aboutsummaryrefslogtreecommitdiffstats
path: root/libarchive
diff options
context:
space:
mode:
authorMartin Matuska <mm@FreeBSD.org>2020-01-05 01:30:41 +0000
committerMartin Matuska <mm@FreeBSD.org>2020-01-05 01:30:41 +0000
commitcbda686f2407316625c3baf89f5071f0118f030b (patch)
tree5a88a6e999fa83c9d6d22bf940b1483e6f99cd4f /libarchive
parentba770b4e70af88f6bd27e13d9966e865400ebd1a (diff)
downloadsrc-cbda686f2407316625c3baf89f5071f0118f030b.tar.gz
src-cbda686f2407316625c3baf89f5071f0118f030b.zip
Update vendor/libarchive/dist to git 5e270715b51d199467195b56f77e21cb8bb1d642
Relevant vendor changes: Issue #1302: Plug memory leak on failure of archive_write_client_open()
Notes
Notes: svn path=/vendor/libarchive/dist/; revision=356365
Diffstat (limited to 'libarchive')
-rw-r--r--libarchive/archive.h4
-rw-r--r--libarchive/archive_cryptor.c61
-rw-r--r--libarchive/archive_cryptor_private.h17
-rw-r--r--libarchive/archive_digest.c228
-rw-r--r--libarchive/archive_digest_private.h36
-rw-r--r--libarchive/archive_entry.h2
-rw-r--r--libarchive/archive_hmac.c47
-rw-r--r--libarchive/archive_hmac_private.h5
-rw-r--r--libarchive/archive_write.c35
9 files changed, 423 insertions, 12 deletions
diff --git a/libarchive/archive.h b/libarchive/archive.h
index 75d5f8eb966e..fe6dc63c8ea3 100644
--- a/libarchive/archive.h
+++ b/libarchive/archive.h
@@ -36,7 +36,7 @@
* assert that ARCHIVE_VERSION_NUMBER >= 2012108.
*/
/* Note: Compiler will complain if this does not match archive_entry.h! */
-#define ARCHIVE_VERSION_NUMBER 3004001
+#define ARCHIVE_VERSION_NUMBER 3004002
#include <sys/stat.h>
#include <stddef.h> /* for wchar_t */
@@ -155,7 +155,7 @@ __LA_DECL int archive_version_number(void);
/*
* Textual name/version of the library, useful for version displays.
*/
-#define ARCHIVE_VERSION_ONLY_STRING "3.4.1"
+#define ARCHIVE_VERSION_ONLY_STRING "3.4.2dev"
#define ARCHIVE_VERSION_STRING "libarchive " ARCHIVE_VERSION_ONLY_STRING
__LA_DECL const char * archive_version_string(void);
diff --git a/libarchive/archive_cryptor.c b/libarchive/archive_cryptor.c
index 74df5c405b08..769756d0b5ab 100644
--- a/libarchive/archive_cryptor.c
+++ b/libarchive/archive_cryptor.c
@@ -85,6 +85,35 @@ pbkdf2_sha1(const char *pw, size_t pw_len, const uint8_t *salt,
return (BCRYPT_SUCCESS(status)) ? 0: -1;
}
+#elif defined(HAVE_LIBMBEDCRYPTO) && defined(HAVE_MBEDTLS_PKCS5_H)
+
+static int
+pbkdf2_sha1(const char *pw, size_t pw_len, const uint8_t *salt,
+ size_t salt_len, unsigned rounds, uint8_t *derived_key,
+ size_t derived_key_len)
+{
+ mbedtls_md_context_t ctx;
+ const mbedtls_md_info_t *info;
+ int ret;
+
+ mbedtls_md_init(&ctx);
+ info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1);
+ if (info == NULL) {
+ mbedtls_md_free(&ctx);
+ return (-1);
+ }
