From: Matt Mackall <mpm@selenic.com>
To: Andrew Morton <akpm@osdl.org>, "Theodore Ts'o" <tytso@mit.edu>
Cc: linux-kernel@vger.kernel.org
Subject: [PATCH 4/12] random pt4: Cleanup SHA interface
Date: Fri, 21 Jan 2005 15:41:06 -0600 [thread overview]
Message-ID: <5.314297600@selenic.com> (raw)
In-Reply-To: <4.314297600@selenic.com>
Clean up SHA hash function for moving to lib/
Do proper endian conversion
Provide sha_init function
Add kerneldoc
Signed-off-by: Matt Mackall <mpm@selenic.com>
Index: rnd2/drivers/char/random.c
===================================================================
--- rnd2.orig/drivers/char/random.c 2005-01-20 12:28:27.979725732 -0800
+++ rnd2/drivers/char/random.c 2005-01-20 12:28:34.506893589 -0800
@@ -671,29 +671,6 @@
EXPORT_SYMBOL(add_disk_randomness);
-/******************************************************************
- *
- * Hash function definition
- *
- *******************************************************************/
-
-/*
- * This chunk of code defines a function
- * void sha_transform(__u32 digest[HASH_BUFFER_SIZE + HASH_EXTRA_SIZE],
- * __u32 const data[16])
- *
- * The function hashes the input data to produce a digest in the first
- * HASH_BUFFER_SIZE words of the digest[] array, and uses HASH_EXTRA_SIZE
- * more words for internal purposes. (This buffer is exported so the
- * caller can wipe it once rather than this code doing it each call,
- * and tacking it onto the end of the digest[] array is the quick and
- * dirty way of doing it.)
- *
- * For /dev/random purposes, the length of the data being hashed is
- * fixed in length, so appending a bit count in the usual way is not
- * cryptographically necessary.
- */
-
#define HASH_BUFFER_SIZE 5
#define EXTRACT_SIZE 10
#define HASH_EXTRA_SIZE 80
@@ -717,20 +694,32 @@
#define K3 0x8F1BBCDCL /* Rounds 40-59: sqrt(5) * 2^30 */
#define K4 0xCA62C1D6L /* Rounds 60-79: sqrt(10) * 2^30 */
-static void sha_transform(__u32 digest[85], __u32 const data[16])
+/*
+ * sha_transform: single block SHA1 transform
+ *
+ * @digest: 160 bit digest to update
+ * @data: 512 bytes of data to hash
+ * @W: 80 words of workspace
+ *
+ * This function generates a SHA1 digest for a single. Be warned, it
+ * does not handle padding and message digest, do not confuse it with
+ * the full FIPS 180-1 digest algorithm for variable length messages.
+ */
+static void sha_transform(__u32 digest[5], const char *data, __u32 W[80])
{
- __u32 A, B, C, D, E; /* Local vars */
+ __u32 A, B, C, D, E;
__u32 TEMP;
int i;
-#define W (digest + HASH_BUFFER_SIZE) /* Expanded data array */
+ memset(W, 0, sizeof(W));
+ for (i = 0; i < 16; i++)
+ W[i] = be32_to_cpu(((const __u32 *)data)[i]);
/*
* Do the preliminary expansion of 16 to 80 words. Doing it
* out-of-line line this is faster than doing it in-line on
* register-starved machines like the x86, and not really any
* slower on real processors.
*/
- memcpy(W, data, 16*sizeof(__u32));
for (i = 0; i < 64; i++) {
TEMP = W[i] ^ W[i+2] ^ W[i+8] ^ W[i+13];
W[i+16] = rol32(TEMP, 1);
@@ -768,7 +757,6 @@
digest[4] += E;
/* W is wiped by the caller */
-#undef W
}
#undef f1
@@ -780,6 +768,20 @@
#undef K3
#undef K4
+/*
+ * sha_init: initialize the vectors for a SHA1 digest
+ *
+ * @buf: vector to initialize
+ */
+static void sha_init(__u32 *buf)
+{
+ buf[0] = 0x67452301;
+ buf[1] = 0xefcdab89;
+ buf[2] = 0x98badcfe;
+ buf[3] = 0x10325476;
+ buf[4] = 0xc3d2e1f0;
+}
+
/*********************************************************************
*
* Entropy extraction routines
@@ -870,13 +872,7 @@
int i, x;
__u32 data[16], buf[85];
- /* Hash the pool to get the output */
- buf[0] = 0x67452301;
- buf[1] = 0xefcdab89;
- buf[2] = 0x98badcfe;
- buf[3] = 0x10325476;
- buf[4] = 0xc3d2e1f0;
-
+ sha_init(buf);
/*
* As we hash the pool, we mix intermediate values of
* the hash back into the pool. This eliminates
@@ -886,7 +882,7 @@
* function can be inverted.
*/
for (i = 0, x = 0; i < r->poolinfo->poolwords; i += 16, x+=2) {
- sha_transform(buf, r->pool+i);
+ sha_transform(buf, (__u8 *)r->pool+i, buf + 5);
add_entropy_words(r, &buf[x % 5], 1);
}
@@ -896,7 +892,7 @@
* final time.
*/
__add_entropy_words(r, &buf[x % 5], 1, data);
- sha_transform(buf, data);
+ sha_transform(buf, (__u8 *)data, buf + 5);
/*
* In case the hash function has some recognizable
@@ -1771,7 +1767,7 @@
tmp[0]=saddr;
tmp[1]=daddr;
tmp[2]=(sport << 16) + dport;
- sha_transform(tmp+16, tmp);
+ sha_transform(tmp+16, (__u8 *)tmp, tmp + 16 + 5);
seq = tmp[17] + sseq + (count << COOKIEBITS);
memcpy(tmp + 3, syncookie_secret[1], sizeof(syncookie_secret[1]));
@@ -1779,7 +1775,7 @@
tmp[1]=daddr;
tmp[2]=(sport << 16) + dport;
tmp[3] = count; /* minute counter */
- sha_transform(tmp + 16, tmp);
+ sha_transform(tmp + 16, (__u8 *)tmp, tmp + 16 + 5);
/* Add in the second hash and the data */
return seq + ((tmp[17] + data) & COOKIEMASK);
@@ -1808,7 +1804,7 @@
tmp[0]=saddr;
tmp[1]=daddr;
tmp[2]=(sport << 16) + dport;
- sha_transform(tmp + 16, tmp);
+ sha_transform(tmp + 16, (__u8 *)tmp, tmp + 16 + 5);
cookie -= tmp[17] + sseq;
/* Cookie is now reduced to (count * 2^24) ^ (hash % 2^24) */
next prev parent reply other threads:[~2005-01-21 22:19 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-01-21 21:41 [PATCH 0/12] random pt4: Moving and sharing code Matt Mackall
2005-01-21 21:41 ` [PATCH 1/12] random pt4: Create new rol32/ror32 bitops Matt Mackall
2005-01-21 21:41 ` [PATCH 2/12] random pt4: Use them throughout the tree Matt Mackall
2005-01-21 21:41 ` [PATCH 3/12] random pt4: Kill the SHA variants Matt Mackall
2005-01-21 21:41 ` Matt Mackall [this message]
2005-01-21 21:41 ` [PATCH 5/12] random pt4: Move SHA code to lib/ Matt Mackall
2005-01-21 21:41 ` [PATCH 6/12] random pt4: Replace SHA with faster version Matt Mackall
2005-01-21 21:41 ` [PATCH 7/12] random pt4: Update cryptolib to use SHA fro lib Matt Mackall
2005-01-21 21:41 ` [PATCH 8/12] random pt4: Move halfmd4 to lib Matt Mackall
2005-01-21 21:41 ` [PATCH 9/12] random pt4: Kill duplicate halfmd4 in ext3 htree Matt Mackall
2005-01-21 21:41 ` [PATCH 10/12] random pt4: Simplify and shrink syncookie code Matt Mackall
2005-01-21 21:41 ` [PATCH 11/12] random pt4: Move syncookies to net/ Matt Mackall
2005-01-21 21:41 ` [PATCH 12/12] random pt4: Move other tcp/ip bits " Matt Mackall
2005-01-26 1:33 ` [PATCH 7/12] random pt4: Update cryptolib to use SHA fro lib Lee Revell
2005-01-26 1:42 ` Matt Mackall
2005-01-25 21:07 ` [PATCH 6/12] random pt4: Replace SHA with faster version Denis Vlasenko
2005-01-25 21:14 ` Matt Mackall
2005-01-25 21:31 ` Denis Vlasenko
2005-01-25 21:50 ` [PATCH] SHA1 clarify kerneldoc Matt Mackall
2005-01-27 18:22 ` Bill Davidsen
2005-01-27 19:28 ` Matt Mackall
2005-01-25 20:49 ` [PATCH 4/12] random pt4: Cleanup SHA interface Denis Vlasenko
2005-01-25 21:01 ` Matt Mackall
2005-01-25 21:02 ` [PATCH 1/12] random pt4: Create new rol32/ror32 bitops Denis Vlasenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5.314297600@selenic.com \
--to=mpm@selenic.com \
--cc=akpm@osdl.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.