func TestKeccak(t *testing.T) { for i := range tests { var h hash.Hash switch tests[i].length { case 28: h = New224() case 32: h = New256() case 48: h = New384() case 64: h = New512() default: panic("invalid testcase") } h.Write(tests[i].input) d := h.Sum(nil) if !bytes.Equal(d, tests[i].output) { t.Errorf("testcase %d: expected %x got %x", i, tests[i].output, d) } } }
// Iterated writes to out the result of computing the Iterated and Salted S2K // function (RFC 4880, section 3.7.1.3) using the given hash, input passphrase, // salt and iteration count. func Iterated(out []byte, h hash.Hash, in []byte, salt []byte, count int) { combined := make([]byte, len(in)+len(salt)) copy(combined, salt) copy(combined[len(salt):], in) if count < len(combined) { count = len(combined) } done := 0 var digest []byte for i := 0; done < len(out); i++ { h.Reset() for j := 0; j < i; j++ { h.Write(zero[:]) } written := 0 for written < count { if written+len(combined) > count { todo := count - written h.Write(combined[:todo]) written = count } else { h.Write(combined) written += len(combined) } } digest = h.Sum(digest[:0]) n := copy(out[done:], digest) done += n } }
// RefFromHash returns a blobref representing the given hash. // It panics if the hash isn't of a known type. func RefFromHash(h hash.Hash) Ref { meta, ok := metaFromType[reflect.TypeOf(h)] if !ok { panic(fmt.Sprintf("Currently-unsupported hash type %T", h)) } return Ref{meta.ctor(h.Sum(nil))} }
// finishedSum30 calculates the contents of the verify_data member of a SSLv3 // Finished message given the MD5 and SHA1 hashes of a set of handshake // messages. func finishedSum30(md5, sha1 hash.Hash, masterSecret []byte, magic []byte) []byte { md5.Write(magic) md5.Write(masterSecret) md5.Write(ssl30Pad1[:]) md5Digest := md5.Sum(nil) md5.Reset() md5.Write(masterSecret) md5.Write(ssl30Pad2[:]) md5.Write(md5Digest) md5Digest = md5.Sum(nil) sha1.Write(magic) sha1.Write(masterSecret) sha1.Write(ssl30Pad1[:40]) sha1Digest := sha1.Sum(nil) sha1.Reset() sha1.Write(masterSecret) sha1.Write(ssl30Pad2[:40]) sha1.Write(sha1Digest) sha1Digest = sha1.Sum(nil) ret := make([]byte, len(md5Digest)+len(sha1Digest)) copy(ret, md5Digest) copy(ret[len(md5Digest):], sha1Digest) return ret }
// hashCopyN - Calculates Md5sum and SHA256sum for upto partSize amount of bytes. func (c Client) hashCopyN(writer io.ReadWriter, reader io.Reader, partSize int64) (md5Sum, sha256Sum []byte, size int64, err error) { // MD5 and SHA256 hasher. var hashMD5, hashSHA256 hash.Hash // MD5 and SHA256 hasher. hashMD5 = md5.New() hashWriter := io.MultiWriter(writer, hashMD5) if c.signature.isV4() { hashSHA256 = sha256.New() hashWriter = io.MultiWriter(writer, hashMD5, hashSHA256) } // Copies to input at writer. size, err = io.CopyN(hashWriter, reader, partSize) if err != nil { // If not EOF return error right here. if err != io.EOF { return nil, nil, 0, err } } // Finalize md5shum and sha256 sum. md5Sum = hashMD5.Sum(nil) if c.signature.isV4() { sha256Sum = hashSHA256.Sum(nil) } return md5Sum, sha256Sum, size, err }
