diff --git a/DESCRIPTION b/DESCRIPTION index 97ed55f..ffd83b9 100644 --- a/DESCRIPTION +++ b/DESCRIPTION @@ -1,7 +1,7 @@ Package: secretbase Type: Package Title: Cryptographic Hash, Extendable-Output and Base64 Functions -Version: 1.0.0.9000 +Version: 1.0.1 Description: Fast and memory-efficient streaming hash functions and base64 encoding and decoding. Performs direct hashing of strings and raw vectors. Stream hashes files potentially larger than memory, as well as in-memory diff --git a/NEWS.md b/NEWS.md index 2286469..a3c0a89 100644 --- a/NEWS.md +++ b/NEWS.md @@ -1,4 +1,4 @@ -# secretbase 1.0.0.9000 (development) +# secretbase 1.0.1 * Improved error message if argument 'convert' is not of logical type. diff --git a/README.Rmd b/README.Rmd index 5cb076f..fafafe0 100644 --- a/README.Rmd +++ b/README.Rmd @@ -37,12 +37,6 @@ Performs direct hashing of strings and raw vectors. Stream hashes files potentia Implementations include the SHA-256, SHA-3 and 'Keccak' cryptographic hash functions, SHAKE256 extendable-output function (XOF), and 'SipHash' pseudo-random function. -The SHA-3 Secure Hash Standard was published by the National Institute of Standards and Technology (NIST) in 2015 at [doi:10.6028/NIST.FIPS.202](https://dx.doi.org/10.6028/NIST.FIPS.202). SHA-3 is based on the Keccak algorithm, designed by G. Bertoni, J. Daemen, M. Peeters and G. Van Assche. - -The SHA-256 Secure Hash Standard was published by NIST in 2002 at . - -The SipHash family of pseudo-random functions by Jean-Philippe Aumasson and Daniel J. Bernstein was published in 2012 at .[1] - ### Overview ```{r secretbase} @@ -68,7 +62,7 @@ Character strings and raw vectors are hashed directly (as per the above). All other objects are stream hashed using R serialization - memory-efficient as performed without allocation of the serialized object -- portable as always uses R serialization version 3 big-endian representation, skipping headers (which contain R version and native encoding information) +- portable as always uses R serialization version 3, big-endian representation, skipping headers (which contain R version and native encoding information) ```{r streaming} sha3(data.frame(a = 1, b = 2), bits = 224L) @@ -94,7 +88,7 @@ Specify 'convert' as `NA` (and 'bits' as `32` for a single integer value): shake256("秘密の基地の中", bits = 32L, convert = NA) ``` -For use in parallel computing, this is a valid method for reducing to a negligible probability that RNGs in each process may overlap. This may be especially suitable when first-best alternatives such as using recursive streams are too expensive or unable to preserve reproducibility. [2] +For use in parallel computing, this is a valid method for reducing to a negligible probability that RNGs in each process may overlap. This may be especially suitable when first-best alternatives such as using recursive streams are too expensive or unable to preserve reproducibility. [1] #### Keccak @@ -116,7 +110,7 @@ sha256("secret base", key = "秘密の基地の中") #### SipHash SipHash-1-3 is optimized for performance.
-Pass a character string or raw vector to 'key' - up to 16 bytes (128 bits) of the key data is used: +Pass a character string or raw vector of up to 16 bytes (128 bits) to 'key': ```{r siphash} siphash13("secret base", key = charToRaw("秘密の基地の中")) ``` @@ -153,17 +147,23 @@ The current development version is available from R-universe: install.packages("secretbase", repos = "https://shikokuchuo.r-universe.dev") ``` -### Implementation Notes +### Implementation + +The SHA-3 Secure Hash Standard was published by the National Institute of Standards and Technology (NIST) in 2015 at [doi:10.6028/NIST.FIPS.202](https://dx.doi.org/10.6028/NIST.FIPS.202). SHA-3 is based on the Keccak algorithm, designed