... | ... |
@@ -59,9 +59,7 @@ void XzCheck_Init(CXzCheck *p, int mode) |
59 | 59 |
case XZ_CHECK_CRC32: p->crc = CRC_INIT_VAL; break; |
60 | 60 |
case XZ_CHECK_CRC64: p->crc64 = CRC64_INIT_VAL; break; |
61 | 61 |
case XZ_CHECK_SHA256: |
62 |
- p->sha = EVP_MD_CTX_create(); |
|
63 |
- if ((p->sha)) |
|
64 |
- EVP_DigestInit_ex(p->sha, EVP_sha256(), NULL); |
|
62 |
+ p->sha = cl_hash_init("sha256"); |
|
65 | 63 |
break; |
66 | 64 |
} |
67 | 65 |
} |
... | ... |
@@ -74,7 +72,7 @@ void XzCheck_Update(CXzCheck *p, const void *data, size_t size) |
74 | 74 |
case XZ_CHECK_CRC64: p->crc64 = Crc64Update(p->crc64, data, size); break; |
75 | 75 |
case XZ_CHECK_SHA256: |
76 | 76 |
if ((p->sha)) |
77 |
- EVP_DigestUpdate(p->sha, (const Byte *)data, size); |
|
77 |
+ cl_update_hash(p->sha, (const Byte *)data, size); |
|
78 | 78 |
break; |
79 | 79 |
} |
80 | 80 |
} |
... | ... |
@@ -98,8 +96,7 @@ int XzCheck_Final(CXzCheck *p, Byte *digest) |
98 | 98 |
if (!(p->sha)) |
99 | 99 |
return 0; |
100 | 100 |
|
101 |
- EVP_DigestFinal_ex(p->sha, digest, NULL); |
|
102 |
- EVP_MD_CTX_destroy(p->sha); |
|
101 |
+ cl_finish_hash(p->sha, digest); |
|
103 | 102 |
break; |
104 | 103 |
default: |
105 | 104 |
return 0; |
... | ... |
@@ -81,7 +81,7 @@ typedef struct |
81 | 81 |
int mode; |
82 | 82 |
UInt32 crc; |
83 | 83 |
UInt64 crc64; |
84 |
- EVP_MD_CTX *sha; |
|
84 |
+ void *sha; |
|
85 | 85 |
} CXzCheck; |
86 | 86 |
|
87 | 87 |
void XzCheck_Init(CXzCheck *p, int mode); |
... | ... |
@@ -217,7 +217,7 @@ typedef struct |
217 | 217 |
CMixCoder decoder; |
218 | 218 |
CXzBlock block; |
219 | 219 |
CXzCheck check; |
220 |
- EVP_MD_CTX *sha; |
|
220 |
+ void *sha; |
|
221 | 221 |
Byte shaDigest[SHA256_DIGEST_SIZE]; |
222 | 222 |
Byte buf[XZ_BLOCK_HEADER_SIZE_MAX]; |
223 | 223 |
} CXzUnpacker; |
... | ... |
@@ -652,7 +652,7 @@ SRes XzUnpacker_Code(CXzUnpacker *p, Byte *dest, SizeT *destLen, |
652 | 652 |
unsigned num = Xz_WriteVarInt(temp, p->packSize + p->blockHeaderSize + XzFlags_GetCheckSize(p->streamFlags)); |
653 | 653 |
num += Xz_WriteVarInt(temp + num, p->unpackSize); |
654 | 654 |
if ((p->sha)) |
655 |
- EVP_DigestUpdate(p->sha, temp, num); |
|
655 |
+ cl_update_hash(p->sha, temp, num); |
|
656 | 656 |
p->indexSize += num; |
657 | 657 |
p->numBlocks++; |
658 | 658 |
|
... | ... |
@@ -687,9 +687,7 @@ SRes XzUnpacker_Code(CXzUnpacker *p, Byte *dest, SizeT *destLen, |
687 | 687 |
{ |
688 | 688 |
RINOK(Xz_ParseHeader(&p->streamFlags, p->buf)); |
689 | 689 |
p->state = XZ_STATE_BLOCK_HEADER; |
690 |
- p->sha = EVP_MD_CTX_create(); |
|
691 |
- if ((p->sha)) |
|
692 |
- EVP_DigestInit_ex(p->sha, EVP_sha256(), NULL); |
|
690 |
+ p->sha = cl_hash_init("sha256"); |
|
693 | 691 |
p->indexSize = 0; |
694 | 692 |
p->numBlocks = 0; |
695 | 693 |
p->pos = 0; |
... | ... |
@@ -709,11 +707,8 @@ SRes XzUnpacker_Code(CXzUnpacker *p, Byte *dest, SizeT *destLen, |
709 | 709 |
p->indexPos = p->indexPreSize; |
710 | 710 |
p->indexSize += p->indexPreSize; |
711 | 711 |
if ((p->sha)) { |
712 |
- EVP_DigestFinal_ex(p->sha, p->shaDigest, NULL); |
|
713 |
- EVP_MD_CTX_destroy(p->sha); |
|
714 |
- p->sha = EVP_MD_CTX_create(); |
|
715 |
- if ((p->sha)) |
|
716 |
- EVP_DigestInit_ex(p->sha, EVP_sha256(), NULL); |
|
712 |
+ cl_finish_hash(p->sha, p->shaDigest); |
|
713 |
+ p->sha = cl_hash_init("sha256"); |
|
717 | 714 |
} |
718 | 715 |
p->crc = CrcUpdate(CRC_INIT_VAL, p->buf, p->indexPreSize); |
719 | 716 |
p->state = XZ_STATE_STREAM_INDEX; |
... | ... |
@@ -793,7 +788,7 @@ SRes XzUnpacker_Code(CXzUnpacker *p, Byte *dest, SizeT *destLen, |
793 | 793 |
srcRem = (SizeT)cur; |
794 | 794 |
p->crc = CrcUpdate(p->crc, src, srcRem); |
795 | 795 |
if ((p->sha)) |
796 |
- EVP_DigestUpdate(p->sha, src, srcRem); |
|
796 |
+ cl_update_hash(p->sha, src, srcRem); |
|
797 | 797 |
(*srcLen) += srcRem; |
798 | 798 |
src += srcRem; |
799 | 799 |
p->indexPos += srcRem; |
... | ... |
@@ -814,10 +809,8 @@ SRes XzUnpacker_Code(CXzUnpacker *p, Byte *dest, SizeT *destLen, |
814 | 814 |
p->state = XZ_STATE_STREAM_INDEX_CRC; |
815 | 815 |
p->indexSize += 4; |
816 | 816 |
p->pos = 0; |
817 |
- if ((p->sha)) { |
|
818 |
- EVP_DigestFinal_ex(p->sha, digest, NULL); |
|
819 |
- EVP_MD_CTX_destroy(p->sha); |
|
820 |
- } |
|
817 |
+ if ((p->sha)) |
|
818 |
+ cl_finish_hash(p->sha, digest); |
|
821 | 819 |
|
822 | 820 |
if (memcmp(digest, p->shaDigest, SHA256_DIGEST_SIZE) != 0) |
823 | 821 |
return SZ_ERROR_CRC; |
... | ... |
@@ -752,7 +752,7 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg |
752 | 752 |
unsigned int dsize, message_size, attrs_size; |
753 | 753 |
cli_crt_hashtype hashtype; |
754 | 754 |
cli_crt *x509; |
755 |
- EVP_MD_CTX *ctx; |
|
755 |
+ void *ctx; |
|
756 | 756 |
int result; |
757 | 757 |
int isBlacklisted = 0; |
758 | 758 |
|
... | ... |
@@ -1042,15 +1042,13 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg |
1042 | 1042 |
break; |
1043 | 1043 |
} |
1044 | 1044 |
|
1045 |
- ctx = EVP_MD_CTX_create(); |
|
1045 |
+ ctx = cl_hash_init("sha1"); |
|
1046 | 1046 |
if (!(ctx)) |
1047 | 1047 |
break; |
1048 | 1048 |
|
1049 |
- EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); |
|
1050 |
- EVP_DigestUpdate(ctx, "\x31", 1); |
|
1051 |
- EVP_DigestUpdate(ctx, attrs + 1, attrs_size - 1); |
|
1052 |
- EVP_DigestFinal_ex(ctx, sha1, NULL); |
|
1053 |
- EVP_MD_CTX_destroy(ctx); |
|
1049 |
+ cl_update_hash(ctx, "\x31", 1); |
|
1050 |
+ cl_update_hash(ctx, attrs + 1, attrs_size - 1); |
|
1051 |
+ cl_finish_hash(ctx, sha1); |
|
1054 | 1052 |
|
1055 | 1053 |
if(!fmap_need_ptr_once(map, asn1.content, asn1.size)) { |
1056 | 1054 |
cli_dbgmsg("asn1_parse_mscat: failed to read encryptedDigest\n"); |
... | ... |
@@ -1288,25 +1286,21 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg |
1288 | 1288 |
} |
1289 | 1289 |
|
1290 | 1290 |
if(hashtype == CLI_SHA1RSA) { |
1291 |
- ctx = EVP_MD_CTX_create(); |
|
1291 |
+ ctx = cl_hash_init("sha1"); |
|
1292 | 1292 |
if (!(ctx)) |
1293 | 1293 |
break; |
1294 | 1294 |
|
1295 |
- EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); |
|
1296 |
- EVP_DigestUpdate(ctx, "\x31", 1); |
|
1297 |
- EVP_DigestUpdate(ctx, attrs + 1, attrs_size - 1); |
|
1298 |
- EVP_DigestFinal_ex(ctx, sha1, NULL); |
|
1299 |
- EVP_MD_CTX_destroy(ctx); |
|
1295 |
+ cl_update_hash(ctx, "\x31", 1); |
|
1296 |
+ cl_update_hash(ctx, attrs + 1, attrs_size - 1); |
|
1297 |
+ cl_finish_hash(ctx, sha1); |
|
1300 | 1298 |
} else { |
1301 |
- ctx = EVP_MD_CTX_create(); |
|
1299 |
+ ctx = cl_hash_init("md5"); |
|
1302 | 1300 |
if (!(ctx)) |
1303 | 1301 |
break; |
1304 | 1302 |
|
1305 |
- EVP_DigestInit_ex(ctx, EVP_md5(), NULL); |
|
1306 |
- EVP_DigestUpdate(ctx, "\x31", 1); |
|
1307 |
- EVP_DigestUpdate(ctx, attrs + 1, attrs_size - 1); |
|
1308 |
- EVP_DigestFinal_ex(ctx, sha1, NULL); |
|
1309 |
- EVP_MD_CTX_destroy(ctx); |
|
1303 |
+ cl_update_hash(ctx, "\x31", 1); |
|
1304 |
+ cl_update_hash(ctx, attrs + 1, attrs_size - 1); |
|
1305 |
+ cl_finish_hash(ctx, sha1); |
|
1310 | 1306 |
} |
1311 | 1307 |
|
1312 | 1308 |
if(!fmap_need_ptr_once(map, asn1.content, asn1.size)) { |
... | ... |
@@ -905,7 +905,7 @@ void cache_remove(unsigned char *md5, size_t size, const struct cl_engine *engin |
905 | 905 |
int cache_check(unsigned char *hash, cli_ctx *ctx) { |
906 | 906 |
fmap_t *map; |
907 | 907 |
size_t todo, at = 0; |
908 |
- EVP_MD_CTX *hashctx; |
|
908 |
+ void *hashctx; |
|
909 | 909 |
int ret; |
910 | 910 |
|
911 | 911 |
if(!ctx || !ctx->engine || !ctx->engine->cache) |
... | ... |
@@ -919,30 +919,31 @@ int cache_check(unsigned char *hash, cli_ctx *ctx) { |
919 | 919 |
map = *ctx->fmap; |
920 | 920 |
todo = map->len; |
921 | 921 |
|
922 |
- hashctx = EVP_MD_CTX_create(); |
|
922 |
+ hashctx = cl_hash_init("md5"); |
|
923 | 923 |
if (!(hashctx)) |
924 | 924 |
return CL_VIRUS; |
925 | 925 |
|
926 |
- EVP_DigestInit_ex(hashctx, EVP_md5(), NULL); |
|
927 | 926 |
|
928 | 927 |
while(todo) { |
929 | 928 |
const void *buf; |
930 | 929 |
size_t readme = todo < FILEBUFF ? todo : FILEBUFF; |
931 | 930 |
|
932 |
- if(!(buf = fmap_need_off_once(map, at, readme))) |
|
931 |
+ if(!(buf = fmap_need_off_once(map, at, readme))) { |
|
932 |
+ cl_hash_destroy(hashctx); |
|
933 | 933 |
return CL_EREAD; |
934 |
+ } |
|
934 | 935 |
|
935 | 936 |
todo -= readme; |
936 | 937 |
at += readme; |
937 | 938 |
|
938 |
- if (!EVP_DigestUpdate(hashctx, buf, readme)) { |
|
939 |
+ if (cl_update_hash(hashctx, buf, readme)) { |
|
940 |
+ cl_hash_destroy(hashctx); |
|
939 | 941 |
cli_errmsg("cache_check: error reading while generating hash!\n"); |
940 | 942 |
return CL_EREAD; |
941 | 943 |
} |
942 | 944 |
} |
943 | 945 |
|
944 |
- EVP_DigestFinal_ex(hashctx, hash, NULL); |
|
945 |
- EVP_MD_CTX_destroy(hashctx); |
|
946 |
+ cl_finish_hash(hashctx, hash); |
|
946 | 947 |
|
947 | 948 |
ret = cache_lookup_hash(hash, map->len, ctx->engine->cache, ctx->recursion); |
948 | 949 |
cli_dbgmsg("cache_check: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x is %s\n", hash[0], hash[1], hash[2], hash[3], hash[4], hash[5], hash[6], hash[7], hash[8], hash[9], hash[10], hash[11], hash[12], hash[13], hash[14], hash[15], (ret == CL_VIRUS) ? "negative" : "positive"); |
... | ... |
@@ -1017,3 +1017,59 @@ X509_CRL *cl_load_crl(const char *file) |
1017 | 1017 |
|
1018 | 1018 |
return x; |
1019 | 1019 |
} |
1020 |
+ |
|
1021 |
+void *cl_hash_init(const char *alg) |
|
1022 |
+{ |
|
1023 |
+ EVP_MD_CTX *ctx; |
|
1024 |
+ const EVP_MD *md; |
|
1025 |
+ |
|
1026 |
+ md = EVP_get_digestbyname(alg); |
|
1027 |
+ if (!(md)) |
|
1028 |
+ return NULL; |
|
1029 |
+ |
|
1030 |
+ ctx = EVP_MD_CTX_create(); |
|
1031 |
+ if (!(ctx)) { |
|
1032 |
+ return NULL; |
|
1033 |
+ } |
|
1034 |
+ |
|
1035 |
+ if (!EVP_DigestInit_ex(ctx, md, NULL)) { |
|
1036 |
+ EVP_MD_CTX_destroy(ctx); |
|
1037 |
+ return NULL; |
|
1038 |
+ } |
|
1039 |
+ |
|
1040 |
+ return (void *)ctx; |
|
1041 |
+} |
|
1042 |
+ |
|
1043 |
+int cl_update_hash(void *ctx, void *data, size_t sz) |
|
1044 |
+{ |
|
1045 |
+ if (!(ctx) || !(data)) |
|
1046 |
+ return -1; |
|
1047 |
+ |
|
1048 |
+ if (!EVP_DigestUpdate((EVP_MD_CTX *)ctx, data, sz)) |
|
1049 |
+ return -1; |
|
1050 |
+ |
|
1051 |
+ return 0; |
|
1052 |
+} |
|
1053 |
+ |
|
1054 |
+int cl_finish_hash(void *ctx, void *buf) |
|
1055 |
+{ |
|
