git-svn: trunk@3305
Tomasz Kojm authored on 2007/10/19 04:49:28... | ... |
@@ -72,9 +72,9 @@ binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) |
72 | 72 |
PROGRAMS = $(bin_PROGRAMS) |
73 | 73 |
am_freshclam_OBJECTS = output.$(OBJEXT) cfgparser.$(OBJEXT) \ |
74 | 74 |
getopt.$(OBJEXT) misc.$(OBJEXT) options.$(OBJEXT) \ |
75 |
- cdiff.$(OBJEXT) freshclam.$(OBJEXT) manager.$(OBJEXT) \ |
|
76 |
- notify.$(OBJEXT) dns.$(OBJEXT) execute.$(OBJEXT) \ |
|
77 |
- nonblock.$(OBJEXT) mirman.$(OBJEXT) |
|
75 |
+ sha256.$(OBJEXT) cdiff.$(OBJEXT) freshclam.$(OBJEXT) \ |
|
76 |
+ manager.$(OBJEXT) notify.$(OBJEXT) dns.$(OBJEXT) \ |
|
77 |
+ execute.$(OBJEXT) nonblock.$(OBJEXT) mirman.$(OBJEXT) |
|
78 | 78 |
freshclam_OBJECTS = $(am_freshclam_OBJECTS) |
79 | 79 |
freshclam_LDADD = $(LDADD) |
80 | 80 |
DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) |
... | ... |
@@ -230,6 +230,7 @@ freshclam_SOURCES = \ |
230 | 230 |
$(top_srcdir)/shared/misc.h \ |
231 | 231 |
$(top_srcdir)/shared/options.c \ |
232 | 232 |
$(top_srcdir)/shared/options.h \ |
233 |
+ $(top_srcdir)/shared/sha256.c \ |
|
233 | 234 |
$(top_srcdir)/shared/cdiff.c \ |
234 | 235 |
$(top_srcdir)/shared/cdiff.h \ |
235 | 236 |
freshclam.c \ |
... | ... |
@@ -331,6 +332,7 @@ distclean-compile: |
331 | 331 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/notify.Po@am__quote@ |
332 | 332 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/options.Po@am__quote@ |
333 | 333 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/output.Po@am__quote@ |
334 |
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha256.Po@am__quote@ |
|
334 | 335 |
|
335 | 336 |
.c.o: |
336 | 337 |
@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \ |
... | ... |
@@ -423,6 +425,20 @@ options.obj: $(top_srcdir)/shared/options.c |
423 | 423 |
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
424 | 424 |
@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o options.obj `if test -f '$(top_srcdir)/shared/options.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/options.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/options.c'; fi` |
425 | 425 |
|
426 |
+sha256.o: $(top_srcdir)/shared/sha256.c |
|
427 |
+@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha256.o -MD -MP -MF "$(DEPDIR)/sha256.Tpo" -c -o sha256.o `test -f '$(top_srcdir)/shared/sha256.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/sha256.c; \ |
|
428 |
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/sha256.Tpo" "$(DEPDIR)/sha256.Po"; else rm -f "$(DEPDIR)/sha256.Tpo"; exit 1; fi |
|
429 |
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$(top_srcdir)/shared/sha256.c' object='sha256.o' libtool=no @AMDEPBACKSLASH@ |
|
430 |
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
|
431 |
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha256.o `test -f '$(top_srcdir)/shared/sha256.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/sha256.c |
|
432 |
+ |
|
433 |
+sha256.obj: $(top_srcdir)/shared/sha256.c |
|
434 |
+@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha256.obj -MD -MP -MF "$(DEPDIR)/sha256.Tpo" -c -o sha256.obj `if test -f '$(top_srcdir)/shared/sha256.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/sha256.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/sha256.c'; fi`; \ |
|
435 |
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/sha256.Tpo" "$(DEPDIR)/sha256.Po"; else rm -f "$(DEPDIR)/sha256.Tpo"; exit 1; fi |
|
436 |
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$(top_srcdir)/shared/sha256.c' object='sha256.obj' libtool=no @AMDEPBACKSLASH@ |
|
437 |
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
|
438 |
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha256.obj `if test -f '$(top_srcdir)/shared/sha256.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/sha256.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/sha256.c'; fi` |
|
439 |
+ |
|
426 | 440 |
cdiff.o: $(top_srcdir)/shared/cdiff.c |
427 | 441 |
@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cdiff.o -MD -MP -MF "$(DEPDIR)/cdiff.Tpo" -c -o cdiff.o `test -f '$(top_srcdir)/shared/cdiff.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/cdiff.c; \ |
428 | 442 |
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/cdiff.Tpo" "$(DEPDIR)/cdiff.Po"; else rm -f "$(DEPDIR)/cdiff.Tpo"; exit 1; fi |
... | ... |
@@ -89,8 +89,7 @@ am_libclamav_la_OBJECTS = matcher-ac.lo matcher-bm.lo matcher.lo \ |
89 | 89 |
LZMADecode.lo bzlib.lo infblock.lo nulsft.lo pdf.lo spin.lo \ |
90 | 90 |
yc.lo elf.lo sis.lo uuencode.lo pst.lo phishcheck.lo \ |
91 | 91 |
phish_domaincheck_db.lo phish_whitelist.lo regex_list.lo \ |
92 |
- sha256.lo mspack.lo cab.lo entconv.lo hashtab.lo dconf.lo \ |
|
93 |
- lockdb.lo |
|
92 |
+ mspack.lo cab.lo entconv.lo hashtab.lo dconf.lo lockdb.lo |
|
94 | 93 |
libclamav_la_OBJECTS = $(am_libclamav_la_OBJECTS) |
95 | 94 |
DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) |
96 | 95 |
depcomp = $(SHELL) $(top_srcdir)/depcomp |
... | ... |
@@ -149,6 +148,7 @@ F77 = @F77@ |
149 | 149 |
FFLAGS = @FFLAGS@ |
150 | 150 |
FRESHCLAM_LIBS = @FRESHCLAM_LIBS@ |
151 | 151 |
GETENT = @GETENT@ |
152 |
+GREP = @GREP@ |
|
152 | 153 |
HAVE_MILTER_FALSE = @HAVE_MILTER_FALSE@ |
153 | 154 |
HAVE_MILTER_TRUE = @HAVE_MILTER_TRUE@ |
154 | 155 |
INSTALL_DATA = @INSTALL_DATA@ |
... | ... |
@@ -183,12 +183,9 @@ STRIP = @STRIP@ |
183 | 183 |
THREAD_LIBS = @THREAD_LIBS@ |
184 | 184 |
TH_SAFE = @TH_SAFE@ |
185 | 185 |
VERSION = @VERSION@ |
186 |
-ac_ct_AR = @ac_ct_AR@ |
|
187 | 186 |
ac_ct_CC = @ac_ct_CC@ |
188 | 187 |
ac_ct_CXX = @ac_ct_CXX@ |
189 | 188 |
ac_ct_F77 = @ac_ct_F77@ |
190 |
-ac_ct_RANLIB = @ac_ct_RANLIB@ |
|
191 |
-ac_ct_STRIP = @ac_ct_STRIP@ |
|
192 | 189 |
am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ |
193 | 190 |
am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ |
194 | 191 |
am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@ |
... | ... |
@@ -205,23 +202,30 @@ build_cpu = @build_cpu@ |
205 | 205 |
build_os = @build_os@ |
206 | 206 |
build_vendor = @build_vendor@ |
207 | 207 |
datadir = @datadir@ |
208 |
+datarootdir = @datarootdir@ |
|
209 |
+docdir = @docdir@ |
|
210 |
+dvidir = @dvidir@ |
|
208 | 211 |
exec_prefix = @exec_prefix@ |
209 | 212 |
host = @host@ |
210 | 213 |
host_alias = @host_alias@ |
211 | 214 |
host_cpu = @host_cpu@ |
212 | 215 |
host_os = @host_os@ |
213 | 216 |
host_vendor = @host_vendor@ |
217 |
+htmldir = @htmldir@ |
|
214 | 218 |
includedir = @includedir@ |
215 | 219 |
infodir = @infodir@ |
216 | 220 |
install_sh = @install_sh@ |
217 | 221 |
libdir = @libdir@ |
218 | 222 |
libexecdir = @libexecdir@ |
223 |
+localedir = @localedir@ |
|
219 | 224 |
localstatedir = @localstatedir@ |
220 | 225 |
mandir = @mandir@ |
221 | 226 |
mkdir_p = @mkdir_p@ |
222 | 227 |
oldincludedir = @oldincludedir@ |
228 |
+pdfdir = @pdfdir@ |
|
223 | 229 |
prefix = @prefix@ |
224 | 230 |
program_transform_name = @program_transform_name@ |
231 |
+psdir = @psdir@ |
|
225 | 232 |
sbindir = @sbindir@ |
226 | 233 |
sendmailprog = @sendmailprog@ |
227 | 234 |
sharedstatedir = @sharedstatedir@ |
... | ... |
@@ -373,8 +377,6 @@ libclamav_la_SOURCES = \ |
373 | 373 |
iana_tld.h \ |
374 | 374 |
regex_list.c \ |
375 | 375 |
regex_list.h \ |
376 |
- sha256.c \ |
|
377 |
- sha256.h \ |
|
378 | 376 |
mspack.c \ |
379 | 377 |
mspack.h \ |
380 | 378 |
cab.c \ |
... | ... |
@@ -510,7 +512,6 @@ distclean-compile: |
510 | 510 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/regfree.Plo@am__quote@ |
511 | 511 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rtf.Plo@am__quote@ |
512 | 512 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scanners.Plo@am__quote@ |
513 |
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha256.Plo@am__quote@ |
|
514 | 513 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sis.Plo@am__quote@ |
515 | 514 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/snprintf.Plo@am__quote@ |
516 | 515 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/special.Plo@am__quote@ |
... | ... |
@@ -1,7 +1,5 @@ |
1 | 1 |
/* |
2 | 2 |
* Copyright (C) 2003 - 2006 Tomasz Kojm <tkojm@clamav.net> |
3 |
- * RSASSA-PSS code (C) Sensory Networks, Inc. |
|
4 |
- * Written by Tomasz Kojm |
|
5 | 3 |
* |
6 | 4 |
* Number encoding rutines are based on yyyRSA by Erik Thiele |
7 | 5 |
* |
... | ... |
@@ -36,23 +34,14 @@ |
36 | 36 |
#include "others.h" |
37 | 37 |
#include "dsig.h" |
38 | 38 |
#include "str.h" |
39 |
-#include "sha256.h" |
|
40 | 39 |
|
41 | 40 |
#define CLI_NSTR "118640995551645342603070001658453189751527774412027743746599405743243142607464144767361060640655844749760788890022283424922762488917565551002467771109669598189410434699034532232228621591089508178591428456220796841621637175567590476666928698770143328137383952820383197532047771780196576957695822641224262693037" |
42 | 41 |
|
43 | 42 |
#define CLI_ESTR "100001027" |
44 | 43 |
|
45 |
-#define CLI_NSTRPSS "14783905874077467090262228516557917570254599638376203532031989214105552847269687489771975792123442185817287694951949800908791527542017115600501303394778618535864845235700041590056318230102449612217458549016089313306591388590790796515819654102320725712300822356348724011232654837503241736177907784198700834440681124727060540035754699658105895050096576226753008596881698828185652424901921668758326578462003247906470982092298106789657211905488986281078346361469524484829559560886227198091995498440676639639830463593211386055065360288422394053998134458623712540683294034953818412458362198117811990006021989844180721010947" |
|
46 |
- |
|
47 |
-#define CLI_ESTRPSS "100002053" |
|
48 |
- |
|
49 |
-#define PSS_NBITS 2048 |
|
50 |
-#define PSS_DIGEST_LENGTH 32 |
|
51 |
- |
|
52 |
- |
|
53 |
-static char cli_ndecode(char value) |
|
44 |
+static unsigned char cli_ndecode(unsigned char value) |
|
54 | 45 |
{ |
55 |
- int i; |
|
46 |
+ unsigned int i; |
|
56 | 47 |
char ncodec[] = { |
57 | 48 |
'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', |
58 | 49 |
'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', |
... | ... |
@@ -73,17 +62,17 @@ static char cli_ndecode(char value) |
73 | 73 |
return -1; |
74 | 74 |
} |
75 | 75 |
|
76 |
-static unsigned char *cli_decodesig(const char *sig, int plainlen, mpz_t e, mpz_t n) |
|
76 |
+unsigned char *cli_decodesig(const char *sig, unsigned int plen, mpz_t e, mpz_t n) |
|
77 | 77 |
{ |
78 |
- int i, siglen = strlen(sig), dec; |
|
79 |
- unsigned char *decoded; |
|
78 |
+ unsigned int i, slen = strlen(sig), dec; |
|
79 |
+ unsigned char *plain; |
|
80 | 80 |
mpz_t r, p, c; |
81 | 81 |
|
82 | 82 |
|
83 | 83 |
mpz_init(r); |
84 | 84 |
mpz_init(c); |
85 | 85 |
|
86 |
- for(i = 0; i < siglen; i++) { |
|
86 |
+ for(i = 0; i < slen; i++) { |
|
87 | 87 |
if((dec = cli_ndecode(sig[i])) < 0) { |
88 | 88 |
mpz_clear(r); |
89 | 89 |
mpz_clear(c); |
... | ... |
@@ -95,9 +84,9 @@ static unsigned char *cli_decodesig(const char *sig, int plainlen, mpz_t e, mpz_ |
95 | 95 |
mpz_add(c, c, r); |
96 | 96 |
} |
97 | 97 |
|
98 |
- decoded = (unsigned char *) cli_calloc(plainlen + 1, sizeof(unsigned char)); |
|
99 |
- if(!decoded) { |
|
100 |
- cli_errmsg("cli_decodesig: Can't allocate memory\n"); |
|
98 |
+ plain = (unsigned char *) cli_calloc(plen + 1, sizeof(unsigned char)); |
|
99 |
+ if(!plain) { |
|
100 |
+ cli_errmsg("cli_decodesig: Can't allocate memory for 'plain'\n"); |
|
101 | 101 |
mpz_clear(r); |
102 | 102 |
mpz_clear(c); |
103 | 103 |
return NULL; |
... | ... |
@@ -107,113 +96,15 @@ static unsigned char *cli_decodesig(const char *sig, int plainlen, mpz_t e, mpz_ |
107 | 107 |
mpz_powm(p, c, e, n); /* plain = cipher^e mod n */ |
108 | 108 |
mpz_clear(c); |
109 | 109 |
|
110 |
- for(i = plainlen - 1; i >= 0; i--) { /* reverse */ |
|
110 |
+ for(i = plen - 1; i >= 0; i--) { /* reverse */ |
|
111 | 111 |
mpz_tdiv_qr_ui(p, r, p, 256); |
112 |
- decoded[i] = mpz_get_ui(r); |
|
112 |
+ plain[i] = mpz_get_ui(r); |
|
113 | 113 |
} |
114 | 114 |
|
115 | 115 |
mpz_clear(p); |
116 | 116 |
mpz_clear(r); |
117 | 117 |
|
118 |
- return decoded; |
|
119 |
-} |
|
120 |
-static void cli_mgf(unsigned char *in, unsigned int inlen, unsigned char *out, unsigned int outlen) |
|
121 |
-{ |
|
122 |
- SHA256_CTX ctx; |
|
123 |
- unsigned int i, laps; |
|
124 |
- unsigned char cnt[4], digest[PSS_DIGEST_LENGTH]; |
|
125 |
- |
|
126 |
- |
|
127 |
- laps = (outlen + PSS_DIGEST_LENGTH - 1) / PSS_DIGEST_LENGTH; |
|
128 |
- |
|
129 |
- for(i = 0; i < laps; i++) { |
|
130 |
- cnt[0] = (unsigned char) 0; |
|
131 |
- cnt[1] = (unsigned char) 0; |
|
132 |
- cnt[2] = (unsigned char) (i / 256); |
|
133 |
- cnt[3] = (unsigned char) i; |
|
134 |
- |
|
135 |
- sha256_init(&ctx); |
|
136 |
- sha256_update(&ctx, in, inlen); |
|
137 |
- sha256_update(&ctx, cnt, sizeof(cnt)); |
|
138 |
- sha256_final(&ctx); |
|
139 |
- sha256_digest(&ctx, digest); |
|
140 |
- |
|
141 |
- if(i != laps - 1) |
|
142 |
- memcpy(&out[i * PSS_DIGEST_LENGTH], digest, PSS_DIGEST_LENGTH); |
|
143 |
- else |
|
144 |
- memcpy(&out[i * PSS_DIGEST_LENGTH], digest, outlen - i * PSS_DIGEST_LENGTH); |
|
145 |
- } |
|
146 |
-} |
|
147 |
- |
|
148 |
-int cli_versigpss(const unsigned char *sha256, const char *dsig) |
|
149 |
-{ |
|
150 |
- mpz_t n, e; |
|
151 |
- SHA256_CTX ctx; |
|
152 |
- unsigned char *pt, digest1[PSS_DIGEST_LENGTH], digest2[PSS_DIGEST_LENGTH], *salt; |
|
153 |
- unsigned int plen = PSS_NBITS / 8, hlen, slen, i; |
|
154 |
- unsigned char dblock[PSS_NBITS / 8 - PSS_DIGEST_LENGTH - 1]; |
|
155 |
- unsigned char mblock[PSS_NBITS / 8 - PSS_DIGEST_LENGTH - 1]; |
|
156 |
- unsigned char fblock[8 + 2 * PSS_DIGEST_LENGTH]; |
|
157 |
- |
|
158 |
- |
|
159 |
- hlen = slen = PSS_DIGEST_LENGTH; |
|
160 |
- mpz_init_set_str(n, CLI_NSTRPSS, 10); |
|
161 |
- mpz_init_set_str(e, CLI_ESTRPSS, 10); |
|
162 |
- |
|
163 |
- if(!(pt = cli_decodesig(dsig, plen, e, n))) { |
|
164 |
- mpz_clear(n); |
|
165 |
- mpz_clear(e); |
|
166 |
- return CL_EDSIG; |
|
167 |
- } |
|
168 |
- |
|
169 |
- mpz_clear(n); |
|
170 |
- mpz_clear(e); |
|
171 |
- |
|
172 |
- if(pt[plen - 1] != 0xbc) { |
|
173 |
- cli_dbgmsg("cli_versigpss: Incorrect signature syntax (0xbc)\n"); |
|
174 |
- free(pt); |
|
175 |
- return CL_EDSIG; |
|
176 |
- } |
|
177 |
- |
|
178 |
- memcpy(mblock, pt, plen - hlen - 1); |
|
179 |
- memcpy(digest2, &pt[plen - hlen - 1], hlen); |
|
180 |
- free(pt); |
|
181 |
- |
|
182 |
- cli_mgf(digest2, hlen, dblock, plen - hlen - 1); |
|
183 |
- |
|
184 |
- for(i = 0; i < plen - hlen - 1; i++) |
|
185 |
- dblock[i] ^= mblock[i]; |
|
186 |
- |
|
187 |
- dblock[0] &= (0xff >> 1); |
|
188 |
- |
|
189 |
- salt = memchr(dblock, 0x01, sizeof(dblock)); |
|
190 |
- if(!salt) { |
|
191 |
- cli_dbgmsg("cli_versigpss: Can't find salt\n"); |
|
192 |
- return CL_EDSIG; |
|
193 |
- } |
|
194 |
- salt++; |
|
195 |
- |
|
196 |
- if((unsigned int) (dblock + sizeof(dblock) - salt) != slen) { |
|
197 |
- cli_dbgmsg("cli_versigpss: Bad salt size\n"); |
|
198 |
- return CL_EDSIG; |
|
199 |
- } |
|
200 |
- |
|
201 |
- memset(fblock, 0, 8); |
|
202 |
- memcpy(&fblock[8], sha256, hlen); |
|
203 |
- memcpy(&fblock[8 + hlen], salt, slen); |
|
204 |
- |
|
205 |
- sha256_init(&ctx); |
|
206 |
- sha256_update(&ctx, fblock, sizeof(fblock)); |
|
207 |
- sha256_final(&ctx); |
|
208 |
- sha256_digest(&ctx, digest1); |
|
209 |
- |
|
210 |
- if(memcmp(digest1, digest2, hlen)) { |
|
211 |
- cli_dbgmsg("cli_versigpss: Signature doesn't match.\n"); |
|
212 |
- return CL_EDSIG; |
|
213 |
- } |
|
214 |
- |
|
215 |
- cli_dbgmsg("cli_versigpss: Digital signature is correct.\n"); |
|
216 |
- return CL_SUCCESS; |
|
118 |
+ return plain; |
|
217 | 119 |
} |
218 | 120 |
|
219 | 121 |
int cli_versig(const char *md5, const char *dsig) |
... | ... |
@@ -19,7 +19,15 @@ |
19 | 19 |
#ifndef __DSIG_H |
20 | 20 |
#define __DSIG_H |
21 | 21 |
|
22 |
+#if HAVE_CONFIG_H |
|
23 |
+#include "clamav-config.h" |
|
24 |
+#endif |
|
25 |
+ |
|
26 |
+#ifdef HAVE_GMP |
|
27 |
+#include <gmp.h> |
|
28 |
+ |
|
22 | 29 |
int cli_versig(const char *md5, const char *dsig); |
23 |
-int cli_versigpss(const unsigned char *sha256, const char *dsig); |
|
30 |
+unsigned char *cli_decodesig(const char *sig, unsigned int plen, mpz_t e, mpz_t n); |
|
24 | 31 |
|
32 |
+#endif /* HAVE_GMP */ |
|
25 | 33 |
#endif |
26 | 34 |
deleted file mode 100644 |
... | ... |
@@ -1,281 +0,0 @@ |
1 |
-/* |
|
2 |
- * Copyright (C) 2001 Niels Moller |
|
3 |
- * |
|
4 |
- * This program is free software; you can redistribute it and/or |
|
5 |
- * modify it under the terms of the GNU General Public License as |
|
6 |
- * published by the Free Software Foundation; either version 2 of the |
|
7 |
- * License, or (at your option) any later version. |
|
8 |
- * |
|
9 |
- * The nettle library is distributed in the hope that it will be useful, but |
|
10 |
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY |
|
11 |
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public |
|
12 |
- * License for more details. |
|
13 |
- * |
|
14 |
- * You should have received a copy of the GNU Lesser General Public License |
|
15 |
- * along with the nettle library; see the file COPYING.LIB. If not, write to |
|
16 |
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, |
|
17 |
- * MA 02111-1307, USA. |
|
18 |
- */ |
|
19 |
- |
|
20 |
-/* Modelled after the sha1.c code by Peter Gutmann. */ |
|
21 |
- |
|
22 |
-#include <stdio.h> |
|
23 |
-#include <string.h> |
|
24 |
- |
|
25 |
-#include "cltypes.h" |
|
26 |
-#include "sha256.h" |
|
27 |
- |
|
28 |
-/* A block, treated as a sequence of 32-bit words. */ |
|
29 |
-#define SHA256_DATA_LENGTH 16 |
|
30 |
- |
|
31 |
-#define ROTR(n,x) ((x)>>(n) | ((x)<<(32-(n)))) |
|
32 |
-#define SHR(n,x) ((x)>>(n)) |
|
33 |
- |
|
34 |
-#define Choice(x,y,z) ( (z) ^ ( (x) & ( (y) ^ (z) ) ) ) |
|
35 |
-#define Majority(x,y,z) ( ((x) & (y)) ^ ((z) & ((x) ^ (y))) ) |
|
36 |
- |
|
37 |
-#define S0(x) (ROTR(2,(x)) ^ ROTR(13,(x)) ^ ROTR(22,(x))) |
|
38 |
-#define S1(x) (ROTR(6,(x)) ^ ROTR(11,(x)) ^ ROTR(25,(x))) |
|
39 |
- |
|
40 |
-#define s0(x) (ROTR(7,(x)) ^ ROTR(18,(x)) ^ SHR(3,(x))) |
|
41 |
-#define s1(x) (ROTR(17,(x)) ^ ROTR(19,(x)) ^ SHR(10,(x))) |
|
42 |
- |
|
43 |
-static const uint32_t K[64] = { |
|
44 |
- 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, |
|
45 |
- 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, |
|
46 |
- 0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL, |
|
47 |
- 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL, |
|
48 |
- 0xe49b69c1UL, 0xefbe4786UL, 0xfc19dc6UL, 0x240ca1ccUL, |
|
49 |
- 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, |
|
50 |
- 0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, |
|
51 |
- 0xc6e00bf3UL, 0xd5a79147UL, 0x6ca6351UL, 0x14292967UL, |
|
52 |
- 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL, |
|
53 |
- 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL, |
|
54 |
- 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, |
|
55 |
- 0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, |
|
56 |
- 0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL, |
|
57 |
- 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL, |
|
58 |
- 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL, |
|
59 |
- 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL, |
|
60 |
-}; |
|
61 |
- |
|
62 |
-#define EXPAND(W,i) \ |
|
63 |
-( W[(i) & 15 ] += (s1(W[((i)-2) & 15]) + W[((i)-7) & 15] + s0(W[((i)-15) & 15])) ) |
|
64 |
- |
|
65 |
-#define ROUND(a,b,c,d,e,f,g,h,k,data) do { \ |
|
66 |
- uint32_t T1 = h + S1(e) + Choice(e,f,g) + k + data; \ |
|
67 |
- uint32_t T2 = S0(a) + Majority(a,b,c); \ |
|
68 |
- d += T1; \ |
|
69 |
- h = T1 + T2; \ |
|
70 |
-} while (0) |
|
71 |
- |
|
72 |
-#ifndef EXTRACT_UCHAR |
|
73 |
-#define EXTRACT_UCHAR(p) (*(const unsigned char *)(p)) |
|
74 |
-#endif |
|
75 |
- |
|
76 |
-#define STRING2INT(s) ((((((EXTRACT_UCHAR(s) << 8) \ |
|
77 |
- | EXTRACT_UCHAR(s+1)) << 8) \ |
|
78 |
- | EXTRACT_UCHAR(s+2)) << 8) \ |
|
79 |
- | EXTRACT_UCHAR(s+3)) |
|
80 |
- |
|
81 |
-#ifndef EXTRACT_UCHAR |
|
82 |
-#define EXTRACT_UCHAR(p) (*(const mutils_word8 *)(p)) |
|
83 |
-#endif |
|
84 |
- |
|
85 |
-#define STRING2INT(s) ((((((EXTRACT_UCHAR(s) << 8) \ |
