1
0
mirror of https://github.com/rkd77/elinks.git synced 2024-12-04 14:46:47 -05:00

[cache] Modified check_sha . Refs #284

This commit is contained in:
Witold Filipczyk 2024-09-24 10:15:41 +02:00
parent c7489edcf5
commit 403bc5c6ce

98
src/cache/cache.c vendored
View File

@ -7,7 +7,8 @@
#include <string.h>
#ifdef CONFIG_OPENSSL
#include <openssl/sha.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
#endif
#include "elinks.h"
@ -934,71 +935,35 @@ shrinked_enough:
#ifdef CONFIG_OPENSSL
static int
check_sha512(const void *data, size_t len, const char *checksum)
check_sha(const char *name, const unsigned char *data, size_t len, const char *checksum)
{
unsigned char digest[SHA512_DIGEST_LENGTH] = {0};
SHA512_CTX ctx;
SHA512_Init(&ctx);
SHA512_Update(&ctx, data, len);
SHA512_Final(digest, &ctx);
EVP_MD_CTX *mdctx;
const EVP_MD *md;
unsigned char md_value[EVP_MAX_MD_SIZE];
int md_len;
md = EVP_get_digestbyname(name);
if (!md) {
return 0;
}
mdctx = EVP_MD_CTX_new();
EVP_DigestInit_ex(mdctx, md, NULL);
EVP_DigestUpdate(mdctx, data, len);
EVP_DigestFinal_ex(mdctx, md_value, &md_len);
EVP_MD_CTX_free(mdctx);
int outlen = 0;
unsigned char *b64 = base64_encode_bin(digest, SHA512_DIGEST_LENGTH, &outlen);
unsigned char *b64 = base64_encode_bin(md_value, md_len, &outlen);
int res = 0;
if (b64) {
res = !memcmp(b64, checksum, outlen);
mem_free(b64);
}
return res;
}
static int
check_sha384(const void *data, size_t len, const char *checksum)
{
unsigned char digest[SHA384_DIGEST_LENGTH] = {0};
SHA512_CTX ctx;
SHA384_Init(&ctx);
SHA384_Update(&ctx, data, len);
SHA384_Final(digest, &ctx);
int outlen = 0;
unsigned char *b64 = base64_encode_bin(digest, SHA384_DIGEST_LENGTH, &outlen);
int res = 0;
if (b64) {
res = !memcmp(b64, checksum, outlen);
mem_free(b64);
}
return res;
}
static int
check_sha256(const void *data, size_t len, const char *checksum)
{
unsigned char digest[SHA256_DIGEST_LENGTH] = {0};
SHA256_CTX ctx;
SHA256_Init(&ctx);
SHA256_Update(&ctx, data, len);
SHA256_Final(digest, &ctx);
int outlen = 0;
unsigned char *b64 = base64_encode_bin(digest, SHA256_DIGEST_LENGTH, &outlen);
int res = 0;
if (b64) {
res = !memcmp(b64, checksum, outlen);
mem_free(b64);
}
return res;
}
enum alg {
EL_SHA512 = 1,
EL_SHA384 = 2,
EL_SHA256 = 3
};
int
validate_cache_integrity(struct cache_entry *cached, const char *integrity)
{
@ -1010,38 +975,21 @@ validate_cache_integrity(struct cache_entry *cached, const char *integrity)
return 0;
}
while (1) {
int alg = 0;
skip_space(ch);
if (!ch) {
if (!(*ch)) {
return ret;
}
if (!strncmp("sha512-", ch, 7)) {
alg = EL_SHA512;
ch += 7;
ret = check_sha("sha512", frag->data, frag->length, ch);
} else if (!strncmp("sha384-", ch, 7)) {
alg = EL_SHA384;
ch += 7;
ret = check_sha("sha384", frag->data, frag->length, ch);
} else if (!strncmp("sha256-", ch, 7)) {
alg = EL_SHA256;
ch += 7;
} else {
return ret;
}
switch (alg) {
case EL_SHA512:
ret = check_sha512(frag->data, (size_t)frag->length, ch);
break;
case EL_SHA384:
ret = check_sha384(frag->data, (size_t)frag->length, ch);
break;
case EL_SHA256:
ret = check_sha256(frag->data, (size_t)frag->length, ch);
break;
default:
return ret;
ret = check_sha("sha256", frag->data, frag->length, ch);
}
if (ret) {
return ret;