[SECNET RFC PATCH 1/5] hash: Put hash state on the caller's stack
Ian Jackson
ijackson at chiark.greenend.org.uk
Sun Sep 29 14:47:17 BST 2019
This makes the code simpler too!
We rename len to slen, to distinguish hlen and slen (to help avoid
bugs where the wrong amount is allocated).
Signed-off-by: Ian Jackson <ijackson at chiark.greenend.org.uk>
---
md5.c | 15 ++++++---------
rsa.c | 9 +++++----
secnet.h | 7 ++++---
sha1.c | 15 ++++++---------
4 files changed, 21 insertions(+), 25 deletions(-)
diff --git a/md5.c b/md5.c
index 738d81a8..caaa5a68 100644
--- a/md5.c
+++ b/md5.c
@@ -238,14 +238,11 @@ MD5Transform(uint32_t buf[4], uint32_t const in[16])
#endif
-static void *md5_init(void)
+static void md5_init(void *sst)
{
- struct MD5Context *ctx;
+ struct MD5Context *ctx=sst;
- NEW(ctx);
MD5Init(ctx);
-
- return ctx;
}
static void md5_update(void *sst, const void *buf, int32_t len)
@@ -260,7 +257,6 @@ static void md5_final(void *sst, uint8_t *digest)
struct MD5Context *ctx=sst;
MD5Final(digest,ctx);
- free(ctx);
}
struct md5 {
@@ -271,7 +267,6 @@ struct md5 {
void md5_module(dict_t *dict)
{
struct md5 *st;
- void *ctx;
cstring_t testinput="12345\n";
uint8_t expected[16]=
{0xd5,0x77,0x27,0x3f,0xf8,0x85,0xc3,0xf8,
@@ -284,14 +279,16 @@ void md5_module(dict_t *dict)
st->cl.type=CL_HASH;
st->cl.apply=NULL;
st->cl.interface=&st->ops;
- st->ops.len=16;
+ st->ops.hlen=16;
+ st->ops.slen=sizeof(struct MD5Context);
st->ops.init=md5_init;
st->ops.update=md5_update;
st->ops.final=md5_final;
dict_add(dict,"md5",new_closure(&st->cl));
- ctx=md5_init();
+ uint8_t ctx[st->ops.slen];
+ md5_init(ctx);
md5_update(ctx,testinput,strlen(testinput));
md5_final(ctx,digest);
for (i=0; i<16; i++) {
diff --git a/rsa.c b/rsa.c
index 81754a73..c87fcb76 100644
--- a/rsa.c
+++ b/rsa.c
@@ -77,7 +77,7 @@ static const char *hexchars="0123456789abcdef";
static void rsa_sethash(struct rsacommon *c, struct hash_if *hash)
{
free(c->hashbuf);
- c->hashbuf=safe_malloc(hash->len, "generate_msg");
+ c->hashbuf=safe_malloc(hash->hlen, "generate_msg");
c->hashi=hash;
}
static void rsa_pub_sethash(void *sst, struct hash_if *hash)
@@ -92,7 +92,8 @@ static void rsa_priv_sethash(void *sst, struct hash_if *hash)
}
static void rsa_hash(struct rsacommon *c, const uint8_t *buf, int32_t len)
{
- void *hst=c->hashi->init();
+ uint8_t hst[c->hashi->slen];
+ c->hashi->init(hst);
c->hashi->update(hst,buf,len);
c->hashi->final(hst,c->hashbuf);
}
@@ -158,7 +159,7 @@ static bool_t rsa_sign(void *sst, uint8_t *data, int32_t datalen,
rsa_hash(&st->common,data,datalen);
/* Construct the message representative. */
- emsa_pkcs1(&st->n, &a, st->common.hashbuf, st->common.hashi->len);
+ emsa_pkcs1(&st->n, &a, st->common.hashbuf, st->common.hashi->hlen);
/*
* Produce an RSA signature (a^d mod n) using the Chinese
@@ -245,7 +246,7 @@ static bool_t rsa_sig_check(void *sst, uint8_t *data, int32_t datalen,
mpz_init(&c);
rsa_hash(&st->common,data,datalen);
- emsa_pkcs1(&st->n, &a, st->common.hashbuf, st->common.hashi->len);
+ emsa_pkcs1(&st->n, &a, st->common.hashbuf, st->common.hashi->hlen);
/* Terminate signature with a '0' - already checked that this will fit */
int save = sig->sigstart[sig->siglen];
diff --git a/secnet.h b/secnet.h
index d2575f17..c6e8f496 100644
--- a/secnet.h
+++ b/secnet.h
@@ -643,11 +643,12 @@ struct dh_if {
/* HASH interface */
-typedef void *hash_init_fn(void);
+typedef void hash_init_fn(void *st /* slen bytes alloc'd by caller */);
typedef void hash_update_fn(void *st, const void *buf, int32_t len);
-typedef void hash_final_fn(void *st, uint8_t *digest);
+typedef void hash_final_fn(void *st, uint8_t *digest /* hlen bytes */);
struct hash_if {
- int32_t len; /* Hash output length in bytes */
+ int32_t slen; /* State length in bytes */
+ int32_t hlen; /* Hash output length in bytes */
hash_init_fn *init;
hash_update_fn *update;
hash_final_fn *final;
diff --git a/sha1.c b/sha1.c
index 4cc63b5c..b11c25a6 100644
--- a/sha1.c
+++ b/sha1.c
@@ -287,14 +287,11 @@ unsigned char finalcount[8];
/*************************************************************/
/* Everything below here is the interface to secnet */
-static void *sha1_init(void)
+static void sha1_init(void *sst)
{
- SHA1_CTX *ctx;
+ SHA1_CTX *ctx=sst;
- NEW(ctx);
SHA1Init(ctx);
-
- return ctx;
}
static void sha1_update(void *sst, const void *buf, int32_t len)
@@ -309,7 +306,6 @@ static void sha1_final(void *sst, uint8_t *digest)
SHA1_CTX *ctx=sst;
SHA1Final(digest,ctx);
- free(ctx);
}
struct sha1 {
@@ -320,7 +316,6 @@ struct sha1 {
void sha1_module(dict_t *dict)
{
struct sha1 *st;
- void *ctx;
cstring_t testinput="abcdbcdecdefdefgefghfghigh"
"ijhijkijkljklmklmnlmnomnopnopq";
uint8_t expected[20]=
@@ -337,14 +332,16 @@ void sha1_module(dict_t *dict)
st->cl.type=CL_HASH;
st->cl.apply=NULL;
st->cl.interface=&st->ops;
- st->ops.len=20;
+ st->ops.hlen=20;
+ st->ops.slen=sizeof(SHA1_CTX);
st->ops.init=sha1_init;
st->ops.update=sha1_update;
st->ops.final=sha1_final;
dict_add(dict,"sha1",new_closure(&st->cl));
- ctx=sha1_init();
+ uint8_t ctx[st->ops.slen];
+ sha1_init(ctx);
sha1_update(ctx,testinput,strlen(testinput));
sha1_final(ctx,digest);
for (i=0; i<20; i++) {
--
2.11.0
More information about the sgo-software-discuss
mailing list