diff --git a/pkg/esp32_sdk/patches/0034-wpa_supplicant-add-prefix-wpa_-to-sha384_init.patch b/pkg/esp32_sdk/patches/0034-wpa_supplicant-add-prefix-wpa_-to-sha384_init.patch new file mode 100644 index 0000000000..9ec181f232 Binary files /dev/null and b/pkg/esp32_sdk/patches/0034-wpa_supplicant-add-prefix-wpa_-to-sha384_init.patch differ diff --git a/sys/hashes/sha224.c b/sys/hashes/sha224.c index 189742578c..e83a2ebb8b 100644 --- a/sys/hashes/sha224.c +++ b/sys/hashes/sha224.c @@ -18,11 +18,9 @@ * @} */ -#include #include #include "hashes/sha224.h" -#include "hashes/sha2xx_common.h" /* SHA-224 initialization. Begins a SHA-224 operation. */ void sha224_init(sha224_context_t *ctx) diff --git a/sys/hashes/sha384.c b/sys/hashes/sha384.c new file mode 100644 index 0000000000..1fba9f9e22 --- /dev/null +++ b/sys/hashes/sha384.c @@ -0,0 +1,49 @@ +/* + * Copyright (C) 2023 TU Dresden + * + * This file is subject to the terms and conditions of the GNU Lesser + * General Public License v2.1. See the file LICENSE in the top level + * directory for more details. + */ + +/** + * @ingroup sys_hashes + * + * @{ + * @file + * @brief SHA384 hash function implementation + * + * @author Mikolai Gütschow + * + * @} + */ + +#include + +#include "hashes/sha384.h" + +void sha384_init(sha384_context_t *ctx) +{ + /* Zero bits processed so far */ + ctx->count[0] = ctx->count[1] = 0; + + /* Magic initialization constants */ + ctx->state[0] = 0xcbbb9d5dc1059ed8; + ctx->state[1] = 0x629a292a367cd507; + ctx->state[2] = 0x9159015a3070dd17; + ctx->state[3] = 0x152fecd8f70e5939; + ctx->state[4] = 0x67332667ffc00b31; + ctx->state[5] = 0x8eb44a8768581511; + ctx->state[6] = 0xdb0c2e0d64f98fa7; + ctx->state[7] = 0x47b5481dbefa4fa4; +} + +void sha384(const void *data, size_t len, void *digest) +{ + sha384_context_t c; + assert(digest); + + sha384_init(&c); + sha384_update(&c, data, len); + sha384_final(&c, digest); +} diff --git a/sys/hashes/sha512.c b/sys/hashes/sha512.c index a1d44b4e1c..38da937854 100644 --- a/sys/hashes/sha512.c +++ b/sys/hashes/sha512.c @@ -18,11 +18,9 @@ * @} */ -#include #include #include "hashes/sha512.h" -#include "hashes/sha512_common.h" /* SHA-512 initialization. Begins a SHA-512 operation. */ void sha512_init(sha512_context_t *ctx) @@ -44,6 +42,7 @@ void sha512_init(sha512_context_t *ctx) void sha512(const void *data, size_t len, void *digest) { sha512_context_t c; + assert(digest); sha512_init(&c); sha512_update(&c, data, len); diff --git a/sys/hashes/sha512_224.c b/sys/hashes/sha512_224.c new file mode 100644 index 0000000000..0fc491a4b2 --- /dev/null +++ b/sys/hashes/sha512_224.c @@ -0,0 +1,49 @@ +/* + * Copyright (C) 2023 TU Dresden + * + * This file is subject to the terms and conditions of the GNU Lesser + * General Public License v2.1. See the file LICENSE in the top level + * directory for more details. + */ + +/** + * @ingroup sys_hashes + * + * @{ + * @file + * @brief SHA512/224 hash function implementation + * + * @author Mikolai Gütschow + * + * @} + */ + +#include + +#include "hashes/sha512_224.h" + +void sha512_224_init(sha512_224_context_t *ctx) +{ + /* Zero bits processed so far */ + ctx->count[0] = ctx->count[1] = 0; + + /* Magic initialization constants */ + ctx->state[0] = 0x8C3D37C819544DA2; + ctx->state[1] = 0x73E1996689DCD4D6; + ctx->state[2] = 0x1DFAB7AE32FF9C82; + ctx->state[3] = 0x679DD514582F9FCF; + ctx->state[4] = 0x0F6D2B697BD44DA8; + ctx->state[5] = 0x77E36F7304C48942; + ctx->state[6] = 0x3F9D85A86A1D36C8; + ctx->state[7] = 0x1112E6AD91D692A1; +} + +void sha512_224(const void *data, size_t len, void *digest) +{ + sha512_224_context_t c; + assert(digest); + + sha512_224_init(&c); + sha512_224_update(&c, data, len); + sha512_224_final(&c, digest); +} diff --git a/sys/hashes/sha512_256.c b/sys/hashes/sha512_256.c new file mode 100644 index 0000000000..68c883dd73 --- /dev/null +++ b/sys/hashes/sha512_256.c @@ -0,0 +1,49 @@ +/* + * Copyright (C) 2023 TU Dresden + * + * This file is subject to the terms and conditions of the GNU Lesser + * General Public License v2.1. See the file LICENSE in the top level + * directory for more details. + */ + +/** + * @ingroup sys_hashes + * + * @{ + * @file + * @brief SHA512/256 hash function implementation + * + * @author Mikolai Gütschow + * + * @} + */ + +#include + +#include "hashes/sha512_256.h" + +void sha512_256_init(sha512_256_context_t *ctx) +{ + /* Zero bits processed so far */ + ctx->count[0] = ctx->count[1] = 0; + + /* Magic initialization constants */ + ctx->state[0] = 0x22312194FC2BF72C; + ctx->state[1] = 0x9F555FA3C84C64C2; + ctx->state[2] = 0x2393B86B6F53B151; + ctx->state[3] = 0x963877195940EABD; + ctx->state[4] = 0x96283EE2A88EFFE3; + ctx->state[5] = 0xBE5E1E2553863992; + ctx->state[6] = 0x2B0199FC2C85B8AA; + ctx->state[7] = 0x0EB72DDC81C52CA2; +} + +void sha512_256(const void *data, size_t len, void *digest) +{ + sha512_256_context_t c; + assert(digest); + + sha512_256_init(&c); + sha512_256_update(&c, data, len); + sha512_256_final(&c, digest); +} diff --git a/sys/hashes/sha512_common.c b/sys/hashes/sha512_common.c index b5480d824c..7650355de4 100644 --- a/sys/hashes/sha512_common.c +++ b/sys/hashes/sha512_common.c @@ -34,26 +34,25 @@ #else /* !__BIG_ENDIAN__ */ /* - * Encode a length len/8 vector of (uint64_t) into a length len vector of - * (unsigned char) in big-endian form. Assumes len is a multiple of 8. + * Encode a length ceil(len/8) vector of (uint64_t) into a length len vector of + * (unsigned char) in big-endian form. */ static void be64enc_vect(void *dst_, const void *src_, size_t len) { - /* Assert if len is not a multiple of 8 */ - assert(!(len & 7)); - + size_t i; if ((uintptr_t)dst_ % sizeof(uint64_t) == 0 && (uintptr_t)src_ % sizeof(uint64_t) == 0) { uint64_t *dst = dst_; const uint64_t *src = src_; - for (size_t i = 0; i < len / 8; i++) { + for (i = 0; i < len / 8; i++) { dst[i] = __builtin_bswap64(src[i]); } + i *= 8; } else { uint8_t *dst = dst_; const uint8_t *src = src_; - for (size_t i = 0; i < len; i += 8) { + for (i = 0; i < len-7; i += 8) { dst[i] = src[i + 7]; dst[i + 1] = src[i + 6]; dst[i + 2] = src[i + 5]; @@ -64,6 +63,14 @@ static void be64enc_vect(void *dst_, const void *src_, size_t len) dst[i + 7] = src[i]; } } + /* copy len%8 remaining bytes */ + if (i < len) { + uint8_t *dst = dst_; + const uint8_t *src = src_; + for (size_t j = 0; j < len-i; j++) { + dst[i + j] = src[i+7 - j]; + } + } } /* diff --git a/sys/include/hashes/sha384.h b/sys/include/hashes/sha384.h new file mode 100644 index 0000000000..d93eacffb6 --- /dev/null +++ b/sys/include/hashes/sha384.h @@ -0,0 +1,96 @@ +/* + * Copyright (C) 2023 TU Dresden + * + * This file is subject to the terms and conditions of the GNU Lesser + * General Public License v2.1. See the file LICENSE in the top level + * directory for more details. + */ + +/** + * @defgroup sys_hashes_sha384 SHA-384 + * @ingroup sys_hashes_unkeyed + * @brief Implementation of the SHA-384 hashing function + * @{ + * + * @file + * @brief Header definitions for the SHA384 hash function + * + * @author Mikolai Gütschow + */ + +#ifndef HASHES_SHA384_H +#define HASHES_SHA384_H + +#include +#include + +#include "hashes/sha512_common.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * @brief Length of SHA384 digests in bytes + */ +#define SHA384_DIGEST_LENGTH (48) + +/** + * @brief 1024 Bit (128 Byte) internally used block size for sha384 + */ +#define SHA384_INTERNAL_BLOCK_SIZE (128) + +/** + * @brief Context for cipher operations based on sha384 + */ +typedef sha512_common_context_t sha384_context_t; + +/** + * @brief SHA-384 initialization. Begins a SHA-384 operation. + * + * @param ctx sha384_context_t handle to init, must not be NULL + */ +void sha384_init(sha384_context_t *ctx); + +/** + * @brief Add bytes into the hash + * + * @param ctx sha384_context_t handle to use, must not be NULL + * @param[in] data Input data + * @param[in] len Length of @p data + */ +static inline void sha384_update(sha384_context_t *ctx, const void *data, size_t len) +{ + sha512_common_update(ctx, data, len); +} + +/** + * @brief SHA-384 finalization. Pads the input data, exports the hash value, + * and clears the context state. + * + * @param ctx sha384_context_t handle to use, must not be NULL + * @param[out] digest pointer to resulting digest, this is the hash of all the bytes. + * Length must be at least SHA384_DIGEST_LENGTH + */ +static inline void sha384_final(sha384_context_t *ctx, void *digest) +{ + sha512_common_final(ctx, digest, SHA384_DIGEST_LENGTH); +} + +/** + * @brief A wrapper function to simplify the generation of a hash. This is + * useful for generating sha384 for one single buffer in a single step. + * + * @param[in] data pointer to the buffer to generate hash from + * @param[in] len length of the buffer + * @param[out] digest optional pointer to an array for the result, length must + * be at least SHA384_DIGEST_LENGTH + */ +void sha384(const void *data, size_t len, void *digest); + +#ifdef __cplusplus +} +#endif + +/** @} */ +#endif /* HASHES_SHA384_H */ diff --git a/sys/include/hashes/sha512_224.h b/sys/include/hashes/sha512_224.h new file mode 100644 index 0000000000..8600269378 --- /dev/null +++ b/sys/include/hashes/sha512_224.h @@ -0,0 +1,96 @@ +/* + * Copyright (C) 2023 TU Dresden + * + * This file is subject to the terms and conditions of the GNU Lesser + * General Public License v2.1. See the file LICENSE in the top level + * directory for more details. + */ + +/** + * @defgroup sys_hashes_sha512_224 SHA-512/224 + * @ingroup sys_hashes_unkeyed + * @brief Implementation of the SHA-512/224 hashing function + * @{ + * + * @file + * @brief Header definitions for the SHA512/224 hash function + * + * @author Mikolai Gütschow + */ + +#ifndef HASHES_SHA512_224_H +#define HASHES_SHA512_224_H + +#include +#include + +#include "hashes/sha512_common.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * @brief Length of SHA512_224 digests in bytes + */ +#define SHA512_224_DIGEST_LENGTH (28) + +/** + * @brief 1024 Bit (128 Byte) internally used block size for sha512_224 + */ +#define SHA512_224_INTERNAL_BLOCK_SIZE (128) + +/** + * @brief Context for cipher operations based on sha512_224 + */ +typedef sha512_common_context_t sha512_224_context_t; + +/** + * @brief SHA-512/224 initialization. Begins a SHA-512/224 operation. + * + * @param ctx sha512_224_context_t handle to init, must not be NULL + */ +void sha512_224_init(sha512_224_context_t *ctx); + +/** + * @brief Add bytes into the hash + * + * @param ctx sha512_224_context_t handle to use, must not be NULL + * @param[in] data Input data + * @param[in] len Length of @p data + */ +static inline void sha512_224_update(sha512_224_context_t *ctx, const void *data, size_t len) +{ + sha512_common_update(ctx, data, len); +} + +/** + * @brief SHA-512/224 finalization. Pads the input data, exports the hash value, + * and clears the context state. + * + * @param ctx sha512_224_context_t handle to use, must not be NULL + * @param[out] digest pointer to resulting digest, this is the hash of all the bytes. + * Length must be at least SHA512_224_DIGEST_LENGTH + */ +static inline void sha512_224_final(sha512_224_context_t *ctx, void *digest) +{ + sha512_common_final(ctx, digest, SHA512_224_DIGEST_LENGTH); +} + +/** + * @brief A wrapper function to simplify the generation of a hash. This is + * useful for generating sha512_224 for one single buffer in a single step. + * + * @param[in] data pointer to the buffer to generate hash from + * @param[in] len length of the buffer + * @param[out] digest optional pointer to an array for the result, length must + * be at least SHA512_224_DIGEST_LENGTH + */ +void sha512_224(const void *data, size_t len, void *digest); + +#ifdef __cplusplus +} +#endif + +/** @} */ +#endif /* HASHES_SHA512_224_H */ diff --git a/sys/include/hashes/sha512_256.h b/sys/include/hashes/sha512_256.h new file mode 100644 index 0000000000..0b9423e4b7 --- /dev/null +++ b/sys/include/hashes/sha512_256.h @@ -0,0 +1,96 @@ +/* + * Copyright (C) 2023 TU Dresden + * + * This file is subject to the terms and conditions of the GNU Lesser + * General Public License v2.1. See the file LICENSE in the top level + * directory for more details. + */ + +/** + * @defgroup sys_hashes_sha512_256 SHA-512/256 + * @ingroup sys_hashes_unkeyed + * @brief Implementation of the SHA-512/256 hashing function + * @{ + * + * @file + * @brief Header definitions for the SHA512/256 hash function + * + * @author Mikolai Gütschow + */ + +#ifndef HASHES_SHA512_256_H +#define HASHES_SHA512_256_H + +#include +#include + +#include "hashes/sha512_common.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * @brief Length of SHA512_256 digests in bytes + */ +#define SHA512_256_DIGEST_LENGTH (32) + +/** + * @brief 1024 Bit (128 Byte) internally used block size for sha512_256 + */ +#define SHA512_256_INTERNAL_BLOCK_SIZE (128) + +/** + * @brief Context for cipher operations based on sha512_256 + */ +typedef sha512_common_context_t sha512_256_context_t; + +/** + * @brief SHA-512/256 initialization. Begins a SHA-512/256 operation. + * + * @param ctx sha512_256_context_t handle to init, must not be NULL + */ +void sha512_256_init(sha512_256_context_t *ctx); + +/** + * @brief Add bytes into the hash + * + * @param ctx sha512_256_context_t handle to use, must not be NULL + * @param[in] data Input data + * @param[in] len Length of @p data + */ +static inline void sha512_256_update(sha512_256_context_t *ctx, const void *data, size_t len) +{ + sha512_common_update(ctx, data, len); +} + +/** + * @brief SHA-512/256 finalization. Pads the input data, exports the hash value, + * and clears the context state. + * + * @param ctx sha512_256_context_t handle to use, must not be NULL + * @param[out] digest pointer to resulting digest, this is the hash of all the bytes. + * Length must be at least SHA512_256_DIGEST_LENGTH + */ +static inline void sha512_256_final(sha512_256_context_t *ctx, void *digest) +{ + sha512_common_final(ctx, digest, SHA512_256_DIGEST_LENGTH); +} + +/** + * @brief A wrapper function to simplify the generation of a hash. This is + * useful for generating sha512_256 for one single buffer in a single step. + * + * @param[in] data pointer to the buffer to generate hash from + * @param[in] len length of the buffer + * @param[out] digest optional pointer to an array for the result, length must + * be at least SHA512_256_DIGEST_LENGTH + */ +void sha512_256(const void *data, size_t len, void *digest); + +#ifdef __cplusplus +} +#endif + +/** @} */ +#endif /* HASHES_SHA512_256_H */ diff --git a/tests/unittests/tests-hashes/tests-hashes-sha224.c b/tests/unittests/tests-hashes/tests-hashes-sha224.c index 0bc71c27d8..7a87973b48 100644 --- a/tests/unittests/tests-hashes/tests-hashes-sha224.c +++ b/tests/unittests/tests-hashes/tests-hashes-sha224.c @@ -80,14 +80,14 @@ static const unsigned char hlong_sequence[] = static int calc_and_compare_hash(const char *str, const unsigned char *expected) { - static unsigned char hash[28]; + static unsigned char hash[SHA224_DIGEST_LENGTH]; sha224_context_t sha224; sha224_init(&sha224); sha224_update(&sha224, (uint8_t*)str, strlen(str)); sha224_final(&sha224, hash); - return (memcmp(expected, hash, 28) == 0); + return (memcmp(expected, hash, SHA224_DIGEST_LENGTH) == 0); } static int calc_and_compare_hash_wrapper(const char *str, const unsigned char *expected) @@ -120,7 +120,7 @@ static void test_hashes_sha224_hash_sequence_abc_long(void) TEST_ASSERT(calc_and_compare_hash_wrapper(teststring, h_abc_long)); } -static void test_hashes_sha256_hash_long_sequence(void) +static void test_hashes_sha224_hash_long_sequence(void) { static const char *teststring = {"RIOT is an open-source microkernel-based operating system, designed" @@ -139,7 +139,7 @@ Test *tests_hashes_sha224_tests(void) new_TestFixture(test_hashes_sha224_hash_sequence_empty), new_TestFixture(test_hashes_sha224_hash_sequence_abc), new_TestFixture(test_hashes_sha224_hash_sequence_abc_long), - new_TestFixture(test_hashes_sha256_hash_long_sequence), + new_TestFixture(test_hashes_sha224_hash_long_sequence), }; EMB_UNIT_TESTCALLER(hashes_sha224_tests, NULL, NULL, diff --git a/tests/unittests/tests-hashes/tests-hashes-sha384.c b/tests/unittests/tests-hashes/tests-hashes-sha384.c new file mode 100644 index 0000000000..d9229854dc --- /dev/null +++ b/tests/unittests/tests-hashes/tests-hashes-sha384.c @@ -0,0 +1,204 @@ +/* + * Copyright (C) 2023 TU Dresden + * + * This file is subject to the terms and conditions of the GNU Lesser + * General Public License v2.1. See the file LICENSE in the top level + * directory for more details. + */ + + /** + * @ingroup unittests + * @{ + * + * @file + * @brief testcases for the sha384 implementation + * + * @author Mikolai Gütschow + * + * @} + */ + +#include +#include +#include +#include + +#include "embUnit/embUnit.h" + +#include "hashes/sha384.h" + +#include "tests-hashes.h" + +/** + * Hashes obtained using: + * h=$(echo -n '' | sha384sum - | cut -d ' ' -f1); s=$(echo $h | sed -e 's/../0x&, /g' | sed 's/, $//'); echo $h; echo {$s}; + * + * where is the message to hash + */ + +/** + * @brief expected hash for test empty + * i.e. 38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b + */ +static const unsigned char h_empty[] = + {0x38, 0xb0, 0x60, 0xa7, 0x51, 0xac, 0x96, 0x38, 0x4c, 0xd9, 0x32, 0x7e, 0xb1, 0xb1, 0xe3, 0x6a, + 0x21, 0xfd, 0xb7, 0x11, 0x14, 0xbe, 0x07, 0x43, 0x4c, 0x0c, 0xc7, 0xbf, 0x63, 0xf6, 0xe1, 0xda, + 0x27, 0x4e, 0xde, 0xbf, 0xe7, 0x6f, 0x65, 0xfb, 0xd5, 0x1a, 0xd2, 0xf1, 0x48, 0x98, 0xb9, 0x5b}; +static const char *s_empty = ""; + +/** + * @brief expected hash for "abc" + * (from FIPS 180-2 Appendix D.1) + * i.e. cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7 + */ +static const unsigned char h_abc[] = + {0xcb, 0x00, 0x75, 0x3f, 0x45, 0xa3, 0x5e, 0x8b, 0xb5, 0xa0, 0x3d, 0x69, 0x9a, 0xc6, 0x50, 0x07, + 0x27, 0x2c, 0x32, 0xab, 0x0e, 0xde, 0xd1, 0x63, 0x1a, 0x8b, 0x60, 0x5a, 0x43, 0xff, 0x5b, 0xed, + 0x80, 0x86, 0x07, 0x2b, 0xa1, 0xe7, 0xcc, 0x23, 0x58, 0xba, 0xec, 0xa1, 0x34, 0xc8, 0x25, 0xa7}; +static const char *s_abc = "abc"; +/** + * @brief expected hash for FIPS 180-2 Appendix D.2 + * i.e. 09330c33f71147e83d192fc782cd1b4753111b173b3b05d22fa08086e3b0f712fcc7c71a557e2db966c3e9fa91746039 + */ +static const unsigned char h_abc_long[] = + {0x09, 0x33, 0x0c, 0x33, 0xf7, 0x11, 0x47, 0xe8, 0x3d, 0x19, 0x2f, 0xc7, 0x82, 0xcd, 0x1b, 0x47, + 0x53, 0x11, 0x1b, 0x17, 0x3b, 0x3b, 0x05, 0xd2, 0x2f, 0xa0, 0x80, 0x86, 0xe3, 0xb0, 0xf7, 0x12, + 0xfc, 0xc7, 0xc7, 0x1a, 0x55, 0x7e, 0x2d, 0xb9, 0x66, 0xc3, 0xe9, 0xfa, 0x91, 0x74, 0x60, 0x39}; +static const char *s_abc_long = + "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijkl" + "mnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + +/** + * @brief expected hash for test long_sequence + * i.e. 1c2aaa49583a5f5507612ddfa87d75a4bfc384c25ed2eca878d77e1614217272b7aee62dc51432fb9b91d773798d3fc1 + */ +static const unsigned char h_long_sequence[] = + {0x1c, 0x2a, 0xaa, 0x49, 0x58, 0x3a, 0x5f, 0x55, 0x07, 0x61, 0x2d, 0xdf, 0xa8, 0x7d, 0x75, 0xa4, + 0xbf, 0xc3, 0x84, 0xc2, 0x5e, 0xd2, 0xec, 0xa8, 0x78, 0xd7, 0x7e, 0x16, 0x14, 0x21, 0x72, 0x72, + 0xb7, 0xae, 0xe6, 0x2d, 0xc5, 0x14, 0x32, 0xfb, 0x9b, 0x91, 0xd7, 0x73, 0x79, 0x8d, 0x3f, 0xc1}; +static const char *s_long_sequence = + {"RIOT is an open-source microkernel-based operating system, designed" + " to match the requirements of Internet of Things (IoT) devices and" + " other embedded devices. These requirements include a very low memory" + " footprint (on the order of a few kilobytes), high energy efficiency" + ", real-time capabilities, communication stacks for both wireless and" + " wired networks, and support for a wide range of low-power hardware."}; + +/** + * @brief expected hash for { 0xC0, 0xFF, 0xEE } + * i.e. 011f360db636cfa4c7a61768ad917fe3d95a6bd88a7968ce437b00b63a32b0da911329488b8571224e4245250b62ba86 + * + * obtained using: + * h=$(printf '\xc0\xff\xee' | sha384sum - | cut -d ' ' -f1); s=$(echo $h | sed -e 's/../0x&, /g' | sed 's/, $//'); echo $h; echo {$s}; + */ +static const unsigned char h_coffee[] = + {0x01, 0x1f, 0x36, 0x0d, 0xb6, 0x36, 0xcf, 0xa4, 0xc7, 0xa6, 0x17, 0x68, 0xad, 0x91, 0x7f, 0xe3, + 0xd9, 0x5a, 0x6b, 0xd8, 0x8a, 0x79, 0x68, 0xce, 0x43, 0x7b, 0x00, 0xb6, 0x3a, 0x32, 0xb0, 0xda, + 0x91, 0x13, 0x29, 0x48, 0x8b, 0x85, 0x71, 0x22, 0x4e, 0x42, 0x45, 0x25, 0x0b, 0x62, 0xba, 0x86}; +static const uint8_t s_coffe[] = { 0xC0, 0xFF, 0xEE }; + +static int calc_and_compare_hash(const char *str, const unsigned char *expected) +{ + static unsigned char hash[SHA384_DIGEST_LENGTH]; + sha384_context_t sha384; + + sha384_init(&sha384); + sha384_update(&sha384, (uint8_t*)str, strlen(str)); + sha384_final(&sha384, hash); + + return (memcmp(expected, hash, SHA384_DIGEST_LENGTH) == 0); +} + +static int calc_and_compare_hash_wrapper(const char *str, const unsigned char *expected) +{ + static unsigned char hash[SHA384_DIGEST_LENGTH]; + + sha384((uint8_t*)str, strlen(str), hash); + + return (memcmp(expected, hash, SHA384_DIGEST_LENGTH) == 0); +} + +static void test_hashes_sha384_hash_sequence_empty(void) +{ + TEST_ASSERT(calc_and_compare_hash(s_empty, h_empty)); + TEST_ASSERT(calc_and_compare_hash_wrapper(s_empty, h_empty)); +} + +static void test_hashes_sha384_hash_sequence_abc(void) +{ + TEST_ASSERT(calc_and_compare_hash(s_abc, h_abc)); + TEST_ASSERT(calc_and_compare_hash_wrapper(s_abc, h_abc)); +} + +static void test_hashes_sha384_hash_sequence_abc_long(void) +{ + TEST_ASSERT(calc_and_compare_hash(s_abc_long, h_abc_long)); + TEST_ASSERT(calc_and_compare_hash_wrapper(s_abc_long, h_abc_long)); +} + +static