cryptotools/sha/sha384.cpp Source File

All Classes Namespaces Files Functions Variables Macros Pages
 
 #include "sha384.hpp"
 
 using namespace cryptoTools;
 
 // =========================== Standard functions of the specification
 
 // Macros are used instead of functions for better performances
 
 #define ROTR(n,x) ( ((x)>>(n)) | ((x)<<(64-(n))) )
 #define SHR(n,x)  ((x)>>(n))
 #define CH(x,y,z)   ( ((x)&(y)) ^ ((~x)&(z)) )
 #define MAJ(x,y,z) ( ((x)&(y)) ^ ((x)&(z)) ^ ((y)&(z)) )
 #define BIGSIGMA0(x) ( ROTR(28,(x)) ^ ROTR(34,(x)) ^ ROTR(39,(x)) )
 #define BIGSIGMA1(x) ( ROTR(14,(x)) ^ ROTR(18,(x)) ^ ROTR(41,(x)) )
 #define SMALLSIGMA0(x) ( ROTR(1,(x)) ^ ROTR(8,(x)) ^ SHR(7,(x)) )
 #define SMALLSIGMA1(x) ( ROTR(19,(x)) ^ ROTR(61,(x)) ^ SHR(6,(x)) )
 
 
 // ================================================= Constants
 
 // The constants to which the internal state  must be initialised.
 uint64_t init384[8] =
 {
         0xcbbb9d5dc1059ed8, 0x629a292a367cd507, 0x9159015a3070dd17,
         0x152fecd8f70e5939, 0x67332667ffc00b31, 0x8eb44a8768581511,
         0xdb0c2e0d64f98fa7, 0x47b5481dbefa4fa4
 };
 
 
 // The constants to use in each step of the main loop of a round.
 uint64_t K384[80] =
 {
         0x428a2f98d728ae22, 0x7137449123ef65cd, 0xb5c0fbcfec4d3b2f,
         0xe9b5dba58189dbbc, 0x3956c25bf348b538, 0x59f111f1b605d019,
         0x923f82a4af194f9b, 0xab1c5ed5da6d8118, 0xd807aa98a3030242,
         0x12835b0145706fbe, 0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2,
         0x72be5d74f27b896f, 0x80deb1fe3b1696b1, 0x9bdc06a725c71235,
         0xc19bf174cf692694, 0xe49b69c19ef14ad2, 0xefbe4786384f25e3,
         0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65, 0x2de92c6f592b0275,
         0x4a7484aa6ea6e483, 0x5cb0a9dcbd41fbd4, 0x76f988da831153b5,
         0x983e5152ee66dfab, 0xa831c66d2db43210, 0xb00327c898fb213f,
         0xbf597fc7beef0ee4, 0xc6e00bf33da88fc2, 0xd5a79147930aa725,
         0x06ca6351e003826f, 0x142929670a0e6e70, 0x27b70a8546d22ffc,
         0x2e1b21385c26c926, 0x4d2c6dfc5ac42aed, 0x53380d139d95b3df,
         0x650a73548baf63de, 0x766a0abb3c77b2a8, 0x81c2c92e47edaee6,
         0x92722c851482353b, 0xa2bfe8a14cf10364, 0xa81a664bbc423001,
         0xc24b8b70d0f89791, 0xc76c51a30654be30, 0xd192e819d6ef5218,
         0xd69906245565a910, 0xf40e35855771202a, 0x106aa07032bbd1b8,
         0x19a4c116b8d2d0c8, 0x1e376c085141ab53, 0x2748774cdf8eeb99,
         0x34b0bcb5e19b48a8, 0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb,
         0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3, 0x748f82ee5defb2fc,
         0x78a5636f43172f60, 0x84c87814a1f0ab72, 0x8cc702081a6439ec,
         0x90befffa23631e28, 0xa4506cebde82bde9, 0xbef9a3f7b2c67915,
         0xc67178f2e372532b, 0xca273eceea26619c, 0xd186b8c721c0c207,
         0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178, 0x06f067aa72176fba,
         0x0a637dc5a2c898a6, 0x113f9804bef90dae, 0x1b710b35131c471b,
         0x28db77f523047d84, 0x32caab7b40c72493, 0x3c9ebe0a15c9bebc,
         0x431d67c49c100d4c, 0x4cc5d4becb3e42b6, 0x597f299cfc657e2a,
         0x5fcb6fab3ad6faec, 0x6c44198c4a475817
 };
                                                                            
 
 
 // ================================================== public functions
 
 
 void SHA384::preprocess(std::vector<unsigned char> initialMessage)
 {
         // padding the initial message by...
         l = initialMessage.size()*8;
         // ... adding 10000000
         initialMessage.push_back(0x80);
         // ... adding the correct amount of zeroes 
         unsigned int k = ( (896-(l+8))%1024 >= 0) ?  (896-(l+8))%1024 :1024+(960-(l+8))%1024;
         k += 64; // Adding 64 bits to zero: we don't treat cases where l>2^64
         for (unsigned int i=0; i<k; i+=8)
                 initialMessage.push_back(0x00);
         // ... and appending the length of the input.
         initialMessage.push_back((l>>56)%0x100);
         initialMessage.push_back((l>>48)%0x100);
         initialMessage.push_back((l>>40)%0x100);
         initialMessage.push_back((l>>32)%0x100);
         initialMessage.push_back((l>>24)%0x100);
         initialMessage.push_back((l>>16)%0x100);
         initialMessage.push_back((l>>8 )%0x100);
         initialMessage.push_back(l%0x100);
         // Turning the initial byte message into a 32words one
         M.clear();
         for (unsigned int i=0; i<initialMessage.size() ; i+=8)
                 M.push_back(    ((uint64_t)initialMessage[i]   << 56)
                               | ((uint64_t)initialMessage[i+1] << 48)
                               | ((uint64_t)initialMessage[i+2] << 40)
                               | ((uint64_t)initialMessage[i+3] << 32)
                               | ((uint64_t)initialMessage[i+4] << 24)
                               | ((uint64_t)initialMessage[i+5] << 16)
                               | ((uint64_t)initialMessage[i+6] << 8)
                               |  (uint64_t)initialMessage[i+7] );
         // initialising the hash values H_i
         for (unsigned int i=0; i<8; i++)
                 H[i] = init384[i];
 }
 
 
 
 void SHA384::round(unsigned int counter)
 {
         uint64_t W[80], T1, T2;
         // initializing the working variables
         a = H[0]; b = H[1];
         c = H[2]; d = H[3];
         e = H[4]; f = H[5];
         g = H[6]; h = H[7];
         // loop over the currently processed hash
         for (unsigned int t=0; t<80; t++)
         {
                 // preparing the message schedule
                 W[t] = (t<=15) ? M[counter+t] : SMALLSIGMA1(W[t-2]) + W[t-7] + SMALLSIGMA0(W[t-15]) + W[t-16];
                 // Re-assigning the temporary variables
                 T1 = h + BIGSIGMA1(e) + CH(e,f,g) + K384[t] + W[t];
                 T2 = BIGSIGMA0(a) + MAJ(a,b,c) ;
                 h = g; g = f; f = e;
                 e = d + T1;
                 d = c; c = b; b = a;
                 a = T1 + T2;
         }
         // computing the ith hash value H[8] 
         H[0] += a; H[1] += b;
         H[2] += c; H[3] += d;
         H[4] += e; H[5] += f;
         H[6] += g; H[7] += h;
 }
 
 
 void SHA384::hash(std::vector<unsigned char> initialMessage)
 {
         preprocess(initialMessage);
         for (unsigned int counter=0; counter<M.size(); counter+=16)
                 round(counter);
 }
 
 
 std::vector<uint8_t> SHA384::getHash()
 {                
         std::vector<uint8_t> digest;
         // this time, we take only the five first elements
         for (unsigned int i=0; i<6; i++)
         {
                 digest.push_back( (H[i]>>56) % 0x100);
                 digest.push_back( (H[i]>>48) % 0x100);
                 digest.push_back( (H[i]>>40) % 0x100);
                 digest.push_back( (H[i]>>32) % 0x100);
                 digest.push_back( (H[i]>>24) % 0x100);
                 digest.push_back( (H[i]>>16) % 0x100);
                 digest.push_back( (H[i]>>8)  % 0x100);
                 digest.push_back(  H[i]      % 0x100);
         }
         return digest;
 }
 
 
 std::string SHA384::getType()
 {
         return "SHA-384";
 }
 
 
 uint32_t SHA384::getHashLength()
 {
         return 384;
 }
 
 
 #undef ROTR
 #undef SHR
 #undef CH
 #undef MAJ
 #undef BIGSIGMA0
 #undef BIGSIGMA1
 #undef SMALLSIGMA0
 #undef SMALLSIGMA1