diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/acquire-item.cc apt-0.5.15lorg3.95.git416/apt-pkg/acquire-item.cc --- apt-0.5.15lorg3.95.git416.old/apt-pkg/acquire-item.cc 2008-11-11 18:23:44.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/apt-pkg/acquire-item.cc 2009-09-14 02:54:18.000000000 +0300 @@ -24,6 +24,7 @@ #include #include #include +#include #include #include #include @@ -87,6 +88,17 @@ bool VerifyChecksums(string File,unsigne cout << "SHASum of "<FindB("Acquire::Verbose", false) == true) + cout << "SHA256Sum of "<ChecksumType(); if (Index->ChecksumType() == "SHA1-Hash") { MD5 = Parse.SHA1Hash(); + } else if (Index->ChecksumType() == "SHA256-Hash") { + MD5 = Parse.SHA256Hash(); } else { MD5 = Parse.MD5Hash(); } diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/acquire-method.cc apt-0.5.15lorg3.95.git416/apt-pkg/acquire-method.cc --- apt-0.5.15lorg3.95.git416.old/apt-pkg/acquire-method.cc 2008-11-11 18:23:44.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/apt-pkg/acquire-method.cc 2009-09-14 02:58:26.000000000 +0300 @@ -180,6 +180,8 @@ void pkgAcqMethod::URIDone(FetchResult & s << "MD5-Hash: " << Res.MD5Sum << "\n"; if (Res.SHA1Sum.empty() == false) s << "SHA1-Hash: " << Res.SHA1Sum << "\n"; + if (Res.SHA256Sum.empty() == false) + s << "SHA256-Hash: " << Res.SHA256Sum << "\n"; // CNC:2002-07-04 if (Res.SignatureFP.empty() == false) @@ -206,6 +208,8 @@ void pkgAcqMethod::URIDone(FetchResult & s << "Alt-MD5-Hash: " << Alt->MD5Sum << "\n"; if (Alt->SHA1Sum.empty() == false) s << "Alt-SHA1-Hash: " << Alt->SHA1Sum << "\n"; + if (Alt->SHA256Sum.empty() == false) + s << "Alt-SHA256-Hash: " << Alt->SHA256Sum << "\n"; if (Alt->IMSHit == true) s << "Alt-IMS-Hit: true\n"; @@ -561,6 +565,7 @@ void pkgAcqMethod::FetchResult::TakeHash { MD5Sum = Hash.MD5.Result(); SHA1Sum = Hash.SHA1.Result(); + SHA256Sum = Hash.SHA256.Result(); } /*}}}*/ // vim:sts=3:sw=3 diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/acquire-method.h apt-0.5.15lorg3.95.git416/apt-pkg/acquire-method.h --- apt-0.5.15lorg3.95.git416.old/apt-pkg/acquire-method.h 2008-11-11 18:23:44.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/apt-pkg/acquire-method.h 2009-09-14 03:40:16.000000000 +0300 @@ -38,6 +38,7 @@ class pkgAcqMethod { string MD5Sum; string SHA1Sum; + string SHA256Sum; // CNC:2002-07-03 string SignatureFP; time_t LastModified; diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/contrib/hashes.cc apt-0.5.15lorg3.95.git416/apt-pkg/contrib/hashes.cc --- apt-0.5.15lorg3.95.git416.old/apt-pkg/contrib/hashes.cc 2008-11-11 18:23:44.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/apt-pkg/contrib/hashes.cc 2009-09-14 02:49:11.000000000 +0300 @@ -33,6 +33,7 @@ bool Hashes::AddFD(int Fd,unsigned long Size -= Res; MD5.Add(Buf,Res); SHA1.Add(Buf,Res); + SHA256.Add(Buf,Res); } return true; } diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/contrib/hashes.h apt-0.5.15lorg3.95.git416/apt-pkg/contrib/hashes.h --- apt-0.5.15lorg3.95.git416.old/apt-pkg/contrib/hashes.h 2008-11-11 18:23:44.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/apt-pkg/contrib/hashes.h 2009-09-14 02:48:43.000000000 +0300 @@ -15,6 +15,7 @@ #include #include +#include class Hashes { @@ -22,10 +23,11 @@ class Hashes MD5Summation MD5; SHA1Summation SHA1; + SHA256Summation SHA256; inline bool Add(const unsigned char *Data,unsigned long Size) { - return MD5.Add(Data,Size) && SHA1.Add(Data,Size); + return MD5.Add(Data,Size) && SHA1.Add(Data,Size) && SHA256.Add(Data,Size); } inline bool Add(const char *Data) {return Add((unsigned char *)Data,strlen(Data));} bool AddFD(int Fd,unsigned long Size); diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/contrib/sha256.cc apt-0.5.15lorg3.95.git416/apt-pkg/contrib/sha256.cc --- apt-0.5.15lorg3.95.git416.old/apt-pkg/contrib/sha256.cc 1970-01-01 03:00:00.000000000 +0300 +++ apt-0.5.15lorg3.95.git416/apt-pkg/contrib/sha256.cc 2009-08-28 23:27:50.000000000 +0300 @@ -0,0 +1,424 @@ +/* + * Cryptographic API. {{{ + * + * SHA-256, as