diff options
-rw-r--r-- | pkgtools/digest/files/COPYING | 32 | ||||
-rw-r--r-- | pkgtools/digest/files/Makefile.in | 14 | ||||
-rwxr-xr-x | pkgtools/digest/files/configure | 18 | ||||
-rw-r--r-- | pkgtools/digest/files/configure.ac | 4 | ||||
-rw-r--r-- | pkgtools/digest/files/digest.1 | 71 | ||||
-rw-r--r-- | pkgtools/digest/files/digest.c | 108 | ||||
-rw-r--r-- | pkgtools/digest/files/keccak.c | 178 | ||||
-rw-r--r-- | pkgtools/digest/files/keccak.h | 34 | ||||
-rw-r--r-- | pkgtools/digest/files/sha3.c | 638 | ||||
-rw-r--r-- | pkgtools/digest/files/sha3.h | 141 | ||||
-rw-r--r-- | pkgtools/digest/files/sha3hl.c | 316 | ||||
-rw-r--r-- | pkgtools/digest/files/tiger.h | 37 |
12 files changed, 1463 insertions, 128 deletions
diff --git a/pkgtools/digest/files/COPYING b/pkgtools/digest/files/COPYING index 222b0f91010..9475f227008 100644 --- a/pkgtools/digest/files/COPYING +++ b/pkgtools/digest/files/COPYING @@ -1,5 +1,6 @@ -/* - * Copyright (c) 2001 Alistair G. Crooks. All rights reserved. +/*- + * Copyright (c) 2001-2016 Alistair Crooks <agc@NetBSD.org> + * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -9,22 +10,15 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Alistair G. Crooks. - * 4. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE - * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ diff --git a/pkgtools/digest/files/Makefile.in b/pkgtools/digest/files/Makefile.in index ff3af5b9a95..cb11e762c5b 100644 --- a/pkgtools/digest/files/Makefile.in +++ b/pkgtools/digest/files/Makefile.in @@ -1,4 +1,4 @@ -# $Id: Makefile.in,v 1.5 2007/07/03 18:54:02 joerg Exp $ +# $Id: Makefile.in,v 1.6 2016/03/03 22:11:07 agc Exp $ @SET_MAKE@ SHELL = @SHELL@ @@ -42,12 +42,14 @@ LDFLAGS= @LDFLAGS@ LINK= $(CCLD) $(CFLAGS) $(LDFLAGS) -o $@ COMPILE= $(CC) $(DEFS) $(CPPFLAGS) $(CFLAGS) -digest_OBJS = digest.o md5c.o rmd160.o rmd160hl.o sha2.o sha2hl.o \ -md5hl.o sha1.o sha1hl.o tiger.o whirlpool.o +digest_OBJS = digest.o keccak.o md5c.o md5hl.o rmd160.o \ +rmd160hl.o sha1.o sha1hl.o sha2.o sha2hl.o sha3.o sha3hl.o \ +tiger.o whirlpool.o -SRCS= digest.c md5c.c rmd160.c rmd160hl.c sha2.c sha2hl.c md5hl.c sha1.c \ -sha1hl.c md5.h rmd160.h sha1.h sha2.h tiger.c tiger.h whirlpool.c \ -whirlpool.h +SRCS= digest.c keccak.c md5c.c md5hl.c rmd160.c \ +rmd160hl.c sha1.c sha1hl.c sha2.c sha2hl.c sha3.c sha3hl.c \ +tiger.c whirlpool.c \ +md5.h rmd160.h sha1.h sha2.h sha3.h tiger.h whirlpool.h DISTFILES= $(SRCS) AUTHORS COPYING DESCR INSTALL Makefile.in NEWS aclocal.m4 \ config.guess config.h.in config.sub configure configure.ac install-sh \ diff --git a/pkgtools/digest/files/configure b/pkgtools/digest/files/configure index 2d76c50e06d..eef6946dc48 100755 --- a/pkgtools/digest/files/configure +++ b/pkgtools/digest/files/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for nbsd-digest 20121220. +# Generated by GNU Autoconf 2.69 for nbsd-digest 20160216. # # Report bugs to <agc@netbsd.org>. # @@ -580,8 +580,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='nbsd-digest' PACKAGE_TARNAME='nbsd-digest' -PACKAGE_VERSION='20121220' -PACKAGE_STRING='nbsd-digest 20121220' +PACKAGE_VERSION='20160216' +PACKAGE_STRING='nbsd-digest 20160216' PACKAGE_BUGREPORT='agc@netbsd.org' PACKAGE_URL='' @@ -1242,7 +1242,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures nbsd-digest 20121220 to adapt to many kinds of systems. +\`configure' configures nbsd-digest 20160216 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1312,7 +1312,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of nbsd-digest 20121220:";; + short | recursive ) echo "Configuration of nbsd-digest 20160216:";; esac cat <<\_ACEOF @@ -1392,7 +1392,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -nbsd-digest configure 20121220 +nbsd-digest configure 20160216 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1937,7 +1937,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by nbsd-digest $as_me 20121220, which was +It was created by nbsd-digest $as_me 20160216, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -4707,7 +4707,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by nbsd-digest $as_me 20121220, which was +This file was extended by nbsd-digest $as_me 20160216, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -4769,7 +4769,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -nbsd-digest config.status 20121220 +nbsd-digest config.status 20160216 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/pkgtools/digest/files/configure.ac b/pkgtools/digest/files/configure.ac index 1f513677758..2a80ebf6330 100644 --- a/pkgtools/digest/files/configure.ac +++ b/pkgtools/digest/files/configure.ac @@ -1,7 +1,7 @@ -dnl $Id: configure.ac,v 1.18 2013/01/03 10:20:31 dholland Exp $ +dnl $Id: configure.ac,v 1.19 2016/03/03 22:11:07 agc Exp $ dnl Process this file with autoconf to produce a configure script. AC_PREREQ(2.57) -AC_INIT([nbsd-digest],[20121220],[agc@netbsd.org]) +AC_INIT([nbsd-digest],[20160216],[agc@netbsd.org]) AC_CONFIG_SRCDIR([digest.c]) AC_CONFIG_HEADER(config.h) AC_ARG_PROGRAM diff --git a/pkgtools/digest/files/digest.1 b/pkgtools/digest/files/digest.1 index c9ae36fa819..50674f8c8bd 100644 --- a/pkgtools/digest/files/digest.1 +++ b/pkgtools/digest/files/digest.1 @@ -1,7 +1,7 @@ -.\" $NetBSD: digest.1,v 1.7 2013/07/20 21:50:52 wiz Exp $ +.\" $NetBSD: digest.1,v 1.8 2016/03/03 22:11:07 agc Exp $ .