void ed25519_sign(unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *public_key, const unsigned char *private_key) { sha512_context hash; unsigned char hram[64]; unsigned char r[64]; ge_p3 R; sha512_init(&hash); sha512_update(&hash, private_key + 32, 32); sha512_update(&hash, message, message_len); sha512_final(&hash, r); sc_reduce(r); ge_scalarmult_base(&R, r); ge_p3_tobytes(signature, &R); sha512_init(&hash); sha512_update(&hash, signature, 32); sha512_update(&hash, public_key, 32); sha512_update(&hash, message, message_len); sha512_final(&hash, hram); sc_reduce(hram); sc_muladd(signature + 32, hram, private_key, r); }
void _stdcall sha512_hmac(const void *k, size_t k_len, const void *d, size_t d_len, char *out) { sha512_ctx ctx; unsigned char buf[SHA512_BLOCK_SIZE]; unsigned char hval[SHA512_DIGEST_SIZE]; unsigned long i; // zero key buffer memset(buf, 0, sizeof(buf)); // compress hmac key if (k_len > SHA512_BLOCK_SIZE) { sha512_init(&ctx); sha512_hash(&ctx, (const unsigned char*)k, k_len); sha512_done(&ctx, buf); } else { memcpy(buf, k, k_len); } // create the hash initial vector for (i = 0; i < (SHA512_BLOCK_SIZE / 4); i++) { ((unsigned long*)buf)[i] ^= 0x36363636; } // hash key and data sha512_init(&ctx); sha512_hash(&ctx, buf, SHA512_BLOCK_SIZE); sha512_hash(&ctx, (const unsigned char*)d, d_len); sha512_done(&ctx, hval); // create the second HMAC vector for (i = 0; i < (SHA512_BLOCK_SIZE / 4); i++) { ((unsigned long*)buf)[i] ^= 0x6A6A6A6A; } // calculate "outer" hash sha512_init(&ctx); sha512_hash(&ctx, buf, SHA512_BLOCK_SIZE); sha512_hash(&ctx, hval, SHA512_DIGEST_SIZE); sha512_done(&ctx, (unsigned char*)out); // test buffers size alignment at compile-time static_assert( !(sizeof(buf) % sizeof(unsigned long)), "sizeof must be 4 byte aligned"); static_assert( !(sizeof(hval) % sizeof(unsigned long)), "sizeof must be 4 byte aligned"); static_assert( !(sizeof(ctx) % sizeof(unsigned long)), "sizeof must be 4 byte aligned"); // prevent leaks __stosd((unsigned long*)&buf, 0, (sizeof(buf) / sizeof(unsigned long))); __stosd((unsigned long*)&hval, 0, (sizeof(hval) / sizeof(unsigned long))); __stosd((unsigned long*)&ctx, 0, (sizeof(ctx) / sizeof(unsigned long))); }
static bool hmac_sha512(const char *key, size_t keylen, const char *msg, size_t msglen, char *out) { char tmp[2 * mdlen]; sha512_context md; if(keylen <= mdlen) { memcpy(tmp, key, keylen); memset(tmp + keylen, 0, mdlen - keylen); } else { if(sha512(key, keylen, tmp) != 0) return false; } if(sha512_init(&md) != 0) return false; // ipad memxor(tmp, 0x36, mdlen); if(sha512_update(&md, tmp, mdlen) != 0) return false; // message if(sha512_update(&md, msg, msglen) != 0) return false; if(sha512_final(&md, tmp + mdlen) != 0) return false; // opad memxor(tmp, 0x36 ^ 0x5c, mdlen); if(sha512(tmp, sizeof tmp, out) != 0) return false; return true; }
int goldilocks_derive_private_key ( struct goldilocks_private_key_t *privkey, const unsigned char proto[GOLDI_SYMKEY_BYTES] ) { if (!goldilocks_check_init()) { return GOLDI_EUNINIT; } memcpy(&privkey->opaque[2*GOLDI_FIELD_BYTES], proto, GOLDI_SYMKEY_BYTES); unsigned char skb[SHA512_OUTPUT_BYTES]; word_t sk[GOLDI_FIELD_WORDS]; assert(sizeof(skb) >= sizeof(sk)); struct sha512_ctx_t ctx; struct tw_extensible_t exta; struct field_t pk; sha512_init(&ctx); sha512_update(&ctx, (const unsigned char *)"derivepk", GOLDI_DIVERSIFY_BYTES); sha512_update(&ctx, proto, GOLDI_SYMKEY_BYTES); sha512_final(&ctx, (unsigned char *)skb); barrett_deserialize_and_reduce(sk, skb, SHA512_OUTPUT_BYTES, &curve_prime_order); barrett_serialize(privkey->opaque, sk, GOLDI_FIELD_BYTES); scalarmul_fixed_base(&exta, sk, GOLDI_SCALAR_BITS, &goldilocks_global.fixed_base); untwist_and_double_and_serialize(&pk, &exta); field_serialize(&privkey->opaque[GOLDI_FIELD_BYTES], &pk); return GOLDI_EOK; }
