Add SHA256 utility implementation (ros2#408)

* Add sha256 utility implementation.

Signed-off-by: Emerson Knapp <emerson.b.knapp@gmail.com>

Author: emersonknapp

CMakeLists.txt

@@ -63,6 +63,7 @@ set(rcutils_sources
   src/process.c
   src/qsort.c
   src/repl_str.c
+  src/sha256.c
   src/shared_library.c
   src/snprintf.c
   src/split.c
@@ -362,6 +363,13 @@ if(BUILD_TESTING)
     target_link_libraries(test_repl_str ${PROJECT_NAME})
   endif()
 
+  ament_add_gtest(test_sha256
+    test/test_sha256.cpp
+  )
+  if(TARGET test_sha256)
+    target_link_libraries(test_sha256 ${PROJECT_NAME})
+  endif()
+
   macro(add_dummy_shared_library target)
     add_library(${target} test/dummy_shared_library/dummy_shared_library.c)
     if(WIN32)

include/rcutils/sha256.h

@@ -0,0 +1,94 @@
+// Copyright 2023 Open Source Robotics Foundation, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+/// \file Provides a simple SHA256 algorithm for hashing.
+/// This implementation makes no security guarantees, its use case
+/// is for non-sensitive comparison of message digests
+/// Implementation originally copied from Brad Conte
+/// https://github.com/B-Con/crypto-algorithms/blob/master/sha256.c
+
+/** \file sha256.h
+ *  \brief SHA256 implementation
+ *
+ *  This contains an implementation of the SHA256 algorithm
+ *  It was originally copied from Brad Conte
+ *  https://github.com/B-Con/crypto-algorithms/blob/master/sha256.c
+ *  and modified to meet ros2 code formatting and compiler warning requirements.
+ *  Algorithm specification can be found here:
+ *  http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf
+ *  This implementation uses little endian byte order.
+ */
+
+#ifndef RCUTILS__SHA256_H_
+#define RCUTILS__SHA256_H_
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#include <stdint.h>
+
+#include "rcutils/visibility_control.h"
+
+#define RCUTILS_SHA256_BLOCK_SIZE 32
+
+typedef struct RCUTILS_PUBLIC_TYPE rcutils_sha256_ctx_s
+{
+  uint8_t data[64];
+  size_t datalen;
+  uint64_t bitlen;
+  uint32_t state[8];
+} rcutils_sha256_ctx_t;
+
+/// Initialize the sha256 algorithm context with starting state.
+/**
+ * Call this on any new context before starting to input data.
+ *
+ * \param[inout] ctx
+ * \return void
+ */
+RCUTILS_PUBLIC
+void rcutils_sha256_init(rcutils_sha256_ctx_t * ctx);
+
+/// Add data to the sha256 algorithm
+/**
+ * This may be called repeatedly on an initialized context.
+ *
+ * \param[inout] ctx Initialized sha256 context struct
+ * \param[in] data Data to add to the total message being hashed
+ * \param[in] data_len Size of the input data.
+ * \return void
+ */
+RCUTILS_PUBLIC
+void rcutils_sha256_update(rcutils_sha256_ctx_t * ctx, const uint8_t * data, size_t data_len);
+
+/// Finalize and output sha256 hash for all data added.
+/**
+ * Call only once on a context that has been initialized, and optionally updated with data.
+ *
+ * \param[inout] ctx Initialized sha256 context struct
+ * \param[out] output_hash Calculated sha256 message digest to be filled
+ * \return void
+ */
+RCUTILS_PUBLIC
+void rcutils_sha256_final(
+  rcutils_sha256_ctx_t * ctx,
+  uint8_t output_hash[RCUTILS_SHA256_BLOCK_SIZE]);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif  // RCUTILS__SHA256_H_

