调整C中现有的GOST代码以散列文件
调整C中现有的GOST代码以散列文件
提问于 2015-07-21 19:49:22
我正在尝试使用C对GOST哈希函数进行手工编码。我看到了Markku-Juhani (来自链接)的以下代码。
/*
* gosthash.c
* 21 Apr 1998 Markku-Juhani Saarinen <mjos@ssh.fi>
*
* GOST R 34.11-94, Russian Standard Hash Function
*
* Copyright (c) 1998 SSH Communications Security, Finland
* All rights reserved.
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "gosthash.h"
/* lookup tables : each of these has two rotated 4-bit S-Boxes */
unsigned long gost_sbox_1[256];
unsigned long gost_sbox_2[256];
unsigned long gost_sbox_3[256];
unsigned long gost_sbox_4[256];
/* initialize the lookup tables */
void gosthash_init()
{
int a, b, i;
unsigned long ax, bx, cx, dx;
/* 4-bit S-Boxes */
unsigned long sbox[8][16] =
{
{ 4, 10, 9, 2, 13, 8, 0, 14, 6, 11, 1, 12, 7, 15, 5, 3 },
{ 14, 11, 4, 12, 6, 13, 15, 10, 2, 3, 8, 1, 0, 7, 5, 9 },
{ 5, 8, 1, 13, 10, 3, 4, 2, 14, 15, 12, 7, 6, 0, 9, 11 },
{ 7, 13, 10, 1, 0, 8, 9, 15, 14, 4, 6, 12, 11, 2, 5, 3 },
{ 6, 12, 7, 1, 5, 15, 13, 8, 4, 10, 9, 14, 0, 3, 11, 2 },
{ 4, 11, 10, 0, 7, 2, 1, 13, 3, 6, 8, 5, 9, 12, 15, 14 },
{ 13, 11, 4, 1, 3, 15, 5, 9, 0, 10, 14, 7, 6, 8, 2, 12 },
{ 1, 15, 13, 0, 5, 7, 10, 4, 9, 2, 3, 14, 6, 11, 8, 12 }
};
/* s-box precomputation */
i = 0;
for (a = 0; a < 16; a++)
{
ax = sbox[1][a] << 15;
bx = sbox[3][a] << 23;
cx = sbox[5][a];
cx = (cx >> 1) | (cx << 31);
dx = sbox[7][a] << 7;
for (b = 0; b < 16; b++)
{
gost_sbox_1[i] = ax | (sbox[0][b] << 11);
gost_sbox_2[i] = bx | (sbox[2][b] << 19);
gost_sbox_3[i] = cx | (sbox[4][b] << 27);
gost_sbox_4[i++] = dx | (sbox[6][b] << 3);
}
}
}
/*
* A macro that performs a full encryption round of GOST 28147-89.
* Temporary variable t assumed and variables r and l for left and right
* blocks
*/
#define GOST_ENCRYPT_ROUND(k1, k2) \
t = (k1) + r; \
l ^= gost_sbox_1[t & 0xff] ^ gost_sbox_2[(t >> 8) & 0xff] ^ \
gost_sbox_3[(t >> 16) & 0xff] ^ gost_sbox_4[t >> 24]; \
t = (k2) + l; \
r ^= gost_sbox_1[t & 0xff] ^ gost_sbox_2[(t >> 8) & 0xff] ^ \
gost_sbox_3[(t >> 16) & 0xff] ^ gost_sbox_4[t >> 24]; \
/* encrypt a block with the given key */
#define GOST_ENCRYPT(key) \
GOST_ENCRYPT_ROUND(key[0], key[1]) \
GOST_ENCRYPT_ROUND(key[2], key[3]) \
GOST_ENCRYPT_ROUND(key[4], key[5]) \
GOST_ENCRYPT_ROUND(key[6], key[7]) \
GOST_ENCRYPT_ROUND(key[0], key[1]) \
GOST_ENCRYPT_ROUND(key[2], key[3]) \
