summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/sha
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/sha')
-rw-r--r--src/lib/libcrypto/sha/Makefile139
-rw-r--r--src/lib/libcrypto/sha/Makefile.ssl116
-rw-r--r--src/lib/libcrypto/sha/asm/README1
-rw-r--r--src/lib/libcrypto/sha/asm/sha1-586.pl472
-rw-r--r--src/lib/libcrypto/sha/asm/sha512-sse2.pl404
-rw-r--r--src/lib/libcrypto/sha/sha.c124
-rw-r--r--src/lib/libcrypto/sha/sha.h90
-rw-r--r--src/lib/libcrypto/sha/sha1.c127
-rw-r--r--src/lib/libcrypto/sha/sha1_one.c4
-rw-r--r--src/lib/libcrypto/sha/sha1dgst.c11
-rw-r--r--src/lib/libcrypto/sha/sha1s.cpp82
-rw-r--r--src/lib/libcrypto/sha/sha1test.c174
-rw-r--r--src/lib/libcrypto/sha/sha256t.c147
-rw-r--r--src/lib/libcrypto/sha/sha512t.c184
-rw-r--r--src/lib/libcrypto/sha/sha_dgst.c73
-rw-r--r--src/lib/libcrypto/sha/sha_locl.h306
-rw-r--r--src/lib/libcrypto/sha/sha_one.c78
-rw-r--r--src/lib/libcrypto/sha/shatest.c174
18 files changed, 2356 insertions, 350 deletions
diff --git a/src/lib/libcrypto/sha/Makefile b/src/lib/libcrypto/sha/Makefile
new file mode 100644
index 0000000000..ac64fb61d3
--- /dev/null
+++ b/src/lib/libcrypto/sha/Makefile
@@ -0,0 +1,139 @@
1#
2# OpenSSL/crypto/sha/Makefile
3#
4
5DIR= sha
6TOP= ../..
7CC= cc
8CPP= $(CC) -E
9INCLUDES=
10CFLAG=-g
11MAKEFILE= Makefile
12AR= ar r
13
14SHA1_ASM_OBJ=
15
16CFLAGS= $(INCLUDES) $(CFLAG)
17ASFLAGS= $(INCLUDES) $(ASFLAG)
18AFLAGS= $(ASFLAGS)
19
20GENERAL=Makefile
21TEST=shatest.c sha1test.c sha256t.c sha512t.c
22APPS=
23
24LIB=$(TOP)/libcrypto.a
25LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha256.c sha512.c
26LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o sha256.o sha512.o $(SHA1_ASM_OBJ)
27
28SRC= $(LIBSRC)
29
30EXHEADER= sha.h
31HEADER= sha_locl.h $(EXHEADER)
32
33ALL= $(GENERAL) $(SRC) $(HEADER)
34
35top:
36 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
37
38all: lib
39
40lib: $(LIBOBJ)
41 $(AR) $(LIB) $(LIBOBJ)
42 $(RANLIB) $(LIB) || echo Never mind.
43 @touch lib
44
45# ELF
46sx86-elf.s: asm/sha1-586.pl ../perlasm/x86asm.pl
47 (cd asm; $(PERL) sha1-586.pl elf $(CFLAGS) $(PROCESSOR) > ../$@)
48s512sse2-elf.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl
49 (cd asm; $(PERL) sha512-sse2.pl elf $(CFLAGS) $(PROCESSOR) > ../$@)
50# COFF
51sx86-cof.s: asm/sha1-586.pl ../perlasm/x86asm.pl
52 (cd asm; $(PERL) sha1-586.pl coff $(CFLAGS) $(PROCESSOR) > ../$@)
53s512sse2-cof.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl
54 (cd asm; $(PERL) sha512-sse2.pl coff $(CFLAGS) $(PROCESSOR) > ../$@)
55# a.out
56sx86-out.s: asm/sha1-586.pl ../perlasm/x86asm.pl
57 (cd asm; $(PERL) sha1-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@)
58s512sse2-out.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl
59 (cd asm; $(PERL) sha512-sse2.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@)
60
61sha1-ia64.s: asm/sha1-ia64.pl
62 (cd asm; $(PERL) sha1-ia64.pl $(CFLAGS) ) > $@
63sha256-ia64.s: asm/sha512-ia64.pl
64 (cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS))
65sha512-ia64.s: asm/sha512-ia64.pl
66 (cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS))
67
68# Solaris make has to be explicitly told
69sha1-x86_64.s: asm/sha1-x86_64.pl; $(PERL) asm/sha1-x86_64.pl $@
70sha256-x86_64.s:asm/sha512-x86_64.pl; $(PERL) asm/sha512-x86_64.pl $@
71sha512-x86_64.s:asm/sha512-x86_64.pl; $(PERL) asm/sha512-x86_64.pl $@
72
73files:
74 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
75
76links:
77 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
78 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
79 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
80
81install:
82 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
83 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
84 do \
85 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
86 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
87 done;
88
89tags:
90 ctags $(SRC)
91
92tests:
93
94lint:
95 lint -DLINT $(INCLUDES) $(SRC)>fluff
96
97depend:
98 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
99 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
100
101dclean:
102 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
103 mv -f Makefile.new $(MAKEFILE)
104
105clean:
106 rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
107
108# DO NOT DELETE THIS LINE -- make depend depends on it.
109
110sha1_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
111sha1_one.o: ../../include/openssl/opensslconf.h
112sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
113sha1_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
114sha1_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
115sha1_one.o: sha1_one.c
116sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
117sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
118sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h
119sha256.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
120sha256.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
121sha256.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
122sha256.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
123sha256.o: ../../include/openssl/symhacks.h ../md32_common.h sha256.c
124sha512.o: ../../e_os.h ../../include/openssl/bio.h
125sha512.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
126sha512.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
127sha512.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
128sha512.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
129sha512.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
130sha512.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
131sha512.o: ../cryptlib.h sha512.c
132sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
133sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
134sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h
135sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
136sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
137sha_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
138sha_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
139sha_one.o: ../../include/openssl/symhacks.h sha_one.c
diff --git a/src/lib/libcrypto/sha/Makefile.ssl b/src/lib/libcrypto/sha/Makefile.ssl
new file mode 100644
index 0000000000..4ba201c787
--- /dev/null
+++ b/src/lib/libcrypto/sha/Makefile.ssl
@@ -0,0 +1,116 @@
1#
2# SSLeay/crypto/sha/Makefile
3#
4
5DIR= sha
6TOP= ../..
7CC= cc
8CPP= $(CC) -E
9INCLUDES=
10CFLAG=-g
11INSTALL_PREFIX=
12OPENSSLDIR= /usr/local/ssl
13INSTALLTOP=/usr/local/ssl
14MAKE= make -f Makefile.ssl
15MAKEDEPPROG= makedepend
16MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
17MAKEFILE= Makefile.ssl
18AR= ar r
19
20SHA1_ASM_OBJ=
21
22CFLAGS= $(INCLUDES) $(CFLAG)
23ASFLAGS= $(INCLUDES) $(ASFLAG)
24
25GENERAL=Makefile
26TEST=shatest.c sha1test.c
27APPS=
28
29LIB=$(TOP)/libcrypto.a
30LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
31LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o $(SHA1_ASM_OBJ)
32
33SRC= $(LIBSRC)
34
35EXHEADER= sha.h
36HEADER= sha_locl.h $(EXHEADER)
37
38ALL= $(GENERAL) $(SRC) $(HEADER)
39
40top:
41 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
42
43all: lib
44
45lib: $(LIBOBJ)
46 $(AR) $(LIB) $(LIBOBJ)
47 $(RANLIB) $(LIB) || echo Never mind.
48 @touch lib
49
50# elf
51asm/sx86-elf.s: asm/sha1-586.pl ../perlasm/x86asm.pl
52 (cd asm; $(PERL) sha1-586.pl elf $(CFLAGS) $(PROCESSOR) > sx86-elf.s)
53
54# a.out
55asm/sx86-out.o: asm/sx86unix.cpp
56 $(CPP) -DOUT asm/sx86unix.cpp | as -o asm/sx86-out.o
57
58# bsdi
59asm/sx86bsdi.o: asm/sx86unix.cpp
60 $(CPP) -DBSDI asm/sx86unix.cpp | sed 's/ :/:/' | as -o asm/sx86bsdi.o
61
62asm/sx86unix.cpp: asm/sha1-586.pl ../perlasm/x86asm.pl
63 (cd asm; $(PERL) sha1-586.pl cpp $(PROCESSOR) >sx86unix.cpp)
64
65files:
66 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
67
68links:
69 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
70 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
71 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
72 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
73
74install:
75 @for i in $(EXHEADER) ; \
76 do \
77 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
78 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
79 done;
80
81tags:
82 ctags $(SRC)
83
84tests:
85
86lint:
87 lint -DLINT $(INCLUDES) $(SRC)>fluff
88
89depend:
90 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
91
92dclean:
93 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
94 mv -f Makefile.new $(MAKEFILE)
95
96clean:
97 rm -f asm/sx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
98
99# DO NOT DELETE THIS LINE -- make depend depends on it.
100
101sha1_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
102sha1_one.o: ../../include/openssl/opensslconf.h
103sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
104sha1_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
105sha1_one.o: ../../include/openssl/symhacks.h sha1_one.c
106sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
107sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
108sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h
109sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
110sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
111sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h
112sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
113sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
114sha_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
115sha_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
116sha_one.o: sha_one.c
diff --git a/src/lib/libcrypto/sha/asm/README b/src/lib/libcrypto/sha/asm/README
new file mode 100644
index 0000000000..b7e755765f
--- /dev/null
+++ b/src/lib/libcrypto/sha/asm/README
@@ -0,0 +1 @@
C2.pl works
diff --git a/src/lib/libcrypto/sha/asm/sha1-586.pl b/src/lib/libcrypto/sha/asm/sha1-586.pl
index 0b4dab2bd5..041acc0348 100644
--- a/src/lib/libcrypto/sha/asm/sha1-586.pl
+++ b/src/lib/libcrypto/sha/asm/sha1-586.pl
@@ -1,16 +1,4 @@
1#!/usr/bin/env perl 1#!/usr/local/bin/perl
2
3# ====================================================================
4# [Re]written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
5# project. The module is, however, dual licensed under OpenSSL and
6# CRYPTOGAMS licenses depending on where you obtain it. For further
7# details see http://www.openssl.org/~appro/cryptogams/.
8# ====================================================================
9
10# "[Re]written" was achieved in two major overhauls. In 2004 BODY_*
11# functions were re-implemented to address P4 performance issue [see
12# commentary below], and in 2006 the rest was rewritten in order to
13# gain freedom to liberate licensing terms.
14 2
15# It was noted that Intel IA-32 C compiler generates code which 3# It was noted that Intel IA-32 C compiler generates code which
16# performs ~30% *faster* on P4 CPU than original *hand-coded* 4# performs ~30% *faster* on P4 CPU than original *hand-coded*
@@ -21,7 +9,7 @@
21# 9#
22# compared with original compared with Intel cc 10# compared with original compared with Intel cc
23# assembler impl. generated code 11# assembler impl. generated code
24# Pentium -16% +48% 12# Pentium -25% +37%
25# PIII/AMD +8% +16% 13# PIII/AMD +8% +16%
26# P4 +85%(!) +45% 14# P4 +85%(!) +45%
27# 15#
@@ -29,115 +17,174 @@
29# improvement on P4 outweights the loss and incorporate this 17# improvement on P4 outweights the loss and incorporate this
30# re-tuned code to 0.9.7 and later. 18# re-tuned code to 0.9.7 and later.
31# ---------------------------------------------------------------- 19# ----------------------------------------------------------------
20# Those who for any particular reason absolutely must score on
21# Pentium can replace this module with one from 0.9.6 distribution.
22# This "offer" shall be revoked the moment programming interface to
23# this module is changed, in which case this paragraph should be
24# removed.
25# ----------------------------------------------------------------
32# <appro@fy.chalmers.se> 26# <appro@fy.chalmers.se>
33 27
34$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; 28$normal=0;
35push(@INC,"${dir}","${dir}../../perlasm"); 29
30push(@INC,"perlasm","../../perlasm");
36require "x86asm.pl"; 31require "x86asm.pl";
37 32
38&asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386"); 33&asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386");
39 34
40$A="eax"; 35$A="eax";
41$B="ebx"; 36$B="ecx";
42$C="ecx"; 37$C="ebx";
43$D="edx"; 38$D="edx";
44$E="edi"; 39$E="edi";
45$T="esi"; 40$T="esi";
46$tmp1="ebp"; 41$tmp1="ebp";
47 42
48@V=($A,$B,$C,$D,$E,$T); 43$off=9*4;
44
45@K=(0x5a827999,0x6ed9eba1,0x8f1bbcdc,0xca62c1d6);
46
47&sha1_block_data("sha1_block_asm_data_order");
48
49&asm_finish();
50
51sub Nn
52 {
53 local($p)=@_;
54 local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E);
55 return($n{$p});
56 }
57
58sub Np
59 {
60 local($p)=@_;
61 local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E);
62 local(%n)=($A,$B,$B,$C,$C,$D,$D,$E,$E,$T,$T,$A);
63 return($n{$p});
64 }
65
66sub Na
67 {
68 local($n)=@_;
69 return( (($n )&0x0f),
70 (($n+ 2)&0x0f),
71 (($n+ 8)&0x0f),
72 (($n+13)&0x0f),
73 (($n+ 1)&0x0f));
74 }
75
76sub X_expand
77 {
78 local($in)=@_;
79
80 &comment("First, load the words onto the stack in network byte order");
81 for ($i=0; $i<16; $i+=2)
82 {
83 &mov($A,&DWP(($i+0)*4,$in,"",0));# unless $i == 0;
84 &mov($B,&DWP(($i+1)*4,$in,"",0));
85 &bswap($A);
86 &bswap($B);
87 &mov(&swtmp($i+0),$A);
88 &mov(&swtmp($i+1),$B);
89 }
90
91 &comment("We now have the X array on the stack");
92 &comment("starting at sp-4");
93 }
94
95# Rules of engagement
96# F is always trashable at the start, the running total.
97# E becomes the next F so it can be trashed after it has been 'accumulated'
98# F becomes A in the next round. We don't need to access it much.
99# During the X update part, the result ends up in $X[$n0].
