1 From 3fbec7d4db59bbd24a9a768182000a1d004c5bc5 Mon Sep 17 00:00:00 2001
2 From: Tiago Vignatti <tiago.vignatti@nokia.com>
3 Date: Wed, 24 Mar 2010 17:27:43 +0200
4 Subject: [PATCH] Revert "Revert "Render: Use built-in SHA1 library""
6 This reverts commit a39377cbcbd3091095efbeab25bec18ae520147e.
11 include/dix-config.h.in
15 Ok ok ok, it's the revert of a revert! Buhhh...
17 Once upon a time, back in 2007, Carl Worth was trying to boost render
18 (4c6abe1c). He prefered to use a "strong hash" to compare glyphs (19b3b1fd)
19 and used openssl library for this. Further, for the same purpose, people
20 started to set other SHA1 implementations in autoconf. And a lot of
21 alternatives appeared - six, to be precise. In the mean time, John Tapsell
22 commit a builtin implementation of SHA1. In the same day, Keith Packard
23 reverted, stating "X.org should not be providing a custom SHA1
24 implementation." (a39377cb). Now, users ended up with Xorg setting the default
25 as the openssl's one (libcrypto), which takes 88 kB of xserver's private RSS.
26 Besides that, we have a ridiculous "configure dot fucking ac stanza to work
27 out which lib to use is almost as long as sha1.c was", to quote daniels.
29 My simple argument against Keith's decision is simple: we can save 316 kB of
30 RSS in a standalone Xorg call. Therefore, I'm in favor to keep our own very
31 simple and shiny SHA1 implementation.
34 I'm not comfortable yet to send this patch around without see if there's any
35 regressions on render or eventually get some ack from Carl.
38 configure.ac | 89 +------------------------
39 include/dix-config.h.in | 15 ----
41 os/xsha1.c | 168 ---------------------------------------------
42 render/Makefile.am | 3 +
43 render/glyph.c | 25 ++-----
44 render/sha1.c | 173 +++++++++++++++++++++++++++++++++++++++++++++++
45 render/sha1.h | 63 +++++++++++++++++
46 8 files changed, 248 insertions(+), 289 deletions(-)
47 delete mode 100644 os/xsha1.c
48 create mode 100644 render/sha1.c
49 create mode 100644 render/sha1.h
51 diff --git a/include/dix-config.h.in b/include/dix-config.h.in
52 index 058c8fd..d6e99a5 100644
53 --- a/include/dix-config.h.in
54 +++ b/include/dix-config.h.in
56 /* Define to 1 if you have the <rpcsvc/dbm.h> header file. */
57 #undef HAVE_RPCSVC_DBM_H
59 -/* Define to use libc SHA1 functions */
60 -#undef HAVE_SHA1_IN_LIBC
62 -/* Define to use CommonCrypto SHA1 functions */
63 -#undef HAVE_SHA1_IN_COMMONCRYPTO
65 -/* Define to use libmd SHA1 functions */
66 -#undef HAVE_SHA1_IN_LIBMD
68 -/* Define to use libgcrypt SHA1 functions */
69 -#undef HAVE_SHA1_IN_LIBGCRYPT
71 -/* Define to use libsha1 for SHA1 */
72 -#undef HAVE_SHA1_IN_LIBSHA1
74 /* Define to 1 if you have the `shmctl64' function. */
77 diff --git a/os/Makefile.am b/os/Makefile.am
78 index 66a4a0f..b8c1636 100644
81 @@ -22,7 +22,6 @@ libos_la_SOURCES = \
89 diff --git a/os/xsha1.c b/os/xsha1.c
90 deleted file mode 100644
91 index 355862f..0000000
95 -#ifdef HAVE_DIX_CONFIG_H
96 -#include <dix-config.h>
102 -#if defined(HAVE_SHA1_IN_LIBMD) /* Use libmd for SHA1 */ \
103 - || defined(HAVE_SHA1_IN_LIBC) /* Use libc for SHA1 */
107 -void *x_sha1_init(void)
109 - SHA1_CTX *ctx = malloc(sizeof(*ctx));
116 -int x_sha1_update(void *ctx, void *data, int size)
118 - SHA1_CTX *sha1_ctx = ctx;
119 - SHA1Update(sha1_ctx, data, size);
123 -int x_sha1_final(void *ctx, unsigned char result[20])
