Commit 48b4f7b8 authored by louiz’'s avatar louiz’

Remove cryptopp dependency, directly include a simple sha1 implementation

parent fef9c819
......@@ -16,7 +16,6 @@ set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -D__FILENAME__='\"$(subst ${CMAKE_SOURCE
## Look for external libraries
#
set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} "${CMAKE_SOURCE_DIR}/cmake/Modules/")
find_package(Cryptopp REQUIRED)
find_package(Iconv REQUIRED)
include(FindEXPAT)
find_package(EXPAT REQUIRED)
......@@ -25,9 +24,6 @@ find_package(Libidn)
include_directories("src/")
include_directories(${EXPAT_INCLUDE_DIRS})
include_directories(${ICONV_INCLUDE_DIRS})
# the SYSTEM flag tells the compiler that we don't care about warnings
# coming from these headers.
include_directories(SYSTEM ${CRYPTO++_INCLUDE_DIRS})
if(LIBIDN_FOUND)
include_directories(${LIBIDN_INCLUDE_DIRS})
......@@ -90,7 +86,7 @@ file(GLOB source_xmpp
src/xmpp/*.[hc]pp)
add_library(xmpp STATIC ${source_xmpp})
target_link_libraries(xmpp bridge network utils logger
${CRYPTO++_LIBRARIES} ${EXPAT_LIBRARIES} pthread)
${EXPAT_LIBRARIES} pthread)
if(LIBIDN_FOUND)
target_link_libraries(xmpp ${LIBIDN_LIBRARIES})
endif()
......
......@@ -7,11 +7,6 @@ Build and runtime dependencies:
Libraries:
- crypto++
Sometimes packaged as cryptopp. This library is used to generate MD5
hashes.
http://www.cryptopp.com/
- expat
Used to parse XML from the XMPP server.
http://expat.sourceforge.net/
......
# - Find Crypto++
# Find the Crypto++ library
#
# This module defines the following variables:
# CRYPTO++_FOUND - True if library and include directory are found
# If set to TRUE, the following are also defined:
# CRYPTO++_LIBRARIES - Where to find the library file
# CRYPTO++_INCLUDE_DIRS - The directory where to find the header files
#
# For conveniance, these variables are also set. They have the same values
# than the variables above. The user can thus choose his/her prefered way
# to way to write them.
#
# CRYPTOPP_FOUND
#
# CRYPTO++_LIBRARY
# CRYPTOPP_LIBRARY
# CRYPTOPP_LIBRARIES
#
# CRYPTO++_INCLUDE_DIR
# CRYPTOPP_INCLUDE_DIRS
# CRYPTOPP_INCLUDE_DIR
#
# This file is in the public domain.
find_path(CRYPTO++_INCLUDE_DIRS NAMES cryptlib.h
PATH_SUFFIXES "crypto++" "cryptopp"
DOC "The Crypto++ include directory")
find_library(CRYPTO++_LIBRARIES NAMES cryptopp
DOC "The Crypto++ library")
# Use some standard module to handle the QUIETLY and REQUIRED arguments, and
# set CRYPTO++_FOUND to TRUE if these two variables are set.
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(Crypto++ REQUIRED_VARS CRYPTO++_LIBRARIES CRYPTO++_INCLUDE_DIRS)
# Compatibility for all the ways of writing these variables
if(CRYPTO++_FOUND)
set(CRYPTOPP_FOUND ${CRYPTO++_FOUND})
set(CRYPTO++_LIBRARY ${CRYPTO++_LIBRARIES})
set(CRYPTOPP_LIBRARY ${CRYPTO++_LIBRARIES})
set(CRYPTOPP_LIBRARIES ${CRYPTO++_LIBRARIES})
set(CRYPTO++_INCLUDE_DIR ${CRYPTO++_INCLUDE_DIRS})
set(CRYPTOPP_INCLUDE_DIR ${CRYPTO++_INCLUDE_DIRS})
set(CRYPTOPP_INCLUDE_DIRS ${CRYPTO++_INCLUDE_DIRS})
endif()
mark_as_advanced(CRYPTO++_INCLUDE_DIRS CRYPTO++_LIBRARIES)
/* This code is public-domain - it is based on libcrypt
* placed in the public domain by Wei Dai and other contributors.
