nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00
Code Issues Projects Releases Wiki Activity
a9763ce4ed
putty-source/sshmd5.c

272 lines
8.0 KiB
C
Raw Normal View History

Replace all uses of SHA*_Bytes / MD5Update. In fact, those functions don't even exist any more. The only way to get data into a primitive hash state is via the new put_* system. Of course, that means put_data() is a viable replacement for every previous call to one of the per-hash update functions - but just mechanically doing that would have missed the opportunity to simplify a lot of the call sites.
2018-05-24 09:03:36 +00:00
#include <assert.h>
Initial checkin: beta 0.43 [originally from svn r11]
1999-01-08 13:02:13 +00:00
#include "ssh.h"
/*
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
* MD5 implementation for PuTTY. Written directly from the spec by
* Simon Tatham.
Initial checkin: beta 0.43 [originally from svn r11]
1999-01-08 13:02:13 +00:00
*/
Access all hashes and MACs through the standard API. All the hash-specific state structures, and the functions that directly accessed them, are now local to the source files implementing the hashes themselves. Everywhere we previously used those types or functions, we're now using the standard ssh_hash or ssh2_mac API. The 'simple' functions (hmacmd5_simple, SHA_Simple etc) are now a pair of wrappers in sshauxcrypt.c, each of which takes an algorithm structure and can do the same conceptual thing regardless of what it is.
2019-01-20 16:15:14 +00:00
typedef struct {
uint32_t h[4];
} MD5_Core_State;
struct MD5Context {
MD5_Core_State core;
unsigned char block[64];
int blkused;
uint64_t len;
BinarySink_IMPLEMENTATION;
};
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
/* ----------------------------------------------------------------------
* Core MD5 algorithm: processes 16-word blocks into a message digest.
Initial checkin: beta 0.43 [originally from svn r11]
1999-01-08 13:02:13 +00:00
*/
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
#define F(x,y,z) ( ((x) & (y)) | ((~(x)) & (z)) )
#define G(x,y,z) ( ((x) & (z)) | ((~(z)) & (y)) )
#define H(x,y,z) ( (x) ^ (y) ^ (z) )
#define I(x,y,z) ( (y) ^ ( (x) | ~(z) ) )
Initial checkin: beta 0.43 [originally from svn r11]
1999-01-08 13:02:13 +00:00
Adopt C99 <stdint.h> integer types. The annoying int64.h is completely retired, since C99 guarantees a 64-bit integer type that you can actually treat like an ordinary integer. Also, I've replaced the local typedefs uint32 and word32 (scattered through different parts of the crypto code) with the standard uint32_t.
2018-10-26 22:08:58 +00:00
#define rol(x,y) ( ((x) << (y)) | (((uint32_t)x) >> (32-y)) )
Initial checkin: beta 0.43 [originally from svn r11]
1999-01-08 13:02:13 +00:00
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
#define subround(f,w,x,y,z,k,s,ti) \
w = x + rol(w + f(x,y,z) + block[k] + ti, s)
Initial checkin: beta 0.43 [originally from svn r11]
1999-01-08 13:02:13 +00:00
Make MD5_Core_Init and MD5_Block (both only referenced in this file) static. [originally from svn r2469]
2003-01-05 15:29:22 +00:00
static void MD5_Core_Init(MD5_Core_State * s)
Run entire source base through GNU indent to tidy up the varying coding styles of the various contributors! Woohoo! [originally from svn r1098]
2001-05-06 14:35:20 +00:00
{
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
s->h[0] = 0x67452301;
s->h[1] = 0xefcdab89;
s->h[2] = 0x98badcfe;
s->h[3] = 0x10325476;
}
Initial checkin: beta 0.43 [originally from svn r11]
1999-01-08 13:02:13 +00:00
Adopt C99 <stdint.h> integer types. The annoying int64.h is completely retired, since C99 guarantees a 64-bit integer type that you can actually treat like an ordinary integer. Also, I've replaced the local typedefs uint32 and word32 (scattered through different parts of the crypto code) with the standard uint32_t.
2018-10-26 22:08:58 +00:00
static void MD5_Block(MD5_Core_State *s, uint32_t *block)
Run entire source base through GNU indent to tidy up the varying coding styles of the various contributors! Woohoo! [originally from svn r1098]
2001-05-06 14:35:20 +00:00
{
Adopt C99 <stdint.h> integer types. The annoying int64.h is completely retired, since C99 guarantees a 64-bit integer type that you can actually treat like an ordinary integer. Also, I've replaced the local typedefs uint32 and word32 (scattered through different parts of the crypto code) with the standard uint32_t.
2018-10-26 22:08:58 +00:00
uint32_t a, b, c, d;
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
Run entire source base through GNU indent to tidy up the varying coding styles of the various contributors! Woohoo! [originally from svn r1098]
2001-05-06 14:35:20 +00:00
a = s->h[0];
b = s->h[1];
c = s->h[2];
d = s->h[3];
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
subround(F, a, b, c, d, 0, 7, 0xd76aa478);
subround(F, d, a, b, c, 1, 12, 0xe8c7b756);
subround(F, c, d, a, b, 2, 17, 0x242070db);
subround(F, b, c, d, a, 3, 22, 0xc1bdceee);
subround(F, a, b, c, d, 4, 7, 0xf57c0faf);
subround(F, d, a, b, c, 5, 12, 0x4787c62a);
subround(F, c, d, a, b, 6, 17, 0xa8304613);
subround(F, b, c, d, a, 7, 22, 0xfd469501);
subround(F, a, b, c, d, 8, 7, 0x698098d8);
subround(F, d, a, b, c, 9, 12, 0x8b44f7af);
subround(F, c, d, a, b, 10, 17, 0xffff5bb1);
subround(F, b, c, d, a, 11, 22, 0x895cd7be);
subround(F, a, b, c, d, 12, 7, 0x6b901122);
subround(F, d, a, b, c, 13, 12, 0xfd987193);
subround(F, c, d, a, b, 14, 17, 0xa679438e);
subround(F, b, c, d, a, 15, 22, 0x49b40821);
subround(G, a, b, c, d, 1, 5, 0xf61e2562);
subround(G, d, a, b, c, 6, 9, 0xc040b340);
subround(G, c, d, a, b, 11, 14, 0x265e5a51);
subround(G, b, c, d, a, 0, 20, 0xe9b6c7aa);
subround(G, a, b, c, d, 5, 5, 0xd62f105d);
subround(G, d, a, b, c, 10, 9, 0x02441453);
subround(G, c, d, a, b, 15, 14, 0xd8a1e681);
subround(G, b, c, d, a, 4, 20, 0xe7d3fbc8);
subround(G, a, b, c, d, 9, 5, 0x21e1cde6);
subround(G, d, a, b, c, 14, 9, 0xc33707d6);
subround(G, c, d, a, b, 3, 14, 0xf4d50d87);
subround(G, b, c, d, a, 8, 20, 0x455a14ed);
subround(G, a, b, c, d, 13, 5, 0xa9e3e905);
subround(G, d, a, b, c, 2, 9, 0xfcefa3f8);
subround(G, c, d, a, b, 7, 14, 0x676f02d9);
subround(G, b, c, d, a, 12, 20, 0x8d2a4c8a);
subround(H, a, b, c, d, 5, 4, 0xfffa3942);
subround(H, d, a, b, c, 8, 11, 0x8771f681);
subround(H, c, d, a, b, 11, 16, 0x6d9d6122);
subround(H, b, c, d, a, 14, 23, 0xfde5380c);
subround(H, a, b, c, d, 1, 4, 0xa4beea44);
subround(H, d, a, b, c, 4, 11, 0x4bdecfa9);
subround(H, c, d, a, b, 7, 16, 0xf6bb4b60);
subround(H, b, c, d, a, 10, 23, 0xbebfbc70);
subround(H, a, b, c, d, 13, 4, 0x289b7ec6);
subround(H, d, a, b, c, 0, 11, 0xeaa127fa);
subround(H, c, d, a, b, 3, 16, 0xd4ef3085);
subround(H, b, c, d, a, 6, 23, 0x04881d05);
subround(H, a, b, c, d, 9, 4, 0xd9d4d039);
subround(H, d, a, b, c, 12, 11, 0xe6db99e5);
subround(H, c, d, a, b, 15, 16, 0x1fa27cf8);
subround(H, b, c, d, a, 2, 23, 0xc4ac5665);
subround(I, a, b, c, d, 0, 6, 0xf4292244);
subround(I, d, a, b, c, 7, 10, 0x432aff97);
subround(I, c, d, a, b, 14, 15, 0xab9423a7);
subround(I, b, c, d, a, 5, 21, 0xfc93a039);
subround(I, a, b, c, d, 12, 6, 0x655b59c3);
subround(I, d, a, b, c, 3, 10, 0x8f0ccc92);
subround(I, c, d, a, b, 10, 15, 0xffeff47d);
subround(I, b, c, d, a, 1, 21, 0x85845dd1);
subround(I, a, b, c, d, 8, 6, 0x6fa87e4f);
subround(I, d, a, b, c, 15, 10, 0xfe2ce6e0);
subround(I, c, d, a, b, 6, 15, 0xa3014314);
subround(I, b, c, d, a, 13, 21, 0x4e0811a1);
subround(I, a, b, c, d, 4, 6, 0xf7537e82);
subround(I, d, a, b, c, 11, 10, 0xbd3af235);
subround(I, c, d, a, b, 2, 15, 0x2ad7d2bb);
subround(I, b, c, d, a, 9, 21, 0xeb86d391);
Run entire source base through GNU indent to tidy up the varying coding styles of the various contributors! Woohoo! [originally from svn r1098]
2001-05-06 14:35:20 +00:00
s->h[0] += a;
s->h[1] += b;
s->h[2] += c;
s->h[3] += d;
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
}
Initial checkin: beta 0.43 [originally from svn r11]
1999-01-08 13:02:13 +00:00
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
/* ----------------------------------------------------------------------
* Outer MD5 algorithm: take an arbitrary length byte string,
* convert it into 16-word blocks with the prescribed padding at
* the end, and pass those blocks to the core MD5 algorithm.
