Browse code
use sha256 instead of md5 in phishcheck. move sha256 to libclamav. add more tests.
- ChangeLog
- freshclam/Makefile.am
- freshclam/Makefile.in
- libclamav/Makefile.am
- libclamav/Makefile.in
- libclamav/libclamav.map
- libclamav/phishcheck.c
- libclamav/phishcheck.h
- libclamav/regex_list.c
- libclamav/regex_list.h
- libclamav/sha256.c
- libclamav/sha256.h
- shared/cdiff.c
- shared/sha256.c
- shared/sha256.h
- sigtool/Makefile.am
- sigtool/Makefile.in
- sigtool/sigtool.c
- unit_tests/check_clamav.c
- unit_tests/check_regex.c
- unit_tests/input/daily.pdb2
| ... | ... |
@@ -1,3 +1,9 @@ |
| 1 |
+Wed Feb 18 17:24:48 EET 2009 (edwin) |
|
| 2 |
+------------------------------------ |
|
| 3 |
+ * freshclam/, libclamav/, shared/, sigtool/, unit_tests/: use sha256 |
|
| 4 |
+ instead of md5 in phishcheck. move sha256 to libclamav. add more |
|
| 5 |
+ tests. |
|
| 6 |
+ |
|
| 1 | 7 |
Wed Feb 18 12:41:17 CET 2009 (tk) |
| 2 | 8 |
--------------------------------- |
| 3 | 9 |
* etc/clamav-milter.conf: fix PidFile example (bb#1408) |
| ... | ... |
@@ -28,7 +28,6 @@ freshclam_SOURCES = \ |
| 28 | 28 |
$(top_srcdir)/shared/getopt.h \ |
| 29 | 29 |
$(top_srcdir)/shared/misc.c \ |
| 30 | 30 |
$(top_srcdir)/shared/misc.h \ |
| 31 |
- $(top_srcdir)/shared/sha256.c \ |
|
| 32 | 31 |
$(top_srcdir)/shared/cdiff.c \ |
| 33 | 32 |
$(top_srcdir)/shared/cdiff.h \ |
| 34 | 33 |
$(top_srcdir)/shared/tar.c \ |
| ... | ... |
@@ -73,10 +73,10 @@ am__installdirs = "$(DESTDIR)$(bindir)" |
| 73 | 73 |
binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) |
| 74 | 74 |
PROGRAMS = $(bin_PROGRAMS) |
| 75 | 75 |
am_freshclam_OBJECTS = output.$(OBJEXT) optparser.$(OBJEXT) \ |
| 76 |
- getopt.$(OBJEXT) misc.$(OBJEXT) sha256.$(OBJEXT) \ |
|
| 77 |
- cdiff.$(OBJEXT) tar.$(OBJEXT) freshclam.$(OBJEXT) \ |
|
| 78 |
- manager.$(OBJEXT) notify.$(OBJEXT) dns.$(OBJEXT) \ |
|
| 79 |
- execute.$(OBJEXT) nonblock.$(OBJEXT) mirman.$(OBJEXT) |
|
| 76 |
+ getopt.$(OBJEXT) misc.$(OBJEXT) cdiff.$(OBJEXT) tar.$(OBJEXT) \ |
|
| 77 |
+ freshclam.$(OBJEXT) manager.$(OBJEXT) notify.$(OBJEXT) \ |
|
| 78 |
+ dns.$(OBJEXT) execute.$(OBJEXT) nonblock.$(OBJEXT) \ |
|
| 79 |
+ mirman.$(OBJEXT) |
|
| 80 | 80 |
freshclam_OBJECTS = $(am_freshclam_OBJECTS) |
| 81 | 81 |
freshclam_LDADD = $(LDADD) |
| 82 | 82 |
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) |
| ... | ... |
@@ -257,7 +257,6 @@ freshclam_SOURCES = \ |
| 257 | 257 |
$(top_srcdir)/shared/getopt.h \ |
| 258 | 258 |
$(top_srcdir)/shared/misc.c \ |
| 259 | 259 |
$(top_srcdir)/shared/misc.h \ |
| 260 |
- $(top_srcdir)/shared/sha256.c \ |
|
| 261 | 260 |
$(top_srcdir)/shared/cdiff.c \ |
| 262 | 261 |
$(top_srcdir)/shared/cdiff.h \ |
| 263 | 262 |
$(top_srcdir)/shared/tar.c \ |
| ... | ... |
@@ -378,7 +377,6 @@ distclean-compile: |
| 378 | 378 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/notify.Po@am__quote@ |
| 379 | 379 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/optparser.Po@am__quote@ |
| 380 | 380 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/output.Po@am__quote@ |
| 381 |
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha256.Po@am__quote@ |
|
| 382 | 381 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tar.Po@am__quote@ |
| 383 | 382 |
|
| 384 | 383 |
.c.o: |
| ... | ... |
@@ -458,20 +456,6 @@ misc.obj: $(top_srcdir)/shared/misc.c |
| 458 | 458 |
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
| 459 | 459 |
@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o misc.obj `if test -f '$(top_srcdir)/shared/misc.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/misc.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/misc.c'; fi` |
| 460 | 460 |
|
| 461 |
-sha256.o: $(top_srcdir)/shared/sha256.c |
|
| 462 |
-@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha256.o -MD -MP -MF $(DEPDIR)/sha256.Tpo -c -o sha256.o `test -f '$(top_srcdir)/shared/sha256.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/sha256.c |
|
| 463 |
-@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sha256.Tpo $(DEPDIR)/sha256.Po |
|
| 464 |
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$(top_srcdir)/shared/sha256.c' object='sha256.o' libtool=no @AMDEPBACKSLASH@ |
|
| 465 |
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
|
| 466 |
-@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha256.o `test -f '$(top_srcdir)/shared/sha256.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/sha256.c |
|
| 467 |
- |
|
| 468 |
-sha256.obj: $(top_srcdir)/shared/sha256.c |
|
| 469 |
-@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha256.obj -MD -MP -MF $(DEPDIR)/sha256.Tpo -c -o sha256.obj `if test -f '$(top_srcdir)/shared/sha256.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/sha256.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/sha256.c'; fi` |
|
| 470 |
-@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sha256.Tpo $(DEPDIR)/sha256.Po |
|
| 471 |
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$(top_srcdir)/shared/sha256.c' object='sha256.obj' libtool=no @AMDEPBACKSLASH@ |
|
| 472 |
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
|
| 473 |
-@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha256.obj `if test -f '$(top_srcdir)/shared/sha256.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/sha256.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/sha256.c'; fi` |
|
| 474 |
- |
|
| 475 | 461 |
cdiff.o: $(top_srcdir)/shared/cdiff.c |
| 476 | 462 |
@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cdiff.o -MD -MP -MF $(DEPDIR)/cdiff.Tpo -c -o cdiff.o `test -f '$(top_srcdir)/shared/cdiff.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/cdiff.c |
| 477 | 463 |
@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/cdiff.Tpo $(DEPDIR)/cdiff.Po |
| ... | ... |
@@ -100,7 +100,8 @@ am_libclamav_la_OBJECTS = matcher-ac.lo matcher-bm.lo matcher.lo \ |
| 100 | 100 |
sis.lo uuencode.lo phishcheck.lo phish_domaincheck_db.lo \ |
| 101 | 101 |
phish_whitelist.lo regex_list.lo regex_suffix.lo mspack.lo \ |
| 102 | 102 |
cab.lo entconv.lo hashtab.lo dconf.lo lzma_iface.lo explode.lo \ |
| 103 |
- textnorm.lo dlp.lo js-norm.lo uniq.lo version.lo mpool.lo |
|
| 103 |
+ textnorm.lo dlp.lo js-norm.lo uniq.lo version.lo mpool.lo \ |
|
| 104 |
+ sha256.lo |
|
| 104 | 105 |
libclamav_la_OBJECTS = $(am_libclamav_la_OBJECTS) |
| 105 | 106 |
libclamav_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ |
| 106 | 107 |
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ |
| ... | ... |
@@ -560,7 +561,9 @@ libclamav_la_SOURCES = \ |
| 560 | 560 |
version.h\ |
| 561 | 561 |
mpool.c\ |
| 562 | 562 |
mpool.h \ |
| 563 |
- default.h |
|
| 563 |
+ default.h\ |
|
| 564 |
+ sha256.c\ |
|
| 565 |
+ sha256.h |
|
| 564 | 566 |
|
| 565 | 567 |
noinst_LTLIBRARIES = libclamav_internal_utils.la |
| 566 | 568 |
COMMON_CLEANFILES = version.h version.h.tmp *.gcda *.gcno lzma/*.gcda lzma/*.gcno |
| ... | ... |
@@ -712,6 +715,7 @@ distclean-compile: |
| 712 | 712 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/regex_suffix.Plo@am__quote@ |
| 713 | 713 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rtf.Plo@am__quote@ |
| 714 | 714 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scanners.Plo@am__quote@ |
| 715 |
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha256.Plo@am__quote@ |
|
| 715 | 716 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sis.Plo@am__quote@ |
| 716 | 717 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/special.Plo@am__quote@ |
| 717 | 718 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/spin.Plo@am__quote@ |
| ... | ... |
@@ -45,7 +45,7 @@ |
| 45 | 45 |
#include "iana_tld.h" |
| 46 | 46 |
#include "iana_cctld.h" |
| 47 | 47 |
#include "scanners.h" |
| 48 |
-#include "md5.h" |
|
| 48 |
+#include "sha256.h" |
|
| 49 | 49 |
#include <assert.h> |
| 50 | 50 |
|
| 51 | 51 |
#include "mpool.h" |
| ... | ... |
@@ -482,6 +482,7 @@ static int isSSL(const char* URL) |
| 482 | 482 |
static void |
| 483 | 483 |
str_hex_to_char(char **begin, const char **end) |
| 484 | 484 |
{
|
| 485 |
+ char *firsthex, *sbegin_; |
|
| 485 | 486 |
char *sbegin = *begin; |
| 486 | 487 |
const char *str_end = *end; |
| 487 | 488 |
|
| ... | ... |
@@ -497,16 +498,25 @@ str_hex_to_char(char **begin, const char **end) |
| 497 | 497 |
sbegin += 2; |
| 498 | 498 |
} |
| 499 | 499 |
*begin = sbegin++; |
| 500 |
- while(sbegin+3 < str_end) {
|
|
| 501 |
- while(sbegin+3<str_end && sbegin[0]=='%') {
|
|
| 502 |
- const char* src = sbegin+3; |
|
| 500 |
+ do {
|
|
| 501 |
+ sbegin_ = sbegin; |
|
| 502 |
+ firsthex = NULL; |
|
| 503 |
+ while(sbegin+3 <= str_end) {
|
|
| 504 |
+ if (sbegin+3<=str_end && sbegin[0]=='%') {