1056 |
+ int res=0; |
|
1057 |
+ |
|
1058 |
+ if (!(ctx) || !(buf)) |
|
1059 |
+ return -1; |
|
1060 |
+ |
|
1061 |
+ if (!EVP_DigestFinal_ex((EVP_MD_CTX *)ctx, (unsigned char *)buf, NULL)) |
|
1062 |
+ res = -1; |
|
1063 |
+ |
|
1064 |
+ EVP_MD_CTX_destroy((EVP_MD_CTX *)ctx); |
|
1065 |
+ |
|
1066 |
+ return res; |
|
1067 |
+} |
|
1068 |
+ |
|
1069 |
+void cl_hash_destroy(void *ctx) |
|
1070 |
+{ |
|
1071 |
+ if (!(ctx)) |
|
1072 |
+ return; |
|
1073 |
+ |
|
1074 |
+ EVP_MD_CTX_destroy((EVP_MD_CTX *)ctx); |
|
1075 |
+} |
... | ... |
@@ -270,6 +270,11 @@ unsigned char *cl_sign_file_fp(FILE *fp, EVP_PKEY *pkey, char *alg, unsigned int |
270 | 270 |
*/ |
271 | 271 |
EVP_PKEY *cl_get_pkey_file(char *keypath); |
272 | 272 |
|
273 |
+void *cl_hash_init(const char *alg); |
|
274 |
+int cl_update_hash(void *ctx, void *data, size_t sz); |
|
275 |
+int cl_finish_hash(void *ctx, void *buf); |
|
276 |
+void cl_hash_destroy(void *ctx); |
|
277 |
+ |
|
273 | 278 |
/** |
274 | 279 |
* @} |
275 | 280 |
*/ |
... | ... |
@@ -199,7 +199,7 @@ static void cli_tgzload_cleanup(int comp, struct cli_dbio *dbio, int fdd) |
199 | 199 |
} |
200 | 200 |
|
201 | 201 |
if (dbio->hashctx) { |
202 |
- EVP_MD_CTX_destroy(dbio->hashctx); |
|
202 |
+ cl_hash_destroy(dbio->hashctx); |
|
203 | 203 |
dbio->hashctx = NULL; |
204 | 204 |
} |
205 | 205 |
} |
... | ... |
@@ -321,12 +321,11 @@ static int cli_tgzload(int fd, struct cl_engine *engine, unsigned int *signo, un |
321 | 321 |
dbio->bufpt = NULL; |
322 | 322 |
dbio->readpt = dbio->buf; |
323 | 323 |
if (!(dbio->hashctx)) { |
324 |
- dbio->hashctx = EVP_MD_CTX_create(); |
|
324 |
+ dbio->hashctx = cl_hash_init("sha256"); |
|
325 | 325 |
if (!(dbio->hashctx)) { |
326 | 326 |
cli_tgzload_cleanup(compr, dbio, fdd); |
327 | 327 |
return CL_EMALFDB; |
328 | 328 |
} |
329 |
- EVP_DigestInit_ex(dbio->hashctx, EVP_sha256(), NULL); |
|
330 | 329 |
} |
331 | 330 |
dbio->bread = 0; |
332 | 331 |
|
... | ... |
@@ -361,8 +360,12 @@ static int cli_tgzload(int fd, struct cl_engine *engine, unsigned int *signo, un |
361 | 361 |
cli_tgzload_cleanup(compr, dbio, fdd); |
362 | 362 |
return CL_EMALFDB; |
363 | 363 |
} |
364 |
- EVP_DigestFinal_ex(dbio->hashctx, hash, NULL); |
|
365 |
- EVP_DigestInit_ex(dbio->hashctx, EVP_sha256(), NULL); |
|
364 |
+ cl_finish_hash(dbio->hashctx, hash); |
|
365 |
+ dbio->hashctx = cl_hash_init("sha256"); |
|
366 |
+ if (!(dbio->hashctx)) { |
|
367 |
+ cli_tgzload_cleanup(compr, dbio, fdd); |
|
368 |
+ return CL_EMALFDB; |
|
369 |
+ } |
|
366 | 370 |
if(memcmp(db->hash, hash, 32)) { |
367 | 371 |
cli_errmsg("cli_tgzload: Invalid checksum for file %s\n", name); |
368 | 372 |
cli_tgzload_cleanup(compr, dbio, fdd); |
... | ... |
@@ -32,7 +32,7 @@ struct cli_dbio { |
32 | 32 |
char *buf, *bufpt, *readpt; |
33 | 33 |
unsigned int usebuf, bufsize, readsize; |
34 | 34 |
unsigned int chkonly; |
35 |
- EVP_MD_CTX *hashctx; |
|
35 |
+ void *hashctx; |
|
36 | 36 |
}; |
37 | 37 |
|
38 | 38 |
int cli_cvdload(FILE *fs, struct cl_engine *engine, unsigned int *signo, unsigned int options, unsigned int dbtype, const char *filename, unsigned int chkonly); |
... | ... |
@@ -158,7 +158,7 @@ int cli_versig2(const unsigned char *sha256, const char *dsig_str, const char *n |
158 | 158 |
unsigned char *decoded, digest1[HASH_LEN], digest2[HASH_LEN], digest3[HASH_LEN], *salt; |
159 | 159 |
unsigned char mask[BLK_LEN], data[BLK_LEN], final[8 + 2 * HASH_LEN], c[4]; |
160 | 160 |
unsigned int i, rounds; |
161 |
- EVP_MD_CTX *ctx; |
|
161 |
+ void *ctx; |
|
162 | 162 |
mp_int n, e; |
163 | 163 |
|
164 | 164 |
mp_init(&e); |
... | ... |
@@ -187,15 +187,13 @@ int cli_versig2(const unsigned char *sha256, const char *dsig_str, const char *n |
187 | 187 |
c[2] = (unsigned char) (i / 256); |
188 | 188 |
c[3] = (unsigned char) i; |
189 | 189 |
|
190 |
- ctx = EVP_MD_CTX_create(); |
|
190 |
+ ctx = cl_hash_init("sha256"); |
|
191 | 191 |
if (!(ctx)) |
192 | 192 |
return CL_EMEM; |
193 | 193 |
|
194 |
- EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); |
|
195 |
- EVP_DigestUpdate(ctx, digest2, HASH_LEN); |
|
196 |
- EVP_DigestUpdate(ctx, c, 4); |
|
197 |
- EVP_DigestFinal_ex(ctx, digest3, NULL); |
|
198 |
- EVP_MD_CTX_destroy(ctx); |
|
194 |
+ cl_update_hash(ctx, digest2, HASH_LEN); |
|
195 |
+ cl_update_hash(ctx, c, 4); |
|
196 |
+ cl_finish_hash(ctx, digest3); |
|
199 | 197 |
if(i + 1 == rounds) |
200 | 198 |
memcpy(&data[i * 32], digest3, BLK_LEN - i * HASH_LEN); |
201 | 199 |
else |
... | ... |
@@ -217,14 +215,12 @@ int cli_versig2(const unsigned char *sha256, const char *dsig_str, const char *n |
217 | 217 |
memcpy(&final[8], sha256, HASH_LEN); |
218 | 218 |
memcpy(&final[8 + HASH_LEN], salt, SALT_LEN); |
219 | 219 |
|
220 |
- ctx = EVP_MD_CTX_create(); |
|
220 |
+ ctx = cl_hash_init("sha256"); |
|
221 | 221 |
if (!(ctx)) |
222 | 222 |
return CL_EMEM; |
223 | 223 |
|
224 |
- EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); |
|
225 |
- EVP_DigestUpdate(ctx, final, sizeof(final)); |
|
226 |
- EVP_DigestFinal_ex(ctx, digest1, NULL); |
|
227 |
- EVP_MD_CTX_destroy(ctx); |
|
224 |
+ cl_update_hash(ctx, final, sizeof(final)); |
