PostgreSQL Source Code git master
sha2.c File Reference
#include "postgres.h"
#include "sha2_int.h"
Include dependency graph for sha2.c:

Go to the source code of this file.

Macros

#define ALLOC(size)   palloc(size)
 
#define FREE(ptr)   pfree(ptr)
 
#define PG_SHA256_SHORT_BLOCK_LENGTH   (PG_SHA256_BLOCK_LENGTH - 8)
 
#define PG_SHA384_SHORT_BLOCK_LENGTH   (PG_SHA384_BLOCK_LENGTH - 16)
 
#define PG_SHA512_SHORT_BLOCK_LENGTH   (PG_SHA512_BLOCK_LENGTH - 16)
 
#define REVERSE32(w, x)
 
#define REVERSE64(w, x)
 
#define ADDINC128(w, n)
 
#define R(b, x)   ((x) >> (b))
 
#define S32(b, x)   (((x) >> (b)) | ((x) << (32 - (b))))
 
#define S64(b, x)   (((x) >> (b)) | ((x) << (64 - (b))))
 
#define Ch(x, y, z)   (((x) & (y)) ^ ((~(x)) & (z)))
 
#define Maj(x, y, z)   (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
 
#define Sigma0_256(x)   (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x)))
 
#define Sigma1_256(x)   (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x)))
 
#define sigma0_256(x)   (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x)))
 
#define sigma1_256(x)   (S32(17, (x)) ^ S32(19, (x)) ^ R(10, (x)))
 
#define Sigma0_512(x)   (S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x)))
 
#define Sigma1_512(x)   (S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x)))
 
#define sigma0_512(x)   (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x)))
 
#define sigma1_512(x)   (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x)))
 

Functions

static void SHA512_Last (pg_sha512_ctx *context)
 
static void SHA256_Transform (pg_sha256_ctx *context, const uint8 *data)
 
static void SHA512_Transform (pg_sha512_ctx *context, const uint8 *data)
 
void pg_sha256_init (pg_sha256_ctx *context)
 
void pg_sha256_update (pg_sha256_ctx *context, const uint8 *data, size_t len)
 
static void SHA256_Last (pg_sha256_ctx *context)
 
void pg_sha256_final (pg_sha256_ctx *context, uint8 *digest)
 
void pg_sha512_init (pg_sha512_ctx *context)
 
void pg_sha512_update (pg_sha512_ctx *context, const uint8 *data, size_t len)
 
void pg_sha512_final (pg_sha512_ctx *context, uint8 *digest)
 
void pg_sha384_init (pg_sha384_ctx *context)
 
void pg_sha384_update (pg_sha384_ctx *context, const uint8 *data, size_t len)
 
void pg_sha384_final (pg_sha384_ctx *context, uint8 *digest)
 
void pg_sha224_init (pg_sha224_ctx *context)
 
void pg_sha224_update (pg_sha224_ctx *context, const uint8 *data, size_t len)
 
void pg_sha224_final (pg_sha224_ctx *context, uint8 *digest)
 

Variables

static const uint32 K256 [64]
 
static const uint32 sha224_initial_hash_value [8]
 
static const uint32 sha256_initial_hash_value [8]
 
static const uint64 K512 [80]
 
static const uint64 sha384_initial_hash_value [8]
 
static const uint64 sha512_initial_hash_value [8]
 

Macro Definition Documentation

◆ ADDINC128

#define ADDINC128 (   w,
 
)
Value:
{ \
(w)[0] += (uint64)(n); \
if ((w)[0] < (n)) { \
(w)[1]++; \
} \
}
uint64_t uint64
Definition: c.h:489

Definition at line 115 of file sha2.c.

◆ ALLOC

#define ALLOC (   size)    palloc(size)

Definition at line 67 of file sha2.c.

◆ Ch

#define Ch (   x,
  y,
 
)    (((x) & (y)) ^ ((~(x)) & (z)))

Definition at line 139 of file sha2.c.

◆ FREE

#define FREE (   ptr)    pfree(ptr)

Definition at line 68 of file sha2.c.

◆ Maj

#define Maj (   x,
  y,
 
)    (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))

Definition at line 140 of file sha2.c.

◆ PG_SHA256_SHORT_BLOCK_LENGTH

#define PG_SHA256_SHORT_BLOCK_LENGTH   (PG_SHA256_BLOCK_LENGTH - 8)

Definition at line 89 of file sha2.c.

