ttcrypt 0.0.7 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +23 -10
- data/ext/ttcrypt/byte_buffer.h +2 -2
- data/ext/ttcrypt/extconf.rb +4 -4
- data/ext/ttcrypt/md_helper._c +346 -0
- data/ext/ttcrypt/sha1.cpp +1 -1
- data/ext/ttcrypt/sha512.c +247 -0
- data/ext/ttcrypt/sph_sha2.h +378 -0
- data/ext/ttcrypt/sph_types.h +1976 -0
- data/ext/ttcrypt/ttcrypt.cpp +13 -0
- data/ext/ttcrypt/ttcrypt.h +2 -1
- data/ext/ttcrypt/ttcrypt_ruby.cpp +40 -0
- data/lib/ttcrypt.rb +60 -6
- data/lib/ttcrypt/version.rb +1 -1
- data/spec/bigint_tools_spec.rb +15 -0
- data/spec/spec_helper.rb +17 -1
- data/spec/ttcrypt_spec.rb +162 -157
- metadata +9 -3
data/ext/ttcrypt/sha1.cpp
CHANGED
@@ -39,7 +39,7 @@ namespace sha1
|
|
39
39
|
namespace // local
|
40
40
|
{
|
41
41
|
// Rotate an integer value to left.
|
42
|
-
inline
|
42
|
+
inline unsigned int rol(const unsigned int value,
|
43
43
|
const unsigned int steps)
|
44
44
|
{
|
45
45
|
return ((value << steps) | (value >> (32 - steps)));
|
@@ -0,0 +1,247 @@
|
|
1
|
+
/* $Id: sha2big.c 216 2010-06-08 09:46:57Z tp $ */
|
2
|
+
/*
|
3
|
+
* SHA-384 / SHA-512 implementation.
|
4
|
+
*
|
5
|
+
* ==========================(LICENSE BEGIN)============================
|
6
|
+
*
|
7
|
+
* Copyright (c) 2007-2010 Projet RNRT SAPHIR
|
8
|
+
*
|
9
|
+
* Permission is hereby granted, free of charge, to any person obtaining
|
10
|
+
* a copy of this software and associated documentation files (the
|
11
|
+
* "Software"), to deal in the Software without restriction, including
|
12
|
+
* without limitation the rights to use, copy, modify, merge, publish,
|
13
|
+
* distribute, sublicense, and/or sell copies of the Software, and to
|
14
|
+
* permit persons to whom the Software is furnished to do so, subject to
|
15
|
+
* the following conditions:
|
16
|
+
*
|
17
|
+
* The above copyright notice and this permission notice shall be
|
18
|
+
* included in all copies or substantial portions of the Software.
|
19
|
+
*
|
20
|
+
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
21
|
+
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
22
|
+
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
23
|
+
* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
24
|
+
* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
25
|
+
* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
26
|
+
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
27
|
+
*
|
28
|
+
* ===========================(LICENSE END)=============================
|
29
|
+
*
|
30
|
+
* @author Thomas Pornin <thomas.pornin@cryptolog.com>
|
31
|
+
*/
|
32
|
+
|
33
|
+
#include <stddef.h>
|
34
|
+
#include <string.h>
|
35
|
+
|
36
|
+
#include "sph_sha2.h"
|
37
|
+
|
38
|
+
#if SPH_64
|
39
|
+
|
40
|
+
#define CH(X, Y, Z) ((((Y) ^ (Z)) & (X)) ^ (Z))
|
41
|
+
#define MAJ(X, Y, Z) (((X) & (Y)) | (((X) | (Y)) & (Z)))
|
42
|
+
|
43
|
+
#define ROTR64 SPH_ROTR64
|
44
|
+
|
45
|
+
#define BSG5_0(x) (ROTR64(x, 28) ^ ROTR64(x, 34) ^ ROTR64(x, 39))
|
46
|
+
#define BSG5_1(x) (ROTR64(x, 14) ^ ROTR64(x, 18) ^ ROTR64(x, 41))
|
47
|
+
#define SSG5_0(x) (ROTR64(x, 1) ^ ROTR64(x, 8) ^ SPH_T64((x) >> 7))
|
48
|
+
#define SSG5_1(x) (ROTR64(x, 19) ^ ROTR64(x, 61) ^ SPH_T64((x) >> 6))
|
49
|
+
|
50
|
+
static const sph_u64 K512[80] = {
|
51
|
+
SPH_C64(0x428A2F98D728AE22), SPH_C64(0x7137449123EF65CD),
|
52
|
+
SPH_C64(0xB5C0FBCFEC4D3B2F), SPH_C64(0xE9B5DBA58189DBBC),
|
53
|
+
SPH_C64(0x3956C25BF348B538), SPH_C64(0x59F111F1B605D019),
|
54
|
+
SPH_C64(0x923F82A4AF194F9B), SPH_C64(0xAB1C5ED5DA6D8118),
|
55
|
+
SPH_C64(0xD807AA98A3030242), SPH_C64(0x12835B0145706FBE),
|
56
|
+
SPH_C64(0x243185BE4EE4B28C), SPH_C64(0x550C7DC3D5FFB4E2),
|
57
|
+
SPH_C64(0x72BE5D74F27B896F), SPH_C64(0x80DEB1FE3B1696B1),
|
58
|
+
SPH_C64(0x9BDC06A725C71235), SPH_C64(0xC19BF174CF692694),
|
59
|
+
SPH_C64(0xE49B69C19EF14AD2), SPH_C64(0xEFBE4786384F25E3),
|
60
|
+
SPH_C64(0x0FC19DC68B8CD5B5), SPH_C64(0x240CA1CC77AC9C65),
|
61
|
+
SPH_C64(0x2DE92C6F592B0275), SPH_C64(0x4A7484AA6EA6E483),
|
62
|
+
SPH_C64(0x5CB0A9DCBD41FBD4), SPH_C64(0x76F988DA831153B5),
|
63
|
+
SPH_C64(0x983E5152EE66DFAB), SPH_C64(0xA831C66D2DB43210),
|
64
|
+
SPH_C64(0xB00327C898FB213F), SPH_C64(0xBF597FC7BEEF0EE4),
|
65
|
+
SPH_C64(0xC6E00BF33DA88FC2), SPH_C64(0xD5A79147930AA725),
|
66
|
+
SPH_C64(0x06CA6351E003826F), SPH_C64(0x142929670A0E6E70),
|
67
|
+
SPH_C64(0x27B70A8546D22FFC), SPH_C64(0x2E1B21385C26C926),
|
68
|
+
SPH_C64(0x4D2C6DFC5AC42AED), SPH_C64(0x53380D139D95B3DF),
|
69
|
+
SPH_C64(0x650A73548BAF63DE), SPH_C64(0x766A0ABB3C77B2A8),
|
70
|
+
SPH_C64(0x81C2C92E47EDAEE6), SPH_C64(0x92722C851482353B),
|
71
|
+
SPH_C64(0xA2BFE8A14CF10364), SPH_C64(0xA81A664BBC423001),
|
72
|
+
SPH_C64(0xC24B8B70D0F89791), SPH_C64(0xC76C51A30654BE30),
|
73
|
+
SPH_C64(0xD192E819D6EF5218), SPH_C64(0xD69906245565A910),
|
74
|
+
SPH_C64(0xF40E35855771202A), SPH_C64(0x106AA07032BBD1B8),
|
75
|
+
SPH_C64(0x19A4C116B8D2D0C8), SPH_C64(0x1E376C085141AB53),
|
76
|
+
SPH_C64(0x2748774CDF8EEB99), SPH_C64(0x34B0BCB5E19B48A8),
|
77
|
+
SPH_C64(0x391C0CB3C5C95A63), SPH_C64(0x4ED8AA4AE3418ACB),
|
78
|
+
SPH_C64(0x5B9CCA4F7763E373), SPH_C64(0x682E6FF3D6B2B8A3),
|
79
|
+
SPH_C64(0x748F82EE5DEFB2FC), SPH_C64(0x78A5636F43172F60),
|
80
|
+
SPH_C64(0x84C87814A1F0AB72), SPH_C64(0x8CC702081A6439EC),
|
81
|
+
SPH_C64(0x90BEFFFA23631E28), SPH_C64(0xA4506CEBDE82BDE9),
|
82
|
+
SPH_C64(0xBEF9A3F7B2C67915), SPH_C64(0xC67178F2E372532B),
|
83
|
+
SPH_C64(0xCA273ECEEA26619C), SPH_C64(0xD186B8C721C0C207),
|
84
|
+
SPH_C64(0xEADA7DD6CDE0EB1E), SPH_C64(0xF57D4F7FEE6ED178),
|
85
|
+
SPH_C64(0x06F067AA72176FBA), SPH_C64(0x0A637DC5A2C898A6),
|
86
|
+
SPH_C64(0x113F9804BEF90DAE), SPH_C64(0x1B710B35131C471B),
|
87
|
+
SPH_C64(0x28DB77F523047D84), SPH_C64(0x32CAAB7B40C72493),
|
88
|
+
SPH_C64(0x3C9EBE0A15C9BEBC), SPH_C64(0x431D67C49C100D4C),
|
89
|
+
SPH_C64(0x4CC5D4BECB3E42B6), SPH_C64(0x597F299CFC657E2A),
|
90
|
+
SPH_C64(0x5FCB6FAB3AD6FAEC), SPH_C64(0x6C44198C4A475817)
|
91
|
+
};
|
92
|
+
|
93
|
+
static const sph_u64 H384[8] = {
|
94
|
+
SPH_C64(0xCBBB9D5DC1059ED8), SPH_C64(0x629A292A367CD507),
|
95
|
+
SPH_C64(0x9159015A3070DD17), SPH_C64(0x152FECD8F70E5939),
|
96
|
+
SPH_C64(0x67332667FFC00B31), SPH_C64(0x8EB44A8768581511),
|
97
|
+
SPH_C64(0xDB0C2E0D64F98FA7), SPH_C64(0x47B5481DBEFA4FA4)
|
98
|
+
};
|
99
|
+
|
100
|
+
static const sph_u64 H512[8] = {
|
101
|
+
SPH_C64(0x6A09E667F3BCC908), SPH_C64(0xBB67AE8584CAA73B),
|
102
|
+
SPH_C64(0x3C6EF372FE94F82B), SPH_C64(0xA54FF53A5F1D36F1),
|
103
|
+
SPH_C64(0x510E527FADE682D1), SPH_C64(0x9B05688C2B3E6C1F),
|
104
|
+
SPH_C64(0x1F83D9ABFB41BD6B), SPH_C64(0x5BE0CD19137E2179)
|
105
|
+
};
|
106
|
+
|
107
|
+
/*
|
108
|
+
* This macro defines the body for a SHA-384 / SHA-512 compression function
|
109
|
+
* implementation. The "in" parameter should evaluate, when applied to a
|
110
|
+
* numerical input parameter from 0 to 15, to an expression which yields
|
111
|
+
* the corresponding input block. The "r" parameter should evaluate to
|
112
|
+
* an array or pointer expression designating the array of 8 words which
|
113
|
+
* contains the input and output of the compression function.
|
114
|
+
*
|
115
|
+
* SHA-512 is hard for the compiler. If the loop is completely unrolled,
|
116
|
+
* then the code will be quite huge (possibly more than 100 kB), and the
|
117
|
+
* performance will be degraded due to cache misses on the code. We
|
118
|
+
* unroll only eight steps, which avoids all needless copies when
|
119
|
+
* 64-bit registers are swapped.
|
120
|
+
*/
|
121
|
+
|
122
|
+
#define SHA3_STEP(A, B, C, D, E, F, G, H, i) do { \
|
123
|
+
sph_u64 T1, T2; \
|
124
|
+
T1 = SPH_T64(H + BSG5_1(E) + CH(E, F, G) + K512[i] + W[i]); \
|
125
|
+
T2 = SPH_T64(BSG5_0(A) + MAJ(A, B, C)); \
|
126
|
+
D = SPH_T64(D + T1); \
|
127
|
+
H = SPH_T64(T1 + T2); \
|
128
|
+
} while (0)
|
129
|
+
|
130
|
+
#define SHA3_ROUND_BODY(in, r) do { \
|
131
|
+
int i; \
|
132
|
+
sph_u64 A, B, C, D, E, F, G, H; \
|
133
|
+
sph_u64 W[80]; \
|
134
|
+
\
|
135
|
+
for (i = 0; i < 16; i ++) \
|
136
|
+
W[i] = in(i); \
|
137
|
+
for (i = 16; i < 80; i ++) \
|
138
|
+
W[i] = SPH_T64(SSG5_1(W[i - 2]) + W[i - 7] \
|
139
|
+
+ SSG5_0(W[i - 15]) + W[i - 16]); \
|
140
|
+
A = (r)[0]; \
|
141
|
+
B = (r)[1]; \
|
142
|
+
C = (r)[2]; \
|
143
|
+
D = (r)[3]; \
|
144
|
+
E = (r)[4]; \
|
145
|
+
F = (r)[5]; \
|
146
|
+
G = (r)[6]; \
|
147
|
+
H = (r)[7]; \
|
148
|
+
for (i = 0; i < 80; i += 8) { \
|
149
|
+
SHA3_STEP(A, B, C, D, E, F, G, H, i + 0); \
|
150
|
+
SHA3_STEP(H, A, B, C, D, E, F, G, i + 1); \
|
151
|
+
SHA3_STEP(G, H, A, B, C, D, E, F, i + 2); \
|
152
|
+
SHA3_STEP(F, G, H, A, B, C, D, E, i + 3); \
|
153
|
+
SHA3_STEP(E, F, G, H, A, B, C, D, i + 4); \
|
154
|
+
SHA3_STEP(D, E, F, G, H, A, B, C, i + 5); \
|
155
|
+
SHA3_STEP(C, D, E, F, G, H, A, B, i + 6); \
|
156
|
+
SHA3_STEP(B, C, D, E, F, G, H, A, i + 7); \
|
157
|
+
} \
|
158
|
+
(r)[0] = SPH_T64((r)[0] + A); \
|
159
|
+
(r)[1] = SPH_T64((r)[1] + B); \
|
160
|
+
(r)[2] = SPH_T64((r)[2] + C); \
|
161
|
+
(r)[3] = SPH_T64((r)[3] + D); \
|
162
|
+
(r)[4] = SPH_T64((r)[4] + E); \
|
163
|
+
(r)[5] = SPH_T64((r)[5] + F); \
|
164
|
+
(r)[6] = SPH_T64((r)[6] + G); \
|
165
|
+
(r)[7] = SPH_T64((r)[7] + H); \
|
166
|
+
} while (0)
|
167
|
+
|
168
|
+
/*
|
169
|
+
* One round of SHA-384 / SHA-512. The data must be aligned for 64-bit access.
|
170
|
+
*/
|
171
|
+
static void
|
172
|
+
sha3_round(const unsigned char *data, sph_u64 r[8])
|
173
|
+
{
|
174
|
+
#define SHA3_IN(x) sph_dec64be_aligned(data + (8 * (x)))
|
175
|
+
SHA3_ROUND_BODY(SHA3_IN, r);
|
176
|
+
#undef SHA3_IN
|
177
|
+
}
|
178
|
+
|
179
|
+
/* see sph_sha3.h */
|
180
|
+
void
|
181
|
+
sph_sha384_init(void *cc)
|
182
|
+
{
|
183
|
+
sph_sha384_context *sc;
|
184
|
+
|
185
|
+
sc = cc;
|
186
|
+
memcpy(sc->val, H384, sizeof H384);
|
187
|
+
sc->count = 0;
|
188
|
+
}
|
189
|
+
|
190
|
+
/* see sph_sha3.h */
|
191
|
+
void
|
192
|
+
sph_sha512_init(void *cc)
|
193
|
+
{
|
194
|
+
sph_sha512_context *sc;
|
195
|
+
|
196
|
+
sc = cc;
|
197
|
+
memcpy(sc->val, H512, sizeof H512);
|
198
|
+
sc->count = 0;
|
199
|
+
}
|
200
|
+
|
201
|
+
#define RFUN sha3_round
|
202
|
+
#define HASH sha384
|
203
|
+
#define BE64 1
|
204
|
+
#include "md_helper._c"
|
205
|
+
|
206
|
+
/* see sph_sha3.h */
|
207
|
+
void
|
208
|
+
sph_sha384_close(void *cc, void *dst)
|
209
|
+
{
|
210
|
+
sha384_close(cc, dst, 6);
|
211
|
+
sph_sha384_init(cc);
|
212
|
+
}
|
213
|
+
|
214
|
+
/* see sph_sha3.h */
|
215
|
+
void
|
216
|
+
sph_sha384_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst)
|
217
|
+
{
|
218
|
+
sha384_addbits_and_close(cc, ub, n, dst, 6);
|
219
|
+
sph_sha384_init(cc);
|
220
|
+
}
|
221
|
+
|
222
|
+
/* see sph_sha3.h */
|
223
|
+
void
|
224
|
+
sph_sha512_close(void *cc, void *dst)
|
225
|
+
{
|
226
|
+
sha384_close(cc, dst, 8);
|
227
|
+
sph_sha512_init(cc);
|
228
|
+
}
|
229
|
+
|
230
|
+
/* see sph_sha3.h */
|
231
|
+
void
|
232
|
+
sph_sha512_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst)
|
233
|
+
{
|
234
|
+
sha384_addbits_and_close(cc, ub, n, dst, 8);
|
235
|
+
sph_sha512_init(cc);
|
236
|
+
}
|
237
|
+
|
238
|
+
/* see sph_sha3.h */
|
239
|
+
void
|
240
|
+
sph_sha384_comp(const sph_u64 msg[16], sph_u64 val[8])
|
241
|
+
{
|
242
|
+
#define SHA3_IN(x) msg[x]
|
243
|
+
SHA3_ROUND_BODY(SHA3_IN, val);
|
244
|
+
#undef SHA3_IN
|
245
|
+
}
|
246
|
+
|
247
|
+
#endif
|
@@ -0,0 +1,378 @@
|
|
1
|
+
/* $Id: sph_sha2.h 216 2010-06-08 09:46:57Z tp $ */
|
2
|
+
/**
|
3
|
+
* SHA-224, SHA-256, SHA-384 and SHA-512 interface.
