diff options
author | Andrew Bartlett <abartlet@samba.org> | 2006-04-24 09:36:24 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:04:15 -0500 |
commit | c33f6b2c370379dfd010600adc59e7439f1318f7 (patch) | |
tree | 2ac36b3751796f05ecb45a2ecd03bd166ed7182f /source4/heimdal/lib/des | |
parent | 0eddf14b307e905663b95296aa695a10d3fb90f7 (diff) | |
download | samba-c33f6b2c370379dfd010600adc59e7439f1318f7.tar.gz samba-c33f6b2c370379dfd010600adc59e7439f1318f7.tar.bz2 samba-c33f6b2c370379dfd010600adc59e7439f1318f7.zip |
r15192: Update Samba4 to use current lorikeet-heimdal.
Andrew Bartlett
(This used to be commit f0e538126c5cb29ca14ad0d8281eaa0a715ed94f)
Diffstat (limited to 'source4/heimdal/lib/des')
-rw-r--r-- | source4/heimdal/lib/des/des.c | 5 | ||||
-rw-r--r-- | source4/heimdal/lib/des/dh.h | 4 | ||||
-rw-r--r-- | source4/heimdal/lib/des/engine.h | 5 | ||||
-rw-r--r-- | source4/heimdal/lib/des/evp.c | 150 | ||||
-rw-r--r-- | source4/heimdal/lib/des/evp.h | 15 | ||||
-rw-r--r-- | source4/heimdal/lib/des/rand.h | 48 | ||||
-rwxr-xr-x | source4/heimdal/lib/des/rc2.c | 4 | ||||
-rw-r--r-- | source4/heimdal/lib/des/rsa.h | 4 | ||||
-rw-r--r-- | source4/heimdal/lib/des/sha.h | 25 | ||||
-rw-r--r-- | source4/heimdal/lib/des/sha256.c | 233 |
10 files changed, 481 insertions, 12 deletions
diff --git a/source4/heimdal/lib/des/des.c b/source4/heimdal/lib/des/des.c index b6bb55a9ba..32d479e372 100644 --- a/source4/heimdal/lib/des/des.c +++ b/source4/heimdal/lib/des/des.c @@ -45,13 +45,14 @@ #ifdef HAVE_CONFIG_H #include <config.h> -RCSID("$Id: des.c,v 1.16 2006/01/08 21:47:28 lha Exp $"); +RCSID("$Id: des.c,v 1.17 2006/04/14 14:19:36 lha Exp $"); #endif #include <stdio.h> #include <stdlib.h> #include <string.h> #include <krb5-types.h> +#include <assert.h> #include "des.h" #include "ui.h" @@ -514,6 +515,7 @@ DES_cfb64_encrypt(const void *in, void *out, if (forward_encrypt) { int i = *num; + assert(i >= 0); while (length > 0) { if (i == 0) @@ -535,6 +537,7 @@ DES_cfb64_encrypt(const void *in, void *out, } else { int i = *num; unsigned char c; + assert(i >= 0); while (length > 0) { if (i == 0) { diff --git a/source4/heimdal/lib/des/dh.h b/source4/heimdal/lib/des/dh.h index cbea876521..419c7d8902 100644 --- a/source4/heimdal/lib/des/dh.h +++ b/source4/heimdal/lib/des/dh.h @@ -32,7 +32,7 @@ */ /* - * $Id: dh.h,v 1.4 2006/01/18 13:48:30 lha Exp $ + * $Id: dh.h,v 1.5 2006/04/20 18:16:17 lha Exp $ */ #ifndef _HEIM_DH_H @@ -52,7 +52,7 @@ #define DH_set_ex_data hc_DH_set_ex_data #define DH_get_ex_data hc_DH_get_ex_data #define DH_generate_parameters_ex hc_DH_generate_parameters_ex -#define DH_check hc_DH_check +#define DH_check_pubkey hc_DH_check_pubkey #define DH_generate_key hc_DH_generate_key #define DH_compute_key hc_DH_compute_key diff --git a/source4/heimdal/lib/des/engine.h b/source4/heimdal/lib/des/engine.h index 70c0a7688c..757d0f75fb 100644 --- a/source4/heimdal/lib/des/engine.h +++ b/source4/heimdal/lib/des/engine.h @@ -32,7 +32,7 @@ */ /* - * $Id: engine.h,v 1.4 2006/01/13 