ReactOS 0.4.15-dev-5863-g1fe3ab7
sha2.c
Go to the documentation of this file.
1/*
2 * FILE: sha2.c
3 * AUTHOR: Aaron D. Gifford - http://www.aarongifford.com/
4 *
5 * Copyright (c) 2000-2001, Aaron D. Gifford
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the copyright holder nor the names of contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTOR(S) ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33#include <config.h>
34
35#include <string.h>
36#include <assert.h>
37#include "sha2.h"
38
39/*
40 * ASSERT NOTE:
41 * Some sanity checking code is included using assert(). On my FreeBSD
42 * system, this additional code can be removed by compiling with NDEBUG
43 * defined. Check your own systems manpage on assert() to see how to
44 * compile WITHOUT the sanity checking code on your system.
45 *
46 * UNROLLED TRANSFORM LOOP NOTE:
47 * You can define SHA2_UNROLL_TRANSFORM to use the unrolled transform
48 * loop version for the hash transform rounds (defined using macros
49 * later in this file). Either define on the command line, for example:
50 *
51 * cc -DSHA2_UNROLL_TRANSFORM -o sha2 sha2.c sha2prog.c
52 *
53 * or define below:
54 *
55 * #define SHA2_UNROLL_TRANSFORM
56 *
57 */
58
59/*** SHA-256/384/512 Various Length Definitions ***********************/
60/* NOTE: Most of these are in sha2.h */
61#define SHA256_SHORT_BLOCK_LENGTH (SHA256_BLOCK_LENGTH - 8)
62#define SHA384_SHORT_BLOCK_LENGTH (SHA384_BLOCK_LENGTH - 16)
63#define SHA512_SHORT_BLOCK_LENGTH (SHA512_BLOCK_LENGTH - 16)
64
65#define SHA2_WORD64_CONST(dw1, dw2) (((sha2_word64)(dw1) << 32) | (dw2))
66
67/*** ENDIAN REVERSAL MACROS *******************************************/
68#ifndef WORDS_BIGENDIAN
69#define REVERSE32(w,x) { \
70 sha2_word32 tmp = (w); \
71 tmp = (tmp >> 16) | (tmp << 16); \
72 (x) = ((tmp & 0xff00ff00) >> 8) | ((tmp & 0x00ff00ff) << 8); \
73}
74#define REVERSE64(w,x) { \
75 sha2_word64 tmp = (w); \
76 tmp = (tmp >> 32) | (tmp << 32); \
77 tmp = ((tmp & SHA2_WORD64_CONST(0xff00ff00, 0xff00ff00)) >> 8) | \
78 ((tmp & SHA2_WORD64_CONST(0x00ff00ff, 0x00ff00ff)) << 8); \
79 (x) = ((tmp & SHA2_WORD64_CONST(0xffff0000, 0xffff0000)) >> 16) | \
80 ((tmp & SHA2_WORD64_CONST(0x0000ffff, 0x0000ffff)) << 16); \
81}
82#endif
83
84/*
85 * Macro for incrementally adding the unsigned 64-bit integer n to the
86 * unsigned 128-bit integer (represented using a two-element array of
87 * 64-bit words):
88 */
89#define ADDINC128(w,n) { \
90 (w)[0] += (sha2_word64)(n); \
91 if ((w)[0] < (n)) { \
92 (w)[1]++; \
93 } \
94}
95
96/*
97 * Macros for copying blocks of memory and for zeroing out ranges
98 * of memory. Using these macros makes it easy to switch from
99 * using memset()/memcpy() and using bzero()/bcopy().
100 *
101 * Please define either SHA2_USE_MEMSET_MEMCPY or define
102 * SHA2_USE_BZERO_BCOPY depending on which function set you
103 * choose to use:
104 */
105#if !defined(SHA2_USE_MEMSET_MEMCPY) && !defined(SHA2_USE_BZERO_BCOPY)
106/* Default to memset()/memcpy() if no option is specified */
107#define SHA2_USE_MEMSET_MEMCPY 1
108#endif
109#if defined(SHA2_USE_MEMSET_MEMCPY) && defined(SHA2_USE_BZERO_BCOPY)
110/* Abort with an error if BOTH options are defined */
111#error Define either SHA2_USE_MEMSET_MEMCPY or SHA2_USE_BZERO_BCOPY, not both!
112#endif
113
114#ifdef SHA2_USE_MEMSET_MEMCPY
115#define MEMSET_BZERO(p,l) memset((p), 0, (l))
116#define MEMCPY_BCOPY(d,s,l) memcpy((d), (s), (l))
117#endif
118#ifdef SHA2_USE_BZERO_BCOPY
119#define MEMSET_BZERO(p,l) bzero((p), (l))
120#define MEMCPY_BCOPY(d,s,l) bcopy((s), (d), (l))
121#endif
122
123
124/*** THE SIX LOGICAL FUNCTIONS ****************************************/
125/*
126 * Bit shifting and rotation (used by the six SHA-XYZ logical functions:
127 *
128 * NOTE: The naming of R and S appears backwards here (R is a SHIFT and
129 * S is a ROTATION) because the SHA-256/384/512 description document
130 * (see http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf) uses this
131 * same "backwards" definition.
132 */
133/* Shift-right (used in SHA-256, SHA-384, and SHA-512): */
134#define R(b,x) ((x) >> (b))
135/* 32-bit Rotate-right (used in SHA-256): */
136#define S32(b,x) (((x) >> (b)) | ((x) << (32 - (b))))
137/* 64-bit Rotate-right (used in SHA-384 and SHA-512): */
138#define S64(b,x) (((x) >> (b)) | ((x) << (64 - (b))))
139
140/* Two of six logical functions used in SHA-256, SHA-384, and SHA-512: */
141#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
142#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
143
144/* Four of six logical functions used in SHA-256: */
145#define Sigma0_256(x) (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x)))
146#define Sigma1_256(x) (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x)))
147#define sigma0_256(x) (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x)))
148#define sigma1_256(x) (S32(17, (x)) ^ S32(19, (x)) ^ R(10, (x)))
149
150/* Four of six logical functions used in SHA-384 and SHA-512: */
151#define Sigma0_512(x) (S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x)))
152#define Sigma1_512(x) (S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x)))
153#define sigma0_512(x) (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x)))
154#define sigma1_512(x) (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x)))
155
156/*** INTERNAL FUNCTION PROTOTYPES *************************************/
157/* NOTE: These should not be accessed directly from outside this
158 * library -- they are intended for private internal visibility/use
159 * only.
160 */
164
165
166/*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/
167/* Hash constant words K for SHA-256: */
168static const sha2_word32 K256[64] = {
169 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
170 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
171 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
172 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
173 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
174 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
175 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
176 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
177 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
178 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
179 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
180 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
181 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
182 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
183 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
184 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
185};
186
187/* Initial hash value H for SHA-256: */
189 0x6a09e667,
190 0xbb67ae85,
191 0x3c6ef372,
192 0xa54ff53a,
193 0x510e527f,
194 0x9b05688c,
195 0x1f83d9ab,
196 0x5be0cd19
197};
198
199/* Hash constant words K for SHA-384 and SHA-512: */
200static const sha2_word64 K512[80] = {
201 SHA2_WORD64_CONST(0x428a2f98, 0xd728ae22), SHA2_WORD64_CONST(0x71374491, 0x23ef65cd),
202 SHA2_WORD64_CONST(0xb5c0fbcf, 0xec4d3b2f), SHA2_WORD64_CONST(0xe9b5dba5, 0x8189dbbc),
203 SHA2_WORD64_CONST(0x3956c25b, 0xf348b538), SHA2_WORD64_CONST(0x59f111f1, 0xb605d019),
204 SHA2_WORD64_CONST(0x923f82a4, 0xaf194f9b), SHA2_WORD64_CONST(0xab1c5ed5, 0xda6d8118),
205 SHA2_WORD64_CONST(0xd807aa98, 0xa3030242), SHA2_WORD64_CONST(0x12835b01, 0x45706fbe),
206 SHA2_WORD64_CONST(0x243185be, 0x4ee4b28c), SHA2_WORD64_CONST(0x550c7dc3, 0xd5ffb4e2),
207 SHA2_WORD64_CONST(0x72be5d74, 0xf27b896f), SHA2_WORD64_CONST(0x80deb1fe, 0x3b1696b1),
208 SHA2_WORD64_CONST(0x9bdc06a7, 0x25c71235), SHA2_WORD64_CONST(0xc19bf174, 0xcf692694),
209 SHA2_WORD64_CONST(0xe49b69c1, 0x9ef14ad2), SHA2_WORD64_CONST(0xefbe4786, 0x384f25e3),
210 SHA2_WORD64_CONST(0x0fc19dc6, 0x8b8cd5b5), SHA2_WORD64_CONST(0x240ca1cc, 0x77ac9c65),
211 SHA2_WORD64_CONST(0x2de92c6f, 0x592b0275), SHA2_WORD64_CONST(0x4a7484aa, 0x6ea6e483),
212 SHA2_WORD64_CONST(0x5cb0a9dc, 0xbd41fbd4), SHA2_WORD64_CONST(0x76f988da, 0x831153b5),
213 SHA2_WORD64_CONST(0x983e5152, 0xee66dfab), SHA2_WORD64_CONST(0xa831c66d, 0x2db43210),
214 SHA2_WORD64_CONST(0xb00327c8, 0x98fb213f), SHA2_WORD64_CONST(0xbf597fc7, 0xbeef0ee4),
215 SHA2_WORD64_CONST(0xc6e00bf3, 0x3da88fc2), SHA2_WORD64_CONST(0xd5a79147, 0x930aa725),
