pioduino/esp32-core
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

3.3.7

Browse Source
This commit is contained in:
Sergei Gusenkov
2026-05-22 21:52:50 +03:00
commit be7c60e4dd
1854 changed files with 583428 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
libraries/Hash/src/PBKDF2_HMACBuilder.cpp
+258
View File
@@ -0,0 +1,258 @@
// Copyright 2025 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include <Arduino.h>
#include "PBKDF2_HMACBuilder.h"
// Block size for HMAC (64 bytes for SHA-1, SHA-256, SHA-512)
#define HMAC_BLOCK_SIZE 64
PBKDF2_HMACBuilder::PBKDF2_HMACBuilder(HashBuilder *hash, String password, String salt, uint32_t iterations) {
this->hashBuilder = hash;
this->hashSize = hashBuilder->getHashSize();
this->iterations = iterations;
// Initialize pointers
this->password = nullptr;
this->salt = nullptr;
this->passwordLen = 0;
this->saltLen = 0;
this->derivedKey = nullptr;
this->derivedKeyLen = 0;
this->calculated = false;
if (password.length() > 0) {
setPassword(password);
}
if (salt.length() > 0) {
setSalt(salt);
}
}
PBKDF2_HMACBuilder::~PBKDF2_HMACBuilder() {
clearData();
}
void PBKDF2_HMACBuilder::clearData() {
if (derivedKey != nullptr) {
forced_memzero(derivedKey, derivedKeyLen);
delete[] derivedKey;
derivedKey = nullptr;
}
derivedKeyLen = 0;
calculated = false;
}
void PBKDF2_HMACBuilder::hmac(const uint8_t *key, size_t keyLen, const uint8_t *data, size_t dataLen, uint8_t *output) {
uint8_t keyPad[HMAC_BLOCK_SIZE];
uint8_t outerPad[HMAC_BLOCK_SIZE];
uint8_t innerHash[64]; // Large enough for any hash
// Prepare key
if (keyLen > HMAC_BLOCK_SIZE) {
// Key is longer than block size, hash it
hashBuilder->begin();
hashBuilder->add(key, keyLen);
hashBuilder->calculate();
hashBuilder->getBytes(keyPad);
keyLen = hashSize;
} else {
// Copy key to keyPad
memcpy(keyPad, key, keyLen);
}
// Pad key with zeros if necessary
if (keyLen < HMAC_BLOCK_SIZE) {
memset(keyPad + keyLen, 0, HMAC_BLOCK_SIZE - keyLen);
}
// Create outer and inner pads
for (int i = 0; i < HMAC_BLOCK_SIZE; i++) {
outerPad[i] = keyPad[i] ^ 0x5c;
keyPad[i] = keyPad[i] ^ 0x36;
}
// Inner hash: H(K XOR ipad, text)
hashBuilder->begin();
hashBuilder->add(keyPad, HMAC_BLOCK_SIZE);
hashBuilder->add(data, dataLen);
hashBuilder->calculate();
hashBuilder->getBytes(innerHash);
// Outer hash: H(K XOR opad, inner_hash)
hashBuilder->begin();
hashBuilder->add(outerPad, HMAC_BLOCK_SIZE);
hashBuilder->add(innerHash, hashSize);
hashBuilder->calculate();
hashBuilder->getBytes(output);
}
// HashBuilder interface methods
void PBKDF2_HMACBuilder::begin() {
clearData();
}
void PBKDF2_HMACBuilder::add(const uint8_t *data, size_t len) {
log_w("PBKDF2_HMACBuilder::add sets only the password. Use setPassword() and setSalt() instead.");
setPassword(data, len);
}
bool PBKDF2_HMACBuilder::addStream(Stream &stream, const size_t maxLen) {
log_e("PBKDF2_HMACBuilder does not support addStream. Use setPassword() and setSalt() instead.");
(void)stream;
(void)maxLen;
return false;
}
void PBKDF2_HMACBuilder::calculate() {
if (password == nullptr || salt == nullptr) {
log_e("Error: Password or salt not set.");
return;
}
// Set default output size to hash size if not specified
if (derivedKeyLen == 0) {
derivedKeyLen = hashSize;
}
// Allocate output buffer
if (derivedKey != nullptr) {
forced_memzero(derivedKey, derivedKeyLen);
delete[] derivedKey;
}
derivedKey = new uint8_t[derivedKeyLen];
// Perform PBKDF2-HMAC
pbkdf2_hmac(password, passwordLen, salt, saltLen, iterations, derivedKey, derivedKeyLen);
calculated = true;
}
void PBKDF2_HMACBuilder::getBytes(uint8_t *output) {
if (!calculated || derivedKey == nullptr) {
log_e("Error: PBKDF2-HMAC not calculated or no output buffer provided.");
return;
}
memcpy(output, derivedKey, derivedKeyLen);
}
void PBKDF2_HMACBuilder::getChars(char *output) {
if (!calculated || derivedKey == nullptr) {
log_e("Error: PBKDF2-HMAC not calculated or no output buffer provided.");
return;
}
bytes2hex(output, derivedKeyLen * 2 + 1, derivedKey, derivedKeyLen);
}
String PBKDF2_HMACBuilder::toString() {
if (!calculated || derivedKey == nullptr) {
log_e("Error: PBKDF2-HMAC not calculated or no output buffer provided.");
return "";
}
char out[(derivedKeyLen * 2) + 1];
getChars(out);
return String(out);
}
// PBKDF2 specific methods
void PBKDF2_HMACBuilder::setPassword(const uint8_t *password, size_t len) {
if (this->password != nullptr) {
forced_memzero(this->password, len);
delete[] this->password;
}
this->password = new uint8_t[len];
memcpy(this->password, password, len);
this->passwordLen = len;
calculated = false;
}
void PBKDF2_HMACBuilder::setPassword(const char *password) {
setPassword((const uint8_t *)password, strlen(password));
}
void PBKDF2_HMACBuilder::setPassword(String password) {
setPassword((const uint8_t *)password.c_str(), password.length());
}