// Returns true if the provided message is unsigned or has a valid signature // from one of the provided signers. func authenticateMessage(signers map[string]Signer, header *Header, msg []byte) bool { digest := header.GetHmac() if digest != nil { var key string signer := fmt.Sprintf("%s_%d", header.GetHmacSigner(), header.GetHmacKeyVersion()) if s, ok := signers[signer]; ok { key = s.HmacKey } else { return false } var hm hash.Hash switch header.GetHmacHashFunction() { case Header_MD5: hm = hmac.New(md5.New, []byte(key)) case Header_SHA1: hm = hmac.New(sha1.New, []byte(key)) } hm.Write(msg) expectedDigest := hm.Sum(nil) if subtle.ConstantTimeCompare(digest, expectedDigest) != 1 { return false } } return true }
func authenticateMessage(signers map[string]Signer, header *Header, pack *PipelinePack) bool { digest := header.GetHmac() if digest != nil { var key string signer := fmt.Sprintf("%s_%d", header.GetHmacSigner(), header.GetHmacKeyVersion()) if s, ok := signers[signer]; ok { key = s.HmacKey } else { return false } var hm hash.Hash switch header.GetHmacHashFunction() { case Header_MD5: hm = hmac.New(md5.New, []byte(key)) case Header_SHA1: hm = hmac.New(sha1.New, []byte(key)) } hm.Write(pack.MsgBytes) expectedDigest := hm.Sum(nil) if bytes.Compare(digest, expectedDigest) != 0 { return false } pack.Signer = header.GetHmacSigner() } return true }
func (c *Client) PutObject(key, bucket string, md5 hash.Hash, size int64, body io.Reader) error { req := newReq(c.keyURL(bucket, key)) req.Method = "PUT" req.ContentLength = size if md5 != nil { b64 := new(bytes.Buffer) encoder := base64.NewEncoder(base64.StdEncoding, b64) encoder.Write(md5.Sum(nil)) encoder.Close() req.Header.Set("Content-MD5", b64.String()) } c.Auth.SignRequest(req) req.Body = ioutil.NopCloser(body) res, err := c.transport().RoundTrip(req) if res != nil && res.Body != nil { defer httputil.CloseBody(res.Body) } if err != nil { return err } if res.StatusCode != http.StatusOK { // res.Write(os.Stderr) return fmt.Errorf("Got response code %d from s3", res.StatusCode) } return nil }
// MakeSignature returns a auth_v4 signature from the `string to sign` variable. // May be useful for creating v4 requests for services other than DynamoDB. func MakeSignature(string2sign, zone, service, secret string) string { kCredentials, _ := cacheable_hmacs(zone, service, secret) var kSigning_hmac_sha256 hash.Hash = hmac.New(sha256.New, kCredentials) kSigning_hmac_sha256.Write([]byte(string2sign)) kSigning := kSigning_hmac_sha256.Sum(nil) return hex.EncodeToString(kSigning) }
// Verifies the image package integrity after it is downloaded func (img *Image) verify() error { // Makes sure the file cursor is positioned at the beginning of the file _, err := img.file.Seek(0, 0) if err != nil { return err } log.Printf("[DEBUG] Verifying image checksum...") var hasher hash.Hash switch img.ChecksumType { case "md5": hasher = md5.New() case "sha1": hasher = sha1.New() case "sha256": hasher = sha256.New() case "sha512": hasher = sha512.New() default: return fmt.Errorf("[ERROR] Crypto algorithm no supported: %s", img.ChecksumType) } _, err = io.Copy(hasher, img.file) if err != nil { return err } result := fmt.Sprintf("%x", hasher.Sum(nil)) if result != img.Checksum { return fmt.Errorf("[ERROR] Checksum does not match\n Result: %s\n Expected: %s", result, img.Checksum) } return nil }
// DeriveConcatKDF implements NIST SP 800-56A Concatenation Key Derivation Function. Derives // key material of keydatalen bits size given Z (sharedSecret), OtherInfo (AlgorithmID | // PartyUInfo | PartyVInfo | SuppPubInfo | SuppPrivInfo) and hash function func DeriveConcatKDF(keydatalen int, sharedSecret, algId, partyUInfo, partyVInfo, suppPubInfo, suppPrivInfo []byte, h hash.Hash) []byte { otherInfo := arrays.Concat(algId, partyUInfo, partyVInfo, suppPubInfo, suppPrivInfo) keyLenBytes := keydatalen >> 3 reps := int(math.Ceil(float64(keyLenBytes) / float64(h.Size()))) if reps > MaxInt { panic("kdf.DeriveConcatKDF: too much iterations (more than 2^32-1).") } dk := make([]byte, 0, keyLenBytes) for counter := 1; counter <= reps; counter++ { h.Reset() counterBytes := arrays.UInt32ToBytes(uint32(counter)) h.Write(counterBytes) h.Write(sharedSecret) h.Write(otherInfo) dk = h.Sum(dk) } return dk[:keyLenBytes] }
func (c *Client) PutObject(name, bucket string, md5 hash.Hash, size int64, body io.Reader) error { req := newReq("http://" + bucket + "." + c.hostname() + "/" + name) req.Method = "PUT" req.ContentLength = size if md5 != nil { b64 := new(bytes.Buffer) encoder := base64.NewEncoder(base64.StdEncoding, b64) encoder.Write(md5.Sum(nil)) encoder.Close() req.Header.Set("Content-MD5", b64.String()) } if c.DefaultACL != "" { req.Header.Set("x-amz-acl", c.DefaultACL) } contentType := mime.TypeByExtension(path.Ext(name)) if contentType == "" { contentType = "application/octet-stream" } req.Header.Set("Content-Type", contentType) c.Auth.SignRequest(req) req.Body = ioutil.NopCloser(body) res, err := c.httpClient().Do(req) if res != nil && res.Body != nil { defer httputil.CloseBody(res.Body) } if err != nil { return err } if res.StatusCode != http.StatusOK { res.Write(os.Stderr) return fmt.Errorf("Got response code %d from s3", res.StatusCode) } return nil }
// HashPasswordWithSalt scrambles the password with the provided parameters. func HashPasswordWithSalt(password, tweak, salt []byte, g, g0 int64, H hash.Hash) ([]byte, error) { if g < g0 { return nil, ErrInvalidGarlic } x := make([]byte, len(tweak)+len(password)|len(salt)) copy(x, tweak) copy(x[len(tweak):], password) copy(x[len(tweak)+len(password):], salt) var err error for i := g0; i <= g; i++ { c := bigPadded(big.NewInt(i), cPad) twoCp1 := new(big.Int).Exp(big.NewInt(2), big.NewInt(i), nil) twoCp1 = twoCp1.Add(twoCp1, big.NewInt(1)) x, err = sbrh(c, x, H) if err != nil { H.Reset() return nil, err } H.Write(c) H.Write(bigPadded(twoCp1, cPad)) H.Write(x) x = H.Sum(nil) H.Reset() } return x, nil }
// Tweak generates a new tweak from the mode, hash, salt length (in // bytes), and any additional data. It provides additional information // that will complicate an attacker's efforts, and allows a system to // differentiate between different uses of the Catena function's output. func Tweak(mode byte, H hash.Hash, saltLen int, ad []byte) ([]byte, error) { if mode != ModePassHash && mode != ModeKeyDerivation { return nil, ErrInvalidTweakMode } hashLen := H.Size() tweakLen := 5 + hashLen var t = make([]byte, 1, tweakLen) t[0] = mode var tmp uint16 = uint16(H.Size() * 8) high := byte(tmp >> 8) low := byte(tmp << 8 >> 8) t = append(t, high) t = append(t, low) tmp = uint16(saltLen * 8) high = byte(tmp >> 8) low = byte(tmp << 8 >> 8) t = append(t, high) t = append(t, low) H.Reset() H.Write(ad) t = append(t, H.Sum(nil)...) H.Reset() return t, nil }
func finishEAX(tag []byte, cmac hash.Hash) { // Finish CMAC #2 and xor into tag. sum := cmac.Sum() for i := range tag { tag[i] ^= sum[i] } }
