mirror of
https://github.com/git/git
synced 2024-11-05 01:58:18 +00:00
hash.h: scaffolding for _unsafe hashing variants
Git's default SHA-1 implementation is collision-detecting, which hardens us against known SHA-1 attacks against Git objects. This makes Git object writes safer at the expense of some speed when hashing through the collision-detecting implementation, which is slower than non-collision detecting alternatives. Prepare for loading a separate "unsafe" SHA-1 implementation that can be used for non-cryptographic purposes, like computing the checksum of files that use the hashwrite() API. This commit does not actually introduce any new compile-time knobs to control which implementation is used as the unsafe SHA-1 variant, but does add scaffolding so that the "git_hash_algo" structure has five new function pointers which are "unsafe" variants of the five existing hashing-related function pointers: - git_hash_init_fn unsafe_init_fn - git_hash_clone_fn unsafe_clone_fn - git_hash_update_fn unsafe_update_fn - git_hash_final_fn unsafe_final_fn - git_hash_final_oid_fn unsafe_final_oid_fn The following commit will introduce compile-time knobs to specify which SHA-1 implementation is used for non-cryptographic uses. Signed-off-by: Taylor Blau <me@ttaylorr.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Taylor Blau
Junio C Hamano
parent
4c61a1d040
commit
253ed9ecff
2 changed files with 84 additions and 0 deletions
42
hash.h
42
hash.h
|
|
@ -44,14 +44,32 @@
|
|||
#define platform_SHA1_Final SHA1_Final
|
||||
#endif
|
||||
|
||||
#ifndef platform_SHA_CTX_unsafe
|
||||
# define platform_SHA_CTX_unsafe platform_SHA_CTX
|
||||
# define platform_SHA1_Init_unsafe platform_SHA1_Init
|
||||
# define platform_SHA1_Update_unsafe platform_SHA1_Update
|
||||
# define platform_SHA1_Final_unsafe platform_SHA1_Final
|
||||
# ifdef platform_SHA1_Clone
|
||||
# define platform_SHA1_Clone_unsafe platform_SHA1_Clone
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#define git_SHA_CTX platform_SHA_CTX
|
||||
#define git_SHA1_Init platform_SHA1_Init
|
||||
#define git_SHA1_Update platform_SHA1_Update
|
||||
#define git_SHA1_Final platform_SHA1_Final
|
||||
|
||||
#define git_SHA_CTX_unsafe platform_SHA_CTX_unsafe
|
||||
#define git_SHA1_Init_unsafe platform_SHA1_Init_unsafe
|
||||
#define git_SHA1_Update_unsafe platform_SHA1_Update_unsafe
|
||||
#define git_SHA1_Final_unsafe platform_SHA1_Final_unsafe
|
||||
|
||||
#ifdef platform_SHA1_Clone
|
||||
#define git_SHA1_Clone platform_SHA1_Clone
|
||||
#endif
|
||||
#ifdef platform_SHA1_Clone_unsafe
|
||||
# define git_SHA1_Clone_unsafe platform_SHA1_Clone_unsafe
|
||||
#endif
|
||||
|
||||
#ifndef platform_SHA256_CTX
|
||||
#define platform_SHA256_CTX SHA256_CTX
|
||||
|
|
@ -81,6 +99,13 @@ static inline void git_SHA1_Clone(git_SHA_CTX *dst, const git_SHA_CTX *src)
|
|||
memcpy(dst, src, sizeof(*dst));
|
||||
}
|
||||
#endif
|
||||
#ifndef SHA1_NEEDS_CLONE_HELPER_UNSAFE
|
||||
static inline void git_SHA1_Clone_unsafe(git_SHA_CTX_unsafe *dst,
|
||||
const git_SHA_CTX_unsafe *src)
|
||||
{
|
||||
memcpy(dst, src, sizeof(*dst));
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef SHA256_NEEDS_CLONE_HELPER
|
||||
static inline void git_SHA256_Clone(git_SHA256_CTX *dst, const git_SHA256_CTX *src)
|
||||
|
|
@ -178,6 +203,8 @@ enum get_oid_result {
|
|||
/* A suitably aligned type for stack allocations of hash contexts. */
|
||||
union git_hash_ctx {
|
||||
git_SHA_CTX sha1;
|
||||
git_SHA_CTX_unsafe sha1_unsafe;
|
||||
|
||||
git_SHA256_CTX sha256;
|
||||
};
|
||||
typedef union git_hash_ctx git_hash_ctx;
|
||||
|
|
@ -222,6 +249,21 @@ struct git_hash_algo {
|
|||
/* The hash finalization function for object IDs. */
|
||||
git_hash_final_oid_fn final_oid_fn;
|
||||
|
||||
/* The non-cryptographic hash initialization function. */
|
||||
git_hash_init_fn unsafe_init_fn;
|
||||
|
||||
/* The non-cryptographic hash context cloning function. */
|
||||
git_hash_clone_fn unsafe_clone_fn;
|
||||
|
||||
/* The non-cryptographic hash update function. */
|
||||
git_hash_update_fn unsafe_update_fn;
|
||||
|
||||
/* The non-cryptographic hash finalization function. */
|
||||
git_hash_final_fn unsafe_final_fn;
|
||||
|
||||
/* The non-cryptographic hash finalization function. */
|
||||
git_hash_final_oid_fn unsafe_final_oid_fn;
|
||||
|
||||
/* The OID of the empty tree. */
|
||||
const struct object_id *empty_tree;
|
||||
|
||||
|
|
|
|||
|
|
@ -115,6 +115,33 @@ static void git_hash_sha1_final_oid(struct object_id *oid, git_hash_ctx *ctx)
|
|||
oid->algo = GIT_HASH_SHA1;
|
||||
}
|
||||
|
||||
static void git_hash_sha1_init_unsafe(git_hash_ctx *ctx)
|
||||
{
|
||||
git_SHA1_Init_unsafe(&ctx->sha1_unsafe);
|
||||
}
|
||||
|
||||
static void git_hash_sha1_clone_unsafe(git_hash_ctx *dst, const git_hash_ctx *src)
|
||||
{
|
||||
git_SHA1_Clone_unsafe(&dst->sha1_unsafe, &src->sha1_unsafe);
|
||||
}
|
||||
|
||||
static void git_hash_sha1_update_unsafe(git_hash_ctx *ctx, const void *data,
|
||||
size_t len)
|
||||
{
|
||||
git_SHA1_Update_unsafe(&ctx->sha1_unsafe, data, len);
|
||||
}
|
||||
|
||||
static void git_hash_sha1_final_unsafe(unsigned char *hash, git_hash_ctx *ctx)
|
||||
{
|
||||
git_SHA1_Final_unsafe(hash, &ctx->sha1_unsafe);
|
||||
}
|
||||
|
||||
static void git_hash_sha1_final_oid_unsafe(struct object_id *oid, git_hash_ctx *ctx)
|
||||
{
|
||||
git_SHA1_Final_unsafe(oid->hash, &ctx->sha1_unsafe);
|
||||
memset(oid->hash + GIT_SHA1_RAWSZ, 0, GIT_MAX_RAWSZ - GIT_SHA1_RAWSZ);
|
||||
oid->algo = GIT_HASH_SHA1;
|
||||
}
|
||||
|
||||
static void git_hash_sha256_init(git_hash_ctx *ctx)
|
||||
{
|
||||
|
|
@ -189,6 +216,11 @@ const struct git_hash_algo hash_algos[GIT_HASH_NALGOS] = {
|
|||
.update_fn = git_hash_unknown_update,
|
||||
.final_fn = git_hash_unknown_final,
|
||||
.final_oid_fn = git_hash_unknown_final_oid,
|
||||
.unsafe_init_fn = git_hash_unknown_init,
|
||||
.unsafe_clone_fn = git_hash_unknown_clone,
|
||||
.unsafe_update_fn = git_hash_unknown_update,
|
||||
.unsafe_final_fn = git_hash_unknown_final,
|
||||
.unsafe_final_oid_fn = git_hash_unknown_final_oid,
|
||||
.empty_tree = NULL,
|
||||
.empty_blob = NULL,
|
||||
.null_oid = NULL,
|
||||
|
|
@ -204,6 +236,11 @@ const struct git_hash_algo hash_algos[GIT_HASH_NALGOS] = {
|
|||
.update_fn = git_hash_sha1_update,
|
||||
.final_fn = git_hash_sha1_final,
|
||||
.final_oid_fn = git_hash_sha1_final_oid,
|
||||
.unsafe_init_fn = git_hash_sha1_init_unsafe,
|
||||
.unsafe_clone_fn = git_hash_sha1_clone_unsafe,
|
||||
.unsafe_update_fn = git_hash_sha1_update_unsafe,
|
||||
.unsafe_final_fn = git_hash_sha1_final_unsafe,
|
||||
.unsafe_final_oid_fn = git_hash_sha1_final_oid_unsafe,
|
||||
.empty_tree = &empty_tree_oid,
|
||||
.empty_blob = &empty_blob_oid,
|
||||
.null_oid = &null_oid_sha1,
|
||||
|
|
@ -219,6 +256,11 @@ const struct git_hash_algo hash_algos[GIT_HASH_NALGOS] = {
|
|||
.update_fn = git_hash_sha256_update,
|
||||
.final_fn = git_hash_sha256_final,
|
||||
.final_oid_fn = git_hash_sha256_final_oid,
|
||||
.unsafe_init_fn = git_hash_sha256_init,
|
||||
.unsafe_clone_fn = git_hash_sha256_clone,
|
||||
.unsafe_update_fn = git_hash_sha256_update,
|
||||
.unsafe_final_fn = git_hash_sha256_final,
|
||||
.unsafe_final_oid_fn = git_hash_sha256_final_oid,
|
||||
.empty_tree = &empty_tree_oid_sha256,
|
||||
.empty_blob = &empty_blob_oid_sha256,
|
||||
.null_oid = &null_oid_sha256,
|
||||
|
|
|
|||
Loading…
Reference in a new issue