ray 0.0.1 → 0.1.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gemtest +0 -0
- data/.yardopts +4 -0
- data/README.md +17 -21
- data/Rakefile +18 -139
- data/VERSION +1 -1
- data/ext/audio.cpp +723 -0
- data/ext/{color.c → color.cpp} +25 -13
- data/ext/drawable.cpp +91 -0
- data/ext/event.cpp +460 -0
- data/ext/extconf.rb +5 -104
- data/ext/font.cpp +190 -0
- data/ext/image.cpp +733 -0
- data/ext/input.cpp +74 -0
- data/ext/ray.cpp +168 -0
- data/ext/ray.hpp +356 -0
- data/ext/{rect.c → rect.cpp} +51 -37
- data/ext/shader.cpp +169 -0
- data/ext/shape.cpp +409 -0
- data/ext/sprite.cpp +306 -0
- data/ext/text.cpp +181 -0
- data/ext/vector.cpp +215 -0
- data/guide.md +619 -0
- data/lib/ray/audio.rb +0 -41
- data/lib/ray/color.rb +32 -10
- data/lib/ray/drawable.rb +16 -0
- data/lib/ray/dsl/event_listener.rb +25 -2
- data/lib/ray/dsl/event_runner.rb +33 -5
- data/lib/ray/dsl/event_translator.rb +66 -30
- data/lib/ray/dsl/handler.rb +3 -2
- data/lib/ray/dsl/matcher.rb +58 -14
- data/lib/ray/font.rb +38 -96
- data/lib/ray/font_set.rb +8 -8
- data/lib/ray/game.rb +87 -66
- data/lib/ray/helper.rb +105 -10
- data/lib/ray/image.rb +150 -24
- data/lib/ray/image_set.rb +3 -1
- data/lib/ray/input.rb +10 -0
- data/lib/ray/music_set.rb +5 -3
- data/lib/ray/ray.rb +21 -9
- data/lib/ray/rect.rb +48 -7
- data/lib/ray/rmagick.rb +41 -0
- data/lib/ray/scene.rb +99 -43
- data/lib/ray/scene_list.rb +67 -0
- data/lib/ray/shape.rb +132 -0
- data/lib/ray/sound_set.rb +4 -2
- data/lib/ray/sprite.rb +49 -111
- data/lib/ray/text.rb +101 -0
- data/lib/ray/text_helper.rb +37 -0
- data/lib/ray/turtle.rb +215 -0
- data/lib/ray/vector.rb +226 -0
- data/samples/audio/spacial.rb +44 -0
- data/samples/hello_world/hello.rb +9 -13
- data/samples/hello_world/hello_dsl.rb +8 -12
- data/samples/hello_world/text.rb +15 -0
- data/samples/opengl/binding.rb +38 -0
- data/samples/opengl/image.rb +32 -0
- data/samples/opengl/opengl.rb +34 -0
- data/samples/opengl/shader.rb +42 -0
- data/samples/pong/pong.rb +14 -10
- data/samples/run_scene.rb +53 -0
- data/samples/shaders/scene.rb +40 -0
- data/samples/shaders/shaders.rb +42 -0
- data/samples/shaders/shape.rb +34 -0
- data/samples/sokoban/sokoban.rb +18 -18
- data/samples/test/actual_scene.rb +41 -0
- data/samples/test/scene_riot.rb +39 -0
- data/samples/test/scene_spec.rb +32 -0
- data/samples/test/scene_test_unit.rb +25 -0
- data/samples/turtle/byzantium.rb +45 -0
- data/samples/turtle/hilbert.rb +48 -0
- data/samples/turtle/koch.rb +55 -0
- data/samples/turtle/mandala.rb +61 -0
- data/samples/turtle/tree.rb +57 -0
- data/test/audio_test.rb +69 -0
- data/test/color_test.rb +77 -0
- data/test/drawable_test.rb +19 -0
- data/test/dsl_test.rb +93 -0
- data/test/font_test.rb +57 -0
- data/test/helpers.rb +94 -0
- data/test/image_test.rb +82 -0
- data/test/ray_test.rb +25 -0
- data/test/rect_test.rb +121 -0
- data/{spec → test}/res/VeraMono.ttf +0 -0
- data/{spec → test}/res/aqua.bmp +0 -0
- data/{spec → test}/res/aqua.png +0 -0
- data/{spec → test}/res/aqua2.bmp +0 -0
- data/{spec → test}/res/not_a_jpeg.jpeg +0 -0
- data/{spec → test}/res/pop.wav +0 -0
- data/test/resource_set_test.rb +99 -0
- data/test/run_all.rb +7 -0
- data/test/shape_test.rb +101 -0
- data/test/sprite_test.rb +89 -0
- data/test/text_test.rb +78 -0
- data/test/turtle_test.rb +176 -0
- data/test/vector_test.rb +111 -0
- data/yard_ext.rb +0 -28
- metadata +95 -139
- data/.gitignore +0 -23
- data/.gitmodules +0 -3
- data/.rspec +0 -3
- data/ext/audio.c +0 -473
- data/ext/event.c +0 -557
- data/ext/font.c +0 -287
- data/ext/image.c +0 -933
- data/ext/joystick.c +0 -145
- data/ext/ray.c +0 -489
- data/ext/ray.h +0 -245
- data/ext/ray_osx.m +0 -161
- data/lib/ray/joystick.rb +0 -30
- data/psp/SDL_psp_main.c +0 -84
- data/psp/bigdecimal/README +0 -60
- data/psp/bigdecimal/bigdecimal.c +0 -4697
- data/psp/bigdecimal/bigdecimal.h +0 -216
- data/psp/bigdecimal/lib/bigdecimal/jacobian.rb +0 -85
- data/psp/bigdecimal/lib/bigdecimal/ludcmp.rb +0 -84
- data/psp/bigdecimal/lib/bigdecimal/math.rb +0 -235
- data/psp/bigdecimal/lib/bigdecimal/newton.rb +0 -77
- data/psp/bigdecimal/lib/bigdecimal/util.rb +0 -65
- data/psp/digest/bubblebabble/bubblebabble.c +0 -142
- data/psp/digest/defs.h +0 -20
- data/psp/digest/digest.c +0 -643
- data/psp/digest/digest.h +0 -32
- data/psp/digest/lib/digest.rb +0 -50
- data/psp/digest/lib/md5.rb +0 -27
- data/psp/digest/lib/sha1.rb +0 -27
- data/psp/digest/md5/md5.c +0 -420
- data/psp/digest/md5/md5.h +0 -80
- data/psp/digest/md5/md5init.c +0 -40
- data/psp/digest/rmd160/rmd160.c +0 -457
- data/psp/digest/rmd160/rmd160.h +0 -56
- data/psp/digest/rmd160/rmd160init.c +0 -40
- data/psp/digest/sha1/sha1.c +0 -269
- data/psp/digest/sha1/sha1.h +0 -39
- data/psp/digest/sha1/sha1init.c +0 -40
- data/psp/digest/sha2/lib/sha2.rb +0 -73
- data/psp/digest/sha2/sha2.c +0 -919
- data/psp/digest/sha2/sha2.h +0 -109
- data/psp/digest/sha2/sha2init.c +0 -52
- data/psp/enumerator/enumerator.c +0 -298
- data/psp/etc/etc.c +0 -559
- data/psp/ext.c +0 -289
- data/psp/fcntl/fcntl.c +0 -187
- data/psp/lib/rbconfig.rb +0 -178
- data/psp/nkf/lib/kconv.rb +0 -367
- data/psp/nkf/nkf-utf8/config.h +0 -88
- data/psp/nkf/nkf-utf8/nkf.c +0 -6040
- data/psp/nkf/nkf-utf8/utf8tbl.c +0 -8500
- data/psp/nkf/nkf-utf8/utf8tbl.h +0 -34
- data/psp/nkf/nkf.c +0 -654
- data/psp/socket/addrinfo.h +0 -173
- data/psp/socket/getaddrinfo.c +0 -676
- data/psp/socket/getnameinfo.c +0 -270
- data/psp/socket/pspsocket.c +0 -71
- data/psp/socket/pspsocket.h +0 -28
- data/psp/socket/socket.c +0 -4662
- data/psp/socket/sockport.h +0 -76
- data/psp/stringio/stringio.c +0 -1306
- data/psp/strscan/strscan.c +0 -1320
- data/psp/syck/bytecode.c +0 -1166
- data/psp/syck/emitter.c +0 -1242
- data/psp/syck/gram.c +0 -1894
- data/psp/syck/gram.h +0 -79
- data/psp/syck/handler.c +0 -174
- data/psp/syck/implicit.c +0 -2990
- data/psp/syck/node.c +0 -408
- data/psp/syck/rubyext.c +0 -2367
- data/psp/syck/syck.c +0 -504
- data/psp/syck/syck.h +0 -456
- data/psp/syck/token.c +0 -2725
- data/psp/syck/yaml2byte.c +0 -257
- data/psp/syck/yamlbyte.h +0 -170
- data/psp/thread/thread.c +0 -1175
- data/psp/zlib/zlib.c +0 -3547
- data/script.rb +0 -10
- data/spec/ray/audio_spec.rb +0 -146
- data/spec/ray/color_spec.rb +0 -57
- data/spec/ray/event_spec.rb +0 -80
- data/spec/ray/font_spec.rb +0 -93
- data/spec/ray/image_set_spec.rb +0 -48
- data/spec/ray/image_spec.rb +0 -162
- data/spec/ray/joystick_spec.rb +0 -21
- data/spec/ray/matcher_spec.rb +0 -50
- data/spec/ray/ray_spec.rb +0 -88
- data/spec/ray/rect_spec.rb +0 -154
- data/spec/ray/resource_set_spec.rb +0 -105
- data/spec/ray/sprite_spec.rb +0 -163
- data/spec/spec.opts +0 -4
- data/spec/spec_helper.rb +0 -8
data/psp/digest/sha2/sha2.c
DELETED
@@ -1,919 +0,0 @@
|
|
1
|
-
/*
|
2
|
-
* sha2.c
|
3
|
-
*
|
4
|
-
* Version 1.0.0beta1
|
5
|
-
*
|
6
|
-
* Written by Aaron D. Gifford <me@aarongifford.com>
|
7
|
-
*
|
8
|
-
* Copyright 2000 Aaron D. Gifford. All rights reserved.
|
9
|
-
*
|
10
|
-
* Redistribution and use in source and binary forms, with or without
|
11
|
-
* modification, are permitted provided that the following conditions
|
12
|
-
* are met:
|
13
|
-
* 1. Redistributions of source code must retain the above copyright
|
14
|
-
* notice, this list of conditions and the following disclaimer.
|
15
|
-
* 2. Redistributions in binary form must reproduce the above copyright
|
16
|
-
* notice, this list of conditions and the following disclaimer in the
|
17
|
-
* documentation and/or other materials provided with the distribution.
|
18
|
-
* 3. Neither the name of the copyright holder nor the names of contributors
|
19
|
-
* may be used to endorse or promote products derived from this software
|
20
|
-
* without specific prior written permission.
|
21
|
-
*
|
22
|
-
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) AND CONTRIBUTOR(S) ``AS IS'' AND
|
23
|
-
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
24
|
-
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
25
|
-
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) OR CONTRIBUTOR(S) BE LIABLE
|
26
|
-
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
27
|
-
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
28
|
-
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
29
|
-
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
30
|
-
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
31
|
-
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
32
|
-
* SUCH DAMAGE.
|
33
|
-
*
|
34
|
-
*/
|
35
|
-
|
36
|
-
/* $RoughId: sha2.c,v 1.3 2002/02/26 22:03:36 knu Exp $ */
|
37
|
-
/* $Id: sha2.c 11708 2007-02-12 23:01:19Z shyouhei $ */
|
38
|
-
|
39
|
-
#include "sha2.h"
|
40
|
-
#include <stdio.h>
|
41
|
-
#include <string.h> /* memcpy()/memset() or bcopy()/bzero() */
|
42
|
-
#include <assert.h> /* assert() */
|
43
|
-
|
44
|
-
/*
|
45
|
-
* ASSERT NOTE:
|
46
|
-
* Some sanity checking code is included using assert(). On my FreeBSD
|
47
|
-
* system, this additional code can be removed by compiling with NDEBUG
|
48
|
-
* defined. Check your own systems manpage on assert() to see how to
|
49
|
-
* compile WITHOUT the sanity checking code on your system.
|
50
|
-
*
|
51
|
-
* UNROLLED TRANSFORM LOOP NOTE:
|
52
|
-
* You can define SHA2_UNROLL_TRANSFORM to use the unrolled transform
|
53
|
-
* loop version for the hash transform rounds (defined using macros
|
54
|
-
* later in this file). Either define on the command line, for example:
|
55
|
-
*
|
56
|
-
* cc -DSHA2_UNROLL_TRANSFORM -o sha2 sha2.c sha2prog.c
|
57
|
-
*
|
58
|
-
* or define below:
|
59
|
-
*
|
60
|
-
* #define SHA2_UNROLL_TRANSFORM
|
61
|
-
*
|
62
|
-
*/
|
63
|
-
|
64
|
-
|
65
|
-
/*** SHA-256/384/512 Machine Architecture Definitions *****************/
|
66
|
-
typedef uint8_t sha2_byte; /* Exactly 1 byte */
|
67
|
-
typedef uint32_t sha2_word32; /* Exactly 4 bytes */
|
68
|
-
typedef uint64_t sha2_word64; /* Exactly 8 bytes */
|
69
|
-
|
70
|
-
#if defined(__GNUC__) || defined(_HPUX_SOURCE) || defined(__IBMC__)
|
71
|
-
#define ULL(number) number##ULL
|
72
|
-
#else
|
73
|
-
#define ULL(number) (uint64_t)(number)
|
74
|
-
#endif
|
75
|
-
|
76
|
-
|
77
|
-
/*** SHA-256/384/512 Various Length Definitions ***********************/
|
78
|
-
/* NOTE: Most of these are in sha2.h */
|
79
|
-
#define SHA256_SHORT_BLOCK_LENGTH (SHA256_BLOCK_LENGTH - 8)
|
80
|
-
#define SHA384_SHORT_BLOCK_LENGTH (SHA384_BLOCK_LENGTH - 16)
|
81
|
-
#define SHA512_SHORT_BLOCK_LENGTH (SHA512_BLOCK_LENGTH - 16)
|
82
|
-
|
83
|
-
|
84
|
-
/*** ENDIAN REVERSAL MACROS *******************************************/
|
85
|
-
#ifndef WORDS_BIGENDIAN
|
86
|
-
#define REVERSE32(w,x) { \
|
87
|
-
sha2_word32 tmp = (w); \
|
88
|
-
tmp = (tmp >> 16) | (tmp << 16); \
|
89
|
-
(x) = ((tmp & 0xff00ff00UL) >> 8) | ((tmp & 0x00ff00ffUL) << 8); \
|
90
|
-
}
|
91
|
-
#define REVERSE64(w,x) { \
|
92
|
-
sha2_word64 tmp = (w); \
|
93
|
-
tmp = (tmp >> 32) | (tmp << 32); \
|
94
|
-
tmp = ((tmp & ULL(0xff00ff00ff00ff00)) >> 8) | \
|
95
|
-
((tmp & ULL(0x00ff00ff00ff00ff)) << 8); \
|
96
|
-
(x) = ((tmp & ULL(0xffff0000ffff0000)) >> 16) | \
|
97
|
-
((tmp & ULL(0x0000ffff0000ffff)) << 16); \
|
98
|
-
}
|
99
|
-
#endif
|
100
|
-
|
101
|
-
/*
|
102
|
-
* Macro for incrementally adding the unsigned 64-bit integer n to the
|
103
|
-
* unsigned 128-bit integer (represented using a two-element array of
|
104
|
-
* 64-bit words):
|
105
|
-
*/
|
106
|
-
#define ADDINC128(w,n) { \
|
107
|
-
(w)[0] += (sha2_word64)(n); \
|
108
|
-
if ((w)[0] < (n)) { \
|
109
|
-
(w)[1]++; \
|
110
|
-
} \
|
111
|
-
}
|
112
|
-
|
113
|
-
/*
|
114
|
-
* Macros for copying blocks of memory and for zeroing out ranges
|
115
|
-
* of memory. Using these macros makes it easy to switch from
|
116
|
-
* using memset()/memcpy() and using bzero()/bcopy().
|
117
|
-
*
|
118
|
-
* Please define either SHA2_USE_MEMSET_MEMCPY or define
|
119
|
-
* SHA2_USE_BZERO_BCOPY depending on which function set you
|
120
|
-
* choose to use:
|
121
|
-
*/
|
122
|
-
#if !defined(SHA2_USE_MEMSET_MEMCPY) && !defined(SHA2_USE_BZERO_BCOPY)
|
123
|
-
/* Default to memset()/memcpy() if no option is specified */
|
124
|
-
#define SHA2_USE_MEMSET_MEMCPY 1
|
125
|
-
#endif
|
126
|
-
#if defined(SHA2_USE_MEMSET_MEMCPY) && defined(SHA2_USE_BZERO_BCOPY)
|
127
|
-
/* Abort with an error if BOTH options are defined */
|
128
|
-
#error Define either SHA2_USE_MEMSET_MEMCPY or SHA2_USE_BZERO_BCOPY, not both!
|
129
|
-
#endif
|
130
|
-
|
131
|
-
#ifdef SHA2_USE_MEMSET_MEMCPY
|
132
|
-
#define MEMSET_BZERO(p,l) memset((p), 0, (l))
|
133
|
-
#define MEMCPY_BCOPY(d,s,l) memcpy((d), (s), (l))
|
134
|
-
#endif
|
135
|
-
#ifdef SHA2_USE_BZERO_BCOPY
|
136
|
-
#define MEMSET_BZERO(p,l) bzero((p), (l))
|
137
|
-
#define MEMCPY_BCOPY(d,s,l) bcopy((s), (d), (l))
|
138
|
-
#endif
|
139
|
-
|
140
|
-
|
141
|
-
/*** THE SIX LOGICAL FUNCTIONS ****************************************/
|
142
|
-
/*
|
143
|
-
* Bit shifting and rotation (used by the six SHA-XYZ logical functions:
|
144
|
-
*
|
145
|
-
* NOTE: The naming of R and S appears backwards here (R is a SHIFT and
|
146
|
-
* S is a ROTATION) because the SHA-256/384/512 description document
|
147
|
-
* (see http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf) uses this
|
148
|
-
* same "backwards" definition.
|
149
|
-
*/
|
150
|
-
/* Shift-right (used in SHA-256, SHA-384, and SHA-512): */
|
151
|
-
#define R(b,x) ((x) >> (b))
|
152
|
-
/* 32-bit Rotate-right (used in SHA-256): */
|
153
|
-
#define S32(b,x) (((x) >> (b)) | ((x) << (32 - (b))))
|
154
|
-
/* 64-bit Rotate-right (used in SHA-384 and SHA-512): */
|
155
|
-
#define S64(b,x) (((x) >> (b)) | ((x) << (64 - (b))))
|
156
|
-
|
157
|
-
/* Two of six logical functions used in SHA-256, SHA-384, and SHA-512: */
|
158
|
-
#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
|
159
|
-
#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
|
160
|
-
|
161
|
-
/* Four of six logical functions used in SHA-256: */
|
162
|
-
#define Sigma0_256(x) (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x)))
|
163
|
-
#define Sigma1_256(x) (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x)))
|
164
|
-
#define sigma0_256(x) (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x)))
|
165
|
-
#define sigma1_256(x) (S32(17, (x)) ^ S32(19, (x)) ^ R(10, (x)))
|
166
|
-
|
167
|
-
/* Four of six logical functions used in SHA-384 and SHA-512: */
|
168
|
-
#define Sigma0_512(x) (S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x)))
|
169
|
-
#define Sigma1_512(x) (S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x)))
|
170
|
-
#define sigma0_512(x) (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x)))
|
171
|
-
#define sigma1_512(x) (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x)))
|
172
|
-
|
173
|
-
/*** INTERNAL FUNCTION PROTOTYPES *************************************/
|
174
|
-
/* NOTE: These should not be accessed directly from outside this
|
175
|
-
* library -- they are intended for private internal visibility/use
|
176
|
-
* only.
