Add ::cookfs::sha256 cmd if c-crypto is enabled

chpock · Oct 19, 2024 · d359a01 · d359a01
1 parent fd91587
commit d359a01
Show file tree

Hide file tree

Showing 7 changed files with 109 additions and 4 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -1,5 +1,6 @@
 2024-10-19 Konstantin Kushnir <[email protected]>
 	* Add attributes for files / dirs / VFS root
+	* Add ::cookfs::sha256 command if c-crypto is enabled
 
 2024-10-17 Konstantin Kushnir <[email protected]>
 	* Use the compsize / uncompsize keys in pages info

diff --git a/TODO.txt b/TODO.txt
@@ -1,5 +1,3 @@
-* add sha256 command if crypto is enabled
-
 * Investigate an issue with -directory parameter for glob.
   See tests cookfsVfs-1.8.4.1.1 and cookfsVfs-1.8.4.1.2.
   Then some variable (object) is passed to -directory argument

diff --git a/generic/cookfs.h b/generic/cookfs.h
@@ -20,7 +20,7 @@
 #include <assert.h>
 #include <stdint.h>
 
-#define COOKFS_THREAD_DEBUG
+// #define COOKFS_THREAD_DEBUG
 
 /*
  * Backwards compatibility for size type change

diff --git a/generic/crypto.c b/generic/crypto.c
@@ -399,3 +399,54 @@ void Cookfs_RandomGenerate(Tcl_Interp *interp, unsigned char *buf, Tcl_Size size
 
 }
 
+int Cookfs_Sha256Cmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
+
+    UNUSED(clientData);
+
+    Tcl_Obj *obj;
+    CSha256 ctx;
+
+    unsigned char *bytes;
+    unsigned char sha256[SHA256_DIGEST_SIZE];
+    Tcl_Size size;
+
+    if (objc < 2 || objc > 3) {
+        Tcl_WrongNumArgs(interp, 1, objv, "?-bin? data");
+        return TCL_ERROR;
+    }
+
+    if (objc == 3) {
+        const char *opt = Tcl_GetStringFromObj(objv[1], &size);
+        if (size < 1 || strncmp(opt, "-bin", size) != 0) {
+            Tcl_SetObjResult(interp, Tcl_ObjPrintf(
+                "bad option \"%s\": must be -bin", opt));
+            Tcl_SetErrorCode(interp, "TCL", "LOOKUP", "INDEX", "option",
+                opt, (const char *)NULL);
+            return TCL_ERROR;
+        }
+        obj = objv[2];
+    } else {
+        obj = objv[1];
+    }
+
+    bytes = Tcl_GetByteArrayFromObj(obj, &size);
+
+    Sha256_Init(&ctx);
+    Sha256_Update(&ctx, bytes, size);
+    Sha256_Final(&ctx, sha256);
+
+    if (objc == 3) {
+        obj = Tcl_NewByteArrayObj(sha256, SHA256_DIGEST_SIZE);
+    } else {
+        char hex[SHA256_DIGEST_SIZE*2+1];
+        for (int i = 0; i < SHA256_DIGEST_SIZE; i++) {
+            sprintf(hex + i*2, "%02X", ((int) sha256[i]));
+        }
+        hex[SHA256_DIGEST_SIZE*2] = 0;
+        obj = Tcl_NewStringObj(hex, SHA256_DIGEST_SIZE*2);
+    }
+
+    Tcl_SetObjResult(interp, obj);
+
+    return TCL_OK;
+}
diff --git a/generic/crypto.h b/generic/crypto.h
@@ -26,4 +26,7 @@ void Cookfs_AesDecryptRaw(unsigned char *buffer, Tcl_Size bufferSize,
 void Cookfs_AesEncrypt(Cookfs_PageObj pg, unsigned char *key);
 int Cookfs_AesDecrypt(Cookfs_PageObj pg, unsigned char *key);
 
+int Cookfs_Sha256Cmd(ClientData clientData, Tcl_Interp *interp, int objc,
+    Tcl_Obj *const objv[]);
+
 #endif /* COOKFS_CRYPTO_H */
diff --git a/generic/hashes.c b/generic/hashes.c
@@ -7,6 +7,9 @@
  */
 
 #include "cookfs.h"
+#ifdef COOKFS_USECCRYPTO
+#include "crypto.h"
+#endif /* COOKFS_USECCRYPTO */
 
 static int CookfsMd5Cmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
     UNUSED(clientData);
@@ -58,7 +61,18 @@ int Cookfs_InitHashesCmd(Tcl_Interp *interp) {
     Tcl_CreateObjCommand(interp, "::cookfs::c::md5", (Tcl_ObjCmdProc *)CookfsMd5Cmd,
         (ClientData)NULL, (Tcl_CmdDeleteProc *)NULL);
 
-    Tcl_CreateAlias(interp, "::cookfs::md5", interp, "::cookfs::c::md5", 0, NULL);
+#ifdef COOKFS_USECCRYPTO
+    Tcl_CreateObjCommand(interp, "::cookfs::c::sha256",
+        (Tcl_ObjCmdProc *)Cookfs_Sha256Cmd, (ClientData)NULL,
+        (Tcl_CmdDeleteProc *)NULL);
+#endif /* COOKFS_USECCRYPTO */
+
+    Tcl_CreateAlias(interp, "::cookfs::md5", interp, "::cookfs::c::md5",
+        0, NULL);
+#ifdef COOKFS_USECCRYPTO
+    Tcl_CreateAlias(interp, "::cookfs::sha256", interp, "::cookfs::c::sha256",
+        0, NULL);
+#endif /* COOKFS_USECCRYPTO */
 
     return TCL_OK;
 }
diff --git a/tests/hashes.test b/tests/hashes.test
@@ -42,4 +42,42 @@ test cookfsHashesMD5-6.2 {wrong args} -body {
     ::cookfs::c::md5 1 2
 } -error {bad option "1": must be -bin}
 
+# SHA256 tests
+
+test cookfsHashesSHA256-1.1 {empty data} -constraints cookfsCrypto -body {
+    ::cookfs::sha256 ""
+} -result E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
+
+test cookfsHashesSHA256-1.2 {-bin, empty data} -body {
+    binary encode hex [::cookfs::sha256 -bin ""]
+} -result e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
+
+test cookfsHashesSHA256-2 {1 byte data} -constraints cookfsCrypto -body {
+    ::cookfs::sha256 "a"
+} -result CA978112CA1BBDCAFAC231B39A23DC4DA786EFF8147C4E72B9807785AFEE48BB
+
+test cookfsHashesSHA256-3 {1kb byte data} -constraints cookfsCrypto -body {
+    ::cookfs::sha256 [string repeat "a" 1024]
+} -result 2EDC986847E209B4016E141A6DC8716D3207350F416969382D431539BF292E4A
+
+test cookfsHashesSHA256-4 {1kb+1 byte data} -constraints cookfsCrypto -body {
+    ::cookfs::sha256 [string repeat "a" 1025]
+} -result 4A82297889EB505CF6B5CBDF69977AFAB4632D6557539782F657BD7DC78091A5
+
+test cookfsHashesSHA256-5.1 {no args} -constraints cookfsCrypto -body {
+    ::cookfs::sha256
+} -error {wrong # args: should be "::cookfs::sha256 ?-bin? data"}
+
+test cookfsHashesSHA256-5.2 {no args} -constraints cookfsCrypto -body {
+    ::cookfs::c::sha256
+} -error {wrong # args: should be "::cookfs::c::sha256 ?-bin? data"}
+
+test cookfsHashesSHA256-6.1 {wrong # args} -constraints cookfsCrypto -body {
+    ::cookfs::sha256 1 2
+} -error {bad option "1": must be -bin}
+
+test cookfsHashesSHA256-6.2 {wrong # args} -constraints cookfsCrypto -body {
+    ::cookfs::c::sha256 1 2
+} -error {bad option "1": must be -bin}
+
 cleanupTests