static std::string sha512(const std::string &input, size_t iterations = 1) noexcept {
std::string hash;
hash.resize(512 / 8);
SHA512(reinterpret_cast<const unsigned char *>(&input[0]), input.size(), reinterpret_cast<unsigned char *>(&hash[0]));
for(size_t c = 1; c < iterations; ++c)
SHA512(reinterpret_cast<const unsigned char *>(&hash[0]), hash.size(), reinterpret_cast<unsigned char *>(&hash[0]));
return hash;
}
/* This function generates the output of the password hashing function.
*
* The output consists of a variable length of bits, starting with the output of
* hash(state). If the output length is at least PHS_HASH_SIZE, this allows us to re-use
* the information to upgrade previously generated passwords to a higher t_cost parameter.
*/
void phs_gen_output(phs_ctx_t *ctx, size_t outlen, void* out) {
uint32_t output_block;
uint32_t output_remaining = outlen;
uint8_t *out_u8 = (uint8_t *) out;
/* Hash the entire state using SHA512 and store it in the rehash buffer temporarily */
SHA512((uint8_t *) ctx->state, ctx->state_bytes, (uint8_t*) ctx->rehash);
/* In order to create additional key material, we rehash the current state
* and add a 32-bit word in front until we created enough output bits...
*
* If we use up to PHS_HASH_SIZE byte, we simply copy the hash to the output buffer.
*/
if (outlen <= PHS_HASH_SIZE) {
memcpy(out_u8, (uint8_t*) ctx->rehash, outlen);
}
/* In order to create additional key material, we rehash the current state
* and add a 32-bit word in front until we created enough output bits...
*/
else {
memcpy(out_u8, (uint8_t*) ctx->rehash, PHS_HASH_SIZE);
/* Update the pointers and the remaining byte count */
out_u8 += PHS_HASH_SIZE;
output_remaining = outlen - PHS_HASH_SIZE;
/* initialize the state prefix with 1 */
*(ctx->stateprefix) = 1;
/* copy additional output to the output buffer */
while (output_remaining != 0) {
/* Now, we hash the entire state with the updated prefix and store it in rehash */
SHA512((uint8_t *) ctx->stateprefix, ctx->state_bytes + sizeof(uint32_t), ctx->rehash);
/* And derive a new state as additional key material */
phs_store_derived_state(ctx);
/* Set the block size to either the full state or a partial state */
if (output_remaining < ctx->state_bytes) {
output_block = output_remaining;
}
else {
output_block = ctx->state_bytes;
}
/* copy to output buffer */
memcpy(out_u8, ctx->state, output_block);
/* update remaining bytes and modify output pointer */
output_remaining -= output_block;
out_u8 += output_block;
/* increment the state prefix in case we need even more output */
*(ctx->stateprefix) = *(ctx->stateprefix) + 1;
} while (output_remaining != 0);
}
}
int BPU_gf2VecHashA(BPU_T_Vector_GF2 *out, const BPU_T_Vector_GF2 *in, int len){
//sha512 output constant - SHA512_DIGEST_LENGTH
const int DIGEST_LENGTH = 512;
int i, element = -1;
unsigned char* hashed = (unsigned char*) malloc(DIGEST_LENGTH/8);
BPU_T_Vector_GF2 hash_vector;
// TODO: remove dependency
if(SHA512((unsigned char*)in->elements, in->elements_in_row, hashed) == NULL){
BPU_printError("hash: SHA512");
return -1;
}
if (BPU_mallocVectorGF2(&hash_vector, DIGEST_LENGTH) != 0) {
BPU_printError("hash: BPU_mallocVectorGF2");
return -2;
}
