diff options
| author | Yaakov Selkowitz <yselkowitz@users.sourceforge.net> | 2012-10-29 22:37:37 -0500 |
|---|---|---|
| committer | Yaakov Selkowitz <yselkowitz@users.sourceforge.net> | 2012-11-05 13:34:18 -0600 |
| commit | 54ba26cb1f9c59559cc3c449abeb31b2ce23bdba (patch) | |
| tree | 9706c9ce63926343a35fcae56b24975333e62549 | |
| parent | 2ff56033de2b493a11d2bdf411b7057b1b3a22d7 (diff) | |
os: Add libnettle as a choice of SHA1 implementation
libnettle is smaller than libgcrypt, currently being released more
frequently, and has replaced the latter in gnutls-3.x (which is used
by TigerVNC, so they can avoid pulling in two crypto libraries
simultaneously).
Signed-off-by: Yaakov Selkowitz <yselkowitz@users.sourceforge.net>
Reviewed-by: Julien Cristau <jcristau@debian.org>
| -rw-r--r-- | configure.ac | 14 | ||||
| -rw-r--r-- | include/dix-config.h.in | 3 | ||||
| -rw-r--r-- | os/xsha1.c | 30 |
3 files changed, 46 insertions, 1 deletions
diff --git a/configure.ac b/configure.ac index 86153ec81..38ac240df 100644 --- a/configure.ac +++ b/configure.ac @@ -1360,7 +1360,7 @@ CORE_INCS='-I$(top_srcdir)/include -I$(top_builddir)/include' # SHA1 hashing AC_ARG_WITH([sha1], - [AS_HELP_STRING([--with-sha1=libc|libmd|libgcrypt|libcrypto|libsha1|CommonCrypto|CryptoAPI], + [AS_HELP_STRING([--with-sha1=libc|libmd|libnettle|libgcrypt|libcrypto|libsha1|CommonCrypto|CryptoAPI], [choose SHA1 implementation])]) AC_CHECK_FUNC([SHA1Init], [HAVE_SHA1_IN_LIBC=yes]) if test "x$with_sha1" = x && test "x$HAVE_SHA1_IN_LIBC" = xyes; then @@ -1423,6 +1423,18 @@ if test "x$with_sha1" = xlibsha1; then [Use libsha1 for SHA1]) SHA1_LIBS=-lsha1 fi +AC_CHECK_LIB([nettle], [nettle_sha1_init], [HAVE_LIBNETTLE=yes]) +if test "x$with_sha1" = x && test "x$HAVE_LIBNETTLE" = xyes; then + with_sha1=libnettle +fi +if test "x$with_sha1" = xlibnettle && test "x$HAVE_LIBNETTLE" != xyes; then + AC_MSG_ERROR([libnettle requested but not found]) +fi +if test "x$with_sha1" = xlibnettle; then + AC_DEFINE([HAVE_SHA1_IN_LIBNETTLE], [1], + [Use libnettle SHA1 functions]) + SHA1_LIBS=-lnettle +fi AC_CHECK_LIB([gcrypt], [gcry_md_open], [HAVE_LIBGCRYPT=yes]) if test "x$with_sha1" = x && test "x$HAVE_LIBGCRYPT" = xyes; then with_sha1=libgcrypt diff --git a/include/dix-config.h.in b/include/dix-config.h.in index 578f249b3..b270a3238 100644 --- a/include/dix-config.h.in +++ b/include/dix-config.h.in @@ -157,6 +157,9 @@ /* Define to use libgcrypt SHA1 functions */ #undef HAVE_SHA1_IN_LIBGCRYPT +/* Define to use libnettle SHA1 functions */ +#undef HAVE_SHA1_IN_LIBNETTLE + /* Define to use libsha1 for SHA1 */ #undef HAVE_SHA1_IN_LIBSHA1 diff --git a/os/xsha1.c b/os/xsha1.c index fa66c7a06..24c0aa284 100644 --- a/os/xsha1.c +++ b/os/xsha1.c @@ -116,6 +116,36 @@ x_sha1_final(void *ctx, unsigned char result[20]) return 1; } +#elif defined(HAVE_SHA1_IN_LIBNETTLE) /* Use libnettle for SHA1 */ + +#include <nettle/sha.h> + +void * +x_sha1_init(void) +{ + struct sha1_ctx *ctx = malloc(sizeof(*ctx)); + + if (!ctx) + return NULL; + sha1_init(ctx); + return ctx; +} + +int +x_sha1_update(void *ctx, void *data, int size) +{ + sha1_update(ctx, size, data); + return 1; +} + +int +x_sha1_final(void *ctx, unsigned char result[20]) +{ + sha1_digest(ctx, 20, result); + free(ctx); + return 1; +} + #elif defined(HAVE_SHA1_IN_LIBGCRYPT) /* Use libgcrypt for SHA1 */ #include <gcrypt.h> |