diff options
author | Denys Vlasenko <dvlasenk@redhat.com> | 2011-04-18 14:23:19 +0200 |
---|---|---|
committer | Denys Vlasenko <dvlasenk@redhat.com> | 2011-04-18 14:23:19 +0200 |
commit | 0a41c4fdf4b242f77445a3e6d73443b40b6e460e (patch) | |
tree | e464a61df6653e91a2191950a6056ec70365fbd9 /src/lib | |
parent | 305ba8e8786c32d5292d04e2ed25d1853479a23a (diff) | |
download | abrt-0a41c4fdf4b242f77445a3e6d73443b40b6e460e.tar.gz abrt-0a41c4fdf4b242f77445a3e6d73443b40b6e460e.tar.xz abrt-0a41c4fdf4b242f77445a3e6d73443b40b6e460e.zip |
switch python and oops hashing to sha1
Update sha1 code to a smaller version.
Verified that ccpp hashing produces the same results as the old code.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/Makefile.am | 1 | ||||
-rw-r--r-- | src/lib/hash_md5.c | 444 | ||||
-rw-r--r-- | src/lib/hash_md5.h | 32 | ||||
-rw-r--r-- | src/lib/hash_sha1.c | 246 | ||||
-rw-r--r-- | src/lib/hash_sha1.h | 12 |
5 files changed, 128 insertions, 607 deletions
diff --git a/src/lib/Makefile.am b/src/lib/Makefile.am index 36fe7b4b..d2dc9cae 100644 --- a/src/lib/Makefile.am +++ b/src/lib/Makefile.am @@ -15,7 +15,6 @@ libreport_la_SOURCES = \ encbase64.c \ binhex.c \ stdio_helpers.c \ - hash_md5.c hash_md5.h \ hash_sha1.c hash_sha1.h \ read_write.c read_write.h \ logging.c logging.h \ diff --git a/src/lib/hash_md5.c b/src/lib/hash_md5.c deleted file mode 100644 index 8bfddd54..00000000 --- a/src/lib/hash_md5.c +++ /dev/null @@ -1,444 +0,0 @@ -/* vi: set sw=4 ts=4: */ -/* - * md5.c - Compute MD5 checksum of strings according to the - * definition of MD5 in RFC 1321 from April 1992. - * - * Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995. - * - * Copyright (C) 1995-1999 Free Software Foundation, Inc. - * Copyright (C) 2001 Manuel Novoa III - * Copyright (C) 2003 Glenn L. McGrath - * Copyright (C) 2003 Erik Andersen - * - * Licensed under the GPL v2 or later, see the file LICENSE in this tarball. - */ -#include "abrtlib.h" -#include <byteswap.h> - -#if defined(__BIG_ENDIAN__) && __BIG_ENDIAN__ -# define MD5_BIG_ENDIAN 1 -# define MD5_LITTLE_ENDIAN 0 -#elif __BYTE_ORDER == __BIG_ENDIAN -# define MD5_BIG_ENDIAN 1 -# define MD5_LITTLE_ENDIAN 0 -#elif __BYTE_ORDER == __LITTLE_ENDIAN -# define MD5_BIG_ENDIAN 0 -# define MD5_LITTLE_ENDIAN 1 -#else -# error "Can't determine endianness" -#endif - -/* SWAP_LEnn means "convert CPU<->little_endian if needed (by swapping bytes)" */ -#if MD5_BIG_ENDIAN -# define SWAP_BE32(x) (x) -# define SWAP_LE32(x) bswap_32(x) -#else -# define SWAP_BE32(x) bswap_32(x) -# define SWAP_LE32(x) (x) -#endif - - -/* 0: fastest, 3: smallest */ -#define MD5_SIZE_VS_SPEED 3 - -/* Initialize structure containing state of computation. - * (RFC 1321, 3.3: Step 3) - */ -void md5_begin(md5_ctx_t *ctx) -{ - ctx->A = 0x67452301; - ctx->B = 0xefcdab89; - ctx->C = 0x98badcfe; - ctx->D = 0x10325476; - ctx->total = 0; - ctx->buflen = 0; -} - -/* These are the four functions used in the four steps of the MD5 algorithm - * and defined in the RFC 1321. The first function is a little bit optimized - * (as found in Colin Plumbs public domain implementation). - * #define FF(b, c, d) ((b & c) | (~b & d)) - */ -#define FF(b, c, d) (d ^ (b & (c ^ d))) -#define FG(b, c, d) FF(d, b, c) -#define FH(b, c, d) (b ^ c ^ d) -#define FI(b, c, d) (c ^ (b | ~d)) - -#define rotl32(w, s) (((w) << (s)) | ((w) >> (32 - (s)))) - -/* Hash a single block, 64 bytes long and 4-byte aligned. */ -static void md5_hash_block(const void *buffer, md5_ctx_t *ctx) -{ - uint32_t correct_words[16]; - const uint32_t *words = (const uint32_t *)buffer; - -#if MD5_SIZE_VS_SPEED > 0 - static const uint32_t C_array[] = { - /* round 1 */ - 0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee, - 0xf57c0faf, 0x4787c62a, 0xa8304613, 0xfd469501, - 0x698098d8, 0x8b44f7af, 0xffff5bb1, 0x895cd7be, - 0x6b901122, 0xfd987193, 0xa679438e, 0x49b40821, - /* round 2 */ - 0xf61e2562, 0xc040b340, 0x265e5a51, 0xe9b6c7aa, - 0xd62f105d, 0x2441453, 0xd8a1e681, 0xe7d3fbc8, - 0x21e1cde6, 0xc33707d6, 0xf4d50d87, 0x455a14ed, - 0xa9e3e905, 0xfcefa3f8, 0x676f02d9, 0x8d2a4c8a, - /* round 3 */ - 0xfffa3942, 0x8771f681, 0x6d9d6122, 0xfde5380c, - 0xa4beea44, 0x4bdecfa9, 0xf6bb4b60, 0xbebfbc70, - 0x289b7ec6, 0xeaa127fa, 0xd4ef3085, 0x4881d05, - 0xd9d4d039, 0xe6db99e5, 0x1fa27cf8, 0xc4ac5665, - /* round 4 */ - 0xf4292244, 0x432aff97, 0xab9423a7, 0xfc93a039, - 0x655b59c3, 0x8f0ccc92, 0xffeff47d, 0x85845dd1, - 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1, - 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391 - }; - static const char P_array[] = { -# if MD5_SIZE_VS_SPEED > 1 - 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, /* 1 */ -# endif - 1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, /* 2 */ - 5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2, /* 3 */ - 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9 /* 4 */ - }; -# if MD5_SIZE_VS_SPEED > 1 - static const char S_array[] = { - 7, 12, 17, 22, - 5, 9, 14, 20, - 4, 11, 16, 23, - 6, 10, 15, 21 - }; -# endif /* MD5_SIZE_VS_SPEED > 1 */ -#endif - uint32_t A = ctx->A; - uint32_t B = ctx->B; - uint32_t C = ctx->C; - uint32_t D = ctx->D; - - /* Process all bytes in the buffer with 64 bytes in each round of - the loop. */ - uint32_t *cwp = correct_words; - uint32_t A_save = A; - uint32_t B_save = B; - uint32_t C_save = C; - uint32_t D_save = D; - -#if MD5_SIZE_VS_SPEED > 1 - const uint32_t *pc; - const char *pp; - const char *ps; - int i; - uint32_t temp; - - for (i = 0; i < 16; i++) { - cwp[i] = SWAP_LE32(words[i]); - } - words += 16; - -# if MD5_SIZE_VS_SPEED > 2 - pc = C_array; - pp = P_array; - ps = S_array - 4; - - for (i = 0; i < 64; i++) { - if ((i & 0x0f) == 0) - ps += 4; - temp = A; - switch (i >> 4) { - case 0: - temp += FF(B, C, D); - break; - case 1: - temp += FG(B, C, D); - break; - case 2: - temp += FH(B, C, D); - break; - case 3: - temp += FI(B, C, D); - } - temp += cwp[(int) (*pp++)] + *pc++; - temp = rotl32(temp, ps[i & 3]); - temp += B; - A = D; - D = C; - C = B; - B = temp; - } -# else - pc = C_array; - pp = P_array; - ps = S_array; - - for (i = 0; i < 16; i++) { - temp = A + FF(B, C, D) + cwp[(int) (*pp++)] + *pc++; - temp = rotl32(temp, ps[i & 3]); - temp += B; - A = D; - D = C; - C = B; - B = temp; - } - ps += 4; - for (i = 0; i < 16; i++) { - temp = A + FG(B, C, D) + cwp[(int) (*pp++)] + *pc++; - temp = rotl32(temp, ps[i & 3]); - temp += B; - A = D; - D = C; - C = B; - B = temp; - } - ps += 4; - for (i = 0; i < 16; i++) { - temp = A + FH(B, C, D) + cwp[(int) (*pp++)] + *pc++; - temp = rotl32(temp, ps[i & 3]); - temp += B; - A = D; - D = C; - C = B; - B = temp; - } - ps += 4; - for (i = 0; i < 16; i++) { - temp = A + FI(B, C, D) + cwp[(int) (*pp++)] + *pc++; - temp = rotl32(temp, ps[i & 3]); - temp += B; - A = D; - D = C; - C = B; - B = temp; - } - -# endif /* MD5_SIZE_VS_SPEED > 2 */ -#else - /* First round: using the given function, the context and a constant - the next context is computed. Because the algorithms processing - unit is a 32-bit word and it is determined to work on words in - little endian byte order we perhaps have to change the byte order - before the computation. To reduce the work for the next steps - we store the swapped words in the array CORRECT_WORDS. */ -# define OP(a, b, c, d, s, T) \ - do { \ - a += FF(b, c, d) + (*cwp++ = SWAP_LE32(*words)) + T; \ - ++words; \ - a = rotl32(a, s); \ - a += b; \ - } while (0) - - /* Before we start, one word to the strange constants. - They are defined in RFC 1321 as - T[i] = (int)(4294967296.0 * fabs(sin(i))), i=1..64 - */ - -# if MD5_SIZE_VS_SPEED == 1 - const uint32_t *pc; - const char *pp; - int i; -# endif /* MD5_SIZE_VS_SPEED */ - - /* Round 1. */ -# if MD5_SIZE_VS_SPEED == 1 - pc = C_array; - for (i = 0; i < 4; i++) { - OP(A, B, C, D, 7, *pc++); - OP(D, A, B, C, 12, *pc++); - OP(C, D, A, B, 17, *pc++); - OP(B, C, D, A, 22, *pc++); - } -# else - OP(A, B, C, D, 7, 0xd76aa478); - OP(D, A, B, C, 12, 0xe8c7b756); - OP(C, D, A, B, 17, 0x242070db); - OP(B, C, D, A, 22, 0xc1bdceee); - OP(A, B, C, D, 7, 0xf57c0faf); - OP(D, A, B, C, 12, 0x4787c62a); - OP(C, D, A, B, 17, 0xa8304613); - OP(B, C, D, A, 22, 0xfd469501); - OP(A, B, C, D, 7, 0x698098d8); - OP(D, A, B, C, 12, 0x8b44f7af); - OP(C, D, A, B, 17, 0xffff5bb1); - OP(B, C, D, A, 22, 0x895cd7be); - OP(A, B, C, D, 7, 0x6b901122); - OP(D, A, B, C, 12, 0xfd987193); - OP(C, D, A, B, 17, 0xa679438e); - OP(B, C, D, A, 22, 0x49b40821); -# endif /* MD5_SIZE_VS_SPEED == 1 */ - - /* For the second to fourth round we have the possibly swapped words - in CORRECT_WORDS. Redefine the macro to take an additional first - argument specifying the function to use. */ -# undef OP -# define OP(f, a, b, c, d, k, s, T) \ - do { \ - a += f(b, c, d) + correct_words[k] + T; \ - a = rotl32(a, s); \ - a += b; \ - } while (0) - - /* Round 2. */ -# if MD5_SIZE_VS_SPEED == 1 - pp = P_array; - for (i = 0; i < 4; i++) { - OP(FG, A, B, C, D, (int) (*pp++), 5, *pc++); - OP(FG, D, A, B, C, (int) (*pp++), 9, *pc++); - OP(FG, C, D, A, B, (int) (*pp++), 14, *pc++); - OP(FG, B, C, D, A, (int) (*pp++), 20, *pc++); - } -# else - OP(FG, A, B, C, D, 1, 5, 0xf61e2562); - OP(FG, D, A, B, C, 6, 9, 0xc040b340); - OP(FG, C, D, A, B, 11, 14, 0x265e5a51); - OP(FG, B, C, D, A, 0, 20, 0xe9b6c7aa); - OP(FG, A, B, C, D, 5, 5, 0xd62f105d); - OP(FG, D, A, B, C, 10, 9, 0x02441453); - OP(FG, C, D, A, B, 15, 14, 0xd8a1e681); - OP(FG, B, C, D, A, 4, 20, 0xe7d3fbc8); - OP(FG, A, B, C, D, 9, 5, 0x21e1cde6); - OP(FG, D, A, B, C, 14, 9, 0xc33707d6); - OP(FG, C, D, A, B, 3, 14, 0xf4d50d87); - OP(FG, B, C, D, A, 8, 20, 0x455a14ed); - OP(FG, A, B, C, D, 13, 5, 0xa9e3e905); - OP(FG, D, A, B, C, 2, 9, 0xfcefa3f8); - OP(FG, C, D, A, B, 7, 14, 0x676f02d9); - OP(FG, B, C, D, A, 12, 20, 0x8d2a4c8a); -# endif /* MD5_SIZE_VS_SPEED == 1 */ - - /* Round 3. */ -# if MD5_SIZE_VS_SPEED == 1 - for (i = 0; i < 4; i++) { - OP(FH, A, B, C, D, (int) (*pp++), 4, *pc++); - OP(FH, D, A, B, C, (int) (*pp++), 11, *pc++); - OP(FH, C, D, A, B, (int) (*pp++), 16, *pc++); - OP(FH, B, C, D, A, (int) (*pp++), 23, *pc++); - } -# else - OP(FH, A, B, C, D, 5, 4, 0xfffa3942); - OP(FH, D, A, B, C, 8, 11, 0x8771f681); - OP(FH, C, D, A, B, 11, 16, 0x6d9d6122); - OP(FH, B, C, D, A, 14, 23, 0xfde5380c); - OP(FH, A, B, C, D, 1, 4, 0xa4beea44); - OP(FH, D, A, B, C, 4, 11, 0x4bdecfa9); - OP(FH, C, D, A, B, 7, 16, 0xf6bb4b60); - OP(FH, B, C, D, A, 10, 23, 0xbebfbc70); - OP(FH, A, B, C, D, 13, 4, 0x289b7ec6); - OP(FH, D, A, B, C, 0, 11, 0xeaa127fa); - OP(FH, C, D, A, B, 3, 16, 0xd4ef3085); - OP(FH, B, C, D, A, 6, 23, 0x04881d05); - OP(FH, A, B, C, D, 9, 4, 0xd9d4d039); - OP(FH, D, A, B, C, 12, 11, 0xe6db99e5); - OP(FH, C, D, A, B, 15, 16, 0x1fa27cf8); - OP(FH, B, C, D, A, 2, 23, 0xc4ac5665); -# endif /* MD5_SIZE_VS_SPEED == 1 */ - - /* Round 4. */ -# if MD5_SIZE_VS_SPEED == 1 - for (i = 0; i < 4; i++) { - OP(FI, A, B, C, D, (int) (*pp++), 6, *pc++); - OP(FI, D, A, B, C, (int) (*pp++), 10, *pc++); - OP(FI, C, D, A, B, (int) (*pp++), 15, *pc++); - OP(FI, B, C, D, A, (int) (*pp++), 21, *pc++); - } -# else - OP(FI, A, B, C, D, 0, 6, 0xf4292244); - OP(FI, D, A, B, C, 7, 10, 0x432aff97); - OP(FI, C, D, A, B, 14, 15, 0xab9423a7); - OP(FI, B, C, D, A, 5, 21, 0xfc93a039); - OP(FI, A, B, C, D, 12, 6, 0x655b59c3); - OP(FI, D, A, B, C, 3, 10, 0x8f0ccc92); - OP(FI, C, D, A, B, 10, 15, 0xffeff47d); - OP(FI, B, C, D, A, 1, 21, 0x85845dd1); - OP(FI, A, B, C, D, 8, 6, 0x6fa87e4f); - OP(FI, D, A, B, C, 15, 10, 0xfe2ce6e0); - OP(FI, C, D, A, B, 6, 15, 0xa3014314); - OP(FI, B, C, D, A, 13, 21, 0x4e0811a1); - OP(FI, A, B, C, D, 4, 6, 0xf7537e82); - OP(FI, D, A, B, C, 11, 10, 0xbd3af235); - OP(FI, C, D, A, B, 2, 15, 0x2ad7d2bb); - OP(FI, B, C, D, A, 9, 21, 0xeb86d391); -# endif /* MD5_SIZE_VS_SPEED == 1 */ -#endif /* MD5_SIZE_VS_SPEED > 1 */ - - /* Add the starting values of the context. */ - A += A_save; - B += B_save; - C += C_save; - D += D_save; - - /* Put checksum in context given as argument. */ - ctx->A = A; - ctx->B = B; - ctx->C = C; - ctx->D = D; -} - -/* Feed data through a temporary buffer to call md5_hash_aligned_block() - * with chunks of data that are 4-byte aligned and a multiple of 64 bytes. - * This function's internal buffer remembers previous data until it has 64 - * bytes worth to pass on. Call md5_end() to flush this buffer. */ -void md5_hash(const void *buffer, size_t len, md5_ctx_t *ctx) -{ - char *buf = (char *)buffer; - - /* RFC 1321 specifies the possible length of the file up to 2^64 bits, - * Here we only track the number of bytes. */ - ctx->total += len; - - /* Process all input. */ - while (len) { - unsigned i = 64 - ctx->buflen; - - /* Copy data into aligned buffer. */ - if (i > len) i = len; - memcpy(ctx->buffer + ctx->buflen, buf, i); - len -= i; - ctx->buflen += i; - buf += i; - - /* When buffer fills up, process it. */ - if (ctx->buflen == 64) { - md5_hash_block(ctx->buffer, ctx); - ctx->buflen = 0; - } - } -} - -/* Process the remaining bytes in the buffer and put result from CTX - * in first 16 bytes following RESBUF. The result is always in little - * endian byte order, so that a byte-wise output yields to the wanted - * ASCII representation of the message digest. - */ -void md5_end(void *resbuf, md5_ctx_t *ctx) -{ - char *buf = ctx->buffer; - int i; - - /* Pad data to block size. */ - buf[ctx->buflen++] = 0x80; - memset(buf + ctx->buflen, 0, 128 - ctx->buflen); - - /* Put the 64-bit file length in *bits* at the end of the buffer. */ - ctx->total <<= 3; - if (ctx->buflen > 56) - buf += 64; - for (i = 0; i < 8; i++) - buf[56 + i] = ctx->total >> (i*8); - - /* Process last bytes. */ - if (buf != ctx->buffer) - md5_hash_block(ctx->buffer, ctx); - md5_hash_block(buf, ctx); - - /* The MD5 result is in little endian byte order. - * We (ab)use the fact that A-D are consecutive in memory. - */ -#if MD5_BIG_ENDIAN - ctx->A = SWAP_LE32(ctx->A); - ctx->B = SWAP_LE32(ctx->B); - ctx->C = SWAP_LE32(ctx->C); - ctx->D = SWAP_LE32(ctx->D); -#endif - memcpy(resbuf, &ctx->A, sizeof(ctx->A) * 4); -} diff --git a/src/lib/hash_md5.h b/src/lib/hash_md5.h deleted file mode 100644 index f7e9f398..00000000 --- a/src/lib/hash_md5.h +++ /dev/null @@ -1,32 +0,0 @@ -/* vi: set sw=4 ts=4: */ -/* - * md5.c - Compute MD5 checksum of strings according to the - * definition of MD5 in RFC 1321 from April 1992. - * - * Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995. - * - * Copyright (C) 1995-1999 Free Software Foundation, Inc. - * Copyright (C) 2001 Manuel Novoa III - * Copyright (C) 2003 Glenn L. McGrath - * Copyright (C) 2003 Erik Andersen - * - * Licensed under the GPL v2 or later, see the file LICENSE in this tarball. - */ - -#define MD5_RESULT_LEN 16 - -typedef struct md5_ctx_t { - uint32_t A; - uint32_t B; - uint32_t C; - uint32_t D; - uint64_t total; - uint32_t buflen; - char buffer[128]; -} md5_ctx_t; -#define md5_begin abrt_md5_begin -void md5_begin(md5_ctx_t *ctx); -#define md5_hash abrt_md5_hash -void md5_hash(const void *data, size_t length, md5_ctx_t *ctx); -#define md5_end abrt_md5_end -void md5_end(void *resbuf, md5_ctx_t *ctx); diff --git a/src/lib/hash_sha1.c b/src/lib/hash_sha1.c index 954e7bc8..f1a9e0a6 100644 --- a/src/lib/hash_sha1.c +++ b/src/lib/hash_sha1.c @@ -18,6 +18,7 @@ * --------------------------------------------------------------------------- */ #include "abrtlib.h" +#include <byteswap.h> #if defined(__BIG_ENDIAN__) && __BIG_ENDIAN__ # define SHA1_BIG_ENDIAN 1 @@ -32,51 +33,37 @@ # error "Can't determine endianness" #endif - #define rotl32(x,n) (((x) << (n)) | ((x) >> (32 - (n)))) +/* for sha256: */ #define rotr32(x,n) (((x) >> (n)) | ((x) << (32 - (n)))) /* for sha512: */ #define rotr64(x,n) (((x) >> (n)) | ((x) << (64 - (n)))) -#if SHA1_LITTLE_ENDIAN -static inline uint64_t hton64(uint64_t v) -{ - return (((uint64_t)htonl(v)) << 32) | htonl(v >> 32); -} -#else -#define hton64(v) (v) -#endif -#define ntoh64(v) hton64(v) -/* To check alignment gcc has an appropriate operator. Other - compilers don't. */ -#if defined(__GNUC__) && __GNUC__ >= 2 -# define UNALIGNED_P(p,type) (((uintptr_t) p) % __alignof__(type) != 0) -#else -# define UNALIGNED_P(p,type) (((uintptr_t) p) % sizeof(type) != 0) -#endif + +/* Generic 64-byte helpers for 64-byte block hashes */ +static void common64_hash(sha1_ctx_t *ctx, const void *buffer, size_t len); +static void common64_end(sha1_ctx_t *ctx, int swap_needed); -/* Some arch headers have conflicting defines */ -#undef ch -#undef parity -#undef maj -#undef rnd +/* sha1 specific code */ static void sha1_process_block64(sha1_ctx_t *ctx) { - unsigned t; - uint32_t W[80], a, b, c, d, e; - const uint32_t *words = (uint32_t*) ctx->wbuffer; - - for (t = 0; t < 16; ++t) { - W[t] = ntohl(*words); - words++; - } - - for (/*t = 16*/; t < 80; ++t) { - uint32_t T = W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16]; - W[t] = rotl32(T, 1); - } + static const uint32_t rconsts[] = { + 0x5A827999, 0x6ED9EBA1, 0x8F1BBCDC, 0xCA62C1D6 + }; + int i, j; + int cnt; + uint32_t W[16+16]; + uint32_t a, b, c, d, e; + + /* On-stack work buffer frees up one register in the main loop + * which otherwise will be needed to hold ctx pointer */ + for (i = 0; i < 16; i++) + if (SHA1_BIG_ENDIAN) + W[i] = W[i+16] = ((uint32_t*)ctx->wbuffer)[i]; + else + W[i] = W[i+16] = bswap_32(((uint32_t*)ctx->wbuffer)[i]); a = ctx->hash[0]; b = ctx->hash[1]; @@ -84,37 +71,41 @@ static void sha1_process_block64(sha1_ctx_t *ctx) d = ctx->hash[3]; e = ctx->hash[4]; -/* Reverse byte order in 32-bit words */ -#define ch(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) -#define parity(x,y,z) ((x) ^ (y) ^ (z)) -#define maj(x,y,z) (((x) & (y)) | ((z) & ((x) | (y)))) -/* A normal version as set out in the FIPS. This version uses */ -/* partial loop unrolling and is optimised for the Pentium 4 */ -#define rnd(f,k) \ - do { \ - uint32_t T = a; \ - a = rotl32(a, 5) + f(b, c, d) + e + k + W[t]; \ - e = d; \ - d = c; \ - c = rotl32(b, 30); \ - b = T; \ - } while (0) - - for (t = 0; t < 20; ++t) - rnd(ch, 0x5a827999); - - for (/*t = 20*/; t < 40; ++t) - rnd(parity, 0x6ed9eba1); - - for (/*t = 40*/; t < 60; ++t) - rnd(maj, 0x8f1bbcdc); - - for (/*t = 60*/; t < 80; ++t) - rnd(parity, 0xca62c1d6); -#undef ch -#undef parity -#undef maj -#undef rnd + /* 4 rounds of 20 operations each */ + cnt = 0; + for (i = 0; i < 4; i++) { + j = 19; + do { + uint32_t work; + + work = c ^ d; + if (i == 0) { + work = (work & b) ^ d; + if (j <= 3) + goto ge16; + /* Used to do bswap_32 here, but this + * requires ctx (see comment above) */ + work += W[cnt]; + } else { + if (i == 2) + work = ((b | c) & d) | (b & c); + else /* i = 1 or 3 */ + work ^= b; + ge16: + W[cnt] = W[cnt+16] = rotl32(W[cnt+13] ^ W[cnt+8] ^ W[cnt+2] ^ W[cnt], 1); + work += W[cnt]; + } + work += e + rotl32(a, 5) + rconsts[i]; + + /* Rotate by one for next time */ + e = d; + d = c; + c = /* b = */ rotl32(b, 30); + b = a; + a = work; + cnt = (cnt + 1) & 15; + } while (--j >= 0); + } ctx->hash[0] += a; ctx->hash[1] += b; @@ -131,83 +122,90 @@ void sha1_begin(sha1_ctx_t *ctx) ctx->hash[3] = 0x10325476; ctx->hash[4] = 0xc3d2e1f0; ctx->total64 = 0; - ctx->process_block = sha1_process_block64; + /* for sha256: ctx->process_block = sha1_process_block64; */ } -static const uint32_t init256[] = { - 0x6a09e667, - 0xbb67ae85, - 0x3c6ef372, - 0xa54ff53a, - 0x510e527f, - 0x9b05688c, - 0x1f83d9ab, - 0x5be0cd19 -}; -static const uint32_t init512_lo[] = { - 0xf3bcc908, - 0x84caa73b, - 0xfe94f82b, - 0x5f1d36f1, - 0xade682d1, - 0x2b3e6c1f, - 0xfb41bd6b, - 0x137e2179 -}; - -/* Used also for sha256 */ -void sha1_hash(const void *buffer, size_t len, sha1_ctx_t *ctx) +void sha1_hash(sha1_ctx_t *ctx, const void *buffer, size_t len) { - unsigned in_buf = ctx->total64 & 63; - unsigned add = 64 - in_buf; + common64_hash(ctx, buffer, len); +} - ctx->total64 += len; +/* May be used also for sha256 */ +void sha1_end(sha1_ctx_t *ctx, void *resbuf) +{ + unsigned hash_size; - while (len >= add) { /* transfer whole blocks while possible */ - memcpy(ctx->wbuffer + in_buf, buffer, add); - buffer = (const char *)buffer + add; - len -= add; - add = 64; - in_buf = 0; - ctx->process_block(ctx); - } + /* SHA stores total in BE, need to swap on LE arches: */ + common64_end(ctx, /*swap_needed:*/ SHA1_LITTLE_ENDIAN); - memcpy(ctx->wbuffer + in_buf, buffer, len); + hash_size = 5; /* (ctx->process_block == sha1_process_block64) ? 5 : 8; */ + /* This way we do not impose alignment constraints on resbuf: */ + if (SHA1_LITTLE_ENDIAN) { + unsigned i; + for (i = 0; i < hash_size; ++i) + ctx->hash[i] = bswap_32(ctx->hash[i]); + } + memcpy(resbuf, ctx->hash, sizeof(ctx->hash[0]) * hash_size); } -/* Used also for sha256 */ -void sha1_end(void *resbuf, sha1_ctx_t *ctx) + +/* Generic 64-byte helpers for 64-byte block hashes */ + +/*#define PROCESS_BLOCK(ctx) ctx->process_block(ctx)*/ +#define PROCESS_BLOCK(ctx) sha1_process_block64(ctx) + +/* Feed data through a temporary buffer. + * The internal buffer remembers previous data until it has 64 + * bytes worth to pass on. + */ +static void common64_hash(sha1_ctx_t *ctx, const void *buffer, size_t len) { - unsigned pad, in_buf; + unsigned bufpos = ctx->total64 & 63; + + ctx->total64 += len; - in_buf = ctx->total64 & 63; + while (1) { + unsigned remaining = 64 - bufpos; + if (remaining > len) + remaining = len; + /* Copy data into aligned buffer */ + memcpy(ctx->wbuffer + bufpos, buffer, remaining); + len -= remaining; + buffer = (const char *)buffer + remaining; + bufpos += remaining; + /* clever way to do "if (bufpos != 64) break; ... ; bufpos = 0;" */ + bufpos -= 64; + if (bufpos != 0) + break; + /* Buffer is filled up, process it */ + PROCESS_BLOCK(ctx); + /*bufpos = 0; - already is */ + } +} + +/* Process the remaining bytes in the buffer */ +static void common64_end(sha1_ctx_t *ctx, int swap_needed) +{ + unsigned bufpos = ctx->total64 & 63; /* Pad the buffer to the next 64-byte boundary with 0x80,0,0,0... */ - ctx->wbuffer[in_buf++] = 0x80; + ctx->wbuffer[bufpos++] = 0x80; /* This loop iterates either once or twice, no more, no less */ while (1) { - pad = 64 - in_buf; - memset(ctx->wbuffer + in_buf, 0, pad); - in_buf = 0; + unsigned remaining = 64 - bufpos; + memset(ctx->wbuffer + bufpos, 0, remaining); /* Do we have enough space for the length count? */ - if (pad >= 8) { - /* Store the 64-bit counter of bits in the buffer in BE format */ + if (remaining >= 8) { + /* Store the 64-bit counter of bits in the buffer */ uint64_t t = ctx->total64 << 3; - t = hton64(t); + if (swap_needed) + t = bswap_64(t); /* wbuffer is suitably aligned for this */ *(uint64_t *) (&ctx->wbuffer[64 - 8]) = t; } - ctx->process_block(ctx); - if (pad >= 8) + PROCESS_BLOCK(ctx); + if (remaining >= 8) break; + bufpos = 0; } - - in_buf = (ctx->process_block == sha1_process_block64) ? 5 : 8; - /* This way we do not impose alignment constraints on resbuf: */ - if (SHA1_LITTLE_ENDIAN) { - unsigned i; - for (i = 0; i < in_buf; ++i) - ctx->hash[i] = htonl(ctx->hash[i]); - } - memcpy(resbuf, ctx->hash, sizeof(ctx->hash[0]) * in_buf); } diff --git a/src/lib/hash_sha1.h b/src/lib/hash_sha1.h index 09f50d12..2b6b7606 100644 --- a/src/lib/hash_sha1.h +++ b/src/lib/hash_sha1.h @@ -25,18 +25,18 @@ extern "C" { #define SHA1_RESULT_LEN (5 * 4) typedef struct sha1_ctx_t { - uint32_t hash[8]; /* 5, +3 elements for sha256 */ - uint64_t total64; - uint8_t wbuffer[64]; /* NB: always correctly aligned for uint64_t */ - void (*process_block)(struct sha1_ctx_t*); + uint8_t wbuffer[64]; /* always correctly aligned for uint64_t */ + /* for sha256: void (*process_block)(struct md5_ctx_t*); */ + uint64_t total64; /* must be directly before hash[] */ + uint32_t hash[8]; /* 4 elements for md5, 5 for sha1, 8 for sha256 */ } sha1_ctx_t; #define sha1_begin abrt_sha1_begin void sha1_begin(sha1_ctx_t *ctx); #define sha1_hash abrt_sha1_hash -void sha1_hash(const void *buffer, size_t len, sha1_ctx_t *ctx); +void sha1_hash(sha1_ctx_t *ctx, const void *buffer, size_t len); #define sha1_end abrt_sha1_end -void sha1_end(void *resbuf, sha1_ctx_t *ctx); +void sha1_end(sha1_ctx_t *ctx, void *resbuf); #ifdef __cplusplus } |