src/sha256.c

@@ -0,0 +1,199 @@
+// Copyright 2023 Open Source Robotics Foundation, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include <assert.h>
+#include <string.h>
+
+#include "rcutils/sha256.h"
+
+static inline size_t min(size_t a, size_t b)
+{
+  return a < b ? a : b;
+}
+
+static inline size_t max(size_t a, size_t b)
+{
+  return a > b ? a : b;
+}
+
+static inline uint32_t rotright(uint32_t a, const uint8_t b)
+{
+  assert(b < 32);
+  return (a >> b) | (a << (32 - b));
+}
+
+static inline uint32_t ch(uint32_t x, uint32_t y, uint32_t z)
+{
+  return (x & y) ^ (~x & z);
+}
+
+static inline uint32_t maj(uint32_t x, uint32_t y, uint32_t z)
+{
+  return (x & y) ^ (x & z) ^ (y & z);
+}
+
+static inline uint32_t ep0(uint32_t x)
+{
+  return rotright(x, 2) ^ rotright(x, 13) ^ rotright(x, 22);
+}
+
+static inline uint32_t ep1(uint32_t x)
+{
+  return rotright(x, 6) ^ rotright(x, 11) ^ rotright(x, 25);
+}
+
+static inline uint32_t sig0(uint32_t x)
+{
+  return rotright(x, 7) ^ rotright(x, 18) ^ (x >> 3);
+}
+
+static inline uint32_t sig1(uint32_t x)
+{
+  return rotright(x, 17) ^ rotright(x, 19) ^ (x >> 10);
+}
+
+static const uint32_t k[64] = {
+  0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+  0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+  0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+  0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+  0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+  0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+  0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+  0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+};
+
+static void sha256_transform(rcutils_sha256_ctx_t * ctx)
+{
+  uint32_t a, b, c, d, e, f, g, h, i, j, t1, t2, m[64];
+  uint8_t * data = ctx->data;
+
+  for (i = 0, j = 0; i < 16; ++i, j += 4) {
+    m[i] = (data[j] << 24) | (data[j + 1] << 16) | (data[j + 2] << 8) | (data[j + 3]);
+  }
+  for ( ; i < 64; ++i) {
+    m[i] = sig1(m[i - 2]) + m[i - 7] + sig0(m[i - 15]) + m[i - 16];
+  }
+
+  a = ctx->state[0];
+  b = ctx->state[1];
+  c = ctx->state[2];
+  d = ctx->state[3];
+  e = ctx->state[4];
+  f = ctx->state[5];
+  g = ctx->state[6];
+  h = ctx->state[7];
+
+  for (i = 0; i < 64; ++i) {
+    t1 = h + ep1(e) + ch(e, f, g) + k[i] + m[i];
+    t2 = ep0(a) + maj(a, b, c);
+    h = g;
+    g = f;
+    f = e;
+    e = d + t1;
+    d = c;
+    c = b;
+    b = a;
+    a = t1 + t2;
+  }
+
+  ctx->state[0] += a;
+  ctx->state[1] += b;
+  ctx->state[2] += c;
+  ctx->state[3] += d;
+  ctx->state[4] += e;
+  ctx->state[5] += f;
+  ctx->state[6] += g;
+  ctx->state[7] += h;
+}
+
+void rcutils_sha256_init(rcutils_sha256_ctx_t * ctx)
+{
+  ctx->datalen = 0;
+  ctx->bitlen = 0;
+  ctx->state[0] = 0x6a09e667;
+  ctx->state[1] = 0xbb67ae85;
+  ctx->state[2] = 0x3c6ef372;
+  ctx->state[3] = 0xa54ff53a;
+  ctx->state[4] = 0x510e527f;
+  ctx->state[5] = 0x9b05688c;
+  ctx->state[6] = 0x1f83d9ab;
+  ctx->state[7] = 0x5be0cd19;
+}
+
+void rcutils_sha256_update(rcutils_sha256_ctx_t * ctx, const uint8_t * data, size_t len)
+{
+  size_t i, data_remaining, block_remaining, copy_len;
+  i = 0;
+
+  while (i < len) {
+    data_remaining = len - i;
+    block_remaining = 64 - ctx->datalen;
+    copy_len = min(min(block_remaining, data_remaining), 64);
+
+    memcpy(ctx->data + ctx->datalen, data + i, copy_len);
+    ctx->datalen += copy_len;
+    i += copy_len;
+
+    if (ctx->datalen >= 64) {
+      sha256_transform(ctx);
+      ctx->bitlen += 512;
+      ctx->datalen = 0;
+    }
+  }
+}
+
+void rcutils_sha256_final(
+  rcutils_sha256_ctx_t * ctx, uint8_t output_hash[RCUTILS_SHA256_BLOCK_SIZE])
+{
+  size_t i = ctx->datalen;
+
+  // Pad whatever data is left in the buffer.
+  if (ctx->datalen < 56) {
+    ctx->data[i++] = 0x80;
+    memset(ctx->data + i, 0x00, 56 - i);
+  } else {
+    ctx->data[i++] = 0x80;
+    if (i < 64) {
+      memset(ctx->data + i, 0x00, 64 - i);
+    }
+    sha256_transform(ctx);
+    memset(ctx->data, 0, 56);
+  }
+
+  // Append to the padding the total message's length in bits and transform.
+  ctx->bitlen += ctx->datalen * 8;
+  ctx->data[63] = (uint8_t)(ctx->bitlen >> 0);
+  ctx->data[62] = (uint8_t)(ctx->bitlen >> 8);
+  ctx->data[61] = (uint8_t)(ctx->bitlen >> 16);
+  ctx->data[60] = (uint8_t)(ctx->bitlen >> 24);
+  ctx->data[59] = (uint8_t)(ctx->bitlen >> 32);
+  ctx->data[58] = (uint8_t)(ctx->bitlen >> 40);
+  ctx->data[57] = (uint8_t)(ctx->bitlen >> 48);
+  ctx->data[56] = (uint8_t)(ctx->bitlen >> 56);
+  sha256_transform(ctx);
+
+  // Since this implementation uses little endian byte ordering and SHA uses big endian,
+  // reverse all the bytes when copying the final state to the output hash.
+  for (i = 0; i < 4; ++i) {
+    output_hash[i + 0] = (ctx->state[0] >> (24 - i * 8)) & 0x000000ff;
+    output_hash[i + 4] = (ctx->state[1] >> (24 - i * 8)) & 0x000000ff;
+    output_hash[i + 8] = (ctx->state[2] >> (24 - i * 8)) & 0x000000ff;
+    output_hash[i + 12] = (ctx->state[3] >> (24 - i * 8)) & 0x000000ff;
+    output_hash[i + 16] = (ctx->state[4] >> (24 - i * 8)) & 0x000000ff;
+    output_hash[i + 20] = (ctx->state[5] >> (24 - i * 8)) & 0x000000ff;
+    output_hash[i + 24] = (ctx->state[6] >> (24 - i * 8)) & 0x000000ff;
+    output_hash[i + 28] = (ctx->state[7] >> (24 - i * 8)) & 0x000000ff;
+  }
+}