49 100
50sub BODY_00_15 101sub BODY_00_15
51 { 102 {
52 local($n,$a,$b,$c,$d,$e,$f)=@_; 103 local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
53 104
54 &comment("00_15 $n"); 105 &comment("00_15 $n");
55 106
56 &mov($f,$c); # f to hold F_00_19(b,c,d) 107 &mov($tmp1,$a);
57 if ($n==0) { &mov($tmp1,$a); } 108 &mov($f,$c); # f to hold F_00_19(b,c,d)
58 else { &mov($a,$tmp1); }
59 &rotl($tmp1,5); # tmp1=ROTATE(a,5) 109 &rotl($tmp1,5); # tmp1=ROTATE(a,5)
60 &xor($f,$d); 110 &xor($f,$d);
111 &and($f,$b);
112 &rotr($b,2); # b=ROTATE(b,30)
61 &add($tmp1,$e); # tmp1+=e; 113 &add($tmp1,$e); # tmp1+=e;
62 &and($f,$b); 114 &mov($e,&swtmp($n)); # e becomes volatile and
63 &mov($e,&swtmp($n%16)); # e becomes volatile and is loaded 115 # is loaded with xi
64 # with xi, also note that e becomes 116 &xor($f,$d); # f holds F_00_19(b,c,d)
65 # f in next round... 117 &lea($tmp1,&DWP($K,$tmp1,$e,1));# tmp1+=K_00_19+xi
66 &xor($f,$d); # f holds F_00_19(b,c,d) 118
67 &rotr($b,2); # b=ROTATE(b,30) 119 &add($f,$tmp1); # f+=tmp1
68 &lea($tmp1,&DWP(0x5a827999,$tmp1,$e)); # tmp1+=K_00_19+xi
69
70 if ($n==15) { &add($f,$tmp1); } # f+=tmp1
71 else { &add($tmp1,$f); } # f becomes a in next round
72 } 120 }
73 121
74sub BODY_16_19 122sub BODY_16_19
75 { 123 {
76 local($n,$a,$b,$c,$d,$e,$f)=@_; 124 local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
125 local($n0,$n1,$n2,$n3,$np)=&Na($n);
77 126
78 &comment("16_19 $n"); 127 &comment("16_19 $n");
79 128
80 &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) 129 &mov($f,&swtmp($n1)); # f to hold Xupdate(xi,xa,xb,xc,xd)
81 &mov($tmp1,$c); # tmp1 to hold F_00_19(b,c,d) 130 &mov($tmp1,$c); # tmp1 to hold F_00_19(b,c,d)
82 &xor($f,&swtmp(($n+2)%16)); 131 &xor($f,&swtmp($n0));
83 &xor($tmp1,$d); 132 &xor($tmp1,$d);
84 &xor($f,&swtmp(($n+8)%16)); 133 &xor($f,&swtmp($n2));
85 &and($tmp1,$b); # tmp1 holds F_00_19(b,c,d) 134 &and($tmp1,$b); # tmp1 holds F_00_19(b,c,d)
86 &rotr($b,2); # b=ROTATE(b,30) 135 &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
87 &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd 136 &rotr($b,2); # b=ROTATE(b,30)
88 &rotl($f,1); # f=ROTATE(f,1) 137 &xor($tmp1,$d); # tmp1=F_00_19(b,c,d)
89 &xor($tmp1,$d); # tmp1=F_00_19(b,c,d) 138 &rotl($f,1); # f=ROATE(f,1)
90 &mov(&swtmp($n%16),$f); # xi=f 139 &mov(&swtmp($n0),$f); # xi=f
91 &lea($f,&DWP(0x5a827999,$f,$e));# f+=K_00_19+e 140 &lea($f,&DWP($K,$f,$e,1)); # f+=K_00_19+e
92 &mov($e,$a); # e becomes volatile 141 &mov($e,$a); # e becomes volatile
93 &rotl($e,5); # e=ROTATE(a,5) 142 &add($f,$tmp1); # f+=F_00_19(b,c,d)
94 &add($f,$tmp1); # f+=F_00_19(b,c,d) 143 &rotl($e,5); # e=ROTATE(a,5)
95 &add($f,$e); # f+=ROTATE(a,5) 144 &add($f,$e); # f+=ROTATE(a,5)
96 } 145 }
97 146
98sub BODY_20_39 147sub BODY_20_39
99 { 148 {
100 local($n,$a,$b,$c,$d,$e,$f)=@_; 149 local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
101 local $K=($n<40)?0x6ed9eba1:0xca62c1d6;
102 150
103 &comment("20_39 $n"); 151 &comment("20_39 $n");
152 local($n0,$n1,$n2,$n3,$np)=&Na($n);
104 153
105 &mov($tmp1,$b); # tmp1 to hold F_20_39(b,c,d) 154 &mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd)
106 &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) 155 &mov($tmp1,$b); # tmp1 to hold F_20_39(b,c,d)
107 &rotr($b,2); # b=ROTATE(b,30) 156 &xor($f,&swtmp($n1));
108 &xor($f,&swtmp(($n+2)%16)); 157 &rotr($b,2); # b=ROTATE(b,30)
109 &xor($tmp1,$c); 158 &xor($f,&swtmp($n2));
110 &xor($f,&swtmp(($n+8)%16)); 159 &xor($tmp1,$c);
111 &xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d) 160 &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
112 &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd 161 &xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d)
113 &rotl($f,1); # f=ROTATE(f,1) 162 &rotl($f,1); # f=ROTATE(f,1)
114 &add($tmp1,$e); 163 &mov(&swtmp($n0),$f); # xi=f
115 &mov(&swtmp($n%16),$f); # xi=f 164 &lea($f,&DWP($K,$f,$e,1)); # f+=K_20_39+e
116 &mov($e,$a); # e becomes volatile 165 &mov($e,$a); # e becomes volatile
117 &rotl($e,5); # e=ROTATE(a,5) 166 &rotl($e,5); # e=ROTATE(a,5)
118 &lea($f,&DWP($K,$f,$tmp1)); # f+=K_20_39+e 167 &add($f,$tmp1); # f+=F_20_39(b,c,d)
119 &add($f,$e); # f+=ROTATE(a,5) 168 &add($f,$e); # f+=ROTATE(a,5)
120 } 169 }
121 170
122sub BODY_40_59 171sub BODY_40_59
123 { 172 {
124 local($n,$a,$b,$c,$d,$e,$f)=@_; 173 local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
125 174
126 &comment("40_59 $n"); 175 &comment("40_59 $n");
176 local($n0,$n1,$n2,$n3,$np)=&Na($n);
127 177
128 &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) 178 &mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd)
129 &mov($tmp1,&swtmp(($n+2)%16));
130 &xor($f,$tmp1);
131 &mov($tmp1,&swtmp(($n+8)%16));
132 &xor($f,$tmp1);
133 &mov($tmp1,&swtmp(($n+13)%16));
134 &xor($f,$tmp1); # f holds xa^xb^xc^xd
135 &mov($tmp1,$b); # tmp1 to hold F_40_59(b,c,d) 179 &mov($tmp1,$b); # tmp1 to hold F_40_59(b,c,d)
136 &rotl($f,1); # f=ROTATE(f,1) 180 &xor($f,&swtmp($n1));
137 &or($tmp1,$c); 181 &or($tmp1,$c);
138 &mov(&swtmp($n%16),$f); # xi=f 182 &xor($f,&swtmp($n2));
139 &and($tmp1,$d); 183 &and($tmp1,$d);
140 &lea($f,&DWP(0x8f1bbcdc,$f,$e));# f+=K_40_59+e 184 &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd
185 &rotl($f,1); # f=ROTATE(f,1)
186 &mov(&swtmp($n0),$f); # xi=f
187 &lea($f,&DWP($K,$f,$e,1)); # f+=K_40_59+e
141 &mov($e,$b); # e becomes volatile and is used 188 &mov($e,$b); # e becomes volatile and is used
142 # to calculate F_40_59(b,c,d) 189 # to calculate F_40_59(b,c,d)
143 &rotr($b,2); # b=ROTATE(b,30) 190 &rotr($b,2); # b=ROTATE(b,30)
@@ -145,75 +192,234 @@ sub BODY_40_59
145 &or($tmp1,$e); # tmp1 holds F_40_59(b,c,d) 192 &or($tmp1,$e); # tmp1 holds F_40_59(b,c,d)
146 &mov($e,$a); 193 &mov($e,$a);
147 &rotl($e,5); # e=ROTATE(a,5) 194 &rotl($e,5); # e=ROTATE(a,5)
148 &add($f,$tmp1); # f+=tmp1; 195 &add($tmp1,$e); # tmp1+=ROTATE(a,5)
149 &add($f,$e); # f+=ROTATE(a,5) 196 &add($f,$tmp1); # f+=tmp1;
150 } 197 }
151 198
152&function_begin("sha1_block_data_order",16); 199sub BODY_60_79
153 &mov($tmp1,&wparam(0)); # SHA_CTX *c 200 {
154 &mov($T,&wparam(1)); # const void *input 201 &BODY_20_39(@_);
155 &mov($A,&wparam(2)); # size_t num 202 }
156 &stack_push(16); # allocate X[16] 203
157 &shl($A,6); 204sub sha1_block_host
158 &add($A,$T); 205 {
159 &mov(&wparam(2),$A); # pointer beyond the end of input 206 local($name, $sclabel)=@_;
160 &mov($E,&DWP(16,$tmp1));# pre-load E
161 207
162 &set_label("loop",16); 208 &function_begin_B($name,"");
163 209
164 # copy input chunk to X, but reversing byte order! 210 # parameter 1 is the MD5_CTX structure.
165 for ($i=0; $i<16; $i+=4) 211 # A 0
212 # B 4
213 # C 8
214 # D 12
215 # E 16
216
217 &mov("ecx", &wparam(2));
218 &push("esi");
219 &shl("ecx",6);
220 &mov("esi", &wparam(1));
221 &push("ebp");
222 &add("ecx","esi"); # offset to leave on
223 &push("ebx");
224 &mov("ebp", &wparam(0));
225 &push("edi");
226 &mov($D, &DWP(12,"ebp","",0));
227 &stack_push(18+9);
228 &mov($E, &DWP(16,"ebp","",0));
229 &mov($C, &DWP( 8,"ebp","",0));
230 &mov(&swtmp(17),"ecx");
231
232 &comment("First we need to setup the X array");
233
234 for ($i=0; $i<16; $i+=2)
166 { 235 {
167 &mov($A,&DWP(4*($i+0),$T)); 236 &mov($A,&DWP(($i+0)*4,"esi","",0));# unless $i == 0;
168 &mov($B,&DWP(4*($i+1),$T)); 237 &mov($B,&DWP(($i+1)*4,"esi","",0));
169 &mov($C,&DWP(4*($i+2),$T));
170 &mov($D,&DWP(4*($i+3),$T));
171 &bswap($A);
172 &bswap($B);
173 &bswap($C);
174 &bswap($D);
175 &mov(&swtmp($i+0),$A); 238 &mov(&swtmp($i+0),$A);
176 &mov(&swtmp($i+1),$B); 239 &mov(&swtmp($i+1),$B);
177 &mov(&swtmp($i+2),$C);
178 &mov(&swtmp($i+3),$D);
179 } 240 }
180 &mov(&wparam(1),$T); # redundant in 1st spin 241 &jmp($sclabel);
181 242 &function_end_B($name);
182 &mov($A,&DWP(0,$tmp1)); # load SHA_CTX 243 }
183 &mov($B,&DWP(4,$tmp1)); 244
184 &mov($C,&DWP(8,$tmp1)); 245
185 &mov($D,&DWP(12,$tmp1)); 246sub sha1_block_data
186 # E is pre-loaded 247 {
187 248 local($name)=@_;
188 for($i=0;$i<16;$i++) { &BODY_00_15($i,@V); unshift(@V,pop(@V)); } 249
189 for(;$i<20;$i++) { &BODY_16_19($i,@V); unshift(@V,pop(@V)); } 250 &function_begin_B($name,"");
190 for(;$i<40;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } 251
191 for(;$i<60;$i++) { &BODY_40_59($i,@V); unshift(@V,pop(@V)); } 252 # parameter 1 is the MD5_CTX structure.
