Browse code
Provide further abstractions to the OpenSSL integration work
Shawn Webb authored on 2014/03/01 02:12:30Showing 20 changed files
- libclamav/7z/Xz.c
- libclamav/7z/Xz.h
- libclamav/7z/XzDec.c
- libclamav/asn1.c
- libclamav/cache.c
- libclamav/crypto.c
- libclamav/crypto.h
- libclamav/cvd.c
- libclamav/cvd.h
- libclamav/dsig.c
- libclamav/hostid.c
- libclamav/libclamav.map
- libclamav/matcher.c
- libclamav/others.c
- libclamav/pe.c
- libclamav/phishcheck.c
- libclamav/readdb.c
- libclamav/xar.c
- sigtool/sigtool.c
- unit_tests/check_clamav.c
| ... | ... |
@@ -59,9 +59,7 @@ void XzCheck_Init(CXzCheck *p, int mode) |
| 59 | 59 |
case XZ_CHECK_CRC32: p->crc = CRC_INIT_VAL; break; |
| 60 | 60 |
case XZ_CHECK_CRC64: p->crc64 = CRC64_INIT_VAL; break; |
| 61 | 61 |
case XZ_CHECK_SHA256: |
| 62 |
- p->sha = EVP_MD_CTX_create(); |
|
| 63 |
- if ((p->sha)) |
|
| 64 |
- EVP_DigestInit_ex(p->sha, EVP_sha256(), NULL); |
|
| 62 |
+ p->sha = cl_hash_init("sha256");
|
|
| 65 | 63 |
break; |
| 66 | 64 |
} |
| 67 | 65 |
} |
| ... | ... |
@@ -74,7 +72,7 @@ void XzCheck_Update(CXzCheck *p, const void *data, size_t size) |
| 74 | 74 |
case XZ_CHECK_CRC64: p->crc64 = Crc64Update(p->crc64, data, size); break; |
| 75 | 75 |
case XZ_CHECK_SHA256: |
| 76 | 76 |
if ((p->sha)) |
| 77 |
- EVP_DigestUpdate(p->sha, (const Byte *)data, size); |
|
| 77 |
+ cl_update_hash(p->sha, (const Byte *)data, size); |
|
| 78 | 78 |
break; |
| 79 | 79 |
} |
| 80 | 80 |
} |
| ... | ... |
@@ -98,8 +96,7 @@ int XzCheck_Final(CXzCheck *p, Byte *digest) |
| 98 | 98 |
if (!(p->sha)) |
| 99 | 99 |
return 0; |
| 100 | 100 |
|
| 101 |
- EVP_DigestFinal_ex(p->sha, digest, NULL); |
|
| 102 |
- EVP_MD_CTX_destroy(p->sha); |
|
| 101 |
+ cl_finish_hash(p->sha, digest); |
|
| 103 | 102 |
break; |
| 104 | 103 |
default: |
| 105 | 104 |
return 0; |
| ... | ... |
@@ -81,7 +81,7 @@ typedef struct |
| 81 | 81 |
int mode; |
| 82 | 82 |
UInt32 crc; |
| 83 | 83 |
UInt64 crc64; |
| 84 |
- EVP_MD_CTX *sha; |
|
| 84 |
+ void *sha; |
|
| 85 | 85 |
} CXzCheck; |
| 86 | 86 |
|
| 87 | 87 |
void XzCheck_Init(CXzCheck *p, int mode); |
| ... | ... |
@@ -217,7 +217,7 @@ typedef struct |
| 217 | 217 |
CMixCoder decoder; |
| 218 | 218 |
CXzBlock block; |
| 219 | 219 |
CXzCheck check; |
| 220 |
- EVP_MD_CTX *sha; |
|
| 220 |
+ void *sha; |
|
| 221 | 221 |
Byte shaDigest[SHA256_DIGEST_SIZE]; |
| 222 | 222 |
Byte buf[XZ_BLOCK_HEADER_SIZE_MAX]; |
| 223 | 223 |
} CXzUnpacker; |
| ... | ... |
@@ -652,7 +652,7 @@ SRes XzUnpacker_Code(CXzUnpacker *p, Byte *dest, SizeT *destLen, |
| 652 | 652 |
unsigned num = Xz_WriteVarInt(temp, p->packSize + p->blockHeaderSize + XzFlags_GetCheckSize(p->streamFlags)); |
| 653 | 653 |
num += Xz_WriteVarInt(temp + num, p->unpackSize); |
| 654 | 654 |
if ((p->sha)) |
| 655 |
- EVP_DigestUpdate(p->sha, temp, num); |
|
| 655 |
+ cl_update_hash(p->sha, temp, num); |
|
| 656 | 656 |
p->indexSize += num; |
| 657 | 657 |
p->numBlocks++; |
| 658 | 658 |
|
| ... | ... |
@@ -687,9 +687,7 @@ SRes XzUnpacker_Code(CXzUnpacker *p, Byte *dest, SizeT *destLen, |
| 687 | 687 |
{
|
| 688 | 688 |
RINOK(Xz_ParseHeader(&p->streamFlags, p->buf)); |
| 689 | 689 |
p->state = XZ_STATE_BLOCK_HEADER; |
| 690 |
- p->sha = EVP_MD_CTX_create(); |
|
| 691 |
- if ((p->sha)) |
|
| 692 |
- EVP_DigestInit_ex(p->sha, EVP_sha256(), NULL); |
|
| 690 |
+ p->sha = cl_hash_init("sha256");
|
|
| 693 | 691 |
p->indexSize = 0; |
| 694 | 692 |
p->numBlocks = 0; |
| 695 | 693 |
p->pos = 0; |
| ... | ... |
@@ -709,11 +707,8 @@ SRes XzUnpacker_Code(CXzUnpacker *p, Byte *dest, SizeT *destLen, |
| 709 | 709 |
p->indexPos = p->indexPreSize; |
| 710 | 710 |
p->indexSize += p->indexPreSize; |
| 711 | 711 |
if ((p->sha)) {
|
| 712 |
- EVP_DigestFinal_ex(p->sha, p->shaDigest, NULL); |
|
| 713 |
- EVP_MD_CTX_destroy(p->sha); |
|
| 714 |
- p->sha = EVP_MD_CTX_create(); |
|
| 715 |
- if ((p->sha)) |
|
| 716 |
- EVP_DigestInit_ex(p->sha, EVP_sha256(), NULL); |
|
| 712 |
+ cl_finish_hash(p->sha, p->shaDigest); |
|
| 713 |
+ p->sha = cl_hash_init("sha256");
|
|
| 717 | 714 |
} |
| 718 | 715 |
p->crc = CrcUpdate(CRC_INIT_VAL, p->buf, p->indexPreSize); |
| 719 | 716 |
p->state = XZ_STATE_STREAM_INDEX; |
| ... | ... |
@@ -793,7 +788,7 @@ SRes XzUnpacker_Code(CXzUnpacker *p, Byte *dest, SizeT *destLen, |
| 793 | 793 |
srcRem = (SizeT)cur; |
| 794 | 794 |
p->crc = CrcUpdate(p->crc, src, srcRem); |
| 795 | 795 |
if ((p->sha)) |
| 796 |
- EVP_DigestUpdate(p->sha, src, srcRem); |
|
| 796 |
+ cl_update_hash(p->sha, src, srcRem); |
|
| 797 | 797 |
(*srcLen) += srcRem; |
| 798 | 798 |
src += srcRem; |
| 799 | 799 |
p->indexPos += srcRem; |
| ... | ... |
@@ -814,10 +809,8 @@ SRes XzUnpacker_Code(CXzUnpacker *p, Byte *dest, SizeT *destLen, |
| 814 | 814 |
p->state = XZ_STATE_STREAM_INDEX_CRC; |
| 815 | 815 |
p->indexSize += 4; |
| 816 | 816 |
p->pos = 0; |
| 817 |
- if ((p->sha)) {
|
|
| 818 |
- EVP_DigestFinal_ex(p->sha, digest, NULL); |
|
| 819 |
- EVP_MD_CTX_destroy(p->sha); |
|
| 820 |
- } |
|
| 817 |
+ if ((p->sha)) |
|
| 818 |
+ cl_finish_hash(p->sha, digest); |
|
| 821 | 819 |
|
| 822 | 820 |
if (memcmp(digest, p->shaDigest, SHA256_DIGEST_SIZE) != 0) |
| 823 | 821 |
return SZ_ERROR_CRC; |
| ... | ... |
@@ -752,7 +752,7 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg |
| 752 | 752 |
unsigned int dsize, message_size, attrs_size; |
| 753 | 753 |
cli_crt_hashtype hashtype; |
| 754 | 754 |
cli_crt *x509; |
| 755 |
- EVP_MD_CTX *ctx; |
|
| 755 |
+ void *ctx; |
|
| 756 | 756 |
int result; |
| 757 | 757 |
int isBlacklisted = 0; |
| 758 | 758 |
|
| ... | ... |
@@ -1042,15 +1042,13 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg |
| 1042 | 1042 |
break; |
| 1043 | 1043 |
} |
| 1044 | 1044 |
|
| 1045 |
- ctx = EVP_MD_CTX_create(); |
|
| 1045 |
+ ctx = cl_hash_init("sha1");
|
|
| 1046 | 1046 |
if (!(ctx)) |
| 1047 | 1047 |
break; |
| 1048 | 1048 |
|
| 1049 |
- EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); |
|
| 1050 |
- EVP_DigestUpdate(ctx, "\x31", 1); |
|
| 1051 |
- EVP_DigestUpdate(ctx, attrs + 1, attrs_size - 1); |
|
| 1052 |
- EVP_DigestFinal_ex(ctx, sha1, NULL); |
|
| 1053 |
- EVP_MD_CTX_destroy(ctx); |
|
| 1049 |
+ cl_update_hash(ctx, "\x31", 1); |
|
| 1050 |
+ cl_update_hash(ctx, attrs + 1, attrs_size - 1); |
|
| 1051 |
+ cl_finish_hash(ctx, sha1); |
|
| 1054 | 1052 |
|
| 1055 | 1053 |
if(!fmap_need_ptr_once(map, asn1.content, asn1.size)) {
|
| 1056 | 1054 |
cli_dbgmsg("asn1_parse_mscat: failed to read encryptedDigest\n");
|
| ... | ... |
@@ -1288,25 +1286,21 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg |
| 1288 | 1288 |
} |
| 1289 | 1289 |
|
| 1290 | 1290 |
if(hashtype == CLI_SHA1RSA) {
|
| 1291 |
- ctx = EVP_MD_CTX_create(); |
|
| 1291 |
+ ctx = cl_hash_init("sha1");
|
|
| 1292 | 1292 |
if (!(ctx)) |
| 1293 | 1293 |
break; |
| 1294 | 1294 |
|
| 1295 |
- EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); |
|
| 1296 |
- EVP_DigestUpdate(ctx, "\x31", 1); |
|
| 1297 |
- EVP_DigestUpdate(ctx, attrs + 1, attrs_size - 1); |
|
| 1298 |
- EVP_DigestFinal_ex(ctx, sha1, NULL); |
|
| 1299 |
- EVP_MD_CTX_destroy(ctx); |
|
| 1295 |
+ cl_update_hash(ctx, "\x31", 1); |
|
| 1296 |
+ cl_update_hash(ctx, attrs + 1, attrs_size - 1); |
|
| 1297 |
+ cl_finish_hash(ctx, sha1); |
|
| 1300 | 1298 |
} else {
|
| 1301 |
- ctx = EVP_MD_CTX_create(); |
|
| 1299 |
+ ctx = cl_hash_init("md5");
|
|
| 1302 | 1300 |
if (!(ctx)) |
| 1303 | 1301 |
break; |
| 1304 | 1302 |
|
| 1305 |
- EVP_DigestInit_ex(ctx, EVP_md5(), NULL); |
|
| 1306 |
- EVP_DigestUpdate(ctx, "\x31", 1); |
|
| 1307 |
- EVP_DigestUpdate(ctx, attrs + 1, attrs_size - 1); |
|
| 1308 |
- EVP_DigestFinal_ex(ctx, sha1, NULL); |
|
| 1309 |
- EVP_MD_CTX_destroy(ctx); |
|
| 1303 |
+ cl_update_hash(ctx, "\x31", 1); |
|
| 1304 |
+ cl_update_hash(ctx, attrs + 1, attrs_size - 1); |
|
| 1305 |
+ cl_finish_hash(ctx, sha1); |
|
| 1310 | 1306 |
} |
| 1311 | 1307 |
|
| 1312 | 1308 |
if(!fmap_need_ptr_once(map, asn1.content, asn1.size)) {
|
| ... | ... |
@@ -905,7 +905,7 @@ void cache_remove(unsigned char *md5, size_t size, const struct cl_engine *engin |
| 905 | 905 |
int cache_check(unsigned char *hash, cli_ctx *ctx) {
|
| 906 | 906 |
fmap_t *map; |
| 907 | 907 |
size_t todo, at = 0; |
| 908 |
- EVP_MD_CTX *hashctx; |
|
| 908 |
+ void *hashctx; |
|
| 909 | 909 |
int ret; |
| 910 | 910 |
|
| 911 | 911 |
if(!ctx || !ctx->engine || !ctx->engine->cache) |
| ... | ... |
@@ -919,30 +919,31 @@ int cache_check(unsigned char *hash, cli_ctx *ctx) {
|
| 919 | 919 |
map = *ctx->fmap; |
| 920 | 920 |
todo = map->len; |
| 921 | 921 |
|
| 922 |
- hashctx = EVP_MD_CTX_create(); |
|
| 922 |
+ hashctx = cl_hash_init("md5");
|
|
| 923 | 923 |
if (!(hashctx)) |
| 924 | 924 |
return CL_VIRUS; |
| 925 | 925 |
|
| 926 |
- EVP_DigestInit_ex(hashctx, EVP_md5(), NULL); |
|
| 927 | 926 |
|
| 928 | 927 |
while(todo) {
|
| 929 | 928 |
const void *buf; |
| 930 | 929 |
size_t readme = todo < FILEBUFF ? todo : FILEBUFF; |
| 931 | 930 |
|
| 932 |
- if(!(buf = fmap_need_off_once(map, at, readme))) |
|
| 931 |
+ if(!(buf = fmap_need_off_once(map, at, readme))) {
|
|
| 932 |
+ cl_hash_destroy(hashctx); |
|
| 933 | 933 |
return CL_EREAD; |
| 934 |
+ } |
|
| 934 | 935 |
|
| 935 | 936 |
todo -= readme; |
| 936 | 937 |
at += readme; |
| 937 | 938 |
|
| 938 |
- if (!EVP_DigestUpdate(hashctx, buf, readme)) {
|
|
| 939 |
+ if (cl_update_hash(hashctx, buf, readme)) {
|
|
| 940 |
+ cl_hash_destroy(hashctx); |
|
| 939 | 941 |
cli_errmsg("cache_check: error reading while generating hash!\n");
|
| 940 | 942 |
return CL_EREAD; |
| 941 | 943 |
} |
| 942 | 944 |
} |
| 943 | 945 |
|
| 944 |
- EVP_DigestFinal_ex(hashctx, hash, NULL); |
|
| 945 |
- EVP_MD_CTX_destroy(hashctx); |
|
| 946 |
+ cl_finish_hash(hashctx, hash); |
|
| 946 | 947 |
|
| 947 | 948 |
ret = cache_lookup_hash(hash, map->len, ctx->engine->cache, ctx->recursion); |
| 948 | 949 |
cli_dbgmsg("cache_check: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x is %s\n", hash[0], hash[1], hash[2], hash[3], hash[4], hash[5], hash[6], hash[7], hash[8], hash[9], hash[10], hash[11], hash[12], hash[13], hash[14], hash[15], (ret == CL_VIRUS) ? "negative" : "positive");
|
| ... | ... |
@@ -1017,3 +1017,59 @@ X509_CRL *cl_load_crl(const char *file) |
| 1017 | 1017 |
|
| 1018 | 1018 |
return x; |
| 1019 | 1019 |
} |
| 1020 |
+ |
|
| 1021 |
+void *cl_hash_init(const char *alg) |
|
| 1022 |
+{
|
|
| 1023 |
+ EVP_MD_CTX *ctx; |
|
| 1024 |
+ const EVP_MD *md; |
|
| 1025 |
+ |
|
| 1026 |
+ md = EVP_get_digestbyname(alg); |
|
| 1027 |
+ if (!(md)) |
|
| 1028 |
+ return NULL; |
|
| 1029 |
+ |
|
| 1030 |
+ ctx = EVP_MD_CTX_create(); |
|
| 1031 |
+ if (!(ctx)) {
|
|
| 1032 |
+ return NULL; |
|
| 1033 |
+ } |
|
| 1034 |
+ |
|
| 1035 |
+ if (!EVP_DigestInit_ex(ctx, md, NULL)) {
|
|
| 1036 |
+ EVP_MD_CTX_destroy(ctx); |
|
| 1037 |
+ return NULL; |
|
| 1038 |
+ } |
|
| 1039 |
+ |
|
| 1040 |
+ return (void *)ctx; |
|
