sm3.cpp

Go to the documentation of this file.

/*
 * libxcks
 * Copyright (C) 2022 Julien Couot
 *
 * This program is free software: you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or (at your
 * option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
 * License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
 
//---------------------------------------------------------------------------
#include <cstring>
 
#include "sm3.hpp"
//---------------------------------------------------------------------------
 
using namespace std;
//---------------------------------------------------------------------------
 
 
namespace libxcks
{
 
inline void SM3::transformBlock(uint32_t* digest, uint8_t* input)
{
  uint32_t W[68];
  uint32_t W1[64];
 
  for (uint8_t j = 0, i = 0; j < 64; ++j, i += 4)
  {
    W[j] = (input[i] << 24) | (input[i + 1] << 16) | (input[i + 2] << 8) | input[i + 3];
  }
 
  for (uint8_t j = 16; j < 68; ++j)
  {
    uint32_t wj3 = W[j - 3];
    uint32_t r15 = rotleft(wj3, 15);
    uint32_t wj13 = W[j - 13];
    uint32_t r7 = rotleft(wj13, 7);
    W[j] = p1(W[j - 16] ^ W[j - 9] ^ r15) ^ r7 ^ W[j - 6];
  }
 
  for (uint8_t j = 0; j < 64; ++j)
  {
    W1[j] = W[j] ^ W[j + 4];
  }
 
  uint32_t A = digest[0];
  uint32_t B = digest[1];
  uint32_t C = digest[2];
  uint32_t D = digest[3];
  uint32_t E = digest[4];
  uint32_t F = digest[5];
  uint32_t G = digest[6];
  uint32_t H = digest[7];
 
  for (uint8_t j = 0; j < 16; ++j)
  {
    uint32_t a12 = rotleft(A, 12);
    uint32_t s1  = a12 + E + rotleft(T0, j);
    uint32_t SS1 = rotleft(s1, 7);
    uint32_t SS2 = SS1 ^ a12;
    uint32_t TT1 = FF0(A, B, C) + D + SS2 + W1[j];
    uint32_t TT2 = GG0(E, F, G) + H + SS1 + W[j];
 
    D = C;
    C = rotleft(B, 9);
    B = A;
    A = TT1;
    H = G;
    G = rotleft(F, 19);
    F = E;
    E = p0(TT2);
  }
 
  for (uint8_t j = 16; j < 64; ++j)
  {
    uint32_t a12 = rotleft(A, 12);
    uint32_t s1  = a12 + E + rotleft(T1, (j % 32));
    uint32_t SS1 = rotleft(s1, 7);
    uint32_t SS2 = SS1 ^ a12;
    uint32_t TT1 = FF1(A, B, C) + D + SS2 + W1[j];
    uint32_t TT2 = GG1(E, F, G) + H + SS1 + W[j];
 
    D = C;
    C = rotleft(B, 9);
    B = A;
    A = TT1;
    H = G;
    G = rotleft(F, 19);
    F = E;
    E = p0(TT2);
  }
 
  digest[0] ^= A;
  digest[1] ^= B;
  digest[2] ^= C;
  digest[3] ^= D;
  digest[4] ^= E;
  digest[5] ^= F;
  digest[6] ^= G;
  digest[7] ^= H;
}
//---------------------------------------------------------------------------
 
 
void SM3::finalize(uint8_t* output)
{
  uint8_t* local = reinterpret_cast<uint8_t*>(workspace);
  addwc(&processed_high, &processed_low, workspace_used);
 
  local[workspace_used++] = 0x80;
 
  if (workspace_used > SM3_PAD_SIZE)
  {
    memset(&local[workspace_used], 0, SM3_BLOCK_SIZE - workspace_used);
    workspace_used += SM3_BLOCK_SIZE - workspace_used;
 
    transformBlock(digest, local);
    workspace_used = 0;
  }
 
  memset(&local[workspace_used], 0, SM3_PAD_SIZE - workspace_used);
 
  uint32_t processed_bits_high = swap(processed_high << 3 | ((processed_low >> 29) & 0x07));
  memcpy(&local[SM3_PAD_SIZE], &processed_bits_high, sizeof(uint32_t));
 
  uint32_t processed_bits_low = swap(processed_low << 3);
  memcpy(&local[SM3_PAD_SIZE + sizeof(uint32_t)], &processed_bits_low, sizeof(uint32_t));
 
  transformBlock(digest, local);
 
  uint8_t* temp = output;
  for (uint8_t j = 0; j < (SM3_DIGEST_SIZE / sizeof(uint32_t)); ++j)
  {
    *temp++ = (digest[j]) >> 24;
    *temp++ = (digest[j]) >> 16;
    *temp++ = (digest[j]) >> 8;
    *temp++ = (digest[j]);
    digest[j] = 0;
    workspace[j] = 0;
  }
  for (uint8_t j = 8; j < (SM3_BLOCK_SIZE / sizeof(uint32_t)); ++j)
  {
    workspace[j] = 0;
  }
  workspace_used = 0;
  processed_low = 0;
  processed_high = 0;
}
//---------------------------------------------------------------------------
 
 
/*
 * Default constructor.
 */
SM3::SM3()
{
  reset();
}
//---------------------------------------------------------------------------
 
 
/*
 * Resets the SM3 hash to initial value.
 */
void SM3::reset()
{
  digest[0] = 0x7380166F;
  digest[1] = 0x4914B2B9;
  digest[2] = 0x172442D7;
  digest[3] = 0xDA8A0600;
  digest[4] = 0xA96F30BC;
  digest[5] = 0x163138AA;
  digest[6] = 0xE38DEE4D;
  digest[7] = 0xB0FB0E4E;
 
  for (size_t j = 0; j < (SM3_BLOCK_SIZE / sizeof(uint32_t)); j++)
  {
    workspace[j] = 0;
  }
  workspace_used = 0;
  processed_high = 0;
  processed_low = 0;
}
//---------------------------------------------------------------------------
 
 
/*
 * Updates the SM3 hash with specified array of bytes.
 */
void SM3::update(const uint8_t* buf, size_t len)
{
  uint8_t* local = reinterpret_cast<uint8_t*>(workspace);
 
  while (len)
  {
    uint32_t add = min(len, SM3_BLOCK_SIZE - workspace_used);
 
    memcpy(&local[workspace_used], buf, add);
 
    workspace_used += add;
    buf += add;
    len -= add;
 
    if(workspace_used == SM3_BLOCK_SIZE)
    {
      transformBlock(digest, local);
      addwc(&processed_high, &processed_low, SM3_BLOCK_SIZE);
      workspace_used = 0;
    }
  }
}
//---------------------------------------------------------------------------
 
 
/*
 * Returns the BLAKE3 hash value in the first 32 bytes of the given address.
 */
uint8_t* SM3::getValue(uint8_t* buffer) const
{
  SM3 sm3(*this);
  sm3.finalize(static_cast<uint8_t*>(buffer));
 
  return buffer;
}
//---------------------------------------------------------------------------
 
}  // namespace libxcks
//---------------------------------------------------------------------------