search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
updated libtasn1 version
[gnutls.git] / extra / gnutls_openssl.c
blobe8cbe675d366b29245f16eb33cab7cecacd9ca9b
1 /*
2 * Copyright (C) 2004-2012 Free Software Foundation, Inc.
3 * Copyright (c) 2002 Andrew McDonald <andrew@mcdonald.org.uk>
4 *
5 * This file is part of GnuTLS-EXTRA.
6 *
7 * GnuTLS-extra is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * GnuTLS-extra is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include <config.h>
22
23 #include <gnutls/gnutls.h>
24 #include <openssl_compat.h>
25 #include <stdio.h>
26 #include <stdlib.h>
27 #include <string.h>
28 #include "../lib/gnutls_int.h"
29 #include "../lib/random.h"
30 #include "../lib/gnutls_hash_int.h"
31
32 /* In win32 X509_NAME is defined in wincrypt.h.
33 * undefine it to avoid the conflict with openssl.h.
34 */
35 #ifdef X509_NAME
36 # undef X509_NAME
37 #endif
38 #include <gnutls/openssl.h>
39
40 /* Gnulib re-defines shutdown on mingw. We only use it as a variable
41 name, so restore the original name. */
42 #undef shutdown
43
44 /* XXX: See lib/gnutls_int.h. */
45 #define GNUTLS_POINTER_TO_INT(_) ((int) GNUTLS_POINTER_TO_INT_CAST (_))
46 #define GNUTLS_INT_TO_POINTER(_) ((void*) GNUTLS_POINTER_TO_INT_CAST (_))
47
48 /* WARNING: Error functions aren't currently thread-safe */
49
50 static int last_error = 0;
51
52 /* Library initialisation functions */
53
54 int
55 SSL_library_init (void)
56 {
57 gnutls_global_init ();
58 /* NB: we haven't got anywhere to call gnutls_global_deinit() */
59 return 1;
60 }
61
62 void
63 OpenSSL_add_all_algorithms (void)
64 {
65 }
66
67
68 /* SSL_CTX structure handling */
69
70 SSL_CTX *
71 SSL_CTX_new (SSL_METHOD * method)
72 {
73 SSL_CTX *ctx;
74
75 ctx = (SSL_CTX *) calloc (1, sizeof (SSL_CTX));
76 ctx->method = method;
77
78 return ctx;
79 }
80
81 void
82 SSL_CTX_free (SSL_CTX * ctx)
83 {
84 free (ctx->method);
85 free (ctx);
86 }
87
88 int
89 SSL_CTX_set_default_verify_paths (SSL_CTX * ctx)
90 {
91 return 0;
92 }
93
94 int
95 SSL_CTX_use_certificate_file (SSL_CTX * ctx, const char *certfile, int type)
96 {
97 ctx->certfile = (char *) calloc (1, strlen (certfile) + 1);
98 if (!ctx->certfile)
99 return -1;
100 memcpy (ctx->certfile, certfile, strlen (certfile));
101
102 ctx->certfile_type = type;
103
104 return 1;
105 }
106
107 int
108 SSL_CTX_use_PrivateKey_file (SSL_CTX * ctx, const char *keyfile, int type)
109 {
110 ctx->keyfile = (char *) calloc (1, strlen (keyfile) + 1);
111 if (!ctx->keyfile)
112 return -1;
113 memcpy (ctx->keyfile, keyfile, strlen (keyfile));
114
115 ctx->keyfile_type = type;
116
117 return 1;
118
119 }
120
121 void
122 SSL_CTX_set_verify (SSL_CTX * ctx, int verify_mode,
123 int (*verify_callback) (int, X509_STORE_CTX *))
124 {
125 ctx->verify_mode = verify_mode;
126 ctx->verify_callback = verify_callback;
127 }
128
129 unsigned long
130 SSL_CTX_set_options (SSL_CTX * ctx, unsigned long options)
131 {
132 return (ctx->options |= options);
133 }
134
135 long
136 SSL_CTX_set_mode (SSL_CTX * ctx, long mode)
137 {
138 return 0;
139 }
140
141 int
142 SSL_CTX_set_cipher_list (SSL_CTX * ctx, const char *list)
143 {
144 /* FIXME: ignore this for the moment */
145 /* We're going to have to parse the "list" string to do this */
146 /* It is a string, which in its simplest form is something like
147 "DES-CBC3-SHA:IDEA-CBC-MD5", but can be rather more complicated
148 (see OpenSSL's ciphers(1) manpage for details) */
149
150 return 1;
151 }
152
153
154 /* SSL_CTX statistics */
155
156 long
157 SSL_CTX_sess_number (SSL_CTX * ctx)
158 {
159 return 0;
160 }
161
162 long
163 SSL_CTX_sess_connect (SSL_CTX * ctx)
164 {
165 return 0;
166 }
167
168 long
169 SSL_CTX_sess_connect_good (SSL_CTX * ctx)
170 {
171 return 0;
172 }
173
174 long
175 SSL_CTX_sess_connect_renegotiate (SSL_CTX * ctx)
176 {
177 return 0;
178 }
179
180 long
181 SSL_CTX_sess_accept (SSL_CTX * ctx)
182 {
183 return 0;
184 }
185
186 long
187 SSL_CTX_sess_accept_good (SSL_CTX * ctx)
188 {
189 return 0;
190 }
191
192 long
193 SSL_CTX_sess_accept_renegotiate (SSL_CTX * ctx)
194 {
195 return 0;
196 }
197
198 long
199 SSL_CTX_sess_hits (SSL_CTX * ctx)
200 {
201 return 0;
202 }
203
204 long
205 SSL_CTX_sess_misses (SSL_CTX * ctx)
206 {
207 return 0;
208 }
209
210 long
211 SSL_CTX_sess_timeouts (SSL_CTX * ctx)
212 {
213 return 0;
214 }
215
216
217
218 /* SSL structure handling */
219
220 SSL *
221 SSL_new (SSL_CTX * ctx)
222 {
223 SSL *ssl;
224 int err;
225
226 ssl = (SSL *) calloc (1, sizeof (SSL));
227 if (!ssl)
228 return NULL;
229
230 err = gnutls_certificate_allocate_credentials (&ssl->gnutls_cred);
231 if (err < 0)
232 {
233 last_error = err;
234 free (ssl);
235 return NULL;
236 }
237
238 gnutls_init (&ssl->gnutls_state, ctx->method->connend);
239
240 gnutls_priority_set_direct (ssl->gnutls_state,
241 ctx->method->priority_string, NULL);
242
243 gnutls_credentials_set (ssl->gnutls_state, GNUTLS_CRD_CERTIFICATE,
244 ssl->gnutls_cred);
245 if (ctx->certfile)
246 gnutls_certificate_set_x509_trust_file (ssl->gnutls_cred,
247 ctx->certfile,
248 ctx->certfile_type);
249 if (ctx->keyfile)
250 gnutls_certificate_set_x509_key_file (ssl->gnutls_cred,
251 ctx->certfile, ctx->keyfile,
252 ctx->keyfile_type);
253 ssl->ctx = ctx;
254 ssl->verify_mode = ctx->verify_mode;
255 ssl->verify_callback = ctx->verify_callback;
256
257 ssl->options = ctx->options;
258
259 ssl->rfd = (gnutls_transport_ptr_t) - 1;
260 ssl->wfd = (gnutls_transport_ptr_t) - 1;
261
262 return ssl;
263 }
264
265 void
266 SSL_free (SSL * ssl)
267 {
268 gnutls_certificate_free_credentials (ssl->gnutls_cred);
269 gnutls_deinit (ssl->gnutls_state);
270 free (ssl);
271 }
272
273 void
274 SSL_load_error_strings (void)
275 {
276 }
277
278 int
279 SSL_get_error (SSL * ssl, int ret)
280 {
281 if (ret > 0)
282 return SSL_ERROR_NONE;
283
284 return SSL_ERROR_ZERO_RETURN;
285 }
286
287 int
288 SSL_set_fd (SSL * ssl, int fd)
289 {
290 gnutls_transport_set_ptr (ssl->gnutls_state, GNUTLS_INT_TO_POINTER (fd));
291 return 1;
292 }
293
294 int
295 SSL_set_rfd (SSL * ssl, int fd)
296 {
297 ssl->rfd = GNUTLS_INT_TO_POINTER (fd);
298
299 if (ssl->wfd != (gnutls_transport_ptr_t) - 1)
300 gnutls_transport_set_ptr2 (ssl->gnutls_state, ssl->rfd, ssl->wfd);
301
302 return 1;
303 }
304
305 int
306 SSL_set_wfd (SSL * ssl, int fd)
