PostgreSQL Source Code  git master
sha2.c File Reference
#include "postgres.h"
#include "sha2_int.h"
Include dependency graph for sha2.c:

Go to the source code of this file.

Macros

#define ALLOC(size)   palloc(size)
 
#define FREE(ptr)   pfree(ptr)
 
#define PG_SHA256_SHORT_BLOCK_LENGTH   (PG_SHA256_BLOCK_LENGTH - 8)
 
#define PG_SHA384_SHORT_BLOCK_LENGTH   (PG_SHA384_BLOCK_LENGTH - 16)
 
#define PG_SHA512_SHORT_BLOCK_LENGTH   (PG_SHA512_BLOCK_LENGTH - 16)
 
#define REVERSE32(w, x)
 
#define REVERSE64(w, x)
 
#define ADDINC128(w, n)
 
#define R(b, x)   ((x) >> (b))
 
#define S32(b, x)   (((x) >> (b)) | ((x) << (32 - (b))))
 
#define S64(b, x)   (((x) >> (b)) | ((x) << (64 - (b))))
 
#define Ch(x, y, z)   (((x) & (y)) ^ ((~(x)) & (z)))
 
#define Maj(x, y, z)   (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
 
#define Sigma0_256(x)   (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x)))
 
#define Sigma1_256(x)   (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x)))
 
#define sigma0_256(x)   (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x)))
 
#define sigma1_256(x)   (S32(17, (x)) ^ S32(19, (x)) ^ R(10, (x)))
 
#define Sigma0_512(x)   (S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x)))
 
#define Sigma1_512(x)   (S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x)))
 
#define sigma0_512(x)   (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x)))
 
#define sigma1_512(x)   (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x)))
 

Functions

static void SHA512_Last (pg_sha512_ctx *context)
 
static void SHA256_Transform (pg_sha256_ctx *context, const uint8 *data)
 
static void SHA512_Transform (pg_sha512_ctx *context, const uint8 *data)
 
void pg_sha256_init (pg_sha256_ctx *context)
 
void pg_sha256_update (pg_sha256_ctx *context, const uint8 *data, size_t len)
 
static void SHA256_Last (pg_sha256_ctx *context)
 
void pg_sha256_final (pg_sha256_ctx *context, uint8 *digest)
 
void pg_sha512_init (pg_sha512_ctx *context)
 
void pg_sha512_update (pg_sha512_ctx *context, const uint8 *data, size_t len)
 
void pg_sha512_final (pg_sha512_ctx *context, uint8 *digest)
 
void pg_sha384_init (pg_sha384_ctx *context)
 
void pg_sha384_update (pg_sha384_ctx *context, const uint8 *data, size_t len)
 
void pg_sha384_final (pg_sha384_ctx *context, uint8 *digest)
 
void pg_sha224_init (pg_sha224_ctx *context)
 
void pg_sha224_update (pg_sha224_ctx *context, const uint8 *data, size_t len)
 
void pg_sha224_final (pg_sha224_ctx *context, uint8 *digest)
 

Variables

static const uint32 K256 [64]
 
static const uint32 sha224_initial_hash_value [8]
 
static const uint32 sha256_initial_hash_value [8]
 
static const uint64 K512 [80]
 
static const uint64 sha384_initial_hash_value [8]
 
static const uint64 sha512_initial_hash_value [8]
 

Macro Definition Documentation

◆ ADDINC128

#define ADDINC128 (   w,
 
)
Value:
{ \
(w)[0] += (uint64)(n); \
if ((w)[0] < (n)) { \
(w)[1]++; \
} \
}

Definition at line 115 of file sha2.c.

◆ ALLOC

#define ALLOC (   size)    palloc(size)

Definition at line 67 of file sha2.c.

◆ Ch

#define Ch (   x,
  y,
 
)    (((x) & (y)) ^ ((~(x)) & (z)))

Definition at line 139 of file sha2.c.

◆ FREE

#define FREE (   ptr)    pfree(ptr)

Definition at line 68 of file sha2.c.

◆ Maj

#define Maj (   x,
  y,
 
)    (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))

Definition at line 140 of file sha2.c.

◆ PG_SHA256_SHORT_BLOCK_LENGTH

#define PG_SHA256_SHORT_BLOCK_LENGTH   (PG_SHA256_BLOCK_LENGTH - 8)

Definition at line 89 of file sha2.c.

