sha224_256.cpp

Go to the documentation of this file.

/*
 * libxcks
 * Copyright (C) 2022 Julien Couot
 *
 * This program is free software: you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or (at your
 * option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
 * License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
 
//---------------------------------------------------------------------------
#include <cstring>
 
#include "sha224_256.hpp"
//---------------------------------------------------------------------------
 
using namespace std;
//---------------------------------------------------------------------------
 
 
namespace libxcks
{
// For doxygen
//---------------------------------------------------------------------------
 
 
//###########################################################################
// Implementation of AbstractSHA256Impl
//###########################################################################
 
/*
 * Process the remaining bytes in the internal buffer and the usual
 * prolog according to the standard.
 */
void AbstractSHA256Impl::finish()
{
  uint32_t t, msb, lsb;
  uint8_t *p;
 
  update(nullptr, 0);  // flush
 
  t = nblocks;
  // multiply by 64 to make a byte count
  lsb = t << 6;
  msb = t >> 26;
  // add the count
  t = lsb;
  if ((lsb += count) < t)
    msb++;
  // multiply by 8 to make a bit count
  t = lsb;
  lsb <<= 3;
  msb <<= 3;
  msb |= t >> 29;
 
  if (count < 56)
  {  // enough room
    ibuffer[count++] = 0x80;  // pad
    while (count < 56)
      ibuffer[count++] = 0;  // pad
  }
  else
  {  // need one extra block
    ibuffer[count++] = 0x80;  // pad character
    while (count < 64)
      ibuffer[count++] = 0;
    update(nullptr, 0);  // flush
    memset(ibuffer, 0, 56);  // fill next block with zeroes
  }
  // append the 64 bit count
  ibuffer[56] = msb >> 24;
  ibuffer[57] = msb >> 16;
  ibuffer[58] = msb >>  8;
  ibuffer[59] = msb;
  ibuffer[60] = lsb >> 24;
  ibuffer[61] = lsb >> 16;
  ibuffer[62] = lsb >>  8;
  ibuffer[63] = lsb;
  transform(ibuffer);
  //_gcry_burn_stack (74*4+32);
 
  p = ibuffer;
  #if (LIBXCKS_BYTE_ORDER == LIBXCKS_BIG_ENDIAN)
  #define X(a) do { *(uint32_t*)p = h##a ; p += 4; } while(0)
  #else  // little endian
  #define X(a) do { *p++ = h##a >> 24; *p++ = h##a >> 16;    \
                    *p++ = h##a >> 8; *p++ = h##a; } while(0)
  #endif
  X(0);
  X(1);
  X(2);
  X(3);
  X(4);
  X(5);
  X(6);
  X(7);
  #undef X
}
//---------------------------------------------------------------------------
 
 
/*
 * Updates the SHA256 hash with specified array of bytes.
 */
void AbstractSHA256Impl::update(const uint8_t* buf, size_t len)
{
  if (count == 64)
  {  // flush the buffer
    transform(ibuffer);
    // _gcry_burn_stack (74*4+32);
    count = 0;
    nblocks++;
  }
  if (buf == nullptr)
    return;
 
  if (count != 0)
  {
    for (; len && count < 64; len--)
      ibuffer[count++] = *buf++;
    update(nullptr, 0);
    if (len == 0)
      return;
  }
 
  while (len >= 64)
  {
    uint8_t tmpBuf[sizeof(uint32_t) * 16];
    memcpy(tmpBuf, buf, sizeof(uint32_t) * 16);
    transform(tmpBuf);
    count = 0;
    nblocks++;
    len -= 64;
    buf += 64;
  }
  // _gcry_burn_stack (74*4+32);
  for (; len && count < 64; len--)
    ibuffer[count++] = *buf++;
}
//---------------------------------------------------------------------------
 
 
#define Cho(x,y,z) (z ^ (x & (y ^ z)))      /* (4.2) same as SHA-1's F1 */
#define Maj(x,y,z) ((x & y) | (z & (x|y)))  /* (4.3) same as SHA-1's F3 */
#define Sum0(x) (ror ((x), 2) ^ ror ((x), 13) ^ ror ((x), 22))  /* (4.4) */
#define Sum1(x) (ror ((x), 6) ^ ror ((x), 11) ^ ror ((x), 25))  /* (4.5) */
#define S0(x) (ror ((x), 7) ^ ror ((x), 18) ^ ((x) >> 3))       /* (4.6) */
#define S1(x) (ror ((x), 17) ^ ror ((x), 19) ^ ((x) >> 10))     /* (4.7) */
#define R(a,b,c,d,e,f,g,h,k,w) do                                 \
          {                                                       \
            t1 = (h) + Sum1((e)) + Cho((e),(f),(g)) + (k) + (w);  \
            t2 = Sum0((a)) + Maj((a),(b),(c));                    \
            h = g;                                                \
            g = f;                                                \
            f = e;                                                \
            e = d + t1;                                           \
            d = c;                                                \
            c = b;                                                \
            b = a;                                                \
            a = t1 + t2;                                          \
          } while (0)
/*
 * Transform the message X which consists of 16 32-bit-words.
 */
void AbstractSHA256Impl::transform(uint8_t* data)
{
  static const uint32_t K[64] = {
    0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
    0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
    0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
    0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
    0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
    0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
    0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
    0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
    0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
    0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
    0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
    0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
    0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
    0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
    0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
    0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
  };
 
  uint32_t a,b,c,d,e,f,g,h,t1,t2;
  uint32_t x[16];
  uint32_t w[64];
  int i;
 
  a = h0;
  b = h1;
  c = h2;
  d = h3;
  e = h4;
  f = h5;
  g = h6;
  h = h7;
 
  #if (LIBXCKS_BYTE_ORDER == LIBXCKS_BIG_ENDIAN)
  memcpy(x, data, 64);
  #else
  {
    uint8_t *p2;
 
    for (i = 0, p2 = (uint8_t*)x; i < 16; i++, p2 += 4)
    {
      p2[3] = *data++;
      p2[2] = *data++;
      p2[1] = *data++;
      p2[0] = *data++;
    }
  }
  #endif
 
  for (i = 0; i < 16; i++)
    w[i] = x[i];
  for (; i < 64; i++)
    w[i] = S1(w[i - 2]) + w[i - 7] + S0(w[i - 15]) + w[i - 16];
 
  for (i = 0; i < 64; i++)
    R(a, b, c, d, e, f, g, h, K[i], w[i]);
 
  h0 += a;
  h1 += b;
  h2 += c;
  h3 += d;
  h4 += e;
  h5 += f;
  h6 += g;
  h7 += h;
}
#undef Cho
#undef Maj
#undef Sum0
#undef Sum1
#undef S0
#undef S1
#undef R
//---------------------------------------------------------------------------
 
 
//###########################################################################
// Implementation of SHA224
//###########################################################################
 
 
/*
 * Default constructor.
 */
SHA224::SHA224()
{
  reset();
}
//---------------------------------------------------------------------------
 
 
/*
 * Resets the SHA224 hash to initial value.
 */
void SHA224::reset()
{
  h0 = 0xc1059ed8;
  h1 = 0x367cd507;
  h2 = 0x3070dd17;
  h3 = 0xf70e5939;
  h4 = 0xffc00b31;
  h5 = 0x68581511;
  h6 = 0x64f98fa7;
  h7 = 0xbefa4fa4;
  nblocks = 0;
  count = 0;
}
//---------------------------------------------------------------------------
 
 
/*
 * Returns the SHA224 hash value in the first 28 bytes of the given address.
 */
uint8_t* SHA224::getValue(uint8_t* buffer) const
{
  SHA224 sha224(*this);
  sha224.finish();
 
  memcpy(buffer, sha224.ibuffer, getSize());
 
  return buffer;
}
//---------------------------------------------------------------------------
 
 
/*
 * Returns the alternative names of the SHA224 hash algorithm.
 */
ArrayString SHA224::getAlternativeNames()
{
  return ArrayString{ "SHA224", "SHA-224" };
}
//---------------------------------------------------------------------------
 
 
//###########################################################################
// Implementation of SHA256
//###########################################################################
 
 
/*
 * Default constructor.
 */
SHA256::SHA256()
{
  reset();
}
//---------------------------------------------------------------------------
 
 
/*
 * Resets the SHA256 hash to initial value.
 */
void SHA256::reset()
{
  h0 = 0x6a09e667;
  h1 = 0xbb67ae85;
  h2 = 0x3c6ef372;
  h3 = 0xa54ff53a;
  h4 = 0x510e527f;
  h5 = 0x9b05688c;
  h6 = 0x1f83d9ab;
  h7 = 0x5be0cd19;
  nblocks = 0;
  count = 0;
}
//---------------------------------------------------------------------------
 
 
/*
 * Returns the SHA256 hash value in the first 32 bytes of the given address.
 */
uint8_t* SHA256::getValue(uint8_t* buffer) const
{
  SHA256 sha256(*this);
  sha256.finish();
 
  memcpy(buffer, sha256.ibuffer, getSize());
 
  return buffer;
}
//---------------------------------------------------------------------------
 
 
/*
 * Returns the alternative names of the SHA256 hash algorithm.
 */
ArrayString SHA256::getAlternativeNames()
{
  return ArrayString{ "SHA256", "SHA-256" };
}
//---------------------------------------------------------------------------
}  // namespace libxcks
//---------------------------------------------------------------------------