sha256: Move 'bytes' to the end of sha256_ctx and make it a size_t

The code already assigns to/from bytes as a size_t, so make it
official (and better on platforms with a 32 bit size_t).

Moving bytes makes it act as a canary in the event that there is a rogue
write/off by one somewhere - since it ends up in the hash we are
more likely to detect this should we corrupt it. This also makes the
working buffer better aligned which can't hurt.

Also, initialise the buffer to zero while we are changing the initialisation
macro anyway. It costs little compared to the hashing overhead, should be
optimised away if redundant in most cases, and it removes a warning from both
gcc and clang about unititialised struct members.

Signed-off-by: Jon Griffiths <jon_p_griffiths@yahoo.com>

diff --git a/ccan/crypto/sha256/sha256.c b/ccan/crypto/sha256/sha256.c
index 5c48ed07475f94d83f9ff84fd07da9b6a9555ea8..3307e0b76a4b5929de476310f5ae3e71cdfd2ded 100644 (file)
--- a/ccan/crypto/sha256/sha256.c
+++ b/ccan/crypto/sha256/sha256.c
@@ -18,7 +18,7 @@ static void invalidate_sha256(struct sha256_ctx *ctx)
 #ifdef CCAN_CRYPTO_SHA256_USE_OPENSSL
        ctx->c.md_len = 0;
 #else
-       ctx->bytes = -1ULL;
+       ctx->bytes = (size_t)-1;
 #endif
 }
 
@@ -27,7 +27,7 @@ static void check_sha256(struct sha256_ctx *ctx UNUSED)
 #ifdef CCAN_CRYPTO_SHA256_USE_OPENSSL
        assert(ctx->c.md_len != 0);
 #else
-       assert(ctx->bytes != -1ULL);
+       assert(ctx->bytes != (size_t)-1);
 #endif
 }
 
@@ -229,7 +229,7 @@ void sha256_done(struct sha256_ctx *ctx, struct sha256 *res)
        uint64_t sizedesc;
        size_t i;
 
-       sizedesc = cpu_to_be64(ctx->bytes << 3);
+       sizedesc = cpu_to_be64((uint64_t)ctx->bytes << 3);
        /* Add '1' bit to terminate, then all 0 bits, up to next block - 8. */
        add(ctx, pad, 1 + ((119 - (ctx->bytes % 64)) % 64));
        /* Add number of bits of data (big endian) */

diff --git a/ccan/crypto/sha256/sha256.h b/ccan/crypto/sha256/sha256.h
index 1297c41f48f0fabbc9bfda41c9dd93627e0c1858..fc5af21b8b9628065e6318e4ae09e32abccc53b7 100644 (file)
--- a/ccan/crypto/sha256/sha256.h
+++ b/ccan/crypto/sha256/sha256.h
@@ -45,11 +45,11 @@ struct sha256_ctx {
        SHA256_CTX c;
 #else
        uint32_t s[8];
-       uint64_t bytes;
        union {
                uint32_t u32[16];
                unsigned char u8[64];
        } buf;
+       size_t bytes;
 #endif
 };
 
@@ -104,7 +104,8 @@ void sha256_init(struct sha256_ctx *ctx);
 #else
 #define SHA256_INIT                                                    \
        { { 0x6a09e667ul, 0xbb67ae85ul, 0x3c6ef372ul, 0xa54ff53aul,     \
-           0x510e527ful, 0x9b05688cul, 0x1f83d9abul, 0x5be0cd19ul }, 0 }
+           0x510e527ful, 0x9b05688cul, 0x1f83d9abul, 0x5be0cd19ul },   \
+         { { 0 } }, 0 }
 #endif
 
 /**

diff --git a/ccan/crypto/sha256/test/run-33-bit-test.c b/ccan/crypto/sha256/test/run-33-bit-test.c
index bde91e1c811a843797758d604d8f63f7995f7dbf..ea574b4f6221a9c96378f8c49ccbbe0ead0c4f7e 100644 (file)
--- a/ccan/crypto/sha256/test/run-33-bit-test.c
+++ b/ccan/crypto/sha256/test/run-33-bit-test.c
@@ -30,9 +30,9 @@ static const struct sha256_ctx after_16M_by_64 = {
          LE32_TO_CPU(0xd407a8fc), LE32_TO_CPU(0x1fad409b),
          LE32_TO_CPU(0x51fa46cc), LE32_TO_CPU(0xea528ae5),
          LE32_TO_CPU(0x5fa58ebb), LE32_TO_CPU(0x8be97931) },
-       1073741824,
        { .u32 = { 0x64636261, 0x68676665, 0x65646362, 0x69686766,
-                  0x66656463, 0x6a696867, 0x67666564, 0x6b6a6968 } }
+                  0x66656463, 0x6a696867, 0x67666564, 0x6b6a6968 } },
+       1073741824
 #endif
 };