|
|
| 505 |
+ const char* src = sbegin+3; |
|
| 506 |
+ if (isxdigit(sbegin[1]) && isxdigit(sbegin[2])) {
|
|
| 503 | 507 |
*sbegin = hex2int((unsigned char*)sbegin+1); |
| 508 |
+ if (*sbegin == '%' && !firsthex) |
|
| 509 |
+ firsthex = sbegin; |
|
| 504 | 510 |
/* move string */ |
| 505 | 511 |
memmove(sbegin+1,src,str_end-src+1); |
| 506 | 512 |
str_end -= 2; |
| 513 |
+ } |
|
| 507 | 514 |
} |
| 508 | 515 |
sbegin++; |
| 509 |
- } |
|
| 516 |
+ } |
|
| 517 |
+ sbegin = sbegin_; |
|
| 518 |
+ } while (firsthex); |
|
| 510 | 519 |
*end = str_end; |
| 511 | 520 |
} |
| 512 | 521 |
|
| ... | ... |
@@ -1158,66 +1168,96 @@ static int hash_match(const struct regex_matcher *rlist, const char *host, size_ |
| 1158 | 1158 |
s[hlen+plen] = '\0'; |
| 1159 | 1159 |
cli_dbgmsg("hash lookup for: %s\n",s);
|
| 1160 | 1160 |
#endif |
| 1161 |
- if(rlist->md5_hashes.bm_patterns) {
|
|
| 1162 |
- unsigned char md5_dig[16]; |
|
| 1163 |
- cli_md5_ctx md5; |
|
| 1164 |
- |
|
| 1165 |
- cli_md5_init(&md5); |
|
| 1166 |
- cli_md5_update(&md5, host, hlen); |
|
| 1167 |
- cli_md5_update(&md5, path, plen); |
|
| 1168 |
- cli_md5_final(md5_dig, &md5); |
|
| 1169 |
- if(SO_search(&rlist->md5_filter, md5_dig, 16) != -1 && |
|
| 1170 |
- cli_bm_scanbuff(md5_dig, 16, &virname, &rlist->md5_hashes,0,0,-1) == CL_VIRUS) {
|
|
| 1171 |
- switch(*virname) {
|
|
| 1172 |
- case '1': |
|
| 1173 |
- return CL_PHISH_HASH1; |
|
| 1174 |
- case '2': |
|
| 1175 |
- return CL_PHISH_HASH2; |
|
| 1176 |
- default: |
|
| 1177 |
- return CL_PHISH_HASH0; |
|
| 1178 |
- } |
|
| 1161 |
+ if(rlist->sha256_hashes.bm_patterns) {
|
|
| 1162 |
+ unsigned char sha256_dig[32]; |
|
| 1163 |
+ SHA256_CTX sha256; |
|
| 1164 |
+ |
|
| 1165 |
+ sha256_init(&sha256); |
|
| 1166 |
+ sha256_update(&sha256, host, hlen); |
|
| 1167 |
+ sha256_update(&sha256, path, plen); |
|
| 1168 |
+ sha256_final(&sha256, sha256_dig); |
|
| 1169 |
+ if(SO_search(&rlist->sha256_filter, sha256_dig, 32) != -1 && |
|
| 1170 |
+ cli_bm_scanbuff(sha256_dig, 32, &virname, &rlist->sha256_hashes,0,0,-1) == CL_VIRUS) {
|
|
| 1171 |
+ switch(*virname) {
|
|
| 1172 |
+ case '1': |
|
| 1173 |
+ return CL_PHISH_HASH1; |
|
| 1174 |
+ case '2': |
|
| 1175 |
+ return CL_PHISH_HASH2; |
|
| 1176 |
+ default: |
|
| 1177 |
+ return CL_PHISH_HASH0; |
|
| 1179 | 1178 |
} |
| 1179 |
+ } |
|
| 1180 | 1180 |
} |
| 1181 | 1181 |
return CL_SUCCESS; |
| 1182 | 1182 |
} |
| 1183 | 1183 |
|
| 1184 | 1184 |
#define URL_MAX_LEN 1024 |
| 1185 | 1185 |
#define COMPONENTS 4 |
| 1186 |
-static int url_hash_match(const struct regex_matcher *rlist, const char *inurl, size_t len) |
|
| 1186 |
+int cli_url_canon(const char *inurl, size_t len, char *urlbuff, size_t dest_len, char **host, size_t *hostlen, char **path, size_t *pathlen) |
|
| 1187 | 1187 |
{
|
| 1188 |
- char urlbuff[URL_MAX_LEN+3];/* htmlnorm truncates at 1024 bytes + terminating null + slash + host end null */ |
|
| 1189 |
- char *url, *p; |
|
| 1188 |
+ char *url, *p, *last; |
|
| 1189 |
+ char *host_begin, *path_begin; |
|
| 1190 | 1190 |
const char *urlend = urlbuff + len; |
| 1191 |
- char *host_begin; |
|
| 1192 | 1191 |
size_t host_len, path_len; |
| 1193 |
- char *path_begin; |
|
| 1194 |
- const char *component; |
|
| 1195 |
- const char *lp[COMPONENTS+1]; |
|
| 1196 |
- size_t pp[COMPONENTS+2]; |
|
| 1197 |
- size_t j, k, ji, ki; |
|
| 1198 |
- int rc; |
|
| 1199 | 1192 |
|
| 1200 |
- if(!rlist || !rlist->md5_hashes.bm_patterns) {
|
|
| 1201 |
- return CL_SUCCESS; |
|
| 1202 |
- } |
|
| 1203 |
- if(!inurl) |
|
| 1204 |
- return CL_EMEM; |
|
| 1205 |
- strncpy(urlbuff, inurl, URL_MAX_LEN); |
|
| 1206 |
- urlbuff[URL_MAX_LEN] = urlbuff[URL_MAX_LEN+1] = urlbuff[URL_MAX_LEN+2] = '\0'; |
|
| 1193 |
+ dest_len -= 3; |
|
| 1194 |
+ strncpy(urlbuff, inurl, dest_len); |
|
| 1195 |
+ urlbuff[dest_len] = urlbuff[dest_len+1] = urlbuff[dest_len+2] = '\0'; |
|
| 1207 | 1196 |
url = urlbuff; |
| 1208 |
- str_hex_to_char(&url, &urlend); |
|
| 1209 |
- len = urlend - url; |
|
| 1210 |
- host_begin = strchr(url,':'); |
|
| 1211 |
- if(!host_begin) {
|
|
| 1197 |
+ |
|
| 1198 |
+ host_begin = strchr(url, ':'); |
|
| 1199 |
+ if(!host_begin) |
|
| 1212 | 1200 |
return CL_PHISH_CLEAN; |
| 1213 |
- } |
|
| 1214 | 1201 |
++host_begin; |
| 1202 |
+ |
|
| 1203 |
+ p = strchr(host_begin, '@'); |
|
| 1204 |
+ if (p) |
|
| 1205 |
+ host_begin = p+1; |
|
| 1206 |
+ url = host_begin; |
|
| 1207 |
+ str_hex_to_char(&url, &urlend); |
|
| 1208 |
+ host_begin = url; |
|
| 1209 |
+ len = urlend - url; |
|
| 1215 | 1210 |
while((host_begin < urlend) && *host_begin == '/') ++host_begin; |
| 1216 | 1211 |
while(*host_begin == '.' && host_begin < urlend) ++host_begin; |
| 1217 |
- p = strchr(host_begin, '@'); |
|
| 1218 |
- if(p) |
|
| 1219 |
- host_begin = p+1; |
|
| 1220 | 1212 |
|
| 1213 |
+ last = strchr(host_begin, '/'); |
|
| 1214 |
+ p = host_begin; |
|
| 1215 |
+ while (p < urlend) {
|
|
| 1216 |
+ if (p+2 < urlend && *p == '/' && p[1] == '.' ) {
|
|
| 1217 |
+ if (p[2] == '/') {
|
|
| 1218 |
+ if (p + 3 < urlend) |
|
| 1219 |
+ memmove(p+1, p+3, urlend - p - 3); |
|
| 1220 |
+ urlend -= 2; |
|
| 1221 |
+ } |
|
| 1222 |
+ else if (p[2] == '.' && (p[3] == '/' || p[3] == '\0') && last) {
|
|
| 1223 |
+ if (p+4 < urlend) |
|
| 1224 |
+ memmove(last+1, p+4, urlend - p - 4); |
|
| 1225 |
+ urlend -= 3 + (p - last); |
|
| 1226 |
+ } |
|
| 1227 |
+ } |
|
| 1228 |
+ if (*p == '/') |
|
| 1229 |
+ last = p; |
|
| 1230 |
+ p++; |
|
| 1231 |
+ } |
|
| 1232 |
+ p = &url[urlend - url]; |
|
| 1233 |
+ *p = '\0'; |
|
| 1234 |
+ |
|
| 1235 |
+ p = host_begin; |
|
| 1236 |
+ while (p < urlend && p+2 < url + dest_len) {
|
|
| 1237 |
+ unsigned char c = *p; |
|
| 1238 |
+ if (c <= 32 || c >= 127 || c == '%' || c == '#') {
|
|
| 1239 |
+ char hexchars[] = "0123456789ABCDEF"; |
|
| 1240 |
+ memmove(p+3, p+1, urlend - p - 1); |
|
| 1241 |
+ *p++ = '%'; |
|
| 1242 |
+ *p++ = hexchars[c>>4]; |
|
| 1243 |
+ *p = hexchars[c&0xf]; |
|
| 1244 |
+ urlend += 2; |
|
| 1245 |
+ } |
|
| 1246 |
+ p++; |
|
| 1247 |
+ } |
|
| 1248 |
+ *p = '\0'; |
|
| 1249 |
+ urlend = p; |
|
| 1250 |
+ len = urlend - url; |
|
| 1221 | 1251 |
host_len = strcspn(host_begin, ":/?"); |
| 1222 | 1252 |
path_begin = host_begin + host_len; |
| 1223 | 1253 |
if(host_len < len) {
|
| ... | ... |
@@ -1227,10 +1267,45 @@ static int url_hash_match(const struct regex_matcher *rlist, const char *inurl, |
| 1227 | 1227 |
} else path_begin = url+len; |
| 1228 | 1228 |
if(url + len >= path_begin) {
|
| 1229 | 1229 |
path_len = url + len - path_begin + 1; |
| 1230 |
- } else |
|
| 1230 |
+ p = strchr(path_begin, '#'); |
|
| 1231 |
+ if (p) {
|
|
| 1232 |
+ *p = '\0'; |
|
| 1233 |
+ path_len = p - path_begin; |
|
| 1234 |
+ } |
|
| 1235 |
+ } else {
|
|
| 1231 | 1236 |
path_len = 0; |
| 1237 |
+ path_begin = ""; |
|
| 1238 |
+ } |
|
| 1232 | 1239 |
str_make_lowercase(host_begin, host_len); |
| 1240 |
+ *host = host_begin; |
|
| 1241 |
+ *path = path_begin; |
|
| 1242 |
+ *hostlen = host_len; |
|
| 1243 |
+ *pathlen = path_len; |
|
| 1244 |
+ return CL_PHISH_NODECISION; |
|
| 1245 |
+} |
|
| 1246 |
+ |
|
| 1247 |
+static int url_hash_match(const struct regex_matcher *rlist, const char *inurl, size_t len) |
|
| 1248 |
+{
|
|
| 1249 |
+ size_t j, k, ji, ki; |
|
| 1250 |
+ char *host_begin, *path_begin; |
|
| 1251 |
+ const char *component; |
|
| 1252 |
+ size_t path_len; |
|
| 1253 |
+ size_t host_len; |
|
| 1254 |
+ char *p; |
|
| 1255 |
+ int rc; |
|
| 1256 |
+ const char *lp[COMPONENTS+1]; |
|
| 1257 |
+ size_t pp[COMPONENTS+2]; |
|
| 1258 |
+ char urlbuff[URL_MAX_LEN+3];/* htmlnorm truncates at 1024 bytes + terminating null + slash + host end null */ |
|
| 1259 |
+ |
|
| 1260 |
+ if(!rlist || !rlist->sha256_hashes.bm_patterns) {
|
|
| 1261 |
+ return CL_SUCCESS; |
|
| 1262 |
+ } |
|
| 1263 |
+ if(!inurl) |
|
| 1264 |
+ return CL_EMEM; |
|
| 1233 | 1265 |
|
| 1266 |
+ rc = cli_url_canon(inurl, len, urlbuff, sizeof(urlbuff), &host_begin, &host_len, &path_begin, &path_len); |
|
| 1267 |
+ if (rc == CL_PHISH_CLEAN) |
|
| 1268 |
+ return rc; |
|
| 1234 | 1269 |
j=COMPONENTS; |
| 1235 | 1270 |
component = strrchr(host_begin, '.'); |
| 1236 | 1271 |
while(component && j > 0) {
|
| ... | ... |
@@ -72,6 +72,7 @@ void phish_disable(struct cl_engine* engine,const char* reason); |
| 72 | 72 |
/* Global, non-thread-safe functions, call only once! */ |
| 73 | 73 |
int phishing_init(struct cl_engine* engine); |
| 74 | 74 |
void phishing_done(struct cl_engine* engine); |
| 75 |
+int cli_url_canon(const char *inurl, size_t len, char *urlbuff, size_t dest_len, char **host, size_t *hostlen, char **path, size_t *pathlen); |
|
| 75 | 76 |
