static bool hmac_sha512(const char *key, size_t keylen, const char *msg, size_t msglen, char *out) { char tmp[2 * mdlen]; sha512_context md; if(keylen <= mdlen) { memcpy(tmp, key, keylen); memset(tmp + keylen, 0, mdlen - keylen); } else { if(sha512(key, keylen, tmp) != 0) return false; } if(sha512_init(&md) != 0) return false; // ipad memxor(tmp, 0x36, mdlen); if(sha512_update(&md, tmp, mdlen) != 0) return false; // message if(sha512_update(&md, msg, msglen) != 0) return false; if(sha512_final(&md, tmp + mdlen) != 0) return false; // opad memxor(tmp, 0x36 ^ 0x5c, mdlen); if(sha512(tmp, sizeof tmp, out) != 0) return false; return true; }
/* * Entropy accumulator update */ static int entropy_update( entropy_context *ctx, unsigned char source_id, const unsigned char *data, size_t len ) { unsigned char header[2]; unsigned char tmp[ENTROPY_BLOCK_SIZE]; size_t use_len = len; const unsigned char *p = data; if( use_len > ENTROPY_BLOCK_SIZE ) { #if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR) sha512( data, len, tmp, 0 ); #else sha256( data, len, tmp, 0 ); #endif p = tmp; use_len = ENTROPY_BLOCK_SIZE; } header[0] = source_id; header[1] = use_len & 0xFF; #if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR) sha512_update( &ctx->accumulator, header, 2 ); sha512_update( &ctx->accumulator, p, use_len ); #else sha256_update( &ctx->accumulator, header, 2 ); sha256_update( &ctx->accumulator, p, use_len ); #endif return( 0 ); }
void ed25519_sign(unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *public_key, const unsigned char *private_key) { sha512_context hash; unsigned char hram[64]; unsigned char r[64]; ge_p3 R; sha512_init(&hash); sha512_update(&hash, private_key + 32, 32); sha512_update(&hash, message, message_len); sha512_final(&hash, r); sc_reduce(r); ge_scalarmult_base(&R, r); ge_p3_tobytes(signature, &R); sha512_init(&hash); sha512_update(&hash, signature, 32); sha512_update(&hash, public_key, 32); sha512_update(&hash, message, message_len); sha512_final(&hash, hram); sc_reduce(hram); sc_muladd(signature + 32, hram, private_key, r); }
int goldilocks_derive_private_key ( struct goldilocks_private_key_t *privkey, const unsigned char proto[GOLDI_SYMKEY_BYTES] ) { if (!goldilocks_check_init()) { return GOLDI_EUNINIT; } memcpy(&privkey->opaque[2*GOLDI_FIELD_BYTES], proto, GOLDI_SYMKEY_BYTES); unsigned char skb[SHA512_OUTPUT_BYTES]; word_t sk[GOLDI_FIELD_WORDS]; assert(sizeof(skb) >= sizeof(sk)); struct sha512_ctx_t ctx; struct tw_extensible_t exta; struct field_t pk; sha512_init(&ctx); sha512_update(&ctx, (const unsigned char *)"derivepk", GOLDI_DIVERSIFY_BYTES); sha512_update(&ctx, proto, GOLDI_SYMKEY_BYTES); sha512_final(&ctx, (unsigned char *)skb); barrett_deserialize_and_reduce(sk, skb, SHA512_OUTPUT_BYTES, &curve_prime_order); barrett_serialize(privkey->opaque, sk, GOLDI_FIELD_BYTES); scalarmul_fixed_base(&exta, sk, GOLDI_SCALAR_BITS, &goldilocks_global.fixed_base); untwist_and_double_and_serialize(&pk, &exta); field_serialize(&privkey->opaque[GOLDI_FIELD_BYTES], &pk); return GOLDI_EOK; }
static int sha512_monte_carlo_core ( const char *seed, const char *checks[100] ) { struct sha512_ctx_t sha; sha512_init(&sha); unsigned char md0[64],md1[64],md2[64]; int ret = hexdecode(md0,seed,64); if (ret) { youfail(); printf(" SHA-512 NIST Monte Carlo validation seed hex decode failure.\n"); return -1; } int i,j; memcpy(md1,md0,sizeof(md1)); memcpy(md2,md0,sizeof(md1)); for (j=0; j<100; j++) { for (i=3; i<1003; i++) { sha512_update(&sha,md0,sizeof(md0)); sha512_update(&sha,md1,sizeof(md1)); sha512_update(&sha,md2,sizeof(md2)); memcpy(md0,md1,sizeof(md1)); memcpy(md1,md2,sizeof(md1)); sha512_final(&sha,md2); } ret = hexdecode(md0,checks[j],64); if (ret) { youfail(); printf(" SHA-512 NIST Monte Carlo validation hex decode failure at iteration %d\n", j); return -1; } else if (memcmp(md0,md2,sizeof(md2))) { youfail(); printf(" SHA-512 NIST Monte Carlo validation failure at iteration %d\n", j); hexprint(" Expected", md0, 64); hexprint(" But got ", md2, 64); return j+1; } memcpy(md0,md2,sizeof(md1)); memcpy(md1,md2,sizeof(md1)); } return 0; }
CAMLprim value stub_sha512_update(value ctx, value data, value ofs, value len) { CAMLparam4(ctx, data, ofs, len); sha512_update(GET_CTX_STRUCT(ctx), String_val(data) + Int_val(ofs), Int_val(len)); CAMLreturn(Val_unit); }
static int __archive_nettle_sha512update(archive_sha512_ctx *ctx, const void *indata, size_t insize) { sha512_update(ctx, insize, indata); return (ARCHIVE_OK); }
unsigned char* sha512_MemBlock(const unsigned char* msg, size_t size, HASH_ctx* ctx) { sha512_init(ctx); sha512_update(ctx, msg, size); sha512_final(ctx, msg, size); return ctx->SHA512_result; }
void hmac_sha512_init(hmac_sha512_ctx *ctx, unsigned char *key, unsigned int key_size) { unsigned int fill; unsigned int num; unsigned char *key_used; unsigned char key_temp[SHA512_DIGEST_SIZE]; int i; if (key_size == SHA512_BLOCK_SIZE) { key_used = key; num = SHA512_BLOCK_SIZE; } else { if (key_size > SHA512_BLOCK_SIZE){ key_used = key_temp; num = SHA512_DIGEST_SIZE; sha512(key, key_size, key_used); } else { /* key_size > SHA512_BLOCK_SIZE */ key_used = key; num = key_size; } fill = SHA512_BLOCK_SIZE - num; memset(ctx->block_ipad + num, 0x36, fill); memset(ctx->block_opad + num, 0x5c, fill); } for (i = 0; i < num; i++) { ctx->block_ipad[i] = key_used[i] ^ 0x36; ctx->block_opad[i] = key_used[i] ^ 0x5c; } sha512_init(&ctx->ctx_inside); sha512_update(&ctx->ctx_inside, ctx->block_ipad, SHA512_BLOCK_SIZE); sha512_init(&ctx->ctx_outside); sha512_update(&ctx->ctx_outside, ctx->block_opad, SHA512_BLOCK_SIZE); /* for hmac_reinit */ memcpy(&ctx->ctx_inside_reinit, &ctx->ctx_inside, sizeof(sha512_ctx)); memcpy(&ctx->ctx_outside_reinit, &ctx->ctx_outside, sizeof(sha512_ctx)); }
static int derive_key_internal(pairing_session_t *session, const unsigned char *salt, unsigned int saltlen, unsigned char *key, unsigned int keylen) { sha512_context ctx; unsigned char hash[64]; if (keylen > sizeof(hash)) { return -1; } sha512_init(&ctx); sha512_update(&ctx, salt, saltlen); sha512_update(&ctx, session->ecdh_secret, 32); sha512_final(&ctx, hash); memcpy(key, hash, keylen); return 0; }
void sha512(unsigned char *digest, int len, unsigned char *hash) { SHA512CTX c = sha512_init(); if (c != NULL) { sha512_update(c, digest, len); sha512_final(hash, c); } }
static void goldilocks_derive_challenge( word_t challenge[GOLDI_FIELD_WORDS], const unsigned char pubkey[GOLDI_FIELD_BYTES], const unsigned char gnonce[GOLDI_FIELD_BYTES], const unsigned char *message, uint64_t message_len ) { /* challenge = H(pk, [nonceG], message). */ unsigned char sha_out[SHA512_OUTPUT_BYTES]; struct sha512_ctx_t ctx; sha512_init(&ctx); sha512_update(&ctx, pubkey, GOLDI_FIELD_BYTES); sha512_update(&ctx, gnonce, GOLDI_FIELD_BYTES); sha512_update(&ctx, message, message_len); sha512_final(&ctx, sha_out); barrett_deserialize_and_reduce(challenge, sha_out, sizeof(sha_out), &curve_prime_order); }
