void
g_eli_crypto_hmac_init(struct hmac_ctx *ctx, const uint8_t *hkey,
size_t hkeylen)
{
u_char k_ipad[128], key[128];
SHA512_CTX lctx;
u_int i;
bzero(key, sizeof(key));
if (hkeylen == 0)
; /* do nothing */
else if (hkeylen <= 128)
bcopy(hkey, key, hkeylen);
else {
/* If key is longer than 128 bytes reset it to key = SHA512(key). */
SHA512_Init(&lctx);
SHA512_Update(&lctx, hkey, hkeylen);
SHA512_Final(key, &lctx);
}
/* XOR key with ipad and opad values. */
for (i = 0; i < sizeof(key); i++) {
k_ipad[i] = key[i] ^ 0x36;
ctx->k_opad[i] = key[i] ^ 0x5c;
}
bzero(key, sizeof(key));
/* Perform inner SHA512. */
SHA512_Init(&ctx->shactx);
SHA512_Update(&ctx->shactx, k_ipad, sizeof(k_ipad));
bzero(k_ipad, sizeof(k_ipad));
}
static int crypt_all(int *pcount, struct db_salt *salt)
{
int count = *pcount;
int i;
#ifdef _OPENMP
#ifdef PRECOMPUTE_CTX_FOR_SALT
#pragma omp parallel for default(none) private(i) shared(ctx_salt, count, saved_key, saved_key_length, crypt_out)
#else
#pragma omp parallel for default(none) private(i) shared(saved_salt, count, saved_key, saved_key_length, crypt_out)
#endif
#endif
for (i = 0; i < count; i++) {
SHA512_CTX ctx;
#ifdef PRECOMPUTE_CTX_FOR_SALT
memcpy(&ctx, &ctx_salt, sizeof(ctx));
#else
SHA512_Init(&ctx);
SHA512_Update(&ctx, &saved_salt, SALT_SIZE);
#endif
SHA512_Update(&ctx, saved_key[i], saved_key_length[i]);
SHA512_Final((unsigned char *)(crypt_out[i]), &ctx);
}
return count;
}
void
ed25519_sign(const unsigned char *m, size_t mlen, const ed25519_secret_key sk, const ed25519_public_key pk, ed25519_signature RS) {
SHA512_CTX shactx;
bignum256modm r, S, a;
ge25519 MM16 R;
hash_512bits extsk, hashr, hram;
ed25519_extsk(extsk, sk);
/* r = H(aExt[32..64], m) */
SHA512_Init(&shactx);
SHA512_Update(&shactx, extsk + 32, 32);
SHA512_Update(&shactx, m, mlen);
SHA512_Final(hashr, &shactx);
expand256_modm(r, hashr, 64);
/* R = rB */
ge25519_scalarmult_base_niels(&R, r);
ge25519_pack(RS, &R);
/* S = H(R,A,m).. */
ed25519_hram(hram, RS, pk, m, mlen);
expand256_modm(S, hram, 64);
/* S = H(R,A,m)a */
expand256_modm(a, extsk, 32);
mul256_modm(S, S, a);
/* S = (r + H(R,A,m)a) */
add256_modm(S, S, r);
/* S = (r + H(R,A,m)a) mod L */
contract256_modm(RS + 32, S);
}
int crypto_sign_verify(const unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *public_key) {
unsigned char h[64];
unsigned char checker[32];
SHA512_CTX hash;
ge_p3 A;
ge_p2 R;
if (signature[63] & 224) {
return -1;
}
if (ge_frombytes_negate_vartime(&A, public_key) != 0) {
return -2;
}
SHA512_Init(&hash);
SHA512_Update(&hash, signature, 32);
SHA512_Update(&hash, public_key, 32);
SHA512_Update(&hash, message, message_len);
SHA512_Final(h, &hash);
sc_reduce(h);
ge_double_scalarmult_vartime(&R, h, &A, signature + 32);
ge_tobytes(checker, &R);
if (!(crypto_verify_32(checker, signature) == 0)) {
return -3;
}
return 0;
}
int HMAC_SHA512_Init(HMAC_SHA512_CTX *pctx, const void *pkey, size_t len)
{
unsigned char key[128];
if (len <= 128)
{
memcpy(key, pkey, len);
memset(key + len, 0, 128-len);
}
else
{
SHA512_CTX ctxKey;
SHA512_Init(&ctxKey);
SHA512_Update(&ctxKey, pkey, len);
SHA512_Final(key, &ctxKey);
memset(key + 64, 0, 64);
}
for (int n=0; n<128; n++)
key[n] ^= 0x5c;
SHA512_Init(&pctx->ctxOuter);
SHA512_Update(&pctx->ctxOuter, key, 128);
for (int n=0; n<128; n++)
key[n] ^= 0x5c ^ 0x36;
SHA512_Init(&pctx->ctxInner);
return SHA512_Update(&pctx->ctxInner, key, 128);
}
DWORD WINAPI threadfunc(LPVOID param) {
#else
void * threadfunc(void* param) {
#endif
unsigned int incamt = *((unsigned int*)param);
SHA512_CTX sha;
unsigned char buf[HASH_SIZE + sizeof(uint64_t)] = { 0 };
unsigned char output[HASH_SIZE] = { 0 };
memcpy(buf + sizeof(uint64_t), initialHash, HASH_SIZE);
unsigned long long tmpnonce = incamt;
unsigned long long * nonce = (unsigned long long *)buf;
unsigned long long * hash = (unsigned long long *)output;
while (successval == 0) {
tmpnonce += numthreads;
(*nonce) = ntohll(tmpnonce); /* increment nonce */
SHA512_Init(&sha);
SHA512_Update(&sha, buf, HASH_SIZE + sizeof(uint64_t));
SHA512_Final(output, &sha);
SHA512_Init(&sha);
SHA512_Update(&sha, output, HASH_SIZE);
SHA512_Final(output, &sha);
if (ntohll(*hash) < max_val) {
successval = tmpnonce;
}
}
#ifdef _WIN32
return 0;
#else
return NULL;
#endif
}
int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, const BIGNUM *priv,
const uint8_t *message, size_t message_len,
BN_CTX *ctx) {
/* We copy |priv| into a local buffer to avoid furthur exposing its
* length. */
uint8_t private_bytes[96];
size_t todo = sizeof(priv->d[0]) * priv->top;
if (todo > sizeof(private_bytes)) {
/* No reasonable DSA or ECDSA key should have a private key
* this large and we don't handle this case in order to avoid
* leaking the length of the private key. */
OPENSSL_PUT_ERROR(BN, BN_R_PRIVATE_KEY_TOO_LARGE);
return 0;
}
OPENSSL_memcpy(private_bytes, priv->d, todo);
OPENSSL_memset(private_bytes + todo, 0, sizeof(private_bytes) - todo);
/* Pass a SHA512 hash of the private key and message as additional data into
* the RBG. This is a hardening measure against entropy failure. */
OPENSSL_COMPILE_ASSERT(SHA512_DIGEST_LENGTH >= 32,
additional_data_is_too_large_for_sha512);
SHA512_CTX sha;
uint8_t digest[SHA512_DIGEST_LENGTH];
SHA512_Init(&sha);
SHA512_Update(&sha, private_bytes, sizeof(private_bytes));
SHA512_Update(&sha, message, message_len);
SHA512_Final(digest, &sha);
/* Select a value k from [1, range-1], following FIPS 186-4 appendix B.5.2. */
return bn_rand_range_with_additional_data(out, 1, range, digest);
