Permalink
Browse files

support polarssl 1.3

Conflicts:
	pdns/sha.hh

also support polarssl 1.2.9+
  • Loading branch information...
1 parent c60ca6d commit 7632dd822467b9adda740f81dc41ae8bebbd650f @Habbie Habbie committed Oct 17, 2013
Showing with 47 additions and 6 deletions.
  1. +47 −6 pdns/polarrsakeyinfra.cc
@@ -1,10 +1,38 @@
#include <polarssl/rsa.h>
#include <polarssl/base64.h>
-#include <polarssl/sha1.h>
-#include <polarssl/sha2.h>
-#include <polarssl/sha4.h>
#include <polarssl/entropy.h>
#include <polarssl/ctr_drbg.h>
+#if POLARSSL_VERSION_NUMBER >= 0x01030000
+ #include <polarssl/sha1.h>
+ #include <polarssl/sha256.h>
+ #include <polarssl/sha512.h>
+ typedef sha256_context sha2_context;
+ typedef sha512_context sha4_context;
+ #define sha2_finish sha256_finish
+ #define sha2_hmac_finish sha256_hmac_finish
+ #define sha2_hmac_starts sha256_hmac_starts
+ #define sha2_hmac_update sha256_hmac_update
+ #define sha2_starts sha256_starts
+ #define sha2_update sha256_update
+ #define sha4_finish sha512_finish
+ #define sha4_hmac_finish sha512_hmac_finish
+ #define sha4_hmac_starts sha512_hmac_starts
+ #define sha4_hmac_update sha512_hmac_update
+ #define sha4_starts sha512_starts
+ #define sha4_update sha512_update
+ #define POLARSSL_SHA2_C POLARSSL_SHA256_C
+ #define POLARSSL_SHA4_C POLARSSL_SHA512_C
+ #define SIG_RSA_SHA1 POLARSSL_MD_SHA1
+ #define SIG_RSA_SHA224 POLARSSL_MD_SHA224
+ #define SIG_RSA_SHA256 POLARSSL_MD_SHA256
+ #define SIG_RSA_SHA384 POLARSSL_MD_SHA384
+ #define SIG_RSA_SHA512 POLARSSL_MD_SHA512
+#else
+ #include <polarssl/sha1.h>
+ #include <polarssl/sha2.h>
+ #include <polarssl/sha4.h>
+ typedef int md_type_t;
+#endif
#include <boost/assign/std/vector.hpp> // for 'operator+=()'
#include <boost/foreach.hpp>
#include "dnssecinfra.hh"
@@ -137,7 +165,8 @@ std::string RSADNSCryptoKeyEngine::sign(const std::string& msg) const
{
string hash = this->hash(msg);
unsigned char signature[mpi_size(&d_context.N)];
- int hashKind;
+ md_type_t hashKind;
+
if(hash.size()==20)
hashKind= SIG_RSA_SHA1;
else if(hash.size()==32)
@@ -159,7 +188,7 @@ std::string RSADNSCryptoKeyEngine::sign(const std::string& msg) const
bool RSADNSCryptoKeyEngine::verify(const std::string& msg, const std::string& signature) const
{
- int hashKind;
+ md_type_t hashKind;
string hash=this->hash(msg);
if(hash.size()==20)
hashKind= SIG_RSA_SHA1;
@@ -168,7 +197,11 @@ bool RSADNSCryptoKeyEngine::verify(const std::string& msg, const std::string& si
else
hashKind = SIG_RSA_SHA512;
- int ret=rsa_pkcs1_verify(const_cast<rsa_context*>(&d_context), RSA_PUBLIC,
+ int ret=rsa_pkcs1_verify(const_cast<rsa_context*>(&d_context),
+#if POLARSSL_VERSION_NUMBER >= 0x01020900
+ NULL, NULL,
+#endif
+ RSA_PUBLIC,
hashKind,
hash.size(),
(const unsigned char*) hash.c_str(), (unsigned char*) signature.c_str());
@@ -185,12 +218,20 @@ std::string RSADNSCryptoKeyEngine::hash(const std::string& toHash) const
}
else if(d_algorithm == 8) { // RSASHA256
unsigned char hash[32];
+#if POLARSSL_VERSION_NUMBER >= 0x01030000
+ sha256((unsigned char*)toHash.c_str(), toHash.length(), hash, 0);
+#else
sha2((unsigned char*)toHash.c_str(), toHash.length(), hash, 0);
+#endif
return string((char*)hash, sizeof(hash));
}
else if(d_algorithm == 10) { // RSASHA512
unsigned char hash[64];
+#if POLARSSL_VERSION_NUMBER >= 0x01030000
+ sha512((unsigned char*)toHash.c_str(), toHash.length(), hash, 0);
+#else
sha4((unsigned char*)toHash.c_str(), toHash.length(), hash, 0);
+#endif
return string((char*)hash, sizeof(hash));
}
throw runtime_error("PolarSSL hashing method can't hash algorithm "+lexical_cast<string>(d_algorithm));

0 comments on commit 7632dd8

Please sign in to comment.