ARCHIVE/rippled
1
0
Fork 0
mirror of https://github.com/XRPLF/rippled.git synced 2025-11-04 19:25:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add SHA512 hasher:

Browse Source 
* Remove unused SHA256
This commit is contained in:
Vinnie Falco
2015-05-27 09:26:29 -07:00
parent d11510c34c
commit 360e3fb81e
12 changed files with 380 additions and 2434 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
beast/config/ConfigCheck.h
View File

@@ -66,10 +66,4 @@
#define BEAST_STRING_UTF_TYPE 8 #define BEAST_STRING_UTF_TYPE 8
#endif #endif
//------------------------------------------------------------------------------
#ifndef BEAST_USE_BOOST_FEATURES
#define BEAST_USE_BOOST_FEATURES 0
#endif
#endif #endif

2
beast/crypto/Crypto.unity.cpp
View File

@@ -21,6 +21,4 @@
#include <BeastConfig.h> #include <BeastConfig.h>
#endif #endif
#include <beast/crypto/impl/Sha256.cpp>
#include <beast/crypto/tests/base64.test.cpp> #include <beast/crypto/tests/base64.test.cpp>

157
beast/crypto/Sha256.h
View File

@@ -1,157 +0,0 @@
//------------------------------------------------------------------------------
/*
This file is part of Beast: https://github.com/vinniefalco/Beast
Copyright 2013, Vinnie Falco <vinnie.falco@gmail.com>
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL , DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
//==============================================================================
#ifndef BEAST_CRYPTO_SHA256_H_INCLUDED
#define BEAST_CRYPTO_SHA256_H_INCLUDED
#include <beast/Config.h>
#include <array>
#include <cstdint>
//------------------------------------------------------------------------------
namespace beast {
namespace Sha256 {
enum
{
digestLength = 32,
blockLength = 64
};
/** A container suitable for holding the resulting hash. */
using digest_type = std::array <std::uint8_t, digestLength>;
namespace detail {
struct Context
{
std::uint32_t state[8];
std::uint64_t bitcount;
std::uint8_t buffer[Sha256::blockLength];
};
}
/** Computes the Sha256 hash of data. */
class Context
{
public:
/** Create a new hasher prepared for input. */
Context();
/** Update the hashing context with the input sequence. */
/** @{ */
void update (void const* buffer, std::size_t bytes);
void update (std::int8_t const* begin, std::int8_t const* end)
{
update (begin, end - begin);
}
void update (std::uint8_t const* begin, std::uint8_t const* end)
{
update (begin, end - begin);
}
template <typename T>
void update (T const& t)
{
update (&t, sizeof(T));
}
/** @} */
/** Finalize the hash process and store the digest.
The memory pointed to by `digest` must be at least digestLength
bytes. This object may not be re-used after calling finish.
@return A pointer to the passed hash buffer.
*/
/** @{ */
void* finish (void* digest);
digest_type& finish (digest_type& digest)
{
finish (digest.data());
return digest;
}
digest_type finish ()
{
digest_type digest;
finish (digest);
return digest;
}
/** @} */
private:
detail::Context m_context;
};
//------------------------------------------------------------------------------
/** Returns the hash produced by a single octet equal to zero. */
digest_type const& empty_digest();
/** Performs an entire hashing operation in a single step.
A zero length input sequence produces the empty_digest().
@return The resulting digest depending on the arguments.
*/
/** @{ */
void* hash (void const* buffer, std::size_t bytes, void* digest);
digest_type& hash ( void const* buffer, std::size_t bytes, digest_type& digest);
digest_type hash (void const* buffer, std::size_t bytes);
void* hash (std::int8_t const* begin, std::int8_t const* end, void* digest);
void* hash (std::uint8_t const* begin, std::uint8_t const* end, void* digest);
digest_type hash (std::int8_t const* begin, std::int8_t const* end);
digest_type hash (std::uint8_t const* begin, std::uint8_t const* end);
template <typename T>
void* hash (T const& t, void* digest)
{
return hash (&t, sizeof(T), digest);
}
template <typename T>
digest_type& hash (T const& t, digest_type& digest)
{
return hash (&t, sizeof(T), digest);
}
template <typename T>
digest_type hash (T const& t)
{
digest_type digest;
hash (&t, sizeof(T), digest);
return digest;
}
/** @} */
/** Calculate the hash of a hash in one step.
The memory pointed to by source_digest must be at
least digestLength bytes or undefined behavior results.
*/
/** @{ */
void* hash (void const* source_digest, void* digest);
digest_type& hash (void const* source_digest, digest_type& digest);
digest_type hash (void const* source_digest);;
/** @} */
}
}
#endif

144
beast/crypto/impl/Sha256.cpp
View File

@@ -1,144 +0,0 @@
//------------------------------------------------------------------------------
/*
This file is part of Beast: https://github.com/vinniefalco/Beast
Copyright 2013, Vinnie Falco <vinnie.falco@gmail.com>
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL , DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
//==============================================================================
#include <beast/crypto/Sha256.h>
namespace beast {
namespace Sha256 {
#ifndef LITTLE_ENDIAN
# define LITTLE_ENDIAN 1234
#endif
#ifndef BIG_ENDIAN
# define BIG_ENDIAN 4321
#endif
#if !defined(BYTE_ORDER)
# if BEAST_BIG_ENDIAN
# define BYTE_ORDER BIG_ENDIAN
# else
# define BYTE_ORDER LITTLE_ENDIAN
# endif
#endif
//#define SHA2_USE_INTTYPES_H
namespace detail {
#include <beast/crypto/impl/sha2/sha2.c>
}
Context::Context ()
{
detail::SHA256_Init (&m_context);
}
void Context::update (void const* buffer, std::size_t bytes)
{
detail::SHA256_Update (&m_context, static_cast <std::uint8_t const*> (buffer), bytes);
}
void* Context::finish (void* hash)
{
detail::SHA256_Final (static_cast <std::uint8_t*> (hash), &m_context);
return hash;
}
//------------------------------------------------------------------------------
digest_type const& empty_digest()
{
struct Holder
{
Holder ()
{
std::uint8_t zero (0);
hash (zero, digest);
}
digest_type digest;
};
static Holder const holder;
return holder.digest;
}
void* hash (void const* buffer, std::size_t bytes, void* digest)
{
Context h;
h.update (buffer, bytes);
h.finish (digest);
return digest;
}
digest_type& hash (void const* buffer, std::size_t bytes, digest_type& digest)
{
hash (buffer, bytes, digest.data());
return digest;
}
digest_type hash (void const* buffer, std::size_t bytes)
{
digest_type digest;
hash (buffer, bytes, digest);
return digest;
}
void* hash (std::int8_t const* begin, std::int8_t const* end, void* digest)
{
return hash (begin, end - begin, digest);
}
void* hash (std::uint8_t const* begin, std::uint8_t const* end, void* digest)
{
return hash (begin, end - begin, digest);
}
digest_type hash (std::int8_t const* begin, std::int8_t const* end)
{
digest_type digest;
hash (begin, end - begin, digest);
return digest;
}
digest_type hash (std::uint8_t const* begin, std::uint8_t const* end)
{
digest_type digest;
hash (begin, end - begin, digest);
return digest;
}
void* hash (void const* source_digest, void* digest)
{
return hash (source_digest, digestLength, digest);
}
digest_type& hash (void const* source_digest, digest_type& digest)
{
return hash (source_digest, digestLength, digest);
}
digest_type hash (void const* source_digest)
{
digest_type digest;
hash (source_digest, digestLength, digest);
return digest;
}
}
}

277
beast/crypto/impl/sha2/README
View File

@@ -1,277 +0,0 @@
VERSION:
This is version 1.0.1 RELEASE
While this is my "release" version, due to lack of additional
official test vectors against which to verify this implementation's
correctness, beware that there may be implementation bugs. Also,
it has not yet been tested on very many other architectures,
big-endian machines in particular.
LICENSE:
This implementation is released freely under an open-source BSD
license which appears at the top of each source code file.
WHAT IT IS:
The files sha2.h and sha2.c implement the SHA-256, SHA-384, and SHA-512
hash algorithms as described in the PDF document found at the following
web address:
http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf
The interface is similar to the interface to SHA-1 found in the OpenSSL
library.
The file sha2prog.c is a simple program that accepts input from either
STDIN or reads one or more files specified on the command line, and then
generates the specified hash (either SHA-256, SHA-384, SHA-512, or any
combination thereof, including all three at once).
LIMITATIONS:
This implementation has several limitations:
* Input data is only accepted in octet-length increments. No sub-byte
data is handled. The NIST document describes how to handle sub-byte
input data, but for ease of implementation this version will only
accept message data in multiples of bytes.
* This implementation utilizes 64-bit integer data types. If your
system and compiler does not have a 64-bit integer data type, this
implementation will not work.
* Because of the use of 64-bit operations, many 32-bit architectures
that do have 64-bit data types but do operations most efficiently
on 32-bit words, this implementation may be slower than an
implementation designed to use only 32-bit words (emulating the
64-bit operations).
* On platforms with 128-bit integer data types, the SHA-384 and SHA-512
bit counters used by this implementation might be better off using
the 128-bit type instead of simulating it with two 64-bit integers.
* This implementation was written in C in hopes of portability and for
the fun of it during my spare time. It is probably not the most
efficient or fastest C implementation. I welcome suggestions,
however, that suggest ways to speed things up without breaking
portability. I also welcome suggestions to improve portability.
* As mentioned above, this code has NOT been thoroughly tested.
This is perhaps the most severe limitation.
BEFORE YOU COMPILE (OPTIONS):
Each of the options described below may either be defined in the sha2.h
header file (or in the sha2.c file in some cases), or on the command
line at compile time if your compiler supports such things. For
example:
#define SHA2_USE_INTTYPES_H
#define SHA2_UNROLL_TRANSFORM
Or:
cc -c -DSHA2_UNROLL_TRANSFORM sha2.c
cc -c -DBYTE_ORDER=4321 -DBIG_ENDIAN=4321 sha2.c
Here are the available options. Read on below for a description of
each one:
SHA2_USE_INTTYPES_H
SHA2_USE_MEMSET_MEMCPY/SHA2_USE_BZERO_BCOPY
SHA2_UNROLL_TRANSFORM
BYTE_ORDER (LITTLE_ENDIAN/BIG_ENDIAN)
* SHA2_USE_INTTYPES_H option:
By default, this code uses u_intXX_t data types for 8 bit, 32 bit, and
64 bit unsigned integer type definitions. Most BSD systems define these,
as does Linux. However, some (like Compaq's Tru64 Unix) may instead
use uintXX_t data types as defined by recent ANSI C standards and as
included in the inttypes.h header file. Those wanting to use inttypes.h
need to define this either in sha.h or at compile time.
On those systems where NEITHER definitions are available, you will need
to edit both sha2.h and sha2.c and define things by hand in the appropriate
sections.
* BYTE_ORDER definitions:
This code assumes that BYTE_ORDER will be defined by the system during
compile to either equal LITTLE_ENDIAN or BIG_ENDIAN. If your system
does not define these, you may need to define them by hand in the sha.c
file according to the byte ordering conventions of your system.
* SHA2_USE_MEMSET_MEMCPY or SHA2_USE_BZERO_BCOPY
The code in sha2.c can use either memset()/memcpy() for memory block
operations, or bzero()/mcopy(). If you define neither of these, the
code will default to memset()/memcpy(). You can define either at the
command line or in sha2.h or in sha2.c.
* SHA2_UNROLL_TRANSFORM
By defining this either on the command line or in sha2.h or sha2.c,
the code will use macros to partially "unroll" the SHA transform
function. This usually generates bigger executables. It CAN (but
not necessarily WILL) generate faster code when you tell your compiler
to optimize things. For example, on the FreeBSD and Linux x86 systems
I tested things on (using gcc), when I optimized with just -O2 and
unrolled the transform, the hash transform was faster by 15-30%. On
these same systems, if I did NO optimization, the unrolled transform
was SLOWER, much slower (I'm guessing because the code was breaking
the cache, but I'm not sure). Your mileage may vary.
PORTABILITY:
The code in sha2.c and sha2.h is intended to be portable. It may
require that you do a few #definitions in the .h file. I've successfully
compiled and tested the sha2.c and sha2.h code on Apple's OS X (on
a PPC), FreeBSD 4.1.1 on Intel, Linux on Intel, FreeBSD on the Alpha,
and even under Windows98SE using Metrowerks C. The utility/example
programs (sha2prog.c, sha2test.c, and sha2speed.c) will very likely
have more trouble in portability since they do I/O.
To get sha2.c/sha2.h working under Windows, I had to define
SHA2_USE_INTTYPES_H, BYTE_ORDER, LITTLE_ENDIAN, and had to comment
out the include of <sys/types.h> in sha2.h. With a bit more work
I got the test program to run and verified that all the test
cases passed.
SUGGESTIONS/BUG FIXES:
If you make changes to get it working on other architectures, if you fix
any bugs, or if you make changes that improve this implementation's
efficiency that would be relatively portable and you're willing to release
your changes under the same license, please send them to me for possible
inclusion in future versions.
If you know where I can find some additional test vectors, please let me
know.
CHANGE HISTORY:
0.8 to 0.9 - Fixed spelling errors, changed to u_intXX_t type usage,
removed names from prototypes, added prototypes to sha2.c,
and a few things I can't recall.
0.9 to 0.9.5 - Add a new define in sha2.c that permits one to compile
it to either use memcpy()/memset() or bcopy()/bzero()
for memory block copying and zeroing. Added support
for unrolled SHA-256/384/512 transform loops. Just
compile with SHA2_UNROLL_TRANSFORM to enable. It takes
longer to compile, but I hope it is a bit faster. I
need to do some test to see whether or not it is. Oh,
in sha2.c, you either need to define SHA2_USE_BZERO_BCOPY
or SHA2_USE_MEMSET_MEMCPY to choose which way you want
to compile. *Whew* It's amazing how quickly something
simple starts to grow more complex even in the span of
just a few hours. I didn't really intend to do this much.
0.9.5 to 0.9.6 - Added a test program (sha2test) which tests against several
known test vectors. WARNING: Some of the test output
hashes are NOT from NIST's documentation and are the
output of this implementation and so may be incorrect.
0.9.6 to 0.9.7 - Fixed a bug that could cause invalid output in certain
cases and added an assumed scenario where zero-length
data is hashed. Also changed the rotation macros to use
a temporary variable as this reduces the number of operations.
When data is fed in blocks of the right length, copying of
data is reduced in this version. Added SHAYXZ_Data()
functions for ease of hashing a set of data. Added another
file sha2speed.c for doing speed testing. Added another test
vector with a larger data size (16KB). Fixed u_intXX_t and
uintXX_t handling by adding a define for SHA2_USE_INTTYPES_H
as well as made a few other minor changes to get rid of
warnings when compiling on Compaq's Tru64 Unix.
0.9.7 to 0.9.8 - The bug fix in 0.9.7 was incomplete and in some cases made
things worse. I believe that 0.9.8 fixes the bug completely
so that output is correct. I cannot verify this, however,
because of the lack of test vectors against which to do such
verification. All versions correctly matched the very few
NIST-provided vectors, but unfortunately the bug only
appeared in longer message data sets.
0.9.8 to 0.9.9 - Fixed some really bad typos and mistakes on my part that
only affected big-endian systems. I didn't have direct
access for testing before this version. Thanks to
Lucas Marshall for giving me access to his OS X system.
0.9.9 to 1.0.0b1 Added a few more test samples and made a few changes to
make things easier compiling on several other platforms.
Also I experimented with alternate macro definitions
in the SHA2_UNROLL_TRANSFORM version (see sha2.slower.c)
and eliminated the T1 temporary variable (the compiler
would of course still use internal temporary storage
during expression evaluation, but I'd hoped the compiler
would be more efficient), but unfortunately under FreeBSD
4.1.1-STABLE on an x86 platform, the change slowed things
down.
1.0.0b1 to 1.0 RELEASE Fixed an off-by-one implementation bug that affected
SHA-256 when hashed data length L = 55 + 64 * X where X is
either zero or a positive integer, and another (basically
the same bug) bug in SHA-384 and SHA-512 that showed up when
hashed data lengths L = 111 + 128 * X. Thanks to Rogier
van de Pol for sending me test data that revealed the bug.
The fix was very simple (just two tiny changes). Also,
I finally put the files into RCS so future changes will be
easier to manage. The sha2prog.c file was rewritten to
be more useful to me, and I got rid of the old C testing
program and now use a perl script with a subdirectory full
of test data. It's a more flexible test system.
1.0 to 1.0.1 - Specified the specific *_CTX structure in the MEMSET_BZERO
macro doing clean-up after hashing. This should eliminate
some warnings using Clang in version 3.0 (trunk 135348).
Thanks, Stephane Leon for reporting this.
LATEST VERSION:
The latest version and documentation (if any ;) should always be available
on the web at:
http://www.aarongifford.com/computers/sha.html
CONTACT ME:
I can be reached via email at:
Aaron Gifford <m e @ a a r o n g i f f o r d . c o m>
Please don't send support questions. I don't have the time to answer and
they'll probably be ignored. Bug fixes, or patches that add something useful
will be gratefully accepted, however.
If you use this implementation, I would enjoy getting a brief email message
letting me know who you are and what use to which it is being put. There
is no requirement to do so. I just think it would be fun.
EXAMPLES:
Here's an example of compiling and using the sha2 program (in this example
I build it using the unrolled transform version with -O2 optimizations),
and then running the perl testing script:
cc -O2 -DSHA2_UNROLL_TRANSFORM -Wall -o sha2 sha2prog.c sha2.c
% ./sha2test.pl
[most of the perl script output deleted for brevity]
===== RESULTS (18 VECTOR DATA FILES HASHED) =====
HASH TYPE NO. OF TESTS PASSED FAILED
--------- ------------ ------ ------
SHA-256 18 18 0
SHA-384 18 18 0
SHA-512 18 18 0
----------------------------------------------
TOTAL: 54 54 0
NO ERRORS! ALL TESTS WERE SUCCESSFUL!
ALL TEST VECTORS PASSED!
That's all folks! Have fun!
Aaron out.

