Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-12 11:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

A few more updates to the digest functions.

Browse source 
This builds upon the previous commit to make Zeek compile on FIPS
systems.

This patch makes the changes a bit more aggressive. Instead of having a
number of different hash functions with different return values, we now
standardize on EVP_MD_CTX and just have one set of functions, to which
the hash algorithm that is desired is passed.

On the positive side, this enables us to support a wider range of hash
algorithm (and to easily add to them in the future).

I reimplemented the internal_md5 function - we don't support ebdic
systems in any case.

The md5/sha1 serialization functions are now also tested (I don't think
they were before).
This commit is contained in:
Johanna Amann 2019-01-24 09:19:29 -08:00
parent ffa6756255
commit 86161c85c4
9 changed files with 149 additions and 143 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/probabilistic/BitVector.cc
View file

@ -496,13 +496,12 @@ uint64 BitVector::Hash() const
{
u_char buf[SHA256_DIGEST_LENGTH];
uint64 digest;
SHA256_CTX ctx;
sha256_init(&ctx);
EVP_MD_CTX* ctx = hash_init(Hash_SHA256);
for ( size_type i = 0; i < Blocks(); ++i )
sha256_update(&ctx, &bits[i], sizeof(bits[i]));
hash_update(ctx, &bits[i], sizeof(bits[i]));
sha256_final(&ctx, buf);
hash_final(ctx, buf);
memcpy(&digest, buf, sizeof(digest)); // Use the first bytes as digest
return digest;
}

11
src/probabilistic/Hasher.cc
View file

@ -15,24 +15,23 @@ Hasher::seed_t Hasher::MakeSeed(const void* data, size_t size)
{
u_char buf[SHA256_DIGEST_LENGTH];
seed_t tmpseed;
SHA256_CTX ctx;
sha256_init(&ctx);
EVP_MD_CTX* ctx = hash_init(Hash_SHA256);
assert(sizeof(tmpseed) == 16);
if ( data )
sha256_update(&ctx, data, size);
hash_update(ctx, data, size);
else if ( global_hash_seed && global_hash_seed->Len() > 0 )
sha256_update(&ctx, global_hash_seed->Bytes(), global_hash_seed->Len());
hash_update(ctx, global_hash_seed->Bytes(), global_hash_seed->Len());
else
{
unsigned int first_seed = initial_seed();
sha256_update(&ctx, &first_seed, sizeof(first_seed));
hash_update(ctx, &first_seed, sizeof(first_seed));
}
sha256_final(&ctx, buf);
hash_final(ctx, buf);
memcpy(&tmpseed, buf, sizeof(tmpseed)); // Use the first bytes as seed.
return tmpseed;
}