-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathhashing.go
96 lines (86 loc) · 2.29 KB
/
hashing.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
package natrium
// #cgo darwin CFLAGS: -I/usr/local/include
// #cgo darwin LDFLAGS: /usr/local/lib/libsodium.a
// #cgo linux windows android LDFLAGS: -Wl,-Bstatic -lsodium -Wl,-Bdynamic
// #include <stdio.h>
// #include <sodium.h>
import "C"
import (
"hash"
"unsafe"
)
type b2bHasher struct {
state [384]byte
orgstate [384]byte
}
func (bh *b2bHasher) cstate() *C.struct_crypto_generichash_blake2b_state {
return (*C.struct_crypto_generichash_blake2b_state)(unsafe.Pointer(&bh.state))
}
func (bh *b2bHasher) Sum(b []byte) []byte {
out := make([]byte, 32)
rv := C.crypto_generichash_final(bh.cstate(), (*C.uchar)(&out[0]), 32)
if rv != 0 {
panic("crypto_generichash_final returned non-zero")
}
return append(b, out...)
}
func (bh *b2bHasher) Write(b []byte) (int, error) {
rv := C.crypto_generichash_update(bh.cstate(), (*C.uchar)(&b[0]), C.ulonglong(len(b)))
if rv != 0 {
panic("crypto_generichash_update returned non-zero")
}
return len(b), nil
}
func (bh *b2bHasher) Reset() {
bh.state = bh.orgstate
}
func (bh *b2bHasher) Size() int {
return 32
}
func (bh *b2bHasher) BlockSize() int {
return 32
}
// SecureHasher creates a Blake2b stream hasher.
func SecureHasher(key []byte) hash.Hash {
toret := new(b2bHasher)
var keyptr *C.uchar
var keylen C.size_t
if key == nil || len(key) == 0 {
keyptr = nil
} else {
keyptr = (*C.uchar)(&key[0])
keylen = C.size_t(len(key))
}
rv := C.crypto_generichash_init(toret.cstate(), keyptr, keylen, 32)
if rv != 0 {
panic("crypto_generichash_init returned non-zero!")
}
toret.orgstate = toret.state
return toret
}
// SecureHash uses the Blake2b algorithm to generate a 256-bit (32-byte)
// hash of a message with an optional key. The key parameter can be nil if
// normal hashing, instead of authenticated hashing, is wanted.
func SecureHash(message []byte, key []byte) []byte {
out := make([]byte, 32)
var keyptr *C.uchar
var msgptr *C.uchar
var keylen C.size_t
var msglen C.ulonglong
if message == nil || len(message) == 0 {
msgptr = nil
} else {
msgptr = (*C.uchar)(&message[0])
msglen = C.ulonglong(len(message))
}
if key == nil || len(key) == 0 {
keyptr = nil
} else {
keyptr = (*C.uchar)(&key[0])
keylen = C.size_t(len(key))
}
C.crypto_generichash((*C.uchar)(&out[0]), 32,
msgptr, msglen,
keyptr, keylen)
return out
}