◆ PG_SHA384_SHORT_BLOCK_LENGTH

#define PG_SHA384_SHORT_BLOCK_LENGTH   (PG_SHA384_BLOCK_LENGTH - 16)

Definition at line 90 of file sha2.c.

◆ PG_SHA512_SHORT_BLOCK_LENGTH

#define PG_SHA512_SHORT_BLOCK_LENGTH   (PG_SHA512_BLOCK_LENGTH - 16)

Definition at line 91 of file sha2.c.

◆ R

#define R (   b,
  x 
)    ((x) >> (b))

Definition at line 132 of file sha2.c.

◆ REVERSE32

#define REVERSE32 (   w,
  x 
)
Value:
{ \
uint32 tmp = (w); \
tmp = (tmp >> 16) | (tmp << 16); \
(x) = ((tmp & 0xff00ff00UL) >> 8) | ((tmp & 0x00ff00ffUL) << 8); \
}
int x
Definition: isn.c:70

Definition at line 95 of file sha2.c.

◆ REVERSE64

#define REVERSE64 (   w,
  x 
)
Value:
{ \
uint64 tmp = (w); \
tmp = (tmp >> 32) | (tmp << 32); \
tmp = ((tmp & 0xff00ff00ff00ff00ULL) >> 8) | \
((tmp & 0x00ff00ff00ff00ffULL) << 8); \
(x) = ((tmp & 0xffff0000ffff0000ULL) >> 16) | \
((tmp & 0x0000ffff0000ffffULL) << 16); \
}

Definition at line 100 of file sha2.c.

◆ S32

#define S32 (   b,
  x 
)    (((x) >> (b)) | ((x) << (32 - (b))))

Definition at line 134 of file sha2.c.

◆ S64

#define S64 (   b,
  x 
)    (((x) >> (b)) | ((x) << (64 - (b))))

Definition at line 136 of file sha2.c.

◆ Sigma0_256

#define Sigma0_256 (   x)    (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x)))

Definition at line 143 of file sha2.c.

◆ sigma0_256

#define sigma0_256 (   x)    (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x)))

Definition at line 145 of file sha2.c.

◆ Sigma0_512

#define Sigma0_512 (   x)    (S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x)))

Definition at line 149 of file sha2.c.

◆ sigma0_512

#define sigma0_512 (   x)    (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x)))

Definition at line 151 of file sha2.c.

◆ Sigma1_256

#define Sigma1_256 (   x)    (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x)))

Definition at line 144 of file sha2.c.

◆ sigma1_256

#define sigma1_256 (   x)    (S32(17, (x)) ^ S32(19, (x)) ^ R(10, (x)))

Definition at line 146 of file sha2.c.

◆ Sigma1_512

#define Sigma1_512 (   x)    (S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x)))

Definition at line 150 of file sha2.c.

◆ sigma1_512

#define sigma1_512 (   x)    (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x)))

Definition at line 152 of file sha2.c.

Function Documentation

◆ pg_sha224_final()

void pg_sha224_final ( pg_sha224_ctx context,
uint8 digest 
)

Definition at line 994 of file sha2.c.

995{
996 /* If no digest buffer is passed, we don't bother doing this: */
997 if (digest != NULL)
998 {
999 SHA256_Last(context);
1000
1001#ifndef WORDS_BIGENDIAN
1002 {
1003 /* Convert TO host byte order */
1004 int j;
1005
1006 for (j = 0; j < 8; j++)
1007 {
1008 REVERSE32(context->state[j], context->state[j]);
1009 }
1010 }
1011#endif
1012 memcpy(digest, context->state, PG_SHA224_DIGEST_LENGTH);
1013 }
1014
1015 /* Clean up state data: */
1016 memset(context, 0, sizeof(pg_sha224_ctx));
1017}
int j
Definition: isn.c:73
#define REVERSE32(w, x)
Definition: sha2.c:95
static void SHA256_Last(pg_sha256_ctx *context)
Definition: sha2.c:529
#define PG_SHA224_DIGEST_LENGTH
Definition: sha2.h:20
uint32 state[8]
Definition: sha2_int.h:57

References j, PG_SHA224_DIGEST_LENGTH, REVERSE32, SHA256_Last(), and pg_sha256_ctx::state.

