From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/7262
Path: news.gmane.org!not-for-mail
From: Shawn Landden <shawn@churchofgit.com>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: [RFC] sha2: new <sha2.h> header
Date: Tue, 24 Mar 2015 14:22:49 -0700
Message-ID: <CAJusiZU2L8CK1g85Ve6jr9NWiKXRozREaju12UffyHad9GL16Q@mail.gmail.com>
References: <1427216271-141535-1-git-send-email-shawn@churchofgit.com>
	<CAJusiZVp81CBGFgyGa5SvzUSYoG4oMeR-CqCXmv=8MNkdMJcWA@mail.gmail.com>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
X-Trace: ger.gmane.org 1427232191 23229 80.91.229.3 (24 Mar 2015 21:23:11 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Tue, 24 Mar 2015 21:23:11 +0000 (UTC)
To: musl@lists.openwall.com
Original-X-From: musl-return-7275-gllmg-musl=m.gmane.org@lists.openwall.com Tue Mar 24 22:23:11 2015
Return-path: <musl-return-7275-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@m.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by plane.gmane.org with smtp (Exim 4.69)
	(envelope-from <musl-return-7275-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1YaWI3-0006Hb-0T
	for gllmg-musl@m.gmane.org; Tue, 24 Mar 2015 22:23:11 +0100
Original-Received: (qmail 1614 invoked by uid 550); 24 Mar 2015 21:23:09 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
Original-Received: (qmail 1556 invoked from network); 24 Mar 2015 21:23:01 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:sender:in-reply-to:references:date:message-id:subject
         :from:to:content-type;
        bh=J4n1Wa6wUsukusI/NpsT1tMnKhhyeo7MRSEF6LiwT9E=;
        b=wH3Q0A7nL/x8ASCjcDXTkSkD5ZEmaNo9MSoZYnYjmJWWR+U5w58R+ULbjxMK9wQB4Y
         Y2p2a60+Z4WvxsRcaOje7aBCAxGCo2p3EYZzpjyfeZlhLkFUb1Nb1rG3FiRR/vE8CjAq
         K9MFX1c+ZH+P918u3AWqTcLQ22LUxc2k4IItIevwlyf0bqoXXjrJ1BV36eD7CFnfiR5w
         4/6n2bYtuvhco62VZBrdgFB/f+J8Nm5ObPlflnH8xET0tPNgSHBoPsSqgtHyblaE//eh
         QrQSGTU7eQGyKCBoWkQWFbicERzi+aE1s5qlTqJDY5zKdKRgKxUE2vnFhPpRh6uj14lU
         CFNQ==
X-Received: by 10.152.6.34 with SMTP id x2mr5284269lax.47.1427232169795; Tue,
 24 Mar 2015 14:22:49 -0700 (PDT)
Original-Sender: shawnlandden@gmail.com
In-Reply-To: <CAJusiZVp81CBGFgyGa5SvzUSYoG4oMeR-CqCXmv=8MNkdMJcWA@mail.gmail.com>
X-Google-Sender-Auth: 23Iq_TzOY4JX1nxUcI4Bfd5gSgo
Xref: news.gmane.org gmane.linux.lib.musl.general:7262
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/7262>

Rich Felker complains about corner cases, but these functions don't
have corner cases. There are no errors possible except going over a
size of 2^64, which takes longer than the age of the universe, and
these are totally standardized hashes. Yes, there is a length of a
state field that is exported, but that is about it.

On Tue, Mar 24, 2015 at 10:00 AM, Shawn Landden <shawn@churchofgit.com> wrote:
> On Tue, Mar 24, 2015 at 9:57 AM, Shawn Landden <shawn@churchofgit.com> wrote:
>> We have sha512 and sha256 code sitting here, yet we don't export it with any useful interface.
>>
>> This came out of discussion with pikhq on IRC.
>>
>> No tests yet, and no sha256 until this gets some review.
>> ---
>>  include/sha2.h            | 33 +++++++++++++++++++++++++++++++++
>>  src/crypt/crypt_sha512.c  | 37 ++++++++++++++++++++++++++++---------
>>  src/crypt/sha512.c        | 11 +++++++++++
>>  src/crypt/sha512_finish.c |  9 +++++++++
>>  src/crypt/sha512_push.c   |  9 +++++++++
>>  5 files changed, 90 insertions(+), 9 deletions(-)
>>  create mode 100644 include/sha2.h
>>  create mode 100644 src/crypt/sha512.c
>>  create mode 100644 src/crypt/sha512_finish.c
>>  create mode 100644 src/crypt/sha512_push.c
>>
>> diff --git a/include/sha2.h b/include/sha2.h
>> new file mode 100644
>> index 0000000..eb45bae
>> --- /dev/null
>> +++ b/include/sha2.h
>> @@ -0,0 +1,33 @@
>> +#ifndef _SHA2_H
>> +#define _SHA2_H
>> +
>> +#ifdef __cplusplus
>> +extern "C" {
>> +#endif
>> +
>> +#include <stdint.h>
>> +
>> +typedef struct sha512_state_t {
>> +       char __internal_state[8 + 64 + 128];
>> +} sha512_state_t;
>> +
>> +union sha512 {
>> +       uint8_t s8[64];
>> +       uint16_t s16[32];
>> +       uint32_t s32[16];
>> +       uint64_t s64[8];
>> +};
> whoops for including this. I was thinking of having a type for the
> digest, with differn't width accessors, like in6_addr has.
>> +
>> +/* using a macro allows switching to a static initializer in the future */
>> +#define SHA512STATEINIT __sha512_init()
>> +
>> +void *sha512(const void *__restrict, size_t n, void *__restrict);
>> +sha512_state_t __sha512_init();
>> +void sha512_push(sha512_state_t *s, const void *__restrict, size_t n);
>> +void sha512_finish(sha512_state_t *s, void *__restrict);
>> +
>> +#ifdef __cplusplus
>> +}
>> +#endif
>> +
>> +#endif
>> diff --git a/src/crypt/crypt_sha512.c b/src/crypt/crypt_sha512.c
>> index 1294e98..c3b57e9 100644
>> --- a/src/crypt/crypt_sha512.c
>> +++ b/src/crypt/crypt_sha512.c
>> @@ -16,11 +16,11 @@
>>  /* public domain sha512 implementation based on fips180-3 */
>>  /* >=2^64 bits messages are not supported (about 2000 peta bytes) */
>>
>> -struct sha512 {
>> +typedef struct sha512_state_t {
>>         uint64_t len;     /* processed message length */
>>         uint64_t h[8];    /* hash state */
>>         uint8_t buf[128]; /* message block buffer */
>> -};
>> +} sha512_state_t;
>>
>>  static uint64_t ror(uint64_t n, int k) { return (n >> k) | (n << (64-k)); }
>>  #define Ch(x,y,z)  (z ^ (x & (y ^ z)))
>> @@ -53,7 +53,7 @@ static const uint64_t K[80] = {
>>  0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL
>>  };
>>
>> -static void processblock(struct sha512 *s, const uint8_t *buf)
>> +static void processblock(sha512_state_t *s, const uint8_t *buf)
>>  {
>>         uint64_t W[80], t1, t2, a, b, c, d, e, f, g, h;
>>         int i;
>> @@ -100,7 +100,7 @@ static void processblock(struct sha512 *s, const uint8_t *buf)
>>         s->h[7] += h;
>>  }
>>
>> -static void pad(struct sha512 *s)
>> +static void pad(sha512_state_t *s)
>>  {
>>         unsigned r = s->len % 128;
>>
>> @@ -123,7 +123,7 @@ static void pad(struct sha512 *s)
>>         processblock(s, s->buf);
>>  }
>>
>> -static void sha512_init(struct sha512 *s)
>> +static void sha512_init(sha512_state_t *s)
>>  {
>>         s->len = 0;
>>         s->h[0] = 0x6a09e667f3bcc908ULL;
