Skip to content

L
libvmod-blobdigest
Commit 4b7261bd authored by Geoff Simmons's avatar Geoff Simmons
Browse files
Options

add SHA3_256

parent 04a5a024
Hide whitespace changes
Inline Side-by-side
Showing with 186 additions and 4 deletions
src/gen_enum_parse.pl
View file @ 4b7261bd
......@@ -11,6 +11,7 @@ my @vals = (qw(
SHA384
SHA512
SHA3_224
SHA3_256
));
sub assert {
......
src/tests/sha3-256.vtc 0 → 100644
View file @ 4b7261bd
# looks like -*- vcl -*-
varnishtest "SHA3_256 hash"
# VMOD blobcode must be installed
varnish v1 -vcl {
import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so";
import blobcode;
backend b { .host = "${bad_ip}"; }
sub vcl_init {
# http://wolfgang-ehrhardt.de/hmac-sha3-testvectors.html
new k1 = blobcode.blob(HEX,
"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b");
new ehrhardt1 = blobdigest.hmac(SHA3_256, k1.get());
new k2 = blobcode.blob(IDENTITY, "Jefe");
new ehrhardt2 = blobdigest.hmac(SHA3_256, k2.get());
new k3 = blobcode.blob(HEX,
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
new ehrhardt3 = blobdigest.hmac(SHA3_256, k3.get());
new k4 = blobcode.blob(HEX,
"0102030405060708090a0b0c0d0e0f10111213141516171819");
new ehrhardt4 = blobdigest.hmac(SHA3_256, k4.get());
new k5 = blobcode.blob(HEX,
"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c");
new ehrhardt5 = blobdigest.hmac(SHA3_256, k5.get());
new k6 = blobcode.blob(HEX,
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
new ehrhardt6 = blobdigest.hmac(SHA3_256, k6.get());
new k7 = blobcode.blob(HEX,
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
new ehrhardt7 = blobdigest.hmac(SHA3_256, k7.get());
}
sub vcl_recv {
return(synth(200));
}
sub vcl_synth {
set resp.http.empty
= blobcode.encode(HEXUC, blobdigest.hash(SHA3_256,
blobcode.decode(IDENTITY, "")));
set resp.http.a
= blobcode.encode(HEXUC, blobdigest.hash(SHA3_256,
blobcode.decode(IDENTITY, "a")));
set resp.http.abc
= blobcode.encode(HEXUC, blobdigest.hash(SHA3_256,
blobcode.decode(IDENTITY, "abc")));
set resp.http.msgdigest
= blobcode.encode(HEXUC, blobdigest.hash(SHA3_256,
blobcode.decode(IDENTITY,
"message digest")));
set resp.http.alphalc
= blobcode.encode(HEXUC, blobdigest.hash(SHA3_256,
blobcode.decode(IDENTITY,
"abcdefghijklmnopqrstuvwxyz")));
set resp.http.alphasoup
= blobcode.encode(HEXLC, blobdigest.hash(SHA3_256,
blobcode.decode(IDENTITY,
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq")));
set resp.http.alphanum
= blobcode.encode(HEXUC, blobdigest.hash(SHA3_256,
blobcode.decode(IDENTITY,
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789")));
set resp.http.digits
= blobcode.encode(HEXUC, blobdigest.hash(SHA3_256,
blobcode.decode(IDENTITY,
"12345678901234567890123456789012345678901234567890123456789012345678901234567890")));
set resp.http.pangram
= blobcode.encode(HEXUC, blobdigest.hash(SHA3_256,
blobcode.decode(IDENTITY,
"The quick brown fox jumps over the lazy dog")));
# all 256 byte values in ascending, big-endian order
set resp.http.allbytes
= blobcode.encode(HEXLC, blobdigest.hash(SHA3_256,
blobcode.decode(BASE64,
"AQACAQMCBAMFBAYFBwYIBwkICgkLCgwLDQwODQ8OEA8REBIRExIUExUUFhUXFhgXGRgaGRsaHBsdHB4dHx4gHyEgIiEjIiQjJSQmJScmKCcpKCopKyosKy0sLi0vLjAvMTAyMTMyNDM1NDY1NzY4Nzk4Ojk7Ojw7PTw+PT8+QD9BQEJBQ0JEQ0VERkVHRkhHSUhKSUtKTEtNTE5NT05QT1FQUlFTUlRTVVRWVVdWWFdZWFpZW1pcW11cXl1fXmBfYWBiYWNiZGNlZGZlZ2ZoZ2loamlramxrbWxubW9ucG9xcHJxc3J0c3V0dnV3dnh3eXh6eXt6fHt9fH59f36Afw==")));
set resp.http.ehrhardt1 = blobcode.encode(HEXLC,
ehrhardt1.hmac(blobcode.decode(IDENTITY, "Hi There")));
set resp.http.ehrhardt2
= blobcode.encode(HEXLC,
ehrhardt2.hmac(blobcode.decode(IDENTITY,
"what do ya want for nothing?")));
set resp.http.ehrhardt3
= blobcode.encode(HEXLC,
ehrhardt3.hmac(blobcode.decode(HEX,
"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd")));
set resp.http.ehrhardt4
= blobcode.encode(HEXLC,
ehrhardt4.hmac(blobcode.decode(HEX,
"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd")));
set resp.http.ehrhardt5
= blobcode.encode(HEXLC,
ehrhardt5.hmac(blobcode.decode(IDENTITY,
"Test With Truncation")));
set resp.http.ehrhardt6
= blobcode.encode(HEXLC,
ehrhardt6.hmac(blobcode.decode(IDENTITY,
"Test Using Larger Than Block-Size Key - Hash Key First")));
set resp.http.ehrhardt7
= blobcode.encode(HEXLC,
ehrhardt6.hmac(blobcode.decode(IDENTITY,
"This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.")));
set resp.http.ehrhardt6a
= blobcode.encode(HEXLC,
ehrhardt7.hmac(blobcode.decode(IDENTITY,
"Test Using Larger Than Block-Size Key - Hash Key First")));
set resp.http.ehrhardt7a
= blobcode.encode(HEXLC,
ehrhardt7.hmac(blobcode.decode(IDENTITY,
"This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.")));
}
} -start
client c1 {
txreq
rxresp
expect resp.status == 200
# from librhash
expect resp.http.empty == "A7FFC6F8BF1ED76651C14756A061D662F580FF4DE43B49FA82D80A4B80F8434A"
expect resp.http.a == "80084BF2FBA02475726FEB2CAB2D8215EAB14BC6BDD8BFB2C8151257032ECD8B"
expect resp.http.abc == "3A985DA74FE225B2045C172D6BD390BD855F086E3E9D525B46BFE24511431532"
expect resp.http.msgdigest == "EDCDB2069366E75243860C18C3A11465ECA34BCE6143D30C8665CEFCFD32BFFD"
expect resp.http.alphalc == "7CAB2DC765E21B241DBC1C255CE620B29F527C6D5E7F5F843E56288F0D707521"
expect resp.http.alphanum == "A79D6A9DA47F04A3B9A9323EC9991F2105D4C78A7BC7BEEB103855A7A11DFB9F"
expect resp.http.digits == "293E5CE4CE54EE71990AB06E511B7CCD62722B1BEB414F5FF65C8274E0F5BE1D"
expect resp.http.pangram == "69070DDA01975C8C120C3AADA1B282394E7F032FA9CF32F4CB2259A0897DFC04"
# from http://www.di-mgt.com.au/sha_testvectors.html
expect resp.http.alphasoup == "41c0dba2a9d6240849100376a8235e2c82e1b9998a999e21db32dd97496d3376"
