diff --git a/README.md b/README.md index 041eb1ef..a2f87547 100644 --- a/README.md +++ b/README.md @@ -4,8 +4,9 @@ mirage-crypto is a small cryptographic library that puts emphasis on the applicative style and ease of use. It includes basic ciphers (AES, 3DES, RC4, -ChaCha20/Poly1305), hashes (MD5, SHA1, SHA2 family), AEAD primitives (AES-GCM, -AES-CCM), public-key primitives (RSA, DSA, DH) and a strong RNG (Fortuna). +ChaCha20/Poly1305), AEAD primitives (AES-GCM, AES-CCM, ChaCha20/Poly1305), +public-key primitives (RSA, DSA, DH), elliptic curves (NIST P-256, P-384, P-521, +and curve 25519), and a strong RNG (Fortuna). RSA timing attacks are countered by blinding. AES timing attacks are avoided by delegating to AES-NI. diff --git a/bench/speed.ml b/bench/speed.ml index c344f230..5ad317cc 100644 --- a/bench/speed.ml +++ b/bench/speed.ml @@ -1,7 +1,6 @@ open Mirage_crypto open Cipher_block -open Hash module Time = struct @@ -414,11 +413,6 @@ let benchmarks = [ reseed ~g "abcd" ; throughput name (fun cs -> generate_into ~g big_b ~off:0 (Cstruct.length cs))) ; - - bm "md5" (fun name -> throughput name MD5.digest) ; - bm "sha1" (fun name -> throughput name SHA1.digest) ; - bm "sha256" (fun name -> throughput name SHA256.digest) ; - bm "sha512" (fun name -> throughput name SHA512.digest) ; ] let help () = diff --git a/mirage-crypto.opam b/mirage-crypto.opam index 28854561..1f246383 100644 --- a/mirage-crypto.opam +++ b/mirage-crypto.opam @@ -25,6 +25,5 @@ conflicts: [ "result" {< "1.5"} ] description: """ -Mirage-crypto provides symmetric ciphers (DES, AES, RC4, ChaCha20/Poly1305), and -hashes (MD5, SHA-1, SHA-2). +Mirage-crypto provides symmetric ciphers (DES, AES, RC4, ChaCha20/Poly1305). """ diff --git a/mirage/unikernel.ml b/mirage/unikernel.ml index 6d9ca1d2..de173e81 100644 --- a/mirage/unikernel.ml +++ b/mirage/unikernel.ml @@ -5,16 +5,6 @@ module Main (R : Mirage_random.S) = struct (Mirage_crypto_rng.Entropy.sources ())) ; Logs.info (fun m -> m "64 byte random:@ %a" Cstruct.hexdump_pp (R.generate 64)) ; - Logs.info (fun m -> m "MD5 of the empty string %a" Cstruct.hexdump_pp - (Mirage_crypto.Hash.MD5.digest Cstruct.empty)); - Logs.info (fun m -> m "SHA1 of the empty string %a" Cstruct.hexdump_pp - (Mirage_crypto.Hash.SHA1.digest Cstruct.empty)); - Logs.info (fun m -> m "SHA256 of the empty string %a" Cstruct.hexdump_pp - (Mirage_crypto.Hash.SHA256.digest Cstruct.empty)); - Logs.info (fun m -> m "SHA384 of the empty string %a" Cstruct.hexdump_pp - (Mirage_crypto.Hash.SHA384.digest Cstruct.empty)); - Logs.info (fun m -> m "SHA512 of the empty string %a" Cstruct.hexdump_pp - (Mirage_crypto.Hash.SHA512.digest Cstruct.empty)); let n = Cstruct.create 32 in let key = Mirage_crypto.Chacha20.of_secret n and nonce = Cstruct.create 12 diff --git a/src/dune b/src/dune index db7dc7f1..fdf1b1bd 100644 --- a/src/dune +++ b/src/dune @@ -2,13 +2,13 @@ (name mirage_crypto) (public_name mirage-crypto) (libraries cstruct eqaf.cstruct) - (private_modules aead chacha20 ccm cipher_block cipher_stream hash native + (private_modules aead chacha20 ccm cipher_block cipher_stream native poly1305 uncommon) (foreign_stubs (language c) - (names detect_cpu_features misc misc_sse md5 sha1 sha256 sha512 hash_stubs - aes_generic aes_aesni ghash_generic ghash_pclmul ghash_ctmul des_generic - chacha poly1305-donna entropy_cpu_stubs) + (names detect_cpu_features misc misc_sse aes_generic aes_aesni ghash_generic + ghash_pclmul ghash_ctmul des_generic chacha poly1305-donna + entropy_cpu_stubs) (flags (:standard) (:include cflags_optimized.sexp))) diff --git a/src/hash.ml b/src/hash.ml deleted file mode 100644 index cdc443d2..00000000 --- a/src/hash.ml +++ /dev/null @@ -1,174 +0,0 @@ -open Uncommon - -type digest = Cstruct.t - -type 'a iter = 'a Uncommon.iter - -module type S = sig - - val digest_size : int - - type t - - val empty : t - val feed : t -> Cstruct.t -> t - val get : t -> Cstruct.t - - type hmac - - val hmac_empty : key:Cstruct.t -> hmac - val hmac_feed : hmac -> Cstruct.t -> hmac - val hmac_get : hmac -> digest - - val digest : Cstruct.t -> digest - val hmac : key:Cstruct.t -> Cstruct.t -> digest - - val feedi : t -> Cstruct.t iter -> t - val digesti : Cstruct.t iter -> digest - val hmaci : key:Cstruct.t -> Cstruct.t iter -> digest -end - -module type Foreign = sig - - open Native - - val init : ctx -> unit - val update : ctx -> buffer -> int -> unit - val finalize : ctx -> buffer -> unit - val ctx_size : unit -> int -end - -module type Desc = sig - val block_size : int - val digest_size : int -end - -module Core (F : Foreign) (D : Desc) = struct - - type t = Native.ctx - - include D - - let empty = Bytes.create (F.ctx_size ()) - - let _ = F.init empty - - let update t buf = - (* see issue #70 #81 #140 #143 for alignment considerations - (allocation below) *) - let l = Cstruct.length buf in - let b = - if buf.Cstruct.off = 0 then - buf - else - let b = Cstruct.create l in - Cstruct.blit buf 0 b 0 l; - b - in - F.update t b.Cstruct.buffer l - - let finalize t = - let res = Cstruct.create digest_size in - F.finalize t res.Cstruct.buffer ; - res - - let dup = Bytes.copy - - let get t = dup t |> finalize - - let feed t cs = let t = dup t in (update t cs ; t) - - let feedi t iter = let t = dup t in (iter (update t) ; t) - - let digest cs = feed empty cs |> finalize - - let digesti iter = feedi empty iter |> finalize -end - -module Hash_of (F : Foreign) (D : Desc) = struct - - include Core (F) (D) - - type hmac = t * t - - let opad = - let buf = Cstruct.create block_size in - Cstruct.memset buf 0x5c; - buf - let ipad = - let buf = Cstruct.create block_size in - Cstruct.memset buf 0x36; - buf - - let rec norm key = - match compare (Cstruct.length key) block_size with - | 1 -> norm (digest key) - | -1 -> Cs.rpad key block_size 0 - | _ -> key - - let hmac_empty ~key = - let key = norm key in - let outer = Cs.xor key opad - and inner = Cs.xor key ipad in - feed empty inner, feed empty outer - - let hmac_feed (t, outer) cs = - feed t cs, outer - - let hmac_get (t, outer) = - get (feed outer (get t)) - - let hmaci ~key iter = - let key = norm key in - let outer = Cs.xor key opad - and inner = Cs.xor key ipad in - let rest = digesti (fun f -> f inner; iter f) in - digesti (fun f -> f outer; f rest) - - let hmac ~key message = hmaci ~key (fun f -> f message) -end - -module MD5 = Hash_of (Native.MD5) ( struct - let (digest_size, block_size) = (16, 64) -end ) - -module SHA1 = Hash_of (Native.SHA1) ( struct - let (digest_size, block_size) = (20, 64) -end ) - -module SHA224 = Hash_of (Native.SHA224) ( struct - let (digest_size, block_size) = (28, 64) -end ) - -module SHA256 = Hash_of (Native.SHA256) ( struct - let (digest_size, block_size) = (32, 64) -end ) - -module SHA384 = Hash_of (Native.SHA384) ( struct - let (digest_size, block_size) = (48, 128) -end ) - -module SHA512 = Hash_of (Native.SHA512) ( struct - let (digest_size, block_size) = (64, 128) -end ) - -type hash = [ `MD5 | `SHA1 | `SHA224 | `SHA256 | `SHA384 | `SHA512 ] - -let hashes = [ `MD5; `SHA1; `SHA224; `SHA256; `SHA384; `SHA512 ] - -let md5 = (module MD5 : S) -and sha1 = (module SHA1 : S) -and sha224 = (module SHA224 : S) -and sha256 = (module SHA256 : S) -and sha384 = (module SHA384 : S) -and sha512 = (module SHA512 : S) - -let module_of = function - | `MD5 -> md5 | `SHA1 -> sha1 | `SHA224 -> sha224 - | `SHA256 -> sha256 | `SHA384 -> sha384 | `SHA512 -> sha512 - -let digest hash = let module H = (val (module_of hash)) in H.digest -let digesti hash = let module H = (val (module_of hash)) in H.digesti -let mac hash = let module H = (val (module_of