|
86 |
- | EXTRACT_UCHAR(s+1)) << 8) \ |
|
87 |
- | EXTRACT_UCHAR(s+2)) << 8) \ |
|
88 |
- | EXTRACT_UCHAR(s+3)) |
|
89 |
- |
|
90 |
-/* Initialize the SHA values */ |
|
91 |
- |
|
92 |
-void sha256_init(struct sha256_ctx *ctx) |
|
93 |
-{ |
|
94 |
- /* Initial values, also generated by the shadata program. */ |
|
95 |
- static const uint32_t H0[_SHA256_DIGEST_LENGTH] = { |
|
96 |
- 0x6a09e667UL, 0xbb67ae85UL, 0x3c6ef372UL, 0xa54ff53aUL, |
|
97 |
- 0x510e527fUL, 0x9b05688cUL, 0x1f83d9abUL, 0x5be0cd19UL, |
|
98 |
- }; |
|
99 |
- |
|
100 |
- memcpy(ctx->state, H0, sizeof(H0)); |
|
101 |
- |
|
102 |
- /* Initialize bit count */ |
|
103 |
- ctx->count_low = ctx->count_high = 0; |
|
104 |
- |
|
105 |
- /* Initialize buffer */ |
|
106 |
- ctx->index = 0; |
|
107 |
-} |
|
108 |
- |
|
109 |
-/* Perform the SHA transformation. Note that this code, like MD5, seems to |
|
110 |
- break some optimizing compilers due to the complexity of the expressions |
|
111 |
- and the size of the basic block. It may be necessary to split it into |
|
112 |
- sections, e.g. based on the four subrounds |
|
113 |
- |
|
114 |
- Note that this function destroys the data area */ |
|
115 |
- |
|
116 |
-static void sha256_transform(uint32_t *state, uint32_t *data) |
|
117 |
-{ |
|
118 |
- uint32_t A, B, C, D, E, F, G, H; /* Local vars */ |
|
119 |
- unsigned char i; |
|
120 |
- const uint32_t *k; |
|
121 |
- uint32_t *d; |
|
122 |
- |
|
123 |
- /* Set up first buffer and local data buffer */ |
|
124 |
- A = state[0]; |
|
125 |
- B = state[1]; |
|
126 |
- C = state[2]; |
|
127 |
- D = state[3]; |
|
128 |
- E = state[4]; |
|
129 |
- F = state[5]; |
|
130 |
- G = state[6]; |
|
131 |
- H = state[7]; |
|
132 |
- |
|
133 |
- /* Heavy mangling */ |
|
134 |
- /* First 16 subrounds that act on the original data */ |
|
135 |
- |
|
136 |
- for (i = 0, k = K, d = data; i < 16; i += 8, k += 8, d += 8) { |
|
137 |
- ROUND(A, B, C, D, E, F, G, H, k[0], d[0]); |
|
138 |
- ROUND(H, A, B, C, D, E, F, G, k[1], d[1]); |
|
139 |
- ROUND(G, H, A, B, C, D, E, F, k[2], d[2]); |
|
140 |
- ROUND(F, G, H, A, B, C, D, E, k[3], d[3]); |
|
141 |
- ROUND(E, F, G, H, A, B, C, D, k[4], d[4]); |
|
142 |
- ROUND(D, E, F, G, H, A, B, C, k[5], d[5]); |
|
143 |
- ROUND(C, D, E, F, G, H, A, B, k[6], d[6]); |
|
144 |
- ROUND(B, C, D, E, F, G, H, A, k[7], d[7]); |
|
145 |
- } |
|
146 |
- |
|
147 |
- for (; i < 64; i += 16, k += 16) { |
|
148 |
- ROUND(A, B, C, D, E, F, G, H, k[0], EXPAND(data, 0)); |
|
149 |
- ROUND(H, A, B, C, D, E, F, G, k[1], EXPAND(data, 1)); |
|
150 |
- ROUND(G, H, A, B, C, D, E, F, k[2], EXPAND(data, 2)); |
|
151 |
- ROUND(F, G, H, A, B, C, D, E, k[3], EXPAND(data, 3)); |
|
152 |
- ROUND(E, F, G, H, A, B, C, D, k[4], EXPAND(data, 4)); |
|
153 |
- ROUND(D, E, F, G, H, A, B, C, k[5], EXPAND(data, 5)); |
|
154 |
- ROUND(C, D, E, F, G, H, A, B, k[6], EXPAND(data, 6)); |
|
155 |
- ROUND(B, C, D, E, F, G, H, A, k[7], EXPAND(data, 7)); |
|
156 |
- ROUND(A, B, C, D, E, F, G, H, k[8], EXPAND(data, 8)); |
|
157 |
- ROUND(H, A, B, C, D, E, F, G, k[9], EXPAND(data, 9)); |
|
158 |
- ROUND(G, H, A, B, C, D, E, F, k[10], EXPAND(data, 10)); |
|
159 |
- ROUND(F, G, H, A, B, C, D, E, k[11], EXPAND(data, 11)); |
|
160 |
- ROUND(E, F, G, H, A, B, C, D, k[12], EXPAND(data, 12)); |
|
161 |
- ROUND(D, E, F, G, H, A, B, C, k[13], EXPAND(data, 13)); |
|
162 |
- ROUND(C, D, E, F, G, H, A, B, k[14], EXPAND(data, 14)); |
|
163 |
- ROUND(B, C, D, E, F, G, H, A, k[15], EXPAND(data, 15)); |
|
164 |
- } |
|
165 |
- |
|
166 |
- /* Update state */ |
|
167 |
- state[0] += A; |
|
168 |
- state[1] += B; |
|
169 |
- state[2] += C; |
|
170 |
- state[3] += D; |
|
171 |
- state[4] += E; |
|
172 |
- state[5] += F; |
|
173 |
- state[6] += G; |
|
174 |
- state[7] += H; |
|
175 |
-} |
|
176 |
- |
|
177 |
-static void sha256_block(struct sha256_ctx *ctx, const unsigned char *block) |
|
178 |
-{ |
|
179 |
- uint32_t data[SHA256_DATA_LENGTH]; |
|
180 |
- uint16_t i; |
|
181 |
- |
|
182 |
- /* Update block count */ |
|
183 |
- if (!++ctx->count_low) |
|
184 |
- ++ctx->count_high; |
|
185 |
- |
|
186 |
- /* Endian independent conversion */ |
|
187 |
- for (i = 0; i < SHA256_DATA_LENGTH; i++, block += 4) |
|
188 |
- data[i] = STRING2INT(block); |
|
189 |
- |
|
190 |
- sha256_transform(ctx->state, data); |
|
191 |
-} |
|
192 |
- |
|
193 |
-void |
|
194 |
-sha256_update(struct sha256_ctx *ctx, const unsigned char *buffer, uint32_t length) |
|
195 |
-{ |
|
196 |
- uint32_t left; |
|
197 |
- |
|
198 |
- if (ctx->index) { /* Try to fill partial block */ |
|
199 |
- left = SHA256_DATA_SIZE - ctx->index; |
|
200 |
- if (length < left) { |
|
201 |
- memcpy(ctx->block + ctx->index, buffer, length); |
|
202 |
- ctx->index += length; |
|
203 |
- return; /* Finished */ |
|
204 |
- } else { |
|
205 |
- memcpy(ctx->block + ctx->index, buffer, left); |
|
206 |
- sha256_block(ctx, ctx->block); |
|
207 |
- buffer += left; |
|
208 |
- length -= left; |
|
209 |
- } |
|
210 |
- } |
|
211 |
- while (length >= SHA256_DATA_SIZE) { |
|
212 |
- sha256_block(ctx, buffer); |
|
213 |
- buffer += SHA256_DATA_SIZE; |
|
214 |
- length -= SHA256_DATA_SIZE; |
|
215 |
- } |
|
216 |
- /* Buffer leftovers */ |
|
217 |
- /* NOTE: The corresponding sha1 code checks for the special case length == 0. |
|
218 |
- * That seems supoptimal, as I suspect it increases the number of branches. */ |
|
219 |
- |
|
220 |
- memcpy(ctx->block, buffer, length); |
|
221 |
- ctx->index = length; |
|
222 |
-} |
|
223 |
- |
|
224 |
-/* Final wrapup - pad to SHA1_DATA_SIZE-byte boundary with the bit pattern |
|
225 |
- 1 0* (64-bit count of bits processed, MSB-first) */ |
|
226 |
- |
|
227 |
-void sha256_final(struct sha256_ctx *ctx) |
|
228 |
-{ |
|
229 |
- uint32_t data[SHA256_DATA_LENGTH]; |
|
230 |
- uint32_t i; |
|
231 |
- uint32_t words; |
|
232 |
- |
|
233 |
- i = ctx->index; |
|
234 |
- |
|
235 |
- /* Set the first char of padding to 0x80. This is safe since there is |
|
236 |
- always at least one byte free */ |
|
237 |
- |
|
238 |
-/* assert(i < SHA256_DATA_SIZE); |
|
239 |
- */ |
|
240 |
- ctx->block[i++] = 0x80; |
|
241 |
- |
|
242 |
- /* Fill rest of word */ |
|
243 |
- for (; i & 3; i++) |
|
244 |
- ctx->block[i] = 0; |
|
245 |
- |
|
246 |
- /* i is now a multiple of the word size 4 */ |
|
247 |
- words = i >> 2; |
|
248 |
- for (i = 0; i < words; i++) |
|
249 |
- data[i] = STRING2INT(ctx->block + 4 * i); |
|
250 |
- |
|
251 |
- if (words > (SHA256_DATA_LENGTH - 2)) { /* No room for length in this block. Process it and |
|
252 |
- * pad with another one */ |
|
253 |
- for (i = words; i < SHA256_DATA_LENGTH; i++) |
|
254 |
- data[i] = 0; |
|
255 |
- sha256_transform(ctx->state, data); |
|
256 |
- for (i = 0; i < (SHA256_DATA_LENGTH - 2); i++) |
|
257 |
- data[i] = 0; |
|
258 |
- } else |
|
259 |
- for (i = words; i < SHA256_DATA_LENGTH - 2; i++) |
|
260 |
- data[i] = 0; |
|
261 |
- |
|
262 |
- /* There are 512 = 2^9 bits in one block */ |
|
263 |
- data[SHA256_DATA_LENGTH - 2] = |
|
264 |
- (ctx->count_high << 9) | (ctx->count_low >> 23); |
|
265 |
- data[SHA256_DATA_LENGTH - 1] = |
|
266 |
- (ctx->count_low << 9) | (ctx->index << 3); |
|
267 |
- sha256_transform(ctx->state, data); |
|
268 |
-} |
|
269 |
- |
|
270 |
-void sha256_digest(const struct sha256_ctx *ctx, unsigned char *s) |
|
271 |
-{ |
|
272 |
- uint32_t i; |
|
273 |
- |
|
274 |
- if (s!=NULL) |
|
275 |
- for (i = 0; i < _SHA256_DIGEST_LENGTH; i++) { |
|
276 |
- *s++ = ctx->state[i] >> 24; |
|
277 |
- *s++ = 0xff & (ctx->state[i] >> 16); |
|
278 |
- *s++ = 0xff & (ctx->state[i] >> 8); |
|
279 |
- *s++ = 0xff & ctx->state[i]; |
|
280 |
- } |
|
281 |
-} |
282 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,51 +0,0 @@ |
1 |
-/* |
|
2 |
- * Copyright (C) 2001 Niels Moller |
|
3 |
- * |
|
4 |
- * The nettle library is free software; you can redistribute it and/or modify |
|
5 |
- * it under the terms of the GNU Lesser General Public License as published by |
|
6 |
- * the Free Software Foundation; either version 2.1 of the License, or (at your |
|
7 |
- * option) any later version. |
|
8 |
- * |
|
9 |
- * The nettle library is distributed in the hope that it will be useful, but |
|
10 |
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY |
|
11 |
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public |
|
12 |
- * License for more details. |
|
13 |
- * |
|
14 |
- * You should have received a copy of the GNU Lesser General Public License |
|
15 |
- * along with the nettle library; see the file COPYING.LIB. If not, write to |
|
16 |
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, |
|
17 |
- * MA 02111-1307, USA. |
|
18 |
- */ |
|
19 |
- |
|
20 |
-#ifndef __SHA256_H |
|
21 |
-#define __SHA256_H |
|
22 |
- |
|
23 |
-#include "cltypes.h" |
|
24 |
- |
|
25 |
-#define SHA256_DIGEST_SIZE 32 |
|
26 |
-#define SHA256_DATA_SIZE 64 |
|
27 |
- |
|
28 |
-/* Digest is kept internally as 8 32-bit words. */ |
|
29 |
-#define _SHA256_DIGEST_LENGTH 8 |
|
30 |
- |
|
31 |
-typedef struct sha256_ctx |
|
32 |
-{ |
|
33 |
- uint32_t state[_SHA256_DIGEST_LENGTH]; /* State variables */ |
|
34 |
- uint32_t count_low, count_high; /* 64-bit block count */ |
|
35 |
- unsigned char block[SHA256_DATA_SIZE]; /* SHA256 data buffer */ |
|
36 |
- uint32_t index; /* index into buffer */ |
|
37 |
-} SHA256_CTX; |
|
38 |
- |
|
39 |
-void |
|
40 |
-sha256_init(struct sha256_ctx *ctx); |
|
41 |
- |
|
42 |
-void |
|
43 |
-sha256_update(struct sha256_ctx *ctx, const unsigned char *data, uint32_t length); |
|
44 |
- |
|
45 |
-void |
|
46 |
-sha256_final(struct sha256_ctx *ctx); |
|
47 |
- |
|
48 |
-void |
|
49 |
-sha256_digest(const struct sha256_ctx *ctx, unsigned char *digest); |
|
50 |
- |
|
51 |
-#endif |
... | ... |
@@ -35,17 +35,22 @@ |
35 | 35 |
#include "shared/misc.h" |
36 | 36 |
#include "shared/output.h" |
37 | 37 |
#include "shared/cdiff.h" |
38 |
+#include "shared/sha256.h" |
|
38 | 39 |
|
39 | 40 |
#include "libclamav/str.h" |
40 | 41 |
#include "libclamav/others.h" |
41 | 42 |
#include "libclamav/cvd.h" |
42 |
-#include "libclamav/sha256.h" |
|
43 |
+ |
|
44 |
+#include "zlib.h" |
|
43 | 45 |
|
44 | 46 |
#ifdef HAVE_GMP |
45 | 47 |
#include "libclamav/dsig.h" |
46 |
-#endif |
|
47 | 48 |
|
48 |
-#include "zlib.h" |
|
49 |
+#define PSS_NSTR "14783905874077467090262228516557917570254599638376203532031989214105552847269687489771975792123442185817287694951949800908791527542017115600501303394778618535864845235700041590056318230102449612217458549016089313306591388590790796515819654102320725712300822356348724011232654837503241736177907784198700834440681124727060540035754699658105895050096576226753008596881698828185652424901921668758326578462003247906470982092298106789657211905488986281078346361469524484829559560886227198091995498440676639639830463593211386055065360288422394053998134458623712540683294034953818412458362198117811990006021989844180721010947" |
|
50 |
+#define PSS_ESTR "100002053" |
|
51 |
+#define PSS_NBITS 2048 |
|
52 |
+#define PSS_DIGEST_LENGTH 32 |
|
53 |
+#endif /* HAVE_GMP */ |
|
49 | 54 |
|
50 | 55 |
struct cdiff_node { |
51 | 56 |
unsigned int lineno; |
... | ... |
@@ -761,6 +766,106 @@ static int cdiff_execute(const char *cmdstr, struct cdiff_ctx *ctx) |
761 | 761 |
return 0; |
762 | 762 |
} |
763 | 763 |
|
764 |
+#ifdef HAVE_GMP |
|
765 |
+static void pss_mgf(unsigned char *in, unsigned int inlen, unsigned char *out, unsigned int outlen) |
|
766 |
+{ |
|
767 |
+ SHA256_CTX ctx; |
|
768 |
+ unsigned int i, laps; |
|
769 |
+ unsigned char cnt[4], digest[PSS_DIGEST_LENGTH]; |
|
770 |
+ |
|
771 |
+ |
|
772 |
+ laps = (outlen + PSS_DIGEST_LENGTH - 1) / PSS_DIGEST_LENGTH; |
|
773 |
+ |
|
774 |
+ for(i = 0; i < laps; i++) { |
|
775 |
+ cnt[0] = (unsigned char) 0; |
|
776 |
+ cnt[1] = (unsigned char) 0; |
|
777 |
+ cnt[2] = (unsigned char) (i / 256); |
|
778 |
+ cnt[3] = (unsigned char) i; |
|
779 |
+ |
|
780 |
+ sha256_init(&ctx); |
|
781 |
+ sha256_update(&ctx, in, inlen); |
|
782 |
+ sha256_update(&ctx, cnt, sizeof(cnt)); |
|
783 |
+ sha256_final(&ctx); |
|
784 |
+ sha256_digest(&ctx, digest); |
|
785 |
+ |
|
786 |
+ if(i != laps - 1) |
|
787 |
+ memcpy(&out[i * PSS_DIGEST_LENGTH], digest, PSS_DIGEST_LENGTH); |
|
788 |
+ else |
|
789 |
+ memcpy(&out[i * PSS_DIGEST_LENGTH], digest, outlen - i * PSS_DIGEST_LENGTH); |
|
790 |
+ } |
|
791 |
+} |
|
792 |
+ |
|
793 |
+static int pss_versig(const unsigned char *sha256, const char *dsig) |
|
794 |
+{ |
|
795 |
+ mpz_t n, e; |
|
796 |
+ SHA256_CTX ctx; |
|
797 |
+ unsigned char *pt, digest1[PSS_DIGEST_LENGTH], digest2[PSS_DIGEST_LENGTH], *salt; |
|
798 |
+ unsigned int plen = PSS_NBITS / 8, hlen, slen, i; |
|
799 |
+ unsigned char dblock[PSS_NBITS / 8 - PSS_DIGEST_LENGTH - 1]; |
|
800 |
+ unsigned char mblock[PSS_NBITS / 8 - PSS_DIGEST_LENGTH - 1]; |
|
801 |
+ unsigned char fblock[8 + 2 * PSS_DIGEST_LENGTH]; |
|
802 |
+ |
|
803 |
+ |
|
804 |
+ hlen = slen = PSS_DIGEST_LENGTH; |
|
805 |
+ mpz_init_set_str(n, PSS_NSTR, 10); |
|
806 |
+ mpz_init_set_str(e, PSS_ESTR, 10); |
|
807 |
+ |
|
808 |
+ if(!(pt = cli_decodesig(dsig, plen, e, n))) { |
|
809 |
+ mpz_clear(n); |
|
810 |
+ mpz_clear(e); |
|
811 |
+ return -1; |
|
812 |
+ } |
|
813 |
+ |
|
814 |
+ mpz_clear(n); |
|
815 |
+ mpz_clear(e); |
|
816 |
+ |
|
817 |
+ if(pt[plen - 1] != 0xbc) { |
|
818 |
+ /* cli_dbgmsg("cli_versigpss: Incorrect signature syntax (0xbc)\n"); */ |
|
819 |
+ free(pt); |
|
820 |
+ return -1; |
|
821 |
+ } |
|
822 |
+ |
|
823 |
+ memcpy(mblock, pt, plen - hlen - 1); |
|
824 |
+ memcpy(digest2, &pt[plen - hlen - 1], hlen); |
|
825 |
+ free(pt); |
|
826 |
+ |
|
827 |
+ pss_mgf(digest2, hlen, dblock, plen - hlen - 1); |
|
828 |
+ |
|
829 |
+ for(i = 0; i < plen - hlen - 1; i++) |
|
830 |
+ dblock[i] ^= mblock[i]; |
|
831 |
+ |
|
832 |
+ dblock[0] &= (0xff >> 1); |
|
833 |
+ |
|
834 |
+ salt = memchr(dblock, 0x01, sizeof(dblock)); |
|
835 |
+ if(!salt) { |
|
836 |
+ /* cli_dbgmsg("cli_versigpss: Can't find salt\n"); */ |
|
837 |
+ return -1; |
|
838 |
+ } |
|
839 |
+ salt++; |
|
840 |
+ |
|
841 |
+ if((unsigned int) (dblock + sizeof(dblock) - salt) != slen) { |
|
842 |
+ /* cli_dbgmsg("cli_versigpss: Bad salt size\n"); */ |
|
843 |
+ return -1; |
|
844 |
+ } |
|
845 |
+ |
|
846 |
+ memset(fblock, 0, 8); |
|
847 |
+ memcpy(&fblock[8], sha256, hlen); |
|
848 |
+ memcpy(&fblock[8 + hlen], salt, slen); |
|
849 |
+ |
|
850 |
+ sha256_init(&ctx); |
|
851 |
+ sha256_update(&ctx, fblock, sizeof(fblock)); |
|
852 |
+ sha256_final(&ctx); |
|
853 |
+ sha256_digest(&ctx, digest1); |
|
854 |
+ |
|
855 |
+ if(memcmp(digest1, digest2, hlen)) { |
|
856 |
+ /* cli_dbgmsg("cli_versigpss: Signature doesn't match.\n"); */ |
|
857 |
+ return -1; |
|
858 |
+ } |
|
859 |
+ |
|
860 |
+ return 0; |
|
861 |
+} |
|
862 |
+#endif /* HAVE_GMP */ |
|
863 |
+ |
|
764 | 864 |
int cdiff_apply(int fd, unsigned short mode) |
765 | 865 |
{ |
766 | 866 |
struct cdiff_ctx ctx; |
... | ... |
@@ -848,7 +953,7 @@ int cdiff_apply(int fd, unsigned short mode) |
848 | 848 |
sha256_final(&sha256ctx); |
849 | 849 |
sha256_digest(&sha256ctx, digest); |
850 | 850 |
|
851 |
- if(cli_versigpss(digest, dsig)) { |
|
851 |
+ if(pss_versig(digest, dsig)) { |
|
852 | 852 |
logg("!cdiff_apply: Incorrect digital signature\n"); |
853 | 853 |
close(desc); |
854 | 854 |
return -1; |
855 | 855 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,281 @@ |
0 |
+/* |
|
1 |
+ * Copyright (C) 2001 Niels Moller |
|
2 |
+ * |
|
3 |
+ * This program is free software; you can redistribute it and/or |
|
4 |
+ * modify it under the terms of the GNU General Public License as |
|
5 |
+ * published by the Free Software Foundation; either version 2 of the |
|
6 |
+ * License, or (at your option) any later version. |
|
7 |
+ * |
|
8 |
+ * The nettle library is distributed in the hope that it will be useful, but |
|
9 |
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY |
|
10 |
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public |
|
11 |
+ * License for more details. |
|
12 |
+ * |
|
13 |
+ * You should have received a copy of the GNU Lesser General Public License |
|
14 |
+ * along with the nettle library; see the file COPYING.LIB. If not, write to |
|
15 |
+ * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, |
|
16 |
+ * MA 02111-1307, USA. |
|
17 |
+ */ |
|
18 |
+ |
|
19 |
+/* Modelled after the sha1.c code by Peter Gutmann. */ |
|
20 |
+ |
|
21 |
+#include <stdio.h> |
|
22 |
+#include <string.h> |
|
23 |
+ |
|
24 |
+#include "cltypes.h" |
|
25 |
+#include "sha256.h" |
|
26 |
+ |
|
27 |
+/* A block, treated as a sequence of 32-bit words. */ |
|
28 |
+#define SHA256_DATA_LENGTH 16 |
|
29 |
+ |
|
30 |
+#define ROTR(n,x) ((x)>>(n) | ((x)<<(32-(n)))) |
|
31 |
+#define SHR(n,x) ((x)>>(n)) |
|
32 |
+ |
|
33 |
+#define Choice(x,y,z) ( (z) ^ ( (x) & ( (y) ^ (z) ) ) ) |
|
34 |
+#define Majority(x,y,z) ( ((x) & (y)) ^ ((z) & ((x) ^ (y))) ) |
|
35 |
+ |
|
36 |
+#define S0(x) (ROTR(2,(x)) ^ ROTR(13,(x)) ^ ROTR(22,(x))) |
|
37 |
+#define S1(x) (ROTR(6,(x)) ^ ROTR(11,(x)) ^ ROTR(25,(x))) |
|
38 |
+ |
|
39 |
+#define s0(x) (ROTR(7,(x)) ^ ROTR(18,(x)) ^ SHR(3,(x))) |
|
40 |
+#define s1(x) (ROTR(17,(x)) ^ ROTR(19,(x)) ^ SHR(10,(x))) |
|
41 |
+ |
|
42 |
+static const uint32_t K[64] = { |
|
43 |
+ 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, |
|
44 |
+ 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, |
|
45 |
+ 0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL, |
|
46 |
+ 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL, |
|
47 |
+ 0xe49b69c1UL, 0xefbe4786UL, 0xfc19dc6UL, 0x240ca1ccUL, |
|
48 |
+ 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, |
|
49 |
+ 0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, |
|
50 |
+ 0xc6e00bf3UL, 0xd5a79147UL, 0x6ca6351UL, 0x14292967UL, |
|
51 |
+ 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL, |
|
52 |
+ 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL, |
|
53 |
+ 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, |
|
54 |
+ 0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, |
|
55 |
+ 0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL, |
|
56 |
+ 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL, |
|
57 |
+ 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL, |
|
58 |
+ 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL, |
|
59 |
+}; |
|
60 |
+ |
|
61 |
+#define EXPAND(W,i) \ |
|
62 |
+( W[(i) & 15 ] += (s1(W[((i)-2) & 15]) + W[((i)-7) & 15] + s0(W[((i)-15) & 15])) ) |
|
63 |
+ |
|
64 |
+#define ROUND(a,b,c,d,e,f,g,h,k,data) do { \ |
|
65 |
+ uint32_t T1 = h + S1(e) + Choice(e,f,g) + k + data; \ |
|
66 |
+ uint32_t T2 = S0(a) + Majority(a,b,c); \ |
|
67 |
+ d += T1; \ |
|
68 |
+ h = T1 + T2; \ |
|
69 |
+} while (0) |
|
70 |
+ |
|
71 |
+#ifndef EXTRACT_UCHAR |
|
72 |
+#define EXTRACT_UCHAR(p) (*(const unsigned char *)(p)) |
|
73 |
+#endif |
|
74 |
+ |
|
75 |
+#define STRING2INT(s) ((((((EXTRACT_UCHAR(s) << 8) \ |
|
76 |
+ | EXTRACT_UCHAR(s+1)) << 8) \ |
|
77 |
+ | EXTRACT_UCHAR(s+2)) << 8) \ |
|
78 |
+ | EXTRACT_UCHAR(s+3)) |
|
79 |
+ |
|
80 |
+#ifndef EXTRACT_UCHAR |
|
81 |
+#define EXTRACT_UCHAR(p) (*(const mutils_word8 *)(p)) |
|
82 |
+#endif |
|
83 |
+ |
|
84 |
+#define STRING2INT(s) ((((((EXTRACT_UCHAR(s) << 8) \ |
|
85 |
+ | EXTRACT_UCHAR(s+1)) << 8) \ |
|
86 |
+ | EXTRACT_UCHAR(s+2)) << 8) \ |
|
87 |
+ | EXTRACT_UCHAR(s+3)) |
|
88 |
+ |
|
89 |
+/* Initialize the SHA values */ |
|
90 |
+ |
|
91 |
+void sha256_init(struct sha256_ctx *ctx) |
|
92 |
+{ |
|
93 |
+ /* Initial values, also generated by the shadata program. */ |
|
94 |
+ static const uint32_t H0[_SHA256_DIGEST_LENGTH] = { |
|
95 |
+ 0x6a09e667UL, 0xbb67ae85UL, 0x3c6ef372UL, 0xa54ff53aUL, |
|
96 |
+ 0x510e527fUL, 0x9b05688cUL, 0x1f83d9abUL, 0x5be0cd19UL, |
|
97 |
+ }; |
|
98 |
+ |
|
99 |
+ memcpy(ctx->state, H0, sizeof(H0)); |
|
100 |
+ |
|
101 |
+ /* Initialize bit count */ |
|
102 |
+ ctx->count_low = ctx->count_high = 0; |
|
103 |
+ |
|
104 |
+ /* Initialize buffer */ |
|
105 |
+ ctx->index = 0; |
|
106 |
+} |
|
107 |
+ |
|
108 |
+/* Perform the SHA transformation. Note that this code, like MD5, seems to |
|
109 |
+ break some optimizing compilers due to the complexity of the expressions |
|
110 |
+ and the size of the basic block. It may be necessary to split it into |
|
111 |
+ sections, e.g. based on the four subrounds |
|
112 |
+ |
|
113 |
+ Note that this function destroys the data area */ |
|
114 |
+ |
|
115 |
+static void sha256_transform(uint32_t *state, uint32_t *data) |
|
116 |
+{ |
|
117 |
+ uint32_t A, B, C, D, E, F, G, H; /* Local vars */ |
|
118 |
+ unsigned char i; |
|
119 |
+ const uint32_t *k; |
|
120 |
+ uint32_t *d; |
|
121 |
+ |
|
122 |
+ /* Set up first buffer and local data buffer */ |
|
123 |
+ A = state[0]; |
|
124 |
+ B = state[1]; |
|
125 |
+ C = state[2]; |
|
126 |
+ D = state[3]; |
|
127 |
+ E = state[4]; |
|
128 |
+ F = state[5]; |
|
129 |
+ G = state[6]; |
|
130 |
+ H = state[7]; |
|
131 |
+ |
|
132 |
+ /* Heavy mangling */ |
|
133 |
+ /* First 16 subrounds that act on the original data */ |
|
134 |
+ |
|
135 |
+ for (i = 0, k = K, d = data; i < 16; i += 8, k += 8, d += 8) { |
|
136 |
+ ROUND(A, B, C, D, E, F, G, H, k[0], d[0]); |
|
137 |
+ ROUND(H, A, B, C, D, E, F, G, k[1], d[1]); |
|
138 |
+ ROUND(G, H, A, B, C, D, E, F, k[2], d[2]); |
|
139 |
+ ROUND(F, G, H, A, B, C, D, E, k[3], d[3]); |
|
140 |
+ ROUND(E, F, G, H, A, B, C, D, k[4], d[4]); |
|
141 |
+ ROUND(D, E, F, G, H, A, B, C, k[5], d[5]); |
|
142 |
+ ROUND(C, D, E, F, G, H, A, B, k[6], d[6]); |
|
143 |
+ ROUND(B, C, D, E, F, G, H, A, k[7], d[7]); |
|
144 |
+ } |
|
145 |
+ |
|
146 |
+ for (; i < 64; i += 16, k += 16) { |
|
147 |
+ ROUND(A, B, C, D, E, F, G, H, k[0], EXPAND(data, 0)); |
|
148 |
+ ROUND(H, A, B, C, D, E, F, G, k[1], EXPAND(data, 1)); |
|
149 |
+ ROUND(G, H, A, B, C, D, E, F, k[2], EXPAND(data, 2)); |
|
150 |
+ ROUND(F, G, H, A, B, C, D, E, k[3], EXPAND(data, 3)); |
|
151 |
+ ROUND(E, F, G, H, A, B, C, D, k[4], EXPAND(data, 4)); |
|
152 |
+ ROUND(D, E, F, G, H, A, B, C, k[5], EXPAND(data, 5)); |
|
153 |
+ ROUND(C, D, E, F, G, H, A, B, k[6], EXPAND(data, 6)); |
|
154 |
+ ROUND(B, C, D, E, F, G, H, A, k[7], EXPAND(data, 7)); |
|
155 |
+ ROUND(A, B, C, D, E, F, G, H, k[8], EXPAND(data, 8)); |
|
156 |
+ ROUND(H, A, B, C, D, E, F, G, k[9], EXPAND(data, 9)); |
|
157 |
+ ROUND(G, H, A, B, C, D, E, F, k[10], EXPAND(data, 10)); |
|
158 |
+ ROUND(F, G, H, A, B, C, D, E, k[11], EXPAND(data, 11)); |
|
159 |
+ ROUND(E, F, G, H, A, B, C, D, k[12], EXPAND(data, 12)); |
|
160 |
+ ROUND(D, E, F, G, H, A, B, C, k[13], EXPAND(data, 13)); |
|
161 |
+ ROUND(C, D, E, F, G, H, A, B, k[14], EXPAND(data, 14)); |
|
162 |
+ ROUND(B, C, D, E, F, G, H, A, k[15], EXPAND(data, 15)); |
|
163 |
+ } |
|
164 |
+ |
|
165 |
+ /* Update state */ |
|
166 |
+ state[0] += A; |
|
167 |
+ state[1] += B; |
|
168 |
+ state[2] += C; |
|
169 |
+ state[3] += D; |
|
170 |
+ state[4] += E; |
|
171 |
+ state[5] += F; |
|
172 |
+ state[6] += G; |
|
173 |
+ state[7] += H; |
|
174 |
+} |
|
175 |
+ |
|
176 |
+static void sha256_block(struct sha256_ctx *ctx, const unsigned char *block) |
|
177 |
+{ |
|
178 |
+ uint32_t data[SHA256_DATA_LENGTH]; |
|
179 |
+ uint16_t i; |
|
180 |
+ |
|
181 |
+ /* Update block count */ |
|
182 |
+ if (!++ctx->count_low) |
|
183 |
+ ++ctx->count_high; |
|
184 |
+ |
|
185 |
+ /* Endian independent conversion */ |
|
186 |
+ for (i = 0; i < SHA256_DATA_LENGTH; i++, block += 4) |
|
187 |
+ data[i] = STRING2INT(block); |
|
188 |
+ |
|
189 |
+ sha256_transform(ctx->state, data); |
|
190 |
+} |
|
191 |
+ |
|
192 |
+void |
|
193 |
+sha256_update(struct sha256_ctx *ctx, const unsigned char *buffer, uint32_t length) |
|
194 |
+{ |
|
195 |
+ uint32_t left; |
|
196 |
+ |
|
197 |
+ if (ctx->index) { /* Try to fill partial block */ |
|
198 |
+ left = SHA256_DATA_SIZE - ctx->index; |
|
199 |
+ if (length < left) { |
|
200 |
+ memcpy(ctx->block + ctx->index, buffer, length); |
|
201 |
+ ctx->index += length; |
|
202 |
+ return; /* Finished */ |
|
203 |
+ } else { |
|
204 |
+ memcpy(ctx->block + ctx->index, buffer, left); |
|
205 |
+ sha256_block(ctx, ctx->block); |
|
206 |
+ buffer += left; |
|
207 |
+ length -= left; |
|
208 |
+ } |
|
209 |
+ } |
|
210 |
+ while (length >= SHA256_DATA_SIZE) { |
|
211 |
+ sha256_block(ctx, buffer); |
|
212 |
+ buffer += SHA256_DATA_SIZE; |
|
213 |
+ length -= SHA256_DATA_SIZE; |
|
214 |
+ } |
|
215 |
+ /* Buffer leftovers */ |
|
216 |
+ /* NOTE: The corresponding sha1 code checks for the special case length == 0. |
|
217 |
+ * That seems supoptimal, as I suspect it increases the number of branches. */ |
|
218 |
+ |
|
219 |
+ memcpy(ctx->block, buffer, length); |
|
220 |
+ ctx->index = length; |
|
221 |
+} |
|
222 |
+ |
|
223 |
+/* Final wrapup - pad to SHA1_DATA_SIZE-byte boundary with the bit pattern |
|
224 |
+ 1 0* (64-bit count of bits processed, MSB-first) */ |
|
225 |
+ |
|
226 |
+void sha256_final(struct sha256_ctx *ctx) |
|
227 |
+{ |
|
228 |
+ uint32_t data[SHA256_DATA_LENGTH]; |
|
229 |
+ uint32_t i; |
|
230 |
+ uint32_t words; |
|
231 |
+ |
|
232 |
+ i = ctx->index; |
|
233 |
+ |
|
234 |
+ /* Set the first char of padding to 0x80. This is safe since there is |
|
235 |
+ always at least one byte free */ |
|
236 |
+ |
|
237 |
+/* assert(i < SHA256_DATA_SIZE); |
|
238 |
+ */ |
|
239 |
+ ctx->block[i++] = 0x80; |
|
240 |
+ |
|
241 |
+ /* Fill rest of word */ |
|
242 |
+ for (; i & 3; i++) |
|
243 |
+ ctx->block[i] = 0; |
|
244 |
+ |
|
245 |
+ /* i is now a multiple of the word size 4 */ |
|
246 |
+ words = i >> 2; |
|
247 |
+ for (i = 0; i < words; i++) |
|
248 |
+ data[i] = STRING2INT(ctx->block + 4 * i); |
|
249 |
+ |
|
250 |
+ if (words > (SHA256_DATA_LENGTH - 2)) { /* No room for length in this block. Process it and |
|
251 |
+ * pad with another one */ |
|
252 |
+ for (i = words; i < SHA256_DATA_LENGTH; i++) |
|
253 |
+ data[i] = 0; |
|
254 |
+ sha256_transform(ctx->state, data); |
|
255 |
+ for (i = 0; i < (SHA256_DATA_LENGTH - 2); i++) |
|
256 |
+ data[i] = 0; |
|
257 |
+ } else |
|
258 |
+ for (i = words; i < SHA256_DATA_LENGTH - 2; i++) |
|
259 |
+ data[i] = 0; |
|
260 |
+ |
|
261 |
+ /* There are 512 = 2^9 bits in one block */ |
|
262 |
+ data[SHA256_DATA_LENGTH - 2] = |
|
263 |
+ (ctx->count_high << 9) | (ctx->count_low >> 23); |
|
264 |
+ data[SHA256_DATA_LENGTH - 1] = |
|
265 |
+ (ctx->count_low << 9) | (ctx->index << 3); |
|
266 |
+ sha256_transform(ctx->state, data); |
|
267 |
+} |
|
268 |
+ |
|
269 |
+void sha256_digest(const struct sha256_ctx *ctx, unsigned char *s) |
|
270 |
+{ |
|
271 |
+ uint32_t i; |
|
272 |
+ |
|
273 |
+ if (s!=NULL) |
|
274 |
+ for (i = 0; i < _SHA256_DIGEST_LENGTH; i++) { |
|
275 |
+ *s++ = ctx->state[i] >> 24; |
|
276 |
+ *s++ = 0xff & (ctx->state[i] >> 16); |
|
277 |
+ *s++ = 0xff & (ctx->state[i] >> 8); |
|
278 |
+ *s++ = 0xff & ctx->state[i]; |
|
279 |
+ } |
|
280 |
+} |
0 | 281 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,51 @@ |
0 |
+/* |
|
1 |
+ * Copyright (C) 2001 Niels Moller |
|
2 |
+ * |
|
3 |
+ * The nettle library is free software; you can redistribute it and/or modify |
|
4 |
+ * it under the terms of the GNU Lesser General Public License as published by |
|
5 |
+ * the Free Software Foundation; either version 2.1 of the License, or (at your |
|
6 |
+ * option) any later version. |
|
7 |
+ * |
|
8 |
+ * The nettle library is distributed in the hope that it will be useful, but |
|
9 |
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY |
|
10 |
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public |
|
11 |
+ * License for more details. |
|
12 |
+ * |
|
13 |
+ * You should have received a copy of the GNU Lesser General Public License |
|
14 |
+ * along with the nettle library; see the file COPYING.LIB. If not, write to |
|
15 |
+ * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, |
|
16 |
+ * MA 02111-1307, USA. |
|
17 |
+ */ |
|
18 |
+ |
|
19 |
+#ifndef __SHA256_H |
|
20 |
+#define __SHA256_H |
|
21 |
+ |
|
22 |
+#include "cltypes.h" |
|
23 |
+ |
|
24 |
+#define SHA256_DIGEST_SIZE 32 |
|
25 |
+#define SHA256_DATA_SIZE 64 |
|
26 |
+ |
|
27 |
+/* Digest is kept internally as 8 32-bit words. */ |
|
28 |
+#define _SHA256_DIGEST_LENGTH 8 |
|
29 |
+ |
|
30 |
+typedef struct sha256_ctx |
|
31 |
+{ |
|
32 |
+ uint32_t state[_SHA256_DIGEST_LENGTH]; /* State variables */ |
|
33 |
+ uint32_t count_low, count_high; /* 64-bit block count */ |
|
34 |
+ unsigned char block[SHA256_DATA_SIZE]; /* SHA256 data buffer */ |
|
35 |
+ uint32_t index; /* index into buffer */ |
|
36 |
+} SHA256_CTX; |
|
37 |
+ |
|
38 |
+void |
|
39 |
+sha256_init(struct sha256_ctx *ctx); |
|
40 |
+ |
|
41 |
+void |
|
42 |
+sha256_update(struct sha256_ctx *ctx, const unsigned char *data, uint32_t length); |
|
43 |
+ |
|
44 |
+void |
|
45 |
+sha256_final(struct sha256_ctx *ctx); |
|
46 |
+ |
|
47 |
+void |
|
48 |
+sha256_digest(const struct sha256_ctx *ctx, unsigned char *digest); |
|
49 |
+ |
|
50 |
+#endif |
... | ... |
@@ -71,7 +71,8 @@ binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) |
71 | 71 |
PROGRAMS = $(bin_PROGRAMS) |
72 | 72 |
am_sigtool_OBJECTS = output.$(OBJEXT) getopt.$(OBJEXT) \ |
73 | 73 |
cfgparser.$(OBJEXT) misc.$(OBJEXT) options.$(OBJEXT) \ |
74 |
- cdiff.$(OBJEXT) vba.$(OBJEXT) sigtool.$(OBJEXT) |
|
74 |
+ sha256.$(OBJEXT) cdiff.$(OBJEXT) vba.$(OBJEXT) \ |
|
75 |
+ sigtool.$(OBJEXT) |
|
75 | 76 |
sigtool_OBJECTS = $(am_sigtool_OBJECTS) |
76 | 77 |
sigtool_LDADD = $(LDADD) |
77 | 78 |
DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) |
... | ... |
@@ -229,6 +230,7 @@ sigtool_SOURCES = \ |
229 | 229 |
$(top_srcdir)/shared/misc.h \ |
230 | 230 |
$(top_srcdir)/shared/options.c \ |
231 | 231 |
$(top_srcdir)/shared/options.h \ |
232 |
+ $(top_srcdir)/shared/sha256.c \ |
|
232 | 233 |
$(top_srcdir)/shared/cdiff.c \ |
233 | 234 |
$(top_srcdir)/shared/cdiff.h \ |
234 | 235 |
vba.c \ |
... | ... |
@@ -313,6 +315,7 @@ distclean-compile: |
313 | 313 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/misc.Po@am__quote@ |
314 | 314 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/options.Po@am__quote@ |
315 | 315 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/output.Po@am__quote@ |
316 |
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha256.Po@am__quote@ |
|
316 | 317 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sigtool.Po@am__quote@ |
317 | 318 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vba.Po@am__quote@ |
318 | 319 |
|
... | ... |
@@ -407,6 +410,20 @@ options.obj: $(top_srcdir)/shared/options.c |
407 | 407 |
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
408 | 408 |
@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o options.obj `if test -f '$(top_srcdir)/shared/options.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/options.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/options.c'; fi` |
409 | 409 |
|
410 |
+sha256.o: $(top_srcdir)/shared/sha256.c |
|
411 |
+@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha256.o -MD -MP -MF "$(DEPDIR)/sha256.Tpo" -c -o sha256.o `test -f '$(top_srcdir)/shared/sha256.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/sha256.c; \ |
|
412 |
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/sha256.Tpo" "$(DEPDIR)/sha256.Po"; else rm -f "$(DEPDIR)/sha256.Tpo"; exit 1; fi |
|
413 |
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$(top_srcdir)/shared/sha256.c' object='sha256.o' libtool=no @AMDEPBACKSLASH@ |
|
414 |
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
|
415 |
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha256.o `test -f '$(top_srcdir)/shared/sha256.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/sha256.c |
|
416 |
+ |
|
417 |
+sha256.obj: $(top_srcdir)/shared/sha256.c |
|
418 |
+@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha256.obj -MD -MP -MF "$(DEPDIR)/sha256.Tpo" -c -o sha256.obj `if test -f '$(top_srcdir)/shared/sha256.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/sha256.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/sha256.c'; fi`; \ |
|
419 |
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/sha256.Tpo" "$(DEPDIR)/sha256.Po"; else rm -f "$(DEPDIR)/sha256.Tpo"; exit 1; fi |
|
420 |
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$(top_srcdir)/shared/sha256.c' object='sha256.obj' libtool=no @AMDEPBACKSLASH@ |
|
421 |
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
|
422 |
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha256.obj `if test -f '$(top_srcdir)/shared/sha256.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/sha256.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/sha256.c'; fi` |
|
423 |
+ |
|
410 | 424 |
cdiff.o: $(top_srcdir)/shared/cdiff.c |
411 | 425 |
@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cdiff.o -MD -MP -MF "$(DEPDIR)/cdiff.Tpo" -c -o cdiff.o `test -f '$(top_srcdir)/shared/cdiff.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/cdiff.c; \ |
412 | 426 |
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/cdiff.Tpo" "$(DEPDIR)/cdiff.Po"; else rm -f "$(DEPDIR)/cdiff.Tpo"; exit 1; fi |
... | ... |
@@ -51,6 +51,7 @@ |
51 | 51 |
#include "shared/cfgparser.h" |
52 | 52 |
#include "shared/misc.h" |
53 | 53 |
#include "shared/cdiff.h" |
54 |
+#include "shared/sha256.h" |
|
54 | 55 |
|
55 | 56 |
#include "libclamav/clamav.h" |
56 | 57 |
#include "libclamav/cvd.h" |
... | ... |
@@ -58,7 +59,6 @@ |
58 | 58 |
#include "libclamav/str.h" |
59 | 59 |
#include "libclamav/ole2_extract.h" |
60 | 60 |
#include "libclamav/htmlnorm.h" |
61 |
-#include "libclamav/sha256.h" |
|
62 | 61 |
|
63 | 62 |
#define MAX_DEL_LOOKAHEAD 200 |
64 | 63 |
|