Signed-off-by: Dmitry Eremin-Solenikov dbaryshkov@gmail.com --- nettle-meta.h | 2 ++ sha2.h | 42 ++++++++++++++++++++++++++-- sha224-meta.c | 3 ++ sha256-meta.c | 3 ++ sha256.c | 76 +++++++++++++++++++++++++++++++++++++++------------ 5 files changed, 106 insertions(+), 20 deletions(-)
diff --git a/nettle-meta.h b/nettle-meta.h index 95aaaf0fcc8c..a28cecf5fe62 100644 --- a/nettle-meta.h +++ b/nettle-meta.h @@ -184,6 +184,8 @@ extern const struct nettle_hash nettle_sha3_512; extern const struct nettle_bctx_hash nettle_bctx_md5; extern const struct nettle_bctx_hash nettle_bctx_ripemd160; extern const struct nettle_bctx_hash nettle_bctx_sha1; +extern const struct nettle_bctx_hash nettle_bctx_sha224; +extern const struct nettle_bctx_hash nettle_bctx_sha256;
struct nettle_aead { diff --git a/sha2.h b/sha2.h index ca8222a7ece5..95640b5f4b7f 100644 --- a/sha2.h +++ b/sha2.h @@ -43,9 +43,14 @@ extern "C" { /* Name mangling */ #define sha224_init nettle_sha224_init #define sha224_digest nettle_sha224_digest +#define sha224_block_init nettle_sha224_block_init +#define sha224_block_digest nettle_sha224_block_digest #define sha256_init nettle_sha256_init #define sha256_update nettle_sha256_update #define sha256_digest nettle_sha256_digest +#define sha256_block_init nettle_sha256_block_init +#define sha256_block_update nettle_sha256_block_update +#define sha256_block_digest nettle_sha256_block_digest #define sha384_init nettle_sha384_init #define sha384_digest nettle_sha384_digest #define sha512_init nettle_sha512_init @@ -70,12 +75,16 @@ extern "C" { /* Digest is kept internally as 8 32-bit words. */ #define _SHA256_DIGEST_LENGTH 8
-struct sha256_ctx +struct sha256_state { uint32_t state[_SHA256_DIGEST_LENGTH]; /* State variables */ uint64_t count; /* 64-bit block count */ - unsigned int index; /* index into buffer */ - uint8_t block[SHA256_BLOCK_SIZE]; /* SHA256 data buffer */ +}; + +struct sha256_ctx +{ + struct sha256_state state; + BLOCK_CTX(SHA256_BLOCK_SIZE); };
void @@ -91,12 +100,28 @@ sha256_digest(struct sha256_ctx *ctx, size_t length, uint8_t *digest);
+void +sha256_block_init(struct sha256_state *state, + struct block_ctx *bctx); + +void +sha256_block_update(struct sha256_state *state, + struct block_ctx *bctx, + size_t length, + const uint8_t *data); + +void +sha256_block_digest(struct sha256_state *state, + struct block_ctx *bctx, + size_t length, + uint8_t *digest);
/* SHA224, a truncated SHA256 with different initial state. */
#define SHA224_DIGEST_SIZE 28 #define SHA224_BLOCK_SIZE SHA256_BLOCK_SIZE #define sha224_ctx sha256_ctx +#define sha224_state sha256_state
void sha224_init(struct sha256_ctx *ctx); @@ -108,6 +133,17 @@ sha224_digest(struct sha256_ctx *ctx, size_t length, uint8_t *digest);
+void +sha224_block_init(struct sha256_state *state, + struct block_ctx *bctx); + +#define sha224_block_update sha256_block_update + +void +sha224_block_digest(struct sha256_state *state, + struct block_ctx *bctx, + size_t length, + uint8_t *digest);
/* SHA512 */
diff --git a/sha224-meta.c b/sha224-meta.c index 4b3bcef36eba..639a8edd75bc 100644 --- a/sha224-meta.c +++ b/sha224-meta.c @@ -39,3 +39,6 @@
const struct nettle_hash nettle_sha224 = _NETTLE_HASH(sha224, SHA224); + +const struct nettle_bctx_hash nettle_bctx_sha224 += _NETTLE_BLOCK_HASH(sha224, SHA224); diff --git a/sha256-meta.c b/sha256-meta.c index fcdf79322600..1f0a4ee338c2 100644 --- a/sha256-meta.c +++ b/sha256-meta.c @@ -39,3 +39,6 @@
const struct nettle_hash nettle_sha256 = _NETTLE_HASH(sha256, SHA256); + +const struct nettle_bctx_hash nettle_bctx_sha256 += _NETTLE_BLOCK_HASH(sha256, SHA256); diff --git a/sha256.c b/sha256.c index 253c13191356..e14a1caf59b0 100644 --- a/sha256.c +++ b/sha256.c @@ -75,7 +75,7 @@ K[64] = /* Initialize the SHA values */
void -sha256_init(struct sha256_ctx *ctx) +sha256_block_init(struct sha256_state *state, struct block_ctx *bctx) { /* Initial values, also generated by the shadata program. */ static const uint32_t H0[_SHA256_DIGEST_LENGTH] = @@ -84,24 +84,40 @@ sha256_init(struct sha256_ctx *ctx) 0x510e527fUL, 0x9b05688cUL, 0x1f83d9abUL, 0x5be0cd19UL, };
- memcpy(ctx->state, H0, sizeof(H0)); + memcpy(state->state, H0, sizeof(H0));
/* Initialize bit count */ - ctx->count = 0; + state->count = 0;
/* Initialize buffer */ - ctx->index = 0; + bctx->index = 0; +} + +void +sha256_init(struct sha256_ctx *ctx) +{ + return sha256_block_init(&ctx->state, (struct block_ctx *)&ctx->block); }
void sha256_update(struct sha256_ctx *ctx, size_t length, const uint8_t *data) { - MD_UPDATE (ctx, length, data, COMPRESS, ctx->count++); + MD_BLOCK_UPDATE(&ctx->state, &ctx->block, SHA256_BLOCK_SIZE, length, data, COMPRESS, ctx->state.count++); +} + +void +sha256_block_update(struct sha256_state *state, + struct block_ctx *bctx, + size_t length, + const uint8_t *data) +{ + MD_BLOCK_UPDATE(state, bctx, SHA256_BLOCK_SIZE, length, data, COMPRESS, state->count++); }
static void -sha256_write_digest(struct sha256_ctx *ctx, +sha256_write_digest(struct sha256_state *state, + struct block_ctx *bctx, size_t length, uint8_t *digest) { @@ -109,18 +125,18 @@ sha256_write_digest(struct sha256_ctx *ctx,
assert(length <= SHA256_DIGEST_SIZE);
- MD_PAD(ctx, 8, COMPRESS); + MD_BLOCK_PAD(state, bctx, SHA256_BLOCK_SIZE, 8, COMPRESS);
/* There are 512 = 2^9 bits in one block */ - bit_count = (ctx->count << 9) | (ctx->index << 3); + bit_count = (state->count << 9) | (bctx->index << 3);
/* This is slightly inefficient, as the numbers are converted to big-endian format, and will be converted back by the compression function. It's probably not worth the effort to fix this. */ - WRITE_UINT64(ctx->block + (SHA256_BLOCK_SIZE - 8), bit_count); - COMPRESS(ctx, ctx->block); + WRITE_UINT64(bctx->buffer + (SHA256_BLOCK_SIZE - 8), bit_count); + COMPRESS(state, bctx->buffer);
- _nettle_write_be32(length, digest, ctx->state); + _nettle_write_be32(length, digest, state->state); }
void @@ -128,14 +144,24 @@ sha256_digest(struct sha256_ctx *ctx, size_t length, uint8_t *digest) { - sha256_write_digest(ctx, length, digest); + sha256_write_digest(&ctx->state, (struct block_ctx *)&ctx->block, length, digest); sha256_init(ctx); }
+void +sha256_block_digest(struct sha256_state *state, + struct block_ctx *bctx, + size_t length, + uint8_t *digest) +{ + sha256_write_digest(state, bctx, length, digest); + sha256_block_init(state, bctx); +} + /* sha224 variant. */
void -sha224_init(struct sha256_ctx *ctx) +sha224_block_init(struct sha256_state *state, struct block_ctx *bctx) { /* Initial values. Low 32 bits of the initial values for sha384. */ static const uint32_t H0[_SHA256_DIGEST_LENGTH] = @@ -144,13 +170,19 @@ sha224_init(struct sha256_ctx *ctx) 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4, };
- memcpy(ctx->state, H0, sizeof(H0)); + memcpy(state->state, H0, sizeof(H0));
/* Initialize bit count */ - ctx->count = 0; + state->count = 0;
/* Initialize buffer */ - ctx->index = 0; + bctx->index = 0; +} + +void +sha224_init(struct sha256_ctx *ctx) +{ + return sha224_block_init(&ctx->state, (struct block_ctx *)&ctx->block); }
void @@ -158,6 +190,16 @@ sha224_digest(struct sha256_ctx *ctx, size_t length, uint8_t *digest) { - sha256_write_digest(ctx, length, digest); + sha256_write_digest(&ctx->state, (struct block_ctx *)&ctx->block, length, digest); sha224_init(ctx); } + +void +sha224_block_digest(struct sha256_state *state, + struct block_ctx *bctx, + size_t length, + uint8_t *digest) +{ + sha256_write_digest(state, bctx, length, digest); + sha224_block_init(state, bctx); +}