crypto/sha256: new module.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>

crypto/sha256: new module.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
0d73f8eb · Rusty Russell · 70115469 · 0d73f8eb · 0d73f8eb · 0d73f8eb
Commit 0d73f8eb authored May 25, 2015 by Rusty Russell
8 changed files
--- a/ccan/crypto/sha256/LICENSE
+++ b/ccan/crypto/sha256/LICENSE
+../../../licenses/BSD-MIT
\ No newline at end of file
--- a/ccan/crypto/sha256/_info
+++ b/ccan/crypto/sha256/_info
+#include "config.h"
+#include <stdio.h>
+#include <string.h>
+
+/**
+ * crypto/sha256 - implementation of SHA-2 with 256 bit digest.
+ *
+ * This code is either a wrapper for openssl (if CCAN_CRYPTO_SHA256_USE_OPENSSL
+ * is defined) or an open-coded implementation based on Bitcoin's.
+ *
+ * License: BSD-MIT
+ * Maintainer: Rusty Russell <rusty@rustcorp.com.au>
+ *
+ * Example:
+ *	#include <ccan/crypto/sha256/sha256.h>
+ *	#include <err.h>
+ *	#include <stdio.h>
+ *	#include <string.h>
+ *
+ *	// Simple demonstration: idential strings will have the same hash, but
+ *	// two different strings will not.
+ *	int main(int argc, char *argv[])
+ *	{
+ *		struct sha256 hash1, hash2;
+ *
+ *		if (argc != 3)
+ *			errx(1, "Usage: %s <string1> <string2>", argv[0]);
+ *
+ *		sha256(&hash1, argv[1], strlen(argv[1]));
+ *		sha256(&hash2, argv[2], strlen(argv[2]));
+ *		printf("Hash is %s\n", memcmp(&hash1, &hash2, sizeof(hash1))
+ *			? "different" : "same");
+ *		return 0;
+ *	}
+ */
+int main(int argc, char *argv[])
+{
+	/* Expect exactly one argument */
+	if (argc != 2)
+		return 1;
+
+	if (strcmp(argv[1], "depends") == 0) {
+		printf("ccan/endian\n");
+		return 0;
+	}
+
+	if (strcmp(argv[1], "libs") == 0) {
+#ifdef CCAN_CRYPTO_SHA256_USE_OPENSSL
+		printf("crypto\n");
+#endif
+		return 0;
+	}
+
+	return 1;
+}
--- a/ccan/crypto/sha256/sha256.c
+++ b/ccan/crypto/sha256/sha256.c
--- a/ccan/crypto/sha256/sha256.h
+++ b/ccan/crypto/sha256/sha256.h
+#ifndef CCAN_CRYPTO_SHA256_H
+#define CCAN_CRYPTO_SHA256_H
+/* BSD-MIT - see LICENSE file for details */
+#include "config.h"
+#include <stdint.h>
+#include <stdlib.h>
+
+/* Uncomment this to use openssl's SHA256 routines (and link with -lcrypto) */
+//#define CCAN_CRYPTO_SHA256_USE_OPENSSL 1
+
+#ifdef CCAN_CRYPTO_SHA256_USE_OPENSSL
+#include <openssl/sha.h>
+#endif
+
+/**
+ * struct sha256 - structure representing a completed SHA256.
+ * @u.u8: an unsigned char array.
+ * @u.u32: a 32-bit integer array.
+ *
+ * Other fields may be added to the union in future.
+ */
+struct sha256 {
+	union {
+		/* Array of chars */
+		unsigned char u8[32];
+		/* Array of uint32_t */
+		uint32_t u32[8];
+	} u;
+};
+
+/**
+ * sha256 - return sha256 of an array of bytes.
+ * @sha256: the sha256 to fill in
+ * @p: array or pointer to first element
+ * @num: the number of elements to hash
+ *
+ * The bytes pointed to by @p is SHA256 hashes into @sha256.  This is
+ * equivalent to sha256_init(), sha256_update() then sha256_done().
+ */
+#define sha256(sha256, p, num) sha256_arr((sha256), (p), (num), sizeof(*(p)))
+
+/**
+ * struct sha256_ctx - structure to store running context for sha256
+ */
+struct sha256_ctx {
+#ifdef CCAN_CRYPTO_SHA256_USE_OPENSSL
+	SHA256_CTX c;
+#else
+	uint32_t s[8];
+	uint64_t bytes;
+	union {
+		uint32_t u32[8];
+		unsigned char u8[64];
+	} buf;
+#endif
+};
+
+/**
+ * sha256_init - initialize an SHA256 context.
+ * @ctx: the sha256_ctx to initialize
+ *
+ * This must be called before sha256_update or sha256_done, or
+ * alternately you can assign SHA256_INIT.
+ *
+ * If it was already initialized, this forgets anything which was
+ * hashed before.
