ttcrypt 0.0.7 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/ext/ttcrypt/sha1.cpp CHANGED
@@ -39,7 +39,7 @@ namespace sha1
39
39
  namespace // local
40
40
  {
41
41
  // Rotate an integer value to left.
42
- inline const unsigned int rol(const unsigned int value,
42
+ inline unsigned int rol(const unsigned int value,
43
43
  const unsigned int steps)
44
44
  {
45
45
  return ((value << steps) | (value >> (32 - steps)));
@@ -0,0 +1,247 @@
1
+ /* $Id: sha2big.c 216 2010-06-08 09:46:57Z tp $ */
2
+ /*
3
+ * SHA-384 / SHA-512 implementation.
4
+ *
5
+ * ==========================(LICENSE BEGIN)============================
6
+ *
7
+ * Copyright (c) 2007-2010 Projet RNRT SAPHIR
8
+ *
9
+ * Permission is hereby granted, free of charge, to any person obtaining
10
+ * a copy of this software and associated documentation files (the
11
+ * "Software"), to deal in the Software without restriction, including
12
+ * without limitation the rights to use, copy, modify, merge, publish,
13
+ * distribute, sublicense, and/or sell copies of the Software, and to
14
+ * permit persons to whom the Software is furnished to do so, subject to
15
+ * the following conditions:
16
+ *
17
+ * The above copyright notice and this permission notice shall be
18
+ * included in all copies or substantial portions of the Software.
19
+ *
20
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
23
+ * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
24
+ * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
25
+ * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
26
+ * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
27
+ *
28
+ * ===========================(LICENSE END)=============================
29
+ *
30
+ * @author Thomas Pornin <thomas.pornin@cryptolog.com>
31
+ */
32
+
33
+ #include <stddef.h>
34
+ #include <string.h>
35
+
36
+ #include "sph_sha2.h"
37
+
38
+ #if SPH_64
39
+
40
+ #define CH(X, Y, Z) ((((Y) ^ (Z)) & (X)) ^ (Z))
41
+ #define MAJ(X, Y, Z) (((X) & (Y)) | (((X) | (Y)) & (Z)))
42
+
43
+ #define ROTR64 SPH_ROTR64
44
+
45
+ #define BSG5_0(x) (ROTR64(x, 28) ^ ROTR64(x, 34) ^ ROTR64(x, 39))
46
+ #define BSG5_1(x) (ROTR64(x, 14) ^ ROTR64(x, 18) ^ ROTR64(x, 41))
47
+ #define SSG5_0(x) (ROTR64(x, 1) ^ ROTR64(x, 8) ^ SPH_T64((x) >> 7))
48
+ #define SSG5_1(x) (ROTR64(x, 19) ^ ROTR64(x, 61) ^ SPH_T64((x) >> 6))
49
+
50
+ static const sph_u64 K512[80] = {
51
+ SPH_C64(0x428A2F98D728AE22), SPH_C64(0x7137449123EF65CD),
52
+ SPH_C64(0xB5C0FBCFEC4D3B2F), SPH_C64(0xE9B5DBA58189DBBC),
53
+ SPH_C64(0x3956C25BF348B538), SPH_C64(0x59F111F1B605D019),
54
+ SPH_C64(0x923F82A4AF194F9B), SPH_C64(0xAB1C5ED5DA6D8118),
55
+ SPH_C64(0xD807AA98A3030242), SPH_C64(0x12835B0145706FBE),
56
+ SPH_C64(0x243185BE4EE4B28C), SPH_C64(0x550C7DC3D5FFB4E2),
57
+ SPH_C64(0x72BE5D74F27B896F), SPH_C64(0x80DEB1FE3B1696B1),
58
+ SPH_C64(0x9BDC06A725C71235), SPH_C64(0xC19BF174CF692694),
59
+ SPH_C64(0xE49B69C19EF14AD2), SPH_C64(0xEFBE4786384F25E3),
60
+ SPH_C64(0x0FC19DC68B8CD5B5), SPH_C64(0x240CA1CC77AC9C65),
61
+ SPH_C64(0x2DE92C6F592B0275), SPH_C64(0x4A7484AA6EA6E483),
62
+ SPH_C64(0x5CB0A9DCBD41FBD4), SPH_C64(0x76F988DA831153B5),
63
+ SPH_C64(0x983E5152EE66DFAB), SPH_C64(0xA831C66D2DB43210),
64
+ SPH_C64(0xB00327C898FB213F), SPH_C64(0xBF597FC7BEEF0EE4),
65
+ SPH_C64(0xC6E00BF33DA88FC2), SPH_C64(0xD5A79147930AA725),
66
+ SPH_C64(0x06CA6351E003826F), SPH_C64(0x142929670A0E6E70),
67
+ SPH_C64(0x27B70A8546D22FFC), SPH_C64(0x2E1B21385C26C926),
68
+ SPH_C64(0x4D2C6DFC5AC42AED), SPH_C64(0x53380D139D95B3DF),
69
+ SPH_C64(0x650A73548BAF63DE), SPH_C64(0x766A0ABB3C77B2A8),
70
+ SPH_C64(0x81C2C92E47EDAEE6), SPH_C64(0x92722C851482353B),
71
+ SPH_C64(0xA2BFE8A14CF10364), SPH_C64(0xA81A664BBC423001),
72
+ SPH_C64(0xC24B8B70D0F89791), SPH_C64(0xC76C51A30654BE30),
73
+ SPH_C64(0xD192E819D6EF5218), SPH_C64(0xD69906245565A910),
74
+ SPH_C64(0xF40E35855771202A), SPH_C64(0x106AA07032BBD1B8),
75
+ SPH_C64(0x19A4C116B8D2D0C8), SPH_C64(0x1E376C085141AB53),
76
+ SPH_C64(0x2748774CDF8EEB99), SPH_C64(0x34B0BCB5E19B48A8),
77
+ SPH_C64(0x391C0CB3C5C95A63), SPH_C64(0x4ED8AA4AE3418ACB),
78
+ SPH_C64(0x5B9CCA4F7763E373), SPH_C64(0x682E6FF3D6B2B8A3),
79
+ SPH_C64(0x748F82EE5DEFB2FC), SPH_C64(0x78A5636F43172F60),
80
+ SPH_C64(0x84C87814A1F0AB72), SPH_C64(0x8CC702081A6439EC),
81
+ SPH_C64(0x90BEFFFA23631E28), SPH_C64(0xA4506CEBDE82BDE9),
82
+ SPH_C64(0xBEF9A3F7B2C67915), SPH_C64(0xC67178F2E372532B),
83
+ SPH_C64(0xCA273ECEEA26619C), SPH_C64(0xD186B8C721C0C207),
84
+ SPH_C64(0xEADA7DD6CDE0EB1E), SPH_C64(0xF57D4F7FEE6ED178),
85
+ SPH_C64(0x06F067AA72176FBA), SPH_C64(0x0A637DC5A2C898A6),
86
+ SPH_C64(0x113F9804BEF90DAE), SPH_C64(0x1B710B35131C471B),
87
+ SPH_C64(0x28DB77F523047D84), SPH_C64(0x32CAAB7B40C72493),
88
+ SPH_C64(0x3C9EBE0A15C9BEBC), SPH_C64(0x431D67C49C100D4C),
89
+ SPH_C64(0x4CC5D4BECB3E42B6), SPH_C64(0x597F299CFC657E2A),
90
+ SPH_C64(0x5FCB6FAB3AD6FAEC), SPH_C64(0x6C44198C4A475817)
91
+ };
92
+
93
+ static const sph_u64 H384[8] = {
94
+ SPH_C64(0xCBBB9D5DC1059ED8), SPH_C64(0x629A292A367CD507),
95
+ SPH_C64(0x9159015A3070DD17), SPH_C64(0x152FECD8F70E5939),
96
+ SPH_C64(0x67332667FFC00B31), SPH_C64(0x8EB44A8768581511),
97
+ SPH_C64(0xDB0C2E0D64F98FA7), SPH_C64(0x47B5481DBEFA4FA4)
98
+ };
99
+
100
+ static const sph_u64 H512[8] = {
101
+ SPH_C64(0x6A09E667F3BCC908), SPH_C64(0xBB67AE8584CAA73B),
102
+ SPH_C64(0x3C6EF372FE94F82B), SPH_C64(0xA54FF53A5F1D36F1),
103
+ SPH_C64(0x510E527FADE682D1), SPH_C64(0x9B05688C2B3E6C1F),
104
+ SPH_C64(0x1F83D9ABFB41BD6B), SPH_C64(0x5BE0CD19137E2179)
105
+ };
106
+
107
+ /*
108
+ * This macro defines the body for a SHA-384 / SHA-512 compression function
109
+ * implementation. The "in" parameter should evaluate, when applied to a
110
+ * numerical input parameter from 0 to 15, to an expression which yields
111
+ * the corresponding input block. The "r" parameter should evaluate to
112
+ * an array or pointer expression designating the array of 8 words which
113
+ * contains the input and output of the compression function.
114
+ *
115
+ * SHA-512 is hard for the compiler. If the loop is completely unrolled,
116
+ * then the code will be quite huge (possibly more than 100 kB), and the
117
+ * performance will be degraded due to cache misses on the code. We
118
+ * unroll only eight steps, which avoids all needless copies when
119
+ * 64-bit registers are swapped.
120
+ */
121
+
122
+ #define SHA3_STEP(A, B, C, D, E, F, G, H, i) do { \
123
+ sph_u64 T1, T2; \
124
+ T1 = SPH_T64(H + BSG5_1(E) + CH(E, F, G) + K512[i] + W[i]); \
125
+ T2 = SPH_T64(BSG5_0(A) + MAJ(A, B, C)); \
126
+ D = SPH_T64(D + T1); \
127
+ H = SPH_T64(T1 + T2); \
128
+ } while (0)
129
+
130
+ #define SHA3_ROUND_BODY(in, r) do { \
131
+ int i; \
132
+ sph_u64 A, B, C, D, E, F, G, H; \
133
+ sph_u64 W[80]; \
134
+ \
135
+ for (i = 0; i < 16; i ++) \
136
+ W[i] = in(i); \
137
+ for (i = 16; i < 80; i ++) \
138
+ W[i] = SPH_T64(SSG5_1(W[i - 2]) + W[i - 7] \
139
+ + SSG5_0(W[i - 15]) + W[i - 16]); \
140
+ A = (r)[0]; \
141
+ B = (r)[1]; \
142
+ C = (r)[2]; \
143
+ D = (r)[3]; \
144
+ E = (r)[4]; \
145
+ F = (r)[5]; \
146
+ G = (r)[6]; \
147
+ H = (r)[7]; \
148
+ for (i = 0; i < 80; i += 8) { \
149
+ SHA3_STEP(A, B, C, D, E, F, G, H, i + 0); \
150
+ SHA3_STEP(H, A, B, C, D, E, F, G, i + 1); \
151
+ SHA3_STEP(G, H, A, B, C, D, E, F, i + 2); \
152
+ SHA3_STEP(F, G, H, A, B, C, D, E, i + 3); \
153
+ SHA3_STEP(E, F, G, H, A, B, C, D, i + 4); \
154
+ SHA3_STEP(D, E, F, G, H, A, B, C, i + 5); \
155
+ SHA3_STEP(C, D, E, F, G, H, A, B, i + 6); \
156
+ SHA3_STEP(B, C, D, E, F, G, H, A, i + 7); \
157
+ } \
158
+ (r)[0] = SPH_T64((r)[0] + A); \
159
+ (r)[1] = SPH_T64((r)[1] + B); \
160
+ (r)[2] = SPH_T64((r)[2] + C); \
161
+ (r)[3] = SPH_T64((r)[3] + D); \
162
+ (r)[4] = SPH_T64((r)[4] + E); \
163
+ (r)[5] = SPH_T64((r)[5] + F); \
164
+ (r)[6] = SPH_T64((r)[6] + G); \
165
+ (r)[7] = SPH_T64((r)[7] + H); \
166
+ } while (0)
167
+
168
+ /*
169
+ * One round of SHA-384 / SHA-512. The data must be aligned for 64-bit access.
170
+ */
171
+ static void
172
+ sha3_round(const unsigned char *data, sph_u64 r[8])
173
+ {
174
+ #define SHA3_IN(x) sph_dec64be_aligned(data + (8 * (x)))
175
+ SHA3_ROUND_BODY(SHA3_IN, r);
176
+ #undef SHA3_IN
177
+ }
178
+
179
+ /* see sph_sha3.h */
180
+ void
181
+ sph_sha384_init(void *cc)
182
+ {
183
+ sph_sha384_context *sc;
184
+
185
+ sc = cc;
186
+ memcpy(sc->val, H384, sizeof H384);
187
+ sc->count = 0;
188
+ }
189
+
190
+ /* see sph_sha3.h */
191
+ void
192
+ sph_sha512_init(void *cc)
193
+ {
194
+ sph_sha512_context *sc;
195
+
196
+ sc = cc;
197
+ memcpy(sc->val, H512, sizeof H512);
198
+ sc->count = 0;
199
+ }
200
+
201
+ #define RFUN sha3_round
202
+ #define HASH sha384
203
+ #define BE64 1
204
+ #include "md_helper._c"
205
+
206
+ /* see sph_sha3.h */
207
+ void
208
+ sph_sha384_close(void *cc, void *dst)
209
+ {
210
+ sha384_close(cc, dst, 6);
211
+ sph_sha384_init(cc);
212
+ }
213
+
214
+ /* see sph_sha3.h */
215
+ void
216
+ sph_sha384_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst)
217
+ {
218
+ sha384_addbits_and_close(cc, ub, n, dst, 6);
219
+ sph_sha384_init(cc);
220
+ }
221
+
222
+ /* see sph_sha3.h */
223
+ void
224
+ sph_sha512_close(void *cc, void *dst)
225
+ {
226
+ sha384_close(cc, dst, 8);
227
+ sph_sha512_init(cc);
228
+ }
229
+
230
+ /* see sph_sha3.h */
231
+ void
232
+ sph_sha512_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst)
233
+ {
234
+ sha384_addbits_and_close(cc, ub, n, dst, 8);
235
+ sph_sha512_init(cc);
236
+ }
237
+
238
+ /* see sph_sha3.h */
239
+ void
240
+ sph_sha384_comp(const sph_u64 msg[16], sph_u64 val[8])
241
+ {
242
+ #define SHA3_IN(x) msg[x]
243
+ SHA3_ROUND_BODY(SHA3_IN, val);
244
+ #undef SHA3_IN
245
+ }
246
+
247
+ #endif
@@ -0,0 +1,378 @@
1
+ /* $Id: sph_sha2.h 216 2010-06-08 09:46:57Z tp $ */
2
+ /**
3
+ * SHA-224, SHA-256, SHA-384 and SHA-512 interface.
4
+ *
5
+ * SHA-256 has been published in FIPS 180-2, now amended with a change
6
+ * notice to include SHA-224 as well (which is a simple variation on
7
+ * SHA-256). SHA-384 and SHA-512 are also defined in FIPS 180-2. FIPS
8
+ * standards can be found at:
9
+ * http://csrc.nist.gov/publications/fips/
10
+ *
11
+ * ==========================(LICENSE BEGIN)============================
12
+ *
13
+ * Copyright (c) 2007-2010 Projet RNRT SAPHIR
14
+ *
15
+ * Permission is hereby granted, free of charge, to any person obtaining
16
+ * a copy of this software and associated documentation files (the
17
+ * "Software"), to deal in the Software without restriction, including
18
+ * without limitation the rights to use, copy, modify, merge, publish,
19
+ * distribute, sublicense, and/or sell copies of the Software, and to
20
+ * permit persons to whom the Software is furnished to do so, subject to
21
+ * the following conditions:
22
+ *
23
+ * The above copyright notice and this permission notice shall be
24
+ * included in all copies or substantial portions of the Software.
25
+ *
26
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
27
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
28
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
29
+ * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
30
+ * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
31
+ * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
32
+ * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
33
+ *
34
+ * ===========================(LICENSE END)=============================
35
+ *
36
+ * @file sph_sha2.h
37
+ * @author Thomas Pornin <thomas.pornin@cryptolog.com>
38
+ */
39
+
40
+ #ifndef SPH_SHA2_H__
41
+ #define SPH_SHA2_H__
42
+
43
+ #ifdef __cplusplus
44
+ extern "C" {
45
+ #endif
46
+
47
+ #include <stddef.h>
48
+ #include "sph_types.h"
49
+
50
+ /**
51
+ * Output size (in bits) for SHA-224.
52
+ */
53
+ #define SPH_SIZE_sha224 224
54
+
55
+ /**
56
+ * Output size (in bits) for SHA-256.
57
+ */
58
+ #define SPH_SIZE_sha256 256
59
+
60
+ /**
61
+ * This structure is a context for SHA-224 computations: it contains the
62
+ * intermediate values and some data from the last entered block. Once
63
+ * a SHA-224 computation has been performed, the context can be reused for
64
+ * another computation.
65
+ *
66
+ * The contents of this structure are private. A running SHA-224 computation
67
+ * can be cloned by copying the context (e.g. with a simple
68
+ * <code>memcpy()</code>).
69
+ */
70
+ typedef struct {
71
+ #ifndef DOXYGEN_IGNORE
72
+ unsigned char buf[64]; /* first field, for alignment */
73
+ sph_u32 val[8];
74
+ #if SPH_64
75
+ sph_u64 count;
76
+ #else
77
+ sph_u32 count_high, count_low;
78
+ #endif
79
+ #endif
80
+ } sph_sha224_context;
81
+
82
+ /**
83
+ * This structure is a context for SHA-256 computations. It is identical
84
+ * to the SHA-224 context. However, a context is initialized for SHA-224
85
+ * <strong>or</strong> SHA-256, but not both (the internal IV is not the
86
+ * same).
87
+ */
88
+ typedef sph_sha224_context sph_sha256_context;
89
+
90
+ /**
91
+ * Initialize a SHA-224 context. This process performs no memory allocation.
92
+ *
93
+ * @param cc the SHA-224 context (pointer to
94
+ * a <code>sph_sha224_context</code>)
95
+ */
96
+ void sph_sha224_init(void *cc);
97
+
98
+ /**
99
+ * Process some data bytes. It is acceptable that <code>len</code> is zero
100
+ * (in which case this function does nothing).
101
+ *
102
+ * @param cc the SHA-224 context
103
+ * @param data the input data
104
+ * @param len the input data length (in bytes)
105
+ */
106
+ void sph_sha224(void *cc, const void *data, size_t len);
107
+
108
+ /**
109
+ * Terminate the current SHA-224 computation and output the result into the
110
+ * provided buffer. The destination buffer must be wide enough to
111
+ * accomodate the result (28 bytes). The context is automatically
112
+ * reinitialized.
113
+ *
114
+ * @param cc the SHA-224 context
115
+ * @param dst the destination buffer
116
+ */
117
+ void sph_sha224_close(void *cc, void *dst);
118
+
119
+ /**
120
+ * Add a few additional bits (0 to 7) to the current computation, then
121
+ * terminate it and output the result in the provided buffer, which must
122
+ * be wide enough to accomodate the result (28 bytes). If bit number i
123
+ * in <code>ub</code> has value 2^i, then the extra bits are those
124
+ * numbered 7 downto 8-n (this is the big-endian convention at the byte
125
+ * level). The context is automatically reinitialized.
126
+ *
127
+ * @param cc the SHA-224 context
128
+ * @param ub the extra bits
129
+ * @param n the number of extra bits (0 to 7)
130
+ * @param dst the destination buffer
131
+ */
132
+ void sph_sha224_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst);
133
+
134
+ /**
135
+ * Apply the SHA-224 compression function on the provided data. The
136
+ * <code>msg</code> parameter contains the 16 32-bit input blocks,
137
+ * as numerical values (hence after the big-endian decoding). The
138
+ * <code>val</code> parameter contains the 8 32-bit input blocks for
139
+ * the compression function; the output is written in place in this
140
+ * array.
141
+ *
142
+ * @param msg the message block (16 values)
143
+ * @param val the function 256-bit input and output
144
+ */
145
+ void sph_sha224_comp(const sph_u32 msg[16], sph_u32 val[8]);
146
+
147
+ /**
148
+ * Initialize a SHA-256 context. This process performs no memory allocation.
149
+ *
150
+ * @param cc the SHA-256 context (pointer to
151
+ * a <code>sph_sha256_context</code>)
152
+ */
153
+ void sph_sha256_init(void *cc);
154
+
155
+ #ifdef DOXYGEN_IGNORE
156
+ /**
157
+ * Process some data bytes, for SHA-256. This function is identical to
158
+ * <code>sha_224()</code>
159
+ *
160
+ * @param cc the SHA-224 context
161
+ * @param data the input data
162
+ * @param len the input data length (in bytes)
163
+ */
164
+ void sph_sha256(void *cc, const void *data, size_t len);
165
+ #endif
166
+
167
+ #ifndef DOXYGEN_IGNORE
168
+ #define sph_sha256 sph_sha224
169
+ #endif
170
+
171
+ /**
172
+ * Terminate the current SHA-256 computation and output the result into the
173
+ * provided buffer. The destination buffer must be wide enough to
174
+ * accomodate the result (32 bytes). The context is automatically
175
+ * reinitialized.
