Adding functionality for both sha224 and sha256 modes in the SHA256 class.

secworks · secworks · commit 70c528a53967 · 2016-06-02T18:27:35.000+02:00
diff --git a/src/model/python/sha256.py b/src/model/python/sha256.py
@@ -12,30 +12,30 @@
 # Author: Joachim Strömbergson
 # Copyright (c) 2013 Secworks Sweden AB
 # All rights reserved.
-# 
-# Redistribution and use in source and binary forms, with or 
-# without modification, are permitted provided that the following 
-# conditions are met: 
-# 
-# 1. Redistributions of source code must retain the above copyright 
-#    notice, this list of conditions and the following disclaimer. 
-# 
-# 2. Redistributions in binary form must reproduce the above copyright 
-#    notice, this list of conditions and the following disclaimer in 
-#    the documentation and/or other materials provided with the 
-#    distribution. 
-# 
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 
-# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 
+#
+# Redistribution and use in source and binary forms, with or
+# without modification, are permitted provided that the following
+# conditions are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
 # BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 #
 #=======================================================================
@@ -56,7 +56,12 @@
 # ChaCha()
 #-------------------------------------------------------------------
 class SHA256():
-    def __init__(self, verbose = 0):
+    def __init__(self, mode="sha256", verbose = 0):
+        if mode not in ["sha224", "sha256"]:
+            print("Given mode %s is not supporte." % mode)
+            return 0
+
+        self.mode = mode
         self.verbose = verbose
         self.H = [0] * 8
         self.t1 = 0
@@ -88,12 +93,15 @@ def __init__(self, verbose = 0):
                   0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
                   0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
                   0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2]
-        
-        
+
+
     def init(self):
-        self.H = [0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
-                  0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19]
-        
+        if self.mode == "sha356":
+            self.H = [0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
+                      0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19]
+        else:
+            self.H = [0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939,
+                      0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4]
 
     def next(self, block):
         self._W_schedule(block)
@@ -115,25 +123,25 @@ def get_digest(self):
 
 
     def _copy_digest(self):
-        self.a = self.H[0] 
-        self.b = self.H[1] 
-        self.c = self.H[2] 
-        self.d = self.H[3] 
-        self.e = self.H[4] 
-        self.f = self.H[5] 
-        self.g = self.H[6] 
+        self.a = self.H[0]
+        self.b = self.H[1]
+        self.c = self.H[2]
+        self.d = self.H[3]
+        self.e = self.H[4]
+        self.f = self.H[5]
+        self.g = self.H[6]
         self.h = self.H[7]
-    
-    
+
+
     def _update_digest(self):
-        self.H[0] = (self.H[0] + self.a) & 0xffffffff 
-        self.H[1] = (self.H[1] + self.b) & 0xffffffff 
-        self.H[2] = (self.H[2] + self.c) & 0xffffffff 
-        self.H[3] = (self.H[3] + self.d) & 0xffffffff 
-        self.H[4] = (self.H[4] + self.e) & 0xffffffff 
-        self.H[5] = (self.H[5] + self.f) & 0xffffffff 
-        self.H[6] = (self.H[6] + self.g) & 0xffffffff 
-        self.H[7] = (self.H[7] + self.h) & 0xffffffff 
+        self.H[0] = (self.H[0] + self.a) & 0xffffffff
+        self.H[1] = (self.H[1] + self.b) & 0xffffffff
+        self.H[2] = (self.H[2] + self.c) & 0xffffffff
+        self.H[3] = (self.H[3] + self.d) & 0xffffffff
+        self.H[4] = (self.H[4] + self.e) & 0xffffffff
+        self.H[5] = (self.H[5] + self.f) & 0xffffffff
+        self.H[6] = (self.H[6] + self.g) & 0xffffffff
+        self.H[7] = (self.H[7] + self.h) & 0xffffffff
 
 
     def _print_state(self, round):
@@ -168,7 +176,7 @@ def _next_w(self, round):
 
         else:
             tmp_w = (self._delta1(self.W[14]) +
-                     self.W[9] + 
+                     self.W[9] +
                      self._delta0(self.W[1]) +
                      self.W[0]) & 0xffffffff
             for i in range(15):
@@ -203,7 +211,7 @@ def _delta0(self, x):
 
     def _delta1(self, x):
         return (self._rotr32(x, 17) ^ self._rotr32(x, 19) ^ self._shr32(x, 10))
-    
+
 
     def _T1(self, e, f, g, h, k, w):
         return (h + self._sigma1(e) + self._Ch(e, f, g) + k + w) & 0xffffffff
@@ -216,7 +224,7 @@ def _T2(self, a, b, c):
     def _rotr32(self, n, r):
         return ((n >> r) | (n << (32 - r))) & 0xffffffff
 
-    
+
     def _shr32(self, n, r):
         return (n >> r)
 
@@ -248,30 +256,104 @@ def compare_digests(digest, expected):
         print_digest(expected)
     else:
         print("Test case ok.")
-        
-    
+
+
 #-------------------------------------------------------------------
-# main()
+# sha224_tests()
 #
-# If executed tests the ChaCha class using known test vectors.
+# Tests for the SHA224 mode.
 #-------------------------------------------------------------------
-def main():
-    print("Testing the SHA-256 Python model.")
-    print("---------------------------------")
-    print
+def sha224_tests():
+
+    my_sha224 = SHA256(mode="sha224", verbose=0);
+
+    # TC1: NIST testcase with message "abc"
+    print("TC1: Single block message test specified by NIST.")
+    TC1_block = [0x61626380, 0x00000000, 0x00000000, 0x00000000,
+                 0x00000000, 0x00000000, 0x00000000, 0x00000000,
+                 0x00000000, 0x00000000, 0x00000000, 0x00000000,
+                 0x00000000, 0x00000000, 0x00000000, 0x00000018]
+
+    TC1_expected = [0xBA7816BF, 0x8F01CFEA, 0x414140DE, 0x5DAE2223,
+                    0xB00361A3, 0x96177A9C, 0xB410FF61, 0xF20015AD]
+
+    my_sha224.init()
+    my_sha224.next(TC1_block)
+    my_digest = my_sha224.get_digest()
+    compare_digests(my_digest, TC1_expected)
+    print("")
+
+
+    # TC2: NIST testcase with double block message."
+    print("TC2: Double block message test specified by NIST.")
+    TC2_1_block = [0x61626364, 0x62636465, 0x63646566, 0x64656667,
+                   0x65666768, 0x66676869, 0x6768696A, 0x68696A6B,
+                   0x696A6B6C, 0x6A6B6C6D, 0x6B6C6D6E, 0x6C6D6E6F,
+                   0x6D6E6F70, 0x6E6F7071, 0x80000000, 0x00000000]
+
+
+    TC2_2_block = [0x00000000, 0x00000000, 0x00000000, 0x00000000,
+                   0x00000000, 0x00000000, 0x00000000, 0x00000000,
+                   0x00000000, 0x00000000, 0x00000000, 0x00000000,
+                   0x00000000, 0x00000000, 0x00000000, 0x000001C0]
+
+    TC2_1_expected = [0x85E655D6, 0x417A1795, 0x3363376A, 0x624CDE5C,
+                      0x76E09589, 0xCAC5F811, 0xCC4B32C1, 0xF20E533A]
+
+    TC2_2_expected = [0x248D6A61, 0xD20638B8, 0xE5C02693, 0x0C3E6039,
+                      0xA33CE459, 0x64FF2167, 0xF6ECEDD4, 0x19DB06C1]
+
+    my_sha224.init()
+    my_sha224.next(TC2_1_block)
+    my_digest = my_sha224.get_digest()
+    compare_digests(my_digest, TC2_1_expected)
+
+    my_sha224.next(TC2_2_block)
+    my_digest = my_sha224.get_digest()
+    compare_digests(my_digest, TC2_2_expected)
+    print("")
+
+
+    # TC3: Huge message with n blocks
+    n = 1000
+    print("TC3: Huge message with %d blocks test case." % n)
+    TC3_block = [0xaa55aa55, 0xdeadbeef, 0x55aa55aa, 0xf00ff00f,
+                 0xaa55aa55, 0xdeadbeef, 0x55aa55aa, 0xf00ff00f,
+                 0xaa55aa55, 0xdeadbeef, 0x55aa55aa, 0xf00ff00f,
+                 0xaa55aa55, 0xdeadbeef, 0x55aa55aa, 0xf00ff00f]
+
+    TC3_expected = [0x7638f3bc, 0x500dd1a6, 0x586dd4d0, 0x1a1551af,
+                    0xd821d235, 0x2f919e28, 0xd5842fab, 0x03a40f2a]
+
+    my_sha224.init()
+    for i in range(n):
+        my_sha224.next(TC3_block)
+        my_digest = my_sha224.get_digest()
+        if (VERBOSE):
+            print("Digest for block %d:" % i)
+            print_digest(my_digest)
+    compare_digests(my_digest, TC3_expected)
+
+
+#-------------------------------------------------------------------
+# sha256_tests()
+#
+# Tests for the SHA256 mode.
+#-------------------------------------------------------------------
+def sha256_tests():
 
     my_sha256 = SHA256(verbose=0);
 
     # TC1: NIST testcase with message "abc"
     print("TC1: Single block message test specified by NIST.")
-    TC1_block = [0x61626380, 0x00000000, 0x00000000, 0x00000000, 
+    TC1_block = [0x61626380, 0x00000000, 0x00000000, 0x00000000,
                  0x00000000, 0x00000000, 0x00000000, 0x00000000,
                  0x00000000, 0x00000000, 0x00000000, 0x00000000,
                  0x00000000, 0x00000000, 0x00000000, 0x00000018]
-    
+
     TC1_expected = [0xBA7816BF, 0x8F01CFEA, 0x414140DE, 0x5DAE2223,
                     0xB00361A3, 0x96177A9C, 0xB410FF61, 0xF20015AD]
-    
+
     my_sha256.init()
     my_sha256.next(TC1_block)
     my_digest = my_sha256.get_digest()
@@ -328,14 +410,28 @@ def main():
             print("Digest for block %d:" % i)
             print_digest(my_digest)
     compare_digests(my_digest, TC3_expected)
-    
+
+
+#-------------------------------------------------------------------
+# main()
+#
+# If executed tests the ChaCha class using known test vectors.
+#-------------------------------------------------------------------
+def main():
+    print("Testing the SHA-256 Python model.")
+    print("---------------------------------")
+    print
+
+    sha224_tests()
+    sha256_tests()
+
 
 #-------------------------------------------------------------------
 # __name__
 # Python thingy which allows the file to be run standalone as
 # well as parsed from within a Python interpreter.
 #-------------------------------------------------------------------
-if __name__=="__main__": 
+if __name__=="__main__":
     # Run the main function.
     sys.exit(main())
 