// VerifySignature returns nil iff sig is a valid signature, made by this // public key, of the data hashed into signed. signed is mutated by this call. func (pk *PublicKey) VerifySignature(signed hash.Hash, sig *Signature) (err os.Error) { if !pk.CanSign() { return error.InvalidArgumentError("public key cannot generate signatures") } signed.Write(sig.HashSuffix) hashBytes := signed.Sum() if hashBytes[0] != sig.HashTag[0] || hashBytes[1] != sig.HashTag[1] { return error.SignatureError("hash tag doesn't match") } if pk.PubKeyAlgo != sig.PubKeyAlgo { return error.InvalidArgumentError("public key and signature use different algorithms") } switch pk.PubKeyAlgo { case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly: rsaPublicKey, _ := pk.PublicKey.(*rsa.PublicKey) err = rsa.VerifyPKCS1v15(rsaPublicKey, sig.Hash, hashBytes, sig.RSASignature) if err != nil { return error.SignatureError("RSA verification failure") } return nil case PubKeyAlgoDSA: dsaPublicKey, _ := pk.PublicKey.(*dsa.PublicKey) if !dsa.Verify(dsaPublicKey, hashBytes, sig.DSASigR, sig.DSASigS) { return error.SignatureError("DSA verification failure") } return nil default: panic("shouldn't happen") } panic("unreachable") }
// Checksum returns the checksum of some data, using a specified algorithm. // It only returns an error when an invalid algorithm is used. The valid ones // are MD5, SHA1, SHA224, SHA256, SHA384, SHA512, SHA3224, SHA3256, SHA3384, // and SHA3512. func Checksum(algorithm string, data []byte) (checksum string, err error) { // default var hasher hash.Hash switch strings.ToUpper(algorithm) { case "MD5": hasher = md5.New() case "SHA1": hasher = sha1.New() case "SHA224": hasher = sha256.New224() case "SHA256": hasher = sha256.New() case "SHA384": hasher = sha512.New384() case "SHA512": hasher = sha512.New() case "SHA3224": hasher = sha3.New224() case "SHA3256": hasher = sha3.New256() case "SHA3384": hasher = sha3.New384() case "SHA3512": hasher = sha3.New512() default: msg := "Invalid algorithm parameter passed go Checksum: %s" return checksum, fmt.Errorf(msg, algorithm) } hasher.Write(data) str := hex.EncodeToString(hasher.Sum(nil)) return str, nil }
func generateChecksum(h hash.Hash, b *[]byte) string { _, err := h.Write(*b) if err != nil { return "" } return fmt.Sprintf("%x", h.Sum(nil)) }
func Encode(k int, h hash.Hash, value []byte, output int) (enc []byte, s [][]byte) { s0 := make([]byte, h.Size()) n := len(value) blockcount := n / k s = make([][]byte, blockcount) for i := 0; i < blockcount; i++ { h.Reset() if i == 0 { h.Write(s0) } else { h.Write(s[i-1]) } h.Write(value[i*k : (i+1)*k]) s[i] = h.Sum(make([]byte, 0, h.Size())) } rng := make([](*RNG), len(s)) for i := 0; i < len(s); i++ { rng[i] = NewRNG(h, s[i]) } enc = make([]byte, output) for i := 0; i < output; i++ { enc[i] = rng[i%blockcount].Next() } return }
func (s *descbc) Decrypt(salt []byte, algo, usage int, data []byte) ([]byte, error) { var h hash.Hash switch algo { case cryptDesCbcMd5: h = md5.New() case cryptDesCbcMd4: h = md4.New() default: return nil, ErrProtocol } if (len(data) & 7) != 0 { return nil, ErrProtocol } iv := [8]byte{} b, _ := des.NewCipher(s.key) c := cipher.NewCBCDecrypter(b, iv[:]) c.CryptBlocks(data, data) chk := make([]byte, h.Size()) h.Write(data[:8]) h.Write(chk) // Just need h.Size() zero bytes instead of the checksum h.Write(data[8+len(chk):]) h.Sum(chk[:0]) if subtle.ConstantTimeCompare(chk, data[8:8+len(chk)]) != 1 { return nil, ErrProtocol } return data[8+len(chk):], nil }
func LoadPost(ctx *web.Context, val string) { username := ctx.Params["username"] password := ctx.Params["password"] salt := strconv.Itoa64(time.Nanoseconds()) + username var h hash.Hash = sha256.New() h.Write([]byte(password + salt)) s, _err := conn.Prepare("INSERT INTO users VALUES(NULL, ?, ?, ?)") utils.ReportErr(_err) s.Exec(username, string(h.Sum()), salt) s.Finalize() conn.Close() sidebar := utils.Loadmustache("admin.mustache", &map[string]string{}) //TESTING, REMOVE LATER script := "<script type=\"text/javascript\" src=\"../inc/adminref.js\"></script>" content := "Welcome to the admin panel, use the control box on your right to control the site content" //ENDTESTING mapping := map[string]string{"css": "../inc/site.css", "title": "Proggin: Admin panel", "sidebar": sidebar, "content": content, "script": script} output := utils.Loadmustache("frame.mustache", &mapping) ctx.WriteString(output) }
//TODO: test and add to tests //RIPEMD-160 operation for bitcoin address hashing func Ripemd(b []byte) []byte { //ripemd hashing of the sha hash var h hash.Hash = ripemd160.New() h.Write(b) return h.Sum(nil) //return }
// computeHash - Calculates MD5 and SHA256 for an input read Seeker. func (c Client) computeHash(reader io.ReadSeeker) (md5Sum, sha256Sum []byte, size int64, err error) { // MD5 and SHA256 hasher. var hashMD5, hashSHA256 hash.Hash // MD5 and SHA256 hasher. hashMD5 = md5.New() hashWriter := io.MultiWriter(hashMD5) if c.signature.isV4() { hashSHA256 = sha256.New() hashWriter = io.MultiWriter(hashMD5, hashSHA256) } size, err = io.Copy(hashWriter, reader) if err != nil { return nil, nil, 0, err } // Seek back reader to the beginning location. if _, err := reader.Seek(0, 0); err != nil { return nil, nil, 0, err } // Finalize md5shum and sha256 sum. md5Sum = hashMD5.Sum(nil) if c.signature.isV4() { sha256Sum = hashSHA256.Sum(nil) } return md5Sum, sha256Sum, size, nil }
func SHA1(s string) (r string) { var h hash.Hash h = sha1.New() io.WriteString(h, s) r = hex.EncodeToString(h.Sum(nil)) return }
// TsigVerify verifies the TSIG on a message. // If the signature does not validate err contains the // error, otherwise it is nil. func TsigVerify(msg []byte, secret, requestMAC string, timersOnly bool) error { rawsecret, err := packBase64([]byte(secret)) if err != nil { return err } // Srtip the TSIG from the incoming msg stripped, tsig, err := stripTsig(msg) if err != nil { return err } buf := tsigBuffer(stripped, tsig, requestMAC, timersOnly) ti := uint64(time.Now().Unix()) - tsig.TimeSigned if uint64(tsig.Fudge) < ti { return ErrTime } var h hash.Hash switch tsig.Algorithm { case HmacMD5: h = hmac.New(md5.New, []byte(rawsecret)) case HmacSHA1: h = hmac.New(sha1.New, []byte(rawsecret)) case HmacSHA256: h = hmac.New(sha256.New, []byte(rawsecret)) default: return ErrKeyAlg } io.WriteString(h, string(buf)) if strings.ToUpper(hex.EncodeToString(h.Sum(nil))) != strings.ToUpper(tsig.MAC) { return ErrSig } return nil }
func (c *Client) PutObject(name, bucket string, md5 hash.Hash, size int64, body io.Reader) error { req := newReq("http://" + bucket + ".s3.amazonaws.com/" + name) req.Method = "PUT" req.ContentLength = size if md5 != nil { b64 := new(bytes.Buffer) encoder := base64.NewEncoder(base64.StdEncoding, b64) encoder.Write(md5.Sum(nil)) encoder.Close() req.Header.Set("Content-MD5", b64.String()) } c.Auth.SignRequest(req) req.Body = ioutil.NopCloser(body) res, err := c.httpClient().Do(req) if res != nil && res.Body != nil { defer res.Body.Close() } if err != nil { return err } if res.StatusCode != 200 { res.Write(os.Stderr) return fmt.Errorf("Got response code %d from s3", res.StatusCode) } return nil }
func passwordToKey(proto AuthProtocol, password string, engineId []byte) []byte { var h hash.Hash switch proto { case Md5: h = md5.New() case Sha: h = sha1.New() } pass := []byte(password) plen := len(pass) for i := mega / plen; i > 0; i-- { h.Write(pass) } remain := mega % plen if remain > 0 { h.Write(pass[:remain]) } ku := h.Sum(nil) h.Reset() h.Write(ku) h.Write(engineId) h.Write(ku) return h.Sum(nil) }
func (s *S) TestSendMessageWithAttributes(c *C) { testServer.PrepareResponse(200, nil, TestSendMessageXmlOK) q := &Queue{s.sqs, testServer.URL + "/123456789012/testQueue/"} attrs := map[string]string{ "test_attribute_name_1": "test_attribute_value_1", } resp, err := q.SendMessageWithAttributes("This is a test message", attrs) req := testServer.WaitRequest() c.Assert(req.Method, Equals, "GET") c.Assert(req.URL.Path, Equals, "/123456789012/testQueue/") c.Assert(req.Header["Date"], Not(Equals), "") var attrsHash = md5.New() attrsHash.Write(encodeMessageAttribute("test_attribute_name_1")) attrsHash.Write(encodeMessageAttribute("String")) attrsHash.Write([]byte{1}) attrsHash.Write(encodeMessageAttribute("test_attribute_value_1")) c.Assert(resp.MD5OfMessageAttributes, Equals, fmt.Sprintf("%x", attrsHash.Sum(nil))) msg := "This is a test message" var h hash.Hash = md5.New() h.Write([]byte(msg)) c.Assert(resp.MD5, Equals, fmt.Sprintf("%x", h.Sum(nil))) c.Assert(resp.Id, Equals, "5fea7756-0ea4-451a-a703-a558b933e274") c.Assert(err, IsNil) }
// VerifySignatureV3 returns nil iff sig is a valid signature, made by this // public key, of the data hashed into signed. signed is mutated by this call. func (pk *PublicKeyV3) VerifySignatureV3(signed hash.Hash, sig *SignatureV3) (err error) { if !pk.CanSign() { return errors.InvalidArgumentError("public key cannot generate signatures") } suffix := make([]byte, 5) suffix[0] = byte(sig.SigType) binary.BigEndian.PutUint32(suffix[1:], uint32(sig.CreationTime.Unix())) signed.Write(suffix) hashBytes := signed.Sum(nil) if hashBytes[0] != sig.HashTag[0] || hashBytes[1] != sig.HashTag[1] { return errors.SignatureError("hash tag doesn't match") } if pk.PubKeyAlgo != sig.PubKeyAlgo { return errors.InvalidArgumentError("public key and signature use different algorithms") } switch pk.PubKeyAlgo { case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly: if err = rsa.VerifyPKCS1v15(pk.PublicKey, sig.Hash, hashBytes, sig.RSASignature.bytes); err != nil { return errors.SignatureError("RSA verification failure") } return default: // V3 public keys only support RSA. panic("shouldn't happen") } panic("unreachable") }
func calculateRef(h hash.Hash, data []byte) *Ref { var tmp [RefLen]byte h.Reset() h.Write(data) mac := h.Sum(tmp[:0]) return RefFromBytes(mac) }