Subversion Repositories planix.SVN

Rev

Rev 2 | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 2 Rev 33
Line 1... Line 1...
1 
/*
 1 
/*
2 
 * sha2_256 block cipher
 2 
 * sha2_256 block cipher - unrolled version
3 
 *
 3 
 *
4 
 * Implementation straight from Federal Information Processing Standards
 - 
 
5 
 * publication 180-2 (+Change Notice to include SHA-224) August 1, 2002
 - 
 
6 
 *   note: the following upper and lower case macro names are distinct
 4 
 *   note: the following upper and lower case macro names are distinct
7 
 *	   and reflect the functions defined in FIPS pub. 180-2.
 5 
 *	   and reflect the functions defined in FIPS pub. 180-2.
8 
 */
 6 
 */
9 
 
 7 
 
10 
#include <u.h>
 8 
#include "os.h"
11 
#include <libc.h>
 - 
 
12 
 
 9 
 
13 
#define ROTR(x,n)	(((x) >> (n)) | ((x) << (32-(n))))
 10 
#define ROTR(x,n)	(((x) >> (n)) | ((x) << (32-(n))))
14 
#define sigma0(x)	(ROTR((x),7) ^ ROTR((x),18) ^ ((x) >> 3))
 11 
#define sigma0(x)	(ROTR((x),7) ^ ROTR((x),18) ^ ((x) >> 3))
15 
#define sigma1(x)	(ROTR((x),17) ^ ROTR((x),19) ^ ((x) >> 10))
 12 
#define sigma1(x)	(ROTR((x),17) ^ ROTR((x),19) ^ ((x) >> 10))
16 
#define SIGMA0(x)	(ROTR((x),2) ^ ROTR((x),13) ^ ROTR((x),22))
 13 
#define SIGMA0(x)	(ROTR((x),2) ^ ROTR((x),13) ^ ROTR((x),22))
17 
#define SIGMA1(x)	(ROTR((x),6) ^ ROTR((x),11) ^ ROTR((x),25))
 14 
#define SIGMA1(x)	(ROTR((x),6) ^ ROTR((x),11) ^ ROTR((x),25))
18 
#define Ch(x,y,z)	(((x) & (y)) ^ ((~(x)) & (z)))
 15 
#define Ch(x,y,z)	((z) ^ ((x) & ((y) ^ (z))))
19 
#define Maj(x,y,z)	(((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
 16 
#define Maj(x,y,z)	(((x) | (y)) & ((z) | ((x) & (y))))
20 
 
 17 
 
21 
/*
 18 
/*
22 
 * first 32 bits of the fractional parts of cube roots of
 19 
 * first 32 bits of the fractional parts of cube roots of
23 
 * first 64 primes (2..311).
 20 
 * first 64 primes (2..311).
24 
 */
 21 
 */
Line 42... Line 39...
42 
};
 39 
};
43 
 
 40 
 
44 
void
 41 
void
45 
_sha2block64(uchar *p, ulong len, u32int *s)
 42 
_sha2block64(uchar *p, ulong len, u32int *s)
46 
{
 43 
{
47 
	u32int a, b, c, d, e, f, g, h, t1, t2;
 44 
	u32int w[16], a, b, c, d, e, f, g, h;
48 
	u32int *kp, *wp;
 - 
 
49 
	u32int w[64];
 - 
 
50 
	uchar *end;
 45 
	uchar *end;
51 
 
 46 
 
52 
	/* at this point, we have a multiple of 64 bytes */
 47 
	/* at this point, we have a multiple of 64 bytes */
53 
	for(end = p+len; p < end;){
 48 
	for(end = p+len; p < end;){
54 
		a = s[0];
 49 
		a = s[0];
Line 58... Line 53...
58 
		e = s[4];
 53 
		e = s[4];
59 
		f = s[5];
 54 
		f = s[5];
60 
		g = s[6];
 55 
		g = s[6];
61 
		h = s[7];
 56 
		h = s[7];
62 
 
 57 
 
63 
		for(wp = w; wp < &w[16]; wp++, p += 4)
 58 
#define STEP(a,b,c,d,e,f,g,h,i) \
- 
 
 59 
	if(i < 16) {\
64 
			wp[0] = p[0] << 24 | p[1] << 16 | p[2] << 8 | p[3];
 60 
		w[i] = p[0]<<24 | p[1]<<16 | p[2]<<8 | p[3]; \
65 
		for(; wp < &w[64]; wp++)
 61 
		p += 4; \
- 
 
 62 
	} else { \
66 
			wp[0] = sigma1(wp[-2]) + wp[-7] +
 63 
		w[i&15] += sigma1(w[i-2&15]) + w[i-7&15] + sigma0(w[i-15&15]); \
- 
 
 64 
	} \
- 
 
 65 
	h += SIGMA1(e) + Ch(e,f,g) + K256[i] + w[i&15]; \
- 
 
 66 
	d += h; \
67 
				sigma0(wp[-15]) + wp[-16];
 67 
	h += SIGMA0(a) + Maj(a,b,c);
68 
 
 68 
 
- 
 
 69 
		STEP(a,b,c,d,e,f,g,h,0);
- 
 
 70 
		STEP(h,a,b,c,d,e,f,g,1);
- 
 
 71 
		STEP(g,h,a,b,c,d,e,f,2);
- 
 
 72 
		STEP(f,g,h,a,b,c,d,e,3);
69 
		for(kp = K256, wp = w; wp < &w[64]; ) {
 73 
		STEP(e,f,g,h,a,b,c,d,4);
70 
			t1 = h + SIGMA1(e) + Ch(e,f,g) + *kp++ + *wp++;
 74 
		STEP(d,e,f,g,h,a,b,c,5);
71 
			t2 = SIGMA0(a) + Maj(a,b,c);
 75 
		STEP(c,d,e,f,g,h,a,b,6);
- 
 
 76 
		STEP(b,c,d,e,f,g,h,a,7);
- 
 
 77 
 
- 
 
 78 
		STEP(a,b,c,d,e,f,g,h,8);
72 
			h = g;
 79 
		STEP(h,a,b,c,d,e,f,g,9);
- 
 
 80 
		STEP(g,h,a,b,c,d,e,f,10);
- 
 
 81 
		STEP(f,g,h,a,b,c,d,e,11);
- 
 
 82 
		STEP(e,f,g,h,a,b,c,d,12);
- 
 
 83 
		STEP(d,e,f,g,h,a,b,c,13);
- 
 
 84 
		STEP(c,d,e,f,g,h,a,b,14);
- 
 
 85 
		STEP(b,c,d,e,f,g,h,a,15);
- 
 
 86 
 
- 
 
 87 
		STEP(a,b,c,d,e,f,g,h,16);
- 
 
 88 
		STEP(h,a,b,c,d,e,f,g,17);
- 
 
 89 
		STEP(g,h,a,b,c,d,e,f,18);
- 
 
 90 
		STEP(f,g,h,a,b,c,d,e,19);
- 
 
 91 
		STEP(e,f,g,h,a,b,c,d,20);
- 
 
 92 
		STEP(d,e,f,g,h,a,b,c,21);
- 
 
 93 
		STEP(c,d,e,f,g,h,a,b,22);
- 
 
 94 
		STEP(b,c,d,e,f,g,h,a,23);
- 
 
 95 
 
- 
 
 96 
		STEP(a,b,c,d,e,f,g,h,24);
- 
 
 97 
		STEP(h,a,b,c,d,e,f,g,25);
73 
			g = f;
 98 
		STEP(g,h,a,b,c,d,e,f,26);
74 
			f = e;
 99 
		STEP(f,g,h,a,b,c,d,e,27);
- 
 
 100 
		STEP(e,f,g,h,a,b,c,d,28);
- 
 
 101 
		STEP(d,e,f,g,h,a,b,c,29);
- 
 
 102 
		STEP(c,d,e,f,g,h,a,b,30);
75 
			e = d + t1;
 103 
		STEP(b,c,d,e,f,g,h,a,31);
- 
 
 104 
 
- 
 
 105 
		STEP(a,b,c,d,e,f,g,h,32);
- 
 
 106 
		STEP(h,a,b,c,d,e,f,g,33);
- 
 
 107 
		STEP(g,h,a,b,c,d,e,f,34);
- 
 
 108 
		STEP(f,g,h,a,b,c,d,e,35);
- 
 
 109 
		STEP(e,f,g,h,a,b,c,d,36);
76 
			d = c;
 110 
		STEP(d,e,f,g,h,a,b,c,37);
77 
			c = b;
 111 
		STEP(c,d,e,f,g,h,a,b,38);
78 
			b = a;
 112 
		STEP(b,c,d,e,f,g,h,a,39);
- 
 
 113 
 
- 
 
 114 
		STEP(a,b,c,d,e,f,g,h,40);
- 
 
 115 
		STEP(h,a,b,c,d,e,f,g,41);
79 
			a = t1 + t2;
 116 
		STEP(g,h,a,b,c,d,e,f,42);
- 
 
 117 
		STEP(f,g,h,a,b,c,d,e,43);
- 
 
 118 
		STEP(e,f,g,h,a,b,c,d,44);
- 
 
 119 
		STEP(d,e,f,g,h,a,b,c,45);
- 
 
 120 
		STEP(c,d,e,f,g,h,a,b,46);
- 
 
 121 
		STEP(b,c,d,e,f,g,h,a,47);
- 
 
 122 
 
- 
 
 123 
		STEP(a,b,c,d,e,f,g,h,48);
- 
 
 124 
		STEP(h,a,b,c,d,e,f,g,49);
- 
 
 125 
		STEP(g,h,a,b,c,d,e,f,50);
- 
 
 126 
		STEP(f,g,h,a,b,c,d,e,51);
- 
 
 127 
		STEP(e,f,g,h,a,b,c,d,52);
- 
 
 128 
		STEP(d,e,f,g,h,a,b,c,53);
- 
 
 129 
		STEP(c,d,e,f,g,h,a,b,54);
- 
 
 130 
		STEP(b,c,d,e,f,g,h,a,55);
80 
		}
 131 
 
- 
 
 132 
		STEP(a,b,c,d,e,f,g,h,56);
- 
 
 133 
		STEP(h,a,b,c,d,e,f,g,57);
- 
 
 134 
		STEP(g,h,a,b,c,d,e,f,58);
- 
 
 135 
		STEP(f,g,h,a,b,c,d,e,59);
- 
 
 136 
		STEP(e,f,g,h,a,b,c,d,60);
- 
 
 137 
		STEP(d,e,f,g,h,a,b,c,61);
- 
 
 138 
		STEP(c,d,e,f,g,h,a,b,62);
- 
 
 139 
		STEP(b,c,d,e,f,g,h,a,63);
81 
 
 140 
 
82 
		/* save state */
 - 
 
83 
		s[0] += a;
 141 
		s[0] += a;
84 
		s[1] += b;
 142 
		s[1] += b;
85 
		s[2] += c;
 143 
		s[2] += c;
86 
		s[3] += d;
 144 
		s[3] += d;
87 
		s[4] += e;
 145 
		s[4] += e;