15:26:52 lha Exp $ + * $Id: engine.h,v 1.5 2006/04/17 13:16:17 lha Exp $ */ #ifndef _HEIM_ENGINE_H @@ -45,6 +45,7 @@ #define ENGINE_finish hc_ENGINE_finish #define ENGINE_get_DH hc_ENGINE_get_DH #define ENGINE_get_RSA hc_ENGINE_get_RSA +#define ENGINE_get_RAND hc_ENGINE_get_RAND #define ENGINE_get_id hc_ENGINE_get_id #define ENGINE_get_name hc_ENGINE_get_name #define ENGINE_load_builtin_engines hc_ENGINE_load_builtin_engines @@ -64,6 +65,7 @@ typedef struct hc_engine ENGINE; #include <hcrypto/rsa.h> #include <hcrypto/dsa.h> #include <hcrypto/dh.h> +#include <hcrypto/rand.h> #define OPENSSL_DYNAMIC_VERSION (unsigned long)0x00020000 @@ -86,6 +88,7 @@ const char * ENGINE_get_id(const ENGINE *); const char * ENGINE_get_name(const ENGINE *); const RSA_METHOD * ENGINE_get_RSA(const ENGINE *); const DH_METHOD * ENGINE_get_DH(const ENGINE *); +const RAND_METHOD * ENGINE_get_RAND(const ENGINE *); int ENGINE_set_default_RSA(ENGINE *); ENGINE * ENGINE_get_default_RSA(void); diff --git a/source4/heimdal/lib/des/evp.c b/source4/heimdal/lib/des/evp.c index 3f89a49bcc..475bb7314e 100644 --- a/source4/heimdal/lib/des/evp.c +++ b/source4/heimdal/lib/des/evp.c @@ -151,6 +151,22 @@ EVP_Digest(const void *data, size_t dsize, void *hash, unsigned int *hsize, * */ +static const struct hc_evp_md sha256 = { + 32, + 64, + sizeof(SHA256_CTX), + (void *)SHA256_Init, + (void *)SHA256_Update, + (void *)SHA256_Final, + NULL +}; + +const EVP_MD * +EVP_sha256(void) +{ + return &sha256; +} + static const struct hc_evp_md sha1 = { 20, 64, @@ -543,6 +559,27 @@ EVP_rc2_40_cbc(void) return &rc2_40_cbc; } +const EVP_CIPHER * +EVP_rc2_64_cbc(void) +{ + static const EVP_CIPHER rc2_64_cbc = { + 0, + RC2_BLOCK_SIZE, + 8, + RC2_BLOCK_SIZE, + EVP_CIPH_CBC_MODE, + rc2_init, + rc2_do_cipher, + rc2_cleanup, + sizeof(struct rc2_cbc), + NULL, + NULL, + NULL, + NULL + }; + return &rc2_64_cbc; +} + /* * */ @@ -726,3 +763,116 @@ EVP_aes_256_cbc(void) }; return &aes_256_cbc; } + +/* + * + */ + +static const struct cipher_name { + const char *name; + const EVP_CIPHER *(*func)(void); +} cipher_name[] = { + { "des-ede3-cbc", EVP_des_ede3_cbc }, + { "aes-128-cbc", EVP_aes_128_cbc }, + { "aes-192-cbc", EVP_aes_192_cbc }, + { "aes-256-cbc", EVP_aes_256_cbc } +}; + + +const EVP_CIPHER * +EVP_get_cipherbyname(const char *name) +{ + int i; + for (i = 0; i < sizeof(cipher_name)/sizeof(cipher_name[0]); i++) { + if (strcasecmp(cipher_name[i].name, name) == 0) + return (*cipher_name[i].func)(); + } + return NULL; +} + + +/* + * + */ + +#ifndef min +#define min(a,b) (((a)>(b))?(b):(a)) +#endif + +int +EVP_BytesToKey(const EVP_CIPHER *type, + const EVP_MD *md, + const void *salt, + const void *data, size_t datalen, + unsigned int count, + void *keydata, + void *ivdata) +{ + int ivlen, keylen, first = 0; + unsigned int mds = 0, i; + unsigned char *key = keydata; + unsigned char *iv = ivdata; + unsigned char *buf; + EVP_MD_CTX c; + + keylen = EVP_CIPHER_key_length(type); + ivlen = EVP_CIPHER_iv_length(type); + + if (data == NULL) + return