1
mirror of https://github.com/jedisct1/libsodium.git synced 2024-12-23 20:15:19 -07:00

H2C: convert DST encoding to suffix free

https://github.com/cfrg/draft-irtf-cfrg-hash-to-curve/pull/241
This commit is contained in:
Frank Denis 2020-04-10 09:41:47 +02:00
parent 0d951454c1
commit d01c49df02
3 changed files with 18 additions and 15 deletions

View File

@ -84,7 +84,8 @@ _string_to_points(unsigned char * const px, size_t n,
crypto_hash_sha512_state st;
unsigned char empty_block[128] = { 0 };
unsigned char u0[HASH_BYTES], u[2 * HASH_BYTES];
unsigned char t[4] = { 0U, n * HASH_L, 0U, 0 };
unsigned char t[3] = { 0U, n * HASH_L, 0U};
unsigned char ctx_len_u8;
size_t ctx_len = ctx != NULL ? strlen(ctx) : 0U;
size_t i, j;
@ -102,12 +103,13 @@ _string_to_points(unsigned char * const px, size_t n,
ctx_len = HASH_BYTES;
COMPILER_ASSERT(HASH_BYTES <= (size_t) 0xff);
}
ctx_len_u8 = (unsigned char) ctx_len;
crypto_hash_sha512_init(&st);
crypto_hash_sha512_update(&st, empty_block, sizeof empty_block);
crypto_hash_sha512_update(&st, msg, msg_len);
t[3] = (unsigned char) ctx_len;
crypto_hash_sha512_update(&st, t, 4U);
crypto_hash_sha512_update(&st, t, 3U);
crypto_hash_sha512_update(&st, (const unsigned char *) ctx, ctx_len);
crypto_hash_sha512_update(&st, &ctx_len_u8, 1U);
crypto_hash_sha512_final(&st, u0);
for (i = 0U; i < n * HASH_BYTES; i += HASH_BYTES) {
@ -115,11 +117,12 @@ _string_to_points(unsigned char * const px, size_t n,
for (j = 0U; i > 0U && j < HASH_BYTES; j++) {
u[i + j] ^= u[i + j - HASH_BYTES];
}
t[2]++;
crypto_hash_sha512_init(&st);
crypto_hash_sha512_update(&st, &u[i], HASH_BYTES);
t[2]++;
crypto_hash_sha512_update(&st, t + 2U, 2U);
crypto_hash_sha512_update(&st, &t[2], 1U);
crypto_hash_sha512_update(&st, (const unsigned char *) ctx, ctx_len);
crypto_hash_sha512_update(&st, &ctx_len_u8, 1U);
crypto_hash_sha512_final(&st, &u[i]);
}
for (i = 0U; i < n; i++) {

View File

@ -9,11 +9,11 @@ typedef struct TestData_ {
static TestData test_data[] = {
{ 0, "",
"115fe9c145cec75332210f75537f89a5af2e9e81928ab63225fcf0db4b9f0b41" },
"4af6284e3cc7116df104f6708e0c44d79b0e294ccd89b87c4c3c892ebd2f03b1" },
{ 0, "abc",
"2a78994752306e4a4eb1c629b3c8625cc26f143f1fe35fc728d295222eba7890" },
"23e704500ac22fd7106ceedd86bfcc8d50351a6303be22b2724fcc1280d00544" },
{ 0, "abcdef0123456789",
"0ca9e2b900bcdfc8b26d705040b6b6a6fd6bfadfd43982a2a59e1d069898ae6b" },
"34b8a16b923101f2d4caa48d9bb86fef4f92be0ce0f55c8ba9db55da23ad623e" },
{ 0,
"a512_"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
@ -24,14 +24,14 @@ static TestData test_data[] = {
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaa",
"511dee3fcc3a422738c453a58acdeafc08fc76f862e97d678adb26f03d0963b5" },
"31e648bbade3b272b7676f82da905d27de37f41581b1d170250dd9d56f95413c" },
{ 1, "",
"1af40833bed99ac42f445e9494dbcc489561b3995a40e3864a1b1bdb6ed6ecd0" },
"5c307efcdf7f0822428f932e66b46b3d88f59880772a1ab07fac5231609c5f76" },
{ 1, "abc",
"7bdb83b6322c4977ffbb69b18df168b56eec733a0254cac0e85eb790460ee4b2" },
"3f4887aeee9213d976e125bfd0e4e2201d7ddea8abfa28e47bec8df008821b1c" },
{ 1, "abcdef0123456789",
"2dd85e9585fba5ab3c22a07cf07b2cf4a19b10dcab49e1a4c8f952461e644bbc" },
"3c67b98967527a551ea54e4de791689834552009a7a40393fd4a23d1f04061ef" },
{ 1,
"a512_"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
@ -42,7 +42,7 @@ static TestData test_data[] = {
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaa",
"160e08388e85b6bcbec8f321ed1de259ffe88dc547a1ce506d61b30fd2378fc5" }
"4ce238dc1cac3b392767bda2c81e3374e61efa4c2f93c5c400f0d848b9b2e339" }
};
int

View File

@ -1,3 +1,3 @@
NU with oversized context: 313ed6e43b04d526ed4fb68296bed3db383dfd750e5b0d14b25bc696bef4831e
RO with oversized context: ac65cbab76476936d64678978d83fa5544dba1b190c72e6566c631e27b54bdd1
NU with oversized context: 998ca2fdd0ade350cb6c279173dfd4a6a42f46ca5c2928871aacff60c16546e3
RO with oversized context: d8eef92c8fc5d714a19bcf6f66de9285330438367c5dccaf9a3b1c192297903d
OK