From 00d7406fe26bbcbad2945a0b4e3666dd991daac4 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Sat, 17 Aug 2013 09:37:27 +0200 Subject: Slightly improve the SHA256 API --- src/protocol_ec25519_fhmqvc.c | 74 ++++++++++++++++++++----------------------- src/sha256.c | 14 ++++---- src/sha256.h | 10 ++++-- 3 files changed, 49 insertions(+), 49 deletions(-) diff --git a/src/protocol_ec25519_fhmqvc.c b/src/protocol_ec25519_fhmqvc.c index 6f8b3b5..f96e8c4 100644 --- a/src/protocol_ec25519_fhmqvc.c +++ b/src/protocol_ec25519_fhmqvc.c @@ -36,14 +36,11 @@ #define PUBLICKEYBYTES 32 #define SECRETKEYBYTES 32 -#define HMACWORDS FASTD_SHA256_HASH_WORDS -#define HMACBYTES FASTD_SHA256_HASH_BYTES -#define HASHWORDS FASTD_SHA256_HASH_WORDS #define HASHBYTES FASTD_SHA256_HASH_BYTES -#if HASHWORDS != FASTD_HMACSHA256_KEY_WORDS -#error bug: HASHWORDS != FASTD_HMACSHA256_KEY_WORDS +#if HASHBYTES != FASTD_HMACSHA256_KEY_BYTES +#error bug: HASHBYTES != FASTD_HMACSHA256_KEY_BYTES #endif #if HASHBYTES != SECRETKEYBYTES @@ -279,10 +276,8 @@ static void respond_handshake(fastd_context_t *ctx, const fastd_socket_t *sock, const handshake_key_t *handshake_key, const ecc_int256_t *peer_handshake_key, const fastd_handshake_t *handshake, const fastd_method_t *method) { pr_debug(ctx, "responding handshake with %P[%I]...", peer, remote_addr); - uint32_t hashbuf[HASHWORDS]; - uint32_t hmacbuf[HMACWORDS]; - - fastd_sha256_blocks(hashbuf, + fastd_sha256_t hashbuf; + fastd_sha256_blocks(&hashbuf, handshake_key->public_key.p, peer_handshake_key->p, ctx->conf->protocol_config->public_key.p, @@ -291,8 +286,8 @@ static void respond_handshake(fastd_context_t *ctx, const fastd_socket_t *sock, ecc_int256_t d = {{0}}, e = {{0}}, eb, s; - memcpy(d.p, hashbuf, HASHBYTES/2); - memcpy(e.p, hashbuf+HASHWORDS/2, HASHBYTES/2); + memcpy(d.p, hashbuf.b, HASHBYTES/2); + memcpy(e.p, hashbuf.b+HASHBYTES/2, HASHBYTES/2); d.p[15] |= 0x80; e.p[15] |= 0x80; @@ -321,8 +316,8 @@ static void respond_handshake(fastd_context_t *ctx, const fastd_socket_t *sock, ecc_int256_t sigma; ecc_25519_store_packed(&sigma, &work); - uint32_t shared_handshake_key[HASHWORDS]; - fastd_sha256_blocks(shared_handshake_key, + fastd_sha256_t shared_handshake_key; + fastd_sha256_blocks(&shared_handshake_key, handshake_key->public_key.p, peer_handshake_key->p, ctx->conf->protocol_config->public_key.p, @@ -330,15 +325,16 @@ static void respond_handshake(fastd_context_t *ctx, const fastd_socket_t *sock, sigma.p, NULL); - fastd_hmacsha256_blocks(hmacbuf, shared_handshake_key, ctx->conf->protocol_config->public_key.p, handshake_key->public_key.p, NULL); + fastd_sha256_t hmacbuf; + fastd_hmacsha256_blocks(&hmacbuf, shared_handshake_key.w, ctx->conf->protocol_config->public_key.p, handshake_key->public_key.p, NULL); - fastd_buffer_t buffer = fastd_handshake_new_reply(ctx, handshake, method, 4*(4+PUBLICKEYBYTES) + 4+HMACBYTES); + fastd_buffer_t buffer = fastd_handshake_new_reply(ctx, handshake, method, 4*(4+PUBLICKEYBYTES) + 