Fix issue #1 and issue #2.

Enable building with older openssl (at least 0.9.8e).
Add variants of missing functions in older openssl versions.
Allow proper linking with libraries in alternate locations and setting RUNPATH.
Increase hash rounds for nonce generation.
This commit is contained in:
Moinak Ghosh 2013-01-05 00:16:15 +05:30
parent 16b1d9e7a3
commit a8fd60fb06
5 changed files with 157 additions and 9 deletions

View file

@ -147,12 +147,12 @@ COMMON_CPPFLAGS = -I. -I./lzma -I./lzfx -I./lz4 -I./rabin -I./bsdiff -DNODEFAULT
-DFILE_OFFSET_BITS=64 -D_REENTRANT -D__USE_SSE_INTRIN__ -D_LZMA_PROB32 \
-I./lzp @LIBBSCCPPFLAGS@ -I./crypto/skein -I./utils -I./crypto/sha2 \
-I./crypto/scrypt -I./crypto/aes -I./crypto @KEYLEN@ \
-I./crypto/keccak -I./transpose $(EXTRA_CPPFLAGS) -pedantic -Wall -Werror -std=gnu99 \
-I./crypto/keccak -I./transpose $(EXTRA_CPPFLAGS) -pedantic -Wall -std=gnu99 \
-fno-strict-aliasing -Wno-unused-but-set-variable -Wno-enum-compare
COMMON_VEC_FLAGS = -ftree-vectorize
COMMON_LOOP_OPTFLAGS = $(VEC_FLAGS) -floop-interchange -floop-block
LDLIBS = -ldl -L@LIBBZ2_DIR@ -lbz2 -L@LIBZ_DIR@ -lz -lm @LIBBSCLFLAGS@ \
-L@OPENSSL_LIBDIR@ -lcrypto -lrt $(EXTRA_LDFLAGS)
LDLIBS = -ldl -L./buildtmp -Wl,-R@LIBBZ2_DIR@ -lbz2 -L./buildtmp -Wl,-R@LIBZ_DIR@ -lz -lm @LIBBSCLFLAGS@ \
-L./buildtmp -Wl,-R@OPENSSL_LIBDIR@ -lcrypto -lrt $(EXTRA_LDFLAGS)
OBJS = $(MAINOBJS) $(LZMAOBJS) $(PPMDOBJS) $(LZFXOBJS) $(LZ4OBJS) $(CRCOBJS) \
$(RABINOBJS) $(BSDIFFOBJS) $(LZPOBJS) $(DELTA2OBJS) @LIBBSCWRAPOBJ@ $(SKEINOBJS) \
$(SKEIN_BLOCK_OBJ) @SHA256ASM_OBJS@ @SHA256_OBJS@ $(KECCAK_OBJS) $(KECCAK_OBJS_ASM) \
@ -270,6 +270,7 @@ clean:
$(RM) $(PROG) $(OBJS) $(BAKFILES)
$(RM) test.log
$(RM_RF) test/datafiles
$(RM_RF) buildtmp
distclean: clean
$(RM) Makefile

74
config
View file

@ -54,6 +54,9 @@ m64_flag=
zlib_prefix=
bzlib_prefix=
rm -rf ./buildtmp
mkdir ./buildtmp
# Try a simple compilation
cat << _EOF > tst.c
#include <stdio.h>
@ -236,12 +239,14 @@ do
then
if [ -f "${lib}/libcrypto.so" -o -h "${lib}/libcrypto.so" ]
then
openssl_libdir=${lib}
openssl_libdir="${lib}"
(cd ./buildtmp; ln -s ${openssl_libdir}/libcrypto.so)
break
else
if [ -f "${lib}/libcrypto.a" ]
then
openssl_libdir=${lib}
openssl_libdir="${lib}"
(cd ./buildtmp; ln -s ${openssl_libdir}/libcrypto.a)
break
fi
fi
@ -280,6 +285,65 @@ then
fi
# Check for OpenSSL version
cat << __EOF > tst.c
#include <stdlib.h>
#include <openssl/opensslv.h>
int
main(void)
{
if (OPENSSL_VERSION_NUMBER < 0x0090805fL)
exit (1);
return (0);
}
__EOF
gcc ${m64_flag} -I${openssl_incdir} -L${openssl_libdir} tst.c -o tst
if [ $? -ne 0 ]
then
echo "Unable to compile OpenSSL test program please check OpenSSL installation."
exit 1
fi
./tst
if [ $? -ne 0 ]
then
echo "OpenSSL version too old. At least version 0.9.8e is required.\n"
exit 1
fi
# Check for HMAC_CTX_copy function
cat << __EOF > tst.c
#include <stdlib.h>
#include <openssl/sha.h>
#include <openssl/rand.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
int
main(void)
{
unsigned char key[16];
HMAC_CTX *ctx = (HMAC_CTX *)malloc(sizeof (HMAC_CTX));
HMAC_CTX *ctx1 = (HMAC_CTX *)malloc(sizeof (HMAC_CTX));
HMAC_CTX_init(ctx);
HMAC_Init_ex(ctx, key, 16, EVP_sha256(), NULL);
HMAC_CTX_copy(ctx1, ctx);
return (0);
}
__EOF
gcc ${m64_flag} -I${openssl_incdir} -L${openssl_libdir} -O0 -g tst.c -o tst -lcrypto >/dev/null 2>&1
if [ $? -ne 0 ]
then
openssl_incdir="${openssl_incdir} -D__OSSL_OLD__"
fi
rm -f tst*
openssl_libdir="${openssl_libdir},--enable-new-dtags"
# Detect other library packages
for libspec in "libbz2:${bzlib_prefix}" "libz:${zlib_prefix}"
do
@ -306,12 +370,14 @@ do
then
if [ -f "${lib}/${libname}.so" -o -h "${lib}/${libname}.so" ]
then
eval "${libname}_libdir=${lib}"
eval "${libname}_libdir=${lib},--enable-new-dtags"
(cd ./buildtmp; ln -s ${lib}/${libname}.so)
break
else
if [ -f "${lib}/${libname}.a" ]
then
eval "${libname}_libdir=${lib}"
eval "${libname}_libdir=${lib},--enable-new-dtags"
(cd ./buildtmp; ln -s ${lib}/${libname}.a)
break
fi
fi