+ *
+ * Example:
+ * static void hash_all(const char **arr, struct sha256 *hash)
+ * {
+ *	size_t i;
+ *	struct sha256_ctx ctx;
+ *
+ *	sha256_init(&ctx);
+ *	for (i = 0; arr[i]; i++)
+ *		sha256_update(&ctx, arr[i], strlen(arr[i]));
+ *	sha256_done(&ctx, hash);
+ * }
+ */
+void sha256_init(struct sha256_ctx *ctx);
+
+/**
+ * SHA256_INIT - initializer for an SHA256 context.
+ *
+ * This can be used to staticly initialize an SHA256 context (instead
+ * of sha256_init()).
+ *
+ * Example:
+ * static void hash_all(const char **arr, struct sha256 *hash)
+ * {
+ *	size_t i;
+ *	struct sha256_ctx ctx = SHA256_INIT;
+ *
+ *	for (i = 0; arr[i]; i++)
+ *		sha256_update(&ctx, arr[i], strlen(arr[i]));
+ *	sha256_done(&ctx, hash);
+ * }
+ */
+#ifdef CCAN_CRYPTO_SHA256_USE_OPENSSL
+#define SHA256_INIT							\
+	{ { { 0x6a09e667ul, 0xbb67ae85ul, 0x3c6ef372ul, 0xa54ff53aul,	\
+	      0x510e527ful, 0x9b05688cul, 0x1f83d9abul, 0x5be0cd19ul }, \
+		0x0, 0x0,						\
+		{ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },	\
+			0x0, 0x20 } }
+#else
+#define SHA256_INIT							\
+	{ { 0x6a09e667ul, 0xbb67ae85ul, 0x3c6ef372ul, 0xa54ff53aul,	\
+	    0x510e527ful, 0x9b05688cul, 0x1f83d9abul, 0x5be0cd19ul }, 0 }
+#endif
+
+/**
+ * sha256_update - include an array of data in the hash.
+ * @ctx: the sha256_ctx to use
+ * @p: array or pointer to first element
+ * @num: the number of elements to hash
+ *
+ * You can call this multiple times to hash more data, before calling
+ * sha256_done().
+ */
+#define sha256_update(ctx, p, num) \
+	sha256_update_arr((ctx), (p), (num), sizeof(*(p)))
+
+/**
+ * sha256_done - finish SHA256 and return the hash
+ * @ctx: the sha256_ctx to complete
+ * @res: the hash to return.
+ *
+ * Note that @ctx is *destroyed* by this, and must be reinitialized.
+ * To avoid that, pass a copy instead.
+ */
+void sha256_done(struct sha256_ctx *sha256, struct sha256 *res);
+
+/* Add various types to an SHA256 hash */
+void sha256_u8(struct sha256_ctx *ctx, uint8_t v);
+void sha256_u16(struct sha256_ctx *ctx, uint16_t v);
+void sha256_u32(struct sha256_ctx *ctx, uint32_t v);
+void sha256_u64(struct sha256_ctx *ctx, uint64_t v);
+
+/* Add as little-endian */
+void sha256_le16(struct sha256_ctx *ctx, uint16_t v);
+void sha256_le32(struct sha256_ctx *ctx, uint32_t v);
+void sha256_le64(struct sha256_ctx *ctx, uint64_t v);
+
+/* Add as big-endian */
+void sha256_be16(struct sha256_ctx *ctx, uint16_t v);
+void sha256_be32(struct sha256_ctx *ctx, uint32_t v);
+void sha256_be64(struct sha256_ctx *ctx, uint64_t v);
+
+void sha256_update_arr(struct sha256_ctx *ctx, const void *p,
+		       size_t num, size_t size);
+void sha256_arr(struct sha256 *sha, const void *p, size_t num, size_t size);
+#endif /* CCAN_CRYPTO_SHA256_H */
--- a/ccan/crypto/sha256/test/run-33-bit-test.c
+++ b/ccan/crypto/sha256/test/run-33-bit-test.c
+#include <ccan/crypto/sha256/sha256.h>
+/* Include the C files directly. */
+#include <ccan/crypto/sha256/sha256.c>
+#include <ccan/tap/tap.h>
+#include <stdio.h>
+
+/* This is the test introduced for SHA-3, which checks for 33-bit overflow:
+   "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmno"
+   16777216 times.
+*/
+static uint32_t expected[] = {
+	CPU_TO_BE32(0x50e72a0e), CPU_TO_BE32(0x26442fe2),
+	CPU_TO_BE32(0x552dc393), CPU_TO_BE32(0x8ac58658),
+	CPU_TO_BE32(0x228c0cbf), CPU_TO_BE32(0xb1d2ca87),
+	CPU_TO_BE32(0x2ae43526), CPU_TO_BE32(0x6fcd055e)
+};
+
+/* Produced by actually running the code on x86. */
+static const struct sha256_ctx after_16M_by_64 = {
+#ifdef CCAN_CRYPTO_SHA256_USE_OPENSSL
+	{ { LE32_TO_CPU(0x515e3215), LE32_TO_CPU(0x592f4ae0),
+	    LE32_TO_CPU(0xd407a8fc), LE32_TO_CPU(0x1fad409b),
+	    LE32_TO_CPU(0x51fa46cc), LE32_TO_CPU(0xea528ae5),
+	    LE32_TO_CPU(0x5fa58ebb), LE32_TO_CPU(0x8be97931) },
+	  0x0, 0x2,
+	  { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },
+	  0x0, 0x20 }
+#else
+	{ LE32_TO_CPU(0x515e3215), LE32_TO_CPU(0x592f4ae0),
+	  LE32_TO_CPU(0xd407a8fc), LE32_TO_CPU(0x1fad409b),
+	  LE32_TO_CPU(0x51fa46cc), LE32_TO_CPU(0xea528ae5),
+	  LE32_TO_CPU(0x5fa58ebb), LE32_TO_CPU(0x8be97931) },
+	1073741824,
+	{ .u32 = { 0x64636261, 0x68676665, 0x65646362, 0x69686766,
+		   0x66656463, 0x6a696867, 0x67666564, 0x6b6a6968 } }
+#endif
+};
+
+int main(void)
+{
+	struct sha256 h;
+	struct sha256_ctx ctx;
+
+	/* This is how many tests you plan to run */
+	plan_tests(1);
+
+	ctx = after_16M_by_64;
+	sha256_done(&ctx, &h);
+
+	ok1(memcmp(&h.u, expected, sizeof(expected)) == 0);
+
+	/* This exits depending on whether all tests passed */
+	return exit_status();
+}
--- a/ccan/crypto/sha256/test/run-lotsa-data.c
+++ b/ccan/crypto/sha256/test/run-lotsa-data.c
+#include <ccan/crypto/sha256/sha256.h>
+/* Include the C files directly. */
+#include <ccan/crypto/sha256/sha256.c>
+#include <ccan/tap/tap.h>
+
+int main(void)
+{
+	struct sha256 h, expected;
+	static const char zeroes[1000];
+	size_t i;
+
+	plan_tests(63);
+
+	/* Test different alignments. */
+	sha256(&expected, zeroes, sizeof(zeroes) - 64);
+	for (i = 1; i < 64; i++) {
+		sha256(&h, zeroes + i, sizeof(zeroes) - 64);
+		ok1(memcmp(&h, &expected, sizeof(h)) == 0);
+	}
+
+	/* This exits depending on whether all tests passed */
+	return exit_status();
+}
--- a/ccan/crypto/sha256/test/run-test-vectors.c
+++ b/ccan/crypto/sha256/test/run-test-vectors.c
+#include <ccan/crypto/sha256/sha256.h>
+/* Include the C files directly. */
+#include <ccan/crypto/sha256/sha256.c>
+#include <ccan/tap/tap.h>
+
+/* Test vectors. */
+struct test {
+	const char *test;
+	size_t repetitions;
+	beint32_t result[8];
+};
+
+static struct test tests[] = {
+	{ "", 1,
+	  { CPU_TO_BE32(0xe3b0c442), CPU_TO_BE32(0x98fc1c14),
+	    CPU_TO_BE32(0x9afbf4c8), CPU_TO_BE32(0x996fb924),
+	    CPU_TO_BE32(0x27ae41e4), CPU_TO_BE32(0x649b934c),
+	    CPU_TO_BE32(0xa495991b), CPU_TO_BE32(0x7852b855) } },
+	{ "abc", 1,
+	  { CPU_TO_BE32(0xba7816bf), CPU_TO_BE32(0x8f01cfea),
+	    CPU_TO_BE32(0x414140de), CPU_TO_BE32(0x5dae2223),
+	    CPU_TO_BE32(0xb00361a3), CPU_TO_BE32(0x96177a9c),
+	    CPU_TO_BE32(0xb410ff61), CPU_TO_BE32(0xf20015ad) } },
+	{ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1,
+	  { CPU_TO_BE32(0x248d6a61), CPU_TO_BE32(0xd20638b8),
+	    CPU_TO_BE32(0xe5c02693), CPU_TO_BE32(0x0c3e6039),
+	    CPU_TO_BE32(0xa33ce459), CPU_TO_BE32(0x64ff2167),
+	    CPU_TO_BE32(0xf6ecedd4), CPU_TO_BE32(0x19db06c1) } },
+	{ "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 1,
