00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037 #include "../defs.h"
00038 #include <string.h>
00039 #include <assert.h>
00040 #include "sha2.h"
00041
00042
00043
00044
00045
00046
00047
00048
00049
00050
00051
00052
00053
00054
00055
00056
00057
00058
00059
00060
00061
00062
00063
00064
00065
00066
00067
00068
00069
00070
00071
00072
00073
00074
00075
00076
00077
00078
00079
00080
00081
00082
00083
00084
00085
00086
00087
00088
00089
00090
00091 #if !defined(BYTE_ORDER) || (BYTE_ORDER != LITTLE_ENDIAN && BYTE_ORDER != BIG_ENDIAN)
00092 #error Define BYTE_ORDER to be equal to either LITTLE_ENDIAN or BIG_ENDIAN
00093 #endif
00094
00095
00096
00097
00098
00099
00100
00101
00102
00103
00104
00105
00106
00107
00108
00109 #ifdef SHA2_USE_INTTYPES_H
00110
00111 typedef uint8_t sha2_byte;
00112 typedef uint32_t sha2_word32;
00113 typedef uint64_t sha2_word64;
00114
00115 #else
00116
00117 typedef u_int8_t sha2_byte;
00118 typedef u_int32_t sha2_word32;
00119 typedef u_int64_t sha2_word64;
00120
00121 #endif
00122
00123
00124
00125
00126 #define SHA256_SHORT_BLOCK_LENGTH (SHA256_BLOCK_LENGTH - 8)
00127 #define SHA384_SHORT_BLOCK_LENGTH (SHA384_BLOCK_LENGTH - 16)
00128 #define SHA512_SHORT_BLOCK_LENGTH (SHA512_BLOCK_LENGTH - 16)
00129
00130
00131 #if (defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L)) || defined(__GNUC__) || defined(_HPUX_SOURCE) || defined(__IBMC__)
00132 #define ULL(number) number##ULL
00133 #else
00134 #define ULL(number) (uint64_t)(number)
00135 #endif
00136
00137 #if BYTE_ORDER == LITTLE_ENDIAN
00138 #define REVERSE32(w,x) { \
00139 sha2_word32 tmp = (w); \
00140 tmp = (tmp >> 16) | (tmp << 16); \
00141 (x) = ((tmp & 0xff00ff00UL) >> 8) | ((tmp & 0x00ff00ffUL) << 8); \
00142 }
00143 #define REVERSE64(w,x) { \
00144 sha2_word64 tmp = (w); \
00145 tmp = (tmp >> 32) | (tmp << 32); \
00146 tmp = ((tmp & ULL(0xff00ff00ff00ff00)) >> 8) | \
00147 ((tmp & ULL(0x00ff00ff00ff00ff)) << 8); \
00148 (x) = ((tmp & ULL(0xffff0000ffff0000)) >> 16) | \
00149 ((tmp & ULL(0x0000ffff0000ffff)) << 16); \
00150 }
00151 #endif
00152
00153
00154
00155
00156
00157
00158 #define ADDINC128(w,n) { \
00159 (w)[0] += (sha2_word64)(n); \
00160 if ((w)[0] < (n)) { \
00161 (w)[1]++; \
00162 } \
00163 }
00164
00165
00166
00167
00168
00169
00170
00171
00172
00173
00174 #if !defined(SHA2_USE_MEMSET_MEMCPY) && !defined(SHA2_USE_BZERO_BCOPY)
00175
00176 #define SHA2_USE_MEMSET_MEMCPY 1
00177 #endif
00178 #if defined(SHA2_USE_MEMSET_MEMCPY) && defined(SHA2_USE_BZERO_BCOPY)
00179
00180 #error Define either SHA2_USE_MEMSET_MEMCPY or SHA2_USE_BZERO_BCOPY, not both!
