Here is the corresponding code for my SHA-256 hashing library. I am using it personally in conjunction with AES-256 ( available in other thread ). It passes all test vectors, and just in case I have included a Win32 console app to test five different vectors. ( including the elusive zero-length hash!). Note: This code works in little-endian format.

It works great, uses good structure and coding techniques (at least in my eyes..), and is pretty optimized so far as instruction sizes ( I tried to use lodsd/stosd and such to make code smaller and faster). The pre-processing part is pretty optimized, and does not use a single 'div' instruction to calculate blocks/offsets/remainders and such. Very well working, should suit all needs!

Here are the files:

SHA.asm -> The assembler source for SHA-256 (dll format)
SHA.dll -> The library
SHAvectors.asm -> The source for the testing app
SHAvectors.exe -> The executable to test, simply double-click to test if the code works on your machine.

Have fun! (PS, I will update code as any changes are made.)

That is some great work, ill have to give it a try, but i will first have to change it to ELF format make a small linux test app to test it with.

One thing, when you talk of optimization: lods will create smaller code, but on modern processors, will be slower than using the mov/inc(or add) alternative. So just depends which processor you were aiming for, the newer the processor, the more likely that the multi-instruction alternative will be faster than the string instructions, even though it will produce slightly larger code.

But again, great work.

Thanks, could you help me with porting to ELF? I would love to make two versions of my code, and I didn't know that about the old string instrucitons. I just use them for simplification (and smaller code), but if the mov/add 4 method is better I will definitely make a macro for that!

Well, please continue to help me with my projects, anything at all I love to hear about!

AlexP: I suggest you download the Intel and/or AMD optimisation manuals. You don't have to guess at some of these basic optimisations, they are described in detail in the manuals.

I've always had the Intel manuals, never took the time to read more than the instructions I was looking up. I'll look right now, but before I do, do you remember where that is located?

[EDIT], I just pulled over the name of the file, and WOW I feel stupid. Thanks, I'll have a good time tonight . No sleep for me .

For Intel it is called "Intel 64 and IA-32 Architectures Optimisation Reference Manual". For AMDit is called "Software Optimization Guide for AMD Athlon 64 and AMD Opteron Processors". Or if not exactly, something similar.

I don't have a link handy but my website will show you how to find it

THanks, I'm reading it now. Will help alot with my coding, my current project I have full looping involved (except for two internal F(x)'s). It should be fun!

And right now, I'm deciding to include AES-192. It slows down key scheduling (I used the "and" instruction for modulus, with 192 I can't), and I've never seen it used! Do you think I should include it?

I doubt you will see any speed difference in a real application. Have you actually timed it or are you just assuming the speed hit is large? Sure, make a complete set, then you won't have to worry about including it later when someone says they want it.

Mostly assuming, it does take another jcc after all. I'll spend a while making it good, unroll it a little bit (60 maxiumum iterations, I'm unrolling to do 4 or 8 at a time. ). This should open up some new optimization areas, I'll think it over tonight of how to coordinate it.

Something I read, it never occured to me to do this:

Yes, it sometimes does take someone saying it right to my face for me to realize something... I'm taking note of many tips in the manual, I'll be sure to integrate into my code!

SHA ELF code below, again, not a shared library, simply static code you can compile into your program.

to compile:


Tests all seem to pass fine.

This code required a bit more changes than the AES code due to the allocation of memory. I replaced the VirtualAlloc with a mmap() call, reading from /dev/zero (a device that simply keeps outputting zero's when read) so it does basically the same thing, allocates a chunk of zero'ed memory.

Wow, I can't thank you enough! Is this the standard for hwo ELF's work, I mean ( other than the interrupts), will those lines work for exporting functions and such? I'll definitely make my next project in both versions.

And for some WIndows API calls, like generating cryptographically-secure random numbers, is there such a safe way on Linux? Whatever there is, I'll have to keep in touch with you!

[EDIT] Yes, it was just luck that I decided to start working again only minutes after you posted . I just woke up, apparently at the perfect time too!

Those interrupts are the standard way to call the kernel functions such as open, read, mmap, etc.. under linux. BSD use a similar system, but there are slight differences (the way parameters are passed, and the actual numbers to pass for each function). So that code is Linux dependent, but in a totally standard ELF way. The "public" declarations are the normal way to declare functions that can be used by another program. Sadly it doesnt work the same in ELF and PE, so if you want to keep your project in both formats, youll have to have two completely separate pieces of code, (or maybe you could put the main code into a separate file which you "include" into the ELF/PE specific code, up to you.

As for random numbers, you can use /dev/urandom as a source of pseudorandom numbers, /dev/random for a much more random source (generated somewhere in the kernel, using user-based entropy.. I/O's and such), and then i believe OpenSSL have some kind of "secure random source", so it would be possible to look at their source for that, and see how they come across this random source.

I'll look into that, and for the ELF/PE includes I will just do

Something of the sort, or simpler but I like readability.

Thats not a bad idea, I could do that with the code you currently have up, and the copy of my code I have, the only downside is if youve made any further progress to your code, you would have to then integrate the two changes. I could simply do the linux side of it, (ifdef SYS_LIN...), and then upload a copy of that, then you can copy/paste into your up-to-date code.

Edit: Done, code above has been updated to include if defined SYS_LIN around all linux-specific code.

Hmm, seem to have deleted SHA test program by accident, hold up a minute, I'll put it back...

Hi, can I ask is there a way to build up the hash progressively (for calculating sha256 on files). Sorry, I don't have any understanding of how it works...

Yes, SHA is designed for this purpose, you can just keep building and then close when you are ready. Good if you are streaming data.