rspamd_cryptobox_encrypt_nm_inplace (data, len, nonce, nm, sig);
rspamd_explicit_memzero (nm, sizeof (nm));
}
+
+
+void
+rspamd_cryptobox_siphash (unsigned char *out, const unsigned char *in,
+ unsigned long long inlen,
+ const rspamd_sipkey_t k)
+{
+ siphash24 (out, in, inlen, k);
+}
#define rspamd_cryptobox_SKBYTES 32
#define rspamd_cryptobox_MACBYTES 16
#define rspamd_cryptobox_NMBYTES 32
+#define rspamd_cryptobox_SIPKEYBYTES 16
typedef guchar rspamd_pk_t[rspamd_cryptobox_PKBYTES];
typedef guchar rspamd_sk_t[rspamd_cryptobox_SKBYTES];
typedef guchar rspamd_sig_t[rspamd_cryptobox_MACBYTES];
typedef guchar rspamd_nm_t[rspamd_cryptobox_NMBYTES];
typedef guchar rspamd_nonce_t[rspamd_cryptobox_NONCEBYTES];
+typedef guchar rspamd_sipkey_t[rspamd_cryptobox_SIPKEYBYTES];
/**
* Init cryptobox library
*/
void rspamd_explicit_memzero (void * const buf, gsize buflen);
+/**
+ * Calculates siphash-2-4 for a message
+ * @param out (8 bytes output)
+ * @param in
+ * @param inlen
+ * @param k key (must be 16 bytes)
+ */
+void rspamd_cryptobox_siphash (unsigned char *out, const unsigned char *in,
+ unsigned long long inlen,
+ const rspamd_sipkey_t k);
+
#endif /* CRYPTOBOX_H_ */
#include "stat_internal.h"
#include "libstemmer.h"
#include "xxhash.h"
-#include "siphash.h"
+#include "cryptobox.h"
/* Size for features pipe */
#define DEFAULT_FEATURE_WINDOW_SIZE 5
gshort window_size;
enum rspamd_osb_hash_type ht;
guint64 seed;
- struct sipkey sk;
+ rspamd_sipkey_t sk;
};
/*
if (elt != NULL && ucl_object_type (elt) == UCL_STRING) {
key = rspamd_decode_base32 (ucl_object_tostring (elt),
0, &keylen);
- if (keylen < 16) {
+ if (keylen < sizeof (rspamd_sipkey_t)) {
msg_warn ("siphash key is too short: %s", keylen);
g_free (key);
}
else {
- sip_tokey (&cf->sk, key);
+ memcpy (cf->sk, key, sizeof (cf->sk));
g_free (key);
}
}
cur = XXH64 (token->begin, token->len, osb_cf->seed);
}
else {
- cur = siphash24 (token->begin, token->len, &osb_cf->sk);
+ rspamd_cryptobox_siphash ((guchar *)&cur, token->begin,
+ token->len, osb_cf->sk);
}
}
#include "shingles.h"
#include "fstring.h"
-#include "siphash.h"
+#include "cryptobox.h"
#include "blake2.h"
#define SHINGLES_WINDOW 3
-static void
-rspamd_shingles_update_row (rspamd_fstring_t *in, struct siphash *h)
-{
- int i;
-
- for (i = 0; i < RSPAMD_SHINGLE_SIZE; i ++) {
- sip24_update (&h[i], in->begin, in->len);
- }
-}
-
struct rspamd_shingle*
rspamd_shingles_generate (GArray *input,
const guchar key[16],
{
struct rspamd_shingle *res;
GArray *hashes[RSPAMD_SHINGLE_SIZE];
- struct sipkey keys[RSPAMD_SHINGLE_SIZE];
- struct siphash h[RSPAMD_SHINGLE_SIZE];
+ rspamd_sipkey_t keys[RSPAMD_SHINGLE_SIZE];
guchar shabuf[BLAKE2B_OUTBYTES], *out_key;
const guchar *cur_key;
+ GString *row;
+ rspamd_fstring_t *word;
blake2b_state bs;
+ guint64 val;
gint i, j, beg = 0;
guint8 shalen;
}
blake2b_init (&bs, BLAKE2B_OUTBYTES);
- memset (h, 0, sizeof (h));
+ row = g_string_sized_new (256);
cur_key = key;
out_key = (guchar *)&keys[0];
blake2b_init (&bs, BLAKE2B_OUTBYTES);
cur_key = out_key;
out_key += 16;
- sip24_init (&h[i], &keys[i]);
}
/* Now parse input words into a vector of hashes using rolling window */
for (i = 0; i <= (gint)input->len; i ++) {
if (i - beg >= SHINGLES_WINDOW || i == (gint)input->len) {
for (j = beg; j < i; j ++) {
- rspamd_shingles_update_row (&g_array_index (input,
- rspamd_fstring_t, j), h);
+ word = &g_array_index (input, rspamd_fstring_t, j);
+ g_string_append_len (row, word->begin, word->len);
}
beg++;
/* Now we need to create a new row here */
for (j = 0; j < RSPAMD_SHINGLE_SIZE; j ++) {
- guint64 val;
-
- val = sip24_final (&h[j]);
- /* Reinit siphash state */
- memset (&h[j], 0, sizeof (h[0]));
- sip24_init (&h[j], &keys[j]);
+ rspamd_cryptobox_siphash ((guchar *)&val, row->str, row->len,
+ keys[j]);
g_array_append_val (hashes[j], val);
}
+ g_string_assign (row, "");
}
}
g_array_free (hashes[i], TRUE);
}
+ g_string_free (row, TRUE);
+
return res;
}