|
177
|
-
*/
|
178
|
-
void SHA512_Last(SHA512_CTX*);
|
179
|
-
void SHA256_Transform(SHA256_CTX*, const sha2_word32*);
|
180
|
-
void SHA512_Transform(SHA512_CTX*, const sha2_word64*);
|
181
|
-
|
182
|
-
|
183
|
-
/*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/
|
184
|
-
/* Hash constant words K for SHA-256: */
|
185
|
-
const static sha2_word32 K256[64] = {
|
186
|
-
0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL,
|
187
|
-
0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL,
|
188
|
-
0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL,
|
189
|
-
0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL,
|
190
|
-
0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
|
191
|
-
0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL,
|
192
|
-
0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL,
|
193
|
-
0xc6e00bf3UL, 0xd5a79147UL, 0x06ca6351UL, 0x14292967UL,
|
194
|
-
0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL,
|
195
|
-
0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
|
196
|
-
0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL,
|
197
|
-
0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL,
|
198
|
-
0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL,
|
199
|
-
0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL,
|
200
|
-
0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
|
201
|
-
0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
|
202
|
-
};
|
203
|
-
|
204
|
-
/* Initial hash value H for SHA-256: */
|
205
|
-
const static sha2_word32 sha256_initial_hash_value[8] = {
|
206
|
-
0x6a09e667UL,
|
207
|
-
0xbb67ae85UL,
|
208
|
-
0x3c6ef372UL,
|
209
|
-
0xa54ff53aUL,
|
210
|
-
0x510e527fUL,
|
211
|
-
0x9b05688cUL,
|
212
|
-
0x1f83d9abUL,
|
213
|
-
0x5be0cd19UL
|
214
|
-
};
|
215
|
-
|
216
|
-
/* Hash constant words K for SHA-384 and SHA-512: */
|
217
|
-
const static sha2_word64 K512[80] = {
|
218
|
-
ULL(0x428a2f98d728ae22), ULL(0x7137449123ef65cd),
|
219
|
-
ULL(0xb5c0fbcfec4d3b2f), ULL(0xe9b5dba58189dbbc),
|
220
|
-
ULL(0x3956c25bf348b538), ULL(0x59f111f1b605d019),
|
221
|
-
ULL(0x923f82a4af194f9b), ULL(0xab1c5ed5da6d8118),
|
222
|
-
ULL(0xd807aa98a3030242), ULL(0x12835b0145706fbe),
|
223
|
-
ULL(0x243185be4ee4b28c), ULL(0x550c7dc3d5ffb4e2),
|
224
|
-
ULL(0x72be5d74f27b896f), ULL(0x80deb1fe3b1696b1),
|
225
|
-
ULL(0x9bdc06a725c71235), ULL(0xc19bf174cf692694),
|
226
|
-
ULL(0xe49b69c19ef14ad2), ULL(0xefbe4786384f25e3),
|
227
|
-
ULL(0x0fc19dc68b8cd5b5), ULL(0x240ca1cc77ac9c65),
|
228
|
-
ULL(0x2de92c6f592b0275), ULL(0x4a7484aa6ea6e483),
|
229
|
-
ULL(0x5cb0a9dcbd41fbd4), ULL(0x76f988da831153b5),
|
230
|
-
ULL(0x983e5152ee66dfab), ULL(0xa831c66d2db43210),
|
231
|
-
ULL(0xb00327c898fb213f), ULL(0xbf597fc7beef0ee4),
|
232
|
-
ULL(0xc6e00bf33da88fc2), ULL(0xd5a79147930aa725),
|
233
|
-
ULL(0x06ca6351e003826f), ULL(0x142929670a0e6e70),
|
234
|
-
ULL(0x27b70a8546d22ffc), ULL(0x2e1b21385c26c926),
|
235
|
-
ULL(0x4d2c6dfc5ac42aed), ULL(0x53380d139d95b3df),
|
236
|
-
ULL(0x650a73548baf63de), ULL(0x766a0abb3c77b2a8),
|
237
|
-
ULL(0x81c2c92e47edaee6), ULL(0x92722c851482353b),
|
238
|
-
ULL(0xa2bfe8a14cf10364), ULL(0xa81a664bbc423001),
|
239
|
-
ULL(0xc24b8b70d0f89791), ULL(0xc76c51a30654be30),
|
240
|
-
ULL(0xd192e819d6ef5218), ULL(0xd69906245565a910),
|
241
|
-
ULL(0xf40e35855771202a), ULL(0x106aa07032bbd1b8),
|
242
|
-
ULL(0x19a4c116b8d2d0c8), ULL(0x1e376c085141ab53),
|
243
|
-
ULL(0x2748774cdf8eeb99), ULL(0x34b0bcb5e19b48a8),
|
244
|
-
ULL(0x391c0cb3c5c95a63), ULL(0x4ed8aa4ae3418acb),
|
245
|
-
ULL(0x5b9cca4f7763e373), ULL(0x682e6ff3d6b2b8a3),
|
246
|
-
ULL(0x748f82ee5defb2fc), ULL(0x78a5636f43172f60),
|
247
|
-
ULL(0x84c87814a1f0ab72), ULL(0x8cc702081a6439ec),
|
248
|
-
ULL(0x90befffa23631e28), ULL(0xa4506cebde82bde9),
|
249
|
-
ULL(0xbef9a3f7b2c67915), ULL(0xc67178f2e372532b),
|
250
|
-
ULL(0xca273eceea26619c), ULL(0xd186b8c721c0c207),
|
251
|
-
ULL(0xeada7dd6cde0eb1e), ULL(0xf57d4f7fee6ed178),
|
252
|
-
ULL(0x06f067aa72176fba), ULL(0x0a637dc5a2c898a6),
|
253
|
-
ULL(0x113f9804bef90dae), ULL(0x1b710b35131c471b),
|
254
|
-
ULL(0x28db77f523047d84), ULL(0x32caab7b40c72493),
|
255
|
-
ULL(0x3c9ebe0a15c9bebc), ULL(0x431d67c49c100d4c),
|
256
|
-
ULL(0x4cc5d4becb3e42b6), ULL(0x597f299cfc657e2a),
|
257
|
-
ULL(0x5fcb6fab3ad6faec), ULL(0x6c44198c4a475817)
|
258
|
-
};
|
259
|
-
|
260
|
-
/* Initial hash value H for SHA-384 */
|
261
|
-
const static sha2_word64 sha384_initial_hash_value[8] = {
|
262
|
-
ULL(0xcbbb9d5dc1059ed8),
|
263
|
-
ULL(0x629a292a367cd507),
|
264
|
-
ULL(0x9159015a3070dd17),
|
265
|
-
ULL(0x152fecd8f70e5939),
|
266
|
-
ULL(0x67332667ffc00b31),
|
267
|
-
ULL(0x8eb44a8768581511),
|
268
|
-
ULL(0xdb0c2e0d64f98fa7),
|
269
|
-
ULL(0x47b5481dbefa4fa4)
|
270
|
-
};
|
271
|
-
|
272
|
-
/* Initial hash value H for SHA-512 */
|
273
|
-
const static sha2_word64 sha512_initial_hash_value[8] = {
|
274
|
-
ULL(0x6a09e667f3bcc908),
|
275
|
-
ULL(0xbb67ae8584caa73b),
|
276
|
-
ULL(0x3c6ef372fe94f82b),
|
277
|
-
ULL(0xa54ff53a5f1d36f1),
|
278
|
-
ULL(0x510e527fade682d1),
|
279
|
-
ULL(0x9b05688c2b3e6c1f),
|
280
|
-
ULL(0x1f83d9abfb41bd6b),
|
281
|
-
ULL(0x5be0cd19137e2179)
|
282
|
-
};
|
283
|
-
|
284
|
-
|
285
|
-
/*** SHA-256: *********************************************************/
|
286
|
-
void SHA256_Init(SHA256_CTX* context) {
|
287
|
-
if (context == (SHA256_CTX*)0) {
|
288
|
-
return;
|
289
|
-
}
|
290
|
-
MEMCPY_BCOPY(context->state, sha256_initial_hash_value, SHA256_DIGEST_LENGTH);
|
291
|
-
MEMSET_BZERO(context->buffer, SHA256_BLOCK_LENGTH);
