Author: bh
Date: 2007-07-09 19:19:30 +0200 (Mon, 09 Jul 2007)
New Revision: 261
Modified:
trunk/openvas-libnasl/ChangeLog
trunk/openvas-libnasl/nasl/nasl_crypto.c
trunk/openvas-libnasl/nasl/nasl_crypto.h
trunk/openvas-libnasl/nasl/nasl_init.c
Log:
* nasl/nasl_crypto.c (nasl_gcrypt_hash, nasl_hash): New. Helper
functions for the actual nasl functions that use libgcrypt instead
of openssl
(nasl_md4, nasl_md5, nasl_ripemd160): Use nasl_hash to compute the
hash function.
(nasl_hmac): use libgcrypt instead of openssl
(nasl_hmac_md5, nasl_hmac_sha1, nasl_hmac_ripemd160): Adapt to
changes in nasl_hmac.
(nasl_md2, nasl_sha, nasl_hmac_md2, nasl_hmac_sha, nasl_hmac_dss):
Removed. The hash algorithms used by these functions are not
implemented in libgcrypt. The nasl-level counterparts of these
functions aren't used anywhere, so it shouldn't be a problem.
* nasl/nasl_crypto.h: Remove the #ifdef HAVE_SSL
conditionals. Remove the declarations for the functions that have
been removed from nasl_crypto.c
* nasl/nasl_init.c: Removed the functions that are no longer
implemented in nasl_crypto.c
Modified: trunk/openvas-libnasl/ChangeLog
===================================================================
--- trunk/openvas-libnasl/ChangeLog 2007-07-09 14:57:16 UTC (rev 260)
+++ trunk/openvas-libnasl/ChangeLog 2007-07-09 17:19:30 UTC (rev 261)
@@ -1,3 +1,25 @@
+2007-07-09 Bernhard Herzog <[EMAIL PROTECTED]>
+
+ * nasl/nasl_crypto.c (nasl_gcrypt_hash, nasl_hash): New. Helper
+ functions for the actual nasl functions that use libgcrypt instead
+ of openssl
+ (nasl_md4, nasl_md5, nasl_ripemd160): Use nasl_hash to compute the
+ hash function.
+ (nasl_hmac): use libgcrypt instead of openssl
+ (nasl_hmac_md5, nasl_hmac_sha1, nasl_hmac_ripemd160): Adapt to
+ changes in nasl_hmac.
+ (nasl_md2, nasl_sha, nasl_hmac_md2, nasl_hmac_sha, nasl_hmac_dss):
+ Removed. The hash algorithms used by these functions are not
+ implemented in libgcrypt. The nasl-level counterparts of these
+ functions aren't used anywhere, so it shouldn't be a problem.
+
+ * nasl/nasl_crypto.h: Remove the #ifdef HAVE_SSL
+ conditionals. Remove the declarations for the functions that have
+ been removed from nasl_crypto.c
+
+ * nasl/nasl_init.c: Removed the functions that are no longer
+ implemented in nasl_crypto.c
+
2007-06-22 Jan-Oliver Wagner <[EMAIL PROTECTED]>
* configure.in: removed handling for libpcap-nessus and also
Modified: trunk/openvas-libnasl/nasl/nasl_crypto.c
===================================================================
--- trunk/openvas-libnasl/nasl/nasl_crypto.c 2007-07-09 14:57:16 UTC (rev
260)
+++ trunk/openvas-libnasl/nasl/nasl_crypto.c 2007-07-09 17:19:30 UTC (rev
261)
@@ -21,16 +21,8 @@
* has
*/
#include <includes.h>
-#ifdef HAVE_SSL
-#include <openssl/md2.h>
-#include <openssl/md4.h>
-#include <openssl/md5.h>
-#include <openssl/ripemd.h>
-#include <openssl/sha.h>
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
+#include <gcrypt.h>
-
#include "nasl_tree.h"
