[PATCH] os: Add libnettle as a choice of SHA1 implementation

Yaakov (Cygwin/X) yselkowitz at users.sourceforge.net
Mon Oct 29 20:52:13 PDT 2012 

From: Yaakov Selkowitz <yselkowitz at users.sourceforge.net>

libnettle is smaller than libgcrypt, currently being released more
frequently, and has replaced the latter in gnutls-3.x (which is used
by TigerVNC, so they can avoid pulling in two crypto libraries
simultaneously).

Signed-off-by: Yaakov Selkowitz <yselkowitz at users.sourceforge.net>
---
 configure.ac            |   14 +++++++++++++-
 include/dix-config.h.in |    3 +++
 os/xsha1.c              |   30 ++++++++++++++++++++++++++++++
 3 files changed, 46 insertions(+), 1 deletions(-)

diff --git a/configure.ac b/configure.ac
index e686614..758c4b7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1360,7 +1360,7 @@ CORE_INCS='-I$(top_srcdir)/include -I$(top_builddir)/include'
 
 # SHA1 hashing
 AC_ARG_WITH([sha1],
-            [AS_HELP_STRING([--with-sha1=libc|libmd|libgcrypt|libcrypto|libsha1|CommonCrypto|CryptoAPI],
+            [AS_HELP_STRING([--with-sha1=libc|libmd|libnettle|libgcrypt|libcrypto|libsha1|CommonCrypto|CryptoAPI],
                             [choose SHA1 implementation])])
 AC_CHECK_FUNC([SHA1Init], [HAVE_SHA1_IN_LIBC=yes])
 if test "x$with_sha1" = x && test "x$HAVE_SHA1_IN_LIBC" = xyes; then
@@ -1423,6 +1423,18 @@ if test "x$with_sha1" = xlibsha1; then
 	          [Use libsha1 for SHA1])
 	SHA1_LIBS=-lsha1
 fi
+AC_CHECK_LIB([nettle], [nettle_sha1_init], [HAVE_LIBNETTLE=yes])
+if test "x$with_sha1" = x && test "x$HAVE_LIBNETTLE" = xyes; then
+	with_sha1=libnettle
+fi
+if test "x$with_sha1" = xlibnettle && test "x$HAVE_LIBNETTLE" != xyes; then
+	AC_MSG_ERROR([libnettle requested but not found])
+fi
+if test "x$with_sha1" = xlibnettle; then
+	AC_DEFINE([HAVE_SHA1_IN_LIBNETTLE], [1],
+	          [Use libnettle SHA1 functions])
+	SHA1_LIBS=-lnettle
+fi
 AC_CHECK_LIB([gcrypt], [gcry_md_open], [HAVE_LIBGCRYPT=yes])
 if test "x$with_sha1" = x && test "x$HAVE_LIBGCRYPT" = xyes; then
 	with_sha1=libgcrypt
diff --git a/include/dix-config.h.in b/include/dix-config.h.in
index 578f249..b270a32 100644
--- a/include/dix-config.h.in
+++ b/include/dix-config.h.in
@@ -157,6 +157,9 @@
 /* Define to use libgcrypt SHA1 functions */
 #undef HAVE_SHA1_IN_LIBGCRYPT
 
+/* Define to use libnettle SHA1 functions */
+#undef HAVE_SHA1_IN_LIBNETTLE
+
 /* Define to use libsha1 for SHA1 */
 #undef HAVE_SHA1_IN_LIBSHA1
 
diff --git a/os/xsha1.c b/os/xsha1.c
index fa66c7a..24c0aa2 100644
--- a/os/xsha1.c
+++ b/os/xsha1.c
@@ -116,6 +116,36 @@ x_sha1_final(void *ctx, unsigned char result[20])
     return 1;
 }
 
+#elif defined(HAVE_SHA1_IN_LIBNETTLE)   /* Use libnettle for SHA1 */
+
+#include <nettle/sha.h>
+
+void *
+x_sha1_init(void)
+{
+    struct sha1_ctx *ctx = malloc(sizeof(*ctx));
+
+    if (!ctx)
+        return NULL;
+    sha1_init(ctx);
+    return ctx;
+}
+
+int
+x_sha1_update(void *ctx, void *data, int size)
+{
+    sha1_update(ctx, size, data);
+    return 1;
+}
+
+int
+x_sha1_final(void *ctx, unsigned char result[20])
+{
+    sha1_digest(ctx, 20, result);
+    free(ctx);
+    return 1;
+}
+
 #elif defined(HAVE_SHA1_IN_LIBGCRYPT)   /* Use libgcrypt for SHA1 */
 
 #include <gcrypt.h>
-- 
1.7.9

More information about the xorg-devel mailing list