Fossil SCM

fossil-scm / src / sha3.c
Blame History Raw 679 lines
1
/*
2
** Copyright (c) 2017 D. Richard Hipp
3
**
4
** This program is free software; you can redistribute it and/or
5
** modify it under the terms of the Simplified BSD License (also
6
** known as the "2-Clause License" or "FreeBSD License".)
7
**
8
** This program is distributed in the hope that it will be useful,
9
** but without any warranty; without even the implied warranty of
10
** merchantability or fitness for a particular purpose.
11
**
12
** Author contact information:
13
** [email protected]
14
** http://www.hwaci.com/drh/
15
**
16
*******************************************************************************
17
**
18
** This file contains an implementation of SHA3 (Keccak) hashing.
19
*/
20
#include "config.h"
21
#include "sha3.h"
22
23
/*
24
** Macros to determine whether the machine is big or little endian,
25
** and whether or not that determination is run-time or compile-time.
26
**
27
** For best performance, an attempt is made to guess at the byte-order
28
** using C-preprocessor macros. If that is unsuccessful, or if
29
** -DSHA3_BYTEORDER=0 is set, then byte-order is determined
30
** at run-time.
31
*/
32
#ifndef SHA3_BYTEORDER
33
# if defined(i386) || defined(__i386__) || defined(_M_IX86) || \
34
defined(__x86_64) || defined(__x86_64__) || defined(_M_X64) || \
35
defined(_M_AMD64) || defined(_M_ARM) || defined(__x86) || \
36
defined(__arm__)
37
# define SHA3_BYTEORDER 1234
38
# elif defined(sparc) || defined(__ppc__)
39
# define SHA3_BYTEORDER 4321
40
# else
41
# define SHA3_BYTEORDER 0
42
# endif
43
#endif
44
45
46
/*
47
** State structure for a SHA3 hash in progress
48
*/
49
typedef struct SHA3Context SHA3Context;
50
struct SHA3Context {
51
union {
52
u64 s[25]; /* Keccak state. 5x5 lines of 64 bits each */
53
unsigned char x[1600]; /* ... or 1600 bytes */
54
} u;
55
unsigned nRate; /* Bytes of input accepted per Keccak iteration */
56
unsigned nLoaded; /* Input bytes loaded into u.x[] so far this cycle */
57
unsigned ixMask; /* Insert next input into u.x[nLoaded^ixMask]. */
58
};
59
60
/*
61
** A single step of the Keccak mixing function for a 1600-bit state
62
*/
63
static void KeccakF1600Step(SHA3Context *p){
64
int i;
65
u64 B0, B1, B2, B3, B4;
66
u64 C0, C1, C2, C3, C4;
67
u64 D0, D1, D2, D3, D4;
68
static const u64 RC[] = {
69
0x0000000000000001ULL, 0x0000000000008082ULL,
70
0x800000000000808aULL, 0x8000000080008000ULL,
71
0x000000000000808bULL, 0x0000000080000001ULL,