\" -.\" -.\" Copyright (c) 2001 Alistair G. Crooks. All rights reserved. +.\" Copyright (c) 2001-2016 Alistair Crooks <agc@NetBSD.org> +.\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -11,27 +11,19 @@ .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by Alistair G. Crooks. -.\" 4. The name of the author may not be used to endorse or promote -.\" products derived from this software without specific prior written -.\" permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS -.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY -.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE -.\" GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -.\" WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -.\" NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -.\" SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd March 23, 2005 +.Dd February 16, 2016 .Dt DIGEST 1 .Os .Sh NAME @@ -39,15 +31,30 @@ .Nd calculate message digests .Sh SYNOPSIS .Nm +.Op Fl "Vt" .Ar algorithm -.Op file ... +.Op Ar .Sh DESCRIPTION The .Nm utility calculates message digests of files or, if no file is specified, standard input. +.Pp +It can also run self tests via the +.Fl t +command line option; the only self tests currently defined are +for the +.Dv SHA3 +set of digests. +.Pp +The +.Fl V +command line option prints the version number of +.Nm +and exits successfully. +.Pp The list of possible algorithms is: -.Bl -tag -width Ds +.Bl -tag -width SHA3_512xxx .It md5 the .Xr md5 3 @@ -68,6 +75,22 @@ algorithm will be used. the sha384 algorithm will be used. +.It sha3_224 +the +sha3_224 +algorithm will be used. +.It sha3_256 +the +sha3_256 +algorithm will be used. +.It sha3_384 +the +sha3_384 +algorithm will be used. +.It sha3_512 +the +sha3_512 +algorithm will be used. .It sha512 the sha512 diff --git a/pkgtools/digest/files/digest.c b/pkgtools/digest/files/digest.c index 4b9100c0055..c2ccf456172 100644 --- a/pkgtools/digest/files/digest.c +++ b/pkgtools/digest/files/digest.c @@ -1,7 +1,8 @@ -/* $NetBSD: digest.c,v 1.15 2007/09/21 18:44:36 joerg Exp $ */ +/* $NetBSD: digest.c,v 1.16 2016/03/03 22:11:07 agc Exp $ */ -/* - * Copyright (c) 2001-2005 Alistair G. Crooks. All rights reserved. +/*- + * Copyright (c) 2001-2016 Alistair Crooks <agc@NetBSD.org> + * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -11,36 +12,22 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Alistair G. Crooks. - * 4. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE - * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifdef HAVE_CONFIG_H #include "config.h" #endif -#ifndef lint -__COPYRIGHT("@(#) Copyright (c) 2001-2005 \ - The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: digest.c,v 1.15 2007/09/21 18:44:36 joerg Exp $"); -#endif - - #ifdef HAVE_ERRNO_H #include <errno.h> #endif @@ -51,6 +38,7 @@ __RCSID("$NetBSD: digest.c,v 1.15 2007/09/21 18:44:36 joerg Exp $"); #include <rmd160.h> #include <sha1.h> #include <sha2.h> +#include <sha3.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -79,6 +67,10 @@ typedef struct alg_t { RMD160_CTX rmd; SHA256_CTX sha256; SHA384_CTX sha384; + SHA3_224_CTX sha3_224; + SHA3_256_CTX sha3_256; + SHA3_384_CTX sha3_384; + SHA3_512_CTX sha3_512; SHA512_CTX sha512; tiger_context_t tiger; whirlpool_context_t whirlpool; @@ -99,6 +91,18 @@ static alg_t algorithms[] = { { "SHA256", SHA256_DIGEST_LENGTH, (HASH_init) SHA256_Init, (HASH_update) SHA256_Update, (HASH_end) SHA256_End, (HASH_file) SHA256_File }, + { "SHA3_224", SHA3_224_DIGEST_LENGTH, + (HASH_init) SHA3_224_Init, (HASH_update) SHA3_224_Update, + (HASH_end) SHA3_224_End, (HASH_file) SHA3_224_File }, + { "SHA3_256", SHA3_256_DIGEST_LENGTH, + (HASH_init) SHA3_256_Init, (HASH_update) SHA3_256_Update, + (HASH_end) SHA3_256_End, (HASH_file) SHA3_256_File }, + { "SHA3_384", SHA3_384_DIGEST_LENGTH, + (HASH_init) SHA3_384_Init, (HASH_update) SHA3_384_Update, + (HASH_end) SHA3_384_End, (HASH_file) SHA3_384_File }, + { "SHA3_512", SHA3_512_DIGEST_LENGTH, + (HASH_init) SHA3_512_Init, (HASH_update) SHA3_512_Update, + (HASH_end) SHA3_512_End, (HASH_file) SHA3_512_File }, { "SHA384", SHA384_DIGEST_LENGTH, (HASH_init) SHA384_Init, (HASH_update) SHA384_Update, (HASH_end) SHA384_End, (HASH_file) SHA384_File }, @@ -161,46 +165,58 @@ int main(int argc, char **argv) { alg_t *alg; - int rval; + int test; + int ok; int i; #ifdef HAVE_SETLOCALE (void) setlocale(LC_ALL, ""); #endif - while ((i = getopt(argc, argv, "V")) != -1) { + test = 0; + while ((i = getopt(argc, argv, "Vt")) != -1) { switch(i) { case 'V': printf("%s\n", VERSION); return EXIT_SUCCESS; + case 't': + test = 1; + break; + } + } + if (test) { + /* there's room for other tests here -- agc */ + printf("self test mode starting\n"); + ok = 1; + if (SHA3_Selftest() != 0) { + ok = 0; } + printf("self test mode completed\n"); + return (ok) ? EXIT_SUCCESS : EXIT_FAILURE; } - argc -= optind; - argv += optind; - - if (argc == 0) { + /* check for correct usage */ + if (argc == optind) { (void) fprintf(stderr, "Usage: %s algorithm [file...]