Introduce _UNSAFE variants of the OPENSSL_SHA1, BLK_SHA1, and
APPLE_COMMON_CRYPTO_SHA1 compile-time knobs which indicate which SHA-1
implementation is to be used for non-cryptographic uses.
There are a couple of small implementation notes worth mentioning:
- There is no way to select the collision detecting SHA-1 as the
"fast" fallback, since the fast fallback is only for
non-cryptographic uses, and is meant to be faster than our
collision-detecting implementation.
- There are no similar knobs for SHA-256, since no collision attacks
are presently known and thus no collision-detecting implementations
actually exist.
Signed-off-by: Taylor Blau <me@xxxxxxxxxxxx>
---
Makefile | 25 +++++++++++++++++++++++++
hash.h | 30 ++++++++++++++++++++++++++++++
2 files changed, 55 insertions(+)
diff --git a/Makefile b/Makefile
index 9cf2be070f..fb84a87592 100644
--- a/Makefile
+++ b/Makefile
@@ -521,6 +521,10 @@ include shared.mak
# Define APPLE_COMMON_CRYPTO_SHA1 to use Apple's CommonCrypto for
# SHA-1.
#
+# Define the same Makefile knobs as above, but suffixed with _UNSAFE to
+# use the corresponding implementations for unsafe SHA-1 hashing for
+# non-cryptographic purposes.
+#
# If don't enable any of the *_SHA1 settings in this section, Git will
# default to its built-in sha1collisiondetection library, which is a
# collision-detecting sha1 This is slower, but may detect attempted
@@ -1996,6 +2000,27 @@ endif
endif
endif
+ifdef OPENSSL_SHA1_UNSAFE
+ifndef OPENSSL_SHA1
+ EXTLIBS += $(LIB_4_CRYPTO)
+ BASIC_CFLAGS += -DSHA1_OPENSSL_UNSAFE
+endif
+else
+ifdef BLK_SHA1_UNSAFE
+ifndef BLK_SHA1
+ LIB_OBJS += block-sha1/sha1.o
+ BASIC_CFLAGS += -DSHA1_BLK_UNSAFE
+endif
+else
+ifdef APPLE_COMMON_CRYPTO_SHA1_UNSAFE
+ifndef APPLE_COMMON_CRYPTO_SHA1
+ COMPAT_CFLAGS += -DCOMMON_DIGEST_FOR_OPENSSL
+ BASIC_CFLAGS += -DSHA1_APPLE_UNSAFE
+endif
+endif
+endif
+endif
+
ifdef OPENSSL_SHA256
EXTLIBS += $(LIB_4_CRYPTO)
BASIC_CFLAGS += -DSHA256_OPENSSL
diff --git a/hash.h b/hash.h
index 96458b129f..f97f858307 100644
--- a/hash.h
+++ b/hash.h
@@ -15,6 +15,36 @@
#include "block-sha1/sha1.h"
#endif
+#if defined(SHA1_APPLE_UNSAFE)
+# include <CommonCrypto/CommonDigest.h>
+# define platform_SHA_CTX_unsafe CC_SHA1_CTX
+# define platform_SHA1_Init_unsafe CC_SHA1_Init
+# define platform_SHA1_Update_unsafe CC_SHA1_Update
+# define platform_SHA1_Final_unsafe CC_SHA1_Final
+#elif defined(SHA1_OPENSSL_UNSAFE)
+# include <openssl/sha.h>
+# if defined(OPENSSL_API_LEVEL) && OPENSSL_API_LEVEL >= 3
+# define SHA1_NEEDS_CLONE_HELPER_UNSAFE
+# include "sha1/openssl.h"
+# define platform_SHA_CTX_unsafe openssl_SHA1_CTX
+# define platform_SHA1_Init_unsafe openssl_SHA1_Init
+# define platform_SHA1_Clone_unsafe openssl_SHA1_Clone
+# define platform_SHA1_Update_unsafe openssl_SHA1_Update
+# define platform_SHA1_Final_unsafe openssl_SHA1_Final
+# else
+# define platform_SHA_CTX_unsafe SHA_CTX
+# define platform_SHA1_Init_unsafe SHA1_Init
+# define platform_SHA1_Update_unsafe SHA1_Update
+# define platform_SHA1_Final_unsafe SHA1_Final
+# endif
+#elif defined(SHA1_BLK_UNSAFE)
+# include "block-sha1/sha1.h"
+# define platform_SHA_CTX_unsafe blk_SHA_CTX
+# define platform_SHA1_Init_unsafe blk_SHA1_Init
+# define platform_SHA1_Update_unsafe blk_SHA1_Update
+# define platform_SHA1_Final_unsafe blk_SHA1_Final
+#endif
+
#if defined(SHA256_NETTLE)
#include "sha256/nettle.h"
#elif defined(SHA256_GCRYPT)
--
2.46.1.507.gffd0c9a15b2.dirty
