Commit 002e11a1 authored by Daniel Salzman's avatar Daniel Salzman

dnssec: remove explicit dependency on Nettle

parent 694e1b27
......@@ -111,12 +111,11 @@ AS_IF([test "$enable_fastparser" = "force"],[enable_fastparser=yes])
AM_CONDITIONAL([FAST_PARSER], [test "$enable_fastparser" = "yes"])
# GnuTLS crypto backend
PKG_CHECK_MODULES([gnutls], [gnutls >= 3.3 nettle], [
PKG_CHECK_MODULES([gnutls], [gnutls >= 3.3], [
save_CFLAGS=$CFLAGS
save_LIBS=$LIBS
CFLAGS="$CFLAGS $gnutls_CFLAGS"
LIBS="$LIBS $gnutls_LIBS"
AC_CHECK_HEADERS([nettle/version.h])
AC_CHECK_FUNC([gnutls_pkcs11_copy_pubkey], [enable_pkcs11=yes], [enable_pkcs11=no])
AS_IF([test "$enable_pkcs11" = yes],
......
......@@ -10,7 +10,6 @@ RUN yum -y install \
'lmdb-devel' \
'pkgconfig' \
'pkgconfig(gnutls)' \
'pkgconfig(jansson)' \
'pkgconfig(libcap-ng)' \
'pkgconfig(libedit)' \
'pkgconfig(libfstrm)' \
......@@ -18,6 +17,5 @@ RUN yum -y install \
'pkgconfig(libprotobuf-c)' \
'pkgconfig(libsystemd)' \
'pkgconfig(liburcu)' \
'pkgconfig(nettle)' \
'python-sphinx' \
'systemd'
......@@ -9,7 +9,6 @@ RUN dnf -y install \
'lmdb-devel' \
'pkgconfig' \
'pkgconfig(gnutls)' \
'pkgconfig(jansson)' \
'pkgconfig(libcap-ng)' \
'pkgconfig(libedit)' \
'pkgconfig(libfstrm)' \
......@@ -17,5 +16,4 @@ RUN dnf -y install \
'pkgconfig(libprotobuf-c)' \
'pkgconfig(libsystemd)' \
'pkgconfig(liburcu)' \
'pkgconfig(nettle)' \
'python-sphinx'
/* Copyright (C) 2014 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
/* Copyright (C) 2018 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
......@@ -16,38 +16,11 @@
#include <assert.h>
#include <string.h>
#include <nettle/base64.h>
#ifdef HAVE_NETTLE_VERSION_H
#include <nettle/version.h>
#endif
#include "binary.h"
#include "error.h"
#include "shared.h"
#if NETTLE_VERSION_MAJOR >= 3
typedef size_t nettle_len;
#else
typedef unsigned nettle_len;
#endif
static size_t base64_decode_raw(const uint8_t *src, size_t src_len,
uint8_t *dst, size_t dst_max_size)
{
assert(src);
assert(dst);
struct base64_decode_ctx ctx;
base64_decode_init(&ctx);
nettle_len dst_size = dst_max_size;
int result = nettle_base64_decode_update(&ctx, &dst_size, dst, src_len, src);
if (result != 1) {
return 0;
}
return dst_size;
}
#include "../contrib/base64.c"
/* -- public API ----------------------------------------------------------- */
......@@ -157,26 +130,14 @@ int dnssec_binary_from_base64(const dnssec_binary_t *base64,
return DNSSEC_EINVAL;
}
if (base64->size == 0) {
clear_struct(binary);
return DNSSEC_EOK;
}
size_t raw_size = BASE64_DECODE_LENGTH(base64->size);
uint8_t *raw = malloc(raw_size);
if (raw == NULL) {
return DNSSEC_ENOMEM;
}
size_t real_size = base64_decode_raw(base64->data, base64->size,
raw, raw_size);
if (real_size == 0) {
free(raw);
uint8_t *data;
int32_t size = base64_decode_alloc(base64->data, base64->size, &data);
if (size < 0) {
return DNSSEC_EINVAL;
}
binary->data = raw;
binary->size = real_size;
binary->data = data;
binary->size = size;
return DNSSEC_EOK;
}
......@@ -189,13 +150,14 @@ int dnssec_binary_to_base64(const dnssec_binary_t *binary,
return DNSSEC_EINVAL;
}
size_t base64_size = BASE64_ENCODE_RAW_LENGTH(binary->size);
int r = dnssec_binary_resize(base64, base64_size);
if (r != DNSSEC_EOK) {
return r;
uint8_t *data;
int32_t size = base64_encode_alloc(binary->data, binary->size, &data);
if (size < 0) {
return DNSSEC_EINVAL;
}
base64_encode_raw(base64->data, binary->size, binary->data);
base64->data = data;
base64->size = size;
return DNSSEC_EOK;
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment