Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 24 Mar 2015 10:00:28 -0700
From: Shawn Landden <shawn@...rchofgit.com>
To: musl@...ts.openwall.com
Cc: Shawn Landden <shawn@...rchofgit.com>
Subject: Re: [RFC] sha2: new <sha2.h> header

On Tue, Mar 24, 2015 at 9:57 AM, Shawn Landden <shawn@...rchofgit.com> wrote:
> We have sha512 and sha256 code sitting here, yet we don't export it with any useful interface.
>
> This came out of discussion with pikhq on IRC.
>
> No tests yet, and no sha256 until this gets some review.
> ---
>  include/sha2.h            | 33 +++++++++++++++++++++++++++++++++
>  src/crypt/crypt_sha512.c  | 37 ++++++++++++++++++++++++++++---------
>  src/crypt/sha512.c        | 11 +++++++++++
>  src/crypt/sha512_finish.c |  9 +++++++++
>  src/crypt/sha512_push.c   |  9 +++++++++
>  5 files changed, 90 insertions(+), 9 deletions(-)
>  create mode 100644 include/sha2.h
>  create mode 100644 src/crypt/sha512.c
>  create mode 100644 src/crypt/sha512_finish.c
>  create mode 100644 src/crypt/sha512_push.c
>
> diff --git a/include/sha2.h b/include/sha2.h
> new file mode 100644
> index 0000000..eb45bae
> --- /dev/null
> +++ b/include/sha2.h
> @@ -0,0 +1,33 @@
> +#ifndef _SHA2_H
> +#define _SHA2_H
> +
> +#ifdef __cplusplus
> +extern "C" {
> +#endif
> +
> +#include <stdint.h>
> +
> +typedef struct sha512_state_t {
> +       char __internal_state[8 + 64 + 128];
> +} sha512_state_t;
> +
> +union sha512 {
> +       uint8_t s8[64];
> +       uint16_t s16[32];
> +       uint32_t s32[16];
> +       uint64_t s64[8];
> +};
whoops for including this. I was thinking of having a type for the
digest, with differn't width accessors, like in6_addr has.
> +
> +/* using a macro allows switching to a static initializer in the future */
> +#define SHA512STATEINIT __sha512_init()
> +
> +void *sha512(const void *__restrict, size_t n, void *__restrict);
> +sha512_state_t __sha512_init();
> +void sha512_push(sha512_state_t *s, const void *__restrict, size_t n);
> +void sha512_finish(sha512_state_t *s, void *__restrict);
> +
> +#ifdef __cplusplus
> +}
> +#endif
> +
> +#endif
> diff --git a/src/crypt/crypt_sha512.c b/src/crypt/crypt_sha512.c
> index 1294e98..c3b57e9 100644
> --- a/src/crypt/crypt_sha512.c
> +++ b/src/crypt/crypt_sha512.c
> @@ -16,11 +16,11 @@
>  /* public domain sha512 implementation based on fips180-3 */
>  /* >=2^64 bits messages are not supported (about 2000 peta bytes) */
>
> -struct sha512 {
> +typedef struct sha512_state_t {
>         uint64_t len;     /* processed message length */
>         uint64_t h[8];    /* hash state */
>         uint8_t buf[128]; /* message block buffer */
> -};
> +} sha512_state_t;
>
>  static uint64_t ror(uint64_t n, int k) { return (n >> k) | (n << (64-k)); }
>  #define Ch(x,y,z)  (z ^ (x & (y ^ z)))
> @@ -53,7 +53,7 @@ static const uint64_t K[80] = {
>  0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL
>  };
>
> -static void processblock(struct sha512 *s, const uint8_t *buf)
> +static void processblock(sha512_state_t *s, const uint8_t *buf)
>  {
>         uint64_t W[80], t1, t2, a, b, c, d, e, f, g, h;
>         int i;
> @@ -100,7 +100,7 @@ static void processblock(struct sha512 *s, const uint8_t *buf)
>         s->h[7] += h;
>  }
>
> -static void pad(struct sha512 *s)
> +static void pad(sha512_state_t *s)
>  {
>         unsigned r = s->len % 128;
>
> @@ -123,7 +123,7 @@ static void pad(struct sha512 *s)
>         processblock(s, s->buf);
>  }
>
> -static void sha512_init(struct sha512 *s)
> +static void sha512_init(sha512_state_t *s)
>  {
>         s->len = 0;
>         s->h[0] = 0x6a09e667f3bcc908ULL;
> @@ -136,7 +136,7 @@ static void sha512_init(struct sha512 *s)
>         s->h[7] = 0x5be0cd19137e2179ULL;
>  }
>
> -static void sha512_sum(struct sha512 *s, uint8_t *md)
> +static void sha512_sum(sha512_state_t *s, uint8_t *md)
>  {
>         int i;
>
> @@ -153,7 +153,7 @@ static void sha512_sum(struct sha512 *s, uint8_t *md)
>         }
>  }
>
> -static void sha512_update(struct sha512 *s, const void *m, unsigned long len)
> +static void sha512_update(sha512_state_t *s, const void *m, unsigned long len)
>  {
>         const uint8_t *p = m;
>         unsigned r = s->len % 128;
> @@ -196,7 +196,7 @@ static char *to64(char *s, unsigned int u, int n)
>  #define ROUNDS_MAX 9999999
>
>  /* hash n bytes of the repeated md message digest */
> -static void hashmd(struct sha512 *s, unsigned int n, const void *md)
> +static void hashmd(sha512_state_t  *s, unsigned int n, const void *md)
>  {
>         unsigned int i;
>
> @@ -207,7 +207,7 @@ static void hashmd(struct sha512 *s, unsigned int n, const void *md)
>
>  static char *sha512crypt(const char *key, const char *setting, char *output)
>  {
> -       struct sha512 ctx;
> +       sha512_state_t ctx;
>         unsigned char md[64], kmd[64], smd[64];
>         unsigned int i, r, klen, slen;
>         char rounds[20] = "";
> @@ -369,3 +369,22 @@ char *__crypt_sha512(const char *key, const char *setting, char *output)
>                 return "*";
>         return p;
>  }
> +
> +void __sha512_push(sha512_state_t *s, const void *d, size_t n)
> +{
> +       sha512_update(s, d, n);
> +}
> +
> +void __sha512_finish(sha512_state_t *s, const void *md)
> +{
> +       sha512_sum(s, (uint8_t *)md);
> +}
> +
> +sha512_state_t __sha512_init()
> +{
> +       sha512_state_t s;
> +
> +       sha512_init(&s);
> +
> +       return s;
> +}
> diff --git a/src/crypt/sha512.c b/src/crypt/sha512.c
> new file mode 100644
> index 0000000..42059e9
> --- /dev/null
> +++ b/src/crypt/sha512.c
> @@ -0,0 +1,11 @@
> +#include <unistd.h>
> +#include <sha2.h>
> +
> +void *sha512(const void *d, size_t n, void *md)
> +{
> +       sha512_state_t s = SHA512STATEINIT;
> +
> +       sha512_push(&s, d, n);
> +       sha512_finish(&s, md);
> +       return md;
> +}
> diff --git a/src/crypt/sha512_finish.c b/src/crypt/sha512_finish.c
> new file mode 100644
> index 0000000..fe91bd5
> --- /dev/null
> +++ b/src/crypt/sha512_finish.c
> @@ -0,0 +1,9 @@
> +#include <unistd.h>
> +#include <sha2.h>
> +
> +void __sha512_finish(sha512_state_t *s, void *__restrict);
> +
> +void sha512_finish(sha512_state_t *s, void *md)
> +{
> +       __sha512_finish(s, md);
> +}
> diff --git a/src/crypt/sha512_push.c b/src/crypt/sha512_push.c
> new file mode 100644
> index 0000000..dffb9dc
> --- /dev/null
> +++ b/src/crypt/sha512_push.c
> @@ -0,0 +1,9 @@
> +#include <unistd.h>
> +#include <sha2.h>
> +
> +void __sha512_push(sha512_state_t *s, const void *__restrict, size_t n);
> +
> +void sha512_push(sha512_state_t *s, const void *d, size_t n)
> +{
> +       __sha512_push(s, d, n);
> +}
> --
> 2.2.1.209.g41e5f3a
>



-- 
Shawn Landden

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.