1
0
Fork 0
mirror of https://github.com/transmission/transmission synced 2024-12-21 23:32:35 +00:00

Drop obsolete CyaSSL and PolarSSL crypto backends (#4495)

* Drop support for CyaSSL (keep WolfSSL)

* Drop support for PolarSSL (keep MbedTLS)
This commit is contained in:
Mike Gelfand 2022-12-29 14:38:04 -08:00 committed by GitHub
parent 2b90a5fd55
commit f7edcfcb2a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 171 additions and 273 deletions

View file

@ -29,14 +29,14 @@ include(GNUInstallDirs)
include(TrMacros)
set(CURL_MINIMUM 7.28.0)
set(CYASSL_MINIMUM 3.0)
set(WOLFSSL_MINIMUM 3.4)
set(DEFLATE_MINIMUM 1.10)
set(EVENT2_MINIMUM 2.1.0)
set(GIOMM_MINIMUM 2.26.0)
set(GLIBMM_MINIMUM 2.60.0)
set(GTKMM_MINIMUM 3.24.0)
set(OPENSSL_MINIMUM 0.9.7)
set(POLARSSL_MINIMUM 1.3)
set(MBEDTLS_MINIMUM 1.3)
set(PSL_MINIMUM 0.21.1)
set(QT_MINIMUM 5.6)
@ -65,7 +65,7 @@ tr_auto_option(USE_SYSTEM_B64 "Use system b64 library" AUTO)
tr_auto_option(USE_SYSTEM_PSL "Use system psl library" AUTO)
tr_list_option(USE_GTK_VERSION "Use specific GTK version" AUTO 3 4)
tr_list_option(USE_QT_VERSION "Use specific Qt version" AUTO 5 6)
tr_list_option(WITH_CRYPTO "Use specified crypto library" AUTO ccrypto cyassl mbedtls openssl polarssl wolfssl)
tr_list_option(WITH_CRYPTO "Use specified crypto library" AUTO ccrypto mbedtls openssl wolfssl)
tr_auto_option(WITH_INOTIFY "Enable inotify support (on systems that support it)" AUTO)
tr_auto_option(WITH_KQUEUE "Enable kqueue support (on systems that support it)" AUTO)
tr_auto_option(WITH_APPINDICATOR "Use appindicator for system tray icon in GTK client (GTK+ 3 only)" AUTO)
@ -240,24 +240,24 @@ if(WITH_CRYPTO STREQUAL "AUTO" OR WITH_CRYPTO STREQUAL "openssl")
set(CRYPTO_LIBRARIES ${OPENSSL_LIBRARIES})
endif()
endif()
if(WITH_CRYPTO STREQUAL "AUTO" OR WITH_CRYPTO STREQUAL "cyassl" OR WITH_CRYPTO STREQUAL "wolfssl")
tr_get_required_flag(WITH_CRYPTO CYASSL_IS_REQUIRED)
find_package(CyaSSL ${CYASSL_MINIMUM} ${CYASSL_IS_REQUIRED})
tr_fixup_list_option(WITH_CRYPTO "cyassl" CYASSL_FOUND "AUTO" CYASSL_IS_REQUIRED)
if(WITH_CRYPTO STREQUAL "cyassl")
set(CRYPTO_PKG "cyassl")
set(CRYPTO_INCLUDE_DIRS ${CYASSL_INCLUDE_DIRS})
set(CRYPTO_LIBRARIES ${CYASSL_LIBRARIES})
if(WITH_CRYPTO STREQUAL "AUTO" OR WITH_CRYPTO STREQUAL "wolfssl")
tr_get_required_flag(WITH_CRYPTO WOLFSSL_IS_REQUIRED)
find_package(WolfSSL ${WOLFSSL_MINIMUM} ${WOLFSSL_IS_REQUIRED})
tr_fixup_list_option(WITH_CRYPTO "wolfssl" WOLFSSL_FOUND "AUTO" WOLFSSL_IS_REQUIRED)
if(WITH_CRYPTO STREQUAL "wolfssl")
set(CRYPTO_PKG "wolfssl")
set(CRYPTO_INCLUDE_DIRS ${WOLFSSL_INCLUDE_DIRS})
set(CRYPTO_LIBRARIES ${WOLFSSL_LIBRARIES})
endif()
endif()
if(WITH_CRYPTO STREQUAL "AUTO" OR WITH_CRYPTO STREQUAL "polarssl" OR WITH_CRYPTO STREQUAL "mbedtls")
tr_get_required_flag(WITH_CRYPTO POLARSSL_IS_REQUIRED)
find_package(PolarSSL ${POLARSSL_MINIMUM} ${POLARSSL_IS_REQUIRED})
tr_fixup_list_option(WITH_CRYPTO "polarssl" POLARSSL_FOUND "AUTO" POLARSSL_IS_REQUIRED)
if(WITH_CRYPTO STREQUAL "polarssl")
set(CRYPTO_PKG "polarssl")
set(CRYPTO_INCLUDE_DIRS ${POLARSSL_INCLUDE_DIRS})
set(CRYPTO_LIBRARIES ${POLARSSL_LIBRARIES})
if(WITH_CRYPTO STREQUAL "AUTO" OR WITH_CRYPTO STREQUAL "mbedtls")
tr_get_required_flag(WITH_CRYPTO MBEDTLS_IS_REQUIRED)
find_package(MbedTLS ${MBEDTLS_MINIMUM} ${MBEDTLS_IS_REQUIRED})
tr_fixup_list_option(WITH_CRYPTO "mbedtls" MBEDTLS_FOUND "AUTO" MBEDTLS_IS_REQUIRED)
if(WITH_CRYPTO STREQUAL "mbedtls")
set(CRYPTO_PKG "mbedtls")
set(CRYPTO_INCLUDE_DIRS ${MBEDTLS_INCLUDE_DIRS})
set(CRYPTO_LIBRARIES ${MBEDTLS_LIBRARIES})
endif()
endif()
# We should have found the library by now

View file

@ -1,62 +0,0 @@
if(CYASSL_PREFER_STATIC_LIB)
set(CYASSL_ORIG_CMAKE_FIND_LIBRARY_SUFFIXES ${CMAKE_FIND_LIBRARY_SUFFIXES})
if(WIN32)
set(CMAKE_FIND_LIBRARY_SUFFIXES .a .lib ${CMAKE_FIND_LIBRARY_SUFFIXES})
else()
set(CMAKE_FIND_LIBRARY_SUFFIXES .a ${CMAKE_FIND_LIBRARY_SUFFIXES})
endif()
endif()
if(UNIX)
find_package(PkgConfig QUIET)
pkg_check_modules(_WOLFSSL QUIET wolfssl)
endif()
find_path(WOLFSSL_INCLUDE_DIR NAMES wolfssl/version.h HINTS ${_WOLFSSL_INCLUDEDIR})
find_library(WOLFSSL_LIBRARY NAMES wolfssl HINTS ${_WOLFSSL_LIBDIR})
if(WOLFSSL_INCLUDE_DIR AND WOLFSSL_LIBRARY)
set(CYASSL_INCLUDE_DIR ${WOLFSSL_INCLUDE_DIR})
set(CYASSL_LIBRARY ${WOLFSSL_LIBRARY})
set(CYASSL_VERSION ${_WOLFSSL_VERSION})
set(CYASSL_IS_WOLFSSL ON)
else()
if(UNIX)
pkg_check_modules(_CYASSL QUIET cyassl)
endif()
find_path(CYASSL_INCLUDE_DIR NAMES cyassl/version.h HINTS ${_CYASSL_INCLUDEDIR})
find_library(CYASSL_LIBRARY NAMES cyassl HINTS ${_CYASSL_LIBDIR})
set(CYASSL_VERSION ${_CYASSL_VERSION})
set(CYASSL_IS_WOLFSSL OFF)
endif()
if(NOT CYASSL_VERSION AND CYASSL_INCLUDE_DIR)
if(CYASSL_IS_WOLFSSL)
file(STRINGS "${CYASSL_INCLUDE_DIR}/wolfssl/version.h" CYASSL_VERSION_STR REGEX "^#define[\t ]+LIBWOLFSSL_VERSION_STRING[\t ]+\"[^\"]+\"")
else()
file(STRINGS "${CYASSL_INCLUDE_DIR}/cyassl/version.h" CYASSL_VERSION_STR REGEX "^#define[\t ]+LIBCYASSL_VERSION_STRING[\t ]+\"[^\"]+\"")
endif()
if(CYASSL_VERSION_STR MATCHES "\"([^\"]+)\"")
set(CYASSL_VERSION "${CMAKE_MATCH_1}")
endif()
endif()
set(CYASSL_INCLUDE_DIRS ${CYASSL_INCLUDE_DIR})
set(CYASSL_LIBRARIES ${CYASSL_LIBRARY})
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(CyaSSL
REQUIRED_VARS
CYASSL_LIBRARY
CYASSL_INCLUDE_DIR
VERSION_VAR
CYASSL_VERSION
)
mark_as_advanced(WOLFSSL_INCLUDE_DIR WOLFSSL_LIBRARY CYASSL_INCLUDE_DIR CYASSL_LIBRARY)
if(CYASSL_PREFER_STATIC_LIB)
set(CMAKE_FIND_LIBRARY_SUFFIXES ${CYASSL_ORIG_CMAKE_FIND_LIBRARY_SUFFIXES})
unset(CYASSL_ORIG_CMAKE_FIND_LIBRARY_SUFFIXES)
endif()