|
225 |
+ cl_finish_hash(ctx, digest1); |
|
228 | 226 |
|
229 | 227 |
return memcmp(digest1, digest2, HASH_LEN) ? CL_EVERIFY : CL_SUCCESS; |
230 | 228 |
} |
... | ... |
@@ -244,7 +244,7 @@ char *internal_get_host_id(void) |
244 | 244 |
unsigned char raw_md5[16]; |
245 | 245 |
char *printable_md5; |
246 | 246 |
struct device *devices; |
247 |
- EVP_MD_CTX *ctx; |
|
247 |
+ void *ctx; |
|
248 | 248 |
|
249 | 249 |
devices = get_devices(); |
250 | 250 |
if (!(devices)) |
... | ... |
@@ -256,7 +256,7 @@ char *internal_get_host_id(void) |
256 | 256 |
return NULL; |
257 | 257 |
} |
258 | 258 |
|
259 |
- ctx = EVP_MD_CTX_create(); |
|
259 |
+ ctx = cl_hash_init("md5"); |
|
260 | 260 |
if (!(ctx)) { |
261 | 261 |
for (i=0; devices[i].name != NULL; i++) |
262 | 262 |
free(devices[i].name); |
... | ... |
@@ -267,12 +267,10 @@ char *internal_get_host_id(void) |
267 | 267 |
return NULL; |
268 | 268 |
} |
269 | 269 |
|
270 |
- EVP_DigestInit_ex(ctx, EVP_md5(), NULL); |
|
271 | 270 |
for (i=0; devices[i].name != NULL; i++) |
272 |
- EVP_DigestUpdate(ctx, devices[i].mac, sizeof(devices[i].mac)); |
|
271 |
+ cl_update_hash(ctx, devices[i].mac, sizeof(devices[i].mac)); |
|
273 | 272 |
|
274 |
- EVP_DigestFinal_ex(ctx, raw_md5, NULL); |
|
275 |
- EVP_MD_CTX_destroy(ctx); |
|
273 |
+ cl_finish_hash(ctx, raw_md5); |
|
276 | 274 |
|
277 | 275 |
for (i=0; devices[i].name != NULL; i++) |
278 | 276 |
free(devices[i].name); |
... | ... |
@@ -721,42 +721,30 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
721 | 721 |
const char *virname = NULL; |
722 | 722 |
uint32_t viroffset = 0; |
723 | 723 |
uint32_t viruses_found = 0; |
724 |
- EVP_MD_CTX *md5ctx, *sha1ctx, *sha256ctx; |
|
724 |
+ void *md5ctx, *sha1ctx, *sha256ctx; |
|
725 | 725 |
|
726 | 726 |
if(!ctx->engine) { |
727 | 727 |
cli_errmsg("cli_scandesc: engine == NULL\n"); |
728 | 728 |
return CL_ENULLARG; |
729 | 729 |
} |
730 | 730 |
|
731 |
- md5ctx = EVP_MD_CTX_create(); |
|
731 |
+ md5ctx = cl_hash_init("md5"); |
|
732 | 732 |
if (!(md5ctx)) |
733 | 733 |
return CL_EMEM; |
734 | 734 |
|
735 |
- sha1ctx = EVP_MD_CTX_create(); |
|
735 |
+ sha1ctx = cl_hash_init("sha1"); |
|
736 | 736 |
if (!(sha1ctx)) { |
737 |
- EVP_MD_CTX_destroy(md5ctx); |
|
737 |
+ cl_hash_destroy(md5ctx); |
|
738 | 738 |
return CL_EMEM; |
739 | 739 |
} |
740 | 740 |
|
741 |
- sha256ctx = EVP_MD_CTX_create(); |
|
741 |
+ sha256ctx = cl_hash_init("sha256"); |
|
742 | 742 |
if (!(sha256ctx)) { |
743 |
- EVP_MD_CTX_destroy(md5ctx); |
|
744 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
743 |
+ cl_hash_destroy(md5ctx); |
|
744 |
+ cl_hash_destroy(sha1ctx); |
|
745 | 745 |
return CL_EMEM; |
746 | 746 |
} |
747 | 747 |
|
748 |
- if (!EVP_DigestInit_ex(md5ctx, EVP_md5(), NULL)) { |
|
749 |
- return CL_CLEAN; |
|
750 |
- } |
|
751 |
- |
|
752 |
- if (!EVP_DigestInit_ex(sha1ctx, EVP_sha1(), NULL)) { |
|
753 |
- return CL_CLEAN; |
|
754 |
- } |
|
755 |
- |
|
756 |
- if (!EVP_DigestInit_ex(sha256ctx, EVP_sha256(), NULL)) { |
|
757 |
- return CL_CLEAN; |
|
758 |
- } |
|
759 |
- |
|
760 | 748 |
if(!ftonly) |
761 | 749 |
groot = ctx->engine->root[0]; /* generic signatures */ |
762 | 750 |
|
... | ... |
@@ -774,9 +762,9 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
774 | 774 |
|
775 | 775 |
if(ftonly) { |
776 | 776 |
if(!troot) { |
777 |
- EVP_MD_CTX_destroy(md5ctx); |
|
778 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
779 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
777 |
+ cl_hash_destroy(md5ctx); |
|
778 |
+ cl_hash_destroy(sha1ctx); |
|
779 |
+ cl_hash_destroy(sha256ctx); |
|
780 | 780 |
return CL_CLEAN; |
781 | 781 |
} |
782 | 782 |
|
... | ... |
@@ -796,9 +784,9 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
796 | 796 |
free(info.exeinfo.section); |
797 | 797 |
|
798 | 798 |
cli_hashset_destroy(&info.exeinfo.vinfo); |
799 |
- EVP_MD_CTX_destroy(md5ctx); |
|
800 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
801 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
799 |
+ cl_hash_destroy(md5ctx); |
|
800 |
+ cl_hash_destroy(sha1ctx); |
|
801 |
+ cl_hash_destroy(sha256ctx); |
|
802 | 802 |
return ret; |
803 | 803 |
} |
804 | 804 |
} |
... | ... |
@@ -811,9 +799,9 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
811 | 811 |
free(info.exeinfo.section); |
812 | 812 |
|
813 | 813 |
cli_hashset_destroy(&info.exeinfo.vinfo); |
814 |
- EVP_MD_CTX_destroy(md5ctx); |
|
815 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
816 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
814 |
+ cl_hash_destroy(md5ctx); |
|
815 |
+ cl_hash_destroy(sha1ctx); |
|
816 |
+ cl_hash_destroy(sha256ctx); |
|
817 | 817 |
return ret; |
818 | 818 |
} |
819 | 819 |
if(troot->bm_offmode) { |
... | ... |
@@ -827,9 +815,9 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
827 | 827 |
free(info.exeinfo.section); |
828 | 828 |
|
829 | 829 |
cli_hashset_destroy(&info.exeinfo.vinfo); |
830 |
- EVP_MD_CTX_destroy(md5ctx); |
|
831 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
832 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
830 |
+ cl_hash_destroy(md5ctx); |
|
831 |
+ cl_hash_destroy(sha1ctx); |
|
832 |
+ cl_hash_destroy(sha256ctx); |
|
833 | 833 |
return ret; |
834 | 834 |
} |
835 | 835 |
|
... | ... |
@@ -896,9 +884,9 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
896 | 896 |
free(info.exeinfo.section); |
897 | 897 |
|
898 | 898 |
cli_hashset_destroy(&info.exeinfo.vinfo); |
899 |
- EVP_MD_CTX_destroy(md5ctx); |
|
900 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
901 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
899 |
+ cl_hash_destroy(md5ctx); |
|
900 |
+ cl_hash_destroy(sha1ctx); |
|
901 |
+ cl_hash_destroy(sha256ctx); |
|
902 | 902 |
return ret; |
903 | 903 |
} |
904 | 904 |
} |
... | ... |
@@ -935,11 +923,11 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
935 | 935 |
uint32_t data_len = bytes - maxpatlen * (offset!=0); |
936 | 936 |
|
937 | 937 |
if(compute_hash[CLI_HASH_MD5]) |
938 |
- EVP_DigestUpdate(md5ctx, data, data_len); |
|
938 |
+ cl_update_hash(md5ctx, data, data_len); |
|
939 | 939 |
if(compute_hash[CLI_HASH_SHA1]) |
940 |
- EVP_DigestUpdate(sha1ctx, data, data_len); |
|
940 |
+ cl_update_hash(sha1ctx, data, data_len); |
|
941 | 941 |
if(compute_hash[CLI_HASH_SHA256]) |
942 |
- EVP_DigestUpdate(sha256ctx, data, data_len); |
|
942 |
+ cl_update_hash(sha256ctx, data, data_len); |
|
943 | 943 |
} |
944 | 944 |
} |
945 | 945 |
|
... | ... |
@@ -958,15 +946,18 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
958 | 958 |
enum CLI_HASH_TYPE hashtype, hashtype2; |
959 | 959 |
|
960 | 960 |
if(compute_hash[CLI_HASH_MD5]) { |
961 |
- EVP_DigestFinal_ex(md5ctx, digest[CLI_HASH_MD5], NULL); |
|
961 |
+ cl_finish_hash(md5ctx, digest[CLI_HASH_MD5]); |
|
962 |
+ md5ctx = NULL; |
|
962 | 963 |
} |
963 | 964 |
if(refhash) |
964 | 965 |
compute_hash[CLI_HASH_MD5] = 1; |
965 | 966 |
if(compute_hash[CLI_HASH_SHA1]) { |
966 |
- EVP_DigestFinal_ex(sha1ctx, digest[CLI_HASH_SHA1], NULL); |
|
967 |
+ cl_finish_hash(sha1ctx, digest[CLI_HASH_SHA1]); |
|
968 |
+ sha1ctx = NULL; |
|
967 | 969 |
} |
968 | 970 |
if(compute_hash[CLI_HASH_SHA256]) { |
969 |
- EVP_DigestFinal_ex(sha256ctx, digest[CLI_HASH_SHA256], NULL); |
|
971 |
+ cl_finish_hash(sha256ctx, digest[CLI_HASH_SHA256]); |
|
972 |
+ sha256ctx = NULL; |
|
970 | 973 |
} |
971 | 974 |
|
972 | 975 |
virname = NULL; |
... | ... |
@@ -1024,9 +1015,9 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
1024 | 1024 |
} |
1025 | 1025 |
} |
1026 | 1026 |
|
1027 |
- EVP_MD_CTX_destroy(md5ctx); |
|
1028 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
1029 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
1027 |
+ cl_hash_destroy(md5ctx); |
|
1028 |
+ cl_hash_destroy(sha1ctx); |
|
1029 |
+ cl_hash_destroy(sha256ctx); |
|
1030 | 1030 |
|
1031 | 1031 |
if(troot) { |
1032 | 1032 |
if(ret != CL_VIRUS || SCAN_ALL) |
... | ... |
@@ -880,25 +880,33 @@ char *cli_hashstream(FILE *fs, unsigned char *digcpy, int type) |
880 | 880 |
unsigned char digest[32]; |
881 | 881 |
char buff[FILEBUFF]; |
882 | 882 |
char *hashstr, *pt; |
883 |
+ const char *alg=NULL; |
|
883 | 884 |
int i, bytes, size; |
884 |
- EVP_MD_CTX *ctx; |
|
885 |
+ void *ctx; |
|
886 |
+ |
|
887 |
+ switch (type) { |
|
888 |
+ case 1: |
|
889 |
+ alg = "md5"; |
|
890 |
+ size = 16; |
|
891 |
+ break; |
|
892 |
+ case 2: |
|
893 |
+ alg = "sha1"; |
|
894 |
+ size = 20; |
|
895 |
+ break; |
|
896 |
+ default: |
|
897 |
+ alg = "sha256"; |
|
898 |
+ size = 32; |
|
899 |
+ break; |
|
900 |
+ } |
|
885 | 901 |
|
886 |
- ctx = EVP_MD_CTX_create(); |
|
902 |
+ ctx = cl_hash_init(alg); |
|
887 | 903 |
if (!(ctx)) |
888 | 904 |
return NULL; |
889 | 905 |
|
890 |
- if(type == 1) |
|
891 |
- EVP_DigestInit_ex(ctx, EVP_md5(), NULL); |
|
892 |
- else if(type == 2) |
|
893 |
- EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); |
|
894 |
- else |
|
895 |
- EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); |
|
896 |
- |
|
897 | 906 |
while((bytes = fread(buff, 1, FILEBUFF, fs))) |
898 |
- EVP_DigestUpdate(ctx, buff, bytes); |
|
907 |
+ cl_update_hash(ctx, buff, bytes); |
|
899 | 908 |
|
900 |
- EVP_DigestFinal_ex(ctx, digest, &size); |
|
901 |
- EVP_MD_CTX_destroy(ctx); |
|
909 |
+ cl_finish_hash(ctx, digest); |
|
902 | 910 |
|
903 | 911 |
if(!(hashstr = (char *) cli_calloc(size*2 + 1, sizeof(char)))) |
904 | 912 |
return NULL; |
... | ... |
@@ -2800,7 +2800,7 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
2800 | 2800 |
struct cli_exe_section *exe_sections; |
2801 | 2801 |
struct pe_image_data_dir *dirs; |
2802 | 2802 |
fmap_t *map = *ctx->fmap; |
2803 |
- EVP_MD_CTX *hashctx=NULL; |
|
2803 |
+ void *hashctx=NULL; |
|
2804 | 2804 |
|
2805 | 2805 |
if (flags & CL_CHECKFP_PE_FLAG_STATS) |
2806 | 2806 |
if (!(hashes)) |
... | ... |
@@ -2927,13 +2927,11 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
2927 | 2927 |
} |
2928 | 2928 |
|
2929 | 2929 |
cli_qsort(exe_sections, nsections, sizeof(*exe_sections), sort_sects); |
2930 |
- hashctx = EVP_MD_CTX_create(); |
|
2930 |
+ hashctx = cl_hash_init("sha1"); |
|
2931 | 2931 |
if (!(hashctx)) { |
2932 | 2932 |
if (flags & CL_CHECKFP_PE_FLAG_AUTHENTICODE) |
2933 | 2933 |
