sha256: Move 'bytes' to the end of sha256_ctx and make it a size_t

The code already assigns to/from bytes as a size_t, so make it official (and better on platforms with a 32 bit size_t). Moving bytes makes it act as a canary in the event that there is a rogue write/off by one somewhere - since it ends up in the hash we are more likely to detect this should we corrupt it. This also makes the working buffer better aligned which can't hurt. Also, initialise the buffer to zero while we are changing the initialisation macro anyway. It costs little compared to the hashing overhead, should be optimised away if redundant in most cases, and it removes a warning from both gcc and clang about unititialised struct members. Signed-off-by: Jon Griffiths <jon_p_griffiths@yahoo.com>

sha256: Move 'bytes' to the end of sha256_ctx and make it a size_t
The code already assigns to/from bytes as a size_t, so make it official (and better on platforms with a 32 bit size_t). Moving bytes makes it act as a canary in the event that there is a rogue write/off by one somewhere - since it ends up in the hash we are more likely to detect this should we corrupt it. This also makes the working buffer better aligned which can't hurt. Also, initialise the buffer to zero while we are changing the initialisation macro anyway. It costs little compared to the hashing overhead, should be optimised away if redundant in most cases, and it removes a warning from both gcc and clang about unititialised struct members. Signed-off-by: Jon Griffiths <jon_p_griffiths@yahoo.com>
fe21b246 · Jon Griffiths · 1968f4d4 · fe21b246 · fe21b246 · fe21b246
Commit fe21b246 authored Mar 23, 2016 by Jon Griffiths
Showing with 8 additions and 7 deletions

ccan/crypto/sha256/sha256.c ccan/crypto/sha256/sha256.c +3 -3

ccan/crypto/sha256/sha256.h ccan/crypto/sha256/sha256.h +3 -2

ccan/crypto/sha256/test/run-33-bit-test.c ccan/crypto/sha256/test/run-33-bit-test.c +2 -2

No files found.
--- a/ccan/crypto/sha256/sha256.c
+++ b/ccan/crypto/sha256/sha256.c
@@ -18,7 +18,7 @@ static void invalidate_sha256(struct sha256_ctx *ctx)
 #ifdef CCAN_CRYPTO_SHA256_USE_OPENSSL
 	ctx->c.md_len = 0;
 #else
-	ctx->bytes = -1ULL;
+	ctx->bytes = (size_t)-1;
 #endif
 }

@@ -27,7 +27,7 @@ static void check_sha256(struct sha256_ctx *ctx UNUSED)
 #ifdef CCAN_CRYPTO_SHA256_USE_OPENSSL
 	assert(ctx->c.md_len != 0);
 #else
-	assert(ctx->bytes != -1ULL);
+	assert(ctx->bytes != (size_t)-1);
 #endif
 }

@@ -229,7 +229,7 @@ void sha256_done(struct sha256_ctx *ctx, struct sha256 *res)
 	uint64_t sizedesc;
 	size_t i;

-	sizedesc = cpu_to_be64(ctx->bytes << 3);
+	sizedesc = cpu_to_be64((uint64_t)ctx->bytes << 3);
 	/* Add '1' bit to terminate, then all 0 bits, up to next block - 8. */
 	add(ctx, pad, 1 + ((119 - (ctx->bytes % 64)) % 64));
 	/* Add number of bits of data (big endian) */

--- a/ccan/crypto/sha256/sha256.h
+++ b/ccan/crypto/sha256/sha256.h
@@ -45,11 +45,11 @@ struct sha256_ctx {
 	SHA256_CTX c;
 #else
 	uint32_t s[8];
-	uint64_t bytes;
 	union {
 		uint32_t u32[16];
 		unsigned char u8[64];
 	} buf;
+	size_t bytes;
 #endif
 };

@@ -104,7 +104,8 @@ void sha256_init(struct sha256_ctx *ctx);
 #else
 #define SHA256_INIT							\
 	{ { 0x6a09e667ul, 0xbb67ae85ul, 0x3c6ef372ul, 0xa54ff53aul,	\
-	    0x510e527ful, 0x9b05688cul, 0x1f83d9abul, 0x5be0cd19ul }, 0 }
+	    0x510e527ful, 0x9b05688cul, 0x1f83d9abul, 0x5be0cd19ul },	\
+	  { { 0 } }, 0 }
 #endif

 /**

--- a/ccan/crypto/sha256/test/run-33-bit-test.c
+++ b/ccan/crypto/sha256/test/run-33-bit-test.c
@@ -30,9 +30,9 @@ static const struct sha256_ctx after_16M_by_64 = {
 	  LE32_TO_CPU(0xd407a8fc), LE32_TO_CPU(0x1fad409b),
 	  LE32_TO_CPU(0x51fa46cc), LE32_TO_CPU(0xea528ae5),
 	  LE32_TO_CPU(0x5fa58ebb), LE32_TO_CPU(0x8be97931) },
-	1073741824,
 	{ .u32 = { 0x64636261, 0x68676665, 0x65646362, 0x69686766,
-		   0x66656463, 0x6a696867, 0x67666564, 0x6b6a6968 } }
+		   0x66656463, 0x6a696867, 0x67666564, 0x6b6a6968 } },
+	1073741824
 #endif
 };