Add hash interface and SHA-{384,512} implementations

This commit is contained in:
Lucas Gabriel Vuotto 2024-06-06 12:40:38 +00:00
parent f511cddf0d
commit 216ef8f940
10 changed files with 680 additions and 5 deletions

View File

@ -1,7 +1,8 @@
LC_SRCS+= aead.c aead_chacha20_poly1305.c
LC_SRCS+= auth.c auth_poly1305.c
LC_SRCS+= cipher.c cipher_chacha20.c
LC_SRCS+= impl_chacha20.c impl_poly1305.c
LC_SRCS+= hash.c hash_sha384_sha512.c
LC_SRCS+= impl_chacha20.c impl_poly1305.c impl_sha512.c
LC_SRCS+= ct.c util.c
WARNINGS= Yes

13
README
View File

@ -19,11 +19,16 @@ Utilities
case might leak information. Would be better to return `0xffffffff`
if match, `0` otherwise.
Hash
----
- [x] SHA-384
- [x] SHA-512 (needed for Ed25519)
Authentication
--------------
- [x] Poly1305
- [ ] SHA-512 (needed for Ed25519)
Ciphers
-------
@ -54,6 +59,12 @@ Utilities
- [ ] NaCl interface
- [ ] signify interface
Hash
----
- [ ] SHA-256 & SHA-224 (the latter is a truncated form of the former)
- [ ] SHA-512/224 & SHA-512/256 (most of the work done)
Authentication
--------------

79
hash.c Normal file
View File

@ -0,0 +1,79 @@
/*
* Copyright (c) 2024 Lucas Gabriel Vuotto <lucas@lgv5.net>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <stdlib.h>
#include <string.h>
#include "lilcrypto.h"
#include "hash.h"
int
lc_hash_init(struct lc_hash_ctx *ctx)
{
return ctx->impl->init(ctx->arg);
}
int
lc_hash_update(struct lc_hash_ctx *ctx, const uint8_t *in, size_t inlen)
{
return ctx->impl->update(ctx->arg, in, inlen);
}
int
lc_hash_final(struct lc_hash_ctx *ctx, uint8_t *out, size_t *outlen)
{
return ctx->impl->final(ctx->arg, out, outlen);
}
int
lc_hash(const struct lc_hash_impl *impl, uint8_t *out, size_t *outlen,
const uint8_t *in, size_t inlen)
{
return impl->hash(out, outlen, in, inlen);
}
struct lc_hash_ctx *
lc_hash_ctx_new(const struct lc_hash_impl *impl)
{
struct lc_hash_ctx *ctx;
ctx = malloc(sizeof(*ctx));
if (ctx == NULL)
return NULL;
if (impl->ctx_new != NULL) {
ctx->arg = impl->ctx_new();
if (ctx->arg == NULL) {
free(ctx);
return NULL;
}
} else
ctx->arg = NULL;
ctx->impl = impl;
return ctx;
}
void
lc_hash_ctx_free(struct lc_hash_ctx *ctx)
{
if (ctx != NULL) {
if (ctx->impl != NULL && ctx->impl->ctx_free != NULL)
ctx->impl->ctx_free(ctx->arg);
free(ctx->arg);
}
free(ctx);
}

34
hash.h Normal file
View File

@ -0,0 +1,34 @@
/*
* Copyright (c) 2024 Lucas Gabriel Vuotto <lucas@lgv5.net>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <stddef.h>
#include <stdint.h>
struct lc_hash_impl {
int (*init)(void *);
int (*update)(void *, const uint8_t *, size_t);
int (*final)(void *, uint8_t *, size_t *);
int (*hash)(uint8_t *, size_t *, const uint8_t *, size_t);
void *(*ctx_new)(void);
void (*ctx_free)(void *);
};
struct lc_hash_ctx {
const struct lc_hash_impl *impl;
void *arg;
};

