cw2007/POSA_LEAKSMS
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
POSA_LEAKSMS/firmware/common/sha256_sw.c
유창욱 90f121e14c chore: import codebase with security hardening 
SHT30 온습도 모니터링 시스템 전체 소스(서버 PHP, STM32 펌웨어, SQL, 테스트).
전체 코드리뷰에서 도출된 보안 하드닝 10건 반영:
- 요청 서명 HMAC-SHA256 전환(펌웨어 sig.c/서버 config.php/호스트 패리티 동시)
- 재전송 방어 + 기본 API_KEY fail-closed + 디바이스 문자열 정제(api/sensor_data.php)
- 오프라인 SMS 중복 발송 경합 제거(cron_heartbeat.php, 원자적 선점)
- CSV 수식 주입 방지(monthly_report.php), 감사로그 회전 락(retention_cleanup.php)
- 브루트포스 카운터 원자화(login.php), 예시 TOTP 비밀키 무효화, 마이그레이션 멱등화

_backup/(하드코딩 실 비밀값 포함)·config.local.php·런타임 상태는 .gitignore 제외.
2026-06-20 09:37:40 +09:00

116 lines
4.4 KiB
C
Raw Blame History

/* =============================================================================
* sha256_sw.c - 자급식 SHA-256 (FIPS 180-4)
*
* 공개 도메인 구현(Brad Conte 계열)을 stdint 기반으로 정리한 것.
* 외부 의존성 없음 → 펌웨어 서명 및 호스트/ARM 컴파일 게이트에서 그대로 사용.
* 정확성은 sha256_selftest()의 NIST 표준 벡터로 부팅 시 검증할 수 있다.
* ===========================================================================*/
#include "sha256_backend.h"
#include <string.h>
#define ROTR(a, b) (((a) >> (b)) | ((a) << (32 - (b))))
#define CH(x, y, z) (((x) & (y)) ^ (~(x) & (z)))
#define MAJ(x, y, z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
#define EP0(x) (ROTR(x, 2) ^ ROTR(x, 13) ^ ROTR(x, 22))
#define EP1(x) (ROTR(x, 6) ^ ROTR(x, 11) ^ ROTR(x, 25))
#define SIG0(x) (ROTR(x, 7) ^ ROTR(x, 18) ^ ((x) >> 3))
#define SIG1(x) (ROTR(x, 17) ^ ROTR(x, 19) ^ ((x) >> 10))
static const uint32_t K[64] = {
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1,
0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786,
0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147,
0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b,
0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a,
0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
};
static void sha256_transform(sha256_ctx *ctx, const uint8_t data[64])
{
uint32_t a, b, c, d, e, f, g, h, t1, t2, m[64];
int i, j;
for (i = 0, j = 0; i < 16; i++, j += 4) {
m[i] = ((uint32_t)data[j] << 24) | ((uint32_t)data[j + 1] << 16) |
((uint32_t)data[j + 2] << 8) | ((uint32_t)data[j + 3]);
}
for (; i < 64; i++) {
m[i] = SIG1(m[i - 2]) + m[i - 7] + SIG0(m[i - 15]) + m[i - 16];
}
a = ctx->state[0]; b = ctx->state[1]; c = ctx->state[2]; d = ctx->state[3];
e = ctx->state[4]; f = ctx->state[5]; g = ctx->state[6]; h = ctx->state[7];
for (i = 0; i < 64; i++) {
t1 = h + EP1(e) + CH(e, f, g) + K[i] + m[i];
t2 = EP0(a) + MAJ(a, b, c);
h = g; g = f; f = e; e = d + t1;
d = c; c = b; b = a; a = t1 + t2;
}
ctx->state[0] += a; ctx->state[1] += b; ctx->state[2] += c; ctx->state[3] += d;
ctx->state[4] += e; ctx->state[5] += f; ctx->state[6] += g; ctx->state[7] += h;
}
void sha256_init(sha256_ctx *ctx)
{
ctx->bitlen = 0;
ctx->buflen = 0;
ctx->state[0] = 0x6a09e667; ctx->state[1] = 0xbb67ae85;
ctx->state[2] = 0x3c6ef372; ctx->state[3] = 0xa54ff53a;
ctx->state[4] = 0x510e527f; ctx->state[5] = 0x9b05688c;
ctx->state[6] = 0x1f83d9ab; ctx->state[7] = 0x5be0cd19;
}
void sha256_update(sha256_ctx *ctx, const uint8_t *data, size_t len)
{
for (size_t i = 0; i < len; i++) {
ctx->buffer[ctx->buflen++] = data[i];
if (ctx->buflen == 64) {
sha256_transform(ctx, ctx->buffer);
ctx->bitlen += 512;
ctx->buflen = 0;
}
}
}
void sha256_final(sha256_ctx *ctx, uint8_t out[SHA256_DIGEST_LEN])
{
uint32_t i = ctx->buflen;
ctx->bitlen += (uint64_t)ctx->buflen * 8;
/* 패딩: 0x80, 그리고 길이(64비트 빅엔디언)가 들어갈 자리까지 0 */
ctx->buffer[i++] = 0x80;
if (i > 56) {
while (i < 64) ctx->buffer[i++] = 0x00;
sha256_transform(ctx, ctx->buffer);
i = 0;
}
while (i < 56) ctx->buffer[i++] = 0x00;
for (int b = 7; b >= 0; b--) {
ctx->buffer[56 + (7 - b)] = (uint8_t)(ctx->bitlen >> (b * 8));
}
sha256_transform(ctx, ctx->buffer);
for (i = 0; i < 8; i++) {
out[i * 4 + 0] = (uint8_t)(ctx->state[i] >> 24);
out[i * 4 + 1] = (uint8_t)(ctx->state[i] >> 16);
out[i * 4 + 2] = (uint8_t)(ctx->state[i] >> 8);
out[i * 4 + 3] = (uint8_t)(ctx->state[i]);
}
}
void sha256(const uint8_t *data, size_t len, uint8_t out[SHA256_DIGEST_LEN])
{
sha256_ctx ctx;
sha256_init(&ctx);
sha256_update(&ctx, data, len);
sha256_final(&ctx, out);
}
Reference in a new issue View git blame Copy permalink