Update openssl api #374

2025-04-10 14:06:45 +00:00 · 2023-07-13 20:49:45 -04:00 · 2023-07-13 20:49:45 -04:00 · 0d81d7c43b
commit 0d81d7c43b
parent 9f175cb0f0
8 changed files with 49 additions and 22 deletions
--- a/src/main.c
+++ b/src/main.c
@ -68,9 +68,7 @@ void database_scan_begin(scan_args_t *args) {
        desc->version_patch = VersionPatch;

        // generate new index id based on timestamp
-        unsigned char index_md5[MD5_DIGEST_LENGTH];
-        MD5((unsigned char *) &ScanCtx.index.desc.timestamp, sizeof(ScanCtx.index.desc.timestamp), index_md5);
-        buf2hex(index_md5, MD5_DIGEST_LENGTH, ScanCtx.index.desc.id);
+        md5_hexdigest(&ScanCtx.index.desc.timestamp, sizeof(ScanCtx.index.desc.timestamp), ScanCtx.index.desc.id);

        database_initialize(db);
        database_open(db);
--- a/src/parsing/fs_util.h
+++ b/src/parsing/fs_util.h
@ -2,15 +2,18 @@
 #define SIST2_FS_UTIL_H

 #include "src/sist.h"
+#include <openssl/evp.h>

 #define CLOSE_FILE(f) if ((f).close != NULL) {(f).close(&(f));};

 static int fs_read(struct vfile *f, void *buf, size_t size) {
    if (f->fd == -1) {
-        SHA1_Init(&f->sha1_ctx);
+        f->sha1_ctx = EVP_MD_CTX_new();
+        EVP_DigestInit_ex(f->sha1_ctx, EVP_sha1(), NULL);

        f->fd = open(f->filepath, O_RDONLY);
        if (f->fd == -1) {
+            EVP_MD_CTX_free(f->sha1_ctx);
            return -1;
        }
    }
@ -19,7 +22,7 @@ static int fs_read(struct vfile *f, void *buf, size_t size) {

    if (ret != 0 && f->calculate_checksum) {
        f->has_checksum = TRUE;
-        safe_sha1_update(&f->sha1_ctx, (unsigned char *) buf, ret);
+        safe_digest_update(f->sha1_ctx, (unsigned char *) buf, ret);
    }

    return ret;
@ -27,8 +30,11 @@ static int fs_read(struct vfile *f, void *buf, size_t size) {

 static void fs_close(struct vfile *f) {
    if (f->fd != -1) {
-        SHA1_Final(f->sha1_digest, &f->sha1_ctx);
+        EVP_DigestFinal_ex(f->sha1_ctx, f->sha1_digest, NULL);
+        EVP_MD_CTX_free(f->sha1_ctx);
+        f->sha1_ctx = NULL;
        close(f->fd);
+        f->fd = -1;
    }
 }

--- a/src/util.h
+++ b/src/util.h
@ -7,6 +7,7 @@

 #include "third-party/utf8.h/utf8.h"
 #include "libscan/scan.h"
+#include <openssl/evp.h>


 char *abspath(const char *path);
@ -86,13 +87,22 @@ static void buf2hex(const unsigned char *buf, size_t buflen, char *hex_string) {
    *s = '\0';
 }

+static void md5_hexdigest(void *data, size_t size, char *output) {
+    EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
+    EVP_DigestInit_ex(md_ctx, EVP_md5(), NULL);
+
+    EVP_DigestUpdate(md_ctx, data, size);
+
+    unsigned char digest[MD5_DIGEST_LENGTH];
+    EVP_DigestFinal_ex(md_ctx, digest, NULL);
+    EVP_MD_CTX_free(md_ctx);
+
+    buf2hex(digest, MD5_DIGEST_LENGTH, output);
+}

 __always_inline
 static void generate_doc_id(const char *rel_path, char *doc_id) {
-    unsigned char md[MD5_DIGEST_LENGTH];
-
-    MD5((unsigned char *) rel_path, strlen(rel_path), md);
-    buf2hex(md, sizeof(md), doc_id);
+    md5_hexdigest(rel_path, strlen(rel_path), doc_id);
 }

 #define MILLISECOND 1000
--- a/third-party/libscan/libscan/arc/arc.c
+++ b/third-party/libscan/libscan/arc/arc.c
@ -22,7 +22,11 @@ int should_parse_filtered_file(const char *filepath) {
 }

 void arc_close(struct vfile *f) {
-    SHA1_Final(f->sha1_digest, &f->sha1_ctx);
+    if (f->sha1_ctx != NULL) {
+        EVP_DigestFinal_ex(f->sha1_ctx, f->sha1_digest, NULL);
+        EVP_MD_CTX_free(f->sha1_ctx);
+        f->sha1_ctx = NULL;
+    }

    if (f->rewind_buffer != NULL) {
        free(f->rewind_buffer);
@ -59,7 +63,7 @@ int arc_read(struct vfile *f, void *buf, size_t size) {
    if (bytes_read != 0 && bytes_read <= size && f->calculate_checksum) {
        f->has_checksum = TRUE;

