From 0873e4230047553c366dff11444d56fe9977b61f Mon Sep 17 00:00:00 2001 From: Jay Berkenbilt Date: Sat, 29 Dec 2012 08:07:46 -0500 Subject: SHA2 pipeline with support for 256, 384, and 512 bits Implemented pipeline around sph sha calls using standard test vectors for full-byte values. Did not test or support partial byte values. --- libqpdf/Pl_SHA2.cc | 164 ++++++++++++++++++++++++++++++++++++++++++++++++ libqpdf/build.mk | 1 + libqpdf/qpdf/Pl_SHA2.hh | 50 +++++++++++++++ libqpdf/sph/sph_sha2.h | 8 +++ 4 files changed, 223 insertions(+) create mode 100644 libqpdf/Pl_SHA2.cc create mode 100644 libqpdf/qpdf/Pl_SHA2.hh (limited to 'libqpdf') diff --git a/libqpdf/Pl_SHA2.cc b/libqpdf/Pl_SHA2.cc new file mode 100644 index 00000000..018f411f --- /dev/null +++ b/libqpdf/Pl_SHA2.cc @@ -0,0 +1,164 @@ +#include +#include +#include +#include + +Pl_SHA2::Pl_SHA2(int bits, Pipeline* next) : + Pipeline("sha2", next), + in_progress(false), + bits(0) +{ + if (bits) + { + resetBits(bits); + } +} + +Pl_SHA2::~Pl_SHA2() +{ +} + +void +Pl_SHA2::badBits() +{ + throw std::logic_error("Pl_SHA2 has unexpected value for bits"); +} + +void +Pl_SHA2::write(unsigned char* buf, size_t len) +{ + if (! this->in_progress) + { + switch (bits) + { + case 256: + sph_sha256_init(&this->ctx256); + break; + case 384: + sph_sha384_init(&this->ctx384); + break; + case 512: + sph_sha512_init(&this->ctx512); + break; + default: + badBits(); + break; + } + this->in_progress = true; + } + + // Write in chunks in case len is too big to fit in an int. + // Assume int is at least 32 bits. + static size_t const max_bytes = 1 << 30; + size_t bytes_left = len; + unsigned char* data = buf; + while (bytes_left > 0) + { + size_t bytes = (bytes_left >= max_bytes ? max_bytes : bytes_left); + switch (bits) + { + case 256: + sph_sha256(&this->ctx256, data, bytes); + break; + case 384: + sph_sha384(&this->ctx384, data, bytes); + break; + case 512: + sph_sha512(&this->ctx512, data, bytes); + break; + default: + badBits(); + break; + } + bytes_left -= bytes; + data += bytes; + } + + if (this->getNext(true)) + { + this->getNext()->write(buf, len); + } +} + +void +Pl_SHA2::finish() +{ + if (this->getNext(true)) + { + this->getNext()->finish(); + } + switch (bits) + { + case 256: + sph_sha256_close(&this->ctx256, sha256sum); + break; + case 384: + sph_sha384_close(&this->ctx384, sha384sum); + break; + case 512: + sph_sha512_close(&this->ctx512, sha512sum); + break; + default: + badBits(); + break; + } + this->in_progress = false; +} + +void +Pl_SHA2::resetBits(int bits) +{ + if (this->in_progress) + { + throw std::logic_error( + "bit reset requested for in-progress SHA2 Pipeline"); + } + if (! ((bits == 256) || (bits == 384) || (bits == 512))) + { + throw std::logic_error("Pl_SHA2 called with bits != 256, 384, or 512"); + } + this->bits = bits; +} + +std::string +Pl_SHA2::getRawDigest() +{ + std::string result; + switch (bits) + { + case 256: + result = std::string((char*)this->sha256sum, sizeof(this->sha256sum)); + break; + case 384: + result = std::string((char*)this->sha384sum, sizeof(this->sha384sum)); + break; + case 512: + result = std::string((char*)this->sha512sum, sizeof(this->sha512sum)); + break; + default: + badBits(); + break; + } + return result; +} + +std::string +Pl_SHA2::getHexDigest() +{ + if (this->in_progress) + { + throw std::logic_error( + "digest requested for in-progress SHA2 Pipeline"); + } + std::string raw = getRawDigest(); + size_t raw_size = raw.length(); + size_t hex_size = 1 + (2 * raw_size); + PointerHolder bufp(true, new char[hex_size]); + char* buf = bufp.getPointer(); + buf[hex_size - 1] = '\0'; + for (unsigned int i = 0; i < raw_size; ++i) + { + std::sprintf(buf + i * 2, "%02x", (unsigned char)raw[i]); + } + return buf; +} diff --git a/libqpdf/build.mk b/libqpdf/build.mk index 4e0311b0..4fc4e078 100644 --- a/libqpdf/build.mk +++ b/libqpdf/build.mk @@ -28,6 +28,7 @@ SRCS_libqpdf = \ libqpdf/Pl_PNGFilter.cc \ libqpdf/Pl_QPDFTokenizer.cc \ libqpdf/Pl_RC4.cc \ + libqpdf/Pl_SHA2.cc \ libqpdf/Pl_StdioFile.cc \ libqpdf/QPDF.cc \ libqpdf/QPDFExc.cc \ diff --git a/libqpdf/qpdf/Pl_SHA2.hh b/libqpdf/qpdf/Pl_SHA2.hh new file mode 100644 index 00000000..8ff4723a --- /dev/null +++ b/libqpdf/qpdf/Pl_SHA2.hh @@ -0,0 +1,50 @@ +#ifndef __PL_SHA2_HH__ +#define __PL_SHA2_HH__ + +// Bits must be a supported number of bits, currently only 256, 384, +// or 512. Passing 0 as bits leaves the pipeline uncommitted, in +// which case resetBits must be called before the pipeline is used. +// If a next is provided, this pipeline sends its output to its +// successor unmodified. After calling finish, the SHA2 checksum of +// the data that passed through the pipeline is available. + +// This pipeline is reusable; i.e., it is safe to call write() after +// calling finish(). The first call to write() after a call to +// finish() initializes a new SHA2 object. resetBits may also be +// called between finish and the next call to write. + +#include +#include + +class Pl_SHA2: public Pipeline +{ + public: + QPDF_DLL + Pl_SHA2(int bits = 0, Pipeline* next = 0); + QPDF_DLL + virtual ~Pl_SHA2(); + QPDF_DLL + virtual void write(unsigned char*, size_t); + QPDF_DLL + virtual void finish(); + QPDF_DLL + void resetBits(int bits); + QPDF_DLL + std::string getHexDigest(); + QPDF_DLL + std::string getRawDigest(); + + private: + void badBits(); + + bool in_progress; + int bits; + sph_sha256_context ctx256; + sph_sha384_context ctx384; + sph_sha512_context ctx512; + unsigned char sha256sum[32]; + unsigned char sha384sum[48]; + unsigned char sha512sum[64]; +}; + +#endif // __PL_SHA2_HH__ diff --git a/libqpdf/sph/sph_sha2.h b/libqpdf/sph/sph_sha2.h index d5bda731..4bff9cd8 100644 --- a/libqpdf/sph/sph_sha2.h +++ b/libqpdf/sph/sph_sha2.h @@ -40,6 +40,10 @@ #ifndef SPH_SHA2_H__ #define SPH_SHA2_H__ +#ifdef __cplusplus +extern "C" { +#endif + #include #include "sph_types.h" @@ -367,4 +371,8 @@ void sph_sha512_comp(const sph_u64 msg[16], sph_u64 val[8]); #endif +#ifdef __cplusplus +} +#endif + #endif -- cgit v1.2.3-54-g00ecf