kris
/
boringssl
1
0
派生 0
代码 工单 0 合并请求 0 版本发布 0 百科 动态
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符
4431 提交
12 分支
38 MiB
 
 
 
 
 
 
目录树: 86e95b852e
分支列表 标签列表
${ item.name }
创建分支 ${ searchTerm }
从 '86e95b852e'
${ noResults }
boringssl/crypto/fipsmodule/digest/md32_common.h

270 行
8.6 KiB
原始文件 Blame 文件历史 

  1. /* ====================================================================

  2.  * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.

  3.  *

  4.  * Redistribution and use in source and binary forms, with or without

  5.  * modification, are permitted provided that the following conditions

  6.  * are met:

  7.  *

  8.  * 1. Redistributions of source code must retain the above copyright

  9.  *    notice, this list of conditions and the following disclaimer.

  10.  *

  11.  * 2. Redistributions in binary form must reproduce the above copyright

  12.  *    notice, this list of conditions and the following disclaimer in

  13.  *    the documentation and/or other materials provided with the

  14.  *    distribution.

  15.  *

  16.  * 3. All advertising materials mentioning features or use of this

  17.  *    software must display the following acknowledgment:

  18.  *    "This product includes software developed by the OpenSSL Project

  19.  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

  20.  *

  21.  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

  22.  *    endorse or promote products derived from this software without

  23.  *    prior written permission. For written permission, please contact

  24.  *    licensing@OpenSSL.org.

  25.  *

  26.  * 5. Products derived from this software may not be called "OpenSSL"

  27.  *    nor may "OpenSSL" appear in their names without prior written

  28.  *    permission of the OpenSSL Project.

  29.  *

  30.  * 6. Redistributions of any form whatsoever must retain the following

  31.  *    acknowledgment:

  32.  *    "This product includes software developed by the OpenSSL Project

  33.  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

  34.  *

  35.  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

  36.  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  37.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

  38.  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

  39.  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

  40.  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

  41.  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

  42.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  43.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

  44.  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

  45.  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

  46.  * OF THE POSSIBILITY OF SUCH DAMAGE.

  47.  * ==================================================================== */

  48. 

  49. #include <openssl/base.h>

  50. 

  51. #include <assert.h>

  52. 

  53. #include "../../internal.h"

  54. 

  55. #if defined(__cplusplus)

  56. extern "C" {

  57. #endif

  58. 

  59. 

  60. /* This is a generic 32-bit "collector" for message digest algorithms. It

  61.  * collects input character stream into chunks of 32-bit values and invokes the

  62.  * block function that performs the actual hash calculations. To make use of

  63.  * this mechanism, the following macros must be defined before including

  64.  * md32_common.h.

  65.  *

  66.  * One of |DATA_ORDER_IS_BIG_ENDIAN| or |DATA_ORDER_IS_LITTLE_ENDIAN| must be

  67.  * defined to specify the byte order of the input stream.

  68.  *

  69.  * |HASH_CBLOCK| must be defined as the integer block size, in bytes.

  70.  *

  71.  * |HASH_CTX| must be defined as the name of the context structure, which must

  72.  * have at least the following members:

  73.  *

  74.  *     typedef struct <name>_state_st {

  75.  *       uint32_t h[<chaining length> / sizeof(uint32_t)];

  76.  *       uint32_t Nl, Nh;

  77.  *       uint8_t data[HASH_CBLOCK];

  78.  *       unsigned num;

  79.  *       ...

  80.  *     } <NAME>_CTX;

  81.  *

  82.  * <chaining length> is the output length of the hash in bytes, before

  83.  * any truncation (e.g. 64 for SHA-224 and SHA-256, 128 for SHA-384 and

  84.  * SHA-512).

  85.  *

  86.  * |HASH_UPDATE| must be defined as the name of the "Update" function to

  87.  * generate.

  88.  *

  89.  * |HASH_TRANSFORM| must be defined as the  the name of the "Transform"

  90.  * function to generate.

  91.  *

  92.  * |HASH_FINAL| must be defined as the name of "Final" function to generate.

  93.  *

  94.  * |HASH_BLOCK_DATA_ORDER| must be defined as the name of the "Block" function.

  95.  * That function must be implemented manually. It must be capable of operating

  96.  * on *unaligned* input data in its original (data) byte order. It must have

  97.  * this signature:

  98.  *

  99.  *     void HASH_BLOCK_DATA_ORDER(uint32_t *state, const uint8_t *data,

  100.  *                                size_t num);

  101.  *

  102.  * It must update the hash state |state| with |num| blocks of data from |data|,

  103.  * where each block is |HASH_CBLOCK| bytes; i.e. |data| points to a array of

  104.  * |HASH_CBLOCK * num| bytes. |state| points to the |h| member of a |HASH_CTX|,

  105.  * and so will have |<chaining length> / sizeof(uint32_t)| elements.

  106.  *

  107.  * |HASH_MAKE_STRING(c, s)| must be defined as a block statement that converts

  108.  * the hash state |c->h| into the output byte order, storing the result in |s|.

  109.  */

  110. 

  111. #if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)

  112. #error "DATA_ORDER must be defined!"

  113. #endif

  114. 

  115. #ifndef HASH_CBLOCK

  116. #error "HASH_CBLOCK must be defined!"

  117. #endif

  118. #ifndef HASH_CTX

  119. #error "HASH_CTX must be defined!"

  120. #endif

  121. 

  122. #ifndef HASH_UPDATE

  123. #error "HASH_UPDATE must be defined!"

  124. #endif

  125. #ifndef HASH_TRANSFORM

  126. #error "HASH_TRANSFORM must be defined!"

  127. #endif

  128. #ifndef HASH_FINAL

  129. #error "HASH_FINAL must be defined!"

  130. #endif

  131. 

  132. #ifndef HASH_BLOCK_DATA_ORDER

  133. #error "HASH_BLOCK_DATA_ORDER must be defined!"

  134. #endif

  135. 

  136. #ifndef HASH_MAKE_STRING

  137. #error "HASH_MAKE_STRING must be defined!"

  138. #endif

  139. 

  140. #if defined(DATA_ORDER_IS_BIG_ENDIAN)

  141. 

  142. #define HOST_c2l(c, l)                     \

  143.   do {                                     \

  144.     (l) = (((uint32_t)(*((c)++))) << 24);  \

  145.     (l) |= (((uint32_t)(*((c)++))) << 16); \

  146.     (l) |= (((uint32_t)(*((c)++))) << 8);  \

  147.     (l) |= (((uint32_t)(*((c)++))));       \

  148.   } while (0)

  149. 

  150. #define HOST_l2c(l, c)                        \

  151.   do {                                        \

  152.     *((c)++) = (uint8_t)(((l) >> 24) & 0xff); \

  153.     *((c)++) = (uint8_t)(((l) >> 16) & 0xff); \

  154.     *((c)++) = (uint8_t)(((l) >> 8) & 0xff);  \

  155.     *((c)++) = (uint8_t)(((l)) & 0xff);       \

  156.   } while (0)

  157. 

  158. #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)

  159. 

  160. #define HOST_c2l(c, l)                     \

  161.   do {                                     \

  162.     (l) = (((uint32_t)(*((c)++))));        \

  163.     (l) |= (((uint32_t)(*((c)++))) << 8);  \

  164.     (l) |= (((uint32_t)(*((c)++))) << 16); \

  165.     (l) |= (((uint32_t)(*((c)++))) << 24); \

  166.   } while (0)

  167. 

  168. #define HOST_l2c(l, c)                        \

  169.   do {                                        \

  170.     *((c)++) = (uint8_t)(((l)) & 0xff);       \

  171.     *((c)++) = (uint8_t)(((l) >> 8) & 0xff);  \

  172.     *((c)++) = (uint8_t)(((l) >> 16) & 0xff); \

  173.     *((c)++) = (uint8_t)(((l) >> 24) & 0xff); \

  174.   } while (0)

  175. 

  176. #endif /* DATA_ORDER */

  177. 

  178. int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len) {

  179.   const uint8_t *data = data_;

  180. 

  181.   if (len == 0) {

  182.     return 1;

  183.   }

  184. 

  185.   uint32_t l = c->Nl + (((uint32_t)len) << 3);

  186.   if (l < c->Nl) {

  187.     /* Handle carries. */

  188.     c->Nh++;

  189.   }

  190.   c->Nh += (uint32_t)(len >> 29);

  191.   c->Nl = l;

  192. 

  193.   size_t n = c->num;

  194.   if (n != 0) {

  195.     if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) {

  196.       OPENSSL_memcpy(c->data + n, data, HASH_CBLOCK - n);

  197.       HASH_BLOCK_DATA_ORDER(c->h, c->data, 1);

  198.       n = HASH_CBLOCK - n;

  199.       data += n;

  200.       len -= n;

  201.       c->num = 0;

  202.       /* Keep |c->data| zeroed when unused. */

  203.       OPENSSL_memset(c->data, 0, HASH_CBLOCK);

  204.     } else {

  205.       OPENSSL_memcpy(c->data + n, data, len);

  206.       c->num += (unsigned)len;

  207.       return 1;

  208.     }

  209.   }

  210. 

  211.   n = len / HASH_CBLOCK;

  212.   if (n > 0) {

  213.     HASH_BLOCK_DATA_ORDER(c->h, data, n);

  214.     n *= HASH_CBLOCK;

  215.     data += n;

  216.     len -= n;

  217.   }

  218. 

  219.   if (len != 0) {

  220.     c->num = (unsigned)len;

  221.     OPENSSL_memcpy(c->data, data, len);

  222.   }

  223.   return 1;

  224. }

  225. 

  226. 

  227. void HASH_TRANSFORM(HASH_CTX *c, const uint8_t *data) {

  228.   HASH_BLOCK_DATA_ORDER(c->h, data, 1);

  229. }

  230. 

  231. 

  232. int HASH_FINAL(uint8_t *md, HASH_CTX *c) {

  233.   /* |c->data| always has room for at least one byte. A full block would have

  234.    * been consumed. */

  235.   size_t n = c->num;

  236.   assert(n < HASH_CBLOCK);

  237.   c->data[n] = 0x80;

  238.   n++;

  239. 

  240.   /* Fill the block with zeros if there isn't room for a 64-bit length. */

  241.   if (n > (HASH_CBLOCK - 8)) {

  242.     OPENSSL_memset(c->data + n, 0, HASH_CBLOCK - n);

  243.     n = 0;

  244.     HASH_BLOCK_DATA_ORDER(c->h, c->data, 1);

  245.   }

  246.   OPENSSL_memset(c->data + n, 0, HASH_CBLOCK - 8 - n);

  247. 

  248.   /* Append a 64-bit length to the block and process it. */

  249.   uint8_t *p = c->data + HASH_CBLOCK - 8;

  250. #if defined(DATA_ORDER_IS_BIG_ENDIAN)

  251.   HOST_l2c(c->Nh, p);

  252.   HOST_l2c(c->Nl, p);

  253. #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)

  254.   HOST_l2c(c->Nl, p);

  255.   HOST_l2c(c->Nh, p);

  256. #endif

  257.   assert(p == c->data + HASH_CBLOCK);

  258.   HASH_BLOCK_DATA_ORDER(c->h, c->data, 1);

  259.   c->num = 0;

  260.   OPENSSL_memset(c->data, 0, HASH_CBLOCK);

  261. 

  262.   HASH_MAKE_STRING(c, md);

  263.   return 1;

  264. }

  265. 

  266. 

  267. #if defined(__cplusplus)

  268. } /* extern C */

  269. #endif