Add missing SHA224, SHA384, and SHA512 (dart-archive/crypto#63)

* Add SHA384 and SHA512

Sha384 and Sha512 share the same implementation and differ only in the
initailization vectors and the digest concatentation. The algorithm from
from rfc6234 calls for 64bit words and operations and to remain dart2js
friendly, BigInt was used.

INPUT REQUESTED:
  I'm not sure where the test vectors came from; but a simple comparison
  to sha384 and sha512 command line methods shows it matching. If you
  can point me to them, then I can write a better test.

* Add Sha224 + Refactor

Do something less stupid; use _Sha32BitSink and _Sha64BitSink to have
class heirarchies make better sense.

* Support 32bit and 64bit operations for SHA384/512

Two modes of operation: if you're in a browser, you get the slower 32bit
algorithm because you only have 2^53 bits. If you are on the VM /
Flutter, you'll have 64bit operations wich is *much* faster:

32BIT NUMBERS: ~20MB/s hashing
Removing BigInt has some good results:
  Instance of 'Sha224' warmup: 0:00:00.015599
  Instance of 'Sha256' warmup: 0:00:00.002325
  Instance of 'Sha384' warmup: 0:00:00.019082
  Instance of 'Sha512' warmup: 0:00:00.010288
  Instance of 'Sha224' real: 0:00:00.092928
  Instance of 'Sha256' real: 0:00:00.093426
  Instance of 'Sha384' real: 0:00:00.823335
  Instance of 'Sha512' real: 0:00:00.807871

64BIT NUMBERS: ~236MB/s hashing
On the VM, this is much faster with 64bit operations.
  Instance of 'Sha224' warmup: 0:00:00.013285
  Instance of 'Sha256' warmup: 0:00:00.002443
  Instance of 'Sha384' warmup: 0:00:00.020954
  Instance of 'Sha512' warmup: 0:00:00.005616
  Instance of 'Sha224' real: 0:00:00.097196
  Instance of 'Sha256' real: 0:00:00.094167
  Instance of 'Sha384' real: 0:00:00.067605
  Instance of 'Sha512' real: 0:00:00.067564

NOTE:
Compiles with dart2js - cannot reference 64bit hex as the compiler just
vomits... but you can left shift by 32.

* Fix comment

* Add conditional imports

* De-listify 32bit allocations

Speed is still meh in dart2js:

384/512 numbers:
Instance of 'minified:a2' real: 0:00:02.203820
Instance of 'minified:aO' real: 0:00:02.192515

* Add sha monte tests for 224,256,384, and 512

RSP values came from http://csrc.nist.gov/groups/STM/cavp/documents/shs/shabytetestvectors.zip

* Fix formattting of lib/crypto.dart

* Bump version (adding new features) + min sdk

* Bump travis (hidden file)

* Rework monte test to function-only.

Author: jtmcdole

pkgs/crypto/.travis.yml

@@ -1,8 +1,8 @@
 language: dart
 
 dart:
-  - 2.0.0
-  - dev
+  - 2.1.0
+  - stable 
 
 dart_task:
   - test: -p vm

pkgs/crypto/README.md

@@ -5,7 +5,10 @@ A set of cryptographic hashing functions implemented in pure Dart
 The following hashing algorithms are supported:
 
 * SHA-1
+* SHA-224
 * SHA-256
+* SHA-384
+* SHA-512
 * MD5
 * HMAC (i.e. HMAC-MD5, HMAC-SHA1, HMAC-SHA256)
 
@@ -105,7 +108,10 @@ Please file feature requests and bugs at the [issue tracker][tracker].
 [Hmac]: https://www.dartdocs.org/documentation/crypto/latest/crypto/Hmac-class.html
 [MD5]: https://www.dartdocs.org/documentation/crypto/latest/crypto/MD5-class.html
 [Sha1]: https://www.dartdocs.org/documentation/crypto/latest/crypto/Sha1-class.html
+[Sha224]: https://www.dartdocs.org/documentation/crypto/latest/crypto/Sha224-class.html
 [Sha256]: https://www.dartdocs.org/documentation/crypto/latest/crypto/Sha256-class.html
+[Sha384]: https://www.dartdocs.org/documentation/crypto/latest/crypto/Sha384-class.html
+[Sha512]: https://www.dartdocs.org/documentation/crypto/latest/crypto/Sha512-class.html
 [md5-obj]: https://www.dartdocs.org/documentation/crypto/latest/crypto/md5.html
 [sha1-obj]: https://www.dartdocs.org/documentation/crypto/latest/crypto/sha1.html
 [sha256-obj]: https://www.dartdocs.org/documentation/crypto/latest/crypto/sha256.html

