diff options
Diffstat (limited to 'crypto/sha/sha256.c')
-rw-r--r-- | crypto/sha/sha256.c | 123 |
1 files changed, 61 insertions, 62 deletions
diff --git a/crypto/sha/sha256.c b/crypto/sha/sha256.c index 72a11593697e..bf78f075eefb 100644 --- a/crypto/sha/sha256.c +++ b/crypto/sha/sha256.c @@ -1,22 +1,22 @@ -/* crypto/sha/sha256.c */ -/* ==================================================================== - * Copyright (c) 2004 The OpenSSL Project. All rights reserved - * according to the OpenSSL license [found in ../../LICENSE]. - * ==================================================================== +/* + * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ -#include <openssl/opensslconf.h> -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256) -# include <stdlib.h> -# include <string.h> +#include <openssl/opensslconf.h> -# include <openssl/crypto.h> -# include <openssl/sha.h> -# include <openssl/opensslv.h> +#include <stdlib.h> +#include <string.h> -const char SHA256_version[] = "SHA-256" OPENSSL_VERSION_PTEXT; +#include <openssl/crypto.h> +#include <openssl/sha.h> +#include <openssl/opensslv.h> -fips_md_init_ctx(SHA224, SHA256) +int SHA224_Init(SHA256_CTX *c) { memset(c, 0, sizeof(*c)); c->h[0] = 0xc1059ed8UL; @@ -31,7 +31,7 @@ fips_md_init_ctx(SHA224, SHA256) return 1; } -fips_md_init(SHA256) +int SHA256_Init(SHA256_CTX *c) { memset(c, 0, sizeof(*c)); c->h[0] = 0x6a09e667UL; @@ -57,7 +57,7 @@ unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md) SHA256_Update(&c, d, n); SHA256_Final(md, &c); OPENSSL_cleanse(&c, sizeof(c)); - return (md); + return md; } unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md) @@ -71,7 +71,7 @@ unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md) SHA256_Update(&c, d, n); SHA256_Final(md, &c); OPENSSL_cleanse(&c, sizeof(c)); - return (md); + return md; } int SHA224_Update(SHA256_CTX *c, const void *data, size_t len) @@ -84,20 +84,21 @@ int SHA224_Final(unsigned char *md, SHA256_CTX *c) return SHA256_Final(md, c); } -# define DATA_ORDER_IS_BIG_ENDIAN +#define DATA_ORDER_IS_BIG_ENDIAN + +#define HASH_LONG SHA_LONG +#define HASH_CTX SHA256_CTX +#define HASH_CBLOCK SHA_CBLOCK -# define HASH_LONG SHA_LONG -# define HASH_CTX SHA256_CTX -# define HASH_CBLOCK SHA_CBLOCK /* * Note that FIPS180-2 discusses "Truncation of the Hash Function Output." * default: case below covers for it. It's not clear however if it's * permitted to truncate to amount of bytes not divisible by 4. I bet not, * but if it is, then default: case shall be extended. For reference. - * Idea behind separate cases for pre-defined lenghts is to let the + * Idea behind separate cases for pre-defined lengths is to let the * compiler decide if it's appropriate to unroll small loops. */ -# define HASH_MAKE_STRING(c,s) do { \ +#define HASH_MAKE_STRING(c,s) do { \ unsigned long ll; \ unsigned int nn; \ switch ((c)->md_len) \ @@ -118,18 +119,18 @@ int SHA224_Final(unsigned char *md, SHA256_CTX *c) } \ } while (0) -# define HASH_UPDATE SHA256_Update -# define HASH_TRANSFORM SHA256_Transform -# define HASH_FINAL SHA256_Final -# define HASH_BLOCK_DATA_ORDER sha256_block_data_order -# ifndef SHA256_ASM +#define HASH_UPDATE SHA256_Update +#define HASH_TRANSFORM SHA256_Transform +#define HASH_FINAL SHA256_Final +#define HASH_BLOCK_DATA_ORDER sha256_block_data_order +#ifndef SHA256_ASM static -# endif +#endif void sha256_block_data_order(SHA256_CTX *ctx, const void *in, size_t num); -# include "md32_common.h" +#include "internal/md32_common.h" -# ifndef SHA256_ASM +#ifndef SHA256_ASM static const SHA_LONG K256[64] = { 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, @@ -154,15 +155,15 @@ static const SHA_LONG K256[64] = { * is left one. This is why you might notice that rotation coefficients * differ from those