tls: add NSS version for SHA1 computing function.

diff --git a/src/util-crypt.c b/src/util-crypt.c
index 5f97215eaa2356c1c3a1b6391d3042c4c341decc..a9d82013460d11343f7dc4e7ce5c096b5eb705c4 100644 (file)
--- a/src/util-crypt.c
+++ b/src/util-crypt.c
@@ -22,9 +22,18 @@
  *
  * Implements cryptographic functions.
  * Based on the libtomcrypt library ( http://libtom.org/?page=features&newsitems=5&whatfile=crypt )
+ * 
+ * Implementation of function using NSS is not linked with libtomcrypt.
  */
 
+#include "suricata-common.h"
+#include "suricata.h"
 #include "util-crypt.h"
+#ifdef HAVE_NSS
+#include <sechash.h>
+#endif
+
+#ifndef HAVE_NSS
 
 #define F0(x,y,z)  (z ^ (x & (y ^ z)))
 #define F1(x,y,z)  (x ^ y ^ z)
@@ -227,6 +236,32 @@ unsigned char* ComputeSHA1(unsigned char* buff, int bufflen)
     return lResult;
 }
 
+#else /* HAVE_NSS */
+
+unsigned char* ComputeSHA1(unsigned char* buff, int bufflen)
+{
+    HASHContext *sha1_ctx = HASH_Create(HASH_AlgSHA1);
+    unsigned char* lResult = NULL;
+    unsigned int rlen;
+    if (sha1_ctx == NULL) {
+        return NULL;
+    }
+
+    lResult = (unsigned char*) SCMalloc((sizeof(unsigned char) * 20));
+    if (lResult == NULL) {
+        HASH_Destroy(sha1_ctx);
+        return NULL;
+    }
+    HASH_Begin(sha1_ctx);
+    HASH_Update(sha1_ctx, buff, bufflen);
+    HASH_End(sha1_ctx, lResult, &rlen, (sizeof(unsigned char) * 20));
+    HASH_Destroy(sha1_ctx);
+
+    return lResult;
+}
+
+#endif /* HAVE_NSS */
+
 static const char *b64codes = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
 
 int Base64Encode(const unsigned char *in,  unsigned long inlen,

diff --git a/src/util-crypt.h b/src/util-crypt.h
index 3a7ca427a3b23136644230400bba8fb051c1010f..c6af16f855a9b011e46817eb2d80f981d527ed4b 100644 (file)
--- a/src/util-crypt.h
+++ b/src/util-crypt.h
@@ -29,6 +29,19 @@
 
 #include "suricata-common.h"
 
+typedef enum {
+    SC_SHA_1_OK,
+    SC_SHA_1_NOK,
+    SC_SHA_1_INVALID_ARG,
+
+    SC_BASE64_OK,
+    SC_BASE64_INVALID_ARG,
+    SC_BASE64_OVERFLOW,
+
+} CryptId;
+
+#ifndef HAVE_NSS
+
 #define LOAD32H(x, y)                            \
      { x = ((unsigned long)((y)[0] & 255)<<24) | \
            ((unsigned long)((y)[1] & 255)<<16) | \
@@ -49,17 +62,6 @@
 #define ROLc(x, y) ( (((unsigned long)(x)<<(unsigned long)((y)&31)) | (((unsigned long)(x)&0xFFFFFFFFUL)>>(unsigned long)(32-((y)&31)))) & 0xFFFFFFFFUL)
 #define MIN(x, y) ( ((x)<(y))?(x):(y) )
 
-typedef enum {
-    SC_SHA_1_OK,
-    SC_SHA_1_NOK,
-    SC_SHA_1_INVALID_ARG,
-
-    SC_BASE64_OK,
-    SC_BASE64_INVALID_ARG,
-    SC_BASE64_OVERFLOW,
-
-} CryptId;
-
 typedef struct Sha1State_ {
     uint64_t length;
     uint32_t state[5], curlen;
@@ -72,6 +74,8 @@ typedef union HashState_ {
     void *data;
 } HashState;
 
+#endif /* don't HAVE_NSS */
+
 unsigned char* ComputeSHA1(unsigned char* buff, int bufflen);
 int Base64Encode(const unsigned char *in,  unsigned long inlen, unsigned char *out, unsigned long *outlen);