2 * InspIRCd -- Internet Relay Chat Daemon
4 * Copyright (C) 2009 Daniel De Graaf <danieldg@inspircd.org>
5 * Copyright (C) 2007-2008 Robin Burchell <robin+git@viroteck.net>
6 * Copyright (C) 2007 Dennis Friis <peavey@inspircd.org>
7 * Copyright (C) 2006 Craig Edwards <craigedwards@brainbox.cc>
9 * This file is part of InspIRCd. InspIRCd is free software: you can
10 * redistribute it and/or modify it under the terms of the GNU General Public
11 * License as published by the Free Software Foundation, version 2.
13 * This program is distributed in the hope that it will be useful, but WITHOUT
14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
18 * You should have received a copy of the GNU General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>.
23 /* m_sha256 - Based on m_opersha256 written by Special <john@yarbbles.com>
24 * Modified and improved by Craig Edwards, December 2006.
27 * FIPS 180-2 SHA-224/256/384/512 implementation
28 * Last update: 05/23/2005
29 * Issue date: 04/30/2005
31 * Copyright (C) 2005 Olivier Gay <olivier.gay@a3.epfl.ch>
32 * All rights reserved.
34 * Redistribution and use in source and binary forms, with or without
35 * modification, are permitted provided that the following conditions
37 * 1. Redistributions of source code must retain the above copyright
38 * notice, this list of conditions and the following disclaimer.
39 * 2. Redistributions in binary form must reproduce the above copyright
40 * notice, this list of conditions and the following disclaimer in the
41 * documentation and/or other materials provided with the distribution.
42 * 3. Neither the name of the project nor the names of its contributors
43 * may be used to endorse or promote products derived from this software
44 * without specific prior written permission.
46 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
47 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
48 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
49 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
50 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
51 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
52 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
53 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
54 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
55 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
59 /* $ModDesc: Allows for SHA-256 encrypted oper passwords */
68 typedef unsigned int uint32_t;
71 #define SHA256_DIGEST_SIZE (256 / 8)
72 #define SHA256_BLOCK_SIZE (512 / 8)
74 /** An sha 256 context, used by m_opersha256
81 unsigned char block[2 * SHA256_BLOCK_SIZE];
85 #define SHFR(x, n) (x >> n)
86 #define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n)))
87 #define ROTL(x, n) ((x << n) | (x >> ((sizeof(x) << 3) - n)))
88 #define CH(x, y, z) ((x & y) ^ (~x & z))
89 #define MAJ(x, y, z) ((x & y) ^ (x & z) ^ (y & z))
91 #define SHA256_F1(x) (ROTR(x, 2) ^ ROTR(x, 13) ^ ROTR(x, 22))
92 #define SHA256_F2(x) (ROTR(x, 6) ^ ROTR(x, 11) ^ ROTR(x, 25))
93 #define SHA256_F3(x) (ROTR(x, 7) ^ ROTR(x, 18) ^ SHFR(x, 3))
94 #define SHA256_F4(x) (ROTR(x, 17) ^ ROTR(x, 19) ^ SHFR(x, 10))
96 #define UNPACK32(x, str) \
98 *((str) + 3) = (uint8_t) ((x) ); \
99 *((str) + 2) = (uint8_t) ((x) >> 8); \
100 *((str) + 1) = (uint8_t) ((x) >> 16); \
101 *((str) + 0) = (uint8_t) ((x) >> 24); \
104 #define PACK32(str, x) \
106 *(x) = ((uint32_t) *((str) + 3) ) \
107 | ((uint32_t) *((str) + 2) << 8) \
108 | ((uint32_t) *((str) + 1) << 16) \
109 | ((uint32_t) *((str) + 0) << 24); \
112 /* Macros used for loops unrolling */
114 #define SHA256_SCR(i) \
116 w[i] = SHA256_F4(w[i - 2]) + w[i - 7] \
117 + SHA256_F3(w[i - 15]) + w[i - 16]; \
120 const unsigned int sha256_h0[8] =
122 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
123 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
126 uint32_t sha256_k[64] =
128 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
129 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
130 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
131 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
132 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
133 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
134 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
135 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
136 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
137 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
138 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
139 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
140 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
141 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
142 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
143 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
146 class HashSHA256 : public HashProvider
148 void SHA256Init(SHA256Context *ctx, const unsigned int* ikey)
152 for (int i = 0; i < 8; i++)
157 for (int i = 0; i < 8; i++)
158 ctx->h[i] = sha256_h0[i];
164 void SHA256Transform(SHA256Context *ctx, unsigned char *message, unsigned int block_nb)
168 unsigned char *sub_block;
169 for (unsigned int i = 1; i <= block_nb; i++)
172 sub_block = message + ((i - 1) << 6);
174 for (j = 0; j < 16; j++)
175 PACK32(&sub_block[j << 2], &w[j]);
176 for (j = 16; j < 64; j++)
178 for (j = 0; j < 8; j++)
180 for (j = 0; j < 64; j++)
182 uint32_t t1 = wv[7] + SHA256_F2(wv[4]) + CH(wv[4], wv[5], wv[6]) + sha256_k[j] + w[j];
183 uint32_t t2 = SHA256_F1(wv[0]) + MAJ(wv[0], wv[1], wv[2]);
193 for (j = 0; j < 8; j++)
198 void SHA256Update(SHA256Context *ctx, unsigned char *message, unsigned int len)
201 * XXX here be dragons!
202 * After many hours of pouring over this, I think I've found the problem.
203 * When Special created our module from the reference one, he used:
205 * unsigned int rem_len = SHA256_BLOCK_SIZE - ctx->len;
207 * instead of the reference's version of:
209 * unsigned int tmp_len = SHA256_BLOCK_SIZE - ctx->len;
210 * unsigned int rem_len = len < tmp_len ? len : tmp_len;
212 * I've changed back to the reference version of this code, and it seems to work with no errors.
213 * So I'm inclined to believe this was the problem..
214 * -- w00t (January 06, 2008)
216 unsigned int tmp_len = SHA256_BLOCK_SIZE - ctx->len;
217 unsigned int rem_len = len < tmp_len ? len : tmp_len;
220 memcpy(&ctx->block[ctx->len], message, rem_len);
221 if (ctx->len + len < SHA256_BLOCK_SIZE)
226 unsigned int new_len = len - rem_len;
227 unsigned int block_nb = new_len / SHA256_BLOCK_SIZE;
228 unsigned char *shifted_message = message + rem_len;
229 SHA256Transform(ctx, ctx->block, 1);
230 SHA256Transform(ctx, shifted_message, block_nb);
231 rem_len = new_len % SHA256_BLOCK_SIZE;
232 memcpy(ctx->block, &shifted_message[block_nb << 6],rem_len);
234 ctx->tot_len += (block_nb + 1) << 6;
237 void SHA256Final(SHA256Context *ctx, unsigned char *digest)
239 unsigned int block_nb = (1 + ((SHA256_BLOCK_SIZE - 9) < (ctx->len % SHA256_BLOCK_SIZE)));
240 unsigned int len_b = (ctx->tot_len + ctx->len) << 3;
241 unsigned int pm_len = block_nb << 6;
242 memset(ctx->block + ctx->len, 0, pm_len - ctx->len);
243 ctx->block[ctx->len] = 0x80;
244 UNPACK32(len_b, ctx->block + pm_len - 4);
245 SHA256Transform(ctx, ctx->block, block_nb);
246 for (int i = 0 ; i < 8; i++)
247 UNPACK32(ctx->h[i], &digest[i << 2]);
250 void SHA256(const char *src, unsigned char *dest, unsigned int len)
253 SHA256Init(&ctx, NULL);
254 SHA256Update(&ctx, (unsigned char *)src, len);
255 SHA256Final(&ctx, dest);
259 std::string sum(const std::string& data)
261 unsigned char bytes[SHA256_DIGEST_SIZE];
262 SHA256(data.data(), bytes, data.length());
263 return std::string((char*)bytes, SHA256_DIGEST_SIZE);
266 std::string sumIV(unsigned int* IV, const char* HexMap, const std::string &sdata)
271 HashSHA256(Module* parent) : HashProvider(parent, "hash/sha256", 32, 64) {}
274 class ModuleSHA256 : public Module
278 ModuleSHA256() : sha(this)
280 ServerInstance->Modules->AddService(sha);
285 return Version("Implements SHA-256 hashing", VF_VENDOR);
289 MODULE_INIT(ModuleSHA256)