aboutsummaryrefslogtreecommitdiffstats
path: root/util-src
diff options
context:
space:
mode:
Diffstat (limited to 'util-src')
-rw-r--r--util-src/hashes.c106
-rw-r--r--util-src/poll.c18
-rw-r--r--util-src/pposix.c4
-rw-r--r--util-src/time.c2
4 files changed, 40 insertions, 90 deletions
diff --git a/util-src/hashes.c b/util-src/hashes.c
index 903ecb6e..4c48b26f 100644
--- a/util-src/hashes.c
+++ b/util-src/hashes.c
@@ -26,6 +26,7 @@ typedef unsigned __int32 uint32_t;
#include <openssl/sha.h>
#include <openssl/md5.h>
#include <openssl/hmac.h>
+#include <openssl/evp.h>
#if (LUA_VERSION_NUM == 501)
#define luaL_setfuncs(L, R, N) luaL_register(L, NULL, R)
@@ -75,44 +76,6 @@ struct hash_desc {
void *ctx, *ctxo;
};
-static void hmac(struct hash_desc *desc, const char *key, size_t key_len,
- const char *msg, size_t msg_len, unsigned char *result) {
- union xory {
- unsigned char bytes[64];
- uint32_t quadbytes[16];
- };
-
- int i;
- unsigned char hashedKey[64]; /* Maximum used digest length */
- union xory k_ipad, k_opad;
-
- if(key_len > 64) {
- desc->Init(desc->ctx);
- desc->Update(desc->ctx, key, key_len);
- desc->Final(hashedKey, desc->ctx);
- key = (const char *)hashedKey;
- key_len = desc->digestLength;
- }
-
- memcpy(k_ipad.bytes, key, key_len);
- memset(k_ipad.bytes + key_len, 0, 64 - key_len);
- memcpy(k_opad.bytes, k_ipad.bytes, 64);
-
- for(i = 0; i < 16; i++) {
- k_ipad.quadbytes[i] ^= HMAC_IPAD;
- k_opad.quadbytes[i] ^= HMAC_OPAD;
- }
-
- desc->Init(desc->ctx);
- desc->Update(desc->ctx, k_ipad.bytes, 64);
- desc->Init(desc->ctxo);
- desc->Update(desc->ctxo, k_opad.bytes, 64);
- desc->Update(desc->ctx, msg, msg_len);
- desc->Final(result, desc->ctx);
- desc->Update(desc->ctxo, result, desc->digestLength);
- desc->Final(result, desc->ctxo);
-}
-
#define MAKE_HMAC_FUNCTION(myFunc, evp, size, type) \
static int myFunc(lua_State *L) { \
unsigned char hash[size], result[2*size]; \
@@ -136,56 +99,37 @@ MAKE_HMAC_FUNCTION(Lhmac_sha256, EVP_sha256, SHA256_DIGEST_LENGTH, SHA256_CTX)
MAKE_HMAC_FUNCTION(Lhmac_sha512, EVP_sha512, SHA512_DIGEST_LENGTH, SHA512_CTX)
MAKE_HMAC_FUNCTION(Lhmac_md5, EVP_md5, MD5_DIGEST_LENGTH, MD5_CTX)
-static int LscramHi(lua_State *L) {
- union xory {
- unsigned char bytes[SHA_DIGEST_LENGTH];
- uint32_t quadbytes[SHA_DIGEST_LENGTH / 4];
- };
- int i;
- SHA_CTX ctx, ctxo;
- unsigned char Ust[SHA_DIGEST_LENGTH];
- union xory Und;
- union xory res;
- size_t str_len, salt_len;
- struct hash_desc desc;
- const char *str = luaL_checklstring(L, 1, &str_len);
- const char *salt = luaL_checklstring(L, 2, &salt_len);
- char *salt2;
- const int iter = luaL_checkinteger(L, 3);
-
- desc.Init = (int (*)(void *))SHA1_Init;