*/
Initial checkin: beta 0.43 [originally from svn r11]
1999-01-08 13:02:13 +00:00
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
#define BLKSIZE 64
Initial checkin: beta 0.43 [originally from svn r11]
1999-01-08 13:02:13 +00:00
Replace all uses of SHA*_Bytes / MD5Update. In fact, those functions don't even exist any more. The only way to get data into a primitive hash state is via the new put_* system. Of course, that means put_data() is a viable replacement for every previous call to one of the per-hash update functions - but just mechanically doing that would have missed the opportunity to simplify a lot of the call sites.
2018-05-24 09:03:36 +00:00
static void MD5_BinarySink_write(BinarySink *bs, const void *data, size_t len);
New centralised binary-data marshalling system. I've finally got tired of all the code throughout PuTTY that repeats the same logic about how to format the SSH binary primitives like uint32, string, mpint. We've got reasonably organised code in ssh.c that appends things like that to 'struct Packet'; something similar in sftp.c which repeats a lot of the work; utility functions in various places to format an mpint to feed to one or another hash function; and no end of totally ad-hoc stuff in functions like public key blob formatters which actually have to _count up_ the size of data painstakingly, then malloc exactly that much and mess about with PUT_32BIT. It's time to bring all of that into one place, and stop repeating myself in error-prone ways everywhere. The new marshal.h defines a system in which I centralise all the actual marshalling functions, and then layer a touch of C macro trickery on top to allow me to (look as if I) pass a wide range of different types to those functions, as long as the target type has been set up in the right way to have a write() function. This commit adds the new header and source file, and sets up some general centralised types (strbuf and the various hash-function contexts like SHA_State), but doesn't use the new calls for anything yet. (I've also renamed some internal functions in import.c which were using the same names that I've just defined macros over. That won't last long - those functions are going to go away soon, so the changed names are strictly temporary.)
2018-05-24 08:17:13 +00:00
Add lots of missing 'static' keywords. A trawl through the code with -Wmissing-prototypes and -Wmissing-variable-declarations turned up a lot of things that should have been internal to a particular source file, but were accidentally global. Keep the namespace clean by making them all static. (Also, while I'm here, a couple of them were missing a 'const': the ONE and ZERO arrays in sshcrcda.c, and EMPTY_WINDOW_TITLE in terminal.c.)
2020-01-29 06:22:01 +00:00
static void MD5Init(struct MD5Context *s)
Run entire source base through GNU indent to tidy up the varying coding styles of the various contributors! Woohoo! [originally from svn r1098]
2001-05-06 14:35:20 +00:00
{
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
MD5_Core_Init(&s->core);
s->blkused = 0;
Adopt C99 <stdint.h> integer types. The annoying int64.h is completely retired, since C99 guarantees a 64-bit integer type that you can actually treat like an ordinary integer. Also, I've replaced the local typedefs uint32 and word32 (scattered through different parts of the crypto code) with the standard uint32_t.
2018-10-26 22:08:58 +00:00
s->len = 0;
New centralised binary-data marshalling system. I've finally got tired of all the code throughout PuTTY that repeats the same logic about how to format the SSH binary primitives like uint32, string, mpint. We've got reasonably organised code in ssh.c that appends things like that to 'struct Packet'; something similar in sftp.c which repeats a lot of the work; utility functions in various places to format an mpint to feed to one or another hash function; and no end of totally ad-hoc stuff in functions like public key blob formatters which actually have to _count up_ the size of data painstakingly, then malloc exactly that much and mess about with PUT_32BIT. It's time to bring all of that into one place, and stop repeating myself in error-prone ways everywhere. The new marshal.h defines a system in which I centralise all the actual marshalling functions, and then layer a touch of C macro trickery on top to allow me to (look as if I) pass a wide range of different types to those functions, as long as the target type has been set up in the right way to have a write() function. This commit adds the new header and source file, and sets up some general centralised types (strbuf and the various hash-function contexts like SHA_State), but doesn't use the new calls for anything yet. (I've also renamed some internal functions in import.c which were using the same names that I've just defined macros over. That won't last long - those functions are going to go away soon, so the changed names are strictly temporary.)
2018-05-24 08:17:13 +00:00
BinarySink_INIT(s, MD5_BinarySink_write);
Initial checkin: beta 0.43 [originally from svn r11]
1999-01-08 13:02:13 +00:00
}
Replace all uses of SHA*_Bytes / MD5Update. In fact, those functions don't even exist any more. The only way to get data into a primitive hash state is via the new put_* system. Of course, that means put_data() is a viable replacement for every previous call to one of the per-hash update functions - but just mechanically doing that would have missed the opportunity to simplify a lot of the call sites.
