diff options
| author |   tedu <tedu@openbsd.org> | 2016-09-03 16:25:03 +0000 |
|---|---|---|
| committer | tedu <tedu@openbsd.org> | 2016-09-03 16:25:03 +0000 |
| commit | 4baad0396b2cf44e7f6a7ef5bfdde5aa5100ec59 (patch) | |
| tree | 7c8fbee492da6eb480e7124755b415ead6e831e5 | |
| parent | Correct default values. (diff) | |
| download | wireguard-openbsd-4baad0396b2cf44e7f6a7ef5bfdde5aa5100ec59.tar.xz wireguard-openbsd-4baad0396b2cf44e7f6a7ef5bfdde5aa5100ec59.zip | |
Add functions for SHA512/256. The standard says you're supposed to start
with different magic numbers, so we need to add some functions instead
of just asking the user to truncate as desired. Sigh.
SHA512 is quite a bit faster than SHA256 on 64 bit CPUs,
but 256 bit hashes are usually quite sufficient. Best of both.
ok deraadt tom
| -rw-r--r-- | lib/libc/Symbols.list | 9 | ||||
| -rw-r--r-- | lib/libc/hash/Makefile.inc | 11 | ||||
| -rw-r--r-- | lib/libc/hash/sha2.c | 51 | ||||
| -rw-r--r-- | lib/libc/hidden/sha2.h | 13 |
4 files changed, 78 insertions, 6 deletions
diff --git a/lib/libc/Symbols.list b/lib/libc/Symbols.list index 0d81460881a..fa352f3cfe3 100644 --- a/lib/libc/Symbols.list +++ b/lib/libc/Symbols.list @@ -900,6 +900,15 @@ SHA512Init SHA512Pad SHA512Transform SHA512Update +SHA512_256Data +SHA512_256End +SHA512_256File +SHA512_256FileChunk +SHA512_256Final +SHA512_256Init +SHA512_256Pad +SHA512_256Transform +SHA512_256Update SipHash SipHash_End SipHash_Final diff --git a/lib/libc/hash/Makefile.inc b/lib/libc/hash/Makefile.inc index 56444ea5997..2baaf390b42 100644 --- a/lib/libc/hash/Makefile.inc +++ b/lib/libc/hash/Makefile.inc @@ -1,9 +1,9 @@ -# $OpenBSD: Makefile.inc,v 1.23 2016/03/30 06:38:41 jmc Exp $ +# $OpenBSD: Makefile.inc,v 1.24 2016/09/03 16:25:03 tedu Exp $ # hash functions .PATH: ${LIBCSRCDIR}/hash -HELPER= md5hl.c rmd160hl.c sha1hl.c sha224hl.c sha256hl.c sha384hl.c sha512hl.c +HELPER= md5hl.c rmd160hl.c sha1hl.c sha224hl.c sha256hl.c sha384hl.c sha512hl.c sha512_256hl.c SRCS+= md5.c rmd160.c sha1.c sha2.c ${HELPER} siphash.c MAN+= md5.3 rmd160.3 sha1.3 sha2.3 SipHash24.3 @@ -38,4 +38,9 @@ sha512hl.c: helper.c -e 's/HASH/SHA512/g' \ -e 's/SHA[0-9][0-9][0-9]_CTX/SHA2_CTX/g' $> > $@ -beforedepend: md5hl.c rmd160hl.c sha1hl.c sha256hl.c sha384hl.c sha512hl.c +sha512_256hl.c: helper.c + sed -e 's/hashinc/sha2.h/g' \ + -e 's/HASH/SHA512_256/g' \ + -e 's/SHA512_256_CTX/SHA2_CTX/g' $> > $@ + +beforedepend: md5hl.c rmd160hl.c sha1hl.c sha256hl.c sha384hl.c sha512hl.c sha512_256hl.c diff --git a/lib/libc/hash/sha2.c b/lib/libc/hash/sha2.c index 16486bcbedb..ec13e444695 100644 --- a/lib/libc/hash/sha2.c +++ b/lib/libc/hash/sha2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sha2.c,v 1.24 2015/09/11 09:18:27 guenther Exp $ */ +/* $OpenBSD: sha2.c,v 1.25 2016/09/03 16:25:03 tedu Exp $ */ /* * FILE: sha2.c @@ -288,6 +288,18 @@ static const u_int64_t sha384_initial_hash_value[8] = { 0x47b5481dbefa4fa4ULL }; +/* Initial hash value H for SHA-512-256 */ +static const u_int64_t sha512_256_initial_hash_value[8] = { + 0x22312194fc2bf72cULL, + 0x9f555fa3c84c64c2ULL, + 0x2393b86b6f53b151ULL, + 0x963877195940eabdULL, + 0x96283ee2a88effe3ULL, + 0xbe5e1e2553863992ULL, + 0x2b0199fc2c85b8aaULL, + 0x0eb72ddc81c52ca2ULL +}; + /*** SHA-224: *********************************************************/ void SHA224Init(SHA2_CTX *context) @@ -923,4 +935,41 @@ SHA384Final(u_int8_t digest[SHA384_DIGEST_LENGTH], SHA2_CTX *context) explicit_bzero(context, sizeof(*context)); } DEF_WEAK(SHA384Final); + +/*** SHA-512/256: *********************************************************/ +void +SHA512_256Init(SHA2_CTX *context) +{ + memcpy(context->state.st64, sha512_256_initial_hash_value, + sizeof(sha512_256_initial_hash_value)); + memset(context->buffer, 0, sizeof(context->buffer)); + context->bitcount[0] = context->bitcount[1] = 0; +} +DEF_WEAK(SHA512_256Init); + +MAKE_CLONE(SHA512_256Transform, SHA512Transform); +MAKE_CLONE(SHA512_256Update, SHA512Update); +MAKE_CLONE(SHA512_256Pad, SHA512Pad); +DEF_WEAK(SHA512_256Transform); +DEF_WEAK(SHA512_256Update); +DEF_WEAK(SHA512_256Pad); + +void +SHA512_256Final(u_int8_t digest[SHA512_256_DIGEST_LENGTH], SHA2_CTX *context) +{ + SHA512_256Pad(context); + +#if BYTE_ORDER == LITTLE_ENDIAN + int i; + + /* Convert TO host byte order */ + for (i = 0; i < 4; i++) + BE_64_TO_8(digest + i * 8, context->state.st64[i]); +#else + memcpy(digest, context->state.st64, SHA512_256_DIGEST_LENGTH); +#endif + /* Zero out state data */ + explicit_bzero(context, sizeof(*context)); +} +DEF_WEAK(SHA512_256Final); #endif /* !defined(SHA2_SMALL) */ diff --git a/lib/libc/hidden/sha2.h b/lib/libc/hidden/sha2.h index a2cc81eaa0b..8cd052c24e3 100644 --- a/lib/libc/hidden/sha2.h +++ b/lib/libc/hidden/sha2.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sha2.h,v 1.1 2015/09/11 09:18:27 guenther Exp $ */ +/* $OpenBSD: sha2.h,v 1.2 2016/09/03 16:25:03 tedu Exp $ */ /* * Copyright (c) 2015 Philip Guenther <guenther@openbsd.org> * @@ -14,7 +14,7 @@ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: sha2.h,v 1.1 2015/09/11 09:18:27 guenther Exp $ */ +/* $OpenBSD: sha2.h,v 1.2 2016/09/03 16:25:03 tedu Exp $ */ #ifndef _LIBC_SHA2_H #define _LIBC_SHA2_H @@ -57,5 +57,14 @@ PROTO_NORMAL(SHA512Init); PROTO_NORMAL(SHA512Pad); PROTO_NORMAL(SHA512Transform); PROTO_NORMAL(SHA512Update); +PROTO_NORMAL(SHA512_256Data); +PROTO_NORMAL(SHA512_256End); +PROTO_NORMAL(SHA512_256File); +PROTO_NORMAL(SHA512_256FileChunk); +PROTO_NORMAL(SHA512_256Final); +PROTO_NORMAL(SHA512_256Init); +PROTO_NORMAL(SHA512_256Pad); +PROTO_NORMAL(SHA512_256Transform); +PROTO_NORMAL(SHA512_256Update); #endif /* _LIBC_SHA2_H */ |