|
292
|
-
context->bitcount = 0;
|
293
|
-
}
|
294
|
-
|
295
|
-
#ifdef SHA2_UNROLL_TRANSFORM
|
296
|
-
|
297
|
-
/* Unrolled SHA-256 round macros: */
|
298
|
-
|
299
|
-
#ifndef WORDS_BIGENDIAN
|
300
|
-
|
301
|
-
#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \
|
302
|
-
REVERSE32(*data++, W256[j]); \
|
303
|
-
T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \
|
304
|
-
K256[j] + W256[j]; \
|
305
|
-
(d) += T1; \
|
306
|
-
(h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \
|
307
|
-
j++
|
308
|
-
|
309
|
-
|
310
|
-
#else
|
311
|
-
|
312
|
-
#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \
|
313
|
-
T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \
|
314
|
-
K256[j] + (W256[j] = *data++); \
|
315
|
-
(d) += T1; \
|
316
|
-
(h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \
|
317
|
-
j++
|
318
|
-
|
319
|
-
#endif
|
320
|
-
|
321
|
-
#define ROUND256(a,b,c,d,e,f,g,h) \
|
322
|
-
s0 = W256[(j+1)&0x0f]; \
|
323
|
-
s0 = sigma0_256(s0); \
|
324
|
-
s1 = W256[(j+14)&0x0f]; \
|
325
|
-
s1 = sigma1_256(s1); \
|
326
|
-
T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + K256[j] + \
|
327
|
-
(W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0); \
|
328
|
-
(d) += T1; \
|
329
|
-
(h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \
|
330
|
-
j++
|
331
|
-
|
332
|
-
void SHA256_Transform(SHA256_CTX* context, const sha2_word32* data) {
|
333
|
-
sha2_word32 a, b, c, d, e, f, g, h, s0, s1;
|
334
|
-
sha2_word32 T1, *W256;
|
335
|
-
int j;
|
336
|
-
|
337
|
-
W256 = (sha2_word32*)context->buffer;
|
338
|
-
|
339
|
-
/* Initialize registers with the prev. intermediate value */
|
340
|
-
a = context->state[0];
|
341
|
-
b = context->state[1];
|
342
|
-
c = context->state[2];
|
343
|
-
d = context->state[3];
|
344
|
-
e = context->state[4];
|
345
|
-
f = context->state[5];
|
346
|
-
g = context->state[6];
|
347
|
-
h = context->state[7];
|
348
|
-
|
349
|
-
j = 0;
|
350
|
-
do {
|
351
|
-
/* Rounds 0 to 15 (unrolled): */
|
352
|
-
ROUND256_0_TO_15(a,b,c,d,e,f,g,h);
|
353
|
-
ROUND256_0_TO_15(h,a,b,c,d,e,f,g);
|
354
|
-
ROUND256_0_TO_15(g,h,a,b,c,d,e,f);
|
355
|
-
ROUND256_0_TO_15(f,g,h,a,b,c,d,e);
|
356
|
-
ROUND256_0_TO_15(e,f,g,h,a,b,c,d);
|
357
|
-
ROUND256_0_TO_15(d,e,f,g,h,a,b,c);
|
358
|
-
ROUND256_0_TO_15(c,d,e,f,g,h,a,b);
|
359
|
-
ROUND256_0_TO_15(b,c,d,e,f,g,h,a);
|
360
|
-
} while (j < 16);
|
361
|
-
|
362
|
-
/* Now for the remaining rounds to 64: */
|
363
|
-
do {
|
364
|
-
ROUND256(a,b,c,d,e,f,g,h);
|
365
|
-
ROUND256(h,a,b,c,d,e,f,g);
|
366
|
-
ROUND256(g,h,a,b,c,d,e,f);
|
367
|
-
ROUND256(f,g,h,a,b,c,d,e);
|
368
|
-
ROUND256(e,f,g,h,a,b,c,d);
|
369
|
-
ROUND256(d,e,f,g,h,a,b,c);
|
370
|
-
ROUND256(c,d,e,f,g,h,a,b);
|
371
|
-
ROUND256(b,c,d,e,f,g,h,a);
|
372
|
-
} while (j < 64);
|
373
|
-
|
374
|
-
/* Compute the current intermediate hash value */
|
375
|
-
context->state[0] += a;
|
376
|
-
context->state[1] += b;
|
377
|
-
context->state[2] += c;
|
378
|
-
context->state[3] += d;
|
379
|
-
context->state[4] += e;
|
380
|
-
context->state[5] += f;
|
381
|
-
context->state[6] += g;
|
382
|
-
context->state[7] += h;
|
383
|
-
|
384
|
-
/* Clean up */
|
385
|
-
a = b = c = d = e = f = g = h = T1 = 0;
|
386
|
-
}
|
387
|
-
|
388
|
-
#else /* SHA2_UNROLL_TRANSFORM */
|
389
|
-
|
390
|
-
void SHA256_Transform(SHA256_CTX* context, const sha2_word32* data) {
|
391
|
-
sha2_word32 a, b, c, d, e, f, g, h, s0, s1;
|
392
|
-
sha2_word32 T1, T2, *W256;
|
393
|
-
int j;
|
394
|
-
|
395
|
-
W256 = (sha2_word32*)context->buffer;
|
396
|
-
|
397
|
-
/* Initialize registers with the prev. intermediate value */
|
398
|
-
a = context->state[0];
|
399
|
-
b = context->state[1];
|
400
|
-
c = context->state[2];
|
401
|
-
d = context->state[3];
|
402
|
-
e = context->state[4];
|
403
|
-
f = context->state[5];
|
404
|
-
g = context->state[6];
|
405
|
-
h = context->state[7];
|
406
|
-
|
407
|
-
j = 0;
|
408
|
-
do {
|
409
|
-
#ifndef WORDS_BIGENDIAN
|
410
|
-
/* Copy data while converting to host byte order */
|
411
|
-
REVERSE32(*data++,W256[j]);
|
412
|
-
/* Apply the SHA-256 compression function to update a..h */
|
413
|
-
T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + W256[j];
|
414
|
-
#else
|
415
|
-
/* Apply the SHA-256 compression function to update a..h with copy */
|
416
|
-
T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + (W256[j] = *data++);
|
417
|
-
#endif
|
418
|
-
T2 = Sigma0_256(a) + Maj(a, b, c);
|
419
|
-
h = g;
|
420
|
-
g = f;
|
421
|
-
f = e;
|
422
|
-
e = d + T1;
|
423
|
-
d = c;
|
424
|
-
c = b;
|
425
|
-
b = a;
|
426
|
-
a = T1 + T2;
|
427
|
-
|
428
|
-
j++;
|
429
|
-
} while (j < 16);
|
430
|
-
|
431
|
-
do {
|
432
|
-
/* Part of the message block expansion: */
|
433
|
-
s0 = W256[(j+1)&0x0f];
|
434
|
-
s0 = sigma0_256(s0);
|
435
|
-
s1 = W256[(j+14)&0x0f];
|
436
|
-
s1 = sigma1_256(s1);
|
437
|
-
|
438
|
-
/* Apply the SHA-256 compression function to update a..h */
|
439
|
-
T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] +
|
440
|
-
(W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0);
|
441
|
-
T2 = Sigma0_256(a) + Maj(a, b, c);
|
442
|
-
h = g;
|
443
|
-
g = f;
|
444
|
-
f = e;
|
445
|
-
e = d + T1;
|
446
|
-
d = c;
|
447
|
-
c = b;
|
448
|
-
b = a;
|
449
|
-
a = T1 + T2;
|
450
|
-
|
451
|
-
j++;
|
452
|
-
} while (j < 64);
|
453
|
-
|
454
|
-
/* Compute the current intermediate hash value */
|
455
|
-
context->state[0] += a;
|
456
|
-
context->state[1] += b;
|
457
|
-
context->state[2] += c;
|
458
|
-
context->state[3] += d;
|
459
|
-
context->state[4] += e;
|
460
|
-
context->state[5] += f;
|
461
|
-
context->state[6] += g;
|
462
|
-
context->state[7] += h;
|
463
|
-
|
464
|
-
/* Clean up */
|
465
|
-
a = b = c = d = e = f = g = h = T1 = T2 = 0;
|
466
|
-
}
|
467
|
-
|
468
|
-
#endif /* SHA2_UNROLL_TRANSFORM */
|
469
|
-
|
470
|
-
void SHA256_Update(SHA256_CTX* context, const sha2_byte *data, size_t len) {
|
471
|
-
unsigned int freespace, usedspace;
|
472
|
-
|
473
|
-
if (len == 0) {
|
474
|
-
/* Calling with no data is valid - we do nothing */
|
475
|
-
return;
|
476
|
-
}
|
477
|
-
|
478
|
-
/* Sanity check: */
|
479
|
-
assert(context != NULL && data != NULL);
|
480
|
-
|
481
|
-
usedspace = (context->bitcount >> 3) % SHA256_BLOCK_LENGTH;
|
482
|
-
if (usedspace > 0) {
|
483
|
-
/* Calculate how much free space is available in the buffer */
|
484
|
-
freespace = SHA256_BLOCK_LENGTH - usedspace;
|
485
|
-
|
486
|
-
if (len >= freespace) {
|
487
|
-
/* Fill the buffer completely and process it */
|
488
|
-
MEMCPY_BCOPY(&context->buffer[usedspace], data, freespace);
|
489
|
-
context->bitcount += freespace << 3;
|
490
|
-
len -= freespace;
|
491
|
-
data += freespace;
|
492
|
-
SHA256_Transform(context, (sha2_word32*)context->buffer);
|
493
|
-
} else {
|
494
|
-
/* The buffer is not yet full */
|
495
|
-
MEMCPY_BCOPY(&context->buffer[usedspace], data, len);
|
496
|
-
context->bitcount += len << 3;
|
497
|
-
/* Clean up: */
|
498
|
-
usedspace = freespace = 0;
|
499
|
-
return;
|
500
|
-
}
|
501
|
-
}
|
502
|
-
while (len >= SHA256_BLOCK_LENGTH) {
|
503
|
-
/* Process as many complete blocks as we can */
|
504
|
-
SHA256_Transform(context, (const sha2_word32*)data);
|
505
|
-
context->bitcount += SHA256_BLOCK_LENGTH << 3;
|
506
|
-
len -= SHA256_BLOCK_LENGTH;
|
507
|
-
data += SHA256_BLOCK_LENGTH;
|
508
|
-
}
|
509
|
-
if (len > 0) {
|
510
|
-
/* There's left-overs, so save 'em */
|
511
|
-
MEMCPY_BCOPY(context->buffer, data, len);
|
512
|
-
context->bitcount += len << 3;
|
513
|
-
}
|
514
|
-
/* Clean up: */
|
515
|
-
usedspace = freespace = 0;
|
516
|
-
}
|
517
|
-
|
518
|
-
void SHA256_Finish(SHA256_CTX* context, sha2_byte digest[]) {
|
519
|
-
sha2_word32 *d = (sha2_word32*)digest;
|
520
|
-
unsigned int usedspace;
|
521
|
-
|
522
|
-
/* Sanity check: */
|
523
|
-
assert(context != NULL);
|
524
|
-
|
525
|
-
/* If no digest buffer is passed, we don't bother doing this: */
|
526
|
-
if (digest != (sha2_byte*)0) {
|
527
|
-
usedspace = (context->bitcount >> 3) % SHA256_BLOCK_LENGTH;
|
528
|
-
#ifndef WORDS_BIGENDIAN
|
529
|
-
/* Convert FROM host byte order */
|
530
|
-
REVERSE64(context->bitcount,context->bitcount);
|
531
|
-
#endif
|
532
|
-
if (usedspace > 0) {
|
533
|
-
/* Begin padding with a 1 bit: */
|
534
|
-
context->buffer[usedspace++] = 0x80;
|
535
|
-
|
536
|
-
if (usedspace <= SHA256_SHORT_BLOCK_LENGTH) {
|
537
|
-
/* Set-up for the last transform: */
|
538
|
-
MEMSET_BZERO(&context->buffer[usedspace], SHA256_SHORT_BLOCK_LENGTH - usedspace);
|
539
|
-
} else {
|
540
|
-
if (usedspace < SHA256_BLOCK_LENGTH) {
|
541
|
-
MEMSET_BZERO(&context->buffer[usedspace], SHA256_BLOCK_LENGTH - usedspace);
|
542
|
-
}
|
543
|
-
/* Do second-to-last transform: */
|
544
|
-
SHA256_Transform(context, (sha2_word32*)context->buffer);
|
545
|
-
|
546
|
-
/* And set-up for the last transform: */
|
547
|
-
MEMSET_BZERO(context->buffer, SHA256_SHORT_BLOCK_LENGTH);
|
548
|
-
}
|
549
|
-
} else {
|
550
|
-
/* Set-up for the last transform: */
|
551
|
-
MEMSET_BZERO(context->buffer, SHA256_SHORT_BLOCK_LENGTH);
|
552
|
-
|
553
|
-
/* Begin padding with a 1 bit: */
|
554
|
-
*context->buffer = 0x80;
|
555
|
-
}
|
556
|
-
/* Set the bit count: */
|
557
|
-
*(sha2_word64*)&context->buffer[SHA256_SHORT_BLOCK_LENGTH] = context->bitcount;
|
558
|
-
|
559
|
-
/* Final transform: */
|
560
|
-
SHA256_Transform(context, (sha2_word32*)context->buffer);
|
561
|
-
|
562
|
-
#ifndef WORDS_BIGENDIAN
|
563
|
-
{
|
564
|
-
/* Convert TO host byte order */
|
565
|
-
int j;
|
566
|
-
for (j = 0; j < 8; j++) {
|
567
|
-
REVERSE32(context->state[j],context->state[j]);
|
568
|
-
*d++ = context->state[j];
|
569
|
-
}
|
570
|
-
}
|
571
|
-
#else
|
572
|
-
MEMCPY_BCOPY(d, context->state, SHA256_DIGEST_LENGTH);
|
573
|
-
#endif
|
574
|
-
}
|
575
|
-
|
576
|
-
/* Clean up state data: */
|
577
|
-
MEMSET_BZERO(context, sizeof(SHA256_CTX));
|
578
|
-
usedspace = 0;
|
579
|
-
}
|
580
|
-
|
581
|
-
/*** SHA-512: *********************************************************/
|
582
|
-
void SHA512_Init(SHA512_CTX* context) {
|
583
|
-
if (context == (SHA512_CTX*)0) {
|
584
|
-
return;
|
585
|
-
}
|
586
|
-
MEMCPY_BCOPY(context->state, sha512_initial_hash_value, SHA512_DIGEST_LENGTH);
|
587
|
-
MEMSET_BZERO(context->buffer, SHA512_BLOCK_LENGTH);
|
588
|
-
context->bitcount[0] = context->bitcount[1] = 0;
|
589
|
-
}
|
590
|
-
|
591
|
-
#ifdef SHA2_UNROLL_TRANSFORM
|
592
|
-
|
593
|
-
/* Unrolled SHA-512 round macros: */
|
594
|
-
#ifndef WORDS_BIGENDIAN
|
595
|
-
|
596
|
-
#define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \
|
597
|
-
REVERSE64(*data++, W512[j]); \
|
598
|
-
T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \
|
599
|
-
K512[j] + W512[j]; \
|
600
|
-
(d) += T1, \
|
601
|
-
(h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)), \
|
602
|
-
j++
|
603
|
-
|
604
|
-
|
605
|
-
#else
|
606
|
-
|
607
|
-
#define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \
|
608
|
-
T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \
|
609
|
-
K512[j] + (W512[j] = *data++); \
|
610
|
-
(d) += T1; \
|
611
|
-
(h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \
|
612
|
-
j++
|
613
|
-
|
614
|
-
#endif
|
615
|
-
|
616
|
-
#define ROUND512(a,b,c,d,e,f,g,h) \
|
617
|
-
s0 = W512[(j+1)&0x0f]; \
|
618
|
-
s0 = sigma0_512(s0); \
|
619
|
-
s1 = W512[(j+14)&0x0f]; \
|
620
|
-
s1 = sigma1_512(s1); \
|
621
|
-
T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + K512[j] + \
|
622
|
-
(W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0); \
|
623
|
-
(d) += T1; \
|
624
|
-
(h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \
|
625
|
-
j++
|
626
|
-
|
627
|
-
void SHA512_Transform(SHA512_CTX* context, const sha2_word64* data) {
|
628
|
-
sha2_word64 a, b, c, d, e, f, g, h, s0, s1;
|
629
|
-
sha2_word64 T1, *W512 = (sha2_word64*)context->buffer;
|
630
|
-
int j;
|
631
|
-
|
632
|
-
/* Initialize registers with the prev. intermediate value */
|
633
|
-
a = context->state[0];
|
634
|
-
b = context->state[1];
|
635
|
-
c = context->state[2];
|
636
|
-
d = context->state[3];
|
637
|
-
e = context->state[4];
|
638
|
-
f = context->state[5];
|
639
|
-
g = context->state[6];
|
640
|
-
h = context->state[7];
|
641
|
-
|
642
|
-
j = 0;
|
643
|
-
do {
|
644
|
-
ROUND512_0_TO_15(a,b,c,d,e,f,g,h);
|
645
|
-
ROUND512_0_TO_15(h,a,b,c,d,e,f,g);
|
646
|
-
ROUND512_0_TO_15(g,h,a,b,c,d,e,f);
|
647
|
-
ROUND512_0_TO_15(f,g,h,a,b,c,d,e);
|
648
|
-
ROUND512_0_TO_15(e,f,g,h,a,b,c,d);
|
649
|
-
ROUND512_0_TO_15(d,e,f,g,h,a,b,c);
|
650
|
-
ROUND512_0_TO_15(c,d,e,f,g,h,a,b);
|
651
|
-
ROUND512_0_TO_15(b,c,d,e,f,g,h,a);
|
652
|
-
} while (j < 16);
|
653
|
-
|
654
|
-
/* Now for the remaining rounds up to 79: */
|
655
|
-
do {
|
656
|
-
ROUND512(a,b,c,d,e,f,g,h);
|
657
|
-
ROUND512(h,a,b,c,d,e,f,g);
|
658
|
-
ROUND512(g,h,a,b,c,d,e,f);
|
659
|
-
ROUND512(f,g,h,a,b,c,d,e);
|
660
|
-
ROUND512(e,f,g,h,a,b,c,d);
|
661
|
-
ROUND512(d,e,f,g,h,a,b,c);
|
662
|
-
ROUND512(c,d,e,f,g,h,a,b);
|
663
|
-
ROUND512(b,c,d,e,f,g,h,a);
|
664
|
-
} while (j < 80);
|
665
|
-
|
666
|
-
/* Compute the current intermediate hash value */
|
667
|
-
context->state[0] += a;
|
668
|
-
context->state[1] += b;
|
669
|
-
context->state[2] += c;
|
670
|
-
context->state[3] += d;
|
671
|
-
context->state[4] += e;
|
672
|
-
context->state[5] += f;
|
673
|
-
context->state[6] += g;
|
674
|
-
context->state[7] += h;
|
675
|
-
|
676
|
-
/* Clean up */
|
677
|
-
a = b = c = d = e = f = g = h = T1 = 0;
|
678
|
-
}
|
679
|
-
|
680
|
-
#else /* SHA2_UNROLL_TRANSFORM */
|
681
|
-
|
682
|
-
void SHA512_Transform(SHA512_CTX* context, const sha2_word64* data) {
|
683
|
-
sha2_word64 a, b, c, d, e, f, g, h, s0, s1;
|
684
|
-
sha2_word64 T1, T2, *W512 = (sha2_word64*)context->buffer;
|
685
|
-
int j;
|
686
|
-
|
687
|
-
/* Initialize registers with the prev. intermediate value */
|
688
|
-
a = context->state[0];
|
689
|
-
b = context->state[1];
|
690
|
-
c = context->state[2];
|
691
|
-
d = context->state[3];
|
692
|
-
e = context->state[4];
|
693
|
-
f = context->state[5];
|
694
|
-
g = context->state[6];
|
695
|
-
h = context->state[7];
|
696
|
-
|
697
|
-
j = 0;
|
698
|
-
do {
|
699
|
-
#ifndef WORDS_BIGENDIAN
|
700
|
-
/* Convert TO host byte order */
|
701
|
-
REVERSE64(*data++, W512[j]);
|
702
|
-
/* Apply the SHA-512 compression function to update a..h */
|
703
|
-
T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j];
|
704
|
-
#else
|
705
|
-
/* Apply the SHA-512 compression function to update a..h with copy */
|
706
|
-
T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + (W512[j] = *data++);
|
707
|
-
#endif
|
708
|
-
T2 = Sigma0_512(a) + Maj(a, b, c);
|
709
|
-
h = g;
|
710
|
-
g = f;
|
711
|
-
f = e;
|
712
|
-
e = d + T1;
|
713
|
-
d = c;
|
714
|
-
c = b;
|
715
|
-
b = a;
|
716
|
-
a = T1 + T2;
|
717
|
-
|
718
|
-
j++;
|
719
|
-
} while (j < 16);
|
720
|
-
|
721
|
-
do {
|
722
|
-
/* Part of the message block expansion: */
|
723
|
-
s0 = W512[(j+1)&0x0f];
|
724
|
-
s0 = sigma0_512(s0);
|
725
|
-
s1 = W512[(j+14)&0x0f];
|
726
|
-
s1 = sigma1_512(s1);
|
727
|
-
|
728
|
-
/* Apply the SHA-512 compression function to update a..h */
|
729
|
-
T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] +
|
730
|
-
(W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0);
|
731
|
-
T2 = Sigma0_512(a) + Maj(a, b, c);
|
732
|
-
h = g;
|
733
|
-
g = f;
|
734
|
-
f = e;
|
735
|
-
e = d + T1;
|
736
|
-
d = c;
|
737
|
-
c = b;
|
738
|
-
b = a;
|
739
|
-
a = T1 + T2;
|
740
|
-
|
741
|
-
j++;
|
742
|
-
} while (j < 80);
|
743
|
-
|
744
|
-
/* Compute the current intermediate hash value */
|
745
|
-
context->state[0] += a;
|
746
|
-
context->state[1] += b;
|
747
|
-
context->state[2] += c;
|
748
|
-
context->state[3] += d;
|
749
|
-
context->state[4] += e;
|
750
|
-
context->state[5] += f;
|
751
|
-
context->state[6] += g;
|
752
|
-
context->state[7] += h;
|
753
|
-
|
754
|
-
/* Clean up */
|
755
|
-
a = b = c = d = e = f = g = h = T1 = T2 = 0;
|
756
|
-
}
|
757
|
-
|
758
|
-
#endif /* SHA2_UNROLL_TRANSFORM */
|
759
|
-
|
760
|
-
void SHA512_Update(SHA512_CTX* context, const sha2_byte *data, size_t len) {
|
761
|
-
unsigned int freespace, usedspace;
|
762
|
-
|
763
|
-
if (len == 0) {
|
764
|
-
/* Calling with no data is valid - we do nothing */
|
765
|
-
return;
|
766
|
-
}
|
767
|
-
|
768
|
-
/* Sanity check: */
|
769
|
-
assert(context != NULL && data != NULL);
|
770
|
-
|
771
|
-
usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH;
|
772
|
-
if (usedspace > 0) {
|
773
|
-
/* Calculate how much free space is available in the buffer */
|
774
|
-
freespace = SHA512_BLOCK_LENGTH - usedspace;
|
775
|
-
|
776
|
-
if (len >= freespace) {
|
777
|
-
/* Fill the buffer completely and process it */
|
778
|
-
MEMCPY_BCOPY(&context->buffer[usedspace], data, freespace);
|
779
|
-
ADDINC128(context->bitcount, freespace << 3);
|
780
|
-
len -= freespace;
|
781
|
-
data += freespace;
|
782
|
-
SHA512_Transform(context, (const sha2_word64*)context->buffer);
|
783
|
-
} else {
|
784
|
-
/* The buffer is not yet full */
|
785
|
-
MEMCPY_BCOPY(&context->buffer[usedspace], data, len);
|
786
|
-
ADDINC128(context->bitcount, len << 3);
|
787
|
-
/* Clean up: */
|
788
|
-
usedspace = freespace = 0;
|
789
|
-
return;
|
790
|
-
}
|
791
|
-
}
|
792
|
-
while (len >= SHA512_BLOCK_LENGTH) {
|
793
|
-
/* Process as many complete blocks as we can */
|
794
|
-
SHA512_Transform(context, (const sha2_word64*)data);
|
795
|
-
ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3);
|
796
|
-
len -= SHA512_BLOCK_LENGTH;
|
797
|
-
data += SHA512_BLOCK_LENGTH;
|
798
|
-
}
|
799
|
-
if (len > 0) {
|
800
|
-
/* There's left-overs, so save 'em */
|
801
|
-
MEMCPY_BCOPY(context->buffer, data, len);
|
802
|
-
ADDINC128(context->bitcount, len << 3);
|
803
|
-
}
|
804
|
-
/* Clean up: */
|
805
|
-
usedspace = freespace = 0;
|
806
|
-
}
|
807
|
-
|
808
|
-
void SHA512_Last(SHA512_CTX* context) {
|
809
|
-
unsigned int usedspace;
|
810
|
-
|
811
|
-
usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH;
|
812
|
-
#ifndef WORDS_BIGENDIAN
|
813
|
-
/* Convert FROM host byte order */
|
814
|
-
REVERSE64(context->bitcount[0],context->bitcount[0]);
|
815
|
-
REVERSE64(context->bitcount[1],context->bitcount[1]);
|
816
|
-
#endif
|
817
|
-
if (usedspace > 0) {
|
818
|
-
/* Begin padding with a 1 bit: */
|
819
|
-
context->buffer[usedspace++] = 0x80;
|
820
|
-
|
821
|
-
if (usedspace <= SHA512_SHORT_BLOCK_LENGTH) {
|
822
|
-
/* Set-up for the last transform: */
|
823
|
-
MEMSET_BZERO(&context->buffer[usedspace], SHA512_SHORT_BLOCK_LENGTH - usedspace);
|
824
|
-
} else {
|
825
|
-
if (usedspace < SHA512_BLOCK_LENGTH) {
|
826
|
-
MEMSET_BZERO(&context->buffer[usedspace], SHA512_BLOCK_LENGTH - usedspace);
|
827
|
-
}
|
828
|
-
/* Do second-to-last transform: */
|
829
|
-
SHA512_Transform(context, (const sha2_word64*)context->buffer);
|
830
|
-
|
831
|
-
/* And set-up for the last transform: */
|
832
|
-
MEMSET_BZERO(context->buffer, SHA512_BLOCK_LENGTH - 2);
|
833
|
-
}
|
834
|
-
} else {
|
835
|
-
/* Prepare for final transform: */
|
836
|
-
MEMSET_BZERO(context->buffer, SHA512_SHORT_BLOCK_LENGTH);
|
837
|
-
|
838
|
-
/* Begin padding with a 1 bit: */
|
839
|
-
*context->buffer = 0x80;
|
840
|
-
}
|
841
|
-
/* Store the length of input data (in bits): */
|
842
|
-
*(sha2_word64*)&context->buffer[SHA512_SHORT_BLOCK_LENGTH] = context->bitcount[1];
|
843
|
-
*(sha2_word64*)&context->buffer[SHA512_SHORT_BLOCK_LENGTH+8] = context->bitcount[0];
|
844
|
-
|
845
|
-
/* Final transform: */
|
846
|
-
SHA512_Transform(context, (const sha2_word64*)context->buffer);
|
847
|
-
}
|
848
|
-
|
849
|
-
void SHA512_Finish(SHA512_CTX* context, sha2_byte digest[]) {
|
850
|
-
sha2_word64 *d = (sha2_word64*)digest;
|
851
|
-
|
852
|
-
/* Sanity check: */
|
853
|
-
assert(context != NULL);
|
854
|
-
|
855
|
-
/* If no digest buffer is passed, we don't bother doing this: */
|
856
|
-
if (digest != (sha2_byte*)0) {
|
857
|
-
SHA512_Last(context);
|
858
|
-
|
859
|
-
/* Save the hash data for output: */
|
860
|
-
#ifndef WORDS_BIGENDIAN
|
861
|
-
{
|
862
|
-
/* Convert TO host byte order */
|
863
|
-
int j;
|
864
|
-
for (j = 0; j < 8; j++) {
|
865
|
-
REVERSE64(context->state[j],context->state[j]);
|
866
|
-
*d++ = context->state[j];
|
867
|
-
}
|
868
|
-
}
|
869
|
-
#else
|
870
|
-
MEMCPY_BCOPY(d, context->state, SHA512_DIGEST_LENGTH);
|
871
|
-
#endif
|
872
|
-
}
|
873
|
-
|
874
|
-
/* Zero out state data */
|
875
|
-
MEMSET_BZERO(context, sizeof(SHA512_CTX));
|
876
|
-
}
|
877
|
-
|
878
|
-
/*** SHA-384: *********************************************************/
|
879
|
-
void SHA384_Init(SHA384_CTX* context) {
|
880
|
-
if (context == (SHA384_CTX*)0) {
|
881
|
-
return;
|
882
|
-
}
|
883
|
-
MEMCPY_BCOPY(context->state, sha384_initial_hash_value, SHA512_DIGEST_LENGTH);
|
884
|
-
MEMSET_BZERO(context->buffer, SHA384_BLOCK_LENGTH);
|
885
|
-
context->bitcount[0] = context->bitcount[1] = 0;
|
886
|
-
}
|
887
|
-
|
888
|
-
void SHA384_Update(SHA384_CTX* context, const sha2_byte* data, size_t len) {
|
889
|
-
SHA512_Update((SHA512_CTX*)context, data, len);
|
890
|
-
}
|
891
|
-
|
892
|
-
void SHA384_Finish(SHA384_CTX* context, sha2_byte digest[]) {
|
893
|
-
sha2_word64 *d = (sha2_word64*)digest;
|
894
|
-
|
895
|
-
/* Sanity check: */
|
896
|
-
assert(context != NULL);
|
897
|
-
|
898
|
-
/* If no digest buffer is passed, we don't bother doing this: */
|
899
|
-
if (digest != (sha2_byte*)0) {
|
900
|
-
SHA512_Last((SHA512_CTX*)context);
|
901
|
-
|
902
|
-
/* Save the hash data for output: */
|
903
|
-
#ifndef WORDS_BIGENDIAN
|
904
|
-
{
|
905
|
-
/* Convert TO host byte order */
|
906
|
-
int j;
|
907
|
-
for (j = 0; j < 6; j++) {
|
908
|
-
REVERSE64(context->state[j],context->state[j]);
|
909
|
-
*d++ = context->state[j];
|
910
|
-
}
|
911
|
-
}
|
912
|
-
#else
|
913
|
-
MEMCPY_BCOPY(d, context->state, SHA384_DIGEST_LENGTH);
|
914
|
-
#endif
|
915
|
-
}
|
916
|
-
|
917
|
-
/* Zero out state data */
|
918
|
-
MEMSET_BZERO(context, sizeof(SHA384_CTX));
|
919
|
-
}
|