From c014e1f90e343292d803ae6db3bceb7b23733484 Mon Sep 17 00:00:00 2001 From: shikokuchuo <53399081+shikokuchuo@users.noreply.github.com> Date: Thu, 25 Apr 2024 11:23:10 +0100 Subject: [PATCH] removes deprecated functionality --- DESCRIPTION | 2 +- NEWS.md | 4 ++++ R/base.R | 7 ++----- README.Rmd | 2 +- README.md | 4 ++-- man/sha3.Rd | 3 +-- man/shake256.Rd | 2 +- src/secret.c | 6 +++--- tests/tests.R | 17 ++++++++--------- 9 files changed, 23 insertions(+), 24 deletions(-) diff --git a/DESCRIPTION b/DESCRIPTION index b546181..bd1d56a 100644 --- a/DESCRIPTION +++ b/DESCRIPTION @@ -1,7 +1,7 @@ Package: secretbase Type: Package Title: Cryptographic Hash and Extendable-Output Functions -Version: 0.5.0 +Version: 0.5.0.9000 Description: Fast and memory-efficient streaming hash functions. Performs direct hashing of strings, raw bytes, and files potentially larger than memory, as well as hashing in-memory objects through R's serialization mechanism, diff --git a/NEWS.md b/NEWS.md index 030e6a3..a2a3109 100644 --- a/NEWS.md +++ b/NEWS.md @@ -1,3 +1,7 @@ +# secretbase 0.5.0.9000 (development) + +* `sha3()` now only allows supplying a 'bit' argument of 224, 256, 384 or 512. + # secretbase 0.5.0 * Adds Keccak cryptographic hash algorithm. diff --git a/R/base.R b/R/base.R index 82f5043..5df872b 100644 --- a/R/base.R +++ b/R/base.R @@ -43,8 +43,7 @@ #' attributes) is hashed 'as is'. All other objects are stream hashed using #' R serialization (but without allocation of the serialized object). #' @param bits [default 256L] output size of the returned hash. Must be one of -#' 224, 256, 384 or 512. For legacy reasons (usage is deprecated), all other -#' values will return the result of \code{\link{shake256}}. +#' 224, 256, 384 or 512. #' @param convert [default TRUE] if TRUE, the hash is converted to its hex #' representation as a character string, if FALSE, output directly as a raw #' vector, or if NA, a vector of (32-bit) integer values. @@ -122,7 +121,7 @@ sha3 <- function(x, bits = 256L, convert = TRUE, file) #' shake256("secret base", convert = FALSE) #' #' # SHAKE256 hash to integer: -#' sha3("secret base", bits = 32L, convert = NA) +#' shake256("secret base", bits = 32L, convert = NA) #' #' # SHAKE256 hash a file: #' file <- tempfile(); cat("secret base", file = file) @@ -140,8 +139,6 @@ shake256 <- function(x, bits = 256L, convert = TRUE, file) #' Returns a Keccak hash of the supplied object or file. #' #' @inheritParams sha3 -#' @param bits [default 256L] output size of the returned hash. Must be one of -#' 224, 256, 384 or 512. #' #' @return A character string, raw or integer vector depending on 'convert'. #' diff --git a/README.Rmd b/README.Rmd index 8a5497d..54bf161 100644 --- a/README.Rmd +++ b/README.Rmd @@ -25,7 +25,7 @@ knitr::opts_chunk$set( Fast and memory-efficient streaming hash functions. Performs direct hashing of strings, raw bytes, and files potentially larger than memory, as well as hashing in-memory objects through R's serialization mechanism, without requiring allocation of the serialized object. -Implementations include the SHA-256, SHA-3 and Keccak cryptographic hash functions, SHAKE256 extendable-output function (XOF), and 'SipHash' pseudo-random function. +Implementations include the SHA-256, SHA-3 and 'Keccak' cryptographic hash functions, SHAKE256 