\n", - argv[-optind]); + argv[0]); return EXIT_FAILURE; } - if ((alg = find_algorithm(argv[0])) == NULL) { - (void) fprintf(stderr, "No such algorithm `%s'\n", argv[0]); + /* check we know the digest algorithm */ + if ((alg = find_algorithm(argv[optind])) == NULL) { + (void) fprintf(stderr, "No such algorithm `%s'\n", argv[optind]); exit(EXIT_FAILURE); } - argc--; - argv++; - rval = EXIT_SUCCESS; - if (argc == 0) { + ok = 1; + if (argc == optind + 1) { if (!digest_file(NULL, alg)) { - (void) fprintf(stderr, "stdin\n"); - rval = EXIT_FAILURE; + fprintf(stderr, "stdin\n"); + ok = 0; } } else { - for (i = 0 ; i < argc ; i++) { + for (i = optind + 1 ; i < argc ; i++) { if (!digest_file(argv[i], alg)) { - (void) fprintf(stderr, "%s\n", argv[i]); - rval = EXIT_FAILURE; + fprintf(stderr, "%s\n", argv[i]); + ok = 0; } } } - return rval; + return (ok) ? EXIT_SUCCESS : EXIT_FAILURE; } diff --git a/pkgtools/digest/files/keccak.c b/pkgtools/digest/files/keccak.c new file mode 100644 index 00000000000..3d36793c13c --- /dev/null +++ b/pkgtools/digest/files/keccak.c @@ -0,0 +1,178 @@ +/*- + * Copyright (c) 2015 Taylor R. Campbell + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#define _POSIX_C_SOURCE 200809L + +#include <stdint.h> + +#include "keccak.h" + +#define secret /* can't use in variable-time operations, should zero */ + +#define FOR5(X, STMT) do \ +{ \ + (X) = 0; (STMT); \ + (X) = 1; (STMT); \ + (X) = 2; (STMT); \ + (X) = 3; (STMT); \ + (X) = 4; (STMT); \ +} while (0) + +static inline secret uint64_t +rol64(secret uint64_t v, unsigned c) +{ + + return ((v << c) | (v >> (64 - c))); +} + +static inline void +keccakf1600_theta(secret uint64_t A[25]) +{ + secret uint64_t C0, C1, C2, C3, C4; + unsigned y; + + C0 = C1 = C2 = C3 = C4 = 0; + FOR5(y, { + C0 ^= A[0 + 5*y]; + C1 ^= A[1 + 5*y]; + C2 ^= A[2 + 5*y]; + C3 ^= A[3 + 5*y]; + C4 ^= A[4 + 5*y]; + }); + FOR5(y, { + A[0 + 5*y] ^= C4 ^ rol64(C1, 1); + A[1 + 5*y] ^= C0 ^ rol64(C2, 1); + A[2 + 5*y] ^= C1 ^ rol64(C3, 1); + A[3 + 5*y] ^= C2 ^ rol64(C4, 1); + A[4 + 5*y] ^= C3 ^ rol64(C0, 1); + }); +} + +static inline void +keccakf1600_rho_pi(secret uint64_t A[25]) +{ + secret uint64_t T, U; + + /* + * Permute by (x,y) |---> (y, 2x + 3y mod 5) starting at (1,0), + * rotate the ith element by (i + 1)(i + 2)/2 mod 64. + */ + U = A[ 1]; T = U; + U = A[10]; A[10] = rol64(T, 1); T = U; + U = A[ 7]; A[ 7] = rol64(T, 3); T = U; + U = A[11]; A[11] = rol64(T, 6); T = U; + U = A[17]; A[17] = rol64(T, 10); T = U; + U = A[18]; A[18] = rol64(T, 15); T = U; + U = A[ 3]; A[ 3] = rol64(T, 21); T = U; + U = A[ 5]; A[ 5] = rol64(T, 28); T = U; + U = A[16]; A[16] = rol64(T, 36); T = U; + U = A[ 8]; A[ 8] = rol64(T, 45); T = U; + U = A[21]; A[21] = rol64(T, 55); T = U; + U = A[24]; A[24] = rol64(T, 2); T = U; + U = A[ 4]; A[ 4] = rol64(T, 14); T = U; + U = A[15]; A[15] = rol64(T, 27); T = U; + U = A[23]; A[23] = rol64(T, 41); T = U; + U = A[19]; A[19] = rol64(T, 56); T = U; + U = A[13]; A[13] = rol64(T, 8); T = U; + U = A[12]; A[12] = rol64(T, 25); T = U; + U = A[ 2]; A[ 2] = rol64(T, 43); T = U; + U = A[20]; A[20] = rol64(T, 62); T = U; + U = A[14]; A[14] = rol64(T, 18); T = U; + U = A[22]; A[22] = rol64(T, 39); T = U; + U = A[ 9]; A[ 9] = rol64(T, 61); T = U; + U = A[ 6]; A[ 6] = rol64(T, 20); T = U; + A[ 1] = rol64(T, 44); +} + +static inline void +keccakf1600_chi(secret uint64_t A[25]) +{ + secret uint64_t B0, B1, B2, B3, B4; + unsigned y; + + FOR5(y, { + B0 = A[0 + 5*y]; + B1 = A[1 + 5*y]; + B2 = A[2 + 5*y]; + B3 = A[3 + 5*y]; + B4 = A[4 + 5*y]; + A[0 + 5*y] ^= ~B1 & B2; + A[1 + 5*y] ^= ~B2 & B3; + A[2 + 5*y] ^= ~B3 & B4; + A[3 + 5*y] ^= ~B4 & B0; + A[4 + 5*y] ^= ~B0 & B1; + }); +} + +static void +keccakf1600_round(secret uint64_t A[25]) +{ + + keccakf1600_theta(A); + keccakf1600_rho_pi(A); + keccakf1600_chi(A); +} + +void +keccakf1600(secret uint64_t A[25]) +{ + /* + * RC[i] = \sum_{j = 0,...,6} rc(j + 7i) 2^(2^j - 1), + * rc(t) = (x^t mod x^8 + x^6 + x^5 + x^4 + 1) mod x in GF(2)[x] + */ + static const uint64_t RC[24] = { + 0x0000000000000001ULL, + 0x0000000000008082ULL, + 0x800000000000808aULL, + 0x8000000080008000ULL, + 0x000000000000808bULL, + 0x0000000080000001ULL, + 0x8000000080008081ULL, + 0x8000000000008009ULL, + 0x000000000000008aULL, + 0x0000000000000088ULL, + 0x0000000080008009ULL, + 0x000000008000000aULL, + 0x000000008000808bULL, + 0x800000000000008bULL, + 0x8000000000008089ULL, + 0x8000000000008003ULL, + 0x8000000000008002ULL, + 0x8000000000000080ULL, + 0x000000000000800aULL, + 0x800000008000000aULL, + 0x8000000080008081ULL, + 0x8000000000008080ULL, + 0x0000000080000001ULL, + 0x8000000080008008ULL, + }; + unsigned i; + + for (i = 0; i < 24; i++) { + keccakf1600_round(A); + A[0] ^= RC[i]; + } +} diff --git a/pkgtools/digest/files/keccak.h b/pkgtools/digest/files/keccak.h new file mode 100644 index 00000000000..51a8e02131f --- /dev/null +++ b/pkgtools/digest/files/keccak.h @@ -0,0 +1,34 @@ +/*- + * Copyright (c) 2015 Taylor R. Campbell + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef KECCAK_H +#define KECCAK_H + +#include <stdint.h> + +void keccakf1600(uint64_t A[25]); + +#endif /* KECCAK_H */ diff --git a/pkgtools/digest/files/sha3.c b/pkgtools/digest/files/sha3.c new file mode 100644 index 00000000000..5442c6e164a --- /dev/null +++ b/pkgtools/digest/files/sha3.c @@ -0,0 +1,638 @@ +/*- + * Copyright (c) 2015 Taylor R. Campbell + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * SHA-3: FIPS-202, Permutation-Based Hash and Extendable-Ouptut Functions + */ + +#define _POSIX_C_SOURCE 200809L + +#include <assert.h> +#include <stddef.h> +#include <stdint.h> +#include <string.h> + +#include "keccak.h" + +#include "sha3.h" + +#define