← Back to branch summary

~ubuntu-branches/ubuntu/lucid/openssl/lucid-proposed

« back to all changes in this revision

Viewing changes to crypto/sha/sha256.c

  • Committer: Bazaar Package Importer
  • Author(s): Kurt Roeckx
  • Date: 2009-06-13 18:15:46 UTC
  • mto: (11.1.5 squeeze)
  • mto: This revision was merged to the branch mainline in revision 34.
  • Revision ID: james.westby@ubuntu.com-20090613181546-vbfntai3b009dl1u
Tags: upstream-0.9.8k
ImportĀ upstreamĀ versionĀ 0.9.8k

Show diffs side-by-side

added added

removed removed

Lines of Context:
crypto/sha/sha256.c
12
12
 
13
13
#include <openssl/crypto.h>
14
14
#include <openssl/sha.h>
 
15
#ifdef OPENSSL_FIPS
 
16
#include <openssl/fips.h>
 
17
#endif
 
18
 
15
19
#include <openssl/opensslv.h>
16
20
 
17
21
const char SHA256_version[]="SHA-256" OPENSSL_VERSION_PTEXT;
18
22
 
19
23
int SHA224_Init (SHA256_CTX *c)
20
24
        {
 
25
#ifdef OPENSSL_FIPS
 
26
        FIPS_selftest_check();
 
27
#endif
21
28
        c->h[0]=0xc1059ed8UL;   c->h[1]=0x367cd507UL;
22
29
        c->h[2]=0x3070dd17UL;   c->h[3]=0xf70e5939UL;
23
30
        c->h[4]=0xffc00b31UL;   c->h[5]=0x68581511UL;
29
36
 
30
37
int SHA256_Init (SHA256_CTX *c)
31
38
        {
 
39
#ifdef OPENSSL_FIPS
 
40
        FIPS_selftest_check();
 
41
#endif
32
42
        c->h[0]=0x6a09e667UL;   c->h[1]=0xbb67ae85UL;
33
43
        c->h[2]=0x3c6ef372UL;   c->h[3]=0xa54ff53aUL;
34
44
        c->h[4]=0x510e527fUL;   c->h[5]=0x9b05688cUL;
69
79
int SHA224_Final (unsigned char *md, SHA256_CTX *c)
70
80
{   return SHA256_Final (md,c);   }
71
81
 
72
 
#ifndef SHA_LONG_LOG2
73
 
#define SHA_LONG_LOG2   2       /* default to 32 bits */
74
 
#endif
75
 
 
76
82
#define DATA_ORDER_IS_BIG_ENDIAN
77
83
 
78
84
#define HASH_LONG               SHA_LONG
79
 
#define HASH_LONG_LOG2          SHA_LONG_LOG2
80
85
#define HASH_CTX                SHA256_CTX
81
86
#define HASH_CBLOCK             SHA_CBLOCK
82
 
#define HASH_LBLOCK             SHA_LBLOCK
83
87
/*
84
88
 * Note that FIPS180-2 discusses "Truncation of the Hash Function Output."
85
89
 * default: case below covers for it. It's not clear however if it's
90
94
 */
91
95
#define HASH_MAKE_STRING(c,s)   do {    \
92
96
        unsigned long ll;               \
93
 
        unsigned int  n;                \
 
97
        unsigned int  xn;               \
94
98
        switch ((c)->md_len)            \
95
99
        {   case SHA224_DIGEST_LENGTH:  \
96
 
                for (n=0;n<SHA224_DIGEST_LENGTH/4;n++)  \
97
 
                {   ll=(c)->h[n]; HOST_l2c(ll,(s));   } \
 
100
                for (xn=0;xn<SHA224_DIGEST_LENGTH/4;xn++)       \
 
101
                {   ll=(c)->h[xn]; HOST_l2c(ll,(s));   }        \
98
102
                break;                  \
99
103
            case SHA256_DIGEST_LENGTH:  \
100
 
                for (n=0;n<SHA256_DIGEST_LENGTH/4;n++)  \
101
 
                {   ll=(c)->h[n]; HOST_l2c(ll,(s));   } \
 
104
                for (xn=0;xn<SHA256_DIGEST_LENGTH/4;xn++)       \
 
105
                {   ll=(c)->h[xn]; HOST_l2c(ll,(s));   }        \
102
106
                break;                  \
103
107
            default:                    \
104
108
                if ((c)->md_len > SHA256_DIGEST_LENGTH) \
105
109
                    return 0;                           \
106
 
                for (n=0;n<(c)->md_len/4;n++)           \
107
 
                {   ll=(c)->h[n]; HOST_l2c(ll,(s));   } \
 
110
                for (xn=0;xn<(c)->md_len/4;xn++)                \
 
111
                {   ll=(c)->h[xn]; HOST_l2c(ll,(s));   }        \
108
112
                break;                  \
109
113
        }                               \
110
114
        } while (0)
112
116
#define HASH_UPDATE             SHA256_Update
113
117
#define HASH_TRANSFORM          SHA256_Transform
114
118
#define HASH_FINAL              SHA256_Final
115
 