}
void
ntb_address_from_network_keys(struct ntb_address *address,
uint8_t version,
uint8_t stream,
const uint8_t *public_signing_key,
const uint8_t *public_encryption_key)
{
SHA512_CTX sha_ctx;
uint8_t sha_hash[SHA512_DIGEST_LENGTH];
uint8_t key_prefix = 0x04;
address->version = version;
address->stream = stream;
/* The keys from the network commands don't include the 0x04
* prefix so we have to separately add it in */
SHA512_Init(&sha_ctx);
SHA512_Update(&sha_ctx, &key_prefix, 1);
SHA512_Update(&sha_ctx,
public_signing_key,
NTB_ECC_PUBLIC_KEY_SIZE - 1);
SHA512_Update(&sha_ctx, &key_prefix, 1);
SHA512_Update(&sha_ctx,
public_encryption_key,
NTB_ECC_PUBLIC_KEY_SIZE - 1);
SHA512_Final(sha_hash, &sha_ctx);
RIPEMD160(sha_hash, SHA512_DIGEST_LENGTH, address->ripe);
}
void
ntb_address_get_tag(const struct ntb_address *address,
uint8_t *tag,
uint8_t *tag_private_key)
{
struct ntb_buffer buffer;
uint8_t hash1[SHA512_DIGEST_LENGTH];
uint8_t hash2[SHA512_DIGEST_LENGTH];
SHA512_CTX sha_ctx;
ntb_buffer_init(&buffer);
ntb_proto_add_var_int(&buffer, address->version);
ntb_proto_add_var_int(&buffer, address->stream);
SHA512_Init(&sha_ctx);
SHA512_Update(&sha_ctx, buffer.data, buffer.length);
ntb_buffer_destroy(&buffer);
SHA512_Update(&sha_ctx, address->ripe, RIPEMD160_DIGEST_LENGTH);
SHA512_Final(hash1, &sha_ctx);
SHA512_Init(&sha_ctx);
SHA512_Update(&sha_ctx, hash1, SHA512_DIGEST_LENGTH);
SHA512_Final(hash2, &sha_ctx);
if (tag) {
memcpy(tag,
hash2 + NTB_ECC_PRIVATE_KEY_SIZE,
NTB_ADDRESS_TAG_SIZE);
}
if (tag_private_key) {
memcpy(tag_private_key, hash2, NTB_ECC_PRIVATE_KEY_SIZE);
}
}
static int cmp_exact(char *source, int index)
{
SHA512_CTX ctx;
uint64_t crypt_out[8];
int i;
uint64_t *b,*c;
SHA512_Init(&ctx);
SHA512_Update(&ctx, gsalt.v, SALT_SIZE);
if (gkey[index].length > PLAINTEXT_LENGTH) {
SHA512_Update(&ctx, gkey[index].v, PLAINTEXT_LENGTH);
SHA512_Update(&ctx, g_ext_key[index],
gkey[index].length - PLAINTEXT_LENGTH);
} else
SHA512_Update(&ctx, gkey[index].v, gkey[index].length);
SHA512_Final((unsigned char *) (crypt_out), &ctx);
b = (uint64_t *) get_binary(source);
c = (uint64_t *) crypt_out;
for (i = 0; i < 8; i++) {
uint64_t t = SWAP64(c[i]) - H[i];
c[i] = SWAP64(t);
}
for (i = 0; i < FULL_BINARY_SIZE / 8; i++) { //examin 512bits
if (b[i] != c[i])
return 0;
}
return 1;
}
/**
* Given a curve25519 keypair in <b>inp</b>, generate a corresponding
* ed25519 keypair in <b>out</b>, and set <b>signbit_out</b> to the
* sign bit of the X coordinate of the ed25519 key.
*
* NOTE THAT IT IS PROBABLY NOT SAFE TO USE THE GENERATED KEY FOR ANYTHING
* OUTSIDE OF WHAT'S PRESENTED IN PROPOSAL 228. In particular, it's probably
* not a great idea to use it to sign attacker-supplied anything.
*/
int
ed25519_keypair_from_curve25519_keypair(ed25519_keypair_t *out,
int *signbit_out,
const curve25519_keypair_t *inp)
{
const char string[] = "Derive high part of ed25519 key from curve25519 key";
ed25519_public_key_t pubkey_check;
SHA512_CTX ctx;
uint8_t sha512_output[64];
memcpy(out->seckey.seckey, inp->seckey.secret_key, 32);
SHA512_Init(&ctx);
SHA512_Update(&ctx, out->seckey.seckey, 32);
SHA512_Update(&ctx, string, sizeof(string));
SHA512_Final(sha512_output, &ctx);
memcpy(out->seckey.seckey + 32, sha512_output, 32);
ed25519_public_key_generate(&out->pubkey, &out->seckey);
*signbit_out = out->pubkey.pubkey[31] >> 7;
ed25519_public_key_from_curve25519_public_key(&pubkey_check, &inp->pubkey,
*signbit_out);
tor_assert(fast_memeq(pubkey_check.pubkey, out->pubkey.pubkey, 32));
memwipe(&pubkey_check, 0, sizeof(pubkey_check));
memwipe(&ctx, 0, sizeof(ctx));
memwipe(sha512_output, 0, sizeof(sha512_output));
return 0;
}
static int hash_ssha512(
const struct berval *scheme,
const struct berval *passwd,
struct berval *hash,
const char **text )
{
SHA512_CTX ct;
unsigned char hash512[SHA512_DIGEST_LENGTH];
char saltdata[SHA2_SALT_SIZE];
struct berval digest;
struct berval salt;
digest.bv_val = (char *) hash512;
digest.bv_len = sizeof(hash512);
salt.bv_val = saltdata;
salt.bv_len = sizeof(saltdata);
if (lutil_entropy((unsigned char *)salt.bv_val, salt.bv_len) < 0) {
return LUTIL_PASSWD_ERR;
}
SHA512_Init(&ct);
SHA512_Update(&ct, (const uint8_t*)passwd->bv_val, passwd->bv_len);
SHA512_Update(&ct, (const uint8_t*)salt.bv_val, salt.bv_len);
SHA512_Final(hash512, &ct);
return lutil_passwd_string64(scheme, &digest, hash, &salt);
}
bool protoshares_revalidateCollision(blockHeader_t* block, uint8_t* midHash, uint32_t indexA, uint32_t indexB, uint64_t birthdayB, CBlockProvider* bp, unsigned int thread_id)
{
//if( indexA > MAX_MOMENTUM_NONCE )
// printf("indexA out of range\n");
//if( indexB > MAX_MOMENTUM_NONCE )
// printf("indexB out of range\n");
//if( indexA == indexB )
// printf("indexA == indexB");
uint8_t tempHash[32+4];
uint64_t resultHash[8];
memcpy(tempHash+4, midHash, 32);
uint64_t birthdayA;
if (shamode == AVXSSE4 || shamode == AVX2) {
// get birthday A
*(uint32_t*)tempHash = indexA&~7;
//AVX/SSE
SHA512_Context c512_avxsse;
SHA512_Init(&c512_avxsse);
SHA512_Update(&c512_avxsse, tempHash, 32+4);
SHA512_Final(&c512_avxsse, (unsigned char*)resultHash);
birthdayA = resultHash[ptrdiff_t(indexA&7)] >> (64ULL-SEARCH_SPACE_BITS);
if (!birthdayB) {
*(uint32_t*)tempHash = indexB&~7;
SHA512_Init(&c512_avxsse);
SHA512_Update(&c512_avxsse, tempHash, 32+4);
SHA512_Final(&c512_avxsse, (unsigned char*)resultHash);
birthdayB = resultHash[ptrdiff_t(indexB&7)] >> (64ULL-SEARCH_SPACE_BITS);
}
// MS SQL 2012
char *msql2k12 (char *pwd, char *salt)
{
static char sql2k12[SHA512_DIGEST_LENGTH*2+32];
SHA512_CTX ctx;
uint8_t out[SHA512_DIGEST_LENGTH];
uint8_t sbin[4];
size_t salt_len, pwd_len;
int i, idx;
wchar_t wcs_pwd[128];
idx=init_entry (sql2k12, salt, 2);
// convert to unicode
pwd_len=mbstowcs (wcs_pwd, pwd, 128);
// get salt
salt_len=hex2bin (sbin, salt);
SHA512_Init (&ctx);
SHA512_Update (&ctx, wcs_pwd, pwd_len*2);
SHA512_Update (&ctx, sbin, salt_len);
SHA512_Final (out, &ctx);