| 1041 |
+} |
|
| 1042 |
+ |
|
| 1043 |
+int cl_update_hash(void *ctx, void *data, size_t sz) |
|
| 1044 |
+{
|
|
| 1045 |
+ if (!(ctx) || !(data)) |
|
| 1046 |
+ return -1; |
|
| 1047 |
+ |
|
| 1048 |
+ if (!EVP_DigestUpdate((EVP_MD_CTX *)ctx, data, sz)) |
|
| 1049 |
+ return -1; |
|
| 1050 |
+ |
|
| 1051 |
+ return 0; |
|
| 1052 |
+} |
|
| 1053 |
+ |
|
| 1054 |
+int cl_finish_hash(void *ctx, void *buf) |
|
| 1055 |
+{
|
|
| 1056 |
+ int res=0; |
|
| 1057 |
+ |
|
| 1058 |
+ if (!(ctx) || !(buf)) |
|
| 1059 |
+ return -1; |
|
| 1060 |
+ |
|
| 1061 |
+ if (!EVP_DigestFinal_ex((EVP_MD_CTX *)ctx, (unsigned char *)buf, NULL)) |
|
| 1062 |
+ res = -1; |
|
| 1063 |
+ |
|
| 1064 |
+ EVP_MD_CTX_destroy((EVP_MD_CTX *)ctx); |
|
| 1065 |
+ |
|
| 1066 |
+ return res; |
|
| 1067 |
+} |
|
| 1068 |
+ |
|
| 1069 |
+void cl_hash_destroy(void *ctx) |
|
| 1070 |
+{
|
|
| 1071 |
+ if (!(ctx)) |
|
| 1072 |
+ return; |
|
| 1073 |
+ |
|
| 1074 |
+ EVP_MD_CTX_destroy((EVP_MD_CTX *)ctx); |
|
| 1075 |
+} |
| ... | ... |
@@ -270,6 +270,11 @@ unsigned char *cl_sign_file_fp(FILE *fp, EVP_PKEY *pkey, char *alg, unsigned int |
| 270 | 270 |
*/ |
| 271 | 271 |
EVP_PKEY *cl_get_pkey_file(char *keypath); |
| 272 | 272 |
|
| 273 |
+void *cl_hash_init(const char *alg); |
|
| 274 |
+int cl_update_hash(void *ctx, void *data, size_t sz); |
|
| 275 |
+int cl_finish_hash(void *ctx, void *buf); |
|
| 276 |
+void cl_hash_destroy(void *ctx); |
|
| 277 |
+ |
|
| 273 | 278 |
/** |
| 274 | 279 |
* @} |
| 275 | 280 |
*/ |
| ... | ... |
@@ -199,7 +199,7 @@ static void cli_tgzload_cleanup(int comp, struct cli_dbio *dbio, int fdd) |
| 199 | 199 |
} |
| 200 | 200 |
|
| 201 | 201 |
if (dbio->hashctx) {
|
| 202 |
- EVP_MD_CTX_destroy(dbio->hashctx); |
|
| 202 |
+ cl_hash_destroy(dbio->hashctx); |
|
| 203 | 203 |
dbio->hashctx = NULL; |
| 204 | 204 |
} |
| 205 | 205 |
} |
| ... | ... |
@@ -321,12 +321,11 @@ static int cli_tgzload(int fd, struct cl_engine *engine, unsigned int *signo, un |
| 321 | 321 |
dbio->bufpt = NULL; |
| 322 | 322 |
dbio->readpt = dbio->buf; |
| 323 | 323 |
if (!(dbio->hashctx)) {
|
| 324 |
- dbio->hashctx = EVP_MD_CTX_create(); |
|
| 324 |
+ dbio->hashctx = cl_hash_init("sha256");
|
|
| 325 | 325 |
if (!(dbio->hashctx)) {
|
| 326 | 326 |
cli_tgzload_cleanup(compr, dbio, fdd); |
| 327 | 327 |
return CL_EMALFDB; |
| 328 | 328 |
} |
| 329 |
- EVP_DigestInit_ex(dbio->hashctx, EVP_sha256(), NULL); |
|
| 330 | 329 |
} |
| 331 | 330 |
dbio->bread = 0; |
| 332 | 331 |
|
| ... | ... |
@@ -361,8 +360,12 @@ static int cli_tgzload(int fd, struct cl_engine *engine, unsigned int *signo, un |
| 361 | 361 |
cli_tgzload_cleanup(compr, dbio, fdd); |
| 362 | 362 |
return CL_EMALFDB; |
| 363 | 363 |
} |
| 364 |
- EVP_DigestFinal_ex(dbio->hashctx, hash, NULL); |
|
| 365 |
- EVP_DigestInit_ex(dbio->hashctx, EVP_sha256(), NULL); |
|
| 364 |
+ cl_finish_hash(dbio->hashctx, hash); |
|
| 365 |
+ dbio->hashctx = cl_hash_init("sha256");
|
|
| 366 |
+ if (!(dbio->hashctx)) {
|
|
| 367 |
+ cli_tgzload_cleanup(compr, dbio, fdd); |
|
| 368 |
+ return CL_EMALFDB; |
|
| 369 |
+ } |
|
| 366 | 370 |
if(memcmp(db->hash, hash, 32)) {
|
| 367 | 371 |
cli_errmsg("cli_tgzload: Invalid checksum for file %s\n", name);
|
| 368 | 372 |
cli_tgzload_cleanup(compr, dbio, fdd); |
| ... | ... |
@@ -32,7 +32,7 @@ struct cli_dbio {
|
| 32 | 32 |
char *buf, *bufpt, *readpt; |
| 33 | 33 |
unsigned int usebuf, bufsize, readsize; |
| 34 | 34 |
unsigned int chkonly; |
| 35 |
- EVP_MD_CTX *hashctx; |
|
| 35 |
+ void *hashctx; |
|
| 36 | 36 |
}; |
| 37 | 37 |
|
| 38 | 38 |
int cli_cvdload(FILE *fs, struct cl_engine *engine, unsigned int *signo, unsigned int options, unsigned int dbtype, const char *filename, unsigned int chkonly); |
| ... | ... |
@@ -158,7 +158,7 @@ int cli_versig2(const unsigned char *sha256, const char *dsig_str, const char *n |
| 158 | 158 |
unsigned char *decoded, digest1[HASH_LEN], digest2[HASH_LEN], digest3[HASH_LEN], *salt; |
| 159 | 159 |
unsigned char mask[BLK_LEN], data[BLK_LEN], final[8 + 2 * HASH_LEN], c[4]; |
| 160 | 160 |
unsigned int i, rounds; |
| 161 |
- EVP_MD_CTX *ctx; |
|
| 161 |
+ void *ctx; |
|
| 162 | 162 |
mp_int n, e; |
| 163 | 163 |
|
| 164 | 164 |
mp_init(&e); |
| ... | ... |
@@ -187,15 +187,13 @@ int cli_versig2(const unsigned char *sha256, const char *dsig_str, const char *n |
| 187 | 187 |
c[2] = (unsigned char) (i / 256); |
| 188 | 188 |
c[3] = (unsigned char) i; |
| 189 | 189 |
|
| 190 |
- ctx = EVP_MD_CTX_create(); |
|
| 190 |
+ ctx = cl_hash_init("sha256");
|
|
| 191 | 191 |
if (!(ctx)) |
| 192 | 192 |
return CL_EMEM; |
| 193 | 193 |
|
| 194 |
- EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); |
|
| 195 |
- EVP_DigestUpdate(ctx, digest2, HASH_LEN); |
|
| 196 |
- EVP_DigestUpdate(ctx, c, 4); |
|
| 197 |
- EVP_DigestFinal_ex(ctx, digest3, NULL); |
|
| 198 |
- EVP_MD_CTX_destroy(ctx); |
|
| 194 |
+ cl_update_hash(ctx, digest2, HASH_LEN); |
|
| 195 |
+ cl_update_hash(ctx, c, 4); |
|
| 196 |
+ cl_finish_hash(ctx, digest3); |
|
| 199 | 197 |
if(i + 1 == rounds) |
| 200 | 198 |
memcpy(&data[i * 32], digest3, BLK_LEN - i * HASH_LEN); |
| 201 | 199 |
else |
| ... | ... |
@@ -217,14 +215,12 @@ int cli_versig2(const unsigned char *sha256, const char *dsig_str, const char *n |
| 217 | 217 |
memcpy(&final[8], sha256, HASH_LEN); |
| 218 | 218 |
memcpy(&final[8 + HASH_LEN], salt, SALT_LEN); |
| 219 | 219 |
|
| 220 |
- ctx = EVP_MD_CTX_create(); |
|
| 220 |
+ ctx = cl_hash_init("sha256");