4+HASHBYTES); fastd_handshake_add(ctx, &buffer, RECORD_SENDER_KEY, PUBLICKEYBYTES, ctx->conf->protocol_config->public_key.p); fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_KEY, PUBLICKEYBYTES, peer->protocol_config->public_key.p); fastd_handshake_add(ctx, &buffer, RECORD_SENDER_HANDSHAKE_KEY, PUBLICKEYBYTES, handshake_key->public_key.p); fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_HANDSHAKE_KEY, PUBLICKEYBYTES, peer_handshake_key->p); - fastd_handshake_add(ctx, &buffer, RECORD_T, HMACBYTES, hmacbuf); + fastd_handshake_add(ctx, &buffer, RECORD_T, HASHBYTES, hmacbuf.b); fastd_send_handshake(ctx, sock, local_addr, remote_addr, buffer); } @@ -370,14 +366,14 @@ static bool establish(fastd_context_t *ctx, fastd_peer_t *peer, const fastd_meth peer->protocol_state->old_session = (protocol_session_t){}; } - uint32_t hash[HASHWORDS]; - fastd_sha256_blocks(hash, X->p, Y->p, A->p, B->p, sigma->p, NULL); + fastd_sha256_t hash; + fastd_sha256_blocks(&hash, X->p, Y->p, A->p, B->p, sigma->p, NULL); peer->protocol_state->session.established = ctx->now; peer->protocol_state->session.handshakes_cleaned = false; peer->protocol_state->session.refreshing = false; peer->protocol_state->session.method = method; - peer->protocol_state->session.method_state = method->session_init(ctx, (uint8_t*)hash, HASHBYTES, initiator); + peer->protocol_state->session.method_state = method->session_init(ctx, hash.b, HASHBYTES, initiator); peer->protocol_state->last_serial = serial; fastd_peer_seen(ctx, peer); @@ -404,10 +400,8 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f const fastd_handshake_t *handshake, const fastd_method_t *method) { pr_debug(ctx, "finishing handshake with %P[%I]...", peer, remote_addr); - uint32_t hashbuf[HASHWORDS]; - uint32_t hmacbuf[HMACWORDS]; - - fastd_sha256_blocks(hashbuf, + fastd_sha256_t hashbuf; + fastd_sha256_blocks(&hashbuf, peer_handshake_key->p, handshake_key->public_key.p, peer->protocol_config->public_key.p, @@ -416,8 +410,8 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f ecc_int256_t d = {{0}}, e = {{0}}, da, s; - memcpy(d.p, hashbuf, HASHBYTES/2); - memcpy(e.p, hashbuf+HASHWORDS/2, HASHBYTES/2); + memcpy(d.p, hashbuf.b, HASHBYTES/2); + memcpy(e.p, hashbuf.b+HASHBYTES/2, HASHBYTES/2); d.p[15] |= 0x80; e.p[15] |= 0x80; @@ -446,8 +440,8 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f ecc_int256_t sigma; ecc_25519_store_packed(&sigma, &work); - uint32_t shared_handshake_key[HASHWORDS]; - fastd_sha256_blocks(shared_handshake_key, + fastd_sha256_t shared_handshake_key; + fastd_sha256_blocks(&shared_handshake_key, peer_handshake_key->p, handshake_key->public_key.p, peer->protocol_config->public_key.p, @@ -455,24 +449,25 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f sigma.p, NULL); - if(!fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, shared_handshake_key, peer->protocol_config->public_key.p, peer_handshake_key->p, NULL)) { + if(!fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, shared_handshake_key.w, peer->protocol_config->public_key.p, peer_handshake_key->p, NULL)) { pr_warn(ctx, "received invalid protocol handshake response from %P[%I]", peer, remote_addr); return; } - fastd_hmacsha256_blocks(hmacbuf, shared_handshake_key, ctx->conf->protocol_config->public_key.p, handshake_key->public_key.p, NULL); + fastd_sha256_t hmacbuf; + fastd_hmacsha256_blocks(&hmacbuf, shared_handshake_key.w, ctx->conf->protocol_config->public_key.p, handshake_key->public_key.p, NULL); if (!establish(ctx, peer, method, sock, local_addr, remote_addr, true, &handshake_key->public_key, peer_handshake_key, &ctx->conf->protocol_config->public_key, &peer->protocol_config->public_key, &sigma, handshake_key->serial)) return; - fastd_buffer_t buffer = fastd_handshake_new_reply(ctx, handshake, method, 4*(4+PUBLICKEYBYTES) + 4+HMACBYTES); + fastd_buffer_t buffer = fastd_handshake_new_reply(ctx, handshake, method, 4*(4+PUBLICKEYBYTES) + 4+HASHBYTES); fastd_handshake_add(ctx, &buffer, RECORD_SENDER_KEY, PUBLICKEYBYTES, ctx->conf->protocol_config->public_key.p); fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_KEY, PUBLICKEYBYTES, peer->protocol_config->public_key.p); fastd_handshake_add(ctx, &buffer, RECORD_SENDER_HANDSHAKE_KEY, PUBLICKEYBYTES, handshake_key->public_key.p); fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_HANDSHAKE_KEY, PUBLICKEYBYTES, peer_handshake_key->p); - fastd_handshake_add(ctx, &buffer, RECORD_T, HMACBYTES, hmacbuf); + fastd_handshake_add(ctx, &buffer, RECORD_T, HASHBYTES, hmacbuf.b); fastd_send_handshake(ctx, sock, local_addr, remote_addr, buffer); } @@ -482,9 +477,8 @@ static void handle_finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const fastd_handshake_t *handshake, const fastd_method_t *method) { pr_debug(ctx, "handling handshake finish with %P[%I]...", peer, remote_addr); - uint32_t hashbuf[HASHWORDS]; - - fastd_sha256_blocks(hashbuf, + fastd_sha256_t hashbuf; + fastd_sha256_blocks(&hashbuf, handshake_key->public_key.p, peer_handshake_key->p, ctx->conf->protocol_config->public_key.p, @@ -493,8 +487,8 @@ static void handle_finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, ecc_int256_t d = {{0}}, e = {{0}}, eb, s; - memcpy(d.p, hashbuf, HASHBYTES/2); - memcpy(e.p, hashbuf+HASHWORDS/2, HASHBYTES/2); + memcpy(d.p, hashbuf.b, HASHBYTES/2); + memcpy(e.p, hashbuf.b+HASHBYTES/2, HASHBYTES/2); d.p[15] |= 0x80; e.p[15] |= 0x80; @@ -523,8 +517,8 @@ static void handle_finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, ecc_int256_t sigma; ecc_25519_store_packed(&sigma, &work); - uint32_t shared_handshake_key[HASHWORDS]; - fastd_sha256_blocks(shared_handshake_key, + fastd_sha256_t shared_handshake_key; + fastd_sha256_blocks(&shared_handshake_key, handshake_key->public_key.p, peer_handshake_key->p, ctx->conf->protocol_config->public_key.p, @@ -532,7 +526,7 @@ static void handle_finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, sigma.p, NULL); - if (!fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, shared_handshake_key, peer->protocol_config->public_key.p, peer_handshake_key->p, NULL)) { + if (!fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, shared_handshake_key.w, peer->protocol_config->public_key.p, peer_handshake_key->p, NULL)) { pr_warn(ctx, "received invalid protocol handshake finish from %P[%I]", peer, remote_addr); return; } @@ -699,7 +693,7 @@ static void protocol_handshake_handle(fastd_context_t *ctx, fastd_socket_t *sock return; } - if (handshake->type > 1 && !has_field(handshake, RECORD_T, HMACBYTES)) { + if (handshake->type > 1 && !has_field(handshake, RECORD_T, HASHBYTES)) { pr_debug(ctx, "received handshake reply without HMAC from %P[%I]", peer, remote_addr); return; } diff --git a/src/sha256.c b/src/sha256.c index 4722272..61faae7 100644 --- a/src/sha256.c +++ b/src/sha256.c @@ -133,7 +133,7 @@ static void sha256_blocks_va(uint32_t out[FASTD_SHA256_HASH_WORDS], const uint32 out[i] = htonl(h[i]); } -static void hmacsha256_blocks_va(uint32_t out[FASTD_SHA256_HASH_WORDS], const uint32_t key[FASTD_HMACSHA256_KEY_WORDS], va_list ap) { +static void hmacsha256_blocks_va(fastd_sha256_t *out, const uint32_t key[FASTD_HMACSHA256_KEY_WORDS], va_list ap) { static const uint32_t ipad2[8] = { 0x36363636, 0x36363636, @@ -170,17 +170,17 @@ static void hmacsha256_blocks_va(uint32_t out[FASTD_SHA256_HASH_WORDS], const ui } -void fastd_sha256_blocks(uint32_t out[FASTD_SHA256_HASH_WORDS], ...) { +void fastd_sha256_blocks(fastd_sha256_t *out, ...) { va_list ap; va_start(ap, out); const uint32_t *in1 = va_arg(ap, const uint32_t*); const uint32_t *in2 = in1 ? va_arg(ap, const uint32_t*) : NULL; - sha256_blocks_va(out, in1, in2, ap); + sha256_blocks_va(out->w, in1, in2, ap); va_end(ap); } -void fastd_hmacsha256_blocks(uint32_t out[FASTD_SHA256_HASH_WORDS], const uint32_t key[FASTD_HMACSHA256_KEY_WORDS], ...) { +void fastd_hmacsha256_blocks(fastd_sha256_t *out, const uint32_t key[FASTD_HMACSHA256_KEY_WORDS], ...) { va_list ap; va_start(ap, key); @@ -190,11 +190,11 @@ void fastd_hmacsha256_blocks(uint32_t out[FASTD_SHA256_HASH_WORDS], const uint32 bool fastd_hmacsha256_blocks_verify(const uint8_t mac[FASTD_SHA256_HASH_BYTES], const uint32_t key[FASTD_HMACSHA256_KEY_WORDS], ...) { va_list ap; - uint32_t out[8]; + fastd_sha256_t out; va_start(ap, key); - hmacsha256_blocks_va(out, key, ap); + hmacsha256_blocks_va(&out, key, ap); va_end(ap); - return !memcmp(out, mac, sizeof(out)); + return !memcmp(out.b, mac, FASTD_SHA256_HASH_BYTES); } diff --git a/src/sha256.h b/src/sha256.h index acafe7e..7f29593 100644 --- a/src/sha256.h +++ b/src/sha256.h @@ -42,8 +42,14 @@ #define FASTD_HMACSHA256_KEY_BYTES (4*FASTD_HMACSHA256_KEY_WORDS) -void fastd_sha256_blocks(uint32_t out[FASTD_SHA256_HASH_WORDS], ...); -void fastd_hmacsha256_blocks(uint32_t out[FASTD_SHA256_HASH_WORDS], const uint32_t key[FASTD_HMACSHA256_KEY_WORDS], ...); +typedef union fastd_sha256 { + uint32_t w[FASTD_SHA256_HASH_WORDS]; + uint8_t b[FASTD_SHA256_HASH_BYTES]; +} fastd_sha256_t; + + +void fastd_sha256_blocks(fastd_sha256_t *out, ...); +void fastd_hmacsha256_blocks(fastd_sha256_t *out, const uint32_t key[FASTD_HMACSHA256_KEY_WORDS], ...); bool fastd_hmacsha256_blocks_verify(const uint8_t mac[FASTD_SHA256_HASH_BYTES], const uint32_t key[FASTD_HMACSHA256_KEY_WORDS], ...); #endif /* _FASTD_SHA256_H_ */ -- cgit v1.2.3