0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2025-01-24 09:51:54 +00:00

MD5, SHA1/256/512 libraries: fixing code style

This commit is contained in:
Pavel Tvrdík 2015-05-19 09:57:10 +02:00
parent ddb80bd8c5
commit 1673814087
14 changed files with 233 additions and 226 deletions

View File

@ -1,5 +1,5 @@
/* /*
* BIRD -- MD5 Hash Function and HMAC-MD5 Function * BIRD Library -- MD5 Hash Function and HMAC-MD5 Function
* *
* (c) 2015 CZ.NIC z.s.p.o. * (c) 2015 CZ.NIC z.s.p.o.
* *
@ -34,12 +34,14 @@ void byteReverse(byte *buf, uint longs)
} }
#endif #endif
static void md5_transform(u32 buf[4], u32 const in[16]);
/* /*
* Start MD5 accumulation. Set bit count to 0 and buffer to mysterious * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious
* initialization constants. * initialization constants.
*/ */
void void
md5_init(md5_context *ctx) md5_init(struct md5_context *ctx)
{ {
ctx->buf[0] = 0x67452301; ctx->buf[0] = 0x67452301;
ctx->buf[1] = 0xefcdab89; ctx->buf[1] = 0xefcdab89;
@ -55,7 +57,7 @@ md5_init(md5_context *ctx)
* of bytes. * of bytes.
*/ */
void void
md5_update(md5_context *ctx, byte const *buf, uint len) md5_update(struct md5_context *ctx, byte const *buf, uint len)
{ {
u32 t; u32 t;
@ -107,7 +109,7 @@ md5_update(md5_context *ctx, byte const *buf, uint len)
* 1 0* (64-bit count of bits processed, MSB-first) * 1 0* (64-bit count of bits processed, MSB-first)
*/ */
byte * byte *
md5_final(md5_context *ctx) md5_final(struct md5_context *ctx)
{ {
uint count; uint count;
byte *p; byte *p;
@ -153,7 +155,7 @@ md5_final(md5_context *ctx)
/* I am a hard paranoid */ /* I am a hard paranoid */
void void
md5_erase_ctx(md5_context *ctx) md5_erase_ctx(struct md5_context *ctx)
{ {
memset((char *) ctx, 0, sizeof(*ctx)); /* In case it's sensitive */ memset((char *) ctx, 0, sizeof(*ctx)); /* In case it's sensitive */
} }
@ -259,14 +261,15 @@ md5_transform(u32 buf[4], u32 const in[16])
buf[3] += d; buf[3] += d;
} }
/**
/*
* MD5-HMAC * MD5-HMAC
*/ */
static void static void
md5_hash_buffer(byte *outbuf, const byte *buffer, size_t length) md5_hash_buffer(byte *outbuf, const byte *buffer, size_t length)
{ {
md5_context hd_tmp; struct md5_context hd_tmp;
md5_init(&hd_tmp); md5_init(&hd_tmp);
md5_update(&hd_tmp, buffer, length); md5_update(&hd_tmp, buffer, length);
@ -274,11 +277,11 @@ md5_hash_buffer(byte *outbuf, const byte *buffer, size_t length)
} }
void void
md5_hmac_init(md5_hmac_context *ctx, const byte *key, size_t keylen) md5_hmac_init(struct md5_hmac_context *ctx, const byte *key, size_t keylen)
{ {
byte keybuf[MD5_BLOCK_SIZE], buf[MD5_BLOCK_SIZE]; byte keybuf[MD5_BLOCK_SIZE], buf[MD5_BLOCK_SIZE];
// Hash the key if necessary /* Hash the key if necessary */
if (keylen <= MD5_BLOCK_SIZE) if (keylen <= MD5_BLOCK_SIZE)
{ {
memcpy(keybuf, key, keylen); memcpy(keybuf, key, keylen);
@ -290,14 +293,14 @@ md5_hmac_init(md5_hmac_context *ctx, const byte *key, size_t keylen)
bzero(keybuf + MD5_SIZE, MD5_BLOCK_SIZE - MD5_SIZE); bzero(keybuf + MD5_SIZE, MD5_BLOCK_SIZE - MD5_SIZE);
} }
// Initialize the inner digest /* Initialize the inner digest */
md5_init(&ctx->ictx); md5_init(&ctx->ictx);
int i; int i;
for (i = 0; i < MD5_BLOCK_SIZE; i++) for (i = 0; i < MD5_BLOCK_SIZE; i++)
buf[i] = keybuf[i] ^ 0x36; buf[i] = keybuf[i] ^ 0x36;
md5_update(&ctx->ictx, buf, MD5_BLOCK_SIZE); md5_update(&ctx->ictx, buf, MD5_BLOCK_SIZE);
// Initialize the outer digest /* Initialize the outer digest */
md5_init(&ctx->octx); md5_init(&ctx->octx);
for (i = 0; i < MD5_BLOCK_SIZE; i++) for (i = 0; i < MD5_BLOCK_SIZE; i++)
buf[i] = keybuf[i] ^ 0x5c; buf[i] = keybuf[i] ^ 0x5c;
@ -305,19 +308,19 @@ md5_hmac_init(md5_hmac_context *ctx, const byte *key, size_t keylen)
} }
void void
md5_hmac_update(md5_hmac_context *ctx, const byte *buf, size_t buflen) md5_hmac_update(struct md5_hmac_context *ctx, const byte *buf, size_t buflen)
{ {
// Just update the inner digest /* Just update the inner digest */
md5_update(&ctx->ictx, buf, buflen); md5_update(&ctx->ictx, buf, buflen);
} }
byte * byte *
md5_hmac_final(md5_hmac_context *ctx) md5_hmac_final(struct md5_hmac_context *ctx)
{ {
// Finish the inner digest /* Finish the inner digest */
byte *isha = md5_final(&ctx->ictx); byte *isha = md5_final(&ctx->ictx);
// Finish the outer digest /* Finish the outer digest */
md5_update(&ctx->octx, isha, MD5_SIZE); md5_update(&ctx->octx, isha, MD5_SIZE);
return md5_final(&ctx->octx); return md5_final(&ctx->octx);
} }

View File

@ -1,5 +1,5 @@
/* /*
* BIRD -- MD5 Hash Function and HMAC-MD5 Function * BIRD Library -- MD5 Hash Function and HMAC-MD5 Function
* *
* (c) 2015 CZ.NIC z.s.p.o. * (c) 2015 CZ.NIC z.s.p.o.
* *
@ -15,30 +15,28 @@
#define MD5_HEX_SIZE 33 #define MD5_HEX_SIZE 33
#define MD5_BLOCK_SIZE 64 #define MD5_BLOCK_SIZE 64
typedef struct struct md5_context
{ {
u32 buf[4]; u32 buf[4];
u32 bits[2]; u32 bits[2];
byte in[64]; byte in[64];
} md5_context; };
void md5_init(md5_context *context); void md5_init(struct md5_context *context);
void md5_update(md5_context *context, byte const *buf, uint len); void md5_update(struct md5_context *context, byte const *buf, uint len);
byte *md5_final(md5_context *context); byte *md5_final(struct md5_context *context);
void md5_transform(u32 buf[4], u32 const in[16]); /*
/**
* HMAC-MD5 * HMAC-MD5
*/ */
typedef struct struct md5_hmac_context
{ {
md5_context ictx; struct md5_context ictx;
md5_context octx; struct md5_context octx;
} md5_hmac_context; };
void md5_hmac_init(md5_hmac_context *ctx, const byte *key, size_t keylen); void md5_hmac_init(struct md5_hmac_context *ctx, const byte *key, size_t keylen);
void md5_hmac_update(md5_hmac_context *ctx, const byte *buf, size_t buflen); void md5_hmac_update(struct md5_hmac_context *ctx, const byte *buf, size_t buflen);
byte *md5_hmac_final(md5_hmac_context *ctx); byte *md5_hmac_final(struct md5_hmac_context *ctx);
#endif /* _BIRD_MD5_H_ */ #endif /* _BIRD_MD5_H_ */

