diff options
-rw-r--r-- | Readme.txt | 5 | ||||
-rw-r--r-- | bench.cpp | 4 | ||||
-rw-r--r-- | cryptlib.h | 2 | ||||
-rw-r--r-- | dll.cpp | 14 | ||||
-rw-r--r-- | dll.h | 1 | ||||
-rw-r--r-- | haval.h | 2 | ||||
-rw-r--r-- | iterhash.cpp | 33 | ||||
-rw-r--r-- | iterhash.h | 73 | ||||
-rw-r--r-- | md4.h | 2 | ||||
-rw-r--r-- | md5.h | 3 | ||||
-rw-r--r-- | pkcspad.cpp | 10 | ||||
-rw-r--r-- | pkcspad.h | 11 | ||||
-rw-r--r-- | pssr.cpp | 9 | ||||
-rw-r--r-- | pssr.h | 16 | ||||
-rw-r--r-- | ripemd.h | 8 | ||||
-rw-r--r-- | sha.cpp | 9 | ||||
-rw-r--r-- | sha.h | 8 |
17 files changed, 114 insertions, 96 deletions
@@ -1,5 +1,5 @@ Crypto++: a C++ Class Library of Cryptographic Schemes -Version 6.0 (in development) +Version 5.2.2 (in development) This library includes: @@ -344,6 +344,7 @@ the mailing list. - fixed inability to instantiate PanamaMAC - fixed problems with inline documentation -6.0 - added SHA-224 +5.2.2 - added SHA-224 + - put SHA-256, SHA-384, SHA-512, RSASSA-PSS into DLL Written by Wei Dai @@ -231,6 +231,9 @@ void BenchmarkAll(double t) BenchMarkKeyless<Tiger>("Tiger", t); #endif BenchMarkKeyless<RIPEMD160>("RIPE-MD160", t); + BenchMarkKeyless<RIPEMD320>("RIPE-MD320", t); + BenchMarkKeyless<RIPEMD128>("RIPE-MD128", t); + BenchMarkKeyless<RIPEMD256>("RIPE-MD256", t); BenchMarkKeyless<PanamaHash<LittleEndian> >("Panama Hash (little endian)", t); BenchMarkKeyless<PanamaHash<BigEndian> >("Panama Hash (big endian)", t); #ifdef WORD64_AVAILABLE @@ -280,7 +283,6 @@ void BenchmarkAll(double t) BenchMarkKeyedVariable<SHACAL2::Encryption>("SHACAL-2 (512-bit key)", t, 64); #ifdef WORD64_AVAILABLE BenchMarkKeyedVariable<Camellia::Encryption>("Camellia (128-bit key)", t, 16); - BenchMarkKeyedVariable<Camellia::Encryption>("Camellia (192-bit key)", t, 24); BenchMarkKeyedVariable<Camellia::Encryption>("Camellia (256-bit key)", t, 32); #endif BenchMarkKeyed<MD5MAC>("MD5-MAC", t); @@ -4,7 +4,7 @@ classes that provide a uniform interface to this library. */ -/*! \mainpage <a href="http://www.cryptopp.com">Crypto++</a><sup><small>TM</small></sup> Library 5.2.1 Reference Manual +/*! \mainpage <a href="http://www.cryptopp.com">Crypto++</a><sup><small>®</small></sup> Library 5.2.2 Reference Manual <dl> <dt>Abstract Base Classes<dd> cryptlib.h @@ -40,6 +40,20 @@ CRYPTOPP_DLL_TEMPLATE_CLASS AbstractEuclideanDomain<Integer>; template<> const byte PKCS_DigestDecoration<SHA>::decoration[] = {0x30,0x21,0x30,0x09,0x06,0x05,0x2B,0x0E,0x03,0x02,0x1A,0x05,0x00,0x04,0x14}; template<> const unsigned int PKCS_DigestDecoration<SHA>::length = sizeof(PKCS_DigestDecoration<SHA>::decoration); +template<> const byte PKCS_DigestDecoration<SHA256>::decoration[] = {0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20}; +template<> const unsigned int PKCS_DigestDecoration<SHA256>::length = sizeof(PKCS_DigestDecoration<SHA256>::decoration); + +template<> const byte PKCS_DigestDecoration<SHA384>::decoration[] = {0x30,0x41,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,0x05,0x00,0x04,0x30}; +template<> const unsigned int PKCS_DigestDecoration<SHA384>::length = sizeof(PKCS_DigestDecoration<SHA384>::decoration); + +template<> const byte PKCS_DigestDecoration<SHA512>::decoration[] = {0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40}; +template<> const unsigned int PKCS_DigestDecoration<SHA512>::length = sizeof(PKCS_DigestDecoration<SHA512>::decoration); + +template<> const byte EMSA2HashId<SHA>::id = 0x33; +template<> const byte EMSA2HashId<SHA256>::id = 0x34; +template<> const byte EMSA2HashId<SHA384>::id = 0x36; +template<> const byte EMSA2HashId<SHA512>::id = 0x35; + NAMESPACE_END #endif @@ -26,6 +26,7 @@ #include "nbtheory.h" #include "osrng.h" #include "pkcspad.h" +#include "pssr.h" #include "randpool.h" #include "rsa.h" #include "sha.h" @@ -6,6 +6,8 @@ NAMESPACE_BEGIN(CryptoPP) /// <a href="http://www.weidai.com/scan-mirror/md.html#HAVAL">HAVAL</a> +/*! \warning HAVAL with 128-bit or 160-bit output is considered insecure, and should not be used + unless you absolutely need it for compatibility. */ class HAVAL : public IteratedHash<word32, LittleEndian, 128> { public: diff --git a/iterhash.cpp b/iterhash.cpp index a863782a..3e01556f 100644 --- a/iterhash.cpp +++ b/iterhash.cpp @@ -6,11 +6,6 @@ NAMESPACE_BEGIN(CryptoPP) -HashInputTooLong::HashInputTooLong(const std::string &alg) - : InvalidDataFormat("IteratedHashBase: input data exceeds maximum allowed by hash function " + alg) -{ -} - template <class T, class BASE> void IteratedHashBase<T, BASE>::Update(const byte *input, unsigned int len) { HashWordType oldCountLo = m_countLo, oldCountHi = m_countHi; @@ -80,9 +75,17 @@ template <class T, class BASE> byte * IteratedHashBase<T, BASE>::CreateUpdateSpa template <class T, class BASE> unsigned int IteratedHashBase<T, BASE>::HashMultipleBlocks(const T *input, unsigned int length) { unsigned int blockSize = BlockSize(); + bool noReverse = NativeByteOrderIs(GetByteOrder()); do { - HashBlock(input); + if (noReverse) + HashEndianCorrectedBlock(input); + else + { + ByteReverse(this->m_data.begin(), input, this->BlockSize()); + HashEndianCorrectedBlock(this->m_data); + } + input += blockSize/sizeof(T); length -= blockSize; } @@ -111,4 +114,22 @@ template <class T, class BASE> void IteratedHashBase<T, BASE>::Restart() Init(); } +template <class T, class BASE> void IteratedHashBase<T, BASE>::TruncatedFinal(byte *digest, unsigned int size) +{ + this->ThrowIfInvalidTruncatedSize(size); + + PadLastBlock(this->BlockSize() - 2*sizeof(HashWordType)); + ByteOrder order = this->GetByteOrder(); + ConditionalByteReverse<HashWordType>(order, this->m_data, this->m_data, this->BlockSize() - 2*sizeof(HashWordType)); + + this->m_data[this->m_data.size()-2] = order ? this->GetBitCountHi() : this->GetBitCountLo(); + this->m_data[this->m_data.size()-1] = order ? this->GetBitCountLo() : this->GetBitCountHi(); + + HashEndianCorrectedBlock(this->m_data); + ConditionalByteReverse<HashWordType>(order, this->m_digest, this->m_digest, this->DigestSize()); + memcpy(digest, this->m_digest, size); + + this->Restart(); // reinit for next use +} + NAMESPACE_END @@ -12,7 +12,8 @@ NAMESPACE_BEGIN(CryptoPP) class CRYPTOPP_DLL HashInputTooLong : public InvalidDataFormat { public: - explicit HashInputTooLong(const std::string &alg); + explicit HashInputTooLong(const std::string &alg) + : InvalidDataFormat("IteratedHashBase: input data exceeds maximum allowed by hash function " + alg) {} }; //! _ @@ -29,6 +30,7 @@ public: void Update(const byte *input, unsigned int length); byte * CreateUpdateSpace(unsigned int &size); void Restart(); + void TruncatedFinal(byte *digest, unsigned int size); protected: void SetBlockSize(unsigned int blockSize) {m_data.resize(blockSize / sizeof(HashWordType));} @@ -37,10 +39,13 @@ protected: T GetBitCountHi() const {return (m_countLo >> (8*sizeof(T)-3)) + (m_countHi << 3);} T GetBitCountLo() const {return m_countLo << 3;} - virtual unsigned int HashMultipleBlocks(const T *input, unsigned int length); void PadLastBlock(unsigned int lastBlockSize, byte padFirst=0x80); virtual void Init() =0; - virtual void HashBlock(const T *input) =0; + + virtual ByteOrder GetByteOrder() const =0; + virtual void HashEndianCorrectedBlock(const HashWordType *data) =0; + virtual unsigned int HashMultipleBlocks(const T *input, unsigned int length); + void HashBlock(const HashWordType *input) {HashMultipleBlocks(input, BlockSize());} SecBlock<T> m_data; // Data buffer SecBlock<T> m_digest; // Message digest @@ -50,7 +55,7 @@ private: }; #ifdef WORD64_AVAILABLE -CRYPTOPP_STATIC_TEMPLATE_CLASS IteratedHashBase<word64, HashTransformation>; +CRYPTOPP_DLL_TEMPLATE_CLASS IteratedHashBase<word64, HashTransformation>; CRYPTOPP_STATIC_TEMPLATE_CLASS IteratedHashBase<word64, MessageAuthenticationCode>; #endif @@ -58,33 +63,23 @@ CRYPTOPP_DLL_TEMPLATE_CLASS IteratedHashBase<word32, HashTransformation>; CRYPTOPP_STATIC_TEMPLATE_CLASS IteratedHashBase<word32, MessageAuthenticationCode>; //! _ -template <class T, class B, class BASE> -class CRYPTOPP_NO_VTABLE IteratedHashBase2 : public IteratedHashBase<T, BASE> +template <class T_HashWordType, class T_Endianness, unsigned int T_BlockSize, class T_Base = HashTransformation> +class CRYPTOPP_NO_VTABLE IteratedHash : public IteratedHashBase<T_HashWordType, T_Base> { public: - typedef B ByteOrderClass; - typedef typename IteratedHashBase<T, BASE>::HashWordType HashWordType; + typedef T_Endianness ByteOrderClass; + typedef T_HashWordType HashWordType; + + enum {BLOCKSIZE = T_BlockSize}; + CRYPTOPP_COMPILE_ASSERT((BLOCKSIZE & (BLOCKSIZE - 1)) == 0); // blockSize is a power of 2 + + ByteOrder GetByteOrder() const {return T_Endianness::ToEnum();} inline static void CorrectEndianess(HashWordType *out, const HashWordType *in, unsigned int byteCount) { - ConditionalByteReverse(B::ToEnum(), out, in, byteCount); + ConditionalByteReverse(T_Endianness::ToEnum(), out, in, byteCount); } - void TruncatedFinal(byte *digest, unsigned int size); - -protected: - void HashBlock(const HashWordType *input); - virtual void HashEndianCorrectedBlock(const HashWordType *data) =0; -}; - -//! _ -template <class T_HashWordType, class T_Endianness, unsigned int T_BlockSize, class T_Base = HashTransformation> -class CRYPTOPP_NO_VTABLE IteratedHash : public IteratedHashBase2<T_HashWordType, T_Endianness, T_Base> -{ -public: - enum {BLOCKSIZE = T_BlockSize}; - CRYPTOPP_COMPILE_ASSERT((BLOCKSIZE & (BLOCKSIZE - 1)) == 0); // blockSize is a power of 2 - protected: IteratedHash() {this->SetBlockSize(T_BlockSize);} }; @@ -108,36 +103,6 @@ protected: void Init() {T_Transform::InitState(this->m_digest);} }; -// ************************************************************* - -template <class T, class B, class BASE> void IteratedHashBase2<T, B, BASE>::TruncatedFinal(byte *digest, unsigned int size) -{ - this->ThrowIfInvalidTruncatedSize(size); - - PadLastBlock(this->BlockSize() - 2*sizeof(HashWordType)); - CorrectEndianess(this->m_data, this->m_data, this->BlockSize() - 2*sizeof(HashWordType)); - - this->m_data[this->m_data.size()-2] = B::ToEnum() ? this->GetBitCountHi() : this->GetBitCountLo(); - this->m_data[this->m_data.size()-1] = B::ToEnum() ? this->GetBitCountLo() : this->GetBitCountHi(); - - HashEndianCorrectedBlock(this->m_data); - CorrectEndianess(this->m_digest, this->m_digest, this->DigestSize()); - memcpy(digest, this->m_digest, size); - - this->Restart(); // reinit for next use -} - -template <class T, class B, class BASE> void IteratedHashBase2<T, B, BASE>::HashBlock(const HashWordType *input) -{ - if (NativeByteOrderIs(B::ToEnum())) - HashEndianCorrectedBlock(input); - else - { - ByteReverse(this->m_data.begin(), input, this->BlockSize()); - HashEndianCorrectedBlock(this->m_data); - } -} - NAMESPACE_END #endif @@ -7,7 +7,7 @@ NAMESPACE_BEGIN(CryptoPP) //! <a href="http://www.weidai.com/scan-mirror/md.html#MD4">MD4</a> /*! \warning MD4 is considered insecure, and should not be used - unless you absolutely need compatibility with a broken product. */ + unless you absolutely need it for compatibility. */ class MD4 : public IteratedHashWithStaticTransform<word32, LittleEndian, 64, 16, MD4> { public: @@ -6,7 +6,8 @@ NAMESPACE_BEGIN(CryptoPP) //! <a href="http://www.weidai.com/scan-mirror/md.html#MD5">MD5</a> -/*! 128 Bit Hash */ +/*! \warning MD5 is considered insecure, and should not be used + unless you absolutely need it for compatibility. */ class MD5 : public IteratedHashWithStaticTransform<word32, LittleEndian, 64, 16, MD5> { public: diff --git a/pkcspad.cpp b/pkcspad.cpp index cbccb15c..a51858cc 100644 --- a/pkcspad.cpp +++ b/pkcspad.cpp @@ -7,6 +7,7 @@ NAMESPACE_BEGIN(CryptoPP) +// more in dll.cpp template<> const byte PKCS_DigestDecoration<MD2>::decoration[] = {0x30,0x20,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x02,0x05,0x00,0x04,0x10}; template<> const unsigned int PKCS_DigestDecoration<MD2>::length = sizeof(PKCS_DigestDecoration<MD2>::decoration); @@ -19,15 +20,6 @@ template<> const unsigned int PKCS_DigestDecoration<RIPEMD160>::length = sizeof( template<> const byte PKCS_DigestDecoration<Tiger>::decoration[] = {0x30,0x29,0x30,0x0D,0x06,0x09,0x2B,0x06,0x01,0x04,0x01,0xDA,0x47,0x0C,0x02,0x05,0x00,0x04,0x18}; template<> const unsigned int PKCS_DigestDecoration<Tiger>::length = sizeof(PKCS_DigestDecoration<Tiger>::decoration); -template<> const byte PKCS_DigestDecoration<SHA256>::decoration[] = {0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20}; -template<> const unsigned int PKCS_DigestDecoration<SHA256>::length = sizeof(PKCS_DigestDecoration<SHA256>::decoration); - -template<> const byte PKCS_DigestDecoration<SHA384>::decoration[] = {0x30,0x41,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,0x05,0x00,0x04,0x30}; -template<> const unsigned int PKCS_DigestDecoration<SHA384>::length = sizeof(PKCS_DigestDecoration<SHA384>::decoration); - -template<> const byte PKCS_DigestDecoration<SHA512>::decoration[] = {0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40}; -template<> const unsigned int PKCS_DigestDecoration<SHA512>::length = sizeof(PKCS_DigestDecoration<SHA512>::decoration); - unsigned int PKCS_EncryptionPaddingScheme::MaxUnpaddedLength(unsigned int paddedLength) const { return SaturatingSubtract(paddedLength/8, 10U); @@ -40,6 +40,13 @@ class SHA384; class SHA512; // end of list +#ifdef CRYPTOPP_IS_DLL +CRYPTOPP_DLL_TEMPLATE_CLASS PKCS_DigestDecoration<SHA>; +CRYPTOPP_DLL_TEMPLATE_CLASS PKCS_DigestDecoration<SHA256>; +CRYPTOPP_DLL_TEMPLATE_CLASS PKCS_DigestDecoration<SHA384>; +CRYPTOPP_DLL_TEMPLATE_CLASS PKCS_DigestDecoration<SHA512>; +#endif + //! <a href="http://www.weidai.com/scan-mirror/sig.html#sem_PKCS1-1.5">EMSA-PKCS1-v1_5</a> class CRYPTOPP_DLL PKCS1v15_SignatureMessageEncodingMethod : public PK_DeterministicSignatureMessageEncodingMethod { @@ -75,10 +82,6 @@ struct PKCS1v15 : public SignatureStandard, public EncryptionStandard typedef PKCS1v15_SignatureMessageEncodingMethod SignatureMessageEncodingMethod; }; -#ifdef CRYPTOPP_IS_DLL -CRYPTOPP_DLL_TEMPLATE_CLASS PKCS_DigestDecoration<SHA>; -#endif - NAMESPACE_END #endif @@ -5,14 +5,13 @@ NAMESPACE_BEGIN(CryptoPP) -template<> const byte EMSA2HashId<SHA>::id = 0x33; +// more in dll.cpp template<> const byte EMSA2HashId<RIPEMD160>::id = 0x31; template<> const byte EMSA2HashId<RIPEMD128>::id = 0x32; -template<> const byte EMSA2HashId<SHA256>::id = 0x34; -template<> const byte EMSA2HashId<SHA384>::id = 0x36; -template<> const byte EMSA2HashId<SHA512>::id = 0x35; template<> const byte EMSA2HashId<Whirlpool>::id = 0x37; +#ifndef CRYPTOPP_IMPORTS + unsigned int PSSR_MEM_Base::MaxRecoverableLength(unsigned int representativeBitLength, unsigned int hashIdentifierLength, unsigned int digestLength) const { if (AllowRecovery()) @@ -128,4 +127,6 @@ DecodingResult PSSR_MEM_Base::RecoverMessageFromRepresentative( return result; } +#endif + NAMESPACE_END @@ -4,9 +4,13 @@ #include "pubkey.h" #include <functional> +#ifdef CRYPTOPP_IS_DLL +#include "sha.h" +#endif + NAMESPACE_BEGIN(CryptoPP) -class PSSR_MEM_Base : public PK_RecoverableSignatureMessageEncodingMethod +class CRYPTOPP_DLL PSSR_MEM_Base : public PK_RecoverableSignatureMessageEncodingMethod { virtual bool AllowRecovery() const =0; virtual unsigned int SaltLen(unsigned int hashLen) const =0; @@ -28,8 +32,9 @@ public: byte *recoverableMessage) const; }; -template <class H> struct EMSA2HashId +template <class H> class EMSA2HashId { +public: static const byte id; }; @@ -43,6 +48,13 @@ class SHA512; class Whirlpool; // end of list +#ifdef CRYPTOPP_IS_DLL +CRYPTOPP_DLL_TEMPLATE_CLASS EMSA2HashId<SHA>; +CRYPTOPP_DLL_TEMPLATE_CLASS EMSA2HashId<SHA256>; +CRYPTOPP_DLL_TEMPLATE_CLASS EMSA2HashId<SHA384>; +CRYPTOPP_DLL_TEMPLATE_CLASS EMSA2HashId<SHA512>; +#endif + template <class BASE> class EMSA2HashIdLookup : public BASE { @@ -15,7 +15,7 @@ public: static const char * StaticAlgorithmName() {return "RIPEMD-160";} }; -/*! Digest Length = 320 bits, Security = 160 bits */ +/*! Digest Length = 320 bits, Security is similar to RIPEMD-160 */ class RIPEMD320 : public IteratedHashWithStaticTransform<word32, LittleEndian, 64, 40, RIPEMD320> { public: @@ -24,7 +24,8 @@ public: static const char * StaticAlgorithmName() {return "RIPEMD-320";} }; -/*! Digest Length = 128 bits */ +/*! \warning RIPEMD-128 is considered insecure, and should not be used + unless you absolutely need it for compatibility. */ class RIPEMD128 : public IteratedHashWithStaticTransform<word32, LittleEndian, 64, 16, RIPEMD128> { public: @@ -33,7 +34,8 @@ public: static const char * StaticAlgorithmName() {return "RIPEMD-128";} }; -/*! Digest Length = 256 bits, Security = 128 bits */ +/*! \warning RIPEMD-256 is considered insecure, and should not be used + unless you absolutely need it for compatibility. */ class RIPEMD256 : public IteratedHashWithStaticTransform<word32, LittleEndian, 64, 32, RIPEMD256> { public: @@ -4,6 +4,9 @@ // Both are in the public domain. #include "pch.h" + +#ifndef CRYPTOPP_IMPORTS + #include "sha.h" #include "misc.h" @@ -14,8 +17,6 @@ NAMESPACE_BEGIN(CryptoPP) #define blk0(i) (W[i] = data[i]) #define blk1(i) (W[i&15] = rotlFixed(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15],1)) -#ifndef CRYPTOPP_IMPORTS - void SHA::InitState(HashWordType *state) { state[0] = 0x67452301L; @@ -78,8 +79,6 @@ void SHA::Transform(word32 *state, const word32 *data) memset(W, 0, sizeof(W)); } -#endif // #ifndef CRYPTOPP_IMPORTS - // end of Steve Reid's code // ************************************************************* @@ -291,3 +290,5 @@ void SHA384::InitState(HashWordType *state) #endif NAMESPACE_END + +#endif // #ifndef CRYPTOPP_IMPORTS @@ -17,7 +17,7 @@ public: typedef SHA SHA1; //! implements the SHA-256 standard -class SHA256 : public IteratedHashWithStaticTransform<word32, BigEndian, 64, 32, SHA256> +class CRYPTOPP_DLL SHA256 : public IteratedHashWithStaticTransform<word32, BigEndian, 64, 32, SHA256> { public: static void InitState(HashWordType *state); @@ -29,7 +29,7 @@ protected: }; //! implements the SHA-224 standard -class SHA224 : public IteratedHashWithStaticTransform<word32, BigEndian, 64, 32, SHA224, 28> +class CRYPTOPP_DLL SHA224 : public IteratedHashWithStaticTransform<word32, BigEndian, 64, 32, SHA224, 28> { public: static void InitState(HashWordType *state); @@ -40,7 +40,7 @@ public: #ifdef WORD64_AVAILABLE //! implements the SHA-512 standard -class SHA512 : public IteratedHashWithStaticTransform<word64, BigEndian, 128, 64, SHA512> +class CRYPTOPP_DLL SHA512 : public IteratedHashWithStaticTransform<word64, BigEndian, 128, 64, SHA512> { public: static void InitState(HashWordType *state); @@ -52,7 +52,7 @@ protected: }; //! implements the SHA-384 standard -class SHA384 : public IteratedHashWithStaticTransform<word64, BigEndian, 128, 64, SHA384, 48> +class CRYPTOPP_DLL SHA384 : public IteratedHashWithStaticTransform<word64, BigEndian, 128, 64, SHA384, 48> { public: static void InitState(HashWordType *state); |