sha3 2.0.0 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/.clang-format +1 -1
- data/.document +1 -2
- data/.rdoc_options +1 -0
- data/.rubocop.yml +3 -0
- data/Gemfile +1 -0
- data/README.md +37 -4
- data/Rakefile +4 -2
- data/doc/sha3.rb +2 -0
- data/ext/sha3/config.h +2 -2
- data/ext/sha3/digest.c +296 -211
- data/ext/sha3/digest.h +1 -66
- data/ext/sha3/extconf.rb +3 -3
- data/ext/sha3/kmac.c +504 -0
- data/ext/sha3/kmac.h +14 -0
- data/ext/sha3/sha3.c +31 -0
- data/ext/sha3/sha3.h +17 -0
- data/lib/constants.rb +5 -0
- data/lib/sha3.rb +28 -24
- data.tar.gz.sig +0 -0
- metadata +15 -21
- metadata.gz.sig +0 -0
data/ext/sha3/digest.c
CHANGED
|
@@ -1,5 +1,8 @@
|
|
|
1
1
|
#include "digest.h"
|
|
2
2
|
|
|
3
|
+
#include "KeccakHash.h"
|
|
4
|
+
#include "sha3.h"
|
|
5
|
+
|
|
3
6
|
/*
|
|
4
7
|
* == Notes
|
|
5
8
|
*
|
|
@@ -7,181 +10,255 @@
|
|
|
7
10
|
* | .alloc() ->
|
|
8
11
|
* | .new() ->
|
|
9
12
|
* | .update() ->
|
|
10
|
-
* | .digest or .hexdigest or .inspect -> (Instance.digest or .hexdigest())
|
|
11
|
-
* ->
|
|
13
|
+
* | .digest or .hexdigest or .inspect -> (Instance.digest or .hexdigest()) ->
|
|
12
14
|
* --| .alloc() ->
|
|
13
15
|
* | .copy() ->
|
|
14
16
|
* | .finish() ->
|
|
15
17
|
*
|
|
16
18
|
*/
|
|
17
19
|
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
20
|
+
/*** Types and structs ***/
|
|
21
|
+
|
|
22
|
+
typedef enum { SHA3_224 = 0, SHA3_256, SHA3_384, SHA3_512, SHAKE_128, SHAKE_256 } sha3_digest_algorithms;
|
|
23
|
+
|
|
24
|
+
typedef struct {
|
|
25
|
+
Keccak_HashInstance* state;
|
|
26
|
+
int hashbitlen;
|
|
27
|
+
sha3_digest_algorithms algorithm;
|
|
28
|
+
} sha3_digest_context_t;
|
|
29
|
+
|
|
30
|
+
typedef HashReturn (*keccak_init_func)(Keccak_HashInstance*);
|
|
31
|
+
|
|
32
|
+
/*** Function prototypes ***/
|
|
33
|
+
|
|
34
|
+
static int compare_contexts(const sha3_digest_context_t*, const sha3_digest_context_t*);
|
|
35
|
+
static inline void get_sha3_digest_context(VALUE, sha3_digest_context_t**);
|
|
36
|
+
static inline void safe_get_sha3_digest_context(VALUE, sha3_digest_context_t**);
|
|
37
|
+
|
|
38
|
+
static int get_hashbit_length(VALUE, sha3_digest_algorithms*);
|
|
39
|
+
static HashReturn keccak_hash_initialize(sha3_digest_context_t*);
|
|
40
|
+
|
|
41
|
+
static void sha3_digest_free_context(void*);
|
|
42
|
+
static size_t sha3_digest_context_size(const void*);
|
|
43
|
+
|
|
44
|
+
/* Allocation and initialization */
|
|
45
|
+
static VALUE rb_sha3_digest_alloc(VALUE);
|
|
46
|
+
static VALUE rb_sha3_digest_init(int, VALUE*, VALUE);
|
|
47
|
+
static VALUE rb_sha3_digest_copy(VALUE, VALUE);
|
|
48
|
+
|
|
49
|
+
/* Core digest operations */
|
|
50
|
+
static VALUE rb_sha3_digest_finish(int, VALUE*, VALUE);
|
|
51
|
+
static VALUE rb_sha3_digest_reset(VALUE);
|
|
52
|
+
static VALUE rb_sha3_digest_update(VALUE, VALUE);
|
|
53
|
+
|
|
54
|
+
/* Digest properties */
|
|
55
|
+
static VALUE rb_sha3_digest_block_length(VALUE);
|
|
56
|
+
static VALUE rb_sha3_digest_length(VALUE);
|
|
57
|
+
static VALUE rb_sha3_digest_name(VALUE);
|
|
58
|
+
|
|
59
|
+
/* Output methods */
|
|
60
|
+
static VALUE rb_sha3_digest_digest(int, VALUE*, VALUE);
|
|
61
|
+
static VALUE rb_sha3_digest_hexdigest(int, VALUE*, VALUE);
|
|
62
|
+
static VALUE rb_sha3_digest_hex_squeeze(VALUE, VALUE);
|
|
63
|
+
static VALUE rb_sha3_digest_squeeze(VALUE, VALUE);
|
|
64
|
+
static VALUE rb_sha3_digest_self_digest(VALUE, VALUE, VALUE);
|
|
65
|
+
static VALUE rb_sha3_digest_self_hexdigest(VALUE, VALUE, VALUE);
|
|
66
|
+
|
|
67
|
+
/*** Globals variables ***/
|
|
68
|
+
|
|
69
|
+
VALUE _sha3_digest_class;
|
|
70
|
+
VALUE _sha3_digest_error_class;
|
|
71
|
+
|
|
72
|
+
/* Define the ID variables */
|
|
73
|
+
static ID _sha3_224_id;
|
|
74
|
+
static ID _sha3_256_id;
|
|
75
|
+
static ID _sha3_384_id;
|
|
76
|
+
static ID _sha3_512_id;
|
|
77
|
+
static ID _shake_128_id;
|
|
78
|
+
static ID _shake_256_id;
|
|
79
|
+
|
|
80
|
+
/* TypedData structure for sha3_digest_context_t */
|
|
81
|
+
const rb_data_type_t sha3_digest_data_type_t = {"SHA3::Digest",
|
|
82
|
+
{
|
|
83
|
+
NULL,
|
|
84
|
+
sha3_digest_free_context,
|
|
85
|
+
sha3_digest_context_size,
|
|
86
|
+
},
|
|
87
|
+
NULL,
|
|
88
|
+
NULL,
|
|
89
|
+
RUBY_TYPED_FREE_IMMEDIATELY};
|
|
90
|
+
|
|
21
91
|
void Init_sha3_digest(void) {
|
|
22
92
|
rb_require("digest");
|
|
23
93
|
|
|
24
94
|
/* Initialize static symbol IDs for faster lookup in get_hlen() */
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
95
|
+
_sha3_224_id = rb_intern("sha3_224");
|
|
96
|
+
_sha3_256_id = rb_intern("sha3_256");
|
|
97
|
+
_sha3_384_id = rb_intern("sha3_384");
|
|
98
|
+
_sha3_512_id = rb_intern("sha3_512");
|
|
99
|
+
_shake_128_id = rb_intern("shake_128");
|
|
100
|
+
_shake_256_id = rb_intern("shake_256");
|
|
31
101
|
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
*/
|
|
37
|
-
sha3_module = rb_define_module("SHA3");
|
|
102
|
+
if (NIL_P(_sha3_module)) {
|
|
103
|
+
// This is both a safeguard and a workaround for RDoc
|
|
104
|
+
_sha3_module = rb_define_module("SHA3");
|
|
105
|
+
}
|
|
38
106
|
|
|
39
107
|
/*
|
|
40
108
|
* Document-class: SHA3::Digest
|
|
41
109
|
*
|
|
42
110
|
* It is a subclass of the Digest::Class class, which provides a framework for
|
|
43
|
-
* creating and manipulating hash
|
|
111
|
+
* creating and manipulating hash digest. Supported Algorithms are:
|
|
112
|
+
* - SHA3-224
|
|
113
|
+
* - SHA3-256
|
|
114
|
+
* - SHA3-384
|
|
115
|
+
* - SHA3-512
|
|
116
|
+
* - SHAKE128
|
|
117
|
+
* - SHAKE256
|
|
44
118
|
*/
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
/*
|
|
48
|
-
* Default-const: SHA3::VERSION
|
|
49
|
-
*
|
|
50
|
-
* It is the version of the SHA3 module.
|
|
51
|
-
*/
|
|
52
|
-
rb_define_const(sha3_module, "VERSION", rb_str_new2("2.0.0"));
|
|
119
|
+
_sha3_digest_class = rb_define_class_under(_sha3_module, "Digest", rb_path2class("Digest::Class"));
|
|
53
120
|
|
|
54
121
|
/*
|
|
55
122
|
* Document-class: SHA3::Digest::DigestError
|
|
56
123
|
*
|
|
124
|
+
* All SHA3::Digest methods raise this exception on error.
|
|
125
|
+
*
|
|
57
126
|
* It is a subclass of the StandardError class -- see the Ruby documentation
|
|
58
127
|
* for more information.
|
|
59
128
|
*/
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
rb_define_alloc_func(
|
|
63
|
-
rb_define_method(
|
|
64
|
-
rb_define_method(
|
|
65
|
-
rb_define_method(
|
|
66
|
-
rb_define_method(
|
|
67
|
-
rb_define_method(
|
|
68
|
-
rb_define_method(
|
|
69
|
-
rb_define_method(
|
|
70
|
-
|
|
71
|
-
rb_define_method(
|
|
72
|
-
rb_define_method(
|
|
73
|
-
rb_define_method(
|
|
74
|
-
|
|
129
|
+
_sha3_digest_error_class = rb_define_class_under(_sha3_digest_class, "DigestError", rb_eStandardError);
|
|
130
|
+
|
|
131
|
+
rb_define_alloc_func(_sha3_digest_class, rb_sha3_digest_alloc);
|
|
132
|
+
rb_define_method(_sha3_digest_class, "initialize", rb_sha3_digest_init, -1);
|
|
133
|
+
rb_define_method(_sha3_digest_class, "update", rb_sha3_digest_update, 1);
|
|
134
|
+
rb_define_method(_sha3_digest_class, "reset", rb_sha3_digest_reset, 0);
|
|
135
|
+
rb_define_method(_sha3_digest_class, "initialize_copy", rb_sha3_digest_copy, 1);
|
|
136
|
+
rb_define_method(_sha3_digest_class, "digest_length", rb_sha3_digest_length, 0);
|
|
137
|
+
rb_define_method(_sha3_digest_class, "block_length", rb_sha3_digest_block_length, 0);
|
|
138
|
+
rb_define_method(_sha3_digest_class, "name", rb_sha3_digest_name, 0);
|
|
139
|
+
|
|
140
|
+
rb_define_method(_sha3_digest_class, "squeeze", rb_sha3_digest_squeeze, 1);
|
|
141
|
+
rb_define_method(_sha3_digest_class, "hex_squeeze", rb_sha3_digest_hex_squeeze, 1);
|
|
142
|
+
rb_define_method(_sha3_digest_class, "digest", rb_sha3_digest_digest, -1);
|
|
143
|
+
rb_define_method(_sha3_digest_class, "hexdigest", rb_sha3_digest_hexdigest, -1);
|
|
144
|
+
|
|
145
|
+
rb_define_private_method(_sha3_digest_class, "finish", rb_sha3_digest_finish, -1);
|
|
75
146
|
|
|
76
147
|
/* Define the class method self.digest */
|
|
77
|
-
rb_define_singleton_method(
|
|
78
|
-
rb_define_singleton_method(
|
|
79
|
-
|
|
148
|
+
rb_define_singleton_method(_sha3_digest_class, "digest", rb_sha3_digest_self_digest, 2);
|
|
149
|
+
rb_define_singleton_method(_sha3_digest_class, "hexdigest", rb_sha3_digest_self_hexdigest, 2);
|
|
150
|
+
|
|
151
|
+
rb_define_alias(_sha3_digest_class, "<<", "update");
|
|
80
152
|
}
|
|
81
153
|
|
|
82
|
-
|
|
154
|
+
// Static inline functions replacing macros
|
|
155
|
+
static inline void get_sha3_digest_context(VALUE obj, sha3_digest_context_t** context) {
|
|
156
|
+
TypedData_Get_Struct((obj), sha3_digest_context_t, &sha3_digest_data_type_t, (*context));
|
|
157
|
+
if (!(*context)) {
|
|
158
|
+
rb_raise(rb_eRuntimeError, "Digest data not initialized!");
|
|
159
|
+
}
|
|
160
|
+
}
|
|
161
|
+
|
|
162
|
+
static inline void safe_get_sha3_digest_context(VALUE obj, sha3_digest_context_t** context) {
|
|
163
|
+
if (!rb_obj_is_kind_of(obj, _sha3_digest_class)) {
|
|
164
|
+
rb_raise(rb_eTypeError, "wrong argument (%s)! (expected %s)", rb_obj_classname(obj),
|
|
165
|
+
rb_class2name(_sha3_digest_class));
|
|
166
|
+
}
|
|
167
|
+
get_sha3_digest_context(obj, context);
|
|
168
|
+
}
|
|
169
|
+
|
|
170
|
+
int get_hashbit_length(VALUE obj, sha3_digest_algorithms* algorithm) {
|
|
83
171
|
if (TYPE(obj) == T_SYMBOL) {
|
|
84
172
|
ID symid = SYM2ID(obj);
|
|
85
173
|
|
|
86
|
-
if (symid ==
|
|
174
|
+
if (symid == _sha3_224_id) {
|
|
87
175
|
*algorithm = SHA3_224;
|
|
88
176
|
return 224;
|
|
89
|
-
} else if (symid ==
|
|
177
|
+
} else if (symid == _sha3_256_id) {
|
|
90
178
|
*algorithm = SHA3_256;
|
|
91
179
|
return 256;
|
|
92
|
-
} else if (symid ==
|
|
180
|
+
} else if (symid == _sha3_384_id) {
|
|
93
181
|
*algorithm = SHA3_384;
|
|
94
182
|
return 384;
|
|
95
|
-
} else if (symid ==
|
|
183
|
+
} else if (symid == _sha3_512_id) {
|
|
96
184
|
*algorithm = SHA3_512;
|
|
97
185
|
return 512;
|
|
98
|
-
} else if (symid ==
|
|
186
|
+
} else if (symid == _shake_128_id) {
|
|
99
187
|
*algorithm = SHAKE_128;
|
|
100
188
|
return 128;
|
|
101
|
-
} else if (symid ==
|
|
189
|
+
} else if (symid == _shake_256_id) {
|
|
102
190
|
*algorithm = SHAKE_256;
|
|
103
191
|
return 256;
|
|
104
192
|
}
|
|
105
193
|
|
|
106
|
-
rb_raise(
|
|
194
|
+
rb_raise(_sha3_digest_error_class,
|
|
107
195
|
"invalid hash algorithm symbol (should be: :sha3_224, "
|
|
108
196
|
":sha3_256, :sha3_384, :sha3_512, :shake_128, or :shake_256)");
|
|
109
197
|
}
|
|
110
198
|
|
|
111
|
-
rb_raise(
|
|
199
|
+
rb_raise(_sha3_digest_error_class, "unknown type value");
|
|
112
200
|
return 0; // Never reached, but silences compiler warnings
|
|
113
201
|
}
|
|
114
202
|
|
|
115
|
-
static void
|
|
116
|
-
|
|
117
|
-
if (
|
|
118
|
-
if (
|
|
119
|
-
free(
|
|
203
|
+
static void sha3_digest_free_context(void* ptr) {
|
|
204
|
+
sha3_digest_context_t* context = (sha3_digest_context_t*)ptr;
|
|
205
|
+
if (context) {
|
|
206
|
+
if (context->state) {
|
|
207
|
+
free(context->state);
|
|
120
208
|
}
|
|
121
|
-
free(
|
|
209
|
+
free(context);
|
|
122
210
|
}
|
|
123
211
|
}
|
|
124
212
|
|
|
125
|
-
static size_t
|
|
126
|
-
const
|
|
127
|
-
size_t size = sizeof(
|
|
213
|
+
static size_t sha3_digest_context_size(const void* ptr) {
|
|
214
|
+
const sha3_digest_context_t* context = (const sha3_digest_context_t*)ptr;
|
|
215
|
+
size_t size = sizeof(sha3_digest_context_t);
|
|
128
216
|
|
|
129
|
-
if (
|
|
217
|
+
if (context && context->state) {
|
|
130
218
|
size += sizeof(Keccak_HashInstance);
|
|
131
219
|
}
|
|
132
220
|
|
|
133
221
|
return size;
|
|
134
222
|
}
|
|
135
223
|
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
{
|
|
139
|
-
NULL,
|
|
140
|
-
mdx_free,
|
|
141
|
-
mdx_memsize,
|
|
142
|
-
},
|
|
143
|
-
NULL,
|
|
144
|
-
NULL,
|
|
145
|
-
RUBY_TYPED_FREE_IMMEDIATELY};
|
|
146
|
-
|
|
147
|
-
static VALUE rb_digest_alloc(VALUE klass) {
|
|
148
|
-
MDX* mdx = (MDX*)malloc(sizeof(MDX));
|
|
149
|
-
if (!mdx) {
|
|
150
|
-
rb_raise(digest_error_class, "failed to allocate object memory");
|
|
151
|
-
}
|
|
152
|
-
|
|
153
|
-
mdx->state = (Keccak_HashInstance*)calloc(1, sizeof(Keccak_HashInstance));
|
|
154
|
-
if (!mdx->state) {
|
|
155
|
-
mdx_free(mdx);
|
|
156
|
-
rb_raise(digest_error_class, "failed to allocate state memory");
|
|
157
|
-
}
|
|
158
|
-
|
|
159
|
-
VALUE obj = TypedData_Wrap_Struct(klass, &mdx_type, mdx);
|
|
160
|
-
mdx->hashbitlen = 0;
|
|
161
|
-
mdx->algorithm = SHA3_256; // Default algorithm
|
|
162
|
-
|
|
163
|
-
return obj;
|
|
164
|
-
}
|
|
165
|
-
|
|
166
|
-
HashReturn keccak_hash_initialize(MDX* mdx) {
|
|
167
|
-
switch (mdx->algorithm) {
|
|
224
|
+
static HashReturn keccak_hash_initialize(sha3_digest_context_t* context) {
|
|
225
|
+
switch (context->algorithm) {
|
|
168
226
|
case SHA3_224:
|
|
169
|
-
return Keccak_HashInitialize_SHA3_224(
|
|
227
|
+
return Keccak_HashInitialize_SHA3_224(context->state);
|
|
170
228
|
case SHA3_256:
|
|
171
|
-
return Keccak_HashInitialize_SHA3_256(
|
|
229
|
+
return Keccak_HashInitialize_SHA3_256(context->state);
|
|
172
230
|
case SHA3_384:
|
|
173
|
-
return Keccak_HashInitialize_SHA3_384(
|
|
231
|
+
return Keccak_HashInitialize_SHA3_384(context->state);
|
|
174
232
|
case SHA3_512:
|
|
175
|
-
return Keccak_HashInitialize_SHA3_512(
|
|
233
|
+
return Keccak_HashInitialize_SHA3_512(context->state);
|
|
176
234
|
case SHAKE_128:
|
|
177
|
-
return Keccak_HashInitialize_SHAKE128(
|
|
235
|
+
return Keccak_HashInitialize_SHAKE128(context->state);
|
|
178
236
|
case SHAKE_256:
|
|
179
|
-
return Keccak_HashInitialize_SHAKE256(
|
|
237
|
+
return Keccak_HashInitialize_SHAKE256(context->state);
|
|
180
238
|
}
|
|
181
239
|
|
|
182
240
|
return KECCAK_FAIL;
|
|
183
241
|
}
|
|
184
242
|
|
|
243
|
+
static VALUE rb_sha3_digest_alloc(VALUE klass) {
|
|
244
|
+
sha3_digest_context_t* context = (sha3_digest_context_t*)malloc(sizeof(sha3_digest_context_t));
|
|
245
|
+
if (!context) {
|
|
246
|
+
rb_raise(_sha3_digest_error_class, "failed to allocate object memory");
|
|
247
|
+
}
|
|
248
|
+
|
|
249
|
+
context->state = (Keccak_HashInstance*)calloc(1, sizeof(Keccak_HashInstance));
|
|
250
|
+
if (!context->state) {
|
|
251
|
+
sha3_digest_free_context(context);
|
|
252
|
+
rb_raise(_sha3_digest_error_class, "failed to allocate state memory");
|
|
253
|
+
}
|
|
254
|
+
|
|
255
|
+
VALUE obj = TypedData_Wrap_Struct(klass, &sha3_digest_data_type_t, context);
|
|
256
|
+
context->hashbitlen = 0;
|
|
257
|
+
context->algorithm = SHA3_256; // Default algorithm
|
|
258
|
+
|
|
259
|
+
return obj;
|
|
260
|
+
}
|
|
261
|
+
|
|
185
262
|
/*
|
|
186
263
|
* :call-seq:
|
|
187
264
|
* ::new() -> instance
|
|
@@ -206,26 +283,26 @@ HashReturn keccak_hash_initialize(MDX* mdx) {
|
|
|
206
283
|
* SHA3::Digest.new(:sha3_256)
|
|
207
284
|
* SHA3::Digest.new(:shake_128, "initial data")
|
|
208
285
|
*/
|
|
209
|
-
static VALUE
|
|
210
|
-
|
|
286
|
+
static VALUE rb_sha3_digest_init(int argc, VALUE* argv, VALUE self) {
|
|
287
|
+
sha3_digest_context_t* context;
|
|
211
288
|
VALUE hlen, data;
|
|
212
289
|
|
|
213
290
|
rb_scan_args(argc, argv, "02", &hlen, &data);
|
|
214
|
-
|
|
291
|
+
get_sha3_digest_context(self, &context);
|
|
215
292
|
|
|
216
293
|
if (NIL_P(hlen)) {
|
|
217
|
-
|
|
218
|
-
|
|
294
|
+
context->algorithm = SHA3_256;
|
|
295
|
+
context->hashbitlen = 256;
|
|
219
296
|
} else {
|
|
220
|
-
|
|
297
|
+
context->hashbitlen = get_hashbit_length(hlen, &context->algorithm);
|
|
221
298
|
}
|
|
222
299
|
|
|
223
|
-
if (keccak_hash_initialize(
|
|
224
|
-
rb_raise(
|
|
300
|
+
if (keccak_hash_initialize(context) != KECCAK_SUCCESS) {
|
|
301
|
+
rb_raise(_sha3_digest_error_class, "failed to initialize algorithm state");
|
|
225
302
|
}
|
|
226
303
|
|
|
227
304
|
if (!NIL_P(data)) {
|
|
228
|
-
return
|
|
305
|
+
return rb_sha3_digest_update(self, data);
|
|
229
306
|
}
|
|
230
307
|
|
|
231
308
|
return self;
|
|
@@ -244,12 +321,12 @@ static VALUE rb_digest_init(int argc, VALUE* argv, VALUE self) {
|
|
|
244
321
|
* digest.update("more data")
|
|
245
322
|
* digest << "more data" # alias for update
|
|
246
323
|
*/
|
|
247
|
-
static VALUE
|
|
248
|
-
|
|
324
|
+
static VALUE rb_sha3_digest_update(VALUE self, VALUE data) {
|
|
325
|
+
sha3_digest_context_t* context;
|
|
249
326
|
BitLength dlen;
|
|
250
327
|
|
|
251
328
|
StringValue(data);
|
|
252
|
-
|
|
329
|
+
get_sha3_digest_context(self, &context);
|
|
253
330
|
|
|
254
331
|
// Check for empty data
|
|
255
332
|
if (RSTRING_LEN(data) == 0) {
|
|
@@ -258,13 +335,13 @@ static VALUE rb_digest_update(VALUE self, VALUE data) {
|
|
|
258
335
|
|
|
259
336
|
// Check for NULL data pointer
|
|
260
337
|
if (RSTRING_PTR(data) == NULL) {
|
|
261
|
-
rb_raise(
|
|
338
|
+
rb_raise(_sha3_digest_error_class, "cannot update with NULL data");
|
|
262
339
|
}
|
|
263
340
|
|
|
264
341
|
dlen = (RSTRING_LEN(data) * 8);
|
|
265
342
|
|
|
266
|
-
if (Keccak_HashUpdate(
|
|
267
|
-
rb_raise(
|
|
343
|
+
if (Keccak_HashUpdate(context->state, (BitSequence*)RSTRING_PTR(data), dlen) != KECCAK_SUCCESS) {
|
|
344
|
+
rb_raise(_sha3_digest_error_class, "failed to update hash data");
|
|
268
345
|
}
|
|
269
346
|
|
|
270
347
|
return self;
|
|
@@ -279,41 +356,41 @@ static VALUE rb_digest_update(VALUE self, VALUE data) {
|
|
|
279
356
|
* = example
|
|
280
357
|
* digest.reset
|
|
281
358
|
*/
|
|
282
|
-
static VALUE
|
|
283
|
-
|
|
284
|
-
|
|
359
|
+
static VALUE rb_sha3_digest_reset(VALUE self) {
|
|
360
|
+
sha3_digest_context_t* context;
|
|
361
|
+
get_sha3_digest_context(self, &context);
|
|
285
362
|
|
|
286
|
-
memset(
|
|
363
|
+
memset(context->state, 0, sizeof(Keccak_HashInstance));
|
|
287
364
|
|
|
288
|
-
if (keccak_hash_initialize(
|
|
289
|
-
rb_raise(
|
|
365
|
+
if (keccak_hash_initialize(context) != KECCAK_SUCCESS) {
|
|
366
|
+
rb_raise(_sha3_digest_error_class, "failed to reset internal state");
|
|
290
367
|
}
|
|
291
368
|
|
|
292
369
|
return self;
|
|
293
370
|
}
|
|
294
371
|
|
|
295
|
-
static int
|
|
372
|
+
static int compare_contexts(const sha3_digest_context_t* context1, const sha3_digest_context_t* context2) {
|
|
296
373
|
// First check the hashbitlen and algorithm
|
|
297
|
-
if (
|
|
374
|
+
if (context1->hashbitlen != context2->hashbitlen || context1->algorithm != context2->algorithm) {
|
|
298
375
|
return 0;
|
|
299
376
|
}
|
|
300
377
|
|
|
301
378
|
// Compare the internal state structure
|
|
302
|
-
if (memcmp(&(
|
|
303
|
-
sizeof(
|
|
379
|
+
if (memcmp(&(context1->state->sponge.state), &(context2->state->sponge.state),
|
|
380
|
+
sizeof(context1->state->sponge.state)) != 0) {
|
|
304
381
|
return 0;
|
|
305
382
|
}
|
|
306
383
|
|
|
307
384
|
// Compare sponge parameters
|
|
308
|
-
if ((
|
|
309
|
-
(
|
|
310
|
-
(
|
|
385
|
+
if ((context1->state->sponge.rate != context2->state->sponge.rate) ||
|
|
386
|
+
(context1->state->sponge.byteIOIndex != context2->state->sponge.byteIOIndex) ||
|
|
387
|
+
(context1->state->sponge.squeezing != context2->state->sponge.squeezing)) {
|
|
311
388
|
return 0;
|
|
312
389
|
}
|
|
313
390
|
|
|
314
391
|
// Compare hash-specific parameters
|
|
315
|
-
if ((
|
|
316
|
-
(
|
|
392
|
+
if ((context1->state->fixedOutputLength != context2->state->fixedOutputLength) ||
|
|
393
|
+
(context1->state->delimitedSuffix != context2->state->delimitedSuffix)) {
|
|
317
394
|
return 0;
|
|
318
395
|
}
|
|
319
396
|
|
|
@@ -333,23 +410,29 @@ static int cmp_states(const MDX* mdx1, const MDX* mdx2) {
|
|
|
333
410
|
* = example
|
|
334
411
|
* new_digest = digest.dup
|
|
335
412
|
*/
|
|
336
|
-
static VALUE
|
|
337
|
-
|
|
413
|
+
static VALUE rb_sha3_digest_copy(VALUE self, VALUE other) {
|
|
414
|
+
sha3_digest_context_t* context;
|
|
415
|
+
sha3_digest_context_t* other_context;
|
|
338
416
|
|
|
339
417
|
rb_check_frozen(self);
|
|
340
|
-
if (self ==
|
|
418
|
+
if (self == other) {
|
|
341
419
|
return self;
|
|
342
420
|
}
|
|
343
421
|
|
|
344
|
-
|
|
345
|
-
|
|
422
|
+
if (!rb_obj_is_kind_of(other, _sha3_digest_class)) {
|
|
423
|
+
rb_raise(rb_eTypeError, "wrong argument (%s)! (expected %s)", rb_obj_classname(other),
|
|
424
|
+
rb_class2name(_sha3_digest_class));
|
|
425
|
+
}
|
|
346
426
|
|
|
347
|
-
|
|
348
|
-
|
|
349
|
-
mdx1->algorithm = mdx2->algorithm;
|
|
427
|
+
safe_get_sha3_digest_context(other, &other_context);
|
|
428
|
+
get_sha3_digest_context(self, &context);
|
|
350
429
|
|
|
351
|
-
