support polarssl 1.3

Conflicts:
	pdns/sha.hh

also support polarssl 1.2.9+

diff --git a/pdns/polarrsakeyinfra.cc b/pdns/polarrsakeyinfra.cc
index 13a25a07796e1456dfba622b0782cd98315bf56d..9447e890afe5817109616e70816ccd38c87553f6 100644 (file)
--- a/pdns/polarrsakeyinfra.cc
+++ b/pdns/polarrsakeyinfra.cc
@@ -1,10 +1,38 @@
 #include <polarssl/rsa.h>
 #include <polarssl/base64.h>
-#include <polarssl/sha1.h>
-#include <polarssl/sha2.h>
-#include <polarssl/sha4.h>
 #include <polarssl/entropy.h>
 #include <polarssl/ctr_drbg.h>
+#if POLARSSL_VERSION_NUMBER >= 0x01030000
+  #include <polarssl/sha1.h>
+  #include <polarssl/sha256.h>
+  #include <polarssl/sha512.h>
+  typedef sha256_context sha2_context;
+  typedef sha512_context sha4_context;
+  #define sha2_finish sha256_finish
+  #define sha2_hmac_finish sha256_hmac_finish
+  #define sha2_hmac_starts sha256_hmac_starts
+  #define sha2_hmac_update sha256_hmac_update
+  #define sha2_starts sha256_starts
+  #define sha2_update sha256_update
+  #define sha4_finish sha512_finish
+  #define sha4_hmac_finish sha512_hmac_finish
+  #define sha4_hmac_starts sha512_hmac_starts
+  #define sha4_hmac_update sha512_hmac_update
+  #define sha4_starts sha512_starts
+  #define sha4_update sha512_update
+  #define POLARSSL_SHA2_C POLARSSL_SHA256_C
+  #define POLARSSL_SHA4_C POLARSSL_SHA512_C
+  #define SIG_RSA_SHA1    POLARSSL_MD_SHA1
+  #define SIG_RSA_SHA224  POLARSSL_MD_SHA224
+  #define SIG_RSA_SHA256  POLARSSL_MD_SHA256
+  #define SIG_RSA_SHA384  POLARSSL_MD_SHA384
+  #define SIG_RSA_SHA512  POLARSSL_MD_SHA512
+#else
+  #include <polarssl/sha1.h>
+  #include <polarssl/sha2.h>
+  #include <polarssl/sha4.h>
+  typedef int md_type_t;
+#endif
 #include <boost/assign/std/vector.hpp> // for 'operator+=()'
 #include <boost/foreach.hpp>
 #include "dnssecinfra.hh"
@@ -137,7 +165,8 @@ std::string RSADNSCryptoKeyEngine::sign(const std::string& msg) const
 {
   string hash = this->hash(msg);
   unsigned char signature[mpi_size(&d_context.N)];
-  int hashKind;
+  md_type_t hashKind;
+
   if(hash.size()==20)
     hashKind= SIG_RSA_SHA1;
   else if(hash.size()==32) 
@@ -159,7 +188,7 @@ std::string RSADNSCryptoKeyEngine::sign(const std::string& msg) const
 
 bool RSADNSCryptoKeyEngine::verify(const std::string& msg, const std::string& signature) const
 {
-  int hashKind;
+  md_type_t hashKind;
   string hash=this->hash(msg);
   if(hash.size()==20)
     hashKind= SIG_RSA_SHA1;
@@ -168,7 +197,11 @@ bool RSADNSCryptoKeyEngine::verify(const std::string& msg, const std::string& si
   else
     hashKind = SIG_RSA_SHA512;
   
-  int ret=rsa_pkcs1_verify(const_cast<rsa_context*>(&d_context), RSA_PUBLIC, 
+  int ret=rsa_pkcs1_verify(const_cast<rsa_context*>(&d_context),
+#if POLARSSL_VERSION_NUMBER >= 0x01020900
+    NULL, NULL,
+#endif
+    RSA_PUBLIC,
     hashKind,
     hash.size(),
     (const unsigned char*) hash.c_str(), (unsigned char*) signature.c_str());
@@ -185,12 +218,20 @@ std::string RSADNSCryptoKeyEngine::hash(const std::string& toHash) const
   } 
   else if(d_algorithm == 8) { // RSASHA256
     unsigned char hash[32];
+#if POLARSSL_VERSION_NUMBER >= 0x01030000
+    sha256((unsigned char*)toHash.c_str(), toHash.length(), hash, 0);
+#else
     sha2((unsigned char*)toHash.c_str(), toHash.length(), hash, 0);
+#endif
     return string((char*)hash, sizeof(hash));
   } 
   else if(d_algorithm == 10) { // RSASHA512
     unsigned char hash[64];
+#if POLARSSL_VERSION_NUMBER >= 0x01030000
+    sha512((unsigned char*)toHash.c_str(), toHash.length(), hash, 0);
+#else
     sha4((unsigned char*)toHash.c_str(), toHash.length(), hash, 0);
+#endif
     return string((char*)hash, sizeof(hash));
   }
   throw runtime_error("PolarSSL hashing method can't hash algorithm "+lexical_cast<string>(d_algorithm));