Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 24 Mar 2015 14:22:49 -0700
From: Shawn Landden <shawn@...rchofgit.com>
To: musl@...ts.openwall.com
Subject: Re: [RFC] sha2: new <sha2.h> header

Rich Felker complains about corner cases, but these functions don't
have corner cases. There are no errors possible except going over a
size of 2^64, which takes longer than the age of the universe, and
these are totally standardized hashes. Yes, there is a length of a
state field that is exported, but that is about it.

On Tue, Mar 24, 2015 at 10:00 AM, Shawn Landden <shawn@...rchofgit.com> wrote:
> On Tue, Mar 24, 2015 at 9:57 AM, Shawn Landden <shawn@...rchofgit.com> wrote:
>> We have sha512 and sha256 code sitting here, yet we don't export it with any useful interface.
>>
>> This came out of discussion with pikhq on IRC.
>>
>> No tests yet, and no sha256 until this gets some review.
>> ---
>>  include/sha2.h            | 33 +++++++++++++++++++++++++++++++++
>>  src/crypt/crypt_sha512.c  | 37 ++++++++++++++++++++++++++++---------
>>  src/crypt/sha512.c        | 11 +++++++++++
>>  src/crypt/sha512_finish.c |  9 +++++++++
>>  src/crypt/sha512_push.c   |  9 +++++++++
>>  5 files changed, 90 insertions(+), 9 deletions(-)
>>  create mode 100644 include/sha2.h
>>  create mode 100644 src/crypt/sha512.c
>>  create mode 100644 src/crypt/sha512_finish.c
>>  create mode 100644 src/crypt/sha512_push.c
>>
>> diff --git a/include/sha2.h b/include/sha2.h
>> new file mode 100644
>> index 0000000..eb45bae
>> --- /dev/null
>> +++ b/include/sha2.h
>> @@ -0,0 +1,33 @@
>> +#ifndef _SHA2_H
>> +#define _SHA2_H
>> +
>> +#ifdef __cplusplus
>> +extern "C" {
>> +#endif
>> +
>> +#include <stdint.h>
>> +
>> +typedef struct sha512_state_t {
>> +       char __internal_state[8 + 64 + 128];
>> +} sha512_state_t;
>> +
>> +union sha512 {
>> +       uint8_t s8[64];
>> +       uint16_t s16[32];
>> +       uint32_t s32[16];
>> +       uint64_t s64[8];
>> +};
> whoops for including this. I was thinking of having a type for the
> digest, with differn't width accessors, like in6_addr has.
>> +
>> +/* using a macro allows switching to a static initializer in the future */
>> +#define SHA512STATEINIT __sha512_init()
>> +
>> +void *sha512(const void *__restrict, size_t n, void *__restrict);
>> +sha512_state_t __sha512_init();
>> +void sha512_push(sha512_state_t *s, const void *__restrict, size_t n);
>> +void sha512_finish(sha512_state_t *s, void *__restrict);
>> +
>> +#ifdef __cplusplus
>> +}
>> +#endif
>> +
>> +#endif
>> diff --git a/src/crypt/crypt_sha512.c b/src/crypt/crypt_sha512.c
>> index 1294e98..c3b57e9 100644
>> --- a/src/crypt/crypt_sha512.c
>> +++ b/src/crypt/crypt_sha512.c
>> @@ -16,11 +16,11 @@
>>  /* public domain sha512 implementation based on fips180-3 */
>>  /* >=2^64 bits messages are not supported (about 2000 peta bytes) */
>>
>> -struct sha512 {
>> +typedef struct sha512_state_t {
>>         uint64_t len;     /* processed message length */
>>         uint64_t h[8];    /* hash state */
>>         uint8_t buf[128]; /* message block buffer */
>> -};
>> +} sha512_state_t;
>>
>>  static uint64_t ror(uint64_t n, int k) { return (n >> k) | (n << (64-k)); }
>>  #define Ch(x,y,z)  (z ^ (x & (y ^ z)))
>> @@ -53,7 +53,7 @@ static const uint64_t K[80] = {
>>  0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL
>>  };
>>
>> -static void processblock(struct sha512 *s, const uint8_t *buf)
>> +static void processblock(sha512_state_t *s, const uint8_t *buf)
>>  {
>>         uint64_t W[80], t1, t2, a, b, c, d, e, f, g, h;
>>         int i;
>> @@ -100,7 +100,7 @@ static void processblock(struct sha512 *s, const uint8_t *buf)
>>         s->h[7] += h;
>>  }
>>
>> -static void pad(struct sha512 *s)
>> +static void pad(sha512_state_t *s)
>>  {
>>         unsigned r = s->len % 128;
>>
>> @@ -123,7 +123,7 @@ static void pad(struct sha512 *s)
>>         processblock(s, s->buf);
>>  }
>>
>> -static void sha512_init(struct sha512 *s)
>> +static void sha512_init(sha512_state_t *s)
>>  {
>>         s->len = 0;
>>         s->h[0] = 0x6a09e667f3bcc908ULL;
>> @@ -136,7 +136,7 @@ static void sha512_init(struct sha512 *s)
>>         s->h[7] = 0x5be0cd19137e2179ULL;
>>  }
>>
>> -static void sha512_sum(struct sha512 *s, uint8_t *md)
>> +static void sha512_sum(sha512_state_t *s, uint8_t *md)
>>  {
>>         int i;
>>
>> @@ -153,7 +153,7 @@ static void sha512_sum(struct sha512 *s, uint8_t *md)
>>         }
>>  }
>>
>> -static void sha512_update(struct sha512 *s, const void *m, unsigned long len)
>> +static void sha512_update(sha512_state_t *s, const void *m, unsigned long len)
>>  {
>>         const uint8_t *p = m;
>>         unsigned r = s->len % 128;
>> @@ -196,7 +196,7 @@ static char *to64(char *s, unsigned int u, int n)
>>  #define ROUNDS_MAX 9999999
>>
>>  /* hash n bytes of the repeated md message digest */
>> -static void hashmd(struct sha512 *s, unsigned int n, const void *md)
>> +static void hashmd(sha512_state_t  *s, unsigned int n, const void *md)
>>  {
>>         unsigned int i;
>>
>> @@ -207,7 +207,7 @@ static void hashmd(struct sha512 *s, unsigned int n, const void *md)
>>
>>  static char *sha512crypt(const char *key, const char *setting, char *output)
>>  {
>> -       struct sha512 ctx;
>> +       sha512_state_t ctx;
>>         unsigned char md[64], kmd[64], smd[64];
>>         unsigned int i, r, klen, slen;
>>         char rounds[20] = "";
>> @@ -369,3 +369,22 @@ char *__crypt_sha512(const char *key, const char *setting, char *output)
>>                 return "*";
>>         return p;
>>  }
>> +
>> +void __sha512_push(sha512_state_t *s, const void *d, size_t n)
>> +{
>> +       sha512_update(s, d, n);
>> +}
>> +
>> +void __sha512_finish(sha512_state_t *s, const void *md)
>> +{
>> +       sha512_sum(s, (uint8_t *)md);
>> +}
>> +
>> +sha512_state_t __sha512_init()
>> +{
>> +       sha512_state_t s;
>> +
>> +       sha512_init(&s);
>> +
>> +       return s;
>> +}
>> diff --git a/src/crypt/sha512.c b/src/crypt/sha512.c
>> new file mode 100644
>> index 0000000..42059e9
>> --- /dev/null
>> +++ b/src/crypt/sha512.c
>> @@ -0,0 +1,11 @@
>> +#include <unistd.h>
>> +#include <sha2.h>
>> +
>> +void *sha512(const void *d, size_t n, void *md)
>> +{
>> +       sha512_state_t s = SHA512STATEINIT;
>> +
>> +       sha512_push(&s, d, n);
>> +       sha512_finish(&s, md);
>> +       return md;
>> +}
>> diff --git a/src/crypt/sha512_finish.c b/src/crypt/sha512_finish.c
>> new file mode 100644
>> index 0000000..fe91bd5
>> --- /dev/null
>> +++ b/src/crypt/sha512_finish.c
>> @@ -0,0 +1,9 @@
>> +#include <unistd.h>
>> +#include <sha2.h>
>> +
>> +void __sha512_finish(sha512_state_t *s, void *__restrict);
>> +
>> +void sha512_finish(sha512_state_t *s, void *md)
>> +{
>> +       __sha512_finish(s, md);
>> +}
>> diff --git a/src/crypt/sha512_push.c b/src/crypt/sha512_push.c
>> new file mode 100644
>> index 0000000..dffb9dc
>> --- /dev/null
>> +++ b/src/crypt/sha512_push.c
>> @@ -0,0 +1,9 @@
>> +#include <unistd.h>
>> +#include <sha2.h>
>> +
>> +void __sha512_push(sha512_state_t *s, const void *__restrict, size_t n);
>> +
>> +void sha512_push(sha512_state_t *s, const void *d, size_t n)
>> +{
>> +       __sha512_push(s, d, n);
>> +}
>> --
>> 2.2.1.209.g41e5f3a
>>
>
>
>
> --
> Shawn Landden



-- 
Shawn Landden

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.