72
0x8000000080008081ULL, 0x8000000000008009ULL,
73
0x000000000000008aULL, 0x0000000000000088ULL,
74
0x0000000080008009ULL, 0x000000008000000aULL,
75
0x000000008000808bULL, 0x800000000000008bULL,
76
0x8000000000008089ULL, 0x8000000000008003ULL,
77
0x8000000000008002ULL, 0x8000000000000080ULL,
78
0x000000000000800aULL, 0x800000008000000aULL,
79
0x8000000080008081ULL, 0x8000000000008080ULL,
80
0x0000000080000001ULL, 0x8000000080008008ULL
81
};
82
# define A00 (p->u.s[0])
83
# define A01 (p->u.s[1])
84
# define A02 (p->u.s[2])
85
# define A03 (p->u.s[3])
86
# define A04 (p->u.s[4])
87
# define A10 (p->u.s[5])
88
# define A11 (p->u.s[6])
89
# define A12 (p->u.s[7])
90
# define A13 (p->u.s[8])
91
# define A14 (p->u.s[9])
92
# define A20 (p->u.s[10])
93
# define A21 (p->u.s[11])
94
# define A22 (p->u.s[12])
95
# define A23 (p->u.s[13])
96
# define A24 (p->u.s[14])
97
# define A30 (p->u.s[15])
98
# define A31 (p->u.s[16])
99
# define A32 (p->u.s[17])
100
# define A33 (p->u.s[18])
101
# define A34 (p->u.s[19])
102
# define A40 (p->u.s[20])
103
# define A41 (p->u.s[21])
104
# define A42 (p->u.s[22])
105
# define A43 (p->u.s[23])
106
# define A44 (p->u.s[24])
107
# define ROL64(a,x) ((a<<x)|(a>>(64-x)))
108
109
for(i=0; i<24; i+=4){
110
C0 = A00^A10^A20^A30^A40;
111
C1 = A01^A11^A21^A31^A41;
112
C2 = A02^A12^A22^A32^A42;
113
C3 = A03^A13^A23^A33^A43;
114
C4 = A04^A14^A24^A34^A44;
115
D0 = C4^ROL64(C1, 1);
116
D1 = C0^ROL64(C2, 1);
117
D2 = C1^ROL64(C3, 1);
118
D3 = C2^ROL64(C4, 1);
119
D4 = C3^ROL64(C0, 1);
120
121
B0 = (A00^D0);
122
B1 = ROL64((A11^D1), 44);
123
B2 = ROL64((A22^D2), 43);
124
B3 = ROL64((A33^D3), 21);
125
B4 = ROL64((A44^D4), 14);
126
A00 = B0 ^((~B1)& B2 );
127
A00 ^= RC[i];
128
A11 = B1 ^((~B2)& B3 );
129
A22 = B2 ^((~B3)& B4 );
130
A33 = B3 ^((~B4)& B0 );
131
A44 = B4 ^((~B0)& B1 );
132
133
B2 = ROL64((A20^D0), 3);
134
B3 = ROL64((A31^D1), 45);
135
B4 = ROL64((A42^D2), 61);
136
B0 = ROL64((A03^D3), 28);
137
B1 = ROL64((A14^D4), 20);
138
A20 = B0 ^((~B1)& B2 );
139
A31 = B1 ^((~B2)& B3 );
140
A42 = B2 ^((~B3)& B4 );
141
A03 = B3 ^((~B4)& B0 );
142
A14 = B4 ^((~B0)& B1 );
143
144
B4 = ROL64((A40^D0), 18);
145
B0 = ROL64((A01^D1), 1);
146
B1 = ROL64((A12^D2), 6);
147
B2 = ROL64((A23^D3), 25);
148
B3 = ROL64((A34^D4), 8);
149
A40 = B0 ^((~B1)& B2 );
150
A01 = B1 ^((~B2)& B3 );
151
A12 = B2 ^((~B3)& B4 );
152
A23 = B3 ^((~B4)& B0 );
153
A34 = B4 ^((~B0)& B1 );
154
155
B1 = ROL64((A10^D0), 36);
156
B2 = ROL64((A21^D1), 10);
157
