summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorjsing <>2023-05-28 14:14:33 +0000
committerjsing <>2023-05-28 14:14:33 +0000
commit5461471aa9e2132fb780d650c80d2d98b4b596fe (patch)
treed6fae681c5e0ec19d6c3bdbbdbbe173561184559 /src
parent0eb718914decfe880abddbeaaa38a9f4085be18d (diff)
downloadopenbsd-5461471aa9e2132fb780d650c80d2d98b4b596fe.tar.gz
openbsd-5461471aa9e2132fb780d650c80d2d98b4b596fe.tar.bz2
openbsd-5461471aa9e2132fb780d650c80d2d98b4b596fe.zip
Reorder functions.
No intended functional change.
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/sha/sha256.c428
1 files changed, 214 insertions, 214 deletions
diff --git a/src/lib/libcrypto/sha/sha256.c b/src/lib/libcrypto/sha/sha256.c
index 62e7a397f6..5b536bfba7 100644
--- a/src/lib/libcrypto/sha/sha256.c
+++ b/src/lib/libcrypto/sha/sha256.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sha256.c,v 1.19 2023/05/28 13:57:27 jsing Exp $ */ 1/* $OpenBSD: sha256.c,v 1.20 2023/05/28 14:14:33 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -63,92 +63,6 @@
63 63
64#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256) 64#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
65 65
66int
67SHA224_Init(SHA256_CTX *c)
68{
69 memset (c, 0, sizeof(*c));
70
71 c->h[0] = 0xc1059ed8UL;
72 c->h[1] = 0x367cd507UL;
73 c->h[2] = 0x3070dd17UL;
74 c->h[3] = 0xf70e5939UL;
75 c->h[4] = 0xffc00b31UL;
76 c->h[5] = 0x68581511UL;
77 c->h[6] = 0x64f98fa7UL;
78 c->h[7] = 0xbefa4fa4UL;
79
80 c->md_len = SHA224_DIGEST_LENGTH;
81
82 return 1;
83}
84
85int
86SHA256_Init(SHA256_CTX *c)
87{
88 memset (c, 0, sizeof(*c));
89
90 c->h[0] = 0x6a09e667UL;
91 c->h[1] = 0xbb67ae85UL;
92 c->h[2] = 0x3c6ef372UL;
93 c->h[3] = 0xa54ff53aUL;
94 c->h[4] = 0x510e527fUL;
95 c->h[5] = 0x9b05688cUL;
96 c->h[6] = 0x1f83d9abUL;
97 c->h[7] = 0x5be0cd19UL;
98
99 c->md_len = SHA256_DIGEST_LENGTH;
100
101 return 1;
102}
103
104unsigned char *
105SHA224(const unsigned char *d, size_t n, unsigned char *md)
106{
107 SHA256_CTX c;
108 static unsigned char m[SHA224_DIGEST_LENGTH];
109
110 if (md == NULL)
111 md = m;
112
113 SHA224_Init(&c);
114 SHA256_Update(&c, d, n);
115 SHA256_Final(md, &c);
116
117 explicit_bzero(&c, sizeof(c));
118
119 return (md);
120}
121
122unsigned char *
123SHA256(const unsigned char *d, size_t n, unsigned char *md)
124{
125 SHA256_CTX c;
126 static unsigned char m[SHA256_DIGEST_LENGTH];
127
128 if (md == NULL)
129 md = m;
130
131 SHA256_Init(&c);
132 SHA256_Update(&c, d, n);
133 SHA256_Final(md, &c);
134
135 explicit_bzero(&c, sizeof(c));
136
137 return (md);
138}
139
140int
141SHA224_Update(SHA256_CTX *c, const void *data, size_t len)
142{
143 return SHA256_Update(c, data, len);
144}
145
146int
147SHA224_Final(unsigned char *md, SHA256_CTX *c)
148{
149 return SHA256_Final(md, c);
150}
151
152#define DATA_ORDER_IS_BIG_ENDIAN 66#define DATA_ORDER_IS_BIG_ENDIAN