176
+ *
177
+ * @param cc the SHA-256 context
178
+ * @param dst the destination buffer
179
+ */
180
+ void sph_sha256_close(void *cc, void *dst);
181
+
182
+ /**
183
+ * Add a few additional bits (0 to 7) to the current computation, then
184
+ * terminate it and output the result in the provided buffer, which must
185
+ * be wide enough to accomodate the result (32 bytes). If bit number i
186
+ * in <code>ub</code> has value 2^i, then the extra bits are those
187
+ * numbered 7 downto 8-n (this is the big-endian convention at the byte
188
+ * level). The context is automatically reinitialized.
189
+ *
190
+ * @param cc the SHA-256 context
191
+ * @param ub the extra bits
192
+ * @param n the number of extra bits (0 to 7)
193
+ * @param dst the destination buffer
194
+ */
195
+ void sph_sha256_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst);
196
+
197
+ #ifdef DOXYGEN_IGNORE
198
+ /**
199
+ * Apply the SHA-256 compression function on the provided data. This
200
+ * function is identical to <code>sha224_comp()</code>.
201
+ *
202
+ * @param msg the message block (16 values)
203
+ * @param val the function 256-bit input and output
204
+ */
205
+ void sph_sha256_comp(const sph_u32 msg[16], sph_u32 val[8]);
206
+ #endif
207
+
208
+ #ifndef DOXYGEN_IGNORE
209
+ #define sph_sha256_comp sph_sha224_comp
210
+ #endif
211
+
212
+ #if SPH_64
213
+
214
+ /**
215
+ * Output size (in bits) for SHA-384.
216
+ */
217
+ #define SPH_SIZE_sha384 384
218
+
219
+ /**
220
+ * Output size (in bits) for SHA-512.
221
+ */
222
+ #define SPH_SIZE_sha512 512
223
+
224
+ /**
225
+ * This structure is a context for SHA-384 computations: it contains the
226
+ * intermediate values and some data from the last entered block. Once
227
+ * a SHA-384 computation has been performed, the context can be reused for
228
+ * another computation.
229
+ *
230
+ * The contents of this structure are private. A running SHA-384 computation
231
+ * can be cloned by copying the context (e.g. with a simple
232
+ * <code>memcpy()</code>).
233
+ */
234
+ typedef struct {
235
+ #ifndef DOXYGEN_IGNORE
236
+ unsigned char buf[128]; /* first field, for alignment */
237
+ sph_u64 val[8];
238
+ sph_u64 count;
239
+ #endif
240
+ } sph_sha384_context;
241
+
242
+ /**
243
+ * Initialize a SHA-384 context. This process performs no memory allocation.
244
+ *
245
+ * @param cc the SHA-384 context (pointer to
246
+ * a <code>sph_sha384_context</code>)
247
+ */
248
+ void sph_sha384_init(void *cc);
249
+
250
+ /**
251
+ * Process some data bytes. It is acceptable that <code>len</code> is zero
252
+ * (in which case this function does nothing).
253
+ *
254
+ * @param cc the SHA-384 context
255
+ * @param data the input data
256
+ * @param len the input data length (in bytes)
257
+ */
258
+ void sph_sha384(void *cc, const void *data, size_t len);
259
+
260
+ /**
261
+ * Terminate the current SHA-384 computation and output the result into the
262
+ * provided buffer. The destination buffer must be wide enough to
263
+ * accomodate the result (48 bytes). The context is automatically
264
+ * reinitialized.
265
+ *
266
+ * @param cc the SHA-384 context
267
+ * @param dst the destination buffer
268
+ */
269
+ void sph_sha384_close(void *cc, void *dst);
270
+
271
+ /**
272
+ * Add a few additional bits (0 to 7) to the current computation, then
273
+ * terminate it and output the result in the provided buffer, which must
274
+ * be wide enough to accomodate the result (48 bytes). If bit number i
275
+ * in <code>ub</code> has value 2^i, then the extra bits are those
276
+ * numbered 7 downto 8-n (this is the big-endian convention at the byte
277
+ * level). The context is automatically reinitialized.
