r3452 - in trunk/varnish-cache: include lib/libvarnish
phk at projects.linpro.no
phk at projects.linpro.no
Tue Dec 2 21:48:11 CET 2008
Author: phk
Date: 2008-12-02 21:48:11 +0100 (Tue, 02 Dec 2008)
New Revision: 3452
Modified:
trunk/varnish-cache/include/vsha256.h
trunk/varnish-cache/lib/libvarnish/vsha256.c
Log:
Fix an embarrasing bug in my Flexlinting of this code yesterday, and
add a couple of test-vectors to avoid it happening again.
And now for the funny and educational story:
In july of 1994, I added the "libmd" to FreeBSD, containing the
MD2, MD4 and MD5 functions from RFC 1319, RFC 1186 and RFC1321.
I meticulously replicated the test-vectors from the RFCs, so that
"make test" would validate the result.
Duing the intermediate 14 years, various slight shifts and adjustments
to things like the make(1) programs defaults, the shared library
resolution algorithm and other totally unrelated things, meant that
"make test" now tests the installed version of the library, rather
than the version you just built with "make all".
Needless to say, when I tested my patch yesterday, I didn't install
the built version, wanting first to hear what Colin Percival, FreeBSD
Security Wiz, generally swell fella and the guy who wrote this
SHA256 implementation, thought of these "stylistic" patches.
Modified: trunk/varnish-cache/include/vsha256.h
===================================================================
--- trunk/varnish-cache/include/vsha256.h 2008-12-01 22:17:37 UTC (rev 3451)
+++ trunk/varnish-cache/include/vsha256.h 2008-12-02 20:48:11 UTC (rev 3452)
@@ -41,6 +41,7 @@
void SHA256_Init(SHA256_CTX *);
void SHA256_Update(SHA256_CTX *, const void *, size_t);
void SHA256_Final(unsigned char [32], SHA256_CTX *);
+void SHA256_Test(void);
__END_DECLS
#endif /* !_SHA256_H_ */
Modified: trunk/varnish-cache/lib/libvarnish/vsha256.c
===================================================================
--- trunk/varnish-cache/lib/libvarnish/vsha256.c 2008-12-01 22:17:37 UTC (rev 3451)
+++ trunk/varnish-cache/lib/libvarnish/vsha256.c 2008-12-02 20:48:11 UTC (rev 3452)
@@ -244,20 +244,15 @@
uint32_t r, plen;
/*
- * Rescale from bytes to bits
+ * Convert length to bits and encode as a vector of bytes
+ * -- we do this now rather than later because the length
+ * will change after we pad.
*/
- ctx->count <<= 3;
+ mybe64enc(len, ctx->count << 3);
- /*
- * Convert length to a vector of bytes -- we do this now rather
- * than later because the length will change after we pad.
- */
- mybe64enc(len, ctx->count);
-
/* Add 1--64 bytes so that the resulting length is 56 mod 64 */
r = ctx->count & 0x3f;
plen = (r < 56) ? (56 - r) : (120 - r);
- assert(plen <= sizeof PAD);
SHA256_Update(ctx, PAD, (size_t)plen);
/* Add the terminating bit-count */
@@ -323,3 +318,43 @@
/* Clear the context state */
memset((void *)ctx, 0, sizeof(*ctx));
}
+
+/*
+ * A few test-vectors, just in case
+ */
+
+static const struct sha256test {
+ const char *input;
+ const unsigned char output[32];
+} sha256test[] = {
+ { "",
+ {0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4,
+ 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b,
+ 0x93, 0x4c, 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55} },
+ { "message digest",
+ {0xf7, 0x84, 0x6f, 0x55, 0xcf, 0x23, 0xe1, 0x4e, 0xeb, 0xea, 0xb5,
+ 0xb4, 0xe1, 0x55, 0x0c, 0xad, 0x5b, 0x50, 0x9e, 0x33, 0x48, 0xfb,
+ 0xc4, 0xef, 0xa3, 0xa1, 0x41, 0x3d, 0x39, 0x3c, 0xb6, 0x50} },
+ { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+ {0xdb, 0x4b, 0xfc, 0xbd, 0x4d, 0xa0, 0xcd, 0x85, 0xa6, 0x0c, 0x3c,
+ 0x37, 0xd3, 0xfb, 0xd8, 0x80, 0x5c, 0x77, 0xf1, 0x5f, 0xc6, 0xb1,
+ 0xfd, 0xfe, 0x61, 0x4e, 0xe0, 0xa7, 0xc8, 0xfd, 0xb4, 0xc0} },
+ { NULL }
+};
+
+
+void
+SHA256_Test(void)
+{
+ struct SHA256Context c;
+ const struct sha256test *p;
+ unsigned char o[32];
+
+ for (p = sha256test; p->input != NULL; p++) {
+ SHA256_Init(&c);
+ SHA256_Update(&c, p->input, strlen(p->input));
+ SHA256_Final(o, &c);
+ assert(!memcmp(o, p->output, 32));
+ }
+}
+
More information about the varnish-commit
mailing list