46
cmake/FindMbedTLS.cmake Normal file
View file

@ -0,0 +1,46 @@
if(MBEDTLS_PREFER_STATIC_LIB)
set(MBEDTLS_ORIG_CMAKE_FIND_LIBRARY_SUFFIXES ${CMAKE_FIND_LIBRARY_SUFFIXES})
if(WIN32)
set(CMAKE_FIND_LIBRARY_SUFFIXES .a .lib ${CMAKE_FIND_LIBRARY_SUFFIXES})
else()
set(CMAKE_FIND_LIBRARY_SUFFIXES .a ${CMAKE_FIND_LIBRARY_SUFFIXES})
endif()
endif()
if(UNIX)
find_package(PkgConfig QUIET)
pkg_check_modules(_MBEDTLS QUIET mbedtls)
endif()
find_path(MBEDTLS_INCLUDE_DIR NAMES mbedtls/version.h HINTS ${_MBEDTLS_INCLUDEDIR})
find_library(MBEDTLS_LIBRARY NAMES mbedtls HINTS ${_MBEDTLS_LIBDIR})
find_library(MBEDCRYPTO_LIBRARY NAMES mbedcrypto HINTS ${_MBEDTLS_LIBDIR})
if(_MBEDTLS_VERSION)
set(MBEDTLS_VERSION ${_MBEDTLS_VERSION})
elseif(MBEDTLS_INCLUDE_DIR)
file(STRINGS "${MBEDTLS_INCLUDE_DIR}/mbedtls/version.h" MBEDTLS_VERSION_STR REGEX "^#define[\t ]+MBEDTLS_VERSION_STRING[\t ]+\"[^\"]+\"")
if(MBEDTLS_VERSION_STR MATCHES "\"([^\"]+)\"")
set(MBEDTLS_VERSION "${CMAKE_MATCH_1}")
endif()
endif()
set(MBEDTLS_INCLUDE_DIRS ${MBEDTLS_INCLUDE_DIR})
set(MBEDTLS_LIBRARIES ${MBEDTLS_LIBRARY} ${MBEDCRYPTO_LIBRARY})
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(MbedTLS
REQUIRED_VARS
MBEDTLS_LIBRARY
MBEDTLS_INCLUDE_DIR
VERSION_VAR
MBEDTLS_VERSION
)
mark_as_advanced(MBEDTLS_INCLUDE_DIR MBEDTLS_LIBRARY MBEDCRYPTO_LIBRARY)
if(MBEDTLS_PREFER_STATIC_LIB)
set(CMAKE_FIND_LIBRARY_SUFFIXES ${MBEDTLS_ORIG_CMAKE_FIND_LIBRARY_SUFFIXES})
unset(MBEDTLS_ORIG_CMAKE_FIND_LIBRARY_SUFFIXES)
endif()