observed in FIPS document by 32-N... */ -# define Sigma0(x) (ROTATE((x),30) ^ ROTATE((x),19) ^ ROTATE((x),10)) -# define Sigma1(x) (ROTATE((x),26) ^ ROTATE((x),21) ^ ROTATE((x),7)) -# define sigma0(x) (ROTATE((x),25) ^ ROTATE((x),14) ^ ((x)>>3)) -# define sigma1(x) (ROTATE((x),15) ^ ROTATE((x),13) ^ ((x)>>10)) +# define Sigma0(x) (ROTATE((x),30) ^ ROTATE((x),19) ^ ROTATE((x),10)) +# define Sigma1(x) (ROTATE((x),26) ^ ROTATE((x),21) ^ ROTATE((x),7)) +# define sigma0(x) (ROTATE((x),25) ^ ROTATE((x),14) ^ ((x)>>3)) +# define sigma1(x) (ROTATE((x),15) ^ ROTATE((x),13) ^ ((x)>>10)) -# define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) -# define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) +# define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) +# define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) -# ifdef OPENSSL_SMALL_FOOTPRINT +# ifdef OPENSSL_SMALL_FOOTPRINT static void sha256_block_data_order(SHA256_CTX *ctx, const void *in, size_t num) @@ -184,7 +185,7 @@ static void sha256_block_data_order(SHA256_CTX *ctx, const void *in, h = ctx->h[7]; for (i = 0; i < 16; i++) { - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[i] = l; T1 += h + Sigma1(e) + Ch(e, f, g) + K256[i]; T2 = Sigma0(a) + Maj(a, b, c); @@ -229,14 +230,14 @@ static void sha256_block_data_order(SHA256_CTX *ctx, const void *in, } } -# else +# else -# define ROUND_00_15(i,a,b,c,d,e,f,g,h) do { \ +# define ROUND_00_15(i,a,b,c,d,e,f,g,h) do { \ T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i]; \ h = Sigma0(a) + Maj(a,b,c); \ d += T1; h += T1; } while (0) -# define ROUND_16_63(i,a,b,c,d,e,f,g,h,X) do { \ +# define ROUND_16_63(i,a,b,c,d,e,f,g,h,X) do { \ s0 = X[(i+1)&0x0f]; s0 = sigma0(s0); \ s1 = X[(i+14)&0x0f]; s1 = sigma1(s1); \ T1 = X[(i)&0x0f] += s0 + s1 + X[(i+9)&0x0f]; \ @@ -308,52 +309,52 @@ static void sha256_block_data_order(SHA256_CTX *ctx, const void *in, } else { SHA_LONG l; - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[0] = l; ROUND_00_15(0, a, b, c, d, e, f, g, h); - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[1] = l; ROUND_00_15(1, h, a, b, c, d, e, f, g); - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[2] = l; ROUND_00_15(2, g, h, a, b, c, d, e, f); - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[3] = l; ROUND_00_15(3, f, g, h, a, b, c, d, e); - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[4] = l; ROUND_00_15(4, e, f, g, h, a, b, c, d); - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[5] = l; ROUND_00_15(5, d, e, f, g, h, a, b, c); - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[6] = l; ROUND_00_15(6, c, d, e, f, g, h, a, b); - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[7] = l; ROUND_00_15(7, b, c, d, e, f, g, h, a); - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[8] = l; ROUND_00_15(8, a, b, c, d, e, f, g, h); - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[9] = l; ROUND_00_15(9, h, a, b, c, d, e, f, g); - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[10] = l; ROUND_00_15(10, g, h, a, b, c, d, e, f); - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[11] = l; ROUND_00_15(11, f, g, h, a, b, c, d, e); - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[12] = l; ROUND_00_15(12, e, f, g, h, a, b, c, d); - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[13] = l; ROUND_00_15(13, d, e, f, g, h, a, b, c); - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[14] = l; ROUND_00_15(14, c, d, e, f, g, h, a, b); - HOST_c2l(data, l); + (void)HOST_c2l(data, l); T1 = X[15] = l; ROUND_00_15(15, b, c, d, e, f, g, h, a); } @@ -381,7 +382,5 @@ static void sha256_block_data_order(SHA256_CTX *ctx, const void *in, } } -# endif -# endif /* SHA256_ASM */ - -#endif /* OPENSSL_NO_SHA256 */ +# endif +#endif /* SHA256_ASM */ |