#include "nasl_global_ctxt.h"
#include "nasl_func.h"
@@ -45,120 +37,82 @@
/*-------------------[ Std. HASH ]-------------------------------------*/
-tree_cell * nasl_md2(lex_ctxt * lexic)
+static tree_cell*
+nasl_gcrypt_hash(lex_ctxt * lexic, int algorithm, void * data, size_t datalen,
+ void * key, size_t keylen)
{
- char * data = get_str_var_by_num(lexic, 0);
- int len = get_var_size_by_num(lexic, 0);
- char md[MD2_DIGEST_LENGTH+1];
- tree_cell * retc;
-
- if(data == NULL)
- return NULL;
-
- MD2((unsigned char*)data, len, (unsigned char*)md);
+ gcry_md_hd_t hd;
+ gcry_error_t err;
+ tree_cell * retc;
+ int dlen = gcry_md_get_algo_dlen(algorithm);
- retc = alloc_tree_cell(0, NULL);
- retc->type = CONST_DATA;
- retc->x.str_val = nasl_strndup(md, MD2_DIGEST_LENGTH);
- retc->size = MD2_DIGEST_LENGTH;
- return retc;
-}
+ if (data == NULL)
+ return NULL;
-tree_cell * nasl_md4(lex_ctxt * lexic)
-{
- char * data = get_str_var_by_num(lexic, 0);
- int len = get_var_size_by_num(lexic, 0);
- char md[MD4_DIGEST_LENGTH+1];
- tree_cell * retc;
-
- if(data == NULL)
- return NULL;
-
- MD4((unsigned char*)data, len, (unsigned char*)md);
+ err = gcry_md_open(&hd, algorithm, key ? GCRY_MD_FLAG_HMAC : 0);
+ if (err)
+ {
+ nasl_perror(lexic, "nasl_gcrypt_hash(): gcry_md_open failed: %s/%s\n",
+ gcry_strsource(err), gcry_strerror(err));
+ return NULL;
+ }
- retc = alloc_tree_cell(0, NULL);
- retc->type = CONST_DATA;
- retc->x.str_val = nasl_strndup(md, MD4_DIGEST_LENGTH);
- retc->size = MD4_DIGEST_LENGTH;
- return retc;
+ if (key)
+ {
+ err = gcry_md_setkey(hd, key, keylen);
+ if (err)
+ {
+ nasl_perror(lexic, "nasl_gcrypt_hash():"
+ " gcry_md_setkey failed: %s/%s\n",
+ gcry_strsource(err), gcry_strerror(err));
+ return NULL;
+ }
+ }
+
+ gcry_md_write(hd, data, datalen);
+
+ retc = alloc_tree_cell(0, NULL);
+ retc->type = CONST_DATA;
+ retc->x.str_val = nasl_strndup(gcry_md_read(hd, algorithm), dlen);
+ retc->size = dlen;
+
+ gcry_md_close(hd);
+
+ return retc;
}
-tree_cell * nasl_md5(lex_ctxt * lexic)
+static tree_cell*
+nasl_hash(lex_ctxt * lexic, int algorithm)
{
- char * data = get_str_var_by_num(lexic, 0);
- int len = get_var_size_by_num(lexic, 0);
- char md[MD5_DIGEST_LENGTH+1];
- tree_cell * retc;
-
- if(data == NULL)
- return NULL;
-
- MD5((unsigned char*)data, len, (unsigned char*)md);
+ char * data = get_str_var_by_num(lexic, 0);
+ int len = get_var_size_by_num(lexic, 0);
- retc = alloc_tree_cell(0, NULL);
- retc->type = CONST_DATA;
- retc->x.str_val = nasl_strndup(md, MD5_DIGEST_LENGTH);
- retc->size = MD5_DIGEST_LENGTH;
- return retc;
+ return nasl_gcrypt_hash(lexic, algorithm, data, len, NULL, 0);
}
-tree_cell * nasl_sha(lex_ctxt * lexic)
+tree_cell *
+nasl_md4(lex_ctxt * lexic)
{
- char * data = get_str_var_by_num(lexic, 0);
- int len = get_var_size_by_num(lexic, 0);
- char md[SHA_DIGEST_LENGTH+1];
- tree_cell * retc;
-
- if(data == NULL)
- return NULL;
-
- SHA((unsigned char*)data, len, (unsigned char*)md);
-
