From: "Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
To: git@vger.kernel.org
Cc: "Junio C Hamano" <gitster@pobox.com>,
"Adam Dinwoodie" <adam@dinwoodie.org>,
"Ramsay Jones" <ramsay@ramsayjones.plus.com>,
"Liam R . Howlett" <Liam.Howlett@oracle.com>,
"Michael Kebe" <michael.kebe@gmail.com>,
"Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
Subject: [PATCH 1/3] sha1dc: update from upstream
Date: Tue, 6 Jun 2017 15:12:29 +0000 [thread overview]
Message-ID: <20170606151231.25172-2-avarab@gmail.com> (raw)
In-Reply-To: <20170606151231.25172-1-avarab@gmail.com>
Update sha1dc from the latest version by the upstream
maintainer[1].
See commit a0103914c2 ("sha1dc: update from upstream", 2017-05-20) for
the latest update. That update was done sans some whitespace changes
by upstream, which is why the diff here isn't the same as the upstream
cc46554..e139984.
It also brings in a change[2] upstream made which should hopefully
address the breakage in 2.13.1 on Cygwin, see [3]. Cygwin defines both
_BIG_ENDIAN and _LITTLE_ENDIAN.
Adam Dinwoodie reports on the mailing list that that upstream commit
fixes the issue on Cygwin[4].
1. https://github.com/cr-marcstevens/sha1collisiondetection/commit/e1399840b501a68ac6c8d7ed9a5cb1455480200e
2. https://github.com/cr-marcstevens/sha1collisiondetection/commit/a24eef58c0684078405f8c7a89f9b78271432005
3. <20170606100355.GC25777@dinwoodie.org> (https://public-inbox.org/git/20170606100355.GC25777@dinwoodie.org/)
4. <20170606124323.GD25777@dinwoodie.org> (https://public-inbox.org/git/20170606124323.GD25777@dinwoodie.org/)
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
sha1dc/sha1.c | 30 ++++++++++++++++++++++++------
sha1dc/sha1.h | 6 +++---
2 files changed, 27 insertions(+), 9 deletions(-)
diff --git a/sha1dc/sha1.c b/sha1dc/sha1.c
index 3dff80ac72..facea1bb56 100644
--- a/sha1dc/sha1.c
+++ b/sha1dc/sha1.c
@@ -35,15 +35,33 @@
#ifdef SHA1DC_BIGENDIAN
#undef SHA1DC_BIGENDIAN
#endif
-#if (!defined SHA1DC_FORCE_LITTLEENDIAN) && \
- ((defined(__BYTE_ORDER) && (__BYTE_ORDER == __BIG_ENDIAN)) || \
- (defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __BIG_ENDIAN__)) || \
- defined(_BIG_ENDIAN) || defined(__BIG_ENDIAN__) || defined(__ARMEB__) || defined(__THUMBEB__) || defined(__AARCH64EB__) || \
- defined(_MIPSEB) || defined(__MIPSEB) || defined(__MIPSEB__) || defined(SHA1DC_FORCE_BIGENDIAN))
+#if (defined(_BYTE_ORDER) || defined(__BYTE_ORDER) || defined(__BYTE_ORDER__))
+
+#if ((defined(_BYTE_ORDER) && (_BYTE_ORDER == _BIG_ENDIAN)) || \
+ (defined(__BYTE_ORDER) && (__BYTE_ORDER == __BIG_ENDIAN)) || \
+ (defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __BIG_ENDIAN__)) )
#define SHA1DC_BIGENDIAN
+#endif
+
+#else
+
+#if (defined(_BIG_ENDIAN) || defined(__BIG_ENDIAN) || defined(__BIG_ENDIAN__) || \
+ defined(__ARMEB__) || defined(__THUMBEB__) || defined(__AARCH64EB__) || \
+ defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || \
+ defined(__sparc))
+#define SHA1DC_BIGENDIAN
+#endif
-#endif /*ENDIANNESS SELECTION*/
+#endif
+
+#if (defined(SHA1DC_FORCE_LITTLEENDIAN) && defined(SHA1DC_BIGENDIAN))
+#undef SHA1DC_BIGENDIAN
+#endif
+#if (defined(SHA1DC_FORCE_BIGENDIAN) && !defined(SHA1DC_BIGENDIAN))
+#define SHA1DC_BIGENDIAN
+#endif
+/*ENDIANNESS SELECTION*/
#if (defined SHA1DC_FORCE_UNALIGNED_ACCESS || \
defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(__x86_64) || \
diff --git a/sha1dc/sha1.h b/sha1dc/sha1.h
index a0ff5d1305..1e4e94be54 100644
--- a/sha1dc/sha1.h
+++ b/sha1dc/sha1.h
@@ -61,9 +61,9 @@ void SHA1DCInit(SHA1_CTX*);
Function to enable safe SHA-1 hashing:
Collision attacks are thwarted by hashing a detected near-collision block 3 times.
Think of it as extending SHA-1 from 80-steps to 240-steps for such blocks:
- The best collision attacks against SHA-1 have complexity about 2^60,
- thus for 240-steps an immediate lower-bound for the best cryptanalytic attacks would be 2^180.
- An attacker would be better off using a generic birthday search of complexity 2^80.
+ The best collision attacks against SHA-1 have complexity about 2^60,
+ thus for 240-steps an immediate lower-bound for the best cryptanalytic attacks would be 2^180.
+ An attacker would be better off using a generic birthday search of complexity 2^80.
Enabling safe SHA-1 hashing will result in the correct SHA-1 hash for messages where no collision attack was detected,
but it will result in a different SHA-1 hash for messages where a collision attack was detected.
--
2.13.0.506.g27d5fe0cd
next prev parent reply other threads:[~2017-06-06 15:12 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-05 20:34 Git v2.13.1 SHA1 very broken Adam Dinwoodie
2017-06-05 21:05 ` Ævar Arnfjörð Bjarmason
2017-06-05 23:20 ` Ramsay Jones
2017-06-06 0:11 ` Ramsay Jones
2017-06-06 1:20 ` Junio C Hamano
2017-06-06 10:03 ` Adam Dinwoodie
2017-06-06 11:55 ` Junio C Hamano
2017-06-06 12:43 ` Adam Dinwoodie
2017-06-06 14:47 ` Continous Integration (was: RE: Git v2.13.1 SHA1 very broken) Jason Pyeron
2017-06-06 15:04 ` Lars Schneider
2017-07-02 20:35 ` Adam Dinwoodie
2017-07-03 12:34 ` Johannes Schindelin
2017-06-06 15:12 ` [PATCH 0/3] update sha1dc Ævar Arnfjörð Bjarmason
2017-06-06 15:12 ` Ævar Arnfjörð Bjarmason [this message]
2017-06-06 15:12 ` [PATCH 2/3] sha1dc: optionally use sha1collisiondetection as a submodule Ævar Arnfjörð Bjarmason
2017-06-06 18:48 ` Stefan Beller
2017-06-06 19:03 ` Ævar Arnfjörð Bjarmason
2017-06-06 19:09 ` Stefan Beller
2017-06-06 15:12 ` [PATCH 3/3] sha1collisiondetection: automatically enable when submodule is populated Ævar Arnfjörð Bjarmason
2017-06-06 18:23 ` [PATCH 0/3] update sha1dc Stefan Beller
2017-06-06 18:51 ` Ævar Arnfjörð Bjarmason
2017-06-06 19:01 ` [PATCH] sha1dc: ignore indent-with-non-tab whitespace violations Jeff King
2017-06-06 19:04 ` Ævar Arnfjörð Bjarmason
2017-06-06 19:05 ` Stefan Beller
2017-06-13 2:09 ` [PATCH 0/3] update sha1dc Liam R. Howlett
2017-06-06 12:49 ` Git v2.13.1 SHA1 very broken Morten Welinder
-- strict thread matches above, loose matches on Subject: below --
2017-05-18 21:28 [PATCH 0/3] Update sha1dc from upstream & optionally make it a submodule Ævar Arnfjörð Bjarmason
2017-05-18 21:28 ` [PATCH 1/3] sha1dc: update from upstream Ævar Arnfjörð Bjarmason
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170606151231.25172-2-avarab@gmail.com \
--to=avarab@gmail.com \
--cc=Liam.Howlett@oracle.com \
--cc=adam@dinwoodie.org \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=michael.kebe@gmail.com \
--cc=ramsay@ramsayjones.plus.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).