00181 #endif
00182
00183 #ifdef SHA2_USE_MEMSET_MEMCPY
00184 #define MEMSET_BZERO(p,l) memset((p), 0, (l))
00185 #define MEMCPY_BCOPY(d,s,l) memcpy((d), (s), (l))
00186 #endif
00187 #ifdef SHA2_USE_BZERO_BCOPY
00188 #define MEMSET_BZERO(p,l) bzero((p), (l))
00189 #define MEMCPY_BCOPY(d,s,l) bcopy((s), (d), (l))
00190 #endif
00191
00192
00193
00194
00195
00196
00197
00198
00199
00200
00201
00202
00203 #define R(b,x) ((x) >> (b))
00204
00205 #define S32(b,x) (((x) >> (b)) | ((x) << (32 - (b))))
00206
00207 #define S64(b,x) (((x) >> (b)) | ((x) << (64 - (b))))
00208
00209
00210 #define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
00211 #define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
00212
00213
00214 #define Sigma0_256(x) (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x)))
00215 #define Sigma1_256(x) (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x)))
00216 #define sigma0_256(x) (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x)))
00217 #define sigma1_256(x) (S32(17, (x)) ^ S32(19, (x)) ^ R(10, (x)))
00218
00219
00220 #define Sigma0_512(x) (S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x)))
00221 #define Sigma1_512(x) (S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x)))
00222 #define sigma0_512(x) (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x)))
00223 #define sigma1_512(x) (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x)))
00224
00225
00226
00227
00228
00229
00230 void SHA512_Last(SHA512_CTX*);
00231 void SHA256_Transform(SHA256_CTX*, const sha2_word32*);
00232 void SHA512_Transform(SHA512_CTX*, const sha2_word64*);
00233
00234
00235
00236
00237 static const sha2_word32 K256[64] = {
00238 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL,
00239 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL,
00240 0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL,
00241 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL,
00242 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
00243 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL,
00244 0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL,
00245 0xc6e00bf3UL, 0xd5a79147UL, 0x06ca6351UL, 0x14292967UL,
00246 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL,
00247 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
00248 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL,
00249 0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL,
00250 0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL,
00251 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL,
00252 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
00253 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
00254 };
00255
00256
00257 static const sha2_word32 sha256_initial_hash_value[8] = {
00258 0x6a09e667UL,
00259 0xbb67ae85UL,
00260 0x3c6ef372UL,
00261 0xa54ff53aUL,
00262 0x510e527fUL,
00263 0x9b05688cUL,
00264 0x1f83d9abUL,
00265 0x5be0cd19UL
00266 };
00267
00268
00269 static const sha2_word64 K512[80] = {
00270 ULL(0x428a2f98d728ae22), ULL(0x7137449123ef65cd),
00271 ULL(0xb5c0fbcfec4d3b2f), ULL(0xe9b5dba58189dbbc),
00272 ULL(0x3956c25bf348b538), ULL(0x59f111f1b605d019),
00273 ULL(0x923f82a4af194f9b), ULL(0xab1c5ed5da6d8118),
00274 ULL(0xd807aa98a3030242), ULL(0x12835b0145706fbe),
00275 ULL(0x243185be4ee4b28c), ULL(0x550c7dc3d5ffb4e2),
00276 ULL(0x72be5d74f27b896f), ULL(0x80deb1fe3b1696b1),
00277 ULL(0x9bdc06a725c71235), ULL(0xc19bf174cf692694),
00278 ULL(0xe49b69c19ef14ad2), ULL(0xefbe4786384f25e3),
00279 ULL(0x0fc19dc68b8cd5b5), ULL(0x240ca1cc77ac9c65),
00280 ULL(0x2de92c6f592b0275), ULL(0x4a7484aa6ea6e483),