pkgs/crypto/lib/crypto.dart

@@ -8,3 +8,4 @@ export 'src/hmac.dart';
 export 'src/md5.dart';
 export 'src/sha1.dart';
 export 'src/sha256.dart';
+export 'src/sha512.dart';

pkgs/crypto/lib/src/sha256.dart

@@ -17,6 +17,13 @@ import 'utils.dart';
 /// [rfc]: http://tools.ietf.org/html/rfc6234
 final sha256 = Sha256._();
 
+/// An instance of [Sha224].
+///
+/// This instance provides convenient access to the [Sha224][rfc] hash function.
+///
+/// [rfc]: http://tools.ietf.org/html/rfc6234
+final sha224 = Sha224._();
+
 /// An implementation of the [SHA-256][rfc] hash function.
 ///
 /// [rfc]: http://tools.ietf.org/html/rfc6234
@@ -36,6 +43,25 @@ class Sha256 extends Hash {
       ByteConversionSink.from(_Sha256Sink(sink));
 }
 
+/// An implementation of the [SHA-224][rfc] hash function.
+///
+/// [rfc]: http://tools.ietf.org/html/rfc6234
+///
+/// Note that it's almost always easier to use [sha224] rather than creating a
+/// new instance.
+class Sha224 extends Hash {
+  @override
+  final int blockSize = 16 * bytesPerWord;
+
+  Sha224._();
+
+  Sha224 newInstance() => Sha224._();
+
+  @override
+  ByteConversionSink startChunkedConversion(Sink<Digest> sink) =>
+      ByteConversionSink.from(_Sha224Sink(sink));
+}
+
 /// Data from a non-linear function that functions as reproducible noise.
 const List<int> _noise = [
   0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, //
@@ -51,34 +77,16 @@ const List<int> _noise = [
   0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
 ];
 
-/// The concrete implementation of [Sha256].
-///
-/// This is separate so that it can extend [HashSink] without leaking additional
-/// public members.
-class _Sha256Sink extends HashSink {
-  @override
-  final digest = Uint32List(8);
+abstract class _Sha32BitSink extends HashSink {
+  final Uint32List _digest;
 
   /// The sixteen words from the original chunk, extended to 64 words.
   ///
   /// This is an instance variable to avoid re-allocating, but its data isn't
   /// used across invocations of [updateHash].
-  final Uint32List _extended;
+  final _extended = Uint32List(64);
 
-  _Sha256Sink(Sink<Digest> sink)
-      : _extended = Uint32List(64),
-        super(sink, 16) {
-    // Initial value of the hash parts. First 32 bits of the fractional parts
-    // of the square roots of the first 8 prime numbers.
-    digest[0] = 0x6a09e667;
-    digest[1] = 0xbb67ae85;
-    digest[2] = 0x3c6ef372;
-    digest[3] = 0xa54ff53a;
-    digest[4] = 0x510e527f;
-    digest[5] = 0x9b05688c;
-    digest[6] = 0x1f83d9ab;
-    digest[7] = 0x5be0cd19;
-  }
+  _Sha32BitSink(Sink<Digest> sink, this._digest) : super(sink, 16);
 
   // The following helper functions are taken directly from
   // http://tools.ietf.org/html/rfc6234.
@@ -105,14 +113,14 @@ class _Sha256Sink extends HashSink {
     }
 
     // Shuffle around the bits.
-    var a = digest[0];
-    var b = digest[1];
-    var c = digest[2];
-    var d = digest[3];
-    var e = digest[4];
-    var f = digest[5];
-    var g = digest[6];
-    var h = digest[7];
+    var a = _digest[0];
+    var b = _digest[1];
+    var c = _digest[2];
+    var d = _digest[3];
+    var e = _digest[4];
+    var f = _digest[5];
+    var g = _digest[6];
+    var h = _digest[7];
 
     for (var i = 0; i < 64; i++) {
       var temp1 = add32(add32(h, _bsig1(e)),
@@ -129,13 +137,61 @@ class _Sha256Sink extends HashSink {
     }
 
     // Update hash values after iteration.
-    digest[0] = add32(a, digest[0]);
-    digest[1] = add32(b, digest[1]);
-    digest[2] = add32(c, digest[2]);
-    digest[3] = add32(d, digest[3]);
-    digest[4] = add32(e, digest[4]);
-    digest[5] = add32(f, digest[5]);
-    digest[6] = add32(g, digest[6]);
-    digest[7] = add32(h, digest[7]);
+    _digest[0] = add32(a, _digest[0]);
+    _digest[1] = add32(b, _digest[1]);
+    _digest[2] = add32(c, _digest[2]);
+    _digest[3] = add32(d, _digest[3]);
+    _digest[4] = add32(e, _digest[4]);
+    _digest[5] = add32(f, _digest[5]);
+    _digest[6] = add32(g, _digest[6]);
+    _digest[7] = add32(h, _digest[7]);
   }
 }
+
+/// The concrete implementation of [Sha256].
+///
+/// This is separate so that it can extend [HashSink] without leaking additional
+/// public members.
+class _Sha256Sink extends _Sha32BitSink {
+  @override
+  Uint32List get digest => _digest;
+
+  // Initial value of the hash parts. First 32 bits of the fractional parts
+  // of the square roots of the first 8 prime numbers.
+  _Sha256Sink(Sink<Digest> sink)
+      : super(
+            sink,
+            Uint32List.fromList([
+              0x6a09e667,
+              0xbb67ae85,
+              0x3c6ef372,
+              0xa54ff53a,
+              0x510e527f,
+              0x9b05688c,
+              0x1f83d9ab,
+              0x5be0cd19,
+            ]));
+}
+
+/// The concrete implementation of [Sha224].
+///
+/// This is separate so that it can extend [HashSink] without leaking additional
+/// public members.
+class _Sha224Sink extends _Sha32BitSink {
+  @override
+  Uint32List get digest => _digest.buffer.asUint32List(0, 7);
+
+  _Sha224Sink(Sink<Digest> sink)
+      : super(
+            sink,
+            Uint32List.fromList([
+              0xc1059ed8,
+              0x367cd507,
+              0x3070dd17,
+              0xf70e5939,
+              0xffc00b31,
+              0x68581511,
+              0x64f98fa7,
+              0xbefa4fa4,
+            ]));
+}

pkgs/crypto/lib/src/sha512.dart

@@ -0,0 +1,60 @@
+// Copyright (c) 2019, the Dart project authors.  Please see the AUTHORS file
+// for details. All rights reserved. Use of this source code is governed by a
+// BSD-style license that can be found in the LICENSE file.
+
+import 'dart:convert';
+
+import 'digest.dart';
+import 'hash.dart';
+import 'sha512_fastsinks.dart' if (dart.library.js) 'sha512_slowsinks.dart';
+//import 'sha512_slowsinks.dart';
+import 'utils.dart';
+
+/// An instance of [Sha2Sha384].
+///
+/// This instance provides convenient access to the [Sha384][rfc] hash function.
+///
+/// [rfc]: http://tools.ietf.org/html/rfc6234
+final sha384 = Sha384._();
+
+/// An instance of [Sha2Sha512].
+///
+/// This instance provides convenient access to the [Sha512][rfc] hash function.
+///
+/// [rfc]: http://tools.ietf.org/html/rfc6234
+final sha512 = Sha512._();
+
+/// An implementation of the [SHA-384][rfc] hash function.
+///
+/// [rfc]: http://tools.ietf.org/html/rfc6234
+///
+/// Note that it's almost always easier to use [sha384] rather than creating a
+/// new instance.
+class Sha384 extends Hash {
+  @override
+  final int blockSize = 16 * bytesPerWord;
+
+  Sha384._();
+
+  Sha384 newInstance() => Sha384._();
+
+  @override
+  ByteConversionSink startChunkedConversion(Sink<Digest> sink) =>
+      ByteConversionSink.from(Sha384Sink(sink));
+}
+
+/// An implementation of the [SHA-512][rfc] hash function.
+///
+/// [rfc]: http://tools.ietf.org/html/rfc6234
+///
+/// Note that it's almost always easier to use [sha512] rather than creating a
+/// new instance.
+class Sha512 extends Sha384 {
+  Sha512._() : super._();
+
+  Sha512 newInstance() => Sha512._();
+
+  @override
+  ByteConversionSink startChunkedConversion(Sink<Digest> sink) =>
+      ByteConversionSink.from(Sha512Sink(sink));
+}