错误的SHA-1哈希

时间:2015-11-03 11:48:20

标签: c encryption cryptography sha

我打算将AVR-Crypto的SHA-1 implementation用于HMAC。但是,我似乎无法生成正确的SHA-1总和。

例如,如果我使用以下

调用该函数 
Entity1 (**Entity1No**, ....)

Entity2 (**Entity2No**, ...)

Entity1_Entity2 (***Entity1No***, ***Entity2No***, ....)
 FOREIGN KEY (Entity1No) REFERENCES (Entity1)
 FOREIGN KEY (Entity2No) REFERENCES (Entity2)

我得到 unsigned char sha1sum[20]; char *msg = "FFFFFFFFFF"; sha1( sha1sum, msg, strlen(msg)); 而不是预期的000000000000000000002C002312290000000029。有谁知道什么可能是错的?这是AVR-Crypto的实现

c1bb92851109fe950a2655fa1d4ba1d04719f6fb

这是标题:

#include <string.h> /* memcpy & co */
#include <stdint.h>
#include "config.h"
#include "debug.h"
#include "sha1.h"

#ifdef DEBUG
#  undef DEBUG
#endif

#include "cli.h"

#define LITTLE_ENDIAN

/********************************************************************************************************/

/**
 * \brief initialises given SHA-1 context
 *
 */
void sha1_init(sha1_ctx_t *state){
    DEBUG_S("\r\nSHA1_INIT");
    state->h[0] = 0x67452301;
    state->h[1] = 0xefcdab89;
    state->h[2] = 0x98badcfe;
    state->h[3] = 0x10325476;
    state->h[4] = 0xc3d2e1f0;
    state->length = 0;
}

/********************************************************************************************************/
/* some helping functions */
uint32_t rotl32(uint32_t n, uint8_t bits){
    return ((n<<bits) | (n>>(32-bits)));
}

uint32_t change_endian32(uint32_t x){
    return (((x)<<24) | ((x)>>24) | (((x)& 0x0000ff00)<<8) | (((x)& 0x00ff0000)>>8));
}


/* three SHA-1 inner functions */
uint32_t ch(uint32_t x, uint32_t y, uint32_t z){
    DEBUG_S("\r\nCH");
    return ((x&y)^((~x)&z));
}

uint32_t maj(uint32_t x, uint32_t y, uint32_t z){
    DEBUG_S("\r\nMAJ");
    return ((x&y)^(x&z)^(y&z));
}

uint32_t parity(uint32_t x, uint32_t y, uint32_t z){
    DEBUG_S("\r\nPARITY");
    return ((x^y)^z);
}

/********************************************************************************************************/
/**
 * \brief "add" a block to the hash
 * This is the core function of the hash algorithm. To understand how it's working
 * and what thoese variables do, take a look at FIPS-182. This is an "alternativ" implementation
 */

#define MASK 0x0000000f

typedef uint32_t (*pf_t)(uint32_t x, uint32_t y, uint32_t z);

void sha1_nextBlock (sha1_ctx_t *state, const void *block){
    uint32_t a[5];
    uint32_t w[16];
    uint32_t temp;
    uint8_t t,s,fi, fib;
    pf_t f[] = {ch,parity,maj,parity};
    uint32_t k[4]={ 0x5a827999,
                    0x6ed9eba1,
                    0x8f1bbcdc,
                    0xca62c1d6};

    /* load the w array (changing the endian and so) */
    for(t=0; t<16; ++t){
        w[t] = change_endian32(((uint32_t*)block)[t]);
    }

#if DEBUG
    uint8_t dbgi;
    for(dbgi=0; dbgi<16; ++dbgi){
        /*
        DEBUG_S("\n\rBlock:");
        DEBUG_B(dbgi);
        DEBUG_C(':');
        */
        cli_putstr_P(PSTR("\r\nBlock:"));
        cli_hexdump(&dbgi, 1);
        cli_putc(':');
        cli_hexdump(&(w[dbgi]) ,4);
    }
#endif

    /* load the state */
    memcpy(a, state->h, 5*sizeof(uint32_t));


    /* the fun stuff */
    for(fi=0,fib=0,t=0; t<=79; ++t){
        s = t & MASK;
        if(t>=16){
            #if DEBUG
             DEBUG_S("\r\n ws = "); cli_hexdump(&(w[s]), 4);
            #endif
            w[s] = rotl32( w[(s+13)&MASK] ^ w[(s+8)&MASK] ^
                 w[(s+ 2)&MASK] ^ w[s] ,1);
            #ifdef DEBUG
             DEBUG_S(" --> ws = "); cli_hexdump(&(w[s]), 4);
            #endif
        }

        uint32_t dtemp;
        temp = rotl32(a[0],5) + (dtemp=f[fi](a[1],a[2],a[3])) + a[4] + k[fi] + w[s];
        memmove(&(a[1]), &(a[0]), 4*sizeof(uint32_t)); /* e=d; d=c; c=b; b=a; */
        a[0] = temp;
        a[2] = rotl32(a[2],30); /* we might also do rotr32(c,2) */
        fib++;
        if(fib==20){
            fib=0;
            fi = (fi+1)%4;
        }
        #if DEBUG
        /* debug dump */
        DEBUG_S("\r\nt = "); DEBUG_B(t);
        DEBUG_S("; a[]: ");
         cli_hexdump(a, 5*4);
        DEBUG_S("; k = ");
         cli_hexdump(&(k[t/20]), 4);
        DEBUG_S("; f(b,c,d) = ");
         cli_hexdump(&dtemp, 4);
        #endif
    }

    /* update the state */
    for(t=0; t<5; ++t){
        state->h[t] += a[t];
    }
    state->length += 512;
}

/********************************************************************************************************/

void sha1_lastBlock(sha1_ctx_t *state, const void *block, uint16_t length){
    uint8_t lb[SHA1_BLOCK_BYTES]; /* local block */
    while(length>=SHA1_BLOCK_BITS){
        sha1_nextBlock(state, block);
        length -= SHA1_BLOCK_BITS;
        block = (uint8_t*)block + SHA1_BLOCK_BYTES;
    }
    state->length += length;
    memset(lb, 0, SHA1_BLOCK_BYTES);
    memcpy (lb, block, (length+7)>>3);

    /* set the final one bit */
    lb[length>>3] |= 0x80>>(length & 0x07);

    if (length>512-64-1){ /* not enouth space for 64bit length value */
        sha1_nextBlock(state, lb);
        state->length -= 512;
        memset(lb, 0, SHA1_BLOCK_BYTES);
    }
    /* store the 64bit length value */
#if defined LITTLE_ENDIAN
        /* this is now rolled up */
    uint8_t i;
    for (i=0; i<8; ++i){
        lb[56+i] = ((uint8_t*)&(state->length))[7-i];
    }
#elif defined BIG_ENDIAN
    *((uint64_t)&(lb[56])) = state->length;
#endif
    sha1_nextBlock(state, lb);
}

/********************************************************************************************************/

void sha1_ctx2hash (void *dest, sha1_ctx_t *state){
#if defined LITTLE_ENDIAN
    uint8_t i;
    for(i=0; i<5; ++i){
        ((uint32_t*)dest)[i] = change_endian32(state->h[i]);
    }
#elif BIG_ENDIAN
    if (dest != state->h)
        memcpy(dest, state->h, SHA1_HASH_BITS/8);
#else
# error unsupported endian type!
#endif
}

/********************************************************************************************************/
/**
 *
 *
 */
void sha1 (void *dest, const void *msg, uint32_t length){
    sha1_ctx_t s;
    DEBUG_S("\r\nBLA BLUB");
    sha1_init(&s);
    while(length & (~0x0001ff)){ /* length>=512 */
        DEBUG_S("\r\none block");
        sha1_nextBlock(&s, msg);
        msg = (uint8_t*)msg + SHA1_BLOCK_BITS/8; /* increment pointer to next block */
        length -= SHA1_BLOCK_BITS;
    }
    sha1_lastBlock(&s, msg, length);
    sha1_ctx2hash(dest, &s);
}

更新如果我使用#ifndef SHA1_H_ #define SHA1_H_ #include "stdint.h" /** \def SHA1_HASH_BITS * definees the size of a SHA-1 hash in bits */ /** \def SHA1_HASH_BYTES * definees the size of a SHA-1 hash in bytes */ /** \def SHA1_BLOCK_BITS * definees the size of a SHA-1 input block in bits */ /** \def SHA1_BLOCK_BYTES * definees the size of a SHA-1 input block in bytes */ #define SHA1_HASH_BITS 160 #define SHA1_HASH_BYTES (SHA1_HASH_BITS/8) #define SHA1_BLOCK_BITS 512 #define SHA1_BLOCK_BYTES (SHA1_BLOCK_BITS/8) /** \typedef sha1_ctx_t * \brief SHA-1 context type * * A vatiable of this type may hold the state of a SHA-1 hashing process */ typedef struct { uint32_t h[5]; // uint64_t length; uint8_t length; } sha1_ctx_t; /** \typedef sha1_hash_t * \brief hash value type * A variable of this type may hold a SHA-1 hash value */ /* typedef uint8_t sha1_hash_t[SHA1_HASH_BITS/8]; */ /** \fn sha1_init(sha1_ctx_t *state) * \brief initializes a SHA-1 context * This function sets a ::sha1_ctx_t variable to the initialization vector * for SHA-1 hashing. * \param state pointer to the SHA-1 context variable */ void sha1_init(sha1_ctx_t *state); /** \fn sha1_nextBlock(sha1_ctx_t *state, const void *block) * \brief process one input block * This function processes one input block and updates the hash context * accordingly * \param state pointer to the state variable to update * \param block pointer to the message block to process */ void sha1_nextBlock (sha1_ctx_t *state, const void *block); /** \fn sha1_lastBlock(sha1_ctx_t *state, const void *block, uint16_t length_b) * \brief processes the given block and finalizes the context * This function processes the last block in a SHA-1 hashing process. * The block should have a maximum length of a single input block. * \param state pointer to the state variable to update and finalize * \param block pointer to themessage block to process * \param length_b length of the message block in bits */ void sha1_lastBlock (sha1_ctx_t *state, const void *block, uint16_t length_b); /** \fn sha1_ctx2hash(sha1_hash_t *dest, sha1_ctx_t *state) * \brief convert a state variable into an actual hash value * Writes the hash value corresponding to the state to the memory pointed by dest. * \param dest pointer to the hash value destination * \param state pointer to the hash context */ void sha1_ctx2hash (void *dest, sha1_ctx_t *state); /** \fn sha1(sha1_hash_t *dest, const void *msg, uint32_t length_b) * \brief hashing a message which in located entirely in RAM * This function automatically hashes a message which is entirely in RAM with * the SHA-1 hashing algorithm. * \param dest pointer to the hash value destination * \param msg pointer to the message which should be hashed * \param length_b length of the message in bits */ void sha1(void *dest, const void *msg, uint32_t length_b); #endif /*SHA1_H_*/ 初始化sha1sum,则结果总和为0x00。

0 个答案:

没有答案
相关问题
最新问题