diff options
| -rw-r--r-- | src/3rdparty/SHA-3/targetver.h | 8 | ||||
| -rw-r--r-- | src/corelib/tools/qcryptographichash.cpp | 261 |
2 files changed, 125 insertions, 144 deletions
diff --git a/src/3rdparty/SHA-3/targetver.h b/src/3rdparty/SHA-3/targetver.h new file mode 100644 index 0000000000..87c0086de7 --- /dev/null +++ b/src/3rdparty/SHA-3/targetver.h @@ -0,0 +1,8 @@ +#pragma once + +// Including SDKDDKVer.h defines the highest available Windows platform. + +// If you wish to build your application for a previous Windows platform, include WinSDKVer.h and +// set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h. + +#include <SDKDDKVer.h> diff --git a/src/corelib/tools/qcryptographichash.cpp b/src/corelib/tools/qcryptographichash.cpp index e1f15d2b93..b7edb6e514 100644 --- a/src/corelib/tools/qcryptographichash.cpp +++ b/src/corelib/tools/qcryptographichash.cpp @@ -1,6 +1,6 @@ /**************************************************************************** ** -** Copyright (C) 2016 The Qt Company Ltd. +** Copyright (C) 2022 The Qt Company Ltd. ** Copyright (C) 2013 Richard J. Moore <rich@kde.org>. ** Contact: https://www.qt.io/licensing/ ** @@ -40,6 +40,7 @@ #include <qcryptographichash.h> #include <qiodevice.h> +#include <private/qglobal_p.h> #include "../../3rdparty/sha1/sha1.cpp" @@ -54,44 +55,9 @@ #include "../../3rdparty/md4/md4.h" #include "../../3rdparty/md4/md4.cpp" -typedef unsigned char BitSequence; -typedef unsigned long long DataLength; -typedef enum { SUCCESS = 0, FAIL = 1, BAD_HASHLEN = 2 } HashReturn; - -#ifdef Q_OS_RTEMS -# undef ALIGN -#endif - -#include "../../3rdparty/sha3/KeccakSponge.c" -typedef spongeState hashState; - -#include "../../3rdparty/sha3/KeccakNISTInterface.c" - -/* - This lets us choose between SHA3 implementations at build time. - */ -typedef spongeState SHA3Context; -typedef HashReturn (SHA3Init)(hashState *state, int hashbitlen); -typedef HashReturn (SHA3Update)(hashState *state, const BitSequence *data, DataLength databitlen); -typedef HashReturn (SHA3Final)(hashState *state, BitSequence *hashval); - -#if Q_PROCESSOR_WORDSIZE == 8 // 64 bit version - -#include "../../3rdparty/sha3/KeccakF-1600-opt64.c" - -static SHA3Init * const sha3Init = Init; -static SHA3Update * const sha3Update = Update; -static SHA3Final * const sha3Final = Final; - -#else // 32 bit optimised fallback - -#include "../../3rdparty/sha3/KeccakF-1600-opt32.c" - -static SHA3Init * const sha3Init = Init; -static SHA3Update * const sha3Update = Update; -static SHA3Final * const sha3Final = Final; - -#endif +// SHA-3 +#include "../../3rdparty/SHA-3/HashFunction.cpp" +#include "../../3rdparty/SHA-3/Keccak.cpp" // Header from rfc6234 #include "../../3rdparty/rfc6234/sha.h" @@ -195,16 +161,20 @@ public: explicit QCryptographicHashPrivate(QCryptographicHash::Algorithm method) noexcept : method(method) { - reset(); + allocate(); + } + ~QCryptographicHashPrivate() { free(); } + void reset() noexcept + { + free(); + allocate(); } - - void reset() noexcept; void addData(QByteArrayView bytes) noexcept; void finalize() noexcept; QByteArrayView resultView() const noexcept { return result.toByteArrayView(); } const QCryptographicHash::Algorithm method; - union { + union Contexts { Sha1State sha1Context; #ifndef QT_CRYPTOGRAPHICHASH_ONLY_SHA1 MD5Context md5Context; @@ -213,18 +183,20 @@ public: SHA256Context sha256Context; SHA384Context sha384Context; SHA512Context sha512Context; - SHA3Context sha3Context; blake2b_state blake2bContext; blake2s_state blake2sContext; + Keccak keccakContext; + Sha3 sha3Context; #endif - }; + Contexts() { } // Defined because they are + ~Contexts() { } // implicitly-deleted + } contexts; + +private: + void allocate() noexcept; + void free() noexcept; #ifndef QT_CRYPTOGRAPHICHASH_ONLY_SHA1 - enum class Sha3Variant - { - Sha3, - Keccak - }; - void sha3Finish(int bitCount, Sha3Variant sha3Variant); + void digestToResult(KeccakBase &keccak) noexcept; #endif class SmallByteArray { std::array<char, MaxHashLength> m_data; @@ -247,47 +219,6 @@ public: SmallByteArray result; }; -#ifndef QT_CRYPTOGRAPHICHASH_ONLY_SHA1 -void QCryptographicHashPrivate::sha3Finish(int bitCount, Sha3Variant sha3Variant) -{ - /* - FIPS 202 ยง6.1 defines SHA-3 in terms of calculating the Keccak function - over the original message with the two-bit suffix "01" appended to it. - This variable stores that suffix (and it's fed into the calculations - when the hash is returned to users). - - Only 2 bits of this variable are actually used (see the call to sha3Update - below). The Keccak implementation we're using will actually use the - *leftmost* 2 bits, and interpret them right-to-left. In other words, the - bits must appear in order of *increasing* significance; and as the two most - significant bits of the byte -- the rightmost 6 are ignored. (Yes, this - seems self-contradictory, but it's the way it is...) - - Overall, this means: - * the leftmost two bits must be "10" (not "01"!); - * we don't care what the other six bits are set to (they can be set to - any value), but we arbitrarily set them to 0; - - and for an unsigned char this gives us 0b10'00'00'00, or 0x80. - */ - static const unsigned char sha3FinalSuffix = 0x80; - - result.resize(bitCount / 8); - - SHA3Context copy = sha3Context; - - switch (sha3Variant) { - case Sha3Variant::Sha3: - sha3Update(©, reinterpret_cast<const BitSequence *>(&sha3FinalSuffix), 2); - break; - case Sha3Variant::Keccak: - break; - } - - sha3Final(©, reinterpret_cast<BitSequence *>(result.data())); -} -#endif - /*! \class QCryptographicHash \inmodule QtCore @@ -367,12 +298,33 @@ void QCryptographicHash::reset() noexcept d->reset(); } -void QCryptographicHashPrivate::reset() noexcept +void QCryptographicHashPrivate::free() noexcept +{ + switch (method) { +#ifndef QT_CRYPTOGRAPHICHASH_ONLY_SHA1 + case QCryptographicHash::RealSha3_224: + case QCryptographicHash::RealSha3_256: + case QCryptographicHash::RealSha3_384: + case QCryptographicHash::RealSha3_512: + contexts.sha3Context.~Sha3(); + break; + case QCryptographicHash::Keccak_224: + case QCryptographicHash::Keccak_256: + case QCryptographicHash::Keccak_384: + case QCryptographicHash::Keccak_512: + contexts.keccakContext.~Keccak(); +#endif + default: + break; + } +} + +void QCryptographicHashPrivate::allocate() noexcept { switch (method) { case QCryptographicHash::Sha1: - new (&sha1Context) Sha1State; - sha1InitState(&sha1Context); + new (&contexts.sha1Context) Sha1State; + sha1InitState(&contexts.sha1Context); break; #ifdef QT_CRYPTOGRAPHICHASH_ONLY_SHA1 default: @@ -381,53 +333,54 @@ void QCryptographicHashPrivate::reset() noexcept break; #else case QCryptographicHash::Md4: - new (&md4Context) md4_context; - md4_init(&md4Context); + new (&contexts.md4Context) md4_context; + md4_init(&contexts.md4Context); break; case QCryptographicHash::Md5: - new (&md5Context) MD5Context; - MD5Init(&md5Context); + new (&contexts.md5Context) MD5Context; + MD5Init(&contexts.md5Context); break; case QCryptographicHash::Sha224: - new (&sha224Context) SHA224Context; - SHA224Reset(&sha224Context); + new (&contexts.sha224Context) SHA224Context; + SHA224Reset(&contexts.sha224Context); break; case QCryptographicHash::Sha256: - new (&sha256Context) SHA256Context; - SHA256Reset(&sha256Context); + new (&contexts.sha256Context) SHA256Context; + SHA256Reset(&contexts.sha256Context); break; case QCryptographicHash::Sha384: - new (&sha384Context) SHA384Context; - SHA384Reset(&sha384Context); + new (&contexts.sha384Context) SHA384Context; + SHA384Reset(&contexts.sha384Context); break; case QCryptographicHash::Sha512: - new (&sha512Context) SHA512Context; - SHA512Reset(&sha512Context); + new (&contexts.sha512Context) SHA512Context; + SHA512Reset(&contexts.sha512Context); break; case QCryptographicHash::RealSha3_224: - case QCryptographicHash::Keccak_224: case QCryptographicHash::RealSha3_256: - case QCryptographicHash::Keccak_256: case QCryptographicHash::RealSha3_384: - case QCryptographicHash::Keccak_384: case QCryptographicHash::RealSha3_512: + new (&contexts.sha3Context) Sha3(hashLengthInternal(method) * 8); + break; + case QCryptographicHash::Keccak_224: + case QCryptographicHash::Keccak_256: + case QCryptographicHash::Keccak_384: case QCryptographicHash::Keccak_512: - new (&sha3Context) SHA3Context; - sha3Init(&sha3Context, hashLengthInternal(method) * 8); + new (&contexts.keccakContext) Keccak(hashLengthInternal(method) * 8); break; case QCryptographicHash::Blake2b_160: case QCryptographicHash::Blake2b_256: case QCryptographicHash::Blake2b_384: case QCryptographicHash::Blake2b_512: - new (&blake2bContext) blake2b_state; - blake2b_init(&blake2bContext, hashLengthInternal(method)); + new (&contexts.blake2bContext) blake2b_state; + blake2b_init(&contexts.blake2bContext, hashLengthInternal(method)); break; case QCryptographicHash::Blake2s_128: case QCryptographicHash::Blake2s_160: case QCryptographicHash::Blake2s_224: case QCryptographicHash::Blake2s_256: - new (&blake2sContext) blake2s_state; - blake2s_init(&blake2sContext, hashLengthInternal(method)); + new (&contexts.blake2sContext) blake2s_state; + blake2s_init(&contexts.blake2sContext, hashLengthInternal(method)); break; #endif } @@ -476,7 +429,7 @@ void QCryptographicHashPrivate::addData(QByteArrayView bytes) noexcept #endif switch (method) { case QCryptographicHash::Sha1: - sha1Update(&sha1Context, (const unsigned char *)data, length); + sha1Update(&contexts.sha1Context, (const unsigned char *)data, length); break; #ifdef QT_CRYPTOGRAPHICHASH_ONLY_SHA1 default: @@ -485,44 +438,52 @@ void QCryptographicHashPrivate::addData(QByteArrayView bytes) noexcept break; #else case QCryptographicHash::Md4: - md4_update(&md4Context, (const unsigned char *)data, length); + md4_update(&contexts.md4Context, (const unsigned char *)data, length); break; case QCryptographicHash::Md5: - MD5Update(&md5Context, (const unsigned char *)data, length); + MD5Update(&contexts.md5Context, (const unsigned char *)data, length); break; case QCryptographicHash::Sha224: - SHA224Input(&sha224Context, reinterpret_cast<const unsigned char *>(data), length); + SHA224Input(&contexts.sha224Context, reinterpret_cast<const unsigned char *>(data), + length); break; case QCryptographicHash::Sha256: - SHA256Input(&sha256Context, reinterpret_cast<const unsigned char *>(data), length); + SHA256Input(&contexts.sha256Context, reinterpret_cast<const unsigned char *>(data), + length); break; case QCryptographicHash::Sha384: - SHA384Input(&sha384Context, reinterpret_cast<const unsigned char *>(data), length); + SHA384Input(&contexts.sha384Context, reinterpret_cast<const unsigned char *>(data), + length); break; case QCryptographicHash::Sha512: - SHA512Input(&sha512Context, reinterpret_cast<const unsigned char *>(data), length); + SHA512Input(&contexts.sha512Context, reinterpret_cast<const unsigned char *>(data), + length); break; - case QCryptographicHash::RealSha3_224: case QCryptographicHash::Keccak_224: - case QCryptographicHash::RealSha3_256: case QCryptographicHash::Keccak_256: - case QCryptographicHash::RealSha3_384: case QCryptographicHash::Keccak_384: - case QCryptographicHash::RealSha3_512: case QCryptographicHash::Keccak_512: - sha3Update(&sha3Context, reinterpret_cast<const BitSequence *>(data), uint64_t(length) * 8); + contexts.keccakContext.addData(reinterpret_cast<const uint8_t *>(data), 0, length); + break; + case QCryptographicHash::RealSha3_224: + case QCryptographicHash::RealSha3_256: + case QCryptographicHash::RealSha3_384: + case QCryptographicHash::RealSha3_512: + contexts.sha3Context.addData(reinterpret_cast<const uint8_t *>(data), 0, length); break; case QCryptographicHash::Blake2b_160: case QCryptographicHash::Blake2b_256: case QCryptographicHash::Blake2b_384: case QCryptographicHash::Blake2b_512: - blake2b_update(&blake2bContext, reinterpret_cast<const uint8_t *>(data), length); + blake2b_update(&contexts.blake2bContext, reinterpret_cast<const uint8_t *>(data), + length); break; case QCryptographicHash::Blake2s_128: case QCryptographicHash::Blake2s_160: case QCryptographicHash::Blake2s_224: case QCryptographicHash::Blake2s_256: - blake2s_update(&blake2sContext, reinterpret_cast<const uint8_t *>(data), length); + blake2s_update(&contexts.blake2sContext, reinterpret_cast<const uint8_t *>(data), + length); break; #endif } @@ -586,10 +547,10 @@ void QCryptographicHashPrivate::finalize() noexcept switch (method) { case QCryptographicHash::Sha1: { - Sha1State copy = sha1Context; + Sha1State copy = contexts.sha1Context; result.resize(20); sha1FinalizeState(©); - sha1ToHash(©, (unsigned char *)result.data()); + sha1ToHash(©, reinterpret_cast<unsigned char *>(result.data())); break; } #ifdef QT_CRYPTOGRAPHICHASH_ONLY_SHA1 @@ -599,37 +560,37 @@ void QCryptographicHashPrivate::finalize() noexcept break; #else case QCryptographicHash::Md4: { - md4_context copy = md4Context; + md4_context copy = contexts.md4Context; result.resize(MD4_RESULTLEN); - md4_final(©, (unsigned char *)result.data()); + md4_final(©, reinterpret_cast<unsigned char *>(result.data())); break; } case QCryptographicHash::Md5: { - MD5Context copy = md5Context; + MD5Context copy = contexts.md5Context; result.resize(16); - MD5Final(©, (unsigned char *)result.data()); + MD5Final(©, reinterpret_cast<unsigned char *>(result.data())); break; } case QCryptographicHash::Sha224: { - SHA224Context copy = sha224Context; + SHA224Context copy = contexts.sha224Context; result.resize(SHA224HashSize); SHA224Result(©, reinterpret_cast<unsigned char *>(result.data())); break; } case QCryptographicHash::Sha256: { - SHA256Context copy = sha256Context; + SHA256Context copy = contexts.sha256Context; result.resize(SHA256HashSize); SHA256Result(©, reinterpret_cast<unsigned char *>(result.data())); break; } case QCryptographicHash::Sha384: { - SHA384Context copy = sha384Context; + SHA384Context copy = contexts.sha384Context; result.resize(SHA384HashSize); SHA384Result(©, reinterpret_cast<unsigned char *>(result.data())); break; } case QCryptographicHash::Sha512: { - SHA512Context copy = sha512Context; + SHA512Context copy = contexts.sha512Context; result.resize(SHA512HashSize); SHA512Result(©, reinterpret_cast<unsigned char *>(result.data())); break; @@ -638,14 +599,16 @@ void QCryptographicHashPrivate::finalize() noexcept case QCryptographicHash::RealSha3_256: case QCryptographicHash::RealSha3_384: case QCryptographicHash::RealSha3_512: { - sha3Finish(8 * hashLengthInternal(method), Sha3Variant::Sha3); + Sha3 copy = contexts.sha3Context; + digestToResult(copy); break; } case QCryptographicHash::Keccak_224: case QCryptographicHash::Keccak_256: case QCryptographicHash::Keccak_384: case QCryptographicHash::Keccak_512: { - sha3Finish(8 * hashLengthInternal(method), Sha3Variant::Keccak); + Keccak copy = contexts.keccakContext; + digestToResult(copy); break; } case QCryptographicHash::Blake2b_160: @@ -653,7 +616,7 @@ void QCryptographicHashPrivate::finalize() noexcept case QCryptographicHash::Blake2b_384: case QCryptographicHash::Blake2b_512: { const auto length = hashLengthInternal(method); - blake2b_state copy = blake2bContext; + blake2b_state copy = contexts.blake2bContext; result.resize(length); blake2b_final(©, reinterpret_cast<uint8_t *>(result.data()), length); break; @@ -663,7 +626,7 @@ void QCryptographicHashPrivate::finalize() noexcept case QCryptographicHash::Blake2s_224: case QCryptographicHash::Blake2s_256: { const auto length = hashLengthInternal(method); - blake2s_state copy = blake2sContext; + blake2s_state copy = contexts.blake2sContext; result.resize(length); blake2s_final(©, reinterpret_cast<uint8_t *>(result.data()), length); break; @@ -672,6 +635,16 @@ void QCryptographicHashPrivate::finalize() noexcept } } +#ifndef QT_CRYPTOGRAPHICHASH_ONLY_SHA1 +void QCryptographicHashPrivate::digestToResult(KeccakBase &keccak) noexcept +{ + std::vector<unsigned char> digest = keccak.digest(); + result.resize(digest.size()); + for (size_t i = 0; i < digest.size(); ++i) + result.data()[i] = static_cast<char>(digest[i]); +} +#endif + /*! Returns the hash of \a data using \a method. |