278
+ *
279
+ * @param cc the SHA-384 context
280
+ * @param ub the extra bits
281
+ * @param n the number of extra bits (0 to 7)
282
+ * @param dst the destination buffer
283
+ */
284
+ void sph_sha384_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst);
285
+
286
+ /**
287
+ * Apply the SHA-384 compression function on the provided data. The
288
+ * <code>msg</code> parameter contains the 16 64-bit input blocks,
289
+ * as numerical values (hence after the big-endian decoding). The
290
+ * <code>val</code> parameter contains the 8 64-bit input blocks for
291
+ * the compression function; the output is written in place in this
292
+ * array.
293
+ *
294
+ * @param msg the message block (16 values)
295
+ * @param val the function 512-bit input and output
296
+ */
297
+ void sph_sha384_comp(const sph_u64 msg[16], sph_u64 val[8]);
298
+
299
+ /**
300
+ * This structure is a context for SHA-512 computations. It is identical
301
+ * to the SHA-384 context. However, a context is initialized for SHA-384
302
+ * <strong>or</strong> SHA-512, but not both (the internal IV is not the
303
+ * same).
304
+ */
305
+ typedef sph_sha384_context sph_sha512_context;
306
+
307
+ /**
308
+ * Initialize a SHA-512 context. This process performs no memory allocation.
309
+ *
310
+ * @param cc the SHA-512 context (pointer to
311
+ * a <code>sph_sha512_context</code>)
312
+ */
313
+ void sph_sha512_init(void *cc);
314
+
315
+ #ifdef DOXYGEN_IGNORE
316
+ /**
317
+ * Process some data bytes, for SHA-512. This function is identical to
318
+ * <code>sph_sha384()</code>.
319
+ *
320
+ * @param cc the SHA-384 context
321
+ * @param data the input data
322
+ * @param len the input data length (in bytes)
323
+ */
324
+ void sph_sha512(void *cc, const void *data, size_t len);
325
+ #endif
326
+
327
+ #ifndef DOXYGEN_IGNORE
328
+ #define sph_sha512 sph_sha384
329
+ #endif
330
+
331
+ /**
332
+ * Terminate the current SHA-512 computation and output the result into the
333
+ * provided buffer. The destination buffer must be wide enough to
334
+ * accomodate the result (64 bytes). The context is automatically
335
+ * reinitialized.
336
+ *
337
+ * @param cc the SHA-512 context
338
+ * @param dst the destination buffer
339
+ */
340
+ void sph_sha512_close(void *cc, void *dst);
341
+
342
+ /**
343
+ * Add a few additional bits (0 to 7) to the current computation, then
344
+ * terminate it and output the result in the provided buffer, which must
345
+ * be wide enough to accomodate the result (64 bytes). If bit number i
346
+ * in <code>ub</code> has value 2^i, then the extra bits are those
347
+ * numbered 7 downto 8-n (this is the big-endian convention at the byte
348
+ * level). The context is automatically reinitialized.
349
+ *
350
+ * @param cc the SHA-512 context
351
+ * @param ub the extra bits
352
+ * @param n the number of extra bits (0 to 7)
353
+ * @param dst the destination buffer
354
+ */
355
+ void sph_sha512_addbits_and_close(void *cc, unsigned ub, unsigned n, void *dst);
356
+
357
+ #ifdef DOXYGEN_IGNORE
358
+ /**
359
+ * Apply the SHA-512 compression function. This function is identical to
360
+ * <code>sph_sha384_comp()</code>.
361
+ *
362
+ * @param msg the message block (16 values)
363
+ * @param val the function 512-bit input and output
364
+ */
365
+ void sph_sha512_comp(const sph_u64 msg[16], sph_u64 val[8]);
366
+ #endif
367
+
368
+ #ifndef DOXYGEN_IGNORE
369
+ #define sph_sha512_comp sph_sha384_comp
370
+ #endif
371
+
372
+ #endif
373
+
374
+ #ifdef __cplusplus
375
+ }
376
+ #endif
377
+
378
+ #endif