diff options
author | Benjamin Barenblat <bbaren@mit.edu> | 2015-06-15 14:27:45 -0400 |
---|---|---|
committer | Benjamin Barenblat <bbaren@mit.edu> | 2015-06-15 14:27:45 -0400 |
commit | 5a54ad4ac01a69c554a05eddf077eea08cd766b1 (patch) | |
tree | 0c7305f4fabcf93d0afc89ba6995d9d447e22719 /src |
Initial commit of the cryptographic hash library
Diffstat (limited to 'src')
-rw-r--r-- | src/hash.ur | 16 | ||||
-rw-r--r-- | src/hash.urs | 21 | ||||
-rw-r--r-- | src/hashFFI.cc | 72 | ||||
-rw-r--r-- | src/hashFFI.h | 30 | ||||
-rw-r--r-- | src/hashFFI.urs | 14 | ||||
-rw-r--r-- | src/lib.urp | 5 |
6 files changed, 158 insertions, 0 deletions
diff --git a/src/hash.ur b/src/hash.ur new file mode 100644 index 0000000..7492dd0 --- /dev/null +++ b/src/hash.ur @@ -0,0 +1,16 @@ +(* Copyright 2015 the Massachusetts Institute of Technology + +Licensed under the Apache License, Version 2.0 (the "License"); you may not use +this file except in compliance with the License. You may obtain a copy of the +License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software distributed +under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR +CONDITIONS OF ANY KIND, either express or implied. See the License for the +specific language governing permissions and limitations under the License. *) + +type digest = string + +val md5 = HashFFI.md5 diff --git a/src/hash.urs b/src/hash.urs new file mode 100644 index 0000000..bc4a543 --- /dev/null +++ b/src/hash.urs @@ -0,0 +1,21 @@ +(* Copyright 2015 the Massachusetts Institute of Technology + +Licensed under the Apache License, Version 2.0 (the "License"); you may not use +this file except in compliance with the License. You may obtain a copy of the +License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software distributed +under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR +CONDITIONS OF ANY KIND, either express or implied. See the License for the +specific language governing permissions and limitations under the License. *) + +type digest +val eq_digest : eq digest +val ord_digest : ord digest +val show_digest : show digest +val sql_digest : sql_injectable digest +val sql_maxable_digest : sql_maxable digest + +val md5 : blob -> digest diff --git a/src/hashFFI.cc b/src/hashFFI.cc new file mode 100644 index 0000000..ab20030 --- /dev/null +++ b/src/hashFFI.cc @@ -0,0 +1,72 @@ +// Copyright (C) 2015 the Massachusetts Institute of Technology +// +// Licensed under the Apache License, Version 2.0 (the "License"); you may not +// use this file except in compliance with the License. You may obtain a copy +// of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +// License for the specific language governing permissions and limitations under +// the License. + +#include "hashFFI.h" + +#include <array> +#include <cstdio> + +#include <openssl/md5.h> +extern "C" { +#include <urweb/urweb_cpp.h> +} + +static_assert(sizeof(char) == 1, "char is not a single byte"); +static_assert(sizeof(unsigned char) == 1, "unsigned char is not a single byte"); + +namespace { + +// Asserts a condition without crashing or releasing information about where the +// error occurred. This function is essential for web programming, where an +// attacker should not be able to bring down the app by causing an assertion +// failure. +void Assert(uw_context* const context, const bool condition, + const failure_kind action, const char* const message) { + if (!condition) { + uw_error(context, action, message); + } +} + +void Assert(uw_context* const context, + const bool condition, const char* const message) { + Assert(context, condition, FATAL, message); +} + +} // namespace + +uw_Basis_string uw_HashFFI_md5(uw_context* const context, + const uw_Basis_blob input) { + using Digest = std::array<unsigned char, MD5_DIGEST_LENGTH>; + // Perform the MD5 operation. + Digest raw_result; + MD5(reinterpret_cast<unsigned char*>(input.data), input.size, + raw_result.data()); + // Convert it to a hex string. This will be twice as large (two hex digits + // per byte), plus an additional byte for the null terminator. + const auto result_length = 2 * raw_result.size() + 1; + uw_Basis_string result = + reinterpret_cast<uw_Basis_string>(uw_malloc(context, result_length)); + Assert(context, result, BOUNDED_RETRY, + "unable to allocate memory for digest"); + for (Digest::size_type i = 0; i < raw_result.size(); i++) { + sprintf(result + 2 * i, "%02x", raw_result[i]); + } + // Make sure the string is properly terminated. + for (std::size_t i = 0; i < result_length - 2; i++) { + Assert(context, result[i] != '\0', "null byte in digest"); + } + Assert(context, result[result_length - 1] == '\0', + "failed to properly terminate digest"); + return result; +} diff --git a/src/hashFFI.h b/src/hashFFI.h new file mode 100644 index 0000000..5ff8ea3 --- /dev/null +++ b/src/hashFFI.h @@ -0,0 +1,30 @@ +// Copyright (C) 2015 the Massachusetts Institute of Technology +// +// Licensed under the Apache License, Version 2.0 (the "License"); you may not +// use this file except in compliance with the License. You may obtain a copy +// of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +// License for the specific language governing permissions and limitations under +// the License. + +#ifndef URWEB_CRYPTO_HASH_OPENSSL_HASHFFI_H +#define URWEB_CRYPTO_HASH_OPENSSL_HASHFFI_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include <urweb/urweb_cpp.h> + +uw_Basis_string uw_HashFFI_md5(struct uw_context*, const uw_Basis_blob); + +#ifdef __cplusplus +} +#endif + +#endif // URWEB_CRYPTO_HASH_OPENSSL_HASHFFI_H diff --git a/src/hashFFI.urs b/src/hashFFI.urs new file mode 100644 index 0000000..55acadd --- /dev/null +++ b/src/hashFFI.urs @@ -0,0 +1,14 @@ +(* Copyright 2015 the Massachusetts Institute of Technology + +Licensed under the Apache License, Version 2.0 (the "License"); you may not use +this file except in compliance with the License. You may obtain a copy of the +License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software distributed +under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR +CONDITIONS OF ANY KIND, either express or implied. See the License for the +specific language governing permissions and limitations under the License. *) + +val md5 : blob -> string diff --git a/src/lib.urp b/src/lib.urp new file mode 100644 index 0000000..68c99eb --- /dev/null +++ b/src/lib.urp @@ -0,0 +1,5 @@ +ffi hashFFI +include hashFFI.h +link -lurweb_crypto_hash_openssl -lcrypto + +hash |