- desc.Update = (int (*)(void *, const void *, size_t))SHA1_Update;
- desc.Final = (int (*)(unsigned char *, void *))SHA1_Final;
- desc.digestLength = SHA_DIGEST_LENGTH;
- desc.ctx = &ctx;
- desc.ctxo = &ctxo;
+static int Lpbkdf2_sha1(lua_State *L) {
+ unsigned char out[SHA_DIGEST_LENGTH];
- salt2 = malloc(salt_len + 4);
+ size_t pass_len, salt_len;
+ const char *pass = luaL_checklstring(L, 1, &pass_len);
+ const unsigned char *salt = (unsigned char *)luaL_checklstring(L, 2, &salt_len);
+ const int iter = luaL_checkinteger(L, 3);
- if(salt2 == NULL) {
- return luaL_error(L, "Out of memory in scramHi");
+ if(PKCS5_PBKDF2_HMAC(pass, pass_len, salt, salt_len, iter, EVP_sha1(), SHA_DIGEST_LENGTH, out) == 0) {
+ return luaL_error(L, "PKCS5_PBKDF2_HMAC() failed");
}
- memcpy(salt2, salt, salt_len);
- memcpy(salt2 + salt_len, "\0\0\0\1", 4);
- hmac(&desc, str, str_len, salt2, salt_len + 4, Ust);
- free(salt2);
+ lua_pushlstring(L, (char *)out, SHA_DIGEST_LENGTH);
- memcpy(res.bytes, Ust, sizeof(res));
+ return 1;
+}
- for(i = 1; i < iter; i++) {
- int j;
- hmac(&desc, str, str_len, (char *)Ust, sizeof(Ust), Und.bytes);
- for(j = 0; j < SHA_DIGEST_LENGTH / 4; j++) {
- res.quadbytes[j] ^= Und.quadbytes[j];
- }
+static int Lpbkdf2_sha256(lua_State *L) {
+ unsigned char out[SHA256_DIGEST_LENGTH];
- memcpy(Ust, Und.bytes, sizeof(Ust));
- }
+ size_t pass_len, salt_len;
+ const char *pass = luaL_checklstring(L, 1, &pass_len);
+ const unsigned char *salt = (unsigned char *)luaL_checklstring(L, 2, &salt_len);
+ const int iter = luaL_checkinteger(L, 3);
- lua_pushlstring(L, (char *)res.bytes, SHA_DIGEST_LENGTH);
+ if(PKCS5_PBKDF2_HMAC(pass, pass_len, salt, salt_len, iter, EVP_sha256(), SHA256_DIGEST_LENGTH, out) == 0) {
+ return luaL_error(L, "PKCS5_PBKDF2_HMAC() failed");
+ }
+ lua_pushlstring(L, (char *)out, SHA_DIGEST_LENGTH);
return 1;
}
@@ -200,7 +144,9 @@ static const luaL_Reg Reg[] = {
{ "hmac_sha256", Lhmac_sha256 },
{ "hmac_sha512", Lhmac_sha512 },
{ "hmac_md5", Lhmac_md5 },
- { "scram_Hi_sha1", LscramHi },
+ { "scram_Hi_sha1", Lpbkdf2_sha1 }, /* COMPAT */
+ { "pbkdf2_hmac_sha1", Lpbkdf2_sha1 },
+ { "pbkdf2_hmac_sha256", Lpbkdf2_sha256 },
{ NULL, NULL }
};
@@ -209,7 +155,7 @@ LUALIB_API int luaopen_util_hashes(lua_State *L) {
luaL_checkversion(L);
#endif
lua_newtable(L);
- luaL_setfuncs(L, Reg, 0);;
+ luaL_setfuncs(L, Reg, 0);
lua_pushliteral(L, "-3.14");
lua_setfield(L, -2, "version");
return 1;
diff --git a/util-src/poll.c b/util-src/poll.c
index 0ca0cf28..1e7b6da3 100644
--- a/util-src/poll.c
+++ b/util-src/poll.c
@@ -59,7 +59,7 @@ typedef struct Lpoll_state {
/*
* Add an FD to be watched
*/
-int Ladd(lua_State *L) {
+static int Ladd(lua_State *L) {
struct Lpoll_state *state = luaL_checkudata(L, 1, STATE_MT);
int fd = luaL_checkinteger(L, 2);
@@ -137,7 +137,7 @@ int Ladd(lua_State *L) {
/*
* Set events to watch for, readable and/or writable
*/
-int Lset(lua_State *L) {
+static int Lset(lua_State *L) {
struct Lpoll_state *state = luaL_checkudata(L, 1, STATE_MT);
int fd = luaL_checkinteger(L, 2);
@@ -200,7 +200,7 @@ int Lset(lua_State *L) {
/*
* Remove FDs
*/
-int Ldel(lua_State *L) {
+static int Ldel(lua_State *L) {
struct Lpoll_state *state = luaL_checkudata(L, 1, STATE_MT);
int fd = luaL_checkinteger(L, 2);
@@ -247,7 +247,7 @@ int Ldel(lua_State *L) {
/*
* Check previously manipulated event state for FDs ready for reading or writing
*/
-int Lpushevent(lua_State *L, struct Lpoll_state *state) {
+static int Lpushevent(lua_State *L, struct Lpoll_state *state) {
#ifdef USE_EPOLL
if(state->processed > 0) {
@@ -281,7 +281,7 @@ int Lpushevent(lua_State *L, struct Lpoll_state *state) {
/*
* Wait for event
*/
-int Lwait(lua_State *L) {
+static int Lwait(lua_State *L) {
struct Lpoll_state *state = luaL_checkudata(L, 1, STATE_MT);
int ret = Lpushevent(L, state);
@@ -344,7 +344,7 @@ int Lwait(lua_State *L) {
/*
* Return Epoll FD
*/
-int Lgetfd(lua_State *L) {
+static int Lgetfd(lua_State *L) {
struct Lpoll_state *state = luaL_checkudata(L, 1, STATE_MT);
lua_pushinteger(L, state->epoll_fd);
return 1;
@@ -353,7 +353,7 @@ int Lgetfd(lua_State *L) {
/*
* Close epoll FD
*/
-int Lgc(lua_State *L) {
+static int Lgc(lua_State *L) {
struct Lpoll_state *state = luaL_checkudata(L, 1, STATE_MT);
if(state->epoll_fd == -1) {
@@ -375,7 +375,7 @@ int Lgc(lua_State *L) {
/*
* String representation
*/
-int Ltos(lua_State *L) {
+static int Ltos(lua_State *L) {
struct Lpoll_state *state = luaL_checkudata(L, 1, STATE_MT);
lua_pushfstring(L, "%s: %p", STATE_MT, state);
return 1;
@@ -384,7 +384,7 @@ int Ltos(lua_State *L) {
/*
* Create a new context
*/
-int Lnew(lua_State *L) {
+static int Lnew(lua_State *L) {
/* Allocate state */
Lpoll_state *state = lua_newuserdata(L, sizeof(Lpoll_state));
luaL_setmetatable(L, STATE_MT);
diff --git a/util-src/pposix.c b/util-src/pposix.c
index 5c926603..169343b8 100644
--- a/util-src/pposix.c
+++ b/util-src/pposix.c
@@ -25,14 +25,18 @@
#define _DEFAULT_SOURCE
#endif
#endif
+
#if defined(__APPLE__)
#ifndef _DARWIN_C_SOURCE
#define _DARWIN_C_SOURCE
#endif
#endif
+
+#if ! defined(__FreeBSD__)
#ifndef _POSIX_C_SOURCE
#define _POSIX_C_SOURCE 200809L
#endif
+#endif
#include <stdlib.h>
#include <math.h>
diff --git a/util-src/time.c b/util-src/time.c
index bfad52ee..bc6b5b1c 100644
--- a/util-src/time.c
+++ b/util-src/time.c
@@ -1,5 +1,5 @@
#ifndef _POSIX_C_SOURCE
-#define _POSIX_C_SOURCE 199309L
+#define _POSIX_C_SOURCE 200809L
#endif
#include <time.h>