String DevicePrivate::getDeviceHash(const bool include_port) const { unsigned char hash[crypto_generichash_BYTES_MIN]; crypto_generichash_state state; if (_vendor_id.empty() || _product_id.empty()) { throw std::runtime_error("Cannot compute device hash value. Vendor ID and/or Product ID empty."); } crypto_generichash_init(&state, NULL, 0, sizeof hash); for (auto field : { &_name, &_vendor_id, &_product_id, &_serial_number }) { /* Update the hash value */ crypto_generichash_update(&state, (const uint8_t *)field->c_str(), field->size()); } /* Finalize the hash value */ crypto_generichash_final(&state, hash, sizeof hash); /* Binary => Hex string conversion */ const size_t hexlen = crypto_generichash_BYTES_MIN * 2 + 1; char hexval[hexlen]; sodium_bin2hex(hexval, hexlen, hash, sizeof hash); const std::string hash_string(hexval, hexlen - 1); return std::move(hash_string); }
static unsigned char * message_load_hashed(size_t *message_len, const char *message_file) { crypto_generichash_state hs; unsigned char buf[65536U]; unsigned char *message; FILE *fp; size_t n; if ((fp = fopen(message_file, "rb")) == NULL) { exit_err(message_file); } crypto_generichash_init(&hs, NULL, 0U, crypto_generichash_BYTES_MAX); while ((n = fread(buf, 1U, sizeof buf, fp)) > 0U) { crypto_generichash_update(&hs, buf, n); } if (!feof(fp)) { exit_err(message_file); } xfclose(fp); message = xmalloc(crypto_generichash_BYTES_MAX); crypto_generichash_final(&hs, message, crypto_generichash_BYTES_MAX); *message_len = crypto_generichash_BYTES_MAX; return message; }
void hash_entry(const directory_entry &i, unsigned char (&hash)[crypto_generichash_BYTES]) { crypto_generichash_state state; crypto_generichash_init(&state, NULL, 0, sizeof(hash)); hash_entry(i, state); crypto_generichash_final(&state, hash, sizeof(hash)); }
static int check_resource(struct resource_list *list, const char *file_resource_name, struct archive *a, struct archive_entry *ae) { struct resource_list *item = rlist_find_by_name(list, file_resource_name); if (!item) ERR_RETURN("Can't find file-resource for %s", file_resource_name); if (item->processed) ERR_RETURN("Processing %s twice. Archive is corrupt.", file_resource_name); item->processed = true; struct sparse_file_map sfm; sparse_file_init(&sfm); OK_OR_RETURN(sparse_file_get_map_from_resource(item->resource, &sfm)); size_t expected_length = sparse_file_data_size(&sfm); ssize_t archive_length = archive_entry_size(ae); if (archive_length < 0) ERR_RETURN("Missing file length in archive for %s", file_resource_name); if ((size_t) archive_length != expected_length) ERR_RETURN("Length mismatch for %s", file_resource_name); char *expected_hash = cfg_getstr(item->resource, "blake2b-256"); if (!expected_hash || strlen(expected_hash) != crypto_generichash_BYTES * 2) ERR_RETURN("invalid blake2b-256 hash for '%s'", file_resource_name); crypto_generichash_state hash_state; crypto_generichash_init(&hash_state, NULL, 0, crypto_generichash_BYTES); size_t length_left = expected_length; while (length_left != 0) { char buffer[4096]; size_t to_read = sizeof(buffer); if (to_read > length_left) to_read = length_left; ssize_t len = archive_read_data(a, buffer, to_read); if (len <= 0) ERR_RETURN("Error reading '%s' in archive", archive_entry_pathname(ae)); crypto_generichash_update(&hash_state, (const unsigned char*) buffer, len); length_left -= len; } unsigned char hash[crypto_generichash_BYTES]; crypto_generichash_final(&hash_state, hash, sizeof(hash)); char hash_str[sizeof(hash) * 2 + 1]; bytes_to_hex(hash, hash_str, sizeof(hash)); if (memcmp(hash_str, expected_hash, sizeof(hash_str)) != 0) ERR_RETURN("Detected blake2b digest mismatch for %s", file_resource_name); return 0; }
static int _crypto_box_seal_nonce(unsigned char *nonce, const unsigned char *pk1, const unsigned char *pk2) { crypto_generichash_state st; crypto_generichash_init(&st, NULL, 0U, crypto_box_NONCEBYTES); crypto_generichash_update(&st, pk1, crypto_box_PUBLICKEYBYTES); crypto_generichash_update(&st, pk2, crypto_box_PUBLICKEYBYTES); crypto_generichash_final(&st, nonce, crypto_box_NONCEBYTES); return 0; }
static void seckey_chk(unsigned char chk[crypto_generichash_BYTES], const SeckeyStruct *seckey_struct) { crypto_generichash_state hs; crypto_generichash_init(&hs, NULL, 0U, sizeof seckey_struct->keynum_sk.chk); crypto_generichash_update(&hs, seckey_struct->sig_alg, sizeof seckey_struct->sig_alg); crypto_generichash_update(&hs, seckey_struct->keynum_sk.keynum, sizeof seckey_struct->keynum_sk.keynum); crypto_generichash_update(&hs, seckey_struct->keynum_sk.sk, sizeof seckey_struct->keynum_sk.sk); crypto_generichash_final(&hs, chk, sizeof seckey_struct->keynum_sk.chk); }
static void mm_generichash(void) { crypto_generichash_state st; unsigned char *h, *h2; unsigned char *k; unsigned char *m; size_t hlen; size_t klen; size_t mlen; size_t l1, l2; int i; for (i = 0; i < MAX_ITER; i++) { mlen = randombytes_uniform(MAXLEN); m = (unsigned char *) sodium_malloc(mlen); klen = randombytes_uniform(crypto_generichash_KEYBYTES_MAX - crypto_generichash_KEYBYTES_MIN + 1U) + crypto_generichash_KEYBYTES_MIN; k = (unsigned char *) sodium_malloc(klen); hlen = randombytes_uniform(crypto_generichash_BYTES_MAX - crypto_generichash_BYTES_MIN + 1U) + crypto_generichash_BYTES_MIN; h = (unsigned char *) sodium_malloc(hlen); h2 = (unsigned char *) sodium_malloc(hlen); randombytes_buf(k, klen); randombytes_buf(m, mlen); crypto_generichash_init(&st, k, klen, hlen); l1 = randombytes_uniform(mlen); l2 = randombytes_uniform(mlen - l1); crypto_generichash_update(&st, m, l1); crypto_generichash_update(&st, m + l1, l2); crypto_generichash_update(&st, m + l1 + l2, mlen - l1 - l2); crypto_generichash_final(&st, h, hlen); crypto_generichash(h2, hlen, m, mlen, k, klen); assert(memcmp(h, h2, hlen) == 0); sodium_free(h2); sodium_free(h); sodium_free(k); sodium_free(m); } }
int main(void) { #define MAXLEN 64 crypto_generichash_state st; unsigned char in[MAXLEN], out[crypto_generichash_BYTES_MAX], k[crypto_generichash_KEYBYTES_MAX]; size_t h, i, j; for (h = 0; h < crypto_generichash_KEYBYTES_MAX; ++h) k[h] = h; for (i = 0; i < MAXLEN; ++i) { in[i] = i; if (crypto_generichash_init(&st, k, 1 + i % crypto_generichash_KEYBYTES_MAX, 1 + i % crypto_generichash_BYTES_MAX) != 0) { printf("crypto_generichash_init()\n"); return 1; } crypto_generichash_update(&st, in, i); crypto_generichash_update(&st, in, i); crypto_generichash_update(&st, in, i); crypto_generichash_final(&st, out, 1 + i % crypto_generichash_BYTES_MAX); for (j = 0; j < 1 + i % crypto_generichash_BYTES_MAX; ++j) { printf("%02x", (unsigned int)out[j]); } printf("\n"); } assert(crypto_generichash_init(&st, k, sizeof k, 0U) == -1); assert(crypto_generichash_init(&st, k, sizeof k, crypto_generichash_BYTES_MAX + 1U) == -1); assert(crypto_generichash_init(&st, k, crypto_generichash_KEYBYTES_MAX + 1U, sizeof out) == -1); assert(crypto_generichash_init(&st, k, 0U, sizeof out) == 0); assert(crypto_generichash_init(&st, k, 1U, sizeof out) == 0); assert(crypto_generichash_init(&st, NULL, 1U, 0U) == -1); assert(crypto_generichash_init(&st, NULL, crypto_generichash_KEYBYTES, 1U) == 0); assert(crypto_generichash_init(&st, NULL, crypto_generichash_KEYBYTES, 0U) == -1); return 0; }
/* tox_hash() is sha256. * */ static int file_checksumcalc_noblock(uint8_t *BLAKE2b, char *filename) { static FILE *f = NULL; uint32_t i; int rc; uint8_t buf[HASHING_BUFSIZE]; static crypto_generichash_state state; if(!f) { if(!(f = fopen(filename, "rb"))) { perrlog("fopen"); return(-1); } // state = sodium_malloc(crypto_generichash_statebytes()); // buf = malloc(HASHING_BUFSIZE); crypto_generichash_init(&state, NULL, 0, TOX_FILE_ID_LENGTH); } if((i = fread(buf, 1, HASHING_BUFSIZE, f)) > 0) { crypto_generichash_update(&state, buf, HASHING_BUFSIZE); rc = i; } else { crypto_generichash_final(&state, BLAKE2b, TOX_FILE_ID_LENGTH); if(fclose(f) != 0) perrlog("fclose"); f = NULL; rc = 0; } /* rc > 0: still hashing * rc == 0: complete * rc < 0: error*/ return(rc); }
int crypto_kx_server_session_keys(unsigned char rx[crypto_kx_SESSIONKEYBYTES], unsigned char tx[crypto_kx_SESSIONKEYBYTES], const unsigned char server_pk[crypto_kx_PUBLICKEYBYTES], const unsigned char server_sk[crypto_kx_SECRETKEYBYTES], const unsigned char client_pk[crypto_kx_PUBLICKEYBYTES]) { crypto_generichash_state h; unsigned char q[crypto_scalarmult_BYTES]; unsigned char keys[2 * crypto_kx_SESSIONKEYBYTES]; int i; if (rx == NULL) { rx = tx; } if (tx == NULL) { tx = rx; } if (rx == NULL) { sodium_misuse(); /* LCOV_EXCL_LINE */ } if (crypto_scalarmult(q, server_sk, client_pk) != 0) { return -1; } COMPILER_ASSERT(sizeof keys <= crypto_generichash_BYTES_MAX); crypto_generichash_init(&h, NULL, 0U, sizeof keys); crypto_generichash_update(&h, q, crypto_scalarmult_BYTES); sodium_memzero(q, sizeof q); crypto_generichash_update(&h, client_pk, crypto_kx_PUBLICKEYBYTES); crypto_generichash_update(&h, server_pk, crypto_kx_PUBLICKEYBYTES); crypto_generichash_final(&h, keys, sizeof keys); sodium_memzero(&h, sizeof h); for (i = 0; i < crypto_kx_SESSIONKEYBYTES; i++) { tx[i] = keys[i]; rx[i] = keys[i + crypto_kx_SESSIONKEYBYTES]; } sodium_memzero(keys, sizeof keys); return 0; }