F65FBD51AD2F14898" + "B95B" + "", + 1); + isc_md_test(md, ISC_MD_SHA384, TEST_INPUT("abc"), + "CB00753F45A35E8BB5A03D699AC65007272C32AB0EDED1" + "631A8B605A43FF5BED8086072BA1E7CC2358BAEC" + "A134C825A7", + 1); + isc_md_test(md, ISC_MD_SHA384, + TEST_INPUT("abcdefghbcdefghicdefghijdefghijkefghijkl" + "fghijklmghijklmnhijklmnoijklmnopjklmnopq" + "klmnopqrlmnopqrsmnopqrstnopqrstu"), + "09330C33F71147E83D192FC782CD1B4753111B173B3B05" + "D22FA08086E3B0F712FCC7C71A557E2DB966C3E9" + "FA91746039", + 1); + isc_md_test(md, ISC_MD_SHA384, TEST_INPUT("a"), + "9D0E1809716474CB086E834E310A4A1CED149E9C00F248" + "527972CEC5704C2A5B07B8B3DC38ECC4EBAE97DD" + "D87F3D8985", + 1000000); + isc_md_test(md, ISC_MD_SHA384, + TEST_INPUT("01234567012345670123456701234567"), + "2FC64A4F500DDB6828F6A3430B8DD72A368EB7F3A8322A" + "70BC84275B9C0B3AB00D27A5CC3C2D224AA6B61A" + "0D79FB4596", + 20); + isc_md_test(md, ISC_MD_SHA384, TEST_INPUT("\xb9"), + "BC8089A19007C0B14195F4ECC74094FEC64F01F9092928" + "2C2FB392881578208AD466828B1C6C283D2722CF" + "0AD1AB6938", + 1); + isc_md_test(md, ISC_MD_SHA384, + TEST_INPUT("\xa4\x1c\x49\x77\x79\xc0\x37\x5f\xf1" + "\x0a\x7f\x4e\x08\x59\x17\x39"), + "C9A68443A005812256B8EC76B00516F0DBB74FAB26D665" + "913F194B6FFB0E91EA9967566B58109CBC675CC2" + "08E4C823F7", + 1); + isc_md_test(md, ISC_MD_SHA384, + TEST_INPUT("\x39\x96\x69\xe2\x8f\x6b\x9c\x6d\xbc\xbb" + "\x69\x12\xec\x10\xff\xcf\x74\x79\x03\x49" + "\xb7\xdc\x8f\xbe\x4a\x8e\x7b\x3b\x56\x21" + "\xdb\x0f\x3e\x7d\xc8\x7f\x82\x32\x64\xbb" + "\xe4\x0d\x18\x11\xc9\xea\x20\x61\xe1\xc8" + "\x4a\xd1\x0a\x23\xfa\xc1\x72\x7e\x72\x02" + "\xfc\x3f\x50\x42\xe6\xbf\x58\xcb\xa8\xa2" + "\x74\x6e\x1f\x64\xf9\xb9\xea\x35\x2c\x71" + "\x15\x07\x05\x3c\xf4\xe5\x33\x9d\x52\x86" + "\x5f\x25\xcc\x22\xb5\xe8\x77\x84\xa1\x2f" + "\xc9\x61\xd6\x6c\xb6\xe8\x95\x73\x19\x9a" + "\x2c\xe6\x56\x5c\xbd\xf1\x3d\xca\x40\x38" + "\x32\xcf\xcb\x0e\x8b\x72\x11\xe8\x3a\xf3" + "\x2a\x11\xac\x17\x92\x9f\xf1\xc0\x73\xa5" + "\x1c\xc0\x27\xaa\xed\xef\xf8\x5a\xad\x7c" + "\x2b\x7c\x5a\x80\x3e\x24\x04\xd9\x6d\x2a" + "\x77\x35\x7b\xda\x1a\x6d\xae\xed\x17\x15" + "\x1c\xb9\xbc\x51\x25\xa4\x22\xe9\x41\xde" + "\x0c\xa0\xfc\x50\x11\xc2\x3e\xcf\xfe\xfd" + "\xd0\x96\x76\x71\x1c\xf3\xdb\x0a\x34\x40" + "\x72\x0e\x16\x15\xc1\xf2\x2f\xbc\x3c\x72" + "\x1d\xe5\x21\xe1\xb9\x9b\xa1\xbd\x55\x77" + "\x40\x86\x42\x14\x7e\xd0\x96"), + "4F440DB1E6EDD2899FA335F09515AA025EE177A79F4B4A" + "AF38E42B5C4DE660F5DE8FB2A5B2FBD2A3CBFFD2" + "0CFF1288C0", + 1); +} + +static void +isc_md_sha512_test(void **state) { + isc_md_t *md = *state; + + isc_md_test(md, ISC_MD_SHA512, NULL, 0, NULL, 0); + isc_md_test(md, ISC_MD_SHA512, TEST_INPUT(""), + "CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715" + "DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877E" + "EC2F63B931BD47417A81A538327AF927DA3E", + 1); + isc_md_test(md, ISC_MD_SHA512, TEST_INPUT("abc"), + "DDAF35A193617ABACC417349AE20413112E6FA4E89A97E" + "A20A9EEEE64B55D39A2192992A274FC1A836BA3C" + "23A3FEEBBD454D4423643CE80E2A9AC94FA54CA49F", + 