View File

@ -1,5 +1,5 @@
/* /*
* BIRD -- MD5 and HMAC-MD5 Tests * BIRD Library -- MD5 and HMAC-MD5 Tests
* *
* (c) 2015 CZ.NIC z.s.p.o. * (c) 2015 CZ.NIC z.s.p.o.
* *
@ -16,7 +16,7 @@
static void static void
get_md5(const char *str, char (*out_hash)[MD5_HEX_SIZE]) get_md5(const char *str, char (*out_hash)[MD5_HEX_SIZE])
{ {
md5_context ctxt; struct md5_context ctxt;
md5_init(&ctxt); md5_init(&ctxt);
md5_update(&ctxt, str, strlen(str)); md5_update(&ctxt, str, strlen(str));
@ -80,7 +80,7 @@ struct hmac_data_in {
static void static void
get_md5_hmac(const struct hmac_data_in in, char (*out_hash)[MD5_HEX_SIZE]) get_md5_hmac(const struct hmac_data_in in, char (*out_hash)[MD5_HEX_SIZE])
{ {
md5_hmac_context ctx; struct md5_hmac_context ctx;
md5_hmac_init(&ctx, in.key, in.key_len); md5_hmac_init(&ctx, in.key, in.key_len);
md5_hmac_update(&ctx, in.data, in.data_len); md5_hmac_update(&ctx, in.data, in.data_len);
byte *hash_byte = md5_hmac_final(&ctx); byte *hash_byte = md5_hmac_final(&ctx);

View File

@ -1,5 +1,5 @@
/* /*
* BIRD -- SHA-1 Hash Function (FIPS 180-1, RFC 3174) and HMAC-SHA-1 * BIRD Library -- SHA-1 Hash Function (FIPS 180-1, RFC 3174) and HMAC-SHA-1
* *
* (c) 2015 CZ.NIC z.s.p.o. * (c) 2015 CZ.NIC z.s.p.o.
* *
@ -19,7 +19,7 @@
#include "lib/unaligned.h" #include "lib/unaligned.h"
void void
sha1_init(sha1_context *hd) sha1_init(struct sha1_context *hd)
{ {
hd->h0 = 0x67452301; hd->h0 = 0x67452301;
hd->h1 = 0xefcdab89; hd->h1 = 0xefcdab89;
@ -34,7 +34,7 @@ sha1_init(sha1_context *hd)
* Transform the message X which consists of 16 32-bit-words * Transform the message X which consists of 16 32-bit-words
*/ */
static void static void
sha1_transform(sha1_context *hd, const byte *data) sha1_transform(struct sha1_context *hd, const byte *data)
{ {
u32 a,b,c,d,e,tm; u32 a,b,c,d,e,tm;
u32 x[16]; u32 x[16];
@ -65,7 +65,7 @@ sha1_transform(sha1_context *hd, const byte *data)
#define M(i) (tm = x[i&0x0f] ^ x[(i-14)&0x0f] ^ x[(i-8)&0x0f] ^ x[(i-3)&0x0f], (x[i&0x0f] = ROL(tm, 1))) #define M(i) (tm = x[i&0x0f] ^ x[(i-14)&0x0f] ^ x[(i-8)&0x0f] ^ x[(i-3)&0x0f], (x[i&0x0f] = ROL(tm, 1)))
/** Bitwise rotation of an unsigned int to the left **/ /* Bitwise rotation of an unsigned int to the left **/
#define ROL(x, bits) (((x) << (bits)) | ((uint)(x) >> (sizeof(uint)*8 - (bits)))) #define ROL(x, bits) (((x) << (bits)) | ((uint)(x) >> (sizeof(uint)*8 - (bits))))
#define R(a, b, c, d, e, f, k, m) \ #define R(a, b, c, d, e, f, k, m) \
@ -169,7 +169,7 @@ sha1_transform(sha1_context *hd, const byte *data)
* of INBUF with length INLEN. * of INBUF with length INLEN.
*/ */
void void
sha1_update(sha1_context *hd, const byte *inbuf, uint inlen) sha1_update(struct sha1_context *hd, const byte *inbuf, uint inlen)
{ {
if (hd->count == 64) /* flush the buffer */ if (hd->count == 64) /* flush the buffer */
{ {
@ -209,7 +209,7 @@ sha1_update(sha1_context *hd, const byte *inbuf, uint inlen)
* Returns: 20 bytes representing the digest. * Returns: 20 bytes representing the digest.
*/ */
byte * byte *
sha1_final(sha1_context *hd) sha1_final(struct sha1_context *hd)
{ {
u32 t, msb, lsb; u32 t, msb, lsb;
u32 *p; u32 *p;
@ -267,7 +267,8 @@ sha1_final(sha1_context *hd)
return hd->buf; return hd->buf;
} }
/**
/*
* SHA1-HMAC * SHA1-HMAC
*/ */
@ -278,7 +279,7 @@ sha1_final(sha1_context *hd)
void void
sha1_hash_buffer(byte *outbuf, const byte *buffer, uint length) sha1_hash_buffer(byte *outbuf, const byte *buffer, uint length)
{ {
sha1_context ctx; struct sha1_context ctx;
sha1_init(&ctx); sha1_init(&ctx);
sha1_update(&ctx, buffer, length); sha1_update(&ctx, buffer, length);
@ -286,11 +287,11 @@ sha1_hash_buffer(byte *outbuf, const byte *buffer, uint length)
} }
void void
sha1_hmac_init(sha1_hmac_context *ctx, const byte *key, uint keylen) sha1_hmac_init(struct sha1_hmac_context *ctx, const byte *key, uint keylen)
{ {
byte keybuf[SHA1_BLOCK_SIZE], buf[SHA1_BLOCK_SIZE]; byte keybuf[SHA1_BLOCK_SIZE], buf[SHA1_BLOCK_SIZE];
// Hash the key if necessary /* Hash the key if necessary */
if (keylen <= SHA1_BLOCK_SIZE) if (keylen <= SHA1_BLOCK_SIZE)
{ {
memcpy(keybuf, key, keylen); memcpy(keybuf, key, keylen);
@ -302,14 +303,14 @@ sha1_hmac_init(sha1_hmac_context *ctx, const byte *key, uint keylen)
bzero(keybuf + SHA1_SIZE, SHA1_BLOCK_SIZE - SHA1_SIZE); bzero(keybuf + SHA1_SIZE, SHA1_BLOCK_SIZE - SHA1_SIZE);
} }
// Initialize the inner digest /* Initialize the inner digest */
sha1_init(&ctx->ictx); sha1_init(&ctx->ictx);
int i; int i;
for (i = 0; i < SHA1_BLOCK_SIZE; i++) for (i = 0; i < SHA1_BLOCK_SIZE; i++)
buf[i] = keybuf[i] ^ 0x36; buf[i] = keybuf[i] ^ 0x36;
sha1_update(&ctx->ictx, buf, SHA1_BLOCK_SIZE); sha1_update(&ctx->ictx, buf, SHA1_BLOCK_SIZE);
// Initialize the outer digest /* Initialize the outer digest */
sha1_init(&ctx->octx); sha1_init(&ctx->octx);
for (i = 0; i < SHA1_BLOCK_SIZE; i++) for (i = 0; i < SHA1_BLOCK_SIZE; i++)
buf[i] = keybuf[i] ^ 0x5c; buf[i] = keybuf[i] ^ 0x5c;
@ -317,18 +318,18 @@ sha1_hmac_init(sha1_hmac_context *ctx, const byte *key, uint keylen)
} }
void void
sha1_hmac_update(sha1_hmac_context *ctx, const byte *data, uint datalen) sha1_hmac_update(struct sha1_hmac_context *ctx, const byte *data, uint datalen)
{ {
// Just update the inner digest /* Just update the inner digest */
sha1_update(&ctx->ictx, data, datalen); sha1_update(&ctx->ictx, data, datalen);
} }
byte *sha1_hmac_final(sha1_hmac_context *ctx) byte *sha1_hmac_final(struct sha1_hmac_context *ctx)
{ {
// Finish the inner digest /* Finish the inner digest */
byte *isha = sha1_final(&ctx->ictx); byte *isha = sha1_final(&ctx->ictx);
// Finish the outer digest /* Finish the outer digest */
sha1_update(&ctx->octx, isha, SHA1_SIZE); sha1_update(&ctx->octx, isha, SHA1_SIZE);
return sha1_final(&ctx->octx); return sha1_final(&ctx->octx);
} }
@ -336,7 +337,7 @@ byte *sha1_hmac_final(sha1_hmac_context *ctx)
void void
sha1_hmac(byte *outbuf, const byte *key, uint keylen, const byte *data, uint datalen) sha1_hmac(byte *outbuf, const byte *key, uint keylen, const byte *data, uint datalen)
{ {
sha1_hmac_context hd; struct sha1_hmac_context hd;
sha1_hmac_init(&hd, key, keylen); sha1_hmac_init(&hd, key, keylen);
sha1_hmac_update(&hd, data, datalen); sha1_hmac_update(&hd, data, datalen);
byte *osha = sha1_hmac_final(&hd); byte *osha = sha1_hmac_final(&hd);