hash)) in H.hmac -let maci hash = let module H = (val (module_of hash)) in H.hmaci -let digest_size hash = let module H = (val (module_of hash)) in H.digest_size diff --git a/src/mirage_crypto.ml b/src/mirage_crypto.ml index f3dd400c..17118a9a 100644 --- a/src/mirage_crypto.ml +++ b/src/mirage_crypto.ml @@ -1,5 +1,4 @@ module Uncommon = Uncommon -module Hash = Hash module Poly1305 = Poly1305.It module type AEAD = Aead.AEAD module Cipher_block = Cipher_block diff --git a/src/mirage_crypto.mli b/src/mirage_crypto.mli index 231f433c..2fd010c3 100644 --- a/src/mirage_crypto.mli +++ b/src/mirage_crypto.mli @@ -63,142 +63,6 @@ end (**/**) -(** {1 Hashing} *) - -(** Hashes. - - Each algorithm is contained in its own {{!Hash.S}module}, with - high-level operations accessible through functions that - dispatch on {{!Hash.hash}code} value. *) -module Hash : sig - - type digest = Cstruct.t - - type 'a iter = ('a -> unit) -> unit - (** A general (inner) iterator. It applies the provided function to a - collection of elements. - - For instance: - - {ul - {- [let iter_k : 'a -> 'a iter = fun x f -> f x]} - {- [let iter_pair : 'a * 'a -> 'a iter = fun (x, y) f = f x; f y]} - {- [let iter_list : 'a list -> 'a iter = fun xs f -> List.iter f xs]}} *) - - (** {1 Hashing algorithms} *) - - (** A single hash algorithm. *) - module type S = sig - - val digest_size : int - (** Size of digests (in bytes). *) - - (** {1 Core operations} *) - - type t - (** Represents a running hash computation in a way suitable for appending - inputs. *) - - val empty : t - (** [empty] is the hash of the empty string. *) - - val feed : t -> Cstruct.t -> t - (** [feed t msg] adds the information in [msg] to [t]. - - [feed] is analogous to appending: - [feed (feed t msg1) msg2 = feed t (Cstruct.append msg1 msg2)]. *) - - val get : t -> digest - (** [get t] is the digest corresponding to [t]. *) - - (** {1 HMAC operations} *) - - type hmac - (** Represents a running hmac computation in a way suitable for appending - inputs. *) - - val hmac_empty : key:Cstruct.t -> hmac - (** [hmac ~key] is the hmac of the empty string using key [key]. *) - - val hmac_feed : hmac -> Cstruct.t -> hmac - (** [feed hmac msg] is analogous to [feed]. *) - - val hmac_get : hmac -> digest - (** [hmac_get hmac] is the hmac corresponding to [hmac]. *) - - (** {1 All-in-one} - - Functions that operate on data stored in a single chunk. *) - - val digest : Cstruct.t -> digest - (** [digest msg] is the digest of [msg]. - - [digest msg = get (feed empty msg)] *) - - val hmac : key:Cstruct.t -> Cstruct.t -> digest - (** [hmac ~key bytes] is the authentication code for [bytes] under the - secret [key], generated using the standard HMAC construction over this - hash algorithm. *) - - (** {1 Functions over iterators} - - Functions that operate on arbitrary {{!iter}iterators}. They can serve - as a basis for other, more specialized aggregate hashing operations. - - These functions are a little faster than using {{!feed}[feed]} directly. *) - - val feedi : t -> Cstruct.t iter -> t - (** [feedi t iter = - (let r = ref t in iter (fun msg -> r := feed !r msg); !r)] *) - - val digesti : Cstruct.t iter -> digest - (** [digesti iter = feedi empty iter |> get] *) - - val hmaci : key:Cstruct.t -> Cstruct.t iter -> digest - (** See {{!val-hmac}[hmac]}. *) - end - - module MD5 : S - module SHA1 : S - module SHA224 : S - module SHA256 : S - module SHA384 : S - module SHA512 : S - - (** {1 Codes-based interface} *) - - type hash = [ `MD5 | `SHA1 | `SHA224 | `SHA256 | `SHA384 | `SHA512 ] - (** Algorithm codes. *) - - val hashes : hash list - (** [hashes] is a list of all implemented hash algorithms. *) - - val module_of : [< hash ] -> (module S) - (** [module_of hash] is the (first-class) module corresponding to the code - [hash]. - - This is the most convenient way to go from a code to a module. *) - - (** {1 Hash functions} *) - - val digest : [< hash ] -> Cstruct.t -> digest - (** [digest algorithm bytes] is [algorithm] applied to [bytes]. *) - - val digesti : [< hash ] -> Cstruct.t iter -> digest - (** [digesti algorithm iter] is [algorithm] applied to [iter]. *) - - val mac : [< hash ] -> key:Cstruct.t -> Cstruct.t -> digest - (** [mac algorithm ~key bytes] is the mac [algorithm] applied to [bytes] - under [key]. *) - - val maci : [< hash ] -> key:Cstruct.t -> Cstruct.t iter -> digest - (** [maci algorithm ~key iter] is the mac [algorithm] applied to [iter] under - [key]. *) - - val digest_size : [< hash ] -> int - (** [digest_size algorithm] is the size of the [algorithm] in bytes. *) -end - (** The poly1305 message authentication code *) module Poly1305 : sig type mac = string diff --git a/src/native.ml b/src/native.ml index 75ae38f1..1cc91aa4 100644 --- a/src/native.ml +++ b/src/native.ml @@ -42,48 +42,6 @@ module Poly1305 = struct external mac_size : unit -> int = "mc_poly1305_mac_size" [@@noalloc] end -module MD5 = struct - external init : ctx -> unit = "mc_md5_init" [@@noalloc] - external update : ctx -> buffer -> size -> unit = "mc_md5_update" [@@noalloc] - external finalize : ctx -> buffer -> unit = "mc_md5_finalize" [@@noalloc] - external ctx_size : unit -> int = "mc_md5_ctx_size" [@@noalloc] -end - -module SHA1 = struct - external init : ctx -> unit = "mc_sha1_init" [@@noalloc] - external update : ctx -> buffer -> size -> unit = "mc_sha1_update" [@@noalloc] - external finalize : ctx -> buffer -> unit = "mc_sha1_finalize" [@@noalloc] - external ctx_size : unit -> int = "mc_sha1_ctx_size" [@@noalloc] -end - -module SHA224 = struct - external init : ctx -> unit = "mc_sha224_init" [@@noalloc] - external update : ctx -> buffer -> size -> unit = "mc_sha224_update" [@@noalloc] - external finalize : ctx -> buffer -> unit = "mc_sha224_finalize" [@@noalloc] - external ctx_size : unit -> int = "mc_sha224_ctx_size" [@@noalloc] -end - -module SHA256 = struct - external init : ctx -> unit = "mc_sha256_init" [@@noalloc] - external update : ctx -> buffer -> size -> unit = "mc_sha256_update" [@@noalloc] - external finalize : ctx -> buffer -> unit = "mc_sha256_finalize" [@@noalloc] - external ctx_size : unit -> int = "mc_sha256_ctx_size" [@@noalloc] -end - -module SHA384 = struct - external init : ctx -> unit = "mc_sha384_init" [@@noalloc] - external update : ctx -> buffer -> size -> unit = "mc_sha384_update" [@@noalloc] - external finalize : ctx -> buffer -> unit = "mc_sha384_finalize" [@@noalloc] - external ctx_size : unit -> int = "mc_sha384_ctx_size" [@@noalloc] -end - -module SHA512 = struct - external init : ctx -> unit = "mc_sha512_init" [@@noalloc] - external update : ctx -> buffer -> size -> unit = "mc_sha512_update" [@@noalloc] - external finalize : ctx -> buffer -> unit = "mc_sha512_finalize" [@@noalloc] - external ctx_size : unit -> int = "mc_sha512_ctx_size" [@@noalloc] -end - module GHASH = struct external keysize : unit -> int = "mc_ghash_key_size" [@@noalloc] external keyinit : buffer -> off -> bytes -> unit = "mc_ghash_init_key" [@@noalloc] diff --git a/src/native/hash_stubs.c b/src/native/hash_stubs.c deleted file mode 100644 index d3d783b2..00000000 --- a/src/native/hash_stubs.c +++ /dev/null @@ -1,41 +0,0 @@ -#include "mirage_crypto.h" - -#include "md5.h" -#include "sha1.h" -#include "sha256.h" -#include "sha512.h" - -#define __define_hash(name, upper) \ - \ - CAMLprim value \ - mc_ ## name ## _init (value ctx) { \ - _mc_ ## name ## _init ((struct name ## _ctx *) Bytes_val (ctx)); \ - return Val_unit; \ - } \ - \ - CAMLprim value \ - mc_ ## name ## _update (value ctx, value src, value len) { \ - _mc_ ## name ## _update ( \ - (struct name ## _ctx *) Bytes_val (ctx), \ - _ba_uint8 (src), Int_val (len)); \ - return Val_unit; \ - } \ - \ - CAMLprim value \ - mc_ ## name ## _finalize (value ctx, value dst) { \ - _mc_ ## name ## _finalize ( \ - (struct name ## _ctx *) Bytes_val (ctx), _ba_uint8 (dst)); \ - return Val_unit; \ - } \ - \ - CAMLprim value \ - mc_ ## name ## _ctx_size (__unit ()) { \ - return Val_int (upper ## _CTX_SIZE); \ - } - -__define_hash (md5, MD5) -__define_hash (sha1, SHA1) -__define_hash (sha224, SHA224) -__define_hash (sha256, SHA256) -__define_hash (sha384, SHA384) -__define_hash (sha512, SHA512) diff --git a/src/native/md5.c b/src/native/md5.c deleted file mode 100644 index 03996961..00000000 --- a/src/native/md5.c +++ /dev/null @@ -1,178 +0,0 @@ -/* - * Copyright (C) 2006-2009 Vincent Hanquez - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include -#include -#include "bitfn.h" -#include "md5.h" - -void _mc_md5_init(struct md5_ctx *ctx) -{ - memset(ctx, 0, sizeof(*ctx)); - - ctx->sz = 0ULL; - ctx->h[0] = 0x67452301; - ctx->h[1] = 0xefcdab89; - ctx->h[2] = 0x98badcfe; - ctx->h[3] = 0x10325476; -} - -#define f1(x, y, z) (z ^ (x & (y ^ z))) -#define f2(x, y, z) f1(z, x, y) -#define f3(x, y, z) (x ^ y ^ z) -#define f4(x, y, z) (y ^ (x | ~z)) -#define R(f, a, b, c, d, i, k, s) a += f(b, c, d) + w[i] + k; a = rol32(a, s); a += b - -static void md5_do_chunk(struct md5_ctx *ctx, uint32_t *buf) -{ - uint32_t a, b, c, d; -#ifdef ARCH_IS_BIG_ENDIAN - uint32_t w[16]; - cpu_to_le32_array(w, buf, 16); -#else - uint32_t *w = buf; -#endif - a = ctx->h[0]; b = ctx->h[1]; c = ctx->h[2]; d = ctx->h[3]; - - R(f1, a, b, c, d, 0, 0xd76aa478, 7); - R(f1, d, a, b, c, 1, 0xe8c7b756, 12); - R(f1, c, d, a, b, 2, 0x242070db, 17); - R(f1, b, c, d, a, 3, 0xc1bdceee, 22); - R(f1, a, b, c, d, 4, 0xf57c0faf, 7); - R(f1, d, a, b, c, 5, 0x4787c62a, 12); - R(f1, c, d, a, b, 6, 0xa8304613, 17); - R(f1, b, c, d, a, 7, 0xfd469501, 22); - R(f1, a, b, c, d, 8, 0x698098d8, 7); - R(f1, d, a, b, c, 9, 0x8b44f7af, 12); - R(f1, c, d, a, b, 10, 0xffff5bb1, 17); - R(f1, b, c, d, a, 11, 0x895cd7be, 22); - R(f1, a, b, c, d, 12, 0x6b901122, 7); - R(f1, d, a, b, c, 13, 0xfd987193, 12); - R(f1, c, d, a, b, 14, 0xa679438e, 17); - R(f1, b, c, d, a, 15, 0x49b40821, 22); - - R(f2, a, b, c, d, 1, 0xf61e2562, 5); - R(f2, d, a, b, c, 6, 0xc040b340, 9); - R(f2, c, d, a, b, 11, 0x265e5a51, 14); - R(f2, b, c, d, a, 0, 0xe9b6c7aa, 20); - R(f2, a, b, c, d, 5, 0xd62f105d, 5); - R(f2, d, a, b, c, 10, 0x02441453, 9); - R(f2, c, d, a, b, 15, 0xd8a1e681, 14); - R(f2, b, c, d, a, 4, 0xe7d3fbc8, 20); - R(f2, a, b, c, d, 9, 0x21e1cde6, 5); - R(f2, d, a, b, c, 14, 0xc33707d6, 9); - R(f2, c, d, a, b, 3, 0xf4d50d87, 14); - R(f2, b, c, d, a, 8, 0x455a14ed, 20); - R(f2, a, b, c, d, 13, 0xa9e3e905, 5); - R(f2, d, a, b, c, 2, 0xfcefa3f8, 9); - R(f2, c, d, a, b, 7, 0x676f02d9, 14); - R(f2, b, c, d, a, 12, 0x8d2a4c8a, 20); - - R(f3, a, b, c, d, 5, 0xfffa3942, 4); - R(f3, d, a, b, c, 8, 0x8771f681, 11); - R(f3, c, d, a, b, 11, 0x6d9d6122, 16); - R(f3, b, c, d, a, 14, 0xfde5380c, 23); - R(f3, a, b, c, d, 1, 0xa4beea44, 4); - R(f3, d, a, b, c, 4, 0x4bdecfa9, 11); - R(f3, c, d, a, b, 7, 0xf6bb4b60, 16); - R(f3, b, c, d, a, 10, 0xbebfbc70, 23); - R(f3, a, b, c, d, 13, 0x289b7ec6, 4); - R(f3, d, a, b, c, 0, 0xeaa127fa, 11); - R(f3, c, d, a, b, 3, 0xd4ef3085, 16); - R(f3, b, c, d, a, 6, 0x04881d05, 23); - R(f3, a, b, c, d, 9, 0xd9d4d039, 4); - R(f3, d, a, b, c, 12, 0xe6db99e5, 11); - R(f3, c, d, a, b, 15, 0x1fa27cf8, 16); - R(f3, b, c, d, a, 2, 0xc4ac5665, 23); - - R(f4, a, b, c, d, 0, 0xf4292244, 6); - R(f4, d, a, b, c, 7, 0x432aff97, 10); - R(f4, c, d, a, b, 14, 0xab9423a7, 15); - R(f4, b, c, d, a, 5, 0xfc93a039, 21); - R(f4, a, b, c, d, 12, 0x655b59c3, 6); - R(f4, d, a, b, c, 3, 0x8f0ccc92, 10); - R(f4, c, d, a, b, 10, 0xffeff47d, 15); - R(f4, b, c, d, a, 1, 0x85845dd1, 21); - R(f4, a, b, c, d, 8, 0x6fa87e4f, 6); - R(f4, d, a, b, c, 15, 0xfe2ce6e0, 10); - R(f4, c, d, a, b, 6, 0xa3014314, 15); - R(f4, b, c, d, a, 13, 0x4e0811a1, 21); - R(f4, a, b, c, d, 4, 0xf7537e82, 6); - R(f4, d, a, b, c, 11, 0xbd3af235, 10); - R(f4, c, d, a, b, 2, 0x2ad7d2bb, 15); - R(f4, b, c, d, a, 9, 0xeb86d391, 21); - - ctx->h[0] += a; ctx->h[1] += b; ctx->h[2] += c; ctx->h[3] += d; -} - -void _mc_md5_update(struct md5_ctx *ctx, uint8_t *data, uint32_t len) -{ - uint32_t index, to_fill; - - index = (uint32_t) (ctx->sz & 0x3f); - to_fill = 64 - index; - - ctx->sz += len; - - if (index && len >= to_fill) { - memcpy(ctx->buf + index, data, to_fill); - md5_do_chunk(ctx, (uint32_t *) ctx->buf); - len -= to_fill; - data += to_fill; - index = 0; - } - - /* process as much 64-block as possible */ - for (; len >= 64; len -= 64, data += 64) - md5_do_chunk(ctx, (uint32_t *) data); - - /* append data into buf */ - if (len) - memcpy(ctx->buf + index, data, len); -} - -void _mc_md5_finalize(struct md5_ctx *ctx, uint8_t *out) -{ - static uint8_t padding[64] = { 0x80, }; - uint64_t bits; - uint32_t index, padlen; - uint32_t *p = (uint32_t *) out; - - /* add padding and update data with it */ - bits = cpu_to_le64(ctx->sz << 3); - - /* pad out to 56 */ - index = (uint32_t) (ctx->sz & 0x3f); - padlen = (index < 56) ? (56 - index) : ((64 + 56) - index); - _mc_md5_update(ctx, padding, padlen); - - /* append length */ - _mc_md5_update(ctx, (uint8_t *) &bits, sizeof(bits)); - - /* output hash */ - p[0] = cpu_to_le32(ctx->h[0]); - p[1] = cpu_to_le32(ctx->h[1]); - p[2] = cpu_to_le32(ctx->h[2]); - p[3] = cpu_to_le32(ctx->h[3]); -} diff --git a/src/native/md5.h b/src/native/md5.h deleted file mode 100644 index 5db33e13..00000000 --- a/src/native/md5.h +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright (C) 2006-2009 Vincent Hanquez - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -#ifndef CRYPTOHASH_MD5_H -#define CRYPTOHASH_MD5_H - -#include - -struct md5_ctx -{ - uint64_t sz; - uint8_t buf[64]; - uint32_t h[4]; -}; - -#define MD5_DIGEST_SIZE 16 -#define MD5_CTX_SIZE sizeof(struct md5_ctx) - -void _mc_md5_init(struct md5_ctx *ctx); -void _mc_md5_update(struct md5_ctx *ctx, uint8_t *data, uint32_t len); -void _mc_md5_finalize(struct md5_ctx *ctx, uint8_t *out); - -#endif diff --git a/src/native/sha1.c b/src/native/sha1.c deleted file mode 100644 index 6bbbf7b5..00000000 --- a/src/native/sha1.c +++ /dev/null @@ -1,209 +0,0 @@ -/* - * Copyright (C) 2006-2009 Vincent Hanquez - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include -#include "sha1.h" -#include "bitfn.h" - -void _mc_sha1_init(struct sha1_ctx *ctx) -{ - memset(ctx, 0, sizeof(*ctx)); - - ctx->h[0] = 0x67452301; - ctx->h[1] = 0xefcdab89; - ctx->h[2] = 0x98badcfe; - ctx->h[3] = 0x10325476; - ctx->h[4] = 0xc3d2e1f0; -} - -#define f1(x, y, z) (z ^ (x & (y ^ z))) -#define f2(x, y, z) (x ^ y ^ z) -#define f3(x, y, z) ((x & y) + (z & (x ^ y))) -#define f4(x, y, z) f2(x, y, z) - -#define K1 0x5a827999 -#define K2 0x6ed9eba1 -#define K3 0x8f1bbcdc -#define K4 0xca62c1d6 - -#define R(a, b, c, d, e, f, k, w) \ - e += rol32(a, 5) + f(b, c, d) + k + w; b = rol32(b, 30) - -#define M(i) (w[i & 0x0f] = rol32(w[i & 0x0f] ^ w[(i - 14) & 0x0f] \ - ^ w[(i - 8) & 0x0f] ^ w[(i - 3) & 0x0f], 1)) - -static inline void sha1_do_chunk(struct sha1_ctx *ctx, uint32_t *buf) -{ - uint32_t a, b, c, d, e; - uint32_t w[16]; -#define CPY(i) w[i] = be32_to_cpu(buf[i]) - CPY(0); CPY(1); CPY(2); CPY(3); CPY(4); CPY(5); CPY(6); CPY(7); - CPY(8); CPY(9); CPY(10); CPY(11); CPY(12); CPY(13); CPY(14); CPY(15); -#undef CPY - - a = ctx->h[0]; b = ctx->h[1]; c = ctx->h[2]; d = ctx->h[3]; e = ctx->h[4]; - - R(a, b, c, d, e, f1, K1, w[0]); - R(e, a, b, c, d, f1, K1, w[1]); - R(d, e, a, b, c, f1, K1, w[2]); - R(c, d, e, a, b, f1, K1, w[3]); - R(b, c, d, e, a, f1, K1, w[4]); - R(a, b, c, d, e, f1, K1, w[5]); - R(e, a, b, c, d, f1, K1, w[6]); - R(d, e, a, b, c, f1, K1, w[7]); - R(c, d, e, a, b, f1, K1, w[8]); - R(b, c, d, e, a, f1, K1, w[9]); - R(a, b, c, d, e, f1, K1, w[10]); - R(e, a, b, c, d, f1, K1, w[11]); - R(d, e, a, b, c, f1, K1, w[12]); - R(c, d, e, a, b, f1, K1, w[13]); - R(b, c, d, e, a, f1, K1, w[14]); - R(a, b, c, d, e, f1, K1, w[15]); - R(e, a, b, c, d, f1, K1, M(16)); - R(d, e, a, b, c, f1, K1, M(17)); - R(c, d, e, a, b, f1, K1, M(18)); - R(b, c, d, e, a, f1, K1, M(19)); - - R(a, b, c, d, e, f2, K2, M(20)); - R(e, a, b, c, d, f2, K2, M(21)); - R(d, e, a, b, c, f2, K2, M(22)); - R(c, d, e, a, b, f2, K2, M(23)); - R(b, c, d, e, a, f2, K2, M(24)); - R(a, b, c, d, e, f2, K2, M(25)); - R(e, a, b, c, d, f2, K2, M(26)); - R(d, e, a, b, c, f2, K2, M(27)); - R(c, d, e, a, b, f2, K2, M(28)); - R(b, c, d, e, a, f2, K2, M(29)); - R(a, b, c, d, e, f2, K2, M(30)); - R(e, a, b, c, d, f2, K2, M(31)); - R(d, e, a, b, c, f2, K2, M(32)); - R(c, d, e, a, b, f2, K2, M(33)); - R(b, c, d, e, a, f2, K2, M(34)); - R(a, b, c, d, e, f2, K2, M(35)); - R(e, a, b, c, d, f2, K2, M(36)); - R(d, e, a, b, c, f2, K2, M(37)); - R(c, d, e, a, b, f2, K2, M(38)); - R(b, c, d, e, a, f2, K2, M(39)); - - R(a, b, c, d, e, f3, K3, M(40)); - R(e, a, b, c, d, f3, K3, M(41)); - R(d, e, a, b, c, f3, K3, M(42)); - R(c, d, e, a, b, f3, K3, M(43)); - R(b, c, d, e, a, f3, K3, M(44)); - R(a, b, c, d, e, f3, K3, M(45)); - R(e, a, b, c, d, f3, K3, M(46)); - R(d, e, a, b, c, f3, K3, M(47)); - R(c, d, e, a, b, f3, K3, M(48)); - R(b, c, d, e, a, f3, K3, M(49)); - R(a, b, c, d, e, f3, K3, M(50)); - R(e, a, b, c, d, f3, K3, M(51)); - R(d, e, a, b, c, f3, K3, M(52)); - R(c, d, e, a, b, f3, K3, M(53)); - R(b, c, d, e, a, f3, K3, M(54)); - R(a, b, c, d, e, f3, K3, M(55)); - R(e, a, b, c, d, f3, K3, M(56)); - R(d, e, a, b, c, f3, K3, M(57)); - R(c, d, e, a, b, f3, K3, M(58)); - R(b, c, d, e, a, f3, K3, M(59)); - - R(a, b, c, d, e, f4, K4, M(60)); - R(e, a, b, c, d, f4, K4, M(61)); - R(d, e, a, b, c, f4, K4, M(62)); - R(c, d, e, a, b, f4, K4, M(63)); - R(b, c, d, e, a, f4, K4, M(64)); - R(a, b, c, d, e, f4, K4, M(65)); - R(e, a, b, c, d, f4, K4, M(66)); - R(d, e, a, b, c, f4, K4, M(67)); - R(c, d, e, a, b, f4, K4, M(68)); - R(b, c, d, e, a, f4, K4, M(69)); - R(a, b, c, d, e, f4, K4, M(70)); - R(e, a, b, c, d, f4, K4, M(71)); - R(d, e, a, b, c, f4, K4, M(72)); - R(c, d, e, a, b, f4, K4, M(73)); - R(b, c, d, e, a, f4, K4, M(74)); - R(a, b, c, d, e, f4, K4, M(75)); - R(e, a, b, c, d, f4, K4, M(76)); - R(d, e, a, b, c, f4, K4, M(77)); - R(c, d, e, a, b, f4, K4, M(78)); - R(b, c, d, e, a, f4, K4, M(79)); - - ctx->h[0] += a; - ctx->h[1] += b; - ctx->h[2] += c; - ctx->h[3] += d; - ctx->h[4] += e; -} - -void _mc_sha1_update(struct sha1_ctx *ctx, uint8_t *data, uint32_t len) -{ - uint32_t index, to_fill; - - index = (uint32_t) (ctx->sz & 0x3f); - to_fill = 64 - index; - - ctx->sz += len; - - /* process partial buffer if there's enough data to make a block */ - if (index && len >= to_fill) { - memcpy(ctx->buf + index, data, to_fill); - sha1_do_chunk(ctx, (uint32_t *) ctx->buf); - len -= to_fill; - data += to_fill; - index = 0; - } - - /* process as much 64-block as possible */ - for (; len >= 64; len -= 64, data += 64) - sha1_do_chunk(ctx, (uint32_t *) data); - - /* append data into buf */ - if (len) - memcpy(ctx->buf + index, data, len); -} - -void _mc_sha1_finalize(struct sha1_ctx *ctx, uint8_t *out) -{ - static uint8_t padding[64] = { 0x80, }; - uint64_t bits; - uint32_t index, padlen; - uint32_t *p = (uint32_t *) out; - - /* add padding and update data with it */ - bits = cpu_to_be64(ctx->sz << 3); - - /* pad out to 56 */ - index = (uint32_t) (ctx->sz & 0x3f); - padlen = (index < 56) ? (56 - index) : ((64 + 56) - index); - _mc_sha1_update(ctx, padding, padlen); - - /* append length */ - _mc_sha1_update(ctx, (uint8_t *) &bits, sizeof(bits)); - - /* output hash */ - p[0] = cpu_to_be32(ctx->h[0]); - p[1] = cpu_to_be32(ctx->h[1]); - p[2] = cpu_to_be32(ctx->h[2]); - p[3] = cpu_to_be32(ctx->h[3]); - p[4] = cpu_to_be32(ctx->h[4]); -} diff --git a/src/native/sha1.h b/src/native/sha1.h deleted file mode 100644 index 294d19df..00000000 --- a/src/native/sha1.h +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright (C) 2006-2009 Vincent Hanquez - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -#ifndef CRYPTOHASH_SHA1_H -#define CRYPTOHASH_SHA1_H - -#include - -struct sha1_ctx -{ - uint64_t sz; - uint8_t buf[64]; - uint32_t h[5]; -}; - -#define SHA1_DIGEST_SIZE 20 -#define SHA1_CTX_SIZE (sizeof(struct sha1_ctx)) - -void _mc_sha1_init(struct sha1_ctx *ctx); -void _mc_sha1_update(struct sha1_ctx *ctx, uint8_t *data, uint32_t len); -void _mc_sha1_finalize(struct sha1_ctx *ctx, uint8_t *out); - -#endif diff --git a/src/native/sha256.c b/src/native/sha256.c deleted file mode 100644 index afb67b7d..00000000 --- a/src/native/sha256.c +++ /dev/null @@ -1,175 +0,0 @@ -/* - * Copyright (C) 2006-2009 Vincent Hanquez - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include -#include "sha256.h" -#include "bitfn.h" - -void _mc_sha224_init(struct sha224_ctx *ctx) -{ - memset(ctx, 0, sizeof(*ctx)); - - ctx->h[0] = 0xc1059ed8; - ctx->h[1] = 0x367cd507; - ctx->h[2] = 0x3070dd17; - ctx->h[3] = 0xf70e5939; - ctx->h[4] = 0xffc00b31; - ctx->h[5] = 0x68581511; - ctx->h[6] = 0x64f98fa7; - ctx->h[7] = 0xbefa4fa4; -} - -void _mc_sha256_init(struct sha256_ctx *ctx) -{ - memset(ctx, 0, sizeof(*ctx)); - - ctx->h[0] = 0x6a09e667; - ctx->h[1] = 0xbb67ae85; - ctx->h[2] = 0x3c6ef372; - ctx->h[3] = 0xa54ff53a; - ctx->h[4] = 0x510e527f; - ctx->h[5] = 0x9b05688c; - ctx->h[6] = 0x1f83d9ab; - ctx->h[7] = 0x5be0cd19; -} - -/* 232 times the cube root of the first 64 primes 2..311 */ -static const uint32_t k[] = { - 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, - 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, - 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, - 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, - 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, - 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, - 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b, - 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, - 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, - 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, - 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 -}; - -#define e0(x) (ror32(x, 2) ^ ror32(x,13) ^ ror32(x,22)) -#define e1(x) (ror32(x, 6) ^ ror32(x,11) ^ ror32(x,25)) -#define s0(x) (ror32(x, 7) ^ ror32(x,18) ^ (x >> 3)) -#define s1(x) (ror32(x,17) ^ ror32(x,19) ^ (x >> 10)) - -static void sha256_do_chunk(struct sha256_ctx *ctx, uint32_t buf[]) -{ - uint32_t a, b, c, d, e, f, g, h, t1, t2; - int i; - uint32_t w[64]; - - cpu_to_be32_array(w, buf, 16); - for (i = 16; i < 64; i++) - w[i] = s1(w[i - 2]) + w[i - 7] + s0(w[i - 15]) + w[i - 16]; - - a = ctx->h[0]; b = ctx->h[1]; c = ctx->h[2]; d = ctx->h[3]; - e = ctx->h[4]; f = ctx->h[5]; g = ctx->h[6]; h = ctx->h[7]; - -#define R(a, b, c, d, e, f, g, h, k, w) \ - t1 = h + e1(e) + (g ^ (e & (f ^ g))) + k + w; \ - t2 = e0(a) + ((a & b) | (c & (a | b))); \ - d += t1; \ - h = t1 + t2; - - for (i = 0; i < 64; i += 8) { - R(a, b, c, d, e, f, g, h, k[i + 0], w[i + 0]); - R(h, a, b, c, d, e, f, g, k[i + 1], w[i + 1]); - R(g, h, a, b, c, d, e, f, k[i + 2], w[i + 2]); - R(f, g, h, a, b, c, d, e, k[i + 3], w[i + 3]); - R(e, f, g, h, a, b, c, d, k[i + 4], w[i + 4]); - R(d, e, f, g, h, a, b, c, k[i + 5], w[i + 5]); - R(c, d, e, f, g, h, a, b, k[i + 6], w[i + 6]); - R(b, c, d, e, f, g, h, a, k[i + 7], w[i + 7]); - } - -#undef R - - ctx->h[0] += a; ctx->h[1] += b; ctx->h[2] += c; ctx->h[3] += d; - ctx->h[4] += e; ctx->h[5] += f; ctx->h[6] += g; ctx->h[7] += h; -} - -void _mc_sha224_update(struct sha224_ctx *ctx, uint8_t *data, uint32_t len) -{ - _mc_sha256_update(ctx, data, len); -} - -void _mc_sha256_update(struct sha256_ctx *ctx, uint8_t *data, uint32_t len) -{ - uint32_t index, to_fill; - - /* check for partial buffer */ - index = (uint32_t) (ctx->sz & 0x3f); - to_fill = 64 - index; - - ctx->sz += len; - - /* process partial buffer if there's enough data to make a block */ - if (index && len >= to_fill) { - memcpy(ctx->buf + index, data, to_fill); - sha256_do_chunk(ctx, (uint32_t *) ctx->buf); - len -= to_fill; - data += to_fill; - index = 0; - } - - /* process as much 64-block as possible */ - for (; len >= 64; len -= 64, data += 64) - sha256_do_chunk(ctx, (uint32_t *) data); - - /* append data into buf */ - if (len) - memcpy(ctx->buf + index, data, len); -} - -void _mc_sha224_finalize(struct sha224_ctx *ctx, uint8_t *out) -{ - uint8_t intermediate[SHA256_DIGEST_SIZE]; - - _mc_sha256_finalize(ctx, intermediate); - memcpy(out, intermediate, SHA224_DIGEST_SIZE); -} - -void _mc_sha256_finalize(struct sha256_ctx *ctx, uint8_t *out) -{ - static uint8_t padding[64] = { 0x80, }; - uint64_t bits; - uint32_t i, index, padlen; - uint32_t *p = (uint32_t *) out; - - /* cpu -> big endian */ - bits = cpu_to_be64(ctx->sz << 3); - - /* pad out to 56 */ - index = (uint32_t) (ctx->sz & 0x3f); - padlen = (index < 56) ? (56 - index) : ((64 + 56) - index); - _mc_sha256_update(ctx, padding, padlen); - - /* append length */ - _mc_sha256_update(ctx, (uint8_t *) &bits, sizeof(bits)); - - /* store to digest */ - for (i = 0; i < 8; i++) - p[i] = cpu_to_be32(ctx->h[i]); -} diff --git a/src/native/sha256.h b/src/native/sha256.h deleted file mode 100644 index 6e91cd0f..00000000 --- a/src/native/sha256.h +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright (C) 2006-2009 Vincent Hanquez - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef CRYPTOHASH_SHA256_H -#define CRYPTOHASH_SHA256_H - -#include - -struct sha256_ctx -{ - uint64_t sz; - uint8_t buf[128]; - uint32_t h[8]; -}; - -#define sha224_ctx sha256_ctx - -#define SHA224_DIGEST_SIZE 28 -#define SHA224_CTX_SIZE sizeof(struct sha224_ctx) - -#define SHA256_DIGEST_SIZE 32 -#define SHA256_CTX_SIZE sizeof(struct sha256_ctx) - -void _mc_sha224_init(struct sha224_ctx *ctx); -void _mc_sha224_update(struct sha224_ctx *ctx, uint8_t *data, uint32_t len); -void _mc_sha224_finalize(struct sha224_ctx *ctx, uint8_t *out); - -void _mc_sha256_init(struct sha256_ctx *ctx); -void _mc_sha256_update(struct sha256_ctx *ctx, uint8_t *data, uint32_t len); -void _mc_sha256_finalize(struct sha256_ctx *ctx, uint8_t *out); - -#endif diff --git a/src/native/sha512.c b/src/native/sha512.c deleted file mode 100644 index cff9dce9..00000000 --- a/src/native/sha512.c +++ /dev/null @@ -1,246 +0,0 @@ -/* - * Copyright (C) 2006-2009 Vincent Hanquez - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include -#include "bitfn.h" -#include "sha512.h" - -void _mc_sha384_init(struct sha512_ctx *ctx) -{ - memset(ctx, 0, sizeof(*ctx)); - - ctx->h[0] = 0xcbbb9d5dc1059ed8ULL; - ctx->h[1] = 0x629a292a367cd507ULL; - ctx->h[2] = 0x9159015a3070dd17ULL; - ctx->h[3] = 0x152fecd8f70e5939ULL; - ctx->h[4] = 0x67332667ffc00b31ULL; - ctx->h[5] = 0x8eb44a8768581511ULL; - ctx->h[6] = 0xdb0c2e0d64f98fa7ULL; - ctx->h[7] = 0x47b5481dbefa4fa4ULL; -} - -void _mc_sha512_init(struct sha512_ctx *ctx) -{ - memset(ctx, 0, sizeof(*ctx)); - - ctx->h[0] = 0x6a09e667f3bcc908ULL; - ctx->h[1] = 0xbb67ae8584caa73bULL; - ctx->h[2] = 0x3c6ef372fe94f82bULL; - ctx->h[3] = 0xa54ff53a5f1d36f1ULL; - ctx->h[4] = 0x510e527fade682d1ULL; - ctx->h[5] = 0x9b05688c2b3e6c1fULL; - ctx->h[6] = 0x1f83d9abfb41bd6bULL; - ctx->h[7] = 0x5be0cd19137e2179ULL; -} - -/* 232 times the cube root of the first 64 primes 2..311 */ -static const uint64_t k[] = { - 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL, - 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, - 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL, - 0x12835b0145706fbeULL, 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, - 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL, - 0xc19bf174cf692694ULL, 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, - 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, 0x2de92c6f592b0275ULL, - 0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, - 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, 0xb00327c898fb213fULL, - 0xbf597fc7beef0ee4ULL, 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, - 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, 0x27b70a8546d22ffcULL, - 0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL, - 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL, - 0x92722c851482353bULL, 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, - 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, 0xd192e819d6ef5218ULL, - 0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, - 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, 0x2748774cdf8eeb99ULL, - 0x34b0bcb5e19b48a8ULL, 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, - 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, 0x748f82ee5defb2fcULL, - 0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, - 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL, - 0xc67178f2e372532bULL, 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, - 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, 0x06f067aa72176fbaULL, - 0x0a637dc5a2c898a6ULL, 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, - 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL, - 0x431d67c49c100d4cULL, 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, - 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL, -}; - -#define e0(x) (ror64(x, 28) ^ ror64(x, 34) ^ ror64(x, 39)) -#define e1(x) (ror64(x, 14) ^ ror64(x, 18) ^ ror64(x, 41)) -#define s0(x) (ror64(x, 1) ^ ror64(x, 8) ^ (x >> 7)) -#define s1(x) (ror64(x, 19) ^ ror64(x, 61) ^ (x >> 6)) - -static void sha512_do_chunk(struct sha512_ctx *ctx, uint64_t *buf) -{ - uint64_t a, b, c, d, e, f, g, h, t1, t2; - int i; - uint64_t w[80]; - - cpu_to_be64_array(w, buf, 16); - - for (i = 16; i < 80; i++) - w[i] = s1(w[i - 2]) + w[i - 7] + s0(w[i - 15]) + w[i - 16]; - - a = ctx->h[0]; b = ctx->h[1]; c = ctx->h[2]; d = ctx->h[3]; - e = ctx->h[4]; f = ctx->h[5]; g = ctx->h[6]; h = ctx->h[7]; - -#define R(a, b, c, d, e, f, g, h, k, w) \ - t1 = h + e1(e) + (g ^ (e & (f ^ g))) + k + w; \ - t2 = e0(a) + ((a & b) | (c & (a | b))); \ - d += t1; \ - h = t1 + t2 - - for (i = 0; i < 80; i += 8) { - R(a, b, c, d, e, f, g, h, k[i + 0], w[i + 0]); - R(h, a, b, c, d, e, f, g, k[i + 1], w[i + 1]); - R(g, h, a, b, c, d, e, f, k[i + 2], w[i + 2]); - R(f, g, h, a, b, c, d, e, k[i + 3], w[i + 3]); - R(e, f, g, h, a, b, c, d, k[i + 4], w[i + 4]); - R(d, e, f, g, h, a, b, c, k[i + 5], w[i + 5]); - R(c, d, e, f, g, h, a, b, k[i + 6], w[i + 6]); - R(b, c, d, e, f, g, h, a, k[i + 7], w[i + 7]); - } - -#undef R - - ctx->h[0] += a; ctx->h[1] += b; ctx->h[2] += c; ctx->h[3] += d; - ctx->h[4] += e; ctx->h[5] += f; ctx->h[6] += g; ctx->h[7] += h; -} - -void _mc_sha384_update(struct sha384_ctx *ctx, uint8_t *data, uint32_t len) -{ - _mc_sha512_update(ctx, data, len); -} - -void _mc_sha512_update(struct sha512_ctx *ctx, uint8_t *data, uint32_t len) -{ - unsigned int index, to_fill; - - /* check for partial buffer */ - index = (unsigned int) (ctx->sz[0] & 0x7f); - to_fill = 128 - index; - - ctx->sz[0] += len; - if (ctx->sz[0] < len) - ctx->sz[1]++; - - /* process partial buffer if there's enough data to make a block */ - if (index && len >= to_fill) { - memcpy(ctx->buf + index, data, to_fill); - sha512_do_chunk(ctx, (uint64_t *) ctx->buf); - len -= to_fill; - data += to_fill; - index = 0; - } - - /* process as much 128-block as possible */ - for (; len >= 128; len -= 128, data += 128) - sha512_do_chunk(ctx, (uint64_t *) data); - - /* append data into buf */ - if (len) - memcpy(ctx->buf + index, data, len); -} - -void _mc_sha384_finalize(struct sha384_ctx *ctx, uint8_t *out) -{ - uint8_t intermediate[SHA512_DIGEST_SIZE]; - - _mc_sha512_finalize(ctx, intermediate); - memcpy(out, intermediate, SHA384_DIGEST_SIZE); -} - -void _mc_sha512_finalize(struct sha512_ctx *ctx, uint8_t *out) -{ - static uint8_t padding[128] = { 0x80, }; - uint32_t i, index, padlen; - uint64_t bits[2]; - uint64_t *p = (uint64_t *) out; - - /* cpu -> big endian */ - bits[0] = cpu_to_be64((ctx->sz[1] << 3 | ctx->sz[0] >> 61)); - bits[1] = cpu_to_be64((ctx->sz[0] << 3)); - - /* pad out to 56 */ - index = (unsigned int) (ctx->sz[0] & 0x7f); - padlen = (index < 112) ? (112 - index) : ((128 + 112) - index); - _mc_sha512_update(ctx, padding, padlen); - - /* append length */ - _mc_sha512_update(ctx, (uint8_t *) bits, sizeof(bits)); - - /* store to digest */ - for (i = 0; i < 8; i++) - p[i] = cpu_to_be64(ctx->h[i]); -} - -// // i don't wanna go to libc i said no no no -// #include -// -// void _mc_sha512_init_t(struct sha512_ctx *ctx, int t) -// { -// memset(ctx, 0, sizeof(*ctx)); -// if (t >= 512) -// return; -// -// switch (t) { -// case 224: -// ctx->h[0] = 0x8c3d37c819544da2ULL; -// ctx->h[1] = 0x73e1996689dcd4d6ULL; -// ctx->h[2] = 0x1dfab7ae32ff9c82ULL; -// ctx->h[3] = 0x679dd514582f9fcfULL; -// ctx->h[4] = 0x0f6d2b697bd44da8ULL; -// ctx->h[5] = 0x77e36f7304c48942ULL; -// ctx->h[6] = 0x3f9d85a86a1d36c8ULL; -// ctx->h[7] = 0x1112e6ad91d692a1ULL; -// break; -// case 256: -// ctx->h[0] = 0x22312194fc2bf72cULL; -// ctx->h[1] = 0x9f555fa3c84c64c2ULL; -// ctx->h[2] = 0x2393b86b6f53b151ULL; -// ctx->h[3] = 0x963877195940eabdULL; -// ctx->h[4] = 0x96283ee2a88effe3ULL; -// ctx->h[5] = 0xbe5e1e2553863992ULL; -// ctx->h[6] = 0x2b0199fc2c85b8aaULL; -// ctx->h[7] = 0x0eb72ddc81c52ca2ULL; -// break; -// default: { -// uint8_t buf[8+4]; -// uint8_t out[64]; -// int i; -// -// _mc_sha512_init(ctx); -// for (i = 0; i < 8; i++) -// ctx->h[i] ^= 0xa5a5a5a5a5a5a5a5ULL; -// -// i = sprintf((char *)buf, "SHA-512/%d", t); -// _mc_sha512_update(ctx, buf, i); -// _mc_sha512_finalize(ctx, out); -// -// /* re-init the context, otherwise len is changed */ -// memset(ctx, 0, sizeof(*ctx)); -// for (i = 0; i < 8; i++) -// ctx->h[i] = cpu_to_be64(((uint64_t *) out)[i]); -// } -// } -// } diff --git a/src/native/sha512.h b/src/native/sha512.h deleted file mode 100644 index 623e94db..00000000 --- a/src/native/sha512.h +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright (C) 2006-2009 Vincent Hanquez - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -#ifndef CRYPTOHASH_SHA512_H -#define CRYPTOHASH_SHA512_H - -#include - -struct sha512_ctx -{ - uint64_t sz[2]; - uint8_t buf[128]; - uint64_t h[8]; -}; - -#define sha384_ctx sha512_ctx - -#define SHA384_DIGEST_SIZE 48 -#define SHA384_CTX_SIZE sizeof(struct sha384_ctx) - -#define SHA512_DIGEST_SIZE 64 -#define SHA512_CTX_SIZE sizeof(struct sha512_ctx) - -void _mc_sha384_init(struct sha384_ctx *ctx); -void _mc_sha384_update(struct sha384_ctx *ctx, uint8_t *data, uint32_t len); -void _mc_sha384_finalize(struct sha384_ctx *ctx, uint8_t *out); - -void _mc_sha512_init(struct sha512_ctx *ctx); -void _mc_sha512_update(struct sha512_ctx *ctx, uint8_t *data, uint32_t len); -void _mc_sha512_finalize(struct sha512_ctx *ctx, uint8_t *out); - -/* void _mc_sha512_init_t(struct sha512_ctx *ctx, int t); */ - -#endif diff --git a/tests/dune b/tests/dune index ef924251..d0354cdf 100644 --- a/tests/dune +++ b/tests/dune @@ -8,7 +8,7 @@ (name test_symmetric_runner) (libraries test_common mirage-crypto ounit2) (package mirage-crypto) - (modules test_base test_cipher test_hash test_hmac test_symmetric_runner)) + (modules test_base test_cipher test_symmetric_runner)) (test (name test_random_runner) diff --git a/tests/test_hash.ml b/tests/test_hash.ml deleted file mode 100644 index ccb1af72..00000000 --- a/tests/test_hash.ml +++ /dev/null @@ -1,235 +0,0 @@ -open OUnit2 - -open Mirage_crypto - -open Test_common - -let f1_blk_eq ?msg ?(n=1) f (x, y) _ = - let xs = blocks_of_cs n (vx x) in - assert_cs_equal ?msg (f (iter_list xs)) (vx y) - -let hash_cases (m : (module Hash.S)) ~hash = - let module H = ( val m ) in - [ "digest" >::: cases_of (f1_eq H.digest) hash ; - "digesti" >::: cases_of (f1_blk_eq H.digesti) hash ; - ] - -let hash_cases_mac (m : (module Hash.S)) ~hash ~mac = - let module H = ( val m ) in - [ "digest" >::: cases_of (f1_eq H.digest) hash ; - "digesti" >::: cases_of (f1_blk_eq H.digesti) hash ; - "hmac" >::: cases_of (f2_eq (fun key -> H.hmac ~key)) mac ; - ] - -(* MD5 *) - -let md5_cases = - hash_cases_mac ( module Hash.MD5 ) - ~hash:[ - "" , - "d4 1d 8c d9 8f 00 b2 04 e9 80 09 98 ec f8 42 7e" ; - - "00", - "93 b8 85 ad fe 0d a0 89 cd f6 34 90 4f d5 9f 71" ; - - "00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f" , - "1a c1 ef 01 e9 6c af 1b e0 d3 29 33 1a 4f c2 a8" ; - ] - ~mac:[ - "2c 03 ca 51 71 a3 d2 d1 41 71 79 6f c8 b2 6c 54" , - "8b bb 87 f4 76 4f ba 6a 55 61 c9 80 d5 35 58 4f - 0a 96 cb 60 49 2b 6e dd 71 a1 1e e5 7a 78 9b 73" , - "05 8b 08 41 09 79 8b 56 3d 81 49 1f 5f 82 5b ba" ; - - "2c 03 ca 51 71 a3 d2 d1 41 71 79 6f c8 b2 6c 54 - f0 0d a1 07 6c c9 e4 1f b2 17 ec ad 88 56 a2 6e - d7 83 c3 3d 85 99 0d 8d c5 8d 03 50 00 e2 6e 80 - 0c b5 9a 00 26 fd 15 fd 4c e1 84 9d a5 c6 fa a8 - f7 ef f6 c8 76 73 a3 47 0a d5 5a 5b 56 49 22 ec" , - "8b bb 87 f4 76 4f ba 6a 55 61 c9 80 d5 35 58 4f - 0a 96 cb 60 49 2b 6e dd 71 a1 1e e5 7a 78 9b 73" , - "61 ac 5c 29 9f e2 18 95 d5 4b eb ff 60 42 91 df" ; - - "2c 03 ca 51 71 a3 d2 d1 41 71 79 6f c8 b2 6c 54 - f0 0d a1 07 6c c9 e4 1f b2 17 ec ad 88 56 a2 6e - d7 83 c3 3d 85 99 0d 8d c5 8d 03 50 00 e2 6e 80 - 0c b5 9a 00 26 fd 15 fd 4c e1 84 9d a5 c6 fa a8" , - "8b bb 87 f4 76 4f ba 6a 55 61 c9 80 d5 35 58 4f - 0a 96 cb 60 49 2b 6e dd 71 a1 1e e5 7a 78 9b 73" , - "ce 44 c2 a1 c5 46 a7 08 a4 0a 7c f2 5e af b1 33" ; - ] - -(* SHA *) - -let sha1_cases = - hash_cases_mac ( module Hash.SHA1 ) - ~hash:[ - "" , - "da 39 a3 ee 5e 6b 4b 0d 32 55 bf ef 95 60 18 90 - af d8 07 09" ; - - "00" , - "5b a9 3c 9d b0 cf f9 3f 52 b5 21 d7 42 0e 43 f6 - ed a2 78 4f" ; - - "89 d1 68 64 8d 06 0c f2 ed a1 9a a3 10 56 85 48 - 69 84 63 df 13 7c 96 5e b5 7b 23 ec b1 f8 e9 ef" , - "00 6f 23 b3 5d 7d 09 78 03 35 68 97 ea 6e e3 3c - 57 b2 11 ca" ; - ] - ~mac:[ - "", "", - "fb db 1d 1b 18 aa 6c 08 32 4b 7d 64 b7 1f b7 63 - 70 69 0e 1d" ; - - "9c 64 fc 6a 9a bb 1e 04 43 6d 58 49 3f 0d 30 21 - d6 8f eb a9 67 c0 1f 9f c9 35 dc a5 95 9b 6c 07 - 4b 09 c0 39 bb c6 dc da 97 aa c8 ea 88 4e 17 e9 - 7c c6 d9 f7 73 70 e0 cb 1d 64 de 6d 57 91 31 b3" , - "", - "f9 b1 39 0f 1d 88 09 1b 1d a4 4a d5 d6 33 28 65 - c2 70 ca da"; - - "9c 64 fc 6a 9a bb 1e 04 43 6d 58 49 3f 0d 30 21 - d6 8f eb a9 67 c0 1f 9f c9 35 dc a5 95 9b 6c 07 - 4b 09 c0 39 bb c6 dc da 97 aa c8 ea 88 4e 17 e9 - 7c c6 d9 f7 73 70 e0 cb 1d 64 de 6d 57 91 31 b3" , - "0d 83 e2 e9 b3 98 e2 8b ea e0 59 7f 37 15 95 1a - 4b 4c 3c ce 4b de 15 4f 53 da fb 2f b4 9f 03 ea" , - "ca 02 cd 56 77 dc b5 c1 3e de da 34 51 d9 e2 5c - d9 29 4c 53" ; - - "9c 64 fc 6a 9a bb 1e 04 43 6d 58 49 3f 0d 30 21 - d6 8f