by G. Bertoni, J. Daemen, M. Peeters and G. Van Assche. + +The SHA-256 Secure Hash Standard was published by NIST in 2002 at . The SHA-256, SHA-3, Keccak, and base64 implementations are based on those by the 'Mbed TLS' Trusted Firmware Project at . +The SipHash family of pseudo-random functions by Jean-Philippe Aumasson and Daniel J. Bernstein was published in 2012 at . [2] + The SipHash implementation is based on that of Daniele Nicolodi, David Rheinsberg and Tom Gundersen at , which is in turn based on the reference implementation by Jean-Philippe Aumasson and Daniel J. Bernstein released to the public domain at . ### References -[1] Jean-Philippe Aumasson and Daniel J. Bernstein (2012), *"SipHash: a fast short-input PRF"*, Paper 2012/351, Cryptology ePrint Archive, . +[1] Pierre L’Ecuyer, David Munger, Boris Oreshkin and Richard Simard (2017), *"Random numbers for parallel computers: Requirements and methods, with emphasis on GPUs"*, Mathematics and Computers in Simulation, Vol. 135, May 2017, pp. 3-17 [doi:10.1016/j.matcom.2016.05.00](https://doi.org/10.1016/j.matcom.2016.05.005). -[2] Pierre L’Ecuyer, David Munger, Boris Oreshkin and Richard Simard (2017), *"Random numbers for parallel computers: Requirements and methods, with emphasis on GPUs"*, Mathematics and Computers in Simulation, Vol. 135, May 2017, pp. 3-17 [doi:10.1016/j.matcom.2016.05.00](https://doi.org/10.1016/j.matcom.2016.05.005). +[2] Jean-Philippe Aumasson and Daniel J. Bernstein (2012), *"SipHash: a fast short-input PRF"*, Paper 2012/351, Cryptology ePrint Archive, . ### Links diff --git a/README.md b/README.md index ffea88b..189632e 100644 --- a/README.md +++ b/README.md @@ -33,19 +33,6 @@ Implementations include the SHA-256, SHA-3 and ‘Keccak’ cryptographic hash functions, SHAKE256 extendable-output function (XOF), and ‘SipHash’ pseudo-random function. -The SHA-3 Secure Hash Standard was published by the National Institute -of Standards and Technology (NIST) in 2015 at -[doi:10.6028/NIST.FIPS.202](https://dx.doi.org/10.6028/NIST.FIPS.202). -SHA-3 is based on the Keccak algorithm, designed by G. Bertoni, J. -Daemen, M. Peeters and G. Van Assche. - -The SHA-256 Secure Hash Standard was published by NIST in 2002 at -. - -The SipHash family of pseudo-random functions by Jean-Philippe Aumasson -and Daniel J. Bernstein was published in 2012 at -.\[1\] - ### Overview ``` r @@ -78,7 +65,7 @@ All other objects are stream hashed using R serialization - memory-efficient as performed without allocation of the serialized object -- portable as always uses R serialization version 3 big-endian +- portable as always uses R serialization version 3, big-endian representation, skipping headers (which contain R version and native encoding information) @@ -115,7 +102,7 @@ For use in parallel computing, this is a valid method for reducing to a negligible probability that RNGs in each process may overlap. This may be especially suitable when first-best alternatives such as using recursive streams are too expensive or unable to preserve -reproducibility. \[2\] +reproducibility. \[1\] #### Keccak @@ -141,8 +128,7 @@ sha256("secret base", key = "秘密の基地の中") #### SipHash SipHash-1-3 is optimized for performance.