*/
#include "sha1.hpp"
#define SHA1_K0 0x5a827999
#define SHA1_K20 0x6ed9eba1
#define SHA1_K40 0x8f1bbcdc
#define SHA1_K60 0xca62c1d6
const uint8_t sha1InitState[] = {
0x01,0x23,0x45,0x67, // H0
0x89,0xab,0xcd,0xef, // H1
0xfe,0xdc,0xba,0x98, // H2
0x76,0x54,0x32,0x10, // H3
0xf0,0xe1,0xd2,0xc3 // H4
};
void sha1_init(sha1nfo *s) {
memcpy(s->state.b,sha1InitState,HASH_LENGTH);
s->byteCount = 0;
s->bufferOffset = 0;
}
uint32_t sha1_rol32(uint32_t number, uint8_t bits) {
return ((number << bits) | (number >> (32-bits)));
}
void sha1_hashBlock(sha1nfo *s) {
uint8_t i;
uint32_t a,b,c,d,e,t;
a=s->state.w[0];
b=s->state.w[1];
c=s->state.w[2];
d=s->state.w[3];
e=s->state.w[4];
for (i=0; i<80; i++) {
if (i>=16) {
t = s->buffer.w[(i+13)&15] ^ s->buffer.w[(i+8)&15] ^ s->buffer.w[(i+2)&15] ^ s->buffer.w[i&15];
s->buffer.w[i&15] = sha1_rol32(t,1);
}
if (i<20) {
t = (d ^ (b & (c ^ d))) + SHA1_K0;
} else if (i<40) {
t = (b ^ c ^ d) + SHA1_K20;
} else if (i<60) {
t = ((b & c) | (d & (b | c))) + SHA1_K40;
} else {
t = (b ^ c ^ d) + SHA1_K60;
}
t+=sha1_rol32(a,5) + e + s->buffer.w[i&15];
e=d;
d=c;
c=sha1_rol32(b,30);
b=a;
a=t;
}
s->state.w[0] += a;
s->state.w[1] += b;
s->state.w[2] += c;
s->state.w[3] += d;
s->state.w[4] += e;
}
void sha1_addUncounted(sha1nfo *s, uint8_t data) {
s->buffer.b[s->bufferOffset ^ 3] = data;
s->bufferOffset++;
if (s->bufferOffset == BLOCK_LENGTH) {
sha1_hashBlock(s);
s->bufferOffset = 0;
}
}
void sha1_writebyte(sha1nfo *s, uint8_t data) {
++s->byteCount;
sha1_addUncounted(s, data);
}
void sha1_write(sha1nfo *s, const char *data, size_t len) {
for (;len--;) sha1_writebyte(s, (uint8_t) *data++);
}
void sha1_pad(sha1nfo *s) {
// Implement SHA-1 padding (fips180-2 §5.1.1)
// Pad with 0x80 followed by 0x00 until the end of the block
sha1_addUncounted(s, 0x80);
while (s->bufferOffset != 56) sha1_addUncounted(s, 0x00);
// Append length in the last 8 bytes
sha1_addUncounted(s, 0); // We're only using 32 bit lengths
sha1_addUncounted(s, 0); // But SHA-1 supports 64 bit lengths
sha1_addUncounted(s, 0); // So zero pad the top bits
sha1_addUncounted(s, s->byteCount >> 29); // Shifting to multiply by 8
sha1_addUncounted(s, s->byteCount >> 21); // as SHA-1 supports bitstreams as well as
sha1_addUncounted(s, s->byteCount >> 13); // byte.
