From: "SZEDER Gábor" <szeder.dev@gmail.com>
To: "brian m. carlson" <sandals@crustytoothpaste.net>
Cc: git@vger.kernel.org, "Jeff King" <peff@peff.net>,
"Derrick Stolee" <stolee@gmail.com>,
"Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
Subject: Re: [PATCH v2 10/13] Add a base implementation of SHA-256 support
Date: Wed, 17 Oct 2018 18:12:41 +0200 [thread overview]
Message-ID: <20181017161241.GS19800@szeder.dev> (raw)
In-Reply-To: <20181015021900.1030041-11-sandals@crustytoothpaste.net>
On Mon, Oct 15, 2018 at 02:18:57AM +0000, brian m. carlson wrote:
> diff --git a/sha256/block/sha256.c b/sha256/block/sha256.c
> new file mode 100644
> index 0000000000..18350c161a
> --- /dev/null
> +++ b/sha256/block/sha256.c
> @@ -0,0 +1,180 @@
> +#include "git-compat-util.h"
> +#include "./sha256.h"
> +
> +#define BLKSIZE blk_SHA256_BLKSIZE
> +
> +void blk_SHA256_Init(blk_SHA256_CTX *ctx)
> +{
> + ctx->offset = 0;
> + ctx->length = 0;
> + ctx->state[0] = 0x6A09E667UL;
> + ctx->state[1] = 0xBB67AE85UL;
> + ctx->state[2] = 0x3C6EF372UL;
> + ctx->state[3] = 0xA54FF53AUL;
> + ctx->state[4] = 0x510E527FUL;
> + ctx->state[5] = 0x9B05688CUL;
> + ctx->state[6] = 0x1F83D9ABUL;
> + ctx->state[7] = 0x5BE0CD19UL;
> +}
> +
> +static inline uint32_t ror(uint32_t x, unsigned n)
> +{
> + return (x >> n) | (x << (32 - n));
> +}
> +
> +#define Ch(x,y,z) (z ^ (x & (y ^ z)))
> +#define Maj(x,y,z) (((x | y) & z) | (x & y))
> +#define S(x, n) ror((x),(n))
> +#define R(x, n) ((x)>>(n))
> +#define Sigma0(x) (S(x, 2) ^ S(x, 13) ^ S(x, 22))
> +#define Sigma1(x) (S(x, 6) ^ S(x, 11) ^ S(x, 25))
> +#define Gamma0(x) (S(x, 7) ^ S(x, 18) ^ R(x, 3))
> +#define Gamma1(x) (S(x, 17) ^ S(x, 19) ^ R(x, 10))
[...]
> +#define RND(a,b,c,d,e,f,g,h,i,ki) \
> + t0 = h + Sigma1(e) + Ch(e, f, g) + ki + W[i]; \
> + t1 = Sigma0(a) + Maj(a, b, c); \
> + d += t0; \
> + h = t0 + t1;
> +
> + RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],0,0x428a2f98);
[...]
> +#undef RND
> +
> + for (i = 0; i < 8; i++) {
> + ctx->state[i] = ctx->state[i] + S[i];
> + }
> +}
> +
> +#define MIN(x, y) ((x) < (y) ? (x) : (y))
On macOS there is a MIN macro already defined in the system headers,
resulting in the following error:
CC sha256/block/sha256.o
sha256/block/sha256.c:133:9: error: 'MIN' macro redefined [-Werror,-Wmacro-redefined]
#define MIN(x, y) ((x) < (y) ? (x) : (y))
^
/usr/include/sys/param.h:215:9: note: previous definition is here
#define MIN(a,b) (((a)<(b))?(a):(b))
^
1 error generated.
make: *** [sha256/block/sha256.o] Error 1
A simple "#undef MIN" solves this issue. However, I wonder whether we
should #undef the other #define directives as well, just to be sure
(and perhaps overly cautious).
> +void blk_SHA256_Update(blk_SHA256_CTX *ctx, const void *data, size_t len)
> +{
> + const unsigned char *in = data;
> + size_t n;
> + ctx->length += len;
> + while (len > 0) {
> + if (!ctx->offset && len >= BLKSIZE) {
> + blk_SHA256_Transform(ctx, in);
> + in += BLKSIZE;
> + len -= BLKSIZE;
> + } else {
> + n = MIN(len, (BLKSIZE - ctx->offset));
> + memcpy(ctx->buf + ctx->offset, in, n);
> + ctx->offset += n;
> + in += n;
> + len -= n;
> + if (ctx->offset == BLKSIZE) {
> + blk_SHA256_Transform(ctx, ctx->buf);
> + ctx->offset = 0;
> + }
> + }
> + }
> +}
> +
> +void blk_SHA256_Final(unsigned char *digest, blk_SHA256_CTX *ctx)
> +{
> + const unsigned trip = BLKSIZE - sizeof(ctx->length);
> + int i;
> +
> + ctx->length <<= 3;
> + ctx->buf[ctx->offset++] = 0x80;
> +
> + if (ctx->offset > trip) {
> + memset(ctx->buf + ctx->offset, 0, BLKSIZE - ctx->offset);
> + blk_SHA256_Transform(ctx, ctx->buf);
> + ctx->offset = 0;
> + }
> +
> + memset(ctx->buf + ctx->offset, 0, BLKSIZE - ctx->offset - sizeof(ctx->length));
> +
> + put_be64(ctx->buf + trip, ctx->length);
Some GCC versions (e.g. gcc-4.8 with -O2 -Wall -Werror) complain about
the above line:
CC sha256/block/sha256.o
sha256/block/sha256.c: In function ‘blk_SHA256_Final’:
sha256/block/sha256.c:174:2: error: dereferencing type-punned pointer will break strict-aliasing rules [-Werror=strict-aliasing]
put_be64(ctx->buf + trip, ctx->length);
^
cc1: all warnings being treated as errors
make: *** [sha256/block/sha256.o] Error 1
Something like this makes it compile:
void *ptr = ctx->buf + trip;
put_be64(ptr, ctx->length);
However, it's not immediately obvious to me why the compiler
complains, or why that intermediate void* variable makes any
difference, but now it's not the time to put on my language lawyer
hat.
Perhaps an old compiler bug? Clang in general, newer GCC versions, or
gcc-4.8 with -Wall -Werror but without -O2 don't seem to be affected.
> + blk_SHA256_Transform(ctx, ctx->buf);
> +
> + /* copy output */
> + for (i = 0; i < 8; i++, digest += sizeof(uint32_t))
> + put_be32(digest, ctx->state[i]);
> +}
next prev parent reply other threads:[~2018-10-17 16:12 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-15 2:18 [PATCH v2 00/13] Base SHA-256 implementation brian m. carlson
2018-10-15 2:18 ` [PATCH v2 01/13] sha1-file: rename algorithm to "sha1" brian m. carlson
2018-10-16 15:17 ` Duy Nguyen
2018-10-17 22:53 ` brian m. carlson
2018-10-15 2:18 ` [PATCH v2 02/13] sha1-file: provide functions to look up hash algorithms brian m. carlson
2018-10-17 13:32 ` SZEDER Gábor
2018-10-15 2:18 ` [PATCH v2 03/13] hex: introduce functions to print arbitrary hashes brian m. carlson
2018-10-16 1:54 ` Junio C Hamano
2018-10-17 23:49 ` brian m. carlson
2018-10-15 2:18 ` [PATCH v2 04/13] cache: make hashcmp and hasheq work with larger hashes brian m. carlson
2018-10-16 15:44 ` Duy Nguyen
2018-10-15 2:18 ` [PATCH v2 05/13] t: add basic tests for our SHA-1 implementation brian m. carlson
2018-10-15 2:18 ` [PATCH v2 06/13] t: make the sha1 test-tool helper generic brian m. carlson
2018-10-15 2:18 ` [PATCH v2 07/13] sha1-file: add a constant for hash block size brian m. carlson
2018-10-15 2:18 ` [PATCH v2 08/13] t/helper: add a test helper to compute hash speed brian m. carlson
2018-10-15 2:18 ` [PATCH v2 09/13] commit-graph: convert to using the_hash_algo brian m. carlson
2018-10-15 15:10 ` Derrick Stolee
2018-10-15 2:18 ` [PATCH v2 10/13] Add a base implementation of SHA-256 support brian m. carlson
2018-10-15 14:59 ` Duy Nguyen
2018-10-15 23:30 ` brian m. carlson
2018-10-16 14:59 ` Duy Nguyen
2018-10-17 16:12 ` SZEDER Gábor [this message]
2018-10-17 23:04 ` brian m. carlson
2018-10-15 2:18 ` [PATCH v2 11/13] sha256: add an SHA-256 implementation using libgcrypt brian m. carlson
2018-10-15 2:18 ` [PATCH v2 12/13] hash: add an SHA-256 implementation using OpenSSL brian m. carlson
2018-10-16 15:36 ` Duy Nguyen
2018-10-15 2:19 ` [PATCH v2 13/13] commit-graph: specify OID version for SHA-256 brian m. carlson
2018-10-15 15:11 ` Derrick Stolee
2018-10-16 2:00 ` Junio C Hamano
2018-10-16 22:39 ` brian m. carlson
2018-10-16 15:35 ` Duy Nguyen
2018-10-16 16:01 ` Derrick Stolee
2018-10-16 16:09 ` Duy Nguyen
2018-10-16 22:44 ` brian m. carlson
2018-10-17 14:31 ` Duy Nguyen
2018-10-18 0:06 ` brian m. carlson
2018-10-18 13:03 ` Derrick Stolee
2018-10-19 22:21 ` brian m. carlson
2018-10-17 12:21 ` Derrick Stolee
2018-10-17 22:38 ` brian m. carlson
2018-10-16 2:00 ` [PATCH v2 00/13] Base SHA-256 implementation Junio C Hamano
2018-10-16 4:01 ` Junio C Hamano
2018-10-16 22:45 ` brian m. carlson
2018-10-16 15:39 ` Duy Nguyen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181017161241.GS19800@szeder.dev \
--to=szeder.dev@gmail.com \
--cc=avarab@gmail.com \
--cc=git@vger.kernel.org \
--cc=peff@peff.net \
--cc=sandals@crustytoothpaste.net \
--cc=stolee@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).