216 SHA2_WORD64_CONST(0x06ca6351, 0xe003826f), SHA2_WORD64_CONST(0x14292967, 0x0a0e6e70),
217 SHA2_WORD64_CONST(0x27b70a85, 0x46d22ffc), SHA2_WORD64_CONST(0x2e1b2138, 0x5c26c926),
218 SHA2_WORD64_CONST(0x4d2c6dfc, 0x5ac42aed), SHA2_WORD64_CONST(0x53380d13, 0x9d95b3df),
219 SHA2_WORD64_CONST(0x650a7354, 0x8baf63de), SHA2_WORD64_CONST(0x766a0abb, 0x3c77b2a8),
220 SHA2_WORD64_CONST(0x81c2c92e, 0x47edaee6), SHA2_WORD64_CONST(0x92722c85, 0x1482353b),
221 SHA2_WORD64_CONST(0xa2bfe8a1, 0x4cf10364), SHA2_WORD64_CONST(0xa81a664b, 0xbc423001),
222 SHA2_WORD64_CONST(0xc24b8b70, 0xd0f89791), SHA2_WORD64_CONST(0xc76c51a3, 0x0654be30),
223 SHA2_WORD64_CONST(0xd192e819, 0xd6ef5218), SHA2_WORD64_CONST(0xd6990624, 0x5565a910),
224 SHA2_WORD64_CONST(0xf40e3585, 0x5771202a), SHA2_WORD64_CONST(0x106aa070, 0x32bbd1b8),
225 SHA2_WORD64_CONST(0x19a4c116, 0xb8d2d0c8), SHA2_WORD64_CONST(0x1e376c08, 0x5141ab53),
226 SHA2_WORD64_CONST(0x2748774c, 0xdf8eeb99), SHA2_WORD64_CONST(0x34b0bcb5, 0xe19b48a8),
227 SHA2_WORD64_CONST(0x391c0cb3, 0xc5c95a63), SHA2_WORD64_CONST(0x4ed8aa4a, 0xe3418acb),
228 SHA2_WORD64_CONST(0x5b9cca4f, 0x7763e373), SHA2_WORD64_CONST(0x682e6ff3, 0xd6b2b8a3),
229 SHA2_WORD64_CONST(0x748f82ee, 0x5defb2fc), SHA2_WORD64_CONST(0x78a5636f, 0x43172f60),
230 SHA2_WORD64_CONST(0x84c87814, 0xa1f0ab72), SHA2_WORD64_CONST(0x8cc70208, 0x1a6439ec),
231 SHA2_WORD64_CONST(0x90befffa, 0x23631e28), SHA2_WORD64_CONST(0xa4506ceb, 0xde82bde9),
232 SHA2_WORD64_CONST(0xbef9a3f7, 0xb2c67915), SHA2_WORD64_CONST(0xc67178f2, 0xe372532b),
233 SHA2_WORD64_CONST(0xca273ece, 0xea26619c), SHA2_WORD64_CONST(0xd186b8c7, 0x21c0c207),
234 SHA2_WORD64_CONST(0xeada7dd6, 0xcde0eb1e), SHA2_WORD64_CONST(0xf57d4f7f, 0xee6ed178),
235 SHA2_WORD64_CONST(0x06f067aa, 0x72176fba), SHA2_WORD64_CONST(0x0a637dc5, 0xa2c898a6),
236 SHA2_WORD64_CONST(0x113f9804, 0xbef90dae), SHA2_WORD64_CONST(0x1b710b35, 0x131c471b),
237 SHA2_WORD64_CONST(0x28db77f5, 0x23047d84), SHA2_WORD64_CONST(0x32caab7b, 0x40c72493),
238 SHA2_WORD64_CONST(0x3c9ebe0a, 0x15c9bebc), SHA2_WORD64_CONST(0x431d67c4, 0x9c100d4c),
239 SHA2_WORD64_CONST(0x4cc5d4be, 0xcb3e42b6), SHA2_WORD64_CONST(0x597f299c, 0xfc657e2a),
240 SHA2_WORD64_CONST(0x5fcb6fab, 0x3ad6faec), SHA2_WORD64_CONST(0x6c44198c, 0x4a475817)
241};
242
243/* Initial hash value H for SHA-384 */
245 SHA2_WORD64_CONST(0xcbbb9d5d, 0xc1059ed8),
246 SHA2_WORD64_CONST(0x629a292a, 0x367cd507),
247 SHA2_WORD64_CONST(0x9159015a, 0x3070dd17),
248 SHA2_WORD64_CONST(0x152fecd8, 0xf70e5939),
249 SHA2_WORD64_CONST(0x67332667, 0xffc00b31),
250 SHA2_WORD64_CONST(0x8eb44a87, 0x68581511),
251 SHA2_WORD64_CONST(0xdb0c2e0d, 0x64f98fa7),
252 SHA2_WORD64_CONST(0x47b5481d, 0xbefa4fa4)
253};
254
255/* Initial hash value H for SHA-512 */
257 SHA2_WORD64_CONST(0x6a09e667, 0xf3bcc908),
258 SHA2_WORD64_CONST(0xbb67ae85, 0x84caa73b),
259 SHA2_WORD64_CONST(0x3c6ef372, 0xfe94f82b),
260 SHA2_WORD64_CONST(0xa54ff53a, 0x5f1d36f1),
261 SHA2_WORD64_CONST(0x510e527f, 0xade682d1),
262 SHA2_WORD64_CONST(0x9b05688c, 0x2b3e6c1f),
263 SHA2_WORD64_CONST(0x1f83d9ab, 0xfb41bd6b),
264 SHA2_WORD64_CONST(0x5be0cd19, 0x137e2179)
265};
266
267/*
268 * Constant used by SHA256/384/512_End() functions for converting the
269 * digest to a readable hexadecimal character string:
270 */
271static const char sha2_hex_digits[] = "0123456789abcdef";
272
273
274/*** SHA-256: *********************************************************/
276 if (context == NULL) {
277 return;
278 }
281 context->bitcount = 0;
282}
283
284#ifdef SHA2_UNROLL_TRANSFORM
285
286/* Unrolled SHA-256 round macros: */
287
288#ifndef WORDS_BIGENDIAN
289
290#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \
291 REVERSE32(*data++, W256[j]); \
292 T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \
293 K256[j] + W256[j]; \
294 (d) += T1; \
295 (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \
296 j++
297
298
299#else
300
301#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \
302 T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \
303 K256[j] + (W256[j] = *data++); \
304 (d) += T1; \
305 (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \
306 j++
307
308#endif
309
310#define ROUND256(a,b,c,d,e,f,g,h) \
311 s0 = W256[(j+1)&0x0f]; \
312 s0 = sigma0_256(s0); \
313 s1 = W256[(j+14)&0x0f]; \
314 s1 = sigma1_256(s1); \
315 T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + K256[j] + \
316 (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0); \
317 (d) += T1; \
318 (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \
319 j++
320
322 sha2_word32 a, b, c, d, e, f, g, h, s0, s1;
323 sha2_word32 T1, *W256;
324 int j;
325
326 W256 = (sha2_word32*)context->buffer;
327
328 /* Initialize registers with the prev. intermediate value */
329 a = context->state[0];
330 b = context->state[1];
331 c = context->state[2];
332 d = context->state[3];
333 e = context->state[4];
334 f = context->state[5];
335 g = context->state[6];
336 h = context->state[7];
337
338 j = 0;
339 do {
340 /* Rounds 0 to 15 (unrolled): */
341 ROUND256_0_TO_15(a,b,c,d,e,f,g,h);
342 ROUND256_0_TO_15(h,a,b,c,d,e,f,g);
343 ROUND256_0_TO_15(g,h,a,b,c,d,e,f);
344 ROUND256_0_TO_15(f,g,h,a,b,c,d,e);
345 ROUND256_0_TO_15(e,f,g,h,a,b,c,d);
346 ROUND256_0_TO_15(d,e,f,g,h,a,b,c);
347 ROUND256_0_TO_15(c,d,e,f,g,h,a,b);
348 ROUND256_0_TO_15(b,c,d,e,f,g,h,a);
349 } while (j < 16);
350
351 /* Now for the remaining rounds to 64: */
352 do {
353 ROUND256(a,b,c,d,e,f,g,h);
354 ROUND256(h,a,b,c,d,e,f,g);
355 ROUND256(g,h,a,b,c,d,e,f);
356 ROUND256(f,g,h,a,b,c,d,e);
357 ROUND256(e,f,g,h,a,b,c,d);
358 ROUND256(d,e,f,g,h,a,b,c);
359 ROUND256(c,d,e,f,g,h,a,b);
360 ROUND256(b,c,d,e,f,g,h,a);
361 } while (j < 64);
362
363 /* Compute the current intermediate hash value */
364 context->state[0] += a;
365 context->state[1] += b;
366 context->state[2] += c;
367 context->state[3] += d;
368 context->state[4] += e;
369 context->state[5] += f;
370 context->state[6] += g;
371 context->state[7] += h;
372
373 /* Clean up */
374 a = b = c = d = e = f = g = h = T1 = 0;
375}
376
377#else /* SHA2_UNROLL_TRANSFORM */
378
380 sha2_word32 a, b, c, d, e, f, g, h, s0, s1;
381 sha2_word32 T1, T2, *W256;
382 int j;
383
384 W256 = (sha2_word32*)context->buffer;
385
386 /* Initialize registers with the prev. intermediate value */
387 a = context->state[0];
388 b = context->state[1];
389 c = context->state[2];
390 d = context->state[3];
391 e = context->state[4];
392 f = context->state[5];
393 g = context->state[6];
394 h = context->state[7];
395
396 j = 0;
397 do {
398#ifndef WORDS_BIGENDIAN
399 /* Copy data while converting to host byte order */
400 REVERSE32(*data++,W256[j]);
401 /* Apply the SHA-256 compression function to update a..h */
402 T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + W256[j];
403#else
404 /* Apply the SHA-256 compression function to update a..h with copy */
405 T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + (W256[j] = *data++);
406#endif
407 T2 = Sigma0_256(a) + Maj(a, b, c);
408 h = g;
409 g = f;
410 f = e;
411 e = d + T1;
412 d = c;
413 c = b;
414 b = a;
415 a = T1 + T2;
416
417 j++;
418 } while (j < 16);
419
420 do {
421 /* Part of the message block expansion: */
422 s0 = W256[(j+1)&0x0f];
423 s0 = sigma0_256(s0);
424 s1 = W256[(j+14)&0x0f];
425 s1 = sigma1_256(s1);
426
427 /* Apply the SHA-256 compression function to update a..h */
428 T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] +
429 (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0);
430 T2 = Sigma0_256(a) + Maj(a, b, c);
431 h = g;
432 g = f;
433 f = e;
434 e = d + T1;
435 d = c;
436 c = b;
437 b = a;
438 a = T1 + T2;
439
440 j++;
441 } while (j < 64);
442
443 /* Compute the current intermediate hash value */
444 context->state[0] += a;
445 context->state[1] += b;
446 context->state[2] += c;
447 context->state[3] += d;
448 context->state[4] += e;
449 context->state[5] += f;
450 context->state[6] += g;
451 context->state[7] += h;
452
453 /* Clean up */
454 a = b = c = d = e = f = g = h = T1 = T2 = 0;
455}
456
457#endif /* SHA2_UNROLL_TRANSFORM */
458
460 unsigned int freespace, usedspace;
461
462 if (len == 0) {
463 /* Calling with no data is valid - we do nothing */
464 return;
465 }
466
467 /* Sanity check: */
468 assert(context != NULL && data != NULL);
469
470 usedspace = (context->bitcount >> 3) % SHA256_BLOCK_LENGTH;
471 if (usedspace > 0) {
472 /* Calculate how much free space is available in the buffer */
473 freespace = SHA256_BLOCK_LENGTH - usedspace;