|
|
| 221 | 221 |
if (!(ctx)) |
| 222 | 222 |
return CL_EMEM; |
| 223 | 223 |
|
| 224 |
- EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); |
|
| 225 |
- EVP_DigestUpdate(ctx, final, sizeof(final)); |
|
| 226 |
- EVP_DigestFinal_ex(ctx, digest1, NULL); |
|
| 227 |
- EVP_MD_CTX_destroy(ctx); |
|
| 224 |
+ cl_update_hash(ctx, final, sizeof(final)); |
|
| 225 |
+ cl_finish_hash(ctx, digest1); |
|
| 228 | 226 |
|
| 229 | 227 |
return memcmp(digest1, digest2, HASH_LEN) ? CL_EVERIFY : CL_SUCCESS; |
| 230 | 228 |
} |
| ... | ... |
@@ -244,7 +244,7 @@ char *internal_get_host_id(void) |
| 244 | 244 |
unsigned char raw_md5[16]; |
| 245 | 245 |
char *printable_md5; |
| 246 | 246 |
struct device *devices; |
| 247 |
- EVP_MD_CTX *ctx; |
|
| 247 |
+ void *ctx; |
|
| 248 | 248 |
|
| 249 | 249 |
devices = get_devices(); |
| 250 | 250 |
if (!(devices)) |
| ... | ... |
@@ -256,7 +256,7 @@ char *internal_get_host_id(void) |
| 256 | 256 |
return NULL; |
| 257 | 257 |
} |
| 258 | 258 |
|
| 259 |
- ctx = EVP_MD_CTX_create(); |
|
| 259 |
+ ctx = cl_hash_init("md5");
|
|
| 260 | 260 |
if (!(ctx)) {
|
| 261 | 261 |
for (i=0; devices[i].name != NULL; i++) |
| 262 | 262 |
free(devices[i].name); |
| ... | ... |
@@ -267,12 +267,10 @@ char *internal_get_host_id(void) |
| 267 | 267 |
return NULL; |
| 268 | 268 |
} |
| 269 | 269 |
|
| 270 |
- EVP_DigestInit_ex(ctx, EVP_md5(), NULL); |
|
| 271 | 270 |
for (i=0; devices[i].name != NULL; i++) |
| 272 |
- EVP_DigestUpdate(ctx, devices[i].mac, sizeof(devices[i].mac)); |
|
| 271 |
+ cl_update_hash(ctx, devices[i].mac, sizeof(devices[i].mac)); |
|
| 273 | 272 |
|
| 274 |
- EVP_DigestFinal_ex(ctx, raw_md5, NULL); |
|
| 275 |
- EVP_MD_CTX_destroy(ctx); |
|
| 273 |
+ cl_finish_hash(ctx, raw_md5); |
|
| 276 | 274 |
|
| 277 | 275 |
for (i=0; devices[i].name != NULL; i++) |
| 278 | 276 |
free(devices[i].name); |
| ... | ... |
@@ -721,42 +721,30 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
| 721 | 721 |
const char *virname = NULL; |
| 722 | 722 |
uint32_t viroffset = 0; |
| 723 | 723 |
uint32_t viruses_found = 0; |
| 724 |
- EVP_MD_CTX *md5ctx, *sha1ctx, *sha256ctx; |
|
| 724 |
+ void *md5ctx, *sha1ctx, *sha256ctx; |
|
| 725 | 725 |
|
| 726 | 726 |
if(!ctx->engine) {
|
| 727 | 727 |
cli_errmsg("cli_scandesc: engine == NULL\n");
|
| 728 | 728 |
return CL_ENULLARG; |
| 729 | 729 |
} |
| 730 | 730 |
|
| 731 |
- md5ctx = EVP_MD_CTX_create(); |
|
| 731 |
+ md5ctx = cl_hash_init("md5");
|
|
| 732 | 732 |
if (!(md5ctx)) |
| 733 | 733 |
return CL_EMEM; |
| 734 | 734 |
|
| 735 |
- sha1ctx = EVP_MD_CTX_create(); |
|
| 735 |
+ sha1ctx = cl_hash_init("sha1");
|
|
| 736 | 736 |
if (!(sha1ctx)) {
|
| 737 |
- EVP_MD_CTX_destroy(md5ctx); |
|
| 737 |
+ cl_hash_destroy(md5ctx); |
|
| 738 | 738 |
return CL_EMEM; |
| 739 | 739 |
} |
| 740 | 740 |
|
| 741 |
- sha256ctx = EVP_MD_CTX_create(); |
|
| 741 |
+ sha256ctx = cl_hash_init("sha256");
|
|
| 742 | 742 |
if (!(sha256ctx)) {
|
| 743 |
- EVP_MD_CTX_destroy(md5ctx); |
|
| 744 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
| 743 |
+ cl_hash_destroy(md5ctx); |
|
| 744 |
+ cl_hash_destroy(sha1ctx); |
|
| 745 | 745 |
return CL_EMEM; |
| 746 | 746 |
} |
| 747 | 747 |
|
| 748 |
- if (!EVP_DigestInit_ex(md5ctx, EVP_md5(), NULL)) {
|
|
| 749 |
- return CL_CLEAN; |
|
| 750 |
- } |
|
| 751 |
- |
|
| 752 |
- if (!EVP_DigestInit_ex(sha1ctx, EVP_sha1(), NULL)) {
|
|
| 753 |
- return CL_CLEAN; |
|
| 754 |
- } |
|
| 755 |
- |
|
| 756 |
- if (!EVP_DigestInit_ex(sha256ctx, EVP_sha256(), NULL)) {
|
|
| 757 |
- return CL_CLEAN; |
|
| 758 |
- } |
|
| 759 |
- |
|
| 760 | 748 |
if(!ftonly) |
| 761 | 749 |
groot = ctx->engine->root[0]; /* generic signatures */ |
| 762 | 750 |
|
| ... | ... |
@@ -774,9 +762,9 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
| 774 | 774 |
|
| 775 | 775 |
if(ftonly) {
|
| 776 | 776 |
if(!troot) {
|
| 777 |
- EVP_MD_CTX_destroy(md5ctx); |
|
| 778 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
| 779 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
| 777 |
+ cl_hash_destroy(md5ctx); |
|
| 778 |
+ cl_hash_destroy(sha1ctx); |
|
| 779 |
+ cl_hash_destroy(sha256ctx); |
|
| 780 | 780 |
return CL_CLEAN; |
| 781 | 781 |
} |
| 782 | 782 |
|
| ... | ... |
@@ -796,9 +784,9 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
| 796 | 796 |
free(info.exeinfo.section); |
| 797 | 797 |
|
| 798 | 798 |
cli_hashset_destroy(&info.exeinfo.vinfo); |
| 799 |
- EVP_MD_CTX_destroy(md5ctx); |
|
| 800 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
| 801 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
| 799 |
+ cl_hash_destroy(md5ctx); |
|
| 800 |
+ cl_hash_destroy(sha1ctx); |
|
| 801 |
+ cl_hash_destroy(sha256ctx); |
|
| 802 | 802 |
return ret; |
| 803 | 803 |
} |
| 804 | 804 |
} |
| ... | ... |
@@ -811,9 +799,9 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
| 811 | 811 |
free(info.exeinfo.section); |
| 812 | 812 |
|
| 813 | 813 |
cli_hashset_destroy(&info.exeinfo.vinfo); |
| 814 |
- EVP_MD_CTX_destroy(md5ctx); |
|
| 815 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
| 816 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
| 814 |
+ cl_hash_destroy(md5ctx); |
|
| 815 |
+ cl_hash_destroy(sha1ctx); |
|
| 816 |
+ cl_hash_destroy(sha256ctx); |
|
| 817 | 817 |
return ret; |
| 818 | 818 |
} |
| 819 | 819 |
if(troot->bm_offmode) {
|
| ... | ... |
@@ -827,9 +815,9 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
| 827 | 827 |
free(info.exeinfo.section); |
| 828 | 828 |
|
| 829 | 829 |
cli_hashset_destroy(&info.exeinfo.vinfo); |
| 830 |
- EVP_MD_CTX_destroy(md5ctx); |
|
| 831 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
| 832 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
| 830 |
+ cl_hash_destroy(md5ctx); |
|
| 831 |
+ cl_hash_destroy(sha1ctx); |
|
| 832 |
+ cl_hash_destroy(sha256ctx); |
|
| 833 | 833 |
return ret; |
| 834 | 834 |
} |
| 835 | 835 |
|
| ... | ... |
@@ -896,9 +884,9 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
| 896 | 896 |
free(info.exeinfo.section); |
| 897 | 897 |
|
| 898 | 898 |
cli_hashset_destroy(&info.exeinfo.vinfo); |
| 899 |
- EVP_MD_CTX_destroy(md5ctx); |
|
| 900 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
| 901 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
| 899 |
+ cl_hash_destroy(md5ctx); |
|
| 900 |
+ cl_hash_destroy(sha1ctx); |
|
| 901 |
+ cl_hash_destroy(sha256ctx); |
|
| 902 | 902 |
return ret; |
| 903 | 903 |
} |
| 904 | 904 |
} |
| ... | ... |
@@ -935,11 +923,11 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
| 935 | 935 |
uint32_t data_len = bytes - maxpatlen * (offset!=0); |
| 936 | 936 |
|
| 937 | 937 |
if(compute_hash[CLI_HASH_MD5]) |
| 938 |
- EVP_DigestUpdate(md5ctx, data, data_len); |
|
| 938 |
+ cl_update_hash(md5ctx, data, data_len); |
|
| 939 | 939 |
if(compute_hash[CLI_HASH_SHA1]) |
| 940 |
- EVP_DigestUpdate(sha1ctx, data, data_len); |
|
| 940 |
+ cl_update_hash(sha1ctx, data, data_len); |
|
| 941 | 941 |
if(compute_hash[CLI_HASH_SHA256]) |
| 942 |
- EVP_DigestUpdate(sha256ctx, data, data_len); |
|
| 942 |
+ cl_update_hash(sha256ctx, data, data_len); |
|
| 943 | 943 |
} |
| 944 | 944 |
} |
| 945 | 945 |
|
| ... | ... |
@@ -958,15 +946,18 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
| 958 | 958 |
enum CLI_HASH_TYPE hashtype, hashtype2; |
| 959 | 959 |
|
| 960 | 960 |
if(compute_hash[CLI_HASH_MD5]) {
|
| 961 |
- EVP_DigestFinal_ex(md5ctx, digest[CLI_HASH_MD5], NULL); |
|
| 961 |
+ cl_finish_hash(md5ctx, digest[CLI_HASH_MD5]); |
|
| 962 |
+ md5ctx = NULL; |
|
| 962 | 963 |
} |
| 963 | 964 |
if(refhash) |
| 964 | 965 |
compute_hash[CLI_HASH_MD5] = 1; |
| 965 | 966 |
if(compute_hash[CLI_HASH_SHA1]) {
|
| 966 |
- EVP_DigestFinal_ex(sha1ctx, digest[CLI_HASH_SHA1], NULL); |
|
| 967 |
+ cl_finish_hash(sha1ctx, digest[CLI_HASH_SHA1]); |
|
| 968 |
+ sha1ctx = NULL; |
|
| 967 | 969 |
} |
| 968 | 970 |
if(compute_hash[CLI_HASH_SHA256]) {
|
| 969 |
- EVP_DigestFinal_ex(sha256ctx, digest[CLI_HASH_SHA256], NULL); |
|
| 971 |
+ cl_finish_hash(sha256ctx, digest[CLI_HASH_SHA256]); |
|
| 972 |
+ sha256ctx = NULL; |
|
| 970 | 973 |
} |
| 971 | 974 |
|
| 972 | 975 |
virname = NULL; |
| ... | ... |
@@ -1024,9 +1015,9 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
| 1024 | 1024 |
} |
| 1025 | 1025 |
} |
| 1026 | 1026 |
|
| 1027 |
- EVP_MD_CTX_destroy(md5ctx); |
|
| 1028 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
| 1029 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
| 1027 |
+ cl_hash_destroy(md5ctx); |
|
| 1028 |
+ cl_hash_destroy(sha1ctx); |
|
| 1029 |
+ cl_hash_destroy(sha256ctx); |
|
| 1030 | 1030 |
|
| 1031 | 1031 |
if(troot) {
|
| 1032 | 1032 |
if(ret != CL_VIRUS || SCAN_ALL) |
| ... | ... |
@@ -880,25 +880,33 @@ char *cli_hashstream(FILE *fs, unsigned char *digcpy, int type) |
| 880 | 880 |
unsigned char digest[32]; |
| 881 | 881 |
char buff[FILEBUFF]; |
| 882 | 882 |
char *hashstr, *pt; |
| 883 |
+ const char *alg=NULL; |
|
| 883 | 884 |
int i, bytes, size; |
| 884 |
- EVP_MD_CTX *ctx; |
|
| 885 |
+ void *ctx; |
|
| 886 |
+ |
|
| 887 |
+ switch (type) {
|
|
| 888 |
+ case 1: |
|
| 889 |
+ alg = "md5"; |
|
| 890 |
+ size = 16; |
|
| 891 |
+ break; |
|
| 892 |
+ case 2: |
|
| 893 |
+ alg = "sha1"; |
|
| 894 |
+ size = 20; |
|
| 895 |
+ break; |
|
| 896 |
+ default: |
|
| 897 |
+ alg = "sha256"; |
|
| 898 |
+ size = 32; |
|
| 899 |
+ break; |
|
| 900 |
+ } |
|
| 885 | 901 |
|
| 886 |
- ctx = EVP_MD_CTX_create(); |
|
| 902 |
+ ctx = cl_hash_init(alg); |
|
| 887 | 903 |
if (!(ctx)) |
| 888 | 904 |
return NULL; |
| 889 | 905 |
|
| 890 |
- if(type == 1) |
|
| 891 |
- EVP_DigestInit_ex(ctx, EVP_md5(), NULL); |
|
| 892 |
- else if(type == 2) |
|
| 893 |
- EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); |
|
| 894 |
- else |
|
| 895 |
- EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); |
|
| 896 |
- |
|
| 897 | 906 |
while((bytes = fread(buff, 1, FILEBUFF, fs))) |
| 898 |
- EVP_DigestUpdate(ctx, buff, bytes); |
|
| 907 |
+ cl_update_hash(ctx, buff, bytes); |
|
| 899 | 908 |
|
| 900 |
- EVP_DigestFinal_ex(ctx, digest, &size); |
|
| 901 |
- EVP_MD_CTX_destroy(ctx); |
|
| 909 |
+ cl_finish_hash(ctx, digest); |
|
| 902 | 910 |
|
| 903 | 911 |
if(!(hashstr = (char *) cli_calloc(size*2 + 1, sizeof(char)))) |
| 904 | 912 |
return NULL; |
| ... | ... |
@@ -2800,7 +2800,7 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
| 2800 | 2800 |
struct cli_exe_section *exe_sections; |
| 2801 | 2801 |
struct pe_image_data_dir *dirs; |
| 2802 | 2802 |
fmap_t *map = *ctx->fmap; |
| 2803 |
- EVP_MD_CTX *hashctx=NULL; |
|
| 2803 |
+ void *hashctx=NULL; |
|
| 2804 | 2804 |
|
| 2805 | 2805 |
if (flags & CL_CHECKFP_PE_FLAG_STATS) |
| 2806 | 2806 |
if (!(hashes)) |
| ... | ... |
@@ -2927,13 +2927,11 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
| 2927 | 2927 |
} |
| 2928 | 2928 |
|
| 2929 | 2929 |
cli_qsort(exe_sections, nsections, sizeof(*exe_sections), sort_sects); |
