vieter-v
/
v
2
0
Fork 0
Code Issues Pull Requests Releases Activity

implement crypto.sha256 + some crypto cleanup

pull/1226/head
joe-conigliaro 2019-07-18 18:50:05 +10:00 committed by Alexander Medvednikov
parent c0911ea74b
commit 43070412f7
8 changed files with 424 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
vlib/crypto/md5/md5.v
View File

@ -48,7 +48,7 @@ fn (d mut Digest) reset() {
d.len = u64(0)
}
// new returns a new hash.Hash computing the MD5 checksum.
// new returns a new Digest (implementing hash.Hash) computing the MD5 checksum.
pub fn new() *Digest {
mut d := &Digest{}
d.reset()

1
vlib/crypto/md5/md5block_generic.v
View File

@ -17,6 +17,7 @@ fn block_generic(dig &Digest, p []byte) {
mut b := dig.s[1]
mut c := dig.s[2]
mut d := dig.s[3]
for i := 0; i <= p.len-BlockSize; i += BlockSize {
mut q := p.right(i)
q = q.left(BlockSize)

4
vlib/crypto/sha1/sha1.v
View File

@ -143,9 +143,9 @@ pub fn sum(data []byte) []byte {
}
fn block(dig &Digest, p []byte) {
// For now just use block_generic until we have specific
// For now just use block_generic until we have specific
// architecture optimized versions
block_generic(dig, p)
block_generic(dig, p)
}
pub fn (d &Digest) size() int { return Size }

218
vlib/crypto/sha256/sha256.v 100644
View File

@ -0,0 +1,218 @@
// Copyright (c) 2019 Alexander Medvednikov. All rights reserved.
// Use of this source code is governed by an MIT license
// that can be found in the LICENSE file.
// Package sha256 implements the SHA224 and SHA256 hash algorithms as defined
// in FIPS 180-4.
// Adaped from https://github.com/golang/go/tree/master/src/crypto/sha256
module sha256
import math
import encoding.binary
const (
// The size of a SHA256 checksum in bytes.
Size = 32
// The size of a SHA224 checksum in bytes.
Size224 = 28
// The blocksize of SHA256 and SHA224 in bytes.
BlockSize = 64
)
const (
Chunk = 64
Init0 = 0x6A09E667
Init1 = 0xBB67AE85
Init2 = 0x3C6EF372
Init3 = 0xA54FF53A
Init4 = 0x510E527F
Init5 = 0x9B05688C
Init6 = 0x1F83D9AB
Init7 = 0x5BE0CD19
Init0_224 = 0xC1059ED8
Init1_224 = 0x367CD507
Init2_224 = 0x3070DD17
Init3_224 = 0xF70E5939
Init4_224 = 0xFFC00B31
Init5_224 = 0x68581511
Init6_224 = 0x64F98FA7
Init7_224 = 0xBEFA4FA4
)
// digest represents the partial evaluation of a checksum.
struct Digest {
mut:
h []u32
x []byte
nx int
len u64
is224 bool // mark if this digest is SHA-224
}
fn (d &Digest) reset() {
d.h = [u32(0); 8]
d.x = [byte(0); Chunk]
if !d.is224 {
d.h[0] = u32(Init0)
d.h[1] = u32(Init1)
d.h[2] = u32(Init2)
d.h[3] = u32(Init3)
d.h[4] = u32(Init4)
d.h[5] = u32(Init5)
d.h[6] = u32(Init6)
d.h[7] = u32(Init7)
} else {
d.h[0] = u32(Init0_224)
d.h[1] = u32(Init1_224)
d.h[2] = u32(Init2_224)
d.h[3] = u32(Init3_224)
d.h[4] = u32(Init4_224)
