File zchunk-OpenSSL-3-EVP-API.patch of Package zchunk
From 8be0795f70b9837ac6f64172ac316abcbed4556c Mon Sep 17 00:00:00 2001
From: Matt Wood <42819613+mattwood-microchip@users.noreply.github.com>
Date: Fri, 3 Nov 2023 15:45:25 -0400
Subject: [PATCH] Rework hash code to support openSSL 3.x EVP API (#98)
* Rework hash code to support openSSL 3.x EVP API
Reorganize hash code to support either openSSL API or bundled sha code.
This also allows other digest libraries to be added in the future.
Signed-off-by: Matt Wood <matt.wood@microchip.com>
Index: zchunk-1.1.16/meson.build
===================================================================
--- zchunk-1.1.16.orig/meson.build
+++ zchunk-1.1.16/meson.build
@@ -37,12 +37,16 @@ else
argplib = dependency('', required : false)
endif
+# openssl dependency
if get_option('with-openssl') == 'disabled'
openssl_dep = dependency('', required : false)
else
openssl_dep = dependency('openssl', required : get_option('with-openssl') == 'enabled')
if openssl_dep.found()
add_project_arguments('-DZCHUNK_OPENSSL', language : 'c')
+ if openssl_dep.version().version_compare('<3.0.0')
+ add_project_arguments('-DZCHUNK_OPENSSL_DEPRECATED', language : 'c')
+ endif
endif
endif
Index: zchunk-1.1.16/src/lib/hash/bundled/libsha.c
===================================================================
--- /dev/null
+++ zchunk-1.1.16/src/lib/hash/bundled/libsha.c
@@ -0,0 +1,137 @@
+/*
+ * Copyright 2018 Jonathan Dieter <jdieter@gmail.com>
+ * Copyright 2023 Matt Wood <matt.wood@microchip.com>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <stdlib.h>
+#include <stdint.h>
+#include <zck.h>
+#include "zck_private.h"
+#include "libsha.h"
+
+static void SHA256_Final(unsigned char *md, SHA256_CTX *c)
+{
+ sha256_final(c, md);
+}
+
+static void SHA512_Final(unsigned char *md, SHA512_CTX *c)
+{
+ sha512_final(c, md);
+}
+
+void lib_hash_ctx_close(zckHash *hash)
+{
+ free(hash->ctx);
+}
+
+bool lib_hash_init(zckCtx *zck, zckHash *hash)
+{
+ if(hash->type->type == ZCK_HASH_SHA1) {
+ zck_log(ZCK_LOG_DDEBUG, "Initializing SHA-1 hash");
+ hash->ctx = zmalloc(sizeof(SHA_CTX));
+ if (!hash->ctx) {
+ zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
+ return false;
+ }
+ SHA1_Init((SHA_CTX *) hash->ctx);
+ return true;
+ } else if(hash->type->type == ZCK_HASH_SHA256) {
+ zck_log(ZCK_LOG_DDEBUG, "Initializing SHA-256 hash");
+ hash->ctx = zmalloc(sizeof(SHA256_CTX));
+ if (!hash->ctx) {
+ zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
+ return false;
+ }
+ SHA256_Init((SHA256_CTX *) hash->ctx);
+ return true;
+ } else if(hash->type->type >= ZCK_HASH_SHA512 &&
+ hash->type->type <= ZCK_HASH_SHA512_128) {
+ zck_log(ZCK_LOG_DDEBUG, "Initializing SHA-512 hash");
+ hash->ctx = zmalloc(sizeof(SHA512_CTX));
+ if (!hash->ctx) {
+ zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
+ return false;
+ }
+ SHA512_Init((SHA512_CTX *) hash->ctx);
+ return true;
+ }
+ set_error(zck, "Unsupported hash type: %s", zck_hash_name_from_type(hash->type->type));
+ return false;
+}
+
+bool lib_hash_update(zckCtx *zck, zckHash *hash, const char *message, const size_t size)
+{
+ if(hash->type->type == ZCK_HASH_SHA1) {
