Delete old duplicate files.
This commit is contained in:
parent
7c27ac1030
commit
585eb117d4
25 changed files with 37 additions and 4667 deletions
2
TABLE
2
TABLE
|
@ -1649,7 +1649,7 @@ $arflags =
|
||||||
|
|
||||||
*** debug-steve
|
*** debug-steve
|
||||||
$cc = gcc
|
$cc = gcc
|
||||||
$cflags = -DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -march=i486 -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe
|
$cflags = -DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -m32 -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe
|
||||||
$unistd =
|
$unistd =
|
||||||
$thread_cflag = -D_REENTRANT
|
$thread_cflag = -D_REENTRANT
|
||||||
$sys_id =
|
$sys_id =
|
||||||
|
|
|
@ -8,9 +8,8 @@
|
||||||
HOME = .
|
HOME = .
|
||||||
RANDFILE = $ENV::HOME/.rnd
|
RANDFILE = $ENV::HOME/.rnd
|
||||||
|
|
||||||
# Extra OBJECT IDENTIFIER info:
|
# Uncomment out to enable OpenSSL configuration see config(3)
|
||||||
#oid_file = $ENV::HOME/.oid
|
# openssl_conf = openssl_init
|
||||||
oid_section = new_oids
|
|
||||||
|
|
||||||
# To use this configuration file with the "-extfile" option of the
|
# To use this configuration file with the "-extfile" option of the
|
||||||
# "openssl x509" utility, name here the section containing the
|
# "openssl x509" utility, name here the section containing the
|
||||||
|
@ -19,13 +18,22 @@ oid_section = new_oids
|
||||||
# (Alternatively, use a configuration file that has only
|
# (Alternatively, use a configuration file that has only
|
||||||
# X.509v3 extensions in its main [= default] section.)
|
# X.509v3 extensions in its main [= default] section.)
|
||||||
|
|
||||||
|
[openssl_init]
|
||||||
|
# Extra OBJECT IDENTIFIER info:
|
||||||
|
oid_section = new_oids
|
||||||
|
alg_section = algs
|
||||||
|
|
||||||
[ new_oids ]
|
[ new_oids ]
|
||||||
|
|
||||||
# We can add new OIDs in here for use by 'ca' and 'req'.
|
# We can add new OIDs in here for use by any config aware application
|
||||||
# Add a simple OID like this:
|
# Add a simple OID like this:
|
||||||
# testoid1=1.2.3.4
|
# shortname=Long Object Identifier Name, 1.2.3.4
|
||||||
# Or use config file substitution like this:
|
# Or use config file substitution like this:
|
||||||
# testoid2=${testoid1}.5.6
|
# testoid2=OID2 LONG NAME, ${testoid1}.5.6, OTHER OID
|
||||||
|
|
||||||
|
[ algs ]
|
||||||
|
# Algorithm configuration options. Currently just fips_mode
|
||||||
|
fips_mode = no
|
||||||
|
|
||||||
####################################################################
|
####################################################################
|
||||||
[ ca ]
|
[ ca ]
|
||||||
|
|
|
@ -151,9 +151,6 @@ FIPS_NON_FIPS_MD_Init(SHA)
|
||||||
int HASH_INIT (SHA_CTX *c)
|
int HASH_INIT (SHA_CTX *c)
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
#if defined(SHA_1) && defined(OPENSSL_FIPS)
|
|
||||||
FIPS_selftest_check();
|
|
||||||
#endif
|
|
||||||
c->h0=INIT_DATA_h0;
|
c->h0=INIT_DATA_h0;
|
||||||
c->h1=INIT_DATA_h1;
|
c->h1=INIT_DATA_h1;
|
||||||
c->h2=INIT_DATA_h2;
|
c->h2=INIT_DATA_h2;
|
||||||
|
|
|
@ -520,28 +520,6 @@ STACK_OF(type) \
|
||||||
#define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st))
|
#define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st))
|
||||||
#define sk_CRYPTO_dynlock_is_sorted(st) SKM_sk_is_sorted(CRYPTO_dynlock, (st))
|
#define sk_CRYPTO_dynlock_is_sorted(st) SKM_sk_is_sorted(CRYPTO_dynlock, (st))
|
||||||
|
|
||||||
#define sk_CRYPTO_dynlock_new(st) SKM_sk_new(CRYPTO_dynlock, (st))
|
|
||||||
#define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock)
|
|
||||||
#define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st))
|
|
||||||
#define sk_CRYPTO_dynlock_num(st) SKM_sk_num(CRYPTO_dynlock, (st))
|
|
||||||
#define sk_CRYPTO_dynlock_value(st, i) SKM_sk_value(CRYPTO_dynlock, (st), (i))
|
|
||||||
#define sk_CRYPTO_dynlock_set(st, i, val) SKM_sk_set(CRYPTO_dynlock, (st), (i), (val))
|
|
||||||
#define sk_CRYPTO_dynlock_zero(st) SKM_sk_zero(CRYPTO_dynlock, (st))
|
|
||||||
#define sk_CRYPTO_dynlock_push(st, val) SKM_sk_push(CRYPTO_dynlock, (st), (val))
|
|
||||||
#define sk_CRYPTO_dynlock_unshift(st, val) SKM_sk_unshift(CRYPTO_dynlock, (st), (val))
|
|
||||||
#define sk_CRYPTO_dynlock_find(st, val) SKM_sk_find(CRYPTO_dynlock, (st), (val))
|
|
||||||
#define sk_CRYPTO_dynlock_find_ex(st, val) SKM_sk_find_ex(CRYPTO_dynlock, (st), (val))
|
|
||||||
#define sk_CRYPTO_dynlock_delete(st, i) SKM_sk_delete(CRYPTO_dynlock, (st), (i))
|
|
||||||
#define sk_CRYPTO_dynlock_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_dynlock, (st), (ptr))
|
|
||||||
#define sk_CRYPTO_dynlock_insert(st, val, i) SKM_sk_insert(CRYPTO_dynlock, (st), (val), (i))
|
|
||||||
#define sk_CRYPTO_dynlock_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_dynlock, (st), (cmp))
|
|
||||||
#define sk_CRYPTO_dynlock_dup(st) SKM_sk_dup(CRYPTO_dynlock, st)
|
|
||||||
#define sk_CRYPTO_dynlock_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_dynlock, (st), (free_func))
|
|
||||||
#define sk_CRYPTO_dynlock_shift(st) SKM_sk_shift(CRYPTO_dynlock, (st))
|
|
||||||
#define sk_CRYPTO_dynlock_pop(st) SKM_sk_pop(CRYPTO_dynlock, (st))
|
|
||||||
#define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st))
|
|
||||||
#define sk_CRYPTO_dynlock_is_sorted(st) SKM_sk_is_sorted(CRYPTO_dynlock, (st))
|
|
||||||
|
|
||||||
#define sk_DIST_POINT_new(st) SKM_sk_new(DIST_POINT, (st))
|
#define sk_DIST_POINT_new(st) SKM_sk_new(DIST_POINT, (st))
|
||||||
#define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT)
|
#define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT)
|
||||||
#define sk_DIST_POINT_free(st) SKM_sk_free(DIST_POINT, (st))
|
#define sk_DIST_POINT_free(st) SKM_sk_free(DIST_POINT, (st))
|
||||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -1,89 +0,0 @@
|
||||||
/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_AES_LOCL_H
|
|
||||||
#define HEADER_AES_LOCL_H
|
|
||||||
|
|
||||||
#include <openssl/e_os2.h>
|
|
||||||
|
|
||||||
#ifdef OPENSSL_NO_AES
|
|
||||||
#error AES is disabled.
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#include <stdio.h>
|
|
||||||
#include <stdlib.h>
|
|
||||||
#include <string.h>
|
|
||||||
|
|
||||||
#if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
|
|
||||||
# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
|
|
||||||
# define GETU32(p) SWAP(*((u32 *)(p)))
|
|
||||||
# define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
|
|
||||||
#else
|
|
||||||
# define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] << 8) ^ ((u32)(pt)[3]))
|
|
||||||
# define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); }
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifdef AES_LONG
|
|
||||||
typedef unsigned long u32;
|
|
||||||
#else
|
|
||||||
typedef unsigned int u32;
|
|
||||||
#endif
|
|
||||||
typedef unsigned short u16;
|
|
||||||
typedef unsigned char u8;
|
|
||||||
|
|
||||||
#define MAXKC (256/32)
|
|
||||||
#define MAXKB (256/8)
|
|
||||||
#define MAXNR 14
|
|
||||||
|
|
||||||
/* This controls loop-unrolling in aes_core.c */
|
|
||||||
#undef FULL_UNROLL
|
|
||||||
|
|
||||||
#endif /* !HEADER_AES_LOCL_H */
|
|
|
@ -1,310 +0,0 @@
|
||||||
/* crypto/des/des_enc.c */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#include "fips_des_locl.h"
|
|
||||||
#include <openssl/fips.h>
|
|
||||||
|
|
||||||
#ifdef OPENSSL_FIPS
|
|
||||||
|
|
||||||
void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
|
|
||||||
{
|
|
||||||
register DES_LONG l,r,t,u;
|
|
||||||
#ifdef DES_PTR
|
|
||||||
register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
|
|
||||||
#endif
|
|
||||||
#ifndef DES_UNROLL
|
|
||||||
register int i;
|
|
||||||
#endif
|
|
||||||
register DES_LONG *s;
|
|
||||||
|
|
||||||
if(FIPS_selftest_failed())
|
|
||||||
{
|
|
||||||
data[0]=data[1]=0;
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
r=data[0];
|
|
||||||
l=data[1];
|
|
||||||
|
|
||||||
IP(r,l);
|
|
||||||
/* Things have been modified so that the initial rotate is
|
|
||||||
* done outside the loop. This required the
|
|
||||||
* DES_SPtrans values in sp.h to be rotated 1 bit to the right.
|
|
||||||
* One perl script later and things have a 5% speed up on a sparc2.
|
|
||||||
* Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
|
|
||||||
* for pointing this out. */
|
|
||||||
/* clear the top bits on machines with 8byte longs */
|
|
||||||
/* shift left by 2 */
|
|
||||||
r=ROTATE(r,29)&0xffffffffL;
|
|
||||||
l=ROTATE(l,29)&0xffffffffL;
|
|
||||||
|
|
||||||
s=ks->ks->deslong;
|
|
||||||
/* I don't know if it is worth the effort of loop unrolling the
|
|
||||||
* inner loop */
|
|
||||||
if (enc)
|
|
||||||
{
|
|
||||||
#ifdef DES_UNROLL
|
|
||||||
D_ENCRYPT(l,r, 0); /* 1 */
|
|
||||||
D_ENCRYPT(r,l, 2); /* 2 */
|
|
||||||
D_ENCRYPT(l,r, 4); /* 3 */
|
|
||||||
D_ENCRYPT(r,l, 6); /* 4 */
|
|
||||||
D_ENCRYPT(l,r, 8); /* 5 */
|
|
||||||
D_ENCRYPT(r,l,10); /* 6 */
|
|
||||||
D_ENCRYPT(l,r,12); /* 7 */
|
|
||||||
D_ENCRYPT(r,l,14); /* 8 */
|
|
||||||
D_ENCRYPT(l,r,16); /* 9 */
|
|
||||||
D_ENCRYPT(r,l,18); /* 10 */
|
|
||||||
D_ENCRYPT(l,r,20); /* 11 */
|
|
||||||
D_ENCRYPT(r,l,22); /* 12 */
|
|
||||||
D_ENCRYPT(l,r,24); /* 13 */
|
|
||||||
D_ENCRYPT(r,l,26); /* 14 */
|
|
||||||
D_ENCRYPT(l,r,28); /* 15 */
|
|
||||||
D_ENCRYPT(r,l,30); /* 16 */
|
|
||||||
#else
|
|
||||||
for (i=0; i<32; i+=8)
|
|
||||||
{
|
|
||||||
D_ENCRYPT(l,r,i+0); /* 1 */
|
|
||||||
D_ENCRYPT(r,l,i+2); /* 2 */
|
|
||||||
D_ENCRYPT(l,r,i+4); /* 3 */
|
|
||||||
D_ENCRYPT(r,l,i+6); /* 4 */
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
#ifdef DES_UNROLL
|
|
||||||
D_ENCRYPT(l,r,30); /* 16 */
|
|
||||||
D_ENCRYPT(r,l,28); /* 15 */
|
|
||||||
D_ENCRYPT(l,r,26); /* 14 */
|
|
||||||
D_ENCRYPT(r,l,24); /* 13 */
|
|
||||||
D_ENCRYPT(l,r,22); /* 12 */
|
|
||||||
D_ENCRYPT(r,l,20); /* 11 */
|
|
||||||
D_ENCRYPT(l,r,18); /* 10 */
|
|
||||||
D_ENCRYPT(r,l,16); /* 9 */
|
|
||||||
D_ENCRYPT(l,r,14); /* 8 */
|
|
||||||
D_ENCRYPT(r,l,12); /* 7 */
|
|
||||||
D_ENCRYPT(l,r,10); /* 6 */
|
|
||||||
D_ENCRYPT(r,l, 8); /* 5 */
|
|
||||||
D_ENCRYPT(l,r, 6); /* 4 */
|
|
||||||
D_ENCRYPT(r,l, 4); /* 3 */
|
|
||||||
D_ENCRYPT(l,r, 2); /* 2 */
|
|
||||||
D_ENCRYPT(r,l, 0); /* 1 */
|
|
||||||
#else
|
|
||||||
for (i=30; i>0; i-=8)
|
|
||||||
{
|
|
||||||
D_ENCRYPT(l,r,i-0); /* 16 */
|
|
||||||
D_ENCRYPT(r,l,i-2); /* 15 */
|
|
||||||
D_ENCRYPT(l,r,i-4); /* 14 */
|
|
||||||
D_ENCRYPT(r,l,i-6); /* 13 */
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
|
|
||||||
/* rotate and clear the top bits on machines with 8byte longs */
|
|
||||||
l=ROTATE(l,3)&0xffffffffL;
|
|
||||||
r=ROTATE(r,3)&0xffffffffL;
|
|
||||||
|
|
||||||
FP(r,l);
|
|
||||||
data[0]=l;
|
|
||||||
data[1]=r;
|
|
||||||
l=r=t=u=0;
|
|
||||||
}
|
|
||||||
|
|
||||||
void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
|
|
||||||
{
|
|
||||||
register DES_LONG l,r,t,u;
|
|
||||||
#ifdef DES_PTR
|
|
||||||
register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
|
|
||||||
#endif
|
|
||||||
#ifndef DES_UNROLL
|
|
||||||
register int i;
|
|
||||||
#endif
|
|
||||||
register DES_LONG *s;
|
|
||||||
|
|
||||||
if(FIPS_selftest_failed())
|
|
||||||
{
|
|
||||||
data[0]=data[1]=0;
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
r=data[0];
|
|
||||||
l=data[1];
|
|
||||||
|
|
||||||
/* Things have been modified so that the initial rotate is
|
|
||||||
* done outside the loop. This required the
|
|
||||||
* DES_SPtrans values in sp.h to be rotated 1 bit to the right.
|
|
||||||
* One perl script later and things have a 5% speed up on a sparc2.
|
|
||||||
* Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
|
|
||||||
* for pointing this out. */
|
|
||||||
/* clear the top bits on machines with 8byte longs */
|
|
||||||
r=ROTATE(r,29)&0xffffffffL;
|
|
||||||
l=ROTATE(l,29)&0xffffffffL;
|
|
||||||
|
|
||||||
s=ks->ks->deslong;
|
|
||||||
/* I don't know if it is worth the effort of loop unrolling the
|
|
||||||
* inner loop */
|
|
||||||
if (enc)
|
|
||||||
{
|
|
||||||
#ifdef DES_UNROLL
|
|
||||||
D_ENCRYPT(l,r, 0); /* 1 */
|
|
||||||
D_ENCRYPT(r,l, 2); /* 2 */
|
|
||||||
D_ENCRYPT(l,r, 4); /* 3 */
|
|
||||||
D_ENCRYPT(r,l, 6); /* 4 */
|
|
||||||
D_ENCRYPT(l,r, 8); /* 5 */
|
|
||||||
D_ENCRYPT(r,l,10); /* 6 */
|
|
||||||
D_ENCRYPT(l,r,12); /* 7 */
|
|
||||||
D_ENCRYPT(r,l,14); /* 8 */
|
|
||||||
D_ENCRYPT(l,r,16); /* 9 */
|
|
||||||
D_ENCRYPT(r,l,18); /* 10 */
|
|
||||||
D_ENCRYPT(l,r,20); /* 11 */
|
|
||||||
D_ENCRYPT(r,l,22); /* 12 */
|
|
||||||
D_ENCRYPT(l,r,24); /* 13 */
|
|
||||||
D_ENCRYPT(r,l,26); /* 14 */
|
|
||||||
D_ENCRYPT(l,r,28); /* 15 */
|
|
||||||
D_ENCRYPT(r,l,30); /* 16 */
|
|
||||||
#else
|
|
||||||
for (i=0; i<32; i+=8)
|
|
||||||
{
|
|
||||||
D_ENCRYPT(l,r,i+0); /* 1 */
|
|
||||||
D_ENCRYPT(r,l,i+2); /* 2 */
|
|
||||||
D_ENCRYPT(l,r,i+4); /* 3 */
|
|
||||||
D_ENCRYPT(r,l,i+6); /* 4 */
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
#ifdef DES_UNROLL
|
|
||||||
D_ENCRYPT(l,r,30); /* 16 */
|
|
||||||
D_ENCRYPT(r,l,28); /* 15 */
|
|
||||||
D_ENCRYPT(l,r,26); /* 14 */
|
|
||||||
D_ENCRYPT(r,l,24); /* 13 */
|
|
||||||
D_ENCRYPT(l,r,22); /* 12 */
|
|
||||||
D_ENCRYPT(r,l,20); /* 11 */
|
|
||||||
D_ENCRYPT(l,r,18); /* 10 */
|
|
||||||
D_ENCRYPT(r,l,16); /* 9 */
|
|
||||||
D_ENCRYPT(l,r,14); /* 8 */
|
|
||||||
D_ENCRYPT(r,l,12); /* 7 */
|
|
||||||
D_ENCRYPT(l,r,10); /* 6 */
|
|
||||||
D_ENCRYPT(r,l, 8); /* 5 */
|
|
||||||
D_ENCRYPT(l,r, 6); /* 4 */
|
|
||||||
D_ENCRYPT(r,l, 4); /* 3 */
|
|
||||||
D_ENCRYPT(l,r, 2); /* 2 */
|
|
||||||
D_ENCRYPT(r,l, 0); /* 1 */
|
|
||||||
#else
|
|
||||||
for (i=30; i>0; i-=8)
|
|
||||||
{
|
|
||||||
D_ENCRYPT(l,r,i-0); /* 16 */
|
|
||||||
D_ENCRYPT(r,l,i-2); /* 15 */
|
|
||||||
D_ENCRYPT(l,r,i-4); /* 14 */
|
|
||||||
D_ENCRYPT(r,l,i-6); /* 13 */
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
/* rotate and clear the top bits on machines with 8byte longs */
|
|
||||||
data[0]=ROTATE(l,3)&0xffffffffL;
|
|
||||||
data[1]=ROTATE(r,3)&0xffffffffL;
|
|
||||||
l=r=t=u=0;
|
|
||||||
}
|
|
||||||
|
|
||||||
void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
|
|
||||||
DES_key_schedule *ks2, DES_key_schedule *ks3)
|
|
||||||
{
|
|
||||||
register DES_LONG l,r;
|
|
||||||
|
|
||||||
l=data[0];
|
|
||||||
r=data[1];
|
|
||||||
IP(l,r);
|
|
||||||
data[0]=l;
|
|
||||||
data[1]=r;
|
|
||||||
DES_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
|
|
||||||
DES_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
|
|
||||||
DES_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
|
|
||||||
l=data[0];
|
|
||||||
r=data[1];
|
|
||||||
FP(r,l);
|
|
||||||
data[0]=l;
|
|
||||||
data[1]=r;
|
|
||||||
}
|
|
||||||
|
|
||||||
void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
|
|
||||||
DES_key_schedule *ks2, DES_key_schedule *ks3)
|
|
||||||
{
|
|
||||||
register DES_LONG l,r;
|
|
||||||
|
|
||||||
l=data[0];
|
|
||||||
r=data[1];
|
|
||||||
IP(l,r);
|
|
||||||
data[0]=l;
|
|
||||||
data[1]=r;
|
|
||||||
DES_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
|
|
||||||
DES_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
|
|
||||||
DES_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
|
|
||||||
l=data[0];
|
|
||||||
r=data[1];
|
|
||||||
FP(r,l);
|
|
||||||
data[0]=l;
|
|
||||||
data[1]=r;
|
|
||||||
}
|
|
||||||
|
|
||||||
#else /* ndef OPENSSL_FIPS */
|
|
||||||
|
|
||||||
static void *dummy=&dummy;
|
|
||||||
|
|
||||||
#endif /* ndef OPENSSL_FIPS */
|
|
||||||
|
|
|
@ -1,428 +0,0 @@
|
||||||
/* crypto/des/des_locl.h */
|
|
||||||
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_DES_LOCL_H
|
|
||||||
#define HEADER_DES_LOCL_H
|
|
||||||
|
|
||||||
#include "e_os.h"
|
|
||||||
|
|
||||||
#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
|
|
||||||
#ifndef OPENSSL_SYS_MSDOS
|
|
||||||
#define OPENSSL_SYS_MSDOS
|
|
||||||
#endif
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#include <stdio.h>
|
|
||||||
#include <stdlib.h>
|
|
||||||
|
|
||||||
#ifndef OPENSSL_SYS_MSDOS
|
|
||||||
#if !defined(OPENSSL_SYS_VMS) || defined(__DECC)
|
|
||||||
#ifdef OPENSSL_UNISTD
|
|
||||||
# include OPENSSL_UNISTD
|
|
||||||
#else
|
|
||||||
# include <unistd.h>
|
|
||||||
#endif
|
|
||||||
#include <math.h>
|
|
||||||
#endif
|
|
||||||
#endif
|
|
||||||
#include <openssl/des.h>
|
|
||||||
|
|
||||||
#ifdef OPENSSL_SYS_MSDOS /* Visual C++ 2.1 (Windows NT/95) */
|
|
||||||
#include <stdlib.h>
|
|
||||||
#include <errno.h>
|
|
||||||
#include <time.h>
|
|
||||||
#include <io.h>
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(__STDC__) || defined(OPENSSL_SYS_VMS) || defined(M_XENIX) || defined(OPENSSL_SYS_MSDOS)
|
|
||||||
#include <string.h>
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifdef OPENSSL_BUILD_SHLIBCRYPTO
|
|
||||||
# undef OPENSSL_EXTERN
|
|
||||||
# define OPENSSL_EXTERN OPENSSL_EXPORT
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#define ITERATIONS 16
|
|
||||||
#define HALF_ITERATIONS 8
|
|
||||||
|
|
||||||
/* used in des_read and des_write */
|
|
||||||
#define MAXWRITE (1024*16)
|
|
||||||
#define BSIZE (MAXWRITE+4)
|
|
||||||
|
|
||||||
#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
|
|
||||||
l|=((DES_LONG)(*((c)++)))<< 8L, \
|
|
||||||
l|=((DES_LONG)(*((c)++)))<<16L, \
|
|
||||||
l|=((DES_LONG)(*((c)++)))<<24L)
|
|
||||||
|
|
||||||
/* NOTE - c is not incremented as per c2l */
|
|
||||||
#define c2ln(c,l1,l2,n) { \
|
|
||||||
c+=n; \
|
|
||||||
l1=l2=0; \
|
|
||||||
switch (n) { \
|
|
||||||
case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
|
|
||||||
case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
|
|
||||||
case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
|
|
||||||
case 5: l2|=((DES_LONG)(*(--(c)))); \
|
|
||||||
case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
|
|
||||||
case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
|
|
||||||
case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
|
|
||||||
case 1: l1|=((DES_LONG)(*(--(c)))); \
|
|
||||||
} \
|
|
||||||
}
|
|
||||||
|
|
||||||
#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
|
|
||||||
*((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
|
|
||||||
*((c)++)=(unsigned char)(((l)>>16L)&0xff), \
|
|
||||||
*((c)++)=(unsigned char)(((l)>>24L)&0xff))
|
|
||||||
|
|
||||||
/* replacements for htonl and ntohl since I have no idea what to do
|
|
||||||
* when faced with machines with 8 byte longs. */
|
|
||||||
#define HDRSIZE 4
|
|
||||||
|
|
||||||
#define n2l(c,l) (l =((DES_LONG)(*((c)++)))<<24L, \
|
|
||||||
l|=((DES_LONG)(*((c)++)))<<16L, \
|
|
||||||
l|=((DES_LONG)(*((c)++)))<< 8L, \
|
|
||||||
l|=((DES_LONG)(*((c)++))))
|
|
||||||
|
|
||||||
#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
|
|
||||||
*((c)++)=(unsigned char)(((l)>>16L)&0xff), \
|
|
||||||
*((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
|
|
||||||
*((c)++)=(unsigned char)(((l) )&0xff))
|
|
||||||
|
|
||||||
/* NOTE - c is not incremented as per l2c */
|
|
||||||
#define l2cn(l1,l2,c,n) { \
|
|
||||||
c+=n; \
|
|
||||||
switch (n) { \
|
|
||||||
case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
|
|
||||||
case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
|
|
||||||
case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
|
|
||||||
case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
|
|
||||||
case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
|
|
||||||
case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
|
|
||||||
case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
|
|
||||||
case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
|
|
||||||
} \
|
|
||||||
}
|
|
||||||
|
|
||||||
#if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER)
|
|
||||||
#define ROTATE(a,n) (_lrotr(a,n))
|
|
||||||
#elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
|
|
||||||
# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
|
|
||||||
# define ROTATE(a,n) ({ register unsigned int ret; \
|
|
||||||
asm ("rorl %1,%0" \
|
|
||||||
: "=r"(ret) \
|
|
||||||
: "I"(n),"0"(a) \
|
|
||||||
: "cc"); \
|
|
||||||
ret; \
|
|
||||||
})
|
|
||||||
# endif
|
|
||||||
#endif
|
|
||||||
#ifndef ROTATE
|
|
||||||
#define ROTATE(a,n) (((a)>>(n))+((a)<<(32-(n))))
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Don't worry about the LOAD_DATA() stuff, that is used by
|
|
||||||
* fcrypt() to add it's little bit to the front */
|
|
||||||
|
|
||||||
#ifdef DES_FCRYPT
|
|
||||||
|
|
||||||
#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
|
|
||||||
{ DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
|
|
||||||
|
|
||||||
#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
|
|
||||||
t=R^(R>>16L); \
|
|
||||||
u=t&E0; t&=E1; \
|
|
||||||
tmp=(u<<16); u^=R^s[S ]; u^=tmp; \
|
|
||||||
tmp=(t<<16); t^=R^s[S+1]; t^=tmp
|
|
||||||
#else
|
|
||||||
#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
|
|
||||||
#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
|
|
||||||
u=R^s[S ]; \
|
|
||||||
t=R^s[S+1]
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* The changes to this macro may help or hinder, depending on the
|
|
||||||
* compiler and the architecture. gcc2 always seems to do well :-).
