mirror of https://github.com/oxen-io/oxen-core.git
Replace openssl sha256 implementation with libsodium
Also completely remove the default OPENSSL_init_ssl() call; openssl has known how to call that itself since 2016.
This commit is contained in:
parent
82cb6460ac
commit
83ac88e8ab
|
@ -69,6 +69,5 @@ target_link_libraries(common
|
|||
fmt::fmt
|
||||
PRIVATE
|
||||
libunbound
|
||||
OpenSSL::SSL
|
||||
OpenSSL::Crypto
|
||||
sodium
|
||||
extra)
|
||||
|
|
|
@ -3,22 +3,16 @@
|
|||
#include <fstream>
|
||||
#include "crypto/hash.h"
|
||||
#include "fs.h"
|
||||
|
||||
extern "C" {
|
||||
#include <openssl/sha.h>
|
||||
}
|
||||
#include <sodium/crypto_hash_sha256.h>
|
||||
|
||||
namespace tools {
|
||||
|
||||
bool sha256sum_str(std::string_view data, crypto::hash &hash)
|
||||
{
|
||||
SHA256_CTX ctx;
|
||||
if (!SHA256_Init(&ctx))
|
||||
return false;
|
||||
if (!SHA256_Update(&ctx, data.data(), data.size()))
|
||||
return false;
|
||||
if (!SHA256_Final(reinterpret_cast<unsigned char*>(hash.data), &ctx))
|
||||
return false;
|
||||
crypto_hash_sha256(
|
||||
reinterpret_cast<unsigned char*>(hash.data),
|
||||
reinterpret_cast<const unsigned char*>(data.data()),
|
||||
data.size());
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -32,25 +26,23 @@ namespace tools {
|
|||
if (!f)
|
||||
return false;
|
||||
std::ifstream::pos_type file_size = f.tellg();
|
||||
SHA256_CTX ctx;
|
||||
if (!SHA256_Init(&ctx))
|
||||
return false;
|
||||
crypto_hash_sha256_state st;
|
||||
crypto_hash_sha256_init(&st);
|
||||
size_t size_left = file_size;
|
||||
f.seekg(0, std::ios::beg);
|
||||
|
||||
std::array<unsigned char, 16384> buf;
|
||||
while (size_left)
|
||||
{
|
||||
char buf[4096];
|
||||
std::ifstream::pos_type read_size = size_left > sizeof(buf) ? sizeof(buf) : size_left;
|
||||
f.read(buf, read_size);
|
||||
auto read_size = std::min(size_left, buf.size());
|
||||
f.read(reinterpret_cast<char*>(buf.data()), read_size);
|
||||
if (!f || !f.good())
|
||||
return false;
|
||||
if (!SHA256_Update(&ctx, buf, read_size))
|
||||
return false;
|
||||
crypto_hash_sha256_update(&st, buf.data(), read_size);
|
||||
size_left -= read_size;
|
||||
}
|
||||
f.close();
|
||||
if (!SHA256_Final((unsigned char*)hash.data, &ctx))
|
||||
return false;
|
||||
crypto_hash_sha256_final(&st, reinterpret_cast<unsigned char*>(hash.data));
|
||||
return true;
|
||||
}
|
||||
|
||||
|
|
|
@ -8,13 +8,6 @@ namespace crypto { struct hash; }
|
|||
|
||||
namespace tools {
|
||||
|
||||
// This used to be really dangerously overloaded with very different purposes:
|
||||
//bool sha256sum(const uint8_t* data, size_t len, crypto::hash& hash);
|
||||
//bool sha256sum(const fs::path& filename, crypto::hash& hash);
|
||||
// which is incredibly dangerous if you happen to have a string you want to hash and see that
|
||||
// there is both a pointer+size and std::string overload. Renamed *both* of these to prevent any
|
||||
// existing code from compiling.
|
||||
|
||||
// Calculates sha256 checksum of the given data
|
||||
bool sha256sum_str(std::string_view str, crypto::hash& hash);
|
||||
|
||||
|
|
|
@ -33,8 +33,6 @@
|
|||
#include <iomanip>
|
||||
#include <thread>
|
||||
|
||||
#include <openssl/ssl.h>
|
||||
|
||||
#include "unbound.h"
|
||||
|
||||
#include "epee/string_tools.h"
|
||||
|
@ -113,12 +111,6 @@ namespace tools
|
|||
MCLOG_RED(el::Level::Warning, "global", "Running with glibc " << ver << ", hangs may occur - change glibc version if possible");
|
||||
#endif
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_TEXT)
|
||||
SSL_library_init();
|
||||
#else
|
||||
OPENSSL_init_ssl(0, NULL);
|
||||
#endif
|
||||
|
||||
if (!unbound_built_with_threads())
|
||||
MCLOG_RED(el::Level::Warning, "global", "libunbound was not built with threads enabled - crashes may occur");
|
||||
|
||||
|
|
Loading…
Reference in New Issue