SHA2 pipeline with support for 256, 384, and 512 bits

Implemented pipeline around sph sha calls using standard test vectors for full-byte values. Did not test or support partial byte values.
2012-12-29 08:07:46 -05:00 · 2012-12-29 08:07:46 -05:00 · 0873e42300
parent c9da66a018
commit 0873e42300
8 changed files with 321 additions and 1 deletions
--- a/libqpdf/Pl_SHA2.cc
+++ b/libqpdf/Pl_SHA2.cc
@ -0,0 +1,164 @@
+#include <qpdf/Pl_SHA2.hh>
+#include <stdexcept>
+#include <cstdio>
+#include <qpdf/PointerHolder.hh>
+
+Pl_SHA2::Pl_SHA2(int bits, Pipeline* next) :
+    Pipeline("sha2", next),
+    in_progress(false),
+    bits(0)
+{
+    if (bits)
+    {
+        resetBits(bits);
+    }
+}
+
+Pl_SHA2::~Pl_SHA2()
+{
+}
+
+void
+Pl_SHA2::badBits()
+{
+    throw std::logic_error("Pl_SHA2 has unexpected value for bits");
+}
+
+void
+Pl_SHA2::write(unsigned char* buf, size_t len)
+{
+    if (! this->in_progress)
+    {
+        switch (bits)
+        {
+          case 256:
+            sph_sha256_init(&this->ctx256);
+            break;
+          case 384:
+            sph_sha384_init(&this->ctx384);
+            break;
+          case 512:
+            sph_sha512_init(&this->ctx512);
+            break;
+          default:
+            badBits();
+            break;
+        }
+	this->in_progress = true;
+    }
+
+    // Write in chunks in case len is too big to fit in an int.
+    // Assume int is at least 32 bits.
+    static size_t const max_bytes = 1 << 30;
+    size_t bytes_left = len;
+    unsigned char* data = buf;
+    while (bytes_left > 0)
+    {
+	size_t bytes = (bytes_left >= max_bytes ? max_bytes : bytes_left);
+        switch (bits)
+        {
+          case 256:
+            sph_sha256(&this->ctx256, data, bytes);
+            break;
+          case 384:
+            sph_sha384(&this->ctx384, data, bytes);
+            break;
+          case 512:
+            sph_sha512(&this->ctx512, data, bytes);
+            break;
+          default:
+            badBits();
+            break;
+        }
+	bytes_left -= bytes;
+        data += bytes;
+    }
+
+    if (this->getNext(true))
+    {
+        this->getNext()->write(buf, len);
+    }
+}
+
+void
+Pl_SHA2::finish()
+{
+    if (this->getNext(true))
+    {
+        this->getNext()->finish();
+    }
+    switch (bits)
+    {
+      case 256:
+        sph_sha256_close(&this->ctx256, sha256sum);
+        break;
+      case 384:
+        sph_sha384_close(&this->ctx384, sha384sum);
+        break;
+      case 512:
+        sph_sha512_close(&this->ctx512, sha512sum);
+        break;
+      default:
+        badBits();
+        break;
+    }
+    this->in_progress = false;
+}
+
+void
+Pl_SHA2::resetBits(int bits)
+{
+    if (this->in_progress)
+    {
+	throw std::logic_error(
+	    "bit reset requested for in-progress SHA2 Pipeline");
+    }
+    if (! ((bits == 256) || (bits == 384) || (bits == 512)))
+    {
+	throw std::logic_error("Pl_SHA2 called with bits != 256, 384, or 512");
+    }
+    this->bits = bits;
+}
+
+std::string
+Pl_SHA2::getRawDigest()
+{
+    std::string result;
+    switch (bits)
+    {
+      case 256:
+        result = std::string((char*)this->sha256sum, sizeof(this->sha256sum));
+        break;
+      case 384:
+        result = std::string((char*)this->sha384sum, sizeof(this->sha384sum));
+        break;
+      case 512:
+        result = std::string((char*)this->sha512sum, sizeof(this->sha512sum));
+        break;
+      default:
+        badBits();
+        break;
+    }
+    return result;
+}
+
+std::string
+Pl_SHA2::getHexDigest()
+{
+    if (this->in_progress)
+    {
+	throw std::logic_error(
+	    "digest requested for in-progress SHA2 Pipeline");
+    }
+    std::string raw = getRawDigest();
+    size_t raw_size = raw.length();
+    size_t hex_size = 1 + (2 * raw_size);
+    PointerHolder<char> bufp(true, new char[hex_size]);
+    char* buf = bufp.getPointer();
+    buf[hex_size - 1] = '\0';
+    for (unsigned int i = 0; i < raw_size; ++i)
+    {
+        std::sprintf(buf + i * 2, "%02x", (unsigned char)raw[i]);
+    }
+    return buf;
+}
--- a/libqpdf/build.mk
+++ b/libqpdf/build.mk
@ -28,6 +28,7 @@ SRCS_libqpdf = \
 	libqpdf/Pl_PNGFilter.cc \
 	libqpdf/Pl_QPDFTokenizer.cc \
 	libqpdf/Pl_RC4.cc \
+	libqpdf/Pl_SHA2.cc \
 	libqpdf/Pl_StdioFile.cc \
 	libqpdf/QPDF.cc \
 	libqpdf/QPDFExc.cc \
--- a/libqpdf/qpdf/Pl_SHA2.hh
+++ b/libqpdf/qpdf/Pl_SHA2.hh
@ -0,0 +1,50 @@
+#ifndef __PL_SHA2_HH__
+#define __PL_SHA2_HH__
+
+// Bits must be a supported number of bits, currently only 256, 384,
+// or 512.  Passing 0 as bits leaves the pipeline uncommitted, in
+// which case resetBits must be called before the pipeline is used.
+// If a next is provided, this pipeline sends its output to its
+// successor unmodified.  After calling finish, the SHA2 checksum of
+// the data that passed through the pipeline is available.
+
+// This pipeline is reusable; i.e., it is safe to call write() after
+// calling finish().  The first call to write() after a call to
+// finish() initializes a new SHA2 object.  resetBits may also be
+// called between finish and the next call to write.
+
+#include <qpdf/Pipeline.hh>
+#include <sph/sph_sha2.h>
+
+class Pl_SHA2: public Pipeline
+{
+  public:
+    QPDF_DLL
+    Pl_SHA2(int bits = 0, Pipeline* next = 0);
+    QPDF_DLL
+    virtual ~Pl_SHA2();
+    QPDF_DLL
+    virtual void write(unsigned char*, size_t);
+    QPDF_DLL
+    virtual void finish();
+    QPDF_DLL
+    void resetBits(int bits);
+    QPDF_DLL
+    std::string getHexDigest();
+    QPDF_DLL
+    std::string getRawDigest();
+
+  private:
+    void badBits();
+
+    bool in_progress;
+    int bits;
+    sph_sha256_context ctx256;
+    sph_sha384_context ctx384;
+    sph_sha512_context ctx512;
+    unsigned char sha256sum[32];
+    unsigned char sha384sum[48];
+    unsigned char sha512sum[64];
+};
+
+#endif // __PL_SHA2_HH__
--- a/libqpdf/sph/sph_sha2.h
+++ b/libqpdf/sph/sph_sha2.h
@ -40,6 +40,10 @@
 #ifndef SPH_SHA2_H__
 #define SPH_SHA2_H__

