From nobody Fri Oct 31 16:01:17 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1748611172; cv=none; d=zohomail.com; s=zohoarc; b=X0X5gx/MN62rAnHV2/iC57OSHs952imSezme2LSCvNHDTsHYs9Zs8MRYZkAkwCKzYrc6DjeGzOu21UonMOw/cH4/QNU5/BpsMDqxxOpE7xWkSHszH7xvdDaTwV3jaiuhjQ8Osjsw2kXHFcMSBqQAixeVJO2YdsMM3oK6hccEuGE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1748611172; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=K3Dew7MrO0ilxuikP+BcmF7QZioZCbjXXYgwGcnqPdk=; b=RINvTTTdMhsAkQt1KMtGChUvxj8bWVhv8bKjvJ//eb9OxhgxVH1CJGnR3pb/UuFfErAJvTpuOOObW8o7Ap6B0QeCSWE64pgt+UbxdaMJ+5UFLVS9BjFXGp09+LSic33LNuC7prcEv4U43j8YW8oq1o/QjvDHP16cUJJk6Bnq4vM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 174861117261775.7052626556848; Fri, 30 May 2025 06:19:32 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.1000951.1381186 (Exim 4.92) (envelope-from ) id 1uKzdo-0003cu-BB; Fri, 30 May 2025 13:19:20 +0000 Received: by outflank-mailman (output) from mailman id 1000951.1381186; Fri, 30 May 2025 13:19:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1uKzdo-0003cn-7d; Fri, 30 May 2025 13:19:20 +0000 Received: by outflank-mailman (input) for mailman id 1000951; Fri, 30 May 2025 13:19:19 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1uKzdn-0003ZU-26 for xen-devel@lists.xenproject.org; Fri, 30 May 2025 13:19:19 +0000 Received: from 10.mo582.mail-out.ovh.net (10.mo582.mail-out.ovh.net [87.98.157.236]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id a4170f4e-3d58-11f0-b894-0df219b8e170; Fri, 30 May 2025 15:18:56 +0200 (CEST) Received: from director8.ghost.mail-out.ovh.net (unknown [10.109.140.35]) by mo582.mail-out.ovh.net (Postfix) with ESMTP id 4b83jD4Vjdz1SmT for ; Fri, 30 May 2025 13:18:56 +0000 (UTC) Received: from ghost-submission-5b5ff79f4f-9nq6m (unknown [10.108.42.28]) by director8.ghost.mail-out.ovh.net (Postfix) with ESMTPS id 66338C0276; Fri, 30 May 2025 13:18:55 +0000 (UTC) Received: from 3mdeb.com ([37.59.142.110]) by ghost-submission-5b5ff79f4f-9nq6m with ESMTPSA id w09eBz+wOWgo8QAAj53byA (envelope-from ); Fri, 30 May 2025 13:18:55 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: a4170f4e-3d58-11f0-b894-0df219b8e170 Authentication-Results: garm.ovh; auth=pass (GARM-110S004e213af52-45b3-49a3-b1b6-7b97c322dceb, A4E380CC922F0B59227EC5DCC46884561651840B) smtp.auth=sergii.dmytruk@3mdeb.com X-OVh-ClientIp: 176.111.184.221 From: Sergii Dmytruk To: xen-devel@lists.xenproject.org Cc: Andrew Cooper , Anthony PERARD , Michal Orzel , Jan Beulich , Julien Grall , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Stefano Stabellini , trenchboot-devel@googlegroups.com Subject: [PATCH v3 09/22] xen/lib: add implementation of SHA-1 Date: Fri, 30 May 2025 16:17:51 +0300 Message-ID: X-Mailer: git-send-email 2.49.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Ovh-Tracer-Id: 12700150950728086684 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -110 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeeffedrtddtgddvleduudculddtuddrgeefvddrtddtmdcutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenfghrlhcuvffnffculddquddtmdenucfjughrpefhvfevufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpefuvghrghhiihcuffhmhihtrhhukhcuoehsvghrghhiihdrughmhihtrhhukhesfehmuggvsgdrtghomheqnecuggftrfgrthhtvghrnhepvedvgfeukeehhfevuddvheetudekkefggfeiveehvefhgfehgfffhffgvefhudejnecuffhomhgrihhnpehgihhthhhusgdrtghomhdpnhhishhtrdhgohhvnecukfhppeduvdejrddtrddtrddupddujeeirdduuddurddukeegrddvvddupdefjedrheelrddugedvrdduuddtnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehinhgvthepuddvjedrtddrtddruddpmhgrihhlfhhrohhmpehsvghrghhiihdrughmhihtrhhukhesfehmuggvsgdrtghomhdpnhgspghrtghpthhtohepuddprhgtphhtthhopeigvghnqdguvghvvghlsehlihhsthhsrdigvghnphhrohhjvggtthdrohhrghdpoffvtefjohhsthepmhhoheekvdgmpdhmohguvgepshhmthhpohhuth DKIM-Signature: a=rsa-sha256; bh=K3Dew7MrO0ilxuikP+BcmF7QZioZCbjXXYgwGcnqPdk=; c=relaxed/relaxed; d=3mdeb.com; h=From; s=ovhmo3617313-selector1; t=1748611136; v=1; b=PdZw+hQFIYx7PC+k/ctBqeINiD2mnpzbA1VGm6XEnnkFD1DSWdx+OLK7cPak4cye9xCHjy6V +6XvolUAOl1tfjKtITbQ2b3cfdvd9AnrfqF33F9jLU0tIbi6h3Rk4GhgD6fm0fp7/JTyp+/2HfR PCRXJPFAda9x0wOGO9NbWogP6WhKUep0f6FClfzLLizSiE0ymMy61DOFpdQXsR/zN/K7sg2aJec o3ZKpREmvB51N3TfXQLA0AiF6LZWc4f2wCUYd6lFYGhABQQ9y3FwnlbL51oeIDHy9Rc43FMPc1n GAAvjH9rHZYB0o92fMSWA5duwB7oPMbDAckHVz/RXnZXg== X-ZohoMail-DKIM: pass (identity @3mdeb.com) X-ZM-MESSAGEID: 1748611173995116600 Content-Type: text/plain; charset="utf-8" From: Krystian Hebel The code comes from [1] and is licensed under GPL-2.0 license. The initial version was a combination of: - include/crypto/sha1.h - include/crypto/sha1_base.h - lib/crypto/sha1.c - crypto/sha1_generic.c Changes: - includes, formatting, naming - renames and splicing of some trivial functions that are called once - dropping of `int` return values (only zero was ever returned) - getting rid of references to `struct shash_desc` - getting rid of macros - getting rid of unnecessary function pointers - removing workaround for some old version of GCC [1]: https://github.com/torvalds/linux/tree/afdab700f65e14070d8ab92175544b1= c62b8bf03 Signed-off-by: Krystian Hebel Signed-off-by: Sergii Dmytruk Acked-by: Jan Beulich --- xen/include/xen/sha1.h | 14 +++ xen/lib/Makefile | 1 + xen/lib/sha1.c | 190 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 205 insertions(+) create mode 100644 xen/include/xen/sha1.h create mode 100644 xen/lib/sha1.c diff --git a/xen/include/xen/sha1.h b/xen/include/xen/sha1.h new file mode 100644 index 0000000000..909ca25a50 --- /dev/null +++ b/xen/include/xen/sha1.h @@ -0,0 +1,14 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * SHA1: https://csrc.nist.gov/pubs/fips/180-4/upd1/final + */ +#ifndef XEN_SHA1_H +#define XEN_SHA1_H + +#include + +#define SHA1_DIGEST_SIZE 20 + +void sha1_hash(uint8_t digest[SHA1_DIGEST_SIZE], const void *msg, size_t l= en); + +#endif /* XEN_SHA1_H */ diff --git a/xen/lib/Makefile b/xen/lib/Makefile index 5ccb1e5241..fd4b9ece63 100644 --- a/xen/lib/Makefile +++ b/xen/lib/Makefile @@ -17,6 +17,7 @@ lib-y +=3D memset.o lib-y +=3D muldiv64.o lib-y +=3D parse-size.o lib-y +=3D rbtree.o +lib-$(CONFIG_X86) +=3D sha1.o lib-$(CONFIG_X86) +=3D sha2-256.o lib-y +=3D sort.o lib-y +=3D strcasecmp.o diff --git a/xen/lib/sha1.c b/xen/lib/sha1.c new file mode 100644 index 0000000000..c25f0b9309 --- /dev/null +++ b/xen/lib/sha1.c @@ -0,0 +1,190 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * SHA1 routine optimized to do word accesses rather than byte accesses, + * and to avoid unnecessary copies into the context array. + * + * This was based on the git SHA1 implementation. + */ + +#include +#include +#include +#include +#include + +#define SHA1_BLOCK_SIZE 64 +#define SHA1_WORKSPACE_WORDS 16 +#define SHA1_WORKSPACE_MASK (SHA1_WORKSPACE_WORDS - 1) + +struct sha1_state { + uint64_t count; + uint32_t state[SHA1_DIGEST_SIZE / 4]; + uint8_t buffer[SHA1_BLOCK_SIZE]; +}; + +/* This "rolls" over the 512-bit array named w */ +#define W(i) w[(i) & SHA1_WORKSPACE_MASK] + +static uint32_t blend(const uint32_t w[SHA1_WORKSPACE_WORDS], size_t i) +{ + return rol32(W(i + 13) ^ W(i + 8) ^ W(i + 2) ^ W(i), 1); +} + +/** + * sha1_transform - single block SHA1 transform + * + * @digest: 160 bit digest to update + * @data: 512 bits of data to hash + * + * This function executes SHA-1's internal compression function. It updat= es the + * 160-bit internal state (@digest) with a single 512-bit data block (@dat= a). + */ +static void sha1_transform(uint32_t *digest, const uint8_t *data) +{ + uint32_t a, b, c, d, e, t; + uint32_t w[SHA1_WORKSPACE_WORDS]; + unsigned int i =3D 0; + + a =3D digest[0]; + b =3D digest[1]; + c =3D digest[2]; + d =3D digest[3]; + e =3D digest[4]; + + /* Round 1 - iterations 0-16 take their input from 'data' */ + for ( ; i < 16; ++i ) + { + t =3D get_unaligned_be32((uint32_t *)data + i); + W(i) =3D t; + e +=3D t + rol32(a, 5) + (((c ^ d) & b) ^ d) + 0x5a827999U; + b =3D ror32(b, 2); + t =3D e; e =3D d; d =3D c; c =3D b; b =3D a; a =3D t; + } + + /* Round 1 - tail. Input from 512-bit mixing array */ + for ( ; i < 20; ++i ) + { + t =3D blend(w, i); + W(i) =3D t; + e +=3D t + rol32(a, 5) + (((c ^ d) & b) ^ d) + 0x5a827999U; + b =3D ror32(b, 2); + t =3D e; e =3D d; d =3D c; c =3D b; b =3D a; a =3D t; + } + + /* Round 2 */ + for ( ; i < 40; ++i ) + { + t =3D blend(w, i); + W(i) =3D t; + e +=3D t + rol32(a, 5) + (b ^ c ^ d) + 0x6ed9eba1U; + b =3D ror32(b, 2); + t =3D e; e =3D d; d =3D c; c =3D b; b =3D a; a =3D t; + } + + /* Round 3 */ + for ( ; i < 60; ++i ) + { + t =3D blend(w, i); + W(i) =3D t; + e +=3D t + rol32(a, 5) + ((b & c) + (d & (b ^ c))) + 0x8f1bbcdcU; + b =3D ror32(b, 2); + t =3D e; e =3D d; d =3D c; c =3D b; b =3D a; a =3D t; + } + + /* Round 4 */ + for ( ; i < 80; ++i ) + { + t =3D blend(w, i); + W(i) =3D t; + e +=3D t + rol32(a, 5) + (b ^ c ^ d) + 0xca62c1d6U; + b =3D ror32(b, 2); + t =3D e; e =3D d; d =3D c; c =3D b; b =3D a; a =3D t; + } + + digest[0] +=3D a; + digest[1] +=3D b; + digest[2] +=3D c; + digest[3] +=3D d; + digest[4] +=3D e; +} + +static void sha1_init(struct sha1_state *sctx) +{ + sctx->state[0] =3D 0x67452301UL; + sctx->state[1] =3D 0xefcdab89UL; + sctx->state[2] =3D 0x98badcfeUL; + sctx->state[3] =3D 0x10325476UL; + sctx->state[4] =3D 0xc3d2e1f0UL; + sctx->count =3D 0; +} + +static void sha1_update(struct sha1_state *sctx, const uint8_t *msg, size_= t len) +{ + unsigned int partial =3D sctx->count % SHA1_BLOCK_SIZE; + + sctx->count +=3D len; + + if ( (partial + len) >=3D SHA1_BLOCK_SIZE ) + { + if ( partial ) + { + unsigned int rem =3D SHA1_BLOCK_SIZE - partial; + + /* Fill the partial block. */ + memcpy(sctx->buffer + partial, msg, rem); + msg +=3D rem; + len -=3D rem; + + sha1_transform(sctx->state, sctx->buffer); + } + + for ( ; len >=3D SHA1_BLOCK_SIZE; len -=3D SHA1_BLOCK_SIZE ) + { + sha1_transform(sctx->state, msg); + msg +=3D SHA1_BLOCK_SIZE; + } + partial =3D 0; + } + + /* Remaining data becomes partial. */ + memcpy(sctx->buffer + partial, msg, len); +} + +static void sha1_final(struct sha1_state *sctx, uint8_t out[SHA1_DIGEST_SI= ZE]) +{ + const int bit_offset =3D SHA1_BLOCK_SIZE - sizeof(__be64); + unsigned int partial =3D sctx->count % SHA1_BLOCK_SIZE; + + __be32 *digest =3D (__be32 *)out; + unsigned int i; + + /* Start padding */ + sctx->buffer[partial++] =3D 0x80; + + if ( partial > bit_offset ) + { + /* Need one extra block, so properly pad this one with zeroes */ + memset(sctx->buffer + partial, 0x0, SHA1_BLOCK_SIZE - partial); + sha1_transform(sctx->state, sctx->buffer); + partial =3D 0; + } + /* Pad up to the location of the bit count */ + memset(sctx->buffer + partial, 0x0, bit_offset - partial); + + /* Append the bit count */ + put_unaligned_be64(sctx->count << 3, &sctx->buffer[bit_offset]); + sha1_transform(sctx->state, sctx->buffer); + + /* Store state in digest */ + for ( i =3D 0; i < SHA1_DIGEST_SIZE / sizeof(__be32); i++ ) + put_unaligned_be32(sctx->state[i], &digest[i]); +} + +void sha1_hash(uint8_t digest[SHA1_DIGEST_SIZE], const void *msg, size_t l= en) +{ + struct sha1_state sctx; + + sha1_init(&sctx); + sha1_update(&sctx, msg, len); + sha1_final(&sctx, digest); +} --=20 2.49.0