# verified with: base64 -d | rhash --sha3-256 -
expect resp.http.allbytes == "06b0a7c8b08fa1e1a3d21cee0b32c05fc193452d2a6b7222a9501a9f745b5daa"
# cf. http://wolfgang-ehrhardt.de/hmac-sha3-testvectors.html
expect resp.http.ehrhardt1 == "ba85192310dffa96e2a3a40e69774351140bb7185e1202cdcc917589f95e16bb"
expect resp.http.ehrhardt2 == "c7d4072e788877ae3596bbb0da73b887c9171f93095b294ae857fbe2645e1ba5"
expect resp.http.ehrhardt3 == "84ec79124a27107865cedd8bd82da9965e5ed8c37b0ac98005a7f39ed58a4207"
expect resp.http.ehrhardt4 == "57366a45e2305321a4bc5aa5fe2ef8a921f6af8273d7fe7be6cfedb3f0aea6d7"
expect resp.http.ehrhardt5 ~ "^6e02c64537fb118057abb7fb66a23b3c"
expect resp.http.ehrhardt6 == "ed73a374b96c005235f948032f09674a58c0ce555cfc1f223b02356560312c3b"
expect resp.http.ehrhardt7 == "65c5b06d4c3de32a7aef8763261e49adb6e2293ec8e7c61e8de61701fc63e123"
expect resp.http.ehrhardt6a == "a6072f86de52b38bb349fe84cd6d97fb6a37c4c0f62aae93981193a7229d3467"
expect resp.http.ehrhardt7a == "e6a36d9b915f86a093cac7d110e9e04cf1d6100d30475509c2475f571b758b5a"
} -run
src/vmod_blobdigest.c
View file @ 4b7261bd
......@@ -102,6 +102,9 @@ init(const enum algorithm hash, hash_ctx * const hctx)
case SHA3_224:
rhash_sha3_224_init(&hctx->sha3);
break;
case SHA3_256:
rhash_sha3_256_init(&hctx->sha3);
break;
default:
WRONG("illegal algorithm");
}
......@@ -129,6 +132,7 @@ update(const enum algorithm hash, hash_ctx *restrict const hctx,
rhash_sha512_update(&hctx->sha512, msg, len);
break;
case SHA3_224:
case SHA3_256:
rhash_sha3_update(&hctx->sha3, msg, len);
break;
default:
......@@ -158,6 +162,7 @@ final(const enum algorithm hash, hash_ctx *restrict const hctx,
rhash_sha512_final(&hctx->sha512, result);
break;
case SHA3_224:
case SHA3_256:
rhash_sha3_final(&hctx->sha3, result);
break;
default:
......
src/vmod_blobdigest.h
View file @ 4b7261bd
......@@ -78,4 +78,8 @@ static const struct hashspec {
sha3_224_hash_size,
SHA3_BLOCKSZ(224),
},
[SHA3_256] = {
sha3_256_hash_size,
SHA3_BLOCKSZ(256),
},
};
src/vmod_blobdigest.vcc
View file @ 4b7261bd
......@@ -9,8 +9,8 @@
$Module blobdigest 3 digests and hmacs for the VCL blob type
$Object hmac(ENUM {MD5, SHA1, SHA224, SHA256, SHA384, SHA512, SHA3_224} hash,
BLOB key)
$Object hmac(ENUM {MD5, SHA1, SHA224, SHA256, SHA384, SHA512, SHA3_224,
SHA3_256} hash, BLOB key)
Prototype
new OBJ = blobdigest.hmac(ENUM hash, BLOB key)
......@@ -32,8 +32,8 @@ Description
Example
``set req.http.hmac = hmac.hmac(blobcode.decode(BASE64, "Zm9v"));``
$Function BLOB hash(ENUM {MD5, SHA1, SHA224, SHA256, SHA384, SHA512, SHA3_224}
hash, BLOB msg)
$Function BLOB hash(ENUM {MD5, SHA1, SHA224, SHA256, SHA384, SHA512, SHA3_224,
SHA3_256} hash, BLOB msg)
$Function STRING version()
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment