diff --git a/Crypto/Hash/SHA256.cpp b/Crypto/Hash/SHA256.cpp new file mode 100644 index 0000000..740d807 --- /dev/null +++ b/Crypto/Hash/SHA256.cpp @@ -0,0 +1,114 @@ +/* + C implementation by John Ryland + Based on psuedo code algorithm on wikipedia + Copyright (c) 2013 + */ + +#include +#include +#include +#include "SHA256.h" + + +// Initialize variables +// (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): +static const uint32_t h[8] = +{ + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +}; + + +// Initialize table of round constants +// (first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311): +static const uint32_t k[64] = +{ + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +}; + + +void sha256(const uint8_t* message, uint64_t length, uint32_t hash[8]) +{ + // Initialize hash value + memcpy(hash, h, 8*sizeof(uint32_t)); + + // append the bit '1' to the message + // append k bits '0', where k is the minimum number >= 0 such that the resulting message + // length (in bits) is 448 (modulo 512). + uint8_t msg[length + 65]; + memcpy(msg, message, length); + msg[length] = 0x80; + + uint64_t bitLength = (length+1) * 8; + for (int i = 1; i < 64; i++) + msg[length+i] = 0x00; + if ( (bitLength % 512) > 448 ) { + bitLength = (512 - (bitLength % 512)) + 448; + } else { + bitLength += 448 - (bitLength % 512); + } + assert((bitLength % 512) == 448); + + // append length of message (before pre-processing), in bits, as 64-bit big-endian integer + length *= 8; + *((uint64_t*)(msg + (bitLength/8))) = htobe64(length); + bitLength += 64; + + // Process the message in successive 512-bit chunks: + for (uint64_t bit = 0ULL; bit < bitLength; bit += 512) + { + uint32_t chunk[64]; + for (int i = 0; i < 16; i++) + { + // break chunk into sixteen 32-bit big-endian words w[0..15] + chunk[i] = be32toh(((uint32_t*)&msg[bit/8])[i]); + } + + // Extend the sixteen 32-bit words into sixty-four 32-bit words: + for (int i = 16; i < 64; i++) + { + // we can do rotate right in C using shift right if we duplicate the bits + uint32_t s0 = chunk[i - 15]; + uint32_t s1 = chunk[i - 2]; + uint64_t v = (uint64_t(s0) << 32) | s0; + s0 = (v >> 7) ^ (v >> 18) ^ (s0 >> 3); + v = (uint64_t(s1) << 32) | s1; + s1 = (v >> 17) ^ (v >> 19) ^ (s1 >> 10); + chunk[i] = chunk[i - 16] + s0 + chunk[i - 7] + s1; + } + + uint32_t x[8]; + memcpy(x, hash, 8*sizeof(uint32_t)); + + // Main loop: + for (int i = 0; i < 64; i++) + { + uint64_t v = (uint64_t(x[4]) << 32) | x[4]; + uint32_t temp = x[7] + + ((v >> 6) ^ (v >> 11) ^ (v >> 25)) + + ((x[4] & x[5]) ^ (~x[4] & x[6])) + + k[i] + chunk[i]; + x[3] += temp; + for (int j = 7; j; --j) + x[j] = x[j - 1]; + v = (uint64_t(x[0]) << 32) | x[0]; + temp += ((v >> 2) ^ (v >> 13) ^ (v >> 22)) + + ((x[0] & (x[2] ^ x[3])) ^ (x[2] & x[3])); + x[0] = temp; + } + + // Add this chunk's hash to result so far: + for (int i = 0; i < 8; ++i) + hash[i] += x[i]; + } + + // the final hash value (big-endian) is in hash +} + + diff --git a/Crypto/Hash/SHA256.cpp b/Crypto/Hash/SHA256.cpp new file mode 100644 index 0000000..740d807 --- /dev/null +++ b/Crypto/Hash/SHA256.cpp @@ -0,0 +1,114 @@ +/* + C implementation by John Ryland + Based on psuedo code algorithm on wikipedia + Copyright (c) 2013 + */ + +#include +#include +#include +#include "SHA256.h" + + +// Initialize variables +// (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): +static const uint32_t h[8] = +{ + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +}; + + +// Initialize table of round constants +// (first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311): +static const uint32_t k[64] = +{ + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +}; + + +void sha256(const uint8_t* message, uint64_t length, uint32_t hash[8]) +{ + // Initialize hash value + memcpy(hash, h, 8*sizeof(uint32_t)); + + // append the bit '1' to the message + // append k bits '0', where k is the minimum number >= 0 such that the resulting message + // length (in bits) is 448 (modulo 512). + uint8_t msg[length + 65]; + memcpy(msg, message, length); + msg[length] = 0x80; + + uint64_t bitLength = (length+1) * 8; + for (int i = 1; i < 64; i++) + msg[length+i] = 0x00; + if ( (bitLength % 512) > 448 ) { + bitLength = (512 - (bitLength % 512)) + 448; + } else { + bitLength += 448 - (bitLength % 512); + } + assert((bitLength % 512) == 448); + + // append length of message (before pre-processing), in bits, as 64-bit big-endian integer + length *= 8; + *((uint64_t*)(msg + (bitLength/8))) = htobe64(length); + bitLength += 64; + + // Process the message in successive 512-bit chunks: + for (uint64_t bit = 0ULL; bit < bitLength; bit += 512) + { + uint32_t chunk[64]; + for (int i = 0; i < 16; i++) + { + // break chunk into sixteen 32-bit big-endian words w[0..15] + chunk[i] = be32toh(((uint32_t*)&msg[bit/8])[i]); + } + + // Extend the sixteen 32-bit words into sixty-four 32-bit words: + for (int i = 16; i < 64; i++) + { + // we can do rotate right in C using shift right if we duplicate the bits + uint32_t s0 = chunk[i - 15]; + uint32_t s1 = chunk[i - 2]; + uint64_t v = (uint64_t(s0) << 32) | s0; + s0 = (v >> 7) ^ (v >> 18) ^ (s0 >> 3); + v = (uint64_t(s1) << 32) | s1; + s1 = (v >> 17) ^ (v >> 19) ^ (s1 >> 10); + chunk[i] = chunk[i - 16] + s0 + chunk[i - 7] + s1; + } + + uint32_t x[8]; + memcpy(x, hash, 8*sizeof(uint32_t)); + + // Main loop: + for (int i = 0; i < 64; i++) + { + uint64_t v = (uint64_t(x[4]) << 32) | x[4]; + uint32_t temp = x[7] + + ((v >> 6) ^ (v >> 11) ^ (v >> 25)) + + ((x[4] & x[5]) ^ (~x[4] & x[6])) + + k[i] + chunk[i]; + x[3] += temp; + for (int j = 7; j; --j) + x[j] = x[j - 1]; + v = (uint64_t(x[0]) << 32) | x[0]; + temp += ((v >> 2) ^ (v >> 13) ^ (v >> 22)) + + ((x[0] & (x[2] ^ x[3])) ^ (x[2] & x[3])); + x[0] = temp; + } + + // Add this chunk's hash to result so far: + for (int i = 0; i < 8; ++i) + hash[i] += x[i]; + } + + // the final hash value (big-endian) is in hash +} + + diff --git a/Crypto/Hash/SHA256.h b/Crypto/Hash/SHA256.h new file mode 100644 index 0000000..3d69822 --- /dev/null +++ b/Crypto/Hash/SHA256.h @@ -0,0 +1,12 @@ +#ifndef SHA256_H +#define SHA256_H + + +#include + + +void sha256(const uint8_t* message, uint64_t length, uint32_t hash[8]); + + +#endif // SHA256_H + diff --git a/Crypto/Hash/SHA256.cpp b/Crypto/Hash/SHA256.cpp new file mode 100644 index 0000000..740d807 --- /dev/null +++ b/Crypto/Hash/SHA256.cpp @@ -0,0 +1,114 @@ +/* + C implementation by John Ryland + Based on psuedo code algorithm on wikipedia + Copyright (c) 2013 + */ + +#include +#include +#include +#include "SHA256.h" + + +// Initialize variables +// (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): +static const uint32_t h[8] = +{ + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +}; + + +// Initialize table of round constants +// (first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311): +static const uint32_t k[64] = +{ + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +}; + + +void sha256(const uint8_t* message, uint64_t length, uint32_t hash[8]) +{ + // Initialize hash value + memcpy(hash, h, 8*sizeof(uint32_t)); + + // append the bit '1' to the message + // append k bits '0', where k is the minimum number >= 0 such that the resulting message + // length (in bits) is 448 (modulo 512). + uint8_t msg[length + 65]; + memcpy(msg, message, length); + msg[length] = 0x80; + + uint64_t bitLength = (length+1) * 8; + for (int i = 1; i < 64; i++) + msg[length+i] = 0x00; + if ( (bitLength % 512) > 448 ) { + bitLength = (512 - (bitLength % 512)) + 448; + } else { + bitLength += 448 - (bitLength % 512); + } + assert((bitLength % 512) == 448); + + // append length of message (before pre-processing), in bits, as 64-bit big-endian integer + length *= 8; + *((uint64_t*)(msg + (bitLength/8))) = htobe64(length); + bitLength += 64; + + // Process the message in successive 512-bit chunks: + for (uint64_t bit = 0ULL; bit < bitLength; bit += 512) + { + uint32_t chunk[64]; + for (int i = 0; i < 16; i++) + { + // break chunk into sixteen 32-bit big-endian words w[0..15] + chunk[i] = be32toh(((uint32_t*)&msg[bit/8])[i]); + } + + // Extend the sixteen 32-bit words into sixty-four 32-bit words: + for (int i = 16; i < 64; i++) + { + // we can do rotate right in C using shift right if we duplicate the bits + uint32_t s0 = chunk[i - 15]; + uint32_t s1 = chunk[i - 2]; + uint64_t v = (uint64_t(s0) << 32) | s0; + s0 = (v >> 7) ^ (v >> 18) ^ (s0 >> 3); + v = (uint64_t(s1) << 32) | s1; + s1 = (v >> 17) ^ (v >> 19) ^ (s1 >> 10); + chunk[i] = chunk[i - 16] + s0 + chunk[i - 7] + s1; + } + + uint32_t x[8]; + memcpy(x, hash, 8*sizeof(uint32_t)); + + // Main loop: + for (int i = 0; i < 64; i++) + { + uint64_t v = (uint64_t(x[4]) << 32) | x[4]; + uint32_t temp = x[7] + + ((v >> 6) ^ (v >> 11) ^ (v >> 25)) + + ((x[4] & x[5]) ^ (~x[4] & x[6])) + + k[i] + chunk[i]; + x[3] += temp; + for (int j = 7; j; --j) + x[j] = x[j - 1]; + v = (uint64_t(x[0]) << 32) | x[0]; + temp += ((v >> 2) ^ (v >> 13) ^ (v >> 22)) + + ((x[0] & (x[2] ^ x[3])) ^ (x[2] & x[3])); + x[0] = temp; + } + + // Add this chunk's hash to result so far: + for (int i = 0; i < 8; ++i) + hash[i] += x[i]; + } + + // the final hash value (big-endian) is in hash +} + + diff --git a/Crypto/Hash/SHA256.h b/Crypto/Hash/SHA256.h new file mode 100644 index 0000000..3d69822 --- /dev/null +++ b/Crypto/Hash/SHA256.h @@ -0,0 +1,12 @@ +#ifndef SHA256_H +#define SHA256_H + + +#include + + +void sha256(const uint8_t* message, uint64_t length, uint32_t hash[8]); + + +#endif // SHA256_H + diff --git a/Crypto/rsa-tests/clean.sh b/Crypto/rsa-tests/clean.sh new file mode 100755 index 0000000..1212519 --- /dev/null +++ b/Crypto/rsa-tests/clean.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +rm mykey.pem mykey.pub secret.bin recovered.txt convert secret.cpp + diff --git a/Crypto/Hash/SHA256.cpp b/Crypto/Hash/SHA256.cpp new file mode 100644 index 0000000..740d807 --- /dev/null +++ b/Crypto/Hash/SHA256.cpp @@ -0,0 +1,114 @@ +/* + C implementation by John Ryland + Based on psuedo code algorithm on wikipedia + Copyright (c) 2013 + */ + +#include +#include +#include +#include "SHA256.h" + + +// Initialize variables +// (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): +static const uint32_t h[8] = +{ + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +}; + + +// Initialize table of round constants +// (first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311): +static const uint32_t k[64] = +{ + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +}; + + +void sha256(const uint8_t* message, uint64_t length, uint32_t hash[8]) +{ + // Initialize hash value + memcpy(hash, h, 8*sizeof(uint32_t)); + + // append the bit '1' to the message + // append k bits '0', where k is the minimum number >= 0 such that the resulting message + // length (in bits) is 448 (modulo 512). + uint8_t msg[length + 65]; + memcpy(msg, message, length); + msg[length] = 0x80; + + uint64_t bitLength = (length+1) * 8; + for (int i = 1; i < 64; i++) + msg[length+i] = 0x00; + if ( (bitLength % 512) > 448 ) { + bitLength = (512 - (bitLength % 512)) + 448; + } else { + bitLength += 448 - (bitLength % 512); + } + assert((bitLength % 512) == 448); + + // append length of message (before pre-processing), in bits, as 64-bit big-endian integer + length *= 8; + *((uint64_t*)(msg + (bitLength/8))) = htobe64(length); + bitLength += 64; + + // Process the message in successive 512-bit chunks: + for (uint64_t bit = 0ULL; bit < bitLength; bit += 512) + { + uint32_t chunk[64]; + for (int i = 0; i < 16; i++) + { + // break chunk into sixteen 32-bit big-endian words w[0..15] + chunk[i] = be32toh(((uint32_t*)&msg[bit/8])[i]); + } + + // Extend the sixteen 32-bit words into sixty-four 32-bit words: + for (int i = 16; i < 64; i++) + { + // we can do rotate right in C using shift right if we duplicate the bits + uint32_t s0 = chunk[i - 15]; + uint32_t s1 = chunk[i - 2]; + uint64_t v = (uint64_t(s0) << 32) | s0; + s0 = (v >> 7) ^ (v >> 18) ^ (s0 >> 3); + v = (uint64_t(s1) << 32) | s1; + s1 = (v >> 17) ^ (v >> 19) ^ (s1 >> 10); + chunk[i] = chunk[i - 16] + s0 + chunk[i - 7] + s1; + } + + uint32_t x[8]; + memcpy(x, hash, 8*sizeof(uint32_t)); + + // Main loop: + for (int i = 0; i < 64; i++) + { + uint64_t v = (uint64_t(x[4]) << 32) | x[4]; + uint32_t temp = x[7] + + ((v >> 6) ^ (v >> 11) ^ (v >> 25)) + + ((x[4] & x[5]) ^ (~x[4] & x[6])) + + k[i] + chunk[i]; + x[3] += temp; + for (int j = 7; j; --j) + x[j] = x[j - 1]; + v = (uint64_t(x[0]) << 32) | x[0]; + temp += ((v >> 2) ^ (v >> 13) ^ (v >> 22)) + + ((x[0] & (x[2] ^ x[3])) ^ (x[2] & x[3])); + x[0] = temp; + } + + // Add this chunk's hash to result so far: + for (int i = 0; i < 8; ++i) + hash[i] += x[i]; + } + + // the final hash value (big-endian) is in hash +} + + diff --git a/Crypto/Hash/SHA256.h b/Crypto/Hash/SHA256.h new file mode 100644 index 0000000..3d69822 --- /dev/null +++ b/Crypto/Hash/SHA256.h @@ -0,0 +1,12 @@ +#ifndef SHA256_H +#define SHA256_H + + +#include + + +void sha256(const uint8_t* message, uint64_t length, uint32_t hash[8]); + + +#endif // SHA256_H + diff --git a/Crypto/rsa-tests/clean.sh b/Crypto/rsa-tests/clean.sh new file mode 100755 index 0000000..1212519 --- /dev/null +++ b/Crypto/rsa-tests/clean.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +rm mykey.pem mykey.pub secret.bin recovered.txt convert secret.cpp + diff --git a/Crypto/rsa-tests/message.txt b/Crypto/rsa-tests/message.txt new file mode 100644 index 0000000..41f8fd0 --- /dev/null +++ b/Crypto/rsa-tests/message.txt @@ -0,0 +1,2 @@ +This is my plain text +We will make it secret diff --git a/Crypto/Hash/SHA256.cpp b/Crypto/Hash/SHA256.cpp new file mode 100644 index 0000000..740d807 --- /dev/null +++ b/Crypto/Hash/SHA256.cpp @@ -0,0 +1,114 @@ +/* + C implementation by John Ryland + Based on psuedo code algorithm on wikipedia + Copyright (c) 2013 + */ + +#include +#include +#include +#include "SHA256.h" + + +// Initialize variables +// (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): +static const uint32_t h[8] = +{ + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +}; + + +// Initialize table of round constants +// (first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311): +static const uint32_t k[64] = +{ + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +}; + + +void sha256(const uint8_t* message, uint64_t length, uint32_t hash[8]) +{ + // Initialize hash value + memcpy(hash, h, 8*sizeof(uint32_t)); + + // append the bit '1' to the message + // append k bits '0', where k is the minimum number >= 0 such that the resulting message + // length (in bits) is 448 (modulo 512). + uint8_t msg[length + 65]; + memcpy(msg, message, length); + msg[length] = 0x80; + + uint64_t bitLength = (length+1) * 8; + for (int i = 1; i < 64; i++) + msg[length+i] = 0x00; + if ( (bitLength % 512) > 448 ) { + bitLength = (512 - (bitLength % 512)) + 448; + } else { + bitLength += 448 - (bitLength % 512); + } + assert((bitLength % 512) == 448); + + // append length of message (before pre-processing), in bits, as 64-bit big-endian integer + length *= 8; + *((uint64_t*)(msg + (bitLength/8))) = htobe64(length); + bitLength += 64; + + // Process the message in successive 512-bit chunks: + for (uint64_t bit = 0ULL; bit < bitLength; bit += 512) + { + uint32_t chunk[64]; + for (int i = 0; i < 16; i++) + { + // break chunk into sixteen 32-bit big-endian words w[0..15] + chunk[i] = be32toh(((uint32_t*)&msg[bit/8])[i]); + } + + // Extend the sixteen 32-bit words into sixty-four 32-bit words: + for (int i = 16; i < 64; i++) + { + // we can do rotate right in C using shift right if we duplicate the bits + uint32_t s0 = chunk[i - 15]; + uint32_t s1 = chunk[i - 2]; + uint64_t v = (uint64_t(s0) << 32) | s0; + s0 = (v >> 7) ^ (v >> 18) ^ (s0 >> 3); + v = (uint64_t(s1) << 32) | s1; + s1 = (v >> 17) ^ (v >> 19) ^ (s1 >> 10); + chunk[i] = chunk[i - 16] + s0 + chunk[i - 7] + s1; + } + + uint32_t x[8]; + memcpy(x, hash, 8*sizeof(uint32_t)); + + // Main loop: + for (int i = 0; i < 64; i++) + { + uint64_t v = (uint64_t(x[4]) << 32) | x[4]; + uint32_t temp = x[7] + + ((v >> 6) ^ (v >> 11) ^ (v >> 25)) + + ((x[4] & x[5]) ^ (~x[4] & x[6])) + + k[i] + chunk[i]; + x[3] += temp; + for (int j = 7; j; --j) + x[j] = x[j - 1]; + v = (uint64_t(x[0]) << 32) | x[0]; + temp += ((v >> 2) ^ (v >> 13) ^ (v >> 22)) + + ((x[0] & (x[2] ^ x[3])) ^ (x[2] & x[3])); + x[0] = temp; + } + + // Add this chunk's hash to result so far: + for (int i = 0; i < 8; ++i) + hash[i] += x[i]; + } + + // the final hash value (big-endian) is in hash +} + + diff --git a/Crypto/Hash/SHA256.h b/Crypto/Hash/SHA256.h new file mode 100644 index 0000000..3d69822 --- /dev/null +++ b/Crypto/Hash/SHA256.h @@ -0,0 +1,12 @@ +#ifndef SHA256_H +#define SHA256_H + + +#include + + +void sha256(const uint8_t* message, uint64_t length, uint32_t hash[8]); + + +#endif // SHA256_H + diff --git a/Crypto/rsa-tests/clean.sh b/Crypto/rsa-tests/clean.sh new file mode 100755 index 0000000..1212519 --- /dev/null +++ b/Crypto/rsa-tests/clean.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +rm mykey.pem mykey.pub secret.bin recovered.txt convert secret.cpp + diff --git a/Crypto/rsa-tests/message.txt b/Crypto/rsa-tests/message.txt new file mode 100644 index 0000000..41f8fd0 --- /dev/null +++ b/Crypto/rsa-tests/message.txt @@ -0,0 +1,2 @@ +This is my plain text +We will make it secret diff --git a/Crypto/rsa-tests/secure-run.sh b/Crypto/rsa-tests/secure-run.sh new file mode 100755 index 0000000..3d0488b --- /dev/null +++ b/Crypto/rsa-tests/secure-run.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +# Takes a file that was generated by the signer.sh script +# Checks the signature is correct using the public key from mykey.pub +# Then runs the program if the signature is valid + + +# Split the file back out in to two files, the original and the signature +head -c -256 $1 > $1.tmp +tail -c 256 $1 > tmp-signature.file + +cat $1.tmp | openssl sha512 -verify mykey.pub -signature tmp-signature.file | grep "Verified OK" > /dev/null +if [ "$?" == "0" ] +then + chmod a+x ./$1.tmp + ./$1.tmp +else + echo "Verification failed" +fi + +rm $1.tmp +rm tmp-signature.file + diff --git a/Crypto/Hash/SHA256.cpp b/Crypto/Hash/SHA256.cpp new file mode 100644 index 0000000..740d807 --- /dev/null +++ b/Crypto/Hash/SHA256.cpp @@ -0,0 +1,114 @@ +/* + C implementation by John Ryland + Based on psuedo code algorithm on wikipedia + Copyright (c) 2013 + */ + +#include +#include +#include +#include "SHA256.h" + + +// Initialize variables +// (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): +static const uint32_t h[8] = +{ + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +}; + + +// Initialize table of round constants +// (first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311): +static const uint32_t k[64] = +{ + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +}; + + +void sha256(const uint8_t* message, uint64_t length, uint32_t hash[8]) +{ + // Initialize hash value + memcpy(hash, h, 8*sizeof(uint32_t)); + + // append the bit '1' to the message + // append k bits '0', where k is the minimum number >= 0 such that the resulting message + // length (in bits) is 448 (modulo 512). + uint8_t msg[length + 65]; + memcpy(msg, message, length); + msg[length] = 0x80; + + uint64_t bitLength = (length+1) * 8; + for (int i = 1; i < 64; i++) + msg[length+i] = 0x00; + if ( (bitLength % 512) > 448 ) { + bitLength = (512 - (bitLength % 512)) + 448; + } else { + bitLength += 448 - (bitLength % 512); + } + assert((bitLength % 512) == 448); + + // append length of message (before pre-processing), in bits, as 64-bit big-endian integer + length *= 8; + *((uint64_t*)(msg + (bitLength/8))) = htobe64(length); + bitLength += 64; + + // Process the message in successive 512-bit chunks: + for (uint64_t bit = 0ULL; bit < bitLength; bit += 512) + { + uint32_t chunk[64]; + for (int i = 0; i < 16; i++) + { + // break chunk into sixteen 32-bit big-endian words w[0..15] + chunk[i] = be32toh(((uint32_t*)&msg[bit/8])[i]); + } + + // Extend the sixteen 32-bit words into sixty-four 32-bit words: + for (int i = 16; i < 64; i++) + { + // we can do rotate right in C using shift right if we duplicate the bits + uint32_t s0 = chunk[i - 15]; + uint32_t s1 = chunk[i - 2]; + uint64_t v = (uint64_t(s0) << 32) | s0; + s0 = (v >> 7) ^ (v >> 18) ^ (s0 >> 3); + v = (uint64_t(s1) << 32) | s1; + s1 = (v >> 17) ^ (v >> 19) ^ (s1 >> 10); + chunk[i] = chunk[i - 16] + s0 + chunk[i - 7] + s1; + } + + uint32_t x[8]; + memcpy(x, hash, 8*sizeof(uint32_t)); + + // Main loop: + for (int i = 0; i < 64; i++) + { + uint64_t v = (uint64_t(x[4]) << 32) | x[4]; + uint32_t temp = x[7] + + ((v >> 6) ^ (v >> 11) ^ (v >> 25)) + + ((x[4] & x[5]) ^ (~x[4] & x[6])) + + k[i] + chunk[i]; + x[3] += temp; + for (int j = 7; j; --j) + x[j] = x[j - 1]; + v = (uint64_t(x[0]) << 32) | x[0]; + temp += ((v >> 2) ^ (v >> 13) ^ (v >> 22)) + + ((x[0] & (x[2] ^ x[3])) ^ (x[2] & x[3])); + x[0] = temp; + } + + // Add this chunk's hash to result so far: + for (int i = 0; i < 8; ++i) + hash[i] += x[i]; + } + + // the final hash value (big-endian) is in hash +} + + diff --git a/Crypto/Hash/SHA256.h b/Crypto/Hash/SHA256.h new file mode 100644 index 0000000..3d69822 --- /dev/null +++ b/Crypto/Hash/SHA256.h @@ -0,0 +1,12 @@ +#ifndef SHA256_H +#define SHA256_H + + +#include + + +void sha256(const uint8_t* message, uint64_t length, uint32_t hash[8]); + + +#endif // SHA256_H + diff --git a/Crypto/rsa-tests/clean.sh b/Crypto/rsa-tests/clean.sh new file mode 100755 index 0000000..1212519 --- /dev/null +++ b/Crypto/rsa-tests/clean.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +rm mykey.pem mykey.pub secret.bin recovered.txt convert secret.cpp + diff --git a/Crypto/rsa-tests/message.txt b/Crypto/rsa-tests/message.txt new file mode 100644 index 0000000..41f8fd0 --- /dev/null +++ b/Crypto/rsa-tests/message.txt @@ -0,0 +1,2 @@ +This is my plain text +We will make it secret diff --git a/Crypto/rsa-tests/secure-run.sh b/Crypto/rsa-tests/secure-run.sh new file mode 100755 index 0000000..3d0488b --- /dev/null +++ b/Crypto/rsa-tests/secure-run.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +# Takes a file that was generated by the signer.sh script +# Checks the signature is correct using the public key from mykey.pub +# Then runs the program if the signature is valid + + +# Split the file back out in to two files, the original and the signature +head -c -256 $1 > $1.tmp +tail -c 256 $1 > tmp-signature.file + +cat $1.tmp | openssl sha512 -verify mykey.pub -signature tmp-signature.file | grep "Verified OK" > /dev/null +if [ "$?" == "0" ] +then + chmod a+x ./$1.tmp + ./$1.tmp +else + echo "Verification failed" +fi + +rm $1.tmp +rm tmp-signature.file + diff --git a/Crypto/rsa-tests/signer.sh b/Crypto/rsa-tests/signer.sh new file mode 100755 index 0000000..0fee99d --- /dev/null +++ b/Crypto/rsa-tests/signer.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +# +# This script digitally signs a file and appends the signature on to the end of the file +# The private key in "mykey.pem" is used for the signing +# + +cat $1 | openssl sha512 -sign mykey.pem > tmp-signature.file +cat $1 tmp-signature.file > $1.signed +rm tmp-signature.file + + diff --git a/Crypto/Hash/SHA256.cpp b/Crypto/Hash/SHA256.cpp new file mode 100644 index 0000000..740d807 --- /dev/null +++ b/Crypto/Hash/SHA256.cpp @@ -0,0 +1,114 @@ +/* + C implementation by John Ryland + Based on psuedo code algorithm on wikipedia + Copyright (c) 2013 + */ + +#include +#include +#include +#include "SHA256.h" + + +// Initialize variables +// (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19): +static const uint32_t h[8] = +{ + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +}; + + +// Initialize table of round constants +// (first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311): +static const uint32_t k[64] = +{ + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +}; + + +void sha256(const uint8_t* message, uint64_t length, uint32_t hash[8]) +{ + // Initialize hash value + memcpy(hash, h, 8*sizeof(uint32_t)); + + // append the bit '1' to the message + // append k bits '0', where k is the minimum number >= 0 such that the resulting message + // length (in bits) is 448 (modulo 512). + uint8_t msg[length + 65]; + memcpy(msg, message, length); + msg[length] = 0x80; + + uint64_t bitLength = (length+1) * 8; + for (int i = 1; i < 64; i++) + msg[length+i] = 0x00; + if ( (bitLength % 512) > 448 ) { + bitLength = (512 - (bitLength % 512)) + 448; + } else { + bitLength += 448 - (bitLength % 512); + } + assert((bitLength % 512) == 448); + + // append length of message (before pre-processing), in bits, as 64-bit big-endian integer + length *= 8; + *((uint64_t*)(msg + (bitLength/8))) = htobe64(length); + bitLength += 64; + + // Process the message in successive 512-bit chunks: + for (uint64_t bit = 0ULL; bit < bitLength; bit += 512) + { + uint32_t chunk[64]; + for (int i = 0; i < 16; i++) + { + // break chunk into sixteen 32-bit big-endian words w[0..15] + chunk[i] = be32toh(((uint32_t*)&msg[bit/8])[i]); + } + + // Extend the sixteen 32-bit words into sixty-four 32-bit words: + for (int i = 16; i < 64; i++) + { + // we can do rotate right in C using shift right if we duplicate the bits + uint32_t s0 = chunk[i - 15]; + uint32_t s1 = chunk[i - 2]; + uint64_t v = (uint64_t(s0) << 32) | s0; + s0 = (v >> 7) ^ (v >> 18) ^ (s0 >> 3); + v = (uint64_t(s1) << 32) | s1; + s1 = (v >> 17) ^ (v >> 19) ^ (s1 >> 10); + chunk[i] = chunk[i - 16] + s0 + chunk[i - 7] + s1; + } + + uint32_t x[8]; + memcpy(x, hash, 8*sizeof(uint32_t)); + + // Main loop: + for (int i = 0; i < 64; i++) + { + uint64_t v = (uint64_t(x[4]) << 32) | x[4]; + uint32_t temp = x[7] + + ((v >> 6) ^ (v >> 11) ^ (v >> 25)) + + ((x[4] & x[5]) ^ (~x[4] & x[6])) + + k[i] + chunk[i]; + x[3] += temp; + for (int j = 7; j; --j) + x[j] = x[j - 1]; + v = (uint64_t(x[0]) << 32) | x[0]; + temp += ((v >> 2) ^ (v >> 13) ^ (v >> 22)) + + ((x[0] & (x[2] ^ x[3])) ^ (x[2] & x[3])); + x[0] = temp; + } + + // Add this chunk's hash to result so far: + for (int i = 0; i < 8; ++i) + hash[i] += x[i]; + } + + // the final hash value (big-endian) is in hash +} + + diff --git a/Crypto/Hash/SHA256.h b/Crypto/Hash/SHA256.h new file mode 100644 index 0000000..3d69822 --- /dev/null +++ b/Crypto/Hash/SHA256.h @@ -0,0 +1,12 @@ +#ifndef SHA256_H +#define SHA256_H + + +#include + + +void sha256(const uint8_t* message, uint64_t length, uint32_t hash[8]); + + +#endif // SHA256_H + diff --git a/Crypto/rsa-tests/clean.sh b/Crypto/rsa-tests/clean.sh new file mode 100755 index 0000000..1212519 --- /dev/null +++ b/Crypto/rsa-tests/clean.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +rm mykey.pem mykey.pub secret.bin recovered.txt convert secret.cpp + diff --git a/Crypto/rsa-tests/message.txt b/Crypto/rsa-tests/message.txt new file mode 100644 index 0000000..41f8fd0 --- /dev/null +++ b/Crypto/rsa-tests/message.txt @@ -0,0 +1,2 @@ +This is my plain text +We will make it secret diff --git a/Crypto/rsa-tests/secure-run.sh b/Crypto/rsa-tests/secure-run.sh new file mode 100755 index 0000000..3d0488b --- /dev/null +++ b/Crypto/rsa-tests/secure-run.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +# Takes a file that was generated by the signer.sh script +# Checks the signature is correct using the public key from mykey.pub +# Then runs the program if the signature is valid + + +# Split the file back out in to two files, the original and the signature +head -c -256 $1 > $1.tmp +tail -c 256 $1 > tmp-signature.file + +cat $1.tmp | openssl sha512 -verify mykey.pub -signature tmp-signature.file | grep "Verified OK" > /dev/null +if [ "$?" == "0" ] +then + chmod a+x ./$1.tmp + ./$1.tmp +else + echo "Verification failed" +fi + +rm $1.tmp +rm tmp-signature.file + diff --git a/Crypto/rsa-tests/signer.sh b/Crypto/rsa-tests/signer.sh new file mode 100755 index 0000000..0fee99d --- /dev/null +++ b/Crypto/rsa-tests/signer.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +# +# This script digitally signs a file and appends the signature on to the end of the file +# The private key in "mykey.pem" is used for the signing +# + +cat $1 | openssl sha512 -sign mykey.pem > tmp-signature.file +cat $1 tmp-signature.file > $1.signed +rm tmp-signature.file + + diff --git a/Crypto/rsa-tests/tests.sh b/Crypto/rsa-tests/tests.sh new file mode 100755 index 0000000..77bc67a --- /dev/null +++ b/Crypto/rsa-tests/tests.sh @@ -0,0 +1,51 @@ +#!/bin/bash + +openssl genrsa -out mykey.pem 2048 +openssl rsa -in mykey.pem -pubout -out mykey.pub +openssl rsautl -sign -inkey mykey.pem -in message.txt -out secret.bin +openssl rsautl -verify -pubin -inkey mykey.pub -in secret.bin -out recovered.txt + +# cat << EOF > convert.c +# #include +# int main() { for (int i = 0; i < 256; i++) printf("%02x", (unsigned)getchar()); } +# EOF +# g++ convert.c -o convert +# rm convert.c +# echo -n "const char* secretMessage = \"" > secret.txt +# cat secret.bin | ./convert >> secret.txt +# echo "\";" >> secret.txt +# echo >> secret.txt +# echo "Public Modulus and Exponent:" >> secret.txt +# echo >> secret.txt +# openssl asn1parse -in mykey.pub -strparse 19 >> secret.txt + +echo "const char* secretMessage = " > secret.cpp +cat secret.bin | xxd -p | sed 's/^/ "/' | sed 's/$/"/' | head -c -1 >> secret.cpp +echo -e ";\n" >> secret.cpp +echo "const char* publicModulus = " >> secret.cpp +# Dump the contents of the public key +openssl asn1parse -in mykey.pub -strparse 19 -offset 4 -length 261 | cut -d ':' -f 4 | fold -w 60 | sed 's/^/ "/' | sed 's/$/"/' | head -c -1 >> secret.cpp +echo -e ";\n" >> secret.cpp +echo "const char* publicExponent = " >> secret.cpp +# Dump the contents of the public key +openssl asn1parse -in mykey.pub -strparse 19 -offset 265 | cut -d ':' -f 4 | fold -w 60 | sed 's/^/ "/' | sed 's/$/"/' | head -c -1 >> secret.cpp +echo -e ";\n" >> secret.cpp + +# Dump the contents of the private key +# openssl asn1parse -in mykey.pem + +#RSAPrivateKey ::= SEQUENCE { +# version Version, +# modulus INTEGER, -- n +# publicExponent INTEGER, -- e +# privateExponent INTEGER, -- d +# prime1 INTEGER, -- p +# prime2 INTEGER, -- q +# exponent1 INTEGER, -- d mod (p-1) +# exponent2 INTEGER, -- d mod (q-1) +# coefficient INTEGER, -- (inverse of q) mod p +# otherPrimeInfos OtherPrimeInfos OPTIONAL +#} + + +