VirtualBox

Ignore:
Timestamp:
Dec 6, 2023 11:25:04 AM (14 months ago)
Author:
vboxsync
Message:

IPRT/shacrypt: Reduce the code size a little. Document the not-base64'edness of the digit->char encoding. bugref:10551

Location:
trunk/src/VBox/Runtime/common/crypto
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/Runtime/common/crypto/shacrypt-tmpl.cpp.h

    r102495 r102500  
    264264    pszString[off++] = '$';
    265265
    266 #if TMPL_HASH_BITS == 512
    267     BASE64_ENCODE(pszString, off, pabHash[ 0], pabHash[21], pabHash[42], 4);
    268     BASE64_ENCODE(pszString, off, pabHash[22], pabHash[43], pabHash[ 1], 4);
    269     BASE64_ENCODE(pszString, off, pabHash[44], pabHash[ 2], pabHash[23], 4);
    270     BASE64_ENCODE(pszString, off, pabHash[ 3], pabHash[24], pabHash[45], 4);
    271     BASE64_ENCODE(pszString, off, pabHash[25], pabHash[46], pabHash[ 4], 4);
    272     BASE64_ENCODE(pszString, off, pabHash[47], pabHash[ 5], pabHash[26], 4);
    273     BASE64_ENCODE(pszString, off, pabHash[ 6], pabHash[27], pabHash[48], 4);
    274     BASE64_ENCODE(pszString, off, pabHash[28], pabHash[49], pabHash[ 7], 4);
    275     BASE64_ENCODE(pszString, off, pabHash[50], pabHash[ 8], pabHash[29], 4);
    276     BASE64_ENCODE(pszString, off, pabHash[ 9], pabHash[30], pabHash[51], 4);
    277     BASE64_ENCODE(pszString, off, pabHash[31], pabHash[52], pabHash[10], 4);
    278     BASE64_ENCODE(pszString, off, pabHash[53], pabHash[11], pabHash[32], 4);
    279     BASE64_ENCODE(pszString, off, pabHash[12], pabHash[33], pabHash[54], 4);
    280     BASE64_ENCODE(pszString, off, pabHash[34], pabHash[55], pabHash[13], 4);
    281     BASE64_ENCODE(pszString, off, pabHash[56], pabHash[14], pabHash[35], 4);
    282     BASE64_ENCODE(pszString, off, pabHash[15], pabHash[36], pabHash[57], 4);
    283     BASE64_ENCODE(pszString, off, pabHash[37], pabHash[58], pabHash[16], 4);
    284     BASE64_ENCODE(pszString, off, pabHash[59], pabHash[17], pabHash[38], 4);
    285     BASE64_ENCODE(pszString, off, pabHash[18], pabHash[39], pabHash[60], 4);
    286     BASE64_ENCODE(pszString, off, pabHash[40], pabHash[61], pabHash[19], 4);
    287     BASE64_ENCODE(pszString, off, pabHash[62], pabHash[20], pabHash[41], 4);
    288     BASE64_ENCODE(pszString, off,           0,           0, pabHash[63], 2);
    289 
    290 #elif TMPL_HASH_BITS == 256
    291     BASE64_ENCODE(pszString, off, pabHash[00], pabHash[10], pabHash[20], 4);
    292     BASE64_ENCODE(pszString, off, pabHash[21], pabHash[ 1], pabHash[11], 4);
    293     BASE64_ENCODE(pszString, off, pabHash[12], pabHash[22], pabHash[ 2], 4);
    294     BASE64_ENCODE(pszString, off, pabHash[ 3], pabHash[13], pabHash[23], 4);
    295     BASE64_ENCODE(pszString, off, pabHash[24], pabHash[ 4], pabHash[14], 4);
    296     BASE64_ENCODE(pszString, off, pabHash[15], pabHash[25], pabHash[ 5], 4);
    297     BASE64_ENCODE(pszString, off, pabHash[ 6], pabHash[16], pabHash[26], 4);
    298     BASE64_ENCODE(pszString, off, pabHash[27], pabHash[ 7], pabHash[17], 4);
    299     BASE64_ENCODE(pszString, off, pabHash[18], pabHash[28], pabHash[ 8], 4);
    300     BASE64_ENCODE(pszString, off, pabHash[ 9], pabHash[19], pabHash[29], 4);
    301     BASE64_ENCODE(pszString, off, 0,           pabHash[31], pabHash[30], 3);
    302 
    303 #else
    304 # error "TMPL_HASH_BITS"
    305 #endif
     266#ifdef SHACRYPT_MINIMAL
     267    /*
     268     * Use a table for the shuffling of the digest bytes and work it in a loop.
     269     */
     270    static uint8_t const s_abMapping[] =
     271    {
     272# if TMPL_HASH_BITS == 512
     273        42, 21,  0,
     274         1, 43, 22,
     275        23,  2, 44,
     276        45, 24,  3,
     277         4, 46, 25,
     278        26,  5, 47,
     279        48, 27,  6,
     280         7, 49, 28,
     281        29,  8, 50,
     282        51, 30,  9,
     283        10, 52, 31,
     284        32, 11, 53,
     285        54, 33, 12,
     286        13, 55, 34,
     287        35, 14, 56,
     288        57, 36, 15,
     289        16, 58, 37,
     290        38, 17, 59,
     291        60, 39, 18,
     292        19, 61, 40,
     293        41, 20, 62,
     294        63
     295# elif TMPL_HASH_BITS == 256
     296        20, 10,  0,
     297        11,  1, 21,
     298         2, 22, 12,
     299        23, 13,  3,
     300        14,  4, 24,
     301         5, 25, 15,
     302        26, 16,  6,
     303        17,  7, 27,
     304         8, 28, 18,
     305        29, 19,  9,
     306        30, 31,
     307# else
     308#  error "TMPL_HASH_BITS"
     309# endif
     310    };
     311    AssertCompile(sizeof(s_abMapping) == TMPL_HASH_SIZE);
     312    off = rtCrShaCryptDigestToChars(pszString, off, pabHash, TMPL_HASH_SIZE, s_abMapping);
     313
     314#else /* !SHACRYPT_MINIMAL */
     315    /*
     316     * Unroll the digest shuffling and conversion to characters.
     317     * This takes a lot of code space.
     318     */
     319# if TMPL_HASH_BITS == 512
     320    NOT_BASE64_ENCODE(pszString, off, pabHash[ 0], pabHash[21], pabHash[42], 4);
     321    NOT_BASE64_ENCODE(pszString, off, pabHash[22], pabHash[43], pabHash[ 1], 4);
     322    NOT_BASE64_ENCODE(pszString, off, pabHash[44], pabHash[ 2], pabHash[23], 4);
     323    NOT_BASE64_ENCODE(pszString, off, pabHash[ 3], pabHash[24], pabHash[45], 4);
     324    NOT_BASE64_ENCODE(pszString, off, pabHash[25], pabHash[46], pabHash[ 4], 4);
     325    NOT_BASE64_ENCODE(pszString, off, pabHash[47], pabHash[ 5], pabHash[26], 4);
     326    NOT_BASE64_ENCODE(pszString, off, pabHash[ 6], pabHash[27], pabHash[48], 4);
     327    NOT_BASE64_ENCODE(pszString, off, pabHash[28], pabHash[49], pabHash[ 7], 4);
     328    NOT_BASE64_ENCODE(pszString, off, pabHash[50], pabHash[ 8], pabHash[29], 4);
     329    NOT_BASE64_ENCODE(pszString, off, pabHash[ 9], pabHash[30], pabHash[51], 4);
     330    NOT_BASE64_ENCODE(pszString, off, pabHash[31], pabHash[52], pabHash[10], 4);
     331    NOT_BASE64_ENCODE(pszString, off, pabHash[53], pabHash[11], pabHash[32], 4);
     332    NOT_BASE64_ENCODE(pszString, off, pabHash[12], pabHash[33], pabHash[54], 4);
     333    NOT_BASE64_ENCODE(pszString, off, pabHash[34], pabHash[55], pabHash[13], 4);
     334    NOT_BASE64_ENCODE(pszString, off, pabHash[56], pabHash[14], pabHash[35], 4);
     335    NOT_BASE64_ENCODE(pszString, off, pabHash[15], pabHash[36], pabHash[57], 4);
     336    NOT_BASE64_ENCODE(pszString, off, pabHash[37], pabHash[58], pabHash[16], 4);
     337    NOT_BASE64_ENCODE(pszString, off, pabHash[59], pabHash[17], pabHash[38], 4);
     338    NOT_BASE64_ENCODE(pszString, off, pabHash[18], pabHash[39], pabHash[60], 4);
     339    NOT_BASE64_ENCODE(pszString, off, pabHash[40], pabHash[61], pabHash[19], 4);
     340    NOT_BASE64_ENCODE(pszString, off, pabHash[62], pabHash[20], pabHash[41], 4);
     341    NOT_BASE64_ENCODE(pszString, off,           0,           0, pabHash[63], 2);
     342
     343# elif TMPL_HASH_BITS == 256
     344    NOT_BASE64_ENCODE(pszString, off, pabHash[00], pabHash[10], pabHash[20], 4);
     345    NOT_BASE64_ENCODE(pszString, off, pabHash[21], pabHash[ 1], pabHash[11], 4);
     346    NOT_BASE64_ENCODE(pszString, off, pabHash[12], pabHash[22], pabHash[ 2], 4);
     347    NOT_BASE64_ENCODE(pszString, off, pabHash[ 3], pabHash[13], pabHash[23], 4);
     348    NOT_BASE64_ENCODE(pszString, off, pabHash[24], pabHash[ 4], pabHash[14], 4);
     349    NOT_BASE64_ENCODE(pszString, off, pabHash[15], pabHash[25], pabHash[ 5], 4);
     350    NOT_BASE64_ENCODE(pszString, off, pabHash[ 6], pabHash[16], pabHash[26], 4);
     351    NOT_BASE64_ENCODE(pszString, off, pabHash[27], pabHash[ 7], pabHash[17], 4);
     352    NOT_BASE64_ENCODE(pszString, off, pabHash[18], pabHash[28], pabHash[ 8], 4);
     353    NOT_BASE64_ENCODE(pszString, off, pabHash[ 9], pabHash[19], pabHash[29], 4);
     354    NOT_BASE64_ENCODE(pszString, off, 0,           pabHash[31], pabHash[30], 3);
     355
     356# else
     357#  error "TMPL_HASH_BITS"
     358# endif
     359#endif  /* !SHACRYPT_MINIMAL */
    306360
    307361    pszString[off] = '\0';

  • trunk/src/VBox/Runtime/common/crypto/shacrypt.cpp

    r102495 r102500  
    5151*   Defined Constants And Macros                                                                                                 *
    5252*********************************************************************************************************************************/
    53 #define BASE64_ENCODE(a_psz, a_off, a_bVal2, a_bVal1, a_bVal0, a_cOutputChars) \
     53/*
     54 * The SHACRYPT_MINIMAL option reduces the .text + .rdata size in a Windows release
     55 * build from 6956 to 4592 bytes by not unrolling the not-base64 encoding and instead
     56 * using common code w/ a mapping table.
     57 */
     58#define SHACRYPT_MINIMAL /* don't unroll the digest -> characters conversion */
     59
     60/**
     61 * Encode a byte triplet into four characters (or less), base64-style.
     62 *
     63 * @note This differs from base64 in that it is LSB oriented,
     64 *       so where base64 will use bits[7:2] from the first byte for the first
     65 *       char, this will use bits [5:0].
     66 *
     67 *       The character set is also different.
     68 */
     69#define NOT_BASE64_ENCODE(a_psz, a_off, a_bVal2, a_bVal1, a_bVal0, a_cOutputChars) \
    5470    do { \
    5571        uint32_t uWord = RT_MAKE_U32_FROM_MSB_U8(0, a_bVal2, a_bVal1, a_bVal0); \
     
    7692*   Global Variables                                                                                                             *
    7793*********************************************************************************************************************************/
    78 /** This is the non-standard base-64 encoding characters. */
     94/** This is the non-standard base64 encoding characters used by SHA-crypt and friends. */
    7995static const char g_achCryptBase64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
    8096AssertCompile(sizeof(g_achCryptBase64) == 64 + 1);
     97
     98
     99#ifdef SHACRYPT_MINIMAL
     100/**
     101 * Common "base64" encoding function used by RTCrShaCrypt256ToString and
     102 * RTCrShaCrypt512ToString in minimal mode.
     103 */
     104static size_t rtCrShaCryptDigestToChars(char *pszString, size_t off, uint8_t const *pabHash, size_t cbHash,
     105                                        uint8_t const *pabMapping)
     106{
     107    /* full triplets first: */
     108    uintptr_t idx = 0;
     109    while (idx + 3 <= cbHash)
     110    {
     111        NOT_BASE64_ENCODE(pszString, off,
     112                          pabHash[pabMapping[idx + 2]],
     113                          pabHash[pabMapping[idx + 1]],
     114                          pabHash[pabMapping[idx + 0]], 4);
     115        idx += 3;
     116    }
     117
     118    /* Anything remaining: Either 1 or 2, never zero. */
     119    switch (cbHash - idx)
     120    {
     121        case 1:
     122            NOT_BASE64_ENCODE(pszString, off,
     123                              0,
     124                              0,
     125                              pabHash[pabMapping[idx + 0]], 2);
     126            break;
     127        case 2:
     128            NOT_BASE64_ENCODE(pszString, off,
     129                              0,
     130                              pabHash[pabMapping[idx + 1]],
     131                              pabHash[pabMapping[idx + 0]], 3);
     132            break;
     133        default: AssertFailedBreak();
     134    }
     135
     136    return off;
     137}
     138#endif /* SHACRYPT_MINIMAL */
    81139
    82140
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette