From 2c30fcea82f51271c9e93e27d9442da41cd55c5e Mon Sep 17 00:00:00 2001 From: Palmer Cox Date: Sat, 5 Oct 2013 16:30:36 -0400 Subject: [PATCH 1/7] Clarify that the SipHash implementation has not be validated for cryptographic purposes. --- src/libstd/hash.rs | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/libstd/hash.rs b/src/libstd/hash.rs index ed7fc9eb1d954..6f6e847f569b6 100644 --- a/src/libstd/hash.rs +++ b/src/libstd/hash.rs @@ -15,8 +15,13 @@ * * Consider this as a main "general-purpose" hash for all hashtables: it * runs at good speed (competitive with spooky and city) and permits - * cryptographically strong _keyed_ hashing. Key your hashtables from a - * CPRNG like rand::rng. + * strong _keyed_ hashing. Key your hashtables from a strong RNG, + * such as rand::rng. + * + * Although the SipHash algorithm is considered to be cryptographically + * strong, this implementation has not been reviewed for such purposes. + * As such, all cryptographic uses of this implementation are strongly + * discouraged. */ #[allow(missing_doc)]; From c5f10b47f33f8765aa538c6fca936745e8cf8519 Mon Sep 17 00:00:00 2001 From: Palmer Cox Date: Tue, 22 Oct 2013 23:16:12 -0400 Subject: [PATCH 2/7] Update workcache to no longer use Sha1. --- src/libextra/workcache.rs | 22 +++++----------------- 1 file changed, 5 insertions(+), 17 deletions(-) diff --git a/src/libextra/workcache.rs b/src/libextra/workcache.rs index 30efecde37f91..bdc8b95ad411d 100644 --- a/src/libextra/workcache.rs +++ b/src/libextra/workcache.rs @@ -10,10 +10,8 @@ #[allow(missing_doc)]; -use digest::Digest; use json; use json::ToJson; -use sha1::Sha1; use serialize::{Encoder, Encodable, Decoder, Decodable}; use arc::{Arc,RWArc}; use treemap::TreeMap; @@ -23,7 +21,6 @@ use std::{os, str, task}; use std::rt::io; use std::rt::io::Writer; use std::rt::io::Decorator; -use std::rt::io::extensions::ReaderUtil; use std::rt::io::mem::MemWriter; use std::rt::io::file::FileInfo; @@ -276,19 +273,6 @@ fn json_decode>(s: &str) -> T { Decodable::decode(&mut decoder) } -fn digest>(t: &T) -> ~str { - let mut sha = ~Sha1::new(); - (*sha).input_str(json_encode(t)); - (*sha).result_str() -} - -fn digest_file(path: &Path) -> ~str { - let mut sha = ~Sha1::new(); - let s = path.open_reader(io::Open).read_to_end(); - (*sha).input(s); - (*sha).result_str() -} - impl Context { pub fn new(db: RWArc, @@ -497,6 +481,8 @@ impl<'self, T:Send + #[test] fn test() { use std::{os, run}; + use std::rt::io::ReaderUtil; + use std::str::from_utf8_owned; // Create a path to a new file 'filename' in the directory in which // this test is running. @@ -524,8 +510,10 @@ fn test() { let subcx = cx.clone(); let pth = pth.clone(); + let file_content = from_utf8_owned(pth.open_reader(io::Open).read_to_end()); + // FIXME (#9639): This needs to handle non-utf8 paths - prep.declare_input("file", pth.as_str().unwrap(), digest_file(&pth)); + prep.declare_input("file", pth.as_str().unwrap(), file_content); do prep.exec |_exe| { let out = make_path(~"foo.o"); // FIXME (#9639): This needs to handle non-utf8 paths From 653ee13839c95039709e9f261438115c74dd626f Mon Sep 17 00:00:00 2001 From: Palmer Cox Date: Tue, 22 Oct 2013 23:21:46 -0400 Subject: [PATCH 3/7] Remove MD5 and Sha2. Move Sha1 and support code into librustpkg. --- src/libextra/crypto/md5.rs | 327 ------ src/libextra/crypto/sha2.rs | 1033 ----------------- src/libextra/extra.rs | 12 - .../crypto => librustpkg}/cryptoutil.rs | 2 +- src/{libextra/crypto => librustpkg}/digest.rs | 2 +- src/librustpkg/rustpkg.rs | 5 +- src/{libextra/crypto => librustpkg}/sha1.rs | 2 +- src/librustpkg/workcache_support.rs | 5 +- 8 files changed, 9 insertions(+), 1379 deletions(-) delete mode 100644 src/libextra/crypto/md5.rs delete mode 100644 src/libextra/crypto/sha2.rs rename src/{libextra/crypto => librustpkg}/cryptoutil.rs (99%) rename src/{libextra/crypto => librustpkg}/digest.rs (98%) rename src/{libextra/crypto => librustpkg}/sha1.rs (99%) diff --git a/src/libextra/crypto/md5.rs b/src/libextra/crypto/md5.rs deleted file mode 100644 index 864fc64f82bec..0000000000000 --- a/src/libextra/crypto/md5.rs +++ /dev/null @@ -1,327 +0,0 @@ -// Copyright 2013 The Rust Project Developers. See the COPYRIGHT -// file at the top-level directory of this distribution and at -// http://rust-lang.org/COPYRIGHT. -// -// Licensed under the Apache License, Version 2.0 or the MIT license -// , at your -// option. This file may not be copied, modified, or distributed -// except according to those terms. - -#[allow(missing_doc)]; - -use std::iter::range_step; - -use cryptoutil::{write_u32_le, read_u32v_le, FixedBuffer, FixedBuffer64, StandardPadding}; -use digest::Digest; - - -// A structure that represents that state of a digest computation for the MD5 digest function -struct Md5State { - s0: u32, - s1: u32, - s2: u32, - s3: u32 -} - -impl Md5State { - fn new() -> Md5State { - return Md5State { - s0: 0x67452301, - s1: 0xefcdab89, - s2: 0x98badcfe, - s3: 0x10325476 - }; - } - - fn reset(&mut self) { - self.s0 = 0x67452301; - self.s1 = 0xefcdab89; - self.s2 = 0x98badcfe; - self.s3 = 0x10325476; - } - - fn process_block(&mut self, input: &[u8]) { - fn f(u: u32, v: u32, w: u32) -> u32 { - return (u & v) | (!u & w); - } - - fn g(u: u32, v: u32, w: u32) -> u32 { - return (u & w) | (v & !w); - } - - fn h(u: u32, v: u32, w: u32) -> u32 { - return u ^ v ^ w; - } - - fn i(u: u32, v: u32, w: u32) -> u32 { - return v ^ (u | !w); - } - - fn rotate_left(x: u32, n: u32) -> u32 { - return (x << n) | (x >> (32 - n)); - } - - fn op_f(w: u32, x: u32, y: u32, z: u32, m: u32, s: u32) -> u32 { - return rotate_left(w + f(x, y, z) + m, s) + x; - } - - fn op_g(w: u32, x: u32, y: u32, z: u32, m: u32, s: u32) -> u32 { - return rotate_left(w + g(x, y, z) + m, s) + x; - } - - fn op_h(w: u32, x: u32, y: u32, z: u32, m: u32, s: u32) -> u32 { - return rotate_left(w + h(x, y, z) + m, s) + x; - } - - fn op_i(w: u32, x: u32, y: u32, z: u32, m: u32, s: u32) -> u32 { - return rotate_left(w + i(x, y, z) + m, s) + x; - } - - let mut a = self.s0; - let mut b = self.s1; - let mut c = self.s2; - let mut d = self.s3; - - let mut data = [0u32, ..16]; - - read_u32v_le(data, input); - - // round 1 - for i in range_step(0u, 16, 4) { - a = op_f(a, b, c, d, data[i] + C1[i], 7); - d = op_f(d, a, b, c, data[i + 1] + C1[i + 1], 12); - c = op_f(c, d, a, b, data[i + 2] + C1[i + 2], 17); - b = op_f(b, c, d, a, data[i + 3] + C1[i + 3], 22); - } - - // round 2 - let mut t = 1; - for i in range_step(0u, 16, 4) { - a = op_g(a, b, c, d, data[t & 0x0f] + C2[i], 5); - d = op_g(d, a, b, c, data[(t + 5) & 0x0f] + C2[i + 1], 9); - c = op_g(c, d, a, b, data[(t + 10) & 0x0f] + C2[i + 2], 14); - b = op_g(b, c, d, a, data[(t + 15) & 0x0f] + C2[i + 3], 20); - t += 20; - } - - // round 3 - t = 5; - for i in range_step(0u, 16, 4) { - a = op_h(a, b, c, d, data[t & 0x0f] + C3[i], 4); - d = op_h(d, a, b, c, data[(t + 3) & 0x0f] + C3[i + 1], 11); - c = op_h(c, d, a, b, data[(t + 6) & 0x0f] + C3[i + 2], 16); - b = op_h(b, c, d, a, data[(t + 9) & 0x0f] + C3[i + 3], 23); - t += 12; - } - - // round 4 - t = 0; - for i in range_step(0u, 16, 4) { - a = op_i(a, b, c, d, data[t & 0x0f] + C4[i], 6); - d = op_i(d, a, b, c, data[(t + 7) & 0x0f] + C4[i + 1], 10); - c = op_i(c, d, a, b, data[(t + 14) & 0x0f] + C4[i + 2], 15); - b = op_i(b, c, d, a, data[(t + 21) & 0x0f] + C4[i + 3], 21); - t += 28; - } - - self.s0 += a; - self.s1 += b; - self.s2 += c; - self.s3 += d; - } -} - -// Round 1 constants -static C1: [u32, ..16] = [ - 0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee, 0xf57c0faf, 0x4787c62a, 0xa8304613, 0xfd469501, - 0x698098d8, 0x8b44f7af, 0xffff5bb1, 0x895cd7be, 0x6b901122, 0xfd987193, 0xa679438e, 0x49b40821 -]; - -// Round 2 constants -static C2: [u32, ..16] = [ - 0xf61e2562, 0xc040b340, 0x265e5a51, 0xe9b6c7aa, 0xd62f105d, 0x02441453, 0xd8a1e681, 0xe7d3fbc8, - 0x21e1cde6, 0xc33707d6, 0xf4d50d87, 0x455a14ed, 0xa9e3e905, 0xfcefa3f8, 0x676f02d9, 0x8d2a4c8a -]; - -// Round 3 constants -static C3: [u32, ..16] = [ - 0xfffa3942, 0x8771f681, 0x6d9d6122, 0xfde5380c, 0xa4beea44, 0x4bdecfa9, 0xf6bb4b60, 0xbebfbc70, - 0x289b7ec6, 0xeaa127fa, 0xd4ef3085, 0x04881d05, 0xd9d4d039, 0xe6db99e5, 0x1fa27cf8, 0xc4ac5665 -]; - -// Round 4 constants -static C4: [u32, ..16] = [ - 0xf4292244, 0x432aff97, 0xab9423a7, 0xfc93a039, 0x655b59c3, 0x8f0ccc92, 0xffeff47d, 0x85845dd1, - 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1, 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391 -]; - - -/// The MD5 Digest algorithm -pub struct Md5 { - priv length_bytes: u64, - priv buffer: FixedBuffer64, - priv state: Md5State, - priv finished: bool, -} - -impl Md5 { - /// Construct a new instance of the MD5 Digest. - pub fn new() -> Md5 { - return Md5 { - length_bytes: 0, - buffer: FixedBuffer64::new(), - state: Md5State::new(), - finished: false - } - } -} - -impl Digest for Md5 { - fn input(&mut self, input: &[u8]) { - assert!(!self.finished); - // Unlike Sha1 and Sha2, the length value in MD5 is defined as the length of the message mod - // 2^64 - ie: integer overflow is OK. - self.length_bytes += input.len() as u64; - self.buffer.input(input, |d: &[u8]| { self.state.process_block(d); }); - } - - fn reset(&mut self) { - self.length_bytes = 0; - self.buffer.reset(); - self.state.reset(); - self.finished = false; - } - - fn result(&mut self, out: &mut [u8]) { - if !self.finished { - self.buffer.standard_padding(8, |d: &[u8]| { self.state.process_block(d); }); - write_u32_le(self.buffer.next(4), (self.length_bytes << 3) as u32); - write_u32_le(self.buffer.next(4), (self.length_bytes >> 29) as u32); - self.state.process_block(self.buffer.full_buffer()); - self.finished = true; - } - - write_u32_le(out.mut_slice(0, 4), self.state.s0); - write_u32_le(out.mut_slice(4, 8), self.state.s1); - write_u32_le(out.mut_slice(8, 12), self.state.s2); - write_u32_le(out.mut_slice(12, 16), self.state.s3); - } - - fn output_bits(&self) -> uint { 128 } -} - - -#[cfg(test)] -mod tests { - use cryptoutil::test::test_digest_1million_random; - use digest::Digest; - use md5::Md5; - - - struct Test { - input: ~str, - output_str: ~str, - } - - fn test_hash(sh: &mut D, tests: &[Test]) { - // Test that it works when accepting the message all at once - for t in tests.iter() { - sh.input_str(t.input); - - let out_str = sh.result_str(); - assert!