sha1_addUncounted(s, s->byteCount >> 5);
sha1_addUncounted(s, s->byteCount << 3);
}
uint8_t* sha1_result(sha1nfo *s) {
int i;
// Pad to complete the last block
sha1_pad(s);
// Swap byte order back
for (i=0; i<5; i++) {
uint32_t a,b;
a=s->state.w[i];
b=a<<24;
b|=(a<<8) & 0x00ff0000;
b|=(a>>8) & 0x0000ff00;
b|=a>>24;
s->state.w[i]=b;
}
// Return pointer to hash (20 characters)
return s->state.b;
}
#define HMAC_IPAD 0x36
#define HMAC_OPAD 0x5c
void sha1_initHmac(sha1nfo *s, const uint8_t* key, int keyLength) {
uint8_t i;
memset(s->keyBuffer, 0, BLOCK_LENGTH);
if (keyLength > BLOCK_LENGTH) {
// Hash long keys
sha1_init(s);
for (;keyLength--;) sha1_writebyte(s, *key++);
memcpy(s->keyBuffer, sha1_result(s), HASH_LENGTH);
} else {
// Block length keys are used as is
memcpy(s->keyBuffer, key, keyLength);
}
// Start inner hash
sha1_init(s);
for (i=0; i<BLOCK_LENGTH; i++) {
sha1_writebyte(s, s->keyBuffer[i] ^ HMAC_IPAD);
}
}
uint8_t* sha1_resultHmac(sha1nfo *s) {
uint8_t i;
// Complete inner hash
memcpy(s->innerHash,sha1_result(s),HASH_LENGTH);
// Calculate outer hash
sha1_init(s);
for (i=0; i<BLOCK_LENGTH; i++) sha1_writebyte(s, s->keyBuffer[i] ^ HMAC_OPAD);
for (i=0; i<HASH_LENGTH; i++) sha1_writebyte(s, s->innerHash[i]);
return sha1_result(s);
}
/* This code is public-domain - it is based on libcrypt
* placed in the public domain by Wei Dai and other contributors.
*/
#include <stdint.h>
#include <string.h>
#define HASH_LENGTH 20
#define BLOCK_LENGTH 64
union _buffer {
uint8_t b[BLOCK_LENGTH];
uint32_t w[BLOCK_LENGTH/4];
};
union _state {
uint8_t b[HASH_LENGTH];
uint32_t w[HASH_LENGTH/4];
};
typedef struct sha1nfo {
union _buffer buffer;
uint8_t bufferOffset;
union _state state;
uint32_t byteCount;
uint8_t keyBuffer[BLOCK_LENGTH];
uint8_t innerHash[HASH_LENGTH];
} sha1nfo;
void sha1_init(sha1nfo *s);
void sha1_writebyte(sha1nfo *s, uint8_t data);
void sha1_write(sha1nfo *s, const char *data, size_t len);
uint8_t* sha1_result(sha1nfo *s);
void sha1_initHmac(sha1nfo *s, const uint8_t* key, int keyLength);
uint8_t* sha1_resultHmac(sha1nfo *s);
......@@ -4,12 +4,11 @@
#include <xmpp/xmpp_component.hpp>
#include <xmpp/jid.hpp>
#include <utils/sha1.hpp>
#include <iostream>
// CryptoPP
#include <filters.h>
#include <hex.h>
#include <sha.h>
#include <stdio.h>
#define STREAM_NS "http://etherx.jabber.org/streams"
#define COMPONENT_NS "jabber:component:accept"
......@@ -119,13 +118,17 @@ void XmppComponent::on_remote_stream_open(const XmlNode& node)
}
// Try to authenticate
CryptoPP::SHA1 sha1;
std::string digest;
CryptoPP::StringSource foo(this->stream_id + this->secret, true,
new CryptoPP::HashFilter(sha1,
new CryptoPP::HexEncoder(
new CryptoPP::StringSink(digest), false)));
Stanza handshake("handshake", nullptr);
char digest[HASH_LENGTH * 2 + 1];
sha1nfo sha1;
sha1_init(&sha1);
sha1_write(&sha1, this->stream_id.data(), this->stream_id.size());
sha1_write(&sha1, this->secret.data(), this->secret.size());
const uint8_t* result = sha1_result(&sha1);
for (int i=0; i < HASH_LENGTH; i++)
sprintf(digest + (i*2), "%02x", result[i]);
digest[HASH_LENGTH * 2] = '\0';
Stanza handshake("handshake");
handshake.set_inner(digest);
handshake.close();
this->send_stanza(handshake);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment