Re: [PATCH 1/2] Limit the size of the data block passed to SHA1_Update()
Thank you for the feedback. The patch is updated as suggested. On Tue, Nov 3, 2015 at 3:51 AM, Torsten Bögershausen wrote: > On 11/03/2015 07:58 AM, atous...@gmail.com wrote: >> >> From: Atousa Pahlevan Duprat > > Minor comments inline >> >> diff --git a/block-sha1/sha1.h b/block-sha1/sha1.h >> index b864df6..d085412 100644 >> --- a/block-sha1/sha1.h >> +++ b/block-sha1/sha1.h >> @@ -18,5 +18,5 @@ void blk_SHA1_Final(unsigned char hashout[20], >> blk_SHA_CTX *ctx); >> #define git_SHA_CTX blk_SHA_CTX >> #define git_SHA1_Init blk_SHA1_Init >> -#define git_SHA1_Updateblk_SHA1_Update >> +#define platform_SHA1_Update blk_SHA1_Update >> #define git_SHA1_Finalblk_SHA1_Final >> diff --git a/cache.h b/cache.h >> index 79066e5..a501652 100644 >> --- a/cache.h >> +++ b/cache.h >> @@ -10,12 +10,21 @@ >> #include "trace.h" >> #include "string-list.h" >> +// platform's underlying implementation of SHA1 > > Please use /* */ for comments > >> #include SHA1_HEADER >> #ifndef git_SHA_CTX >> -#define git_SHA_CTXSHA_CTX >> -#define git_SHA1_Init SHA1_Init >> -#define git_SHA1_UpdateSHA1_Update >> -#define git_SHA1_Final SHA1_Final >> +#define git_SHA_CTXSHA_CTX >> +#define git_SHA1_Init SHA1_Init >> +#define platform_SHA1_Update SHA1_Update >> +#define git_SHA1_Final SHA1_Final >> +#endif >> + >> +// choose whether chunked implementation or not >> +#ifdef SHA1_MAX_BLOCK_SIZE >> +int git_SHA1_Update_Chunked(SHA_CTX *c, const void *data, size_t len); >> +#define git_SHA1_Update git_SHA1_Update_Chunked >> +#else >> +#define git_SHA1_Update platform_SHA1_Update >> #endif >> #include >> diff --git a/compat/apple-common-crypto.h b/compat/apple-common-crypto.h >> index c8b9b0e..d3fb264 100644 >> --- a/compat/apple-common-crypto.h >> +++ b/compat/apple-common-crypto.h >> @@ -16,6 +16,10 @@ >> #undef TYPE_BOOL >> #endif >> +#ifndef SHA1_MAX_BLOCK_SIZE >> +#error Using Apple Common Crypto library requires setting >> SHA1_MAX_BLOCK_SIZE >> +#endif >> + >> #ifdef APPLE_LION_OR_NEWER >> #define git_CC_error_check(pattern, err) \ >> do { \ >> diff --git a/compat/sha1_chunked.c b/compat/sha1_chunked.c >> new file mode 100644 >> index 000..61f67de >> --- /dev/null >> +++ b/compat/sha1_chunked.c >> @@ -0,0 +1,19 @@ >> +#include "cache.h" >> + >> +int git_SHA1_Update_Chunked(SHA_CTX *c, const void *data, size_t len) >> +{ >> + size_t nr; >> + size_t total = 0; >> + const char *cdata = (const char*)data; >> + >> + while (len > 0) { > > size_t is unsigned, isn't it ? > Better to use "while (len) {" > >> + nr = len; >> + if (nr > SHA1_MAX_BLOCK_SIZE) >> + nr = SHA1_MAX_BLOCK_SIZE; >> + platform_SHA1_Update(c, cdata, nr); >> + total += nr; >> + cdata += nr; >> + len -= nr; >> + } >> + return total; >> +} > > -- Atousa Pahlevan, PhD M.Math. University of Waterloo, Canada Ph.D. Department of Computer Science, University of Victoria, Canada Voice: 415-341-6206 Email: apahle...@ieee.org Website: www.apahlevan.org -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 1/2] Limit the size of the data block passed to SHA1_Update()
On 11/03/2015 07:58 AM, atous...@gmail.com wrote: From: Atousa Pahlevan Duprat Minor comments inline diff --git a/block-sha1/sha1.h b/block-sha1/sha1.h index b864df6..d085412 100644 --- a/block-sha1/sha1.h +++ b/block-sha1/sha1.h @@ -18,5 +18,5 @@ void blk_SHA1_Final(unsigned char hashout[20], blk_SHA_CTX *ctx); #define git_SHA_CTX blk_SHA_CTX #define git_SHA1_Init blk_SHA1_Init -#define git_SHA1_Updateblk_SHA1_Update +#define platform_SHA1_Update blk_SHA1_Update #define git_SHA1_Finalblk_SHA1_Final diff --git a/cache.h b/cache.h index 79066e5..a501652 100644 --- a/cache.h +++ b/cache.h @@ -10,12 +10,21 @@ #include "trace.h" #include "string-list.h" +// platform's underlying implementation of SHA1 Please use /* */ for comments #include SHA1_HEADER #ifndef git_SHA_CTX -#define git_SHA_CTXSHA_CTX -#define git_SHA1_Init SHA1_Init -#define git_SHA1_UpdateSHA1_Update -#define git_SHA1_Final SHA1_Final +#define git_SHA_CTXSHA_CTX +#define git_SHA1_Init SHA1_Init +#define platform_SHA1_Update SHA1_Update +#define git_SHA1_Final SHA1_Final +#endif + +// choose whether chunked implementation or not +#ifdef SHA1_MAX_BLOCK_SIZE +int git_SHA1_Update_Chunked(SHA_CTX *c, const void *data, size_t len); +#define git_SHA1_Update git_SHA1_Update_Chunked +#else +#define git_SHA1_Update platform_SHA1_Update #endif #include diff --git a/compat/apple-common-crypto.h b/compat/apple-common-crypto.h index c8b9b0e..d3fb264 100644 --- a/compat/apple-common-crypto.h +++ b/compat/apple-common-crypto.h @@ -16,6 +16,10 @@ #undef TYPE_BOOL #endif +#ifndef SHA1_MAX_BLOCK_SIZE +#error Using Apple Common Crypto library requires setting SHA1_MAX_BLOCK_SIZE +#endif + #ifdef APPLE_LION_OR_NEWER #define git_CC_error_check(pattern, err) \ do { \ diff --git a/compat/sha1_chunked.c b/compat/sha1_chunked.c new file mode 100644 index 000..61f67de --- /dev/null +++ b/compat/sha1_chunked.c @@ -0,0 +1,19 @@ +#include "cache.h" + +int git_SHA1_Update_Chunked(SHA_CTX *c, const void *data, size_t len) +{ + size_t nr; + size_t total = 0; + const char *cdata = (const char*)data; + + while (len > 0) { size_t is unsigned, isn't it ? Better to use "while (len) {" + nr = len; + if (nr > SHA1_MAX_BLOCK_SIZE) + nr = SHA1_MAX_BLOCK_SIZE; + platform_SHA1_Update(c, cdata, nr); + total += nr; + cdata += nr; + len -= nr; + } + return total; +} -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 1/2] Limit the size of the data block passed to SHA1_Update()
From: Atousa Pahlevan Duprat Some implementations of SHA_Updates have inherent limits on the max chunk size. SHA1_MAX_BLOCK_SIZE can be defined to set the max chunk size supported, if required. This is enabled for OSX CommonCrypto library and set to 1GiB. Signed-off-by: Atousa Pahlevan Duprat --- Makefile | 16 +++- block-sha1/sha1.h| 2 +- cache.h | 17 + compat/apple-common-crypto.h | 4 compat/sha1_chunked.c| 19 +++ 5 files changed, 52 insertions(+), 6 deletions(-) create mode 100644 compat/sha1_chunked.c diff --git a/Makefile b/Makefile index 04c2231..1b098cc 100644 --- a/Makefile +++ b/Makefile @@ -136,11 +136,15 @@ all:: # to provide your own OpenSSL library, for example from MacPorts. # # Define BLK_SHA1 environment variable to make use of the bundled -# optimized C SHA1 routine. +# optimized C SHA1 routine. This implies NO_APPLE_COMMON_CRYPTO. # # Define PPC_SHA1 environment variable when running make to make use of # a bundled SHA1 routine optimized for PowerPC. # +# Define SHA1_MAX_BLOCK_SIZE if your SSH1_Update() implementation can +# hash only a limited amount of data in one call (e.g. APPLE_COMMON_CRYPTO +# may want 'SHA1_MAX_BLOCK_SIZE=1024L*1024L*1024L' defined). +# # Define NEEDS_CRYPTO_WITH_SSL if you need -lcrypto when using -lssl (Darwin). # # Define NEEDS_SSL_WITH_CRYPTO if you need -lssl when using -lcrypto (Darwin). @@ -986,6 +990,10 @@ ifeq (no,$(USE_PARENS_AROUND_GETTEXT_N)) endif endif +ifdef BLK_SHA1 + NO_APPLE_COMMON_CRYPTO=1 +endif + ifeq ($(uname_S),Darwin) ifndef NO_FINK ifeq ($(shell test -d /sw/lib && echo y),y) @@ -1346,6 +1354,8 @@ else ifdef APPLE_COMMON_CRYPTO COMPAT_CFLAGS += -DCOMMON_DIGEST_FOR_OPENSSL SHA1_HEADER = + # Apple CommonCrypto requires chunking + SHA1_MAX_BLOCK_SIZE = 1024L*1024L*1024L else SHA1_HEADER = EXTLIBS += $(LIB_4_CRYPTO) @@ -1353,6 +1363,10 @@ endif endif endif +ifdef SHA1_MAX_BLOCK_SIZE + LIB_OBJS += compat/sha1_chunked.o + BASIC_CFLAGS += -DSHA1_MAX_BLOCK_SIZE="$(SHA1_MAX_BLOCK_SIZE)" +endif ifdef NO_PERL_MAKEMAKER export NO_PERL_MAKEMAKER endif diff --git a/block-sha1/sha1.h b/block-sha1/sha1.h index b864df6..d085412 100644 --- a/block-sha1/sha1.h +++ b/block-sha1/sha1.h @@ -18,5 +18,5 @@ void blk_SHA1_Final(unsigned char hashout[20], blk_SHA_CTX *ctx); #define git_SHA_CTXblk_SHA_CTX #define git_SHA1_Init blk_SHA1_Init -#define git_SHA1_Updateblk_SHA1_Update +#define platform_SHA1_Update blk_SHA1_Update #define git_SHA1_Final blk_SHA1_Final diff --git a/cache.h b/cache.h index 79066e5..a501652 100644 --- a/cache.h +++ b/cache.h @@ -10,12 +10,21 @@ #include "trace.h" #include "string-list.h" +// platform's underlying implementation of SHA1 #include SHA1_HEADER #ifndef git_SHA_CTX -#define git_SHA_CTXSHA_CTX -#define git_SHA1_Init SHA1_Init -#define git_SHA1_UpdateSHA1_Update -#define git_SHA1_Final SHA1_Final +#define git_SHA_CTXSHA_CTX +#define git_SHA1_Init SHA1_Init +#define platform_SHA1_Update SHA1_Update +#define git_SHA1_Final SHA1_Final +#endif + +// choose whether chunked implementation or not +#ifdef SHA1_MAX_BLOCK_SIZE +int git_SHA1_Update_Chunked(SHA_CTX *c, const void *data, size_t len); +#define git_SHA1_Update git_SHA1_Update_Chunked +#else +#define git_SHA1_Update platform_SHA1_Update #endif #include diff --git a/compat/apple-common-crypto.h b/compat/apple-common-crypto.h index c8b9b0e..d3fb264 100644 --- a/compat/apple-common-crypto.h +++ b/compat/apple-common-crypto.h @@ -16,6 +16,10 @@ #undef TYPE_BOOL #endif +#ifndef SHA1_MAX_BLOCK_SIZE +#error Using Apple Common Crypto library requires setting SHA1_MAX_BLOCK_SIZE +#endif + #ifdef APPLE_LION_OR_NEWER #define git_CC_error_check(pattern, err) \ do { \ diff --git a/compat/sha1_chunked.c b/compat/sha1_chunked.c new file mode 100644 index 000..61f67de --- /dev/null +++ b/compat/sha1_chunked.c @@ -0,0 +1,19 @@ +#include "cache.h" + +int git_SHA1_Update_Chunked(SHA_CTX *c, const void *data, size_t len) +{ + size_t nr; + size_t total = 0; + const char *cdata = (const char*)data; + + while (len > 0) { + nr = len; + if (nr > SHA1_MAX_BLOCK_SIZE) + nr = SHA1_MAX_BLOCK_SIZE; + platform_SHA1_Update(c, cdata, nr); + total += nr; + cdata += nr; + len -= nr; + } + return total; +} -- 2.4.9 (Apple Git-60) -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html