Referenced by pg_cryptohash_final().

◆ pg_sha224_init()

void pg_sha224_init ( pg_sha224_ctx context)

Definition at line 978 of file sha2.c.

979{
980 if (context == NULL)
981 return;
983 memset(context->buffer, 0, PG_SHA256_BLOCK_LENGTH);
984 context->bitcount = 0;
985}
static const uint32 sha224_initial_hash_value[8]
Definition: sha2.c:185
#define PG_SHA256_DIGEST_LENGTH
Definition: sha2.h:23
#define PG_SHA256_BLOCK_LENGTH
Definition: sha2.h:22
uint8 buffer[PG_SHA256_BLOCK_LENGTH]
Definition: sha2_int.h:59
uint64 bitcount
Definition: sha2_int.h:58

References pg_sha256_ctx::bitcount, pg_sha256_ctx::buffer, PG_SHA256_BLOCK_LENGTH, PG_SHA256_DIGEST_LENGTH, sha224_initial_hash_value, and pg_sha256_ctx::state.

Referenced by pg_cryptohash_init().

◆ pg_sha224_update()

void pg_sha224_update ( pg_sha224_ctx context,
const uint8 data,
size_t  len 
)

Definition at line 988 of file sha2.c.

989{
990 pg_sha256_update((pg_sha256_ctx *) context, data, len);
991}
const void size_t len
const void * data
void pg_sha256_update(pg_sha256_ctx *context, const uint8 *data, size_t len)
Definition: sha2.c:476

References data, len, and pg_sha256_update().

Referenced by pg_cryptohash_update().

◆ pg_sha256_final()

void pg_sha256_final ( pg_sha256_ctx context,
uint8 digest 
)

Definition at line 577 of file sha2.c.

578{
579 /* If no digest buffer is passed, we don't bother doing this: */
580 if (digest != NULL)
581 {
582 SHA256_Last(context);
583
584#ifndef WORDS_BIGENDIAN
585 {
586 /* Convert TO host byte order */
587 int j;
588
589 for (j = 0; j < 8; j++)
590 {
591 REVERSE32(context->state[j], context->state[j]);
592 }
593 }
594#endif
595 memcpy(digest, context->state, PG_SHA256_DIGEST_LENGTH);
596 }
597
598 /* Clean up state data: */
599 memset(context, 0, sizeof(pg_sha256_ctx));
600}

References j, PG_SHA256_DIGEST_LENGTH, REVERSE32, SHA256_Last(), and pg_sha256_ctx::state.

Referenced by pg_cryptohash_final().

◆ pg_sha256_init()

void pg_sha256_init ( pg_sha256_ctx context)

Definition at line 279 of file sha2.c.

280{
281 if (context == NULL)
282 return;
284 memset(context->buffer, 0, PG_SHA256_BLOCK_LENGTH);
285 context->bitcount = 0;
286}
static const uint32 sha256_initial_hash_value[8]
Definition: sha2.c:197

References pg_sha256_ctx::bitcount, pg_sha256_ctx::buffer, PG_SHA256_BLOCK_LENGTH, PG_SHA256_DIGEST_LENGTH, sha256_initial_hash_value, and pg_sha256_ctx::state.

Referenced by pg_cryptohash_init().

◆ pg_sha256_update()

void pg_sha256_update ( pg_sha256_ctx context,
const uint8 data,
size_t  len 
)

Definition at line 476 of file sha2.c.

477{
478 size_t freespace,
479 usedspace;
480
481 /* Calling with no data is valid (we do nothing) */
482 if (len == 0)
483 return;
484
485 usedspace = (context->bitcount >> 3) % PG_SHA256_BLOCK_LENGTH;
486 if (usedspace > 0)
487 {
488 /* Calculate how much free space is available in the buffer */
489 freespace = PG_SHA256_BLOCK_LENGTH - usedspace;
490
491 if (len >= freespace)
492 {
493 /* Fill the buffer completely and process it */
494 memcpy(&context->buffer[usedspace], data, freespace);
495 context->bitcount += freespace << 3;
496 len -= freespace;
497 data += freespace;
498 SHA256_Transform(context, context->buffer);
499 }
500 else
501 {
502 /* The buffer is not yet full */
503 memcpy(&context->buffer[usedspace], data, len);
504 context->bitcount += len << 3;
505 /* Clean up: */
506 usedspace = freespace = 0;
507 return;
508 }
509 }
510 while (len >= PG_SHA256_BLOCK_LENGTH)
511 {
512 /* Process as many complete blocks as we can */
513 SHA256_Transform(context, data);
514 context->bitcount += PG_SHA256_BLOCK_LENGTH << 3;
517 }
518 if (len > 0)
519 {
520 /* There's left-overs, so save 'em */
521 memcpy(context->buffer, data, len);
522 context->bitcount += len << 3;
523 }
524 /* Clean up: */
525 usedspace = freespace = 0;
526}
static void SHA256_Transform(pg_sha256_ctx *context, const uint8 *data)
Definition: sha2.c:386