474
475 if (len >= freespace) {
476 /* Fill the buffer completely and process it */
477 MEMCPY_BCOPY(&context->buffer[usedspace], data, freespace);
478 context->bitcount += freespace << 3;
479 len -= freespace;
480 data += freespace;
482 } else {
483 /* The buffer is not yet full */
484 MEMCPY_BCOPY(&context->buffer[usedspace], data, len);
485 context->bitcount += len << 3;
486 /* Clean up: */
487 usedspace = freespace = 0;
488 return;
489 }
490 }
491 while (len >= SHA256_BLOCK_LENGTH) {
492 /* Process as many complete blocks as we can */
494 context->bitcount += SHA256_BLOCK_LENGTH << 3;
497 }
498 if (len > 0) {
499 /* There's left-overs, so save 'em */
500 MEMCPY_BCOPY(context->buffer, data, len);
501 context->bitcount += len << 3;
502 }
503 /* Clean up: */
504 usedspace = freespace = 0;
505}
506
508 sha2_word32 *d = (sha2_word32*)digest;
509 unsigned int usedspace;
510
511 /* Sanity check: */
512 assert(context != NULL);
513
514 /* If no digest buffer is passed, we don't bother doing this: */
515 if (digest != NULL) {
516 usedspace = (context->bitcount >> 3) % SHA256_BLOCK_LENGTH;
517#ifndef WORDS_BIGENDIAN
518 /* Convert FROM host byte order */
519 REVERSE64(context->bitcount,context->bitcount);
520#endif
521 if (usedspace > 0) {
522 /* Begin padding with a 1 bit: */
523 context->buffer[usedspace++] = 0x80;
524
525 if (usedspace <= SHA256_SHORT_BLOCK_LENGTH) {
526 /* Set-up for the last transform: */
527 MEMSET_BZERO(&context->buffer[usedspace], SHA256_SHORT_BLOCK_LENGTH - usedspace);
528 } else {
529 if (usedspace < SHA256_BLOCK_LENGTH) {
530 MEMSET_BZERO(&context->buffer[usedspace], SHA256_BLOCK_LENGTH - usedspace);
531 }
532 /* Do second-to-last transform: */
534
535 /* And set-up for the last transform: */
537 }
538 } else {
539 /* Set-up for the last transform: */
541
542 /* Begin padding with a 1 bit: */
543 *context->buffer = 0x80;
544 }
545 /* Set the bit count: */
546 *(sha2_word64*)&context->buffer[SHA256_SHORT_BLOCK_LENGTH] = context->bitcount;
547
548 /* Final transform: */
550
551#ifndef WORDS_BIGENDIAN
552 {
553 /* Convert TO host byte order */
554 int j;
555 for (j = 0; j < 8; j++) {
556 REVERSE32(context->state[j],context->state[j]);
557 *d++ = context->state[j];
558 }
559 }
560#else
562#endif
563 }
564
565 /* Clean up state data: */
566 MEMSET_BZERO(context, sizeof(*context));
567 usedspace = 0;
568}
569
571 sha2_byte digest[SHA256_DIGEST_LENGTH], *d = digest;
572 int i;
573
574 /* Sanity check: */
575 assert(context != NULL);
576
577 if (buffer != NULL) {
578 SHA256_Final(digest, context);
579
580 for (i = 0; i < SHA256_DIGEST_LENGTH; i++) {
581 *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4];
582 *buffer++ = sha2_hex_digits[*d & 0x0f];
583 d++;
584 }
585 *buffer = 0;
586 } else {
587 MEMSET_BZERO(context, sizeof(*context));
588 }
590 return buffer;
591}
592
593char* SHA256_Data(const sha2_byte* data, size_t len, char digest[SHA256_DIGEST_STRING_LENGTH]) {
595
598 return SHA256_End(&context, digest);
599}
600
601
602/*** SHA-512: *********************************************************/
604 if (context == NULL) {
605 return;
606 }
609 context->bitcount[0] = context->bitcount[1] = 0;
610}
611
612#ifdef SHA2_UNROLL_TRANSFORM
613
614/* Unrolled SHA-512 round macros: */
615#ifndef WORDS_BIGENDIAN
616
617#define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \
618 REVERSE64(*data++, W512[j]); \
619 T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \
620 K512[j] + W512[j]; \
621 (d) += T1, \
622 (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)), \
623 j++
624
625
626#else
627
628#define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \
629 T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \
630 K512[j] + (W512[j] = *data++); \
631 (d) += T1; \
632 (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \
633 j++
634
635#endif
636
637#define ROUND512(a,b,c,d,e,f,g,h) \
638 s0 = W512[(j+1)&0x0f]; \
639 s0 = sigma0_512(s0); \
640 s1 = W512[(j+14)&0x0f]; \
641 s1 = sigma1_512(s1); \
642 T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + K512[j] + \
643 (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0); \
644 (d) += T1; \
645 (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \
646 j++
647
649 sha2_word64 a, b, c, d, e, f, g, h, s0, s1;
650 sha2_word64 T1, *W512 = (sha2_word64*)context->buffer;
651 int j;
652
653 /* Initialize registers with the prev. intermediate value */
654 a = context->state[0];
655 b = context->state[1];
656 c = context->state[2];
657 d = context->state[3];
658 e = context->state[4];
659 f = context->state[5];
660 g = context->state[6];
661 h = context->state[7];
662
663 j = 0;
664 do {
665 ROUND512_0_TO_15(a,b,c,d,e,f,g,h);
666 ROUND512_0_TO_15(h,a,b,c,d,e,f,g);
667 ROUND512_0_TO_15(g,h,a,b,c,d,e,f);
668 ROUND512_0_TO_15(f,g,h,a,b,c,d,e);
669 ROUND512_0_TO_15(e,f,g,h,a,b,c,d);
670 ROUND512_0_TO_15(d,e,f,g,h,a,b,c);
671 ROUND512_0_TO_15(c,d,e,f,g,h,a,b);
672 ROUND512_0_TO_15(b,c,d,e,f,g,h,a);
673 } while (j < 16);
674
675 /* Now for the remaining rounds up to 79: */
676 do {
677 ROUND512(a,b,c,d,e,f,g,h);
678 ROUND512(h,a,b,c,d,e,f,g);
679 ROUND512(g,h,a,b,c,d,e,f);
680 ROUND512(f,g,h,a,b,c,d,e);
681 ROUND512(e,f,g,h,a,b,c,d);
682 ROUND512(d,e,f,g,h,a,b,c);
683 ROUND512(c,d,e,f,g,h,a,b);
684 ROUND512(b,c,d,e,f,g,h,a);
685 } while (j < 80);
686
687 /* Compute the current intermediate hash value */
688 context->state[0] += a;
689 context->state[1] += b;
690 context->state[2] += c;
691 context->state[3] += d;
692 context->state[4] += e;
693 context->state[5] += f;
694 context->state[6] += g;
695 context->state[7] += h;
696
697 /* Clean up */
698 a = b = c = d = e = f = g = h = T1 = 0;
699}
700
701#else /* SHA2_UNROLL_TRANSFORM */
702
704 sha2_word64 a, b, c, d, e, f, g, h, s0, s1;
705 sha2_word64 T1, T2, *W512 = (sha2_word64*)context->buffer;
706 int j;
707
708 /* Initialize registers with the prev. intermediate value */
709 a = context->state[0];
710 b = context->state[1];
711 c = context->state[2];
712 d = context->state[3];
713 e = context->state[4];
714 f = context->state[5];
715 g = context->state[6];
716 h = context->state[7];
717
718 j = 0;
719 do {
720#ifndef WORDS_BIGENDIAN
721 /* Convert TO host byte order */
722 REVERSE64(*data++, W512[j]);
723 /* Apply the SHA-512 compression function to update a..h */
724 T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j];
725#else
726 /* Apply the SHA-512 compression function to update a..h with copy */
727 T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + (W512[j] = *data++);
728#endif
729 T2 = Sigma0_512(a) + Maj(a, b, c);
730 h = g;
731 g = f;
732 f = e;
733 e = d + T1;
734 d = c;
735 c = b;
736 b = a;
737 a = T1 + T2;
738
739 j++;
740 } while (j < 16);
741
742 do {
743 /* Part of the message block expansion: */
744 s0 = W512[(j+1)&0x0f];
745 s0 = sigma0_512(s0);
746 s1 = W512[(j+14)&0x0f];
747 s1 = sigma1_512(s1);
748
749 /* Apply the SHA-512 compression function to update a..h */
750 T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] +
751 (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0);
752 T2 = Sigma0_512(a) + Maj(a, b, c);
753 h = g;
754 g = f;
755 f = e;
756 e = d + T1;
757 d = c;
758 c = b;
759 b = a;
760 a = T1 + T2;
761
762 j++;
763 } while (j < 80);
764
765 /* Compute the current intermediate hash value */
766 context->state[0] += a;
767 context->state[1] += b;
768 context->state[2] += c;
769 context->state[3] += d;
770 context->state[4] += e;
771 context->state[5] += f;
772 context->state[6] += g;
773 context->state[7] += h;
774
775 /* Clean up */
776 a = b = c = d = e = f = g = h = T1 = T2 = 0;
777}
778
779#endif /* SHA2_UNROLL_TRANSFORM */
780
782 unsigned int freespace, usedspace;
783
784 if (len == 0) {
785 /* Calling with no data is valid - we do nothing */
786 return;
787 }
788
789 /* Sanity check: */
790 assert(context != NULL && data != NULL);
791
792 usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH;
793 if (usedspace > 0) {
794 /* Calculate how much free space is available in the buffer */
795 freespace = SHA512_BLOCK_LENGTH - usedspace;
796
797 if (len >= freespace) {
798 /* Fill the buffer completely and process it */
799 MEMCPY_BCOPY(&context->buffer[usedspace], data, freespace);
800 ADDINC128(context->bitcount, freespace << 3);
801 len -= freespace;
802 data += freespace;
804 } else {
805 /* The buffer is not yet full */
806 MEMCPY_BCOPY(&context->buffer[usedspace], data, len);
807 ADDINC128(context->bitcount, len << 3);
808 /* Clean up: */
809 usedspace = freespace = 0;
810 return;
811 }
812 }
813 while (len >= SHA512_BLOCK_LENGTH) {
814 /* Process as many complete blocks as we can */
816 ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3);
819 }
820 if (len > 0) {
821 /* There's left-overs, so save 'em */
822 MEMCPY_BCOPY(context->buffer, data, len);
823 ADDINC128(context->bitcount, len << 3);
824 }
825 /* Clean up: */
826 usedspace = freespace = 0;
827}
828
830 unsigned int usedspace;
831
832 usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH;
833#ifndef WORDS_BIGENDIAN
834 /* Convert FROM host byte order */
835 REVERSE64(context->bitcount[0],context->bitcount[0]);
836 REVERSE64(context->bitcount[1],context->bitcount[1]);
837#endif
838 if (usedspace > 0) {
839 /* Begin padding with a 1 bit: */
840 context->buffer[usedspace++] = 0x80;
841
842 if (usedspace <= SHA512_SHORT_BLOCK_LENGTH) {
843 /* Set-up for the last transform: */
844 MEMSET_BZERO(&context->buffer[usedspace], SHA512_SHORT_BLOCK_LENGTH - usedspace);
845 } else {
846 if (usedspace < SHA512_BLOCK_LENGTH) {
847 MEMSET_BZERO(&context->buffer[usedspace], SHA512_BLOCK_LENGTH - usedspace);
848 }
849 /* Do second-to-last transform: */
851
852 /* And set-up for the last transform: */
854 }
855 } else {
856 /* Prepare for final transform: */
858
859 /* Begin padding with a 1 bit: */
860 *context->buffer = 0x80;
861 }
862 /* Store the length of input data (in bits): */
863 *(sha2_word64*)&context->buffer[SHA512_SHORT_BLOCK_LENGTH] = context->bitcount[1];
864 *(sha2_word64*)&context->buffer[SHA512_SHORT_BLOCK_LENGTH+8] = context->bitcount[0];
865
866 /* Final transform: */
868}
869
871 sha2_word64 *d = (sha2_word64*)digest;
872
873 /* Sanity check: */
874 assert(context != NULL);
875
876 /* If no digest buffer is passed, we don't bother doing this: */
877 if (digest != NULL) {
879
880 /* Save the hash data for output: */
881#ifndef WORDS_BIGENDIAN
882 {
883 /* Convert TO host byte order */
884 int j;
885 for (j = 0; j < 8; j++) {
886 REVERSE64(context->state[j],context->state[j]);
887 *d++ = context->state[j];
888 }
889 }
890#else
892#endif
893 }
894
895 /* Zero out state data */
896 MEMSET_BZERO(context, sizeof(*context));
897}
898
900 sha2_byte digest[SHA512_DIGEST_LENGTH], *d = digest;
901 int i;
902
903 /* Sanity check: */
904 assert(context != NULL);
905
906 if (buffer != NULL) {
907 SHA512_Final(digest, context);
908
909 for (i = 0; i < SHA512_DIGEST_LENGTH; i++) {
910 *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4];
911 *buffer++ = sha2_hex_digits[*d & 0x0f];
912 d++;
913 }
914 *buffer = 0;
915 } else {
916 MEMSET_BZERO(context, sizeof(*context));
917 }
919 return buffer;
920}
921
922char* SHA512_Data(const sha2_byte* data, size_t len, char digest[SHA512_DIGEST_STRING_LENGTH]) {
924
927 return SHA512_End(&context, digest);
928}
929
930
931/*** SHA-384: *********************************************************/
933 if (context == NULL) {
934 return;
935 }
938 context->bitcount[0] = context->bitcount[1] = 0;
939}
940
943}
944
946 sha2_word64 *d = (sha2_word64*)digest;
947
948 /* Sanity check: */
949 assert(context != NULL);
950
951 /* If no digest buffer is passed, we don't bother doing this: */
952 if (digest != NULL) {
954
955 /* Save the hash data for output: */
956#ifndef WORDS_BIGENDIAN
957 {
958 /* Convert TO host byte order */
959 int j;
960 for (j = 0; j < 6; j++) {
961 REVERSE64(context->state[j],context->state[j]);
962 *d++ = context->state[j];
963 }
964 }
965#else
967#endif
968 }
969
970 /* Zero out state data */
971 MEMSET_BZERO(context, sizeof(*context));
972}
973
975 sha2_byte digest[SHA384_DIGEST_LENGTH], *d = digest;
976 int i;
977
978 /* Sanity check: */
979 assert(context != NULL);
980
981 if (buffer != NULL) {
982 SHA384_Final(digest, context);
983
984 for (i = 0; i < SHA384_DIGEST_LENGTH; i++) {
985 *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4];
986 *buffer++ = sha2_hex_digits[*d & 0x0f];
987 d++;
988 }
989 *buffer = 0;
990 } else {
991 MEMSET_BZERO(context, sizeof(*context));
992 }
994 return buffer;
995}
996
997char* SHA384_Data(const sha2_byte* data, size_t len, char digest[SHA384_DIGEST_STRING_LENGTH]) {
999
1002 return SHA384_End(&context, digest);
1003}
#define NULL
Definition: types.h:112
#define assert(x)
Definition: debug.h:53
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
Definition: gl.h:1950
GLuint buffer
Definition: glext.h:5915
const GLubyte * c
Definition: glext.h:8905
GLfloat f
Definition: glext.h:7540
GLboolean GLboolean GLboolean b
Definition: glext.h:6204
GLboolean GLboolean g
Definition: glext.h:6204
GLenum GLsizei len
Definition: glext.h:6722
GLboolean GLboolean GLboolean GLboolean a
Definition: glext.h:6204
GLfloat GLfloat GLfloat GLfloat h
Definition: glext.h:7723
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
#define d
Definition: ke_i.h:81
#define e
Definition: ke_i.h:82
#define f
Definition: ke_i.h:83
#define a
Definition: ke_i.h:78
#define c
Definition: ke_i.h:80
#define b
Definition: ke_i.h:79
struct S1 s1
static const sha2_word64 sha384_initial_hash_value[8]
Definition: sha2.c:244
#define Sigma0_512(x)
Definition: sha2.c:151
char * SHA384_End(SHA384_CTX *context, char buffer[])
Definition: sha2.c:974
#define Sigma0_256(x)
Definition: sha2.c:145
void SHA384_Init(SHA384_CTX *context)
Definition: sha2.c:932
void SHA256_Init(SHA256_CTX *context)
Definition: sha2.c:275
#define ADDINC128(w, n)
Definition: sha2.c:89
void SHA256_Final(sha2_byte digest[], SHA256_CTX *context)
Definition: sha2.c:507
static const sha2_word64 sha512_initial_hash_value[8]
Definition: sha2.c:256
void SHA384_Update(SHA384_CTX *context, const sha2_byte *data, size_t len)
Definition: sha2.c:941
#define Maj(x, y, z)
Definition: sha2.c:142
#define sigma0_512(x)
Definition: sha2.c:153
char * SHA512_End(SHA512_CTX *context, char buffer[])
Definition: sha2.c:899
void SHA256_Update(SHA256_CTX *context, const sha2_byte *data, size_t len)
Definition: sha2.c:459
#define REVERSE64(w, x)
Definition: sha2.c:74
char * SHA256_Data(const sha2_byte *data, size_t len, char digest[SHA256_DIGEST_STRING_LENGTH])
Definition: sha2.c:593
static const sha2_word64 K512[80]
Definition: sha2.c:200
#define Sigma1_512(x)
Definition: sha2.c:152
char * SHA256_End(SHA256_CTX *context, char buffer[])
Definition: sha2.c:570
#define sigma1_256(x)
Definition: sha2.c:148
#define REVERSE32(w, x)
Definition: sha2.c:69
static const sha2_word32 sha256_initial_hash_value[8]
Definition: sha2.c:188
void SHA512_Last(SHA512_CTX *)
Definition: sha2.c:829
void SHA512_Transform(SHA512_CTX *, const sha2_word64 *)
Definition: sha2.c:703
void SHA384_Final(sha2_byte digest[], SHA384_CTX *context)
Definition: sha2.c:945
#define MEMSET_BZERO(p, l)
Definition: sha2.c:115
#define SHA2_WORD64_CONST(dw1, dw2)
Definition: sha2.c:65
#define Sigma1_256(x)
Definition: sha2.c:146
#define MEMCPY_BCOPY(d, s, l)
Definition: sha2.c:116
#define SHA512_SHORT_BLOCK_LENGTH
Definition: sha2.c:63
#define Ch(x, y, z)
Definition: sha2.c:141
char * SHA384_Data(const sha2_byte *data, size_t len, char digest[SHA384_DIGEST_STRING_LENGTH])
Definition: sha2.c:997
char * SHA512_Data(const sha2_byte *data, size_t len, char digest[SHA512_DIGEST_STRING_LENGTH])
Definition: sha2.c:922
#define sigma1_512(x)
Definition: sha2.c:154
#define SHA256_SHORT_BLOCK_LENGTH
Definition: sha2.c:61
void SHA512_Update(SHA512_CTX *context, const sha2_byte *data, size_t len)
Definition: sha2.c:781
void SHA256_Transform(SHA256_CTX *, const sha2_word32 *)
Definition: sha2.c:379
void SHA512_Final(sha2_byte digest[], SHA512_CTX *context)
Definition: sha2.c:870
static const char sha2_hex_digits[]
Definition: sha2.c:271
static const sha2_word32 K256[64]
Definition: sha2.c:168
void SHA512_Init(SHA512_CTX *context)
Definition: sha2.c:603
#define sigma0_256(x)
Definition: sha2.c:147
#define SHA256_DIGEST_STRING_LENGTH
Definition: sha2.h:41
UINT64 sha2_word64
Definition: sha2.h:53
#define SHA512_DIGEST_LENGTH
Definition: sha2.h:46
#define SHA384_DIGEST_STRING_LENGTH
Definition: sha2.h:44
#define SHA384_DIGEST_LENGTH
Definition: sha2.h:43
UINT8 sha2_byte
Definition: sha2.h:51
#define SHA384_BLOCK_LENGTH
Definition: sha2.h:42
#define SHA512_BLOCK_LENGTH
Definition: sha2.h:45
#define SHA512_DIGEST_STRING_LENGTH
Definition: sha2.h:47
#define SHA256_DIGEST_LENGTH
Definition: sha2.h:40
UINT32 sha2_word32
Definition: sha2.h:52
#define SHA256_BLOCK_LENGTH
Definition: sha2.h:39
Definition: http.c:7252