#define HASH_BLOCK_HOST_ORDER   sha256_block_host_order
116
119
#define HASH_BLOCK_DATA_ORDER   sha256_block_data_order
117
 
void sha256_block_host_order (SHA256_CTX *ctx, const void *in, size_t num);
 
120
#ifndef SHA256_ASM
 
121
static
 
122
#endif
118
123
void sha256_block_data_order (SHA256_CTX *ctx, const void *in, size_t num);
119
124
 
120
125
#include "md32_common.h"
121
126
 
122
 
#ifdef SHA256_ASM
123
 
void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host);
124
 
#else
 
127
#ifndef SHA256_ASM
125
128
static const SHA_LONG K256[64] = {
126
129
        0x428a2f98UL,0x71374491UL,0xb5c0fbcfUL,0xe9b5dba5UL,
127
130
        0x3956c25bUL,0x59f111f1UL,0x923f82a4UL,0xab1c5ed5UL,
155
158
 
156
159
#ifdef OPENSSL_SMALL_FOOTPRINT
157
160
 
158
 
static void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host)
 
161
static void sha256_block_data_order (SHA256_CTX *ctx, const void *in, size_t num)
159
162
        {
160
163
        unsigned MD32_REG_T a,b,c,d,e,f,g,h,s0,s1,T1,T2;
161
 
        SHA_LONG        X[16];
 
164
        SHA_LONG        X[16],l;
162
165
        int i;
163
166
        const unsigned char *data=in;
164
167
 
167
170
        a = ctx->h[0];  b = ctx->h[1];  c = ctx->h[2];  d = ctx->h[3];
168
171
        e = ctx->h[4];  f = ctx->h[5];  g = ctx->h[6];  h = ctx->h[7];
169
172
 
170
 
        if (host)
171
 
                {
172
 
                const SHA_LONG *W=(const SHA_LONG *)data;
173
 
 
174
 
                for (i=0;i<16;i++)
175
 
                        {
176
 
                        T1 = X[i] = W[i];
177
 
                        T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];
178
 
                        T2 = Sigma0(a) + Maj(a,b,c);
179
 
                        h = g;  g = f;  f = e;  e = d + T1;
180
 
                        d = c;  c = b;  b = a;  a = T1 + T2;
181
 
                        }
182
 
 
183
 
                data += SHA256_CBLOCK;
184
 
                }
185
 
        else
186
 
                {
187
 
                SHA_LONG l;
188
 
 
189
 
                for (i=0;i<16;i++)
190
 
                        {
191
 
                        HOST_c2l(data,l); T1 = X[i] = l;
192
 
                        T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];
193
 
                        T2 = Sigma0(a) + Maj(a,b,c);
194
 
                        h = g;  g = f;  f = e;  e = d + T1;
195
 
                        d = c;  c = b;  b = a;  a = T1 + T2;
196
 
                        }
 
173
        for (i=0;i<16;i++)
 
174
                {
 
175
                HOST_c2l(data,l); T1 = X[i] = l;
 
176
                T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];
 
177
                T2 = Sigma0(a) + Maj(a,b,c);
 
178
                h = g;  g = f;  f = e;  e = d + T1;
 
179
                d = c;  c = b;  b = a;  a = T1 + T2;
197
180
                }
198
181
 
199
182
        for (;i<64;i++)
227
210
        T1 = X[(i)&0x0f] += s0 + s1 + X[(i+9)&0x0f];    \
228
211
        ROUND_00_15(i,a,b,c,d,e,f,g,h);         } while (0)
229
212
 
230
 
static void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host)
 
213
static void sha256_block_data_order (SHA256_CTX *ctx, const void *in, size_t num)
231
214
        {
232
215
        unsigned MD32_REG_T a,b,c,d,e,f,g,h,s0,s1,T1;
233
216
        SHA_LONG        X[16];
234
217
        int i;
235
218
        const unsigned char *data=in;
 
219
        const union { long one; char little; } is_endian = {1};
236
220
 
237
221
                        while (num--) {
238
222
 
239
223
        a = ctx->h[0];  b = ctx->h[1];  c = ctx->h[2];  d = ctx->h[3];
240
224
        e = ctx->h[4];  f = ctx->h[5];  g = ctx->h[6];  h = ctx->h[7];
241
225
 
242
 
        if (host)
 
226
        if (!is_endian.little && sizeof(SHA_LONG)==4 && ((size_t)in%4)==0)
243
227
                {
244
228
                const SHA_LONG *W=(const SHA_LONG *)data;
245
229
 
305
289
#endif
306
290
#endif /* SHA256_ASM */
307
291
 
308
 
/*
309
 
 * Idea is to trade couple of cycles for some space. On IA-32 we save
310
 
 * about 4K in "big footprint" case. In "small footprint" case any gain
311
 
 * is appreciated:-)
312
 
 */
313
 
void HASH_BLOCK_HOST_ORDER (SHA256_CTX *ctx, const void *in, size_t num)
314
 
{   sha256_block (ctx,in,num,1);   }
315
 
 
316
 
void HASH_BLOCK_DATA_ORDER (SHA256_CTX *ctx, const void *in, size_t num)
317
 
{   sha256_block (ctx,in,num,0);   }
318
 
 
319
292
#endif /* OPENSSL_NO_SHA256 */