unsigned char* sha512_MemBlock(const unsigned char* msg, size_t size, HASH_ctx* ctx) { sha512_init(ctx); sha512_update(ctx, msg, size); sha512_final(ctx, msg, size); return ctx->SHA512_result; }
ssh_mac_ctx ssh_mac_ctx_init(enum ssh_mac_e type){ ssh_mac_ctx ctx = malloc(sizeof(struct ssh_mac_ctx_struct)); if (ctx == NULL) { return NULL; } ctx->mac_type=type; switch(type){ case SSH_MAC_SHA1: ctx->ctx.sha1_ctx = sha1_init(); return ctx; case SSH_MAC_SHA256: ctx->ctx.sha256_ctx = sha256_init(); return ctx; case SSH_MAC_SHA384: ctx->ctx.sha384_ctx = sha384_init(); return ctx; case SSH_MAC_SHA512: ctx->ctx.sha512_ctx = sha512_init(); return ctx; default: SAFE_FREE(ctx); return NULL; } }
void sha512_hmac(const char *k, size_t k_len, const char *d, size_t d_len, char *out) { sha512_ctx ctx; u8 buf[SHA512_BLOCK_SIZE]; u8 hval[SHA512_DIGEST_SIZE]; size_t i; /* zero key buffer */ zeroauto(buf, sizeof(buf)); /* compress hmac key */ if (k_len > SHA512_BLOCK_SIZE) { sha512_init(&ctx); sha512_hash(&ctx, k, k_len); sha512_done(&ctx, buf); } else { mincpy(buf, k, k_len); } /* create the hash initial vector */ for (i = 0; i < SHA512_BLOCK_SIZE; i++) { buf[i] ^= 0x36; } /* hash key and data */ sha512_init(&ctx); sha512_hash(&ctx, buf, SHA512_BLOCK_SIZE); sha512_hash(&ctx, d, d_len); sha512_done(&ctx, hval); /* create the second HMAC vector */ for (i = 0; i < SHA512_BLOCK_SIZE; i++) { buf[i] ^= 0x6A; } /* calculate "outer" hash */ sha512_init(&ctx); sha512_hash(&ctx, buf, SHA512_BLOCK_SIZE); sha512_hash(&ctx, hval, SHA512_DIGEST_SIZE); sha512_done(&ctx, out); /* prevent leaks */ zeroauto(buf, sizeof(buf)); zeroauto(hval, sizeof(hval)); zeroauto(&ctx, sizeof(ctx)); }
void sha512(unsigned char *digest, int len, unsigned char *hash) { SHA512CTX c = sha512_init(); if (c != NULL) { sha512_update(c, digest, len); sha512_final(hash, c); } }
void hmac_sha512_init(hmac_sha512_ctx *ctx, unsigned char *key, unsigned int key_size) { unsigned int fill; unsigned int num; unsigned char *key_used; unsigned char key_temp[SHA512_DIGEST_SIZE]; int i; if (key_size == SHA512_BLOCK_SIZE) { key_used = key; num = SHA512_BLOCK_SIZE; } else { if (key_size > SHA512_BLOCK_SIZE){ key_used = key_temp; num = SHA512_DIGEST_SIZE; sha512(key, key_size, key_used); } else { /* key_size > SHA512_BLOCK_SIZE */ key_used = key; num = key_size; } fill = SHA512_BLOCK_SIZE - num; memset(ctx->block_ipad + num, 0x36, fill); memset(ctx->block_opad + num, 0x5c, fill); } for (i = 0; i < num; i++) { ctx->block_ipad[i] = key_used[i] ^ 0x36; ctx->block_opad[i] = key_used[i] ^ 0x5c; } sha512_init(&ctx->ctx_inside); sha512_update(&ctx->ctx_inside, ctx->block_ipad, SHA512_BLOCK_SIZE); sha512_init(&ctx->ctx_outside); sha512_update(&ctx->ctx_outside, ctx->block_opad, SHA512_BLOCK_SIZE); /* for hmac_reinit */ memcpy(&ctx->ctx_inside_reinit, &ctx->ctx_inside, sizeof(sha512_ctx)); memcpy(&ctx->ctx_outside_reinit, &ctx->ctx_outside, sizeof(sha512_ctx)); }
void sha512(const unsigned char *message, unsigned int len, unsigned char *digest) { sha512_ctx ctx; sha512_init(&ctx); sha512_update(&ctx, message, len); sha512_final(&ctx, digest); }
void SHA512Hash::Reset() { CoreAssert(this != NULL); delete [] m_hash; m_hash = NULL; delete [] m_hashString; m_hashString = NULL; sha512_init(&m_state); }
int main(int argc, char **argv) { unsigned char *x; unsigned long long xlen; if (argv[0]) if (argv[1]) { if (str_equal(argv[1], "-h")) die_usage(0); } /* get password */ x = (unsigned char *)env_get("PASSWORD"); if (!x) { errno = 0; die_usage("$PASSWORD not set"); } xlen = str_len((char *)x); /* create salt */ randombytes(s, sizeof s); /* derive key */ if (sha512hmacpbkdf2(h, sizeof h, x, xlen, s, sizeof s, ROUNDS) == -1) die_fatal("unable to derive keys", 0); byte_zero(x, xlen); /* create nonce */ randombytes(n, sizeof n); uint64_pack(n, nanoseconds()); sha512(nk, (unsigned char *)MAGIC, MAGICBYTES); crypto_block_aes256vulnerable(n, n, nk); /* initialize */ crypto_init(&ctx, n, h, MAGIC); randombytes(h, sizeof h); sha512_init(&shactx); /* write header */ if (writeall(1, MAGIC, MAGICBYTES) == -1) die_fatal("unable to write output", 0); if (writeall(1, s, sizeof s) == -1) die_fatal("unable to write output", 0); randombytes(s, sizeof s); if (writeall(1, n, sizeof n) == -1) die_fatal("unable to write output", 0); for (;;) { inlen = readblock(in, BLOCK); if (inlen != BLOCK) break; if (sha512_block(&shactx, in, inlen) != 0) die_fatal("unable to compute hash", 0); if (crypto_block(&ctx, in, inlen) != 0) die_fatal("unable to encrypt stream", 0); if (writeall(1, in, inlen) == -1) die_fatal("unable to write output", 0); } if (sha512_last(&shactx, h, in, inlen) != 0) die_fatal("unable to compute hash", 0); byte_copy(in + inlen, CHECKSUMBYTES, h); inlen += CHECKSUMBYTES; if (crypto_last(&ctx, in, inlen) != 0) die_fatal("unable to encrypt stream", 0); if (writeall(1, in, inlen) == -1) die_fatal("unable to write output", 0); if (fsyncfd(1) == -1) die_fatal("unable to write output", 0); cleanup(); _exit(0); }
CAMLexport value stub_sha512_init(value unit) { CAMLparam1(unit); CAMLlocal1(result); result = caml_alloc(sizeof(struct sha512_ctx), Abstract_tag); sha512_init(GET_CTX_STRUCT(result)); CAMLreturn(result); }
void protoshares_process_8(minerProtosharesBlock_t* block) { // generate mid hash using sha256 (header hash) uint8 midHash[32]; sha256_ctx c256; sha256_init(&c256); sha256_update(&c256, (unsigned char*)block, 80); sha256_final(&c256, midHash); sha256_init(&c256); sha256_update(&c256, (unsigned char*)midHash, 32); sha256_final(&c256, midHash); // init collision map if( __collisionMap == NULL ) __collisionMap = (uint32*)malloc(sizeof(uint32)*COLLISION_TABLE_SIZE); uint32* collisionIndices = __collisionMap; memset(collisionIndices, 0x00, sizeof(uint32)*COLLISION_TABLE_SIZE); // start search // uint8 midHash[64]; uint8 tempHash[32+4]; sha512_ctx c512; uint64 resultHashStorage[8*CACHED_HASHES]; memcpy(tempHash+4, midHash, 32); for(uint32 n=0; n<MAX_MOMENTUM_NONCE; n += BIRTHDAYS_PER_HASH * CACHED_HASHES) { if( block->height != monitorCurrentBlockHeight ) break; for(uint32 m=0; m<CACHED_HASHES; m++) { sha512_init(&c512); *(uint32*)tempHash = n+m*8; sha512_update_final(&c512, tempHash, 32+4, (unsigned char*)(resultHashStorage+8*m)); } for(uint32 m=0; m<CACHED_HASHES; m++) { uint64* resultHash = resultHashStorage + 8*m; uint32 i = n + m*8; for(uint32 f=0; f<8; f++) { uint64 birthday = resultHash[f] >> (64ULL-SEARCH_SPACE_BITS); uint32 collisionKey = (uint32)((birthday>>18) & COLLISION_KEY_MASK); birthday %= COLLISION_TABLE_SIZE; if( collisionIndices[birthday] ) { if( ((collisionIndices[birthday]&COLLISION_KEY_MASK) != collisionKey) || protoshares_revalidateCollision(block, midHash, collisionIndices[birthday]&~COLLISION_KEY_MASK, i+f) == false ) { // invalid collision -> ignore } } collisionIndices[birthday] = i+f | collisionKey; // we have 6 bits available for validation } } } }
std::string BackupServerPrepareHash::hash_with_patch(IFile *f, IFile *patch) { sha512_init(&ctx); chunk_patcher.ApplyPatch(f, patch); std::string ret; ret.resize(64); sha512_final(&ctx, (unsigned char*)&ret[0]); return ret; }
void sha512_1(sha512_hash_t* dest, const void* msg, uint32_t length_b) { sha512_ctx_t ctx; sha512_init(&ctx); while(length_b >= 1024) { sha512_nextBlock(&ctx, msg); msg = (uint8_t*)msg + 1024/8; length_b -= 1024; } sha512_lastBlock(&ctx, msg, length_b); sha512_ctx2hash(dest, &ctx); }
int sha512(const unsigned char *message, size_t message_len, unsigned char *out) { sha512_context ctx; int ret; ret = sha512_init(&ctx); if (ret) return ret; ret = sha512_update(&ctx, message, message_len); if (ret) return ret; ret = sha512_final(&ctx, out); if (ret) return ret; return 0; }
static void * sha512_ctx_alloc( void ) { sha512_context *ctx; ctx = (sha512_context *) polarssl_malloc( sizeof( sha512_context ) ); if( ctx == NULL ) return( NULL ); sha512_init( ctx ); return( ctx ); }
int sha512(const void *message, size_t message_len, void *out) { sha512_context ctx; int ret; if ((ret = sha512_init(&ctx))) return ret; if ((ret = sha512_update(&ctx, message, message_len))) return ret; if ((ret = sha512_final(&ctx, out))) return ret; return 0; }
ssh_string SshAgentSignEcdsaSha512(uint8_t* data, int dataSize, ssh_key key, uint32_t flags) { // Compute the hash. unsigned char hash[SHA384_DIGEST_LEN] = {0}; SHACTX ctx; ctx = sha512_init(); if (ctx == NULL) { return NULL; } sha512_update(ctx, data, dataSize); sha512_final(hash, ctx); // This release ctx. // Sign the hash. ECDSA_SIG* sig = NULL; sig = ECDSA_do_sign(hash, sizeof(hash), key->ecdsa); if (sig == NULL) { return NULL; } // Format the signature in a blob of the form: // blobLength[ typeNameLength[ typeName ] signatureLength[ rLength[ r ] sLength[ s ] ] ] int rMpiLength = BN_bn2mpi(sig->r, NULL); int sMpiLength = BN_bn2mpi(sig->s, NULL); int signatureLength = rMpiLength + sMpiLength; int typeNameLength = 19; int blobLength = 8 + typeNameLength + signatureLength; uint8_t* signatureBlob = malloc(4 + blobLength); if (signatureBlob == NULL) { return NULL; } pack32(signatureBlob, blobLength); int index = 4; pack32(signatureBlob + index, typeNameLength); index += 4; memcpy(signatureBlob + index, "ecdsa-sha2-nistp521", typeNameLength); index += typeNameLength; pack32(signatureBlob + 15, signatureLength); index += 4; BN_bn2mpi(sig->r, signatureBlob + index); index += rMpiLength; BN_bn2mpi(sig->s, signatureBlob + index); return (ssh_string)signatureBlob; }
static int sha512_monte_carlo_core ( const char *seed, const char *checks[100] ) { struct sha512_ctx_t sha; sha512_init(&sha); unsigned char md0[64],md1[64],md2[64]; int ret = hexdecode(md0,seed,64); if (ret) { youfail(); printf(" SHA-512 NIST Monte Carlo validation seed hex decode failure.\n"); return -1; } int i,j; memcpy(md1,md0,sizeof(md1)); memcpy(md2,md0,sizeof(md1)); for (j=0; j<100; j++) { for (i=3; i<1003; i++) { sha512_update(&sha,md0,sizeof(md0)); sha512_update(&sha,md1,sizeof(md1)); sha512_update(&sha,md2,sizeof(md2)); memcpy(md0,md1,sizeof(md1)); memcpy(md1,md2,sizeof(md1)); sha512_final(&sha,md2); } ret = hexdecode(md0,checks[j],64); if (ret) { youfail(); printf(" SHA-512 NIST Monte Carlo validation hex decode failure at iteration %d\n", j); return -1; } else if (memcmp(md0,md2,sizeof(md2))) { youfail(); printf(" SHA-512 NIST Monte Carlo validation failure at iteration %d\n", j); hexprint(" Expected", md0, 64); hexprint(" But got ", md2, 64); return j+1; } memcpy(md0,md2,sizeof(md1)); memcpy(md1,md2,sizeof(md1)); } return 0; }
ssh_string SshAgentSignRsaSha512(uint8_t* data, int dataSize, ssh_key key, uint32_t flags) { // Compute the hash. unsigned char hash[SHA512_DIGEST_LEN] = {0}; SHACTX ctx; ctx = sha512_init(); if (ctx == NULL) { return NULL; } sha512_update(ctx, data, dataSize); sha512_final(hash, ctx); // This release ctx. // Prepare the buffer to hold the signature in a blob of the form: // signatureBlobLength[ signatureTypeLength[ signatureType ] signatureLength[ signature ] ] int signatureTypeLength = 12; int signatureLength = RSA_size(key->rsa); int signatureBlobLength = 8 + signatureTypeLength + signatureLength; uint8_t* signatureBlob = malloc(4 + signatureBlobLength); if (signatureBlob == NULL) { return NULL; } pack32(signatureBlob, signatureBlobLength); int index = 4; pack32(signatureBlob + index, signatureTypeLength); index += 4; memcpy(signatureBlob + index, "rsa-sha2-512", signatureTypeLength); index += signatureTypeLength; pack32(signatureBlob + 15, signatureLength); index += 4; // Sign the hash in place in the signature blob buffer. unsigned int len; int result = RSA_sign(NID_sha512, hash, sizeof(hash), signatureBlob + index, &len, key->rsa); if (result != 1) { free(signatureBlob); return NULL; } return (ssh_string)signatureBlob; }
/** Self-test the hash @return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled */ int sha512_test(void) { #ifndef LTC_TEST return CRYPT_NOP; #else static const struct { char *msg; unsigned char hash[64]; } tests[] = { { "abc", { 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba, 0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31, 0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2, 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a, 0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8, 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd, 0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e, 0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f } }, { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", { 0x8e, 0x95, 0x9b, 0x75, 0xda, 0xe3, 0x13, 0xda, 0x8c, 0xf4, 0xf7, 0x28, 0x14, 0xfc, 0x14, 0x3f, 0x8f, 0x77, 0x79, 0xc6, 0xeb, 0x9f, 0x7f, 0xa1, 0x72, 0x99, 0xae, 0xad, 0xb6, 0x88, 0x90, 0x18, 0x50, 0x1d, 0x28, 0x9e, 0x49, 0x00, 0xf7, 0xe4, 0x33, 0x1b, 0x99, 0xde, 0xc4, 0xb5, 0x43, 0x3a, 0xc7, 0xd3, 0x29, 0xee, 0xb6, 0xdd, 0x26, 0x54, 0x5e, 0x96, 0xe5, 0x5b, 0x87, 0x4b, 0xe9, 0x09 } }, }; int i; unsigned char tmp[64]; hash_state md; for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { sha512_init(&md); sha512_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); sha512_done(&md, tmp); if (XMEMCMP(tmp, tests[i].hash, 64) != 0) { return CRYPT_FAIL_TESTVECTOR; } } return CRYPT_OK; #endif }