View file

@ -1,67 +0,0 @@
if(POLARSSL_PREFER_STATIC_LIB)
set(POLARSSL_ORIG_CMAKE_FIND_LIBRARY_SUFFIXES ${CMAKE_FIND_LIBRARY_SUFFIXES})
if(WIN32)
set(CMAKE_FIND_LIBRARY_SUFFIXES .a .lib ${CMAKE_FIND_LIBRARY_SUFFIXES})
else()
set(CMAKE_FIND_LIBRARY_SUFFIXES .a ${CMAKE_FIND_LIBRARY_SUFFIXES})
endif()
endif()
if(UNIX)
find_package(PkgConfig QUIET)
pkg_check_modules(_MBEDTLS QUIET mbedtls)
endif()
find_path(MBEDTLS_INCLUDE_DIR NAMES mbedtls/version.h HINTS ${_MBEDTLS_INCLUDEDIR})
find_library(MBEDTLS_LIBRARY NAMES mbedtls HINTS ${_MBEDTLS_LIBDIR})
find_library(MBEDCRYPTO_LIBRARY NAMES mbedcrypto HINTS ${_MBEDTLS_LIBDIR})
if(MBEDTLS_INCLUDE_DIR AND MBEDTLS_LIBRARY)
set(POLARSSL_INCLUDE_DIR ${MBEDTLS_INCLUDE_DIR})
if(MBEDCRYPTO_LIBRARY)
set(POLARSSL_LIBRARY ${MBEDTLS_LIBRARY} ${MBEDCRYPTO_LIBRARY})
else()
set(POLARSSL_LIBRARY ${MBEDTLS_LIBRARY})
endif()
set(POLARSSL_VERSION ${_MBEDTLS_VERSION})
set(POLARSSL_IS_MBEDTLS ON)
else()
if(UNIX)
pkg_check_modules(_POLARSSL QUIET polarssl)
endif()
find_path(POLARSSL_INCLUDE_DIR NAMES polarssl/version.h HINTS ${_POLARSSL_INCLUDEDIR})
find_library(POLARSSL_LIBRARY NAMES polarssl HINTS ${_POLARSSL_LIBDIR})
set(POLARSSL_VERSION ${_POLARSSL_VERSION})
set(POLARSSL_IS_MBEDTLS OFF)
endif()
if(NOT POLARSSL_VERSION AND POLARSSL_INCLUDE_DIR)
if(POLARSSL_IS_MBEDTLS)
file(STRINGS "${POLARSSL_INCLUDE_DIR}/mbedtls/version.h" POLARSSL_VERSION_STR REGEX "^#define[\t ]+MBEDTLS_VERSION_STRING[\t ]+\"[^\"]+\"")
else()
file(STRINGS "${POLARSSL_INCLUDE_DIR}/polarssl/version.h" POLARSSL_VERSION_STR REGEX "^#define[\t ]+POLARSSL_VERSION_STRING[\t ]+\"[^\"]+\"")
endif()
if(POLARSSL_VERSION_STR MATCHES "\"([^\"]+)\"")
set(POLARSSL_VERSION "${CMAKE_MATCH_1}")
endif()
endif()
set(POLARSSL_INCLUDE_DIRS ${POLARSSL_INCLUDE_DIR})
set(POLARSSL_LIBRARIES ${POLARSSL_LIBRARY})
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(PolarSSL
REQUIRED_VARS
POLARSSL_LIBRARY
POLARSSL_INCLUDE_DIR
VERSION_VAR
POLARSSL_VERSION
)
mark_as_advanced(MBEDTLS_INCLUDE_DIR MBEDTLS_LIBRARY MBEDCRYPTO_LIBRARY POLARSSL_INCLUDE_DIR POLARSSL_LIBRARY)
if(POLARSSL_PREFER_STATIC_LIB)
set(CMAKE_FIND_LIBRARY_SUFFIXES ${POLARSSL_ORIG_CMAKE_FIND_LIBRARY_SUFFIXES})
unset(POLARSSL_ORIG_CMAKE_FIND_LIBRARY_SUFFIXES)
endif()

45
cmake/FindWolfSSL.cmake Normal file
View file

@ -0,0 +1,45 @@
if(WOLFSSL_PREFER_STATIC_LIB)
set(WOLFSSL_ORIG_CMAKE_FIND_LIBRARY_SUFFIXES ${CMAKE_FIND_LIBRARY_SUFFIXES})
if(WIN32)
set(CMAKE_FIND_LIBRARY_SUFFIXES .a .lib ${CMAKE_FIND_LIBRARY_SUFFIXES})
else()
set(CMAKE_FIND_LIBRARY_SUFFIXES .a ${CMAKE_FIND_LIBRARY_SUFFIXES})
endif()
endif()
if(UNIX)
find_package(PkgConfig QUIET)
pkg_check_modules(_WOLFSSL QUIET wolfssl)
endif()
find_path(WOLFSSL_INCLUDE_DIR NAMES wolfssl/version.h HINTS ${_WOLFSSL_INCLUDEDIR})
find_library(WOLFSSL_LIBRARY NAMES wolfssl HINTS ${_WOLFSSL_LIBDIR})
if(_WOLFSSL_VERSION)
set(WOLFSSL_VERSION ${_WOLFSSL_VERSION})
elseif(WOLFSSL_INCLUDE_DIR)
file(STRINGS "${WOLFSSL_INCLUDE_DIR}/wolfssl/version.h" WOLFSSL_VERSION_STR REGEX "^#define[\t ]+LIBWOLFSSL_VERSION_STRING[\t ]+\"[^\"]+\"")
if(WOLFSSL_VERSION_STR MATCHES "\"([^\"]+)\"")
set(WOLFSSL_VERSION "${CMAKE_MATCH_1}")
endif()
endif()
set(WOLFSSL_INCLUDE_DIRS ${WOLFSSL_INCLUDE_DIR})
set(WOLFSSL_LIBRARIES ${WOLFSSL_LIBRARY})
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(WolfSSL
REQUIRED_VARS
WOLFSSL_LIBRARY
WOLFSSL_INCLUDE_DIR
VERSION_VAR
WOLFSSL_VERSION
)
mark_as_advanced(WOLFSSL_INCLUDE_DIR WOLFSSL_LIBRARY)
if(WOLFSSL_PREFER_STATIC_LIB)
set(CMAKE_FIND_LIBRARY_SUFFIXES ${WOLFSSL_ORIG_CMAKE_FIND_LIBRARY_SUFFIXES})
unset(WOLFSSL_ORIG_CMAKE_FIND_LIBRARY_SUFFIXES)
endif()

View file

@ -18,10 +18,10 @@ set(${PROJECT_NAME}_SOURCES
clients.cc
completion.cc
crypto-utils-ccrypto.cc
crypto-utils-cyassl.cc
crypto-utils-fallback.cc
crypto-utils-mbedtls.cc
crypto-utils-openssl.cc
crypto-utils-polarssl.cc
crypto-utils-wolfssl.cc
crypto-utils.cc
error.cc
file-piece-map.cc
@ -90,7 +90,7 @@ set(${PROJECT_NAME}_SOURCES
)
set_source_files_properties(crypto-utils-fallback.cc PROPERTIES HEADER_FILE_ONLY ON)
foreach(CP ccrypto cyassl openssl polarssl)
foreach(CP ccrypto mbedtls openssl wolfssl)
if(NOT CP STREQUAL CRYPTO_PKG)
set_source_files_properties(crypto-utils-${CP}.cc PROPERTIES HEADER_FILE_ONLY ON)
endif()
@ -237,14 +237,6 @@ if(USE_SYSTEM_B64)
add_definitions(-DUSE_SYSTEM_B64)
endif()
if(CYASSL_IS_WOLFSSL)
add_definitions(-DCYASSL_IS_WOLFSSL)
endif()
if(POLARSSL_IS_MBEDTLS)
add_definitions(-DPOLARSSL_IS_MBEDTLS)
endif()
if(HAVE_SO_REUSEPORT)
add_definitions(-DHAVE_SO_REUSEPORT=1)
endif()

View file

@ -6,24 +6,12 @@
#include <memory>
#include <mutex>
#if defined(POLARSSL_IS_MBEDTLS)
// NOLINTBEGIN bugprone-macro-parentheses
#define API_HEADER(x) <mbedtls/x>
#define API(x) mbedtls_##x
// NOLINTEND
#define API_VERSION_NUMBER MBEDTLS_VERSION_NUMBER
#else
#define API_HEADER(x) <polarssl/x>
#define API(x) x
#define API_VERSION_NUMBER POLARSSL_VERSION_NUMBER
#endif
#include API_HEADER(base64.h)
#include API_HEADER(ctr_drbg.h)
#include API_HEADER(error.h)
#include API_HEADER(sha1.h)
#include API_HEADER(sha256.h)
#include API_HEADER(version.h)
#include <mbedtls/base64.h>
#include <mbedtls/ctr_drbg.h>
#include <mbedtls/error.h>
#include <mbedtls/sha1.h>
#include <mbedtls/sha256.h>
#include <mbedtls/version.h>
#include <fmt/core.h>
@ -40,23 +28,12 @@
****
***/
using api_ctr_drbg_context = API(ctr_drbg_context);
using api_sha1_context = API(sha1_context);
using api_sha256_context = API(sha256_context);
static void log_polarssl_error(int error_code, char const* file, int line)
static void log_mbedtls_error(int error_code, char const* file, int line)
{
if (tr_logLevelIsActive(TR_LOG_ERROR))
{
char error_message[256];
#if defined(POLARSSL_IS_MBEDTLS)
mbedtls_strerror(error_code, error_message, sizeof(error_message));
#elif API_VERSION_NUMBER >= 0x01030000
polarssl_strerror(error_code, error_message, sizeof(error_message));
#else
error_strerror(error_code, error_message, sizeof(error_message));
#endif
tr_logAddMessage(
file,
@ -64,28 +41,28 @@ static void log_polarssl_error(int error_code, char const* file, int line)
TR_LOG_ERROR,
fmt::format(
_("{crypto_library} error: {error} ({error_code})"),
fmt::arg("crypto_library", "PolarSSL/MbedTLS"),
fmt::arg("crypto_library", "MbedTLS"),
fmt::arg("error", error_message),
fmt::arg("error_code", error_code)));
}
}
#define log_error(error_code) log_polarssl_error((error_code), __FILE__, __LINE__)
#define log_error(error_code) log_mbedtls_error((error_code), __FILE__, __LINE__)
static bool check_polarssl_result(int result, int expected_result, char const* file, int line)
static bool check_mbedtls_result(int result, int expected_result, char const* file, int line)
{
bool const ret = result == expected_result;
if (!ret)
{
log_polarssl_error(result, file, line);
log_mbedtls_error(result, file, line);
}
return ret;
}
#define check_result(result) check_polarssl_result((result), 0, __FILE__, __LINE__)
#define check_result_eq(result, x_result) check_polarssl_result((result), (x_result), __FILE__, __LINE__)
#define check_result(result) check_mbedtls_result((result), 0, __FILE__, __LINE__)
#define check_result_eq(result, x_result) check_mbedtls_result((result), (x_result), __FILE__, __LINE__)
/***
****
@ -98,20 +75,20 @@ static int my_rand(void* /*context*/, unsigned char* buffer, size_t buffer_size)
return 0;
}
static api_ctr_drbg_context* get_rng()
static mbedtls_ctr_drbg_context* get_rng()
{
static api_ctr_drbg_context rng;
static mbedtls_ctr_drbg_context rng;
static bool rng_initialized = false;
if (!rng_initialized)
{
#if API_VERSION_NUMBER >= 0x02000000
API(ctr_drbg_init)(&rng);
#if MBEDTLS_VERSION_NUMBER >= 0x02000000
mbedtls_ctr_drbg_init(&rng);