d.h[5] = u32(Init5_224)
d.h[6] = u32(Init6_224)
d.h[7] = u32(Init7_224)
}
d.nx = 0
d.len = u64(0)
}
// new returns a new Digest (implementing hash.Hash) computing the SHA256 checksum.
pub fn new() *Digest {
mut d := &Digest{}
d.reset()
return d
}
// new224 returns a new Digest (implementing hash.Hash) computing the SHA224 checksum.
pub fn new224() *Digest {
mut d := &Digest{}
d.is224 = true
d.reset()
return d
}
fn (d mut Digest) write(p []byte) ?int {
nn := p.len
d.len += u64(nn)
if d.nx > 0 {
n := int(math.min(f64(d.x.len), f64(p.len)))
for i:=0; i<n; i++ {
d.x.set(i+d.nx, p[i])
}
d.nx += n
if d.nx == Chunk {
block(d, d.x)
d.nx = 0
}
if n >= p.len {
p = []byte
} else {
p = p.right(n)
}
}
if p.len >= Chunk {
n := p.len &~ (Chunk - 1)
block(d, p.left(n))
if n >= p.len {
p = []byte
} else {
p = p.right(n)
}
}
if p.len > 0 {
d.nx = int(math.min(f64(d.x.len), f64(p.len)))
for i:=0; i<d.nx; i++ {
d.x.set(i, p[i])
}
}
return nn
}
fn (d &Digest) sum(b_in mut []byte) []byte {
// Make a copy of d so that caller can keep writing and summing.
mut d0 := *d
hash := d0.checksum()
if d0.is224 {
for b in hash.left(Size224) {
b_in << b
}
} else {
for b in hash {
b_in << b
}
}
return *b_in
}
fn (d mut Digest) checksum() []byte {
mut len := d.len
// Padding. Add a 1 bit and 0 bits until 56 bytes mod 64.
mut tmp := [byte(0); 64]
tmp[0] = 0x80
if int(len)%64 < 56 {
d.write(tmp.left(56-int(len)%64))
} else {
d.write(tmp.left(64+56-int(len)%64))
}
// Length in bits.
len <<= u64(3)
binary.big_endian_put_u64(tmp, len)
d.write(tmp.left(8))
if d.nx != 0 {
panic('d.nx != 0')
}
digest := [byte(0); Size]
binary.big_endian_put_u32(digest, d.h[0])
binary.big_endian_put_u32(digest.right(4), d.h[1])
binary.big_endian_put_u32(digest.right(8), d.h[2])
binary.big_endian_put_u32(digest.right(12), d.h[3])
binary.big_endian_put_u32(digest.right(16), d.h[4])
binary.big_endian_put_u32(digest.right(20), d.h[5])
binary.big_endian_put_u32(digest.right(24), d.h[6])
if !d.is224 {
binary.big_endian_put_u32(digest.right(28), d.h[7])
}
return digest
}
// sum256 returns the SHA256 checksum of the data.
pub fn sum(data []byte) []byte {
return sum256(data)
}
// sum256 returns the SHA256 checksum of the data.
pub fn sum256(data []byte) []byte {
mut d := new()
d.write(data)
return d.checksum()
}
// sum224 returns the SHA224 checksum of the data.
pub fn sum224(data []byte) []byte {
mut d := new224()
d.write(data)
sum := d.checksum()
sum224 := sum.left(Size224)
return sum224
}
fn block(dig &Digest, p []byte) {
// For now just use block_generic until we have specific
// architecture optimized versions
block_generic(dig, p)
}
pub fn (d &Digest) size() int {
if !d.is224 {
return Size
}
return Size224
}
pub fn (d &Digest) block_size() int { return BlockSize }

9
vlib/crypto/sha256/sha256_test.v 100644
View File

@ -0,0 +1,9 @@
// Copyright (c) 2019 Alexander Medvednikov. All rights reserved.
// Use of this source code is governed by an MIT license
// that can be found in the LICENSE file.
import crypto.sha256
fn test_crypto_sha256() {
assert sha256.sum('This is a sha256 checksum.'.bytes()).hex() == 'DC7163299659529EAE29683EB1FFEC50D6C8FC7275ECB10C145FDE0E125B8727'
}

158
vlib/crypto/sha256/sha256block_generic.v 100644
View File

@ -0,0 +1,158 @@
// Copyright (c) 2019 Alexander Medvednikov. All rights reserved.
// Use of this source code is governed by an MIT license
// that can be found in the LICENSE file.
// SHA256 block step.
// This is the generic version with no architecture optimizations.
// In its own file so that an architecture
// optimized verision can be substituted
module sha256
import math.bits
const (
_K = [
0x428a2f98,
0x71374491,
0xb5c0fbcf,
0xe9b5dba5,
0x3956c25b,
0x59f111f1,
0x923f82a4,
0xab1c5ed5,
0xd807aa98,
0x12835b01,
0x243185be,
0x550c7dc3,
0x72be5d74,
0x80deb1fe,
0x9bdc06a7,
0xc19bf174,
0xe49b69c1,
0xefbe4786,
0x0fc19dc6,
0x240ca1cc,
0x2de92c6f,
0x4a7484aa,
0x5cb0a9dc,
0x76f988da,
0x983e5152,
0xa831c66d,
0xb00327c8,
0xbf597fc7,
0xc6e00bf3,
0xd5a79147,
0x06ca6351,
0x14292967,
0x27b70a85,
0x2e1b2138,
0x4d2c6dfc,
0x53380d13,
0x650a7354,
0x766a0abb,
0x81c2c92e,
0x92722c85,
0xa2bfe8a1,
0xa81a664b,
0xc24b8b70,
0xc76c51a3,
0xd192e819,
0xd6990624,
0xf40e3585,
0x106aa070,
0x19a4c116,
0x1e376c08,
0x2748774c,
0x34b0bcb5,
0x391c0cb3,
0x4ed8aa4a,
0x5b9cca4f,
0x682e6ff3,
0x748f82ee,
0x78a5636f,
0x84c87814,
0x8cc70208,
0x90befffa,
0xa4506ceb,
0xbef9a3f7,
0xc67178f2,
]
)
fn block_generic(dig &Digest, p []byte) {
mut w := [u32(0); 64]
mut h0 := dig.h[0]
mut h1 := dig.h[1]
mut h2 := dig.h[2]
mut h3 := dig.h[3]
mut h4 := dig.h[4]
mut h5 := dig.h[5]
mut h6 := dig.h[6]
mut h7 := dig.h[7]
for p.len >= Chunk {
// Can interlace the computation of w with the
// rounds below if needed for speed.
for i := 0; i < 16; i++ {
j := i * 4
w[i] = u32(u32(p[j])<<u32(24)) | u32(u32(p[j+1])<<u32(16)) | u32(u32(p[j+2])<<u32(8)) | u32(p[j+3])
}
for i := 16; i < 64; i++ {
v1 := w[i-2]
t1 := (bits.rotate_left_32(v1, -17)) ^ (bits.rotate_left_32(v1, -19)) ^ u32((v1 >> u32(10)))
v2 := w[i-15]
t2 := (bits.rotate_left_32(v2, -7)) ^ (bits.rotate_left_32(v2, -18)) ^ u32((v2 >> u32(3)))
w[i] = t1 + w[i-7] + t2 + w[i-16]
}
mut a := h0
mut b := h1
mut c := h2
mut d := h3
mut e := h4
mut f := h5
mut g := h6
mut h := h7
for i := 0; i < 64; i++ {
t1 := h + ((bits.rotate_left_32(e, -6)) ^ (bits.rotate_left_32(e, -11)) ^ (bits.rotate_left_32(e, -25))) + ((e & f) ^ (~e & g)) + u32(_K[i]) + w[i]
t2 := ((bits.rotate_left_32(a, -2)) ^ (bits.rotate_left_32(a, -13)) ^ (bits.rotate_left_32(a, -22))) + ((a & b) ^ (a & c) ^ (b & c))
h = g
g = f
f = e
e = d + t1
d = c
c = b
b = a
a = t1 + t2
}
h0 += a
h1 += b
h2 += c
h3 += d
h4 += e
h5 += f
h6 += g
h7 += h
if Chunk >= p.len {
p = []byte
} else {
p = p.right(Chunk)
}
}
dig.h[0] = h0
dig.h[1] = h1
dig.h[2] = h2
dig.h[3] = h3
dig.h[4] = h4
dig.h[5] = h5
dig.h[6] = h6
dig.h[7] = h7
}

68
vlib/crypto/sha512/sha512.v
View File

@ -5,7 +5,7 @@
// Package sha512 implements the SHA-384, SHA-512, SHA-512/224, and SHA-512/256
// hash algorithms as defined in FIPS 180-4.
// Adaped from https://github.com/golang/go/tree/master/src/crypto/sha256
// Adaped from https://github.com/golang/go/tree/master/src/crypto/sha512
module sha512
@ -65,8 +65,6 @@ const (
// digest represents the partial evaluation of a checksum.
struct Digest {
// h [8]uint64
// x [chunk]byte
mut:
h []u64
x []byte
@ -123,8 +121,8 @@ mut:
// Note: when u64 const is working remove this and uncomment above
fn (d mut Digest) reset() {
d.h = [u64(0); 8]
d.x = [byte(0); Chunk]
d.h = [u64(0); 8]
d.x = [byte(0); Chunk]
switch d.function {
case crypto.Hash.SHA384:
d.h[0] = u64(0xcbbb9d5dc1059ed8)
@ -154,14 +152,14 @@ fn (d mut Digest) reset() {
d.h[6] = u64(0x2b0199fc2c85b8aa)
d.h[7] = u64(0x0eb72ddc81c52ca2)
default:
d.h[0] = u64(0x6a09e667f3bcc908)
d.h[1] = u64(0xbb67ae8584caa73b)
d.h[2] = u64(0x3c6ef372fe94f82b)
d.h[3] = u64(0xa54ff53a5f1d36f1)
d.h[4] = u64(0x510e527fade682d1)
d.h[5] = u64(0x9b05688c2b3e6c1f)
d.h[6] = u64(0x1f83d9abfb41bd6b)
d.h[7] = u64(0x5be0cd19137e2179)
d.h[0] = u64(0x6a09e667f3bcc908)
d.h[1] = u64(0xbb67ae8584caa73b)
d.h[2] = u64(0x3c6ef372fe94f82b)
d.h[3] = u64(0xa54ff53a5f1d36f1)
d.h[4] = u64(0x510e527fade682d1)
d.h[5] = u64(0x9b05688c2b3e6c1f)
d.h[6] = u64(0x1f83d9abfb41bd6b)
d.h[7] = u64(0x5be0cd19137e2179)
}
d.nx = 0
d.len = u64(0)
@ -173,22 +171,22 @@ fn _new(hash crypto.Hash) *Digest {
return d
}
// new returns a new hash.Hash computing the SHA-512 checksum.
// new returns a new Digest (implementing hash.Hash) computing the SHA-512 checksum.
pub fn new() *Digest {
return _new(crypto.Hash.SHA512)
}
// new512_224 returns a new hash.Hash computing the SHA-512/224 checksum.
// new512_224 returns a new Digest (implementing hash.Hash) computing the SHA-512/224 checksum.
fn new512_224() *Digest {
return _new(crypto.Hash.SHA512_224)
}
// new512_256 returns a new hash.Hash computing the SHA-512/256 checksum.
// new512_256 returns a new Digest (implementing hash.Hash) computing the SHA-512/256 checksum.
fn new512_256() *Digest {
return _new(crypto.Hash.SHA512_256)
}
// new384 returns a new hash.Hash computing the SHA-384 checksum.
// new384 returns a new Digest (implementing hash.Hash) computing the SHA-384 checksum.
fn new384() *Digest {
return _new(crypto.Hash.SHA384)
}
@ -237,22 +235,22 @@ fn (d mut Digest) sum(b_in mut []byte) []byte {
switch d0.function {
case crypto.Hash.SHA384:
for b in hash.left(Size384) {
b_in << b
}
b_in << b
}
case crypto.Hash.SHA512_224:
for b in hash.left(Size224) {
b_in << b
}
b_in << b
}
case crypto.Hash.SHA512_256:
for b in hash.left(Size256) {
b_in << b
}
b_in << b
}
default:
for b in hash {
b_in << b
}
b_in << b
}
}
return *b_in
return *b_in
}
fn (d mut Digest) checksum() []byte {
@ -261,8 +259,8 @@ fn (d mut Digest) checksum() []byte {
mut tmp := [byte(0); 128]
tmp[0] = 0x80
if int(len)%128 < 112 {
d.write(tmp.left(112-int(len)%128))
if int(len)%128 < 112 {
d.write(tmp.left(112-int(len)%128))
} else {
d.write(tmp.left(128+112-int(len)%128))
}
@ -271,7 +269,7 @@ fn (d mut Digest) checksum() []byte {
len <<= u64(3)
binary.big_endian_put_u64(tmp, u64(0)) // upper 64 bits are always zero, because len variable has type u64
binary.big_endian_put_u64(tmp.right(8), len)
binary.big_endian_put_u64(tmp.right(8), len)
d.write(tmp.left(16))
if d.nx != 0 {
@ -280,7 +278,7 @@ fn (d mut Digest) checksum() []byte {
mut digest := [byte(0); Size]
binary.big_endian_put_u64(digest, d.h[0])
binary.big_endian_put_u64(digest, d.h[0])
binary.big_endian_put_u64(digest.right(8), d.h[1])
binary.big_endian_put_u64(digest.right(16), d.h[2])
binary.big_endian_put_u64(digest.right(24), d.h[3])
@ -306,7 +304,7 @@ pub fn sum384(data []byte) []byte {
mut d := _new(crypto.Hash.SHA384)
d.write(data)
sum := d.checksum()
sum384 := sum.left(Size384)
sum384 := sum.left(Size384)
return sum384
}
@ -315,7 +313,7 @@ pub fn sum512_224(data []byte) []byte {
mut d := _new(crypto.Hash.SHA512_224)
d.write(data)
sum := d.checksum()
sum224 := sum.left(Size224)
sum224 := sum.left(Size224)
return sum224
}
@ -324,14 +322,14 @@ pub fn sum512_256(data []byte) []byte {
mut d := _new(crypto.Hash.SHA512_256)
d.write(data)
sum := d.checksum()
sum256 := sum.left(Size256)
sum256 := sum.left(Size256)
return sum256
}
fn block(dig &Digest, p []byte) {
// For now just use block_generic until we have specific
// For now just use block_generic until we have specific
// architecture optimized versions
block_generic(dig, p)
block_generic(dig, p)
}
pub fn (d &Digest) size() int {

2
vlib/crypto/sha512/sha512block_generic.v
View File

@ -180,6 +180,7 @@ fn block_generic(dig &Digest, p []byte) {
]
mut w := [u64(0); 80]
mut h0 := dig.h[0]
mut h1 := dig.h[1]
mut h2 := dig.h[2]
@ -188,6 +189,7 @@ fn block_generic(dig &Digest, p []byte) {
mut h5 := dig.h[5]
mut h6 := dig.h[6]
mut h7 := dig.h[7]
for p.len >= Chunk {
for i := 0; i < 16; i++ {
j := i * 8