2017-06-02 11:13:43 +00:00
|
|
|
// iterhash.h - originally written and placed in the public domain by Wei Dai
|
2017-06-02 09:18:52 +00:00
|
|
|
|
2020-12-15 09:05:17 +00:00
|
|
|
/// \file iterhash.h
|
|
|
|
/// \brief Base classes for iterated hashes
|
|
|
|
|
2015-11-05 06:59:46 +00:00
|
|
|
#ifndef CRYPTOPP_ITERHASH_H
|
|
|
|
#define CRYPTOPP_ITERHASH_H
|
|
|
|
|
|
|
|
#include "cryptlib.h"
|
|
|
|
#include "secblock.h"
|
|
|
|
#include "misc.h"
|
|
|
|
#include "simple.h"
|
|
|
|
|
2017-06-02 09:18:52 +00:00
|
|
|
#if CRYPTOPP_MSC_VERSION
|
|
|
|
# pragma warning(push)
|
|
|
|
# pragma warning(disable: 4231 4275)
|
|
|
|
# if (CRYPTOPP_MSC_VERSION >= 1400)
|
|
|
|
# pragma warning(disable: 6011 6386 28193)
|
|
|
|
# endif
|
|
|
|
#endif
|
|
|
|
|
2015-11-05 06:59:46 +00:00
|
|
|
NAMESPACE_BEGIN(CryptoPP)
|
|
|
|
|
2017-11-29 15:54:33 +00:00
|
|
|
/// \brief Exception thrown when trying to hash more data than is allowed by a hash function
|
2015-11-05 06:59:46 +00:00
|
|
|
class CRYPTOPP_DLL HashInputTooLong : public InvalidDataFormat
|
|
|
|
{
|
|
|
|
public:
|
|
|
|
explicit HashInputTooLong(const std::string &alg)
|
|
|
|
: InvalidDataFormat("IteratedHashBase: input data exceeds maximum allowed by hash function " + alg) {}
|
|
|
|
};
|
|
|
|
|
2017-11-29 15:54:33 +00:00
|
|
|
/// \brief Iterated hash base class
|
|
|
|
/// \tparam T Hash word type
|
|
|
|
/// \tparam BASE HashTransformation derived class
|
|
|
|
/// \details IteratedHashBase provides an interface for block-based iterated hashes
|
|
|
|
/// \sa HashTransformation, MessageAuthenticationCode
|
2015-11-05 06:59:46 +00:00
|
|
|
template <class T, class BASE>
|
|
|
|
class CRYPTOPP_NO_VTABLE IteratedHashBase : public BASE
|
|
|
|
{
|
|
|
|
public:
|
|
|
|
typedef T HashWordType;
|
|
|
|
|
2018-07-06 13:23:37 +00:00
|
|
|
virtual ~IteratedHashBase() {}
|
|
|
|
|
2017-11-29 15:54:33 +00:00
|
|
|
/// \brief Construct an IteratedHashBase
|
2015-11-05 06:59:46 +00:00
|
|
|
IteratedHashBase() : m_countLo(0), m_countHi(0) {}
|
2016-09-13 20:43:12 +00:00
|
|
|
|
2017-11-29 15:54:33 +00:00
|
|
|
/// \brief Provides the input block size most efficient for this cipher.
|
|
|
|
/// \return The input block size that is most efficient for the cipher
|
|
|
|
/// \details The base class implementation returns MandatoryBlockSize().
|
|
|
|
/// \note Optimal input length is
|
|
|
|
/// <tt>n * OptimalBlockSize() - GetOptimalBlockSizeUsed()</tt> for any <tt>n \> 0</tt>.
|
2015-11-05 06:59:46 +00:00
|
|
|
unsigned int OptimalBlockSize() const {return this->BlockSize();}
|
2016-09-13 20:43:12 +00:00
|
|
|
|
2017-11-29 15:54:33 +00:00
|
|
|
/// \brief Provides input and output data alignment for optimal performance.
|
|
|
|
/// \return the input data alignment that provides optimal performance
|
|
|
|
/// \details OptimalDataAlignment returns the natural alignment of the hash word.
