[git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-259-g902ea60
by Jussi Kivilinna
cvs at cvs.gnupg.org
Sat Sep 21 13:32:59 CEST 2013
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".
The branch, master has been updated
via 902ea6052c11108bd19333c31b03e084bed1fb86 (commit)
via cce7449efe471b076c5a97929ac8907162011394 (commit)
from 3e5cfa20acfeccb9df2c3fae2730344b40b36104 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 902ea6052c11108bd19333c31b03e084bed1fb86
Author: Jussi Kivilinna <jussi.kivilinna at iki.fi>
Date: Sat Sep 21 13:54:38 2013 +0300
Make STRIBOG use the new _gcry_md_block_write helper
* cipher/stribog.c (STRIBOG_STRUCT): Add 'bctx' and remove 'buf' and
'count'.
(stribog_init_512): Initialize 'bctx'.
(transform64): New function.
(stribog_write): Remove.
(stribog_final): Use _gcry_md_block_write and bctx.
(_gcry_digest_spec_stribog_256, _gcry_digest_spec_stribog_512): Use
_gcry_md_block_write.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
diff --git a/cipher/stribog.c b/cipher/stribog.c
index ec7ffe9..234a17e 100644
--- a/cipher/stribog.c
+++ b/cipher/stribog.c
@@ -32,6 +32,7 @@
typedef struct
{
+ gcry_md_block_ctx_t bctx;
union
{
u64 h[8];
@@ -39,8 +40,6 @@ typedef struct
};
u64 N[8];
u64 Sigma[8];
- byte buf[64];
- int count;
} STRIBOG_CONTEXT;
static const byte Pi[256] =
@@ -1276,11 +1275,19 @@ static void g (u64 *h, u64 *m, u64 *N)
static void
+transform64 (void *context, const unsigned char *inbuf_arg);
+
+
+static void
stribog_init_512 (void *context)
{
STRIBOG_CONTEXT *hd = context;
memset (hd, 0, sizeof (*hd));
+
+ hd->bctx.blocksize = 64;
+ hd->bctx.bwrite = transform64;
+ hd->bctx.stack_burn = 768;
}
static void
@@ -1340,35 +1347,11 @@ transform (STRIBOG_CONTEXT *hd, const unsigned char *data, unsigned count)
}
static void
-stribog_write (void *context, const void *inbuf_arg, size_t inlen)
+transform64 (void *context, const unsigned char *inbuf_arg)
{
STRIBOG_CONTEXT *hd = context;
- const unsigned char *inbuf = inbuf_arg;
- if (hd->count == 64)
- {
- transform (hd, hd->buf, hd->count * 8);
- hd->count = 0;
- _gcry_burn_stack (768);
- }
- if (!inbuf)
- return;
- if (hd->count)
- {
- for (; inlen && hd->count < 64; inlen--)
- hd->buf[hd->count++] = *inbuf++;
- stribog_write (context, NULL, 0);
- if (!inlen)
- return;
- }
- while (inlen >= 64)
- {
- transform (hd, inbuf, 64 * 8);
- inlen -= 64;
- inbuf += 64;
- }
- _gcry_burn_stack (768);
- for (; inlen && hd->count < 64; inlen--)
- hd->buf[hd->count++] = *inbuf++;
+
+ transform (hd, inbuf_arg, 64 * 8);
}
/*
@@ -1383,14 +1366,14 @@ stribog_final (void *context)
u64 Z[8] = {};
int i;
- stribog_write (context, NULL, 0); /* flush */ ;
+ _gcry_md_block_write (context, NULL, 0); /* flush */ ;
/* PAD. It does not count towards message length */
- i = hd->count;
+ i = hd->bctx.count;
/* After flush we have at least one byte free) */
- hd->buf[i++] = 1;
+ hd->bctx.buf[i++] = 1;
while (i < 64)
- hd->buf[i++] = 0;
- transform (hd, hd->buf, hd->count * 8);
+ hd->bctx.buf[i++] = 0;
+ transform (hd, hd->bctx.buf, hd->bctx.count * 8);
g (hd->h, hd->N, Z);
g (hd->h, hd->Sigma, Z);
@@ -1431,13 +1414,13 @@ stribog_read_256 (void *context)
gcry_md_spec_t _gcry_digest_spec_stribog_256 =
{
"STRIBOG256", NULL, 0, NULL, 32,
- stribog_init_256, stribog_write, stribog_final, stribog_read_256,
+ stribog_init_256, _gcry_md_block_write, stribog_final, stribog_read_256,
sizeof (STRIBOG_CONTEXT)
};
gcry_md_spec_t _gcry_digest_spec_stribog_512 =
{
"STRIBOG512", NULL, 0, NULL, 64,
- stribog_init_512, stribog_write, stribog_final, stribog_read_512,
+ stribog_init_512, _gcry_md_block_write, stribog_final, stribog_read_512,
sizeof (STRIBOG_CONTEXT)
};
commit cce7449efe471b076c5a97929ac8907162011394
Author: Jussi Kivilinna <jussi.kivilinna at iki.fi>
Date: Sat Sep 21 13:54:38 2013 +0300
Make SHA-512 use the new _gcry_md_block_write helper
* cipher/hash-common.c (_gcry_md_block_write): Check that hd->buf is
large enough.
* cipher/hash-common.h (MD_BLOCK_MAX_BLOCKSIZE, MD_NBLOCKS_TYPE): New
macros.
(gcry_md_block_ctx_t): Use above macros for 'nblocks' and 'buf'.
* cipher/sha512.c (SHA512_STATE): New struct.
(SHA512_CONTEXT): Add 'bctx' and 'state'.
(sha512_init, sha384_init): Initialize 'bctx'.
(__transform, _gcry_sha512_transform_armv7_neon): Use SHA512_STATE for
'hd'.
(transform): For now, do not return burn stack.
(sha512_write): Remove.
(sha512_final): Use _gcry_md_block_write and bctx.
(_gcry_digest_spec_sha512, _gcry_digest_spec_sha384): Use
_gcry_md_block_write.
--
Patch changes 'nblocks' counter to 64-bits when SHA-512 is enabled. This does
not cause problems with other algorithms; they are already casting 'nblocks'
to u32 variable in their finalization functions. Also move 'buf' member to
head of 'gcry_md_block_ctx_t' to ensure proper alignment; this is because some
algorithms cast buffer pointer to (u64*) in final endian conversion.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
diff --git a/cipher/hash-common.c b/cipher/hash-common.c
index a823a66..1a6e8e9 100644
--- a/cipher/hash-common.c
+++ b/cipher/hash-common.c
@@ -102,7 +102,10 @@ _gcry_md_block_write (void *context, const void *inbuf_arg, size_t inlen)
const unsigned char *inbuf = inbuf_arg;
gcry_md_block_ctx_t *hd = context;
- if ( hd->buf == NULL || hd->bwrite == NULL)
+ if (sizeof(hd->buf) < hd->blocksize)
+ BUG();
+
+ if (hd->buf == NULL || hd->bwrite == NULL)
return;
if (hd->count == hd->blocksize) /* Flush the buffer. */
diff --git a/cipher/hash-common.h b/cipher/hash-common.h
index 1d1d4ec..4dd5441 100644
--- a/cipher/hash-common.h
+++ b/cipher/hash-common.h
@@ -20,6 +20,8 @@
#ifndef GCRY_HASH_COMMON_H
#define GCRY_HASH_COMMON_H
+#include "types.h"
+
const char * _gcry_hash_selftest_check_one
/**/ (int algo,
@@ -29,11 +31,20 @@ const char * _gcry_hash_selftest_check_one
/* Type for the md_write helper function. */
typedef void (*_gcry_md_block_write_t) (void *c, const unsigned char *buf);
+#if defined(HAVE_U64_TYPEDEF) && defined(USE_SHA512)
+/* SHA-512 needs u64 and larger buffer. */
+# define MD_BLOCK_MAX_BLOCKSIZE 128
+# define MD_NBLOCKS_TYPE u64
+#else
+# define MD_BLOCK_MAX_BLOCKSIZE 64
+# define MD_NBLOCKS_TYPE u32
+#endif
+
typedef struct gcry_md_block_ctx
{
- u32 nblocks;
- int count;
- byte buf[64];
+ byte buf[MD_BLOCK_MAX_BLOCKSIZE];
+ MD_NBLOCKS_TYPE nblocks;
+ int count;
size_t blocksize;
_gcry_md_block_write_t bwrite;
size_t stack_burn;
diff --git a/cipher/sha512.c b/cipher/sha512.c
index fee3e71..ed63ae6 100644
--- a/cipher/sha512.c
+++ b/cipher/sha512.c
@@ -67,18 +67,25 @@
typedef struct
{
u64 h0, h1, h2, h3, h4, h5, h6, h7;
- u64 nblocks;
- byte buf[128];
- int count;
+} SHA512_STATE;
+
+typedef struct
+{
+ gcry_md_block_ctx_t bctx;
+ SHA512_STATE state;
#ifdef USE_ARM_NEON_ASM
int use_neon;
#endif
} SHA512_CONTEXT;
static void
+transform (void *context, const unsigned char *data);
+
+static void
sha512_init (void *context)
{
- SHA512_CONTEXT *hd = context;
+ SHA512_CONTEXT *ctx = context;
+ SHA512_STATE *hd = &ctx->state;
hd->h0 = U64_C(0x6a09e667f3bcc908);
hd->h1 = U64_C(0xbb67ae8584caa73b);
@@ -89,17 +96,22 @@ sha512_init (void *context)
hd->h6 = U64_C(0x1f83d9abfb41bd6b);
hd->h7 = U64_C(0x5be0cd19137e2179);
- hd->nblocks = 0;
- hd->count = 0;
+ ctx->bctx.nblocks = 0;
+ ctx->bctx.count = 0;
+ ctx->bctx.blocksize = 128;
+ ctx->bctx.bwrite = transform;
+ ctx->bctx.stack_burn = 256;
+
#ifdef USE_ARM_NEON_ASM
- hd->use_neon = (_gcry_get_hw_features () & HWF_ARM_NEON) != 0;
+ ctx->use_neon = (_gcry_get_hw_features () & HWF_ARM_NEON) != 0;
#endif
}
static void
sha384_init (void *context)
{
- SHA512_CONTEXT *hd = context;
+ SHA512_CONTEXT *ctx = context;
+ SHA512_STATE *hd = &ctx->state;
hd->h0 = U64_C(0xcbbb9d5dc1059ed8);
hd->h1 = U64_C(0x629a292a367cd507);
@@ -110,10 +122,14 @@ sha384_init (void *context)
hd->h6 = U64_C(0xdb0c2e0d64f98fa7);
hd->h7 = U64_C(0x47b5481dbefa4fa4);
- hd->nblocks = 0;
- hd->count = 0;
+ ctx->bctx.nblocks = 0;
+ ctx->bctx.count = 0;
+ ctx->bctx.blocksize = 128;
+ ctx->bctx.bwrite = transform;
+ ctx->bctx.stack_burn = 256;
+
#ifdef USE_ARM_NEON_ASM
- hd->use_neon = (_gcry_get_hw_features () & HWF_ARM_NEON) != 0;
+ ctx->use_neon = (_gcry_get_hw_features () & HWF_ARM_NEON) != 0;
#endif
}
@@ -196,7 +212,7 @@ static const u64 k[] =
* Transform the message W which consists of 16 64-bit-words
*/
static void
-__transform (SHA512_CONTEXT *hd, const unsigned char *data)
+__transform (SHA512_STATE *hd, const unsigned char *data)
{
u64 a, b, c, d, e, f, g, h;
u64 w[16];
@@ -477,71 +493,33 @@ __transform (SHA512_CONTEXT *hd, const unsigned char *data)
#ifdef USE_ARM_NEON_ASM
-void _gcry_sha512_transform_armv7_neon (SHA512_CONTEXT *hd,
+void _gcry_sha512_transform_armv7_neon (SHA512_STATE *hd,
const unsigned char *data,
const u64 k[]);
#endif
-static unsigned int
-transform (SHA512_CONTEXT *hd, const unsigned char *data)
+static void
+transform (void *context, const unsigned char *data)
{
+ SHA512_CONTEXT *ctx = context;
+
#ifdef USE_ARM_NEON_ASM
if (hd->use_neon)
{
- _gcry_sha512_transform_armv7_neon(hd, data, k);
+ _gcry_sha512_transform_armv7_neon(&ctx->state, data, k);
+ /* TODO: return burn stack to md_block_write */
/* return stack burn depth */
- return (sizeof(void *) * 3);
+ return /*(sizeof(void *) * 3)*/;
}
#endif
- __transform (hd, data);
+ __transform (&ctx->state, data);
+ /* TODO: return burn stack to md_block_write */
/* return stack burn depth */
- return 256;
-}
-
-
-/* Update the message digest with the contents
- * of INBUF with length INLEN.
- */
-static void
-sha512_write (void *context, const void *inbuf_arg, size_t inlen)
-{
- const unsigned char *inbuf = inbuf_arg;
- SHA512_CONTEXT *hd = context;
- unsigned int stack_burn_depth = 0;
-
- if (hd->count == 128)
- { /* flush the buffer */
- stack_burn_depth = transform (hd, hd->buf);
- _gcry_burn_stack (stack_burn_depth);
- hd->count = 0;
- hd->nblocks++;
- }
- if (!inbuf)
- return;
- if (hd->count)
- {
- for (; inlen && hd->count < 128; inlen--)
- hd->buf[hd->count++] = *inbuf++;
- sha512_write (context, NULL, 0);
- if (!inlen)
- return;
- }
-
- while (inlen >= 128)
- {
- stack_burn_depth = transform (hd, inbuf);
- hd->count = 0;
- hd->nblocks++;
- inlen -= 128;
- inbuf += 128;
- }
- _gcry_burn_stack (stack_burn_depth);
- for (; inlen && hd->count < 128; inlen--)
- hd->buf[hd->count++] = *inbuf++;
+ return /*256*/;
}
@@ -561,15 +539,15 @@ sha512_final (void *context)
u64 t, msb, lsb;
byte *p;
- sha512_write (context, NULL, 0); /* flush */ ;
+ _gcry_md_block_write (context, NULL, 0); /* flush */ ;
- t = hd->nblocks;
+ t = hd->bctx.nblocks;
/* multiply by 128 to make a byte count */
lsb = t << 7;
msb = t >> 57;
/* add the count */
t = lsb;
- if ((lsb += hd->count) < t)
+ if ((lsb += hd->bctx.count) < t)
msb++;
/* multiply by 8 to make a bit count */
t = lsb;
@@ -577,49 +555,50 @@ sha512_final (void *context)
msb <<= 3;
msb |= t >> 61;
- if (hd->count < 112)
+ if (hd->bctx.count < 112)
{ /* enough room */
- hd->buf[hd->count++] = 0x80; /* pad */
- while (hd->count < 112)
- hd->buf[hd->count++] = 0; /* pad */
+ hd->bctx.buf[hd->bctx.count++] = 0x80; /* pad */
+ while (hd->bctx.count < 112)
+ hd->bctx.buf[hd->bctx.count++] = 0; /* pad */
}
else
{ /* need one extra block */
- hd->buf[hd->count++] = 0x80; /* pad character */
- while (hd->count < 128)
- hd->buf[hd->count++] = 0;
- sha512_write (context, NULL, 0); /* flush */ ;
- memset (hd->buf, 0, 112); /* fill next block with zeroes */
+ hd->bctx.buf[hd->bctx.count++] = 0x80; /* pad character */
+ while (hd->bctx.count < 128)
+ hd->bctx.buf[hd->bctx.count++] = 0;
+ _gcry_md_block_write (context, NULL, 0); /* flush */ ;
+ memset (hd->bctx.buf, 0, 112); /* fill next block with zeroes */
}
/* append the 128 bit count */
- hd->buf[112] = msb >> 56;
- hd->buf[113] = msb >> 48;
- hd->buf[114] = msb >> 40;
- hd->buf[115] = msb >> 32;
- hd->buf[116] = msb >> 24;
- hd->buf[117] = msb >> 16;
- hd->buf[118] = msb >> 8;
- hd->buf[119] = msb;
-
- hd->buf[120] = lsb >> 56;
- hd->buf[121] = lsb >> 48;
- hd->buf[122] = lsb >> 40;
- hd->buf[123] = lsb >> 32;
- hd->buf[124] = lsb >> 24;
- hd->buf[125] = lsb >> 16;
- hd->buf[126] = lsb >> 8;
- hd->buf[127] = lsb;
- stack_burn_depth = transform (hd, hd->buf);
+ hd->bctx.buf[112] = msb >> 56;
+ hd->bctx.buf[113] = msb >> 48;
+ hd->bctx.buf[114] = msb >> 40;
+ hd->bctx.buf[115] = msb >> 32;
+ hd->bctx.buf[116] = msb >> 24;
+ hd->bctx.buf[117] = msb >> 16;
+ hd->bctx.buf[118] = msb >> 8;
+ hd->bctx.buf[119] = msb;
+
+ hd->bctx.buf[120] = lsb >> 56;
+ hd->bctx.buf[121] = lsb >> 48;
+ hd->bctx.buf[122] = lsb >> 40;
+ hd->bctx.buf[123] = lsb >> 32;
+ hd->bctx.buf[124] = lsb >> 24;
+ hd->bctx.buf[125] = lsb >> 16;
+ hd->bctx.buf[126] = lsb >> 8;
+ hd->bctx.buf[127] = lsb;
+ transform (hd, hd->bctx.buf);
+ stack_burn_depth = hd->bctx.stack_burn;
_gcry_burn_stack (stack_burn_depth);
- p = hd->buf;
+ p = hd->bctx.buf;
#ifdef WORDS_BIGENDIAN
-#define X(a) do { *(u64*)p = hd->h##a ; p += 8; } while (0)
+#define X(a) do { *(u64*)p = hd->state.h##a ; p += 8; } while (0)
#else /* little endian */
-#define X(a) do { *p++ = hd->h##a >> 56; *p++ = hd->h##a >> 48; \
- *p++ = hd->h##a >> 40; *p++ = hd->h##a >> 32; \
- *p++ = hd->h##a >> 24; *p++ = hd->h##a >> 16; \
- *p++ = hd->h##a >> 8; *p++ = hd->h##a; } while (0)
+#define X(a) do { *p++ = hd->state.h##a >> 56; *p++ = hd->state.h##a >> 48; \
+ *p++ = hd->state.h##a >> 40; *p++ = hd->state.h##a >> 32; \
+ *p++ = hd->state.h##a >> 24; *p++ = hd->state.h##a >> 16; \
+ *p++ = hd->state.h##a >> 8; *p++ = hd->state.h##a; } while(0)
#endif
X (0);
X (1);
@@ -638,7 +617,7 @@ static byte *
sha512_read (void *context)
{
SHA512_CONTEXT *hd = (SHA512_CONTEXT *) context;
- return hd->buf;
+ return hd->bctx.buf;
}
@@ -797,7 +776,7 @@ static gcry_md_oid_spec_t oid_spec_sha512[] =
gcry_md_spec_t _gcry_digest_spec_sha512 =
{
"SHA512", sha512_asn, DIM (sha512_asn), oid_spec_sha512, 64,
- sha512_init, sha512_write, sha512_final, sha512_read,
+ sha512_init, _gcry_md_block_write, sha512_final, sha512_read,
sizeof (SHA512_CONTEXT),
};
md_extra_spec_t _gcry_digest_extraspec_sha512 =
@@ -825,7 +804,7 @@ static gcry_md_oid_spec_t oid_spec_sha384[] =
gcry_md_spec_t _gcry_digest_spec_sha384 =
{
"SHA384", sha384_asn, DIM (sha384_asn), oid_spec_sha384, 48,
- sha384_init, sha512_write, sha512_final, sha512_read,
+ sha384_init, _gcry_md_block_write, sha512_final, sha512_read,
sizeof (SHA512_CONTEXT),
};
md_extra_spec_t _gcry_digest_extraspec_sha384 =
-----------------------------------------------------------------------
Summary of changes:
cipher/hash-common.c | 5 +-
cipher/hash-common.h | 17 ++++-
cipher/sha512.c | 179 ++++++++++++++++++++++----------------------------
cipher/stribog.c | 55 +++++----------
4 files changed, 116 insertions(+), 140 deletions(-)
hooks/post-receive
--
The GNU crypto library
http://git.gnupg.org
More information about the Gnupg-commits
mailing list