for (i = 0; i < hash_vector.len/8; i++) {
if (i % (hash_vector.element_bit_size/8) == 0)
element++;
hash_vector.elements[element] ^= hashed[i] << ((i % (hash_vector.element_bit_size/8))*8);
}
BPU_gf2VecCropA(out, &hash_vector, 0, len);
BPU_freeVecGF2(&hash_vector, 0);
free(hashed);
return 0;
}
static void DONNA_INLINE
ed25519_extsk(hash_512bits extsk, const ed25519_secret_key sk) {
SHA512(sk, 32, extsk);
extsk[0] &= 248;
extsk[31] &= 127;
extsk[31] |= 64;
}
int crypto_sign_open(
unsigned char *m,unsigned long long *mlen,
const unsigned char *sm,unsigned long long smlen,
const unsigned char *pk
)
{
unsigned char h[64];
unsigned char checkr[32];
ge_p3 A;
ge_p2 R;
unsigned long long i;
*mlen = -1;
if (smlen < 64) return -1;
if (sm[63] & 224) return -2;
if (ge_frombytes_negate_vartime(&A,pk) != 0) return -3;
for (i = 0;i < smlen;++i) m[i] = sm[i];
for (i = 0;i < 32;++i) m[32 + i] = pk[i];
SHA512(m, smlen, h);
sc_reduce(h);
ge_double_scalarmult_vartime(&R,h,&A,sm + 32);
ge_tobytes(checkr,&R);
if (crypto_verify_32(checkr,sm) != 0) {
for (i = 0;i < smlen;++i) m[i] = 0;
return crypto_verify_32(checkr,sm);
}
for (i = 0;i < smlen - 64;++i) m[i] = sm[64 + i];
for (i = smlen - 64;i < smlen;++i) m[i] = 0;
*mlen = smlen - 64;
return 0;
}
std::vector< std::pair<uint32_t,uint32_t> > momentum_search( uint256 midHash )
{
semiOrderedMap somap;
somap.allocate(4);
std::vector< std::pair<uint32_t,uint32_t> > results;
char hash_tmp[sizeof(midHash)+4];
memcpy((char*)&hash_tmp[4], (char*)&midHash, sizeof(midHash) );
uint32_t* index = (uint32_t*)hash_tmp;
for( uint32_t i = 0; i < MAX_MOMENTUM_NONCE; )
{
if(i%1048576==0)
{
boost::this_thread::interruption_point();
}
*index = i;
uint64_t result_hash[8];
SHA512((unsigned char*)hash_tmp, sizeof(hash_tmp), (unsigned char*)&result_hash);
for( uint32_t x = 0; x < BIRTHDAYS_PER_HASH; ++x )
{
uint64_t birthday = result_hash[x] >> (64-SEARCH_SPACE_BITS);
uint32_t nonce = i+x;
uint64_t foundMatch=somap.checkAdd( birthday, nonce );
if( foundMatch != 0 )
{
results.push_back( std::make_pair( foundMatch, nonce ) );
}
}
i += BIRTHDAYS_PER_HASH;
}
return results;
}
int
crypto_hash_sha512(unsigned char *out, const unsigned char *in,
unsigned long long inlen)
{
SHA512(in, inlen, out);
return 0;
}
ZZ Decryer::genHash(const ZZ sec, const ZZ ranZ){
unsigned char * secStr, ranZStr;
BytesFromZZ(secStr, sec, _strLen);
BytesFromZZ(ranZStr, ranZ, _strLen);
unsigned char * shaSrc = strcat(secStr, ranZStr);
unsigned char[SHA512_DIGEST_LENGTH] shaRes;
SHA512(shaSrc, 2*_strLen, shaRes);
return ZZFromBytes(shaRes, _strLen);
}
TEST(SHA512Test, test_sha512_short_msg) {
ASSERT_EQ(SHA512_SHORT_MSG.size(), SHA512_SHORT_MSG_HEXDIGEST.size());
for ( unsigned int i = 0; i < SHA512_SHORT_MSG.size(); ++i ) {
auto sha512 = SHA512(unhexlify(SHA512_SHORT_MSG[i]));
EXPECT_EQ(sha512.hexdigest(), SHA512_SHORT_MSG_HEXDIGEST[i]);
}
}
uint64_t getBirthdayHash(const uint256& midHash, uint32_t a)
{
uint32_t index = a - (a%8);
char hash_tmp[sizeof(midHash)+4];
memcpy(&hash_tmp[4], (char*)&midHash, sizeof(midHash) );
memcpy(&hash_tmp[0], (char*)&index, sizeof(index) );
uint64_t result_hash[8];
SHA512((unsigned char*)hash_tmp, sizeof(hash_tmp), (unsigned char*)&result_hash);
uint64_t r = result_hash[a%BIRTHDAYS_PER_HASH]>>(64-SEARCH_SPACE_BITS);
return r;
}
/**
* Выполянем хешированеи стркои в sha512
* @see example http://www.askyb.com/cpp/openssl-sha512-hashing-example-in-cpp/
* @return 512 бит хеша
*/
unsigned char* Crypto::getHashSha512() {
unsigned char* digest = new unsigned char[SHA512_DIGEST_LENGTH];
char* str = (char *) string_cypto.c_str();
SHA512((unsigned char*) &str, strlen(str),
(unsigned char*) digest);
return digest;
}
int
CWin32Platform::sha512(const char * string, char * buf, int maxlen)
{
unsigned char obuf[64];
SHA512((const unsigned char *)string, strlen(string), obuf);
char * ptr = buf;
for(int i = 0; i < 64 && (i * 2 + 1 < maxlen); i++) {
sprintf(ptr, "%02x", obuf[i]);
ptr += strlen(ptr);
}
return strlen(buf);
}
static unsigned char * hash( SRP_HashAlgorithm alg, const unsigned char *d, size_t n, unsigned char *md )
{
switch (alg)
{
case SRP_SHA1 : return SHA1( d, n, md );
case SRP_SHA224: return SHA224( d, n, md );
case SRP_SHA256: return SHA256( d, n, md );
case SRP_SHA384: return SHA384( d, n, md );
case SRP_SHA512: return SHA512( d, n, md );
default:
return 0;
}
}
ikptr
ikrt_openssl_sha512 (ikptr s_input, ikptr s_input_len, ikpcb * pcb)
{
#ifdef HAVE_SHA512
ik_ssl_cuchar * in = (ik_ssl_cuchar *)IK_GENERALISED_C_STRING(s_input);
ik_ulong in_len = (ik_ulong)ik_generalised_c_buffer_len(s_input, s_input_len);
unsigned char sum[SHA512_DIGEST_LENGTH];
SHA512(in, in_len, sum);
return ika_bytevector_from_memory_block(pcb, sum, SHA512_DIGEST_LENGTH);
#else
feature_failure(__func__);
#endif
}
int crypto_sign(
unsigned char *sm,unsigned long long *smlen,
const unsigned char *m,unsigned long long mlen,
const unsigned char *sk
)
{
unsigned char az[64];
unsigned char r[64];
unsigned char hram[64];
ge_p3 R;
unsigned long long i;
SHA512(sk, 32, az);
// crypto_hash_sha512(az,sk,32);
az[0] &= 248;
az[31] &= 63;
az[31] |= 64;
*smlen = mlen + 64;
for (i = 0;i < mlen;++i) sm[64 + i] = m[i];
for (i = 0;i < 32;++i) sm[32 + i] = az[32 + i];
SHA512(sm + 32, mlen + 32, r);
// crypto_hash_sha512(r,sm + 32,mlen + 32);
for (i = 0;i < 32;++i) sm[32 + i] = sk[32 + i];
sc_reduce(r);
ge_scalarmult_base(&R,r);
ge_p3_tobytes(sm,&R);
SHA512(sm, mlen + 64, hram);
// crypto_hash_sha512(hram,sm,mlen + 64);
sc_reduce(hram);
sc_muladd(sm + 32,hram,az,r);
return 0;
}
static inline std::string digest(Name name, const char *buf, size_t bufSize)
{
unsigned char md[128];
const unsigned char *src = cybozu::cast<const unsigned char *>(buf);
switch (name) {
case N_SHA1: SHA1(src, bufSize, md); break;
case N_SHA224: SHA224(src, bufSize, md); break;
case N_SHA256: SHA256(src, bufSize, md); break;
case N_SHA384: SHA384(src, bufSize, md); break;
case N_SHA512: SHA512(src, bufSize, md); break;
default:
throw cybozu::Exception("crypt:Hash:digest") << name;
}
return std::string(cybozu::cast<const char*>(md), getSize(name));
}
bool OpensslManager::HashString(Openssl_Hash algorithm, unsigned char *input, int size, unsigned char *output, int *outlength)
{
switch(algorithm)
{
case Openssl_Hash_MD5:
MD5(input, size, output);
*outlength = MD5_DIGEST_LENGTH;
return true;
case Openssl_Hash_MD4:
MD4(input, size, output);
*outlength = MD4_DIGEST_LENGTH;
return true;
case Openssl_Hash_MD2:
MD2(input, size, output);
*outlength = MD2_DIGEST_LENGTH;
return true;
case Openssl_Hash_SHA:
SHA(input, size, output);
*outlength = SHA_DIGEST_LENGTH;
return true;
case Openssl_Hash_SHA1:
SHA1(input, size, output);
*outlength = SHA_DIGEST_LENGTH;
return true;
case Openssl_Hash_SHA224:
SHA224(input, size, output);
*outlength = SHA224_DIGEST_LENGTH;
return true;
case Openssl_Hash_SHA256:
SHA256(input, size, output);
*outlength = SHA256_DIGEST_LENGTH;
return true;
case Openssl_Hash_SHA384:
SHA384(input, size, output);
*outlength = SHA384_DIGEST_LENGTH;
return true;
case Openssl_Hash_SHA512:
SHA512(input, size, output);
*outlength = SHA512_DIGEST_LENGTH;
return true;
case Openssl_Hash_RIPEMD160:
RIPEMD160(input, size, output);
*outlength = RIPEMD160_DIGEST_LENGTH;
return true;
}
return false;
}
void sha512_a(){
uint64_t A = INIT_A;
uint64_t B = INIT_B;
uint64_t C = INIT_C;
uint64_t D = INIT_D;
uint64_t E = INIT_E;
uint64_t F = INIT_F;
uint64_t G = INIT_G;
uint64_t H = INIT_H;
uint64_t W[16];
int i;
for(i=0;i<16;i++)
W[i]=i;
SHA512(A, B, C, D, E, F, G, H, W);
printf("%08x %08x %08x %08x %08x %08x %08x %08x\n",P(A),P(B),P(C),P(D),P(E),P(F),P(G),P(H));
}
static std::string sha512(std::istream &stream, size_t iterations = 1) noexcept {
SHA512_CTX context;
SHA512_Init(&context);
std::streamsize read_length;
std::vector<char> buffer(buffer_size);
while((read_length = stream.read(&buffer[0], buffer_size).gcount()) > 0)
SHA512_Update(&context, buffer.data(), static_cast<size_t>(read_length));
std::string hash;
hash.resize(512 / 8);
SHA512_Final(reinterpret_cast<unsigned char *>(&hash[0]), &context);
for(size_t c = 1; c < iterations; ++c)
SHA512(reinterpret_cast<const unsigned char *>(&hash[0]), hash.size(), reinterpret_cast<unsigned char *>(&hash[0]));
return hash;
}
int SignCheck(RSA *pubkey, char *data, int dataLen, char *signature, int signature_len) {
int ret = 0;
char *hash = (char *)malloc(SHA512_DIGEST_LENGTH);
if (hash != NULL) {
SHA512((const unsigned char *)data, dataLen,(unsigned char *) hash);
ret = RSA_verify(NID_sha512,(const unsigned char *) hash, SHA512_DIGEST_LENGTH, (unsigned char *) signature, signature_len, pubkey);
free(hash);
}
return ret;
}
void SHA512Filler(char *mainMemoryPsuedoRandomData, int threadNumber, uint256 midHash){
//Generate psuedo random data to store in main memory
uint32_t chunks=(1<<(PSUEDORANDOM_DATA_SIZE-PSUEDORANDOM_DATA_CHUNK_SIZE)); //2^(30-6) = 16 mil
uint32_t chunkSize=(1<<(PSUEDORANDOM_DATA_CHUNK_SIZE)); //2^6 = 64 bytes
unsigned char hash_tmp[sizeof(midHash)];
memcpy((char*)&hash_tmp[0], (char*)&midHash, sizeof(midHash) );
uint32_t* index = (uint32_t*)hash_tmp;
// uint32_t chunksToProcess=chunks/totalThreads;
uint32_t chunksToProcess = chunks / opt_n_threads;
uint32_t startChunk=threadNumber*chunksToProcess;
for( uint32_t i = startChunk; i < startChunk+chunksToProcess; i++){
//This changes the first character of hash_tmp
*index = i;
SHA512((unsigned char*)hash_tmp, sizeof(hash_tmp), (unsigned char*)&(mainMemoryPsuedoRandomData[i*chunkSize]));
}
}
/* This function derives the new state from the current hash stored in
* ctx.rehash and is called by the phs_upd_entropy() function.