298
hash_sha384_sha512.c Normal file
View File

@ -0,0 +1,298 @@
/*
* Copyright (c) 2024 Lucas Gabriel Vuotto <lucas@lgv5.net>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <stdlib.h>
#include "lilcrypto.h"
#include "hash.h"
#include "hash_sha384_sha512.h"
#include "impl_sha512.h"
#include "util.h"
/*
* SHA-384 and SHA-512 implementations.
*
* This implementation doesn't support arbitrary amounts of bits, but only full
* bytes sizes. In particular, size is stored in bytes until the length has to
* be appended to the input. This is done to simplify overflow checks for input
* length.
*/
#define SHA512_SZHI_MAX UINT64_C(0x1fffffffffffffff) /* 2^125 - 1 */
#define SHA512_SZLO_MAX UINT64_MAX
#define SHA384_H0_0 UINT64_C(0xcbbb9d5dc1059ed8)
#define SHA384_H0_1 UINT64_C(0x629a292a367cd507)
#define SHA384_H0_2 UINT64_C(0x9159015a3070dd17)
#define SHA384_H0_3 UINT64_C(0x152fecd8f70e5939)
#define SHA384_H0_4 UINT64_C(0x67332667ffc00b31)
#define SHA384_H0_5 UINT64_C(0x8eb44a8768581511)
#define SHA384_H0_6 UINT64_C(0xdb0c2e0d64f98fa7)
#define SHA384_H0_7 UINT64_C(0x47b5481dbefa4fa4)
#define SHA512_H0_0 UINT64_C(0x6a09e667f3bcc908)
#define SHA512_H0_1 UINT64_C(0xbb67ae8584caa73b)
#define SHA512_H0_2 UINT64_C(0x3c6ef372fe94f82b)
#define SHA512_H0_3 UINT64_C(0xa54ff53a5f1d36f1)
#define SHA512_H0_4 UINT64_C(0x510e527fade682d1)
#define SHA512_H0_5 UINT64_C(0x9b05688c2b3e6c1f)
#define SHA512_H0_6 UINT64_C(0x1f83d9abfb41bd6b)
#define SHA512_H0_7 UINT64_C(0x5be0cd19137e2179)
int
sha384_init(void *arg)
{
struct sha512_ctx *ctx = arg;
size_t i;
ctx->h0 = SHA384_H0_0;
ctx->h1 = SHA384_H0_1;
ctx->h2 = SHA384_H0_2;
ctx->h3 = SHA384_H0_3;
ctx->h4 = SHA384_H0_4;
ctx->h5 = SHA384_H0_5;
ctx->h6 = SHA384_H0_6;
ctx->h7 = SHA384_H0_7;
ctx->szhi = ctx->szlo = 0;
ctx->mlen = 0;
for (i = 0; i < SHA512_CHUNK; i++)
ctx->m[i] = 0;
return 1;
}
int
sha512_init(void *arg)
{
struct sha512_ctx *ctx = arg;
size_t i;
ctx->h0 = SHA512_H0_0;
ctx->h1 = SHA512_H0_1;
ctx->h2 = SHA512_H0_2;
ctx->h3 = SHA512_H0_3;
ctx->h4 = SHA512_H0_4;
ctx->h5 = SHA512_H0_5;
ctx->h6 = SHA512_H0_6;
ctx->h7 = SHA512_H0_7;
ctx->szhi = ctx->szlo = 0;
ctx->mlen = 0;
for (i = 0; i < SHA512_CHUNK; i++)
ctx->m[i] = 0;
return 1;
}
static int
sha384_sha512_update(void *arg, const uint8_t *in, size_t inlen)
{
struct sha512_ctx *ctx = arg;
size_t i;
if (inlen > SHA512_SZLO_MAX - ctx->szlo) {
if (ctx->szhi == SHA512_SZHI_MAX)
return 0;
ctx->szlo += inlen;
ctx->szhi++;
} else
ctx->szlo += inlen;
for (i = 0; i + ctx->mlen < SHA512_CHUNK && i < inlen; i++)
ctx->m[i + ctx->mlen] = in[i];
ctx->mlen += i;
in += i;
inlen -= i;
if (ctx->mlen == SHA512_CHUNK) {
sha512_block(ctx);
ctx->mlen = 0;
}
if (inlen == 0)
return 1;
while (inlen >= SHA512_CHUNK) {
for (i = 0; i < SHA512_CHUNK; i++)
ctx->m[i] = in[i];
in += i;