extendable-output function (XOF), and 'SipHash' pseudo-random function. The SHA-3 Secure Hash Standard was published by the National Institute of Standards and Technology (NIST) in 2015 at [doi:10.6028/NIST.FIPS.202](https://dx.doi.org/10.6028/NIST.FIPS.202). SHA-3 is based on the Keccak algorithm, designed by G. Bertoni, J. Daemen, M. Peeters and G. Van Assche. The SHA-256 Secure Hash Standard was published by NIST in 2002 at . The SipHash family of pseudo-random functions by Jean-Philippe Aumasson and Daniel J. Bernstein was published in 2012 at .[1] diff --git a/README.md b/README.md index 2db63d0..e511bdf 100644 --- a/README.md +++ b/README.md @@ -19,8 +19,8 @@ hashing of strings, raw bytes, and files potentially larger than memory, as well as hashing in-memory objects through R’s serialization mechanism, without requiring allocation of the serialized object. -Implementations include the SHA-256, SHA-3 and Keccak cryptographic hash -functions, SHAKE256 extendable-output function (XOF), and ‘SipHash’ +Implementations include the SHA-256, SHA-3 and ‘Keccak’ cryptographic +hash functions, SHAKE256 extendable-output function (XOF), and ‘SipHash’ pseudo-random function. The SHA-3 Secure Hash Standard was published by the National Institute diff --git a/man/sha3.Rd b/man/sha3.Rd index da426b7..e615aa7 100644 --- a/man/sha3.Rd +++ b/man/sha3.Rd @@ -12,8 +12,7 @@ attributes) is hashed 'as is'. All other objects are stream hashed using R serialization (but without allocation of the serialized object).} \item{bits}{[default 256L] output size of the returned hash. Must be one of -224, 256, 384 or 512. For legacy reasons (usage is deprecated), all other -values will return the result of \code{\link{shake256}}.} +224, 256, 384 or 512.} \item{convert}{[default TRUE] if TRUE, the hash is converted to its hex representation as a character string, if FALSE, output directly as a raw diff --git a/man/shake256.Rd b/man/shake256.Rd index e3d581e..95d6f01 100644 --- a/man/shake256.Rd +++ b/man/shake256.Rd @@ -48,7 +48,7 @@ shake256("secret base") shake256("secret base", convert = FALSE) # SHAKE256 hash to integer: -sha3("secret base", bits = 32L, convert = NA) +shake256("secret base", bits = 32L, convert = NA) # SHAKE256 hash a file: file <- tempfile(); cat("secret base", file = file) diff --git a/src/secret.c b/src/secret.c index 68fab07..5d6b80d 100644 --- a/src/secret.c +++ b/src/secret.c @@ -324,6 +324,8 @@ static SEXP secretbase_sha3_impl(const SEXP x, const SEXP bits, const SEXP conve mbedtls_sha3_id id; if (offset < 0) { + if (bt < 8 || bt > (1 << 24)) + Rf_error("'bits' outside valid range of 8 to 2^24"); id = MBEDTLS_SHA3_SHAKE256; } else { switch(bt) { @@ -336,13 +338,11 @@ static SEXP secretbase_sha3_impl(const SEXP x, const SEXP bits, const SEXP conve case 384: id = MBEDTLS_SHA3_384 + offset; break; default: - if (offset) Rf_error("'bits' must be 224, 256, 384 or 512"); id = MBEDTLS_SHA3_SHAKE256; + Rf_error("'bits' must be 224, 256, 384 or 512"); } } - if (bt < 8 || bt > (1 << 24)) - Rf_error("'bits' outside valid range of 8 to 2^24"); const size_t sz = (size_t) (bt / 8); unsigned char buf[sz]; diff --git a/tests/tests.R b/tests/tests.R index 9b263af..29f9123 100644 --- a/tests/tests.R +++ b/tests/tests.R @@ -16,22 +16,14 @@ test_equal(sha3("secret base", bits = 