git-svn: trunk@4822
Török Edvin authored on 2009/02/18 23:54:16... | ... |
@@ -1,3 +1,9 @@ |
1 |
+Wed Feb 18 17:24:48 EET 2009 (edwin) |
|
2 |
+------------------------------------ |
|
3 |
+ * freshclam/, libclamav/, shared/, sigtool/, unit_tests/: use sha256 |
|
4 |
+ instead of md5 in phishcheck. move sha256 to libclamav. add more |
|
5 |
+ tests. |
|
6 |
+ |
|
1 | 7 |
Wed Feb 18 12:41:17 CET 2009 (tk) |
2 | 8 |
--------------------------------- |
3 | 9 |
* etc/clamav-milter.conf: fix PidFile example (bb#1408) |
... | ... |
@@ -28,7 +28,6 @@ freshclam_SOURCES = \ |
28 | 28 |
$(top_srcdir)/shared/getopt.h \ |
29 | 29 |
$(top_srcdir)/shared/misc.c \ |
30 | 30 |
$(top_srcdir)/shared/misc.h \ |
31 |
- $(top_srcdir)/shared/sha256.c \ |
|
32 | 31 |
$(top_srcdir)/shared/cdiff.c \ |
33 | 32 |
$(top_srcdir)/shared/cdiff.h \ |
34 | 33 |
$(top_srcdir)/shared/tar.c \ |
... | ... |
@@ -73,10 +73,10 @@ am__installdirs = "$(DESTDIR)$(bindir)" |
73 | 73 |
binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) |
74 | 74 |
PROGRAMS = $(bin_PROGRAMS) |
75 | 75 |
am_freshclam_OBJECTS = output.$(OBJEXT) optparser.$(OBJEXT) \ |
76 |
- getopt.$(OBJEXT) misc.$(OBJEXT) sha256.$(OBJEXT) \ |
|
77 |
- cdiff.$(OBJEXT) tar.$(OBJEXT) freshclam.$(OBJEXT) \ |
|
78 |
- manager.$(OBJEXT) notify.$(OBJEXT) dns.$(OBJEXT) \ |
|
79 |
- execute.$(OBJEXT) nonblock.$(OBJEXT) mirman.$(OBJEXT) |
|
76 |
+ getopt.$(OBJEXT) misc.$(OBJEXT) cdiff.$(OBJEXT) tar.$(OBJEXT) \ |
|
77 |
+ freshclam.$(OBJEXT) manager.$(OBJEXT) notify.$(OBJEXT) \ |
|
78 |
+ dns.$(OBJEXT) execute.$(OBJEXT) nonblock.$(OBJEXT) \ |
|
79 |
+ mirman.$(OBJEXT) |
|
80 | 80 |
freshclam_OBJECTS = $(am_freshclam_OBJECTS) |
81 | 81 |
freshclam_LDADD = $(LDADD) |
82 | 82 |
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) |
... | ... |
@@ -257,7 +257,6 @@ freshclam_SOURCES = \ |
257 | 257 |
$(top_srcdir)/shared/getopt.h \ |
258 | 258 |
$(top_srcdir)/shared/misc.c \ |
259 | 259 |
$(top_srcdir)/shared/misc.h \ |
260 |
- $(top_srcdir)/shared/sha256.c \ |
|
261 | 260 |
$(top_srcdir)/shared/cdiff.c \ |
262 | 261 |
$(top_srcdir)/shared/cdiff.h \ |
263 | 262 |
$(top_srcdir)/shared/tar.c \ |
... | ... |
@@ -378,7 +377,6 @@ distclean-compile: |
378 | 378 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/notify.Po@am__quote@ |
379 | 379 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/optparser.Po@am__quote@ |
380 | 380 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/output.Po@am__quote@ |
381 |
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha256.Po@am__quote@ |
|
382 | 381 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tar.Po@am__quote@ |
383 | 382 |
|
384 | 383 |
.c.o: |
... | ... |
@@ -458,20 +456,6 @@ misc.obj: $(top_srcdir)/shared/misc.c |
458 | 458 |
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
459 | 459 |
@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o misc.obj `if test -f '$(top_srcdir)/shared/misc.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/misc.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/misc.c'; fi` |
460 | 460 |
|
461 |
-sha256.o: $(top_srcdir)/shared/sha256.c |
|
462 |
-@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha256.o -MD -MP -MF $(DEPDIR)/sha256.Tpo -c -o sha256.o `test -f '$(top_srcdir)/shared/sha256.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/sha256.c |
|
463 |
-@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sha256.Tpo $(DEPDIR)/sha256.Po |
|
464 |
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$(top_srcdir)/shared/sha256.c' object='sha256.o' libtool=no @AMDEPBACKSLASH@ |
|
465 |
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
|
466 |
-@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha256.o `test -f '$(top_srcdir)/shared/sha256.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/sha256.c |
|
467 |
- |
|
468 |
-sha256.obj: $(top_srcdir)/shared/sha256.c |
|
469 |
-@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha256.obj -MD -MP -MF $(DEPDIR)/sha256.Tpo -c -o sha256.obj `if test -f '$(top_srcdir)/shared/sha256.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/sha256.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/sha256.c'; fi` |
|
470 |
-@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sha256.Tpo $(DEPDIR)/sha256.Po |
|
471 |
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$(top_srcdir)/shared/sha256.c' object='sha256.obj' libtool=no @AMDEPBACKSLASH@ |
|
472 |
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
|
473 |
-@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha256.obj `if test -f '$(top_srcdir)/shared/sha256.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/sha256.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/sha256.c'; fi` |
|
474 |
- |
|
475 | 461 |
cdiff.o: $(top_srcdir)/shared/cdiff.c |
476 | 462 |
@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cdiff.o -MD -MP -MF $(DEPDIR)/cdiff.Tpo -c -o cdiff.o `test -f '$(top_srcdir)/shared/cdiff.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/cdiff.c |
477 | 463 |
@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/cdiff.Tpo $(DEPDIR)/cdiff.Po |
... | ... |
@@ -100,7 +100,8 @@ am_libclamav_la_OBJECTS = matcher-ac.lo matcher-bm.lo matcher.lo \ |
100 | 100 |
sis.lo uuencode.lo phishcheck.lo phish_domaincheck_db.lo \ |
101 | 101 |
phish_whitelist.lo regex_list.lo regex_suffix.lo mspack.lo \ |
102 | 102 |
cab.lo entconv.lo hashtab.lo dconf.lo lzma_iface.lo explode.lo \ |
103 |
- textnorm.lo dlp.lo js-norm.lo uniq.lo version.lo mpool.lo |
|
103 |
+ textnorm.lo dlp.lo js-norm.lo uniq.lo version.lo mpool.lo \ |
|
104 |
+ sha256.lo |
|
104 | 105 |
libclamav_la_OBJECTS = $(am_libclamav_la_OBJECTS) |
105 | 106 |
libclamav_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ |
106 | 107 |
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ |
... | ... |
@@ -560,7 +561,9 @@ libclamav_la_SOURCES = \ |
560 | 560 |
version.h\ |
561 | 561 |
mpool.c\ |
562 | 562 |
mpool.h \ |
563 |
- default.h |
|
563 |
+ default.h\ |
|
564 |
+ sha256.c\ |
|
565 |
+ sha256.h |
|
564 | 566 |
|
565 | 567 |
noinst_LTLIBRARIES = libclamav_internal_utils.la |
566 | 568 |
COMMON_CLEANFILES = version.h version.h.tmp *.gcda *.gcno lzma/*.gcda lzma/*.gcno |
... | ... |
@@ -712,6 +715,7 @@ distclean-compile: |
712 | 712 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/regex_suffix.Plo@am__quote@ |
713 | 713 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rtf.Plo@am__quote@ |
714 | 714 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scanners.Plo@am__quote@ |
715 |
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha256.Plo@am__quote@ |
|
715 | 716 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sis.Plo@am__quote@ |
716 | 717 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/special.Plo@am__quote@ |
717 | 718 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/spin.Plo@am__quote@ |
... | ... |
@@ -45,7 +45,7 @@ |
45 | 45 |
#include "iana_tld.h" |
46 | 46 |
#include "iana_cctld.h" |
47 | 47 |
#include "scanners.h" |
48 |
-#include "md5.h" |
|
48 |
+#include "sha256.h" |
|
49 | 49 |
#include <assert.h> |
50 | 50 |
|
51 | 51 |
#include "mpool.h" |
... | ... |
@@ -482,6 +482,7 @@ static int isSSL(const char* URL) |
482 | 482 |
static void |
483 | 483 |
str_hex_to_char(char **begin, const char **end) |
484 | 484 |
{ |
485 |
+ char *firsthex, *sbegin_; |
|
485 | 486 |
char *sbegin = *begin; |
486 | 487 |
const char *str_end = *end; |
487 | 488 |
|
... | ... |
@@ -497,16 +498,25 @@ str_hex_to_char(char **begin, const char **end) |
497 | 497 |
sbegin += 2; |
498 | 498 |
} |
499 | 499 |
*begin = sbegin++; |
500 |
- while(sbegin+3 < str_end) { |
|
501 |
- while(sbegin+3<str_end && sbegin[0]=='%') { |
|
502 |
- const char* src = sbegin+3; |
|
500 |
+ do { |
|
501 |
+ sbegin_ = sbegin; |
|
502 |
+ firsthex = NULL; |
|
503 |
+ while(sbegin+3 <= str_end) { |
|
504 |
+ if (sbegin+3<=str_end && sbegin[0]=='%') { |
|
505 |
+ const char* src = sbegin+3; |
|
506 |
+ if (isxdigit(sbegin[1]) && isxdigit(sbegin[2])) { |
|
503 | 507 |
*sbegin = hex2int((unsigned char*)sbegin+1); |
508 |
+ if (*sbegin == '%' && !firsthex) |
|
509 |
+ firsthex = sbegin; |
|
504 | 510 |
/* move string */ |
505 | 511 |
memmove(sbegin+1,src,str_end-src+1); |
506 | 512 |
str_end -= 2; |
513 |
+ } |
|
507 | 514 |
} |
508 | 515 |
sbegin++; |
509 |
- } |
|
516 |
+ } |
|
517 |
+ sbegin = sbegin_; |
|
518 |
+ } while (firsthex); |
|
510 | 519 |
*end = str_end; |
511 | 520 |
} |
512 | 521 |
|
... | ... |
@@ -1158,66 +1168,96 @@ static int hash_match(const struct regex_matcher *rlist, const char *host, size_ |
1158 | 1158 |
s[hlen+plen] = '\0'; |
1159 | 1159 |
cli_dbgmsg("hash lookup for: %s\n",s); |
1160 | 1160 |
#endif |
1161 |
- if(rlist->md5_hashes.bm_patterns) { |
|
1162 |
- unsigned char md5_dig[16]; |
|
1163 |
- cli_md5_ctx md5; |
|
1164 |
- |
|
1165 |
- cli_md5_init(&md5); |
|
1166 |
- cli_md5_update(&md5, host, hlen); |
|
1167 |
- cli_md5_update(&md5, path, plen); |
|
1168 |
- cli_md5_final(md5_dig, &md5); |
|
1169 |
- if(SO_search(&rlist->md5_filter, md5_dig, 16) != -1 && |
|
1170 |
- cli_bm_scanbuff(md5_dig, 16, &virname, &rlist->md5_hashes,0,0,-1) == CL_VIRUS) { |
|
1171 |
- switch(*virname) { |
|
1172 |
- case '1': |
|
1173 |
- return CL_PHISH_HASH1; |
|
1174 |
- case '2': |
|
1175 |
- return CL_PHISH_HASH2; |
|
1176 |
- default: |
|
1177 |
- return CL_PHISH_HASH0; |
|
1178 |
- } |
|
1161 |
+ if(rlist->sha256_hashes.bm_patterns) { |
|
1162 |
+ unsigned char sha256_dig[32]; |
|
1163 |
+ SHA256_CTX sha256; |
|
1164 |
+ |
|
1165 |
+ sha256_init(&sha256); |
|
1166 |
+ sha256_update(&sha256, host, hlen); |
|
1167 |
+ sha256_update(&sha256, path, plen); |
|
1168 |
+ sha256_final(&sha256, sha256_dig); |
|
1169 |
+ if(SO_search(&rlist->sha256_filter, sha256_dig, 32) != -1 && |
|
1170 |
+ cli_bm_scanbuff(sha256_dig, 32, &virname, &rlist->sha256_hashes,0,0,-1) == CL_VIRUS) { |
|
1171 |
+ switch(*virname) { |
|
1172 |
+ case '1': |
|
1173 |
+ return CL_PHISH_HASH1; |
|
1174 |
+ case '2': |
|
1175 |
+ return CL_PHISH_HASH2; |
|
1176 |
+ default: |
|
1177 |
+ return CL_PHISH_HASH0; |
|
1179 | 1178 |
} |
1179 |
+ } |
|
1180 | 1180 |
} |
1181 | 1181 |
return CL_SUCCESS; |
1182 | 1182 |
} |
1183 | 1183 |
|
1184 | 1184 |
#define URL_MAX_LEN 1024 |
1185 | 1185 |
#define COMPONENTS 4 |
1186 |
-static int url_hash_match(const struct regex_matcher *rlist, const char *inurl, size_t len) |
|
1186 |
+int cli_url_canon(const char *inurl, size_t len, char *urlbuff, size_t dest_len, char **host, size_t *hostlen, char **path, size_t *pathlen) |
|
1187 | 1187 |
{ |
1188 |
- char urlbuff[URL_MAX_LEN+3];/* htmlnorm truncates at 1024 bytes + terminating null + slash + host end null */ |
|
1189 |
- char *url, *p; |
|
1188 |
+ char *url, *p, *last; |
|
1189 |
+ char *host_begin, *path_begin; |
|
1190 | 1190 |
const char *urlend = urlbuff + len; |
1191 |
- char *host_begin; |
|
1192 | 1191 |
size_t host_len, path_len; |
1193 |
- char *path_begin; |
|
1194 |
- const char *component; |
|
1195 |
- const char *lp[COMPONENTS+1]; |
|
1196 |
- size_t pp[COMPONENTS+2]; |
|
1197 |
- size_t j, k, ji, ki; |
|
1198 |
- int rc; |
|
1199 | 1192 |
|
1200 |
- if(!rlist || !rlist->md5_hashes.bm_patterns) { |
|
1201 |
- return CL_SUCCESS; |
|
1202 |
- } |
|
1203 |
- if(!inurl) |
|
1204 |
- return CL_EMEM; |
|
1205 |
- strncpy(urlbuff, inurl, URL_MAX_LEN); |
|
1206 |
- urlbuff[URL_MAX_LEN] = urlbuff[URL_MAX_LEN+1] = urlbuff[URL_MAX_LEN+2] = '\0'; |
|
1193 |
+ dest_len -= 3; |
|
1194 |
+ strncpy(urlbuff, inurl, dest_len); |
|
1195 |
+ urlbuff[dest_len] = urlbuff[dest_len+1] = urlbuff[dest_len+2] = '\0'; |
|
1207 | 1196 |
url = urlbuff; |
1208 |
- str_hex_to_char(&url, &urlend); |
|
1209 |
- len = urlend - url; |
|
1210 |
- host_begin = strchr(url,':'); |
|
1211 |
- if(!host_begin) { |
|
1197 |
+ |
|
1198 |
+ host_begin = strchr(url, ':'); |
|
1199 |
+ if(!host_begin) |
|
1212 | 1200 |
return CL_PHISH_CLEAN; |
1213 |
- } |
|
1214 | 1201 |
++host_begin; |
1202 |
+ |
|
1203 |
+ p = strchr(host_begin, '@'); |
|
1204 |
+ if (p) |
|
1205 |
+ host_begin = p+1; |
|
1206 |
+ url = host_begin; |
|
1207 |
+ str_hex_to_char(&url, &urlend); |
|
1208 |
+ host_begin = url; |
|
1209 |
+ len = urlend - url; |
|
1215 | 1210 |
while((host_begin < urlend) && *host_begin == '/') ++host_begin; |
1216 | 1211 |
while(*host_begin == '.' && host_begin < urlend) ++host_begin; |
1217 |
- p = strchr(host_begin, '@'); |
|
1218 |
- if(p) |
|
1219 |
- host_begin = p+1; |
|
1220 | 1212 |
|
1213 |
+ last = strchr(host_begin, '/'); |
|
1214 |
+ p = host_begin; |
|
1215 |
+ while (p < urlend) { |
|
1216 |
+ if (p+2 < urlend && *p == '/' && p[1] == '.' ) { |
|
1217 |
+ if (p[2] == '/') { |
|
1218 |
+ if (p + 3 < urlend) |
|
1219 |
+ memmove(p+1, p+3, urlend - p - 3); |
|
1220 |
+ urlend -= 2; |
|
1221 |
+ } |
|
1222 |
+ else if (p[2] == '.' && (p[3] == '/' || p[3] == '\0') && last) { |
|
1223 |
+ if (p+4 < urlend) |
|
1224 |
+ memmove(last+1, p+4, urlend - p - 4); |
|
1225 |
+ urlend -= 3 + (p - last); |
|
1226 |
+ } |
|
1227 |
+ } |
|
1228 |
+ if (*p == '/') |
|
1229 |
+ last = p; |
|
1230 |
+ p++; |
|
1231 |
+ } |
|
1232 |
+ p = &url[urlend - url]; |
|
1233 |
+ *p = '\0'; |
|
1234 |
+ |
|
1235 |
+ p = host_begin; |
|
1236 |
+ while (p < urlend && p+2 < url + dest_len) { |
|
1237 |
+ unsigned char c = *p; |
|
1238 |
+ if (c <= 32 || c >= 127 || c == '%' || c == '#') { |
|
1239 |
+ char hexchars[] = "0123456789ABCDEF"; |
|
1240 |
+ memmove(p+3, p+1, urlend - p - 1); |
|
1241 |
+ *p++ = '%'; |
|
1242 |
+ *p++ = hexchars[c>>4]; |
|
1243 |
+ *p = hexchars[c&0xf]; |
|
1244 |
+ urlend += 2; |
|
1245 |
+ } |
|
1246 |
+ p++; |
|
1247 |
+ } |
|
1248 |
+ *p = '\0'; |
|
1249 |
+ urlend = p; |
|
1250 |
+ len = urlend - url; |
|
1221 | 1251 |
host_len = strcspn(host_begin, ":/?"); |
1222 | 1252 |
path_begin = host_begin + host_len; |
1223 | 1253 |
if(host_len < len) { |
... | ... |
@@ -1227,10 +1267,45 @@ static int url_hash_match(const struct regex_matcher *rlist, const char *inurl, |
1227 | 1227 |
} else path_begin = url+len; |
1228 | 1228 |
if(url + len >= path_begin) { |
1229 | 1229 |
path_len = url + len - path_begin + 1; |
1230 |
- } else |
|
1230 |
+ p = strchr(path_begin, '#'); |
|
1231 |
+ if (p) { |
|
1232 |
+ *p = '\0'; |
|
1233 |
+ path_len = p - path_begin; |
|
1234 |
+ } |
|
1235 |
+ } else { |
|
1231 | 1236 |
path_len = 0; |
1237 |
+ path_begin = ""; |
|
1238 |
+ } |
|
1232 | 1239 |
str_make_lowercase(host_begin, host_len); |
1240 |
+ *host = host_begin; |
|
1241 |
+ *path = path_begin; |
|
1242 |
+ *hostlen = host_len; |
|
1243 |
+ *pathlen = path_len; |
|
1244 |
+ return CL_PHISH_NODECISION; |
|
1245 |
+} |
|
1246 |
+ |
|
1247 |
+static int url_hash_match(const struct regex_matcher *rlist, const char *inurl, size_t len) |
|
1248 |
+{ |
|
1249 |
+ size_t j, k, ji, ki; |
|
1250 |
+ char *host_begin, *path_begin; |
|
1251 |
+ const char *component; |
|
1252 |
+ size_t path_len; |
|
1253 |
+ size_t host_len; |
|
1254 |
+ char *p; |
|
1255 |
+ int rc; |
|
1256 |
+ const char *lp[COMPONENTS+1]; |
|
1257 |
+ size_t pp[COMPONENTS+2]; |
|
1258 |
+ char urlbuff[URL_MAX_LEN+3];/* htmlnorm truncates at 1024 bytes + terminating null + slash + host end null */ |
|
1259 |
+ |
|
1260 |
+ if(!rlist || !rlist->sha256_hashes.bm_patterns) { |
|
1261 |
+ return CL_SUCCESS; |
|
1262 |
+ } |
|
1263 |
+ if(!inurl) |
|
1264 |
+ return CL_EMEM; |
|
1233 | 1265 |
|
1266 |
+ rc = cli_url_canon(inurl, len, urlbuff, sizeof(urlbuff), &host_begin, &host_len, &path_begin, &path_len); |
|
1267 |
+ if (rc == CL_PHISH_CLEAN) |
|
1268 |
+ return rc; |
|
1234 | 1269 |
j=COMPONENTS; |
1235 | 1270 |
component = strrchr(host_begin, '.'); |
1236 | 1271 |
while(component && j > 0) { |
... | ... |
@@ -72,6 +72,7 @@ void phish_disable(struct cl_engine* engine,const char* reason); |
72 | 72 |
/* Global, non-thread-safe functions, call only once! */ |
73 | 73 |
int phishing_init(struct cl_engine* engine); |
74 | 74 |
void phishing_done(struct cl_engine* engine); |
75 |
+int cli_url_canon(const char *inurl, size_t len, char *urlbuff, size_t dest_len, char **host, size_t *hostlen, char **path, size_t *pathlen); |
|
75 | 76 |
/* end of non-thread-safe functions */ |
76 | 77 |
|
77 | 78 |
|
... | ... |
@@ -363,13 +363,13 @@ int init_regex_list(struct regex_matcher* matcher) |
363 | 363 |
return rc; |
364 | 364 |
} |
365 | 365 |
#ifdef USE_MPOOL |
366 |
- matcher->md5_hashes.mempool = mp; |
|
366 |
+ matcher->sha256_hashes.mempool = mp; |
|
367 | 367 |
#endif |
368 |
- if((rc = cli_bm_init(&matcher->md5_hashes))) { |
|
368 |
+ if((rc = cli_bm_init(&matcher->sha256_hashes))) { |
|
369 | 369 |
return rc; |
370 | 370 |
} |
371 | 371 |
SO_init(&matcher->filter); |
372 |
- SO_init(&matcher->md5_filter); |
|
372 |
+ SO_init(&matcher->sha256_filter); |
|
373 | 373 |
return CL_SUCCESS; |
374 | 374 |
} |
375 | 375 |
|
... | ... |
@@ -425,15 +425,15 @@ static int add_hash(struct regex_matcher *matcher, char* pattern, const char fl) |
425 | 425 |
pat->pattern = (unsigned char*)cli_mpool_hex2str(matcher->mempool, pattern); |
426 | 426 |
if(!pat->pattern) |
427 | 427 |
return CL_EMALFDB; |
428 |
- pat->length = 16; |
|
428 |
+ pat->length = 32; |
|
429 | 429 |
pat->virname = mpool_malloc(matcher->mempool, 1); |
430 | 430 |
if(!pat->virname) { |
431 | 431 |
free(pat); |
432 | 432 |
return CL_EMEM; |
433 | 433 |
} |
434 | 434 |
*pat->virname = fl; |
435 |
- SO_preprocess_add(&matcher->md5_filter, pat->pattern, pat->length); |
|
436 |
- if((rc = cli_bm_addpatt(&matcher->md5_hashes, pat))) { |
|
435 |
+ SO_preprocess_add(&matcher->sha256_filter, pat->pattern, pat->length); |
|
436 |
+ if((rc = cli_bm_addpatt(&matcher->sha256_hashes, pat))) { |
|
437 | 437 |
cli_errmsg("add_hash: failed to add BM pattern\n"); |
438 | 438 |
free(pat->pattern); |
439 | 439 |
free(pat->virname); |
... | ... |
@@ -596,7 +596,7 @@ void regex_list_done(struct regex_matcher* matcher) |
596 | 596 |
mpool_free(matcher->mempool, matcher->all_pregs); |
597 | 597 |
} |
598 | 598 |
hashtab_free(&matcher->suffix_hash); |
599 |
- cli_bm_free(&matcher->md5_hashes); |
|
599 |
+ cli_bm_free(&matcher->sha256_hashes); |
|
600 | 600 |
} |
601 | 601 |
} |
602 | 602 |
|
... | ... |
@@ -50,8 +50,8 @@ struct regex_matcher { |
50 | 50 |
size_t regex_cnt; |
51 | 51 |
regex_t **all_pregs; |
52 | 52 |
struct cli_matcher suffixes; |
53 |
- struct cli_matcher md5_hashes; |
|
54 |
- struct filter md5_filter; |
|
53 |
+ struct cli_matcher sha256_hashes; |
|
54 |
+ struct filter sha256_filter; |
|
55 | 55 |
struct filter filter; |
56 | 56 |
#ifdef USE_MPOOL |
57 | 57 |
mpool_t *mempool; |
58 | 58 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,481 @@ |
0 |
+/*- |
|
1 |
+ * Copyright (c) 2001-2003 Allan Saddi <allan@saddi.com> |
|
2 |
+ * All rights reserved. |
|
3 |
+ * |
|
4 |
+ * Redistribution and use in source and binary forms, with or without |
|
5 |
+ * modification, are permitted provided that the following conditions |
|
6 |
+ * are met: |
|
7 |
+ * 1. Redistributions of source code must retain the above copyright |
|
8 |
+ * notice, this list of conditions and the following disclaimer. |
|
9 |
+ * 2. Redistributions in binary form must reproduce the above copyright |
|
10 |
+ * notice, this list of conditions and the following disclaimer in the |
|
11 |
+ * documentation and/or other materials provided with the distribution. |
|
12 |
+ * |
|
13 |
+ * THIS SOFTWARE IS PROVIDED BY ALLAN SADDI AND HIS CONTRIBUTORS ``AS IS'' |
|
14 |
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
15 |
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
|
16 |
+ * ARE DISCLAIMED. IN NO EVENT SHALL ALLAN SADDI OR HIS CONTRIBUTORS BE |
|
17 |
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
|
18 |
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
|
19 |
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
|
20 |
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
|
21 |
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
22 |
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
23 |
+ * POSSIBILITY OF SUCH DAMAGE. |
|
24 |
+ * |
|
25 |
+ * $Id: sha256.c 680 2003-07-25 21:57:49Z asaddi $ |
|
26 |
+ */ |
|
27 |
+ |
|
28 |
+/* |
|
29 |
+ * Define WORDS_BIGENDIAN if compiling on a big-endian architecture. |
|
30 |
+ * |
|
31 |
+ * Define SHA256_TEST to test the implementation using the NIST's |
|
32 |
+ * sample messages. The output should be: |
|
33 |
+ * |
|
34 |
+ * ba7816bf 8f01cfea 414140de 5dae2223 b00361a3 96177a9c b410ff61 f20015ad |
|
35 |
+ * 248d6a61 d20638b8 e5c02693 0c3e6039 a33ce459 64ff2167 f6ecedd4 19db06c1 |
|
36 |
+ * cdc76e5c 9914fb92 81a1c7e2 84d73e67 f1809a48 a497200e 046d39cc c7112cd0 |
|
37 |
+ */ |
|
38 |
+ |
|
39 |
+#ifdef HAVE_CONFIG_H |
|
40 |
+#include "clamav-config.h" |
|
41 |
+#endif /* HAVE_CONFIG_H */ |
|
42 |
+ |
|
43 |
+#if HAVE_INTTYPES_H |
|
44 |
+# include <inttypes.h> |
|
45 |
+#else |
|
46 |
+# if HAVE_STDINT_H |
|
47 |
+# include <stdint.h> |
|
48 |
+# endif |
|
49 |
+#endif |
|
50 |
+ |
|
51 |
+#include <string.h> |
|
52 |
+ |
|
53 |
+#include "sha256.h" |
|
54 |
+ |
|
55 |
+#ifndef lint |
|
56 |
+static const char rcsid[] = |
|
57 |
+ "$Id: sha256.c 680 2003-07-25 21:57:49Z asaddi $"; |
|
58 |
+#endif /* !lint */ |
|
59 |
+ |
|
60 |
+#define ROTL(x, n) (((x) << (n)) | ((x) >> (32 - (n)))) |
|
61 |
+#define ROTR(x, n) (((x) >> (n)) | ((x) << (32 - (n)))) |
|
62 |
+ |
|
63 |
+#define Ch(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) |
|
64 |
+#define Maj(x, y, z) (((x) & ((y) | (z))) | ((y) & (z))) |
|
65 |
+#define SIGMA0(x) (ROTR((x), 2) ^ ROTR((x), 13) ^ ROTR((x), 22)) |
|
66 |
+#define SIGMA1(x) (ROTR((x), 6) ^ ROTR((x), 11) ^ ROTR((x), 25)) |
|
67 |
+#define sigma0(x) (ROTR((x), 7) ^ ROTR((x), 18) ^ ((x) >> 3)) |
|
68 |
+#define sigma1(x) (ROTR((x), 17) ^ ROTR((x), 19) ^ ((x) >> 10)) |
|
69 |
+ |
|
70 |
+#define DO_ROUND() { \ |
|
71 |
+ t1 = h + SIGMA1(e) + Ch(e, f, g) + *(Kp++) + *(W++); \ |
|
72 |
+ t2 = SIGMA0(a) + Maj(a, b, c); \ |
|
73 |
+ h = g; \ |
|
74 |
+ g = f; \ |
|
75 |
+ f = e; \ |
|
76 |
+ e = d + t1; \ |
|
77 |
+ d = c; \ |
|
78 |
+ c = b; \ |
|
79 |
+ b = a; \ |
|
80 |
+ a = t1 + t2; \ |
|
81 |
+} |
|
82 |
+ |
|
83 |
+static const uint32_t K[64] = { |
|
84 |
+ 0x428a2f98L, 0x71374491L, 0xb5c0fbcfL, 0xe9b5dba5L, |
|
85 |
+ 0x3956c25bL, 0x59f111f1L, 0x923f82a4L, 0xab1c5ed5L, |
|
86 |
+ 0xd807aa98L, 0x12835b01L, 0x243185beL, 0x550c7dc3L, |
|
87 |
+ 0x72be5d74L, 0x80deb1feL, 0x9bdc06a7L, 0xc19bf174L, |
|
88 |
+ 0xe49b69c1L, 0xefbe4786L, 0x0fc19dc6L, 0x240ca1ccL, |
|
89 |
+ 0x2de92c6fL, 0x4a7484aaL, 0x5cb0a9dcL, 0x76f988daL, |
|
90 |
+ 0x983e5152L, 0xa831c66dL, 0xb00327c8L, 0xbf597fc7L, |
|
91 |
+ 0xc6e00bf3L, 0xd5a79147L, 0x06ca6351L, 0x14292967L, |
|
92 |
+ 0x27b70a85L, 0x2e1b2138L, 0x4d2c6dfcL, 0x53380d13L, |
|
93 |
+ 0x650a7354L, 0x766a0abbL, 0x81c2c92eL, 0x92722c85L, |
|
94 |
+ 0xa2bfe8a1L, 0xa81a664bL, 0xc24b8b70L, 0xc76c51a3L, |
|
95 |
+ 0xd192e819L, 0xd6990624L, 0xf40e3585L, 0x106aa070L, |
|
96 |
+ 0x19a4c116L, 0x1e376c08L, 0x2748774cL, 0x34b0bcb5L, |
|
97 |
+ 0x391c0cb3L, 0x4ed8aa4aL, 0x5b9cca4fL, 0x682e6ff3L, |
|
98 |
+ 0x748f82eeL, 0x78a5636fL, 0x84c87814L, 0x8cc70208L, |
|
99 |
+ 0x90befffaL, 0xa4506cebL, 0xbef9a3f7L, 0xc67178f2L |
|
100 |
+}; |
|
101 |
+ |
|
102 |
+#ifndef RUNTIME_ENDIAN |
|
103 |
+ |
|
104 |
+#if WORDS_BIGENDIAN == 1 |
|
105 |
+ |
|
106 |
+#define BYTESWAP(x) (x) |
|
107 |
+#define BYTESWAP64(x) (x) |
|
108 |
+ |
|
109 |
+#else /* WORDS_BIGENDIAN */ |
|
110 |
+ |
|
111 |
+#define BYTESWAP(x) ((ROTR((x), 8) & 0xff00ff00L) | \ |
|
112 |
+ (ROTL((x), 8) & 0x00ff00ffL)) |
|
113 |
+#define BYTESWAP64(x) _byteswap64(x) |
|
114 |
+ |
|
115 |
+static inline uint64_t _byteswap64(uint64_t x) |
|
116 |
+{ |
|
117 |
+ uint32_t a = x >> 32; |
|
118 |
+ uint32_t b = (uint32_t) x; |
|
119 |
+ return ((uint64_t) BYTESWAP(b) << 32) | (uint64_t) BYTESWAP(a); |
|
120 |
+} |
|
121 |
+ |
|
122 |
+#endif /* WORDS_BIGENDIAN */ |
|
123 |
+ |
|
124 |
+#else /* !RUNTIME_ENDIAN */ |
|
125 |
+ |
|
126 |
+#define BYTESWAP(x) _byteswap(sc->littleEndian, x) |
|
127 |
+#define BYTESWAP64(x) _byteswap64(sc->littleEndian, x) |
|
128 |
+ |
|
129 |
+#define _BYTESWAP(x) ((ROTR((x), 8) & 0xff00ff00L) | \ |
|
130 |
+ (ROTL((x), 8) & 0x00ff00ffL)) |
|
131 |
+#define _BYTESWAP64(x) __byteswap64(x) |
|
132 |
+ |
|
133 |
+static inline uint64_t __byteswap64(uint64_t x) |
|
134 |
+{ |
|
135 |
+ uint32_t a = x >> 32; |
|
136 |
+ uint32_t b = (uint32_t) x; |
|
137 |
+ return ((uint64_t) _BYTESWAP(b) << 32) | (uint64_t) _BYTESWAP(a); |
|
138 |
+} |
|
139 |
+ |
|
140 |
+static inline uint32_t _byteswap(int littleEndian, uint32_t x) |
|
141 |
+{ |
|
142 |
+ if (!littleEndian) |
|
143 |