Pass a character string -or raw vector to ‘key’ - up to 16 bytes (128 bits) of the key data is -used: +or raw vector of up to 16 bytes (128 bits) to ‘key’: ``` r siphash13("secret base", key = charToRaw("秘密の基地の中")) @@ -192,12 +178,25 @@ The current development version is available from R-universe: install.packages("secretbase", repos = "https://shikokuchuo.r-universe.dev") ``` -### Implementation Notes +### Implementation + +The SHA-3 Secure Hash Standard was published by the National Institute +of Standards and Technology (NIST) in 2015 at +[doi:10.6028/NIST.FIPS.202](https://dx.doi.org/10.6028/NIST.FIPS.202). +SHA-3 is based on the Keccak algorithm, designed by G. Bertoni, J. +Daemen, M. Peeters and G. Van Assche. + +The SHA-256 Secure Hash Standard was published by NIST in 2002 at +. The SHA-256, SHA-3, Keccak, and base64 implementations are based on those by the ‘Mbed TLS’ Trusted Firmware Project at . +The SipHash family of pseudo-random functions by Jean-Philippe Aumasson +and Daniel J. Bernstein was published in 2012 at +. \[2\] + The SipHash implementation is based on that of Daniele Nicolodi, David Rheinsberg and Tom Gundersen at , which is in turn based on the reference implementation by Jean-Philippe @@ -206,16 +205,16 @@ Aumasson and Daniel J. Bernstein released to the public domain at ### References -\[1\] Jean-Philippe Aumasson and Daniel J. Bernstein (2012), *“SipHash: -a fast short-input PRF”*, Paper 2012/351, Cryptology ePrint Archive, -. - -\[2\] Pierre L’Ecuyer, David Munger, Boris Oreshkin and Richard Simard +\[1\] Pierre L’Ecuyer, David Munger, Boris Oreshkin and Richard Simard (2017), *“Random numbers for parallel computers: Requirements and methods, with emphasis on GPUs”*, Mathematics and Computers in Simulation, Vol. 135, May 2017, pp. 3-17 [doi:10.1016/j.matcom.2016.05.00](https://doi.org/10.1016/j.matcom.2016.05.005). +\[2\] Jean-Philippe Aumasson and Daniel J. Bernstein (2012), *“SipHash: +a fast short-input PRF”*, Paper 2012/351, Cryptology ePrint Archive, +. + ### Links ◈ secretbase R package: diff --git a/src/base.c b/src/base.c index 71ee14d..c9a70dc 100644 --- a/src/base.c +++ b/src/base.c @@ -259,7 +259,7 @@ static SEXP rawToChar(const unsigned char *buf, const size_t sz) { } -static inline void nano_read_bytes(R_inpstream_t stream, void *dst, int len) { +static inline void sb_read_bytes(R_inpstream_t stream, void *dst, int len) { nano_buf *buf = (nano_buf *) stream->data; if (buf->cur + len > buf->len) Rf_error("unserialization error"); @@ -269,7 +269,7 @@ static inline void nano_read_bytes(R_inpstream_t stream, void *dst, int len) { } -static inline void nano_write_bytes(R_outpstream_t stream, void *src, int len) { +static inline void sb_write_bytes(R_outpstream_t stream, void *src, int len) { nano_buf *buf = (nano_buf *) stream->data; @@ -287,7 +287,7 @@ static inline void nano_write_bytes(R_outpstream_t stream, void *src, int len) { } -void nano_serialize(nano_buf *buf, const SEXP object) { +static void sb_serialize(nano_buf *buf, const SEXP object) { NANO_ALLOC(buf, SB_INIT_BUFSIZE); @@ -299,7 +299,7 @@ void nano_serialize(nano_buf *buf, const SEXP object) { R_pstream_xdr_format, SB_SERIAL_VER, NULL, - nano_write_bytes, + sb_write_bytes, NULL, R_NilValue ); @@ -308,7 +308,7 @@ void nano_serialize(nano_buf *buf, const SEXP object) { } -SEXP nano_unserialize(unsigned char *buf, const size_t sz) { +static SEXP sb_unserialize(unsigned char *buf, const size_t sz) { nano_buf nbuf; struct R_inpstream_st input_stream; @@ -322,7 +322,7 @@ SEXP nano_unserialize(unsigned char *buf, const size_t sz) { (R_pstream_data_t) &nbuf, R_pstream_xdr_format, NULL, - nano_read_bytes, + sb_read_bytes, NULL, R_NilValue ); @@ -331,7 +331,7 @@ SEXP nano_unserialize(unsigned char *buf, const size_t sz) { } -static nano_buf nano_any_buf(const SEXP x) { +static nano_buf sb_any_buf(const SEXP x) { nano_buf buf; @@ -350,7 +350,7 @@ static nano_buf nano_any_buf(const SEXP x) { } } - nano_serialize(&buf, x); + sb_serialize(&buf, x); resume: return buf; @@ -367,7 +367,7 @@ SEXP secretbase_base64enc(SEXP x, SEXP convert) { SEXP out; size_t olen; - nano_buf hash = nano_any_buf(x); + nano_buf hash = sb_any_buf(x); xc = mbedtls_base64_encode(NULL, 0, &olen, hash.buf, hash.cur); unsigned char *buf = R_Calloc(olen, unsigned