FEHASHMAC Version 1.3.0 02.01.2015
Download
The latest and all earlier releases can be downloaded from
http://fehashmac.sourceforge.net
0. New Features
02.01.2015: The 6 SHA3 algorithms are now supported, based on the
Draft FIPS Pub 202 (May 2014): sha3-224, sha3-256,
sha3-384, sha3-512 and the two extendable output functions
(XOF) shake128 and shake256. Test vectors are included.
Our implementation is based on the reference implementation,
a more efficient implementation will follow in an update.
28.01.2012: Multiple algorithms (including HMACs) can be specified
simultaneously. The data files are read only once, and all
hashes are calculated in parallel.
As an option, algorithm "all" expands to the list of all
known algorithms, which are thus calculated in parallel for
each data file or string.
Likewise, algorithm "hmac-all" expands to all known
HMAC algorithms.
The results of the --check option and the test cases are
nicely summarized.
29.03.2011: Support for the sha512-224 sha512-256 algorithms
14.04.2011: HMAC test vectors added for MD5, SHA1, RMD128, RMD160.
List of algorithms is now sorted alphabetically.
13.04.2011: Support for all SHA-3 finalists: BLAKE, GROESTL, JH, KECCAK,
SKEIN for 224. 256. 384, 512 bits hash length,
SKEIN also for 1024 bits.
They all support bitwise operation, bitwise test vectors are
included (taken from the SHA-3 submissions).
HMAC support upgraded to FIPS PUB 198-1 (2008),
HMAC test vectors added for sha{224, 256, 384, 512}.
1. Purpose
FEHASHMAC is a collection of publicly known hash algorithms integrated
into a command-line utility. FEHASHMAC also contains a set
of known test vectors and results for each algorithm
such that the correct implementation for each hardware
platform and compiler version can directly be verified.
FEHASHMAC supports bitwise hash calculation for algorithms with
available bitwise test vectors. Currently this applies to
the SHA algorithms: sha1, sha224, sha256, sha384, sha512,
and to the SHA-3 finalists. The so-called Gillogly bitwise
input has only been tested for sha1, but is also implemented
in the SHA-2 hashes.
Bitwise hash calculation is also supported in sha512-224, sha512-256,
whirl, but there are no bitwise test vectors available.
FEHASHMAC can also calculate hashed message authentication codes (HMAC)
as specified in RFC 2104 and extended to arbitrary-length
keys in FIPS PUB 198-1. The HMAC key can be specified as an
ASCII string or as a hex string, and HMACs can be calculated
for files, strings, and hex strings.
To simplify usage, symbolic links with the algorithm name allow to call
fehashmac without the -a option. A prepended hmac- will automatically
enable HMAC mode.
Hashes and HMACs of files can be verified with the --check option.
Supported Algorithms (48) in 14 families:
blake224 blake256 blake384 blake512
gost
groestl224 groestl256 groestl384 groestl512
jh224 jh256 jh384 jh512
keccak224 keccak256 keccak384 keccak512
lash160 lash256 lash384 lash512
md2 md4 md5
rmd128 rmd160 rmd256 rmd320
sha1
sha224 sha256 sha384 sha512 sha512-224 sha512-256
sha3-224 sha3-256 sha3-384 sha3-512 shake128 shake256
skein1024 skein224 skein256 skein384 skein512
tiger2
whirl
The corresponding supported MAC algorithms are (42):
hmac-blake224 hmac-blake256 hmac-blake384 hmac-blake512
hmac-gost
hmac-groestl224 hmac-groestl256 hmac-groestl384 hmac-groestl512
hmac-jh224 hmac-jh256 hmac-jh384 hmac-jh512
hmac-keccak224 hmac-keccak256 hmac-keccak384 hmac-keccak512
hmac-lash160 hmac-lash256 hmac-lash384 hmac-lash512
hmac-md2 hmac-md4 hmac-md5
hmac-rmd128 hmac-rmd160 hmac-rmd256 hmac-rmd320
hmac-sha1
hmac-sha224 hmac-sha256 hmac-sha384 hmac-sha512 hmac-sha512-224
hmac-sha512-256
hmac-skein224 hmac-skein256 hmac-skein384 hmac-skein512
hmac-skein1024
hmac-tiger2
hmac-whirl
SHA3 does explicitly not support HMAC, since HMAC is a mode that
compensates for the length-extension weakness of the Merkle-Damgaard
construction (used in MD5, SHA1, SHA2, ...). As Keccak does not have
that weakness, building a MAC can be achieved in a more simple way,
such as MAC = Keccak(Key || message). (Gilles van Assche, private
communication, 11.12.2014).
2. Usage
a. Hash of a string
$ fehashmac -a md5 -s abc
md5 ("abc") = 900150983cd24fb0d6963f7d28e17f72
or shorter:
$ md5 -s abc
b. Hash of a hex string
$ fehashmac -a md5 -M 0123456789abcdef
a1cd1d1fc6491068d91007283ed84489
c. Hash of one or more files
$ fehashmac -a sha1 /etc/passwd /etc/group
sha1 (/etc/passwd) = 1c08dd1906a9ee06ae2337080c5b276b3bab7c5b
sha1 (/etc/group) = 0dd1c9c4cff81880e4c45512bb74b63104cd05cd
or shorter:
$ sha1 /etc/passwd /etc/group
d. Verify file hashes
$ fehashmac -c some.sha1
/etc/passwd: OK
/etc/group: OK
where some.sha1 contains the output of example c.
e. HMAC of a string, key is a string
$ fehashmac -a hmac-rmd256 -K Boss -s 'Yes,we can!'
key (hmac) = Boss
hmac-rmd256 ("Yes,we can!") = 2b2a8cf6cfd56b54d3a80a2067edff63d14ed06ef3c26b1ac972bba224274c89
or shorter:
$ hmac-rmd256 -K Boss -s 'Yes,we can!'
f. HMAC of one or more files, key is a hex string
$ fehashmac -a tiger2 --hmac --hexkey=fedcba9876543210 /etc/passwd /etc/group
hexkey (hmac) = fedcba9876543210
hmac-tiger2 (/etc/passwd) = 23426b2923cc1f7ab441a8a438ade4b0282a1a2bed3bc04f
hmac-tiger2 (/etc/group) = 62cd6d1107c91b747fc5abc03c0b7dcef38ecdbb3a82d54e
g. Verify file HMACs
$ fehashmac --check=some.hmac-tiger2
hexkey (hmac) = fedcba9876543210
/etc/passwd: OK
/etc/group: OK
where some.hmac-tiger2 contains the output of example f.
h. Bitwise hash
$ fehashmac -a sha1 --hexstring=98 --bits=5
29826b003b906e660eff4027ce98af3531ac75ba
i. Multiple hashes and/or HMACs
Two hashes of some files
$ fehashmac -a md5,sha256 /etc/passwd /etc/group
md5 (/etc/passwd) = 06553b0854d55cef3d997f47365a66a4
sha256 (/etc/passwd) = 5e377471cd4d021a30033bcb1a1182661910b8adbd683abf180320716423b04b
md5 (/etc/group) = fe0fa8b3d59225b237176a84eff22921
sha256 (/etc/group) = abde26f607c7b9543e1c819a76240ceb1da69134bc1511efd3debd74c5e55517
Hashes and HMACs of some files
$ fehashmac -a md5,sha256 -a hmac-md5 -a hmac-sha256 --key="Jefe" /etc/passwd /etc/group
key (hmac) = Jefe
md5 (/etc/passwd) = 06553b0854d55cef3d997f47365a66a4
sha256 (/etc/passwd) = 5e377471cd4d021a30033bcb1a1182661910b8adbd683abf180320716423b04b
hmac-md5 (/etc/passwd) = 3dca1895da180b660806c7a6a638afd8
hmac-sha256 (/etc/passwd) = 7231a5258a4ac533a9c009e2795d2f5628468cd4b2bceb73dc5f638000144d68
md5 (/etc/group) = fe0fa8b3d59225b237176a84eff22921
sha256 (/etc/group) = abde26f607c7b9543e1c819a76240ceb1da69134bc1511efd3debd74c5e55517
hmac-md5 (/etc/group) = 51be231554e0fd1a46608a58a238f7ce
hmac-sha256 (/etc/group) = 29a76a35a254d739675c50f2dafabea65154734a66aee032034aa5a1609c7e65
All hash algorithms applied to one file:
$ fehashmac -a all /etc/passwd
blake224 (/etc/passwd) = 88c904fff3c601819abdec21ce203ca9f74b6feed5b0076de75f8fb5