|
|
352
|
-
|
|
430
|
+
context->hashbitlen = other_context->hashbitlen;
|
|
431
|
+
context->algorithm = other_context->algorithm;
|
|
432
|
+
memcpy(context->state, other_context->state, sizeof(Keccak_HashInstance));
|
|
433
|
+
|
|
434
|
+
if (!compare_contexts(context, other_context)) {
|
|
435
|
+
rb_raise(_sha3_digest_error_class, "failed to copy state");
|
|
353
436
|
}
|
|
354
437
|
|
|
355
438
|
return self;
|
|
@@ -364,11 +447,11 @@ static VALUE rb_digest_copy(VALUE self, VALUE obj) {
|
|
|
364
447
|
* = example
|
|
365
448
|
* digest.length #=> 32 for SHA3-256
|
|
366
449
|
*/
|
|
367
|
-
static VALUE
|
|
368
|
-
|
|
369
|
-
|
|
450
|
+
static VALUE rb_sha3_digest_length(VALUE self) {
|
|
451
|
+
sha3_digest_context_t* context;
|
|
452
|
+
get_sha3_digest_context(self, &context);
|
|
370
453
|
|
|
371
|
-
return ULL2NUM(
|
|
454
|
+
return ULL2NUM(context->hashbitlen / 8);
|
|
372
455
|
}
|
|
373
456
|
|
|
374
457
|
/*
|
|
@@ -380,11 +463,11 @@ static VALUE rb_digest_length(VALUE self) {
|
|
|
380
463
|
* = example
|
|
381
464
|
* digest.block_length
|
|
382
465
|
*/
|
|
383
|
-
static VALUE
|
|
384
|
-
|
|
385
|
-
|
|
466
|
+
static VALUE rb_sha3_digest_block_length(VALUE self) {
|
|
467
|
+
sha3_digest_context_t* context;
|
|
468
|
+
get_sha3_digest_context(self, &context);
|
|
386
469
|
|
|
387
|
-
return ULL2NUM(200 - (2 * (
|
|
470
|
+
return ULL2NUM(200 - (2 * (context->hashbitlen / 8)));
|
|
388
471
|
}
|
|
389
472
|
|
|
390
473
|
/*
|
|
@@ -396,11 +479,11 @@ static VALUE rb_digest_block_length(VALUE self) {
|
|
|
396
479
|
* = example
|
|
397
480
|
* digest.name #=> "SHA3-256"
|
|
398
481
|
*/
|
|
399
|
-
static VALUE
|
|
400
|
-
|
|
401
|
-
|
|
482
|
+
static VALUE rb_sha3_digest_name(VALUE self) {
|
|
483
|
+
sha3_digest_context_t* context;
|
|
484
|
+
get_sha3_digest_context(self, &context);
|
|
402
485
|
|
|
403
|
-
switch (
|
|
486
|
+
switch (context->algorithm) {
|
|
404
487
|
case SHA3_224:
|
|
405
488
|
return rb_str_new2("SHA3-224");
|
|
406
489
|
case SHA3_256:
|
|
@@ -414,7 +497,7 @@ static VALUE rb_digest_name(VALUE self) {
|
|
|
414
497
|
case SHAKE_256:
|
|
415
498
|
return rb_str_new2("SHAKE256");
|
|
416
499
|
default:
|
|
417
|
-
rb_raise(
|
|
500
|
+
rb_raise(_sha3_digest_error_class, "unknown algorithm");
|
|
418
501
|
}
|
|
419
502
|
}
|
|
420
503
|
|
|
@@ -431,17 +514,17 @@ static VALUE rb_digest_name(VALUE self) {
|
|
|
431
514
|
* digest.finish
|
|
432
515
|
* digest.finish("final chunk")
|
|
433
516
|
*/
|
|
434
|
-
static VALUE
|
|
435
|
-
|
|
517
|
+
static VALUE rb_sha3_digest_finish(int argc, VALUE* argv, VALUE self) {
|
|
518
|
+
sha3_digest_context_t* context;
|
|
436
519
|
VALUE str;
|
|
437
520
|
int digest_bytes;
|
|
438
521
|
|
|
439
522
|
rb_scan_args(argc, argv, "01", &str);
|
|
440
|
-
|
|
523
|
+
get_sha3_digest_context(self, &context);
|
|
441
524
|
|
|
442
525
|
// For both SHA3 and SHAKE algorithms, use the security strength (hashbitlen)
|
|
443
526
|
// as the default output length
|
|
444
|
-
digest_bytes =
|
|
527
|
+
digest_bytes = context->hashbitlen / 8;
|
|
445
528
|
|
|
446
529
|
if (NIL_P(str)) {
|
|
447
530
|
str = rb_str_new(0, digest_bytes);
|
|
@@ -450,8 +533,8 @@ static VALUE rb_digest_finish(int argc, VALUE* argv, VALUE self) {
|
|
|
450
533
|
rb_str_resize(str, digest_bytes);
|
|
451
534
|
}
|
|
452
535
|
|
|
453
|
-
if (Keccak_HashFinal(
|
|
454
|
-
rb_raise(
|
|
536
|
+
if (Keccak_HashFinal(context->state, (BitSequence*)RSTRING_PTR(str)) != KECCAK_SUCCESS) {
|
|
537
|
+
rb_raise(_sha3_digest_error_class, "failed to finalize digest");
|
|
455
538
|
}
|
|
456
539
|
|
|
457
540
|
return str;
|
|
@@ -462,6 +545,7 @@ static VALUE rb_digest_finish(int argc, VALUE* argv, VALUE self) {
|
|
|
462
545
|
* squeeze(length) -> String
|
|
463
546
|
*
|
|
464
547
|
* Returns the squeezed output as a binary string. Only available for SHAKE algorithms.
|
|
548
|
+
* This method creates a copy of the current instance to preserve the original state.
|
|
465
549
|
*
|
|
466
550
|
* +length+::
|
|
467
551
|
* The length in bytes of the output to squeeze.
