diff options
| -rw-r--r-- | src/libcryptobox/cryptobox.c | 9 | ||||
| -rw-r--r-- | src/libcryptobox/cryptobox.h | 13 | ||||
| -rw-r--r-- | src/libstat/tokenizers/osb.c | 11 | ||||
| -rw-r--r-- | src/libutil/shingles.c | 36 |
4 files changed, 41 insertions, 28 deletions
diff --git a/src/libcryptobox/cryptobox.c b/src/libcryptobox/cryptobox.c index 847f005f1..e1a3a2b8f 100644 --- a/src/libcryptobox/cryptobox.c +++ b/src/libcryptobox/cryptobox.c @@ -243,3 +243,12 @@ rspamd_cryptobox_encrypt_inplace (guchar *data, gsize len, rspamd_cryptobox_encrypt_nm_inplace (data, len, nonce, nm, sig); rspamd_explicit_memzero (nm, sizeof (nm)); } + + +void +rspamd_cryptobox_siphash (unsigned char *out, const unsigned char *in, + unsigned long long inlen, + const rspamd_sipkey_t k) +{ + siphash24 (out, in, inlen, k); +} diff --git a/src/libcryptobox/cryptobox.h b/src/libcryptobox/cryptobox.h index 0a689d7de..b60af5619 100644 --- a/src/libcryptobox/cryptobox.h +++ b/src/libcryptobox/cryptobox.h @@ -30,12 +30,14 @@ #define rspamd_cryptobox_SKBYTES 32 #define rspamd_cryptobox_MACBYTES 16 #define rspamd_cryptobox_NMBYTES 32 +#define rspamd_cryptobox_SIPKEYBYTES 16 typedef guchar rspamd_pk_t[rspamd_cryptobox_PKBYTES]; typedef guchar rspamd_sk_t[rspamd_cryptobox_SKBYTES]; typedef guchar rspamd_sig_t[rspamd_cryptobox_MACBYTES]; typedef guchar rspamd_nm_t[rspamd_cryptobox_NMBYTES]; typedef guchar rspamd_nonce_t[rspamd_cryptobox_NONCEBYTES]; +typedef guchar rspamd_sipkey_t[rspamd_cryptobox_SIPKEYBYTES]; /** * Init cryptobox library @@ -116,4 +118,15 @@ void rspamd_cryptobox_nm (rspamd_nm_t nm, const rspamd_pk_t pk, const rspamd_sk_ */ void rspamd_explicit_memzero (void * const buf, gsize buflen); +/** + * Calculates siphash-2-4 for a message + * @param out (8 bytes output) + * @param in + * @param inlen + * @param k key (must be 16 bytes) + */ +void rspamd_cryptobox_siphash (unsigned char *out, const unsigned char *in, + unsigned long long inlen, + const rspamd_sipkey_t k); + #endif /* CRYPTOBOX_H_ */ diff --git a/src/libstat/tokenizers/osb.c b/src/libstat/tokenizers/osb.c index dc6808753..517b465fd 100644 --- a/src/libstat/tokenizers/osb.c +++ b/src/libstat/tokenizers/osb.c @@ -30,7 +30,7 @@ #include "stat_internal.h" #include "libstemmer.h" #include "xxhash.h" -#include "siphash.h" +#include "cryptobox.h" /* Size for features pipe */ #define DEFAULT_FEATURE_WINDOW_SIZE 5 @@ -63,7 +63,7 @@ struct rspamd_osb_tokenizer_config { gshort window_size; enum rspamd_osb_hash_type ht; guint64 seed; - struct sipkey sk; + rspamd_sipkey_t sk; }; /* @@ -125,12 +125,12 @@ rspamd_tokenizer_osb_config_from_ucl (rspamd_mempool_t * pool, if (elt != NULL && ucl_object_type (elt) == UCL_STRING) { key = rspamd_decode_base32 (ucl_object_tostring (elt), 0, &keylen); - if (keylen < 16) { + if (keylen < sizeof (rspamd_sipkey_t)) { msg_warn ("siphash key is too short: %s", keylen); g_free (key); } else { - sip_tokey (&cf->sk, key); + memcpy (cf->sk, key, sizeof (cf->sk)); g_free (key); } } @@ -251,7 +251,8 @@ rspamd_tokenizer_osb (struct rspamd_tokenizer_config *cf, cur = XXH64 (token->begin, token->len, osb_cf->seed); } else { - cur = siphash24 (token->begin, token->len, &osb_cf->sk); + rspamd_cryptobox_siphash ((guchar *)&cur, token->begin, + token->len, osb_cf->sk); } } diff --git a/src/libutil/shingles.c b/src/libutil/shingles.c index fa49fdadd..776ecfa96 100644 --- a/src/libutil/shingles.c +++ b/src/libutil/shingles.c @@ -23,21 +23,11 @@ #include "shingles.h" #include "fstring.h" -#include "siphash.h" +#include "cryptobox.h" #include "blake2.h" #define SHINGLES_WINDOW 3 -static void -rspamd_shingles_update_row (rspamd_fstring_t *in, struct siphash *h) -{ - int i; - - for (i = 0; i < RSPAMD_SHINGLE_SIZE; i ++) { - sip24_update (&h[i], in->begin, in->len); - } -} - struct rspamd_shingle* rspamd_shingles_generate (GArray *input, const guchar key[16], @@ -47,11 +37,13 @@ rspamd_shingles_generate (GArray *input, { struct rspamd_shingle *res; GArray *hashes[RSPAMD_SHINGLE_SIZE]; - struct sipkey keys[RSPAMD_SHINGLE_SIZE]; - struct siphash h[RSPAMD_SHINGLE_SIZE]; + rspamd_sipkey_t keys[RSPAMD_SHINGLE_SIZE]; guchar shabuf[BLAKE2B_OUTBYTES], *out_key; const guchar *cur_key; + GString *row; + rspamd_fstring_t *word; blake2b_state bs; + guint64 val; gint i, j, beg = 0; guint8 shalen; @@ -63,7 +55,7 @@ rspamd_shingles_generate (GArray *input, } blake2b_init (&bs, BLAKE2B_OUTBYTES); - memset (h, 0, sizeof (h)); + row = g_string_sized_new (256); cur_key = key; out_key = (guchar *)&keys[0]; @@ -86,28 +78,24 @@ rspamd_shingles_generate (GArray *input, blake2b_init (&bs, BLAKE2B_OUTBYTES); cur_key = out_key; out_key += 16; - sip24_init (&h[i], &keys[i]); } /* Now parse input words into a vector of hashes using rolling window */ for (i = 0; i <= (gint)input->len; i ++) { if (i - beg >= SHINGLES_WINDOW || i == (gint)input->len) { for (j = beg; j < i; j ++) { - rspamd_shingles_update_row (&g_array_index (input, - rspamd_fstring_t, j), h); + word = &g_array_index (input, rspamd_fstring_t, j); + g_string_append_len (row, word->begin, word->len); } beg++; /* Now we need to create a new row here */ for (j = 0; j < RSPAMD_SHINGLE_SIZE; j ++) { - guint64 val; - - val = sip24_final (&h[j]); - /* Reinit siphash state */ - memset (&h[j], 0, sizeof (h[0])); - sip24_init (&h[j], &keys[j]); + rspamd_cryptobox_siphash ((guchar *)&val, row->str, row->len, + keys[j]); g_array_append_val (hashes[j], val); } + g_string_assign (row, ""); } } @@ -118,6 +106,8 @@ rspamd_shingles_generate (GArray *input, g_array_free (hashes[i], TRUE); } + g_string_free (row, TRUE); + return res; } |