PostgreSQL Source Code  git master
sha2.c File Reference
#include "postgres.h"
#include <sys/param.h>
#include "common/sha2.h"
Include dependency graph for sha2.c:

Go to the source code of this file.

Macros

#define PG_SHA256_SHORT_BLOCK_LENGTH   (PG_SHA256_BLOCK_LENGTH - 8)
 
#define PG_SHA384_SHORT_BLOCK_LENGTH   (PG_SHA384_BLOCK_LENGTH - 16)
 
#define PG_SHA512_SHORT_BLOCK_LENGTH   (PG_SHA512_BLOCK_LENGTH - 16)
 
#define REVERSE32(w, x)
 
#define REVERSE64(w, x)
 
#define ADDINC128(w, n)
 
#define R(b, x)   ((x) >> (b))
 
#define S32(b, x)   (((x) >> (b)) | ((x) << (32 - (b))))
 
#define S64(b, x)   (((x) >> (b)) | ((x) << (64 - (b))))
 
#define Ch(x, y, z)   (((x) & (y)) ^ ((~(x)) & (z)))
 
#define Maj(x, y, z)   (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
 
#define Sigma0_256(x)   (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x)))
 
#define Sigma1_256(x)   (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x)))
 
#define sigma0_256(x)   (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x)))
 
#define sigma1_256(x)   (S32(17, (x)) ^ S32(19, (x)) ^ R(10, (x)))
 
#define Sigma0_512(x)   (S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x)))
 
#define Sigma1_512(x)   (S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x)))
 
#define sigma0_512(x)   (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x)))
 
#define sigma1_512(x)   (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x)))
 

Functions

static void SHA512_Last (pg_sha512_ctx *context)
 
static void SHA256_Transform (pg_sha256_ctx *context, const uint8 *data)
 
static void SHA512_Transform (pg_sha512_ctx *context, const uint8 *data)
 
void pg_sha256_init (pg_sha256_ctx *context)
 
void pg_sha256_update (pg_sha256_ctx *context, const uint8 *data, size_t len)
 
static void SHA256_Last (pg_sha256_ctx *context)
 
void pg_sha256_final (pg_sha256_ctx *context, uint8 *digest)
 
void pg_sha512_init (pg_sha512_ctx *context)
 
void pg_sha512_update (pg_sha512_ctx *context, const uint8 *data, size_t len)
 
void pg_sha512_final (pg_sha512_ctx *context, uint8 *digest)
 
void pg_sha384_init (pg_sha384_ctx *context)
 
void pg_sha384_update (pg_sha384_ctx *context, const uint8 *data, size_t len)
 
void pg_sha384_final (pg_sha384_ctx *context, uint8 *digest)
 
void pg_sha224_init (pg_sha224_ctx *context)
 
void pg_sha224_update (pg_sha224_ctx *context, const uint8 *data, size_t len)
 
void pg_sha224_final (pg_sha224_ctx *context, uint8 *digest)
 

Variables

static const uint32 K256 [64]
 
static const uint32 sha224_initial_hash_value [8]
 
static const uint32 sha256_initial_hash_value [8]
 
static const uint64 K512 [80]
 
static const uint64 sha384_initial_hash_value [8]
 
static const uint64 sha512_initial_hash_value [8]
 

Macro Definition Documentation

◆ ADDINC128

#define ADDINC128 (   w,
 
)
Value:
{ \
(w)[0] += (uint64)(n); \
if ((w)[0] < (n)) { \
(w)[1]++; \
} \
}

Definition at line 104 of file sha2.c.

Referenced by pg_sha512_update().

◆ Ch

#define Ch (   x,
  y,
 
)    (((x) & (y)) ^ ((~(x)) & (z)))

Definition at line 128 of file sha2.c.

Referenced by SHA256_Transform(), and SHA512_Transform().

◆ Maj

#define Maj (   x,
  y,
 
)    (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))

Definition at line 129 of file sha2.c.

Referenced by SHA256_Transform(), and SHA512_Transform().

◆ PG_SHA256_SHORT_BLOCK_LENGTH

#define PG_SHA256_SHORT_BLOCK_LENGTH   (PG_SHA256_BLOCK_LENGTH - 8)

Definition at line 78 of file sha2.c.

Referenced by SHA256_Last().

◆ PG_SHA384_SHORT_BLOCK_LENGTH

#define PG_SHA384_SHORT_BLOCK_LENGTH   (PG_SHA384_BLOCK_LENGTH - 16)

Definition at line 79 of file sha2.c.

◆ PG_SHA512_SHORT_BLOCK_LENGTH

#define PG_SHA512_SHORT_BLOCK_LENGTH   (PG_SHA512_BLOCK_LENGTH - 16)

Definition at line 80 of file sha2.c.