MIN(a,b) ((a) < (b) ? (a) : (b)) + +void *(*volatile sha3_explicit_memset_impl)(void *, int, size_t) = &memset; +static void * +explicit_memset(void *buf, int c, size_t n) +{ + + return (*sha3_explicit_memset_impl)(buf, c, n); +} + +static inline uint64_t +le64dec(const void *buf) +{ + const uint8_t *p = buf; + + return (((uint64_t)p[0]) | + ((uint64_t)p[1] << 8) | + ((uint64_t)p[2] << 16) | + ((uint64_t)p[3] << 24) | + ((uint64_t)p[4] << 32) | + ((uint64_t)p[5] << 40) | + ((uint64_t)p[6] << 48) | + ((uint64_t)p[7] << 56)); +} + +static inline void +le64enc(void *buf, uint64_t v) +{ + uint8_t *p = buf; + + *p++ = v; v >>= 8; + *p++ = v; v >>= 8; + *p++ = v; v >>= 8; + *p++ = v; v >>= 8; + *p++ = v; v >>= 8; + *p++ = v; v >>= 8; + *p++ = v; v >>= 8; + *p++ = v; +} + +/* + * Common body. All the SHA-3 functions share code structure. They + * differ only in the size of the chunks they split the message into: + * for digest size d, they are split into chunks of 200 - d bytes. + */ + +static inline unsigned +sha3_rate(unsigned d) +{ + const unsigned cw = 2*d/8; /* capacity in words */ + + return 25 - cw; +} + +static void +sha3_init(struct sha3 *C, unsigned rw) +{ + unsigned iw; + + C->nb = 8*rw; + for (iw = 0; iw < 25; iw++) + C->A[iw] = 0; +} + +static void +sha3_update(struct sha3 *C, const uint8_t *data, size_t len, unsigned rw) +{ + uint64_t T; + unsigned ib, iw; /* index of byte/word */ + + assert(0 < C->nb); + + /* If there's a partial word, try to fill it. */ + if ((C->nb % 8) != 0) { + T = 0; + for (ib = 0; ib < MIN(len, C->nb % 8); ib++) + T |= (uint64_t)data[ib] << (8*ib); + C->A[rw - (C->nb + 7)/8] ^= T << (8*(8 - (C->nb % 8))); + C->nb -= ib; + data += ib; + len -= ib; + + /* If we filled the buffer, permute now. */ + if (C->nb == 0) { + keccakf1600(C->A); + C->nb = 8*rw; + } + + /* If that exhausted the input, we're done. */ + if (len == 0) + return; + } + + /* At a word boundary. Fill any partial buffer. */ + assert((C->nb % 8) == 0); + if (C->nb < 8*rw) { + for (iw = 0; iw < MIN(len, C->nb)/8; iw++) + C->A[rw - C->nb/8 + iw] ^= le64dec(data + 8*iw); + C->nb -= 8*iw; + data += 8*iw; + len -= 8*iw; + + /* If we filled the buffer, permute now. */ + if (C->nb == 0) { + keccakf1600(C->A); + C->nb = 8*rw; + } else { + /* Otherwise, less than a word left. */ + assert(len < 8); + goto partial; + } + } + + /* At a buffer boundary. Absorb input one buffer at a time. */ + assert(C->nb == 8*rw); + while (8*rw <= len) { + for (iw = 0; iw < rw; iw++) + C->A[iw] ^= le64dec(data + 8*iw); + keccakf1600(C->A); + data += 8*rw; + len -= 8*rw; + } + + /* Partially fill the buffer with as many words as we can. */ + for (iw = 0; iw < len/8; iw++) + C->A[rw - C->nb/8 + iw] ^= le64dec(data + 8*iw); + C->nb -= 8*iw; + data += 8*iw; + len -= 8*iw; + +partial: + /* Partially fill the last word with as many bytes as we can. */ + assert(len < 8); + assert(0 < C->nb); + assert((C->nb % 8) == 0); + T = 0; + for (ib = 0; ib < len; ib++) + T |= (uint64_t)data[ib] << (8*ib); + C->A[rw - C->nb/8] ^= T; + C->nb -= ib; + assert(0 < C->nb); +} + +static void +sha3_final(uint8_t *h, unsigned d, struct sha3 *C, unsigned rw) +{ + unsigned nw, iw; + + assert(d <= 8*25); + assert(0 < C->nb); + + /* Append 01, pad with 10*1 up to buffer boundary, LSB first. */ + nw = (C->nb + 7)/8; + assert(0 < nw); + assert(nw <= rw); + C->A[rw - nw] ^= (uint64_t)0x06 << (8*(8*nw - C->nb)); + C->A[rw - 1] ^= 0x8000000000000000ULL; + + /* Permute one last time. */ + keccakf1600(C->A); + + /* Reveal the first 8d bits of state, forget 1600-8d of them. */ + for (iw = 0; iw < d/8; iw++) + le64enc(h + 8*iw, C->A[iw]); + h += 8*iw; + d -= 8*iw; + if (0 < d) { + /* For SHA3-224, we need to expose a partial word. */ + uint64_t T = C->A[iw]; + do { + *h++ = T & 0xff; + T >>= 8; + } while (--d); + } + (void)explicit_memset(C->A, 0, sizeof C->A); + C->nb = 0; +} + +static void +shake_final(uint8_t *h, unsigned d, struct sha3 *C, unsigned rw) +{ + unsigned nw, iw; + + assert(0 < C->nb); + + /* Append 1111, pad with 10*1 up to buffer boundary, LSB first. */ + nw = (C->nb + 7)/8; + assert(0 < nw); + assert(nw <= rw); + C->A[rw - nw] ^= (uint64_t)0x1f << (8*(8*nw - C->nb)); + C->A[rw - 1] ^= 0x8000000000000000ULL; + + /* Permute, reveal first rw words of state, repeat. */ + while (8*rw <= d) { + keccakf1600(C->A); + for (iw = 0; iw < rw; iw++) + le64enc(h + 8*iw, C->A[iw]); + h += 8*iw; + d -= 8*iw; + } + + /* + * If 8*rw (the output rate in bytes) does not divide d, more + * words are wanted: permute again and reveal a little more. + */ + if (0 < d) { + keccakf1600(C->A); + for (iw = 0; iw < d/8; iw++) + le64enc(h + 8*iw, C->A[iw]); + h += 8*iw; + d -= 8*iw; + + /* + * If 8 does not divide d, more bytes are wanted: + * reveal them. + */ + if (0 < d) { + uint64_t T = C->A[iw]; + do { + *h++ = T & 0xff; + T >>= 8; + } while (--d); + } + } + + (void)explicit_memset(C->A, 0, sizeof C->A); + C->nb = 0; +} + +void +SHA3_224_Init(SHA3_224_CTX *C) +{ + + sha3_init(&C->C224, sha3_rate(SHA3_224_DIGEST_LENGTH)); +} + +void +SHA3_224_Update(SHA3_224_CTX *C, const uint8_t *data, size_t len) +{ + + sha3_update(&C->C224, data, len, sha3_rate(SHA3_224_DIGEST_LENGTH)); +} + +void +SHA3_224_Final(uint8_t h[SHA3_224_DIGEST_LENGTH], SHA3_224_CTX *C) +{ + + sha3_final(h, SHA3_224_DIGEST_LENGTH, &C->C224, + sha3_rate(SHA3_224_DIGEST_LENGTH)); +} + +void +SHA3_256_Init(SHA3_256_CTX *C) +{ + + sha3_init(&C->C256, sha3_rate(SHA3_256_DIGEST_LENGTH)); +} + +void +SHA3_256_Update(SHA3_256_CTX *C, const uint8_t *data, size_t len) +{ + + sha3_update(&C->C256, data, len, sha3_rate(SHA3_256_DIGEST_LENGTH)); +} + +void +SHA3_256_Final(uint8_t h[SHA3_256_DIGEST_LENGTH], SHA3_256_CTX *C) +{ + + sha3_final(h, SHA3_256_DIGEST_LENGTH, &C->C256, + sha3_rate(SHA3_256_DIGEST_LENGTH)); +} + +void +SHA3_384_Init(SHA3_384_CTX *C) +{ + + sha3_init(&C->C384, sha3_rate(SHA3_384_DIGEST_LENGTH)); +} + +void +SHA3_384_Update(SHA3_384_CTX *C, const uint8_t *data, size_t len) +{ + + sha3_update(&C->C384, data, len, sha3_rate(SHA3_384_DIGEST_LENGTH)); +} + +void +SHA3_384_Final(uint8_t h[SHA3_384_DIGEST_LENGTH], SHA3_384_CTX *C) +{ + + sha3_final(h, SHA3_384_DIGEST_LENGTH, &C->C384, + sha3_rate(SHA3_384_DIGEST_LENGTH)); +} + +void +SHA3_512_Init(SHA3_512_CTX *C) +{ + + sha3_init(&C->C512, sha3_rate(SHA3_512_DIGEST_LENGTH)); +} + +void +SHA3_512_Update(SHA3_512_CTX *C, const uint8_t *data, size_t len) +{ + + sha3_update(&C->C512, data, len, sha3_rate(SHA3_512_DIGEST_LENGTH)); +} + +void +SHA3_512_Final(uint8_t h[SHA3_512_DIGEST_LENGTH], SHA3_512_CTX *C) +{ + + sha3_final(h, SHA3_512_DIGEST_LENGTH, &C->C512, + sha3_rate(SHA3_512_DIGEST_LENGTH)); +} + +void +SHAKE128_Init(SHAKE128_CTX *C) +{ + + sha3_init(&C->C128, sha3_rate(128/8)); +} + +void +SHAKE128_Update(SHAKE128_CTX *C, const uint8_t *data, size_t len) +{ + + sha3_update(&C->C128, data, len, sha3_rate(128/8)); +} + +void +SHAKE128_Final(uint8_t *h, size_t d, SHAKE128_CTX *C) +{ + + shake_final(h, d, &C->C128, sha3_rate(128/8)); +} + +void +SHAKE256_Init(SHAKE256_CTX *C) +{ + + sha3_init(&C->C256, sha3_rate(256/8)); +} + +void +SHAKE256_Update(SHAKE256_CTX *C, const uint8_t *data, size_t len) +{ + + sha3_update(&C->C256, data, len, sha3_rate(256/8)); +} + +void +SHAKE256_Final(uint8_t *h, size_t d, SHAKE256_CTX *C) +{ + + shake_final(h, d, &C->C256, sha3_rate(256/8)); +} + +static void +sha3_selftest_prng(void *buf, size_t len, uint32_t seed) +{ + uint8_t *p = buf; + size_t n = len; + uint32_t t, a, b; + + a = 0xdead4bad * seed; + b = 1; + + while (n--) { + t = a + b; + *p++ = t >> 24; + a = b; + b = t; + } +} + +int +SHA3_Selftest(void) +{ + const uint8_t d224_0[] = { /* SHA3-224(0-bit) */ + 0x6b,0x4e,0x03,0x42,0x36,0x67,0xdb,0xb7, + 0x3b,0x6e,0x15,0x45,0x4f,0x0e,0xb1,0xab, + 0xd4,0x59,0x7f,0x9a,0x1b,0x07,0x8e,0x3f, + 0x5b,0x5a,0x6b,0xc7, + }; + const uint8_t d256_0[] = { /* SHA3-256(0-bit) */ + 0xa7,0xff,0xc6,0xf8,0xbf,0x1e,0xd7,0x66, + 0x51,0xc1,0x47,0x56,0xa0,0x61,0xd6,0x62, + 0xf5,0x80,0xff,0x4d,0xe4,0x3b,0x49,0xfa, + 0x82,0xd8,0x0a,0x4b,0x80,0xf8,0x43,0x4a, + }; + const uint8_t d384_0[] = { /* SHA3-384(0-bit) */ + 0x0c,0x63,0xa7,0x5b,0x84,0x5e,0x4f,0x7d, + 0x01,0x10,0x7d,0x85,0x2e,0x4c,0x24,0x85, + 0xc5,0x1a,0x50,0xaa,0xaa,0x94,0xfc,0x61, + 0x99,0x5e,0x71,0xbb,0xee,0x98,0x3a,0x2a, + 0xc3,0x71,0x38,0x31,0x26,0x4a,0xdb,0x47, + 0xfb,0x6b,0xd1,0xe0,0x58,0xd5,0xf0,0x04, + }; + const uint8_t d512_0[] = { /* SHA3-512(0-bit) */ + 0xa6,0x9f,0x73,0xcc,0xa2,0x3a,0x9a,0xc5, + 0xc8,0xb5,0x67,0xdc,0x18,0x5a,0x75,0x6e, + 0x97,0xc9,0x82,0x16,0x4f,0xe2,0x58,0x59, + 0xe0,0xd1,0xdc,0xc1,0x47,0x5c,0x80,0xa6, + 0x15,0xb2,0x12,0x3a,0xf1,0xf5,0xf9,0x4c, + 0x11,0xe3,0xe9,0x40,0x2c,0x3a,0xc5,0x58, + 0xf5,0x00,0x19,0x9d,0x95,0xb6,0xd3,0xe3, + 0x01,0x75,0x85,0x86,0x28,0x1d,0xcd,0x26, + }; + const uint8_t shake128_0_41[] = { /* SHAKE128(0-bit, 41) */ + 0x7f,0x9c,0x2b,0xa4,0xe8,0x8f,0x82,0x7d, + 0x61,0x60,0x45,0x50,0x76,0x05,0x85,0x3e, + 0xd7,0x3b,0x80,0x93,0xf6,0xef,0xbc,0x88, + 0xeb,0x1a,0x6e,0xac,0xfa,0x66,0xef,0x26, + 0x3c,0xb1,0xee,0xa9,0x88,0x00,0x4b,0x93,0x10, + }; + const uint8_t shake256_0_73[] = { /* SHAKE256(0-bit, 73) */ + 0x46,0xb9,0xdd,0x2b,0x0b,0xa8,0x8d,0x13, + 0x23,0x3b,0x3f,0xeb,0x74,0x3e,0xeb,0x24, + 0x3f,0xcd,0x52,0xea,0x62,0xb8,0x1b,0x82, + 0xb5,0x0c,0x27,0x64,0x6e,0xd5,0x76,0x2f, + 0xd7,0x5d,0xc4,0xdd,0xd8,0xc0,0xf2,0x00, + 0xcb,0x05,0x01,0x9d,0x67,0xb5,0x92,0xf6, + 0xfc,0x82,0x1c,0x49,0x47,0x9a,0xb4,0x86, + 0x40,0x29,0x2e,0xac,0xb3,0xb7,0xc4,0xbe, + 0x14,0x1e,0x96,0x61,0x6f,0xb1,0x39,0x57,0x69, + }; + const uint8_t d224_1600[] = { /* SHA3-224(200 * 0xa3) */ + 0x93,0x76,0x81,0x6a,0xba,0x50,0x3f,0x72, + 0xf9,0x6c,0xe7,0xeb,0x65,0xac,0x09,0x5d, + 0xee,0xe3,0xbe,0x4b,0xf9,0xbb,0xc2,0xa1, + 0xcb,0x7e,0x11,0xe0, + }; + const uint8_t d256_1600[] = { /* SHA3-256(200 * 0xa3) */ + 0x79,0xf3,0x8a,0xde,0xc5,0xc2,0x03,0x07, + 0xa9,0x8e,0xf7,0x6e,0x83,0x24,0xaf,0xbf, + 0xd4,0x6c,0xfd,0x81,0xb2,0x2e,0x39,0x73, + 0xc6,0x5f,0xa1,0xbd,0x9d,0xe3,0x17,0x87, + }; + const uint8_t d384_1600[] = { /* SHA3-384(200 * 0xa3) */ + 0x18,0x81,0xde,0x2c,0xa7,0xe4,0x1e,0xf9, + 0x5d,0xc4,0x73,0x2b,0x8f,0x5f,0x00,0x2b, + 0x18,0x9c,0xc1,0xe4,0x2b,0x74,0x16,0x8e, + 0xd1,0x73,0x26,0x49,0xce,0x1d,0xbc,0xdd, + 0x76,0x19,0x7a,0x31,0xfd,0x55,0xee,0x98, + 0x9f,0x2d,0x70,0x50,0xdd,0x47,0x3e,0x8f, + }; + const uint8_t d512_1600[] = { /* SHA3-512(200 * 0xa3) */ + 0xe7,0x6d,0xfa,0xd2,0x20,0x84,0xa8,0xb1, + 0x46,0x7f,0xcf,0x2f,0xfa,0x58,0x36,0x1b, + 0xec,0x76,0x28,0xed,0xf5,0xf3,0xfd,0xc0, + 0xe4,0x80,0x5d,0xc4,0x8c,0xae,0xec,0xa8, + 0x1b,0x7c,0x13,0xc3,0x0a,0xdf,0x52,0xa3, + 0x65,0x95,0x84,0x73,0x9a,0x2d,0xf4,0x6b, + 0xe5,0x89,0xc5,0x1c,0xa1,0xa4,0xa8,0x41, + 0x6d,0xf6,0x54,0x5a,0x1c,0xe8,0xba,0x00, + }; + const uint8_t shake128_1600_41[] = { /* SHAKE128(200 * 0xa3, 41) */ + 0x13,0x1a,0xb8,0xd2,0xb5,0x94,0x94,0x6b, + 0x9c,0x81,0x33,0x3f,0x9b,0xb6,0xe0,0xce, + 0x75,0xc3,0xb9,0x31,0x04,0xfa,0x34,0x69, + 0xd3,0x91,0x74,0x57,0x38,0x5d,0xa0,0x37, + 0xcf,0x23,0x2e,0xf7,0x16,0x4a,0x6d,0x1e,0xb4, + }; + const uint8_t shake256_1600_73[] = { /* SHAKE256(200 * 0xa3, 73) */ + 0xcd,0x8a,0x92,0x0e,0xd1,0x41,0xaa,0x04, + 0x07,0xa2,0x2d,0x59,0x28,0x86,0x52,0xe9, + 0xd9,0xf1,0xa7,0xee,0x0c,0x1e,0x7c,0x1c, + 0xa6,0x99,0x42,0x4d,0xa8,0x4a,0x90,0x4d, + 0x2d,0x70,0x0c,0xaa,0xe7,0x39,0x6e,0xce, + 0x96,0x60,0x44,0x40,0x57,0x7d,0xa4,0xf3, + 0xaa,0x22,0xae,0xb8,0x85,0x7f,0x96,0x1c, + 0x4c,0xd8,0xe0,0x6f,0x0a,0xe6,0x61,0x0b, + 0x10,0x48,0xa7,0xf6,0x4e,0x10,0x74,0xcd,0x62, + }; + const uint8_t d0[] = { + 0x6c,0x02,0x1a,0xc6,0x65,0xaf,0x80,0xfb, + 0x52,0xe6,0x2d,0x27,0xe5,0x02,0x88,0x84, + 0xec,0x1c,0x0c,0xe7,0x0b,0x94,0x55,0x83, + 0x19,0xf2,0xbf,0x09,0x86,0xeb,0x1a,0xbb, + 0xc3,0x0d,0x1c,0xef,0x22,0xfe,0xc5,0x4c, + 0x45,0x90,0x66,0x14,0x00,0x6e,0xc8,0x79, + 0xdf,0x1e,0x02,0xbd,0x75,0xe9,0x60,0xd8, + 0x60,0x39,0x85,0xc9,0xc4,0xee,0x33,0xab, + }; + const unsigned mlen[6] = { 0, 3, 128, 129, 255, 1024 }; + uint8_t m[1024], d[73]; + SHA3_224_CTX sha3224; + SHA3_256_CTX sha3256; + SHA3_384_CTX sha3384; + SHA3_512_CTX sha3512; + SHAKE128_CTX shake128; + SHAKE256_CTX shake256; + SHA3_512_CTX ctx; + unsigned mi; + + /* + * NIST test vectors from + * <http://csrc.nist.gov/groups/ST/toolkit/examples.html#aHashing>: + * 0-bit, 1600-bit repeated 0xa3 (= 0b10100011). + */ + SHA3_224_Init(&sha3224); + SHA3_224_Final(d, &sha3224); + if (memcmp(d, d224_0, 28) != 0) + return -1; + SHA3_256_Init(&sha3256); + SHA3_256_Final(d, &sha3256); + if (memcmp(d, d256_0, 32) != 0) + return -1; + SHA3_384_Init(&sha3384); + SHA3_384_Final(d, &sha3384); + if (memcmp(d, d384_0, 48) != 0) + return -1; + SHA3_512_Init(&sha3512); + SHA3_512_Final(d, &sha3512); + if (memcmp(d, d512_0, 64) != 0) + return -1; + SHAKE128_Init(&shake128); + SHAKE128_Final(d, 41, &shake128); + if (memcmp(d, shake128_0_41, 41) != 0) + return -1; + SHAKE256_Init(&shake256); + SHAKE256_Final(d, 73, &shake256); + if (memcmp(d, shake256_0_73, 73) != 0) + return -1; + + (void)memset(m, 0xa3, 200); + SHA3_224_Init(&sha3224); + SHA3_224_Update(&sha3224, m, 200); + SHA3_224_Final(d, &sha3224); + if (memcmp(d, d224_1600, 28) != 0) + return -1; + SHA3_256_Init(&sha3256); + SHA3_256_Update(&sha3256, m, 200); + SHA3_256_Final(d, &sha3256); + if (memcmp(d, d256_1600, 32) != 0) + return -1; + SHA3_384_Init(&sha3384); + SHA3_384_Update(&sha3384, m, 200); + SHA3_384_Final(d, &sha3384); + if (memcmp(d, d384_1600, 48) != 0) + return -1; + SHA3_512_Init(&sha3512); + SHA3_512_Update(&sha3512, m, 200); + SHA3_512_Final(d, &sha3512); + if (memcmp(d, d512_1600, 64) != 0) + return -1; + SHAKE128_Init(&shake128); + SHAKE128_Update(&shake128, m, 200); + SHAKE128_Final(d, 41, &shake128); + if (memcmp(d, shake128_1600_41, 41) != 0) + return -1; + SHAKE256_Init(&shake256); + SHAKE256_Update(&shake256, m, 200); + SHAKE256_Final(d, 73, &shake256); + if (memcmp(d, shake256_1600_73, 73) != 0) + return -1; + + /* + * Hand-crufted test vectors with unaligned message lengths. + */ + SHA3_512_Init(&ctx); + for (mi = 0; mi < 6; mi++) { + sha3_selftest_prng(m, mlen[mi], (224/8)*mlen[mi]); + SHA3_224_Init(&sha3224); + SHA3_224_Update(&sha3224, m, mlen[mi]); + SHA3_224_Final(d, &sha3224); + SHA3_512_Update(&ctx, d, 224/8); + } + for (mi = 0; mi < 6; mi++) { + sha3_selftest_prng(m, mlen[mi], (256/8)*mlen[mi]); + SHA3_256_Init(&sha3256); + SHA3_256_Update(&sha3256, m, mlen[mi]); + SHA3_256_Final(d, &sha3256); + SHA3_512_Update(&ctx, d, 256/8); + } + for (mi = 0; mi < 6; mi++) { + sha3_selftest_prng(m, mlen[mi], (384/8)*mlen[mi]); + SHA3_384_Init(&sha3384); + SHA3_384_Update(&sha3384, m, mlen[mi]); + SHA3_384_Final(d, &sha3384); + SHA3_512_Update(&ctx, d, 384/8); + } + for (mi = 0; mi < 6; mi++) { + sha3_selftest_prng(m, mlen[mi], (512/8)*mlen[mi]); + SHA3_512_Init(&sha3512); + SHA3_512_Update(&sha3512, m, mlen[mi]); + SHA3_512_Final(d, &sha3512); + SHA3_512_Update(&ctx, d, 512/8); + } + SHA3_512_Final(d, &ctx); + if (memcmp(d, d0, 64) != 0) + return -1; + + return 0; +} diff --git a/pkgtools/digest/files/sha3.h b/pkgtools/digest/files/sha3.h new file mode 100644 index 00000000000..8dd6d431f1c --- /dev/null +++ b/pkgtools/digest/files/sha3.h @@ -0,0 +1,141 @@ +/*- + * Copyright (c) 2015 Taylor R. Campbell + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef SHA3_H +#define SHA3_H + +#include <stddef.h> +#include <stdint.h> + +struct sha3 { + uint64_t A[25]; + unsigned nb; /* number of bytes remaining to fill buffer */ +}; + +typedef struct { struct sha3 C224; } SHA3_224_CTX; +typedef struct { struct sha3 C256; } SHA3_256_CTX; +typedef struct { struct sha3 C384; } SHA3_384_CTX; +typedef struct { struct sha3 C512; } SHA3_512_CTX; +typedef struct { struct sha3 C128; } SHAKE128_CTX; +typedef struct { struct sha3 C256; } SHAKE256_CTX; + +#define SHA3_224_DIGEST_LENGTH 28 +#define SHA3_256_DIGEST_LENGTH 32 +#define SHA3_384_DIGEST_LENGTH 48 +#define SHA3_512_DIGEST_LENGTH 64 + +#define SHA3_224_DIGEST_STRING_LENGTH ((2 * SHA3_224_DIGEST_LENGTH) + 1) +#define SHA3_256_DIGEST_STRING_LENGTH ((2 * SHA3_256_DIGEST_LENGTH) + 1) +#define SHA3_384_DIGEST_STRING_LENGTH ((2 * SHA3_384_DIGEST_LENGTH) + 1) +#define SHA3_512_DIGEST_STRING_LENGTH ((2 * SHA3_512_DIGEST_LENGTH) + 1) + +#ifdef SHA3_PROTECT_NAMESPACE +#define SHA3_224_Init digest_SHA3_224_Init +#define SHA3_224_Update digest_SHA3_224_Update +#define SHA3_224_Final digest_SHA3_224_Final +#define SHA3_224_End digest_SHA3_224_End +#define SHA3_224_Data digest_SHA3_224_Data +#define SHA3_224_File digest_SHA3_224_File + +#define SHA3_256_Init digest_SHA3_256_Init +#define SHA3_256_Update digest_SHA3_256_Update +#define SHA3_256_Final digest_SHA3_256_Final +#define SHA3_256_End digest_SHA3_256_End +#define SHA3_256_Data digest_SHA3_256_Data +#define SHA3_256_File digest_SHA3_256_File + +#define SHA3_384_Init digest_SHA3_384_Init +#define SHA3_384_Update digest_SHA3_384_Update +#define SHA3_384_Final digest_SHA3_384_Final +#define SHA3_384_End digest_SHA3_384_End +#define SHA3_384_Data digest_SHA3_384_Data +#define SHA3_384_File digest_SHA3_384_File + +#define SHA3_512_Init digest_SHA3_512_Init +#define SHA3_512_Update digest_SHA3_512_Update +#define SHA3_512_Final digest_SHA3_512_Final +#define SHA3_512_End digest_SHA3_512_End +#define SHA3_512_Data digest_SHA3_512_Data +#define SHA3_512_File digest_SHA3_512_File +#endif /* SHA3_PROTECT_NAMESPACE */ + +#ifndef __BEGIN_DECLS +# if defined(__cplusplus) +# define __BEGIN_DECLS extern "C" { +# define __END_DECLS } +# else +# define __BEGIN_DECLS +# define __END_DECLS +# endif +#endif + +__BEGIN_DECLS + +void SHA3_224_Init(SHA3_224_CTX *); +void SHA3_224_Update(SHA3_224_CTX *, const uint8_t *, size_t); +void SHA3_224_Final(uint8_t[SHA3_224_DIGEST_LENGTH], SHA3_224_CTX *); + +void SHA3_256_Init(SHA3_256_CTX *); +void SHA3_256_Update(SHA3_256_CTX *, const uint8_t *, size_t); +void SHA3_256_Final(uint8_t[SHA3_256_DIGEST_LENGTH], SHA3_256_CTX *); + +void SHA3_384_Init(SHA3_384_CTX *); +void SHA3_384_Update(SHA3_384_CTX *, const uint8_t *, size_t); +void SHA3_384_Final(uint8_t[SHA3_384_DIGEST_LENGTH], SHA3_384_CTX *); + +void SHA3_512_Init(SHA3_512_CTX *); +void SHA3_512_Update(SHA3_512_CTX *, const uint8_t *, size_t); +void SHA3_512_Final(uint8_t[SHA3_512_DIGEST_LENGTH], SHA3_512_CTX *); + +void SHAKE128_Init(SHAKE128_CTX *); +void SHAKE128_Update(SHAKE128_CTX *, const uint8_t *, size_t); +void SHAKE128_Final(uint8_t *, size_t, SHAKE128_CTX *); + +void SHAKE256_Init(SHAKE256_CTX *); +void SHAKE256_Update(SHAKE256_CTX *, const uint8_t *, size_t); +void SHAKE256_Final(uint8_t *, size_t, SHAKE256_CTX *); + +int SHA3_Selftest(void); + +char *SHA3_224_End(SHA3_224_CTX*, char[SHA3_224_DIGEST_STRING_LENGTH]); +char *SHA3_224_Data(const uint8_t*, size_t, unsigned char *); +char *SHA3_224_File(char *, char *); + +char *SHA3_256_End(SHA3_256_CTX*, char[SHA3_256_DIGEST_STRING_LENGTH]); +char *SHA3_256_Data(const uint8_t*, size_t, unsigned char *); +char *SHA3_256_File(char *, char *); + +char *SHA3_384_End(SHA3_384_CTX*, char[SHA3_384_DIGEST_STRING_LENGTH]); +char *SHA3_384_Data(const uint8_t*, size_t, unsigned char *); +char *SHA3_384_File(char *, char *); + +char *SHA3_512_End(SHA3_512_CTX*, char[SHA3_512_DIGEST_STRING_LENGTH]); +char *SHA3_512_Data(const uint8_t*, size_t, unsigned char *); +char *SHA3_512_File(char *, char *); + +__END_DECLS + +#endif /* SHA3_H */ diff --git a/pkgtools/digest/files/sha3hl.c b/pkgtools/digest/files/sha3hl.c new file mode 100644 index 00000000000..396fd9d59b9 --- /dev/null +++ b/pkgtools/digest/files/sha3hl.c @@ -0,0 +1,316 @@ +/* $NetBSD: sha3hl.c,v 1.1 2016/03/03 22:11:07 agc Exp $ */ + +/* + * sha3hl.c + * This code is derived from sha2hl.c, hence the following licence + * reproduction. + * + * This code is not a verbatim copy, since some routines have been added, + * and some bugs have been fixed. + * + * Version 1.0.0beta1 + * + * Written by Aaron D. Gifford <me@aarongifford.com> + * + * Copyright 2000 Aaron D. Gifford. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the names of contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) AND CONTRIBUTOR(S) ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) OR CONTRIBUTOR(S) BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + */ +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#ifdef HAVE_ERRNO_H +#include <errno.h> +#endif +#ifdef HAVE_FCNTL_H +#include <fcntl.h> +#endif +#include "sha3.h" +#include <assert.h> +#include <stdio.h> +#include <string.h> +#include <stdlib.h> +#include <unistd.h> + +#ifndef _DIAGASSERT +#define _DIAGASSERT(cond) assert(cond) +#endif + +#ifndef MEMSET_BZERO +#define MEMSET_BZERO(p,l) memset((p), 0, (l)) +#endif + +/* + * Constant used by SHA3_224/256/384/512_End() functions for converting the + * digest to a readable hexadecimal character string: + */ +static const char sha3_hex_digits[] = "0123456789abcdef"; + +char * +SHA3_224_File(char *filename, char *buf) +{ + unsigned char buffer[BUFSIZ * 20]; + SHA3_224_CTX ctx; + int fd, num, oerrno; + + _DIAGASSERT(filename != NULL); + /* XXX: buf may be NULL ? */ + + SHA3_224_Init(&ctx); + + if ((fd = open(filename, O_RDONLY)) < 0) + return (0); + + while ((num = read(fd, buffer, sizeof(buffer))) > 0) + SHA3_224_Update(&ctx, buffer, (size_t) num); + + oerrno = errno; + close(fd); + errno = oerrno; + return (num < 0 ? 