Support for 224-bit and 256-bit truncated sha512.

609a8dae · Joachim Strömbergson · Niels Möller · 7087e021 · 609a8dae · 609a8dae
Commit 609a8dae authored Mar 23, 2014 by Joachim Strömbergson Committed by Niels Möller Mar 23, 2014
Show whitespace changes
Inline Side-by-side

Showing with 100 additions and 1 deletion

ChangeLog ChangeLog +6 -1

sha2.h sha2.h +27 -0

sha512.c sha512.c +67 -0

No files found.
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,11 @@

 	From Joachim Strömbergson:
 	* sha512.c (K): Indentation fix.
+	(sha512_224_init, sha512_224_digest, sha512_256_init)
+	(sha512_256_digest): New functions.
+	* sha2.h: Add prototypes.
+	(sha512_224_update, sha512_256_update): New aliases for
+	sha512_update.

 2014-03-18  Niels Möller  <nisse@lysator.liu.se>


--- a/sha2.h
+++ b/sha2.h
@@ -43,6 +43,10 @@ extern "C" {
 #define sha512_init nettle_sha512_init
 #define sha512_update nettle_sha512_update
 #define sha512_digest nettle_sha512_digest
+#define sha512_224_init   nettle_sha512_224_init
+#define sha512_224_digest nettle_sha512_224_digest
+#define sha512_256_init   nettle_sha512_256_init
+#define sha512_256_digest nettle_sha512_256_digest

 /* SHA256 */

@@ -149,6 +153,29 @@ sha384_digest(struct sha512_ctx *ctx,
 	      size_t length,
 	      uint8_t *digest);

+
+/* SHA512_224 and SHA512_256, two truncated versions of SHA512 
+   with different initial states. */
+void
+sha512_224_init(struct sha512_ctx *ctx);
+
+#define sha512_224_update nettle_sha512_update
+
+void
+sha512_224_digest(struct sha512_ctx *ctx,
+                  size_t length,
+                  uint8_t *digest);
+
+void
+sha512_256_init(struct sha512_ctx *ctx);
+
+#define sha512_256_update nettle_sha512_update
+
+void
+sha512_256_digest(struct sha512_ctx *ctx,
+                  size_t length,
+                  uint8_t *digest);
+  
 #ifdef __cplusplus
 }
 #endif

--- a/sha512.c
+++ b/sha512.c
@@ -8,6 +8,7 @@
 /* nettle, low-level cryptographics library
 *
 * Copyright (C) 2001, 2010 Niels Möller
+ * Copyright (C) 2014 Joachim Strömbergson
 *  
 * The nettle library is free software; you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
@@ -237,3 +238,69 @@ sha384_digest(struct sha512_ctx *ctx,
  sha512_write_digest(ctx, length, digest);
  sha384_init(ctx);
 }
+
+
+/* sha-512/224 variant. */
+void
+sha512_224_init(struct sha512_ctx *ctx)
+{
+  static const uint64_t H0[_SHA512_DIGEST_LENGTH] =
+  {
+    0x8c3d37c819544da2ULL, 0x73e1996689dcd4d6ULL,
+    0x1dfab7ae32ff9c82ULL, 0x679dd514582f9fcfULL,
+    0x0f6d2b697bd44da8ULL, 0x77e36f7304c48942ULL,
+    0x3f9d85a86a1d36c8ULL, 0x1112e6ad91d692a1ULL,
+  };
+
+  memcpy(ctx->state, H0, sizeof(H0));
+
+  /* Initialize bit count */
+  ctx->count_low = ctx->count_high = 0;
+  
+  /* Initialize buffer */
+  ctx->index = 0;
+}
+
+void
+sha512_224_digest(struct sha512_ctx *ctx,
+	      size_t length,
+	      uint8_t *digest)
+{
+  assert(length <= SHA224_DIGEST_SIZE);
+
+  sha512_write_digest(ctx, length, digest);
+  sha512_224_init(ctx);
+}
+
+
+/* sha-512/256 variant. */
+void
+sha512_256_init(struct sha512_ctx *ctx)
+{
+  static const uint64_t H0[_SHA512_DIGEST_LENGTH] =
+    {
+      0x22312194fc2bf72cULL, 0x9f555fa3c84c64c2ULL, 
+      0x2393b86b6f53b151ULL, 0x963877195940eabdULL, 
+      0x96283ee2a88effe3ULL, 0xbe5e1e2553863992ULL, 
+      0x2b0199fc2c85b8aaULL, 0x0eb72ddc81c52ca2ULL,
+    };
+
+  memcpy(ctx->state, H0, sizeof(H0));
+
+  /* Initialize bit count */
+  ctx->count_low = ctx->count_high = 0;
+  
+  /* Initialize buffer */
+  ctx->index = 0;
+}
+
+void
+sha512_256_digest(struct sha512_ctx *ctx,
+	      size_t length,
+	      uint8_t *digest)
+{
+  assert(length <= SHA256_DIGEST_SIZE);
+
+  sha512_write_digest(ctx, length, digest);
+  sha512_224_init(ctx);
+}