Merge pull request #234 from cppalliance/hash_drbg

Rewrite the HASH DRBG base class for C++20
cppalliance · Feb 4, 2025 · 4d20888 · 4d20888
2 parents 6cafb99 + 728e70e
commit 4d20888
Show file tree

Hide file tree

Showing 10 changed files with 892 additions and 226 deletions.
diff --git a/include/boost/crypt2/detail/compat.hpp b/include/boost/crypt2/detail/compat.hpp
@@ -46,10 +46,12 @@ namespace boost::crypt::compat {
 // Fixed width types
 #if BOOST_CRYPT_HAS_CUDA
 using size_t = cuda::std::size_t;
+using uint16_t = cuda::std::uint16_t;
 using uint32_t = cuda::std::uint32_t;
 using uint64_t = cuda::std::uint64_t;
 #else
 using size_t = std::size_t;
+using uint16_t = std::uint16_t;
 using uint32_t = std::uint32_t;
 using uint64_t = std::uint64_t;
 #endif
@@ -200,7 +202,7 @@ struct is_span<const span<T, Extent>> : true_type {};
 template<typename T>
 inline constexpr bool is_span_v = is_span<T>::value;
 
-template <typename R>
+template <sized_range R>
 BOOST_CRYPT_GPU_ENABLED constexpr auto make_span(R&& r)
 {
     if constexpr (is_span_v<remove_cvref_t<R>>)
@@ -213,11 +215,22 @@ BOOST_CRYPT_GPU_ENABLED constexpr auto make_span(R&& r)
     }
     else
     {
+        // Since we know that this is a sized range creating the span should also be safe
+        #if defined(__clang__) && __clang_major__ >= 19
+        #pragma clang diagnostic push
+        #pragma clang diagnostic ignored "-Wunsafe-buffer-usage"
+        #endif
+
         #if BOOST_CRYPT_HAS_CUDA
         return cuda::std::span{cuda::std::forward<R>(r).data(), cuda::std::forward<R>(r).size()};
         #else
         return std::span{std::forward<R>(r).data(), std::forward<R>(r).size()};
         #endif
+
+        #if defined(__clang__) && __clang_major__ >= 19
+        #pragma clang diagnostic push
+        #pragma clang diagnostic ignored "-Wunsafe-buffer-usage"
+        #endif
     }
 }
 

diff --git a/include/boost/crypt2/drbg/detail/hash_drbg.hpp b/include/boost/crypt2/drbg/detail/hash_drbg.hpp
diff --git a/include/boost/crypt2/drbg/sha1_drbg.hpp b/include/boost/crypt2/drbg/sha1_drbg.hpp
@@ -0,0 +1,25 @@
+// Copyright 2024 Matt Borland
+// Distributed under the Boost Software License, Version 1.0.
+// https://www.boost.org/LICENSE_1_0.txt
+
+#ifndef BOOST_CRYPT2_DRBG_SHA1_DRBG_HPP
+#define BOOST_CRYPT2_DRBG_SHA1_DRBG_HPP
+
+#include <boost/crypt2/drbg/detail/hash_drbg.hpp>
+#include <boost/crypt2/hash/sha1.hpp>
+
+namespace boost::crypt {
+
+namespace drbg_detail {
+
+template <bool prediction_resistance>
+using sha1_hash_drbg_t = hash_drbg<sha1_hasher, 128U, 160U, prediction_resistance>;
+
+} // namespace drbg_detail
+
+BOOST_CRYPT_EXPORT using sha1_hash_drbg = drbg_detail::sha1_hash_drbg_t<false>;
+BOOST_CRYPT_EXPORT using sha1_hash_drbg_pr = drbg_detail::sha1_hash_drbg_t<true>;
+
+} // namespace boost::crypt
+
+#endif // BOOST_CRYPT2_DRBG_SHA1_DRBG_HPP
diff --git a/include/boost/crypt2/hash/detail/sha3_base.hpp b/include/boost/crypt2/hash/detail/sha3_base.hpp
@@ -65,6 +65,8 @@ class sha3_base final {
     template <concepts::sized_range SizedRange>
     BOOST_CRYPT_GPU_ENABLED auto process_bytes(SizedRange&& data) noexcept -> state;
 
+    BOOST_CRYPT_GPU_ENABLED_CONSTEXPR auto process_byte(const compat::byte data) noexcept -> state;
+
     BOOST_CRYPT_GPU_ENABLED_CONSTEXPR auto finalize() noexcept -> state;
 
     // SHA 3 get_digest is idempotent so make as const
@@ -330,6 +332,13 @@ BOOST_CRYPT_GPU_ENABLED auto sha3_base<digest_size, is_xof>::process_bytes(Sized
     return update(compat::as_bytes(data_span));
 }
 
+template <compat::size_t digest_size, bool is_xof>
+BOOST_CRYPT_GPU_ENABLED_CONSTEXPR auto sha3_base<digest_size, is_xof>::process_byte(const compat::byte data) noexcept -> state
+{
+    const compat::span<const compat::byte, 1> data_span {&data, 1U};
+    return update(data_span);
+}
+
 template <compat::size_t digest_size, bool is_xof>
 BOOST_CRYPT_GPU_ENABLED_CONSTEXPR auto sha3_base<digest_size, is_xof>::finalize() noexcept -> state
 {

diff --git a/include/boost/crypt2/hash/detail/sha512_base.hpp b/include/boost/crypt2/hash/detail/sha512_base.hpp
@@ -63,6 +63,8 @@ class sha512_base final
     template <concepts::sized_range SizedRange>
     BOOST_CRYPT_GPU_ENABLED auto process_bytes(SizedRange&& data) noexcept -> state;
 