void PBKDF2_HMACBuilder::setSalt(const uint8_t *salt, size_t len) {
if (this->salt != nullptr) {
forced_memzero(this->salt, len);
delete[] this->salt;
}
this->salt = new uint8_t[len];
memcpy(this->salt, salt, len);
this->saltLen = len;
calculated = false;
}
void PBKDF2_HMACBuilder::setSalt(const char *salt) {
setSalt((const uint8_t *)salt, strlen(salt));
}
void PBKDF2_HMACBuilder::setSalt(String salt) {
setSalt((const uint8_t *)salt.c_str(), salt.length());
}
void PBKDF2_HMACBuilder::setIterations(uint32_t iterations) {
this->iterations = iterations;
}
void PBKDF2_HMACBuilder::setHashAlgorithm(HashBuilder *hash) {
// Set the hash algorithm to use for the HMAC
// Note: We don't delete hashBuilder here as it might be owned by the caller
// The caller is responsible for managing the hashBuilder lifetime
hashBuilder = hash;
hashSize = hashBuilder->getHashSize();
}
void PBKDF2_HMACBuilder::pbkdf2_hmac(
const uint8_t *password, size_t passwordLen, const uint8_t *salt, size_t saltLen, uint32_t iterations, uint8_t *output, size_t outputLen
) {
uint8_t u1[64]; // Large enough for any hash
uint8_t u2[64];
uint8_t saltWithBlock[256]; // Salt + block number
uint8_t block[64];
size_t blocks = (outputLen + hashSize - 1) / hashSize;
for (size_t i = 1; i <= blocks; i++) {
// Prepare salt || INT(i)
memcpy(saltWithBlock, salt, saltLen);
saltWithBlock[saltLen] = (i >> 24) & 0xFF;
saltWithBlock[saltLen + 1] = (i >> 16) & 0xFF;
saltWithBlock[saltLen + 2] = (i >> 8) & 0xFF;
saltWithBlock[saltLen + 3] = i & 0xFF;
// U1 = HMAC(password, salt || INT(i))
hmac(password, passwordLen, saltWithBlock, saltLen + 4, u1);
memcpy(block, u1, hashSize);
// U2 = HMAC(password, U1)
for (uint32_t j = 1; j < iterations; j++) {
hmac(password, passwordLen, u1, hashSize, u2);
memcpy(u1, u2, hashSize);
// XOR with previous result
for (size_t k = 0; k < hashSize; k++) {
block[k] ^= u1[k];
}
}
// Copy block to output
size_t copyLen = (i == blocks) ? (outputLen - (i - 1) * hashSize) : hashSize;
memcpy(output + (i - 1) * hashSize, block, copyLen);
}
}
libraries/Hash/src/PBKDF2_HMACBuilder.h
+73
View File
@@ -0,0 +1,73 @@
// Copyright 2025 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef PBKDF2_HMACBuilder_h
#define PBKDF2_HMACBuilder_h
#include <WString.h>
#include <Stream.h>
#include "HashBuilder.h"
class PBKDF2_HMACBuilder : public HashBuilder {
private:
HashBuilder *hashBuilder;
size_t hashSize;
uint32_t iterations;
// Password and salt storage
uint8_t *password;
size_t passwordLen;
uint8_t *salt;
size_t saltLen;
// Output storage
uint8_t *derivedKey;
size_t derivedKeyLen;
bool calculated;
void hmac(const uint8_t *key, size_t keyLen, const uint8_t *data, size_t dataLen, uint8_t *output);
void pbkdf2_hmac(const uint8_t *password, size_t passwordLen, const uint8_t *salt, size_t saltLen, uint32_t iterations, uint8_t *output, size_t outputLen);
void clearData();
public:
using HashBuilder::add;
// Constructor takes a hash builder instance
PBKDF2_HMACBuilder(HashBuilder *hash, String password = "", String salt = "", uint32_t iterations = 10000);
~PBKDF2_HMACBuilder();
// Standard HashBuilder interface
void begin() override;
void add(const uint8_t *data, size_t len) override;
bool addStream(Stream &stream, const size_t maxLen) override;
void calculate() override;
void getBytes(uint8_t *output) override;
void getChars(char *output) override;
String toString() override;
size_t getHashSize() const override {
return derivedKeyLen;
}
// PBKDF2 specific methods
void setPassword(const uint8_t *password, size_t len);
void setPassword(const char *password);
void setPassword(String password);
void setSalt(const uint8_t *salt, size_t len);
void setSalt(const char *salt);
void setSalt(String salt);
void setIterations(uint32_t iterations);
void setHashAlgorithm(HashBuilder *hash);
};
#endif
libraries/Hash/src/SHA1Builder.cpp
+336
View File
@@ -0,0 +1,336 @@
// Copyright 2024 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// Based on mbed TLS (https://tls.mbed.org)
#include <Arduino.h>
#include "SHA1Builder.h"
// 32-bit integer manipulation macros (big endian)
#ifndef GET_UINT32_BE
#define GET_UINT32_BE(n, b, i) \
{ (n) = ((uint32_t)(b)[(i)] << 24) | ((uint32_t)(b)[(i) + 1] << 16) | ((uint32_t)(b)[(i) + 2] << 8) | ((uint32_t)(b)[(i) + 3]); }
#endif
#ifndef PUT_UINT32_BE
#define PUT_UINT32_BE(n, b, i) \
{ \
(b)[(i)] = (uint8_t)((n) >> 24); \
(b)[(i) + 1] = (uint8_t)((n) >> 16); \
(b)[(i) + 2] = (uint8_t)((n) >> 8); \
(b)[(i) + 3] = (uint8_t)((n)); \
}
#endif
// Constants
static const uint8_t sha1_padding[64] = {0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
// Private methods
void SHA1Builder::process(const uint8_t *data) {
uint32_t temp, W[16], A, B, C, D, E;
GET_UINT32_BE(W[0], data, 0);
GET_UINT32_BE(W[1], data, 4);
GET_UINT32_BE(W[2], data, 8);
GET_UINT32_BE(W[3], data, 12);
GET_UINT32_BE(W[4], data, 16);
GET_UINT32_BE(W[5], data, 20);
GET_UINT32_BE(W[6], data, 24);
GET_UINT32_BE(W[7], data, 28);
GET_UINT32_BE(W[8], data, 32);
GET_UINT32_BE(W[9], data, 36);
GET_UINT32_BE(W[10], data, 40);
GET_UINT32_BE(W[11], data, 44);
GET_UINT32_BE(W[12], data, 48);
GET_UINT32_BE(W[13], data, 52);
GET_UINT32_BE(W[14], data, 56);
GET_UINT32_BE(W[15], data, 60);
#define sha1_S(x, n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
#define sha1_R(t) (temp = W[(t - 3) & 0x0F] ^ W[(t - 8) & 0x0F] ^ W[(t - 14) & 0x0F] ^ W[t & 0x0F], (W[t & 0x0F] = sha1_S(temp, 1)))
#define sha1_P(a, b, c, d, e, x) \
{ \
e += sha1_S(a, 5) + sha1_F(b, c, d) + sha1_K + x; \
b = sha1_S(b, 30); \
}
A = state[0];
B = state[1];
C = state[2];
D = state[3];
E = state[4];
#define sha1_F(x, y, z) (z ^ (x & (y ^ z)))
#define sha1_K 0x5A827999
sha1_P(A, B, C, D, E, W[0]);
sha1_P(E, A, B, C, D, W[1]);
sha1_P(D, E, A, B, C, W[2]);
sha1_P(C, D, E, A, B, W[3]);
sha1_P(B, C, D, E, A, W[4]);
sha1_P(A, B, C, D, E, W[5]);
sha1_P(E, A, B, C, D, W[6]);
sha1_P(D, E, A, B, C, W[7]);
sha1_P(C, D, E, A, B, W[8]);
sha1_P(B, C, D, E, A, W[9]);
sha1_P(A, B, C, D, E, W[10]);
sha1_P(E, A, B, C, D, W[11]);
sha1_P(D, E, A, B, C, W[12]);
sha1_P(C, D, E, A, B, W[13]);
sha1_P(B, C, D, E, A, W[14]);
sha1_P(A, B, C, D, E, W[15]);
sha1_P(E, A, B, C, D, sha1_R(16));
sha1_P(D, E, A, B, C, sha1_R(17));
sha1_P(C, D, E, A, B, sha1_R(18));
sha1_P(B, C, D, E, A, sha1_R(19));
#undef sha1_K
#undef sha1_F
#define sha1_F(x, y, z) (x ^ y ^ z)
#define sha1_K 0x6ED9EBA1
sha1_P(A, B, C, D, E, sha1_R(20));
sha1_P(E, A, B, C, D, sha1_R(21));
sha1_P(D, E, A, B, C, sha1_R(22));
sha1_P(C, D, E, A, B, sha1_R(23));
sha1_P(B, C, D, E, A, sha1_R(24));
sha1_P(A, B, C, D, E, sha1_R(25));
sha1_P(E, A, B, C, D, sha1_R(26));
sha1_P(D, E, A, B, C, sha1_R(27));
sha1_P(C, D, E, A, B, sha1_R(28));
sha1_P(B, C, D, E, A, sha1_R(29));
sha1_P(A, B, C, D, E, sha1_R(30));
sha1_P(E, A, B, C, D, sha1_R(31));
sha1_P(D, E, A, B, C, sha1_R(32));
sha1_P(C, D, E, A, B, sha1_R(33));
sha1_P(B, C, D, E, A, sha1_R(34));
sha1_P(A, B, C, D, E, sha1_R(35));
sha1_P(E, A, B, C, D, sha1_R(36));
sha1_P(D, E, A, B, C, sha1_R(37));
sha1_P(C, D, E, A, B, sha1_R(38));
sha1_P(B, C, D, E, A, sha1_R(39));
#undef sha1_K
#undef sha1_F
#define sha1_F(x, y, z) ((x & y) | (z & (x | y)))
#define sha1_K 0x8F1BBCDC
sha1_P(A, B, C, D, E, sha1_R(40));
sha1_P(E, A, B, C, D, sha1_R(41));
sha1_P(D, E, A, B, C, sha1_R(42));
sha1_P(C, D, E, A, B, sha1_R(43));
sha1_P(B, C, D, E, A, sha1_R(44));
sha1_P(A, B, C, D, E, sha1_R(45));
sha1_P(E, A, B, C, D, sha1_R(46));
sha1_P(D, E, A, B, C, sha1_R(47));
sha1_P(C, D, E, A, B, sha1_R(48));
sha1_P(B, C, D, E, A, sha1_R(49));
sha1_P(A, B, C, D, E, sha1_R(50));
sha1_P(E, A, B, C, D, sha1_R(51));
sha1_P(D, E, A, B, C, sha1_R(52));
sha1_P(C, D, E, A, B, sha1_R(53));
sha1_P(B, C, D, E, A, sha1_R(54));
sha1_P(A, B, C, D, E, sha1_R(55));
sha1_P(E, A, B, C, D, sha1_R(56));
sha1_P(D, E, A, B, C, sha1_R(57));
sha1_P(C, D, E, A, B, sha1_R(58));
sha1_P(B, C, D, E, A, sha1_R(59));
#undef sha1_K
#undef sha1_F
#define sha1_F(x, y, z) (x ^ y ^ z)
#define sha1_K 0xCA62C1D6
sha1_P(A, B, C, D, E, sha1_R(60));
sha1_P(E, A, B, C, D, sha1_R(61));
sha1_P(D, E, A, B, C, sha1_R(62));
sha1_P(C, D, E, A, B, sha1_R(63));
sha1_P(B, C, D, E, A, sha1_R(64));
sha1_P(A, B, C, D, E, sha1_R(65));
sha1_P(E, A, B, C, D, sha1_R(66));
sha1_P(D, E, A, B, C, sha1_R(67));
sha1_P(C, D, E, A, B, sha1_R(68));
sha1_P(B, C, D, E, A, sha1_R(69));
sha1_P(A, B, C, D, E, sha1_R(70));
sha1_P(E, A, B, C, D, sha1_R(71));
sha1_P(D, E, A, B, C, sha1_R(72));
sha1_P(C, D, E, A, B, sha1_R(73));
sha1_P(B, C, D, E, A, sha1_R(74));
sha1_P(A, B, C, D, E, sha1_R(75));
sha1_P(E, A, B, C, D, sha1_R(76));
sha1_P(D, E, A, B, C, sha1_R(77));
sha1_P(C, D, E, A, B, sha1_R(78));
sha1_P(B, C, D, E, A, sha1_R(79));
#undef sha1_K
#undef sha1_F
state[0] += A;
state[1] += B;
state[2] += C;
state[3] += D;
state[4] += E;
}
// Public methods
void SHA1Builder::begin(void) {
finalized = false;
total[0] = 0;
total[1] = 0;
state[0] = 0x67452301;
state[1] = 0xEFCDAB89;
state[2] = 0x98BADCFE;
state[3] = 0x10325476;
state[4] = 0xC3D2E1F0;
memset(buffer, 0x00, sizeof(buffer));
memset(hash, 0x00, sizeof(hash));
}
void SHA1Builder::add(const uint8_t *data, size_t len) {
size_t fill;
uint32_t left;
if (finalized || len == 0) {
return;
}
left = total[0] & 0x3F;
fill = 64 - left;
total[0] += (uint32_t)len;
total[0] &= 0xFFFFFFFF;
if (total[0] < (uint32_t)len) {
total[1]++;
}
if (left && len >= fill) {
memcpy((void *)(buffer + left), data, fill);
process(buffer);
data += fill;
len -= fill;
left = 0;
}
while (len >= 64) {
process(data);
data += 64;
len -= 64;
}
if (len > 0) {
memcpy((void *)(buffer + left), data, len);
}
}
bool SHA1Builder::addStream(Stream &stream, const size_t maxLen) {
const int buf_size = 512;
int maxLengthLeft = maxLen;
uint8_t *buf = (uint8_t *)malloc(buf_size);
if (!buf) {
return false;
}
int bytesAvailable = stream.available();
while ((bytesAvailable > 0) && (maxLengthLeft > 0)) {
// determine number of bytes to read
int readBytes = bytesAvailable;
if (readBytes > maxLengthLeft) {
readBytes = maxLengthLeft; // read only until max_len
}
if (readBytes > buf_size) {
readBytes = buf_size; // not read more the buffer can handle
}
// read data and check if we got something
int numBytesRead = stream.readBytes(buf, readBytes);
if (numBytesRead < 1) {
free(buf);
return false;
}
// Update SHA1 with buffer payload
add(buf, numBytesRead);
// update available number of bytes
maxLengthLeft -= numBytesRead;
bytesAvailable = stream.available();
}
free(buf);
return true;
}
void SHA1Builder::calculate(void) {
uint32_t last, padn;
uint32_t high, low;
uint8_t msglen[8];
if (finalized) {
return;
}
high = (total[0] >> 29) | (total[1] << 3);
low = (total[0] << 3);
PUT_UINT32_BE(high, msglen, 0);
PUT_UINT32_BE(low, msglen, 4);
last = total[0] & 0x3F;
padn = (last < 56) ? (56 - last) : (120 - last);
add((uint8_t *)sha1_padding, padn);
add(msglen, 8);
PUT_UINT32_BE(state[0], hash, 0);
PUT_UINT32_BE(state[1], hash, 4);
PUT_UINT32_BE(state[2], hash, 8);
PUT_UINT32_BE(state[3], hash, 12);
PUT_UINT32_BE(state[4], hash, 16);
finalized = true;
}
void SHA1Builder::getBytes(uint8_t *output) {
memcpy(output, hash, SHA1_HASH_SIZE);
}
void SHA1Builder::getChars(char *output) {
if (!finalized || output == nullptr) {
log_e("Error: SHA1 not calculated or no output buffer provided.");
return;
}
bytes2hex(output, SHA1_HASH_SIZE * 2 + 1, hash, SHA1_HASH_SIZE);
}
String SHA1Builder::toString(void) {
char out[(SHA1_HASH_SIZE * 2) + 1];
getChars(out);
return String(out);
}
libraries/Hash/src/SHA1Builder.h
+51
View File
@@ -0,0 +1,51 @@
// Copyright 2024 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef SHA1Builder_h
#define SHA1Builder_h
#include <WString.h>
#include <Stream.h>
#include "HashBuilder.h"
#define SHA1_HASH_SIZE 20
class SHA1Builder : public HashBuilder {
private:
uint32_t total[2]; /* number of bytes processed */
uint32_t state[5]; /* intermediate digest state */
unsigned char buffer[64]; /* data block being processed */
uint8_t hash[SHA1_HASH_SIZE]; /* SHA-1 result */
bool finalized; /* Whether hash has been finalized */
void process(const uint8_t *data);
public:
using HashBuilder::add;
SHA1Builder() : finalized(false) {}
void begin() override;
void add(const uint8_t *data, size_t len) override;
bool addStream(Stream &stream, const size_t maxLen) override;
void calculate() override;
void getBytes(uint8_t *output) override;
void getChars(char *output) override;
String toString() override;
size_t getHashSize() const override {
return SHA1_HASH_SIZE;
}
};
#endif
libraries/Hash/src/SHA2Builder.cpp
+421
View File
@@ -0,0 +1,421 @@
// Copyright 2025 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include <algorithm>
#include <string.h>
#include "esp32-hal-log.h"
#include "SHA2Builder.h"
// SHA-256 constants
static const uint32_t sha256_k[64] = {0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01,
0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147,
0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, 0x19a4c116, 0x1e376c08,
0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2};
// SHA-512 constants
static const uint64_t sha512_k[80] = {0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL,
0x59f111f1b605d019ULL, 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL, 0x12835b0145706fbeULL,
0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL,
0xc19bf174cf692694ULL, 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL,
0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, 0x983e5152ee66dfabULL,
0xa831c66d2db43210ULL, 0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL, 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL,
0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, 0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL,
0x53380d139d95b3dfULL, 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL, 0x92722c851482353bULL,
0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, 0xd192e819d6ef5218ULL,
0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL,
0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL, 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, 0x5b9cca4f7763e373ULL,
0x682e6ff3d6b2b8a3ULL, 0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL,
0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL, 0xca273eceea26619cULL,
0xd186b8c721c0c207ULL, 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, 0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL,
0x113f9804bef90daeULL, 0x1b710b35131c471bULL, 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL,
0x431d67c49c100d4cULL, 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL};
// Macros for bit manipulation
#define ROTR32(x, n) (((x) >> (n)) | ((x) << (32 - (n))))
#define ROTR64(x, n) (((x) >> (n)) | ((x) << (64 - (n))))
#define CH32(x, y, z) (((x) & (y)) ^ (~(x) & (z)))
#define CH64(x, y, z) (((x) & (y)) ^ (~(x) & (z)))
#define MAJ32(x, y, z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
#define MAJ64(x, y, z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
#define EP0_32(x) (ROTR32(x, 2) ^ ROTR32(x, 13) ^ ROTR32(x, 22))
#define EP0_64(x) (ROTR64(x, 28) ^ ROTR64(x, 34) ^ ROTR64(x, 39))
#define EP1_32(x) (ROTR32(x, 6) ^ ROTR32(x, 11) ^ ROTR32(x, 25))
#define EP1_64(x) (ROTR64(x, 14) ^ ROTR64(x, 18) ^ ROTR64(x, 41))
#define SIG0_32(x) (ROTR32(x, 7) ^ ROTR32(x, 18) ^ ((x) >> 3))
#define SIG0_64(x) (ROTR64(x, 1) ^ ROTR64(x, 8) ^ ((x) >> 7))
#define SIG1_32(x) (ROTR32(x, 17) ^ ROTR32(x, 19) ^ ((x) >> 10))
#define SIG1_64(x) (ROTR64(x, 19) ^ ROTR64(x, 61) ^ ((x) >> 6))
// Byte order conversion
#define BYTESWAP32(x) ((((x) & 0xFF000000) >> 24) | (((x) & 0x00FF0000) >> 8) | (((x) & 0x0000FF00) << 8) | (((x) & 0x000000FF) << 24))
#define BYTESWAP64(x) (((uint64_t)BYTESWAP32((uint32_t)((x) >> 32))) | (((uint64_t)BYTESWAP32((uint32_t)(x))) << 32))
// Constructor
SHA2Builder::SHA2Builder(size_t hash_size) : hash_size(hash_size), buffer_size(0), finalized(false), total_length(0) {
// Determine block size and algorithm family
if (hash_size == SHA2_224_HASH_SIZE || hash_size == SHA2_256_HASH_SIZE) {
block_size = SHA2_256_BLOCK_SIZE;
is_sha512 = false;
} else if (hash_size == SHA2_384_HASH_SIZE || hash_size == SHA2_512_HASH_SIZE) {
block_size = SHA2_512_BLOCK_SIZE;
is_sha512 = true;
} else {
log_e("Invalid hash size: %d", hash_size);
block_size = 0;
is_sha512 = false;
}
}
// Initialize the hash computation
void SHA2Builder::begin() {
// Clear the state and buffer
memset(state_32, 0, sizeof(state_32));
memset(state_64, 0, sizeof(state_64));
memset(buffer, 0, sizeof(buffer));
buffer_size = 0;
finalized = false;
total_length = 0;
// Initialize state based on algorithm
if (!is_sha512) {
// SHA-224/256 initial values
if (hash_size == SHA2_224_HASH_SIZE) {
// SHA-224 initial values
state_32[0] = 0xc1059ed8;
state_32[1] = 0x367cd507;
state_32[2] = 0x3070dd17;
state_32[3] = 0xf70e5939;
state_32[4] = 0xffc00b31;
state_32[5] = 0x68581511;
state_32[6] = 0x64f98fa7;
state_32[7] = 0xbefa4fa4;
} else {
// SHA-256 initial values
state_32[0] = 0x6a09e667;
state_32[1] = 0xbb67ae85;
state_32[2] = 0x3c6ef372;
state_32[3] = 0xa54ff53a;
state_32[4] = 0x510e527f;
state_32[5] = 0x9b05688c;
state_32[6] = 0x1f83d9ab;
state_32[7] = 0x5be0cd19;
}
} else {
// SHA-384/512 initial values
if (hash_size == SHA2_384_HASH_SIZE) {
// SHA-384 initial values
state_64[0] = 0xcbbb9d5dc1059ed8ULL;
state_64[1] = 0x629a292a367cd507ULL;
state_64[2] = 0x9159015a3070dd17ULL;
state_64[3] = 0x152fecd8f70e5939ULL;
state_64[4] = 0x67332667ffc00b31ULL;
state_64[5] = 0x8eb44a8768581511ULL;
state_64[6] = 0xdb0c2e0d64f98fa7ULL;
state_64[7] = 0x47b5481dbefa4fa4ULL;
} else {
// SHA-512 initial values
state_64[0] = 0x6a09e667f3bcc908ULL;
state_64[1] = 0xbb67ae8584caa73bULL;
state_64[2] = 0x3c6ef372fe94f82bULL;
state_64[3] = 0xa54ff53a5f1d36f1ULL;
state_64[4] = 0x510e527fade682d1ULL;
state_64[5] = 0x9b05688c2b3e6c1fULL;
state_64[6] = 0x1f83d9abfb41bd6bULL;
state_64[7] = 0x5be0cd19137e2179ULL;
}
}
}
// Process a block for SHA-256
void SHA2Builder::process_block_sha256(const uint8_t *data) {
uint32_t w[64];
uint32_t a, b, c, d, e, f, g, h;
uint32_t t1, t2;
// Prepare message schedule
for (int i = 0; i < 16; i++) {
w[i] = BYTESWAP32(((uint32_t *)data)[i]);
}
for (int i = 16; i < 64; i++) {
w[i] = SIG1_32(w[i - 2]) + w[i - 7] + SIG0_32(w[i - 15]) + w[i - 16];
}
// Initialize working variables
a = state_32[0];
b = state_32[1];
c = state_32[2];
d = state_32[3];
e = state_32[4];
f = state_32[5];
g = state_32[6];
h = state_32[7];
// Main loop
for (int i = 0; i < 64; i++) {
t1 = h + EP1_32(e) + CH32(e, f, g) + sha256_k[i] + w[i];
t2 = EP0_32(a) + MAJ32(a, b, c);
h = g;
g = f;
f = e;
e = d + t1;
d = c;
c = b;
b = a;
a = t1 + t2;
}
// Add the compressed chunk to the current hash value
state_32[0] += a;
state_32[1] += b;
state_32[2] += c;
state_32[3] += d;
state_32[4] += e;
state_32[5] += f;
state_32[6] += g;
state_32[7] += h;
}
// Process a block for SHA-512
void SHA2Builder::process_block_sha512(const uint8_t *data) {
uint64_t w[80];
uint64_t a, b, c, d, e, f, g, h;
uint64_t t1, t2;
// Prepare message schedule
for (int i = 0; i < 16; i++) {
w[i] = BYTESWAP64(((uint64_t *)data)[i]);
}
for (int i = 16; i < 80; i++) {
w[i] = SIG1_64(w[i - 2]) + w[i - 7] + SIG0_64(w[i - 15]) + w[i - 16];
}
// Initialize working variables
a = state_64[0];
b = state_64[1];
c = state_64[2];
d = state_64[3];
e = state_64[4];
f = state_64[5];
g = state_64[6];
h = state_64[7];
// Main loop
for (int i = 0; i < 80; i++) {
t1 = h + EP1_64(e) + CH64(e, f, g) + sha512_k[i] + w[i];
t2 = EP0_64(a) + MAJ64(a, b, c);
h = g;
g = f;
f = e;
e = d + t1;
d = c;
c = b;
b = a;
a = t1 + t2;
}
// Add the compressed chunk to the current hash value
state_64[0] += a;
state_64[1] += b;
state_64[2] += c;
state_64[3] += d;
state_64[4] += e;
state_64[5] += f;
state_64[6] += g;
state_64[7] += h;
}
// Add data to the hash computation
void SHA2Builder::add(const uint8_t *data, size_t len) {
if (finalized || len == 0) {
return;
}
total_length += len;
size_t offset = 0;
// Process any buffered data first
if (buffer_size > 0) {
size_t to_copy = std::min(len, block_size - buffer_size);
memcpy(buffer + buffer_size, data, to_copy);
buffer_size += to_copy;
offset += to_copy;
if (buffer_size == block_size) {
if (is_sha512) {
process_block_sha512(buffer);
} else {
process_block_sha256(buffer);
}
buffer_size = 0;
}
}
// Process full blocks
while (offset + block_size <= len) {
if (is_sha512) {
process_block_sha512(data + offset);
} else {
process_block_sha256(data + offset);
}
offset += block_size;
}
// Buffer remaining data
if (offset < len) {
memcpy(buffer, data + offset, len - offset);
buffer_size = len - offset;
}
}
// Add data from a stream
bool SHA2Builder::addStream(Stream &stream, const size_t maxLen) {
const int buf_size = 512;
int maxLengthLeft = maxLen;
uint8_t *buf = (uint8_t *)malloc(buf_size);
if (!buf) {
return false;
}
int bytesAvailable = stream.available();
while ((bytesAvailable > 0) && (maxLengthLeft > 0)) {
// Determine number of bytes to read
int readBytes = bytesAvailable;
if (readBytes > maxLengthLeft) {
readBytes = maxLengthLeft;
}
if (readBytes > buf_size) {
readBytes = buf_size;
}
// Read data and check if we got something
int numBytesRead = stream.readBytes(buf, readBytes);
if (numBytesRead < 1) {
free(buf);
return false;
}
// Update SHA2 with buffer payload
add(buf, numBytesRead);
// Update available number of bytes
maxLengthLeft -= numBytesRead;
bytesAvailable = stream.available();
}
free(buf);
return true;
}
// Pad the input according to SHA2 specification
void SHA2Builder::pad() {
// Calculate the number of bytes we have
uint64_t bit_length = total_length * 8;
// Add the bit '1' to the message
buffer[buffer_size++] = 0x80;
// Pad with zeros until we have enough space for the length
while (buffer_size + 8 > block_size) {
if (buffer_size < block_size) {
buffer[buffer_size++] = 0x00;
} else {
// Process the block
if (is_sha512) {
process_block_sha512(buffer);
} else {
process_block_sha256(buffer);
}
buffer_size = 0;
}
}
// Pad with zeros to make room for the length
while (buffer_size + 8 < block_size) {
buffer[buffer_size++] = 0x00;
}
// Add the length in bits
if (is_sha512) {
// For SHA-512, length is 128 bits (16 bytes)
// We only use the lower 64 bits for now
for (int i = 0; i < 8; i++) {
buffer[block_size - 8 + i] = (uint8_t)(bit_length >> (56 - i * 8));
}
// Set the upper 64 bits to 0 (for SHA-384/512, length is limited to 2^128-1)
for (int i = 0; i < 8; i++) {
buffer[block_size - 16 + i] = 0x00;
}
} else {
// For SHA-256, length is 64 bits (8 bytes)
for (int i = 0; i < 8; i++) {
buffer[block_size - 8 + i] = (uint8_t)(bit_length >> (56 - i * 8));
}
}
}
// Finalize the hash computation
void SHA2Builder::calculate() {
if (finalized) {
return;
}
// Pad the input
pad();
// Process the final block
if (is_sha512) {
process_block_sha512(buffer);
} else {
process_block_sha256(buffer);
}
// Extract bytes from the state
if (is_sha512) {
for (size_t i = 0; i < hash_size; i++) {
hash[i] = (uint8_t)(state_64[i >> 3] >> (56 - ((i & 0x7) << 3)));
}
} else {
for (size_t i = 0; i < hash_size; i++) {
hash[i] = (uint8_t)(state_32[i >> 2] >> (24 - ((i & 0x3) << 3)));
}
}
finalized = true;
}
// Get the hash as bytes
void SHA2Builder::getBytes(uint8_t *output) {
memcpy(output, hash, hash_size);
}
// Get the hash as hex string
void SHA2Builder::getChars(char *output) {
if (!finalized || output == nullptr) {
log_e("Error: SHA2 not calculated or no output buffer provided.");
return;
}
bytes2hex(output, hash_size * 2 + 1, hash, hash_size);
}
// Get the hash as String
String SHA2Builder::toString() {
char out[(hash_size * 2) + 1];
getChars(out);
return String(out);
}
libraries/Hash/src/SHA2Builder.h
+96
View File
@@ -0,0 +1,96 @@
// Copyright 2025 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef SHA2Builder_h
#define SHA2Builder_h
#include <WString.h>
#include <Stream.h>
#include "HashBuilder.h"
// SHA2 constants
#define SHA2_224_HASH_SIZE 28
#define SHA2_256_HASH_SIZE 32
#define SHA2_384_HASH_SIZE 48
#define SHA2_512_HASH_SIZE 64
#define SHA2_224_BLOCK_SIZE 64
#define SHA2_256_BLOCK_SIZE 64
#define SHA2_384_BLOCK_SIZE 128
#define SHA2_512_BLOCK_SIZE 128
// SHA2 state sizes (in 32-bit words for SHA-224/256, 64-bit words for SHA-384/512)
#define SHA2_224_STATE_SIZE 8
#define SHA2_256_STATE_SIZE 8
#define SHA2_384_STATE_SIZE 8
#define SHA2_512_STATE_SIZE 8
class SHA2Builder : public HashBuilder {
protected:
uint32_t state_32[8]; // SHA-224/256 state (256 bits)
uint64_t state_64[8]; // SHA-384/512 state (512 bits)
uint8_t buffer[128]; // Input buffer (max block size)
size_t block_size; // Block size
size_t hash_size; // Output hash size
size_t buffer_size; // Current buffer size
bool finalized; // Whether hash has been finalized
bool is_sha512; // Whether using SHA-512 family
uint8_t hash[64]; // Hash result
uint64_t total_length; // Total length of input data
void process_block_sha256(const uint8_t *data);
void process_block_sha512(const uint8_t *data);
void pad();
public:
using HashBuilder::add;
SHA2Builder(size_t hash_size = SHA2_256_HASH_SIZE);
virtual ~SHA2Builder() {}
void begin() override;
void add(const uint8_t *data, size_t len) override;
bool addStream(Stream &stream, const size_t maxLen) override;
void calculate() override;
void getBytes(uint8_t *output) override;
void getChars(char *output) override;
String toString() override;
size_t getHashSize() const override {
return hash_size;
}
};
class SHA224Builder : public SHA2Builder {
public:
SHA224Builder() : SHA2Builder(SHA2_224_HASH_SIZE) {}
};
class SHA256Builder : public SHA2Builder {
public:
SHA256Builder() : SHA2Builder(SHA2_256_HASH_SIZE) {}
};
class SHA384Builder : public SHA2Builder {
public:
SHA384Builder() : SHA2Builder(SHA2_384_HASH_SIZE) {}
};
class SHA512Builder : public SHA2Builder {
public:
SHA512Builder() : SHA2Builder(SHA2_512_HASH_SIZE) {}
};
#endif
libraries/Hash/src/SHA3Builder.cpp
+267
View File
@@ -0,0 +1,267 @@
// Copyright 2025 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include <algorithm>
#include "esp32-hal-log.h"
#include "SHA3Builder.h"
// Keccak round constants
static const uint64_t keccak_round_constants[24] = {0x0000000000000001ULL, 0x0000000000008082ULL, 0x800000000000808AULL, 0x8000000080008000ULL,
0x000000000000808BULL, 0x0000000080000001ULL, 0x8000000080008081ULL, 0x8000000000008009ULL,
0x000000000000008AULL, 0x0000000000000088ULL, 0x0000000080008009ULL, 0x000000008000000AULL,
0x000000008000808BULL, 0x800000000000008BULL, 0x8000000000008089ULL, 0x8000000000008003ULL,
0x8000000000008002ULL, 0x8000000000000080ULL, 0x000000000000800AULL, 0x800000008000000AULL,
0x8000000080008081ULL, 0x8000000000008080ULL, 0x0000000080000001ULL, 0x8000000080008008ULL};
// Rho rotation constants
static const uint32_t rho[6] = {0x3f022425, 0x1c143a09, 0x2c3d3615, 0x27191713, 0x312b382e, 0x3e030832};
// Pi permutation constants
static const uint32_t pi[6] = {0x110b070a, 0x10050312, 0x04181508, 0x0d13170f, 0x0e14020c, 0x01060916};
// Macros for bit manipulation
#define ROTR64(x, y) (((x) << (64U - (y))) | ((x) >> (y)))
// Keccak-f permutation
void SHA3Builder::keccak_f(uint64_t state[25]) {
uint64_t lane[5];
uint64_t *s = state;
int i;
for (int round = 0; round < 24; round++) {
uint64_t t;
// Theta step
for (i = 0; i < 5; i++) {
lane[i] = s[i] ^ s[i + 5] ^ s[i + 10] ^ s[i + 15] ^ s[i + 20];
}
for (i = 0; i < 5; i++) {
t = lane[(i + 4) % 5] ^ ROTR64(lane[(i + 1) % 5], 63);
s[i] ^= t;
s[i + 5] ^= t;
s[i + 10] ^= t;
s[i + 15] ^= t;
s[i + 20] ^= t;
}
// Rho step
for (i = 1; i < 25; i += 4) {
uint32_t r = rho[(i - 1) >> 2];
for (int j = i; j < i + 4; j++) {
uint8_t r8 = (uint8_t)(r >> 24);
r <<= 8;
s[j] = ROTR64(s[j], r8);
}
}
// Pi step
t = s[1];
for (i = 0; i < 24; i += 4) {
uint32_t p = pi[i >> 2];
for (unsigned j = 0; j < 4; j++) {
uint64_t tmp = s[p & 0xff];
s[p & 0xff] = t;
t = tmp;
p >>= 8;
}
}
// Chi step
for (i = 0; i <= 20; i += 5) {
lane[0] = s[i];
lane[1] = s[i + 1];
lane[2] = s[i + 2];
lane[3] = s[i + 3];
lane[4] = s[i + 4];
s[i + 0] ^= (~lane[1]) & lane[2];
s[i + 1] ^= (~lane[2]) & lane[3];
s[i + 2] ^= (~lane[3]) & lane[4];
s[i + 3] ^= (~lane[4]) & lane[0];
s[i + 4] ^= (~lane[0]) & lane[1];
}
// Iota step
s[0] ^= keccak_round_constants[round];
}
}
// Process a block of data
void SHA3Builder::process_block(const uint8_t *data) {
// XOR the data into the state using byte-level operations
for (size_t i = 0; i < rate; i++) {
size_t state_idx = i >> 3; // i / 8
size_t bit_offset = (i & 0x7) << 3; // (i % 8) * 8
uint64_t byte_val = (uint64_t)data[i] << bit_offset;
state[state_idx] ^= byte_val;
}
// Apply Keccak-f permutation
keccak_f(state);
}
// Pad the input according to SHA3 specification
void SHA3Builder::pad() {
// Clear the buffer first
memset(buffer + buffer_size, 0, rate - buffer_size);
// Add the domain separator (0x06) at the current position
buffer[buffer_size] = 0x06;
// Set the last byte to indicate the end (0x80)
buffer[rate - 1] = 0x80;
}
// Constructor
SHA3Builder::SHA3Builder(size_t hash_size) : hash_size(hash_size), buffer_size(0), finalized(false) {
