ttcrypt 0.0.7 → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +23 -10
- data/ext/ttcrypt/byte_buffer.h +2 -2
- data/ext/ttcrypt/extconf.rb +4 -4
- data/ext/ttcrypt/md_helper._c +346 -0
- data/ext/ttcrypt/sha1.cpp +1 -1
- data/ext/ttcrypt/sha512.c +247 -0
- data/ext/ttcrypt/sph_sha2.h +378 -0
- data/ext/ttcrypt/sph_types.h +1976 -0
- data/ext/ttcrypt/ttcrypt.cpp +13 -0
- data/ext/ttcrypt/ttcrypt.h +2 -1
- data/ext/ttcrypt/ttcrypt_ruby.cpp +40 -0
- data/lib/ttcrypt.rb +60 -6
- data/lib/ttcrypt/version.rb +1 -1
- data/spec/bigint_tools_spec.rb +15 -0
- data/spec/spec_helper.rb +17 -1
- data/spec/ttcrypt_spec.rb +162 -157
- metadata +9 -3
data/ext/ttcrypt/sha1.cpp
CHANGED
@@ -39,7 +39,7 @@ namespace sha1
|
|
39
39
|
namespace // local
|
40
40
|
{
|
41
41
|
// Rotate an integer value to left.
|
42
|
-
inline
|
42
|
+
inline unsigned int rol(const unsigned int value,
|
43
43
|
const unsigned int steps)
|
44
44
|
{
|
45
45
|
return ((value << steps) | (value >> (32 - steps)));
|
@@ -0,0 +1,247 @@
|
|
1
|
+
/* $Id: sha2big.c 216 2010-06-08 09:46:57Z tp $ */
|
2
|
+
/*
|
3
|
+
* SHA-384 / SHA-512 implementation.
|
4
|
+
*
|
5
|
+
* ==========================(LICENSE BEGIN)============================
|
6
|
+
*
|
7
|
+
* Copyright (c) 2007-2010 Projet RNRT SAPHIR
|
8
|
+
*
|
9
|
+
* Permission is hereby granted, free of charge, to any person obtaining
|
10
|
+
* a copy of this software and associated documentation files (the
|
11
|
+
* "Software"), to deal in the Software without restriction, including
|
12
|
+
* without limitation the rights to use, copy, modify, merge, publish,
|
13
|
+
* distribute, sublicense, and/or sell copies of the Software, and to
|
14
|
+
* permit persons to whom the Software is furnished to do so, subject to
|
15
|
+
* the following conditions:
|
16
|
+
*
|
17
|
+
* The above copyright notice and this permission notice shall be
|
18
|
+
* included in all copies or substantial portions of the Software.
|
19
|
+
*
|
20
|
+
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
21
|
+
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
22
|
+
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
23
|
+
* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
24
|
+
* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
25
|
+
* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
26
|
+
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
27
|
+
*
|
28
|
+
* ===========================(LICENSE END)=============================
|
29
|
+
*
|
30
|
+
* @author Thomas Pornin <thomas.pornin@cryptolog.com>
|
31
|
+
*/
|
32
|
+
|
33
|
+
#include <stddef.h>
|
34
|
+
#include <string.h>
|
35
|
+
|
36
|
+
#include "sph_sha2.h"
|
37
|
+
|
38
|
+
#if SPH_64
|
39
|
+
|
40
|
+
#define CH(X, Y, Z) ((((Y) ^ (Z)) & (X)) ^ (Z))
|
41
|
+
#define MAJ(X, Y, Z) (((X) & (Y)) | (((X) | (Y)) & (Z)))
|
42
|
+
|
43
|
+
#define ROTR64 SPH_ROTR64
|
44
|
+
|
45
|
+
#define BSG5_0(x) (ROTR64(x, 28) ^ ROTR64(x, 34) ^ ROTR64(x, 39))
|
46
|
+
#define BSG5_1(x) (ROTR64(x, 14) ^ ROTR64(x, 18) ^ ROTR64(x, 41))
|
47
|
+
#define SSG5_0(x) (ROTR64(x, 1) ^ ROTR64(x, 8) ^ SPH_T64((x) >> 7))
|
48
|
+
#define SSG5_1(x) (ROTR64(x, 19) ^ ROTR64(x, 61) ^ SPH_T64((x) >> 6))
|
49
|
+
|
50
|
+
static const sph_u64 K512[80] = {
|
51
|
+
SPH_C64(0x428A2F98D728AE22), SPH_C64(0x7137449123EF65CD),
|
52
|
+
SPH_C64(0xB5C0FBCFEC4D3B2F), SPH_C64(0xE9B5DBA58189DBBC),
|
53
|
+
SPH_C64(0x3956C25BF348B538), SPH_C64(0x59F111F1B605D019),
|
54
|
+
SPH_C64(0x923F82A4AF194F9B), SPH_C64(0xAB1C5ED5DA6D8118),
|
55
|
+
SPH_C64(0xD807AA98A3030242), SPH_C64(0x12835B0145706FBE),
|
56
|
+
SPH_C64(0x243185BE4EE4B28C), SPH_C64(0x550C7DC3D5FFB4E2),
|
57
|
+
SPH_C64(0x72BE5D74F27B896F), SPH_C64(0x80DEB1FE3B1696B1),
|
58
|
+
SPH_C64(0x9BDC06A725C71235), SPH_C64(0xC19BF174CF692694),
|
59
|
+
SPH_C64(0xE49B69C19EF14AD2), SPH_C64(0xEFBE4786384F25E3),
|
60
|
+
SPH_C64(0x0FC19DC68B8CD5B5), SPH_C64(0x240CA1CC77AC9C65),
|
61
|
+
SPH_C64(0x2DE92C6F592B0275), SPH_C64(0x4A7484AA6EA6E483),
|
62
|
+
SPH_C64(0x5CB0A9DCBD41FBD4), SPH_C64(0x76F988DA831153B5),
|
63
|
+
SPH_C64(0x983E5152EE66DFAB), SPH_C64(0xA831C66D2DB43210),
|
64
|
+
SPH_C64(0xB00327C898FB213F), SPH_C64(0xBF597FC7BEEF0EE4),
|
65
|
+
SPH_C64(0xC6E00BF33DA88FC2), SPH_C64(0xD5A79147930AA725),
|
66
|
+
SPH_C64(0x06CA6351E003826F), SPH_C64(0x142929670A0E6E70),
|
67
|
+
SPH_C64(0x27B70A8546D22FFC), SPH_C64(0x2E1B21385C26C926),
|
68
|
+
SPH_C64(0x4D2C6DFC5AC42AED), SPH_C64(0x53380D139D95B3DF),
|
69
|
+
SPH_C64(0x650A73548BAF63DE), SPH_C64(0x766A0ABB3C77B2A8),
|
70
|
+
SPH_C64(0x81C2C92E47EDAEE6), SPH_C64(0x92722C851482353B),
|
71
|
+
SPH_C64(0xA2BFE8A14CF10364), SPH_C64(0xA81A664BBC423001),
|
72
|
+
SPH_C64(0xC24B8B70D0F89791), SPH_C64(0xC76C51A30654BE30),
|
73
|
+
SPH_C64(0xD192E819D6EF5218), SPH_C64(0xD69906245565A910),
|
74
|
+
SPH_C64(0xF40E35855771202A), SPH_C64(0x106AA07032BBD1B8),
|
75
|
+
SPH_C64(0x19A4C116B8D2D0C8), SPH_C64(0x1E376C085141AB53),
|
76
|
+
SPH_C64(0x2748774CDF8EEB99), SPH_C64(0x34B0BCB5E19B48A8),
|
77
|
+
SPH_C64(0x391C0CB3C5C95A63), SPH_C64(0x4ED8AA4AE3418ACB),
|
78
|
+
SPH_C64(0x5B9CCA4F7763E373), SPH_C64(0x682E6FF3D6B2B8A3),
|
79
|
+
SPH_C64(0x748F82EE5DEFB2FC), SPH_C64(0x78A5636F43172F60),
|
80
|
+
SPH_C64(0x84C87814A1F0AB72), SPH_C64(0x8CC702081A6439EC),
|
81
|
+
SPH_C64(0x90BEFFFA23631E28), SPH_C64(0xA4506CEBDE82BDE9),
|
82
|
+
SPH_C64(0xBEF9A3F7B2C67915), SPH_C64(0xC67178F2E372532B),
|
83
|
+
SPH_C64(0xCA273ECEEA26619C), SPH_C64(0xD186B8C721C0C207),
|
84
|
+
SPH_C64(0xEADA7DD6CDE0EB1E), SPH_C64(0xF57D4F7FEE6ED178),
|
85
|
+
SPH_C64(0x06F067AA72176FBA), SPH_C64(0x0A637DC5A2C898A6),
|
86
|
+
SPH_C64(0x113F9804BEF90DAE), SPH_C64(0x1B710B35131C471B),
|
87
|
+
SPH_C64(0x28DB77F523047D84), SPH_C64(0x32CAAB7B40C72493),
|
88
|
+
SPH_C64(0x3C9EBE0A15C9BEBC), SPH_C64(0x431D67C49C100D4C),
|
89
|
+
SPH_C64(0x4CC5D4BECB3E42B6), SPH_C64(0x597F299CFC657E2A),
|
90
|
+
SPH_C64(0x5FCB6FAB3AD6FAEC), SPH_C64(0x6C44198C4A475817)
|
91
|
+
};
|
92
|
+
|
93
|
+
static const sph_u64 H384[8] = {
|
94
|
+
SPH_C64(0xCBBB9D5DC1059ED8), SPH_C64(0x629A292A367CD507),
|
95
|
+
SPH_C64(0x9159015A3070DD17), SPH_C64(0x152FECD8F70E5939),
|
96
|
+
SPH_C64(0x67332667FFC00B31), SPH_C64(0x8EB44A8768581511),
|
97
|
+
SPH_C64(0xDB0C2E0D64F98FA7), SPH_C64(0x47B5481DBEFA4FA4)
|
98
|
+
};
|
99
|
+
|
100
|
+
static const sph_u64 H512[8] = {
|
101
|
+
SPH_C64(0x6A09E667F3BCC908), SPH_C64(0xBB67AE8584CAA73B),
|
102
|
+
SPH_C64(0x3C6EF372FE94F82B), SPH_C64(0xA54FF53A5F1D36F1),
|
103
|
+
SPH_C64(0x510E527FADE682D1), SPH_C64(0x9B05688C2B3E6C1F),
|
104
|
+
SPH_C64(0x1F83D9ABFB41BD6B), SPH_C64(0x5BE0CD19137E2179)
|
105
|
+
};
|
106
|
+
|
107
|
+
/*
|
108
|
+
* This macro defines the body for a SHA-384 / SHA-512 compression function
|
109
|
+
* implementation. The "in" parameter should evaluate, when applied to a
|
110
|
+
* numerical input parameter from 0 to 15, to an expression which yields
|
111
|
+
* the corresponding input block. The "r" parameter should evaluate to
|
112
|
+
* an array or pointer expression designating the array of 8 words which
|
113
|
+
* contains the input and output of the compression function.
|
114
|
+
*
|
115
|
+
* SHA-512 is hard for the compiler. If the loop is completely unrolled,
|
116
|
+
* then the code will be quite huge (possibly more than 100 kB), and the
|
117
|
+
* performance will be degraded due to cache misses on the code. We
|
118
|
+
* unroll only eight steps, which avoids all needless copies when
|
119
|
+
* 64-bit registers are swapped.
|
120
|
+
*/
|
121
|
+
|
122
|
+
#define SHA3_STEP(A, B, C, D, E, F, G, H, i) do { \
|
123
|
+
sph_u64 T1, T2; \
|
124
|
+
T1 = SPH_T64(H + BSG5_1(E) + CH(E, F, G) + K512[i] + W[i]); \
|
125
|
+
T2 = SPH_T64(BSG5_0(A) + MAJ(A, B, C)); \
|
126
|
+
D = SPH_T64(D + T1); \
|
127
|
+
H = SPH_T64(T1 + T2); \
|
128
|
+
} while (0)
|
129
|
+
|
130
|
+
#define SHA3_ROUND_BODY(in, r) do { \
|
131
|
+
int i; \
|
132
|
+
sph_u64 A, B, C, D, E, F, G, H; \
|
133
|
+
sph_u64 W[80]; \
|
134
|
+
\
|
135
|
+
for (i = 0; i < 16; i ++) \
|
136
|
+
W[i] = in(i); \
|
137
|
+
for (i = 16; i < 80; i ++) \
|
138
|
+
W[i] = SPH_T64(SSG5_1(W[i - 2]) + W[i - 7] \
|
139
|
+
+ SSG5_0(W[i - 15]) + W[i - 16]); \
|
140
|
+
A = (r)[0]; \
|
141
|
+
B = (r)[1]; \
|
142
|
+
C = (r)[2]; \
|
143
|
+
D = (r)[3]; \
|
144
|
+
E = (r)[4]; \
|
145
|
+
F = (r)[5]; \
|
146
|
+
G = (r)[6]; \
|
147
|
+
H = (r)[7]; \
|
148
|
+
for (i = 0; i < 80; i += 8) { \
|
149
|
+
SHA3_STEP(A, B, C, D, E, F, G, H, i + 0); \
|
150
|
+
SHA3_STEP(H, A, B, C, D, E, F, G, i + 1); \
|
151
|
+
SHA3_STEP(G, H, A, B, C, D, E, F, i + 2); \
|
152
|
+
SHA3_STEP(F, G, H, A, B, C, D, E, i + 3); \
|
153
|
+
SHA3_STEP(E, F, G, H, A, B, C, D, i + 4); \
|
154
|
+
SHA3_STEP(D, E, F, G, H, A, B, C, i + 5); \
|
155
|
+
SHA3_STEP(C, D, E, F, G, H, A, B, i + 6); \
|
156
|
+
SHA3_STEP(B, C, D, E, F, G, H, A, i + 7); \
|
157
|
+
} \
|
158
|
+
(r)[0] = SPH_T64((r)[0] + A); \
|
159
|
+
(r)[1] = SPH_T64((r)[1] + B); \
|
160
|
+
(r)[2] = SPH_T64((r)[2] + C); \
|
161
|
+
(r)[3] = SPH_T64((r)[3] + D); \
|
162
|
+
(r)[4] = SPH_T64((r)[4] + E); \
|
163
|
+
(r)[5] = SPH_T64((r)[5] + F); \
|
164
|
+
(r)[6] = SPH_T64((r)[6] + G); \
|
165
|
+
(r)[7] = SPH_T64((r)[7] + H); \
|
166
|
+
} while (0)
|
167
|
+
|
168
|
+
/*
|
169
|
+
* One round of SHA-384 / SHA-512. The data must be aligned for 64-bit access.
|
170
|
+
*/
|
171
|
+
static void
|
172
|
+
sha3_round(const unsigned char *data, sph_u64 r[8])
|
173
|
+
{
|
174
|
+
#define SHA3_IN(x) sph_dec64be_aligned(data + (8 * (x)))
|
175
|
+
SHA3_ROUND_BODY(SHA3_IN, r);
|
176
|
+
#undef SHA3_IN
|
177
|
+
}
|
178
|
+
|
179
|
+
/* see sph_sha3.h */
|
180
|
+
void
|
181
|
+
sph_sha384_init(void *cc)
|
182
|
+
{
|
183
|
+
sph_sha384_context *sc;
|
184
|
+
|
185
|
+
sc = cc;
|
186
|
+
memcpy(sc->val, H384, sizeof H384);
|
187
|
+
sc->count = 0;
|
188
|
+
}
|
189
|
+
|
190
|
+
/* see sph_sha3.h */
|
191
|
+
void
|
192
|
+
sph_sha512_init(void *cc)
|
193
|
+
{
|
194
|
+
sph_sha512_context *sc;
|
195
|
+
|
196
|
+
sc = cc;
|
197
|
+
memcpy(sc->val, H512, sizeof H512);
|
198
|
+
sc->count = 0;
|
199
|
+
}
|
200
|
+
|
201
|
+
#define RFUN sha3_round
|
202
|
+
#define HASH sha384
|
203
|
+
#define BE64 1
|
204
|
+
#include "md_helper._c"
|
205
|
+
|
206
|
+
/* see sph_sha3.h */
|
207
|
+
void
|
208
|
+
sph_sha384_close(void *cc, void *dst)
|
209
|
+
{
|
210
|
+
sha384_close(cc, dst, 6);
|
211
|
+
sph_sha384_init(cc);
|
212
|
+
}
|
213
|
+
|
214
|
+
/* see sph_sha3.h */
|
215
|
+
void
|
216
|
+
sph_sha384_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst)
|
217
|
+
{
|
218
|
+
sha384_addbits_and_close(cc, ub, n, dst, 6);
|
219
|
+
sph_sha384_init(cc);
|
220
|
+
}
|
221
|
+
|
222
|
+
/* see sph_sha3.h */
|
223
|
+
void
|
224
|
+
sph_sha512_close(void *cc, void *dst)
|
225
|
+
{
|
226
|
+
sha384_close(cc, dst, 8);
|
227
|
+
sph_sha512_init(cc);
|
228
|
+
}
|
229
|
+
|
230
|
+
/* see sph_sha3.h */
|
231
|
+
void
|
232
|
+
sph_sha512_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst)
|
233
|
+
{
|
234
|
+
sha384_addbits_and_close(cc, ub, n, dst, 8);
|
235
|
+
sph_sha512_init(cc);
|
236
|
+
}
|
237
|
+
|
238
|
+
/* see sph_sha3.h */
|
239
|
+
void
|
240
|
+
sph_sha384_comp(const sph_u64 msg[16], sph_u64 val[8])
|
241
|
+
{
|
242
|
+
#define SHA3_IN(x) msg[x]
|
243
|
+
SHA3_ROUND_BODY(SHA3_IN, val);
|
244
|
+
#undef SHA3_IN
|
245
|
+
}
|
246
|
+
|
247
|
+
#endif
|
@@ -0,0 +1,378 @@
|
|
1
|
+
/* $Id: sph_sha2.h 216 2010-06-08 09:46:57Z tp $ */
|
2
|
+
/**
|
3
|
+
* SHA-224, SHA-256, SHA-384 and SHA-512 interface.
|
4
|
+
*
|
5
|
+
* SHA-256 has been published in FIPS 180-2, now amended with a change
|
6
|
+
* notice to include SHA-224 as well (which is a simple variation on
|
7
|
+
* SHA-256). SHA-384 and SHA-512 are also defined in FIPS 180-2. FIPS
|
8
|
+
* standards can be found at:
|
9
|
+
* http://csrc.nist.gov/publications/fips/
|
10
|
+
*
|
11
|
+
* ==========================(LICENSE BEGIN)============================
|
12
|
+
*
|
13
|
+
* Copyright (c) 2007-2010 Projet RNRT SAPHIR
|
14
|
+
*
|
15
|
+
* Permission is hereby granted, free of charge, to any person obtaining
|
16
|
+
* a copy of this software and associated documentation files (the
|
17
|
+
* "Software"), to deal in the Software without restriction, including
|
18
|
+
* without limitation the rights to use, copy, modify, merge, publish,
|
19
|
+
* distribute, sublicense, and/or sell copies of the Software, and to
|
20
|
+
* permit persons to whom the Software is furnished to do so, subject to
|
21
|
+
* the following conditions:
|
22
|
+
*
|
23
|
+
* The above copyright notice and this permission notice shall be
|
24
|
+
* included in all copies or substantial portions of the Software.
|
25
|
+
*
|
26
|
+
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
27
|
+
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
28
|
+
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
29
|
+
* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
30
|
+
* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
31
|
+
* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
32
|
+
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
33
|
+
*
|
34
|
+
* ===========================(LICENSE END)=============================
|
35
|
+
*
|
36
|
+
* @file sph_sha2.h
|
37
|
+
* @author Thomas Pornin <thomas.pornin@cryptolog.com>
|
38
|
+
*/
|
39
|
+
|
40
|
+
#ifndef SPH_SHA2_H__
|
41
|
+
#define SPH_SHA2_H__
|
42
|
+
|
43
|
+
#ifdef __cplusplus
|
44
|
+
extern "C" {
|
45
|
+
#endif
|
46
|
+
|
47
|
+
#include <stddef.h>
|
48
|
+
#include "sph_types.h"
|
49
|
+
|
50
|
+
/**
|
51
|
+
* Output size (in bits) for SHA-224.
|
52
|
+
*/
|
53
|
+
#define SPH_SIZE_sha224 224
|
54
|
+
|
55
|
+
/**
|
56
|
+
* Output size (in bits) for SHA-256.
|
57
|
+
*/
|
58
|
+
#define SPH_SIZE_sha256 256
|
59
|
+
|
60
|
+
/**
|
61
|
+
* This structure is a context for SHA-224 computations: it contains the
|
62
|
+
* intermediate values and some data from the last entered block. Once
|
63
|
+
* a SHA-224 computation has been performed, the context can be reused for
|
64
|
+
* another computation.
|
65
|
+
*
|
66
|
+
* The contents of this structure are private. A running SHA-224 computation
|
67
|
+
* can be cloned by copying the context (e.g. with a simple
|
68
|
+
* <code>memcpy()</code>).
|
69
|
+
*/
|
70
|
+
typedef struct {
|
71
|
+
#ifndef DOXYGEN_IGNORE
|
72
|
+
unsigned char buf[64]; /* first field, for alignment */
|
73
|
+
sph_u32 val[8];
|
74
|
+
#if SPH_64
|
75
|
+
sph_u64 count;
|
76
|
+
#else
|
77
|
+
sph_u32 count_high, count_low;
|
78
|
+
#endif
|
79
|
+
#endif
|
80
|
+
} sph_sha224_context;
|
81
|
+
|
82
|
+
/**
|
83
|
+
* This structure is a context for SHA-256 computations. It is identical
|
84
|
+
* to the SHA-224 context. However, a context is initialized for SHA-224
|
85
|
+
* <strong>or</strong> SHA-256, but not both (the internal IV is not the
|
86
|
+
* same).
|
87
|
+
*/
|
88
|
+
typedef sph_sha224_context sph_sha256_context;
|
89
|
+
|
90
|
+
/**
|
91
|
+
* Initialize a SHA-224 context. This process performs no memory allocation.
|
92
|
+
*
|
93
|
+
* @param cc the SHA-224 context (pointer to
|
94
|
+
* a <code>sph_sha224_context</code>)
|
95
|
+
*/
|
96
|
+
void sph_sha224_init(void *cc);
|
97
|
+
|
98
|
+
/**
|
99
|
+
* Process some data bytes. It is acceptable that <code>len</code> is zero
|
100
|
+
* (in which case this function does nothing).
|
101
|
+
*
|
102
|
+
* @param cc the SHA-224 context
|
103
|
+
* @param data the input data
|
104
|
+
* @param len the input data length (in bytes)
|
105
|
+
*/
|
106
|
+
void sph_sha224(void *cc, const void *data, size_t len);
|
107
|
+
|
108
|
+
/**
|
109
|
+
* Terminate the current SHA-224 computation and output the result into the
|
110
|
+
* provided buffer. The destination buffer must be wide enough to
|
111
|
+
* accomodate the result (28 bytes). The context is automatically
|
112
|
+
* reinitialized.
|
113
|
+
*
|
114
|
+
* @param cc the SHA-224 context
|
115
|
+
* @param dst the destination buffer
|
116
|
+
*/
|
117
|
+
void sph_sha224_close(void *cc, void *dst);
|
118
|
+
|
119
|
+
/**
|
120
|
+
* Add a few additional bits (0 to 7) to the current computation, then
|
121
|
+
* terminate it and output the result in the provided buffer, which must
|
122
|
+
* be wide enough to accomodate the result (28 bytes). If bit number i
|
123
|
+
* in <code>ub</code> has value 2^i, then the extra bits are those
|
124
|
+
* numbered 7 downto 8-n (this is the big-endian convention at the byte
|
125
|
+
* level). The context is automatically reinitialized.
|
126
|
+
*
|
127
|
+
* @param cc the SHA-224 context
|
128
|
+
* @param ub the extra bits
|
129
|
+
* @param n the number of extra bits (0 to 7)
|
130
|
+
* @param dst the destination buffer
|
131
|
+
*/
|
132
|
+
void sph_sha224_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst);
|
133
|
+
|
134
|
+
/**
|
135
|
+
* Apply the SHA-224 compression function on the provided data. The
|
136
|
+
* <code>msg</code> parameter contains the 16 32-bit input blocks,
|
137
|
+
* as numerical values (hence after the big-endian decoding). The
|
138
|
+
* <code>val</code> parameter contains the 8 32-bit input blocks for
|
139
|
+
* the compression function; the output is written in place in this
|
140
|
+
* array.
|
141
|
+
*
|
142
|
+
* @param msg the message block (16 values)
|
143
|
+
* @param val the function 256-bit input and output
|
144
|
+
*/
|
145
|
+
void sph_sha224_comp(const sph_u32 msg[16], sph_u32 val[8]);
|
146
|
+
|
147
|
+
/**
|
148
|
+
* Initialize a SHA-256 context. This process performs no memory allocation.
|
149
|
+
*
|
150
|
+
* @param cc the SHA-256 context (pointer to
|
151
|
+
* a <code>sph_sha256_context</code>)
|
152
|
+
*/
|
153
|
+
void sph_sha256_init(void *cc);
|
154
|
+
|
155
|
+
#ifdef DOXYGEN_IGNORE
|
156
|
+
/**
|
157
|
+
* Process some data bytes, for SHA-256. This function is identical to
|
158
|
+
* <code>sha_224()</code>
|
159
|
+
*
|
160
|
+
* @param cc the SHA-224 context
|
161
|
+
* @param data the input data
|
162
|
+
* @param len the input data length (in bytes)
|
163
|
+
*/
|
164
|
+
void sph_sha256(void *cc, const void *data, size_t len);
|
165
|
+
#endif
|
166
|
+
|
167
|
+
#ifndef DOXYGEN_IGNORE
|
168
|
+
#define sph_sha256 sph_sha224
|
169
|
+
#endif
|
170
|
+
|
171
|
+
/**
|
172
|
+
* Terminate the current SHA-256 computation and output the result into the
|
173
|
+
* provided buffer. The destination buffer must be wide enough to
|
174
|
+
* accomodate the result (32 bytes). The context is automatically
|
175
|
+
* reinitialized.
|
176
|
+
*
|
177
|
+
* @param cc the SHA-256 context
|
178
|
+
* @param dst the destination buffer
|
179
|
+
*/
|
180
|
+
void sph_sha256_close(void *cc, void *dst);
|
181
|
+
|
182
|
+
/**
|
183
|
+
* Add a few additional bits (0 to 7) to the current computation, then
|
184
|
+
* terminate it and output the result in the provided buffer, which must
|
185
|
+
* be wide enough to accomodate the result (32 bytes). If bit number i
|
186
|
+
* in <code>ub</code> has value 2^i, then the extra bits are those
|
187
|
+
* numbered 7 downto 8-n (this is the big-endian convention at the byte
|
188
|
+
* level). The context is automatically reinitialized.
|
189
|
+
*
|
190
|
+
* @param cc the SHA-256 context
|
191
|
+
* @param ub the extra bits
|
192
|
+
* @param n the number of extra bits (0 to 7)
|
193
|
+
* @param dst the destination buffer
|
194
|
+
*/
|
195
|
+
void sph_sha256_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst);
|
196
|
+
|
197
|
+
#ifdef DOXYGEN_IGNORE
|
198
|
+
/**
|
199
|
+
* Apply the SHA-256 compression function on the provided data. This
|
200
|
+
* function is identical to <code>sha224_comp()</code>.
|
201
|
+
*
|
202
|
+
* @param msg the message block (16 values)
|
203
|
+
* @param val the function 256-bit input and output
|
204
|
+
*/
|
205
|
+
void sph_sha256_comp(const sph_u32 msg[16], sph_u32 val[8]);
|
206
|
+
#endif
|
207
|
+
|
208
|
+
#ifndef DOXYGEN_IGNORE
|
209
|
+
#define sph_sha256_comp sph_sha224_comp
|
210
|
+
#endif
|
211
|
+
|
212
|
+
#if SPH_64
|
213
|
+
|
214
|
+
/**
|
215
|
+
* Output size (in bits) for SHA-384.
|
216
|
+
*/
|
217
|
+
#define SPH_SIZE_sha384 384
|
218
|
+
|
219
|
+
/**
|
220
|
+
* Output size (in bits) for SHA-512.
|
221
|
+
*/
|
222
|
+
#define SPH_SIZE_sha512 512
|
223
|
+
|
224
|
+
/**
|
225
|
+
* This structure is a context for SHA-384 computations: it contains the
|
226
|
+
* intermediate values and some data from the last entered block. Once
|
227
|
+
* a SHA-384 computation has been performed, the context can be reused for
|
228
|
+
* another computation.
|
229
|
+
*
|
230
|
+
* The contents of this structure are private. A running SHA-384 computation
|
231
|
+
* can be cloned by copying the context (e.g. with a simple
|
232
|
+
* <code>memcpy()</code>).
|
233
|
+
*/
|
234
|
+
typedef struct {
|
235
|
+
#ifndef DOXYGEN_IGNORE
|
236
|
+
unsigned char buf[128]; /* first field, for alignment */
|
237
|
+
sph_u64 val[8];
|
238
|
+
sph_u64 count;
|
239
|
+
#endif
|
240
|
+
} sph_sha384_context;
|
241
|
+
|
242
|
+
/**
|
243
|
+
* Initialize a SHA-384 context. This process performs no memory allocation.
|
244
|
+
*
|
245
|
+
* @param cc the SHA-384 context (pointer to
|
246
|
+
* a <code>sph_sha384_context</code>)
|
247
|
+
*/
|
248
|
+
void sph_sha384_init(void *cc);
|
249
|
+
|
250
|
+
/**
|
251
|
+
* Process some data bytes. It is acceptable that <code>len</code> is zero
|
252
|
+
* (in which case this function does nothing).
|
253
|
+
*
|
254
|
+
* @param cc the SHA-384 context
|
255
|
+
* @param data the input data
|
256
|
+
* @param len the input data length (in bytes)
|
257
|
+
*/
|
258
|
+
void sph_sha384(void *cc, const void *data, size_t len);
|
259
|
+
|
260
|
+
/**
|
261
|
+
* Terminate the current SHA-384 computation and output the result into the
|
262
|
+
* provided buffer. The destination buffer must be wide enough to
|
263
|
+
* accomodate the result (48 bytes). The context is automatically
|
264
|
+
* reinitialized.
|
265
|
+
*
|
266
|
+
* @param cc the SHA-384 context
|
267
|
+
* @param dst the destination buffer
|
268
|
+
*/
|
269
|
+
void sph_sha384_close(void *cc, void *dst);
|
270
|
+
|
271
|
+
/**
|
272
|
+
* Add a few additional bits (0 to 7) to the current computation, then
|
273
|
+
* terminate it and output the result in the provided buffer, which must
|
274
|
+
* be wide enough to accomodate the result (48 bytes). If bit number i
|
275
|
+
* in <code>ub</code> has value 2^i, then the extra bits are those
|
276
|
+
* numbered 7 downto 8-n (this is the big-endian convention at the byte
|
277
|
+
* level). The context is automatically reinitialized.
|
278
|
+
*
|
279
|
+
* @param cc the SHA-384 context
|
280
|
+
* @param ub the extra bits
|
281
|
+
* @param n the number of extra bits (0 to 7)
|
282
|
+
* @param dst the destination buffer
|
283
|
+
*/
|
284
|
+
void sph_sha384_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst);
|
285
|
+
|
286
|
+
/**
|
287
|
+
* Apply the SHA-384 compression function on the provided data. The
|
288
|
+
* <code>msg</code> parameter contains the 16 64-bit input blocks,
|
289
|
+
* as numerical values (hence after the big-endian decoding). The
|
290
|
+
* <code>val</code> parameter contains the 8 64-bit input blocks for
|
291
|
+
* the compression function; the output is written in place in this
|
292
|
+
* array.
|
293
|
+
*
|
294
|
+
* @param msg the message block (16 values)
|
295
|
+
* @param val the function 512-bit input and output
|
296
|
+
*/
|
297
|
+
void sph_sha384_comp(const sph_u64 msg[16], sph_u64 val[8]);
|
298
|
+
|
299
|
+
/**
|
300
|
+
* This structure is a context for SHA-512 computations. It is identical
|
301
|
+
* to the SHA-384 context. However, a context is initialized for SHA-384
|
302
|
+
* <strong>or</strong> SHA-512, but not both (the internal IV is not the
|
303
|
+
* same).
|
304
|
+
*/
|
305
|
+
typedef sph_sha384_context sph_sha512_context;
|
306
|
+
|
307
|
+
/**
|
308
|
+
* Initialize a SHA-512 context. This process performs no memory allocation.
|
309
|
+
*
|
310
|
+
* @param cc the SHA-512 context (pointer to
|
311
|
+
* a <code>sph_sha512_context</code>)
|
312
|
+
*/
|
313
|
+
void sph_sha512_init(void *cc);
|
314
|
+
|
315
|
+
#ifdef DOXYGEN_IGNORE
|
316
|
+
/**
|
317
|
+
* Process some data bytes, for SHA-512. This function is identical to
|
318
|
+
* <code>sph_sha384()</code>.
|
319
|
+
*
|
320
|
+
* @param cc the SHA-384 context
|
321
|
+
* @param data the input data
|
322
|
+
* @param len the input data length (in bytes)
|
323
|
+
*/
|
324
|
+
void sph_sha512(void *cc, const void *data, size_t len);
|
325
|
+
#endif
|
326
|
+
|
327
|
+
#ifndef DOXYGEN_IGNORE
|
328
|
+
#define sph_sha512 sph_sha384
|
329
|
+
#endif
|
330
|
+
|
331
|
+
/**
|
332
|
+
* Terminate the current SHA-512 computation and output the result into the
|
333
|
+
* provided buffer. The destination buffer must be wide enough to
|
334
|
+
* accomodate the result (64 bytes). The context is automatically
|
335
|
+
* reinitialized.
|
336
|
+
*
|
337
|
+
* @param cc the SHA-512 context
|
338
|
+
* @param dst the destination buffer
|
339
|
+
*/
|
340
|
+
void sph_sha512_close(void *cc, void *dst);
|
341
|
+
|
342
|
+
/**
|
343
|
+
* Add a few additional bits (0 to 7) to the current computation, then
|
344
|
+
* terminate it and output the result in the provided buffer, which must
|
345
|
+
* be wide enough to accomodate the result (64 bytes). If bit number i
|
346
|
+
* in <code>ub</code> has value 2^i, then the extra bits are those
|
347
|
+
* numbered 7 downto 8-n (this is the big-endian convention at the byte
|
348
|
+
* level). The context is automatically reinitialized.
|
349
|
+
*
|
350
|
+
* @param cc the SHA-512 context
|
351
|
+
* @param ub the extra bits
|
352
|
+
* @param n the number of extra bits (0 to 7)
|
353
|
+
* @param dst the destination buffer
|
354
|
+
*/
|
355
|
+
void sph_sha512_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst);
|
356
|
+
|
357
|
+
#ifdef DOXYGEN_IGNORE
|
358
|
+
/**
|
359
|
+
* Apply the SHA-512 compression function. This function is identical to
|
360
|
+
* <code>sph_sha384_comp()</code>.
|
361
|
+
*
|
362
|
+
* @param msg the message block (16 values)
|
363
|
+
* @param val the function 512-bit input and output
|
364
|
+
*/
|
365
|
+
void sph_sha512_comp(const sph_u64 msg[16], sph_u64 val[8]);
|
366
|
+
#endif
|
367
|
+
|
368
|
+
#ifndef DOXYGEN_IGNORE
|
369
|
+
#define sph_sha512_comp sph_sha384_comp
|
370
|
+
#endif
|
371
|
+
|
372
|
+
#endif
|
373
|
+
|
374
|
+
#ifdef __cplusplus
|
375
|
+
}
|
376
|
+
#endif
|
377
|
+
|
378
|
+
#endif
|