(out_str == t.output_str); - - sh.reset(); - } - - // Test that it works when accepting the message in pieces - for t in tests.iter() { - let len = t.input.len(); - let mut left = len; - while left > 0u { - let take = (left + 1u) / 2u; - sh.input_str(t.input.slice(len - left, take + len - left)); - left = left - take; - } - - let out_str = sh.result_str(); - assert!(out_str == t.output_str); - - sh.reset(); - } - } - - #[test] - fn test_md5() { - // Examples from wikipedia - let wikipedia_tests = ~[ - Test { - input: ~"", - output_str: ~"d41d8cd98f00b204e9800998ecf8427e" - }, - Test { - input: ~"The quick brown fox jumps over the lazy dog", - output_str: ~"9e107d9d372bb6826bd81d3542a419d6" - }, - Test { - input: ~"The quick brown fox jumps over the lazy dog.", - output_str: ~"e4d909c290d0fb1ca068ffaddf22cbd0" - }, - ]; - - let tests = wikipedia_tests; - - let mut sh = Md5::new(); - - test_hash(&mut sh, tests); - } - - #[test] - fn test_1million_random_md5() { - let mut sh = Md5::new(); - test_digest_1million_random( - &mut sh, - 64, - "7707d6ae4e027c70eea2a935c2296f21"); - } -} - - -#[cfg(test)] -mod bench { - use extra::test::BenchHarness; - - use md5::Md5; - - - #[bench] - pub fn md5_10(bh: & mut BenchHarness) { - let mut sh = Md5::new(); - let bytes = [1u8, ..10]; - do bh.iter { - sh.input(bytes); - } - bh.bytes = bytes.len() as u64; - } - - #[bench] - pub fn md5_1k(bh: & mut BenchHarness) { - let mut sh = Md5::new(); - let bytes = [1u8, ..1024]; - do bh.iter { - sh.input(bytes); - } - bh.bytes = bytes.len() as u64; - } - - #[bench] - pub fn md5_64k(bh: & mut BenchHarness) { - let mut sh = Md5::new(); - let bytes = [1u8, ..65536]; - do bh.iter { - sh.input(bytes); - } - bh.bytes = bytes.len() as u64; - } -} diff --git a/src/libextra/crypto/sha2.rs b/src/libextra/crypto/sha2.rs deleted file mode 100644 index fb9a6df50e48c..0000000000000 --- a/src/libextra/crypto/sha2.rs +++ /dev/null @@ -1,1033 +0,0 @@ -// Copyright 2012-2013 The Rust Project Developers. See the COPYRIGHT -// file at the top-level directory of this distribution and at -// http://rust-lang.org/COPYRIGHT. -// -// Licensed under the Apache License, Version 2.0 or the MIT license -// , at your -// option. This file may not be copied, modified, or distributed -// except according to those terms. - -#[allow(missing_doc)]; - -use std::iter::range_step; - -use cryptoutil::{write_u64_be, write_u32_be, read_u64v_be, read_u32v_be, add_bytes_to_bits, - add_bytes_to_bits_tuple, FixedBuffer, FixedBuffer128, FixedBuffer64, StandardPadding}; -use digest::Digest; - -// A structure that represents that state of a digest computation for the SHA-2 512 family -// of digest functions -struct Engine512State { - H0: u64, - H1: u64, - H2: u64, - H3: u64, - H4: u64, - H5: u64, - H6: u64, - H7: u64, -} - -impl Engine512State { - fn new(h: &[u64, ..8]) -> Engine512State { - return Engine512State { - H0: h[0], - H1: h[1], - H2: h[2], - H3: h[3], - H4: h[4], - H5: h[5], - H6: h[6], - H7: h[7] - }; - } - - fn reset(&mut self, h: &[u64, ..8]) { - self.H0 = h[0]; - self.H1 = h[1]; - self.H2 = h[2]; - self.H3 = h[3]; - self.H4 = h[4]; - self.H5 = h[5]; - self.H6 = h[6]; - self.H7 = h[7]; - } - - fn process_block(&mut self, data: &[u8]) { - fn ch(x: u64, y: u64, z: u64) -> u64 { - ((x & y) ^ ((!x) & z)) - } - - fn maj(x: u64, y: u64, z: u64) -> u64 { - ((x & y) ^ (x & z) ^ (y & z)) - } - - fn sum0(x: u64) -> u64 { - ((x << 36) | (x >> 28)) ^ ((x << 30) | (x >> 34)) ^ ((x << 25) | (x >> 39)) - } - - fn sum1(x: u64) -> u64 { - ((x << 50) | (x >> 14)) ^ ((x << 46) | (x >> 18)) ^ ((x << 23) | (x >> 41)) - } - - fn sigma0(x: u64) -> u64 { - ((x << 63) | (x >> 1)) ^ ((x << 56) | (x >> 8)) ^ (x >> 7) - } - - fn sigma1(x: u64) -> u64 { - ((x << 45) | (x >> 19)) ^ ((x << 3) | (x >> 61)) ^ (x >> 6) - } - - let mut a = self.H0; - let mut b = self.H1; - let mut c = self.H2; - let mut d = self.H3; - let mut e = self.H4; - let mut f = self.H5; - let mut g = self.H6; - let mut h = self.H7; - - let mut W = [0u64, ..80]; - - // Sha-512 and Sha-256 use basically the same calculations which are implemented by - // these macros. Inlining the calculations seems to result in better generated code. - macro_rules! schedule_round( ($t:expr) => ( - W[$t] = sigma1(W[$t - 2]) + W[$t - 7] + sigma0(W[$t - 15]) + W[$t - 16]; - ) - ) - - macro_rules! sha2_round( - ($A:ident, $B:ident, $C:ident, $D:ident, - $E:ident, $F:ident, $G:ident, $H:ident, $K:ident, $t:expr) => ( - { - $H += sum1($E) + ch($E, $F, $G) + $K[$t] + W[$t]; - $D += $H; - $H += sum0($A) + maj($A, $B, $C); - } - ) - ) - - - read_u64v_be(W.mut_slice(0, 16), data); - - // Putting the message schedule inside the same loop as the round calculations allows for - // the compiler to generate better code. - for t in range_step(0u, 64, 8) { - schedule_round!(t + 16); - schedule_round!(t + 17); - schedule_round!(t + 18); - schedule_round!(t + 19); - schedule_round!(t + 20); - schedule_round!(t + 21); - schedule_round!(t + 22); - schedule_round!(t + 23); - - sha2_round!(a, b, c, d, e, f, g, h, K64, t); - sha2_round!(h, a, b, c, d, e, f, g, K64, t + 1); - sha2_round!(g, h, a, b, c, d, e, f, K64, t + 2); - sha2_round!(f, g, h, a, b, c, d, e, K64, t + 3); - sha2_round!(e, f, g, h, a, b, c, d, K64, t + 4); - sha2_round!(d, e, f, g, h, a, b, c, K64, t + 5); - sha2_round!(c, d, e, f, g, h, a, b, K64, t + 6); - sha2_round!(b, c, d, e, f, g, h, a, K64, t + 7); - } - - for t in range_step(64u, 80, 8) { - sha2_round!(a, b, c, d, e, f, g, h, K64, t); - sha2_round!(h, a, b, c, d, e, f, g, K64, t + 1); - sha2_round!(g, h, a, b, c, d, e, f, K64, t + 2); - sha2_round!(f, g, h, a, b, c, d, e, K64, t + 3); - sha2_round!(e, f, g, h, a, b, c, d, K64, t + 4); - sha2_round!(d, e, f, g, h, a, b, c, K64, t + 5); - sha2_round!(c, d, e, f, g, h, a, b, K64, t + 6); - sha2_round!(b, c, d, e, f, g, h, a, K64, t + 7); - } - - self.H0 += a; - self.H1 += b; - self.H2 += c; - self.H3 += d; - self.H4 += e; - self.H5 += f; - self.H6 += g; - self.H7 += h; - } -} - -// Constants necessary for SHA-2 512 family of digests. -static K64: [u64, ..80] = [ - 0x428a2f98d728ae22, 0x7137449123ef65cd, 0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc, - 0x3956c25bf348b538, 0x59f111f1b605d019, 0x923f82a4af194f9b, 0xab1c5ed5da6d8118, - 0xd807aa98a3030242, 0x12835b0145706fbe, 0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2, - 0x72be5d74f27b896f, 0x80deb1fe3b1696b1, 0x9bdc06a725c71235, 0xc19bf174cf692694, - 0xe49b69c19ef14ad2, 0xefbe4786384f25e3, 0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65, - 0x2de92c6f592b0275, 0x4a7484aa6ea6e483, 0x5cb0a9dcbd41fbd4, 0x76f988da831153b5, - 0x983e5152ee66dfab, 0xa831c66d2db43210, 0xb00327c898fb213f, 0xbf597fc7beef0ee4, - 0xc6e00bf33da88fc2, 0xd5a79147930aa725, 0x06ca6351e003826f, 0x142929670a0e6e70, - 0x27b70a8546d22ffc, 0x2e1b21385c26c926, 0x4d2c6dfc5ac42aed, 0x53380d139d95b3df, - 0x650a73548baf63de, 0x766a0abb3c77b2a8, 0x81c2c92e47edaee6, 0x92722c851482353b, - 0xa2bfe8a14cf10364, 0xa81a664bbc423001, 0xc24b8b70d0f89791, 0xc76c51a30654be30, - 0xd192e819d6ef5218, 0xd69906245565a910, 0xf40e35855771202a, 0x106aa07032bbd1b8, - 0x19a4c116b8d2d0c8, 0x1e376c085141ab53, 0x2748774cdf8eeb99, 0x34b0bcb5e19b48a8, - 0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb, 0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3, - 0x748f82ee5defb2fc, 0x78a5636f43172f60, 0x84c87814a1f0ab72, 0x8cc702081a6439ec, - 0x90befffa23631e28, 0xa4506cebde82bde9, 0xbef9a3f7b2c67915, 0xc67178f2e372532b, - 0xca273eceea26619c, 0xd186b8c721c0c207, 0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178, - 0x06f067aa72176fba, 0x0a637dc5a2c898a6, 0x113f9804bef90dae, 0x1b710b35131c471b, - 0x28db77f523047d84, 0x32caab7b40c72493, 0x3c9ebe0a15c9bebc, 0x431d67c49c100d4c, - 0x4cc5d4becb3e42b6, 0x597f299cfc657e2a, 0x5fcb6fab3ad6faec, 0x6c44198c4a475817 -]; - - -// A structure that keeps track of the state of the Sha-512 operation and contains the logic -// necessary to perform the final calculations. -struct Engine512 { - length_bits: (u64, u64), - buffer: FixedBuffer128, - state: Engine512State, - finished: bool, -} - -impl Engine512 { - fn new(h: &[u64, ..8]) -> Engine512 { - return Engine512 { - length_bits: (0, 0), - buffer: FixedBuffer128::new(), - state: Engine512State::new(h), - finished: false - } - } - - fn reset(&mut self, h: &[u64, ..8]) { - self.length_bits = (0, 0); - self.buffer.reset(); - self.state.reset(h); - self.finished = false; - } - - fn input(&mut self, input: &[u8]) { - assert!