diff options
| author |   millert <millert@openbsd.org> | 2004-05-05 17:39:47 +0000 |
|---|---|---|
| committer | millert <millert@openbsd.org> | 2004-05-05 17:39:47 +0000 |
| commit | c2a0ac189b3c91efd00a26c5c34dc32cd91a87ad (patch) | |
| tree | 0e5128acdab348dfad98f844e02e7129e96562df | |
| parent | Make the 2nd arg to SHA1Transform const again and unifdef SHA1HANDSOFF. (diff) | |
| download | wireguard-openbsd-c2a0ac189b3c91efd00a26c5c34dc32cd91a87ad.tar.xz wireguard-openbsd-c2a0ac189b3c91efd00a26c5c34dc32cd91a87ad.zip | |
Make the Transform functions match the other hash types and document them.
Use sizeof() in the Init functions where it makes sense.
Use weak aliases instead of wrapper functions.
Probably should have gone in before the major bump but as these are only
used internally by the sha2 functions themselves there should be no problem.
| -rw-r--r-- | include/sha2.h | 5 | ||||
| -rw-r--r-- | lib/libc/hash/sha2.3 | 23 | ||||
| -rw-r--r-- | lib/libc/hash/sha2.c | 203 |
3 files changed, 119 insertions, 112 deletions
diff --git a/include/sha2.h b/include/sha2.h index 9593fac2f6e..15b0976eaba 100644 --- a/include/sha2.h +++ b/include/sha2.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sha2.h,v 1.4 2004/05/03 17:30:14 millert Exp $ */ +/* $OpenBSD: sha2.h,v 1.5 2004/05/05 17:39:47 millert Exp $ */ /* * FILE: sha2.h @@ -68,6 +68,7 @@ typedef SHA512_CTX SHA384_CTX; __BEGIN_DECLS void SHA256_Init(SHA256_CTX *); +void SHA256_Transform(u_int32_t state[8], const u_int8_t [SHA256_BLOCK_LENGTH]); void SHA256_Update(SHA256_CTX *, const u_int8_t *, size_t) __attribute__((__bounded__(__string__,2,3))); void SHA256_Pad(SHA256_CTX *); @@ -84,6 +85,7 @@ char *SHA256_Data(const u_int8_t *, size_t, char *) __attribute__((__bounded__(__minbytes__,3,SHA256_DIGEST_STRING_LENGTH))); void SHA384_Init(SHA384_CTX *); +void SHA384_Transform(u_int64_t state[8], const u_int8_t [SHA384_BLOCK_LENGTH]); void SHA384_Update(SHA384_CTX *, const u_int8_t *, size_t) __attribute__((__bounded__(__string__,2,3))); void SHA384_Pad(SHA384_CTX *); @@ -100,6 +102,7 @@ char *SHA384_Data(const u_int8_t *, size_t, char *) __attribute__((__bounded__(__minbytes__,3,SHA384_DIGEST_STRING_LENGTH))); void SHA512_Init(SHA512_CTX *); +void SHA512_Transform(u_int64_t state[8], const u_int8_t [SHA512_BLOCK_LENGTH]); void SHA512_Update(SHA512_CTX *, const u_int8_t *, size_t) __attribute__((__bounded__(__string__,2,3))); void SHA512_Pad(SHA512_CTX *); diff --git a/lib/libc/hash/sha2.3 b/lib/libc/hash/sha2.3 index 10eac992f10..efb0b5160b8 100644 --- a/lib/libc/hash/sha2.3 +++ b/lib/libc/hash/sha2.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sha2.3,v 1.8 2004/05/03 18:10:07 millert Exp $ +.\" $OpenBSD: sha2.3,v 1.9 2004/05/05 17:39:47 millert Exp $ .\" .\" Copyright (c) 2003, 2004 Todd C. Miller <Todd.Miller@courtesan.com> .\" @@ -28,6 +28,7 @@ .Nm SHA256_Update , .Nm SHA256_Pad , .Nm SHA256_Final , +.Nm SHA256_Transform , .Nm SHA256_End , .Nm SHA256_File , .Nm SHA256_FileChunk , @@ -44,6 +45,8 @@ .Fn SHA256_Pad "SHA256_CTX *context" .Ft void .Fn SHA256_Final "u_int8_t digest[SHA256_DIGEST_LENGTH]" "SHA256_CTX *context" +.Ft void +.Fn SHA256_Transform "u_int32_t state[8]" "const u_int8_t buffer[SHA256_BLOCK_LENGTH]" .Ft "char *" .Fn SHA256_End "SHA256_CTX *context" "char *buf" .Ft "char *" @@ -60,6 +63,8 @@ .Fn SHA384_Pad "SHA384_CTX *context" .Ft void .Fn SHA384_Final "u_int8_t digest[SHA384_DIGEST_LENGTH]" "SHA384_CTX *context" +.Ft void +.Fn SHA384_Transform "u_int64_t state[8]" "const u_int8_t buffer[SHA384_BLOCK_LENGTH]" .Ft "char *" .Fn SHA384_End "SHA384_CTX *context" "char *buf" .Ft "char *" @@ -76,6 +81,8 @@ .Fn SHA512_Pad "SHA512_CTX *context" .Ft void .Fn SHA512_Final "u_int8_t digest[SHA512_DIGEST_LENGTH]" "SHA512_CTX *context" +.Ft void +.Fn SHA512_Transform "u_int64_t state[8]" "const u_int8_t buffer[SHA512_BLOCK_LENGTH]" .Ft "char *" .Fn SHA512_End "SHA512_CTX *context" "char *buf" .Ft "char *" @@ -133,6 +140,20 @@ but the current context can still be used with .Fn SHA256_Update . .Pp The +.Fn SHA256_Transform +function is used by +.Fn SHA256_Update +to hash 512-bit blocks and forms the core of the algorithm. +Most programs should use the interface provided by +.Fn SHA256_Init , +.Fn SHA256_Update +and +.Fn SHA256_Final +instead of calling +.Fn SHA256_Transform +directly. +.Pp +The .Fn SHA256_End function is a front end for .Fn SHA256_Final diff --git a/lib/libc/hash/sha2.c b/lib/libc/hash/sha2.c index 5809cd0721e..d28a9e32edb 100644 --- a/lib/libc/hash/sha2.c +++ b/lib/libc/hash/sha2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sha2.c,v 1.7 2004/05/03 17:30:15 millert Exp $ */ +/* $OpenBSD: sha2.c,v 1.8 2004/05/05 17:39:47 millert Exp $ */ /* * FILE: sha2.c @@ -35,7 +35,7 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static const char rcsid[] = "$OpenBSD: sha2.c,v 1.7 2004/05/03 17:30:15 millert Exp $"; +static const char rcsid[] = "$OpenBSD: sha2.c,v 1.8 2004/05/05 17:39:47 millert Exp $"; #endif /* LIBC_SCCS and not lint */ #include <sys/types.h> @@ -159,14 +159,6 @@ static const char rcsid[] = "$OpenBSD: sha2.c,v 1.7 2004/05/03 17:30:15 millert #define sigma0_512(x) (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x))) #define sigma1_512(x) (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x))) -/*** INTERNAL FUNCTION PROTOTYPES *************************************/ -/* NOTE: These should not be accessed directly from outside this - * library -- they are intended for private internal visibility/use - * only. - */ -void SHA256_Transform(SHA256_CTX *, const u_int8_t *); -void SHA512_Transform(SHA512_CTX *, const u_int8_t *); - /*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/ /* Hash constant words K for SHA-256: */ @@ -276,8 +268,9 @@ SHA256_Init(SHA256_CTX *context) { if (context == NULL) return; - memcpy(context->state, sha256_initial_hash_value, SHA256_DIGEST_LENGTH); - memset(context->buffer, 0, SHA256_BLOCK_LENGTH); + memcpy(context->state, sha256_initial_hash_value, + sizeof(sha256_initial_hash_value)); + memset(context->buffer, 0, sizeof(context->buffer)); context->bitcount = 0; } @@ -308,23 +301,21 @@ SHA256_Init(SHA256_CTX *context) } while(0) void -SHA256_Transform(SHA256_CTX *context, const u_int8_t *data) +SHA256_Transform(u_int32_t state[8], const u_int8_t data[SHA256_BLOCK_LENGTH]) { u_int32_t a, b, c, d, e, f, g, h, s0, s1; - u_int32_t T1, *W256; + u_int32_t T1, W256[16]; int j; - W256 = (u_int32_t *)context->buffer; - /* Initialize registers with the prev. intermediate value */ - a = context->state[0]; - b = context->state[1]; - c = context->state[2]; - d = context->state[3]; - e = context->state[4]; - f = context->state[5]; - g = context->state[6]; - h = context->state[7]; + a = state[0]; + b = state[1]; + c = state[2]; + d = state[3]; + e = state[4]; + f = state[5]; + g = state[6]; + h = state[7]; j = 0; do { @@ -352,14 +343,14 @@ SHA256_Transform(SHA256_CTX *context, const u_int8_t *data) } while (j < 64); /* Compute the current intermediate hash value */ - context->state[0] += a; - context->state[1] += b; - context->state[2] += c; - context->state[3] += d; - context->state[4] += e; - context->state[5] += f; - context->state[6] += g; - context->state[7] += h; + state[0] += a; + state[1] += b; + state[2] += c; + state[3] += d; + state[4] += e; + state[5] += f; + state[6] += g; + state[7] += h; /* Clean up */ a = b = c = d = e = f = g = h = T1 = 0; @@ -368,23 +359,21 @@ SHA256_Transform(SHA256_CTX *context, const u_int8_t *data) #else /* SHA2_UNROLL_TRANSFORM */ void -SHA256_Transform(SHA256_CTX *context, const u_int8_t *data) +SHA256_Transform(u_int32_t state[8], const u_int8_t data[SHA256_BLOCK_LENGTH]) { u_int32_t a, b, c, d, e, f, g, h, s0, s1; - u_int32_t T1, T2, *W256; + u_int32_t T1, T2, W256[16]; int j; - W256 = (u_int32_t *)context->buffer; - /* Initialize registers with the prev. intermediate value */ - a = context->state[0]; - b = context->state[1]; - c = context->state[2]; - d = context->state[3]; - e = context->state[4]; - f = context->state[5]; - g = context->state[6]; - h = context->state[7]; + a = state[0]; + b = state[1]; + c = state[2]; + d = state[3]; + e = state[4]; + f = state[5]; + g = state[6]; + h = state[7]; j = 0; do { @@ -430,14 +419,14 @@ SHA256_Transform(SHA256_CTX *context, const u_int8_t *data) } while (j < 64); /* Compute the current intermediate hash value */ - context->state[0] += a; - context->state[1] += b; - context->state[2] += c; - context->state[3] += d; - context->state[4] += e; - context->state[5] += f; - context->state[6] += g; - context->state[7] += h; + state[0] += a; + state[1] += b; + state[2] += c; + state[3] += d; + state[4] += e; + state[5] += f; + state[6] += g; + state[7] += h; /* Clean up */ a = b = c = d = e = f = g = h = T1 = T2 = 0; @@ -465,7 +454,7 @@ SHA256_Update(SHA256_CTX *context, const u_int8_t *data, size_t len) context->bitcount += freespace << 3; len -= freespace; data += freespace; - SHA256_Transform(context, context->buffer); + SHA256_Transform(context->state, context->buffer); } else { /* The buffer is not yet full */ memcpy(&context->buffer[usedspace], data, len); @@ -477,7 +466,7 @@ SHA256_Update(SHA256_CTX *context, const u_int8_t *data, size_t len) } while (len >= SHA256_BLOCK_LENGTH) { /* Process as many complete blocks as we can */ - SHA256_Transform(context, data); + SHA256_Transform(context->state, data); context->bitcount += SHA256_BLOCK_LENGTH << 3; len -= SHA256_BLOCK_LENGTH; data += SHA256_BLOCK_LENGTH; @@ -515,7 +504,7 @@ SHA256_Pad(SHA256_CTX *context) SHA256_BLOCK_LENGTH - usedspace); } /* Do second-to-last transform: */ - SHA256_Transform(context, context->buffer); + SHA256_Transform(context->state, context->buffer); /* Prepare for last transform: */ memset(context->buffer, 0, SHA256_SHORT_BLOCK_LENGTH); @@ -531,7 +520,7 @@ SHA256_Pad(SHA256_CTX *context) *(u_int64_t *)&context->buffer[SHA256_SHORT_BLOCK_LENGTH] = context->bitcount; /* Final transform: */ - SHA256_Transform(context, context->buffer); + SHA256_Transform(context->state, context->buffer); /* Clean up: */ usedspace = 0; @@ -569,8 +558,9 @@ SHA512_Init(SHA512_CTX *context) { if (context == NULL) return; - memcpy(context->state, sha512_initial_hash_value, SHA512_DIGEST_LENGTH); - memset(context->buffer, 0, SHA512_BLOCK_LENGTH); + memcpy(context->state, sha512_initial_hash_value, + sizeof(sha512_initial_hash_value)); + memset(context->buffer, 0, sizeof(context->buffer)); context->bitcount[0] = context->bitcount[1] = 0; } @@ -604,23 +594,21 @@ SHA512_Init(SHA512_CTX *context) } while(0) void -SHA512_Transform(SHA512_CTX *context, const u_int8_t *data) +SHA512_Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH]) { u_int64_t a, b, c, d, e, f, g, h, s0, s1; - u_int64_t T1, *W512; + u_int64_t T1, W512[16]; int j; - W512 = (u_int64_t *)context->buffer; - /* Initialize registers with the prev. intermediate value */ - a = context->state[0]; - b = context->state[1]; - c = context->state[2]; - d = context->state[3]; - e = context->state[4]; - f = context->state[5]; - g = context->state[6]; - h = context->state[7]; + a = state[0]; + b = state[1]; + c = state[2]; + d = state[3]; + e = state[4]; + f = state[5]; + g = state[6]; + h = state[7]; j = 0; do { @@ -648,14 +636,14 @@ SHA512_Transform(SHA512_CTX *context, const u_int8_t *data) } while (j < 80); /* Compute the current intermediate hash value */ - context->state[0] += a; - context->state[1] += b; - context->state[2] += c; - context->state[3] += d; - context->state[4] += e; - context->state[5] += f; - context->state[6] += g; - context->state[7] += h; + state[0] += a; + state[1] += b; + state[2] += c; + state[3] += d; + state[4] += e; + state[5] += f; + state[6] += g; + state[7] += h; /* Clean up */ a = b = c = d = e = f = g = h = T1 = 0; @@ -664,23 +652,21 @@ SHA512_Transform(SHA512_CTX *context, const u_int8_t *data) #else /* SHA2_UNROLL_TRANSFORM */ void -SHA512_Transform(SHA512_CTX *context, const u_int8_t *data) +SHA512_Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH]) { u_int64_t a, b, c, d, e, f, g, h, s0, s1; - u_int64_t T1, T2, *W512; + u_int64_t T1, T2, W512[16]; int j; - W512 = (u_int64_t *)context->buffer; - /* Initialize registers with the prev. intermediate value */ - a = context->state[0]; - b = context->state[1]; - c = context->state[2]; - d = context->state[3]; - e = context->state[4]; - f = context->state[5]; - g = context->state[6]; - h = context->state[7]; + a = state[0]; + b = state[1]; + c = state[2]; + d = state[3]; + e = state[4]; + f = state[5]; + g = state[6]; + h = state[7]; j = 0; do { @@ -728,14 +714,14 @@ SHA512_Transform(SHA512_CTX *context, const u_int8_t *data) } while (j < 80); /* Compute the current intermediate hash value */ - context->state[0] += a; - context->state[1] += b; - context->state[2] += c; - context->state[3] += d; - context->state[4] += e; - context->state[5] += f; - context->state[6] += g; - context->state[7] += h; + state[0] += a; + state[1] += b; + state[2] += c; + state[3] += d; + state[4] += e; + state[5] += f; + state[6] += g; + state[7] += h; /* Clean up */ a = b = c = d = e = f = g = h = T1 = T2 = 0; @@ -763,7 +749,7 @@ SHA512_Update(SHA512_CTX *context, const u_int8_t *data, size_t len) ADDINC128(context->bitcount, freespace << 3); len -= freespace; data += freespace; - SHA512_Transform(context, context->buffer); + SHA512_Transform(context->state, context->buffer); } else { /* The buffer is not yet full */ memcpy(&context->buffer[usedspace], data, len); @@ -775,7 +761,7 @@ SHA512_Update(SHA512_CTX *context, const u_int8_t *data, size_t len) } while (len >= SHA512_BLOCK_LENGTH) { /* Process as many complete blocks as we can */ - SHA512_Transform(context, data); + SHA512_Transform(context->state, data); ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3); len -= SHA512_BLOCK_LENGTH; data += SHA512_BLOCK_LENGTH; @@ -812,7 +798,7 @@ SHA512_Pad(SHA512_CTX *context) memset(&context->buffer[usedspace], 0, SHA512_BLOCK_LENGTH - usedspace); } /* Do second-to-last transform: */ - SHA512_Transform(context, context->buffer); + SHA512_Transform(context->state, context->buffer); /* And set-up for the last transform: */ memset(context->buffer, 0, SHA512_BLOCK_LENGTH - 2); @@ -829,7 +815,7 @@ SHA512_Pad(SHA512_CTX *context) *(u_int64_t *)&context->buffer[SHA512_SHORT_BLOCK_LENGTH+8] = context->bitcount[0]; /* Final transform: */ - SHA512_Transform(context, context->buffer); + SHA512_Transform(context->state, context->buffer); /* Clean up: */ usedspace = 0; @@ -867,17 +853,14 @@ SHA384_Init(SHA384_CTX *context) { if (context == NULL) return; - memcpy(context->state, sha384_initial_hash_value, SHA512_DIGEST_LENGTH); - memset(context->buffer, 0, SHA384_BLOCK_LENGTH); + memcpy(context->state, sha384_initial_hash_value, + sizeof(sha384_initial_hash_value)); + memset(context->buffer, 0, sizeof(context->buffer)); context->bitcount[0] = context->bitcount[1] = 0; } -void -SHA384_Update(SHA384_CTX *context, const u_int8_t *data, size_t len) -{ - SHA512_Update((SHA512_CTX *)context, data, len); -} - +__weak_alias(SHA384_Transform, SHA512_Transform); +__weak_alias(SHA384_Update, SHA512_Update); __weak_alias(SHA384_Pad, SHA512_Pad); void |