153 67
154#define HASH_LONG SHA_LONG 68#define HASH_LONG SHA_LONG
@@ -167,133 +81,6 @@ void sha256_block_data_order (SHA256_CTX *ctx, const void *in, size_t num);
167 81
168#include "md32_common.h" 82#include "md32_common.h"
169 83
170int
171SHA256_Update(HASH_CTX *c, const void *data_, size_t len)
172{
173 const unsigned char *data = data_;
174 unsigned char *p;
175 SHA_LONG l;
176 size_t n;
177
178 if (len == 0)
179 return 1;
180
181 l = (c->Nl + (((SHA_LONG)len) << 3))&0xffffffffUL;
182 /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
183 * Wei Dai <weidai@eskimo.com> for pointing it out. */
184 if (l < c->Nl) /* overflow */
185 c->Nh++;
186 c->Nh+=(SHA_LONG)(len>>29); /* might cause compiler warning on 16-bit */
187 c->Nl = l;
188
189 n = c->num;
190 if (n != 0) {
191 p = (unsigned char *)c->data;
192
193 if (len >= SHA_CBLOCK || len + n >= SHA_CBLOCK) {
194 memcpy (p + n, data, SHA_CBLOCK - n);
195 sha256_block_data_order(c, p, 1);
196 n = SHA_CBLOCK - n;
197 data += n;
198 len -= n;
199 c->num = 0;
200 memset (p,0,SHA_CBLOCK); /* keep it zeroed */
201 } else {
202 memcpy (p + n, data, len);
203 c->num += (unsigned int)len;
204 return 1;
205 }
206 }
207
208 n = len/SHA_CBLOCK;
209 if (n > 0) {
210 sha256_block_data_order(c, data, n);
211 n *= SHA_CBLOCK;
212 data += n;
213 len -= n;
214 }
215
216 if (len != 0) {
217 p = (unsigned char *)c->data;
218 c->num = (unsigned int)len;
219 memcpy (p, data, len);
220 }
221 return 1;
222}
223
224void
225SHA256_Transform(HASH_CTX *c, const unsigned char *data)
226{
227 sha256_block_data_order(c, data, 1);
228}
229
230int
231SHA256_Final(unsigned char *md, HASH_CTX *c)
232{
233 unsigned char *p = (unsigned char *)c->data;
234 size_t n = c->num;
235 unsigned long ll;
236 unsigned int nn;
237
238 p[n] = 0x80; /* there is always room for one */
239 n++;
240
241 if (n > (SHA_CBLOCK - 8)) {
242 memset (p + n, 0, SHA_CBLOCK - n);
243 n = 0;
244 sha256_block_data_order(c, p, 1);
245 }
246 memset (p + n, 0, SHA_CBLOCK - 8 - n);
247
248 p += SHA_CBLOCK - 8;
249#if defined(DATA_ORDER_IS_BIG_ENDIAN)
250 HOST_l2c(c->Nh, p);
251 HOST_l2c(c->Nl, p);
252#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
253 HOST_l2c(c->Nl, p);
254 HOST_l2c(c->Nh, p);
255#endif
256 p -= SHA_CBLOCK;
257 sha256_block_data_order(c, p, 1);
258 c->num = 0;
259 memset (p, 0, SHA_CBLOCK);
260
261 /*
262 * Note that FIPS180-2 discusses "Truncation of the Hash Function Output."
263 * default: case below covers for it. It's not clear however if it's
264 * permitted to truncate to amount of bytes not divisible by 4. I bet not,
265 * but if it is, then default: case shall be extended. For reference.
266 * Idea behind separate cases for pre-defined lengths is to let the
267 * compiler decide if it's appropriate to unroll small loops.
268 */
269 switch (c->md_len) {
270 case SHA224_DIGEST_LENGTH:
271 for (nn = 0; nn < SHA224_DIGEST_LENGTH / 4; nn++) {
272 ll = c->h[nn];
273 HOST_l2c(ll, md);
274 }
275 break;
276
277 case SHA256_DIGEST_LENGTH:
278 for (nn = 0; nn < SHA256_DIGEST_LENGTH / 4; nn++) {
279 ll = c->h[nn];
280 HOST_l2c(ll, md);
281 }
282 break;
283
284 default:
285 if (c->md_len > SHA256_DIGEST_LENGTH)
286 return 0;
287 for (nn = 0; nn < c->md_len / 4; nn++) {
288 ll = c->h[nn];
289 HOST_l2c(ll, md);
290 }
291 break;
292 }
293
294 return 1;
295}
296
297#ifndef SHA256_ASM 84#ifndef SHA256_ASM
298static const SHA_LONG K256[64] = { 85static const SHA_LONG K256[64] = {
299 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 86 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL,
@@ -541,4 +328,217 @@ sha256_block_data_order(SHA256_CTX *ctx, const void *in, size_t num)
541#endif 328#endif
542#endif /* SHA256_ASM */ 329#endif /* SHA256_ASM */
543 330
331int
332SHA224_Init(SHA256_CTX *c)
333{
334 memset (c, 0, sizeof(*c));
335
336 c->h[0] = 0xc1059ed8UL;
337 c->h[1] = 0x367cd507UL;
338 c->h[2] = 0x3070dd17UL;
339 c->h[3] = 0xf70e5939UL;
340 c->h[4] = 0xffc00b31UL;
341 c->h[5] = 0x68581511UL;
342 c->h[6] = 0x64f98fa7UL;
343 c->h[7] = 0xbefa4fa4UL;
344
345 c->md_len = SHA224_DIGEST_LENGTH;
346
347 return 1;
348}
349
350int
351SHA224_Update(SHA256_CTX *c, const void *data, size_t len)
352{
353 return SHA256_Update(c, data, len);
354}
355
356int
357SHA224_Final(unsigned char *md, SHA256_CTX *c)
358{
359 return SHA256_Final(md, c);
360}
361
362unsigned char *
363SHA224(const unsigned char *d, size_t n, unsigned char *md)
364{
365 SHA256_CTX c;
366 static unsigned char m[SHA224_DIGEST_LENGTH];
367
368 if (md == NULL)
369 md = m;
370
371 SHA224_Init(&c);
372 SHA256_Update(&c, d, n);
373 SHA256_Final(md, &c);
374
375 explicit_bzero(&c, sizeof(c));
376
377 return (md);
378}
379
380int
381SHA256_Init(SHA256_CTX *c)
382{
383 memset (c, 0, sizeof(*c));
384
385 c->h[0] = 0x6a09e667UL;
386 c->h[1] = 0xbb67ae85UL;
387 c->h[2] = 0x3c6ef372UL;
388 c->h[3] = 0xa54ff53aUL;
389 c->h[4] = 0x510e527fUL;
390 c->h[5] = 0x9b05688cUL;
391 c->h[6] = 0x1f83d9abUL;
392 c->h[7] = 0x5be0cd19UL;
393
394 c->md_len = SHA256_DIGEST_LENGTH;
395
396 return 1;
397}
398
399int
400SHA256_Update(HASH_CTX *c, const void *data_, size_t len)
401{
402 const unsigned char *data = data_;
403 unsigned char *p;
404 SHA_LONG l;
405 size_t n;
406
407 if (len == 0)
408 return 1;
409
410 l = (c->Nl + (((SHA_LONG)len) << 3))&0xffffffffUL;
411 /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
412 * Wei Dai <weidai@eskimo.com> for pointing it out. */
413 if (l < c->Nl) /* overflow */
414 c->Nh++;
415 c->Nh+=(SHA_LONG)(len>>29); /* might cause compiler warning on 16-bit */
416 c->Nl = l;
417
418 n = c->num;
419 if (n != 0) {
420 p = (unsigned char *)c->data;
421
422 if (len >= SHA_CBLOCK || len + n >= SHA_CBLOCK) {
