Exemplo n.º 1
0
void ed25519_sign(unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *public_key, const unsigned char *private_key) {
    sha512_context hash;
    unsigned char hram[64];
    unsigned char r[64];
    ge_p3 R;


    sha512_init(&hash);
    sha512_update(&hash, private_key + 32, 32);
    sha512_update(&hash, message, message_len);
    sha512_final(&hash, r);

    sc_reduce(r);
    ge_scalarmult_base(&R, r);
    ge_p3_tobytes(signature, &R);

    sha512_init(&hash);
    sha512_update(&hash, signature, 32);
    sha512_update(&hash, public_key, 32);
    sha512_update(&hash, message, message_len);
    sha512_final(&hash, hram);

    sc_reduce(hram);
    sc_muladd(signature + 32, hram, private_key, r);
}
Exemplo n.º 2
0
void _stdcall sha512_hmac(const void *k, size_t k_len, const void *d, size_t d_len, char *out)
{
    sha512_ctx    ctx;
    unsigned char buf[SHA512_BLOCK_SIZE];
    unsigned char hval[SHA512_DIGEST_SIZE];
    unsigned long i;

    // zero key buffer
    memset(buf, 0, sizeof(buf));

    // compress hmac key
    if (k_len > SHA512_BLOCK_SIZE) {
        sha512_init(&ctx);
        sha512_hash(&ctx, (const unsigned char*)k, k_len);
        sha512_done(&ctx, buf);
    } else {
        memcpy(buf, k, k_len);
    }

    // create the hash initial vector
    for (i = 0; i < (SHA512_BLOCK_SIZE / 4); i++) {
        ((unsigned long*)buf)[i] ^= 0x36363636;
    }

    // hash key and data
    sha512_init(&ctx);
    sha512_hash(&ctx, buf, SHA512_BLOCK_SIZE);
    sha512_hash(&ctx, (const unsigned char*)d, d_len);
    sha512_done(&ctx, hval);

    // create the second HMAC vector
    for (i = 0; i < (SHA512_BLOCK_SIZE / 4); i++) {
        ((unsigned long*)buf)[i] ^= 0x6A6A6A6A;
    }

    // calculate "outer" hash
    sha512_init(&ctx);
    sha512_hash(&ctx, buf, SHA512_BLOCK_SIZE);
    sha512_hash(&ctx, hval, SHA512_DIGEST_SIZE);
    sha512_done(&ctx, (unsigned char*)out);

    // test buffers size alignment at compile-time
    static_assert( !(sizeof(buf) % sizeof(unsigned long)), "sizeof must be 4 byte aligned");
    static_assert( !(sizeof(hval) % sizeof(unsigned long)), "sizeof must be 4 byte aligned");
    static_assert( !(sizeof(ctx) % sizeof(unsigned long)), "sizeof must be 4 byte aligned");

    // prevent leaks
    __stosd((unsigned long*)&buf, 0, (sizeof(buf) / sizeof(unsigned long)));
    __stosd((unsigned long*)&hval, 0, (sizeof(hval) / sizeof(unsigned long)));
    __stosd((unsigned long*)&ctx, 0, (sizeof(ctx) / sizeof(unsigned long)));
}
Exemplo n.º 3
0
static bool hmac_sha512(const char *key, size_t keylen, const char *msg, size_t msglen, char *out) {
	char tmp[2 * mdlen];
	sha512_context md;

	if(keylen <= mdlen) {
		memcpy(tmp, key, keylen);
		memset(tmp + keylen, 0, mdlen - keylen);
	} else {
		if(sha512(key, keylen, tmp) != 0)
			return false;
	}

	if(sha512_init(&md) != 0)
		return false;

	// ipad
	memxor(tmp, 0x36, mdlen);
	if(sha512_update(&md, tmp, mdlen) != 0)
		return false;

	// message
	if(sha512_update(&md, msg, msglen) != 0)
		return false;

	if(sha512_final(&md, tmp + mdlen) != 0)
		return false;

	// opad
	memxor(tmp, 0x36 ^ 0x5c, mdlen);
	if(sha512(tmp, sizeof tmp, out) != 0)
		return false;

	return true;
}
Exemplo n.º 4
0
int
goldilocks_derive_private_key (
    struct goldilocks_private_key_t *privkey,
    const unsigned char proto[GOLDI_SYMKEY_BYTES]
) {
    if (!goldilocks_check_init()) {
        return GOLDI_EUNINIT;
    }

    memcpy(&privkey->opaque[2*GOLDI_FIELD_BYTES], proto, GOLDI_SYMKEY_BYTES);

    unsigned char skb[SHA512_OUTPUT_BYTES];
    word_t sk[GOLDI_FIELD_WORDS];
    assert(sizeof(skb) >= sizeof(sk));

    struct sha512_ctx_t ctx;
    struct tw_extensible_t exta;
    struct field_t pk;

    sha512_init(&ctx);
    sha512_update(&ctx, (const unsigned char *)"derivepk", GOLDI_DIVERSIFY_BYTES);
    sha512_update(&ctx, proto, GOLDI_SYMKEY_BYTES);
    sha512_final(&ctx, (unsigned char *)skb);

    barrett_deserialize_and_reduce(sk, skb, SHA512_OUTPUT_BYTES, &curve_prime_order);
    barrett_serialize(privkey->opaque, sk, GOLDI_FIELD_BYTES);

    scalarmul_fixed_base(&exta, sk, GOLDI_SCALAR_BITS, &goldilocks_global.fixed_base);
    untwist_and_double_and_serialize(&pk, &exta);

    field_serialize(&privkey->opaque[GOLDI_FIELD_BYTES], &pk);

    return GOLDI_EOK;
}
Exemplo n.º 5
0
unsigned char* sha512_MemBlock(const unsigned char* msg, size_t size, HASH_ctx* ctx)
{
    sha512_init(ctx);
    sha512_update(ctx, msg, size);
    sha512_final(ctx, msg, size);
    return ctx->SHA512_result;
}
Exemplo n.º 6
0
ssh_mac_ctx ssh_mac_ctx_init(enum ssh_mac_e type){
  ssh_mac_ctx ctx = malloc(sizeof(struct ssh_mac_ctx_struct));
  if (ctx == NULL) {
    return NULL;
  }

  ctx->mac_type=type;
  switch(type){
    case SSH_MAC_SHA1:
      ctx->ctx.sha1_ctx = sha1_init();
      return ctx;
    case SSH_MAC_SHA256:
      ctx->ctx.sha256_ctx = sha256_init();
      return ctx;
    case SSH_MAC_SHA384:
      ctx->ctx.sha384_ctx = sha384_init();
      return ctx;
    case SSH_MAC_SHA512:
      ctx->ctx.sha512_ctx = sha512_init();
      return ctx;
    default:
      SAFE_FREE(ctx);
      return NULL;
  }
}
Exemplo n.º 7
0
void sha512_hmac(const char *k, size_t k_len, const char *d, size_t d_len, char *out)
{
	sha512_ctx ctx;
	u8         buf[SHA512_BLOCK_SIZE];
	u8         hval[SHA512_DIGEST_SIZE];
	size_t     i;

	/* zero key buffer */
	zeroauto(buf, sizeof(buf));

	/* compress hmac key */
	if (k_len > SHA512_BLOCK_SIZE) {
		sha512_init(&ctx);
		sha512_hash(&ctx, k, k_len);
		sha512_done(&ctx, buf);
	} else {
		mincpy(buf, k, k_len);
	}

	/* create the hash initial vector */ 
	for (i = 0; i < SHA512_BLOCK_SIZE; i++) {
		buf[i] ^= 0x36;
	}

	/* hash key and data */
	sha512_init(&ctx);
	sha512_hash(&ctx, buf, SHA512_BLOCK_SIZE);
	sha512_hash(&ctx, d, d_len);
	sha512_done(&ctx, hval);

	/* create the second HMAC vector */
	for (i = 0; i < SHA512_BLOCK_SIZE; i++) {
        buf[i] ^= 0x6A;
    } 

	/* calculate "outer" hash */
	sha512_init(&ctx);
	sha512_hash(&ctx, buf, SHA512_BLOCK_SIZE);
	sha512_hash(&ctx, hval, SHA512_DIGEST_SIZE);
	sha512_done(&ctx, out);	

	/* prevent leaks */
	zeroauto(buf,  sizeof(buf));
	zeroauto(hval, sizeof(hval));
	zeroauto(&ctx, sizeof(ctx));
}
Exemplo n.º 8
0
void sha512(unsigned char *digest, int len, unsigned char *hash)
{
    SHA512CTX c = sha512_init();
    if (c != NULL) {
        sha512_update(c, digest, len);
        sha512_final(hash, c);
    }
}
Exemplo n.º 9
0
void hmac_sha512_init(hmac_sha512_ctx *ctx, unsigned char *key,
                      unsigned int key_size)
{
    unsigned int fill;
    unsigned int num;

    unsigned char *key_used;
    unsigned char key_temp[SHA512_DIGEST_SIZE];
    int i;

    if (key_size == SHA512_BLOCK_SIZE) {
        key_used = key;
        num = SHA512_BLOCK_SIZE;
    } else {
        if (key_size > SHA512_BLOCK_SIZE){
            key_used = key_temp;
            num = SHA512_DIGEST_SIZE;
            sha512(key, key_size, key_used);
        } else { /* key_size > SHA512_BLOCK_SIZE */
            key_used = key;
            num = key_size;
        }
        fill = SHA512_BLOCK_SIZE - num;

        memset(ctx->block_ipad + num, 0x36, fill);
        memset(ctx->block_opad + num, 0x5c, fill);
    }

    for (i = 0; i < num; i++) {
        ctx->block_ipad[i] = key_used[i] ^ 0x36;
        ctx->block_opad[i] = key_used[i] ^ 0x5c;
    }

    sha512_init(&ctx->ctx_inside);
    sha512_update(&ctx->ctx_inside, ctx->block_ipad, SHA512_BLOCK_SIZE);

    sha512_init(&ctx->ctx_outside);
    sha512_update(&ctx->ctx_outside, ctx->block_opad,
                  SHA512_BLOCK_SIZE);

    /* for hmac_reinit */
    memcpy(&ctx->ctx_inside_reinit, &ctx->ctx_inside,
           sizeof(sha512_ctx));
    memcpy(&ctx->ctx_outside_reinit, &ctx->ctx_outside,
           sizeof(sha512_ctx));
}
Exemplo n.º 10
0
void sha512(const unsigned char *message, unsigned int len,
            unsigned char *digest)
{
    sha512_ctx ctx;

    sha512_init(&ctx);
    sha512_update(&ctx, message, len);
    sha512_final(&ctx, digest);
}
Exemplo n.º 11
0
		void SHA512Hash::Reset()
		{
			CoreAssert(this != NULL);

			delete [] m_hash; m_hash = NULL;
			delete [] m_hashString; m_hashString = NULL;

			sha512_init(&m_state);
		}
Exemplo n.º 12
0
int main(int argc, char **argv) {

    unsigned char *x;
    unsigned long long xlen;

    if (argv[0])
        if (argv[1]) {
            if (str_equal(argv[1], "-h"))
                die_usage(0);
        }

    /* get password  */
    x = (unsigned char *)env_get("PASSWORD");
    if (!x) { errno = 0; die_usage("$PASSWORD not set"); }
    xlen = str_len((char *)x);

    /* create salt */
    randombytes(s, sizeof s);

    /* derive key  */
    if (sha512hmacpbkdf2(h, sizeof h, x, xlen, s, sizeof s, ROUNDS) == -1) die_fatal("unable to derive keys", 0);
    byte_zero(x, xlen);

    /* create nonce */
    randombytes(n, sizeof n);
    uint64_pack(n, nanoseconds());
    sha512(nk, (unsigned char *)MAGIC, MAGICBYTES);
    crypto_block_aes256vulnerable(n, n, nk);

    /* initialize */
    crypto_init(&ctx, n, h, MAGIC);
    randombytes(h, sizeof h);
    sha512_init(&shactx);

    /* write header */
    if (writeall(1, MAGIC, MAGICBYTES) == -1) die_fatal("unable to write output", 0);
    if (writeall(1, s, sizeof s) == -1) die_fatal("unable to write output", 0);
    randombytes(s, sizeof s);
    if (writeall(1, n, sizeof n) == -1) die_fatal("unable to write output", 0);

    for (;;) {
        inlen = readblock(in, BLOCK);
        if (inlen != BLOCK) break;
        if (sha512_block(&shactx, in, inlen) != 0) die_fatal("unable to compute hash", 0);
        if (crypto_block(&ctx, in, inlen) != 0) die_fatal("unable to encrypt stream", 0);
        if (writeall(1, in, inlen) == -1) die_fatal("unable to write output", 0);
    }
    if (sha512_last(&shactx, h, in, inlen) != 0) die_fatal("unable to compute hash", 0);
    byte_copy(in + inlen, CHECKSUMBYTES, h);
    inlen += CHECKSUMBYTES;
    if (crypto_last(&ctx, in, inlen) != 0) die_fatal("unable to encrypt stream", 0);
    if (writeall(1, in, inlen) == -1) die_fatal("unable to write output", 0);

    if (fsyncfd(1) == -1) die_fatal("unable to write output", 0);
    cleanup();
    _exit(0);
}
Exemplo n.º 13
0
CAMLexport value stub_sha512_init(value unit)
{
	CAMLparam1(unit);
	CAMLlocal1(result);

	result = caml_alloc(sizeof(struct sha512_ctx), Abstract_tag);
	sha512_init(GET_CTX_STRUCT(result));

	CAMLreturn(result);
}
Exemplo n.º 14
0
void protoshares_process_8(minerProtosharesBlock_t* block)
{
	// generate mid hash using sha256 (header hash)
	uint8 midHash[32];
	sha256_ctx c256;
	sha256_init(&c256);
	sha256_update(&c256, (unsigned char*)block, 80);
	sha256_final(&c256, midHash);
	sha256_init(&c256);
	sha256_update(&c256, (unsigned char*)midHash, 32);
	sha256_final(&c256, midHash);
	// init collision map
	if( __collisionMap == NULL )
		__collisionMap = (uint32*)malloc(sizeof(uint32)*COLLISION_TABLE_SIZE);
	uint32* collisionIndices = __collisionMap;
	memset(collisionIndices, 0x00, sizeof(uint32)*COLLISION_TABLE_SIZE);
	// start search
	// uint8 midHash[64];
	uint8 tempHash[32+4];
	sha512_ctx c512;
	uint64 resultHashStorage[8*CACHED_HASHES];
	memcpy(tempHash+4, midHash, 32);
	for(uint32 n=0; n<MAX_MOMENTUM_NONCE; n += BIRTHDAYS_PER_HASH * CACHED_HASHES)
	{
		if( block->height != monitorCurrentBlockHeight )
			break;
		for(uint32 m=0; m<CACHED_HASHES; m++)
		{
			sha512_init(&c512);
			*(uint32*)tempHash = n+m*8;
			sha512_update_final(&c512, tempHash, 32+4, (unsigned char*)(resultHashStorage+8*m));
		}
		for(uint32 m=0; m<CACHED_HASHES; m++)
		{
			uint64* resultHash = resultHashStorage + 8*m;
			uint32 i = n + m*8;

			for(uint32 f=0; f<8; f++)
			{
				uint64 birthday = resultHash[f] >> (64ULL-SEARCH_SPACE_BITS);
				uint32 collisionKey = (uint32)((birthday>>18) & COLLISION_KEY_MASK);
				birthday %= COLLISION_TABLE_SIZE;
				if( collisionIndices[birthday] )
				{
					if( ((collisionIndices[birthday]&COLLISION_KEY_MASK) != collisionKey) || protoshares_revalidateCollision(block, midHash, collisionIndices[birthday]&~COLLISION_KEY_MASK, i+f) == false )
					{
						// invalid collision -> ignore
						
					}
				}
				collisionIndices[birthday] = i+f | collisionKey; // we have 6 bits available for validation
			}
		}
	}
}
std::string BackupServerPrepareHash::hash_with_patch(IFile *f, IFile *patch)
{
	sha512_init(&ctx);
	
	chunk_patcher.ApplyPatch(f, patch);

	std::string ret;
	ret.resize(64);
	sha512_final(&ctx, (unsigned char*)&ret[0]);
	return ret;
}
Exemplo n.º 16
0
void sha512_1(sha512_hash_t* dest, const void* msg, uint32_t length_b) {
    sha512_ctx_t ctx;
    sha512_init(&ctx);
    while(length_b >= 1024) {
        sha512_nextBlock(&ctx, msg);
        msg = (uint8_t*)msg + 1024/8;
        length_b -= 1024;
    }
    sha512_lastBlock(&ctx, msg, length_b);
    sha512_ctx2hash(dest, &ctx);
}
Exemplo n.º 17
0
int sha512(const unsigned char *message, size_t message_len, unsigned char *out)
{
    sha512_context ctx;
    int ret;
    ret = sha512_init(&ctx);
    if (ret) return ret;
    ret = sha512_update(&ctx, message, message_len);
    if (ret) return ret;
    ret = sha512_final(&ctx, out);
    if (ret) return ret;
    return 0;
}
Exemplo n.º 18
0
static void * sha512_ctx_alloc( void )
{
    sha512_context *ctx;
    ctx = (sha512_context *) polarssl_malloc( sizeof( sha512_context ) );

    if( ctx == NULL )
        return( NULL );

    sha512_init( ctx );

    return( ctx );
}
Exemplo n.º 19
0
int sha512(const void *message, size_t message_len, void *out)
{
	sha512_context ctx;
	int ret;
	if ((ret = sha512_init(&ctx)))
		return ret;
	if ((ret = sha512_update(&ctx, message, message_len)))
		return ret;
	if ((ret = sha512_final(&ctx, out)))
		return ret;
	return 0;
}
Exemplo n.º 20
0
ssh_string SshAgentSignEcdsaSha512(uint8_t* data, int dataSize, ssh_key key, uint32_t flags)
{
    // Compute the hash.
    unsigned char hash[SHA384_DIGEST_LEN] = {0};
    SHACTX ctx;
    
    ctx = sha512_init();
    if (ctx == NULL)
    {
        return NULL;
    }
    
    sha512_update(ctx, data, dataSize);
    sha512_final(hash, ctx);   // This release ctx.
    
    // Sign the hash.
    ECDSA_SIG* sig = NULL;
    sig = ECDSA_do_sign(hash, sizeof(hash), key->ecdsa);
    if (sig == NULL)
    {
        return NULL;
    }
    
    // Format the signature in a blob of the form:
    // blobLength[ typeNameLength[ typeName ] signatureLength[ rLength[ r ] sLength[ s ] ] ]
    int rMpiLength = BN_bn2mpi(sig->r, NULL);
    int sMpiLength = BN_bn2mpi(sig->s, NULL);
    int signatureLength = rMpiLength + sMpiLength;
    int typeNameLength = 19;
    int blobLength = 8 + typeNameLength + signatureLength;
    
    uint8_t* signatureBlob = malloc(4 + blobLength);
    if (signatureBlob == NULL)
    {
        return NULL;
    }
    
    pack32(signatureBlob, blobLength);
    int index = 4;
    pack32(signatureBlob + index, typeNameLength);
    index += 4;
    memcpy(signatureBlob + index, "ecdsa-sha2-nistp521", typeNameLength);
    index += typeNameLength;
    pack32(signatureBlob + 15, signatureLength);
    index += 4;
    BN_bn2mpi(sig->r, signatureBlob + index);
    index += rMpiLength;
    BN_bn2mpi(sig->s, signatureBlob + index);
    
    return (ssh_string)signatureBlob;
}
Exemplo n.º 21
0
static int sha512_monte_carlo_core (
    const char *seed,
    const char *checks[100]
) { 
    struct sha512_ctx_t sha;
    sha512_init(&sha);
    
    unsigned char md0[64],md1[64],md2[64];
    
    int ret = hexdecode(md0,seed,64);
    if (ret) {
        youfail();
        printf("    SHA-512 NIST Monte Carlo validation seed hex decode failure.\n");
        return -1;
    }
    
    int i,j;

    memcpy(md1,md0,sizeof(md1));
    memcpy(md2,md0,sizeof(md1));
    
    for (j=0; j<100; j++) {
        
        for (i=3; i<1003; i++) {
            sha512_update(&sha,md0,sizeof(md0));
            sha512_update(&sha,md1,sizeof(md1));
            sha512_update(&sha,md2,sizeof(md2));
            memcpy(md0,md1,sizeof(md1));
            memcpy(md1,md2,sizeof(md1));
            sha512_final(&sha,md2);
        }
        
        ret = hexdecode(md0,checks[j],64);
        if (ret) {
            youfail();
            printf("    SHA-512 NIST Monte Carlo validation hex decode failure at iteration %d\n", j);
            return -1;
        } else if (memcmp(md0,md2,sizeof(md2))) {
            youfail();
            printf("    SHA-512 NIST Monte Carlo validation failure at iteration %d\n", j);
            hexprint("    Expected", md0, 64);
            hexprint("    But got ", md2, 64);
            return j+1;
        }
        
        memcpy(md0,md2,sizeof(md1));
        memcpy(md1,md2,sizeof(md1));
    }
    
    return 0;
}
Exemplo n.º 22
0
ssh_string SshAgentSignRsaSha512(uint8_t* data, int dataSize, ssh_key key, uint32_t flags)
{
    // Compute the hash.
    unsigned char hash[SHA512_DIGEST_LEN] = {0};
    SHACTX ctx;
    
    ctx = sha512_init();
    if (ctx == NULL)
    {
        return NULL;
    }
    
    sha512_update(ctx, data, dataSize);
    sha512_final(hash, ctx);   // This release ctx.
    
