From: Jon Griffiths <jon_p_griffiths@yahoo.com>
Date: Tue, 22 Mar 2016 22:54:50 +0000 (+1300)
Subject: sha256: Move 'bytes' to the end of sha256_ctx and make it a size_t
X-Git-Url: http://git.ozlabs.org/?p=ccan;a=commitdiff_plain;h=fe21b246647e4694da5f76e0fd00e9a9f9e8c72e

sha256: Move 'bytes' to the end of sha256_ctx and make it a size_t

The code already assigns to/from bytes as a size_t, so make it
official (and better on platforms with a 32 bit size_t).

Moving bytes makes it act as a canary in the event that there is a rogue
write/off by one somewhere - since it ends up in the hash we are
more likely to detect this should we corrupt it. This also makes the
working buffer better aligned which can't hurt.

Also, initialise the buffer to zero while we are changing the initialisation
macro anyway. It costs little compared to the hashing overhead, should be
optimised away if redundant in most cases, and it removes a warning from both
gcc and clang about unititialised struct members.

Signed-off-by: Jon Griffiths <jon_p_griffiths@yahoo.com>
---

diff --git a/ccan/crypto/sha256/sha256.c b/ccan/crypto/sha256/sha256.c
index 5c48ed07..3307e0b7 100644
--- a/ccan/crypto/sha256/sha256.c
+++ b/ccan/crypto/sha256/sha256.c
@@ -18,7 +18,7 @@ static void invalidate_sha256(struct sha256_ctx *ctx)
 #ifdef CCAN_CRYPTO_SHA256_USE_OPENSSL
 	ctx->c.md_len = 0;
 #else
-	ctx->bytes = -1ULL;
+	ctx->bytes = (size_t)-1;
 #endif
 }
 
@@ -27,7 +27,7 @@ static void check_sha256(struct sha256_ctx *ctx UNUSED)
 #ifdef CCAN_CRYPTO_SHA256_USE_OPENSSL
 	assert(ctx->c.md_len != 0);
 #else
-	assert(ctx->bytes != -1ULL);
+	assert(ctx->bytes != (size_t)-1);
 #endif
 }
 
@@ -229,7 +229,7 @@ void sha256_done(struct sha256_ctx *ctx, struct sha256 *res)
 	uint64_t sizedesc;
 	size_t i;
 
-	sizedesc = cpu_to_be64(ctx->bytes << 3);
+	sizedesc = cpu_to_be64((uint64_t)ctx->bytes << 3);
 	/* Add '1' bit to terminate, then all 0 bits, up to next block - 8. */
 	add(ctx, pad, 1 + ((119 - (ctx->bytes % 64)) % 64));
 	/* Add number of bits of data (big endian) */
diff --git a/ccan/crypto/sha256/sha256.h b/ccan/crypto/sha256/sha256.h
index 1297c41f..fc5af21b 100644
--- a/ccan/crypto/sha256/sha256.h
+++ b/ccan/crypto/sha256/sha256.h
@@ -45,11 +45,11 @@ struct sha256_ctx {
 	SHA256_CTX c;
 #else
 	uint32_t s[8];
-	uint64_t bytes;
 	union {
 		uint32_t u32[16];
 		unsigned char u8[64];
 	} buf;
+	size_t bytes;
 #endif
 };
 
@@ -104,7 +104,8 @@ void sha256_init(struct sha256_ctx *ctx);
 #else
 #define SHA256_INIT							\
 	{ { 0x6a09e667ul, 0xbb67ae85ul, 0x3c6ef372ul, 0xa54ff53aul,	\
-	    0x510e527ful, 0x9b05688cul, 0x1f83d9abul, 0x5be0cd19ul }, 0 }
+	    0x510e527ful, 0x9b05688cul, 0x1f83d9abul, 0x5be0cd19ul },	\
+	  { { 0 } }, 0 }
 #endif
 
 /**
diff --git a/ccan/crypto/sha256/test/run-33-bit-test.c b/ccan/crypto/sha256/test/run-33-bit-test.c
index bde91e1c..ea574b4f 100644
--- a/ccan/crypto/sha256/test/run-33-bit-test.c
+++ b/ccan/crypto/sha256/test/run-33-bit-test.c
@@ -30,9 +30,9 @@ static const struct sha256_ctx after_16M_by_64 = {
 	  LE32_TO_CPU(0xd407a8fc), LE32_TO_CPU(0x1fad409b),
 	  LE32_TO_CPU(0x51fa46cc), LE32_TO_CPU(0xea528ae5),
 	  LE32_TO_CPU(0x5fa58ebb), LE32_TO_CPU(0x8be97931) },
-	1073741824,
 	{ .u32 = { 0x64636261, 0x68676665, 0x65646362, 0x69686766,
-		   0x66656463, 0x6a696867, 0x67666564, 0x6b6a6968 } }
+		   0x66656463, 0x6a696867, 0x67666564, 0x6b6a6968 } },
+	1073741824
 #endif
 };