blake256 (/etc/passwd) = 98b0c7a7646c6badb545b848c1a600203ffbec2942d90887512951e1529639d4
blake384 (/etc/passwd) = b290b0a4a96017609258c401cb379194ed21bbe59cee057b7933fd716a4458189a8971e846137a97333782f04499af2b
blake512 (/etc/passwd) = 498f7edabb7d3069dff7a884d479e3dd56f70944ba9349fad810980c4d77ea3cdbd85c777fe97d9bca9f6192590c56efc50a579448baf5b2f9a4c6e669a682ad
gost (/etc/passwd) = 30833adf4adac1fe5035d4b275c786cd000d76e16fa7b6368713555de2bce106
groestl224 (/etc/passwd) = a02d79a56644215173811e5b9065d411ed5c0b91fb2f57c818fe8f73
groestl256 (/etc/passwd) = 8548767a4d8251de0986b54078f44db53a2f505b523cfe0c1f11f261b292fee0
groestl384 (/etc/passwd) = 48dc096fce6d022669b6a44b065a6cd164bbf497218bd335b9edcc62615bc82763145fd4d19f62b5f3087f0b1270c672
groestl512 (/etc/passwd) = c33792ff88eb5c178929d37a4c0a200ff93a7dc2677bc765c01f0319f93f301a8b141f8757e8444c0df39db82715d9406123865546056d8d3b7eada6dfa96caa
jh224 (/etc/passwd) = 3ec2e8353a9bbbb071d29851a1fea86f60edb9c9715fca59559e61ee
jh256 (/etc/passwd) = 703b43785017ededca1c38421fc0ca55d1b47e6ff244090403acad40b9c52846
jh384 (/etc/passwd) = 1cc023dc400ce76ba1818eee89ab6c70c5819fad5890f208ff9b3c347be017b954e251697fae146d9aade0dfb0cda4d2
jh512 (/etc/passwd) = 4dbc63a3ec293fdc1ec84965dc4477462e36df46bc857bde9247ea3f1b20a5ff39740f8b6e4f6112bf4b813c51b923a53a84aab31be4bf3b03df908a1ac4af22
keccak224 (/etc/passwd) = 6fa59cf7f3a4704bb3f92e1de190f87d4b99ee1d2782a50bbd25cda2
keccak256 (/etc/passwd) = c252272cbbbc124340d3fdfb0aa3de10b9222725e55b3f9d75d08306dc1885dd
keccak384 (/etc/passwd) = df514dd42c4953147c3a1ff6540edfc392f2e6e668e2b22f0dd2193a7d6d89cda8c0537087df54ae38ba0715aa41210c
keccak512 (/etc/passwd) = 4b0c175ad1c194078160322ace1447fad618e3113123e40a0a5d505ef403cc1367541f2b6343b81294fce1b0834f622682224b5f0c659ef06baf6cd872c66c20
lash160 (/etc/passwd) = dd15b8ae4343b0d161a8e62d860bd8dfc4c85155
lash256 (/etc/passwd) = 435f4696d17cf1052b466827635af92027503d5c0d8e459c1cd720fbe045c58f
lash384 (/etc/passwd) = ff6377a60ac03e58d6783c58e5b258b6be0e3c590afaba19c89217f7274b78fb75c6bb01456dced1db271da8376d08e8
lash512 (/etc/passwd) = f6fa7dd0c5f91c5b88ab75b2f8b9eef5ba073c980741144564cf1418a1c8dc8038d1fef7b8c03407ca6dd84b8f7a342de387ddfff02cffc61b34c5e0133ada20
md2 (/etc/passwd) = ab348305929b0f11e6cab5c0abe154d8
md4 (/etc/passwd) = 9652c93f9ccb4f655892d9f72213bd1d
md5 (/etc/passwd) = 92dd4800572c562b4a41b684e748bae9
rmd128 (/etc/passwd) = 1e5e69072c70f40cead18ce10bce7203
rmd160 (/etc/passwd) = 383bcaede8726253af9a891ff3f1ae484423f831
rmd256 (/etc/passwd) = ebe36e44f4ae5f582b5a12cfc98dbc8699b2997c212df0086c9386cfebad12fb
rmd320 (/etc/passwd) = fe015deef309b353f11560eaa155f7de925cb06087bbc51101989bd076a5a53484e91679bc0db2e4