00281 ULL(0x5cb0a9dcbd41fbd4), ULL(0x76f988da831153b5),
00282 ULL(0x983e5152ee66dfab), ULL(0xa831c66d2db43210),
00283 ULL(0xb00327c898fb213f), ULL(0xbf597fc7beef0ee4),
00284 ULL(0xc6e00bf33da88fc2), ULL(0xd5a79147930aa725),
00285 ULL(0x06ca6351e003826f), ULL(0x142929670a0e6e70),
00286 ULL(0x27b70a8546d22ffc), ULL(0x2e1b21385c26c926),
00287 ULL(0x4d2c6dfc5ac42aed), ULL(0x53380d139d95b3df),
00288 ULL(0x650a73548baf63de), ULL(0x766a0abb3c77b2a8),
00289 ULL(0x81c2c92e47edaee6), ULL(0x92722c851482353b),
00290 ULL(0xa2bfe8a14cf10364), ULL(0xa81a664bbc423001),
00291 ULL(0xc24b8b70d0f89791), ULL(0xc76c51a30654be30),
00292 ULL(0xd192e819d6ef5218), ULL(0xd69906245565a910),
00293 ULL(0xf40e35855771202a), ULL(0x106aa07032bbd1b8),
00294 ULL(0x19a4c116b8d2d0c8), ULL(0x1e376c085141ab53),
00295 ULL(0x2748774cdf8eeb99), ULL(0x34b0bcb5e19b48a8),
00296 ULL(0x391c0cb3c5c95a63), ULL(0x4ed8aa4ae3418acb),
00297 ULL(0x5b9cca4f7763e373), ULL(0x682e6ff3d6b2b8a3),
00298 ULL(0x748f82ee5defb2fc), ULL(0x78a5636f43172f60),
00299 ULL(0x84c87814a1f0ab72), ULL(0x8cc702081a6439ec),
00300 ULL(0x90befffa23631e28), ULL(0xa4506cebde82bde9),
00301 ULL(0xbef9a3f7b2c67915), ULL(0xc67178f2e372532b),
00302 ULL(0xca273eceea26619c), ULL(0xd186b8c721c0c207),
00303 ULL(0xeada7dd6cde0eb1e), ULL(0xf57d4f7fee6ed178),
00304 ULL(0x06f067aa72176fba), ULL(0x0a637dc5a2c898a6),
00305 ULL(0x113f9804bef90dae), ULL(0x1b710b35131c471b),
00306 ULL(0x28db77f523047d84), ULL(0x32caab7b40c72493),
00307 ULL(0x3c9ebe0a15c9bebc), ULL(0x431d67c49c100d4c),
00308 ULL(0x4cc5d4becb3e42b6), ULL(0x597f299cfc657e2a),
00309 ULL(0x5fcb6fab3ad6faec), ULL(0x6c44198c4a475817)
00310 };
00311
00312
00313 static const sha2_word64 sha384_initial_hash_value[8] = {
00314 ULL(0xcbbb9d5dc1059ed8),
00315 ULL(0x629a292a367cd507),
00316 ULL(0x9159015a3070dd17),
00317 ULL(0x152fecd8f70e5939),
00318 ULL(0x67332667ffc00b31),
00319 ULL(0x8eb44a8768581511),
00320 ULL(0xdb0c2e0d64f98fa7),
00321 ULL(0x47b5481dbefa4fa4)
00322 };
00323
00324
00325 static const sha2_word64 sha512_initial_hash_value[8] = {
00326 ULL(0x6a09e667f3bcc908),
00327 ULL(0xbb67ae8584caa73b),
00328 ULL(0x3c6ef372fe94f82b),
00329 ULL(0xa54ff53a5f1d36f1),
00330 ULL(0x510e527fade682d1),
00331 ULL(0x9b05688c2b3e6c1f),
00332 ULL(0x1f83d9abfb41bd6b),
00333 ULL(0x5be0cd19137e2179)
00334 };
00335
00336
00337
00338
00339
00340 static const char *sha2_hex_digits = "0123456789abcdef";
00341
00342
00343
00344 void SHA256_Init(SHA256_CTX* context) {
00345 if (context == (SHA256_CTX*)0) {
00346 return;
00347 }
00348 MEMCPY_BCOPY(context->state, sha256_initial_hash_value, SHA256_DIGEST_LENGTH);
00349 MEMSET_BZERO(context->buffer, SHA256_BLOCK_LENGTH);
00350 context->bitcount = 0;
00351 }
00352
00353 #ifdef SHA2_UNROLL_TRANSFORM
00354
00355
00356
00357 #if BYTE_ORDER == LITTLE_ENDIAN
00358
00359 #define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \
00360 REVERSE32(*data++, W256[j]); \
00361 T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \
00362 K256[j] + W256[j]; \
00363 (d) += T1; \
00364 (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \
00365 j++
00366
00367
00368 #else
00369
00370 #define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \
00371 T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \
00372 K256[j] + (W256[j] = *data++); \
00373 (d) += T1; \
00374 (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \
00375 j++
00376
00377 #endif
00378
00379 #define ROUND256(a,b,c,d,e,f,g,h) \
00380 s0 = W256[(j+1)&0x0f]; \
00381 s0 = sigma0_256(s0); \
00382 s1 = W256[(j+14)&0x0f]; \
00383 s1 = sigma1_256(s1); \
00384 T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + K256[j] + \
00385 (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0); \
00386 (d) += T1; \
00387 (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \
00388 j++
00389
00390 void SHA256_Transform(SHA256_CTX* context, const sha2_word32* data) {
00391 sha2_word32 a, b, c, d, e, f, g, h, s0, s1;
00392 sha2_word32 T1, *W256;
00393 int j;
00394
00395 W256 = (sha2_word32*)context->buffer;
00396
00397
00398 a = context->state[0];
00399 b = context->state[1];
00400 c = context->state[2];
00401 d = context->state[3];
00402 e = context->state[4];
00403 f = context->state[5];
00404 g = context->state[6];
00405 h = context->state[7];
00406
00407 j = 0;
00408 do {
00409
00410 ROUND256_0_TO_15(a,b,c,d,e,f,g,h);
00411 ROUND256_0_TO_15(h,a,b,c,d,e,f,g);
00412 ROUND256_0_TO_15(g,h,a,b,c,d,e,f);
00413 ROUND256_0_TO_15(f,g,h,a,b,c,d,e);
00414 ROUND256_0_TO_15(e,f,g,h,a,b,c,d);
00415 ROUND256_0_TO_15(d,e,f,g,h,a,b,c);
00416 ROUND256_0_TO_15(c,d,e,f,g,h,a,b);
00417 ROUND256_0_TO_15(b,c,d,e,f,g,h,a);
00418 } while (j < 16);
00419
00420
00421 do {
00422 ROUND256(a,b,c,d,e,f,g,h);
00423 ROUND256(h,a,b,c,d,e,f,g);
00424 ROUND256(g,h,a,b,c,d,e,f);
00425 ROUND256(f,g,h,a,b,c,d,e);
00426 ROUND256(e,f,g,h,a,b,c,d);
00427 ROUND256(d,e,f,g,h,a,b,c);
00428 ROUND256(c,d,e,f,g,h,a,b);
00429 ROUND256(b,c,d,e,f,g,h,a);
00430 } while (j < 64);
00431
00432
00433 context->state[0] += a;
00434 context->state[1] += b;
00435 context->state[2] += c;
00436 context->state[3] += d;
00437 context->state[4] += e;
00438 context->state[5] += f;
00439 context->state[6] += g;
00440 context->state[7] += h;
00441
00442
00443 a = b = c = d = e = f = g = h = T1 = 0;
00444 }
00445
00446 #else
00447
00448 void SHA256_Transform(SHA256_CTX* context, const sha2_word32* data) {
00449 sha2_word32 a, b, c, d, e, f, g, h, s0, s1;
00450 sha2_word32 T1, T2, *W256;
00451 int j;
00452
00453 W256 = (sha2_word32*)context->buffer;
00454
00455
00456 a = context->state[0];
00457 b = context->state[1];
00458 c = context->state[2];
00459 d = context->state[3];
00460 e = context->state[4];
00461 f = context->state[5];
00462 g = context->state[6];
00463 h = context->state[7];
00464
00465 j = 0;
00466 do {
00467 #if BYTE_ORDER == LITTLE_ENDIAN
00468
00469 REVERSE32(*data++,W256[j]);
00470
00471 T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + W256[j];
00472 #else
00473
00474 T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + (W256[j] = *data++);
00475 #endif
00476 T2 = Sigma0_256(a) + Maj(a, b, c);
00477 h = g;
00478 g = f;
00479 f = e;
00480 e = d + T1;
00481 d = c;
00482 c = b;
00483 b = a;
00484 a = T1 + T2;
00485
00486 j++;
00487 } while (j < 16);
00488
00489 do {
00490
00491 s0 = W256[(j+1)&0x0f];
00492 s0 = sigma0_256(s0);
00493 s1 = W256[(j+14)&0x0f];
00494 s1 = sigma1_256(s1);
00495
00496
00497 T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] +
00498 (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0);
00499 T2 = Sigma0_256(a) + Maj(a, b, c);
00500 h = g;
00501 g = f;
00502 f = e;
00503 e = d + T1;
00504 d = c;
00505 c = b;
00506 b = a;
00507 a = T1 + T2;
00508
00509 j++;
00510 } while (j < 64);
00511
00512
00513 context->state[0] += a;
00514 context->state[1] += b;
00515 context->state[2] += c;
00516 context->state[3] += d;
00517 context->state[4] += e;
00518 context->state[5] += f;
00519 context->state[6] += g;
00520 context->state[7] += h;
00521
00522
00523 a = b = c = d = e = f = g = h = T1 = T2 = 0;
00524 }
00525
00526 #endif
00527
00528 void SHA256_Update(SHA256_CTX* context, const sha2_byte *data, size_t len) {
00529 unsigned int freespace, usedspace;
00530
00531 if (len == 0) {
00532
00533 return;
00534 }
00535
00536
00537 assert(context != (SHA256_CTX*)0 && data != (sha2_byte*)0);
00538
00539 usedspace = (unsigned int)((context->bitcount >> 3) % SHA256_BLOCK_LENGTH);
00540 if (usedspace > 0) {
00541
00542 freespace = SHA256_BLOCK_LENGTH - usedspace;
00543
00544 if (len >= freespace) {
00545
00546 MEMCPY_BCOPY(&context->buffer[usedspace], data, freespace);
00547 context->bitcount += freespace << 3;
00548 len -= freespace;
00549 data += freespace;
00550 SHA256_Transform(context, (sha2_word32*)context->buffer);
00551 } else {
00552
00553 MEMCPY_BCOPY(&context->buffer[usedspace], data, len);
00554 context->bitcount += len << 3;
00555
00556 usedspace = freespace = 0;
00557 return;
00558 }
00559 }
00560 while (len >= SHA256_BLOCK_LENGTH) {
00561
00562 SHA256_Transform(context, (sha2_word32*)data);
00563 context->bitcount += SHA256_BLOCK_LENGTH << 3;
00564 len -= SHA256_BLOCK_LENGTH;
00565 data += SHA256_BLOCK_LENGTH;
00566 }
00567 if (len > 0) {
00568
00569 MEMCPY_BCOPY(context->buffer, data, len);
00570 context->bitcount += len << 3;
00571 }
00572
00573 usedspace = freespace = 0;
00574 }
00575
00576 void SHA256_Final(sha2_byte digest[], SHA256_CTX* context) {
00577 sha2_word32 *d = (sha2_word32*)digest;
00578 unsigned int usedspace;
00579
00580
00581 assert(context != (SHA256_CTX*)0);
00582
00583
00584 if (digest != (sha2_byte*)0) {
00585 usedspace = (unsigned int)((context->bitcount >> 3) % SHA256_BLOCK_LENGTH);
00586 #if BYTE_ORDER == LITTLE_ENDIAN
00587
00588 REVERSE64(context->bitcount,context->bitcount);
00589 #endif
00590 if (usedspace > 0) {
00591
00592 context->buffer[usedspace++] = 0x80;
00593
00594 if (usedspace <= SHA256_SHORT_BLOCK_LENGTH) {
00595
00596 MEMSET_BZERO(&context->buffer[usedspace], SHA256_SHORT_BLOCK_LENGTH - usedspace);
00597 } else {
00598 if (usedspace < SHA256_BLOCK_LENGTH) {
00599 MEMSET_BZERO(&context->buffer[usedspace], SHA256_BLOCK_LENGTH - usedspace);
00600 }
00601
00602 SHA256_Transform(context, (sha2_word32*)context->buffer);
00603
00604
00605 MEMSET_BZERO(context->buffer, SHA256_SHORT_BLOCK_LENGTH);
00606 }
00607 } else {
00608
00609 MEMSET_BZERO(context->buffer, SHA256_SHORT_BLOCK_LENGTH);
00610
00611
00612 *context->buffer = 0x80;
00613 }
00614
00615 *(sha2_word64*)&context->buffer[SHA256_SHORT_BLOCK_LENGTH] = context->bitcount;
00616
00617
00618 SHA256_Transform(context, (sha2_word32*)context->buffer);
00619
00620 #if BYTE_ORDER == LITTLE_ENDIAN
00621 {
00622
00623 int j;
00624 for (j = 0; j < 8; j++) {
00625 REVERSE32(context->state[j],context->state[j]);
00626 *d++ = context->state[j];
00627 }
00628 }
00629 #else
00630 MEMCPY_BCOPY(d, context->state, SHA256_DIGEST_LENGTH);
00631 #endif
00632 }
00633
00634
00635 MEMSET_BZERO(context, sizeof(context));
00636 usedspace = 0;
00637 }
00638
00639 char *SHA256_End(SHA256_CTX* context, char buffer[]) {
00640 sha2_byte digest[SHA256_DIGEST_LENGTH], *d = digest;
00641 int i;
00642
00643
00644 assert(context != (SHA256_CTX*)0);
00645
00646 if (buffer != (char*)0) {
00647 SHA256_Final(digest, context);
00648 for (i = 0; i < SHA256_DIGEST_LENGTH; i++) {
00649 *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4];
00650 *buffer++ = sha2_hex_digits[*d & 0x0f];
00651 d++;
00652 }
00653 *buffer = (char)0;
00654 } else {
00655 MEMSET_BZERO(context, sizeof(context));
00656 }
00657 MEMSET_BZERO(digest, SHA256_DIGEST_LENGTH);
00658 return buffer;
00659 }
00660
00661 char* SHA256_Data(const sha2_byte* data, size_t len, char digest[SHA256_DIGEST_STRING_LENGTH]) {
00662 SHA256_CTX context;
00663
00664 SHA256_Init(&context);
00665 SHA256_Update(&context, data, len);
00666 return SHA256_End(&context, digest);
00667 }
00668
00669
00670
00671 void SHA512_Init(SHA512_CTX* context) {
00672 if (context == (SHA512_CTX*)0) {
00673 return;
00674 }
00675 MEMCPY_BCOPY(context->state, sha512_initial_hash_value, SHA512_DIGEST_LENGTH);
00676 MEMSET_BZERO(context->buffer, SHA512_BLOCK_LENGTH);
00677 context->bitcount[0] = context->bitcount[1] = 0;
00678 }
00679
00680 #ifdef SHA2_UNROLL_TRANSFORM
00681
00682
00683 #if BYTE_ORDER == LITTLE_ENDIAN
00684
00685 #define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \
00686 REVERSE64(*data++, W512[j]); \
00687 T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \
00688 K512[j] + W512[j]; \
00689 (d) += T1, \
00690 (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)), \
00691 j++
00692
00693
00694 #else
00695
00696 #define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \
00697 T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \
00698 K512[j] + (W512[j] = *data++); \
00699 (d) += T1; \
00700 (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \
00701 j++
00702
00703 #endif
00704
00705 #define ROUND512(a,b,c,d,e,f,g,h) \
00706 s0 = W512[(j+1)&0x0f]; \
00707 s0 = sigma0_512(s0); \
00708 s1 = W512[(j+14)&0x0f]; \
00709 s1 = sigma1_512(s1); \
00710 T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + K512[j] + \
00711 (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0); \
00712 (d) += T1; \
00713 (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \
00714 j++
00715
00716 void SHA512_Transform(SHA512_CTX* context, const sha2_word64* data) {
00717 sha2_word64 a, b, c, d, e, f, g, h, s0, s1;
00718 sha2_word64 T1, *W512 = (sha2_word64*)context->buffer;
00719 int j;
00720
00721
00722 a = context->state[0];
00723 b = context->state[1];
00724 c = context->state[2];
00725 d = context->state[3];
00726 e = context->state[4];
00727 f = context->state[5];
00728 g = context->state[6];
00729 h = context->state[7];
00730
00731 j = 0;
00732 do {
00733 ROUND512_0_TO_15(a,b,c,d,e,f,g,h);
00734 ROUND512_0_TO_15(h,a,b,c,d,e,f,g);
00735 ROUND512_0_TO_15(g,h,a,b,c,d,e,f);
00736 ROUND512_0_TO_15(f,g,h,a,b,c,d,e);
00737 ROUND512_0_TO_15(e,f,g,h,a,b,c,d);
00738 ROUND512_0_TO_15(d,e,f,g,h,a,b,c);
00739 ROUND512_0_TO_15(c,d,e,f,g,h,a,b);
00740 ROUND512_0_TO_15(b,c,d,e,f,g,h,a);
00741 } while (j < 16);
00742
00743
00744 do {
00745 ROUND512(a,b,c,d,e,f,g,h);
00746 ROUND512(h,a,b,c,d,e,f,g);
00747 ROUND512(g,h,a,b,c,d,e,f);
00748 ROUND512(f,g,h,a,b,c,d,e);
00749 ROUND512(e,f,g,h,a,b,c,d);
00750 ROUND512(d,e,f,g,h,a,b,c);
00751 ROUND512(c,d,e,f,g,h,a,b);
00752 ROUND512(b,c,d,e,f,g,h,a);
00753 } while (j < 80);
00754
00755
00756 context->state[0] += a;
00757 context->state[1] += b;
00758 context->state[2] += c;
00759 context->state[3] += d;
00760 context->state[4] += e;
00761 context->state[5] += f;
00762 context->state[6] += g;
00763 context->state[7] += h;
00764
00765
00766 a = b = c = d = e = f = g = h = T1 = 0;
00767 }
00768
00769 #else
00770
00771 void SHA512_Transform(SHA512_CTX* context, const sha2_word64* data) {
00772 sha2_word64 a, b, c, d, e, f, g, h, s0, s1;
00773 sha2_word64 T1, T2, *W512 = (sha2_word64*)context->buffer;
00774 int j;
00775
00776
00777 a = context->state[0];
00778 b = context->state[1];
00779 c = context->state[2];
00780 d = context->state[3];
00781 e = context->state[4];
00782 f = context->state[5];
00783 g = context->state[6];
00784 h = context->state[7];
00785
00786 j = 0;
00787 do {
00788 #if BYTE_ORDER == LITTLE_ENDIAN
00789
00790 REVERSE64(*data++, W512[j]);
00791
00792 T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j];
00793 #else
00794
00795 T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + (W512[j] = *data++);
00796 #endif
00797 T2 = Sigma0_512(a) + Maj(a, b, c);
00798 h = g;
00799 g = f;
00800 f = e;
00801 e = d + T1;
00802 d = c;
00803 c = b;
00804 b = a;
00805 a = T1 + T2;
00806
00807 j++;
00808 } while (j < 16);
00809
00810 do {
00811
00812 s0 = W512[(j+1)&0x0f];
00813 s0 = sigma0_512(s0);
00814 s1 = W512[(j+14)&0x0f];
00815 s1 = sigma1_512(s1);
00816
00817
00818 T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] +
00819 (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0);
00820 T2 = Sigma0_512(a) + Maj(a, b, c);
00821 h = g;
00822 g = f;
00823 f = e;
00824 e = d + T1;
00825 d = c;
00826 c = b;
00827 b = a;
00828 a = T1 + T2;
00829
00830 j++;
00831 } while (j < 80);
00832
00833
00834 context->state[0] += a;
00835 context->state[1] += b;
00836 context->state[2] += c;
00837 context->state[3] += d;
00838 context->state[4] += e;
00839 context->state[5] += f;
00840 context->state[6] += g;
00841 context->state[7] += h;
00842
00843
00844 a = b = c = d = e = f = g = h = T1 = T2 = 0;
00845 }
00846
00847 #endif
00848
00849 void SHA512_Update(SHA512_CTX* context, const sha2_byte *data, size_t len) {
00850 unsigned int freespace, usedspace;
00851
00852 if (len == 0) {
00853
00854 return;
00855 }
00856
00857
00858 assert(context != (SHA512_CTX*)0 && data != (sha2_byte*)0);
00859
00860 usedspace = (unsigned int)((context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH);
00861 if (usedspace > 0) {
00862
00863 freespace = SHA512_BLOCK_LENGTH - usedspace;
00864
00865 if (len >= freespace) {
00866
00867 MEMCPY_BCOPY(&context->buffer[usedspace], data, freespace);
00868 ADDINC128(context->bitcount, freespace << 3);
00869 len -= freespace;
00870 data += freespace;
00871 SHA512_Transform(context, (sha2_word64*)context->buffer);
00872 } else {
00873
00874 MEMCPY_BCOPY(&context->buffer[usedspace], data, len);
00875 ADDINC128(context->bitcount, len << 3);
00876
00877 usedspace = freespace = 0;
00878 return;
00879 }
00880 }
00881 while (len >= SHA512_BLOCK_LENGTH) {
00882
00883 SHA512_Transform(context, (sha2_word64*)data);
00884 ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3);
00885 len -= SHA512_BLOCK_LENGTH;
00886 data += SHA512_BLOCK_LENGTH;
00887 }
00888 if (len > 0) {
00889
00890 MEMCPY_BCOPY(context->buffer, data, len);
00891 ADDINC128(context->bitcount, len << 3);
00892 }
00893
00894 usedspace = freespace = 0;
00895 }
00896
00897 void SHA512_Last(SHA512_CTX* context) {
00898 unsigned int usedspace;
00899
00900 usedspace = (unsigned int)((context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH);
00901 #if BYTE_ORDER == LITTLE_ENDIAN
00902
00903 REVERSE64(context->bitcount[0],context->bitcount[0]);
00904 REVERSE64(context->bitcount[1],context->bitcount[1]);
00905 #endif
00906 if (usedspace > 0) {
00907
00908 context->buffer[usedspace++] = 0x80;
00909
00910 if (usedspace <= SHA512_SHORT_BLOCK_LENGTH) {
00911
00912 MEMSET_BZERO(&context->buffer[usedspace], SHA512_SHORT_BLOCK_LENGTH - usedspace);
00913 } else {
00914 if (usedspace < SHA512_BLOCK_LENGTH) {
00915 MEMSET_BZERO(&context->buffer[usedspace], SHA512_BLOCK_LENGTH - usedspace);
00916 }
00917
00918 SHA512_Transform(context, (sha2_word64*)context->buffer);
00919
00920
00921 MEMSET_BZERO(context->buffer, SHA512_BLOCK_LENGTH - 2);
00922 }
00923 } else {
00924
00925 MEMSET_BZERO(context->buffer, SHA512_SHORT_BLOCK_LENGTH);
00926
00927
00928 *context->buffer = 0x80;
00929 }
00930
00931 *(sha2_word64*)&context->buffer[SHA512_SHORT_BLOCK_LENGTH] = context->bitcount[1];
00932 *(sha2_word64*)&context->buffer[SHA512_SHORT_BLOCK_LENGTH+8] = context->bitcount[0];
00933
00934
00935 SHA512_Transform(context, (sha2_word64*)context->buffer);
00936 }
00937
00938 void SHA512_Final(sha2_byte digest[], SHA512_CTX* context) {
00939 sha2_word64 *d = (sha2_word64*)digest;
00940
00941
00942 assert(context != (SHA512_CTX*)0);
00943
00944
00945 if (digest != (sha2_byte*)0) {
00946 SHA512_Last(context);
00947
00948
00949 #if BYTE_ORDER == LITTLE_ENDIAN
00950 {
00951
00952 int j;
00953 for (j = 0; j < 8; j++) {
00954 REVERSE64(context->state[j],context->state[j]);
00955 *d++ = context->state[j];
00956 }
00957 }
00958 #else
00959 MEMCPY_BCOPY(d, context->state, SHA512_DIGEST_LENGTH);
00960 #endif
00961 }
00962
00963
00964 MEMSET_BZERO(context, sizeof(context));
00965 }
00966
00967 char *SHA512_End(SHA512_CTX* context, char buffer[]) {
00968 sha2_byte digest[SHA512_DIGEST_LENGTH], *d = digest;
00969 int i;
00970
00971
00972 assert(context != (SHA512_CTX*)0);
00973
00974 if (buffer != (char*)0) {
00975 SHA512_Final(digest, context);
00976 for (i = 0; i < SHA512_DIGEST_LENGTH; i++) {
00977 *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4];
00978 *buffer++ = sha2_hex_digits[*d & 0x0f];
00979 d++;
00980 }
00981 *buffer = (char)0;
00982 } else {
00983 MEMSET_BZERO(context, sizeof(context));
00984 }
00985 MEMSET_BZERO(digest, SHA512_DIGEST_LENGTH);
00986 return buffer;
00987 }
00988
00989 char* SHA512_Data(const sha2_byte* data, size_t len, char digest[SHA512_DIGEST_STRING_LENGTH]) {
00990 SHA512_CTX context;
00991
00992 SHA512_Init(&context);
00993 SHA512_Update(&context, data, len);
00994 return SHA512_End(&context, digest);
00995 }
00996
00997
00998
00999 void SHA384_Init(SHA384_CTX* context) {
01000 if (context == (SHA384_CTX*)0) {
01001 return;
01002 }
01003 MEMCPY_BCOPY(context->state, sha384_initial_hash_value, SHA512_DIGEST_LENGTH);
01004 MEMSET_BZERO(context->buffer, SHA384_BLOCK_LENGTH);
01005 context->bitcount[0] = context->bitcount[1] = 0;
01006 }
01007
01008 void SHA384_Update(SHA384_CTX* context, const sha2_byte* data, size_t len) {
01009 SHA512_Update((SHA512_CTX*)context, data, len);
01010 }
01011
01012 void SHA384_Final(sha2_byte digest[], SHA384_CTX* context) {
01013 sha2_word64 *d = (sha2_word64*)digest;
01014
01015
01016 assert(context != (SHA384_CTX*)0);
01017
01018
01019 if (digest != (sha2_byte*)0) {
01020 SHA512_Last((SHA512_CTX*)context);
01021
01022
01023 #if BYTE_ORDER == LITTLE_ENDIAN
01024 {
01025
01026 int j;
01027 for (j = 0; j < 6; j++) {
01028 REVERSE64(context->state[j],context->state[j]);
01029 *d++ = context->state[j];
01030 }
01031 }
01032 #else
01033 MEMCPY_BCOPY(d, context->state, SHA384_DIGEST_LENGTH);
01034 #endif
01035 }
01036
01037
01038 MEMSET_BZERO(context, sizeof(context));
01039 }
01040
01041 char *SHA384_End(SHA384_CTX* context, char buffer[]) {
01042 sha2_byte digest[SHA384_DIGEST_LENGTH], *d = digest;
01043 int i;
01044
01045
01046 assert(context != (SHA384_CTX*)0);
01047
01048 if (buffer != (char*)0) {
01049 SHA384_Final(digest, context);
01050 for (i = 0; i < SHA384_DIGEST_LENGTH; i++) {
01051 *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4];
01052 *buffer++ = sha2_hex_digits[*d & 0x0f];
01053 d++;
01054 }
01055 *buffer = (char)0;
01056 } else {
01057 MEMSET_BZERO(context, sizeof(context));
01058 }
01059 MEMSET_BZERO(digest, SHA384_DIGEST_LENGTH);
01060 return buffer;
01061 }
01062
01063 char* SHA384_Data(const sha2_byte* data, size_t len, char digest[SHA384_DIGEST_STRING_LENGTH]) {
01064 SHA384_CTX context;
01065
01066 SHA384_Init(&context);
01067 SHA384_Update(&context, data, len);
01068 return SHA384_End(&context, digest);
01069 }
01070
01071