/* end of non-thread-safe functions */ |
| 76 | 77 |
|
| 77 | 78 |
|
| ... | ... |
@@ -363,13 +363,13 @@ int init_regex_list(struct regex_matcher* matcher) |
| 363 | 363 |
return rc; |
| 364 | 364 |
} |
| 365 | 365 |
#ifdef USE_MPOOL |
| 366 |
- matcher->md5_hashes.mempool = mp; |
|
| 366 |
+ matcher->sha256_hashes.mempool = mp; |
|
| 367 | 367 |
#endif |
| 368 |
- if((rc = cli_bm_init(&matcher->md5_hashes))) {
|
|
| 368 |
+ if((rc = cli_bm_init(&matcher->sha256_hashes))) {
|
|
| 369 | 369 |
return rc; |
| 370 | 370 |
} |
| 371 | 371 |
SO_init(&matcher->filter); |
| 372 |
- SO_init(&matcher->md5_filter); |
|
| 372 |
+ SO_init(&matcher->sha256_filter); |
|
| 373 | 373 |
return CL_SUCCESS; |
| 374 | 374 |
} |
| 375 | 375 |
|
| ... | ... |
@@ -425,15 +425,15 @@ static int add_hash(struct regex_matcher *matcher, char* pattern, const char fl) |
| 425 | 425 |
pat->pattern = (unsigned char*)cli_mpool_hex2str(matcher->mempool, pattern); |
| 426 | 426 |
if(!pat->pattern) |
| 427 | 427 |
return CL_EMALFDB; |
| 428 |
- pat->length = 16; |
|
| 428 |
+ pat->length = 32; |
|
| 429 | 429 |
pat->virname = mpool_malloc(matcher->mempool, 1); |
| 430 | 430 |
if(!pat->virname) {
|
| 431 | 431 |
free(pat); |
| 432 | 432 |
return CL_EMEM; |
| 433 | 433 |
} |
| 434 | 434 |
*pat->virname = fl; |
| 435 |
- SO_preprocess_add(&matcher->md5_filter, pat->pattern, pat->length); |
|
| 436 |
- if((rc = cli_bm_addpatt(&matcher->md5_hashes, pat))) {
|
|
| 435 |
+ SO_preprocess_add(&matcher->sha256_filter, pat->pattern, pat->length); |
|
| 436 |
+ if((rc = cli_bm_addpatt(&matcher->sha256_hashes, pat))) {
|
|
| 437 | 437 |
cli_errmsg("add_hash: failed to add BM pattern\n");
|
| 438 | 438 |
free(pat->pattern); |
| 439 | 439 |
free(pat->virname); |
| ... | ... |
@@ -596,7 +596,7 @@ void regex_list_done(struct regex_matcher* matcher) |
| 596 | 596 |
mpool_free(matcher->mempool, matcher->all_pregs); |
| 597 | 597 |
} |
| 598 | 598 |
hashtab_free(&matcher->suffix_hash); |
| 599 |
- cli_bm_free(&matcher->md5_hashes); |
|
| 599 |
+ cli_bm_free(&matcher->sha256_hashes); |
|
| 600 | 600 |
} |
| 601 | 601 |
} |
| 602 | 602 |
|
| ... | ... |
@@ -50,8 +50,8 @@ struct regex_matcher {
|
| 50 | 50 |
size_t regex_cnt; |
| 51 | 51 |
regex_t **all_pregs; |
| 52 | 52 |
struct cli_matcher suffixes; |
| 53 |
- struct cli_matcher md5_hashes; |
|
| 54 |
- struct filter md5_filter; |
|
| 53 |
+ struct cli_matcher sha256_hashes; |
|
| 54 |
+ struct filter sha256_filter; |
|
| 55 | 55 |
struct filter filter; |
| 56 | 56 |
#ifdef USE_MPOOL |
| 57 | 57 |
mpool_t *mempool; |
| 58 | 58 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,481 @@ |
| 0 |
+/*- |
|
| 1 |
+ * Copyright (c) 2001-2003 Allan Saddi <allan@saddi.com> |
|
| 2 |
+ * All rights reserved. |
|
| 3 |
+ * |
|
| 4 |
+ * Redistribution and use in source and binary forms, with or without |
|
| 5 |
+ * modification, are permitted provided that the following conditions |
|
| 6 |
+ * are met: |
|
| 7 |
+ * 1. Redistributions of source code must retain the above copyright |
|
| 8 |
+ * notice, this list of conditions and the following disclaimer. |
|
| 9 |
+ * 2. Redistributions in binary form must reproduce the above copyright |
|
| 10 |
+ * notice, this list of conditions and the following disclaimer in the |
|
| 11 |
+ * documentation and/or other materials provided with the distribution. |
|
| 12 |
+ * |
|
| 13 |
+ * THIS SOFTWARE IS PROVIDED BY ALLAN SADDI AND HIS CONTRIBUTORS ``AS IS'' |
|
| 14 |
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
| 15 |
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
|
| 16 |
+ * ARE DISCLAIMED. IN NO EVENT SHALL ALLAN SADDI OR HIS CONTRIBUTORS BE |
|
| 17 |
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
|
| 18 |
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
|
| 19 |
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
|
| 20 |
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
|
| 21 |
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
| 22 |
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
| 23 |
+ * POSSIBILITY OF SUCH DAMAGE. |
|
| 24 |
+ * |
|
| 25 |
+ * $Id: sha256.c 680 2003-07-25 21:57:49Z asaddi $ |
|
| 26 |
+ */ |
|
| 27 |
+ |
|
| 28 |
+/* |
|
| 29 |
+ * Define WORDS_BIGENDIAN if compiling on a big-endian architecture. |
|
| 30 |
+ * |
|
| 31 |
+ * Define SHA256_TEST to test the implementation using the NIST's |
|
| 32 |
+ * sample messages. The output should be: |
|
| 33 |
+ * |
|
| 34 |
+ * ba7816bf 8f01cfea 414140de 5dae2223 b00361a3 96177a9c b410ff61 f20015ad |
|
| 35 |
+ * 248d6a61 d20638b8 e5c02693 0c3e6039 a33ce459 64ff2167 f6ecedd4 19db06c1 |
|
| 36 |
+ * cdc76e5c 9914fb92 81a1c7e2 84d73e67 f1809a48 a497200e 046d39cc c7112cd0 |
|
| 37 |
+ */ |
|
| 38 |
+ |
|
| 39 |
+#ifdef HAVE_CONFIG_H |
|
| 40 |
+#include "clamav-config.h" |
|
| 41 |
+#endif /* HAVE_CONFIG_H */ |
|
| 42 |
+ |
|
| 43 |
+#if HAVE_INTTYPES_H |
|
| 44 |
+# include <inttypes.h> |
|
| 45 |
+#else |
|
| 46 |
+# if HAVE_STDINT_H |
|
| 47 |
+# include <stdint.h> |
|
| 48 |
+# endif |
|
| 49 |
+#endif |
|
| 50 |
+ |
|
| 51 |
+#include <string.h> |
|
| 52 |
+ |
|
| 53 |
+#include "sha256.h" |
|
| 54 |
+ |
|
| 55 |
+#ifndef lint |
|
| 56 |
+static const char rcsid[] = |
|
| 57 |
+ "$Id: sha256.c 680 2003-07-25 21:57:49Z asaddi $"; |
|
| 58 |
+#endif /* !lint */ |
|
| 59 |
+ |
|
| 60 |
+#define ROTL(x, n) (((x) << (n)) | ((x) >> (32 - (n)))) |
|
| 61 |
+#define ROTR(x, n) (((x) >> (n)) | ((x) << (32 - (n)))) |
|
| 62 |
+ |
|
| 63 |
+#define Ch(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) |
|
| 64 |
+#define Maj(x, y, z) (((x) & ((y) | (z))) | ((y) & (z))) |
|
| 65 |
+#define SIGMA0(x) (ROTR((x), 2) ^ ROTR((x), 13) ^ ROTR((x), 22)) |
|
| 66 |
+#define SIGMA1(x) (ROTR((x), 6) ^ ROTR((x), 11) ^ ROTR((x), 25)) |
|
| 67 |
+#define sigma0(x) (ROTR((x), 7) ^ ROTR((x), 18) ^ ((x) >> 3)) |
|
| 68 |
+#define sigma1(x) (ROTR((x), 17) ^ ROTR((x), 19) ^ ((x) >> 10)) |
|
| 69 |
+ |
|
| 70 |
+#define DO_ROUND() { \
|
|
| 71 |
+ t1 = h + SIGMA1(e) + Ch(e, f, g) + *(Kp++) + *(W++); \ |
|
| 72 |
+ t2 = SIGMA0(a) + Maj(a, b, c); \ |
|
| 73 |
+ h = g; \ |
|
| 74 |
+ g = f; \ |
|
| 75 |
+ f = e; \ |
|
| 76 |
+ e = d + t1; \ |
|
| 77 |
+ d = c; \ |
|
| 78 |
+ c = b; \ |
|
| 79 |
+ b = a; \ |
|
| 80 |
+ a = t1 + t2; \ |
|
| 81 |
+} |
|
| 82 |
+ |
|
| 83 |
+static const uint32_t K[64] = {
|
|
| 84 |
+ 0x428a2f98L, 0x71374491L, 0xb5c0fbcfL, 0xe9b5dba5L, |
|
| 85 |
+ 0x3956c25bL, 0x59f111f1L, 0x923f82a4L, 0xab1c5ed5L, |
|
| 86 |
+ 0xd807aa98L, 0x12835b01L, 0x243185beL, 0x550c7dc3L, |
|
| 87 |
+ 0x72be5d74L, 0x80deb1feL, 0x9bdc06a7L, 0xc19bf174L, |
|
| 88 |
+ 0xe49b69c1L, 0xefbe4786L, 0x0fc19dc6L, 0x240ca1ccL, |
|
| 89 |
+ 0x2de92c6fL, 0x4a7484aaL, 0x5cb0a9dcL, 0x76f988daL, |
|
| 90 |
+ 0x983e5152L, 0xa831c66dL, 0xb00327c8L, 0xbf597fc7L, |
|
| 91 |
+ 0xc6e00bf3L, 0xd5a79147L, 0x06ca6351L, 0x14292967L, |
|
| 92 |
+ 0x27b70a85L, 0x2e1b2138L, 0x4d2c6dfcL, 0x53380d13L, |
|
| 93 |
+ 0x650a7354L, 0x766a0abbL, 0x81c2c92eL, 0x92722c85L, |
|
| 94 |
+ 0xa2bfe8a1L, 0xa81a664bL, 0xc24b8b70L, 0xc76c51a3L, |
|
| 95 |
+ 0xd192e819L, 0xd6990624L, 0xf40e3585L, 0x106aa070L, |
|
| 96 |
+ 0x19a4c116L, 0x1e376c08L, 0x2748774cL, 0x34b0bcb5L, |
|
| 97 |
+ 0x391c0cb3L, 0x4ed8aa4aL, 0x5b9cca4fL, 0x682e6ff3L, |
|
| 98 |
+ 0x748f82eeL, 0x78a5636fL, 0x84c87814L, 0x8cc70208L, |
|
| 99 |
+ 0x90befffaL, 0xa4506cebL, 0xbef9a3f7L, 0xc67178f2L |
|
| 100 |
+}; |
|
| 101 |
+ |
|
| 102 |
+#ifndef RUNTIME_ENDIAN |
|
| 103 |
+ |
|
| 104 |
+#if WORDS_BIGENDIAN == 1 |
|
| 105 |
+ |
|
| 106 |
+#define BYTESWAP(x) (x) |
|
| 107 |
+#define BYTESWAP64(x) (x) |
|
| 108 |
+ |
|
| 109 |
+#else /* WORDS_BIGENDIAN */ |
|
| 110 |
+ |
|
| 111 |
+#define BYTESWAP(x) ((ROTR((x), 8) & 0xff00ff00L) | \ |
|
| 112 |
+ (ROTL((x), 8) & 0x00ff00ffL)) |
|
| 113 |
+#define BYTESWAP64(x) _byteswap64(x) |
|
| 114 |
+ |
|
| 115 |
+static inline uint64_t _byteswap64(uint64_t x) |
|
| 116 |
+{
|
|
| 117 |
+ uint32_t a = x >> 32; |
|
| 118 |
+ uint32_t b = (uint32_t) x; |
|
| 119 |
+ return ((uint64_t) BYTESWAP(b) << 32) | (uint64_t) BYTESWAP(a); |
|
| 120 |
+} |
|
| 121 |
+ |
|
| 122 |
+#endif /* WORDS_BIGENDIAN */ |
|
| 123 |
+ |
|
| 124 |
+#else /* !RUNTIME_ENDIAN */ |
|
| 125 |
+ |
|
| 126 |
+#define BYTESWAP(x) _byteswap(sc->littleEndian, x) |
|
| 127 |
+#define BYTESWAP64(x) _byteswap64(sc->littleEndian, x) |
|
| 128 |
+ |
|
| 129 |
+#define _BYTESWAP(x) ((ROTR((x), 8) & 0xff00ff00L) | \ |
|
| 130 |
+ (ROTL((x), 8) & 0x00ff00ffL)) |
|
| 131 |
+#define _BYTESWAP64(x) __byteswap64(x) |
|
| 132 |
+ |
|
| 133 |
+static inline uint64_t __byteswap64(uint64_t x) |
|
| 134 |
+{
|
|
| 135 |
+ uint32_t a = x >> 32; |
|
| 136 |
+ uint32_t b = (uint32_t) x; |
|
| 137 |
+ return ((uint64_t) _BYTESWAP(b) << 32) | (uint64_t) _BYTESWAP(a); |
|
| 138 |
+} |
|
| 139 |
+ |
|
| 140 |
+static inline uint32_t _byteswap(int littleEndian, uint32_t x) |
|
| 141 |
+{
|
|
| 142 |
+ if (!littleEndian) |
|
| 143 |
+ return x; |
|
| 144 |
+ else |
|
| 145 |
+ return _BYTESWAP(x); |
|
| 146 |
+} |
|
| 147 |
+ |
|
| 148 |
+static inline uint64_t _byteswap64(int littleEndian, uint64_t x) |
|
| 149 |
+{
|
|
| 150 |
+ if (!littleEndian) |
|
| 151 |
+ return x; |
|
| 152 |
+ else |
|
| 153 |
+ return _BYTESWAP64(x); |
|
| 154 |
+} |
|
| 155 |
+ |
|
| 156 |
+static inline void setEndian(int *littleEndianp) |
|
| 157 |
+{
|
|
| 158 |
+ union {
|
|
| 159 |
+ uint32_t w; |
|
| 160 |
+ uint8_t b[4]; |
|
| 161 |
+ } endian; |
|
| 162 |
+ |
|
| 163 |
+ endian.w = 1L; |
|
| 164 |
+ *littleEndianp = endian.b[0] != 0; |
|
| 165 |
+} |
|
| 166 |
+ |
|
| 167 |
+#endif /* !RUNTIME_ENDIAN */ |
|
| 168 |
+ |
|
| 169 |
+static const uint8_t padding[64] = {
|
|
| 170 |
+ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 171 |
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 172 |
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 173 |
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 174 |
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 175 |
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 176 |
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 177 |
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 |
|
| 178 |
+}; |
|
| 179 |
+ |
|
| 180 |
+void |
|
| 181 |
+sha256_init (SHA256_CTX *sc) |
|
| 182 |
+{
|
|
| 183 |
+#ifdef RUNTIME_ENDIAN |
|
| 184 |
+ setEndian (&sc->littleEndian); |
|
| 185 |
+#endif /* RUNTIME_ENDIAN */ |
|
| 186 |
+ |
|
| 187 |
+ sc->totalLength = 0LL; |
|
| 188 |
+ sc->hash[0] = 0x6a09e667L; |
|
| 189 |
+ sc->hash[1] = 0xbb67ae85L; |
|
| 190 |
+ sc->hash[2] = 0x3c6ef372L; |
|
| 191 |
+ sc->hash[3] = 0xa54ff53aL; |
|
| 192 |
+ sc->hash[4] = 0x510e527fL; |
|
| 193 |
+ sc->hash[5] = 0x9b05688cL; |
|
| 194 |
+ sc->hash[6] = 0x1f83d9abL; |
|
| 195 |
+ sc->hash[7] = 0x5be0cd19L; |
|
| 196 |
+ sc->bufferLength = 0L; |
|
| 197 |
+} |
|
| 198 |
+ |
|
| 199 |
+static void |
|
| 200 |
+burnStack (int size) |
|
| 201 |
+{
|
|
| 202 |
+ char buf[128]; |
|
| 203 |
+ |
|
| 204 |
+ memset (buf, 0, sizeof (buf)); |
|
| 205 |
+ size -= sizeof (buf); |
|
| 206 |
+ if (size > 0) |
|
| 207 |
+ burnStack (size); |
|
| 208 |
+} |
|
| 209 |
+ |
|
| 210 |
+static void |
|
| 211 |
+SHA256Guts (SHA256_CTX *sc, const uint32_t *cbuf) |
|
| 212 |
+{
|
|
| 213 |
+ uint32_t buf[64]; |
|
| 214 |
+ uint32_t *W, *W2, *W7, *W15, *W16; |
|
| 215 |
+ uint32_t a, b, c, d, e, f, g, h; |
|
| 216 |
+ uint32_t t1, t2; |
|
| 217 |
+ const uint32_t *Kp; |
|
| 218 |
+ int i; |
|
| 219 |
+ |
|
| 220 |
+ W = buf; |
|
| 221 |
+ |
|
| 222 |
+ for (i = 15; i >= 0; i--) {
|
|
| 223 |
+ *(W++) = BYTESWAP(*cbuf); |
|
| 224 |
+ cbuf++; |
|
| 225 |
+ } |
|
| 226 |
+ |
|
| 227 |
+ W16 = &buf[0]; |
|
| 228 |
+ W15 = &buf[1]; |
|
| 229 |
+ W7 = &buf[9]; |
|
| 230 |
+ W2 = &buf[14]; |
|
| 231 |
+ |
|
| 232 |
+ for (i = 47; i >= 0; i--) {
|
|
| 233 |
+ *(W++) = sigma1(*W2) + *(W7++) + sigma0(*W15) + *(W16++); |
|
| 234 |
+ W2++; |
|
| 235 |
+ W15++; |
|
| 236 |
+ } |
|
| 237 |
+ |
|
| 238 |
+ a = sc->hash[0]; |
|
| 239 |
+ b = sc->hash[1]; |
|
| 240 |
+ c = sc->hash[2]; |
|
| 241 |
+ d = sc->hash[3]; |
|
| 242 |
+ e = sc->hash[4]; |
|
| 243 |
+ f = sc->hash[5]; |
|
| 244 |
+ g = sc->hash[6]; |
|
| 245 |
+ h = sc->hash[7]; |
|
| 246 |
+ |
|
| 247 |
+ Kp = K; |
|
| 248 |
+ W = buf; |
|
| 249 |
+ |
|
| 250 |
+#ifndef SHA256_UNROLL |
|
| 251 |
+#define SHA256_UNROLL 1 |
|
| 252 |
+#endif /* !SHA256_UNROLL */ |
|
| 253 |
+ |
|
| 254 |
+#if SHA256_UNROLL == 1 |
|
| 255 |
+ for (i = 63; i >= 0; i--) |
|
| 256 |
+ DO_ROUND(); |
|
| 257 |
+#elif SHA256_UNROLL == 2 |
|
| 258 |
+ for (i = 31; i >= 0; i--) {
|
|
| 259 |
+ DO_ROUND(); DO_ROUND(); |
|
| 260 |
+ } |
|
| 261 |
+#elif SHA256_UNROLL == 4 |
|
| 262 |
+ for (i = 15; i >= 0; i--) {
|
|
| 263 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 264 |
+ } |
|
| 265 |
+#elif SHA256_UNROLL == 8 |
|
| 266 |
+ for (i = 7; i >= 0; i--) {
|
|
| 267 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 268 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 269 |
+ } |
|
| 270 |
+#elif SHA256_UNROLL == 16 |
|
| 271 |
+ for (i = 3; i >= 0; i--) {
|
|
| 272 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 273 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 274 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 275 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 276 |
+ } |
|
| 277 |
+#elif SHA256_UNROLL == 32 |
|
| 278 |
+ for (i = 1; i >= 0; i--) {
|
|
| 279 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 280 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 281 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 282 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 283 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 284 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 285 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 286 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 287 |
+ } |
|
| 288 |
+#elif SHA256_UNROLL == 64 |
|
| 289 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 290 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 291 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 292 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 293 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 294 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 295 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 296 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 297 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 298 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 299 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 300 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 301 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 302 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 303 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 304 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
| 305 |
+#else |
|
| 306 |
+#error "SHA256_UNROLL must be 1, 2, 4, 8, 16, 32, or 64!" |
|
| 307 |
+#endif |
|
| 308 |
+ |
|
| 309 |
+ sc->hash[0] += a; |
|
| 310 |
+ sc->hash[1] += b; |
|
| 311 |
+ sc->hash[2] += c; |
|
| 312 |
+ sc->hash[3] += d; |
|
| 313 |
+ sc->hash[4] += e; |
|
| 314 |
+ sc->hash[5] += f; |
|
| 315 |
+ sc->hash[6] += g; |
|
| 316 |
+ sc->hash[7] += h; |
|
| 317 |
+} |
|
| 318 |
+ |
|
| 319 |
+void |
|
| 320 |
+sha256_update (SHA256_CTX *sc, const void *vdata, uint32_t len) |
|
| 321 |
+{
|
|
| 322 |
+ const uint8_t *data = vdata; |
|
| 323 |
+ uint32_t bufferBytesLeft; |
|
| 324 |
+ uint32_t bytesToCopy; |
|
| 325 |
+ int needBurn = 0; |
|
| 326 |
+ |
|
| 327 |
+#ifdef SHA256_FAST_COPY |
|
| 328 |
+ if (sc->bufferLength) {
|
|
| 329 |
+ bufferBytesLeft = 64L - sc->bufferLength; |
|
| 330 |
+ |
|
| 331 |
+ bytesToCopy = bufferBytesLeft; |
|
| 332 |
+ if (bytesToCopy > len) |
|
| 333 |
+ bytesToCopy = len; |
|
| 334 |
+ |
|
| 335 |
+ memcpy (&sc->buffer.bytes[sc->bufferLength], data, bytesToCopy); |
|
| 336 |
+ |
|
| 337 |
+ sc->totalLength += bytesToCopy * 8L; |
|
| 338 |
+ |
|
| 339 |
+ sc->bufferLength += bytesToCopy; |
|
| 340 |
+ data += bytesToCopy; |
|
| 341 |
+ len -= bytesToCopy; |
|
| 342 |
+ |
|
| 343 |
+ if (sc->bufferLength == 64L) {
|
|
| 344 |
+ SHA256Guts (sc, sc->buffer.words); |
|
| 345 |
+ needBurn = 1; |
|
| 346 |
+ sc->bufferLength = 0L; |
|
| 347 |
+ } |
|
| 348 |
+ } |
|
| 349 |
+ |
|
| 350 |
+ while (len > 63L) {
|
|
| 351 |
+ sc->totalLength += 512L; |
|
| 352 |
+ |
|
| 353 |
+ SHA256Guts (sc, data); |
|
| 354 |
+ needBurn = 1; |
|
| 355 |
+ |
|
| 356 |
+ data += 64L; |
|
| 357 |
+ len -= 64L; |
|
| 358 |
+ } |
|
| 359 |
+ |
|
| 360 |
+ if (len) {
|
|
| 361 |
+ memcpy (&sc->buffer.bytes[sc->bufferLength], data, len); |
|
| 362 |
+ |
|
| 363 |
+ sc->totalLength += len * 8L; |
|
| 364 |
+ |
|
| 365 |
+ sc->bufferLength += len; |
|
| 366 |
+ } |
|
| 367 |
+#else /* SHA256_FAST_COPY */ |
|
| 368 |
+ while (len) {
|
|
| 369 |
+ bufferBytesLeft = 64L - sc->bufferLength; |
|
| 370 |
+ |
|
| 371 |
+ bytesToCopy = bufferBytesLeft; |
|
| 372 |
+ if (bytesToCopy > len) |
|
| 373 |
+ bytesToCopy = len; |
|
| 374 |
+ |
|
| 375 |
+ memcpy (&sc->buffer.bytes[sc->bufferLength], data, bytesToCopy); |
|
| 376 |
+ |
|
| 377 |
+ sc->totalLength += bytesToCopy * 8L; |
|
| 378 |
+ |
|
| 379 |
+ sc->bufferLength += bytesToCopy; |
|
| 380 |
+ data += bytesToCopy; |
|
| 381 |
+ len -= bytesToCopy; |
|
| 382 |
+ |
|