| 2930 |
- hashctx = EVP_MD_CTX_create(); |
|
| 2930 |
+ hashctx = cl_hash_init("sha1");
|
|
| 2931 | 2931 |
if (!(hashctx)) {
|
| 2932 | 2932 |
if (flags & CL_CHECKFP_PE_FLAG_AUTHENTICODE) |
| 2933 | 2933 |
flags ^= CL_CHECKFP_PE_FLAG_AUTHENTICODE; |
| 2934 | 2934 |
} |
| 2935 |
- if (hashctx) |
|
| 2936 |
- EVP_DigestInit_ex(hashctx, EVP_sha1(), NULL); |
|
| 2937 | 2935 |
|
| 2938 | 2936 |
if (flags & CL_CHECKFP_PE_FLAG_AUTHENTICODE) {
|
| 2939 | 2937 |
/* Check to see if we have a security section. */ |
| ... | ... |
@@ -2943,7 +2941,7 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
| 2943 | 2943 |
flags ^= CL_CHECKFP_PE_FLAG_AUTHENTICODE; |
| 2944 | 2944 |
} else {
|
| 2945 | 2945 |
if (hashctx) |
| 2946 |
- EVP_MD_CTX_destroy(hashctx); |
|
| 2946 |
+ cl_hash_destroy(hashctx); |
|
| 2947 | 2947 |
return CL_BREAK; |
| 2948 | 2948 |
} |
| 2949 | 2949 |
} |
| ... | ... |
@@ -2956,19 +2954,17 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
| 2956 | 2956 |
if(!(hptr = fmap_need_off_once(map, where, size))){ \
|
| 2957 | 2957 |
free(exe_sections); \ |
| 2958 | 2958 |
if (hashctx) \ |
| 2959 |
- EVP_MD_CTX_destroy(hashctx); \ |
|
| 2959 |
+ cl_hash_destroy(hashctx); \ |
|
| 2960 | 2960 |
return CL_EFORMAT; \ |
| 2961 | 2961 |
} \ |
| 2962 | 2962 |
if (flags & CL_CHECKFP_PE_FLAG_AUTHENTICODE && hashctx) \ |
| 2963 |
- EVP_DigestUpdate(hashctx, hptr, size); \ |
|
| 2963 |
+ cl_update_hash(hashctx, hptr, size); \ |
|
| 2964 | 2964 |
if (isStatAble && flags & CL_CHECKFP_PE_FLAG_STATS) { \
|
| 2965 |
- EVP_MD_CTX *md5ctx; \ |
|
| 2966 |
- md5ctx = EVP_MD_CTX_create(); \ |
|
| 2965 |
+ void *md5ctx; \ |
|
| 2966 |
+ md5ctx = cl_hash_init("md5"); \
|
|
| 2967 | 2967 |
if (md5ctx) { \
|
| 2968 |
- EVP_DigestInit_ex(md5ctx, EVP_md5(), NULL); \ |
|
| 2969 |
- EVP_DigestUpdate(md5ctx, hptr, size); \ |
|
| 2970 |
- EVP_DigestFinal_ex(md5ctx, hashes->sections[section].md5, NULL); \ |
|
| 2971 |
- EVP_MD_CTX_destroy(md5ctx); \ |
|
| 2968 |
+ cl_update_hash(md5ctx, hptr, size); \ |
|
| 2969 |
+ cl_finish_hash(md5ctx, hashes->sections[section].md5); \ |
|
| 2972 | 2970 |
} \ |
| 2973 | 2971 |
} \ |
| 2974 | 2972 |
} while(0) |
| ... | ... |
@@ -2995,7 +2991,7 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
| 2995 | 2995 |
} else {
|
| 2996 | 2996 |
free(exe_sections); |
| 2997 | 2997 |
if (hashctx) |
| 2998 |
- EVP_MD_CTX_destroy(hashctx); |
|
| 2998 |
+ cl_hash_destroy(hashctx); |
|
| 2999 | 2999 |
return CL_EFORMAT; |
| 3000 | 3000 |
} |
| 3001 | 3001 |
} |
| ... | ... |
@@ -3028,7 +3024,7 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
| 3028 | 3028 |
} else {
|
| 3029 | 3029 |
free(exe_sections); |
| 3030 | 3030 |
if (hashctx) |
| 3031 |
- EVP_MD_CTX_destroy(hashctx); |
|
| 3031 |
+ cl_hash_destroy(hashctx); |
|
| 3032 | 3032 |
return CL_EFORMAT; |
| 3033 | 3033 |
} |
| 3034 | 3034 |
} |
| ... | ... |
@@ -3044,7 +3040,7 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
| 3044 | 3044 |
free(exe_sections); |
| 3045 | 3045 |
|
| 3046 | 3046 |
if (flags & CL_CHECKFP_PE_FLAG_AUTHENTICODE && hashctx) {
|
| 3047 |
- EVP_DigestFinal_ex(hashctx, authsha1, NULL); |
|
| 3047 |
+ cl_finish_hash(hashctx, authsha1); |
|
| 3048 | 3048 |
|
| 3049 | 3049 |
if(cli_debug_flag) {
|
| 3050 | 3050 |
char shatxt[SHA1_HASH_SIZE*2+1]; |
| ... | ... |
@@ -3059,11 +3055,10 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
| 3059 | 3059 |
|
| 3060 | 3060 |
hlen -= 8; |
| 3061 | 3061 |
|
| 3062 |
- EVP_MD_CTX_destroy(hashctx); |
|
| 3063 | 3062 |
return asn1_check_mscat((struct cl_engine *)(ctx->engine), map, at + 8, hlen, authsha1); |
| 3064 | 3063 |
} else {
|
| 3065 | 3064 |
if (hashctx) |
| 3066 |
- EVP_MD_CTX_destroy(hashctx); |
|
| 3065 |
+ cl_hash_destroy(hashctx); |
|
| 3067 | 3066 |
return CL_VIRUS; |
| 3068 | 3067 |
} |
| 3069 | 3068 |
} |
| ... | ... |
@@ -1202,17 +1202,15 @@ static int hash_match(const struct regex_matcher *rlist, const char *host, size_ |
| 1202 | 1202 |
unsigned char h[65]; |
| 1203 | 1203 |
unsigned char sha256_dig[32]; |
| 1204 | 1204 |
unsigned i; |
| 1205 |
- EVP_MD_CTX *sha256; |
|
| 1205 |
+ void *sha256; |
|
| 1206 | 1206 |
|
| 1207 |
- sha256 = EVP_MD_CTX_create(); |
|
| 1207 |
+ sha256 = cl_hash_init("sha256");
|
|
| 1208 | 1208 |
if (!(sha256)) |
| 1209 | 1209 |
return CL_EMEM; |
| 1210 | 1210 |
|
| 1211 |
- EVP_DigestInit_ex(sha256, EVP_sha256(), NULL); |
|
| 1212 |
- EVP_DigestUpdate(sha256, host, hlen); |
|
| 1213 |
- EVP_DigestUpdate(sha256, path, plen); |
|
| 1214 |
- EVP_DigestFinal_ex(sha256, sha256_dig, NULL); |
|
| 1215 |
- EVP_MD_CTX_destroy(sha256); |
|
| 1211 |
+ cl_update_hash(sha256, host, hlen); |
|
| 1212 |
+ cl_update_hash(sha256, path, plen); |
|
| 1213 |
+ cl_finish_hash(sha256, sha256_dig); |
|
| 1216 | 1214 |
|
| 1217 | 1215 |
for(i=0;i<32;i++) {
|
| 1218 | 1216 |
h[2*i] = hexchars[sha256_dig[i]>>4]; |
| ... | ... |
@@ -421,7 +421,7 @@ char *cli_dbgets(char *buff, unsigned int size, FILE *fs, struct cli_dbio *dbio) |
| 421 | 421 |
dbio->size -= bread; |
| 422 | 422 |
dbio->bread += bread; |
| 423 | 423 |
if (dbio->hashctx) |
| 424 |
- EVP_DigestUpdate(dbio->hashctx, dbio->readpt, bread); |
|
| 424 |
+ cl_update_hash(dbio->hashctx, dbio->readpt, bread); |
|
| 425 | 425 |
} |
| 426 | 426 |
if(dbio->chkonly && dbio->bufpt) {
|
| 427 | 427 |
dbio->bufpt = NULL; |
| ... | ... |
@@ -479,7 +479,7 @@ char *cli_dbgets(char *buff, unsigned int size, FILE *fs, struct cli_dbio *dbio) |
