summaryrefslogtreecommitdiff
path: root/source4/heimdal/lib/des
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-04-24 09:36:24 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:04:15 -0500
commitc33f6b2c370379dfd010600adc59e7439f1318f7 (patch)
tree2ac36b3751796f05ecb45a2ecd03bd166ed7182f /source4/heimdal/lib/des
parent0eddf14b307e905663b95296aa695a10d3fb90f7 (diff)
downloadsamba-c33f6b2c370379dfd010600adc59e7439f1318f7.tar.gz
samba-c33f6b2c370379dfd010600adc59e7439f1318f7.tar.bz2
samba-c33f6b2c370379dfd010600adc59e7439f1318f7.zip
r15192: Update Samba4 to use current lorikeet-heimdal.
Andrew Bartlett (This used to be commit f0e538126c5cb29ca14ad0d8281eaa0a715ed94f)
Diffstat (limited to 'source4/heimdal/lib/des')
-rw-r--r--source4/heimdal/lib/des/des.c5
-rw-r--r--source4/heimdal/lib/des/dh.h4
-rw-r--r--source4/heimdal/lib/des/engine.h5
-rw-r--r--source4/heimdal/lib/des/evp.c150
-rw-r--r--source4/heimdal/lib/des/evp.h15
-rw-r--r--source4/heimdal/lib/des/rand.h48
-rwxr-xr-xsource4/heimdal/lib/des/rc2.c4
-rw-r--r--source4/heimdal/lib/des/rsa.h4
-rw-r--r--source4/heimdal/lib/des/sha.h25
-rw-r--r--source4/heimdal/lib/des/sha256.c233
10 files changed, 481 insertions, 12 deletions
diff --git a/source4/heimdal/lib/des/des.c b/source4/heimdal/lib/des/des.c
index b6bb55a9ba..32d479e372 100644
--- a/source4/heimdal/lib/des/des.c
+++ b/source4/heimdal/lib/des/des.c
@@ -45,13 +45,14 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: des.c,v 1.16 2006/01/08 21:47:28 lha Exp $");
+RCSID("$Id: des.c,v 1.17 2006/04/14 14:19:36 lha Exp $");
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <krb5-types.h>
+#include <assert.h>
#include "des.h"
#include "ui.h"
@@ -514,6 +515,7 @@ DES_cfb64_encrypt(const void *in, void *out,
if (forward_encrypt) {
int i = *num;
+ assert(i >= 0);
while (length > 0) {
if (i == 0)
@@ -535,6 +537,7 @@ DES_cfb64_encrypt(const void *in, void *out,
} else {
int i = *num;
unsigned char c;
+ assert(i >= 0);
while (length > 0) {
if (i == 0) {
diff --git a/source4/heimdal/lib/des/dh.h b/source4/heimdal/lib/des/dh.h
index cbea876521..419c7d8902 100644
--- a/source4/heimdal/lib/des/dh.h
+++ b/source4/heimdal/lib/des/dh.h
@@ -32,7 +32,7 @@
*/
/*
- * $Id: dh.h,v 1.4 2006/01/18 13:48:30 lha Exp $
+ * $Id: dh.h,v 1.5 2006/04/20 18:16:17 lha Exp $
*/
#ifndef _HEIM_DH_H
@@ -52,7 +52,7 @@
#define DH_set_ex_data hc_DH_set_ex_data
#define DH_get_ex_data hc_DH_get_ex_data
#define DH_generate_parameters_ex hc_DH_generate_parameters_ex
-#define DH_check hc_DH_check
+#define DH_check_pubkey hc_DH_check_pubkey
#define DH_generate_key hc_DH_generate_key
#define DH_compute_key hc_DH_compute_key
diff --git a/source4/heimdal/lib/des/engine.h b/source4/heimdal/lib/des/engine.h
index 70c0a7688c..757d0f75fb 100644
--- a/source4/heimdal/lib/des/engine.h
+++ b/source4/heimdal/lib/des/engine.h
@@ -32,7 +32,7 @@
*/
/*
- * $Id: engine.h,v 1.4 2006/01/13 15:26:52 lha Exp $
+ * $Id: engine.h,v 1.5 2006/04/17 13:16:17 lha Exp $
*/
#ifndef _HEIM_ENGINE_H
@@ -45,6 +45,7 @@
#define ENGINE_finish hc_ENGINE_finish
#define ENGINE_get_DH hc_ENGINE_get_DH
#define ENGINE_get_RSA hc_ENGINE_get_RSA
+#define ENGINE_get_RAND hc_ENGINE_get_RAND
#define ENGINE_get_id hc_ENGINE_get_id
#define ENGINE_get_name hc_ENGINE_get_name
#define ENGINE_load_builtin_engines hc_ENGINE_load_builtin_engines
@@ -64,6 +65,7 @@ typedef struct hc_engine ENGINE;
#include <hcrypto/rsa.h>
#include <hcrypto/dsa.h>
#include <hcrypto/dh.h>
+#include <hcrypto/rand.h>
#define OPENSSL_DYNAMIC_VERSION (unsigned long)0x00020000
@@ -86,6 +88,7 @@ const char * ENGINE_get_id(const ENGINE *);
const char * ENGINE_get_name(const ENGINE *);
const RSA_METHOD * ENGINE_get_RSA(const ENGINE *);
const DH_METHOD * ENGINE_get_DH(const ENGINE *);
+const RAND_METHOD * ENGINE_get_RAND(const ENGINE *);
int ENGINE_set_default_RSA(ENGINE *);
ENGINE * ENGINE_get_default_RSA(void);
diff --git a/source4/heimdal/lib/des/evp.c b/source4/heimdal/lib/des/evp.c
index 3f89a49bcc..475bb7314e 100644
--- a/source4/heimdal/lib/des/evp.c
+++ b/source4/heimdal/lib/des/evp.c
@@ -151,6 +151,22 @@ EVP_Digest(const void *data, size_t dsize, void *hash, unsigned int *hsize,
*
*/
+static const struct hc_evp_md sha256 = {
+ 32,
+ 64,
+ sizeof(SHA256_CTX),
+ (void *)SHA256_Init,
+ (void *)SHA256_Update,
+ (void *)SHA256_Final,
+ NULL
+};
+
+const EVP_MD *
+EVP_sha256(void)
+{
+ return &sha256;
+}
+
static const struct hc_evp_md sha1 = {
20,
64,
@@ -543,6 +559,27 @@ EVP_rc2_40_cbc(void)
return &rc2_40_cbc;
}
+const EVP_CIPHER *
+EVP_rc2_64_cbc(void)
+{
+ static const EVP_CIPHER rc2_64_cbc = {
+ 0,
+ RC2_BLOCK_SIZE,
+ 8,
+ RC2_BLOCK_SIZE,
+ EVP_CIPH_CBC_MODE,
+ rc2_init,
+ rc2_do_cipher,
+ rc2_cleanup,
+ sizeof(struct rc2_cbc),
+ NULL,
+ NULL,
+ NULL,
+ NULL
+ };
+ return &rc2_64_cbc;
+}
+
/*
*
*/
@@ -726,3 +763,116 @@ EVP_aes_256_cbc(void)
};
return &aes_256_cbc;
}
+
+/*
+ *
+ */
+
+static const struct cipher_name {
+ const char *name;
+ const EVP_CIPHER *(*func)(void);
+} cipher_name[] = {
+ { "des-ede3-cbc", EVP_des_ede3_cbc },
+ { "aes-128-cbc", EVP_aes_128_cbc },
+ { "aes-192-cbc", EVP_aes_192_cbc },
+ { "aes-256-cbc", EVP_aes_256_cbc }
+};
+
+
+const EVP_CIPHER *
+EVP_get_cipherbyname(const char *name)
+{
+ int i;
+ for (i = 0; i < sizeof(cipher_name)/sizeof(cipher_name[0]); i++) {
+ if (strcasecmp(cipher_name[i].name, name) == 0)
+ return (*cipher_name[i].func)();
+ }
+ return NULL;
+}
+
+
+/*
+ *
+ */
+
+#ifndef min
+#define min(a,b) (((a)>(b))?(b):(a))
+#endif
+
+int
+EVP_BytesToKey(const EVP_CIPHER *type,
+ const EVP_MD *md,
+ const void *salt,
+ const void *data, size_t datalen,
+ unsigned int count,
+ void *keydata,
+ void *ivdata)
+{
+ int ivlen, keylen, first = 0;
+ unsigned int mds = 0, i;
+ unsigned char *key = keydata;
+ unsigned char *iv = ivdata;
+ unsigned char *buf;
+ EVP_MD_CTX c;
+
+ keylen = EVP_CIPHER_key_length(type);
+ ivlen = EVP_CIPHER_iv_length(type);
+
+ if (data == NULL)
+ return keylen;
+
+ buf = malloc(EVP_MD_size(md));
+ if (buf == NULL)
+ return -1;
+
+ EVP_MD_CTX_init(&c);
+
+ first = 1;
+ while (1) {
+ EVP_DigestInit_ex(&c, md, NULL);
+ if (!first)
+ EVP_DigestUpdate(&c, buf, mds);
+ first = 0;
+ EVP_DigestUpdate(&c,data,datalen);
+
+#define PKCS5_SALT_LEN 8
+
+ if (salt)
+ EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN);
+
+ EVP_DigestFinal_ex(&c, buf, &mds);
+
+ for (i = 1; i < count; i++) {
+ EVP_DigestInit_ex(&c, md, NULL);
+ EVP_DigestUpdate(&c, buf, mds);
+ EVP_DigestFinal_ex(&c, buf, &mds);
+ }
+
+ i = 0;
+ if (keylen) {
+ size_t sz = min(keylen, mds);
+ if (key) {
+ memcpy(key, buf, sz);
+ key += sz;
+ }
+ keylen -= sz;
+ i += sz;
+ }
+ if (ivlen && mds > i) {
+ size_t sz = min(ivlen, (mds - i));
+ if (iv) {
+ memcpy(iv, &buf[i], sz);
+ iv += sz;
+ }
+ ivlen -= sz;
+ }
+ if (keylen == 0 && ivlen == 0)
+ break;
+ }
+
+ EVP_MD_CTX_cleanup(&c);
+ free(buf);
+
+ return EVP_CIPHER_key_length(type);
+}
+
diff --git a/source4/heimdal/lib/des/evp.h b/source4/heimdal/lib/des/evp.h
index a04f17aabf..17d6d5fd41 100644
--- a/source4/heimdal/lib/des/evp.h
+++ b/source4/heimdal/lib/des/evp.h
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: evp.h,v 1.3 2006/02/28 14:17:25 lha Exp $ */
+/* $Id: evp.h,v 1.8 2006/04/21 15:00:54 lha Exp $ */
#ifndef HEIM_EVP_H
#define HEIM_EVP_H 1
@@ -79,12 +79,16 @@
#define EVP_md5 hc_EVP_md5
#define EVP_md_null hc_EVP_md_null
#define EVP_rc2_40_cbc hc_EVP_rc2_40_cbc
+#define EVP_rc2_64_cbc hc_EVP_rc2_64_cbc
#define EVP_rc2_cbc hc_EVP_rc2_cbc
#define EVP_rc4 hc_EVP_rc4
#define EVP_rc4_40 hc_EVP_rc4_40
#define EVP_sha hc_EVP_sha
#define EVP_sha1 hc_EVP_sha1
+#define EVP_sha256 hc_EVP_sha256
#define PKCS5_PBKDF2_HMAC_SHA1 hc_PKCS5_PBKDF2_HMAC_SHA1
+#define EVP_BytesToKey hc_EVP_BytesToKey
+#define EVP_get_cipherbyname hc_EVP_get_cipherbyname
/*
*
@@ -161,6 +165,7 @@ const EVP_MD *EVP_md4(void);
const EVP_MD *EVP_md5(void);
const EVP_MD *EVP_sha(void);
const EVP_MD *EVP_sha1(void);
+const EVP_MD *EVP_sha256(void);
const EVP_CIPHER * EVP_aes_128_cbc(void);
const EVP_CIPHER * EVP_aes_192_cbc(void);
@@ -168,6 +173,7 @@ const EVP_CIPHER * EVP_aes_256_cbc(void);
const EVP_CIPHER * EVP_des_ede3_cbc(void);
const EVP_CIPHER * EVP_enc_null(void);
const EVP_CIPHER * EVP_rc2_40_cbc(void);
+const EVP_CIPHER * EVP_rc2_64_cbc(void);
const EVP_CIPHER * EVP_rc2_cbc(void);
const EVP_CIPHER * EVP_rc4(void);
const EVP_CIPHER * EVP_rc4_40(void);
@@ -199,6 +205,9 @@ int EVP_Digest(const void *, size_t, void *, unsigned int *,
*
*/
+const EVP_CIPHER *
+ EVP_get_cipherbyname(const char *);
+
size_t EVP_CIPHER_block_size(const EVP_CIPHER *);
size_t EVP_CIPHER_key_length(const EVP_CIPHER *);
size_t EVP_CIPHER_iv_length(const EVP_CIPHER *);
@@ -227,5 +236,9 @@ int EVP_Cipher(EVP_CIPHER_CTX *,void *,const void *,size_t);
int PKCS5_PBKDF2_HMAC_SHA1(const void *, size_t, const void *, size_t,
unsigned long, size_t, void *);
+int EVP_BytesToKey(const EVP_CIPHER *, const EVP_MD *,
+ const void *, const void *, size_t,
+ unsigned int, void *, void *);
+
#endif /* HEIM_EVP_H */
diff --git a/source4/heimdal/lib/des/rand.h b/source4/heimdal/lib/des/rand.h
index 514fe0ced4..a57da53928 100644
--- a/source4/heimdal/lib/des/rand.h
+++ b/source4/heimdal/lib/des/rand.h
