fdo#75955 use SHA1 from openssl/nss instead of rtl_digest_sha1

Change-Id: I92186b2ed8426d59e31080cfb629beb02cd01c41

1 files changed, 38 insertions, 6 deletions

diff --git a/oox/source/crypto/CryptTools.cxx b/oox/source/crypto/CryptTools.cxx
index d025609ecd7f..60e544908dd6 100644
--- a/oox/source/crypto/CryptTools.cxx
+++ b/oox/source/crypto/CryptTools.cxx
@@ -188,15 +188,47 @@ sal_uInt32 Encrypt::update(vector<sal_uInt8>& output, vector<sal_uInt8>& input,
 
 bool sha1(vector<sal_uInt8>& output, vector<sal_uInt8>& input)
 {
+    bool aResult = false;
+
+#if USE_TLS_OPENSSL
     output.clear();
-    output.resize(RTL_DIGEST_LENGTH_SHA1, 0);
+    output.resize(SHA_DIGEST_LENGTH, 0);
+
+    SHA_CTX context;
+    SHA1_Init(&context);
+    SHA1_Update(&context, &input[0], input.size());
+    SHA1_Final(&output[0], &context);
+    aResult = true;
+#endif
 
-    rtlDigest aDigest = rtl_digest_create( rtl_Digest_AlgorithmSHA1 );
-    rtl_digest_update( aDigest, &input[0], input.size() );
-    rtl_digest_get( aDigest, &output[0], RTL_DIGEST_LENGTH_SHA1 );
-    rtl_digest_destroy( aDigest );
+#if USE_TLS_NSS
+    output.clear();
+    output.resize(SHA1_LENGTH, 0);
 
-    return true;
+    // Initialize NSS, database functions are not needed
+    NSS_NoDB_Init(NULL);
+    SECStatus status;
+
+    PK11Context* mContext = PK11_CreateDigestContext(SEC_OID_SHA1);
+    status = PK11_DigestBegin(mContext);
+    if (status != SECSuccess)
+        return false;
+
+    status = PK11_DigestOp(mContext, &input[0], input.size());
+    if (status != SECSuccess)
+        return false;
+
+    unsigned int outputLength = 0;
+
+    status = PK11_DigestFinal(mContext, &output[0], &outputLength, SHA1_LENGTH);
+    if (status != SECSuccess || outputLength != SHA1_LENGTH)
+        return false;
+
+    PK11_DestroyContext(mContext, PR_TRUE);
+
+    aResult = true;
+#endif
+    return aResult;
 }
 
 bool sha512(vector<sal_uInt8>& output, vector<sal_uInt8>& input)