Bug#551007: [Net-ssleay-devel] Bug#551007: please add ripemd160 digest to libnet-ssleay-perl

[Daniel Kahn Gillmor]

Hi Mike--

On 10/15/2009 06:11 PM, Mike McCauley wrote:
> Thanks for th patch.

You're welcome.

> Thinking about backwards compat, is <openssl/ripemd.h> available going back 
> to 
> the dim history of openssl? If not it should be #ifdefed with some version 
> number (net-ssleay is expected to compile against old versions of openssl).

How far back deos the "dim history" go?  OpenSSL's changelog says:

Changes between 0.9.4 and 0.9.5  [28 Feb 2000]

    [...]
*) RIPEMD160 is operational on all platforms and is back in 'make test'.
   [Andy Polyakov]


I don't see any version checks for anything earlier than 0.9.8, but i do
see your point; it's a reasonable goal.  So I've now applied the patch
to upstream SVN, added in checks to make sure that OpenSSL is at least
0.9.5, and made the tests conditional on the presence of the digest as
well.  The revised patch is attached, and should apply cleanly to the
current svn trunk (r255).

I also updated the documentation snippets i added to indicate that
digests might or might not be available depending on the OpenSSL version.

Let me know if you have other concerns.  Thanks for the speedy responses!

        --dkg

Index: SSLeay.xs
===================================================================
--- SSLeay.xs	(revision 255)
+++ SSLeay.xs	(working copy)
@@ -106,6 +106,9 @@
 #endif
 #include <openssl/md4.h>
 #include <openssl/md5.h>     /* openssl-SNAP-20020227 does not automatically include this */
+#if OPENSSL_VERSION_NUMBER >= 0x00905000L
+#include <openssl/ripemd.h>
+#endif
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 #include <openssl/engine.h>
@@ -1798,6 +1801,26 @@
 	  XSRETURN_UNDEF;
      }
 
+#if OPENSSL_VERSION_NUMBER >= 0x00905000L
+
+void 
+RIPEMD160(data)
+     PREINIT:
+     STRLEN len;
+     unsigned char md[RIPEMD160_DIGEST_LENGTH];
+     unsigned char * ret;
+     INPUT:
+     unsigned char *  data = (unsigned char *) SvPV( ST(0), len);
+     CODE:
+     ret = RIPEMD160(data,len,md);
+     if (ret!=NULL) {
+	  XSRETURN_PVN((char *) md, RIPEMD160_DIGEST_LENGTH);
+     } else {
+	  XSRETURN_UNDEF;
+     }
+
+#endif
+
 SSL_METHOD *
 SSLv2_method()
 
Index: t/local/50_digest.t
===================================================================
--- t/local/50_digest.t	(revision 255)
+++ t/local/50_digest.t	(working copy)
@@ -7,55 +7,67 @@
 
 my $have_md2 = exists &Net::SSLeay::MD2;
 print "its $have_md2\n";
+my $have_ripemd160 = exists &Net::SSLeay::RIPEMD160;
+print "its $have_ripemd160\n";
 
 my %fps = (
         '' => {
             md2 => '8350e5a3e24c153df2275c9f80692773',
             md4 => '31d6cfe0d16ae931b73c59d7e0c089c0',
             md5 => 'd41d8cd98f00b204e9800998ecf8427e',
+            ripemd160 => '9c1185a5c5e9fc54612808977ee8f548b2258d31',
         },
         'a' => {
             md2 => '32ec01ec4a6dac72c0ab96fb34c0b5d1',
             md4 => 'bde52cb31de33e46245e05fbdbd6fb24',
             md5 => '0cc175b9c0f1b6a831c399e269772661',
+            ripemd160 => '0bdc9d2d256b3ee9daae347be6f4dc835a467ffe',
         },
         '38' => {
             md2 => '4b85c826321a5ce87db408c908d0709e',
             md4 => 'ae9c7ebfb68ea795483d270f5934b71d',
             md5 => 'a5771bce93e200c36f7cd9dfd0e5deaa',
+            ripemd160 => '6b2d075b1cd34cd1c3e43a995f110c55649dad0e', # guessed at this, since it wasn't present in the tables at http://homes.esat.kuleuven.be/~bosselae/ripemd160.html
         },
         'abc' => {
             md2 => 'da853b0d3f88d99b30283a69e6ded6bb',
             md4 => 'a448017aaf21d8525fc10ae87aa6729d',
             md5 => '900150983cd24fb0d6963f7d28e17f72',
+            ripemd160 => '8eb208f7e05d987a9b044a8e98c6b087f15a0bfc',
         },
         'message digest' => {
             md2 => 'ab4f496bfb2a530b219ff33031fe06b0',
             md4 => 'd9130a8164549fe818874806e1c7014b',
             md5 => 'f96b697d7cb7938d525a2f31aaf161d0',
+            ripemd160 => '5d0689ef49d2fae572b881b123a85ffa21595f36',
         },
         'abcdefghijklmnopqrstuvwxyz' => {
             md2 => '4e8ddff3650292ab5a4108c3aa47940b',
             md4 => 'd79e1c308aa5bbcdeea8ed63df412da9',
             md5 => 'c3fcd3d76192e4007dfb496cca67e13b',
+            ripemd160 => 'f71c27109c692c1b56bbdceb5b9d2865b3708dbc',
         },
         'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789' => {
             md2 => 'da33def2a42df13975352846c30338cd',
             md4 => '043f8582f241db351ce627e153e7f0e4',
             md5 => 'd174ab98d277d9f5a5611c2c9f419d9f',
+            ripemd160 => 'b0e20b6e3116640286ed3a87a5713079b21f5189',
         },
         '12345678901234567890123456789012345678901234567890123456789012345678901234567890' => {
             md2 => 'd5976f79d83d3a0dc9806c3c66f3efd8',
             md4 => 'e33b4ddc9c38f2199c3e7b164fcc0536',
             md5 => '57edf4a22be3c955ac49da2e2107b67a',
+            ripemd160 => '9b752e45573d4b39f4dbd3323cab82bf63326bfb',
         },
 );
 
-plan tests => (keys %fps) * ($have_md2 ? 3 : 2);
+plan tests => (keys %fps) * (2 + ($have_md2 ? 1 : 0) + ($have_ripemd160 ? 1 : 0));
 
 for my $data (sort keys %fps) {
     is(unpack('H32', Net::SSLeay::MD2($data)), $fps{$data}->{md2}, "MD2 hash for '$data'")
 	if $have_md2;
     is(unpack('H32', Net::SSLeay::MD4($data)), $fps{$data}->{md4}, "MD4 hash for '$data'");
     is(unpack('H32', Net::SSLeay::MD5($data)), $fps{$data}->{md5}, "MD5 hash for '$data'");
+    is(unpack('H40', Net::SSLeay::RIPEMD160($data)), $fps{$data}->{ripemd160}, "RIPEMD160 hash for '$data'")
+	if $have_ripemd160;
 }
Index: lib/Net/SSLeay.pm
===================================================================
--- lib/Net/SSLeay.pm	(revision 255)
+++ lib/Net/SSLeay.pm	(working copy)
@@ -1222,6 +1222,14 @@
     Net::SSLeay::CTX_set_tmp_rsa($ctx, $rsakey);
     Net::SSLeay::RSA_free($rsakey);
 
+=head2 Digests
+
+Some Digest functions are available if supported by the underlying
+library.  These may include MD2, MD4, MD5, and RIPEMD160:
+
+    $hash = Net::SSLeay::MD5($foo);
+    print unpack('H*', $hash);
+
 =head2 BIO interface
 
 Some BIO functions are available:
Index: Changes
===================================================================
--- Changes	(revision 255)
+++ Changes	(working copy)
@@ -331,4 +331,5 @@
 	- Fixed a typo reported by "Dan Dascalescu via RT"
 	- Improved OpenSSL detection on Win32/strawberry perl. Patch provided
 	by kmx.
+	- added RIPEMD160 digest function.  Patch provided by dkg.
 #EOF
Index: QuickRef
===================================================================
--- QuickRef	(revision 255)
+++ QuickRef	(working copy)
@@ -182,14 +182,20 @@
 
 
 #----------------------
-# MD5 - hashfunction
+# MD2, MD4, MD5, RIPEMD160 - hash functions
 #----------------------
 
 $hash = Net::SSLeay:MD5($data);
 	Computes md5 hash over $data. $hash is a binary string! Convert it to
 	a printable with $string = unpack("H32",Net::SSLeay::MD5($data));
+$hash = Net::SSLeay:RIPEMD160($data);
+	Computes RIPEMD160 hash over $data. $hash is a binary string! Convert it to
+	a printable with $string = unpack("H40",Net::SSLeay::RIPEMD160($data));
 
+Note that some digests may not be available, depending on the version
+of OpenSSL used.
 
+
 #----------------------
 # TCP-Connection hints
 #----------------------

signature.asc
Description: OpenPGP digital signature