|
2015-11-05 06:59:46 +00:00
|
|
|
unsigned int OptimalDataAlignment() const {return GetAlignmentOf<T>();}
|
2016-09-13 20:43:12 +00:00
|
|
|
|
2017-11-29 15:54:33 +00:00
|
|
|
/// \brief Updates a hash with additional input
|
|
|
|
/// \param input the additional input as a buffer
|
|
|
|
/// \param length the size of the buffer, in bytes
|
2015-11-05 06:59:46 +00:00
|
|
|
void Update(const byte *input, size_t length);
|
2016-09-13 20:43:12 +00:00
|
|
|
|
2017-11-29 15:54:33 +00:00
|
|
|
/// \brief Requests space which can be written into by the caller
|
|
|
|
/// \param size the requested size of the buffer
|
|
|
|
/// \details The purpose of this method is to help avoid extra memory allocations.
|
|
|
|
/// \details size is an \a IN and \a OUT parameter and used as a hint. When the call is made,
|
|
|
|
/// size is the requested size of the buffer. When the call returns, size is the size of
|
|
|
|
/// the array returned to the caller.
|
|
|
|
/// \details The base class implementation sets size to 0 and returns NULL.
|
|
|
|
/// \note Some objects, like ArraySink, cannot create a space because its fixed.
|
2015-11-05 06:59:46 +00:00
|
|
|
byte * CreateUpdateSpace(size_t &size);
|
2016-09-13 20:43:12 +00:00
|
|
|
|
2017-11-29 15:54:33 +00:00
|
|
|
/// \brief Restart the hash
|
|
|
|
/// \details Discards the current state, and restart for a new message
|
2015-11-05 06:59:46 +00:00
|
|
|
void Restart();
|
2016-09-13 20:43:12 +00:00
|
|
|
|
2017-11-29 15:54:33 +00:00
|
|
|
/// \brief Computes the hash of the current message
|
|
|
|
/// \param digest a pointer to the buffer to receive the hash
|
|
|
|
/// \param digestSize the size of the truncated digest, in bytes
|
2021-03-17 21:57:24 +00:00
|
|
|
/// \details TruncatedFinal() calls Final() and then copies digestSize bytes to digest.
|
2017-11-29 15:54:33 +00:00
|
|
|
/// The hash is restarted the hash for the next message.
|
2016-09-13 20:43:12 +00:00
|
|
|
void TruncatedFinal(byte *digest, size_t digestSize);
|
2015-11-05 06:59:46 +00:00
|
|
|
|
2018-07-06 13:23:37 +00:00
|
|
|
/// \brief Retrieve the provider of this algorithm
|
|
|
|
/// \return the algorithm provider
|
|
|
|
/// \details The algorithm provider can be a name like "C++", "SSE", "NEON", "AESNI",
|
|
|
|
/// "ARMv8" and "Power8". C++ is standard C++ code. Other labels, like SSE,
|
|
|
|
/// usually indicate a specialized implementation using instructions from a higher
|
|
|
|
/// instruction set architecture (ISA). Future labels may include external hardware
|
|
|
|
/// like a hardware security module (HSM).
|
|
|
|
/// \note Provider is not universally implemented yet.
|
|
|
|
virtual std::string AlgorithmProvider() const { return "C++"; }
|
|
|
|
|
2015-11-05 06:59:46 +00:00
|
|
|
protected:
|
2018-07-20 22:56:41 +00:00
|
|
|
inline T GetBitCountHi() const
|
|
|
|
{return (m_countLo >> (8*sizeof(T)-3)) + (m_countHi << 3);}
|
|
|
|
inline T GetBitCountLo() const
|
|
|
|
{return m_countLo << 3;}
|
2015-11-05 06:59:46 +00:00
|
|
|
|
|
|
|
void PadLastBlock(unsigned int lastBlockSize, byte padFirst=0x80);
|
|
|
|
virtual void Init() =0;
|
|
|
|
|
|
|
|
virtual ByteOrder GetByteOrder() const =0;
|
|
|
|
virtual void HashEndianCorrectedBlock(const HashWordType *data) =0;
|
|
|
|