GOST_ENCRYPT_ROUND(key[4], key[5]) \
GOST_ENCRYPT_ROUND(key[6], key[7]) \
GOST_ENCRYPT_ROUND(key[0], key[1]) \
GOST_ENCRYPT_ROUND(key[2], key[3]) \
GOST_ENCRYPT_ROUND(key[4], key[5]) \
GOST_ENCRYPT_ROUND(key[6], key[7]) \
GOST_ENCRYPT_ROUND(key[7], key[6]) \
GOST_ENCRYPT_ROUND(key[5], key[4]) \
GOST_ENCRYPT_ROUND(key[3], key[2]) \
GOST_ENCRYPT_ROUND(key[1], key[0]) \
t = r; \
r = l; \
l = t;
/*
* "chi" compression function. the result is stored over h
*/
void gosthash_compress(unsigned long *h, unsigned long *m)
{
int i;
unsigned long l, r, t, key[8], u[8], v[8], w[8], s[8];
memcpy(u, h, sizeof(u));
memcpy(v, m, sizeof(u));
for (i = 0; i < 8; i += 2)
{
w[0] = u[0] ^ v[0]; /* w = u xor v */
w[1] = u[1] ^ v[1];
w[2] = u[2] ^ v[2];
w[3] = u[3] ^ v[3];
w[4] = u[4] ^ v[4];
w[5] = u[5] ^ v[5];
w[6] = u[6] ^ v[6];
w[7] = u[7] ^ v[7];
/* P-Transformation */
key[0] = (w[0] & 0x000000ff) | ((w[2] & 0x000000ff) << 8) |
((w[4] & 0x000000ff) << 16) | ((w[6] & 0x000000ff) << 24);
key[1] = ((w[0] & 0x0000ff00) >> 8) | (w[2] & 0x0000ff00) |
((w[4] & 0x0000ff00) << 8) | ((w[6] & 0x0000ff00) << 16);
key[2] = ((w[0] & 0x00ff0000) >> 16) | ((w[2] & 0x00ff0000) >> 8) |
(w[4] & 0x00ff0000) | ((w[6] & 0x00ff0000) << 8);
key[3] = ((w[0] & 0xff000000) >> 24) | ((w[2] & 0xff000000) >> 16) |
((w[4] & 0xff000000) >> 8) | (w[6] & 0xff000000);
key[4] = (w[1] & 0x000000ff) | ((w[3] & 0x000000ff) << 8) |
((w[5] & 0x000000ff) << 16) | ((w[7] & 0x000000ff) << 24);
key[5] = ((w[1] & 0x0000ff00) >> 8) | (w[3] & 0x0000ff00) |
((w[5] & 0x0000ff00) << 8) | ((w[7] & 0x0000ff00) << 16);
key[6] = ((w[1] & 0x00ff0000) >> 16) | ((w[3] & 0x00ff0000) >> 8) |
(w[5] & 0x00ff0000) | ((w[7] & 0x00ff0000) << 8);
key[7] = ((w[1] & 0xff000000) >> 24) | ((w[3] & 0xff000000) >> 16) |
((w[5] & 0xff000000) >> 8) | (w[7] & 0xff000000);
r = h[i]; /* encriphering transformation */
l = h[i + 1];
GOST_ENCRYPT(key);
s[i] = r;
s[i + 1] = l;
if (i == 6)
break;
l = u[0] ^ u[2]; /* U = A(U) */
r = u[1] ^ u[3];
u[0] = u[2];
u[1] = u[3];
u[2] = u[4];
u[3] = u[5];
u[4] = u[6];
u[5] = u[7];
u[6] = l;
u[7] = r;
if (i == 2) /* Constant C_3 */
{
u[0] ^= 0xff00ff00;
u[1] ^= 0xff00ff00;
u[2] ^= 0x00ff00ff;
u[3] ^= 0x00ff00ff;
u[4] ^= 0x00ffff00;
u[5] ^= 0xff0000ff;
u[6] ^= 0x000000ff;
u[7] ^= 0xff00ffff;
}
l = v[0]; /* V = A(A(V)) */
r = v[2];
v[0] = v[4];
v[2] = v[6];
v[4] = l ^ r;
