17dc32ad5SXiaodong Liu /**********************************************************************
27dc32ad5SXiaodong Liu Copyright(c) 2011-2017 Intel Corporation All rights reserved.
37dc32ad5SXiaodong Liu
47dc32ad5SXiaodong Liu Redistribution and use in source and binary forms, with or without
57dc32ad5SXiaodong Liu modification, are permitted provided that the following conditions
67dc32ad5SXiaodong Liu are met:
77dc32ad5SXiaodong Liu * Redistributions of source code must retain the above copyright
87dc32ad5SXiaodong Liu notice, this list of conditions and the following disclaimer.
97dc32ad5SXiaodong Liu * Redistributions in binary form must reproduce the above copyright
107dc32ad5SXiaodong Liu notice, this list of conditions and the following disclaimer in
117dc32ad5SXiaodong Liu the documentation and/or other materials provided with the
127dc32ad5SXiaodong Liu distribution.
137dc32ad5SXiaodong Liu * Neither the name of Intel Corporation nor the names of its
147dc32ad5SXiaodong Liu contributors may be used to endorse or promote products derived
157dc32ad5SXiaodong Liu from this software without specific prior written permission.
167dc32ad5SXiaodong Liu
177dc32ad5SXiaodong Liu THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
187dc32ad5SXiaodong Liu "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
197dc32ad5SXiaodong Liu LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
207dc32ad5SXiaodong Liu A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
217dc32ad5SXiaodong Liu OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
227dc32ad5SXiaodong Liu SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
237dc32ad5SXiaodong Liu LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
247dc32ad5SXiaodong Liu DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
257dc32ad5SXiaodong Liu THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
267dc32ad5SXiaodong Liu (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
277dc32ad5SXiaodong Liu OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
287dc32ad5SXiaodong Liu **********************************************************************/
297dc32ad5SXiaodong Liu
307dc32ad5SXiaodong Liu #include "mh_sha256_internal.h"
317dc32ad5SXiaodong Liu #include <string.h>
327dc32ad5SXiaodong Liu
337dc32ad5SXiaodong Liu ////////////////////////////////////////////////////////////////////////
347dc32ad5SXiaodong Liu ////////////////////////////////////////////////////////////////////////
357dc32ad5SXiaodong Liu // Reference SHA256 Functions for mh_sha256
367dc32ad5SXiaodong Liu ////////////////////////////////////////////////////////////////////////
377dc32ad5SXiaodong Liu ////////////////////////////////////////////////////////////////////////