+	  { CPU_TO_BE32(0xcf5b16a7), CPU_TO_BE32(0x78af8380),
+	    CPU_TO_BE32(0x036ce59e), CPU_TO_BE32(0x7b049237),
+	    CPU_TO_BE32(0x0b249b11), CPU_TO_BE32(0xe8f07a51),
+	    CPU_TO_BE32(0xafac4503), CPU_TO_BE32(0x7afee9d1) } },
+	{ "a", 1000000,
+	  { CPU_TO_BE32(0xcdc76e5c), CPU_TO_BE32(0x9914fb92),
+	    CPU_TO_BE32(0x81a1c7e2), CPU_TO_BE32(0x84d73e67),
+	    CPU_TO_BE32(0xf1809a48), CPU_TO_BE32(0xa497200e),
+	    CPU_TO_BE32(0x046d39cc), CPU_TO_BE32(0xc7112cd0) } }
+#if 0 /* Good test, but takes ages! */
+	, { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmno", 16777216,
+	    { CPU_TO_BE32(0x50e72a0e), CPU_TO_BE32(0x26442fe2),
+	      CPU_TO_BE32(0x552dc393), CPU_TO_BE32(0x8ac58658),
+	      CPU_TO_BE32(0x228c0cbf), CPU_TO_BE32(0xb1d2ca87),
+	      CPU_TO_BE32(0x2ae43526), CPU_TO_BE32(0x6fcd055e) } }
+#endif
+};
+
+static bool do_test(const struct test *t, bool single)
+{
+	struct sha256 h;
+
+	if (single) {
+		if (t->repetitions != 1)
+			return true;
+		sha256(&h, t->test, strlen(t->test));
+	} else {
+		struct sha256_ctx ctx = SHA256_INIT;
+		size_t i;
+
+		for (i = 0; i < t->repetitions; i++)
+			sha256_update(&ctx, t->test, strlen(t->test));
+		sha256_done(&ctx, &h);
+	}
+
+	return memcmp(&h.u, t->result, sizeof(t->result)) == 0;
+}
+
+int main(void)
+{
+	size_t i;
+
+	/* This is how many tests you plan to run */
+	plan_tests(sizeof(tests) / sizeof(struct test) * 2);
+
+	for (i = 0; i < sizeof(tests) / sizeof(struct test); i++)
+		ok1(do_test(&tests[i], false));
+
+	for (i = 0; i < sizeof(tests) / sizeof(struct test); i++)
+		ok1(do_test(&tests[i], true));
+
+	/* This exits depending on whether all tests passed */
+	return exit_status();
+}
--- a/ccan/crypto/sha256/test/run-types.c
+++ b/ccan/crypto/sha256/test/run-types.c
+#include <ccan/crypto/sha256/sha256.h>
+/* Include the C files directly. */
+#include <ccan/crypto/sha256/sha256.c>
+#include <ccan/tap/tap.h>
+
+static unsigned char arr[] = {
+	0x12,
+#if HAVE_BIG_ENDIAN
+	/* u16 */
+	0x12, 0x34,
+	/* u32 */
+	0x12, 0x34, 0x56, 0x78,
+	/* u64 */
+	0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+#else
+	/* u16 */
+	0x34, 0x12,
+	/* u32 */
+	0x78, 0x56, 0x34, 0x12,
+	/* u64 */
+	0xf0, 0xde, 0xbc, 0x9a, 0x78, 0x56, 0x34, 0x12,
+#endif
+	/* le16 */
+	0x34, 0x12,
+	/* le32 */
+	0x78, 0x56, 0x34, 0x12,
+	/* le64 */
+	0xf0, 0xde, 0xbc, 0x9a, 0x78, 0x56, 0x34, 0x12,
+	/* be16 */
+	0x12, 0x34,
+	/* be32 */
+	0x12, 0x34, 0x56, 0x78,
+	/* be64 */
+	0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
+};
+
+int main(void)
+{
+	struct sha256 h, expected;
+	struct sha256_ctx ctx;
+
+	/* This is how many tests you plan to run */
+	plan_tests(1);
+
+	sha256_init(&ctx);
+	sha256_u8(&ctx, 0x12);
+	sha256_u16(&ctx, 0x1234);
+	sha256_u32(&ctx, 0x12345678);
+	sha256_u64(&ctx, 0x123456789abcdef0ULL);
+	sha256_le16(&ctx, 0x1234);
+	sha256_le32(&ctx, 0x12345678);
+	sha256_le64(&ctx, 0x123456789abcdef0ULL);
+	sha256_be16(&ctx, 0x1234);
+	sha256_be32(&ctx, 0x12345678);
+	sha256_be64(&ctx, 0x123456789abcdef0ULL);
+	sha256_done(&ctx, &h);
+
+	sha256(&expected, arr, sizeof(arr));
+	ok1(memcmp(&h, &expected, sizeof(h)) == 0);
+
+	/* This exits depending on whether all tests passed */
+	return exit_status();
+}