*
* In addition, we use this function to update previously generated key
* material to a higher t_cost parameter.
*/
void phs_store_derived_state(phs_ctx_t *ctx) {
/* compute the number of 64-byte blocks needed to update the full state */
uint32_t num_hashs = ctx->state_bytes / PHS_HASH_SIZE;
/* input is the full rehash state, counting in the rehashprefix */
uint8_t *in = (uint8_t *) ctx->rehashprefix;
uint32_t *cnt = ctx->rehashprefix;
uint8_t *out = (uint8_t *) ctx->state;
/* redistribute entropy evenly across the state */
for (*cnt = 0; (*cnt) < num_hashs; (*cnt)++) {
/* compute SHA512 and update state */
SHA512(in, PHS_REHASH_SIZE, out);
/* move output pointer */
out += PHS_HASH_SIZE;
}
}
void KAKUtil::privacyAmplification(ClassicRegister rawKey) {
char buffer [KAKUtil::KEY_LENGTH+1];
unsigned char finalKey[SHA512_DIGEST_LENGTH];
int i;
for ( i = 0; i < KAKUtil::KEY_LENGTH; i++ ) {
sprintf(&buffer[i], "%i", rawKey.getBit(i));
}
SHA512(reinterpret_cast<const unsigned char*>(buffer),
sizeof(buffer), finalKey);
for ( i = 0; i < sizeof(finalKey); i++ ) {
printf("%02x", finalKey[i] & 0xff);
}
printf("\n");
}
int crypto_sign_keypair(unsigned char *pk, unsigned char *sk)
{
unsigned char h[64];
ge_p3 A;
int i;
SHA512(sk, 32, h);
h[0] &= 248;
h[31] &= 63;
h[31] |= 64;
ge_scalarmult_base(&A,h);
ge_p3_tobytes(pk,&A);
for (i = 0;i < 32;++i) sk[32 + i] = pk[i];
return 0;
}
/* SHA512: generate hash of known digest value and compare to known
precomputed correct hash
*/
static int FIPS_sha512_test()
{
unsigned char digest[SHA512_DIGEST_LENGTH] =
{0x99, 0xc9, 0xe9, 0x5b, 0x88, 0xd4, 0x78, 0x88, 0xdf, 0x88, 0x5f, 0x94, 0x71, 0x64, 0x28, 0xca,
0x16, 0x1f, 0x3d, 0xf4, 0x1f, 0xf3, 0x0f, 0xc5, 0x03, 0x99, 0xb2, 0xd0, 0xe7, 0x0b, 0x94, 0x4a,
0x45, 0xd2, 0x6c, 0x4f, 0x20, 0x06, 0xef, 0x71, 0xa9, 0x25, 0x7f, 0x24, 0xb1, 0xd9, 0x40, 0x22,
0x49, 0x54, 0x10, 0xc2, 0x22, 0x9d, 0x27, 0xfe, 0xbd, 0xd6, 0xd6, 0xeb, 0x2d, 0x42, 0x1d, 0xa3};
unsigned char str[] = "etaonrishd";
unsigned char md[SHA512_DIGEST_LENGTH];
ERR_clear_error();
if (!SHA512(str,sizeof(str) - 1,md)) return 0;
if (memcmp(md,digest,sizeof(md)))
return 0;
return 1;
}
/** Hashes the latest finished message from an SSL stream
@param sslSession the session to get the message from.
@param hash the buffer into which the hash of the retrieved
message will be saved. The buffer MUST be at least
64 bytes long.
@param getMessage a pointer to the function to call to retrieve the
finished message. This be either:
`SSL_get_finished` or
`SSL_get_peer_finished`.
@return `true` if successful, `false` otherwise.
*/
static
bool
hashLastMessage (SSL const* ssl, unsigned char* hash,
size_t (*get)(const SSL *, void *buf, size_t))
{
enum
{
sslMinimumFinishedLength = 12
};
unsigned char buf[1024];
std::memset(hash, 0, 64);
size_t len = get (ssl, buf, sizeof (buf));
if(len < sslMinimumFinishedLength)
return false;
SHA512 (buf, len, hash);
return true;
}
static ErlDrvSSizeT sha_drv_control(ErlDrvData handle,
unsigned int command,
char *buf, ErlDrvSizeT len,
char **rbuf, ErlDrvSizeT rlen)
{
ErlDrvBinary *b = NULL;
switch (command) {
#ifdef HAVE_MD2
case 2:
rlen = MD2_DIGEST_LENGTH;
b = driver_alloc_binary(rlen);
if (b) MD2((unsigned char*)buf, len, (unsigned char*)b->orig_bytes);
break;
#endif
case 224:
rlen = SHA224_DIGEST_LENGTH;
b = driver_alloc_binary(rlen);
if (b) SHA224((unsigned char*)buf, len, (unsigned char*)b->orig_bytes);
break;
case 256:
rlen = SHA256_DIGEST_LENGTH;
b = driver_alloc_binary(rlen);
if (b) SHA256((unsigned char*)buf, len, (unsigned char*)b->orig_bytes);
break;
case 384:
rlen = SHA384_DIGEST_LENGTH;
b = driver_alloc_binary(rlen);
if (b) SHA384((unsigned char*)buf, len, (unsigned char*)b->orig_bytes);
break;
case 512:
rlen = SHA512_DIGEST_LENGTH;
b = driver_alloc_binary(rlen);
if (b) SHA512((unsigned char*)buf, len, (unsigned char*)b->orig_bytes);
break;
};
if (b) {
*rbuf = (char *)b;
} else {
*rbuf = NULL;
rlen = 0;
};
return rlen;
}
/**
* @see clientlib.h
*/
void selfTest(){
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
OPENSSL_config(NULL);
// TODO: do some encryption
unsigned char data[] = "HelloWorld";
unsigned char hash[SHA512_DIGEST_LENGTH];
SHA512(data, sizeof(data), hash);
int i;
for (i = 0; i < sizeof(data); i++) {
printf("%02x ", data[i]);
}
printf("\n");
//
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
ERR_free_strings();
}
/* The function phs_upd_entropy re-distributes the entopy across the full state
* using hash function calls. In the current implementation, only one hash function
* (SHA-512) is called.
*
* It updates the full memory referenced by ctx.state.
*/
void phs_upd_entropy(phs_ctx_t *ctx) {
uint8_t *state = (uint8_t *) ctx->state;
uint8_t *rehash = (uint8_t *) ctx->rehash;
/* debug output */
Dprintf("Executing phs_upd_entropy().\n");
Dprintf("Dumping current state...\n");
DprintFullState(ctx);
/* update rehash buffer */
Dprintf("Dumping rehash-buffer after phs_update_rehash_buffer()...\n");
SHA512(state, ctx->state_bytes, rehash);
DprintRehashState(ctx);
/* derive the state by rehashing the rehash buffer */
Dprintf("Dumping new state ater phs_store_derived_state()...\n");
phs_store_derived_state(ctx);
DprintFullState(ctx);
}
uint64_t getBirthdayHash(const uint256& midHash, uint32_t a)
{
uint32_t index = a - (a%8);
char hash_tmp[sizeof(midHash)+4];
// std::cerr<<"midHash size:" <<sizeof(midHash)<<"\n";
memcpy(&hash_tmp[4], (char*)&midHash, sizeof(midHash) );
memcpy(&hash_tmp[0], (char*)&index, sizeof(index) );
uint64_t result_hash[8];
// for( uint32_t i = 0; i < sizeof(hash_tmp); ++i )
// {
// std::cerr<<" "<<uint16_t((((unsigned char*)hash_tmp)[i]));
// }
// std::cerr<<"\n";
SHA512((unsigned char*)hash_tmp, sizeof(hash_tmp), (unsigned char*)&result_hash);
// std::cerr<<"result_hash "<<a<<" "<<a%8<<" --- ";
// for( uint32_t i = 0; i < 8; ++i ) std::cerr<<result_hash[i]<<" ";
// std::cerr<<"\n";
uint64_t r = result_hash[a%BIRTHDAYS_PER_HASH]>>(64-SEARCH_SPACE_BITS);
// std::cerr<<"bdayresult: "<<r<<"\n";
return r;
}