idx+=SALT_LEN;
for (i=0; i<SHA512_DIGEST_LENGTH; i++) {
_snprintf (&sql2k12[(idx+i)*2], 2, "%02X", out[i]);
}
return sql2k12;
}
static void
ed25519_hram(hash_512bits hram, const ed25519_signature RS, const ed25519_public_key pk, const unsigned char *m, size_t mlen) {
SHA512_CTX shactx;
SHA512_Init(&shactx);
SHA512_Update(&shactx, RS, 32);
SHA512_Update(&shactx, pk, 32);
SHA512_Update(&shactx, m, mlen);
SHA512_Final(hram, &shactx);
}
static mrb_value
sha512_file(mrb_state *mrb, mrb_value self)
{
#ifdef ENABLE_FILE_DIGEST
SHA512_CTX *ctx = (SHA512_CTX*)DATA_PTR(self);
char *filename;
char block[SHA512_BLOCK_LENGTH];
size_t len;
FILE *fp;
mrb_get_args(mrb, "z", &filename);
if((fp = fopen(filename, "rb")) == NULL) {
mrb_raisef(mrb, E_RUNTIME_ERROR, "cannot open: %S", mrb_str_new_cstr(mrb, filename));
}
while((len = fread(block, 1, SHA512_BLOCK_LENGTH, fp)) > 0) {
SHA512_Update(ctx, (const u_int8_t *)block, len);
}
fclose(fp);
#else
mrb_raise(mrb, E_NOTIMP_ERROR, "Digest::SHA512#file not implemented");
#endif
return self;
}
/**
* Return the 512-bit message digest into the user's array
*/
void SHA512_Final(uint8_t *digest, SHA512_CTX *ctx)
{
int i;
size_t paddingSize;
uint64_t totalSize;
// Length of the original message (before padding)
totalSize = ctx->totalSize * 8;
// Pad the message so that its length is congruent to 112 modulo 128
paddingSize = (ctx->size < 112) ? (112 - ctx->size) :
(128 + 112 - ctx->size);
// Append padding
SHA512_Update(ctx, padding, paddingSize);
// Append the length of the original message
ctx->w_buf.w[14] = 0;
ctx->w_buf.w[15] = be64toh(totalSize);
// Calculate the message digest
SHA512_Process(ctx);
// Convert from host byte order to big-endian byte order
for (i = 0; i < 8; i++)
ctx->h_dig.h[i] = be64toh(ctx->h_dig.h[i]);
// Copy the resulting digest
if (digest != NULL)
memcpy(digest, ctx->h_dig.digest, SHA512_SIZE);
}
static void
sha512_hash_update(void *ctx, const void *data, size_t len)
{
SHA512_CTX *hash_ctx = ctx;
SHA512_Update(hash_ctx, data, len);
}
//
// funcGenSHA512 - Returns the SHA512 hex hash of the plaintext passed to it.
//
// Inputs: (pchar) pcPlain - the plain text char arrary to be hashed - can't be a constant due to SHA512_Update constructor not being a const.
// (returned pchar) pcHexFull - the hex hash of the plain text.
//
// Returns: Nothing.
//
void funcGenSHA512(char* pcPlain, char* pcHexFull)
{
const size_t sztPlain = strlen(pcPlain);
SHA512_CTX ctxSHA512;
// char array to hold the digest
unsigned char ucDigest[giDigestLen];
// generate the digest
SHA512_Init(&ctxSHA512);
SHA512_Update(&ctxSHA512, pcPlain, sztPlain);
SHA512_Final(ucDigest, &ctxSHA512);
int iI;
char* pcHexInternal;
unsigned char* pucDigest;
pucDigest = ucDigest;
pcHexFull[0] = '\0';
for (iI = 0, pcHexInternal = pcHexFull; iI < giDigestLen; iI++)
{
*pcHexInternal++ = gcMapHex[(*pucDigest >> 4) & 0x0f];
*pcHexInternal++ = gcMapHex[(*pucDigest++ ) & 0x0f];
}
*pcHexInternal = '\0';
}
static void
hash_block(unsigned char *buf, size_t buf_len,
char hash[SHA512_DIGEST_STRING_LENGTH])
{
unsigned char digest[SHA512_DIGEST_LENGTH];
SHA512_CTX hash_ctx;
int i;
SHA512_Init(&hash_ctx);
SHA512_Update(&hash_ctx, buf, buf_len);
SHA512_Final(digest, &hash_ctx);
for (i = 0; i < SHA512_DIGEST_LENGTH; ++i) {
unsigned char c;
c = digest[i] / 16;
if (c < 10)
hash[2 * i] = '0' + c;
else
hash[2 * i] = 'a' - 10 + c;
c = digest[i] % 16;
if (c < 10)
hash[2 * i + 1] = '0' + c;
else
hash[2 * i + 1] = 'a' - 10 + c;
}
hash[2 * i] = '\0';
}
// Get raw keyref - used to make keyname and to pass to ioctl
static std::string generate_key_ref(const char* key, int length)
{
SHA512_CTX c;
SHA512_Init(&c);
SHA512_Update(&c, key, length);
unsigned char key_ref1[SHA512_LENGTH];
SHA512_Final(key_ref1, &c);
SHA512_Init(&c);
SHA512_Update(&c, key_ref1, SHA512_LENGTH);
unsigned char key_ref2[SHA512_LENGTH];
SHA512_Final(key_ref2, &c);
return std::string((char*)key_ref2, EXT4_KEY_DESCRIPTOR_SIZE);
}
int HMAC_SHA512_Final(unsigned char *pmd, HMAC_SHA512_CTX *pctx)
{
unsigned char buf[64];
SHA512_Final(buf, &pctx->ctxInner);
SHA512_Update(&pctx->ctxOuter, buf, 64);
return SHA512_Final(pmd, &pctx->ctxOuter);
}
static void
hmac_sha512_update(hmac_sha512_ctx *ctx, const char *msg,
unsigned int msg_len)
{
SHA512_Update(&ctx->ctx_inside, (unsigned char *)msg, msg_len);
return;
}
/*! \brief Compute SHA512 checksum */
void compute_sha512(char *dst, u_int8_t *src, int src_len)
{
SHA512_CTX ctx512;
SHA512_Init(&ctx512);
SHA512_Update(&ctx512, src, src_len);
SHA512_End(&ctx512, dst);
}
u3_noun
u3qe_shal(u3_atom a,
u3_atom b)
{
c3_assert(_(u3a_is_cat(a)));
c3_y* fat_y = u3a_malloc(a + 1);
u3r_bytes(0, a, fat_y, b);
{
c3_y dig_y[64];
#if defined(U3_OS_osx)
CC_SHA512_CTX ctx_h;
CC_SHA512_Init(&ctx_h);
CC_SHA512_Update(&ctx_h, fat_y, a);
CC_SHA512_Final(dig_y, &ctx_h);
#else
SHA512_CTX ctx_h;
SHA512_Init(&ctx_h);
SHA512_Update(&ctx_h, fat_y, a);
SHA512_Final(dig_y, &ctx_h);
#endif
u3a_free(fat_y);
return u3i_bytes(64, dig_y);
}
}
void sha512(char *string, char *salt, char outputBuffer[SHA512_OUTPUT])
{
unsigned char hash[SHA512_DIGEST_LENGTH];
SHA512_CTX sha512;
SHA512_Init(&sha512);
SHA512_Update(&sha512, string, strlen(string));
/* Concatenate salt fo the password */
SHA512_Update(&sha512, salt, strlen(salt));
SHA512_Final(hash, &sha512);
int i = 0;
for(i = 0; i < SHA512_DIGEST_LENGTH; i++)
{
sprintf(outputBuffer + (i * 2), "%02x", hash[i]);
}
outputBuffer[SHA512_OUTPUT-1] = 0;
}
static void
int_sha512_update(PX_MD *h, const uint8 *data, unsigned dlen)
{
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
SHA512_Update(ctx, data, dlen);
}
static int
__archive_libmd_sha512update(archive_sha512_ctx *ctx, const void *indata,
size_t insize)
{
SHA512_Update(ctx, indata, insize);
return (ARCHIVE_OK);
}
u2_weak // produce
j2_mbc(Pt5, shal)(u2_wire wir_r,
u2_atom a, // retain
u2_atom b) // retain
{
c3_assert(u2_fly_is_cat(a));
c3_y* fat_y = c3_malloc(a + 1);
u2_bytes(0, a, fat_y, b);
{
c3_y dig_y[64];
#if defined(U2_OS_osx)
CC_SHA512_CTX ctx_h;
CC_SHA512_Init(&ctx_h);
CC_SHA512_Update(&ctx_h, fat_y, a);
CC_SHA512_Final(dig_y, &ctx_h);
#else
SHA512_CTX ctx_h;
SHA512_Init(&ctx_h);
SHA512_Update(&ctx_h, fat_y, a);
SHA512_Final(dig_y, &ctx_h);
#endif
free(fat_y);
return u2_rl_bytes(wir_r, 64, dig_y);
}
}
void
g_eli_crypto_hmac_update(struct hmac_ctx *ctx, const uint8_t *data,
size_t datasize)
{
SHA512_Update(&ctx->shactx, data, datasize);
}