192 for(;$i<80;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } 253 # A 0
193 254 # B 4
194 (($V[5] eq $D) and ($V[0] eq $E)) or die; # double-check 255 # C 8
195 256 # D 12
196 &mov($tmp1,&wparam(0)); # re-load SHA_CTX* 257 # E 16
197 &mov($D,&wparam(1)); # D is last "T" and is discarded 258
198 259 &mov("ecx", &wparam(2));
199 &add($E,&DWP(0,$tmp1)); # E is last "A"... 260 &push("esi");
200 &add($T,&DWP(4,$tmp1)); 261 &shl("ecx",6);
201 &add($A,&DWP(8,$tmp1)); 262 &mov("esi", &wparam(1));
202 &add($B,&DWP(12,$tmp1)); 263 &push("ebp");
203 &add($C,&DWP(16,$tmp1)); 264 &add("ecx","esi"); # offset to leave on
204 265 &push("ebx");
205 &mov(&DWP(0,$tmp1),$E); # update SHA_CTX 266 &mov("ebp", &wparam(0));
206 &add($D,64); # advance input pointer 267 &push("edi");
207 &mov(&DWP(4,$tmp1),$T); 268 &mov($D, &DWP(12,"ebp","",0));
208 &cmp($D,&wparam(2)); # have we reached the end yet? 269 &stack_push(18+9);
209 &mov(&DWP(8,$tmp1),$A); 270 &mov($E, &DWP(16,"ebp","",0));
210 &mov($E,$C); # C is last "E" which needs to be "pre-loaded" 271 &mov($C, &DWP( 8,"ebp","",0));
211 &mov(&DWP(12,$tmp1),$B); 272 &mov(&swtmp(17),"ecx");
212 &mov($T,$D); # input pointer 273
213 &mov(&DWP(16,$tmp1),$C); 274 &comment("First we need to setup the X array");
214 &jb(&label("loop")); 275
215 276 &set_label("start") unless $normal;
216 &stack_pop(16); 277
217&function_end("sha1_block_data_order"); 278 &X_expand("esi");
279 &mov(&wparam(1),"esi");
280
281 &set_label("shortcut", 0, 1);
282 &comment("");
283 &comment("Start processing");
284
285 # odd start
286 &mov($A, &DWP( 0,"ebp","",0));
287 &mov($B, &DWP( 4,"ebp","",0));
288 $X="esp";
289 &BODY_00_15(-2,$K[0],$X, 0,$A,$B,$C,$D,$E,$T);
290 &BODY_00_15( 0,$K[0],$X, 1,$T,$A,$B,$C,$D,$E);
291 &BODY_00_15( 0,$K[0],$X, 2,$E,$T,$A,$B,$C,$D);
292 &BODY_00_15( 0,$K[0],$X, 3,$D,$E,$T,$A,$B,$C);
293 &BODY_00_15( 0,$K[0],$X, 4,$C,$D,$E,$T,$A,$B);
294 &BODY_00_15( 0,$K[0],$X, 5,$B,$C,$D,$E,$T,$A);
295 &BODY_00_15( 0,$K[0],$X, 6,$A,$B,$C,$D,$E,$T);
296 &BODY_00_15( 0,$K[0],$X, 7,$T,$A,$B,$C,$D,$E);
297 &BODY_00_15( 0,$K[0],$X, 8,$E,$T,$A,$B,$C,$D);
298 &BODY_00_15( 0,$K[0],$X, 9,$D,$E,$T,$A,$B,$C);
299 &BODY_00_15( 0,$K[0],$X,10,$C,$D,$E,$T,$A,$B);
300 &BODY_00_15( 0,$K[0],$X,11,$B,$C,$D,$E,$T,$A);
301 &BODY_00_15( 0,$K[0],$X,12,$A,$B,$C,$D,$E,$T);
302 &BODY_00_15( 0,$K[0],$X,13,$T,$A,$B,$C,$D,$E);
303 &BODY_00_15( 0,$K[0],$X,14,$E,$T,$A,$B,$C,$D);
304 &BODY_00_15( 1,$K[0],$X,15,$D,$E,$T,$A,$B,$C);
305 &BODY_16_19(-1,$K[0],$X,16,$C,$D,$E,$T,$A,$B);
306 &BODY_16_19( 0,$K[0],$X,17,$B,$C,$D,$E,$T,$A);
307 &BODY_16_19( 0,$K[0],$X,18,$A,$B,$C,$D,$E,$T);
308 &BODY_16_19( 1,$K[0],$X,19,$T,$A,$B,$C,$D,$E);
309
310 &BODY_20_39(-1,$K[1],$X,20,$E,$T,$A,$B,$C,$D);
311 &BODY_20_39( 0,$K[1],$X,21,$D,$E,$T,$A,$B,$C);
312 &BODY_20_39( 0,$K[1],$X,22,$C,$D,$E,$T,$A,$B);
313 &BODY_20_39( 0,$K[1],$X,23,$B,$C,$D,$E,$T,$A);
314 &BODY_20_39( 0,$K[1],$X,24,$A,$B,$C,$D,$E,$T);
315 &BODY_20_39( 0,$K[1],$X,25,$T,$A,$B,$C,$D,$E);
316 &BODY_20_39( 0,$K[1],$X,26,$E,$T,$A,$B,$C,$D);
317 &BODY_20_39( 0,$K[1],$X,27,$D,$E,$T,$A,$B,$C);
318 &BODY_20_39( 0,$K[1],$X,28,$C,$D,$E,$T,$A,$B);
319 &BODY_20_39( 0,$K[1],$X,29,$B,$C,$D,$E,$T,$A);
320 &BODY_20_39( 0,$K[1],$X,30,$A,$B,$C,$D,$E,$T);
321 &BODY_20_39( 0,$K[1],$X,31,$T,$A,$B,$C,$D,$E);
322 &BODY_20_39( 0,$K[1],$X,32,$E,$T,$A,$B,$C,$D);
323 &BODY_20_39( 0,$K[1],$X,33,$D,$E,$T,$A,$B,$C);
324 &BODY_20_39( 0,$K[1],$X,34,$C,$D,$E,$T,$A,$B);
325 &BODY_20_39( 0,$K[1],$X,35,$B,$C,$D,$E,$T,$A);
326 &BODY_20_39( 0,$K[1],$X,36,$A,$B,$C,$D,$E,$T);
327 &BODY_20_39( 0,$K[1],$X,37,$T,$A,$B,$C,$D,$E);
328 &BODY_20_39( 0,$K[1],$X,38,$E,$T,$A,$B,$C,$D);
329 &BODY_20_39( 1,$K[1],$X,39,$D,$E,$T,$A,$B,$C);
330
331 &BODY_40_59(-1,$K[2],$X,40,$C,$D,$E,$T,$A,$B);
332 &BODY_40_59( 0,$K[2],$X,41,$B,$C,$D,$E,$T,$A);
333 &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
334 &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
335 &BODY_40_59( 0,$K[2],$X,44,$E,$T,$A,$B,$C,$D);
336 &BODY_40_59( 0,$K[2],$X,45,$D,$E,$T,$A,$B,$C);
337 &BODY_40_59( 0,$K[2],$X,46,$C,$D,$E,$T,$A,$B);
338 &BODY_40_59( 0,$K[2],$X,47,$B,$C,$D,$E,$T,$A);
339 &BODY_40_59( 0,$K[2],$X,48,$A,$B,$C,$D,$E,$T);
340 &BODY_40_59( 0,$K[2],$X,49,$T,$A,$B,$C,$D,$E);
341 &BODY_40_59( 0,$K[2],$X,50,$E,$T,$A,$B,$C,$D);
342 &BODY_40_59( 0,$K[2],$X,51,$D,$E,$T,$A,$B,$C);
343 &BODY_40_59( 0,$K[2],$X,52,$C,$D,$E,$T,$A,$B);
344 &BODY_40_59( 0,$K[2],$X,53,$B,$C,$D,$E,$T,$A);
345 &BODY_40_59( 0,$K[2],$X,54,$A,$B,$C,$D,$E,$T);
346 &BODY_40_59( 0,$K[2],$X,55,$T,$A,$B,$C,$D,$E);
347 &BODY_40_59( 0,$K[2],$X,56,$E,$T,$A,$B,$C,$D);
348 &BODY_40_59( 0,$K[2],$X,57,$D,$E,$T,$A,$B,$C);
349 &BODY_40_59( 0,$K[2],$X,58,$C,$D,$E,$T,$A,$B);
350 &BODY_40_59( 1,$K[2],$X,59,$B,$C,$D,$E,$T,$A);
351
352 &BODY_60_79(-1,$K[3],$X,60,$A,$B,$C,$D,$E,$T);
353 &BODY_60_79( 0,$K[3],$X,61,$T,$A,$B,$C,$D,$E);
354 &BODY_60_79( 0,$K[3],$X,62,$E,$T,$A,$B,$C,$D);
355 &BODY_60_79( 0,$K[3],$X,63,$D,$E,$T,$A,$B,$C);
356 &BODY_60_79( 0,$K[3],$X,64,$C,$D,$E,$T,$A,$B);
357 &BODY_60_79( 0,$K[3],$X,65,$B,$C,$D,$E,$T,$A);
358 &BODY_60_79( 0,$K[3],$X,66,$A,$B,$C,$D,$E,$T);
359 &BODY_60_79( 0,$K[3],$X,67,$T,$A,$B,$C,$D,$E);
360 &BODY_60_79( 0,$K[3],$X,68,$E,$T,$A,$B,$C,$D);
361 &BODY_60_79( 0,$K[3],$X,69,$D,$E,$T,$A,$B,$C);
362 &BODY_60_79( 0,$K[3],$X,70,$C,$D,$E,$T,$A,$B);
363 &BODY_60_79( 0,$K[3],$X,71,$B,$C,$D,$E,$T,$A);
364 &BODY_60_79( 0,$K[3],$X,72,$A,$B,$C,$D,$E,$T);
365 &BODY_60_79( 0,$K[3],$X,73,$T,$A,$B,$C,$D,$E);
366 &BODY_60_79( 0,$K[3],$X,74,$E,$T,$A,$B,$C,$D);
367 &BODY_60_79( 0,$K[3],$X,75,$D,$E,$T,$A,$B,$C);
368 &BODY_60_79( 0,$K[3],$X,76,$C,$D,$E,$T,$A,$B);
369 &BODY_60_79( 0,$K[3],$X,77,$B,$C,$D,$E,$T,$A);
370 &BODY_60_79( 0,$K[3],$X,78,$A,$B,$C,$D,$E,$T);
371 &BODY_60_79( 2,$K[3],$X,79,$T,$A,$B,$C,$D,$E);
372
373 &comment("End processing");
374 &comment("");
375 # D is the tmp value
376
377 # E -> A
378 # T -> B
379 # A -> C
380 # B -> D
381 # C -> E
382 # D -> T
383
384 &mov($tmp1,&wparam(0));
385
386 &mov($D, &DWP(12,$tmp1,"",0));
387 &add($D,$B);
388 &mov($B, &DWP( 4,$tmp1,"",0));
389 &add($B,$T);
390 &mov($T, $A);
391 &mov($A, &DWP( 0,$tmp1,"",0));
392 &mov(&DWP(12,$tmp1,"",0),$D);
393
394 &add($A,$E);
395 &mov($E, &DWP(16,$tmp1,"",0));
396 &add($E,$C);
397 &mov($C, &DWP( 8,$tmp1,"",0));
398 &add($C,$T);
399
400 &mov(&DWP( 0,$tmp1,"",0),$A);
401 &mov("esi",&wparam(1));
402 &mov(&DWP( 8,$tmp1,"",0),$C);
403 &add("esi",64);
404 &mov("eax",&swtmp(17));
405 &mov(&DWP(16,$tmp1,"",0),$E);
406 &cmp("esi","eax");
407 &mov(&DWP( 4,$tmp1,"",0),$B);
408 &jb(&label("start"));
409
410 &stack_pop(18+9);
411 &pop("edi");
412 &pop("ebx");
413 &pop("ebp");
414 &pop("esi");
415 &ret();
416
417 # keep a note of shortcut label so it can be used outside
418 # block.
419 my $sclabel = &label("shortcut");
420
421 &function_end_B($name);
422 # Putting this here avoids problems with MASM in debugging mode
423 &sha1_block_host("sha1_block_asm_host_order", $sclabel);
424 }
218 425
219&asm_finish();
diff --git a/src/lib/libcrypto/sha/asm/sha512-sse2.pl b/src/lib/libcrypto/sha/asm/sha512-sse2.pl
new file mode 100644
index 0000000000..10902bf673
--- /dev/null
+++ b/src/lib/libcrypto/sha/asm/sha512-sse2.pl
@@ -0,0 +1,404 @@
1#!/usr/bin/env perl
2#
3# ====================================================================
4# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
5# project. Rights for redistribution and usage in source and binary
6# forms are granted according to the OpenSSL license.
7# ====================================================================
8#
9# SHA512_Transform_SSE2.
10#
11# As the name suggests, this is an IA-32 SSE2 implementation of
12# SHA512_Transform. Motivating factor for the undertaken effort was that
13# SHA512 was observed to *consistently* perform *significantly* poorer
14# than SHA256 [2x and slower is common] on 32-bit platforms. On 64-bit
15# platforms on the other hand SHA512 tend to outperform SHA256 [~50%
16# seem to be common improvement factor]. All this is perfectly natural,
17# as SHA512 is a 64-bit algorithm. But isn't IA-32 SSE2 essentially
18# a 64-bit instruction set? Is it rich enough to implement SHA512?
19# If answer was "no," then you wouldn't have been reading this...
20#
21# Throughput performance in MBps (larger is better):
22#
23# 2.4GHz P4 1.4GHz AMD32 1.4GHz AMD64(*)
24# SHA256/gcc(*) 54 43 59
25# SHA512/gcc 17 23 92
26# SHA512/sse2 61(**) 57(**)
27# SHA512/icc 26 28
28# SHA256/icc(*) 65 54
29#
30# (*) AMD64 and SHA256 numbers are presented mostly for amusement or
31# reference purposes.
32# (**) I.e. it gives ~2-3x speed-up if compared with compiler generated
33# code. One can argue that hand-coded *non*-SSE2 implementation
34# would perform better than compiler generated one as well, and
35# that comparison is therefore not exactly fair. Well, as SHA512
36# puts enormous pressure on IA-32 GP register bank, I reckon that
37# hand-coded version wouldn't perform significantly better than
38# one compiled with icc, ~20% perhaps... So that this code would
39# still outperform it with distinguishing marginal. But feel free
40# to prove me wrong:-)
41# <appro@fy.chalmers.se>
42push(@INC,"perlasm","../../perlasm");
43require "x86asm.pl";
44
45&asm_init($ARGV[0],"sha512-sse2.pl",$ARGV[$#ARGV] eq "386");
46
47$K512="esi"; # K512[80] table, found at the end...
48#$W512="esp"; # $W512 is not just W512[16]: it comprises *two* copies
49 # of W512[16] and a copy of A-H variables...
50$W512_SZ=8*(16+16+8); # see above...
51#$Kidx="ebx"; # index in K512 table, advances from 0 to 80...
52$Widx="edx"; # index in W512, wraps around at 16...
53$data="edi"; # 16 qwords of input data...
54$A="mm0"; # B-D and
55$E="mm1"; # F-H are allocated dynamically...
56$Aoff=256+0; # A-H offsets relative to $W512...
57$Boff=256+8;
58$Coff=256+16;
59$Doff=256+24;
60$Eoff=256+32;
61$Foff=256+40;
62$Goff=256+48;
63$Hoff=256+56;
64
65sub SHA2_ROUND()
66{ local ($kidx,$widx)=@_;
67
68 # One can argue that one could reorder instructions for better
69 # performance. Well, I tried and it doesn't seem to make any
70 # noticeable difference. Modern out-of-order execution cores
71 # reorder instructions to their liking in either case and they
72 # apparently do decent job. So we can keep the code more
73 # readable/regular/comprehensible:-)
74
75 # I adhere to 64-bit %mmX registers in order to avoid/not care
76 # about #GP exceptions on misaligned 128-bit access, most
77 # notably in paddq with memory operand. Not to mention that
78 # SSE2 intructions operating on %mmX can be scheduled every
79 # cycle [and not every second one if operating on %xmmN].
80
81 &movq ("mm4",&QWP($Foff,$W512)); # load f
82 &movq ("mm5",&QWP($Goff,$W512)); # load g
83 &movq ("mm6",&QWP($Hoff,$W512)); # load h
84
85 &movq ("mm2",$E); # %mm2 is sliding right
86 &movq ("mm3",$E); # %mm3 is sliding left
87 &psrlq ("mm2",14);
88 &psllq ("mm3",23);
89 &movq ("mm7","mm2"); # %mm7 is T1
90 &pxor ("mm7","mm3");
91 &psrlq ("mm2",4);
92 &psllq ("mm3",23);
93 &pxor ("mm7","mm2");
94 &pxor ("mm7","mm3");
95 &psrlq ("mm2",23);
96 &psllq ("mm3",4);
97 &pxor ("mm7","mm2");
98 &pxor ("mm7","mm3"); # T1=Sigma1_512(e)
99
100 &movq (&QWP($Foff,$W512),$E); # f = e
101 &movq (&QWP($Goff,$W512),"mm4"); # g = f
102 &movq (&QWP($Hoff,$W512),"mm5"); # h = g
103
104 &pxor ("mm4","mm5"); # f^=g
105 &pand ("mm4",$E); # f&=e
106 &pxor ("mm4","mm5"); # f^=g
107 &paddq ("mm7","mm4"); # T1+=Ch(e,f,g)
108
109 &movq ("mm2",&QWP($Boff,$W512)); # load b
110 &movq ("mm3",&QWP($Coff,$W512)); # load c
111 &movq ($E,&QWP($Doff,$W512)); # e = d
112
113 &paddq ("mm7","mm6"); # T1+=h
114 &paddq ("mm7",&QWP(0,$K512,$kidx,8)); # T1+=K512[i]
115 &paddq ("mm7",&QWP(0,$W512,$widx,8)); # T1+=W512[i]
116 &paddq ($E,"mm7"); # e += T1
117
118 &movq ("mm4",$A); # %mm4 is sliding right
119 &movq ("mm5",$A); # %mm5 is sliding left
120 &psrlq ("mm4",28);
121 &psllq ("mm5",25);
122 &movq ("mm6","mm4"); # %mm6 is T2
123 &pxor ("mm6","mm5");
124 &psrlq ("mm4",6);
125 &psllq ("mm5",5);
126 &pxor ("mm6","mm4");
127 &pxor ("mm6","mm5");
128 &psrlq ("mm4",5);
129 &psllq ("mm5",6);
130 &pxor ("mm6","mm4");
131 &pxor ("mm6","mm5"); # T2=Sigma0_512(a)
132
133 &movq (&QWP($Boff,$W512),$A); # b = a
134 &movq (&QWP($Coff,$W512),"mm2"); # c = b
135 &movq (&QWP($Doff,$W512),"mm3"); # d = c
136
137 &movq ("mm4",$A); # %mm4=a
138 &por ($A,"mm3"); # a=a|c
139 &pand ("mm4","mm3"); # %mm4=a&c
140 &pand ($A,"mm2"); # a=(a|c)&b
141 &por ("mm4",$A); # %mm4=(a&c)|((a|c)&b)
142 &paddq ("mm6","mm4"); # T2+=Maj(a,b,c)
143
144 &movq ($A,"mm7"); # a=T1
145 &paddq ($A,"mm6"); # a+=T2
146}
147
148$func="sha512_block_sse2";
149
150&function_begin_B($func);
151 if (0) {# Caller is expected to check if it's appropriate to
152 # call this routine. Below 3 lines are retained for
153 # debugging purposes...