224), "5511b3469d3f1a87b62ce8f0d2dc9510ec5 test_equal(sha3("secret base", bits = 384L), "79e54f865df004dde10dc2f61baf47eb4637c68d87a2baeb7fe6bc0ac983c2154835ec7deb49b16c246c0dc1d43e32f9") test_equal(sha3("secret base", bits = "512"), "31076b4690961320a761be0951eeaa9efd0c75c37137a2a50877cbebb8afcc6d7927c41a120ae8fa73fdce8fff726fcbc51d448d020240bc7455963a16e639b1") test_that(sha3("secret base", convert = FALSE), is.raw) -# SHAKE256 tests: -test_equal(sha3("secret base", bits = 32), "995ebac1") -test_equal(sha3(sha3("secret base", bits = 32, convert = FALSE), bits = 32), "4d872090") -test_that(sha3(rnorm(1e5), bits = 8196), is.character) -test_equal(sha3("secret base", bits = 32, convert = NA), -1044750695L) # Streaming serialization tests: test_equal(sha3(data.frame(a = 1, b = 2)), "05d4308e79d029b4af5604739ecc6c4efa1f602a23add0ed2d247b7407d4832f") test_equal(sha3(c("secret", "base")), "d906024c71828a10e28865a80f5e81d2cb5cd74067d44852d7039813ba62b0b6") test_equal(sha3(`attr<-`("base", "secret", "base")), "eac181cb1c64e7196c458d40cebfb8bbd6d34a1d728936a2e689465879240e2a") test_equal(sha3(NULL), "b3e37e4c5def1bfb2841b79ef8503b83d1fed46836b5b913d7c16de92966dcee") test_equal(sha3(substitute()), "9d31eb41cfb721b8040c52d574df1aacfc381d371c2b933f90792beba5160a57") -test_equal(sha3(`class<-`(sha3(character(), bits = 192, convert = FALSE), "hash"), bits = "32", convert = NA), -111175135L) # Error handling tests: -test_error(sha3("secret base", bits = 0), "'bits' outside valid range of 8 to 2^24") -test_error(sha3("secret base", bits = -1), "'bits' outside valid range of 8 to 2^24") -test_error(sha3("secret base", bits = 2^24 + 1), "'bits' outside valid range of 8 to 2^24") +test_error(sha3("secret base", bits = 6), "'bits' must be 224, 256, 384 or 512") test_error(sha3(file = NULL), "'file' must be specified as a character string") # File interface tests: hash_func <- function(file, string) { @@ -46,12 +38,19 @@ if (.Platform[["OS.type"]] == "unix") test_error(sha3(file = "~/"), "file read e test_equal(shake256("secret base"), "995ebac18dbfeb170606cbbc0f2accce85db4db0dcf4fbe4d3efaf8ccf4e0a94") test_equal(shake256("secret base", bits = 32, convert = NA), -1044750695L) test_that(shake256("secret base", convert = FALSE), is.raw) +test_equal(shake256("secret base", bits = 32), "995ebac1") +test_equal(shake256(shake256("secret base", bits = 32, convert = FALSE), bits = 32), "4d872090") +test_that(shake256(rnorm(1e5), bits = 8196), is.character) +test_equal(shake256(`class<-`(shake256(character(), bits = 192, convert = FALSE), "hash"), bits = "32", convert = NA), -111175135L) hash_func <- function(file, string) { on.exit(unlink(file)) cat(string, file = file) shake256(file = file) } test_equal(hash_func(tempfile(), "secret base"), "995ebac18dbfeb170606cbbc0f2accce85db4db0dcf4fbe4d3efaf8ccf4e0a94") +test_error(shake256("secret base", bits = 0), "'bits' outside valid range of 8 to 2^24") +test_error(shake256("secret base", bits = -1), "'bits' outside valid range of 8 to 2^24") +test_error(shake256("secret base", bits = 2^24 + 1), "'bits' outside valid range of 8 to 2^24") # Keccak tests: test_equal(keccak("secret base"), "3fc6092bbec5a434a9933b486a89fa466c1ca013d1e37ab4348ce3764f3463d1") test_equal(keccak("secret base", bits = 224), "1ddaa7776f138ff5bba898ca7530410a52d09da412c4276bda0682a8")