keylen; + + buf = malloc(EVP_MD_size(md)); + if (buf == NULL) + return -1; + + EVP_MD_CTX_init(&c); + + first = 1; + while (1) { + EVP_DigestInit_ex(&c, md, NULL); + if (!first) + EVP_DigestUpdate(&c, buf, mds); + first = 0; + EVP_DigestUpdate(&c,data,datalen); + +#define PKCS5_SALT_LEN 8 + + if (salt) + EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN); + + EVP_DigestFinal_ex(&c, buf, &mds); + + for (i = 1; i < count; i++) { + EVP_DigestInit_ex(&c, md, NULL); + EVP_DigestUpdate(&c, buf, mds); + EVP_DigestFinal_ex(&c, buf, &mds); + } + + i = 0; + if (keylen) { + size_t sz = min(keylen, mds); + if (key) { + memcpy(key, buf, sz); + key += sz; + } + keylen -= sz; + i += sz; + } + if (ivlen && mds > i) { + size_t sz = min(ivlen, (mds - i)); + if (iv) { + memcpy(iv, &buf[i], sz); + iv += sz; + } + ivlen -= sz; + } + if (keylen == 0 && ivlen == 0) + break; + } + + EVP_MD_CTX_cleanup(&c); + free(buf); + + return EVP_CIPHER_key_length(type); +} + diff --git a/source4/heimdal/lib/des/evp.h b/source4/heimdal/lib/des/evp.h index a04f17aabf..17d6d5fd41 100644 --- a/source4/heimdal/lib/des/evp.h +++ b/source4/heimdal/lib/des/evp.h @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: evp.h,v 1.3 2006/02/28 14:17:25 lha Exp $ */ +/* $Id: evp.h,v 1.8 2006/04/21 15:00:54 lha Exp $ */ #ifndef HEIM_EVP_H #define HEIM_EVP_H 1 @@ -79,12 +79,16 @@ #define EVP_md5 hc_EVP_md5 #define EVP_md_null hc_EVP_md_null #define EVP_rc2_40_cbc hc_EVP_rc2_40_cbc +#define EVP_rc2_64_cbc hc_EVP_rc2_64_cbc #define EVP_rc2_cbc hc_EVP_rc2_cbc #define EVP_rc4 hc_EVP_rc4 #define EVP_rc4_40 hc_EVP_rc4_40 #define EVP_sha hc_EVP_sha #define EVP_sha1 hc_EVP_sha1 +#define EVP_sha256 hc_EVP_sha256 #define PKCS5_PBKDF2_HMAC_SHA1 hc_PKCS5_PBKDF2_HMAC_SHA1 +#define EVP_BytesToKey hc_EVP_BytesToKey +#define EVP_get_cipherbyname hc_EVP_get_cipherbyname /* * @@ -161,6 +165,7 @@ const EVP_MD *EVP_md4(void); const EVP_MD *EVP_md5(void); const EVP_MD *EVP_sha(void); const EVP_MD *EVP_sha1(void); +const EVP_MD *EVP_sha256(void); const EVP_CIPHER * EVP_aes_128_cbc(void); const EVP_CIPHER * EVP_aes_192_cbc(void); @@ -168,6 +173,7 @@ const EVP_CIPHER * EVP_aes_256_cbc(void); const EVP_CIPHER * EVP_des_ede3_cbc(void); const EVP_CIPHER * EVP_enc_null(void); const EVP_CIPHER * EVP_rc2_40_cbc(void); +const EVP_CIPHER * EVP_rc2_64_cbc(void); const EVP_CIPHER * EVP_rc2_cbc(void); const EVP_CIPHER * EVP_rc4(void); const EVP_CIPHER * EVP_rc4_40(void); @@ -199,6 +205,9 @@ int EVP_Digest(const void *, size_t, void *, unsigned int *, * */ +const EVP_CIPHER * + EVP_get_cipherbyname(const char *); + size_t EVP_CIPHER_block_size(const EVP_CIPHER *); size_t EVP_CIPHER_key_length(const EVP_CIPHER *); size_t EVP_CIPHER_iv_length(const EVP_CIPHER *); @@ -227,5 +236,9 @@ int EVP_Cipher(EVP_CIPHER_CTX *,void *,const void *,size_t); int PKCS5_PBKDF2_HMAC_SHA1(const void *, size_t, const void *, size_t, unsigned long, size_t, void *); +int EVP_BytesToKey(const EVP_CIPHER *, const EVP_MD *, + const void *, const void *, size_t, + unsigned