search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Added new gnulib
[gnutls.git] / libextra / gnutls_openssl.c
blob5eadc94f3b325ed8270040e26116fb3d526a2b5c
1 /*
2 * Copyright (C) 2004, 2005, 2006, 2008, 2010 Free Software Foundation,
3 * Inc.
4 * Copyright (c) 2002 Andrew McDonald <andrew@mcdonald.org.uk>
5 *
6 * This file is part of GnuTLS-EXTRA.
7 *
8 * GnuTLS-extra is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * GnuTLS-extra is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include <config.h>
23
24 #include <gnutls/gnutls.h>
25 #include <openssl_compat.h>
26 #include <stdio.h>
27 #include <stdlib.h>
28 #include <string.h>
29 #include <gnutls/openssl.h>
30 #include "../lib/gnutls_int.h"
31 #include "../lib/random.h"
32 #include "../lib/gnutls_hash_int.h"
33
34 /* Gnulib re-defines shutdown on mingw. We only use it as a variable
35 name, so restore the original name. */
36 #undef shutdown
37
38 /* XXX: See lib/gnutls_int.h. */
39 #define GNUTLS_POINTER_TO_INT(_) ((int) GNUTLS_POINTER_TO_INT_CAST (_))
40 #define GNUTLS_INT_TO_POINTER(_) ((void*) GNUTLS_POINTER_TO_INT_CAST (_))
41
42 /* WARNING: Error functions aren't currently thread-safe */
43
44 static int last_error = 0;
45
46 /* Library initialisation functions */
47
48 int
49 SSL_library_init (void)
50 {
51 gnutls_global_init ();
52 /* NB: we haven't got anywhere to call gnutls_global_deinit() */
53 return 1;
54 }
55
56 void
57 OpenSSL_add_all_algorithms (void)
58 {
59 }
60
61
62 /* SSL_CTX structure handling */
63
64 SSL_CTX *
65 SSL_CTX_new (SSL_METHOD * method)
66 {
67 SSL_CTX *ctx;
68
69 ctx = (SSL_CTX *) calloc (1, sizeof (SSL_CTX));
70 ctx->method = method;
71
72 return ctx;
73 }
74
75 void
76 SSL_CTX_free (SSL_CTX * ctx)
77 {
78 free (ctx->method);
79 free (ctx);
80 }
81
82 int
83 SSL_CTX_set_default_verify_paths (SSL_CTX * ctx)
84 {
85 return 0;
86 }
87
88 int
89 SSL_CTX_use_certificate_file (SSL_CTX * ctx, const char *certfile, int type)
90 {
91 ctx->certfile = (char *) calloc (1, strlen (certfile) + 1);
92 if (!ctx->certfile)
93 return -1;
94 memcpy (ctx->certfile, certfile, strlen (certfile));
95
96 ctx->certfile_type = type;
97
98 return 1;
99 }
100
101 int
102 SSL_CTX_use_PrivateKey_file (SSL_CTX * ctx, const char *keyfile, int type)
103 {
104 ctx->keyfile = (char *) calloc (1, strlen (keyfile) + 1);
105 if (!ctx->keyfile)
106 return -1;
107 memcpy (ctx->keyfile, keyfile, strlen (keyfile));
108
109 ctx->keyfile_type = type;
110
111 return 1;
112
113 }
114
115 void
116 SSL_CTX_set_verify (SSL_CTX * ctx, int verify_mode,
117 int (*verify_callback) (int, X509_STORE_CTX *))
118 {
119 ctx->verify_mode = verify_mode;
120 ctx->verify_callback = verify_callback;
121 }
122
123 unsigned long
124 SSL_CTX_set_options (SSL_CTX * ctx, unsigned long options)
125 {
126 return (ctx->options |= options);
127 }
128
129 long
130 SSL_CTX_set_mode (SSL_CTX * ctx, long mode)
131 {
132 return 0;
133 }
134
135 int
136 SSL_CTX_set_cipher_list (SSL_CTX * ctx, const char *list)
137 {
138 /* FIXME: ignore this for the moment */
139 /* We're going to have to parse the "list" string to do this */