specified in + * http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf + * + * SHA-256 code by Jean-Luc Cooke . + * + * Copyright (c) Jean-Luc Cooke + * Copyright (c) Andrew McDonald + * Copyright (c) 2002 James Morris + * + * Ported from the Linux kernel to Apt by Anthony Towns + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + */ /*}}}*/ + +#ifdef __GNUG__ +#pragma implementation "apt-pkg/sha256.h" +#endif + + +#define SHA256_DIGEST_SIZE 32 +#define SHA256_HMAC_BLOCK_SIZE 64 + +#define ror32(value,bits) (((value) >> (bits)) | ((value) << (32 - (bits)))) + +#include +#include +#include +#include +#include +#include +#include +#include + +typedef uint32_t u32; +typedef uint8_t u8; + +static inline u32 Ch(u32 x, u32 y, u32 z) +{ + return z ^ (x & (y ^ z)); +} + +static inline u32 Maj(u32 x, u32 y, u32 z) +{ + return (x & y) | (z & (x | y)); +} + +#define e0(x) (ror32(x, 2) ^ ror32(x,13) ^ ror32(x,22)) +#define e1(x) (ror32(x, 6) ^ ror32(x,11) ^ ror32(x,25)) +#define s0(x) (ror32(x, 7) ^ ror32(x,18) ^ (x >> 3)) +#define s1(x) (ror32(x,17) ^ ror32(x,19) ^ (x >> 10)) + +#define H0 0x6a09e667 +#define H1 0xbb67ae85 +#define H2 0x3c6ef372 +#define H3 0xa54ff53a +#define H4 0x510e527f +#define H5 0x9b05688c +#define H6 0x1f83d9ab +#define H7 0x5be0cd19 + +static inline void LOAD_OP(int I, u32 *W, const u8 *input) /*{{{*/ +{ + W[I] = ( ((u32) input[I * 4 + 0] << 24) + | ((u32) input[I * 4 + 1] << 16) + | ((u32) input[I * 4 + 2] << 8) + | ((u32) input[I * 4 + 3])); +} + /*}}}*/ +static inline void BLEND_OP(int I, u32 *W) +{ + W[I] = s1(W[I-2]) + W[I-7] + s0(W[I-15]) + W[I-16]; +} + +static void sha256_transform(u32 *state, const u8 *input) /*{{{*/ +{ + u32 a, b, c, d, e, f, g, h, t1, t2; + u32 W[64]; + int i; + + /* load the input */ + for (i = 0; i < 16; i++) + LOAD_OP(i, W, input); + + /* now blend */ + for (i = 16; i < 64; i++) + BLEND_OP(i, W); + + /* load the state into our registers */ + a=state[0]; b=state[1]; c=state[2]; d=state[3]; + e=state[4]; f=state[5]; g=state[6]; h=state[7]; + + /* now iterate */ + t1 = h + e1(e) + Ch(e,f,g) + 0x428a2f98 + W[ 0]; + t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; + t1 = g + e1(d) + Ch(d,e,f) + 0x71374491 + W[ 1]; + t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; + t1 = f + e1(c) + Ch(c,d,e) + 0xb5c0fbcf + W[ 2]; + t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; + t1 = e + e1(b) + Ch(b,c,d) + 0xe9b5dba5 + W[ 3]; + t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; + t1 = d + e1(a) + Ch(a,b,c) + 0x3956c25b + W[ 4]; + t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; + t1 = c + e1(h) + Ch(h,a,b) + 0x59f111f1 + W[ 5]; + t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; + t1 = b + e1(g) + Ch(g,h,a) + 0x923f82a4 + W[ 6]; + t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; + t1 = a + e1(f) + Ch(f,g,h) + 0xab1c5ed5 + W[ 7]; + t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; + + t1 = h + e1(e) + Ch(e,f,g) + 0xd807aa98 + W[ 8]; + t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; + t1 = g + e1(d) + Ch(d,e,f) + 0x12835b01 + W[ 9]; + t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; + t1 = f + e1(c) + Ch(c,d,e) + 0x243185be + W[10]; + t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; + t1 = e + e1(b) + Ch(b,c,d) + 0x550c7dc3 + W[11]; + t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; + t1 = d + e1(a) + Ch(a,b,c) + 0x72be5d74 + W[12]; + t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; + t1 = c + e1(h) + Ch(h,a,b) + 0x80deb1fe + W[13]; + t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; + t1 = b + e1(g) + Ch(g,h,a) + 0x9bdc06a7 + W[14]; + t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; + t1 = a + e1(f) + Ch(f,g,h) + 0xc19bf174 + W[15]; + t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; + + t1 = h + e1(e) + Ch(e,f,g) + 0xe49b69c1 + W[16]; + t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; + t1 = g + e1(d) + Ch(d,e,f) + 0xefbe4786 + W[17]; + t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; + t1 = f + e1(c) + Ch(c,d,e) + 0x0fc19dc6 + W[18]; + t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; + t1 = e + e1(b) + Ch(b,c,d) + 0x240ca1cc + W[19]; + t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; + t1 = d + e1(a) + Ch(a,b,c) + 0x2de92c6f + W[20]; + t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; + t1 = c + e1(h) + Ch(h,a,b) + 0x4a7484aa + W[21]; + t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; + t1 = b + e1(g) + Ch(g,h,a) + 0x5cb0a9dc + W[22]; + t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; + t1 = a + e1(f) + Ch(f,g,h) + 0x76f988da + W[23]; + t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; + + t1 = h + e1(e) + Ch(e,f,g) + 0x983e5152 + W[24]; + t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; + t1 = g + e1(d) + Ch(d,e,f) + 0xa831c66d + W[25]; + t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; + t1 = f + e1(c) + Ch(c,d,e) + 0xb00327c8 + W[26]; + t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; + t1 = e + e1(b) + Ch(b,c,d) + 0xbf597fc7 + W[27]; + t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; + t1 = d + e1(a) + Ch(a,b,c) + 0xc6e00bf3 + W[28]; + t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; + t1 = c + e1(h) + Ch(h,a,b) + 0xd5a79147 + W[29]; + t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; + t1 = b + e1(g) + Ch(g,h,a) + 0x06ca6351 + W[30]; + t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; + t1 = a + e1(f) + Ch(f,g,h) + 0x14292967 + W[31]; + t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; + + t1 = h + e1(e) + Ch(e,f,g) + 0x27b70a85 + W[32]; + t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; + t1 = g + e1(d) + Ch(d,e,f) + 0x2e1b2138 + W[33]; + t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; + t1 = f + e1(c) + Ch(c,d,e) + 0x4d2c6dfc + W[34]; + t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; + t1 = e + e1(b) + Ch(b,c,d) + 0x53380d13 + W[35]; + t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; + t1 = d + e1(a) + Ch(a,b,c) + 0x650a7354 + W[36]; + t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; + t1 = c + e1(h) + Ch(h,a,b) + 0x766a0abb + W[37]; + t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; + t1 = b + e1(g) + Ch(g,h,a) + 0x81c2c92e + W[38]; + t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; + t1 = a + e1(f) + Ch(f,g,h) + 0x92722c85 + W[39]; + t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; + + t1 = h + e1(e) + Ch(e,f,g) + 0xa2bfe8a1 + W[40]; + t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; + t1 = g + e1(d) + Ch(d,e,f) + 0xa81a664b + W[41]; + t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; + t1 = f + e1(c) + Ch(c,d,e) + 0xc24b8b70 + W[42]; + t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; + t1 = e + e1(b) + Ch(b,c,d) + 0xc76c51a3 + W[43]; + t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; + t1 = d + e1(a) + Ch(a,b,c) + 0xd192e819 + W[44]; + t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; + t1 = c + e1(h) + Ch(h,a,b) + 0xd6990624 + W[45]; + t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; + t1 = b + e1(g) + Ch(g,h,a) + 0xf40e3585 + W[46]; + t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; + t1 = a + e1(f) + Ch(f,g,h) + 0x106aa070 + W[47]; + t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; + + t1 = h + e1(e) + Ch(e,f,g) + 0x19a4c116 + W[48]; + t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; + t1 = g + e1(d) + Ch(d,e,f) + 0x1e376c08 + W[49]; + t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; + t1 = f + e1(c) + Ch(c,d,e) + 0x2748774c + W[50]; + t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; + t1 = e + e1(b) + Ch(b,c,d) + 0x34b0bcb5 + W[51]; + t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; + t1 = d + e1(a) + Ch(a,b,c) + 0x391c0cb3 + W[52]; + t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; + t1 = c + e1(h) + Ch(h,a,b) + 0x4ed8aa4a + W[53]; + t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; + t1 = b + e1(g) + Ch(g,h,a) + 0x5b9cca4f + W[54]; + t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; + t1 = a + e1(f) + Ch(f,g,h) + 0x682e6ff3 + W[55]; + t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; + + t1 = h + e1(e) + Ch(e,f,g) + 0x748f82ee + W[56]; + t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; + t1 = g + e1(d) + Ch(d,e,f) + 0x78a5636f + W[57]; + t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; + t1 = f + e1(c) + Ch(c,d,e) + 0x84c87814 + W[58]; + t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; + t1 = e + e1(b) + Ch(b,c,d) + 0x8cc70208 + W[59]; + t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; + t1 = d + e1(a) + Ch(a,b,c) + 0x90befffa + W[60]; + t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; + t1 = c + e1(h) + Ch(h,a,b) + 0xa4506ceb + W[61]; + t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; + t1 = b + e1(g) + Ch(g,h,a) + 0xbef9a3f7 + W[62]; + t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; + t1 = a + e1(f) + Ch(f,g,h) + 0xc67178f2 + W[63]; + t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; + + state[0] += a; state[1] += b; state[2] += c; state[3] += d; + state[4] += e; state[5] += f; state[6] += g; state[7] += h; + + /* clear any sensitive info... */ + a = b = c = d = e = f = g = h = t1 = t2 = 0; + memset(W, 0, 64 * sizeof(u32)); +} + /*}}}*/ +SHA256Summation::SHA256Summation() /*{{{*/ +{ + Sum.state[0] = H0; + Sum.state[1] = H1; + Sum.state[2] = H2; + Sum.state[3] = H3; + Sum.state[4] = H4; + Sum.state[5] = H5; + Sum.state[6] = H6; + Sum.state[7] = H7; + Sum.count[0] = Sum.count[1] = 0; + memset(Sum.buf, 0, sizeof(Sum.buf)); + Done = false; +} + /*}}}*/ +bool SHA256Summation::Add(const u8 *data, unsigned long len) /*{{{*/ +{ + struct sha256_ctx *sctx = ∑ + unsigned int i, index, part_len; + + if (Done) return false; + + /* Compute number of bytes mod 128 */ + index = (unsigned int)((sctx->count[0] >> 3) & 0x3f); + + /* Update number of bits */ + if ((sctx->count[0] += (len << 3)) < (len << 3)) { + sctx->count[1]++; + sctx->count[1] += (len >> 29); + } + + part_len = 64 - index; + + /* Transform as many times as possible. */ + if (len >= part_len) { + memcpy(&sctx->buf[index], data, part_len); + sha256_transform(sctx->state, sctx->buf); + + for (i = part_len; i + 63 < len; i += 64) + sha256_transform(sctx->state, &data[i]); + index = 0; + } else { + i = 0; + } + + /* Buffer remaining input */ + memcpy(&sctx->buf[index], &data[i], len-i); + + return true; +} + /*}}}*/ +SHA256SumValue SHA256Summation::Result() /*{{{*/ +{ + struct sha256_ctx *sctx = ∑ + if (!Done) { + u8 bits[8]; + unsigned int index, pad_len, t; + static const u8 padding[64] = { 0x80, }; + + /* Save number of bits */ + t = sctx->count[0]; + bits[7] = t; t >>= 8; + bits[6] = t; t >>= 8; + bits[5] = t; t >>= 8; + bits[4] = t; + t = sctx->count[1]; + bits[3] = t; t >>= 8; + bits[2] = t; t >>= 8; + bits[1] = t; t >>= 8; + bits[0] = t; + + /* Pad out to 56 mod 64. */ + index = (sctx->count[0] >> 3) & 0x3f; + pad_len = (index < 56) ? (56 - index) : ((64+56) - index); + Add(padding, pad_len); + + /* Append length (before padding) */ + Add(bits, 8); + } + + Done = true; + + /* Store state in digest */ + + SHA256SumValue res; + u8 *out = res.Sum; + + int i, j; + unsigned int t; + for (i = j = 0; i < 8; i++, j += 4) { + t = sctx->state[i]; + out[j+3] = t; t >>= 8; + out[j+2] = t; t >>= 8; + out[j+1] = t; t >>= 8; + out[j ] = t; + } + + return res; +} + /*}}}*/ +// SHA256SumValue::SHA256SumValue - Constructs the sum from a string /*{{{*/ +// --------------------------------------------------------------------- +/* The string form of a SHA256 is a 64 character hex number */ +SHA256SumValue::SHA256SumValue(string Str) +{ + memset(Sum,0,sizeof(Sum)); + Set(Str); +} + /*}}}*/ +// SHA256SumValue::SHA256SumValue - Default constructor /*{{{*/ +// --------------------------------------------------------------------- +/* Sets the value to 0 */ +SHA256SumValue::SHA256SumValue() +{ + memset(Sum,0,sizeof(Sum)); +} + /*}}}*/ +// SHA256SumValue::Set - Set the sum from a string /*{{{*/ +// --------------------------------------------------------------------- +/* Converts