+ SHA1_Update((SHA_CTX *)hash->ctx, (const sha1_byte *)message, size);
+ return true;
+ } else if(hash->type->type == ZCK_HASH_SHA256) {
+ SHA256_Update((SHA256_CTX *)hash->ctx,
+ (const unsigned char *)message, size);
+ return true;
+ } else if(hash->type->type >= ZCK_HASH_SHA512 &&
+ hash->type->type <= ZCK_HASH_SHA512_128) {
+ SHA512_Update((SHA512_CTX *)hash->ctx,
+ (const unsigned char *)message, size);
+ return true;
+ }
+ set_error(zck, "Unsupported hash type: %s", zck_hash_name_from_type(hash->type->type));
+ return false;
+}
+
+char *lib_hash_final(zckCtx *zck, zckHash *hash)
+{
+ if(hash->type->type == ZCK_HASH_SHA1) {
+ unsigned char *digest = zmalloc(SHA1_DIGEST_LENGTH);
+ if (!digest) {
+ zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
+ return false;
+ }
+ SHA1_Final((sha1_byte*)digest, (SHA_CTX *)hash->ctx);
+ hash_close(hash);
+ return (char *)digest;
+ } else if(hash->type->type == ZCK_HASH_SHA256) {
+ unsigned char *digest = zmalloc(SHA256_DIGEST_SIZE);
+ if (!digest) {
+ zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
+ return false;
+ }
+ SHA256_Final(digest, (SHA256_CTX *)hash->ctx);
+ hash_close(hash);
+ return (char *)digest;
+ } else if(hash->type->type >= ZCK_HASH_SHA512 &&
+ hash->type->type <= ZCK_HASH_SHA512_128) {
+ unsigned char *digest = zmalloc(SHA512_DIGEST_SIZE);
+ if (!digest) {
+ zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
+ return false;
+ }
+ SHA512_Final(digest, (SHA512_CTX *)hash->ctx);
+ hash_close(hash);
+ return (char *)digest;
+ }
+ set_error(zck, "Unsupported hash type: %s", zck_hash_name_from_type(hash->type->type));
+ hash_close(hash);
+ return NULL;
+}
Index: zchunk-1.1.16/src/lib/hash/bundled/libsha.h
===================================================================
--- /dev/null
+++ zchunk-1.1.16/src/lib/hash/bundled/libsha.h
@@ -0,0 +1,21 @@
+#ifndef __LIBSHA_H__
+#define __LIBSHA_H__
+
+#include "zck_private.h"
+#include "sha1/sha1.h"
+#include "sha2/sha2.h"
+
+#define SHA256_CTX sha256_ctx
+#define SHA256_Init sha256_init
+#define SHA256_Update sha256_update
+
+#define SHA512_CTX sha512_ctx
+#define SHA512_Init sha512_init
+#define SHA512_Update sha512_update
+
+void lib_hash_ctx_close(zckHash *hash);
+bool lib_hash_init(zckCtx *zck, zckHash *hash);
+bool lib_hash_update(zckCtx *zck, zckHash *hash, const char *message, const size_t size);
+char *lib_hash_final(zckCtx *zck, zckHash *hash);
+
+#endif
Index: zchunk-1.1.16/src/lib/hash/bundled/meson.build
===================================================================
--- /dev/null
+++ zchunk-1.1.16/src/lib/hash/bundled/meson.build
@@ -0,0 +1,3 @@
+lib_sources += files('libsha.c')
+subdir('sha1')
+subdir('sha2')
Index: zchunk-1.1.16/src/lib/hash/hash.c
===================================================================
--- zchunk-1.1.16.orig/src/lib/hash/hash.c
+++ zchunk-1.1.16/src/lib/hash/hash.c
@@ -33,31 +33,12 @@
#include "zck_private.h"
-/***** If we're not using OpenSSL, use bundled sha libraries *****/
-#ifndef ZCHUNK_OPENSSL
-#include "sha1/sha1.h"
-#include "sha2/sha2.h"
-#define SHA256_CTX sha256_ctx
-#define SHA256_Init sha256_init