140 /* It is a string, which in its simplest form is something like
141 "DES-CBC3-SHA:IDEA-CBC-MD5", but can be rather more complicated
142 (see OpenSSL's ciphers(1) manpage for details) */
143
144 return 1;
145 }
146
147
148 /* SSL_CTX statistics */
149
150 long
151 SSL_CTX_sess_number (SSL_CTX * ctx)
152 {
153 return 0;
154 }
155
156 long
157 SSL_CTX_sess_connect (SSL_CTX * ctx)
158 {
159 return 0;
160 }
161
162 long
163 SSL_CTX_sess_connect_good (SSL_CTX * ctx)
164 {
165 return 0;
166 }
167
168 long
169 SSL_CTX_sess_connect_renegotiate (SSL_CTX * ctx)
170 {
171 return 0;
172 }
173
174 long
175 SSL_CTX_sess_accept (SSL_CTX * ctx)
176 {
177 return 0;
178 }
179
180 long
181 SSL_CTX_sess_accept_good (SSL_CTX * ctx)
182 {
183 return 0;
184 }
185
186 long
187 SSL_CTX_sess_accept_renegotiate (SSL_CTX * ctx)
188 {
189 return 0;
190 }
191
192 long
193 SSL_CTX_sess_hits (SSL_CTX * ctx)
194 {
195 return 0;
196 }
197
198 long
199 SSL_CTX_sess_misses (SSL_CTX * ctx)
200 {
201 return 0;
202 }
203
204 long
205 SSL_CTX_sess_timeouts (SSL_CTX * ctx)
206 {
207 return 0;
208 }
209
210
211
212 /* SSL structure handling */
213
214 SSL *
215 SSL_new (SSL_CTX * ctx)
216 {
217 SSL *ssl;
218 int err;
219
220 ssl = (SSL *) calloc (1, sizeof (SSL));
221 if (!ssl)
222 return NULL;
223
224 err = gnutls_certificate_allocate_credentials (&ssl->gnutls_cred);
225 if (err < 0)
226 {
227 last_error = err;
228 free (ssl);
229 return NULL;
230 }
231
232 gnutls_init (&ssl->gnutls_state, ctx->method->connend);
233
234 gnutls_priority_set_direct (ssl->gnutls_state,
235 ctx->method->priority_string, NULL);
236
237 gnutls_credentials_set (ssl->gnutls_state, GNUTLS_CRD_CERTIFICATE,
238 ssl->gnutls_cred);
239 if (ctx->certfile)
240 gnutls_certificate_set_x509_trust_file (ssl->gnutls_cred,
241 ctx->certfile,
242 ctx->certfile_type);
243 if (ctx->keyfile)
244 gnutls_certificate_set_x509_key_file (ssl->gnutls_cred,
245 ctx->certfile, ctx->keyfile,
246 ctx->keyfile_type);
247 ssl->ctx = ctx;
248 ssl->verify_mode = ctx->verify_mode;
249 ssl->verify_callback = ctx->verify_callback;
250
251 ssl->options = ctx->options;
252
253 ssl->rfd = (gnutls_transport_ptr_t) - 1;
254 ssl->wfd = (gnutls_transport_ptr_t) - 1;
255
256 return ssl;
257 }
258
259 void
260 SSL_free (SSL * ssl)
261 {
262 gnutls_certificate_free_credentials (ssl->gnutls_cred);
263 gnutls_deinit (ssl->gnutls_state);
264 free (ssl);
265 }
266
267 void
268 SSL_load_error_strings (void)
269 {
270 }
271
272 int
273 SSL_get_error (SSL * ssl, int ret)
274 {
275 if (ret > 0)
276 return SSL_ERROR_NONE;
277
278 return SSL_ERROR_ZERO_RETURN;
279 }
280
281 int
282 SSL_set_fd (SSL * ssl, int fd)
283 {
284 gnutls_transport_set_ptr (ssl->gnutls_state, GNUTLS_INT_TO_POINTER (fd));
285 return 1;
286 }
287
288 int
289 SSL_set_rfd (SSL * ssl, int fd)
290 {
291 ssl->rfd = GNUTLS_INT_TO_POINTER (fd);
292
293 if (ssl->wfd != (gnutls_transport_ptr_t) - 1)
294 gnutls_transport_set_ptr2 (ssl->gnutls_state, ssl->rfd, ssl->wfd);
295
296 return 1;
297 }
298
299 int
300 SSL_set_wfd (SSL * ssl, int fd)
301 {
302 ssl->wfd = GNUTLS_INT_TO_POINTER (fd);
303
304 if (ssl->rfd != (gnutls_transport_ptr_t) - 1)
