1 /* +------------------------------------+
2 * | Inspire Internet Relay Chat Daemon |
3 * +------------------------------------+
5 * InspIRCd: (C) 2002-2009 InspIRCd Development Team
6 * See: http://wiki.inspircd.org/Credits
8 * This program is free but copyrighted software; see
9 * the file COPYING for details.
11 * ---------------------------------------------------
14 /* m_sha256 - Based on m_opersha256 written by Special <john@yarbbles.com>
15 * Modified and improved by Craig Edwards, December 2006.
18 * FIPS 180-2 SHA-224/256/384/512 implementation
19 * Last update: 05/23/2005
20 * Issue date: 04/30/2005
22 * Copyright (C) 2005 Olivier Gay <olivier.gay@a3.epfl.ch>
23 * All rights reserved.
25 * Redistribution and use in source and binary forms, with or without
26 * modification, are permitted provided that the following conditions
28 * 1. Redistributions of source code must retain the above copyright
29 * notice, this list of conditions and the following disclaimer.
30 * 2. Redistributions in binary form must reproduce the above copyright
31 * notice, this list of conditions and the following disclaimer in the
32 * documentation and/or other materials provided with the distribution.
33 * 3. Neither the name of the project nor the names of its contributors
34 * may be used to endorse or promote products derived from this software
35 * without specific prior written permission.
37 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
38 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
39 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
40 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
41 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
42 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
43 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
45 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
46 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50 /* $ModDesc: Allows for SHA-256 encrypted oper passwords */
51 /* $ModDep: m_hash.h */
60 typedef unsigned int uint32_t;
63 /** An sha 256 context, used by m_opersha256
65 class SHA256Context : public classbase
70 unsigned char block[2 * SHA256_BLOCK_SIZE];
74 #define SHFR(x, n) (x >> n)
75 #define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n)))
76 #define ROTL(x, n) ((x << n) | (x >> ((sizeof(x) << 3) - n)))
77 #define CH(x, y, z) ((x & y) ^ (~x & z))
78 #define MAJ(x, y, z) ((x & y) ^ (x & z) ^ (y & z))
80 #define SHA256_F1(x) (ROTR(x, 2) ^ ROTR(x, 13) ^ ROTR(x, 22))
81 #define SHA256_F2(x) (ROTR(x, 6) ^ ROTR(x, 11) ^ ROTR(x, 25))
82 #define SHA256_F3(x) (ROTR(x, 7) ^ ROTR(x, 18) ^ SHFR(x, 3))
83 #define SHA256_F4(x) (ROTR(x, 17) ^ ROTR(x, 19) ^ SHFR(x, 10))
85 #define UNPACK32(x, str) \
87 *((str) + 3) = (uint8_t) ((x) ); \
88 *((str) + 2) = (uint8_t) ((x) >> 8); \
89 *((str) + 1) = (uint8_t) ((x) >> 16); \
90 *((str) + 0) = (uint8_t) ((x) >> 24); \
93 #define PACK32(str, x) \
95 *(x) = ((uint32_t) *((str) + 3) ) \
96 | ((uint32_t) *((str) + 2) << 8) \
97 | ((uint32_t) *((str) + 1) << 16) \
98 | ((uint32_t) *((str) + 0) << 24); \
101 /* Macros used for loops unrolling */
103 #define SHA256_SCR(i) \
105 w[i] = SHA256_F4(w[i - 2]) + w[i - 7] \
106 + SHA256_F3(w[i - 15]) + w[i - 16]; \
109 const unsigned int sha256_h0[8] =
111 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
112 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
115 uint32_t sha256_k[64] =
117 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
118 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
119 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
120 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
121 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
122 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
123 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
124 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
125 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
126 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
127 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
128 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
129 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
130 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
131 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
132 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
135 const char* const hxc("0123456789abcdef");
137 class ModuleSHA256 : public Module
139 void SHA256Init(SHA256Context *ctx, const unsigned int* ikey)
143 for (int i = 0; i < 8; i++)
148 for (int i = 0; i < 8; i++)
149 ctx->h[i] = sha256_h0[i];
155 void SHA256Transform(SHA256Context *ctx, unsigned char *message, unsigned int block_nb)
159 unsigned char *sub_block;
160 for (unsigned int i = 1; i <= block_nb; i++)
163 sub_block = message + ((i - 1) << 6);
165 for (j = 0; j < 16; j++)
166 PACK32(&sub_block[j << 2], &w[j]);
167 for (j = 16; j < 64; j++)
169 for (j = 0; j < 8; j++)
171 for (j = 0; j < 64; j++)
173 uint32_t t1 = wv[7] + SHA256_F2(wv[4]) + CH(wv[4], wv[5], wv[6]) + sha256_k[j] + w[j];
174 uint32_t t2 = SHA256_F1(wv[0]) + MAJ(wv[0], wv[1], wv[2]);
184 for (j = 0; j < 8; j++)
189 void SHA256Update(SHA256Context *ctx, unsigned char *message, unsigned int len)
192 * XXX here be dragons!