2018-05-24 09:03:36 +00:00
static void MD5_BinarySink_write(BinarySink *bs, const void *data, size_t len)
Run entire source base through GNU indent to tidy up the varying coding styles of the various contributors! Woohoo! [originally from svn r1098]
2001-05-06 14:35:20 +00:00
{
Replace all uses of SHA*_Bytes / MD5Update. In fact, those functions don't even exist any more. The only way to get data into a primitive hash state is via the new put_* system. Of course, that means put_data() is a viable replacement for every previous call to one of the per-hash update functions - but just mechanically doing that would have missed the opportunity to simplify a lot of the call sites.
2018-05-24 09:03:36 +00:00
struct MD5Context *s = BinarySink_DOWNCAST(bs, struct MD5Context);
const unsigned char *q = (const unsigned char *)data;
Adopt C99 <stdint.h> integer types. The annoying int64.h is completely retired, since C99 guarantees a 64-bit integer type that you can actually treat like an ordinary integer. Also, I've replaced the local typedefs uint32 and word32 (scattered through different parts of the crypto code) with the standard uint32_t.
2018-10-26 22:08:58 +00:00
uint32_t wordblock[16];
uint32_t lenw = len;
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
int i;
Replace all uses of SHA*_Bytes / MD5Update. In fact, those functions don't even exist any more. The only way to get data into a primitive hash state is via the new put_* system. Of course, that means put_data() is a viable replacement for every previous call to one of the per-hash update functions - but just mechanically doing that would have missed the opportunity to simplify a lot of the call sites.
2018-05-24 09:03:36 +00:00
assert(lenw == len);
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
/*
* Update the length field.
*/
Adopt C99 <stdint.h> integer types. The annoying int64.h is completely retired, since C99 guarantees a 64-bit integer type that you can actually treat like an ordinary integer. Also, I've replaced the local typedefs uint32 and word32 (scattered through different parts of the crypto code) with the standard uint32_t.
2018-10-26 22:08:58 +00:00
s->len += lenw;
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
Run entire source base through GNU indent to tidy up the varying coding styles of the various contributors! Woohoo! [originally from svn r1098]
2001-05-06 14:35:20 +00:00
if (s->blkused + len < BLKSIZE) {
Whitespace rationalisation of entire code base. The number of people has been steadily increasing who read our source code with an editor that thinks tab stops are 4 spaces apart, as opposed to the traditional tty-derived 8 that the PuTTY code expects. So I've been wondering for ages about just fixing it, and switching to a spaces-only policy throughout the code. And I recently found out about 'git blame -w', which should make this change not too disruptive for the purposes of source-control archaeology; so perhaps now is the time. While I'm at it, I've also taken the opportunity to remove all the trailing spaces from source lines (on the basis that git dislikes them, and is the only thing that seems to have a strong opinion one way or the other). Apologies to anyone downstream of this code who has complicated patch sets to rebase past this change. I don't intend it to be needed again.
2019-09-08 19:29:00 +00:00
/*
* Trivial case: just add to the block.
*/
memcpy(s->block + s->blkused, q, len);
s->blkused += len;
Initial checkin: beta 0.43 [originally from svn r11]
1999-01-08 13:02:13 +00:00
} else {
Whitespace rationalisation of entire code base. The number of people has been steadily increasing who read our source code with an editor that thinks tab stops are 4 spaces apart, as opposed to the traditional tty-derived 8 that the PuTTY code expects. So I've been wondering for ages about just fixing it, and switching to a spaces-only policy throughout the code. And I recently found out about 'git blame -w', which should make this change not too disruptive for the purposes of source-control archaeology; so perhaps now is the time. While I'm at it, I've also taken the opportunity to remove all the trailing spaces from source lines (on the basis that git dislikes them, and is the only thing that seems to have a strong opinion one way or the other). Apologies to anyone downstream of this code who has complicated patch sets to rebase past this change. I don't intend it to be needed again.
2019-09-08 19:29:00 +00:00
/*
* We must complete and process at least one block.
*/
while (s->blkused + len >= BLKSIZE) {
memcpy(s->block + s->blkused, q, BLKSIZE - s->blkused);
q += BLKSIZE - s->blkused;
len -= BLKSIZE - s->blkused;
/* Now process the block. Gather bytes little-endian into words */
for (i = 0; i < 16; i++) {
wordblock[i] =
(((uint32_t) s->block[i * 4 + 3]) << 24) |
(((uint32_t) s->block[i * 4 + 2]) << 16) |
(((uint32_t) s->block[i * 4 + 1]) << 8) |
(((uint32_t) s->block[i * 4 + 0]) << 0);
}
MD5_Block(&s->core, wordblock);
s->blkused = 0;
}
memcpy(s->block, q, len);
s->blkused = len;
Initial checkin: beta 0.43 [originally from svn r11]
1999-01-08 13:02:13 +00:00
}
}
Add lots of missing 'static' keywords. A trawl through the code with -Wmissing-prototypes and -Wmissing-variable-declarations turned up a lot of things that should have been internal to a particular source file, but were accidentally global. Keep the namespace clean by making them all static. (Also, while I'm here, a couple of them were missing a 'const': the ONE and ZERO arrays in sshcrcda.c, and EMPTY_WINDOW_TITLE in terminal.c.)