B3 = ROL64((A32^D2), 15);
158
B4 = ROL64((A43^D3), 56);
159
B0 = ROL64((A04^D4), 27);
160
A10 = B0 ^((~B1)& B2 );
161
A21 = B1 ^((~B2)& B3 );
162
A32 = B2 ^((~B3)& B4 );
163
A43 = B3 ^((~B4)& B0 );
164
A04 = B4 ^((~B0)& B1 );
165
166
B3 = ROL64((A30^D0), 41);
167
B4 = ROL64((A41^D1), 2);
168
B0 = ROL64((A02^D2), 62);
169
B1 = ROL64((A13^D3), 55);
170
B2 = ROL64((A24^D4), 39);
171
A30 = B0 ^((~B1)& B2 );
172
A41 = B1 ^((~B2)& B3 );
173
A02 = B2 ^((~B3)& B4 );
174
A13 = B3 ^((~B4)& B0 );
175
A24 = B4 ^((~B0)& B1 );
176
177
C0 = A00^A20^A40^A10^A30;
178
C1 = A11^A31^A01^A21^A41;
179
C2 = A22^A42^A12^A32^A02;
180
C3 = A33^A03^A23^A43^A13;
181
C4 = A44^A14^A34^A04^A24;
182
D0 = C4^ROL64(C1, 1);
183
D1 = C0^ROL64(C2, 1);
184
D2 = C1^ROL64(C3, 1);
185
D3 = C2^ROL64(C4, 1);
186
D4 = C3^ROL64(C0, 1);
187
188
B0 = (A00^D0);
189
B1 = ROL64((A31^D1), 44);
190
B2 = ROL64((A12^D2), 43);
191
B3 = ROL64((A43^D3), 21);
192
B4 = ROL64((A24^D4), 14);
193
A00 = B0 ^((~B1)& B2 );
194
A00 ^= RC[i+1];
195
A31 = B1 ^((~B2)& B3 );
196
A12 = B2 ^((~B3)& B4 );
197
A43 = B3 ^((~B4)& B0 );
198
A24 = B4 ^((~B0)& B1 );
199
200
B2 = ROL64((A40^D0), 3);
201
B3 = ROL64((A21^D1), 45);
202
B4 = ROL64((A02^D2), 61);
203
B0 = ROL64((A33^D3), 28);
204
B1 = ROL64((A14^D4), 20);
205
A40 = B0 ^((~B1)& B2 );
206
A21 = B1 ^((~B2)& B3 );
207
A02 = B2 ^((~B3)& B4 );
208
A33 = B3 ^((~B4)& B0 );
209
A14 = B4 ^((~B0)& B1 );
210
211
B4 = ROL64((A30^D0), 18);
212
B0 = ROL64((A11^D1), 1);
213
B1 = ROL64((A42^D2), 6);
214
B2 = ROL64((A23^D3), 25);
215
B3 = ROL64((A04^D4), 8);
216
A30 = B0 ^((~B1)& B2 );
217
A11 = B1 ^((~B2)& B3 );
218
A42 = B2 ^((~B3)& B4 );
219
A23 = B3 ^((~B4)& B0 );
220
A04 = B4 ^((~B0)& B1 );
221
222
B1 = ROL64((A20^D0), 36);
223
B2 = ROL64((A01^D1), 10);
224
B3 = ROL64((A32^D2), 15);
225
B4 = ROL64((A13^D3), 56);
226
B0 = ROL64((A44^D4), 27);
227
A20 = B0 ^((~B1)& B2 );
228
A01 = B1 ^((~B2)& B3 );
229
A32 = B2 ^((~B3)& B4 );
230
A13 = B3 ^((~B4)& B0 );
231
A44 = B4 ^((~B0)& B1 );
232
233
B3 = ROL64((A10^D0), 41);
234
B4 = ROL64((A41^D1), 2);
235
B0 = ROL64((A22^D2), 62);
236
B1 = ROL64((A03^D3), 55);
237
B2 = ROL64((A34^D4), 39);
238
A10 = B0 ^((~B1)& B2 );
239
A41 = B1 ^((~B2)& B3 );
240
A22 = B2 ^((~B3)& B4 );
241
A03 = B3 ^((~B4)& B0 );
242
A34 = B4 ^((~B0)& B1 );
243
244
C0 = A00^A40^A30^A20^A10;
245
C1 = A31^A21^A11^A01^A41;
246
C2 = A12^A02^A42^A32^A22;
247
C3 = A43^A33^A23^A13^A03;
248
C4 = A24^A14^A04^A44^A34;
249
D0 = C4^ROL64(C1, 1);
250
D1 = C0^ROL64(C2, 1);
251
D2 = C1^ROL64(C3, 1);
