SHA2 pipeline with support for 256, 384, and 512 bits

Implemented pipeline around sph sha calls using standard test vectors for full-byte values. Did not test or support partial byte values.
author: Jay Berkenbilt <ejb@ql.org> 2012-12-29 14:07:46 +0100
committer: Jay Berkenbilt <ejb@ql.org> 2012-12-31 11:36:51 +0100
commit: 0873e4230047553c366dff11444d56fe9977b61f (patch)
tree: 39b67f8ecfd255cb01f07ce434763be8c936b006 /libqpdf
parent: c9da66a018b6381eadfa3570d511b2a2341ebae8 (diff)
download: qpdf-0873e4230047553c366dff11444d56fe9977b61f.tar.zst
4 files changed, 223 insertions, 0 deletions
diff --git a/libqpdf/Pl_SHA2.cc b/libqpdf/Pl_SHA2.cc
new file mode 100644
index 00000000..018f411f
--- /dev/null
+++ b/libqpdf/Pl_SHA2.cc
@@ -0,0 +1,164 @@
+#include <qpdf/Pl_SHA2.hh>
+#include <stdexcept>
+#include <cstdio>
+#include <qpdf/PointerHolder.hh>
+
+Pl_SHA2::Pl_SHA2(int bits, Pipeline* next) :
+    Pipeline("sha2", next),
+    in_progress(false),
+    bits(0)
+{
+    if (bits)
+    {
+        resetBits(bits);
+    }
+}
+
+Pl_SHA2::~Pl_SHA2()
+{
+}
+
+void
+Pl_SHA2::badBits()
+{
+    throw std::logic_error("Pl_SHA2 has unexpected value for bits");
+}
+
+void
+Pl_SHA2::write(unsigned char* buf, size_t len)
+{
+    if (! this->in_progress)
+    {
+        switch (bits)
+        {
+          case 256:
+            sph_sha256_init(&this->ctx256);
+            break;
+          case 384:
+            sph_sha384_init(&this->ctx384);
+            break;
+          case 512:
+            sph_sha512_init(&this->ctx512);
+            break;
+          default:
+            badBits();
+            break;
+        }
+	this->in_progress = true;
+    }
+
+    // Write in chunks in case len is too big to fit in an int.
+    // Assume int is at least 32 bits.
+    static size_t const max_bytes = 1 << 30;
+    size_t bytes_left = len;
+    unsigned char* data = buf;
+    while (bytes_left > 0)
+    {
+	size_t bytes = (bytes_left >= max_bytes ? max_bytes : bytes_left);
+        switch (bits)
+        {
+          case 256:
+            sph_sha256(&this->ctx256, data, bytes);
+            break;
+          case 384:
+            sph_sha384(&this->ctx384, data, bytes);
+            break;
+          case 512:
+            sph_sha512(&this->ctx512, data, bytes);
+            break;
+          default:
+            badBits();
+            break;
+        }
+	bytes_left -= bytes;
+        data += bytes;
+    }
+
+    if (this->getNext(true))
+    {
+        this->getNext()->write(buf, len);
+    }
+}
+
+void
+Pl_SHA2::finish()
+{
+    if (this->getNext(true))
+    {
+        this->getNext()->finish();
+    }
+    switch (bits)
+    {
+      case 256:
+        sph_sha256_close(&this->ctx256, sha256sum);
+        break;
+      case 384:
+        sph_sha384_close(&this->ctx384, sha384sum);
+        break;
+      case 512:
+        sph_sha512_close(&this->ctx512, sha512sum);
+        break;
+      default:
+        badBits();
+        break;
+    }
+    this->in_progress = false;
+}
+
+void
+Pl_SHA2::resetBits(int bits)
+{
+    if (this->in_progress)
+    {
+	throw std::logic_error(
+	    "bit reset requested for in-progress SHA2 Pipeline");
+    }
+    if (! ((bits == 256) || (bits == 384) || (bits == 512)))
+    {
+	throw std::logic_error("Pl_SHA2 called with bits != 256, 384, or 512");
+    }
+    this->bits = bits;
+}
+
+std::string
+Pl_SHA2::getRawDigest()
+{
+    std::string result;
+    switch (bits)
+    {
+      case 256:
+        result = std::string((char*)this->sha256sum, sizeof(this->sha256sum));
+        break;
+      case 384:
+        result = std::string((char*)this->sha384sum, sizeof(this->sha384sum));
+        break;
+      case 512:
+        result = std::string((char*)this->sha512sum, sizeof(this->sha512sum));
+        break;
+      default:
+        badBits();
+        break;
+    }
+    return result;
+}
+
+std::string
+Pl_SHA2::getHexDigest()
+{
+    if (this->in_progress)
+    {
+	throw std::logic_error(
+	    "digest requested for in-progress SHA2 Pipeline");
+    }
+    std::string raw = getRawDigest();
+    size_t raw_size = raw.length();
+    size_t hex_size = 1 + (2 * raw_size);
+    PointerHolder<char> bufp(true, new char[hex_size]);
+    char* buf = bufp.getPointer();
+    buf[hex_size - 1] = '\0';
+    for (unsigned int i = 0; i < raw_size; ++i)
+    {
+        std::sprintf(buf + i * 2, "%02x", (unsigned char)raw[i]);
+    }
+    return buf;
+}
diff --git a/libqpdf/build.mk b/libqpdf/build.mk
index 4e0311b0..4fc4e078 100644
--- a/libqpdf/build.mk
+++ b/libqpdf/build.mk
@@ -28,6 +28,7 @@ SRCS_libqpdf = \
 	libqpdf/Pl_PNGFilter.cc \
 	libqpdf/Pl_QPDFTokenizer.cc \
 	libqpdf/Pl_RC4.cc \
+	libqpdf/Pl_SHA2.cc \
 	libqpdf/Pl_StdioFile.cc \
 	libqpdf/QPDF.cc \
 	libqpdf/QPDFExc.cc \
diff --git a/libqpdf/qpdf/Pl_SHA2.hh b/libqpdf/qpdf/Pl_SHA2.hh
new file mode 100644
index 00000000..8ff4723a
--- /dev/null
+++ b/libqpdf/qpdf/Pl_SHA2.hh
@@ -0,0 +1,50 @@
+#ifndef __PL_SHA2_HH__
+#define __PL_SHA2_HH__
+
+// Bits must be a supported number of bits, currently only 256, 384,
+// or 512.  Passing 0 as bits leaves the pipeline uncommitted, in
+// which case resetBits must be called before the pipeline is used.
+// If a next is provided, this pipeline sends its output to its
+// successor unmodified.  After calling finish, the SHA2 checksum of
+// the data that passed through the pipeline is available.
+
+// This pipeline is reusable; i.e., it is safe to call write() after
+// calling finish().  The first call to write() after a call to
+// finish() initializes a new SHA2 object.  resetBits may also be
+// called between finish and the next call to write.
+
+#include <qpdf/Pipeline.hh>
+#include <sph/sph_sha2.h>
+
+class Pl_SHA2: public Pipeline
+{
+  public:
+    QPDF_DLL
+    Pl_SHA2(int bits = 0, Pipeline* next = 0);
+    QPDF_DLL
+    virtual ~Pl_SHA2();
+    QPDF_DLL
+    virtual void write(unsigned char*, size_t);
+    QPDF_DLL
+    virtual void finish();
+    QPDF_DLL
+    void resetBits(int bits);
+    QPDF_DLL
+    std::string getHexDigest();
+    QPDF_DLL
+    std::string getRawDigest();
+
+  private:
+    void badBits();
+
+    bool in_progress;
+    int bits;
+    sph_sha256_context ctx256;
+    sph_sha384_context ctx384;
+    sph_sha512_context ctx512;
+    unsigned char sha256sum[32];
+    unsigned char sha384sum[48];
+    unsigned char sha512sum[64];
+};
+
+#endif // __PL_SHA2_HH__
diff --git a/libqpdf/sph/sph_sha2.h b/libqpdf/sph/sph_sha2.h
index d5bda731..4bff9cd8 100644
--- a/libqpdf/sph/sph_sha2.h
+++ b/libqpdf/sph/sph_sha2.h
@@ -40,6 +40,10 @@
 #ifndef SPH_SHA2_H__
 #define SPH_SHA2_H__
 
+#ifdef __cplusplus
+extern "C" {
+#endif
+
 #include <stddef.h>
 #include "sph_types.h"
 
@@ -367,4 +371,8 @@ void sph_sha512_comp(const sph_u64 msg[16], sph_u64 val[8]);
 
 #endif
 
+#ifdef __cplusplus
+}
+#endif
+
 #endif
author	Jay Berkenbilt <ejb@ql.org>	2012-12-29 14:07:46 +0100
committer	Jay Berkenbilt <ejb@ql.org>	2012-12-31 11:36:51 +0100
commit	0873e4230047553c366dff11444d56fe9977b61f (patch)
tree	39b67f8ecfd255cb01f07ce434763be8c936b006 /libqpdf
parent	c9da66a018b6381eadfa3570d511b2a2341ebae8 (diff)
download	qpdf-0873e4230047553c366dff11444d56fe9977b61f.tar.zst