| 479 | 479 |
dbio->size -= bs; |
| 480 | 480 |
dbio->bread += bs; |
| 481 | 481 |
if (dbio->hashctx) |
| 482 |
- EVP_DigestUpdate(dbio->hashctx, buff, bs); |
|
| 482 |
+ cl_update_hash(dbio->hashctx, buff, bs); |
|
| 483 | 483 |
return pt; |
| 484 | 484 |
} |
| 485 | 485 |
} |
| ... | ... |
@@ -1733,7 +1733,7 @@ static int cli_loadinfo(FILE *fs, struct cl_engine *engine, unsigned int options |
| 1733 | 1733 |
unsigned char hash[32]; |
| 1734 | 1734 |
struct cli_dbinfo *last = NULL, *new; |
| 1735 | 1735 |
int ret = CL_SUCCESS, dsig = 0; |
| 1736 |
- EVP_MD_CTX *ctx; |
|
| 1736 |
+ void *ctx; |
|
| 1737 | 1737 |
|
| 1738 | 1738 |
|
| 1739 | 1739 |
if(!dbio) {
|
| ... | ... |
@@ -1741,18 +1741,15 @@ static int cli_loadinfo(FILE *fs, struct cl_engine *engine, unsigned int options |
| 1741 | 1741 |
return CL_EMALFDB; |
| 1742 | 1742 |
} |
| 1743 | 1743 |
|
| 1744 |
- ctx = EVP_MD_CTX_create(); |
|
| 1744 |
+ ctx = cl_hash_init("sha256");
|
|
| 1745 | 1745 |
if (!(ctx)) |
| 1746 | 1746 |
return CL_EMALFDB; |
| 1747 | 1747 |
|
| 1748 |
- EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); |
|
| 1749 |
- |
|
| 1750 | 1748 |
while(cli_dbgets(buffer, FILEBUFF, fs, dbio)) {
|
| 1751 | 1749 |
line++; |
| 1752 | 1750 |
if(!(options & CL_DB_UNSIGNED) && !strncmp(buffer, "DSIG:", 5)) {
|
| 1753 | 1751 |
dsig = 1; |
| 1754 |
- EVP_DigestFinal_ex(ctx, hash, NULL); |
|
| 1755 |
- EVP_MD_CTX_destroy(ctx); |
|
| 1752 |
+ cl_finish_hash(ctx, hash); |
|
| 1756 | 1753 |
if(cli_versig2(hash, buffer + 5, INFO_NSTR, INFO_ESTR) != CL_SUCCESS) {
|
| 1757 | 1754 |
cli_errmsg("cli_loadinfo: Incorrect digital signature\n");
|
| 1758 | 1755 |
ret = CL_EMALFDB; |
| ... | ... |
@@ -1770,7 +1767,7 @@ static int cli_loadinfo(FILE *fs, struct cl_engine *engine, unsigned int options |
| 1770 | 1770 |
buffer[len + 1] = 0; |
| 1771 | 1771 |
} |
| 1772 | 1772 |
} |
| 1773 |
- EVP_DigestUpdate(ctx, buffer, strlen(buffer)); |
|
| 1773 |
+ cl_update_hash(ctx, buffer, strlen(buffer)); |
|
| 1774 | 1774 |
cli_chomp(buffer); |
| 1775 | 1775 |
if(!strncmp("ClamAV-VDB:", buffer, 11)) {
|
| 1776 | 1776 |
if(engine->dbinfo) { /* shouldn't be initialized at this point */
|
| ... | ... |
@@ -325,26 +325,24 @@ static int xar_scan_subdocuments(xmlTextReaderPtr reader, cli_ctx *ctx) |
| 325 | 325 |
return rc; |
| 326 | 326 |
} |
| 327 | 327 |
|
| 328 |
-static EVP_MD_CTX * xar_hash_init(int hash, EVP_MD_CTX **sc, EVP_MD_CTX **mc) |
|
| 328 |
+static void * xar_hash_init(int hash, void **sc, void **mc) |
|
| 329 | 329 |
{
|
| 330 | 330 |
if (!sc && !mc) |
| 331 | 331 |
return NULL; |
| 332 | 332 |
switch (hash) {
|
| 333 | 333 |
case XAR_CKSUM_SHA1: |
| 334 |
- *sc = EVP_MD_CTX_create(); |
|
| 334 |
+ *sc = cl_hash_init("sha1");
|
|
| 335 | 335 |
if (!(*sc)) {
|
| 336 | 336 |
return NULL; |
| 337 | 337 |
} |
| 338 | 338 |
|
| 339 |
- EVP_DigestInit_ex(*sc, EVP_sha1(), NULL); |
|
| 340 | 339 |
return *sc; |
| 341 | 340 |
case XAR_CKSUM_MD5: |
| 342 |
- *mc = EVP_MD_CTX_create(); |
|
| 341 |
+ *mc = cl_hash_init("md5");
|
|
| 343 | 342 |
if (!(*mc)) {
|
| 344 | 343 |
return NULL; |
| 345 | 344 |
} |
| 346 | 345 |
|
| 347 |
- EVP_DigestInit_ex(*mc, EVP_md5(), NULL); |
|
| 348 | 346 |
return *mc; |
| 349 | 347 |
case XAR_CKSUM_OTHER: |
| 350 | 348 |
case XAR_CKSUM_NONE: |
| ... | ... |
@@ -353,7 +351,7 @@ static EVP_MD_CTX * xar_hash_init(int hash, EVP_MD_CTX **sc, EVP_MD_CTX **mc) |
| 353 | 353 |
} |
| 354 | 354 |
} |
| 355 | 355 |
|
| 356 |
-static void xar_hash_update(EVP_MD_CTX * hash_ctx, const void * data, unsigned long size, int hash) |
|
| 356 |
+static void xar_hash_update(void * hash_ctx, const void * data, unsigned long size, int hash) |
|
| 357 | 357 |
{
|
| 358 | 358 |
if (!hash_ctx || !data || !size) |
| 359 | 359 |
return; |
| ... | ... |
@@ -364,10 +362,10 @@ static void xar_hash_update(EVP_MD_CTX * hash_ctx, const void * data, unsigned l |
| 364 | 364 |
return; |
| 365 | 365 |
} |
| 366 | 366 |
|
| 367 |
- EVP_DigestUpdate(hash_ctx, data, size); |
|
| 367 |
+ cl_update_hash(hash_ctx, data, size); |
|
| 368 | 368 |
} |
| 369 | 369 |
|
| 370 |
-static void xar_hash_final(EVP_MD_CTX * hash_ctx, void * result, int hash) |
|
| 370 |
+static void xar_hash_final(void * hash_ctx, void * result, int hash) |
|
| 371 | 371 |
{
|
| 372 | 372 |
if (!hash_ctx || !result) |
| 373 | 373 |
return; |
| ... | ... |
@@ -378,8 +376,7 @@ static void xar_hash_final(EVP_MD_CTX * hash_ctx, void * result, int hash) |
| 378 | 378 |
return; |
| 379 | 379 |
} |
| 380 | 380 |
|
| 381 |
- EVP_DigestFinal_ex(hash_ctx, result, NULL); |
|
| 382 |
- EVP_MD_CTX_destroy(hash_ctx); |
|
| 381 |
+ cl_finish_hash(hash_ctx, result); |
|
| 383 | 382 |
} |
| 384 | 383 |
|
| 385 | 384 |
static int xar_hash_check(int hash, const void * result, const void * expected) |
| ... | ... |
@@ -539,9 +536,9 @@ int cli_scanxar(cli_ctx *ctx) |
| 539 | 539 |
&a_cksum, &a_hash, &e_cksum, &e_hash))) {
|
| 540 | 540 |
int do_extract_cksum = 1; |
| 541 | 541 |
unsigned char * blockp; |
| 542 |
- EVP_MD_CTX *a_sc, *e_sc; |
|
| 543 |
- EVP_MD_CTX *a_mc, *e_mc; |
|
| 544 |
- EVP_MD_CTX *a_hash_ctx, *e_hash_ctx; |
|
| 542 |
+ void *a_sc, *e_sc; |
|
| 543 |
+ void *a_mc, *e_mc; |
|
| 544 |
+ void *a_hash_ctx, *e_hash_ctx; |
|
| 545 | 545 |
char result[SHA1_HASH_SIZE]; |
| 546 | 546 |
char * expected; |
| 547 | 547 |
|
| ... | ... |
@@ -401,27 +401,25 @@ static char *sha256file(const char *file, unsigned int *size) |