154 &picmeup("eax","OPENSSL_ia32cap");
155 &bt (&DWP(0,"eax"),26);
156 &jnc ("SHA512_Transform");
157 }
158
159 &push ("ebp");
160 &mov ("ebp","esp");
161 &push ("ebx");
162 &push ("esi");
163 &push ("edi");
164
165 &mov ($Widx,&DWP(8,"ebp")); # A-H state, 1st arg
166 &mov ($data,&DWP(12,"ebp")); # input data, 2nd arg
167 &call (&label("pic_point")); # make it PIC!
168&set_label("pic_point");
169 &blindpop($K512);
170 &lea ($K512,&DWP(&label("K512")."-".&label("pic_point"),$K512));
171
172 $W512 = "esp"; # start using %esp as W512
173 &sub ($W512,$W512_SZ);
174 &and ($W512,-16); # ensure 128-bit alignment
175
176 # make private copy of A-H
177 # v assume the worst and stick to unaligned load
178 &movdqu ("xmm0",&QWP(0,$Widx));
179 &movdqu ("xmm1",&QWP(16,$Widx));
180 &movdqu ("xmm2",&QWP(32,$Widx));
181 &movdqu ("xmm3",&QWP(48,$Widx));
182
183&align(8);
184&set_label("_chunk_loop");
185
186 &movdqa (&QWP($Aoff,$W512),"xmm0"); # a,b
187 &movdqa (&QWP($Coff,$W512),"xmm1"); # c,d
188 &movdqa (&QWP($Eoff,$W512),"xmm2"); # e,f
189 &movdqa (&QWP($Goff,$W512),"xmm3"); # g,h
190
191 &xor ($Widx,$Widx);
192
193 &movdq2q($A,"xmm0"); # load a
194 &movdq2q($E,"xmm2"); # load e
195
196 # Why aren't loops unrolled? It makes sense to unroll if
197 # execution time for loop body is comparable with branch
198 # penalties and/or if whole data-set resides in register bank.
199 # Neither is case here... Well, it would be possible to
200 # eliminate few store operations, but it would hardly affect
201 # so to say stop-watch performance, as there is a lot of
202 # available memory slots to fill. It will only relieve some
203 # pressure off memory bus...
204
205 # flip input stream byte order...
206 &mov ("eax",&DWP(0,$data,$Widx,8));
207 &mov ("ebx",&DWP(4,$data,$Widx,8));
208 &bswap ("eax");
209 &bswap ("ebx");
210 &mov (&DWP(0,$W512,$Widx,8),"ebx"); # W512[i]
211 &mov (&DWP(4,$W512,$Widx,8),"eax");
212 &mov (&DWP(128+0,$W512,$Widx,8),"ebx"); # copy of W512[i]
213 &mov (&DWP(128+4,$W512,$Widx,8),"eax");
214
215&align(8);
216&set_label("_1st_loop"); # 0-15
217 # flip input stream byte order...
218 &mov ("eax",&DWP(0+8,$data,$Widx,8));
219 &mov ("ebx",&DWP(4+8,$data,$Widx,8));
220 &bswap ("eax");
221 &bswap ("ebx");
222 &mov (&DWP(0+8,$W512,$Widx,8),"ebx"); # W512[i]
223 &mov (&DWP(4+8,$W512,$Widx,8),"eax");
224 &mov (&DWP(128+0+8,$W512,$Widx,8),"ebx"); # copy of W512[i]
225 &mov (&DWP(128+4+8,$W512,$Widx,8),"eax");
226&set_label("_1st_looplet");
227 &SHA2_ROUND($Widx,$Widx); &inc($Widx);
228
229&cmp ($Widx,15)
230&jl (&label("_1st_loop"));
231&je (&label("_1st_looplet")); # playing similar trick on 2nd loop
232 # does not improve performance...
233
234 $Kidx = "ebx"; # start using %ebx as Kidx
235 &mov ($Kidx,$Widx);
236
237&align(8);
238&set_label("_2nd_loop"); # 16-79
239 &and($Widx,0xf);
240
241 # 128-bit fragment! I update W512[i] and W512[i+1] in
242 # parallel:-) Note that I refer to W512[(i&0xf)+N] and not to
243 # W512[(i+N)&0xf]! This is exactly what I maintain the second
244 # copy of W512[16] for...
245 &movdqu ("xmm0",&QWP(8*1,$W512,$Widx,8)); # s0=W512[i+1]
246 &movdqa ("xmm2","xmm0"); # %xmm2 is sliding right
247 &movdqa ("xmm3","xmm0"); # %xmm3 is sliding left
248 &psrlq ("xmm2",1);
249 &psllq ("xmm3",56);
250 &movdqa ("xmm0","xmm2");
251 &pxor ("xmm0","xmm3");
252 &psrlq ("xmm2",6);
253 &psllq ("xmm3",7);
254 &pxor ("xmm0","xmm2");
255 &pxor ("xmm0","xmm3");
256 &psrlq ("xmm2",1);
257 &pxor ("xmm0","xmm2"); # s0 = sigma0_512(s0);
258
259 &movdqa ("xmm1",&QWP(8*14,$W512,$Widx,8)); # s1=W512[i+14]
260 &movdqa ("xmm4","xmm1"); # %xmm4 is sliding right
261 &movdqa ("xmm5","xmm1"); # %xmm5 is sliding left
262 &psrlq ("xmm4",6);
263 &psllq ("xmm5",3);
264 &movdqa ("xmm1","xmm4");
265 &pxor ("xmm1","xmm5");
266 &psrlq ("xmm4",13);
267 &psllq ("xmm5",42);
268 &pxor ("xmm1","xmm4");
269 &pxor ("xmm1","xmm5");
270 &psrlq ("xmm4",42);
271 &pxor ("xmm1","xmm4"); # s1 = sigma1_512(s1);
272
273 # + have to explictly load W512[i+9] as it's not 128-bit
274 # v aligned and paddq would throw an exception...
275 &movdqu ("xmm6",&QWP(8*9,$W512,$Widx,8));
276 &paddq ("xmm0","xmm1"); # s0 += s1
277 &paddq ("xmm0","xmm6"); # s0 += W512[i+9]
278 &paddq ("xmm0",&QWP(0,$W512,$Widx,8)); # s0 += W512[i]
279
280 &movdqa (&QWP(0,$W512,$Widx,8),"xmm0"); # W512[i] = s0
281 &movdqa (&QWP(16*8,$W512,$Widx,8),"xmm0"); # copy of W512[i]
282
283 # as the above fragment was 128-bit, we "owe" 2 rounds...
284 &SHA2_ROUND($Kidx,$Widx); &inc($Kidx); &inc($Widx);
285 &SHA2_ROUND($Kidx,$Widx); &inc($Kidx); &inc($Widx);
286
287&cmp ($Kidx,80);
288&jl (&label("_2nd_loop"));
289
290 # update A-H state
291 &mov ($Widx,&DWP(8,"ebp")); # A-H state, 1st arg
292 &movq (&QWP($Aoff,$W512),$A); # write out a
293 &movq (&QWP($Eoff,$W512),$E); # write out e
294 &movdqu ("xmm0",&QWP(0,$Widx));
295 &movdqu ("xmm1",&QWP(16,$Widx));
296 &movdqu ("xmm2",&QWP(32,$Widx));
297 &movdqu ("xmm3",&QWP(48,$Widx));
298 &paddq ("xmm0",&QWP($Aoff,$W512)); # 128-bit additions...
299 &paddq ("xmm1",&QWP($Coff,$W512));
300 &paddq ("xmm2",&QWP($Eoff,$W512));
301 &paddq ("xmm3",&QWP($Goff,$W512));
302 &movdqu (&QWP(0,$Widx),"xmm0");
303 &movdqu (&QWP(16,$Widx),"xmm1");
304 &movdqu (&QWP(32,$Widx),"xmm2");
305 &movdqu (&QWP(48,$Widx),"xmm3");
306
307&add ($data,16*8); # advance input data pointer
308&dec (&DWP(16,"ebp")); # decrement 3rd arg
309&jnz (&label("_chunk_loop"));
310
311 # epilogue
312 &emms (); # required for at least ELF and Win32 ABIs
313 &mov ("edi",&DWP(-12,"ebp"));
314 &mov ("esi",&DWP(-8,"ebp"));
315 &mov ("ebx",&DWP(-4,"ebp"));
316 &leave ();
317&ret ();
318
319&align(64);
320&set_label("K512"); # Yes! I keep it in the code segment!
321 &data_word(0xd728ae22,0x428a2f98); # u64
322 &data_word(0x23ef65cd,0x71374491); # u64
323 &data_word(0xec4d3b2f,0xb5c0fbcf); # u64
324 &data_word(0x8189dbbc,0xe9b5dba5); # u64
325 &data_word(0xf348b538,0x3956c25b); # u64
326 &data_word(0xb605d019,0x59f111f1); # u64
327 &data_word(0xaf194f9b,0x923f82a4); # u64
328 &data_word(0xda6d8118,0xab1c5ed5); # u64
329 &data_word(0xa3030242,0xd807aa98); # u64
330 &data_word(0x45706fbe,0x12835b01); # u64
331 &data_word(0x4ee4b28c,0x243185be); # u64
332 &data_word(0xd5ffb4e2,0x550c7dc3); # u64
333 &data_word(0xf27b896f,0x72be5d74); # u64
334 &data_word(0x3b1696b1,0x80deb1fe); # u64
335 &data_word(0x25c71235,0x9bdc06a7); # u64
336 &data_word(0xcf692694,0xc19bf174); # u64
337 &data_word(0x9ef14ad2,0xe49b69c1); # u64
338 &data_word(0x384f25e3,0xefbe4786); # u64
339 &data_word(0x8b8cd5b5,0x0fc19dc6); # u64
340 &data_word(0x77ac9c65,0x240ca1cc); # u64
341 &data_word(0x592b0275,0x2de92c6f); # u64
342 &data_word(0x6ea6e483,0x4a7484aa); # u64
343 &data_word(0xbd41fbd4,0x5cb0a9dc); # u64
344 &data_word(0x831153b5,0x76f988da); # u64
345 &data_word(0xee66dfab,0x983e5152); # u64
346 &data_word(0x2db43210,0xa831c66d); # u64
347 &data_word(0x98fb213f,0xb00327c8); # u64
348 &data_word(0xbeef0ee4,0xbf597fc7); # u64
349 &data_word(0x3da88fc2,0xc6e00bf3); # u64
350 &data_word(0x930aa725,0xd5a79147); # u64
351 &data_word(0xe003826f,0x06ca6351); # u64
352 &data_word(0x0a0e6e70,0x14292967); # u64
353 &data_word(0x46d22ffc,0x27b70a85); # u64
354 &data_word(0x5c26c926,0x2e1b2138); # u64
355 &data_word(0x5ac42aed,0x4d2c6dfc); # u64
356 &data_word(0x9d95b3df,0x53380d13); # u64
357 &data_word(0x8baf63de,0x650a7354); # u64
358 &data_word(0x3c77b2a8,0x766a0abb); # u64
359 &data_word(0x47edaee6,0x81c2c92e); # u64
360 &data_word(0x1482353b,0x92722c85); # u64
361 &data_word(0x4cf10364,0xa2bfe8a1); # u64
362 &data_word(0xbc423001,0xa81a664b); # u64
363 &data_word(0xd0f89791,0xc24b8b70); # u64
364 &data_word(0x0654be30,0xc76c51a3); # u64
365 &data_word(0xd6ef5218,0xd192e819); # u64
366 &data_word(0x5565a910,0xd6990624); # u64
367 &data_word(0x5771202a,0xf40e3585); # u64
368 &data_word(0x32bbd1b8,0x106aa070); # u64
369 &data_word(0xb8d2d0c8,0x19a4c116); # u64
370 &data_word(0x5141ab53,0x1e376c08); # u64
371 &data_word(0xdf8eeb99,0x2748774c); # u64
372 &data_word(0xe19b48a8,0x34b0bcb5); # u64
373 &data_word(0xc5c95a63,0x391c0cb3); # u64
374 &data_word(0xe3418acb,0x4ed8aa4a); # u64
375 &data_word(0x7763e373,0x5b9cca4f); # u64
376 &data_word(0xd6b2b8a3,0x682e6ff3); # u64
377 &data_word(0x5defb2fc,0x748f82ee); # u64
378 &data_word(0x43172f60,0x78a5636f); # u64
379 &data_word(0xa1f0ab72,0x84c87814); # u64
380 &data_word(0x1a6439ec,0x8cc70208); # u64
381 &data_word(0x23631e28,0x90befffa); # u64
382 &data_word(0xde82bde9,0xa4506ceb); # u64
383 &data_word(0xb2c67915,0xbef9a3f7); # u64
384 &data_word(0xe372532b,0xc67178f2); # u64
385 &data_word(0xea26619c,0xca273ece); # u64
386 &data_word(0x21c0c207,0xd186b8c7); # u64
387 &data_word(0xcde0eb1e,0xeada7dd6); # u64
388 &data_word(0xee6ed178,0xf57d4f7f); # u64
389 &data_word(0x72176fba,0x06f067aa); # u64
390 &data_word(0xa2c898a6,0x0a637dc5); # u64
391 &data_word(0xbef90dae,0x113f9804); # u64
392 &data_word(0x131c471b,0x1b710b35); # u64
393 &data_word(0x23047d84,0x28db77f5); # u64
394 &data_word(0x40c72493,0x32caab7b); # u64
395 &data_word(0x15c9bebc,0x3c9ebe0a); # u64
396 &data_word(0x9c100d4c,0x431d67c4); # u64
397 &data_word(0xcb3e42b6,0x4cc5d4be); # u64
398 &data_word(0xfc657e2a,0x597f299c); # u64
399 &data_word(0x3ad6faec,0x5fcb6fab); # u64
400 &data_word(0x4a475817,0x6c44198c); # u64
401
402&function_end_B($func);
403
404&asm_finish();