◆ PG_SHA384_SHORT_BLOCK_LENGTH

#define PG_SHA384_SHORT_BLOCK_LENGTH   (PG_SHA384_BLOCK_LENGTH - 16)

Definition at line 90 of file sha2.c.

◆ PG_SHA512_SHORT_BLOCK_LENGTH

#define PG_SHA512_SHORT_BLOCK_LENGTH   (PG_SHA512_BLOCK_LENGTH - 16)

Definition at line 91 of file sha2.c.

◆ R

#define R (   b,
  x 
)    ((x) >> (b))

Definition at line 132 of file sha2.c.

◆ REVERSE32

#define REVERSE32 (   w,
  x 
)
Value:
{ \
uint32 tmp = (w); \
tmp = (tmp >> 16) | (tmp << 16); \
(x) = ((tmp & 0xff00ff00UL) >> 8) | ((tmp & 0x00ff00ffUL) << 8); \
}
int x
Definition: isn.c:71

Definition at line 95 of file sha2.c.

◆ REVERSE64

#define REVERSE64 (   w,
  x 
)
Value:
{ \
uint64 tmp = (w); \
tmp = (tmp >> 32) | (tmp << 32); \
tmp = ((tmp & 0xff00ff00ff00ff00ULL) >> 8) | \
((tmp & 0x00ff00ff00ff00ffULL) << 8); \
(x) = ((tmp & 0xffff0000ffff0000ULL) >> 16) | \
((tmp & 0x0000ffff0000ffffULL) << 16); \
}

Definition at line 100 of file sha2.c.

◆ S32

#define S32 (   b,
  x 
)    (((x) >> (b)) | ((x) << (32 - (b))))

Definition at line 134 of file sha2.c.

◆ S64

#define S64 (   b,
  x 
)    (((x) >> (b)) | ((x) << (64 - (b))))

Definition at line 136 of file sha2.c.

◆ Sigma0_256

#define Sigma0_256 (   x)    (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x)))

Definition at line 143 of file sha2.c.

◆ sigma0_256

#define sigma0_256 (   x)    (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x)))

Definition at line 145 of file sha2.c.

◆ Sigma0_512

#define Sigma0_512 (   x)    (S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x)))

Definition at line 149 of file sha2.c.

◆ sigma0_512

#define sigma0_512 (   x)    (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x)))

Definition at line 151 of file sha2.c.

◆ Sigma1_256

#define Sigma1_256 (   x)    (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x)))

Definition at line 144 of file sha2.c.

◆ sigma1_256

#define sigma1_256 (   x)    (S32(17, (x)) ^ S32(19, (x)) ^ R(10, (x)))

Definition at line 146 of file sha2.c.

◆ Sigma1_512

#define Sigma1_512 (   x)    (S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x)))

Definition at line 150 of file sha2.c.

◆ sigma1_512

#define sigma1_512 (   x)    (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x)))

Definition at line 152 of file sha2.c.

Function Documentation

◆ pg_sha224_final()

void pg_sha224_final ( pg_sha224_ctx context,
uint8 digest 
)

Definition at line 994 of file sha2.c.

995 {
996  /* If no digest buffer is passed, we don't bother doing this: */
997  if (digest != NULL)
998  {
999  SHA256_Last(context);
1000 
1001 #ifndef WORDS_BIGENDIAN
1002  {
1003  /* Convert TO host byte order */
1004  int j;
1005 
1006  for (j = 0; j < 8; j++)
1007  {
1008  REVERSE32(context->state[j], context->state[j]);
1009  }
1010  }
1011 #endif
1012  memcpy(digest, context->state, PG_SHA224_DIGEST_LENGTH);
1013  }
1014 
1015  /* Clean up state data: */
1016  memset(context, 0, sizeof(pg_sha224_ctx));
1017 }
int j
Definition: isn.c:74
#define REVERSE32(w, x)
Definition: sha2.c:95
static void SHA256_Last(pg_sha256_ctx *context)
Definition: sha2.c:529
#define PG_SHA224_DIGEST_LENGTH
Definition: sha2.h:20
uint32 state[8]
Definition: sha2_int.h:57

References j, PG_SHA224_DIGEST_LENGTH, REVERSE32, SHA256_Last(), and pg_sha256_ctx::state.

Referenced by pg_cryptohash_final().

◆ pg_sha224_init()

void pg_sha224_init ( pg_sha224_ctx context)

Definition at line 978 of file sha2.c.

979 {
980  if (context == NULL)
981  return;
983  memset(context->buffer, 0, PG_SHA256_BLOCK_LENGTH);
984  context->bitcount = 0;
985 }
static const uint32 sha224_initial_hash_value[8]
Definition: sha2.c:185
#define PG_SHA256_DIGEST_LENGTH
Definition: sha2.h:23
#define PG_SHA256_BLOCK_LENGTH
Definition: sha2.h:22
uint8 buffer[PG_SHA256_BLOCK_LENGTH]
Definition: sha2_int.h:59
uint64 bitcount
Definition: sha2_int.h:58

References pg_sha256_ctx::bitcount, pg_sha256_ctx::buffer, PG_SHA256_BLOCK_LENGTH, PG_SHA256_DIGEST_LENGTH, sha224_initial_hash_value, and pg_sha256_ctx::state.

Referenced by pg_cryptohash_init().

◆ pg_sha224_update()

void pg_sha224_update ( pg_sha224_ctx context,
const uint8 data,
size_t  len 
)

Definition at line 988 of file sha2.c.

989 {
990  pg_sha256_update((pg_sha256_ctx *) context, data, len);
991 }
const void size_t len
const void * data
void pg_sha256_update(pg_sha256_ctx *context, const uint8 *data, size_t len)
Definition: sha2.c:476

References data, len, and pg_sha256_update().

Referenced by pg_cryptohash_update().

◆ pg_sha256_final()

void pg_sha256_final ( pg_sha256_ctx context,
uint8 digest 
)

Definition at line 577 of file sha2.c.

578 {
579  /* If no digest buffer is passed, we don't bother doing this: */
580  if (digest != NULL)
581  {
582  SHA256_Last(context);
583 
584 #ifndef WORDS_BIGENDIAN
585  {
586  /* Convert TO host byte order */
587  int j;
588 
589  for (j = 0; j < 8; j++)
590  {
591  REVERSE32(context->state[j], context->state[j]);
592  }
593  }
594 #endif
595  memcpy(digest, context->state, PG_SHA256_DIGEST_LENGTH);
596  }
597 
598  /* Clean up state data: */
599  memset(context, 0, sizeof(pg_sha256_ctx));
600 }

References j, PG_SHA256_DIGEST_LENGTH, REVERSE32, SHA256_Last(), and pg_sha256_ctx::state.

Referenced by pg_cryptohash_final().

◆ pg_sha256_init()

void pg_sha256_init ( pg_sha256_ctx context)

Definition at line 279 of file sha2.c.

280 {
281  if (context == NULL)
282  return;
284  memset(context->buffer, 0, PG_SHA256_BLOCK_LENGTH);
285  context->bitcount = 0;
286 }
static const uint32 sha256_initial_hash_value[8]
Definition: sha2.c:197

References pg_sha256_ctx::bitcount, pg_sha256_ctx::buffer, PG_SHA256_BLOCK_LENGTH, PG_SHA256_DIGEST_LENGTH, sha256_initial_hash_value, and pg_sha256_ctx::state.

Referenced by pg_cryptohash_init().

◆ pg_sha256_update()

void pg_sha256_update ( pg_sha256_ctx context,
const uint8 data,
size_t  len 
)

Definition at line 476 of file sha2.c.

477 {
478  size_t freespace,
479  usedspace;
480 
481  /* Calling with no data is valid (we do nothing) */
482  if (len == 0)
483  return;
484 
485  usedspace = (context->bitcount >> 3) % PG_SHA256_BLOCK_LENGTH;
486  if (usedspace > 0)
487  {
488  /* Calculate how much free space is available in the buffer */
489  freespace = PG_SHA256_BLOCK_LENGTH - usedspace;
490 
491  if (len >= freespace)
492  {
493  /* Fill the buffer completely and process it */
494  memcpy(&context->buffer[usedspace], data, freespace);
495  context->bitcount += freespace << 3;
496  len -= freespace;
497  data += freespace;
498  SHA256_Transform(context, context->buffer);
499  }
500  else
501  {
502  /* The buffer is not yet full */
503  memcpy(&context->buffer[usedspace], data, len);
504  context->bitcount += len << 3;
505  /* Clean up: */
506  usedspace = freespace = 0;
507  return;
508  }
509  }
510  while (len >= PG_SHA256_BLOCK_LENGTH)
511  {
512  /* Process as many complete blocks as we can */
513  SHA256_Transform(context, data);
514  context->bitcount += PG_SHA256_BLOCK_LENGTH << 3;
517  }
518  if (len > 0)
519  {
520  /* There's left-overs, so save 'em */
521  memcpy(context->buffer, data, len);
522  context->bitcount += len << 3;
523  }
524  /* Clean up: */
525  usedspace = freespace = 0;
526 }
static void SHA256_Transform(pg_sha256_ctx *context, const uint8 *data)
Definition: sha2.c:386

References pg_sha256_ctx::bitcount, pg_sha256_ctx::buffer, data, len, PG_SHA256_BLOCK_LENGTH, and SHA256_Transform().

Referenced by pg_cryptohash_update(), and pg_sha224_update().

◆ pg_sha384_final()

void pg_sha384_final ( pg_sha384_ctx context,
uint8 digest 
)

Definition at line 950 of file sha2.c.

951 {
952  /* If no digest buffer is passed, we don't bother doing this: */
953  if (digest != NULL)
954  {
955  SHA512_Last((pg_sha512_ctx *) context);
956 
957  /* Save the hash data for output: */
958 #ifndef WORDS_BIGENDIAN
959  {
960  /* Convert TO host byte order */
961  int j;
962 
963  for (j = 0; j < 6; j++)
964  {
965  REVERSE64(context->state[j], context->state[j]);
966  }
967  }
968 #endif
969  memcpy(digest, context->state, PG_SHA384_DIGEST_LENGTH);
970  }
971 
972  /* Zero out state data */
973  memset(context, 0, sizeof(pg_sha384_ctx));
974 }
#define REVERSE64(w, x)
Definition: sha2.c:100
static void SHA512_Last(pg_sha512_ctx *context)
Definition: sha2.c:855
#define PG_SHA384_DIGEST_LENGTH
Definition: sha2.h:26
uint64 state[8]
Definition: sha2_int.h:63

References j, PG_SHA384_DIGEST_LENGTH, REVERSE64, SHA512_Last(), and pg_sha512_ctx::state.

Referenced by pg_cryptohash_final().

◆ pg_sha384_init()

void pg_sha384_init ( pg_sha384_ctx context)

Definition at line 934 of file sha2.c.

935 {
936  if (context == NULL)
937  return;
939  memset(context->buffer, 0, PG_SHA384_BLOCK_LENGTH);
940  context->bitcount[0] = context->bitcount[1] = 0;
941 }
static const uint64 sha384_initial_hash_value[8]
Definition: sha2.c:253
#define PG_SHA384_BLOCK_LENGTH
Definition: sha2.h:25
#define PG_SHA512_DIGEST_LENGTH
Definition: sha2.h:29
uint8 buffer[PG_SHA512_BLOCK_LENGTH]
Definition: sha2_int.h:65
uint64 bitcount[2]
Definition: sha2_int.h:64

References pg_sha512_ctx::bitcount, pg_sha512_ctx::buffer, PG_SHA384_BLOCK_LENGTH, PG_SHA512_DIGEST_LENGTH, sha384_initial_hash_value, and pg_sha512_ctx::state.

Referenced by pg_cryptohash_init().

◆ pg_sha384_update()

void pg_sha384_update ( pg_sha384_ctx context,
const uint8 data,
size_t  len 
)

Definition at line 944 of file sha2.c.

945 {
946  pg_sha512_update((pg_sha512_ctx *) context, data, len);
947 }
void pg_sha512_update(pg_sha512_ctx *context, const uint8 *data, size_t len)
Definition: sha2.c:802

References data, len, and pg_sha512_update().

Referenced by pg_cryptohash_update().

◆ pg_sha512_final()

void pg_sha512_final ( pg_sha512_ctx context,
uint8 digest 
)

Definition at line 905 of file sha2.c.