(!self.finished) - // Assumes that input.len() can be converted to u64 without overflow - self.length_bits = add_bytes_to_bits_tuple(self.length_bits, input.len() as u64); - self.buffer.input(input, |input: &[u8]| { self.state.process_block(input) }); - } - - fn finish(&mut self) { - if self.finished { - return; - } - - self.buffer.standard_padding(16, |input: &[u8]| { self.state.process_block(input) }); - match self.length_bits { - (hi, low) => { - write_u64_be(self.buffer.next(8), hi); - write_u64_be(self.buffer.next(8), low); - } - } - self.state.process_block(self.buffer.full_buffer()); - - self.finished = true; - } -} - - -/// The SHA-512 hash algorithm -pub struct Sha512 { - priv engine: Engine512 -} - -impl Sha512 { - /** - * Construct an new instance of a SHA-512 digest. - */ - pub fn new() -> Sha512 { - return Sha512 { - engine: Engine512::new(&H512) - }; - } -} - -impl Digest for Sha512 { - fn input(&mut self, d: &[u8]) { - self.engine.input(d); - } - - fn result(&mut self, out: &mut [u8]) { - self.engine.finish(); - - write_u64_be(out.mut_slice(0, 8), self.engine.state.H0); - write_u64_be(out.mut_slice(8, 16), self.engine.state.H1); - write_u64_be(out.mut_slice(16, 24), self.engine.state.H2); - write_u64_be(out.mut_slice(24, 32), self.engine.state.H3); - write_u64_be(out.mut_slice(32, 40), self.engine.state.H4); - write_u64_be(out.mut_slice(40, 48), self.engine.state.H5); - write_u64_be(out.mut_slice(48, 56), self.engine.state.H6); - write_u64_be(out.mut_slice(56, 64), self.engine.state.H7); - } - - fn reset(&mut self) { - self.engine.reset(&H512); - } - - fn output_bits(&self) -> uint { 512 } -} - -static H512: [u64, ..8] = [ - 0x6a09e667f3bcc908, - 0xbb67ae8584caa73b, - 0x3c6ef372fe94f82b, - 0xa54ff53a5f1d36f1, - 0x510e527fade682d1, - 0x9b05688c2b3e6c1f, - 0x1f83d9abfb41bd6b, - 0x5be0cd19137e2179 -]; - - -/// The SHA-384 hash algorithm -pub struct Sha384 { - priv engine: Engine512 -} - -impl Sha384 { - /** - * Construct an new instance of a SHA-384 digest. - */ - pub fn new() -> Sha384 { - Sha384 { - engine: Engine512::new(&H384) - } - } -} - -impl Digest for Sha384 { - fn input(&mut self, d: &[u8]) { - self.engine.input(d); - } - - fn result(&mut self, out: &mut [u8]) { - self.engine.finish(); - - write_u64_be(out.mut_slice(0, 8), self.engine.state.H0); - write_u64_be(out.mut_slice(8, 16), self.engine.state.H1); - write_u64_be(out.mut_slice(16, 24), self.engine.state.H2); - write_u64_be(out.mut_slice(24, 32), self.engine.state.H3); - write_u64_be(out.mut_slice(32, 40), self.engine.state.H4); - write_u64_be(out.mut_slice(40, 48), self.engine.state.H5); - } - - fn reset(&mut self) { - self.engine.reset(&H384); - } - - fn output_bits(&self) -> uint { 384 } -} - -static H384: [u64, ..8] = [ - 0xcbbb9d5dc1059ed8, - 0x629a292a367cd507, - 0x9159015a3070dd17, - 0x152fecd8f70e5939, - 0x67332667ffc00b31, - 0x8eb44a8768581511, - 0xdb0c2e0d64f98fa7, - 0x47b5481dbefa4fa4 -]; - - -/// The SHA-512 hash algorithm with digest truncated to 256 bits -pub struct Sha512Trunc256 { - priv engine: Engine512 -} - -impl Sha512Trunc256 { - /** - * Construct an new instance of a SHA-512/256 digest. - */ - pub fn new() -> Sha512Trunc256 { - Sha512Trunc256 { - engine: Engine512::new(&H512_TRUNC_256) - } - } -} - -impl Digest for Sha512Trunc256 { - fn input(&mut self, d: &[u8]) { - self.engine.input(d); - } - - fn result(&mut self, out: &mut [u8]) { - self.engine.finish(); - - write_u64_be(out.mut_slice(0, 8), self.engine.state.H0); - write_u64_be(out.mut_slice(8, 16), self.engine.state.H1); - write_u64_be(out.mut_slice(16, 24), self.engine.state.H2); - write_u64_be(out.mut_slice(24, 32), self.engine.state.H3); - } - - fn reset(&mut self) { - self.engine.reset(&H512_TRUNC_256); - } - - fn output_bits(&self) -> uint { 256 } -} - -static H512_TRUNC_256: [u64, ..8] = [ - 0x22312194fc2bf72c, - 0x9f555fa3c84c64c2, - 0x2393b86b6f53b151, - 0x963877195940eabd, - 0x96283ee2a88effe3, - 0xbe5e1e2553863992, - 0x2b0199fc2c85b8aa, - 0x0eb72ddc81c52ca2 -]; - - -/// The SHA-512 hash algorithm with digest truncated to 224 bits -pub struct Sha512Trunc224 { - priv engine: Engine512 -} - -impl Sha512Trunc224 { - /** - * Construct an new instance of a SHA-512/224 digest. - */ - pub fn new() -> Sha512Trunc224 { - Sha512Trunc224 { - engine: Engine512::new(&H512_TRUNC_224) - } - } -} - -impl Digest for Sha512Trunc224 { - fn input(&mut self, d: &[u8]) { - self.engine.input(d); - } - - fn result(&mut self, out: &mut [u8]) { - self.engine.finish(); - - write_u64_be(out.mut_slice(0, 8), self.engine.state.H0); - write_u64_be(out.mut_slice(8, 16), self.engine.state.H1); - write_u64_be(out.mut_slice(16, 24), self.engine.state.H2); - write_u32_be(out.mut_slice(24, 28), (self.engine.state.H3 >> 32) as u32); - } - - fn reset(&mut self) { - self.engine.reset(&H512_TRUNC_224); - } - - fn output_bits(&self) -> uint { 224 } -} - -static H512_TRUNC_224: [u64, ..8] = [ - 0x8c3d37c819544da2, - 0x73e1996689dcd4d6, - 0x1dfab7ae32ff9c82, - 0x679dd514582f9fcf, - 0x0f6d2b697bd44da8, - 0x77e36f7304c48942, - 0x3f9d85a86a1d36c8, - 0x1112e6ad91d692a1, -]; - - -// A structure that represents that state of a digest computation for the SHA-2 512 family of digest -// functions -struct Engine256State { - H0: u32, - H1: u32, - H2: u32, - H3: u32, - H4: u32, - H5: u32, - H6: u32, - H7: u32, -} - -impl Engine256State { - fn new(h: &[u32, ..8]) -> Engine256State { - return Engine256State { - H0: h[0], - H1: h[1], - H2: h[2], - H3: h[3], - H4: h[4], - H5: h[5], - H6: h[6], - H7: h[7] - }; - } - - fn reset(&mut self, h: &[u32, ..8]) { - self.H0 = h[0]; - self.H1 = h[1]; - self.H2 = h[2]; - self.H3 = h[3]; - self.H4 = h[4]; - self.H5 = h[5]; - self.H6 = h[6]; - self.H7 = h[7]; - } - - fn process_block(&mut self, data: &[u8]) { - fn ch(x: u32, y: u32, z: u32) -> u32 { - ((x & y) ^ ((!x) & z)) - } - - fn maj(x: u32, y: u32, z: u32) -> u32 { - ((x & y) ^ (x & z) ^ (y & z)) - } - - fn sum0(x: u32) -> u32 { - ((x >> 2) | (x << 30)) ^ ((x >> 13) | (x << 19)) ^ ((x >> 22) | (x << 10)) - } - - fn sum1(x: u32) -> u32 { - ((x >> 6) | (x << 26)) ^ ((x >> 11) | (x << 21)) ^ ((x >> 25) | (x << 7)) - } - - fn sigma0(x: u32) -> u32 { - ((x >> 7) | (x << 25)) ^ ((x >> 18) | (x << 14)) ^ (x >> 3) - } - - fn sigma1(x: u32) -> u32 { - ((x >> 17) | (x << 15)) ^ ((x >> 19) | (x << 13)) ^ (x >> 10) - } - - let mut a = self.H0; - let mut b = self.H1; - let mut c = self.H2; - let mut d = self.H3; - let mut e = self.H4; - let mut f = self.H5; - let mut g = self.H6; - let mut h = self.H7; - - let mut W = [0u32, ..64]; - - // Sha-512 and Sha-256 use basically the same calculations which are implemented - // by these macros. Inlining the calculations seems to result in better generated code. - macro_rules! schedule_round( ($t:expr) => ( - W[$t] = sigma1(W[$t - 2]) + W[$t - 7] + sigma0(W[$t - 15]) + W[$t - 16]; - ) - ) - - macro_rules! sha2_round( - ($A:ident, $B:ident, $C:ident, $D:ident, - $E:ident, $F:ident, $G:ident, $H:ident, $K:ident, $t:expr) => ( - { - $H += sum1($E) + ch($E, $F, $G) + $K[$t] + W[$t]; - $D += $H; - $H += sum0($A) + maj($A, $B, $C); - } - ) - ) - - - read_u32v_be(W.mut_slice(0, 16), data); - - // Putting the message schedule inside the same loop as the round calculations allows for - // the compiler to generate better code. - for t in range_step(0u, 48, 8) { - schedule_round!(t + 16); - schedule_round!(t + 17); - schedule_round!(t + 18); - schedule_round!(t + 19); - schedule_round!(t + 20); - schedule_round!(t + 21); - schedule_round!(t + 22); - schedule_round!(t + 23); - - sha2_round!(a, b, c, d, e, f, g, h, K32, t); - sha2_round!(h, a, b, c, d, e, f, g, K32, t + 1); - sha2_round!(g, h, a, b, c, d, e, f, K32, t + 2); - sha2_round!(f, g, h, a, b, c, d, e, K32, t + 3); - sha2_round!(e, f, g, h, a, b, c, d, K32, t + 4); - sha2_round!(d, e, f, g, h, a, b, c, K32, t + 5); - sha2_round!(c, d, e, f, g, h, a, b, K32, t + 6); - sha2_round!(b, c, d, e, f, g, h, a, K32, t + 7); - } - - for t in range_step(48u, 64, 8) { - sha2_round!(a, b, c, d, e, f, g, h, K32, t); - sha2_round!(h, a, b, c, d, e, f, g, K32, t + 1); - sha2_round!(g, h, a, b, c, d, e, f, K32, t + 2); - sha2_round!(f, g, h, a, b, c, d, e, K32, t + 3); - sha2_round!(e, f, g, h, a, b, c, d, K32, t + 4); - sha2_round!(d, e, f, g, h, a, b, c, K32, t + 5); - sha2_round!(c, d, e, f, g, h, a, b, K32, t + 6); - sha2_round!(b, c, d, e, f, g, h, a, K32, t + 7); - } - - self.H0 += a; - self.H1 += b; - self.H2 += c; - self.H3 += d; - self.H4 += e; - self.H5 += f; - self.H6 += g; - self.H7 += h; - } -} - -static K32: [u32, ..64] = [ - 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, - 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, - 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, - 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, - 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, - 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, - 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, - 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, - 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, - 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, - 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, - 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, - 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, - 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, - 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, - 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 -]; - - -// A structure that keeps track of the state of the Sha-256 operation and contains the logic -// necessary to perform the final calculations. -struct Engine256 { - length_bits: u64, - buffer: FixedBuffer64, - state: Engine256State, - finished: bool, -} - -impl Engine256 { - fn new(h: &[u32, ..8]) -> Engine256 { - return Engine256 { - length_bits: 0, - buffer: FixedBuffer64::new(), - state: Engine256State::new(h), - finished: false - } - } - - fn reset(&mut self, h: &[u32, ..8]) { - self.length_bits = 0; - self.buffer.reset(); - self.state.reset(h); - self.finished = false; - } - - fn input(&mut self, input: &[u8]) { - assert!