flat assembler
Message board for the users of flat assembler.

Index > Windows > SHA Hashing Library

Author
Thread Post new topic Reply to topic
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP
Here is the corresponding code for my SHA-256 hashing library. I am using it personally in conjunction with AES-256 ( available in other thread ). It passes all test vectors, and just in case I have included a Win32 console app to test five different vectors. ( including the elusive zero-length hash!). Note: This code works in little-endian format.

It works great, uses good structure and coding techniques (at least in my eyes..), and is pretty optimized so far as instruction sizes ( I tried to use lodsd/stosd and such to make code smaller and faster). The pre-processing part is pretty optimized, and does not use a single 'div' instruction to calculate blocks/offsets/remainders and such. Very well working, should suit all needs!

Here are the files:

SHA.asm -> The assembler source for SHA-256 (dll format)
SHA.dll -> The library
SHAvectors.asm -> The source for the testing app
SHAvectors.exe -> The executable to test, simply double-click to test if the code works on your machine.

Have fun! (PS, I will update code as any changes are made.)


Description: Test vectors to check library.
Download
Filename: SHAvectors.zip
Filesize: 2.14 KB
Downloaded: 65 Time(s)

Description:
Download
Filename: SHA.zip
Filesize: 7.19 KB
Downloaded: 99 Time(s)



Last edited by AlexP on 23 Mar 2008, 23:40; edited 1 time in total
Post 18 Mar 2008, 03:24
View user's profile Send private message Visit poster's website Reply with quote
gunblade



Joined: 19 Feb 2004
Posts: 209
gunblade
That is some great work, ill have to give it a try, but i will first have to change it to ELF format make a small linux test app to test it with.

One thing, when you talk of optimization: lods will create smaller code, but on modern processors, will be slower than using the mov/inc(or add) alternative. So just depends which processor you were aiming for, the newer the processor, the more likely that the multi-instruction alternative will be faster than the string instructions, even though it will produce slightly larger code.

But again, great work.
Post 22 Mar 2008, 23:43
View user's profile Send private message Reply with quote
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP
Thanks, could you help me with porting to ELF? I would love to make two versions of my code, and I didn't know that about the old string instrucitons. I just use them for simplification (and smaller code), but if the mov/add 4 method is better I will definitely make a macro for that!

Well, please continue to help me with my projects, anything at all I love to hear about!
Post 23 Mar 2008, 01:00
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17658
Location: In your JS exploiting you and your system
revolution
AlexP: I suggest you download the Intel and/or AMD optimisation manuals. You don't have to guess at some of these basic optimisations, they are described in detail in the manuals.
Post 23 Mar 2008, 01:04
View user's profile Send private message Visit poster's website Reply with quote
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP
I've always had the Intel manuals, never took the time to read more than the instructions I was looking up. I'll look right now, but before I do, do you remember where that is located?

[EDIT], I just pulled over the name of the file, and WOW I feel stupid. Thanks, I'll have a good time tonight Smile. No sleep for me Smile.
Post 23 Mar 2008, 01:05
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17658
Location: In your JS exploiting you and your system
revolution
For Intel it is called "Intel 64 and IA-32 Architectures Optimisation Reference Manual". For AMDit is called "Software Optimization Guide for AMD Athlon 64 and AMD Opteron Processors". Or if not exactly, something similar.

I don't have a link handy but my website will show you how to find it Wink
Post 23 Mar 2008, 01:09
View user's profile Send private message Visit poster's website Reply with quote
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP
THanks, I'm reading it now. Will help alot with my coding, my current project I have full looping involved (except for two internal F(x)'s). It should be fun!

And right now, I'm deciding to include AES-192. It slows down key scheduling (I used the "and" instruction for modulus, with 192 I can't), and I've never seen it used! Do you think I should include it?
Post 23 Mar 2008, 01:15
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17658
Location: In your JS exploiting you and your system
revolution
AlexP wrote:
I'm deciding to include AES-192. It slows down key scheduling (I used the "and" instruction for modulus, with 192 I can't), ...
I doubt you will see any speed difference in a real application. Have you actually timed it or are you just assuming the speed hit is large?
AlexP wrote:
... and I've never seen it used! Do you think I should include it?
Sure, make a complete set, then you won't have to worry about including it later when someone says they want it.
Post 23 Mar 2008, 01:36
View user's profile Send private message Visit poster's website Reply with quote
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP
Quote:
Have you actually timed it or are you just assuming the speed hit is large?

Mostly assuming, it does take another jcc after all. I'll spend a while making it good, unroll it a little bit (60 maxiumum iterations, I'm unrolling to do 4 or 8 at a time. ). This should open up some new optimization areas, I'll think it over tonight of how to coordinate it.

Something I read, it never occured to me to do this:
Code:
; C code

If (I % 16 == 0)
...

; Optimized
test eax, 0x0F
jnz AfterLoop
    

Yes, it sometimes does take someone saying it right to my face for me to realize something... I'm taking note of many tips in the manual, I'll be sure to integrate into my code!
Post 23 Mar 2008, 02:08
View user's profile Send private message Visit poster's website Reply with quote
gunblade



Joined: 19 Feb 2004
Posts: 209
gunblade
SHA ELF code below, again, not a shared library, simply static code you can compile into your program.

to compile:
Code:
export fasm=/location/to/include
fasm SHA.asm
fasm SHAvectors.asm
ld -m elf_i386 -o SHAvectors SHAvectors.o SHA.o
    


Tests all seem to pass fine.

This code required a bit more changes than the AES code due to the allocation of memory. I replaced the VirtualAlloc with a mmap() call, reading from /dev/zero (a device that simply keeps outputting zero's when read) so it does basically the same thing, allocates a chunk of zero'ed memory.


Description: Also updated to use ifdef
Download
Filename: SHA.asm
Filesize: 12.4 KB
Downloaded: 58 Time(s)

Description: Updated SHA Vectors which contains if defined SYS_LIN for ease of integration with the windows specific code
Download
Filename: SHAvectors.asm
Filesize: 2.32 KB
Downloaded: 42 Time(s)



Last edited by gunblade on 24 Mar 2008, 02:59; edited 2 times in total
Post 23 Mar 2008, 16:29
View user's profile Send private message Reply with quote
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP
Wow, I can't thank you enough! Is this the standard for hwo ELF's work, I mean ( other than the interrupts), will those lines work for exporting functions and such? I'll definitely make my next project in both versions.

And for some WIndows API calls, like generating cryptographically-secure random numbers, is there such a safe way on Linux? Whatever there is, I'll have to keep in touch with you!

[EDIT] Yes, it was just luck that I decided to start working again only minutes after you posted Smile. I just woke up, apparently at the perfect time too!
Post 23 Mar 2008, 16:58
View user's profile Send private message Visit poster's website Reply with quote
gunblade



Joined: 19 Feb 2004
Posts: 209
gunblade
Those interrupts are the standard way to call the kernel functions such as open, read, mmap, etc.. under linux. BSD use a similar system, but there are slight differences (the way parameters are passed, and the actual numbers to pass for each function). So that code is Linux dependent, but in a totally standard ELF way. The "public" declarations are the normal way to declare functions that can be used by another program. Sadly it doesnt work the same in ELF and PE, so if you want to keep your project in both formats, youll have to have two completely separate pieces of code, (or maybe you could put the main code into a separate file which you "include" into the ELF/PE specific code, up to you.

As for random numbers, you can use /dev/urandom as a source of pseudorandom numbers, /dev/random for a much more random source (generated somewhere in the kernel, using user-based entropy.. I/O's and such), and then i believe OpenSSL have some kind of "secure random source", so it would be possible to look at their source for that, and see how they come across this random source.
Post 23 Mar 2008, 21:13
View user's profile Send private message Reply with quote
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP
I'll look into that, and for the ELF/PE includes I will just do
Code:
SYS_WIN = 1
SYS_LIN   = 0

; user define SYS_WIN or SYS_LIN
define SYSTEM SYS_WIN

if defined SYS_WIN
...
else
...
endif
    

Something of the sort, or simpler but I like readability.
Post 23 Mar 2008, 21:33
View user's profile Send private message Visit poster's website Reply with quote
gunblade



Joined: 19 Feb 2004
Posts: 209
gunblade
Thats not a bad idea, I could do that with the code you currently have up, and the copy of my code I have, the only downside is if youve made any further progress to your code, you would have to then integrate the two changes. I could simply do the linux side of it, (ifdef SYS_LIN...), and then upload a copy of that, then you can copy/paste into your up-to-date code.

Edit: Done, code above has been updated to include if defined SYS_LIN around all linux-specific code.
Post 23 Mar 2008, 21:39
View user's profile Send private message Reply with quote
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP
Hmm, seem to have deleted SHA test program by accident, hold up a minute, I'll put it back...
Post 23 Mar 2008, 23:38
View user's profile Send private message Visit poster's website Reply with quote
wht36



Joined: 18 Sep 2005
Posts: 106
wht36
Hi, can I ask is there a way to build up the hash progressively (for calculating sha256 on files). Sorry, I don't have any understanding of how it works...
Post 16 Jun 2009, 06:23
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17658
Location: In your JS exploiting you and your system
revolution
wht36 wrote:
Hi, can I ask is there a way to build up the hash progressively (for calculating sha256 on files). Sorry, I don't have any understanding of how it works...
Yes, SHA is designed for this purpose, you can just keep building and then close when you are ready. Good if you are streaming data.
Post 16 Jun 2009, 14:52
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.