Add support for MbedTLS

author: Nikias Bassen 2021-07-27 03:36:45 +0200
committer: Nikias Bassen 2021-07-27 03:36:45 +0200
commit: ab1c815340afc2883c9ef08795eebd9bed1858c5 (patch)
tree: a188e92dfdff14e501bf42b5d880155468cffbdd /tools
parent: 19eca85f90d9950596e1c6021d7b0f89407f5d7f (diff)
download: libimobiledevice-ab1c815340afc2883c9ef08795eebd9bed1858c5.tar.gz
libimobiledevice-ab1c815340afc2883c9ef08795eebd9bed1858c5.tar.bz2
2 files changed, 65 insertions, 88 deletions
diff --git a/tools/Makefile.am b/tools/Makefile.am
index 04a5faa..b78f3f2 100644
--- a/tools/Makefile.am
+++ b/tools/Makefile.am
@@ -4,18 +4,10 @@ AM_CPPFLAGS = \
 AM_CFLAGS = \
        $(GLOBAL_CFLAGS) \
-        $(libgnutls_CFLAGS) \
-        $(libtasn1_CFLAGS) \
-        $(libgcrypt_CFLAGS) \
-        $(openssl_CFLAGS) \
        $(libplist_CFLAGS) \
        $(LFS_CFLAGS)
 AM_LDFLAGS = \
-        $(libgnutls_LIBS) \
-        $(libtasn1_LIBS) \
-        $(libgcrypt_LIBS) \
-        $(openssl_LIBS) \
        $(libplist_LIBS)
 bin_PROGRAMS = \
@@ -49,8 +41,8 @@ idevicename_LDFLAGS = $(AM_LDFLAGS)
 idevicename_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la
 idevicepair_SOURCES = idevicepair.c
-idevicepair_CFLAGS = -I$(top_srcdir) $(AM_CFLAGS)
+idevicepair_CFLAGS = -I$(top_srcdir) $(AM_CFLAGS) $(ssl_lib_CFLAGS)
-idevicepair_LDFLAGS = $(AM_LDFLAGS) $(libusbmuxd_LIBS)
+idevicepair_LDFLAGS = $(AM_LDFLAGS) $(libusbmuxd_LIBS) $(ssl_lib_LIBS)
 idevicepair_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la $(top_builddir)/common/libinternalcommon.la
 idevicesyslog_SOURCES = idevicesyslog.c
@@ -64,8 +56,8 @@ idevice_id_LDFLAGS = $(AM_LDFLAGS)
 idevice_id_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la
 idevicebackup_SOURCES = idevicebackup.c
-idevicebackup_CFLAGS = $(AM_CFLAGS)
+idevicebackup_CFLAGS = $(AM_CFLAGS) $(ssl_lib_CFLAGS)
-idevicebackup_LDFLAGS = $(AM_LDFLAGS)
+idevicebackup_LDFLAGS = $(AM_LDFLAGS) $(ssl_lib_LIBS)
 idevicebackup_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la $(top_builddir)/common/libinternalcommon.la
 idevicebackup2_SOURCES = idevicebackup2.c
diff --git a/tools/idevicebackup.c b/tools/idevicebackup.c
index dfd7b8b..8d0f74b 100644
--- a/tools/idevicebackup.c
+++ b/tools/idevicebackup.c
@@ -31,10 +31,20 @@
 #include <errno.h>
 #include <stdlib.h>
 #include <signal.h>
-#ifdef HAVE_OPENSSL
+#if defined(HAVE_OPENSSL)
 #include <openssl/sha.h>
-#else
+#elif defined(HAVE_GNUTLS)
 #include <gcrypt.h>
+#elif defined(HAVE_MBEDTLS)
+#include <mbedtls/sha1.h>
+#if MBEDTLS_VERSION_NUMBER < 0x03000000
+#define mbedtls_sha1         mbedtls_sha1_ret
+#define mbedtls_sha1_starts  mbedtls_sha1_starts_ret
+#define mbedtls_sha1_update  mbedtls_sha1_update_ret
+#define mbedtls_sha1_finish  mbedtls_sha1_finish_ret
+#endif
+#else
+#error No supported crypto library enabled
 #endif
 #include <unistd.h>
 #include <ctype.h>
@@ -78,10 +88,12 @@ enum device_link_file_status_t {
 static void sha1_of_data(const char *input, uint32_t size, unsigned char *hash_out)
 {
-#ifdef HAVE_OPENSSL
+#if defined(HAVE_OPENSSL)
        SHA1((const unsigned char*)input, size, hash_out);
-#else
+#elif defined(HAVE_GNUTLS)
        gcry_md_hash_buffer(GCRY_MD_SHA1, hash_out, input, size);
+#elif defined(HAVE_MBEDTLS)
+        mbedtls_sha1((unsigned char*)input, size, hash_out);
 #endif
 }
@@ -96,12 +108,24 @@ static int compare_hash(const unsigned char *hash1, const unsigned char *hash2,
        return 1;
 }
+static void _sha1_update(void* context, const char* data, size_t len)
+{
+#if defined(HAVE_OPENSSL)
+        SHA1_Update(context, data, len);
+#elif defined(HAVE_GNUTLS)
+        gcry_md_write(context, data, len);
+#elif defined(HAVE_MBEDTLS)
+        mbedtls_sha1_update(context, (const unsigned char*)data, len);
+#endif
+}
 static void compute_datahash(const char *path, const char *destpath, uint8_t greylist, const char *domain, const char *appid, const char *version, unsigned char *hash_out)
 {
-#ifdef HAVE_OPENSSL
+#if defined(HAVE_OPENSSL)
        SHA_CTX sha1;
        SHA1_Init(&sha1);
-#else
+        void* psha1 = &sha1;
+#elif defined(HAVE_GNUTLS)
        gcry_md_hd_t hd = NULL;
        gcry_md_open(&hd, GCRY_MD_SHA1, 0);
        if (!hd) {
@@ -109,102 +133,63 @@ static void compute_datahash(const char *path, const char *destpath, uint8_t gre
                return;
        }
        gcry_md_reset(hd);
+        void* psha1 = hd;
+#elif defined(HAVE_MBEDTLS)
+        mbedtls_sha1_context sha1;
+        mbedtls_sha1_init(&sha1);
+        mbedtls_sha1_starts(&sha1);
+        void* psha1 = &sha1;
 #endif
        FILE *f = fopen(path, "rb");
        if (f) {
                unsigned char buf[16384];
                size_t len;
                while ((len = fread(buf, 1, 16384, f)) > 0) {
-#ifdef HAVE_OPENSSL
+                        _sha1_update(psha1, (const char*)buf, len);
-                        SHA1_Update(&sha1, buf, len);
-#else
-                        gcry_md_write(hd, buf, len);
-#endif
                }
                fclose(f);
-#ifdef HAVE_OPENSSL
+                _sha1_update(psha1, destpath, strlen(destpath));
-                SHA1_Update(&sha1, destpath, strlen(destpath));
+                _sha1_update(psha1, ";", 1);
-                SHA1_Update(&sha1, ";", 1);
-#else
-                gcry_md_write(hd, destpath, strlen(destpath));
-                gcry_md_write(hd, ";", 1);
-#endif
                if (greylist == 1) {
-#ifdef HAVE_OPENSSL
+                        _sha1_update(psha1, "true", 4);
-                        SHA1_Update(&sha1, "true", 4);
-#else
-                        gcry_md_write(hd, "true", 4);
-#endif
                } else {
-#ifdef HAVE_OPENSSL
+                        _sha1_update(psha1, "false", 5);
-                        SHA1_Update(&sha1, "false", 5);
-#else
-                        gcry_md_write(hd, "false", 5);
-#endif
                }
-#ifdef HAVE_OPENSSL
+                _sha1_update(psha1, ";", 1);
-                SHA1_Update(&sha1, ";", 1);
-#else
-                gcry_md_write(hd, ";", 1);
-#endif
                if (domain) {
-#ifdef HAVE_OPENSSL
+                        _sha1_update(psha1, domain, strlen(domain));
-                        SHA1_Update(&sha1, domain, strlen(domain));
-#else
-                        gcry_md_write(hd, domain, strlen(domain));
-#endif
                } else {
-#ifdef HAVE_OPENSSL
+                        _sha1_update(psha1, "(null)", 6);
-                        SHA1_Update(&sha1, "(null)", 6);
-#else
-                        gcry_md_write(hd, "(null)", 6);
-#endif
                }
-#ifdef HAVE_OPENSSL
+                _sha1_update(psha1, ";", 1);
-                SHA1_Update(&sha1, ";", 1);
-#else
-                gcry_md_write(hd, ";", 1);
-#endif
                if (appid) {
-#ifdef HAVE_OPENSSL
+                        _sha1_update(psha1, appid, strlen(appid));
-                        SHA1_Update(&sha1, appid, strlen(appid));
-#else
-                        gcry_md_write(hd, appid, strlen(appid));
-#endif
                } else {
-#ifdef HAVE_OPENSSL
+                        _sha1_update(psha1, "(null)", 6);
-                        SHA1_Update(&sha1, "(null)", 6);
-#else
-                        gcry_md_write(hd, "(null)", 6);
-#endif
                }
-#ifdef HAVE_OPENSSL
+                _sha1_update(psha1, ";", 1);
-                SHA1_Update(&sha1, ";", 1);
-#else
-                gcry_md_write(hd, ";", 1);
-#endif
                if (version) {
-#ifdef HAVE_OPENSSL
+                        _sha1_update(psha1, version, strlen(version));
-                        SHA1_Update(&sha1, version, strlen(version));
-#else
-                        gcry_md_write(hd, version, strlen(version));
-#endif
                } else {
-#ifdef HAVE_OPENSSL
+                        _sha1_update(psha1, "(null)", 6);
-                        SHA1_Update(&sha1, "(null)", 6);
-#else
-                        gcry_md_write(hd, "(null)", 6);
-#endif
                }
-#ifdef HAVE_OPENSSL
+#if defined(HAVE_OPENSSL)
                SHA1_Final(hash_out, &sha1);
-#else
+#elif defined(HAVE_GNUTLS)
                unsigned char *newhash = gcry_md_read(hd, GCRY_MD_SHA1);
                memcpy(hash_out, newhash, 20);
+#elif defined(HAVE_MBEDTLS)
+                mbedtls_sha1_finish(&sha1, hash_out);
 #endif
        }
-#ifndef HAVE_OPENSSL
+#if defined(HAVE_GNUTLS)
        gcry_md_close(hd);
+#elif defined(HAVE_MBEDTLS)
+        mbedtls_sha1_free(&sha1);
 #endif
 }
author	Nikias Bassen	2021-07-27 03:36:45 +0200
committer	Nikias Bassen	2021-07-27 03:36:45 +0200
commit	ab1c815340afc2883c9ef08795eebd9bed1858c5 (patch)
tree	a188e92dfdff14e501bf42b5d880155468cffbdd /tools
parent	19eca85f90d9950596e1c6021d7b0f89407f5d7f (diff)
download	libimobiledevice-ab1c815340afc2883c9ef08795eebd9bed1858c5.tar.gz libimobiledevice-ab1c815340afc2883c9ef08795eebd9bed1858c5.tar.bz2

diff --git a/tools/Makefile.am b/tools/Makefile.am index 04a5faa..b78f3f2 100644 --- a/tools/Makefile.am +++ b/tools/Makefile.am
@@ -4,18 +4,10 @@ AM_CPPFLAGS = \
4		4
5	AM_CFLAGS = \	5	AM_CFLAGS = \
6	$(GLOBAL_CFLAGS) \	6	$(GLOBAL_CFLAGS) \
7	$(libgnutls_CFLAGS) \
8	$(libtasn1_CFLAGS) \
9	$(libgcrypt_CFLAGS) \
10	$(openssl_CFLAGS) \
11	$(libplist_CFLAGS) \	7	$(libplist_CFLAGS) \
12	$(LFS_CFLAGS)	8	$(LFS_CFLAGS)
13		9
14	AM_LDFLAGS = \	10	AM_LDFLAGS = \
15	$(libgnutls_LIBS) \
16	$(libtasn1_LIBS) \
17	$(libgcrypt_LIBS) \
18	$(openssl_LIBS) \
19	$(libplist_LIBS)	11	$(libplist_LIBS)
20		12
21	bin_PROGRAMS = \	13	bin_PROGRAMS = \
@@ -49,8 +41,8 @@ idevicename_LDFLAGS = $(AM_LDFLAGS)
49	idevicename_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la	41	idevicename_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la
50		42
51	idevicepair_SOURCES = idevicepair.c	43	idevicepair_SOURCES = idevicepair.c
52	idevicepair_CFLAGS = -I$(top_srcdir) $(AM_CFLAGS)	44	idevicepair_CFLAGS = -I$(top_srcdir) $(AM_CFLAGS) $(ssl_lib_CFLAGS)
53	idevicepair_LDFLAGS = $(AM_LDFLAGS) $(libusbmuxd_LIBS)	45	idevicepair_LDFLAGS = $(AM_LDFLAGS) $(libusbmuxd_LIBS) $(ssl_lib_LIBS)
54	idevicepair_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la $(top_builddir)/common/libinternalcommon.la	46	idevicepair_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la $(top_builddir)/common/libinternalcommon.la
55		47
56	idevicesyslog_SOURCES = idevicesyslog.c	48	idevicesyslog_SOURCES = idevicesyslog.c
@@ -64,8 +56,8 @@ idevice_id_LDFLAGS = $(AM_LDFLAGS)
64	idevice_id_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la	56	idevice_id_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la
65		57
66	idevicebackup_SOURCES = idevicebackup.c	58	idevicebackup_SOURCES = idevicebackup.c
67	idevicebackup_CFLAGS = $(AM_CFLAGS)	59	idevicebackup_CFLAGS = $(AM_CFLAGS) $(ssl_lib_CFLAGS)
68	idevicebackup_LDFLAGS = $(AM_LDFLAGS)	60	idevicebackup_LDFLAGS = $(AM_LDFLAGS) $(ssl_lib_LIBS)
69	idevicebackup_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la $(top_builddir)/common/libinternalcommon.la	61	idevicebackup_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la $(top_builddir)/common/libinternalcommon.la
70		62
71	idevicebackup2_SOURCES = idevicebackup2.c	63	idevicebackup2_SOURCES = idevicebackup2.c


diff --git a/tools/idevicebackup.c b/tools/idevicebackup.c index dfd7b8b..8d0f74b 100644 --- a/tools/idevicebackup.c +++ b/tools/idevicebackup.c
@@ -31,10 +31,20 @@
31	#include <errno.h>	31	#include <errno.h>
32	#include <stdlib.h>	32	#include <stdlib.h>
33	#include <signal.h>	33	#include <signal.h>
34	#ifdef HAVE_OPENSSL	34	#if defined(HAVE_OPENSSL)
35	#include <openssl/sha.h>	35	#include <openssl/sha.h>
36	#else	36	#elif defined(HAVE_GNUTLS)
37	#include <gcrypt.h>	37	#include <gcrypt.h>
		38	#elif defined(HAVE_MBEDTLS)
		39	#include <mbedtls/sha1.h>
		40	#if MBEDTLS_VERSION_NUMBER < 0x03000000
		41	#define mbedtls_sha1 mbedtls_sha1_ret
		42	#define mbedtls_sha1_starts mbedtls_sha1_starts_ret
		43	#define mbedtls_sha1_update mbedtls_sha1_update_ret
		44	#define mbedtls_sha1_finish mbedtls_sha1_finish_ret
		45	#endif
		46	#else
		47	#error No supported crypto library enabled
38	#endif	48	#endif
39	#include <unistd.h>	49	#include <unistd.h>
40	#include <ctype.h>	50	#include <ctype.h>
@@ -78,10 +88,12 @@ enum device_link_file_status_t {
78		88
79	static void sha1_of_data(const char input, uint32_t size, unsigned char hash_out)	89	static void sha1_of_data(const char input, uint32_t size, unsigned char hash_out)
80	{	90	{
81	#ifdef HAVE_OPENSSL	91	#if defined(HAVE_OPENSSL)
82	SHA1((const unsigned char*)input, size, hash_out);	92	SHA1((const unsigned char*)input, size, hash_out);
83	#else	93	#elif defined(HAVE_GNUTLS)
84	gcry_md_hash_buffer(GCRY_MD_SHA1, hash_out, input, size);	94	gcry_md_hash_buffer(GCRY_MD_SHA1, hash_out, input, size);
		95	#elif defined(HAVE_MBEDTLS)
		96	mbedtls_sha1((unsigned char*)input, size, hash_out);
85	#endif	97	#endif
86	}	98	}
87		99
@@ -96,12 +108,24 @@ static int compare_hash(const unsigned char hash1, const unsigned char hash2,
96	return 1;	108	return 1;
97	}	109	}
98		110
		111	static void _sha1_update(void* context, const char* data, size_t len)
		112	{
		113	#if defined(HAVE_OPENSSL)
		114	SHA1_Update(context, data, len);
		115	#elif defined(HAVE_GNUTLS)
		116	gcry_md_write(context, data, len);
		117	#elif defined(HAVE_MBEDTLS)
		118	mbedtls_sha1_update(context, (const unsigned char*)data, len);
		119	#endif
		120	}
		121
99	static void compute_datahash(const char path, const char destpath, uint8_t greylist, const char domain, const char appid, const char version, unsigned char hash_out)	122	static void compute_datahash(const char path, const char destpath, uint8_t greylist, const char domain, const char appid, const char version, unsigned char hash_out)
100	{	123	{
101	#ifdef HAVE_OPENSSL	124	#if defined(HAVE_OPENSSL)
102	SHA_CTX sha1;	125	SHA_CTX sha1;
103	SHA1_Init(&sha1);	126	SHA1_Init(&sha1);
104	#else	127	void* psha1 = &sha1;
		128	#elif defined(HAVE_GNUTLS)
105	gcry_md_hd_t hd = NULL;	129	gcry_md_hd_t hd = NULL;
106	gcry_md_open(&hd, GCRY_MD_SHA1, 0);	130	gcry_md_open(&hd, GCRY_MD_SHA1, 0);
107	if (!hd) {	131	if (!hd) {
@@ -109,102 +133,63 @@ static void compute_datahash(const char path, const char destpath, uint8_t gre
109	return;	133	return;
110	}	134	}
111	gcry_md_reset(hd);	135	gcry_md_reset(hd);
		136	void* psha1 = hd;
		137	#elif defined(HAVE_MBEDTLS)
		138	mbedtls_sha1_context sha1;
		139	mbedtls_sha1_init(&sha1);
		140	mbedtls_sha1_starts(&sha1);
		141	void* psha1 = &sha1;
112	#endif	142	#endif
113	FILE *f = fopen(path, "rb");	143	FILE *f = fopen(path, "rb");
114	if (f) {	144	if (f) {
115	unsigned char buf[16384];	145	unsigned char buf[16384];
116	size_t len;	146	size_t len;
117	while ((len = fread(buf, 1, 16384, f)) > 0) {	147	while ((len = fread(buf, 1, 16384, f)) > 0) {
118	#ifdef HAVE_OPENSSL	148	_sha1_update(psha1, (const char*)buf, len);
119	SHA1_Update(&sha1, buf, len);
120	#else
121	gcry_md_write(hd, buf, len);
122	#endif
123	}	149	}
124	fclose(f);	150	fclose(f);
125	#ifdef HAVE_OPENSSL	151	_sha1_update(psha1, destpath, strlen(destpath));
126	SHA1_Update(&sha1, destpath, strlen(destpath));	152	_sha1_update(psha1, ";", 1);
127	SHA1_Update(&sha1, ";", 1);	153
128	#else
129	gcry_md_write(hd, destpath, strlen(destpath));
130	gcry_md_write(hd, ";", 1);
131	#endif
132	if (greylist == 1) {	154	if (greylist == 1) {
133	#ifdef HAVE_OPENSSL	155	_sha1_update(psha1, "true", 4);
134	SHA1_Update(&sha1, "true", 4);
135	#else
136	gcry_md_write(hd, "true", 4);
137	#endif
138	} else {	156	} else {
139	#ifdef HAVE_OPENSSL	157	_sha1_update(psha1, "false", 5);
140	SHA1_Update(&sha1, "false", 5);
141	#else
142	gcry_md_write(hd, "false", 5);
143	#endif
144	}	158	}
145	#ifdef HAVE_OPENSSL	159	_sha1_update(psha1, ";", 1);
146	SHA1_Update(&sha1, ";", 1);	160
147	#else
148	gcry_md_write(hd, ";", 1);
149	#endif
150	if (domain) {	161	if (domain) {
151	#ifdef HAVE_OPENSSL	162	_sha1_update(psha1, domain, strlen(domain));
152	SHA1_Update(&sha1, domain, strlen(domain));
153	#else
154	gcry_md_write(hd, domain, strlen(domain));
155	#endif
156	} else {	163	} else {
157	#ifdef HAVE_OPENSSL	164	_sha1_update(psha1, "(null)", 6);
158	SHA1_Update(&sha1, "(null)", 6);
159	#else
160	gcry_md_write(hd, "(null)", 6);
161	#endif
162	}	165	}
163	#ifdef HAVE_OPENSSL	166	_sha1_update(psha1, ";", 1);
164	SHA1_Update(&sha1, ";", 1);	167
165	#else
166	gcry_md_write(hd, ";", 1);
167	#endif
168	if (appid) {	168	if (appid) {
169	#ifdef HAVE_OPENSSL	169	_sha1_update(psha1, appid, strlen(appid));
170	SHA1_Update(&sha1, appid, strlen(appid));
171	#else
172	gcry_md_write(hd, appid, strlen(appid));
173	#endif
174	} else {	170	} else {
175	#ifdef HAVE_OPENSSL	171	_sha1_update(psha1, "(null)", 6);
176	SHA1_Update(&sha1, "(null)", 6);
177	#else
178	gcry_md_write(hd, "(null)", 6);
179	#endif
180	}	172	}
181	#ifdef HAVE_OPENSSL	173	_sha1_update(psha1, ";", 1);
182	SHA1_Update(&sha1, ";", 1);	174
183	#else
184	gcry_md_write(hd, ";", 1);
185	#endif
186	if (version) {	175	if (version) {
187	#ifdef HAVE_OPENSSL	176	_sha1_update(psha1, version, strlen(version));
188	SHA1_Update(&sha1, version, strlen(version));
189	#else
190	gcry_md_write(hd, version, strlen(version));
191	#endif
192	} else {	177	} else {
193	#ifdef HAVE_OPENSSL	178	_sha1_update(psha1, "(null)", 6);
194	SHA1_Update(&sha1, "(null)", 6);
195	#else
196	gcry_md_write(hd, "(null)", 6);
197	#endif
198	}	179	}
199	#ifdef HAVE_OPENSSL	180	#if defined(HAVE_OPENSSL)
200	SHA1_Final(hash_out, &sha1);	181	SHA1_Final(hash_out, &sha1);
201	#else	182	#elif defined(HAVE_GNUTLS)
202	unsigned char *newhash = gcry_md_read(hd, GCRY_MD_SHA1);	183	unsigned char *newhash = gcry_md_read(hd, GCRY_MD_SHA1);
203	memcpy(hash_out, newhash, 20);	184	memcpy(hash_out, newhash, 20);
		185	#elif defined(HAVE_MBEDTLS)
		186	mbedtls_sha1_finish(&sha1, hash_out);
204	#endif	187	#endif
205	}	188	}
206	#ifndef HAVE_OPENSSL	189	#if defined(HAVE_GNUTLS)
207	gcry_md_close(hd);	190	gcry_md_close(hd);
		191	#elif defined(HAVE_MBEDTLS)
		192	mbedtls_sha1_free(&sha1);
208	#endif	193	#endif
209	}	194	}
210		195