eb a9 67 c0 1f 9f c9 35 dc a5 95 9b 6c 07 - 4b 09 c0 39 bb c6 dc da 97 aa c8 ea 88 4e 17 e9 - 7c c6 d9 f7 73 70 e0 cb 1d 64 de 6d 57 91 31 b3 - 8e 17 5f 4e de 38 f4 14 48 bc 74 56 05 7a 3c 3b" , - "0d 83 e2 e9 b3 98 e2 8b ea e0 59 7f 37 15 95 1a - 4b 4c 3c ce 4b de 15 4f 53 da fb 2f b4 9f 03 ea" , - "7f f9 d5 9e 62 e8 d7 13 91 9f a2 a7 be 64 85 c5 - a0 39 ec 04"; - ] - -let sha224_cases = - hash_cases (module Hash.SHA224) - ~hash:[ - "" , - "d1 4a 02 8c 2a 3a 2b c9 47 61 02 bb 28 82 34 c4 - 15 a2 b0 1f 82 8e a6 2a c5 b3 e4 2f" ; - - "00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f" , - "52 9d 65 6a 8b c4 13 fe f5 8d a8 2e 1b f0 30 8d - cf e0 42 9d cd 80 68 7e 69 c9 46 33" ; - - "00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f - 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f - 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f - 30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f", - "c3 7b 88 a3 52 2d bf 7a c3 0d 1c 68 ea 39 7a c1 - 1d 47 73 57 1a ed 01 dd ab 73 53 1e" ; - ] - -let sha256_cases = - hash_cases (module Hash.SHA256) - ~hash:[ - "" , - "e3 b0 c4 42 98 fc 1c 14 9a fb f4 c8 99 6f b9 24 - 27 ae 41 e4 64 9b 93 4c a4 95 99 1b 78 52 b8 55" ; - - "00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f" , - "be 45 cb 26 05 bf 36 be bd e6 84 84 1a 28 f0 fd - 43 c6 98 50 a3 dc e5 fe db a6 99 28 ee 3a 89 91" ; - - "00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f - 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f - 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f - 30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f", - "fd ea b9 ac f3 71 03 62 bd 26 58 cd c9 a2 9e 8f - 9c 75 7f cf 98 11 60 3a 8c 44 7c d1 d9 15 11 08" - ] - -let sha384_cases = - hash_cases (module Hash.SHA384) - ~hash:[ - "" , - "38 b0 60 a7 51 ac 96 38 4c d9 32 7e b1 b1 e3 6a - 21 fd b7 11 14 be 07 43 4c 0c c7 bf 63 f6 e1 da - 27 4e de bf e7 6f 65 fb d5 1a d2 f1 48 98 b9 5b" ; - - "00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f" , - "c8 1d f9 8d 9e 6d e9 b8 58 a1 e6 eb a0 f1 a3 a3 - 99 d9 8c 44 1e 67 e1 06 26 01 80 64 85 bb 89 12 - 5e fd 54 cc 78 df 5f bc ea bc 93 cd 7c 7b a1 3b" ; - - "00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f - 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f - 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f - 30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f - 40 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f - 50 51 52 53 54 55 56 57 58 59 5a 5b 5c 5d 5e 5f - 60 61 62 63 64 65 66 67 68 69 6a 6b 6c 6d 6e 6f - 70 71 72 73 74 75 76 77 78 79 7a 7b 7c 7d 7e 7f" , - "ca 23 85 77 33 19 12 45 34 11 1a 36 d0 58 1f c3 - f0 08 15 e9 07 03 4b 90 cf f9 c3 a8 61 e1 26 a7 - 41 d5 df cf f6 5a 41 7b 6d 72 96 86 3a c0 ec 17" - ] - - -let sha512_cases = - hash_cases (module Hash.SHA512) - ~hash:[ - "" , - "cf 83 e1 35 7e ef b8 bd f1 54 28 50 d6 6d 80 07 - d6 20 e4 05 0b 57 15 dc 83 f4 a9 21 d3 6c e9 ce - 47 d0 d1 3c 5d 85 f2 b0 ff 83 18 d2 87 7e ec 2f - 63 b9 31 bd 47 41 7a 81 a5 38 32 7a f9 27 da 3e" ; - - "00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f" , - "da a2 95 be ed 4e 2e e9 4c 24 01 5b 56 af 62 6b - 4f 21 ef 9f 44 f2 b3 d4 0f c4 1c 90 90 0a 6b f1 - b4 86 7c 43 c5 7c da 54 d1 b6 fd 48 69 b3 f2 3c - ed 5e 0b a3 c0 5d 0b 16 80 df 4e c7 d0 76 24 03" ; - - "00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f - 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f - 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f - 30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f - 40 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f - 50 51 52 53 54 55 56 57 58 59 5a 5b 5c 5d 5e 5f - 60 61 62 63 64 65 66 67 68 69 6a 6b 6c 6d 6e 6f - 70 71 72 73 74 75 76 77 78 79 7a 7b 7c 7d 7e 7f" , - "1d ff d5 e3 ad b7 1d 45 d2 24 59 39 66 55 21 ae - 00 1a 31 7a 03 72 0a 45 73 2b a1 90 0c a3 b8 35 - 1f c5 c9 b4 ca 51 3e ba 6f 80 bc 7b 1d 1f da d4 - ab d1 34 91 cb 82 4d 61 b0 8d 8c 0e 15 61 b3 f7" ; - ] - -let regression = - let input = - Cstruct.of_string "hellohellohellohellohellohellohellohellohellohellohellohellohell" - in - let md5_case _ = - let hash = vx "87bf8014f2949172f79965cb9505d126" in - let ctx = Hash.MD5.empty in - let ctx' = Hash.MD5.feed ctx (Cstruct.shift (Cstruct.append (Cstruct.create 1) input) 1) in - let computed_hash = Hash.MD5.get ctx' in - assert_cs_equal ~msg:"MD5 feed with unaligned data" computed_hash hash - and sha512_case _ = - let hash = vx "31c90f0e14f5b1b058e8790f6080c4110c98a0dfc95f711efa8cf176495902ca002a496bcf843fc8d195821429345f06683925b7c6f1c9342a51e8c7f89eb188" - in - let ctx = Hash.SHA512.empty in - let ctx' = Hash.SHA512.feed ctx (Cstruct.shift (Cstruct.append (Cstruct.create 1) input) 1) in - let computed_hash = Hash.SHA512.get ctx' in - assert_cs_equal ~msg:"SHA512 feed with unaligned data" computed_hash hash - in - [ test_case md5_case ; test_case sha512_case ] - -let suite = [ - "MD5" >::: md5_cases ; - "SHA1" >::: sha1_cases ; - "sha224" >::: sha224_cases ; - "sha256" >::: sha256_cases ; - "sha384" >::: sha384_cases ; - "sha512" >::: sha512_cases ; - "regression" >::: regression ; -] diff --git a/tests/test_hmac.ml b/tests/test_hmac.ml deleted file mode 100644 index f234f7cf..00000000 --- a/tests/test_hmac.ml +++ /dev/null @@ -1,248 +0,0 @@ -open OUnit2 - -open Test_common - -open Mirage_crypto - -(* This is from RFC 2022 (MD5/SHA1) and 4231 (SHA2) *) - -let hex = Cstruct.of_hex - -let inputs = [ - (* Test Case 0 *) - ( hex ("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b" ^ - "0b0b0b0b"), - hex "4869205468657265" ); (* "Hi There" *) - (* Test Case 1 *) - ( hex "4a656665", (* "Jefe" *) - hex ("7768617420646f2079612077616e7420" ^ (* "what do ya want " *) - "666f72206e6f7468696e673f") ); (* "for nothing?" *) - (* Test Case 2 *) - ( hex ("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaa"), - hex ("dddddddddddddddddddddddddddddddd" ^ - "dddddddddddddddddddddddddddddddd" ^ - "dddddddddddddddddddddddddddddddd" ^ - "dddd") ); - (* Test Case 3 *) - ( hex ("0102030405060708090a0b0c0d0e0f10" ^ - "111213141516171819"), - hex ("cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd" ^ - "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd" ^ - "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd" ^ - "cdcd") ); - (* Test Case 4 *) - ( hex ("0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c" ^ - "0c0c0c0c"), - hex ("546573742057697468205472756e6361" ^ (* "Test With Trunca" *) - "74696f6e") ); (* "tion" *) -] - -let sha2_inputs = - inputs @ [ - (* Test Case 5 *) - ( hex ("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaa"), - hex ("54657374205573696e67204c61726765" ^ (* "Test Using Large" *) - "72205468616e20426c6f636b2d53697a" ^ (* "r Than Block-Siz" *) - "65204b6579202d2048617368204b6579" ^ (* "e Key - Hash Key" *) - "204669727374") ); (* " First" *) - (* Test Case 6 *) - ( hex ("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaa"), - hex ("54686973206973206120746573742075" ^ (* "This is a test u" *) - "73696e672061206c6172676572207468" ^ (* "sing a larger th" *) - "616e20626c6f636b2d73697a65206b65" ^ (* "an block-size ke" *) - "7920616e642061206c61726765722074" ^ (* "y and a larger t" *) - "68616e20626c6f636b2d73697a652064" ^ (* "han block-size d" *) - "6174612e20546865206b6579206e6565" ^ (* "ata. The key nee" *) - "647320746f2062652068617368656420" ^ (* "ds to be hashed " *) - "6265666f7265206265696e6720757365" ^ (* "before being use" *) - "642062792074686520484d414320616c" ^ (* "d by the HMAC al" *) - "676f726974686d2e") )] (* "gorithm." *) - -let sha1_inputs = - inputs @ [ - (* Test Case 5 *) - ( hex ("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"), - hex ("54657374205573696e67204c61726765" ^ (* "Test Using Large" *) - "72205468616e20426c6f636b2d53697a" ^ (* "r Than Block-Siz" *) - "65204b6579202d2048617368204b6579" ^ (* "e Key - Hash Key" *) - "204669727374") ); (* " First" *) - (* Test Case 6 *) - ( hex ("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ^ - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"), - hex ("54657374205573696e67204c61726765" ^ (* "Test Using Large" *) - "72205468616e20426c6f636b2d53697a" ^ (* "r Than Block-Siz" *) - "65204b657920616e64204c6172676572" ^ (* "e Key and Larger" *) - "205468616e204f6e6520426c6f636b2d" ^ (* " Than One Block-" *) - "53697a652044617461") )] (* "Size Data" *) - -let md5_inputs = - let k, d = List.split sha1_inputs in - let keys = - List.mapi (fun i x -> - if i == 3 || i == 5 || i == 6 then - x - else Cstruct.(sub x 0 (min (length x) 16))) - k in - List.combine keys d - -let md5_results = [ - hex "9294727a3638bb1c13f48ef8158bfc9d" ; - hex "750c783e6ab0b503eaa86e310a5db738" ; - hex "56be34521d144c88dbb8c733f0e8b3f6" ; - hex "697eaf0aca3a3aea3a75164746ffaa79" ; - hex "56461ef2342edc00f9bab995" ; - hex "6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd" ; - hex "6f630fad67cda0ee1fb1f562db3aa53e" -] - -let sha1_results = [ - hex "b617318655057264e28bc0b6fb378c8ef146be00" ; - hex "effcdf6ae5eb2fa2d27416d5f184df9c259a7c79" ; - hex "125d7342b9ac11cd91a39af48aa17b4f63f175d3" ; - hex "4c9007f4026250c6bc8414f9bf50c86c2d7235da" ; - hex "4c1a03424b55e07fe7f27be1" ; - hex "aa4ae5e15272d00e95705637ce8a3b55ed402112" ; - hex "e8e99d0f45237d786d6bbaa7965c7808bbff1a91" -] - -let sha224_results = [ - hex "896fb1128abbdf196832107cd49df33f - 47b4b1169912ba4f53684b22" ; - hex "a30e01098bc6dbbf45690f3a7e9e6d0f - 8bbea2a39e6148008fd05e44" ; - hex "7fb3cb3588c6c1f6ffa9694d7d6ad264 - 9365b0c1f65d69d1ec8333ea" ; - hex "6c11506874013cac6a2abc1bb382627c - ec6a90d86efc012de7afec5a" ; - hex "0e2aea68a90c8d37c988bcdb9fca6fa8" ; - hex "95e9a0db962095adaebe9b2d6f0dbce2 - d499f112f2d2b7273fa6870e" ; - hex "3a854166ac5d9f023f54d517d0b39dbd - 946770db9c2b95c9f6f565d1" -] - -let sha256_results = [ - hex "b0344c61d8db38535ca8afceaf0bf12b - 881dc200c9833da726e9376c2e32cff7" ; - hex "5bdcc146bf60754e6a042426089575c7 - 5a003f089d2739839dec58b964ec3843" ; - hex "773ea91e36800e46854db8ebd09181a7 - 2959098b3ef8c122d9635514ced565fe" ; - hex "82558a389a443c0ea4cc819899f2083a - 85f0faa3e578f8077a2e3ff46729665b" ; - hex "a3b6167473100ee06e0c796c2955552b" ; - hex "60e431591ee0b67f0d8a26aacbf5b77f - 8e0bc6213728c5140546040f0ee37f54" ; - hex "9b09ffa71b942fcb27635fbcd5b0e944 - bfdc63644f0713938a7f51535c3a35e2" -] - -let sha384_results = [ - hex "afd03944d84895626b0825f4ab46907f - 15f9dadbe4101ec682aa034c7cebc59c - faea9ea9076ede7f4af152e8b2fa9cb6" ; - hex "af45d2e376484031617f78d2b58a6b1b - 9c7ef464f5a01b47e42ec3736322445e - 8e2240ca5e69e2c78b3239ecfab21649" ; - hex "88062608d3e6ad8a0aa2ace014c8a86f - 0aa635d947ac9febe83ef4e55966144b - 2a5ab39dc13814b94e3ab6e101a34f27" ; - hex "3e8a69b7783c25851933ab6290af6ca7 - 7a9981480850009cc5577c6e1f573b4e - 6801dd23c4a7d679ccf8a386c674cffb" ; - hex "3abf34c3503b2a23a46efc619baef897" ; - hex "4ece084485813e9088d2c63a041bc5b4 - 4f9ef1012a2b588f3cd11f05033ac4c6 - 0c2ef6ab4030fe8296248df163f44952" ; - hex "6617178e941f020d351e2f254e8fd32c - 602420feb0b8fb9adccebb82461e99c5 - a678cc31e799176d3860e6110c46523e" -] - -let sha512_results = [ - hex "87aa7cdea5ef619d4ff0b4241a1d6cb0 - 2379f4e2ce4ec2787ad0b30545e17cde - daa833b7d6b8a702038b274eaea3f4e4 - be9d914eeb61f1702e696c203a126854" ; - hex "164b7a7bfcf819e2e395fbe73b56e0a3 - 87bd64222e831fd610270cd7ea250554 - 9758bf75c05a994a6d034f65f8f0e6fd - caeab1a34d4a6b4b636e070a38bce737" ; - hex "fa73b0089d56a284efb0f0756c890be9 - b1b5dbdd8ee81a3655f83e33b2279d39 - bf3e848279a722c806b485a47e67c807 - b946a337bee8942674278859e13292fb" ; - hex "b0ba465637458c6990e5a8c5f61d4af7 - e576d97ff94b872de76f8050361ee3db - a91ca5c11aa25eb4d679275cc5788063 - a5f19741120c4f2de2adebeb10a298dd" ; - hex "415fad6271580a531d4179bc891d87a6" ; - hex "80b24263c7c1a3ebb71493c1dd7be8b4 - 9b46d1f41b4aeec1121b013783f8f352 - 6b56d037e05f2598bd0fd2215d6a1e52 - 95e64f73f63f0aec8b915a985d786598" ; - hex "e37b6a775dc87dbaa4dfa9f96e5e3ffd - debd71f8867289865df5a32d20cdc944 - b6022cac3c4982b10d5eeb55c3e4de15 - 134676fb6de0446065c97440fa8c6a58" -] - -let test hash i ((key, data), result) _ = - let computed = Hash.mac hash ~key:key data in - if i == 4 (* truncated thingy *) then - assert_cs_equal result Cstruct.(sub computed 0 (length result)) - else - assert_cs_equal result computed - -let test_hmac name id = - List.mapi (fun i args -> "HMAC " ^ name ^ " " ^ string_of_int i >:: test id i args) - -let test_feed hash i ((key, data), result) _ = - let (module H) = Hash.module_of hash in - let empty = H.hmac_empty ~key in - let computed = H.hmac_get (H.hmac_feed empty data) in - if i == 4 (* truncated thingy *) then - assert_cs_equal result Cstruct.(sub computed 0 (length result)) - else - assert_cs_equal result computed - -let test_feed_hmac name id = - List.mapi (fun i args -> "HMAC feed " ^ name ^ " " ^ string_of_int i >:: test_feed id i args) - -let suite = - test_hmac "MD5" `MD5 (List.combine md5_inputs md5_results) @ - test_hmac "SHA1" `SHA1 (List.combine sha1_inputs sha1_results) @ - test_hmac "SHA224" `SHA224 (List.combine sha2_inputs sha224_results) @ - test_hmac "SHA256" `SHA256 (List.combine sha2_inputs sha256_results) @ - test_hmac "SHA384" `SHA384 (List.combine sha2_inputs sha384_results) @ - test_hmac "SHA512" `SHA512 (List.combine sha2_inputs sha512_results) @ - test_feed_hmac "MD5" `MD5 (List.combine md5_inputs md5_results) @ - test_feed_hmac "SHA1" `SHA1 (List.combine sha1_inputs sha1_results) @ - test_feed_hmac "SHA224" `SHA224 (List.combine sha2_inputs sha224_results) @ - test_feed_hmac "SHA256" `SHA256 (List.combine sha2_inputs sha256_results) @ - test_feed_hmac "SHA384" `SHA384 (List.combine sha2_inputs sha384_results) @ - test_feed_hmac "SHA512" `SHA512 (List.combine sha2_inputs sha512_results) diff --git a/tests/test_rsa.ml b/tests/test_rsa.ml index 9de56916..519e0a0b 100644 --- a/tests/test_rsa.ml +++ b/tests/test_rsa.ml @@ -1,7 +1,6 @@ open OUnit2 open Mirage_crypto.Uncommon -open Mirage_crypto open Mirage_crypto_pk open Test_common @@ -117,16 +116,16 @@ let rsa_pkcs1_encode_selftest ~bits n = ~msg:("recovery failure " ^ show_key_size key) let rsa_pkcs1_sign_selftest n = - let open Hash.SHA1 in + let open Digestif.SHA1 in "selftest" >:: times ~n @@ fun _ -> let key = gen_rsa ~bits:(Rsa.PKCS1.min_key `SHA1) and msg = Mirage_crypto_rng.generate 47 in let pkey = Rsa.pub_of_priv key in assert_bool "invert 1" Rsa.PKCS1.( verify ~key:pkey ~hashp:any (`Message msg) - ~signature:(sign ~hash:`SHA1 ~key (`Digest (Cstruct.to_string (digest (Cstruct.of_string msg))))) ); + ~signature:(sign ~hash:`SHA1 ~key (`Digest (digest_string msg |> to_raw_string))) ); assert_bool "invert 2" Rsa.PKCS1.( - verify ~key:pkey ~hashp:any (`Digest (Cstruct.to_string (digest (Cstruct.of_string msg)))) + verify ~key:pkey ~hashp:any (`Digest (digest_string msg |> to_raw_string)) ~signature:(sign ~hash:`SHA1 ~key (`Message msg)) ) let rsa_pkcs1_encrypt_selftest ~bits n = diff --git a/tests/test_symmetric_runner.ml b/tests/test_symmetric_runner.ml index c750c773..ede11041 100644 --- a/tests/test_symmetric_runner.ml +++ b/tests/test_symmetric_runner.ml @@ -17,8 +17,6 @@ let () = let suite = "All" >::: [ "Basic" >::: Test_base.suite; - "Hash" >::: Test_hash.suite; - "Hmac" >::: Test_hmac.suite; "Cipher" >::: Test_cipher.suite; ]