0 : SHA3_224_End(&ctx, buf)); +} + + +char * +SHA3_224_End(SHA3_224_CTX *ctx, char buffer[]) +{ + unsigned char digest[SHA3_224_DIGEST_LENGTH], *d = digest; + unsigned char *ret; + int i; + + /* Sanity check: */ + assert(ctx != NULL); + + if ((ret = buffer) != NULL) { + SHA3_224_Final(digest, ctx); + + for (i = 0; i < SHA3_224_DIGEST_LENGTH; i++) { + *buffer++ = sha3_hex_digits[(*d & 0xf0) >> 4]; + *buffer++ = sha3_hex_digits[*d & 0x0f]; + d++; + } + *buffer = (char) 0; + } else { + (void) MEMSET_BZERO(ctx, sizeof(SHA3_224_CTX)); + } + (void) MEMSET_BZERO(digest, SHA3_224_DIGEST_LENGTH); + return ret; +} + +char * +SHA3_224_Data(const uint8_t * data, size_t len, unsigned char *digest) +{ + SHA3_224_CTX ctx; + + SHA3_224_Init(&ctx); + SHA3_224_Update(&ctx, data, len); + return SHA3_224_End(&ctx, digest); +} + +char * +SHA3_256_File(char *filename, char *buf) +{ + unsigned char buffer[BUFSIZ * 20]; + SHA3_256_CTX ctx; + int fd, num, oerrno; + + _DIAGASSERT(filename != NULL); + /* XXX: buf may be NULL ? */ + + SHA3_256_Init(&ctx); + + if ((fd = open(filename, O_RDONLY)) < 0) + return (0); + + while ((num = read(fd, buffer, sizeof(buffer))) > 0) + SHA3_256_Update(&ctx, buffer, (size_t) num); + + oerrno = errno; + close(fd); + errno = oerrno; + return (num < 0 ? 0 : SHA3_256_End(&ctx, buf)); +} + + +char * +SHA3_256_End(SHA3_256_CTX *ctx, char buffer[]) +{ + unsigned char digest[SHA3_256_DIGEST_LENGTH], *d = digest; + unsigned char *ret; + int i; + + /* Sanity check: */ + assert(ctx != NULL); + + if ((ret = buffer) != NULL) { + SHA3_256_Final(digest, ctx); + + for (i = 0; i < SHA3_256_DIGEST_LENGTH; i++) { + *buffer++ = sha3_hex_digits[(*d & 0xf0) >> 4]; + *buffer++ = sha3_hex_digits[*d & 0x0f]; + d++; + } + *buffer = (char) 0; + } else { + (void) MEMSET_BZERO(ctx, sizeof(SHA3_256_CTX)); + } + (void) MEMSET_BZERO(digest, SHA3_256_DIGEST_LENGTH); + return ret; +} + +char * +SHA3_256_Data(const uint8_t * data, size_t len, unsigned char *digest) +{ + SHA3_256_CTX ctx; + + SHA3_256_Init(&ctx); + SHA3_256_Update(&ctx, data, len); + return SHA3_256_End(&ctx, digest); +} + +char * +SHA3_384_File(char *filename, char *buf) +{ + unsigned char buffer[BUFSIZ * 20]; + SHA3_384_CTX ctx; + int fd, num, oerrno; + + _DIAGASSERT(filename != NULL); + /* XXX: buf may be NULL ? */ + + SHA3_384_Init(&ctx); + + if ((fd = open(filename, O_RDONLY)) < 0) + return (0); + + while ((num = read(fd, buffer, sizeof(buffer))) > 0) + SHA3_384_Update(&ctx, buffer, (size_t) num); + + oerrno = errno; + close(fd); + errno = oerrno; + return (num < 0 ? 0 : SHA3_384_End(&ctx, buf)); +} + + +char * +SHA3_384_End(SHA3_384_CTX *ctx, char buffer[]) +{ + unsigned char digest[SHA3_384_DIGEST_LENGTH], *d = digest; + unsigned char *ret; + int i; + + /* Sanity check: */ + assert(ctx != NULL); + + if ((ret = buffer) != NULL) { + SHA3_384_Final(digest, ctx); + + for (i = 0; i < SHA3_384_DIGEST_LENGTH; i++) { + *buffer++ = sha3_hex_digits[(*d & 0xf0) >> 4]; + *buffer++ = sha3_hex_digits[*d & 0x0f]; + d++; + } + *buffer = (char) 0; + } else { + (void) MEMSET_BZERO(ctx, sizeof(SHA3_384_CTX)); + } + (void) MEMSET_BZERO(digest, SHA3_384_DIGEST_LENGTH); + return ret; +} + +char * +SHA3_384_Data(const uint8_t * data, size_t len, unsigned char *digest) +{ + SHA3_384_CTX ctx; + + SHA3_384_Init(&ctx); + SHA3_384_Update(&ctx, data, len); + return SHA3_384_End(&ctx, digest); +} + +char * +SHA3_512_File(char *filename, char *buf) +{ + unsigned char buffer[BUFSIZ * 20]; + SHA3_512_CTX ctx; + int fd, num, oerrno; + + _DIAGASSERT(filename != NULL); + /* XXX: buf may be NULL ? */ + + SHA3_512_Init(&ctx); + + if ((fd = open(filename, O_RDONLY)) < 0) + return (0); + + while ((num = read(fd, buffer, sizeof(buffer))) > 0) + SHA3_512_Update(&ctx, buffer, (size_t) num); + + oerrno = errno; + close(fd); + errno = oerrno; + return (num < 0 ? 0 : SHA3_512_End(&ctx, buf)); +} + + +char * +SHA3_512_End(SHA3_512_CTX *ctx, char buffer[]) +{ + unsigned char digest[SHA3_512_DIGEST_LENGTH], *d = digest; + unsigned char *ret; + int i; + + /* Sanity check: */ + assert(ctx != NULL); + + if ((ret = buffer) != NULL) { + SHA3_512_Final(digest, ctx); + + for (i = 0; i < SHA3_512_DIGEST_LENGTH; i++) { + *buffer++ = sha3_hex_digits[(*d & 0xf0) >> 4]; + *buffer++ = sha3_hex_digits[*d & 0x0f]; + d++; + } + *buffer = (char) 0; + } else { + (void) MEMSET_BZERO(ctx, sizeof(SHA3_512_CTX)); + } + (void) MEMSET_BZERO(digest, SHA3_512_DIGEST_LENGTH); + return ret; +} + +char * +SHA3_512_Data(const uint8_t * data, size_t len, unsigned char *digest) +{ + SHA3_512_CTX ctx; + + SHA3_512_Init(&ctx); + SHA3_512_Update(&ctx, data, len); + return SHA3_512_End(&ctx, digest); +} + diff --git a/pkgtools/digest/files/tiger.h b/pkgtools/digest/files/tiger.h index e00ab5576d3..cf1ca901b0a 100644 --- a/pkgtools/digest/files/tiger.h +++ b/pkgtools/digest/files/tiger.h @@ -1,7 +1,8 @@ -/* $NetBSD: tiger.h,v 1.6 2010/01/23 13:25:12 obache Exp $ */ +/* $NetBSD: tiger.h,v 1.7 2016/03/03 22:11:07 agc Exp $ */ -/* - * Copyright © 2005 Alistair Crooks. All rights reserved. +/*- + * Copyright (c) 2005-2016 Alistair Crooks <agc@NetBSD.org> + * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -11,25 +12,17 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Alistair Crooks - * for the NetBSD project. - * 4. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE - * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef TIGER_H_ #define TIGER_H_ @@ -48,7 +41,7 @@ typedef struct tiger_context_t { uint64_t ctx[3]; - int first_time; + int first_time; } tiger_context_t; void TIGERInit(tiger_context_t *); |