v[6] = v[0] ^ r;
l = v[1];
r = v[3];
v[1] = v[5];
v[3] = v[7];
v[5] = l ^ r;
v[7] = v[1] ^ r;
}
/* 12 rounds of the LFSR (computed from a product matrix) and xor in M */
u[0] = m[0] ^ s[6];
u[1] = m[1] ^ s[7];
u[2] = m[2] ^ (s[0] << 16) ^ (s[0] >> 16) ^ (s[0] & 0xffff) ^
(s[1] & 0xffff) ^ (s[1] >> 16) ^ (s[2] << 16) ^ s[6] ^ (s[6] << 16) ^
(s[7] & 0xffff0000) ^ (s[7] >> 16);
u[3] = m[3] ^ (s[0] & 0xffff) ^ (s[0] << 16) ^ (s[1] & 0xffff) ^
(s[1] << 16) ^ (s[1] >> 16) ^ (s[2] << 16) ^ (s[2] >> 16) ^
(s[3] << 16) ^ s[6] ^ (s[6] << 16) ^ (s[6] >> 16) ^ (s[7] & 0xffff) ^
(s[7] << 16) ^ (s[7] >> 16);
u[4] = m[4] ^
(s[0] & 0xffff0000) ^ (s[0] << 16) ^ (s[0] >> 16) ^
(s[1] & 0xffff0000) ^ (s[1] >> 16) ^ (s[2] << 16) ^ (s[2] >> 16) ^
(s[3] << 16) ^ (s[3] >> 16) ^ (s[4] << 16) ^ (s[6] << 16) ^
(s[6] >> 16) ^(s[7] & 0xffff) ^ (s[7] << 16) ^ (s[7] >> 16);
u[5] = m[5] ^ (s[0] << 16) ^ (s[0] >> 16) ^ (s[0] & 0xffff0000) ^
(s[1] & 0xffff) ^ s[2] ^ (s[2] >> 16) ^ (s[3] << 16) ^ (s[3] >> 16) ^
(s[4] << 16) ^ (s[4] >> 16) ^ (s[5] << 16) ^ (s[6] << 16) ^
(s[6] >> 16) ^ (s[7] & 0xffff0000) ^ (s[7] << 16) ^ (s[7] >> 16);
u[6] = m[6] ^ s[0] ^ (s[1] >> 16) ^ (s[2] << 16) ^ s[3] ^ (s[3] >> 16) ^
(s[4] << 16) ^ (s[4] >> 16) ^ (s[5] << 16) ^ (s[5] >> 16) ^ s[6] ^
(s[6] << 16) ^ (s[6] >> 16) ^ (s[7] << 16);
u[7] = m[7] ^ (s[0] & 0xffff0000) ^ (s[0] << 16) ^ (s[1] & 0xffff) ^
(s[1] << 16) ^ (s[2] >> 16) ^ (s[3] << 16) ^ s[4] ^ (s[4] >> 16) ^
(s[5] << 16) ^ (s[5] >> 16) ^ (s[6] >> 16) ^ (s[7] & 0xffff) ^
(s[7] << 16) ^ (s[7] >> 16);
/* 16 * 1 round of the LFSR and xor in H */
v[0] = h[0] ^ (u[1] << 16) ^ (u[0] >> 16);
v[1] = h[1] ^ (u[2] << 16) ^ (u[1] >> 16);
v[2] = h[2] ^ (u[3] << 16) ^ (u[2] >> 16);
v[3] = h[3] ^ (u[4] << 16) ^ (u[3] >> 16);
v[4] = h[4] ^ (u[5] << 16) ^ (u[4] >> 16);
v[5] = h[5] ^ (u[6] << 16) ^ (u[5] >> 16);
v[6] = h[6] ^ (u[7] << 16) ^ (u[6] >> 16);
v[7] = h[7] ^ (u[0] & 0xffff0000) ^ (u[0] << 16) ^ (u[7] >> 16) ^
(u[1] & 0xffff0000) ^ (u[1] << 16) ^ (u[6] << 16) ^ (u[7] & 0xffff0000);
/* 61 rounds of LFSR, mixing up h (computed from a product matrix) */
h[0] = (v[0] & 0xffff0000) ^ (v[0] << 16) ^ (v[0] >> 16) ^ (v[1] >> 16) ^
(v[1] & 0xffff0000) ^ (v[2] << 16) ^ (v[3] >> 16) ^ (v[4] << 16) ^
(v[5] >> 16) ^ v[5] ^ (v[6] >> 16) ^ (v[7] << 16) ^ (v[7] >> 16) ^
(v[7] & 0xffff);
h[1] = (v[0] << 16) ^ (v[0] >> 16) ^ (v[0] & 0xffff0000) ^ (v[1] & 0xffff) ^
v[2] ^ (v[2] >> 16) ^ (v[3] << 16) ^ (v[4] >> 16) ^ (v[5] << 16) ^
(v[6] << 16) ^ v[6] ^ (v[7] & 0xffff0000) ^ (v[7] >> 16);
h[2] = (v[0] & 0xffff) ^ (v[0] << 16) ^ (v[1] << 16) ^ (v[1] >> 16) ^
(v[1] & 0xffff0000) ^ (v[2] << 16) ^ (v[3] >> 16) ^ v[3] ^ (v[4] << 16) ^
(v[5] >> 16) ^ v[6] ^ (v[6] >> 16) ^ (v[7] & 0xffff) ^ (v[7] << 16) ^
(v[7] >> 16);
h[3] = (v[0] << 16) ^ (v[0] >> 16) ^ (v[0] & 0xffff0000) ^
(v[1] & 0xffff0000) ^ (v[1] >> 16) ^ (v[2] << 16) ^ (v[2] >> 16) ^ v[2] ^
(v[3] << 16) ^ (v[4] >> 16) ^ v[4] ^ (v[5] << 16) ^ (v[6] << 16) ^
(v[7] & 0xffff) ^ (v[7] >> 16);
h[4] = (v[0] >> 16) ^ (v[1] << 16) ^ v[1] ^ (v[2] >> 16) ^ v[2] ^
(v[3] << 16) ^ (v[3] >> 16) ^ v[3] ^ (v[4] << 16) ^ (v[5] >> 16) ^
v[5] ^ (v[6] << 16) ^ (v[6] >> 16) ^ (v[7] << 16);
h[5] = (v[0] << 16) ^ (v[0] & 0xffff0000) ^ (v[1] << 16) ^ (v[1] >> 16) ^
(v[1] & 0xffff0000) ^ (v[2] << 16) ^ v[2] ^ (v[3] >> 16) ^ v[3] ^
(v[4] << 16) ^ (v[4] >> 16) ^ v[4] ^ (v[5] << 16) ^ (v[6] << 16) ^
(v[6] >> 16) ^ v[6] ^ (v[7] << 16) ^ (v[7] >> 16) ^ (v[7] & 0xffff0000);
h[6] = v[0] ^ v[2] ^ (v[2] >> 16) ^ v[3] ^ (v[3] << 16) ^ v[4] ^
(v[4] >> 16) ^ (v[5] << 16) ^ (v[5] >> 16) ^ v[5] ^ (v[6] << 16) ^
(v[6] >> 16) ^ v[6] ^ (v[7] << 16) ^ v[7];
h[7] = v[0] ^ (v[0] >> 16) ^ (v[1] << 16) ^ (v[1] >> 16) ^ (v[2] << 16) ^
(v[3] >> 16) ^ v[3] ^ (v[4] << 16) ^ v[4] ^ (v[5] >> 16) ^ v[5] ^
(v[6] << 16) ^ (v[6] >> 16) ^ (v[7] << 16) ^ v[7];
}
/* Clear the state of the given context structure. */
void gosthash_reset(GostHashCtx *ctx)
{
memset(ctx->sum, 0, 32);
memset(ctx->hash, 0, 32);
memset(ctx->len, 0, 32);
memset(ctx->partial, 0, 32);
ctx->partial_bytes = 0;
}
/* Mix in a 32-byte chunk ("stage 3") */
void gosthash_bytes(GostHashCtx *ctx, const unsigned char *buf, size_t bits)
{
int i, j;
unsigned long a, b, c, m[8];
/* convert bytes to a long words and compute the sum */
j = 0;
c = 0;
for (i = 0; i < 8; i++)
{
a = ((unsigned long) buf[j]) |
(((unsigned long) buf[j + 1]) << 8) |
(((unsigned long) buf[j + 2]) << 16) |
(((unsigned long) buf[j + 3]) << 24);
j += 4;
m[i] = a;
b = ctx->sum[i];
c = a + c + ctx->sum[i];
ctx->sum[i] = c;
c = ((c < a) || (c < b)) ? 1 : 0;
}
/* compress */
gosthash_compress(ctx->hash, m);
/* a 64-bit counter should be sufficient */
ctx->len[0] += bits;
if (ctx->len[0] < bits)