- retc = alloc_tree_cell(0, NULL);
- retc->type = CONST_DATA;
- retc->x.str_val = nasl_strndup(md, SHA_DIGEST_LENGTH);
- retc->size = SHA_DIGEST_LENGTH;
- return retc;
+ return nasl_hash(lexic, GCRY_MD_MD4);
}
-
-tree_cell * nasl_sha1(lex_ctxt * lexic)
+tree_cell *
+nasl_md5(lex_ctxt * lexic)
{
- char * data = get_str_var_by_num(lexic, 0);
- int len = get_var_size_by_num(lexic, 0);
- char md[SHA_DIGEST_LENGTH+1];
- tree_cell * retc;
-
- if(data == NULL)
- return NULL;
-
- SHA1((unsigned char*)data, len, (unsigned char*)md);
+ return nasl_hash(lexic, GCRY_MD_MD5);
+}
- retc = alloc_tree_cell(0, NULL);
- retc->type = CONST_DATA;
- retc->x.str_val = nasl_strndup(md, SHA_DIGEST_LENGTH);
- retc->size = SHA_DIGEST_LENGTH;
- return retc;
+tree_cell *
+nasl_sha1(lex_ctxt * lexic)
+{
+ return nasl_hash(lexic, GCRY_MD_SHA1);
}
-tree_cell * nasl_ripemd160(lex_ctxt * lexic)
+tree_cell *
+nasl_ripemd160(lex_ctxt * lexic)
{
- char * data = get_str_var_by_num(lexic, 0);
- int len = get_var_size_by_num(lexic, 0);
- char md[RIPEMD160_DIGEST_LENGTH+1];
- tree_cell * retc;
-
- if(data == NULL)
- return NULL;
-
- RIPEMD160((unsigned char*)data, len, (unsigned char*)md);
-
- retc = alloc_tree_cell(0, NULL);
- retc->type = CONST_DATA;
- retc->x.str_val = nasl_strndup(md, RIPEMD160_DIGEST_LENGTH);
- retc->size = RIPEMD160_DIGEST_LENGTH;
- return retc;
+ return nasl_hash(lexic, GCRY_MD_RMD160);
}
@@ -168,64 +122,32 @@
-static tree_cell * nasl_hmac(lex_ctxt * lexic, const EVP_MD * evp_md)
+static tree_cell *
+nasl_hmac(lex_ctxt * lexic, int algorithm)
{
- char * data = get_str_local_var_by_name(lexic, "data");
- char * key = get_str_local_var_by_name(lexic, "key");
- int data_len = get_local_var_size_by_name(lexic, "data");
- int key_len = get_local_var_size_by_name(lexic, "key");
- char hmac[EVP_MAX_MD_SIZE + 1];
- unsigned int len = 0;
- tree_cell * retc;
-
- /* if(data == NULL || key == NULL)
- {
- nasl_perror(lexic, "[%d] HMAC_* functions syntax is : HMAC(data:<data>,
key:<key>)\n", getpid());
- return NULL;
- }
- */
- HMAC(evp_md, key, key_len, (unsigned char*)data, data_len, (unsigned
char*)hmac, &len);
- retc = alloc_tree_cell(0, NULL);
- retc->type = CONST_DATA;
- retc->size = len;
- retc->x.str_val = nasl_strndup(hmac, len);
- return retc;
-}
+ char * data = get_str_local_var_by_name(lexic, "data");
+ char * key = get_str_local_var_by_name(lexic, "key");
+ int data_len = get_local_var_size_by_name(lexic, "data");
+ int key_len = get_local_var_size_by_name(lexic, "key");
-
-tree_cell * nasl_hmac_md2(lex_ctxt * lexic)
-{
- return nasl_hmac(lexic, EVP_md2());
+ return nasl_gcrypt_hash(lexic, algorithm, data, data_len, key, key_len);
}
-tree_cell * nasl_hmac_md5(lex_ctxt * lexic)
+tree_cell *
+nasl_hmac_md5(lex_ctxt * lexic)
{
- return nasl_hmac(lexic, EVP_md5());
+ return nasl_hmac(lexic, GCRY_MD_MD5);
}
-tree_cell * nasl_hmac_sha(lex_ctxt * lexic)
+tree_cell *
+nasl_hmac_sha1(lex_ctxt * lexic)
{
- return nasl_hmac(lexic, EVP_sha());
+ return nasl_hmac(lexic, GCRY_MD_SHA1);