2020-01-29 06:22:01 +00:00
static void MD5Final(unsigned char output[16], struct MD5Context *s)
Run entire source base through GNU indent to tidy up the varying coding styles of the various contributors! Woohoo! [originally from svn r1098]
2001-05-06 14:35:20 +00:00
{
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
int i;
Oops - now let's get that MD5 change _right_ :-) [originally from svn r438]
2000-04-04 14:51:17 +00:00
unsigned pad;
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
unsigned char c[64];
Adopt C99 <stdint.h> integer types. The annoying int64.h is completely retired, since C99 guarantees a 64-bit integer type that you can actually treat like an ordinary integer. Also, I've replaced the local typedefs uint32 and word32 (scattered through different parts of the crypto code) with the standard uint32_t.
2018-10-26 22:08:58 +00:00
uint64_t len;
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
if (s->blkused >= 56)
Whitespace rationalisation of entire code base. The number of people has been steadily increasing who read our source code with an editor that thinks tab stops are 4 spaces apart, as opposed to the traditional tty-derived 8 that the PuTTY code expects. So I've been wondering for ages about just fixing it, and switching to a spaces-only policy throughout the code. And I recently found out about 'git blame -w', which should make this change not too disruptive for the purposes of source-control archaeology; so perhaps now is the time. While I'm at it, I've also taken the opportunity to remove all the trailing spaces from source lines (on the basis that git dislikes them, and is the only thing that seems to have a strong opinion one way or the other). Apologies to anyone downstream of this code who has complicated patch sets to rebase past this change. I don't intend it to be needed again.
2019-09-08 19:29:00 +00:00
pad = 56 + 64 - s->blkused;
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
else
Whitespace rationalisation of entire code base. The number of people has been steadily increasing who read our source code with an editor that thinks tab stops are 4 spaces apart, as opposed to the traditional tty-derived 8 that the PuTTY code expects. So I've been wondering for ages about just fixing it, and switching to a spaces-only policy throughout the code. And I recently found out about 'git blame -w', which should make this change not too disruptive for the purposes of source-control archaeology; so perhaps now is the time. While I'm at it, I've also taken the opportunity to remove all the trailing spaces from source lines (on the basis that git dislikes them, and is the only thing that seems to have a strong opinion one way or the other). Apologies to anyone downstream of this code who has complicated patch sets to rebase past this change. I don't intend it to be needed again.
2019-09-08 19:29:00 +00:00
pad = 56 - s->blkused;
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
Adopt C99 <stdint.h> integer types. The annoying int64.h is completely retired, since C99 guarantees a 64-bit integer type that you can actually treat like an ordinary integer. Also, I've replaced the local typedefs uint32 and word32 (scattered through different parts of the crypto code) with the standard uint32_t.
2018-10-26 22:08:58 +00:00
len = (s->len << 3);
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
memset(c, 0, pad);
c[0] = 0x80;
Replace all uses of SHA*_Bytes / MD5Update. In fact, those functions don't even exist any more. The only way to get data into a primitive hash state is via the new put_* system. Of course, that means put_data() is a viable replacement for every previous call to one of the per-hash update functions - but just mechanically doing that would have missed the opportunity to simplify a lot of the call sites.
2018-05-24 09:03:36 +00:00
put_data(s, c, pad);
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
Adopt C99 <stdint.h> integer types. The annoying int64.h is completely retired, since C99 guarantees a 64-bit integer type that you can actually treat like an ordinary integer. Also, I've replaced the local typedefs uint32 and word32 (scattered through different parts of the crypto code) with the standard uint32_t.
2018-10-26 22:08:58 +00:00
PUT_64BIT_LSB_FIRST(c, len);
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
Replace all uses of SHA*_Bytes / MD5Update. In fact, those functions don't even exist any more. The only way to get data into a primitive hash state is via the new put_* system. Of course, that means put_data() is a viable replacement for every previous call to one of the per-hash update functions - but just mechanically doing that would have missed the opportunity to simplify a lot of the call sites.
2018-05-24 09:03:36 +00:00
put_data(s, c, 8);
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
for (i = 0; i < 4; i++) {
Whitespace rationalisation of entire code base. The number of people has been steadily increasing who read our source code with an editor that thinks tab stops are 4 spaces apart, as opposed to the traditional tty-derived 8 that the PuTTY code expects. So I've been wondering for ages about just fixing it, and switching to a spaces-only policy throughout the code. And I recently found out about 'git blame -w', which should make this change not too disruptive for the purposes of source-control archaeology; so perhaps now is the time. While I'm at it, I've also taken the opportunity to remove all the trailing spaces from source lines (on the basis that git dislikes them, and is the only thing that seems to have a strong opinion one way or the other). Apologies to anyone downstream of this code who has complicated patch sets to rebase past this change. I don't intend it to be needed again.