References pg_sha256_ctx::bitcount, pg_sha256_ctx::buffer, data, len, PG_SHA256_BLOCK_LENGTH, and SHA256_Transform().

Referenced by pg_cryptohash_update(), and pg_sha224_update().

◆ pg_sha384_final()

void pg_sha384_final ( pg_sha384_ctx context,
uint8 digest 
)

Definition at line 950 of file sha2.c.

951{
952 /* If no digest buffer is passed, we don't bother doing this: */
953 if (digest != NULL)
954 {
955 SHA512_Last((pg_sha512_ctx *) context);
956
957 /* Save the hash data for output: */
958#ifndef WORDS_BIGENDIAN
959 {
960 /* Convert TO host byte order */
961 int j;
962
963 for (j = 0; j < 6; j++)
964 {
965 REVERSE64(context->state[j], context->state[j]);
966 }
967 }
968#endif
969 memcpy(digest, context->state, PG_SHA384_DIGEST_LENGTH);
970 }
971
972 /* Zero out state data */
973 memset(context, 0, sizeof(pg_sha384_ctx));
974}
#define REVERSE64(w, x)
Definition: sha2.c:100
static void SHA512_Last(pg_sha512_ctx *context)
Definition: sha2.c:855
#define PG_SHA384_DIGEST_LENGTH
Definition: sha2.h:26
uint64 state[8]
Definition: sha2_int.h:63

References j, PG_SHA384_DIGEST_LENGTH, REVERSE64, SHA512_Last(), and pg_sha512_ctx::state.

Referenced by pg_cryptohash_final().

◆ pg_sha384_init()

void pg_sha384_init ( pg_sha384_ctx context)

Definition at line 934 of file sha2.c.

935{
936 if (context == NULL)
937 return;
939 memset(context->buffer, 0, PG_SHA384_BLOCK_LENGTH);
940 context->bitcount[0] = context->bitcount[1] = 0;
941}
static const uint64 sha384_initial_hash_value[8]
Definition: sha2.c:253
#define PG_SHA384_BLOCK_LENGTH
Definition: sha2.h:25
#define PG_SHA512_DIGEST_LENGTH
Definition: sha2.h:29
uint8 buffer[PG_SHA512_BLOCK_LENGTH]
Definition: sha2_int.h:65
uint64 bitcount[2]
Definition: sha2_int.h:64

References pg_sha512_ctx::bitcount, pg_sha512_ctx::buffer, PG_SHA384_BLOCK_LENGTH, PG_SHA512_DIGEST_LENGTH, sha384_initial_hash_value, and pg_sha512_ctx::state.

Referenced by pg_cryptohash_init().

◆ pg_sha384_update()

void pg_sha384_update ( pg_sha384_ctx context,
const uint8 data,
size_t  len 
)

Definition at line 944 of file sha2.c.

945{
946 pg_sha512_update((pg_sha512_ctx *) context, data, len);
947}
void pg_sha512_update(pg_sha512_ctx *context, const uint8 *data, size_t len)
Definition: sha2.c:802

References data, len, and pg_sha512_update().

Referenced by pg_cryptohash_update().

◆ pg_sha512_final()

void pg_sha512_final ( pg_sha512_ctx context,
uint8 digest 
)

Definition at line 905 of file sha2.c.

906{
907 /* If no digest buffer is passed, we don't bother doing this: */
908 if (digest != NULL)
909 {
910 SHA512_Last(context);
911
912 /* Save the hash data for output: */
913#ifndef WORDS_BIGENDIAN
914 {
915 /* Convert TO host byte order */
916 int j;
917
918 for (j = 0; j < 8; j++)
919 {
920 REVERSE64(context->state[j], context->state[j]);
921 }
922 }
923#endif
924 memcpy(digest, context->state, PG_SHA512_DIGEST_LENGTH);
925 }
926
927 /* Zero out state data */
928 memset(context, 0, sizeof(pg_sha512_ctx));
929}

References j, PG_SHA512_DIGEST_LENGTH, REVERSE64, SHA512_Last(), and pg_sha512_ctx::state.

Referenced by pg_cryptohash_final().

◆ pg_sha512_init()

void pg_sha512_init ( pg_sha512_ctx context)

Definition at line 605 of file sha2.c.

606{
607 if (context == NULL)
608 return;
610 memset(context->buffer, 0, PG_SHA512_BLOCK_LENGTH);
611 context->bitcount[0] = context->bitcount[1] = 0;
612}
static const uint64 sha512_initial_hash_value[8]
Definition: sha2.c:265
#define PG_SHA512_BLOCK_LENGTH
Definition: sha2.h:28

References pg_sha512_ctx::bitcount, pg_sha512_ctx::buffer, PG_SHA512_BLOCK_LENGTH, PG_SHA512_DIGEST_LENGTH, sha512_initial_hash_value, and pg_sha512_ctx::state.

Referenced by pg_cryptohash_init().

◆ pg_sha512_update()

void pg_sha512_update ( pg_sha512_ctx context,
const uint8 data,
size_t  len 
)

Definition at line 802 of file sha2.c.

803{
804 size_t freespace,
805 usedspace;
806
807 /* Calling with no data is valid (we do nothing) */
808 if (len == 0)
809 return;
810
811 usedspace = (context->bitcount[0] >> 3) % PG_SHA512_BLOCK_LENGTH;
812 if (usedspace > 0)
813 {
814 /* Calculate how much free space is available in the buffer */
815 freespace = PG_SHA512_BLOCK_LENGTH - usedspace;
816
817 if (len >= freespace)
818 {
819 /* Fill the buffer completely and process it */
820 memcpy(&context->buffer[usedspace], data, freespace);
821 ADDINC128(context->bitcount, freespace << 3);
822 len -= freespace;
823 data += freespace;
824 SHA512_Transform(context, context->buffer);
825 }
826 else
827 {
828 /* The buffer is not yet full */
829 memcpy(&context->buffer[usedspace], data, len);
830 ADDINC128(context->bitcount, len << 3);
831 /* Clean up: */
832 usedspace = freespace = 0;
833 return;
834 }
835 }
836 while (len >= PG_SHA512_BLOCK_LENGTH)
837 {
838 /* Process as many complete blocks as we can */
839 SHA512_Transform(context, data);
843 }
844 if (len > 0)
845 {
846 /* There's left-overs, so save 'em */
847 memcpy(context->buffer, data, len);
848 ADDINC128(context->bitcount, len << 3);
849 }
850 /* Clean up: */
851 usedspace = freespace = 0;
852}
#define ADDINC128(w, n)
Definition: sha2.c:115
static void SHA512_Transform(pg_sha512_ctx *context, const uint8 *data)
Definition: sha2.c:712

References ADDINC128, pg_sha512_ctx::bitcount, pg_sha512_ctx::buffer, data, len, PG_SHA512_BLOCK_LENGTH, and SHA512_Transform().

Referenced by pg_cryptohash_update(), and pg_sha384_update().

◆ SHA256_Last()

static void SHA256_Last ( pg_sha256_ctx context)
static

Definition at line 529 of file sha2.c.