flags ^= CL_CHECKFP_PE_FLAG_AUTHENTICODE; |
2934 | 2934 |
} |
2935 |
- if (hashctx) |
|
2936 |
- EVP_DigestInit_ex(hashctx, EVP_sha1(), NULL); |
|
2937 | 2935 |
|
2938 | 2936 |
if (flags & CL_CHECKFP_PE_FLAG_AUTHENTICODE) { |
2939 | 2937 |
/* Check to see if we have a security section. */ |
... | ... |
@@ -2943,7 +2941,7 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
2943 | 2943 |
flags ^= CL_CHECKFP_PE_FLAG_AUTHENTICODE; |
2944 | 2944 |
} else { |
2945 | 2945 |
if (hashctx) |
2946 |
- EVP_MD_CTX_destroy(hashctx); |
|
2946 |
+ cl_hash_destroy(hashctx); |
|
2947 | 2947 |
return CL_BREAK; |
2948 | 2948 |
} |
2949 | 2949 |
} |
... | ... |
@@ -2956,19 +2954,17 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
2956 | 2956 |
if(!(hptr = fmap_need_off_once(map, where, size))){ \ |
2957 | 2957 |
free(exe_sections); \ |
2958 | 2958 |
if (hashctx) \ |
2959 |
- EVP_MD_CTX_destroy(hashctx); \ |
|
2959 |
+ cl_hash_destroy(hashctx); \ |
|
2960 | 2960 |
return CL_EFORMAT; \ |
2961 | 2961 |
} \ |
2962 | 2962 |
if (flags & CL_CHECKFP_PE_FLAG_AUTHENTICODE && hashctx) \ |
2963 |
- EVP_DigestUpdate(hashctx, hptr, size); \ |
|
2963 |
+ cl_update_hash(hashctx, hptr, size); \ |
|
2964 | 2964 |
if (isStatAble && flags & CL_CHECKFP_PE_FLAG_STATS) { \ |
2965 |
- EVP_MD_CTX *md5ctx; \ |
|
2966 |
- md5ctx = EVP_MD_CTX_create(); \ |
|
2965 |
+ void *md5ctx; \ |
|
2966 |
+ md5ctx = cl_hash_init("md5"); \ |
|
2967 | 2967 |
if (md5ctx) { \ |
2968 |
- EVP_DigestInit_ex(md5ctx, EVP_md5(), NULL); \ |
|
2969 |
- EVP_DigestUpdate(md5ctx, hptr, size); \ |
|
2970 |
- EVP_DigestFinal_ex(md5ctx, hashes->sections[section].md5, NULL); \ |
|
2971 |
- EVP_MD_CTX_destroy(md5ctx); \ |
|
2968 |
+ cl_update_hash(md5ctx, hptr, size); \ |
|
2969 |
+ cl_finish_hash(md5ctx, hashes->sections[section].md5); \ |
|
2972 | 2970 |
} \ |
2973 | 2971 |
} \ |
2974 | 2972 |
} while(0) |
... | ... |
@@ -2995,7 +2991,7 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
2995 | 2995 |
} else { |
2996 | 2996 |
free(exe_sections); |
2997 | 2997 |
if (hashctx) |
2998 |
- EVP_MD_CTX_destroy(hashctx); |
|
2998 |
+ cl_hash_destroy(hashctx); |
|
2999 | 2999 |
return CL_EFORMAT; |
3000 | 3000 |
} |
3001 | 3001 |
} |
... | ... |
@@ -3028,7 +3024,7 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
3028 | 3028 |
} else { |
3029 | 3029 |
free(exe_sections); |
3030 | 3030 |
if (hashctx) |
3031 |
- EVP_MD_CTX_destroy(hashctx); |
|
3031 |
+ cl_hash_destroy(hashctx); |
|
3032 | 3032 |
return CL_EFORMAT; |
3033 | 3033 |
} |
3034 | 3034 |
} |
... | ... |
@@ -3044,7 +3040,7 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
3044 | 3044 |
free(exe_sections); |
3045 | 3045 |
|
3046 | 3046 |
if (flags & CL_CHECKFP_PE_FLAG_AUTHENTICODE && hashctx) { |
3047 |
- EVP_DigestFinal_ex(hashctx, authsha1, NULL); |
|
3047 |
+ cl_finish_hash(hashctx, authsha1); |
|
3048 | 3048 |
|
3049 | 3049 |
if(cli_debug_flag) { |
3050 | 3050 |
char shatxt[SHA1_HASH_SIZE*2+1]; |
... | ... |
@@ -3059,11 +3055,10 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
3059 | 3059 |
|
3060 | 3060 |
hlen -= 8; |
3061 | 3061 |
|
3062 |
- EVP_MD_CTX_destroy(hashctx); |
|
3063 | 3062 |
return asn1_check_mscat((struct cl_engine *)(ctx->engine), map, at + 8, hlen, authsha1); |
3064 | 3063 |
} else { |
3065 | 3064 |
if (hashctx) |
3066 |
- EVP_MD_CTX_destroy(hashctx); |
|
3065 |
+ cl_hash_destroy(hashctx); |
|
3067 | 3066 |
return CL_VIRUS; |
3068 | 3067 |
} |
3069 | 3068 |
} |
... | ... |
@@ -1202,17 +1202,15 @@ static int hash_match(const struct regex_matcher *rlist, const char *host, size_ |
1202 | 1202 |
unsigned char h[65]; |
1203 | 1203 |
unsigned char sha256_dig[32]; |
1204 | 1204 |
unsigned i; |
1205 |
- EVP_MD_CTX *sha256; |
|
1205 |
+ void *sha256; |
|
1206 | 1206 |
|
1207 |
- sha256 = EVP_MD_CTX_create(); |
|
1207 |
+ sha256 = cl_hash_init("sha256"); |
|
1208 | 1208 |
if (!(sha256)) |
1209 | 1209 |
return CL_EMEM; |
1210 | 1210 |
|
1211 |
- EVP_DigestInit_ex(sha256, EVP_sha256(), NULL); |
|
1212 |
- EVP_DigestUpdate(sha256, host, hlen); |
|
1213 |
- EVP_DigestUpdate(sha256, path, plen); |
|
1214 |
- EVP_DigestFinal_ex(sha256, sha256_dig, NULL); |
|
1215 |
- EVP_MD_CTX_destroy(sha256); |
|
1211 |
+ cl_update_hash(sha256, host, hlen); |
|
1212 |
+ cl_update_hash(sha256, path, plen); |
|
1213 |
+ cl_finish_hash(sha256, sha256_dig); |
|
1216 | 1214 |
|
1217 | 1215 |
for(i=0;i<32;i++) { |
1218 | 1216 |
h[2*i] = hexchars[sha256_dig[i]>>4]; |
... | ... |
@@ -421,7 +421,7 @@ char *cli_dbgets(char *buff, unsigned int size, FILE *fs, struct cli_dbio *dbio) |
421 | 421 |
dbio->size -= bread; |
422 | 422 |
dbio->bread += bread; |
423 | 423 |
if (dbio->hashctx) |
424 |
- EVP_DigestUpdate(dbio->hashctx, dbio->readpt, bread); |
|
424 |
+ cl_update_hash(dbio->hashctx, dbio->readpt, bread); |
|
425 | 425 |
} |
426 | 426 |
if(dbio->chkonly && dbio->bufpt) { |
427 | 427 |
dbio->bufpt = NULL; |
... | ... |
@@ -479,7 +479,7 @@ char *cli_dbgets(char *buff, unsigned int size, FILE *fs, struct cli_dbio *dbio) |
479 | 479 |
dbio->size -= bs; |
480 | 480 |
dbio->bread += bs; |
481 | 481 |
if (dbio->hashctx) |
482 |
- EVP_DigestUpdate(dbio->hashctx, buff, bs); |
|
482 |
+ cl_update_hash(dbio->hashctx, buff, bs); |
|
483 | 483 |
return pt; |
484 | 484 |
} |
485 | 485 |
} |
... | ... |
@@ -1733,7 +1733,7 @@ static int cli_loadinfo(FILE *fs, struct cl_engine *engine, unsigned int options |
1733 | 1733 |
unsigned char hash[32]; |
1734 | 1734 |
struct cli_dbinfo *last = NULL, *new; |
1735 | 1735 |
int ret = CL_SUCCESS, dsig = 0; |
1736 |
- EVP_MD_CTX *ctx; |
|
1736 |
+ void *ctx; |
|
1737 | 1737 |
|
1738 | 1738 |
|
1739 | 1739 |
if(!dbio) { |
... | ... |
@@ -1741,18 +1741,15 @@ static int cli_loadinfo(FILE *fs, struct cl_engine *engine, unsigned int options |
1741 | 1741 |
return CL_EMALFDB; |
1742 | 1742 |
} |
1743 | 1743 |
|
1744 |
- ctx = EVP_MD_CTX_create(); |
|
1744 |
+ ctx = cl_hash_init("sha256"); |
|
1745 | 1745 |
if (!(ctx)) |
1746 | 1746 |
return CL_EMALFDB; |
1747 | 1747 |
|
1748 |
- EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); |
|
1749 |
- |
|
1750 | 1748 |
while(cli_dbgets(buffer, FILEBUFF, fs, dbio)) { |
1751 | 1749 |
line++; |
1752 | 1750 |
if(!(options & CL_DB_UNSIGNED) && !strncmp(buffer, "DSIG:", 5)) { |
1753 | 1751 |
dsig = 1; |
1754 |
- EVP_DigestFinal_ex(ctx, hash, NULL); |
|
1755 |
- EVP_MD_CTX_destroy(ctx); |
|
1752 |
+ cl_finish_hash(ctx, hash); |
|
1756 | 1753 |
if(cli_versig2(hash, buffer + 5, INFO_NSTR, INFO_ESTR) != CL_SUCCESS) { |
1757 | 1754 |
cli_errmsg("cli_loadinfo: Incorrect digital signature\n"); |
1758 | 1755 |
ret = CL_EMALFDB; |
... | ... |
@@ -1770,7 +1767,7 @@ static int cli_loadinfo(FILE *fs, struct cl_engine *engine, unsigned int options |
1770 | 1770 |
buffer[len + 1] = 0; |
1771 | 1771 |
} |
1772 | 1772 |
} |
1773 |
- EVP_DigestUpdate(ctx, buffer, strlen(buffer)); |
|
1773 |
+ cl_update_hash(ctx, buffer, strlen(buffer)); |
|
1774 | 1774 |
cli_chomp(buffer); |
1775 | 1775 |
if(!strncmp("ClamAV-VDB:", buffer, 11)) { |
1776 | 1776 |
if(engine->dbinfo) { /* shouldn't be initialized at this point */ |
... | ... |
@@ -325,26 +325,24 @@ static int xar_scan_subdocuments(xmlTextReaderPtr reader, cli_ctx *ctx) |
325 | 325 |
return rc; |
326 | 326 |
} |
327 | 327 |
|
328 |
-static EVP_MD_CTX * xar_hash_init(int hash, EVP_MD_CTX **sc, EVP_MD_CTX **mc) |
|
328 |
+static void * xar_hash_init(int hash, void **sc, void **mc) |
|
329 | 329 |
{ |
330 | 330 |
if (!sc && !mc) |
331 | 331 |
return NULL; |
332 | 332 |
switch (hash) { |
333 | 333 |
case XAR_CKSUM_SHA1: |
334 |
- *sc = EVP_MD_CTX_create(); |
|
334 |
+ *sc = cl_hash_init("sha1"); |
|
335 | 335 |
if (!(*sc)) { |
336 | 336 |
return NULL; |
337 | 337 |
} |
338 | 338 |
|
339 |
- EVP_DigestInit_ex(*sc, EVP_sha1(), NULL); |
|
340 | 339 |
return *sc; |
341 | 340 |
case XAR_CKSUM_MD5: |
342 |
- *mc = EVP_MD_CTX_create(); |
|
341 |
+ *mc = cl_hash_init("md5"); |
|
343 | 342 |
if (!(*mc)) { |
344 | 343 |
return NULL; |
345 | 344 |
} |
346 | 345 |
|
347 |
- EVP_DigestInit_ex(*mc, EVP_md5(), NULL); |
|
348 | 346 |
return *mc; |
349 | 347 |
case XAR_CKSUM_OTHER: |
350 | 348 |
case XAR_CKSUM_NONE: |
... | ... |
@@ -353,7 +351,7 @@ static EVP_MD_CTX * xar_hash_init(int hash, EVP_MD_CTX **sc, EVP_MD_CTX **mc) |
353 | 353 |
} |
354 | 354 |
} |
355 | 355 |
|
356 |
-static void xar_hash_update(EVP_MD_CTX * hash_ctx, const void * data, unsigned long size, int hash) |
|
356 |
+static void xar_hash_update(void * hash_ctx, const void * data, unsigned long size, int hash) |
|
357 | 357 |
{ |
358 | 358 |
if (!hash_ctx || !data || !size) |
359 | 359 |
return; |
... | ... |
@@ -364,10 +362,10 @@ static void xar_hash_update(EVP_MD_CTX * hash_ctx, const void * data, unsigned l |
364 | 364 |
return; |
365 | 365 |
} |
366 | 366 |
|
367 |
- EVP_DigestUpdate(hash_ctx, data, size); |
|
367 |
+ cl_update_hash(hash_ctx, data, size); |
|
368 | 368 |
} |
369 | 369 |
|
370 |
-static void xar_hash_final(EVP_MD_CTX * hash_ctx, void * result, int hash) |
|
370 |
+static void xar_hash_final(void * hash_ctx, void * result, int hash) |
|
371 | 371 |
{ |
372 | 372 |
if (!hash_ctx || !result) |
373 | 373 |
return; |
... | ... |
@@ -378,8 +376,7 @@ static void xar_hash_final(EVP_MD_CTX * hash_ctx, void * result, int hash) |
378 | 378 |
return; |
379 | 379 |
} |
380 | 380 |
|
381 |
- EVP_DigestFinal_ex(hash_ctx, result, NULL); |
|
382 |
- EVP_MD_CTX_destroy(hash_ctx); |
|
381 |
+ cl_finish_hash(hash_ctx, result); |
|
383 | 382 |
} |
384 | 383 |
|
385 | 384 |
static int xar_hash_check(int hash, const void * result, const void * expected) |
... | ... |
@@ -539,9 +536,9 @@ int cli_scanxar(cli_ctx *ctx) |
539 | 539 |
&a_cksum, &a_hash, &e_cksum, &e_hash))) { |
540 | 540 |
int do_extract_cksum = 1; |
541 | 541 |
unsigned char * blockp; |
542 |
- EVP_MD_CTX *a_sc, *e_sc; |
|
543 |
- EVP_MD_CTX *a_mc, *e_mc; |
|
544 |
- EVP_MD_CTX *a_hash_ctx, *e_hash_ctx; |
|
542 |
+ void *a_sc, *e_sc; |
|
543 |
+ void *a_mc, *e_mc; |
|
544 |
+ void *a_hash_ctx, *e_hash_ctx; |
|
545 | 545 |
char result[SHA1_HASH_SIZE]; |
546 | 546 |
char * expected; |
547 | 547 |
|
... | ... |
@@ -401,27 +401,25 @@ static char *sha256file(const char *file, unsigned int *size) |
401 | 401 |
unsigned int i, bytes; |
402 | 402 |
unsigned char digest[32], buffer[FILEBUFF]; |
