Integrated Aaron Gifford's sha1 implementation

particle-iot · Apr 25, 2011 · d0f3429 · d0f3429
1 parent f3042cb
commit d0f3429
Show file tree

Hide file tree

Showing 8 changed files with 151 additions and 11 deletions.
diff --git a/Makefile.in b/Makefile.in
@@ -36,10 +36,10 @@ package = @PACKAGE_TARNAME@-@PACKAGE_VERSION@
 
 # files and flags
 SOURCES:= dsrv.c peer.c netq.c dtls.c ccm.c hmac.c debug.c
-OBJECTS:= $(patsubst %.c, %.o, $(SOURCES)) sha2/sha2.o aes/rijndael.o
+OBJECTS:= $(patsubst %.c, %.o, $(SOURCES)) sha1/sha1.o sha2/sha2.o aes/rijndael.o
 HEADERS:=dsrv.h dtls.h hmac.h peer.h netq.h debug.h config.h uthash.h numeric.h ccm.h
 CFLAGS:=-Wall -pedantic -std=c99 @CFLAGS@
-CPPFLAGS:=@CPPFLAGS@
+CPPFLAGS:=@CPPFLAGS@ -DDTLS_CHECK_CONTENTTYPE
 SUBDIRS:=tests doc sha2 aes
 DISTDIR=$(top_builddir)/$(package)
 FILES:=Makefile.in configure configure.in config.h.in $(SOURCES) $(HEADERS)

diff --git a/configure b/configure
@@ -649,6 +649,7 @@ ac_user_opts='
 enable_option_checking
 with_openssl
 with_protocol_demux
+with_sha1
 with_sha256
 with_sha384
 with_sha512
@@ -1278,6 +1279,7 @@ Optional Packages:
                           disable protocol demultiplexing (i.e. forbid
                           cleartext on DTLS-enabled sockets)
 
+  --without-sha1          disable use of SHA1
   --without-sha256        disable use of SHA256
   --with-sha384           enable use of SHA384
   --with-sha512           enable use of SHA512
@@ -3993,6 +3995,15 @@ $as_echo "#define DSRV_NO_PROTOCOL_DEMUX /**/" >>confdefs.h
 fi
 
 
+# Check whether --with-sha1 was given.
+if test "${with_sha1+set}" = set; then :
+  withval=$with_sha1;
+else
+  CPPFLAGS="${CPPFLAGS} -DWITH_SHA1"
+fi
+
+
+
 # Check whether --with-sha256 was given.
 if test "${with_sha256+set}" = set; then :
   withval=$with_sha256;
@@ -4011,7 +4022,7 @@ fi
 
 # Check whether --with-sha512 was given.
 if test "${with_sha512+set}" = set; then :
-  withval=$with_sha512; CPPFLAGS="${CPPFLAGS} -DWITH_SHA521"
+  withval=$with_sha512; CPPFLAGS="${CPPFLAGS} -DWITH_SHA512"
 fi
 
 
@@ -4169,7 +4180,7 @@ done
 ac_config_headers="$ac_config_headers config.h"
 
 
-ac_config_files="$ac_config_files Makefile doc/Makefile doc/Doxyfile tests/Makefile sha2/Makefile aes/Makefile"
+ac_config_files="$ac_config_files Makefile doc/Makefile doc/Doxyfile tests/Makefile sha1/Makefile sha2/Makefile aes/Makefile"
 
 cat >confcache <<\_ACEOF
 # This file is a shell script that caches the results of configure
@@ -4866,6 +4877,7 @@ do
     "doc/Makefile") CONFIG_FILES="$CONFIG_FILES doc/Makefile" ;;
     "doc/Doxyfile") CONFIG_FILES="$CONFIG_FILES doc/Doxyfile" ;;
     "tests/Makefile") CONFIG_FILES="$CONFIG_FILES tests/Makefile" ;;
+    "sha1/Makefile") CONFIG_FILES="$CONFIG_FILES sha1/Makefile" ;;
     "sha2/Makefile") CONFIG_FILES="$CONFIG_FILES sha2/Makefile" ;;
     "aes/Makefile") CONFIG_FILES="$CONFIG_FILES aes/Makefile" ;;
 

diff --git a/configure.in b/configure.in
@@ -70,6 +70,11 @@ AS_IF([test "x$with_protocol_demux" = "xno"],
   CPPFLAGS="${CPPFLAGS} -DDSRV_NO_PROTOCOL_DEMUX"]
 )
 
