Merge branch 'pu/gcrypt2' into 'master'

Use Libgcrypt for hashing purposes See merge request apt-team/apt!89
author: Julian Andres Klode <jak@debian.org> 2020-01-14 12:57:54 +0000
committer: Julian Andres Klode <jak@debian.org> 2020-01-14 12:57:54 +0000
commit: 5db3a38926aa820546c411dd9f49f57eea24cd9e (patch)
tree: b794739c375d7c984c4190be44b9ed678e9bf0da
parent: cfeae24843e8357c7e8d2ff3b23ee81cac330017 (diff)
parent: 8c1a37e12790a23f3b132899485e011f9134b483 (diff)
26 files changed, 191 insertions, 119 deletions
diff --git a/CMake/FindGcrypt.cmake b/CMake/FindGcrypt.cmake
new file mode 100644
index 000000000..56bfc9fef
--- /dev/null
+++ b/CMake/FindGcrypt.cmake
@@ -0,0 +1,25 @@
+# - Try to find GCRYPT
+# Once done, this will define
+#
+#  GCRYPT_FOUND - system has GCRYPT
+#  GCRYPT_INCLUDE_DIRS - the GCRYPT include directories
+#  GCRYPT_LIBRARIES - the GCRYPT library
+find_package(PkgConfig)
+
+pkg_check_modules(GCRYPT_PKGCONF libgcrypt)
+
+find_path(GCRYPT_INCLUDE_DIRS
+  NAMES gcrypt.h
+  PATHS ${GCRYPT_PKGCONF_INCLUDE_DIRS}
+)
+
+
+find_library(GCRYPT_LIBRARIES
+  NAMES gcrypt
+  PATHS ${GCRYPT_PKGCONF_LIBRARY_DIRS}
+)
+
+include(FindPackageHandleStandardArgs)
+find_package_handle_standard_args(GCRYPT DEFAULT_MSG GCRYPT_INCLUDE_DIRS GCRYPT_LIBRARIES)
+
+mark_as_advanced(GCRYPT_INCLUDE_DIRS GCRYPT_LIBRARIES)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index ab08b8f4e..862a5d4ed 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -134,6 +134,8 @@ if (SECCOMP_FOUND)
   set(HAVE_SECCOMP 1)
 endif()
 
+find_package(Gcrypt REQUIRED)
+
 # Mount()ing and stat()ing and friends
 check_symbol_exists(statfs sys/vfs.h HAVE_VFS_H)
 check_include_files(sys/params.h HAVE_PARAMS_H)
diff --git a/apt-pkg/CMakeLists.txt b/apt-pkg/CMakeLists.txt
index db23a30f7..e9a629ccf 100644
--- a/apt-pkg/CMakeLists.txt
+++ b/apt-pkg/CMakeLists.txt
@@ -48,6 +48,7 @@ target_include_directories(apt-pkg
                                    $<$<BOOL:${UDEV_FOUND}>:${UDEV_INCLUDE_DIRS}>
                                    $<$<BOOL:${SYSTEMD_FOUND}>:${SYSTEMD_INCLUDE_DIRS}>
                                    ${ICONV_INCLUDE_DIRS}
+                                   $<$<BOOL:${GCRYPT_FOUND}>:${GCRYPT_INCLUDE_DIRS}>
 )
 
 target_link_libraries(apt-pkg
@@ -61,6 +62,7 @@ target_link_libraries(apt-pkg
                              $<$<BOOL:${UDEV_FOUND}>:${UDEV_LIBRARIES}>
                              $<$<BOOL:${SYSTEMD_FOUND}>:${SYSTEMD_LIBRARIES}>
                              ${ICONV_LIBRARIES}
+                             $<$<BOOL:${GCRYPT_FOUND}>:${GCRYPT_LIBRARIES}>
 )
 set_target_properties(apt-pkg PROPERTIES VERSION ${MAJOR}.${MINOR})
 set_target_properties(apt-pkg PROPERTIES SOVERSION ${MAJOR})
diff --git a/apt-pkg/acquire-method.cc b/apt-pkg/acquire-method.cc
index f2a61a144..9656caf14 100644
--- a/apt-pkg/acquire-method.cc
+++ b/apt-pkg/acquire-method.cc
@@ -21,9 +21,6 @@
 #include <apt-pkg/error.h>
 #include <apt-pkg/fileutl.h>
 #include <apt-pkg/hashes.h>
-#include <apt-pkg/md5.h>
-#include <apt-pkg/sha1.h>
-#include <apt-pkg/sha2.h>
 #include <apt-pkg/strutl.h>
 
 #include <algorithm>
diff --git a/apt-pkg/contrib/cdromutl.cc b/apt-pkg/contrib/cdromutl.cc
index 9db3980da..c0fe869d2 100644
--- a/apt-pkg/contrib/cdromutl.cc
+++ b/apt-pkg/contrib/cdromutl.cc
@@ -15,7 +15,7 @@
 #include <apt-pkg/configuration.h>
 #include <apt-pkg/error.h>
 #include <apt-pkg/fileutl.h>
-#include <apt-pkg/md5.h>
+#include <apt-pkg/hashes.h>
 #include <apt-pkg/strutl.h>
 
 #include <iostream>
@@ -181,7 +181,7 @@ bool MountCdrom(string Path, string DeviceName)
    from effecting the outcome. */
 bool IdentCdrom(string CD,string &Res,unsigned int Version)
 {
-   MD5Summation Hash;
+   Hashes Hash(Hashes::MD5SUM);
    bool writable_media = false;
 
    int dirfd = open(CD.c_str(), O_RDONLY | O_DIRECTORY | O_CLOEXEC);
@@ -254,7 +254,7 @@ bool IdentCdrom(string CD,string &Res,unsigned int Version)
       strprintf(S, "-%u.debug", Version);
 
    closedir(D);
-   Res = Hash.Result().Value().append(std::move(S));
+   Res = Hash.GetHashString(Hashes::MD5SUM).HashValue().append(std::move(S));
    return true;
 }
 									/*}}}*/
diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc
index b83a4bad7..db5463be2 100644
--- a/apt-pkg/contrib/fileutl.cc
+++ b/apt-pkg/contrib/fileutl.cc
@@ -85,9 +85,6 @@
 
 using namespace std;
 
-/* Should be a multiple of the common page size (4096) */
-static constexpr unsigned long long APT_BUFFER_SIZE = 64 * 1024;
-
 // RunScripts - Run a set of scripts from a configuration subtree	/*{{{*/
 // ---------------------------------------------------------------------
 /* */
diff --git a/apt-pkg/contrib/hashes.cc b/apt-pkg/contrib/hashes.cc
index 366133b02..d506a1361 100644
--- a/apt-pkg/contrib/hashes.cc
+++ b/apt-pkg/contrib/hashes.cc
@@ -15,18 +15,31 @@
 #include <apt-pkg/configuration.h>
 #include <apt-pkg/fileutl.h>
 #include <apt-pkg/hashes.h>
-#include <apt-pkg/md5.h>
-#include <apt-pkg/sha1.h>
-#include <apt-pkg/sha2.h>
+#include <apt-pkg/macros.h>
 
 #include <algorithm>
 #include <iostream>
 #include <string>
+#include <assert.h>
 #include <stddef.h>
 #include <stdlib.h>
 #include <unistd.h>
+
+#include <gcrypt.h>
 									/*}}}*/
 
+static const constexpr struct HashAlgo
+{
+   const char *name;
+   int gcryAlgo;
+   Hashes::SupportedHashes ourAlgo;
+} Algorithms[] = {
+   {"MD5Sum", GCRY_MD_MD5, Hashes::MD5SUM},
+   {"SHA1", GCRY_MD_SHA1, Hashes::SHA1SUM},
+   {"SHA256", GCRY_MD_SHA256, Hashes::SHA256SUM},
+   {"SHA512", GCRY_MD_SHA512, Hashes::SHA512SUM},
+};
+
 const char * HashString::_SupportedHashes[] =
 {
    "SHA512", "SHA256", "SHA1", "MD5Sum", "Checksum-FileSize", NULL
@@ -89,27 +102,27 @@ std::string HashString::GetHashForFile(std::string filename) const      /*{{{*/
    FileFd Fd(filename, FileFd::ReadOnly);
    if(strcasecmp(Type.c_str(), "MD5Sum") == 0)
    {
-      MD5Summation MD5;
+      Hashes MD5(Hashes::MD5SUM);
       MD5.AddFD(Fd);
-      fileHash = (std::string)MD5.Result();
+      fileHash = MD5.GetHashString(Hashes::MD5SUM).Hash;
    }
    else if (strcasecmp(Type.c_str(), "SHA1") == 0)
    {
-      SHA1Summation SHA1;
+      Hashes SHA1(Hashes::SHA1SUM);
       SHA1.AddFD(Fd);
-      fileHash = (std::string)SHA1.Result();
+      fileHash = SHA1.GetHashString(Hashes::SHA1SUM).Hash;
    }
    else if (strcasecmp(Type.c_str(), "SHA256") == 0)
    {
-      SHA256Summation SHA256;
+      Hashes SHA256(Hashes::SHA256SUM);
       SHA256.AddFD(Fd);
-      fileHash = (std::string)SHA256.Result();
+      fileHash = SHA256.GetHashString(Hashes::SHA256SUM).Hash;
    }
    else if (strcasecmp(Type.c_str(), "SHA512") == 0)
    {
-      SHA512Summation SHA512;
+      Hashes SHA512(Hashes::SHA512SUM);
       SHA512.AddFD(Fd);
-      fileHash = (std::string)SHA512.Result();
+      fileHash = SHA512.GetHashString(Hashes::SHA512SUM).Hash;
    }
    else if (strcasecmp(Type.c_str(), "Checksum-FileSize") == 0)
       strprintf(fileHash, "%llu", Fd.FileSize());
@@ -286,43 +299,45 @@ bool HashStringList::operator!=(HashStringList const &other) const
 class PrivateHashes {
 public:
    unsigned long long FileSize;
-   unsigned int CalcHashes;
+   gcry_md_hd_t hd;
+
+   explicit PrivateHashes(unsigned int const CalcHashes) : FileSize(0)
+   {
+      gcry_md_open(&hd, 0, 0);
+      for (auto & Algo : Algorithms)
+      {
+	 if ((CalcHashes & Algo.ourAlgo) == Algo.ourAlgo)
+	    gcry_md_enable(hd, Algo.gcryAlgo);
+      }
+   }
 
-   explicit PrivateHashes(unsigned int const CalcHashes) : FileSize(0), CalcHashes(CalcHashes) {}
    explicit PrivateHashes(HashStringList const &Hashes) : FileSize(0) {
-      unsigned int calcHashes = Hashes.usable() ? 0 : ~0;
-      if (Hashes.find("MD5Sum") != NULL)
-	 calcHashes |= Hashes::MD5SUM;
-      if (Hashes.find("SHA1") != NULL)
-	 calcHashes |= Hashes::SHA1SUM;
-      if (Hashes.find("SHA256") != NULL)
-	 calcHashes |= Hashes::SHA256SUM;
-      if (Hashes.find("SHA512") != NULL)
-	 calcHashes |= Hashes::SHA512SUM;
-      CalcHashes = calcHashes;
+      gcry_md_open(&hd, 0, 0);
+      for (auto & Algo : Algorithms)
+      {
+	 if (not Hashes.usable() || Hashes.find(Algo.name) != NULL)
+	    gcry_md_enable(hd, Algo.gcryAlgo);
+      }
+   }
+   ~PrivateHashes()
+   {
+      gcry_md_close(hd);
    }
 };
 									/*}}}*/
 // Hashes::Add* - Add the contents of data or FD			/*{{{*/
 bool Hashes::Add(const unsigned char * const Data, unsigned long long const Size)
 {
-   if (Size == 0)
-      return true;
-   bool Res = true;
-   if ((d->CalcHashes & MD5SUM) == MD5SUM)
-      Res &= MD5.Add(Data, Size);
-   if ((d->CalcHashes & SHA1SUM) == SHA1SUM)
-      Res &= SHA1.Add(Data, Size);
-   if ((d->CalcHashes & SHA256SUM) == SHA256SUM)
-      Res &= SHA256.Add(Data, Size);
-   if ((d->CalcHashes & SHA512SUM) == SHA512SUM)
-      Res &= SHA512.Add(Data, Size);
-   d->FileSize += Size;
-   return Res;
+   if (Size != 0)
+   {
+      gcry_md_write(d->hd, Data, Size);
+      d->FileSize += Size;
+   }
+   return true;
 }
 bool Hashes::AddFD(int const Fd,unsigned long long Size)
 {
-   unsigned char Buf[64*64];
+   unsigned char Buf[APT_BUFFER_SIZE];
    bool const ToEOF = (Size == UntilEOF);
    while (Size != 0 || ToEOF)
    {
@@ -341,7 +356,7 @@ bool Hashes::AddFD(int const Fd,unsigned long long Size)
 }
 bool Hashes::AddFD(FileFd &Fd,unsigned long long Size)
 {
-   unsigned char Buf[64*64];
+   unsigned char Buf[APT_BUFFER_SIZE];
    bool const ToEOF = (Size == 0);
    while (Size != 0 || ToEOF)
    {
@@ -364,20 +379,49 @@ bool Hashes::AddFD(FileFd &Fd,unsigned long long Size)
    return true;
 }
 									/*}}}*/
+
+static APT_PURE std::string HexDigest(gcry_md_hd_t hd, int algo)
+{
+   char Conv[16] =
+      {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b',
+       'c', 'd', 'e', 'f'};
+
+   auto Size = gcry_md_get_algo_dlen(algo);
+   char Result[((Size)*2) + 1];
+   Result[(Size)*2] = 0;
+
+   auto Sum = gcry_md_read(hd, algo);
+
+   // Convert each char into two letters
+   size_t J = 0;
+   size_t I = 0;
+   for (; I != (Size)*2; J++, I += 2)
+   {
+      Result[I] = Conv[Sum[J] >> 4];
+      Result[I + 1] = Conv[Sum[J] & 0xF];
+   }
+   return std::string(Result);
+};
+
 HashStringList Hashes::GetHashStringList()
 {
    HashStringList hashes;
-   if ((d->CalcHashes & MD5SUM) == MD5SUM)
-      hashes.push_back(HashString("MD5Sum", MD5.Result().Value()));
-   if ((d->CalcHashes & SHA1SUM) == SHA1SUM)
-      hashes.push_back(HashString("SHA1", SHA1.Result().Value()));
-   if ((d->CalcHashes & SHA256SUM) == SHA256SUM)
-      hashes.push_back(HashString("SHA256", SHA256.Result().Value()));
-   if ((d->CalcHashes & SHA512SUM) == SHA512SUM)
-      hashes.push_back(HashString("SHA512", SHA512.Result().Value()));
+   for (auto & Algo : Algorithms)
+      if (gcry_md_is_enabled(d->hd, Algo.gcryAlgo))
+	 hashes.push_back(HashString(Algo.name, HexDigest(d->hd, Algo.gcryAlgo)));
    hashes.FileSize(d->FileSize);
+
    return hashes;
 }
+
+HashString Hashes::GetHashString(SupportedHashes hash)
+{
+   for (auto & Algo : Algorithms)
+      if (hash == Algo.ourAlgo)
+	 return HashString(Algo.name, HexDigest(d->hd, Algo.gcryAlgo));
+
+   abort();
+}
 Hashes::Hashes() : d(new PrivateHashes(~0)) { }
 Hashes::Hashes(unsigned int const Hashes) : d(new PrivateHashes(Hashes)) {}
 Hashes::Hashes(HashStringList const &Hashes) : d(new PrivateHashes(Hashes)) {}
diff --git a/apt-pkg/contrib/hashes.h b/apt-pkg/contrib/hashes.h
index e9b8a0519..dad50c564 100644
--- a/apt-pkg/contrib/hashes.h
+++ b/apt-pkg/contrib/hashes.h
@@ -171,12 +171,14 @@ class PrivateHashes;
 class Hashes
 {
    PrivateHashes * const d;
+APT_IGNORE_DEPRECATED_PUSH
    /* TODO: those will disappear in the future as it is hard to add new ones this way.
     * Use Add* to build the results and get them via GetHashStringList() instead */
-   MD5Summation MD5;
-   SHA1Summation SHA1;
-   SHA256Summation SHA256;
-   SHA512Summation SHA512;
+   MD5Summation MD5 APT_PKG_590("Remove");
+   SHA1Summation SHA1 APT_PKG_590("Remove");
+   SHA256Summation SHA256 APT_PKG_590("Remove");
+   SHA512Summation SHA512 APT_PKG_590("Remove");
+APT_IGNORE_DEPRECATED_POP
 
    public:
    static const int UntilEOF = 0;
@@ -184,6 +186,10 @@ class Hashes
    bool Add(const unsigned char * const Data, unsigned long long const Size) APT_NONNULL(2);
    inline bool Add(const char * const Data) APT_NONNULL(2)
    {return Add(reinterpret_cast<unsigned char const *>(Data),strlen(Data));};
+   inline bool Add(const char *const Data, unsigned long long const Size) APT_NONNULL(2)
+   {
+      return Add(reinterpret_cast<unsigned char const *>(Data), Size);
+   };
    inline bool Add(const unsigned char * const Beg,const unsigned char * const End) APT_NONNULL(2,3)
    {return Add(Beg,End-Beg);};
 
@@ -194,6 +200,9 @@ class Hashes
 
    HashStringList GetHashStringList();
 
+   /** Get a specific hash. It is an error to use a hash that was not hashes */
+   HashString GetHashString(SupportedHashes hash);
+
    /** create a Hashes object to calculate all supported hashes
     *
     * If ALL is too much, you can limit which Hashes are calculated
diff --git a/apt-pkg/contrib/macros.h b/apt-pkg/contrib/macros.h
index 340549fbd..7e42092f6 100644
--- a/apt-pkg/contrib/macros.h
+++ b/apt-pkg/contrib/macros.h
@@ -128,4 +128,7 @@
 #define APT_PKG_590(msg)
 #endif
 
+/* Should be a multiple of the common page size (4096) */
+static constexpr unsigned long long APT_BUFFER_SIZE = 64 * 1024;
+
 #endif
diff --git a/apt-pkg/contrib/md5.h b/apt-pkg/contrib/md5.h
index d1287c573..de0699f6a 100644
--- a/apt-pkg/contrib/md5.h
+++ b/apt-pkg/contrib/md5.h
@@ -29,7 +29,7 @@
 
 typedef HashSumValue<128> MD5SumValue;
 
-class MD5Summation : public SummationImplementation
+class APT_DEPRECATED_MSG("Use Hashes instead") APT_PKG_590("Remove") MD5Summation : public SummationImplementation
 {
    uint32_t Buf[4];
    unsigned char Bytes[2*4];
diff --git a/apt-pkg/contrib/sha1.h b/apt-pkg/contrib/sha1.h
index 7149da97f..5d16cbd16 100644
--- a/apt-pkg/contrib/sha1.h
+++ b/apt-pkg/contrib/sha1.h
@@ -18,7 +18,7 @@
 
 typedef  HashSumValue<160> SHA1SumValue;
 
-class SHA1Summation : public SummationImplementation
+class APT_DEPRECATED_MSG("Use Hashes instead") APT_PKG_590("Remove") SHA1Summation : public SummationImplementation
 {
    /* assumes 64-bit alignment just in case */
    unsigned char Buffer[64] __attribute__((aligned(8)));
diff --git a/apt-pkg/contrib/sha2.h b/apt-pkg/contrib/sha2.h
index 5489007a2..9e179b43c 100644
--- a/apt-pkg/contrib/sha2.h
+++ b/apt-pkg/contrib/sha2.h
@@ -33,7 +33,7 @@ class SHA2SummationBase : public SummationImplementation
    void Result();
 };
 
-class SHA256Summation : public SHA2SummationBase
+class APT_DEPRECATED_MSG("Use Hashes instead") APT_PKG_590("Remove") SHA256Summation : public SHA2SummationBase
 {
    SHA256_CTX ctx;
    unsigned char Sum[32];
@@ -66,7 +66,7 @@ class SHA256Summation : public SHA2SummationBase
    };
 };
 
-class SHA512Summation : public SHA2SummationBase
+class APT_DEPRECATED_MSG("Use Hashes instead") APT_PKG_590("Remove") SHA512Summation : public SHA2SummationBase
 {
    SHA512_CTX ctx;
    unsigned char Sum[64];
diff --git a/apt-pkg/contrib/sha256.h b/apt-pkg/contrib/sha256.h
index 15146c948..93b2bc09e 100644
--- a/apt-pkg/contrib/sha256.h
+++ b/apt-pkg/contrib/sha256.h
@@ -1,7 +1,6 @@
 #ifndef APTPKG_SHA256_H
 #define APTPKG_SHA256_H
 
-#include "sha2.h"
 
 #warning "This header is deprecated, please include sha2.h instead"
 
diff --git a/apt-pkg/deb/deblistparser.cc b/apt-pkg/deb/deblistparser.cc
index 88b41ad30..21d1736e4 100644
--- a/apt-pkg/deb/deblistparser.cc
+++ b/apt-pkg/deb/deblistparser.cc
@@ -17,8 +17,8 @@
 #include <apt-pkg/crc-16.h>
 #include <apt-pkg/deblistparser.h>
 #include <apt-pkg/error.h>
+#include <apt-pkg/hashes.h>
 #include <apt-pkg/macros.h>
-#include <apt-pkg/md5.h>
 #include <apt-pkg/pkgcache.h>
 #include <apt-pkg/strutl.h>
 #include <apt-pkg/tagfile-keys.h>
@@ -298,10 +298,10 @@ APT::StringView debListParser::Description_md5()
       if (desc == "\n")
 	 return StringView();
 
-      MD5Summation md5;
+      Hashes md5(Hashes::MD5SUM);
       md5.Add(desc.data(), desc.size());
       md5.Add("\n");
-      MD5Buffer = md5.Result();
+      MD5Buffer = md5.GetHashString(Hashes::MD5SUM).HashValue();
       return StringView(MD5Buffer);
    }
    else if (likely(value.size() == 32))
diff --git a/apt-pkg/deb/deblistparser.h b/apt-pkg/deb/deblistparser.h
index c041585e6..a04187c45 100644
--- a/apt-pkg/deb/deblistparser.h
+++ b/apt-pkg/deb/deblistparser.h
@@ -11,7 +11,6 @@
 #define PKGLIB_DEBLISTPARSER_H
 
 #include <apt-pkg/macros.h>
-#include <apt-pkg/md5.h>
 #include <apt-pkg/pkgcache.h>
 #include <apt-pkg/pkgcachegen.h>
 #include <apt-pkg/tagfile.h>
diff --git a/apt-pkg/edsp/edsplistparser.cc b/apt-pkg/edsp/edsplistparser.cc
index 31bded9ca..96de2b997 100644
--- a/apt-pkg/edsp/edsplistparser.cc
+++ b/apt-pkg/edsp/edsplistparser.cc
@@ -15,10 +15,10 @@
 #include <apt-pkg/deblistparser.h>
 #include <apt-pkg/edsplistparser.h>
 #include <apt-pkg/fileutl.h>
-#include <apt-pkg/md5.h>
 #include <apt-pkg/pkgcache.h>
 #include <apt-pkg/pkgsystem.h>
 #include <apt-pkg/string_view.h>
+#include <apt-pkg/strutl.h>
 #include <apt-pkg/tagfile.h>
 
 #include <array>
diff --git a/apt-pkg/edsp/edsplistparser.h b/apt-pkg/edsp/edsplistparser.h
index 6087e77e6..2c136026d 100644
--- a/apt-pkg/edsp/edsplistparser.h
+++ b/apt-pkg/edsp/edsplistparser.h
@@ -13,7 +13,6 @@
 
 #include <apt-pkg/deblistparser.h>
 #include <apt-pkg/fileutl.h>
-#include <apt-pkg/md5.h>
 #include <apt-pkg/pkgcache.h>
 
 #include <string>
diff --git a/apt-pkg/pkgcachegen.cc b/apt-pkg/pkgcachegen.cc
index 183750acb..75bd4c853 100644
--- a/apt-pkg/pkgcachegen.cc
+++ b/apt-pkg/pkgcachegen.cc
@@ -17,7 +17,6 @@
 #include <apt-pkg/hashsum_template.h>
 #include <apt-pkg/indexfile.h>
 #include <apt-pkg/macros.h>
-#include <apt-pkg/md5.h>
 #include <apt-pkg/metaindex.h>
 #include <apt-pkg/mmap.h>
 #include <apt-pkg/pkgcache.h>
diff --git a/apt-pkg/pkgcachegen.h b/apt-pkg/pkgcachegen.h
index 2db2237da..55bf57418 100644
--- a/apt-pkg/pkgcachegen.h
+++ b/apt-pkg/pkgcachegen.h
@@ -19,7 +19,6 @@
 #define PKGLIB_PKGCACHEGEN_H
 
 #include <apt-pkg/macros.h>
-#include <apt-pkg/md5.h>
 #include <apt-pkg/mmap.h>
 #include <apt-pkg/pkgcache.h>
 
diff --git a/apt-private/private-show.cc b/apt-private/private-show.cc
index 9ebbe6ac0..103fa57e4 100644
--- a/apt-private/private-show.cc
+++ b/apt-private/private-show.cc
@@ -8,6 +8,7 @@
 #include <apt-pkg/depcache.h>
 #include <apt-pkg/error.h>
 #include <apt-pkg/fileutl.h>
+#include <apt-pkg/hashes.h>
 #include <apt-pkg/indexfile.h>
 #include <apt-pkg/macros.h>
 #include <apt-pkg/pkgcache.h>
@@ -415,9 +416,9 @@ bool ShowPackage(CommandLine &CmdL)					/*{{{*/
 static std::string Sha1FromString(std::string const &input)		/*{{{*/
 {
    // XXX: move to hashes.h: HashString::FromString() ?
-   SHA1Summation sha1;
+   Hashes sha1(Hashes::SHA1SUM);
    sha1.Add(input.c_str(), input.length());
-   return sha1.Result().Value();
+   return sha1.GetHashString(Hashes::SHA1SUM).HashValue();
 }
 									/*}}}*/
 bool ShowSrcPackage(CommandLine &CmdL)					/*{{{*/
diff --git a/cmdline/apt-get.cc b/cmdline/apt-get.cc
index 5d81c08a4..efb5cfd73 100644
--- a/cmdline/apt-get.cc
+++ b/cmdline/apt-get.cc
@@ -42,7 +42,6 @@
 #include <apt-pkg/indexfile.h>
 #include <apt-pkg/init.h>
 #include <apt-pkg/macros.h>
-#include <apt-pkg/md5.h>
 #include <apt-pkg/metaindex.h>
 #include <apt-pkg/pkgcache.h>
 #include <apt-pkg/pkgrecords.h>
diff --git a/debian/control b/debian/control
index d12f93e1b..4bc1e0c33 100644
--- a/debian/control
+++ b/debian/control
@@ -17,6 +17,7 @@ Build-Depends: cmake (>= 3.4),
                libbz2-dev,
                libdb-dev,
                libgnutls28-dev (>= 3.4.6),
+               libgcrypt20-dev,
                liblz4-dev (>= 0.0~r126),
                liblzma-dev,
                libseccomp-dev [amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x hppa powerpc powerpcspe ppc64 x32],
diff --git a/ftparchive/cachedb.cc b/ftparchive/cachedb.cc
index 1890c28d0..dedb01eaa 100644
--- a/ftparchive/cachedb.cc
+++ b/ftparchive/cachedb.cc
@@ -17,9 +17,6 @@
 #include <apt-pkg/fileutl.h>
 #include <apt-pkg/gpgv.h>
 #include <apt-pkg/hashes.h>
-#include <apt-pkg/md5.h>
-#include <apt-pkg/sha1.h>
-#include <apt-pkg/sha2.h>
 #include <apt-pkg/strutl.h>
 
 #include <ctype.h>
diff --git a/ftparchive/multicompress.cc b/ftparchive/multicompress.cc
index f5fe14164..cdaa7a60a 100644
--- a/ftparchive/multicompress.cc
+++ b/ftparchive/multicompress.cc
@@ -18,8 +18,7 @@
 #include <apt-pkg/aptconfiguration.h>
 #include <apt-pkg/error.h>
 #include <apt-pkg/fileutl.h>
-#include <apt-pkg/hashsum_template.h>
-#include <apt-pkg/md5.h>
+#include <apt-pkg/hashes.h>
 #include <apt-pkg/strutl.h>
 
 #include <ctype.h>
@@ -267,7 +266,7 @@ bool MultiCompress::Child(int const &FD)
    SetNonBlock(FD,false);
    unsigned char Buffer[32*1024];
    unsigned long long FileSize = 0;
-   MD5Summation MD5;
+   Hashes MD5(Hashes::MD5SUM);
    while (1)
    {
       WaitFd(FD,false);
@@ -315,7 +314,7 @@ bool MultiCompress::Child(int const &FD)
       }
 
       // Compute the hash
-      MD5Summation OldMD5;
+      Hashes OldMD5(Hashes::MD5SUM);
       unsigned long long NewFileSize = 0;
       while (1)
       {
@@ -330,7 +329,7 @@ bool MultiCompress::Child(int const &FD)
       CompFd.Close();
 
       // Check the hash
-      if (OldMD5.Result() == MD5.Result() &&
+      if (OldMD5.GetHashString(Hashes::MD5SUM) == MD5.GetHashString(Hashes::MD5SUM) &&
 	  FileSize == NewFileSize)
       {
 	 for (Files *I = Outputs; I != 0; I = I->Next)
diff --git a/ftparchive/writer.cc b/ftparchive/writer.cc
index 078638c41..5dcb98c9c 100644
--- a/ftparchive/writer.cc
+++ b/ftparchive/writer.cc
@@ -19,10 +19,7 @@
 #include <apt-pkg/fileutl.h>
 #include <apt-pkg/gpgv.h>
 #include <apt-pkg/hashes.h>
-#include <apt-pkg/md5.h>
 #include <apt-pkg/pkgcache.h>
-#include <apt-pkg/sha1.h>
-#include <apt-pkg/sha2.h>
 #include <apt-pkg/strutl.h>
 #include <apt-pkg/tagfile.h>
 
@@ -493,9 +490,9 @@ bool PackagesWriter::DoPackage(string FileName)
 
    string DescriptionMd5;
    if (LongDescription == false) {
-      MD5Summation descmd5;
+      Hashes descmd5(Hashes::MD5SUM);
       descmd5.Add(desc.c_str());
-      DescriptionMd5 = descmd5.Result().Value();
+      DescriptionMd5 = descmd5.GetHashString(Hashes::MD5SUM).HashValue();
       Changes.push_back(pkgTagSection::Tag::Rewrite("Description-md5", DescriptionMd5));
       if (TransWriter != NULL)
 	 TransWriter->DoPackage(Package, desc, DescriptionMd5);
diff --git a/test/libapt/hashsums_test.cc b/test/libapt/hashsums_test.cc
index eede213cd..c50c84b90 100644
--- a/test/libapt/hashsums_test.cc
+++ b/test/libapt/hashsums_test.cc
@@ -29,9 +29,11 @@ TEST(HashSumsTest,SummationStrings)
 {
 #define EXPECT_SUM(Summation, In, Out) \
    { \
+      APT_IGNORE_DEPRECATED_PUSH \
       Summation Sum; \
       Sum.Add(In); \
       EXPECT_EQ(Sum.Result().Value(), Out) << #Summation << " for '" << In << "'"; \
+      APT_IGNORE_DEPRECATED_POP \
    }
 
    // From  FIPS PUB 180-1
@@ -80,6 +82,7 @@ TEST(HashSumsTest,SummationStrings)
 }
 TEST(HashSumsTest, Mill)
 {
+APT_IGNORE_DEPRECATED_PUSH
    SHA1Summation Sum1;
 
    const unsigned char As[] = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
@@ -100,6 +103,7 @@ TEST(HashSumsTest, Mill)
    }
 
    EXPECT_EQ("34aa973cd4c4daa4f61eeb2bdbad27316534016f", Sum1.Result().Value());
+APT_IGNORE_DEPRECATED_POP
 }
 
 static void getSummationString(char const * const type, std::string &sum)
@@ -146,20 +150,20 @@ TEST(HashSumsTest, FileBased)
    std::string summation;
 
    getSummationString("md5sum", summation);
-   MD5SumValue md5(summation);
-   EXPECT_EQ(md5.Value(), summation);
+   HashString md5("MD5Sum", summation);
+   EXPECT_EQ(md5.HashValue(), summation);
 
    getSummationString("sha1sum", summation);
-   SHA1SumValue sha1(summation);
-   EXPECT_EQ(sha1.Value(), summation);
+   HashString sha1("SHA1", summation);
+   EXPECT_EQ(sha1.HashValue(), summation);
 
    getSummationString("sha256sum", summation);
-   SHA256SumValue sha256(summation);
-   EXPECT_EQ(sha256.Value(), summation);
+   HashString sha256("SHA256", summation);
+   EXPECT_EQ(sha256.HashValue(), summation);
 
    getSummationString("sha512sum", summation);
-   SHA512SumValue sha512(summation);
-   EXPECT_EQ(sha512.Value(), summation);
+   HashString sha512("SHA512", summation);
+   EXPECT_EQ(sha512.HashValue(), summation);
 
    FileFd fd("/etc/os-release", FileFd::ReadOnly);
    EXPECT_TRUE(fd.IsOpen());
@@ -172,10 +176,10 @@ TEST(HashSumsTest, FileBased)
       HashStringList list = hashes.GetHashStringList();
       EXPECT_FALSE(list.empty());
       EXPECT_EQ(5u, list.size());
-      EXPECT_EQ(md5.Value(), list.find("MD5Sum")->HashValue());
-      EXPECT_EQ(sha1.Value(), list.find("SHA1")->HashValue());
-      EXPECT_EQ(sha256.Value(), list.find("SHA256")->HashValue());
-      EXPECT_EQ(sha512.Value(), list.find("SHA512")->HashValue());
+      EXPECT_EQ(md5.HashValue(), list.find("MD5Sum")->HashValue());
+      EXPECT_EQ(sha1.HashValue(), list.find("SHA1")->HashValue());
+      EXPECT_EQ(sha256.HashValue(), list.find("SHA256")->HashValue());
+      EXPECT_EQ(sha512.HashValue(), list.find("SHA512")->HashValue());
       EXPECT_EQ(FileSize, list.find("Checksum-FileSize")->HashValue());
    }
    unsigned long long sz = fd.FileSize();
@@ -186,10 +190,10 @@ TEST(HashSumsTest, FileBased)
       HashStringList list = hashes.GetHashStringList();
       EXPECT_FALSE(list.empty());
       EXPECT_EQ(5u, list.size());
-      EXPECT_EQ(md5.Value(), list.find("MD5Sum")->HashValue());
-      EXPECT_EQ(sha1.Value(), list.find("SHA1")->HashValue());
-      EXPECT_EQ(sha256.Value(), list.find("SHA256")->HashValue());
-      EXPECT_EQ(sha512.Value(), list.find("SHA512")->HashValue());
+      EXPECT_EQ(md5.HashValue(), list.find("MD5Sum")->HashValue());
+      EXPECT_EQ(sha1.HashValue(), list.find("SHA1")->HashValue());
+      EXPECT_EQ(sha256.HashValue(), list.find("SHA256")->HashValue());
+      EXPECT_EQ(sha512.HashValue(), list.find("SHA512")->HashValue());
       EXPECT_EQ(FileSize, list.find("Checksum-FileSize")->HashValue());
    }
    fd.Seek(0);
@@ -199,10 +203,10 @@ TEST(HashSumsTest, FileBased)
       HashStringList list = hashes.GetHashStringList();
       EXPECT_FALSE(list.empty());
       EXPECT_EQ(3u, list.size());
-      EXPECT_EQ(md5.Value(), list.find("MD5Sum")->HashValue());
+      EXPECT_EQ(md5.HashValue(), list.find("MD5Sum")->HashValue());
       EXPECT_EQ(NULL, list.find("SHA1"));
       EXPECT_EQ(NULL, list.find("SHA256"));
-      EXPECT_EQ(sha512.Value(), list.find("SHA512")->HashValue());
+      EXPECT_EQ(sha512.HashValue(), list.find("SHA512")->HashValue());
       EXPECT_EQ(FileSize, list.find("Checksum-FileSize")->HashValue());
       fd.Seek(0);
       Hashes hashes2(list);
@@ -210,39 +214,39 @@ TEST(HashSumsTest, FileBased)
       list = hashes2.GetHashStringList();
       EXPECT_FALSE(list.empty());
       EXPECT_EQ(3u, list.size());
-      EXPECT_EQ(md5.Value(), list.find("MD5Sum")->HashValue());
+      EXPECT_EQ(md5.HashValue(), list.find("MD5Sum")->HashValue());
       EXPECT_EQ(NULL, list.find("SHA1"));
       EXPECT_EQ(NULL, list.find("SHA256"));
-      EXPECT_EQ(sha512.Value(), list.find("SHA512")->HashValue());
+      EXPECT_EQ(sha512.HashValue(), list.find("SHA512")->HashValue());
       EXPECT_EQ(FileSize, list.find("Checksum-FileSize")->HashValue());
    }
    fd.Seek(0);
    {
-      MD5Summation MD5;
+      Hashes MD5(Hashes::MD5SUM);
       MD5.AddFD(fd.Fd());
-      EXPECT_EQ(md5.Value(), MD5.Result().Value());
+      EXPECT_EQ(md5, MD5.GetHashString(Hashes::MD5SUM));
    }
    fd.Seek(0);
    {
-      SHA1Summation SHA1;
+      Hashes SHA1(Hashes::SHA1SUM);
       SHA1.AddFD(fd.Fd());
-      EXPECT_EQ(sha1.Value(), SHA1.Result().Value());
+      EXPECT_EQ(sha1, SHA1.GetHashString(Hashes::SHA1SUM));
    }
    fd.Seek(0);
    {
-      SHA256Summation SHA2;
+      Hashes SHA2(Hashes::SHA256SUM);
       SHA2.AddFD(fd.Fd());
-      EXPECT_EQ(sha256.Value(), SHA2.Result().Value());
+      EXPECT_EQ(sha256, SHA2.GetHashString(Hashes::SHA256SUM));
    }
    fd.Seek(0);
    {
-      SHA512Summation SHA2;
+      Hashes SHA2(Hashes::SHA512SUM);
       SHA2.AddFD(fd.Fd());
-      EXPECT_EQ(sha512.Value(), SHA2.Result().Value());
+      EXPECT_EQ(sha512, SHA2.GetHashString(Hashes::SHA512SUM));
    }
    fd.Close();
 
-   HashString sha2file("SHA512", sha512.Value());
+   HashString sha2file("SHA512", sha512.HashValue());
    EXPECT_TRUE(sha2file.VerifyFile("/etc/os-release"));
    HashString sha2wrong("SHA512", "00000000000");
    EXPECT_FALSE(sha2wrong.VerifyFile("/etc/os-release"));
@@ -251,9 +255,9 @@ TEST(HashSumsTest, FileBased)
    EXPECT_NE(sha2file, sha2wrong);
    EXPECT_TRUE(sha2file != sha2wrong);
 
-   HashString sha2big("SHA256", sha256.Value());
+   HashString sha2big("SHA256", sha256.HashValue());
    EXPECT_TRUE(sha2big.VerifyFile("/etc/os-release"));
-   HashString sha2small("sha256:" + sha256.Value());
+   HashString sha2small("sha256:" + sha256.HashValue());
    EXPECT_TRUE(sha2small.VerifyFile("/etc/os-release"));
    EXPECT_EQ(sha2big, sha2small);
    EXPECT_TRUE(sha2big == sha2small);
author	Julian Andres Klode <jak@debian.org>	2020-01-14 12:57:54 +0000
committer	Julian Andres Klode <jak@debian.org>	2020-01-14 12:57:54 +0000
commit	5db3a38926aa820546c411dd9f49f57eea24cd9e (patch)
tree	b794739c375d7c984c4190be44b9ed678e9bf0da
parent	cfeae24843e8357c7e8d2ff3b23ee81cac330017 (diff)
parent	8c1a37e12790a23f3b132899485e011f9134b483 (diff)