1); + isc_md_test(md, ISC_MD_SHA512, + TEST_INPUT("abcdefghbcdefghicdefghijdefghijkefghijkl" + "fghijklmghijklmnhijklmnoijklmnopjklmnopq" + "klmnopqrlmnopqrsmnopqrstnopqrstu"), + "8E959B75DAE313DA8CF4F72814FC143F8F7779C6EB9F7F" + "A17299AEADB6889018501D289E4900F7E4331B99" + "DEC4B5433AC7D329EEB6DD26545E96E55B874BE909", + 1); + isc_md_test(md, ISC_MD_SHA512, TEST_INPUT("a"), + "E718483D0CE769644E2E42C7BC15B4638E1F98B13B2044" + "285632A803AFA973EBDE0FF244877EA60A4CB043" + "2CE577C31BEB009C5C2C49AA2E4EADB217AD8CC09B", + 1000000); + isc_md_test(md, ISC_MD_SHA512, + TEST_INPUT("01234567012345670123456701234567"), + "89D05BA632C699C31231DED4FFC127D5A894DAD412C0E0" + "24DB872D1ABD2BA8141A0F85072A9BE1E2AA04CF" + "33C765CB510813A39CD5A84C4ACAA64D3F3FB7BAE9", + 20); + isc_md_test(md, ISC_MD_SHA512, TEST_INPUT("\xD0"), + "9992202938E882E73E20F6B69E68A0A7149090423D93C8" + "1BAB3F21678D4ACEEEE50E4E8CAFADA4C85A54EA" + "8306826C4AD6E74CECE9631BFA8A549B4AB3FBBA15", + 1); + isc_md_test(md, ISC_MD_SHA512, + TEST_INPUT("\x8d\x4e\x3c\x0e\x38\x89\x19\x14\x91\x81" + "\x6e\x9d\x98\xbf\xf0\xa0"), + "CB0B67A4B8712CD73C9AABC0B199E9269B20844AFB75AC" + "BDD1C153C9828924C3DDEDAAFE669C5FDD0BC66F" + "630F6773988213EB1B16F517AD0DE4B2F0C95C90F8", + 1); + isc_md_test(md, ISC_MD_SHA512, + TEST_INPUT("\xa5\x5f\x20\xc4\x11\xaa\xd1\x32\x80\x7a" + "\x50\x2d\x65\x82\x4e\x31\xa2\x30\x54\x32" + "\xaa\x3d\x06\xd3\xe2\x82\xa8\xd8\x4e\x0d" + "\xe1\xde\x69\x74\xbf\x49\x54\x69\xfc\x7f" + "\x33\x8f\x80\x54\xd5\x8c\x26\xc4\x93\x60" + "\xc3\xe8\x7a\xf5\x65\x23\xac\xf6\xd8\x9d" + "\x03\xe5\x6f\xf2\xf8\x68\x00\x2b\xc3\xe4" + "\x31\xed\xc4\x4d\xf2\xf0\x22\x3d\x4b\xb3" + "\xb2\x43\x58\x6e\x1a\x7d\x92\x49\x36\x69" + "\x4f\xcb\xba\xf8\x8d\x95\x19\xe4\xeb\x50" + "\xa6\x44\xf8\xe4\xf9\x5e\xb0\xea\x95\xbc" + "\x44\x65\xc8\x82\x1a\xac\xd2\xfe\x15\xab" + "\x49\x81\x16\x4b\xbb\x6d\xc3\x2f\x96\x90" + "\x87\xa1\x45\xb0\xd9\xcc\x9c\x67\xc2\x2b" + "\x76\x32\x99\x41\x9c\xc4\x12\x8b\xe9\xa0" + "\x77\xb3\xac\xe6\x34\x06\x4e\x6d\x99\x28" + "\x35\x13\xdc\x06\xe7\x51\x5d\x0d\x73\x13" + "\x2e\x9a\x0d\xc6\xd3\xb1\xf8\xb2\x46\xf1" + "\xa9\x8a\x3f\xc7\x29\x41\xb1\xe3\xbb\x20" + "\x98\xe8\xbf\x16\xf2\x68\xd6\x4f\x0b\x0f" + "\x47\x07\xfe\x1e\xa1\xa1\x79\x1b\xa2\xf3" + "\xc0\xc7\x58\xe5\xf5\x51\x86\x3a\x96\xc9" + "\x49\xad\x47\xd7\xfb\x40\xd2"), + "C665BEFB36DA189D78822D10528CBF3B12B3EEF7260399" + "09C1A16A270D48719377966B957A878E72058477" + "9A62825C18DA26415E49A7176A894E7510FD1451F5", + 1); +} + +int main(void) { + const struct CMUnitTest tests[] = { + /* isc_md_new() */ + cmocka_unit_test(isc_md_new_test), + + /* isc_md_init() */ + cmocka_unit_test_setup_teardown(isc_md_init_test, + _reset, _reset), + + /* isc_md_reset() */ + cmocka_unit_test_setup_teardown(isc_md_reset_test, + _reset, _reset), + + /* isc_md_init() -> isc_md_update() -> isc_md_final() */ + cmocka_unit_test(isc_md_md5_test), + cmocka_unit_test(isc_md_sha1_test), + cmocka_unit_test(isc_md_sha224_test), + cmocka_unit_test(isc_md_sha256_test), + cmocka_unit_test(isc_md_sha384_test), + cmocka_unit_test(isc_md_sha512_test), + + cmocka_unit_test_setup_teardown(isc_md_update_test, + _reset, _reset), + cmocka_unit_test_setup_teardown(isc_md_final_test, + _reset, _reset), + + cmocka_unit_test(isc_md_free_test), + }; + + return (cmocka_run_group_tests(tests, _setup, _teardown)); +} + +#else /* HAVE_CMOCKA */ + +#include + +int main(void) { + printf("1..0 # Skipped: cmocka not available\n"); + return (0); +} + +#endif diff --git a/lib/isc/unix/file.c b/lib/isc/unix/file.c index d2d3e101ff..3b0c5632c8 100644 --- a/lib/isc/unix/file.c +++ b/lib/isc/unix/file.c @@ -63,10 +63,10 @@ #include #include #include +#include #include #include #include -#include #include #include #include @@ -703,12 +703,32 @@ isc_file_munmap(void *addr, size_t len) { #define PATH_MAX 1024 #endif +static isc_result_t +digest2hex(unsigned char *digest, unsigned int digestlen, + char *hash, size_t hashlen) +{ + unsigned int i; + int ret; + for (i = 0; i < digestlen; i++) { + size_t left = hashlen - i * 2; + ret = snprintf(hash + i * 2, left, "%02x", digest[i]); + if (ret < 0 || (size_t)ret >= left) { + return (ISC_R_NOSPACE); + } + } + return (ISC_R_SUCCESS); +} + isc_result_t isc_file_sanitize(const char *dir, const char *base, const char *ext, char *path, size_t length) { - char buf[PATH_MAX], hash[ISC_SHA256_DIGESTSTRINGLENGTH]; + char buf[PATH_MAX]; + unsigned char digest[ISC_MAX_MD_SIZE]; + unsigned int digestlen; + char hash[ISC_MAX_MD_SIZE * 2 + 1]; size_t l = 0; + isc_result_t err; REQUIRE(base != NULL); REQUIRE(path != NULL); @@ -731,7 +751,17 @@ isc_file_sanitize(const char *dir, const char *base, const char *ext, return (ISC_R_NOSPACE); /* Check whether the full-length SHA256 hash filename exists */ - isc_sha256_data((const void *) base, strlen(base), hash); + err = isc_md(ISC_MD_SHA256, (const unsigned char *)base, + strlen(base), digest, &digestlen); + if (err != ISC_R_SUCCESS) { + return (err); + } + + err = digest2hex(digest, digestlen, hash, sizeof(hash)); + if (err != ISC_R_SUCCESS) { + return (err); + } + snprintf(buf, sizeof(buf), "%s%s%s%s%s", dir != NULL ? dir : "", dir != NULL ? "/" : "", hash, ext != NULL ? "." : "", ext != NULL ? ext : ""); diff --git a/lib/isc/win32/file.c b/lib/isc/win32/file.c index 77982ef82e..76662f35a9 100644 --- a/lib/isc/win32/file.c +++ b/lib/isc/win32/file.c @@ -26,11 +26,11 @@ #include #include +#include #include #include #include #include -#include #include #include #include @@ -780,12 +780,32 @@ isc_file_munmap(void *addr, size_t len) { #define PATH_MAX 1024 #endif +static isc_result_t +digest2hex(unsigned char *digest, unsigned int digestlen, + char *hash, size_t hashlen) +{ + unsigned int i; + int ret; + for (i = 0; i < digestlen; i++) { + size_t left = hashlen - i * 2; + ret = snprintf(hash + i * 2, left, "%02x", digest[i]); + if (ret < 0 || (size_t)ret >= left) { + return (ISC_R_NOSPACE); + } + } + return (ISC_R_SUCCESS); +} + isc_result_t isc_file_sanitize(const