-#define SHA256_Update sha256_update
-static void SHA256_Final(unsigned char *md, SHA256_CTX *c) {
- sha256_final(c, md);
-}
-#define SHA512_CTX sha512_ctx
-#define SHA512_Init sha512_init
-#define SHA512_Update sha512_update
-static void SHA512_Final(unsigned char *md, SHA512_CTX *c) {
- sha512_final(c, md);
-}
-/***** If we are using OpenSSL, set the defines accordingly *****/
+#if defined(ZCHUNK_OPENSSL)
+#include "openssl/openssl.h"
#else
-#include <openssl/sha.h>
-#define SHA512_DIGEST_SIZE SHA512_DIGEST_LENGTH
-#define SHA256_DIGEST_SIZE SHA256_DIGEST_LENGTH
-#define SHA1_DIGEST_LENGTH SHA_DIGEST_LENGTH
-#define sha1_byte void
+/***** Using bundled sha libraries *****/
+#include "bundled/libsha.h"
#endif
-
/* This needs to be updated to the largest hash size every time a new hash type
* is added */
int get_max_hash_size() {
@@ -186,12 +167,13 @@ bool hash_setup(zckCtx *zck, zckHashType
return false;
}
-void hash_close(zckHash *hash) {
+void hash_close(zckHash *hash)
+{
if(!hash)
return;
if(hash->ctx) {
- free(hash->ctx);
+ lib_hash_ctx_close(hash);
hash->ctx = NULL;
}
hash->type = NULL;
@@ -209,29 +191,10 @@ bool hash_init(zckCtx *zck, zckHash *has
set_error(zck, "Either zckHash or zckHashType struct is null");
return false;
}
- if(hash_type->type == ZCK_HASH_SHA1) {
- zck_log(ZCK_LOG_DDEBUG, "Initializing SHA-1 hash");
- hash->ctx = zmalloc(sizeof(SHA_CTX));
- hash->type = hash_type;
- SHA1_Init((SHA_CTX *) hash->ctx);
- return true;
- } else if(hash_type->type == ZCK_HASH_SHA256) {
- zck_log(ZCK_LOG_DDEBUG, "Initializing SHA-256 hash");
- hash->ctx = zmalloc(sizeof(SHA256_CTX));
- hash->type = hash_type;
- SHA256_Init((SHA256_CTX *) hash->ctx);
- return true;
- } else if(hash_type->type >= ZCK_HASH_SHA512 &&
- hash_type->type <= ZCK_HASH_SHA512_128) {
- zck_log(ZCK_LOG_DDEBUG, "Initializing SHA-512 hash");
- hash->ctx = zmalloc(sizeof(SHA512_CTX));
- hash->type = hash_type;
- SHA512_Init((SHA512_CTX *) hash->ctx);
- return true;
- }
- set_error(zck, "Unsupported hash type: %s",
- zck_hash_name_from_type(hash_type->type));
- return false;
+
+ hash->type = hash_type;
+
+ return lib_hash_init(zck, hash);
}
bool hash_update(zckCtx *zck, zckHash *hash, const char *message,
@@ -249,23 +212,7 @@ bool hash_update(zckCtx *zck, zckHash *h
return false;
}
if(hash && hash->ctx && hash->type) {
- if(hash->type->type == ZCK_HASH_SHA1) {
- SHA1_Update((SHA_CTX *)hash->ctx, (const sha1_byte *)message, size);
- return true;
- } else if(hash->type->type == ZCK_HASH_SHA256) {
- SHA256_Update((SHA256_CTX *)hash->ctx,
- (const unsigned char *)message, size);
- return true;
- } else if(hash->type->type >= ZCK_HASH_SHA512 &&
- hash->type->type <= ZCK_HASH_SHA512_128) {
- SHA512_Update((SHA512_CTX *)hash->ctx,
- (const unsigned char *)message, size);
- return true;
- }
- set_error(zck, "Unsupported hash type: %s",
- zck_hash_name_from_type(hash->type->type));
-
- return false;
+ return lib_hash_update(zck, hash, message, size);
}
set_error(zck, "Hash hasn't been initialized");
return false;
@@ -277,27 +224,7 @@ char *hash_finalize(zckCtx *zck, zckHash
hash_close(hash);
return NULL;
}