530{
531 unsigned int usedspace;
532
533 usedspace = (context->bitcount >> 3) % PG_SHA256_BLOCK_LENGTH;
534#ifndef WORDS_BIGENDIAN
535 /* Convert FROM host byte order */
536 REVERSE64(context->bitcount, context->bitcount);
537#endif
538 if (usedspace > 0)
539 {
540 /* Begin padding with a 1 bit: */
541 context->buffer[usedspace++] = 0x80;
542
543 if (usedspace <= PG_SHA256_SHORT_BLOCK_LENGTH)
544 {
545 /* Set-up for the last transform: */
546 memset(&context->buffer[usedspace], 0, PG_SHA256_SHORT_BLOCK_LENGTH - usedspace);
547 }
548 else
549 {
550 if (usedspace < PG_SHA256_BLOCK_LENGTH)
551 {
552 memset(&context->buffer[usedspace], 0, PG_SHA256_BLOCK_LENGTH - usedspace);
553 }
554 /* Do second-to-last transform: */
555 SHA256_Transform(context, context->buffer);
556
557 /* And set-up for the last transform: */
558 memset(context->buffer, 0, PG_SHA256_SHORT_BLOCK_LENGTH);
559 }
560 }
561 else
562 {
563 /* Set-up for the last transform: */
564 memset(context->buffer, 0, PG_SHA256_SHORT_BLOCK_LENGTH);
565
566 /* Begin padding with a 1 bit: */
567 *context->buffer = 0x80;
568 }
569 /* Set the bit count: */
570 *(uint64 *) &context->buffer[PG_SHA256_SHORT_BLOCK_LENGTH] = context->bitcount;
571
572 /* Final transform: */
573 SHA256_Transform(context, context->buffer);
574}
#define PG_SHA256_SHORT_BLOCK_LENGTH
Definition: sha2.c:89

References pg_sha256_ctx::bitcount, pg_sha256_ctx::buffer, PG_SHA256_BLOCK_LENGTH, PG_SHA256_SHORT_BLOCK_LENGTH, REVERSE64, and SHA256_Transform().

Referenced by pg_sha224_final(), and pg_sha256_final().

◆ SHA256_Transform()

static void SHA256_Transform ( pg_sha256_ctx context,
const uint8 data 
)
static

Definition at line 386 of file sha2.c.

387{
388 uint32 a,
389 b,
390 c,
391 d,
392 e,
393 f,
394 g,
395 h,
396 s0,
397 s1;
398 uint32 T1,
399 T2,
400 *W256;
401 int j;
402
403 W256 = (uint32 *) context->buffer;
404
405 /* Initialize registers with the prev. intermediate value */
406 a = context->state[0];
407 b = context->state[1];
408 c = context->state[2];
409 d = context->state[3];
410 e = context->state[4];
411 f = context->state[5];
412 g = context->state[6];
413 h = context->state[7];
414
415 j = 0;
416 do
417 {
418 W256[j] = (uint32) data[3] | ((uint32) data[2] << 8) |
419 ((uint32) data[1] << 16) | ((uint32) data[0] << 24);
420 data += 4;
421 /* Apply the SHA-256 compression function to update a..h */
422 T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + W256[j];
423 T2 = Sigma0_256(a) + Maj(a, b, c);
424 h = g;
425 g = f;
426 f = e;
427 e = d + T1;
428 d = c;
429 c = b;
430 b = a;
431 a = T1 + T2;
432
433 j++;
434 } while (j < 16);
435
436 do
437 {
438 /* Part of the message block expansion: */
439 s0 = W256[(j + 1) & 0x0f];
440 s0 = sigma0_256(s0);
441 s1 = W256[(j + 14) & 0x0f];
442 s1 = sigma1_256(s1);
443
444 /* Apply the SHA-256 compression function to update a..h */
445 T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] +
446 (W256[j & 0x0f] += s1 + W256[(j + 9) & 0x0f] + s0);
447 T2 = Sigma0_256(a) + Maj(a, b, c);
448 h = g;
449 g = f;
450 f = e;
451 e = d + T1;
452 d = c;
453 c = b;
454 b = a;
455 a = T1 + T2;
456
457 j++;
458 } while (j < 64);
459
460 /* Compute the current intermediate hash value */
461 context->state[0] += a;
462 context->state[1] += b;
463 context->state[2] += c;
464 context->state[3] += d;
465 context->state[4] += e;
466 context->state[5] += f;
467 context->state[6] += g;
468 context->state[7] += h;
469
470 /* Clean up */
471 a = b = c = d = e = f = g = h = T1 = T2 = 0;
472}
uint32_t uint32
Definition: c.h:488
int b
Definition: isn.c:69
int a
Definition: isn.c:68
char * c
e
Definition: preproc-init.c:82
char * s1
#define Sigma0_256(x)
Definition: sha2.c:143
static const uint32 K256[64]
Definition: sha2.c:165
#define Maj(x, y, z)
Definition: sha2.c:140
#define sigma1_256(x)
Definition: sha2.c:146
#define Sigma1_256(x)
Definition: sha2.c:144
#define Ch(x, y, z)
Definition: sha2.c:139
#define sigma0_256(x)
Definition: sha2.c:145

References a, b, pg_sha256_ctx::buffer, Ch, data, j, K256, Maj, s1, Sigma0_256, Sigma1_256, and pg_sha256_ctx::state.

