diff options
| -rw-r--r-- | src/libcryptobox/cryptobox.h | 3 | ||||
| -rw-r--r-- | src/libutil/http.c | 21 | ||||
| -rw-r--r-- | src/libutil/keypair_private.h | 3 | ||||
| -rw-r--r-- | src/libutil/map.c | 8 | ||||
| -rw-r--r-- | src/libutil/regexp.c | 14 | ||||
| -rw-r--r-- | src/libutil/rrd.c | 14 | ||||
| -rw-r--r-- | src/libutil/shingles.c | 16 | ||||
| -rw-r--r-- | src/libutil/util.c | 4 |
8 files changed, 43 insertions, 40 deletions
diff --git a/src/libcryptobox/cryptobox.h b/src/libcryptobox/cryptobox.h index fc7ddd8b3..7d18e2c32 100644 --- a/src/libcryptobox/cryptobox.h +++ b/src/libcryptobox/cryptobox.h @@ -208,6 +208,9 @@ guint rspamd_cryptobox_nm_bytes (void); guint rspamd_cryptobox_mac_bytes (void); /* Hash IUF interface */ +typedef struct RSPAMD_ALIGNED(32) rspamd_cryptobox_hash_state_s { + unsigned char opaque[256]; +} rspamd_cryptobox_hash_state_t; /** * Init cryptobox hash state using key if needed, `st` must point to the buffer diff --git a/src/libutil/http.c b/src/libutil/http.c index beb27cf9b..340951caf 100644 --- a/src/libutil/http.c +++ b/src/libutil/http.c @@ -28,7 +28,6 @@ #include "printf.h" #include "logger.h" #include "ref.h" -#include "blake2.h" #include "ottery.h" #include "keypair_private.h" #include "cryptobox.h" @@ -1301,7 +1300,7 @@ rspamd_http_connection_write_message (struct rspamd_http_connection *conn, gboolean encrypted = FALSE; gchar *b32_key, *b32_id; guchar nonce[rspamd_cryptobox_MAX_NONCEBYTES], mac[rspamd_cryptobox_MAX_MACBYTES], - id[BLAKE2B_OUTBYTES]; + id[rspamd_cryptobox_HASHBYTES]; guchar *np = NULL, *mp = NULL, *meth_pos = NULL; struct rspamd_http_keypair *peer_key = NULL; @@ -2262,6 +2261,7 @@ rspamd_http_connection_make_key (gchar *key, gsize keylen) gchar *semicolon; gsize decoded_len; struct rspamd_http_keypair *kp; + guchar kh[rspamd_cryptobox_HASHBYTES]; semicolon = memchr (key, ':', keylen); @@ -2284,8 +2284,9 @@ rspamd_http_connection_make_key (gchar *key, gsize keylen) REF_INIT_RETAIN (kp, rspamd_http_keypair_dtor); memcpy (kp->sk, decoded_sk, rspamd_cryptobox_sk_bytes ()); memcpy (kp->pk, decoded_pk, rspamd_cryptobox_pk_bytes ()); - blake2b (kp->id, kp->pk, NULL, sizeof (kp->id), - rspamd_cryptobox_pk_bytes (), 0); + rspamd_cryptobox_hash (kh, kp->pk, rspamd_cryptobox_pk_bytes (), + NULL, 0); + memcpy (kp->id, kh, sizeof (kp->id)); return (gpointer) kp; } @@ -2300,13 +2301,15 @@ gpointer rspamd_http_connection_gen_key (void) { struct rspamd_http_keypair *kp; + guchar kh[rspamd_cryptobox_HASHBYTES]; kp = g_slice_alloc (sizeof (*kp)); REF_INIT_RETAIN (kp, rspamd_http_keypair_dtor); rspamd_cryptobox_keypair (kp->pk, kp->sk); - blake2b (kp->id, kp->pk, NULL, sizeof (kp->id), - rspamd_cryptobox_pk_bytes (), 0); + rspamd_cryptobox_hash (kh, kp->pk, rspamd_cryptobox_pk_bytes (), + NULL, 0); + memcpy (kp->id, kh, sizeof (kp->id)); return (gpointer)kp; } @@ -2419,6 +2422,7 @@ rspamd_http_connection_make_peer_key (const gchar *key) guchar *pk_decoded; gsize dec_len; struct rspamd_http_keypair *kp = NULL; + guchar kh[rspamd_cryptobox_HASHBYTES]; pk_decoded = rspamd_decode_base32 (key, strlen (key), &dec_len); @@ -2426,8 +2430,9 @@ rspamd_http_connection_make_peer_key (const gchar *key) kp = g_slice_alloc0 (sizeof (*kp)); REF_INIT_RETAIN (kp, rspamd_http_keypair_dtor); memcpy (kp->pk, pk_decoded, rspamd_cryptobox_pk_bytes ()); - blake2b (kp->id, kp->pk, NULL, sizeof (kp->id), - rspamd_cryptobox_pk_bytes (), 0); + rspamd_cryptobox_hash (kh, kp->pk, rspamd_cryptobox_pk_bytes (), + NULL, 0); + memcpy (kp->id, kh, sizeof (kp->id)); } g_free (pk_decoded); diff --git a/src/libutil/keypair_private.h b/src/libutil/keypair_private.h index 96f78bdcd..762ff253a 100644 --- a/src/libutil/keypair_private.h +++ b/src/libutil/keypair_private.h @@ -27,14 +27,13 @@ #include "config.h" #include "ref.h" -#include "blake2.h" #include "cryptobox.h" struct RSPAMD_ALIGNED(32) rspamd_http_keypair { guchar RSPAMD_ALIGNED(32) sk[rspamd_cryptobox_MAX_SKBYTES]; guchar RSPAMD_ALIGNED(32) nm[rspamd_cryptobox_MAX_NMBYTES]; guchar RSPAMD_ALIGNED(32) pk[rspamd_cryptobox_MAX_PKBYTES]; - guchar id[BLAKE2B_OUTBYTES]; + guchar id[rspamd_cryptobox_HASHBYTES]; gboolean has_nm; ref_entry_t ref; }; diff --git a/src/libutil/map.c b/src/libutil/map.c index 6c813a133..f9bd02ef9 100644 --- a/src/libutil/map.c +++ b/src/libutil/map.c @@ -29,9 +29,7 @@ #include "map.h" #include "http.h" #include "rspamd.h" -#include "util.h" -#include "mem_pool.h" -#include "blake2.h" +#include "cryptobox.h" #include "unix-std.h" static const gchar *hash_fill = "1"; @@ -494,7 +492,7 @@ rspamd_map_add (struct rspamd_config *cfg, const gchar *def, *p, *hostend; struct file_map_data *fdata; struct http_map_data *hdata; - gchar portbuf[6], *cksum_encoded, cksum[BLAKE2B_OUTBYTES]; + gchar portbuf[6], *cksum_encoded, cksum[rspamd_cryptobox_HASHBYTES]; gint i, s, r; struct addrinfo hints, *res; rspamd_mempool_t *pool; @@ -627,7 +625,7 @@ rspamd_map_add (struct rspamd_config *cfg, new_map->map_data = hdata; } /* Temp pool */ - blake2b (cksum, new_map->uri, NULL, sizeof (cksum), strlen (new_map->uri), 0); + rspamd_cryptobox_hash (cksum, new_map->uri, strlen (new_map->uri), NULL, 0); cksum_encoded = rspamd_encode_base32 (cksum, sizeof (cksum)); new_map->pool = rspamd_mempool_new (rspamd_mempool_suggest_size (), "map"); memcpy (new_map->pool->tag.uid, cksum_encoded, diff --git a/src/libutil/regexp.c b/src/libutil/regexp.c index 7ef3f178b..5ebcf7db8 100644 --- a/src/libutil/regexp.c +++ b/src/libutil/regexp.c @@ -25,13 +25,13 @@ #include "config.h" #include "regexp.h" -#include "blake2.h" +#include "cryptobox.h" #include "ref.h" #include "util.h" #include "rspamd.h" #include <pcre.h> -typedef guchar regexp_id_t[BLAKE2B_OUTBYTES]; +typedef guchar regexp_id_t[rspamd_cryptobox_HASHBYTES]; #define RSPAMD_REGEXP_FLAG_RAW (1 << 1) #define RSPAMD_REGEXP_FLAG_NOOPT (1 << 2) @@ -72,16 +72,16 @@ static void rspamd_regexp_generate_id (const gchar *pattern, const gchar *flags, regexp_id_t out) { - blake2b_state st; + rspamd_cryptobox_hash_state_t st; - blake2b_init (&st, sizeof (regexp_id_t)); + rspamd_cryptobox_hash_init (&st, NULL, 0); if (flags) { - blake2b_update (&st, flags, strlen (flags)); + rspamd_cryptobox_hash_update (&st, flags, strlen (flags)); } - blake2b_update (&st, pattern, strlen (pattern)); - blake2b_final (&st, out, sizeof (regexp_id_t)); + rspamd_cryptobox_hash_update (&st, pattern, strlen (pattern)); + rspamd_cryptobox_hash_final (&st, out); } static void diff --git a/src/libutil/rrd.c b/src/libutil/rrd.c index c5793a590..c5e6c3b24 100644 --- a/src/libutil/rrd.c +++ b/src/libutil/rrd.c @@ -21,12 +21,12 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include <blake2.h> #include "config.h" #include "rrd.h" #include "util.h" #include "logger.h" #include "unix-std.h" +#include "cryptobox.h" #include <math.h> #define msg_err_rrd(...) rspamd_default_log_function (G_LOG_LEVEL_CRITICAL, \ @@ -328,21 +328,21 @@ rspamd_rrd_adjust_pointers (struct rspamd_rrd_file *file, gboolean completed) static void rspamd_rrd_calculate_checksum (struct rspamd_rrd_file *file) { - guchar sigbuf[BLAKE2B_OUTBYTES]; + guchar sigbuf[rspamd_cryptobox_HASHBYTES]; struct rrd_ds_def *ds; guint i; - blake2b_state st; + rspamd_cryptobox_hash_state_t st; if (file->finalized) { - blake2b_init (&st, BLAKE2B_OUTBYTES); - blake2b_update (&st, file->filename, strlen (file->filename)); + rspamd_cryptobox_hash_init (&st, NULL, 0); + rspamd_cryptobox_hash_update (&st, file->filename, strlen (file->filename)); for (i = 0; i < file->stat_head->ds_cnt; i ++) { ds = &file->ds_def[i]; - blake2b_update (&st, ds->ds_nam, sizeof (ds->ds_nam)); + rspamd_cryptobox_hash_update (&st, ds->ds_nam, sizeof (ds->ds_nam)); } - blake2b_final (&st, sigbuf, BLAKE2B_OUTBYTES); + rspamd_cryptobox_hash_final (&st, sigbuf); file->id = rspamd_encode_base32 (sigbuf, sizeof (sigbuf)); } diff --git a/src/libutil/shingles.c b/src/libutil/shingles.c index e3bcc0f10..bc255ec65 100644 --- a/src/libutil/shingles.c +++ b/src/libutil/shingles.c @@ -24,7 +24,6 @@ #include "shingles.h" #include "fstring.h" #include "cryptobox.h" -#include "blake2.h" #define SHINGLES_WINDOW 3 @@ -38,14 +37,13 @@ rspamd_shingles_generate (GArray *input, struct rspamd_shingle *res; GArray *hashes[RSPAMD_SHINGLE_SIZE]; rspamd_sipkey_t keys[RSPAMD_SHINGLE_SIZE]; - guchar shabuf[BLAKE2B_OUTBYTES], *out_key; + guchar shabuf[rspamd_cryptobox_HASHBYTES], *out_key; const guchar *cur_key; GString *row; rspamd_ftok_t *word; - blake2b_state bs; + rspamd_cryptobox_hash_state_t bs; guint64 val; gint i, j, beg = 0; - guint8 shalen; if (pool != NULL) { res = rspamd_mempool_alloc (pool, sizeof (*res)); @@ -54,7 +52,7 @@ rspamd_shingles_generate (GArray *input, res = g_malloc (sizeof (*res)); } - blake2b_init (&bs, BLAKE2B_OUTBYTES); + rspamd_cryptobox_hash_init (&bs, NULL, 0); row = g_string_sized_new (256); cur_key = key; out_key = (guchar *)&keys[0]; @@ -68,14 +66,14 @@ rspamd_shingles_generate (GArray *input, * initial key as many times as many hashes are required and * xor left and right parts of sha256 to get a single 16 bytes SIP key. */ - shalen = sizeof (shabuf); - blake2b_update (&bs, cur_key, 16); - blake2b_final (&bs, shabuf, shalen); + rspamd_cryptobox_hash_update (&bs, cur_key, 16); + rspamd_cryptobox_hash_final (&bs, shabuf); for (j = 0; j < 16; j ++) { out_key[j] = shabuf[j]; } - blake2b_init (&bs, BLAKE2B_OUTBYTES); + + rspamd_cryptobox_hash_init (&bs, NULL, 0); cur_key = out_key; out_key += 16; } diff --git a/src/libutil/util.c b/src/libutil/util.c index 66322fc6d..d493568e0 100644 --- a/src/libutil/util.c +++ b/src/libutil/util.c @@ -75,7 +75,7 @@ #include <sys/resource.h> #endif -#include "blake2.h" +#include "cryptobox.h" /* Check log messages intensity once per minute */ #define CHECK_TIME 60 @@ -89,7 +89,7 @@ const struct rspamd_controller_pbkdf pbkdf_list[] = { .id = RSPAMD_PBKDF_ID_V1, .rounds = 16000, .salt_len = 20, - .key_len = BLAKE2B_OUTBYTES / 2 + .key_len = rspamd_cryptobox_HASHBYTES / 2 } }; |