- if(hash->type->type == ZCK_HASH_SHA1) {
- unsigned char *digest = zmalloc(SHA1_DIGEST_LENGTH);
- SHA1_Final((sha1_byte*)digest, (SHA_CTX *)hash->ctx);
- hash_close(hash);
- return (char *)digest;
- } else if(hash->type->type == ZCK_HASH_SHA256) {
- unsigned char *digest = zmalloc(SHA256_DIGEST_SIZE);
- SHA256_Final(digest, (SHA256_CTX *)hash->ctx);
- hash_close(hash);
- return (char *)digest;
- } else if(hash->type->type >= ZCK_HASH_SHA512 &&
- hash->type->type <= ZCK_HASH_SHA512_128) {
- unsigned char *digest = zmalloc(SHA512_DIGEST_SIZE);
- SHA512_Final(digest, (SHA512_CTX *)hash->ctx);
- hash_close(hash);
- return (char *)digest;
- }
- set_error(zck, "Unsupported hash type: %s",
- zck_hash_name_from_type(hash->type->type));
- hash_close(hash);
- return NULL;
+ return lib_hash_final(zck, hash);
}
bool set_full_hash_type(zckCtx *zck, int hash_type) {
Index: zchunk-1.1.16/src/lib/hash/meson.build
===================================================================
--- zchunk-1.1.16.orig/src/lib/hash/meson.build
+++ zchunk-1.1.16/src/lib/hash/meson.build
@@ -1,5 +1,6 @@
lib_sources += files('hash.c')
-if not openssl_dep.found()
- subdir('sha1')
- subdir('sha2')
+if openssl_dep.found()
+ subdir('openssl')
+else
+ subdir('bundled')
endif
Index: zchunk-1.1.16/src/lib/hash/openssl/meson.build
===================================================================
--- /dev/null
+++ zchunk-1.1.16/src/lib/hash/openssl/meson.build
@@ -0,0 +1 @@
+lib_sources += files('openssl.c')
Index: zchunk-1.1.16/src/lib/hash/openssl/openssl.c
===================================================================
--- /dev/null
+++ zchunk-1.1.16/src/lib/hash/openssl/openssl.c
@@ -0,0 +1,221 @@
+/*
+ * Copyright 2018 Jonathan Dieter <jdieter@gmail.com>
+ * Copyright 2023 Matt Wood <matt.wood@microchip.com>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <stdint.h>
+#include <stdbool.h>
+#include "openssl.h"
+
+void lib_hash_ctx_close(zckHash *hash)
+{
+#if defined(ZCHUNK_OPENSSL_DEPRECATED)
+ free(hash->ctx);
+#else
+ EVP_MD_CTX_free(hash->ctx);
+#endif
+}
+
+bool lib_hash_init(zckCtx *zck, zckHash *hash)
+{
+#if defined(ZCHUNK_OPENSSL_DEPRECATED)
+ if(hash->type->type == ZCK_HASH_SHA1) {
+ zck_log(ZCK_LOG_DDEBUG, "Initializing SHA-1 hash");
+ hash->ctx = zmalloc(sizeof(SHA_CTX));
+ if (!hash->ctx) {
+ zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
+ return false;
+ }
+ SHA1_Init((SHA_CTX *) hash->ctx);
+ return true;
+ } else if(hash->type->type == ZCK_HASH_SHA256) {
+ zck_log(ZCK_LOG_DDEBUG, "Initializing SHA-256 hash");
+ hash->ctx = zmalloc(sizeof(SHA256_CTX));
+ if (!hash->ctx) {
+ zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
+ return false;
+ }
+ SHA256_Init((SHA256_CTX *) hash->ctx);
+ return true;
+ } else if(hash->type->type >= ZCK_HASH_SHA512 &&
+ hash->type->type <= ZCK_HASH_SHA512_128) {
+ zck_log(ZCK_LOG_DDEBUG, "Initializing SHA-512 hash");
+ hash->ctx = zmalloc(sizeof(SHA512_CTX));
+ if (!hash->ctx) {
+ zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
+ return false;
+ }
+ SHA512_Init((SHA512_CTX *) hash->ctx);
+ return true;
+ }
+#else
+ hash->ctx = EVP_MD_CTX_new();
+ if (!hash->ctx) {
+ zck_log(ZCK_LOG_ERROR, "openSSL context create error in %s", __func__);
+ return false;
+ }
+
+ if(hash->type->type == ZCK_HASH_SHA1) {
+ zck_log(ZCK_LOG_DDEBUG, "Initializing SHA-1 hash");
+ if (!EVP_DigestInit_ex(hash->ctx, EVP_sha1(), NULL)) {
+ zck_log(ZCK_LOG_ERROR, "openSSL digest init error in %s", __func__);
+ hash_close(hash);
+ return false;
+ }
+ return true;
+ } else if(hash->type->type == ZCK_HASH_SHA256) {
+ zck_log(ZCK_LOG_DDEBUG, "Initializing SHA-256 hash");
+ if (!EVP_DigestInit_ex(hash->ctx, EVP_sha256(), NULL)) {
+ zck_log(ZCK_LOG_ERROR, "openSSL digest init error in %s", __func__);
+ hash_close(hash);
+ return false;
+ }
+ return true;
+
+ } else if(hash->type->type >= ZCK_HASH_SHA512 &&
+ hash->type->type <= ZCK_HASH_SHA512_128) {
+ zck_log(ZCK_LOG_DDEBUG, "Initializing SHA-512 hash");
+ if (!EVP_DigestInit_ex(hash->ctx, EVP_sha512(), NULL)) {
+ zck_log(ZCK_LOG_ERROR, "openSSL digest init error in %s", __func__);
+ hash_close(hash);
+ return false;
+ }
+ return true;
+ }
+#endif
+ set_error(zck, "Unsupported hash type: %s", zck_hash_name_from_type(hash->type->type));
+ return false;
+}
+
+bool lib_hash_update(zckCtx *zck, zckHash *hash, const char *message, const size_t size)
+{
+#if defined(ZCHUNK_OPENSSL_DEPRECATED)
+ if(hash->type->type == ZCK_HASH_SHA1) {
+ SHA1_Update((SHA_CTX *)hash->ctx, (const sha1_byte *)message, size);
+ return true;
+ } else if(hash->type->type == ZCK_HASH_SHA256) {
+ SHA256_Update((SHA256_CTX *)hash->ctx,
+ (const unsigned char *)message, size);
+ return true;
+ } else if(hash->type->type >= ZCK_HASH_SHA512 &&
+ hash->type->type <= ZCK_HASH_SHA512_128) {
+ SHA512_Update((SHA512_CTX *)hash->ctx,
+ (const unsigned char *)message, size);
+ return true;
+ }
+ set_error(zck, "Unsupported hash type: %s", zck_hash_name_from_type(hash->type->type));
+ return false;
+#else
+ if (!EVP_DigestUpdate(hash->ctx, message, size)) {
+ set_error(zck, "%s digest update error", zck_hash_name_from_type(hash->type->type));
+ hash_close(hash);
+ return false;
+ } else {
+ return true;
+ }
+#endif
+}
+
+char *lib_hash_final(zckCtx *zck, zckHash *hash)
+{
+#if defined(ZCHUNK_OPENSSL_DEPRECATED)
+ if(hash->type->type == ZCK_HASH_SHA1) {
+ unsigned char *digest = zmalloc(SHA1_DIGEST_LENGTH);
+ if (!digest) {
+ zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
+ return false;
+ }
+ SHA1_Final((sha1_byte*)digest, (SHA_CTX *)hash->ctx);
+ hash_close(hash);
+ return (char *)digest;
+ } else if(hash->type->type == ZCK_HASH_SHA256) {
+ unsigned char *digest = zmalloc(SHA256_DIGEST_SIZE);
+ if (!digest) {
+ zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
+ return false;
+ }
+ SHA256_Final(digest, (SHA256_CTX *)hash->ctx);
+ hash_close(hash);
+ return (char *)digest;
+ } else if(hash->type->type >= ZCK_HASH_SHA512 && hash->type->type <= ZCK_HASH_SHA512_128) {
+ unsigned char *digest = zmalloc(SHA512_DIGEST_SIZE);
+ if (!digest) {
+ zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
+ return false;
+ }
+ SHA512_Final(digest, (SHA512_CTX *)hash->ctx);
+ hash_close(hash);
+ return (char *)digest;
+ }
+#else
+ if(hash->type->type == ZCK_HASH_SHA1) {