Referenced by pg_sha256_update(), and SHA256_Last().

◆ SHA512_Last()

static void SHA512_Last ( pg_sha512_ctx context)
static

Definition at line 855 of file sha2.c.

856{
857 unsigned int usedspace;
858
859 usedspace = (context->bitcount[0] >> 3) % PG_SHA512_BLOCK_LENGTH;
860#ifndef WORDS_BIGENDIAN
861 /* Convert FROM host byte order */
862 REVERSE64(context->bitcount[0], context->bitcount[0]);
863 REVERSE64(context->bitcount[1], context->bitcount[1]);
864#endif
865 if (usedspace > 0)
866 {
867 /* Begin padding with a 1 bit: */
868 context->buffer[usedspace++] = 0x80;
869
870 if (usedspace <= PG_SHA512_SHORT_BLOCK_LENGTH)
871 {
872 /* Set-up for the last transform: */
873 memset(&context->buffer[usedspace], 0, PG_SHA512_SHORT_BLOCK_LENGTH - usedspace);
874 }
875 else
876 {
877 if (usedspace < PG_SHA512_BLOCK_LENGTH)
878 {
879 memset(&context->buffer[usedspace], 0, PG_SHA512_BLOCK_LENGTH - usedspace);
880 }
881 /* Do second-to-last transform: */
882 SHA512_Transform(context, context->buffer);
883
884 /* And set-up for the last transform: */
885 memset(context->buffer, 0, PG_SHA512_BLOCK_LENGTH - 2);
886 }
887 }
888 else
889 {
890 /* Prepare for final transform: */
891 memset(context->buffer, 0, PG_SHA512_SHORT_BLOCK_LENGTH);
892
893 /* Begin padding with a 1 bit: */
894 *context->buffer = 0x80;
895 }
896 /* Store the length of input data (in bits): */
897 *(uint64 *) &context->buffer[PG_SHA512_SHORT_BLOCK_LENGTH] = context->bitcount[1];
898 *(uint64 *) &context->buffer[PG_SHA512_SHORT_BLOCK_LENGTH + 8] = context->bitcount[0];
899
900 /* Final transform: */
901 SHA512_Transform(context, context->buffer);
902}
#define PG_SHA512_SHORT_BLOCK_LENGTH
Definition: sha2.c:91

References pg_sha512_ctx::bitcount, pg_sha512_ctx::buffer, PG_SHA512_BLOCK_LENGTH, PG_SHA512_SHORT_BLOCK_LENGTH, REVERSE64, and SHA512_Transform().

Referenced by pg_sha384_final(), and pg_sha512_final().

◆ SHA512_Transform()

static void SHA512_Transform ( pg_sha512_ctx context,
const uint8 data 
)
static

Definition at line 712 of file sha2.c.

713{
714 uint64 a,
715 b,
716 c,
717 d,
718 e,
719 f,
720 g,
721 h,
722 s0,
723 s1;
724 uint64 T1,
725 T2,
726 *W512 = (uint64 *) context->buffer;
727 int j;
728
729 /* Initialize registers with the prev. intermediate value */
730 a = context->state[0];
731 b = context->state[1];
732 c = context->state[2];
733 d = context->state[3];
734 e = context->state[4];
735 f = context->state[5];
736 g = context->state[6];
737 h = context->state[7];
738
739 j = 0;
740 do
741 {
742 W512[j] = (uint64) data[7] | ((uint64) data[6] << 8) |
743 ((uint64) data[5] << 16) | ((uint64) data[4] << 24) |
744 ((uint64) data[3] << 32) | ((uint64) data[2] << 40) |
745 ((uint64) data[1] << 48) | ((uint64) data[0] << 56);
746 data += 8;
747 /* Apply the SHA-512 compression function to update a..h */
748 T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j];
749 T2 = Sigma0_512(a) + Maj(a, b, c);
750 h = g;
751 g = f;
752 f = e;
753 e = d + T1;
754 d = c;
755 c = b;
756 b = a;
757 a = T1 + T2;
758
759 j++;
760 } while (j < 16);
761
762 do
763 {
764 /* Part of the message block expansion: */
765 s0 = W512[(j + 1) & 0x0f];
766 s0 = sigma0_512(s0);
767 s1 = W512[(j + 14) & 0x0f];
768 s1 = sigma1_512(s1);
769
770 /* Apply the SHA-512 compression function to update a..h */
771 T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] +
772 (W512[j & 0x0f] += s1 + W512[(j + 9) & 0x0f] + s0);
773 T2 = Sigma0_512(a) + Maj(a, b, c);
774 h = g;
775 g = f;
776 f = e;
777 e = d + T1;
778 d = c;
779 c = b;
780 b = a;
781 a = T1 + T2;
782
783 j++;
784 } while (j < 80);
785
786 /* Compute the current intermediate hash value */
787 context->state[0] += a;
788 context->state[1] += b;
789 context->state[2] += c;
790 context->state[3] += d;
791 context->state[4] += e;
792 context->state[5] += f;
793 context->state[6] += g;
794 context->state[7] += h;
795
796 /* Clean up */
797 a = b = c = d = e = f = g = h = T1 = T2 = 0;
798}
#define Sigma0_512(x)
Definition: sha2.c:149
static const uint64 K512[80]
Definition: sha2.c:209
#define sigma0_512(x)
Definition: sha2.c:151
#define Sigma1_512(x)
Definition: sha2.c:150
#define sigma1_512(x)
Definition: sha2.c:152

References a, b, pg_sha512_ctx::buffer, Ch, data, j, K512, Maj, s1, Sigma0_512, Sigma1_512, and pg_sha512_ctx::state.

Referenced by pg_sha512_update(), and SHA512_Last().

Variable Documentation

◆ K256

const uint32 K256[64]
static
Initial value:
= {
0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL,
0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL,
0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL,
0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL,
0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL,
0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL,
0xc6e00bf3UL, 0xd5a79147UL, 0x06ca6351UL, 0x14292967UL,
0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL,
0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL,
0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL,
0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL,
0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL,
0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
}

Definition at line 165 of file sha2.c.

Referenced by SHA256_Transform().

◆ K512

const uint64 K512[80]
static

Definition at line 209 of file sha2.c.

Referenced by SHA512_Transform().

◆ sha224_initial_hash_value

const uint32 sha224_initial_hash_value[8]
static
Initial value:
= {
0xc1059ed8UL,
0x367cd507UL,
0x3070dd17UL,
0xf70e5939UL,
0xffc00b31UL,
0x68581511UL,
0x64f98fa7UL,
0xbefa4fa4UL
}

Definition at line 185 of file sha2.c.

Referenced by pg_sha224_init().

◆ sha256_initial_hash_value

const uint32 sha256_initial_hash_value[8]
static
Initial value:
= {
0x6a09e667UL,
0xbb67ae85UL,
0x3c6ef372UL,
0xa54ff53aUL,
0x510e527fUL,
0x9b05688cUL,
0x1f83d9abUL,
0x5be0cd19UL
}

Definition at line 197 of file sha2.c.

Referenced by pg_sha256_init().

◆ sha384_initial_hash_value

const uint64 sha384_initial_hash_value[8]
static
Initial value:
= {
0xcbbb9d5dc1059ed8ULL,
0x629a292a367cd507ULL,
0x9159015a3070dd17ULL,
0x152fecd8f70e5939ULL,
0x67332667ffc00b31ULL,
0x8eb44a8768581511ULL,
0xdb0c2e0d64f98fa7ULL,
0x47b5481dbefa4fa4ULL
}

Definition at line 253 of file sha2.c.

Referenced by pg_sha384_init().

◆ sha512_initial_hash_value

const uint64 sha512_initial_hash_value[8]
static
Initial value:
= {
0x6a09e667f3bcc908ULL,
0xbb67ae8584caa73bULL,
0x3c6ef372fe94f82bULL,
0xa54ff53a5f1d36f1ULL,
0x510e527fade682d1ULL,
0x9b05688c2b3e6c1fULL,
0x1f83d9abfb41bd6bULL,
0x5be0cd19137e2179ULL
}

Definition at line 265 of file sha2.c.

Referenced by pg_sha512_init().