if (!check_result(API(ctr_drbg_seed)(&rng, my_rand, nullptr, nullptr, 0)))
if (!check_result(mbedtls_ctr_drbg_seed(&rng, my_rand, nullptr, nullptr, 0)))
#else
if (!check_result(API(ctr_drbg_init)(&rng, my_rand, nullptr, nullptr, 0)))
if (!check_result(mbedtls_ctr_drbg_init(&rng, my_rand, nullptr, nullptr, 0)))
#endif
{
return nullptr;
@ -144,14 +121,12 @@ public:
void clear() override
{
#if API_VERSION_NUMBER >= 0x01030800
API(sha1_init)(&handle_);
#endif
mbedtls_sha1_init(&handle_);
#if API_VERSION_NUMBER >= 0x02070000
#if MBEDTLS_VERSION_NUMBER >= 0x02070000
mbedtls_sha1_starts_ret(&handle_);
#else
API(sha1_starts)(&handle_);
mbedtls_sha1_starts(&handle_);
#endif
}
@ -159,10 +134,10 @@ public:
{
if (data_length > 0U)
{
#if API_VERSION_NUMBER >= 0x02070000
#if MBEDTLS_VERSION_NUMBER >= 0x02070000
mbedtls_sha1_update_ret(&handle_, static_cast<unsigned char const*>(data), data_length);
#else
API(sha1_update)(&handle_, static_cast<unsigned char const*>(data), data_length);
mbedtls_sha1_update(&handle_, static_cast<unsigned char const*>(data), data_length);
#endif
}
}
@ -171,16 +146,13 @@ public:
{
auto digest = tr_sha1_digest_t{};
auto* const digest_as_uchar = reinterpret_cast<unsigned char*>(std::data(digest));
#if API_VERSION_NUMBER >= 0x02070000
#if MBEDTLS_VERSION_NUMBER >= 0x02070000
mbedtls_sha1_finish_ret(&handle_, digest_as_uchar);
#else
API(sha1_finish)(&handle_, digest_as_uchar);
#endif
#if API_VERSION_NUMBER >= 0x01030800
API(sha1_free)(&handle_);
mbedtls_sha1_finish(&handle_, digest_as_uchar);
#endif
mbedtls_sha1_free(&handle_);
return digest;
}
@ -200,14 +172,12 @@ public:
void clear() override
{
#if API_VERSION_NUMBER >= 0x01030800
API(sha256_init)(&handle_);
#endif
mbedtls_sha256_init(&handle_);
#if API_VERSION_NUMBER >= 0x02070000
#if MBEDTLS_VERSION_NUMBER >= 0x02070000
mbedtls_sha256_starts_ret(&handle_, 0);
#else
API(sha256_starts)(&handle_);
mbedtls_sha256_starts(&handle_);
#endif
}
@ -215,10 +185,10 @@ public:
{
if (data_length > 0U)
{
#if API_VERSION_NUMBER >= 0x02070000
#if MBEDTLS_VERSION_NUMBER >= 0x02070000
mbedtls_sha256_update_ret(&handle_, static_cast<unsigned char const*>(data), data_length);
#else
API(sha256_update)(&handle_, static_cast<unsigned char const*>(data), data_length);
mbedtls_sha256_update(&handle_, static_cast<unsigned char const*>(data), data_length);
#endif
}
}
@ -227,16 +197,13 @@ public:
{
auto digest = tr_sha256_digest_t{};
auto* const digest_as_uchar = reinterpret_cast<unsigned char*>(std::data(digest));
#if API_VERSION_NUMBER >= 0x02070000
#if MBEDTLS_VERSION_NUMBER >= 0x02070000
mbedtls_sha256_finish_ret(&handle_, digest_as_uchar);
#else
API(sha256_finish)(&handle_, digest_as_uchar);
#endif
#if API_VERSION_NUMBER >= 0x01030800
API(sha256_free)(&handle_);
mbedtls_sha256_finish(&handle_, digest_as_uchar);
#endif
mbedtls_sha256_free(&handle_);
return digest;
}
@ -270,5 +237,5 @@ bool tr_rand_buffer_crypto(void* buffer, size_t length)
TR_ASSERT(buffer != nullptr);
auto const lock = std::lock_guard(rng_mutex_);
return check_result(API(ctr_drbg_random)(get_rng(), static_cast<unsigned char*>(buffer), length));
return check_result(mbedtls_ctr_drbg_random(get_rng(), static_cast<unsigned char*>(buffer), length));
}

View file

@ -6,26 +6,12 @@
#include <memory>
#include <mutex>
#if defined(CYASSL_IS_WOLFSSL)
// NOLINTBEGIN bugprone-macro-parentheses
#define API_HEADER(x) <wolfssl/x>
#define API_HEADER_CRYPT(x) API_HEADER(wolfcrypt/x)
// NOLINTEND
#define API(x) wc_##x
#define API_VERSION_HEX LIBWOLFSSL_VERSION_HEX
#else
#define API_HEADER(x) <cyassl/x>
#define API_HEADER_CRYPT(x) API_HEADER(ctaocrypt/x)
#define API(x) x
#define API_VERSION_HEX LIBCYASSL_VERSION_HEX
#endif
#include API_HEADER(options.h)
#include API_HEADER_CRYPT(error-crypt.h)
#include API_HEADER_CRYPT(random.h)
#include API_HEADER_CRYPT(sha.h)
#include API_HEADER_CRYPT(sha256.h)
#include API_HEADER(version.h)
#include <wolfssl/options.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/random.h>
#include <wolfssl/wolfcrypt/sha.h>
#include <wolfssl/wolfcrypt/sha256.h>
#include <wolfssl/version.h>
#include <fmt/core.h>
@ -48,44 +34,35 @@ using TR_WC_RNG = RNG;
****
***/
static void log_cyassl_error(int error_code, char const* file, int line)
static void log_wolfssl_error(int error_code, char const* file, int line)
{
if (tr_logLevelIsActive(TR_LOG_ERROR))
{
#if API_VERSION_HEX >= 0x03004000
char const* error_message = API(GetErrorString)(error_code);
#elif API_VERSION_HEX >= 0x03000002
char const* error_message = CTaoCryptGetErrorString(error_code);
#else
char error_message[CYASSL_MAX_ERROR_SZ] = {};
CTaoCryptErrorString(error_code, error_message);
#endif
tr_logAddMessage(
file,
line,
TR_LOG_ERROR,
fmt::format(
_("{crypto_library} error: {error} ({error_code})"),
fmt::arg("crypto_library", "CyaSSL/WolfSSL"),
fmt::arg("error", error_message),
fmt::arg("crypto_library", "WolfSSL"),
fmt::arg("error", wc_GetErrorString(error_code)),
fmt::arg("error_code", error_code)));
}
}
static bool check_cyassl_result(int result, char const* file, int line)
static bool check_wolfssl_result(int result, char const* file, int line)
{
bool const ret = result == 0;
if (!ret)
{
log_cyassl_error(result, file, line);
log_wolfssl_error(result, file, line);
}
return ret;
}
#define check_result(result) check_cyassl_result((result), __FILE__, __LINE__)
#define check_result(result) check_wolfssl_result((result), __FILE__, __LINE__)
/***
****
@ -98,7 +75,7 @@ static TR_WC_RNG* get_rng()
if (!rng_initialized)
{
if (!check_result(API(InitRng)(&rng)))
if (!check_result(wc_InitRng(&rng)))
{
return nullptr;
}
@ -130,27 +107,27 @@ public:
void clear() override
{
API(InitSha)(&handle_);
wc_InitSha(&handle_);
}
void add(void const* data, size_t data_length) override
{
if (data_length > 0U)
{
API(ShaUpdate)(&handle_, static_cast<byte const*>(data), data_length);
wc_ShaUpdate(&handle_, static_cast<byte const*>(data), data_length);
}
}
[[nodiscard]] tr_sha1_digest_t finish() override
{
auto digest = tr_sha1_digest_t{};
API(ShaFinal)(&handle_, reinterpret_cast<byte*>(std::data(digest)));
wc_ShaFinal(&handle_, reinterpret_cast<byte*>(std::data(digest)));
clear();
return digest;
}
private:
API(Sha) handle_ = {};
wc_Sha handle_ = {};
};
class Sha256Impl final : public tr_sha256
@ -165,27 +142,27 @@ public:
void clear() override
{
API(InitSha256)(&handle_);
wc_InitSha256(&handle_);
}
void add(void const* data, size_t data_length) override
{
if (data_length > 0U)
{
API(Sha256Update)(&handle_, static_cast<byte const*>(data), data_length);
wc_Sha256Update(&handle_, static_cast<byte const*>(data), data_length);
}
}
[[nodiscard]] tr_sha256_digest_t finish() override
{
auto digest = tr_sha256_digest_t{};
API(Sha256Final)(&handle_, reinterpret_cast<byte*>(std::data(digest)));
wc_Sha256Final(&handle_, reinterpret_cast<byte*>(std::data(digest)));
clear();
return digest;
}
private:
API(Sha256) handle_ = {};
wc_Sha256 handle_ = {};
};
} // namespace
@ -214,5 +191,5 @@ bool tr_rand_buffer_crypto(void* buffer, size_t length)
TR_ASSERT(buffer != nullptr);
auto const lock = std::lock_guard(rng_mutex_);
return check_result(API(RNG_GenerateBlock)(get_rng(), static_cast<byte*>(buffer), length));
return check_result(wc_RNG_GenerateBlock(get_rng(), static_cast<byte*>(buffer), length));
}