[PATCH] Add libgcrypt as an option for sha1

Julien Cristau jcristau at debian.org
Thu Sep 24 04:41:31 PDT 2009


Signed-off-by: Julien Cristau <jcristau at debian.org>
---
We've been using that in Debian since April (to avoid openssl's
gpl-incompatible license, and because gcrypt is already in our base
system).  One thing I'm not sure about is in what order to check for
things in configure, or whether we need something like
--with-sha1={libmd,libcrypto,libgcrypt}.

 configure.ac            |    6 ++++++
 include/dix-config.h.in |    3 +++
 render/glyph.c          |   22 ++++++++++++++++++++++
 3 files changed, 31 insertions(+), 0 deletions(-)

diff --git a/configure.ac b/configure.ac
index b3acbdd..fd6b297 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1270,6 +1270,12 @@ if test "x$SHA1_LIB" = "x" ; then
             [Use libmd SHA1 functions instead of OpenSSL libcrypto])])
 fi
 
+if test "x$SHA1_LIB" = "x"; then
+  AC_CHECK_LIB([gcrypt], [gcry_md_open], [SHA1_LIB="-lgcrypt"
+            AC_DEFINE([HAVE_SHA1_IN_LIBGCRYPT], [1],
+            [Use libgcrypt SHA1 functions instead of OpenSSL libcrypto])])
+fi
+
 if test "x$SHA1_LIB" = "x" ; then
   PKG_CHECK_EXISTS([OPENSSL], [openssl], [HAVE_OPENSSL_PKC=yes],
                     [HAVE_OPENSSL_PKC=no])
diff --git a/include/dix-config.h.in b/include/dix-config.h.in
index 798d9e7..e958146 100644
--- a/include/dix-config.h.in
+++ b/include/dix-config.h.in
@@ -163,6 +163,9 @@
 /* Define to use libmd SHA1 functions instead of OpenSSL libcrypto */
 #undef HAVE_SHA1_IN_LIBMD
 
+/* Define to use libgcrypt SHA1 functions instead of OpenSSL libcrypto */
+#undef HAVE_SHA1_IN_LIBGCRYPT
+
 /* Define to 1 if you have the `shmctl64' function. */
 #undef HAVE_SHMCTL64
 
diff --git a/render/glyph.c b/render/glyph.c
index 7c044aa..a687071 100644
--- a/render/glyph.c
+++ b/render/glyph.c
@@ -28,6 +28,8 @@
 
 #ifdef HAVE_SHA1_IN_LIBMD /* Use libmd for SHA1 */
 # include <sha1.h>
+#elif defined(HAVE_SHA1_IN_LIBGCRYPT)
+# include <gcrypt.h>
 #else /* Use OpenSSL's libcrypto */
 # include <stddef.h>  /* buggy openssl/sha.h wants size_t */
 # include <openssl/sha.h>
@@ -205,6 +207,26 @@ HashGlyph (xGlyphInfo    *gi,
     SHA1Update (&ctx, gi, sizeof (xGlyphInfo));
     SHA1Update (&ctx, bits, size);
     SHA1Final (sha1, &ctx);
+#elif defined(HAVE_SHA1_IN_LIBGCRYPT) /* Use libgcrypt for SHA1 */
+    static int init;
+    gcry_md_hd_t h;
+    gcry_error_t err;
+
+    if (!init) {
+	if (!gcry_check_version(NULL))
+	    return BadAlloc;
+	gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
+	gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
+	init = 1;
+    }
+
+    err = gcry_md_open(&h, GCRY_MD_SHA1, 0);
+    if (err)
+	return BadAlloc;
+    gcry_md_write(h, gi, sizeof (xGlyphInfo));
+    gcry_md_write(h, bits, size);
+    memcpy(sha1, gcry_md_read(h, GCRY_MD_SHA1), 20);
+    gcry_md_close(h);
 #else /* Use OpenSSL's libcrypto */
     SHA_CTX ctx;
     int success;
-- 
1.6.4.3



More information about the xorg-devel mailing list