virtual size_t HashMultipleBlocks(const T *input, size_t length);
|
2018-07-20 22:56:41 +00:00
|
|
|
void HashBlock(const HashWordType *input)
|
|
|
|
{HashMultipleBlocks(input, this->BlockSize());}
|
2015-11-05 06:59:46 +00:00
|
|
|
|
|
|
|
virtual T* DataBuf() =0;
|
|
|
|
virtual T* StateBuf() =0;
|
|
|
|
|
|
|
|
private:
|
|
|
|
T m_countLo, m_countHi;
|
|
|
|
};
|
|
|
|
|
2017-11-29 15:54:33 +00:00
|
|
|
/// \brief Iterated hash base class
|
|
|
|
/// \tparam T_HashWordType Hash word type
|
|
|
|
/// \tparam T_Endianness Endianness type of hash
|
|
|
|
/// \tparam T_BlockSize Block size of the hash
|
|
|
|
/// \tparam T_Base HashTransformation derived class
|
|
|
|
/// \details IteratedHash provides a default implementation for block-based iterated hashes
|
|
|
|
/// \sa HashTransformation, MessageAuthenticationCode
|
2015-11-05 06:59:46 +00:00
|
|
|
template <class T_HashWordType, class T_Endianness, unsigned int T_BlockSize, class T_Base = HashTransformation>
|
|
|
|
class CRYPTOPP_NO_VTABLE IteratedHash : public IteratedHashBase<T_HashWordType, T_Base>
|
|
|
|
{
|
|
|
|
public:
|
|
|
|
typedef T_Endianness ByteOrderClass;
|
|
|
|
typedef T_HashWordType HashWordType;
|
|
|
|
|
2019-10-14 16:30:10 +00:00
|
|
|
CRYPTOPP_CONSTANT(BLOCKSIZE = T_BlockSize);
|
2015-11-05 06:59:46 +00:00
|
|
|
// BCB2006 workaround: can't use BLOCKSIZE here
|
|
|
|
CRYPTOPP_COMPILE_ASSERT((T_BlockSize & (T_BlockSize - 1)) == 0); // blockSize is a power of 2
|
2016-09-13 21:29:23 +00:00
|
|
|
|
2016-12-03 05:32:07 +00:00
|
|
|
virtual ~IteratedHash() {}
|
|
|
|
|
2017-11-29 15:54:33 +00:00
|
|
|
/// \brief Provides the block size of the hash
|
|
|
|
/// \return the block size of the hash, in bytes
|
|
|
|
/// \details BlockSize() returns <tt>T_BlockSize</tt>.
|
2016-09-14 00:44:14 +00:00
|
|
|
unsigned int BlockSize() const {return T_BlockSize;}
|
2015-11-05 06:59:46 +00:00
|
|
|
|
2017-11-29 15:54:33 +00:00
|
|
|
/// \brief Provides the byte order of the hash
|
2020-12-08 04:35:10 +00:00
|
|
|
/// \return the byte order of the hash as an enumeration
|
2017-11-29 15:54:33 +00:00
|
|
|
/// \details GetByteOrder() returns <tt>T_Endianness::ToEnum()</tt>.
|
|
|
|
/// \sa ByteOrder()
|
2016-09-14 00:44:14 +00:00
|
|
|
ByteOrder GetByteOrder() const {return T_Endianness::ToEnum();}
|
2016-09-13 21:29:23 +00:00
|
|
|
|
2017-11-29 15:54:33 +00:00
|
|
|
/// \brief Adjusts the byte ordering of the hash
|
|
|
|
/// \param out the output buffer
|
|
|
|
/// \param in the input buffer
|
|
|
|
/// \param byteCount the size of the buffers, in bytes
|
|
|
|
/// \details CorrectEndianess() calls ConditionalByteReverse() using <tt>T_Endianness</tt>.
|
2016-09-13 21:29:23 +00:00
|
|
|
inline void CorrectEndianess(HashWordType *out, const HashWordType *in, size_t byteCount)
|
2015-11-05 06:59:46 +00:00
|
|
|
{
|
2018-07-20 22:56:41 +00:00
|
|
|
CRYPTOPP_ASSERT(in != NULLPTR);
|
|
|
|
CRYPTOPP_ASSERT(out != NULLPTR);
|
2018-08-24 16:19:42 +00:00
|
|
|
CRYPTOPP_ASSERT(IsAligned<T_HashWordType>(in));
|
|
|
|
CRYPTOPP_ASSERT(IsAligned<T_HashWordType>(out));
|
2018-07-20 22:56:41 +00:00
|
|
|
|
2015-11-05 06:59:46 +00:00
|
|
|
ConditionalByteReverse(T_Endianness::ToEnum(), out, in, byteCount);
|
|
|
|
}
|
|
|
|
|
|
|
|
protected:
|
2019-09-29 01:08:22 +00:00
|
|
|
enum { Blocks = T_BlockSize/sizeof(T_HashWordType) };
|
2015-11-05 06:59:46 +00:00
|
|
|
T_HashWordType* DataBuf() {return this->m_data;}
|
2019-09-29 01:08:22 +00:00
|
|
|
FixedSizeSecBlock<T_HashWordType, Blocks> m_data;
|
2015-11-05 06:59:46 +00:00
|
|
|
};
|
|
|
|
|
2017-11-29 15:54:33 +00:00
|
|
|
/// \brief Iterated hash with a static transformation function
|
|
|
|
/// \tparam T_HashWordType Hash word type
|
|
|
|
/// \tparam T_Endianness Endianness type of hash
|
|
|
|
/// \tparam T_BlockSize Block size of the hash
|
|
|
|
/// \tparam T_StateSize Internal state size of the hash
|
|
|
|
/// \tparam T_Transform HashTransformation derived class
|
|
|
|
/// \tparam T_DigestSize Digest size of the hash
|
|
|
|
/// \tparam T_StateAligned Flag indicating if state is 16-byte aligned
|
|
|
|
/// \sa HashTransformation, MessageAuthenticationCode
|
2015-11-05 06:59:46 +00:00
|
|
|
template <class T_HashWordType, class T_Endianness, unsigned int T_BlockSize, unsigned int T_StateSize, class T_Transform, unsigned int T_DigestSize = 0, bool T_StateAligned = false>
|
|
|
|
class CRYPTOPP_NO_VTABLE IteratedHashWithStaticTransform
|
|
|
|
: public ClonableImpl<T_Transform, AlgorithmImpl<IteratedHash<T_HashWordType, T_Endianness, T_BlockSize>, T_Transform> >
|
|
|
|
{
|
|
|
|
public:
|
2019-10-14 16:30:10 +00:00
|
|
|
CRYPTOPP_CONSTANT(DIGESTSIZE = T_DigestSize ? T_DigestSize : T_StateSize);
|
2016-09-13 21:29:23 +00:00
|
|
|
|
2016-12-03 05:32:07 +00:00
|
|
|
virtual ~IteratedHashWithStaticTransform() {}
|
|
|
|
|
2017-11-29 15:54:33 +00:00
|
|
|
/// \brief Provides the digest size of the hash
|
|
|
|
/// \return the digest size of the hash, in bytes
|
|
|
|
/// \details DigestSize() returns <tt>DIGESTSIZE</tt>.
|
2018-05-10 23:59:21 +00:00
|
|
|
unsigned int DigestSize() const {return DIGESTSIZE;}
|
2015-11-05 06:59:46 +00:00
|
|
|
|
|
|
|
protected:
|
2021-06-04 01:10:59 +00:00
|
|
|
// https://github.com/weidai11/cryptopp/issues/147#issuecomment-766231864
|
|
|
|
IteratedHashWithStaticTransform() {IteratedHashWithStaticTransform::Init();}
|
2015-11-05 06:59:46 +00:00
|
|
|
void HashEndianCorrectedBlock(const T_HashWordType *data) {T_Transform::Transform(this->m_state, data);}
|
|
|
|
void Init() {T_Transform::InitState(this->m_state);}
|
2018-07-10 15:54:13 +00:00
|
|
|
|
2019-09-29 01:08:22 +00:00
|
|
|
enum { Blocks = T_BlockSize/sizeof(T_HashWordType) };
|
2018-07-10 21:18:11 +00:00
|
|
|
T_HashWordType* StateBuf() {return this->m_state;}
|
2019-09-29 01:08:22 +00:00
|
|
|
FixedSizeAlignedSecBlock<T_HashWordType, Blocks, T_StateAligned> m_state;
|
2015-11-05 06:59:46 +00:00
|
|
|
};
|
|
|
|
|
2017-07-17 16:10:38 +00:00
|
|
|
#if !defined(__GNUC__) && !defined(__clang__)
|
2015-11-05 06:59:46 +00:00
|
|
|
CRYPTOPP_DLL_TEMPLATE_CLASS IteratedHashBase<word64, HashTransformation>;
|
|
|
|
CRYPTOPP_STATIC_TEMPLATE_CLASS IteratedHashBase<word64, MessageAuthenticationCode>;
|
|
|
|
|
|
|
|
CRYPTOPP_DLL_TEMPLATE_CLASS IteratedHashBase<word32, HashTransformation>;
|
|
|
|
CRYPTOPP_STATIC_TEMPLATE_CLASS IteratedHashBase<word32, MessageAuthenticationCode>;
|
|
|
|
#endif
|
|
|
|
|
|
|
|
NAMESPACE_END
|
|
|
|
|
2017-06-02 09:18:52 +00:00
|
|
|
#if CRYPTOPP_MSC_VERSION
|
|
|
|
# pragma warning(pop)
|
|
|
|
#endif
|
|
|
|
|
2015-11-05 06:59:46 +00:00
|
|
|
#endif
|