387dc32ad5SXiaodong Liu
397dc32ad5SXiaodong Liu #define W(x) w[(x) & 15]
407dc32ad5SXiaodong Liu
417dc32ad5SXiaodong Liu #define step(i, a, b, c, d, e, f, g, h, k) \
4238e16e11SMarcel Cornu if (i < 16) \
4338e16e11SMarcel Cornu W(i) = to_be32(ww[i]); \
447dc32ad5SXiaodong Liu else \
457dc32ad5SXiaodong Liu W(i) = W(i - 16) + S0(W(i - 15)) + W(i - 7) + S1(W(i - 2)); \
467dc32ad5SXiaodong Liu t2 = s0(a) + maj(a, b, c); \
477dc32ad5SXiaodong Liu t1 = h + s1(e) + ch(e, f, g) + k + W(i); \
487dc32ad5SXiaodong Liu d += t1; \
497dc32ad5SXiaodong Liu h = t1 + t2;
507dc32ad5SXiaodong Liu
5138e16e11SMarcel Cornu void
sha256_single_for_mh_sha256(const uint8_t * data,uint32_t digest[])5238e16e11SMarcel Cornu sha256_single_for_mh_sha256(const uint8_t *data, uint32_t digest[])
537dc32ad5SXiaodong Liu {
547dc32ad5SXiaodong Liu uint32_t a, b, c, d, e, f, g, h, t1, t2;
557dc32ad5SXiaodong Liu uint32_t w[16];
567dc32ad5SXiaodong Liu uint32_t *ww = (uint32_t *) data;
577dc32ad5SXiaodong Liu
587dc32ad5SXiaodong Liu a = digest[0];
597dc32ad5SXiaodong Liu b = digest[1];
607dc32ad5SXiaodong Liu c = digest[2];
617dc32ad5SXiaodong Liu d = digest[3];
627dc32ad5SXiaodong Liu e = digest[4];
637dc32ad5SXiaodong Liu f = digest[5];
647dc32ad5SXiaodong Liu g = digest[6];
657dc32ad5SXiaodong Liu h = digest[7];
667dc32ad5SXiaodong Liu
677dc32ad5SXiaodong Liu step(0, a, b, c, d, e, f, g, h, 0x428a2f98);
687dc32ad5SXiaodong Liu step(1, h, a, b, c, d, e, f, g, 0x71374491);
697dc32ad5SXiaodong Liu step(2, g, h, a, b, c, d, e, f, 0xb5c0fbcf);
707dc32ad5SXiaodong Liu step(3, f, g, h, a, b, c, d, e, 0xe9b5dba5);
717dc32ad5SXiaodong Liu step(4, e, f, g, h, a, b, c, d, 0x3956c25b);
727dc32ad5SXiaodong Liu step(5, d, e, f, g, h, a, b, c, 0x59f111f1);
737dc32ad5SXiaodong Liu step(6, c, d, e, f, g, h, a, b, 0x923f82a4);
747dc32ad5SXiaodong Liu step(7, b, c, d, e, f, g, h, a, 0xab1c5ed5);
757dc32ad5SXiaodong Liu step(8, a, b, c, d, e, f, g, h, 0xd807aa98);
767dc32ad5SXiaodong Liu step(9, h, a, b, c, d, e, f, g, 0x12835b01);
777dc32ad5SXiaodong Liu step(10, g, h, a, b, c, d, e, f, 0x243185be);
787dc32ad5SXiaodong Liu step(11, f, g, h, a, b, c, d, e, 0x550c7dc3);
797dc32ad5SXiaodong Liu step(12, e, f, g, h, a, b, c, d, 0x72be5d74);
807dc32ad5SXiaodong Liu step(13, d, e, f, g, h, a, b, c, 0x80deb1fe);
817dc32ad5SXiaodong Liu step(14, c, d, e, f, g, h, a, b, 0x9bdc06a7);
827dc32ad5SXiaodong Liu step(15, b, c, d, e, f, g, h, a, 0xc19bf174);
837dc32ad5SXiaodong Liu step(16, a, b, c, d, e, f, g, h, 0xe49b69c1);
847dc32ad5SXiaodong Liu step(17, h, a, b, c, d, e, f, g, 0xefbe4786);
857dc32ad5SXiaodong Liu step(18, g, h, a, b, c, d, e, f, 0x0fc19dc6);
867dc32ad5SXiaodong Liu step(19, f, g, h, a, b, c, d, e, 0x240ca1cc);
877dc32ad5SXiaodong Liu step(20, e, f, g, h, a, b, c, d, 0x2de92c6f);
887dc32ad5SXiaodong Liu step(21, d, e, f, g, h, a, b, c, 0x4a7484aa);
897dc32ad5SXiaodong Liu step(22, c, d, e, f, g, h, a, b, 0x5cb0a9dc);
907dc32ad5SXiaodong Liu step(23, b, c, d, e, f, g, h, a, 0x76f988da);
917dc32ad5SXiaodong Liu step(24, a, b, c, d, e, f, g, h, 0x983e5152);
927dc32ad5SXiaodong Liu step(25, h, a, b, c, d, e, f, g, 0xa831c66d);
937dc32ad5SXiaodong Liu step(26, g, h, a, b, c, d, e, f, 0xb00327c8);
947dc32ad5SXiaodong Liu step(27, f, g, h, a, b, c, d, e, 0xbf597fc7);
957dc32ad5SXiaodong Liu step(28, e, f, g, h, a, b, c, d, 0xc6e00bf3);
967dc32ad5SXiaodong Liu step(29, d, e, f, g, h, a, b, c, 0xd5a79147);
977dc32ad5SXiaodong Liu step(30, c, d, e, f, g, h, a, b, 0x06ca6351);
987dc32ad5SXiaodong Liu step(31, b, c, d, e, f, g, h, a, 0x14292967);
997dc32ad5SXiaodong Liu step(32, a, b, c, d, e, f, g, h, 0x27b70a85);
1007dc32ad5SXiaodong Liu step(33, h, a, b, c, d, e, f, g, 0x2e1b2138);
1017dc32ad5SXiaodong Liu step(34, g, h, a, b, c, d, e, f, 0x4d2c6dfc);
1027dc32ad5SXiaodong Liu step(35, f, g, h, a, b, c, d, e, 0x53380d13);
1037dc32ad5SXiaodong Liu step(36, e, f, g, h, a, b, c, d, 0x650a7354);
1047dc32ad5SXiaodong Liu step(37, d, e, f, g, h, a, b, c, 0x766a0abb);
1057dc32ad5SXiaodong Liu step(38, c, d, e, f, g, h, a, b, 0x81c2c92e);
1067dc32ad5SXiaodong Liu step(39, b, c, d, e, f, g, h, a, 0x92722c85);
1077dc32ad5SXiaodong Liu step(40, a, b, c, d, e, f, g, h, 0xa2bfe8a1);
1087dc32ad5SXiaodong Liu step(41, h, a, b, c, d, e, f, g, 0xa81a664b);
1097dc32ad5SXiaodong Liu step(42, g, h, a, b, c, d, e, f, 0xc24b8b70);
1107dc32ad5SXiaodong Liu step(43, f, g, h, a, b, c, d, e, 0xc76c51a3);
1117dc32ad5SXiaodong Liu step(44, e, f, g, h, a, b, c, d, 0xd192e819);
1127dc32ad5SXiaodong Liu step(45, d, e, f, g, h, a, b, c, 0xd6990624);
1137dc32ad5SXiaodong Liu step(46, c, d, e, f, g, h, a, b, 0xf40e3585);
1147dc32ad5SXiaodong Liu step(47, b, c, d, e, f, g, h, a, 0x106aa070);
1157dc32ad5SXiaodong Liu step(48, a, b, c, d, e, f, g, h, 0x19a4c116);
1167dc32ad5SXiaodong Liu step(49, h, a, b, c, d, e, f, g, 0x1e376c08);
1177dc32ad5SXiaodong Liu step(50, g, h, a, b, c, d, e, f, 0x2748774c);
1187dc32ad5SXiaodong Liu step(51, f, g, h, a, b, c, d, e, 0x34b0bcb5);
1197dc32ad5SXiaodong Liu step(52, e, f, g, h, a, b, c, d, 0x391c0cb3);
1207dc32ad5SXiaodong Liu step(53, d, e, f, g, h, a, b, c, 0x4ed8aa4a);
1217dc32ad5SXiaodong Liu step(54, c, d, e, f, g, h, a, b, 0x5b9cca4f);
1227dc32ad5SXiaodong Liu step(55, b, c, d, e, f, g, h, a, 0x682e6ff3);
1237dc32ad5SXiaodong Liu step(56, a, b, c, d, e, f, g, h, 0x748f82ee);
1247dc32ad5SXiaodong Liu step(57, h, a, b, c, d, e, f, g, 0x78a5636f);
1257dc32ad5SXiaodong Liu step(58, g, h, a, b, c, d, e, f, 0x84c87814);