| 383 |
+ if (sc->bufferLength == 64L) {
|
|
| 384 |
+ SHA256Guts (sc, sc->buffer.words); |
|
| 385 |
+ needBurn = 1; |
|
| 386 |
+ sc->bufferLength = 0L; |
|
| 387 |
+ } |
|
| 388 |
+ } |
|
| 389 |
+#endif /* SHA256_FAST_COPY */ |
|
| 390 |
+ |
|
| 391 |
+ if (needBurn) |
|
| 392 |
+ burnStack (sizeof (uint32_t[74]) + sizeof (uint32_t *[6]) + sizeof (int)); |
|
| 393 |
+} |
|
| 394 |
+ |
|
| 395 |
+void |
|
| 396 |
+sha256_final (SHA256_CTX *sc, uint8_t hash[SHA256_HASH_SIZE]) |
|
| 397 |
+{
|
|
| 398 |
+ uint32_t bytesToPad; |
|
| 399 |
+ uint64_t lengthPad; |
|
| 400 |
+ int i; |
|
| 401 |
+ |
|
| 402 |
+ bytesToPad = 120L - sc->bufferLength; |
|
| 403 |
+ if (bytesToPad > 64L) |
|
| 404 |
+ bytesToPad -= 64L; |
|
| 405 |
+ |
|
| 406 |
+ lengthPad = BYTESWAP64(sc->totalLength); |
|
| 407 |
+ |
|
| 408 |
+ sha256_update (sc, padding, bytesToPad); |
|
| 409 |
+ sha256_update (sc, &lengthPad, 8L); |
|
| 410 |
+ |
|
| 411 |
+ if (hash) {
|
|
| 412 |
+ for (i = 0; i < SHA256_HASH_WORDS; i++) {
|
|
| 413 |
+#ifdef SHA256_FAST_COPY |
|
| 414 |
+ *((uint32_t *) hash) = BYTESWAP(sc->hash[i]); |
|
| 415 |
+#else /* SHA256_FAST_COPY */ |
|
| 416 |
+ hash[0] = (uint8_t) (sc->hash[i] >> 24); |
|
| 417 |
+ hash[1] = (uint8_t) (sc->hash[i] >> 16); |
|
| 418 |
+ hash[2] = (uint8_t) (sc->hash[i] >> 8); |
|
| 419 |
+ hash[3] = (uint8_t) sc->hash[i]; |
|
| 420 |
+#endif /* SHA256_FAST_COPY */ |
|
| 421 |
+ hash += 4; |
|
| 422 |
+ } |
|
| 423 |
+ } |
|
| 424 |
+} |
|
| 425 |
+ |
|
| 426 |
+#ifdef SHA256_TEST |
|
| 427 |
+ |
|
| 428 |
+#include <stdio.h> |
|
| 429 |
+#include <stdlib.h> |
|
| 430 |
+#include <string.h> |
|
| 431 |
+ |
|
| 432 |
+int |
|
| 433 |
+main (int argc, char *argv[]) |
|
| 434 |
+{
|
|
| 435 |
+ SHA256_CTX foo; |
|
| 436 |
+ uint8_t hash[SHA256_HASH_SIZE]; |
|
| 437 |
+ char buf[1000]; |
|
| 438 |
+ int i; |
|
| 439 |
+ |
|
| 440 |
+ sha256_init (&foo); |
|
| 441 |
+ sha256_update (&foo, "abc", 3); |
|
| 442 |
+ sha256_final (&foo, hash); |
|
| 443 |
+ |
|
| 444 |
+ for (i = 0; i < SHA256_HASH_SIZE;) {
|
|
| 445 |
+ printf ("%02x", hash[i++]);
|
|
| 446 |
+ if (!(i % 4)) |
|
| 447 |
+ printf (" ");
|
|
| 448 |
+ } |
|
| 449 |
+ printf ("\n");
|
|
| 450 |
+ |
|
| 451 |
+ sha256_init (&foo); |
|
| 452 |
+ sha256_update (&foo, |
|
| 453 |
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", |
|
| 454 |
+ 56); |
|
| 455 |
+ sha256_final (&foo, hash); |
|
| 456 |
+ |
|
| 457 |
+ for (i = 0; i < SHA256_HASH_SIZE;) {
|
|
| 458 |
+ printf ("%02x", hash[i++]);
|
|
| 459 |
+ if (!(i % 4)) |
|
| 460 |
+ printf (" ");
|
|
| 461 |
+ } |
|
| 462 |
+ printf ("\n");
|
|
| 463 |
+ |
|
| 464 |
+ sha256_init (&foo); |
|
| 465 |
+ memset (buf, 'a', sizeof (buf)); |
|
| 466 |
+ for (i = 0; i < 1000; i++) |
|
| 467 |
+ sha256_update (&foo, buf, sizeof (buf)); |
|
| 468 |
+ sha256_final (&foo, hash); |
|
| 469 |
+ |
|
| 470 |
+ for (i = 0; i < SHA256_HASH_SIZE;) {
|
|
| 471 |
+ printf ("%02x", hash[i++]);
|
|
| 472 |
+ if (!(i % 4)) |
|
| 473 |
+ printf (" ");
|
|
| 474 |
+ } |
|
| 475 |
+ printf ("\n");
|
|
| 476 |
+ |
|
| 477 |
+ exit (0); |
|
| 478 |
+} |
|
| 479 |
+ |
|
| 480 |
+#endif /* SHA256_TEST */ |
| 0 | 481 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,66 @@ |
| 0 |
+/*- |
|
| 1 |
+ * Copyright (c) 2001-2003 Allan Saddi <allan@saddi.com> |
|
| 2 |
+ * All rights reserved. |
|
| 3 |
+ * |
|
| 4 |
+ * Redistribution and use in source and binary forms, with or without |
|
| 5 |
+ * modification, are permitted provided that the following conditions |
|
| 6 |
+ * are met: |
|
| 7 |
+ * 1. Redistributions of source code must retain the above copyright |
|
| 8 |
+ * notice, this list of conditions and the following disclaimer. |
|
| 9 |
+ * 2. Redistributions in binary form must reproduce the above copyright |
|
| 10 |
+ * notice, this list of conditions and the following disclaimer in the |
|
| 11 |
+ * documentation and/or other materials provided with the distribution. |
|
| 12 |
+ * |
|
| 13 |
+ * THIS SOFTWARE IS PROVIDED BY ALLAN SADDI AND HIS CONTRIBUTORS ``AS IS'' |
|
| 14 |
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
| 15 |
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
|
| 16 |
+ * ARE DISCLAIMED. IN NO EVENT SHALL ALLAN SADDI OR HIS CONTRIBUTORS BE |
|
| 17 |
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
|
| 18 |
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
|
| 19 |
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
|
| 20 |
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
|
| 21 |
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
| 22 |
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
| 23 |
+ * POSSIBILITY OF SUCH DAMAGE. |
|
| 24 |
+ * |
|
| 25 |
+ * $Id: sha256.h 348 2003-02-23 22:12:06Z asaddi $ |
|
| 26 |
+ */ |
|
| 27 |
+ |
|
| 28 |
+#ifndef _SHA256_H |
|
| 29 |
+#define _SHA256_H |
|
| 30 |
+ |
|
| 31 |
+#include "cltypes.h" |
|
| 32 |
+ |
|
| 33 |
+#define SHA256_HASH_SIZE 32 |
|
| 34 |
+ |
|
| 35 |
+/* Hash size in 32-bit words */ |
|
| 36 |
+#define SHA256_HASH_WORDS 8 |
|
| 37 |
+ |
|
| 38 |
+struct _SHA256Context {
|
|
| 39 |
+ uint64_t totalLength; |
|
| 40 |
+ uint32_t hash[SHA256_HASH_WORDS]; |
|
| 41 |
+ uint32_t bufferLength; |
|
| 42 |
+ union {
|
|
| 43 |
+ uint32_t words[16]; |
|
| 44 |
+ uint8_t bytes[64]; |
|
| 45 |
+ } buffer; |
|
| 46 |
+#ifdef RUNTIME_ENDIAN |
|
| 47 |
+ int littleEndian; |
|
| 48 |
+#endif /* RUNTIME_ENDIAN */ |
|
| 49 |
+}; |
|
| 50 |
+ |
|
| 51 |
+typedef struct _SHA256Context SHA256_CTX; |
|
| 52 |
+ |
|
| 53 |
+#ifdef __cplusplus |
|
| 54 |
+extern "C" {
|
|
| 55 |
+#endif |
|
| 56 |
+ |
|
| 57 |
+void sha256_init (SHA256_CTX *sc); |
|
| 58 |
+void sha256_update (SHA256_CTX *sc, const void *data, uint32_t len); |
|
| 59 |
+void sha256_final (SHA256_CTX *sc, uint8_t hash[SHA256_HASH_SIZE]); |
|
| 60 |
+ |
|
| 61 |
+#ifdef __cplusplus |
|
| 62 |
+} |
|
| 63 |
+#endif |
|
| 64 |
+ |
|
| 65 |
+#endif /* !_SHA256_H */ |
| ... | ... |
@@ -35,7 +35,7 @@ |
| 35 | 35 |
#include "shared/misc.h" |
| 36 | 36 |
#include "shared/output.h" |
| 37 | 37 |
#include "shared/cdiff.h" |
| 38 |
-#include "shared/sha256.h" |
|
| 38 |
+#include "libclamav/sha256.h" |
|
| 39 | 39 |
|
| 40 | 40 |
#include "libclamav/str.h" |
| 41 | 41 |
#include "libclamav/others.h" |
| ... | ... |
@@ -783,8 +783,7 @@ static void pss_mgf(unsigned char *in, unsigned int inlen, unsigned char *out, u |
| 783 | 783 |
sha256_init(&ctx); |
| 784 | 784 |
sha256_update(&ctx, in, inlen); |
| 785 | 785 |
sha256_update(&ctx, cnt, sizeof(cnt)); |
| 786 |
- sha256_final(&ctx); |
|
| 787 |
- sha256_digest(&ctx, digest); |
|
| 786 |
+ sha256_final(&ctx, digest); |
|
| 788 | 787 |
|
| 789 | 788 |
if(i != laps - 1) |
| 790 | 789 |
memcpy(&out[i * PSS_DIGEST_LENGTH], digest, PSS_DIGEST_LENGTH); |
| ... | ... |
@@ -852,8 +851,7 @@ static int pss_versig(const unsigned char *sha256, const char *dsig) |
| 852 | 852 |
|
| 853 | 853 |
sha256_init(&ctx); |
| 854 | 854 |
sha256_update(&ctx, fblock, sizeof(fblock)); |
| 855 |
- sha256_final(&ctx); |
|
| 856 |
- sha256_digest(&ctx, digest1); |
|
| 855 |
+ sha256_final(&ctx, digest1); |
|
| 857 | 856 |
|
| 858 | 857 |
if(memcmp(digest1, digest2, hlen)) {
|
| 859 | 858 |
/* cli_dbgmsg("cli_versigpss: Signature doesn't match.\n"); */
|
| ... | ... |
@@ -944,8 +942,7 @@ int cdiff_apply(int fd, unsigned short mode) |
| 944 | 944 |
} |
| 945 | 945 |
sum += bread; |
| 946 | 946 |
} |
| 947 |
- sha256_final(&sha256ctx); |
|
| 948 |
- sha256_digest(&sha256ctx, digest); |
|
| 947 |
+ sha256_final(&sha256ctx, digest); |
|
| 949 | 948 |
|
| 950 | 949 |
if(pss_versig(digest, dsig)) {
|
| 951 | 950 |
logg("!cdiff_apply: Incorrect digital signature\n");
|
| 952 | 951 |
deleted file mode 100644 |
| ... | ... |
@@ -1,281 +0,0 @@ |
| 1 |
-/* |
|
| 2 |
- * Copyright (C) 2001 Niels Moller |
|
| 3 |
- * |
|
| 4 |
- * This program is free software; you can redistribute it and/or |
|
| 5 |
- * modify it under the terms of the GNU General Public License as |
|
| 6 |
- * published by the Free Software Foundation; either version 2 of the |
|
| 7 |
- * License, or (at your option) any later version. |
|
| 8 |
- * |
|
| 9 |
- * The nettle library is distributed in the hope that it will be useful, but |
|
| 10 |
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY |
|
| 11 |
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public |
|
| 12 |
- * License for more details. |
|
| 13 |
- * |
|
| 14 |
- * You should have received a copy of the GNU Lesser General Public License |
|
| 15 |
- * along with the nettle library; see the file COPYING.LIB. If not, write to |
|
| 16 |
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, |
|
| 17 |
- * MA 02111-1307, USA. |
|
| 18 |
- */ |
|
| 19 |
- |
|
| 20 |
-/* Modelled after the sha1.c code by Peter Gutmann. */ |
|
| 21 |
- |
|
| 22 |
-#include <stdio.h> |
|
| 23 |
-#include <string.h> |
|
| 24 |
- |
|
| 25 |
-#include "cltypes.h" |
|
| 26 |
-#include "sha256.h" |
|
| 27 |
- |
|
| 28 |
-/* A block, treated as a sequence of 32-bit words. */ |
|
| 29 |
-#define SHA256_DATA_LENGTH 16 |
|
| 30 |
- |
|
| 31 |
-#define ROTR(n,x) ((x)>>(n) | ((x)<<(32-(n)))) |
|
| 32 |
-#define SHR(n,x) ((x)>>(n)) |
|
| 33 |
- |
|
| 34 |
-#define Choice(x,y,z) ( (z) ^ ( (x) & ( (y) ^ (z) ) ) ) |
|
| 35 |
-#define Majority(x,y,z) ( ((x) & (y)) ^ ((z) & ((x) ^ (y))) ) |
|
| 36 |
- |
|
| 37 |
-#define S0(x) (ROTR(2,(x)) ^ ROTR(13,(x)) ^ ROTR(22,(x))) |
|
| 38 |
-#define S1(x) (ROTR(6,(x)) ^ ROTR(11,(x)) ^ ROTR(25,(x))) |
|
| 39 |
- |
|
| 40 |
-#define s0(x) (ROTR(7,(x)) ^ ROTR(18,(x)) ^ SHR(3,(x))) |
|
| 41 |
-#define s1(x) (ROTR(17,(x)) ^ ROTR(19,(x)) ^ SHR(10,(x))) |
|
| 42 |
- |
|
| 43 |
-static const uint32_t K[64] = {
|
|
| 44 |
- 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, |
|
| 45 |
- 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, |
|
| 46 |
- 0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL, |
|
| 47 |
- 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL, |
|
| 48 |
- 0xe49b69c1UL, 0xefbe4786UL, 0xfc19dc6UL, 0x240ca1ccUL, |
|
| 49 |
- 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, |
|
| 50 |
- 0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, |
|
| 51 |
- 0xc6e00bf3UL, 0xd5a79147UL, 0x6ca6351UL, 0x14292967UL, |
|
| 52 |
- 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL, |
|
| 53 |
- 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL, |
|
| 54 |
- 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, |
|
| 55 |
- 0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, |
|
| 56 |
- 0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL, |
|
| 57 |
- 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL, |
|
| 58 |
- 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL, |
|
| 59 |
- 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL, |
|
| 60 |
-}; |
|
| 61 |
- |
|
| 62 |
-#define EXPAND(W,i) \ |
|
| 63 |
-( W[(i) & 15 ] += (s1(W[((i)-2) & 15]) + W[((i)-7) & 15] + s0(W[((i)-15) & 15])) ) |
|
| 64 |
- |
|
| 65 |
-#define ROUND(a,b,c,d,e,f,g,h,k,data) do { \
|
|
| 66 |
- uint32_t T1 = h + S1(e) + Choice(e,f,g) + k + data; \ |
|
| 67 |
- uint32_t T2 = S0(a) + Majority(a,b,c); \ |
|
| 68 |
- d += T1; \ |
|
| 69 |
- h = T1 + T2; \ |
|
| 70 |
-} while (0) |
|
| 71 |
- |
|
| 72 |
-#ifndef EXTRACT_UCHAR |
|
| 73 |
-#define EXTRACT_UCHAR(p) (*(const unsigned char *)(p)) |
|
| 74 |
-#endif |
|
| 75 |
- |
|
| 76 |
-#define STRING2INT(s) ((((((EXTRACT_UCHAR(s) << 8) \ |
|
| 77 |
- | EXTRACT_UCHAR(s+1)) << 8) \ |
|
| 78 |
- | EXTRACT_UCHAR(s+2)) << 8) \ |
|
| 79 |
- | EXTRACT_UCHAR(s+3)) |
|
| 80 |
- |
|
| 81 |
-#ifndef EXTRACT_UCHAR |
|
| 82 |
-#define EXTRACT_UCHAR(p) (*(const mutils_word8 *)(p)) |
|
| 83 |
-#endif |
|
| 84 |
- |
|
| 85 |
-#define STRING2INT(s) ((((((EXTRACT_UCHAR(s) << 8) \ |
|
| 86 |
- | EXTRACT_UCHAR(s+1)) << 8) \ |
|
| 87 |
- | EXTRACT_UCHAR(s+2)) << 8) \ |
|
| 88 |
- | EXTRACT_UCHAR(s+3)) |
|
| 89 |
- |
|
| 90 |
-/* Initialize the SHA values */ |
|
| 91 |
- |
|
| 92 |
-void sha256_init(struct sha256_ctx *ctx) |
|
| 93 |
-{
|
|
| 94 |
- /* Initial values, also generated by the shadata program. */ |
|
| 95 |
- static const uint32_t H0[_SHA256_DIGEST_LENGTH] = {
|
|
| 96 |
- 0x6a09e667UL, 0xbb67ae85UL, 0x3c6ef372UL, 0xa54ff53aUL, |
|
| 97 |
- 0x510e527fUL, 0x9b05688cUL, 0x1f83d9abUL, 0x5be0cd19UL, |
|
| 98 |
- }; |
|
| 99 |
- |
|
| 100 |
- memcpy(ctx->state, H0, sizeof(H0)); |
|
| 101 |
- |
|
| 102 |
- /* Initialize bit count */ |
|
| 103 |
- ctx->count_low = ctx->count_high = 0; |
|
| 104 |
- |
|
| 105 |
- /* Initialize buffer */ |
|
| 106 |
- ctx->index = 0; |
|
| 107 |
-} |
|
| 108 |
- |
|
| 109 |
-/* Perform the SHA transformation. Note that this code, like MD5, seems to |
|
| 110 |
- break some optimizing compilers due to the complexity of the expressions |
|
| 111 |
- and the size of the basic block. It may be necessary to split it into |
|
| 112 |
- sections, e.g. based on the four subrounds |
|
| 113 |
- |
|
| 114 |
- Note that this function destroys the data area */ |
|
| 115 |
- |
|
| 116 |
-static void sha256_transform(uint32_t *state, uint32_t *data) |
|
| 117 |
-{
|
|
| 118 |
- uint32_t A, B, C, D, E, F, G, H; /* Local vars */ |
|
| 119 |
- unsigned char i; |
|
| 120 |
- const uint32_t *k; |
|
| 121 |
- uint32_t *d; |
|
| 122 |
- |
|
| 123 |
- /* Set up first buffer and local data buffer */ |
|
| 124 |
- A = state[0]; |
|
| 125 |
- B = state[1]; |
|
| 126 |
- C = state[2]; |
|
| 127 |
- D = state[3]; |
|
| 128 |
- E = state[4]; |
|
| 129 |
- F = state[5]; |
|
| 130 |
- G = state[6]; |
|
| 131 |
- H = state[7]; |
|
| 132 |
- |
|
| 133 |
- /* Heavy mangling */ |
|
| 134 |
- /* First 16 subrounds that act on the original data */ |
|
| 135 |
- |
|
| 136 |
- for (i = 0, k = K, d = data; i < 16; i += 8, k += 8, d += 8) {
|
|
| 137 |
- ROUND(A, B, C, D, E, F, G, H, k[0], d[0]); |
|
| 138 |
- ROUND(H, A, B, C, D, E, F, G, k[1], d[1]); |
|
| 139 |
- ROUND(G, H, A, B, C, D, E, F, k[2], d[2]); |
|
| 140 |
- ROUND(F, G, H, A, B, C, D, E, k[3], d[3]); |
|
| 141 |
- ROUND(E, F, G, H, A, B, C, D, k[4], d[4]); |
|
| 142 |
- ROUND(D, E, F, G, H, A, B, C, k[5], d[5]); |
|
| 143 |
- ROUND(C, D, E, F, G, H, A, B, k[6], d[6]); |
|
| 144 |
- ROUND(B, C, D, E, F, G, H, A, k[7], d[7]); |
|
| 145 |
- } |
|
| 146 |
- |
|
| 147 |
- for (; i < 64; i += 16, k += 16) {
|
|
| 148 |
- ROUND(A, B, C, D, E, F, G, H, k[0], EXPAND(data, 0)); |
|
| 149 |
- ROUND(H, A, B, C, D, E, F, G, k[1], EXPAND(data, 1)); |
|
| 150 |
- ROUND(G, H, A, B, C, D, E, F, k[2], EXPAND(data, 2)); |
|
| 151 |
- ROUND(F, G, H, A, B, C, D, E, k[3], EXPAND(data, 3)); |
|
| 152 |
- ROUND(E, F, G, H, A, B, C, D, k[4], EXPAND(data, 4)); |
|
| 153 |
- ROUND(D, E, F, G, H, A, B, C, k[5], EXPAND(data, 5)); |
|
| 154 |
- ROUND(C, D, E, F, G, H, A, B, k[6], EXPAND(data, 6)); |
|
| 155 |
- ROUND(B, C, D, E, F, G, H, A, k[7], EXPAND(data, 7)); |
|
| 156 |
- ROUND(A, B, C, D, E, F, G, H, k[8], EXPAND(data, 8)); |
|
| 157 |
- ROUND(H, A, B, C, D, E, F, G, k[9], EXPAND(data, 9)); |
|
| 158 |
- ROUND(G, H, A, B, C, D, E, F, k[10], EXPAND(data, 10)); |
|
| 159 |
- ROUND(F, G, H, A, B, C, D, E, k[11], EXPAND(data, 11)); |
|
| 160 |
- ROUND(E, F, G, H, A, B, C, D, k[12], EXPAND(data, 12)); |
|
| 161 |
- ROUND(D, E, F, G, H, A, B, C, k[13], EXPAND(data, 13)); |
|
| 162 |
- ROUND(C, D, E, F, G, H, A, B, k[14], EXPAND(data, 14)); |
|
| 163 |
- ROUND(B, C, D, E, F, G, H, A, k[15], EXPAND(data, 15)); |
|
| 164 |
- } |
|
| 165 |
- |
|
| 166 |
- /* Update state */ |
|
| 167 |
- state[0] += A; |
|
| 168 |
- state[1] += B; |
|
| 169 |
- state[2] += C; |
|
| 170 |
- state[3] += D; |
|
| 171 |
- state[4] += E; |
|
| 172 |
- state[5] += F; |
|
| 173 |
- state[6] += G; |
|
| 174 |
- state[7] += H; |
|
| 175 |
-} |
|
| 176 |
- |
|
| 177 |
-static void sha256_block(struct sha256_ctx *ctx, const unsigned char *block) |
|
| 178 |
-{
|
|
| 179 |
- uint32_t data[SHA256_DATA_LENGTH]; |
|
| 180 |
- uint16_t i; |
|
| 181 |
- |
|
| 182 |
- /* Update block count */ |
|
| 183 |
- if (!++ctx->count_low) |
|
| 184 |
- ++ctx->count_high; |
|
| 185 |
- |
|
| 186 |
- /* Endian independent conversion */ |
|
| 187 |
- for (i = 0; i < SHA256_DATA_LENGTH; i++, block += 4) |
|
| 188 |
- data[i] = STRING2INT(block); |
|
| 189 |
- |
|
| 190 |
- sha256_transform(ctx->state, data); |
|
| 191 |
-} |
|
| 192 |
- |
|
| 193 |
-void |
|
| 194 |
-sha256_update(struct sha256_ctx *ctx, const unsigned char *buffer, uint32_t length) |
|
| 195 |
-{
|
|
| 196 |
- uint32_t left; |
|
| 197 |
- |
|
| 198 |
- if (ctx->index) { /* Try to fill partial block */
|
|
| 199 |
- left = SHA256_DATA_SIZE - ctx->index; |
|
| 200 |
- if (length < left) {
|
|
| 201 |
- memcpy(ctx->block + ctx->index, buffer, length); |
|
| 202 |
- ctx->index += length; |
|
| 203 |
- return; /* Finished */ |
|
| 204 |
- } else {
|
|
| 205 |
- memcpy(ctx->block + ctx->index, buffer, left); |
|
| 206 |
- sha256_block(ctx, ctx->block); |
|
| 207 |
- buffer += left; |
|
| 208 |
- length -= left; |
|
| 209 |
- } |
|
| 210 |
- } |
|
| 211 |
- while (length >= SHA256_DATA_SIZE) {
|
|
| 212 |
- sha256_block(ctx, buffer); |
|
| 213 |
- buffer += SHA256_DATA_SIZE; |
|
| 214 |
- length -= SHA256_DATA_SIZE; |
|
| 215 |
- } |
|
| 216 |
- /* Buffer leftovers */ |
|
| 217 |
- /* NOTE: The corresponding sha1 code checks for the special case length == 0. |
|
| 218 |
- * That seems supoptimal, as I suspect it increases the number of branches. */ |
|
| 219 |
- |
|
| 220 |
- memcpy(ctx->block, buffer, length); |
|
| 221 |
- ctx->index = length; |
|
| 222 |
-} |
|
| 223 |
- |
|
| 224 |
-/* Final wrapup - pad to SHA1_DATA_SIZE-byte boundary with the bit pattern |
|
| 225 |
- 1 0* (64-bit count of bits processed, MSB-first) */ |
|
| 226 |
- |
|
| 227 |
-void sha256_final(struct sha256_ctx *ctx) |
|
| 228 |
-{
|
|
| 229 |
- uint32_t data[SHA256_DATA_LENGTH]; |
|
| 230 |
- uint32_t i; |
|
| 231 |
- uint32_t words; |
|
| 232 |
- |
|
| 233 |
- i = ctx->index; |
|
| 234 |
- |
|
| 235 |
- /* Set the first char of padding to 0x80. This is safe since there is |
|
| 236 |
- always at least one byte free */ |
|
| 237 |
- |
|
| 238 |
-/* assert(i < SHA256_DATA_SIZE); |
|
| 239 |
- */ |
|
| 240 |
- ctx->block[i++] = 0x80; |
|
| 241 |
- |
|
| 242 |
- /* Fill rest of word */ |
|
| 243 |
- for (; i & 3; i++) |
|
| 244 |
- ctx->block[i] = 0; |
|
| 245 |
- |
|
| 246 |
- /* i is now a multiple of the word size 4 */ |
|
| 247 |
- words = i >> 2; |
|
| 248 |
- for (i = 0; i < words; i++) |
|
| 249 |
- data[i] = STRING2INT(ctx->block + 4 * i); |
|
| 250 |
- |
|
| 251 |
- if (words > (SHA256_DATA_LENGTH - 2)) { /* No room for length in this block. Process it and
|
|
| 252 |
- * pad with another one */ |
|
| 253 |
- for (i = words; i < SHA256_DATA_LENGTH; i++) |
|
| 254 |
- data[i] = 0; |
|
| 255 |
- sha256_transform(ctx->state, data); |
|
| 256 |
- for (i = 0; i < (SHA256_DATA_LENGTH - 2); i++) |
|
| 257 |
- data[i] = 0; |
|
| 258 |
- } else |
|
| 259 |
- for (i = words; i < SHA256_DATA_LENGTH - 2; i++) |
|
| 260 |
- data[i] = 0; |
|
| 261 |
- |
|
| 262 |
- /* There are 512 = 2^9 bits in one block */ |
|
| 263 |
- data[SHA256_DATA_LENGTH - 2] = |
|
| 264 |
- (ctx->count_high << 9) | (ctx->count_low >> 23); |
|
| 265 |
- data[SHA256_DATA_LENGTH - 1] = |
|
| 266 |
- (ctx->count_low << 9) | (ctx->index << 3); |
|
| 267 |
- sha256_transform(ctx->state, data); |
|
| 268 |
-} |
|
| 269 |
- |
|
| 270 |
-void sha256_digest(const struct sha256_ctx *ctx, unsigned char *s) |
|
| 271 |
-{
|
|
| 272 |
- uint32_t i; |
|
| 273 |
- |
|
| 274 |
- if (s!=NULL) |
|
| 275 |
- for (i = 0; i < _SHA256_DIGEST_LENGTH; i++) {
|
|
| 276 |
- *s++ = ctx->state[i] >> 24; |
|
| 277 |
- *s++ = 0xff & (ctx->state[i] >> 16); |
|
| 278 |
- *s++ = 0xff & (ctx->state[i] >> 8); |
|
| 279 |
- *s++ = 0xff & ctx->state[i]; |
|
| 280 |
- } |
|
| 281 |
-} |
| 282 | 1 |
deleted file mode 100644 |
| ... | ... |
@@ -1,51 +0,0 @@ |
| 1 |
-/* |
|
| 2 |
- * Copyright (C) 2001 Niels Moller |
|
| 3 |
- * |
|
| 4 |
- * The nettle library is free software; you can redistribute it and/or modify |
|
| 5 |
- * it under the terms of the GNU Lesser General Public License as published by |
|
| 6 |
- * the Free Software Foundation; either version 2.1 of the License, or (at your |
|
| 7 |
- * option) any later version. |
|
| 8 |
- * |
|
| 9 |
- * The nettle library is distributed in the hope that it will be useful, but |
|
| 10 |
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY |
|
| 11 |
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public |
|
| 12 |
- * License for more details. |
|
| 13 |
- * |
|
| 14 |
- * You should have received a copy of the GNU Lesser General Public License |
|
| 15 |
- * along with the nettle library; see the file COPYING.LIB. If not, write to |
|
| 16 |
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, |
|
| 17 |
- * MA 02111-1307, USA. |
|
| 18 |
- */ |
|
| 19 |
- |
|
| 20 |
-#ifndef __SHA256_H |
|
| 21 |
-#define __SHA256_H |
|
| 22 |
- |
|
| 23 |
-#include "cltypes.h" |
|
| 24 |
- |
|
| 25 |
-#define SHA256_DIGEST_SIZE 32 |
|
| 26 |
-#define SHA256_DATA_SIZE 64 |
|
| 27 |
- |
|
| 28 |
-/* Digest is kept internally as 8 32-bit words. */ |
|
| 29 |
-#define _SHA256_DIGEST_LENGTH 8 |
|
| 30 |
- |
|
| 31 |
-typedef struct sha256_ctx |
|
| 32 |
-{
|
|
| 33 |
- uint32_t state[_SHA256_DIGEST_LENGTH]; /* State variables */ |
|
| 34 |
- uint32_t count_low, count_high; /* 64-bit block count */ |
|
| 35 |
- unsigned char block[SHA256_DATA_SIZE]; /* SHA256 data buffer */ |
|
| 36 |
- uint32_t index; /* index into buffer */ |
|
| 37 |
-} SHA256_CTX; |
|
| 38 |
- |
|
| 39 |
-void |
|
| 40 |
-sha256_init(struct sha256_ctx *ctx); |
|
| 41 |
- |
|
| 42 |
-void |
|
| 43 |
-sha256_update(struct sha256_ctx *ctx, const unsigned char *data, uint32_t length); |
|
| 44 |
- |
|
| 45 |
-void |
|
| 46 |
-sha256_final(struct sha256_ctx *ctx); |
|
| 47 |
- |
|
| 48 |
-void |
|
| 49 |
-sha256_digest(const struct sha256_ctx *ctx, unsigned char *digest); |
|
| 50 |
- |
|
| 51 |
-#endif |
| ... | ... |
@@ -27,7 +27,6 @@ sigtool_SOURCES = \ |
| 27 | 27 |
$(top_srcdir)/shared/optparser.h \ |
| 28 | 28 |
$(top_srcdir)/shared/misc.c \ |
| 29 | 29 |
$(top_srcdir)/shared/misc.h \ |
| 30 |
- $(top_srcdir)/shared/sha256.c \ |
|
| 31 | 30 |
$(top_srcdir)/shared/cdiff.c \ |
| 32 | 31 |
$(top_srcdir)/shared/cdiff.h \ |
| 33 | 32 |
$(top_srcdir)/shared/tar.c \ |
| ... | ... |
@@ -72,8 +72,8 @@ am__installdirs = "$(DESTDIR)$(bindir)" |
| 72 | 72 |
binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) |
| 73 | 73 |
PROGRAMS = $(bin_PROGRAMS) |
| 74 | 74 |
am_sigtool_OBJECTS = output.$(OBJEXT) getopt.$(OBJEXT) \ |
| 75 |
- optparser.$(OBJEXT) misc.$(OBJEXT) sha256.$(OBJEXT) \ |
|
| 76 |
- cdiff.$(OBJEXT) tar.$(OBJEXT) vba.$(OBJEXT) sigtool.$(OBJEXT) |
|
| 75 |
+ optparser.$(OBJEXT) misc.$(OBJEXT) cdiff.$(OBJEXT) \ |
|
| 76 |
+ tar.$(OBJEXT) vba.$(OBJEXT) sigtool.$(OBJEXT) |
|
| 77 | 77 |
sigtool_OBJECTS = $(am_sigtool_OBJECTS) |
| 78 | 78 |
sigtool_LDADD = $(LDADD) |
| 79 | 79 |
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) |
| ... | ... |
@@ -254,7 +254,6 @@ sigtool_SOURCES = \ |
| 254 | 254 |
$(top_srcdir)/shared/optparser.h \ |
| 255 | 255 |
$(top_srcdir)/shared/misc.c \ |
| 256 | 256 |
$(top_srcdir)/shared/misc.h \ |
| 257 |
- $(top_srcdir)/shared/sha256.c \ |
|
| 258 | 257 |
$(top_srcdir)/shared/cdiff.c \ |
| 259 | 258 |
$(top_srcdir)/shared/cdiff.h \ |
| 260 | 259 |
$(top_srcdir)/shared/tar.c \ |
| ... | ... |
@@ -357,7 +356,6 @@ distclean-compile: |
| 357 | 357 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/misc.Po@am__quote@ |
| 358 | 358 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/optparser.Po@am__quote@ |
| 359 | 359 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/output.Po@am__quote@ |
| 360 |
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha256.Po@am__quote@ |
|
| 361 | 360 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sigtool.Po@am__quote@ |
| 362 | 361 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tar.Po@am__quote@ |
| 363 | 362 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vba.Po@am__quote@ |
| ... | ... |
@@ -439,20 +437,6 @@ misc.obj: $(top_srcdir)/shared/misc.c |
| 439 | 439 |
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
| 440 | 440 |
@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o misc.obj `if test -f '$(top_srcdir)/shared/misc.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/misc.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/misc.c'; fi` |
| 441 | 441 |
|
| 442 |
-sha256.o: $(top_srcdir)/shared/sha256.c |
|
| 443 |
-@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha256.o -MD -MP -MF $(DEPDIR)/sha256.Tpo -c -o sha256.o `test -f '$(top_srcdir)/shared/sha256.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/sha256.c |
|
| 444 |
-@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sha256.Tpo $(DEPDIR)/sha256.Po |
|
| 445 |
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$(top_srcdir)/shared/sha256.c' object='sha256.o' libtool=no @AMDEPBACKSLASH@ |
|
| 446 |
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
|
| 447 |
-@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha256.o `test -f '$(top_srcdir)/shared/sha256.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/sha256.c |
|
| 448 |
- |
|
| 449 |
-sha256.obj: $(top_srcdir)/shared/sha256.c |
|
| 450 |
-@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha256.obj -MD -MP -MF $(DEPDIR)/sha256.Tpo -c -o sha256.obj `if test -f '$(top_srcdir)/shared/sha256.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/sha256.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/sha256.c'; fi` |
|
| 451 |
-@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sha256.Tpo $(DEPDIR)/sha256.Po |
|
| 452 |
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$(top_srcdir)/shared/sha256.c' object='sha256.obj' libtool=no @AMDEPBACKSLASH@ |
|
| 453 |
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
|
| 454 |
