flat assembler
> Examples and Tutorials > SHA-256 in fasm |
| Author |
|
|
Hi,
I've implemented SHA-256 in protmode fasm with the same API as OpenSSL (init/update/final). I haven't unrolled the sha loop, but I've used a lookup table to avoid root calculation. Compiled code is small (958 bytes), source licensed under MIT: https://gitlab.com/bztsrc/sha256asm Cheers, bzt |
|||
09 Nov 2018, 13:21 |
|
|
Excellent!
This is nicely done for a super-small SHA256 implementation. The one I wrote for my HeavyThing library ( here ) is about 10x larger in size. I like your coding style, well done  |
|||
|
10 Nov 2018, 23:15 |
|
|
Hi,
Thanks! I've checked your code, nicely done! You have a full, universal implementation! Mine is heaviliy optimized for 256 and one context only, because I wanted to use it in a bootloader. Unlike your's, mine is for a specific case only, no wonder it's much smaller. Cheers, bzt |
|||
|
12 Nov 2018, 10:30 |
|
|
I found bug in sha_upd()
Code:
; IN: ESI = buffer,ECX = length. Clobbers EAX,EDI.
sha_upd: mov edi,dword [sha_l]
add edi,sha_d
; for(;len--;d++) {
; ctx->d[ctx->l++]=*d;
.next: movsb
inc byte [sha_l]
; if(ctx->l==64) {
cmp byte [sha_l],64
jne @f
; sha256_t(ctx);
call sha_final.sha_t
; SHA_ADD(ctx->b[0],ctx->b[1],512);
add dword [sha_b],512
adc dword [sha_b+4],0
; ctx->l=0;
mov byte [sha_l],0
; }
@@: dec ecx
jnz sha_upd;.next ;bug in this line
ret _________________ smaller is better |
|||
|
12 Nov 2018, 23:31 |
|
|
Hi,
First of all, thank you very much for checking out my code! Why do you think that's a bug? Why should the code reload the edi register on every iteration? I think the bug is more likely not setting edi to sha_d when sha_l overflows, isn't it? I'll create a test case specially for that, and come back to you with the results. Thank you again for noticing! bzt EDIT: you were right! As it turned out all my test vectors were shorter than 64 bytes, so I haven't noticed that bug! My mistake. Now that I've also tested with "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" (length 896 bits), the problem is fixed! Playing around with NIST test vectors, I've found another one that didn't work: the empty message. Honestly I use sha for hashing disk encryption passwords, so it never popped into my mind to test it against an empty message... Anyway, I've fixed that too!
Just for the records, those fixes added 9 bytes to the code, so now it's 967 bytes long. |
|||
|
14 Nov 2018, 11:43 |
|
< Last Thread | Next Thread > |
Forum Rules:
|