mirror of
https://github.com/SerenityOS/serenity.git
synced 2025-01-23 01:41:59 -05:00
LibCrypto: Add MGF1
This commit is contained in:
parent
7f7119c78d
commit
73a534494c
3 changed files with 120 additions and 1 deletions
|
@ -3,13 +3,14 @@ set(TEST_SOURCES
|
|||
TestASN1.cpp
|
||||
TestBigFraction.cpp
|
||||
TestBigInteger.cpp
|
||||
TestChecksum.cpp
|
||||
TestChaCha20.cpp
|
||||
TestChacha20Poly1305.cpp
|
||||
TestChecksum.cpp
|
||||
TestCurves.cpp
|
||||
TestEd25519.cpp
|
||||
TestHash.cpp
|
||||
TestHMAC.cpp
|
||||
TestMGF.cpp
|
||||
TestPBKDF2.cpp
|
||||
TestPoly1305.cpp
|
||||
TestRSA.cpp
|
||||
|
|
63
Tests/LibCrypto/TestMGF.cpp
Normal file
63
Tests/LibCrypto/TestMGF.cpp
Normal file
|
@ -0,0 +1,63 @@
|
|||
/*
|
||||
* Copyright (c) 2024, stelar7 <dudedbz@gmail.com>
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-2-Clause
|
||||
*/
|
||||
|
||||
#include <LibCrypto/Hash/MGF.h>
|
||||
#include <LibCrypto/Hash/SHA1.h>
|
||||
#include <LibCrypto/Hash/SHA2.h>
|
||||
#include <LibTest/TestCase.h>
|
||||
|
||||
static ByteBuffer operator""_b(char const* string, size_t length)
|
||||
{
|
||||
return ByteBuffer::copy(string, length).release_value();
|
||||
}
|
||||
|
||||
TEST_CASE(test_mgf1_short)
|
||||
{
|
||||
u8 expected_result[3] {
|
||||
0x1a, 0xc9, 0x07
|
||||
};
|
||||
auto expected = ReadonlyBytes { expected_result, 3 };
|
||||
|
||||
ByteBuffer seed = { "foo"_b };
|
||||
auto length = 3;
|
||||
ByteBuffer result = MUST(Crypto::Hash::MGF::mgf1<Crypto::Hash::SHA1>(seed, length));
|
||||
|
||||
EXPECT_EQ(expected, result);
|
||||
}
|
||||
|
||||
TEST_CASE(test_mgf1_long)
|
||||
{
|
||||
u8 expected_result[50] {
|
||||
0xbc, 0x0c, 0x65, 0x5e, 0x01, 0x6b, 0xc2, 0x93, 0x1d, 0x85, 0xa2, 0xe6, 0x75, 0x18, 0x1a, 0xdc,
|
||||
0xef, 0x7f, 0x58, 0x1f, 0x76, 0xdf, 0x27, 0x39, 0xda, 0x74, 0xfa, 0xac, 0x41, 0x62, 0x7b, 0xe2,
|
||||
0xf7, 0xf4, 0x15, 0xc8, 0x9e, 0x98, 0x3f, 0xd0, 0xce, 0x80, 0xce, 0xd9, 0x87, 0x86, 0x41, 0xcb,
|
||||
0x48, 0x76
|
||||
};
|
||||
auto expected = ReadonlyBytes { expected_result, 50 };
|
||||
|
||||
ByteBuffer seed = { "bar"_b };
|
||||
auto length = 50;
|
||||
ByteBuffer result = MUST(Crypto::Hash::MGF::mgf1<Crypto::Hash::SHA1>(seed, length));
|
||||
|
||||
EXPECT_EQ(expected, result);
|
||||
}
|
||||
|
||||
TEST_CASE(test_mgf1_long_sha256)
|
||||
{
|
||||
u8 expected_result[50] {
|
||||
0x38, 0x25, 0x76, 0xa7, 0x84, 0x10, 0x21, 0xcc, 0x28, 0xfc, 0x4c, 0x09, 0x48, 0x75, 0x3f, 0xb8,
|
||||
0x31, 0x20, 0x90, 0xce, 0xa9, 0x42, 0xea, 0x4c, 0x4e, 0x73, 0x5d, 0x10, 0xdc, 0x72, 0x4b, 0x15,
|
||||
0x5f, 0x9f, 0x60, 0x69, 0xf2, 0x89, 0xd6, 0x1d, 0xac, 0xa0, 0xcb, 0x81, 0x45, 0x02, 0xef, 0x04,
|
||||
0xea, 0xe1
|
||||
};
|
||||
auto expected = ReadonlyBytes { expected_result, 50 };
|
||||
|
||||
ByteBuffer seed = { "bar"_b };
|
||||
auto length = 50;
|
||||
ByteBuffer result = MUST(Crypto::Hash::MGF::mgf1<Crypto::Hash::SHA256>(seed, length));
|
||||
|
||||
EXPECT_EQ(expected, result);
|
||||
}
|
55
Userland/Libraries/LibCrypto/Hash/MGF.h
Normal file
55
Userland/Libraries/LibCrypto/Hash/MGF.h
Normal file
|
@ -0,0 +1,55 @@
|
|||
/*
|
||||
* Copyright (c) 2024, stelar7 <dudedbz@gmail.com>
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-2-Clause
|
||||
*/
|
||||
|
||||
#pragma once
|
||||
|
||||
#include <AK/ByteBuffer.h>
|
||||
#include <AK/ByteReader.h>
|
||||
#include <AK/Endian.h>
|
||||
|
||||
namespace Crypto::Hash {
|
||||
|
||||
class MGF {
|
||||
public:
|
||||
// https://datatracker.ietf.org/doc/html/rfc2437#section-10.2.1
|
||||
template<typename HashFunction>
|
||||
static ErrorOr<ByteBuffer> mgf1(ReadonlyBytes seed, size_t length)
|
||||
requires requires { HashFunction::digest_size(); }
|
||||
{
|
||||
HashFunction hash;
|
||||
|
||||
size_t h_len = hash.digest_size();
|
||||
|
||||
// 1. If length > 2^32(hLen), output "mask too long" and stop.
|
||||
if (length > (h_len << 32))
|
||||
return Error::from_string_view("mask too long"sv);
|
||||
|
||||
// 2. Let T be the empty octet string.
|
||||
auto t = TRY(ByteBuffer::create_uninitialized(0));
|
||||
|
||||
// 3. For counter from 0 to ceil(length / hLen) - 1, do the following:
|
||||
auto counter = 0u;
|
||||
auto iterations = AK::ceil_div(length, h_len) - 1;
|
||||
|
||||
auto c = TRY(ByteBuffer::create_uninitialized(4));
|
||||
for (; counter <= iterations; ++counter) {
|
||||
// a. Convert counter to an octet string C of length 4 with the primitive I2OSP: C = I2OSP(counter, 4)
|
||||
ByteReader::store(static_cast<u8*>(c.data()), AK::convert_between_host_and_big_endian(static_cast<u32>(counter)));
|
||||
|
||||
// b. Concatenate the hash of the seed Z and C to the octet string T: T = T || Hash (Z || C)
|
||||
hash.update(seed);
|
||||
hash.update(c);
|
||||
auto digest = hash.digest();
|
||||
|
||||
TRY(t.try_append(digest.bytes()));
|
||||
}
|
||||
|
||||
// 4. Output the leading l octets of T as the octet string mask.
|
||||
return t.slice(0, length);
|
||||
}
|
||||
};
|
||||
|
||||
}
|
Loading…
Reference in a new issue