TeaSpeak/tomcrypt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add blake2b hash

Browse Source
This commit is contained in:
Kelvin Sherlock 2017-04-08 15:40:56 -04:00
parent 5924bd43e6
commit 7c5fef9b71
6 changed files with 601 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

546
src/hashes/blake2b.c Normal file
View File

@ -0,0 +1,546 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
/*
BLAKE2 reference source code package - reference C implementations
Copyright 2012, Samuel Neves <sneves@dei.uc.pt>. You may use this under the
terms of the CC0, the OpenSSL Licence, or the Apache Public License 2.0, at
your option. The terms of these licenses can be found at:
- CC0 1.0 Universal : http://creativecommons.org/publicdomain/zero/1.0
- OpenSSL license : https://www.openssl.org/source/license.html
- Apache 2.0 : http://www.apache.org/licenses/LICENSE-2.0
More information about the BLAKE2 hash function can be found at
https://blake2.net.
*/
/* see also https://www.ietf.org/rfc/rfc7693.txt */
#include "tomcrypt.h"
#ifdef LTC_BLAKE2B
enum blake2b_constant
{
BLAKE2B_BLOCKBYTES = 128,
BLAKE2B_OUTBYTES = 64,
BLAKE2B_KEYBYTES = 64,
BLAKE2B_SALTBYTES = 16,
BLAKE2B_PERSONALBYTES = 16
};
struct blake2b_param
{
unsigned char digest_length;
unsigned char key_length;
unsigned char fanout;
unsigned char depth;
ulong32 leaf_length;
ulong32 node_offset;
ulong32 xof_length;
unsigned char node_depth;
unsigned char inner_length;
unsigned char reserved[14];
unsigned char salt[BLAKE2B_SALTBYTES];
unsigned char personal[BLAKE2B_PERSONALBYTES];
};
const struct ltc_hash_descriptor blake2b_160_desc =
{
"blake2b_160",
25,
20,
128,
{ 1, 3, 6, 1, 4, 1, 1722, 12, 2, 1, 5 },
11,
&blake2b_160_init,
&blake2b_process,
&blake2b_done,
&blake2b_160_test,
NULL
};
const struct ltc_hash_descriptor blake2b_256_desc =
{
"blake2b_256",
26,
32,
128,
{ 1, 3, 6, 1, 4, 1, 1722, 12, 2, 1, 8 },
11,
&blake2b_256_init,
&blake2b_process,
&blake2b_done,
&blake2b_256_test,
NULL
};
const struct ltc_hash_descriptor blake2b_384_desc =
{
"blake2b_384",
27,
48,
128,
{ 1, 3, 6, 1, 4, 1, 1722, 12, 2, 1, 12 },
11,
&blake2b_384_init,
&blake2b_process,
&blake2b_done,
&blake2b_384_test,
NULL
};
const struct ltc_hash_descriptor blake2b_512_desc =
{
"blake2b_512",
28,
64,
128,
{ 1, 3, 6, 1, 4, 1, 1722, 12, 2, 1, 16 },
11,
&blake2b_512_init,
&blake2b_process,
&blake2b_done,
&blake2b_512_test,
NULL
};
static const ulong64 blake2b_IV[8] =
{
CONST64(0x6a09e667f3bcc908), CONST64(0xbb67ae8584caa73b),
CONST64(0x3c6ef372fe94f82b), CONST64(0xa54ff53a5f1d36f1),
CONST64(0x510e527fade682d1), CONST64(0x9b05688c2b3e6c1f),
CONST64(0x1f83d9abfb41bd6b), CONST64(0x5be0cd19137e2179)
};
static const unsigned char blake2b_sigma[12][16] =
{
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } ,
{ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } ,
{ 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } ,
{ 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 } ,
{ 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 } ,
{ 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 } ,
{ 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 } ,
{ 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 } ,
{ 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 } ,
{ 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 } ,
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } ,
{ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }
};
static void blake2b_set_lastnode( hash_state *md )
{
md->blake2b.f[1] = CONST64(0xffffffffffffffff);
}
/* Some helper functions, not necessarily useful */
static int blake2b_is_lastblock( const hash_state *md )
{
return md->blake2b.f[0] != 0;
}
static void blake2b_set_lastblock( hash_state *md )
{
if( md->blake2b.last_node ) blake2b_set_lastnode( md );
md->blake2b.f[0] = CONST64(0xffffffffffffffff);
}
static void blake2b_increment_counter( hash_state *md, ulong64 inc )
{
md->blake2b.t[0] += inc;
md->blake2b.t[1] += ( md->blake2b.t[0] < inc );
}
static void blake2b_init0( hash_state *md )
{
unsigned long i;
XMEMSET( &md->blake2b, 0, sizeof( md->blake2b ) );
for( i = 0; i < 8; ++i ) md->blake2b.h[i] = blake2b_IV[i];
}
/* init xors IV with input parameter block */
int blake2b_init_param( hash_state *md, const struct blake2b_param *P )
{
const unsigned char *p = ( const unsigned char * )( P );
unsigned long i;
blake2b_init0( md );
/* IV XOR ParamBlock */
for( i = 0; i < 8; ++i ) {
ulong64 tmp;
LOAD64L(tmp, p + sizeof( md->blake2b.h[i] ) * i );
md->blake2b.h[i] ^= tmp;
}
md->blake2b.outlen = P->digest_length;
return CRYPT_OK;
}
int blake2b_init( hash_state *md, unsigned long outlen )
{
struct blake2b_param P;
LTC_ARGCHK(md != NULL);
if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) )
return CRYPT_INVALID_ARG;
XMEMSET(&P, 0, sizeof(P));
P.digest_length = (unsigned char)outlen;
P.fanout = 1;
P.depth = 1;
return blake2b_init_param( md, &P );
}
int blake2b_160_init(hash_state *md) { return blake2b_init(md, 20); }
int blake2b_256_init(hash_state *md) { return blake2b_init(md, 32); }
int blake2b_384_init(hash_state *md) { return blake2b_init(md, 48); }
int blake2b_512_init(hash_state *md) { return blake2b_init(md, 64); }
#define G(r,i,a,b,c,d) \
do { \
a = a + b + m[blake2b_sigma[r][2*i+0]]; \
d = ROR64(d ^ a, 32); \
c = c + d; \
b = ROR64(b ^ c, 24); \
a = a + b + m[blake2b_sigma[r][2*i+1]]; \
d = ROR64(d ^ a, 16); \
c = c + d; \
b = ROR64(b ^ c, 63); \
} while(0)
#define ROUND(r) \
do { \
G(r,0,v[ 0],v[ 4],v[ 8],v[12]); \
G(r,1,v[ 1],v[ 5],v[ 9],v[13]); \
G(r,2,v[ 2],v[ 6],v[10],v[14]); \
G(r,3,v[ 3],v[ 7],v[11],v[15]); \
G(r,4,v[ 0],v[ 5],v[10],v[15]); \
G(r,5,v[ 1],v[ 6],v[11],v[12]); \
G(r,6,v[ 2],v[ 7],v[ 8],v[13]); \
G(r,7,v[ 3],v[ 4],v[ 9],v[14]); \
} while(0)
#ifdef LTC_CLEAN_STACK
static int _blake2b_compress(hash_state *md, const unsigned char *buf)
#else
static int blake2b_compress(hash_state *md, const unsigned char *buf)
#endif
{
ulong64 m[16];
ulong64 v[16];
unsigned long i;
for( i = 0; i < 16; ++i ) {
LOAD64L(m[i], buf + i * sizeof( m[i] ) );
}
for( i = 0; i < 8; ++i ) {
v[i] = md->blake2b.h[i];
}
v[ 8] = blake2b_IV[0];
v[ 9] = blake2b_IV[1];
v[10] = blake2b_IV[2];
v[11] = blake2b_IV[3];
v[12] = blake2b_IV[4] ^ md->blake2b.t[0];
v[13] = blake2b_IV[5] ^ md->blake2b.t[1];
v[14] = blake2b_IV[6] ^ md->blake2b.f[0];
v[15] = blake2b_IV[7] ^ md->blake2b.f[1];
ROUND( 0 );
ROUND( 1 );
ROUND( 2 );
ROUND( 3 );
ROUND( 4 );
ROUND( 5 );
ROUND( 6 );
ROUND( 7 );
ROUND( 8 );
ROUND( 9 );
ROUND( 10 );
ROUND( 11 );
for( i = 0; i < 8; ++i ) {
md->blake2b.h[i] = md->blake2b.h[i] ^ v[i] ^ v[i + 8];
}
return CRYPT_OK;
}
#undef G
#undef ROUND
#ifdef LTC_CLEAN_STACK
static int blake2b_compress(hash_state *md, const unsigned char *buf)
{
int err;
err = _blake2b_compress(md, buf);
burn_stack(sizeof(ulong32) * (32 + 2));
return err;
}
#endif
int blake2b_process( hash_state *md, const unsigned char *in, unsigned long inlen )
{
if( inlen > 0 )
{
unsigned long left = md->blake2b.curlen;
unsigned long fill = BLAKE2B_BLOCKBYTES - left;
if( inlen > fill )
{
md->blake2b.curlen = 0;
XMEMCPY( md->blake2b.buf + left, in, fill ); /* Fill buffer */
blake2b_increment_counter( md, BLAKE2B_BLOCKBYTES );
blake2b_compress( md, md->blake2b.buf ); /* Compress */
in += fill; inlen -= fill;
while(inlen > BLAKE2B_BLOCKBYTES) {
blake2b_increment_counter(md, BLAKE2B_BLOCKBYTES);
blake2b_compress( md, in );
in += BLAKE2B_BLOCKBYTES;
inlen -= BLAKE2B_BLOCKBYTES;
}
}
XMEMCPY( md->blake2b.buf + md->blake2b.curlen, in, inlen );
md->blake2b.curlen += inlen;
}
return CRYPT_OK;
}
int blake2b_done( hash_state *md, unsigned char *out)
{
unsigned char buffer[BLAKE2B_OUTBYTES] = {0};
unsigned long i;
LTC_ARGCHK(md != NULL);
LTC_ARGCHK(out != NULL);
/* if(md->blakebs.outlen != outlen) return CRYPT_INVALID_ARG; */
if( blake2b_is_lastblock( md ) )
return CRYPT_ERROR;
blake2b_increment_counter( md, md->blake2b.curlen );
blake2b_set_lastblock( md );
XMEMSET( md->blake2b.buf + md->blake2b.curlen, 0, BLAKE2B_BLOCKBYTES - md->blake2b.curlen ); /* Padding */
blake2b_compress( md, md->blake2b.buf );
for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */
STORE64L( md->blake2b.h[i], buffer + sizeof( md->blake2b.h[i] ) * i );
XMEMCPY( out, buffer, md->blake2b.outlen );
#ifdef LTC_CLEAN_STACK
zeromem(buffer, sizeof(buffer));
zeromem(md, sizeof(hash_state));
#endif
return CRYPT_OK;
}
/**
Self-test the hash
@return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled
*/
int blake2b_512_test(void)
{
#ifndef LTC_TEST
return CRYPT_NOP;
#else
static const struct {
char *msg;
unsigned char hash[64];
} tests[] = {
{ "",
{ 0x78, 0x6a, 0x02, 0xf7, 0x42, 0x01, 0x59, 0x03,
0xc6, 0xc6, 0xfd, 0x85, 0x25, 0x52, 0xd2, 0x72,
0x91, 0x2f, 0x47, 0x40, 0xe1, 0x58, 0x47, 0x61,
0x8a, 0x86, 0xe2, 0x17, 0xf7, 0x1f, 0x54, 0x19,
0xd2, 0x5e, 0x10, 0x31, 0xaf, 0xee, 0x58, 0x53,
0x13, 0x89, 0x64, 0x44, 0x93, 0x4e, 0xb0, 0x4b,
0x90, 0x3a, 0x68, 0x5b, 0x14, 0x48, 0xb7, 0x55,
0xd5, 0x6f, 0x70, 0x1a, 0xfe, 0x9b, 0xe2, 0xce } },
{ "abc",
{ 0xba, 0x80, 0xa5, 0x3f, 0x98, 0x1c, 0x4d, 0x0d,
0x6a, 0x27, 0x97, 0xb6, 0x9f, 0x12, 0xf6, 0xe9,
0x4c, 0x21, 0x2f, 0x14, 0x68, 0x5a, 0xc4, 0xb7,
0x4b, 0x12, 0xbb, 0x6f, 0xdb, 0xff, 0xa2, 0xd1,
0x7d, 0x87, 0xc5, 0x39, 0x2a, 0xab, 0x79, 0x2d,
0xc2, 0x52, 0xd5, 0xde, 0x45, 0x33, 0xcc, 0x95,
0x18, 0xd3, 0x8a, 0xa8, 0xdb, 0xf1, 0x92, 0x5a,
0xb9, 0x23, 0x86, 0xed, 0xd4, 0x00, 0x99, 0x23 } },
{ NULL, { 0 } }
};
int i;
unsigned char tmp[64];
hash_state md;
for (i = 0; tests[i].msg != NULL; i++) {
blake2b_512_init(&md);
blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
blake2b_done(&md, tmp);
if (XMEMCMP(tmp, tests[i].hash, 64) != 0) {
return CRYPT_FAIL_TESTVECTOR;
}
}
return CRYPT_OK;
#endif
}
/**
Self-test the hash
@return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled
*/
int blake2b_384_test(void)
{
#ifndef LTC_TEST
return CRYPT_NOP;
#else
static const struct {
char *msg;
unsigned char hash[48];
} tests[] = {
{ "",
{ 0xb3, 0x28, 0x11, 0x42, 0x33, 0x77, 0xf5, 0x2d,
0x78, 0x62, 0x28, 0x6e, 0xe1, 0xa7, 0x2e, 0xe5,
0x40, 0x52, 0x43, 0x80, 0xfd, 0xa1, 0x72, 0x4a,
0x6f, 0x25, 0xd7, 0x97, 0x8c, 0x6f, 0xd3, 0x24,
0x4a, 0x6c, 0xaf, 0x04, 0x98, 0x81, 0x26, 0x73,
0xc5, 0xe0, 0x5e, 0xf5, 0x83, 0x82, 0x51, 0x00 } },
{ "abc",
{ 0x6f, 0x56, 0xa8, 0x2c, 0x8e, 0x7e, 0xf5, 0x26,
0xdf, 0xe1, 0x82, 0xeb, 0x52, 0x12, 0xf7, 0xdb,
0x9d, 0xf1, 0x31, 0x7e, 0x57, 0x81, 0x5d, 0xbd,
0xa4, 0x60, 0x83, 0xfc, 0x30, 0xf5, 0x4e, 0xe6,
0xc6, 0x6b, 0xa8, 0x3b, 0xe6, 0x4b, 0x30, 0x2d,
0x7c, 0xba, 0x6c, 0xe1, 0x5b, 0xb5, 0x56, 0xf4 } },
{ NULL, { 0 } }
};
int i;
unsigned char tmp[48];
hash_state md;
for (i = 0; tests[i].msg != NULL; i++) {
blake2b_384_init(&md);
blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
blake2b_done(&md, tmp);
if (XMEMCMP(tmp, tests[i].hash, 48) != 0) {
return CRYPT_FAIL_TESTVECTOR;
}
}
return CRYPT_OK;
#endif
}
/**
Self-test the hash
@return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled
*/
int blake2b_256_test(void)
{
#ifndef LTC_TEST
return CRYPT_NOP;
#else
static const struct {
char *msg;
unsigned char hash[32];
} tests[] = {
{ "",
{ 0x0e, 0x57, 0x51, 0xc0, 0x26, 0xe5, 0x43, 0xb2,
0xe8, 0xab, 0x2e, 0xb0, 0x60, 0x99, 0xda, 0xa1,
0xd1, 0xe5, 0xdf, 0x47, 0x77, 0x8f, 0x77, 0x87,
0xfa, 0xab, 0x45, 0xcd, 0xf1, 0x2f, 0xe3, 0xa8 } },
{ "abc",
{ 0xbd, 0xdd, 0x81, 0x3c, 0x63, 0x42, 0x39, 0x72,
0x31, 0x71, 0xef, 0x3f, 0xee, 0x98, 0x57, 0x9b,
0x94, 0x96, 0x4e, 0x3b, 0xb1, 0xcb, 0x3e, 0x42,
0x72, 0x62, 0xc8, 0xc0, 0x68, 0xd5, 0x23, 0x19 } },
{ NULL, { 0 } }
};
int i;
unsigned char tmp[32];
hash_state md;
for (i = 0; tests[i].msg != NULL; i++) {
blake2b_256_init(&md);
blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
blake2b_done(&md, tmp);
if (XMEMCMP(tmp, tests[i].hash, 32) != 0) {
return CRYPT_FAIL_TESTVECTOR;
}
}
return CRYPT_OK;
#endif
}
/**
Self-test the hash
@return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled
*/
int blake2b_160_test(void)
{
#ifndef LTC_TEST
return CRYPT_NOP;
#else
static const struct {
char *msg;
unsigned char hash[20];
} tests[] = {
{ "",
{ 0x33, 0x45, 0x52, 0x4a, 0xbf, 0x6b, 0xbe, 0x18,
0x09, 0x44, 0x92, 0x24, 0xb5, 0x97, 0x2c, 0x41,
0x79, 0x0b, 0x6c, 0xf2 } },
{ "abc",
{ 0x38, 0x42, 0x64, 0xf6, 0x76, 0xf3, 0x95, 0x36,
0x84, 0x05, 0x23, 0xf2, 0x84, 0x92, 0x1c, 0xdc,
0x68, 0xb6, 0x84, 0x6b } },
{ NULL, { 0 } }
};
int i;
unsigned char tmp[20];
hash_state md;
for (i = 0; tests[i].msg != NULL; i++) {
blake2b_160_init(&md);
blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
blake2b_done(&md, tmp);
if (XMEMCMP(tmp, tests[i].hash, 20) != 0) {
return CRYPT_FAIL_TESTVECTOR;
}
}
return CRYPT_OK;
#endif
}
#endif

1
src/headers/tomcrypt_custom.h
View File

@ -243,6 +243,7 @@
#define LTC_RIPEMD256
#define LTC_RIPEMD320
#define LTC_BLAKE2S
#define LTC_BLAKE2B
#define LTC_HASH_HELPERS

38
src/headers/tomcrypt_hash.h
View File

@ -113,7 +113,6 @@ struct chc_state {
};
#endif
#ifdef LTC_BLAKE2S
struct blake2s_state {
ulong32 h[8];
@ -126,6 +125,18 @@ struct blake2s_state {
};
#endif
#ifdef LTC_BLAKE2B
struct blake2b_state {
ulong64 h[8];
ulong64 t[2];
ulong64 f[2];
unsigned char buf[128];
unsigned long curlen;
unsigned long outlen;
unsigned char last_node;
};
#endif
typedef union Hash_state {
char dummy[1];
#ifdef LTC_CHC_HASH
@ -170,10 +181,12 @@ typedef union Hash_state {
#ifdef LTC_RIPEMD320
struct rmd320_state rmd320;
#endif
#ifdef LTC_BLAKE2S
struct blake2s_state blake2s;
#endif
#ifdef LTC_BLAKE2B
struct blake2b_state blake2b;
#endif
void *data;
} hash_state;
@ -354,6 +367,27 @@ int blake2s_process(hash_state * md, const unsigned char *in, unsigned long inle
int blake2s_done(hash_state * md, unsigned char *hash);
#endif
#ifdef LTC_BLAKE2B
extern const struct ltc_hash_descriptor blake2b_512_desc;
int blake2b_512_init(hash_state * md);
int blake2b_512_test(void);
extern const struct ltc_hash_descriptor blake2b_384_desc;
int blake2b_384_init(hash_state * md);
int blake2b_384_test(void);
extern const struct ltc_hash_descriptor blake2b_256_desc;
int blake2b_256_init(hash_state * md);
int blake2b_256_test(void);
extern const struct ltc_hash_descriptor blake2b_160_desc;
int blake2b_160_init(hash_state * md);
int blake2b_160_test(void);
int blake2b_init(hash_state * md, unsigned long outlen);
int blake2b_process(hash_state * md, const unsigned char *in, unsigned long inlen);
int blake2b_done(hash_state * md, unsigned char *hash);
#endif
#ifdef LTC_MD5
int md5_init(hash_state * md);

3
src/misc/crypt/crypt.c
View File

@ -183,6 +183,9 @@ const char *crypt_build_settings =
#if defined(LTC_BLAKE2S)
" BLAKE2S\n"
#endif
#if defined(LTC_BLAKE2B)
" BLAKE2B\n"
#endif
#if defined(LTC_CHC_HASH)
" CHC_HASH\n"
#endif

3
src/misc/crypt/crypt_sizes.c
View File

@ -74,6 +74,9 @@ static const crypt_size _crypt_sizes[] = {
#ifdef LTC_BLAKE2S
_SZ_STRINGIFY_S(blake2s_state),
#endif
#ifdef LTC_BLAKE2B
_SZ_STRINGIFY_S(blake2b_state),
#endif
#ifdef LTC_CHC_HASH
_SZ_STRINGIFY_S(chc_state),
#endif

12
testprof/x86_prof.c
View File

@ -325,6 +325,12 @@ static void _unregister_all(void)
unregister_hash(&blake2s_224_desc);
unregister_hash(&blake2s_256_desc);
#endif
#ifdef LTC_BLAKE2B
unregister_hash(&blake2b_160_desc);
unregister_hash(&blake2b_256_desc);
unregister_hash(&blake2b_384_desc);
unregister_hash(&blake2b_512_desc);
#endif
#ifdef LTC_CHC_HASH
unregister_hash(&chc_desc);
#endif
@ -493,6 +499,12 @@ void reg_algs(void)
register_hash(&blake2s_224_desc);
register_hash(&blake2s_256_desc);
#endif
#ifdef LTC_BLAKE2S
register_hash(&blake2b_160_desc);
register_hash(&blake2b_256_desc);
register_hash(&blake2b_384_desc);
register_hash(&blake2b_512_desc);
#endif
#ifdef LTC_CHC_HASH
register_hash(&chc_desc);
if ((err = chc_register(register_cipher(&aes_desc))) != CRYPT_OK) {