Package: libsrtp0
Version: 1.4.5~20130609~dfsg-1
Severity: important
Tags: upstream patch
Hi,
libsrtp defines the following SHA1 functions:
sha1
sha1_init
sha1_update
sha1_final
sha1_core
The first three of these names conflict with symbols exported by polarssl.
This is preventing applications from linking against both libraries, which
for example the current version of Linphone (3.7) needs to do for secure
communication.
Please consider the attached patch which renames the SHA1 functions. This
should not cause a problem for programs using libsrtp because the functions
are only used internally within the library.
Upstream bug: https://github.com/cisco/libsrtp/issues/28
Red Hat bug: https://bugzilla.redhat.com/show_bug.cgi?id=956340
Many thanks,
Si Padmore.
-- System Information:
Debian Release: 7.6
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Description: Rename sha1 symbols that conflict with polarssl
The names of the functions defined in crypto/hash/sha1.c conflict with
some library functions exported by polarssl. This patch renames the
functions in libsrtp.
The functions are only used internally in libsrtp so this change should
not cause a problem for programs using this library.
Author: Si Padmore <sipadm...@gmx.co.uk>
Last-Update: 2014-10-10
--- srtp-1.4.5~20130609~dfsg.orig/crypto/include/sha1.h
+++ srtp-1.4.5~20130609~dfsg/crypto/include/sha1.h
@@ -58,43 +58,43 @@ typedef struct {
} sha1_ctx_t;
/*
- * sha1(&ctx, msg, len, output) hashes the len octets starting at msg
+ * srtp_sha1(&ctx, msg, len, output) hashes the len octets starting at msg
* into the SHA1 context, then writes the result to the 20 octets at
* output
*
*/
void
-sha1(const uint8_t *message, int octets_in_msg, uint32_t output[5]);
+srtp_sha1(const uint8_t *message, int octets_in_msg, uint32_t output[5]);
/*
- * sha1_init(&ctx) initializes the SHA1 context ctx
+ * srtp_sha1_init(&ctx) initializes the SHA1 context ctx
*
- * sha1_update(&ctx, msg, len) hashes the len octets starting at msg
+ * srtp_sha1_update(&ctx, msg, len) hashes the len octets starting at msg
* into the SHA1 context
*
- * sha1_final(&ctx, output) performs the final processing of the SHA1
+ * srtp_sha1_final(&ctx, output) performs the final processing of the SHA1
* context and writes the result to the 20 octets at output
*
*/
void
-sha1_init(sha1_ctx_t *ctx);
+srtp_sha1_init(sha1_ctx_t *ctx);
void
-sha1_update(sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg);
+srtp_sha1_update(sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg);
void
-sha1_final(sha1_ctx_t *ctx, uint32_t output[5]);
+srtp_sha1_final(sha1_ctx_t *ctx, uint32_t output[5]);
/*
- * The sha1_core function is INTERNAL to SHA-1, but it is declared
+ * The srtp_sha1_core function is INTERNAL to SHA-1, but it is declared
* here because it is also used by the cipher SEAL 3.0 in its key
* setup algorithm.
*/
/*
- * sha1_core(M, H) computes the core sha1 compression function, where M is
+ * srtp_sha1_core(M, H) computes the core sha1 compression function, where M is
* the next part of the message and H is the intermediate state {H0,
* H1, ...}
*
@@ -103,6 +103,6 @@ sha1_final(sha1_ctx_t *ctx, uint32_t out
*/
void
-sha1_core(const uint32_t M[16], uint32_t hash_value[5]);
+srtp_sha1_core(const uint32_t M[16], uint32_t hash_value[5]);
#endif /* SHA1_H */
--- srtp-1.4.5~20130609~dfsg.orig/crypto/hash/hmac.c
+++ srtp-1.4.5~20130609~dfsg/crypto/hash/hmac.c
@@ -137,10 +137,10 @@ hmac_init(hmac_ctx_t *state, const uint8
debug_print(mod_hmac, "ipad: %s", octet_string_hex_string(ipad, 64));
/* initialize sha1 context */
- sha1_init(&state->init_ctx);
+ srtp_sha1_init(&state->init_ctx);
/* hash ipad ^ key */
- sha1_update(&state->init_ctx, ipad, 64);
+ srtp_sha1_update(&state->init_ctx, ipad, 64);
memcpy(&state->ctx, &state->init_ctx, sizeof(sha1_ctx_t));
return err_status_ok;
@@ -161,7 +161,7 @@ hmac_update(hmac_ctx_t *state, const uin
octet_string_hex_string(message, msg_octets));
/* hash message into sha1 context */
- sha1_update(&state->ctx, message, msg_octets);
+ srtp_sha1_update(&state->ctx, message, msg_octets);
return err_status_ok;
}
@@ -179,7 +179,7 @@ hmac_compute(hmac_ctx_t *state, const vo
/* hash message, copy output into H */
hmac_update(state, (const uint8_t*)message, msg_octets);