906 {
907  /* If no digest buffer is passed, we don't bother doing this: */
908  if (digest != NULL)
909  {
910  SHA512_Last(context);
911 
912  /* Save the hash data for output: */
913 #ifndef WORDS_BIGENDIAN
914  {
915  /* Convert TO host byte order */
916  int j;
917 
918  for (j = 0; j < 8; j++)
919  {
920  REVERSE64(context->state[j], context->state[j]);
921  }
922  }
923 #endif
924  memcpy(digest, context->state, PG_SHA512_DIGEST_LENGTH);
925  }
926 
927  /* Zero out state data */
928  memset(context, 0, sizeof(pg_sha512_ctx));
929 }

References j, PG_SHA512_DIGEST_LENGTH, REVERSE64, SHA512_Last(), and pg_sha512_ctx::state.

Referenced by pg_cryptohash_final().

◆ pg_sha512_init()

void pg_sha512_init ( pg_sha512_ctx context)

Definition at line 605 of file sha2.c.

606 {
607  if (context == NULL)
608  return;
610  memset(context->buffer, 0, PG_SHA512_BLOCK_LENGTH);
611  context->bitcount[0] = context->bitcount[1] = 0;
612 }
static const uint64 sha512_initial_hash_value[8]
Definition: sha2.c:265
#define PG_SHA512_BLOCK_LENGTH
Definition: sha2.h:28

References pg_sha512_ctx::bitcount, pg_sha512_ctx::buffer, PG_SHA512_BLOCK_LENGTH, PG_SHA512_DIGEST_LENGTH, sha512_initial_hash_value, and pg_sha512_ctx::state.

Referenced by pg_cryptohash_init().

◆ pg_sha512_update()

void pg_sha512_update ( pg_sha512_ctx context,
const uint8 data,
size_t  len 
)

Definition at line 802 of file sha2.c.

803 {
804  size_t freespace,
805  usedspace;
806 
807  /* Calling with no data is valid (we do nothing) */
808  if (len == 0)
809  return;
810 
811  usedspace = (context->bitcount[0] >> 3) % PG_SHA512_BLOCK_LENGTH;
812  if (usedspace > 0)
813  {
814  /* Calculate how much free space is available in the buffer */
815  freespace = PG_SHA512_BLOCK_LENGTH - usedspace;
816 
817  if (len >= freespace)
818  {
819  /* Fill the buffer completely and process it */
820  memcpy(&context->buffer[usedspace], data, freespace);
821  ADDINC128(context->bitcount, freespace << 3);
822  len -= freespace;
823  data += freespace;
824  SHA512_Transform(context, context->buffer);
825  }
826  else
827  {
828  /* The buffer is not yet full */
829  memcpy(&context->buffer[usedspace], data, len);
830  ADDINC128(context->bitcount, len << 3);
831  /* Clean up: */
832  usedspace = freespace = 0;
833  return;
834  }
835  }
836  while (len >= PG_SHA512_BLOCK_LENGTH)
837  {
838  /* Process as many complete blocks as we can */
839  SHA512_Transform(context, data);
840  ADDINC128(context->bitcount, PG_SHA512_BLOCK_LENGTH << 3);
843  }
844  if (len > 0)
845  {
846  /* There's left-overs, so save 'em */
847  memcpy(context->buffer, data, len);
848  ADDINC128(context->bitcount, len << 3);
849  }
850  /* Clean up: */
851  usedspace = freespace = 0;
852 }
#define ADDINC128(w, n)
Definition: sha2.c:115
static void SHA512_Transform(pg_sha512_ctx *context, const uint8 *data)
Definition: sha2.c:712

References ADDINC128, pg_sha512_ctx::bitcount, pg_sha512_ctx::buffer, data, len, PG_SHA512_BLOCK_LENGTH, and SHA512_Transform().

Referenced by pg_cryptohash_update(), and pg_sha384_update().

◆ SHA256_Last()

static void SHA256_Last ( pg_sha256_ctx context)
static

Definition at line 529 of file sha2.c.

530 {
531  unsigned int usedspace;
532 
533  usedspace = (context->bitcount >> 3) % PG_SHA256_BLOCK_LENGTH;
534 #ifndef WORDS_BIGENDIAN
535  /* Convert FROM host byte order */
536  REVERSE64(context->bitcount, context->bitcount);
537 #endif
538  if (usedspace > 0)
539  {
540  /* Begin padding with a 1 bit: */
541  context->buffer[usedspace++] = 0x80;
542 
543  if (usedspace <= PG_SHA256_SHORT_BLOCK_LENGTH)
544  {
545  /* Set-up for the last transform: */
546  memset(&context->buffer[usedspace], 0, PG_SHA256_SHORT_BLOCK_LENGTH - usedspace);
547  }
548  else
549  {
550  if (usedspace < PG_SHA256_BLOCK_LENGTH)
551  {
552  memset(&context->buffer[usedspace], 0, PG_SHA256_BLOCK_LENGTH - usedspace);
553  }
554  /* Do second-to-last transform: */
555  SHA256_Transform(context, context->buffer);
556 
557  /* And set-up for the last transform: */
558  memset(context->buffer, 0, PG_SHA256_SHORT_BLOCK_LENGTH);
559  }
560  }
561  else
562  {
563  /* Set-up for the last transform: */
564  memset(context->buffer, 0, PG_SHA256_SHORT_BLOCK_LENGTH);
565 
566  /* Begin padding with a 1 bit: */
567  *context->buffer = 0x80;
568  }
569  /* Set the bit count: */
570  *(uint64 *) &context->buffer[PG_SHA256_SHORT_BLOCK_LENGTH] = context->bitcount;
571 
572  /* Final transform: */
573  SHA256_Transform(context, context->buffer);
574 }
#define PG_SHA256_SHORT_BLOCK_LENGTH
Definition: sha2.c:89

References pg_sha256_ctx::bitcount, pg_sha256_ctx::buffer, PG_SHA256_BLOCK_LENGTH, PG_SHA256_SHORT_BLOCK_LENGTH, REVERSE64, and SHA256_Transform().

Referenced by pg_sha224_final(), and pg_sha256_final().

◆ SHA256_Transform()

static void SHA256_Transform ( pg_sha256_ctx context,
const uint8 data 
)
static

Definition at line 386 of file sha2.c.

387 {
388  uint32 a,
389  b,
390  c,
391  d,
392  e,
393  f,
394  g,
395  h,
396  s0,
397  s1;
398  uint32 T1,
399  T2,
400  *W256;
401  int j;
402 
403  W256 = (uint32 *) context->buffer;
404 
405  /* Initialize registers with the prev. intermediate value */
406  a = context->state[0];
407  b = context->state[1];
408  c = context->state[2];
409  d = context->state[3];
410  e = context->state[4];
411  f = context->state[5];
412  g = context->state[6];
413  h = context->state[7];
414 
415  j = 0;
416  do
417  {
418  W256[j] = (uint32) data[3] | ((uint32) data[2] << 8) |
419  ((uint32) data[1] << 16) | ((uint32) data[0] << 24);
420  data += 4;
421  /* Apply the SHA-256 compression function to update a..h */
422  T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + W256[j];
423  T2 = Sigma0_256(a) + Maj(a, b, c);
424  h = g;
425  g = f;
426  f = e;
427  e = d + T1;
428  d = c;
429  c = b;
430  b = a;
431  a = T1 + T2;
432 
433  j++;
434  } while (j < 16);
435 
436  do
437  {
438  /* Part of the message block expansion: */
439  s0 = W256[(j + 1) & 0x0f];
440  s0 = sigma0_256(s0);
441  s1 = W256[(j + 14) & 0x0f];
442  s1 = sigma1_256(s1);
443 
444  /* Apply the SHA-256 compression function to update a..h */
445  T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] +
446  (W256[j & 0x0f] += s1 + W256[(j + 9) & 0x0f] + s0);
447  T2 = Sigma0_256(a) + Maj(a, b, c);
448  h = g;
449  g = f;
450  f = e;
451  e = d + T1;
452  d = c;
453  c = b;
454  b = a;
455  a = T1 + T2;
456 
457  j++;
458  } while (j < 64);
459 
460  /* Compute the current intermediate hash value */
461  context->state[0] += a;
462  context->state[1] += b;
463  context->state[2] += c;
464  context->state[3] += d;
465  context->state[4] += e;
466  context->state[5] += f;
467  context->state[6] += g;
468  context->state[7] += h;
469 
470  /* Clean up */
471  a = b = c = d = e = f = g = h = T1 = T2 = 0;
472 }
unsigned int uint32
Definition: c.h:441
int b
Definition: isn.c:70
int a
Definition: isn.c:69
char * c
e
Definition: preproc-init.c:82
char * s1
#define Sigma0_256(x)
Definition: sha2.c:143
static const uint32 K256[64]
Definition: sha2.c:165
#define Maj(x, y, z)
Definition: sha2.c:140
#define sigma1_256(x)
Definition: sha2.c:146
#define Sigma1_256(x)
Definition: sha2.c:144
#define Ch(x, y, z)
Definition: sha2.c:139
#define sigma0_256(x)
Definition: sha2.c:145

References a, b, pg_sha256_ctx::buffer, Ch, data, j, K256, Maj, s1, Sigma0_256, Sigma1_256, and pg_sha256_ctx::state.

Referenced by pg_sha256_update(), and SHA256_Last().

◆ SHA512_Last()

static void SHA512_Last ( pg_sha512_ctx context)
static

Definition at line 855 of file sha2.c.

856 {
857  unsigned int usedspace;
858 
859  usedspace = (context->bitcount[0] >> 3) % PG_SHA512_BLOCK_LENGTH;
860 #ifndef WORDS_BIGENDIAN
861  /* Convert FROM host byte order */
862  REVERSE64(context->bitcount[0], context->bitcount[0]);
863  REVERSE64(context->bitcount[1], context->bitcount[1]);
864 #endif
865  if (usedspace > 0)
866  {
867  /* Begin padding with a 1 bit: */
868  context->buffer[usedspace++] = 0x80;
869 
870  if (usedspace <= PG_SHA512_SHORT_BLOCK_LENGTH)
871  {
872  /* Set-up for the last transform: */
873  memset(&context->buffer[usedspace], 0, PG_SHA512_SHORT_BLOCK_LENGTH - usedspace);
874  }
875  else
876  {
877  if (usedspace < PG_SHA512_BLOCK_LENGTH)
878  {
879  memset(&context->buffer[usedspace], 0, PG_SHA512_BLOCK_LENGTH - usedspace);
880  }
881  /* Do second-to-last transform: */
882  SHA512_Transform(context, context->buffer);
883 
884  /* And set-up for the last transform: */
885  memset(context->buffer, 0, PG_SHA512_BLOCK_LENGTH - 2);
886  }
887  }
888  else
889  {
890  /* Prepare for final transform: */
891  memset(context->buffer, 0, PG_SHA512_SHORT_BLOCK_LENGTH);
892 
893  /* Begin padding with a 1 bit: */
894  *context->buffer = 0x80;
895  }
896  /* Store the length of input data (in bits): */
897  *(uint64 *) &context->buffer[PG_SHA512_SHORT_BLOCK_LENGTH] = context->bitcount[1];
898  *(uint64 *) &context->buffer[PG_SHA512_SHORT_BLOCK_LENGTH + 8] = context->bitcount[0];
899 
900  /* Final transform: */
901  SHA512_Transform(context, context->buffer);
902 }
#define PG_SHA512_SHORT_BLOCK_LENGTH
Definition: sha2.c:91

References pg_sha512_ctx::bitcount, pg_sha512_ctx::buffer, PG_SHA512_BLOCK_LENGTH, PG_SHA512_SHORT_BLOCK_LENGTH, REVERSE64, and SHA512_Transform().

Referenced by pg_sha384_final(), and pg_sha512_final().

◆ SHA512_Transform()

static void SHA512_Transform ( pg_sha512_ctx context,
const uint8 data 
)
static

Definition at line 712 of file sha2.c.

713 {
714  uint64 a,
715  b,
716  c,
717  d,
718  e,
719  f,
720  g,
721  h,
722  s0,
723  s1;
724  uint64 T1,
725  T2,
726  *W512 = (uint64 *) context->buffer;
727  int j;
728 
729  /* Initialize registers with the prev. intermediate value */
730  a = context->state[0];
731  b = context->state[1];
732  c = context->state[2];
733  d = context->state[3];
734  e = context->state[4];
735  f = context->state[5];
736  g = context->state[6];
737  h = context->state[7];
738 
739  j = 0;
740  do
741  {
742  W512[j] = (uint64) data[7] | ((uint64) data[6] << 8) |
743  ((uint64) data[5] << 16) | ((uint64) data[4] << 24) |
744  ((uint64) data[3] << 32) | ((uint64) data[2] << 40) |
745  ((uint64) data[1] << 48) | ((uint64) data[0] << 56);
746  data += 8;
747  /* Apply the SHA-512 compression function to update a..h */
748  T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j];
749  T2 = Sigma0_512(a) + Maj(a, b, c);
750  h = g;
751  g = f;
752  f = e;
753  e = d + T1;
754  d = c;
755  c = b;
756  b = a;
757  a = T1 + T2;
758 
759  j++;
760  } while (j < 16);
761 
762  do
763  {
764  /* Part of the message block expansion: */
765  s0 = W512[(j + 1) & 0x0f];
766  s0 = sigma0_512(s0);
767  s1 = W512[(j + 14) & 0x0f];
768  s1 = sigma1_512(s1);
769 
770  /* Apply the SHA-512 compression function to update a..h */
771  T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] +
772  (W512[j & 0x0f] += s1 + W512[(j + 9) & 0x0f] + s0);
773  T2 = Sigma0_512(a) + Maj(a, b, c);
774  h = g;
775  g = f;
776  f = e;
777  e = d + T1;
778  d = c;
779  c = b;
780  b = a;
781  a = T1 + T2;
782 
783  j++;
784  } while (j < 80);
785 
786  /* Compute the current intermediate hash value */
787  context->state[0] += a;
788  context->state[1] += b;
789  context->state[2] += c;
790  context->state[3] += d;
791  context->state[4] += e;
792  context->state[5] += f;
793  context->state[6] += g;
794  context->state[7] += h;
795 
796  /* Clean up */
797  a = b = c = d = e = f = g = h = T1 = T2 = 0;
798 }
#define Sigma0_512(x)
Definition: sha2.c:149
static const uint64 K512[80]
Definition: sha2.c:209
#define sigma0_512(x)
Definition: sha2.c:151
#define Sigma1_512(x)
Definition: sha2.c:150
#define sigma1_512(x)
Definition: sha2.c:152

References a, b, pg_sha512_ctx::buffer, Ch, data, j, K512, Maj, s1, Sigma0_512, Sigma1_512, and pg_sha512_ctx::state.

Referenced by pg_sha512_update(), and SHA512_Last().

Variable Documentation

◆ K256

const uint32 K256[64]
static
Initial value:
= {
0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL,
0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL,
0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL,
0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL,
0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL,
0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL,
0xc6e00bf3UL, 0xd5a79147UL, 0x06ca6351UL, 0x14292967UL,
0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL,
0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL,
0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL,
0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL,
0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL,
0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
}

Definition at line 165 of file sha2.c.

Referenced by SHA256_Transform().

◆ K512

const uint64 K512[80]
static

Definition at line 209 of file sha2.c.

Referenced by SHA512_Transform().

◆ sha224_initial_hash_value

const uint32 sha224_initial_hash_value[8]
static
Initial value:
= {
0xc1059ed8UL,
0x367cd507UL,
0x3070dd17UL,
0xf70e5939UL,
0xffc00b31UL,
0x68581511UL,
0x64f98fa7UL,
0xbefa4fa4UL
}

Definition at line 185 of file sha2.c.

Referenced by pg_sha224_init().

◆ sha256_initial_hash_value

const uint32 sha256_initial_hash_value[8]
static
Initial value:
= {
0x6a09e667UL,
0xbb67ae85UL,
0x3c6ef372UL,
0xa54ff53aUL,
0x510e527fUL,
0x9b05688cUL,
0x1f83d9abUL,
0x5be0cd19UL
}

Definition at line 197 of file sha2.c.

Referenced by pg_sha256_init().

◆ sha384_initial_hash_value

const uint64 sha384_initial_hash_value[8]
static
Initial value:
= {
0xcbbb9d5dc1059ed8ULL,
0x629a292a367cd507ULL,
0x9159015a3070dd17ULL,
0x152fecd8f70e5939ULL,
0x67332667ffc00b31ULL,
0x8eb44a8768581511ULL,
0xdb0c2e0d64f98fa7ULL,
0x47b5481dbefa4fa4ULL
}

Definition at line 253 of file sha2.c.

Referenced by pg_sha384_init().

◆ sha512_initial_hash_value

const uint64 sha512_initial_hash_value[8]
static
Initial value:
= {
0x6a09e667f3bcc908ULL,
0xbb67ae8584caa73bULL,
0x3c6ef372fe94f82bULL,
0xa54ff53a5f1d36f1ULL,
0x510e527fade682d1ULL,
0x9b05688c2b3e6c1fULL,
0x1f83d9abfb41bd6bULL,
0x5be0cd19137e2179ULL
}

Definition at line 265 of file sha2.c.

Referenced by pg_sha512_init().