+ ret = mbedtls_md_setup(&ctx, info, 1);
+ if (ret != 0) {
+ mbedtls_md_free(&ctx);
+ return (-1);
+ }
+ ret = mbedtls_pkcs5_pbkdf2_hmac(&ctx, (const unsigned char *)pw,
+ pw_len, salt, salt_len, rounds, derived_key_len, derived_key);
+
+ mbedtls_md_free(&ctx);
+ return (ret);
+}
+
#elif defined(HAVE_LIBNETTLE) && defined(HAVE_NETTLE_PBKDF2_H)
static int
@@ -269,6 +298,38 @@ aes_ctr_release(archive_crypto_ctx *ctx)
return 0;
}
+#elif defined(HAVE_LIBMBEDCRYPTO) && defined(HAVE_MBEDTLS_AES_H)
+static int
+aes_ctr_init(archive_crypto_ctx *ctx, const uint8_t *key, size_t key_len)
+{
+ mbedtls_aes_init(&ctx->ctx);
+ ctx->key_len = key_len;
+ memcpy(ctx->key, key, key_len);
+ memset(ctx->nonce, 0, sizeof(ctx->nonce));
+ ctx->encr_pos = AES_BLOCK_SIZE;
+ return 0;
+}
+
+static int
+aes_ctr_encrypt_counter(archive_crypto_ctx *ctx)
+{
+ if (mbedtls_aes_setkey_enc(&ctx->ctx, ctx->key,
+ ctx->key_len * 8) != 0)
+ return (-1);
+ if (mbedtls_aes_crypt_ecb(&ctx->ctx, MBEDTLS_AES_ENCRYPT, ctx->nonce,
+ ctx->encr_buf) != 0)
+ return (-1);
+ return 0;
+}
+
+static int
+aes_ctr_release(archive_crypto_ctx *ctx)
+{
+ mbedtls_aes_free(&ctx->ctx);
+ memset(ctx, 0, sizeof(*ctx));
+ return 0;
+}
+
#elif defined(HAVE_LIBNETTLE) && defined(HAVE_NETTLE_AES_H)
static int
diff --git a/libarchive/archive_cryptor_private.h b/libarchive/archive_cryptor_private.h
index b9759220df69..0063f3e00149 100644
--- a/libarchive/archive_cryptor_private.h
+++ b/libarchive/archive_cryptor_private.h
@@ -83,6 +83,23 @@ typedef struct {
unsigned encr_pos;
} archive_crypto_ctx;
+#elif defined(HAVE_LIBMBEDCRYPTO) && defined(HAVE_MBEDTLS_AES_H)
+#include <mbedtls/aes.h>
+#include <mbedtls/md.h>
+#include <mbedtls/pkcs5.h>
+
+#define AES_MAX_KEY_SIZE 32
+#define AES_BLOCK_SIZE 16
+
+typedef struct {
+ mbedtls_aes_context ctx;
+ uint8_t key[AES_MAX_KEY_SIZE];
+ unsigned key_len;
+ uint8_t nonce[AES_BLOCK_SIZE];
+ uint8_t encr_buf[AES_BLOCK_SIZE];
+ unsigned encr_pos;
+} archive_crypto_ctx;
+
#elif defined(HAVE_LIBNETTLE) && defined(HAVE_NETTLE_AES_H)
#if defined(HAVE_NETTLE_PBKDF2_H)
#include <nettle/pbkdf2.h>
diff --git a/libarchive/archive_digest.c b/libarchive/archive_digest.c
index 415392303145..34c58ac94942 100644
--- a/libarchive/archive_digest.c
+++ b/libarchive/archive_digest.c
@@ -178,6 +178,40 @@ __archive_libsystem_md5final(archive_md5_ctx *ctx, void *md)
return (ARCHIVE_OK);
}
+#elif defined(ARCHIVE_CRYPTO_MD5_MBEDTLS)
+
+static int
+__archive_mbedtls_md5init(archive_md5_ctx *ctx)
+{
+ mbedtls_md5_init(ctx);
+ if (mbedtls_md5_starts_ret(ctx) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_md5update(archive_md5_ctx *ctx, const void *indata,
+ size_t insize)
+{
+ if (mbedtls_md5_update_ret(ctx, indata, insize) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_md5final(archive_md5_ctx *ctx, void *md)
+{
+ if (mbedtls_md5_finish_ret(ctx, md) == 0) {
+ mbedtls_md5_free(ctx);
+ return (ARCHIVE_OK);
+ } else {
+ mbedtls_md5_free(ctx);
+ return (ARCHIVE_FATAL);
+ }
+}
+
#elif defined(ARCHIVE_CRYPTO_MD5_NETTLE)
static int
@@ -335,6 +369,40 @@ __archive_libmd_ripemd160final(archive_rmd160_ctx *ctx, void *md)
return (ARCHIVE_OK);
}
+#elif defined(ARCHIVE_CRYPTO_RMD160_MBEDTLS)
+
+static int
+__archive_mbedtls_ripemd160init(archive_rmd160_ctx *ctx)
+{
+ mbedtls_ripemd160_init(ctx);
+ if (mbedtls_ripemd160_starts_ret(ctx) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_ripemd160update(archive_rmd160_ctx *ctx, const void *indata,
+ size_t insize)
+{
+ if (mbedtls_ripemd160_update_ret(ctx, indata, insize) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_ripemd160final(archive_rmd160_ctx *ctx, void *md)
+{
+ if (mbedtls_ripemd160_finish_ret(ctx, md) == 0) {
+ mbedtls_ripemd160_free(ctx);
+ return (ARCHIVE_OK);
+ } else {
+ mbedtls_ripemd160_free(ctx);
+ return (ARCHIVE_FATAL);
+ }
+}
+
#elif defined(ARCHIVE_CRYPTO_RMD160_NETTLE)
static int
@@ -491,6 +559,40 @@ __archive_libsystem_sha1final(archive_sha1_ctx *ctx, void *md)
return (ARCHIVE_OK);
}
+#elif defined(ARCHIVE_CRYPTO_SHA1_MBEDTLS)
+
+static int
+__archive_mbedtls_sha1init(archive_sha1_ctx *ctx)
+{
+ mbedtls_sha1_init(ctx);
+ if (mbedtls_sha1_starts_ret(ctx) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_sha1update(archive_sha1_ctx *ctx, const void *indata,
+ size_t insize)
+{
+ if (mbedtls_sha1_update_ret(ctx, indata, insize) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_sha1final(archive_sha1_ctx *ctx, void *md)
+{
+ if (mbedtls_sha1_finish_ret(ctx, md) == 0) {
+ mbedtls_sha1_free(ctx);
+ return (ARCHIVE_OK);
+ } else {
+ mbedtls_sha1_free(ctx);
+ return (ARCHIVE_FATAL);
+ }
+}
+
#elif defined(ARCHIVE_CRYPTO_SHA1_NETTLE)
static int
@@ -720,6 +822,40 @@ __archive_libsystem_sha256final(archive_sha256_ctx *ctx, void *md)
return (ARCHIVE_OK);
}
+#elif defined(ARCHIVE_CRYPTO_SHA256_MBEDTLS)
+
+static int
+__archive_mbedtls_sha256init(archive_sha256_ctx *ctx)
+{
+ mbedtls_sha256_init(ctx);
+ if (mbedtls_sha256_starts_ret(ctx, 0) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_sha256update(archive_sha256_ctx *ctx, const void *indata,
+ size_t insize)
+{
+ if (mbedtls_sha256_update_ret(ctx, indata, insize) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_sha256final(archive_sha256_ctx *ctx, void *md)
+{
+ if (mbedtls_sha256_finish_ret(ctx, md) == 0) {
+ mbedtls_sha256_free(ctx);
+ return (ARCHIVE_OK);
+ } else {
+ mbedtls_sha256_free(ctx);
+ return (ARCHIVE_FATAL);
+ }
+}
+
#elif defined(ARCHIVE_CRYPTO_SHA256_NETTLE)
static int
@@ -921,6 +1057,40 @@ __archive_libsystem_sha384final(archive_sha384_ctx *ctx, void *md)
return (ARCHIVE_OK);
}
+#elif defined(ARCHIVE_CRYPTO_SHA384_MBEDTLS)
+
+static int
+__archive_mbedtls_sha384init(archive_sha384_ctx *ctx)
+{
+ mbedtls_sha512_init(ctx);
+ if (mbedtls_sha512_starts_ret(ctx, 1) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_sha384update(archive_sha384_ctx *ctx, const void *indata,
+ size_t insize)
+{
+ if (mbedtls_sha512_update_ret(ctx, indata, insize) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_sha384final(archive_sha384_ctx *ctx, void *md)
+{
+ if (mbedtls_sha512_finish_ret(ctx, md) == 0) {
+ mbedtls_sha512_free(ctx);
+ return (ARCHIVE_OK);
+ } else {
+ mbedtls_sha512_free(ctx);
+ return (ARCHIVE_FATAL);
+ }
+}
+
#elif defined(ARCHIVE_CRYPTO_SHA384_NETTLE)
static int
@@ -1146,6 +1316,40 @@ __archive_libsystem_sha512final(archive_sha512_ctx *ctx, void *md)
return (ARCHIVE_OK);
}
+#elif defined(ARCHIVE_CRYPTO_SHA512_MBEDTLS)
+
+static int
+__archive_mbedtls_sha512init(archive_sha512_ctx *ctx)
+{
+ mbedtls_sha512_init(ctx);
+ if (mbedtls_sha512_starts_ret(ctx, 0) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_sha512update(archive_sha512_ctx *ctx, const void *indata,
+ size_t insize)
+{
+ if (mbedtls_sha512_update_ret(ctx, indata, insize) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_sha512final(archive_sha512_ctx *ctx, void *md)
+{
+ if (mbedtls_sha512_finish_ret(ctx, md) == 0) {
+ mbedtls_sha512_free(ctx);
+ return (ARCHIVE_OK);
+ } else {
+ mbedtls_sha512_free(ctx);
+ return (ARCHIVE_FATAL);
+ }
+}
+
#elif defined(ARCHIVE_CRYPTO_SHA512_NETTLE)
static int
@@ -1276,6 +1480,10 @@ const struct archive_digest __archive_digest =
&__archive_libsystem_md5init,
&__archive_libsystem_md5update,
&__archive_libsystem_md5final,
+#elif defined(ARCHIVE_CRYPTO_MD5_MBEDTLS)
+ &__archive_mbedtls_md5init,
+ &__archive_mbedtls_md5update,
+ &__archive_mbedtls_md5final,
#elif defined(ARCHIVE_CRYPTO_MD5_NETTLE)
&__archive_nettle_md5init,
&__archive_nettle_md5update,
@@ -1303,6 +1511,10 @@ const struct archive_digest __archive_digest =
&__archive_libmd_ripemd160init,
&__archive_libmd_ripemd160update,
&__archive_libmd_ripemd160final,
+#elif defined(ARCHIVE_CRYPTO_RMD160_MBEDTLS)
+ &__archive_mbedtls_ripemd160init,
+ &__archive_mbedtls_ripemd160update,
+ &__archive_mbedtls_ripemd160final,
#elif defined(ARCHIVE_CRYPTO_RMD160_NETTLE)
&__archive_nettle_ripemd160init,
&__archive_nettle_ripemd160update,
@@ -1330,6 +1542,10 @@ const struct archive_digest __archive_digest =
&__archive_libsystem_sha1init,
&__archive_libsystem_sha1update,
&__archive_libsystem_sha1final,
+#elif defined(ARCHIVE_CRYPTO_SHA1_MBEDTLS)
+ &__archive_mbedtls_sha1init,
+ &__archive_mbedtls_sha1update,
+ &__archive_mbedtls_sha1final,
#elif defined(ARCHIVE_CRYPTO_SHA1_NETTLE)
&__archive_nettle_sha1init,