|
|
||||||
* Inspired by Dana How <how@isl.stanford.edu>
|
|
||||||
* DO NOT use the alternative version on machines with 8 byte longs.
|
|
||||||
* It does not seem to work on the Alpha, even when DES_LONG is 4
|
|
||||||
* bytes, probably an issue of accessing non-word aligned objects :-( */
|
|
||||||
#ifdef DES_PTR
|
|
||||||
|
|
||||||
/* It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there
|
|
||||||
* is no reason to not xor all the sub items together. This potentially
|
|
||||||
* saves a register since things can be xored directly into L */
|
|
||||||
|
|
||||||
#if defined(DES_RISC1) || defined(DES_RISC2)
|
|
||||||
#ifdef DES_RISC1
|
|
||||||
#define D_ENCRYPT(LL,R,S) { \
|
|
||||||
unsigned int u1,u2,u3; \
|
|
||||||
LOAD_DATA(R,S,u,t,E0,E1,u1); \
|
|
||||||
u2=(int)u>>8L; \
|
|
||||||
u1=(int)u&0xfc; \
|
|
||||||
u2&=0xfc; \
|
|
||||||
t=ROTATE(t,4); \
|
|
||||||
u>>=16L; \
|
|
||||||
LL^= *(const DES_LONG *)(des_SP +u1); \
|
|
||||||
LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
|
|
||||||
u3=(int)(u>>8L); \
|
|
||||||
u1=(int)u&0xfc; \
|
|
||||||
u3&=0xfc; \
|
|
||||||
LL^= *(const DES_LONG *)(des_SP+0x400+u1); \
|
|
||||||
LL^= *(const DES_LONG *)(des_SP+0x600+u3); \
|
|
||||||
u2=(int)t>>8L; \
|
|
||||||
u1=(int)t&0xfc; \
|
|
||||||
u2&=0xfc; \
|
|
||||||
t>>=16L; \
|
|
||||||
LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
|
|
||||||
LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
|
|
||||||
u3=(int)t>>8L; \
|
|
||||||
u1=(int)t&0xfc; \
|
|
||||||
u3&=0xfc; \
|
|
||||||
LL^= *(const DES_LONG *)(des_SP+0x500+u1); \
|
|
||||||
LL^= *(const DES_LONG *)(des_SP+0x700+u3); }
|
|
||||||
#endif
|
|
||||||
#ifdef DES_RISC2
|
|
||||||
#define D_ENCRYPT(LL,R,S) { \
|
|
||||||
unsigned int u1,u2,s1,s2; \
|
|
||||||
LOAD_DATA(R,S,u,t,E0,E1,u1); \
|
|
||||||
u2=(int)u>>8L; \
|
|
||||||
u1=(int)u&0xfc; \
|
|
||||||
u2&=0xfc; \
|
|
||||||
t=ROTATE(t,4); \
|
|
||||||
LL^= *(const DES_LONG *)(des_SP +u1); \
|
|
||||||
LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
|
|
||||||
s1=(int)(u>>16L); \
|
|
||||||
s2=(int)(u>>24L); \
|
|
||||||
s1&=0xfc; \
|
|
||||||
s2&=0xfc; \
|
|
||||||
LL^= *(const DES_LONG *)(des_SP+0x400+s1); \
|
|
||||||
LL^= *(const DES_LONG *)(des_SP+0x600+s2); \
|
|
||||||
u2=(int)t>>8L; \
|
|
||||||
u1=(int)t&0xfc; \
|
|
||||||
u2&=0xfc; \
|
|
||||||
LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
|
|
||||||
LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
|
|
||||||
s1=(int)(t>>16L); \
|
|
||||||
s2=(int)(t>>24L); \
|
|
||||||
s1&=0xfc; \
|
|
||||||
s2&=0xfc; \
|
|
||||||
LL^= *(const DES_LONG *)(des_SP+0x500+s1); \
|
|
||||||
LL^= *(const DES_LONG *)(des_SP+0x700+s2); }
|
|
||||||
#endif
|
|
||||||
#else
|
|
||||||
#define D_ENCRYPT(LL,R,S) { \
|
|
||||||
LOAD_DATA_tmp(R,S,u,t,E0,E1); \
|
|
||||||
t=ROTATE(t,4); \
|
|
||||||
LL^= \
|
|
||||||
*(const DES_LONG *)(des_SP +((u )&0xfc))^ \
|
|
||||||
*(const DES_LONG *)(des_SP+0x200+((u>> 8L)&0xfc))^ \
|
|
||||||
*(const DES_LONG *)(des_SP+0x400+((u>>16L)&0xfc))^ \
|
|
||||||
*(const DES_LONG *)(des_SP+0x600+((u>>24L)&0xfc))^ \
|
|
||||||
*(const DES_LONG *)(des_SP+0x100+((t )&0xfc))^ \
|
|
||||||
*(const DES_LONG *)(des_SP+0x300+((t>> 8L)&0xfc))^ \
|
|
||||||
*(const DES_LONG *)(des_SP+0x500+((t>>16L)&0xfc))^ \
|
|
||||||
*(const DES_LONG *)(des_SP+0x700+((t>>24L)&0xfc)); }
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#else /* original version */
|
|
||||||
|
|
||||||
#if defined(DES_RISC1) || defined(DES_RISC2)
|
|
||||||
#ifdef DES_RISC1
|
|
||||||
#define D_ENCRYPT(LL,R,S) {\
|
|
||||||
unsigned int u1,u2,u3; \
|
|
||||||
LOAD_DATA(R,S,u,t,E0,E1,u1); \
|
|
||||||
u>>=2L; \
|
|
||||||
t=ROTATE(t,6); \
|
|
||||||
u2=(int)u>>8L; \
|
|
||||||
u1=(int)u&0x3f; \
|
|
||||||
u2&=0x3f; \
|
|
||||||
u>>=16L; \
|
|
||||||
LL^=DES_SPtrans[0][u1]; \
|
|
||||||
LL^=DES_SPtrans[2][u2]; \
|
|
||||||
u3=(int)u>>8L; \
|
|
||||||
u1=(int)u&0x3f; \
|
|
||||||
u3&=0x3f; \
|
|
||||||
LL^=DES_SPtrans[4][u1]; \
|
|
||||||
LL^=DES_SPtrans[6][u3]; \
|
|
||||||
u2=(int)t>>8L; \
|
|
||||||
u1=(int)t&0x3f; \
|
|
||||||
u2&=0x3f; \
|
|
||||||
t>>=16L; \
|
|
||||||
LL^=DES_SPtrans[1][u1]; \
|
|
||||||
LL^=DES_SPtrans[3][u2]; \
|
|
||||||
u3=(int)t>>8L; \
|
|
||||||
u1=(int)t&0x3f; \
|
|
||||||
u3&=0x3f; \
|
|
||||||
LL^=DES_SPtrans[5][u1]; \
|
|
||||||
LL^=DES_SPtrans[7][u3]; }
|
|
||||||
#endif
|
|
||||||
#ifdef DES_RISC2
|
|
||||||
#define D_ENCRYPT(LL,R,S) {\
|
|
||||||
unsigned int u1,u2,s1,s2; \
|
|
||||||
LOAD_DATA(R,S,u,t,E0,E1,u1); \
|
|
||||||
u>>=2L; \
|
|
||||||
t=ROTATE(t,6); \
|
|
||||||
u2=(int)u>>8L; \
|
|
||||||
u1=(int)u&0x3f; \
|
|
||||||
u2&=0x3f; \
|
|
||||||
LL^=DES_SPtrans[0][u1]; \
|
|
||||||
LL^=DES_SPtrans[2][u2]; \
|
|
||||||
s1=(int)u>>16L; \
|
|
||||||
s2=(int)u>>24L; \
|
|
||||||
s1&=0x3f; \
|
|
||||||
s2&=0x3f; \
|
|
||||||
LL^=DES_SPtrans[4][s1]; \
|
|
||||||
LL^=DES_SPtrans[6][s2]; \
|
|
||||||
u2=(int)t>>8L; \
|
|
||||||
u1=(int)t&0x3f; \
|
|
||||||
u2&=0x3f; \
|
|
||||||
LL^=DES_SPtrans[1][u1]; \
|
|
||||||
LL^=DES_SPtrans[3][u2]; \
|
|
||||||
s1=(int)t>>16; \
|
|
||||||
s2=(int)t>>24L; \
|
|
||||||
s1&=0x3f; \
|
|
||||||
s2&=0x3f; \
|
|
||||||
LL^=DES_SPtrans[5][s1]; \
|
|
||||||
LL^=DES_SPtrans[7][s2]; }
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#else
|
|
||||||
|
|
||||||
#define D_ENCRYPT(LL,R,S) {\
|
|
||||||
LOAD_DATA_tmp(R,S,u,t,E0,E1); \
|
|
||||||
t=ROTATE(t,4); \
|
|
||||||
LL^=\
|
|
||||||
DES_SPtrans[0][(u>> 2L)&0x3f]^ \
|
|
||||||
DES_SPtrans[2][(u>>10L)&0x3f]^ \
|
|
||||||
DES_SPtrans[4][(u>>18L)&0x3f]^ \
|
|
||||||
DES_SPtrans[6][(u>>26L)&0x3f]^ \
|
|
||||||
DES_SPtrans[1][(t>> 2L)&0x3f]^ \
|
|
||||||
DES_SPtrans[3][(t>>10L)&0x3f]^ \
|
|
||||||
DES_SPtrans[5][(t>>18L)&0x3f]^ \
|
|
||||||
DES_SPtrans[7][(t>>26L)&0x3f]; }
|
|
||||||
#endif
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* IP and FP
|
|
||||||
* The problem is more of a geometric problem that random bit fiddling.
|
|
||||||
0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
|
|
||||||
8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
|
|
||||||
16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2
|
|
||||||
24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0
|
|
||||||
|
|
||||||
32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7
|
|
||||||
40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5
|
|
||||||
48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3
|
|
||||||
56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1
|
|
||||||
|
|
||||||
The output has been subject to swaps of the form
|
|
||||||
0 1 -> 3 1 but the odd and even bits have been put into
|
|
||||||
2 3 2 0
|
|
||||||
different words. The main trick is to remember that
|
|
||||||
t=((l>>size)^r)&(mask);
|
|
||||||
r^=t;
|
|
||||||
l^=(t<<size);
|
|
||||||
can be used to swap and move bits between words.
|
|
||||||
|
|
||||||
So l = 0 1 2 3 r = 16 17 18 19
|
|
||||||
4 5 6 7 20 21 22 23
|
|
||||||
8 9 10 11 24 25 26 27
|
|
||||||
12 13 14 15 28 29 30 31
|
|
||||||
becomes (for size == 2 and mask == 0x3333)
|
|
||||||
t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19
|
|
||||||
6^20 7^21 -- -- 4 5 20 21 6 7 22 23
|
|
||||||
10^24 11^25 -- -- 8 9 24 25 10 11 24 25
|
|
||||||
14^28 15^29 -- -- 12 13 28 29 14 15 28 29
|
|
||||||
|
|
||||||
Thanks for hints from Richard Outerbridge - he told me IP&FP
|
|
||||||
could be done in 15 xor, 10 shifts and 5 ands.
|
|
||||||
When I finally started to think of the problem in 2D
|
|
||||||
I first got ~42 operations without xors. When I remembered
|
|
||||||
how to use xors :-) I got it to its final state.
|
|
||||||
*/
|
|
||||||
#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
|
|
||||||
(b)^=(t),\
|
|
||||||
(a)^=((t)<<(n)))
|
|
||||||
|
|
||||||
#define IP(l,r) \
|
|
||||||
{ \
|
|
||||||
register DES_LONG tt; \
|
|
||||||
PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
|
|
||||||
PERM_OP(l,r,tt,16,0x0000ffffL); \
|
|
||||||
PERM_OP(r,l,tt, 2,0x33333333L); \
|
|
||||||
PERM_OP(l,r,tt, 8,0x00ff00ffL); \
|
|
||||||
PERM_OP(r,l,tt, 1,0x55555555L); \
|
|
||||||
}
|
|
||||||
|
|
||||||
#define FP(l,r) \
|
|
||||||
{ \
|
|
||||||
register DES_LONG tt; \
|
|
||||||
PERM_OP(l,r,tt, 1,0x55555555L); \
|
|
||||||
PERM_OP(r,l,tt, 8,0x00ff00ffL); \
|
|
||||||
PERM_OP(l,r,tt, 2,0x33333333L); \
|
|
||||||
PERM_OP(r,l,tt,16,0x0000ffffL); \
|
|
||||||
PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
|
|
||||||
}
|
|
||||||
|
|
||||||
extern const DES_LONG DES_SPtrans[8][64];
|
|
||||||
|
|
||||||
void fcrypt_body(DES_LONG *out,DES_key_schedule *ks,
|
|
||||||
DES_LONG Eswap0, DES_LONG Eswap1);
|
|
||||||
#endif
|
|
|
@ -1,417 +0,0 @@
|
||||||
/* crypto/des/set_key.c */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* set_key.c v 1.4 eay 24/9/91
|
|
||||||
* 1.4 Speed up by 400% :-)
|
|
||||||
* 1.3 added register declarations.
|
|
||||||
* 1.2 unrolled make_key_sched a bit more
|
|
||||||
* 1.1 added norm_expand_bits
|
|
||||||
* 1.0 First working version
|
|
||||||
*/
|
|
||||||
#include "fips_des_locl.h"
|
|
||||||
#include <openssl/fips.h>
|
|
||||||
|
|
||||||
#ifdef OPENSSL_FIPS
|
|
||||||
|
|
||||||
OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key); /* defaults to false */
|
|
||||||
|
|
||||||
static const unsigned char odd_parity[256]={
|
|
||||||
1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
|
|
||||||
16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
|
|
||||||
32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
|
|
||||||
49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
|
|
||||||
64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
|
|
||||||
81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
|
|
||||||
97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
|
|
||||||
112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
|
|
||||||
128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
|
|
||||||
145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
|
|
||||||
161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
|
|
||||||
176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
|
|
||||||
193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
|
|
||||||
208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
|
|
||||||
224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
|
|
||||||
241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
|
|
||||||
|
|
||||||
void DES_set_odd_parity(DES_cblock *key)
|
|
||||||
{
|
|
||||||
int i;
|
|
||||||
|
|
||||||
for (i=0; i<DES_KEY_SZ; i++)
|
|
||||||
(*key)[i]=odd_parity[(*key)[i]];
|
|
||||||
}
|
|
||||||
|
|
||||||
int DES_check_key_parity(const_DES_cblock *key)
|
|
||||||
{
|
|
||||||
int i;
|
|
||||||
|
|
||||||
for (i=0; i<DES_KEY_SZ; i++)
|
|
||||||
{
|
|
||||||
if ((*key)[i] != odd_parity[(*key)[i]])
|
|
||||||
return(0);
|
|
||||||
}
|
|
||||||
return(1);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Weak and semi week keys as take from
|
|
||||||
* %A D.W. Davies
|
|
||||||
* %A W.L. Price
|
|
||||||
* %T Security for Computer Networks
|
|
||||||
* %I John Wiley & Sons
|
|
||||||
* %D 1984
|
|
||||||
* Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
|
|
||||||
* (and actual cblock values).
|
|
||||||
*/
|
|
||||||
#define NUM_WEAK_KEY 16
|
|
||||||
static const DES_cblock weak_keys[NUM_WEAK_KEY]={
|
|
||||||
/* weak keys */
|
|
||||||
{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
|
|
||||||
{0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
|
|
||||||
{0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
|
|
||||||
{0xE0,0xE0,0xE0,0xE0,0xF1,0xF1,0xF1,0xF1},
|
|
||||||
/* semi-weak keys */
|
|
||||||
{0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
|
|
||||||
{0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
|
|
||||||
{0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
|
|
||||||
{0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
|
|
||||||
{0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
|
|
||||||
{0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
|
|
||||||
{0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
|
|
||||||
{0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
|
|
||||||
{0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
|
|
||||||
{0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
|
|
||||||
{0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
|
|
||||||
{0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};
|
|
||||||
|
|
||||||
int DES_is_weak_key(const_DES_cblock *key)
|
|
||||||
{
|
|
||||||
int i;
|
|
||||||
|
|
||||||
for (i=0; i<NUM_WEAK_KEY; i++)
|
|
||||||
/* Added == 0 to comparison, I obviously don't run
|
|
||||||
* this section very often :-(, thanks to
|
|
||||||
* engineering@MorningStar.Com for the fix
|
|
||||||
* eay 93/06/29
|
|
||||||
* Another problem, I was comparing only the first 4
|
|
||||||
* bytes, 97/03/18 */
|
|
||||||
if (memcmp(weak_keys[i],key,sizeof(DES_cblock)) == 0) return(1);
|
|
||||||
return(0);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* NOW DEFINED IN des_local.h
|
|
||||||
* See ecb_encrypt.c for a pseudo description of these macros.
|
|
||||||
* #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
|
|
||||||
* (b)^=(t),\
|
|
||||||
* (a)=((a)^((t)<<(n))))
|
|
||||||
*/
|
|
||||||
|
|
||||||
#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
|
|
||||||
(a)=(a)^(t)^(t>>(16-(n))))
|
|
||||||
|
|
||||||
static const DES_LONG des_skb[8][64]={
|
|
||||||
{
|
|
||||||
/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
|
|
||||||
0x00000000L,0x00000010L,0x20000000L,0x20000010L,
|
|
||||||
0x00010000L,0x00010010L,0x20010000L,0x20010010L,
|
|
||||||
0x00000800L,0x00000810L,0x20000800L,0x20000810L,
|
|
||||||
0x00010800L,0x00010810L,0x20010800L,0x20010810L,
|
|
||||||
0x00000020L,0x00000030L,0x20000020L,0x20000030L,
|
|
||||||
0x00010020L,0x00010030L,0x20010020L,0x20010030L,
|
|
||||||
0x00000820L,0x00000830L,0x20000820L,0x20000830L,
|
|
||||||
0x00010820L,0x00010830L,0x20010820L,0x20010830L,
|
|
||||||
0x00080000L,0x00080010L,0x20080000L,0x20080010L,
|
|
||||||
0x00090000L,0x00090010L,0x20090000L,0x20090010L,
|
|
||||||
0x00080800L,0x00080810L,0x20080800L,0x20080810L,
|
|
||||||
0x00090800L,0x00090810L,0x20090800L,0x20090810L,
|
|
||||||
0x00080020L,0x00080030L,0x20080020L,0x20080030L,
|
|
||||||
0x00090020L,0x00090030L,0x20090020L,0x20090030L,
|
|
||||||
0x00080820L,0x00080830L,0x20080820L,0x20080830L,
|
|
||||||
0x00090820L,0x00090830L,0x20090820L,0x20090830L,
|
|
||||||
},{
|
|
||||||
/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
|
|
||||||
0x00000000L,0x02000000L,0x00002000L,0x02002000L,
|
|
||||||
0x00200000L,0x02200000L,0x00202000L,0x02202000L,
|
|
||||||
0x00000004L,0x02000004L,0x00002004L,0x02002004L,
|
|
||||||
0x00200004L,0x02200004L,0x00202004L,0x02202004L,
|
|
||||||
0x00000400L,0x02000400L,0x00002400L,0x02002400L,
|
|
||||||
0x00200400L,0x02200400L,0x00202400L,0x02202400L,
|
|
||||||
0x00000404L,0x02000404L,0x00002404L,0x02002404L,
|
|
||||||
0x00200404L,0x02200404L,0x00202404L,0x02202404L,
|
|
||||||
0x10000000L,0x12000000L,0x10002000L,0x12002000L,
|
|
||||||
0x10200000L,0x12200000L,0x10202000L,0x12202000L,
|
|
||||||
0x10000004L,0x12000004L,0x10002004L,0x12002004L,
|
|
||||||
0x10200004L,0x12200004L,0x10202004L,0x12202004L,
|
|
||||||
0x10000400L,0x12000400L,0x10002400L,0x12002400L,
|
|
||||||
0x10200400L,0x12200400L,0x10202400L,0x12202400L,
|
|
||||||
0x10000404L,0x12000404L,0x10002404L,0x12002404L,
|
|
||||||
0x10200404L,0x12200404L,0x10202404L,0x12202404L,
|
|
||||||
},{
|
|
||||||
/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
|
|
||||||
0x00000000L,0x00000001L,0x00040000L,0x00040001L,
|
|
||||||
0x01000000L,0x01000001L,0x01040000L,0x01040001L,
|
|
||||||
0x00000002L,0x00000003L,0x00040002L,0x00040003L,
|
|
||||||
0x01000002L,0x01000003L,0x01040002L,0x01040003L,
|
|
||||||
0x00000200L,0x00000201L,0x00040200L,0x00040201L,
|
|
||||||
0x01000200L,0x01000201L,0x01040200L,0x01040201L,
|
|
||||||
0x00000202L,0x00000203L,0x00040202L,0x00040203L,
|
|
||||||
0x01000202L,0x01000203L,0x01040202L,0x01040203L,
|
|
||||||
0x08000000L,0x08000001L,0x08040000L,0x08040001L,
|
|
||||||
0x09000000L,0x09000001L,0x09040000L,0x09040001L,
|
|
||||||
0x08000002L,0x08000003L,0x08040002L,0x08040003L,
|
|
||||||
0x09000002L,0x09000003L,0x09040002L,0x09040003L,
|
|
||||||
0x08000200L,0x08000201L,0x08040200L,0x08040201L,
|
|
||||||
0x09000200L,0x09000201L,0x09040200L,0x09040201L,
|
|
||||||
0x08000202L,0x08000203L,0x08040202L,0x08040203L,
|
|
||||||
0x09000202L,0x09000203L,0x09040202L,0x09040203L,
|
|
||||||
},{
|
|
||||||
/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
|
|
||||||
0x00000000L,0x00100000L,0x00000100L,0x00100100L,
|
|
||||||
0x00000008L,0x00100008L,0x00000108L,0x00100108L,
|
|
||||||
0x00001000L,0x00101000L,0x00001100L,0x00101100L,
|
|
||||||
0x00001008L,0x00101008L,0x00001108L,0x00101108L,
|
|
||||||
0x04000000L,0x04100000L,0x04000100L,0x04100100L,
|
|
||||||
0x04000008L,0x04100008L,0x04000108L,0x04100108L,
|
|
||||||
0x04001000L,0x04101000L,0x04001100L,0x04101100L,
|
|
||||||
0x04001008L,0x04101008L,0x04001108L,0x04101108L,
|
|
||||||
0x00020000L,0x00120000L,0x00020100L,0x00120100L,
|
|
||||||
0x00020008L,0x00120008L,0x00020108L,0x00120108L,
|
|
||||||
0x00021000L,0x00121000L,0x00021100L,0x00121100L,
|
|
||||||
0x00021008L,0x00121008L,0x00021108L,0x00121108L,
|
|
||||||
0x04020000L,0x04120000L,0x04020100L,0x04120100L,
|
|
||||||
0x04020008L,0x04120008L,0x04020108L,0x04120108L,
|
|
||||||
0x04021000L,0x04121000L,0x04021100L,0x04121100L,
|
|
||||||
0x04021008L,0x04121008L,0x04021108L,0x04121108L,
|
|
||||||
},{
|
|
||||||
/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
|
|
||||||
0x00000000L,0x10000000L,0x00010000L,0x10010000L,
|
|
||||||
0x00000004L,0x10000004L,0x00010004L,0x10010004L,
|
|
||||||
0x20000000L,0x30000000L,0x20010000L,0x30010000L,
|
|
||||||
0x20000004L,0x30000004L,0x20010004L,0x30010004L,
|
|
||||||
0x00100000L,0x10100000L,0x00110000L,0x10110000L,
|
|
||||||
0x00100004L,0x10100004L,0x00110004L,0x10110004L,
|
|
||||||
0x20100000L,0x30100000L,0x20110000L,0x30110000L,
|
|
||||||
0x20100004L,0x30100004L,0x20110004L,0x30110004L,
|
|
||||||
0x00001000L,0x10001000L,0x00011000L,0x10011000L,
|
|
||||||
0x00001004L,0x10001004L,0x00011004L,0x10011004L,
|
|
||||||
0x20001000L,0x30001000L,0x20011000L,0x30011000L,
|
|
||||||
0x20001004L,0x30001004L,0x20011004L,0x30011004L,
|
|
||||||
0x00101000L,0x10101000L,0x00111000L,0x10111000L,
|
|
||||||
0x00101004L,0x10101004L,0x00111004L,0x10111004L,
|
|
||||||
0x20101000L,0x30101000L,0x20111000L,0x30111000L,
|
|
||||||
0x20101004L,0x30101004L,0x20111004L,0x30111004L,
|
|
||||||
},{
|
|
||||||
/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
|
|
||||||
0x00000000L,0x08000000L,0x00000008L,0x08000008L,
|
|
||||||
0x00000400L,0x08000400L,0x00000408L,0x08000408L,
|
|
||||||
0x00020000L,0x08020000L,0x00020008L,0x08020008L,
|
|
||||||
0x00020400L,0x08020400L,0x00020408L,0x08020408L,
|
|
||||||
0x00000001L,0x08000001L,0x00000009L,0x08000009L,
|
|
||||||
0x00000401L,0x08000401L,0x00000409L,0x08000409L,
|
|
||||||
0x00020001L,0x08020001L,0x00020009L,0x08020009L,
|
|
||||||
0x00020401L,0x08020401L,0x00020409L,0x08020409L,
|
|
||||||
0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
|
|
||||||
0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
|
|
||||||
0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
|
|
||||||
0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
|
|
||||||
0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
|
|
||||||
0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
|
|
||||||
0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
|
|
||||||
0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
|
|
||||||
},{
|
|
||||||
/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
|
|
||||||
0x00000000L,0x00000100L,0x00080000L,0x00080100L,
|
|
||||||
0x01000000L,0x01000100L,0x01080000L,0x01080100L,
|
|
||||||
0x00000010L,0x00000110L,0x00080010L,0x00080110L,
|
|
||||||
0x01000010L,0x01000110L,0x01080010L,0x01080110L,
|
|
||||||
0x00200000L,0x00200100L,0x00280000L,0x00280100L,
|
|
||||||
0x01200000L,0x01200100L,0x01280000L,0x01280100L,
|
|
||||||
0x00200010L,0x00200110L,0x00280010L,0x00280110L,
|
|
||||||
0x01200010L,0x01200110L,0x01280010L,0x01280110L,
|
|
||||||
0x00000200L,0x00000300L,0x00080200L,0x00080300L,
|
|
||||||
0x01000200L,0x01000300L,0x01080200L,0x01080300L,
|
|
||||||
0x00000210L,0x00000310L,0x00080210L,0x00080310L,
|
|
||||||
0x01000210L,0x01000310L,0x01080210L,0x01080310L,
|
|
||||||
0x00200200L,0x00200300L,0x00280200L,0x00280300L,
|
|
||||||
0x01200200L,0x01200300L,0x01280200L,0x01280300L,
|
|
||||||
0x00200210L,0x00200310L,0x00280210L,0x00280310L,
|
|
||||||
0x01200210L,0x01200310L,0x01280210L,0x01280310L,
|
|
||||||
},{
|
|
||||||
/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
|
|
||||||
0x00000000L,0x04000000L,0x00040000L,0x04040000L,
|
|
||||||
0x00000002L,0x04000002L,0x00040002L,0x04040002L,
|
|
||||||
0x00002000L,0x04002000L,0x00042000L,0x04042000L,
|
|
||||||
0x00002002L,0x04002002L,0x00042002L,0x04042002L,
|
|
||||||
0x00000020L,0x04000020L,0x00040020L,0x04040020L,
|
|
||||||
0x00000022L,0x04000022L,0x00040022L,0x04040022L,
|
|
||||||
0x00002020L,0x04002020L,0x00042020L,0x04042020L,
|
|
||||||
0x00002022L,0x04002022L,0x00042022L,0x04042022L,
|
|
||||||
0x00000800L,0x04000800L,0x00040800L,0x04040800L,
|
|
||||||
0x00000802L,0x04000802L,0x00040802L,0x04040802L,
|
|
||||||
0x00002800L,0x04002800L,0x00042800L,0x04042800L,
|
|
||||||
0x00002802L,0x04002802L,0x00042802L,0x04042802L,
|
|
||||||
0x00000820L,0x04000820L,0x00040820L,0x04040820L,
|
|
||||||
0x00000822L,0x04000822L,0x00040822L,0x04040822L,
|
|
||||||
0x00002820L,0x04002820L,0x00042820L,0x04042820L,
|
|
||||||
0x00002822L,0x04002822L,0x00042822L,0x04042822L,
|
|
||||||
}};
|
|
||||||
|
|
||||||
int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
|
|
||||||
{
|
|
||||||
if (FIPS_selftest_failed())
|
|
||||||
return -3;
|
|
||||||
if (DES_check_key)
|
|
||||||
{
|
|
||||||
return DES_set_key_checked(key, schedule);
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
DES_set_key_unchecked(key, schedule);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/* return 0 if key parity is odd (correct),
|
|
||||||
* return -1 if key parity error,
|
|
||||||
* return -2 if illegal weak key.
|
|
||||||
*/
|
|
||||||
int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
|
|
||||||
{
|
|
||||||
if (!DES_check_key_parity(key))
|
|
||||||
return(-1);
|
|
||||||
if (DES_is_weak_key(key))
|
|
||||||
return(-2);
|
|
||||||
if (FIPS_selftest_failed())
|
|
||||||
return -3;
|
|
||||||
|
|
||||||
DES_set_key_unchecked(key, schedule);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
|
|
||||||
{
|
|
||||||
static const int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
|
|
||||||
register DES_LONG c,d,t,s,t2;
|
|
||||||
register const unsigned char *in;
|
|
||||||
register DES_LONG *k;
|
|
||||||
register int i;
|
|
||||||
|
|
||||||
#ifdef OPENBSD_DEV_CRYPTO
|
|
||||||
memcpy(schedule->key,key,sizeof schedule->key);
|
|
||||||
schedule->session=NULL;
|
|
||||||
#endif
|
|
||||||
k = &schedule->ks->deslong[0];
|
|
||||||
in = &(*key)[0];
|
|
||||||
|
|
||||||
c2l(in,c);
|
|
||||||
c2l(in,d);
|
|
||||||
|
|
||||||
/* do PC1 in 47 simple operations :-)
|
|
||||||
* Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
|
|
||||||
* for the inspiration. :-) */
|
|
||||||
PERM_OP (d,c,t,4,0x0f0f0f0fL);
|
|
||||||
HPERM_OP(c,t,-2,0xcccc0000L);
|
|
||||||
HPERM_OP(d,t,-2,0xcccc0000L);
|
|
||||||
PERM_OP (d,c,t,1,0x55555555L);
|
|
||||||
PERM_OP (c,d,t,8,0x00ff00ffL);
|
|
||||||
PERM_OP (d,c,t,1,0x55555555L);
|
|
||||||
d= (((d&0x000000ffL)<<16L)| (d&0x0000ff00L) |
|
|
||||||
((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
|
|
||||||
c&=0x0fffffffL;
|
|
||||||
|
|
||||||
for (i=0; i<ITERATIONS; i++)
|
|
||||||
{
|
|
||||||
if (shifts2[i])
|
|
||||||
{ c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
|
|
||||||
else
|
|
||||||
{ c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
|
|
||||||
c&=0x0fffffffL;
|
|
||||||
d&=0x0fffffffL;
|
|
||||||
/* could be a few less shifts but I am to lazy at this
|
|
||||||
* point in time to investigate */
|
|
||||||
s= des_skb[0][ (c )&0x3f ]|
|
|
||||||
des_skb[1][((c>> 6L)&0x03)|((c>> 7L)&0x3c)]|
|
|
||||||
des_skb[2][((c>>13L)&0x0f)|((c>>14L)&0x30)]|
|
|
||||||
des_skb[3][((c>>20L)&0x01)|((c>>21L)&0x06) |
|
|
||||||
((c>>22L)&0x38)];
|
|
||||||
t= des_skb[4][ (d )&0x3f ]|
|
|
||||||
des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
|
|
||||||
des_skb[6][ (d>>15L)&0x3f ]|
|
|
||||||
des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
|
|
||||||
|
|
||||||
/* table contained 0213 4657 */
|
|
||||||
t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
|
|
||||||
*(k++)=ROTATE(t2,30)&0xffffffffL;
|
|
||||||
|
|
||||||
t2=((s>>16L)|(t&0xffff0000L));
|
|
||||||
*(k++)=ROTATE(t2,26)&0xffffffffL;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
|
|
||||||
{
|
|
||||||
return(DES_set_key(key,schedule));
|
|
||||||
}
|
|
||||||
/*
|
|
||||||
#undef des_fixup_key_parity
|
|
||||||
void des_fixup_key_parity(des_cblock *key)
|
|
||||||
{
|
|
||||||
des_set_odd_parity(key);
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
#endif /* def OPENSSL_FIPS */
|
|
|
@ -91,14 +91,14 @@ fips_dsa_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
|
||||||
fips_dsa_gen.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
|
fips_dsa_gen.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
|
||||||
fips_dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
|
fips_dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
|
||||||
fips_dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
|
fips_dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
|
||||||
fips_dsa_gen.o: ../../include/openssl/fips.h ../../include/openssl/fips_sha.h
|
fips_dsa_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
|
||||||
fips_dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
|
fips_dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
|
||||||
fips_dsa_gen.o: ../../include/openssl/objects.h
|
|
||||||
fips_dsa_gen.o: ../../include/openssl/opensslconf.h
|
fips_dsa_gen.o: ../../include/openssl/opensslconf.h
|
||||||
fips_dsa_gen.o: ../../include/openssl/opensslv.h
|
fips_dsa_gen.o: ../../include/openssl/opensslv.h
|
||||||
fips_dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
|
fips_dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
|
||||||
fips_dsa_gen.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
|
fips_dsa_gen.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
|
||||||
fips_dsa_gen.o: ../../include/openssl/symhacks.h fips_dsa_gen.c
|
fips_dsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||||
|
fips_dsa_gen.o: fips_dsa_gen.c
|
||||||
fips_dsa_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
|
fips_dsa_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
|
||||||
fips_dsa_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
|
fips_dsa_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
|
||||||
fips_dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
|
fips_dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
|
||||||
|
@ -168,9 +168,8 @@ fips_dssvs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
|
||||||
fips_dssvs.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
|
fips_dssvs.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
|
||||||
fips_dssvs.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
|
fips_dssvs.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
|
||||||
fips_dssvs.o: ../../include/openssl/err.h ../../include/openssl/evp.h
|
fips_dssvs.o: ../../include/openssl/err.h ../../include/openssl/evp.h
|
||||||
fips_dssvs.o: ../../include/openssl/fips.h ../../include/openssl/fips_sha.h
|
fips_dssvs.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
|
||||||
fips_dssvs.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
|
fips_dssvs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
|
||||||
fips_dssvs.o: ../../include/openssl/objects.h
|
|
||||||
fips_dssvs.o: ../../include/openssl/opensslconf.h
|
fips_dssvs.o: ../../include/openssl/opensslconf.h
|
||||||
fips_dssvs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
|
fips_dssvs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
|
||||||
fips_dssvs.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
|
fips_dssvs.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
|
||||||
|
|
|
@ -80,7 +80,7 @@
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
#include <openssl/dsa.h>
|
#include <openssl/dsa.h>
|
||||||
#include <openssl/rand.h>
|
#include <openssl/rand.h>
|
||||||
#include <openssl/fips_sha.h>
|
#include <openssl/sha.h>
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
|
|
||||||
#ifdef OPENSSL_FIPS
|
#ifdef OPENSSL_FIPS
|
||||||
|
|
|
@ -15,7 +15,6 @@ int main()
|
||||||
#include <openssl/fips.h>
|
#include <openssl/fips.h>
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
#include <openssl/fips_sha.h>
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <ctype.h>
|
#include <ctype.h>
|
||||||
|
|
||||||
|
|
|
@ -21,11 +21,11 @@
|
||||||
#include <openssl/rsa.h>
|
#include <openssl/rsa.h>
|
||||||
#include <openssl/dsa.h>
|
#include <openssl/dsa.h>
|
||||||
#include <openssl/hmac.h>
|
#include <openssl/hmac.h>
|
||||||
#include <openssl/fips_sha.h>
|
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
#include <openssl/fips.h>
|
#include <openssl/fips.h>
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
#include <openssl/rand.h>
|
#include <openssl/rand.h>
|
||||||
|
#include <openssl/sha.h>
|
||||||
|
|
||||||
|
|
||||||
#ifndef OPENSSL_FIPS
|
#ifndef OPENSSL_FIPS
|
||||||
|
|
|
@ -129,7 +129,6 @@ fips_rsa_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
|
||||||
fips_rsa_selftest.o: ../../include/openssl/crypto.h
|
fips_rsa_selftest.o: ../../include/openssl/crypto.h
|
||||||
fips_rsa_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
|
fips_rsa_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
|
||||||
fips_rsa_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
|
fips_rsa_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
|
||||||
fips_rsa_selftest.o: ../../include/openssl/fips_sha.h
|
|
||||||
fips_rsa_selftest.o: ../../include/openssl/lhash.h
|
fips_rsa_selftest.o: ../../include/openssl/lhash.h
|
||||||
fips_rsa_selftest.o: ../../include/openssl/obj_mac.h
|
fips_rsa_selftest.o: ../../include/openssl/obj_mac.h
|
||||||
fips_rsa_selftest.o: ../../include/openssl/objects.h
|
fips_rsa_selftest.o: ../../include/openssl/objects.h
|
||||||
|
|
|
@ -52,7 +52,6 @@
|
||||||
#include <openssl/fips.h>
|
#include <openssl/fips.h>
|
||||||
#include <openssl/rsa.h>
|
#include <openssl/rsa.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
#include <openssl/fips_sha.h>
|
|
||||||
#include <openssl/opensslconf.h>
|
#include <openssl/opensslconf.h>
|
||||||
|
|
||||||
#ifdef OPENSSL_FIPS
|
#ifdef OPENSSL_FIPS
|
||||||
|
|
|
@ -47,9 +47,9 @@ lib: $(LIBOBJ)
|
||||||
@echo $(LIBOBJ) > lib
|
@echo $(LIBOBJ) > lib
|
||||||
|
|
||||||
fips_standalone_sha1$(EXE_EXT): fips_standalone_sha1.o
|
fips_standalone_sha1$(EXE_EXT): fips_standalone_sha1.o
|
||||||
FIPS_SHA_ASM=""; for i in $(SHA1_ASM_OBJ) ; do FIPS_SHA_ASM="$$FIPS_SHA_ASM ../../crypto/sha/$$i" ; done; \
|
FIPS_SHA_ASM=""; for i in $(SHA1_ASM_OBJ) sha1dgst.o ; do FIPS_SHA_ASM="$$FIPS_SHA_ASM ../../crypto/sha/$$i" ; done; \
|
||||||
$(CC) -o fips_standalone_sha1$(EXE_EXT) $(CFLAGS) \
|
$(CC) -o fips_standalone_sha1$(EXE_EXT) $(CFLAGS) \
|
||||||
fips_standalone_sha1.o ../crypto/sha/sha1dgst.o $$FIPS_SHA_ASM
|
fips_standalone_sha1.o $$FIPS_SHA_ASM
|
||||||
|
|
||||||
files:
|
files:
|
||||||
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
|
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
|
||||||
|
@ -149,7 +149,6 @@ fips_standalone_sha1.o: ../../include/openssl/crypto.h
|
||||||
fips_standalone_sha1.o: ../../include/openssl/e_os2.h
|
fips_standalone_sha1.o: ../../include/openssl/e_os2.h
|
||||||
fips_standalone_sha1.o: ../../include/openssl/evp.h
|
fips_standalone_sha1.o: ../../include/openssl/evp.h
|
||||||
fips_standalone_sha1.o: ../../include/openssl/fips.h
|
fips_standalone_sha1.o: ../../include/openssl/fips.h
|
||||||
fips_standalone_sha1.o: ../../include/openssl/fips_sha.h
|
|
||||||
fips_standalone_sha1.o: ../../include/openssl/hmac.h
|
fips_standalone_sha1.o: ../../include/openssl/hmac.h
|
||||||
fips_standalone_sha1.o: ../../include/openssl/obj_mac.h
|
fips_standalone_sha1.o: ../../include/openssl/obj_mac.h
|
||||||
fips_standalone_sha1.o: ../../include/openssl/objects.h
|
fips_standalone_sha1.o: ../../include/openssl/objects.h
|
||||||
|
@ -157,5 +156,6 @@ fips_standalone_sha1.o: ../../include/openssl/opensslconf.h
|
||||||
fips_standalone_sha1.o: ../../include/openssl/opensslv.h
|
fips_standalone_sha1.o: ../../include/openssl/opensslv.h
|
||||||
fips_standalone_sha1.o: ../../include/openssl/ossl_typ.h
|
fips_standalone_sha1.o: ../../include/openssl/ossl_typ.h
|
||||||
fips_standalone_sha1.o: ../../include/openssl/safestack.h
|
fips_standalone_sha1.o: ../../include/openssl/safestack.h
|
||||||
|
fips_standalone_sha1.o: ../../include/openssl/sha.h
|
||||||
fips_standalone_sha1.o: ../../include/openssl/stack.h
|
fips_standalone_sha1.o: ../../include/openssl/stack.h
|
||||||
fips_standalone_sha1.o: ../../include/openssl/symhacks.h fips_standalone_sha1.c
|
fips_standalone_sha1.o: ../../include/openssl/symhacks.h fips_standalone_sha1.c
|
||||||
|
|
|
@ -1,623 +0,0 @@
|
||||||
/* crypto/md32_common.h */
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This is a generic 32 bit "collector" for message digest algorithms.
|
|
||||||
* Whenever needed it collects input character stream into chunks of
|
|
||||||
* 32 bit values and invokes a block function that performs actual hash
|
|
||||||
* calculations.
|
|
||||||
*
|
|
||||||
* Porting guide.
|
|
||||||
*
|
|
||||||
* Obligatory macros:
|
|
||||||
*
|
|
||||||
* DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
|
|
||||||
* this macro defines byte order of input stream.
|
|
||||||
* HASH_CBLOCK
|
|
||||||
* size of a unit chunk HASH_BLOCK operates on.
|
|
||||||
* HASH_LONG
|
|
||||||
* has to be at lest 32 bit wide, if it's wider, then
|
|
||||||
* HASH_LONG_LOG2 *has to* be defined along
|
|
||||||
* HASH_CTX
|
|
||||||
* context structure that at least contains following
|
|
||||||
* members:
|
|
||||||
* typedef struct {
|
|
||||||
* ...
|
|
||||||
* HASH_LONG Nl,Nh;
|
|
||||||
* HASH_LONG data[HASH_LBLOCK];
|
|
||||||
* unsigned int num;
|
|
||||||
* ...
|
|
||||||
* } HASH_CTX;
|
|
||||||
* HASH_UPDATE
|
|
||||||
* name of "Update" function, implemented here.
|
|
||||||
* HASH_TRANSFORM
|
|
||||||
* name of "Transform" function, implemented here.
|
|
||||||
* HASH_FINAL
|
|
||||||
* name of "Final" function, implemented here.
|
|
||||||
* HASH_BLOCK_HOST_ORDER
|
|
||||||
* name of "block" function treating *aligned* input message
|
|
||||||
* in host byte order, implemented externally.
|
|
||||||
* HASH_BLOCK_DATA_ORDER
|
|
||||||
* name of "block" function treating *unaligned* input message
|
|
||||||
* in original (data) byte order, implemented externally (it
|
|
||||||
* actually is optional if data and host are of the same
|
|
||||||
* "endianess").
|
|
||||||
* HASH_MAKE_STRING
|
|
||||||
* macro convering context variables to an ASCII hash string.
|
|
||||||
*
|
|
||||||
* Optional macros:
|
|
||||||
*
|
|
||||||
* B_ENDIAN or L_ENDIAN
|
|
||||||
* defines host byte-order.
|
|
||||||
* HASH_LONG_LOG2
|
|
||||||
* defaults to 2 if not states otherwise.
|
|
||||||
* HASH_LBLOCK
|
|
||||||
* assumed to be HASH_CBLOCK/4 if not stated otherwise.
|
|
||||||
* HASH_BLOCK_DATA_ORDER_ALIGNED
|
|
||||||
* alternative "block" function capable of treating
|
|
||||||
* aligned input message in original (data) order,
|
|
||||||
* implemented externally.
|
|
||||||
*
|
|
||||||
* MD5 example:
|
|
||||||
*
|
|
||||||
* #define DATA_ORDER_IS_LITTLE_ENDIAN
|
|
||||||
*
|
|
||||||
* #define HASH_LONG MD5_LONG
|
|
||||||
* #define HASH_LONG_LOG2 MD5_LONG_LOG2
|
|
||||||
* #define HASH_CTX MD5_CTX
|
|
||||||
* #define HASH_CBLOCK MD5_CBLOCK
|
|
||||||
* #define HASH_LBLOCK MD5_LBLOCK
|
|
||||||
* #define HASH_UPDATE MD5_Update
|
|
||||||
* #define HASH_TRANSFORM MD5_Transform
|
|
||||||
* #define HASH_FINAL MD5_Final
|
|
||||||
* #define HASH_BLOCK_HOST_ORDER md5_block_host_order
|
|
||||||
* #define HASH_BLOCK_DATA_ORDER md5_block_data_order
|
|
||||||
*
|
|
||||||
* <appro@fy.chalmers.se>
|
|
||||||
*/
|
|
||||||
|
|
||||||
#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
|
|
||||||
#error "DATA_ORDER must be defined!"
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef HASH_CBLOCK
|
|
||||||
#error "HASH_CBLOCK must be defined!"
|
|
||||||
#endif
|
|
||||||
#ifndef HASH_LONG
|
|
||||||
#error "HASH_LONG must be defined!"
|
|
||||||
#endif
|
|
||||||
#ifndef HASH_CTX
|
|
||||||
#error "HASH_CTX must be defined!"
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef HASH_UPDATE
|
|
||||||
#error "HASH_UPDATE must be defined!"
|
|
||||||
#endif
|
|
||||||
#ifndef HASH_TRANSFORM
|
|
||||||
#error "HASH_TRANSFORM must be defined!"
|
|
||||||
#endif
|
|
||||||
#ifndef HASH_FINAL
|
|
||||||
#error "HASH_FINAL must be defined!"
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef HASH_BLOCK_HOST_ORDER
|
|
||||||
#error "HASH_BLOCK_HOST_ORDER must be defined!"
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if 0
|
|
||||||
/*
|
|
||||||
* Moved below as it's required only if HASH_BLOCK_DATA_ORDER_ALIGNED
|
|
||||||
* isn't defined.
|
|
||||||
*/
|
|
||||||
#ifndef HASH_BLOCK_DATA_ORDER
|
|
||||||
#error "HASH_BLOCK_DATA_ORDER must be defined!"
|
|
||||||
#endif
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef HASH_LBLOCK
|
|
||||||
#define HASH_LBLOCK (HASH_CBLOCK/4)
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef HASH_LONG_LOG2
|
|
||||||
#define HASH_LONG_LOG2 2
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Engage compiler specific rotate intrinsic function if available.
|
|
||||||
*/
|
|
||||||
#undef ROTATE
|
|
||||||
#ifndef PEDANTIC
|
|
||||||
# if defined(_MSC_VER) || defined(__ICC)
|
|
||||||
# define ROTATE(a,n) _lrotl(a,n)
|
|
||||||
# elif defined(__MWERKS__)
|
|
||||||
# if defined(__POWERPC__)
|
|
||||||
# define ROTATE(a,n) __rlwinm(a,n,0,31)
|
|
||||||
# elif defined(__MC68K__)
|
|
||||||
/* Motorola specific tweak. <appro@fy.chalmers.se> */
|
|
||||||
# define ROTATE(a,n) ( n<24 ? __rol(a,n) : __ror(a,32-n) )
|
|
||||||
# else
|
|
||||||
# define ROTATE(a,n) __rol(a,n)
|
|
||||||
# endif
|
|
||||||
# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
|
|
||||||
/*
|
|
||||||
* Some GNU C inline assembler templates. Note that these are
|
|
||||||
* rotates by *constant* number of bits! But that's exactly
|
|
||||||
* what we need here...
|
|
||||||
* <appro@fy.chalmers.se>
|
|
||||||
*/
|
|
||||||
# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
|
|
||||||
# define ROTATE(a,n) ({ register unsigned int ret; \
|
|
||||||
asm ( \
|
|
||||||
"roll %1,%0" \
|
|
||||||
: "=r"(ret) \
|
|
||||||
: "I"(n), "0"(a) \
|
|
||||||
: "cc"); \
|
|
||||||
ret; \
|
|
||||||
})
|
|
||||||
# elif defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
|
|
||||||
# define ROTATE(a,n) ({ register unsigned int ret; \
|
|
||||||
asm ( \
|
|
||||||
"rlwinm %0,%1,%2,0,31" \
|
|
||||||
: "=r"(ret) \
|
|
||||||
: "r"(a), "I"(n)); \
|
|
||||||
ret; \
|
|
||||||
})
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
#endif /* PEDANTIC */
|
|
||||||
|
|
||||||
#if HASH_LONG_LOG2==2 /* Engage only if sizeof(HASH_LONG)== 4 */
|
|
||||||
/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
|
|
||||||
#ifdef ROTATE
|
|
||||||
/* 5 instructions with rotate instruction, else 9 */
|
|
||||||
#define REVERSE_FETCH32(a,l) ( \
|
|
||||||
l=*(const HASH_LONG *)(a), \
|
|
||||||
((ROTATE(l,8)&0x00FF00FF)|(ROTATE((l&0x00FF00FF),24))) \
|
|
||||||
)
|
|
||||||
#else
|
|
||||||
/* 6 instructions with rotate instruction, else 8 */
|
|
||||||
#define REVERSE_FETCH32(a,l) ( \
|
|
||||||
l=*(const HASH_LONG *)(a), \
|
|
||||||
l=(((l>>8)&0x00FF00FF)|((l&0x00FF00FF)<<8)), \
|
|
||||||
ROTATE(l,16) \
|
|
||||||
)
|
|
||||||
/*
|
|
||||||
* Originally the middle line started with l=(((l&0xFF00FF00)>>8)|...
|
|
||||||
* It's rewritten as above for two reasons:
|
|
||||||
* - RISCs aren't good at long constants and have to explicitely
|
|
||||||
* compose 'em with several (well, usually 2) instructions in a
|
|
||||||
* register before performing the actual operation and (as you
|
|
||||||
* already realized:-) having same constant should inspire the
|
|
||||||
* compiler to permanently allocate the only register for it;
|
|
||||||
* - most modern CPUs have two ALUs, but usually only one has
|
|
||||||
* circuitry for shifts:-( this minor tweak inspires compiler
|
|
||||||
* to schedule shift instructions in a better way...
|
|
||||||
*
|
|
||||||
* <appro@fy.chalmers.se>
|
|
||||||
*/
|
|
||||||
#endif
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef ROTATE
|
|
||||||
#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Make some obvious choices. E.g., HASH_BLOCK_DATA_ORDER_ALIGNED
|
|
||||||
* and HASH_BLOCK_HOST_ORDER ought to be the same if input data
|
|
||||||
* and host are of the same "endianess". It's possible to mask
|
|
||||||
* this with blank #define HASH_BLOCK_DATA_ORDER though...
|
|
||||||
*
|
|
||||||
* <appro@fy.chalmers.se>
|
|
||||||
*/
|
|
||||||
#if defined(B_ENDIAN)
|
|
||||||
# if defined(DATA_ORDER_IS_BIG_ENDIAN)
|
|
||||||
# if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
|
|
||||||
# define HASH_BLOCK_DATA_ORDER_ALIGNED HASH_BLOCK_HOST_ORDER
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
#elif defined(L_ENDIAN)
|
|
||||||
# if defined(DATA_ORDER_IS_LITTLE_ENDIAN)
|
|
||||||
# if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
|
|
||||||
# define HASH_BLOCK_DATA_ORDER_ALIGNED HASH_BLOCK_HOST_ORDER
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
|
|
||||||
#ifndef HASH_BLOCK_DATA_ORDER
|
|
||||||
#error "HASH_BLOCK_DATA_ORDER must be defined!"
|
|
||||||
#endif
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(DATA_ORDER_IS_BIG_ENDIAN)
|
|
||||||
|
|
||||||
#ifndef PEDANTIC
|
|
||||||
# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
|
|
||||||
# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
|
|
||||||
/*
|
|
||||||
* This gives ~30-40% performance improvement in SHA-256 compiled
|
|
||||||
* with gcc [on P4]. Well, first macro to be frank. We can pull
|
|
||||||
* this trick on x86* platforms only, because these CPUs can fetch
|
|
||||||
* unaligned data without raising an exception.
|
|
||||||
*/
|
|
||||||
# define HOST_c2l(c,l) ({ unsigned int r=*((const unsigned int *)(c)); \
|
|
||||||
asm ("bswapl %0":"=r"(r):"0"(r)); \
|
|
||||||
(c)+=4; (l)=r; })
|
|
||||||
# define HOST_l2c(l,c) ({ unsigned int r=(l); \
|
|
||||||
asm ("bswapl %0":"=r"(r):"0"(r)); \
|
|
||||||
*((unsigned int *)(c))=r; (c)+=4; r; })
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef HOST_c2l
|
|
||||||
#define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \
|
|
||||||
l|=(((unsigned long)(*((c)++)))<<16), \
|
|
||||||
l|=(((unsigned long)(*((c)++)))<< 8), \
|
|
||||||
l|=(((unsigned long)(*((c)++))) ), \
|
|
||||||
l)
|
|
||||||
#endif
|
|
||||||
#define HOST_p_c2l(c,l,n) { \
|
|
||||||
switch (n) { \
|
|
||||||
case 0: l =((unsigned long)(*((c)++)))<<24; \
|
|
||||||
case 1: l|=((unsigned long)(*((c)++)))<<16; \
|
|
||||||
case 2: l|=((unsigned long)(*((c)++)))<< 8; \
|
|
||||||
case 3: l|=((unsigned long)(*((c)++))); \
|
|
||||||
} }
|
|
||||||
#define HOST_p_c2l_p(c,l,sc,len) { \
|
|
||||||
switch (sc) { \
|
|
||||||
case 0: l =((unsigned long)(*((c)++)))<<24; \
|
|
||||||
if (--len == 0) break; \
|
|
||||||
case 1: l|=((unsigned long)(*((c)++)))<<16; \
|
|
||||||
if (--len == 0) break; \
|
|
||||||
case 2: l|=((unsigned long)(*((c)++)))<< 8; \
|
|
||||||
} }
|
|
||||||
/* NOTE the pointer is not incremented at the end of this */
|
|
||||||
#define HOST_c2l_p(c,l,n) { \
|
|
||||||
l=0; (c)+=n; \
|
|
||||||
switch (n) { \
|
|
||||||
case 3: l =((unsigned long)(*(--(c))))<< 8; \
|
|
||||||
case 2: l|=((unsigned long)(*(--(c))))<<16; \
|
|
||||||
case 1: l|=((unsigned long)(*(--(c))))<<24; \
|
|
||||||
} }
|
|
||||||
#ifndef HOST_l2c
|
|
||||||
#define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
|
|
||||||
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
|
|
||||||
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
|
|
||||||
*((c)++)=(unsigned char)(((l) )&0xff), \
|
|
||||||
l)
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
|
|
||||||
|
|
||||||
#if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
|
|
||||||
/* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */
|
|
||||||
# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, l)
|
|
||||||
# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, l)
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef HOST_c2l
|
|
||||||
#define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \
|
|
||||||
l|=(((unsigned long)(*((c)++)))<< 8), \
|
|
||||||
l|=(((unsigned long)(*((c)++)))<<16), \
|
|
||||||
l|=(((unsigned long)(*((c)++)))<<24), \
|
|
||||||
l)
|
|
||||||
#endif
|
|
||||||
#define HOST_p_c2l(c,l,n) { \
|
|
||||||
switch (n) { \
|
|
||||||
case 0: l =((unsigned long)(*((c)++))); \
|
|
||||||
case 1: l|=((unsigned long)(*((c)++)))<< 8; \
|
|
||||||
case 2: l|=((unsigned long)(*((c)++)))<<16; \
|
|
||||||
case 3: l|=((unsigned long)(*((c)++)))<<24; \
|
|
||||||
} }
|
|
||||||
#define HOST_p_c2l_p(c,l,sc,len) { \
|
|
||||||
switch (sc) { \
|
|
||||||
case 0: l =((unsigned long)(*((c)++))); \
|
|
||||||
if (--len == 0) break; \
|
|
||||||
case 1: l|=((unsigned long)(*((c)++)))<< 8; \
|
|
||||||
if (--len == 0) break; \
|
|
||||||
case 2: l|=((unsigned long)(*((c)++)))<<16; \
|
|
||||||
} }
|
|
||||||
/* NOTE the pointer is not incremented at the end of this */
|
|
||||||
#define HOST_c2l_p(c,l,n) { \
|
|
||||||
l=0; (c)+=n; \
|
|
||||||
switch (n) { \
|
|
||||||
case 3: l =((unsigned long)(*(--(c))))<<16; \
|
|
||||||
case 2: l|=((unsigned long)(*(--(c))))<< 8; \
|
|
||||||
case 1: l|=((unsigned long)(*(--(c)))); \
|
|
||||||
} }
|
|
||||||
#ifndef HOST_l2c
|
|
||||||
#define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
|
|
||||||
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
|
|
||||||
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
|
|
||||||
*((c)++)=(unsigned char)(((l)>>24)&0xff), \
|
|
||||||
l)
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Time for some action:-)
|
|
||||||
*/
|
|
||||||
|
|
||||||
int HASH_UPDATE (HASH_CTX *c, const void *data_, size_t len)
|
|
||||||
{
|
|
||||||
const unsigned char *data=data_;
|
|
||||||
register HASH_LONG * p;
|
|
||||||
register HASH_LONG l;
|
|
||||||
size_t sw,sc,ew,ec;
|
|
||||||
|
|
||||||
if(FIPS_selftest_failed())
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
if (len==0) return 1;
|
|
||||||
|
|
||||||
l=(c->Nl+(((HASH_LONG)len)<<3))&0xffffffffUL;
|
|
||||||
/* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
|
|
||||||
* Wei Dai <weidai@eskimo.com> for pointing it out. */
|
|
||||||
if (l < c->Nl) /* overflow */
|
|
||||||
c->Nh++;
|
|
||||||
c->Nh+=(len>>29); /* might cause compiler warning on 16-bit */
|
|
||||||
c->Nl=l;
|
|
||||||
|
|
||||||
if (c->num != 0)
|
|
||||||
{
|
|
||||||
p=c->data;
|
|
||||||
sw=c->num>>2;
|
|
||||||
sc=c->num&0x03;
|
|
||||||
|
|
||||||
if ((c->num+len) >= HASH_CBLOCK)
|
|
||||||
{
|
|
||||||
l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l;
|
|
||||||
for (; sw<HASH_LBLOCK; sw++)
|
|
||||||
{
|
|
||||||
HOST_c2l(data,l); p[sw]=l;
|
|
||||||
}
|
|
||||||
HASH_BLOCK_HOST_ORDER (c,p,1);
|
|
||||||
len-=(HASH_CBLOCK-c->num);
|
|
||||||
c->num=0;
|
|
||||||
/* drop through and do the rest */
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
c->num+=(unsigned int)len;
|
|
||||||
if ((sc+len) < 4) /* ugly, add char's to a word */
|
|
||||||
{
|
|
||||||
l=p[sw]; HOST_p_c2l_p(data,l,sc,len); p[sw]=l;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
ew=(c->num>>2);
|
|
||||||
ec=(c->num&0x03);
|
|
||||||
if (sc)
|
|
||||||
l=p[sw];
|
|
||||||
HOST_p_c2l(data,l,sc);
|
|
||||||
p[sw++]=l;
|
|
||||||
for (; sw < ew; sw++)
|
|
||||||
{
|
|
||||||
HOST_c2l(data,l); p[sw]=l;
|
|
||||||
}
|
|
||||||
if (ec)
|
|
||||||
{
|
|
||||||
HOST_c2l_p(data,l,ec); p[sw]=l;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
sw=len/HASH_CBLOCK;
|
|
||||||
if (sw > 0)
|
|
||||||
{
|
|
||||||
#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
|
|
||||||
/*
|
|
||||||
* Note that HASH_BLOCK_DATA_ORDER_ALIGNED gets defined
|
|
||||||
* only if sizeof(HASH_LONG)==4.
