Signed-off-by: Dmitry Eremin-Solenikov <dbarysh...@gmail.com> --- nettle-meta.h | 2 ++ sha2.h | 42 ++++++++++++++++++++++++++-- sha224-meta.c | 3 ++ sha256-meta.c | 3 ++ sha256.c | 76 +++++++++++++++++++++++++++++++++++++++------------ 5 files changed, 106 insertions(+), 20 deletions(-)
diff --git a/nettle-meta.h b/nettle-meta.h index 95aaaf0fcc8c..a28cecf5fe62 100644 --- a/nettle-meta.h +++ b/nettle-meta.h @@ -184,6 +184,8 @@ extern const struct nettle_hash nettle_sha3_512; extern const struct nettle_bctx_hash nettle_bctx_md5; extern const struct nettle_bctx_hash nettle_bctx_ripemd160; extern const struct nettle_bctx_hash nettle_bctx_sha1; +extern const struct nettle_bctx_hash nettle_bctx_sha224; +extern const struct nettle_bctx_hash nettle_bctx_sha256; struct nettle_aead { diff --git a/sha2.h b/sha2.h index ca8222a7ece5..95640b5f4b7f 100644 --- a/sha2.h +++ b/sha2.h @@ -43,9 +43,14 @@ extern "C" { /* Name mangling */ #define sha224_init nettle_sha224_init #define sha224_digest nettle_sha224_digest +#define sha224_block_init nettle_sha224_block_init +#define sha224_block_digest nettle_sha224_block_digest #define sha256_init nettle_sha256_init #define sha256_update nettle_sha256_update #define sha256_digest nettle_sha256_digest +#define sha256_block_init nettle_sha256_block_init +#define sha256_block_update nettle_sha256_block_update +#define sha256_block_digest nettle_sha256_block_digest #define sha384_init nettle_sha384_init #define sha384_digest nettle_sha384_digest #define sha512_init nettle_sha512_init @@ -70,12 +75,16 @@ extern "C" { /* Digest is kept internally as 8 32-bit words. */ #define _SHA256_DIGEST_LENGTH 8 -struct sha256_ctx +struct sha256_state { uint32_t state[_SHA256_DIGEST_LENGTH]; /* State variables */ uint64_t count; /* 64-bit block count */ - unsigned int index; /* index into buffer */ - uint8_t block[SHA256_BLOCK_SIZE]; /* SHA256 data buffer */ +}; + +struct sha256_ctx +{ + struct sha256_state state; + BLOCK_CTX(SHA256_BLOCK_SIZE); }; void @@ -91,12 +100,28 @@ sha256_digest(struct sha256_ctx *ctx, size_t length, uint8_t *digest); +void +sha256_block_init(struct sha256_state *state, + struct block_ctx *bctx); + +void +sha256_block_update(struct sha256_state *state, + struct block_ctx *bctx, + size_t length, + const uint8_t *data); + +void +sha256_block_digest(struct sha256_state *state, + struct block_ctx *bctx, + size_t length, + uint8_t *digest); /* SHA224, a truncated SHA256 with different initial state. */ #define SHA224_DIGEST_SIZE 28 #define SHA224_BLOCK_SIZE SHA256_BLOCK_SIZE #define sha224_ctx sha256_ctx +#define sha224_state sha256_state void sha224_init(struct sha256_ctx *ctx); @@ -108,6 +133,17 @@ sha224_digest(struct sha256_ctx *ctx, size_t length, uint8_t *digest); +void +sha224_block_init(struct sha256_state *state, + struct block_ctx *bctx); + +#define sha224_block_update sha256_block_update + +void +sha224_block_digest(struct sha256_state *state, + struct block_ctx *bctx, + size_t length, + uint8_t *digest); /* SHA512 */ diff --git a/sha224-meta.c b/sha224-meta.c index 4b3bcef36eba..639a8edd75bc 100644 --- a/sha224-meta.c +++ b/sha224-meta.c @@ -39,3 +39,6 @@ const struct nettle_hash nettle_sha224 = _NETTLE_HASH(sha224, SHA224); + +const struct nettle_bctx_hash nettle_bctx_sha224 += _NETTLE_BLOCK_HASH(sha224, SHA224); diff --git a/sha256-meta.c b/sha256-meta.c index fcdf79322600..1f0a4ee338c2 100644 --- a/sha256-meta.c +++ b/sha256-meta.c @@ -39,3 +39,6 @@ const struct nettle_hash nettle_sha256 = _NETTLE_HASH(sha256, SHA256); + +const struct nettle_bctx_hash nettle_bctx_sha256 += _NETTLE_BLOCK_HASH(sha256, SHA256); diff --git a/sha256.c b/sha256.c index 253c13191356..e14a1caf59b0 100644 --- a/sha256.c +++ b/sha256.c @@ -75,7 +75,7 @@ K[64] = /* Initialize the SHA values */ void -sha256_init(struct sha256_ctx *ctx) +sha256_block_init(struct sha256_state *state, struct block_ctx *bctx) { /* Initial values, also generated by the shadata program. */ static const uint32_t H0[_SHA256_DIGEST_LENGTH] = @@ -84,24 +84,40 @@ sha256_init(struct sha256_ctx *ctx) 0x510e527fUL, 0x9b05688cUL, 0x1f83d9abUL, 0x5be0cd19UL, }; - memcpy(ctx->state, H0, sizeof(H0)); + memcpy(state->state, H0, sizeof(H0)); /* Initialize bit count */ - ctx->count = 0; + state->count = 0; /* Initialize buffer */ - ctx->index = 0; + bctx->index = 0; +} + +void +sha256_init(struct sha256_ctx *ctx) +{ + return sha256_block_init(&ctx->state, (struct block_ctx *)&ctx->block); } void sha256_update(struct sha256_ctx *ctx, size_t length, const uint8_t *data) { - MD_UPDATE (ctx, length, data, COMPRESS, ctx->count++); + MD_BLOCK_UPDATE(&ctx->state, &ctx->block, SHA256_BLOCK_SIZE, length, data, COMPRESS, ctx->state.count++); +} + +void +sha256_block_update(struct sha256_state *state, + struct block_ctx *bctx, + size_t length, + const uint8_t *data) +{ + MD_BLOCK_UPDATE(state, bctx, SHA256_BLOCK_SIZE, length, data, COMPRESS, state->count++); } static void -sha256_write_digest(struct sha256_ctx *ctx, +sha256_write_digest(struct sha256_state *state, + struct block_ctx *bctx, size_t length, uint8_t *digest) { @@ -109,18 +125,18 @@ sha256_write_digest(struct sha256_ctx *ctx, assert(length <= SHA256_DIGEST_SIZE); - MD_PAD(ctx, 8, COMPRESS); + MD_BLOCK_PAD(state, bctx, SHA256_BLOCK_SIZE, 8, COMPRESS); /* There are 512 = 2^9 bits in one block */ - bit_count = (ctx->count << 9) | (ctx->index << 3); + bit_count = (state->count << 9) | (bctx->index << 3); /* This is slightly inefficient, as the numbers are converted to big-endian format, and will be converted back by the compression function. It's probably not worth the effort to fix this. */ - WRITE_UINT64(ctx->block + (SHA256_BLOCK_SIZE - 8), bit_count); - COMPRESS(ctx, ctx->block); + WRITE_UINT64(bctx->buffer + (SHA256_BLOCK_SIZE - 8), bit_count); + COMPRESS(state, bctx->buffer); - _nettle_write_be32(length, digest, ctx->state); + _nettle_write_be32(length, digest, state->state); } void @@ -128,14 +144,24 @@ sha256_digest(struct sha256_ctx *ctx, size_t length, uint8_t *digest) { - sha256_write_digest(ctx, length, digest); + sha256_write_digest(&ctx->state, (struct block_ctx *)&ctx->block, length, digest); sha256_init(ctx); } +void +sha256_block_digest(struct sha256_state *state, + struct block_ctx *bctx, + size_t length, + uint8_t *digest) +{ + sha256_write_digest(state, bctx, length, digest); + sha256_block_init(state, bctx); +} + /* sha224 variant. */ void -sha224_init(struct sha256_ctx *ctx) +sha224_block_init(struct sha256_state *state, struct block_ctx *bctx) { /* Initial values. Low 32 bits of the initial values for sha384. */ static const uint32_t H0[_SHA256_DIGEST_LENGTH] = @@ -144,13 +170,19 @@ sha224_init(struct sha256_ctx *ctx) 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4, }; - memcpy(ctx->state, H0, sizeof(H0)); + memcpy(state->state, H0, sizeof(H0)); /* Initialize bit count */ - ctx->count = 0; + state->count = 0; /* Initialize buffer */ - ctx->index = 0; + bctx->index = 0; +} + +void +sha224_init(struct sha256_ctx *ctx) +{ + return sha224_block_init(&ctx->state, (struct block_ctx *)&ctx->block); } void @@ -158,6 +190,16 @@ sha224_digest(struct sha256_ctx *ctx, size_t length, uint8_t *digest) { - sha256_write_digest(ctx, length, digest); + sha256_write_digest(&ctx->state, (struct block_ctx *)&ctx->block, length, digest); sha224_init(ctx); } + +void +sha224_block_digest(struct sha256_state *state, + struct block_ctx *bctx, + size_t length, + uint8_t *digest) +{ + sha256_write_digest(state, bctx, length, digest); + sha224_block_init(state, bctx); +} -- 2.20.1 _______________________________________________ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs