91 #if !defined(BYTE_ORDER) || (BYTE_ORDER != LITTLE_ENDIAN && BYTE_ORDER != BIG_ENDIAN) 92 #error Define BYTE_ORDER to be equal to either LITTLE_ENDIAN or BIG_ENDIAN 109 #ifdef SHA2_USE_INTTYPES_H 126 #define SHA256_SHORT_BLOCK_LENGTH (SHA256_BLOCK_LENGTH - 8) 127 #define SHA384_SHORT_BLOCK_LENGTH (SHA384_BLOCK_LENGTH - 16) 128 #define SHA512_SHORT_BLOCK_LENGTH (SHA512_BLOCK_LENGTH - 16) 131 #if (defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L)) || defined(__GNUC__) || defined(_HPUX_SOURCE) || defined(__IBMC__) 132 #define ULL(number) number##ULL 134 #define ULL(number) (uint64_t)(number) 137 #if BYTE_ORDER == LITTLE_ENDIAN 138 #define REVERSE32(w,x) { \ 139 sha2_word32 tmp = (w); \ 140 tmp = (tmp >> 16) | (tmp << 16); \ 141 (x) = ((tmp & (sha2_word32)0xff00ff00UL) >> 8) | ((tmp & (sha2_word32)0x00ff00ffUL) << 8); \ 143 #define REVERSE64(w,x) { \ 144 sha2_word64 tmp = (w); \ 145 tmp = (tmp >> 32) | (tmp << 32); \ 146 tmp = ((tmp & ULL(0xff00ff00ff00ff00)) >> 8) | \ 147 ((tmp & ULL(0x00ff00ff00ff00ff)) << 8); \ 148 (x) = ((tmp & ULL(0xffff0000ffff0000)) >> 16) | \ 149 ((tmp & ULL(0x0000ffff0000ffff)) << 16); \ 158 #define ADDINC128(w,n) { \ 159 (w)[0] += (sha2_word64)(n); \ 160 if ((w)[0] < (n)) { \ 174 #if !defined(SHA2_USE_MEMSET_MEMCPY) && !defined(SHA2_USE_BZERO_BCOPY) 176 #define SHA2_USE_MEMSET_MEMCPY 1 178 #if defined(SHA2_USE_MEMSET_MEMCPY) && defined(SHA2_USE_BZERO_BCOPY) 180 #error Define either SHA2_USE_MEMSET_MEMCPY or SHA2_USE_BZERO_BCOPY, not both! 183 #ifdef SHA2_USE_MEMSET_MEMCPY 184 #define MEMSET_BZERO(p,l) memset((p), 0, (l)) 185 #define MEMCPY_BCOPY(d,s,l) memcpy((d), (s), (l)) 187 #ifdef SHA2_USE_BZERO_BCOPY 188 #define MEMSET_BZERO(p,l) bzero((p), (l)) 189 #define MEMCPY_BCOPY(d,s,l) bcopy((s), (d), (l)) 203 #define R(b,x) ((x) >> (b)) 205 #define S32(b,x) (((x) >> (b)) | ((x) << (32 - (b)))) 207 #define S64(b,x) (((x) >> (b)) | ((x) << (64 - (b)))) 210 #define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) 211 #define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) 214 #define Sigma0_256(x) (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x))) 215 #define Sigma1_256(x) (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x))) 216 #define sigma0_256(x) (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x))) 217 #define sigma1_256(x) (S32(17, (x)) ^ S32(19, (x)) ^ R(10, (x))) 220 #define Sigma0_512(x) (S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x))) 221 #define Sigma1_512(x) (S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x))) 222 #define sigma0_512(x) (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x))) 223 #define sigma1_512(x) (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x))) 238 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL,
239 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL,
240 0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL,
241 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL,
242 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
243 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL,
244 0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL,
245 0xc6e00bf3UL, 0xd5a79147UL, 0x06ca6351UL, 0x14292967UL,
246 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL,
247 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
248 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL,
249 0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL,
250 0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL,
251 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL,
252 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
253 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
270 ULL(0x428a2f98d728ae22),
ULL(0x7137449123ef65cd),
271 ULL(0xb5c0fbcfec4d3b2f),
ULL(0xe9b5dba58189dbbc),
272 ULL(0x3956c25bf348b538),
ULL(0x59f111f1b605d019),
273 ULL(0x923f82a4af194f9b),
ULL(0xab1c5ed5da6d8118),
274 ULL(0xd807aa98a3030242),
ULL(0x12835b0145706fbe),
275 ULL(0x243185be4ee4b28c),
ULL(0x550c7dc3d5ffb4e2),
276 ULL(0x72be5d74f27b896f),
ULL(0x80deb1fe3b1696b1),
277 ULL(0x9bdc06a725c71235),
ULL(0xc19bf174cf692694),
278 ULL(0xe49b69c19ef14ad2),
ULL(0xefbe4786384f25e3),
279 ULL(0x0fc19dc68b8cd5b5),
ULL(0x240ca1cc77ac9c65),
280 ULL(0x2de92c6f592b0275),
ULL(0x4a7484aa6ea6e483),
281 ULL(0x5cb0a9dcbd41fbd4),
ULL(0x76f988da831153b5),
282 ULL(0x983e5152ee66dfab),
ULL(0xa831c66d2db43210),
283 ULL(0xb00327c898fb213f),
ULL(0xbf597fc7beef0ee4),
284 ULL(0xc6e00bf33da88fc2),
ULL(0xd5a79147930aa725),
285 ULL(0x06ca6351e003826f),
ULL(0x142929670a0e6e70),
286 ULL(0x27b70a8546d22ffc),
ULL(0x2e1b21385c26c926),
287 ULL(0x4d2c6dfc5ac42aed),
ULL(0x53380d139d95b3df),
288 ULL(0x650a73548baf63de),
ULL(0x766a0abb3c77b2a8),
289 ULL(0x81c2c92e47edaee6),
ULL(0x92722c851482353b),
290 ULL(0xa2bfe8a14cf10364),
ULL(0xa81a664bbc423001),
291 ULL(0xc24b8b70d0f89791),
ULL(0xc76c51a30654be30),
292 ULL(0xd192e819d6ef5218),
ULL(0xd69906245565a910),
293 ULL(0xf40e35855771202a),
ULL(0x106aa07032bbd1b8),
294 ULL(0x19a4c116b8d2d0c8),
ULL(0x1e376c085141ab53),
295 ULL(0x2748774cdf8eeb99),
ULL(0x34b0bcb5e19b48a8),
296 ULL(0x391c0cb3c5c95a63),
ULL(0x4ed8aa4ae3418acb),
297 ULL(0x5b9cca4f7763e373),
ULL(0x682e6ff3d6b2b8a3),
298 ULL(0x748f82ee5defb2fc),
ULL(0x78a5636f43172f60),
299 ULL(0x84c87814a1f0ab72),
ULL(0x8cc702081a6439ec),
300 ULL(0x90befffa23631e28),
ULL(0xa4506cebde82bde9),
301 ULL(0xbef9a3f7b2c67915),
ULL(0xc67178f2e372532b),
302 ULL(0xca273eceea26619c),
ULL(0xd186b8c721c0c207),
303 ULL(0xeada7dd6cde0eb1e),
ULL(0xf57d4f7fee6ed178),
304 ULL(0x06f067aa72176fba),
ULL(0x0a637dc5a2c898a6),
305 ULL(0x113f9804bef90dae),
ULL(0x1b710b35131c471b),
306 ULL(0x28db77f523047d84),
ULL(0x32caab7b40c72493),
307 ULL(0x3c9ebe0a15c9bebc),
ULL(0x431d67c49c100d4c),
308 ULL(0x4cc5d4becb3e42b6),
ULL(0x597f299cfc657e2a),
309 ULL(0x5fcb6fab3ad6faec),
ULL(0x6c44198c4a475817)
314 ULL(0xcbbb9d5dc1059ed8),
315 ULL(0x629a292a367cd507),
316 ULL(0x9159015a3070dd17),
317 ULL(0x152fecd8f70e5939),
318 ULL(0x67332667ffc00b31),
319 ULL(0x8eb44a8768581511),
320 ULL(0xdb0c2e0d64f98fa7),
321 ULL(0x47b5481dbefa4fa4)
326 ULL(0x6a09e667f3bcc908),
327 ULL(0xbb67ae8584caa73b),
328 ULL(0x3c6ef372fe94f82b),
329 ULL(0xa54ff53a5f1d36f1),
330 ULL(0x510e527fade682d1),
331 ULL(0x9b05688c2b3e6c1f),
332 ULL(0x1f83d9abfb41bd6b),
333 ULL(0x5be0cd19137e2179)
353 #ifdef SHA2_UNROLL_TRANSFORM 357 #if BYTE_ORDER == LITTLE_ENDIAN 359 #define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \ 360 REVERSE32(*data++, W256[j]); \ 361 T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \ 364 (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \ 370 #define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \ 371 T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \ 372 K256[j] + (W256[j] = *data++); \ 374 (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \ 379 #define ROUND256(a,b,c,d,e,f,g,h) \ 380 s0 = W256[(j+1)&0x0f]; \ 381 s0 = sigma0_256(s0); \ 382 s1 = W256[(j+14)&0x0f]; \ 383 s1 = sigma1_256(s1); \ 384 T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + K256[j] + \ 385 (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0); \ 387 (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \ 398 a = context->
state[0];
399 b = context->
state[1];
400 c = context->
state[2];
401 d = context->
state[3];
402 e = context->
state[4];
404 g = context->
state[6];
405 h = context->
state[7];
410 ROUND256_0_TO_15(a,b,c,d,e,
f,g,h);
411 ROUND256_0_TO_15(h,a,b,c,d,e,
f,g);
412 ROUND256_0_TO_15(g,h,a,b,c,d,e,
f);
413 ROUND256_0_TO_15(
f,g,h,a,b,c,d,e);
414 ROUND256_0_TO_15(e,
f,g,h,a,b,c,d);
415 ROUND256_0_TO_15(d,e,
f,g,h,a,b,c);
416 ROUND256_0_TO_15(c,d,e,
f,g,h,a,b);
417 ROUND256_0_TO_15(b,c,d,e,
f,g,h,a);
422 ROUND256(a,b,c,d,e,
f,g,h);
423 ROUND256(h,a,b,c,d,e,
f,g);
424 ROUND256(g,h,a,b,c,d,e,
f);
425 ROUND256(
f,g,h,a,b,c,d,e);
426 ROUND256(e,
f,g,h,a,b,c,d);
427 ROUND256(d,e,
f,g,h,a,b,c);
428 ROUND256(c,d,e,
f,g,h,a,b);
429 ROUND256(b,c,d,e,
f,g,h,a);
433 context->
state[0] += a;
434 context->
state[1] += b;
435 context->
state[2] += c;
436 context->
state[3] += d;
437 context->
state[4] += e;
439 context->
state[6] += g;
440 context->
state[7] += h;
443 a = b = c = d = e =
f = g = h =
T1 = 0;
456 a = context->
state[0];
457 b = context->
state[1];
458 c = context->
state[2];
459 d = context->
state[3];
460 e = context->
state[4];
462 g = context->
state[6];
463 h = context->
state[7];
491 s0 = W256[(j+1)&0x0f];
493 s1 = W256[(j+14)&0x0f];
498 (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0);
513 context->
state[0] += a;
514 context->
state[1] += b;
515 context->
state[2] += c;
516 context->
state[3] += d;
517 context->
state[4] += e;
519 context->
state[6] += g;
520 context->
state[7] += h;
523 a = b = c = d = e =
f = g = h =
T1 =
T2 = 0;
529 unsigned int freespace, usedspace;
544 if (len >= freespace) {
547 context->
bitcount += freespace << 3;
556 usedspace = freespace = 0;
574 usedspace = freespace = 0;
579 unsigned int usedspace;
587 #if BYTE_ORDER == LITTLE_ENDIAN 593 context->
buffer[usedspace++] = 0x80;
622 #if BYTE_ORDER == LITTLE_ENDIAN 626 for (j = 0; j < 8; j++) {
628 *d++ = context->
state[j];
648 if (buffer != (
char*)0) {
682 #ifdef SHA2_UNROLL_TRANSFORM 685 #if BYTE_ORDER == LITTLE_ENDIAN 687 #define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \ 688 REVERSE64(*data++, W512[j]); \ 689 T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \ 692 (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)), \ 698 #define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \ 699 T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \ 700 K512[j] + (W512[j] = *data++); \ 702 (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \ 707 #define ROUND512(a,b,c,d,e,f,g,h) \ 708 s0 = W512[(j+1)&0x0f]; \ 709 s0 = sigma0_512(s0); \ 710 s1 = W512[(j+14)&0x0f]; \ 711 s1 = sigma1_512(s1); \ 712 T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + K512[j] + \ 713 (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0); \ 715 (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \ 724 a = context->
state[0];
725 b = context->
state[1];
726 c = context->
state[2];
727 d = context->
state[3];
728 e = context->
state[4];
730 g = context->
state[6];
731 h = context->
state[7];
735 ROUND512_0_TO_15(a,b,c,d,e,
f,g,h);
736 ROUND512_0_TO_15(h,a,b,c,d,e,
f,g);
737 ROUND512_0_TO_15(g,h,a,b,c,d,e,
f);
738 ROUND512_0_TO_15(
f,g,h,a,b,c,d,e);
739 ROUND512_0_TO_15(e,
f,g,h,a,b,c,d);
740 ROUND512_0_TO_15(d,e,
f,g,h,a,b,c);
741 ROUND512_0_TO_15(c,d,e,
f,g,h,a,b);
742 ROUND512_0_TO_15(b,c,d,e,
f,g,h,a);
747 ROUND512(a,b,c,d,e,
f,g,h);
748 ROUND512(h,a,b,c,d,e,
f,g);
749 ROUND512(g,h,a,b,c,d,e,
f);
750 ROUND512(
f,g,h,a,b,c,d,e);
751 ROUND512(e,
f,g,h,a,b,c,d);
752 ROUND512(d,e,
f,g,h,a,b,c);
753 ROUND512(c,d,e,
f,g,h,a,b);
754 ROUND512(b,c,d,e,
f,g,h,a);
758 context->
state[0] += a;
759 context->
state[1] += b;
760 context->
state[2] += c;
761 context->
state[3] += d;
762 context->
state[4] += e;
764 context->
state[6] += g;
765 context->
state[7] += h;
768 a = b = c = d = e =
f = g = h =
T1 = 0;
779 a = context->
state[0];
780 b = context->
state[1];
781 c = context->
state[2];
782 d = context->
state[3];
783 e = context->
state[4];
785 g = context->
state[6];
786 h = context->
state[7];
814 s0 = W512[(j+1)&0x0f];
816 s1 = W512[(j+14)&0x0f];
821 (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0);
836 context->
state[0] += a;
837 context->
state[1] += b;
838 context->
state[2] += c;
839 context->
state[3] += d;
840 context->
state[4] += e;
842 context->
state[6] += g;
843 context->
state[7] += h;
846 a = b = c = d = e =
f = g = h =
T1 =
T2 = 0;
852 unsigned int freespace, usedspace;
867 if (len >= freespace) {
879 usedspace = freespace = 0;
897 usedspace = freespace = 0;
901 unsigned int usedspace;
904 #if BYTE_ORDER == LITTLE_ENDIAN 911 context->
buffer[usedspace++] = 0x80;
954 #if BYTE_ORDER == LITTLE_ENDIAN 958 for (j = 0; j < 8; j++) {
960 *d++ = context->
state[j];
979 if (buffer != (
char*)0) {
1028 #if BYTE_ORDER == LITTLE_ENDIAN 1032 for (j = 0; j < 6; j++) {
1034 *d++ = context->
state[j];
1053 if (buffer != (
char*)0) {
void SHA256_Init(SHA256_CTX *context)
#define SHA256_DIGEST_STRING_LENGTH
#define SHA384_BLOCK_LENGTH
static const sha2_word64 sha512_initial_hash_value[8]
char * SHA384_End(SHA384_CTX *context, char buffer[])
#define SHA256_BLOCK_LENGTH
static const sha2_word32 K256[64]
void SHA256_Update(SHA256_CTX *context, const sha2_byte *data, size_t len)
uint8_t buffer[SHA512_BLOCK_LENGTH]
void SHA512_Transform(SHA512_CTX *, const sha2_word64 *)
char * SHA512_End(SHA512_CTX *context, char buffer[])
char * SHA256_End(SHA256_CTX *context, char buffer[])
static const sha2_word64 K512[80]
unsigned long long uint64_t
void SHA512_Last(SHA512_CTX *)
#define MEMCPY_BCOPY(d, s, l)
void SHA512_Final(sha2_byte digest[], SHA512_CTX *context)
#define MEMSET_BZERO(p, l)
void SHA384_Init(SHA384_CTX *context)
#define SHA384_DIGEST_LENGTH
void SHA384_Final(sha2_byte digest[], SHA384_CTX *context)
static const sha2_word32 sha256_initial_hash_value[8]
static const char * sha2_hex_digits
void SHA256_Final(sha2_byte digest[], SHA256_CTX *context)
char * SHA256_Data(const sha2_byte *data, size_t len, char digest[SHA256_DIGEST_STRING_LENGTH])
void SHA512_Init(SHA512_CTX *context)
void SHA384_Update(SHA384_CTX *context, const sha2_byte *data, size_t len)
char * SHA384_Data(const sha2_byte *data, size_t len, char digest[SHA384_DIGEST_STRING_LENGTH])
static const sha2_word64 sha384_initial_hash_value[8]
#define SHA256_DIGEST_LENGTH
#define SHA512_SHORT_BLOCK_LENGTH
void SHA512_Update(SHA512_CTX *context, const sha2_byte *data, size_t len)
#define SHA384_DIGEST_STRING_LENGTH
#define assert(condition)
#define SHA512_DIGEST_LENGTH
#define SHA512_BLOCK_LENGTH
#define SHA256_SHORT_BLOCK_LENGTH
void SHA256_Transform(SHA256_CTX *, const sha2_word32 *)
uint8_t buffer[SHA256_BLOCK_LENGTH]
char * SHA512_Data(const sha2_byte *data, size_t len, char digest[SHA512_DIGEST_STRING_LENGTH])
#define SHA512_DIGEST_STRING_LENGTH