Referenced by SHA512_Last().

◆ R

#define R (   b,
 
)    ((x) >> (b))

Definition at line 121 of file sha2.c.

Referenced by _crypt_blowfish_rn().

◆ REVERSE32

#define REVERSE32 (   w,
 
)
Value:
{ \
uint32 tmp = (w); \
tmp = (tmp >> 16) | (tmp << 16); \
(x) = ((tmp & 0xff00ff00UL) >> 8) | ((tmp & 0x00ff00ffUL) << 8); \
}

Definition at line 84 of file sha2.c.

Referenced by pg_sha224_final(), and pg_sha256_final().

◆ REVERSE64

#define REVERSE64 (   w,
 
)
Value:
{ \
uint64 tmp = (w); \
tmp = (tmp >> 32) | (tmp << 32); \
tmp = ((tmp & 0xff00ff00ff00ff00ULL) >> 8) | \
((tmp & 0x00ff00ff00ff00ffULL) << 8); \
(x) = ((tmp & 0xffff0000ffff0000ULL) >> 16) | \
((tmp & 0x0000ffff0000ffffULL) << 16); \
}

Definition at line 89 of file sha2.c.

Referenced by pg_sha384_final(), pg_sha512_final(), SHA256_Last(), and SHA512_Last().

◆ S32

#define S32 (   b,
 
)    (((x) >> (b)) | ((x) << (32 - (b))))

Definition at line 123 of file sha2.c.

◆ S64

#define S64 (   b,
 
)    (((x) >> (b)) | ((x) << (64 - (b))))

Definition at line 125 of file sha2.c.

◆ Sigma0_256

#define Sigma0_256 (   x)    (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x)))

Definition at line 132 of file sha2.c.

Referenced by SHA256_Transform().

◆ sigma0_256

#define sigma0_256 (   x)    (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x)))

Definition at line 134 of file sha2.c.

Referenced by SHA256_Transform().

◆ Sigma0_512

#define Sigma0_512 (   x)    (S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x)))

Definition at line 138 of file sha2.c.

Referenced by SHA512_Transform().

◆ sigma0_512

#define sigma0_512 (   x)    (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x)))

Definition at line 140 of file sha2.c.

Referenced by SHA512_Transform().

◆ Sigma1_256

#define Sigma1_256 (   x)    (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x)))

Definition at line 133 of file sha2.c.

Referenced by SHA256_Transform().

◆ sigma1_256

#define sigma1_256 (   x)    (S32(17, (x)) ^ S32(19, (x)) ^ R(10, (x)))

Definition at line 135 of file sha2.c.

Referenced by SHA256_Transform().

◆ Sigma1_512

#define Sigma1_512 (   x)    (S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x)))

Definition at line 139 of file sha2.c.

Referenced by SHA512_Transform().

◆ sigma1_512

#define sigma1_512 (   x)    (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x)))

Definition at line 141 of file sha2.c.

Referenced by SHA512_Transform().

Function Documentation

◆ pg_sha224_final()

void pg_sha224_final ( pg_sha224_ctx context,
uint8 digest 
)

Definition at line 983 of file sha2.c.

Referenced by int_sha224_finish(), and sha224_bytea().

984 {
985  /* If no digest buffer is passed, we don't bother doing this: */
986  if (digest != NULL)
987  {
988  SHA256_Last(context);
989 
990 #ifndef WORDS_BIGENDIAN
991  {
992  /* Convert TO host byte order */
993  int j;
994 
995  for (j = 0; j < 8; j++)
996  {
997  REVERSE32(context->state[j], context->state[j]);
998  }
999  }
1000 #endif
1001  memcpy(digest, context->state, PG_SHA224_DIGEST_LENGTH);
1002  }
1003 
1004  /* Clean up state data: */
1005  memset(context, 0, sizeof(pg_sha224_ctx));
1006 }
static void SHA256_Last(pg_sha256_ctx *context)
Definition: sha2.c:518
uint32 state[8]
Definition: sha2.h:80
#define PG_SHA224_DIGEST_LENGTH
Definition: sha2.h:59
#define REVERSE32(w, x)
Definition: sha2.c:84

◆ pg_sha224_init()

void pg_sha224_init ( pg_sha224_ctx context)

Definition at line 967 of file sha2.c.

Referenced by int_sha224_reset(), and sha224_bytea().

968 {
969  if (context == NULL)
970  return;
972  memset(context->buffer, 0, PG_SHA256_BLOCK_LENGTH);
973  context->bitcount = 0;
974 }
uint64 bitcount
Definition: sha2.h:81
uint8 buffer[PG_SHA256_BLOCK_LENGTH]
Definition: sha2.h:82
#define PG_SHA256_DIGEST_LENGTH
Definition: sha2.h:62
#define PG_SHA256_BLOCK_LENGTH
Definition: sha2.h:61
uint32 state[8]
Definition: sha2.h:80
static const uint32 sha224_initial_hash_value[8]
Definition: sha2.c:174

◆ pg_sha224_update()

void pg_sha224_update ( pg_sha224_ctx context,
const uint8 data,
size_t  len 
)

Definition at line 977 of file sha2.c.

Referenced by int_sha224_update(), and sha224_bytea().

978 {
979  pg_sha256_update((pg_sha256_ctx *) context, data, len);
980 }
void pg_sha256_update(pg_sha256_ctx *context, const uint8 *data, size_t len)
Definition: sha2.c:465

◆ pg_sha256_final()

void pg_sha256_final ( pg_sha256_ctx context,
uint8 digest 
)

Definition at line 566 of file sha2.c.

Referenced by int_sha256_finish(), scram_H(), scram_HMAC_final(), scram_HMAC_init(), scram_mock_salt(), and sha256_bytea().

567 {
568  /* If no digest buffer is passed, we don't bother doing this: */
569  if (digest != NULL)
570  {
571  SHA256_Last(context);
572 
573 #ifndef WORDS_BIGENDIAN
574  {
575  /* Convert TO host byte order */
576  int j;
577 
578  for (j = 0; j < 8; j++)
579  {
580  REVERSE32(context->state[j], context->state[j]);
581  }
582  }
583 #endif
584  memcpy(digest, context->state, PG_SHA256_DIGEST_LENGTH);
585  }
586 
587  /* Clean up state data: */
588  memset(context, 0, sizeof(pg_sha256_ctx));
589 }
#define PG_SHA256_DIGEST_LENGTH
Definition: sha2.h:62
static void SHA256_Last(pg_sha256_ctx *context)
Definition: sha2.c:518
uint32 state[8]
Definition: sha2.h:80
#define REVERSE32(w, x)
Definition: sha2.c:84

◆ pg_sha256_init()

void pg_sha256_init ( pg_sha256_ctx context)

Definition at line 268 of file sha2.c.

Referenced by int_sha256_reset(), scram_H(), scram_HMAC_final(), scram_HMAC_init(), scram_mock_salt(), and sha256_bytea().

269 {
270  if (context == NULL)
271  return;
273  memset(context->buffer, 0, PG_SHA256_BLOCK_LENGTH);
274  context->bitcount = 0;
275 }
uint64 bitcount
Definition: sha2.h:81
uint8 buffer[PG_SHA256_BLOCK_LENGTH]
Definition: sha2.h:82
#define PG_SHA256_DIGEST_LENGTH
Definition: sha2.h:62
static const uint32 sha256_initial_hash_value[8]
Definition: sha2.c:186
#define PG_SHA256_BLOCK_LENGTH
Definition: sha2.h:61
uint32 state[8]
Definition: sha2.h:80

◆ pg_sha256_update()

void pg_sha256_update ( pg_sha256_ctx context,
const uint8 data,
size_t  len 
)

Definition at line 465 of file sha2.c.

Referenced by int_sha256_update(), pg_sha224_update(), scram_H(), scram_HMAC_final(), scram_HMAC_init(), scram_HMAC_update(), scram_mock_salt(), and sha256_bytea().

466 {
467  size_t freespace,
468  usedspace;
469 
470  /* Calling with no data is valid (we do nothing) */
471  if (len == 0)
472  return;
473 
474  usedspace = (context->bitcount >> 3) % PG_SHA256_BLOCK_LENGTH;
475  if (usedspace > 0)
476  {
477  /* Calculate how much free space is available in the buffer */
478  freespace = PG_SHA256_BLOCK_LENGTH - usedspace;
479 
480  if (len >= freespace)
481  {
482  /* Fill the buffer completely and process it */
483  memcpy(&context->buffer[usedspace], data, freespace);
484  context->bitcount += freespace << 3;
485  len -= freespace;
486  data += freespace;
487  SHA256_Transform(context, context->buffer);
488  }
489  else
490  {
491  /* The buffer is not yet full */
492  memcpy(&context->buffer[usedspace], data, len);
493  context->bitcount += len << 3;
494  /* Clean up: */
495  usedspace = freespace = 0;
496  return;
497  }
498  }
499  while (len >= PG_SHA256_BLOCK_LENGTH)
500  {
501  /* Process as many complete blocks as we can */
502  SHA256_Transform(context, data);
503  context->bitcount += PG_SHA256_BLOCK_LENGTH << 3;
504  len -= PG_SHA256_BLOCK_LENGTH;
505  data += PG_SHA256_BLOCK_LENGTH;
506  }
507  if (len > 0)
508  {
509  /* There's left-overs, so save 'em */
510  memcpy(context->buffer, data, len);
511  context->bitcount += len << 3;
512  }
513  /* Clean up: */
514  usedspace = freespace = 0;
515 }
static void SHA256_Transform(pg_sha256_ctx *context, const uint8 *data)
Definition: sha2.c:375
uint64 bitcount
Definition: sha2.h:81
uint8 buffer[PG_SHA256_BLOCK_LENGTH]
Definition: sha2.h:82
#define PG_SHA256_BLOCK_LENGTH
Definition: sha2.h:61

◆ pg_sha384_final()

void pg_sha384_final ( pg_sha384_ctx context,
uint8 digest 
)

Definition at line 939 of file sha2.c.

Referenced by int_sha384_finish(), and sha384_bytea().

940 {
941  /* If no digest buffer is passed, we don't bother doing this: */
942  if (digest != NULL)
943  {
944  SHA512_Last((pg_sha512_ctx *) context);
945 
946  /* Save the hash data for output: */
947 #ifndef WORDS_BIGENDIAN
948  {
949  /* Convert TO host byte order */
950  int j;
951 
952  for (j = 0; j < 6; j++)
953  {
954  REVERSE64(context->state[j], context->state[j]);
955  }
956  }
957 #endif
958  memcpy(digest, context->state, PG_SHA384_DIGEST_LENGTH);
959  }
960 
961  /* Zero out state data */
962  memset(context, 0, sizeof(pg_sha384_ctx));
963 }
static void SHA512_Last(pg_sha512_ctx *context)
Definition: sha2.c:844
#define REVERSE64(w, x)
Definition: sha2.c:89
uint64 state[8]
Definition: sha2.h:86
#define PG_SHA384_DIGEST_LENGTH
Definition: sha2.h:65

◆ pg_sha384_init()

void pg_sha384_init ( pg_sha384_ctx context)

Definition at line 923 of file sha2.c.

Referenced by int_sha384_reset(), and sha384_bytea().

924 {
925  if (context == NULL)
926  return;
928  memset(context->buffer, 0, PG_SHA384_BLOCK_LENGTH);
929  context->bitcount[0] = context->bitcount[1] = 0;
930 }
uint8 buffer[PG_SHA512_BLOCK_LENGTH]
Definition: sha2.h:88
#define PG_SHA384_BLOCK_LENGTH
Definition: sha2.h:64
#define PG_SHA512_DIGEST_LENGTH
Definition: sha2.h:68
uint64 bitcount[2]
Definition: sha2.h:87
static const uint64 sha384_initial_hash_value[8]
Definition: sha2.c:242
uint64 state[8]
Definition: sha2.h:86

◆ pg_sha384_update()

void pg_sha384_update ( pg_sha384_ctx context,
const uint8 data,
size_t  len 
)

Definition at line 933 of file sha2.c.

Referenced by int_sha384_update(), and sha384_bytea().

934 {
935  pg_sha512_update((pg_sha512_ctx *) context, data, len);
936 }
void pg_sha512_update(pg_sha512_ctx *context, const uint8 *data, size_t len)
Definition: sha2.c:791

◆ pg_sha512_final()

void pg_sha512_final ( pg_sha512_ctx context,
uint8 digest 
)

Definition at line 894 of file sha2.c.

Referenced by int_sha512_finish(), and sha512_bytea().

895 {
896  /* If no digest buffer is passed, we don't bother doing this: */
897  if (digest != NULL)
898  {
899  SHA512_Last(context);
900 
901  /* Save the hash data for output: */
902 #ifndef WORDS_BIGENDIAN
903  {
904  /* Convert TO host byte order */
905  int j;
906 
907  for (j = 0; j < 8; j++)
908  {
909  REVERSE64(context->state[j], context->state[j]);
910  }
911  }
912 #endif
913  memcpy(digest, context->state, PG_SHA512_DIGEST_LENGTH);
914  }
915 
916  /* Zero out state data */
917  memset(context, 0, sizeof(pg_sha512_ctx));
918 }
static void SHA512_Last(pg_sha512_ctx *context)
Definition: sha2.c:844
#define PG_SHA512_DIGEST_LENGTH
Definition: sha2.h:68
#define REVERSE64(w, x)
Definition: sha2.c:89
uint64 state[8]
Definition: sha2.h:86

◆ pg_sha512_init()

void pg_sha512_init ( pg_sha512_ctx context)

Definition at line 594 of file sha2.c.

Referenced by int_sha512_reset(), and sha512_bytea().

595 {
596  if (context == NULL)
597  return;
599  memset(context->buffer, 0, PG_SHA512_BLOCK_LENGTH);
600  context->bitcount[0] = context->bitcount[1] = 0;
601 }
static const uint64 sha512_initial_hash_value[8]
Definition: sha2.c:254
uint8 buffer[PG_SHA512_BLOCK_LENGTH]
Definition: sha2.h:88
#define PG_SHA512_DIGEST_LENGTH
Definition: sha2.h:68
uint64 bitcount[2]
Definition: sha2.h:87
#define PG_SHA512_BLOCK_LENGTH
Definition: sha2.h:67
uint64 state[8]
Definition: sha2.h:86

◆ pg_sha512_update()

void pg_sha512_update ( pg_sha512_ctx context,
const uint8 data,
size_t  len 
)

Definition at line 791 of file sha2.c.

Referenced by int_sha512_update(), pg_sha384_update(), and sha512_bytea().

792 {
793  size_t freespace,
794  usedspace;
795 
796  /* Calling with no data is valid (we do nothing) */
797  if (len == 0)
798  return;
799 
800  usedspace = (context->bitcount[0] >> 3) % PG_SHA512_BLOCK_LENGTH;
801  if (usedspace > 0)
802  {
803  /* Calculate how much free space is available in the buffer */
804  freespace = PG_SHA512_BLOCK_LENGTH - usedspace;
805 
806  if (len >= freespace)
807  {
808  /* Fill the buffer completely and process it */
809  memcpy(&context->buffer[usedspace], data, freespace);
810  ADDINC128(context->bitcount, freespace << 3);
811  len -= freespace;
812  data += freespace;
813  SHA512_Transform(context, context->buffer);
814  }
815  else
816  {
817  /* The buffer is not yet full */
818  memcpy(&context->buffer[usedspace], data, len);
819  ADDINC128(context->bitcount, len << 3);
820  /* Clean up: */
821  usedspace = freespace = 0;
822  return;
823  }
824  }
825  while (len >= PG_SHA512_BLOCK_LENGTH)
826  {
827  /* Process as many complete blocks as we can */
828  SHA512_Transform(context, data);
829  ADDINC128(context->bitcount, PG_SHA512_BLOCK_LENGTH << 3);
830  len -= PG_SHA512_BLOCK_LENGTH;
831  data += PG_SHA512_BLOCK_LENGTH;
832  }
833  if (len > 0)
834  {
835  /* There's left-overs, so save 'em */
836  memcpy(context->buffer, data, len);
837  ADDINC128(context->bitcount, len << 3);
838  }
839  /* Clean up: */
840  usedspace = freespace = 0;
841 }
uint8 buffer[PG_SHA512_BLOCK_LENGTH]
Definition: sha2.h:88
uint64 bitcount[2]
Definition: sha2.h:87
#define PG_SHA512_BLOCK_LENGTH
Definition: sha2.h:67
#define ADDINC128(w, n)
Definition: sha2.c:104
static void SHA512_Transform(pg_sha512_ctx *context, const uint8 *data)
Definition: sha2.c:701

◆ SHA256_Last()

static void SHA256_Last ( pg_sha256_ctx context)
static

Definition at line 518 of file sha2.c.

References pg_sha256_ctx::bitcount, pg_sha256_ctx::buffer, PG_SHA256_BLOCK_LENGTH, PG_SHA256_SHORT_BLOCK_LENGTH, REVERSE64, and SHA256_Transform().

Referenced by pg_sha224_final(), and pg_sha256_final().