(!self.finished) - // Assumes that input.len() can be converted to u64 without overflow - self.length_bits = add_bytes_to_bits(self.length_bits, input.len() as u64); - self.buffer.input(input, |input: &[u8]| { self.state.process_block(input) }); - } - - fn finish(&mut self) { - if self.finished { - return; - } - - self.buffer.standard_padding(8, |input: &[u8]| { self.state.process_block(input) }); - write_u32_be(self.buffer.next(4), (self.length_bits >> 32) as u32 ); - write_u32_be(self.buffer.next(4), self.length_bits as u32); - self.state.process_block(self.buffer.full_buffer()); - - self.finished = true; - } -} - - -/// The SHA-256 hash algorithm -pub struct Sha256 { - priv engine: Engine256 -} - -impl Sha256 { - /** - * Construct an new instance of a SHA-256 digest. - */ - pub fn new() -> Sha256 { - Sha256 { - engine: Engine256::new(&H256) - } - } -} - -impl Digest for Sha256 { - fn input(&mut self, d: &[u8]) { - self.engine.input(d); - } - - fn result(&mut self, out: &mut [u8]) { - self.engine.finish(); - - write_u32_be(out.mut_slice(0, 4), self.engine.state.H0); - write_u32_be(out.mut_slice(4, 8), self.engine.state.H1); - write_u32_be(out.mut_slice(8, 12), self.engine.state.H2); - write_u32_be(out.mut_slice(12, 16), self.engine.state.H3); - write_u32_be(out.mut_slice(16, 20), self.engine.state.H4); - write_u32_be(out.mut_slice(20, 24), self.engine.state.H5); - write_u32_be(out.mut_slice(24, 28), self.engine.state.H6); - write_u32_be(out.mut_slice(28, 32), self.engine.state.H7); - } - - fn reset(&mut self) { - self.engine.reset(&H256); - } - - fn output_bits(&self) -> uint { 256 } -} - -static H256: [u32, ..8] = [ - 0x6a09e667, - 0xbb67ae85, - 0x3c6ef372, - 0xa54ff53a, - 0x510e527f, - 0x9b05688c, - 0x1f83d9ab, - 0x5be0cd19 -]; - - -/// The SHA-224 hash algorithm -pub struct Sha224 { - priv engine: Engine256 -} - -impl Sha224 { - /** - * Construct an new instance of a SHA-224 digest. - */ - pub fn new() -> Sha224 { - Sha224 { - engine: Engine256::new(&H224) - } - } -} - -impl Digest for Sha224 { - fn input(&mut self, d: &[u8]) { - self.engine.input(d); - } - - fn result(&mut self, out: &mut [u8]) { - self.engine.finish(); - write_u32_be(out.mut_slice(0, 4), self.engine.state.H0); - write_u32_be(out.mut_slice(4, 8), self.engine.state.H1); - write_u32_be(out.mut_slice(8, 12), self.engine.state.H2); - write_u32_be(out.mut_slice(12, 16), self.engine.state.H3); - write_u32_be(out.mut_slice(16, 20), self.engine.state.H4); - write_u32_be(out.mut_slice(20, 24), self.engine.state.H5); - write_u32_be(out.mut_slice(24, 28), self.engine.state.H6); - } - - fn reset(&mut self) { - self.engine.reset(&H224); - } - - fn output_bits(&self) -> uint { 224 } -} - -static H224: [u32, ..8] = [ - 0xc1059ed8, - 0x367cd507, - 0x3070dd17, - 0xf70e5939, - 0xffc00b31, - 0x68581511, - 0x64f98fa7, - 0xbefa4fa4 -]; - - -#[cfg(test)] -mod tests { - use cryptoutil::test::test_digest_1million_random; - use digest::Digest; - use sha2::{Sha512, Sha384, Sha512Trunc256, Sha512Trunc224, Sha256, Sha224}; - - struct Test { - input: ~str, - output_str: ~str, - } - - fn test_hash(sh: &mut D, tests: &[Test]) { - // Test that it works when accepting the message all at once - for t in tests.iter() { - sh.input_str(t.input); - - let out_str = sh.result_str(); - assert!(out_str == t.output_str); - - sh.reset(); - } - - // Test that it works when accepting the message in pieces - for t in tests.iter() { - let len = t.input.len(); - let mut left = len; - while left > 0u { - let take = (left + 1u) / 2u; - sh.input_str(t.input.slice(len - left, take + len - left)); - left = left - take; - } - - let out_str = sh.result_str(); - assert!(out_str == t.output_str); - - sh.reset(); - } - } - - #[test] - fn test_sha512() { - // Examples from wikipedia - let wikipedia_tests = ~[ - Test { - input: ~"", - output_str: ~"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce" + - "47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" - }, - Test { - input: ~"The quick brown fox jumps over the lazy dog", - output_str: ~"07e547d9586f6a73f73fbac0435ed76951218fb7d0c8d788a309d785436bbb64" + - "2e93a252a954f23912547d1e8a3b5ed6e1bfd7097821233fa0538f3db854fee6" - }, - Test { - input: ~"The quick brown fox jumps over the lazy dog.", - output_str: ~"91ea1245f20d46ae9a037a989f54f1f790f0a47607eeb8a14d12890cea77a1bb" + - "c6c7ed9cf205e67b7f2b8fd4c7dfd3a7a8617e45f3c463d481c7e586c39ac1ed" - }, - ]; - - let tests = wikipedia_tests; - - let mut sh = ~Sha512::new(); - - test_hash(sh, tests); - } - - #[test] - fn test_sha384() { - // Examples from wikipedia - let wikipedia_tests = ~[ - Test { - input: ~"", - output_str: ~"38b060a751ac96384cd9327eb1b1e36a21fdb71114be0743" + - "4c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" - }, - Test { - input: ~"The quick brown fox jumps over the lazy dog", - output_str: ~"ca737f1014a48f4c0b6dd43cb177b0afd9e5169367544c49" + - "4011e3317dbf9a509cb1e5dc1e85a941bbee3d7f2afbc9b1" - }, - Test { - input: ~"The quick brown fox jumps over the lazy dog.", - output_str: ~"ed892481d8272ca6df370bf706e4d7bc1b5739fa2177aae6" + - "c50e946678718fc67a7af2819a021c2fc34e91bdb63409d7" - }, - ]; - - let tests = wikipedia_tests; - - let mut sh = ~Sha384::new(); - - test_hash(sh, tests); - } - - #[test] - fn test_sha512_256() { - // Examples from wikipedia - let wikipedia_tests = ~[ - Test { - input: ~"", - output_str: ~"c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a" - }, - Test { - input: ~"The quick brown fox jumps over the lazy dog", - output_str: ~"dd9d67b371519c339ed8dbd25af90e976a1eeefd4ad3d889005e532fc5bef04d" - }, - Test { - input: ~"The quick brown fox jumps over the lazy dog.", - output_str: ~"1546741840f8a492b959d9b8b2344b9b0eb51b004bba35c0aebaac86d45264c3" - }, - ]; - - let tests = wikipedia_tests; - - let mut sh = ~Sha512Trunc256::new(); - - test_hash(sh, tests); - } - - #[test] - fn test_sha512_224() { - // Examples from wikipedia - let wikipedia_tests = ~[ - Test { - input: ~"", - output_str: ~"6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4" - }, - Test { - input: ~"The quick brown fox jumps over the lazy dog", - output_str: ~"944cd2847fb54558d4775db0485a50003111c8e5daa63fe722c6aa37" - }, - Test { - input: ~"The quick brown fox jumps over the lazy dog.", - output_str: ~"6d6a9279495ec4061769752e7ff9c68b6b0b3c5a281b7917ce0572de" - }, - ]; - - let tests = wikipedia_tests; - - let mut sh = ~Sha512Trunc224::new(); - - test_hash(sh, tests); - } - - #[test] - fn test_sha256() { - // Examples from wikipedia - let wikipedia_tests = ~[ - Test { - input: ~"", - output_str: ~"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" - }, - Test { - input: ~"The quick brown fox jumps over the lazy dog", - output_str: ~"d7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592" - }, - Test { - input: ~"The quick brown fox jumps over the lazy dog.", - output_str: ~"ef537f25c895bfa782526529a9b63d97aa631564d5d789c2b765448c8635fb6c" - }, - ]; - - let tests = wikipedia_tests; - - let mut sh = ~Sha256::new(); - - test_hash(sh, tests); - } - - #[test] - fn test_sha224() { - // Examples from wikipedia - let wikipedia_tests = ~[ - Test { - input: ~"", - output_str: ~"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" - }, - Test { - input: ~"The quick brown fox jumps over the lazy dog", - output_str: ~"730e109bd7a8a32b1cb9d9a09aa2325d2430587ddbc0c38bad911525" - }, - Test { - input: ~"The quick brown fox jumps over the lazy dog.", - output_str: ~"619cba8e8e05826e9b8c519c0a5c68f4fb653e8a3d8aa04bb2c8cd4c" - }, - ]; - - let tests = wikipedia_tests; - - let mut sh = ~Sha224::new(); - - test_hash(sh, tests); - } - - #[test] - fn test_1million_random_sha512() { - let mut sh = Sha512::new(); - test_digest_1million_random( - &mut sh, - 128, - "e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973eb" + - "de0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b"); - } - - #[test] - fn test_1million_random_sha256() { - let mut sh = Sha256::new(); - test_digest_1million_random( - &mut sh, - 64, - "cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0"); - } -} - - - -#[cfg(test)] -mod bench { - - use sha2::{Sha256,Sha512}; - use test::BenchHarness; - - #[bench] - pub fn sha256_10(bh: & mut BenchHarness) { - let mut sh = Sha256::new(); - let bytes = [1u8, ..10]; - do bh.iter { - sh.input(bytes); - } - bh.bytes = bytes.len() as u64; - } - - #[bench] - pub fn sha256_1k(bh: & mut BenchHarness) { - let mut sh = Sha256::new(); - let bytes = [1u8, ..1024]; - do bh.iter { - sh.input(bytes); - } - bh.bytes = bytes.len() as u64; - } - - #[bench] - pub fn sha256_64k(bh: & mut BenchHarness) { - let mut sh = Sha256::new(); - let bytes = [1u8, ..65536]; - do bh.iter { - sh.input(bytes); - } - bh.bytes = bytes.len() as u64; - } - - - - #[bench] - pub fn sha512_10(bh: & mut BenchHarness) { - let mut sh = Sha512::new(); - let bytes = [1u8, ..10]; - do bh.iter { - sh.input(bytes); - } - bh.bytes = bytes.len() as u64; - } - - #[bench] - pub fn sha512_1k(bh: & mut BenchHarness) { - let mut sh = Sha512::new(); - let bytes = [1u8, ..1024]; - do bh.iter { - sh.input(bytes); - } - bh.bytes = bytes.len() as u64; - } - - #[bench] - pub fn sha512_64k(bh: & mut BenchHarness) { - let mut sh = Sha512::new(); - let bytes = [1u8, ..65536]; - do bh.iter { - sh.input(bytes); - } - bh.bytes = bytes.len() as u64; - } - -} diff --git a/src/libextra/extra.rs b/src/libextra/extra.rs index 3ea164fb456f8..6abad2ed1818a 100644 --- a/src/libextra/extra.rs +++ b/src/libextra/extra.rs @@ -68,18 +68,6 @@ pub mod sort; pub mod dlist; pub mod treemap; -// Crypto -#[path="crypto/cryptoutil.rs"] -mod cryptoutil; -#[path="crypto/digest.rs"] -pub mod digest; -#[path="crypto/md5.rs"] -pub mod md5; -#[path="crypto/sha1.rs"] -pub mod sha1; -#[path="crypto/sha2.rs"] -pub mod sha2; - // And ... other stuff pub mod url; diff --git a/src/libextra/crypto/cryptoutil.rs b/src/librustpkg/cryptoutil.rs similarity index 99% rename from src/libextra/crypto/cryptoutil.rs rename to src/librustpkg/cryptoutil.rs index bb3524a7d4902..dfed31bad9f5c 100644 --- a/src/libextra/crypto/cryptoutil.rs +++ b/src/librustpkg/cryptoutil.rs @@ -349,10 +349,10 @@ impl StandardPadding for T { pub mod test { use std::rand::{IsaacRng, Rng}; use std::vec; + use extra::hex::FromHex; use cryptoutil::{add_bytes_to_bits, add_bytes_to_bits_tuple}; use digest::Digest; - use hex::FromHex; /// Feed 1,000,000 'a's into the digest with varying input sizes and check that the result is /// correct. diff --git a/src/libextra/crypto/digest.rs b/src/librustpkg/digest.rs similarity index 98% rename from src/libextra/crypto/digest.rs rename to src/librustpkg/digest.rs index 372e2313de7b2..f0dccf7c2e212 100644 --- a/src/libextra/crypto/digest.rs +++ b/src/librustpkg/digest.rs @@ -12,7 +12,7 @@ use std::vec; -use hex::ToHex; +use extra::hex::ToHex; /** diff --git a/src/librustpkg/rustpkg.rs b/src/librustpkg/rustpkg.rs index bd3a1b2f67282..89a7bfae86a93 100644 --- a/src/librustpkg/rustpkg.rs +++ b/src/librustpkg/rustpkg.rs @@ -18,7 +18,7 @@ #[license = "MIT/ASL2"]; #[crate_type = "lib"]; -#[feature(globs, managed_boxes)]; +#[feature(globs, managed_boxes, macro_rules)]; extern mod extra; extern mod rustc; @@ -55,6 +55,8 @@ pub mod api; mod conditions; pub mod context; mod crate; +mod cryptoutil; +mod digest; pub mod exit_codes; mod installed_packages; mod messages; @@ -62,6 +64,7 @@ mod package_id; mod package_source; mod path_util; mod search; +mod sha1; mod source_control; mod