char); xc = mbedtls_base64_encode(buf, olen, &olen, hash.buf, hash.cur); @@ -425,7 +425,7 @@ SEXP secretbase_base64dec(SEXP x, SEXP convert) { out = rawToChar(buf, olen); break; default: - out = nano_unserialize(buf, olen); + out = sb_unserialize(buf, olen); } R_Free(buf); diff --git a/src/secret.c b/src/secret.c index 33203d8..fcd7c19 100644 --- a/src/secret.c +++ b/src/secret.c @@ -214,7 +214,7 @@ static void mbedtls_sha3_finish(mbedtls_sha3_context *ctx, uint8_t *output, size // secretbase - internals ------------------------------------------------------ -static inline int nano_integer(SEXP x) { +static inline int sb_integer(SEXP x) { int out; switch (TYPEOF(x)) { case INTSXP: @@ -231,7 +231,7 @@ static inline int nano_integer(SEXP x) { static void * (*const volatile secure_memset)(void *, int, size_t) = memset; #endif -inline void clear_buffer(void *buf, size_t sz) { +inline void sb_clear_buffer(void *buf, size_t sz) { #ifdef MBEDTLS_CT_ASM memset(buf, 0, sz); asm volatile ("" ::: "memory"); @@ -309,7 +309,7 @@ static void hash_object(mbedtls_sha3_context *ctx, const SEXP x) { } -SEXP hash_to_sexp(unsigned char *buf, size_t sz, int conv) { +SEXP sb_hash_sexp(unsigned char *buf, size_t sz, int conv) { SEXP out; if (conv == 0) { @@ -338,7 +338,7 @@ static SEXP secretbase_sha3_impl(const SEXP x, const SEXP bits, const SEXP conve SB_ASSERT_LOGICAL(convert); const int conv = SB_LOGICAL(convert); - const int bt = nano_integer(bits); + const int bt = sb_integer(bits); mbedtls_sha3_id id; if (offset < 0) { @@ -369,9 +369,9 @@ static SEXP secretbase_sha3_impl(const SEXP x, const SEXP bits, const SEXP conve mbedtls_sha3_starts(&ctx, id); hash_func(&ctx, x); mbedtls_sha3_finish(&ctx, buf, sz); - clear_buffer(&ctx, sizeof(mbedtls_sha3_context)); + sb_clear_buffer(&ctx, sizeof(mbedtls_sha3_context)); - return hash_to_sexp(buf, sz, conv); + return sb_hash_sexp(buf, sz, conv); } diff --git a/src/secret.h b/src/secret.h index 9a5107b..837d67e 100644 --- a/src/secret.h +++ b/src/secret.h @@ -122,8 +122,8 @@ Rf_error("serialization exceeds max length of raw vector") #define ERROR_FOPEN(x) Rf_error("file not found or no read permission at '%s'", x) #define ERROR_FREAD(x) Rf_error("file read error at '%s'", x) -void clear_buffer(void *, size_t); -SEXP hash_to_sexp(unsigned char *, size_t, int); +void sb_clear_buffer(void *, size_t); +SEXP sb_hash_sexp(unsigned char *, size_t, int); SEXP secretbase_base64enc(SEXP, SEXP); SEXP secretbase_base64dec(SEXP, SEXP); diff --git a/src/secret2.c b/src/secret2.c index c96f101..e0025a3 100644 --- a/src/secret2.c +++ b/src/secret2.c @@ -458,7 +458,7 @@ static SEXP secretbase_sha256_impl(const SEXP x, const SEXP key, const SEXP conv mbedtls_sha256_starts(&ctx); hash_func(&ctx, x); mbedtls_sha256_finish(&ctx, buf); - clear_buffer(&ctx, sizeof(mbedtls_sha256_context)); + sb_clear_buffer(&ctx, sizeof(mbedtls_sha256_context)); } else { @@ -506,11 +506,11 @@ static SEXP secretbase_sha256_impl(const SEXP x, const SEXP key, const SEXP conv mbedtls_sha256_update(&ctx, opad, SB_SHA256_BLK); mbedtls_sha256_update(&ctx, buf, SB_SHA256_SIZE); mbedtls_sha256_finish(&ctx, buf); - clear_buffer(&ctx, sizeof(mbedtls_sha256_context)); + sb_clear_buffer(&ctx, sizeof(mbedtls_sha256_context)); } - return hash_to_sexp(buf, SB_SHA256_SIZE, conv); + return sb_hash_sexp(buf, SB_SHA256_SIZE, conv); } diff --git a/src/secret3.c b/src/secret3.c index 410f69b..6548e18 100644 --- a/src/secret3.c +++ b/src/secret3.c @@ -282,7 +282,7 @@ static SEXP secretbase_siphash_impl(const SEXP x, const SEXP key, const SEXP con hash_func(&ctx, x); hash = c_siphash_finalize(&ctx); - return hash_to_sexp((unsigned char *) &hash, SB_SIPH_SIZE, conv); + return sb_hash_sexp((unsigned char *) &hash, SB_SIPH_SIZE, conv); }