mirror of https://github.com/wolfSSL/wolfssl
ssl.c: refactor wolfSSL_LH_strhash() to use SHA1 instead of MD5, to eliminate dependency on deprecated alg.
This commit is contained in:
parent
ddda108de6
commit
f1c1f76851
37
src/ssl.c
37
src/ssl.c
|
@ -56161,36 +56161,55 @@ static int wolfssl_conf_value_cmp(const WOLFSSL_CONF_VALUE *a,
|
|||
}
|
||||
}
|
||||
|
||||
/* Use MD5 for hashing as OpenSSL uses a hash algorithm that is
|
||||
* "not as good as MD5, but still good" so using MD5 should
|
||||
* be good enough for this application. The produced hashes don't
|
||||
/* Use SHA for hashing as OpenSSL uses a hash algorithm that is
|
||||
* "not as good as MD5, but still good" so using SHA should be more
|
||||
* than good enough for this application. The produced hashes don't
|
||||
* need to line up between OpenSSL and wolfSSL. The hashes are for
|
||||
* internal indexing only */
|
||||
unsigned long wolfSSL_LH_strhash(const char *str)
|
||||
{
|
||||
unsigned long ret = 0;
|
||||
#ifndef NO_MD5
|
||||
#ifndef NO_SHA
|
||||
wc_Sha sha;
|
||||
int strLen;
|
||||
byte digest[WC_MD5_DIGEST_SIZE];
|
||||
byte digest[WC_SHA_DIGEST_SIZE];
|
||||
#endif
|
||||
WOLFSSL_ENTER("wolfSSL_LH_strhash");
|
||||
|
||||
if (!str)
|
||||
return 0;
|
||||
|
||||
#ifndef NO_MD5
|
||||
#ifndef NO_SHA
|
||||
strLen = (int)XSTRLEN(str);
|
||||
if (wc_Md5Hash((const byte*)str, strLen, digest) != 0) {
|
||||
WOLFSSL_MSG("wc_Md5Hash error");
|
||||
|
||||
if (wc_InitSha_ex(&sha, NULL, 0) != 0) {
|
||||
WOLFSSL_MSG("SHA1 Init failed");
|
||||
return 0;
|
||||
}
|
||||
|
||||
ret = 0;
|
||||
do {
|
||||
if (wc_ShaUpdate(&sha, (const byte *)str, (word32)strLen) != 0) {
|
||||
WOLFSSL_MSG("SHA1 Update failed");
|
||||
break;
|
||||
}
|
||||
if (wc_ShaFinal(&sha, digest) != 0) {
|
||||
WOLFSSL_MSG("SHA1 Final failed");
|
||||
break;
|
||||
}
|
||||
ret = 1;
|
||||
} while (0);
|
||||
wc_ShaFree(&sha);
|
||||
if (ret == 0)
|
||||
return 0;
|
||||
|
||||
/* Take first 4 bytes in small endian as unsigned long */
|
||||
ret = (unsigned int)digest[0];
|
||||
ret |= ((unsigned int)digest[1] << 8 );
|
||||
ret |= ((unsigned int)digest[2] << 16);
|
||||
ret |= ((unsigned int)digest[3] << 24);
|
||||
#else
|
||||
WOLFSSL_MSG("No md5 available for wolfSSL_LH_strhash");
|
||||
WOLFSSL_MSG("No SHA available for wolfSSL_LH_strhash");
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
|
|
|
@ -29505,7 +29505,7 @@ static void test_wolfSSL_lhash(void)
|
|||
|
||||
printf(testingFmt, "wolfSSL_LH_strhash()");
|
||||
|
||||
AssertIntEQ(lh_strhash(testStr), 0xb1231320);
|
||||
AssertIntEQ(lh_strhash(testStr), 0x5b7541dc);
|
||||
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
|
@ -42923,7 +42923,9 @@ static void test_wolfSSL_EVP_get_digestbynid(void)
|
|||
|
||||
printf(testingFmt, "wolfSSL_EVP_get_digestbynid");
|
||||
|
||||
#ifndef NO_MD5
|
||||
AssertNotNull(wolfSSL_EVP_get_digestbynid(NID_md5));
|
||||
#endif
|
||||
AssertNotNull(wolfSSL_EVP_get_digestbynid(NID_sha1));
|
||||
AssertNull(wolfSSL_EVP_get_digestbynid(0));
|
||||
|
||||
|
|
Loading…
Reference in New Issue