/*
* Tiger Constructor
*/
Tiger::Tiger(size_t hash_len, size_t passes) :
MDx_HashFunction(64, false, false),
X(8),
digest(3),
hash_len(hash_len),
passes(passes)
{
if(output_length() != 16 && output_length() != 20 && output_length() != 24)
throw Invalid_Argument("Tiger: Illegal hash output size: " +
to_string(output_length()));
if(passes < 3)
throw Invalid_Argument("Tiger: Invalid number of passes: "
+ to_string(passes));
clear();
}
/*
* CMAC Constructor
*/
CMAC::CMAC(BlockCipher* cipher) : m_cipher(cipher)
{
if(m_cipher->block_size() != 8 && m_cipher->block_size() != 16 &&
m_cipher->block_size() != 32 && m_cipher->block_size() != 64)
{
throw Invalid_Argument("CMAC cannot use the " +
std::to_string(m_cipher->block_size() * 8) +
" bit cipher " + m_cipher->name());
}
m_state.resize(output_length());
m_buffer.resize(output_length());
m_B.resize(output_length());
m_P.resize(output_length());
m_position = 0;
}
/*
* CMAC Constructor
*/
CMAC::CMAC(BlockCipher* cipher) :
m_cipher(cipher),
m_block_size(m_cipher->block_size())
{
if(poly_double_supported_size(m_block_size) == false)
{
throw Invalid_Argument("CMAC cannot use the " +
std::to_string(m_block_size * 8) +
" bit cipher " + m_cipher->name());
}
m_state.resize(output_length());
m_buffer.resize(output_length());
m_B.resize(output_length());
m_P.resize(output_length());
m_position = 0;
}
/*
* Finalize a hash
*/
void Streebog::final_result(uint8_t output[])
{
m_buffer[m_position++] = 0x01;
if(m_position != m_buffer.size())
clear_mem(&m_buffer[m_position], m_buffer.size() - m_position);
compress(m_buffer.data());
m_count += (m_position - 1) * 8;
zeroise(m_buffer);
store_le(m_count, m_buffer.data());
compress(m_buffer.data(), true);
compress_64(m_S.data(), true);
// FIXME
std::memcpy(output, &m_h[8 - output_length() / 8], output_length());
clear();
}
/*
* Finalize an CMAC Calculation
*/
void CMAC::final_result(uint8_t mac[])
{
xor_buf(m_state, m_buffer, m_position);
if(m_position == output_length())
{
xor_buf(m_state, m_B, output_length());
}
else
{
m_state[m_position] ^= 0x80;
xor_buf(m_state, m_P, output_length());
}
m_cipher->encrypt(m_state);
copy_mem(mac, m_state.data(), output_length());
zeroise(m_state);
zeroise(m_buffer);
m_position = 0;
}
/*
* Finalize an CMAC Calculation
*/
void CMAC::final_result(byte mac[])
{
xor_buf(m_state, m_buffer, m_position);
if(m_position == output_length())
{
xor_buf(m_state, m_B, output_length());
}
else
{
m_state[m_position] ^= 0x80;
xor_buf(m_state, m_P, output_length());
}
m_cipher->encrypt(m_state);
for(size_t i = 0; i != output_length(); ++i)
mac[i] = m_state[i];
zeroise(m_state);
zeroise(m_buffer);
m_position = 0;
}
/*
* Write the count bits to the buffer
*/
void MDx_HashFunction::write_count(uint8_t out[])
{
if(COUNT_SIZE < 8)
throw Invalid_State("MDx_HashFunction::write_count: COUNT_SIZE < 8");
if(COUNT_SIZE >= output_length() || COUNT_SIZE >= hash_block_size())
throw Invalid_Argument("MDx_HashFunction: COUNT_SIZE is too big");
const uint64_t bit_count = m_count * 8;
if(BIG_BYTE_ENDIAN)
store_be(bit_count, out + COUNT_SIZE - 8);
else
store_le(bit_count, out + COUNT_SIZE - 8);
}
void Blake2b::final_result(byte output[])
{
if(!output)
{
return;
}
byte* const buffer = m_buffer.data();
const u64bit* const H = static_cast<const u64bit*>(m_H.data());
u16bit outlen = static_cast<u16bit>(output_length());
std::memset(buffer + m_buflen, 0, BLAKE2B_BLOCKBYTES - m_buflen);
increment_counter(m_buflen);
compress(true);
for (u16bit i = 0; i < outlen; i++)
{
output[i] = (H[i >> 3] >> (8 * (i & 7))) & 0xFF;
}
clear();
}
/*
* Update an CMAC Calculation
*/
void CMAC::add_data(const uint8_t input[], size_t length)
{
const size_t bs = output_length();
buffer_insert(m_buffer, m_position, input, length);
if(m_position + length > bs)
{
xor_buf(m_state, m_buffer, bs);
m_cipher->encrypt(m_state);
input += (bs - m_position);
length -= (bs - m_position);
while(length > bs)
{
xor_buf(m_state, input, bs);
m_cipher->encrypt(m_state);
input += bs;
length -= bs;
}
copy_mem(m_buffer.data(), input, length);
m_position = 0;
}
m_position += length;
}
/*
* Copy out the digest
*/
void MD5::copy_out(byte output[])
{
for(size_t i = 0; i != output_length(); i += 4)
store_le(digest[i/4], output + i);
}
/*
* Copy out the digest
*/
void Whirlpool::copy_out(byte output[])
{
copy_out_vec_be(output, output_length(), digest);
}
/*
* Copy out the digest
*/
void SHA_256::copy_out(uint8_t output[])
{
copy_out_vec_be(output, output_length(), m_digest);
}
/*
* Copy out the digest
*/
void Tiger::copy_out(byte output[])
{
for(size_t i = 0; i != output_length(); ++i)
output[i] = get_byte(7 - (i % 8), digest[i/8]);
}
/*
* Return the name of this type
*/
std::string Tiger::name() const
{
return "Tiger(" + to_string(output_length()) + "," + to_string(passes) + ")";
}
/*
* Copy out the digest
*/
void MD5::copy_out(uint8_t output[])
{
copy_out_vec_le(output, output_length(), m_digest);
}
/*
* Copy out the digest
*/
void RIPEMD_160::copy_out(uint8_t output[])
{
copy_out_vec_le(output, output_length(), m_digest);
}
EMSA* get_emsa(const std::string& algo_spec)
{
SCAN_Name req(algo_spec);
#if defined(BOTAN_HAS_EMSA1)
if(req.algo_name() == "EMSA1" && req.arg_count() == 1)
{
if(auto hash = HashFunction::create(req.arg(0)))
return new EMSA1(hash.release());
}
#endif
#if defined(BOTAN_HAS_EMSA_PKCS1)
if(req.algo_name() == "EMSA_PKCS1" ||
req.algo_name() == "EMSA-PKCS1-v1_5" ||
req.algo_name() == "EMSA3")
{
if(req.arg_count() == 2 && req.arg(0) == "Raw")
{
return new EMSA_PKCS1v15_Raw(req.arg(1));
}
else if(req.arg_count() == 1)
{
if(req.arg(0) == "Raw")
{
return new EMSA_PKCS1v15_Raw;
}
else
{
if(auto hash = HashFunction::create(req.arg(0)))
{
return new EMSA_PKCS1v15(hash.release());
}
}
}
}
#endif
#if defined(BOTAN_HAS_EMSA_PSSR)
if(req.algo_name() == "PSSR" ||
req.algo_name() == "EMSA-PSS" ||
req.algo_name() == "PSS-MGF1" ||
req.algo_name() == "EMSA4")
{
if(req.arg_count_between(1, 3))
{
if(req.arg(1, "MGF1") != "MGF1")
return nullptr; // not supported
if(auto h = HashFunction::create(req.arg(0)))
{
const size_t salt_size = req.arg_as_integer(2, h->output_length());
return new PSSR(h.release(), salt_size);
}
}
}
#endif
#if defined(BOTAN_HAS_ISO_9796)
if(req.algo_name() == "ISO_9796_DS2")
{
if(req.arg_count_between(1, 3))
{
if(auto h = HashFunction::create(req.arg(0)))
{
const size_t salt_size = req.arg_as_integer(2, h->output_length());
const bool implicit = req.arg(1, "exp") == "imp";
return new ISO_9796_DS2(h.release(), implicit, salt_size);
}
}
}
//ISO-9796-2 DS 3 is deterministic and DS2 without a salt
if(req.algo_name() == "ISO_9796_DS3")
{
if(req.arg_count_between(1, 2))
{
if(auto h = HashFunction::create(req.arg(0)))
{
const bool implicit = req.arg(1, "exp") == "imp";
return new ISO_9796_DS3(h.release(), implicit);
}
}
}
#endif
#if defined(BOTAN_HAS_EMSA_X931)
if(req.algo_name() == "EMSA_X931" ||
req.algo_name() == "EMSA2" ||
req.algo_name() == "X9.31")
{
if(req.arg_count() == 1)
{
if(auto hash = HashFunction::create(req.arg(0)))
{
return new EMSA_X931(hash.release());
}
}
}
#endif
#if defined(BOTAN_HAS_EMSA_RAW)
if(req.algo_name() == "Raw")
{
if(req.arg_count() == 0)
{
return new EMSA_Raw;
}
else
{
auto hash = HashFunction::create(req.arg(0));
if(hash)
return new EMSA_Raw(hash->output_length());
}
}
#endif
throw Algorithm_Not_Found(algo_spec);
}
/*
* Copy out the digest
*/
void Whirlpool::copy_out(uint8_t output[])
{
copy_out_vec_be(output, output_length(), m_digest);
}
