www.gitorious.org Git - gnutls:gnutls.git/blob

1 /*

4 *

5 * This file is part of GnuTLS-EXTRA.

6 *

7 * GnuTLS-extra is free software: you can redistribute it and/or modify

8 * it under the terms of the GNU General Public License as published by

9 * the Free Software Foundation, either version 3 of the License, or

10 * (at your option) any later version.

11 *

12 * GnuTLS-extra is distributed in the hope that it will be useful,

13 * but WITHOUT ANY WARRANTY; without even the implied warranty of

14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

15 * GNU General Public License for more details.

16 *

17 * You should have received a copy of the GNU General Public License

18 * along with this program. If not, see <http://www.gnu.org/licenses/>.

19 */

21 #include <config.h>

23 #include <gnutls/gnutls.h>

24 #include <openssl_compat.h>

25 #include <stdio.h>

26 #include <stdlib.h>

27 #include <string.h>

28 #include "../lib/gnutls_int.h"

29 #include "../lib/random.h"

30 #include "../lib/gnutls_hash_int.h"

32 /* In win32 X509_NAME is defined in wincrypt.h.

33 * undefine it to avoid the conflict with openssl.h.

34 */

35 #ifdef X509_NAME

36 #undef X509_NAME

37 #endif

38 #include <gnutls/openssl.h>

40 /* Gnulib re-defines shutdown on mingw. We only use it as a variable

41 name, so restore the original name. */

42 #undef shutdown

44 /* XXX: See lib/gnutls_int.h. */

45 #define GNUTLS_POINTER_TO_INT(_) ((int) GNUTLS_POINTER_TO_INT_CAST (_))

46 #define GNUTLS_INT_TO_POINTER(_) ((void*) GNUTLS_POINTER_TO_INT_CAST (_))

48 /* WARNING: Error functions aren't currently thread-safe */

50 static int last_error = 0;

52 /* Library initialisation functions */

54 int SSL_library_init(void)

55 {

56 gnutls_global_init();

57 /* NB: we haven't got anywhere to call gnutls_global_deinit() */

58 return 1;

59 }

61 void OpenSSL_add_all_algorithms(void)

62 {

63 }

66 /* SSL_CTX structure handling */

68 SSL_CTX *SSL_CTX_new(SSL_METHOD * method)

69 {

70 SSL_CTX *ctx;

72 ctx = (SSL_CTX *) calloc(1, sizeof(SSL_CTX));

73 ctx->method = method;

75 return ctx;

76 }

78 void SSL_CTX_free(SSL_CTX * ctx)

79 {

80 free(ctx->method);

81 free(ctx);

82 }

84 int SSL_CTX_set_default_verify_paths(SSL_CTX * ctx)

85 {

86 return 0;

87 }

89 int

90 SSL_CTX_use_certificate_file(SSL_CTX * ctx, const char *certfile, int type)

91 {

92 ctx->certfile = (char *) calloc(1, strlen(certfile) + 1);

93 if (!ctx->certfile)

94 return -1;

95 memcpy(ctx->certfile, certfile, strlen(certfile));

97 ctx->certfile_type = type;

99 return 1;

100 }

101

102 int

103 SSL_CTX_use_PrivateKey_file(SSL_CTX * ctx, const char *keyfile, int type)

104 {

105 ctx->keyfile = (char *) calloc(1, strlen(keyfile) + 1);

106 if (!ctx->keyfile)

107 return -1;

108 memcpy(ctx->keyfile, keyfile, strlen(keyfile));

109

110 ctx->keyfile_type = type;

111

112 return 1;

113

114 }

115

116 void

117 SSL_CTX_set_verify(SSL_CTX * ctx, int verify_mode,

118 int (*verify_callback) (int, X509_STORE_CTX *))

119 {

120 ctx->verify_mode = verify_mode;

121 ctx->verify_callback = verify_callback;

122 }

123

124 unsigned long SSL_CTX_set_options(SSL_CTX * ctx, unsigned long options)

125 {

126 return (ctx->options |= options);

127 }

128

129 long SSL_CTX_set_mode(SSL_CTX * ctx, long mode)

130 {

131 return 0;

132 }

133

134 int SSL_CTX_set_cipher_list(SSL_CTX * ctx, const char *list)

135 {

136 /* FIXME: ignore this for the moment */

137 /* We're going to have to parse the "list" string to do this */

138 /* It is a string, which in its simplest form is something like

139 "DES-CBC3-SHA:IDEA-CBC-MD5", but can be rather more complicated

140 (see OpenSSL's ciphers(1) manpage for details) */

141

142 return 1;

143 }

144

145

146 /* SSL_CTX statistics */

147

148 long SSL_CTX_sess_number(SSL_CTX * ctx)

149 {

150 return 0;

151 }

152

153 long SSL_CTX_sess_connect(SSL_CTX * ctx)

154 {

155 return 0;

156 }

157

158 long SSL_CTX_sess_connect_good(SSL_CTX * ctx)

159 {

160 return 0;

161 }

162

163 long SSL_CTX_sess_connect_renegotiate(SSL_CTX * ctx)

164 {

165 return 0;

166 }

167

168 long SSL_CTX_sess_accept(SSL_CTX * ctx)

169 {

170 return 0;

171 }

172

173 long SSL_CTX_sess_accept_good(SSL_CTX * ctx)

174 {

175 return 0;

176 }

177

178 long SSL_CTX_sess_accept_renegotiate(SSL_CTX * ctx)

179 {

180 return 0;

181 }

182

183 long SSL_CTX_sess_hits(SSL_CTX * ctx)

184 {

185 return 0;

186 }

187

188 long SSL_CTX_sess_misses(SSL_CTX * ctx)

189 {

190 return 0;

191 }

192

193 long SSL_CTX_sess_timeouts(SSL_CTX * ctx)

194 {

195 return 0;

196 }

197

198

199

200 /* SSL structure handling */

201

202 SSL *SSL_new(SSL_CTX * ctx)

203 {

204 SSL *ssl;

205 int err;

206

207 ssl = (SSL *) calloc(1, sizeof(SSL));

208 if (!ssl)

209 return NULL;

210

211 err = gnutls_certificate_allocate_credentials(&ssl->gnutls_cred);

212 if (err < 0) {

213 last_error = err;

214 free(ssl);

215 return NULL;

216 }

217

218 gnutls_init(&ssl->gnutls_state, ctx->method->connend);

219

220 gnutls_priority_set_direct(ssl->gnutls_state,

221 ctx->method->priority_string, NULL);

222

223 gnutls_credentials_set(ssl->gnutls_state, GNUTLS_CRD_CERTIFICATE,

224 ssl->gnutls_cred);

225 if (ctx->certfile)

226 gnutls_certificate_set_x509_trust_file(ssl->gnutls_cred,

227 ctx->certfile,

228 ctx->certfile_type);

229 if (ctx->keyfile)

230 gnutls_certificate_set_x509_key_file(ssl->gnutls_cred,

231 ctx->certfile,

232 ctx->keyfile,

233 ctx->keyfile_type);

234 ssl->ctx = ctx;

235 ssl->verify_mode = ctx->verify_mode;

236 ssl->verify_callback = ctx->verify_callback;

237

238 ssl->options = ctx->options;

239

240 ssl->rfd = (gnutls_transport_ptr_t) - 1;

241 ssl->wfd = (gnutls_transport_ptr_t) - 1;

242

243 return ssl;

244 }

245

246 void SSL_free(SSL * ssl)

247 {

248 gnutls_certificate_free_credentials(ssl->gnutls_cred);

249 gnutls_deinit(ssl->gnutls_state);

250 free(ssl);

251 }

252

253 void SSL_load_error_strings(void)

254 {

255 }

256

257 int SSL_get_error(SSL * ssl, int ret)

258 {

259 if (ret > 0)

260 return SSL_ERROR_NONE;

261

262 return SSL_ERROR_ZERO_RETURN;

263 }

264

265 int SSL_set_fd(SSL * ssl, int fd)

266 {

267 gnutls_transport_set_ptr(ssl->gnutls_state,

268 GNUTLS_INT_TO_POINTER(fd));

269 return 1;

270 }

271

272 int SSL_set_rfd(SSL * ssl, int fd)

273 {

274 ssl->rfd = GNUTLS_INT_TO_POINTER(fd);

275

276 if (ssl->wfd != (gnutls_transport_ptr_t) - 1)

277 gnutls_transport_set_ptr2(ssl->gnutls_state, ssl->rfd,

278 ssl->wfd);

279

280 return 1;

281 }

282

283 int SSL_set_wfd(SSL * ssl, int fd)

284 {

285 ssl->wfd = GNUTLS_INT_TO_POINTER(fd);

286

287 if (ssl->rfd != (gnutls_transport_ptr_t) - 1)

288 gnutls_transport_set_ptr2(ssl->gnutls_state, ssl->rfd,

289 ssl->wfd);

290

291 return 1;

292 }

293

294 void SSL_set_bio(SSL * ssl, BIO * rbio, BIO * wbio)

295 {

296 gnutls_transport_set_ptr2(ssl->gnutls_state, rbio->fd, wbio->fd);

297 /* free(BIO); ? */

298 }

299

300 void SSL_set_connect_state(SSL * ssl)

301 {

302 }

303

304 int SSL_pending(SSL * ssl)

305 {

306 return gnutls_record_check_pending(ssl->gnutls_state);

307 }

308

309 void

310 SSL_set_verify(SSL * ssl, int verify_mode,

311 int (*verify_callback) (int, X509_STORE_CTX *))

312 {

313 ssl->verify_mode = verify_mode;

314 ssl->verify_callback = verify_callback;

315 }

316

317 const X509 *SSL_get_peer_certificate(SSL * ssl)

318 {

319 const gnutls_datum_t *cert_list;

320 unsigned int cert_list_size = 0;

321

322 cert_list = gnutls_certificate_get_peers(ssl->gnutls_state,

323 &cert_list_size);

324

325 return cert_list;

326 }

327

328 /* SSL connection open/close/read/write functions */

329

330 int SSL_connect(SSL * ssl)

331 {

332 X509_STORE_CTX *store;

333 unsigned int cert_list_size = 0;

334 int err;

335 char x_priority[256];

336 /* take options into account before connecting */

337

338 memset(x_priority, 0, sizeof(x_priority));

339 if (ssl->options & SSL_OP_NO_TLSv1) {

340 snprintf(x_priority, sizeof(x_priority), "%s:-VERS-TLS1.0",

341 ssl->ctx->method->priority_string);

342 err =

343 gnutls_priority_set_direct(ssl->gnutls_state,

344 x_priority, NULL);

345 if (err < 0) {

346 last_error = err;

347 return 0;

348 }

349 }

350

351 err = gnutls_handshake(ssl->gnutls_state);

352 ssl->last_error = err;

353

354 if (err < 0) {

355 last_error = err;

356 return 0;

357 }

358

359 store = (X509_STORE_CTX *) calloc(1, sizeof(X509_STORE_CTX));

360 store->ssl = ssl;

361 store->cert_list = gnutls_certificate_get_peers(ssl->gnutls_state,

362 &cert_list_size);

363

364 if (ssl->verify_callback) {

365 ssl->verify_callback(1 /*FIXME*/, store);

366 }

367 ssl->state = SSL_ST_OK;

368

369 err = store->error;

370 free(store);

371

372 /* FIXME: deal with error from callback */

373

374 return 1;

375 }

376

377 int SSL_accept(SSL * ssl)

378 {

379 X509_STORE_CTX *store;

380 unsigned int cert_list_size = 0;

381 int err;

382 char x_priority[256];

383 /* take options into account before connecting */

384

385 memset(x_priority, 0, sizeof(x_priority));

386 if (ssl->options & SSL_OP_NO_TLSv1) {

387 snprintf(x_priority, sizeof(x_priority), "%s:-VERS-TLS1.0",

388 ssl->ctx->method->priority_string);

389 err =

390 gnutls_priority_set_direct(ssl->gnutls_state,

391 x_priority, NULL);

392 if (err < 0) {

393 last_error = err;

394 return 0;

395 }

396 }

397

398 /* FIXME: dh params, do we want client cert? */

399

400 err = gnutls_handshake(ssl->gnutls_state);

401 ssl->last_error = err;

402

403 if (err < 0) {

404 last_error = err;

405 return 0;

406 }

407

408 store = (X509_STORE_CTX *) calloc(1, sizeof(X509_STORE_CTX));

409 store->ssl = ssl;

410 store->cert_list = gnutls_certificate_get_peers(ssl->gnutls_state,

411 &cert_list_size);

412

413 if (ssl->verify_callback) {

414 ssl->verify_callback(1 /*FIXME*/, store);

415 }

416 ssl->state = SSL_ST_OK;

417

418 err = store->error;

419 free(store);

420

421 /* FIXME: deal with error from callback */

422

423 return 1;

424 }

425

426 int SSL_shutdown(SSL * ssl)

427 {

428 if (!ssl->shutdown) {

429 gnutls_bye(ssl->gnutls_state, GNUTLS_SHUT_WR);

430 ssl->shutdown++;

431 } else {

432 gnutls_bye(ssl->gnutls_state, GNUTLS_SHUT_RDWR);

433 ssl->shutdown++;

434 }

435

436 /* FIXME */

437 return 1;

438 }

439

440 int SSL_read(SSL * ssl, void *buf, int len)

441 {

442 int ret;

443

444 ret = gnutls_record_recv(ssl->gnutls_state, buf, len);

445 ssl->last_error = ret;

446

447 if (ret < 0) {

448 last_error = ret;

449 return 0;

450 }

451

452 return ret;

453 }

454

455 int SSL_write(SSL * ssl, const void *buf, int len)

456 {

457 int ret;

458

459 ret = gnutls_record_send(ssl->gnutls_state, buf, len);

460 ssl->last_error = ret;

461

462 if (ret < 0) {

463 last_error = ret;

464 return 0;

465 }

466

467 return ret;

468 }

469

470 int SSL_want(SSL * ssl)

471 {

472 return SSL_NOTHING;

473 }

474

475

476 /* SSL_METHOD functions */

477

478 SSL_METHOD *SSLv23_client_method(void)

479 {

480 SSL_METHOD *m;

481 m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD));

482 if (!m)

483 return NULL;

484

485 strcpy(m->priority_string,

486 "NONE:+VERS-TLS1.0:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");

487

488 m->connend = GNUTLS_CLIENT;

489

490 return m;

491 }

492

493 SSL_METHOD *SSLv23_server_method(void)

494 {

495 SSL_METHOD *m;

496 m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD));

497 if (!m)

498 return NULL;

499

500 strcpy(m->priority_string,

501 "NONE:+VERS-TLS1.0:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");

502 m->connend = GNUTLS_SERVER;

503

504 return m;

505 }

506

507 SSL_METHOD *SSLv3_client_method(void)

508 {

509 SSL_METHOD *m;

510 m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD));

511 if (!m)

512 return NULL;

513

514 strcpy(m->priority_string,

515 "NONE:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");

516 m->connend = GNUTLS_CLIENT;

517

518 return m;

519 }

520

521 SSL_METHOD *SSLv3_server_method(void)

522 {

523 SSL_METHOD *m;

524 m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD));

525 if (!m)

526 return NULL;

527

528 strcpy(m->priority_string,

529 "NONE:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");

530 m->connend = GNUTLS_SERVER;

531

532 return m;

533 }

534

535 SSL_METHOD *TLSv1_client_method(void)

536 {

537 SSL_METHOD *m;

538 m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD));

539 if (!m)

540 return NULL;

541

542 strcpy(m->priority_string,

543 "NONE:+VERS-TLS1.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");

544 m->connend = GNUTLS_CLIENT;

545

546 return m;

547 }

548

549 SSL_METHOD *TLSv1_server_method(void)

550 {

551 SSL_METHOD *m;

552 m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD));

553 if (!m)

554 return NULL;

555

556 strcpy(m->priority_string,

557 "NONE:+VERS-TLS1.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");

558 m->connend = GNUTLS_SERVER;

559

560 return m;

561 }

562

563

564 /* SSL_CIPHER functions */

565

566 SSL_CIPHER *SSL_get_current_cipher(SSL * ssl)

567 {

568 if (!ssl)

569 return NULL;

570

571 ssl->ciphersuite.version =

572 gnutls_protocol_get_version(ssl->gnutls_state);

573 ssl->ciphersuite.cipher = gnutls_cipher_get(ssl->gnutls_state);

574 ssl->ciphersuite.kx = gnutls_kx_get(ssl->gnutls_state);

575 ssl->ciphersuite.mac = gnutls_mac_get(ssl->gnutls_state);

576 ssl->ciphersuite.compression =

577 gnutls_compression_get(ssl->gnutls_state);

578 ssl->ciphersuite.cert =

579 gnutls_certificate_type_get(ssl->gnutls_state);

580

581 return &(ssl->ciphersuite);

582 }

583

584 const char *SSL_CIPHER_get_name(SSL_CIPHER * cipher)

585 {

586 if (!cipher)

587 return ("NONE");

588

589 return gnutls_cipher_suite_get_name(cipher->kx,

590 cipher->cipher, cipher->mac);

591 }

592

593 int SSL_CIPHER_get_bits(SSL_CIPHER * cipher, int *bits)

594 {

595 int bit_result;

596

597 if (!cipher)

598 return 0;

599

600 bit_result = (8 * gnutls_cipher_get_key_size(cipher->cipher));

601

602 if (bits)

603 *bits = bit_result;

604

605 return bit_result;

606 }

607

608 const char *SSL_CIPHER_get_version(SSL_CIPHER * cipher)

609 {

610 const char *ret;

611

612 if (!cipher)

613 return ("(NONE)");

614

615 ret = gnutls_protocol_get_name(cipher->version);

616 if (ret)

617 return ret;

618

619 return ("unknown");

620 }

621

622 char *SSL_CIPHER_description(SSL_CIPHER * cipher, char *buf, int size)

623 {

624 char *tmpbuf;

625 int tmpsize;

626 int local_alloc;

627

628 if (buf) {

629 tmpbuf = buf;

630 tmpsize = size;

631 local_alloc = 0;

632 } else {

633 tmpbuf = (char *) malloc(128);

634 tmpsize = 128;

635 local_alloc = 1;

636 }

637

638 if (snprintf(tmpbuf, tmpsize, "%s %s %s %s",

639 gnutls_protocol_get_name(cipher->version),

640 gnutls_kx_get_name(cipher->kx),

641 gnutls_cipher_get_name(cipher->cipher),

642 gnutls_mac_get_name(cipher->mac)) == -1) {

643 if (local_alloc)

644 free(tmpbuf);

645 return (char *) "Buffer too small";

646 }

647

648 return tmpbuf;

649 }

650

651

652 /* X509 functions */

653

654 X509_NAME *X509_get_subject_name(const X509 * cert)

655 {

656 gnutls_x509_dn *dn;

657 dn = (gnutls_x509_dn *) calloc(1, sizeof(gnutls_x509_dn));

658 if (gnutls_x509_extract_certificate_dn(cert, dn) < 0) {

659 free(dn);

660 return NULL;

661 }

662 return dn;

663 }

664

665 X509_NAME *X509_get_issuer_name(const X509 * cert)

666 {

667 gnutls_x509_dn *dn;

668 dn = (gnutls_x509_dn *) calloc(1, sizeof(gnutls_x509_dn));

669 if (gnutls_x509_extract_certificate_issuer_dn(cert, dn) < 0) {

670 free(dn);

671 return NULL;

672 }

673 return dn;

674 }

675

676 char *X509_NAME_oneline(gnutls_x509_dn * name, char *buf, int len)

677 {

678 /* XXX openssl allocates buffer if buf == NULL */

679 if (!buf)

680 return NULL;

681 memset(buf, 0, len);

682

683 snprintf(buf, len - 1,

684 "C=%s, ST=%s, L=%s, O=%s, OU=%s, CN=%s/Email=%s",

685 name->country, name->state_or_province_name,

686 name->locality_name, name->organization,

687 name->organizational_unit_name, name->common_name,

688 name->email);

689 return buf;

690 }

691

692 void X509_free(const X509 * cert)

693 {

694 /* only get certificates as const items */

695 }

696

697

698 /* BIO functions */

699

700 void BIO_get_fd(gnutls_session_t gnutls_state, int *fd)

701 {

702 gnutls_transport_ptr_t tmp =

703 gnutls_transport_get_ptr(gnutls_state);

704 *fd = GNUTLS_POINTER_TO_INT(tmp);

705 }

706

707 BIO *BIO_new_socket(int sock, int close_flag)

708 {

709 BIO *bio;

710

711 bio = (BIO *) malloc(sizeof(BIO));

712 if (!bio)

713 return NULL;

714

715 bio->fd = GNUTLS_INT_TO_POINTER(sock);

716

717 return bio;

718 }

719

720

721 /* error handling */

722

723 unsigned long ERR_get_error(void)

724 {

725 unsigned long ret;

726

727 ret = -1 * last_error;

728 last_error = 0;

729

730 return ret;

731 }

732

733 const char *ERR_error_string(unsigned long e, char *buf)

734 {

735 return gnutls_strerror(-1 * e);

736 }

737

738

739 /* RAND functions */

740

741 int RAND_status(void)

742 {

743 return 1;

744 }

745

746 void RAND_seed(const void *buf, int num)

747 {

748 }

749

750 int RAND_bytes(unsigned char *buf, int num)

751 {

752 gnutls_rnd(GNUTLS_RND_RANDOM, buf, num);

753 return 1;

754 }

755

756 int RAND_pseudo_bytes(unsigned char *buf, int num)

757 {

758 gnutls_rnd(GNUTLS_RND_NONCE, buf, num);

759 return 1;

760 }

761

762 const char *RAND_file_name(char *buf, size_t len)

763 {

764 return "";

765 }

766

767 int RAND_load_file(const char *name, long maxbytes)

768 {

769 return maxbytes;

770 }

771

772 int RAND_write_file(const char *name)

773 {

774 return 0;

775 }

776

777 int RAND_egd_bytes(const char *path, int bytes)

778 {

779 /* fake it */

780 return bytes;

781 }

782

783

784 /* message digest functions */

785

786 void MD5_Init(MD5_CTX * ctx)

787 {

788 int ret;

789 ret = gnutls_hash_init((void *) &ctx->handle, GNUTLS_DIG_MD5);

790 if (ret < 0)

791 abort();

792 }

793

794 void MD5_Update(MD5_CTX * ctx, const void *buf, int len)

795 {

796 gnutls_hash(ctx->handle, buf, len);

797 }

798

799 void MD5_Final(unsigned char *md, MD5_CTX * ctx)

800 {

801 gnutls_hash_deinit(ctx->handle, md);

802 }

803

804 unsigned char *MD5(const unsigned char *buf, unsigned long len,

805 unsigned char *md)

806 {

807 if (!md)

808 return NULL;

809

810 gnutls_hash_fast(GNUTLS_DIG_MD5, buf, len, md);

811

812 return md;

813 }

814

815 void RIPEMD160_Init(RIPEMD160_CTX * ctx)

816 {

817 int ret;

818 ret = gnutls_hash_init((void *) &ctx->handle, GNUTLS_DIG_RMD160);

819 if (ret < 0)

820 abort();

821 }

822

823 void RIPEMD160_Update(RIPEMD160_CTX * ctx, const void *buf, int len)

824 {

825 gnutls_hash(ctx->handle, buf, len);

826 }

827

828 void RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX * ctx)

829 {

830 gnutls_hash_deinit(ctx->handle, md);

831 }

832

833 unsigned char *RIPEMD160(const unsigned char *buf, unsigned long len,

834 unsigned char *md)

835 {

836 if (!md)

837 return NULL;

838

839 gnutls_hash_fast(GNUTLS_DIG_RMD160, buf, len, md);

840

841 return md;

842 }