&__archive_nettle_sha1update,
@@ -1369,6 +1585,10 @@ const struct archive_digest __archive_digest =
&__archive_libsystem_sha256init,
&__archive_libsystem_sha256update,
&__archive_libsystem_sha256final,
+#elif defined(ARCHIVE_CRYPTO_SHA256_MBEDTLS)
+ &__archive_mbedtls_sha256init,
+ &__archive_mbedtls_sha256update,
+ &__archive_mbedtls_sha256final,
#elif defined(ARCHIVE_CRYPTO_SHA256_NETTLE)
&__archive_nettle_sha256init,
&__archive_nettle_sha256update,
@@ -1404,6 +1624,10 @@ const struct archive_digest __archive_digest =
&__archive_libsystem_sha384init,
&__archive_libsystem_sha384update,
&__archive_libsystem_sha384final,
+#elif defined(ARCHIVE_CRYPTO_SHA384_MBEDTLS)
+ &__archive_mbedtls_sha384init,
+ &__archive_mbedtls_sha384update,
+ &__archive_mbedtls_sha384final,
#elif defined(ARCHIVE_CRYPTO_SHA384_NETTLE)
&__archive_nettle_sha384init,
&__archive_nettle_sha384update,
@@ -1443,6 +1667,10 @@ const struct archive_digest __archive_digest =
&__archive_libsystem_sha512init,
&__archive_libsystem_sha512update,
&__archive_libsystem_sha512final
+#elif defined(ARCHIVE_CRYPTO_SHA512_MBEDTLS)
+ &__archive_mbedtls_sha512init,
+ &__archive_mbedtls_sha512update,
+ &__archive_mbedtls_sha512final
#elif defined(ARCHIVE_CRYPTO_SHA512_NETTLE)
&__archive_nettle_sha512init,
&__archive_nettle_sha512update,
diff --git a/libarchive/archive_digest_private.h b/libarchive/archive_digest_private.h
index b4fd6ca22527..2685b4a017db 100644
--- a/libarchive/archive_digest_private.h
+++ b/libarchive/archive_digest_private.h
@@ -112,6 +112,24 @@
#include <CommonCrypto/CommonDigest.h>
#endif
+/* mbed TLS crypto headers */
+#if defined(ARCHIVE_CRYPTO_MD5_MBEDTLS)
+#include <mbedtls/md5.h>
+#endif
+#if defined(ARCHIVE_CRYPTO_RMD160_MBEDTLS)
+#include <mbedtls/ripemd160.h>
+#endif
+#if defined(ARCHIVE_CRYPTO_SHA1_MBEDTLS)
+#include <mbedtls/sha1.h>
+#endif
+#if defined(ARCHIVE_CRYPTO_SHA256_MBEDTLS)
+#include <mbedtls/sha256.h>
+#endif
+#if defined(ARCHIVE_CRYPTO_SHA384_MBEDTLS) ||\
+ defined(ARCHIVE_CRYPTO_SHA512_MBEDTLS)
+#include <mbedtls/sha512.h>
+#endif
+
/* Nettle crypto headers */
#if defined(ARCHIVE_CRYPTO_MD5_NETTLE)
#include <nettle/md5.h>
@@ -159,6 +177,8 @@ typedef MD5_CTX archive_md5_ctx;
typedef MD5_CTX archive_md5_ctx;
#elif defined(ARCHIVE_CRYPTO_MD5_LIBSYSTEM)
typedef CC_MD5_CTX archive_md5_ctx;
+#elif defined(ARCHIVE_CRYPTO_MD5_MBEDTLS)
+typedef mbedtls_md5_context archive_md5_ctx;
#elif defined(ARCHIVE_CRYPTO_MD5_NETTLE)
typedef struct md5_ctx archive_md5_ctx;
#elif defined(ARCHIVE_CRYPTO_MD5_OPENSSL)
@@ -173,6 +193,8 @@ typedef unsigned char archive_md5_ctx;
typedef RMD160_CTX archive_rmd160_ctx;
#elif defined(ARCHIVE_CRYPTO_RMD160_LIBMD)
typedef RIPEMD160_CTX archive_rmd160_ctx;
+#elif defined(ARCHIVE_CRYPTO_RMD160_MBEDTLS)
+typedef mbedtls_ripemd160_context archive_rmd160_ctx;
#elif defined(ARCHIVE_CRYPTO_RMD160_NETTLE)
typedef struct ripemd160_ctx archive_rmd160_ctx;
#elif defined(ARCHIVE_CRYPTO_RMD160_OPENSSL)
@@ -187,6 +209,8 @@ typedef SHA1_CTX archive_sha1_ctx;
typedef SHA1_CTX archive_sha1_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA1_LIBSYSTEM)
typedef CC_SHA1_CTX archive_sha1_ctx;
+#elif defined(ARCHIVE_CRYPTO_SHA1_MBEDTLS)
+typedef mbedtls_sha1_context archive_sha1_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA1_NETTLE)
typedef struct sha1_ctx archive_sha1_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA1_OPENSSL)
@@ -207,6 +231,8 @@ typedef SHA2_CTX archive_sha256_ctx;
typedef SHA256_CTX archive_sha256_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA256_LIBSYSTEM)
typedef CC_SHA256_CTX archive_sha256_ctx;
+#elif defined(ARCHIVE_CRYPTO_SHA256_MBEDTLS)
+typedef mbedtls_sha256_context archive_sha256_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA256_NETTLE)
typedef struct sha256_ctx archive_sha256_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA256_OPENSSL)
@@ -225,6 +251,8 @@ typedef SHA384_CTX archive_sha384_ctx;
typedef SHA2_CTX archive_sha384_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA384_LIBSYSTEM)
typedef CC_SHA512_CTX archive_sha384_ctx;
+#elif defined(ARCHIVE_CRYPTO_SHA384_MBEDTLS)
+typedef mbedtls_sha512_context archive_sha384_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA384_NETTLE)
typedef struct sha384_ctx archive_sha384_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA384_OPENSSL)
@@ -245,6 +273,8 @@ typedef SHA2_CTX archive_sha512_ctx;
typedef SHA512_CTX archive_sha512_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA512_LIBSYSTEM)
typedef CC_SHA512_CTX archive_sha512_ctx;
+#elif defined(ARCHIVE_CRYPTO_SHA512_MBEDTLS)
+typedef mbedtls_sha512_context archive_sha512_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA512_NETTLE)
typedef struct sha512_ctx archive_sha512_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA512_OPENSSL)
@@ -259,6 +289,7 @@ typedef unsigned char archive_sha512_ctx;
#if defined(ARCHIVE_CRYPTO_MD5_LIBC) ||\
defined(ARCHIVE_CRYPTO_MD5_LIBMD) || \
defined(ARCHIVE_CRYPTO_MD5_LIBSYSTEM) ||\
+ defined(ARCHIVE_CRYPTO_MD5_MBEDTLS) ||\
defined(ARCHIVE_CRYPTO_MD5_NETTLE) ||\
defined(ARCHIVE_CRYPTO_MD5_OPENSSL) ||\
defined(ARCHIVE_CRYPTO_MD5_WIN)
@@ -272,6 +303,7 @@ typedef unsigned char archive_sha512_ctx;
__archive_digest.md5update(ctx, buf, n)
#if defined(ARCHIVE_CRYPTO_RMD160_LIBC) ||\
+ defined(ARCHIVE_CRYPTO_RMD160_MBEDTLS) ||\
defined(ARCHIVE_CRYPTO_RMD160_NETTLE) ||\
defined(ARCHIVE_CRYPTO_RMD160_OPENSSL)
#define ARCHIVE_HAS_RMD160
@@ -286,6 +318,7 @@ typedef unsigned char archive_sha512_ctx;
#if defined(ARCHIVE_CRYPTO_SHA1_LIBC) ||\
