From eb6608e16d253ded9ee3979f236b68d4988c1da5 Mon Sep 17 00:00:00 2001
From: ame <amelia@amyy.cc>
Date: Wed, 13 Mar 2024 16:03:10 -0500
Subject: blake2{b,s} and maybe other stuff

---
 src/hash/blake2.c | 261 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 src/hash/blake2.h |  21 +++++
 2 files changed, 282 insertions(+)
 create mode 100644 src/hash/blake2.c
 create mode 100644 src/hash/blake2.h

(limited to 'src/hash')

diff --git a/src/hash/blake2.c b/src/hash/blake2.c
new file mode 100644
index 0000000..aeb48ad
--- /dev/null
+++ b/src/hash/blake2.c
@@ -0,0 +1,261 @@
+#include <stdio.h>
+#include <stdint.h>
+#include <string.h>
+#include <stdlib.h>
+#include <math.h>
+#include "sha2-256.h"
+#include "blake2.h"
+#include "../util.h"
+
+uint64_t rotr64(uint64_t w, unsigned c){
+  return (w >> c) | (w << (64 - c));
+}
+uint32_t rotr32(uint32_t w, unsigned c){
+  return (w >> c) | (w << (32 - c));
+}
+
+void mix2b(uint64_t* a, uint64_t* b, uint64_t* c, uint64_t* d, int64_t x, int64_t y){
+    *a = *a + *b + x;
+    *d = rotr64((*d ^  *a), 32);
+
+    *c += *d;
+    *b = rotr64((*b ^ *c), 24);
+
+    *a += *b + y;
+    *d = rotr64((*d ^ *a), 16);
+
+    *c += *d;
+    *b = rotr64((*b ^ *c), 63);
+}
+
+void mix2s(uint32_t* a, uint32_t* b, uint32_t* c, uint32_t* d, int32_t x, int32_t y){
+    *a = *a + *b + x;
+    *d = rotr32((*d ^  *a), 16);
+
+    *c += *d;
+    *b = rotr32((*b ^ *c), 12);
+
+    *a += *b + y;
+    *d = rotr32((*d ^ *a), 8);
+
+    *c += *d;
+    *b = rotr32((*b ^ *c), 7);
+}
+
+#define baking(type) \
+    mix2##type(&v[0], &v[4], &v[8],  &v[12], m[s[0]], m[s[1]]);\
+    mix2##type(&v[1], &v[5], &v[9],  &v[13], m[s[2]], m[s[3]]);\
+    mix2##type(&v[2], &v[6], &v[10], &v[14], m[s[4]], m[s[5]]);\
+    mix2##type(&v[3], &v[7], &v[11], &v[15], m[s[6]], m[s[7]]);\
+    \
+    mix2##type(&v[0], &v[5], &v[10], &v[15], m[s[8]],  m[s[9]]);\
+    mix2##type(&v[1], &v[6], &v[11], &v[12], m[s[10]], m[s[11]]);\
+    mix2##type(&v[2], &v[7], &v[8],  &v[13], m[s[12]], m[s[13]]);\
+    mix2##type(&v[3], &v[4], &v[9],  &v[14], m[s[14]], m[s[15]]);
+
+void compress2b(uint64_t* hash, uint8_t* inp, uint64_t compressed, int final){
+    uint64_t v[16], s[16], m[16];
+
+    #pragma unroll
+    for(int i = 0; i != 8; i++)
+        v[i] = hash[i];
+
+    for(int i = 0; i != 16; i++)
+        m[i] = ((uint64_t*)inp)[i];
+
+    v[8] = sha512_iv.h0;
+    v[9] = sha512_iv.h1;
+    v[10] = sha512_iv.h2;
+    v[11] = sha512_iv.h3;
+    v[12] = sha512_iv.h4;
+    v[13] = sha512_iv.h5;
+    v[14] = sha512_iv.h6;
+    v[15] = sha512_iv.h7;
+
+    v[12] ^= compressed;
+    v[13] ^= 0;
+    
+    if(final)
+        v[14] ^= 0xFFFFFFFFFFFFFFFF;
+
+    for(int i = 0; i != 12; i++){
+        for(int j = 0; j != 16; j++){
+            s[j] = blake2b_sigma[i%10][j];
+        }
+
+        baking(b);
+    }
+    
+    for (int i = 0; i < 8; i++) {
+        hash[i] = hash[i] ^ v[i] ^ v[i + 8];