1267dc32ad5SXiaodong Liu step(59, f, g, h, a, b, c, d, e, 0x8cc70208);
1277dc32ad5SXiaodong Liu step(60, e, f, g, h, a, b, c, d, 0x90befffa);
1287dc32ad5SXiaodong Liu step(61, d, e, f, g, h, a, b, c, 0xa4506ceb);
1297dc32ad5SXiaodong Liu step(62, c, d, e, f, g, h, a, b, 0xbef9a3f7);
1307dc32ad5SXiaodong Liu step(63, b, c, d, e, f, g, h, a, 0xc67178f2);
1317dc32ad5SXiaodong Liu
1327dc32ad5SXiaodong Liu digest[0] += a;
1337dc32ad5SXiaodong Liu digest[1] += b;
1347dc32ad5SXiaodong Liu digest[2] += c;
1357dc32ad5SXiaodong Liu digest[3] += d;
1367dc32ad5SXiaodong Liu digest[4] += e;
1377dc32ad5SXiaodong Liu digest[5] += f;
1387dc32ad5SXiaodong Liu digest[6] += g;
1397dc32ad5SXiaodong Liu digest[7] += h;
1407dc32ad5SXiaodong Liu }
1417dc32ad5SXiaodong Liu
14238e16e11SMarcel Cornu void
sha256_for_mh_sha256(const uint8_t * input_data,uint32_t * digest,const uint32_t len)14338e16e11SMarcel Cornu sha256_for_mh_sha256(const uint8_t *input_data, uint32_t *digest, const uint32_t len)
1447dc32ad5SXiaodong Liu {
1457dc32ad5SXiaodong Liu uint32_t i, j;
146*15f45959SMarcel Cornu uint8_t buf[2 * ISAL_SHA256_BLOCK_SIZE];
1477dc32ad5SXiaodong Liu
1487dc32ad5SXiaodong Liu digest[0] = MH_SHA256_H0;
1497dc32ad5SXiaodong Liu digest[1] = MH_SHA256_H1;
1507dc32ad5SXiaodong Liu digest[2] = MH_SHA256_H2;
1517dc32ad5SXiaodong Liu digest[3] = MH_SHA256_H3;
1527dc32ad5SXiaodong Liu digest[4] = MH_SHA256_H4;
1537dc32ad5SXiaodong Liu digest[5] = MH_SHA256_H5;
1547dc32ad5SXiaodong Liu digest[6] = MH_SHA256_H6;
1557dc32ad5SXiaodong Liu digest[7] = MH_SHA256_H7;
1567dc32ad5SXiaodong Liu
1577dc32ad5SXiaodong Liu i = len;
158*15f45959SMarcel Cornu while (i >= ISAL_SHA256_BLOCK_SIZE) {
1597dc32ad5SXiaodong Liu sha256_single_for_mh_sha256(input_data, digest);
160*15f45959SMarcel Cornu input_data += ISAL_SHA256_BLOCK_SIZE;
161*15f45959SMarcel Cornu i -= ISAL_SHA256_BLOCK_SIZE;
1627dc32ad5SXiaodong Liu }
1637dc32ad5SXiaodong Liu
1647dc32ad5SXiaodong Liu memcpy(buf, input_data, i);
1657dc32ad5SXiaodong Liu buf[i++] = 0x80;
166*15f45959SMarcel Cornu for (j = i; j < ((2 * ISAL_SHA256_BLOCK_SIZE) - 8); j++)
1677dc32ad5SXiaodong Liu buf[j] = 0;
1687dc32ad5SXiaodong Liu
169*15f45959SMarcel Cornu if (i > ISAL_SHA256_BLOCK_SIZE - 8)
170*15f45959SMarcel Cornu i = 2 * ISAL_SHA256_BLOCK_SIZE;
1717dc32ad5SXiaodong Liu else
172*15f45959SMarcel Cornu i = ISAL_SHA256_BLOCK_SIZE;
1737dc32ad5SXiaodong Liu
174e3f7d4fbSUlrich Weigand *(uint64_t *) (buf + i - 8) = to_be64((uint64_t) len * 8);
1757dc32ad5SXiaodong Liu
1767dc32ad5SXiaodong Liu sha256_single_for_mh_sha256(buf, digest);
177*15f45959SMarcel Cornu if (i == (2 * ISAL_SHA256_BLOCK_SIZE))
178*15f45959SMarcel Cornu sha256_single_for_mh_sha256(buf + ISAL_SHA256_BLOCK_SIZE, digest);
1797dc32ad5SXiaodong Liu }
180