+ return x; |
|
144 |
+ else |
|
145 |
+ return _BYTESWAP(x); |
|
146 |
+} |
|
147 |
+ |
|
148 |
+static inline uint64_t _byteswap64(int littleEndian, uint64_t x) |
|
149 |
+{ |
|
150 |
+ if (!littleEndian) |
|
151 |
+ return x; |
|
152 |
+ else |
|
153 |
+ return _BYTESWAP64(x); |
|
154 |
+} |
|
155 |
+ |
|
156 |
+static inline void setEndian(int *littleEndianp) |
|
157 |
+{ |
|
158 |
+ union { |
|
159 |
+ uint32_t w; |
|
160 |
+ uint8_t b[4]; |
|
161 |
+ } endian; |
|
162 |
+ |
|
163 |
+ endian.w = 1L; |
|
164 |
+ *littleEndianp = endian.b[0] != 0; |
|
165 |
+} |
|
166 |
+ |
|
167 |
+#endif /* !RUNTIME_ENDIAN */ |
|
168 |
+ |
|
169 |
+static const uint8_t padding[64] = { |
|
170 |
+ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
171 |
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
172 |
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
173 |
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
174 |
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
175 |
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
176 |
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
177 |
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 |
|
178 |
+}; |
|
179 |
+ |
|
180 |
+void |
|
181 |
+sha256_init (SHA256_CTX *sc) |
|
182 |
+{ |
|
183 |
+#ifdef RUNTIME_ENDIAN |
|
184 |
+ setEndian (&sc->littleEndian); |
|
185 |
+#endif /* RUNTIME_ENDIAN */ |
|
186 |
+ |
|
187 |
+ sc->totalLength = 0LL; |
|
188 |
+ sc->hash[0] = 0x6a09e667L; |
|
189 |
+ sc->hash[1] = 0xbb67ae85L; |
|
190 |
+ sc->hash[2] = 0x3c6ef372L; |
|
191 |
+ sc->hash[3] = 0xa54ff53aL; |
|
192 |
+ sc->hash[4] = 0x510e527fL; |
|
193 |
+ sc->hash[5] = 0x9b05688cL; |
|
194 |
+ sc->hash[6] = 0x1f83d9abL; |
|
195 |
+ sc->hash[7] = 0x5be0cd19L; |
|
196 |
+ sc->bufferLength = 0L; |
|
197 |
+} |
|
198 |
+ |
|
199 |
+static void |
|
200 |
+burnStack (int size) |
|
201 |
+{ |
|
202 |
+ char buf[128]; |
|
203 |
+ |
|
204 |
+ memset (buf, 0, sizeof (buf)); |
|
205 |
+ size -= sizeof (buf); |
|
206 |
+ if (size > 0) |
|
207 |
+ burnStack (size); |
|
208 |
+} |
|
209 |
+ |
|
210 |
+static void |
|
211 |
+SHA256Guts (SHA256_CTX *sc, const uint32_t *cbuf) |
|
212 |
+{ |
|
213 |
+ uint32_t buf[64]; |
|
214 |
+ uint32_t *W, *W2, *W7, *W15, *W16; |
|
215 |
+ uint32_t a, b, c, d, e, f, g, h; |
|
216 |
+ uint32_t t1, t2; |
|
217 |
+ const uint32_t *Kp; |
|
218 |
+ int i; |
|
219 |
+ |
|
220 |
+ W = buf; |
|
221 |
+ |
|
222 |
+ for (i = 15; i >= 0; i--) { |
|
223 |
+ *(W++) = BYTESWAP(*cbuf); |
|
224 |
+ cbuf++; |
|
225 |
+ } |
|
226 |
+ |
|
227 |
+ W16 = &buf[0]; |
|
228 |
+ W15 = &buf[1]; |
|
229 |
+ W7 = &buf[9]; |
|
230 |
+ W2 = &buf[14]; |
|
231 |
+ |
|
232 |
+ for (i = 47; i >= 0; i--) { |
|
233 |
+ *(W++) = sigma1(*W2) + *(W7++) + sigma0(*W15) + *(W16++); |
|
234 |
+ W2++; |
|
235 |
+ W15++; |
|
236 |
+ } |
|
237 |
+ |
|
238 |
+ a = sc->hash[0]; |
|
239 |
+ b = sc->hash[1]; |
|
240 |
+ c = sc->hash[2]; |
|
241 |
+ d = sc->hash[3]; |
|
242 |
+ e = sc->hash[4]; |
|
243 |
+ f = sc->hash[5]; |
|
244 |
+ g = sc->hash[6]; |
|
245 |
+ h = sc->hash[7]; |
|
246 |
+ |
|
247 |
+ Kp = K; |
|
248 |
+ W = buf; |
|
249 |
+ |
|
250 |
+#ifndef SHA256_UNROLL |
|
251 |
+#define SHA256_UNROLL 1 |
|
252 |
+#endif /* !SHA256_UNROLL */ |
|
253 |
+ |
|
254 |
+#if SHA256_UNROLL == 1 |
|
255 |
+ for (i = 63; i >= 0; i--) |
|
256 |
+ DO_ROUND(); |
|
257 |
+#elif SHA256_UNROLL == 2 |
|
258 |
+ for (i = 31; i >= 0; i--) { |
|
259 |
+ DO_ROUND(); DO_ROUND(); |
|
260 |
+ } |
|
261 |
+#elif SHA256_UNROLL == 4 |
|
262 |
+ for (i = 15; i >= 0; i--) { |
|
263 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
264 |
+ } |
|
265 |
+#elif SHA256_UNROLL == 8 |
|
266 |
+ for (i = 7; i >= 0; i--) { |
|
267 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
268 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
269 |
+ } |
|
270 |
+#elif SHA256_UNROLL == 16 |
|
271 |
+ for (i = 3; i >= 0; i--) { |
|
272 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
273 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
274 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
275 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
276 |
+ } |
|
277 |
+#elif SHA256_UNROLL == 32 |
|
278 |
+ for (i = 1; i >= 0; i--) { |
|
279 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
280 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
281 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
282 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
283 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
284 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
285 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
286 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
287 |
+ } |
|
288 |
+#elif SHA256_UNROLL == 64 |
|
289 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
290 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
291 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
292 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
293 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
294 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
295 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
296 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
297 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
298 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
299 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
300 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
301 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
302 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
303 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
304 |
+ DO_ROUND(); DO_ROUND(); DO_ROUND(); DO_ROUND(); |
|
305 |
+#else |
|
306 |
+#error "SHA256_UNROLL must be 1, 2, 4, 8, 16, 32, or 64!" |
|
307 |
+#endif |
|
308 |
+ |
|
309 |
+ sc->hash[0] += a; |
|
310 |
+ sc->hash[1] += b; |
|
311 |
+ sc->hash[2] += c; |
|
312 |
+ sc->hash[3] += d; |
|
313 |
+ sc->hash[4] += e; |
|
314 |
+ sc->hash[5] += f; |
|
315 |
+ sc->hash[6] += g; |
|
316 |
+ sc->hash[7] += h; |
|
317 |
+} |
|
318 |
+ |
|
319 |
+void |
|
320 |
+sha256_update (SHA256_CTX *sc, const void *vdata, uint32_t len) |
|
321 |
+{ |
|
322 |
+ const uint8_t *data = vdata; |
|
323 |
+ uint32_t bufferBytesLeft; |
|
324 |
+ uint32_t bytesToCopy; |
|
325 |
+ int needBurn = 0; |
|
326 |
+ |
|
327 |
+#ifdef SHA256_FAST_COPY |
|
328 |
+ if (sc->bufferLength) { |
|
329 |
+ bufferBytesLeft = 64L - sc->bufferLength; |
|
330 |
+ |
|
331 |
+ bytesToCopy = bufferBytesLeft; |
|
332 |
+ if (bytesToCopy > len) |
|
333 |
+ bytesToCopy = len; |
|
334 |
+ |
|
335 |
+ memcpy (&sc->buffer.bytes[sc->bufferLength], data, bytesToCopy); |
|
336 |
+ |
|
337 |
+ sc->totalLength += bytesToCopy * 8L; |
|
338 |
+ |
|
339 |
+ sc->bufferLength += bytesToCopy; |
|
340 |
+ data += bytesToCopy; |
|
341 |
+ len -= bytesToCopy; |
|
342 |
+ |
|
343 |
+ if (sc->bufferLength == 64L) { |
|
344 |
+ SHA256Guts (sc, sc->buffer.words); |
|
345 |
+ needBurn = 1; |
|
346 |
+ sc->bufferLength = 0L; |
|
347 |
+ } |
|
348 |
+ } |
|
349 |
+ |
|
350 |
+ while (len > 63L) { |
|
351 |
+ sc->totalLength += 512L; |
|
352 |
+ |
|
353 |
+ SHA256Guts (sc, data); |
|
354 |
+ needBurn = 1; |
|
355 |
+ |
|
356 |
+ data += 64L; |
|
357 |
+ len -= 64L; |
|
358 |
+ } |
|
359 |
+ |
|
360 |
+ if (len) { |
|
361 |
+ memcpy (&sc->buffer.bytes[sc->bufferLength], data, len); |
|
362 |
+ |
|
363 |
+ sc->totalLength += len * 8L; |
|
364 |
+ |
|
365 |
+ sc->bufferLength += len; |
|
366 |
+ } |
|
367 |
+#else /* SHA256_FAST_COPY */ |
|
368 |
+ while (len) { |
|
369 |
+ bufferBytesLeft = 64L - sc->bufferLength; |
|
370 |
+ |
|
371 |
+ bytesToCopy = bufferBytesLeft; |
|
372 |
+ if (bytesToCopy > len) |
|
373 |
+ bytesToCopy = len; |
|
374 |
+ |
|
375 |
+ memcpy (&sc->buffer.bytes[sc->bufferLength], data, bytesToCopy); |
|
376 |
+ |
|
377 |
+ sc->totalLength += bytesToCopy * 8L; |
|
378 |
+ |
|
379 |
+ sc->bufferLength += bytesToCopy; |
|
380 |
+ data += bytesToCopy; |
|
381 |
+ len -= bytesToCopy; |
|
382 |
+ |
|
383 |
+ if (sc->bufferLength == 64L) { |
|
384 |
+ SHA256Guts (sc, sc->buffer.words); |
|
385 |
+ needBurn = 1; |
|
386 |
+ sc->bufferLength = 0L; |
|
387 |
+ } |
|
388 |
+ } |
|
389 |
+#endif /* SHA256_FAST_COPY */ |
|
390 |
+ |
|
391 |
+ if (needBurn) |
|
392 |
+ burnStack (sizeof (uint32_t[74]) + sizeof (uint32_t *[6]) + sizeof (int)); |
|
393 |
+} |
|
394 |
+ |
|
395 |
+void |
|
396 |
+sha256_final (SHA256_CTX *sc, uint8_t hash[SHA256_HASH_SIZE]) |
|
397 |
+{ |
|
398 |
+ uint32_t bytesToPad; |
|
399 |
+ uint64_t lengthPad; |
|
400 |
+ int i; |
|
401 |
+ |
|
402 |
+ bytesToPad = 120L - sc->bufferLength; |
|
403 |
+ if (bytesToPad > 64L) |
|
404 |
+ bytesToPad -= 64L; |
|
405 |
+ |
|
406 |
+ lengthPad = BYTESWAP64(sc->totalLength); |
|
407 |
+ |
|
408 |
+ sha256_update (sc, padding, bytesToPad); |
|
409 |
+ sha256_update (sc, &lengthPad, 8L); |
|
410 |
+ |
|
411 |
+ if (hash) { |
|
412 |
+ for (i = 0; i < SHA256_HASH_WORDS; i++) { |
|
413 |
+#ifdef SHA256_FAST_COPY |
|
414 |
+ *((uint32_t *) hash) = BYTESWAP(sc->hash[i]); |
|
415 |
+#else /* SHA256_FAST_COPY */ |
|
416 |
+ hash[0] = (uint8_t) (sc->hash[i] >> 24); |
|
417 |
+ hash[1] = (uint8_t) (sc->hash[i] >> 16); |
|
418 |
+ hash[2] = (uint8_t) (sc->hash[i] >> 8); |
|
419 |
+ hash[3] = (uint8_t) sc->hash[i]; |
|
420 |
+#endif /* SHA256_FAST_COPY */ |
|
421 |
+ hash += 4; |
|
422 |
+ } |
|
423 |
+ } |
|
424 |
+} |
|
425 |
+ |
|
426 |
+#ifdef SHA256_TEST |
|
427 |
+ |
|
428 |
+#include <stdio.h> |
|
429 |
+#include <stdlib.h> |
|
430 |
+#include <string.h> |
|
431 |
+ |
|
432 |
+int |
|
433 |
+main (int argc, char *argv[]) |
|
434 |
+{ |
|
435 |
+ SHA256_CTX foo; |
|
436 |
+ uint8_t hash[SHA256_HASH_SIZE]; |
|
437 |
+ char buf[1000]; |
|
438 |
+ int i; |
|
439 |
+ |
|
440 |
+ sha256_init (&foo); |
|
441 |
+ sha256_update (&foo, "abc", 3); |
|
442 |
+ sha256_final (&foo, hash); |
|
443 |
+ |
|
444 |
+ for (i = 0; i < SHA256_HASH_SIZE;) { |
|
445 |
+ printf ("%02x", hash[i++]); |
|
446 |
+ if (!(i % 4)) |
|
447 |
+ printf (" "); |
|
448 |
+ } |
|
449 |
+ printf ("\n"); |
|
450 |
+ |
|
451 |
+ sha256_init (&foo); |
|
452 |
+ sha256_update (&foo, |
|
453 |
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", |
|
454 |
+ 56); |
|
455 |
+ sha256_final (&foo, hash); |
|
456 |
+ |
|
457 |
+ for (i = 0; i < SHA256_HASH_SIZE;) { |
|
458 |
+ printf ("%02x", hash[i++]); |
|
459 |
+ if (!(i % 4)) |
|
460 |
+ printf (" "); |
|
461 |
+ } |
|
462 |
+ printf ("\n"); |
|
463 |
+ |
|
464 |
+ sha256_init (&foo); |
|
465 |
+ memset (buf, 'a', sizeof (buf)); |
|
466 |
+ for (i = 0; i < 1000; i++) |
|
467 |
+ sha256_update (&foo, buf, sizeof (buf)); |
|
468 |
+ sha256_final (&foo, hash); |
|
469 |
+ |
|
470 |
+ for (i = 0; i < SHA256_HASH_SIZE;) { |
|
471 |
+ printf ("%02x", hash[i++]); |
|
472 |
+ if (!(i % 4)) |
|
473 |
+ printf (" "); |
|
474 |
+ } |
|
475 |
+ printf ("\n"); |
|
476 |
+ |
|
477 |
+ exit (0); |
|
478 |
+} |
|
479 |
+ |
|
480 |
+#endif /* SHA256_TEST */ |
0 | 481 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,66 @@ |
0 |
+/*- |
|
1 |
+ * Copyright (c) 2001-2003 Allan Saddi <allan@saddi.com> |
|
2 |
+ * All rights reserved. |
|
3 |
+ * |
|
4 |
+ * Redistribution and use in source and binary forms, with or without |
|
5 |
+ * modification, are permitted provided that the following conditions |
|
6 |
+ * are met: |
|
7 |
+ * 1. Redistributions of source code must retain the above copyright |
|
8 |
+ * notice, this list of conditions and the following disclaimer. |
|
9 |
+ * 2. Redistributions in binary form must reproduce the above copyright |
|
10 |
+ * notice, this list of conditions and the following disclaimer in the |
|
11 |
+ * documentation and/or other materials provided with the distribution. |
|
12 |
+ * |
|
13 |
+ * THIS SOFTWARE IS PROVIDED BY ALLAN SADDI AND HIS CONTRIBUTORS ``AS IS'' |
|
14 |
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
15 |
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
|
16 |
+ * ARE DISCLAIMED. IN NO EVENT SHALL ALLAN SADDI OR HIS CONTRIBUTORS BE |
|
17 |
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
|
18 |
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
|
19 |
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
|
20 |
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
|
21 |
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
22 |
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
23 |
+ * POSSIBILITY OF SUCH DAMAGE. |
|
24 |
+ * |
|
25 |
+ * $Id: sha256.h 348 2003-02-23 22:12:06Z asaddi $ |
|
26 |
+ */ |
|
27 |
+ |
|
28 |
+#ifndef _SHA256_H |
|
29 |
+#define _SHA256_H |
|
30 |
+ |
|
31 |
+#include "cltypes.h" |
|
32 |
+ |
|
33 |
+#define SHA256_HASH_SIZE 32 |
|
34 |
+ |
|
35 |
+/* Hash size in 32-bit words */ |
|
36 |
+#define SHA256_HASH_WORDS 8 |
|
37 |
+ |
|
38 |
+struct _SHA256Context { |
|
39 |
+ uint64_t totalLength; |
|
40 |
+ uint32_t hash[SHA256_HASH_WORDS]; |
|
41 |
+ uint32_t bufferLength; |
|
42 |
+ union { |
|
43 |
+ uint32_t words[16]; |
|
44 |
+ uint8_t bytes[64]; |
|
45 |
+ } buffer; |
|
46 |
+#ifdef RUNTIME_ENDIAN |
|
47 |
+ int littleEndian; |
|
48 |
+#endif /* RUNTIME_ENDIAN */ |
|
49 |
+}; |
|
50 |
+ |
|
51 |
+typedef struct _SHA256Context SHA256_CTX; |
|
52 |
+ |
|
53 |
+#ifdef __cplusplus |
|
54 |
+extern "C" { |
|
55 |
+#endif |
|
56 |
+ |
|
57 |
+void sha256_init (SHA256_CTX *sc); |
|
58 |
+void sha256_update (SHA256_CTX *sc, const void *data, uint32_t len); |
|
59 |
+void sha256_final (SHA256_CTX *sc, uint8_t hash[SHA256_HASH_SIZE]); |
|
60 |
+ |
|
61 |
+#ifdef __cplusplus |
|
62 |
+} |
|
63 |
+#endif |
|
64 |
+ |
|
65 |
+#endif /* !_SHA256_H */ |
... | ... |
@@ -35,7 +35,7 @@ |
35 | 35 |
#include "shared/misc.h" |
36 | 36 |
#include "shared/output.h" |
37 | 37 |
#include "shared/cdiff.h" |
38 |
-#include "shared/sha256.h" |
|
38 |
+#include "libclamav/sha256.h" |
|
39 | 39 |
|
40 | 40 |
#include "libclamav/str.h" |
41 | 41 |
#include "libclamav/others.h" |
... | ... |
@@ -783,8 +783,7 @@ static void pss_mgf(unsigned char *in, unsigned int inlen, unsigned char *out, u |
783 | 783 |
sha256_init(&ctx); |
784 | 784 |
sha256_update(&ctx, in, inlen); |
785 | 785 |
sha256_update(&ctx, cnt, sizeof(cnt)); |
786 |
- sha256_final(&ctx); |
|
787 |
- sha256_digest(&ctx, digest); |
|
786 |
+ sha256_final(&ctx, digest); |
|
788 | 787 |
|
789 | 788 |
if(i != laps - 1) |
790 | 789 |
memcpy(&out[i * PSS_DIGEST_LENGTH], digest, PSS_DIGEST_LENGTH); |
... | ... |
@@ -852,8 +851,7 @@ static int pss_versig(const unsigned char *sha256, const char *dsig) |
852 | 852 |
|
853 | 853 |
sha256_init(&ctx); |
854 | 854 |
sha256_update(&ctx, fblock, sizeof(fblock)); |
855 |
- sha256_final(&ctx); |
|
856 |
- sha256_digest(&ctx, digest1); |
|
855 |
+ sha256_final(&ctx, digest1); |
|
857 | 856 |
|
858 | 857 |
if(memcmp(digest1, digest2, hlen)) { |
859 | 858 |
/* cli_dbgmsg("cli_versigpss: Signature doesn't match.\n"); */ |
... | ... |
@@ -944,8 +942,7 @@ int cdiff_apply(int fd, unsigned short mode) |
944 | 944 |
} |
945 | 945 |
sum += bread; |
946 | 946 |
} |
947 |
- sha256_final(&sha256ctx); |
|
948 |
- sha256_digest(&sha256ctx, digest); |
|
947 |
+ sha256_final(&sha256ctx, digest); |
|
949 | 948 |
|
950 | 949 |
if(pss_versig(digest, dsig)) { |
951 | 950 |
logg("!cdiff_apply: Incorrect digital signature\n"); |
952 | 951 |
deleted file mode 100644 |
... | ... |
@@ -1,281 +0,0 @@ |
1 |
-/* |
|
2 |
- * Copyright (C) 2001 Niels Moller |
|
3 |
- * |
|
4 |
- * This program is free software; you can redistribute it and/or |
|
5 |
- * modify it under the terms of the GNU General Public License as |
|
6 |
- * published by the Free Software Foundation; either version 2 of the |
|
7 |
- * License, or (at your option) any later version. |
|
8 |
- * |
|
9 |
- * The nettle library is distributed in the hope that it will be useful, but |
|
10 |
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY |
|
11 |
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public |
|
12 |
- * License for more details. |
|
13 |
- * |
|
14 |
- * You should have received a copy of the GNU Lesser General Public License |
|
15 |
- * along with the nettle library; see the file COPYING.LIB. If not, write to |
|
16 |
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, |
|
17 |
- * MA 02111-1307, USA. |
|
18 |
- */ |
|
19 |
- |
|
20 |
-/* Modelled after the sha1.c code by Peter Gutmann. */ |
|
21 |
- |
|
22 |
-#include <stdio.h> |
|
23 |
-#include <string.h> |
|
24 |
- |
|
25 |
-#include "cltypes.h" |
|
26 |
-#include "sha256.h" |
|
27 |
- |
|
28 |
-/* A block, treated as a sequence of 32-bit words. */ |
|
29 |
-#define SHA256_DATA_LENGTH 16 |
|
30 |
- |
|
31 |
-#define ROTR(n,x) ((x)>>(n) | ((x)<<(32-(n)))) |
|
32 |
-#define SHR(n,x) ((x)>>(n)) |
|
33 |
- |
|
34 |
-#define Choice(x,y,z) ( (z) ^ ( (x) & ( (y) ^ (z) ) ) ) |
|
35 |
-#define Majority(x,y,z) ( ((x) & (y)) ^ ((z) & ((x) ^ (y))) ) |
|
36 |
- |
|
37 |
-#define S0(x) (ROTR(2,(x)) ^ ROTR(13,(x)) ^ ROTR(22,(x))) |
|
38 |
-#define S1(x) (ROTR(6,(x)) ^ ROTR(11,(x)) ^ ROTR(25,(x))) |
|
39 |
- |
|
40 |
-#define s0(x) (ROTR(7,(x)) ^ ROTR(18,(x)) ^ SHR(3,(x))) |
|
41 |
-#define s1(x) (ROTR(17,(x)) ^ ROTR(19,(x)) ^ SHR(10,(x))) |
|
42 |
- |
|
43 |
-static const uint32_t K[64] = { |
|
44 |
- 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, |
|
45 |
- 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, |
|
46 |
- 0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL, |
|
47 |
- 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL, |
|
48 |
- 0xe49b69c1UL, 0xefbe4786UL, 0xfc19dc6UL, 0x240ca1ccUL, |
|
49 |
- 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, |
|
50 |
- 0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, |
|
51 |
- 0xc6e00bf3UL, 0xd5a79147UL, 0x6ca6351UL, 0x14292967UL, |
|
52 |
- 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL, |
|
53 |
- 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL, |
|
54 |
- 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, |
|
55 |
- 0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, |
|
56 |
- 0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL, |
|
57 |
- 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL, |
|
58 |
- 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL, |
|
59 |
- 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL, |
|
60 |
-}; |
|
61 |
- |
|
62 |
-#define EXPAND(W,i) \ |
|
63 |
-( W[(i) & 15 ] += (s1(W[((i)-2) & 15]) + W[((i)-7) & 15] + s0(W[((i)-15) & 15])) ) |
|
64 |
- |
|
65 |
-#define ROUND(a,b,c,d,e,f,g,h,k,data) do { \ |
|
66 |
- uint32_t T1 = h + S1(e) + Choice(e,f,g) + k + data; \ |
|
67 |
- uint32_t T2 = S0(a) + Majority(a,b,c); \ |
|
68 |
- d += T1; \ |
|
69 |
- h = T1 + T2; \ |
|
70 |
-} while (0) |
|
71 |
- |
|
72 |
-#ifndef EXTRACT_UCHAR |
|
73 |
-#define EXTRACT_UCHAR(p) (*(const unsigned char *)(p)) |
|
74 |
-#endif |
|
75 |
- |
|
76 |
-#define STRING2INT(s) ((((((EXTRACT_UCHAR(s) << 8) \ |
|
77 |
- | EXTRACT_UCHAR(s+1)) << 8) \ |
|
78 |
- | EXTRACT_UCHAR(s+2)) << 8) \ |
|
79 |
- | EXTRACT_UCHAR(s+3)) |
|
80 |
- |
|
81 |
-#ifndef EXTRACT_UCHAR |
|
82 |
-#define EXTRACT_UCHAR(p) (*(const mutils_word8 *)(p)) |
|
83 |
-#endif |
|
84 |
- |
|
85 |
-#define STRING2INT(s) ((((((EXTRACT_UCHAR(s) << 8) \ |
|
86 |
- | EXTRACT_UCHAR(s+1)) << 8) \ |
|
87 |
- | EXTRACT_UCHAR(s+2)) << 8) \ |
|
88 |
- | EXTRACT_UCHAR(s+3)) |
|
89 |
- |
|
90 |
-/* Initialize the SHA values */ |
|
91 |
- |
|
92 |
-void sha256_init(struct sha256_ctx *ctx) |
|
93 |
-{ |
|
94 |
- /* Initial values, also generated by the shadata program. */ |
|
95 |
- static const uint32_t H0[_SHA256_DIGEST_LENGTH] = { |
|
96 |
- 0x6a09e667UL, 0xbb67ae85UL, 0x3c6ef372UL, 0xa54ff53aUL, |
|
97 |
- 0x510e527fUL, 0x9b05688cUL, 0x1f83d9abUL, 0x5be0cd19UL, |
|
98 |
- }; |
|
99 |
- |
|
100 |
- memcpy(ctx->state, H0, sizeof(H0)); |
|
101 |
- |
|
102 |
- /* Initialize bit count */ |
|
103 |
- ctx->count_low = ctx->count_high = 0; |
|
104 |
- |
|
105 |
- /* Initialize buffer */ |
|
106 |
- ctx->index = 0; |
|
107 |
-} |
|
108 |
- |
|
109 |
-/* Perform the SHA transformation. Note that this code, like MD5, seems to |
|
110 |
- break some optimizing compilers due to the complexity of the expressions |
|
111 |
- and the size of the basic block. It may be necessary to split it into |
|
112 |
- sections, e.g. based on the four subrounds |
|
113 |
- |
|
114 |
- Note that this function destroys the data area */ |
|
115 |
- |
|
116 |
-static void sha256_transform(uint32_t *state, uint32_t *data) |
|
117 |
-{ |
|
118 |
- uint32_t A, B, C, D, E, F, G, H; /* Local vars */ |
|
119 |
- unsigned char i; |
|
120 |
- const uint32_t *k; |
|
121 |
- uint32_t *d; |
|
122 |
- |
|
123 |
- /* Set up first buffer and local data buffer */ |
|
124 |
- A = state[0]; |
|
125 |
- B = state[1]; |
|
126 |
- C = state[2]; |
|
127 |
- D = state[3]; |
|
128 |
- E = state[4]; |
|
129 |
- F = state[5]; |
|
130 |
- G = state[6]; |
|
131 |
- H = state[7]; |
|
132 |
- |
|
133 |
- /* Heavy mangling */ |
|
134 |
- /* First 16 subrounds that act on the original data */ |
|
135 |
- |
|
136 |
- for (i = 0, k = K, d = data; i < 16; i += 8, k += 8, d += 8) { |
|
137 |
- ROUND(A, B, C, D, E, F, G, H, k[0], d[0]); |
|
138 |
- ROUND(H, A, B, C, D, E, F, G, k[1], d[1]); |
|
139 |
- ROUND(G, H, A, B, C, D, E, F, k[2], d[2]); |
|
140 |
- ROUND(F, G, H, A, B, C, D, E, k[3], d[3]); |
|
141 |
- ROUND(E, F, G, H, A, B, C, D, k[4], d[4]); |
|
142 |
- ROUND(D, E, F, G, H, A, B, C, k[5], d[5]); |
|
143 |
- ROUND(C, D, E, F, G, H, A, B, k[6], d[6]); |
|
144 |
- ROUND(B, C, D, E, F, G, H, A, k[7], d[7]); |
|
145 |
- } |
|
146 |
- |
|
147 |
- for (; i < 64; i += 16, k += 16) { |
|
148 |
- ROUND(A, B, C, D, E, F, G, H, k[0], EXPAND(data, 0)); |
|
149 |
- ROUND(H, A, B, C, D, E, F, G, k[1], EXPAND(data, 1)); |
|
150 |
- ROUND(G, H, A, B, C, D, E, F, k[2], EXPAND(data, 2)); |
|
151 |
- ROUND(F, G, H, A, B, C, D, E, k[3], EXPAND(data, 3)); |
|
152 |
- ROUND(E, F, G, H, A, B, C, D, k[4], EXPAND(data, 4)); |
|
153 |
- ROUND(D, E, F, G, H, A, B, C, k[5], EXPAND(data, 5)); |
|
154 |
- ROUND(C, D, E, F, G, H, A, B, k[6], EXPAND(data, 6)); |
|
155 |
- ROUND(B, C, D, E, F, G, H, A, k[7], EXPAND(data, 7)); |
|
156 |
- ROUND(A, B, C, D, E, F, G, H, k[8], EXPAND(data, 8)); |
|
157 |
- ROUND(H, A, B, C, D, E, F, G, k[9], EXPAND(data, 9)); |
|
158 |
- ROUND(G, H, A, B, C, D, E, F, k[10], EXPAND(data, 10)); |
|
159 |
- ROUND(F, G, H, A, B, C, D, E, k[11], EXPAND(data, 11)); |
|
160 |
- ROUND(E, F, G, H, A, B, C, D, k[12], EXPAND(data, 12)); |
|
161 |
- ROUND(D, E, F, G, H, A, B, C, k[13], EXPAND(data, 13)); |
|
162 |
- ROUND(C, D, E, F, G, H, A, B, k[14], EXPAND(data, 14)); |
|
163 |
- ROUND(B, C, D, E, F, G, H, A, k[15], EXPAND(data, 15)); |
|
164 |
- } |
|
165 |
- |
|
166 |
- /* Update state */ |
|
167 |
- state[0] += A; |
|
168 |
- state[1] += B; |
|
169 |
- state[2] += C; |
|
170 |
- state[3] += D; |
|
171 |
- state[4] += E; |
|
172 |
- state[5] += F; |
|
173 |
- state[6] += G; |
|
174 |
- state[7] += H; |
|
175 |
-} |
|
176 |
- |
|
177 |
-static void sha256_block(struct sha256_ctx *ctx, const unsigned char *block) |
|
178 |
-{ |
|
179 |
- uint32_t data[SHA256_DATA_LENGTH]; |
|
180 |
- uint16_t i; |
|
181 |
- |
|
182 |
- /* Update block count */ |
|
183 |
- if (!++ctx->count_low) |
|
184 |
- ++ctx->count_high; |
|
185 |
- |
|
186 |
- /* Endian independent conversion */ |
|
187 |
- for (i = 0; i < SHA256_DATA_LENGTH; i++, block += 4) |
|
188 |
- data[i] = STRING2INT(block); |
|
189 |
- |
|
190 |
- sha256_transform(ctx->state, data); |
|
191 |
-} |
|
192 |
- |
|
193 |
-void |
|
194 |
-sha256_update(struct sha256_ctx *ctx, const unsigned char *buffer, uint32_t length) |
|
195 |
-{ |
|
196 |
- uint32_t left; |
|
197 |
- |
|
198 |
- if (ctx->index) { /* Try to fill partial block */ |
|
199 |
- left = SHA256_DATA_SIZE - ctx->index; |
|
200 |
- if (length < left) { |
|
201 |
- memcpy(ctx->block + ctx->index, buffer, length); |
|
202 |
- ctx->index += length; |
|
203 |
- return; /* Finished */ |
|
204 |
- } else { |
|
205 |
- memcpy(ctx->block + ctx->index, buffer, left); |
|
206 |
- sha256_block(ctx, ctx->block); |
|
207 |
- buffer += left; |
|
208 |
- length -= left; |
|
209 |
- } |
|
210 |
- } |
|
211 |
- while (length >= SHA256_DATA_SIZE) { |
|
212 |
- sha256_block(ctx, buffer); |
|
213 |
- buffer += SHA256_DATA_SIZE; |
|
214 |
- length -= SHA256_DATA_SIZE; |
|
215 |
- } |
|
216 |
- /* Buffer leftovers */ |
|
217 |
- /* NOTE: The corresponding sha1 code checks for the special case length == 0. |
|
218 |
- * That seems supoptimal, as I suspect it increases the number of branches. */ |
|
219 |
- |
|
220 |
- memcpy(ctx->block, buffer, length); |
|
221 |
- ctx->index = length; |
|
222 |
-} |
|
223 |
- |
|
224 |
-/* Final wrapup - pad to SHA1_DATA_SIZE-byte boundary with the bit pattern |
|
225 |
- 1 0* (64-bit count of bits processed, MSB-first) */ |
|
226 |
- |
|
227 |
-void sha256_final(struct sha256_ctx *ctx) |
|
228 |
-{ |
|
229 |
- uint32_t data[SHA256_DATA_LENGTH]; |
|
230 |
- uint32_t i; |
|
231 |
- uint32_t words; |
|
232 |
- |
|
233 |
- i = ctx->index; |
|
234 |
- |
|
235 |
- /* Set the first char of padding to 0x80. This is safe since there is |
|
236 |
- always at least one byte free */ |
|
237 |
- |
|
238 |
-/* assert(i < SHA256_DATA_SIZE); |
|
239 |
- */ |
|
240 |
- ctx->block[i++] = 0x80; |
|
241 |
- |
|
242 |
- /* Fill rest of word */ |
|
243 |
- for (; i & 3; i++) |
|
244 |
- ctx->block[i] = 0; |
|
245 |
- |
|
246 |
- /* i is now a multiple of the word size 4 */ |
|
247 |
- words = i >> 2; |
|
248 |
- for (i = 0; i < words; i++) |
|
249 |
- data[i] = STRING2INT(ctx->block + 4 * i); |
|
250 |
- |
|
251 |
- if (words > (SHA256_DATA_LENGTH - 2)) { /* No room for length in this block. Process it and |
|
252 |
- * pad with another one */ |
|
253 |
- for (i = words; i < SHA256_DATA_LENGTH; i++) |
|
254 |
- data[i] = 0; |
|
255 |
- sha256_transform(ctx->state, data); |
|
256 |
- for (i = 0; i < (SHA256_DATA_LENGTH - 2); i++) |
|
257 |
- data[i] = 0; |
|
258 |
- } else |
|
259 |
- for (i = words; i < SHA256_DATA_LENGTH - 2; i++) |
|
260 |
- data[i] = 0; |
|
261 |
- |
|
262 |
- /* There are 512 = 2^9 bits in one block */ |
|
263 |
- data[SHA256_DATA_LENGTH - 2] = |
|
264 |
- (ctx->count_high << 9) | (ctx->count_low >> 23); |
|
265 |
- data[SHA256_DATA_LENGTH - 1] = |
|
266 |
- (ctx->count_low << 9) | (ctx->index << 3); |
|
267 |
- sha256_transform(ctx->state, data); |
|
268 |
-} |
|
269 |
- |
|
270 |
-void sha256_digest(const struct sha256_ctx *ctx, unsigned char *s) |
|
271 |
-{ |
|
272 |
- uint32_t i; |
|
273 |
- |
|
274 |
- if (s!=NULL) |
|
275 |
- for (i = 0; i < _SHA256_DIGEST_LENGTH; i++) { |
|
276 |
- *s++ = ctx->state[i] >> 24; |
|
277 |
- *s++ = 0xff & (ctx->state[i] >> 16); |
|
278 |
- *s++ = 0xff & (ctx->state[i] >> 8); |
|
279 |
- *s++ = 0xff & ctx->state[i]; |
|
280 |
- } |
|
281 |
-} |
282 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,51 +0,0 @@ |
1 |
-/* |
|
2 |
- * Copyright (C) 2001 Niels Moller |
|
3 |
- * |
|
4 |
- * The nettle library is free software; you can redistribute it and/or modify |
|
5 |
- * it under the terms of the GNU Lesser General Public License as published by |
|
6 |
- * the Free Software Foundation; either version 2.1 of the License, or (at your |
|
7 |
- * option) any later version. |
|
8 |
- * |
|
9 |
- * The nettle library is distributed in the hope that it will be useful, but |
|
10 |
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY |
|
11 |
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public |
|
12 |
- * License for more details. |
|
13 |
- * |
|
14 |
- * You should have received a copy of the GNU Lesser General Public License |
|
15 |
- * along with the nettle library; see the file COPYING.LIB. If not, write to |
|
16 |
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, |
|
17 |
- * MA 02111-1307, USA. |
|
18 |
- */ |
|
19 |
- |
|
20 |
-#ifndef __SHA256_H |
|
21 |
-#define __SHA256_H |
|
22 |
- |
|
23 |
-#include "cltypes.h" |
|
24 |
- |
|
25 |
-#define SHA256_DIGEST_SIZE 32 |
|
26 |
-#define SHA256_DATA_SIZE 64 |
|
27 |
- |
|
28 |
-/* Digest is kept internally as 8 32-bit words. */ |
|
29 |
-#define _SHA256_DIGEST_LENGTH 8 |
|
30 |
- |
|
31 |
-typedef struct sha256_ctx |
|
32 |
-{ |
|
33 |
- uint32_t state[_SHA256_DIGEST_LENGTH]; /* State variables */ |
|
34 |
- uint32_t count_low, count_high; /* 64-bit block count */ |
|
35 |
- unsigned char block[SHA256_DATA_SIZE]; /* SHA256 data buffer */ |
|
36 |
- uint32_t index; /* index into buffer */ |
|
37 |
-} SHA256_CTX; |
|
38 |
- |
|
39 |
-void |
|
40 |
-sha256_init(struct sha256_ctx *ctx); |
|
41 |
- |
|
42 |
-void |
|
43 |
-sha256_update(struct sha256_ctx *ctx, const unsigned char *data, uint32_t length); |
|
44 |
- |
|
45 |
-void |
|
46 |
-sha256_final(struct sha256_ctx *ctx); |
|
47 |
- |
|
48 |
-void |
|
49 |
-sha256_digest(const struct sha256_ctx *ctx, unsigned char *digest); |
|
50 |
- |
|
51 |
-#endif |
... | ... |
@@ -27,7 +27,6 @@ sigtool_SOURCES = \ |
27 | 27 |
$(top_srcdir)/shared/optparser.h \ |
28 | 28 |
$(top_srcdir)/shared/misc.c \ |
29 | 29 |
$(top_srcdir)/shared/misc.h \ |
30 |
- $(top_srcdir)/shared/sha256.c \ |
|
31 | 30 |
$(top_srcdir)/shared/cdiff.c \ |
32 | 31 |
$(top_srcdir)/shared/cdiff.h \ |
33 | 32 |
$(top_srcdir)/shared/tar.c \ |
... | ... |
@@ -72,8 +72,8 @@ am__installdirs = "$(DESTDIR)$(bindir)" |
72 | 72 |
binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) |
73 | 73 |
PROGRAMS = $(bin_PROGRAMS) |
74 | 74 |
am_sigtool_OBJECTS = output.$(OBJEXT) getopt.$(OBJEXT) \ |
75 |
- optparser.$(OBJEXT) misc.$(OBJEXT) sha256.$(OBJEXT) \ |
|
76 |
- cdiff.$(OBJEXT) tar.$(OBJEXT) vba.$(OBJEXT) sigtool.$(OBJEXT) |
|
75 |
+ optparser.$(OBJEXT) misc.$(OBJEXT) cdiff.$(OBJEXT) \ |
|
76 |
+ tar.$(OBJEXT) vba.$(OBJEXT) sigtool.$(OBJEXT) |
|
77 | 77 |
sigtool_OBJECTS = $(am_sigtool_OBJECTS) |
78 | 78 |
sigtool_LDADD = $(LDADD) |
79 | 79 |
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) |
... | ... |
@@ -254,7 +254,6 @@ sigtool_SOURCES = \ |
254 | 254 |
$(top_srcdir)/shared/optparser.h \ |
255 | 255 |
$(top_srcdir)/shared/misc.c \ |
256 | 256 |
$(top_srcdir)/shared/misc.h \ |
257 |
- $(top_srcdir)/shared/sha256.c \ |
|
258 | 257 |
$(top_srcdir)/shared/cdiff.c \ |
259 | 258 |
$(top_srcdir)/shared/cdiff.h \ |
260 | 259 |
$(top_srcdir)/shared/tar.c \ |
... | ... |
@@ -357,7 +356,6 @@ distclean-compile: |
357 | 357 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/misc.Po@am__quote@ |
358 | 358 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/optparser.Po@am__quote@ |
359 | 359 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/output.Po@am__quote@ |
360 |
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha256.Po@am__quote@ |
|
361 | 360 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sigtool.Po@am__quote@ |
362 | 361 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tar.Po@am__quote@ |
363 | 362 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vba.Po@am__quote@ |
... | ... |
@@ -439,20 +437,6 @@ misc.obj: $(top_srcdir)/shared/misc.c |
439 | 439 |
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
440 | 440 |
@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o misc.obj `if test -f '$(top_srcdir)/shared/misc.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/misc.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/misc.c'; fi` |
441 | 441 |
|
442 |
-sha256.o: $(top_srcdir)/shared/sha256.c |
|
443 |
-@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha256.o -MD -MP -MF $(DEPDIR)/sha256.Tpo -c -o sha256.o `test -f '$(top_srcdir)/shared/sha256.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/sha256.c |
|
444 |
-@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sha256.Tpo $(DEPDIR)/sha256.Po |
|
445 |
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$(top_srcdir)/shared/sha256.c' object='sha256.o' libtool=no @AMDEPBACKSLASH@ |
|
446 |
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
|
447 |
-@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha256.o `test -f '$(top_srcdir)/shared/sha256.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/sha256.c |
|
448 |
- |
|
449 |
-sha256.obj: $(top_srcdir)/shared/sha256.c |
|
450 |
-@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha256.obj -MD -MP -MF $(DEPDIR)/sha256.Tpo -c -o sha256.obj `if test -f '$(top_srcdir)/shared/sha256.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/sha256.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/sha256.c'; fi` |
|
451 |
-@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sha256.Tpo $(DEPDIR)/sha256.Po |
|
452 |
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$(top_srcdir)/shared/sha256.c' object='sha256.obj' libtool=no @AMDEPBACKSLASH@ |
|
453 |
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
|
454 |
-@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha256.obj `if test -f '$(top_srcdir)/shared/sha256.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/sha256.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/sha256.c'; fi` |
|
455 |
- |
|
456 | 442 |
cdiff.o: $(top_srcdir)/shared/cdiff.c |
457 | 443 |
@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cdiff.o -MD -MP -MF $(DEPDIR)/cdiff.Tpo -c -o cdiff.o `test -f '$(top_srcdir)/shared/cdiff.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/cdiff.c |
458 | 444 |
@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/cdiff.Tpo $(DEPDIR)/cdiff.Po |
... | ... |
@@ -51,7 +51,7 @@ |
51 | 51 |
#include "shared/optparser.h" |
52 | 52 |
#include "shared/misc.h" |
53 | 53 |
#include "shared/cdiff.h" |
54 |
-#include "shared/sha256.h" |
|
54 |
+#include "libclamav/sha256.h" |
|
55 | 55 |
#include "shared/tar.h" |
56 | 56 |
|
57 | 57 |
#include "libclamav/clamav.h" |
... | ... |
@@ -507,8 +507,7 @@ static int script2cdiff(const char *script, const char *builder, const struct op |
507 | 507 |
sha256_update(&ctx, (unsigned char *) buffer, bytes); |
508 | 508 |
|
509 | 509 |
fclose(cdiffh); |
510 |
- sha256_final(&ctx); |
|
511 |
- sha256_digest(&ctx, digest); |
|
510 |
+ sha256_final(&ctx, digest); |
|
512 | 511 |
|
513 | 512 |
if(!(pt = getdsig(optget(opts, "server")->strarg, builder, digest, 32, 1))) { |
514 | 513 |
mprintf("!script2cdiff: Can't get digital signature from remote server\n"); |
... | ... |
@@ -14,6 +14,7 @@ |
14 | 14 |
#include "../libclamav/matcher.h" |
15 | 15 |
#include "../libclamav/version.h" |
16 | 16 |
#include "../libclamav/dsig.h" |
17 |
+#include "../libclamav/sha256.h" |
|
17 | 18 |
#include "checks.h" |
18 | 19 |
|
19 | 20 |
/* extern void cl_free(struct cl_engine *engine); */ |
... | ... |
@@ -327,6 +328,76 @@ START_TEST (test_cli_dsig) |
327 | 327 |
} |
328 | 328 |
END_TEST |
329 | 329 |
|
330 |
+static uint8_t tv1[3] = { |
|
331 |
+ 0x61, 0x62, 0x63 |
|
332 |
+}; |
|
333 |
+ |
|
334 |
+static uint8_t tv2[56] = { |
|
335 |
+ 0x61, 0x62, 0x63, 0x64, 0x62, 0x63, 0x64, 0x65, |
|
336 |
+ 0x63, 0x64, 0x65, 0x66, 0x64, 0x65, 0x66, 0x67, |
|
337 |
+ 0x65, 0x66, 0x67, 0x68, 0x66, 0x67, 0x68, 0x69, |
|
338 |
+ 0x67, 0x68, 0x69, 0x6a, 0x68, 0x69, 0x6a, 0x6b, |
|
339 |
+ 0x69, 0x6a, 0x6b, 0x6c, 0x6a, 0x6b, 0x6c, 0x6d, |
|
340 |
+ 0x6b, 0x6c, 0x6d, 0x6e, 0x6c, 0x6d, 0x6e, 0x6f, |
|
341 |
+ 0x6d, 0x6e, 0x6f, 0x70, 0x6e, 0x6f, 0x70, 0x71 |
|
342 |
+}; |
|
343 |
+ |
|
344 |
+static uint8_t tv3[112] = { |
|
345 |
+ 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, |
|
346 |
+ 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, |
|
347 |
+ 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, |
|
348 |
+ 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, |
|
349 |
+ 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, |
|
350 |
+ 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, |
|
351 |
+ 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, |
|
352 |
+ 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, |
|
353 |
+ 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, |
|
354 |
+ 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, |
|
355 |
+ 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, |
|
356 |
+ 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, |
|
357 |
+ 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, |
|
358 |
+ 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75 |
|
359 |
+}; |
|
360 |
+ |
|
361 |
+static uint8_t res256[3][SHA256_HASH_SIZE] = { |
|
362 |
+ { 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, |
|
363 |
+ 0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, |
|
364 |
+ 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad }, |
|
365 |
+ { 0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8, 0xe5, 0xc0, 0x26, 0x93, |
|
366 |
+ 0x0c, 0x3e, 0x60, 0x39, 0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67, |
|
367 |
+ 0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1 }, |
|
368 |
+ { 0xcd, 0xc7, 0x6e, 0x5c, 0x99, 0x14, 0xfb, 0x92, 0x81, 0xa1, 0xc7, 0xe2, |
|
369 |
+ 0x84, 0xd7, 0x3e, 0x67, 0xf1, 0x80, 0x9a, 0x48, 0xa4, 0x97, 0x20, 0x0e, |
|
370 |
+ 0x04, 0x6d, 0x39, 0xcc, 0xc7, 0x11, 0x2c, 0xd0 } |
|
371 |
+}; |
|
372 |
+ |
|
373 |
+START_TEST (test_sha256) |
|
374 |
+{ |
|
375 |
+ SHA256_CTX sha256; |
|
376 |
+ uint8_t hsha256[SHA256_HASH_SIZE]; |
|
377 |
+ uint8_t buf[1000]; |
|
378 |
+ int i; |
|
379 |
+ |
|
380 |
+ memset (buf, 0x61, sizeof (buf)); |
|
381 |
+ |
|
382 |
+ sha256_init (&sha256); |
|
383 |
+ sha256_update (&sha256, tv1, sizeof (tv1)); |
|
384 |
+ sha256_final (&sha256, hsha256); |
|
385 |
+ fail_unless(!memcmp (hsha256, res256[0], sizeof (hsha256)), "sha256 test vector #1 failed"); |
|
386 |
+ |
|
387 |
+ sha256_init (&sha256); |
|
388 |
+ sha256_update (&sha256, tv2, sizeof (tv2)); |
|
389 |
+ sha256_final (&sha256, hsha256); |
|
390 |
+ fail_unless(!memcmp (hsha256, res256[1], sizeof (hsha256)), "sha256 test vector #2 failed"); |
|
391 |
+ |
|
392 |
+ sha256_init (&sha256); |
|
393 |
+ for (i = 0; i < 1000; i++) |
|
394 |
+ sha256_update (&sha256, buf, sizeof (buf)); |
|
395 |
+ sha256_final (&sha256, hsha256); |
|
396 |
+ fail_unless(!memcmp (hsha256, res256[2], sizeof (hsha256)), "sha256 test vector #3 failed"); |
|
397 |
+} |
|
398 |
+END_TEST |
|
399 |
+ |
|
330 | 400 |
static Suite *test_cli_suite(void) |
331 | 401 |
{ |
332 | 402 |
Suite *s = suite_create("cli"); |
... | ... |
@@ -341,6 +412,7 @@ static Suite *test_cli_suite(void) |
341 | 341 |
|
342 | 342 |
suite_add_tcase (s, tc_cli_dsig); |
343 | 343 |
tcase_add_loop_test(tc_cli_dsig, test_cli_dsig, 0, dsig_tests_cnt); |
344 |
+ tcase_add_test(tc_cli_dsig, test_sha256); |
|
344 | 345 |
|
345 | 346 |
return s; |
346 | 347 |
} |
... | ... |
@@ -416,6 +416,41 @@ START_TEST (phishingScan_test) |
416 | 416 |
END_TEST |
417 | 417 |
#endif |
418 | 418 |
|
419 |
+static struct uc { |
|
420 |
+ const char *in; |
|
421 |
+ const char *host; |
|
422 |
+ const char *path; |
|
423 |
+} uc[] = { |
|
424 |
+ {":example/%25%32%35", "example/", "%25"}, |
|
425 |
+ {":example/%25%32%35%25%32%35", "example/", "%25%25"}, |
|
426 |
+ {":example/abc%25%32%35asd", "example/", "abc%25asd"}, |
|
427 |
+ {":www.example.com/","www.example.com/",""}, |
|
428 |
+ {":%31%32%37%2e%30%2e%30%2e%31/%2E%73%65%63%75%72%65/%77%77%77%2e%65%78%61%6d%70%6c%65%2e%63%6f%6d/", |
|
429 |
+ "127.0.0.1/",".secure/www.example.com/"}, |
|
430 |
+ {":127.0.0.1/uploads/%20%20%20%20/.verify/.blah=abcd-ef=gh/", |
|
431 |
+ "127.0.0.1/","uploads/%20%20%20%20/.verify/.blah=abcd-ef=gh/"}, |
|
432 |
+ {"http://example%23.com/%61%40%62%252B", |
|
433 |
+ "example%23.com/", "a@b+"}, |
|
434 |
+ {"http://example.com/blah/..","example.com/",""}, |
|
435 |
+ {"http://example.com/blah/../x","example.com/","x"}, |
|
436 |
+ {"http://example.com/./a","example.com/","a"} |
|
437 |
+ |
|
438 |
+}; |
|
439 |
+ |
|
440 |
+START_TEST (test_url_canon) |
|
441 |
+{ |
|
442 |
+ char urlbuff[1024+3]; |
|
443 |
+ char *host = NULL, *path = NULL; |
|
444 |
+ size_t host_len, path_len; |
|
445 |
+ struct uc *u = &uc[_i]; |
|
446 |
+ |
|
447 |
+ cli_url_canon(u->in, strlen(u->in), urlbuff, sizeof(urlbuff), &host, &host_len, &path, &path_len); |
|
448 |
+ fail_unless(!!host && !!path, "null results\n"); |
|
449 |
+ fail_unless_fmt(!strcmp(u->host, host), "host incorrect: %s\n", host); |
|
450 |
+ fail_unless_fmt(!strcmp(u->path, path), "path incorrect: %s\n", path); |
|
451 |
+} |
|
452 |
+END_TEST |
|
453 |
+ |
|
419 | 454 |
START_TEST(phishing_fake_test) |
420 | 455 |
{ |
421 | 456 |
char buf[4096]; |
... | ... |
@@ -464,7 +499,6 @@ Suite *test_regex_suite(void) |
464 | 464 |
#endif |
465 | 465 |
tcase_add_test(tc_phish, phishing_fake_test); |
466 | 466 |
|
467 |
- |
|
468 | 467 |
tc_phish2 = tcase_create("phishingScan with 2 dbs"); |
469 | 468 |
suite_add_tcase(s, tc_phish2); |
470 | 469 |
tcase_add_unchecked_fixture(tc_phish2, psetup2, pteardown); |
... | ... |
@@ -472,6 +506,7 @@ Suite *test_regex_suite(void) |
472 | 472 |
tcase_add_loop_test(tc_phish2, phishingScan_test, 0, sizeof(rtests)/sizeof(rtests[0])); |
473 | 473 |
#endif |
474 | 474 |
tcase_add_test(tc_phish2, phishing_fake_test); |
475 |
+ tcase_add_loop_test(tc_phish, test_url_canon, 0, sizeof(uc)/sizeof(uc[0])); |
|
475 | 476 |
|
476 | 477 |
return s; |
477 | 478 |
} |