target; #[cfg(test)] diff --git a/src/libextra/crypto/sha1.rs b/src/librustpkg/sha1.rs similarity index 99% rename from src/libextra/crypto/sha1.rs rename to src/librustpkg/sha1.rs index 4d4d47feee817..38bfc51841fbd 100644 --- a/src/libextra/crypto/sha1.rs +++ b/src/librustpkg/sha1.rs @@ -295,9 +295,9 @@ mod tests { #[cfg(test)] mod bench { + use extra::test::BenchHarness; use sha1::Sha1; - use test::BenchHarness; #[bench] pub fn sha1_10(bh: & mut BenchHarness) { diff --git a/src/librustpkg/workcache_support.rs b/src/librustpkg/workcache_support.rs index b68e42d8ebe24..1cdaefd592b5c 100644 --- a/src/librustpkg/workcache_support.rs +++ b/src/librustpkg/workcache_support.rs @@ -11,10 +11,9 @@ use std::rt::io; use std::rt::io::extensions::ReaderUtil; use std::rt::io::file::FileInfo; - -use extra::sha1::Sha1; -use extra::digest::Digest; use extra::workcache; +use sha1::Sha1; +use digest::Digest; /// Hashes the file contents along with the last-modified time pub fn digest_file_with_date(path: &Path) -> ~str { From 72a9482b3f656a009304de9cfa05011083045e4f Mon Sep 17 00:00:00 2001 From: Palmer Cox Date: Tue, 22 Oct 2013 23:26:47 -0400 Subject: [PATCH 4/7] Add a comment to Sha1 that its not suitable for cryptogrpahic uses. --- src/librustpkg/sha1.rs | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/librustpkg/sha1.rs b/src/librustpkg/sha1.rs index 38bfc51841fbd..04efbfffe15ce 100644 --- a/src/librustpkg/sha1.rs +++ b/src/librustpkg/sha1.rs @@ -20,6 +20,10 @@ * * The `sha1` object may be reused to create multiple hashes by calling * the `reset` method. + * + * This implementation has not been reviewed for cryptographic uses. + * As such, all cryptographic uses of this implementation are strongly + * discouraged. */ From ca132006a0875bb373c780f32f6aea4fd94ffbf0 Mon Sep 17 00:00:00 2001 From: Palmer Cox Date: Tue, 22 Oct 2013 23:56:46 -0400 Subject: [PATCH 5/7] Remove dead code from cryptoutil.rs and remove macro_rules feature flag. --- src/librustpkg/cryptoutil.rs | 301 +++++++++-------------------------- src/librustpkg/rustpkg.rs | 2 +- 2 files changed, 73 insertions(+), 230 deletions(-) diff --git a/src/librustpkg/cryptoutil.rs b/src/librustpkg/cryptoutil.rs index dfed31bad9f5c..55199b1f2cc76 100644 --- a/src/librustpkg/cryptoutil.rs +++ b/src/librustpkg/cryptoutil.rs @@ -8,22 +8,10 @@ // option. This file may not be copied, modified, or distributed // except according to those terms. -use std::num::{One, Zero, CheckedAdd}; +use std::num::{Zero, CheckedAdd}; use std::vec::bytes::{MutableByteVector, copy_memory}; -/// Write a u64 into a vector, which must be 8 bytes long. The value is written in big-endian -/// format. -pub fn write_u64_be(dst: &mut[u8], input: u64) { - use std::cast::transmute; - use std::unstable::intrinsics::to_be64; - assert!(dst.len() == 8); - unsafe { - let x: *mut i64 = transmute(dst.unsafe_mut_ref(0)); - *x = to_be64(input as i64); - } -} - /// Write a u32 into a vector, which must be 4 bytes long. The value is written in big-endian /// format. pub fn write_u32_be(dst: &mut[u8], input: u32) { @@ -36,34 +24,6 @@ pub fn write_u32_be(dst: &mut[u8], input: u32) { } } -/// Write a u32 into a vector, which must be 4 bytes long. The value is written in little-endian -/// format. -pub fn write_u32_le(dst: &mut[u8], input: u32) { - use std::cast::transmute; - use std::unstable::intrinsics::to_le32; - assert!(dst.len() == 4); - unsafe { - let x: *mut i32 = transmute(dst.unsafe_mut_ref(0)); - *x = to_le32(input as i32); - } -} - -/// Read a vector of bytes into a vector of u64s. The values are read in big-endian format. -pub fn read_u64v_be(dst: &mut[u64], input: &[u8]) { - use std::cast::transmute; - use std::unstable::intrinsics::to_be64; - assert!(dst.len() * 8 == input.len()); - unsafe { - let mut x: *mut i64 = transmute(dst.unsafe_mut_ref(0)); - let mut y: *i64 = transmute(input.unsafe_ref(0)); - do dst.len().times() { - *x = to_be64(*y); - x = x.offset(1); - y = y.offset(1); - } - } -} - /// Read a vector of bytes into a vector of u32s. The values are read in big-endian format. pub fn read_u32v_be(dst: &mut[u32], input: &[u8]) { use std::cast::transmute; @@ -80,22 +40,6 @@ pub fn read_u32v_be(dst: &mut[u32], input: &[u8]) { } } -/// Read a vector of bytes into a vector of u32s. The values are read in little-endian format. -pub fn read_u32v_le(dst: &mut[u32], input: &[u8]) { - use std::cast::transmute; - use std::unstable::intrinsics::to_le32; - assert!(dst.len() * 4 == input.len()); - unsafe { - let mut x: *mut i32 = transmute(dst.unsafe_mut_ref(0)); - let mut y: *i32 = transmute(input.unsafe_ref(0)); - do dst.len().times() { - *x = to_le32(*y); - x = x.offset(1); - y = y.offset(1); - } - } -} - trait ToBits { /// Convert the value in bytes to the number of bits, a tuple where the 1st item is the @@ -124,51 +68,6 @@ pub fn add_bytes_to_bits(bits: T, bytes: T) -> T { } } -/// Adds the specified number of bytes to the bit count, which is a tuple where the first element is -/// the high order value. fail!() if this would cause numeric overflow. -pub fn add_bytes_to_bits_tuple - - (bits: (T, T), bytes: T) -> (T, T) { - let (new_high_bits, new_low_bits) = bytes.to_bits(); - let (hi, low) = bits; - - // Add the low order value - if there is no overflow, then add the high order values - // If the addition of the low order values causes overflow, add one to the high order values - // before adding them. - match low.checked_add(&new_low_bits) { - Some(x) => { - if new_high_bits == Zero::zero() { - // This is the fast path - every other alternative will rarely occur in practice - // considering how large an input would need to be for those paths to be used. - return (hi, x); - } else { - match hi.checked_add(&new_high_bits) { - Some(y) => return (y, x), - None => fail!("Numeric overflow occured.") - } - } - }, - None => { - let one: T = One::one(); - let z = match new_high_bits.checked_add(&one) { - Some(w) => w, - None => fail!("Numeric overflow occured.") - }; - match hi.checked_add(&z) { - // This re-executes the addition that was already performed earlier when overflow - // occured, this time allowing the overflow to happen. Technically, this could be - // avoided by using the checked add intrinsic directly, but that involves using - // unsafe code and is not really worthwhile considering how infrequently code will - // run in practice. This is the reason that this function requires that the type T - // be Unsigned - overflow is not defined for Signed types. This function could be - // implemented for signed types as well if that were needed. - Some(y) => return (y, low + new_low_bits), - None => fail!("Numeric overflow occured.") - } - } - } -} - /// A FixedBuffer, likes its name implies, is a fixed size buffer. When the buffer becomes full, it /// must be processed. The input() method takes care of processing and then clearing the buffer @@ -204,83 +103,6 @@ pub trait FixedBuffer { fn size(&self) -> uint; } -macro_rules! impl_fixed_buffer( ($name:ident, $size:expr) => ( - impl FixedBuffer for $name { - fn input(&mut self, input: &[u8], func: &fn(&[u8])) { - let mut i = 0; - - // FIXME: #6304 - This local variable shouldn't be necessary. - let size = $size; - - // If there is already data in the buffer, copy as much as we can into it and process - // the data if the buffer becomes full. - if self.buffer_idx != 0 { - let buffer_remaining = size - self.buffer_idx; - if input.len() >= buffer_remaining { - copy_memory( - self.buffer.mut_slice(self.buffer_idx, size), - input.slice_to(buffer_remaining), - buffer_remaining); - self.buffer_idx = 0; - func(self.buffer); - i += buffer_remaining; - } else { - copy_memory( - self.buffer.mut_slice(self.buffer_idx, self.buffer_idx + input.len()), - input, - input.len()); - self.buffer_idx += input.len(); - return; - } - } - - // While we have at least a full buffer size chunks's worth of data, process that data - // without copying it into the buffer - while input.len() - i >= size { - func(input.slice(i, i + size)); - i += size; - } - - // Copy any input data into the buffer. At this point in the method, the ammount of - // data left in the input vector will be less than the buffer size and the buffer will - // be empty. - let input_remaining = input.len() - i; - copy_memory( - self.buffer.mut_slice(0, input_remaining), - input.slice_from(i), - input.len() - i); - self.buffer_idx += input_remaining; - } - - fn reset(&mut self) { - self.buffer_idx = 0; - } - - fn zero_until(&mut self, idx: uint) { - assert!(idx >= self.buffer_idx); - self.buffer.mut_slice(self.buffer_idx, idx).set_memory(0); - self.buffer_idx = idx; - } - - fn next<'s>(&'s mut self, len: uint) -> &'s mut [u8] { - self.buffer_idx += len; - return self.buffer.mut_slice(self.buffer_idx - len, self.buffer_idx); - } - - fn full_buffer<'s>(&'s mut self) -> &'s [u8] { - assert!(self.buffer_idx == $size); - self.buffer_idx = 0; - return self.buffer.slice_to($size); - } - - fn position(&self) -> uint { self.buffer_idx } - - fn remaining(&self) -> uint { $size - self.buffer_idx } - - fn size(&self) -> uint { $size } - } -)) - /// A fixed size buffer of 64 bytes useful for cryptographic operations. pub struct FixedBuffer64 { @@ -298,25 +120,80 @@ impl FixedBuffer64 { } } -impl_fixed_buffer!