| 401 | 401 |
unsigned int i, bytes; |
| 402 | 402 |
unsigned char digest[32], buffer[FILEBUFF]; |
| 403 | 403 |
char *sha; |
| 404 |
- EVP_MD_CTX *ctx; |
|
| 404 |
+ void *ctx; |
|
| 405 | 405 |
|
| 406 |
- ctx = EVP_MD_CTX_create(); |
|
| 406 |
+ ctx = cl_hash_init("sha256");
|
|
| 407 | 407 |
if (!(ctx)) |
| 408 | 408 |
return NULL; |
| 409 | 409 |
|
| 410 |
- EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); |
|
| 411 | 410 |
if(!(fh = fopen(file, "rb"))) {
|
| 412 | 411 |
mprintf("!sha256file: Can't open file %s\n", file);
|
| 413 |
- EVP_MD_CTX_destroy(ctx); |
|
| 412 |
+ cl_hash_destroy(ctx); |
|
| 414 | 413 |
return NULL; |
| 415 | 414 |
} |
| 416 | 415 |
if(size) |
| 417 | 416 |
*size = 0; |
| 418 | 417 |
while((bytes = fread(buffer, 1, sizeof(buffer), fh))) {
|
| 419 |
- EVP_DigestUpdate(ctx, buffer, bytes); |
|
| 418 |
+ cl_update_hash(ctx, buffer, bytes); |
|
| 420 | 419 |
if(size) |
| 421 | 420 |
*size += bytes; |
| 422 | 421 |
} |
| 423 |
- EVP_DigestFinal_ex(ctx, digest, NULL); |
|
| 424 |
- EVP_MD_CTX_destroy(ctx); |
|
| 422 |
+ cl_finish_hash(ctx, digest); |
|
| 425 | 423 |
sha = (char *) malloc(65); |
| 426 | 424 |
if(!sha) |
| 427 | 425 |
{
|
| ... | ... |
@@ -441,7 +439,7 @@ static int writeinfo(const char *dbname, const char *builder, const char *header |
| 441 | 441 |
unsigned int i, bytes; |
| 442 | 442 |
char file[32], *pt, dbfile[32]; |
| 443 | 443 |
unsigned char digest[32], buffer[FILEBUFF]; |
| 444 |
- EVP_MD_CTX *ctx; |
|
| 444 |
+ void *ctx; |
|
| 445 | 445 |
|
| 446 | 446 |
snprintf(file, sizeof(file), "%s.info", dbname); |
| 447 | 447 |
if(!access(file, R_OK)) {
|
| ... | ... |
@@ -498,17 +496,15 @@ static int writeinfo(const char *dbname, const char *builder, const char *header |
| 498 | 498 |
} |
| 499 | 499 |
if(!optget(opts, "unsigned")->enabled) {
|
| 500 | 500 |
rewind(fh); |
| 501 |
- ctx = EVP_MD_CTX_create(); |
|
| 501 |
+ ctx = cl_hash_init("sha256");
|
|
| 502 | 502 |
if (!(ctx)) {
|
| 503 | 503 |
fclose(fh); |
| 504 | 504 |
return -1; |
| 505 | 505 |
} |
| 506 | 506 |
|
| 507 |
- EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); |
|
| 508 | 507 |
while((bytes = fread(buffer, 1, sizeof(buffer), fh))) |
| 509 |
- EVP_DigestUpdate(ctx, buffer, bytes); |
|
| 510 |
- EVP_DigestFinal_ex(ctx, digest, NULL); |
|
| 511 |
- EVP_MD_CTX_destroy(ctx); |
|
| 508 |
+ cl_update_hash(ctx, buffer, bytes); |
|
| 509 |
+ cl_finish_hash(ctx, digest); |
|
| 512 | 510 |
if(!(pt = getdsig(optget(opts, "server")->strarg, builder, digest, 32, 3))) {
|
| 513 | 511 |
mprintf("!writeinfo: Can't get digital signature from remote server\n");
|
| 514 | 512 |
fclose(fh); |
| ... | ... |
@@ -528,7 +524,7 @@ static int script2cdiff(const char *script, const char *builder, const struct op |
| 528 | 528 |
{
|
| 529 | 529 |
char *cdiff, *pt, buffer[FILEBUFF]; |
| 530 | 530 |
unsigned char digest[32]; |
| 531 |
- EVP_MD_CTX *ctx; |
|
| 531 |
+ void *ctx; |
|
| 532 | 532 |
STATBUF sb; |
| 533 | 533 |
FILE *scripth, *cdiffh; |
| 534 | 534 |
gzFile gzh; |
| ... | ... |
@@ -612,21 +608,19 @@ static int script2cdiff(const char *script, const char *builder, const struct op |
| 612 | 612 |
return -1; |
| 613 | 613 |
} |
| 614 | 614 |
|
| 615 |
- ctx = EVP_MD_CTX_create(); |
|
| 615 |
+ ctx = cl_hash_init("sha256");
|
|
| 616 | 616 |
if (!(ctx)) {
|
| 617 | 617 |
unlink(cdiff); |
| 618 | 618 |
free(cdiff); |
| 619 | 619 |
fclose(cdiffh); |
| 620 | 620 |
return -1; |
| 621 | 621 |
} |
| 622 |
- EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); |
|
| 623 | 622 |
|
| 624 | 623 |
while((bytes = fread(buffer, 1, sizeof(buffer), cdiffh))) |
| 625 |
- EVP_DigestUpdate(ctx, (unsigned char *) buffer, bytes); |
|
| 624 |
+ cl_update_hash(ctx, (unsigned char *) buffer, bytes); |
|
| 626 | 625 |
|
| 627 | 626 |
fclose(cdiffh); |
| 628 |
- EVP_DigestFinal_ex(ctx, digest, NULL); |
|
| 629 |
- EVP_MD_CTX_destroy(ctx); |
|
| 627 |
+ cl_finish_hash(ctx, digest); |
|
| 630 | 628 |
|
| 631 | 629 |
if(!(pt = getdsig(optget(opts, "server")->strarg, builder, digest, 32, 2))) {
|
| 632 | 630 |
mprintf("!script2cdiff: Can't get digital signature from remote server\n");
|
| ... | ... |
@@ -794,7 +794,7 @@ static uint8_t res256[3][SHA256_HASH_SIZE] = {
|
| 794 | 794 |
|
| 795 | 795 |
START_TEST (test_sha256) |
| 796 | 796 |
{
|
| 797 |
- EVP_MD_CTX *sha256; |
|
| 797 |
+ void *sha256; |
|
| 798 | 798 |
uint8_t hsha256[SHA256_HASH_SIZE]; |
| 799 | 799 |
uint8_t buf[1000]; |
| 800 | 800 |
int i; |
| ... | ... |
@@ -807,14 +807,12 @@ START_TEST (test_sha256) |
| 807 | 807 |
cl_sha256(tv2, sizeof(tv2), hsha256, NULL); |
| 808 | 808 |
fail_unless(!memcmp (hsha256, res256[1], sizeof (hsha256)), "sha256 test vector #2 failed"); |
| 809 | 809 |
|
| 810 |
- sha256 = EVP_MD_CTX_create(); |
|
| 810 |
+ sha256 = cl_hash_init("sha256");
|
|
| 811 | 811 |
fail_unless(sha256 != NULL, "Could not create EVP_MD_CTX for sha256"); |
| 812 | 812 |
|
| 813 |
- EVP_DigestInit_ex(sha256, EVP_sha256(), NULL); |
|
| 814 | 813 |
for (i = 0; i < 1000; i++) |
| 815 |
- EVP_DigestUpdate (sha256, buf, sizeof (buf)); |
|
| 816 |
- EVP_DigestFinal_ex(sha256, hsha256, NULL); |
|
| 817 |
- EVP_MD_CTX_destroy(sha256); |
|
| 814 |
+ cl_update_hash (sha256, buf, sizeof (buf)); |
|
| 815 |
+ cl_finish_hash(sha256, hsha256); |
|
| 818 | 816 |
fail_unless(!memcmp (hsha256, res256[2], sizeof (hsha256)), "sha256 test vector #3 failed"); |
| 819 | 817 |
} |
| 820 | 818 |
END_TEST |