diff --git a/src/lib/libcrypto/sha/sha.c b/src/lib/libcrypto/sha/sha.c
new file mode 100644
index 0000000000..42126551d1
--- /dev/null
+++ b/src/lib/libcrypto/sha/sha.c
@@ -0,0 +1,124 @@
1/* crypto/sha/sha.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <openssl/sha.h>
62
63#define BUFSIZE 1024*16
64
65void do_fp(FILE *f);
66void pt(unsigned char *md);
67int read(int, void *, unsigned int);
68int main(int argc, char **argv)
69 {
70 int i,err=0;
71 FILE *IN;
72
73 if (argc == 1)
74 {
75 do_fp(stdin);
76 }
77 else
78 {
79 for (i=1; i<argc; i++)
80 {
81 IN=fopen(argv[i],"r");
82 if (IN == NULL)
83 {
84 perror(argv[i]);
85 err++;
86 continue;
87 }
88 printf("SHA(%s)= ",argv[i]);
89 do_fp(IN);
90 fclose(IN);
91 }
92 }
93 exit(err);
94 }
95
96void do_fp(FILE *f)
97 {
98 SHA_CTX c;
99 unsigned char md[SHA_DIGEST_LENGTH];
100 int fd;
101 int i;
102 unsigned char buf[BUFSIZE];
103
104 fd=fileno(f);
105 SHA_Init(&c);
106 for (;;)
107 {
108 i=read(fd,buf,BUFSIZE);
109 if (i <= 0) break;
110 SHA_Update(&c,buf,(unsigned long)i);
111 }
112 SHA_Final(&(md[0]),&c);
113 pt(md);
114 }
115
116void pt(unsigned char *md)
117 {
118 int i;
119
120 for (i=0; i<SHA_DIGEST_LENGTH; i++)
121 printf("%02x",md[i]);
122 printf("\n");
123 }
124
diff --git a/src/lib/libcrypto/sha/sha.h b/src/lib/libcrypto/sha/sha.h
index eed44d7f94..79c07b0fd1 100644
--- a/src/lib/libcrypto/sha/sha.h
+++ b/src/lib/libcrypto/sha/sha.h
@@ -60,7 +60,6 @@
60#define HEADER_SHA_H 60#define HEADER_SHA_H
61 61
62#include <openssl/e_os2.h> 62#include <openssl/e_os2.h>
63#include <stddef.h>
64 63
65#ifdef __cplusplus 64#ifdef __cplusplus
66extern "C" { 65extern "C" {
@@ -71,7 +70,7 @@ extern "C" {
71#endif 70#endif
72 71
73#if defined(OPENSSL_FIPS) 72#if defined(OPENSSL_FIPS)
74#define FIPS_SHA_SIZE_T size_t 73#define FIPS_SHA_SIZE_T unsigned long
75#endif 74#endif
76 75
77/* 76/*
@@ -102,97 +101,26 @@ typedef struct SHAstate_st
102 SHA_LONG h0,h1,h2,h3,h4; 101 SHA_LONG h0,h1,h2,h3,h4;
103 SHA_LONG Nl,Nh; 102 SHA_LONG Nl,Nh;
104 SHA_LONG data[SHA_LBLOCK]; 103 SHA_LONG data[SHA_LBLOCK];
105 unsigned int num; 104 int num;
106 } SHA_CTX; 105 } SHA_CTX;
107 106
108#ifndef OPENSSL_NO_SHA0 107#ifndef OPENSSL_NO_SHA0
108#ifdef OPENSSL_FIPS
109int private_SHA_Init(SHA_CTX *c);
110#endif
109int SHA_Init(SHA_CTX *c); 111int SHA_Init(SHA_CTX *c);
110int SHA_Update(SHA_CTX *c, const void *data, size_t len); 112int SHA_Update(SHA_CTX *c, const void *data, unsigned long len);
111int SHA_Final(unsigned char *md, SHA_CTX *c); 113int SHA_Final(unsigned char *md, SHA_CTX *c);
112unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md); 114unsigned char *SHA(const unsigned char *d, unsigned long n,unsigned char *md);
113void SHA_Transform(SHA_CTX *c, const unsigned char *data); 115void SHA_Transform(SHA_CTX *c, const unsigned char *data);
114#endif 116#endif
115#ifndef OPENSSL_NO_SHA1 117#ifndef OPENSSL_NO_SHA1
116int SHA1_Init(SHA_CTX *c); 118int SHA1_Init(SHA_CTX *c);
117int SHA1_Update(SHA_CTX *c, const void *data, size_t len); 119int SHA1_Update(SHA_CTX *c, const void *data, unsigned long len);
118int SHA1_Final(unsigned char *md, SHA_CTX *c); 120int SHA1_Final(unsigned char *md, SHA_CTX *c);
119unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md); 121unsigned char *SHA1(const unsigned char *d, unsigned long n,unsigned char *md);
120void SHA1_Transform(SHA_CTX *c, const unsigned char *data); 122void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
121#endif 123#endif
122
123#define SHA256_CBLOCK (SHA_LBLOCK*4) /* SHA-256 treats input data as a
124 * contiguous array of 32 bit
125 * wide big-endian values. */
126#define SHA224_DIGEST_LENGTH 28
127#define SHA256_DIGEST_LENGTH 32
128
129typedef struct SHA256state_st
130 {
131 SHA_LONG h[8];
132 SHA_LONG Nl,Nh;
133 SHA_LONG data[SHA_LBLOCK];
134 unsigned int num,md_len;
135 } SHA256_CTX;
136
137#ifndef OPENSSL_NO_SHA256
138int SHA224_Init(SHA256_CTX *c);
139int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
140int SHA224_Final(unsigned char *md, SHA256_CTX *c);
141unsigned char *SHA224(const unsigned char *d, size_t n,unsigned char *md);
142int SHA256_Init(SHA256_CTX *c);
143int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
144int SHA256_Final(unsigned char *md, SHA256_CTX *c);
145unsigned char *SHA256(const unsigned char *d, size_t n,unsigned char *md);
146void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
147#endif
148
149#define SHA384_DIGEST_LENGTH 48
150#define SHA512_DIGEST_LENGTH 64
151
152#ifndef OPENSSL_NO_SHA512
153/*
154 * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64
155 * being exactly 64-bit wide. See Implementation Notes in sha512.c
156 * for further details.
157 */
158#define SHA512_CBLOCK (SHA_LBLOCK*8) /* SHA-512 treats input data as a
159 * contiguous array of 64 bit
160 * wide big-endian values. */
161#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
162#define SHA_LONG64 unsigned __int64
163#define U64(C) C##UI64
164#elif defined(__arch64__)
165#define SHA_LONG64 unsigned long
166#define U64(C) C##UL
167#else
168#define SHA_LONG64 unsigned long long
169#define U64(C) C##ULL
170#endif
171
172typedef struct SHA512state_st
173 {
174 SHA_LONG64 h[8];
175 SHA_LONG64 Nl,Nh;
176 union {
177 SHA_LONG64 d[SHA_LBLOCK];
178 unsigned char p[SHA512_CBLOCK];
179 } u;
180 unsigned int num,md_len;
181 } SHA512_CTX;
182#endif
183
184#ifndef OPENSSL_NO_SHA512
185int SHA384_Init(SHA512_CTX *c);
186int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
187int SHA384_Final(unsigned char *md, SHA512_CTX *c);
188unsigned char *SHA384(const unsigned char *d, size_t n,unsigned char *md);
189int SHA512_Init(SHA512_CTX *c);
190int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
191int SHA512_Final(unsigned char *md, SHA512_CTX *c);
192unsigned char *SHA512(const unsigned char *d, size_t n,unsigned char *md);
193void SHA512_Transform(SHA512_CTX *c, const unsigned char *data);
194#endif
195
196#ifdef __cplusplus 124#ifdef __cplusplus
197} 125}
198#endif 126#endif
diff --git a/src/lib/libcrypto/sha/sha1.c b/src/lib/libcrypto/sha/sha1.c
new file mode 100644
index 0000000000..d350c88ee4
--- /dev/null
+++ b/src/lib/libcrypto/sha/sha1.c
@@ -0,0 +1,127 @@
1/* crypto/sha/sha1.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <openssl/sha.h>
62
63#define BUFSIZE 1024*16
64
65void do_fp(FILE *f);
66void pt(unsigned char *md);
67#ifndef _OSD_POSIX
68int read(int, void *, unsigned int);
69#endif
70
71int main(int argc, char **argv)
72 {
73 int i,err=0;
74 FILE *IN;
75
76 if (argc == 1)
77 {
78 do_fp(stdin);
79 }
80 else
81 {
82 for (i=1; i<argc; i++)
83 {
84 IN=fopen(argv[i],"r");
85 if (IN == NULL)
86 {
87 perror(argv[i]);
88 err++;
89 continue;
90 }
91 printf("SHA1(%s)= ",argv[i]);
92 do_fp(IN);
93 fclose(IN);
94 }
95 }
96 exit(err);
97 }
98
99void do_fp(FILE *f)
100 {
101 SHA_CTX c;
102 unsigned char md[SHA_DIGEST_LENGTH];
103 int fd;
104 int i;
105 unsigned char buf[BUFSIZE];
106
107 fd=fileno(f);
108 SHA1_Init(&c);
109 for (;;)
110 {
111 i=read(fd,buf,BUFSIZE);
112 if (i <= 0) break;
113 SHA1_Update(&c,buf,(unsigned long)i);
114 }
115 SHA1_Final(&(md[0]),&c);
116 pt(md);
117 }
118
119void pt(unsigned char *md)
120 {
121 int i;
122
123 for (i=0; i<SHA_DIGEST_LENGTH; i++)
124 printf("%02x",md[i]);
125 printf("\n");
126 }
127
diff --git a/src/lib/libcrypto/sha/sha1_one.c b/src/lib/libcrypto/sha/sha1_one.c
index 7c65b60276..f4694b701b 100644
--- a/src/lib/libcrypto/sha/sha1_one.c
+++ b/src/lib/libcrypto/sha/sha1_one.c
@@ -61,8 +61,8 @@
61#include <openssl/sha.h> 61#include <openssl/sha.h>
62#include <openssl/crypto.h> 62#include <openssl/crypto.h>
63 63
64#ifndef OPENSSL_NO_SHA1 64#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_FIPS)
65unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md) 65unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md)
66 { 66 {
67 SHA_CTX c; 67 SHA_CTX c;
68 static unsigned char m[SHA_DIGEST_LENGTH]; 68 static unsigned char m[SHA_DIGEST_LENGTH];
diff --git a/src/lib/libcrypto/sha/sha1dgst.c b/src/lib/libcrypto/sha/sha1dgst.c
index 50d1925cde..1e2009b760 100644
--- a/src/lib/libcrypto/sha/sha1dgst.c
+++ b/src/lib/libcrypto/sha/sha1dgst.c
@@ -56,19 +56,26 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#include <openssl/opensslconf.h>
60#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA) 59#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA)
61 60
62#undef SHA_0 61#undef SHA_0
63#define SHA_1 62#define SHA_1
64 63
65#include <openssl/opensslv.h> 64#include <openssl/opensslv.h>
65#include <openssl/opensslconf.h>
66 66
67const char SHA1_version[]="SHA1" OPENSSL_VERSION_PTEXT; 67#ifndef OPENSSL_FIPS
68const char *SHA1_version="SHA1" OPENSSL_VERSION_PTEXT;
68 69
69/* The implementation is in ../md32_common.h */ 70/* The implementation is in ../md32_common.h */
70 71
71#include "sha_locl.h" 72#include "sha_locl.h"
72 73
74#else /* ndef OPENSSL_FIPS */
75
76static void *dummy=&dummy;
77
78#endif /* ndef OPENSSL_FIPS */
79
73#endif 80#endif
74 81
diff --git a/src/lib/libcrypto/sha/sha1s.cpp b/src/lib/libcrypto/sha/sha1s.cpp
new file mode 100644
index 0000000000..af23d1e0f2
--- /dev/null
+++ b/src/lib/libcrypto/sha/sha1s.cpp
@@ -0,0 +1,82 @@
1//
2// gettsc.inl
3//
4// gives access to the Pentium's (secret) cycle counter
5//
6// This software was written by Leonard Janke (janke@unixg.ubc.ca)
7// in 1996-7 and is entered, by him, into the public domain.