252
D3 = C2^ROL64(C4, 1);
253
D4 = C3^ROL64(C0, 1);
254
255
B0 = (A00^D0);
256
B1 = ROL64((A21^D1), 44);
257
B2 = ROL64((A42^D2), 43);
258
B3 = ROL64((A13^D3), 21);
259
B4 = ROL64((A34^D4), 14);
260
A00 = B0 ^((~B1)& B2 );
261
A00 ^= RC[i+2];
262
A21 = B1 ^((~B2)& B3 );
263
A42 = B2 ^((~B3)& B4 );
264
A13 = B3 ^((~B4)& B0 );
265
A34 = B4 ^((~B0)& B1 );
266
267
B2 = ROL64((A30^D0), 3);
268
B3 = ROL64((A01^D1), 45);
269
B4 = ROL64((A22^D2), 61);
270
B0 = ROL64((A43^D3), 28);
271
B1 = ROL64((A14^D4), 20);
272
A30 = B0 ^((~B1)& B2 );
273
A01 = B1 ^((~B2)& B3 );
274
A22 = B2 ^((~B3)& B4 );
275
A43 = B3 ^((~B4)& B0 );
276
A14 = B4 ^((~B0)& B1 );
277
278
B4 = ROL64((A10^D0), 18);
279
B0 = ROL64((A31^D1), 1);
280
B1 = ROL64((A02^D2), 6);
281
B2 = ROL64((A23^D3), 25);
282
B3 = ROL64((A44^D4), 8);
283
A10 = B0 ^((~B1)& B2 );
284
A31 = B1 ^((~B2)& B3 );
285
A02 = B2 ^((~B3)& B4 );
286
A23 = B3 ^((~B4)& B0 );
287
A44 = B4 ^((~B0)& B1 );
288
289
B1 = ROL64((A40^D0), 36);
290
B2 = ROL64((A11^D1), 10);
291
B3 = ROL64((A32^D2), 15);
292
B4 = ROL64((A03^D3), 56);
293
B0 = ROL64((A24^D4), 27);
294
A40 = B0 ^((~B1)& B2 );
295
A11 = B1 ^((~B2)& B3 );
296
A32 = B2 ^((~B3)& B4 );
297
A03 = B3 ^((~B4)& B0 );
298
A24 = B4 ^((~B0)& B1 );
299
300
B3 = ROL64((A20^D0), 41);
301
B4 = ROL64((A41^D1), 2);
302
B0 = ROL64((A12^D2), 62);
303
B1 = ROL64((A33^D3), 55);
304
B2 = ROL64((A04^D4), 39);
305
A20 = B0 ^((~B1)& B2 );
306
A41 = B1 ^((~B2)& B3 );
307
A12 = B2 ^((~B3)& B4 );
308
A33 = B3 ^((~B4)& B0 );
309
A04 = B4 ^((~B0)& B1 );
310
311
C0 = A00^A30^A10^A40^A20;
312
C1 = A21^A01^A31^A11^A41;
313
C2 = A42^A22^A02^A32^A12;
314
C3 = A13^A43^A23^A03^A33;
315
C4 = A34^A14^A44^A24^A04;
316
D0 = C4^ROL64(C1, 1);
317
D1 = C0^ROL64(C2, 1);
318
D2 = C1^ROL64(C3, 1);
319
D3 = C2^ROL64(C4, 1);
320
D4 = C3^ROL64(C0, 1);
321
322
B0 = (A00^D0);
323
B1 = ROL64((A01^D1), 44);
324
B2 = ROL64((A02^D2), 43);
325
B3 = ROL64((A03^D3), 21);
326
B4 = ROL64((A04^D4), 14);
327
A00 = B0 ^((~B1)& B2 );
328
A00 ^= RC[i+3];
329
A01 = B1 ^((~B2)& B3 );
330
A02 = B2 ^((~B3)& B4 );
331
A03 = B3 ^((~B4)& B0 );
332
A04 = B4 ^((~B0)& B1 );
333
334
B2 = ROL64((A10^D0), 3);
335
B3 = ROL64((A11^D1), 45);
336
B4 = ROL64((A12^D2), 61);
337
B0 = ROL64((A13^D3), 28);
338
B1 = ROL64((A14^D4), 20);
339
A10 = B0 ^((~B1)& B2 );
340
A11 = B1 ^((~B2)& B3 );
341
A12 = B2 ^((~B3)& B4 );
342
A13 = B3 ^((~B4)& B0 );
343
A14 = B4 ^((~B0)& B1 );
344
345
B4 = ROL64((A20^D0), 18);
346
B0 = ROL64((A21^D1), 1);
347
B1 = ROL64((A22^D2), 6);
348
B2 = ROL64((A23^D3), 25);
349
B3 = ROL64((A24^D4), 8);
350
A20 = B0 ^((~B1)& B2 );
351
A21 = B1 ^((~B2)& B3 );
352
A22 = B2 ^((~B3)& B4 );
353
A23 = B3 ^((~B4)& B0 );
354
A24 = B4 ^((~B0)& B1 );
355
356
B1 = ROL64((A30^D0), 36);
357
B2 = ROL64((A31^D1), 10);
358
B3 = ROL64((A32^D2), 15);
359
B4 = ROL64((A33^D3), 56);
360
B0 = ROL64((A34^D4), 27);
361
A30 = B0 ^((~B1)& B2 );
362
A31 = B1 ^((~B2)& B3 );
363
A32 = B2 ^((~B3)& B4 );
364
A33 = B3 ^((~B4)& B0 );
365
A34 = B4 ^((~B0)& B1 );
366
367
B3 = ROL64((A40^D0), 41);
368
B4 = ROL64((A41^D1), 2);
369
B0 = ROL64((A42^D2), 62);
370
B1 = ROL64((A43^D3), 55);
371
B2 = ROL64((A44^D4), 39);
372
A40 = B0 ^((~B1)& B2 );
373
A41 = B1 ^((~B2)& B3 );
374
A42 = B2 ^((~B3)& B4 );
375
A43 = B3 ^((~B4)& B0 );
376
A44 = B4 ^((~B0)& B1 );
377
}
378
}
379
380
/*
381
** Initialize a new hash. iSize determines the size of the hash
382
** in bits and should be one of 224, 256, 384, or 512. Or iSize
383
** can be zero to use the default hash size of 256 bits.
384
*/
385
static void SHA3Init(SHA3Context *p, int iSize){
386
memset(p, 0, sizeof(*p));
387
if( iSize>=128 && iSize<=512 ){
388
p->nRate = (1600 - ((iSize + 31)&~31)*2)/8;
389
}else{
390
p->nRate = (1600 - 2*256)/8;
391
}
392
#if SHA3_BYTEORDER==1234
393
/* Known to be little-endian at compile-time. No-op */
394
#elif SHA3_BYTEORDER==4321
395
p->ixMask = 7; /* Big-endian */
396
#else
397
{
398
static unsigned int one = 1;
399
if( 1==*(unsigned char*)&one ){
400
/* Little endian. No byte swapping. */
401
p->ixMask = 0;
402
}else{
403
/* Big endian. Byte swap. */
404
p->ixMask = 7;
405
}
406
}
407
#endif
408
}
409
410
/*
411
** Make consecutive calls to the SHA3Update function to add new content
412
** to the hash
413
*/
414
static void SHA3Update(
415
SHA3Context *p,
416
const unsigned char *aData,
417
unsigned int nData
418
){
419
unsigned int i = 0;
420
#if SHA3_BYTEORDER==1234
421
if( (p->nLoaded % 8)==0 && (((intptr_t)aData)&7)==0 ){
422
for(; i+7<nData; i+=8){
423
p->u.s[p->nLoaded/8] ^= *(u64*)&aData[i];
424
p->nLoaded += 8;
425
if( p->nLoaded>=p->nRate ){
426
KeccakF1600Step(p);
427
p->nLoaded = 0;
428
}
429
}
430
}
431
#endif
432
for(; i<nData; i++){
433
#if SHA3_BYTEORDER==1234
434
p->u.x[p->nLoaded] ^= aData[i];
435
#elif SHA3_BYTEORDER==4321
436
p->u.x[p->nLoaded^0x07] ^= aData[i];
437
#else
438
p->u.x[p->nLoaded^p->ixMask] ^= aData[i];
439
#endif
440
p->nLoaded++;
441
if( p->nLoaded==p->nRate ){
442
KeccakF1600Step(p);
443
p->nLoaded = 0;