305 gnutls_transport_set_ptr2 (ssl->gnutls_state, ssl->rfd, ssl->wfd);
306
307 return 1;
308 }
309
310 void
311 SSL_set_bio (SSL * ssl, BIO * rbio, BIO * wbio)
312 {
313 gnutls_transport_set_ptr2 (ssl->gnutls_state, rbio->fd, wbio->fd);
314 /* free(BIO); ? */
315 }
316
317 void
318 SSL_set_connect_state (SSL * ssl)
319 {
320 }
321
322 int
323 SSL_pending (SSL * ssl)
324 {
325 return gnutls_record_check_pending (ssl->gnutls_state);
326 }
327
328 void
329 SSL_set_verify (SSL * ssl, int verify_mode,
330 int (*verify_callback) (int, X509_STORE_CTX *))
331 {
332 ssl->verify_mode = verify_mode;
333 ssl->verify_callback = verify_callback;
334 }
335
336 const X509 *
337 SSL_get_peer_certificate (SSL * ssl)
338 {
339 const gnutls_datum_t *cert_list;
340 int cert_list_size = 0;
341
342 cert_list = gnutls_certificate_get_peers (ssl->gnutls_state,
343 &cert_list_size);
344
345 return cert_list;
346 }
347
348 /* SSL connection open/close/read/write functions */
349
350 int
351 SSL_connect (SSL * ssl)
352 {
353 X509_STORE_CTX *store;
354 int cert_list_size = 0;
355 int err;
356 char x_priority[256];
357 /* take options into account before connecting */
358
359 memset (x_priority, 0, sizeof (x_priority));
360 if (ssl->options & SSL_OP_NO_TLSv1)
361 {
362 snprintf(x_priority, sizeof(x_priority), "%s:-VERS-TLS1.0", ssl->ctx->method->priority_string);
363 err = gnutls_priority_set_direct(ssl->gnutls_state, x_priority, NULL);
364 if (err < 0)
365 {
366 last_error = err;
367 return 0;
368 }
369 }
370
371 err = gnutls_handshake (ssl->gnutls_state);
372 ssl->last_error = err;
373
374 if (err < 0)
375 {
376 last_error = err;
377 return 0;
378 }
379
380 store = (X509_STORE_CTX *) calloc (1, sizeof (X509_STORE_CTX));
381 store->ssl = ssl;
382 store->cert_list = gnutls_certificate_get_peers (ssl->gnutls_state,
383 &cert_list_size);
384
385 if (ssl->verify_callback)
386 {
387 ssl->verify_callback (1 /*FIXME*/, store);
388 }
389 ssl->state = SSL_ST_OK;
390
391 err = store->error;
392 free (store);
393
394 /* FIXME: deal with error from callback */
395
396 return 1;
397 }
398
399 int
400 SSL_accept (SSL * ssl)
401 {
402 X509_STORE_CTX *store;
403 int cert_list_size = 0;
404 int err;
405 char x_priority[256];
406 /* take options into account before connecting */
407
408 memset (x_priority, 0, sizeof (x_priority));
409 if (ssl->options & SSL_OP_NO_TLSv1)
410 {
411 snprintf(x_priority, sizeof(x_priority), "%s:-VERS-TLS1.0", ssl->ctx->method->priority_string);
412 err = gnutls_priority_set_direct(ssl->gnutls_state, x_priority, NULL);
413 if (err < 0)
414 {
415 last_error = err;
416 return 0;
417 }
418 }
419
420 /* FIXME: dh params, do we want client cert? */
421
422 err = gnutls_handshake (ssl->gnutls_state);
423 ssl->last_error = err;
424
425 if (err < 0)
426 {
427 last_error = err;
428 return 0;
429 }
430
431 store = (X509_STORE_CTX *) calloc (1, sizeof (X509_STORE_CTX));
432 store->ssl = ssl;
433 store->cert_list = gnutls_certificate_get_peers (ssl->gnutls_state,
434 &cert_list_size);
435
436 if (ssl->verify_callback)
437 {
438 ssl->verify_callback (1 /*FIXME*/, store);
439 }
440 ssl->state = SSL_ST_OK;
441
442 err = store->error;
443 free (store);
444
445 /* FIXME: deal with error from callback */
446
447 return 1;
448 }
449
450 int
451 SSL_shutdown (SSL * ssl)
452 {
453 if (!ssl->shutdown)
454 {
455 gnutls_bye (ssl->gnutls_state, GNUTLS_SHUT_WR);
456 ssl->shutdown++;
457 }
458 else
459 {
460 gnutls_bye (ssl->gnutls_state, GNUTLS_SHUT_RDWR);
461 ssl->shutdown++;
462 }
463
464 /* FIXME */
465 return 1;
466 }
467
468 int
469 SSL_read (SSL * ssl, void *buf, int len)
470 {
471 int ret;
472
473 ret = gnutls_record_recv (ssl->gnutls_state, buf, len);
474 ssl->last_error = ret;
475
476 if (ret < 0)
477 {
478 last_error = ret;
479 return 0;
480 }
481
482 return ret;
483 }
484
485 int
486 SSL_write (SSL * ssl, const void *buf, int len)
487 {
488 int ret;
489
490 ret = gnutls_record_send (ssl->gnutls_state, buf, len);
491 ssl->last_error = ret;
492
493 if (ret < 0)
494 {
495 last_error = ret;
496 return 0;
497 }
498
499 return ret;
500 }
501
502 int
503 SSL_want (SSL * ssl)
504 {
505 return SSL_NOTHING;
506 }
507
508
509 /* SSL_METHOD functions */
510
511 SSL_METHOD *
512 SSLv23_client_method (void)
513 {
514 SSL_METHOD *m;
515 m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD));
516 if (!m)
517 return NULL;
518
519 strcpy(m->priority_string, "NONE:+VERS-TLS1.0:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
520
521 m->connend = GNUTLS_CLIENT;
522
523 return m;
524 }
525
526 SSL_METHOD *
527 SSLv23_server_method (void)
528 {
529 SSL_METHOD *m;
530 m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD));
531 if (!m)
532 return NULL;
533
534 strcpy(m->priority_string, "NONE:+VERS-TLS1.0:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
535 m->connend = GNUTLS_SERVER;
536
537 return m;
538 }
539
540 SSL_METHOD *
541 SSLv3_client_method (void)
542 {
543 SSL_METHOD *m;
544 m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD));
545 if (!m)
546 return NULL;
547
548 strcpy(m->priority_string, "NONE:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
549 m->connend = GNUTLS_CLIENT;
550
551 return m;
552 }
553
554 SSL_METHOD *
555 SSLv3_server_method (void)
556 {
557 SSL_METHOD *m;
558 m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD));
559 if (!m)
560 return NULL;
561
562 strcpy(m->priority_string, "NONE:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
563 m->connend = GNUTLS_SERVER;
564
565 return m;
566 }
567
568 SSL_METHOD *
569 TLSv1_client_method (void)
570 {
571 SSL_METHOD *m;
572 m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD));
573 if (!m)
574 return NULL;
575
576 strcpy(m->priority_string, "NONE:+VERS-TLS1.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
577 m->connend = GNUTLS_CLIENT;
578
579 return m;
580 }
581
582 SSL_METHOD *
583 TLSv1_server_method (void)
584 {
585 SSL_METHOD *m;
586 m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD));
587 if (!m)
588 return NULL;
589
590 strcpy(m->priority_string, "NONE:+VERS-TLS1.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
591 m->connend = GNUTLS_SERVER;
592
593 return m;
594 }
595
596
597 /* SSL_CIPHER functions */
598
599 SSL_CIPHER *
600 SSL_get_current_cipher (SSL * ssl)
601 {
602 if (!ssl)
603 return NULL;
604
605 ssl->ciphersuite.version = gnutls_protocol_get_version (ssl->gnutls_state);
606 ssl->ciphersuite.cipher = gnutls_cipher_get (ssl->gnutls_state);
607 ssl->ciphersuite.kx = gnutls_kx_get (ssl->gnutls_state);
608 ssl->ciphersuite.mac = gnutls_mac_get (ssl->gnutls_state);
609 ssl->ciphersuite.compression = gnutls_compression_get (ssl->gnutls_state);
610 ssl->ciphersuite.cert = gnutls_certificate_type_get (ssl->gnutls_state);
611
612 return &(ssl->ciphersuite);
613 }
614
615 const char *
616 SSL_CIPHER_get_name (SSL_CIPHER * cipher)
617 {
618 if (!cipher)
619 return ("NONE");
620
621 return gnutls_cipher_suite_get_name (cipher->kx,
622 cipher->cipher, cipher->mac);
623 }
624
625 int
626 SSL_CIPHER_get_bits (SSL_CIPHER * cipher, int *bits)
627 {
628 int bit_result;
629
630 if (!cipher)
631 return 0;
632
633 bit_result = (8 * gnutls_cipher_get_key_size (cipher->cipher));
634
635 if (bits)
636 *bits = bit_result;
637
638 return bit_result;
639 }
640
641 const char *
642 SSL_CIPHER_get_version (SSL_CIPHER * cipher)
643 {
644 const char *ret;
645
646 if (!cipher)
647 return ("(NONE)");
648
649 ret = gnutls_protocol_get_name (cipher->version);
650 if (ret)
651 return ret;
652
653 return ("unknown");
654 }
655
656 char *
657 SSL_CIPHER_description (SSL_CIPHER * cipher, char *buf, int size)
658 {
659 char *tmpbuf;
660 int tmpsize;
661 int local_alloc;
662
663 if (buf)
664 {
665 tmpbuf = buf;
666 tmpsize = size;
667 local_alloc = 0;
668 }
669 else
670 {
671 tmpbuf = (char *) malloc (128);
672 tmpsize = 128;
673 local_alloc = 1;
674 }
675
676 if (snprintf (tmpbuf, tmpsize, "%s %s %s %s",
677 gnutls_protocol_get_name (cipher->version),
678 gnutls_kx_get_name (cipher->kx),
679 gnutls_cipher_get_name (cipher->cipher),
680 gnutls_mac_get_name (cipher->mac)) == -1)
681 {
682 if (local_alloc)
683 free (tmpbuf);
684 return (char *) "Buffer too small";
685 }
686
687 return tmpbuf;
688 }
689
690
691 /* X509 functions */
692
693 X509_NAME *
694 X509_get_subject_name (const X509 * cert)
695 {
696 gnutls_x509_dn *dn;
697 dn = (gnutls_x509_dn *) calloc (1, sizeof (gnutls_x509_dn));
698 if (gnutls_x509_extract_certificate_dn (cert, dn) < 0)
699 {
700 free (dn);
701 return NULL;
702 }
703 return dn;
704 }
705
706 X509_NAME *
707 X509_get_issuer_name (const X509 * cert)
708 {
709 gnutls_x509_dn *dn;
710 dn = (gnutls_x509_dn *) calloc (1, sizeof (gnutls_x509_dn));
711 if (gnutls_x509_extract_certificate_issuer_dn (cert, dn) < 0)
712 {
713 free (dn);
714 return NULL;
715 }
716 return dn;
717 }
718
719 char *
720 X509_NAME_oneline (gnutls_x509_dn * name, char *buf, int len)
721 {
722 /* XXX openssl allocates buffer if buf == NULL */
723 if (!buf)
724 return NULL;
725 memset (buf, 0, len);
726
727 snprintf (buf, len - 1,
728 "C=%s, ST=%s, L=%s, O=%s, OU=%s, CN=%s/Email=%s",
729 name->country, name->state_or_province_name,
730 name->locality_name, name->organization,
731 name->organizational_unit_name, name->common_name, name->email);
732 return buf;
733 }
734
735 void
736 X509_free (const X509 * cert)
737 {