|
4
|
+
*
|
5
|
+
* SHA-256 has been published in FIPS 180-2, now amended with a change
|
6
|
+
* notice to include SHA-224 as well (which is a simple variation on
|
7
|
+
* SHA-256). SHA-384 and SHA-512 are also defined in FIPS 180-2. FIPS
|
8
|
+
* standards can be found at:
|
9
|
+
* http://csrc.nist.gov/publications/fips/
|
10
|
+
*
|
11
|
+
* ==========================(LICENSE BEGIN)============================
|
12
|
+
*
|
13
|
+
* Copyright (c) 2007-2010 Projet RNRT SAPHIR
|
14
|
+
*
|
15
|
+
* Permission is hereby granted, free of charge, to any person obtaining
|
16
|
+
* a copy of this software and associated documentation files (the
|
17
|
+
* "Software"), to deal in the Software without restriction, including
|
18
|
+
* without limitation the rights to use, copy, modify, merge, publish,
|
19
|
+
* distribute, sublicense, and/or sell copies of the Software, and to
|
20
|
+
* permit persons to whom the Software is furnished to do so, subject to
|
21
|
+
* the following conditions:
|
22
|
+
*
|
23
|
+
* The above copyright notice and this permission notice shall be
|
24
|
+
* included in all copies or substantial portions of the Software.
|
25
|
+
*
|
26
|
+
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
27
|
+
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
28
|
+
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
29
|
+
* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
30
|
+
* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
31
|
+
* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
32
|
+
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
33
|
+
*
|
34
|
+
* ===========================(LICENSE END)=============================
|
35
|
+
*
|
36
|
+
* @file sph_sha2.h
|
37
|
+
* @author Thomas Pornin <thomas.pornin@cryptolog.com>
|
38
|
+
*/
|
39
|
+
|
40
|
+
#ifndef SPH_SHA2_H__
|
41
|
+
#define SPH_SHA2_H__
|
42
|
+
|
43
|
+
#ifdef __cplusplus
|
44
|
+
extern "C" {
|
45
|
+
#endif
|
46
|
+
|
47
|
+
#include <stddef.h>
|
48
|
+
#include "sph_types.h"
|
49
|
+
|
50
|
+
/**
|
51
|
+
* Output size (in bits) for SHA-224.
|
52
|
+
*/
|
53
|
+
#define SPH_SIZE_sha224 224
|
54
|
+
|
55
|
+
/**
|
56
|
+
* Output size (in bits) for SHA-256.
|
57
|
+
*/
|
58
|
+
#define SPH_SIZE_sha256 256
|
59
|
+
|
60
|
+
/**
|
61
|
+
* This structure is a context for SHA-224 computations: it contains the
|
62
|
+
* intermediate values and some data from the last entered block. Once
|
63
|
+
* a SHA-224 computation has been performed, the context can be reused for
|
64
|
+
* another computation.
|
65
|
+
*
|
66
|
+
* The contents of this structure are private. A running SHA-224 computation
|
67
|
+
* can be cloned by copying the context (e.g. with a simple
|
68
|
+
* <code>memcpy()</code>).
|
69
|
+
*/
|
70
|
+
typedef struct {
|
71
|
+
#ifndef DOXYGEN_IGNORE
|
72
|
+
unsigned char buf[64]; /* first field, for alignment */
|
73
|
+
sph_u32 val[8];
|
74
|
+
#if SPH_64
|
75
|
+
sph_u64 count;
|
76
|
+
#else
|
77
|
+
sph_u32 count_high, count_low;
|
78
|
+
#endif
|
79
|
+
#endif
|
80
|
+
} sph_sha224_context;
|
81
|
+
|
82
|
+
/**
|
83
|
+
* This structure is a context for SHA-256 computations. It is identical
|
84
|
+
* to the SHA-224 context. However, a context is initialized for SHA-224
|
85
|
+
* <strong>or</strong> SHA-256, but not both (the internal IV is not the
|
86
|
+
* same).
|
87
|
+
*/
|
88
|
+
typedef sph_sha224_context sph_sha256_context;
|
89
|
+
|
90
|
+
/**
|
91
|
+
* Initialize a SHA-224 context. This process performs no memory allocation.
|
92
|
+
*
|
93
|
+
* @param cc the SHA-224 context (pointer to
|
94
|
+
* a <code>sph_sha224_context</code>)
|
95
|
+
*/
|
96
|
+
void sph_sha224_init(void *cc);
|
97
|
+
|
98
|
+
/**
|
99
|
+
* Process some data bytes. It is acceptable that <code>len</code> is zero
|
100
|
+
* (in which case this function does nothing).