+ unsigned char *digest = zmalloc(SHA1_DIGEST_LENGTH);
+ if (!digest) {
+ zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
+ return false;
+ }
+ unsigned int len;
+ if (!EVP_DigestFinal_ex(hash->ctx, digest, &len)) {
+ set_error(zck, "%s digest finalize error", zck_hash_name_from_type(hash->type->type));
+ hash_close(hash);
+ return NULL;
+ }
+ hash_close(hash);
+ return (char *)digest;
+ } else if(hash->type->type == ZCK_HASH_SHA256) {
+ unsigned char *digest = zmalloc(SHA256_DIGEST_SIZE);
+ if (!digest) {
+ zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
+ return false;
+ }
+ unsigned int len;
+ if (!EVP_DigestFinal_ex(hash->ctx, digest, &len)) {
+ set_error(zck, "%s digest finalize error", zck_hash_name_from_type(hash->type->type));
+ hash_close(hash);
+ return NULL;
+ }
+ hash_close(hash);
+ return (char *)digest;
+ } else if(hash->type->type >= ZCK_HASH_SHA512 &&
+ hash->type->type <= ZCK_HASH_SHA512_128) {
+ unsigned char *digest = zmalloc(SHA512_DIGEST_SIZE);
+ if (!digest) {
+ zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
+ return false;
+ }
+ unsigned int len;
+ if (!EVP_DigestFinal_ex(hash->ctx, digest, &len)) {
+ set_error(zck, "%s digest finalize error", zck_hash_name_from_type(hash->type->type));
+ hash_close(hash);
+ return NULL;
+ }
+ hash_close(hash);
+ return (char *)digest;
+ }
+#endif
+ set_error(zck, "Unsupported hash type: %s", zck_hash_name_from_type(hash->type->type));
+ hash_close(hash);
+ return NULL;
+}
Index: zchunk-1.1.16/src/lib/hash/openssl/openssl.h
===================================================================
--- /dev/null
+++ zchunk-1.1.16/src/lib/hash/openssl/openssl.h
@@ -0,0 +1,26 @@
+#ifndef __OPENSSL_H__
+#define __OPENSSL_H__
+
+#include "zck_private.h"
+#include <openssl/sha.h>
+
+#define SHA1_DIGEST_LENGTH SHA_DIGEST_LENGTH
+#define SHA224_DIGEST_SIZE SHA224_DIGEST_LENGTH
+#define SHA256_DIGEST_SIZE SHA256_DIGEST_LENGTH
+#define SHA384_DIGEST_SIZE SHA384_DIGEST_LENGTH
+#define SHA512_DIGEST_SIZE SHA512_DIGEST_LENGTH
+
+#if defined(ZCHUNK_OPENSSL_DEPRECATED)
+/***** using legacy OpenSSL API *****/
+#define sha1_byte void
+#else
+/***** using OpenSSL3 EVP API *****/
+#include <openssl/evp.h>
+#endif
+
+void lib_hash_ctx_close(zckHash *hash);
+bool lib_hash_init(zckCtx *zck, zckHash *hash);
+bool lib_hash_update(zckCtx *zck, zckHash *hash, const char *message, const size_t size);
+char *lib_hash_final(zckCtx *zck, zckHash *hash);
+
+#endif
Index: zchunk-1.1.16/src/lib/zck_private.h
===================================================================
--- zchunk-1.1.16.orig/src/lib/zck_private.h
+++ zchunk-1.1.16/src/lib/zck_private.h
@@ -10,6 +10,10 @@
#include "uthash.h"
#include "zck.h"
+#if defined(ZCHUNK_OPENSSL) && !defined(ZCHUNK_OPENSSL_DEPRECATED)
+#include <openssl/evp.h>
+#endif
+
#define BUF_SIZE 32768
/* Maximum string length for a compressed size_t */
#define MAX_COMP_SIZE (((sizeof(size_t) * 8) / 7) + 1)
@@ -110,7 +114,11 @@ typedef struct zckHashType {
struct zckHash {
zckHashType *type;
+#if defined(ZCHUNK_OPENSSL) && !defined(ZCHUNK_OPENSSL_DEPRECATED)
+ EVP_MD_CTX *ctx;
+#else
void *ctx;
+#endif
};
typedef void CURL;