423 memcpy (p + n, data, SHA_CBLOCK - n);
424 sha256_block_data_order(c, p, 1);
425 n = SHA_CBLOCK - n;
426 data += n;
427 len -= n;
428 c->num = 0;
429 memset (p,0,SHA_CBLOCK); /* keep it zeroed */
430 } else {
431 memcpy (p + n, data, len);
432 c->num += (unsigned int)len;
433 return 1;
434 }
435 }
436
437 n = len/SHA_CBLOCK;
438 if (n > 0) {
439 sha256_block_data_order(c, data, n);
440 n *= SHA_CBLOCK;
441 data += n;
442 len -= n;
443 }
444
445 if (len != 0) {
446 p = (unsigned char *)c->data;
447 c->num = (unsigned int)len;
448 memcpy (p, data, len);
449 }
450 return 1;
451}
452
453void
454SHA256_Transform(HASH_CTX *c, const unsigned char *data)
455{
456 sha256_block_data_order(c, data, 1);
457}
458
459int
460SHA256_Final(unsigned char *md, HASH_CTX *c)
461{
462 unsigned char *p = (unsigned char *)c->data;
463 size_t n = c->num;
464 unsigned long ll;
465 unsigned int nn;
466
467 p[n] = 0x80; /* there is always room for one */
468 n++;
469
470 if (n > (SHA_CBLOCK - 8)) {
471 memset (p + n, 0, SHA_CBLOCK - n);
472 n = 0;
473 sha256_block_data_order(c, p, 1);
474 }
475 memset (p + n, 0, SHA_CBLOCK - 8 - n);
476
477 p += SHA_CBLOCK - 8;
478#if defined(DATA_ORDER_IS_BIG_ENDIAN)
479 HOST_l2c(c->Nh, p);
480 HOST_l2c(c->Nl, p);
481#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
482 HOST_l2c(c->Nl, p);
483 HOST_l2c(c->Nh, p);
484#endif
485 p -= SHA_CBLOCK;
486 sha256_block_data_order(c, p, 1);
487 c->num = 0;
488 memset (p, 0, SHA_CBLOCK);
489
490 /*
491 * Note that FIPS180-2 discusses "Truncation of the Hash Function Output."
492 * default: case below covers for it. It's not clear however if it's
493 * permitted to truncate to amount of bytes not divisible by 4. I bet not,
494 * but if it is, then default: case shall be extended. For reference.
495 * Idea behind separate cases for pre-defined lengths is to let the
496 * compiler decide if it's appropriate to unroll small loops.
497 */
498 switch (c->md_len) {
499 case SHA224_DIGEST_LENGTH:
500 for (nn = 0; nn < SHA224_DIGEST_LENGTH / 4; nn++) {
501 ll = c->h[nn];
502 HOST_l2c(ll, md);
503 }
504 break;
505
506 case SHA256_DIGEST_LENGTH:
507 for (nn = 0; nn < SHA256_DIGEST_LENGTH / 4; nn++) {
508 ll = c->h[nn];
509 HOST_l2c(ll, md);
510 }
511 break;
512
513 default:
514 if (c->md_len > SHA256_DIGEST_LENGTH)
515 return 0;
516 for (nn = 0; nn < c->md_len / 4; nn++) {
517 ll = c->h[nn];
518 HOST_l2c(ll, md);
519 }
520 break;
521 }
522
523 return 1;
524}
525
526unsigned char *
527SHA256(const unsigned char *d, size_t n, unsigned char *md)
528{
529 SHA256_CTX c;
530 static unsigned char m[SHA256_DIGEST_LENGTH];
531
532 if (md == NULL)
533 md = m;
534
535 SHA256_Init(&c);
536 SHA256_Update(&c, d, n);
537 SHA256_Final(md, &c);
538
539 explicit_bzero(&c, sizeof(c));
540
541 return (md);
542}
543
544#endif /* OPENSSL_NO_SHA256 */ 544#endif /* OPENSSL_NO_SHA256 */
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-30 06:04:00 +0000