738 /* only get certificates as const items */
739 }
740
741
742 /* BIO functions */
743
744 void
745 BIO_get_fd (gnutls_session_t gnutls_state, int *fd)
746 {
747 gnutls_transport_ptr_t tmp = gnutls_transport_get_ptr (gnutls_state);
748 *fd = GNUTLS_POINTER_TO_INT (tmp);
749 }
750
751 BIO *
752 BIO_new_socket (int sock, int close_flag)
753 {
754 BIO *bio;
755
756 bio = (BIO *) malloc (sizeof (BIO));
757 if (!bio)
758 return NULL;
759
760 bio->fd = GNUTLS_INT_TO_POINTER (sock);
761
762 return bio;
763 }
764
765
766 /* error handling */
767
768 unsigned long
769 ERR_get_error (void)
770 {
771 unsigned long ret;
772
773 ret = -1 * last_error;
774 last_error = 0;
775
776 return ret;
777 }
778
779 const char *
780 ERR_error_string (unsigned long e, char *buf)
781 {
782 return gnutls_strerror (-1 * e);
783 }
784
785
786 /* RAND functions */
787
788 int
789 RAND_status (void)
790 {
791 return 1;
792 }
793
794 void
795 RAND_seed (const void *buf, int num)
796 {
797 }
798
799 int
800 RAND_bytes (unsigned char *buf, int num)
801 {
802 _gnutls_rnd (GNUTLS_RND_RANDOM, buf, num);
803 return 1;
804 }
805
806 int
807 RAND_pseudo_bytes (unsigned char *buf, int num)
808 {
809 _gnutls_rnd (GNUTLS_RND_NONCE, buf, num);
810 return 1;
811 }
812
813 const char *
814 RAND_file_name (char *buf, size_t len)
815 {
816 return "";
817 }
818
819 int
820 RAND_load_file (const char *name, long maxbytes)
821 {
822 return maxbytes;
823 }
824
825 int
826 RAND_write_file (const char *name)
827 {
828 return 0;
829 }
830
831 int
832 RAND_egd_bytes (const char *path, int bytes)
833 {
834 /* fake it */
835 return bytes;
836 }
837
838
839 /* message digest functions */
840
841 void
842 MD5_Init (MD5_CTX * ctx)
843 {
844 ctx->handle = gnutls_malloc (sizeof (digest_hd_st));
845 if (!ctx->handle)
846 abort ();
847 _gnutls_hash_init (ctx->handle, GNUTLS_DIG_MD5);
848 }
849
850 void
851 MD5_Update (MD5_CTX * ctx, const void *buf, int len)
852 {
853 _gnutls_hash (ctx->handle, buf, len);
854 }
855
856 void
857 MD5_Final (unsigned char *md, MD5_CTX * ctx)
858 {
859 _gnutls_hash_deinit (ctx->handle, md);
860 gnutls_free (ctx->handle);
861 }
862
863 unsigned char *
864 MD5 (const unsigned char *buf, unsigned long len, unsigned char *md)
865 {
866 if (!md)
867 return NULL;
868
869 _gnutls_hash_fast (GNUTLS_DIG_MD5, buf, len, md);
870
871 return md;
872 }
873
874 void
875 RIPEMD160_Init (RIPEMD160_CTX * ctx)
876 {
877 ctx->handle = gnutls_malloc (sizeof (digest_hd_st));
878 if (!ctx->handle)
879 abort ();
880 _gnutls_hash_init (ctx->handle, GNUTLS_DIG_RMD160);
881 }
882
883 void
884 RIPEMD160_Update (RIPEMD160_CTX * ctx, const void *buf, int len)
885 {
886 _gnutls_hash (ctx->handle, buf, len);
887 }
888
889 void
890 RIPEMD160_Final (unsigned char *md, RIPEMD160_CTX * ctx)
891 {
892 _gnutls_hash_deinit (ctx->handle, md);
893 gnutls_free (ctx->handle);
894 }
895
896 unsigned char *
897 RIPEMD160 (const unsigned char *buf, unsigned long len, unsigned char *md)
898 {
899 if (!md)
900 return NULL;
901
902 _gnutls_hash_fast (GNUTLS_DIG_RMD160, buf, len, md);
903
904 return md;
905 }
Implementation of the SSL/TLS protocol