char *dir, const char *base, const char *ext, char *path, size_t length) { - char buf[PATH_MAX], hash[ISC_SHA256_DIGESTSTRINGLENGTH]; + char buf[PATH_MAX]; + unsigned char digest[ISC_MAX_MD_SIZE]; + unsigned int digestlen; + char hash[ISC_MAX_MD_SIZE * 2 + 1]; size_t l = 0; + isc_result_t err; REQUIRE(base != NULL); REQUIRE(path != NULL); @@ -808,7 +828,17 @@ isc_file_sanitize(const char *dir, const char *base, const char *ext, return (ISC_R_NOSPACE); /* Check whether the full-length SHA256 hash filename exists */ - isc_sha256_data((const void *) base, strlen(base), hash); + err = isc_md(ISC_MD_SHA256, (const unsigned char *)base, + strlen(base), digest, &digestlen); + if (err != ISC_R_SUCCESS) { + return (err); + } + + err = digest2hex(digest, digestlen, hash, sizeof(hash)); + if (err != ISC_R_SUCCESS) { + return (err); + } + snprintf(buf, sizeof(buf), "%s%s%s%s%s", dir != NULL ? dir : "", dir != NULL ? "/" : "", hash, ext != NULL ? "." : "", ext != NULL ? ext : ""); diff --git a/lib/isc/win32/include/isc/platform.h.in b/lib/isc/win32/include/isc/platform.h.in index 6369fc5630..4bab6a4766 100644 --- a/lib/isc/win32/include/isc/platform.h.in +++ b/lib/isc/win32/include/isc/platform.h.in @@ -42,6 +42,12 @@ typedef uint32_t socklen_t; #endif +/* + * Remove __attribute__ ((foo)) on Windows + */ + +#define __attribute__(attribute) /* do nothing */ + /*** *** Network. ***/ diff --git a/lib/isc/win32/libisc.def.in b/lib/isc/win32/libisc.def.in index a42ce21807..7847f2bb0e 100644 --- a/lib/isc/win32/libisc.def.in +++ b/lib/isc/win32/libisc.def.in @@ -371,11 +371,18 @@ isc_logconfig_destroy isc_logconfig_get isc_logconfig_use isc_logfile_roll -isc_md5_check -isc_md5_final -isc_md5_init -isc_md5_invalidate -isc_md5_update +isc_md_new +isc_md_init +isc_md_reset +isc_md_update +isc_md_final +isc_md_free +isc_md_get_md_type +isc_md_get_size +isc_md_get_block_size +isc_md_type_get_size +isc_md_type_get_block_size +isc_md isc_mem_attach isc_mem_checkdestroyed isc_mem_create @@ -527,35 +534,6 @@ isc_serial_gt isc_serial_le isc_serial_lt isc_serial_ne -isc_sha1_check -isc_sha1_final -isc_sha1_init -isc_sha1_invalidate -isc_sha1_update -isc_sha224_data -isc_sha224_end -isc_sha224_final -isc_sha224_init -isc_sha224_invalidate -isc_sha224_update -isc_sha256_data -isc_sha256_end -isc_sha256_final -isc_sha256_init -isc_sha256_invalidate -isc_sha256_update -isc_sha384_data -isc_sha384_end -isc_sha384_final -isc_sha384_init -isc_sha384_invalidate -isc_sha384_update -isc_sha512_data -isc_sha512_end -isc_sha512_final -isc_sha512_init -isc_sha512_invalidate -isc_sha512_update isc_sockaddr_any isc_sockaddr_any6 isc_sockaddr_anyofpf diff --git a/lib/isc/win32/libisc.vcxproj.filters.in b/lib/isc/win32/libisc.vcxproj.filters.in index e6563b6218..e18b64a316 100644 --- a/lib/isc/win32/libisc.vcxproj.filters.in +++ b/lib/isc/win32/libisc.vcxproj.filters.in @@ -140,9 +140,6 @@ Library Header Files - - Library Header Files - Library Header Files @@ -224,12 +221,6 @@ Library