From c79a6af7b12f4cebf8a77d18f688f19cc723b05c Mon Sep 17 00:00:00 2001
From: Brian Cox <BrianRCox@gmail.com>
Date: Tue, 7 Jun 2016 19:06:10 -0700
Subject: [PATCH] [OSX] Use CommonCrypto md5 & sha1 impls by default, with a
 --disable-commoncrypto configure option to disable them and use the old
 builtin impls.

---
 configure             | 15 +++++++++++++--
 configure.ac          | 10 ++++++++--
 src/fco/signature.cpp | 37 ++++++++++++++++++++++++++++---------
 src/fco/signature.h   | 19 +++++++++++++++++--
 4 files changed, 66 insertions(+), 15 deletions(-)

diff --git a/configure b/configure
index 121ac29..8cffd17 100755
--- a/configure
+++ b/configure
@@ -746,6 +746,7 @@ enable_silent_rules
 enable_static
 enable_debug
 enable_dependency_tracking
+enable_commoncrypto
 enable_iconv
 enable_openssl
 with_ssl_dir
@@ -1392,8 +1393,9 @@ Optional Features:
                           do not reject slow dependency extractors
   --disable-dependency-tracking
                           speeds up one-time build
+  --disable-commoncrypto  Don't use CommonCrypto hash implementations (OSX only)
   --enable-iconv          Use iconv for locale-independent report and db files
-  --disable-openssl       don't link against OpenSSL libraries
+  --disable-openssl       Don't link against OpenSSL libraries
 
 Optional Packages:
   --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
@@ -6175,7 +6177,15 @@ fi
 done
 
 
-for ac_header in CommonCrypto/CommonDigest.h
+# Check whether --enable-commoncrypto was given.
+if test "${enable_commoncrypto+set}" = set; then :
+  enableval=$enable_commoncrypto;
+fi
+
+
+if test "x${enable_commoncrypto}" != "xno"
+then
+  for ac_header in CommonCrypto/CommonDigest.h
 do :
   ac_fn_c_check_header_mongrel "$LINENO" "CommonCrypto/CommonDigest.h" "ac_cv_header_CommonCrypto_CommonDigest_h" "$ac_includes_default"
 if test "x$ac_cv_header_CommonCrypto_CommonDigest_h" = xyes; then :
@@ -6187,6 +6197,7 @@ fi
 
 done
 
+fi
 
 
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for socket in -lc" >&5
diff --git a/configure.ac b/configure.ac
index 685da27..d0a45ab 100644
--- a/configure.ac
+++ b/configure.ac
@@ -110,7 +110,13 @@ dnl check for posix_fadvise
 AC_CHECK_HEADERS(fcntl.h, [AC_CHECK_FUNCS(posix_fadvise)])
 
 dnl check for OSX builtin hash algorithms
-AC_CHECK_HEADERS(CommonCrypto/CommonDigest.h)
+AC_ARG_ENABLE(commoncrypto,
+        [  --disable-commoncrypto  Don't use CommonCrypto hash implementations (OSX only)])
+
+if test "x${enable_commoncrypto}" != "xno"
+then
+  AC_CHECK_HEADERS(CommonCrypto/CommonDigest.h)
+fi
 
 dnl ##############################################
 dnl Checks for various platform specific libraries
@@ -304,7 +310,7 @@ if you are trying to compile a static binary.
 
 dnl Check for OpenSSL, now that we have a working compiler
 AC_ARG_ENABLE(openssl,
-        [  --disable-openssl       don't link against OpenSSL libraries])
+        [  --disable-openssl       Don't link against OpenSSL libraries])
 AC_ARG_WITH(ssl-dir,
 	[  --with-ssl-dir=PATH     Specify path to OpenSSL installation ],
 	[
diff --git a/src/fco/signature.cpp b/src/fco/signature.cpp
index 836e8a5..bcec48e 100644
--- a/src/fco/signature.cpp
+++ b/src/fco/signature.cpp
@@ -495,7 +495,11 @@ IMPLEMENT_TYPEDSERIALIZABLE(cMD5Signature,  _T("cMD5Signature"), 0, 1)
 
 cMD5Signature::cMD5Signature()
 {
-    memset( mMD5Info.digest, 0, sizeof( mMD5Info.digest ) );
+#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H
+    memset( mMD5Info.data, 0, sizeof( mMD5Info.data ) );
+#else
+     memset( mMD5Info.digest, 0, sizeof( mMD5Info.digest ) );
+#endif
     memset( md5_digest, 0, MD5_DIGEST_LENGTH );
 }
 
@@ -505,7 +509,9 @@ cMD5Signature::~cMD5Signature()
 
 void cMD5Signature::Init()
 {
-#ifdef HAVE_OPENSSL_MD5_H
+#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H
+    CC_MD5_Init(&mMD5Info);
+#elif HAVE_OPENSSL_MD5_H
     MD5_Init( &mMD5Info );
 #else
     MD5Init( &mMD5Info );
@@ -514,7 +520,9 @@ void cMD5Signature::Init()
 
 void cMD5Signature::Update( const byte* const pbData, int cbDataLen )
 {
-#ifdef HAVE_OPENSSL_MD5_H
+#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H
+    CC_MD5_Update(&mMD5Info, (uint8*)pbData, cbDataLen);
+#elif HAVE_OPENSSL_MD5_H
     MD5_Update( &mMD5Info, (uint8*)pbData, cbDataLen );
 #else
     MD5Update( &mMD5Info, (uint8*)pbData, cbDataLen );
@@ -523,7 +531,9 @@ void cMD5Signature::Update( const byte* const pbData, int cbDataLen )
 
 void cMD5Signature::Finit()
 {
-#ifdef HAVE_OPENSSL_MD5_H
+#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H
+    CC_MD5_Final(md5_digest, &mMD5Info);
+#elif HAVE_OPENSSL_MD5_H
     MD5_Final( md5_digest, &mMD5Info );
 #else
     MD5Final( &mMD5Info );
@@ -616,7 +626,10 @@ IMPLEMENT_TYPEDSERIALIZABLE(cSHASignature,  _T("cSHASignature"), 0, 1)
 cSHASignature::cSHASignature()
 {
     memset( &mSHAInfo, 0, sizeof( mSHAInfo ) );
-#ifdef HAVE_OPENSSL_SHA_H
+
+#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H
+     memset( sha_digest, 0, CC_SHA1_DIGEST_LENGTH );
+#elif HAVE_OPENSSL_SHA_H
     memset( sha_digest, 0, SHA_DIGEST_LENGTH );
 #endif
 }
@@ -626,7 +639,9 @@ cSHASignature::~cSHASignature()
 
 void cSHASignature::Init()
 {
-#ifdef HAVE_OPENSSL_SHA_H
+#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H
+    CC_SHA1_Init( &mSHAInfo );
+#elif HAVE_OPENSSL_SHA_H
     SHA1_Init( &mSHAInfo );
 #else
     shsInit( &mSHAInfo );
@@ -636,7 +651,9 @@ void cSHASignature::Init()
 void cSHASignature::Update( const byte* const pbData, int cbDataLen )
 {    
     ASSERT( sizeof( byte ) == sizeof( uint8 ) );
-#ifdef HAVE_OPENSSL_SHA_H
+#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H
+     CC_SHA1_Update( &mSHAInfo, (uint8*)pbData, cbDataLen );
+#elif HAVE_OPENSSL_SHA_H
     SHA1_Update( &mSHAInfo, (uint8*)pbData, cbDataLen );
 #else
     shsUpdate( &mSHAInfo, (uint8*)pbData, cbDataLen );
@@ -645,7 +662,9 @@ void cSHASignature::Update( const byte* const pbData, int cbDataLen )
 
 void cSHASignature::Finit()
 {
-#ifdef HAVE_OPENSSL_SHA_H
+#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H
+    CC_SHA1_Final( (unsigned char *)sha_digest, &mSHAInfo );
+#elif HAVE_OPENSSL_SHA_H
     SHA1_Final( (unsigned char *)sha_digest, &mSHAInfo );
 #else
     shsFinal( &mSHAInfo );
@@ -654,7 +673,7 @@ void cSHASignature::Finit()
 
 ////////////////////////////////////////////////////////////////////////////////
 // AsString -- Converts to Base64 representation and returns a TSTRING
-#ifdef HAVE_OPENSSL_SHA_H
+#if defined(HAVE_OPENSSL_SHA_H) || defined(HAVE_COMMONCRYPTO_COMMONDIGEST_H)
 TSTRING cSHASignature::AsString(void) const
 {
     if (cArchiveSigGen::Hex())
diff --git a/src/fco/signature.h b/src/fco/signature.h
index cbd07c9..5091cb7 100644
--- a/src/fco/signature.h
+++ b/src/fco/signature.h
@@ -71,6 +71,12 @@
 # endif
 #endif
 
+/*Use OSX CommonCrypto lib if available*/
+#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H
+# include <CommonCrypto/CommonDigest.h>
+#endif
+
+
 #include "core/haval.h"
 // TODO: figure out a way to do this without including these headers.
 // pool of objects?
@@ -281,8 +287,13 @@ protected:
     enum { SIG_BYTE_SIZE = MD5_DIGEST_LENGTH };
 
     virtual bool    IsEqual(const iSignature& rhs) const;
+#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H
+    CC_MD5_CTX  mMD5Info;
+    uint8       md5_digest[CC_MD5_DIGEST_LENGTH];
+#else
     MD5_CTX     mMD5Info;
     uint8       md5_digest[MD5_DIGEST_LENGTH];
+#endif
 };
 
 ///////////////////////////////////////////////////////////////////////////////
@@ -310,10 +321,14 @@ protected:
     
     virtual bool    IsEqual(const iSignature& rhs) const;
     
-#ifdef HAVE_OPENSSL_SHA_H
+#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H
+    enum { SIG_UINT32_SIZE = CC_SHA1_DIGEST_LENGTH/4 };
+    CC_SHA1_CTX mSHAInfo;
+    uint32      sha_digest[SIG_UINT32_SIZE];
+#elif HAVE_OPENSSL_SHA_H
     enum { SIG_UINT32_SIZE = SHA_DIGEST_LENGTH/4 };
     SHA_CTX     mSHAInfo;
-    uint32      sha_digest[SHA_DIGEST_LENGTH/4];
+    uint32      sha_digest[SIG_UINT32_SIZE];
 #else
     enum { SIG_UINT32_SIZE = 5 };
     SHS_INFO mSHAInfo;