444
}
445
}
446
}
447
448
/*
449
** After all content has been added, invoke SHA3Final() to compute
450
** the final hash. The function returns a pointer to the binary
451
** hash value.
452
*/
453
static unsigned char *SHA3Final(SHA3Context *p){
454
unsigned int i;
455
if( p->nLoaded==p->nRate-1 ){
456
const unsigned char c1 = 0x86;
457
SHA3Update(p, &c1, 1);
458
}else{
459
const unsigned char c2 = 0x06;
460
const unsigned char c3 = 0x80;
461
SHA3Update(p, &c2, 1);
462
p->nLoaded = p->nRate - 1;
463
SHA3Update(p, &c3, 1);
464
}
465
for(i=0; i<p->nRate; i++){
466
p->u.x[i+p->nRate] = p->u.x[i^p->ixMask];
467
}
468
return &p->u.x[p->nRate];
469
}
470
471
/*
472
** Convert a digest into base-16. digest should be declared as
473
** "unsigned char digest[20]" in the calling function. The SHA3
474
** digest is stored in the first 20 bytes. zBuf should
475
** be "char zBuf[41]".
476
*/
477
static void DigestToBase16(unsigned char *digest, char *zBuf, int nByte){
478
static const char zEncode[] = "0123456789abcdef";
479
int ix;
480
481
for(ix=0; ix<nByte; ix++){
482
*zBuf++ = zEncode[(*digest>>4)&0xf];
483
*zBuf++ = zEncode[*digest++ & 0xf];
484
}
485
*zBuf = '\0';
486
}
487
488
/*
489
** The state of an incremental SHA3 checksum computation. Only one
490
** such computation can be underway at a time, of course.
491
*/
492
static SHA3Context incrCtx;
493
static int incrInit = 0;
494
495
/*
496
** Initialize a new global SHA3 hash.
497
*/
498
void sha3sum_init(int iSize){
499
assert( incrInit==0 );
500
incrInit = iSize;
501
SHA3Init(&incrCtx, incrInit);
502
}
503
504
/*
505
** Add more text to the incremental SHA3 checksum.
506
*/
507
void sha3sum_step_text(const char *zText, int nBytes){
508
assert( incrInit );
509
if( nBytes<=0 ){
510
if( nBytes==0 ) return;
511
nBytes = strlen(zText);
512
}
513
SHA3Update(&incrCtx, (unsigned char*)zText, nBytes);
514
}
515
516
/*
517
** Add the content of a blob to the incremental SHA3 checksum.
518
*/
519
void sha3sum_step_blob(Blob *p){
520
assert( incrInit );
521
SHA3Update(&incrCtx, (unsigned char*)blob_buffer(p), blob_size(p));
522
}
523
524
/*
525
** Finish the incremental SHA3 checksum. Store the result in blob pOut
526
** if pOut!=0. Also return a pointer to the result.
527
**
528
** This resets the incremental checksum preparing for the next round
529
** of computation. The return pointer points to a static buffer that
530
** is overwritten by subsequent calls to this function.
531
*/
532
char *sha3sum_finish(Blob *pOut){
533
static char zOut[132];
534
DigestToBase16(SHA3Final(&incrCtx), zOut, incrInit/8);
535
if( pOut ){
536
blob_zero(pOut);
537
blob_append(pOut, zOut, incrInit/4);
538
}
539
incrInit = 0;
540
return zOut;
541
}
542
543
544
/*
545
** Compute the SHA3 checksum of a file on disk. Store the resulting
546
** checksum in the blob pCksum. pCksum is assumed to be initialized.
547
**
548
** Return the number of errors.
549
*/
550
int sha3sum_file(const char *zFilename, int eFType, int iSize, Blob *pCksum){
551
FILE *in;
552
SHA3Context ctx;
553
char zBuf[10240];
554
555
if( eFType==RepoFILE && file_islink(zFilename) ){
556
/* Instead of file content, return sha3 of link destination path */
557
Blob destinationPath;
558
int rc;
559
560
blob_read_link(&destinationPath, zFilename);
561
rc = sha3sum_blob(&destinationPath, iSize, pCksum);
562
blob_reset(&destinationPath);
563
return rc;
564
}
565
566
in = fossil_fopen(zFilename,"rb");
567
if( in==0 ){
568
return 1;
569
}
570
SHA3Init(&ctx, iSize);
571
for(;;){
572
int n;
573
n = fread(zBuf, 1, sizeof(zBuf), in);
574
if( n<=0 ) break;
575
SHA3Update(&ctx, (unsigned char*)zBuf, (unsigned)n);
576
}
577
fclose(in);
578
blob_zero(pCksum);
579
blob_resize(pCksum, iSize/4);
580
DigestToBase16(SHA3Final(&ctx), blob_buffer(pCksum), iSize/8);
581
return 0;
582
}
583
584
/*
585
** Compute the SHA3 checksum of a blob in memory. Store the resulting
586
** checksum in the blob pCksum. pCksum is assumed to be either
587
** uninitialized or the same blob as pIn.
588
**
589
** Return the number of errors.
590
*/
591
int sha3sum_blob(const Blob *pIn, int iSize, Blob *pCksum){
592
SHA3Context ctx;
593
SHA3Init(&ctx, iSize);
594
SHA3Update(&ctx, (unsigned char*)blob_buffer(pIn), blob_size(pIn));
595
if( pIn==pCksum ){
596
blob_reset(pCksum);
597
}else{
598
blob_zero(pCksum);
599
}
600
blob_resize(pCksum, iSize/4);
601
DigestToBase16(SHA3Final(&ctx), blob_buffer(pCksum), iSize/8);
602
return 0;
603
}
604
605
#if 0 /* NOT USED */
606
/*
607
** Compute the SHA3 checksum of a zero-terminated string. The
608
** result is held in memory obtained from mprintf().
609
*/
610
char *sha3sum(const char *zIn, int iSize){
611
SHA3Context ctx;
612
char zDigest[132];
613
614
SHA3Init(&ctx, iSize);
615
SHA3Update(&ctx, (unsigned const char*)zIn, strlen(zIn));
616
DigestToBase16(SHA3Final(&ctx), zDigest, iSize/8);
617
return fossil_strdup(zDigest);
618
}
619
#endif
620
621
/*
622
** COMMAND: sha3sum*
623
**
624
** Usage: %fossil sha3sum FILE...
625
**
626
** Compute an SHA3 checksum of all files named on the command-line.
627
** If a file is named "-" then take its content from standard input.
628
**
629
** To be clear: The official NIST FIPS-202 implementation of SHA3
630
** with the added 01 padding is used, not the original Keccak submission.
631
**
632
** Options:
633
** --224 Compute a SHA3-224 hash
634
** --256 Compute a SHA3-256 hash (the default)
635
** --384 Compute a SHA3-384 hash
636
** --512 Compute a SHA3-512 hash
637
** --size N An N-bit hash. N must be a multiple of 32 between
638
** 128 and 512.
639
** -h|--dereference If FILE is a symbolic link, compute the hash on
640
** the object pointed to, not on the link itself.
641
**
642
** See also: [[md5sum]], [[sha1sum]]
643
*/
644
void sha3sum_test(void){
645
int i;
646
Blob in;
647
Blob cksum = empty_blob;
648
int iSize = 256;
649
int eFType = SymFILE;
650
651
if( find_option("dereference","h",0) ) eFType = ExtFILE;
652
if( find_option("224",0,0)!=0 ) iSize = 224;
653
else if( find_option("256",0,0)!=0 ) iSize = 256;
654
else if( find_option("384",0,0)!=0 ) iSize = 384;
655
else if( find_option("512",0,0)!=0 ) iSize = 512;
656
else{
657
const char *zN = find_option("size",0,1);
658
if( zN!=0 ){
659
int n = atoi(zN);
660
if( n%32!=0 || n<128 || n>512 ){
661
fossil_fatal("--size must be a multiple of 64 between 128 and 512");
662
}
663
iSize = n;
664
}
665
}
666
verify_all_options();
667
668
for(i=2; i<g.argc; i++){
669
if( g.argv[i][0]=='-' && g.argv[i][1]==0 ){
670
blob_read_from_channel(&in, stdin, -1);
671
sha3sum_blob(&in, iSize, &cksum);
672
}else if( sha3sum_file(g.argv[i], eFType, iSize, &cksum) > 0 ){
673
fossil_fatal("Cannot read file: %s", g.argv[i]);
674
}
675
fossil_print("%s %s\n", blob_str(&cksum), g.argv[i]);
676
blob_reset(&cksum);
677
}
678
}
679

Keyboard Shortcuts

Open search /
Next entry (timeline) j
Previous entry (timeline) k
Open focused entry Enter
Show this help ?
Toggle theme Top nav button