307 {
308 ssl->wfd = GNUTLS_INT_TO_POINTER (fd);
309
310 if (ssl->rfd != (gnutls_transport_ptr_t) - 1)
311 gnutls_transport_set_ptr2 (ssl->gnutls_state, ssl->rfd, ssl->wfd);
312
313 return 1;
314 }
315
316 void
317 SSL_set_bio (SSL * ssl, BIO * rbio, BIO * wbio)
318 {
319 gnutls_transport_set_ptr2 (ssl->gnutls_state, rbio->fd, wbio->fd);
320 /* free(BIO); ? */
321 }
322
323 void
324 SSL_set_connect_state (SSL * ssl)
325 {
326 }
327
328 int
329 SSL_pending (SSL * ssl)
330 {
331 return gnutls_record_check_pending (ssl->gnutls_state);
332 }
333
334 void
335 SSL_set_verify (SSL * ssl, int verify_mode,
336 int (*verify_callback) (int, X509_STORE_CTX *))
337 {
338 ssl->verify_mode = verify_mode;
339 ssl->verify_callback = verify_callback;
340 }
341
342 const X509 *
343 SSL_get_peer_certificate (SSL * ssl)
344 {
345 const gnutls_datum_t *cert_list;
346 unsigned int cert_list_size = 0;
347
348 cert_list = gnutls_certificate_get_peers (ssl->gnutls_state,
349 &cert_list_size);
350
351 return cert_list;
352 }
353
354 /* SSL connection open/close/read/write functions */
355
356 int
357 SSL_connect (SSL * ssl)
358 {
359 X509_STORE_CTX *store;
360 unsigned int cert_list_size = 0;
361 int err;
362 char x_priority[256];
363 /* take options into account before connecting */
364
365 memset (x_priority, 0, sizeof (x_priority));
366 if (ssl->options & SSL_OP_NO_TLSv1)
367 {
368 snprintf(x_priority, sizeof(x_priority), "%s:-VERS-TLS1.0", ssl->ctx->method->priority_string);
369 err = gnutls_priority_set_direct(ssl->gnutls_state, x_priority, NULL);
370 if (err < 0)
371 {
372 last_error = err;
373 return 0;
374 }
375 }
376
377 err = gnutls_handshake (ssl->gnutls_state);
378 ssl->last_error = err;
379
380 if (err < 0)
381 {
382 last_error = err;
383 return 0;
384 }
385
386 store = (X509_STORE_CTX *) calloc (1, sizeof (X509_STORE_CTX));
387 store->ssl = ssl;
388 store->cert_list = gnutls_certificate_get_peers (ssl->gnutls_state,
389 &cert_list_size);
390
391 if (ssl->verify_callback)
392 {
393 ssl->verify_callback (1 /*FIXME*/, store);
394 }
395 ssl->state = SSL_ST_OK;
396
397 err = store->error;
398 free (store);
399
400 /* FIXME: deal with error from callback */
401
402 return 1;
403 }
404
405 int
406 SSL_accept (SSL * ssl)
407 {
408 X509_STORE_CTX *store;
409 unsigned int cert_list_size = 0;
410 int err;
411 char x_priority[256];
412 /* take options into account before connecting */
413
414 memset (x_priority, 0, sizeof (x_priority));
415 if (ssl->options & SSL_OP_NO_TLSv1)
416 {
417 snprintf(x_priority, sizeof(x_priority), "%s:-VERS-TLS1.0", ssl->ctx->method->priority_string);
418 err = gnutls_priority_set_direct(ssl->gnutls_state, x_priority, NULL);
419 if (err < 0)
420 {
421 last_error = err;
422 return 0;
423 }
424 }
425
426 /* FIXME: dh params, do we want client cert? */
427
428 err = gnutls_handshake (ssl->gnutls_state);
429 ssl->last_error = err;
430
431 if (err < 0)
432 {
433 last_error = err;
434 return 0;
435 }
436
437 store = (X509_STORE_CTX *) calloc (1, sizeof (X509_STORE_CTX));
438 store->ssl = ssl;
439 store->cert_list = gnutls_certificate_get_peers (ssl->gnutls_state,
440 &cert_list_size);