|
|
||||||
*/
|
|
||||||
if ((((size_t)data)%4) == 0)
|
|
||||||
{
|
|
||||||
/* data is properly aligned so that we can cast it: */
|
|
||||||
HASH_BLOCK_DATA_ORDER_ALIGNED (c,(const HASH_LONG *)data,sw);
|
|
||||||
sw*=HASH_CBLOCK;
|
|
||||||
data+=sw;
|
|
||||||
len-=sw;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
#if !defined(HASH_BLOCK_DATA_ORDER)
|
|
||||||
while (sw--)
|
|
||||||
{
|
|
||||||
memcpy (p=c->data,data,HASH_CBLOCK);
|
|
||||||
HASH_BLOCK_DATA_ORDER_ALIGNED(c,p,1);
|
|
||||||
data+=HASH_CBLOCK;
|
|
||||||
len-=HASH_CBLOCK;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
||||||
#if defined(HASH_BLOCK_DATA_ORDER)
|
|
||||||
{
|
|
||||||
HASH_BLOCK_DATA_ORDER(c,data,sw);
|
|
||||||
sw*=HASH_CBLOCK;
|
|
||||||
data+=sw;
|
|
||||||
len-=sw;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
|
|
||||||
if (len!=0)
|
|
||||||
{
|
|
||||||
p = c->data;
|
|
||||||
c->num = len;
|
|
||||||
ew=len>>2; /* words to copy */
|
|
||||||
ec=len&0x03;
|
|
||||||
for (; ew; ew--,p++)
|
|
||||||
{
|
|
||||||
HOST_c2l(data,l); *p=l;
|
|
||||||
}
|
|
||||||
HOST_c2l_p(data,l,ec);
|
|
||||||
*p=l;
|
|
||||||
}
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data)
|
|
||||||
{
|
|
||||||
#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
|
|
||||||
if ((((size_t)data)%4) == 0)
|
|
||||||
/* data is properly aligned so that we can cast it: */
|
|
||||||
HASH_BLOCK_DATA_ORDER_ALIGNED (c,(const HASH_LONG *)data,1);
|
|
||||||
else
|
|
||||||
#if !defined(HASH_BLOCK_DATA_ORDER)
|
|
||||||
{
|
|
||||||
memcpy (c->data,data,HASH_CBLOCK);
|
|
||||||
HASH_BLOCK_DATA_ORDER_ALIGNED (c,c->data,1);
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
||||||
#if defined(HASH_BLOCK_DATA_ORDER)
|
|
||||||
HASH_BLOCK_DATA_ORDER (c,data,1);
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
int HASH_FINAL (unsigned char *md, HASH_CTX *c)
|
|
||||||
{
|
|
||||||
register HASH_LONG *p;
|
|
||||||
register unsigned long l;
|
|
||||||
register int i,j;
|
|
||||||
static const unsigned char end[4]={0x80,0x00,0x00,0x00};
|
|
||||||
const unsigned char *cp=end;
|
|
||||||
|
|
||||||
/* c->num should definitly have room for at least one more byte. */
|
|
||||||
p=c->data;
|
|
||||||
i=c->num>>2;
|
|
||||||
j=c->num&0x03;
|
|
||||||
|
|
||||||
#if 0
|
|
||||||
/* purify often complains about the following line as an
|
|
||||||
* Uninitialized Memory Read. While this can be true, the
|
|
||||||
* following p_c2l macro will reset l when that case is true.
|
|
||||||
* This is because j&0x03 contains the number of 'valid' bytes
|
|
||||||
* already in p[i]. If and only if j&0x03 == 0, the UMR will
|
|
||||||
* occur but this is also the only time p_c2l will do
|
|
||||||
* l= *(cp++) instead of l|= *(cp++)
|
|
||||||
* Many thanks to Alex Tang <altitude@cic.net> for pickup this
|
|
||||||
* 'potential bug' */
|
|
||||||
#ifdef PURIFY
|
|
||||||
if (j==0) p[i]=0; /* Yeah, but that's not the way to fix it:-) */
|
|
||||||
#endif
|
|
||||||
l=p[i];
|
|
||||||
#else
|
|
||||||
l = (j==0) ? 0 : p[i];
|
|
||||||
#endif
|
|
||||||
HOST_p_c2l(cp,l,j); p[i++]=l; /* i is the next 'undefined word' */
|
|
||||||
|
|
||||||
if (i>(HASH_LBLOCK-2)) /* save room for Nl and Nh */
|
|
||||||
{
|
|
||||||
if (i<HASH_LBLOCK) p[i]=0;
|
|
||||||
HASH_BLOCK_HOST_ORDER (c,p,1);
|
|
||||||
i=0;
|
|
||||||
}
|
|
||||||
for (; i<(HASH_LBLOCK-2); i++)
|
|
||||||
p[i]=0;
|
|
||||||
|
|
||||||
#if defined(DATA_ORDER_IS_BIG_ENDIAN)
|
|
||||||
p[HASH_LBLOCK-2]=c->Nh;
|
|
||||||
p[HASH_LBLOCK-1]=c->Nl;
|
|
||||||
#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
|
|
||||||
p[HASH_LBLOCK-2]=c->Nl;
|
|
||||||
p[HASH_LBLOCK-1]=c->Nh;
|
|
||||||
#endif
|
|
||||||
HASH_BLOCK_HOST_ORDER (c,p,1);
|
|
||||||
|
|
||||||
#ifndef HASH_MAKE_STRING
|
|
||||||
#error "HASH_MAKE_STRING must be defined!"
|
|
||||||
#else
|
|
||||||
HASH_MAKE_STRING(c,md);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
c->num=0;
|
|
||||||
/* clear stuff, HASH_BLOCK may be leaving some stuff on the stack
|
|
||||||
* but I'm not worried :-)
|
|
||||||
OPENSSL_cleanse((void *)c,sizeof(HASH_CTX));
|
|
||||||
*/
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifndef MD32_REG_T
|
|
||||||
#define MD32_REG_T long
|
|
||||||
/*
|
|
||||||
* This comment was originaly written for MD5, which is why it
|
|
||||||
* discusses A-D. But it basically applies to all 32-bit digests,
|
|
||||||
* which is why it was moved to common header file.
|
|
||||||
*
|
|
||||||
* In case you wonder why A-D are declared as long and not
|
|
||||||
* as MD5_LONG. Doing so results in slight performance
|
|
||||||
* boost on LP64 architectures. The catch is we don't
|
|
||||||
* really care if 32 MSBs of a 64-bit register get polluted
|
|
||||||
* with eventual overflows as we *save* only 32 LSBs in
|
|
||||||
* *either* case. Now declaring 'em long excuses the compiler
|
|
||||||
* from keeping 32 MSBs zeroed resulting in 13% performance
|
|
||||||
* improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
|
|
||||||
* Well, to be honest it should say that this *prevents*
|
|
||||||
* performance degradation.
|
|
||||||
* <appro@fy.chalmers.se>
|
|
||||||
* Apparently there're LP64 compilers that generate better
|
|
||||||
* code if A-D are declared int. Most notably GCC-x86_64
|
|
||||||
* generates better code.
|
|
||||||
* <appro@fy.chalmers.se>
|
|
||||||
*/
|
|
||||||
#endif
|
|
|
@ -1,186 +0,0 @@
|
||||||
/* fips/sha1/fips_sha.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_SHA_H
|
|
||||||
#define HEADER_SHA_H
|
|
||||||
|
|
||||||
#include <openssl/e_os2.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(OPENSSL_NO_SHA) || (defined(OPENSSL_NO_SHA0) && defined(OPENSSL_NO_SHA1))
|
|
||||||
#error SHA is disabled.
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/*
|
|
||||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
|
||||||
* ! SHA_LONG has to be at least 32 bits wide. If it's wider, then !
|
|
||||||
* ! SHA_LONG_LOG2 has to be defined along. !
|
|
||||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
|
||||||
*/
|
|
||||||
|
|
||||||
#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
|
|
||||||
#define SHA_LONG unsigned long
|
|
||||||
#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
|
||||||
#define SHA_LONG unsigned long
|
|
||||||
#define SHA_LONG_LOG2 3
|
|
||||||
#else
|
|
||||||
#define SHA_LONG unsigned int
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#define SHA_LBLOCK 16
|
|
||||||
#define SHA_CBLOCK (SHA_LBLOCK*4) /* SHA treats input data as a
|
|
||||||
* contiguous array of 32 bit
|
|
||||||
* wide big-endian values. */
|
|
||||||
#define SHA_LAST_BLOCK (SHA_CBLOCK-8)
|
|
||||||
#define SHA_DIGEST_LENGTH 20
|
|
||||||
|
|
||||||
typedef struct SHAstate_st
|
|
||||||
{
|
|
||||||
SHA_LONG h0,h1,h2,h3,h4;
|
|
||||||
SHA_LONG Nl,Nh;
|
|
||||||
SHA_LONG data[SHA_LBLOCK];
|
|
||||||
unsigned int num;
|
|
||||||
} SHA_CTX;
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_SHA1
|
|
||||||
int SHA1_Init(SHA_CTX *c);
|
|
||||||
int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
|
|
||||||
int SHA1_Final(unsigned char *md, SHA_CTX *c);
|
|
||||||
unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md);
|
|
||||||
void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#define SHA256_CBLOCK (SHA_LBLOCK*4) /* SHA-256 treats input data as a
|
|
||||||
* contiguous array of 32 bit
|
|
||||||
* wide big-endian values. */
|
|
||||||
#define SHA224_DIGEST_LENGTH 28
|
|
||||||
#define SHA256_DIGEST_LENGTH 32
|
|
||||||
|
|
||||||
typedef struct SHA256state_st
|
|
||||||
{
|
|
||||||
SHA_LONG h[8];
|
|
||||||
SHA_LONG Nl,Nh;
|
|
||||||
SHA_LONG data[SHA_LBLOCK];
|
|
||||||
unsigned int num,md_len;
|
|
||||||
} SHA256_CTX;
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_SHA256
|
|
||||||
int SHA224_Init(SHA256_CTX *c);
|
|
||||||
int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
|
|
||||||
int SHA224_Final(unsigned char *md, SHA256_CTX *c);
|
|
||||||
unsigned char *SHA224(const unsigned char *d, size_t n,unsigned char *md);
|
|
||||||
int SHA256_Init(SHA256_CTX *c);
|
|
||||||
int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
|
|
||||||
int SHA256_Final(unsigned char *md, SHA256_CTX *c);
|
|
||||||
unsigned char *SHA256(const unsigned char *d, size_t n,unsigned char *md);
|
|
||||||
void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#define SHA384_DIGEST_LENGTH 48
|
|
||||||
#define SHA512_DIGEST_LENGTH 64
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64
|
|
||||||
* being exactly 64-bit wide. See Implementation Notes in sha512.c
|
|
||||||
* for further details.
|
|
||||||
*/
|
|
||||||
#define SHA512_CBLOCK (SHA_LBLOCK*8) /* SHA-512 treats input data as a
|
|
||||||
* contiguous array of 64 bit
|
|
||||||
* wide big-endian values. */
|
|
||||||
#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
|
|
||||||
#define SHA_LONG64 unsigned __int64
|
|
||||||
#define U64(C) C##UI64
|
|
||||||
#elif defined(__arch64__)
|
|
||||||
#define SHA_LONG64 unsigned long
|
|
||||||
#define U64(C) C##UL
|
|
||||||
#else
|
|
||||||
#define SHA_LONG64 unsigned long long
|
|
||||||
#define U64(C) C##ULL
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef struct SHA512state_st
|
|
||||||
{
|
|
||||||
SHA_LONG64 h[8];
|
|
||||||
SHA_LONG64 Nl,Nh;
|
|
||||||
union {
|
|
||||||
SHA_LONG64 d[SHA_LBLOCK];
|
|
||||||
unsigned char p[SHA512_CBLOCK];
|
|
||||||
} u;
|
|
||||||
unsigned int num,md_len;
|
|
||||||
} SHA512_CTX;
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_SHA512
|
|
||||||
int SHA384_Init(SHA512_CTX *c);
|
|
||||||
int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
|
|
||||||
int SHA384_Final(unsigned char *md, SHA512_CTX *c);
|
|
||||||
unsigned char *SHA384(const unsigned char *d, size_t n,unsigned char *md);
|
|
||||||
int SHA512_Init(SHA512_CTX *c);
|
|
||||||
int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
|
|
||||||
int SHA512_Final(unsigned char *md, SHA512_CTX *c);
|
|
||||||
unsigned char *SHA512(const unsigned char *d, size_t n,unsigned char *md);
|
|
||||||
void SHA512_Transform(SHA512_CTX *c, const unsigned char *data);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,96 +0,0 @@
|
||||||
/* crypto/sha/sha1dgst.c */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA)
|
|
||||||
|
|
||||||
#undef SHA_0
|
|
||||||
#define SHA_1
|
|
||||||
|
|
||||||
#include <openssl/opensslv.h>
|
|
||||||
#include <openssl/opensslconf.h>
|
|
||||||
#include <openssl/crypto.h>
|
|
||||||
|
|
||||||
#ifdef OPENSSL_FIPS
|
|
||||||
const char SHA1_version[]="SHA1" OPENSSL_VERSION_PTEXT;
|
|
||||||
|
|
||||||
/* The implementation is in fips_md32_common.h */
|
|
||||||
#include "fips_sha_locl.h"
|
|
||||||
|
|
||||||
unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md)
|
|
||||||
{
|
|
||||||
SHA_CTX c;
|
|
||||||
static unsigned char m[SHA_DIGEST_LENGTH];
|
|
||||||
|
|
||||||
OPENSSL_assert(sizeof(unsigned long)<=sizeof(size_t));
|
|
||||||
if (md == NULL) md=m;
|
|
||||||
if (!SHA1_Init(&c))
|
|
||||||
return NULL;
|
|
||||||
SHA1_Update(&c,d,n);
|
|
||||||
SHA1_Final(md,&c);
|
|
||||||
OPENSSL_cleanse(&c,sizeof(c));
|
|
||||||
return(md);
|
|
||||||
}
|
|
||||||
|
|
||||||
#else /* ndef OPENSSL_FIPS */
|
|
||||||
|
|
||||||
static void *dummy=&dummy;
|
|
||||||
|
|
||||||
#endif /* ndef OPENSSL_FIPS */
|
|
||||||
|
|
||||||
#endif
|
|
||||||
|
|
|
@ -1,325 +0,0 @@
|
||||||
/* crypto/sha/sha256.c */
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2004 The OpenSSL Project. All rights reserved
|
|
||||||
* according to the OpenSSL license [found in ../../LICENSE].
|
|
||||||
* ====================================================================
|
|
||||||
*/
|
|
||||||
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
|
|
||||||
|
|
||||||
#include <stdlib.h>
|
|
||||||
#include <string.h>
|
|
||||||
|
|
||||||
#include <openssl/opensslconf.h>
|
|
||||||
#include <openssl/crypto.h>
|
|
||||||
#include <openssl/fips_sha.h>
|
|
||||||
#include <openssl/fips.h>
|
|
||||||
#include <openssl/opensslv.h>
|
|
||||||
|
|
||||||
#ifdef OPENSSL_FIPS
|
|
||||||
|
|
||||||
const char SHA256_version[]="SHA-256" OPENSSL_VERSION_PTEXT;
|
|
||||||
|
|
||||||
int SHA224_Init (SHA256_CTX *c)
|
|
||||||
{
|
|
||||||
c->h[0]=0xc1059ed8UL; c->h[1]=0x367cd507UL;
|
|
||||||
c->h[2]=0x3070dd17UL; c->h[3]=0xf70e5939UL;
|
|
||||||
c->h[4]=0xffc00b31UL; c->h[5]=0x68581511UL;
|
|
||||||
c->h[6]=0x64f98fa7UL; c->h[7]=0xbefa4fa4UL;
|
|
||||||
c->Nl=0; c->Nh=0;
|
|
||||||
c->num=0; c->md_len=SHA224_DIGEST_LENGTH;
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
int SHA256_Init (SHA256_CTX *c)
|
|
||||||
{
|
|
||||||
c->h[0]=0x6a09e667UL; c->h[1]=0xbb67ae85UL;
|
|
||||||
c->h[2]=0x3c6ef372UL; c->h[3]=0xa54ff53aUL;
|
|
||||||
c->h[4]=0x510e527fUL; c->h[5]=0x9b05688cUL;
|
|
||||||
c->h[6]=0x1f83d9abUL; c->h[7]=0x5be0cd19UL;
|
|
||||||
c->Nl=0; c->Nh=0;
|
|
||||||
c->num=0; c->md_len=SHA256_DIGEST_LENGTH;
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md)
|
|
||||||
{
|
|
||||||
SHA256_CTX c;
|
|
||||||
static unsigned char m[SHA224_DIGEST_LENGTH];
|
|
||||||
|
|
||||||
if (md == NULL) md=m;
|
|
||||||
SHA224_Init(&c);
|
|
||||||
SHA256_Update(&c,d,n);
|
|
||||||
SHA256_Final(md,&c);
|
|
||||||
OPENSSL_cleanse(&c,sizeof(c));
|
|
||||||
return(md);
|
|
||||||
}
|
|
||||||
|
|
||||||
unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md)
|
|
||||||
{
|
|
||||||
SHA256_CTX c;
|
|
||||||
static unsigned char m[SHA256_DIGEST_LENGTH];
|
|
||||||
|
|
||||||
if (md == NULL) md=m;
|
|
||||||
SHA256_Init(&c);
|
|
||||||
SHA256_Update(&c,d,n);
|
|
||||||
SHA256_Final(md,&c);
|
|
||||||
OPENSSL_cleanse(&c,sizeof(c));
|
|
||||||
return(md);
|
|
||||||
}
|
|
||||||
|
|
||||||
int SHA224_Update(SHA256_CTX *c, const void *data, size_t len)
|
|
||||||
{ return SHA256_Update (c,data,len); }
|
|
||||||
int SHA224_Final (unsigned char *md, SHA256_CTX *c)
|
|
||||||
{ return SHA256_Final (md,c); }
|
|
||||||
|
|
||||||
#ifndef SHA_LONG_LOG2
|
|
||||||
#define SHA_LONG_LOG2 2 /* default to 32 bits */
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#define DATA_ORDER_IS_BIG_ENDIAN
|
|
||||||
|
|
||||||
#define HASH_LONG SHA_LONG
|
|
||||||
#define HASH_LONG_LOG2 SHA_LONG_LOG2
|
|
||||||
#define HASH_CTX SHA256_CTX
|
|
||||||
#define HASH_CBLOCK SHA_CBLOCK
|
|
||||||
#define HASH_LBLOCK SHA_LBLOCK
|
|
||||||
/*
|
|
||||||
* Note that FIPS180-2 discusses "Truncation of the Hash Function Output."
|
|
||||||
* default: case below covers for it. It's not clear however if it's
|
|
||||||
* permitted to truncate to amount of bytes not divisible by 4. I bet not,
|
|
||||||
* but if it is, then default: case shall be extended. For reference.
|
|
||||||
* Idea behind separate cases for pre-defined lenghts is to let the
|
|
||||||
* compiler decide if it's appropriate to unroll small loops.
|
|
||||||
*/
|
|
||||||
#define HASH_MAKE_STRING(c,s) do { \
|
|
||||||
unsigned long ll; \
|
|
||||||
unsigned int n; \
|
|
||||||
switch ((c)->md_len) \
|
|
||||||
{ case SHA224_DIGEST_LENGTH: \
|
|
||||||
for (n=0;n<SHA224_DIGEST_LENGTH/4;n++) \
|
|
||||||
{ ll=(c)->h[n]; HOST_l2c(ll,(s)); } \
|
|
||||||
break; \
|
|
||||||
case SHA256_DIGEST_LENGTH: \
|
|
||||||
for (n=0;n<SHA256_DIGEST_LENGTH/4;n++) \
|
|
||||||
{ ll=(c)->h[n]; HOST_l2c(ll,(s)); } \
|
|
||||||
break; \
|
|
||||||
default: \
|
|
||||||
if ((c)->md_len > SHA256_DIGEST_LENGTH) \
|
|
||||||
return 0; \
|
|
||||||
for (n=0;n<(c)->md_len/4;n++) \
|
|
||||||
{ ll=(c)->h[n]; HOST_l2c(ll,(s)); } \
|
|
||||||
break; \
|
|
||||||
} \
|
|
||||||
} while (0)
|
|
||||||
|
|
||||||
#define HASH_UPDATE SHA256_Update
|
|
||||||
#define HASH_TRANSFORM SHA256_Transform
|
|
||||||
#define HASH_FINAL SHA256_Final
|
|
||||||
#define HASH_BLOCK_HOST_ORDER sha256_block_host_order
|
|
||||||
#define HASH_BLOCK_DATA_ORDER sha256_block_data_order
|
|
||||||
void sha256_block_host_order (SHA256_CTX *ctx, const void *in, size_t num);
|
|
||||||
void sha256_block_data_order (SHA256_CTX *ctx, const void *in, size_t num);
|
|
||||||
|
|
||||||
#include "fips_md32_common.h"
|
|
||||||
|
|
||||||
#ifdef SHA256_ASM
|
|
||||||
void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host);
|
|
||||||
#else
|
|
||||||
static const SHA_LONG K256[64] = {
|
|
||||||
0x428a2f98UL,0x71374491UL,0xb5c0fbcfUL,0xe9b5dba5UL,
|
|
||||||
0x3956c25bUL,0x59f111f1UL,0x923f82a4UL,0xab1c5ed5UL,
|
|
||||||
0xd807aa98UL,0x12835b01UL,0x243185beUL,0x550c7dc3UL,
|
|
||||||
0x72be5d74UL,0x80deb1feUL,0x9bdc06a7UL,0xc19bf174UL,
|
|
||||||
0xe49b69c1UL,0xefbe4786UL,0x0fc19dc6UL,0x240ca1ccUL,
|
|
||||||
0x2de92c6fUL,0x4a7484aaUL,0x5cb0a9dcUL,0x76f988daUL,
|
|
||||||
0x983e5152UL,0xa831c66dUL,0xb00327c8UL,0xbf597fc7UL,
|
|
||||||
0xc6e00bf3UL,0xd5a79147UL,0x06ca6351UL,0x14292967UL,
|
|
||||||
0x27b70a85UL,0x2e1b2138UL,0x4d2c6dfcUL,0x53380d13UL,
|
|
||||||
0x650a7354UL,0x766a0abbUL,0x81c2c92eUL,0x92722c85UL,
|
|
||||||
0xa2bfe8a1UL,0xa81a664bUL,0xc24b8b70UL,0xc76c51a3UL,
|
|
||||||
0xd192e819UL,0xd6990624UL,0xf40e3585UL,0x106aa070UL,
|
|
||||||
0x19a4c116UL,0x1e376c08UL,0x2748774cUL,0x34b0bcb5UL,
|
|
||||||
0x391c0cb3UL,0x4ed8aa4aUL,0x5b9cca4fUL,0x682e6ff3UL,
|
|
||||||
0x748f82eeUL,0x78a5636fUL,0x84c87814UL,0x8cc70208UL,
|
|
||||||
0x90befffaUL,0xa4506cebUL,0xbef9a3f7UL,0xc67178f2UL };
|
|
||||||
|
|
||||||
/*
|
|
||||||
* FIPS specification refers to right rotations, while our ROTATE macro
|
|
||||||
* is left one. This is why you might notice that rotation coefficients
|
|
||||||
* differ from those observed in FIPS document by 32-N...