-@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha256.obj `if test -f '$(top_srcdir)/shared/sha256.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/sha256.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/sha256.c'; fi` |
|
| 455 |
- |
|
| 456 | 442 |
cdiff.o: $(top_srcdir)/shared/cdiff.c |
| 457 | 443 |
@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cdiff.o -MD -MP -MF $(DEPDIR)/cdiff.Tpo -c -o cdiff.o `test -f '$(top_srcdir)/shared/cdiff.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/cdiff.c |
| 458 | 444 |
@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/cdiff.Tpo $(DEPDIR)/cdiff.Po |
| ... | ... |
@@ -51,7 +51,7 @@ |
| 51 | 51 |
#include "shared/optparser.h" |
| 52 | 52 |
#include "shared/misc.h" |
| 53 | 53 |
#include "shared/cdiff.h" |
| 54 |
-#include "shared/sha256.h" |
|
| 54 |
+#include "libclamav/sha256.h" |
|
| 55 | 55 |
#include "shared/tar.h" |
| 56 | 56 |
|
| 57 | 57 |
#include "libclamav/clamav.h" |
| ... | ... |
@@ -507,8 +507,7 @@ static int script2cdiff(const char *script, const char *builder, const struct op |
| 507 | 507 |
sha256_update(&ctx, (unsigned char *) buffer, bytes); |
| 508 | 508 |
|
| 509 | 509 |
fclose(cdiffh); |
| 510 |
- sha256_final(&ctx); |
|
| 511 |
- sha256_digest(&ctx, digest); |
|
| 510 |
+ sha256_final(&ctx, digest); |
|
| 512 | 511 |
|
| 513 | 512 |
if(!(pt = getdsig(optget(opts, "server")->strarg, builder, digest, 32, 1))) {
|
| 514 | 513 |
mprintf("!script2cdiff: Can't get digital signature from remote server\n");
|
| ... | ... |
@@ -14,6 +14,7 @@ |
| 14 | 14 |
#include "../libclamav/matcher.h" |
| 15 | 15 |
#include "../libclamav/version.h" |
| 16 | 16 |
#include "../libclamav/dsig.h" |
| 17 |
+#include "../libclamav/sha256.h" |
|
| 17 | 18 |
#include "checks.h" |
| 18 | 19 |
|
| 19 | 20 |
/* extern void cl_free(struct cl_engine *engine); */ |
| ... | ... |
@@ -327,6 +328,76 @@ START_TEST (test_cli_dsig) |
| 327 | 327 |
} |
| 328 | 328 |
END_TEST |
| 329 | 329 |
|
| 330 |
+static uint8_t tv1[3] = {
|
|
| 331 |
+ 0x61, 0x62, 0x63 |
|
| 332 |
+}; |
|
| 333 |
+ |
|
| 334 |
+static uint8_t tv2[56] = {
|
|
| 335 |
+ 0x61, 0x62, 0x63, 0x64, 0x62, 0x63, 0x64, 0x65, |
|
| 336 |
+ 0x63, 0x64, 0x65, 0x66, 0x64, 0x65, 0x66, 0x67, |
|
| 337 |
+ 0x65, 0x66, 0x67, 0x68, 0x66, 0x67, 0x68, 0x69, |
|
| 338 |
+ 0x67, 0x68, 0x69, 0x6a, 0x68, 0x69, 0x6a, 0x6b, |
|
| 339 |
+ 0x69, 0x6a, 0x6b, 0x6c, 0x6a, 0x6b, 0x6c, 0x6d, |
|
| 340 |
+ 0x6b, 0x6c, 0x6d, 0x6e, 0x6c, 0x6d, 0x6e, 0x6f, |
|
| 341 |
+ 0x6d, 0x6e, 0x6f, 0x70, 0x6e, 0x6f, 0x70, 0x71 |
|
| 342 |
+}; |
|
| 343 |
+ |
|
| 344 |
+static uint8_t tv3[112] = {
|
|
| 345 |
+ 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, |
|
| 346 |
+ 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, |
|
| 347 |
+ 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, |
|
| 348 |
+ 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, |
|
| 349 |
+ 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, |
|
| 350 |
+ 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, |
|
| 351 |
+ 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, |
|
| 352 |
+ 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, |
|
| 353 |
+ 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, |
|
| 354 |
+ 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, |
|
| 355 |
+ 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, |
|
| 356 |
+ 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, |
|
| 357 |
+ 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, |
|
| 358 |
+ 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75 |
|
| 359 |
+}; |
|
| 360 |
+ |
|
| 361 |
+static uint8_t res256[3][SHA256_HASH_SIZE] = {
|
|
| 362 |
+ { 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde,
|
|
| 363 |
+ 0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, |
|
| 364 |
+ 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad }, |
|
| 365 |
+ { 0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8, 0xe5, 0xc0, 0x26, 0x93,
|
|
| 366 |
+ 0x0c, 0x3e, 0x60, 0x39, 0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67, |
|
| 367 |
+ 0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1 }, |
|
| 368 |
+ { 0xcd, 0xc7, 0x6e, 0x5c, 0x99, 0x14, 0xfb, 0x92, 0x81, 0xa1, 0xc7, 0xe2,
|
|
| 369 |
+ 0x84, 0xd7, 0x3e, 0x67, 0xf1, 0x80, 0x9a, 0x48, 0xa4, 0x97, 0x20, 0x0e, |
|
| 370 |
+ 0x04, 0x6d, 0x39, 0xcc, 0xc7, 0x11, 0x2c, 0xd0 } |
|
| 371 |
+}; |
|
| 372 |
+ |
|
| 373 |
+START_TEST (test_sha256) |
|
| 374 |
+{
|
|
| 375 |
+ SHA256_CTX sha256; |
|
| 376 |
+ uint8_t hsha256[SHA256_HASH_SIZE]; |
|
| 377 |
+ uint8_t buf[1000]; |
|
| 378 |
+ int i; |
|
| 379 |
+ |
|
| 380 |
+ memset (buf, 0x61, sizeof (buf)); |
|
| 381 |
+ |
|
| 382 |
+ sha256_init (&sha256); |
|
| 383 |
+ sha256_update (&sha256, tv1, sizeof (tv1)); |
|
| 384 |
+ sha256_final (&sha256, hsha256); |
|
| 385 |
+ fail_unless(!memcmp (hsha256, res256[0], sizeof (hsha256)), "sha256 test vector #1 failed"); |
|
| 386 |
+ |
|
| 387 |
+ sha256_init (&sha256); |
|
| 388 |
+ sha256_update (&sha256, tv2, sizeof (tv2)); |
|
| 389 |
+ sha256_final (&sha256, hsha256); |
|
| 390 |
+ fail_unless(!memcmp (hsha256, res256[1], sizeof (hsha256)), "sha256 test vector #2 failed"); |
|
| 391 |
+ |
|
| 392 |
+ sha256_init (&sha256); |
|
| 393 |
+ for (i = 0; i < 1000; i++) |
|
| 394 |
+ sha256_update (&sha256, buf, sizeof (buf)); |
|
| 395 |
+ sha256_final (&sha256, hsha256); |
|
| 396 |
+ fail_unless(!memcmp (hsha256, res256[2], sizeof (hsha256)), "sha256 test vector #3 failed"); |
|
| 397 |
+} |
|
| 398 |
+END_TEST |
|
| 399 |
+ |
|
| 330 | 400 |
static Suite *test_cli_suite(void) |
| 331 | 401 |
{
|
| 332 | 402 |
Suite *s = suite_create("cli");
|
| ... | ... |
@@ -341,6 +412,7 @@ static Suite *test_cli_suite(void) |
| 341 | 341 |
|
| 342 | 342 |
suite_add_tcase (s, tc_cli_dsig); |
| 343 | 343 |
tcase_add_loop_test(tc_cli_dsig, test_cli_dsig, 0, dsig_tests_cnt); |
| 344 |
+ tcase_add_test(tc_cli_dsig, test_sha256); |
|
| 344 | 345 |
|
| 345 | 346 |
return s; |
| 346 | 347 |
} |
| ... | ... |
@@ -416,6 +416,41 @@ START_TEST (phishingScan_test) |
| 416 | 416 |
END_TEST |
| 417 | 417 |
#endif |
| 418 | 418 |
|
| 419 |
+static struct uc {
|
|
| 420 |
+ const char *in; |
|
| 421 |
+ const char *host; |
|
| 422 |
+ const char *path; |
|
| 423 |
+} uc[] = {
|
|
| 424 |
+ {":example/%25%32%35", "example/", "%25"},
|
|
| 425 |
+ {":example/%25%32%35%25%32%35", "example/", "%25%25"},
|
|
| 426 |
+ {":example/abc%25%32%35asd", "example/", "abc%25asd"},
|
|
| 427 |
+ {":www.example.com/","www.example.com/",""},
|
|
| 428 |
+ {":%31%32%37%2e%30%2e%30%2e%31/%2E%73%65%63%75%72%65/%77%77%77%2e%65%78%61%6d%70%6c%65%2e%63%6f%6d/",
|
|
| 429 |
+ "127.0.0.1/",".secure/www.example.com/"}, |
|
| 430 |
+ {":127.0.0.1/uploads/%20%20%20%20/.verify/.blah=abcd-ef=gh/",
|
|
| 431 |
+ "127.0.0.1/","uploads/%20%20%20%20/.verify/.blah=abcd-ef=gh/"}, |
|
| 432 |
+ {"http://example%23.com/%61%40%62%252B",
|
|
| 433 |
+ "example%23.com/", "a@b+"}, |
|
| 434 |
+ {"http://example.com/blah/..","example.com/",""},
|
|
| 435 |
+ {"http://example.com/blah/../x","example.com/","x"},
|
|
| 436 |
+ {"http://example.com/./a","example.com/","a"}
|
|
| 437 |
+ |
|
| 438 |
+}; |
|
| 439 |
+ |
|
| 440 |
+START_TEST (test_url_canon) |
|
| 441 |
+{
|
|
| 442 |
+ char urlbuff[1024+3]; |
|
| 443 |
+ char *host = NULL, *path = NULL; |
|
| 444 |
+ size_t host_len, path_len; |
|
| 445 |
+ struct uc *u = &uc[_i]; |
|
| 446 |
+ |
|
| 447 |
+ cli_url_canon(u->in, strlen(u->in), urlbuff, sizeof(urlbuff), &host, &host_len, &path, &path_len); |
|
| 448 |
+ fail_unless(!!host && !!path, "null results\n"); |
|
| 449 |
+ fail_unless_fmt(!strcmp(u->host, host), "host incorrect: %s\n", host); |
|
| 450 |
+ fail_unless_fmt(!strcmp(u->path, path), "path incorrect: %s\n", path); |
|
| 451 |
+} |
|
| 452 |
+END_TEST |
|
| 453 |
+ |
|
| 419 | 454 |
START_TEST(phishing_fake_test) |
| 420 | 455 |
{
|
| 421 | 456 |
char buf[4096]; |
| ... | ... |
@@ -464,7 +499,6 @@ Suite *test_regex_suite(void) |
| 464 | 464 |
#endif |
| 465 | 465 |
tcase_add_test(tc_phish, phishing_fake_test); |
| 466 | 466 |
|
| 467 |
- |
|
| 468 | 467 |
tc_phish2 = tcase_create("phishingScan with 2 dbs");
|
| 469 | 468 |
suite_add_tcase(s, tc_phish2); |
| 470 | 469 |
tcase_add_unchecked_fixture(tc_phish2, psetup2, pteardown); |
| ... | ... |
@@ -472,6 +506,7 @@ Suite *test_regex_suite(void) |
| 472 | 472 |
tcase_add_loop_test(tc_phish2, phishingScan_test, 0, sizeof(rtests)/sizeof(rtests[0])); |
| 473 | 473 |
#endif |
| 474 | 474 |
tcase_add_test(tc_phish2, phishing_fake_test); |
| 475 |
+ tcase_add_loop_test(tc_phish, test_url_canon, 0, sizeof(uc)/sizeof(uc[0])); |
|
| 475 | 476 |
|
| 476 | 477 |
return s; |
| 477 | 478 |
} |