]>
git.ipfire.org Git - thirdparty/iw.git/blob - sha256.c
5 * @addr: pointers to the data area
6 * @len: Lengths of the data block
7 * @res: Buffer for the digest
8 * Returns: 0 on success, -1 of failure
10 int sha256(const unsigned char *addr
, const size_t len
,
13 struct sha256_state ctx
;
17 if (sha256_process(&ctx
, addr
, len
) || sha256_done(&ctx
, res
))
23 /** ===== start - public domain SHA256 implementation ===== */
25 /** This is based on SHA256 implementation in LibTomCrypt that was released into
26 * public domain by Tom St Denis.
30 static const unsigned long K
[64] = {
31 0x428a2f98UL
, 0x71374491UL
, 0xb5c0fbcfUL
, 0xe9b5dba5UL
, 0x3956c25bUL
,
32 0x59f111f1UL
, 0x923f82a4UL
, 0xab1c5ed5UL
, 0xd807aa98UL
, 0x12835b01UL
,
33 0x243185beUL
, 0x550c7dc3UL
, 0x72be5d74UL
, 0x80deb1feUL
, 0x9bdc06a7UL
,
34 0xc19bf174UL
, 0xe49b69c1UL
, 0xefbe4786UL
, 0x0fc19dc6UL
, 0x240ca1ccUL
,
35 0x2de92c6fUL
, 0x4a7484aaUL
, 0x5cb0a9dcUL
, 0x76f988daUL
, 0x983e5152UL
,
36 0xa831c66dUL
, 0xb00327c8UL
, 0xbf597fc7UL
, 0xc6e00bf3UL
, 0xd5a79147UL
,
37 0x06ca6351UL
, 0x14292967UL
, 0x27b70a85UL
, 0x2e1b2138UL
, 0x4d2c6dfcUL
,
38 0x53380d13UL
, 0x650a7354UL
, 0x766a0abbUL
, 0x81c2c92eUL
, 0x92722c85UL
,
39 0xa2bfe8a1UL
, 0xa81a664bUL
, 0xc24b8b70UL
, 0xc76c51a3UL
, 0xd192e819UL
,
40 0xd6990624UL
, 0xf40e3585UL
, 0x106aa070UL
, 0x19a4c116UL
, 0x1e376c08UL
,
41 0x2748774cUL
, 0x34b0bcb5UL
, 0x391c0cb3UL
, 0x4ed8aa4aUL
, 0x5b9cca4fUL
,
42 0x682e6ff3UL
, 0x748f82eeUL
, 0x78a5636fUL
, 0x84c87814UL
, 0x8cc70208UL
,
43 0x90befffaUL
, 0xa4506cebUL
, 0xbef9a3f7UL
, 0xc67178f2UL
47 /** Various logical functions */
49 (((((unsigned long) (x) & 0xFFFFFFFFUL) >> (unsigned long) ((y) & 31)) | \
50 ((unsigned long) (x) << (unsigned long) (32 - ((y) & 31)))) & 0xFFFFFFFFUL)
51 #define Ch(x, y, z) (z ^ (x & (y ^ z)))
52 #define Maj(x, y, z) (((x | y) & z) | (x & y))
53 #define S(x, n) RORc((x), (n))
54 #define R(x, n) (((x)&0xFFFFFFFFUL)>>(n))
55 #define Sigma0(x) (S(x, 2) ^ S(x, 13) ^ S(x, 22))
56 #define Sigma1(x) (S(x, 6) ^ S(x, 11) ^ S(x, 25))
57 #define Gamma0(x) (S(x, 7) ^ S(x, 18) ^ R(x, 3))
58 #define Gamma1(x) (S(x, 17) ^ S(x, 19) ^ R(x, 10))
60 #define MIN(x, y) (((x) < (y)) ? (x) : (y))
63 /* compress 512-bits */
64 static int sha256_compress(struct sha256_state
*md
, const unsigned char *buf
)
66 __u32 S
[8], W
[64], t0
, t1
;
70 /* copy state into S */
71 for (i
= 0; i
< 8; i
++)
74 /* copy the state into 512-bits into W[0..15] */
75 for (i
= 0; i
< 16; i
++)
76 W
[i
] = LOAD32B(buf
+ (4 * i
));
79 for (i
= 16; i
< 64; i
++)
80 W
[i
] = Gamma1(W
[i
- 2]) + W
[i
- 7] + Gamma0(W
[i
- 15]) + W
[i
- 16];
83 #define RND(a, b, c, d, e, f, g, h, i) \
84 t0 = h + Sigma1(e) + Ch(e, f, g) + K[i] + W[i]; \
85 t1 = Sigma0(a) + Maj(a, b, c); \
89 for (i
= 0; i
< 64; ++i
) {
90 RND(S
[0], S
[1], S
[2], S
[3], S
[4], S
[5], S
[6], S
[7], i
);
91 t
= S
[7]; S
[7] = S
[6]; S
[6] = S
[5]; S
[5] = S
[4];
92 S
[4] = S
[3]; S
[3] = S
[2]; S
[2] = S
[1]; S
[1] = S
[0]; S
[0] = t
;
96 for (i
= 0; i
< 8; i
++)
97 md
->state
[i
] = md
->state
[i
] + S
[i
];
103 /* Initialize the hash state */
104 void sha256_init(struct sha256_state
*md
)
108 md
->state
[0] = 0x6A09E667UL
;
109 md
->state
[1] = 0xBB67AE85UL
;
110 md
->state
[2] = 0x3C6EF372UL
;
111 md
->state
[3] = 0xA54FF53AUL
;
112 md
->state
[4] = 0x510E527FUL
;
113 md
->state
[5] = 0x9B05688CUL
;
114 md
->state
[6] = 0x1F83D9ABUL
;
115 md
->state
[7] = 0x5BE0CD19UL
;
119 * Process a block of memory though the hash
120 * @param md The hash state
121 * @param in The data to hash
122 * @param inlen The length of the data (octets)
123 * @return CRYPT_OK if successful
125 int sha256_process(struct sha256_state
*md
, const unsigned char *in
,
130 if (md
->curlen
>= sizeof(md
->buf
))
134 if (md
->curlen
== 0 && inlen
>= SHA256_BLOCK_SIZE
) {
135 if (sha256_compress(md
, (unsigned char *) in
) < 0)
137 md
->length
+= SHA256_BLOCK_SIZE
* 8;
138 in
+= SHA256_BLOCK_SIZE
;
139 inlen
-= SHA256_BLOCK_SIZE
;
141 n
= MIN(inlen
, (SHA256_BLOCK_SIZE
- md
->curlen
));
142 memcpy(md
->buf
+ md
->curlen
, in
, n
);
146 if (md
->curlen
== SHA256_BLOCK_SIZE
) {
147 if (sha256_compress(md
, md
->buf
) < 0)
149 md
->length
+= 8 * SHA256_BLOCK_SIZE
;
160 * Terminate the hash to get the digest
161 * @param md The hash state
162 * @param out [out] The destination of the hash (32 bytes)
163 * @return CRYPT_OK if successful
165 int sha256_done(struct sha256_state
*md
, unsigned char *out
)
169 if (md
->curlen
>= sizeof(md
->buf
))
172 /* increase the length of the message */
173 md
->length
+= md
->curlen
* 8;
175 /* append the '1' bit */
176 md
->buf
[md
->curlen
++] = (unsigned char) 0x80;
178 /* if the length is currently above 56 bytes we append zeros
179 * then compress. Then we can fall back to padding zeros and length
180 * encoding like normal.
182 if (md
->curlen
> 56) {
183 while (md
->curlen
< SHA256_BLOCK_SIZE
)
184 md
->buf
[md
->curlen
++] = (unsigned char) 0;
186 sha256_compress(md
, md
->buf
);
190 /* pad up to 56 bytes of zeroes */
191 while (md
->curlen
< 56)
192 md
->buf
[md
->curlen
++] = (unsigned char) 0;
195 STORE64B(md
->buf
+ 56, md
->length
);
196 sha256_compress(md
, md
->buf
);
199 for (i
= 0; i
< 8; i
++)
200 STORE32B(out
+ (4 * i
), md
->state
[i
]);
205 /* ===== end - public domain SHA256 implementation ===== */