shadps4-emu/ext-cryptopp
1
0
Fork 0
mirror of https://github.com/shadps4-emu/ext-cryptopp.git synced 2025-02-12 08:11:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix bad SHA::Transform calculation (Issue 455)

Browse Source 
Reworked SHA class internals to align all the implementations. Formerly all hashes were software based, IterHashBase handled endian conversions, IterHashBase repeatedly called the single block SHA{N}::Transform. The rework added SHA{N}::HashMultipleBlocks, and the SHA classes attempt to always use it.

Now SHA{N}::Transform calls into SHA{N}_HashMultipleBlocks, which is a free standing function. An added wrinkle is hardware wants little endian data and software presents big endian data, so HashMultipleBlocks accepts a ByteOrder for the incoming data. Hardware based SHA{N}_HashMultipleBlocks can often perform the endian swap much easier by setting an EPI mask so it was profitable to defer to hardware when available.

The rework also removed the hacked-in pointers to implementations. The class now looks more like AES, GCM, etc.
This commit is contained in:
Jeffrey Walton 2017-08-13 16:05:39 -04:00
parent 863bf9133c
commit 2aff92ddb6
No known key found for this signature in database
GPG Key ID: B36AB348921B1838
5 changed files with 589 additions and 561 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rijndael.cpp
View File

@ -95,7 +95,7 @@ static void Rijndael_Dec_ProcessAndXorBlock_ARMV8(const byte *inBlock, const byt
# define MAYBE_CONST const # define MAYBE_CONST const
#endif #endif
// Clang casts // Clang __m128i casts
#define M128I_CAST(x) ((__m128i *)(void *)(x)) #define M128I_CAST(x) ((__m128i *)(void *)(x))
#define CONST_M128I_CAST(x) ((const __m128i *)(const void *)(x)) #define CONST_M128I_CAST(x) ((const __m128i *)(const void *)(x))

6
seal.cpp
View File

@ -38,12 +38,8 @@ word32 SEAL_Gamma::Apply(word32 i)
word32 shaIndex = i/5; word32 shaIndex = i/5;
if (shaIndex != lastIndex) if (shaIndex != lastIndex)
{ {
#if CRYPTOPP_BOOL_SSE_SHA_INTRINSICS_AVAILABLE
D[0] = ConditionalByteReverse(HasSHA() ? BIG_ENDIAN_ORDER : LITTLE_ENDIAN_ORDER, shaIndex);
#else
D[0] = shaIndex;
#endif
memcpy(Z, H, 20); memcpy(Z, H, 20);
D[0] = shaIndex;
SHA1::Transform(Z, D); SHA1::Transform(Z, D);
lastIndex = shaIndex; lastIndex = shaIndex;
} }

1093
sha.cpp
View File

File diff suppressed because it is too large Load Diff

45
sha.h
View File

@ -38,21 +38,20 @@ public:
//! \param digest the state of the hash //! \param digest the state of the hash
//! \param data the data to be digested //! \param data the data to be digested
//! \details Transform operates the hash on <tt>data</tt>. When the call is invoked //! \details Transform operates the hash on <tt>data</tt>. When the call is invoked
//! <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash or //! <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash
//! updated state. //! or updated state.
//! \details Hashes which derive from IteratedHashWithStaticTransform provide static //! \details Hashes which derive from IteratedHashWithStaticTransform provide static
//! member functions InitState and Transform. External classes, like SEAL and MDC, //! member functions InitState and Transform. External classes, like SEAL and MDC,
//! can initialize state with a user provided key and operate the hash on the data //! can initialize state with a user provided key and operate the hash on the data
//! with the user supplied state. //! with the user supplied state.
//! \note On Intel platforms the state array and data must be 16-byte aligned for SSE2. //! \note On Intel platforms the state array and data must be 16-byte aligned for SSE2.
static void CRYPTOPP_API Transform(word32 *digest, const word32 *data); static void CRYPTOPP_API Transform(HashWordType *digest, const HashWordType *data);
//! \brief The algorithm name //! \brief The algorithm name
//! \returns C-style string "SHA-1" //! \returns C-style string "SHA-1"
CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "SHA-1";} CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "SHA-1";}
#if CRYPTOPP_BOOL_SSE_SHA_INTRINSICS_AVAILABLE protected:
size_t HashMultipleBlocks(const word32 *input, size_t length); size_t HashMultipleBlocks(const HashWordType *input, size_t length);
#endif
}; };
//! \class SHA256 //! \class SHA256
@ -75,21 +74,20 @@ public:
//! \param digest the state of the hash //! \param digest the state of the hash
//! \param data the data to be digested //! \param data the data to be digested
//! \details Transform operates the hash on <tt>data</tt>. When the call is invoked //! \details Transform operates the hash on <tt>data</tt>. When the call is invoked
//! <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash or //! <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash
//! updated state. //! or updated state.
//! \details Hashes which derive from IteratedHashWithStaticTransform provide static //! \details Hashes which derive from IteratedHashWithStaticTransform provide static
//! member functions InitState and Transform. External classes, like SEAL and MDC, //! member functions InitState and Transform. External classes, like SEAL and MDC,
//! can initialize state with a user provided key and operate the hash on the data //! can initialize state with a user provided key and operate the hash on the data
//! with the user supplied state. //! with the user supplied state.
//! \note On Intel platforms the state array and data must be 16-byte aligned for SSE2. //! \note On Intel platforms the state array and data must be 16-byte aligned for SSE2.
static void CRYPTOPP_API Transform(word32 *digest, const word32 *data); static void CRYPTOPP_API Transform(HashWordType *digest, const HashWordType *data);
//! \brief The algorithm name //! \brief The algorithm name
//! \returns C-style string "SHA-256" //! \returns C-style string "SHA-256"
CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "SHA-256";} CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "SHA-256";}
#if (defined(CRYPTOPP_X86_ASM_AVAILABLE) || defined(CRYPTOPP_X32_ASM_AVAILABLE) || defined(CRYPTOPP_X64_MASM_AVAILABLE)) && !defined(CRYPTOPP_DISABLE_SHA_ASM) protected:
size_t HashMultipleBlocks(const word32 *input, size_t length); size_t HashMultipleBlocks(const HashWordType *input, size_t length);
#endif
}; };
//! \class SHA224 //! \class SHA224
@ -112,21 +110,20 @@ public:
//! \param digest the state of the hash //! \param digest the state of the hash
//! \param data the data to be digested //! \param data the data to be digested
//! \details Transform operates the hash on <tt>data</tt>. When the call is invoked //! \details Transform operates the hash on <tt>data</tt>. When the call is invoked
//! <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash or //! <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash
//! updated state. //! or updated state.
//! \details Hashes which derive from IteratedHashWithStaticTransform provide static //! \details Hashes which derive from IteratedHashWithStaticTransform provide static
//! member functions InitState and Transform. External classes, like SEAL and MDC, //! member functions InitState and Transform. External classes, like SEAL and MDC,
//! can initialize state with a user provided key and operate the hash on the data //! can initialize state with a user provided key and operate the hash on the data
//! with the user supplied state. //! with the user supplied state.
//! \note On Intel platforms the state array and data must be 16-byte aligned for SSE2. //! \note On Intel platforms the state array and data must be 16-byte aligned for SSE2.
static void CRYPTOPP_API Transform(word32 *digest, const word32 *data) {SHA256::Transform(digest, data);} static void CRYPTOPP_API Transform(HashWordType *digest, const HashWordType *data) {SHA256::Transform(digest, data);}
//! \brief The algorithm name //! \brief The algorithm name
//! \returns C-style string "SHA-224" //! \returns C-style string "SHA-224"
CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "SHA-224";} CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "SHA-224";}
#if (defined(CRYPTOPP_X86_ASM_AVAILABLE) || defined(CRYPTOPP_X32_ASM_AVAILABLE) || defined(CRYPTOPP_X64_MASM_AVAILABLE)) && !defined(CRYPTOPP_DISABLE_SHA_ASM) protected:
size_t HashMultipleBlocks(const word32 *input, size_t length); size_t HashMultipleBlocks(const HashWordType *input, size_t length);
#endif
}; };
//! \class SHA512 //! \class SHA512
@ -149,14 +146,14 @@ public:
//! \param digest the state of the hash //! \param digest the state of the hash
//! \param data the data to be digested //! \param data the data to be digested
//! \details Transform operates the hash on <tt>data</tt>. When the call is invoked //! \details Transform operates the hash on <tt>data</tt>. When the call is invoked
//! <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash or //! <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash
//! updated state. //! or updated state.
//! \details Hashes which derive from IteratedHashWithStaticTransform provide static //! \details Hashes which derive from IteratedHashWithStaticTransform provide static
//! member functions InitState and Transform. External classes, like SEAL and MDC, //! member functions InitState and Transform. External classes, like SEAL and MDC,
//! can initialize state with a user provided key and operate the hash on the data //! can initialize state with a user provided key and operate the hash on the data
//! with the user supplied state. //! with the user supplied state.
//! \note On Intel platforms the state array and data must be 16-byte aligned for SSE2. //! \note On Intel platforms the state array and data must be 16-byte aligned for SSE2.
static void CRYPTOPP_API Transform(word64 *digest, const word64 *data); static void CRYPTOPP_API Transform(HashWordType *digest, const HashWordType *data);
//! \brief The algorithm name //! \brief The algorithm name
//! \returns C-style string "SHA-512" //! \returns C-style string "SHA-512"
CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "SHA-512";} CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "SHA-512";}
@ -182,14 +179,14 @@ public:
//! \param digest the state of the hash //! \param digest the state of the hash
//! \param data the data to be digested //! \param data the data to be digested
//! \details Transform operates the hash on <tt>data</tt>. When the call is invoked //! \details Transform operates the hash on <tt>data</tt>. When the call is invoked
//! <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash or //! <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash
//! updated state. //! or updated state.
//! \details Hashes which derive from IteratedHashWithStaticTransform provide static //! \details Hashes which derive from IteratedHashWithStaticTransform provide static
//! member functions InitState and Transform. External classes, like SEAL and MDC, //! member functions InitState and Transform. External classes, like SEAL and MDC,
//! can initialize state with a user provided key and operate the hash on the data //! can initialize state with a user provided key and operate the hash on the data
//! with the user supplied state. //! with the user supplied state.
//! \note On Intel platforms the state array and data must be 16-byte aligned for SSE2. //! \note On Intel platforms the state array and data must be 16-byte aligned for SSE2.
static void CRYPTOPP_API Transform(word64 *digest, const word64 *data) {SHA512::Transform(digest, data);} static void CRYPTOPP_API Transform(HashWordType *digest, const HashWordType *data) {SHA512::Transform(digest, data);}
//! \brief The algorithm name //! \brief The algorithm name
//! \returns C-style string "SHA-384" //! \returns C-style string "SHA-384"
CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "SHA-384";} CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "SHA-384";}

4
x64dll.asm
View File

@ -676,7 +676,7 @@ ret
GCM_AuthenticateBlocks_64K ENDP GCM_AuthenticateBlocks_64K ENDP
ALIGN 8 ALIGN 8
X86_SHA256_HashBlocks PROC FRAME SHA256_SSE_HashMultipleBlocks PROC FRAME
rex_push_reg rsi rex_push_reg rsi
push_reg rdi push_reg rdi
push_reg rbx push_reg rbx
@ -1962,7 +1962,7 @@ pop rbx
pop rdi pop rdi
pop rsi pop rsi
ret ret
X86_SHA256_HashBlocks ENDP SHA256_SSE_HashMultipleBlocks ENDP
_TEXT ENDS _TEXT ENDS
END END