* eet/src/lib/eet_lib.c,
* eet/src/lib/eet_cipher.c,
* eet/src/lib/Eet_private.h: Add a function to retrieve SHA1 of an associated Eet_File.
Note: Sadly GnuTLS doesn't seem to provide a gnutls_x509_crt_verify_hash function.
git-svn-id: svn+ssh://svn.enlightenment.org/var/svn/e/trunk/eet@38982
7cbeb6ba-43b4-40fd-8cce-
4c39aea84d33
*/
EAPI const void *eet_identity_signature(Eet_File *ef, int *signature_length);
+ /**
+ * Get the SHA1 associated with a file. Could be the one used to sign the data
+ * or if the data where not signed, it will be the SHA1 of the file.
+ *
+ * @since 2.0.0
+ */
+ EAPI const void *eet_identity_sha1(Eet_File *ef, int *sha1_length);
+
/**
* Display the x509 der certificate to out.
*
const void *signature_base, unsigned int signature_length,
const void **raw_signature_base, unsigned int *raw_signature_length,
int *x509_length);
+void *eet_identity_compute_sha1(const void *data_base, unsigned int data_length,
+ int *sha1_length);
Eet_Error eet_cipher(const void *data, unsigned int size, const char *key, unsigned int length, void **result, unsigned int *result_length);
Eet_Error eet_decipher(const void *data, unsigned int size, const char *key, unsigned int length, void **result, unsigned int *result_length);
Eet_Error eet_identity_sign(FILE *fp, Eet_Key *key);
# endif
#endif
+#ifdef HAVE_OPENSSL
+# include <openssl/sha.h>
+#endif
+
#ifdef HAVE_CIPHER
# ifdef HAVE_GNUTLS
# include <gnutls/x509.h>
eet_identity_close(key);
}
+void *
+eet_identity_compute_sha1(const void *data_base, unsigned int data_length,
+ int *sha1_length)
+{
+ void *result;
+
+#ifdef HAVE_GNUTLS
+ result = malloc(gcry_md_get_algo_dlen(GCRY_MD_SHA1));
+ if (!result) return NULL;
+
+ gcry_md_hash_buffer(GCRY_MD_SHA1, result, data_base, data_length);
+#else
+# ifdef HAVE_OPENSSL
+ result = malloc(SHA_DIGEST_LENGTH);
+ if (!result) return NULL;
+
+ SHA1(data_base, data_length, result);
+# else
+ result = NULL;
+# endif
+#endif
+
+ return result;
+}
+
Eet_Error
eet_identity_sign(FILE *fp, Eet_Key *key)
{
gnutls_x509_crt_init(&cert);
gnutls_x509_crt_import(cert, &datum, GNUTLS_X509_FMT_DER);
+ signature.data = (void *)sign;
+ signature.size = sign_len;
+
/* Verify the signature */
datum.data = (void *)data_base;
datum.size = data_length;
- signature.data = (void *)sign;
- signature.size = sign_len;
if (!gnutls_x509_crt_verify_data(cert, 0, &datum, &signature))
return NULL;
# else
const unsigned char *data;
const void *x509_der;
const void *signature;
+ void *sha1;
Eet_File_Mode mode;
int data_size;
int x509_length;
unsigned int signature_length;
+ unsigned int sha1_length;
time_t mtime;
ef->readfp = NULL;
ef->data = data;
ef->data_size = size;
+ ef->sha1 = NULL;
+ ef->sha1_length = 0;
return eet_internal_read(ef);
}
ef->delete_me_now = 0;
ef->data = NULL;
ef->data_size = 0;
+ ef->sha1 = NULL;
+ ef->sha1_length = 0;
ef->ed = (mode == EET_FILE_MODE_WRITE)
|| (ef->fp == NULL && mode == EET_FILE_MODE_READ_WRITE) ?
return ef->signature;
}
+EAPI const void *
+eet_identity_sha1(Eet_File *ef, int *sha1_length)
+{
+ if (!ef->sha1)
+ ef->sha1 = eet_identity_compute_sha1(ef->data, ef->data_size, &ef->sha1_length);
+
+ if (sha1_length) *sha1_length = ef->sha1_length;
+ return ef->sha1;
+}
+
EAPI Eet_Error
eet_identity_set(Eet_File *ef, Eet_Key *key)
{