125 - SHA1_CTX *sha1_ctx = ctx;
126 - SHA1Final(result, sha1_ctx);
131 -#elif defined(HAVE_SHA1_IN_COMMONCRYPTO) /* Use CommonCrypto for SHA1 */
133 -#include <CommonCrypto/CommonDigest.h>
135 -void *x_sha1_init(void)
137 - CC_SHA1_CTX *ctx = malloc(sizeof(*ctx));
144 -int x_sha1_update(void *ctx, void *data, int size)
146 - CC_SHA1_CTX *sha1_ctx = ctx;
147 - CC_SHA1_Update(sha1_ctx, data, size);
151 -int x_sha1_final(void *ctx, unsigned char result[20])
153 - CC_SHA1_CTX *sha1_ctx = ctx;
154 - CC_SHA1_Final(result, sha1_ctx);
159 -#elif defined(HAVE_SHA1_IN_LIBGCRYPT) /* Use libgcrypt for SHA1 */
161 -# include <gcrypt.h>
163 -void *x_sha1_init(void)
170 - if (!gcry_check_version(NULL))
172 - gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
173 - gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
177 - err = gcry_md_open(&h, GCRY_MD_SHA1, 0);
183 -int x_sha1_update(void *ctx, void *data, int size)
185 - gcry_md_hd_t h = ctx;
186 - gcry_md_write(h, data, size);
190 -int x_sha1_final(void *ctx, unsigned char result[20])
192 - gcry_md_hd_t h = ctx;
193 - memcpy(result, gcry_md_read(h, GCRY_MD_SHA1), 20);
198 -#elif defined(HAVE_SHA1_IN_LIBSHA1) /* Use libsha1 */
200 -# include <libsha1.h>
202 -void *x_sha1_init(void)
204 - sha1_ctx *ctx = malloc(sizeof(*ctx));
211 -int x_sha1_update(void *ctx, void *data, int size)
213 - sha1_hash(data, size, ctx);
217 -int x_sha1_final(void *ctx, unsigned char result[20])
219 - sha1_end(result, ctx);
224 -#else /* Use OpenSSL's libcrypto */
226 -# include <stddef.h> /* buggy openssl/sha.h wants size_t */
227 -# include <openssl/sha.h>
229 -void *x_sha1_init(void)
232 - SHA_CTX *ctx = malloc(sizeof(*ctx));
235 - ret = SHA1_Init(ctx);
243 -int x_sha1_update(void *ctx, void *data, int size)
246 - SHA_CTX *sha_ctx = ctx;
247 - ret = SHA1_Update(sha_ctx, data, size);
253 -int x_sha1_final(void *ctx, unsigned char result[20])
256 - SHA_CTX *sha_ctx = ctx;
257 - ret = SHA1_Final(result, sha_ctx);
263 diff --git a/render/Makefile.am b/render/Makefile.am
264 index 216c613..bb46702 100644
265 --- a/render/Makefile.am
266 +++ b/render/Makefile.am
267 @@ -13,8 +13,11 @@ librender_la_SOURCES = \
275 sdk_HEADERS = picture.h mipict.h glyphstr.h picturestr.h
279 diff --git a/render/glyph.c b/render/glyph.c
280 index 0b864ad..e14530a 100644
284 #include <dix-config.h>
291 #include "scrnintstr.h"
293 @@ -193,21 +192,13 @@ HashGlyph (xGlyphInfo *gi,
295 unsigned char sha1[20])
297 - void *ctx = x_sha1_init();
303 - success = x_sha1_update(ctx, gi, sizeof(xGlyphInfo));
306 - success = x_sha1_update(ctx, bits, size);
309 - success = x_sha1_final(ctx, sha1);
315 + SHA1Update (&ctx, gi, sizeof (xGlyphInfo));
316 + SHA1Update (&ctx, bits, size);
317 + SHA1Final (sha1, &ctx);
322 diff --git a/render/sha1.c b/render/sha1.c
324 index 0000000..820eb2a
330 + * By Steve Reid <steve@edmweb.com>
331 + * 100% Public Domain
333 + * Test Vectors (from FIPS PUB 180-1)
335 + * A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
336 + * "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
337 + * 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
338 + * A million repetitions of "a"
339 + * 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
342 +#include <sys/param.h>
346 +#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
349 + * blk0() and blk() perform the initial expand.
350 + * I got the idea of expanding during the round function from SSLeay
352 +#if BYTE_ORDER == LITTLE_ENDIAN
353 +# define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \
354 + |(rol(block->l[i],8)&0x00FF00FF))
356 +# define blk0(i) block->l[i]
358 +#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \
359 + ^block->l[(i+2)&15]^block->l[i&15],1))
362 + * (R0+R1), R2, R3, R4 are the different operations (rounds) used in SHA1
364 +#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
365 +#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
366 +#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
367 +#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
368 +#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
371 + * Hash a single 512-bit block. This is the core of the algorithm.
374 +SHA1Transform(uint32_t state[5], const uint8_t buffer[SHA1_BLOCK_LENGTH])
376 + uint32_t a, b, c, d, e;
377 + uint8_t workspace[SHA1_BLOCK_LENGTH];
382 + CHAR64LONG16 *block = (CHAR64LONG16 *)workspace;
384 + (void)memcpy(block, buffer, SHA1_BLOCK_LENGTH);
386 + /* Copy context->state[] to working vars */
393 + /* 4 rounds of 20 operations each. Loop unrolled. */
394 + R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
395 + R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
396 + R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
397 + R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
398 + R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
399 + R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
400 + R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
401 + R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
402 + R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
403 + R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
404 + R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
405 + R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
406 + R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
407 + R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
408 + R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
409 + R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
410 + R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
411 + R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
412 + R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
413 + R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
415 + /* Add the working vars back into context.state[] */
422 + /* Wipe variables */
423 + a = b = c = d = e = 0;
428 + * SHA1Init - Initialize new context
431 +SHA1Init(SHA1_CTX *context)
434 + /* SHA1 initialization constants */
435 + context->count = 0;
436 + context->state[0] = 0x67452301;
437 + context->state[1] = 0xEFCDAB89;
438 + context->state[2] = 0x98BADCFE;
439 + context->state[3] = 0x10325476;
440 + context->state[4] = 0xC3D2E1F0;
445 + * Run your data through this.
448 +SHA1Update(SHA1_CTX *context, const uint8_t *data, size_t len)
452 + j = (size_t)((context->count >> 3) & 63);
453 + context->count += (len << 3);
454 + if ((j + len) > 63) {
455 + (void)memcpy(&context->buffer[j], data, (i = 64-j));
456 + SHA1Transform(context->state, context->buffer);
457 + for ( ; i + 63 < len; i += 64)
458 + SHA1Transform(context->state, (uint8_t *)&data[i]);
463 + (void)memcpy(&context->buffer[j], &data[i], len - i);
468 + * Add padding and return the message digest.
471 +SHA1Pad(SHA1_CTX *context)
473 + uint8_t finalcount[8];
476 + for (i = 0; i < 8; i++) {
477 + finalcount[i] = (uint8_t)((context->count >>
478 + ((7 - (i & 7)) * 8)) & 255); /* Endian independent */
480 + SHA1Update(context, (uint8_t *)"\200", 1);
481 + while ((context->count & 504) != 448)
482 + SHA1Update(context, (uint8_t *)"\0", 1);
483 + SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
487 +SHA1Final(uint8_t digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context)
493 + for (i = 0; i < SHA1_DIGEST_LENGTH; i++) {
494 + digest[i] = (uint8_t)
495 + ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
497 + memset(context, 0, sizeof(*context));
501 diff --git a/render/sha1.h b/render/sha1.h
503 index 0000000..ace7d97
509 + * By Steve Reid <steve@edmweb.com>
510 + * 100% Public Domain
521 +#define SHA1_BLOCK_LENGTH 64
522 +#define SHA1_DIGEST_LENGTH 20
523 +#define SHA1_DIGEST_STRING_LENGTH (SHA1_DIGEST_LENGTH * 2 + 1)
528 + uint8_t buffer[SHA1_BLOCK_LENGTH];
531 +#include <sys/cdefs.h>
534 +void SHA1Init(SHA1_CTX *);
535 +void SHA1Pad(SHA1_CTX *);
536 +void SHA1Transform(uint32_t [5], const uint8_t [SHA1_BLOCK_LENGTH])
537 + __attribute__((__bounded__(__minbytes__,1,5)))
538 + __attribute__((__bounded__(__minbytes__,2,SHA1_BLOCK_LENGTH)));
539 +void SHA1Update(SHA1_CTX *, const uint8_t *, size_t)
540 + __attribute__((__bounded__(__string__,2,3)));
541 +void SHA1Final(uint8_t [SHA1_DIGEST_LENGTH], SHA1_CTX *)
542 + __attribute__((__bounded__(__minbytes__,1,SHA1_DIGEST_LENGTH)));
543 +char *SHA1End(SHA1_CTX *, char *)
544 + __attribute__((__bounded__(__minbytes__,2,SHA1_DIGEST_STRING_LENGTH)));
545 +char *SHA1File(const char *, char *)
546 + __attribute__((__bounded__(__minbytes__,2,SHA1_DIGEST_STRING_LENGTH)));
547 +char *SHA1FileChunk(const char *, char *, off_t, off_t)
548 + __attribute__((__bounded__(__minbytes__,2,SHA1_DIGEST_STRING_LENGTH)));
549 +char *SHA1Data(const uint8_t *, size_t, char *)
550 + __attribute__((__bounded__(__string__,1,2)))
551 + __attribute__((__bounded__(__minbytes__,3,SHA1_DIGEST_STRING_LENGTH)));
554 +#define HTONDIGEST(x) do { \
555 + x[0] = htonl(x[0]); \
556 + x[1] = htonl(x[1]); \
557 + x[2] = htonl(x[2]); \
558 + x[3] = htonl(x[3]); \
559 + x[4] = htonl(x[4]); } while (0)
561 +#define NTOHDIGEST(x) do { \
562 + x[0] = ntohl(x[0]); \
563 + x[1] = ntohl(x[1]); \
564 + x[2] = ntohl(x[2]); \
565 + x[3] = ntohl(x[3]); \
566 + x[4] = ntohl(x[4]); } while (0)
568 +#endif /* _SHA1_H */
573 --- xorg-server-1.9.2.902/configure.ac.orig 2010-12-04 06:56:52.000000000 +0100
574 +++ xorg-server-1.9.2.902/configure.ac 2010-12-07 19:16:06.420296250 +0100
575 @@ -1338,7 +1338,7 @@
577 if test "x$SPECIAL_DTRACE_OBJECTS" = "xyes" ; then
578 DIX_LIB='$(top_builddir)/dix/dix.O'
579 - OS_LIB='$(top_builddir)/os/os.O $(SHA1_LIBS) $(DLOPEN_LIBS)'
580 + OS_LIB='$(top_builddir)/os/os.O $(DLOPEN_LIBS)'
582 DIX_LIB='$(top_builddir)/dix/libdix.la'
583 OS_LIB='$(top_builddir)/os/libos.la'
584 @@ -1358,99 +1358,6 @@
585 MIEXT_SHADOW_LIB='$(top_builddir)/miext/shadow/libshadow.la'
586 CORE_INCS='-I$(top_srcdir)/include -I$(top_builddir)/include'
590 - [AS_HELP_STRING([--with-sha1=libc|libmd|libgcrypt|libcrypto|libsha1|CommonCrypto],
591 - [choose SHA1 implementation])])
592 -AC_CHECK_FUNC([SHA1Init], [HAVE_SHA1_IN_LIBC=yes])
593 -if test "x$with_sha1" = x && test "x$HAVE_SHA1_IN_LIBC" = xyes; then
596 -if test "x$with_sha1" = xlibc && test "x$HAVE_SHA1_IN_LIBC" != xyes; then
597 - AC_MSG_ERROR([libc requested but not found])
599 -if test "x$with_sha1" = xlibc; then
600 - AC_DEFINE([HAVE_SHA1_IN_LIBC], [1],
601 - [Use libc SHA1 functions])
604 -AC_CHECK_FUNC([CC_SHA1_Init], [HAVE_SHA1_IN_COMMONCRYPTO=yes])
605 -if test "x$with_sha1" = x && test "x$HAVE_SHA1_IN_COMMONCRYPTO" = xyes; then
606 - with_sha1=CommonCrypto
608 -if test "x$with_sha1" = xCommonCrypto && test "x$HAVE_SHA1_IN_COMMONCRYPTO" != xyes; then
609 - AC_MSG_ERROR([CommonCrypto requested but not found])
611 -if test "x$with_sha1" = xCommonCrypto; then
612 - AC_DEFINE([HAVE_SHA1_IN_COMMONCRYPTO], [1],
613 - [Use CommonCrypto SHA1 functions])
616 -AC_CHECK_LIB([md], [SHA1Init], [HAVE_LIBMD=yes])
617 -if test "x$with_sha1" = x && test "x$HAVE_LIBMD" = xyes; then
620 -if test "x$with_sha1" = xlibmd && test "x$HAVE_LIBMD" != xyes; then
621 - AC_MSG_ERROR([libmd requested but not found])
623 -if test "x$with_sha1" = xlibmd; then
624 - AC_DEFINE([HAVE_SHA1_IN_LIBMD], [1],
625 - [Use libmd SHA1 functions])
628 -PKG_CHECK_MODULES([LIBSHA1], [libsha1], [HAVE_LIBSHA1=yes], [HAVE_LIBSHA1=no])
629 -if test "x$with_sha1" = x && test "x$HAVE_LIBSHA1" = xyes; then
632 -if test "x$with_sha1" = xlibsha1 && test "x$HAVE_LIBSHA1" != xyes; then
633 - AC_MSG_ERROR([libsha1 requested but not found])
635 -if test "x$with_sha1" = xlibsha1; then
636 - AC_DEFINE([HAVE_SHA1_IN_LIBSHA1], [1],
637 - [Use libsha1 for SHA1])
640 -AC_CHECK_LIB([gcrypt], [gcry_md_open], [HAVE_LIBGCRYPT=yes])
641 -if test "x$with_sha1" = x && test "x$HAVE_LIBGCRYPT" = xyes; then
642 - with_sha1=libgcrypt
644 -if test "x$with_sha1" = xlibgcrypt && test "x$HAVE_LIBGCRYPT" != xyes; then
645 - AC_MSG_ERROR([libgcrypt requested but not found])
647 -if test "x$with_sha1" = xlibgcrypt; then
648 - AC_DEFINE([HAVE_SHA1_IN_LIBGCRYPT], [1],
649 - [Use libgcrypt SHA1 functions])
652 -# We don't need all of the OpenSSL libraries, just libcrypto
653 -AC_CHECK_LIB([crypto], [SHA1_Init], [HAVE_LIBCRYPTO=yes])
654 -PKG_CHECK_MODULES([OPENSSL], [openssl], [HAVE_OPENSSL_PKC=yes],
655 - [HAVE_OPENSSL_PKC=no])
656 -if test "x$HAVE_LIBCRYPTO" = xyes || test "x$HAVE_OPENSSL_PKC" = xyes; then
657 - if test "x$with_sha1" = x; then
658 - with_sha1=libcrypto
661 - if test "x$with_sha1" = xlibcrypto; then
662 - AC_MSG_ERROR([OpenSSL libcrypto requested but not found])
665 -if test "x$with_sha1" = xlibcrypto; then
666 - if test "x$HAVE_LIBCRYPTO" = xyes; then
669 - SHA1_LIBS="$OPENSSL_LIBS"
670 - SHA1_CFLAGS="$OPENSSL_CFLAGS"
673 -AC_MSG_CHECKING([for SHA1 implementation])
674 -if test "x$with_sha1" = x; then
675 - AC_MSG_ERROR([No suitable SHA1 implementation found])
677 -AC_MSG_RESULT([$with_sha1])
679 -AC_SUBST(SHA1_CFLAGS)
681 PKG_CHECK_MODULES([XSERVERCFLAGS], [$REQUIRED_MODULES $REQUIRED_LIBS])
682 PKG_CHECK_MODULES([XSERVERLIBS], [$REQUIRED_LIBS])