add SHA-224

Readme.txt

@@ -325,7 +325,7 @@ the mailing list.
     - added support for using encoding parameters and key derivation parameters
       with public key encryption (implemented by OAEP and DL/ECIES)
     - added Camellia, SHACAL-2, Two-Track-MAC, Whirlpool, RIPEMD-320,
-      RIPEMD-128, RIPEMD-256, Base-32 coding
+      RIPEMD-128, RIPEMD-256, Base-32 coding, FIPS variant of CFB mode
     - added ThreadUserTimer for timing thread CPU usage
     - added option for password-based key derivation functions
       to iterate until a mimimum elapsed thread CPU time is reached
@@ -344,4 +344,6 @@ the mailing list.
       - fixed inability to instantiate PanamaMAC
       - fixed problems with inline documentation
 
+6.0 - added SHA-224
+
 Written by Wei Dai

TestVectors/sha.txt

@@ -10,6 +10,18 @@ Message: r15625 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 Digest: 34AA973CD4C4DAA4F61EEB2BDBAD27316534016F
 Test: Verify
 
+AlgorithmType: MessageDigest
+Name: SHA-224
+Message: "abc"
+Digest: 23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7
+Test: Verify
+Message: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+Digest: 75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525
+Test: Verify
+Message: r15625 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+Digest: 20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67
+Test: Verify
+
 AlgorithmType: MessageDigest
 Name: SHA-256
 Message: "abc"
@@ -18,6 +30,9 @@ Test: Verify
 Message: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
 Digest: 248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1
 Test: Verify
+Message: r15625 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+Digest: cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0
+Test: Verify
 
 AlgorithmType: MessageDigest
 Name: SHA-384
@@ -27,6 +42,9 @@ Test: Verify
 Message: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
 Digest: 09330c33f71147e83d192fc782cd1b4753111b173b3b05d22fa08086e3b0f712fcc7c71a557e2db966c3e9fa91746039
 Test: Verify
+Message: r15625 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+Digest: 9d0e1809716474cb086e834e310a4a1ced149e9c00f248527972cec5704c2a5b07b8b3dc38ecc4ebae97ddd87f3d8985
+Test: Verify
 
 AlgorithmType: MessageDigest
 Name: SHA-512
@@ -36,3 +54,6 @@ Test: Verify
 Message: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
 Digest: 8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909
 Test: Verify
+Message: r15625 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+Digest: e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973ebde0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b
+Test: Verify

cryptlib.h

@@ -144,7 +144,7 @@ public:
 	explicit InvalidArgument(const std::string &s) : Exception(INVALID_ARGUMENT, s) {}
 };
 
-//! exception thrown by decryption filters when trying to decrypt an invalid ciphertext
+//! exception thrown when input data is received that doesn't conform to expected format
 class CRYPTOPP_DLL InvalidDataFormat : public Exception
 {
 public:

iterhash.cpp

@@ -6,15 +6,22 @@
 
 NAMESPACE_BEGIN(CryptoPP)
 
+HashInputTooLong::HashInputTooLong(const std::string &alg)
+	: InvalidDataFormat("IteratedHashBase: input data exceeds maximum allowed by hash function " + alg)
+{
+}
+
 template <class T, class BASE> void IteratedHashBase<T, BASE>::Update(const byte *input, unsigned int len)
 {
-	HashWordType tmp = m_countLo;
+	HashWordType oldCountLo = m_countLo, oldCountHi = m_countHi;
-	if ((m_countLo = tmp + len) < tmp)
+	if ((m_countLo = oldCountLo + len) < oldCountLo)
 		m_countHi++;             // carry from low to high
 	m_countHi += SafeRightShift<8*sizeof(HashWordType)>(len);
+	if (m_countHi < oldCountHi)
+		throw HashInputTooLong(AlgorithmName());
 
 	unsigned int blockSize = BlockSize();
-	unsigned int num = ModPowerOf2(tmp, blockSize);
+	unsigned int num = ModPowerOf2(oldCountLo, blockSize);
 
 	if (num != 0)	// process left over data
 	{

iterhash.h

@@ -8,6 +8,13 @@
 
 NAMESPACE_BEGIN(CryptoPP)
 
+//! exception thrown when trying to hash more data than is allowed by a hash function
+class CRYPTOPP_DLL HashInputTooLong : public InvalidDataFormat
+{
+public:
+	explicit HashInputTooLong(const std::string &alg);
+};
+
 //! _
 template <class T, class BASE>
 class CRYPTOPP_NO_VTABLE IteratedHashBase : public BASE

regtest.cpp

@@ -28,6 +28,7 @@ void RegisterFactories()
 
 	RegisterDefaultFactoryFor<SimpleKeyAgreementDomain, DH>();
 	RegisterDefaultFactoryFor<HashTransformation, SHA1>();
+	RegisterDefaultFactoryFor<HashTransformation, SHA224>();
 	RegisterDefaultFactoryFor<HashTransformation, SHA256>();
 #ifdef WORD64_AVAILABLE
 	RegisterDefaultFactoryFor<HashTransformation, SHA384>();

sha.cpp

@@ -147,6 +147,11 @@ void SHA256::Transform(word32 *state, const word32 *data)
 	memset(T, 0, sizeof(T));
 }
 
+#undef S0
+#undef S1
+#undef s0
+#undef s1
+
 const word32 SHA256::K[64] = {
 	0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
 	0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
@@ -166,10 +171,17 @@ const word32 SHA256::K[64] = {
 	0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
 };
 
-#undef S0
+void SHA224::InitState(HashWordType *state)
-#undef S1
+{
-#undef s0
+	state[0] = 0xc1059ed8;
-#undef s1
+	state[1] = 0x367cd507;
+	state[2] = 0x3070dd17;
+	state[3] = 0xf70e5939;
+	state[4] = 0xffc00b31;
+	state[5] = 0x68581511;
+	state[6] = 0x64f98fa7;
+	state[7] = 0xbefa4fa4;
+}
 
 // *************************************************************
 

sha.h

@@ -28,6 +28,15 @@ protected:
 	static const word32 K[64];
 };
 
+//! implements the SHA-224 standard
+class SHA224 : public IteratedHashWithStaticTransform<word32, BigEndian, 64, 32, SHA224, 28>
+{
+public:
+	static void InitState(HashWordType *state);
+	static void Transform(word32 *digest, const word32 *data) {SHA256::Transform(digest, data);}
+	static const char *StaticAlgorithmName() {return "SHA-224";}
+};
+
 #ifdef WORD64_AVAILABLE
 
 //! implements the SHA-512 standard

usage.dat

@@ -68,11 +68,11 @@ Test Driver for Crypto++(R) Library, a C++ Class Library of Cryptographic Scheme
 - To run Maurer's randomness test on a file
 	cryptest mt input
 
+- To run a test script (available in TestVectors subdirectory)
+	cryptest tv filename
+
 - To run validation tests
 	cryptest v
 
 - To run benchmarks
 	cryptest b [time for each benchmark in seconds]
-
-- To run test vector file (available in TestVectors subdirectory)
-	cryptest tv filename