void SHA256_Final(sha2_byte digest[], SHA256_CTX* context) { sha2_word32 *d = (sha2_word32*)digest; unsigned int usedspace; /* Sanity check: */ assert(context != (SHA256_CTX*)0); /* If no digest buffer is passed, we don't bother doing this: */ if (digest != (sha2_byte*)0) { usedspace = (unsigned int)((context->bitcount >> 3) % SHA256_BLOCK_LENGTH); #if SIRIKATA_BYTE_ORDER == SIRIKATA_LITTLE_ENDIAN /* Convert FROM host byte order */ REVERSE64(context->bitcount,context->bitcount); #endif if (usedspace > 0) { /* Begin padding with a 1 bit: */ context->buffer[usedspace++] = 0x80; if (usedspace <= SHA256_SHORT_BLOCK_LENGTH) { /* Set-up for the last transform: */ MEMSET_BZERO(&context->buffer[usedspace], SHA256_SHORT_BLOCK_LENGTH - usedspace); } else { if (usedspace < SHA256_BLOCK_LENGTH) { MEMSET_BZERO(&context->buffer[usedspace], SHA256_BLOCK_LENGTH - usedspace); } /* Do second-to-last transform: */ SHA256_Transform(context, (sha2_word32*)context->buffer); /* And set-up for the last transform: */ MEMSET_BZERO(context->buffer, SHA256_SHORT_BLOCK_LENGTH); } } else { /* Set-up for the last transform: */ MEMSET_BZERO(context->buffer, SHA256_SHORT_BLOCK_LENGTH); /* Begin padding with a 1 bit: */ *context->buffer = 0x80; } /* Set the bit count: */ *(sha2_word64*)&context->buffer[SHA256_SHORT_BLOCK_LENGTH] = context->bitcount; /* Final transform: */ SHA256_Transform(context, (sha2_word32*)context->buffer); #if SIRIKATA_BYTE_ORDER == SIRIKATA_LITTLE_ENDIAN { /* Convert TO host byte order */ int j; for (j = 0; j < 8; j++) { REVERSE32(context->state[j],context->state[j]); *d++ = context->state[j]; } } #else MEMCPY_BCOPY(d, context->state, SHA256_DIGEST_LENGTH); #endif }
void unabto_sha256_update(sha256_ctx* context, const sha2_byte *data, uint16_t len) { uint16_t freespace, usedspace; if (len == 0) { /* Calling with no data is valid - we do nothing */ return; } /* Sanity check: */ // assert(context != (sha256_ctx*)0 && data != (sha2_byte*)0); usedspace = context->byteCount % SHA256_BLOCK_LENGTH; if (usedspace > 0) { /* Calculate how much free space is available in the buffer */ freespace = SHA256_BLOCK_LENGTH - usedspace; if (len >= freespace) { /* Fill the buffer completely and process it */ MEMCPY_BCOPY(&context->buffer[usedspace], data, freespace); context->byteCount += freespace; len -= freespace; data += freespace; SHA256_Transform(context, (sha2_word32*)context->buffer); } else { /* The buffer is not yet full */ MEMCPY_BCOPY(&context->buffer[usedspace], data, len); context->byteCount += len; /* Clean up: */ usedspace = freespace = 0; return; } } // NABTO_LOG_TRACE(("len %i", len)); while (len >= SHA256_BLOCK_LENGTH) { /* Process as many complete blocks as we can */ SHA256_Transform(context, (sha2_word32*)data); context->byteCount += SHA256_BLOCK_LENGTH; // print_sha256_ctx(context); len -= SHA256_BLOCK_LENGTH; data += SHA256_BLOCK_LENGTH; } // NABTO_LOG_TRACE((" i: %i",i)); if (len > 0) { /* There's left-overs, so save 'em */ MEMCPY_BCOPY(context->buffer, data, len); context->byteCount += len; // print_sha256_ctx(context); } /* Clean up: */ usedspace = freespace = 0; }
static int partial_hash_sha256(uint8_t *data_in, uint8_t *data_out) { SHA256_CTX ctx; if (!SHA256_Init(&ctx)) return -EFAULT; SHA256_Transform(&ctx, data_in); rte_memcpy(data_out, &ctx, SHA256_DIGEST_LENGTH); return 0; }
/** * PBKDF2_SHA256(passwd, passwdlen, salt, saltlen, c, buf, dkLen): * Compute PBKDF2(passwd, salt, c, dkLen) using HMAC-SHA256 as the PRF, and * write the output to buf. The value dkLen must be at most 32 * (2^32 - 1). */ static inline void PBKDF2_SHA256_80_128(const uint32_t * passwd, uint32_t * buf) { SHA256_CTX PShictx, PShoctx; uint32_t tstate[8]; uint32_t ihash[8]; uint32_t i; uint32_t pad[16]; static const uint32_t innerpad[11] = {0x00000080, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xa0040000}; /* If Klen > 64, the key is really SHA256(K). */ SHA256_InitState(tstate); SHA256_Transform(tstate, passwd, 1); memcpy(pad, passwd+16, 16); memcpy(pad+4, passwdpad, 48); SHA256_Transform(tstate, pad, 1); memcpy(ihash, tstate, 32); SHA256_InitState(PShictx.state); for (i = 0; i < 8; i++) pad[i] = ihash[i] ^ 0x36363636; for (; i < 16; i++) pad[i] = 0x36363636; SHA256_Transform(PShictx.state, pad, 0); SHA256_Transform(PShictx.state, passwd, 1); be32enc_vect(PShictx.buf, passwd+16, 4); be32enc_vect(PShictx.buf+5, innerpad, 11); SHA256_InitState(PShoctx.state); for (i = 0; i < 8; i++) pad[i] = ihash[i] ^ 0x5c5c5c5c; for (; i < 16; i++) pad[i] = 0x5c5c5c5c; SHA256_Transform(PShoctx.state, pad, 0); memcpy(PShoctx.buf+8, outerpad, 32); /* Iterate through the blocks. */ for (i = 0; i < 4; i++) { uint32_t istate[8]; uint32_t ostate[8]; memcpy(istate, PShictx.state, 32); PShictx.buf[4] = i + 1; SHA256_Transform(istate, PShictx.buf, 0); memcpy(PShoctx.buf, istate, 32); memcpy(ostate, PShoctx.state, 32); SHA256_Transform(ostate, PShoctx.buf, 0); be32enc_vect(buf+i*8, ostate, 8); } }
static inline uint32_t PBKDF2_SHA256_80_128_32(const uint32_t * passwd, const uint32_t * salt) { uint32_t tstate[8]; uint32_t ostate[8]; uint32_t ihash[8]; uint32_t i; /* Compute HMAC state after processing P and S. */ uint32_t pad[16]; static const uint32_t ihash_finalblk[16] = {0x00000001,0x80000000,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0x00000620}; /* If Klen > 64, the key is really SHA256(K). */ SHA256_InitState(tstate); SHA256_Transform(tstate, passwd, 1); memcpy(pad, passwd+16, 16); memcpy(pad+4, passwdpad, 48); SHA256_Transform(tstate, pad, 1); memcpy(ihash, tstate, 32); SHA256_InitState(ostate); for (i = 0; i < 8; i++) pad[i] = ihash[i] ^ 0x5c5c5c5c; for (; i < 16; i++) pad[i] = 0x5c5c5c5c; SHA256_Transform(ostate, pad, 0); SHA256_InitState(tstate); for (i = 0; i < 8; i++) pad[i] = ihash[i] ^ 0x36363636; for (; i < 16; i++) pad[i] = 0x36363636; SHA256_Transform(tstate, pad, 0); SHA256_Transform(tstate, salt, 1); SHA256_Transform(tstate, salt+16, 1); SHA256_Transform(tstate, ihash_finalblk, 0); memcpy(pad, tstate, 32); memcpy(pad+8, outerpad, 32); /* Feed the inner hash to the outer SHA256 operation. */ SHA256_Transform(ostate, pad, 0); /* Finish the outer SHA256 operation. */ return byteswap(ostate[7]); }
/* Add bytes into the hash */ void SHA256_Update(SHA256_CTX * ctx, const void *in, size_t len) { uint32_t r, l; const unsigned char *src = in; /* Number of bytes left in the buffer from previous updates */ r = ctx->count & 0x3f; while (len > 0) { l = 64 - r; if (l > len) l = len; memcpy(&ctx->buf[r], src, l); len -= l; src += l; ctx->count += l; r = ctx->count & 0x3f; if (r == 0) SHA256_Transform(ctx->state, ctx->buf); } }
static void tls1_sha256_transform(HASH_CTX *ctx, const uint8_t *block) { SHA256_Transform(&ctx->sha256, block); }
void unabto_sha256_final(sha256_ctx* context,sha2_byte digest[]) { sha2_word32 *d = (sha2_word32*)digest; unsigned int usedspace; /* Sanity check: */ // assert(context != (sha256_ctx*)0); /* If no digest buffer is passed, we don't bother doing this: */ if (digest != (sha2_byte*)0) { usedspace = context->byteCount % SHA256_BLOCK_LENGTH; if (usedspace > 0) { /* Begin padding with a 1 bit: */ context->buffer[usedspace++] = 0x80; if (usedspace <= SHA256_SHORT_BLOCK_LENGTH) { /* Set-up for the last transform: */ MEMSET_BZERO(&context->buffer[usedspace], SHA256_BLOCK_LENGTH - usedspace); } else { if (usedspace < SHA256_BLOCK_LENGTH) { MEMSET_BZERO(&context->buffer[usedspace], SHA256_BLOCK_LENGTH - usedspace); } /* Do second-to-last transform: */ SHA256_Transform(context, (sha2_word32*)context->buffer); /* And set-up for the last transform: */ MEMSET_BZERO(context->buffer, SHA256_BLOCK_LENGTH); } } else { /* Set-up for the last transform: */ MEMSET_BZERO(context->buffer, SHA256_BLOCK_LENGTH); /* Begin padding with a 1 bit: */ *context->buffer = 0x80; } /* Set the bit count: */ /* Convert FROM host byte order */ { uint16_t tmp16; uint16_t tmp16_ = context->byteCount; tmp16_ <<= 3; READ_U16(tmp16, &tmp16_); memset(&context->buffer[SHA256_BLOCK_LENGTH - 8], 0, 6); *(uint16_t*)&context->buffer[SHA256_BLOCK_LENGTH - 2] = tmp16; } //print_sha256_ctx(context); /* Final transform: */ SHA256_Transform(context, (sha2_word32*)context->buffer); //print_sha256_ctx(context); { /* Convert TO host byte order */ uint8_t j; for (j = 0; j < 8; j++) { WRITE_U32(d, context->state[j]); d++; } } } /* Clean up state data: */ MEMSET_BZERO(context, sizeof(sha256_ctx)); usedspace = 0; }
static void runhash(void *state, const void *input, const void *init) { memcpy(state, init, 32); SHA256_Transform((word32*)state, (const word32*)input); }