Simplify handling of big vs little endian.

Rather than sprinkling BYTE_ORDER checks throughout the implementation, always define PULL64 - on big endian platforms it just becomes a no-op. ok tb@
author: jsing <> 2023-04-11 10:35:21 +0000
committer: jsing <> 2023-04-11 10:35:21 +0000
commit: 7445aed7e7c22eae7ddd865c8c411f93062e2980 (patch)
tree: 17a18c920e3d0d77be1f6c3d4827d30b005e25bf /src
parent: d2cfdbe432244322c9b6c8f9cc9c6cbfc56b95c1 (diff)
download: openbsd-7445aed7e7c22eae7ddd865c8c411f93062e2980.tar.gz
openbsd-7445aed7e7c22eae7ddd865c8c411f93062e2980.tar.bz2
openbsd-7445aed7e7c22eae7ddd865c8c411f93062e2980.zip
1 files changed, 5 insertions, 40 deletions
diff --git a/src/lib/libcrypto/sha/sha512.c b/src/lib/libcrypto/sha/sha512.c
index 9b4b2cf337..8c78f826c8 100644
--- a/src/lib/libcrypto/sha/sha512.c
+++ b/src/lib/libcrypto/sha/sha512.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sha512.c,v 1.27 2023/04/11 10:32:21 jsing Exp $ */
+/* $OpenBSD: sha512.c,v 1.28 2023/04/11 10:35:21 jsing Exp $ */
 /* ====================================================================
 * Copyright (c) 1998-2011 The OpenSSL Project.  All rights reserved.
 *
@@ -142,9 +142,13 @@ static const SHA_LONG64 K512[80] = {
 #endif
 #ifndef PULL64
+#if BYTE_ORDER == BIG_ENDIAN
+#define PULL64(x)       (x)
+#else
 #define B(x, j)         (((SHA_LONG64)(*(((const unsigned char *)(&x))+j)))<<((7-j)*8))
 #define PULL64(x)       (B(x,0)|B(x,1)|B(x,2)|B(x,3)|B(x,4)|B(x,5)|B(x,6)|B(x,7))
 #endif
+#endif
 #ifndef ROTR
 #define ROTR(x, s)      (((x)>>s) | (x)<<(64-s))
@@ -242,11 +246,7 @@ sha512_block_data_order(SHA512_CTX *ctx, const void *in, size_t num)
                h = ctx->h[7];
                for (i = 0; i < 16; i++) {
-#if BYTE_ORDER == BIG_ENDIAN
-                        T1 = X[i] = W[i];
-#else
                        T1 = X[i] = PULL64(W[i]);
-#endif
                        T1 += h + Sigma1(e) + Ch(e, f, g) + K512[i];
                        T2 = Sigma0(a) + Maj(a, b, c);
                        h = g;
@@ -323,40 +323,6 @@ sha512_block_data_order(SHA512_CTX *ctx, const void *in, size_t num)
                g = ctx->h[6];
                h = ctx->h[7];
-#if BYTE_ORDER == BIG_ENDIAN
-                T1 = X[0] = W[0];
-                ROUND_00_15(0, a, b, c, d, e, f, g, h);
-                T1 = X[1] = W[1];
-                ROUND_00_15(1, h, a, b, c, d, e, f, g);
-                T1 = X[2] = W[2];
-                ROUND_00_15(2, g, h, a, b, c, d, e, f);
-                T1 = X[3] = W[3];
-                ROUND_00_15(3, f, g, h, a, b, c, d, e);
-                T1 = X[4] = W[4];
-                ROUND_00_15(4, e, f, g, h, a, b, c, d);
-                T1 = X[5] = W[5];
-                ROUND_00_15(5, d, e, f, g, h, a, b, c);
-                T1 = X[6] = W[6];
-                ROUND_00_15(6, c, d, e, f, g, h, a, b);
-                T1 = X[7] = W[7];
-                ROUND_00_15(7, b, c, d, e, f, g, h, a);
-                T1 = X[8] = W[8];
-                ROUND_00_15(8, a, b, c, d, e, f, g, h);
-                T1 = X[9] = W[9];
-                ROUND_00_15(9, h, a, b, c, d, e, f, g);
-                T1 = X[10] = W[10];
-                ROUND_00_15(10, g, h, a, b, c, d, e, f);
-                T1 = X[11] = W[11];
-                ROUND_00_15(11, f, g, h, a, b, c, d, e);
-                T1 = X[12] = W[12];
-                ROUND_00_15(12, e, f, g, h, a, b, c, d);
-                T1 = X[13] = W[13];
-                ROUND_00_15(13, d, e, f, g, h, a, b, c);
-                T1 = X[14] = W[14];
-                ROUND_00_15(14, c, d, e, f, g, h, a, b);
-                T1 = X[15] = W[15];
-                ROUND_00_15(15, b, c, d, e, f, g, h, a);
-#else
                T1 = X[0] = PULL64(W[0]);
                ROUND_00_15(0, a, b, c, d, e, f, g, h);
                T1 = X[1] = PULL64(W[1]);
@@ -389,7 +355,6 @@ sha512_block_data_order(SHA512_CTX *ctx, const void *in, size_t num)
                ROUND_00_15(14, c, d, e, f, g, h, a, b);
                T1 = X[15] = PULL64(W[15]);
                ROUND_00_15(15, b, c, d, e, f, g, h, a);
-#endif
                for (i = 16; i < 80; i += 16) {
                        ROUND_16_80(i, 0, a, b, c, d, e, f, g, h, X);
author	jsing <>	2023-04-11 10:35:21 +0000
committer	jsing <>	2023-04-11 10:35:21 +0000
commit	7445aed7e7c22eae7ddd865c8c411f93062e2980 (patch)
tree	17a18c920e3d0d77be1f6c3d4827d30b005e25bf /src
parent	d2cfdbe432244322c9b6c8f9cc9c6cbfc56b95c1 (diff)
download	openbsd-7445aed7e7c22eae7ddd865c8c411f93062e2980.tar.gz openbsd-7445aed7e7c22eae7ddd865c8c411f93062e2980.tar.bz2 openbsd-7445aed7e7c22eae7ddd865c8c411f93062e2980.zip

diff --git a/src/lib/libcrypto/sha/sha512.c b/src/lib/libcrypto/sha/sha512.c index 9b4b2cf337..8c78f826c8 100644 --- a/src/lib/libcrypto/sha/sha512.c +++ b/src/lib/libcrypto/sha/sha512.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: sha512.c,v 1.27 2023/04/11 10:32:21 jsing Exp $ */	1	/* $OpenBSD: sha512.c,v 1.28 2023/04/11 10:35:21 jsing Exp $ */
2	/* ====================================================================	2	/* ====================================================================
3	* Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved.	3	* Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved.
4	*	4	*
@@ -142,9 +142,13 @@ static const SHA_LONG64 K512[80] = {
142	#endif	142	#endif
143		143
144	#ifndef PULL64	144	#ifndef PULL64
		145	#if BYTE_ORDER == BIG_ENDIAN
		146	#define PULL64(x) (x)
		147	#else
145	#define B(x, j) (((SHA_LONG64)((((const unsigned char )(&x))+j)))<<((7-j)*8))	148	#define B(x, j) (((SHA_LONG64)((((const unsigned char )(&x))+j)))<<((7-j)*8))
