| OLD | NEW |
|---|
| 1 /* SHA-256 and SHA-512 implementation based on code by Oliver Gay | 1 /* SHA-256 and SHA-512 implementation based on code by Oliver Gay |
| 2 * <olivier.gay@a3.epfl.ch> under a BSD-style license. See below. | 2 * <olivier.gay@a3.epfl.ch> under a BSD-style license. See below. |
| 3 */ | 3 */ |
| 4 | 4 |
| 5 /* | 5 /* |
| 6 * FIPS 180-2 SHA-224/256/384/512 implementation | 6 * FIPS 180-2 SHA-224/256/384/512 implementation |
| 7 * Last update: 02/02/2007 | 7 * Last update: 02/02/2007 |
| 8 * Issue date: 04/30/2005 | 8 * Issue date: 04/30/2005 |
| 9 * | 9 * |
| 10 * Copyright (C) 2005, 2007 Olivier Gay <olivier.gay@a3.epfl.ch> | 10 * Copyright (C) 2005, 2007 Olivier Gay <olivier.gay@a3.epfl.ch> |
| (...skipping 314 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 325 ctx->h[0] += wv[0]; ctx->h[1] += wv[1]; | 325 ctx->h[0] += wv[0]; ctx->h[1] += wv[1]; |
| 326 ctx->h[2] += wv[2]; ctx->h[3] += wv[3]; | 326 ctx->h[2] += wv[2]; ctx->h[3] += wv[3]; |
| 327 ctx->h[4] += wv[4]; ctx->h[5] += wv[5]; | 327 ctx->h[4] += wv[4]; ctx->h[5] += wv[5]; |
| 328 ctx->h[6] += wv[6]; ctx->h[7] += wv[7]; | 328 ctx->h[6] += wv[6]; ctx->h[7] += wv[7]; |
| 329 #endif /* !UNROLL_LOOPS */ | 329 #endif /* !UNROLL_LOOPS */ |
| 330 } | 330 } |
| 331 } | 331 } |
| 332 | 332 |
| 333 | 333 |
| 334 | 334 |
| 335 void SHA256_update(SHA256_CTX* ctx, const uint8_t* data, uint64_t len) { | 335 void SHA256_update(SHA256_CTX* ctx, const uint8_t* data, uint32_t len) { |
| 336 unsigned int block_nb; | 336 unsigned int block_nb; |
| 337 unsigned int new_len, rem_len, tmp_len; | 337 unsigned int new_len, rem_len, tmp_len; |
| 338 const uint8_t *shifted_data; | 338 const uint8_t *shifted_data; |
| 339 | 339 |
| 340 tmp_len = SHA256_BLOCK_SIZE - ctx->len; | 340 tmp_len = SHA256_BLOCK_SIZE - ctx->len; |
| 341 rem_len = len < tmp_len ? (unsigned int)len : tmp_len; | 341 rem_len = len < tmp_len ? len : tmp_len; |
| 342 | 342 |
| 343 Memcpy(&ctx->block[ctx->len], data, rem_len); | 343 Memcpy(&ctx->block[ctx->len], data, rem_len); |
| 344 | 344 |
| 345 if (ctx->len + len < SHA256_BLOCK_SIZE) { | 345 if (ctx->len + len < SHA256_BLOCK_SIZE) { |
| 346 ctx->len += (uint32_t)len; | 346 ctx->len += len; |
| 347 return; | 347 return; |
| 348 } | 348 } |
| 349 | 349 |
| 350 new_len = (unsigned int)len - rem_len; | 350 new_len = len - rem_len; |
| 351 block_nb = new_len / SHA256_BLOCK_SIZE; | 351 block_nb = new_len / SHA256_BLOCK_SIZE; |
| 352 | 352 |
| 353 shifted_data = data + rem_len; | 353 shifted_data = data + rem_len; |
| 354 | 354 |
| 355 SHA256_transform(ctx, ctx->block, 1); | 355 SHA256_transform(ctx, ctx->block, 1); |
| 356 SHA256_transform(ctx, shifted_data, block_nb); | 356 SHA256_transform(ctx, shifted_data, block_nb); |
| 357 | 357 |
| 358 rem_len = new_len % SHA256_BLOCK_SIZE; | 358 rem_len = new_len % SHA256_BLOCK_SIZE; |
| 359 | 359 |
| 360 Memcpy(ctx->block, &shifted_data[block_nb << 6], | 360 Memcpy(ctx->block, &shifted_data[block_nb << 6], |
| (...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 417 ctx->h[4] = sha512_h0[4]; ctx->h[5] = sha512_h0[5]; | 417 ctx->h[4] = sha512_h0[4]; ctx->h[5] = sha512_h0[5]; |
| 418 ctx->h[6] = sha512_h0[6]; ctx->h[7] = sha512_h0[7]; | 418 ctx->h[6] = sha512_h0[6]; ctx->h[7] = sha512_h0[7]; |