+    }
+}
+
+void compress2s(uint32_t* hash, uint8_t* inp, uint32_t compressed, int final){
+    uint32_t v[16], s[16], m[16];
+
+    #pragma unroll
+    for(int i = 0; i != 8; i++)
+        v[i] = hash[i];
+
+    for(int i = 0; i != 16; i++)
+        m[i] = ((uint32_t*)inp)[i];
+
+    v[8] = sha512_iv.h0 >> 32;
+    v[9] = sha512_iv.h1 >> 32;
+    v[10] = sha512_iv.h2 >> 32;
+    v[11] = sha512_iv.h3 >> 32;
+    v[12] = sha512_iv.h4 >> 32;
+    v[13] = sha512_iv.h5 >> 32;
+    v[14] = sha512_iv.h6 >> 32;
+    v[15] = sha512_iv.h7 >> 32;
+
+    v[12] ^= compressed; //make this 64bit
+    v[13] ^= 0;
+    
+    if(final)
+        v[14] ^= 0xFFFFFFFFFFFFFFFF >> 32;
+
+    for(int i = 0; i != 10; i++){
+        for(int j = 0; j != 16; j++){
+            s[j] = blake2b_sigma[i][j];
+        }
+
+        baking(s);
+    }
+    
+    for (int i = 0; i < 8; i++) {
+        hash[i] = hash[i] ^ v[i] ^ v[i + 8];
+    }
+}
+
+void blake2b(char* inp, int inp_len, char* key, int key_len, int dig_len, char* buffer){
+    uint64_t hash[8];
+    
+    uint64_t iv0 = hash[0] = sha512_iv.h0;
+    uint64_t iv1 = hash[1] = sha512_iv.h1;
+    uint64_t iv2 = hash[2] = sha512_iv.h2;
+    uint64_t iv3 = hash[3] = sha512_iv.h3;
+    uint64_t iv4 = hash[4] = sha512_iv.h4;
+    uint64_t iv5 = hash[5] = sha512_iv.h5;
+    uint64_t iv6 = hash[6] = sha512_iv.h6;
+    uint64_t iv7 = hash[7] = sha512_iv.h7;
+
+    uint64_t alen = inter(inp_len, 128) + 128;
+
+    
+    //add padding
+    char* padded = calloc(alen + (128 * (key_len > 0)), sizeof * padded);
+
+    if(key_len > 0){
+        memcpy(padded, key, key_len);
+        inp_len += 128;
+    }
+
+    memcpy(padded + (128 * (key_len > 0)), inp, inp_len - (128 * (key_len > 0)));
+
+    hash[0] ^= dig_len;
+    hash[0] ^= key_len << 8;
+    hash[0] ^= 0x01010000;
+
+    uint64_t compressed = 0, bytes_remaining = inp_len;
+
+    int i = 0;
+    for(;bytes_remaining > 128; i += 2){
+        bytes_remaining -= 128;
+        compressed += 128;
+
+        compress2b(hash, (uint8_t*)padded, compressed, 0);
+        padded += 128;
+    }
+
+    compressed += bytes_remaining;
+
+    compress2b(hash, (uint8_t*)padded, compressed, 1);
+    for(int i = 0; i != dig_len; i++)sprintf(buffer, "%s%02x", buffer, (((uint8_t*)hash)[i]));
+}
+
+void blake2s(char* inp, int inp_len, char* key, int key_len, int dig_len, char* buffer){
+    uint32_t hash[8];
+    
+    uint32_t iv0 = hash[0] = sha512_iv.h0 >> 32;
+    uint32_t iv1 = hash[1] = sha512_iv.h1 >> 32;
+    uint32_t iv2 = hash[2] = sha512_iv.h2 >> 32;
+    uint32_t iv3 = hash[3] = sha512_iv.h3 >> 32;
+    uint32_t iv4 = hash[4] = sha512_iv.h4 >> 32;
+    uint32_t iv5 = hash[5] = sha512_iv.h5 >> 32;
+    uint32_t iv6 = hash[6] = sha512_iv.h6 >> 32;
+    uint32_t iv7 = hash[7] = sha512_iv.h7 >> 32;
+
+    uint32_t alen = inter(inp_len, 64) + 64;
+
+    //add padding
+    char* padded = calloc(alen + (64 * (key_len > 0)), sizeof * padded);
+    if(key_len > 0){
+        memcpy(padded, key, key_len);
+        inp_len += 64;
+    }
+    memcpy(padded + (64 * (key_len > 0)), inp, inp_len - (64 * (key_len > 0)));
+
+    hash[0] ^= dig_len;
+    hash[0] ^= key_len << 8;
+    hash[0] ^= 0x01010000;
+
+    uint64_t compressed = 0, bytes_remaining = inp_len;
+
+    int i = 0;
+    for(;bytes_remaining > 64; i += 2){
+        bytes_remaining -= 64;
+        compressed += 64;
+
+        compress2s(hash, (uint8_t*)padded, compressed, 0);
+        padded += 64;
+    }
+
+    compressed += bytes_remaining;
+
+    compress2s(hash, (uint8_t*)padded, compressed, 1);
+    for(int i = 0; i != dig_len; i++)sprintf(buffer, "%s%02x", buffer, (((uint8_t*)hash)[i]));
+}
+
+int l_blake2b(lua_State* L){
+    size_t len = 0;
+    char* a = (char*)luaL_checklstring(L, 1, &len);
+    int argv = lua_gettop(L); 
+
+    uint64_t out_len = 64;
+    if(argv > 1) out_len = luaL_checkinteger(L, 2);
+
+    char* key = NULL;
+    size_t key_len = 0;
+    if(argv > 2) key = (char*)luaL_checklstring(L, 3, &key_len);
+
+    char digest[out_len * 8];
+    memset(digest, 0, out_len * 8);
+
+    blake2b(a, len, key, key_len, out_len, digest);
+    lua_pushstring(L, digest);
+
+    return 1;
+}
+
+int l_blake2s(lua_State* L){
+    size_t len = 0;
+    char* a = (char*)luaL_checklstring(L, 1, &len);
+    int argv = lua_gettop(L); 
+
+    uint32_t out_len = 32;
+    if(argv > 1) out_len = luaL_checkinteger(L, 2);
+
+    char* key = NULL;
+    size_t key_len = 0;
+    if(argv > 2) key = (char*)luaL_checklstring(L, 3, &key_len);
+    
+    char digest[out_len * 8];
+    memset(digest, 0, out_len * 8);
+
+    blake2s(a, len, key, key_len, out_len, digest);
+    lua_pushstring(L, digest);
+
+    return 1;
+}
\ No newline at end of file
diff --git a/src/hash/blake2.h b/src/hash/blake2.h
new file mode 100644
index 0000000..cde04b3
--- /dev/null
+++ b/src/hash/blake2.h
@@ -0,0 +1,21 @@
+#include <stdint.h>
+#include "../lua.h"
+
+static const uint8_t blake2b_sigma[10][16] = {
+  { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 },
+  { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 },
+  { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 },
+  { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 },
+  { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 },
+  { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 },
+  { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 },
+  { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 },
+  { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 },
+  { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0 },
+};
+
+void blake2s(char*, int, char*, int, int, char*);
+void blake2b(char*, int, char*, int, int, char*);
+
+int l_blake2s(lua_State*);
+int l_blake2b(lua_State*);
\ No newline at end of file
-- 
cgit v1.2.3