    // Prepare the buffer to hold the signature in a blob of the form:
    // signatureBlobLength[ signatureTypeLength[ signatureType ] signatureLength[ signature ] ]
    int signatureTypeLength = 12;
    int signatureLength = RSA_size(key->rsa);
    int signatureBlobLength = 8 + signatureTypeLength + signatureLength;
    
    uint8_t* signatureBlob = malloc(4 + signatureBlobLength);
    if (signatureBlob == NULL)
    {
        return NULL;
    }
    
    pack32(signatureBlob, signatureBlobLength);
    int index = 4;
    pack32(signatureBlob + index, signatureTypeLength);
    index += 4;
    memcpy(signatureBlob + index, "rsa-sha2-512", signatureTypeLength);
    index += signatureTypeLength;
    pack32(signatureBlob + 15, signatureLength);
    index += 4;
    
    // Sign the hash in place in the signature blob buffer.
    unsigned int len;
    int result = RSA_sign(NID_sha512, hash, sizeof(hash), signatureBlob + index, &len, key->rsa);
    if (result != 1)
    {
        free(signatureBlob);
        return NULL;
    }
    
    return (ssh_string)signatureBlob;
}
Exemplo n.º 23
0
/**
  Self-test the hash
  @return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled
*/  
int  sha512_test(void)
{
 #ifndef LTC_TEST
    return CRYPT_NOP;
 #else    
  static const struct {
      char *msg;
      unsigned char hash[64];
  } tests[] = {
    { "abc",
     { 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba,
       0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31,
       0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2,
       0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a,
       0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8,
       0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd,
       0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e,
       0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f }
    },
    { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
     { 0x8e, 0x95, 0x9b, 0x75, 0xda, 0xe3, 0x13, 0xda,
       0x8c, 0xf4, 0xf7, 0x28, 0x14, 0xfc, 0x14, 0x3f,
       0x8f, 0x77, 0x79, 0xc6, 0xeb, 0x9f, 0x7f, 0xa1,
       0x72, 0x99, 0xae, 0xad, 0xb6, 0x88, 0x90, 0x18,
       0x50, 0x1d, 0x28, 0x9e, 0x49, 0x00, 0xf7, 0xe4,
       0x33, 0x1b, 0x99, 0xde, 0xc4, 0xb5, 0x43, 0x3a,
       0xc7, 0xd3, 0x29, 0xee, 0xb6, 0xdd, 0x26, 0x54,
       0x5e, 0x96, 0xe5, 0x5b, 0x87, 0x4b, 0xe9, 0x09 }
    },
  };

  int i;
  unsigned char tmp[64];
  hash_state md;

  for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
      sha512_init(&md);
      sha512_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
      sha512_done(&md, tmp);
      if (XMEMCMP(tmp, tests[i].hash, 64) != 0) {
         return CRYPT_FAIL_TESTVECTOR;
      }
  }
  return CRYPT_OK;
  #endif
}
Exemplo n.º 24
0
static int
derive_key_internal(pairing_session_t *session, const unsigned char *salt, unsigned int saltlen, unsigned char *key, unsigned int keylen)
{
	sha512_context ctx;
	unsigned char hash[64];

	if (keylen > sizeof(hash)) {
		return -1;
	}
	sha512_init(&ctx);
	sha512_update(&ctx, salt, saltlen);
	sha512_update(&ctx, session->ecdh_secret, 32);
	sha512_final(&ctx, hash);

	memcpy(key, hash, keylen);
	return 0;
}
Exemplo n.º 25
0
static void
goldilocks_derive_challenge(
    word_t challenge[GOLDI_FIELD_WORDS],
    const unsigned char pubkey[GOLDI_FIELD_BYTES],
    const unsigned char gnonce[GOLDI_FIELD_BYTES],
    const unsigned char *message,
    uint64_t message_len
) {
    /* challenge = H(pk, [nonceG], message). */
    unsigned char sha_out[SHA512_OUTPUT_BYTES];
    struct sha512_ctx_t ctx;
    sha512_init(&ctx);
    sha512_update(&ctx, pubkey, GOLDI_FIELD_BYTES);
    sha512_update(&ctx, gnonce, GOLDI_FIELD_BYTES);
    sha512_update(&ctx, message, message_len);
    sha512_final(&ctx, sha_out);
    barrett_deserialize_and_reduce(challenge, sha_out, sizeof(sha_out), &curve_prime_order);
}
Exemplo n.º 26
0
void sha512_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, unsigned int ole)
{
	sha512_context ctx;
	unsigned int length;

	if (ole < 1)
		return;

	memset(ob, 0, ole);
	if (ole > 64)
		ole = 64;
	sha512_init(&ctx);
	sha512_write(&ctx, ib, ile);
	SECStatus status = PK11_DigestFinal(ctx.ctx_nss, ob, &length, ole);
	PR_ASSERT(length == ole);
	PR_ASSERT(status == SECSuccess);
	PK11_DestroyContext(ctx.ctx_nss, PR_TRUE);
	DBG(DBG_CRYPT, DBG_log("NSS: sha512 final end"));
}
Exemplo n.º 27
0
static inline int sha512_file(char *filename, uint8_t *digest)
{
	#define BLKSIZE 4096
	unsigned char buf[BLKSIZE];
	int fd; ssize_t n;
	struct sha512_ctx ctx;

	fd = open(filename, O_RDONLY);
	if (fd == -1)
		return 1;
	sha512_init(&ctx);
	while ((n = read(fd, buf, BLKSIZE)) > 0)
		sha512_update(&ctx, buf, n);
	if (n == 0)
		sha512_finalize(&ctx, digest);
	close(fd);
	return n < 0;
	#undef BLKSIZE
}
Exemplo n.º 28
0
static int
_digest_nettle(int algo, uint8_t* buf, size_t len,
	unsigned char* res)
{
	switch(algo) {
		case SHA1_DIGEST_SIZE:
		{
			struct sha1_ctx ctx;
			sha1_init(&ctx);
			sha1_update(&ctx, len, buf);
			sha1_digest(&ctx, SHA1_DIGEST_SIZE, res);
			return 1;
		}
		case SHA256_DIGEST_SIZE:
		{
			struct sha256_ctx ctx;
			sha256_init(&ctx);
			sha256_update(&ctx, len, buf);
			sha256_digest(&ctx, SHA256_DIGEST_SIZE, res);
			return 1;
		}
		case SHA384_DIGEST_SIZE:
		{
			struct sha384_ctx ctx;
			sha384_init(&ctx);
			sha384_update(&ctx, len, buf);
			sha384_digest(&ctx, SHA384_DIGEST_SIZE, res);
			return 1;
		}
		case SHA512_DIGEST_SIZE:
		{
			struct sha512_ctx ctx;
			sha512_init(&ctx);
			sha512_update(&ctx, len, buf);
			sha512_digest(&ctx, SHA512_DIGEST_SIZE, res);
			return 1;
		}
		default:
			break;
	}
	return 0;
}
std::string BackupServerPrepareHash::hash(IFile *f)
{
	f->Seek(0);
	unsigned char buf[4096];
	_u32 rc;

	sha512_init(&ctx);
	do
	{
		rc=f->Read((char*)buf, 4096);
		if(rc>0)
			sha512_update(&ctx, buf, rc);
	}
	while(rc==4096);
	
	std::string ret;
	ret.resize(64);
	sha512_final(&ctx, (unsigned char*)&ret[0]);
	return ret;
}
Exemplo n.º 30
0
static void rnd_pool_mix()
{
	sha512_ctx sha_ctx;
	int        i, n;
	u8         hval[SHA512_DIGEST_SIZE];

	for (i = 0; i < RNG_POOL_SIZE; i += SHA512_DIGEST_SIZE)
	{
		sha512_init(&sha_ctx);
		sha512_hash(&sha_ctx, rnd_pool, sizeof(rnd_pool));
		sha512_done(&sha_ctx, hval);

		for (n = 0; n < SHA512_DIGEST_SIZE; n++) {
			rnd_pool[i + n] += hval[n];
		}
	}

	/* Prevent leaks */
	zeroauto(hval, sizeof(hval));
	zeroauto(&sha_ctx, sizeof(sha_ctx));
}