| 419 #endif /* !UNROLL_LOOPS */ | 419 #endif /* !UNROLL_LOOPS */ |
| 420 | 420 |
| 421 ctx->len = 0; | 421 ctx->len = 0; |
| 422 ctx->tot_len = 0; | 422 ctx->tot_len = 0; |
| 423 } | 423 } |
| 424 | 424 |
| 425 | 425 |
| 426 static void SHA512_transform(SHA512_CTX* ctx, const uint8_t* message, | 426 static void SHA512_transform(SHA512_CTX* ctx, const uint8_t* message, |
| 427 unsigned int block_nb) | 427 unsigned int block_nb) { |
| 428 { | |
| 429 uint64_t w[80]; | 428 uint64_t w[80]; |
| 430 uint64_t wv[8]; | 429 uint64_t wv[8]; |
| 431 uint64_t t1, t2; | 430 uint64_t t1, t2; |
| 432 const uint8_t *sub_block; | 431 const uint8_t *sub_block; |
| 433 int i, j; | 432 int i, j; |
| 434 | 433 |
| 435 for (i = 0; i < (int) block_nb; i++) { | 434 for (i = 0; i < (int) block_nb; i++) { |
| 436 sub_block = message + (i << 7); | 435 sub_block = message + (i << 7); |
| 437 | 436 |
| 438 #ifndef UNROLL_LOOPS | 437 #ifndef UNROLL_LOOPS |
| (...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 513 ctx->h[0] += wv[0]; ctx->h[1] += wv[1]; | 512 ctx->h[0] += wv[0]; ctx->h[1] += wv[1]; |
| 514 ctx->h[2] += wv[2]; ctx->h[3] += wv[3]; | 513 ctx->h[2] += wv[2]; ctx->h[3] += wv[3]; |
| 515 ctx->h[4] += wv[4]; ctx->h[5] += wv[5]; | 514 ctx->h[4] += wv[4]; ctx->h[5] += wv[5]; |
| 516 ctx->h[6] += wv[6]; ctx->h[7] += wv[7]; | 515 ctx->h[6] += wv[6]; ctx->h[7] += wv[7]; |
| 517 #endif /* !UNROLL_LOOPS */ | 516 #endif /* !UNROLL_LOOPS */ |
| 518 } | 517 } |
| 519 } | 518 } |
| 520 | 519 |
| 521 | 520 |
| 522 void SHA512_update(SHA512_CTX* ctx, const uint8_t* data, | 521 void SHA512_update(SHA512_CTX* ctx, const uint8_t* data, |
| 523 uint64_t len) { | 522 uint32_t len) { |
| 524 unsigned int block_nb; | 523 unsigned int block_nb; |
| 525 unsigned int new_len, rem_len, tmp_len; | 524 unsigned int new_len, rem_len, tmp_len; |
| 526 const uint8_t* shifted_data; | 525 const uint8_t* shifted_data; |
| 527 | 526 |
| 528 tmp_len = SHA512_BLOCK_SIZE - ctx->len; | 527 tmp_len = SHA512_BLOCK_SIZE - ctx->len; |
| 529 rem_len = len < tmp_len ? (unsigned int)len : tmp_len; | 528 rem_len = len < tmp_len ? len : tmp_len; |
| 530 | 529 |
| 531 Memcpy(&ctx->block[ctx->len], data, rem_len); | 530 Memcpy(&ctx->block[ctx->len], data, rem_len); |
| 532 | 531 |
| 533 if (ctx->len + len < SHA512_BLOCK_SIZE) { | 532 if (ctx->len + len < SHA512_BLOCK_SIZE) { |
| 534 ctx->len += (uint32_t)len; | 533 ctx->len += len; |
| 535 return; | 534 return; |
| 536 } | 535 } |
| 537 | 536 |
| 538 new_len = (unsigned int)len - rem_len; | 537 new_len = len - rem_len; |
| 539 block_nb = new_len / SHA512_BLOCK_SIZE; | 538 block_nb = new_len / SHA512_BLOCK_SIZE; |
| 540 | 539 |
| 541 shifted_data = data + rem_len; | 540 shifted_data = data + rem_len; |
| 542 | 541 |
| 543 SHA512_transform(ctx, ctx->block, 1); | 542 SHA512_transform(ctx, ctx->block, 1); |
| 544 SHA512_transform(ctx, shifted_data, block_nb); | 543 SHA512_transform(ctx, shifted_data, block_nb); |
| 545 | 544 |
| 546 rem_len = new_len % SHA512_BLOCK_SIZE; | 545 rem_len = new_len % SHA512_BLOCK_SIZE; |
| 547 | 546 |
| 548 Memcpy(ctx->block, &shifted_data[block_nb << 7], | 547 Memcpy(ctx->block, &shifted_data[block_nb << 7], |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 586 UNPACK64(ctx->h[4], &ctx->buf[32]); | 585 UNPACK64(ctx->h[4], &ctx->buf[32]); |