441
442 if (ssl->verify_callback)
443 {
444 ssl->verify_callback (1 /*FIXME*/, store);
445 }
446 ssl->state = SSL_ST_OK;
447
448 err = store->error;
449 free (store);
450
451 /* FIXME: deal with error from callback */
452
453 return 1;
454 }
455
456 int
457 SSL_shutdown (SSL * ssl)
458 {
459 if (!ssl->shutdown)
460 {
461 gnutls_bye (ssl->gnutls_state, GNUTLS_SHUT_WR);
462 ssl->shutdown++;
463 }
464 else
465 {
466 gnutls_bye (ssl->gnutls_state, GNUTLS_SHUT_RDWR);
467 ssl->shutdown++;
468 }
469
470 /* FIXME */
471 return 1;
472 }
473
474 int
475 SSL_read (SSL * ssl, void *buf, int len)
476 {
477 int ret;
478
479 ret = gnutls_record_recv (ssl->gnutls_state, buf, len);
480 ssl->last_error = ret;
481
482 if (ret < 0)
483 {
484 last_error = ret;
485 return 0;
486 }
487
488 return ret;
489 }
490
491 int
492 SSL_write (SSL * ssl, const void *buf, int len)
493 {
494 int ret;
495
496 ret = gnutls_record_send (ssl->gnutls_state, buf, len);
497 ssl->last_error = ret;
498
499 if (ret < 0)
500 {
501 last_error = ret;
502 return 0;
503 }
504
505 return ret;
506 }
507
508 int
509 SSL_want (SSL * ssl)
510 {
511 return SSL_NOTHING;
512 }
513
514
515 /* SSL_METHOD functions */
516
517 SSL_METHOD *
518 SSLv23_client_method (void)
519 {
520 SSL_METHOD *m;
521 m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD));
522 if (!m)
523 return NULL;
524
525 strcpy(m->priority_string, "NONE:+VERS-TLS1.0:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
526
527 m->connend = GNUTLS_CLIENT;
528
529 return m;
530 }
531
532 SSL_METHOD *
533 SSLv23_server_method (void)
534 {
535 SSL_METHOD *m;
536 m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD));
537 if (!m)
538 return NULL;
539
540 strcpy(m->priority_string, "NONE:+VERS-TLS1.0:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
541 m->connend = GNUTLS_SERVER;
542
543 return m;
544 }
545
546 SSL_METHOD *
547 SSLv3_client_method (void)
548 {
549 SSL_METHOD *m;
550 m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD));
551 if (!m)
552 return NULL;
553
554 strcpy(m->priority_string, "NONE:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
555 m->connend = GNUTLS_CLIENT;
556
557 return m;
558 }
559
560 SSL_METHOD *
561 SSLv3_server_method (void)
562 {
563 SSL_METHOD *m;
564 m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD));
565 if (!m)
566 return NULL;
567
568 strcpy(m->priority_string, "NONE:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
569 m->connend = GNUTLS_SERVER;
570
571 return m;
572 }
573
574 SSL_METHOD *
575 TLSv1_client_method (void)
576 {
577 SSL_METHOD *m;
578 m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD));
579 if (!m)
580 return NULL;
581
582 strcpy(m->priority_string, "NONE:+VERS-TLS1.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
583 m->connend = GNUTLS_CLIENT;
584
585 return m;
586 }
587
588 SSL_METHOD *
589 TLSv1_server_method (void)
590 {
591 SSL_METHOD *m;
592 m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD));
593 if (!m)
594 return NULL;
595
596 strcpy(m->priority_string, "NONE:+VERS-TLS1.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
597 m->connend = GNUTLS_SERVER;
598
599 return m;
600 }
601
602
603 /* SSL_CIPHER functions */
604
605 SSL_CIPHER *
606 SSL_get_current_cipher (SSL * ssl)
607 {
608 if (!ssl)
609 return NULL;
610
611 ssl->ciphersuite.version = gnutls_protocol_get_version (ssl->gnutls_state);
612 ssl->ciphersuite.cipher = gnutls_cipher_get (ssl->gnutls_state);
613 ssl->ciphersuite.kx = gnutls_kx_get (ssl->gnutls_state);
614 ssl->ciphersuite.mac = gnutls_mac_get (ssl->gnutls_state);
615 ssl->ciphersuite.compression = gnutls_compression_get (ssl->gnutls_state);
616 ssl->ciphersuite.cert = gnutls_certificate_type_get (ssl->gnutls_state);
617
618 return &(ssl->ciphersuite);
619 }
620
621 const char *
622 SSL_CIPHER_get_name (SSL_CIPHER * cipher)
623 {
624 if (!cipher)
625 return ("NONE");
626
627 return gnutls_cipher_suite_get_name (cipher->kx,
628 cipher->cipher, cipher->mac);
629 }
630
631 int
632 SSL_CIPHER_get_bits (SSL_CIPHER * cipher, int *bits)
633 {
634 int bit_result;
635
636 if (!cipher)
637 return 0;
638
639 bit_result = (8 * gnutls_cipher_get_key_size (cipher->cipher));
640
641 if (bits)
642 *bits = bit_result;
643
644 return bit_result;
645 }
646
647 const char *
648 SSL_CIPHER_get_version (SSL_CIPHER * cipher)
649 {
650 const char *ret;
651
652 if (!cipher)
653 return ("(NONE)");
654
655 ret = gnutls_protocol_get_name (cipher->version);
656 if (ret)
657 return ret;
658
659 return ("unknown");
660 }
661
662 char *
663 SSL_CIPHER_description (SSL_CIPHER * cipher, char *buf, int size)
664 {
665 char *tmpbuf;
666 int tmpsize;
667 int local_alloc;
668
669 if (buf)
670 {
671 tmpbuf = buf;
672 tmpsize = size;
673 local_alloc = 0;
674 }
675 else
676 {
677 tmpbuf = (char *) malloc (128);
678 tmpsize = 128;
679 local_alloc = 1;
680 }
681
682 if (snprintf (tmpbuf, tmpsize, "%s %s %s %s",
683 gnutls_protocol_get_name (cipher->version),
684 gnutls_kx_get_name (cipher->kx),
685 gnutls_cipher_get_name (cipher->cipher),
686 gnutls_mac_get_name (cipher->mac)) == -1)
687 {
688 if (local_alloc)
689 free (tmpbuf);
690 return (char *) "Buffer too small";
691 }
692
693 return tmpbuf;
694 }
695
696
697 /* X509 functions */
698
699 X509_NAME *
700 X509_get_subject_name (const X509 * cert)
701 {
702 gnutls_x509_dn *dn;
703 dn = (gnutls_x509_dn *) calloc (1, sizeof (gnutls_x509_dn));
704 if (gnutls_x509_extract_certificate_dn (cert, dn) < 0)
705 {
706 free (dn);
707 return NULL;
708 }
709 return dn;
710 }
711
712 X509_NAME *
713 X509_get_issuer_name (const X509 * cert)
714 {
715 gnutls_x509_dn *dn;
716 dn = (gnutls_x509_dn *) calloc (1, sizeof (gnutls_x509_dn));
717 if (gnutls_x509_extract_certificate_issuer_dn (cert, dn) < 0)
718 {
719 free (dn);
720 return NULL;
721 }
722 return dn;
723 }
724
725 char *
726 X509_NAME_oneline (gnutls_x509_dn * name, char *buf, int len)
727 {
728 /* XXX openssl allocates buffer if buf == NULL */
729 if (!buf)
730 return NULL;
731 memset (buf, 0, len);
732
733 snprintf (buf, len - 1,
734 "C=%s, ST=%s, L=%s, O=%s, OU=%s, CN=%s/Email=%s",
735 name->country, name->state_or_province_name,
736 name->locality_name, name->organization,
737 name->organizational_unit_name, name->common_name, name->email);
738 return buf;
739 }
740
741 void