void sha512(const unsigned char *message, unsigned int len, unsigned char *digest) { sha512_ctx ctx; sha512_init(&ctx); sha512_update(&ctx, message, len); sha512_final(&ctx, digest); }
int SHA512Hash::ProcessBlock(const void * _data, size_t _length) { CoreAssert(this != NULL); if (!_data) return -1; sha512_update(&m_state, (unsigned char *)_data, (unsigned int)_length); return 0; }
void hmac_sha512_final(hmac_sha512_ctx *ctx, unsigned char *mac, unsigned int mac_size) { unsigned char digest_inside[SHA512_DIGEST_SIZE]; unsigned char mac_temp[SHA512_DIGEST_SIZE]; sha512_final(&ctx->ctx_inside, digest_inside); sha512_update(&ctx->ctx_outside, digest_inside, SHA512_DIGEST_SIZE); sha512_final(&ctx->ctx_outside, mac_temp); memcpy(mac, mac_temp, mac_size); }
int sha512(const void *message, size_t message_len, void *out) { sha512_context ctx; int ret; if ((ret = sha512_init(&ctx))) return ret; if ((ret = sha512_update(&ctx, message, message_len))) return ret; if ((ret = sha512_final(&ctx, out))) return ret; return 0; }
int SHA512Hash::Process(const void * _data, size_t _length) { CoreAssert(this != NULL); Reset(); if (!_length || !_data) return -1; sha512_update(&m_state, (const unsigned char *)_data, (unsigned int)_length); m_hash = new unsigned char[SHA512_DIGEST_SIZE]; sha512_final(&m_state, m_hash); return 0; }
int sha512(const unsigned char *message, size_t message_len, unsigned char *out) { sha512_context ctx; int ret; ret = sha512_init(&ctx); if (ret) return ret; ret = sha512_update(&ctx, message, message_len); if (ret) return ret; ret = sha512_final(&ctx, out); if (ret) return ret; return 0; }
ssh_string SshAgentSignEcdsaSha512(uint8_t* data, int dataSize, ssh_key key, uint32_t flags) { // Compute the hash. unsigned char hash[SHA384_DIGEST_LEN] = {0}; SHACTX ctx; ctx = sha512_init(); if (ctx == NULL) { return NULL; } sha512_update(ctx, data, dataSize); sha512_final(hash, ctx); // This release ctx. // Sign the hash. ECDSA_SIG* sig = NULL; sig = ECDSA_do_sign(hash, sizeof(hash), key->ecdsa); if (sig == NULL) { return NULL; } // Format the signature in a blob of the form: // blobLength[ typeNameLength[ typeName ] signatureLength[ rLength[ r ] sLength[ s ] ] ] int rMpiLength = BN_bn2mpi(sig->r, NULL); int sMpiLength = BN_bn2mpi(sig->s, NULL); int signatureLength = rMpiLength + sMpiLength; int typeNameLength = 19; int blobLength = 8 + typeNameLength + signatureLength; uint8_t* signatureBlob = malloc(4 + blobLength); if (signatureBlob == NULL) { return NULL; } pack32(signatureBlob, blobLength); int index = 4; pack32(signatureBlob + index, typeNameLength); index += 4; memcpy(signatureBlob + index, "ecdsa-sha2-nistp521", typeNameLength); index += typeNameLength; pack32(signatureBlob + 15, signatureLength); index += 4; BN_bn2mpi(sig->r, signatureBlob + index); index += rMpiLength; BN_bn2mpi(sig->s, signatureBlob + index); return (ssh_string)signatureBlob; }
ssh_string SshAgentSignRsaSha512(uint8_t* data, int dataSize, ssh_key key, uint32_t flags) { // Compute the hash. unsigned char hash[SHA512_DIGEST_LEN] = {0}; SHACTX ctx; ctx = sha512_init(); if (ctx == NULL) { return NULL; } sha512_update(ctx, data, dataSize); sha512_final(hash, ctx); // This release ctx. // Prepare the buffer to hold the signature in a blob of the form: // signatureBlobLength[ signatureTypeLength[ signatureType ] signatureLength[ signature ] ] int signatureTypeLength = 12; int signatureLength = RSA_size(key->rsa); int signatureBlobLength = 8 + signatureTypeLength + signatureLength; uint8_t* signatureBlob = malloc(4 + signatureBlobLength); if (signatureBlob == NULL) { return NULL; } pack32(signatureBlob, signatureBlobLength); int index = 4; pack32(signatureBlob + index, signatureTypeLength); index += 4; memcpy(signatureBlob + index, "rsa-sha2-512", signatureTypeLength); index += signatureTypeLength; pack32(signatureBlob + 15, signatureLength); index += 4; // Sign the hash in place in the signature blob buffer. unsigned int len; int result = RSA_sign(NID_sha512, hash, sizeof(hash), signatureBlob + index, &len, key->rsa); if (result != 1) { free(signatureBlob); return NULL; } return (ssh_string)signatureBlob; }
void ssh_mac_update(ssh_mac_ctx ctx, const void *data, unsigned long len) { switch(ctx->mac_type){ case SSH_MAC_SHA1: sha1_update(ctx->ctx.sha1_ctx, data, len); break; case SSH_MAC_SHA256: sha256_update(ctx->ctx.sha256_ctx, data, len); break; case SSH_MAC_SHA384: sha384_update(ctx->ctx.sha384_ctx, data, len); break; case SSH_MAC_SHA512: sha512_update(ctx->ctx.sha512_ctx, data, len); break; default: break; } }
static inline int sha512_file(char *filename, uint8_t *digest) { #define BLKSIZE 4096 unsigned char buf[BLKSIZE]; int fd; ssize_t n; struct sha512_ctx ctx; fd = open(filename, O_RDONLY); if (fd == -1) return 1; sha512_init(&ctx); while ((n = read(fd, buf, BLKSIZE)) > 0) sha512_update(&ctx, buf, n); if (n == 0) sha512_finalize(&ctx, digest); close(fd); return n < 0; #undef BLKSIZE }
static int _digest_nettle(int algo, uint8_t* buf, size_t len, unsigned char* res) { switch(algo) { case SHA1_DIGEST_SIZE: { struct sha1_ctx ctx; sha1_init(&ctx); sha1_update(&ctx, len, buf); sha1_digest(&ctx, SHA1_DIGEST_SIZE, res); return 1; } case SHA256_DIGEST_SIZE: { struct sha256_ctx ctx; sha256_init(&ctx); sha256_update(&ctx, len, buf); sha256_digest(&ctx, SHA256_DIGEST_SIZE, res); return 1; } case SHA384_DIGEST_SIZE: { struct sha384_ctx ctx; sha384_init(&ctx); sha384_update(&ctx, len, buf); sha384_digest(&ctx, SHA384_DIGEST_SIZE, res); return 1; } case SHA512_DIGEST_SIZE: { struct sha512_ctx ctx; sha512_init(&ctx); sha512_update(&ctx, len, buf); sha512_digest(&ctx, SHA512_DIGEST_SIZE, res); return 1; } default: break; } return 0; }
std::string BackupServerPrepareHash::hash(IFile *f) { f->Seek(0); unsigned char buf[4096]; _u32 rc; sha512_init(&ctx); do { rc=f->Read((char*)buf, 4096); if(rc>0) sha512_update(&ctx, buf, rc); } while(rc==4096); std::string ret; ret.resize(64); sha512_final(&ctx, (unsigned char*)&ret[0]); return ret; }
static NTSTATUS hash_update( struct hash_impl *hash, enum alg_id alg_id, UCHAR *input, ULONG size ) { switch (alg_id) { case ALG_ID_MD2: md2_update( &hash->u.md2, input, size ); break; case ALG_ID_MD4: MD4Update( &hash->u.md4, input, size ); break; case ALG_ID_MD5: MD5Update( &hash->u.md5, input, size ); break; case ALG_ID_SHA1: A_SHAUpdate( &hash->u.sha1, input, size ); break; case ALG_ID_SHA256: sha256_update( &hash->u.sha256, input, size ); break; case ALG_ID_SHA384: sha384_update( &hash->u.sha512, input, size ); break; case ALG_ID_SHA512: sha512_update( &hash->u.sha512, input, size ); break; default: ERR( "unhandled id %u\n", alg_id ); return STATUS_NOT_IMPLEMENTED; } return STATUS_SUCCESS; }
void hash_from_keyfile(char* keyfile_name, unsigned char* hash) { FILE* key = fopen(keyfile_name, "rb"); unsigned char buffer[64]; register short bytes = 0; sha512_ctx ctx; sha512_init(&ctx); bytes = fread(buffer, 1, 64, key); while (bytes > 0) { sha512_update(&ctx, buffer, bytes); bytes = fread(buffer, 1, 64, key); } sha512_final(&ctx, hash); fclose(key); }
void libmaus::digest::SHA2_512::update(uint8_t const * t, size_t l) { sha512_update(reinterpret_cast<sha512_ctx *>(ctx),l,t); }
static void sha512_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { sha512_update( (sha512_context *) ctx, input, ilen ); }
void hmac_sha512_update(hmac_sha512_ctx *ctx, unsigned char *message, unsigned int message_len) { sha512_update(&ctx->ctx_inside, message, message_len); }
bool protoshares_revalidateCollision(minerProtosharesBlock_t* block, uint8* midHash, uint32 indexA, uint32 indexB) { uint8 tempHash[32 + 4]; uint64 resultHash[8]; memcpy(tempHash + 4, midHash, 32); // get birthday A *(uint32*)tempHash = indexA & ~7; // indexA & ~7 == indexA - (indexA % BIRTHDAYS_PER_HASH) sha512_ctx c512; sha512_init(&c512); sha512_update(&c512, tempHash, 32 + 4); sha512_final(&c512, (unsigned char*)resultHash); uint64 birthdayA = resultHash[indexA & 7] >> (64ULL - SEARCH_SPACE_BITS); // get birthday B *(uint32*)tempHash = indexB & ~7; sha512_init(&c512); sha512_update(&c512, tempHash, 32 + 4); sha512_final(&c512, (unsigned char*)resultHash); uint64 birthdayB = resultHash[indexB & 7] >> (64ULL - SEARCH_SPACE_BITS); #ifdef VERIFY_RESULTS printf("Nonce Pair:\n"); printf(" Nonce A = %#010x; Hash A = %#018llx\n", indexA, birthdayA); printf(" Nonce B = %#010x; Hash B = %#018llx\n", indexB, birthdayB); printf("\n"); #endif if ( birthdayA != birthdayB ) { return false; // invalid collision } // birthday collision found totalCollisionCount += 2; // we can use every collision twice -> A B and B A //printf("Collision found %8d = %8d | num: %d\n", indexA, indexB, totalCollisionCount); // get full block hash (for A B) block->birthdayA = indexA; block->birthdayB = indexB; uint8 proofOfWorkHash[32]; sha256_ctx c256; sha256_init(&c256); sha256_update(&c256, (unsigned char*)block, 80 + 8); sha256_final(&c256, proofOfWorkHash); sha256_init(&c256); sha256_update(&c256, (unsigned char*)proofOfWorkHash, 32); sha256_final(&c256, proofOfWorkHash); bool hashMeetsTarget = true; uint32* generatedHash32 = (uint32*)proofOfWorkHash; uint32* targetHash32 = (uint32*)block->targetShare; for (sint32 hc = 7; hc >= 0; hc--) { if ( generatedHash32[hc] < targetHash32[hc] ) { hashMeetsTarget = true; break; } else if ( generatedHash32[hc] > targetHash32[hc] ) { hashMeetsTarget = false; break; } } if ( hashMeetsTarget ) { totalShareCount++; curShareCount++; #ifndef NOSUBMIT xptMiner_submitShare(block); #endif } // get full block hash (for B A) block->birthdayA = indexB; block->birthdayB = indexA; sha256_init(&c256); sha256_update(&c256, (unsigned char*)block, 80 + 8); sha256_final(&c256, proofOfWorkHash); sha256_init(&c256); sha256_update(&c256, (unsigned char*)proofOfWorkHash, 32); sha256_final(&c256, proofOfWorkHash); hashMeetsTarget = true; generatedHash32 = (uint32*)proofOfWorkHash; targetHash32 = (uint32*)block->targetShare; for (sint32 hc = 7; hc >= 0; hc--) { if ( generatedHash32[hc] < targetHash32[hc] ) { hashMeetsTarget = true; break; } else if ( generatedHash32[hc] > targetHash32[hc] ) { hashMeetsTarget = false; break; } } if ( hashMeetsTarget ) { totalShareCount++; curShareCount++; #ifndef NOSUBMIT xptMiner_submitShare(block); #endif } return true; }