2019-09-08 19:29:00 +00:00
output[4 * i + 3] = (s->core.h[i] >> 24) & 0xFF;
output[4 * i + 2] = (s->core.h[i] >> 16) & 0xFF;
output[4 * i + 1] = (s->core.h[i] >> 8) & 0xFF;
output[4 * i + 0] = (s->core.h[i] >> 0) & 0xFF;
Replace MD5 implementation with my own code [originally from svn r437]
2000-04-04 14:47:22 +00:00
}
Initial checkin: beta 0.43 [originally from svn r11]
1999-01-08 13:02:13 +00:00
}
Implement MD5 MAC for the benefit of old SSH2 servers [originally from svn r709]
2000-10-12 14:24:58 +00:00
Make lots more algorithm structures globally visible. Previously, lots of individual ssh2_cipheralg structures were declared static, and only available to the rest of the code via a smaller number of 'ssh2_ciphers' objects that wrapped them into lists. But I'm going to want to access individual ciphers directly in the testing system I'm currently working on, so I'm giving all those objects external linkage and declaring them in ssh.h. Also, I've made up an entirely new one, namely exposing MD5 as an instance of the general ssh_hashalg abstraction, which it has no need to be for the purposes of actually using it in SSH. But, again, this will let me treat it the same as all the other hashes in the test system. No functional change, for the moment.
2018-12-31 13:55:46 +00:00
/* ----------------------------------------------------------------------
* Thin abstraction for things where hashes are pluggable.
*/
struct md5_hash {
struct MD5Context state;
ssh_hash hash;
};
Remove a lot of pointless 'struct' keywords. This is the commit that f3295e0fb _should_ have been. Yesterday I just added some typedefs so that I didn't have to wear out my fingers typing 'struct' in new code, but what I ought to have done is to move all the typedefs into defs.h with the rest, and then go through cleaning up the legacy 'struct's all through the existing code. But I was mostly trying to concentrate on getting the test suite finished, so I just did the minimum. Now it's time to come back and do it better.
2019-01-04 06:51:44 +00:00
static ssh_hash *md5_new(const ssh_hashalg *alg)
Make lots more algorithm structures globally visible. Previously, lots of individual ssh2_cipheralg structures were declared static, and only available to the rest of the code via a smaller number of 'ssh2_ciphers' objects that wrapped them into lists. But I'm going to want to access individual ciphers directly in the testing system I'm currently working on, so I'm giving all those objects external linkage and declaring them in ssh.h. Also, I've made up an entirely new one, namely exposing MD5 as an instance of the general ssh_hashalg abstraction, which it has no need to be for the purposes of actually using it in SSH. But, again, this will let me treat it the same as all the other hashes in the test system. No functional change, for the moment.
2018-12-31 13:55:46 +00:00
{
struct md5_hash *h = snew(struct md5_hash);
h->hash.vt = alg;
BinarySink_DELEGATE_INIT(&h->hash, &h->state);
return &h->hash;
}
Refactor the ssh_hash vtable. (NFC) The idea is to arrange that an ssh_hash object can be reused without having to free it and allocate a new one. So the 'final' method has been replaced with 'digest', which does everything except the trailing free; and there's also a new pair of methods 'reset' and 'copyfrom' which overwrite the state of a hash with either the starting state or a copy of another state. Meanwhile, the 'new' allocator function has stopped performing 'reset' as a side effect; now it _just_ does the administrative stuff (allocation, setting up vtables), and returns an object which isn't yet ready to receive any actual data, expecting that the caller will either reset it or copy another hash state into it. In particular, that means that the SHA-384 / SHA-512 pair no longer need separate 'new' methods, because only the 'reset' part has to change between them. This commit makes no change to the user-facing API of wrapper functions in ssh.h, except to add new functions which nothing yet calls. The user-facing ssh_hash_new() calls the new and reset methods in succession, and the copy and final methods still exist to do new+copy and digest+free.
2019-12-15 09:30:10 +00:00
static void md5_reset(ssh_hash *hash)
Make lots more algorithm structures globally visible. Previously, lots of individual ssh2_cipheralg structures were declared static, and only available to the rest of the code via a smaller number of 'ssh2_ciphers' objects that wrapped them into lists. But I'm going to want to access individual ciphers directly in the testing system I'm currently working on, so I'm giving all those objects external linkage and declaring them in ssh.h. Also, I've made up an entirely new one, namely exposing MD5 as an instance of the general ssh_hashalg abstraction, which it has no need to be for the purposes of actually using it in SSH. But, again, this will let me treat it the same as all the other hashes in the test system. No functional change, for the moment.
