/src/botan/src/lib/hash/comb4p/comb4p.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Comb4P hash combiner |
3 | | * (C) 2010 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #include <botan/internal/comb4p.h> |
9 | | |
10 | | #include <botan/exceptn.h> |
11 | | #include <botan/internal/fmt.h> |
12 | | #include <botan/internal/stl_util.h> |
13 | | |
14 | | namespace Botan { |
15 | | |
16 | | namespace { |
17 | | |
18 | | void comb4p_round(secure_vector<uint8_t>& out, |
19 | | const secure_vector<uint8_t>& in, |
20 | | uint8_t round_no, |
21 | | HashFunction& h1, |
22 | 0 | HashFunction& h2) { |
23 | 0 | h1.update(round_no); |
24 | 0 | h2.update(round_no); |
25 | |
|
26 | 0 | h1.update(in.data(), in.size()); |
27 | 0 | h2.update(in.data(), in.size()); |
28 | |
|
29 | 0 | secure_vector<uint8_t> h_buf = h1.final(); |
30 | 0 | xor_buf(out.data(), h_buf.data(), std::min(out.size(), h_buf.size())); |
31 | |
|
32 | 0 | h_buf = h2.final(); |
33 | 0 | xor_buf(out.data(), h_buf.data(), std::min(out.size(), h_buf.size())); |
34 | 0 | } |
35 | | |
36 | | } // namespace |
37 | | |
38 | | Comb4P::Comb4P(std::unique_ptr<HashFunction> h1, std::unique_ptr<HashFunction> h2) : |
39 | 0 | m_hash1(std::move(h1)), m_hash2(std::move(h2)) { |
40 | 0 | if(m_hash1->name() == m_hash2->name()) { |
41 | 0 | throw Invalid_Argument("Comb4P: Must use two distinct hashes"); |
42 | 0 | } |
43 | | |
44 | 0 | if(m_hash1->output_length() != m_hash2->output_length()) { |
45 | 0 | throw Invalid_Argument(fmt("Comb4P: Incompatible hashes {} and {}", m_hash1->name(), m_hash2->name())); |
46 | 0 | } |
47 | | |
48 | 0 | clear(); |
49 | 0 | } |
50 | | |
51 | 0 | std::string Comb4P::name() const { |
52 | 0 | return fmt("Comb4P({},{})", m_hash1->name(), m_hash2->name()); |
53 | 0 | } |
54 | | |
55 | 0 | std::unique_ptr<HashFunction> Comb4P::new_object() const { |
56 | 0 | return std::make_unique<Comb4P>(m_hash1->new_object(), m_hash2->new_object()); |
57 | 0 | } |
58 | | |
59 | 0 | size_t Comb4P::hash_block_size() const { |
60 | 0 | if(m_hash1->hash_block_size() == m_hash2->hash_block_size()) { |
61 | 0 | return m_hash1->hash_block_size(); |
62 | 0 | } |
63 | | |
64 | | /* |
65 | | * Return LCM of the block sizes? This would probably be OK for |
66 | | * HMAC, which is the main thing relying on knowing the block size. |
67 | | */ |
68 | 0 | return 0; |
69 | 0 | } |
70 | | |
71 | 0 | void Comb4P::clear() { |
72 | 0 | m_hash1->clear(); |
73 | 0 | m_hash2->clear(); |
74 | | |
75 | | // Prep for processing next message, if any |
76 | 0 | m_hash1->update(0); |
77 | 0 | m_hash2->update(0); |
78 | 0 | } |
79 | | |
80 | 0 | std::unique_ptr<HashFunction> Comb4P::copy_state() const { |
81 | | // Can't use make_unique as this constructor is private |
82 | 0 | std::unique_ptr<Comb4P> copy(new Comb4P); |
83 | 0 | copy->m_hash1 = m_hash1->copy_state(); |
84 | 0 | copy->m_hash2 = m_hash2->copy_state(); |
85 | 0 | return copy; |
86 | 0 | } |
87 | | |
88 | 0 | void Comb4P::add_data(std::span<const uint8_t> input) { |
89 | 0 | m_hash1->update(input); |
90 | 0 | m_hash2->update(input); |
91 | 0 | } |
92 | | |
93 | 0 | void Comb4P::final_result(std::span<uint8_t> output) { |
94 | 0 | secure_vector<uint8_t> h1 = m_hash1->final(); |
95 | 0 | secure_vector<uint8_t> h2 = m_hash2->final(); |
96 | | |
97 | | // First round |
98 | 0 | xor_buf(h1.data(), h2.data(), std::min(h1.size(), h2.size())); |
99 | | |
100 | | // Second round |
101 | 0 | comb4p_round(h2, h1, 1, *m_hash1, *m_hash2); |
102 | | |
103 | | // Third round |
104 | 0 | comb4p_round(h1, h2, 2, *m_hash1, *m_hash2); |
105 | |
|
106 | 0 | BufferStuffer out(output); |
107 | 0 | copy_mem(out.next(h1.size()).data(), h1.data(), h1.size()); |
108 | 0 | copy_mem(out.next(h2.size()).data(), h2.data(), h2.size()); |
109 | | |
110 | | // Prep for processing next message, if any |
111 | 0 | m_hash1->update(0); |
112 | 0 | m_hash2->update(0); |
113 | 0 | } |
114 | | |
115 | | } // namespace Botan |