+    BOOST_CRYPT_GPU_ENABLED_CONSTEXPR auto process_byte(compat::byte data) noexcept -> state;
+
     BOOST_CRYPT_GPU_ENABLED_CONSTEXPR auto finalize() noexcept -> state;
 
     [[nodiscard("Digest is the function return value")]] BOOST_CRYPT_GPU_ENABLED_CONSTEXPR
@@ -510,6 +512,13 @@ BOOST_CRYPT_GPU_ENABLED auto sha512_base<digest_size>::process_bytes(SizedRange&
     return update(compat::as_bytes(data_span));
 }
 
+template <compat::size_t digest_size>
+BOOST_CRYPT_GPU_ENABLED_CONSTEXPR auto sha512_base<digest_size>::process_byte(compat::byte data) noexcept -> state
+{
+    const compat::span<const compat::byte, 1> data_span {&data, 1U};
+    return update(data_span);
+}
+
 template <compat::size_t digest_size>
 BOOST_CRYPT_GPU_ENABLED_CONSTEXPR auto sha512_base<digest_size>::pad_message() noexcept -> void
 {

diff --git a/include/boost/crypt2/hash/detail/sha_1_2_hasher_base.hpp b/include/boost/crypt2/hash/detail/sha_1_2_hasher_base.hpp
@@ -52,7 +52,9 @@ class sha_1_2_hasher_base
     BOOST_CRYPT_GPU_ENABLED_CONSTEXPR auto process_bytes(compat::span<const compat::byte, Extent> data) noexcept -> state;
 
     template <concepts::sized_range SizedRange>
-    BOOST_CRYPT_GPU_ENABLED_CONSTEXPR auto process_bytes(SizedRange&& data) noexcept -> state;
+    BOOST_CRYPT_GPU_ENABLED auto process_bytes(SizedRange&& data) noexcept -> state;
+
+    BOOST_CRYPT_GPU_ENABLED_CONSTEXPR auto process_byte(const compat::byte data) noexcept -> state;
 
     BOOST_CRYPT_GPU_ENABLED_CONSTEXPR auto finalize() noexcept -> state;
 
@@ -231,7 +233,7 @@ BOOST_CRYPT_GPU_ENABLED_CONSTEXPR auto sha_1_2_hasher_base<digest_size, intermed
 
 template <compat::size_t digest_size, compat::size_t intermediate_hash_size>
 template <concepts::sized_range SizedRange>
-BOOST_CRYPT_GPU_ENABLED_CONSTEXPR auto sha_1_2_hasher_base<digest_size, intermediate_hash_size>::process_bytes(SizedRange&& data) noexcept -> state
+BOOST_CRYPT_GPU_ENABLED auto sha_1_2_hasher_base<digest_size, intermediate_hash_size>::process_bytes(SizedRange&& data) noexcept -> state
 {
     auto data_span {compat::make_span(compat::forward<SizedRange>(data))};
     return update(compat::as_bytes(data_span));
@@ -244,6 +246,13 @@ BOOST_CRYPT_GPU_ENABLED_CONSTEXPR auto sha_1_2_hasher_base<digest_size, intermed
     return update(data);
 }
 
+template <compat::size_t digest_size, compat::size_t intermediate_hash_size>
+BOOST_CRYPT_GPU_ENABLED_CONSTEXPR auto sha_1_2_hasher_base<digest_size, intermediate_hash_size>::process_byte(const compat::byte data) noexcept -> state
+{
+    const compat::span<const compat::byte, 1> data_span {&data, 1U};
+    return update(data_span);
+}
+
 template <compat::size_t digest_size, compat::size_t intermediate_hash_size>
 template <compat::size_t Extent>
 [[nodiscard]] BOOST_CRYPT_GPU_ENABLED_CONSTEXPR

diff --git a/test/Jamfile b/test/Jamfile
@@ -42,6 +42,8 @@ project : requirements
     <toolset>clang:<cxxflags>-Wthread-safety
     <toolset>clang:<cxxflags>-Wunused-lambda-capture
     <toolset>clang:<cxxflags>-Wassign-enum
+    <toolset>clang-19:<cxxflags>-Wunsafe-buffer-usage
+    <toolset>clang-20:<cxxflags>-Wunsafe-buffer-usage
 
     <toolset>msvc:<warnings-as-errors>on
     <toolset>clang:<warnings-as-errors>on
@@ -77,7 +79,7 @@ run test_hmac.cpp ;
 
 #run test_hmac_drbg.cpp ;
 
-#run test_hash_drbg.cpp ;
+run test_hash_drbg.cpp ;
 
 #run test_aes.cpp ;
 
@@ -86,7 +88,7 @@ run test_nist_cavs_sha1_monte.cpp ;
 run test_nist_cavs_sha1_short_long.cpp ;
 run test_nist_cavs_sha1_hmac.cpp ;
 #run test_nist_cavs_sha1_hmac_drbg.cpp ;
-#run test_nist_cavs_sha1_hash_drbg.cpp ;
+run test_nist_cavs_sha1_hash_drbg.cpp ;
 
 run test_nist_cavs_sha224_monte.cpp ;
 run test_nist_cavs_sha224_short_long.cpp ;