sha1 (/etc/passwd) = 91a04fc99ca9b5d316bdb65bcb38e19021e8f2ef
sha224 (/etc/passwd) = 1f8edce3a53175aacf920f25d106e39bc0ebda720623973e0269b82c
sha256 (/etc/passwd) = 6a7f40c9fafbfee186fd709676004b72eadfb0d9f110b566499f61742ea8fbf3
sha3-224 (/etc/passwd) = 9a7cc3fb3a34ec02e5eeb6e9c7e3d375d569825d13139251fbf18de2
sha3-256 (/etc/passwd) = 12801db67ff722b904932ec75a1fcc293c06c42c6ab5b6be40dc74fa9ad5bc68
sha3-384 (/etc/passwd) = 15e5849fc2f07f48a0083c11d27769f2cdd28c126d0236a39325405ebe4889484a680b0f910b47fe944623a73661e7bb
sha3-512 (/etc/passwd) = aa64d3f62a9362bdc443d8a0e46ab953c44a1785638194eb4bbbdcf838fcef9340baf44d1fcb0bf04270a0c1c19e2a7f9f6369fc86e45fbc5378fc9522778b0a
sha384 (/etc/passwd) = c28ed3df4acaa652c51dbcfc83c1ff21b88b8858e6fbdc33bc29ee1386397eeff598fe5677309310d28b39a2e8405206
sha512 (/etc/passwd) = 54db1fa41fca1e727335acee44f53c50ef4e331e8fa6acff703a3e7e2f5ffe07d012588f45976f9ad3191effc81da7a37d9c72d8e97704315107c309e66fcbd0
sha512-224 (/etc/passwd) = 2ceb2fedc8387a113e81757e62aafae1b4601eb3ee1376ab87dac6a3
sha512-256 (/etc/passwd) = 1dd7b3ef2c3a6b6943fc94f1c808fb682fd6338233d733c4831f82e2e299f31f
shake128 (/etc/passwd) = 578dca71c3b3d5d7999990f87fd171ae48c4142a3d1f7bf9ff123c455e43868e143e6a3db723792c83d0d78f596213b086c74bb807428a9bc6f8ced6d361669f9999b787766b06417eece21be6ba36f7f17c91b8c256b579414cf0d44dae8b4ba008321e192b15362ec7f87230c4c81e5f440fe606ff84b162bd3c615e2e909e3134a2b0861b3efcf038d9cc91e93bd24ed1a4cfd59266292b657e850a8ed092c18f27cfbba30ce8ffb6d6a5f3cb7b2626adb929df93868b563a880cc7ba4fc1d1a2c0a88266e398ff2a13dffca9a71d648fbfba498a7159631c9f0f23b0e15600e105f2ef87a1a60b13d6b031618905fddb17e7bda6d658b2fbb4cd85665258cf54ed6cf34a9ff1f73bda8a2e7a2b4a89669d6a30082e374d80bbf15e850ed8e058de7a513d497fbace7c7b66126963464bf39fd934bac5f685387cfacbaa24f4b9776b567f9e88534fa838d9bf939dfffe761bd584a060ede987d84dea2a9f3540feeb1991936dde57b41fd13850b1c3ba60f4639d4a0b88933185719a6a7685a08e335d53fa2d31d1d119820517fcb1db472c79a51342f604001fd957498928e018160c6ca8e35a97ac18927e33b9a1d7701af12af9539aecfe8125d15146bd8a369f926f92f4f43d34f7c510215e9c6691a1bc2246543d048a6b9fc1be12de6cc5ba7346a67cf35d8455e89f996a4111660c5766614afe73a01964476d6e
shake256 (/etc/passwd) = 131cb77e862dae20730d86202fd249453ea5b94ea0a969c18edf887ee2e0ca44b7ea0da1d2e295d16712e8ea652f03edfd26cf5019e1050a548a57e18358c6534ca6286b6a744530deceb02fa1d0d9d5f6c2d16b4087fa7020311aa50fe792e2fb88a164f144937dad74297cb9c24661f0905e231904870489bf550c32689a9c8a7df90eff946a7c94153bfaae430eab0fc22c2273f33d677e42b638808ba4e00726c7dd99cd630f2617f5404869928ebd4978804c899d4717459c490708a6f879c70ad2b7e538275a55b5e2cbf48e79092bc5edceb1c97274d6d2aec98bf57d82653391a3a020c8784ab2e852b119d35f27bebf18694dce8626bc4c08747bf33e3a866835318ede57aa1c8ee7a95b29b887a569c0692feb6f7e2f3c1e8a0789ff4ea712cccefa3389d0d327bb8d4ea757f98a970f5162c80aa3b1c59806ed993ab2f64fd134bdc1adf20a76b47d8e759af49eb7a80957563d152788b1f1f71371d8718f2f06c84dab9b6102b91f0eb37c02fd8ddd30a31db5ef4fea95ce99b64e1086b98aadf0772c800730a667ca24c634e789cdbd5f922b9653e4f4ca83f9fa7548f3682c7ce3a6cfa771b2e26522aded7dd5c37fb3737939e8c314703b5f8cd192c2d90e2dd54b94260bd65bd732c53e15f546256e530dfc4b97a6651d906b9524e8e54df148f6a5c490e3d74b4799d765e289430cb397f15df427b95e6a
skein1024 (/etc/passwd) = 89e5375bb3061ba428217a1bf6345b0ca740a9e9d170744f8c042d3e7af1312658b064de6f8a313aea16f3f661c2b91a855386f1dbd8b679dde1c1baa1f21203e1a608da8ce8f6699ff81fac1c6ae4c80aa72d5c613c85fe0274a3dd5052fbe06f56e2813fa314e610e9ad598c7b188bba04b84807a153b941ac86127ab24f38
skein224 (/etc/passwd) = 23ad72cdc0a33b44963d0f24f2705d85235f6b4e7df307af0c02e1ae
skein256 (/etc/passwd) = 9943b09f6e5cd1cc183d7bbc9b8011568b1af5608b885d47ec92654d26493267
skein384 (/etc/passwd) = 25bb66007144008d5a3df878592b7f8498a0c121be8ea3e86ee7321735d74ad80c2b3223e9a398c1a2e8986d3f65e2ce
skein512 (/etc/passwd) = 4259973845b8f9f18ce0b8521707e075f93b82da1ee173596c95f4b094713ae59a39828a2fdc2130153078c5d4893a1f91c8b46fea89d0557b77e35b2d4fcfa6
tiger2 (/etc/passwd) = 3fa592de59a30b8b25f6ccc3183a6161e3d4a1f2c46637a8
whirl (/etc/passwd) = 1cba838935658906a7774cc081f057ab498a2ce59961350f5fbe28d4c67c74df833faee7f6135e2b4034a61569380852db76627c88f6f60db121d9b5a1db54ff
j. Test Suite
sha1 has tests for byte and bit strings
$ sha1 --test
sha1 Test Suite:
sha1 ("abc") = a9993e364706816aba3e25717850c26c9cd0d89d OK
sha1 ("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq") = 84983e441c3bd26ebaae4aa1f95129e5e54670f1 OK
sha1 ("a") (repeated 1000000 times) = 34aa973cd4c4daa4f61eeb2bdbad27316534016f OK
Tests passed: 3, tests failed: 0.
sha1 Bitwise Test Suite:
sha1 ("bitstring=110#148|11") = ce7387ae577337be54ea94f82c842e8be76bc3e1 OK
sha1 ("bitstring=110#149") = de244f063142cb2f4c903b7f7660577f9e0d8791 OK
sha1 ("bitstring=110#149|1") = a3d2982427ae39c8920ca5f499d6c2bd71ebf03c OK
sha1 ("bitstring=110#149|11") = 351aab58ff93cf12af7d5a584cfc8f7d81023d10 OK
sha1 ("bitstring=110#170") = 996386921e480d4e2955e7275df3522ce8f5ab6e OK
sha1 ("bitstring=110#170|1") = bb5f4ad48913f51b157eb985a5c2034b8243b01b OK
sha1 ("bitstring=110#170|11") = 9e92c5542237b957ba2244e8141fdb66dec730a5 OK
sha1 ("bitstring=110#171") = 2103e454da4491f4e32dd425a3341dc9c2a90848 OK
sha1 ("bitstring=011#490") = b4b18049de405027528cd9e74b2ec540d4e6f06b OK
sha1 ("bitstring=011#490|0") = 34c63356b308742720ab966914eb0fc926e4294b OK
sha1 ("bitstring=011#490|01") = 75face1802b9f84f326368ab06e73e0502e9ea34 OK
sha1 ("bitstring=011#491") = 7c2c3d62f6aec28d94cdf93f02e739e7490698a1 OK
sha1 ("hexstring=98, bits=5") = 29826b003b906e660eff4027ce98af3531ac75ba OK
sha1 ("hexstring=5e, bits=8") = 5e6f80a34a9798cafc6a5db96cc57ba4c4db59c2 OK
sha1 ("hexstring=49b2aec2 594bbe3a 3b117542 d94ac880, bits=123") = 6239781e03729919c01955b3ffa8acb60b988340 OK
sha1 ("hexstring=9a7dfdf1 ecead06e d646aa55 fe757146, bits=128") = 82abff6605dbe1c17def12a394fa22a82b544a35 OK
sha1 ("hexstring=65f93299 5ba4ce2c b1b4a2e7 1ae70220 aacec896 2dd4499cbd7c887a 94eaaa10 1ea5aabc 529b4e7e 43665a5a f2cd03fe678ea6a5 005bba3b 082204c2 8b9109f4 69dac92a aab3aa7c11a1b32a e0, bits=611") = 8c5b2a5ddae5a97fc7f9d85661c672adbf7933d4 OK
sha1 ("hexstring=f78f9214 1bcd170a e89b4fba 15a1d59f 3fd84d22 3c9251bdacbbae61 d05ed115 a06a7ce1 17b7beea d24421de d9c32592bd57edea e39c39fa 1fe8946a 84d0cf1f 7beead17 13e2e0959897347f 67c80b04 00c20981 5d6b10a6 83836fd5 562a56cab1a28e81 b6576654 631cf165 66b86e3b 33a108b0 5307c00aff14a768 ed735060 6a0f85e6 a91d396f 5b5cbe57 7f9b38807c7d523d 6d792f6e bc24a4ec f2b3a427 cdbbfb, bits=1304") = cb0082c8f197d260991ba6a460e76e202bad27b3 OK
Tests passed: 18, tests failed: 0.
md5 is one of the few algorithms that have HMAC test cases.
$ md5 --test
md5 Test Suite:
md5 ("") = d41d8cd98f00b204e9800998ecf8427e OK
md5 ("a") = 0cc175b9c0f1b6a831c399e269772661 OK
md5 ("abc") = 900150983cd24fb0d6963f7d28e17f72 OK
md5 ("message digest") = f96b697d7cb7938d525a2f31aaf161d0 OK
md5 ("abcdefghijklmnopqrstuvwxyz") = c3fcd3d76192e4007dfb496cca67e13b OK
md5 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = d174ab98d277d9f5a5611c2c9f419d9f OK
md5 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = 57edf4a22be3c955ac49da2e2107b67a OK
Tests passed: 7, tests failed: 0.
md5 HMAC Test Suite:
hexkey (hmac) = 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
hmac-md5 ("Hi There") = 9294727a3638bb1c13f48ef8158bfc9d OK
key (hmac) = Jefe
hmac-md5 ("what do ya want for nothing?") = 750c783e6ab0b503eaa86e310a5db738 OK
hexkey (hmac) = aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
hmac-md5 ("dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd") = 56be34521d144c88dbb8c733f0e8b3f6 OK
Tests passed: 3, tests failed: 0.
Note: all test cases for all algorithms can be executed using
$ fehahsmac -a all --test
3. Help Information
$ fehashmac --help
Usage: src/fehashmac [ options ] [ file ..]
-or- src/fehashmac -c [file]
-or- src/fehashmac -t
Generic Hash and HMAC Program fehashmac V1.3.0 30.12.2014
Harald von Fellenberg (hvf at hvf dot ch)
Supports HMAC (RFC 2104, FIPS PUB 198-1) for all hash algorithms.
Supports SHA3 and SHAKE (DRAFT FIPS PUB 202, May 2014).
Multiple hashes can be calculated simultaneously, files are read only once.