defined(ARCHIVE_CRYPTO_SHA1_LIBMD) || \
defined(ARCHIVE_CRYPTO_SHA1_LIBSYSTEM) ||\
+ defined(ARCHIVE_CRYPTO_SHA1_MBEDTLS) ||\
defined(ARCHIVE_CRYPTO_SHA1_NETTLE) ||\
defined(ARCHIVE_CRYPTO_SHA1_OPENSSL) ||\
defined(ARCHIVE_CRYPTO_SHA1_WIN)
@@ -303,6 +336,7 @@ typedef unsigned char archive_sha512_ctx;
defined(ARCHIVE_CRYPTO_SHA256_LIBC3) ||\
defined(ARCHIVE_CRYPTO_SHA256_LIBMD) ||\
defined(ARCHIVE_CRYPTO_SHA256_LIBSYSTEM) ||\
+ defined(ARCHIVE_CRYPTO_SHA256_MBEDTLS) ||\
defined(ARCHIVE_CRYPTO_SHA256_NETTLE) ||\
defined(ARCHIVE_CRYPTO_SHA256_OPENSSL) ||\
defined(ARCHIVE_CRYPTO_SHA256_WIN)
@@ -319,6 +353,7 @@ typedef unsigned char archive_sha512_ctx;
defined(ARCHIVE_CRYPTO_SHA384_LIBC2) ||\
defined(ARCHIVE_CRYPTO_SHA384_LIBC3) ||\
defined(ARCHIVE_CRYPTO_SHA384_LIBSYSTEM) ||\
+ defined(ARCHIVE_CRYPTO_SHA384_MBEDTLS) ||\
defined(ARCHIVE_CRYPTO_SHA384_NETTLE) ||\
defined(ARCHIVE_CRYPTO_SHA384_OPENSSL) ||\
defined(ARCHIVE_CRYPTO_SHA384_WIN)
@@ -336,6 +371,7 @@ typedef unsigned char archive_sha512_ctx;
defined(ARCHIVE_CRYPTO_SHA512_LIBC3) ||\
defined(ARCHIVE_CRYPTO_SHA512_LIBMD) ||\
defined(ARCHIVE_CRYPTO_SHA512_LIBSYSTEM) ||\
+ defined(ARCHIVE_CRYPTO_SHA512_MBEDTLS) ||\
defined(ARCHIVE_CRYPTO_SHA512_NETTLE) ||\
defined(ARCHIVE_CRYPTO_SHA512_OPENSSL) ||\
defined(ARCHIVE_CRYPTO_SHA512_WIN)
diff --git a/libarchive/archive_entry.h b/libarchive/archive_entry.h
index b7b3498a2035..42af20864f7e 100644
--- a/libarchive/archive_entry.h
+++ b/libarchive/archive_entry.h
@@ -30,7 +30,7 @@
#define ARCHIVE_ENTRY_H_INCLUDED
/* Note: Compiler will complain if this does not match archive.h! */
-#define ARCHIVE_VERSION_NUMBER 3004001
+#define ARCHIVE_VERSION_NUMBER 3004002
/*
* Note: archive_entry.h is for use outside of libarchive; the
diff --git a/libarchive/archive_hmac.c b/libarchive/archive_hmac.c
index 7c626df6e1f1..68f2bb55dc04 100644
--- a/libarchive/archive_hmac.c
+++ b/libarchive/archive_hmac.c
@@ -150,6 +150,52 @@ __hmac_sha1_cleanup(archive_hmac_sha1_ctx *ctx)
}
}
+#elif defined(HAVE_LIBMBEDCRYPTO) && defined(HAVE_MBEDTLS_MD_H)
+static int
+__hmac_sha1_init(archive_hmac_sha1_ctx *ctx, const uint8_t *key, size_t key_len)
+{
+ const mbedtls_md_info_t *info;
+ int ret;
+
+ mbedtls_md_init(ctx);
+ info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1);
+ if (info == NULL) {
+ mbedtls_md_free(ctx);
+ return (-1);
+ }
+ ret = mbedtls_md_setup(ctx, info, 1);
+ if (ret != 0) {
+ mbedtls_md_free(ctx);
+ return (-1);
+ }
+ ret = mbedtls_md_hmac_starts(ctx, key, key_len);
+ if (ret != 0) {
+ mbedtls_md_free(ctx);
+ return (-1);
+ }
+ return 0;
+}
+
+static void
+__hmac_sha1_update(archive_hmac_sha1_ctx *ctx, const uint8_t *data,
+ size_t data_len)
+{
+ mbedtls_md_hmac_update(ctx, data, data_len);
+}
+
+static void __hmac_sha1_final(archive_hmac_sha1_ctx *ctx, uint8_t *out, size_t *out_len)
+{
+ (void)out_len; /* UNUSED */
+
+ mbedtls_md_hmac_finish(ctx, out);
+}
+
+static void __hmac_sha1_cleanup(archive_hmac_sha1_ctx *ctx)
+{
+ mbedtls_md_free(ctx);
+ memset(ctx, 0, sizeof(*ctx));
+}
+
#elif defined(HAVE_LIBNETTLE) && defined(HAVE_NETTLE_HMAC_H)
static int
@@ -201,6 +247,7 @@ static void
__hmac_sha1_final(archive_hmac_sha1_ctx *ctx, uint8_t *out, size_t *out_len)
{
unsigned int len = (unsigned int)*out_len;
+
HMAC_Final(*ctx, out, &len);
*out_len = len;
}
diff --git a/libarchive/archive_hmac_private.h b/libarchive/archive_hmac_private.h
index eb45c4ef21bc..b7b365c7ad42 100644
--- a/libarchive/archive_hmac_private.h
+++ b/libarchive/archive_hmac_private.h
@@ -64,6 +64,11 @@ typedef struct {
} archive_hmac_sha1_ctx;
+#elif defined(HAVE_LIBMBEDCRYPTO) && defined(HAVE_MBEDTLS_MD_H)
+#include <mbedtls/md.h>
+
+typedef mbedtls_md_context_t archive_hmac_sha1_ctx;
+
#elif defined(HAVE_LIBNETTLE) && defined(HAVE_NETTLE_HMAC_H)
#include <nettle/hmac.h>
diff --git a/libarchive/archive_write.c b/libarchive/archive_write.c
index e7a973ae41a7..afa26b8ea0ed 100644
--- a/libarchive/archive_write.c
+++ b/libarchive/archive_write.c
@@ -449,6 +449,30 @@ archive_write_client_write(struct archive_write_filter *f,
}
static int
+archive_write_client_free(struct archive_write_filter *f)
+{
+ struct archive_write *a = (struct archive_write *)f->archive;
+ struct archive_none *state = (struct archive_none *)f->data;
+
+ if (state != NULL) {
+ free(state->buffer);
+ free(state);
+ state = NULL;
+ }
+
+ a->client_data = NULL;
+ /* Clear passphrase. */
+ if (a->passphrase != NULL) {
+ memset(a->passphrase, 0, strlen(a->passphrase));
+ free(a->passphrase);
+ a->passphrase = NULL;
+ }
+
+ return (ARCHIVE_OK);
+}
+
+
+static int
archive_write_client_close(struct archive_write_filter *f)
{
struct archive_write *a = (struct archive_write *)f->archive;
@@ -484,17 +508,9 @@ archive_write_client_close(struct archive_write_filter *f)
}
if (a->client_closer)
(*a->client_closer)(&a->archive, a->client_data);
- free(state->buffer);
- free(state);
+
/* Clear the close handler myself not to be called again. */
f->state = ARCHIVE_WRITE_FILTER_STATE_CLOSED;
- a->client_data = NULL;
- /* Clear passphrase. */
- if (a->passphrase != NULL) {
- memset(a->passphrase, 0, strlen(a->passphrase));
- free(a->passphrase);
- a->passphrase = NULL;
- }
return (ret);
}
@@ -523,6 +539,7 @@ archive_write_open(struct archive *_a, void *client_data,
client_filter->open = archive_write_client_open;
client_filter->write = archive_write_client_write;
client_filter->close = archive_write_client_close;
+ client_filter->free = archive_write_client_free;
ret = __archive_write_filters_open(a);
if (ret < ARCHIVE_WARN) {