int, void *, void *); + #endif /* HEIM_EVP_H */ diff --git a/source4/heimdal/lib/des/rand.h b/source4/heimdal/lib/des/rand.h index 514fe0ced4..a57da53928 100644 --- a/source4/heimdal/lib/des/rand.h +++ b/source4/heimdal/lib/des/rand.h @@ -1,3 +1,4 @@ + /* * Copyright (c) 2006 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). @@ -32,23 +33,64 @@ */ /* - * $Id: rand.h,v 1.2 2006/01/13 15:26:52 lha Exp $ + * $Id: rand.h,v 1.4 2006/04/17 13:23:04 lha Exp $ */ #ifndef _HEIM_RAND_H #define _HEIM_RAND_H 1 +typedef struct RAND_METHOD RAND_METHOD; + #include <hcrypto/bn.h> +#include <hcrypto/engine.h> /* symbol renaming */ #define RAND_bytes hc_RAND_bytes #define RAND_pseudo_bytes hc_RAND_pseudo_bytes +#define RAND_seed hc_RAND_seed +#define RAND_cleanup hc_RAND_cleanup +#define RAND_add hc_RAND_add +#define RAND_set_rand_method hc_RAND_set_rand_method +#define RAND_get_rand_method hc_RAND_get_rand_method +#define RAND_set_rand_engine hc_RAND_set_rand_engine +#define RAND_load_file hc_RAND_load_file +#define RAND_write_file hc_RAND_write_file +#define RAND_status hc_RAND_status +#define RAND_egd hc_RAND_egd + +/* + * + */ + +struct RAND_METHOD +{ + void (*seed)(const void *, int); + int (*bytes)(unsigned char *, int); + void (*cleanup)(void); + void (*add)(const void *, int, double); + int (*pseudorand)(unsigned char *, int); + int (*status)(void); +}; /* * */ -int RAND_bytes(void *, size_t num); -int RAND_pseudo_bytes(void *, size_t); +int RAND_bytes(void *, size_t num); +int RAND_pseudo_bytes(void *, size_t); +void RAND_seed(const void *, size_t); +void RAND_cleanup(void); +void RAND_add(const void *, size_t, double); + +int RAND_set_rand_method(const RAND_METHOD *); +const RAND_METHOD * + RAND_get_rand_method(void); +int RAND_set_rand_engine(ENGINE *); + +int RAND_load_file(const char *, size_t); +int RAND_write_file(const char *); +int RAND_status(void); +int RAND_egd(const char *); + #endif /* _HEIM_RAND_H */ diff --git a/source4/heimdal/lib/des/rc2.c b/source4/heimdal/lib/des/rc2.c index 4b4b53d52c..ed43c70605 100755 --- a/source4/heimdal/lib/des/rc2.c +++ b/source4/heimdal/lib/des/rc2.c @@ -33,7 +33,7 @@ #ifdef HAVE_CONFIG_H #include <config.h> -RCSID("$Id: rc2.c,v 1.6 2005/06/18 22:47:33 lha Exp $"); +RCSID("$Id: rc2.c,v 1.7 2006/04/09 17:03:21 lha Exp $"); #endif #include "rc2.h" @@ -87,6 +87,8 @@ RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) unsigned char k[128]; int j, T8, TM; + if (len <= 0) + abort(); if (len > 128) len = 128; if (bits <= 0 || bits > 1024) diff --git a/source4/heimdal/lib/des/rsa.h b/source4/heimdal/lib/des/rsa.h index da9d2ea4b1..ea1dba27d8 100644 --- a/source4/heimdal/lib/des/rsa.h +++ b/source4/heimdal/lib/des/rsa.h @@ -32,7 +32,7 @@ */ /* - * $Id: rsa.h,v 1.2 2006/01/13 15:26:52 lha Exp $ + * $Id: rsa.h,v 1.4 2006/04/16 19:38:23 lha Exp $ */ #ifndef _HEIM_RSA_H @@ -59,6 +59,7 @@ #define RSA_sign hc_RSA_sign #define RSA_verify hc_RSA_verify #define d2i_RSAPrivateKey hc_d2i_RSAPrivateKey +#define i2d_RSAPublicKey