193 * After many hours of pouring over this, I think I've found the problem.
194 * When Special created our module from the reference one, he used:
196 * unsigned int rem_len = SHA256_BLOCK_SIZE - ctx->len;
198 * instead of the reference's version of:
200 * unsigned int tmp_len = SHA256_BLOCK_SIZE - ctx->len;
201 * unsigned int rem_len = len < tmp_len ? len : tmp_len;
203 * I've changed back to the reference version of this code, and it seems to work with no errors.
204 * So I'm inclined to believe this was the problem..
205 * -- w00t (January 06, 2008)
207 unsigned int tmp_len = SHA256_BLOCK_SIZE - ctx->len;
208 unsigned int rem_len = len < tmp_len ? len : tmp_len;
211 memcpy(&ctx->block[ctx->len], message, rem_len);
212 if (ctx->len + len < SHA256_BLOCK_SIZE)
217 unsigned int new_len = len - rem_len;
218 unsigned int block_nb = new_len / SHA256_BLOCK_SIZE;
219 unsigned char *shifted_message = message + rem_len;
220 SHA256Transform(ctx, ctx->block, 1);
221 SHA256Transform(ctx, shifted_message, block_nb);
222 rem_len = new_len % SHA256_BLOCK_SIZE;
223 memcpy(ctx->block, &shifted_message[block_nb << 6],rem_len);
225 ctx->tot_len += (block_nb + 1) << 6;
228 void SHA256Final(SHA256Context *ctx, unsigned char *digest)
230 unsigned int block_nb = (1 + ((SHA256_BLOCK_SIZE - 9) < (ctx->len % SHA256_BLOCK_SIZE)));
231 unsigned int len_b = (ctx->tot_len + ctx->len) << 3;
232 unsigned int pm_len = block_nb << 6;
233 memset(ctx->block + ctx->len, 0, pm_len - ctx->len);
234 ctx->block[ctx->len] = 0x80;
235 UNPACK32(len_b, ctx->block + pm_len - 4);
236 SHA256Transform(ctx, ctx->block, block_nb);
237 for (int i = 0 ; i < 8; i++)
238 UNPACK32(ctx->h[i], &digest[i << 2]);
241 void SHA256(const char *src, char *dest, unsigned int len)
244 unsigned char bytehash[SHA256_DIGEST_SIZE];
246 SHA256Init(&ctx, NULL);
247 SHA256Update(&ctx, (unsigned char *)src, len);
248 SHA256Final(&ctx, bytehash);
251 for (int i = 0; i < SHA256_DIGEST_SIZE; i++)
253 dest[j++] = hxc[bytehash[i] / 16];
254 dest[j++] = hxc[bytehash[i] % 16];
262 ServerInstance->Modules->PublishInterface("HashRequest", this);
265 virtual ~ModuleSHA256()
267 ServerInstance->Modules->UnpublishInterface("HashRequest", this);
271 void OnRequest(Request& request)
273 if (strcmp("HASH", request.id) == 0)
276 HashRequest& req = static_cast<HashRequest&>(request);
277 SHA256(req.data.data(), res, req.data.length());
280 else if (strcmp("NAME", request.id) == 0)
282 static_cast<HashNameRequest&>(request).response = "sha256";
288 return Version("Allows for SHA-256 encrypted oper passwords", VF_VENDOR|VF_SERVICEPROVIDER, API_VERSION);
292 MODULE_INIT(ModuleSHA256)