- sha1_final(&state->ctx, H);
+ srtp_sha1_final(&state->ctx, H);
/*
* note that we don't need to debug_print() the input, since the
@@ -189,16 +189,16 @@ hmac_compute(hmac_ctx_t *state, const vo
octet_string_hex_string((uint8_t *)H, 20));
/* re-initialize hash context */
- sha1_init(&state->ctx);
+ srtp_sha1_init(&state->ctx);
/* hash opad ^ key */
- sha1_update(&state->ctx, (uint8_t *)state->opad, 64);
+ srtp_sha1_update(&state->ctx, (uint8_t *)state->opad, 64);
/* hash the result of the inner hash */
- sha1_update(&state->ctx, (uint8_t *)H, 20);
+ srtp_sha1_update(&state->ctx, (uint8_t *)H, 20);
/* the result is returned in the array hash_value[] */
- sha1_final(&state->ctx, hash_value);
+ srtp_sha1_final(&state->ctx, hash_value);
/* copy hash_value to *result */
for (i=0; i < tag_len; i++)
--- srtp-1.4.5~20130609~dfsg.orig/crypto/hash/sha1.c
+++ srtp-1.4.5~20130609~dfsg/crypto/hash/sha1.c
@@ -74,17 +74,17 @@ uint32_t SHA_K2 = 0x8F1BBCDC; /* Kt fo
uint32_t SHA_K3 = 0xCA62C1D6; /* Kt for 60 <= t <= 79 */
void
-sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5]) {
+srtp_sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5]) {
sha1_ctx_t ctx;
- sha1_init(&ctx);
- sha1_update(&ctx, msg, octets_in_msg);
- sha1_final(&ctx, hash_value);
+ srtp_sha1_init(&ctx);
+ srtp_sha1_update(&ctx, msg, octets_in_msg);
+ srtp_sha1_final(&ctx, hash_value);
}
/*
- * sha1_core(M, H) computes the core compression function, where M is
+ * srtp_sha1_core(M, H) computes the core compression function, where M is
* the next part of the message (in network byte order) and H is the
* intermediate state { H0, H1, ...} (in host byte order)
*
@@ -96,7 +96,7 @@ sha1(const uint8_t *msg, int octets_in_
*/
void
-sha1_core(const uint32_t M[16], uint32_t hash_value[5]) {
+srtp_sha1_core(const uint32_t M[16], uint32_t hash_value[5]) {
uint32_t H0;
uint32_t H1;
uint32_t H2;
@@ -183,7 +183,7 @@ sha1_core(const uint32_t M[16], uint32_t
}
void
-sha1_init(sha1_ctx_t *ctx) {
+srtp_sha1_init(sha1_ctx_t *ctx) {
/* initialize state vector */
ctx->H[0] = 0x67452301;
@@ -201,7 +201,7 @@ sha1_init(sha1_ctx_t *ctx) {
}
void
-sha1_update(sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) {
+srtp_sha1_update(sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) {
int i;
uint8_t *buf = (uint8_t *)ctx->M;
@@ -224,13 +224,13 @@ sha1_update(sha1_ctx_t *ctx, const uint8
/* process a whole block */
- debug_print(mod_sha1, "(update) running sha1_core()", NULL);
+ debug_print(mod_sha1, "(update) running srtp_sha1_core()", NULL);
- sha1_core(ctx->M, ctx->H);
+ srtp_sha1_core(ctx->M, ctx->H);
} else {
- debug_print(mod_sha1, "(update) not running sha1_core()", NULL);
+ debug_print(mod_sha1, "(update) not running srtp_sha1_core()", NULL);
for (i=ctx->octets_in_buffer;
i < (ctx->octets_in_buffer + octets_in_msg); i++)
@@ -244,12 +244,12 @@ sha1_update(sha1_ctx_t *ctx, const uint8
}
/*
- * sha1_final(ctx, output) computes the result for ctx and copies it
+ * srtp_sha1_final(ctx, output) computes the result for ctx and copies it
* into the twenty octets located at *output
*/
void
-sha1_final(sha1_ctx_t *ctx, uint32_t *output) {
+srtp_sha1_final(sha1_ctx_t *ctx, uint32_t *output) {
uint32_t A, B, C, D, E, TEMP;
uint32_t W[80];
int i, t;
@@ -336,11 +336,11 @@ sha1_final(sha1_ctx_t *ctx, uint32_t *ou
}
- debug_print(mod_sha1, "(final) running sha1_core()", NULL);
+ debug_print(mod_sha1, "(final) running srtp_sha1_core()", NULL);
if (ctx->octets_in_buffer >= 56) {
- debug_print(mod_sha1, "(final) running sha1_core() again", NULL);
+ debug_print(mod_sha1, "(final) running srtp_sha1_core() again", NULL);
/* we need to do one final run of the compression algo */
--- srtp-1.4.5~20130609~dfsg.orig/crypto/test/sha1_driver.c
+++ srtp-1.4.5~20130609~dfsg/crypto/test/sha1_driver.c
@@ -107,9 +107,9 @@ sha1_test_case_validate(const hash_test_
if (test_case->data_len > MAX_HASH_DATA_LEN)
return err_status_bad_param;
- sha1_init(&ctx);
- sha1_update(&ctx, test_case->data, test_case->data_len);
- sha1_final(&ctx, hash_value);
+ srtp_sha1_init(&ctx);
+ srtp_sha1_update(&ctx, test_case->data, test_case->data_len);
+ srtp_sha1_final(&ctx, hash_value);
if (0 == memcmp(test_case->hash, hash_value, 20)) {
#if VERBOSE
printf("PASSED: reference value: %s\n",