hc_i2d_RSAPublicKey /* * @@ -160,5 +161,6 @@ int RSA_verify(int, const unsigned char *, unsigned int, unsigned char *, unsigned int, RSA *); RSA * d2i_RSAPrivateKey(RSA *, const unsigned char **, size_t); +int i2d_RSAPublicKey(RSA *, unsigned char **); #endif /* _HEIM_RSA_H */ diff --git a/source4/heimdal/lib/des/sha.h b/source4/heimdal/lib/des/sha.h index 4657fad51f..6021823f5c 100644 --- a/source4/heimdal/lib/des/sha.h +++ b/source4/heimdal/lib/des/sha.h @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: sha.h,v 1.9 2006/01/08 21:47:29 lha Exp $ */ +/* $Id: sha.h,v 1.10 2006/04/15 07:54:11 lha Exp $ */ #ifndef HEIM_SHA_H #define HEIM_SHA_H 1 @@ -40,9 +40,12 @@ #define SHA1_Init hc_SHA1_Init #define SHA1_Update hc_SHA1_Update #define SHA1_Final hc_SHA1_Final +#define SHA256_Init hc_SHA256_Init +#define SHA256_Update hc_SHA256_Update +#define SHA256_Final hc_SHA256_Final /* - * + * SHA-1 */ #define SHA_DIGEST_LENGTH 20 @@ -59,4 +62,22 @@ void SHA1_Init (struct sha *m); void SHA1_Update (struct sha *m, const void *v, size_t len); void SHA1_Final (void *res, struct sha *m); +/* + * SHA-2 256 + */ + +#define SHA256_DIGEST_LENGTH 32 + +struct hc_sha256state { + unsigned int sz[2]; + u_int32_t counter[8]; + unsigned char save[64]; +}; + +typedef struct hc_sha256state SHA256_CTX; + +void SHA256_Init (SHA256_CTX *); +void SHA256_Update (SHA256_CTX *, const void *, size_t); +void SHA256_Final (void *, SHA256_CTX *); + #endif /* HEIM_SHA_H */ diff --git a/source4/heimdal/lib/des/sha256.c b/source4/heimdal/lib/des/sha256.c new file mode 100644 index 0000000000..8c12ce504c --- /dev/null +++ b/source4/heimdal/lib/des/sha256.c @@ -0,0 +1,233 @@ +/* + * Copyright (c) 1995 - 2001, 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" + +RCSID("$Id: sha256.c,v 1.1 2006/04/15 07:53:07 lha Exp $"); +#endif + +#include "hash.h" +#include "sha.h" + +#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) +#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) + +#define ROTR(x,n) (((x)>>(n)) | ((x) << (32 - (n)))) + +#define Sigma0(x) (ROTR(x,2) ^ ROTR(x,13) ^ ROTR(x,22)) +#define Sigma1(x) (ROTR(x,6) ^ ROTR(x,11) ^ ROTR(x,25)) +#define sigma0(x) (ROTR(x,7) ^ ROTR(x,18) ^ ((x)>>3)) +#define sigma1(x) (ROTR(x,17) ^ ROTR(x,19) ^ ((x)>>10)) + +#define A m->counter[0] +#define B m->counter[1] +#define C m->counter[2] +#define D m->counter[3] +#define E m->counter[4] +#define F m->counter[5] +#define G m->counter[6] +#define H m->counter[7] + +static const u_int32_t constant_256[64] = { + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, + 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, + 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, + 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, + 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, + 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, + 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, + 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, + 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +}; + +void +SHA256_Init (SHA256_CTX *m) +{ + m->sz[0] = 0; + m->sz[1] = 0; + A = 0x6a09e667; + B = 0xbb67ae85; + C = 0x3c6ef372; + D = 0xa54ff53a; + E = 0x510e527f; + F = 0x9b05688c; + G = 0x1f83d9ab; + H = 0x5be0cd19; +} + +static void +calc (SHA256_CTX *m, u_int32_t *in) +{ + u_int32_t AA, BB, CC, DD, EE, FF, GG, HH; + u_int32_t data[64]; + int i; + + AA = A; + BB = B; + CC = C; + DD = D; + EE = E; + FF = F; + GG = G; + HH = H; + + for (i = 0; i < 16; ++i) + data[i] = in[i]; + for (i = 16; i < 64; ++i) + data[i] = sigma1(data[i-2]) + data[i-7] + + sigma0(data[i-15]) + data[i - 16]; + + for (i = 0; i < 64; i++) { + u_int32_t T1, T2; + + T1 = HH + Sigma1(EE) + Ch(EE, FF, GG) + constant_256[i] + data[i]; + T2 = Sigma0(AA) + Maj(AA,BB,CC); + + HH = GG; + GG = FF; + FF = EE; + EE = DD + T1; + DD = CC; + CC = BB; + BB = AA; + AA = T1 + T2; + } + + A += AA; + B += BB; + C += CC; + D += DD; + E += EE; + F += FF; + G += GG; + H += HH; +} + +/* + * From `Performance analysis of MD5' by Joseph D. Touch <touch@isi.edu> + */ + +#if !defined(WORDS_BIGENDIAN) || defined(_CRAY) +static inline u_int32_t +swap_u_int32_t (u_int32_t t) +{ +#define ROL(x,n) ((x)<<(n))|((x)>>(32-(n))) + u_int32_t temp1, temp2; + + temp1 = cshift(t, 16); + temp2 = temp1 >> 8; + temp1 &= 0x00ff00ff; + temp2 &= 0x00ff00ff; + temp1 <<= 8; + return temp1 | temp2; +} +#endif + +struct x32{ + unsigned int a:32; + unsigned int b:32; +}; + +void +SHA256_Update (SHA256_CTX *m, const void *v, size_t len) +{ + const unsigned char *p = v; + size_t old_sz = m->sz[0]; + size_t offset; + + m->sz[0] += len * 8; + if (m->sz[0] < old_sz) + ++m->sz[1]; + offset = (old_sz / 8) % 64; + while(len > 0){ + size_t l = min(len, 64 - offset); + memcpy(m->save + offset, p, l); + offset += l; + p += l; + len -= l; + if(offset == 64){ +#if !defined(WORDS_BIGENDIAN) || defined(_CRAY) + int i; + u_int32_t current[16]; + struct x32 *u = (struct x32*)m->save; + for(i = 0; i < 8; i++){ + current[2*i+0] = swap_u_int32_t(u[i].a); + current[2*i+1] = swap_u_int32_t(u[i].b); + } + calc(m, current); +#else + calc(m, (u_int32_t*)m->save); +#endif + offset = 0; + } + } +} + +void +SHA256_Final (void *res, SHA256_CTX *m) +{ + unsigned char zeros[72]; + unsigned offset = (m->sz[0] / 8) % 64; + unsigned int dstart = (120 - offset - 1) % 64 + 1; + + *zeros = 0x80; + memset (zeros + 1, 0, sizeof(zeros) - 1); + zeros[dstart+7] = (m->sz[0] >> 0) & 0xff; + zeros[dstart+6] = (m->sz[0] >> 8) & 0xff; + zeros[dstart+5] = (m->sz[0] >> 16) & 0xff; + zeros[dstart+4] = (m->sz[0] >> 24) & 0xff; + zeros[dstart+3] = (m->sz[1] >> 0) & 0xff; + zeros[dstart+2] = (m->sz[1] >> 8) & 0xff; + zeros[dstart+1] = (m->sz[1] >> 16) & 0xff; + zeros[dstart+0] = (m->sz[1] >> 24) & 0xff; + SHA256_Update (m, zeros, dstart + 8); + { + int i; + unsigned char *r = (unsigned char*)res; + + for (i = 0; i < 8; ++i) { + r[4*i+3] = m->counter[i] & 0xFF; + r[4*i+2] = (m->counter[i] >> 8) & 0xFF; + r[4*i+1] = (m->counter[i] >> 16) & 0xFF; + r[4*i] = (m->counter[i] >> 24) & 0xFF; + } + } +} |