static int derive_key_internal(pairing_session_t *session, const unsigned char *salt, unsigned int saltlen, unsigned char *key, unsigned int keylen) { sha512_context ctx; unsigned char hash[64]; if (keylen > sizeof(hash)) { return -1; } sha512_init(&ctx); sha512_update(&ctx, salt, saltlen); sha512_update(&ctx, session->ecdh_secret, 32); sha512_final(&ctx, hash); memcpy(key, hash, keylen); return 0; }
static void goldilocks_derive_challenge( word_t challenge[GOLDI_FIELD_WORDS], const unsigned char pubkey[GOLDI_FIELD_BYTES], const unsigned char gnonce[GOLDI_FIELD_BYTES], const unsigned char *message, uint64_t message_len ) { /* challenge = H(pk, [nonceG], message). */ unsigned char sha_out[SHA512_OUTPUT_BYTES]; struct sha512_ctx_t ctx; sha512_init(&ctx); sha512_update(&ctx, pubkey, GOLDI_FIELD_BYTES); sha512_update(&ctx, gnonce, GOLDI_FIELD_BYTES); sha512_update(&ctx, message, message_len); sha512_final(&ctx, sha_out); barrett_deserialize_and_reduce(challenge, sha_out, sizeof(sha_out), &curve_prime_order); }
void sha512_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, unsigned int ole) { sha512_context ctx; unsigned int length; if (ole < 1) return; memset(ob, 0, ole); if (ole > 64) ole = 64; sha512_init(&ctx); sha512_write(&ctx, ib, ile); SECStatus status = PK11_DigestFinal(ctx.ctx_nss, ob, &length, ole); PR_ASSERT(length == ole); PR_ASSERT(status == SECSuccess); PK11_DestroyContext(ctx.ctx_nss, PR_TRUE); DBG(DBG_CRYPT, DBG_log("NSS: sha512 final end")); }
static inline int sha512_file(char *filename, uint8_t *digest) { #define BLKSIZE 4096 unsigned char buf[BLKSIZE]; int fd; ssize_t n; struct sha512_ctx ctx; fd = open(filename, O_RDONLY); if (fd == -1) return 1; sha512_init(&ctx); while ((n = read(fd, buf, BLKSIZE)) > 0) sha512_update(&ctx, buf, n); if (n == 0) sha512_finalize(&ctx, digest); close(fd); return n < 0; #undef BLKSIZE }
static int _digest_nettle(int algo, uint8_t* buf, size_t len, unsigned char* res) { switch(algo) { case SHA1_DIGEST_SIZE: { struct sha1_ctx ctx; sha1_init(&ctx); sha1_update(&ctx, len, buf); sha1_digest(&ctx, SHA1_DIGEST_SIZE, res); return 1; } case SHA256_DIGEST_SIZE: { struct sha256_ctx ctx; sha256_init(&ctx); sha256_update(&ctx, len, buf); sha256_digest(&ctx, SHA256_DIGEST_SIZE, res); return 1; } case SHA384_DIGEST_SIZE: { struct sha384_ctx ctx; sha384_init(&ctx); sha384_update(&ctx, len, buf); sha384_digest(&ctx, SHA384_DIGEST_SIZE, res); return 1; } case SHA512_DIGEST_SIZE: { struct sha512_ctx ctx; sha512_init(&ctx); sha512_update(&ctx, len, buf); sha512_digest(&ctx, SHA512_DIGEST_SIZE, res); return 1; } default: break; } return 0; }
std::string BackupServerPrepareHash::hash(IFile *f) { f->Seek(0); unsigned char buf[4096]; _u32 rc; sha512_init(&ctx); do { rc=f->Read((char*)buf, 4096); if(rc>0) sha512_update(&ctx, buf, rc); } while(rc==4096); std::string ret; ret.resize(64); sha512_final(&ctx, (unsigned char*)&ret[0]); return ret; }
static void rnd_pool_mix() { sha512_ctx sha_ctx; int i, n; u8 hval[SHA512_DIGEST_SIZE]; for (i = 0; i < RNG_POOL_SIZE; i += SHA512_DIGEST_SIZE) { sha512_init(&sha_ctx); sha512_hash(&sha_ctx, rnd_pool, sizeof(rnd_pool)); sha512_done(&sha_ctx, hval); for (n = 0; n < SHA512_DIGEST_SIZE; n++) { rnd_pool[i + n] += hval[n]; } } /* Prevent leaks */ zeroauto(hval, sizeof(hval)); zeroauto(&sha_ctx, sizeof(sha_ctx)); }