Implement FIPS 180-4 algos: sha512/256 and sha512/224

sgolemon · sgolemon · commit 49a7be069700 · 2016-05-14T04:39:39.000Z
These algorithms are simple extensions to the existing sha512 algo
using different initialization vectors and producing truncated output.
diff --git a/NEWS b/NEWS
@@ -43,6 +43,7 @@ PHP                                                                        NEWS
 
 - Hash:
   . Added SHA3 fixed mode algorithms (224, 256, 384, and 512 bit). (Sara)
+  . Added SHA512/256 and SHA512/224 algorithms. (Sara)
 
 - JSON:
   . Escaped U+2028 and U+2029 when JSON_UNESCAPED_UNICODE is supplied as
diff --git a/ext/hash/hash.c b/ext/hash/hash.c
@@ -1007,6 +1007,8 @@ PHP_MINIT_FUNCTION(hash)
 	php_hash_register_algo("sha224",		&php_hash_sha224_ops);
 	php_hash_register_algo("sha256",		&php_hash_sha256_ops);
 	php_hash_register_algo("sha384",		&php_hash_sha384_ops);
+	php_hash_register_algo("sha512/224",            &php_hash_sha512_224_ops);
+	php_hash_register_algo("sha512/256",            &php_hash_sha512_256_ops);
 	php_hash_register_algo("sha512",		&php_hash_sha512_ops);
 	php_hash_register_algo("sha3-224",		&php_hash_sha3_224_ops);
 	php_hash_register_algo("sha3-256",		&php_hash_sha3_256_ops);
diff --git a/ext/hash/hash_sha.c b/ext/hash/hash_sha.c
@@ -939,6 +939,42 @@ PHP_HASH_API void PHP_SHA512Init(PHP_SHA512_CTX * context)
 }
 /* }}} */
 
+/* {{{ PHP_SHA512_256Init
+ * SHA512/245 initialization. Identical algorithm to SHA512, using alternate initval and truncation
+ */
+PHP_HASH_API void PHP_SHA512_256Init(PHP_SHA512_CTX * context)
+{
+	context->count[0] = context->count[1] = 0;
+
+	context->state[0] = L64(0x22312194FC2BF72C);
+	context->state[1] = L64(0x9F555FA3C84C64C2);
+	context->state[2] = L64(0x2393B86B6F53B151);
+	context->state[3] = L64(0x963877195940EABD);
+	context->state[4] = L64(0x96283EE2A88EFFE3);
+	context->state[5] = L64(0xBE5E1E2553863992);
+	context->state[6] = L64(0x2B0199FC2C85B8AA);
+	context->state[7] = L64(0x0EB72DDC81C52CA2);
+}
+/* }}} */
+
+/* {{{ PHP_SHA512_224Init
+ * SHA512/224 initialization. Identical algorithm to SHA512, using alternate initval and truncation
+ */
+PHP_HASH_API void PHP_SHA512_224Init(PHP_SHA512_CTX * context)
+{
+        context->count[0] = context->count[1] = 0;
+
+	context->state[0] = L64(0x8C3D37C819544DA2);
+	context->state[1] = L64(0x73E1996689DCD4D6);
+	context->state[2] = L64(0x1DFAB7AE32FF9C82);
+	context->state[3] = L64(0x679DD514582F9FCF);
+	context->state[4] = L64(0x0F6D2B697BD44DA8);
+	context->state[5] = L64(0x77E36F7304C48942);
+	context->state[6] = L64(0x3F9D85A86A1D36C8);
+	context->state[7] = L64(0x1112E6AD91D692A1);
+}
+/* }}} */
+
 /* {{{ PHP_SHA512Update
    SHA512 block update operation. Continues an SHA512 message-digest
    operation, processing another message block, and updating the
@@ -1024,6 +1060,28 @@ PHP_HASH_API void PHP_SHA512Final(unsigned char digest[64], PHP_SHA512_CTX * con
 }
 /* }}} */
 
+/* {{{ PHP_SHA512_256Final
+   SHA512/256 finalization. Identical to SHA512Final, but with truncation
+ */
+PHP_HASH_API void PHP_SHA512_256Final(unsigned char digest[32], PHP_SHA512_CTX * context)
+{
+	unsigned char full_digest[64];
+	PHP_SHA512Final(full_digest, context);
+	memcpy(digest, full_digest, 32);
+}
+/* }}} */
+
+/* {{{ PHP_SHA512_224Final
+   SHA512/224 finalization. Identical to SHA512Final, but with truncation
+ */
+PHP_HASH_API void PHP_SHA512_224Final(unsigned char digest[28], PHP_SHA512_CTX * context)
+{
+	unsigned char full_digest[64];
+	PHP_SHA512Final(full_digest, context);
+	memcpy(digest, full_digest, 28);
+}
+/* }}} */
+
 const php_hash_ops php_hash_sha512_ops = {
 	(php_hash_init_func_t) PHP_SHA512Init,
 	(php_hash_update_func_t) PHP_SHA512Update,
@@ -1034,6 +1092,26 @@ const php_hash_ops php_hash_sha512_ops = {
 	sizeof(PHP_SHA512_CTX)
 };
 
+const php_hash_ops php_hash_sha512_256_ops = {
+	(php_hash_init_func_t) PHP_SHA512_256Init,
+	(php_hash_update_func_t) PHP_SHA512_256Update,
+	(php_hash_final_func_t) PHP_SHA512_256Final,
+	(php_hash_copy_func_t) php_hash_copy,
+	32,
+	128,
+	sizeof(PHP_SHA512_CTX)
+};
+
+const php_hash_ops php_hash_sha512_224_ops = {
+	(php_hash_init_func_t) PHP_SHA512_224Init,
+	(php_hash_update_func_t) PHP_SHA512_224Update,
+	(php_hash_final_func_t) PHP_SHA512_224Final,
+	(php_hash_copy_func_t) php_hash_copy,
+	28,
+	128,
+	sizeof(PHP_SHA512_CTX)
+};
+
 /*
  * Local variables:
  * tab-width: 4
diff --git a/ext/hash/php_hash.h b/ext/hash/php_hash.h
@@ -64,6 +64,8 @@ extern const php_hash_ops php_hash_sha224_ops;
 extern const php_hash_ops php_hash_sha256_ops;
 extern const php_hash_ops php_hash_sha384_ops;
 extern const php_hash_ops php_hash_sha512_ops;
+extern const php_hash_ops php_hash_sha512_256_ops;
+extern const php_hash_ops php_hash_sha512_224_ops;
 extern const php_hash_ops php_hash_sha3_224_ops;
 extern const php_hash_ops php_hash_sha3_256_ops;
 extern const php_hash_ops php_hash_sha3_384_ops;
diff --git a/ext/hash/php_hash_sha.h b/ext/hash/php_hash_sha.h
@@ -94,4 +94,12 @@ PHP_HASH_API void PHP_SHA512Init(PHP_SHA512_CTX *);
 PHP_HASH_API void PHP_SHA512Update(PHP_SHA512_CTX *, const unsigned char *, unsigned int);
 PHP_HASH_API void PHP_SHA512Final(unsigned char[64], PHP_SHA512_CTX *);
 
+PHP_HASH_API void PHP_SHA512_256Init(PHP_SHA512_CTX *);
+#define PHP_SHA512_256Update PHP_SHA512Update
+PHP_HASH_API void PHP_SHA512_256Final(unsigned char[32], PHP_SHA512_CTX *);
+
+PHP_HASH_API void PHP_SHA512_224Init(PHP_SHA512_CTX *);
+#define PHP_SHA512_224Update PHP_SHA512Update
+PHP_HASH_API void PHP_SHA512_224Final(unsigned char[28], PHP_SHA512_CTX *);
+
 #endif /* PHP_HASH_SHA_H */
diff --git a/ext/hash/tests/hash_algos.phpt b/ext/hash/tests/hash_algos.phpt
@@ -18,7 +18,7 @@ var_dump(hash_algos());
 ===Done===
 --EXPECTF--
 *** Testing hash_algos() : basic functionality ***
-array(50) {
+array(52) {
   [%d]=>
   string(3) "md2"
   [%d]=>
@@ -34,6 +34,10 @@ array(50) {
   [%d]=>
   string(6) "sha384"
   [%d]=>
+  string(10) "sha512/224"
+  [%d]=>
+  string(10) "sha512/256"
+  [%d]=>
   string(6) "sha512"
   [%d]=>
   string(8) "sha3-224"
diff --git a/ext/hash/tests/hash_copy_001.phpt b/ext/hash/tests/hash_copy_001.phpt
@@ -52,6 +52,12 @@ string(64) "d3a13cf52af8e9390caed78b77b6b1e06e102204e3555d111dfd149bc5d54dba"
 string(6) "sha384"
 string(96) "6950d861ace4102b803ab8b3779d2f471968233010d2608974ab89804cef6f76162b4433d6e554e11e40a7cdcf510ea3"
 string(96) "6950d861ace4102b803ab8b3779d2f471968233010d2608974ab89804cef6f76162b4433d6e554e11e40a7cdcf510ea3"
+string(10) "sha512/224"
+string(56) "a2573d0e3f6c3e2d174c935a35a8ea31032f04e9e83499ac3ceda568"
+string(56) "a2573d0e3f6c3e2d174c935a35a8ea31032f04e9e83499ac3ceda568"
+string(10) "sha512/256"
+string(64) "fddacab80b3a610ba024c9d75a5fe0cafe5ae7c789f829b3c5fbea8ef11ccc1a"
+string(64) "fddacab80b3a610ba024c9d75a5fe0cafe5ae7c789f829b3c5fbea8ef11ccc1a"
 string(6) "sha512"
 string(128) "caced3db8e9e3a5543d5b933bcbe9e7834e6667545c3f5d4087b58ec8d78b4c8a4a5500c9b88f65f7368810ba9905e51f1cff3b25a5dccf76634108fb4e7ce13"
 string(128) "caced3db8e9e3a5543d5b933bcbe9e7834e6667545c3f5d4087b58ec8d78b4c8a4a5500c9b88f65f7368810ba9905e51f1cff3b25a5dccf76634108fb4e7ce13"
@@ -202,6 +208,12 @@ string(64) "268e7f4cf88504a53fd77136c4c4748169f46ff7150b376569ada9c374836944"
 string(6) "sha384"
 string(96) "6950d861ace4102b803ab8b3779d2f471968233010d2608974ab89804cef6f76162b4433d6e554e11e40a7cdcf510ea3"
 string(96) "0d44981d04bb11b1ef75d5c2932bd0aa2785e7bc454daac954d77e2ca10047879b58997533fc99650b20049c6cb9a6cc"
+string(10) "sha512/224"
+string(56) "a2573d0e3f6c3e2d174c935a35a8ea31032f04e9e83499ac3ceda568"
+string(56) "cbc2bbf0028ed803af785b0f264962c84ec48d8ee0908322ef995ddb"
+string(10) "sha512/256"
+string(64) "fddacab80b3a610ba024c9d75a5fe0cafe5ae7c789f829b3c5fbea8ef11ccc1a"
+string(64) "2cec704878ffa7128e0c4a61eef87d1f3c823184d364dfa3fed73beb00499b00"
 string(6) "sha512"
 string(128) "caced3db8e9e3a5543d5b933bcbe9e7834e6667545c3f5d4087b58ec8d78b4c8a4a5500c9b88f65f7368810ba9905e51f1cff3b25a5dccf76634108fb4e7ce13"
 string(128) "28d7c721433782a880f840af0c3f3ea2cad4ef55de2114dda9d504cedeb110e1cf2519c49e4b5da3da4484bb6ba4fd1621ceadc6408f4410b2ebe9d83a4202c2"
diff --git a/ext/hash/tests/sha512-224.phpt b/ext/hash/tests/sha512-224.phpt
@@ -0,0 +1,13 @@
+--TEST--
+sha512/224 algorithm
+--SKIPIF--
+<?php if(!extension_loaded("hash")) print "skip"; ?>
+--FILE--
+<?php
+echo hash('sha512/224', '') . "\n";
+echo hash('sha512/224', 'abc') . "\n";
+echo hash('sha512/224', 'abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu') . "\n";
+--EXPECT--
+6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4
+4634270f707b6a54daae7530460842e20e37ed265ceee9a43e8924aa
+23fec5bb94d60b23308192640b0c453335d664734fe40e7268674af9
diff --git a/ext/hash/tests/sha512-256.phpt b/ext/hash/tests/sha512-256.phpt
@@ -0,0 +1,13 @@
+--TEST--
+sha512/256 algorithm
+--SKIPIF--
+<?php if(!extension_loaded("hash")) print "skip"; ?>
+--FILE--
+<?php
+echo hash('sha512/256', '') . "\n";
+echo hash('sha512/256', 'abc') . "\n";
+echo hash('sha512/256', 'abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu') . "\n";
+--EXPECT--
+c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a
+53048e2681941ef99b2e29b76b4c7dabe4c2d0c634fc6d46e0e2f13107e7af23
+3928e184fb8690f840da3988121d31be65cb9d3ef83ee6146feac861e19b563a