| 587 UNPACK64(ctx->h[5], &ctx->buf[40]); | 586 UNPACK64(ctx->h[5], &ctx->buf[40]); |
| 588 UNPACK64(ctx->h[6], &ctx->buf[48]); | 587 UNPACK64(ctx->h[6], &ctx->buf[48]); |
| 589 UNPACK64(ctx->h[7], &ctx->buf[56]); | 588 UNPACK64(ctx->h[7], &ctx->buf[56]); |
| 590 #endif /* !UNROLL_LOOPS */ | 589 #endif /* !UNROLL_LOOPS */ |
| 591 | 590 |
| 592 return ctx->buf; | 591 return ctx->buf; |
| 593 } | 592 } |
| 594 | 593 |
| 595 | 594 |
| 596 | |
| 597 /* Convenient functions. */ | |
| 598 uint8_t* SHA256(const uint8_t* data, uint64_t len, uint8_t* digest) { | 595 uint8_t* SHA256(const uint8_t* data, uint64_t len, uint8_t* digest) { |
| 599 const uint8_t* p; | 596 const uint8_t* input_ptr; |
| 597 const uint8_t* result; |
| 598 uint64_t remaining_len; |
| 600 int i; | 599 int i; |
| 601 SHA256_CTX ctx; | 600 SHA256_CTX ctx; |
| 601 |
| 602 SHA256_init(&ctx); | 602 SHA256_init(&ctx); |
| 603 SHA256_update(&ctx, data, len); | 603 |
| 604 p = SHA256_final(&ctx); | 604 input_ptr = data; |
| 605 remaining_len = len; |
| 606 |
| 607 /* Process data in at most UINT32_MAX byte chunks at a time. */ |
| 608 while (remaining_len) { |
| 609 uint32_t block_size; |
| 610 block_size = (uint32_t) ((remaining_len >= UINT32_MAX) ? |
| 611 UINT32_MAX : remaining_len); |
| 612 SHA256_update(&ctx, input_ptr, block_size); |
| 613 remaining_len -= block_size; |
| 614 input_ptr += block_size; |
| 615 } |
| 616 |
| 617 result = SHA256_final(&ctx); |
| 605 for (i = 0; i < SHA256_DIGEST_SIZE; ++i) { | 618 for (i = 0; i < SHA256_DIGEST_SIZE; ++i) { |
| 606 digest[i] = *p++; | 619 digest[i] = *result++; |
| 607 } | 620 } |
| 608 return digest; | 621 return digest; |
| 609 } | 622 } |
| 610 | 623 |
| 611 | 624 |
| 612 uint8_t* SHA512(const uint8_t* data, uint64_t len, uint8_t* digest) { | 625 uint8_t* SHA512(const uint8_t* data, uint64_t len, uint8_t* digest) { |
| 613 const uint8_t* p; | 626 const uint8_t* input_ptr; |
| 627 const uint8_t* result; |
| 628 uint64_t remaining_len; |
| 614 int i; | 629 int i; |
| 615 SHA512_CTX ctx; | 630 SHA512_CTX ctx; |
| 616 SHA512_init(&ctx); | 631 SHA512_init(&ctx); |
| 617 SHA512_update(&ctx, data, len); | 632 |
| 618 p = SHA512_final(&ctx); | 633 input_ptr = data; |
| 634 remaining_len = len; |
| 635 |
| 636 /* Process data in at most UINT32_MAX byte chunks at a time. */ |
| 637 while (remaining_len) { |
| 638 uint32_t block_size; |
| 639 block_size = (uint32_t) ((remaining_len >= UINT32_MAX) ? |
| 640 UINT32_MAX : remaining_len); |
| 641 SHA512_update(&ctx, input_ptr, block_size); |
| 642 remaining_len -= block_size; |
| 643 input_ptr += block_size; |
| 644 } |
| 645 |
| 646 result = SHA512_final(&ctx); |
| 619 for (i = 0; i < SHA512_DIGEST_SIZE; ++i) { | 647 for (i = 0; i < SHA512_DIGEST_SIZE; ++i) { |
| 620 digest[i] = *p++; | 648 digest[i] = *result++; |
| 621 } | 649 } |
| 622 return digest; | 650 return digest; |
| 623 } | 651 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6760017:
Make SHA256 and SHA512 handle >UINT32_MAX data correctly (now with fix for ARM compilation) (Closed)
Base URL: ssh://git@gitrw.chromium.org:9222/vboot_reference.git@master