kmwebnet/OpenSK
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Restrict Sha256 to be used sequentially

Browse Source 
Also remove useless HashBlockSize64Bytes bound.
This commit is contained in:
Julien Cretin
2022-01-17 11:45:58 +01:00
committed by Julien Cretin
parent ca2ea2007e
commit ce08f82d68
4 changed files with 21 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
libraries/crypto/src/sha256.rs
View File

@@ -15,10 +15,17 @@
use super::{Hash256, HashBlockSize64Bytes};
use arrayref::{array_mut_ref, array_ref};
use byteorder::{BigEndian, ByteOrder};
use core::cell::Cell;
use core::num::Wrapping;
const BLOCK_SIZE: usize = 64;
// To be able to support hardware cryptography, we want to make sure we never compute multiple
// sha256 in parallel. (Note that almost all usage of Sha256 is through Hash256::hash which is
// statically correct. There's only 2 low-level usages in the `hmac::hmac_256` and those are
// sequential.) This variable tracks whether `new` was called but `finalize` wasn't called yet.
const BUSY: Cell<bool> = Cell::new(false);
pub struct Sha256 {
state: [Wrapping<u32>; 8],
block: [u8; BLOCK_SIZE],
@@ -27,6 +34,7 @@ pub struct Sha256 {
impl Hash256 for Sha256 {
fn new() -> Self {
assert!(!BUSY.replace(true));
Sha256 {
state: Sha256::H,
block: [0; BLOCK_SIZE],
@@ -93,6 +101,7 @@ impl Hash256 for Sha256 {
for i in 0..8 {
BigEndian::write_u32(array_mut_ref![result, 4 * i, 4], self.state[i].0);
}
BUSY.set(false);
result
}
}