mirror of
https://github.com/MariaDB/server.git
synced 2025-01-16 12:02:42 +01:00
3227ba706f
ChangeSet@1.2703, 2007-12-07 09:35:28-05:00, cmiller@zippy.cornsilk.net +40 -0 Bug#13174: SHA2 function Patch contributed from Bill Karwin, paper unnumbered CLA in Seattle Implement SHA2 functions. Chad added code to make it work with YaSSL. Also, he removed the (probable) bug of embedded server never using SSL-dependent functions. (libmysqld/Makefile.am didn't read ANY autoconf defs.) Function specification: SHA2( string cleartext, integer hash_length ) -> string hash, or NULL where hash_length is one of 224, 256, 384, or 512. If either is NULL or a length is unsupported, then the result is NULL. The resulting string is always the length of the hash_length parameter or is NULL. Include the canonical hash examples from the NIST in the test results. --- Polish and address concerns of reviewers. .bzrignore: Added libmysqld/sha2.cc to the ignore list. client/mysql.cc: Add condition to remove code for embedded server. client/mysqltest.cc: Add condition to remove code for embedded server. include/Makefile.am: New header file to header list. include/mysql_embed.h: Embedded servers can use SSL-library functions too! include/sha2.h: Compatibility layer to make YaSSL behave like OpenSSL. include/sslopt-case.h: Remove SSL-communication parameters from command lines. include/sslopt-longopts.h: Remove SSL-communication parameters from command lines. include/sslopt-vars.h: Don't declare variables that are only used in SSL communication, if we are compiling the embedded server. include/violite.h: Don't even compile the SSL-communication function if we're in the embedded server. --- Remove CPP condition indentation. libmysqld/CMakeLists.txt: Add new file to source list. libmysqld/Makefile.am: Include standard DEFS in embedded compilation. It's an undiscovered but that it's not there. Add new file to source list. libmysqld/examples/Makefile.am: Include autoconf DEFS. libmysqld/lib_sql.cc: Initialize SSL-related variables in embedded server. mysql-test/include/have_ssl_crypto_functs.inc: Distinguish between communication and crypto. Use the tristate value of "have_ssl" variable to know whether to test or not for SSL-provided crypto functions. mysql-test/r/func_digest.result: Test against the sample test vectors in the NIST Secure Hash Standard (http://csrc.nist.gov/cryptval/shs.htm) mysql-test/r/func_encrypt_nossl.result: Update results to the new error message text. mysql-test/r/have_ssl_is_yes_or_disabled_only.require: Distinguish between communication and crypto. Use the tristate value of "have_ssl" variable to know whether to test or not for SSL-provided crypto functions. mysql-test/suite/rpl/t/rpl_ssl.test: Distinguish between communication and crypto. mysql-test/suite/rpl/t/rpl_ssl1.test: Distinguish between communication and crypto. mysql-test/t/func_des_encrypt.test: Distinguish between communication and crypto. mysql-test/t/func_digest.test: Test against the sample test vectors in the NIST Secure Hash Standard (http://csrc.nist.gov/cryptval/shs.htm) Also, test that various parameters (legal and illegal) do what we expect. --- Distinguish between communication and crypto. mysql-test/t/func_encrypt.test: Distinguish between communication and crypto. mysql-test/t/openssl_1.test: Don't test SSL communication if we're in the embedded server. --- Distinguish between communication and crypto. mysql-test/t/ssl-big.test: Don't test SSL communication if we're in the embedded server. --- Distinguish between communication and crypto. mysql-test/t/ssl.test: Don't test SSL communication if we're in the embedded server. --- Distinguish between communication and crypto. mysql-test/t/ssl_8k_key.test: Don't test SSL communication if we're in the embedded server. --- Distinguish between communication and crypto. mysql-test/t/ssl_compress.test: Don't test SSL communication if we're in the embedded server. --- Distinguish between communication and crypto. mysql-test/t/ssl_connect.test: Don't test SSL communication if we're in the embedded server. --- Distinguish between communication and crypto. sql-common/client.c: SSL is useful for more functionality than just connecting. Test for whether we are not embedded server also. sql/CMakeLists.txt: Add new source file to source list so that we have access to SHA2 functions. sql/Makefile.am: Add new source file to source list so that we have access to SHA2 functions. sql/item_create.cc: Bootstrap the SHA2 function into the server. sql/item_strfunc.cc: Add new SHA2 Item class methods. Clean up two minor problems. --- Remove extraneous debugging. --- We must check nullness of a parameter only /after/ computing its value. sql/item_strfunc.h: Declare new SHA2 Item class. sql/mysqld.cc: For embedded server, don't refer to SSL-communications variables or values. --- Remove CPP condition indentation. sql/sha2.cc: Compatibility layer to make YaSSL behave like OpenSSL. --- Add comment for generated functions. sql/sql_acl.cc: For embedded server, don't refer to SSL-communications variables or values. sql/sql_connect.cc: SSL is useful for more functionality than just connecting. Test for whether we are not embedded server also. sql/sys_vars.cc: For embedded server, don't refer to SSL-communications variables or values.
68 lines
2.2 KiB
C++
68 lines
2.2 KiB
C++
/* Copyright (C) 2007 MySQL AB
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; version 2 of the License.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program; if not, write to the Free Software
|
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */
|
|
|
|
|
|
/**
|
|
@file
|
|
A compatibility layer to our built-in SSL implementation, to mimic the
|
|
oft-used external library, OpenSSL.
|
|
*/
|
|
|
|
#include <my_global.h>
|
|
#include <sha2.h>
|
|
|
|
#ifdef HAVE_YASSL
|
|
|
|
/*
|
|
If TaoCrypt::SHA512 or ::SHA384 are not defined (but ::SHA256 is), it's
|
|
probably that neither of config.h's SIZEOF_LONG or SIZEOF_LONG_LONG are
|
|
64 bits long. At present, both OpenSSL and YaSSL require 64-bit integers
|
|
for SHA-512. (The SIZEOF_* definitions come from autoconf's config.h .)
|
|
*/
|
|
|
|
# define GEN_YASSL_SHA2_BRIDGE(size) \
|
|
unsigned char* SHA##size(const unsigned char *input_ptr, size_t input_length, \
|
|
char unsigned *output_ptr) { \
|
|
TaoCrypt::SHA##size hasher; \
|
|
\
|
|
hasher.Update(input_ptr, input_length); \
|
|
hasher.Final(output_ptr); \
|
|
return(output_ptr); \
|
|
}
|
|
|
|
|
|
/**
|
|
@fn SHA512
|
|
@fn SHA384
|
|
@fn SHA256
|
|
@fn SHA224
|
|
|
|
Instantiate an hash object, fill in the cleartext value, compute the digest,
|
|
and extract the result from the object.
|
|
|
|
(Generate the functions. See similar .h code for the prototypes.)
|
|
*/
|
|
# ifndef OPENSSL_NO_SHA512
|
|
GEN_YASSL_SHA2_BRIDGE(512);
|
|
GEN_YASSL_SHA2_BRIDGE(384);
|
|
# else
|
|
# warning Some SHA2 functionality is missing. See OPENSSL_NO_SHA512.
|
|
# endif
|
|
GEN_YASSL_SHA2_BRIDGE(256);
|
|
GEN_YASSL_SHA2_BRIDGE(224);
|
|
|
|
# undef GEN_YASSL_SHA2_BRIDGE
|
|
|
|
#endif /* HAVE_YASSL */
|