test/test_sha256.cpp

@@ -0,0 +1,75 @@
+// Copyright 2023 Open Source Robotics Foundation, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include <gtest/gtest.h>
+
+#include "rcutils/sha256.h"
+
+TEST(TestSHA256, test_text1) {
+  uint8_t text1[] = {"abc"};
+  size_t text1_len = sizeof(text1) - 1;
+  uint8_t expected_hash1[RCUTILS_SHA256_BLOCK_SIZE] = {
+    0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
+    0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
+    0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
+    0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad};
+  uint8_t buf[RCUTILS_SHA256_BLOCK_SIZE];
+
+
+  rcutils_sha256_ctx_t ctx;
+  rcutils_sha256_init(&ctx);
+  rcutils_sha256_update(&ctx, text1, text1_len);
+  rcutils_sha256_final(&ctx, buf);
+
+  ASSERT_EQ(0, memcmp(expected_hash1, buf, RCUTILS_SHA256_BLOCK_SIZE));
+}
+
+TEST(TestSHA256, test_text2) {
+  uint8_t text2[] = {"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"};
+  size_t text2_len = sizeof(text2) - 1;
+  uint8_t expected_hash2[RCUTILS_SHA256_BLOCK_SIZE] = {
+    0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8,
+    0xe5, 0xc0, 0x26, 0x93, 0x0c, 0x3e, 0x60, 0x39,
+    0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67,
+    0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1};
+  uint8_t buf[RCUTILS_SHA256_BLOCK_SIZE];
+
+  rcutils_sha256_ctx_t ctx;
+  rcutils_sha256_init(&ctx);
+  rcutils_sha256_update(&ctx, text2, text2_len);
+  rcutils_sha256_final(&ctx, buf);
+
+  ASSERT_EQ(0, memcmp(expected_hash2, buf, RCUTILS_SHA256_BLOCK_SIZE));
+}
+
+TEST(TestSHA256, test_multi_update) {
+  uint8_t text[] = {"aaaaaaaaaa"};
+  size_t text_len = sizeof(text) - 1;
+
+  uint8_t expected_hash[RCUTILS_SHA256_BLOCK_SIZE] = {
+    0x28, 0x16, 0x59, 0x78, 0x88, 0xe4, 0xa0, 0xd3,
+    0xa3, 0x6b, 0x82, 0xb8, 0x33, 0x16, 0xab, 0x32,
+    0x68, 0x0e, 0xb8, 0xf0, 0x0f, 0x8c, 0xd3, 0xb9,
+    0x04, 0xd6, 0x81, 0x24, 0x6d, 0x28, 0x5a, 0x0e};
+  uint8_t buf[RCUTILS_SHA256_BLOCK_SIZE];
+
+  rcutils_sha256_ctx_t ctx;
+  rcutils_sha256_init(&ctx);
+  for (int i = 0; i < 10; i++) {
+    rcutils_sha256_update(&ctx, text, text_len);
+  }
+  rcutils_sha256_final(&ctx, buf);
+
+  ASSERT_EQ(0, memcmp(expected_hash, buf, RCUTILS_SHA256_BLOCK_SIZE));
+}