Supported hash algorithms are (48): blake224 blake256 blake384
blake512 gost groestl224 groestl256 groestl384 groestl512 jh224
jh256 jh384 jh512 keccak224 keccak256 keccak384 keccak512 lash160
lash256 lash384 lash512 md2 md4 md5 rmd128 rmd160 rmd256 rmd320
sha1 sha224 sha256 sha3-224 sha3-256 sha3-384 sha3-512 sha384
sha512 sha512-224 sha512-256 shake128 shake256 skein1024 skein224
skein256 skein384 skein512 tiger2 whirl
The corresponding HMAC algorithms are (42): hmac-blake224 hmac-blake256
hmac-blake384 hmac-blake512 hmac-gost hmac-groestl224 hmac-groestl256
hmac-groestl384 hmac-groestl512 hmac-jh224 hmac-jh256 hmac-jh384
hmac-jh512 hmac-keccak224 hmac-keccak256 hmac-keccak384 hmac-keccak512
hmac-lash160 hmac-lash256 hmac-lash384 hmac-lash512 hmac-md2
hmac-md4 hmac-md5 hmac-rmd128 hmac-rmd160 hmac-rmd256 hmac-rmd320
hmac-sha1 hmac-sha224 hmac-sha256 hmac-sha384 hmac-sha512 hmac-sha512-224
hmac-sha512-256 hmac-skein1024 hmac-skein224 hmac-skein256 hmac-skein384
hmac-skein512 hmac-tiger2 hmac-whirl
Options and arguments:
-a algo[,algo,...] - choose algorithm(s), see list below
--algorithm=algo[,algo,...] - choose algorithm(s), see list below
these two arguments can be specified multiple times
the files to be hashed are only read once.
-a hmac-algo[,...] - choose HMAC algorithm with hash algo.
Hash and HMAC algos may be freely mixed.
-a all - choose all hash algorithms
-a hmac-all - choose all HMAC algorithms
-s string - digests string for one algorithm
--string=string - digests string for one algorithm
--bitstring=bitstring - digests bitstring (Jim Gillogly format, bbb#nnn|bb..)
--hexstring=hexstring - digests hexstring (like -M, --M=)
-t - runs time trial for all algorithms
--time - runs time trial for all algorithms
-x - runs test script for one algorithm
--test - runs test script for one algorithm
file ... - digests file(s) for one algorithm
(none) - digests standard input for one algorithm
-c [file] - checks digests read from file or stdin
--check[=file] - checks digests read from file or stdin
--bits=nn - message length in number of bits (for SHA only)
-M hexstring - message in hexadecimal
--M=hexstring - message in hexadecimal
-h - print this text
--help - print this text
--list - print list of algorithms, one per line
HMAC options:
-K keystring - HMAC key as ASCII string
--K=keystring - HMAC key as ASCII string
--hexkey=hexkeystring - HMAC key in hexadecimal
Algorithm Hash Size Block Size Bitwise HMAC test
(bits) (bytes) Operation Vectors
blake224 224 64 yes
blake256 256 64 yes
blake384 384 128 yes
blake512 512 128 yes
gost 256 32 no
groestl224 224 64 yes
groestl256 256 64 yes
groestl384 384 128 yes
groestl512 512 128 yes
jh224 224 64 yes
jh256 256 64 yes
jh384 384 64 yes
jh512 512 64 yes
keccak224 224 144 yes
keccak256 256 136 yes
keccak384 384 104 yes
keccak512 512 72 yes
lash160 160 40 no
lash256 256 64 no
lash384 384 96 no
lash512 512 128 no
md2 128 16 no
md4 128 64 no
md5 128 64 no yes
rmd128 128 64 no yes
rmd160 160 64 no yes
rmd256 256 64 no
rmd320 320 64 no
sha1 160 64 yes yes
sha224 224 64 yes yes
sha256 256 64 yes yes
sha3-224 224 144 yes HMAC not supported
sha3-256 256 136 yes HMAC not supported
sha3-384 384 104 yes HMAC not supported
sha3-512 512 72 yes HMAC not supported
sha384 384 128 yes yes
sha512 512 128 yes yes
sha512-224 224 128 yes, no testvectors
sha512-256 256 128 yes, no testvectors
shake128 4096 168 yes HMAC not supported
shake256 4096 136 yes HMAC not supported
skein1024 1024 128 yes
skein224 224 32 yes
skein256 256 32 yes
skein384 384 64 yes
skein512 512 64 yes
tiger2 192 64 no
whirl 512 64 yes, no testvectors
References:
blake224 : BLAKE homepage http://www.131002.net/blake/
blake256 : BLAKE homepage http://www.131002.net/blake/
blake384 : BLAKE homepage http://www.131002.net/blake/
blake512 : BLAKE homepage http://www.131002.net/blake/
gost : GOST R 34.11-94, the Russian equivalent of SHA.
http://www.autochthonous.org/crypto/gosthash.tar.gz
groestl224: GROESTL homepage http://www.groestl.info/
groestl256: GROESTL homepage http://www.groestl.info/
groestl384: GROESTL homepage http://www.groestl.info/
groestl512: GROESTL homepage http://www.groestl.info/
jh224 : JH homepage http://www3.ntu.edu.sg/home/wuhj/research/jh/
jh256 : JH homepage http://www3.ntu.edu.sg/home/wuhj/research/jh/
jh384 : JH homepage http://www3.ntu.edu.sg/home/wuhj/research/jh/
jh512 : JH homepage http://www3.ntu.edu.sg/home/wuhj/research/jh/
keccak224 : KECCAK homepage http://keccak.noekeon.org/
keccak256 : KECCAK homepage http://keccak.noekeon.org/
keccak384 : KECCAK homepage http://keccak.noekeon.org/
keccak512 : KECCAK homepage http://keccak.noekeon.org/
lash160 : http://csrc.nist.gov/pki/HashWorkshop/2006/Papers/SAARINEN_lash4-1_ORIG.pdf
lash256 : http://csrc.nist.gov/pki/HashWorkshop/2006/Papers/SAARINEN_lash4-1_ORIG.pdf
lash384 : http://csrc.nist.gov/pki/HashWorkshop/2006/Papers/SAARINEN_lash4-1_ORIG.pdf
lash512 : http://csrc.nist.gov/pki/HashWorkshop/2006/Papers/SAARINEN_lash4-1_ORIG.pdf
md2 : RFC1319, http://www.ietf.org/rfc/rfc1319.txt
md4 : RFC1320, http://www.ietf.org/rfc/rfc1320.txt
md5 : RFC1321, http://www.ietf.org/rfc/rfc1321.txt
rmd128 : http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
rmd160 : http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
rmd256 : http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
rmd320 : http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
sha1 : FIPS PUB 180-3, http://csrc.nist.gov/publications/fips/fips180-3/fips180-3_final.pdf
sha224 : FIPS PUB 180-3, http://csrc.nist.gov/publications/fips/fips180-3/fips180-3_final.pdf
sha256 : FIPS PUB 180-3, http://csrc.nist.gov/publications/fips/fips180-3/fips180-3_final.pdf
sha3-224 : DRAFT FIPS PUB 202, http://csrc.nist.gov/publications/drafts/fips-202/fips_202_draft.pdf
sha3-256 : DRAFT FIPS PUB 202, http://csrc.nist.gov/publications/drafts/fips-202/fips_202_draft.pdf
sha3-384 : DRAFT FIPS PUB 202, http://csrc.nist.gov/publications/drafts/fips-202/fips_202_draft.pdf
sha3-512 : DRAFT FIPS PUB 202, http://csrc.nist.gov/publications/drafts/fips-202/fips_202_draft.pdf
sha384 : FIPS PUB 180-3, http://csrc.nist.gov/publications/fips/fips180-3/fips180-3_final.pdf
sha512 : FIPS PUB 180-3, http://csrc.nist.gov/publications/fips/fips180-3/fips180-3_final.pdf
sha512-224: DRAFT FIPS PUB 180-4, http://csrc.nist.gov/publications/drafts/fips180-4/Draft-FIPS180-4_Feb2011.pdf
sha512-256: DRAFT FIPS PUB 180-4, http://csrc.nist.gov/publications/drafts/fips180-4/Draft-FIPS180-4_Feb2011.pdf
shake128 : DRAFT FIPS PUB 202, http://csrc.nist.gov/publications/drafts/fips-202/fips_202_draft.pdf
shake256 : DRAFT FIPS PUB 202, http://csrc.nist.gov/publications/drafts/fips-202/fips_202_draft.pdf
skein1024 : SKEIN homepage http://www.skein-hash.info/
skein224 : SKEIN homepage http://www.skein-hash.info/
skein256 : SKEIN homepage http://www.skein-hash.info/
skein384 : SKEIN homepage http://www.skein-hash.info/
skein512 : SKEIN homepage http://www.skein-hash.info/
tiger2 : http://www.cs.technion.ac.il/~biham/Reports/Tiger/
This code implements the Tiger 2 padding (like MD5)
whirl : http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html
Download Latest Version
fehashmac-4.2-Source.tar.gz (6.8 MB)