// Calculate rate based on hash size
if (hash_size == SHA3_224_HASH_SIZE) {
rate = SHA3_224_RATE;
} else if (hash_size == SHA3_256_HASH_SIZE) {
rate = SHA3_256_RATE;
} else if (hash_size == SHA3_384_HASH_SIZE) {
rate = SHA3_384_RATE;
} else if (hash_size == SHA3_512_HASH_SIZE) {
rate = SHA3_512_RATE;
} else {
log_e("Invalid hash size: %d", hash_size);
rate = 0; // Invalid hash size
}
}
// Initialize the hash computation
void SHA3Builder::begin() {
// Clear the state
memset(state, 0, sizeof(state));
memset(buffer, 0, sizeof(buffer));
buffer_size = 0;
finalized = false;
}
// Add data to the hash computation
void SHA3Builder::add(const uint8_t *data, size_t len) {
if (finalized || len == 0) {
return;
}
size_t offset = 0;
// Process any buffered data first
if (buffer_size > 0) {
size_t to_copy = std::min(len, rate - buffer_size);
memcpy(buffer + buffer_size, data, to_copy);
buffer_size += to_copy;
offset += to_copy;
if (buffer_size == rate) {
process_block(buffer);
buffer_size = 0;
}
}
// Process full blocks
while (offset + rate <= len) {
process_block(data + offset);
offset += rate;
}
// Buffer remaining data
if (offset < len) {
memcpy(buffer, data + offset, len - offset);
buffer_size = len - offset;
}
}
// Add data from a stream
bool SHA3Builder::addStream(Stream &stream, const size_t maxLen) {
const int buf_size = 512;
int maxLengthLeft = maxLen;
uint8_t *buf = (uint8_t *)malloc(buf_size);
if (!buf) {
return false;
}
int bytesAvailable = stream.available();
while ((bytesAvailable > 0) && (maxLengthLeft > 0)) {
// Determine number of bytes to read
int readBytes = bytesAvailable;
if (readBytes > maxLengthLeft) {
readBytes = maxLengthLeft;
}
if (readBytes > buf_size) {
readBytes = buf_size;
}
// Read data and check if we got something
int numBytesRead = stream.readBytes(buf, readBytes);
if (numBytesRead < 1) {
free(buf);
return false;
}
// Update SHA3 with buffer payload
add(buf, numBytesRead);
// Update available number of bytes
maxLengthLeft -= numBytesRead;
bytesAvailable = stream.available();
}
free(buf);
return true;
}
// Finalize the hash computation
void SHA3Builder::calculate() {
if (finalized) {
return;
}
// Pad the input
pad();
// Process the final block
process_block(buffer);
// Extract bytes from the state
for (size_t i = 0; i < hash_size; i++) {
size_t state_idx = i >> 3; // i / 8
size_t bit_offset = (i & 0x7) << 3; // (i % 8) * 8
hash[i] = (uint8_t)(state[state_idx] >> bit_offset);
}
finalized = true;
}
// Get the hash as bytes
void SHA3Builder::getBytes(uint8_t *output) {
memcpy(output, hash, hash_size);
}
// Get the hash as hex string
void SHA3Builder::getChars(char *output) {
if (!finalized || output == nullptr) {
log_e("Error: SHA3 not calculated or no output buffer provided.");
return;
}
bytes2hex(output, hash_size * 2 + 1, hash, hash_size);
}
// Get the hash as String
String SHA3Builder::toString() {
char out[(hash_size * 2) + 1];
getChars(out);
return String(out);
}
libraries/Hash/src/SHA3Builder.h
+89
View File
@@ -0,0 +1,89 @@
// Copyright 2025 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef SHA3Builder_h
#define SHA3Builder_h
#include <WString.h>
#include <Stream.h>
#include "HashBuilder.h"
// SHA3 constants
#define SHA3_224_HASH_SIZE 28
#define SHA3_256_HASH_SIZE 32
#define SHA3_384_HASH_SIZE 48
#define SHA3_512_HASH_SIZE 64
#define SHA3_224_RATE 144
#define SHA3_256_RATE 136
#define SHA3_384_RATE 104
#define SHA3_512_RATE 72
#define SHA3_STATE_SIZE 200 // 1600 bits = 200 bytes
class SHA3Builder : public HashBuilder {
protected:
uint64_t state[25]; // SHA3 state (1600 bits)
uint8_t buffer[200]; // Input buffer
size_t rate; // Rate (block size)
size_t hash_size; // Output hash size
size_t buffer_size; // Current buffer size
bool finalized; // Whether hash has been finalized
uint8_t hash[64]; // Hash result
void keccak_f(uint64_t state[25]);
void process_block(const uint8_t *data);
void pad();
public:
using HashBuilder::add;
SHA3Builder(size_t hash_size = SHA3_256_HASH_SIZE);
virtual ~SHA3Builder() {}
void begin() override;
void add(const uint8_t *data, size_t len) override;
bool addStream(Stream &stream, const size_t maxLen) override;
void calculate() override;
void getBytes(uint8_t *output) override;
void getChars(char *output) override;
String toString() override;
size_t getHashSize() const override {
return hash_size;
}
};
class SHA3_224Builder : public SHA3Builder {
public:
SHA3_224Builder() : SHA3Builder(SHA3_224_HASH_SIZE) {}
};
class SHA3_256Builder : public SHA3Builder {
public:
SHA3_256Builder() : SHA3Builder(SHA3_256_HASH_SIZE) {}
};
class SHA3_384Builder : public SHA3Builder {
public:
SHA3_384Builder() : SHA3Builder(SHA3_384_HASH_SIZE) {}
};
class SHA3_512Builder : public SHA3Builder {
public:
SHA3_512Builder() : SHA3Builder(SHA3_512_HASH_SIZE) {}
};
#endif