2018-12-31 13:55:46 +00:00
{
Refactor the ssh_hash vtable. (NFC) The idea is to arrange that an ssh_hash object can be reused without having to free it and allocate a new one. So the 'final' method has been replaced with 'digest', which does everything except the trailing free; and there's also a new pair of methods 'reset' and 'copyfrom' which overwrite the state of a hash with either the starting state or a copy of another state. Meanwhile, the 'new' allocator function has stopped performing 'reset' as a side effect; now it _just_ does the administrative stuff (allocation, setting up vtables), and returns an object which isn't yet ready to receive any actual data, expecting that the caller will either reset it or copy another hash state into it. In particular, that means that the SHA-384 / SHA-512 pair no longer need separate 'new' methods, because only the 'reset' part has to change between them. This commit makes no change to the user-facing API of wrapper functions in ssh.h, except to add new functions which nothing yet calls. The user-facing ssh_hash_new() calls the new and reset methods in succession, and the copy and final methods still exist to do new+copy and digest+free.
2019-12-15 09:30:10 +00:00
struct md5_hash *h = container_of(hash, struct md5_hash, hash);
MD5Init(&h->state);
}
Make lots more algorithm structures globally visible. Previously, lots of individual ssh2_cipheralg structures were declared static, and only available to the rest of the code via a smaller number of 'ssh2_ciphers' objects that wrapped them into lists. But I'm going to want to access individual ciphers directly in the testing system I'm currently working on, so I'm giving all those objects external linkage and declaring them in ssh.h. Also, I've made up an entirely new one, namely exposing MD5 as an instance of the general ssh_hashalg abstraction, which it has no need to be for the purposes of actually using it in SSH. But, again, this will let me treat it the same as all the other hashes in the test system. No functional change, for the moment.
2018-12-31 13:55:46 +00:00
Refactor the ssh_hash vtable. (NFC) The idea is to arrange that an ssh_hash object can be reused without having to free it and allocate a new one. So the 'final' method has been replaced with 'digest', which does everything except the trailing free; and there's also a new pair of methods 'reset' and 'copyfrom' which overwrite the state of a hash with either the starting state or a copy of another state. Meanwhile, the 'new' allocator function has stopped performing 'reset' as a side effect; now it _just_ does the administrative stuff (allocation, setting up vtables), and returns an object which isn't yet ready to receive any actual data, expecting that the caller will either reset it or copy another hash state into it. In particular, that means that the SHA-384 / SHA-512 pair no longer need separate 'new' methods, because only the 'reset' part has to change between them. This commit makes no change to the user-facing API of wrapper functions in ssh.h, except to add new functions which nothing yet calls. The user-facing ssh_hash_new() calls the new and reset methods in succession, and the copy and final methods still exist to do new+copy and digest+free.
2019-12-15 09:30:10 +00:00
static void md5_copyfrom(ssh_hash *hcopy, ssh_hash *horig)
{
struct md5_hash *copy = container_of(hcopy, struct md5_hash, hash);
struct md5_hash *orig = container_of(horig, struct md5_hash, hash);
Make lots more algorithm structures globally visible. Previously, lots of individual ssh2_cipheralg structures were declared static, and only available to the rest of the code via a smaller number of 'ssh2_ciphers' objects that wrapped them into lists. But I'm going to want to access individual ciphers directly in the testing system I'm currently working on, so I'm giving all those objects external linkage and declaring them in ssh.h. Also, I've made up an entirely new one, namely exposing MD5 as an instance of the general ssh_hashalg abstraction, which it has no need to be for the purposes of actually using it in SSH. But, again, this will let me treat it the same as all the other hashes in the test system. No functional change, for the moment.
2018-12-31 13:55:46 +00:00
Refactor the ssh_hash vtable. (NFC) The idea is to arrange that an ssh_hash object can be reused without having to free it and allocate a new one. So the 'final' method has been replaced with 'digest', which does everything except the trailing free; and there's also a new pair of methods 'reset' and 'copyfrom' which overwrite the state of a hash with either the starting state or a copy of another state. Meanwhile, the 'new' allocator function has stopped performing 'reset' as a side effect; now it _just_ does the administrative stuff (allocation, setting up vtables), and returns an object which isn't yet ready to receive any actual data, expecting that the caller will either reset it or copy another hash state into it. In particular, that means that the SHA-384 / SHA-512 pair no longer need separate 'new' methods, because only the 'reset' part has to change between them. This commit makes no change to the user-facing API of wrapper functions in ssh.h, except to add new functions which nothing yet calls. The user-facing ssh_hash_new() calls the new and reset methods in succession, and the copy and final methods still exist to do new+copy and digest+free.
2019-12-15 09:30:10 +00:00
copy->state = orig->state;
BinarySink_COPIED(&copy->state);
Make lots more algorithm structures globally visible. Previously, lots of individual ssh2_cipheralg structures were declared static, and only available to the rest of the code via a smaller number of 'ssh2_ciphers' objects that wrapped them into lists. But I'm going to want to access individual ciphers directly in the testing system I'm currently working on, so I'm giving all those objects external linkage and declaring them in ssh.h. Also, I've made up an entirely new one, namely exposing MD5 as an instance of the general ssh_hashalg abstraction, which it has no need to be for the purposes of actually using it in SSH. But, again, this will let me treat it the same as all the other hashes in the test system. No functional change, for the moment.
2018-12-31 13:55:46 +00:00
}
static void md5_free(ssh_hash *hash)
{
struct md5_hash *h = container_of(hash, struct md5_hash, hash);
smemclr(h, sizeof(*h));
sfree(h);
}
Refactor the ssh_hash vtable. (NFC) The idea is to arrange that an ssh_hash object can be reused without having to free it and allocate a new one. So the 'final' method has been replaced with 'digest', which does everything except the trailing free; and there's also a new pair of methods 'reset' and 'copyfrom' which overwrite the state of a hash with either the starting state or a copy of another state. Meanwhile, the 'new' allocator function has stopped performing 'reset' as a side effect; now it _just_ does the administrative stuff (allocation, setting up vtables), and returns an object which isn't yet ready to receive any actual data, expecting that the caller will either reset it or copy another hash state into it. In particular, that means that the SHA-384 / SHA-512 pair no longer need separate 'new' methods, because only the 'reset' part has to change between them. This commit makes no change to the user-facing API of wrapper functions in ssh.h, except to add new functions which nothing yet calls. The user-facing ssh_hash_new() calls the new and reset methods in succession, and the copy and final methods still exist to do new+copy and digest+free.
2019-12-15 09:30:10 +00:00
static void md5_digest(ssh_hash *hash, unsigned char *output)
Make lots more algorithm structures globally visible. Previously, lots of individual ssh2_cipheralg structures were declared static, and only available to the rest of the code via a smaller number of 'ssh2_ciphers' objects that wrapped them into lists. But I'm going to want to access individual ciphers directly in the testing system I'm currently working on, so I'm giving all those objects external linkage and declaring them in ssh.h. Also, I've made up an entirely new one, namely exposing MD5 as an instance of the general ssh_hashalg abstraction, which it has no need to be for the purposes of actually using it in SSH. But, again, this will let me treat it the same as all the other hashes in the test system. No functional change, for the moment.
2018-12-31 13:55:46 +00:00
{
struct md5_hash *h = container_of(hash, struct md5_hash, hash);
MD5Final(output, &h->state);
}
Remove a lot of pointless 'struct' keywords. This is the commit that f3295e0fb _should_ have been. Yesterday I just added some typedefs so that I didn't have to wear out my fingers typing 'struct' in new code, but what I ought to have done is to move all the typedefs into defs.h with the rest, and then go through cleaning up the legacy 'struct's all through the existing code. But I was mostly trying to concentrate on getting the test suite finished, so I just did the minimum. Now it's time to come back and do it better.
2019-01-04 06:51:44 +00:00
const ssh_hashalg ssh_md5 = {
Change vtable defs to use C99 designated initialisers. This is a sweeping change applied across the whole code base by a spot of Emacs Lisp. Now, everywhere I declare a vtable filled with function pointers (and the occasional const data member), all the members of the vtable structure are initialised by name using the '.fieldname = value' syntax introduced in C99. We were already using this syntax for a handful of things in the new key-generation progress report system, so it's not new to the code base as a whole. The advantage is that now, when a vtable only declares a subset of the available fields, I can initialise the rest to NULL or zero just by leaving them out. This is most dramatic in a couple of the outlying vtables in things like psocks (which has a ConnectionLayerVtable containing only one non-NULL method), but less dramatically, it means that the new 'flags' field in BackendVtable can be completely left out of every backend definition except for the SUPDUP one which defines it to a nonzero value. Similarly, the test_for_upstream method only used by SSH doesn't have to be mentioned in the rest of the backends; network Plugs for listening sockets don't have to explicitly null out 'receive' and 'sent', and vice versa for 'accepting', and so on. While I'm at it, I've normalised the declarations so they don't use the unnecessarily verbose 'struct' keyword. Also a handful of them weren't const; now they are.
2020-03-10 21:06:29 +00:00
.new = md5_new,
.reset = md5_reset,
.copyfrom = md5_copyfrom,
.digest = md5_digest,
.free = md5_free,
.hlen = 16,
.blocklen = 64,
HASHALG_NAMES_BARE("MD5"),
Make lots more algorithm structures globally visible. Previously, lots of individual ssh2_cipheralg structures were declared static, and only available to the rest of the code via a smaller number of 'ssh2_ciphers' objects that wrapped them into lists. But I'm going to want to access individual ciphers directly in the testing system I'm currently working on, so I'm giving all those objects external linkage and declaring them in ssh.h. Also, I've made up an entirely new one, namely exposing MD5 as an instance of the general ssh_hashalg abstraction, which it has no need to be for the purposes of actually using it in SSH. But, again, this will let me treat it the same as all the other hashes in the test system. No functional change, for the moment.
2018-12-31 13:55:46 +00:00
};
Reference in New Issue Copy Permalink