void test_hashes_sha384_hash_long_sequence(void) +{ + TEST_ASSERT(calc_and_compare_hash(s_long_sequence, h_long_sequence)); + TEST_ASSERT(calc_and_compare_hash_wrapper(s_long_sequence, h_long_sequence)); +} + +static void test_hashes_sha384_hash_sequence_binary(void) +{ + static uint8_t hash[SHA384_DIGEST_LENGTH]; + sha384(s_coffe, sizeof(s_coffe), hash); + TEST_ASSERT(memcmp(h_coffee, hash, SHA384_DIGEST_LENGTH) == 0); +} + +static void test_hashes_sha384_hash_update_twice(void) +{ + static const char teststring[] = "abcdef"; + + static uint8_t hash_update_once[SHA384_DIGEST_LENGTH]; + static uint8_t hash_update_twice[SHA384_DIGEST_LENGTH]; + sha384_context_t sha384; + + sha384_init(&sha384); + sha384_update(&sha384, (uint8_t*)teststring, sizeof(teststring)); + sha384_final(&sha384, hash_update_once); + + sha384_init(&sha384); + sha384_update(&sha384, (uint8_t*)teststring, 3); + sha384_update(&sha384, (uint8_t*)&teststring[3], sizeof(teststring)-3); + sha384_final(&sha384, hash_update_twice); + + TEST_ASSERT(memcmp(hash_update_once, hash_update_twice, SHA384_DIGEST_LENGTH) == 0); +} + +static void test_hashes_sha384_hash_clear_ctx(void) +{ + static uint8_t hash[SHA384_DIGEST_LENGTH]; + sha384_context_t sha384; + + sha384_init(&sha384); + sha384_update(&sha384, s_empty, strlen(s_empty)); + sha384_final(&sha384, hash); + + TEST_ASSERT(memcmp(h_empty, hash, SHA384_DIGEST_LENGTH) == 0); + for (size_t i=0; i + * + * @} + */ + +#include +#include +#include +#include + +#include "embUnit/embUnit.h" + +#include "hashes/sha512_224.h" + +#include "tests-hashes.h" + +/** + * Hashes obtained using https://emn178.github.io/online-tools/sha512_224.html + * C-array generated with + * s=$(echo $hash | sed -e 's/../0x&, /g' | sed 's/, $//'); echo $s; + * + * where $hash is the hash of the given string + */ + +/** + * @brief expected hash for test empty + * i.e. 6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4 + */ +static const unsigned char h_empty[] = + {0x6e, 0xd0, 0xdd, 0x02, 0x80, 0x6f, 0xa8, 0x9e, 0x25, 0xde, 0x06, 0x0c, 0x19, 0xd3, + 0xac, 0x86, 0xca, 0xbb, 0x87, 0xd6, 0xa0, 0xdd, 0xd0, 0x5c, 0x33, 0x3b, 0x84, 0xf4}; +static const char *s_empty = ""; + +/** + * @brief expected hash for "abc" + * i.e. 4634270f707b6a54daae7530460842e20e37ed265ceee9a43e8924aa + */ +static const unsigned char h_abc[] = + {0x46, 0x34, 0x27, 0x0f, 0x70, 0x7b, 0x6a, 0x54, 0xda, 0xae, 0x75, 0x30, 0x46, 0x08, + 0x42, 0xe2, 0x0e, 0x37, 0xed, 0x26, 0x5c, 0xee, 0xe9, 0xa4, 0x3e, 0x89, 0x24, 0xaa}; +static const char *s_abc = "abc"; +/** + * @brief expected hash for string from FIPS 180-2 Appendix D.2 + * i.e. 23fec5bb94d60b23308192640b0c453335d664734fe40e7268674af9 + */ +static const unsigned char h_abc_long[] = + {0x23, 0xfe, 0xc5, 0xbb, 0x94, 0xd6, 0x0b, 0x23, 0x30, 0x81, 0x92, 0x64, 0x0b, 0x0c, + 0x45, 0x33, 0x35, 0xd6, 0x64, 0x73, 0x4f, 0xe4, 0x0e, 0x72, 0x68, 0x67, 0x4a, 0xf9}; +static const char *s_abc_long = + "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijkl" + "mnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + +/** + * @brief expected hash for test long_sequence + * i.e. 15d26dcdbf77989cc4534ce24b1d3ff9c607767787b96241e358d6b8 + */ +static const unsigned char h_long_sequence[] = + {0x15, 0xd2, 0x6d, 0xcd, 0xbf, 0x77, 0x98, 0x9c, 0xc4, 0x53, 0x4c, 0xe2, 0x4b, 0x1d, + 0x3f, 0xf9, 0xc6, 0x07, 0x76, 0x77, 0x87, 0xb9, 0x62, 0x41, 0xe3, 0x58, 0xd6, 0xb8}; +static const char *s_long_sequence = + {"RIOT is an open-source microkernel-based operating system, designed" + " to match the requirements of Internet of Things (IoT) devices and" + " other embedded devices. These requirements include a very low memory" + " footprint (on the order of a few kilobytes), high energy efficiency" + ", real-time capabilities, communication stacks for both wireless and" + " wired networks, and support for a wide range of low-power hardware."}; + +/** + * @brief expected hash for { 0xC0, 0xFF, 0xEE } + * i.e. f16f1e9cf96b5b9caa0d5abd0aa2a10bdd0636d0d1c3de2b4c11e312 + */ +static const unsigned char h_coffee[] = + {0xf1, 0x6f, 0x1e, 0x9c, 0xf9, 0x6b, 0x5b, 0x9c, 0xaa, 0x0d, 0x5a, 0xbd, 0x0a, 0xa2, + 0xa1, 0x0b, 0xdd, 0x06, 0x36, 0xd0, 0xd1, 0xc3, 0xde, 0x2b, 0x4c, 0x11, 0xe3, 0x12}; +static const uint8_t s_coffe[] = { 0xC0, 0xFF, 0xEE }; + +static int calc_and_compare_hash(const char *str, const unsigned char *expected) +{ + static unsigned char hash[SHA512_224_DIGEST_LENGTH]; + sha512_224_context_t sha512_224; + + sha512_224_init(&sha512_224); + sha512_224_update(&sha512_224, (uint8_t*)str, strlen(str)); + sha512_224_final(&sha512_224, hash); + + return (memcmp(expected, hash, SHA512_224_DIGEST_LENGTH) == 0); +} + +static int calc_and_compare_hash_wrapper(const char *str, const unsigned char *expected) +{ + static unsigned char hash[SHA512_224_DIGEST_LENGTH]; + + sha512_224((uint8_t*)str, strlen(str), hash); + + return (memcmp(expected, hash, SHA512_224_DIGEST_LENGTH) == 0); +} + +static void test_hashes_sha512_224_hash_sequence_empty(void) +{ + TEST_ASSERT(calc_and_compare_hash(s_empty, h_empty)); + TEST_ASSERT(calc_and_compare_hash_wrapper(s_empty, h_empty)); +} + +static void test_hashes_sha512_224_hash_sequence_abc(void) +{ + TEST_ASSERT(calc_and_compare_hash(s_abc, h_abc)); + TEST_ASSERT(calc_and_compare_hash_wrapper(s_abc, h_abc)); +} + +static void test_hashes_sha512_224_hash_sequence_abc_long(void) +{ + TEST_ASSERT(calc_and_compare_hash(s_abc_long, h_abc_long)); + TEST_ASSERT(calc_and_compare_hash_wrapper(s_abc_long, h_abc_long)); +} + +static void test_hashes_sha512_224_hash_long_sequence(void) +{ + TEST_ASSERT(calc_and_compare_hash(s_long_sequence, h_long_sequence)); + TEST_ASSERT(calc_and_compare_hash_wrapper(s_long_sequence, h_long_sequence)); +} + +static void test_hashes_sha512_224_hash_sequence_binary(void) +{ + static uint8_t hash[SHA512_224_DIGEST_LENGTH]; + sha512_224(s_coffe, sizeof(s_coffe), hash); + TEST_ASSERT(memcmp(h_coffee, hash, SHA512_224_DIGEST_LENGTH) == 0); +} + +static void test_hashes_sha512_224_hash_update_twice(void) +{ + static const char teststring[] = "abcdef"; + + static uint8_t hash_update_once[SHA512_224_DIGEST_LENGTH]; + static uint8_t hash_update_twice[SHA512_224_DIGEST_LENGTH]; + sha512_224_context_t sha512_224; + + sha512_224_init(&sha512_224); + sha512_224_update(&sha512_224, (uint8_t*)teststring, sizeof(teststring)); + sha512_224_final(&sha512_224, hash_update_once); + + sha512_224_init(&sha512_224); + sha512_224_update(&sha512_224, (uint8_t*)teststring, 3); + sha512_224_update(&sha512_224, (uint8_t*)&teststring[3], sizeof(teststring)-3); + sha512_224_final(&sha512_224, hash_update_twice); + + TEST_ASSERT(memcmp(hash_update_once, hash_update_twice, SHA512_224_DIGEST_LENGTH) == 0); +} + +static void test_hashes_sha512_224_hash_clear_ctx(void) +{ + static uint8_t hash[SHA512_224_DIGEST_LENGTH]; + sha512_224_context_t sha512_224; + + sha512_224_init(&sha512_224); + sha512_224_update(&sha512_224, s_empty, strlen(s_empty)); + sha512_224_final(&sha512_224, hash); + + TEST_ASSERT(memcmp(h_empty, hash, SHA512_224_DIGEST_LENGTH) == 0); + for (size_t i=0; i + * + * @} + */ + +#include +#include +#include +#include + +#include "embUnit/embUnit.h" + +#include "hashes/sha512_256.h" + +#include "tests-hashes.h" + +/** + * Hashes obtained using https://emn178.github.io/online-tools/sha512_256.html + * C-array generated with + * s=$(echo $hash | sed -e 's/../0x&, /g' | sed 's/, $//'); echo $s; + * + * where $hash is the hash of the given string + */ + +/** + * @brief expected hash for test empty + * i.e. c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a + */ +static const unsigned char h_empty[] = + {0xc6, 0x72, 0xb8, 0xd1, 0xef, 0x56, 0xed, 0x28, 0xab, 0x87, 0xc3, 0x62, 0x2c, 0x51, 0x14, 0x06, + 0x9b, 0xdd, 0x3a, 0xd7, 0xb8, 0xf9, 0x73, 0x74, 0x98, 0xd0, 0xc0, 0x1e, 0xce, 0xf0, 0x96, 0x7a}; +static const char *s_empty = ""; + +/** + * @brief expected hash for "abc" + * i.e. 53048e2681941ef99b2e29b76b4c7dabe4c2d0c634fc6d46e0e2f13107e7af23 + */ +static const unsigned char h_abc[] = + {0x53, 0x04, 0x8e, 0x26, 0x81, 0x94, 0x1e, 0xf9, 0x9b, 0x2e, 0x29, 0xb7, 0x6b, 0x4c, 0x7d, 0xab, + 0xe4, 0xc2, 0xd0, 0xc6, 0x34, 0xfc, 0x6d, 0x46, 0xe0, 0xe2, 0xf1, 0x31, 0x07, 0xe7, 0xaf, 0x23}; +static const char *s_abc = "abc"; +/** + * @brief expected hash for string from FIPS 180-2 Appendix D.2 + * i.e. 3928e184fb8690f840da3988121d31be65cb9d3ef83ee6146feac861e19b563a + */ +static const unsigned char h_abc_long[] = + {0x39, 0x28, 0xe1, 0x84, 0xfb, 0x86, 0x90, 0xf8, 0x40, 0xda, 0x39, 0x88, 0x12, 0x1d, 0x31, 0xbe, + 0x65, 0xcb, 0x9d, 0x3e, 0xf8, 0x3e, 0xe6, 0x14, 0x6f, 0xea, 0xc8, 0x61, 0xe1, 0x9b, 0x56, 0x3a}; +static const char *s_abc_long = + "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijkl" + "mnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + +/** + * @brief expected hash for test long_sequence + * i.e. 25c09a60bbdd1cd422bfd4c740c6c4a6acb734027e39e2ae7740858bd1022c5f + */ +static const unsigned char h_long_sequence[] = + {0x25, 0xc0, 0x9a, 0x60, 0xbb, 0xdd, 0x1c, 0xd4, 0x22, 0xbf, 0xd4, 0xc7, 0x40, 0xc6, 0xc4, 0xa6, + 0xac, 0xb7, 0x34, 0x02, 0x7e, 0x39, 0xe2, 0xae, 0x77, 0x40, 0x85, 0x8b, 0xd1, 0x02, 0x2c, 0x5f}; +static const char *s_long_sequence = + {"RIOT is an open-source microkernel-based operating system, designed" + " to match the requirements of Internet of Things (IoT) devices and" + " other embedded devices. These requirements include a very low memory" + " footprint (on the order of a few kilobytes), high energy efficiency" + ", real-time capabilities, communication stacks for both wireless and" + " wired networks, and support for a wide range of low-power hardware."}; + +/** + * @brief expected hash for { 0xC0, 0xFF, 0xEE } + * i.e. 22680446a2d2ec571ae5ec2b45f59c70211b5fcf44894c02bd242f7b05b24870 + */ +static const unsigned char h_coffee[] = + {0x22, 0x68, 0x04, 0x46, 0xa2, 0xd2, 0xec, 0x57, 0x1a, 0xe5, 0xec, 0x2b, 0x45, 0xf5, 0x9c, 0x70, + 0x21, 0x1b, 0x5f, 0xcf, 0x44, 0x89, 0x4c, 0x02, 0xbd, 0x24, 0x2f, 0x7b, 0x05, 0xb2, 0x48, 0x70}; +static const uint8_t s_coffe[] = { 0xC0, 0xFF, 0xEE }; + +static int calc_and_compare_hash(const char *str, const unsigned char *expected) +{ + static unsigned char hash[SHA512_256_DIGEST_LENGTH]; + sha512_256_context_t sha512_256; + + sha512_256_init(&sha512_256); + sha512_256_update(&sha512_256, (uint8_t*)str, strlen(str)); + sha512_256_final(&sha512_256, hash); + + return (memcmp(expected, hash, SHA512_256_DIGEST_LENGTH) == 0); +} + +static int calc_and_compare_hash_wrapper(const char *str, const unsigned char *expected) +{ + static unsigned char hash[SHA512_256_DIGEST_LENGTH]; + + sha512_256((uint8_t*)str, strlen(str), hash); + + return (memcmp(expected, hash, SHA512_256_DIGEST_LENGTH) == 0); +} + +static void test_hashes_sha512_256_hash_sequence_empty(void) +{ + TEST_ASSERT(calc_and_compare_hash(s_empty, h_empty)); + TEST_ASSERT(calc_and_compare_hash_wrapper(s_empty, h_empty)); +} + +static void test_hashes_sha512_256_hash_sequence_abc(void) +{ + TEST_ASSERT(calc_and_compare_hash(s_abc, h_abc)); + TEST_ASSERT(calc_and_compare_hash_wrapper(s_abc, h_abc)); +} + +static void test_hashes_sha512_256_hash_sequence_abc_long(void) +{ + TEST_ASSERT(calc_and_compare_hash(s_abc_long, h_abc_long)); + TEST_ASSERT(calc_and_compare_hash_wrapper(s_abc_long, h_abc_long)); +} + +static void test_hashes_sha512_256_hash_long_sequence(void) +{ + TEST_ASSERT(calc_and_compare_hash(s_long_sequence, h_long_sequence)); + TEST_ASSERT(calc_and_compare_hash_wrapper(s_long_sequence, h_long_sequence)); +} + +static void test_hashes_sha512_256_hash_sequence_binary(void) +{ + static uint8_t hash[SHA512_256_DIGEST_LENGTH]; + sha512_256(s_coffe, sizeof(s_coffe), hash); + TEST_ASSERT(memcmp(h_coffee, hash, SHA512_256_DIGEST_LENGTH) == 0); +} + +static void test_hashes_sha512_256_hash_update_twice(void) +{ + static const char teststring[] = "abcdef"; + + static uint8_t hash_update_once[SHA512_256_DIGEST_LENGTH]; + static uint8_t hash_update_twice[SHA512_256_DIGEST_LENGTH]; + sha512_256_context_t sha512_256; + + sha512_256_init(&sha512_256); + sha512_256_update(&sha512_256, (uint8_t*)teststring, sizeof(teststring)); + sha512_256_final(&sha512_256, hash_update_once); + + sha512_256_init(&sha512_256); + sha512_256_update(&sha512_256, (uint8_t*)teststring, 3); + sha512_256_update(&sha512_256, (uint8_t*)&teststring[3], sizeof(teststring)-3); + sha512_256_final(&sha512_256, hash_update_twice); + + TEST_ASSERT(memcmp(hash_update_once, hash_update_twice, SHA512_256_DIGEST_LENGTH) == 0); +} + +static void test_hashes_sha512_256_hash_clear_ctx(void) +{ + static uint8_t hash[SHA512_256_DIGEST_LENGTH]; + sha512_256_context_t sha512_256; + + sha512_256_init(&sha512_256); + sha512_256_update(&sha512_256, s_empty, strlen(s_empty)); + sha512_256_final(&sha512_256, hash); + + TEST_ASSERT(memcmp(h_empty, hash, SHA512_256_DIGEST_LENGTH) == 0); + for (size_t i=0; i