mirror of
https://github.com/zeek/zeek.git
synced 2025-10-05 16:18:19 +00:00
117 lines
2.7 KiB
C
117 lines
2.7 KiB
C
// See the file "COPYING" in the main distribution directory for copyright.
|
|
|
|
/**
|
|
* Wrapper and helper functions for MD5/SHA digest algorithms.
|
|
*/
|
|
|
|
#ifndef bro_digest_h
|
|
#define bro_digest_h
|
|
|
|
#include <openssl/md5.h>
|
|
#include <openssl/sha.h>
|
|
#include <openssl/evp.h>
|
|
|
|
#if ( OPENSSL_VERSION_NUMBER < 0x10100000L ) || defined(LIBRESSL_VERSION_NUMBER)
|
|
#define EVP_MD_CTX_new EVP_MD_CTX_create
|
|
#define EVP_MD_CTX_free EVP_MD_CTX_destroy
|
|
|
|
inline void* EVP_MD_CTX_md_data(const EVP_MD_CTX* ctx)
|
|
{
|
|
return ctx->md_data;
|
|
}
|
|
#endif
|
|
|
|
#include "Reporter.h"
|
|
|
|
enum HashAlgorithm { Hash_MD5, Hash_SHA1, Hash_SHA224, Hash_SHA256, Hash_SHA384, Hash_SHA512 };
|
|
|
|
inline const char* digest_print(const u_char* digest, size_t n)
|
|
{
|
|
static char buf[256]; // big enough for any of md5/sha1/sha256
|
|
for ( size_t i = 0; i < n; ++i )
|
|
snprintf(buf + i * 2, 3, "%02x", digest[i]);
|
|
return buf;
|
|
}
|
|
|
|
inline const char* md5_digest_print(const u_char digest[MD5_DIGEST_LENGTH])
|
|
{
|
|
return digest_print(digest, MD5_DIGEST_LENGTH);
|
|
}
|
|
|
|
inline const char* sha1_digest_print(const u_char digest[SHA_DIGEST_LENGTH])
|
|
{
|
|
return digest_print(digest, SHA_DIGEST_LENGTH);
|
|
}
|
|
|
|
inline const char* sha256_digest_print(const u_char digest[SHA256_DIGEST_LENGTH])
|
|
{
|
|
return digest_print(digest, SHA256_DIGEST_LENGTH);
|
|
}
|
|
|
|
inline EVP_MD_CTX* hash_init(HashAlgorithm alg)
|
|
{
|
|
EVP_MD_CTX* c = EVP_MD_CTX_new();
|
|
const EVP_MD* md;
|
|
|
|
switch (alg)
|
|
{
|
|
case Hash_MD5:
|
|
#ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW
|
|
/* Allow this to work even if FIPS disables it */
|
|
EVP_MD_CTX_set_flags(c, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
|
|
#endif
|
|
md = EVP_md5();
|
|
break;
|
|
case Hash_SHA1:
|
|
md = EVP_sha1();
|
|
break;
|
|
case Hash_SHA224:
|
|
md = EVP_sha224();
|
|
break;
|
|
case Hash_SHA256:
|
|
md = EVP_sha256();
|
|
break;
|
|
case Hash_SHA384:
|
|
md = EVP_sha384();
|
|
break;
|
|
case Hash_SHA512:
|
|
md = EVP_sha512();
|
|
break;
|
|
default:
|
|
reporter->InternalError("Unknown hash algorithm passed to hash_init");
|
|
}
|
|
|
|
if ( ! EVP_DigestInit_ex(c, md, NULL) )
|
|
reporter->InternalError("EVP_DigestInit failed");
|
|
|
|
return c;
|
|
}
|
|
|
|
inline void hash_update(EVP_MD_CTX* c, const void* data, unsigned long len)
|
|
{
|
|
if ( ! EVP_DigestUpdate(c, data, len) )
|
|
reporter->InternalError("EVP_DigestUpdate failed");
|
|
}
|
|
|
|
inline void hash_final(EVP_MD_CTX* c, u_char* md)
|
|
{
|
|
if ( ! EVP_DigestFinal(c, md, NULL) )
|
|
reporter->InternalError("EVP_DigestFinal failed");
|
|
|
|
EVP_MD_CTX_free(c);
|
|
}
|
|
|
|
inline unsigned char* internal_md5(const unsigned char* data, unsigned long len, unsigned char* out)
|
|
{
|
|
static unsigned char static_out[MD5_DIGEST_LENGTH];
|
|
|
|
if ( ! out )
|
|
out = static_out; // use static array for return, see OpenSSL man page
|
|
|
|
EVP_MD_CTX* c = hash_init(Hash_MD5);
|
|
hash_update(c, data, len);
|
|
hash_final(c, out);
|
|
return out;
|
|
}
|
|
|
|
#endif //bro_digest_h
|