the hex string into a set of chars */ +bool SHA256SumValue::Set(string Str) +{ + return Hex2Num(Str,Sum,sizeof(Sum)); +} + /*}}}*/ +// SHA256SumValue::Value - Convert the number into a string /*{{{*/ +// --------------------------------------------------------------------- +/* Converts the set of chars into a hex string in lower case */ +string SHA256SumValue::Value() const +{ + char Conv[16] = + { '0','1','2','3','4','5','6','7','8','9','a','b', + 'c','d','e','f' + }; + char Result[65]; + Result[64] = 0; + + // Convert each char into two letters + int J = 0; + int I = 0; + for (; I != 64; J++,I += 2) + { + Result[I] = Conv[Sum[J] >> 4]; + Result[I + 1] = Conv[Sum[J] & 0xF]; + } + + return string(Result); +} + /*}}}*/ +// SHA256SumValue::operator == - Comparator /*{{{*/ +// --------------------------------------------------------------------- +/* Call memcmp on the buffer */ +bool SHA256SumValue::operator == (const SHA256SumValue & rhs) const +{ + return memcmp(Sum,rhs.Sum,sizeof(Sum)) == 0; +} + /*}}}*/ +// SHA256Summation::AddFD - Add content of file into the checksum /*{{{*/ +// --------------------------------------------------------------------- +/* */ +bool SHA256Summation::AddFD(int Fd,unsigned long Size) +{ + unsigned char Buf[64 * 64]; + int Res = 0; + int ToEOF = (Size == 0); + while (Size != 0 || ToEOF) + { + unsigned n = sizeof(Buf); + if (!ToEOF) n = min(Size,(unsigned long)n); + Res = read(Fd,Buf,n); + if (Res < 0 || (!ToEOF && (unsigned) Res != n)) // error, or short read + return false; + if (ToEOF && Res == 0) // EOF + break; + Size -= Res; + Add(Buf,Res); + } + return true; +} + /*}}}*/ + diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/contrib/sha256.h apt-0.5.15lorg3.95.git416/apt-pkg/contrib/sha256.h --- apt-0.5.15lorg3.95.git416.old/apt-pkg/contrib/sha256.h 1970-01-01 03:00:00.000000000 +0300 +++ apt-0.5.15lorg3.95.git416/apt-pkg/contrib/sha256.h 2009-08-28 23:27:50.000000000 +0300 @@ -0,0 +1,72 @@ +// -*- mode: cpp; mode: fold -*- +// Description /*{{{*/ +// $Id: sha1.h,v 1.3 2001/05/07 05:05:47 jgg Exp $ +/* ###################################################################### + + SHA256SumValue - Storage for a SHA-256 hash. + SHA256Summation - SHA-256 Secure Hash Algorithm. + + This is a C++ interface to a set of SHA256Sum functions, that mirrors + the equivalent MD5 & SHA1 classes. + + ##################################################################### */ + /*}}}*/ +#ifndef APTPKG_SHA256_H +#define APTPKG_SHA256_H + +#include +#include +#include +#include + +using std::string; +using std::min; + +class SHA256Summation; + +class SHA256SumValue +{ + friend class SHA256Summation; + unsigned char Sum[32]; + + public: + + // Accessors + bool operator ==(const SHA256SumValue &rhs) const; + string Value() const; + inline void Value(unsigned char S[32]) + {for (int I = 0; I != sizeof(Sum); I++) S[I] = Sum[I];}; + inline operator string() const {return Value();}; + bool Set(string Str); + inline void Set(unsigned char S[32]) + {for (int I = 0; I != sizeof(Sum); I++) Sum[I] = S[I];}; + + SHA256SumValue(string Str); + SHA256SumValue(); +}; + +struct sha256_ctx { + uint32_t count[2]; + uint32_t state[8]; + uint8_t buf[128]; +}; + +class SHA256Summation +{ + struct sha256_ctx Sum; + + bool Done; + + public: + + bool Add(const unsigned char *inbuf,unsigned long inlen); + inline bool Add(const char *Data) {return Add((unsigned char *)Data,strlen(Data));}; + bool AddFD(int Fd,unsigned long Size); + inline bool Add(const unsigned char *Beg,const unsigned char *End) + {return Add(Beg,End-Beg);}; + SHA256SumValue Result(); + + SHA256Summation(); +}; + +#endif diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/Makefile.am apt-0.5.15lorg3.95.git416/apt-pkg/Makefile.am --- apt-0.5.15lorg3.95.git416.old/apt-pkg/Makefile.am 2008-12-22 23:24:11.