diff options
author | brian m. carlson <sandals@crustytoothpaste.net> | 2018-11-14 07:09:37 +0300 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2018-11-14 10:54:53 +0300 |
commit | 27dc04c54506967fcaa87b2d560547ee5633040c (patch) | |
tree | 488f25ff856706ec8eaf74ea2bcfafa0252c9061 | |
parent | 13eeedb5d17ca3539600b6618d103b652ecc8ab0 (diff) |
sha256: add an SHA-256 implementation using libgcrypt
Generally, one gets better performance out of cryptographic routines
written in assembly than C, and this is also true for SHA-256. In
addition, most Linux distributions cannot distribute Git linked against
OpenSSL for licensing reasons.
Most systems with GnuPG will also have libgcrypt, since it is a
dependency of GnuPG. libgcrypt is also faster than the SHA1DC
implementation for messages of a few KiB and larger.
For comparison, on a Core i7-6600U, this implementation processes 16 KiB
chunks at 355 MiB/s while SHA1DC processes equivalent chunks at 337
MiB/s.
In addition, libgcrypt is licensed under the LGPL 2.1, which is
compatible with the GPL. Add an implementation of SHA-256 that uses
libgcrypt.
Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
-rw-r--r-- | Makefile | 13 | ||||
-rw-r--r-- | hash.h | 4 | ||||
-rw-r--r-- | sha256/gcrypt.h | 30 |
3 files changed, 45 insertions, 2 deletions
@@ -179,6 +179,10 @@ all:: # in one call to the platform's SHA1_Update(). e.g. APPLE_COMMON_CRYPTO # wants 'SHA1_MAX_BLOCK_SIZE=1024L*1024L*1024L' defined. # +# Define BLK_SHA256 to use the built-in SHA-256 routines. +# +# Define GCRYPT_SHA256 to use the SHA-256 routines in libgcrypt. +# # Define NEEDS_CRYPTO_WITH_SSL if you need -lcrypto when using -lssl (Darwin). # # Define NEEDS_SSL_WITH_CRYPTO if you need -lssl when using -lcrypto (Darwin). @@ -1634,8 +1638,13 @@ endif endif endif -LIB_OBJS += sha256/block/sha256.o -BASIC_CFLAGS += -DSHA256_BLK +ifdef GCRYPT_SHA256 + BASIC_CFLAGS += -DSHA256_GCRYPT + EXTLIBS += -lgcrypt +else + LIB_OBJS += sha256/block/sha256.o + BASIC_CFLAGS += -DSHA256_BLK +endif ifdef SHA1_MAX_BLOCK_SIZE LIB_OBJS += compat/sha1-chunked.o @@ -15,7 +15,11 @@ #include "block-sha1/sha1.h" #endif +#if defined(SHA256_GCRYPT) +#include "sha256/gcrypt.h" +#else #include "sha256/block/sha256.h" +#endif #ifndef platform_SHA_CTX /* diff --git a/sha256/gcrypt.h b/sha256/gcrypt.h new file mode 100644 index 0000000000..09bd8bb200 --- /dev/null +++ b/sha256/gcrypt.h @@ -0,0 +1,30 @@ +#ifndef SHA256_GCRYPT_H +#define SHA256_GCRYPT_H + +#include <gcrypt.h> + +#define SHA256_DIGEST_SIZE 32 + +typedef gcry_md_hd_t gcrypt_SHA256_CTX; + +inline void gcrypt_SHA256_Init(gcrypt_SHA256_CTX *ctx) +{ + gcry_md_open(ctx, GCRY_MD_SHA256, 0); +} + +inline void gcrypt_SHA256_Update(gcrypt_SHA256_CTX *ctx, const void *data, size_t len) +{ + gcry_md_write(*ctx, data, len); +} + +inline void gcrypt_SHA256_Final(unsigned char *digest, gcrypt_SHA256_CTX *ctx) +{ + memcpy(digest, gcry_md_read(*ctx, GCRY_MD_SHA256), SHA256_DIGEST_SIZE); +} + +#define platform_SHA256_CTX gcrypt_SHA256_CTX +#define platform_SHA256_Init gcrypt_SHA256_Init +#define platform_SHA256_Update gcrypt_SHA256_Update +#define platform_SHA256_Final gcrypt_SHA256_Final + +#endif |