View File

@ -1,5 +1,5 @@
/* /*
* BIRD -- SHA-1 Hash Function (FIPS 180-1, RFC 3174) and HMAC-SHA-1 * BIRD Library -- SHA-1 Hash Function (FIPS 180-1, RFC 3174) and HMAC-SHA-1
* *
* (c) 2015 CZ.NIC z.s.p.o. * (c) 2015 CZ.NIC z.s.p.o.
* *
@ -17,27 +17,27 @@
#include "sysdep/config.h" #include "sysdep/config.h"
/** /*
* Internal SHA1 state. * Internal SHA1 state.
* You should use it just as an opaque handle only. * You should use it just as an opaque handle only.
*/ */
typedef struct { struct sha1_context {
u32 h0,h1,h2,h3,h4; u32 h0,h1,h2,h3,h4;
u32 nblocks; u32 nblocks;
byte buf[64]; byte buf[64];
int count; int count;
} sha1_context; } ;
void sha1_init(sha1_context *hd); /** Initialize new algorithm run in the @hd context. **/ void sha1_init(struct sha1_context *hd); /* Initialize new algorithm run in the @hd context. **/
/** /*
* Push another @inlen bytes of data pointed to by @inbuf onto the * Push another @inlen bytes of data pointed to by @inbuf onto the
* SHA1 hash currently in @hd. You can call this any times you want on * SHA1 hash currently in @hd. You can call this any times you want on
* the same hash (and you do not need to reinitialize it by * the same hash (and you do not need to reinitialize it by
* @sha1_init()). It has the same effect as concatenating all the data * @sha1_init()). It has the same effect as concatenating all the data
* together and passing them at once. * together and passing them at once.
*/ */
void sha1_update(sha1_context *hd, const byte *inbuf, uint inlen); void sha1_update(struct sha1_context *hd, const byte *inbuf, uint inlen);
/** /*
* No more @sha1_update() calls will be done. This terminates the hash * No more @sha1_update() calls will be done. This terminates the hash
* and returns a pointer to it. * and returns a pointer to it.
* *
@ -47,9 +47,9 @@ void sha1_update(sha1_context *hd, const byte *inbuf, uint inlen);
* To convert the hash to its usual hexadecimal representation, see * To convert the hash to its usual hexadecimal representation, see
* <<string:mem_to_hex()>>. * <<string:mem_to_hex()>>.
*/ */
byte *sha1_final(sha1_context *hd); byte *sha1_final(struct sha1_context *hd);
/** /*
* A convenience one-shot function for SHA1 hash. * A convenience one-shot function for SHA1 hash.
* It is equivalent to this snippet of code: * It is equivalent to this snippet of code:
* *
@ -60,27 +60,27 @@ byte *sha1_final(sha1_context *hd);
*/ */
void sha1_hash_buffer(byte *outbuf, const byte *buffer, uint length); void sha1_hash_buffer(byte *outbuf, const byte *buffer, uint length);
/** /*
* SHA1 HMAC message authentication. If you provide @key and @data, * SHA1 HMAC message authentication. If you provide @key and @data,
* the result will be stored in @outbuf. * the result will be stored in @outbuf.
*/ */
void sha1_hmac(byte *outbuf, const byte *key, uint keylen, const byte *data, uint datalen); void sha1_hmac(byte *outbuf, const byte *key, uint keylen, const byte *data, uint datalen);
/** /*
* The HMAC also exists in a stream version in a way analogous to the * The HMAC also exists in a stream version in a way analogous to the
* plain SHA1. Pass this as a context. * plain SHA1. Pass this as a context.
*/ */
typedef struct { struct sha1_hmac_context {
sha1_context ictx; struct sha1_context ictx;
sha1_context octx; struct sha1_context octx;
} sha1_hmac_context; };
void sha1_hmac_init(sha1_hmac_context *hd, const byte *key, uint keylen); /** Initialize HMAC with context @hd and the given key. See sha1_init(). */ void sha1_hmac_init(struct sha1_hmac_context *hd, const byte *key, uint keylen); /* Initialize HMAC with context @hd and the given key. See sha1_init(). */
void sha1_hmac_update(sha1_hmac_context *hd, const byte *data, uint datalen); /** Hash another @datalen bytes of data. See sha1_update(). */ void sha1_hmac_update(struct sha1_hmac_context *hd, const byte *data, uint datalen); /* Hash another @datalen bytes of data. See sha1_update(). */
byte *sha1_hmac_final(sha1_hmac_context *hd); /** Terminate the HMAC and return a pointer to the allocated hash. See sha1_final(). */ byte *sha1_hmac_final(struct sha1_hmac_context *hd); /* Terminate the HMAC and return a pointer to the allocated hash. See sha1_final(). */
#define SHA1_SIZE 20 /** Size of the SHA1 hash in its binary representation **/ #define SHA1_SIZE 20 /* Size of the SHA1 hash in its binary representation **/
#define SHA1_HEX_SIZE 41 /** Buffer length for a string containing SHA1 in hexadecimal format. **/ #define SHA1_HEX_SIZE 41 /* Buffer length for a string containing SHA1 in hexadecimal format. **/
#define SHA1_BLOCK_SIZE 64 /** SHA1 splits input to blocks of this size. **/ #define SHA1_BLOCK_SIZE 64 /* SHA1 splits input to blocks of this size. **/
#endif /* _BIRD_SHA1_H_ */ #endif /* _BIRD_SHA1_H_ */

View File

@ -1,5 +1,5 @@
/* /*
* BIRD -- SHA-1 and HMAC-SHA-1 Tests * BIRD Library -- SHA-1 and HMAC-SHA-1 Tests
* *
* (c) 2015 CZ.NIC z.s.p.o. * (c) 2015 CZ.NIC z.s.p.o.
* *
@ -16,7 +16,7 @@
static void static void
get_sha1(const char *str, char (*out_hash)[SHA1_HEX_SIZE]) get_sha1(const char *str, char (*out_hash)[SHA1_HEX_SIZE])
{ {
sha1_context ctx; struct sha1_context ctx;
sha1_init(&ctx); sha1_init(&ctx);
sha1_update(&ctx, str, strlen(str)); sha1_update(&ctx, str, strlen(str));
byte *hash = sha1_final(&ctx); byte *hash = sha1_final(&ctx);
@ -83,7 +83,7 @@ struct hmac_data_in {
static void static void
get_sha1_hmac(const struct hmac_data_in in, char (*out_hash)[SHA1_HEX_SIZE]) get_sha1_hmac(const struct hmac_data_in in, char (*out_hash)[SHA1_HEX_SIZE])
{ {
sha1_hmac_context ctx; struct sha1_hmac_context ctx;
sha1_hmac_init(&ctx, in.key, in.key_len); sha1_hmac_init(&ctx, in.key, in.key_len);
sha1_hmac_update(&ctx, in.data, in.data_len); sha1_hmac_update(&ctx, in.data, in.data_len);
byte *hash_byte = sha1_hmac_final(&ctx); byte *hash_byte = sha1_hmac_final(&ctx);

View File

@ -1,6 +1,6 @@
/* /*
* BIRD -- SHA-256 and SHA-224 Hash Functions, * BIRD Library -- SHA-256 and SHA-224 Hash Functions,
* HMAC-SHA-256 and HMAC-SHA-224 Functions * HMAC-SHA-256 and HMAC-SHA-224 Functions
* *
* (c) 2015 CZ.NIC z.s.p.o. * (c) 2015 CZ.NIC z.s.p.o.
* *
@ -18,8 +18,11 @@
#include "lib/sha256.h" #include "lib/sha256.h"
#include "lib/unaligned.h" #include "lib/unaligned.h"
static uint sha256_transform(void *ctx, const byte *data, size_t nblks);
void void
sha256_init(sha256_context *ctx) sha256_init(struct sha256_context *ctx)
{ {
ctx->h0 = 0x6a09e667; ctx->h0 = 0x6a09e667;
ctx->h1 = 0xbb67ae85; ctx->h1 = 0xbb67ae85;
@ -38,7 +41,7 @@ sha256_init(sha256_context *ctx)
} }
void void
sha224_init(sha224_context *ctx) sha224_init(struct sha224_context *ctx)
{ {
ctx->h0 = 0xc1059ed8; ctx->h0 = 0xc1059ed8;
ctx->h1 = 0x367cd507; ctx->h1 = 0x367cd507;
@ -115,7 +118,7 @@ sum1(u32 x)
32-bit-words. See FIPS 180-2 for details. 32-bit-words. See FIPS 180-2 for details.
*/ */
static uint static uint
sha256_transform_block(sha256_context *ctx, const byte *data) sha256_transform_block(struct sha256_context *ctx, const byte *data)
{ {
static const u32 K[64] = { static const u32 K[64] = {
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
@ -217,7 +220,7 @@ sha256_transform_block(sha256_context *ctx, const byte *data)
static uint static uint
sha256_transform(void *ctx, const byte *data, size_t nblks) sha256_transform(void *ctx, const byte *data, size_t nblks)
{ {
sha256_context *hd = ctx; struct sha256_context *hd = ctx;
uint burn; uint burn;
do do
@ -237,7 +240,7 @@ sha256_transform(void *ctx, const byte *data, size_t nblks)
not have any meaning but writing after finalize is sometimes not have any meaning but writing after finalize is sometimes
helpful to mitigate timing attacks. */ helpful to mitigate timing attacks. */
void void
sha256_update(sha256_context *ctx, const byte *in_buf, size_t in_len) sha256_update(struct sha256_context *ctx, const byte *in_buf, size_t in_len)
{ {
const uint blocksize = ctx->blocksize; const uint blocksize = ctx->blocksize;
size_t inblocks; size_t inblocks;
@ -284,7 +287,7 @@ sha256_update(sha256_context *ctx, const byte *in_buf, size_t in_len)
to the handle will the destroy the returned buffer. Returns: 32 to the handle will the destroy the returned buffer. Returns: 32
bytes with the message the digest. */ bytes with the message the digest. */
byte* byte*
sha256_final(sha256_context *ctx) sha256_final(struct sha256_context *ctx)
{ {
u32 t, th, msb, lsb; u32 t, th, msb, lsb;
byte *p; byte *p;
@ -345,14 +348,15 @@ sha256_final(sha256_context *ctx)
return ctx->buf; return ctx->buf;
} }
/**
/*
* SHA256-HMAC * SHA256-HMAC
*/ */
static void static void
sha256_hash_buffer(byte *outbuf, const byte *buffer, size_t length) sha256_hash_buffer(byte *outbuf, const byte *buffer, size_t length)
{ {
sha256_context hd_tmp; struct sha256_context hd_tmp;
sha256_init(&hd_tmp); sha256_init(&hd_tmp);
sha256_update(&hd_tmp, buffer, length); sha256_update(&hd_tmp, buffer, length);
@ -360,11 +364,11 @@ sha256_hash_buffer(byte *outbuf, const byte *buffer, size_t length)
} }
void void
sha256_hmac_init(sha256_hmac_context *ctx, const byte *key, size_t keylen) sha256_hmac_init(struct sha256_hmac_context *ctx, const byte *key, size_t keylen)
{ {
byte keybuf[SHA256_BLOCK_SIZE], buf[SHA256_BLOCK_SIZE]; byte keybuf[SHA256_BLOCK_SIZE], buf[SHA256_BLOCK_SIZE];
// Hash the key if necessary /* Hash the key if necessary */
if (keylen <= SHA256_BLOCK_SIZE) if (keylen <= SHA256_BLOCK_SIZE)
{ {
memcpy(keybuf, key, keylen); memcpy(keybuf, key, keylen);
@ -376,44 +380,45 @@ sha256_hmac_init(sha256_hmac_context *ctx, const byte *key, size_t keylen)
bzero(keybuf + SHA256_SIZE, SHA256_BLOCK_SIZE - SHA256_SIZE); bzero(keybuf + SHA256_SIZE, SHA256_BLOCK_SIZE - SHA256_SIZE);
} }
// Initialize the inner digest /* Initialize the inner digest */
sha256_init(&ctx->ictx); sha256_init(&ctx->ictx);
int i; int i;
for (i = 0; i < SHA256_BLOCK_SIZE; i++) for (i = 0; i < SHA256_BLOCK_SIZE; i++)
buf[i] = keybuf[i] ^ 0x36; buf[i] = keybuf[i] ^ 0x36;
sha256_update(&ctx->ictx, buf, SHA256_BLOCK_SIZE); sha256_update(&ctx->ictx, buf, SHA256_BLOCK_SIZE);
// Initialize the outer digest /* Initialize the outer digest */
sha256_init(&ctx->octx); sha256_init(&ctx->octx);
for (i = 0; i < SHA256_BLOCK_SIZE; i++) for (i = 0; i < SHA256_BLOCK_SIZE; i++)
buf[i] = keybuf[i] ^ 0x5c; buf[i] = keybuf[i] ^ 0x5c;
sha256_update(&ctx->octx, buf, SHA256_BLOCK_SIZE); sha256_update(&ctx->octx, buf, SHA256_BLOCK_SIZE);
} }
void sha256_hmac_update(sha256_hmac_context *ctx, const byte *buf, size_t buflen) void sha256_hmac_update(struct sha256_hmac_context *ctx, const byte *buf, size_t buflen)
{ {
// Just update the inner digest /* Just update the inner digest */
sha256_update(&ctx->ictx, buf, buflen); sha256_update(&ctx->ictx, buf, buflen);
} }
byte *sha256_hmac_final(sha256_hmac_context *ctx) byte *sha256_hmac_final(struct sha256_hmac_context *ctx)
{ {
// Finish the inner digest /* Finish the inner digest */
byte *isha = sha256_final(&ctx->ictx); byte *isha = sha256_final(&ctx->ictx);
// Finish the outer digest /* Finish the outer digest */
sha256_update(&ctx->octx, isha, SHA256_SIZE); sha256_update(&ctx->octx, isha, SHA256_SIZE);
return sha256_final(&ctx->octx); return sha256_final(&ctx->octx);
} }
/**
/*
* SHA224-HMAC * SHA224-HMAC
*/ */
static void static void
sha224_hash_buffer(byte *outbuf, const byte *buffer, size_t length) sha224_hash_buffer(byte *outbuf, const byte *buffer, size_t length)
{ {
sha224_context hd_tmp; struct sha224_context hd_tmp;
sha224_init(&hd_tmp); sha224_init(&hd_tmp);
sha224_update(&hd_tmp, buffer, length); sha224_update(&hd_tmp, buffer, length);
@ -421,11 +426,11 @@ sha224_hash_buffer(byte *outbuf, const byte *buffer, size_t length)
} }
void void
sha224_hmac_init(sha224_hmac_context *ctx, const byte *key, size_t keylen) sha224_hmac_init(struct sha224_hmac_context *ctx, const byte *key, size_t keylen)
{ {
byte keybuf[SHA224_BLOCK_SIZE], buf[SHA224_BLOCK_SIZE]; byte keybuf[SHA224_BLOCK_SIZE], buf[SHA224_BLOCK_SIZE];
// Hash the key if necessary /* Hash the key if necessary */
if (keylen <= SHA224_BLOCK_SIZE) if (keylen <= SHA224_BLOCK_SIZE)
{ {
memcpy(keybuf, key, keylen); memcpy(keybuf, key, keylen);
@ -437,32 +442,32 @@ sha224_hmac_init(sha224_hmac_context *ctx, const byte *key, size_t keylen)
bzero(keybuf + SHA224_SIZE, SHA224_BLOCK_SIZE - SHA224_SIZE); bzero(keybuf + SHA224_SIZE, SHA224_BLOCK_SIZE - SHA224_SIZE);
} }
// Initialize the inner digest /* Initialize the inner digest */
sha224_init(&ctx->ictx); sha224_init(&ctx->ictx);
int i; int i;
for (i = 0; i < SHA224_BLOCK_SIZE; i++) for (i = 0; i < SHA224_BLOCK_SIZE; i++)
buf[i] = keybuf[i] ^ 0x36; buf[i] = keybuf[i] ^ 0x36;
sha224_update(&ctx->ictx, buf, SHA224_BLOCK_SIZE); sha224_update(&ctx->ictx, buf, SHA224_BLOCK_SIZE);
// Initialize the outer digest /* Initialize the outer digest */
sha224_init(&ctx->octx); sha224_init(&ctx->octx);
for (i = 0; i < SHA224_BLOCK_SIZE; i++) for (i = 0; i < SHA224_BLOCK_SIZE; i++)
buf[i] = keybuf[i] ^ 0x5c; buf[i] = keybuf[i] ^ 0x5c;
sha224_update(&ctx->octx, buf, SHA224_BLOCK_SIZE); sha224_update(&ctx->octx, buf, SHA224_BLOCK_SIZE);
} }
void sha224_hmac_update(sha224_hmac_context *ctx, const byte *buf, size_t buflen) void sha224_hmac_update(struct sha224_hmac_context *ctx, const byte *buf, size_t buflen)
{ {
// Just update the inner digest /* Just update the inner digest */
sha256_update(&ctx->ictx, buf, buflen); sha256_update(&ctx->ictx, buf, buflen);
} }
byte *sha224_hmac_final(sha224_hmac_context *ctx) byte *sha224_hmac_final(struct sha224_hmac_context *ctx)
{ {
// Finish the inner digest /* Finish the inner digest */
byte *isha = sha224_final(&ctx->ictx); byte *isha = sha224_final(&ctx->ictx);
// Finish the outer digest /* Finish the outer digest */
sha224_update(&ctx->octx, isha, SHA224_SIZE); sha224_update(&ctx->octx, isha, SHA224_SIZE);
return sha224_final(&ctx->octx); return sha224_final(&ctx->octx);
} }

View File

@ -1,6 +1,6 @@
/* /*
* BIRD -- SHA-256 and SHA-224 Hash Functions, * BIRD Library -- SHA-256 and SHA-224 Hash Functions,
* HMAC-SHA-256 and HMAC-SHA-224 Functions * HMAC-SHA-256 and HMAC-SHA-224 Functions
* *
* (c) 2015 CZ.NIC z.s.p.o. * (c) 2015 CZ.NIC z.s.p.o.
* *
@ -25,7 +25,7 @@
typedef uint sha_transform_fn (void *c, const byte *blks, size_t nblks); typedef uint sha_transform_fn (void *c, const byte *blks, size_t nblks);
typedef struct { struct sha256_context {
u32 h0,h1,h2,h3,h4,h5,h6,h7; u32 h0,h1,h2,h3,h4,h5,h6,h7;
byte buf[128]; /* 128 is for SHA384 and SHA512 support, otherwise for SHA224 and SHA256 is 64 enough */ byte buf[128]; /* 128 is for SHA384 and SHA512 support, otherwise for SHA224 and SHA256 is 64 enough */
u32 nblocks; u32 nblocks;
@ -33,43 +33,41 @@ typedef struct {
int count; int count;
u32 blocksize; u32 blocksize;
sha_transform_fn *transform; sha_transform_fn *transform;
} sha256_context; };
typedef sha256_context sha224_context; #define sha224_context sha256_context /* aliasing 'struct sha224_context' to 'struct sha256_context' */
void sha256_init(sha256_context *ctx); void sha256_init(struct sha256_context *ctx);
void sha224_init(sha224_context *ctx); void sha224_init(struct sha224_context *ctx);
void sha256_update(sha256_context *ctx, const byte *in_buf, size_t in_len); void sha256_update(struct sha256_context *ctx, const byte *in_buf, size_t in_len);
void sha224_update(sha224_context *ctx, const byte *in_buf, size_t in_len) static inline void sha224_update(struct sha224_context *ctx, const byte *in_buf, size_t in_len)
{ {
sha256_update(ctx, in_buf, in_len); sha256_update(ctx, in_buf, in_len);
} }
byte* sha256_final(sha256_context *ctx); byte* sha256_final(struct sha256_context *ctx);
byte* sha224_final(sha224_context *ctx) static inline byte* sha224_final(struct sha224_context *ctx)
{ {
return sha256_final(ctx); return sha256_final(ctx);
} }
static uint sha256_transform(void *ctx, const byte *data, size_t nblks); /*
/**
* HMAC-SHA256, HMAC-SHA224 * HMAC-SHA256, HMAC-SHA224
*/ */
typedef struct struct sha256_hmac_context
{ {
sha256_context ictx; struct sha256_context ictx;
sha256_context octx; struct sha256_context octx;
} sha256_hmac_context; };
typedef sha256_hmac_context sha224_hmac_context; #define sha224_hmac_context sha256_hmac_context /* aliasing 'struct sha224_hmac_context' to 'struct sha256_hmac_context' */
void sha256_hmac_init(sha256_hmac_context *ctx, const byte *key, size_t keylen); void sha256_hmac_init(struct sha256_hmac_context *ctx, const byte *key, size_t keylen);
void sha224_hmac_init(sha224_hmac_context *ctx, const byte *key, size_t keylen); void sha224_hmac_init(struct sha224_hmac_context *ctx, const byte *key, size_t keylen);
void sha256_hmac_update(sha256_hmac_context *ctx, const byte *buf, size_t buflen); void sha256_hmac_update(struct sha256_hmac_context *ctx, const byte *buf, size_t buflen);
void sha224_hmac_update(sha224_hmac_context *ctx, const byte *buf, size_t buflen); void sha224_hmac_update(struct sha224_hmac_context *ctx, const byte *buf, size_t buflen);
byte *sha256_hmac_final(sha256_hmac_context *ctx); byte *sha256_hmac_final(struct sha256_hmac_context *ctx);
byte *sha224_hmac_final(sha224_hmac_context *ctx); byte *sha224_hmac_final(struct sha224_hmac_context *ctx);
#endif /* _BIRD_SHA256_H_ */ #endif /* _BIRD_SHA256_H_ */

View File

@ -1,5 +1,5 @@
/* /*
* BIRD -- SHA-256, SHA-224, HMAC-SHA-256 and HMAC-SHA224 Tests * BIRD Library -- SHA-256, SHA-224, HMAC-SHA-256 and HMAC-SHA224 Tests
* *
* (c) 2015 CZ.NIC z.s.p.o. * (c) 2015 CZ.NIC z.s.p.o.
* *
@ -26,7 +26,7 @@ byte_to_hex(char *out, const byte *in, uint len)
static void static void
get_sha256(const char *str, char (*out_hash)[SHA256_HEX_SIZE]) get_sha256(const char *str, char (*out_hash)[SHA256_HEX_SIZE])
{ {
sha256_context ctx; struct sha256_context ctx;
sha256_init(&ctx); sha256_init(&ctx);
sha256_update(&ctx, str, strlen(str)); sha256_update(&ctx, str, strlen(str));
byte *hash = sha256_final(&ctx); byte *hash = sha256_final(&ctx);
@ -36,7 +36,7 @@ get_sha256(const char *str, char (*out_hash)[SHA256_HEX_SIZE])
static void static void
get_sha224(const char *str, char (*out_hash)[SHA256_HEX_SIZE]) get_sha224(const char *str, char (*out_hash)[SHA256_HEX_SIZE])
{ {
sha224_context ctx; struct sha224_context ctx;
sha224_init(&ctx); sha224_init(&ctx);
sha224_update(&ctx, str, strlen(str)); sha224_update(&ctx, str, strlen(str));
byte *hash = sha224_final(&ctx); byte *hash = sha224_final(&ctx);
@ -126,13 +126,13 @@ t_sha256_concating(void)
char *str_b5 = "eeeee" ; char *str_b5 = "eeeee" ;
char *str_b6 = "ffffff"; char *str_b6 = "ffffff";
sha256_context ctx_a; struct sha256_context ctx_a;
sha256_init(&ctx_a); sha256_init(&ctx_a);
sha256_update(&ctx_a, str_a, strlen(str_a)); sha256_update(&ctx_a, str_a, strlen(str_a));
byte *hash_a_ = sha256_final(&ctx_a); byte *hash_a_ = sha256_final(&ctx_a);
byte_to_hex(hash_a, hash_a_, SHA256_SIZE); byte_to_hex(hash_a, hash_a_, SHA256_SIZE);
sha256_context ctx_b; struct sha256_context ctx_b;
sha256_init(&ctx_b); sha256_init(&ctx_b);
sha256_update(&ctx_b, str_b1, strlen(str_b1)); sha256_update(&ctx_b, str_b1, strlen(str_b1));
sha256_update(&ctx_b, str_b2, strlen(str_b2)); sha256_update(&ctx_b, str_b2, strlen(str_b2));
@ -160,7 +160,7 @@ struct hmac_data_in {
static void static void
get_sha256_hmac(const struct hmac_data_in in, char (*out_hash)[SHA256_HEX_SIZE]) get_sha256_hmac(const struct hmac_data_in in, char (*out_hash)[SHA256_HEX_SIZE])
{ {
sha256_hmac_context ctx; struct sha256_hmac_context ctx;
sha256_hmac_init(&ctx, in.key, in.key_len); sha256_hmac_init(&ctx, in.key, in.key_len);
sha256_hmac_update(&ctx, in.data, in.data_len); sha256_hmac_update(&ctx, in.data, in.data_len);
byte *hash_byte = sha256_hmac_final(&ctx); byte *hash_byte = sha256_hmac_final(&ctx);
@ -170,7 +170,7 @@ get_sha256_hmac(const struct hmac_data_in in, char (*out_hash)[SHA256_HEX_SIZE])
static void static void
get_sha224_hmac(const struct hmac_data_in in, char (*out_hash)[SHA224_HEX_SIZE]) get_sha224_hmac(const struct hmac_data_in in, char (*out_hash)[SHA224_HEX_SIZE])
{ {
sha224_hmac_context ctx; struct sha224_hmac_context ctx;
sha224_hmac_init(&ctx, in.key, in.key_len); sha224_hmac_init(&ctx, in.key, in.key_len);
sha224_hmac_update(&ctx, in.data, in.data_len); sha224_hmac_update(&ctx, in.data, in.data_len);
byte *hash_byte = sha224_hmac_final(&ctx); byte *hash_byte = sha224_hmac_final(&ctx);

View File

@ -1,6 +1,6 @@
/* /*
* BIRD -- SHA-512 and SHA-384 Hash Functions, * BIRD Library -- SHA-512 and SHA-384 Hash Functions,
* HMAC-SHA-512 and HMAC-SHA-384 Functions * HMAC-SHA-512 and HMAC-SHA-384 Functions
* *
* (c) 2015 CZ.NIC z.s.p.o. * (c) 2015 CZ.NIC z.s.p.o.
* *
@ -22,10 +22,12 @@
#define U64_C(c) (c ## UL) /* Maybe is system dependent */ #define U64_C(c) (c ## UL) /* Maybe is system dependent */
static uint sha512_transform(void *context, const byte *data, size_t nblks);
void void
sha512_init(sha512_context *ctx) sha512_init(struct sha512_context *ctx)
{ {
sha512_state *hd = &ctx->state; struct sha512_state *hd = &ctx->state;
hd->h0 = U64_C(0x6a09e667f3bcc908); hd->h0 = U64_C(0x6a09e667f3bcc908);
hd->h1 = U64_C(0xbb67ae8584caa73b); hd->h1 = U64_C(0xbb67ae8584caa73b);
@ -44,9 +46,9 @@ sha512_init(sha512_context *ctx)
} }
void void
sha384_init(sha384_context *ctx) sha384_init(struct sha384_context *ctx)
{ {
sha512_state *hd = &ctx->state; struct sha512_state *hd = &ctx->state;
hd->h0 = U64_C(0xcbbb9d5dc1059ed8); hd->h0 = U64_C(0xcbbb9d5dc1059ed8);
hd->h1 = U64_C(0x629a292a367cd507); hd->h1 = U64_C(0x629a292a367cd507);
@ -64,7 +66,7 @@ sha384_init(sha384_context *ctx)
ctx->bctx.transform = sha512_transform; ctx->bctx.transform = sha512_transform;
} }
void sha512_update(sha512_context *ctx, const byte *in_buf, size_t in_len) void sha512_update(struct sha512_context *ctx, const byte *in_buf, size_t in_len)
{ {
sha256_update(&ctx->bctx, in_buf, in_len); sha256_update(&ctx->bctx, in_buf, in_len);
} }
@ -147,7 +149,7 @@ static const u64 k[] =
* Transform the message W which consists of 16 64-bit-words * Transform the message W which consists of 16 64-bit-words
*/ */
static uint static uint
sha512_transform_block(sha512_state *hd, const byte *data) sha512_transform_block(struct sha512_state *hd, const byte *data)
{ {
u64 a, b, c, d, e, f, g, h; u64 a, b, c, d, e, f, g, h;
u64 w[16]; u64 w[16];
@ -412,7 +414,7 @@ sha512_transform_block(sha512_state *hd, const byte *data)
static uint static uint
sha512_transform(void *context, const byte *data, size_t nblks) sha512_transform(void *context, const byte *data, size_t nblks)
{ {
sha512_context *ctx = context; struct sha512_context *ctx = context;
uint burn; uint burn;
do do
@ -433,7 +435,7 @@ sha512_transform(void *context, const byte *data, size_t nblks)
* we take the leftmost 48 of those bytes. * we take the leftmost 48 of those bytes.
*/ */
byte * byte *
sha512_final(sha512_context *ctx) sha512_final(struct sha512_context *ctx)
{ {
u64 t, th, msb, lsb; u64 t, th, msb, lsb;
byte *p; byte *p;
@ -495,14 +497,15 @@ sha512_final(sha512_context *ctx)
return ctx->bctx.buf; return ctx->bctx.buf;
} }
/**
/*
* SHA512-HMAC * SHA512-HMAC
*/ */
static void static void
sha512_hash_buffer(byte *outbuf, const byte *buffer, size_t length) sha512_hash_buffer(byte *outbuf, const byte *buffer, size_t length)
{ {
sha512_context hd_tmp; struct sha512_context hd_tmp;
sha512_init(&hd_tmp); sha512_init(&hd_tmp);
sha512_update(&hd_tmp, buffer, length); sha512_update(&hd_tmp, buffer, length);
@ -510,11 +513,11 @@ sha512_hash_buffer(byte *outbuf, const byte *buffer, size_t length)
} }
void void
sha512_hmac_init(sha512_hmac_context *ctx, const byte *key, size_t keylen) sha512_hmac_init(struct sha512_hmac_context *ctx, const byte *key, size_t keylen)
{ {
byte keybuf[SHA512_BLOCK_SIZE], buf[SHA512_BLOCK_SIZE]; byte keybuf[SHA512_BLOCK_SIZE], buf[SHA512_BLOCK_SIZE];
// Hash the key if necessary /* Hash the key if necessary */
if (keylen <= SHA512_BLOCK_SIZE) if (keylen <= SHA512_BLOCK_SIZE)
{ {
memcpy(keybuf, key, keylen); memcpy(keybuf, key, keylen);
@ -526,44 +529,45 @@ sha512_hmac_init(sha512_hmac_context *ctx, const byte *key, size_t keylen)
bzero(keybuf + SHA512_SIZE, SHA512_BLOCK_SIZE - SHA512_SIZE); bzero(keybuf + SHA512_SIZE, SHA512_BLOCK_SIZE - SHA512_SIZE);
} }
// Initialize the inner digest /* Initialize the inner digest */
sha512_init(&ctx->ictx); sha512_init(&ctx->ictx);
int i; int i;
for (i = 0; i < SHA512_BLOCK_SIZE; i++) for (i = 0; i < SHA512_BLOCK_SIZE; i++)
buf[i] = keybuf[i] ^ 0x36; buf[i] = keybuf[i] ^ 0x36;
sha512_update(&ctx->ictx, buf, SHA512_BLOCK_SIZE); sha512_update(&ctx->ictx, buf, SHA512_BLOCK_SIZE);
// Initialize the outer digest /* Initialize the outer digest */
sha512_init(&ctx->octx); sha512_init(&ctx->octx);
for (i = 0; i < SHA512_BLOCK_SIZE; i++) for (i = 0; i < SHA512_BLOCK_SIZE; i++)
buf[i] = keybuf[i] ^ 0x5c; buf[i] = keybuf[i] ^ 0x5c;
sha512_update(&ctx->octx, buf, SHA512_BLOCK_SIZE); sha512_update(&ctx->octx, buf, SHA512_BLOCK_SIZE);
} }
void sha512_hmac_update(sha512_hmac_context *ctx, const byte *buf, size_t buflen) void sha512_hmac_update(struct sha512_hmac_context *ctx, const byte *buf, size_t buflen)
{ {
// Just update the inner digest /* Just update the inner digest */
sha512_update(&ctx->ictx, buf, buflen); sha512_update(&ctx->ictx, buf, buflen);
} }
byte *sha512_hmac_final(sha512_hmac_context *ctx) byte *sha512_hmac_final(struct sha512_hmac_context *ctx)
{ {
// Finish the inner digest /* Finish the inner digest */
byte *isha = sha512_final(&ctx->ictx); byte *isha = sha512_final(&ctx->ictx);
// Finish the outer digest /* Finish the outer digest */
sha512_update(&ctx->octx, isha, SHA512_SIZE); sha512_update(&ctx->octx, isha, SHA512_SIZE);
return sha512_final(&ctx->octx); return sha512_final(&ctx->octx);
} }
/**
/*
* SHA384-HMAC * SHA384-HMAC
*/ */
static void static void
sha384_hash_buffer(byte *outbuf, const byte *buffer, size_t length) sha384_hash_buffer(byte *outbuf, const byte *buffer, size_t length)
{ {
sha384_context hd_tmp; struct sha384_context hd_tmp;
sha384_init(&hd_tmp); sha384_init(&hd_tmp);
sha384_update(&hd_tmp, buffer, length); sha384_update(&hd_tmp, buffer, length);
@ -571,11 +575,11 @@ sha384_hash_buffer(byte *outbuf, const byte *buffer, size_t length)
} }
void void
sha384_hmac_init(sha384_hmac_context *ctx, const byte *key, size_t keylen) sha384_hmac_init(struct sha384_hmac_context *ctx, const byte *key, size_t keylen)
{ {
byte keybuf[SHA384_BLOCK_SIZE], buf[SHA384_BLOCK_SIZE]; byte keybuf[SHA384_BLOCK_SIZE], buf[SHA384_BLOCK_SIZE];
// Hash the key if necessary /* Hash the key if necessary */
if (keylen <= SHA384_BLOCK_SIZE) if (keylen <= SHA384_BLOCK_SIZE)
{ {
memcpy(keybuf, key, keylen); memcpy(keybuf, key, keylen);
@ -587,32 +591,32 @@ sha384_hmac_init(sha384_hmac_context *ctx, const byte *key, size_t keylen)
bzero(keybuf + SHA384_SIZE, SHA384_BLOCK_SIZE - SHA384_SIZE); bzero(keybuf + SHA384_SIZE, SHA384_BLOCK_SIZE - SHA384_SIZE);
} }
// Initialize the inner digest /* Initialize the inner digest */
sha384_init(&ctx->ictx); sha384_init(&ctx->ictx);
int i; int i;
for (i = 0; i < SHA384_BLOCK_SIZE; i++) for (i = 0; i < SHA384_BLOCK_SIZE; i++)
buf[i] = keybuf[i] ^ 0x36; buf[i] = keybuf[i] ^ 0x36;
sha384_update(&ctx->ictx, buf, SHA384_BLOCK_SIZE); sha384_update(&ctx->ictx, buf, SHA384_BLOCK_SIZE);
// Initialize the outer digest /* Initialize the outer digest */
sha384_init(&ctx->octx); sha384_init(&ctx->octx);
for (i = 0; i < SHA384_BLOCK_SIZE; i++) for (i = 0; i < SHA384_BLOCK_SIZE; i++)
buf[i] = keybuf[i] ^ 0x5c; buf[i] = keybuf[i] ^ 0x5c;
sha384_update(&ctx->octx, buf, SHA384_BLOCK_SIZE); sha384_update(&ctx->octx, buf, SHA384_BLOCK_SIZE);
} }
void sha384_hmac_update(sha384_hmac_context *ctx, const byte *buf, size_t buflen) void sha384_hmac_update(struct sha384_hmac_context *ctx, const byte *buf, size_t buflen)
{ {
// Just update the inner digest /* Just update the inner digest */
sha384_update(&ctx->ictx, buf, buflen); sha384_update(&ctx->ictx, buf, buflen);
} }
byte *sha384_hmac_final(sha384_hmac_context *ctx) byte *sha384_hmac_final(struct sha384_hmac_context *ctx)
{ {
// Finish the inner digest /* Finish the inner digest */
byte *isha = sha384_final(&ctx->ictx); byte *isha = sha384_final(&ctx->ictx);
// Finish the outer digest /* Finish the outer digest */
sha384_update(&ctx->octx, isha, SHA384_SIZE); sha384_update(&ctx->octx, isha, SHA384_SIZE);
return sha384_final(&ctx->octx); return sha384_final(&ctx->octx);
} }

View File

@ -1,6 +1,6 @@
/* /*
* BIRD -- SHA-512 and SHA-384 Hash Functions, * BIRD Library -- SHA-512 and SHA-384 Hash Functions,
* HMAC-SHA-512 and HMAC-SHA-384 Functions * HMAC-SHA-512 and HMAC-SHA-384 Functions
* *
* (c) 2015 CZ.NIC z.s.p.o. * (c) 2015 CZ.NIC z.s.p.o.
* *
@ -24,53 +24,51 @@
#define SHA512_HEX_SIZE 129 #define SHA512_HEX_SIZE 129
#define SHA512_BLOCK_SIZE 128 #define SHA512_BLOCK_SIZE 128
typedef struct struct sha512_state
{ {
u64 h0, h1, h2, h3, h4, h5, h6, h7; u64 h0, h1, h2, h3, h4, h5, h6, h7;
} sha512_state; };
typedef struct struct sha512_context
{ {
sha256_context bctx; struct sha256_context bctx;
sha512_state state; struct sha512_state state;
} sha512_context; };
typedef sha512_context sha384_context; #define sha384_context sha512_context /* aliasing 'struct sha384_context' to 'struct sha512_context' */
void sha512_init(sha512_context *ctx); void sha512_init(struct sha512_context *ctx);
void sha384_init(sha384_context *ctx); void sha384_init(struct sha384_context *ctx);
void sha512_update(sha512_context *ctx, const byte *in_buf, size_t in_len); void sha512_update(struct sha512_context *ctx, const byte *in_buf, size_t in_len);
void sha384_update(sha384_context *ctx, const byte *in_buf, size_t in_len) static inline void sha384_update(struct sha384_context *ctx, const byte *in_buf, size_t in_len)
{ {
sha512_update(ctx, in_buf, in_len); sha512_update(ctx, in_buf, in_len);
} }
byte* sha512_final(sha512_context *ctx); byte* sha512_final(struct sha512_context *ctx);
byte* sha384_final(sha384_context *ctx) static inline byte* sha384_final(struct sha384_context *ctx)
{ {
return sha512_final(ctx); return sha512_final(ctx);
} }
static uint sha512_transform(void *context, const byte *data, size_t nblks); /*
/**
* HMAC-SHA512, HMAC-SHA384 * HMAC-SHA512, HMAC-SHA384
*/ */
typedef struct struct sha512_hmac_context
{ {
sha512_context ictx; struct sha512_context ictx;
sha512_context octx; struct sha512_context octx;
} sha512_hmac_context; } ;
typedef sha512_hmac_context sha384_hmac_context; #define sha384_hmac_context sha512_hmac_context /* aliasing 'struct sha384_hmac_context' to 'struct sha384_hmac_context' */
void sha512_hmac_init(sha512_hmac_context *ctx, const byte *key, size_t keylen); void sha512_hmac_init(struct sha512_hmac_context *ctx, const byte *key, size_t keylen);
void sha384_hmac_init(sha384_hmac_context *ctx, const byte *key, size_t keylen); void sha384_hmac_init(struct sha384_hmac_context *ctx, const byte *key, size_t keylen);
void sha512_hmac_update(sha512_hmac_context *ctx, const byte *buf, size_t buflen); void sha512_hmac_update(struct sha512_hmac_context *ctx, const byte *buf, size_t buflen);
void sha384_hmac_update(sha384_hmac_context *ctx, const byte *buf, size_t buflen); void sha384_hmac_update(struct sha384_hmac_context *ctx, const byte *buf, size_t buflen);
byte *sha512_hmac_final(sha512_hmac_context *ctx); byte *sha512_hmac_final(struct sha512_hmac_context *ctx);
byte *sha384_hmac_final(sha384_hmac_context *ctx); byte *sha384_hmac_final(struct sha384_hmac_context *ctx);
#endif /* _BIRD_SHA512_H_ */ #endif /* _BIRD_SHA512_H_ */

View File

@ -1,5 +1,5 @@
/* /*
* BIRD -- SHA-512, SHA-384, HMAC-SHA-512 and HMAC-SHA-384 Tests * BIRD Library -- SHA-512, SHA-384, HMAC-SHA-512 and HMAC-SHA-384 Tests
* *
* (c) 2015 CZ.NIC z.s.p.o. * (c) 2015 CZ.NIC z.s.p.o.
* *
@ -25,7 +25,7 @@ byte_to_hex(char *out, const byte *in, uint len)
static void static void
get_sha512(const char *str, char (*out_hash)[SHA512_HEX_SIZE]) get_sha512(const char *str, char (*out_hash)[SHA512_HEX_SIZE])
{ {
sha512_context ctx; struct sha512_context ctx;
sha512_init(&ctx); sha512_init(&ctx);
sha512_update(&ctx, str, strlen(str)); sha512_update(&ctx, str, strlen(str));
byte *hash = sha512_final(&ctx); byte *hash = sha512_final(&ctx);
@ -35,7 +35,7 @@ get_sha512(const char *str, char (*out_hash)[SHA512_HEX_SIZE])
static void static void
get_sha384(const char *str, char (*out_hash)[SHA384_HEX_SIZE]) get_sha384(const char *str, char (*out_hash)[SHA384_HEX_SIZE])
{ {
sha384_context ctx; struct sha384_context ctx;
sha384_init(&ctx); sha384_init(&ctx);
sha384_update(&ctx, str, strlen(str)); sha384_update(&ctx, str, strlen(str));
byte *hash = sha384_final(&ctx); byte *hash = sha384_final(&ctx);
@ -125,13 +125,13 @@ t_sha512_concating(void)
char *str_b5 = "eeeee" ; char *str_b5 = "eeeee" ;
char *str_b6 = "ffffff"; char *str_b6 = "ffffff";
sha512_context ctx_a; struct sha512_context ctx_a;
sha512_init(&ctx_a); sha512_init(&ctx_a);
sha512_update(&ctx_a, str_a, strlen(str_a)); sha512_update(&ctx_a, str_a, strlen(str_a));
byte *hash_a_ = sha512_final(&ctx_a); byte *hash_a_ = sha512_final(&ctx_a);
byte_to_hex(hash_a, hash_a_, SHA512_SIZE); byte_to_hex(hash_a, hash_a_, SHA512_SIZE);
sha512_context ctx_b; struct sha512_context ctx_b;
sha512_init(&ctx_b); sha512_init(&ctx_b);
sha512_update(&ctx_b, str_b1, strlen(str_b1)); sha512_update(&ctx_b, str_b1, strlen(str_b1));
sha512_update(&ctx_b, str_b2, strlen(str_b2)); sha512_update(&ctx_b, str_b2, strlen(str_b2));
@ -159,7 +159,7 @@ struct hmac_data_in {
static void static void
get_sha512_hmac(const struct hmac_data_in in, char (*out_hash)[SHA512_HEX_SIZE]) get_sha512_hmac(const struct hmac_data_in in, char (*out_hash)[SHA512_HEX_SIZE])
{ {
sha512_hmac_context ctx; struct sha512_hmac_context ctx;
sha512_hmac_init(&ctx, in.key, in.key_len); sha512_hmac_init(&ctx, in.key, in.key_len);
sha512_hmac_update(&ctx, in.data, in.data_len); sha512_hmac_update(&ctx, in.data, in.data_len);
byte *hash_byte = sha512_hmac_final(&ctx); byte *hash_byte = sha512_hmac_final(&ctx);
@ -169,7 +169,7 @@ get_sha512_hmac(const struct hmac_data_in in, char (*out_hash)[SHA512_HEX_SIZE])
static void static void
get_sha384_hmac(const struct hmac_data_in in, char (*out_hash)[SHA384_HEX_SIZE]) get_sha384_hmac(const struct hmac_data_in in, char (*out_hash)[SHA384_HEX_SIZE])
{ {
sha384_hmac_context ctx; struct sha384_hmac_context ctx;
sha384_hmac_init(&ctx, in.key, in.key_len); sha384_hmac_init(&ctx, in.key, in.key_len);
sha384_hmac_update(&ctx, in.data, in.data_len); sha384_hmac_update(&ctx, in.data, in.data_len);
byte *hash_byte = sha384_hmac_final(&ctx); byte *hash_byte = sha384_hmac_final(&ctx);

View File

@ -109,7 +109,7 @@ ospf_pkt_finalize(struct ospf_iface *ifa, struct ospf_packet *pkt)
char password[OSPF_AUTH_CRYPT_SIZE]; char password[OSPF_AUTH_CRYPT_SIZE];
strncpy(password, passwd->password, sizeof(password)); strncpy(password, passwd->password, sizeof(password));
md5_context ctxt; struct md5_context ctxt;
md5_init(&ctxt); md5_init(&ctxt);
md5_update(&ctxt, (char *) pkt, plen); md5_update(&ctxt, (char *) pkt, plen);
md5_update(&ctxt, password, OSPF_AUTH_CRYPT_SIZE); md5_update(&ctxt, password, OSPF_AUTH_CRYPT_SIZE);
@ -181,7 +181,7 @@ ospf_pkt_checkauth(struct ospf_neighbor *n, struct ospf_iface *ifa, struct ospf_
strncpy(passwd, pass->password, OSPF_AUTH_CRYPT_SIZE); strncpy(passwd, pass->password, OSPF_AUTH_CRYPT_SIZE);
md5_context ctxt; struct md5_context ctxt;
md5_init(&ctxt); md5_init(&ctxt);
md5_update(&ctxt, (char *) pkt, plen); md5_update(&ctxt, (char *) pkt, plen);
md5_update(&ctxt, passwd, OSPF_AUTH_CRYPT_SIZE); md5_update(&ctxt, passwd, OSPF_AUTH_CRYPT_SIZE);

View File

@ -35,42 +35,42 @@
int int
rip_incoming_authentication( struct proto *p, struct rip_block_auth *block, struct rip_packet *packet, int num, ip_addr whotoldme ) rip_incoming_authentication( struct proto *p, struct rip_block_auth *block, struct rip_packet *packet, int num, ip_addr whotoldme )
{ {
DBG( "Incoming authentication: " ); DBG("Incoming authentication: " );
switch (ntohs(block->authtype)) { /* Authentication type */ switch (ntohs(block->authtype)) { /* Authentication type */
case AT_PLAINTEXT: case AT_PLAINTEXT:
{ {
struct password_item *passwd = password_find(P_CF->passwords, 1); struct password_item *passwd = password_find(P_CF->passwords, 1);
DBG( "Plaintext passwd" ); DBG("Plaintext passwd" );
if (!passwd) { if (!passwd) {
log( L_AUTH "No passwords set and password authentication came" ); log(L_AUTH "No passwords set and password authentication came" );
return 1; return 1;
} }
if (strncmp( (char *) (&block->packetlen), passwd->password, 16)) { if (strncmp( (char *) (&block->packetlen), passwd->password, 16)) {
log( L_AUTH "Passwd authentication failed!" ); log(L_AUTH "Passwd authentication failed!" );
DBG( "Expected %s, got %.16s\n", passwd->password, &block->packetlen ); DBG("Expected %s, got %.16s\n", passwd->password, &block->packetlen );
return 1; return 1;
} }
} }
break; break;
case AT_MD5: case AT_MD5:
DBG( "md5 password" ); DBG("md5 password" );
{ {
struct password_item *pass = NULL, *ptmp; struct password_item *pass = NULL, *ptmp;
struct rip_md5_tail *tail; struct rip_md5_tail *tail;
md5_context ctxt; struct md5_context ctxt;
char md5sum_packet[16]; char md5sum_packet[16];
char *md5sum_computed; char *md5sum_computed;
struct neighbor *neigh = neigh_find(p, &whotoldme, 0); struct neighbor *neigh = neigh_find(p, &whotoldme, 0);
list *l = P_CF->passwords; list *l = P_CF->passwords;
if (ntohs(block->packetlen) != PACKETLEN(num) - sizeof(struct rip_md5_tail) ) { if (ntohs(block->packetlen) != PACKETLEN(num) - sizeof(struct rip_md5_tail) ) {
log( L_ERR "Packet length in MD5 does not match computed value" ); log(L_ERR "Packet length in MD5 does not match computed value" );
return 1; return 1;
} }
tail = (struct rip_md5_tail *) ((char *) packet + (ntohs(block->packetlen) )); tail = (struct rip_md5_tail *) ((char *) packet + (ntohs(block->packetlen) ));
if ((tail->mustbeFFFF != 0xffff) || (tail->mustbe0001 != 0x0100)) { if ((tail->mustbeFFFF != 0xffff) || (tail->mustbe0001 != 0x0100)) {
log( L_ERR "MD5 tail signature is not there" ); log(L_ERR "MD5 tail signature is not there" );
return 1; return 1;
} }
@ -85,10 +85,10 @@ rip_incoming_authentication( struct proto *p, struct rip_block_auth *block, stru
if(!pass) return 1; if(!pass) return 1;
if (!neigh) { if (!neigh) {
log( L_AUTH "Non-neighbour MD5 checksummed packet?" ); log(L_AUTH "Non-neighbour MD5 checksummed packet?" );
} else { } else {
if (neigh->aux > block->seq) { if (neigh->aux > block->seq) {
log( L_AUTH "MD5 protected packet with lower numbers" ); log(L_AUTH "MD5 protected packet with lower numbers" );
return 1; return 1;
} }
neigh->aux = block->seq; neigh->aux = block->seq;
@ -120,10 +120,10 @@ rip_outgoing_authentication( struct proto *p, struct rip_block_auth *block, stru
if (!P_CF->authtype) if (!P_CF->authtype)
return PACKETLEN(num); return PACKETLEN(num);
DBG( "Outgoing authentication: " ); DBG("Outgoing authentication: " );
if (!passwd) { if (!passwd) {
log( L_ERR "No suitable password found for authentication" ); log(L_ERR "No suitable password found for authentication" );
return PACKETLEN(num); return PACKETLEN(num);
} }
@ -136,11 +136,11 @@ rip_outgoing_authentication( struct proto *p, struct rip_block_auth *block, stru
case AT_MD5: case AT_MD5:
{ {
struct rip_md5_tail *tail; struct rip_md5_tail *tail;
md5_context ctxt; struct md5_context ctxt;
static u32 sequence = 0; static u32 sequence = 0;
if (num > PACKET_MD5_MAX) if (num > PACKET_MD5_MAX)
bug( "We can not add MD5 authentication to this long packet" ); bug("We can not add MD5 authentication to this long packet" );
/* need to preset the sequence number to a sane value */ /* need to preset the sequence number to a sane value */
if (!sequence) if (!sequence)
@ -163,6 +163,6 @@ rip_outgoing_authentication( struct proto *p, struct rip_block_auth *block, stru
return PACKETLEN(num) + block->authlen; return PACKETLEN(num) + block->authlen;
} }
default: default:
bug( "Unknown authtype in outgoing authentication?" ); bug("Unknown authtype in outgoing authentication?" );
} }
} }