146	#define PULL64(x) (B(x,0)\|B(x,1)\|B(x,2)\|B(x,3)\|B(x,4)\|B(x,5)\|B(x,6)\|B(x,7))	149	#define PULL64(x) (B(x,0)\|B(x,1)\|B(x,2)\|B(x,3)\|B(x,4)\|B(x,5)\|B(x,6)\|B(x,7))
147	#endif	150	#endif
		151	#endif
148		152
149	#ifndef ROTR	153	#ifndef ROTR
150	#define ROTR(x, s) (((x)>>s) \| (x)<<(64-s))	154	#define ROTR(x, s) (((x)>>s) \| (x)<<(64-s))
@@ -242,11 +246,7 @@ sha512_block_data_order(SHA512_CTX ctx, const void in, size_t num)
242	h = ctx->h[7];	246	h = ctx->h[7];
243		247
244	for (i = 0; i < 16; i++) {	248	for (i = 0; i < 16; i++) {
245	#if BYTE_ORDER == BIG_ENDIAN
246	T1 = X[i] = W[i];
247	#else
248	T1 = X[i] = PULL64(W[i]);	249	T1 = X[i] = PULL64(W[i]);
249	#endif
250	T1 += h + Sigma1(e) + Ch(e, f, g) + K512[i];	250	T1 += h + Sigma1(e) + Ch(e, f, g) + K512[i];
251	T2 = Sigma0(a) + Maj(a, b, c);	251	T2 = Sigma0(a) + Maj(a, b, c);
252	h = g;	252	h = g;
@@ -323,40 +323,6 @@ sha512_block_data_order(SHA512_CTX ctx, const void in, size_t num)
323	g = ctx->h[6];	323	g = ctx->h[6];
324	h = ctx->h[7];	324	h = ctx->h[7];
325		325
326	#if BYTE_ORDER == BIG_ENDIAN
327	T1 = X[0] = W[0];
328	ROUND_00_15(0, a, b, c, d, e, f, g, h);
329	T1 = X[1] = W[1];
330	ROUND_00_15(1, h, a, b, c, d, e, f, g);
331	T1 = X[2] = W[2];
332	ROUND_00_15(2, g, h, a, b, c, d, e, f);
333	T1 = X[3] = W[3];
334	ROUND_00_15(3, f, g, h, a, b, c, d, e);
335	T1 = X[4] = W[4];
336	ROUND_00_15(4, e, f, g, h, a, b, c, d);
337	T1 = X[5] = W[5];
338	ROUND_00_15(5, d, e, f, g, h, a, b, c);
339	T1 = X[6] = W[6];
340	ROUND_00_15(6, c, d, e, f, g, h, a, b);
341	T1 = X[7] = W[7];
342	ROUND_00_15(7, b, c, d, e, f, g, h, a);
343	T1 = X[8] = W[8];
344	ROUND_00_15(8, a, b, c, d, e, f, g, h);
345	T1 = X[9] = W[9];
346	ROUND_00_15(9, h, a, b, c, d, e, f, g);
347	T1 = X[10] = W[10];
348	ROUND_00_15(10, g, h, a, b, c, d, e, f);
349	T1 = X[11] = W[11];
350	ROUND_00_15(11, f, g, h, a, b, c, d, e);
351	T1 = X[12] = W[12];
352	ROUND_00_15(12, e, f, g, h, a, b, c, d);
353	T1 = X[13] = W[13];
354	ROUND_00_15(13, d, e, f, g, h, a, b, c);
355	T1 = X[14] = W[14];
356	ROUND_00_15(14, c, d, e, f, g, h, a, b);
357	T1 = X[15] = W[15];
358	ROUND_00_15(15, b, c, d, e, f, g, h, a);
359	#else
360	T1 = X[0] = PULL64(W[0]);	326	T1 = X[0] = PULL64(W[0]);
361	ROUND_00_15(0, a, b, c, d, e, f, g, h);	327	ROUND_00_15(0, a, b, c, d, e, f, g, h);
362	T1 = X[1] = PULL64(W[1]);	328	T1 = X[1] = PULL64(W[1]);
@@ -389,7 +355,6 @@ sha512_block_data_order(SHA512_CTX ctx, const void in, size_t num)
389	ROUND_00_15(14, c, d, e, f, g, h, a, b);	355	ROUND_00_15(14, c, d, e, f, g, h, a, b);
390	T1 = X[15] = PULL64(W[15]);	356	T1 = X[15] = PULL64(W[15]);
391	ROUND_00_15(15, b, c, d, e, f, g, h, a);	357	ROUND_00_15(15, b, c, d, e, f, g, h, a);
392	#endif
393		358
394	for (i = 16; i < 80; i += 16) {	359	for (i = 16; i < 80; i += 16) {
395	ROUND_16_80(i, 0, a, b, c, d, e, f, g, h, X);	360	ROUND_16_80(i, 0, a, b, c, d, e, f, g, h, X);