|
101
|
+
*
|
102
|
+
* @param cc the SHA-224 context
|
103
|
+
* @param data the input data
|
104
|
+
* @param len the input data length (in bytes)
|
105
|
+
*/
|
106
|
+
void sph_sha224(void *cc, const void *data, size_t len);
|
107
|
+
|
108
|
+
/**
|
109
|
+
* Terminate the current SHA-224 computation and output the result into the
|
110
|
+
* provided buffer. The destination buffer must be wide enough to
|
111
|
+
* accomodate the result (28 bytes). The context is automatically
|
112
|
+
* reinitialized.
|
113
|
+
*
|
114
|
+
* @param cc the SHA-224 context
|
115
|
+
* @param dst the destination buffer
|
116
|
+
*/
|
117
|
+
void sph_sha224_close(void *cc, void *dst);
|
118
|
+
|
119
|
+
/**
|
120
|
+
* Add a few additional bits (0 to 7) to the current computation, then
|
121
|
+
* terminate it and output the result in the provided buffer, which must
|
122
|
+
* be wide enough to accomodate the result (28 bytes). If bit number i
|
123
|
+
* in <code>ub</code> has value 2^i, then the extra bits are those
|
124
|
+
* numbered 7 downto 8-n (this is the big-endian convention at the byte
|
125
|
+
* level). The context is automatically reinitialized.
|
126
|
+
*
|
127
|
+
* @param cc the SHA-224 context
|
128
|
+
* @param ub the extra bits
|
129
|
+
* @param n the number of extra bits (0 to 7)
|
130
|
+
* @param dst the destination buffer
|
131
|
+
*/
|
132
|
+
void sph_sha224_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst);
|
133
|
+
|
134
|
+
/**
|
135
|
+
* Apply the SHA-224 compression function on the provided data. The
|
136
|
+
* <code>msg</code> parameter contains the 16 32-bit input blocks,
|
137
|
+
* as numerical values (hence after the big-endian decoding). The
|
138
|
+
* <code>val</code> parameter contains the 8 32-bit input blocks for
|
139
|
+
* the compression function; the output is written in place in this
|
140
|
+
* array.
|
141
|
+
*
|
142
|
+
* @param msg the message block (16 values)
|
143
|
+
* @param val the function 256-bit input and output
|
144
|
+
*/
|
145
|
+
void sph_sha224_comp(const sph_u32 msg[16], sph_u32 val[8]);
|
146
|
+
|
147
|
+
/**
|
148
|
+
* Initialize a SHA-256 context. This process performs no memory allocation.
|
149
|
+
*
|
150
|
+
* @param cc the SHA-256 context (pointer to
|
151
|
+
* a <code>sph_sha256_context</code>)
|
152
|
+
*/
|
153
|
+
void sph_sha256_init(void *cc);
|
154
|
+
|
155
|
+
#ifdef DOXYGEN_IGNORE
|
156
|
+
/**
|
157
|
+
* Process some data bytes, for SHA-256. This function is identical to
|
158
|
+
* <code>sha_224()</code>
|
159
|
+
*
|
160
|
+
* @param cc the SHA-224 context
|
161
|
+
* @param data the input data
|
162
|
+
* @param len the input data length (in bytes)
|
163
|
+
*/
|
164
|
+
void sph_sha256(void *cc, const void *data, size_t len);
|
165
|
+
#endif
|
166
|
+
|
167
|
+
#ifndef DOXYGEN_IGNORE
|
168
|
+
#define sph_sha256 sph_sha224
|
169
|
+
#endif
|
170
|
+
|
171
|
+
/**
|
172
|
+
* Terminate the current SHA-256 computation and output the result into the
|
173
|
+
* provided buffer. The destination buffer must be wide enough to
|
174
|
+
* accomodate the result (32 bytes). The context is automatically
|
175
|
+
* reinitialized.
|
176
|
+
*
|
177
|
+
* @param cc the SHA-256 context
|
178
|
+
* @param dst the destination buffer
|
179
|
+
*/
|
180
|
+
void sph_sha256_close(void *cc, void *dst);
|
181
|
+
|
182
|
+
/**
|
183
|
+
* Add a few additional bits (0 to 7) to the current computation, then
|
184
|
+
* terminate it and output the result in the provided buffer, which must
|
185
|
+
* be wide enough to accomodate the result (32 bytes). If bit number i
|
186
|
+
* in <code>ub</code> has value 2^i, then the extra bits are those
|
187
|
+
* numbered 7 downto 8-n (this is the big-endian convention at the byte
|
188
|
+
* level). The context is automatically reinitialized.
|
189
|
+
*
|
190
|
+
* @param cc the SHA-256 context
|
191
|
+
* @param ub the extra bits
|
192
|
+
* @param n the number of extra bits (0 to 7)
|
193
|
+
* @param dst the destination buffer
|
194
|
+
*/
|
195
|
+
void sph_sha256_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst);
|
196
|
+
|
197
|
+
#ifdef DOXYGEN_IGNORE
|
198
|
+
/**
|
199
|
+
* Apply the SHA-256 compression function on the provided data. This
|
200
|
+
* function is identical to <code>sha224_comp()</code>.
|
201
|
+
*
|
202
|
+
* @param msg the message block (16 values)
|
203
|
+
* @param val the function 256-bit input and output
|
204
|
+
*/
|
205
|
+
void sph_sha256_comp(const sph_u32 msg[16], sph_u32 val[8]);
|
206
|
+
#endif
|
207
|
+
|
208
|
+
#ifndef DOXYGEN_IGNORE
|
209
|
+
#define sph_sha256_comp sph_sha224_comp
|
210
|
+
#endif
|
211
|
+
|
212
|
+
#if SPH_64
|
213
|
+
|
214
|
+
/**
|
215
|
+
* Output size (in bits) for SHA-384.
|
216
|
+
*/
|
217
|
+
#define SPH_SIZE_sha384 384
|
218
|
+
|
219
|
+
/**
|
220
|
+
* Output size (in bits) for SHA-512.
|
221
|
+
*/
|
222
|
+
#define SPH_SIZE_sha512 512
|
223
|
+
|
224
|
+
/**
|
225
|
+
* This structure is a context for SHA-384 computations: it contains the
|
226
|
+
* intermediate values and some data from the last entered block. Once
|
227
|
+
* a SHA-384 computation has been performed, the context can be reused for
|
228
|
+
* another computation.
|
229
|
+
*
|
230
|
+
* The contents of this structure are private. A running SHA-384 computation
|
231
|
+
* can be cloned by copying the context (e.g. with a simple
|
232
|
+
* <code>memcpy()</code>).
|
233
|
+
*/
|
234
|
+
typedef struct {
|
235
|
+
#ifndef DOXYGEN_IGNORE
|
236
|
+
unsigned char buf[128]; /* first field, for alignment */
|
237
|
+
sph_u64 val[8];
|
238
|
+
sph_u64 count;
|
239
|
+
#endif
|
240
|
+
} sph_sha384_context;
|
241
|
+
|
242
|
+
/**
|
243
|
+
* Initialize a SHA-384 context. This process performs no memory allocation.
|
244
|
+
*
|
245
|
+
* @param cc the SHA-384 context (pointer to
|
246
|
+
* a <code>sph_sha384_context</code>)
|
247
|
+
*/
|
248
|
+
void sph_sha384_init(void *cc);
|
249
|
+
|
250
|
+
/**
|
251
|
+
* Process some data bytes. It is acceptable that <code>len</code> is zero
|
252
|
+
* (in which case this function does nothing).
|
253
|
+
*
|
254
|
+
* @param cc the SHA-384 context
|
255
|
+
* @param data the input data
|
256
|
+
* @param len the input data length (in bytes)
|
257
|
+
*/
|
258
|
+
void sph_sha384(void *cc, const void *data, size_t len);
|
259
|
+
|
260
|
+
/**
|
261
|
+
* Terminate the current SHA-384 computation and output the result into the
|
262
|
+
* provided buffer. The destination buffer must be wide enough to
|
263
|
+
* accomodate the result (48 bytes). The context is automatically
|
264
|
+
* reinitialized.
|
265
|
+
*
|
266
|
+
* @param cc the SHA-384 context
|
267
|
+
* @param dst the destination buffer
|
268
|
+
*/
|
269
|
+
void sph_sha384_close(void *cc, void *dst);
|
270
|
+
|
271
|
+
/**
|
272
|
+
* Add a few additional bits (0 to 7) to the current computation, then
|
273
|
+
* terminate it and output the result in the provided buffer, which must
|
274
|
+
* be wide enough to accomodate the result (48 bytes). If bit number i
|
275
|
+
* in <code>ub</code> has value 2^i, then the extra bits are those
|
276
|
+
* numbered 7 downto 8-n (this is the big-endian convention at the byte
|
277
|
+
* level). The context is automatically reinitialized.
|
278
|
+
*
|
279
|
+
* @param cc the SHA-384 context
|
280
|
+
* @param ub the extra bits
|
281
|
+
* @param n the number of extra bits (0 to 7)
|
282
|
+
* @param dst the destination buffer
|
283
|
+
*/
|
284
|
+
void sph_sha384_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst);
|
285
|
+
|
286
|
+
/**
|
287
|
+
* Apply the SHA-384 compression function on the provided data. The
|
288
|
+
* <code>msg</code> parameter contains the 16 64-bit input blocks,
|
289
|
+
* as numerical values (hence after the big-endian decoding). The
|
290
|
+
* <code>val</code> parameter contains the 8 64-bit input blocks for
|
291
|
+
* the compression function; the output is written in place in this
|
292
|
+
* array.
|
293
|
+
*
|
294
|
+
* @param msg the message block (16 values)
|
295
|
+
* @param val the function 512-bit input and output
|
296
|
+
*/
|
297
|
+
void sph_sha384_comp(const sph_u64 msg[16], sph_u64 val[8]);
|
298
|
+
|
299
|
+
/**
|
300
|
+
* This structure is a context for SHA-512 computations. It is identical
|
301
|
+
* to the SHA-384 context. However, a context is initialized for SHA-384
|
302
|
+
* <strong>or</strong> SHA-512, but not both (the internal IV is not the
|
303
|
+
* same).
|
304
|
+
*/
|
305
|
+
typedef sph_sha384_context sph_sha512_context;
|
306
|
+
|
307
|
+
/**
|
308
|
+
* Initialize a SHA-512 context. This process performs no memory allocation.
|
309
|
+
*
|
310
|
+
* @param cc the SHA-512 context (pointer to
|
311
|
+
* a <code>sph_sha512_context</code>)
|
312
|
+
*/
|
313
|
+
void sph_sha512_init(void *cc);
|
314
|
+
|
315
|
+
#ifdef DOXYGEN_IGNORE
|
316
|
+
/**
|
317
|
+
* Process some data bytes, for SHA-512. This function is identical to
|
318
|
+
* <code>sph_sha384()</code>.
|
319
|
+
*
|
320
|
+
* @param cc the SHA-384 context
|
321
|
+
* @param data the input data
|
322
|
+
* @param len the input data length (in bytes)
|
323
|
+
*/
|
324
|
+
void sph_sha512(void *cc, const void *data, size_t len);
|
325
|
+
#endif
|
326
|
+
|
327
|
+
#ifndef DOXYGEN_IGNORE
|
328
|
+
#define sph_sha512 sph_sha384
|
329
|
+
#endif
|
330
|
+
|
331
|
+
/**
|
332
|
+
* Terminate the current SHA-512 computation and output the result into the
|
333
|
+
* provided buffer. The destination buffer must be wide enough to
|
334
|
+
* accomodate the result (64 bytes). The context is automatically
|
335
|
+
* reinitialized.
|
336
|
+
*
|
337
|
+
* @param cc the SHA-512 context
|
338
|
+
* @param dst the destination buffer
|
339
|
+
*/
|
340
|
+
void sph_sha512_close(void *cc, void *dst);
|
341
|
+
|
342
|
+
/**
|
343
|
+
* Add a few additional bits (0 to 7) to the current computation, then
|
344
|
+
* terminate it and output the result in the provided buffer, which must
|
345
|
+
* be wide enough to accomodate the result (64 bytes). If bit number i
|
346
|
+
* in <code>ub</code> has value 2^i, then the extra bits are those
|
347
|
+
* numbered 7 downto 8-n (this is the big-endian convention at the byte
|
348
|
+
* level). The context is automatically reinitialized.
|
349
|
+
*
|
350
|
+
* @param cc the SHA-512 context
|
351
|
+
* @param ub the extra bits
|
352
|
+
* @param n the number of extra bits (0 to 7)
|
353
|
+
* @param dst the destination buffer
|
354
|
+
*/
|
355
|
+
void sph_sha512_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst);
|
356
|
+
|
357
|
+
#ifdef DOXYGEN_IGNORE
|
358
|
+
/**
|
359
|
+
* Apply the SHA-512 compression function. This function is identical to
|
360
|
+
* <code>sph_sha384_comp()</code>.
|
361
|
+
*
|
362
|
+
* @param msg the message block (16 values)
|
363
|
+
* @param val the function 512-bit input and output
|
364
|
+
*/
|
365
|
+
void sph_sha512_comp(const sph_u64 msg[16], sph_u64 val[8]);
|
366
|
+
#endif
|
367
|
+
|
368
|
+
#ifndef DOXYGEN_IGNORE
|
369
|
+
#define sph_sha512_comp sph_sha384_comp
|
370
|
+
#endif
|
371
|
+
|
372
|
+
#endif
|
373
|
+
|
374
|
+
#ifdef __cplusplus
|
375
|
+
}
|
376
|
+
#endif
|
377
|
+
|
378
|
+
#endif
|