diff --git a/openpgp/clearsign/clearsign.go b/openpgp/clearsign/clearsign.go index ec66699c2..9f695623c 100644 --- a/openpgp/clearsign/clearsign.go +++ b/openpgp/clearsign/clearsign.go @@ -435,6 +435,10 @@ func nameOfHash(h crypto.Hash) string { return "SHA384" case crypto.SHA512: return "SHA512" + case crypto.SHA3_256: + return "SHA3-256" + case crypto.SHA3_512: + return "SHA3-512" } return "" } @@ -457,6 +461,10 @@ func nameToHash(h string) crypto.Hash { return crypto.SHA384 case "SHA512": return crypto.SHA512 + case "SHA3-256": + return crypto.SHA3_256 + case "SHA3-512": + return crypto.SHA3_512 } return crypto.Hash(0) } diff --git a/openpgp/internal/algorithm/hash.go b/openpgp/internal/algorithm/hash.go index 3f1b61b88..f0a1815fb 100644 --- a/openpgp/internal/algorithm/hash.go +++ b/openpgp/internal/algorithm/hash.go @@ -39,6 +39,8 @@ var ( SHA384 Hash = cryptoHash{9, crypto.SHA384} SHA512 Hash = cryptoHash{10, crypto.SHA512} SHA224 Hash = cryptoHash{11, crypto.SHA224} + SHA3_256 Hash = cryptoHash{12, crypto.SHA3_256} + SHA3_512 Hash = cryptoHash{14, crypto.SHA3_512} ) // HashById represents the different hash functions specified for OpenPGP. See @@ -52,6 +54,8 @@ var ( SHA384.Id(): SHA384, SHA512.Id(): SHA512, SHA224.Id(): SHA224, + SHA3_256.Id(): SHA3_256, + SHA3_512.Id(): SHA3_512, } ) @@ -75,6 +79,8 @@ var hashNames = map[uint8]string{ SHA384.Id(): "SHA384", SHA512.Id(): "SHA512", SHA224.Id(): "SHA224", + SHA3_256.Id(): "SHA3-256", + SHA3_512.Id(): "SHA3-512", } func (h cryptoHash) String() string { diff --git a/openpgp/keys_test.go b/openpgp/keys_test.go index c1c8e825e..3cd2e05d9 100644 --- a/openpgp/keys_test.go +++ b/openpgp/keys_test.go @@ -28,6 +28,8 @@ var hashes = []crypto.Hash{ crypto.SHA256, crypto.SHA384, crypto.SHA512, + crypto.SHA3_256, + crypto.SHA3_512, } var ciphers = []packet.CipherFunction{ diff --git a/openpgp/read.go b/openpgp/read.go index f9233f6d2..bfc897cca 100644 --- a/openpgp/read.go +++ b/openpgp/read.go @@ -8,6 +8,7 @@ package openpgp // import "github.com/ProtonMail/go-crypto/openpgp" import ( "crypto" _ "crypto/sha256" + _ "crypto/sha512" "hash" "io" "strconv" @@ -15,6 +16,7 @@ import ( "github.com/ProtonMail/go-crypto/openpgp/armor" "github.com/ProtonMail/go-crypto/openpgp/errors" "github.com/ProtonMail/go-crypto/openpgp/packet" + _ "golang.org/x/crypto/sha3" ) // SignatureType is the armor type for a PGP signature. diff --git a/openpgp/s2k/s2k.go b/openpgp/s2k/s2k.go index 14f58548b..8862c7c2e 100644 --- a/openpgp/s2k/s2k.go +++ b/openpgp/s2k/s2k.go @@ -356,7 +356,7 @@ func HashIdToString(id byte) (name string, ok bool) { return "", false } -// HashIdToHash returns an OpenPGP hash id which corresponds the given Hash. +// HashToHashId returns an OpenPGP hash id which corresponds the given Hash. func HashToHashId(h crypto.Hash) (id byte, ok bool) { for id, hash := range algorithm.HashById { if hash.HashFunc() == h { diff --git a/openpgp/s2k/s2k_test.go b/openpgp/s2k/s2k_test.go index 80aa12d54..c4be8bcbe 100644 --- a/openpgp/s2k/s2k_test.go +++ b/openpgp/s2k/s2k_test.go @@ -15,6 +15,7 @@ import ( "testing" _ "golang.org/x/crypto/ripemd160" + _ "golang.org/x/crypto/sha3" ) var saltedTests = []struct { @@ -136,7 +137,8 @@ func TestParseIntoParams(t *testing.T) { } func TestSerializeOK(t *testing.T) { - hashes := []crypto.Hash{crypto.SHA1, crypto.RIPEMD160, crypto.SHA256, crypto.SHA384, crypto.SHA512, crypto.SHA224} + hashes := []crypto.Hash{crypto.SHA256, crypto.SHA384, crypto.SHA512, crypto.SHA224, crypto.SHA3_256, + crypto.SHA3_512, crypto.SHA1, crypto.RIPEMD160} testCounts := []int{-1, 0, 1024, 65536, 4063232, 65011712} for _, h := range hashes { for _, c := range testCounts { diff --git a/openpgp/write.go b/openpgp/write.go index 23a24f203..f66a2a3b1 100644 --- a/openpgp/write.go +++ b/openpgp/write.go @@ -338,6 +338,8 @@ func encrypt(keyWriter io.Writer, dataWriter io.Writer, to []*Entity, signed *En hashToHashId(crypto.SHA256), hashToHashId(crypto.SHA384), hashToHashId(crypto.SHA512), + hashToHashId(crypto.SHA3_256), + hashToHashId(crypto.SHA3_512), hashToHashId(crypto.SHA1), hashToHashId(crypto.RIPEMD160), } @@ -458,6 +460,8 @@ func Sign(output io.Writer, signed *Entity, hints *FileHints, config *packet.Con hashToHashId(crypto.SHA256), hashToHashId(crypto.SHA384), hashToHashId(crypto.SHA512), + hashToHashId(crypto.SHA3_256), + hashToHashId(crypto.SHA3_512), hashToHashId(crypto.SHA1), hashToHashId(crypto.RIPEMD160), }