From fd9f2a18eeaa5361660caa4c23384ea38973b021 Mon Sep 17 00:00:00 2001 From: Benjamin Barenblat Date: Thu, 2 Aug 2018 17:41:48 -0400 Subject: Eliminate Data.Digest.Internal MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Move Data.Digest.Internal’s functions and types into more appropriate modules. There’s now a single BTLS hierarchy that contains all internal modules for the project. --- btls.cabal | 2 +- src/BTLS/BoringSSLPatterns.hs | 62 ++++++++++++++++++++++++++++++++ src/BTLS/Types.hs | 26 +++++++++++--- src/Codec/Crypto/HKDF.hs | 5 +-- src/Data/Digest.hs | 3 +- src/Data/Digest/Internal.hs | 82 ------------------------------------------- src/Data/HMAC.hs | 5 ++- 7 files changed, 91 insertions(+), 94 deletions(-) create mode 100644 src/BTLS/BoringSSLPatterns.hs delete mode 100644 src/Data/Digest/Internal.hs diff --git a/btls.cabal b/btls.cabal index 809e8be..acea7ae 100644 --- a/btls.cabal +++ b/btls.cabal @@ -75,11 +75,11 @@ library , BTLS.BoringSSL.HKDF , BTLS.BoringSSL.HMAC , BTLS.BoringSSL.Mem + , BTLS.BoringSSLPatterns , BTLS.Cast , BTLS.CreateWithFinalizer , BTLS.Result , BTLS.Types - , Data.Digest.Internal c-sources: cbits/btls.c -- Use special names for the BoringSSL libraries to avoid accidentally pulling -- in OpenSSL. diff --git a/src/BTLS/BoringSSLPatterns.hs b/src/BTLS/BoringSSLPatterns.hs new file mode 100644 index 0000000..4b08663 --- /dev/null +++ b/src/BTLS/BoringSSLPatterns.hs @@ -0,0 +1,62 @@ +-- Copyright 2017 Google LLC +-- +-- Licensed under the Apache License, Version 2.0 (the "License"); you may not +-- use this file except in compliance with the License. You may obtain a copy of +-- the License at +-- +-- https://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +-- WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +-- License for the specific language governing permissions and limitations under +-- the License. + +module BTLS.BoringSSLPatterns + ( initUpdateFinalize + ) where + +import Data.ByteString (ByteString) +import qualified Data.ByteString as ByteString +import qualified Data.ByteString.Unsafe as ByteString +import qualified Data.ByteString.Lazy as ByteString.Lazy +import Foreign (ForeignPtr, Storable(peek), Ptr, alloca, allocaArray, withForeignPtr) +import Foreign.C.Types + +import BTLS.BoringSSL.Digest (evpMaxMDSize) + +type LazyByteString = ByteString.Lazy.ByteString + +-- | Encapsulates a common pattern of operation between hashing and HMAC +-- computation. Both of these operations require an allocated context local to +-- the operation. The context gets initialized once, updated repeatedly, and +-- then finalized. Finally, we read the result out of a buffer produced by the +-- finalizer. +-- +-- The updater must not mutate any argument other than the context. +-- +-- If all arguments are safe to use under 'unsafeLocalState', this whole +-- function is safe to use under 'unsafeLocalState'. +initUpdateFinalize :: + IO (ForeignPtr ctx) + -> (Ptr ctx -> IO ()) + -> (Ptr ctx -> Ptr CChar -> CULong -> IO ()) + -> (Ptr ctx -> Ptr CChar -> Ptr CUInt -> IO ()) + -> LazyByteString + -> IO ByteString +initUpdateFinalize mallocCtx initialize update finalize bytes = do + ctxFP <- mallocCtx + withForeignPtr ctxFP $ \ctx -> do + initialize ctx + mapM_ (updateBytes ctx) (ByteString.Lazy.toChunks bytes) + allocaArray evpMaxMDSize $ \rOut -> + alloca $ \pOutSize -> do + finalize ctx rOut pOutSize + outSize <- fromIntegral <$> peek pOutSize + ByteString.packCStringLen (rOut, outSize) + where + updateBytes ctx chunk = + -- The updater won't mutate its arguments, so the sharing inherent in + -- 'ByteString.unsafeUseAsCStringLen' is fine. + ByteString.unsafeUseAsCStringLen chunk $ \(buf, len) -> + update ctx buf (fromIntegral len) diff --git a/src/BTLS/Types.hs b/src/BTLS/Types.hs index dbd806a..06b5173 100644 --- a/src/BTLS/Types.hs +++ b/src/BTLS/Types.hs @@ -12,20 +12,36 @@ -- License for the specific language governing permissions and limitations under -- the License. -module BTLS.Types - ( AssociatedData(AssociatedData) - , Salt(Salt), noSalt - , SecretKey(SecretKey) - ) where +module BTLS.Types where +import Data.Bits (Bits((.&.)), shiftR) import Data.ByteString (ByteString) import qualified Data.ByteString as ByteString +import Data.Char (intToDigit) +import Data.Word (Word8) +import Foreign (Ptr) + +import BTLS.BoringSSL.Base (EVPMD) + +-- | A cryptographic hash function. +newtype Algorithm = Algorithm (Ptr EVPMD) -- | Context or application-specific information. Equality comparisons on this -- type are variable-time. newtype AssociatedData = AssociatedData ByteString deriving (Eq, Ord, Show) +-- | The result of a hash operation. +newtype Digest = Digest ByteString + deriving (Eq, Ord) + +instance Show Digest where + show (Digest d) = ByteString.foldr showHexPadded [] d + where + showHexPadded b xs = + hexit (b `shiftR` 4 .&. 0x0f) : hexit (b .&. 0x0f) : xs + hexit = intToDigit . fromIntegral :: Word8 -> Char + -- | A salt. Equality comparisons on this type are variable-time. newtype Salt = Salt ByteString deriving (Eq, Ord, Show) diff --git a/src/Codec/Crypto/HKDF.hs b/src/Codec/Crypto/HKDF.hs index 4547a52..2b1dc1f 100644 --- a/src/Codec/Crypto/HKDF.hs +++ b/src/Codec/Crypto/HKDF.hs @@ -26,8 +26,9 @@ import BTLS.BoringSSL.Digest (evpMaxMDSize) import BTLS.BoringSSL.HKDF import BTLS.Cast (asCUCharBuf) import BTLS.Types - (AssociatedData(AssociatedData), Salt(Salt), SecretKey(SecretKey), noSalt) -import Data.Digest.Internal (Algorithm(Algorithm)) + ( Algorithm(Algorithm), AssociatedData(AssociatedData), Salt(Salt) + , SecretKey(SecretKey), noSalt + ) -- | Computes an HKDF pseudorandom key (PRK) as specified by RFC 5869. extract :: Algorithm -> Salt -> SecretKey -> SecretKey diff --git a/src/Data/Digest.hs b/src/Data/Digest.hs index 03026fb..0587d2b 100644 --- a/src/Data/Digest.hs +++ b/src/Data/Digest.hs @@ -26,8 +26,9 @@ import Foreign.Marshal.Unsafe (unsafeLocalState) import BTLS.BoringSSL.Base import BTLS.BoringSSL.Digest +import BTLS.BoringSSLPatterns (initUpdateFinalize) import BTLS.Cast (asCUCharBuf) -import Data.Digest.Internal +import BTLS.Types (Algorithm(Algorithm), Digest(Digest)) type LazyByteString = ByteString.Lazy.ByteString diff --git a/src/Data/Digest/Internal.hs b/src/Data/Digest/Internal.hs deleted file mode 100644 index 88a0d9f..0000000 --- a/src/Data/Digest/Internal.hs +++ /dev/null @@ -1,82 +0,0 @@ --- Copyright 2017 Google LLC --- --- Licensed under the Apache License, Version 2.0 (the "License"); you may not --- use this file except in compliance with the License. You may obtain a copy of --- the License at --- --- https://www.apache.org/licenses/LICENSE-2.0 --- --- Unless required by applicable law or agreed to in writing, software --- distributed under the License is distributed on an "AS IS" BASIS, WITHOUT --- WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the --- License for the specific language governing permissions and limitations under --- the License. - -module Data.Digest.Internal - ( Algorithm(..) - , Digest(..) - , initUpdateFinalize - ) where - -import Data.Bits (Bits((.