8
9#if defined(__WATCOMC__)
10void GetTSC(unsigned long&);
11#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
12#elif defined(__GNUC__)
13inline
14void GetTSC(unsigned long& tsc)
15{
16 asm volatile(".byte 15, 49\n\t"
17 : "=eax" (tsc)
18 :
19 : "%edx", "%eax");
20}
21#elif defined(_MSC_VER)
22inline
23void GetTSC(unsigned long& tsc)
24{
25 unsigned long a;
26 __asm _emit 0fh
27 __asm _emit 31h
28 __asm mov a, eax;
29 tsc=a;
30}
31#endif
32
33#include <stdio.h>
34#include <stdlib.h>
35#include <openssl/sha.h>
36
37#define sha1_block_x86 sha1_block_asm_data_order
38extern "C" {
39void sha1_block_x86(SHA_CTX *ctx, unsigned char *buffer,int num);
40}
41
42void main(int argc,char *argv[])
43 {
44 unsigned char buffer[64*256];
45 SHA_CTX ctx;
46 unsigned long s1,s2,e1,e2;
47 unsigned char k[16];
48 unsigned long data[2];
49 unsigned char iv[8];
50 int i,num=0,numm;
51 int j=0;
52
53 if (argc >= 2)
54 num=atoi(argv[1]);
55
56 if (num == 0) num=16;
57 if (num > 250) num=16;
58 numm=num+2;
59#if 0
60 num*=64;
61 numm*=64;
62#endif
63
64 for (j=0; j<6; j++)
65 {
66 for (i=0; i<10; i++) /**/
67 {
68 sha1_block_x86(&ctx,buffer,numm);
69 GetTSC(s1);
70 sha1_block_x86(&ctx,buffer,numm);
71 GetTSC(e1);
72 GetTSC(s2);
73 sha1_block_x86(&ctx,buffer,num);
74 GetTSC(e2);
75 sha1_block_x86(&ctx,buffer,num);
76 }
77
78 printf("sha1 (%d bytes) %d %d (%.2f)\n",num*64,
79 e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
80 }
81 }
82
diff --git a/src/lib/libcrypto/sha/sha1test.c b/src/lib/libcrypto/sha/sha1test.c
new file mode 100644
index 0000000000..4f2e4ada2d
--- /dev/null
+++ b/src/lib/libcrypto/sha/sha1test.c
@@ -0,0 +1,174 @@
1/* crypto/sha/sha1test.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include <stdlib.h>
62
63#include "../e_os.h"
64
65#ifdef OPENSSL_NO_SHA
66int main(int argc, char *argv[])
67{
68 printf("No SHA support\n");
69 return(0);
70}
71#else
72#include <openssl/evp.h>
73#include <openssl/sha.h>
74
75#ifdef CHARSET_EBCDIC
76#include <openssl/ebcdic.h>
77#endif
78
79#undef SHA_0 /* FIPS 180 */
80#define SHA_1 /* FIPS 180-1 */
81
82static char *test[]={
83 "abc",
84 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
85 NULL,
86 };
87
88#ifdef SHA_0
89static char *ret[]={
90 "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
91 "d2516ee1acfa5baf33dfc1c471e438449ef134c8",
92 };
93static char *bigret=
94 "3232affa48628a26653b5aaa44541fd90d690603";
95#endif
96#ifdef SHA_1
97static char *ret[]={
98 "a9993e364706816aba3e25717850c26c9cd0d89d",
99 "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
100 };
101static char *bigret=
102 "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
103#endif
104
105static char *pt(unsigned char *md);
106int main(int argc, char *argv[])
107 {
108 int i,err=0;
109 unsigned char **P,**R;
110 static unsigned char buf[1000];
111 char *p,*r;
112 EVP_MD_CTX c;
113 unsigned char md[SHA_DIGEST_LENGTH];
114
115#ifdef CHARSET_EBCDIC
116 ebcdic2ascii(test[0], test[0], strlen(test[0]));
117 ebcdic2ascii(test[1], test[1], strlen(test[1]));
118#endif
119
120 EVP_MD_CTX_init(&c);
121 P=(unsigned char **)test;
122 R=(unsigned char **)ret;
123 i=1;
124 while (*P != NULL)
125 {
126 EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha1(), NULL);
127 p=pt(md);
128 if (strcmp(p,(char *)*R) != 0)
129 {
130 printf("error calculating SHA1 on '%s'\n",*P);
131 printf("got %s instead of %s\n",p,*R);
132 err++;
133 }
134 else
135 printf("test %d ok\n",i);
136 i++;
137 R++;
138 P++;
139 }
140
141 memset(buf,'a',1000);
142#ifdef CHARSET_EBCDIC
143 ebcdic2ascii(buf, buf, 1000);
144#endif /*CHARSET_EBCDIC*/
145 EVP_DigestInit_ex(&c,EVP_sha1(), NULL);
146 for (i=0; i<1000; i++)
147 EVP_DigestUpdate(&c,buf,1000);
148 EVP_DigestFinal_ex(&c,md,NULL);
149 p=pt(md);
150
151 r=bigret;
152 if (strcmp(p,r) != 0)
153 {
154 printf("error calculating SHA1 on 'a' * 1000\n");
155 printf("got %s instead of %s\n",p,r);
156 err++;
157 }
158 else
159 printf("test 3 ok\n");
160 EXIT(err);
161 EVP_MD_CTX_cleanup(&c);
162 return(0);
163 }
164
165static char *pt(unsigned char *md)
166 {
167 int i;
168 static char buf[80];
169
170 for (i=0; i<SHA_DIGEST_LENGTH; i++)
171 sprintf(&(buf[i*2]),"%02x",md[i]);
172 return(buf);
173 }
174#endif
diff --git a/src/lib/libcrypto/sha/sha256t.c b/src/lib/libcrypto/sha/sha256t.c
new file mode 100644
index 0000000000..6b4a3bd001
--- /dev/null
+++ b/src/lib/libcrypto/sha/sha256t.c
@@ -0,0 +1,147 @@
1/* crypto/sha/sha256t.c */
2/* ====================================================================
3 * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
4 * ====================================================================
5 */
6#include <stdio.h>
7#include <string.h>
8#include <stdlib.h>
9
10#include <openssl/sha.h>
11#include <openssl/evp.h>
12
13#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA256)
14int main(int argc, char *argv[])
15{
16 printf("No SHA256 support\n");
17 return(0);
18}
19#else
20
21unsigned char app_b1[SHA256_DIGEST_LENGTH] = {
22 0xba,0x78,0x16,0xbf,0x8f,0x01,0xcf,0xea,
23 0x41,0x41,0x40,0xde,0x5d,0xae,0x22,0x23,
24 0xb0,0x03,0x61,0xa3,0x96,0x17,0x7a,0x9c,
25 0xb4,0x10,0xff,0x61,0xf2,0x00,0x15,0xad };
26
27unsigned char app_b2[SHA256_DIGEST_LENGTH] = {
28 0x24,0x8d,0x6a,0x61,0xd2,0x06,0x38,0xb8,
29 0xe5,0xc0,0x26,0x93,0x0c,0x3e,0x60,0x39,
30 0xa3,0x3c,0xe4,0x59,0x64,0xff,0x21,0x67,
31 0xf6,0xec,0xed,0xd4,0x19,0xdb,0x06,0xc1 };
32
33unsigned char app_b3[SHA256_DIGEST_LENGTH] = {
34 0xcd,0xc7,0x6e,0x5c,0x99,0x14,0xfb,0x92,
35 0x81,0xa1,0xc7,0xe2,0x84,0xd7,0x3e,0x67,
36 0xf1,0x80,0x9a,0x48,0xa4,0x97,0x20,0x0e,
37 0x04,0x6d,0x39,0xcc,0xc7,0x11,0x2c,0xd0 };
38
39unsigned char addenum_1[SHA224_DIGEST_LENGTH] = {
40 0x23,0x09,0x7d,0x22,0x34,0x05,0xd8,0x22,
41 0x86,0x42,0xa4,0x77,0xbd,0xa2,0x55,0xb3,
42 0x2a,0xad,0xbc,0xe4,0xbd,0xa0,0xb3,0xf7,
43 0xe3,0x6c,0x9d,0xa7 };
44
45unsigned char addenum_2[SHA224_DIGEST_LENGTH] = {
46 0x75,0x38,0x8b,0x16,0x51,0x27,0x76,0xcc,
47 0x5d,0xba,0x5d,0xa1,0xfd,0x89,0x01,0x50,
48 0xb0,0xc6,0x45,0x5c,0xb4,0xf5,0x8b,0x19,
49 0x52,0x52,0x25,0x25 };
50
51unsigned char addenum_3[SHA224_DIGEST_LENGTH] = {
52 0x20,0x79,0x46,0x55,0x98,0x0c,0x91,0xd8,
53 0xbb,0xb4,0xc1,0xea,0x97,0x61,0x8a,0x4b,
54 0xf0,0x3f,0x42,0x58,0x19,0x48,0xb2,0xee,
55 0x4e,0xe7,0xad,0x67 };
56
57int main (int argc,char **argv)
58{ unsigned char md[SHA256_DIGEST_LENGTH];
59 int i;
60 EVP_MD_CTX evp;
61
62 fprintf(stdout,"Testing SHA-256 ");
63
64 EVP_Digest ("abc",3,md,NULL,EVP_sha256(),NULL);
65 if (memcmp(md,app_b1,sizeof(app_b1)))
66 { fflush(stdout);
67 fprintf(stderr,"\nTEST 1 of 3 failed.\n");
68 return 1;
69 }
70 else
71 fprintf(stdout,"."); fflush(stdout);
72
73 EVP_Digest ("abcdbcde""cdefdefg""efghfghi""ghijhijk"
74 "ijkljklm""klmnlmno""mnopnopq",56,md,NULL,EVP_sha256(),NULL);
75 if (memcmp(md,app_b2,sizeof(app_b2)))
76 { fflush(stdout);
77 fprintf(stderr,"\nTEST 2 of 3 failed.\n");
78 return 1;
79 }
80 else
81 fprintf(stdout,"."); fflush(stdout);
82
83 EVP_MD_CTX_init (&evp);
84 EVP_DigestInit_ex (&evp,EVP_sha256(),NULL);
85 for (i=0;i<1000000;i+=160)
86 EVP_DigestUpdate (&evp, "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
87 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
88 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
89 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
90 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
91 (1000000-i)<160?1000000-i:160);
92 EVP_DigestFinal_ex (&evp,md,NULL);
93 EVP_MD_CTX_cleanup (&evp);
94
95 if (memcmp(md,app_b3,sizeof(app_b3)))
96 { fflush(stdout);
97 fprintf(stderr,"\nTEST 3 of 3 failed.\n");
98 return 1;
99 }
100 else
101 fprintf(stdout,"."); fflush(stdout);
102
103 fprintf(stdout," passed.\n"); fflush(stdout);
104
105 fprintf(stdout,"Testing SHA-224 ");
106
107 EVP_Digest ("abc",3,md,NULL,EVP_sha224(),NULL);
108 if (memcmp(md,addenum_1,sizeof(addenum_1)))
109 { fflush(stdout);
110 fprintf(stderr,"\nTEST 1 of 3 failed.\n");
111 return 1;
112 }
113 else
114 fprintf(stdout,"."); fflush(stdout);
115
116 EVP_Digest ("abcdbcde""cdefdefg""efghfghi""ghijhijk"
117 "ijkljklm""klmnlmno""mnopnopq",56,md,NULL,EVP_sha224(),NULL);
118 if (memcmp(md,addenum_2,sizeof(addenum_2)))
119 { fflush(stdout);
120 fprintf(stderr,"\nTEST 2 of 3 failed.\n");
121 return 1;
122 }
123 else
124 fprintf(stdout,"."); fflush(stdout);
125
126 EVP_MD_CTX_init (&evp);
127 EVP_DigestInit_ex (&evp,EVP_sha224(),NULL);
128 for (i=0;i<1000000;i+=64)
129 EVP_DigestUpdate (&evp, "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
130 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
131 (1000000-i)<64?1000000-i:64);
132 EVP_DigestFinal_ex (&evp,md,NULL);
133 EVP_MD_CTX_cleanup (&evp);
134
135 if (memcmp(md,addenum_3,sizeof(addenum_3)))
136 { fflush(stdout);
137 fprintf(stderr,"\nTEST 3 of 3 failed.\n");
138 return 1;
139 }
140 else
141 fprintf(stdout,"."); fflush(stdout);
142
143 fprintf(stdout," passed.\n"); fflush(stdout);
144
145 return 0;
146}
147#endif
diff --git a/src/lib/libcrypto/sha/sha512t.c b/src/lib/libcrypto/sha/sha512t.c
new file mode 100644
index 0000000000..210041d435
--- /dev/null
+++ b/src/lib/libcrypto/sha/sha512t.c
@@ -0,0 +1,184 @@
1/* crypto/sha/sha512t.c */
2/* ====================================================================
3 * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
4 * ====================================================================
5 */
6#include <stdio.h>
7#include <string.h>
8#include <stdlib.h>
9
10#include <openssl/sha.h>
11#include <openssl/evp.h>
12#include <openssl/crypto.h>
13
14#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA512)
15int main(int argc, char *argv[])
16{
17 printf("No SHA512 support\n");
18 return(0);
19}
20#else
21
22unsigned char app_c1[SHA512_DIGEST_LENGTH] = {
23 0xdd,0xaf,0x35,0xa1,0x93,0x61,0x7a,0xba,
24 0xcc,0x41,0x73,0x49,0xae,0x20,0x41,0x31,
25 0x12,0xe6,0xfa,0x4e,0x89,0xa9,0x7e,0xa2,
26 0x0a,0x9e,0xee,0xe6,0x4b,0x55,0xd3,0x9a,
27 0x21,0x92,0x99,0x2a,0x27,0x4f,0xc1,0xa8,
28 0x36,0xba,0x3c,0x23,0xa3,0xfe,0xeb,0xbd,
29 0x45,0x4d,0x44,0x23,0x64,0x3c,0xe8,0x0e,
30 0x2a,0x9a,0xc9,0x4f,0xa5,0x4c,0xa4,0x9f };
31
32unsigned char app_c2[SHA512_DIGEST_LENGTH] = {
33 0x8e,0x95,0x9b,0x75,0xda,0xe3,0x13,0xda,
34 0x8c,0xf4,0xf7,0x28,0x14,0xfc,0x14,0x3f,
35 0x8f,0x77,0x79,0xc6,0xeb,0x9f,0x7f,0xa1,
36 0x72,0x99,0xae,0xad,0xb6,0x88,0x90,0x18,
37 0x50,0x1d,0x28,0x9e,0x49,0x00,0xf7,0xe4,
38 0x33,0x1b,0x99,0xde,0xc4,0xb5,0x43,0x3a,
39 0xc7,0xd3,0x29,0xee,0xb6,0xdd,0x26,0x54,
40 0x5e,0x96,0xe5,0x5b,0x87,0x4b,0xe9,0x09 };
41
42unsigned char app_c3[SHA512_DIGEST_LENGTH] = {
43 0xe7,0x18,0x48,0x3d,0x0c,0xe7,0x69,0x64,
44 0x4e,0x2e,0x42,0xc7,0xbc,0x15,0xb4,0x63,
45 0x8e,0x1f,0x98,0xb1,0x3b,0x20,0x44,0x28,
46 0x56,0x32,0xa8,0x03,0xaf,0xa9,0x73,0xeb,
47 0xde,0x0f,0xf2,0x44,0x87,0x7e,0xa6,0x0a,
48 0x4c,0xb0,0x43,0x2c,0xe5,0x77,0xc3,0x1b,
49 0xeb,0x00,0x9c,0x5c,0x2c,0x49,0xaa,0x2e,
50 0x4e,0xad,0xb2,0x17,0xad,0x8c,0xc0,0x9b };
51
52unsigned char app_d1[SHA384_DIGEST_LENGTH] = {
53 0xcb,0x00,0x75,0x3f,0x45,0xa3,0x5e,0x8b,
54 0xb5,0xa0,0x3d,0x69,0x9a,0xc6,0x50,0x07,
55 0x27,0x2c,0x32,0xab,0x0e,0xde,0xd1,0x63,
56 0x1a,0x8b,0x60,0x5a,0x43,0xff,0x5b,0xed,
57 0x80,0x86,0x07,0x2b,0xa1,0xe7,0xcc,0x23,
58 0x58,0xba,0xec,0xa1,0x34,0xc8,0x25,0xa7 };
59
60unsigned char app_d2[SHA384_DIGEST_LENGTH] = {
61 0x09,0x33,0x0c,0x33,0xf7,0x11,0x47,0xe8,
62 0x3d,0x19,0x2f,0xc7,0x82,0xcd,0x1b,0x47,
63 0x53,0x11,0x1b,0x17,0x3b,0x3b,0x05,0xd2,
64 0x2f,0xa0,0x80,0x86,0xe3,0xb0,0xf7,0x12,
65 0xfc,0xc7,0xc7,0x1a,0x55,0x7e,0x2d,0xb9,
66 0x66,0xc3,0xe9,0xfa,0x91,0x74,0x60,0x39 };
67
68unsigned char app_d3[SHA384_DIGEST_LENGTH] = {
69 0x9d,0x0e,0x18,0x09,0x71,0x64,0x74,0xcb,
70 0x08,0x6e,0x83,0x4e,0x31,0x0a,0x4a,0x1c,
71 0xed,0x14,0x9e,0x9c,0x00,0xf2,0x48,0x52,
72 0x79,0x72,0xce,0xc5,0x70,0x4c,0x2a,0x5b,
73 0x07,0xb8,0xb3,0xdc,0x38,0xec,0xc4,0xeb,
74 0xae,0x97,0xdd,0xd8,0x7f,0x3d,0x89,0x85 };
75
76int main (int argc,char **argv)
77{ unsigned char md[SHA512_DIGEST_LENGTH];
78 int i;
79 EVP_MD_CTX evp;
80
81#ifdef OPENSSL_IA32_SSE2
82 /* Alternative to this is to call OpenSSL_add_all_algorithms...
83 * The below code is retained exclusively for debugging purposes. */
84 { char *env;
85
86 if ((env=getenv("OPENSSL_ia32cap")))
87 OPENSSL_ia32cap = strtoul (env,NULL,0);
88 }
89#endif
90
91 fprintf(stdout,"Testing SHA-512 ");
92
93 EVP_Digest ("abc",3,md,NULL,EVP_sha512(),NULL);
94 if (memcmp(md,app_c1,sizeof(app_c1)))
95 { fflush(stdout);
96 fprintf(stderr,"\nTEST 1 of 3 failed.\n");
97 return 1;
98 }
99 else
100 fprintf(stdout,"."); fflush(stdout);
101
102 EVP_Digest ("abcdefgh""bcdefghi""cdefghij""defghijk"
103 "efghijkl""fghijklm""ghijklmn""hijklmno"
104 "ijklmnop""jklmnopq""klmnopqr""lmnopqrs"
105 "mnopqrst""nopqrstu",112,md,NULL,EVP_sha512(),NULL);
106 if (memcmp(md,app_c2,sizeof(app_c2)))
107 { fflush(stdout);
108 fprintf(stderr,"\nTEST 2 of 3 failed.\n");
109 return 1;
110 }
111 else
112 fprintf(stdout,"."); fflush(stdout);
113
114 EVP_MD_CTX_init (&evp);
115 EVP_DigestInit_ex (&evp,EVP_sha512(),NULL);
116 for (i=0;i<1000000;i+=288)
117 EVP_DigestUpdate (&evp, "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
118 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
119 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
120 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
121 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
122 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
123 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
124 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
125 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
126 (1000000-i)<288?1000000-i:288);
127 EVP_DigestFinal_ex (&evp,md,NULL);
128 EVP_MD_CTX_cleanup (&evp);
129
130 if (memcmp(md,app_c3,sizeof(app_c3)))
131 { fflush(stdout);
132 fprintf(stderr,"\nTEST 3 of 3 failed.\n");
133 return 1;
134 }
135 else
136 fprintf(stdout,"."); fflush(stdout);
137
138 fprintf(stdout," passed.\n"); fflush(stdout);
139
140 fprintf(stdout,"Testing SHA-384 ");
141
142 EVP_Digest ("abc",3,md,NULL,EVP_sha384(),NULL);
143 if (memcmp(md,app_d1,sizeof(app_d1)))
144 { fflush(stdout);
145 fprintf(stderr,"\nTEST 1 of 3 failed.\n");
146 return 1;
147 }
148 else
149 fprintf(stdout,"."); fflush(stdout);
150
151 EVP_Digest ("abcdefgh""bcdefghi""cdefghij""defghijk"
152 "efghijkl""fghijklm""ghijklmn""hijklmno"
153 "ijklmnop""jklmnopq""klmnopqr""lmnopqrs"
154 "mnopqrst""nopqrstu",112,md,NULL,EVP_sha384(),NULL);
155 if (memcmp(md,app_d2,sizeof(app_d2)))
156 { fflush(stdout);
157 fprintf(stderr,"\nTEST 2 of 3 failed.\n");
158 return 1;
159 }
160 else
161 fprintf(stdout,"."); fflush(stdout);
162
163 EVP_MD_CTX_init (&evp);
164 EVP_DigestInit_ex (&evp,EVP_sha384(),NULL);
165 for (i=0;i<1000000;i+=64)
166 EVP_DigestUpdate (&evp, "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
167 "aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
168 (1000000-i)<64?1000000-i:64);
169 EVP_DigestFinal_ex (&evp,md,NULL);
170 EVP_MD_CTX_cleanup (&evp);
171
172 if (memcmp(md,app_d3,sizeof(app_d3)))
173 { fflush(stdout);
174 fprintf(stderr,"\nTEST 3 of 3 failed.\n");
175 return 1;
176 }
177 else
178 fprintf(stdout,"."); fflush(stdout);
179
180 fprintf(stdout," passed.\n"); fflush(stdout);
181
182 return 0;
183}
184#endif
diff --git a/src/lib/libcrypto/sha/sha_dgst.c b/src/lib/libcrypto/sha/sha_dgst.c
new file mode 100644
index 0000000000..5a4b3ab204
--- /dev/null
+++ b/src/lib/libcrypto/sha/sha_dgst.c
@@ -0,0 +1,73 @@
1/* crypto/sha/sha1dgst.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA)
60
61#undef SHA_1
62#define SHA_0
63
64#include <openssl/opensslv.h>
65
66const char *SHA_version="SHA" OPENSSL_VERSION_PTEXT;
67
68/* The implementation is in ../md32_common.h */
69
70#include "sha_locl.h"
71
72#endif
73
diff --git a/src/lib/libcrypto/sha/sha_locl.h b/src/lib/libcrypto/sha/sha_locl.h
index e37e5726e3..a3623f72da 100644
--- a/src/lib/libcrypto/sha/sha_locl.h
+++ b/src/lib/libcrypto/sha/sha_locl.h
@@ -62,11 +62,17 @@
62#include <openssl/opensslconf.h> 62#include <openssl/opensslconf.h>
63#include <openssl/sha.h> 63#include <openssl/sha.h>
64 64
65#ifndef SHA_LONG_LOG2
66#define SHA_LONG_LOG2 2 /* default to 32 bits */
67#endif
68
65#define DATA_ORDER_IS_BIG_ENDIAN 69#define DATA_ORDER_IS_BIG_ENDIAN
66 70
67#define HASH_LONG SHA_LONG 71#define HASH_LONG SHA_LONG
72#define HASH_LONG_LOG2 SHA_LONG_LOG2
68#define HASH_CTX SHA_CTX 73#define HASH_CTX SHA_CTX
69#define HASH_CBLOCK SHA_CBLOCK 74#define HASH_CBLOCK SHA_CBLOCK
75#define HASH_LBLOCK SHA_LBLOCK
70#define HASH_MAKE_STRING(c,s) do { \ 76#define HASH_MAKE_STRING(c,s) do { \
71 unsigned long ll; \ 77 unsigned long ll; \
72 ll=(c)->h0; HOST_l2c(ll,(s)); \ 78 ll=(c)->h0; HOST_l2c(ll,(s)); \
@@ -82,10 +88,12 @@
82# define HASH_TRANSFORM SHA_Transform 88# define HASH_TRANSFORM SHA_Transform
83# define HASH_FINAL SHA_Final 89# define HASH_FINAL SHA_Final
84# define HASH_INIT SHA_Init 90# define HASH_INIT SHA_Init
91# define HASH_BLOCK_HOST_ORDER sha_block_host_order
85# define HASH_BLOCK_DATA_ORDER sha_block_data_order 92# define HASH_BLOCK_DATA_ORDER sha_block_data_order
86# define Xupdate(a,ix,ia,ib,ic,id) (ix=(a)=(ia^ib^ic^id)) 93# define Xupdate(a,ix,ia,ib,ic,id) (ix=(a)=(ia^ib^ic^id))
87 94
88static void sha_block_data_order (SHA_CTX *c, const void *p,size_t num); 95 void sha_block_host_order (SHA_CTX *c, const void *p,int num);
96 void sha_block_data_order (SHA_CTX *c, const void *p,int num);
89 97
90#elif defined(SHA_1) 98#elif defined(SHA_1)
91 99
@@ -93,6 +101,7 @@ static void sha_block_data_order (SHA_CTX *c, const void *p,size_t num);
93# define HASH_TRANSFORM SHA1_Transform 101# define HASH_TRANSFORM SHA1_Transform
94# define HASH_FINAL SHA1_Final 102# define HASH_FINAL SHA1_Final
95# define HASH_INIT SHA1_Init 103# define HASH_INIT SHA1_Init
104# define HASH_BLOCK_HOST_ORDER sha1_block_host_order
96# define HASH_BLOCK_DATA_ORDER sha1_block_data_order 105# define HASH_BLOCK_DATA_ORDER sha1_block_data_order
97# if defined(__MWERKS__) && defined(__MC68K__) 106# if defined(__MWERKS__) && defined(__MC68K__)
98 /* Metrowerks for Motorola fails otherwise:-( <appro@fy.chalmers.se> */ 107 /* Metrowerks for Motorola fails otherwise:-( <appro@fy.chalmers.se> */
@@ -105,10 +114,22 @@ static void sha_block_data_order (SHA_CTX *c, const void *p,size_t num);
105 ) 114 )
106# endif 115# endif
107 116
108#ifndef SHA1_ASM 117# ifdef SHA1_ASM
109static 118# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
110#endif 119# define sha1_block_host_order sha1_block_asm_host_order
111void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num); 120# define DONT_IMPLEMENT_BLOCK_HOST_ORDER
121# define sha1_block_data_order sha1_block_asm_data_order
122# define DONT_IMPLEMENT_BLOCK_DATA_ORDER
123# define HASH_BLOCK_DATA_ORDER_ALIGNED sha1_block_asm_data_order
124# elif defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
125# define sha1_block_host_order sha1_block_asm_host_order
126# define DONT_IMPLEMENT_BLOCK_HOST_ORDER
127# define sha1_block_data_order sha1_block_asm_data_order
128# define DONT_IMPLEMENT_BLOCK_DATA_ORDER
129# endif
130# endif
131 void sha1_block_host_order (SHA_CTX *c, const void *p,int num);
132 void sha1_block_data_order (SHA_CTX *c, const void *p,int num);
112 133
113#else 134#else
114# error "Either SHA_0 or SHA_1 must be defined." 135# error "Either SHA_0 or SHA_1 must be defined."
@@ -122,7 +143,11 @@ void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num);
122#define INIT_DATA_h3 0x10325476UL 143#define INIT_DATA_h3 0x10325476UL
123#define INIT_DATA_h4 0xc3d2e1f0UL 144#define INIT_DATA_h4 0xc3d2e1f0UL
124 145
146#if defined(SHA_0) && defined(OPENSSL_FIPS)
147FIPS_NON_FIPS_MD_Init(SHA)
148#else
125int HASH_INIT (SHA_CTX *c) 149int HASH_INIT (SHA_CTX *c)
150#endif
126 { 151 {
127 c->h0=INIT_DATA_h0; 152 c->h0=INIT_DATA_h0;
128 c->h1=INIT_DATA_h1; 153 c->h1=INIT_DATA_h1;
@@ -152,8 +177,6 @@ int HASH_INIT (SHA_CTX *c)
152#define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d))) 177#define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d)))
153#define F_60_79(b,c,d) F_20_39(b,c,d) 178#define F_60_79(b,c,d) F_20_39(b,c,d)
154 179
155#ifndef OPENSSL_SMALL_FOOTPRINT
156
157#define BODY_00_15(i,a,b,c,d,e,f,xi) \ 180#define BODY_00_15(i,a,b,c,d,e,f,xi) \
158 (f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \ 181 (f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
159 (b)=ROTATE((b),30); 182 (b)=ROTATE((b),30);
@@ -206,11 +229,11 @@ int HASH_INIT (SHA_CTX *c)
206# define X(i) XX[i] 229# define X(i) XX[i]
207#endif 230#endif
208 231
209#if !defined(SHA_1) || !defined(SHA1_ASM) 232#ifndef DONT_IMPLEMENT_BLOCK_HOST_ORDER
210static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num) 233void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num)
211 { 234 {
212 const unsigned char *data=p; 235 const SHA_LONG *W=d;
213 register unsigned MD32_REG_T A,B,C,D,E,T,l; 236 register unsigned MD32_REG_T A,B,C,D,E,T;
214#ifndef MD32_XARRAY 237#ifndef MD32_XARRAY
215 unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, 238 unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
216 XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; 239 XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
@@ -225,71 +248,41 @@ static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
225 E=c->h4; 248 E=c->h4;
226 249
227 for (;;) 250 for (;;)
228 {
229 const union { long one; char little; } is_endian = {1};
230
231 if (!is_endian.little && sizeof(SHA_LONG)==4 && ((size_t)p%4)==0)
232 {
233 const SHA_LONG *W=(const SHA_LONG *)data;
234
235 X( 0) = W[0]; X( 1) = W[ 1];
236 BODY_00_15( 0,A,B,C,D,E,T,X( 0)); X( 2) = W[ 2];
237 BODY_00_15( 1,T,A,B,C,D,E,X( 1)); X( 3) = W[ 3];
238 BODY_00_15( 2,E,T,A,B,C,D,X( 2)); X( 4) = W[ 4];
239 BODY_00_15( 3,D,E,T,A,B,C,X( 3)); X( 5) = W[ 5];
240 BODY_00_15( 4,C,D,E,T,A,B,X( 4)); X( 6) = W[ 6];
241 BODY_00_15( 5,B,C,D,E,T,A,X( 5)); X( 7) = W[ 7];
242 BODY_00_15( 6,A,B,C,D,E,T,X( 6)); X( 8) = W[ 8];
243 BODY_00_15( 7,T,A,B,C,D,E,X( 7)); X( 9) = W[ 9];
244 BODY_00_15( 8,E,T,A,B,C,D,X( 8)); X(10) = W[10];
245 BODY_00_15( 9,D,E,T,A,B,C,X( 9)); X(11) = W[11];
246 BODY_00_15(10,C,D,E,T,A,B,X(10)); X(12) = W[12];
247 BODY_00_15(11,B,C,D,E,T,A,X(11)); X(13) = W[13];
248 BODY_00_15(12,A,B,C,D,E,T,X(12)); X(14) = W[14];
249 BODY_00_15(13,T,A,B,C,D,E,X(13)); X(15) = W[15];
250 BODY_00_15(14,E,T,A,B,C,D,X(14));
251 BODY_00_15(15,D,E,T,A,B,C,X(15));
252
253 data += SHA_CBLOCK;
254 }
255 else
256 { 251 {
257 HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l; 252 BODY_00_15( 0,A,B,C,D,E,T,W[ 0]);
258 BODY_00_15( 0,A,B,C,D,E,T,X( 0)); HOST_c2l(data,l); X( 2)=l; 253 BODY_00_15( 1,T,A,B,C,D,E,W[ 1]);
259 BODY_00_15( 1,T,A,B,C,D,E,X( 1)); HOST_c2l(data,l); X( 3)=l; 254 BODY_00_15( 2,E,T,A,B,C,D,W[ 2]);
260 BODY_00_15( 2,E,T,A,B,C,D,X( 2)); HOST_c2l(data,l); X( 4)=l; 255 BODY_00_15( 3,D,E,T,A,B,C,W[ 3]);
261 BODY_00_15( 3,D,E,T,A,B,C,X( 3)); HOST_c2l(data,l); X( 5)=l; 256 BODY_00_15( 4,C,D,E,T,A,B,W[ 4]);
262 BODY_00_15( 4,C,D,E,T,A,B,X( 4)); HOST_c2l(data,l); X( 6)=l; 257 BODY_00_15( 5,B,C,D,E,T,A,W[ 5]);
263 BODY_00_15( 5,B,C,D,E,T,A,X( 5)); HOST_c2l(data,l); X( 7)=l; 258 BODY_00_15( 6,A,B,C,D,E,T,W[ 6]);
264 BODY_00_15( 6,A,B,C,D,E,T,X( 6)); HOST_c2l(data,l); X( 8)=l; 259 BODY_00_15( 7,T,A,B,C,D,E,W[ 7]);
265 BODY_00_15( 7,T,A,B,C,D,E,X( 7)); HOST_c2l(data,l); X( 9)=l; 260 BODY_00_15( 8,E,T,A,B,C,D,W[ 8]);
266 BODY_00_15( 8,E,T,A,B,C,D,X( 8)); HOST_c2l(data,l); X(10)=l; 261 BODY_00_15( 9,D,E,T,A,B,C,W[ 9]);
267 BODY_00_15( 9,D,E,T,A,B,C,X( 9)); HOST_c2l(data,l); X(11)=l; 262 BODY_00_15(10,C,D,E,T,A,B,W[10]);
268 BODY_00_15(10,C,D,E,T,A,B,X(10)); HOST_c2l(data,l); X(12)=l; 263 BODY_00_15(11,B,C,D,E,T,A,W[11]);
269 BODY_00_15(11,B,C,D,E,T,A,X(11)); HOST_c2l(data,l); X(13)=l; 264 BODY_00_15(12,A,B,C,D,E,T,W[12]);
270 BODY_00_15(12,A,B,C,D,E,T,X(12)); HOST_c2l(data,l); X(14)=l; 265 BODY_00_15(13,T,A,B,C,D,E,W[13]);
271 BODY_00_15(13,T,A,B,C,D,E,X(13)); HOST_c2l(data,l); X(15)=l; 266 BODY_00_15(14,E,T,A,B,C,D,W[14]);
272 BODY_00_15(14,E,T,A,B,C,D,X(14)); 267 BODY_00_15(15,D,E,T,A,B,C,W[15]);
273 BODY_00_15(15,D,E,T,A,B,C,X(15)); 268
274 } 269 BODY_16_19(16,C,D,E,T,A,B,X( 0),W[ 0],W[ 2],W[ 8],W[13]);
275 270 BODY_16_19(17,B,C,D,E,T,A,X( 1),W[ 1],W[ 3],W[ 9],W[14]);
276 BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13)); 271 BODY_16_19(18,A,B,C,D,E,T,X( 2),W[ 2],W[ 4],W[10],W[15]);
277 BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14)); 272 BODY_16_19(19,T,A,B,C,D,E,X( 3),W[ 3],W[ 5],W[11],X( 0));
278 BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15)); 273
279 BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0)); 274 BODY_20_31(20,E,T,A,B,C,D,X( 4),W[ 4],W[ 6],W[12],X( 1));
280 275 BODY_20_31(21,D,E,T,A,B,C,X( 5),W[ 5],W[ 7],W[13],X( 2));
281 BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1)); 276 BODY_20_31(22,C,D,E,T,A,B,X( 6),W[ 6],W[ 8],W[14],X( 3));
282 BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2)); 277 BODY_20_31(23,B,C,D,E,T,A,X( 7),W[ 7],W[ 9],W[15],X( 4));
283 BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3)); 278 BODY_20_31(24,A,B,C,D,E,T,X( 8),W[ 8],W[10],X( 0),X( 5));
