forked from enlightenment/efl
* eet/src/lib/Eet.h,
* eet/src/lib/eet_lib.c, * eet/src/lib/eet_cipher.c, * eet/src/lib/Eet_private.h: Add a function to retrieve SHA1 of an associated Eet_File. Note: Sadly GnuTLS doesn't seem to provide a gnutls_x509_crt_verify_hash function. SVN revision: 38982
This commit is contained in:
parent
29cad587b5
commit
5f0475267c
|
@ -313,6 +313,14 @@ extern "C" {
|
||||||
*/
|
*/
|
||||||
EAPI const void *eet_identity_signature(Eet_File *ef, int *signature_length);
|
EAPI const void *eet_identity_signature(Eet_File *ef, int *signature_length);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the SHA1 associated with a file. Could be the one used to sign the data
|
||||||
|
* or if the data where not signed, it will be the SHA1 of the file.
|
||||||
|
*
|
||||||
|
* @since 2.0.0
|
||||||
|
*/
|
||||||
|
EAPI const void *eet_identity_sha1(Eet_File *ef, int *sha1_length);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Display the x509 der certificate to out.
|
* Display the x509 der certificate to out.
|
||||||
*
|
*
|
||||||
|
|
|
@ -72,6 +72,8 @@ const void* eet_identity_check(const void *data_base, unsigned int data_length,
|
||||||
const void *signature_base, unsigned int signature_length,
|
const void *signature_base, unsigned int signature_length,
|
||||||
const void **raw_signature_base, unsigned int *raw_signature_length,
|
const void **raw_signature_base, unsigned int *raw_signature_length,
|
||||||
int *x509_length);
|
int *x509_length);
|
||||||
|
void *eet_identity_compute_sha1(const void *data_base, unsigned int data_length,
|
||||||
|
int *sha1_length);
|
||||||
Eet_Error eet_cipher(const void *data, unsigned int size, const char *key, unsigned int length, void **result, unsigned int *result_length);
|
Eet_Error eet_cipher(const void *data, unsigned int size, const char *key, unsigned int length, void **result, unsigned int *result_length);
|
||||||
Eet_Error eet_decipher(const void *data, unsigned int size, const char *key, unsigned int length, void **result, unsigned int *result_length);
|
Eet_Error eet_decipher(const void *data, unsigned int size, const char *key, unsigned int length, void **result, unsigned int *result_length);
|
||||||
Eet_Error eet_identity_sign(FILE *fp, Eet_Key *key);
|
Eet_Error eet_identity_sign(FILE *fp, Eet_Key *key);
|
||||||
|
|
|
@ -30,6 +30,10 @@
|
||||||
# endif
|
# endif
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifdef HAVE_OPENSSL
|
||||||
|
# include <openssl/sha.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifdef HAVE_CIPHER
|
#ifdef HAVE_CIPHER
|
||||||
# ifdef HAVE_GNUTLS
|
# ifdef HAVE_GNUTLS
|
||||||
# include <gnutls/x509.h>
|
# include <gnutls/x509.h>
|
||||||
|
@ -337,6 +341,31 @@ eet_identity_unref(Eet_Key *key)
|
||||||
eet_identity_close(key);
|
eet_identity_close(key);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void *
|
||||||
|
eet_identity_compute_sha1(const void *data_base, unsigned int data_length,
|
||||||
|
int *sha1_length)
|
||||||
|
{
|
||||||
|
void *result;
|
||||||
|
|
||||||
|
#ifdef HAVE_GNUTLS
|
||||||
|
result = malloc(gcry_md_get_algo_dlen(GCRY_MD_SHA1));
|
||||||
|
if (!result) return NULL;
|
||||||
|
|
||||||
|
gcry_md_hash_buffer(GCRY_MD_SHA1, result, data_base, data_length);
|
||||||
|
#else
|
||||||
|
# ifdef HAVE_OPENSSL
|
||||||
|
result = malloc(SHA_DIGEST_LENGTH);
|
||||||
|
if (!result) return NULL;
|
||||||
|
|
||||||
|