@@ -1,3 +1,4 @@
+
/*
* Copyright (c) 2006 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
@@ -32,23 +33,64 @@
*/
/*
- * $Id: rand.h,v 1.2 2006/01/13 15:26:52 lha Exp $
+ * $Id: rand.h,v 1.4 2006/04/17 13:23:04 lha Exp $
*/
#ifndef _HEIM_RAND_H
#define _HEIM_RAND_H 1
+typedef struct RAND_METHOD RAND_METHOD;
+
#include <hcrypto/bn.h>
+#include <hcrypto/engine.h>
/* symbol renaming */
#define RAND_bytes hc_RAND_bytes
#define RAND_pseudo_bytes hc_RAND_pseudo_bytes
+#define RAND_seed hc_RAND_seed
+#define RAND_cleanup hc_RAND_cleanup
+#define RAND_add hc_RAND_add
+#define RAND_set_rand_method hc_RAND_set_rand_method
+#define RAND_get_rand_method hc_RAND_get_rand_method
+#define RAND_set_rand_engine hc_RAND_set_rand_engine
+#define RAND_load_file hc_RAND_load_file
+#define RAND_write_file hc_RAND_write_file
+#define RAND_status hc_RAND_status
+#define RAND_egd hc_RAND_egd
+
+/*
+ *
+ */
+
+struct RAND_METHOD
+{
+ void (*seed)(const void *, int);
+ int (*bytes)(unsigned char *, int);
+ void (*cleanup)(void);
+ void (*add)(const void *, int, double);
+ int (*pseudorand)(unsigned char *, int);
+ int (*status)(void);
+};
/*
*
*/
-int RAND_bytes(void *, size_t num);
-int RAND_pseudo_bytes(void *, size_t);
+int RAND_bytes(void *, size_t num);
+int RAND_pseudo_bytes(void *, size_t);
+void RAND_seed(const void *, size_t);
+void RAND_cleanup(void);
+void RAND_add(const void *, size_t, double);
+
+int RAND_set_rand_method(const RAND_METHOD *);
+const RAND_METHOD *
+ RAND_get_rand_method(void);
+int RAND_set_rand_engine(ENGINE *);
+
+int RAND_load_file(const char *, size_t);
+int RAND_write_file(const char *);
+int RAND_status(void);
+int RAND_egd(const char *);
+
#endif /* _HEIM_RAND_H */
diff --git a/source4/heimdal/lib/des/rc2.c b/source4/heimdal/lib/des/rc2.c
index 4b4b53d52c..ed43c70605 100755
--- a/source4/heimdal/lib/des/rc2.c
+++ b/source4/heimdal/lib/des/rc2.c
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: rc2.c,v 1.6 2005/06/18 22:47:33 lha Exp $");
+RCSID("$Id: rc2.c,v 1.7 2006/04/09 17:03:21 lha Exp $");
#endif
#include "rc2.h"
@@ -87,6 +87,8 @@ RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
unsigned char k[128];
int j, T8, TM;
+ if (len <= 0)
+ abort();
if (len > 128)
len = 128;
if (bits <= 0 || bits > 1024)
diff --git a/source4/heimdal/lib/des/rsa.h b/source4/heimdal/lib/des/rsa.h
index da9d2ea4b1..ea1dba27d8 100644
--- a/source4/heimdal/lib/des/rsa.h
+++ b/source4/heimdal/lib/des/rsa.h
@@ -32,7 +32,7 @@
*/
/*
- * $Id: rsa.h,v 1.2 2006/01/13 15:26:52 lha Exp $
+ * $Id: rsa.h,v 1.4 2006/04/16 19:38:23 lha Exp $
*/
#ifndef _HEIM_RSA_H
@@ -59,6 +59,7 @@
#define RSA_sign hc_RSA_sign
#define RSA_verify hc_RSA_verify
#define d2i_RSAPrivateKey hc_d2i_RSAPrivateKey
+#define i2d_RSAPublicKey hc_i2d_RSAPublicKey
/*
*
@@ -160,5 +161,6 @@ int RSA_verify(int, const unsigned char *, unsigned int,
unsigned char *, unsigned int, RSA *);
RSA * d2i_RSAPrivateKey(RSA *, const unsigned char **, size_t);
+int i2d_RSAPublicKey(RSA *, unsigned char **);
#endif /* _HEIM_RSA_H */
diff --git a/source4/heimdal/lib/des/sha.h b/source4/heimdal/lib/des/sha.h
index 4657fad51f..6021823f5c 100644
--- a/source4/heimdal/lib/des/sha.h
+++ b/source4/heimdal/lib/des/sha.h
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: sha.h,v 1.9 2006/01/08 21:47:29 lha Exp $ */
+/* $Id: sha.h,v 1.10 2006/04/15 07:54:11 lha Exp $ */
#ifndef HEIM_SHA_H
#define HEIM_SHA_H 1
@@ -40,9 +40,12 @@
#define SHA1_Init hc_SHA1_Init
#define SHA1_Update hc_SHA1_Update
#define SHA1_Final hc_SHA1_Final
+#define SHA256_Init hc_SHA256_Init
+#define SHA256_Update hc_SHA256_Update
+#define SHA256_Final hc_SHA256_Final
/*
- *
+ * SHA-1
*/
#define SHA_DIGEST_LENGTH 20
@@ -59,4 +62,22 @@ void SHA1_Init (struct sha *m);
void SHA1_Update (struct sha *m, const void *v, size_t len);
void SHA1_Final (void *res, struct sha *m);
+/*
+ * SHA-2 256
+ */
+
+#define SHA256_DIGEST_LENGTH 32
+
+struct hc_sha256state {
+ unsigned int sz[2];
+ u_int32_t counter[8];
+ unsigned char save[64];
+};
+
+typedef struct hc_sha256state SHA256_CTX;
+
+void SHA256_Init (SHA256_CTX *);
+void SHA256_Update (SHA256_CTX *, const void *, size_t);
+void SHA256_Final (void *, SHA256_CTX *);
+
#endif /* HEIM_SHA_H */
diff --git a/source4/heimdal/lib/des/sha256.c b/source4/heimdal/lib/des/sha256.c
new file mode 100644
index 0000000000..8c12ce504c
--- /dev/null
+++ b/source4/heimdal/lib/des/sha256.c
@@ -0,0 +1,233 @@
+/*
+ * Copyright (c) 1995 - 2001, 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+
+RCSID("$Id: sha256.c,v 1.1 2006/04/15 07:53:07 lha Exp $");
+#endif
+
+#include "hash.h"
+#include "sha.h"
+
+#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
+#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
+
+#define ROTR(x,n) (((x)>>(n)) | ((x) << (32 - (n))))
+
+#define Sigma0(x) (ROTR(x,2) ^ ROTR(x,13) ^ ROTR(x,22))
+#define Sigma1(x) (ROTR(x,6) ^ ROTR(x,11) ^ ROTR(x,25))
+#define sigma0(x) (ROTR(x,7) ^ ROTR(x,18) ^ ((x)>>3))
+#define sigma1(x) (ROTR(x,17) ^ ROTR(x,19) ^ ((x)>>10))
+
+#define A m->counter[0]
+#define B m->counter[1]
+#define C m->counter[2]
+#define D m->counter[3]
+#define E m->counter[4]
+#define F m->counter[5]
+#define G m->counter[6]
+#define H m->counter[7]
+
+static const u_int32_t constant_256[64] = {
+ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
+ 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+ 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+ 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+ 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
+ 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+ 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
+ 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+ 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+ 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+ 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
+ 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+ 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
+ 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+ 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+ 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+};
+
+void
+SHA256_Init (SHA256_CTX *m)
+{
+ m->sz[0] = 0;
+ m->sz[1] = 0;
+ A = 0x6a09e667;
+ B = 0xbb67ae85;
+ C = 0x3c6ef372;
+ D = 0xa54ff53a;
+ E = 0x510e527f;
+ F = 0x9b05688c;
+ G = 0x1f83d9ab;
+ H = 0x5be0cd19;
+}
+
+static void
+calc (SHA256_CTX *m, u_int32_t *in)
+{
+ u_int32_t AA, BB, CC, DD, EE, FF, GG, HH;
+ u_int32_t data[64];
+ int i;
+
+ AA = A;
+ BB = B;
+ CC = C;
+ DD = D;
+ EE = E;
+ FF = F;
+ GG = G;
+ HH = H;
+
+ for (i = 0; i < 16; ++i)
+ data[i] = in[i];
+ for (i = 16; i < 64; ++i)
+ data[i] = sigma1(data[i-2]) + data[i-7] +
+ sigma0(data[i-15]) + data[i - 16];
+
+ for (i = 0; i < 64; i++) {
+ u_int32_t T1, T2;
+
+ T1 = HH + Sigma1(EE) + Ch(EE, FF, GG) + constant_256[i] + data[i];
+ T2 = Sigma0(AA) + Maj(AA,BB,CC);
+
+ HH = GG;
+ GG = FF;
+ FF = EE;
+ EE = DD + T1;
+ DD = CC;
+ CC = BB;
+ BB = AA;
+ AA = T1 + T2;
+ }
+
+ A += AA;
+ B += BB;
+ C += CC;
+ D += DD;
+ E += EE;
+ F += FF;
+ G += GG;
+ H += HH;
+}
+
+/*
+ * From `Performance analysis of MD5' by Joseph D. Touch <touch@isi.edu>
+ */
+
+#if !defined(WORDS_BIGENDIAN) || defined(_CRAY)
+static inline u_int32_t
+swap_u_int32_t (u_int32_t t)
+{
+#define ROL(x,n) ((x)<<(n))|((x)>>(32-(n)))
+ u_int32_t temp1, temp2;
+
+ temp1 = cshift(t, 16);
+ temp2 = temp1 >> 8;
+ temp1 &= 0x00ff00ff;
+ temp2 &= 0x00ff00ff;
+ temp1 <<= 8;
+ return temp1 | temp2;
+}
+#endif
+
+struct x32{
+ unsigned int a:32;
+ unsigned int b:32;
+};
+
+void
+SHA256_Update (SHA256_CTX *m, const void *v, size_t len)
+{
+ const unsigned char *p = v;
+ size_t old_sz = m->sz[0];
+ size_t offset;
+
+ m->sz[0] += len * 8;
+ if (m->sz[0] < old_sz)
+ ++m->sz[1];
+ offset = (old_sz / 8) % 64;
+ while(len > 0){
+ size_t l = min(len, 64 - offset);
+ memcpy(m->save + offset, p, l);
+ offset += l;
+ p += l;
+ len -= l;
+ if(offset == 64){
+#if !defined(WORDS_BIGENDIAN) || defined(_CRAY)
+ int i;
+ u_int32_t current[16];
+ struct x32 *u = (struct x32*)m->save;
+ for(i = 0; i < 8; i++){
+ current[2*i+0] = swap_u_int32_t(u[i].a);
+ current[2*i+1] = swap_u_int32_t(u[i].b);
+ }
+ calc(m, current);
+#else
+ calc(m, (u_int32_t*)m->save);
+#endif
+ offset = 0;
+ }
+ }
+}
+
+void
+SHA256_Final (void *res, SHA256_CTX *m)
+{
+ unsigned char zeros[72];
+ unsigned offset = (m->sz[0] / 8) % 64;
+ unsigned int dstart = (120 - offset - 1) % 64 + 1;
+
+ *zeros = 0x80;
+ memset (zeros + 1, 0, sizeof(zeros) - 1);
+ zeros[dstart+7] = (m->sz[0] >> 0) & 0xff;
+ zeros[dstart+6] = (m->sz[0] >> 8) & 0xff;
+ zeros[dstart+5] = (m->sz[0] >> 16) & 0xff;
+ zeros[dstart+4] = (m->sz[0] >> 24) & 0xff;
+ zeros[dstart+3] = (m->sz[1] >> 0) & 0xff;
+ zeros[dstart+2] = (m->sz[1] >> 8) & 0xff;
+ zeros[dstart+1] = (m->sz[1] >> 16) & 0xff;
+ zeros[dstart+0] = (m->sz[1] >> 24) & 0xff;
+ SHA256_Update (m, zeros, dstart + 8);
+ {
+ int i;
+ unsigned char *r = (unsigned char*)res;
+
+ for (i = 0; i < 8; ++i) {
+ r[4*i+3] = m->counter[i] & 0xFF;
+ r[4*i+2] = (m->counter[i] >> 8) & 0xFF;
+ r[4*i+1] = (m->counter[i] >> 16) & 0xFF;
+ r[4*i] = (m->counter[i] >> 24) & 0xFF;
+ }
+ }
+}