}
-
-tree_cell * nasl_hmac_sha1(lex_ctxt * lexic)
+tree_cell *
+nasl_hmac_ripemd160(lex_ctxt * lexic)
{
- return nasl_hmac(lexic, EVP_sha1());
+ return nasl_hmac(lexic, GCRY_MD_RMD160);
}
-
-
-tree_cell * nasl_hmac_dss(lex_ctxt * lexic)
-{
- return nasl_hmac(lexic, EVP_dss());
-}
-
-
-tree_cell * nasl_hmac_ripemd160(lex_ctxt * lexic)
-{
- return nasl_hmac(lexic, EVP_ripemd160());
-}
-
-
-#endif /* HAVE_SSL */
Modified: trunk/openvas-libnasl/nasl/nasl_crypto.h
===================================================================
--- trunk/openvas-libnasl/nasl/nasl_crypto.h 2007-07-09 14:57:16 UTC (rev
260)
+++ trunk/openvas-libnasl/nasl/nasl_crypto.h 2007-07-09 17:19:30 UTC (rev
261)
@@ -1,19 +1,12 @@
#ifndef NASL_CRYPTO_H
#define NASL_CRYPTO_H
-#ifdef HAVE_SSL
-tree_cell * nasl_md2(lex_ctxt *);
tree_cell * nasl_md4(lex_ctxt *);
tree_cell * nasl_md5(lex_ctxt *);
-tree_cell * nasl_sha(lex_ctxt *);
tree_cell * nasl_sha1(lex_ctxt *);
tree_cell * nasl_ripemd160(lex_ctxt *);
-tree_cell * nasl_hmac_md2(lex_ctxt * );
tree_cell * nasl_hmac_md5(lex_ctxt * );
-tree_cell * nasl_hmac_sha(lex_ctxt *);
tree_cell * nasl_hmac_sha1(lex_ctxt * );
-tree_cell * nasl_hmac_dss(lex_ctxt *);
tree_cell * nasl_hmac_ripemd160(lex_ctxt *);
-#endif
#endif
Modified: trunk/openvas-libnasl/nasl/nasl_init.c
===================================================================
--- trunk/openvas-libnasl/nasl/nasl_init.c 2007-07-09 14:57:16 UTC (rev
260)
+++ trunk/openvas-libnasl/nasl/nasl_init.c 2007-07-09 17:19:30 UTC (rev
261)
@@ -248,24 +248,14 @@
"pcap_next", nasl_pcap_next, 1, { "interface", "pcap_filter", "timeout",
NULL},
"send_capture", nasl_send_capture, 1, { "data", "interface", "length",
"option", "pcap_filter", "socket", "timeout", NULL},
-#ifdef HAVE_SSL
-#ifdef HAVE_OPENSSL_MD2_H
- "MD2", nasl_md2, 1, { NULL },
-#endif
#ifdef HAVE_OPENSSL_MD4_H
"MD4", nasl_md4, 1, { NULL },
#endif
"MD5", nasl_md5, 1, { NULL },
- "SHA", nasl_sha, 1, { NULL },
"SHA1", nasl_sha1, 1, { NULL },
"RIPEMD160", nasl_ripemd160, 1, { NULL },
-#ifdef HAVE_OPENSSL_MD2_H
- "HMAC_MD2", nasl_hmac_md2, 0, { "data", "key", NULL },
-#endif
"HMAC_MD5", nasl_hmac_md5, 0, { "data", "key", NULL },
- "HMAC_SHA", nasl_hmac_sha, 0, { "data", "key", NULL },
"HMAC_SHA1", nasl_hmac_sha1, 0, { "data", "key", NULL },
- "HMAC_DSS", nasl_hmac_dss, 0, { "data", "key", NULL },
"HMAC_RIPEMD160", nasl_hmac_ripemd160, 0, { "data", "key", NULL },
"dh_generate_key", nasl_dh_generate_key, 0, { "g" , "p", "priv", NULL },
@@ -280,7 +270,6 @@
"pem_to_dsa", nasl_pem_to_dsa, 0, { "passphrase", "priv", NULL },
"rsa_sign", nasl_rsa_sign, 0, { "d", "data", "e", "n", NULL },
"dsa_do_sign", nasl_dsa_do_sign, 0, { "data", "g", "p", "priv", "pub", "q",
NULL },
-#endif
"pread", nasl_pread, 0, { "argv", "cd", "cmd", "nice", NULL },
"find_in_path", nasl_find_in_path, 1, { NULL },
_______________________________________________
Openvas-commits mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-commits