Header Files - - Library Header Files - - - Library Header Files - Library Header Files @@ -550,9 +541,6 @@ Library Source Files - - Library Source Files - Library Source Files @@ -610,12 +598,6 @@ Library Source Files - - Library Source Files - - - Library Source Files - Library Source Files diff --git a/lib/isc/win32/libisc.vcxproj.in b/lib/isc/win32/libisc.vcxproj.in index b7ddaf8070..7bf367814e 100644 --- a/lib/isc/win32/libisc.vcxproj.in +++ b/lib/isc/win32/libisc.vcxproj.in @@ -328,7 +328,6 @@ copy InstallFiles ..\Build\Release\ - @@ -356,8 +355,6 @@ copy InstallFiles ..\Build\Release\ - - @@ -442,7 +439,6 @@ copy InstallFiles ..\Build\Release\ - @@ -462,8 +458,6 @@ copy InstallFiles ..\Build\Release\ - - diff --git a/lib/isccc/win32/libisccc.vcxproj.in b/lib/isccc/win32/libisccc.vcxproj.in index 062adf9342..f4c0e55dae 100644 --- a/lib/isccc/win32/libisccc.vcxproj.in +++ b/lib/isccc/win32/libisccc.vcxproj.in @@ -53,7 +53,7 @@ Level3 Disabled - WIN32;USE_MD5;_DEBUG;_WINDOWS;_USRDLL;LIBISCCC_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) + WIN32;_DEBUG;_WINDOWS;_USRDLL;LIBISCCC_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) .\;..\..\..\;@LIBXML2_INC@@OPENSSL_INC@include;..\include;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;..\..\dns\include;%(AdditionalIncludeDirectories) true .\$(Configuration)\$(TargetName).pch @@ -81,7 +81,7 @@ MaxSpeed true @INTRINSIC@ - WIN32;USE_MD5;NDEBUG;_WINDOWS;_USRDLL;LIBISCCC_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) + WIN32;NDEBUG;_WINDOWS;_USRDLL;LIBISCCC_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) .\;..\..\..\;@LIBXML2_INC@@OPENSSL_INC@include;..\include;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;..\..\dns\include;%(AdditionalIncludeDirectories) OnlyExplicitInline true diff --git a/lib/isccfg/win32/libisccfg.vcxproj.in b/lib/isccfg/win32/libisccfg.vcxproj.in index df872632e6..d3811d5844 100644 --- a/lib/isccfg/win32/libisccfg.vcxproj.in +++ b/lib/isccfg/win32/libisccfg.vcxproj.in @@ -53,7 +53,7 @@ Level3 Disabled - WIN32;USE_MD5;_DEBUG;_WINDOWS;_USRDLL;LIBISCCFG_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) + WIN32;_DEBUG;_WINDOWS;_USRDLL;LIBISCCFG_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) .\;..\..\..\;include;..\include;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;..\..\dns\include;@LIBXML2_INC@@GEOIP_INC@%(AdditionalIncludeDirectories) true .\$(Configuration)\$(TargetName).pch @@ -81,7 +81,7 @@ MaxSpeed true @INTRINSIC@ - WIN32;USE_MD5;NDEBUG;_WINDOWS;_USRDLL;LIBISCCFG_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) + WIN32;NDEBUG;_WINDOWS;_USRDLL;LIBISCCFG_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) .\;..\..\..\;include;..\include;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;..\..\dns\include;@LIBXML2_INC@@GEOIP_INC@%(AdditionalIncludeDirectories) OnlyExplicitInline true diff --git a/util/copyrights b/util/copyrights index 3f122d59a7..5e2a74d6c5 100644 --- a/util/copyrights +++ b/util/copyrights @@ -3402,7 +3402,7 @@ ./lib/isc/include/isc/list.h C 1997,1998,1999,2000,2001,2002,2004,2006,2007,2011,2012,2013,2016,2018 ./lib/isc/include/isc/log.h C 1999,2000,2001,2002,2004,2005,2006,2007,2009,2014,2016,2017,2018 ./lib/isc/include/isc/magic.h C 1999,2000,2001,2004,2005,2006,2007,2016,2017,2018 -./lib/isc/include/isc/md5.h C 2000,2001,2004,2005,2006,2007,2009,2010,2014,2016,2017,2018 +./lib/isc/include/isc/md.h C 2018 ./lib/isc/include/isc/mem.h C 1997,1998,1999,2000,2001,2004,2005,2006,2007,2008,2009,2010,2011,2012,2013,2015,2016,2017,2018 ./lib/isc/include/isc/meminfo.h C 2015,2016,2018 ./lib/isc/include/isc/msgcat.h C 1999,2000,2001,2004,2005,2007,2016,2018 @@ -3431,8 +3431,6 @@ ./lib/isc/include/isc/rwlock.h C 1998,1999,2000,2001,2003,2004,2005,2006,2007,2016,2017,2018 ./lib/isc/include/isc/safe.h C 2013,2015,2016,2017,2018 ./lib/isc/include/isc/serial.h C 1999,2000,2001,2004,2005,2006,2007,2009,2016,2018 -./lib/isc/include/isc/sha1.h C 2000,2001,2004,2005,2006,2007,2009,2014,2016,2017,2018 -./lib/isc/include/isc/sha2.h C 2005,2006,2007,2009,2014,2016,2017,2018 ./lib/isc/include/isc/sockaddr.h C 1998,1999,2000,2001,2002,2003,2004,2005,2006,2007,2009,2012,2015,2016,2018 ./lib/isc/include/isc/socket.h C 1998,1999,2000,2001,2002,2004,2005,2006,2007,2008,2009,2011,2012,2013,2014,2016,2018 ./lib/isc/include/isc/stats.h C 2009,2012,2016,2018 @@ -3463,7 +3461,7 @@ ./lib/isc/lfsr.c C 1999,2000,2001,2002,2004,2005,2007,2016,2018 ./lib/isc/lib.c C 1999,2000,2001,2004,2005,2007,2009,2013,2014,2015,2016,2018 ./lib/isc/log.c C 1999,2000,2001,2002,2003,2004,2005,2006,2007,2009,2011,2012,2013,2014,2016,2017,2018 -./lib/isc/md5.c C 2000,2001,2004,2005,2007,2009,2014,2015,2016,2017,2018 +./lib/isc/md.c C 2018 ./lib/isc/mem.c C 1997,1998,1999,2000,2001,2002,2003,2004,2005,2006,2007,2008,2009,2010,2012,2013,2014,2015,2016,2017,2018 ./lib/isc/mem_p.h C 2018 ./lib/isc/mutexblock.c C 1999,2000,2001,2004,2005,2007,2011,2012,2016,2018 @@ -3495,8 +3493,6 @@ ./lib/isc/result.c C 1998,1999,2000,2001,2003,2004,2005,2007,2008,2012,2014,2015,2016,2017,2018 ./lib/isc/rwlock.c C 1998,1999,2000,2001,2003,2004,2005,2007,2009,2011,2012,2015,2016,2017,2018 ./lib/isc/serial.c C 1999,2000,2001,2004,2005,2007,2016,2018 -./lib/isc/sha1.c C 2000,2001,2003,2004,2005,2007,2009,2011,2012,2014,2016,2017,2018 -./lib/isc/sha2.c C 2005,2006,2007,2009,2011,2012,2014,2016,2017,2018 ./lib/isc/sockaddr.c C 1999,2000,2001,2002,2003,2004,2005,2006,2007,2010,2011,2012,2014,2015,2016,2017,2018 ./lib/isc/stats.c C 2009,2012,2013,2014,2015,2016,2017,2018 ./lib/isc/string.c C 1999,2000,2001,2003,2004,2005,2006,2007,2011,2012,2014,2015,2016,2018 @@ -3517,6 +3513,7 @@ ./lib/isc/tests/isctest.c C 2011,2012,2013,2014,2016,2017,2018 ./lib/isc/tests/isctest.h C 2011,2012,2016,2018 ./lib/isc/tests/lex_test.c C 2013,2016,2018 +./lib/isc/tests/md_test.c C 2018 ./lib/isc/tests/mem_test.c C 2015,2016,2017,2018 ./lib/isc/tests/netaddr_test.c C 2016,2018 ./lib/isc/tests/parse_test.c C 2012,2013,2016,2018