diff --git a/demos/latex-tables.c b/demos/latex-tables.c index becd94208..776b028df 100644 --- a/demos/latex-tables.c +++ b/demos/latex-tables.c @@ -69,37 +69,10 @@ static const char *s_map_mode(enum cipher_mode mode) exit(1); } - -static void LTC_NORETURN die(int status) -{ - FILE* o = status == EXIT_SUCCESS ? stdout : stderr; - fprintf(o, - "Usage: latex-tables [<-h>]\n\n" - "Generate LaTeX tables from some library internal data.\n\n" - "\t-h\tThe help you're looking at.\n" - ); - exit(status); -} - -static int s_to_lower(const char *in, char *out, unsigned long *outlen) -{ - unsigned long n; - for (n = 0; n < *outlen && in[n]; ++n) { - out[n] = tolower(in[n]); - } - if (n == *outlen) - return CRYPT_BUFFER_OVERFLOW; - out[n] = '\0'; - *outlen = n; - return CRYPT_OK; -} - -int main(int argc, char **argv) +static int print_pem_ciphers(void) { unsigned long n; - if (argc > 1 && strstr(argv[1], "-h")) - die(0); - printf("PEM ciphers:\n\n"); + printf("\nPEM ciphers:\n\n"); for (n = 0; n < pem_dek_infos_num; ++n) { char nbuf[32] = {0}; size_t nlen = strlen(pem_dek_infos[n].name); @@ -110,7 +83,12 @@ int main(int argc, char **argv) pem_dek_infos[n].keylen * 8, s_map_mode(pem_dek_infos[n].mode)); } + return 0; +} +static int print_ssh_ciphers(void) +{ + unsigned long n; printf("\nSSH ciphers:\n\n"); for (n = 0; n < ssh_ciphers_num; ++n) { char nbuf[32] = {0}; @@ -119,10 +97,28 @@ int main(int argc, char **argv) nbuf[nlen] = '}'; printf("\\hline \\texttt{%-30s & %-16s & %-24ld & %-6s \\\\\n", nbuf, s_map_cipher(ssh_ciphers[n].algo), - ssh_ciphers[n].keylen * 8, + ssh_ciphers[n].keylen * 8, s_map_mode(ssh_ciphers[n].mode)); } + return 0; +} + +static int s_to_lower(const char *in, char *out, unsigned long *outlen) +{ + unsigned long n; + for (n = 0; n < *outlen && in[n]; ++n) { + out[n] = tolower(in[n]); + } + if (n == *outlen) + return CRYPT_BUFFER_OVERFLOW; + out[n] = '\0'; + *outlen = n; + return CRYPT_OK; +} +static int print_ecc_curves(void) +{ + unsigned long n; printf("\nECC curves:\n\n"); for (n = 0; ltc_ecc_curves[n].OID != NULL; ++n) { const char * const *names; @@ -166,6 +162,174 @@ int main(int argc, char **argv) lower[lowerl + 2] = '\0'; printf("\\hline \\texttt%-17s & %-36s & %-21s \\\\\n", lower, buf, ltc_ecc_curves[n].OID); } + return 0; +} + +static int s_to_upper(const char *in, char *out, unsigned long *outlen) +{ + unsigned long n; + for (n = 0; n < *outlen && in[n]; ++n) { + out[n] = toupper(in[n]); + } + if (n == *outlen) + return CRYPT_BUFFER_OVERFLOW; + out[n] = '\0'; + *outlen = n; + return CRYPT_OK; +} + +static int s_to_desc(const char *in, char *out, unsigned long outlen, int has_desc) +{ + unsigned long n, m; + if (outlen < 6) goto err_exit; + XMEMCPY(out, "\\code{", 6); + m = 6; + for (n = 0; m < outlen - 1 && in[n]; ++n, ++m) { + if (in[n] == '-' || in[n] == '_') { + out[m++] = '\\'; + out[m] = '_'; + } else + out[m] = tolower(in[n]); + } + if (outlen <= m) goto err_exit; + if (!has_desc) { + XMEMCPY(&out[m], "\\_desc", 6); + m += 6; + } + out[m++] = '}'; + out[m] = '\0'; + return CRYPT_OK; +err_exit: + fprintf(stderr, "Error: Can't print descriptor %s\n", in); + exit(1); +} + +struct desc { + void *orig; + char desc[64]; +}; + +static int hash_sorter(const void *a, const void *b) +{ + const struct ltc_hash_descriptor *A, *B; + A = ((const struct desc*)a)->orig; + B = ((const struct desc*)b)->orig; + if (A->hashsize < B->hashsize) return 1; + if (A->hashsize > B->hashsize) return -1; + if (A->ID < B->ID) return -1; + if (A->ID > B->ID) return 1; + return 0; +} + +static void print_hash_line(const char *name, const struct ltc_hash_descriptor *p) +{ + char nbuf[32]; + unsigned long nlen = sizeof(nbuf); + s_to_upper(p->name, nbuf, &nlen); + printf("\\hline %-17s & %-32s & %lu & %2d \\\\\n", nbuf, name, p->hashsize, p->ID); +} + +static int print_hash_descriptors(void) +{ + const struct { + const char *name; + const struct ltc_hash_descriptor * desc; + } special_hash_descriptors[] = { +#define HASH_DESC(name) { #name, &name } + HASH_DESC(sha256_portable_desc), +#ifdef LTC_SHA256_X86 + HASH_DESC(sha256_x86_desc), +#endif + HASH_DESC(sha224_portable_desc), +#ifdef LTC_SHA224_X86 + HASH_DESC(sha224_x86_desc), +#endif + HASH_DESC(sha1_portable_desc), +#ifdef LTC_SHA1_X86 + HASH_DESC(sha1_x86_desc), +#endif + }; + struct desc descs[TAB_SIZE + 1] = {0}; + int ids[TAB_SIZE + 1] = {0}; + unsigned long n; + + printf("\nhash descriptors:\n\n"); + register_all_hashes(); + + for (n = 0; hash_descriptor[n].name != NULL && n < TAB_SIZE; ++n) { + if (hash_descriptor[n].ID > TAB_SIZE) { + printf("Hash descriptor '%s' has invalid ID %d\n", hash_descriptor[n].name, hash_descriptor[n].ID); + return EXIT_FAILURE; + } + if (ids[hash_descriptor[n].ID] != 0) { + printf("Hash descriptor '%s' has duplicate ID %d\n", hash_descriptor[n].name, hash_descriptor[n].ID); + return EXIT_FAILURE; + } + ids[hash_descriptor[n].ID] = 1; + descs[n].orig = &hash_descriptor[n]; + s_to_desc(hash_descriptor[n].name, descs[n].desc, sizeof(descs[n].desc), 0); + } + qsort(descs, n, sizeof(struct desc), &hash_sorter); + for (n = 0; hash_descriptor[n].name != NULL && n < TAB_SIZE; ++n) { + print_hash_line(descs[n].desc, descs[n].orig); + } + + printf("\nspecial hash descriptors:\n\n"); + for (n = 0; n < LTC_ARRAY_SIZE(special_hash_descriptors); ++n) { + char nbuf[64]; + unsigned long nlen = sizeof(nbuf); + s_to_desc(special_hash_descriptors[n].name, nbuf, nlen, 1); + print_hash_line(nbuf, special_hash_descriptors[n].desc); + } + return 0; +} + +static void LTC_NORETURN die(int status) +{ + FILE* o = status == EXIT_SUCCESS ? stdout : stderr; + fprintf(o, + "Usage: latex-tables [<-h|-l|type>]\n\n" + "Generate LaTeX tables from some library internal data.\n\n" + "\ttype\tThe type of table to print.\n" + "\t-l\tList all built-in types that can be printed.\n" + "\t-h\tThe help you're looking at.\n" + ); + exit(status); +} + +int main(int argc, char **argv) +{ + const struct { + const char *name; + int (*printer)(void); + } printers[] = { + #define PRINTER(name) { #name, print_ ## name } + PRINTER(hash_descriptors), + PRINTER(pem_ciphers), + PRINTER(ssh_ciphers), + PRINTER(ecc_curves), + #undef PRINTER + }; + int err; + unsigned long n; + if (argc > 1) { + if (strstr(argv[1], "-h")) + die(0); + if (strstr(argv[1], "-l")) { + for (n = 0; n < LTC_ARRAY_SIZE(printers); ++n) { + printf("%s\n", printers[n].name); + } + return 0; + } + } + printf("libtomcrypt latex tables\n"); + + for (n = 0; n < LTC_ARRAY_SIZE(printers); ++n) { + if (argc > 1 && strstr(printers[n].name, argv[1]) == NULL) + continue; + if ((err = printers[n].printer()) != 0) + return err; + } return 0; } diff --git a/doc/crypt.tex b/doc/crypt.tex index 982103389..ad6dca4f9 100644 --- a/doc/crypt.tex +++ b/doc/crypt.tex @@ -2926,51 +2926,73 @@ \subsection{Hash Registration} \end{verbatim} The following hashes are provided as of this release within the LibTomCrypt library: -\index{Hash descriptor table} +\index{Hash descriptor tables} \begin{figure}[H] \begin{center} \begin{tabular}{|c|c|c|c|} - \hline \textbf{Name} & \textbf{Descriptor Name} & \textbf{Size of Message Digest (bytes)} & \textbf{Id} \\ - \hline WHIRLPOOL & whirlpool\_desc & 64 & 11 \\ - \hline Keccak512 & keccak\_512\_desc & 64 & 32 \\ - \hline SHA3-512 & sha3\_512\_desc & 64 & 20 \\ - \hline SHA-512 & sha512\_desc & 64 & 5 \\ - \hline BLAKE2B-512 & blake2b\_512\_desc & 64 & 28 \\ - \hline Keccak384 & keccak\_384\_desc & 48 & 31 \\ - \hline SHA3-384 & sha3\_384\_desc & 48 & 19 \\ - \hline SHA-384 & sha384\_desc & 48 & 4 \\ - \hline BLAKE2B-384 & blake2b\_384\_desc & 48 & 27 \\ - \hline RIPEMD-320 & rmd160\_desc & 40 & 14 \\ - \hline SHA-512/256 & sha512\_256\_desc & 32 & 16 \\ - \hline Keccak256 & keccak\_256\_desc & 32 & 30 \\ - \hline SHA3-256 & sha3\_256\_desc & 32 & 18 \\ - \hline SHA-256 & sha256\_desc & 32 & 0 \\ - \hline RIPEMD-256 & rmd160\_desc & 32 & 13 \\ - \hline BLAKE2S-256 & blake2s\_256\_desc & 32 & 24 \\ - \hline BLAKE2B-256 & blake2b\_256\_desc & 32 & 26 \\ - \hline SHA-512/224 & sha512\_224\_desc & 28 & 15 \\ - \hline Keccak224 & keccak\_224\_desc & 28 & 29 \\ - \hline SHA3-224 & sha3\_224\_desc & 28 & 17 \\ - \hline SHA-224 & sha224\_desc & 28 & 10 \\ - \hline BLAKE2S-224 & blake2s\_224\_desc & 28 & 23 \\ - \hline TIGER-192 & tiger\_desc & 24 & 1 \\ - \hline TIGER2-192 & tiger2\_desc & 24 & 33 \\ - \hline SHA-1 & sha1\_desc & 20 & 2 \\ - \hline RIPEMD-160 & rmd160\_desc & 20 & 9 \\ - \hline BLAKE2S-160 & blake2s\_160\_desc & 20 & 22 \\ - \hline BLAKE2B-160 & blake2b\_160\_desc & 20 & 25 \\ - \hline RIPEMD-128 & rmd128\_desc & 16 & 8 \\ - \hline MD5 & md5\_desc & 16 & 3 \\ - \hline MD4 & md4\_desc & 16 & 6 \\ - \hline MD2 & md2\_desc & 16 & 7 \\ - \hline BLAKE2S-128 & blake2s\_128\_desc & 16 & 21 \\ - \hline +\hline \textbf{Name} & \textbf{Descriptor Name} & \textbf{Size of Message Digest (bytes)} & \textbf{Id} \\ +\hline SHA512 & \code{sha512\_desc} & 64 & 5 \\ +\hline WHIRLPOOL & \code{whirlpool\_desc} & 64 & 11 \\ +\hline SHA3-512 & \code{sha3\_512\_desc} & 64 & 20 \\ +\hline BLAKE2B-512 & \code{blake2b\_512\_desc} & 64 & 28 \\ +\hline KECCAK512 & \code{keccak512\_desc} & 64 & 32 \\ +\hline SHAKE256 & \code{shake256\_desc} & 64 & 35 \\ +\hline SHA384 & \code{sha384\_desc} & 48 & 4 \\ +\hline SHA3-384 & \code{sha3\_384\_desc} & 48 & 19 \\ +\hline BLAKE2B-384 & \code{blake2b\_384\_desc} & 48 & 27 \\ +\hline KECCAK384 & \code{keccak384\_desc} & 48 & 31 \\ +\hline RMD320 & \code{rmd320\_desc} & 40 & 14 \\ +\hline SHA256 & \code{sha256\_desc} & 32 & 0 \\ +\hline RMD256 & \code{rmd256\_desc} & 32 & 13 \\ +\hline SHA512-256 & \code{sha512\_256\_desc} & 32 & 16 \\ +\hline SHA3-256 & \code{sha3\_256\_desc} & 32 & 18 \\ +\hline BLAKE2S-256 & \code{blake2s\_256\_desc} & 32 & 24 \\ +\hline BLAKE2B-256 & \code{blake2b\_256\_desc} & 32 & 26 \\ +\hline KECCAK256 & \code{keccak256\_desc} & 32 & 30 \\ +\hline SHAKE128 & \code{shake128\_desc} & 32 & 34 \\ +\hline SHA224 & \code{sha224\_desc} & 28 & 10 \\ +\hline SHA512-224 & \code{sha512\_224\_desc} & 28 & 15 \\ +\hline SHA3-224 & \code{sha3\_224\_desc} & 28 & 17 \\ +\hline BLAKE2S-224 & \code{blake2s\_224\_desc} & 28 & 23 \\ +\hline KECCAK224 & \code{keccak224\_desc} & 28 & 29 \\ +\hline TIGER & \code{tiger\_desc} & 24 & 1 \\ +\hline TIGER2 & \code{tiger2\_desc} & 24 & 33 \\ +\hline SHA1 & \code{sha1\_desc} & 20 & 2 \\ +\hline RMD160 & \code{rmd160\_desc} & 20 & 9 \\ +\hline BLAKE2S-160 & \code{blake2s\_160\_desc} & 20 & 22 \\ +\hline BLAKE2B-160 & \code{blake2b\_160\_desc} & 20 & 25 \\ +\hline MD5 & \code{md5\_desc} & 16 & 3 \\ +\hline MD4 & \code{md4\_desc} & 16 & 6 \\ +\hline MD2 & \code{md2\_desc} & 16 & 7 \\ +\hline RMD128 & \code{rmd128\_desc} & 16 & 8 \\ +\hline BLAKE2S-128 & \code{blake2s\_128\_desc} & 16 & 21 \\ + +\hline \end{tabular} \end{center} -\caption{Built--In Software Hashes} +\caption{Built--In Hashes} \end{figure} -\vfil + +Additional to those standard descriptors, there exist the following target-specific hash descriptors: + +\begin{figure}[H] +\begin{center} +\begin{tabular}{|c|c|c|c|} +\hline \textbf{Name} & \textbf{Descriptor Name} & \textbf{Size of Message Digest (bytes)} & \textbf{Id} \\ +\hline SHA256 & \code{sha256\_portable\_desc} & 32 & 0 \\ +\hline SHA256 & \code{sha256\_x86\_desc} & 32 & 0 \\ +\hline SHA224 & \code{sha224\_portable\_desc} & 28 & 10 \\ +\hline SHA224 & \code{sha224\_x86\_desc} & 28 & 10 \\ +\hline SHA1 & \code{sha1\_portable\_desc} & 20 & 2 \\ +\hline SHA1 & \code{sha1\_x86\_desc} & 20 & 2 \\ +\hline +\end{tabular} +\end{center} +\caption{Target--specific hash descriptors} +\end{figure} + +Those descriptors don't necessarily exist in all builds and their usage may only make sense in some setups. \mysection{Cipher Hash Construction} \index{Cipher Hash Construction} diff --git a/src/hashes/sha1.c b/src/hashes/sha1.c index 72ef692d1..ceba996be 100644 --- a/src/hashes/sha1.c +++ b/src/hashes/sha1.c @@ -179,27 +179,6 @@ static int s_sha1_c_compress(hash_state *md, const unsigned char *buf) } #endif -/** - Initialize the hash state - @param md The hash state you wish to initialize - @return CRYPT_OK if successful -*/ -int sha1_c_init(hash_state * md) -{ - LTC_ARGCHK(md != NULL); - - md->sha1.state = LTC_ALIGN_BUF(md->sha1.state_buf, 16); - - md->sha1.state[0] = 0x67452301UL; - md->sha1.state[1] = 0xefcdab89UL; - md->sha1.state[2] = 0x98badcfeUL; - md->sha1.state[3] = 0x10325476UL; - md->sha1.state[4] = 0xc3d2e1f0UL; - md->sha1.curlen = 0; - md->sha1.length = 0; - return CRYPT_OK; -} - /** Process a block of memory though the hash @param md The hash state @@ -207,7 +186,22 @@ int sha1_c_init(hash_state * md) @param inlen The length of the data (octets) @return CRYPT_OK if successful */ -HASH_PROCESS(sha1_c_process, s_sha1_c_compress, sha1, 64) +static HASH_PROCESS(s_sha1_c_process, s_sha1_c_compress, sha1, 64) + +static LTC_INLINE void s_sha1_c_fixup_state(hash_state * md) +{ + ulong32 *state = LTC_ALIGN_BUF(md->sha1.state_buf, 16); + if (state != md->sha1.state) { + XMEMMOVE(state, md->sha1.state, 5 * sizeof(ulong32)); + md->sha1.state = state; + } +} + +int sha1_c_process (hash_state * md, const unsigned char *in, unsigned long inlen) +{ + s_sha1_c_fixup_state(md); + return s_sha1_c_process(md, in, inlen); +} /** Terminate the hash to get the digest @@ -226,6 +220,8 @@ int sha1_c_done(hash_state * md, unsigned char *out) return CRYPT_INVALID_ARG; } + s_sha1_c_fixup_state(md); + /* increase the length of the message */ md->sha1.length += md->sha1.curlen * 8; diff --git a/src/hashes/sha1_desc.c b/src/hashes/sha1_desc.c index 8b83687ea..751ec0fe6 100644 --- a/src/hashes/sha1_desc.c +++ b/src/hashes/sha1_desc.c @@ -79,12 +79,18 @@ static LTC_INLINE int s_sha1_x86_is_supported(void) */ int sha1_init(hash_state * md) { -#if defined LTC_SHA1_X86 - if(s_sha1_x86_is_supported()) { - return sha1_x86_init(md); - } -#endif - return sha1_c_init(md); + LTC_ARGCHK(md != NULL); + + md->sha1.state = LTC_ALIGN_BUF(md->sha1.state_buf, 16); + + md->sha1.state[0] = 0x67452301UL; + md->sha1.state[1] = 0xefcdab89UL; + md->sha1.state[2] = 0x98badcfeUL; + md->sha1.state[3] = 0x10325476UL; + md->sha1.state[4] = 0xc3d2e1f0UL; + md->sha1.curlen = 0; + md->sha1.length = 0; + return CRYPT_OK; } /** diff --git a/src/hashes/sha1_x86.c b/src/hashes/sha1_x86.c index c1c5408be..7739f35b5 100644 --- a/src/hashes/sha1_x86.c +++ b/src/hashes/sha1_x86.c @@ -191,27 +191,6 @@ static int s_sha1_x86_compress(hash_state *md, const unsigned char *buf) } #endif -/** - Initialize the hash state - @param md The hash state you wish to initialize - @return CRYPT_OK if successful -*/ -int sha1_x86_init(hash_state * md) -{ - LTC_ARGCHK(md != NULL); - - md->sha1.state = LTC_ALIGN_BUF(md->sha1.state_buf, 16); - - md->sha1.state[0] = 0x67452301UL; - md->sha1.state[1] = 0xefcdab89UL; - md->sha1.state[2] = 0x98badcfeUL; - md->sha1.state[3] = 0x10325476UL; - md->sha1.state[4] = 0xc3d2e1f0UL; - md->sha1.curlen = 0; - md->sha1.length = 0; - return CRYPT_OK; -} - /** Process a block of memory though the hash @param md The hash state @@ -219,7 +198,22 @@ int sha1_x86_init(hash_state * md) @param inlen The length of the data (octets) @return CRYPT_OK if successful */ -HASH_PROCESS(sha1_x86_process, s_sha1_x86_compress, sha1, 64) +static HASH_PROCESS(s_sha1_x86_process, s_sha1_x86_compress, sha1, 64) + +static LTC_INLINE void s_sha1_x86_fixup_state(hash_state * md) +{ + ulong32 *state = LTC_ALIGN_BUF(md->sha1.state_buf, 16); + if (state != md->sha1.state) { + XMEMMOVE(state, md->sha1.state, 5 * sizeof(ulong32)); + md->sha1.state = state; + } +} + +int sha1_x86_process (hash_state * md, const unsigned char *in, unsigned long inlen) +{ + s_sha1_x86_fixup_state(md); + return s_sha1_x86_process(md, in, inlen); +} /** Terminate the hash to get the digest @@ -238,6 +232,8 @@ int sha1_x86_done(hash_state * md, unsigned char *out) return CRYPT_INVALID_ARG; } + s_sha1_x86_fixup_state(md); + /* increase the length of the message */ md->sha1.length += md->sha1.curlen * 8; diff --git a/src/hashes/sha2/sha224.c b/src/hashes/sha2/sha224.c index 15fc36767..69ccf90bf 100644 --- a/src/hashes/sha2/sha224.c +++ b/src/hashes/sha2/sha224.c @@ -20,38 +20,13 @@ const struct ltc_hash_descriptor sha224_portable_desc = { 2, 16, 840, 1, 101, 3, 4, 2, 4, }, 9, - &sha224_c_init, - &sha256_c_process, + &sha224_init, + &sha224_c_process, &sha224_c_done, - &sha224_test, + &sha224_c_test, NULL }; -/* init the sha256 er... sha224 state ;-) */ -/** - Initialize the hash state - @param md The hash state you wish to initialize - @return CRYPT_OK if successful -*/ -int sha224_c_init(hash_state * md) -{ - LTC_ARGCHK(md != NULL); - - md->sha256.state = LTC_ALIGN_BUF(md->sha256.state_buf, 16); - - md->sha256.curlen = 0; - md->sha256.length = 0; - md->sha256.state[0] = 0xc1059ed8UL; - md->sha256.state[1] = 0x367cd507UL; - md->sha256.state[2] = 0x3070dd17UL; - md->sha256.state[3] = 0xf70e5939UL; - md->sha256.state[4] = 0xffc00b31UL; - md->sha256.state[5] = 0x68581511UL; - md->sha256.state[6] = 0x64f98fa7UL; - md->sha256.state[7] = 0xbefa4fa4UL; - return CRYPT_OK; -} - /** Terminate the hash to get the digest @param md The hash state @@ -66,7 +41,7 @@ int sha224_c_done(hash_state * md, unsigned char *out) LTC_ARGCHK(md != NULL); LTC_ARGCHK(out != NULL); - err = sha256_done(md, buf); + err = sha256_c_done(md, buf); XMEMCPY(out, buf, 28); #ifdef LTC_CLEAN_STACK zeromem(buf, sizeof(buf)); diff --git a/src/hashes/sha2/sha224_desc.c b/src/hashes/sha2/sha224_desc.c index 6aa9dfd20..fa068a512 100644 --- a/src/hashes/sha2/sha224_desc.c +++ b/src/hashes/sha2/sha224_desc.c @@ -85,12 +85,21 @@ static LTC_INLINE int s_sha224_x86_is_supported(void) */ int sha224_init(hash_state * md) { -#if defined LTC_SHA224_X86 - if(s_sha224_x86_is_supported()) { - return sha224_x86_init(md); - } -#endif - return sha224_c_init(md); + LTC_ARGCHK(md != NULL); + + md->sha256.state = LTC_ALIGN_BUF(md->sha256.state_buf, 16); + + md->sha256.curlen = 0; + md->sha256.length = 0; + md->sha256.state[0] = 0xc1059ed8UL; + md->sha256.state[1] = 0x367cd507UL; + md->sha256.state[2] = 0x3070dd17UL; + md->sha256.state[3] = 0xf70e5939UL; + md->sha256.state[4] = 0xffc00b31UL; + md->sha256.state[5] = 0x68581511UL; + md->sha256.state[6] = 0x64f98fa7UL; + md->sha256.state[7] = 0xbefa4fa4UL; + return CRYPT_OK; } /** diff --git a/src/hashes/sha2/sha224_x86.c b/src/hashes/sha2/sha224_x86.c index f562b34a0..980ae80d4 100644 --- a/src/hashes/sha2/sha224_x86.c +++ b/src/hashes/sha2/sha224_x86.c @@ -20,38 +20,13 @@ const struct ltc_hash_descriptor sha224_x86_desc = { 2, 16, 840, 1, 101, 3, 4, 2, 4, }, 9, - &sha224_x86_init, - &sha256_x86_process, + &sha224_init, + &sha224_x86_process, &sha224_x86_done, &sha224_x86_test, NULL }; -/* init the sha256 er... sha224 state ;-) */ -/** - Initialize the hash state - @param md The hash state you wish to initialize - @return CRYPT_OK if successful -*/ -int sha224_x86_init(hash_state * md) -{ - LTC_ARGCHK(md != NULL); - - md->sha256.state = LTC_ALIGN_BUF(md->sha256.state_buf, 16); - - md->sha256.curlen = 0; - md->sha256.length = 0; - md->sha256.state[0] = 0xc1059ed8UL; - md->sha256.state[1] = 0x367cd507UL; - md->sha256.state[2] = 0x3070dd17UL; - md->sha256.state[3] = 0xf70e5939UL; - md->sha256.state[4] = 0xffc00b31UL; - md->sha256.state[5] = 0x68581511UL; - md->sha256.state[6] = 0x64f98fa7UL; - md->sha256.state[7] = 0xbefa4fa4UL; - return CRYPT_OK; -} - /** Terminate the hash to get the digest @param md The hash state diff --git a/src/hashes/sha2/sha256.c b/src/hashes/sha2/sha256.c index a37028d64..67541fe9e 100644 --- a/src/hashes/sha2/sha256.c +++ b/src/hashes/sha2/sha256.c @@ -20,7 +20,7 @@ const struct ltc_hash_descriptor sha256_portable_desc = { 2, 16, 840, 1, 101, 3, 4, 2, 1, }, 9, - &sha256_c_init, + &sha256_init, &sha256_c_process, &sha256_c_done, &sha256_c_test, @@ -226,30 +226,6 @@ static int s_sha256_compress(hash_state * md, const unsigned char *buf) } #endif -/** - Initialize the hash state - @param md The hash state you wish to initialize - @return CRYPT_OK if successful -*/ -int sha256_c_init(hash_state * md) -{ - LTC_ARGCHK(md != NULL); - - md->sha256.state = LTC_ALIGN_BUF(md->sha256.state_buf, 16); - - md->sha256.curlen = 0; - md->sha256.length = 0; - md->sha256.state[0] = 0x6A09E667UL; - md->sha256.state[1] = 0xBB67AE85UL; - md->sha256.state[2] = 0x3C6EF372UL; - md->sha256.state[3] = 0xA54FF53AUL; - md->sha256.state[4] = 0x510E527FUL; - md->sha256.state[5] = 0x9B05688CUL; - md->sha256.state[6] = 0x1F83D9ABUL; - md->sha256.state[7] = 0x5BE0CD19UL; - return CRYPT_OK; -} - /** Process a block of memory though the hash @param md The hash state @@ -257,7 +233,22 @@ int sha256_c_init(hash_state * md) @param inlen The length of the data (octets) @return CRYPT_OK if successful */ -HASH_PROCESS(sha256_c_process,s_sha256_compress, sha256, 64) +static HASH_PROCESS(s_sha256_c_process,s_sha256_compress, sha256, 64) + +static LTC_INLINE void s_sha256_c_fixup_state(hash_state * md) +{ + ulong32 *state = LTC_ALIGN_BUF(md->sha256.state_buf, 16); + if (state != md->sha256.state) { + XMEMMOVE(state, md->sha256.state, 8 * sizeof(ulong32)); + md->sha256.state = state; + } +} + +int sha256_c_process (hash_state * md, const unsigned char *in, unsigned long inlen) +{ + s_sha256_c_fixup_state(md); + return s_sha256_c_process(md, in, inlen); +} /** Terminate the hash to get the digest @@ -276,6 +267,7 @@ int sha256_c_done(hash_state * md, unsigned char *out) return CRYPT_INVALID_ARG; } + s_sha256_c_fixup_state(md); /* increase the length of the message */ md->sha256.length += md->sha256.curlen * 8; diff --git a/src/hashes/sha2/sha256_desc.c b/src/hashes/sha2/sha256_desc.c index 1bf0c1f7a..089ae9b9a 100644 --- a/src/hashes/sha2/sha256_desc.c +++ b/src/hashes/sha2/sha256_desc.c @@ -88,12 +88,21 @@ const struct ltc_hash_descriptor sha256_desc = */ int sha256_init(hash_state * md) { -#if defined LTC_SHA256_X86 - if(s_sha256_x86_is_supported()) { - return sha256_x86_init(md); - } -#endif - return sha256_c_init(md); + LTC_ARGCHK(md != NULL); + + md->sha256.state = LTC_ALIGN_BUF(md->sha256.state_buf, 16); + + md->sha256.curlen = 0; + md->sha256.length = 0; + md->sha256.state[0] = 0x6A09E667UL; + md->sha256.state[1] = 0xBB67AE85UL; + md->sha256.state[2] = 0x3C6EF372UL; + md->sha256.state[3] = 0xA54FF53AUL; + md->sha256.state[4] = 0x510E527FUL; + md->sha256.state[5] = 0x9B05688CUL; + md->sha256.state[6] = 0x1F83D9ABUL; + md->sha256.state[7] = 0x5BE0CD19UL; + return CRYPT_OK; } /** diff --git a/src/hashes/sha2/sha256_x86.c b/src/hashes/sha2/sha256_x86.c index 43a23c913..8dceb831c 100644 --- a/src/hashes/sha2/sha256_x86.c +++ b/src/hashes/sha2/sha256_x86.c @@ -37,7 +37,7 @@ const struct ltc_hash_descriptor sha256_x86_desc = { 2, 16, 840, 1, 101, 3, 4, 2, 1, }, 9, - &sha256_x86_init, + &sha256_init, &sha256_x86_process, &sha256_x86_done, &sha256_x86_test, @@ -258,30 +258,6 @@ static int s_sha256_compress(hash_state * md, const unsigned char *buf) } #endif -/** - Initialize the hash state - @param md The hash state you wish to initialize - @return CRYPT_OK if successful -*/ -int sha256_x86_init(hash_state * md) -{ - LTC_ARGCHK(md != NULL); - - md->sha256.state = LTC_ALIGN_BUF(md->sha256.state_buf, 16); - - md->sha256.curlen = 0; - md->sha256.length = 0; - md->sha256.state[0] = 0x6A09E667UL; - md->sha256.state[1] = 0xBB67AE85UL; - md->sha256.state[2] = 0x3C6EF372UL; - md->sha256.state[3] = 0xA54FF53AUL; - md->sha256.state[4] = 0x510E527FUL; - md->sha256.state[5] = 0x9B05688CUL; - md->sha256.state[6] = 0x1F83D9ABUL; - md->sha256.state[7] = 0x5BE0CD19UL; - return CRYPT_OK; -} - /** Process a block of memory though the hash @param md The hash state @@ -289,7 +265,22 @@ int sha256_x86_init(hash_state * md) @param inlen The length of the data (octets) @return CRYPT_OK if successful */ -HASH_PROCESS(sha256_x86_process,s_sha256_x86_compress, sha256, 64) +static HASH_PROCESS(s_sha256_x86_process,s_sha256_x86_compress, sha256, 64) + +static LTC_INLINE void s_sha256_x86_fixup_state(hash_state * md) +{ + ulong32 *state = LTC_ALIGN_BUF(md->sha256.state_buf, 16); + if (state != md->sha256.state) { + XMEMMOVE(state, md->sha256.state, 8 * sizeof(ulong32)); + md->sha256.state = state; + } +} + +int sha256_x86_process (hash_state * md, const unsigned char *in, unsigned long inlen) +{ + s_sha256_x86_fixup_state(md); + return s_sha256_x86_process(md, in, inlen); +} /** Terminate the hash to get the digest @@ -308,6 +299,7 @@ int sha256_x86_done(hash_state * md, unsigned char *out) return CRYPT_INVALID_ARG; } + s_sha256_x86_fixup_state(md); /* increase the length of the message */ md->sha256.length += md->sha256.curlen * 8; diff --git a/src/hashes/sha3.c b/src/hashes/sha3.c index 37373fb68..53de23aa8 100644 --- a/src/hashes/sha3.c +++ b/src/hashes/sha3.c @@ -99,7 +99,7 @@ const struct ltc_hash_descriptor shake256_desc = #endif #ifdef LTC_KECCAK -const struct ltc_hash_descriptor keccak_224_desc = +const struct ltc_hash_descriptor keccak224_desc = { "keccak224", /* name of hash */ 29, /* internal ID */ @@ -113,7 +113,7 @@ const struct ltc_hash_descriptor keccak_224_desc = NULL }; -const struct ltc_hash_descriptor keccak_256_desc = +const struct ltc_hash_descriptor keccak256_desc = { "keccak256", /* name of hash */ 30, /* internal ID */ @@ -127,7 +127,7 @@ const struct ltc_hash_descriptor keccak_256_desc = NULL }; -const struct ltc_hash_descriptor keccak_384_desc = +const struct ltc_hash_descriptor keccak384_desc = { "keccak384", /* name of hash */ 31, /* internal ID */ @@ -141,7 +141,7 @@ const struct ltc_hash_descriptor keccak_384_desc = NULL }; -const struct ltc_hash_descriptor keccak_512_desc = +const struct ltc_hash_descriptor keccak512_desc = { "keccak512", /* name of hash */ 32, /* internal ID */ diff --git a/src/headers/tomcrypt_hash.h b/src/headers/tomcrypt_hash.h index 3f619e4a2..a22c5675f 100644 --- a/src/headers/tomcrypt_hash.h +++ b/src/headers/tomcrypt_hash.h @@ -320,13 +320,13 @@ int sha3_shake_memory(int num, const unsigned char *in, unsigned long inlen, uns #define keccak_256_init(a) sha3_256_init(a) #define keccak_224_init(a) sha3_224_init(a) #define keccak_process(a,b,c) sha3_process(a,b,c) -extern const struct ltc_hash_descriptor keccak_512_desc; +extern const struct ltc_hash_descriptor keccak512_desc; int keccak_512_test(void); -extern const struct ltc_hash_descriptor keccak_384_desc; +extern const struct ltc_hash_descriptor keccak384_desc; int keccak_384_test(void); -extern const struct ltc_hash_descriptor keccak_256_desc; +extern const struct ltc_hash_descriptor keccak256_desc; int keccak_256_test(void); -extern const struct ltc_hash_descriptor keccak_224_desc; +extern const struct ltc_hash_descriptor keccak224_desc; int keccak_224_test(void); int keccak_done(hash_state *md, unsigned char *out); #endif @@ -396,14 +396,14 @@ int sha256_done(hash_state * md, unsigned char *out); int sha256_test(void); extern const struct ltc_hash_descriptor sha256_desc; -int sha256_c_init(hash_state * md); +#define sha256_c_init sha256_init int sha256_c_process(hash_state * md, const unsigned char *in, unsigned long inlen); int sha256_c_done(hash_state * md, unsigned char *out); int sha256_c_test(void); extern const struct ltc_hash_descriptor sha256_portable_desc; #ifdef LTC_SHA256_X86 -int sha256_x86_init(hash_state * md); +#define sha256_x86_init sha256_init int sha256_x86_process(hash_state * md, const unsigned char *in, unsigned long inlen); int sha256_x86_done(hash_state * md, unsigned char *out); int sha256_x86_test(void); @@ -421,14 +421,14 @@ int sha224_done(hash_state * md, unsigned char *out); int sha224_test(void); extern const struct ltc_hash_descriptor sha224_desc; -int sha224_c_init(hash_state * md); +#define sha224_c_init sha224_init #define sha224_c_process sha256_c_process int sha224_c_done(hash_state * md, unsigned char *out); int sha224_c_test(void); extern const struct ltc_hash_descriptor sha224_portable_desc; #ifdef LTC_SHA224_X86 -int sha224_x86_init(hash_state * md); +#define sha224_x86_init sha224_init #define sha224_x86_process sha256_x86_process int sha224_x86_done(hash_state * md, unsigned char *out); int sha224_x86_test(void); @@ -443,14 +443,14 @@ int sha1_done(hash_state * md, unsigned char *out); int sha1_test(void); extern const struct ltc_hash_descriptor sha1_desc; -int sha1_c_init(hash_state * md); +#define sha1_c_init sha1_init int sha1_c_process(hash_state * md, const unsigned char *in, unsigned long inlen); int sha1_c_done(hash_state * md, unsigned char *out); int sha1_c_test(void); extern const struct ltc_hash_descriptor sha1_portable_desc; #ifdef LTC_SHA1_X86 -int sha1_x86_init(hash_state * md); +#define sha1_x86_init sha1_init int sha1_x86_process(hash_state * md, const unsigned char *in, unsigned long inlen); int sha1_x86_done(hash_state * md, unsigned char *out); int sha1_x86_test(void); diff --git a/src/misc/crypt/crypt_register_all_hashes.c b/src/misc/crypt/crypt_register_all_hashes.c index 8c4fa6ca9..fc321d70a 100644 --- a/src/misc/crypt/crypt_register_all_hashes.c +++ b/src/misc/crypt/crypt_register_all_hashes.c @@ -69,10 +69,10 @@ int register_all_hashes(void) REGISTER_HASH(&blake2b_512_desc); #endif #ifdef LTC_KECCAK - REGISTER_HASH(&keccak_224_desc); - REGISTER_HASH(&keccak_256_desc); - REGISTER_HASH(&keccak_384_desc); - REGISTER_HASH(&keccak_512_desc); + REGISTER_HASH(&keccak224_desc); + REGISTER_HASH(&keccak256_desc); + REGISTER_HASH(&keccak384_desc); + REGISTER_HASH(&keccak512_desc); #endif #ifdef LTC_RIPEMD128 REGISTER_HASH(&rmd128_desc); diff --git a/tests/cipher_hash_test.c b/tests/cipher_hash_test.c index c296fffd8..21f1d657b 100644 --- a/tests/cipher_hash_test.c +++ b/tests/cipher_hash_test.c @@ -4,6 +4,36 @@ #include +static int unaligned_hash_md_tests(void) +{ + char pt[] = "Ladies and Gentlemen of the class of '99: If I could offer you only one tip for the future, sunscreen would be it."; + unsigned long ptlen = sizeof(pt); + unsigned long ptlen_part1 = (ptlen*2)/3; + unsigned char md_buf[sizeof(hash_state) + 16], buf[2][MAXBLOCKSIZE]; + void *pt0 = pt, *pt1 = (pt + ptlen_part1); + unsigned long n; + hash_state md; + for (n = 0; n < 16; ++n) { + hash_state *md2 = (void*)&md_buf[n]; + int x; + for (x = 0; hash_descriptor[x].name != NULL; x++) { + const struct ltc_hash_descriptor *desc = &hash_descriptor[x]; + + desc->init(&md); + desc->process(&md, pt0, ptlen_part1); + XMEMCPY(md2, &md, sizeof(md)); + desc->process(&md, pt1, ptlen - ptlen_part1); + desc->process(md2, pt1, ptlen - ptlen_part1); + desc->done(&md, buf[0]); + desc->done(md2, buf[1]); + if (ltc_compare_testvector(buf[1], desc->hashsize, buf[0], desc->hashsize, desc->name, n)) { + return CRYPT_FAIL_TESTVECTOR; + } + } + } + return CRYPT_OK; +} + int cipher_hash_test(void) { int x; @@ -91,5 +121,7 @@ int cipher_hash_test(void) DO(kangaroo_twelve_test()); #endif + DO(unaligned_hash_md_tests()); + return 0; } diff --git a/tests/test.c b/tests/test.c index 7a01f4482..d80755123 100644 --- a/tests/test.c +++ b/tests/test.c @@ -252,10 +252,10 @@ static void s_unregister_all(void) unregister_hash(&shake256_desc); #endif #ifdef LTC_KECCAK - unregister_hash(&keccak_224_desc); - unregister_hash(&keccak_256_desc); - unregister_hash(&keccak_384_desc); - unregister_hash(&keccak_512_desc); + unregister_hash(&keccak224_desc); + unregister_hash(&keccak256_desc); + unregister_hash(&keccak384_desc); + unregister_hash(&keccak512_desc); #endif #ifdef LTC_RIPEMD128 unregister_hash(&rmd128_desc);