View file

@ -38,7 +38,7 @@ extern "C" {
#ifndef KEYLEN
#define KEYLEN 16
#endif
#define PBE_ROUNDS 100
#define PBE_ROUNDS 1000
typedef struct {
uint64_t nonce;

View file

@ -73,6 +73,79 @@ extern uint64_t lzma_crc64(const uint8_t *buf, uint64_t size, uint64_t crc);
extern uint64_t lzma_crc64_8bchk(const uint8_t *buf, uint64_t size,
uint64_t crc, uint64_t *cnt);
#ifdef __OSSL_OLD__
int
HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
{
if (!EVP_MD_CTX_copy(&dctx->i_ctx, &sctx->i_ctx))
return (0);
if (!EVP_MD_CTX_copy(&dctx->o_ctx, &sctx->o_ctx))
return (0);
if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx))
return (0);
memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK);
dctx->key_length = sctx->key_length;
dctx->md = sctx->md;
return (1);
}
int
PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
const unsigned char *salt, int saltlen, int iter,
const EVP_MD *digest,
int keylen, unsigned char *out)
{
unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
int cplen, j, k, tkeylen, mdlen;
unsigned long i = 1;
HMAC_CTX hctx;
mdlen = EVP_MD_size(digest);
if (mdlen < 0)
return 0;
HMAC_CTX_init(&hctx);
p = out;
tkeylen = keylen;
if(!pass)
passlen = 0;
else if(passlen == -1)
passlen = strlen(pass);
while(tkeylen)
{
if(tkeylen > mdlen)
cplen = mdlen;
else
cplen = tkeylen;
/* We are unlikely to ever use more than 256 blocks (5120 bits!)
* but just in case...
*/
itmp[0] = (unsigned char)((i >> 24) & 0xff);
itmp[1] = (unsigned char)((i >> 16) & 0xff);
itmp[2] = (unsigned char)((i >> 8) & 0xff);
itmp[3] = (unsigned char)(i & 0xff);
HMAC_Init_ex(&hctx, pass, passlen, digest, NULL);
HMAC_Update(&hctx, salt, saltlen);
HMAC_Update(&hctx, itmp, 4);
HMAC_Final(&hctx, digtmp, NULL);
memcpy(p, digtmp, cplen);
for(j = 1; j < iter; j++)
{
HMAC(digest, pass, passlen,
digtmp, mdlen, digtmp, NULL);
for(k = 0; k < cplen; k++)
p[k] ^= digtmp[k];
}
tkeylen-= cplen;
i++;
p+= cplen;
}
HMAC_CTX_cleanup(&hctx);
return (1);
}
#endif
int
compute_checksum(uchar_t *cksum_buf, int cksum, uchar_t *buf, uint64_t bytes)
{
@ -360,14 +433,22 @@ hmac_update(mac_ctx_t *mctx, uchar_t *data, uint64_t len)
} else if (cksum == CKSUM_SHA256 || cksum == CKSUM_CRC64) {
if (cksum_provider == PROVIDER_OPENSSL) {
#ifndef __OSSL_OLD__
if (HMAC_Update((HMAC_CTX *)(mctx->mac_ctx), data, len) == 0)
return (-1);
#else
HMAC_Update((HMAC_CTX *)(mctx->mac_ctx), data, len);
#endif
} else {
opt_HMAC_SHA256_Update((HMAC_SHA256_Context *)(mctx->mac_ctx), data, len);
}
} else if (cksum == CKSUM_SHA512) {
#ifndef __OSSL_OLD__
if (HMAC_Update((HMAC_CTX *)(mctx->mac_ctx), data, len) == 0)
return (-1);
#else
HMAC_Update((HMAC_CTX *)(mctx->mac_ctx), data, len);
#endif
} else if (cksum == CKSUM_KECCAK256 || cksum == CKSUM_KECCAK512) {
// Keccak takes data length in bits so we have to scale

2
main.c
View file

@ -620,7 +620,7 @@ start_decompress(const char *filename, const char *to_filename)
struct wdata w;
int compfd = -1, i, p;
int uncompfd = -1, err, np, bail;
int nprocs, thread = 0, level;
int nprocs = 1, thread = 0, level;
short version, flags;
int64_t chunksize, compressed_chunksize;
struct cmp_data **dary, *tdat;