(FixedBuffer64, 64) +impl FixedBuffer for FixedBuffer64 { + fn input(&mut self, input: &[u8], func: &fn(&[u8])) { + let mut i = 0; -/// A fixed size buffer of 128 bytes useful for cryptographic operations. -pub struct FixedBuffer128 { - priv buffer: [u8, ..128], - priv buffer_idx: uint, -} + // FIXME: #6304 - This local variable shouldn't be necessary. + let size = 64; -impl FixedBuffer128 { - /// Create a new buffer - pub fn new() -> FixedBuffer128 { - return FixedBuffer128 { - buffer: [0u8, ..128], - buffer_idx: 0 - }; + // If there is already data in the buffer, copy as much as we can into it and process + // the data if the buffer becomes full. + if self.buffer_idx != 0 { + let buffer_remaining = size - self.buffer_idx; + if input.len() >= buffer_remaining { + copy_memory( + self.buffer.mut_slice(self.buffer_idx, size), + input.slice_to(buffer_remaining), + buffer_remaining); + self.buffer_idx = 0; + func(self.buffer); + i += buffer_remaining; + } else { + copy_memory( + self.buffer.mut_slice(self.buffer_idx, self.buffer_idx + input.len()), + input, + input.len()); + self.buffer_idx += input.len(); + return; + } + } + + // While we have at least a full buffer size chunks's worth of data, process that data + // without copying it into the buffer + while input.len() - i >= size { + func(input.slice(i, i + size)); + i += size; + } + + // Copy any input data into the buffer. At this point in the method, the ammount of + // data left in the input vector will be less than the buffer size and the buffer will + // be empty. + let input_remaining = input.len() - i; + copy_memory( + self.buffer.mut_slice(0, input_remaining), + input.slice_from(i), + input.len() - i); + self.buffer_idx += input_remaining; + } + + fn reset(&mut self) { + self.buffer_idx = 0; + } + + fn zero_until(&mut self, idx: uint) { + assert!(idx >= self.buffer_idx); + self.buffer.mut_slice(self.buffer_idx, idx).set_memory(0); + self.buffer_idx = idx; + } + + fn next<'s>(&'s mut self, len: uint) -> &'s mut [u8] { + self.buffer_idx += len; + return self.buffer.mut_slice(self.buffer_idx - len, self.buffer_idx); } -} -impl_fixed_buffer!(FixedBuffer128, 128) + fn full_buffer<'s>(&'s mut self) -> &'s [u8] { + assert!(self.buffer_idx == 64); + self.buffer_idx = 0; + return self.buffer.slice_to(64); + } + + fn position(&self) -> uint { self.buffer_idx } + + fn remaining(&self) -> uint { 64 - self.buffer_idx } + + fn size(&self) -> uint { 64 } +} /// The StandardPadding trait adds a method useful for various hash algorithms to a FixedBuffer @@ -351,7 +228,7 @@ pub mod test { use std::vec; use extra::hex::FromHex; - use cryptoutil::{add_bytes_to_bits, add_bytes_to_bits_tuple}; + use cryptoutil::add_bytes_to_bits; use digest::Digest; /// Feed 1,000,000 'a's into the digest with varying input sizes and check that the result is @@ -391,38 +268,4 @@ pub mod test { fn test_add_bytes_to_bits_overflow() { add_bytes_to_bits::(Bounded::max_value(), 1); } - - // A normal addition - no overflow occurs (fast path) - #[test] - fn test_add_bytes_to_bits_tuple_ok() { - assert!(add_bytes_to_bits_tuple::((5, 100), 10) == (5, 180)); - } - - // The low order value overflows into the high order value - #[test] - fn test_add_bytes_to_bits_tuple_ok2() { - assert!(add_bytes_to_bits_tuple::((5, Bounded::max_value()), 1) == (6, 7)); - } - - // The value to add is too large to be converted into bits without overflowing its type - #[test] - fn test_add_bytes_to_bits_tuple_ok3() { - assert!(add_bytes_to_bits_tuple::((5, 0), 0x4000000000000001) == (7, 8)); - } - - // A simple failure case - adding 1 to the max value - #[test] - #[should_fail] - fn test_add_bytes_to_bits_tuple_overflow() { - add_bytes_to_bits_tuple::((Bounded::max_value(), Bounded::max_value()), 1); - } - - // The value to add is too large to convert to bytes without overflowing its type, but the high - // order value from this conversion overflows when added to the existing high order value - #[test] - #[should_fail] - fn test_add_bytes_to_bits_tuple_overflow2() { - let value: u64 = Bounded::max_value(); - add_bytes_to_bits_tuple::((value - 1, 0), 0x8000000000000000); - } } diff --git a/src/librustpkg/rustpkg.rs b/src/librustpkg/rustpkg.rs index 89a7bfae86a93..229eecffbea05 100644 --- a/src/librustpkg/rustpkg.rs +++ b/src/librustpkg/rustpkg.rs @@ -18,7 +18,7 @@ #[license = "MIT/ASL2"]; #[crate_type = "lib"]; -#[feature(globs, managed_boxes, macro_rules)]; +#[feature(globs, managed_boxes)]; extern mod extra; extern mod rustc; From ff9e573a6752cde4760fafdb94f7337c9e133905 Mon Sep 17 00:00:00 2001 From: Palmer Cox Date: Tue, 22 Oct 2013 23:57:55 -0400 Subject: [PATCH 6/7] Remove MD4. --- src/libextra/extra.rs | 1 - src/libextra/md4.rs | 150 ------------------------------------------ 2 files changed, 151 deletions(-) delete mode 100644 src/libextra/md4.rs diff --git a/src/libextra/extra.rs b/src/libextra/extra.rs index 6abad2ed1818a..90434cf0d4912 100644 --- a/src/libextra/extra.rs +++ b/src/libextra/extra.rs @@ -74,7 +74,6 @@ pub mod url; pub mod ebml; pub mod getopts; pub mod json; -pub mod md4; pub mod tempfile; pub mod glob; pub mod term; diff --git a/src/libextra/md4.rs b/src/libextra/md4.rs deleted file mode 100644 index 96238986bf1c8..0000000000000 --- a/src/libextra/md4.rs +++ /dev/null @@ -1,150 +0,0 @@ -// Copyright 2012 The Rust Project Developers. See the COPYRIGHT -// file at the top-level directory of this distribution and at -// http://rust-lang.org/COPYRIGHT. -// -// Licensed under the Apache License, Version 2.0 or the MIT license -// , at your -// option. This file may not be copied, modified, or distributed -// except according to those terms. - -#[allow(missing_doc)]; - -use std::vec; - -struct Quad { - a: u32, - b: u32, - c: u32, - d: u32 -} - -/// Calculates the md4 hash of the given slice of bytes, returning the 128-bit -/// result as a quad of u32's -pub fn md4(msg: &[u8]) -> Quad { - // subtle: if orig_len is merely uint, then the code below - // which performs shifts by 32 bits or more has undefined - // results. - let orig_len: u64 = (msg.len() * 8u) as u64; - - // pad message - let mut msg = vec::append(msg.to_owned(), [0x80u8]); - let mut bitlen = orig_len + 8u64; - while (bitlen + 64u64) % 512u64 > 0u64 { - msg.push(0u8); - bitlen += 8u64; - } - - // append length - let mut i = 0u64; - while i < 8u64 { - msg.push((orig_len >> (i * 8u64)) as u8); - i += 1u64; - } - - let mut a = 0x67452301u32; - let mut b = 0xefcdab89u32; - let mut c = 0x98badcfeu32; - let mut d = 0x10325476u32; - - fn rot(r: int, x: u32) -> u32 { - let r = r as u32; - (x << r) | (x >> (32u32 - r)) - } - - let mut i = 0u; - let e = msg.len(); - let mut x = vec::from_elem(16u, 0u32); - while i < e { - let (aa, bb, cc, dd) = (a, b, c, d); - - let mut j = 0u; - let mut base = i; - while j < 16u { - x[j] = (msg[base] as u32) + (msg[base + 1u] as u32 << 8u32) + - (msg[base + 2u] as u32 << 16u32) + - (msg[base + 3u] as u32 << 24u32); - j += 1u; base += 4u; - } - - let mut j = 0u; - while j < 16u { - a = rot(3, a + ((b & c) | (!b & d)) + x[j]); - j += 1u; - d = rot(7, d + ((a & b) | (!a & c)) + x[j]); - j += 1u; - c = rot(11, c + ((d & a) | (!d & b)) + x[j]); - j += 1u; - b = rot(19, b + ((c & d) | (!c & a)) + x[j]); - j += 1u; - } - - let mut j = 0u; - let q = 0x5a827999u32; - while j < 4u { - a = rot(3, a + ((b & c) | ((b & d) | (c & d))) + x[j] + q); - d = rot(5, d + ((a & b) | ((a & c) | (b & c))) + x[j + 4u] + q); - c = rot(9, c + ((d & a) | ((d & b) | (a & b))) + x[j + 8u] + q); - b = rot(13, b + ((c & d) | ((c & a) | (d & a))) + x[j + 12u] + q); - j += 1u; - } - - let mut j = 0u; - let q = 0x6ed9eba1u32; - while j < 8u { - let jj = if j > 2u { j - 3u } else { j }; - a = rot(3, a + (b ^ c ^ d) + x[jj] + q); - d = rot(9, d + (a ^ b ^ c) + x[jj + 8u] + q); - c = rot(11, c + (d ^ a ^ b) + x[jj + 4u] + q); - b = rot(15, b + (c ^ d ^ a) + x[jj + 12u] + q); - j += 2u; - } - - a += aa; b += bb; c += cc; d += dd; - i += 64u; - } - return Quad {a: a, b: b, c: c, d: d}; -} - -/// Calculates the md4 hash of a slice of bytes, returning the hex-encoded -/// version of the hash -pub fn md4_str(msg: &[u8]) -> ~str { - let Quad {a, b, c, d} = md4(msg); - fn app(a: u32, b: u32, c: u32, d: u32, f: &fn(u32)) { - f(a); f(b); f(c); f(d); - } - let mut result = ~""; - do app(a, b, c, d) |u| { - let mut i = 0u32; - while i < 4u32 { - let byte = (u >> (i * 8u32)) as u8; - if byte <= 16u8 { - result.push_char('0') - } - result.push_str((byte as uint).to_str_radix(16u)); - i += 1u32; - } - } - result -} - -/// Calculates the md4 hash of a string, returning the hex-encoded version of -/// the hash -pub fn md4_text(msg: &str) -> ~str { md4_str(msg.as_bytes()) } - -#[test] -fn test_md4() { - assert_eq!(md4_text(""), ~"31d6cfe0d16ae931b73c59d7e0c089c0"); - assert_eq!(md4_text("a"), ~"bde52cb31de33e46245e05fbdbd6fb24"); - assert_eq!(md4_text("abc"), ~"a448017aaf21d8525fc10ae87aa6729d"); - assert!(md4_text("message digest") == - ~"d9130a8164549fe818874806e1c7014b"); - assert!(md4_text("abcdefghijklmnopqrstuvwxyz") == - ~"d79e1c308aa5bbcdeea8ed63df412da9"); - assert!(md4_text( - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz\ - 0123456789") == ~"043f8582f241db351ce627e153e7f0e4"); - assert!(md4_text("1234567890123456789012345678901234567890123456789\ - 0123456789012345678901234567890") == - ~"e33b4ddc9c38f2199c3e7b164fcc0536"); -} From 2d5cb5d99a68d9b603675b1c4284dbe37333332c Mon Sep 17 00:00:00 2001 From: Palmer Cox Date: Sat, 26 Oct 2013 16:49:51 -0400 Subject: [PATCH 7/7] Integrate the code in the digest and cryptoutil modules directly into the sha1 module. --- src/librustpkg/cryptoutil.rs | 271 ----------------------- src/librustpkg/digest.rs | 81 ------- src/librustpkg/rustpkg.rs | 2 - src/librustpkg/sha1.rs | 323 +++++++++++++++++++++++++++- src/librustpkg/workcache_support.rs | 3 +- 5 files changed, 315 insertions(+), 365 deletions(-) delete mode 100644 src/librustpkg/cryptoutil.rs delete mode 100644 src/librustpkg/digest.rs diff --git a/src/librustpkg/cryptoutil.rs b/src/librustpkg/cryptoutil.rs deleted file mode 100644 index 55199b1f2cc76..0000000000000 --- a/src/librustpkg/cryptoutil.rs +++ /dev/null @@ -1,271 +0,0 @@ -// Copyright 2012-2013 The Rust Project Developers. See the COPYRIGHT -// file at the top-level directory of this distribution and at -// http://rust-lang.org/COPYRIGHT. -// -// Licensed under the Apache License, Version 2.0 or the MIT license -// , at your -// option. This file may not be copied, modified, or distributed -// except according to those terms. - -use std::num::{Zero, CheckedAdd}; -use std::vec::bytes::{MutableByteVector, copy_memory}; - - -/// Write a u32 into a vector, which must be 4 bytes long. The value is written in big-endian -/// format. -pub fn write_u32_be(dst: &mut[u8], input: u32) { - use std::cast::transmute; - use std::unstable::intrinsics::to_be32; - assert!(dst.len() == 4); - unsafe { - let x: *mut i32 = transmute(dst.unsafe_mut_ref(0)); - *x = to_be32(input as i32); - } -} - -/// Read a vector of bytes into a vector of u32s. The values are read in big-endian format. -pub fn read_u32v_be(dst: &mut[u32], input: &[u8]) { - use std::cast::transmute; - use std::unstable::intrinsics::to_be32; - assert!(dst.len() * 4 == input.len()); - unsafe { - let mut x: *mut i32 = transmute(dst.unsafe_mut_ref(0)); - let mut y: *i32 = transmute(input.unsafe_ref(0)); - do dst.len().times() { - *x = to_be32(*y); - x = x.offset(1); - y = y.offset(1); - } - } -} - - -trait ToBits { - /// Convert the value in bytes to the number of bits, a tuple where the 1st item is the - /// high-order value and the 2nd item is the low order value. - fn to_bits(self) -> (Self, Self); -} - -impl ToBits for u64 { - fn to_bits(self) -> (u64, u64) { - return (self >> 61, self << 3); - } -} - -/// Adds the specified number of bytes to the bit count. fail!() if this would cause numeric -/// overflow. -pub fn add_bytes_to_bits(bits: T, bytes: T) -> T { - let (new_high_bits, new_low_bits) = bytes.to_bits(); - - if new_high_bits > Zero::zero() { - fail!("Numeric overflow occured.") - } - - match bits.checked_add(&new_low_bits) { - Some(x) => return x, - None => fail!("Numeric overflow occured.") - } -} - - -/// A FixedBuffer, likes its name implies, is a fixed size buffer. When the buffer becomes full, it -/// must be processed. The input() method takes care of processing and then clearing the buffer -/// automatically. However, other methods do not and require the caller to process the buffer. Any -/// method that modifies the buffer directory or provides the caller with bytes that can be modifies -/// results in those bytes being marked as used by the buffer. -pub trait FixedBuffer { - /// Input a vector of bytes. If the buffer becomes full, process it with the provided - /// function and then clear the buffer. - fn input(&mut self, input: &[u8], func: &fn(&[u8])); - - /// Reset the buffer. - fn reset(&mut self); - - /// Zero the buffer up until the specified index. The buffer position currently must not be - /// greater than that index. - fn zero_until(&mut self, idx: uint); - - /// Get a slice of the buffer of the specified size. There must be at least that many bytes - /// remaining in the buffer. - fn next<'s>(&'s mut self, len: uint) -> &'s mut [u8]; - - /// Get the current buffer. The buffer must already be full. This clears the buffer as well. - fn full_buffer<'s>(&'s mut self) -> &'s [u8]; - - /// Get the current position of the buffer. - fn position(&self) -> uint; - - /// Get the number of bytes remaining in the buffer until it is full. - fn remaining(&self) -> uint; - - /// Get the size of the buffer - fn size(&self) -> uint; -} - - -/// A fixed size buffer of 64 bytes useful for cryptographic operations. -pub struct FixedBuffer64 { - priv buffer: [u8, ..64], - priv buffer_idx: uint, -} - -impl FixedBuffer64 { - /// Create a new buffer - pub fn new() -> FixedBuffer64 { - return FixedBuffer64 { - buffer: [0u8, ..64], - buffer_idx: 0 - }; - } -} - -impl FixedBuffer for FixedBuffer64 { - fn input(&mut self, input: &[u8], func: &fn(&[u8])) { - let mut i = 0; - - // FIXME: #6304 - This local variable shouldn't be necessary. - let size = 64; - - // If there is already data in the buffer, copy as much as we can into it and process - // the data if the buffer becomes full. - if self.buffer_idx != 0 { - let buffer_remaining = size - self.buffer_idx; - if input.len() >= buffer_remaining { - copy_memory( - self.buffer.mut_slice(self.buffer_idx, size), - input.slice_to(buffer_remaining), - buffer_remaining); - self.buffer_idx = 0; - func(self.buffer); - i += buffer_remaining; - } else { - copy_memory( - self.buffer.mut_slice(self.buffer_idx, self.buffer_idx + input.len()), - input, - input.len()); - self.buffer_idx += input.len(); - return; - } - } - - // While we have at least a full buffer size chunks's worth of data, process that data - // without copying it into the buffer - while input.len() - i >= size { - func(input.slice(i, i + size)); - i += size; - } - - // Copy any input data into the buffer. At this point in the method, the ammount of - // data left in the input vector will be less than the buffer size and the buffer will - // be empty. - let input_remaining = input.len() - i; - copy_memory( - self.buffer.mut_slice(0, input_remaining), - input.slice_from(i), - input.len() - i); - self.buffer_idx += input_remaining; - } - - fn reset(&mut self) { - self.buffer_idx = 0; - } - - fn zero_until(&mut self, idx: uint) { - assert!(idx >= self.buffer_idx); - self.buffer.mut_slice(self.buffer_idx, idx).set_memory(0); - self.buffer_idx = idx; - } - - fn next<'s>(&'s mut self, len: uint) -> &'s mut [u8] { - self.buffer_idx += len; - return self.buffer.mut_slice(self.buffer_idx - len, self.buffer_idx); - } - - fn full_buffer<'s>(&'s mut self) -> &'s [u8] { - assert!(self.buffer_idx == 64); - self.buffer_idx = 0; - return self.buffer.slice_to(64); - } - - fn position(&self) -> uint { self.buffer_idx } - - fn remaining(&self) -> uint { 64 - self.buffer_idx } - - fn size(&self) -> uint { 64 } -} - - -/// The StandardPadding trait adds a method useful for various hash algorithms to a FixedBuffer -/// struct. -pub trait StandardPadding { - /// Add standard padding to the buffer. The buffer must not be full when this method is called - /// and is guaranteed to have exactly rem remaining bytes when it returns. If there are not at - /// least rem bytes available, the buffer will be zero padded, processed, cleared, and then - /// filled with zeros again until only rem bytes are remaining. - fn standard_padding(&mut self, rem: uint, func: &fn(&[u8])); -} - -impl StandardPadding for T { - fn standard_padding(&mut self, rem: uint, func: &fn(&[u8])) { - let size = self.size(); - - self.next(1)[0] = 128; - - if self.remaining() < rem { - self.zero_until(size); - func(self.full_buffer()); - } - - self.zero_until(size - rem); - } -} - - -#[cfg(test)] -pub mod test { - use std::rand::{IsaacRng, Rng}; - use std::vec; - use extra::hex::FromHex; - - use cryptoutil::add_bytes_to_bits; - use digest::Digest; - - /// Feed 1,000,000 'a's into the digest with varying input sizes and check that the result is - /// correct. - pub fn test_digest_1million_random(digest: &mut D, blocksize: uint, expected: &str) { - let total_size = 1000000; - let buffer = vec::from_elem(blocksize * 2, 'a' as u8); - let mut rng = IsaacRng::new_unseeded(); - let mut count = 0; - - digest.reset(); - - while count < total_size { - let next: uint = rng.gen_range(0, 2 * blocksize + 1); - let remaining = total_size - count; - let size = if next > remaining { remaining } else { next }; - digest.input(buffer.slice_to(size)); - count += size; - } - - let result_str = digest.result_str(); - let result_bytes = digest.result_bytes(); - - assert_eq!(expected, result_str.as_slice()); - assert_eq!(expected.from_hex().unwrap(), result_bytes); - } - - // A normal addition - no overflow occurs - #[test] - fn test_add_bytes_to_bits_ok() { - assert!(add_bytes_to_bits::(100, 10) == 180); - } - - // A simple failure case - adding 1 to the max value - #[test] - #[should_fail] - fn test_add_bytes_to_bits_overflow() { - add_bytes_to_bits::(Bounded::max_value(), 1); - } -} diff --git a/src/librustpkg/digest.rs b/src/librustpkg/digest.rs deleted file mode 100644 index f0dccf7c2e212..0000000000000 --- a/src/librustpkg/digest.rs +++ /dev/null @@ -1,81 +0,0 @@ -// Copyright 2012-2013 The Rust Project Developers. See the COPYRIGHT -// file at the top-level directory of this distribution and at -// http://rust-lang.org/COPYRIGHT. -// -// Licensed under the Apache License, Version 2.0 or the MIT license -// , at your -// option. This file may not be copied, modified, or distributed -// except according to those terms. - -//! Common functionality related to cryptographic digest functions - -use std::vec; - -use extra::hex::ToHex; - - -/** - * The Digest trait specifies an interface common to digest functions, such as SHA-1 and the SHA-2 - * family of digest functions. - */ -pub trait Digest { - /** - * Provide message data. - * - * # Arguments - * - * * input - A vector of message data - */ - fn input(&mut self, input: &[u8]); - - /** - * Retrieve the digest result. This method may be called multiple times. - * - * # Arguments - * - * * out - the vector to hold the result. Must be large enough to contain output_bits(). - */ - fn result(&mut self, out: &mut [u8]); - - /** - * Reset the digest. This method must be called after result() and before supplying more - * data. - */ - fn reset(&mut self); - - /** - * Get the output size in bits. - */ - fn output_bits(&self) -> uint; - - /** - * Convenience function that feeds a string into a digest. - * - * # Arguments - * - * * `input` The string to feed into the digest - */ - fn input_str(&mut self, input: &str) { - self.input(input.as_bytes()); - } - - /** - * Convenience function that retrieves the result of a digest as a - * newly allocated vec of bytes. - */ - fn result_bytes(&mut self) -> ~[u8] { - let mut buf = vec::from_elem((self.output_bits()+7)/8, 0u8); - self.result(buf); - buf - } - - /** - * Convenience function that retrieves the result of a digest as a - * ~str in hexadecimal format. - */ - fn result_str(&mut self) -> ~str { - self.result_bytes().to_hex() - } -} - diff --git a/src/librustpkg/rustpkg.rs b/src/librustpkg/rustpkg.rs index 229eecffbea05..95a2c5b170231 100644 --- a/src/librustpkg/rustpkg.rs +++ b/src/librustpkg/rustpkg.rs @@ -55,8 +55,6 @@ pub mod api; mod conditions; pub mod context; mod crate; -mod cryptoutil; -mod digest; pub mod exit_codes; mod installed_packages; mod messages; diff --git a/src/librustpkg/sha1.rs b/src/librustpkg/sha1.rs index 04efbfffe15ce..d955fd1aa97d0 100644 --- a/src/librustpkg/sha1.rs +++ b/src/librustpkg/sha1.rs @@ -26,10 +26,278 @@ * discouraged. */ +use std::num::Zero; +use std::vec; +use std::vec::bytes::{MutableByteVector, copy_memory}; +use extra::hex::ToHex; + +/// Write a u32 into a vector, which must be 4 bytes long. The value is written in big-endian +/// format. +fn write_u32_be(dst: &mut[u8], input: u32) { + use std::cast::transmute; + use std::unstable::intrinsics::to_be32; + assert!(dst.len() == 4); + unsafe { + let x: *mut i32 = transmute(dst.unsafe_mut_ref(0)); + *x = to_be32(input as i32); + } +} + +/// Read a vector of bytes into a vector of u32s. The values are read in big-endian format. +fn read_u32v_be(dst: &mut[u32], input: &[u8]) { + use std::cast::transmute; + use std::unstable::intrinsics::to_be32; + assert!(dst.len() * 4 == input.len()); + unsafe { + let mut x: *mut i32 = transmute(dst.unsafe_mut_ref(0)); + let mut y: *i32 = transmute(input.unsafe_ref(0)); + do dst.len().times() { + *x = to_be32(*y); + x = x.offset(1); + y = y.offset(1); + } + } +} + +trait ToBits { + /// Convert the value in bytes to the number of bits, a tuple where the 1st item is the + /// high-order value and the 2nd item is the low order value. + fn to_bits(self) -> (Self, Self); +} + +impl ToBits for u64 { + fn to_bits(self) -> (u64, u64) { + return (self >> 61, self << 3); + } +} + +/// Adds the specified number of bytes to the bit count. fail!() if this would cause numeric +/// overflow. +fn add_bytes_to_bits(bits: T, bytes: T) -> T { + let (new_high_bits, new_low_bits) = bytes.to_bits(); + + if new_high_bits > Zero::zero() { + fail!("Numeric overflow occured.") + } + + match bits.checked_add(&new_low_bits) { + Some(x) => return x, + None => fail!("Numeric overflow occured.") + } +} + +/// A FixedBuffer, likes its name implies, is a fixed size buffer. When the buffer becomes full, it +/// must be processed. The input() method takes care of processing and then clearing the buffer +/// automatically. However, other methods do not and require the caller to process the buffer. Any +/// method that modifies the buffer directory or provides the caller with bytes that can be modifies +/// results in those bytes being marked as used by the buffer. +trait FixedBuffer { + /// Input a vector of bytes. If the buffer becomes full, process it with the provided + /// function and then clear the buffer. + fn input(&mut self, input: &[u8], func: &fn(&[u8])); + + /// Reset the buffer. + fn reset(&mut self); + + /// Zero the buffer up until the specified index. The buffer position currently must not be + /// greater than that index. + fn zero_until(&mut self, idx: uint); + + /// Get a slice of the buffer of the specified size. There must be at least that many bytes + /// remaining in the buffer. + fn next<'s>(&'s mut self, len: uint) -> &'s mut [u8]; -use cryptoutil::{write_u32_be, read_u32v_be, add_bytes_to_bits, FixedBuffer, FixedBuffer64, - StandardPadding}; -use digest::Digest; + /// Get the current buffer. The buffer must already be full. This clears the buffer as well. + fn full_buffer<'s>(&'s mut self) -> &'s [u8]; + + /// Get the current position of the buffer. + fn position(&self) -> uint; + + /// Get the number of bytes remaining in the buffer until it is full. + fn remaining(&self) -> uint; + + /// Get the size of the buffer + fn size(&self) -> uint; +} + +/// A fixed size buffer of 64 bytes useful for cryptographic operations. +struct FixedBuffer64 { + priv buffer: [u8, ..64], + priv buffer_idx: uint, +} + +impl FixedBuffer64 { + /// Create a new buffer + fn new() -> FixedBuffer64 { + return FixedBuffer64 { + buffer: [0u8, ..64], + buffer_idx: 0 + }; + } +} + +impl FixedBuffer for FixedBuffer64 { + fn input(&mut self, input: &[u8], func: &fn(&[u8])) { + let mut i = 0; + + let size = 64; + + // If there is already data in the buffer, copy as much as we can into it and process + // the data if the buffer becomes full. + if self.buffer_idx != 0 { + let buffer_remaining = size - self.buffer_idx; + if input.len() >= buffer_remaining { + copy_memory( + self.buffer.mut_slice(self.buffer_idx, size), + input.slice_to(buffer_remaining), + buffer_remaining); + self.buffer_idx = 0; + func(self.buffer); + i += buffer_remaining; + } else { + copy_memory( + self.buffer.mut_slice(self.buffer_idx, self.buffer_idx + input.len()), + input, + input.len()); + self.buffer_idx += input.len(); + return; + } + } + + // While we have at least a full buffer size chunks's worth of data, process that data + // without copying it into the buffer + while input.len() - i >= size { + func(input.slice(i, i + size)); + i += size; + } + + // Copy any input data into the buffer. At this point in the method, the ammount of + // data left in the input vector will be less than the buffer size and the buffer will + // be empty. + let input_remaining = input.len() - i; + copy_memory( + self.buffer.mut_slice(0, input_remaining), + input.slice_from(i), + input.len() - i); + self.buffer_idx += input_remaining; + } + + fn reset(&mut self) { + self.buffer_idx = 0; + } + + fn zero_until(&mut self, idx: uint) { + assert!(idx >= self.buffer_idx); + self.buffer.mut_slice(self.buffer_idx, idx).set_memory(0); + self.buffer_idx = idx; + } + + fn next<'s>(&'s mut self, len: uint) -> &'s mut [u8] { + self.buffer_idx += len; + return self.buffer.mut_slice(self.buffer_idx - len, self.buffer_idx); + } + + fn full_buffer<'s>(&'s mut self) -> &'s [u8] { + assert!(self.buffer_idx == 64); + self.buffer_idx = 0; + return self.buffer.slice_to(64); + } + + fn position(&self) -> uint { self.buffer_idx } + + fn remaining(&self) -> uint { 64 - self.buffer_idx } + + fn size(&self) -> uint { 64 } +} + +/// The StandardPadding trait adds a method useful for various hash algorithms to a FixedBuffer +/// struct. +trait StandardPadding { + /// Add standard padding to the buffer. The buffer must not be full when this method is called + /// and is guaranteed to have exactly rem remaining bytes when it returns. If there are not at + /// least rem bytes available, the buffer will be zero padded, processed, cleared, and then + /// filled with zeros again until only rem bytes are remaining. + fn standard_padding(&mut self, rem: uint, func: &fn(&[u8])); +} + +impl StandardPadding for T { + fn standard_padding(&mut self, rem: uint, func: &fn(&[u8])) { + let size = self.size(); + + self.next(1)[0] = 128; + + if self.remaining() < rem { + self.zero_until(size); + func(self.full_buffer()); + } + + self.zero_until(size - rem); + } +} + +/** + * The Digest trait specifies an interface common to digest functions, such as SHA-1 and the SHA-2 + * family of digest functions. + */ +pub trait Digest { + /** + * Provide message data. + * + * # Arguments + * + * * input - A vector of message data + */ + fn input(&mut self, input: &[u8]); + + /** + * Retrieve the digest result. This method may be called multiple times. + * + * # Arguments + * + * * out - the vector to hold the result. Must be large enough to contain output_bits(). + */ + fn result(&mut self, out: &mut [u8]); + + /** + * Reset the digest. This method must be called after result() and before supplying more + * data. + */ + fn reset(&mut self); + + /** + * Get the output size in bits. + */ + fn output_bits(&self) -> uint; + + /** + * Convenience function that feeds a string into a digest. + * + * # Arguments + * + * * `input` The string to feed into the digest + */ + fn input_str(&mut self, input: &str) { + self.input(input.as_bytes()); + } + + /** + * Convenience function that retrieves the result of a digest as a + * newly allocated vec of bytes. + */ + fn result_bytes(&mut self) -> ~[u8] { + let mut buf = vec::from_elem((self.output_bits()+7)/8, 0u8); + self.result(buf); + buf + } + + /** + * Convenience function that retrieves the result of a digest as a + * ~str in hexadecimal format. + */ + fn result_str(&mut self) -> ~str { + self.result_bytes().to_hex() + } +} /* * A SHA-1 implementation derived from Paul E. Jones's reference @@ -180,9 +448,10 @@ impl Digest for Sha1 { #[cfg(test)] mod tests { - use cryptoutil::test::test_digest_1million_random; - use digest::Digest; - use sha1::Sha1; + use std::rand::{IsaacRng, Rng}; + use std::vec; + use extra::hex::FromHex; + use super::{Digest, Sha1, add_bytes_to_bits}; #[deriving(Clone)] struct Test { @@ -287,6 +556,31 @@ mod tests { } } + /// Feed 1,000,000 'a's into the digest with varying input sizes and check that the result is + /// correct. + fn test_digest_1million_random(digest: &mut D, blocksize: uint, expected: &str) { + let total_size = 1000000; + let buffer = vec::from_elem(blocksize * 2, 'a' as u8); + let mut rng = IsaacRng::new_unseeded(); + let mut count = 0; + + digest.reset(); + + while count < total_size { + let next: uint = rng.gen_range(0, 2 * blocksize + 1); + let remaining = total_size - count; + let size = if next > remaining { remaining } else { next }; + digest.input(buffer.slice_to(size)); + count += size; + } + + let result_str = digest.result_str(); + let result_bytes = digest.result_bytes(); + + assert_eq!(expected, result_str.as_slice()); + assert_eq!(expected.from_hex().unwrap(), result_bytes); + } + #[test] fn test_1million_random_sha1() { let mut sh = Sha1::new(); @@ -295,13 +589,25 @@ mod tests { 64, "34aa973cd4c4daa4f61eeb2bdbad27316534016f"); } + + // A normal addition - no overflow occurs + #[test] + fn test_add_bytes_to_bits_ok() { + assert!(add_bytes_to_bits::(100, 10) == 180); + } + + // A simple failure case - adding 1 to the max value + #[test] + #[should_fail] + fn test_add_bytes_to_bits_overflow() { + add_bytes_to_bits::(Bounded::max_value(), 1); + } } #[cfg(test)] mod bench { use extra::test::BenchHarness; - - use sha1::Sha1; + use super::Sha1; #[bench] pub fn sha1_10(bh: & mut BenchHarness) { @@ -332,5 +638,4 @@ mod bench { } bh.bytes = bytes.len() as u64; } - } diff --git a/src/librustpkg/workcache_support.rs b/src/librustpkg/workcache_support.rs index 1cdaefd592b5c..3adb33ec2f455 100644 --- a/src/librustpkg/workcache_support.rs +++ b/src/librustpkg/workcache_support.rs @@ -12,8 +12,7 @@ use std::rt::io; use std::rt::io::extensions::ReaderUtil; use std::rt::io::file::FileInfo; use extra::workcache; -use sha1::Sha1; -use digest::Digest; +use sha1::{Digest, Sha1}; /// Hashes the file contents along with the last-modified time pub fn digest_file_with_date(path: &Path) -> ~str {