use nettle instead of openssl for (base64+sha256)=b64to32 func

Signed-off-by: AGentooCat <agentoocat@mail.i2p>
2025-04-18 12:37:50 +00:00
parent 373d91b406
commit e99b38bf3b
2 changed files with 23 additions and 18 deletions
--- a/config.mk
+++ b/config.mk
@ -25,7 +25,7 @@ PROG_SRCS=main.c args.c config.c util.c mail.c sam.c smtp.c log.c linepoll.c pop
 LIB_SRCS=

 # what the program depends on (-l<ib>)
-PROG_LIBS=-liniparser -lsqlite3 -lssl -lcrypto
+PROG_LIBS=-liniparser -lsqlite3 -lnettle

 # if the library installs headers, place them under (root)/include
 # and add them here to be installed under (DESTDIR)/(PREFIX)/include
--- a/src/sam.c
+++ b/src/sam.c
@ -6,9 +6,8 @@
 #include <err.h>
 #include <string.h>
 #include <stdio.h>
-#include <openssl/bio.h>
-#include <openssl/sha.h>
-#include <openssl/evp.h>
+#include <nettle/sha2.h>
+#include <nettle/base64.h>
 #include <unistd.h>

 #include "smtp.h"
@ -371,33 +370,39 @@ void *inmailhand(void *data) {

 char *b64to32(char *dest) {
    char *c = dest;
+    size_t l = 0, ol = 0;
    while (*c) {
 	if (*c == '-') *c = '+';
 	else if (*c == '~') *c = '/';
 	c++;
+	l++;
    }
-    BIO *b64 = BIO_new(BIO_f_base64());
-    BIO *mem = BIO_new_mem_buf(dest, -1);
-    if (!b64 || !mem) {
-	BIO_free(b64);
-	BIO_free(mem);
-	return NULL;
-    }
-    BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
-    BIO_push(b64, mem);
-    uint8_t bindest[391];
-    int lret = BIO_read(b64, bindest, 391);
-    BIO_free_all(b64);
+
+    uint8_t bindest[400];
+    memset(bindest, 0, 400);
+    struct base64_decode_ctx b64ctx;
+    nettle_base64_decode_init(&b64ctx);
+    int ret = nettle_base64_decode_update(&b64ctx, &ol, bindest, l, dest);
+    ret = ret && ol >= 391 && nettle_base64_decode_final(&b64ctx);
+
    c = dest;
    while (*c) {
 	if (*c == '+') *c = '-';
 	else if (*c == '/') *c = '~';
 	c++;
    }
-    if (lret < 391) return NULL;
+    if (!ret) {
+	log(ERROR, "nettle seems to have failed");
+	return NULL;
+    }

    uint8_t b32addr[32];
-    SHA256(bindest, 391, b32addr);
+
+    struct sha256_ctx s2ctx;
+    nettle_sha256_init(&s2ctx);
+    nettle_sha256_update(&s2ctx, 391, bindest);
+    nettle_sha256_digest(&s2ctx, 32, b32addr);
+
    char *b32text = b32enc(b32addr, 32);
    if (!b32text) {
 b32fail: