Francois Berder
This library implements some hash and cryptographic algorithms.
Dependents: mBuinoBlinky PB_Emma_Ethernet SLOTrashHTTP Garagem ... more
This library implements the following algorithms :
- RC4
- AES (AES-128, AES-192, AES-256)
- DES
- Triple DES (EDE)
- MD2
- MD4
- MD5
- SHA-1
- SHA-2 (SHA-224, SHA-256, SHA-384, SHA-512)
The hash algorithms have been optimized for the mbed and you should get decent performance. However, I did not optimize the ciphers. Also, I did not test extensively these algorithms : it should work but you may find some bugs. Block ciphers support two modes : ECB and CBC.
Warning
If you are using SHA-384 or SHA-512, be aware that it produces large binary files and the compilation (using the online compiler) takes much longer to execute. It may happen that the compiler stops because it timed-out. In this case, just compile again and it should work.
Computing hash
You can compute the hash of some data in two different ways. The first one is the easiest, each hash algorithm has a static method that takes some data and compute the hash from it.
Computing hash using method 1
#include "Crypto.h"
#include "mbed.h"
static const char msg[] = "mbed is great !";
int main()
{
uint8_t hash[16];
MD2::computeHash(hash, (uint8_t*)msg, strlen(msg));
printf("hash: ");
for(int i = 0; i < 16; ++i)
printf("%02x", hash[i]);
printf("\n");
return 0;
}
The second one is slightly slower (around 2-3% slower) but it allows you to compute the hash of some data in several steps (by calling update method). This is the method you should use if you need to compute the hash from a large source and you don't have enough memory to store it in a single buffer.
Computing hash using method 2
#include "Crypto.h"
#include "mbed.h"
static const char msg[] = "mbed is great !";
int main()
{
uint8_t hash[16];
MD2 h;
h.update((uint8_t*)msg, strlen(msg));
h.finalize(hash);
printf("hash: ");
for(int i = 0; i < 16; ++i)
printf("%02x", hash[i]);
printf("\n");
return 0;
}
TODO
- optimize ciphers
- add doc
Revision 10:bc9c23aa3870, committed 2013-09-24
- Comitter:
- feb11
- Date:
- Tue Sep 24 07:19:04 2013 +0000
- Parent:
- 9:e34e076fb223
- Child:
- 11:96d87a5394ee
- Commit message:
- implemented HMAC
Changed in this revision
--- a/Crypto.h Mon Sep 16 08:35:36 2013 +0000 +++ b/Crypto.h Tue Sep 24 07:19:04 2013 +0000 @@ -12,4 +12,6 @@ #include "SHA1.h" #include "SHA2.h" +#include "HMAC.h" + #endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/hash/HMAC.cpp Tue Sep 24 07:19:04 2013 +0000
@@ -0,0 +1,43 @@
+#include "HMAC.h"
+#include <string.h>
+
+HMAC::HMAC(HashAlgorithm *hashAlgo, uint8_t *k, uint32_t kl):
+algo(hashAlgo),
+keyLength(kl)
+{
+ memcpy(key, k, keyLength);
+ uint8_t buffer[64];
+ memcpy(buffer, key, keyLength);
+ memset(&buffer[keyLength], 0, 64-keyLength);
+
+ for(int i = 0; i < 64; ++i)
+ buffer[i] ^= 0x36;
+
+ algo->update(buffer, 64);
+}
+
+HMAC::~HMAC()
+{
+ delete algo;
+}
+
+void HMAC::update(uint8_t *data, uint32_t length)
+{
+ algo->update(data, length);
+}
+
+void HMAC::finalize(uint8_t *hash)
+{
+ uint8_t buffer[64], buffer2[64];
+ algo->finalize(buffer);
+
+ memcpy(buffer2, key, keyLength);
+ memset(&buffer2[keyLength], 0, keyLength);
+ for(int i = 0; i < 64; ++i)
+ buffer2[i] ^= 0x5C;
+
+ algo->update(buffer2, 64);
+ algo->update(buffer, algo->outputSize());
+ algo->finalize(hash);
+}
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/hash/HMAC.h Tue Sep 24 07:19:04 2013 +0000
@@ -0,0 +1,23 @@
+#ifndef HMAC_H
+#define HMAC_H
+
+#include "HashAlgorithm.h"
+
+class HMAC
+{
+ public :
+
+ HMAC(HashAlgorithm *hashAlgo, uint8_t *k, uint32_t kl);
+ virtual ~HMAC();
+
+ void update(uint8_t *data, uint32_t length);
+ void finalize(uint8_t *hash);
+
+ private :
+
+ HashAlgorithm *algo;
+ uint8_t key[64];
+ uint32_t keyLength;
+};
+
+#endif
--- a/hash/MD2.cpp Mon Sep 16 08:35:36 2013 +0000
+++ b/hash/MD2.cpp Tue Sep 24 07:19:04 2013 +0000
@@ -123,7 +123,7 @@
memcpy(hash, x, 16);
}
-void MD2::computeBlock(uint8_t *checksum2, uint8_t *x2, uint8_t *l2, uint8_t *buffer2)
+__forceinline void MD2::computeBlock(uint8_t *checksum2, uint8_t *x2, uint8_t *l2, uint8_t *buffer2)
{
if(checksum2 != buffer2)
{
@@ -146,7 +146,7 @@
x3[8+j] = x3[4+j] ^ x3[j];
uint8_t t = 0;
-
+ #pragma unroll_completely
for(int j = 0; j < 18; ++j)
{
t = (x2[0] ^= s[t]);
@@ -197,7 +197,7 @@
t = (x2[45] ^= s[t]);
t = (x2[46] ^= s[t]);
t = (x2[47] ^= s[t]);
-
+
t += j;
}
}
\ No newline at end of file
--- a/hash/MD4.cpp Mon Sep 16 08:35:36 2013 +0000
+++ b/hash/MD4.cpp Tue Sep 24 07:19:04 2013 +0000
@@ -156,25 +156,23 @@
uint32_t *x = (uint32_t*)buffer;
// Round 1
- ROUND1(a,b,c,d,x[0],3); ROUND1(d,a,b,c,x[1],7); ROUND1(c,d,a,b,x[2],11); ROUND1(b,c,d,a,x[3],19);
- ROUND1(a,b,c,d,x[4],3); ROUND1(d,a,b,c,x[5],7); ROUND1(c,d,a,b,x[6],11); ROUND1(b,c,d,a,x[7],19);
- ROUND1(a,b,c,d,x[8],3); ROUND1(d,a,b,c,x[9],7); ROUND1(c,d,a,b,x[10],11); ROUND1(b,c,d,a,x[11],19);
- ROUND1(a,b,c,d,x[12],3); ROUND1(d,a,b,c,x[13],7); ROUND1(c,d,a,b,x[14],11); ROUND1(b,c,d,a,x[15],19);
-
-
+ ROUND1(a,b,c,d,x[0],3); ROUND1(d,a,b,c,x[1],7); ROUND1(c,d,a,b,x[2],11); ROUND1(b,c,d,a,x[3],19);
+ ROUND1(a,b,c,d,x[4],3); ROUND1(d,a,b,c,x[5],7); ROUND1(c,d,a,b,x[6],11); ROUND1(b,c,d,a,x[7],19);
+ ROUND1(a,b,c,d,x[8],3); ROUND1(d,a,b,c,x[9],7); ROUND1(c,d,a,b,x[10],11); ROUND1(b,c,d,a,x[11],19);
+ ROUND1(a,b,c,d,x[12],3); ROUND1(d,a,b,c,x[13],7); ROUND1(c,d,a,b,x[14],11); ROUND1(b,c,d,a,x[15],19);
+
// Round 2
- ROUND2(a,b,c,d,x[0],3); ROUND2(d,a,b,c,x[4],5); ROUND2(c,d,a,b,x[8],9); ROUND2(b,c,d,a,x[12],13);
- ROUND2(a,b,c,d,x[1],3); ROUND2(d,a,b,c,x[5],5); ROUND2(c,d,a,b,x[9],9); ROUND2(b,c,d,a,x[13],13);
- ROUND2(a,b,c,d,x[2],3); ROUND2(d,a,b,c,x[6],5); ROUND2(c,d,a,b,x[10],9); ROUND2(b,c,d,a,x[14],13);
- ROUND2(a,b,c,d,x[3],3); ROUND2(d,a,b,c,x[7],5); ROUND2(c,d,a,b,x[11],9); ROUND2(b,c,d,a,x[15],13);
+ ROUND2(a,b,c,d,x[0],3); ROUND2(d,a,b,c,x[4],5); ROUND2(c,d,a,b,x[8],9); ROUND2(b,c,d,a,x[12],13);
+ ROUND2(a,b,c,d,x[1],3); ROUND2(d,a,b,c,x[5],5); ROUND2(c,d,a,b,x[9],9); ROUND2(b,c,d,a,x[13],13);
+ ROUND2(a,b,c,d,x[2],3); ROUND2(d,a,b,c,x[6],5); ROUND2(c,d,a,b,x[10],9); ROUND2(b,c,d,a,x[14],13);
+ ROUND2(a,b,c,d,x[3],3); ROUND2(d,a,b,c,x[7],5); ROUND2(c,d,a,b,x[11],9); ROUND2(b,c,d,a,x[15],13);
-
// Round 3
- ROUND3(a,b,c,d,x[0],3); ROUND3(d,a,b,c,x[8],9); ROUND3(c,d,a,b,x[4],11); ROUND3(b,c,d,a,x[12],15);
+ ROUND3(a,b,c,d,x[0],3); ROUND3(d,a,b,c,x[8],9); ROUND3(c,d,a,b,x[4],11); ROUND3(b,c,d,a,x[12],15);
ROUND3(a,b,c,d,x[2],3); ROUND3(d,a,b,c,x[10],9); ROUND3(c,d,a,b,x[6],11); ROUND3(b,c,d,a,x[14],15);
- ROUND3(a,b,c,d,x[1],3); ROUND3(d,a,b,c,x[9],9); ROUND3(c,d,a,b,x[5],11); ROUND3(b,c,d,a,x[13],15);
- ROUND3(a,b,c,d,x[3],3); ROUND3(d,a,b,c,x[11],9); ROUND3(c,d,a,b,x[7],11); ROUND3(b,c,d,a,x[15],15);
-
+ ROUND3(a,b,c,d,x[1],3); ROUND3(d,a,b,c,x[9],9); ROUND3(c,d,a,b,x[5],11); ROUND3(b,c,d,a,x[13],15);
+ ROUND3(a,b,c,d,x[3],3); ROUND3(d,a,b,c,x[11],9); ROUND3(c,d,a,b,x[7],11); ROUND3(b,c,d,a,x[15],15);
+
*a2 = a + tmpA;
*b2 = b + tmpB;
--- a/hash/MD5.cpp Mon Sep 16 08:35:36 2013 +0000
+++ b/hash/MD5.cpp Tue Sep 24 07:19:04 2013 +0000
@@ -118,7 +118,7 @@
{
uint32_t *hash2 = (uint32_t*)hash;
uint64_t lengthBit = length << 3;
- uint16_t padding;
+ uint32_t padding;
if(length % 64 < 56)
padding = 56 - (length % 64);
else
@@ -157,7 +157,7 @@
hash2[3] = d;
}
-void MD5::computeRounds(uint32_t *a2, uint32_t *b2, uint32_t *c2, uint32_t *d2, uint8_t *buffer)
+__forceinline void MD5::computeRounds(uint32_t *a2, uint32_t *b2, uint32_t *c2, uint32_t *d2, uint8_t *buffer)
{
uint32_t a = *a2, b = *b2, c = *c2, d = *d2;
uint32_t tmpA = a, tmpB = b, tmpC = c, tmpD = d;
--- a/hash/SHA1.cpp Mon Sep 16 08:35:36 2013 +0000
+++ b/hash/SHA1.cpp Tue Sep 24 07:19:04 2013 +0000
@@ -5,27 +5,25 @@
#include "SHA1.h"
#include <string.h>
-#include <stdio.h>
-#include <stdlib.h>
#define F0(B,C,D) ((B & C) | ((~B) & D))
#define F1(B,C,D) (B ^ C ^ D)
#define F2(B,C,D) ((B & C) | (B & D) | (C & D))
#define ROTL(W,N) (((W) << N) | ((W) >> (32-N)))
-static const uint32_t K0 = 0x5A827999;
-static const uint32_t K1 = 0x6ED9EBA1;
-static const uint32_t K2 = 0x8F1BBCDC;
-static const uint32_t K3 = 0xCA62C1D6;
+#define K0 0x5A827999
+#define K1 0x6ED9EBA1
+#define K2 0x8F1BBCDC
+#define K3 0xCA62C1D6
-static const uint32_t H0 = 0x67452301;
-static const uint32_t H1 = 0xEFCDAB89;
-static const uint32_t H2 = 0x98BADCFE;
-static const uint32_t H3 = 0x10325476;
-static const uint32_t H4 = 0xC3D2E1F0;
+#define H0 0x67452301
+#define H1 0xEFCDAB89
+#define H2 0x98BADCFE
+#define H3 0x10325476
+#define H4 0xC3D2E1F0
-static const uint32_t MASK = 0xF;
+#define MASK 0xF
#define W(s) ( w[s] = ROTL(w[((s) + 13) & MASK] ^ w[((s) + 8) & MASK] ^ w[((s) + 2) & MASK] ^ w[s],1))
@@ -181,6 +179,7 @@
{
uint32_t *buffer2 = (uint32_t*)buffer;
uint32_t w[16];
+
for(int t = 0; t < 16; ++t)
w[t] = __rev(buffer2[t]);
--- a/hash/SHA2_32.cpp Mon Sep 16 08:35:36 2013 +0000
+++ b/hash/SHA2_32.cpp Tue Sep 24 07:19:04 2013 +0000
@@ -1,14 +1,13 @@
#include "SHA2_32.h"
#include <string.h>
-#include <stdio.h>
-#include <stdlib.h>
+
static const uint8_t MASK = 0x0F;
#define W(t) (w[(t)] = SSIG1(w[((t)+14)&MASK]) + w[((t)+9)&MASK] + SSIG0(w[((t)+1)&MASK]) + w[t])
#define ROTL(W,N) (((W) << (N)) | ((W) >> (32-(N))))
-#define ROTR(W,N) (((W) >> (N)) | ((W) << (32-(N))))
+#define ROTR(W,N) (__ror(W,N))
#define CH(X,Y,Z) (((X) & (Y)) ^ ((~(X)) & (Z)))
#define MAJ(X,Y,Z) (((X) & (Y)) ^ ((X) & (Z)) ^ ((Y) & (Z)))
#define BSIG0(X) (ROTR(X,2) ^ ROTR(X,13) ^ ROTR(X,22))
@@ -164,10 +163,19 @@
void SHA2_32::computeHash(SHA_32_TYPE type, uint8_t *hash, uint8_t *data, uint32_t length)
{
uint32_t *hash2 = (uint32_t*)hash;
- uint32_t h0 = H[type*8], h1 = H[type*8+1], h2 = H[type*8+2], h3 = H[type*8+3];
- uint32_t h4 = H[type*8+4], h5 = H[type*8+5], h6 = H[type*8+6], h7 = H[type*8+7];
+
+ uint32_t h[8];
+ h[0] = H[type*8];
+ h[1] = H[type*8+1];
+ h[2] = H[type*8+2];
+ h[3] = H[type*8+3];
+ h[4] = H[type*8+4];
+ h[5] = H[type*8+5];
+ h[6] = H[type*8+6];
+ h[7] = H[type*8+7];
+
uint64_t lengthBit = length << 3;
- uint16_t padding;
+ uint32_t padding;
if(length % 64 < 56)
padding = 56 - (length % 64);
else
@@ -175,7 +183,7 @@
while(length >= 64)
{
- computeBlock(&h0, &h1, &h2, &h3, &h4, &h5, &h6, &h7, data);
+ computeBlock(h, &h[1], &h[2], &h[3], &h[4], &h[5], &h[6], &h[7], data);
length -= 64;
data += 64;
}
@@ -188,7 +196,7 @@
else
{
memset(&buffer[length], 0, 64-length);
- computeBlock(&h0, &h1, &h2, &h3, &h4, &h5, &h6, &h7, buffer);
+ computeBlock(h, &h[1], &h[2], &h[3], &h[4], &h[5], &h[6], &h[7], buffer);
memset(buffer, 0, 56);
}
@@ -198,22 +206,22 @@
memcpy(&buffer[60], &lengthBitLow, 4);
lengthBitHigh = __rev(lengthBitHigh);
memcpy(&buffer[56], &lengthBitHigh, 4);
- computeBlock(&h0, &h1, &h2, &h3, &h4, &h5, &h6, &h7, buffer);
+ computeBlock(h, &h[1], &h[2], &h[3], &h[4], &h[5], &h[6], &h[7], buffer);
- hash2[0] = __rev(h0);
- hash2[1] = __rev(h1);
- hash2[2] = __rev(h2);
- hash2[3] = __rev(h3);
- hash2[4] = __rev(h4);
- hash2[5] = __rev(h5);
- hash2[6] = __rev(h6);
+ hash2[0] = __rev(h[0]);
+ hash2[1] = __rev(h[1]);
+ hash2[2] = __rev(h[2]);
+ hash2[3] = __rev(h[3]);
+ hash2[4] = __rev(h[4]);
+ hash2[5] = __rev(h[5]);
+ hash2[6] = __rev(h[6]);
if(type == SHA_256)
- hash2[7] = __rev(h7);
+ hash2[7] = __rev(h[7]);
}
-void SHA2_32::computeBlock(uint32_t *h02,
+__forceinline void SHA2_32::computeBlock(uint32_t *h02,
uint32_t *h12,
uint32_t *h22,
uint32_t *h32,
@@ -228,7 +236,6 @@
uint32_t a = *h02, b = *h12, c = *h22, d = *h32, e = *h42, f = *h52, g = *h62, h = *h72;
uint32_t T1, T2;
-
R(a,b,c,d,e,f,g,h,0,0x428a2f98)
R(h,a,b,c,d,e,f,g,1,0x71374491)
R(g,h,a,b,c,d,e,f,2,0xb5c0fbcf)