| Message ID | 682e4c2cc3581c72262ea6a9b488a246fc6fde28.1725206584.git.me@ttaylorr.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | hash.h: support choosing a separate SHA-1 for non-cryptographic uses | expand |
On Sun, Sep 01, 2024 at 12:03:28PM -0400, Taylor Blau wrote: > diff --git a/Makefile b/Makefile > index e298c8b55ec..d24f9088802 100644 > @@ -1982,6 +1986,27 @@ endif > endif > endif > > +ifdef OPENSSL_SHA1_FAST > +ifndef OPENSSL_SHA1 > + EXTLIBS += $(LIB_4_CRYPTO) > + BASIC_CFLAGS += -DSHA1_OPENSSL_FAST > +endif > +else > +ifdef BLK_SHA1_FAST > +ifndef BLK_SHA1 > + LIB_OBJS += block-sha1/sha1.o > + BASIC_CFLAGS += -DSHA1_BLK_FAST > +endif > +else > +ifdef APPLE_COMMON_CRYPTO_SHA1_FAST > +ifndef APPLE_COMMON_CRYPTO_SHA1 > + COMPAT_CFLAGS += -DCOMMON_DIGEST_FOR_OPENSSL > + BASIC_CFLAGS += -DSHA1_APPLE_FAST > +endif > +endif > +endif > +endif > + What a cascade of `endif`s :) Do we also want to wire up support in config.mak.uname such that the fast variants are default-enabled? Or is there a good reason to not do that? > diff --git a/hash.h b/hash.h > index f255e5c1e8a..450e579b405 100644 > --- a/hash.h > +++ b/hash.h > @@ -15,6 +15,31 @@ > #include "block-sha1/sha1.h" > #endif > > +#if defined(SHA1_APPLE_FAST) > +#include <CommonCrypto/CommonDigest.h> > +#define platform_SHA_CTX_fast CC_SHA1_CTX > +#define platform_SHA1_Init_fast CC_SHA1_Init > +#define platform_SHA1_Update_fast CC_SHA1_Update > +#define platform_SHA1_Final_fast CC_SHA1_Final > +#elif defined(SHA1_OPENSSL_FAST) > +# include <openssl/sha.h> > +# if defined(OPENSSL_API_LEVEL) && OPENSSL_API_LEVEL >= 3 > +# define SHA1_NEEDS_CLONE_HELPER_FAST > +# include "sha1/openssl.h" > +# endif > +# define platform_SHA_CTX_fast openssl_SHA1_CTX > +# define platform_SHA1_Init_fast openssl_SHA1_Init > +# define platform_SHA1_Clone_fast openssl_SHA1_Clone > +# define platform_SHA1_Update_fast openssl_SHA1_Update > +# define platform_SHA1_Final_fast openssl_SHA1_Final > +#elif defined(SHA1_BLK_FAST) > +#include "block-sha1/sha1.h" > +#define platform_SHA_CTX_fast blk_SHA_CTX > +#define platform_SHA1_Init_fast blk_SHA1_Init > +#define platform_SHA1_Update_fast blk_SHA1_Update > +#define platform_SHA1_Final_fast blk_SHA1_Final > +#endif > + > #if defined(SHA256_NETTLE) > #include "sha256/nettle.h" > #elif defined(SHA256_GCRYPT) Curiously, some of the nested statements here are indented whereas others aren't. We should aim to make that consistent. Patrick
On Mon, Sep 02, 2024 at 03:41:28PM +0200, Patrick Steinhardt wrote: > > +endif > > +endif > > +endif > > +endif > > + > > What a cascade of `endif`s :) Heh, indeed. These are copy/pasted from the hunk below this one, so nothing new here. > Do we also want to wire up support in config.mak.uname such that the > fast variants are default-enabled? Or is there a good reason to not do > that? I thought that I might consider doing that in a separate series, if at all. I would like have users opt-in to the new behavior rather than imposing any change on them in this series. > > diff --git a/hash.h b/hash.h > > index f255e5c1e8a..450e579b405 100644 > > --- a/hash.h > > +++ b/hash.h > > @@ -15,6 +15,31 @@ > > #include "block-sha1/sha1.h" > > #endif > > > > +#if defined(SHA1_APPLE_FAST) > > +#include <CommonCrypto/CommonDigest.h> > > +#define platform_SHA_CTX_fast CC_SHA1_CTX > > +#define platform_SHA1_Init_fast CC_SHA1_Init > > +#define platform_SHA1_Update_fast CC_SHA1_Update > > +#define platform_SHA1_Final_fast CC_SHA1_Final > > +#elif defined(SHA1_OPENSSL_FAST) > > +# include <openssl/sha.h> > > +# if defined(OPENSSL_API_LEVEL) && OPENSSL_API_LEVEL >= 3 > > +# define SHA1_NEEDS_CLONE_HELPER_FAST > > +# include "sha1/openssl.h" > > +# endif > > +# define platform_SHA_CTX_fast openssl_SHA1_CTX > > +# define platform_SHA1_Init_fast openssl_SHA1_Init > > +# define platform_SHA1_Clone_fast openssl_SHA1_Clone > > +# define platform_SHA1_Update_fast openssl_SHA1_Update > > +# define platform_SHA1_Final_fast openssl_SHA1_Final > > +#elif defined(SHA1_BLK_FAST) > > +#include "block-sha1/sha1.h" > > +#define platform_SHA_CTX_fast blk_SHA_CTX > > +#define platform_SHA1_Init_fast blk_SHA1_Init > > +#define platform_SHA1_Update_fast blk_SHA1_Update > > +#define platform_SHA1_Final_fast blk_SHA1_Final > > +#endif > > + > > #if defined(SHA256_NETTLE) > > #include "sha256/nettle.h" > > #elif defined(SHA256_GCRYPT) > > Curiously, some of the nested statements here are indented whereas > others aren't. We should aim to make that consistent. Sure, this one was also copy/pasted from the block above, but I'll adjust the new one accordingly. Thanks, Taylor
diff --git a/Makefile b/Makefile index e298c8b55ec..d24f9088802 100644 --- a/Makefile +++ b/Makefile @@ -517,6 +517,10 @@ include shared.mak # Define APPLE_COMMON_CRYPTO_SHA1 to use Apple's CommonCrypto for # SHA-1. # +# Define the same Makefile knobs as above, but suffixed with _FAST to +# use the corresponding implementations for "fast" SHA-1 hashing for +# non-cryptographic purposes. +# # If don't enable any of the *_SHA1 settings in this section, Git will # default to its built-in sha1collisiondetection library, which is a # collision-detecting sha1 This is slower, but may detect attempted @@ -1982,6 +1986,27 @@ endif endif endif +ifdef OPENSSL_SHA1_FAST +ifndef OPENSSL_SHA1 + EXTLIBS += $(LIB_4_CRYPTO) + BASIC_CFLAGS += -DSHA1_OPENSSL_FAST +endif +else +ifdef BLK_SHA1_FAST +ifndef BLK_SHA1 + LIB_OBJS += block-sha1/sha1.o + BASIC_CFLAGS += -DSHA1_BLK_FAST +endif +else +ifdef APPLE_COMMON_CRYPTO_SHA1_FAST +ifndef APPLE_COMMON_CRYPTO_SHA1 + COMPAT_CFLAGS += -DCOMMON_DIGEST_FOR_OPENSSL + BASIC_CFLAGS += -DSHA1_APPLE_FAST +endif +endif +endif +endif + ifdef OPENSSL_SHA256 EXTLIBS += $(LIB_4_CRYPTO) BASIC_CFLAGS += -DSHA256_OPENSSL diff --git a/hash.h b/hash.h index f255e5c1e8a..450e579b405 100644 --- a/hash.h +++ b/hash.h @@ -15,6 +15,31 @@ #include "block-sha1/sha1.h" #endif +#if defined(SHA1_APPLE_FAST) +#include <CommonCrypto/CommonDigest.h> +#define platform_SHA_CTX_fast CC_SHA1_CTX +#define platform_SHA1_Init_fast CC_SHA1_Init +#define platform_SHA1_Update_fast CC_SHA1_Update +#define platform_SHA1_Final_fast CC_SHA1_Final +#elif defined(SHA1_OPENSSL_FAST) +# include <openssl/sha.h> +# if defined(OPENSSL_API_LEVEL) && OPENSSL_API_LEVEL >= 3 +# define SHA1_NEEDS_CLONE_HELPER_FAST +# include "sha1/openssl.h" +# endif +# define platform_SHA_CTX_fast openssl_SHA1_CTX +# define platform_SHA1_Init_fast openssl_SHA1_Init +# define platform_SHA1_Clone_fast openssl_SHA1_Clone +# define platform_SHA1_Update_fast openssl_SHA1_Update +# define platform_SHA1_Final_fast openssl_SHA1_Final +#elif defined(SHA1_BLK_FAST) +#include "block-sha1/sha1.h" +#define platform_SHA_CTX_fast blk_SHA_CTX +#define platform_SHA1_Init_fast blk_SHA1_Init +#define platform_SHA1_Update_fast blk_SHA1_Update +#define platform_SHA1_Final_fast blk_SHA1_Final +#endif + #if defined(SHA256_NETTLE) #include "sha256/nettle.h" #elif defined(SHA256_GCRYPT)
Introduce _FAST variants of the OPENSSL_SHA1, BLK_SHA1, and APPLE_COMMON_CRYPTO_SHA1 compile-time knobs which indicate which SHA-1 implementation is to be used for non-cryptographic uses. There are a couple of small implementation notes worth mentioning: - There is no way to select the collision detecting SHA-1 as the "fast" fallback, since the fast fallback is only for non-cryptographic uses, and is meant to be faster than our collision-detecting implementation. - There are no similar knobs for SHA-256, since no collision attacks are presently known and thus no collision-detecting implementations actually exist. Signed-off-by: Taylor Blau <me@ttaylorr.com> --- Makefile | 25 +++++++++++++++++++++++++ hash.h | 25 +++++++++++++++++++++++++ 2 files changed, 50 insertions(+)