|
|
@@ -469,8 +553,8 @@ static VALUE rb_digest_finish(int argc, VALUE* argv, VALUE self) {
|
|
|
469
553
|
* = example
|
|
470
554
|
* digest.squeeze(32) # Get 32 bytes of output
|
|
471
555
|
*/
|
|
472
|
-
static VALUE
|
|
473
|
-
|
|
556
|
+
static VALUE rb_sha3_digest_squeeze(VALUE self, VALUE length) {
|
|
557
|
+
sha3_digest_context_t* context;
|
|
474
558
|
VALUE str, copy;
|
|
475
559
|
int output_bytes;
|
|
476
560
|
|
|
@@ -478,38 +562,35 @@ static VALUE rb_digest_squeeze(VALUE self, VALUE length) {
|
|
|
478
562
|
output_bytes = NUM2INT(length);
|
|
479
563
|
|
|
480
564
|
if (output_bytes <= 0) {
|
|
481
|
-
rb_raise(
|
|
565
|
+
rb_raise(_sha3_digest_error_class, "output length must be positive");
|
|
482
566
|
}
|
|
483
567
|
|
|
484
|
-
|
|
568
|
+
get_sha3_digest_context(self, &context);
|
|
485
569
|
|
|
486
570
|
// Only SHAKE algorithms support arbitrary-length output
|
|
487
|
-
if (
|
|
488
|
-
rb_raise(
|
|
571
|
+
if (context->algorithm != SHAKE_128 && context->algorithm != SHAKE_256) {
|
|
572
|
+
rb_raise(_sha3_digest_error_class, "squeeze is only supported for SHAKE algorithms");
|
|
489
573
|
}
|
|
490
574
|
|
|
491
575
|
// Create a copy of the digest object to avoid modifying the original
|
|
492
576
|
copy = rb_obj_clone(self);
|
|
493
577
|
|
|
494
|
-
// Get the
|
|
495
|
-
|
|
496
|
-
|
|
578
|
+
// Get the sha3_digest_context_t struct from the copy
|
|
579
|
+
sha3_digest_context_t* context_copy;
|
|
580
|
+
get_sha3_digest_context(copy, &context_copy);
|
|
497
581
|
|
|
498
582
|
str = rb_str_new(0, output_bytes);
|
|
499
583
|
|
|
500
584
|
// Finalize the hash on the copy
|
|
501
|
-
if (Keccak_HashFinal(
|
|
502
|
-
rb_raise(
|
|
585
|
+
if (Keccak_HashFinal(context_copy->state, NULL) != KECCAK_SUCCESS) {
|
|
586
|
+
rb_raise(_sha3_digest_error_class, "failed to finalize digest");
|
|
503
587
|
}
|
|
504
588
|
|
|
505
589
|
// Then squeeze out the desired number of bytes
|
|
506
|
-
if (Keccak_HashSqueeze(
|
|
507
|
-
|
|
508
|
-
rb_raise(digest_error_class, "failed to squeeze output");
|
|
590
|
+
if (Keccak_HashSqueeze(context_copy->state, (BitSequence*)RSTRING_PTR(str), output_bytes * 8) != KECCAK_SUCCESS) {
|
|
591
|
+
rb_raise(_sha3_digest_error_class, "failed to squeeze output");
|
|
509
592
|
}
|
|
510
593
|
|
|
511
|
-
// NOTE: We don't need the copy anymore...Ruby's GC will handle freeing it
|
|
512
|
-
|
|
513
594
|
return str;
|
|
514
595
|
}
|
|
515
596
|
|
|
@@ -526,17 +607,11 @@ static VALUE rb_digest_squeeze(VALUE self, VALUE length) {
|
|
|
526
607
|
* = example
|
|
527
608
|
* digest.hex_squeeze(32) # Get 64 hex characters (32 bytes)
|
|
528
609
|
*/
|
|
529
|
-
static VALUE
|
|
530
|
-
VALUE bin_str, result_array;
|
|
531
|
-
|
|
610
|
+
static VALUE rb_sha3_digest_hex_squeeze(VALUE self, VALUE length) {
|
|
532
611
|
// Get the binary output using the existing squeeze function
|
|
533
|
-
bin_str =
|
|
534
|
-
|
|
612
|
+
VALUE bin_str = rb_sha3_digest_squeeze(self, length);
|
|
535
613
|
// Use Ruby's built-in unpack method to convert to hex
|
|
536
|
-
|
|
537
|
-
|
|
538
|
-
// Extract the first element from the array
|
|
539
|
-
return rb_ary_entry(result_array, 0);
|
|
614
|
+
return rb_funcall(bin_str, rb_intern("unpack1"), 1, rb_str_new2("H*"));
|
|
540
615
|
}
|
|
541
616
|
|
|
542
617
|
/*
|
|
@@ -561,11 +636,11 @@ static VALUE rb_digest_hex_squeeze(VALUE self, VALUE length) {
|
|
|
561
636
|
* digest.digest(12) # For SHAKE algorithms
|
|
562
637
|
* digest.digest(12, 'compute me') # For SHAKE algorithms
|
|
563
638
|
*/
|
|
564
|
-
static VALUE
|
|
565
|
-
|
|
566
|
-
|
|
639
|
+
static VALUE rb_sha3_digest_digest(int argc, VALUE* argv, VALUE self) {
|
|
640
|
+
sha3_digest_context_t* context;
|
|
641
|
+
get_sha3_digest_context(self, &context);
|
|
567
642
|
|
|
568
|
-
if (
|
|
643
|
+
if (context->algorithm != SHAKE_128 && context->algorithm != SHAKE_256) {
|
|
569
644
|
return rb_call_super(argc, argv);
|
|
570
645
|
}
|
|
571
646
|
|
|
@@ -574,15 +649,18 @@ static VALUE rb_digest_digest(int argc, VALUE* argv, VALUE self) {
|
|
|
574
649
|
|
|
575
650
|
// For SHAKE algorithms
|
|
576
651
|
if (NIL_P(length)) {
|
|
577
|
-
rb_raise(
|
|
652
|
+
rb_raise(_sha3_digest_error_class, "output length must be specified for SHAKE algorithms");
|
|
578
653
|
}
|
|
579
654
|
|
|
655
|
+
// Add type checking for length
|
|
656
|
+
Check_Type(length, T_FIXNUM);
|
|
657
|
+
|
|
580
658
|
// If data is provided, update the state before squeezing
|
|
581
659
|
if (!NIL_P(data)) {
|
|
582
|
-
|
|
660
|
+
rb_sha3_digest_update(self, data);
|
|
583
661
|
}
|
|
584
662
|
|
|
585
|
-
return
|
|
663
|
+
return rb_sha3_digest_squeeze(self, length);
|
|
586
664
|
}
|
|
587
665
|
|
|
588
666
|
/*
|
|
@@ -607,11 +685,11 @@ static VALUE rb_digest_digest(int argc, VALUE* argv, VALUE self) {
|
|
|
607
685
|
* digest.hexdigest(12) # For SHAKE algorithms
|
|
608
686
|
* digest.hexdigest(12, 'compute me') # For SHAKE algorithms
|
|
609
687
|
*/
|
|
610
|
-
static VALUE
|
|
611
|
-
|
|
612
|
-
|
|
688
|
+
static VALUE rb_sha3_digest_hexdigest(int argc, VALUE* argv, VALUE self) {
|
|
689
|
+
sha3_digest_context_t* context;
|
|
690
|
+
get_sha3_digest_context(self, &context);
|
|
613
691
|
|
|
614
|
-
if (
|
|
692
|
+
if (context->algorithm != SHAKE_128 && context->algorithm != SHAKE_256) {
|
|
615
693
|
return rb_call_super(argc, argv);
|
|
616
694
|
}
|
|
617
695
|
|
|
@@ -619,15 +697,18 @@ static VALUE rb_digest_hexdigest(int argc, VALUE* argv, VALUE self) {
|
|
|
619
697
|
rb_scan_args(argc, argv, "02", &length, &data);
|
|
620
698
|
|
|
621
699
|
if (NIL_P(length)) {
|
|
622
|
-
rb_raise(
|
|
700
|
+
rb_raise(_sha3_digest_error_class, "output length must be specified for SHAKE algorithms");
|
|
623
701
|
}
|
|
624
702
|
|
|
703
|
+
// Add type checking for length
|
|
704
|
+
Check_Type(length, T_FIXNUM);
|
|
705
|
+
|
|
625
706
|
// If data is provided, update the state before squeezing
|
|
626
707
|
if (!NIL_P(data)) {
|
|
627
|
-
|
|
708
|
+
rb_sha3_digest_update(self, data);
|
|
628
709
|
}
|
|
629
710
|
|
|
630
|
-
return
|
|
711
|
+
return rb_sha3_digest_hex_squeeze(self, length);
|
|
631
712
|
}
|
|
632
713
|
|
|
633
714
|
/*
|
|
@@ -656,25 +737,27 @@ static VALUE rb_digest_hexdigest(int argc, VALUE* argv, VALUE self) {
|
|
|
656
737
|
* This method defaults to squeezing 16 bytes for SHAKE128 and 32 bytes for SHAKE256.
|
|
657
738
|
* To squeeze a different length, use #squeeze instance method.
|
|
658
739
|
*/
|
|
659
|
-
static VALUE
|
|
740
|
+
static VALUE rb_sha3_digest_self_digest(VALUE klass, VALUE name, VALUE data) {
|
|
660
741
|
VALUE args[2];
|
|
661
|
-
|
|
742
|
+
|
|
743
|
+
// Need to add type checking for the data parameter
|
|
744
|
+
StringValue(data);
|
|
662
745
|
|
|
663
746
|
/* For SHAKE algorithms, we need to handle them differently */
|
|
664
747
|
if (TYPE(name) == T_SYMBOL) {
|
|
665
748
|
ID symid = SYM2ID(name);
|
|
666
|
-
if (symid ==
|
|
749
|
+
if (symid == _shake_128_id || symid == _shake_256_id) {
|
|
667
750
|
/* Create a new digest instance with the specified algorithm */
|
|
668
751
|
VALUE digest = rb_class_new_instance(1, &name, klass);
|
|
669
752
|
|
|
670
753
|
/* Update it with the data */
|
|
671
|
-
|
|
754
|
+
rb_sha3_digest_update(digest, data);
|
|
672
755
|
|
|
673
756
|
/* For SHAKE algorithms, use a default output length based on the security strength */
|
|
674
|
-
int output_length = (symid ==
|
|
757
|
+
int output_length = (symid == _shake_128_id) ? 16 : 32; /* 128/8 or 256/8 */
|
|
675
758
|
|
|
676
759
|
/* Return the squeezed output */
|
|
677
|
-
return
|
|
760
|
+
return rb_sha3_digest_squeeze(digest, INT2NUM(output_length));
|
|
678
761
|
}
|
|
679
762
|
}
|
|
680
763
|
|
|
@@ -712,25 +795,27 @@ static VALUE rb_digest_self_digest(VALUE klass, VALUE name, VALUE data) {
|
|
|
712
795
|
* This method defaults to squeezing 16 bytes for SHAKE128 and 32 bytes for SHAKE256.
|
|
713
796
|
* To squeeze a different length, use #hex_squeeze instance method.
|
|
714
797
|
*/
|
|
715
|
-
static VALUE
|
|
798
|
+
static VALUE rb_sha3_digest_self_hexdigest(VALUE klass, VALUE name, VALUE data) {
|
|
716
799
|
VALUE args[2];
|
|
717
|
-
|
|
800
|
+
|
|
801
|
+
// Need to add type checking for the data parameter
|
|
802
|
+
StringValue(data);
|
|
718
803
|
|
|
719
804
|
/* For SHAKE algorithms, we need to handle them differently */
|
|
720
805
|
if (TYPE(name) == T_SYMBOL) {
|
|
721
806
|
ID symid = SYM2ID(name);
|
|
722
|
-
if (symid ==
|
|
807
|
+
if (symid == _shake_128_id || symid == _shake_256_id) {
|
|
723
808
|
/* Create a new digest instance with the specified algorithm */
|
|
724
809
|
VALUE digest = rb_class_new_instance(1, &name, klass);
|
|
725
810
|
|
|
726
811
|
/* Update it with the data */
|
|
727
|
-
|
|
812
|
+
rb_sha3_digest_update(digest, data);
|
|
728
813
|
|
|
729
814
|
/* For SHAKE algorithms, use a default output length based on the security strength */
|
|
730
|
-
int output_length = (symid ==
|
|
815
|
+
int output_length = (symid == _shake_128_id) ? 16 : 32; /* 128/8 or 256/8 */
|
|
731
816
|
|
|
732
817
|
/* Return the hexadecimal representation of the squeezed output */
|
|
733
|
-
return
|
|
818
|
+
return rb_sha3_digest_hex_squeeze(digest, INT2NUM(output_length));
|
|
734
819
|
}
|
|
735
820
|
}
|
|
736
821
|
|