1 files changed, 45 insertions, 13 deletions
diff --git a/libbb/hash_md5_sha.c b/libbb/hash_md5_sha.c
index 75a61c32c..9ebda232a 100644
--- a/libbb/hash_md5_sha.c
+++ b/libbb/hash_md5_sha.c
@@ -11,7 +11,7 @@
 #define STR1(s) #s
 #define STR(s) STR1(s)
-#define NEED_SHA512 (ENABLE_SHA512SUM || ENABLE_USE_BB_CRYPT_SHA)
+#define NEED_SHA512 (ENABLE_SHA512SUM || ENABLE_SHA384SUM || ENABLE_USE_BB_CRYPT_SHA)
 #if ENABLE_SHA1_HWACCEL || ENABLE_SHA256_HWACCEL
 # if defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__))
@@ -1032,7 +1032,7 @@ static const sha_K_int sha_K[] ALIGN8 = {
        K(0x84c87814a1f0ab72ULL), K(0x8cc702081a6439ecULL),
        K(0x90befffa23631e28ULL), K(0xa4506cebde82bde9ULL),
        K(0xbef9a3f7b2c67915ULL), K(0xc67178f2e372532bULL),
-#if NEED_SHA512  /* [64]+ are used for sha512 only */
+#if NEED_SHA512  /* [64]+ are used for sha384 and sha512 only */
        K(0xca273eceea26619cULL), K(0xd186b8c721c0c207ULL),
        K(0xeada7dd6cde0eb1eULL), K(0xf57d4f7fee6ed178ULL),
        K(0x06f067aa72176fbaULL), K(0x0a637dc5a2c898a6ULL),
@@ -1229,11 +1229,20 @@ static const uint32_t init512_lo[] ALIGN4 = {
        0x137e2179,
 };
 #endif /* NEED_SHA512 */
+#if ENABLE_SHA384SUM
-// Note: SHA-384 is identical to SHA-512, except that initial hash values are
+static const uint64_t init384[] ALIGN8 = {
-// 0xcbbb9d5dc1059ed8, 0x629a292a367cd507, 0x9159015a3070dd17, 0x152fecd8f70e5939,
+        0,
-// 0x67332667ffc00b31, 0x8eb44a8768581511, 0xdb0c2e0d64f98fa7, 0x47b5481dbefa4fa4,
+        0,
-// and the output is constructed by omitting last two 64-bit words of it.
+        0xcbbb9d5dc1059ed8,
+        0x629a292a367cd507,
+        0x9159015a3070dd17,
+        0x152fecd8f70e5939,
+        0x67332667ffc00b31,
+        0x8eb44a8768581511,
+        0xdb0c2e0d64f98fa7,
+        0x47b5481dbefa4fa4,
+};
+#endif
 /* Initialize structure containing state of computation.
   (FIPS 180-2:5.3.2)  */
@@ -1255,9 +1264,19 @@ void FAST_FUNC sha256_begin(sha256_ctx_t *ctx)
 #endif
 }
-#if NEED_SHA512
+#if ENABLE_SHA384SUM
 /* Initialize structure containing state of computation.
   (FIPS 180-2:5.3.3)  */
+void FAST_FUNC sha384_begin(sha512_ctx_t *ctx)
+{
+        memcpy(&ctx->total64, init384, sizeof(init384));
+        /*ctx->total64[0] = ctx->total64[1] = 0; - already done */
+}
+#endif
+#if NEED_SHA512
+/* Initialize structure containing state of computation.
+   (FIPS 180-2:5.3.4)  */
 void FAST_FUNC sha512_begin(sha512_ctx_t *ctx)
 {
        int i;
@@ -1332,7 +1351,7 @@ unsigned FAST_FUNC sha1_end(sha1_ctx_t *ctx, void *resbuf)
 }
 #if NEED_SHA512
-unsigned FAST_FUNC sha512_end(sha512_ctx_t *ctx, void *resbuf)
+static unsigned FAST_FUNC sha512384_end(sha512_ctx_t *ctx, void *resbuf, unsigned outsize)
 {
        unsigned bufpos = ctx->total64[0] & 127;
@@ -1363,11 +1382,21 @@ unsigned FAST_FUNC sha512_end(sha512_ctx_t *ctx, void *resbuf)
                for (i = 0; i < ARRAY_SIZE(ctx->hash); ++i)
                        ctx->hash[i] = SWAP_BE64(ctx->hash[i]);
        }
-        memcpy(resbuf, ctx->hash, sizeof(ctx->hash));
+        memcpy(resbuf, ctx->hash, outsize);
-        return sizeof(ctx->hash);
+        return outsize;
+}
+unsigned FAST_FUNC sha512_end(sha384_ctx_t *ctx, void *resbuf)
+{
+        return sha512384_end(ctx, resbuf, SHA512_OUTSIZE);
 }
 #endif /* NEED_SHA512 */
+#if ENABLE_SHA384SUM
+unsigned FAST_FUNC sha384_end(sha384_ctx_t *ctx, void *resbuf)
+{
+        return sha512384_end(ctx, resbuf, SHA384_OUTSIZE);
+}
+#endif
 /*
 * The Keccak sponge function, designed by Guido Bertoni, Joan Daemen,
@@ -1904,6 +1933,8 @@ void FAST_FUNC sha3_hash(sha3_ctx_t *ctx, const void *buffer, size_t len)
 unsigned FAST_FUNC sha3_end(sha3_ctx_t *ctx, void *resbuf)
 {
+        unsigned hash_len;
        /* Padding */
        uint8_t *buf = (uint8_t*)ctx->state;
        /*
@@ -1926,6 +1957,7 @@ unsigned FAST_FUNC sha3_end(sha3_ctx_t *ctx, void *resbuf)
        sha3_process_block72(ctx->state);
        /* Output */
-        memcpy(resbuf, ctx->state, 64);
+        hash_len = (1600/8 - ctx->input_block_bytes) / 2;
-        return 64;
+        memcpy(resbuf, ctx->state, hash_len);
+        return hash_len;
 }

diff --git a/libbb/hash_md5_sha.c b/libbb/hash_md5_sha.c index 75a61c32c..9ebda232a 100644 --- a/libbb/hash_md5_sha.c +++ b/libbb/hash_md5_sha.c
@@ -11,7 +11,7 @@
11	#define STR1(s) #s	11	#define STR1(s) #s
12	#define STR(s) STR1(s)	12	#define STR(s) STR1(s)
13		13
14	#define NEED_SHA512 (ENABLE_SHA512SUM \|\| ENABLE_USE_BB_CRYPT_SHA)	14	#define NEED_SHA512 (ENABLE_SHA512SUM \|\| ENABLE_SHA384SUM \|\| ENABLE_USE_BB_CRYPT_SHA)
15		15
16	#if ENABLE_SHA1_HWACCEL \|\| ENABLE_SHA256_HWACCEL	16	#if ENABLE_SHA1_HWACCEL \|\| ENABLE_SHA256_HWACCEL
17	# if defined(__GNUC__) && (defined(__i386__) \|\| defined(__x86_64__))	17	# if defined(__GNUC__) && (defined(__i386__) \|\| defined(__x86_64__))
@@ -1032,7 +1032,7 @@ static const sha_K_int sha_K[] ALIGN8 = {
1032	K(0x84c87814a1f0ab72ULL), K(0x8cc702081a6439ecULL),	1032	K(0x84c87814a1f0ab72ULL), K(0x8cc702081a6439ecULL),
1033	K(0x90befffa23631e28ULL), K(0xa4506cebde82bde9ULL),	1033	K(0x90befffa23631e28ULL), K(0xa4506cebde82bde9ULL),
1034	K(0xbef9a3f7b2c67915ULL), K(0xc67178f2e372532bULL),	1034	K(0xbef9a3f7b2c67915ULL), K(0xc67178f2e372532bULL),
1035	#if NEED_SHA512 /* [64]+ are used for sha512 only */	1035	#if NEED_SHA512 /* [64]+ are used for sha384 and sha512 only */
1036	K(0xca273eceea26619cULL), K(0xd186b8c721c0c207ULL),	1036	K(0xca273eceea26619cULL), K(0xd186b8c721c0c207ULL),
1037	K(0xeada7dd6cde0eb1eULL), K(0xf57d4f7fee6ed178ULL),	1037	K(0xeada7dd6cde0eb1eULL), K(0xf57d4f7fee6ed178ULL),
1038	K(0x06f067aa72176fbaULL), K(0x0a637dc5a2c898a6ULL),	1038	K(0x06f067aa72176fbaULL), K(0x0a637dc5a2c898a6ULL),
@@ -1229,11 +1229,20 @@ static const uint32_t init512_lo[] ALIGN4 = {
1229	0x137e2179,	1229	0x137e2179,
1230	};	1230	};
1231	#endif /* NEED_SHA512 */	1231	#endif /* NEED_SHA512 */
1232		1232	#if ENABLE_SHA384SUM
1233	// Note: SHA-384 is identical to SHA-512, except that initial hash values are	1233	static const uint64_t init384[] ALIGN8 = {
1234	// 0xcbbb9d5dc1059ed8, 0x629a292a367cd507, 0x9159015a3070dd17, 0x152fecd8f70e5939,	1234	0,
1235	// 0x67332667ffc00b31, 0x8eb44a8768581511, 0xdb0c2e0d64f98fa7, 0x47b5481dbefa4fa4,	1235	0,
1236	// and the output is constructed by omitting last two 64-bit words of it.	1236	0xcbbb9d5dc1059ed8,
		1237	0x629a292a367cd507,
		1238	0x9159015a3070dd17,
		1239	0x152fecd8f70e5939,
		1240	0x67332667ffc00b31,
		1241	0x8eb44a8768581511,
		1242	0xdb0c2e0d64f98fa7,
		1243	0x47b5481dbefa4fa4,
		1244	};
		1245	#endif
1237		1246
1238	/* Initialize structure containing state of computation.	1247	/* Initialize structure containing state of computation.
1239	(FIPS 180-2:5.3.2) */	1248	(FIPS 180-2:5.3.2) */
@@ -1255,9 +1264,19 @@ void FAST_FUNC sha256_begin(sha256_ctx_t *ctx)
1255	#endif	1264	#endif
1256	}	1265	}
1257		1266
1258	#if NEED_SHA512	1267	#if ENABLE_SHA384SUM
1259	/* Initialize structure containing state of computation.	1268	/* Initialize structure containing state of computation.
1260	(FIPS 180-2:5.3.3) */	1269	(FIPS 180-2:5.3.3) */
		1270	void FAST_FUNC sha384_begin(sha512_ctx_t *ctx)
		1271	{
		1272	memcpy(&ctx->total64, init384, sizeof(init384));
		1273	/ctx->total64[0] = ctx->total64[1] = 0; - already done /
		1274	}
		1275	#endif
		1276
		1277	#if NEED_SHA512
		1278	/* Initialize structure containing state of computation.
		1279	(FIPS 180-2:5.3.4) */
1261	void FAST_FUNC sha512_begin(sha512_ctx_t *ctx)	1280	void FAST_FUNC sha512_begin(sha512_ctx_t *ctx)
1262	{	1281	{
1263	int i;	1282	int i;
@@ -1332,7 +1351,7 @@ unsigned FAST_FUNC sha1_end(sha1_ctx_t ctx, void resbuf)
1332	}	1351	}
1333		1352
1334	#if NEED_SHA512	1353	#if NEED_SHA512
1335	unsigned FAST_FUNC sha512_end(sha512_ctx_t ctx, void resbuf)	1354	static unsigned FAST_FUNC sha512384_end(sha512_ctx_t ctx, void resbuf, unsigned outsize)
1336	{	1355	{
1337	unsigned bufpos = ctx->total64[0] & 127;	1356	unsigned bufpos = ctx->total64[0] & 127;
1338		1357
@@ -1363,11 +1382,21 @@ unsigned FAST_FUNC sha512_end(sha512_ctx_t ctx, void resbuf)
1363	for (i = 0; i < ARRAY_SIZE(ctx->hash); ++i)	1382	for (i = 0; i < ARRAY_SIZE(ctx->hash); ++i)
1364	ctx->hash[i] = SWAP_BE64(ctx->hash[i]);	1383	ctx->hash[i] = SWAP_BE64(ctx->hash[i]);
1365	}	1384	}
1366	memcpy(resbuf, ctx->hash, sizeof(ctx->hash));	1385	memcpy(resbuf, ctx->hash, outsize);
1367	return sizeof(ctx->hash);	1386	return outsize;
		1387	}
		1388	unsigned FAST_FUNC sha512_end(sha384_ctx_t ctx, void resbuf)
		1389	{
		1390	return sha512384_end(ctx, resbuf, SHA512_OUTSIZE);
1368	}	1391	}
1369	#endif /* NEED_SHA512 */	1392	#endif /* NEED_SHA512 */
1370		1393
		1394	#if ENABLE_SHA384SUM
		1395	unsigned FAST_FUNC sha384_end(sha384_ctx_t ctx, void resbuf)
		1396	{
		1397	return sha512384_end(ctx, resbuf, SHA384_OUTSIZE);
		1398	}
		1399	#endif
1371		1400
1372	/*	1401	/*
1373	* The Keccak sponge function, designed by Guido Bertoni, Joan Daemen,	1402	* The Keccak sponge function, designed by Guido Bertoni, Joan Daemen,
@@ -1904,6 +1933,8 @@ void FAST_FUNC sha3_hash(sha3_ctx_t ctx, const void buffer, size_t len)
1904		1933
1905	unsigned FAST_FUNC sha3_end(sha3_ctx_t ctx, void resbuf)	1934	unsigned FAST_FUNC sha3_end(sha3_ctx_t ctx, void resbuf)
1906	{	1935	{
		1936	unsigned hash_len;
		1937
1907	/* Padding */	1938	/* Padding */
1908	uint8_t buf = (uint8_t)ctx->state;	1939	uint8_t buf = (uint8_t)ctx->state;
1909	/*	1940	/*
@@ -1926,6 +1957,7 @@ unsigned FAST_FUNC sha3_end(sha3_ctx_t ctx, void resbuf)
1926	sha3_process_block72(ctx->state);	1957	sha3_process_block72(ctx->state);
1927		1958
1928	/* Output */	1959	/* Output */
1929	memcpy(resbuf, ctx->state, 64);	1960	hash_len = (1600/8 - ctx->input_block_bytes) / 2;
1930	return 64;	1961	memcpy(resbuf, ctx->state, hash_len);
		1962	return hash_len;
1931	}	1963	}