742 X509_free (const X509 * cert)
743 {
744 /* only get certificates as const items */
745 }
746
747
748 /* BIO functions */
749
750 void
751 BIO_get_fd (gnutls_session_t gnutls_state, int *fd)
752 {
753 gnutls_transport_ptr_t tmp = gnutls_transport_get_ptr (gnutls_state);
754 *fd = GNUTLS_POINTER_TO_INT (tmp);
755 }
756
757 BIO *
758 BIO_new_socket (int sock, int close_flag)
759 {
760 BIO *bio;
761
762 bio = (BIO *) malloc (sizeof (BIO));
763 if (!bio)
764 return NULL;
765
766 bio->fd = GNUTLS_INT_TO_POINTER (sock);
767
768 return bio;
769 }
770
771
772 /* error handling */
773
774 unsigned long
775 ERR_get_error (void)
776 {
777 unsigned long ret;
778
779 ret = -1 * last_error;
780 last_error = 0;
781
782 return ret;
783 }
784
785 const char *
786 ERR_error_string (unsigned long e, char *buf)
787 {
788 return gnutls_strerror (-1 * e);
789 }
790
791
792 /* RAND functions */
793
794 int
795 RAND_status (void)
796 {
797 return 1;
798 }
799
800 void
801 RAND_seed (const void *buf, int num)
802 {
803 }
804
805 int
806 RAND_bytes (unsigned char *buf, int num)
807 {
808 gnutls_rnd (GNUTLS_RND_RANDOM, buf, num);
809 return 1;
810 }
811
812 int
813 RAND_pseudo_bytes (unsigned char *buf, int num)
814 {
815 gnutls_rnd (GNUTLS_RND_NONCE, buf, num);
816 return 1;
817 }
818
819 const char *
820 RAND_file_name (char *buf, size_t len)
821 {
822 return "";
823 }
824
825 int
826 RAND_load_file (const char *name, long maxbytes)
827 {
828 return maxbytes;
829 }
830
831 int
832 RAND_write_file (const char *name)
833 {
834 return 0;
835 }
836
837 int
838 RAND_egd_bytes (const char *path, int bytes)
839 {
840 /* fake it */
841 return bytes;
842 }
843
844
845 /* message digest functions */
846
847 void
848 MD5_Init (MD5_CTX * ctx)
849 {
850 ctx->handle = gnutls_malloc (sizeof (digest_hd_st));
851 if (!ctx->handle)
852 abort ();
853 _gnutls_hash_init (ctx->handle, GNUTLS_DIG_MD5);
854 }
855
856 void
857 MD5_Update (MD5_CTX * ctx, const void *buf, int len)
858 {
859 _gnutls_hash (ctx->handle, buf, len);
860 }
861
862 void
863 MD5_Final (unsigned char *md, MD5_CTX * ctx)
864 {
865 _gnutls_hash_deinit (ctx->handle, md);
866 gnutls_free (ctx->handle);
867 }
868
869 unsigned char *
870 MD5 (const unsigned char *buf, unsigned long len, unsigned char *md)
871 {
872 if (!md)
873 return NULL;
874
875 _gnutls_hash_fast (GNUTLS_DIG_MD5, buf, len, md);
876
877 return md;
878 }
879
880 void
881 RIPEMD160_Init (RIPEMD160_CTX * ctx)
882 {
883 ctx->handle = gnutls_malloc (sizeof (digest_hd_st));
884 if (!ctx->handle)
885 abort ();
886 _gnutls_hash_init (ctx->handle, GNUTLS_DIG_RMD160);
887 }
888
889 void
890 RIPEMD160_Update (RIPEMD160_CTX * ctx, const void *buf, int len)
891 {
892 _gnutls_hash (ctx->handle, buf, len);
893 }
894
895 void
896 RIPEMD160_Final (unsigned char *md, RIPEMD160_CTX * ctx)
897 {
898 _gnutls_hash_deinit (ctx->handle, md);
899 gnutls_free (ctx->handle);
900 }
901
902 unsigned char *
903 RIPEMD160 (const unsigned char *buf, unsigned long len, unsigned char *md)
904 {
905 if (!md)
906 return NULL;
907
908 _gnutls_hash_fast (GNUTLS_DIG_RMD160, buf, len, md);
909
910 return md;
911 }
Implementation of the SSL/TLS protocol