Generate SHA256 intermediate values.

e9a5b160 · Niels Möller · 8734b9f3 · e9a5b160 · e9a5b160
Commit e9a5b160 authored Mar 11, 2013 by Niels Möller
--- a/sha256-compress.c
+++ b/sha256-compress.c
@@ -27,6 +27,19 @@
 # include "config.h"
 #endif

+#ifndef SHA256_DEBUG
+# define SHA256_DEBUG 0
+#endif
+
+#if SHA256_DEBUG
+# include <stdio.h>
+# define DEBUG(i) \
+  fprintf(stderr, "%2d: %8x %8x %8x %8x %8x %8x %8x %8x\n", \
+	  i, A, B, C, D ,E, F, G, H)
+#else
+# define DEBUG(i)
+#endif
+
 #include <assert.h>
 #include <stdlib.h>
 #include <string.h>
@@ -121,36 +134,37 @@ _nettle_sha256_compress(uint32_t *state, const uint8_t *input, const uint32_t *k
  /* Heavy mangling */
  /* First 16 subrounds that act on the original data */

+  DEBUG(-1);
  for (i = 0, d = data; i<16; i+=8, k += 8, d+= 8)
    {
-      ROUND(A, B, C, D, E, F, G, H, k[0], d[0]);
-      ROUND(H, A, B, C, D, E, F, G, k[1], d[1]);
+      ROUND(A, B, C, D, E, F, G, H, k[0], d[0]); DEBUG(i);
+      ROUND(H, A, B, C, D, E, F, G, k[1], d[1]); DEBUG(i+1);
      ROUND(G, H, A, B, C, D, E, F, k[2], d[2]);
      ROUND(F, G, H, A, B, C, D, E, k[3], d[3]);
      ROUND(E, F, G, H, A, B, C, D, k[4], d[4]);
      ROUND(D, E, F, G, H, A, B, C, k[5], d[5]);
-      ROUND(C, D, E, F, G, H, A, B, k[6], d[6]);
-      ROUND(B, C, D, E, F, G, H, A, k[7], d[7]);
+      ROUND(C, D, E, F, G, H, A, B, k[6], d[6]); DEBUG(i+6);
+      ROUND(B, C, D, E, F, G, H, A, k[7], d[7]); DEBUG(i+7);
    }
  
  for (; i<64; i += 16, k+= 16)
    {
-      ROUND(A, B, C, D, E, F, G, H, k[ 0], EXPAND(data,  0));
-      ROUND(H, A, B, C, D, E, F, G, k[ 1], EXPAND(data,  1));
-      ROUND(G, H, A, B, C, D, E, F, k[ 2], EXPAND(data,  2));
-      ROUND(F, G, H, A, B, C, D, E, k[ 3], EXPAND(data,  3));
-      ROUND(E, F, G, H, A, B, C, D, k[ 4], EXPAND(data,  4));
-      ROUND(D, E, F, G, H, A, B, C, k[ 5], EXPAND(data,  5));
-      ROUND(C, D, E, F, G, H, A, B, k[ 6], EXPAND(data,  6));
-      ROUND(B, C, D, E, F, G, H, A, k[ 7], EXPAND(data,  7));
-      ROUND(A, B, C, D, E, F, G, H, k[ 8], EXPAND(data,  8));
-      ROUND(H, A, B, C, D, E, F, G, k[ 9], EXPAND(data,  9));
-      ROUND(G, H, A, B, C, D, E, F, k[10], EXPAND(data, 10));
-      ROUND(F, G, H, A, B, C, D, E, k[11], EXPAND(data, 11));
-      ROUND(E, F, G, H, A, B, C, D, k[12], EXPAND(data, 12));
-      ROUND(D, E, F, G, H, A, B, C, k[13], EXPAND(data, 13));
-      ROUND(C, D, E, F, G, H, A, B, k[14], EXPAND(data, 14));
-      ROUND(B, C, D, E, F, G, H, A, k[15], EXPAND(data, 15));
+      ROUND(A, B, C, D, E, F, G, H, k[ 0], EXPAND(data,  0)); DEBUG(i);
+      ROUND(H, A, B, C, D, E, F, G, k[ 1], EXPAND(data,  1)); DEBUG(i+1);
+      ROUND(G, H, A, B, C, D, E, F, k[ 2], EXPAND(data,  2)); DEBUG(i+2);
+      ROUND(F, G, H, A, B, C, D, E, k[ 3], EXPAND(data,  3)); DEBUG(i+3);
+      ROUND(E, F, G, H, A, B, C, D, k[ 4], EXPAND(data,  4)); DEBUG(i+4);
+      ROUND(D, E, F, G, H, A, B, C, k[ 5], EXPAND(data,  5)); DEBUG(i+5);
+      ROUND(C, D, E, F, G, H, A, B, k[ 6], EXPAND(data,  6)); DEBUG(i+6);
+      ROUND(B, C, D, E, F, G, H, A, k[ 7], EXPAND(data,  7)); DEBUG(i+7);
+      ROUND(A, B, C, D, E, F, G, H, k[ 8], EXPAND(data,  8)); DEBUG(i+8);
+      ROUND(H, A, B, C, D, E, F, G, k[ 9], EXPAND(data,  9)); DEBUG(i+9);
+      ROUND(G, H, A, B, C, D, E, F, k[10], EXPAND(data, 10)); DEBUG(i+10);
+      ROUND(F, G, H, A, B, C, D, E, k[11], EXPAND(data, 11)); DEBUG(i+11);
+      ROUND(E, F, G, H, A, B, C, D, k[12], EXPAND(data, 12)); DEBUG(i+12);
+      ROUND(D, E, F, G, H, A, B, C, k[13], EXPAND(data, 13)); DEBUG(i+13);
+      ROUND(C, D, E, F, G, H, A, B, k[14], EXPAND(data, 14)); DEBUG(i+14);
+      ROUND(B, C, D, E, F, G, H, A, k[15], EXPAND(data, 15)); DEBUG(i+15);
    }

  /* Update state */
@@ -162,4 +176,9 @@ _nettle_sha256_compress(uint32_t *state, const uint8_t *input, const uint32_t *k
  state[5] += F;
  state[6] += G;
  state[7] += H;
+#if SHA256_DEBUG
+  fprintf(stderr, "99: %8x %8x %8x %8x %8x %8x %8x %8x\n",
+	  state[0], state[1], state[2], state[3],
+	  state[4], state[5], state[6], state[7]);
+#endif
 }
--- a/testsuite/sha256-test.c
+++ b/testsuite/sha256-test.c
@@ -50,3 +50,69 @@ test_main(void)
 	    SHEX("f371bc4a311f2b00 9eef952dd83ca80e"
 		 "2b60026c8e935592 d0f9c308453c813e"));
 }
+
+/* These are intermediate values for the single sha1_compress call
+   that results from the first testcase, SHA256("abc"). Each row are
+   the values for A, B, C, D, E, F, G, H after the i:th round. The row
+   i = -1 gives the initial values, and i = 99 gives the output
+   values.
+   
+-1: 6a09e667 bb67ae85 3c6ef372 a54ff53a 510e527f 9b05688c 1f83d9ab 5be0cd19
+ 0: 6a09e667 bb67ae85 3c6ef372 fa2a4622 510e527f 9b05688c 1f83d9ab 5d6aebcd
+ 1: 6a09e667 bb67ae85 78ce7989 fa2a4622 510e527f 9b05688c 5a6ad9ad 5d6aebcd
+ 6: 24e00850 e5030380 2b4209f5  4409a6a d550f666 9b27a401 714260ad 43ada245
+ 7: 85a07b5f e5030380 2b4209f5  4409a6a  c657a79 9b27a401 714260ad 43ada245
+ 8: 85a07b5f e5030380 2b4209f5 32ca2d8c  c657a79 9b27a401 714260ad 8e04ecb9
+ 9: 85a07b5f e5030380 1cc92596 32ca2d8c  c657a79 9b27a401 8c87346b 8e04ecb9
+14: 816fd6e9 c0645fde d932eb16 87912990 f71fc5a9  b92f20c 745a48de 1e578218
+15: b0fa238e c0645fde d932eb16 87912990  7590dcd  b92f20c 745a48de 1e578218
+16: b0fa238e c0645fde d932eb16 8034229c  7590dcd  b92f20c 745a48de 21da9a9b
+17: b0fa238e c0645fde 846ee454 8034229c  7590dcd  b92f20c c2fbd9d1 21da9a9b
+18: b0fa238e cc899961 846ee454 8034229c  7590dcd fe777bbf c2fbd9d1 21da9a9b
+19: b0638179 cc899961 846ee454 8034229c e1f20c33 fe777bbf c2fbd9d1 21da9a9b
+20: b0638179 cc899961 846ee454 9dc68b63 e1f20c33 fe777bbf c2fbd9d1 8ada8930
+21: b0638179 cc899961 c2606d6d 9dc68b63 e1f20c33 fe777bbf e1257970 8ada8930
+22: b0638179 a7a3623f c2606d6d 9dc68b63 e1f20c33 49f5114a e1257970 8ada8930
+23: c5d53d8d a7a3623f c2606d6d 9dc68b63 aa47c347 49f5114a e1257970 8ada8930
+24: c5d53d8d a7a3623f c2606d6d 2823ef91 aa47c347 49f5114a e1257970 1c2c2838
+25: c5d53d8d a7a3623f 14383d8e 2823ef91 aa47c347 49f5114a cde8037d 1c2c2838
+26: c5d53d8d c74c6516 14383d8e 2823ef91 aa47c347 b62ec4bc cde8037d 1c2c2838
+27: edffbff8 c74c6516 14383d8e 2823ef91 77d37528 b62ec4bc cde8037d 1c2c2838
+28: edffbff8 c74c6516 14383d8e 363482c9 77d37528 b62ec4bc cde8037d 6112a3b7
+29: edffbff8 c74c6516 a0060b30 363482c9 77d37528 b62ec4bc ade79437 6112a3b7
+30: edffbff8 ea992a22 a0060b30 363482c9 77d37528  109ab3a ade79437 6112a3b7
+31: 73b33bf5 ea992a22 a0060b30 363482c9 ba591112  109ab3a ade79437 6112a3b7
+32: 73b33bf5 ea992a22 a0060b30 9cd9f5f6 ba591112  109ab3a ade79437 98e12507
+33: 73b33bf5 ea992a22 59249dd3 9cd9f5f6 ba591112  109ab3a fe604df5 98e12507
+34: 73b33bf5  85f3833 59249dd3 9cd9f5f6 ba591112 a9a7738c fe604df5 98e12507
+35: f4b002d6  85f3833 59249dd3 9cd9f5f6 65a0cfe4 a9a7738c fe604df5 98e12507
+36: f4b002d6  85f3833 59249dd3 41a65cb1 65a0cfe4 a9a7738c fe604df5  772a26b
+37: f4b002d6  85f3833 34df1604 41a65cb1 65a0cfe4 a9a7738c a507a53d  772a26b
+38: f4b002d6 6dc57a8a 34df1604 41a65cb1 65a0cfe4 f0781bc8 a507a53d  772a26b
+39: 79ea687a 6dc57a8a 34df1604 41a65cb1 1efbc0a0 f0781bc8 a507a53d  772a26b
+40: 79ea687a 6dc57a8a 34df1604 26352d63 1efbc0a0 f0781bc8 a507a53d d6670766
+41: 79ea687a 6dc57a8a 838b2711 26352d63 1efbc0a0 f0781bc8 df46652f d6670766
+42: 79ea687a decd4715 838b2711 26352d63 1efbc0a0 17aa0dfe df46652f d6670766
+43: fda24c2e decd4715 838b2711 26352d63 9d4baf93 17aa0dfe df46652f d6670766
+44: fda24c2e decd4715 838b2711 26628815 9d4baf93 17aa0dfe df46652f a80f11f0
+45: fda24c2e decd4715 72ab4b91 26628815 9d4baf93 17aa0dfe b7755da1 a80f11f0
+46: fda24c2e a14c14b0 72ab4b91 26628815 9d4baf93 d57b94a9 b7755da1 a80f11f0
+47: 4172328d a14c14b0 72ab4b91 26628815 fecf0bc6 d57b94a9 b7755da1 a80f11f0
+48: 4172328d a14c14b0 72ab4b91 bd714038 fecf0bc6 d57b94a9 b7755da1  5757ceb
+49: 4172328d a14c14b0 6e5c390c bd714038 fecf0bc6 d57b94a9 f11bfaa8  5757ceb
+50: 4172328d 52f1ccf7 6e5c390c bd714038 fecf0bc6 7a0508a1 f11bfaa8  5757ceb
+51: 49231c1e 52f1ccf7 6e5c390c bd714038 886e7a22 7a0508a1 f11bfaa8  5757ceb
+52: 49231c1e 52f1ccf7 6e5c390c 101fd28f 886e7a22 7a0508a1 f11bfaa8 529e7d00
+53: 49231c1e 52f1ccf7 f5702fdb 101fd28f 886e7a22 7a0508a1 9f4787c3 529e7d00
+54: 49231c1e 3ec45cdb f5702fdb 101fd28f 886e7a22 e50e1b4f 9f4787c3 529e7d00
+55: 38cc9913 3ec45cdb f5702fdb 101fd28f 54cb266b e50e1b4f 9f4787c3 529e7d00
+56: 38cc9913 3ec45cdb f5702fdb 9b5e906c 54cb266b e50e1b4f 9f4787c3 fcd1887b
+57: 38cc9913 3ec45cdb 7e44008e 9b5e906c 54cb266b e50e1b4f c062d46f fcd1887b
+58: 38cc9913 6d83bfc6 7e44008e 9b5e906c 54cb266b ffb70472 c062d46f fcd1887b
+59: b21bad3d 6d83bfc6 7e44008e 9b5e906c b6ae8fff ffb70472 c062d46f fcd1887b
+60: b21bad3d 6d83bfc6 7e44008e b85e2ce9 b6ae8fff ffb70472 c062d46f 961f4894
+61: b21bad3d 6d83bfc6  4d24d6c b85e2ce9 b6ae8fff ffb70472 948d25b6 961f4894
+62: b21bad3d d39a2165  4d24d6c b85e2ce9 b6ae8fff fb121210 948d25b6 961f4894
+63: 506e3058 d39a2165  4d24d6c b85e2ce9 5ef50f24 fb121210 948d25b6 961f4894
+99: ba7816bf 8f01cfea 414140de 5dae2223 b00361a3 96177a9c b410ff61 f20015ad
+*/