&.)), shiftR) -import Data.ByteString (ByteString) -import qualified Data.ByteString as ByteString -import qualified Data.ByteString.Unsafe as ByteString -import qualified Data.ByteString.Lazy as ByteString.Lazy -import Data.Char (intToDigit) -import Data.Word (Word8) -import Foreign (ForeignPtr, Storable(peek), Ptr, alloca, allocaArray, withForeignPtr) -import Foreign.C.Types - -import BTLS.BoringSSL.Base (EVPMD) -import BTLS.BoringSSL.Digest (evpMaxMDSize) - -type LazyByteString = ByteString.Lazy.ByteString - --- | A cryptographic hash function. -newtype Algorithm = Algorithm (Ptr EVPMD) - --- | The result of a hash operation. -newtype Digest = Digest ByteString - deriving (Eq, Ord) - -instance Show Digest where - show (Digest d) = ByteString.foldr showHexPadded [] d - where - showHexPadded b xs = - hexit (b `shiftR` 4 .&. 0x0f) : hexit (b .&. 0x0f) : xs - hexit = intToDigit . fromIntegral :: Word8 -> Char - --- | Encapsulates a common pattern of operation between hashing and HMAC --- computation. Both of these operations require an allocated context local to --- the operation. The context gets initialized once, updated repeatedly, and --- then finalized. Finally, we read the result out of a buffer produced by the --- finalizer. --- --- The updater must not mutate any argument other than the context. --- --- If all arguments are safe to use under 'unsafeLocalState', this whole --- function is safe to use under 'unsafeLocalState'. -initUpdateFinalize :: - IO (ForeignPtr ctx) - -> (Ptr ctx -> IO ()) - -> (Ptr ctx -> Ptr CChar -> CULong -> IO ()) - -> (Ptr ctx -> Ptr CChar -> Ptr CUInt -> IO ()) - -> LazyByteString - -> IO ByteString -initUpdateFinalize mallocCtx initialize update finalize bytes = do - ctxFP <- mallocCtx - withForeignPtr ctxFP $ \ctx -> do - initialize ctx - mapM_ (updateBytes ctx) (ByteString.Lazy.toChunks bytes) - allocaArray evpMaxMDSize $ \rOut -> - alloca $ \pOutSize -> do - finalize ctx rOut pOutSize - outSize <- fromIntegral <$> peek pOutSize - ByteString.packCStringLen (rOut, outSize) - where - updateBytes ctx chunk = - -- The updater won't mutate its arguments, so the sharing inherent in - -- 'ByteString.unsafeUseAsCStringLen' is fine. - ByteString.unsafeUseAsCStringLen chunk $ \(buf, len) -> - update ctx buf (fromIntegral len) diff --git a/src/Data/HMAC.hs b/src/Data/HMAC.hs index b0387c6..8697c20 100644 --- a/src/Data/HMAC.hs +++ b/src/Data/HMAC.hs @@ -26,10 +26,9 @@ import Foreign.Marshal.Unsafe (unsafeLocalState) import BTLS.BoringSSL.Base import BTLS.BoringSSL.HMAC import BTLS.BoringSSL.Mem (cryptoMemcmp) +import BTLS.BoringSSLPatterns (initUpdateFinalize) import BTLS.Cast (asCUCharBuf) -import BTLS.Types (SecretKey(SecretKey)) -import Data.Digest.Internal - (Algorithm(Algorithm), Digest(Digest), initUpdateFinalize) +import BTLS.Types (Algorithm(Algorithm), Digest(Digest), SecretKey(SecretKey)) type LazyByteString = ByteString.Lazy.ByteString -- cgit v1.2.3