From 0bc5969755bf62495b2e3f9d2bc9548128b85f92 Mon Sep 17 00:00:00 2001 From: Bastian Germann Date: Wed, 20 Nov 2024 16:00:00 +0100 Subject: [PATCH] Replace in-tree MD5 with OpenSSL This uses OpenSSL's non-deprecated EVP digest facility to calculate MD5 in HTTP digest authentication. --- contrib/epee/src/http_auth.cpp | 20 ++++++++++---------- tests/unit_tests/http.cpp | 12 ++++++------ 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/contrib/epee/src/http_auth.cpp b/contrib/epee/src/http_auth.cpp index 77d9fe5ca..ec430c8cb 100644 --- a/contrib/epee/src/http_auth.cpp +++ b/contrib/epee/src/http_auth.cpp @@ -63,11 +63,11 @@ #include #include #include +#include #include #include #include "hex.h" -#include "md5_l.h" #include "string_coding.h" /* This file uses the `u8` prefix and specifies all chars by ASCII numeric @@ -114,8 +114,8 @@ namespace void operator()(const T& arg) const { const boost::iterator_range data(boost::as_literal(arg)); - md5::MD5Update( - std::addressof(ctx), + EVP_DigestUpdate( + ctx, reinterpret_cast(data.begin()), data.size() ); @@ -126,25 +126,25 @@ namespace } void operator()(const epee::wipeable_string& arg) const { - md5::MD5Update( - std::addressof(ctx), + EVP_DigestUpdate( + ctx, reinterpret_cast(arg.data()), arg.size() ); } - md5::MD5_CTX& ctx; + EVP_MD_CTX *ctx; }; template std::array operator()(const T&... args) const { - md5::MD5_CTX ctx{}; - md5::MD5Init(std::addressof(ctx)); - boost::fusion::for_each(std::tie(args...), update{ctx}); + std::unique_ptr ctx(EVP_MD_CTX_new(), &EVP_MD_CTX_free); + EVP_DigestInit(ctx.get(), EVP_md5()); + boost::fusion::for_each(std::tie(args...), update{ctx.get()}); std::array digest{{}}; - md5::MD5Final(digest.data(), std::addressof(ctx)); + EVP_DigestFinal(ctx.get(), digest.data(), NULL); return epee::to_hex::array(digest); } }; diff --git a/tests/unit_tests/http.cpp b/tests/unit_tests/http.cpp index 12dcd0325..947bd3c9f 100644 --- a/tests/unit_tests/http.cpp +++ b/tests/unit_tests/http.cpp @@ -53,12 +53,12 @@ #include #include #include +#include #include #include #include #include -#include "md5_l.h" #include "string_tools.h" #include "crypto/crypto.h" @@ -201,16 +201,16 @@ auth_responses parse_response(const http::http_response_info& response) std::string md5_hex(const std::string& in) { - md5::MD5_CTX ctx{}; - md5::MD5Init(std::addressof(ctx)); - md5::MD5Update( - std::addressof(ctx), + std::unique_ptr ctx(EVP_MD_CTX_new(), &EVP_MD_CTX_free); + EVP_DigestInit(ctx.get(), EVP_md5()); + EVP_DigestUpdate( + ctx.get(), reinterpret_cast(in.data()), in.size() ); std::array digest{{}}; - md5::MD5Final(digest.data(), std::addressof(ctx)); + EVP_DigestFinal(ctx.get(), digest.data(), NULL); return epee::string_tools::pod_to_hex(digest); }