summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjsing <>2024-03-28 10:45:30 +0000
committerjsing <>2024-03-28 10:45:30 +0000
commit11fe56cdd5d89a1badff9ce2a1296b29e07c6a9d (patch)
treee3956536b47c5eae3db9ce00b87d643276c20154
parentb9e4c1bd08b30bbc8cabb0fbc82ec373329c8993 (diff)
downloadopenbsd-11fe56cdd5d89a1badff9ce2a1296b29e07c6a9d.tar.gz
openbsd-11fe56cdd5d89a1badff9ce2a1296b29e07c6a9d.tar.bz2
openbsd-11fe56cdd5d89a1badff9ce2a1296b29e07c6a9d.zip
Rework loads and stores in ripemd.
Replace loads with crypto_load_le32toh() or le32toh(). Use crypto_store_htole32() or htole32() for stores. ok joshua@ tb@
Diffstat
-rw-r--r--src/lib/libcrypto/ripemd/ripemd.c127
1 files changed, 53 insertions, 74 deletions
diff --git a/src/lib/libcrypto/ripemd/ripemd.c b/src/lib/libcrypto/ripemd/ripemd.c
index 5f9d9b8d42..3a229d204a 100644
--- a/src/lib/libcrypto/ripemd/ripemd.c
+++ b/src/lib/libcrypto/ripemd/ripemd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ripemd.c,v 1.16 2024/03/28 07:29:41 jsing Exp $ */ 1/* $OpenBSD: ripemd.c,v 1.17 2024/03/28 10:45:30 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -70,22 +70,6 @@
70/* Ensure that SHA_LONG and uint32_t are equivalent sizes. */ 70/* Ensure that SHA_LONG and uint32_t are equivalent sizes. */
71CTASSERT(sizeof(RIPEMD160_LONG) == sizeof(uint32_t)); 71CTASSERT(sizeof(RIPEMD160_LONG) == sizeof(uint32_t));
72 72
73#define DATA_ORDER_IS_LITTLE_ENDIAN
74
75#define HASH_LONG RIPEMD160_LONG
76#define HASH_CTX RIPEMD160_CTX
77#define HASH_CBLOCK RIPEMD160_CBLOCK
78#define HASH_UPDATE RIPEMD160_Update
79#define HASH_TRANSFORM RIPEMD160_Transform
80#define HASH_FINAL RIPEMD160_Final
81#define HASH_BLOCK_DATA_ORDER ripemd160_block_data_order
82
83#define HASH_NO_UPDATE
84#define HASH_NO_TRANSFORM
85#define HASH_NO_FINAL
86
87#include "md32_common.h"
88
89#if 0 73#if 0
90#define F1(x,y,z) ((x)^(y)^(z)) 74#define F1(x,y,z) ((x)^(y)^(z))
91#define F2(x,y,z) (((x)&(y))|((~x)&z)) 75#define F2(x,y,z) (((x)&(y))|((~x)&z))
@@ -141,68 +125,76 @@ CTASSERT(sizeof(RIPEMD160_LONG) == sizeof(uint32_t));
141 c=crypto_rol_u32(c,10); } 125 c=crypto_rol_u32(c,10); }
142 126
143static void 127static void
144ripemd160_block_data_order(RIPEMD160_CTX *ctx, const void *p, size_t num) 128ripemd160_block_data_order(RIPEMD160_CTX *ctx, const void *_in, size_t num)
145{ 129{
146 const unsigned char *data = p; 130 const uint8_t *in = _in;
131 const RIPEMD160_LONG *in32;
147 unsigned int A, B, C, D, E; 132 unsigned int A, B, C, D, E;
148 unsigned int a, b, c, d, e, l; 133 unsigned int a, b, c, d, e;
149 unsigned int X0, X1, X2, X3, X4, X5, X6, X7, 134 unsigned int X0, X1, X2, X3, X4, X5, X6, X7,
150 X8, X9, X10, X11, X12, X13, X14, X15; 135 X8, X9, X10, X11, X12, X13, X14, X15;
151 136
152 for (; num--; ) { 137 for (; num--; ) {
153
154 A = ctx->A; 138 A = ctx->A;
155 B = ctx->B; 139 B = ctx->B;
156 C = ctx->C; 140 C = ctx->C;
157 D = ctx->D; 141 D = ctx->D;
158 E = ctx->E; 142 E = ctx->E;
159 143
160 HOST_c2l(data, l); 144 if ((uintptr_t)in % 4 == 0) {
161 X0 = l; 145 /* Input is 32 bit aligned. */
162 HOST_c2l(data, l); 146 in32 = (const RIPEMD160_LONG *)in;
163 X1 = l; 147 X0 = le32toh(in32[0]);
148 X1 = le32toh(in32[1]);
149 X2 = le32toh(in32[2]);
150 X3 = le32toh(in32[3]);
151 X4 = le32toh(in32[4]);
152 X5 = le32toh(in32[5]);
153 X6 = le32toh(in32[6]);
154 X7 = le32toh(in32[7]);
155 X8 = le32toh(in32[8]);
156 X9 = le32toh(in32[9]);
157 X10 = le32toh(in32[10]);
158 X11 = le32toh(in32[11]);
159 X12 = le32toh(in32[12]);
160 X13 = le32toh(in32[13]);
161 X14 = le32toh(in32[14]);
162 X15 = le32toh(in32[15]);
163 } else {
164 /* Input is not 32 bit aligned. */
165 X0 = crypto_load_le32toh(&in[0 * 4]);
166 X1 = crypto_load_le32toh(&in[1 * 4]);
167 X2 = crypto_load_le32toh(&in[2 * 4]);
168 X3 = crypto_load_le32toh(&in[3 * 4]);
169 X4 = crypto_load_le32toh(&in[4 * 4]);
170 X5 = crypto_load_le32toh(&in[5 * 4]);
171 X6 = crypto_load_le32toh(&in[6 * 4]);
172 X7 = crypto_load_le32toh(&in[7 * 4]);
173 X8 = crypto_load_le32toh(&in[8 * 4]);
174 X9 = crypto_load_le32toh(&in[9 * 4]);
175 X10 = crypto_load_le32toh(&in[10 * 4]);
176 X11 = crypto_load_le32toh(&in[11 * 4]);
177 X12 = crypto_load_le32toh(&in[12 * 4]);
178 X13 = crypto_load_le32toh(&in[13 * 4]);
179 X14 = crypto_load_le32toh(&in[14 * 4]);
180 X15 = crypto_load_le32toh(&in[15 * 4]);
181 }
182 in += RIPEMD160_CBLOCK;
183
164 RIP1(A, B, C, D, E, X0, 11); 184 RIP1(A, B, C, D, E, X0, 11);
165 HOST_c2l(data, l);
166 X2 = l;
167 RIP1(E, A, B, C, D, X1, 14); 185 RIP1(E, A, B, C, D, X1, 14);
168 HOST_c2l(data, l);
169 X3 = l;
170 RIP1(D, E, A, B, C, X2, 15); 186 RIP1(D, E, A, B, C, X2, 15);
171 HOST_c2l(data, l);
172 X4 = l;
173 RIP1(C, D, E, A, B, X3, 12); 187 RIP1(C, D, E, A, B, X3, 12);
174 HOST_c2l(data, l);
175 X5 = l;
176 RIP1(B, C, D, E, A, X4, 5); 188 RIP1(B, C, D, E, A, X4, 5);
177 HOST_c2l(data, l);
178 X6 = l;
179 RIP1(A, B, C, D, E, X5, 8); 189 RIP1(A, B, C, D, E, X5, 8);
180 HOST_c2l(data, l);
181 X7 = l;
182 RIP1(E, A, B, C, D, X6, 7); 190 RIP1(E, A, B, C, D, X6, 7);
183 HOST_c2l(data, l);
184 X8 = l;
185 RIP1(D, E, A, B, C, X7, 9); 191 RIP1(D, E, A, B, C, X7, 9);
186 HOST_c2l(data, l);
187 X9 = l;
188 RIP1(C, D, E, A, B, X8, 11); 192 RIP1(C, D, E, A, B, X8, 11);
189 HOST_c2l(data, l);
190 X10 = l;
191 RIP1(B, C, D, E, A, X9, 13); 193 RIP1(B, C, D, E, A, X9, 13);
192 HOST_c2l(data, l);
193 X11 = l;
194 RIP1(A, B, C, D, E, X10, 14); 194 RIP1(A, B, C, D, E, X10, 14);
195 HOST_c2l(data, l);
196 X12 = l;
197 RIP1(E, A, B, C, D, X11, 15); 195 RIP1(E, A, B, C, D, X11, 15);
198 HOST_c2l(data, l);
199 X13 = l;
200 RIP1(D, E, A, B, C, X12, 6); 196 RIP1(D, E, A, B, C, X12, 6);
201 HOST_c2l(data, l);
202 X14 = l;
203 RIP1(C, D, E, A, B, X13, 7); 197 RIP1(C, D, E, A, B, X13, 7);
204 HOST_c2l(data, l);
205 X15 = l;
206 RIP1(B, C, D, E, A, X14, 9); 198 RIP1(B, C, D, E, A, X14, 9);
207 RIP1(A, B, C, D, E, X15, 8); 199 RIP1(A, B, C, D, E, X15, 8);
208 200
@@ -377,7 +369,6 @@ ripemd160_block_data_order(RIPEMD160_CTX *ctx, const void *p, size_t num)
377 ctx->D = ctx->E + a + B; 369 ctx->D = ctx->E + a + B;
378 ctx->E = ctx->A + b + C; 370 ctx->E = ctx->A + b + C;
379 ctx->A = D; 371 ctx->A = D;
380
381 } 372 }
382} 373}
383 374
@@ -460,7 +451,6 @@ RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c)
460{ 451{
461 unsigned char *p = (unsigned char *)c->data; 452 unsigned char *p = (unsigned char *)c->data;
462 size_t n = c->num; 453 size_t n = c->num;
463 unsigned long ll;
464 454
465 p[n] = 0x80; /* there is always room for one */ 455 p[n] = 0x80; /* there is always room for one */
466 n++; 456 n++;
@@ -470,31 +460,20 @@ RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c)
470 n = 0; 460 n = 0;
471 ripemd160_block_data_order(c, p, 1); 461 ripemd160_block_data_order(c, p, 1);
472 } 462 }
463
473 memset(p + n, 0, RIPEMD160_CBLOCK - 8 - n); 464 memset(p + n, 0, RIPEMD160_CBLOCK - 8 - n);
465 c->data[RIPEMD160_LBLOCK - 2] = htole32(c->Nl);
466 c->data[RIPEMD160_LBLOCK - 1] = htole32(c->Nh);
474 467
475 p += RIPEMD160_CBLOCK - 8;
476#if defined(DATA_ORDER_IS_BIG_ENDIAN)
477 HOST_l2c(c->Nh, p);
478 HOST_l2c(c->Nl, p);
479#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
480 HOST_l2c(c->Nl, p);
481 HOST_l2c(c->Nh, p);
482#endif
483 p -= RIPEMD160_CBLOCK;
484 ripemd160_block_data_order(c, p, 1); 468 ripemd160_block_data_order(c, p, 1);
485 c->num = 0; 469 c->num = 0;
486 memset(p, 0, RIPEMD160_CBLOCK); 470 memset(p, 0, RIPEMD160_CBLOCK);
487 471
488 ll = c->A; 472 crypto_store_htole32(&md[0 * 4], c->A);
489 HOST_l2c(ll, md); 473 crypto_store_htole32(&md[1 * 4], c->B);
490 ll = c->B; 474 crypto_store_htole32(&md[2 * 4], c->C);
491 HOST_l2c(ll, md); 475 crypto_store_htole32(&md[3 * 4], c->D);
492 ll = c->C; 476 crypto_store_htole32(&md[4 * 4], c->E);
493 HOST_l2c(ll, md);
494 ll = c->D;
495 HOST_l2c(ll, md);
496 ll = c->E;
497 HOST_l2c(ll, md);
498 477
499 return 1; 478 return 1;
500} 479}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 15:19:35 +0000