519 {
520  unsigned int usedspace;
521 
522  usedspace = (context->bitcount >> 3) % PG_SHA256_BLOCK_LENGTH;
523 #ifndef WORDS_BIGENDIAN
524  /* Convert FROM host byte order */
525  REVERSE64(context->bitcount, context->bitcount);
526 #endif
527  if (usedspace > 0)
528  {
529  /* Begin padding with a 1 bit: */
530  context->buffer[usedspace++] = 0x80;
531 
532  if (usedspace <= PG_SHA256_SHORT_BLOCK_LENGTH)
533  {
534  /* Set-up for the last transform: */
535  memset(&context->buffer[usedspace], 0, PG_SHA256_SHORT_BLOCK_LENGTH - usedspace);
536  }
537  else
538  {
539  if (usedspace < PG_SHA256_BLOCK_LENGTH)
540  {
541  memset(&context->buffer[usedspace], 0, PG_SHA256_BLOCK_LENGTH - usedspace);
542  }
543  /* Do second-to-last transform: */
544  SHA256_Transform(context, context->buffer);
545 
546  /* And set-up for the last transform: */
547  memset(context->buffer, 0, PG_SHA256_SHORT_BLOCK_LENGTH);
548  }
549  }
550  else
551  {
552  /* Set-up for the last transform: */
553  memset(context->buffer, 0, PG_SHA256_SHORT_BLOCK_LENGTH);
554 
555  /* Begin padding with a 1 bit: */
556  *context->buffer = 0x80;
557  }
558  /* Set the bit count: */
559  *(uint64 *) &context->buffer[PG_SHA256_SHORT_BLOCK_LENGTH] = context->bitcount;
560 
561  /* Final transform: */
562  SHA256_Transform(context, context->buffer);
563 }
static void SHA256_Transform(pg_sha256_ctx *context, const uint8 *data)
Definition: sha2.c:375
uint64 bitcount
Definition: sha2.h:81
uint8 buffer[PG_SHA256_BLOCK_LENGTH]
Definition: sha2.h:82
#define PG_SHA256_BLOCK_LENGTH
Definition: sha2.h:61
#define PG_SHA256_SHORT_BLOCK_LENGTH
Definition: sha2.c:78
#define REVERSE64(w, x)
Definition: sha2.c:89

◆ SHA256_Transform()

static void SHA256_Transform ( pg_sha256_ctx context,
const uint8 data 
)
static

Definition at line 375 of file sha2.c.

References pg_sha256_ctx::buffer, Ch, K256, Maj, s1, Sigma0_256, sigma0_256, Sigma1_256, sigma1_256, and pg_sha256_ctx::state.

Referenced by pg_sha256_init(), pg_sha256_update(), and SHA256_Last().

376 {
377  uint32 a,
378  b,
379  c,
380  d,
381  e,
382  f,
383  g,
384  h,
385  s0,
386  s1;
387  uint32 T1,
388  T2,
389  *W256;
390  int j;
391 
392  W256 = (uint32 *) context->buffer;
393 
394  /* Initialize registers with the prev. intermediate value */
395  a = context->state[0];
396  b = context->state[1];
397  c = context->state[2];
398  d = context->state[3];
399  e = context->state[4];
400  f = context->state[5];
401  g = context->state[6];
402  h = context->state[7];
403 
404  j = 0;
405  do
406  {
407  W256[j] = (uint32) data[3] | ((uint32) data[2] << 8) |
408  ((uint32) data[1] << 16) | ((uint32) data[0] << 24);
409  data += 4;
410  /* Apply the SHA-256 compression function to update a..h */
411  T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + W256[j];
412  T2 = Sigma0_256(a) + Maj(a, b, c);
413  h = g;
414  g = f;
415  f = e;
416  e = d + T1;
417  d = c;
418  c = b;
419  b = a;
420  a = T1 + T2;
421 
422  j++;
423  } while (j < 16);
424 
425  do
426  {
427  /* Part of the message block expansion: */
428  s0 = W256[(j + 1) & 0x0f];
429  s0 = sigma0_256(s0);
430  s1 = W256[(j + 14) & 0x0f];
431  s1 = sigma1_256(s1);
432 
433  /* Apply the SHA-256 compression function to update a..h */
434  T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] +
435  (W256[j & 0x0f] += s1 + W256[(j + 9) & 0x0f] + s0);
436  T2 = Sigma0_256(a) + Maj(a, b, c);
437  h = g;
438  g = f;
439  f = e;
440  e = d + T1;
441  d = c;
442  c = b;
443  b = a;
444  a = T1 + T2;
445 
446  j++;
447  } while (j < 64);
448 
449  /* Compute the current intermediate hash value */
450  context->state[0] += a;
451  context->state[1] += b;
452  context->state[2] += c;
453  context->state[3] += d;
454  context->state[4] += e;
455  context->state[5] += f;
456  context->state[6] += g;
457  context->state[7] += h;
458 
459  /* Clean up */
460  a = b = c = d = e = f = g = h = T1 = T2 = 0;
461 }
static const uint32 K256[64]
Definition: sha2.c:154
uint8 buffer[PG_SHA256_BLOCK_LENGTH]
Definition: sha2.h:82
#define Ch(x, y, z)
Definition: sha2.c:128
#define Sigma1_256(x)
Definition: sha2.c:133
#define sigma1_256(x)
Definition: sha2.c:135
char * s1
char * c
unsigned int uint32
Definition: c.h:359
#define sigma0_256(x)
Definition: sha2.c:134
uint32 state[8]
Definition: sha2.h:80
#define Sigma0_256(x)
Definition: sha2.c:132
#define Maj(x, y, z)
Definition: sha2.c:129
e
Definition: preproc-init.c:82

◆ SHA512_Last()

static void SHA512_Last ( pg_sha512_ctx context)
static

Definition at line 844 of file sha2.c.

References pg_sha512_ctx::bitcount, pg_sha512_ctx::buffer, PG_SHA512_BLOCK_LENGTH, PG_SHA512_SHORT_BLOCK_LENGTH, REVERSE64, and SHA512_Transform().

Referenced by pg_sha384_final(), and pg_sha512_final().

845 {
846  unsigned int usedspace;
847 
848  usedspace = (context->bitcount[0] >> 3) % PG_SHA512_BLOCK_LENGTH;
849 #ifndef WORDS_BIGENDIAN
850  /* Convert FROM host byte order */
851  REVERSE64(context->bitcount[0], context->bitcount[0]);
852  REVERSE64(context->bitcount[1], context->bitcount[1]);
853 #endif
854  if (usedspace > 0)
855  {
856  /* Begin padding with a 1 bit: */
857  context->buffer[usedspace++] = 0x80;
858 
859  if (usedspace <= PG_SHA512_SHORT_BLOCK_LENGTH)
860  {
861  /* Set-up for the last transform: */
862  memset(&context->buffer[usedspace], 0, PG_SHA512_SHORT_BLOCK_LENGTH - usedspace);
863  }
864  else
865  {
866  if (usedspace < PG_SHA512_BLOCK_LENGTH)
867  {
868  memset(&context->buffer[usedspace], 0, PG_SHA512_BLOCK_LENGTH - usedspace);
869  }
870  /* Do second-to-last transform: */
871  SHA512_Transform(context, context->buffer);
872 
873  /* And set-up for the last transform: */
874  memset(context->buffer, 0, PG_SHA512_BLOCK_LENGTH - 2);
875  }
876  }
877  else
878  {
879  /* Prepare for final transform: */
880  memset(context->buffer, 0, PG_SHA512_SHORT_BLOCK_LENGTH);
881 
882  /* Begin padding with a 1 bit: */
883  *context->buffer = 0x80;
884  }
885  /* Store the length of input data (in bits): */
886  *(uint64 *) &context->buffer[PG_SHA512_SHORT_BLOCK_LENGTH] = context->bitcount[1];
887  *(uint64 *) &context->buffer[PG_SHA512_SHORT_BLOCK_LENGTH + 8] = context->bitcount[0];
888 
889  /* Final transform: */
890  SHA512_Transform(context, context->buffer);
891 }
uint8 buffer[PG_SHA512_BLOCK_LENGTH]
Definition: sha2.h:88
uint64 bitcount[2]
Definition: sha2.h:87
#define PG_SHA512_BLOCK_LENGTH
Definition: sha2.h:67
#define REVERSE64(w, x)
Definition: sha2.c:89
static void SHA512_Transform(pg_sha512_ctx *context, const uint8 *data)
Definition: sha2.c:701
#define PG_SHA512_SHORT_BLOCK_LENGTH
Definition: sha2.c:80

◆ SHA512_Transform()

static void SHA512_Transform ( pg_sha512_ctx context,
const uint8 data 
)
static

Definition at line 701 of file sha2.c.

References pg_sha512_ctx::buffer, Ch, K512, Maj, s1, Sigma0_512, sigma0_512, Sigma1_512, sigma1_512, and pg_sha512_ctx::state.

Referenced by pg_sha512_init(), pg_sha512_update(), and SHA512_Last().

702 {
703  uint64 a,
704  b,
705  c,
706  d,
707  e,
708  f,
709  g,
710  h,
711  s0,
712  s1;
713  uint64 T1,
714  T2,
715  *W512 = (uint64 *) context->buffer;
716  int j;
717 
718  /* Initialize registers with the prev. intermediate value */
719  a = context->state[0];
720  b = context->state[1];
721  c = context->state[2];
722  d = context->state[3];
723  e = context->state[4];
724  f = context->state[5];
725  g = context->state[6];
726  h = context->state[7];
727 
728  j = 0;
729  do
730  {
731  W512[j] = (uint64) data[7] | ((uint64) data[6] << 8) |
732  ((uint64) data[5] << 16) | ((uint64) data[4] << 24) |
733  ((uint64) data[3] << 32) | ((uint64) data[2] << 40) |
734  ((uint64) data[1] << 48) | ((uint64) data[0] << 56);
735  data += 8;
736  /* Apply the SHA-512 compression function to update a..h */
737  T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j];
738  T2 = Sigma0_512(a) + Maj(a, b, c);
739  h = g;
740  g = f;
741  f = e;
742  e = d + T1;
743  d = c;
744  c = b;
745  b = a;
746  a = T1 + T2;
747 
748  j++;
749  } while (j < 16);
750 
751  do
752  {
753  /* Part of the message block expansion: */
754  s0 = W512[(j + 1) & 0x0f];
755  s0 = sigma0_512(s0);
756  s1 = W512[(j + 14) & 0x0f];
757  s1 = sigma1_512(s1);
758 
759  /* Apply the SHA-512 compression function to update a..h */
760  T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] +
761  (W512[j & 0x0f] += s1 + W512[(j + 9) & 0x0f] + s0);
762  T2 = Sigma0_512(a) + Maj(a, b, c);
763  h = g;
764  g = f;
765  f = e;
766  e = d + T1;
767  d = c;
768  c = b;
769  b = a;
770  a = T1 + T2;
771 
772  j++;
773  } while (j < 80);
774 
775  /* Compute the current intermediate hash value */
776  context->state[0] += a;
777  context->state[1] += b;
778  context->state[2] += c;
779  context->state[3] += d;
780  context->state[4] += e;
781  context->state[5] += f;
782  context->state[6] += g;
783  context->state[7] += h;
784 
785  /* Clean up */
786  a = b = c = d = e = f = g = h = T1 = T2 = 0;
787 }
#define Sigma0_512(x)
Definition: sha2.c:138
uint8 buffer[PG_SHA512_BLOCK_LENGTH]
Definition: sha2.h:88
#define Ch(x, y, z)
Definition: sha2.c:128
#define sigma1_512(x)
Definition: sha2.c:141
char * s1
char * c
static const uint64 K512[80]
Definition: sha2.c:198
#define sigma0_512(x)
Definition: sha2.c:140
uint64 state[8]
Definition: sha2.h:86
#define Maj(x, y, z)
Definition: sha2.c:129
e
Definition: preproc-init.c:82
#define Sigma1_512(x)
Definition: sha2.c:139

Variable Documentation

◆ K256

const uint32 K256[64]
static
Initial value:
= {
0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL,
0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL,
0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL,
0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL,
0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL,
0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL,
0xc6e00bf3UL, 0xd5a79147UL, 0x06ca6351UL, 0x14292967UL,
0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL,
0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL,
0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL,
0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL,
0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL,
0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
}

Definition at line 154 of file sha2.c.

Referenced by SHA256_Transform().

◆ K512

const uint64 K512[80]
static

Definition at line 198 of file sha2.c.

Referenced by SHA512_Transform().

◆ sha224_initial_hash_value

const uint32 sha224_initial_hash_value[8]
static
Initial value:
= {
0xc1059ed8UL,
0x367cd507UL,
0x3070dd17UL,
0xf70e5939UL,
0xffc00b31UL,
0x68581511UL,
0x64f98fa7UL,
0xbefa4fa4UL
}

Definition at line 174 of file sha2.c.

Referenced by pg_sha224_init().

◆ sha256_initial_hash_value

const uint32 sha256_initial_hash_value[8]
static
Initial value:
= {
0x6a09e667UL,
0xbb67ae85UL,
0x3c6ef372UL,
0xa54ff53aUL,
0x510e527fUL,
0x9b05688cUL,
0x1f83d9abUL,
0x5be0cd19UL
}

Definition at line 186 of file sha2.c.

Referenced by pg_sha256_init().

◆ sha384_initial_hash_value

const uint64 sha384_initial_hash_value[8]
static
Initial value:
= {
0xcbbb9d5dc1059ed8ULL,
0x629a292a367cd507ULL,
0x9159015a3070dd17ULL,
0x152fecd8f70e5939ULL,
0x67332667ffc00b31ULL,
0x8eb44a8768581511ULL,
0xdb0c2e0d64f98fa7ULL,
0x47b5481dbefa4fa4ULL
}

Definition at line 242 of file sha2.c.

Referenced by pg_sha384_init().

◆ sha512_initial_hash_value

const uint64 sha512_initial_hash_value[8]
static
Initial value:
= {
0x6a09e667f3bcc908ULL,
0xbb67ae8584caa73bULL,
0x3c6ef372fe94f82bULL,
0xa54ff53a5f1d36f1ULL,
0x510e527fade682d1ULL,
0x9b05688c2b3e6c1fULL,
0x1f83d9abfb41bd6bULL,
0x5be0cd19137e2179ULL
}

Definition at line 254 of file sha2.c.

Referenced by pg_sha512_init().