ctx->len[1]++;
}
/* Mix in len bytes of data for the given buffer. */
void gosthash_update(GostHashCtx *ctx, const unsigned char *buf, size_t len)
{
size_t i, j;
i = ctx->partial_bytes;
j = 0;
while (i < 32 && j < len)
ctx->partial[i++] = buf[j++];
if (i < 32)
{
ctx->partial_bytes = i;
return;
}
gosthash_bytes(ctx, ctx->partial, 256);
while ((j + 32) < len)
{
gosthash_bytes(ctx, &buf[j], 256);
j += 32;
}
i = 0;
while (j < len)
ctx->partial[i++] = buf[j++];
ctx->partial_bytes = i;
}
/* Compute and save the 32-byte digest. */
void gosthash_final(GostHashCtx *ctx, unsigned char *digest)
{
int i, j;
unsigned long a;
/* adjust and mix in the last chunk */
if (ctx->partial_bytes > 0)
{
memset(&ctx->partial[ctx->partial_bytes], 0, 32 - ctx->partial_bytes);
gosthash_bytes(ctx, ctx->partial, ctx->partial_bytes << 3);
}
/* mix in the length and the sum */
gosthash_compress(ctx->hash, ctx->len);
gosthash_compress(ctx->hash, ctx->sum);
/* convert the output to bytes */
j = 0;
for (i = 0; i < 8; i++)
{
a = ctx->hash[i];
digest[j] = (unsigned char) a;
digest[j + 1] = (unsigned char) (a >> 8);
digest[j + 2] = (unsigned char) (a >> 16);
digest[j + 3] = (unsigned char) (a >> 24);
j += 4;
}
}但是,没有一个main()函数可以用来编译一个可执行文件。我想要一个main(int argc, char *argv[])类型的主文件,用它调用带有生成的可执行文件的文件,并对文件的内容进行散列处理。
我已经重复了一遍又一遍的代码,但是我被困在调用代码的函数上,我不知道如何继续。请给我一些关于如何填充我的主要功能来运行这段代码的想法吗?
编辑
我尝试了以下main()代码,但它似乎不起作用:
void main(int argc, char *argv[]){
if (argc!=2) {
fprintf(stderr, "Error: Provide name of one source file.\n");
exit(EXIT_FAILURE);
}
char *clear_file = argv[1];
const char *FILENAME_IN = clear_file;
FILE *infile;
infile = fopen(FILENAME_IN, "r");
GostHashCtx *ctx = malloc(sizeof(GostHashCtx));
unsigned char *digest, *buf;
char c;
if(infile == NULL){
fprintf(stderr, "Error: Source file not found.\n");
exit(EXIT_FAILURE);
}
gosthash_init();
gosthash_reset(ctx); //printf("CTX.PB=%d\n\n",ctx->partial_bytes);
int quit = 0;
while (quit == 0) {
int p = 0;
buf = malloc(256);
strcpy(buf, "");
while(((c = fgetc(infile)) != EOF) && (p < 256)) {
*(buf+p) = c;
p++;
}
//*(buf+p) = '\0';
if(c == EOF) quit = 1;
gosthash_update(ctx, buf, 256);
free(buf);
}
digest = malloc(256);
strcpy(digest, "");
gosthash_final(ctx, digest);
printf("%s\n", digest);
free(ctx);
free(digest);
}为了验证输出,我使用一个在线工具快速地将得到的字符串digest转换为HEX,但是对于已知的GOST散列测试值,结果是不正确的。拜托,你知道为什么会这样吗?
回答 3
Stack Overflow用户
回答已采纳
发布于 2015-07-21 20:07:01
好的,首先您必须调用gosthash_init来填充查找表。然后分配您所需的GostHashCtx类型的上下文--在您的情况下可能只需要一个上下文。您可以预先重置它,以确保上下文中填充了零值。
现在,您可以调用gosthash_update一次或多次,以散列文件中的所有字节(当然,按顺序排列)。最后,调用gosthash_final来创建哈希。这些步骤执行实际的散列。
如果您想散列其他东西,首先调用gosthash_reset,然后再调用gosthash_update和gosthash_final。
Stack Overflow用户
发布于 2015-07-24 20:29:36
当您到达文件的末尾时,如果文件长度不是256的倍数,则不会填充缓冲区,但仍然调用大小为256的gosthash_update,这意味着它将散列在缓冲区其余部分中的任何随机垃圾中。尝试将其更改为gosthash_update(ctx, buf, p);
也没有必要调用malloc --只需使用本地vars。您可以通过使用open/read而不是fopen/fgetc来简化事情:
char buf[2048]; /* or any size you like */
int len;
int fd = open(FILENAME_IN, O_RDONLY);
GostHashCtxt ctx;
gosthash_init();
gosthash_reset(&ctx);
while ((len = read(fd, buf, sizeof(buf)) > 0)
gosthash_update(&ctx, buf, len);
gosthash_final(&ctx, buf);
write(1, buf, 32);注意,结果摘要不是以空结尾的字符串--它是32字节的二进制数据。所以你不能安全地用printf("%s",打印
Stack Overflow用户
发布于 2015-07-30 19:29:01
如果其他人有相同的问题,我将在这里发布我的main()函数的最后代码。再次感谢“克里斯多德”和“MaartenBodewes”对他们的帮助。
编辑:,我已经为任何改进做了CW。(当前的代码在Windows环境下运行良好,但是在某些环境(如 Linux )中,由于指令gosthash_final(ctx, digest); (我追溯到gosthash_final()函数中对gosthash_compress()的调用),会发生故障。)
/* I used this function to get the hash result in HEX format */
void hexify(unsigned char *in, char *out) {
char hex[64], tmp[3];
int i;
hex[0]='\0';
for(i=0; i<32; i++ )
{
sprintf(tmp, "%02X", in[i]);
strcat(hex, tmp);
}
strcpy(out, hex);
}
int main(int argc, char *argv[]){
if (argc!=2) {
fprintf(stderr, "Error: Provide name of one source file.\n");
exit(EXIT_FAILURE);
}
char *clear_file = argv[1];
const char *FILENAME_IN = clear_file;
FILE *infile;
infile = fopen(FILENAME_IN, "r");
GostHashCtx *ctx = malloc(sizeof(GostHashCtx));
unsigned char digest[32], buf[16];
char hex[64];
hex[0]='\0';
if(infile == NULL){
fprintf(stderr, "Error: Source file not found.\n");
exit(EXIT_FAILURE);
}
gosthash_init();
gosthash_reset(ctx);
size_t nread;
while ((nread = fread(buf, 1, sizeof(buf), infile)) > 0)
gosthash_update(ctx, buf, nread);
fclose(infile);
digest[0]='\0';
gosthash_final(ctx, digest);
hexify(digest, hex);
printf("HASH= %s\n", hex);
free(ctx);
return 0;
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/31550616
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号