+AC_ARG_WITH(sha1,
+  [AS_HELP_STRING([--without-sha1],[disable use of SHA1])],
+  [], 
+  [CPPFLAGS="${CPPFLAGS} -DWITH_SHA1"])
+
 AC_ARG_WITH(sha256,
   [AS_HELP_STRING([--without-sha256],[disable use of SHA256])],
   [], 
@@ -81,7 +86,7 @@ AC_ARG_WITH(sha384,
 
 AC_ARG_WITH(sha512,
   [AS_HELP_STRING([--with-sha512],[enable use of SHA512])],
-  [CPPFLAGS="${CPPFLAGS} -DWITH_SHA521"])
+  [CPPFLAGS="${CPPFLAGS} -DWITH_SHA512"])
 
 # Checks for header files.
 AC_CHECK_HEADERS([assert.h arpa/inet.h fcntl.h inttypes.h netdb.h netinet/in.h stddef.h stdint.h stdlib.h string.h sys/param.h sys/socket.h sys/time.h unistd.h])
@@ -104,6 +109,7 @@ AC_CONFIG_FILES([Makefile
                  doc/Makefile
                  doc/Doxyfile
                  tests/Makefile
+		 sha1/Makefile
 		 sha2/Makefile
 		 aes/Makefile])
 AC_OUTPUT
diff --git a/hmac.c b/hmac.c
@@ -31,13 +31,39 @@
 #define DTLS_HMAC_BLOCKSIZE 64
 #define DTLS_HMAC_MAX       64
 
- /* Aaron D. Gifford's implementation of SHA256
+ /* Aaron D. Gifford's implementation of SHA1 and SHA256
   * see http://www.aarongifford.com/ */
-#include "sha2/sha2.h"
+#ifdef WITH_SHA1
+#  include "sha1/sha.h"
+#endif
+
+#if defined(WITH_SHA256) || defined(WITH_SHA384) || defined(WITH_SHA512)
+#  include "sha2/sha2.h"
+#endif
+
 #include "debug.h"
 
 #include "hmac.h"
 
+#ifdef WITH_SHA1
+void 
+h_sha_init(void *ctx) {
+  SHA1_Init((SHA_CTX *)ctx);
+}
+
+void 
+h_sha_update(void *ctx, const unsigned char *input, size_t len) {
+  SHA1_Update((SHA_CTX *)ctx, (sha1_byte *)input, len);
+}
+
+size_t
+h_sha_finalize(unsigned char *buf, void *ctx) {
+  SHA1_Final(buf, (SHA_CTX *)ctx);
+  return SHA1_DIGEST_LENGTH;
+}
+#endif
+
+#ifdef WITH_SHA256
 void 
 h_sha256_init(void *ctx) {
   SHA256_Init((SHA256_CTX *)ctx);
@@ -53,6 +79,7 @@ h_sha256_finalize(unsigned char *buf, void *ctx) {
   SHA256_Final(buf, (SHA256_CTX *)ctx);
   return SHA256_DIGEST_LENGTH;
 }
+#endif /* WITH_SHA1 */
 
 void
 dtls_hmac_update(dtls_hmac_context_t *ctx,
@@ -68,6 +95,18 @@ dtls_new_hash(dtls_hashfunc_t h) {
   dtls_hash_t *H = NULL;
 
   switch(h) {
+#ifdef WITH_SHA1
+  case SHA1:
+    H = (dtls_hash_t *)malloc(sizeof(dtls_hash_t) + sizeof(SHA_CTX));
+    if (H) {
+      H->data = ((char *)H) + sizeof(dtls_hash_t);
+      H->init = h_sha_init;
+      H->update = h_sha_update;
+      H->finalize = h_sha_finalize;
+    } 
+    break;
+#endif
+#ifdef WITH_SHA256
   case SHA256:
     H = (dtls_hash_t *)malloc(sizeof(dtls_hash_t) + sizeof(SHA256_CTX));
     if (H) {
@@ -77,6 +116,7 @@ dtls_new_hash(dtls_hashfunc_t h) {
       H->finalize = h_sha256_finalize;
     } 
     break;
+#endif
   default:
     dsrv_log(LOG_CRIT, "unknown hash function %d\n", h);
   }
@@ -142,7 +182,13 @@ dtls_hmac_finalize(dtls_hmac_context_t *ctx, unsigned char *result) {
 }
 
 #ifdef WITH_OPENSSL
-#define DIGEST EVP_sha256()
+#ifdef WITH_SHA1
+#  define DIGEST EVP_sha1()
+#else
+#  ifdef WITH_SHA256
+#    define DIGEST EVP_sha1()
+#  endif /* WITH_SHA256 */
+#endif /* WITH_SHA1 */
 
 #include <openssl/evp.h>
 #include <openssl/md5.h>
@@ -186,7 +232,7 @@ int main(int argc, char **argv) {
   size_t len, i;
   dtls_hmac_context_t hmac_ctx;
 
-  dtls_hmac_init(&hmac_ctx, key, sizeof(key), SHA256);
+  dtls_hmac_init(&hmac_ctx, key, sizeof(key), SHA1);
   dtls_hmac_update(&hmac_ctx, text, sizeof(text));
 
   len = dtls_hmac_finalize(&hmac_ctx, buf);

diff --git a/hmac.h b/hmac.h
@@ -41,7 +41,7 @@ typedef struct {
 } dtls_hash_t;
 
 /** List of known hash functions for use in dtls_hmac_init(). */
-typedef enum { SHA256=1 } dtls_hashfunc_t;
+typedef enum { SHA256=1, SHA1 } dtls_hashfunc_t;
 
 /**
  * Context for HMAC generation. This object is initialized with

diff --git a/sha1/Makefile.in b/sha1/Makefile.in
@@ -0,0 +1,73 @@
+# Makefile for tinydtls
+#
+# Copyright (C) 2011 Olaf Bergmann <[email protected]>
+#
+# Permission is hereby granted, free of charge, to any person
+# obtaining a copy of this software and associated documentation
+# files (the "Software"), to deal in the Software without
+# restriction, including without limitation the rights to use, copy,
+# modify, merge, publish, distribute, sublicense, and/or sell copies
+# of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+# the library's version
+VERSION:=@PACKAGE_VERSION@
+
+# tools
+@SET_MAKE@
+SHELL = /bin/sh
+MKDIR = mkdir
+
+abs_builddir = @abs_builddir@
+top_builddir = @top_builddir@
+top_srcdir:= @top_srcdir@
+
+SOURCES:= sha1.c
+HEADERS:=sha.h
+OBJECTS:= $(patsubst %.c, %.o, $(SOURCES))
+CPPFLAGS=@CPPFLAGS@
+CFLAGS=-Wall -std=c99 -pedantic @CFLAGS@
+LDLIBS=@LIBS@
+FILES:=Makefile.in $(SOURCES) $(HEADERS) README \
+ confighelp.c hmac.c hmac_sha1.c hmac_sha1.h hmac_test.c
+DISTDIR=$(top_builddir)/@PACKAGE_TARNAME@-@PACKAGE_VERSION@
+
+.PHONY: all dirs clean distclean .gitignore doc
+
+.SUFFIXES:
+.SUFFIXES:      .c .o
+
+all:	$(OBJECTS)
+
+check:	
+	echo DISTDIR: $(DISTDIR)
+	echo top_builddir: $(top_builddir)
+
+clean:
+	@rm -f $(PROGRAMS) main.o $(LIB) $(OBJECTS)
+	for dir in $(SUBDIRS); do \
+		$(MAKE) -C $$dir clean ; \
+	done
+
+distclean:	clean
+	@rm -rf $(DISTDIR)
+	@rm -f *~ $(DISTDIR).tar.gz
+
+dist:	$(FILES)
+	test -d $(DISTDIR)/sha1 || mkdir $(DISTDIR)/sha1
+	cp -p $(FILES) $(DISTDIR)/sha1
+
+.gitignore:
+	echo "core\n*~\n*.[oa]\n*.gz\n*.cap\n$(PROGRAM)\n$(DISTDIR)\n.gitignore" >$@
diff --git a/sha1/sha.h b/sha1/sha.h
@@ -31,8 +31,10 @@
 extern "C" {
 #endif
 
+#ifndef WORDS_BIGENDIAN
 /* Define this if your machine is LITTLE_ENDIAN, otherwise #undef it: */
-#define LITTLE_ENDIAN
+#  define LITTLE_ENDIAN
+#endif
 
 /* Make sure you define these types for your architecture: */
 typedef unsigned int sha1_quadbyte;	/* 4 byte type */

diff --git a/sha1/sha1.c b/sha1/sha1.c
@@ -23,6 +23,7 @@
  * SUCH DAMAGE.
  */
 
+#include <string.h>
 #include "sha.h"
 
 #define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))