|
|
||||||
*/
|
|
||||||
#define Sigma0(x) (ROTATE((x),30) ^ ROTATE((x),19) ^ ROTATE((x),10))
|
|
||||||
#define Sigma1(x) (ROTATE((x),26) ^ ROTATE((x),21) ^ ROTATE((x),7))
|
|
||||||
#define sigma0(x) (ROTATE((x),25) ^ ROTATE((x),14) ^ ((x)>>3))
|
|
||||||
#define sigma1(x) (ROTATE((x),15) ^ ROTATE((x),13) ^ ((x)>>10))
|
|
||||||
|
|
||||||
#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
|
|
||||||
#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
|
|
||||||
|
|
||||||
#ifdef OPENSSL_SMALL_FOOTPRINT
|
|
||||||
|
|
||||||
static void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host)
|
|
||||||
{
|
|
||||||
unsigned MD32_REG_T a,b,c,d,e,f,g,h,s0,s1,T1,T2;
|
|
||||||
SHA_LONG X[16];
|
|
||||||
int i;
|
|
||||||
const unsigned char *data=in;
|
|
||||||
|
|
||||||
while (num--) {
|
|
||||||
|
|
||||||
a = ctx->h[0]; b = ctx->h[1]; c = ctx->h[2]; d = ctx->h[3];
|
|
||||||
e = ctx->h[4]; f = ctx->h[5]; g = ctx->h[6]; h = ctx->h[7];
|
|
||||||
|
|
||||||
if (host)
|
|
||||||
{
|
|
||||||
const SHA_LONG *W=(const SHA_LONG *)data;
|
|
||||||
|
|
||||||
for (i=0;i<16;i++)
|
|
||||||
{
|
|
||||||
T1 = X[i] = W[i];
|
|
||||||
T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];
|
|
||||||
T2 = Sigma0(a) + Maj(a,b,c);
|
|
||||||
h = g; g = f; f = e; e = d + T1;
|
|
||||||
d = c; c = b; b = a; a = T1 + T2;
|
|
||||||
}
|
|
||||||
|
|
||||||
data += SHA256_CBLOCK;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
SHA_LONG l;
|
|
||||||
|
|
||||||
for (i=0;i<16;i++)
|
|
||||||
{
|
|
||||||
HOST_c2l(data,l); T1 = X[i] = l;
|
|
||||||
T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];
|
|
||||||
T2 = Sigma0(a) + Maj(a,b,c);
|
|
||||||
h = g; g = f; f = e; e = d + T1;
|
|
||||||
d = c; c = b; b = a; a = T1 + T2;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
for (;i<64;i++)
|
|
||||||
{
|
|
||||||
s0 = X[(i+1)&0x0f]; s0 = sigma0(s0);
|
|
||||||
s1 = X[(i+14)&0x0f]; s1 = sigma1(s1);
|
|
||||||
|
|
||||||
T1 = X[i&0xf] += s0 + s1 + X[(i+9)&0xf];
|
|
||||||
T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];
|
|
||||||
T2 = Sigma0(a) + Maj(a,b,c);
|
|
||||||
h = g; g = f; f = e; e = d + T1;
|
|
||||||
d = c; c = b; b = a; a = T1 + T2;
|
|
||||||
}
|
|
||||||
|
|
||||||
ctx->h[0] += a; ctx->h[1] += b; ctx->h[2] += c; ctx->h[3] += d;
|
|
||||||
ctx->h[4] += e; ctx->h[5] += f; ctx->h[6] += g; ctx->h[7] += h;
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#else
|
|
||||||
|
|
||||||
#define ROUND_00_15(i,a,b,c,d,e,f,g,h) do { \
|
|
||||||
T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i]; \
|
|
||||||
h = Sigma0(a) + Maj(a,b,c); \
|
|
||||||
d += T1; h += T1; } while (0)
|
|
||||||
|
|
||||||
#define ROUND_16_63(i,a,b,c,d,e,f,g,h,X) do { \
|
|
||||||
s0 = X[(i+1)&0x0f]; s0 = sigma0(s0); \
|
|
||||||
s1 = X[(i+14)&0x0f]; s1 = sigma1(s1); \
|
|
||||||
T1 = X[(i)&0x0f] += s0 + s1 + X[(i+9)&0x0f]; \
|
|
||||||
ROUND_00_15(i,a,b,c,d,e,f,g,h); } while (0)
|
|
||||||
|
|
||||||
static void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host)
|
|
||||||
{
|
|
||||||
unsigned MD32_REG_T a,b,c,d,e,f,g,h,s0,s1,T1;
|
|
||||||
SHA_LONG X[16];
|
|
||||||
int i;
|
|
||||||
const unsigned char *data=in;
|
|
||||||
|
|
||||||
while (num--) {
|
|
||||||
|
|
||||||
a = ctx->h[0]; b = ctx->h[1]; c = ctx->h[2]; d = ctx->h[3];
|
|
||||||
e = ctx->h[4]; f = ctx->h[5]; g = ctx->h[6]; h = ctx->h[7];
|
|
||||||
|
|
||||||
if (host)
|
|
||||||
{
|
|
||||||
const SHA_LONG *W=(const SHA_LONG *)data;
|
|
||||||
|
|
||||||
T1 = X[0] = W[0]; ROUND_00_15(0,a,b,c,d,e,f,g,h);
|
|
||||||
T1 = X[1] = W[1]; ROUND_00_15(1,h,a,b,c,d,e,f,g);
|
|
||||||
T1 = X[2] = W[2]; ROUND_00_15(2,g,h,a,b,c,d,e,f);
|
|
||||||
T1 = X[3] = W[3]; ROUND_00_15(3,f,g,h,a,b,c,d,e);
|
|
||||||
T1 = X[4] = W[4]; ROUND_00_15(4,e,f,g,h,a,b,c,d);
|
|
||||||
T1 = X[5] = W[5]; ROUND_00_15(5,d,e,f,g,h,a,b,c);
|
|
||||||
T1 = X[6] = W[6]; ROUND_00_15(6,c,d,e,f,g,h,a,b);
|
|
||||||
T1 = X[7] = W[7]; ROUND_00_15(7,b,c,d,e,f,g,h,a);
|
|
||||||
T1 = X[8] = W[8]; ROUND_00_15(8,a,b,c,d,e,f,g,h);
|
|
||||||
T1 = X[9] = W[9]; ROUND_00_15(9,h,a,b,c,d,e,f,g);
|
|
||||||
T1 = X[10] = W[10]; ROUND_00_15(10,g,h,a,b,c,d,e,f);
|
|
||||||
T1 = X[11] = W[11]; ROUND_00_15(11,f,g,h,a,b,c,d,e);
|
|
||||||
T1 = X[12] = W[12]; ROUND_00_15(12,e,f,g,h,a,b,c,d);
|
|
||||||
T1 = X[13] = W[13]; ROUND_00_15(13,d,e,f,g,h,a,b,c);
|
|
||||||
T1 = X[14] = W[14]; ROUND_00_15(14,c,d,e,f,g,h,a,b);
|
|
||||||
T1 = X[15] = W[15]; ROUND_00_15(15,b,c,d,e,f,g,h,a);
|
|
||||||
|
|
||||||
data += SHA256_CBLOCK;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
SHA_LONG l;
|
|
||||||
|
|
||||||
HOST_c2l(data,l); T1 = X[0] = l; ROUND_00_15(0,a,b,c,d,e,f,g,h);
|
|
||||||
HOST_c2l(data,l); T1 = X[1] = l; ROUND_00_15(1,h,a,b,c,d,e,f,g);
|
|
||||||
HOST_c2l(data,l); T1 = X[2] = l; ROUND_00_15(2,g,h,a,b,c,d,e,f);
|
|
||||||
HOST_c2l(data,l); T1 = X[3] = l; ROUND_00_15(3,f,g,h,a,b,c,d,e);
|
|
||||||
HOST_c2l(data,l); T1 = X[4] = l; ROUND_00_15(4,e,f,g,h,a,b,c,d);
|
|
||||||
HOST_c2l(data,l); T1 = X[5] = l; ROUND_00_15(5,d,e,f,g,h,a,b,c);
|
|
||||||
HOST_c2l(data,l); T1 = X[6] = l; ROUND_00_15(6,c,d,e,f,g,h,a,b);
|
|
||||||
HOST_c2l(data,l); T1 = X[7] = l; ROUND_00_15(7,b,c,d,e,f,g,h,a);
|
|
||||||
HOST_c2l(data,l); T1 = X[8] = l; ROUND_00_15(8,a,b,c,d,e,f,g,h);
|
|
||||||
HOST_c2l(data,l); T1 = X[9] = l; ROUND_00_15(9,h,a,b,c,d,e,f,g);
|
|
||||||
HOST_c2l(data,l); T1 = X[10] = l; ROUND_00_15(10,g,h,a,b,c,d,e,f);
|
|
||||||
HOST_c2l(data,l); T1 = X[11] = l; ROUND_00_15(11,f,g,h,a,b,c,d,e);
|
|
||||||
HOST_c2l(data,l); T1 = X[12] = l; ROUND_00_15(12,e,f,g,h,a,b,c,d);
|
|
||||||
HOST_c2l(data,l); T1 = X[13] = l; ROUND_00_15(13,d,e,f,g,h,a,b,c);
|
|
||||||
HOST_c2l(data,l); T1 = X[14] = l; ROUND_00_15(14,c,d,e,f,g,h,a,b);
|
|
||||||
HOST_c2l(data,l); T1 = X[15] = l; ROUND_00_15(15,b,c,d,e,f,g,h,a);
|
|
||||||
}
|
|
||||||
|
|
||||||
for (i=16;i<64;i+=8)
|
|
||||||
{
|
|
||||||
ROUND_16_63(i+0,a,b,c,d,e,f,g,h,X);
|
|
||||||
ROUND_16_63(i+1,h,a,b,c,d,e,f,g,X);
|
|
||||||
ROUND_16_63(i+2,g,h,a,b,c,d,e,f,X);
|
|
||||||
ROUND_16_63(i+3,f,g,h,a,b,c,d,e,X);
|
|
||||||
ROUND_16_63(i+4,e,f,g,h,a,b,c,d,X);
|
|
||||||
ROUND_16_63(i+5,d,e,f,g,h,a,b,c,X);
|
|
||||||
ROUND_16_63(i+6,c,d,e,f,g,h,a,b,X);
|
|
||||||
ROUND_16_63(i+7,b,c,d,e,f,g,h,a,X);
|
|
||||||
}
|
|
||||||
|
|
||||||
ctx->h[0] += a; ctx->h[1] += b; ctx->h[2] += c; ctx->h[3] += d;
|
|
||||||
ctx->h[4] += e; ctx->h[5] += f; ctx->h[6] += g; ctx->h[7] += h;
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#endif
|
|
||||||
#endif /* SHA256_ASM */
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Idea is to trade couple of cycles for some space. On IA-32 we save
|
|
||||||
* about 4K in "big footprint" case. In "small footprint" case any gain
|
|
||||||
* is appreciated:-)
|
|
||||||
*/
|
|
||||||
void HASH_BLOCK_HOST_ORDER (SHA256_CTX *ctx, const void *in, size_t num)
|
|
||||||
{ sha256_block (ctx,in,num,1); }
|
|
||||||
|
|
||||||
void HASH_BLOCK_DATA_ORDER (SHA256_CTX *ctx, const void *in, size_t num)
|
|
||||||
{ sha256_block (ctx,in,num,0); }
|
|
||||||
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif /* OPENSSL_NO_SHA256 */
|
|
||||||
|
|
|
@ -1,487 +0,0 @@
|
||||||
/* crypto/sha/sha512.c */
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2004 The OpenSSL Project. All rights reserved
|
|
||||||
* according to the OpenSSL license [found in ../../LICENSE].
|
|
||||||
* ====================================================================
|
|
||||||
*/
|
|
||||||
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512)
|
|
||||||
/*
|
|
||||||
* IMPLEMENTATION NOTES.
|
|
||||||
*
|
|
||||||
* As you might have noticed 32-bit hash algorithms:
|
|
||||||
*
|
|
||||||
* - permit SHA_LONG to be wider than 32-bit (case on CRAY);
|
|
||||||
* - optimized versions implement two transform functions: one operating
|
|
||||||
* on [aligned] data in host byte order and one - on data in input
|
|
||||||
* stream byte order;
|
|
||||||
* - share common byte-order neutral collector and padding function
|
|
||||||
* implementations, ../md32_common.h;
|
|
||||||
*
|
|
||||||
* Neither of the above applies to this SHA-512 implementations. Reasons
|
|
||||||
* [in reverse order] are:
|
|
||||||
*
|
|
||||||
* - it's the only 64-bit hash algorithm for the moment of this writing,
|
|
||||||
* there is no need for common collector/padding implementation [yet];
|
|
||||||
* - by supporting only one transform function [which operates on
|
|
||||||
* *aligned* data in input stream byte order, big-endian in this case]
|
|
||||||
* we minimize burden of maintenance in two ways: a) collector/padding
|
|
||||||
* function is simpler; b) only one transform function to stare at;
|
|
||||||
* - SHA_LONG64 is required to be exactly 64-bit in order to be able to
|
|
||||||
* apply a number of optimizations to mitigate potential performance
|
|
||||||
* penalties caused by previous design decision;
|
|
||||||
*
|
|
||||||
* Caveat lector.
|
|
||||||
*
|
|
||||||
* Implementation relies on the fact that "long long" is 64-bit on
|
|
||||||
* both 32- and 64-bit platforms. If some compiler vendor comes up
|
|
||||||
* with 128-bit long long, adjustment to sha.h would be required.
|
|
||||||
* As this implementation relies on 64-bit integer type, it's totally
|
|
||||||
* inappropriate for platforms which don't support it, most notably
|
|
||||||
* 16-bit platforms.
|
|
||||||
* <appro@fy.chalmers.se>
|
|
||||||
*/
|
|
||||||
#include <stdlib.h>
|
|
||||||
#include <string.h>
|
|
||||||
|
|
||||||
#include <openssl/opensslconf.h>
|
|
||||||
#include <openssl/crypto.h>
|
|
||||||
#include <openssl/fips_sha.h>
|
|
||||||
#include <openssl/fips.h>
|
|
||||||
#include <openssl/opensslv.h>
|
|
||||||
|
|
||||||
#ifdef OPENSSL_FIPS
|
|
||||||
|
|
||||||
const char SHA512_version[]="SHA-512" OPENSSL_VERSION_PTEXT;
|
|
||||||
|
|
||||||
#if defined(_M_IX86) || defined(_M_AMD64) || defined(__i386) || defined(__x86_64)
|
|
||||||
#define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
|
|
||||||
#endif
|
|
||||||
|
|
||||||
int SHA384_Init (SHA512_CTX *c)
|
|
||||||
{
|
|
||||||
c->h[0]=U64(0xcbbb9d5dc1059ed8);
|
|
||||||
c->h[1]=U64(0x629a292a367cd507);
|
|
||||||
c->h[2]=U64(0x9159015a3070dd17);
|
|
||||||
c->h[3]=U64(0x152fecd8f70e5939);
|
|
||||||
c->h[4]=U64(0x67332667ffc00b31);
|
|
||||||
c->h[5]=U64(0x8eb44a8768581511);
|
|
||||||
c->h[6]=U64(0xdb0c2e0d64f98fa7);
|
|
||||||
c->h[7]=U64(0x47b5481dbefa4fa4);
|
|
||||||
c->Nl=0; c->Nh=0;
|
|
||||||
c->num=0; c->md_len=SHA384_DIGEST_LENGTH;
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
int SHA512_Init (SHA512_CTX *c)
|
|
||||||
{
|
|
||||||
c->h[0]=U64(0x6a09e667f3bcc908);
|
|
||||||
c->h[1]=U64(0xbb67ae8584caa73b);
|
|
||||||
c->h[2]=U64(0x3c6ef372fe94f82b);
|
|
||||||
c->h[3]=U64(0xa54ff53a5f1d36f1);
|
|
||||||
c->h[4]=U64(0x510e527fade682d1);
|
|
||||||
c->h[5]=U64(0x9b05688c2b3e6c1f);
|
|
||||||
c->h[6]=U64(0x1f83d9abfb41bd6b);
|
|
||||||
c->h[7]=U64(0x5be0cd19137e2179);
|
|
||||||
c->Nl=0; c->Nh=0;
|
|
||||||
c->num=0; c->md_len=SHA512_DIGEST_LENGTH;
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifndef SHA512_ASM
|
|
||||||
static
|
|
||||||
#endif
|
|
||||||
void sha512_block (SHA512_CTX *ctx, const void *in, size_t num);
|
|
||||||
|
|
||||||
int SHA512_Final (unsigned char *md, SHA512_CTX *c)
|
|
||||||
{
|
|
||||||
unsigned char *p=(unsigned char *)c->u.p;
|
|
||||||
size_t n=c->num;
|
|
||||||
|
|
||||||
p[n]=0x80; /* There always is a room for one */
|
|
||||||
n++;
|
|
||||||
if (n > (sizeof(c->u)-16))
|
|
||||||
memset (p+n,0,sizeof(c->u)-n), n=0,
|
|
||||||
sha512_block (c,p,1);
|
|
||||||
|
|
||||||
memset (p+n,0,sizeof(c->u)-16-n);
|
|
||||||
#ifdef B_ENDIAN
|
|
||||||
c->u.d[SHA_LBLOCK-2] = c->Nh;
|
|
||||||
c->u.d[SHA_LBLOCK-1] = c->Nl;
|
|
||||||
#else
|
|
||||||
p[sizeof(c->u)-1] = (unsigned char)(c->Nl);
|
|
||||||
p[sizeof(c->u)-2] = (unsigned char)(c->Nl>>8);
|
|
||||||
p[sizeof(c->u)-3] = (unsigned char)(c->Nl>>16);
|
|
||||||
p[sizeof(c->u)-4] = (unsigned char)(c->Nl>>24);
|
|
||||||
p[sizeof(c->u)-5] = (unsigned char)(c->Nl>>32);
|
|
||||||
p[sizeof(c->u)-6] = (unsigned char)(c->Nl>>40);
|
|
||||||
p[sizeof(c->u)-7] = (unsigned char)(c->Nl>>48);
|
|
||||||
p[sizeof(c->u)-8] = (unsigned char)(c->Nl>>56);
|
|
||||||
p[sizeof(c->u)-9] = (unsigned char)(c->Nh);
|
|
||||||
p[sizeof(c->u)-10] = (unsigned char)(c->Nh>>8);
|
|
||||||
p[sizeof(c->u)-11] = (unsigned char)(c->Nh>>16);
|
|
||||||
p[sizeof(c->u)-12] = (unsigned char)(c->Nh>>24);
|
|
||||||
p[sizeof(c->u)-13] = (unsigned char)(c->Nh>>32);
|
|
||||||
p[sizeof(c->u)-14] = (unsigned char)(c->Nh>>40);
|
|
||||||
p[sizeof(c->u)-15] = (unsigned char)(c->Nh>>48);
|
|
||||||
p[sizeof(c->u)-16] = (unsigned char)(c->Nh>>56);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
sha512_block (c,p,1);
|
|
||||||
|
|
||||||
if (md==0) return 0;
|
|
||||||
|
|
||||||
switch (c->md_len)
|
|
||||||
{
|
|
||||||
/* Let compiler decide if it's appropriate to unroll... */
|
|
||||||
case SHA384_DIGEST_LENGTH:
|
|
||||||
for (n=0;n<SHA384_DIGEST_LENGTH/8;n++)
|
|
||||||
{
|
|
||||||
SHA_LONG64 t = c->h[n];
|
|
||||||
|
|
||||||
*(md++) = (unsigned char)(t>>56);
|
|
||||||
*(md++) = (unsigned char)(t>>48);
|
|
||||||
*(md++) = (unsigned char)(t>>40);
|
|
||||||
*(md++) = (unsigned char)(t>>32);
|
|
||||||
*(md++) = (unsigned char)(t>>24);
|
|
||||||
*(md++) = (unsigned char)(t>>16);
|
|
||||||
*(md++) = (unsigned char)(t>>8);
|
|
||||||
*(md++) = (unsigned char)(t);
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
case SHA512_DIGEST_LENGTH:
|
|
||||||
for (n=0;n<SHA512_DIGEST_LENGTH/8;n++)
|
|
||||||
{
|
|
||||||
SHA_LONG64 t = c->h[n];
|
|
||||||
|
|
||||||
*(md++) = (unsigned char)(t>>56);
|
|
||||||
*(md++) = (unsigned char)(t>>48);
|
|
||||||
*(md++) = (unsigned char)(t>>40);
|
|
||||||
*(md++) = (unsigned char)(t>>32);
|
|
||||||
*(md++) = (unsigned char)(t>>24);
|
|
||||||
*(md++) = (unsigned char)(t>>16);
|
|
||||||
*(md++) = (unsigned char)(t>>8);
|
|
||||||
*(md++) = (unsigned char)(t);
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
/* ... as well as make sure md_len is not abused. */
|
|
||||||
default: return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
int SHA384_Final (unsigned char *md,SHA512_CTX *c)
|
|
||||||
{ return SHA512_Final (md,c); }
|
|
||||||
|
|
||||||
int SHA512_Update (SHA512_CTX *c, const void *_data, size_t len)
|
|
||||||
{
|
|
||||||
SHA_LONG64 l;
|
|
||||||
unsigned char *p=c->u.p;
|
|
||||||
const unsigned char *data=(const unsigned char *)_data;
|
|
||||||
|
|
||||||
if(FIPS_selftest_failed())
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
if (len==0) return 1;
|
|
||||||
|
|
||||||
l = (c->Nl+(((SHA_LONG64)len)<<3))&U64(0xffffffffffffffff);
|
|
||||||
if (l < c->Nl) c->Nh++;
|
|
||||||
if (sizeof(len)>=8) c->Nh+=(((SHA_LONG64)len)>>61);
|
|
||||||
c->Nl=l;
|
|
||||||
|
|
||||||
if (c->num != 0)
|
|
||||||
{
|
|
||||||
size_t n = sizeof(c->u) - c->num;
|
|
||||||
|
|
||||||
if (len < n)
|
|
||||||
{
|
|
||||||
memcpy (p+c->num,data,len), c->num += len;
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
memcpy (p+c->num,data,n), c->num = 0;
|
|
||||||
len-=n, data+=n;
|
|
||||||
sha512_block (c,p,1);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (len >= sizeof(c->u))
|
|
||||||
{
|
|
||||||
#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
|
|
||||||
if ((size_t)data%sizeof(c->u.d[0]) != 0)
|
|
||||||
while (len >= sizeof(c->u))
|
|
||||||
memcpy (p,data,sizeof(c->u)),
|
|
||||||
sha512_block (c,p,1),
|
|
||||||
len -= sizeof(c->u),
|
|
||||||
data += sizeof(c->u);
|
|
||||||
else
|
|
||||||
#endif
|
|
||||||
sha512_block (c,data,len/sizeof(c->u)),
|
|
||||||
data += len,
|
|
||||||
len %= sizeof(c->u),
|
|
||||||
data -= len;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (len != 0) memcpy (p,data,len), c->num = (int)len;
|
|
||||||
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
int SHA384_Update (SHA512_CTX *c, const void *data, size_t len)
|
|
||||||
{ return SHA512_Update (c,data,len); }
|
|
||||||
|
|
||||||
void SHA512_Transform (SHA512_CTX *c, const unsigned char *data)
|
|
||||||
{ sha512_block (c,data,1); }
|
|
||||||
|
|
||||||
unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md)
|
|
||||||
{
|
|
||||||
SHA512_CTX c;
|
|
||||||
static unsigned char m[SHA384_DIGEST_LENGTH];
|
|
||||||
|
|
||||||
if (md == NULL) md=m;
|
|
||||||
SHA384_Init(&c);
|
|
||||||
SHA512_Update(&c,d,n);
|
|
||||||
SHA512_Final(md,&c);
|
|
||||||
OPENSSL_cleanse(&c,sizeof(c));
|
|
||||||
return(md);
|
|
||||||
}
|
|
||||||
|
|
||||||
unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md)
|
|
||||||
{
|
|
||||||
SHA512_CTX c;
|
|
||||||
static unsigned char m[SHA512_DIGEST_LENGTH];
|
|
||||||
|
|
||||||
if (md == NULL) md=m;
|
|
||||||
SHA512_Init(&c);
|
|
||||||
SHA512_Update(&c,d,n);
|
|
||||||
SHA512_Final(md,&c);
|
|
||||||
OPENSSL_cleanse(&c,sizeof(c));
|
|
||||||
return(md);
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifndef SHA512_ASM
|
|
||||||
static const SHA_LONG64 K512[80] = {
|
|
||||||
U64(0x428a2f98d728ae22),U64(0x7137449123ef65cd),
|
|
||||||
U64(0xb5c0fbcfec4d3b2f),U64(0xe9b5dba58189dbbc),
|
|
||||||
U64(0x3956c25bf348b538),U64(0x59f111f1b605d019),
|
|
||||||
U64(0x923f82a4af194f9b),U64(0xab1c5ed5da6d8118),
|
|
||||||
U64(0xd807aa98a3030242),U64(0x12835b0145706fbe),
|
|
||||||
U64(0x243185be4ee4b28c),U64(0x550c7dc3d5ffb4e2),
|
|
||||||
U64(0x72be5d74f27b896f),U64(0x80deb1fe3b1696b1),
|
|
||||||
U64(0x9bdc06a725c71235),U64(0xc19bf174cf692694),
|
|
||||||
U64(0xe49b69c19ef14ad2),U64(0xefbe4786384f25e3),
|
|
||||||
U64(0x0fc19dc68b8cd5b5),U64(0x240ca1cc77ac9c65),
|
|
||||||
U64(0x2de92c6f592b0275),U64(0x4a7484aa6ea6e483),
|
|
||||||
U64(0x5cb0a9dcbd41fbd4),U64(0x76f988da831153b5),
|
|
||||||
U64(0x983e5152ee66dfab),U64(0xa831c66d2db43210),
|
|
||||||
U64(0xb00327c898fb213f),U64(0xbf597fc7beef0ee4),
|
|
||||||
U64(0xc6e00bf33da88fc2),U64(0xd5a79147930aa725),
|
|
||||||
U64(0x06ca6351e003826f),U64(0x142929670a0e6e70),
|
|
||||||
U64(0x27b70a8546d22ffc),U64(0x2e1b21385c26c926),
|
|
||||||
U64(0x4d2c6dfc5ac42aed),U64(0x53380d139d95b3df),
|
|
||||||
U64(0x650a73548baf63de),U64(0x766a0abb3c77b2a8),
|
|
||||||
U64(0x81c2c92e47edaee6),U64(0x92722c851482353b),
|
|
||||||
U64(0xa2bfe8a14cf10364),U64(0xa81a664bbc423001),
|
|
||||||
U64(0xc24b8b70d0f89791),U64(0xc76c51a30654be30),
|
|
||||||
U64(0xd192e819d6ef5218),U64(0xd69906245565a910),
|
|
||||||
U64(0xf40e35855771202a),U64(0x106aa07032bbd1b8),
|
|
||||||
U64(0x19a4c116b8d2d0c8),U64(0x1e376c085141ab53),
|
|
||||||
U64(0x2748774cdf8eeb99),U64(0x34b0bcb5e19b48a8),
|
|
||||||
U64(0x391c0cb3c5c95a63),U64(0x4ed8aa4ae3418acb),
|
|
||||||
U64(0x5b9cca4f7763e373),U64(0x682e6ff3d6b2b8a3),
|
|
||||||
U64(0x748f82ee5defb2fc),U64(0x78a5636f43172f60),
|
|
||||||
U64(0x84c87814a1f0ab72),U64(0x8cc702081a6439ec),
|
|
||||||
U64(0x90befffa23631e28),U64(0xa4506cebde82bde9),
|
|
||||||
U64(0xbef9a3f7b2c67915),U64(0xc67178f2e372532b),
|
|
||||||
U64(0xca273eceea26619c),U64(0xd186b8c721c0c207),
|
|
||||||
U64(0xeada7dd6cde0eb1e),U64(0xf57d4f7fee6ed178),
|
|
||||||
U64(0x06f067aa72176fba),U64(0x0a637dc5a2c898a6),
|
|
||||||
U64(0x113f9804bef90dae),U64(0x1b710b35131c471b),
|
|
||||||
U64(0x28db77f523047d84),U64(0x32caab7b40c72493),
|
|
||||||
U64(0x3c9ebe0a15c9bebc),U64(0x431d67c49c100d4c),
|
|
||||||
U64(0x4cc5d4becb3e42b6),U64(0x597f299cfc657e2a),
|
|
||||||
U64(0x5fcb6fab3ad6faec),U64(0x6c44198c4a475817) };
|
|
||||||
|
|
||||||
#ifndef PEDANTIC
|
|
||||||
# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
|
|
||||||
# if defined(__x86_64) || defined(__x86_64__)
|
|
||||||
# define PULL64(x) ({ SHA_LONG64 ret=*((const SHA_LONG64 *)(&(x))); \
|
|
||||||
asm ("bswapq %0" \
|
|
||||||
: "=r"(ret) \
|
|
||||||
: "0"(ret)); ret; })
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef PULL64
|
|
||||||
#define B(x,j) (((SHA_LONG64)(*(((const unsigned char *)(&x))+j)))<<((7-j)*8))
|
|
||||||
#define PULL64(x) (B(x,0)|B(x,1)|B(x,2)|B(x,3)|B(x,4)|B(x,5)|B(x,6)|B(x,7))
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef PEDANTIC
|
|
||||||
# if defined(_MSC_VER)
|
|
||||||
# if defined(_WIN64) /* applies to both IA-64 and AMD64 */
|
|
||||||
# define ROTR(a,n) _rotr64((a),n)
|
|
||||||
# endif
|
|
||||||
# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
|
|
||||||
# if defined(__x86_64) || defined(__x86_64__)
|
|
||||||
# define ROTR(a,n) ({ unsigned long ret; \
|
|
||||||
asm ("rorq %1,%0" \
|
|
||||||
: "=r"(ret) \
|
|
||||||
: "J"(n),"0"(a) \
|
|
||||||
: "cc"); ret; })
|
|
||||||
# elif defined(_ARCH_PPC) && defined(__64BIT__)
|
|
||||||
# define ROTR(a,n) ({ unsigned long ret; \
|
|
||||||
asm ("rotrdi %0,%1,%2" \
|
|
||||||
: "=r"(ret) \
|
|
||||||
: "r"(a),"K"(n)); ret; })
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef ROTR
|
|
||||||
#define ROTR(x,s) (((x)>>s) | (x)<<(64-s))
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#define Sigma0(x) (ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39))
|
|
||||||
#define Sigma1(x) (ROTR((x),14) ^ ROTR((x),18) ^ ROTR((x),41))
|
|
||||||
#define sigma0(x) (ROTR((x),1) ^ ROTR((x),8) ^ ((x)>>7))
|
|
||||||
#define sigma1(x) (ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6))
|
|
||||||
|
|
||||||
#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
|
|
||||||
#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
|
|
||||||
|
|
||||||
#ifdef OPENSSL_SMALL_FOOTPRINT
|
|
||||||
|
|
||||||
static void sha512_block (SHA512_CTX *ctx, const void *in, size_t num)
|
|
||||||
{
|
|
||||||
const SHA_LONG64 *W=in;
|
|
||||||
SHA_LONG64 a,b,c,d,e,f,g,h,s0,s1,T1,T2;
|
|
||||||
SHA_LONG64 X[16];
|
|
||||||
int i;
|
|
||||||
|
|
||||||
while (num--) {
|
|
||||||
|
|
||||||
a = ctx->h[0]; b = ctx->h[1]; c = ctx->h[2]; d = ctx->h[3];
|
|
||||||
e = ctx->h[4]; f = ctx->h[5]; g = ctx->h[6]; h = ctx->h[7];
|
|
||||||
|
|
||||||
for (i=0;i<16;i++)
|
|
||||||
{
|
|
||||||
#ifdef B_ENDIAN
|
|
||||||
T1 = X[i] = W[i];
|
|
||||||
#else
|
|
||||||
T1 = X[i] = PULL64(W[i]);
|
|
||||||
#endif
|
|
||||||
T1 += h + Sigma1(e) + Ch(e,f,g) + K512[i];
|
|
||||||
T2 = Sigma0(a) + Maj(a,b,c);
|
|
||||||
h = g; g = f; f = e; e = d + T1;
|
|
||||||
d = c; c = b; b = a; a = T1 + T2;
|
|
||||||
}
|
|
||||||
|
|
||||||
for (;i<80;i++)
|
|
||||||
{
|
|
||||||
s0 = X[(i+1)&0x0f]; s0 = sigma0(s0);
|
|
||||||
s1 = X[(i+14)&0x0f]; s1 = sigma1(s1);
|
|
||||||
|
|
||||||
T1 = X[i&0xf] += s0 + s1 + X[(i+9)&0xf];
|
|
||||||
T1 += h + Sigma1(e) + Ch(e,f,g) + K512[i];
|
|
||||||
T2 = Sigma0(a) + Maj(a,b,c);
|
|
||||||
h = g; g = f; f = e; e = d + T1;
|
|
||||||
d = c; c = b; b = a; a = T1 + T2;
|
|
||||||
}
|
|
||||||
|
|
||||||
ctx->h[0] += a; ctx->h[1] += b; ctx->h[2] += c; ctx->h[3] += d;
|
|
||||||
ctx->h[4] += e; ctx->h[5] += f; ctx->h[6] += g; ctx->h[7] += h;
|
|
||||||
|
|
||||||
W+=SHA_LBLOCK;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#else
|
|
||||||
|
|
||||||
#define ROUND_00_15(i,a,b,c,d,e,f,g,h) do { \
|
|
||||||
T1 += h + Sigma1(e) + Ch(e,f,g) + K512[i]; \
|
|
||||||
h = Sigma0(a) + Maj(a,b,c); \
|
|
||||||
d += T1; h += T1; } while (0)
|
|
||||||
|
|
||||||
#define ROUND_16_80(i,a,b,c,d,e,f,g,h,X) do { \
|
|
||||||
s0 = X[(i+1)&0x0f]; s0 = sigma0(s0); \
|
|
||||||
s1 = X[(i+14)&0x0f]; s1 = sigma1(s1); \
|
|
||||||
T1 = X[(i)&0x0f] += s0 + s1 + X[(i+9)&0x0f]; \
|
|
||||||
ROUND_00_15(i,a,b,c,d,e,f,g,h); } while (0)
|
|
||||||
|
|
||||||
static void sha512_block (SHA512_CTX *ctx, const void *in, size_t num)
|
|
||||||
{
|
|
||||||
const SHA_LONG64 *W=in;
|
|
||||||
SHA_LONG64 a,b,c,d,e,f,g,h,s0,s1,T1;
|
|
||||||
SHA_LONG64 X[16];
|
|
||||||
int i;
|
|
||||||
|
|
||||||
while (num--) {
|
|
||||||
|
|
||||||
a = ctx->h[0]; b = ctx->h[1]; c = ctx->h[2]; d = ctx->h[3];
|
|
||||||
e = ctx->h[4]; f = ctx->h[5]; g = ctx->h[6]; h = ctx->h[7];
|
|
||||||
|
|
||||||
#ifdef B_ENDIAN
|
|
||||||
T1 = X[0] = W[0]; ROUND_00_15(0,a,b,c,d,e,f,g,h);
|
|
||||||
T1 = X[1] = W[1]; ROUND_00_15(1,h,a,b,c,d,e,f,g);
|
|
||||||
T1 = X[2] = W[2]; ROUND_00_15(2,g,h,a,b,c,d,e,f);
|
|
||||||
T1 = X[3] = W[3]; ROUND_00_15(3,f,g,h,a,b,c,d,e);
|
|
||||||
T1 = X[4] = W[4]; ROUND_00_15(4,e,f,g,h,a,b,c,d);
|
|
||||||
T1 = X[5] = W[5]; ROUND_00_15(5,d,e,f,g,h,a,b,c);
|
|
||||||
T1 = X[6] = W[6]; ROUND_00_15(6,c,d,e,f,g,h,a,b);
|
|
||||||
T1 = X[7] = W[7]; ROUND_00_15(7,b,c,d,e,f,g,h,a);
|
|
||||||
T1 = X[8] = W[8]; ROUND_00_15(8,a,b,c,d,e,f,g,h);
|
|
||||||
T1 = X[9] = W[9]; ROUND_00_15(9,h,a,b,c,d,e,f,g);
|
|
||||||
T1 = X[10] = W[10]; ROUND_00_15(10,g,h,a,b,c,d,e,f);
|
|
||||||
T1 = X[11] = W[11]; ROUND_00_15(11,f,g,h,a,b,c,d,e);
|
|
||||||
T1 = X[12] = W[12]; ROUND_00_15(12,e,f,g,h,a,b,c,d);
|
|
||||||
T1 = X[13] = W[13]; ROUND_00_15(13,d,e,f,g,h,a,b,c);
|
|
||||||
T1 = X[14] = W[14]; ROUND_00_15(14,c,d,e,f,g,h,a,b);
|
|
||||||
T1 = X[15] = W[15]; ROUND_00_15(15,b,c,d,e,f,g,h,a);
|
|
||||||
#else
|
|
||||||
T1 = X[0] = PULL64(W[0]); ROUND_00_15(0,a,b,c,d,e,f,g,h);
|
|
||||||
T1 = X[1] = PULL64(W[1]); ROUND_00_15(1,h,a,b,c,d,e,f,g);
|
|
||||||
T1 = X[2] = PULL64(W[2]); ROUND_00_15(2,g,h,a,b,c,d,e,f);
|
|
||||||
T1 = X[3] = PULL64(W[3]); ROUND_00_15(3,f,g,h,a,b,c,d,e);
|
|
||||||
T1 = X[4] = PULL64(W[4]); ROUND_00_15(4,e,f,g,h,a,b,c,d);
|
|
||||||
T1 = X[5] = PULL64(W[5]); ROUND_00_15(5,d,e,f,g,h,a,b,c);
|
|
||||||
T1 = X[6] = PULL64(W[6]); ROUND_00_15(6,c,d,e,f,g,h,a,b);
|
|
||||||
T1 = X[7] = PULL64(W[7]); ROUND_00_15(7,b,c,d,e,f,g,h,a);
|
|
||||||
T1 = X[8] = PULL64(W[8]); ROUND_00_15(8,a,b,c,d,e,f,g,h);
|
|
||||||
T1 = X[9] = PULL64(W[9]); ROUND_00_15(9,h,a,b,c,d,e,f,g);
|
|
||||||
T1 = X[10] = PULL64(W[10]); ROUND_00_15(10,g,h,a,b,c,d,e,f);
|
|
||||||
T1 = X[11] = PULL64(W[11]); ROUND_00_15(11,f,g,h,a,b,c,d,e);
|
|
||||||
T1 = X[12] = PULL64(W[12]); ROUND_00_15(12,e,f,g,h,a,b,c,d);
|
|
||||||
T1 = X[13] = PULL64(W[13]); ROUND_00_15(13,d,e,f,g,h,a,b,c);
|
|
||||||
T1 = X[14] = PULL64(W[14]); ROUND_00_15(14,c,d,e,f,g,h,a,b);
|
|
||||||
T1 = X[15] = PULL64(W[15]); ROUND_00_15(15,b,c,d,e,f,g,h,a);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
for (i=16;i<80;i+=8)
|
|
||||||
{
|
|
||||||
ROUND_16_80(i+0,a,b,c,d,e,f,g,h,X);
|
|
||||||
ROUND_16_80(i+1,h,a,b,c,d,e,f,g,X);
|
|
||||||
ROUND_16_80(i+2,g,h,a,b,c,d,e,f,X);
|
|
||||||
ROUND_16_80(i+3,f,g,h,a,b,c,d,e,X);
|
|
||||||
ROUND_16_80(i+4,e,f,g,h,a,b,c,d,X);
|
|
||||||
ROUND_16_80(i+5,d,e,f,g,h,a,b,c,X);
|
|
||||||
ROUND_16_80(i+6,c,d,e,f,g,h,a,b,X);
|
|
||||||
ROUND_16_80(i+7,b,c,d,e,f,g,h,a,X);
|
|
||||||
}
|
|
||||||
|
|
||||||
ctx->h[0] += a; ctx->h[1] += b; ctx->h[2] += c; ctx->h[3] += d;
|
|
||||||
ctx->h[4] += e; ctx->h[5] += f; ctx->h[6] += g; ctx->h[7] += h;
|
|
||||||
|
|
||||||
W+=SHA_LBLOCK;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif /* SHA512_ASM */
|
|
||||||
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif /* OPENSSL_NO_SHA512 */
|
|
||||||
|
|
|
@ -1,482 +0,0 @@
|
||||||
/* crypto/sha/sha_locl.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#include <stdlib.h>
|
|
||||||
#include <string.h>
|
|
||||||
|
|
||||||
#include <openssl/opensslconf.h>
|
|
||||||
#include <openssl/fips_sha.h>
|
|
||||||
#include <openssl/fips.h>
|
|
||||||
|
|
||||||
#ifndef SHA_LONG_LOG2
|
|
||||||
#define SHA_LONG_LOG2 2 /* default to 32 bits */
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#define DATA_ORDER_IS_BIG_ENDIAN
|
|
||||||
|
|
||||||
#define HASH_LONG SHA_LONG
|
|
||||||
#define HASH_LONG_LOG2 SHA_LONG_LOG2
|
|
||||||
#define HASH_CTX SHA_CTX
|
|
||||||
#define HASH_CBLOCK SHA_CBLOCK
|
|
||||||
#define HASH_LBLOCK SHA_LBLOCK
|
|
||||||
#define HASH_MAKE_STRING(c,s) do { \
|
|
||||||
unsigned long ll; \
|
|
||||||
ll=(c)->h0; HOST_l2c(ll,(s)); \
|
|
||||||
ll=(c)->h1; HOST_l2c(ll,(s)); \
|
|
||||||
ll=(c)->h2; HOST_l2c(ll,(s)); \
|
|
||||||
ll=(c)->h3; HOST_l2c(ll,(s)); \
|
|
||||||
ll=(c)->h4; HOST_l2c(ll,(s)); \
|
|
||||||
} while (0)
|
|
||||||
|
|
||||||
#if defined(SHA_0)
|
|
||||||
|
|
||||||
# define HASH_UPDATE SHA_Update
|
|
||||||
# define HASH_TRANSFORM SHA_Transform
|
|
||||||
# define HASH_FINAL SHA_Final
|
|
||||||
# define HASH_INIT SHA_Init
|
|
||||||
# define HASH_BLOCK_HOST_ORDER sha_block_host_order
|
|
||||||
# define HASH_BLOCK_DATA_ORDER sha_block_data_order
|
|
||||||
# define Xupdate(a,ix,ia,ib,ic,id) (ix=(a)=(ia^ib^ic^id))
|
|
||||||
|
|
||||||
void sha_block_host_order (SHA_CTX *c, const void *p,size_t num);
|
|
||||||
void sha_block_data_order (SHA_CTX *c, const void *p,size_t num);
|
|
||||||
|
|
||||||
#elif defined(SHA_1)
|
|
||||||
|
|
||||||
# define HASH_UPDATE SHA1_Update
|
|
||||||
# define HASH_TRANSFORM SHA1_Transform
|
|
||||||
# define HASH_FINAL SHA1_Final
|
|
||||||
# define HASH_INIT SHA1_Init
|
|
||||||
# define HASH_BLOCK_HOST_ORDER sha1_block_host_order
|
|
||||||
# define HASH_BLOCK_DATA_ORDER sha1_block_data_order
|
|
||||||
# if defined(__MWERKS__) && defined(__MC68K__)
|
|
||||||
/* Metrowerks for Motorola fails otherwise:-( <appro@fy.chalmers.se> */
|
|
||||||
# define Xupdate(a,ix,ia,ib,ic,id) do { (a)=(ia^ib^ic^id); \
|
|
||||||
ix=(a)=ROTATE((a),1); \
|
|
||||||
} while (0)
|
|
||||||
# else
|
|
||||||
# define Xupdate(a,ix,ia,ib,ic,id) ( (a)=(ia^ib^ic^id), \
|
|
||||||
ix=(a)=ROTATE((a),1) \
|
|
||||||
)
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifdef SHA1_ASM
|
|
||||||
# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
|
|
||||||
# define sha1_block_host_order sha1_block_asm_host_order
|
|
||||||
# define DONT_IMPLEMENT_BLOCK_HOST_ORDER
|
|
||||||
# define sha1_block_data_order sha1_block_asm_data_order
|
|
||||||
# define DONT_IMPLEMENT_BLOCK_DATA_ORDER
|
|
||||||
# define HASH_BLOCK_DATA_ORDER_ALIGNED sha1_block_asm_data_order
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
void sha1_block_host_order (SHA_CTX *c, const void *p,size_t num);
|
|
||||||
void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num);