SHA1(data_base, data_length, result);
|
||||||
|
# else
|
||||||
|
result = NULL;
|
||||||
|
# endif
|
||||||
|
#endif
|
||||||
|
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
Eet_Error
|
Eet_Error
|
||||||
eet_identity_sign(FILE *fp, Eet_Key *key)
|
eet_identity_sign(FILE *fp, Eet_Key *key)
|
||||||
{
|
{
|
||||||
|
@ -513,11 +542,12 @@ eet_identity_check(const void *data_base, unsigned int data_length,
|
||||||
gnutls_x509_crt_init(&cert);
|
gnutls_x509_crt_init(&cert);
|
||||||
gnutls_x509_crt_import(cert, &datum, GNUTLS_X509_FMT_DER);
|
gnutls_x509_crt_import(cert, &datum, GNUTLS_X509_FMT_DER);
|
||||||
|
|
||||||
|
signature.data = (void *)sign;
|
||||||
|
signature.size = sign_len;
|
||||||
|
|
||||||
/* Verify the signature */
|
/* Verify the signature */
|
||||||
datum.data = (void *)data_base;
|
datum.data = (void *)data_base;
|
||||||
datum.size = data_length;
|
datum.size = data_length;
|
||||||
signature.data = (void *)sign;
|
|
||||||
signature.size = sign_len;
|
|
||||||
if (!gnutls_x509_crt_verify_data(cert, 0, &datum, &signature))
|
if (!gnutls_x509_crt_verify_data(cert, 0, &datum, &signature))
|
||||||
return NULL;
|
return NULL;
|
||||||
# else
|
# else
|
||||||
|
|
|
@ -90,6 +90,7 @@ struct _Eet_File
|
||||||
const unsigned char *data;
|
const unsigned char *data;
|
||||||
const void *x509_der;
|
const void *x509_der;
|
||||||
const void *signature;
|
const void *signature;
|
||||||
|
void *sha1;
|
||||||
|
|
||||||
Eet_File_Mode mode;
|
Eet_File_Mode mode;
|
||||||
|
|
||||||
|
@ -99,6 +100,7 @@ struct _Eet_File
|
||||||
int data_size;
|
int data_size;
|
||||||
int x509_length;
|
int x509_length;
|
||||||
unsigned int signature_length;
|
unsigned int signature_length;
|
||||||
|
unsigned int sha1_length;
|
||||||
|
|
||||||
time_t mtime;
|
time_t mtime;
|
||||||
|
|
||||||
|
@ -1266,6 +1268,8 @@ eet_memopen_read(const void *data, size_t size)
|
||||||
ef->readfp = NULL;
|
ef->readfp = NULL;
|
||||||
ef->data = data;
|
ef->data = data;
|
||||||
ef->data_size = size;
|
ef->data_size = size;
|
||||||
|
ef->sha1 = NULL;
|
||||||
|
ef->sha1_length = 0;
|
||||||
|
|
||||||
return eet_internal_read(ef);
|
return eet_internal_read(ef);
|
||||||
}
|
}
|
||||||
|
@ -1382,6 +1386,8 @@ eet_open(const char *file, Eet_File_Mode mode)
|
||||||
ef->delete_me_now = 0;
|
ef->delete_me_now = 0;
|
||||||
ef->data = NULL;
|
ef->data = NULL;
|
||||||
ef->data_size = 0;
|
ef->data_size = 0;
|
||||||
|
ef->sha1 = NULL;
|
||||||
|
ef->sha1_length = 0;
|
||||||
|
|
||||||
ef->ed = (mode == EET_FILE_MODE_WRITE)
|
ef->ed = (mode == EET_FILE_MODE_WRITE)
|
||||||
|| (ef->fp == NULL && mode == EET_FILE_MODE_READ_WRITE) ?
|
|| (ef->fp == NULL && mode == EET_FILE_MODE_READ_WRITE) ?
|
||||||
|
@ -1456,6 +1462,16 @@ eet_identity_signature(Eet_File *ef, int *signature_length)
|
||||||
return ef->signature;
|
return ef->signature;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
EAPI const void *
|
||||||
|
eet_identity_sha1(Eet_File *ef, int *sha1_length)
|
||||||
|
{
|
||||||
|
if (!ef->sha1)
|
||||||
|
ef->sha1 = eet_identity_compute_sha1(ef->data, ef->data_size, &ef->sha1_length);
|
||||||
|
|
||||||
|
if (sha1_length) *sha1_length = ef->sha1_length;
|
||||||
|
return ef->sha1;
|
||||||
|
}
|
||||||
|
|
||||||
EAPI Eet_Error
|
EAPI Eet_Error
|
||||||
eet_identity_set(Eet_File *ef, Eet_Key *key)
|
eet_identity_set(Eet_File *ef, Eet_Key *key)
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue