Алгоритм SHA-512 на C не производит правильный дайджест
Я работал над разработкой алгоритма SHA-512 на C в соответствии с рекомендациями NIST. Я завершил алгоритм SHA-256 и начал с него разрабатывать SHA-512. Однако дайджест сообщения неверен. Я думаю, что, возможно, я не имею дело с размером 128 бит для SHA-512, но по большей части не могу отладить свою проблему.
#include <stdio.h>
#include <inttypes.h>
#include <string.h> // strcpy
// Command line
char fileName[100];
char commandInput[100];
int writeToFileInput(char inputString[]);
// Endianess
#include <byteswap.h>
const int _i = 1;
#define islilend() ((*(char*)&_i) != 0)
#define WLEN 64 // Length of word
//#define WORD uint64_t
#define __uint128_t __uint128_t
#define WORD uint64_t
#define PF PRIX64 // Print format - 64 bits HEX
#define BYTE uint8_t
// Page 5 of the Secure Hash Standard
#define ROTL(x,n) ((x<<n)|(x>>(WLEN-n)))
#define ROTR(x,n) ((x>>n)|(x<<(WLEN-n)))
#define SHR(x,n) x>>n
// Page 10 of Secure Hash Standard
#define CH(x,y,z) ((x&y)^(~x&z))
#define MAJ(x,y,z) ((x&y)^(x&z)^(y&z))
#define SIG0(x) (ROTR(x, 28)^ROTR(x, 34)^ROTR(x, 39))
#define SIG1(x) (ROTR(x, 14)^ROTR(x, 18)^ROTR(x, 41))
#define Sig0(x) (ROTR(x, 1)^ROTR(x, 8)^SHR(x, 7))
#define Sig1(x) (ROTR(x, 19)^ROTR(x, 61)^SHR(x, 6))
// SHA512 works on blocks of 1024 bits
union Block {
// 8 x 128 = 1024 - dealing with block as bytes
BYTE bytes[128];
// 64 x 16 = 1024 - dealing with block as words
WORD words[16];
// 128 x 8 = 1024 - dealing with the last 64 bits of the last block
__uint128_t sixf[8];
};
// Keeping track of where we are in the input message/padding
enum Status{
READ, PAD, END
};
const WORD K[] = {
0x428a2f98d728ae22, 0x7137449123ef65cd, 0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc,
0x3956c25bf348b538, 0x59f111f1b605d019, 0x923f82a4af194f9b, 0xab1c5ed5da6d8118,
0xd807aa98a3030242, 0x12835b0145706fbe, 0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2,
0x72be5d74f27b896f, 0x80deb1fe3b1696b1, 0x9bdc06a725c71235, 0xc19bf174cf692694,
0xe49b69c19ef14ad2, 0xefbe4786384f25e3, 0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65,
0x2de92c6f592b0275, 0x4a7484aa6ea6e483, 0x5cb0a9dcbd41fbd4, 0x76f988da831153b5,
0x983e5152ee66dfab, 0xa831c66d2db43210, 0xb00327c898fb213f, 0xbf597fc7beef0ee4,
0xc6e00bf33da88fc2, 0xd5a79147930aa725, 0x06ca6351e003826f, 0x142929670a0e6e70,
0x27b70a8546d22ffc, 0x2e1b21385c26c926, 0x4d2c6dfc5ac42aed, 0x53380d139d95b3df,
0x650a73548baf63de, 0x766a0abb3c77b2a8, 0x81c2c92e47edaee6, 0x92722c851482353b,
0xa2bfe8a14cf10364, 0xa81a664bbc423001, 0xc24b8b70d0f89791, 0xc76c51a30654be30,
0xd192e819d6ef5218, 0xd69906245565a910, 0xf40e35855771202a, 0x106aa07032bbd1b8,
0x19a4c116b8d2d0c8, 0x1e376c085141ab53, 0x2748774cdf8eeb99, 0x34b0bcb5e19b48a8,
0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb, 0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3,
0x748f82ee5defb2fc, 0x78a5636f43172f60, 0x84c87814a1f0ab72, 0x8cc702081a6439ec,
0x90befffa23631e28, 0xa4506cebde82bde9, 0xbef9a3f7b2c67915, 0xc67178f2e372532b,
0xca273eceea26619c, 0xd186b8c721c0c207, 0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178,
0x06f067aa72176fba, 0x0a637dc5a2c898a6, 0x113f9804bef90dae, 0x1b710b35131c471b,
0x28db77f523047d84, 0x32caab7b40c72493, 0x3c9ebe0a15c9bebc, 0x431d67c49c100d4c,
0x4cc5d4becb3e42b6, 0x597f299cfc657e2a, 0x5fcb6fab3ad6faec, 0x6c44198c4a475817
};
// Section 5.3.4
WORD H[] = {
0x6a09e667f3bcc908, 0xbb67ae8584caa73b, 0x3c6ef372fe94f82b, 0xa54ff53a5f1d36f1,
0x510e527fade682d1, 0x9b05688c2b3e6c1f, 0x1f83d9abfb41bd6b, 0x5be0cd19137e2179
};
// Returns 1 if it create a new block from original message or padding
// Returns 0 if all padded message has already been consumed - DONE
int next_block(FILE *f, union Block *M, enum Status *S, __uint128_t *nobits){
// Number of bytes read
size_t nobytes;
if(*S == END){
return 0;
} else if (*S == READ){
// Try to read 64 bytes from the input file
nobytes = fread(M->bytes, 1, 128, f);
// Calculate total bits read so far
*nobits = *nobits + (8 * nobytes);
// Enough room for padding
if(nobytes == 128){
// This happends when we can read 128 bytes from f
// Do nothing
} else if(nobytes < 112){
// This happends when we have enough room for all the padding
// Append a 1 but (and seven 0 bits to make a full bytes)
M->bytes[nobytes] = 0x80; // in bits: 1000000
// Append enough 0 bits, leaving 64 at the end
for(nobytes++; nobytes < 121; nobytes++){
M->bytes[nobytes] = 0x00; // In bits: 0000000
}
// Append length of orignal input (CHECK ENDIANESS)
//M->sixf[7] = *nobits;
M->sixf[7] = (islilend() ? bswap_64(*nobits) : *nobits);
*S = END;
} else{
// Get to the end of the input message
// Not enough room in this block for all padding
// Append a 1 bit (and seven 0 bits to make a full byte)
M->bytes[nobytes++] = 0x80;
// Append 0 bits
for(nobytes++; nobytes < 128; nobytes++ ){
// Error: trying to write to B ->nobytes[64]
M->bytes[nobytes] = 0x00; // In bits: 0000000
}
// Change the status to PAD
*S = PAD; // Runs if block again to return 0
}
} else if (*S == PAD){
// Append 0 bits
for(nobytes = 0; nobytes < 112; nobytes++){
M->bytes[nobytes] = 0x00; // In bits: 0000000
}
// Appends nobuts as an int. (CHECK ENDIANESS)
M->sixf[7] = (islilend() ? bswap_64(*nobits) : *nobits);
//M->sixf[7] = *nobits;
// Change the status to PAD
*S = END;
}
//Swap the byte order of words if we're little endian
if(islilend())
for(int i = 0; i < 16; i++)
M->words[i] = bswap_64(M->words[i]);
return 1;
}
int next_hash(union Block *M, WORD H[]){
// Message schedule, Section 6.2.2
WORD W[80];
//Iterator
int t;
// Temporary variables
WORD a, b, c, d, e, f, g, h, T1, T2;
// Section 6.2.2 part 1
for(t = 0; t < 16; t++)
W[t] = M->words[t];
for(t = 16; t < 80; t++)
W[t] = Sig1(W[t-2]) + W[t-7] + Sig0(W[t-15]) + W[t-16];
// Section 6.2.2 part 2
a = H[0]; b = H[1]; c = H[2]; d = H[3];
e = H[4]; f = H[5]; g = H[6]; h = H[7];
// Part 3
for(t = 0;t < 79; t++){
T1 = h + SIG1(e) + CH(e, f, g) + K[t] + W[t];
T2 = SIG0(a) + MAJ(a, b, c);
h = g;
g = f;
f = e;
e = d + T1;
d = c;
c = b;
b = a;
a = T1 + T2;
}
// Part 4
H[0] = a + H[0];
H[1] = b + H[1];
H[2] = c + H[2];
H[3] = d + H[3];
H[4] = e + H[4];
H[5] = f + H[5];
H[6] = g + H[6];
H[7] = h + H[7];
return 0;
}
int sha512(FILE *f, WORD H[]){ // The function that performs the SHA256 algorithm on message f
// Current Block
union Block M;
// Total number of bits read
__uint128_t nobits = 0;
// Current status of reading input
enum Status S = READ;
// Loop through preproc blocks
// For i=1 to N
while (next_block(f, &M, &S, &nobits)){
next_hash(&M, H);
}
return 0;
}
int main(int argc, char *argv[]){
// Section 5.3.5
WORD H[] = {
0x6a09e667f3bcc908, 0xbb67ae8584caa73b, 0x3c6ef372fe94f82b, 0xa54ff53a5f1d36f1,
0x510e527fade682d1, 0x9b05688c2b3e6c1f, 0x1f83d9abfb41bd6b, 0x5be0cd19137e2179
};
FILE *f;
int menuOption;
// Check if file was entered as cmd argument.
if (argv[1] == NULL){
printf("Please select an option 1 or 2.\n");
printf("1: Calculate SHA-512 from file\n");
printf("2: Calculate SHA-512 from a string\n");
printf(">");
scanf("%d", &menuOption);
if (menuOption == 1){
printf("Please Enter File Name: ");
scanf("%s", fileName);
printf("Searching for %s.....\n", fileName);
}
else if (menuOption == 2){
printf("Please Enter a String: ");
scanf("%s", commandInput);
writeToFileInput(commandInput); // write the users input to a file.
strcpy(fileName, "userInput/inputStrings.txt");
}
else{
printf("Invalid option ");
}
f = fopen(fileName, "r");
}
else{
f = fopen(argv[1], "r");
strcpy(fileName, argv[1]);
}
// Check if file opened succesfully.
if (f == NULL){
printf("[ERROR]: Could not open file.\n");
}
else{
// Run Secure Hash Algorithim on the file.
printf("\n");
printf("\n========= SHA-512 Encryption ========= \n");
printf("File Read Successfully!\n\n");
printf("Now Running SHA-512 Hash Computation.....\n");
if(menuOption == 1){
printf("Encrypting File: %s\n", fileName);
}else{
printf("Encrypting String: %s\n", commandInput);
}
sha512(f, H);
}
// Print SHA-512 digest
printf("Encryption Complete!\n");
printf("Message Digest: ");
for(int i = 0;i < 8;i++)
printf("%" PF, H[i]);
printf("\n================ END ================= \n");
fclose(f);
return 0;
}
int writeToFileInput(char inputString[])
{
FILE *inputFile;
char path[] = "userInput/inputStrings.txt";
// Open file in w (write) mode. (Overrides file)
inputFile = fopen(path, "w");
if (inputFile == NULL){
printf("Unable to write file.\n");
return 0;
}
// Write data to file .
fputs(inputString, inputFile);
// Close file to save file data.
fclose(inputFile);
return 1;
}
Программа может принимать ввод из текстового файла в командной строке, во время выполнения или строковый ввод во время выполнения.