-        safe_sha1_update(&f->sha1_ctx, (unsigned char *) buf, bytes_read);
+        safe_digest_update(f->sha1_ctx, (unsigned char *) buf, bytes_read);
    }

    if (bytes_read != size && archive_errno(f->arc) != 0) {
@ -237,9 +241,12 @@ scan_code_t parse_archive(scan_arc_ctx_t *ctx, vfile_t *f, document_t *doc, pcre
                    sub_job->ext = (int) strlen(sub_job->filepath);
                }

-                SHA1_Init(&sub_job->vfile.sha1_ctx);
+                sub_job->vfile.sha1_ctx = EVP_MD_CTX_new();
+                EVP_DigestInit(sub_job->vfile.sha1_ctx, EVP_sha1());

                ctx->parse(sub_job);
+
+                sub_job->vfile.close(&sub_job->vfile);
            }
        }

--- a/third-party/libscan/libscan/arc/arc.h
+++ b/third-party/libscan/libscan/arc/arc.h
@ -35,7 +35,8 @@ static int vfile_open_callback(struct archive *a, void *user_data) {
    arc_data_t *data = (arc_data_t *) user_data;

    if (!data->f->is_fs_file) {
-        SHA1_Init(&data->f->sha1_ctx);
+        data->f->sha1_ctx = EVP_MD_CTX_new();
+        EVP_DigestInit(data->f->sha1_ctx, EVP_md5());
    }

    return ARCHIVE_OK;
@ -49,7 +50,7 @@ static long vfile_read_callback(struct archive *a, void *user_data, const void *

    if (!data->f->is_fs_file && ret > 0) {
        data->f->has_checksum = TRUE;
-        safe_sha1_update(&data->f->sha1_ctx, (unsigned char*)data->buf, ret);
+        safe_digest_update(data->f->sha1_ctx, (unsigned char *) data->buf, ret);
    }

    return ret;
@ -59,7 +60,9 @@ static int vfile_close_callback(struct archive *a, void *user_data) {
    arc_data_t *data = (arc_data_t *) user_data;

    if (!data->f->is_fs_file) {
-        SHA1_Final((unsigned char *) data->f->sha1_digest, &data->f->sha1_ctx);
+        EVP_DigestFinal_ex(data->f->sha1_ctx, data->f->sha1_digest, NULL);
+        EVP_MD_CTX_free(data->f->sha1_ctx);
+        data->f->sha1_ctx = NULL;
    }

    return ARCHIVE_OK;
--- a/third-party/libscan/libscan/media/media.c
+++ b/third-party/libscan/libscan/media/media.c
@ -697,9 +697,10 @@ int memfile_open(vfile_t *f, memfile_t *mem) {
    mem->file = fmemopen(mem->buf, mem->size, "rb");

    if (f->calculate_checksum) {
-        SHA1_Init(&f->sha1_ctx);
-        safe_sha1_update(&f->sha1_ctx, mem->buf, mem->size);
-        SHA1_Final(f->sha1_digest, &f->sha1_ctx);
+        safe_digest_update(f->sha1_ctx, mem->buf, mem->size);
+        EVP_DigestFinal_ex(f->sha1_ctx, f->sha1_digest, NULL);
+        EVP_MD_CTX_free(f->sha1_ctx);
+        f->sha1_ctx = NULL;
        f->has_checksum = TRUE;
    }

--- a/third-party/libscan/libscan/scan.h
+++ b/third-party/libscan/libscan/scan.h
@ -8,6 +8,7 @@
 #include <stdio.h>
 #include <string.h>
 #include <sys/stat.h>
+#include <openssl/evp.h>
 #include <openssl/md5.h>
 #include <openssl/sha.h>

@ -146,7 +147,7 @@ typedef struct vfile {
    int mtime;
    size_t st_size;

-    SHA_CTX sha1_ctx;
+    EVP_MD_CTX *sha1_ctx;
    unsigned char sha1_digest[SHA1_DIGEST_LENGTH];

    void *rewind_buffer;
--- a/third-party/libscan/libscan/util.h
+++ b/third-party/libscan/libscan/util.h
@ -6,6 +6,7 @@
 #include "string.h"
 #include "../third-party/utf8.h/utf8.h"
 #include "macros.h"
+#include <openssl/evp.h>

 #define STR_STARTS_WITH_CONSTANT(x, y) (strncmp(y, x, sizeof(y) - 1) == 0)

@ -339,7 +340,7 @@ static void *read_all(vfile_t *f, size_t *size) {
 #define STACK_BUFFER_SIZE (size_t)(4096 * 8)

 __always_inline
-static void safe_sha1_update(SHA_CTX *ctx, void *buf, size_t size) {
+static void safe_digest_update(EVP_MD_CTX *ctx, void *buf, size_t size) {
    unsigned char stack_buf[STACK_BUFFER_SIZE];

    void *sha1_buf;
@ -351,7 +352,7 @@ static void safe_sha1_update(SHA_CTX *ctx, void *buf, size_t size) {
    }

    memcpy(sha1_buf, buf, size);
-    SHA1_Update(ctx, (const void *) sha1_buf, size);
+    EVP_DigestUpdate(ctx, sha1_buf, size);

    if (sha1_buf != stack_buf) {
        free(sha1_buf);