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/apt-pkg/Makefile.am 2009-09-14 02:43:16.000000000 +0300 @@ -40,6 +40,8 @@ libapt_pkg_la_SOURCES = \ contrib/progress.h \ contrib/sha1.cc \ contrib/sha1.h \ + contrib/sha256.cc \ + contrib/sha256.h \ contrib/sptr.h \ contrib/sqlite.h \ contrib/sqlite.cc \ diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/Makefile.in apt-0.5.15lorg3.95.git416/apt-pkg/Makefile.in --- apt-0.5.15lorg3.95.git416.old/apt-pkg/Makefile.in 2008-12-23 00:01:30.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/apt-pkg/Makefile.in 2009-09-14 03:57:58.000000000 +0300 @@ -68,7 +68,7 @@ am__dirstamp = $(am__leading_dot)dirstam am_libapt_pkg_la_OBJECTS = contrib/cdromutl.lo contrib/cmndline.lo \ contrib/configuration.lo contrib/crc-16.lo contrib/error.lo \ contrib/fileutl.lo contrib/hashes.lo contrib/md5.lo \ - contrib/mmap.lo contrib/progress.lo contrib/sha1.lo \ + contrib/mmap.lo contrib/progress.lo contrib/sha1.lo contrib/sha256.lo \ contrib/sqlite.lo contrib/strutl.lo rpm/raptheader.lo \ rpm/repomd.lo rpm/aptcallback.lo rpm/rpmhandler.lo \ rpm/rpmindexfile.lo rpm/rpmlistparser.lo rpm/rpmpackagedata.lo \ @@ -280,6 +280,8 @@ libapt_pkg_la_SOURCES = \ contrib/progress.h \ contrib/sha1.cc \ contrib/sha1.h \ + contrib/sha256.cc \ + contrib/sha256.h \ contrib/sptr.h \ contrib/sqlite.h \ contrib/sqlite.cc \ @@ -498,6 +500,8 @@ contrib/progress.lo: contrib/$(am__dirst contrib/$(DEPDIR)/$(am__dirstamp) contrib/sha1.lo: contrib/$(am__dirstamp) \ contrib/$(DEPDIR)/$(am__dirstamp) +contrib/sha256.lo: contrib/$(am__dirstamp) \ + contrib/$(DEPDIR)/$(am__dirstamp) contrib/sqlite.lo: contrib/$(am__dirstamp) \ contrib/$(DEPDIR)/$(am__dirstamp) contrib/strutl.lo: contrib/$(am__dirstamp) \ @@ -551,6 +555,8 @@ mostlyclean-compile: -rm -f contrib/progress.lo -rm -f contrib/sha1.$(OBJEXT) -rm -f contrib/sha1.lo + -rm -f contrib/sha256.$(OBJEXT) + -rm -f contrib/sha256.lo -rm -f contrib/sqlite.$(OBJEXT) -rm -f contrib/sqlite.lo -rm -f contrib/strutl.$(OBJEXT) @@ -620,6 +626,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@contrib/$(DEPDIR)/mmap.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@contrib/$(DEPDIR)/progress.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@contrib/$(DEPDIR)/sha1.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@contrib/$(DEPDIR)/sha256.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@contrib/$(DEPDIR)/sqlite.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@contrib/$(DEPDIR)/strutl.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@rpm/$(DEPDIR)/aptcallback.Plo@am__quote@ diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/pkgrecords.h apt-0.5.15lorg3.95.git416/apt-pkg/pkgrecords.h --- apt-0.5.15lorg3.95.git416.old/apt-pkg/pkgrecords.h 2008-11-11 18:23:45.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/apt-pkg/pkgrecords.h 2009-09-14 03:33:51.000000000 +0300 @@ -62,6 +62,7 @@ class pkgRecords::Parser virtual string FileName() {return string();} virtual string MD5Hash() {return string();} virtual string SHA1Hash() {return string();} + virtual string SHA256Hash() {return string();} virtual string SourcePkg() {return string();} // These are some general stats about the package diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/rpm/repomd.cc apt-0.5.15lorg3.95.git416/apt-pkg/rpm/repomd.cc --- apt-0.5.15lorg3.95.git416.old/apt-pkg/rpm/repomd.cc 2008-12-22 20:39:07.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/apt-pkg/rpm/repomd.cc 2009-09-14 03:28:37.000000000 +0300 @@ -147,17 +147,21 @@ string repomdXML::GetComprMethod(string bool repomdRepository::ParseRelease(string File) { repomd = new repomdXML(File); - bool usesha = true; + CheckMethod = "MD5-Hash"; map::const_iterator I; for (I = repomd->RepoFiles.begin(); I != repomd->RepoFiles.end(); I++) { IndexChecksums[I->second.Path].MD5 = I->second.Hash; IndexChecksums[I->second.Path].Size = 0; - if (I->second.ChecksumType != "sha") { - usesha = false; + // There could be some other checksums for unused files. + if (I->first == "primary" || I->first == "primary_db") { + if (I->second.ChecksumType == "sha") { + CheckMethod = "SHA1-Hash"; + } else if (I->second.ChecksumType == "sha256") { + CheckMethod = "SHA256-Hash"; + } } } - CheckMethod = usesha ? "SHA1-Hash" : "MDA5-Hash"; GotRelease = true; diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/rpm/rpmhandler.cc apt-0.5.15lorg3.95.git416/apt-pkg/rpm/rpmhandler.cc --- apt-0.5.15lorg3.95.git416.old/apt-pkg/rpm/rpmhandler.cc 2008-12-22 22:18:52.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/apt-pkg/rpm/rpmhandler.cc 2009-09-14 03:41:59.000000000 +0300 @@ -1156,6 +1156,13 @@ string RPMRepomdHandler::SHA1Sum() return str; } +string RPMRepomdHandler::SHA256Sum() +{ + // XXX FIXME the method should be an abstract Checksum type using + // md5 / sha1 appropriately, for now relying on hacks elsewhere.. + return SHA1Sum(); +} + off_t RPMRepomdHandler::FileSize() { xmlNode *n; @@ -1620,6 +1627,11 @@ string RPMSqliteHandler::SHA1Sum() return Packages->GetCol("pkgId"); } +string RPMSqliteHandler::SHA256Sum() +{ + return SHA1Sum(); +} + bool RPMSqliteHandler::PRCO(unsigned int Type, vector &Deps) { string what = ""; diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/rpm/rpmhandler.h apt-0.5.15lorg3.95.git416/apt-pkg/rpm/rpmhandler.h --- apt-0.5.15lorg3.95.git416.old/apt-pkg/rpm/rpmhandler.h 2008-12-22 20:39:07.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/apt-pkg/rpm/rpmhandler.h 2009-09-14 03:42:49.000000000 +0300 @@ -87,6 +87,7 @@ class RPMHandler virtual off_t FileSize() = 0; virtual string MD5Sum() = 0; virtual string SHA1Sum() = 0; + virtual string SHA256Sum() = 0; virtual bool ProvideFileName() {return false;} virtual string Name() = 0; @@ -130,6 +131,7 @@ class RPMHdrHandler : public RPMHandler virtual off_t FileSize() {return 1;} virtual string MD5Sum() {return "";} virtual string SHA1Sum() {return "";} + virtual string SHA256Sum() {return "";} virtual bool ProvideFileName() {return false;} virtual string Name() {return GetSTag(RPMTAG_NAME);} @@ -301,6 +303,7 @@ class RPMRepomdHandler : public RPMHandl virtual off_t InstalledSize(); virtual string MD5Sum(); virtual string SHA1Sum(); + virtual string SHA256Sum(); virtual string Name(); virtual string Arch(); @@ -348,6 +351,7 @@ class RPMRepomdReaderHandler : public RP virtual off_t InstalledSize() {return 0;} virtual string MD5Sum() {return "";} virtual string SHA1Sum() {return "";} + virtual string SHA256Sum() {return "";} virtual string Name() {return FindTag("name");} virtual string Arch() {return FindTag("arch");} @@ -417,6 +421,7 @@ class RPMSqliteHandler : public RPMHandl virtual off_t InstalledSize(); virtual string MD5Sum(); virtual string SHA1Sum(); + virtual string SHA256Sum(); virtual string Name(); virtual string Arch(); diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/rpm/rpmindexfile.h apt-0.5.15lorg3.95.git416/apt-pkg/rpm/rpmindexfile.h --- apt-0.5.15lorg3.95.git416.old/apt-pkg/rpm/rpmindexfile.h 2008-12-22 20:39:07.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/apt-pkg/rpm/rpmindexfile.h 2009-09-14 11:02:17.000000000 +0300 @@ -313,7 +313,7 @@ class rpmRepomdIndex : public rpmIndexFi // Interface for acquire virtual string Describe(bool Short) const; virtual bool GetIndexes(pkgAcquire *Owner) const; - virtual string ChecksumType() {return "SHA1-Hash";} + virtual string ChecksumType() {return Repository->GetCheckMethod();} virtual string ArchiveInfo(pkgCache::VerIterator Ver) const; virtual string ArchiveURI(string File) const; diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/rpm/rpmrecords.cc apt-0.5.15lorg3.95.git416/apt-pkg/rpm/rpmrecords.cc --- apt-0.5.15lorg3.95.git416.old/apt-pkg/rpm/rpmrecords.cc 2008-12-22 22:18:52.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/apt-pkg/rpm/rpmrecords.cc 2009-09-14 03:34:39.000000000 +0300 @@ -101,6 +101,11 @@ string rpmRecordParser::SHA1Hash() return Handler->SHA1Sum(); } +string rpmRecordParser::SHA256Hash() +{ + return Handler->SHA256Sum(); +} + // RecordParser::Maintainer - Return the maintainer email /*{{{*/ // --------------------------------------------------------------------- /* */ diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/rpm/rpmrecords.h apt-0.5.15lorg3.95.git416/apt-pkg/rpm/rpmrecords.h --- apt-0.5.15lorg3.95.git416.old/apt-pkg/rpm/rpmrecords.h 2008-11-17 21:22:52.