1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Change third party SHA-3 implementation to use

Browse Source 
Task-number: QTBUG-71327
Change-Id: I14fef2a6f66dfb26f635cc7b6bde2b7cbf733ea7
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
This commit is contained in:
Øystein Heskestad 2022-02-08 15:19:04 +01:00
parent b55f10b2a0
commit 6deded8bc4
2 changed files with 125 additions and 144 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/3rdparty/SHA-3/targetver.h vendored Normal file
View File

@ -0,0 +1,8 @@
#pragma once
// Including SDKDDKVer.h defines the highest available Windows platform.
// If you wish to build your application for a previous Windows platform, include WinSDKVer.h and
// set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h.
#include <SDKDDKVer.h>

261
src/corelib/tools/qcryptographichash.cpp
View File

@ -1,6 +1,6 @@
/****************************************************************************
**
** Copyright (C) 2016 The Qt Company Ltd.
** Copyright (C) 2022 The Qt Company Ltd.
** Copyright (C) 2013 Richard J. Moore <rich@kde.org>.
** Contact: https://www.qt.io/licensing/
**
@ -40,6 +40,7 @@
#include <qcryptographichash.h>
#include <qiodevice.h>
#include <private/qglobal_p.h>
#include "../../3rdparty/sha1/sha1.cpp"
@ -54,44 +55,9 @@
#include "../../3rdparty/md4/md4.h"
#include "../../3rdparty/md4/md4.cpp"
typedef unsigned char BitSequence;
typedef unsigned long long DataLength;
typedef enum { SUCCESS = 0, FAIL = 1, BAD_HASHLEN = 2 } HashReturn;
#ifdef Q_OS_RTEMS
# undef ALIGN
#endif
#include "../../3rdparty/sha3/KeccakSponge.c"
typedef spongeState hashState;
#include "../../3rdparty/sha3/KeccakNISTInterface.c"
/*
This lets us choose between SHA3 implementations at build time.
*/
typedef spongeState SHA3Context;
typedef HashReturn (SHA3Init)(hashState *state, int hashbitlen);
typedef HashReturn (SHA3Update)(hashState *state, const BitSequence *data, DataLength databitlen);
typedef HashReturn (SHA3Final)(hashState *state, BitSequence *hashval);
#if Q_PROCESSOR_WORDSIZE == 8 // 64 bit version
#include "../../3rdparty/sha3/KeccakF-1600-opt64.c"
static SHA3Init * const sha3Init = Init;
static SHA3Update * const sha3Update = Update;
static SHA3Final * const sha3Final = Final;
#else // 32 bit optimised fallback
#include "../../3rdparty/sha3/KeccakF-1600-opt32.c"
static SHA3Init * const sha3Init = Init;
static SHA3Update * const sha3Update = Update;
static SHA3Final * const sha3Final = Final;
#endif
// SHA-3
#include "../../3rdparty/SHA-3/HashFunction.cpp"
#include "../../3rdparty/SHA-3/Keccak.cpp"
// Header from rfc6234
#include "../../3rdparty/rfc6234/sha.h"
@ -195,16 +161,20 @@ public:
explicit QCryptographicHashPrivate(QCryptographicHash::Algorithm method) noexcept
: method(method)
{
reset();
allocate();
}
~QCryptographicHashPrivate() { free(); }
void reset() noexcept
{
free();
allocate();
}
void reset() noexcept;
void addData(QByteArrayView bytes) noexcept;
void finalize() noexcept;
QByteArrayView resultView() const noexcept { return result.toByteArrayView(); }
const QCryptographicHash::Algorithm method;
union {
union Contexts {
Sha1State sha1Context;
#ifndef QT_CRYPTOGRAPHICHASH_ONLY_SHA1
MD5Context md5Context;
@ -213,18 +183,20 @@ public:
SHA256Context sha256Context;
SHA384Context sha384Context;
SHA512Context sha512Context;
SHA3Context sha3Context;
blake2b_state blake2bContext;
blake2s_state blake2sContext;
Keccak keccakContext;
Sha3 sha3Context;
#endif
};
Contexts() { } // Defined because they are
~Contexts() { } // implicitly-deleted
} contexts;
private:
void allocate() noexcept;
void free() noexcept;
#ifndef QT_CRYPTOGRAPHICHASH_ONLY_SHA1
enum class Sha3Variant
{
Sha3,
Keccak
};
void sha3Finish(int bitCount, Sha3Variant sha3Variant);
void digestToResult(KeccakBase &keccak) noexcept;
#endif
class SmallByteArray {
std::array<char, MaxHashLength> m_data;
@ -247,47 +219,6 @@ public:
SmallByteArray result;
};
#ifndef QT_CRYPTOGRAPHICHASH_ONLY_SHA1
void QCryptographicHashPrivate::sha3Finish(int bitCount, Sha3Variant sha3Variant)
{
/*
FIPS 202 §6.1 defines SHA-3 in terms of calculating the Keccak function
over the original message with the two-bit suffix "01" appended to it.
This variable stores that suffix (and it's fed into the calculations
when the hash is returned to users).
Only 2 bits of this variable are actually used (see the call to sha3Update
below). The Keccak implementation we're using will actually use the
*leftmost* 2 bits, and interpret them right-to-left. In other words, the
bits must appear in order of *increasing* significance; and as the two most
significant bits of the byte -- the rightmost 6 are ignored. (Yes, this
seems self-contradictory, but it's the way it is...)
Overall, this means:
* the leftmost two bits must be "10" (not "01"!);
* we don't care what the other six bits are set to (they can be set to
any value), but we arbitrarily set them to 0;
and for an unsigned char this gives us 0b10'00'00'00, or 0x80.
*/
static const unsigned char sha3FinalSuffix = 0x80;
result.resize(bitCount / 8);
SHA3Context copy = sha3Context;
switch (sha3Variant) {
case Sha3Variant::Sha3:
sha3Update(&copy, reinterpret_cast<const BitSequence *>(&sha3FinalSuffix), 2);
break;
case Sha3Variant::Keccak:
break;
}
sha3Final(&copy, reinterpret_cast<BitSequence *>(result.data()));
}
#endif
/*!
\class QCryptographicHash
\inmodule QtCore
@ -367,12 +298,33 @@ void QCryptographicHash::reset() noexcept
d->reset();
}
void QCryptographicHashPrivate::reset() noexcept
void QCryptographicHashPrivate::free() noexcept
{
switch (method) {
#ifndef QT_CRYPTOGRAPHICHASH_ONLY_SHA1
case QCryptographicHash::RealSha3_224:
case QCryptographicHash::RealSha3_256:
case QCryptographicHash::RealSha3_384:
case QCryptographicHash::RealSha3_512:
contexts.sha3Context.~Sha3();
break;
case QCryptographicHash::Keccak_224:
case QCryptographicHash::Keccak_256:
case QCryptographicHash::Keccak_384:
case QCryptographicHash::Keccak_512:
contexts.keccakContext.~Keccak();
#endif
default:
break;
}
}
void QCryptographicHashPrivate::allocate() noexcept
{
switch (method) {
case QCryptographicHash::Sha1:
new (&sha1Context) Sha1State;
sha1InitState(&sha1Context);
new (&contexts.sha1Context) Sha1State;
sha1InitState(&contexts.sha1Context);
break;
#ifdef QT_CRYPTOGRAPHICHASH_ONLY_SHA1
default:
@ -381,53 +333,54 @@ void QCryptographicHashPrivate::reset() noexcept
break;
#else
case QCryptographicHash::Md4:
new (&md4Context) md4_context;
md4_init(&md4Context);
new (&contexts.md4Context) md4_context;
md4_init(&contexts.md4Context);
break;
case QCryptographicHash::Md5:
new (&md5Context) MD5Context;
MD5Init(&md5Context);
new (&contexts.md5Context) MD5Context;
MD5Init(&contexts.md5Context);
break;
case QCryptographicHash::Sha224:
new (&sha224Context) SHA224Context;
SHA224Reset(&sha224Context);
new (&contexts.sha224Context) SHA224Context;
SHA224Reset(&contexts.sha224Context);
break;
case QCryptographicHash::Sha256:
new (&sha256Context) SHA256Context;
SHA256Reset(&sha256Context);
new (&contexts.sha256Context) SHA256Context;
SHA256Reset(&contexts.sha256Context);
break;
case QCryptographicHash::Sha384:
new (&sha384Context) SHA384Context;
SHA384Reset(&sha384Context);
new (&contexts.sha384Context) SHA384Context;
SHA384Reset(&contexts.sha384Context);
break;
case QCryptographicHash::Sha512:
new (&sha512Context) SHA512Context;
SHA512Reset(&sha512Context);
new (&contexts.sha512Context) SHA512Context;
SHA512Reset(&contexts.sha512Context);
break;
case QCryptographicHash::RealSha3_224:
case QCryptographicHash::Keccak_224:
case QCryptographicHash::RealSha3_256:
case QCryptographicHash::Keccak_256:
case QCryptographicHash::RealSha3_384:
case QCryptographicHash::Keccak_384:
case QCryptographicHash::RealSha3_512:
new (&contexts.sha3Context) Sha3(hashLengthInternal(method) * 8);
break;
case QCryptographicHash::Keccak_224:
case QCryptographicHash::Keccak_256:
case QCryptographicHash::Keccak_384:
case QCryptographicHash::Keccak_512:
new (&sha3Context) SHA3Context;
sha3Init(&sha3Context, hashLengthInternal(method) * 8);
new (&contexts.keccakContext) Keccak(hashLengthInternal(method) * 8);
break;
case QCryptographicHash::Blake2b_160:
case QCryptographicHash::Blake2b_256:
case QCryptographicHash::Blake2b_384:
case QCryptographicHash::Blake2b_512:
new (&blake2bContext) blake2b_state;
blake2b_init(&blake2bContext, hashLengthInternal(method));
new (&contexts.blake2bContext) blake2b_state;
blake2b_init(&contexts.blake2bContext, hashLengthInternal(method));
break;
case QCryptographicHash::Blake2s_128:
case QCryptographicHash::Blake2s_160:
case QCryptographicHash::Blake2s_224:
case QCryptographicHash::Blake2s_256:
new (&blake2sContext) blake2s_state;
blake2s_init(&blake2sContext, hashLengthInternal(method));
new (&contexts.blake2sContext) blake2s_state;
blake2s_init(&contexts.blake2sContext, hashLengthInternal(method));
break;
#endif
}
@ -476,7 +429,7 @@ void QCryptographicHashPrivate::addData(QByteArrayView bytes) noexcept
#endif
switch (method) {
case QCryptographicHash::Sha1:
sha1Update(&sha1Context, (const unsigned char *)data, length);
sha1Update(&contexts.sha1Context, (const unsigned char *)data, length);
break;
#ifdef QT_CRYPTOGRAPHICHASH_ONLY_SHA1
default:
@ -485,44 +438,52 @@ void QCryptographicHashPrivate::addData(QByteArrayView bytes) noexcept
break;
#else
case QCryptographicHash::Md4:
md4_update(&md4Context, (const unsigned char *)data, length);
md4_update(&contexts.md4Context, (const unsigned char *)data, length);
break;
case QCryptographicHash::Md5:
MD5Update(&md5Context, (const unsigned char *)data, length);
MD5Update(&contexts.md5Context, (const unsigned char *)data, length);
break;
case QCryptographicHash::Sha224:
SHA224Input(&sha224Context, reinterpret_cast<const unsigned char *>(data), length);
SHA224Input(&contexts.sha224Context, reinterpret_cast<const unsigned char *>(data),
length);
break;
case QCryptographicHash::Sha256:
SHA256Input(&sha256Context, reinterpret_cast<const unsigned char *>(data), length);
SHA256Input(&contexts.sha256Context, reinterpret_cast<const unsigned char *>(data),
length);
break;
case QCryptographicHash::Sha384:
SHA384Input(&sha384Context, reinterpret_cast<const unsigned char *>(data), length);
SHA384Input(&contexts.sha384Context, reinterpret_cast<const unsigned char *>(data),
length);
break;
case QCryptographicHash::Sha512:
SHA512Input(&sha512Context, reinterpret_cast<const unsigned char *>(data), length);
SHA512Input(&contexts.sha512Context, reinterpret_cast<const unsigned char *>(data),
length);
break;
case QCryptographicHash::Keccak_224:
case QCryptographicHash::Keccak_256:
case QCryptographicHash::Keccak_384:
case QCryptographicHash::Keccak_512:
contexts.keccakContext.addData(reinterpret_cast<const uint8_t *>(data), 0, length);
break;
case QCryptographicHash::RealSha3_224:
case QCryptographicHash::Keccak_224:
case QCryptographicHash::RealSha3_256:
case QCryptographicHash::Keccak_256:
case QCryptographicHash::RealSha3_384:
case QCryptographicHash::Keccak_384:
case QCryptographicHash::RealSha3_512:
case QCryptographicHash::Keccak_512:
sha3Update(&sha3Context, reinterpret_cast<const BitSequence *>(data), uint64_t(length) * 8);
contexts.sha3Context.addData(reinterpret_cast<const uint8_t *>(data), 0, length);
break;
case QCryptographicHash::Blake2b_160:
case QCryptographicHash::Blake2b_256:
case QCryptographicHash::Blake2b_384:
case QCryptographicHash::Blake2b_512:
blake2b_update(&blake2bContext, reinterpret_cast<const uint8_t *>(data), length);
blake2b_update(&contexts.blake2bContext, reinterpret_cast<const uint8_t *>(data),
length);
break;
case QCryptographicHash::Blake2s_128:
case QCryptographicHash::Blake2s_160:
case QCryptographicHash::Blake2s_224:
case QCryptographicHash::Blake2s_256:
blake2s_update(&blake2sContext, reinterpret_cast<const uint8_t *>(data), length);
blake2s_update(&contexts.blake2sContext, reinterpret_cast<const uint8_t *>(data),
length);
break;
#endif
}
@ -586,10 +547,10 @@ void QCryptographicHashPrivate::finalize() noexcept
switch (method) {
case QCryptographicHash::Sha1: {
Sha1State copy = sha1Context;
Sha1State copy = contexts.sha1Context;
result.resize(20);
sha1FinalizeState(&copy);
sha1ToHash(&copy, (unsigned char *)result.data());
sha1ToHash(&copy, reinterpret_cast<unsigned char *>(result.data()));
break;
}
#ifdef QT_CRYPTOGRAPHICHASH_ONLY_SHA1
@ -599,37 +560,37 @@ void QCryptographicHashPrivate::finalize() noexcept
break;
#else
case QCryptographicHash::Md4: {
md4_context copy = md4Context;
md4_context copy = contexts.md4Context;
result.resize(MD4_RESULTLEN);
md4_final(&copy, (unsigned char *)result.data());
md4_final(&copy, reinterpret_cast<unsigned char *>(result.data()));
break;
}
case QCryptographicHash::Md5: {
MD5Context copy = md5Context;
MD5Context copy = contexts.md5Context;
result.resize(16);
MD5Final(&copy, (unsigned char *)result.data());
MD5Final(&copy, reinterpret_cast<unsigned char *>(result.data()));
break;
}
case QCryptographicHash::Sha224: {
SHA224Context copy = sha224Context;
SHA224Context copy = contexts.sha224Context;
result.resize(SHA224HashSize);
SHA224Result(&copy, reinterpret_cast<unsigned char *>(result.data()));
break;
}
case QCryptographicHash::Sha256: {
SHA256Context copy = sha256Context;
SHA256Context copy = contexts.sha256Context;
result.resize(SHA256HashSize);
SHA256Result(&copy, reinterpret_cast<unsigned char *>(result.data()));
break;
}
case QCryptographicHash::Sha384: {
SHA384Context copy = sha384Context;
SHA384Context copy = contexts.sha384Context;
result.resize(SHA384HashSize);
SHA384Result(&copy, reinterpret_cast<unsigned char *>(result.data()));
break;
}
case QCryptographicHash::Sha512: {
SHA512Context copy = sha512Context;
SHA512Context copy = contexts.sha512Context;
result.resize(SHA512HashSize);
SHA512Result(&copy, reinterpret_cast<unsigned char *>(result.data()));
break;
@ -638,14 +599,16 @@ void QCryptographicHashPrivate::finalize() noexcept
case QCryptographicHash::RealSha3_256:
case QCryptographicHash::RealSha3_384:
case QCryptographicHash::RealSha3_512: {
sha3Finish(8 * hashLengthInternal(method), Sha3Variant::Sha3);
Sha3 copy = contexts.sha3Context;
digestToResult(copy);
break;
}
case QCryptographicHash::Keccak_224:
case QCryptographicHash::Keccak_256:
case QCryptographicHash::Keccak_384:
case QCryptographicHash::Keccak_512: {
sha3Finish(8 * hashLengthInternal(method), Sha3Variant::Keccak);
Keccak copy = contexts.keccakContext;
digestToResult(copy);
break;
}
case QCryptographicHash::Blake2b_160:
@ -653,7 +616,7 @@ void QCryptographicHashPrivate::finalize() noexcept
case QCryptographicHash::Blake2b_384:
case QCryptographicHash::Blake2b_512: {
const auto length = hashLengthInternal(method);
blake2b_state copy = blake2bContext;
blake2b_state copy = contexts.blake2bContext;
result.resize(length);
blake2b_final(&copy, reinterpret_cast<uint8_t *>(result.data()), length);
break;
@ -663,7 +626,7 @@ void QCryptographicHashPrivate::finalize() noexcept
case QCryptographicHash::Blake2s_224:
case QCryptographicHash::Blake2s_256: {
const auto length = hashLengthInternal(method);
blake2s_state copy = blake2sContext;
blake2s_state copy = contexts.blake2sContext;
result.resize(length);
blake2s_final(&copy, reinterpret_cast<uint8_t *>(result.data()), length);
break;
@ -672,6 +635,16 @@ void QCryptographicHashPrivate::finalize() noexcept
}
}
#ifndef QT_CRYPTOGRAPHICHASH_ONLY_SHA1
void QCryptographicHashPrivate::digestToResult(KeccakBase &keccak) noexcept
{
std::vector<unsigned char> digest = keccak.digest();
result.resize(digest.size());
for (size_t i = 0; i < digest.size(); ++i)
result.data()[i] = static_cast<char>(digest[i]);
}
#endif
/*!
Returns the hash of \a data using \a method.