1067
beast/crypto/impl/sha2/sha2.c
View File

File diff suppressed because it is too large Load Diff

117
beast/crypto/impl/sha2/sha2.h
View File

@@ -1,117 +0,0 @@
/*
* FILE: sha2.h
* AUTHOR: Aaron D. Gifford - http://www.aarongifford.com/
*
* Copyright (c) 2000-2001, Aaron D. Gifford
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the copyright holder nor the names of contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTOR(S) ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $Id: sha2.h,v 1.1 2001/11/08 00:02:01 adg Exp adg $
*/
#ifndef BEAST_CRYPTO_SHA2_SHA2_H_INCLUDED
#define BEAST_CRYPTO_SHA2_SHA2_H_INCLUDED
//#ifdef __cplusplus
//extern "C" {
//#endif
/*
* Import u_intXX_t size_t type definitions from system headers. You
* may need to change this, or define these things yourself in this
* file.
*/
#include <sys/types.h>
/*** SHA-256/384/512 Various Length Definitions ***********************/
#define SHA256_DIGEST_STRING_LENGTH (Sha256::digestLength * 2 + 1)
#define SHA384_BLOCK_LENGTH 128
#define SHA384_DIGEST_LENGTH 48
#define SHA384_DIGEST_STRING_LENGTH (SHA384_DIGEST_LENGTH * 2 + 1)
#define SHA512_BLOCK_LENGTH 128
#define SHA512_DIGEST_LENGTH 64
#define SHA512_DIGEST_STRING_LENGTH (SHA512_DIGEST_LENGTH * 2 + 1)
/*** SHA-256/384/512 Context Structures *******************************/
typedef struct _SHA512_CTX {
std::uint64_t state[8];
std::uint64_t bitcount[2];
std::uint8_t buffer[SHA512_BLOCK_LENGTH];
} SHA512_CTX;
typedef SHA512_CTX SHA384_CTX;
/*** SHA-256/384/512 Function Prototypes ******************************/
#ifndef NOPROTO
void SHA256_Init(Sha256::detail::Context *);
void SHA256_Update(Sha256::detail::Context*, const std::uint8_t*, size_t);
void SHA256_Final(std::uint8_t[Sha256::digestLength], Sha256::detail::Context*);
char* SHA256_End(Sha256::detail::Context*, char[SHA256_DIGEST_STRING_LENGTH]);
char* SHA256_Data(const std::uint8_t*, size_t, char[SHA256_DIGEST_STRING_LENGTH]);
void SHA384_Init(SHA384_CTX*);
void SHA384_Update(SHA384_CTX*, const std::uint8_t*, size_t);
void SHA384_Final(std::uint8_t[SHA384_DIGEST_LENGTH], SHA384_CTX*);
char* SHA384_End(SHA384_CTX*, char[SHA384_DIGEST_STRING_LENGTH]);
char* SHA384_Data(const std::uint8_t*, size_t, char[SHA384_DIGEST_STRING_LENGTH]);
void SHA512_Init(SHA512_CTX*);
void SHA512_Update(SHA512_CTX*, const std::uint8_t*, size_t);
void SHA512_Final(std::uint8_t[SHA512_DIGEST_LENGTH], SHA512_CTX*);
char* SHA512_End(SHA512_CTX*, char[SHA512_DIGEST_STRING_LENGTH]);
char* SHA512_Data(const std::uint8_t*, size_t, char[SHA512_DIGEST_STRING_LENGTH]);
#else /* NOPROTO */
void SHA256_Init();
void SHA256_Update();
void SHA256_Final();
char* SHA256_End();
char* SHA256_Data();
void SHA384_Init();
void SHA384_Update();
void SHA384_Final();
char* SHA384_End();
char* SHA384_Data();
void SHA512_Init();
void SHA512_Update();
void SHA512_Final();
char* SHA512_End();
char* SHA512_Data();
#endif /* NOPROTO */
//#ifdef __cplusplus
//}
//#endif /* __cplusplus */
#endif /* __SHA2_H__ */

132
beast/crypto/impl/sha2/sha2prog.c
View File

@@ -1,132 +0,0 @@
/*
* FILE: sha2prog.c
* AUTHOR: Aaron D. Gifford - http://www.aarongifford.com/
*
* Copyright (c) 2000-2001, Aaron D. Gifford
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the copyright holder nor the names of contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTOR(S) ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <sysexits.h>
#include <sys/types.h>
#include <sys/uio.h>
#include <unistd.h>
#include "sha2.h"
void usage(char *prog, char *msg) {
fprintf(stderr, "%s\nUsage:\t%s [options] [<file>]\nOptions:\n\t-256\tGenerate SHA-256 hash\n\t-384\tGenerate SHA-284 hash\n\t-512\tGenerate SHA-512 hash\n\t-ALL\tGenerate all three hashes\n\t-q\tQuiet mode - only output hexadecimal hashes, one per line\n\n", msg, prog);
exit(-1);
}
#define BUFLEN 16384
int main(int argc, char **argv) {
int kl, l, fd, ac;
int quiet = 0, hash = 0;
char *av, *file = (char*)0;
FILE *IN = (FILE*)0;
SHA256_CTX ctx256;
SHA384_CTX ctx384;
SHA512_CTX ctx512;
unsigned char buf[BUFLEN];
SHA256_Init(&ctx256);
SHA384_Init(&ctx384);
SHA512_Init(&ctx512);
/* Read data from STDIN by default */
fd = fileno(stdin);
ac = 1;
while (ac < argc) {
if (*argv[ac] == '-') {
av = argv[ac] + 1;
if (!strcmp(av, "q")) {
quiet = 1;
} else if (!strcmp(av, "256")) {
hash |= 1;
} else if (!strcmp(av, "384")) {
hash |= 2;
} else if (!strcmp(av, "512")) {
hash |= 4;
} else if (!strcmp(av, "ALL")) {
hash = 7;
} else {
usage(argv[0], "Invalid option.");
}
ac++;
} else {
file = argv[ac++];
if (ac != argc) {
usage(argv[0], "Too many arguments.");
}
if ((IN = fopen(file, "r")) == NULL) {
perror(argv[0]);
exit(-1);
}
fd = fileno(IN);
}
}
if (hash == 0)
hash = 7; /* Default to ALL */
kl = 0;
while ((l = read(fd,buf,BUFLEN)) > 0) {
kl += l;
SHA256_Update(&ctx256, (unsigned char*)buf, l);
SHA384_Update(&ctx384, (unsigned char*)buf, l);
SHA512_Update(&ctx512, (unsigned char*)buf, l);
}
if (file) {
fclose(IN);
}
if (hash & 1) {
SHA256_End(&ctx256, buf);
if (!quiet)
printf("SHA-256 (%s) = ", file);
printf("%s\n", buf);
}
if (hash & 2) {
SHA384_End(&ctx384, buf);
if (!quiet)
printf("SHA-384 (%s) = ", file);
printf("%s\n", buf);
}
if (hash & 4) {
SHA512_End(&ctx512, buf);
if (!quiet)
printf("SHA-512 (%s) = ", file);
printf("%s\n", buf);
}
return 1;
}

174
beast/crypto/impl/sha2/sha2speed.c
View File

@@ -1,174 +0,0 @@
/*
* FILE: sha2speed.c
* AUTHOR: Aaron D. Gifford - http://www.aarongifford.com/
*
* Copyright (c) 2000-2001, Aaron D. Gifford
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the copyright holder nor the names of contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTOR(S) ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $Id: sha2speed.c,v 1.1 2001/11/08 00:02:23 adg Exp adg $
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/time.h>
#include "sha2.h"
#define BUFSIZE 16384
void usage(char *prog) {
fprintf(stderr, "Usage:\t%s [<num-of-bytes>] [<num-of-loops>] [<fill-byte>]\n", prog);
exit(-1);
}
void printspeed(char *caption, unsigned long bytes, double time) {
if (bytes / 1073741824UL > 0) {
printf("%s %.4f sec (%.3f GBps)\n", caption, time, (double)bytes/1073741824UL/time);
} else if (bytes / 1048576 > 0) {
printf("%s %.4f (%.3f MBps)\n", caption, time, (double)bytes/1048576/time);
} else if (bytes / 1024 > 0) {
printf("%s %.4f (%.3f KBps)\n", caption, time, (double)bytes/1024/time);
} else {
printf("%s %.4f (%f Bps)\n", caption, time, (double)bytes/time);
}
}
int main(int argc, char **argv) {
SHA256_CTX c256;
SHA384_CTX c384;
SHA512_CTX c512;
char buf[BUFSIZE];
char md[SHA512_DIGEST_STRING_LENGTH];
int bytes, blocks, rep, i, j;
struct timeval start, end;
double t, ave256, ave384, ave512;
double best256, best384, best512;
if (argc > 4) {
usage(argv[0]);
}
/* Default to 1024 16K blocks (16 MB) */
bytes = 1024 * 1024 * 16;
if (argc > 1) {
blocks = atoi(argv[1]);
}
blocks = bytes / BUFSIZE;
/* Default to 10 repetitions */
rep = 10;
if (argc > 2) {
rep = atoi(argv[2]);
}
/* Set up the input data */
if (argc > 3) {
memset(buf, atoi(argv[2]), BUFSIZE);
} else {
memset(buf, 0xb7, BUFSIZE);
}
ave256 = ave384 = ave512 = 0;
best256 = best384 = best512 = 100000;
for (i = 0; i < rep; i++) {
SHA256_Init(&c256);
SHA384_Init(&c384);
SHA512_Init(&c512);
gettimeofday(&start, (struct timezone*)0);
for (j = 0; j < blocks; j++) {
SHA256_Update(&c256, (unsigned char*)buf, BUFSIZE);
}
if (bytes % BUFSIZE) {
SHA256_Update(&c256, (unsigned char*)buf, bytes % BUFSIZE);
}
SHA256_End(&c256, md);
gettimeofday(&end, (struct timezone*)0);
t = ((end.tv_sec - start.tv_sec) * 1000000.0 + (end.tv_usec - start.tv_usec)) / 1000000.0;
ave256 += t;
if (t < best256) {
best256 = t;
}
printf("SHA-256[%d] (%.4f/%.4f/%.4f seconds) = 0x%s\n", i+1, t, ave256/(i+1), best256, md);
gettimeofday(&start, (struct timezone*)0);
for (j = 0; j < blocks; j++) {
SHA384_Update(&c384, (unsigned char*)buf, BUFSIZE);
}
if (bytes % BUFSIZE) {
SHA384_Update(&c384, (unsigned char*)buf, bytes % BUFSIZE);
}
SHA384_End(&c384, md);
gettimeofday(&end, (struct timezone*)0);
t = ((end.tv_sec - start.tv_sec) * 1000000.0 + (end.tv_usec - start.tv_usec)) / 1000000.0;
ave384 += t;
if (t < best384) {
best384 = t;
}
printf("SHA-384[%d] (%.4f/%.4f/%.4f seconds) = 0x%s\n", i+1, t, ave384/(i+1), best384, md);
gettimeofday(&start, (struct timezone*)0);
for (j = 0; j < blocks; j++) {
SHA512_Update(&c512, (unsigned char*)buf, BUFSIZE);
}
if (bytes % BUFSIZE) {
SHA512_Update(&c512, (unsigned char*)buf, bytes % BUFSIZE);
}
SHA512_End(&c512, md);
gettimeofday(&end, (struct timezone*)0);
t = ((end.tv_sec - start.tv_sec) * 1000000.0 + (end.tv_usec - start.tv_usec)) / 1000000.0;
ave512 += t;
if (t < best512) {
best512 = t;
}
printf("SHA-512[%d] (%.4f/%.4f/%.4f seconds) = 0x%s\n", i+1, t, ave512/(i+1), best512, md);
}
ave256 /= rep;
ave384 /= rep;
ave512 /= rep;
printf("\nTEST RESULTS SUMMARY:\nTEST REPETITIONS: %d\n", rep);
if (bytes / 1073741824UL > 0) {
printf("TEST SET SIZE: %.3f GB\n", (double)bytes/1073741824UL);
} else if (bytes / 1048576 > 0) {
printf("TEST SET SIZE: %.3f MB\n", (double)bytes/1048576);
} else if (bytes /1024 > 0) {
printf("TEST SET SIZE: %.3f KB\n", (double)bytes/1024);
} else {
printf("TEST SET SIZE: %d B\n", bytes);
}
printspeed("SHA-256 average:", bytes, ave256);
printspeed("SHA-256 best: ", bytes, best256);
printspeed("SHA-384 average:", bytes, ave384);
printspeed("SHA-384 best: ", bytes, best384);
printspeed("SHA-512 average:", bytes, ave512);
printspeed("SHA-512 best: ", bytes, best512);
return 1;
}

358
beast/crypto/impl/sha2/sha2test.pl
View File

@@ -1,358 +0,0 @@
#!/usr/bin/perl
#
# FILE: sha2test.pl
# AUTHOR: Aaron D. Gifford - http://www.aarongifford.com/
#
# Copyright (c) 2001, Aaron D. Gifford
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
# 3. Neither the name of the copyright holder nor the names of contributors
# may be used to endorse or promote products derived from this software
# without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTOR(S) ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
# $Id: sha2test.pl,v 1.1 2001/11/08 00:02:37 adg Exp adg $
#
sub usage {
my ($err) = shift(@_);
print <<EOM;
Error:
$err
Usage:
$0 [<options>] [<test-vector-info-file> [<test-vector-info-file> ...]]
Options:
-256 Use SHA-256 hashes during testing
-384 Use SHA-384 hashes during testing
-512 Use SHA-512 hashes during testing
-ALL Use all three hashes during testing
-c256 <command-spec> Specify a command to execute to generate a
SHA-256 hash. Be sure to include a '%'
character which will be replaced by the
test vector data filename containing the
data to be hashed. This command implies
the -256 option.
-c384 <command-spec> Specify a command to execute to generate a
SHA-384 hash. See above. Implies -384.
-c512 <command-spec> Specify a command to execute to generate a
SHA-512 hash. See above. Implies -512.
-cALL <command-spec> Specify a command to execute that will
generate all three hashes at once and output
the data in hexadecimal. See above for
information about the <command-spec>.
This option implies the -ALL option, and
also overrides any other command options if
present.
By default, this program expects to execute the command ./sha2 within the
current working directory to generate all hashes. If no test vector
information files are specified, this program expects to read a series of
files ending in ".info" within a subdirectory of the current working
directory called "testvectors".
EOM
exit(-1);
}
$c256 = $c384 = $c512 = $cALL = "";
$hashes = 0;
@FILES = ();
# Read all command-line options and files:
while ($opt = shift(@ARGV)) {
if ($opt =~ s/^\-//) {
if ($opt eq "256") {
$hashes |= 1;
} elsif ($opt eq "384") {
$hashes |= 2;
} elsif ($opt eq "512") {
$hashes |= 4;
} elsif ($opt =~ /^ALL$/i) {
$hashes = 7;
} elsif ($opt =~ /^c256$/i) {
$hashes |= 1;
$opt = $c256 = shift(@ARGV);
$opt =~ s/\s+.*$//;
if (!$c256 || $c256 !~ /\%/ || !-x $opt) {
usage("Missing or invalid command specification for option -c256: $opt\n");
}
} elsif ($opt =~ /^c384$/i) {
$hashes |= 2;
$opt = $c384 = shift(@ARGV);
$opt =~ s/\s+.*$//;
if (!$c384 || $c384 !~ /\%/ || !-x $opt) {
usage("Missing or invalid command specification for option -c384: $opt\n");
}
} elsif ($opt =~ /^c512$/i) {
$hashes |= 4;
$opt = $c512 = shift(@ARGV);
$opt =~ s/\s+.*$//;
if (!$c512 || $c512 !~ /\%/ || !-x $opt) {
usage("Missing or invalid command specification for option -c512: $opt\n");
}
} elsif ($opt =~ /^cALL$/i) {
$hashes = 7;
$opt = $cALL = shift(@ARGV);
$opt =~ s/\s+.*$//;
if (!$cALL || $cALL !~ /\%/ || !-x $opt) {
usage("Missing or invalid command specification for option -cALL: $opt\n");
}
} else {
usage("Unknown/invalid option '$opt'\n");
}
} else {
usage("Invalid, nonexistent, or unreadable file '$opt': $!\n") if (!-f $opt);
push(@FILES, $opt);
}
}
# Set up defaults:
if (!$cALL && !$c256 && !$c384 && !$c512) {
$cALL = "./sha2 -ALL %";
usage("Required ./sha2 binary executable not found.\n") if (!-x "./sha2");
}
$hashes = 7 if (!$hashes);
# Do some sanity checks:
usage("No command was supplied to generate SHA-256 hashes.\n") if ($hashes & 1 == 1 && !$cALL && !$c256);
usage("No command was supplied to generate SHA-384 hashes.\n") if ($hashes & 2 == 2 && !$cALL && !$c384);
usage("No command was supplied to generate SHA-512 hashes.\n") if ($hashes & 4 == 4 && !$cALL && !$c512);
# Default .info files:
if (scalar(@FILES) < 1) {
opendir(DIR, "testvectors") || usage("Unable to scan directory 'testvectors' for vector information files: $!\n");
@FILES = grep(/\.info$/, readdir(DIR));
closedir(DIR);
@FILES = map { s/^/testvectors\//; $_; } @FILES;
@FILES = sort(@FILES);
}
# Now read in each test vector information file:
foreach $file (@FILES) {
$dir = $file;
if ($file !~ /\//) {
$dir = "./";
} else {
$dir =~ s/\/[^\/]+$//;
$dir .= "/";
}
open(FILE, "<" . $file) ||
usage("Unable to open test vector information file '$file' for reading: $!\n");
$vec = { desc => "", file => "", sha256 => "", sha384 => "", sha512 => "" };
$data = $field = "";
$line = 0;
while(<FILE>) {
$line++;
s/\s*[\r\n]+$//;
next if ($field && $field ne "DESCRIPTION" && !$_);
if (/^(DESCRIPTION|FILE|SHA256|SHA384|SHA512):$/) {
if ($field eq "DESCRIPTION") {
$vec->{desc} = $data;
} elsif ($field eq "FILE") {
$data = $dir . $data if ($data !~ /^\//);
$vec->{file} = $data;
} elsif ($field eq "SHA256") {
$vec->{sha256} = $data;
} elsif ($field eq "SHA384") {
$vec->{sha384} = $data;
} elsif ($field eq "SHA512") {
$vec->{sha512} = $data;
}
$data = "";
$field = $1;
} elsif ($field eq "DESCRIPTION") {
s/^ //;
$data .= $_ . "\n";
} elsif ($field =~ /^SHA\d\d\d$/) {
s/^\s+//;
if (!/^([a-f0-9]{32}|[a-f0-9]{64})$/) {
usage("Invalid SHA-256/384/512 test vector information " .
"file format at line $line of file '$file'\n");
}
$data .= $_;
} elsif ($field eq "FILE") {
s/^ //;
$data .= $_;
} else {
usage("Invalid SHA-256/384/512 test vector information file " .
"format at line $line of file '$file'\n");
}
}
if ($field eq "DESCRIPTION") {
$data = $dir . $data if ($data !~ /^\//);
$vec->{desc} = $data;
} elsif ($field eq "FILE") {
$vec->{file} = $data;
} elsif ($field eq "SHA256") {
$vec->{sha256} = $data;
} elsif ($field eq "SHA384") {
$vec->{sha384} = $data;
} elsif ($field eq "SHA512") {
$vec->{sha512} = $data;
} else {
usage("Invalid SHA-256/384/512 test vector information file " .
"format. Missing required fields in file '$file'\n");
}
# Sanity check all entries:
if (!$vec->{desc}) {
usage("Invalid SHA-256/384/512 test vector information file " .
"format. Missing required DESCRIPTION field in file '$file'\n");
}
if (!$vec->{file}) {
usage("Invalid SHA-256/384/512 test vector information file " .
"format. Missing required FILE field in file '$file'\n");
}
if (! -f $vec->{file}) {
usage("The test vector data file (field FILE) name " .
"'$vec->{file}' is not a readable file. Check the FILE filed in " .
"file '$file'.\n");
}
if (!($vec->{sha256} || $vec->{sha384} || $vec->{sha512})) {
usage("Invalid SHA-256/384/512 test vector information file " .
"format. There must be at least one SHA256, SHA384, or SHA512 " .
"field specified in file '$file'.\n");
}
if ($vec->{sha256} !~ /^(|[a-f0-9]{64})$/) {
usage("Invalid SHA-256/384/512 test vector information file " .
"format. The SHA256 field is invalid in file '$file'.\n");
}
if ($vec->{sha384} !~ /^(|[a-f0-9]{96})$/) {
usage("Invalid SHA-256/384/512 test vector information file " .
"format. The SHA384 field is invalid in file '$file'.\n");
}
if ($vec->{sha512} !~ /^(|[a-f0-9]{128})$/) {
usage("Invalid SHA-256/384/512 test vector information file " .
"format. The SHA512 field is invalid in file '$file'.\n");
}
close(FILE);
if ($hashes & (($vec->{sha256} ? 1 : 0) | ($vec->{sha384} ? 2 : 0) | ($vec->{sha512} ? 4 : 0))) {
push(@VECTORS, $vec);
}
}
usage("There were no test vectors for the specified hash(es) in any of the test vector information files you specified.\n") if (scalar(@VECTORS) < 1);
$num = $errors = $error256 = $error384 = $error512 = $tests = $test256 = $test384 = $test512 = 0;
foreach $vec (@VECTORS) {
$num++;
print "TEST VECTOR #$num:\n";
print "\t" . join("\n\t", split(/\n/, $vec->{desc})) . "\n";
print "VECTOR DATA FILE:\n\t$vec->{file}\n";
$sha256 = $sha384 = $sha512 = "";
if ($cALL) {
$prog = $cALL;
$prog =~ s/\%/'$vec->{file}'/g;
@SHA = grep(/[a-fA-f0-9]{64,128}/, split(/\n/, `$prog`));
($sha256) = grep(/(^[a-fA-F0-9]{64}$|^[a-fA-F0-9]{64}[^a-fA-F0-9]|[^a-fA-F0-9][a-fA-F0-9]{64}$|[^a-fA-F0-9][a-fA-F0-9]{64}[^a-fA-F0-9])/, @SHA);
($sha384) = grep(/(^[a-fA-F0-9]{96}$|^[a-fA-F0-9]{96}[^a-fA-F0-9]|[^a-fA-F0-9][a-fA-F0-9]{96}$|[^a-fA-F0-9][a-fA-F0-9]{96}[^a-fA-F0-9])/, @SHA);
($sha512) = grep(/(^[a-fA-F0-9]{128}$|^[a-fA-F0-9]{128}[^a-fA-F0-9]|[^a-fA-F0-9][a-fA-F0-9]{128}$|[^a-fA-F0-9][a-fA-F0-9]{128}[^a-fA-F0-9])/, @SHA);
} else {
if ($c256) {
$prog = $c256;
$prog =~ s/\%/'$vec->{file}'/g;
@SHA = grep(/[a-fA-f0-9]{64,128}/, split(/\n/, `$prog`));
($sha256) = grep(/(^[a-fA-F0-9]{64}$|^[a-fA-F0-9]{64}[^a-fA-F0-9]|[^a-fA-F0-9][a-fA-F0-9]{64}$|[^a-fA-F0-9][a-fA-F0-9]{64}[^a-fA-F0-9])/, @SHA);
}
if ($c384) {
$prog = $c384;
$prog =~ s/\%/'$vec->{file}'/g;
@SHA = grep(/[a-fA-f0-9]{64,128}/, split(/\n/, `$prog`));
($sha384) = grep(/(^[a-fA-F0-9]{96}$|^[a-fA-F0-9]{96}[^a-fA-F0-9]|[^a-fA-F0-9][a-fA-F0-9]{96}$|[^a-fA-F0-9][a-fA-F0-9]{96}[^a-fA-F0-9])/, @SHA);
}
if ($c512) {
$prog = $c512;
$prog =~ s/\%/'$vec->{file}'/g;
@SHA = grep(/[a-fA-f0-9]{64,128}/, split(/\n/, `$prog`));
($sha512) = grep(/(^[a-fA-F0-9]{128}$|^[a-fA-F0-9]{128}[^a-fA-F0-9]|[^a-fA-F0-9][a-fA-F0-9]{128}$|[^a-fA-F0-9][a-fA-F0-9]{128}[^a-fA-F0-9])/, @SHA);
}
}
usage("Unable to generate any hashes for file '$vec->{file}'!\n") if (!$sha256 && !$sha384 && $sha512);
$sha256 =~ tr/A-F/a-f/;
$sha384 =~ tr/A-F/a-f/;
$sha512 =~ tr/A-F/a-f/;
$sha256 =~ s/^.*([a-f0-9]{64}).*$/$1/;
$sha384 =~ s/^.*([a-f0-9]{96}).*$/$1/;
$sha512 =~ s/^.*([a-f0-9]{128}).*$/$1/;
if ($sha256 && $hashes & 1 == 1) {
if ($vec->{sha256} eq $sha256) {
print "SHA256 MATCHES:\n\t$sha256\n"
} else {
print "SHA256 DOES NOT MATCH:\n\tEXPECTED:\n\t\t$vec->{sha256}\n" .
"\tGOT:\n\t\t$sha256\n\n";
$error256++;
}
$test256++;
}
if ($sha384 && $hashes & 2 == 2) {
if ($vec->{sha384} eq $sha384) {
print "SHA384 MATCHES:\n\t" . substr($sha384, 0, 64) . "\n\t" .
substr($sha384, -32) . "\n";
} else {
print "SHA384 DOES NOT MATCH:\n\tEXPECTED:\n\t\t" .
substr($vec->{sha384}, 0, 64) . "\n\t\t" .
substr($vec->{sha384}, -32) . "\n\tGOT:\n\t\t" .
substr($sha384, 0, 64) . "\n\t\t" . substr($sha384, -32) . "\n\n";
$error384++;
}
$test384++;
}
if ($sha512 && $hashes & 4 == 4) {
if ($vec->{sha512} eq $sha512) {
print "SHA512 MATCHES:\n\t" . substr($sha512, 0, 64) . "\n\t" .
substr($sha512, -64) . "\n";
} else {
print "SHA512 DOES NOT MATCH:\n\tEXPECTED:\n\t\t" .
substr($vec->{sha512}, 0, 64) . "\n\t\t" .
substr($vec->{sha512}, -32) . "\n\tGOT:\n\t\t" .
substr($sha512, 0, 64) . "\n\t\t" . substr($sha512, -64) . "\n\n";
$error512++;
}
$test512++;
}
}
$errors = $error256 + $error384 + $error512;
$tests = $test256 + $test384 + $test512;
print "\n\n===== RESULTS ($num VECTOR DATA FILES HASHED) =====\n\n";
print "HASH TYPE\tNO. OF TESTS\tPASSED\tFAILED\n";
print "---------\t------------\t------\t------\n";
if ($test256) {
$pass = $test256 - $error256;
print "SHA-256\t\t".substr(" $test256", -12)."\t".substr(" $pass", -6)."\t".substr(" $error256", -6)."\n";
}
if ($test384) {
$pass = $test384 - $error384;
print "SHA-384\t\t".substr(" $test384", -12)."\t".substr(" $pass", -6)."\t".substr(" $error384", -6)."\n";
}
if ($test512) {
$pass = $test512 - $error512;
print "SHA-512\t\t".substr(" $test512", -12)."\t".substr(" $pass", -6)."\t".substr(" $error512", -6)."\n";
}
print "----------------------------------------------\n";
$pass = $tests - $errors;
print "TOTAL: ".substr(" $tests", -12)."\t".substr(" $pass", -6)."\t".substr(" $errors", -6)."\n\n";
print "NO ERRORS! ALL TESTS WERE SUCCESSFUL!\n\n" if (!$errors);

276
beast/crypto/impl/sha512_context.h Normal file
View File

@@ -0,0 +1,276 @@
//------------------------------------------------------------------------------
/*
This file is part of Beast: https://github.com/vinniefalco/Beast
Copyright 2013, Vinnie Falco <vinnie.falco@gmail.com>
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL , DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
//==============================================================================
#ifndef BEAST_CRYPTO_SHA512_CONTEXT_H_INCLUDED
#define BEAST_CRYPTO_SHA512_CONTEXT_H_INCLUDED
#include <beast/utility/noexcept.h>
#include <cstdint>
#include <cstring>
namespace beast {
namespace detail {
/*
* Updated to C++, zedwood.com 2012
* Based on Olivier Gay's version
* See Modified BSD License below:
*
* FIPS 180-2 SHA-224/256/384/512 implementation
* Issue date: 04/30/2005
* http://www.ouah.org/ogay/sha2/
*
* Copyright (C) 2005, 2007 Olivier Gay <olivier.gay@a3.epfl.ch>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
struct sha512_context
{
static unsigned int const block_size = 128;
static unsigned int const digest_size = 64;
unsigned int tot_len;
unsigned int len;
unsigned char block[2 * block_size];
std::uint64_t h[8];
};
#define BEAST_SHA2_SHFR(x, n) (x >> n)
#define BEAST_SHA2_ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n)))
#define BEAST_SHA2_ROTL(x, n) ((x << n) | (x >> ((sizeof(x) << 3) - n)))
#define BEAST_SHA2_CH(x, y, z) ((x & y) ^ (~x & z))
#define BEAST_SHA2_MAJ(x, y, z) ((x & y) ^ (x & z) ^ (y & z))
#define BEAST_SHA512_F1(x) (BEAST_SHA2_ROTR(x, 28) ^ BEAST_SHA2_ROTR(x, 34) ^ BEAST_SHA2_ROTR(x, 39))
#define BEAST_SHA512_F2(x) (BEAST_SHA2_ROTR(x, 14) ^ BEAST_SHA2_ROTR(x, 18) ^ BEAST_SHA2_ROTR(x, 41))
#define BEAST_SHA512_F3(x) (BEAST_SHA2_ROTR(x, 1) ^ BEAST_SHA2_ROTR(x, 8) ^ BEAST_SHA2_SHFR(x, 7))
#define BEAST_SHA512_F4(x) (BEAST_SHA2_ROTR(x, 19) ^ BEAST_SHA2_ROTR(x, 61) ^ BEAST_SHA2_SHFR(x, 6))
#define BEAST_SHA2_UNPACK32(x, str) \
{ \
*((str) + 3) = (std::uint8_t) ((x) ); \
*((str) + 2) = (std::uint8_t) ((x) >> 8); \
*((str) + 1) = (std::uint8_t) ((x) >> 16); \
*((str) + 0) = (std::uint8_t) ((x) >> 24); \
}
#define BEAST_SHA2_UNPACK64(x, str) \
{ \
*((str) + 7) = (std::uint8_t) ((x) ); \
*((str) + 6) = (std::uint8_t) ((x) >> 8); \
*((str) + 5) = (std::uint8_t) ((x) >> 16); \
*((str) + 4) = (std::uint8_t) ((x) >> 24); \
*((str) + 3) = (std::uint8_t) ((x) >> 32); \
*((str) + 2) = (std::uint8_t) ((x) >> 40); \
*((str) + 1) = (std::uint8_t) ((x) >> 48); \
*((str) + 0) = (std::uint8_t) ((x) >> 56); \
}
#define BEAST_SHA2_PACK64(str, x) \
{ \
*(x) = ((std::uint64_t) *((str) + 7) ) \
| ((std::uint64_t) *((str) + 6) << 8) \
| ((std::uint64_t) *((str) + 5) << 16) \
| ((std::uint64_t) *((str) + 4) << 24) \
| ((std::uint64_t) *((str) + 3) << 32) \
| ((std::uint64_t) *((str) + 2) << 40) \
| ((std::uint64_t) *((str) + 1) << 48) \
| ((std::uint64_t) *((str) + 0) << 56); \
}
template <class = void>
void sha512_transform (sha512_context& ctx,
unsigned char const* message,
unsigned int block_nb) noexcept
{
static unsigned long long const K[80] = {
0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL,
0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL,
0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL,
0xd807aa98a3030242ULL, 0x12835b0145706fbeULL,
0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL,
0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL,
0x9bdc06a725c71235ULL, 0xc19bf174cf692694ULL,
0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL,
0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL,
0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL,
0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL,
0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL,
0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL,
0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL,
0x06ca6351e003826fULL, 0x142929670a0e6e70ULL,
0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL,
0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL,
0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL,
0x81c2c92e47edaee6ULL, 0x92722c851482353bULL,
0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL,
0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL,
0xd192e819d6ef5218ULL, 0xd69906245565a910ULL,
0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL,
0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL,
0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL,
0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL,
0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL,
0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL,
0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL,
0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL,
0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL,
0xca273eceea26619cULL, 0xd186b8c721c0c207ULL,
0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL,
0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL,
0x113f9804bef90daeULL, 0x1b710b35131c471bULL,
0x28db77f523047d84ULL, 0x32caab7b40c72493ULL,
0x3c9ebe0a15c9bebcULL, 0x431d67c49c100d4cULL,
0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL,
0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL};
std::uint64_t w[80];
std::uint64_t wv[8];
std::uint64_t t1, t2;
unsigned char const* sub_block;
int i, j;
for (i = 0; i < (int) block_nb; i++)
{
sub_block = message + (i << 7);
for (j = 0; j < 16; j++)
BEAST_SHA2_PACK64(&sub_block[j << 3], &w[j]);
for (j = 16; j < 80; j++)
w[j] = BEAST_SHA512_F4(
w[j - 2]) + w[j - 7] +
BEAST_SHA512_F3(w[j - 15]) +
w[j - 16];
for (j = 0; j < 8; j++)
wv[j] = ctx.h[j];
for (j = 0; j < 80; j++) {
t1 = wv[7] + BEAST_SHA512_F2(wv[4]) +
BEAST_SHA2_CH(wv[4], wv[5], wv[6]) +
K[j] + w[j];
t2 = BEAST_SHA512_F1(wv[0]) +
BEAST_SHA2_MAJ(wv[0],
wv[1], wv[2]);
wv[7] = wv[6];
wv[6] = wv[5];
wv[5] = wv[4];
wv[4] = wv[3] + t1;
wv[3] = wv[2];
wv[2] = wv[1];
wv[1] = wv[0];
wv[0] = t1 + t2;
}
for (j = 0; j < 8; j++)
ctx.h[j] += wv[j];
}
}
template <class = void>
void init (sha512_context& ctx) noexcept
{
ctx.h[0] = 0x6a09e667f3bcc908ULL;
ctx.h[1] = 0xbb67ae8584caa73bULL;
ctx.h[2] = 0x3c6ef372fe94f82bULL;
ctx.h[3] = 0xa54ff53a5f1d36f1ULL;
ctx.h[4] = 0x510e527fade682d1ULL;
ctx.h[5] = 0x9b05688c2b3e6c1fULL;
ctx.h[6] = 0x1f83d9abfb41bd6bULL;
ctx.h[7] = 0x5be0cd19137e2179ULL;
ctx.len = 0;
ctx.tot_len = 0;
}
template <class = void>
void update (sha512_context& ctx,
void const* message, std::size_t size) noexcept
{
auto const pm = reinterpret_cast<
unsigned char const*>(message);
unsigned int block_nb;
unsigned int new_len, rem_len, tmp_len;
const unsigned char *shifted_message;
tmp_len = sha512_context::block_size - ctx.len;
rem_len = size < tmp_len ? size : tmp_len;
std::memcpy(&ctx.block[ctx.len], pm, rem_len);
if (ctx.len + size < sha512_context::block_size) {
ctx.len += size;
return;
}
new_len = size - rem_len;
block_nb = new_len / sha512_context::block_size;
shifted_message = pm + rem_len;
sha512_transform(ctx, ctx.block, 1);
sha512_transform(ctx, shifted_message, block_nb);
rem_len = new_len % sha512_context::block_size;
std::memcpy(ctx.block, &shifted_message[
block_nb << 7], rem_len);
ctx.len = rem_len;
ctx.tot_len += (block_nb + 1) << 7;
}
template <class = void>
void finish (sha512_context& ctx,
void* digest) noexcept
{
auto const pd = reinterpret_cast<
unsigned char*>(digest);
unsigned int block_nb;
unsigned int pm_len;
unsigned int len_b;
int i;
block_nb = 1 + ((sha512_context::block_size - 17) <
(ctx.len % sha512_context::block_size));
len_b = (ctx.tot_len + ctx.len) << 3;
pm_len = block_nb << 7;
memset(ctx.block + ctx.len, 0, pm_len - ctx.len);
ctx.block[ctx.len] = 0x80;
BEAST_SHA2_UNPACK32(len_b, ctx.block + pm_len - 4);
sha512_transform(ctx, ctx.block, block_nb);
for (i = 0 ; i < 8; i++)
BEAST_SHA2_UNPACK64(ctx.h[i], &pd[i << 3]);
}
template <class = void>
void secure_erase (sha512_context& ctx)
{
std::memset(ctx.block, 0, sizeof(ctx.block));
}
} // detail
} // beast
#endif

104
beast/crypto/sha512.h Normal file
View File

@@ -0,0 +1,104 @@
//------------------------------------------------------------------------------
/*
This file is part of Beast: https://github.com/vinniefalco/Beast
Copyright 2013, Vinnie Falco <vinnie.falco@gmail.com>
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL , DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
//==============================================================================
#ifndef BEAST_CRYPTO_SHA512_H_INCLUDED
#define BEAST_CRYPTO_SHA512_H_INCLUDED
#include <beast/hash/endian.h>
#include <beast/utility/noexcept.h>
#include <beast/crypto/impl/sha512_context.h>
#include <array>
namespace beast {
class sha512_hasher
{
public:
static beast::endian const endian =
beast::endian::native;
using result_type =
std::array<std::uint8_t, 64>;
sha512_hasher()
{
detail::init(ctx_);
}
void
operator()(void const* data,
std::size_t size) noexcept
{
detail::update(ctx_, data, size);
}
explicit
operator result_type() noexcept
{
result_type digest;
finish(ctx_, &digest[0]);
return digest;
}
private:
detail::sha512_context ctx_;
};
// secure version
class sha512_hasher_s
{
public:
static beast::endian const endian =
beast::endian::native;
using result_type =
std::array<std::uint8_t, 64>;
sha512_hasher_s()
{
init(ctx_);
}
~sha512_hasher_s()
{
secure_erase(ctx_);
}
void
operator()(void const* data,
std::size_t size) noexcept
{
update(ctx_, data, size);
}
explicit
operator result_type() noexcept
{
result_type digest;
finish(ctx_, &digest[0]);
return digest;
}
private:
detail::sha512_context ctx_;
};
}
#endif