284 BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4)); 279 BODY_20_31(25,T,A,B,C,D,E,X( 9),W[ 9],W[11],X( 1),X( 6));
285 BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5)); 280 BODY_20_31(26,E,T,A,B,C,D,X(10),W[10],W[12],X( 2),X( 7));
286 BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6)); 281 BODY_20_31(27,D,E,T,A,B,C,X(11),W[11],W[13],X( 3),X( 8));
287 BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7)); 282 BODY_20_31(28,C,D,E,T,A,B,X(12),W[12],W[14],X( 4),X( 9));
288 BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8)); 283 BODY_20_31(29,B,C,D,E,T,A,X(13),W[13],W[15],X( 5),X(10));
289 BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9)); 284 BODY_20_31(30,A,B,C,D,E,T,X(14),W[14],X( 0),X( 6),X(11));
290 BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10)); 285 BODY_20_31(31,T,A,B,C,D,E,X(15),W[15],X( 1),X( 7),X(12));
291 BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11));
292 BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12));
293 286
294 BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13)); 287 BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
295 BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14)); 288 BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
@@ -348,7 +341,7 @@ static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
348 c->h3=(c->h3+B)&0xffffffffL; 341 c->h3=(c->h3+B)&0xffffffffL;
349 c->h4=(c->h4+C)&0xffffffffL; 342 c->h4=(c->h4+C)&0xffffffffL;
350 343
351 if (--num == 0) break; 344 if (--num <= 0) break;
352 345
353 A=c->h0; 346 A=c->h0;
354 B=c->h1; 347 B=c->h1;
@@ -356,48 +349,22 @@ static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
356 D=c->h3; 349 D=c->h3;
357 E=c->h4; 350 E=c->h4;
358 351
359 } 352 W+=SHA_LBLOCK;
353 }
360 } 354 }
361#endif 355#endif
362 356
363#else /* OPENSSL_SMALL_FOOTPRINT */ 357#ifndef DONT_IMPLEMENT_BLOCK_DATA_ORDER
364 358void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num)
365#define BODY_00_15(xi) do { \
366 T=E+K_00_19+F_00_19(B,C,D); \
367 E=D, D=C, C=ROTATE(B,30), B=A; \
368 A=ROTATE(A,5)+T+xi; } while(0)
369
370#define BODY_16_19(xa,xb,xc,xd) do { \
371 Xupdate(T,xa,xa,xb,xc,xd); \
372 T+=E+K_00_19+F_00_19(B,C,D); \
373 E=D, D=C, C=ROTATE(B,30), B=A; \
374 A=ROTATE(A,5)+T; } while(0)
375
376#define BODY_20_39(xa,xb,xc,xd) do { \
377 Xupdate(T,xa,xa,xb,xc,xd); \
378 T+=E+K_20_39+F_20_39(B,C,D); \
379 E=D, D=C, C=ROTATE(B,30), B=A; \
380 A=ROTATE(A,5)+T; } while(0)
381
382#define BODY_40_59(xa,xb,xc,xd) do { \
383 Xupdate(T,xa,xa,xb,xc,xd); \
384 T+=E+K_40_59+F_40_59(B,C,D); \
385 E=D, D=C, C=ROTATE(B,30), B=A; \
386 A=ROTATE(A,5)+T; } while(0)
387
388#define BODY_60_79(xa,xb,xc,xd) do { \
389 Xupdate(T,xa,xa,xb,xc,xd); \
390 T=E+K_60_79+F_60_79(B,C,D); \
391 E=D, D=C, C=ROTATE(B,30), B=A; \
392 A=ROTATE(A,5)+T+xa; } while(0)
393
394#if !defined(SHA_1) || !defined(SHA1_ASM)
395static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
396 { 359 {
397 const unsigned char *data=p; 360 const unsigned char *data=p;
398 register unsigned MD32_REG_T A,B,C,D,E,T,l; 361 register unsigned MD32_REG_T A,B,C,D,E,T,l;
399 int i; 362#ifndef MD32_XARRAY
400 SHA_LONG X[16]; 363 unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
364 XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
365#else
366 SHA_LONG XX[16];
367#endif
401 368
402 A=c->h0; 369 A=c->h0;
403 B=c->h1; 370 B=c->h1;
@@ -407,24 +374,101 @@ static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
407 374
408 for (;;) 375 for (;;)
409 { 376 {
410 for (i=0;i<16;i++) 377
411 { HOST_c2l(data,l); X[i]=l; BODY_00_15(X[i]); } 378 HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
412 for (i=0;i<4;i++) 379 BODY_00_15( 0,A,B,C,D,E,T,X( 0)); HOST_c2l(data,l); X( 2)=l;
413 { BODY_16_19(X[i], X[i+2], X[i+8], X[(i+13)&15]); } 380 BODY_00_15( 1,T,A,B,C,D,E,X( 1)); HOST_c2l(data,l); X( 3)=l;
414 for (;i<24;i++) 381 BODY_00_15( 2,E,T,A,B,C,D,X( 2)); HOST_c2l(data,l); X( 4)=l;
415 { BODY_20_39(X[i&15], X[(i+2)&15], X[(i+8)&15],X[(i+13)&15]); } 382 BODY_00_15( 3,D,E,T,A,B,C,X( 3)); HOST_c2l(data,l); X( 5)=l;
416 for (i=0;i<20;i++) 383 BODY_00_15( 4,C,D,E,T,A,B,X( 4)); HOST_c2l(data,l); X( 6)=l;
417 { BODY_40_59(X[(i+8)&15],X[(i+10)&15],X[i&15], X[(i+5)&15]); } 384 BODY_00_15( 5,B,C,D,E,T,A,X( 5)); HOST_c2l(data,l); X( 7)=l;
418 for (i=4;i<24;i++) 385 BODY_00_15( 6,A,B,C,D,E,T,X( 6)); HOST_c2l(data,l); X( 8)=l;
419 { BODY_60_79(X[(i+8)&15],X[(i+10)&15],X[i&15], X[(i+5)&15]); } 386 BODY_00_15( 7,T,A,B,C,D,E,X( 7)); HOST_c2l(data,l); X( 9)=l;
420 387 BODY_00_15( 8,E,T,A,B,C,D,X( 8)); HOST_c2l(data,l); X(10)=l;
421 c->h0=(c->h0+A)&0xffffffffL; 388 BODY_00_15( 9,D,E,T,A,B,C,X( 9)); HOST_c2l(data,l); X(11)=l;
422 c->h1=(c->h1+B)&0xffffffffL; 389 BODY_00_15(10,C,D,E,T,A,B,X(10)); HOST_c2l(data,l); X(12)=l;
423 c->h2=(c->h2+C)&0xffffffffL; 390 BODY_00_15(11,B,C,D,E,T,A,X(11)); HOST_c2l(data,l); X(13)=l;
424 c->h3=(c->h3+D)&0xffffffffL; 391 BODY_00_15(12,A,B,C,D,E,T,X(12)); HOST_c2l(data,l); X(14)=l;
425 c->h4=(c->h4+E)&0xffffffffL; 392 BODY_00_15(13,T,A,B,C,D,E,X(13)); HOST_c2l(data,l); X(15)=l;
426 393 BODY_00_15(14,E,T,A,B,C,D,X(14));
427 if (--num == 0) break; 394 BODY_00_15(15,D,E,T,A,B,C,X(15));
395
396 BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13));
397 BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14));
398 BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15));
399 BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0));
400
401 BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1));
402 BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2));
403 BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3));
404 BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4));
405 BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5));
406 BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6));
407 BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7));
408 BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8));
409 BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9));
410 BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10));
411 BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11));
412 BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12));
413
414 BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
415 BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
416 BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
417 BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
418 BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
419 BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
420 BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
421 BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
422
423 BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
424 BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
425 BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
426 BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
427 BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
428 BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
429 BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
430 BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
431 BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
432 BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
433 BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
434 BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
435 BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
436 BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
437 BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
438 BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
439 BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
440 BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
441 BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
442 BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
443
444 BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
445 BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
446 BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
447 BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
448 BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
449 BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
450 BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
451 BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
452 BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
453 BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
454 BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
455 BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
456 BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
457 BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
458 BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
459 BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
460 BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
461 BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
462 BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
463 BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
464
465 c->h0=(c->h0+E)&0xffffffffL;
466 c->h1=(c->h1+T)&0xffffffffL;
467 c->h2=(c->h2+A)&0xffffffffL;
468 c->h3=(c->h3+B)&0xffffffffL;
469 c->h4=(c->h4+C)&0xffffffffL;
470
471 if (--num <= 0) break;
428 472
429 A=c->h0; 473 A=c->h0;
430 B=c->h1; 474 B=c->h1;
@@ -435,5 +479,3 @@ static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
435 } 479 }
436 } 480 }
437#endif 481#endif
438
439#endif
diff --git a/src/lib/libcrypto/sha/sha_one.c b/src/lib/libcrypto/sha/sha_one.c
new file mode 100644
index 0000000000..d4f4d344df
--- /dev/null
+++ b/src/lib/libcrypto/sha/sha_one.c
@@ -0,0 +1,78 @@
1/* crypto/sha/sha_one.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include <openssl/sha.h>
62#include <openssl/crypto.h>
63
64#ifndef OPENSSL_NO_SHA0
65unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md)
66 {
67 SHA_CTX c;
68 static unsigned char m[SHA_DIGEST_LENGTH];
69
70 if (md == NULL) md=m;
71 if (!SHA_Init(&c))
72 return NULL;
73 SHA_Update(&c,d,n);
74 SHA_Final(md,&c);
75 OPENSSL_cleanse(&c,sizeof(c));
76 return(md);
77 }
78#endif
diff --git a/src/lib/libcrypto/sha/shatest.c b/src/lib/libcrypto/sha/shatest.c
new file mode 100644
index 0000000000..ff702aa53e
--- /dev/null
+++ b/src/lib/libcrypto/sha/shatest.c
@@ -0,0 +1,174 @@
1/* crypto/sha/shatest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61#include <stdlib.h>
62
63#include "../e_os.h"
64
65#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0)
66int main(int argc, char *argv[])
67{
68 printf("No SHA0 support\n");
69 return(0);
70}
71#else
72#include <openssl/evp.h>
73#include <openssl/sha.h>
74
75#ifdef CHARSET_EBCDIC
76#include <openssl/ebcdic.h>
77#endif
78
79#define SHA_0 /* FIPS 180 */
80#undef SHA_1 /* FIPS 180-1 */
81
82static char *test[]={
83 "abc",
84 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
85 NULL,
86 };
87
88#ifdef SHA_0
89static char *ret[]={
90 "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
91 "d2516ee1acfa5baf33dfc1c471e438449ef134c8",
92 };
93static char *bigret=
94 "3232affa48628a26653b5aaa44541fd90d690603";
95#endif
96#ifdef SHA_1
97static char *ret[]={
98 "a9993e364706816aba3e25717850c26c9cd0d89d",
99 "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
100 };
101static char *bigret=
102 "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
103#endif
104
105static char *pt(unsigned char *md);
106int main(int argc, char *argv[])
107 {
108 int i,err=0;
109 unsigned char **P,**R;
110 static unsigned char buf[1000];
111 char *p,*r;
112 EVP_MD_CTX c;
113 unsigned char md[SHA_DIGEST_LENGTH];
114
115#ifdef CHARSET_EBCDIC
116 ebcdic2ascii(test[0], test[0], strlen(test[0]));
117 ebcdic2ascii(test[1], test[1], strlen(test[1]));
118#endif
119
120 EVP_MD_CTX_init(&c);
121 P=(unsigned char **)test;
122 R=(unsigned char **)ret;
123 i=1;
124 while (*P != NULL)
125 {
126 EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha(), NULL);
127 p=pt(md);
128 if (strcmp(p,(char *)*R) != 0)
129 {
130 printf("error calculating SHA on '%s'\n",*P);
131 printf("got %s instead of %s\n",p,*R);
132 err++;
133 }
134 else
135 printf("test %d ok\n",i);
136 i++;
137 R++;
138 P++;
139 }
140
141 memset(buf,'a',1000);
142#ifdef CHARSET_EBCDIC
143 ebcdic2ascii(buf, buf, 1000);
144#endif /*CHARSET_EBCDIC*/
145 EVP_DigestInit_ex(&c,EVP_sha(), NULL);
146 for (i=0; i<1000; i++)
147 EVP_DigestUpdate(&c,buf,1000);
148 EVP_DigestFinal_ex(&c,md,NULL);
149 p=pt(md);
150
151 r=bigret;
152 if (strcmp(p,r) != 0)
153 {
154 printf("error calculating SHA on '%s'\n",p);
155 printf("got %s instead of %s\n",p,r);
156 err++;
157 }
158 else
159 printf("test 3 ok\n");
160 EVP_MD_CTX_cleanup(&c);
161 EXIT(err);
162 return(0);
163 }
164
165static char *pt(unsigned char *md)
166 {
167 int i;
168 static char buf[80];
169
170 for (i=0; i<SHA_DIGEST_LENGTH; i++)
171 sprintf(&(buf[i*2]),"%02x",md[i]);
172 return(buf);
173 }
174#endif
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-04 11:08:52 +0000