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/apt-pkg/rpm/rpmrecords.h 2009-09-14 03:34:48.000000000 +0300 @@ -46,6 +46,7 @@ class rpmRecordParser : public pkgRecord virtual string FileName(); virtual string MD5Hash(); virtual string SHA1Hash(); + virtual string SHA256Hash(); virtual string SourcePkg(); // These are some general stats about the package diff -urNp apt-0.5.15lorg3.95.git416.old/apt-pkg/tagfile.cc apt-0.5.15lorg3.95.git416/apt-pkg/tagfile.cc --- apt-0.5.15lorg3.95.git416.old/apt-pkg/tagfile.cc 2008-11-11 18:23:45.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/apt-pkg/tagfile.cc 2009-09-14 03:39:25.000000000 +0300 @@ -389,6 +389,7 @@ static const char *iTFRewritePackageOrde "Size", "MD5Sum", "SHA1Sum", + "SHA256Sum", "MSDOS-Filename", // Obsolete "Description", 0}; diff -urNp apt-0.5.15lorg3.95.git416.old/po/POTFILES.in apt-0.5.15lorg3.95.git416/po/POTFILES.in --- apt-0.5.15lorg3.95.git416.old/po/POTFILES.in 2008-01-12 11:45:07.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/po/POTFILES.in 2009-09-14 02:46:15.000000000 +0300 @@ -19,6 +19,7 @@ apt-pkg/contrib/md5.cc apt-pkg/contrib/mmap.cc apt-pkg/contrib/progress.cc apt-pkg/contrib/sha1.cc +apt-pkg/contrib/sha256.cc apt-pkg/contrib/strutl.cc apt-pkg/contrib/sqlite.cc diff -urNp apt-0.5.15lorg3.95.git416.old/python/apt.py apt-0.5.15lorg3.95.git416/python/apt.py --- apt-0.5.15lorg3.95.git416.old/python/apt.py 2008-01-12 11:45:07.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/python/apt.py 2009-09-14 03:35:36.000000000 +0300 @@ -1367,6 +1367,7 @@ class pkgRecordsParser(_object): def FileName(*args): return _apt.pkgRecordsParser_FileName(*args) def MD5Hash(*args): return _apt.pkgRecordsParser_MD5Hash(*args) def SHA1Hash(*args): return _apt.pkgRecordsParser_SHA1Hash(*args) + def SHA256Hash(*args): return _apt.pkgRecordsParser_SHA256Hash(*args) def SourcePkg(*args): return _apt.pkgRecordsParser_SourcePkg(*args) def Maintainer(*args): return _apt.pkgRecordsParser_Maintainer(*args) def ShortDesc(*args): return _apt.pkgRecordsParser_ShortDesc(*args) diff -urNp apt-0.5.15lorg3.95.git416.old/python/apt_wrap.cxx apt-0.5.15lorg3.95.git416/python/apt_wrap.cxx --- apt-0.5.15lorg3.95.git416.old/python/apt_wrap.cxx 2008-01-12 11:45:07.000000000 +0200 +++ apt-0.5.15lorg3.95.git416/python/apt_wrap.cxx 2009-09-14 03:37:58.000000000 +0300 @@ -15005,6 +15005,25 @@ static PyObject *_wrap_pkgRecordsParser_ } +static PyObject *_wrap_pkgRecordsParser_SHA256Hash(PyObject *self, PyObject *args) { + PyObject *resultobj; + pkgRecords::Parser *arg1 = (pkgRecords::Parser *) 0 ; + string result; + PyObject * obj0 = 0 ; + + if(!PyArg_ParseTuple(args,(char *)"O:pkgRecordsParser_SHA256Hash",&obj0)) goto fail; + if ((SWIG_ConvertPtr(obj0,(void **) &arg1, SWIGTYPE_p_pkgRecords__Parser,SWIG_POINTER_EXCEPTION | 0 )) == -1) SWIG_fail; + result = (arg1)->SHA256Hash(); + + { + resultobj = PyString_FromStringAndSize((&result)->data(),(&result)->size()); + } + return resultobj; + fail: + return NULL; +} + + static PyObject *_wrap_pkgRecordsParser_SourcePkg(PyObject *self, PyObject *args) { PyObject *resultobj; pkgRecords::Parser *arg1 = (pkgRecords::Parser *) 0 ; @@ -20133,6 +20152,7 @@ static PyMethodDef SwigMethods[] = { { (char *)"pkgRecordsParser_FileName", _wrap_pkgRecordsParser_FileName, METH_VARARGS }, { (char *)"pkgRecordsParser_MD5Hash", _wrap_pkgRecordsParser_MD5Hash, METH_VARARGS }, { (char *)"pkgRecordsParser_SHA1Hash", _wrap_pkgRecordsParser_SHA1Hash, METH_VARARGS }, + { (char *)"pkgRecordsParser_SHA256Hash", _wrap_pkgRecordsParser_SHA256Hash, METH_VARARGS }, { (char *)"pkgRecordsParser_SourcePkg", _wrap_pkgRecordsParser_SourcePkg, METH_VARARGS }, { (char *)"pkgRecordsParser_Maintainer", _wrap_pkgRecordsParser_Maintainer, METH_VARARGS }, { (char *)"pkgRecordsParser_ShortDesc", _wrap_pkgRecordsParser_ShortDesc, METH_VARARGS },