+#ifdef __cplusplus
+extern "C" {
+#endif
+
 #include <stddef.h>
 #include "sph_types.h"

@ -367,4 +371,8 @@ void sph_sha512_comp(const sph_u64 msg[16], sph_u64 val[8]);

 #endif

+#ifdef __cplusplus
+}
+#endif
+
 #endif
--- a/libtests/build.mk
+++ b/libtests/build.mk
@ -12,7 +12,8 @@ BINS_libtests = \
 	png_filter \
 	pointer_holder \
 	qutil \
-	rc4
+	rc4 \
+	sha2

 TARGETS_libtests = $(foreach B,$(BINS_libtests),libtests/$(OUTPUT_DIR)/$(call binname,$(B)))

--- a/libtests/qtest/sha2.test
+++ b/libtests/qtest/sha2.test
@ -0,0 +1,18 @@
+#!/usr/bin/env perl
+require 5.008;
+BEGIN { $^W = 1; }
+use strict;
+
+chdir("sha2") or die "chdir testdir failed: $!\n";
+
+require TestDriver;
+
+my $td = new TestDriver('sha2');
+
+$td->runtest("sha2",
+	     {$td->COMMAND => "sha2"},
+	     {$td->FILE => "sha2.out",
+	      $td->EXIT_STATUS => 0},
+	     $td->NORMALIZE_NEWLINES);
+
+$td->report(1);
--- a/libtests/qtest/sha2/sha2.out
+++ b/libtests/qtest/sha2/sha2.out
@ -0,0 +1,9 @@
+256 short: passed
+256 long: passed
+256 million: passed
+384 short: passed
+384 long: passed
+384 million: passed
+512 short: passed
+512 long: passed
+512 million: passed
--- a/libtests/sha2.cc
+++ b/libtests/sha2.cc
@ -0,0 +1,69 @@
+#include <qpdf/Pl_SHA2.hh>
+#include <iostream>
+#include <stdlib.h>
+#include <string.h>
+#include <qpdf/QUtil.hh>
+
+static void test(Pl_SHA2& sha2, char const* description, int bits,
+                 char const* input, std::string const& output)
+{
+    sha2.resetBits(bits);
+    sha2.write((unsigned char*) input, strlen(input));
+    sha2.finish();
+    std::cout << description << ": ";
+    if (output == sha2.getHexDigest())
+    {
+        std::cout << "passed\n";
+    }
+    else
+    {
+        std::cout << "failed\n"
+                  << "  expected: " << output << "\n"
+                  << "  actual:   " << sha2.getHexDigest() << "\n";
+    }
+}
+
+int main( int argc, char *argv[] )
+{
+    Pl_SHA2 sha2;
+    char million_a[1000001];
+    memset(million_a, 'a', 1000000);
+    million_a[1000000] = '\0';
+    test(sha2, "256 short", 256,
+         "abc",
+         "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad");
+    test(sha2, "256 long", 256,
+         "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+         "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1");
+    test(sha2, "256 million", 256,
+         million_a,
+         "cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0");
+    test(sha2, "384 short", 384,
+         "abc",
+         "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded163"
+         "1a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7");
+    test(sha2, "384 long", 384,
+         "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
+         "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
+         "09330c33f71147e83d192fc782cd1b4753111b173b3b05d2"
+         "2fa08086e3b0f712fcc7c71a557e2db966c3e9fa91746039");
+    test(sha2, "384 million", 384,
+         million_a,
+         "9d0e1809716474cb086e834e310a4a1ced149e9c00f24852"
+         "7972cec5704c2a5b07b8b3dc38ecc4ebae97ddd87f3d8985");
+    test(sha2, "512 short", 512,
+         "abc",
+         "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a"
+         "2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f");
+    test(sha2, "512 long", 512,
+         "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
+         "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
+         "8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018"
+         "501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909");
+    test(sha2, "512 million", 512,
+         million_a,
+         "e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973eb"
+         "de0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b");
+
+    return 0;
+}