403 | 403 |
char *sha; |
404 |
- EVP_MD_CTX *ctx; |
|
404 |
+ void *ctx; |
|
405 | 405 |
|
406 |
- ctx = EVP_MD_CTX_create(); |
|
406 |
+ ctx = cl_hash_init("sha256"); |
|
407 | 407 |
if (!(ctx)) |
408 | 408 |
return NULL; |
409 | 409 |
|
410 |
- EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); |
|
411 | 410 |
if(!(fh = fopen(file, "rb"))) { |
412 | 411 |
mprintf("!sha256file: Can't open file %s\n", file); |
413 |
- EVP_MD_CTX_destroy(ctx); |
|
412 |
+ cl_hash_destroy(ctx); |
|
414 | 413 |
return NULL; |
415 | 414 |
} |
416 | 415 |
if(size) |
417 | 416 |
*size = 0; |
418 | 417 |
while((bytes = fread(buffer, 1, sizeof(buffer), fh))) { |
419 |
- EVP_DigestUpdate(ctx, buffer, bytes); |
|
418 |
+ cl_update_hash(ctx, buffer, bytes); |
|
420 | 419 |
if(size) |
421 | 420 |
*size += bytes; |
422 | 421 |
} |
423 |
- EVP_DigestFinal_ex(ctx, digest, NULL); |
|
424 |
- EVP_MD_CTX_destroy(ctx); |
|
422 |
+ cl_finish_hash(ctx, digest); |
|
425 | 423 |
sha = (char *) malloc(65); |
426 | 424 |
if(!sha) |
427 | 425 |
{ |
... | ... |
@@ -441,7 +439,7 @@ static int writeinfo(const char *dbname, const char *builder, const char *header |
441 | 441 |
unsigned int i, bytes; |
442 | 442 |
char file[32], *pt, dbfile[32]; |
443 | 443 |
unsigned char digest[32], buffer[FILEBUFF]; |
444 |
- EVP_MD_CTX *ctx; |
|
444 |
+ void *ctx; |
|
445 | 445 |
|
446 | 446 |
snprintf(file, sizeof(file), "%s.info", dbname); |
447 | 447 |
if(!access(file, R_OK)) { |
... | ... |
@@ -498,17 +496,15 @@ static int writeinfo(const char *dbname, const char *builder, const char *header |
498 | 498 |
} |
499 | 499 |
if(!optget(opts, "unsigned")->enabled) { |
500 | 500 |
rewind(fh); |
501 |
- ctx = EVP_MD_CTX_create(); |
|
501 |
+ ctx = cl_hash_init("sha256"); |
|
502 | 502 |
if (!(ctx)) { |
503 | 503 |
fclose(fh); |
504 | 504 |
return -1; |
505 | 505 |
} |
506 | 506 |
|
507 |
- EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); |
|
508 | 507 |
while((bytes = fread(buffer, 1, sizeof(buffer), fh))) |
509 |
- EVP_DigestUpdate(ctx, buffer, bytes); |
|
510 |
- EVP_DigestFinal_ex(ctx, digest, NULL); |
|
511 |
- EVP_MD_CTX_destroy(ctx); |
|
508 |
+ cl_update_hash(ctx, buffer, bytes); |
|
509 |
+ cl_finish_hash(ctx, digest); |
|
512 | 510 |
if(!(pt = getdsig(optget(opts, "server")->strarg, builder, digest, 32, 3))) { |
513 | 511 |
mprintf("!writeinfo: Can't get digital signature from remote server\n"); |
514 | 512 |
fclose(fh); |
... | ... |
@@ -528,7 +524,7 @@ static int script2cdiff(const char *script, const char *builder, const struct op |
528 | 528 |
{ |
529 | 529 |
char *cdiff, *pt, buffer[FILEBUFF]; |
530 | 530 |
unsigned char digest[32]; |
531 |
- EVP_MD_CTX *ctx; |
|
531 |
+ void *ctx; |
|
532 | 532 |
STATBUF sb; |
533 | 533 |
FILE *scripth, *cdiffh; |
534 | 534 |
gzFile gzh; |
... | ... |
@@ -612,21 +608,19 @@ static int script2cdiff(const char *script, const char *builder, const struct op |
612 | 612 |
return -1; |
613 | 613 |
} |
614 | 614 |
|
615 |
- ctx = EVP_MD_CTX_create(); |
|
615 |
+ ctx = cl_hash_init("sha256"); |
|
616 | 616 |
if (!(ctx)) { |
617 | 617 |
unlink(cdiff); |
618 | 618 |
free(cdiff); |
619 | 619 |
fclose(cdiffh); |
620 | 620 |
return -1; |
621 | 621 |
} |
622 |
- EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); |
|
623 | 622 |
|
624 | 623 |
while((bytes = fread(buffer, 1, sizeof(buffer), cdiffh))) |
625 |
- EVP_DigestUpdate(ctx, (unsigned char *) buffer, bytes); |
|
624 |
+ cl_update_hash(ctx, (unsigned char *) buffer, bytes); |
|
626 | 625 |
|
627 | 626 |
fclose(cdiffh); |
628 |
- EVP_DigestFinal_ex(ctx, digest, NULL); |
|
629 |
- EVP_MD_CTX_destroy(ctx); |
|
627 |
+ cl_finish_hash(ctx, digest); |
|
630 | 628 |
|
631 | 629 |
if(!(pt = getdsig(optget(opts, "server")->strarg, builder, digest, 32, 2))) { |
632 | 630 |
mprintf("!script2cdiff: Can't get digital signature from remote server\n"); |
... | ... |
@@ -794,7 +794,7 @@ static uint8_t res256[3][SHA256_HASH_SIZE] = { |
794 | 794 |
|
795 | 795 |
START_TEST (test_sha256) |
796 | 796 |
{ |
797 |
- EVP_MD_CTX *sha256; |
|
797 |
+ void *sha256; |
|
798 | 798 |
uint8_t hsha256[SHA256_HASH_SIZE]; |
799 | 799 |
uint8_t buf[1000]; |
800 | 800 |
int i; |
... | ... |
@@ -807,14 +807,12 @@ START_TEST (test_sha256) |
807 | 807 |
cl_sha256(tv2, sizeof(tv2), hsha256, NULL); |
808 | 808 |
fail_unless(!memcmp (hsha256, res256[1], sizeof (hsha256)), "sha256 test vector #2 failed"); |
809 | 809 |
|
810 |
- sha256 = EVP_MD_CTX_create(); |
|
810 |
+ sha256 = cl_hash_init("sha256"); |
|
811 | 811 |
fail_unless(sha256 != NULL, "Could not create EVP_MD_CTX for sha256"); |
812 | 812 |
|
813 |
- EVP_DigestInit_ex(sha256, EVP_sha256(), NULL); |
|
814 | 813 |
for (i = 0; i < 1000; i++) |
815 |
- EVP_DigestUpdate (sha256, buf, sizeof (buf)); |
|
816 |
- EVP_DigestFinal_ex(sha256, hsha256, NULL); |
|
817 |
- EVP_MD_CTX_destroy(sha256); |
|
814 |
+ cl_update_hash (sha256, buf, sizeof (buf)); |
|
815 |
+ cl_finish_hash(sha256, hsha256); |
|
818 | 816 |
fail_unless(!memcmp (hsha256, res256[2], sizeof (hsha256)), "sha256 test vector #3 failed"); |
819 | 817 |
} |
820 | 818 |
END_TEST |