>> @@ -136,7 +136,7 @@ static void sha512_init(struct sha512 *s)
>>         s->h[7] = 0x5be0cd19137e2179ULL;
>>  }
>>
>> -static void sha512_sum(struct sha512 *s, uint8_t *md)
>> +static void sha512_sum(sha512_state_t *s, uint8_t *md)
>>  {
>>         int i;
>>
>> @@ -153,7 +153,7 @@ static void sha512_sum(struct sha512 *s, uint8_t *md)
>>         }
>>  }
>>
>> -static void sha512_update(struct sha512 *s, const void *m, unsigned long len)
>> +static void sha512_update(sha512_state_t *s, const void *m, unsigned long len)
>>  {
>>         const uint8_t *p = m;
>>         unsigned r = s->len % 128;
>> @@ -196,7 +196,7 @@ static char *to64(char *s, unsigned int u, int n)
>>  #define ROUNDS_MAX 9999999
>>
>>  /* hash n bytes of the repeated md message digest */
>> -static void hashmd(struct sha512 *s, unsigned int n, const void *md)
>> +static void hashmd(sha512_state_t  *s, unsigned int n, const void *md)
>>  {
>>         unsigned int i;
>>
>> @@ -207,7 +207,7 @@ static void hashmd(struct sha512 *s, unsigned int n, const void *md)
>>
>>  static char *sha512crypt(const char *key, const char *setting, char *output)
>>  {
>> -       struct sha512 ctx;
>> +       sha512_state_t ctx;
>>         unsigned char md[64], kmd[64], smd[64];
>>         unsigned int i, r, klen, slen;
>>         char rounds[20] = "";
>> @@ -369,3 +369,22 @@ char *__crypt_sha512(const char *key, const char *setting, char *output)
>>                 return "*";
>>         return p;
>>  }
>> +
>> +void __sha512_push(sha512_state_t *s, const void *d, size_t n)
>> +{
>> +       sha512_update(s, d, n);
>> +}
>> +
>> +void __sha512_finish(sha512_state_t *s, const void *md)
>> +{
>> +       sha512_sum(s, (uint8_t *)md);
>> +}
>> +
>> +sha512_state_t __sha512_init()
>> +{
>> +       sha512_state_t s;
>> +
>> +       sha512_init(&s);
>> +
>> +       return s;
>> +}
>> diff --git a/src/crypt/sha512.c b/src/crypt/sha512.c
>> new file mode 100644
>> index 0000000..42059e9
>> --- /dev/null
>> +++ b/src/crypt/sha512.c
>> @@ -0,0 +1,11 @@
>> +#include <unistd.h>
>> +#include <sha2.h>
>> +
>> +void *sha512(const void *d, size_t n, void *md)
>> +{
>> +       sha512_state_t s = SHA512STATEINIT;
>> +
>> +       sha512_push(&s, d, n);
>> +       sha512_finish(&s, md);
>> +       return md;
>> +}
>> diff --git a/src/crypt/sha512_finish.c b/src/crypt/sha512_finish.c
>> new file mode 100644
>> index 0000000..fe91bd5
>> --- /dev/null
>> +++ b/src/crypt/sha512_finish.c
>> @@ -0,0 +1,9 @@
>> +#include <unistd.h>
>> +#include <sha2.h>
>> +
>> +void __sha512_finish(sha512_state_t *s, void *__restrict);
>> +
>> +void sha512_finish(sha512_state_t *s, void *md)
>> +{
>> +       __sha512_finish(s, md);
>> +}
>> diff --git a/src/crypt/sha512_push.c b/src/crypt/sha512_push.c
>> new file mode 100644
>> index 0000000..dffb9dc
>> --- /dev/null
>> +++ b/src/crypt/sha512_push.c
>> @@ -0,0 +1,9 @@
>> +#include <unistd.h>
>> +#include <sha2.h>
>> +
>> +void __sha512_push(sha512_state_t *s, const void *__restrict, size_t n);
>> +
>> +void sha512_push(sha512_state_t *s, const void *d, size_t n)
>> +{
>> +       __sha512_push(s, d, n);
>> +}
>> --
>> 2.2.1.209.g41e5f3a
>>
>
>
>
> --
> Shawn Landden



-- 
Shawn Landden