|
|
||||||
|
|
||||||
#else
|
|
||||||
# error "Either SHA_0 or SHA_1 must be defined."
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#include "fips_md32_common.h"
|
|
||||||
|
|
||||||
#define INIT_DATA_h0 0x67452301UL
|
|
||||||
#define INIT_DATA_h1 0xefcdab89UL
|
|
||||||
#define INIT_DATA_h2 0x98badcfeUL
|
|
||||||
#define INIT_DATA_h3 0x10325476UL
|
|
||||||
#define INIT_DATA_h4 0xc3d2e1f0UL
|
|
||||||
|
|
||||||
int HASH_INIT (SHA_CTX *c)
|
|
||||||
{
|
|
||||||
/* This assert denotes binary compatibility in 0.9.7 context
|
|
||||||
and commonly optimized away by compiler. */
|
|
||||||
OPENSSL_assert(sizeof(unsigned long)<=sizeof(size_t));
|
|
||||||
c->h0=INIT_DATA_h0;
|
|
||||||
c->h1=INIT_DATA_h1;
|
|
||||||
c->h2=INIT_DATA_h2;
|
|
||||||
c->h3=INIT_DATA_h3;
|
|
||||||
c->h4=INIT_DATA_h4;
|
|
||||||
c->Nl=0;
|
|
||||||
c->Nh=0;
|
|
||||||
c->num=0;
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
#define K_00_19 0x5a827999UL
|
|
||||||
#define K_20_39 0x6ed9eba1UL
|
|
||||||
#define K_40_59 0x8f1bbcdcUL
|
|
||||||
#define K_60_79 0xca62c1d6UL
|
|
||||||
|
|
||||||
/* As pointed out by Wei Dai <weidai@eskimo.com>, F() below can be
|
|
||||||
* simplified to the code in F_00_19. Wei attributes these optimisations
|
|
||||||
* to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
|
|
||||||
* #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
|
|
||||||
* I've just become aware of another tweak to be made, again from Wei Dai,
|
|
||||||
* in F_40_59, (x&a)|(y&a) -> (x|y)&a
|
|
||||||
*/
|
|
||||||
#define F_00_19(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
|
|
||||||
#define F_20_39(b,c,d) ((b) ^ (c) ^ (d))
|
|
||||||
#define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d)))
|
|
||||||
#define F_60_79(b,c,d) F_20_39(b,c,d)
|
|
||||||
|
|
||||||
#define BODY_00_15(i,a,b,c,d,e,f,xi) \
|
|
||||||
(f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
|
|
||||||
(b)=ROTATE((b),30);
|
|
||||||
|
|
||||||
#define BODY_16_19(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
|
|
||||||
Xupdate(f,xi,xa,xb,xc,xd); \
|
|
||||||
(f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
|
|
||||||
(b)=ROTATE((b),30);
|
|
||||||
|
|
||||||
#define BODY_20_31(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
|
|
||||||
Xupdate(f,xi,xa,xb,xc,xd); \
|
|
||||||
(f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
|
|
||||||
(b)=ROTATE((b),30);
|
|
||||||
|
|
||||||
#define BODY_32_39(i,a,b,c,d,e,f,xa,xb,xc,xd) \
|
|
||||||
Xupdate(f,xa,xa,xb,xc,xd); \
|
|
||||||
(f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
|
|
||||||
(b)=ROTATE((b),30);
|
|
||||||
|
|
||||||
#define BODY_40_59(i,a,b,c,d,e,f,xa,xb,xc,xd) \
|
|
||||||
Xupdate(f,xa,xa,xb,xc,xd); \
|
|
||||||
(f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
|
|
||||||
(b)=ROTATE((b),30);
|
|
||||||
|
|
||||||
#define BODY_60_79(i,a,b,c,d,e,f,xa,xb,xc,xd) \
|
|
||||||
Xupdate(f,xa,xa,xb,xc,xd); \
|
|
||||||
(f)=xa+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
|
|
||||||
(b)=ROTATE((b),30);
|
|
||||||
|
|
||||||
#ifdef X
|
|
||||||
#undef X
|
|
||||||
#endif
|
|
||||||
#ifndef MD32_XARRAY
|
|
||||||
/*
|
|
||||||
* Originally X was an array. As it's automatic it's natural
|
|
||||||
* to expect RISC compiler to accomodate at least part of it in
|
|
||||||
* the register bank, isn't it? Unfortunately not all compilers
|
|
||||||
* "find" this expectation reasonable:-( On order to make such
|
|
||||||
* compilers generate better code I replace X[] with a bunch of
|
|
||||||
* X0, X1, etc. See the function body below...
|
|
||||||
* <appro@fy.chalmers.se>
|
|
||||||
*/
|
|
||||||
# define X(i) XX##i
|
|
||||||
#else
|
|
||||||
/*
|
|
||||||
* However! Some compilers (most notably HP C) get overwhelmed by
|
|
||||||
* that many local variables so that we have to have the way to
|
|
||||||
* fall down to the original behavior.
|
|
||||||
*/
|
|
||||||
# define X(i) XX[i]
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef DONT_IMPLEMENT_BLOCK_HOST_ORDER
|
|
||||||
void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, size_t num)
|
|
||||||
{
|
|
||||||
const SHA_LONG *W=d;
|
|
||||||
register unsigned MD32_REG_T A,B,C,D,E,T;
|
|
||||||
#ifndef MD32_XARRAY
|
|
||||||
unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
|
|
||||||
XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
|
|
||||||
#else
|
|
||||||
SHA_LONG XX[16];
|
|
||||||
#endif
|
|
||||||
|
|
||||||
if(FIPS_selftest_failed())
|
|
||||||
return;
|
|
||||||
|
|
||||||
A=c->h0;
|
|
||||||
B=c->h1;
|
|
||||||
C=c->h2;
|
|
||||||
D=c->h3;
|
|
||||||
E=c->h4;
|
|
||||||
|
|
||||||
for (;;)
|
|
||||||
{
|
|
||||||
BODY_00_15( 0,A,B,C,D,E,T,W[ 0]);
|
|
||||||
BODY_00_15( 1,T,A,B,C,D,E,W[ 1]);
|
|
||||||
BODY_00_15( 2,E,T,A,B,C,D,W[ 2]);
|
|
||||||
BODY_00_15( 3,D,E,T,A,B,C,W[ 3]);
|
|
||||||
BODY_00_15( 4,C,D,E,T,A,B,W[ 4]);
|
|
||||||
BODY_00_15( 5,B,C,D,E,T,A,W[ 5]);
|
|
||||||
BODY_00_15( 6,A,B,C,D,E,T,W[ 6]);
|
|
||||||
BODY_00_15( 7,T,A,B,C,D,E,W[ 7]);
|
|
||||||
BODY_00_15( 8,E,T,A,B,C,D,W[ 8]);
|
|
||||||
BODY_00_15( 9,D,E,T,A,B,C,W[ 9]);
|
|
||||||
BODY_00_15(10,C,D,E,T,A,B,W[10]);
|
|
||||||
BODY_00_15(11,B,C,D,E,T,A,W[11]);
|
|
||||||
BODY_00_15(12,A,B,C,D,E,T,W[12]);
|
|
||||||
BODY_00_15(13,T,A,B,C,D,E,W[13]);
|
|
||||||
BODY_00_15(14,E,T,A,B,C,D,W[14]);
|
|
||||||
BODY_00_15(15,D,E,T,A,B,C,W[15]);
|
|
||||||
|
|
||||||
BODY_16_19(16,C,D,E,T,A,B,X( 0),W[ 0],W[ 2],W[ 8],W[13]);
|
|
||||||
BODY_16_19(17,B,C,D,E,T,A,X( 1),W[ 1],W[ 3],W[ 9],W[14]);
|
|
||||||
BODY_16_19(18,A,B,C,D,E,T,X( 2),W[ 2],W[ 4],W[10],W[15]);
|
|
||||||
BODY_16_19(19,T,A,B,C,D,E,X( 3),W[ 3],W[ 5],W[11],X( 0));
|
|
||||||
|
|
||||||
BODY_20_31(20,E,T,A,B,C,D,X( 4),W[ 4],W[ 6],W[12],X( 1));
|
|
||||||
BODY_20_31(21,D,E,T,A,B,C,X( 5),W[ 5],W[ 7],W[13],X( 2));
|
|
||||||
BODY_20_31(22,C,D,E,T,A,B,X( 6),W[ 6],W[ 8],W[14],X( 3));
|
|
||||||
BODY_20_31(23,B,C,D,E,T,A,X( 7),W[ 7],W[ 9],W[15],X( 4));
|
|
||||||
BODY_20_31(24,A,B,C,D,E,T,X( 8),W[ 8],W[10],X( 0),X( 5));
|
|
||||||
BODY_20_31(25,T,A,B,C,D,E,X( 9),W[ 9],W[11],X( 1),X( 6));
|
|
||||||
BODY_20_31(26,E,T,A,B,C,D,X(10),W[10],W[12],X( 2),X( 7));
|
|
||||||
BODY_20_31(27,D,E,T,A,B,C,X(11),W[11],W[13],X( 3),X( 8));
|
|
||||||
BODY_20_31(28,C,D,E,T,A,B,X(12),W[12],W[14],X( 4),X( 9));
|
|
||||||
BODY_20_31(29,B,C,D,E,T,A,X(13),W[13],W[15],X( 5),X(10));
|
|
||||||
BODY_20_31(30,A,B,C,D,E,T,X(14),W[14],X( 0),X( 6),X(11));
|
|
||||||
BODY_20_31(31,T,A,B,C,D,E,X(15),W[15],X( 1),X( 7),X(12));
|
|
||||||
|
|
||||||
BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
|
|
||||||
BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
|
|
||||||
BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
|
|
||||||
BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
|
|
||||||
BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
|
|
||||||
BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
|
|
||||||
BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
|
|
||||||
BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
|
|
||||||
|
|
||||||
BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
|
|
||||||
BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
|
|
||||||
BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
|
|
||||||
BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
|
|
||||||
BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
|
|
||||||
BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
|
|
||||||
BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
|
|
||||||
BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
|
|
||||||
BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
|
|
||||||
BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
|
|
||||||
BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
|
|
||||||
BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
|
|
||||||
BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
|
|
||||||
BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
|
|
||||||
BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
|
|
||||||
BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
|
|
||||||
BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
|
|
||||||
BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
|
|
||||||
BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
|
|
||||||
BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
|
|
||||||
|
|
||||||
BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
|
|
||||||
BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
|
|
||||||
BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
|
|
||||||
BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
|
|
||||||
BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
|
|
||||||
BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
|
|
||||||
BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
|
|
||||||
BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
|
|
||||||
BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
|
|
||||||
BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
|
|
||||||
BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
|
|
||||||
BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
|
|
||||||
BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
|
|
||||||
BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
|
|
||||||
BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
|
|
||||||
BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
|
|
||||||
BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
|
|
||||||
BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
|
|
||||||
BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
|
|
||||||
BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
|
|
||||||
|
|
||||||
c->h0=(c->h0+E)&0xffffffffL;
|
|
||||||
c->h1=(c->h1+T)&0xffffffffL;
|
|
||||||
c->h2=(c->h2+A)&0xffffffffL;
|
|
||||||
c->h3=(c->h3+B)&0xffffffffL;
|
|
||||||
c->h4=(c->h4+C)&0xffffffffL;
|
|
||||||
|
|
||||||
if (--num == 0) break;
|
|
||||||
|
|
||||||
A=c->h0;
|
|
||||||
B=c->h1;
|
|
||||||
C=c->h2;
|
|
||||||
D=c->h3;
|
|
||||||
E=c->h4;
|
|
||||||
|
|
||||||
W+=SHA_LBLOCK;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef DONT_IMPLEMENT_BLOCK_DATA_ORDER
|
|
||||||
void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
|
|
||||||
{
|
|
||||||
const unsigned char *data=p;
|
|
||||||
register unsigned MD32_REG_T A,B,C,D,E,T,l;
|
|
||||||
#ifndef MD32_XARRAY
|
|
||||||
unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
|
|
||||||
XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
|
|
||||||
#else
|
|
||||||
SHA_LONG XX[16];
|
|
||||||
#endif
|
|
||||||
|
|
||||||
if(FIPS_selftest_failed())
|
|
||||||
return;
|
|
||||||
|
|
||||||
A=c->h0;
|
|
||||||
B=c->h1;
|
|
||||||
C=c->h2;
|
|
||||||
D=c->h3;
|
|
||||||
E=c->h4;
|
|
||||||
|
|
||||||
for (;;)
|
|
||||||
{
|
|
||||||
|
|
||||||
HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
|
|
||||||
BODY_00_15( 0,A,B,C,D,E,T,X( 0)); HOST_c2l(data,l); X( 2)=l;
|
|
||||||
BODY_00_15( 1,T,A,B,C,D,E,X( 1)); HOST_c2l(data,l); X( 3)=l;
|
|
||||||
BODY_00_15( 2,E,T,A,B,C,D,X( 2)); HOST_c2l(data,l); X( 4)=l;
|
|
||||||
BODY_00_15( 3,D,E,T,A,B,C,X( 3)); HOST_c2l(data,l); X( 5)=l;
|
|
||||||
BODY_00_15( 4,C,D,E,T,A,B,X( 4)); HOST_c2l(data,l); X( 6)=l;
|
|
||||||
BODY_00_15( 5,B,C,D,E,T,A,X( 5)); HOST_c2l(data,l); X( 7)=l;
|
|
||||||
BODY_00_15( 6,A,B,C,D,E,T,X( 6)); HOST_c2l(data,l); X( 8)=l;
|
|
||||||
BODY_00_15( 7,T,A,B,C,D,E,X( 7)); HOST_c2l(data,l); X( 9)=l;
|
|
||||||
BODY_00_15( 8,E,T,A,B,C,D,X( 8)); HOST_c2l(data,l); X(10)=l;
|
|
||||||
BODY_00_15( 9,D,E,T,A,B,C,X( 9)); HOST_c2l(data,l); X(11)=l;
|
|
||||||
BODY_00_15(10,C,D,E,T,A,B,X(10)); HOST_c2l(data,l); X(12)=l;
|
|
||||||
BODY_00_15(11,B,C,D,E,T,A,X(11)); HOST_c2l(data,l); X(13)=l;
|
|
||||||
BODY_00_15(12,A,B,C,D,E,T,X(12)); HOST_c2l(data,l); X(14)=l;
|
|
||||||
BODY_00_15(13,T,A,B,C,D,E,X(13)); HOST_c2l(data,l); X(15)=l;
|
|
||||||
BODY_00_15(14,E,T,A,B,C,D,X(14));
|
|
||||||
BODY_00_15(15,D,E,T,A,B,C,X(15));
|
|
||||||
|
|
||||||
BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13));
|
|
||||||
BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14));
|
|
||||||
BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15));
|
|
||||||
BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0));
|
|
||||||
|
|
||||||
BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1));
|
|
||||||
BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2));
|
|
||||||
BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3));
|
|
||||||
BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4));
|
|
||||||
BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5));
|
|
||||||
BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6));
|
|
||||||
BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7));
|
|
||||||
BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8));
|
|
||||||
BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9));
|
|
||||||
BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10));
|
|
||||||
BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11));
|
|
||||||
BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12));
|
|
||||||
|
|
||||||
BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
|
|
||||||
BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
|
|
||||||
BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
|
|
||||||
BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
|
|
||||||
BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
|
|
||||||
BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
|
|
||||||
BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
|
|
||||||
BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
|
|
||||||
|
|
||||||
BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
|
|
||||||
BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
|
|
||||||
BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
|
|
||||||
BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
|
|
||||||
BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
|
|
||||||
BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
|
|
||||||
BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
|
|
||||||
BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
|
|
||||||
BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
|
|
||||||
BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
|
|
||||||
BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
|
|
||||||
BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
|
|
||||||
BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
|
|
||||||
BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
|
|
||||||
BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
|
|
||||||
BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
|
|
||||||
BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
|
|
||||||
BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
|
|
||||||
BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
|
|
||||||
BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
|
|
||||||
|
|
||||||
BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
|
|
||||||
BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
|
|
||||||
BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
|
|
||||||
BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
|
|
||||||
BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
|
|
||||||
BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
|
|
||||||
BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
|
|
||||||
BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
|
|
||||||
BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
|
|
||||||
BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
|
|
||||||
BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
|
|
||||||
BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
|
|
||||||
BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
|
|
||||||
BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
|
|
||||||
BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
|
|
||||||
BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
|
|
||||||
BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
|
|
||||||
BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
|
|
||||||
BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
|
|
||||||
BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
|
|
||||||
|
|
||||||
c->h0=(c->h0+E)&0xffffffffL;
|
|
||||||
c->h1=(c->h1+T)&0xffffffffL;
|
|
||||||
c->h2=(c->h2+A)&0xffffffffL;
|
|
||||||
c->h3=(c->h3+B)&0xffffffffL;
|
|
||||||
c->h4=(c->h4+C)&0xffffffffL;
|
|
||||||
|
|
||||||
if (--num == 0) break;
|
|
||||||
|
|
||||||
A=c->h0;
|
|
||||||
B=c->h1;
|
|
||||||
C=c->h2;
|
|
||||||
D=c->h3;
|
|
||||||
E=c->h4;
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
|
||||||
#endif
|
|
|
@ -51,7 +51,7 @@
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <openssl/opensslconf.h>
|
#include <openssl/opensslconf.h>
|
||||||
#include <openssl/fips_sha.h>
|
#include <openssl/sha.h>
|
||||||
#include <openssl/hmac.h>
|
#include <openssl/hmac.h>
|
||||||
|
|
||||||
int FIPS_selftest_failed() { return 0; }
|
int FIPS_selftest_failed() { return 0; }
|
||||||
|
|
|
@ -671,12 +671,11 @@ fips_dssvs.o: ../include/openssl/bio.h ../include/openssl/bn.h
|
||||||
fips_dssvs.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
|
fips_dssvs.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
|
||||||
fips_dssvs.o: ../include/openssl/e_os2.h ../include/openssl/err.h
|
fips_dssvs.o: ../include/openssl/e_os2.h ../include/openssl/err.h
|
||||||
fips_dssvs.o: ../include/openssl/evp.h ../include/openssl/fips.h
|
fips_dssvs.o: ../include/openssl/evp.h ../include/openssl/fips.h
|
||||||
fips_dssvs.o: ../include/openssl/fips_sha.h ../include/openssl/lhash.h
|
fips_dssvs.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
|
||||||
fips_dssvs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
|
fips_dssvs.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
|
||||||
fips_dssvs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
|
fips_dssvs.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
|
||||||
fips_dssvs.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
|
fips_dssvs.o: ../include/openssl/safestack.h ../include/openssl/stack.h
|
||||||
fips_dssvs.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
|
fips_dssvs.o: ../include/openssl/symhacks.h fips_dssvs.c
|
||||||
fips_dssvs.o: fips_dssvs.c
|
|
||||||
fips_hmactest.o: ../fips-1.0/fips_utl.h ../include/openssl/asn1.h
|
fips_hmactest.o: ../fips-1.0/fips_utl.h ../include/openssl/asn1.h
|
||||||
fips_hmactest.o: ../include/openssl/bio.h ../include/openssl/buffer.h
|
fips_hmactest.o: ../include/openssl/bio.h ../include/openssl/buffer.h
|
||||||
fips_hmactest.o: ../include/openssl/conf.h ../include/openssl/crypto.h
|
fips_hmactest.o: ../include/openssl/conf.h ../include/openssl/crypto.h
|
||||||
|
@ -785,9 +784,9 @@ fips_test_suite.o: ../include/openssl/bn.h ../include/openssl/crypto.h
|
||||||
fips_test_suite.o: ../include/openssl/des.h ../include/openssl/des_old.h
|
fips_test_suite.o: ../include/openssl/des.h ../include/openssl/des_old.h
|
||||||
fips_test_suite.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
|
fips_test_suite.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
|
||||||
fips_test_suite.o: ../include/openssl/err.h ../include/openssl/evp.h
|
fips_test_suite.o: ../include/openssl/err.h ../include/openssl/evp.h
|
||||||
fips_test_suite.o: ../include/openssl/fips.h ../include/openssl/fips_sha.h
|
fips_test_suite.o: ../include/openssl/fips.h ../include/openssl/hmac.h
|
||||||
fips_test_suite.o: ../include/openssl/hmac.h ../include/openssl/lhash.h
|
fips_test_suite.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
|
||||||
fips_test_suite.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
|
fips_test_suite.o: ../include/openssl/objects.h
|
||||||
fips_test_suite.o: ../include/openssl/opensslconf.h
|
fips_test_suite.o: ../include/openssl/opensslconf.h
|
||||||
fips_test_suite.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
|
fips_test_suite.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
|
||||||
fips_test_suite.o: ../include/openssl/rand.h ../include/openssl/rsa.h
|
fips_test_suite.o: ../include/openssl/rand.h ../include/openssl/rsa.h
|
||||||
|
|
|
@ -291,7 +291,7 @@ $crypto.=" crypto/krb5/krb5_asn.h";
|
||||||
$crypto.=" crypto/tmdiff.h";
|
$crypto.=" crypto/tmdiff.h";
|
||||||
$crypto.=" crypto/store/store.h";
|
$crypto.=" crypto/store/store.h";
|
||||||
$crypto.=" crypto/pqueue/pqueue.h";
|
$crypto.=" crypto/pqueue/pqueue.h";
|
||||||
$crypto.=" fips-1.0/fips.h fips-1.0/rand/fips_rand.h fips-1.0/sha/fips_sha.h";
|
$crypto.=" fips-1.0/fips.h fips-1.0/rand/fips_rand.h";
|
||||||
|
|
||||||
my $symhacks="crypto/symhacks.h";
|
my $symhacks="crypto/symhacks.h";
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue