Lines Matching full:hash
125 block cipher and hash function to ensure that they compile and execute to the published design specifications. The library
254 related issue is if you use the same symmetric cipher, hash or public key state data in multiple threads. Normally
1749 \chapter{One-Way Cryptographic Hash Functions}
1751 Like the ciphers, there are hash core functions and a universal data type to hold the hash state called \textit{hash\_state}. To initialize hash
1753 \index{Hash Functions}
1758 This simply sets up the hash to the default state governed by the specifications of the hash. To add data to the message being hashed call:
1764 Essentially all hash messages are virtually infinitely\footnote{Most hashes are limited to $2^{64}$ bits or 2,305,843,009,213,693,952 bytes.} long message which
1765 are buffered. The data can be passed in any sized chunks as long as the order of the bytes are the same the message digest (hash output) will be the same. For example,
1777 To finally get the message digest (the hash) call:
1783 This function will finish up the hash and store the result in the \textit{out} array. You must ensure that \textit{out} is long
1784 enough for the hash in question. Often hashes are used to get keys for symmetric ciphers so the \textit{XXX\_done()} functions
1787 To test a hash function call:
1792 This will return {\bf CRYPT\_OK} if the hash matches the test vectors, otherwise it returns an error code. An
1802 /* setup the hash */
1808 /* get the hash in out[0..15] */
1816 \mysection{Hash Descriptors}
1817 Like the set of ciphers, the set of hashes have descriptors as well. They are stored in an array called \textit{hash\_descriptor} and
1824 unsigned long blocksize; /* the block size the hash uses */
1826 void (*init) (hash_state *hash);
1828 int (*process)( hash_state *hash,
1832 int (*done) (hash_state *hash, unsigned char *out);
1839 The \textit{name} member is the name of the hash function (all lowercase). The \textit{hashsize} member is the size of the digest output
1840 in bytes, while \textit{blocksize} is the size of blocks the hash expects to the compression function. Technically, this detail is not important
1843 The \textit{init} member initializes the hash, \textit{process} passes data through the hash, \textit{done} terminates the hash and retrieves the
1844 digest. The \textit{test} member tests the hash against the specified test vectors.
1846 There is a function to search the array as well called \textit{int find\_hash(char *name)}. It returns -1 if the hash is not found, otherwise, the
1847 position in the descriptor table of the hash.
1849 In addition, there is also find\_hash\_oid() which finds a hash by the ASN.1 OBJECT IDENTIFIER string.
1855 You can use the table to indirectly call a hash function that is chosen at run-time. For example:
1861 unsigned char buffer[100], hash[MAXBLOCKSIZE];
1874 printf("Enter hash name: \n");
1878 /* get hash index */
1881 printf("Invalid hash name!\n");
1885 /* hash input until blank line */
1889 hash_descriptor[idx].done(&md, hash);
1893 printf("%02x ", hash[x]);
1900 Note the usage of \textbf{MAXBLOCKSIZE}. In LibTomCrypt, no symmetric block, key or hash digest is larger than \textbf{MAXBLOCKSIZE} in
1903 There are three helper functions to make working with hashes easier. The first is a function to hash a buffer, and produce the digest in a single
1906 \index{hash\_memory()}
1908 int hash_memory( int hash,
1915 This will hash the data pointed to by \textit{in} of length \textit{inlen}. The hash used is indexed by the \textit{hash} parameter. The message
1919 \index{hash\_file()}
1921 int hash_file( int hash,
1927 This will hash the file named by \textit{fname} using the hash indexed by \textit{hash}. The file named in this function call must be readable by the
1931 \index{hash\_filehandle()}
1933 int hash_filehandle( int hash,
1939 This will hash the file identified by the handle \textit{in} using the hash indexed by \textit{hash}. This will begin hashing from the current file pointer position, and
1943 To perform the above hash with md5 the following code could be used:
1953 /* register the hash */
1959 /* get the index of the hash */
1962 /* call the hash */
1974 \subsection{Hash Registration}
1975 Similar to the cipher descriptor table you must register your hash algorithms before you can use them. These functions
1979 int register_hash(const struct _hash_descriptor *hash);
1981 int unregister_hash(const struct _hash_descriptor *hash);
1985 \index{Hash descriptor table}
2012 \mysection{Cipher Hash Construction}
2013 \index{Cipher Hash Construction}
2014 An addition to the suite of hash functions is the \textit{Cipher Hash Construction} or \textit{CHC} mode. In this mode
2015 applicable block ciphers (such as AES) can be turned into hash functions that other LTC functions can use. In
2018 In order to use the CHC system the developer will have to take a few extra steps. First the \textit{chc\_desc} hash
2019 descriptor must be registered with register\_hash(). At this point the CHC hash cannot be used to hash
2020 data. While it is in the hash system you still have to tell the CHC code which cipher to use. This is accomplished
2030 be bound to the CHC hash at a time. There are additional requirements for the system to work.
2045 /* register cipher and hash */
2051 printf("Could not register hash\n");
2073 for all purposes you would normally use a hash for.
2077 Thanks to Dobes Vandermeer, the library now includes support for hash based message authentication codes, or HMAC for short. An HMAC
2082 The HMAC support works much like the normal hash functions except that the initialization routine requires you to pass a key
2088 int hash,
2092 The \textit{hmac} parameter is the state for the HMAC code. The \textit{hash} parameter is the index into the descriptor table of the hash you want
2102 number of octets to process. Like the hash process routines you can send the data in arbitrarily sized chunks. When you
2112 produced (depending on which hash was picked). If \textit{outlen} is less than the size of the message digest (and ultimately
2122 int hash,
2127 This will produce an HMAC code for the array of octets in \textit{in} of length \textit{inlen}. The index into the hash descriptor
2128 table must be provided in \textit{hash}. It uses the key from \textit{key} with a key length of \textit{keylen}.
2134 int hash,
2139 \textit{hash} is the index into the hash descriptor table of the hash you want to use. \textit{fname} is the filename to process.
2167 /* get index of SHA1 in hash descriptor table */
2203 HMAC routines. Instead, in this case a cipher is used instead of a hash.
2871 to work with most cipher and hash combos based on which you have chosen to build into the library.} while
2875 and SHA--256 hash function. Technically, Fortuna will work with any block cipher that accepts a 256--bit
2876 key, and any hash that produces at least a 256--bit output. However, to make the implementation simpler
3134 \textit{modulus\_bitlen}. \textit{hash\_idx} is the index into the hash descriptor table of the hash desired. PKCS \#1 allows any hash to be
3135 used but both the encoder and decoder must use the same hash in order for this to succeed. The size of hash output affects the maximum
3139 If $h$ is the length of the hash and $m$ the length of the modulus (both in octets) then the maximum payload for \textit{msg} is
3140 $m - 2h - 2$. For example, with a $1024$--bit RSA key and SHA--1 as the hash the maximum payload is $86$ bytes.
3164 and must match what was used during encoding. Similarly the \textit{hash\_idx} index into the hash descriptor table must match what was used
3190 This function assumes the message to be PSS encoded has previously been hashed. The input hash \textit{msghash} is of length
3192 \textit{hash\_idx} is the index into the hash descriptor table of the hash to use. \textit{prng\_idx} and \textit{prng} are the random
3196 of the modulus $h$ the length of the hash output (in octets) then there can be $m - h - 2$ bytes of salt.
3198 This function does not actually sign the data it merely pads the hash of a message so that it can be processed by rsa\_exptmod().
3217 \textit{msghashlen}. If the block is a valid PSS block and the decoded hash equals the hash supplied \textit{res} is set to non--zero. Otherwise,
3220 It's important to use the same \textit{saltlen} and hash for both encoding and decoding as otherwise the procedure will not work.
3251 the hash of documents only but also to pad the inputs with data to remove such structure.
3344 When performing v1.5 encryption, the hash and lparam parameters are totally ignored and can be set to \textbf{NULL} or zero (respectively).
3388 When performing v1.5 decryption, the hash and lparam parameters are totally ignored and can be set to \textbf{NULL} or zero (respectively).
3408 This will PSS encode the message digest pointed to by \textit{in} of length \textit{inlen} octets. Next, the PSS encoded hash will be RSA
3411 The \textit{hash\_idx} parameter indicates which hash will be used to create the PSS encoding. It should be the same as the hash used to
3412 hash the message being signed. The \textit{saltlen} parameter indicates the length of the desired salt, and should typically be small. A good
3414 the RSA modulus (in octets), and \textit{hLen} is the length of the message digest produced by the chosen hash.
3435 This will PKCS encode the message digest pointed to by \textit{in} of length \textit{inlen} octets. Next, the PKCS encoded hash will be RSA
3440 When performing a v1.5 signature the \textit{prng}, \textit{prng\_idx}, and \textit{hash\_idx} parameters are not checked and can be left to any
3457 and the extracted hash is compared against the message digest pointed to by \textit{msghash} of length \textit{msghashlen} octets.
3459 If the RSA decoded data is not a valid PSS message, or if the PSS decoded hash does not match the \textit{msghash}
3471 const unsigned char *hash,
3481 and the extracted hash is compared against the message digest pointed to by \textit{msghash} of length \textit{msghashlen} octets.
3483 If the RSA decoded data is not a valid PSS message, or if the PKCS decoded hash does not match the \textit{msghash}
3487 \textbf{LTC\_PKCS\_1\_PSS} to perform a v2.1 verification. When performing a v1.5 verification the \textit{hash\_idx} parameter is ignored.
3500 /* register prng/hash */
3537 hash_idx, /* hash idx */
3552 hash_idx, /* hash idx */
3596 import the key, strip off the additional data (it's the preferred hash) and fill in the rsa\_key structure as if it were a native RSAPublicKey. Note that
3851 but it is very similar. It has been extended by using an ASN.1 sequence and hash object identifiers to allow portable usage. The following function
3863 int hash,
3869 hash algorithm indexed by \textit{hash} to construct a shared secret which may be XOR'ed against the plaintext. The ciphertext is stored in
3894 hashID OBJECT IDENTIFIER, -- OID of hash used
3897 --"hash of shared secret"
3907 To sign a message digest (hash) use the following function:
3929 const unsigned char *hash,
3936 pointed to by the array \textit{hash} of length \textit{hashlen}. It will store a non--zero value in \textit{stat} if the signature is valid. Note:
3944 With ECC if you try to sign a hash that is bigger than your ECC key you can run into problems. The math will still work, and in effect the signature will still
3945 work. With ECC keys the strength of the signature is limited by the size of the hash, or the size of they key, whichever is smaller. For example, if you sign with
4091 To verify a hash created with that function use the following function:
4097 const unsigned char *hash,
4102 Which will verify the data in \textit{hash} of length \textit{inlen} against the signature stored in \textit{sig} of length \textit{siglen}.
4107 a shared key is computed, and the hash of the shared key XOR'ed against the plaintext forms the ciphertext. The format used is functional port of
4121 int hash,
4772 people trying to brute force guess the password. The higher the iteration counter the longer the delay. This algorithm also requires a hash
4773 algorithm and produces an output no longer than the output of the hash.
4787 on the password. The \textit{hash\_idx} is the index of the hash you wish to use in the descriptor table.
4789 The output of length up to \textit{outlen} is stored in \textit{out}. If \textit{outlen} is initially larger than the size of the hash functions output
4790 it is set to the number of bytes stored. If it is smaller than not all of the hash output is stored in \textit{out}.
4795 hash functions output. As such, it can easily be used to derive session keys for ciphers and MACs as well initial vectors as required
4811 on the password. The \textit{hash\_idx} is the index of the hash you wish to use in the descriptor table. The output of length up to
4826 /* register hash and get it's idx .... */
5020 The rest of the code uses state variables you must pass it such as hash\_state, hmac\_state, etc. This means that if each
5280 cipher and a hash function.
5346 The entire API was designed with plug and play in mind at the low level. That is you can swap out any cipher, hash, PRNG or bignum library and the dependent API will not
5356 to functions that do the required work. For a given class of operation (e.g. cipher, hash, prng, bignum) the functions of a descriptor have identical prototypes which makes
5758 The hash functions are accessed through the ltc\_hash\_descriptor structure.
5763 /** name of hash */
5781 /** Init a hash state
5782 @param hash The hash to initialize
5785 int (*init)(hash_state *hash);
5788 @param hash The hash state
5789 @param in The data to hash
5793 int (*process)( hash_state *hash,
5798 @param hash The hash state
5802 int (*done)( hash_state *hash,
5813 and provide a hash callback
5826 This is the name the hash is known by and what find\_hash() will look for.
5829 This is the internal ID byte used to distinguish the hash from other hashes.
5835 The \textit{blocksize} variable indicates the length of input (in octets) that the hash processes in a given
5839 This is the universal ASN.1 Object Identifier for the hash.
5842 The init function initializes the hash and prepares it to process message bytes.
5845 This processes message bytes. The algorithm must accept any length of input that the hash would allow. The input is not
5849 The done function terminates the hash and returns the message digest.