inlen -= i;
sha512_block(ctx);
}
for (i = 0; i < inlen; i++)
ctx->m[i] = in[i];
ctx->mlen = inlen;
return 1;
}
int
sha384_update(void *arg, const uint8_t *in, size_t inlen)
{
return sha384_sha512_update(arg, in, inlen);
}
int
sha512_update(void *arg, const uint8_t *in, size_t inlen)
{
return sha384_sha512_update(arg, in, inlen);
}
static void
sha384_sha512_final(struct sha512_ctx *ctx)
{
size_t i, mlen;
mlen = ctx->mlen;
ctx->m[mlen++] = 0x80;
if (mlen >= SHA512_CHUNK - 2 * sizeof(uint64_t)) {
for (i = mlen; i < SHA512_CHUNK; i++)
ctx->m[i] = 0;
sha512_block(ctx);
mlen = 0;
}
for (i = mlen; i < SHA512_CHUNK - 2 * sizeof(uint64_t); i++)
ctx->m[i] = 0;
store64be(&ctx->m[i], (ctx->szhi << 3) | (ctx->szlo >> 63));
store64be(&ctx->m[i + sizeof(uint64_t)], ctx->szlo << 3);
sha512_block(ctx);
}
int
sha384_final(void *arg, uint8_t *out, size_t *outlen)
{
struct sha512_ctx *ctx = arg;
*outlen = LC_SHA384_HASHLEN;
if (out == NULL)
return 1;
sha384_sha512_final(ctx);
store64be(out, ctx->h0);
store64be(out + 8, ctx->h1);
store64be(out + 16, ctx->h2);
store64be(out + 24, ctx->h3);
store64be(out + 32, ctx->h4);
store64be(out + 40, ctx->h5);
lc_scrub(ctx, sizeof(*ctx));
return 1;
}
int
sha512_final(void *arg, uint8_t *out, size_t *outlen)
{
struct sha512_ctx *ctx = arg;
*outlen = LC_SHA512_HASHLEN;
if (out == NULL)
return 1;
sha384_sha512_final(ctx);
store64be(out, ctx->h0);
store64be(out + 8, ctx->h1);
store64be(out + 16, ctx->h2);
store64be(out + 24, ctx->h3);
store64be(out + 32, ctx->h4);
store64be(out + 40, ctx->h5);
store64be(out + 48, ctx->h6);
store64be(out + 56, ctx->h7);
lc_scrub(ctx, sizeof(*ctx));
return 1;
}
static int
sha384_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen)
{
struct sha512_ctx ctx;
if (out == NULL) {
*outlen = LC_SHA384_HASHLEN;
return 1;
}
return sha384_init(&ctx) &&
sha384_update(&ctx, in, inlen) &&
sha384_final(&ctx, out, outlen);
}
static int
sha512_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen)
{
struct sha512_ctx ctx;
if (out == NULL) {
*outlen = LC_SHA512_HASHLEN;
return 1;
}
return sha512_init(&ctx) &&
sha512_update(&ctx, in, inlen) &&
sha512_final(&ctx, out, outlen);
}
static void *
sha384_sha512_ctx_new(void)
{
return malloc(sizeof(struct sha512_ctx));
}
static struct lc_hash_impl sha384_impl = {
.init = &sha384_init,
.update = &sha384_update,
.final = &sha384_final,
.hash = &sha384_hash,
.ctx_new = &sha384_sha512_ctx_new,
.ctx_free = NULL,
};
static struct lc_hash_impl sha512_impl = {
.init = &sha512_init,
.update = &sha512_update,
.final = &sha512_final,
.hash = &sha512_hash,
.ctx_new = &sha384_sha512_ctx_new,
.ctx_free = NULL,
};
const struct lc_hash_impl *
lc_hash_impl_sha384(void)
{
return &sha384_impl;
}
const struct lc_hash_impl *
lc_hash_impl_sha512(void)
{
return &sha512_impl;
}

27
hash_sha384_sha512.h Normal file
View File

@ -0,0 +1,27 @@
/*
* Copyright (c) 2024 Lucas Gabriel Vuotto <lucas@lgv5.net>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <stddef.h>
#include <stdint.h>
int sha384_init(void *);
int sha384_update(void *, const uint8_t *, size_t);
int sha384_final(void *, uint8_t *, size_t *);
int sha512_init(void *);
int sha512_update(void *, const uint8_t *, size_t);
int sha512_final(void *, uint8_t *, size_t *);

117
impl_sha512.c Normal file
View File

@ -0,0 +1,117 @@
/*
* Copyright (c) 2024 Lucas Gabriel Vuotto <lucas@lgv5.net>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <stddef.h>
#include <stdint.h>
#include "impl_sha512.h"
#include "util.h"
static const uint64_t K[SHA512_ROUNDS] = {
0x428a2f98d728ae22, 0x7137449123ef65cd,
0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc,
0x3956c25bf348b538, 0x59f111f1b605d019,
0x923f82a4af194f9b, 0xab1c5ed5da6d8118,
0xd807aa98a3030242, 0x12835b0145706fbe,
0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2,
0x72be5d74f27b896f, 0x80deb1fe3b1696b1,
0x9bdc06a725c71235, 0xc19bf174cf692694,
0xe49b69c19ef14ad2, 0xefbe4786384f25e3,
0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65,
0x2de92c6f592b0275, 0x4a7484aa6ea6e483,
0x5cb0a9dcbd41fbd4, 0x76f988da831153b5,
0x983e5152ee66dfab, 0xa831c66d2db43210,
0xb00327c898fb213f, 0xbf597fc7beef0ee4,
0xc6e00bf33da88fc2, 0xd5a79147930aa725,
0x06ca6351e003826f, 0x142929670a0e6e70,
0x27b70a8546d22ffc, 0x2e1b21385c26c926,
0x4d2c6dfc5ac42aed, 0x53380d139d95b3df,
0x650a73548baf63de, 0x766a0abb3c77b2a8,
0x81c2c92e47edaee6, 0x92722c851482353b,
0xa2bfe8a14cf10364, 0xa81a664bbc423001,
0xc24b8b70d0f89791, 0xc76c51a30654be30,
0xd192e819d6ef5218, 0xd69906245565a910,
0xf40e35855771202a, 0x106aa07032bbd1b8,
0x19a4c116b8d2d0c8, 0x1e376c085141ab53,
0x2748774cdf8eeb99, 0x34b0bcb5e19b48a8,
0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb,
0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3,
0x748f82ee5defb2fc, 0x78a5636f43172f60,
0x84c87814a1f0ab72, 0x8cc702081a6439ec,
0x90befffa23631e28, 0xa4506cebde82bde9,
0xbef9a3f7b2c67915, 0xc67178f2e372532b,
0xca273eceea26619c, 0xd186b8c721c0c207,
0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178,
0x06f067aa72176fba, 0x0a637dc5a2c898a6,
0x113f9804bef90dae, 0x1b710b35131c471b,
0x28db77f523047d84, 0x32caab7b40c72493,
0x3c9ebe0a15c9bebc, 0x431d67c49c100d4c,
0x4cc5d4becb3e42b6, 0x597f299cfc657e2a,
0x5fcb6fab3ad6faec, 0x6c44198c4a475817,
};
#define CH(x, y, z) ((x & y) ^ (~x & z))
#define MAJ(x, y, z) ((x & y) ^ (x & z) ^ (y & z))
#define BSIG0(x) (rotr64(x, 28) ^ rotr64(x, 34) ^ rotr64(x, 39))
#define BSIG1(x) (rotr64(x, 14) ^ rotr64(x, 18) ^ rotr64(x, 41))
#define SSIG0(x) (rotr64(x, 1) ^ rotr64(x, 8) ^ (x >> 7))
#define SSIG1(x) (rotr64(x, 19) ^ rotr64(x, 61) ^ (x >> 6))
void
sha512_block(struct sha512_ctx *ctx)
{
uint64_t m[SHA512_CHUNK_WORDS], W[SHA512_ROUNDS];
uint64_t a, b, c, d, e, f, g, h, T1, T2;
size_t i;
for (i = 0; i < SHA512_CHUNK_WORDS; i++)
W[i] = m[i] = load64be(&ctx->m[i * 8]);
for (; i < SHA512_ROUNDS; i++)
W[i] = SSIG1(W[i - 2]) + W[i - 7] + SSIG0(W[i - 15]) +
W[i - 16];
a = ctx->h0;
b = ctx->h1;
c = ctx->h2;
d = ctx->h3;
e = ctx->h4;
f = ctx->h5;
g = ctx->h6;
h = ctx->h7;
for (i = 0; i < SHA512_ROUNDS; i++) {
T1 = h + BSIG1(e) + CH(e, f, g) + K[i] + W[i];
T2 = BSIG0(a) + MAJ(a, b, c);
h = g;
g = f;
f = e;
e = d + T1;
d = c;
c = b;
b = a;
a = T1 + T2;
}
ctx->h0 += a;
ctx->h1 += b;
ctx->h2 += c;
ctx->h3 += d;
ctx->h4 += e;
ctx->h5 += f;
ctx->h6 += g;
ctx->h7 += h;
}

36
impl_sha512.h Normal file
View File

@ -0,0 +1,36 @@
/*
* Copyright (c) 2024 Lucas Gabriel Vuotto <lucas@lgv5.net>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <stddef.h>
#include <stdint.h>
#include "lilcrypto.h"
#define SHA512_CHUNK 128
#define SHA512_CHUNK_WORDS (SHA512_CHUNK / sizeof(uint64_t))
#define SHA512_ROUNDS 80
struct sha512_ctx {
uint64_t h0, h1, h2, h3, h4, h5, h6, h7;
uint64_t szhi, szlo;
size_t mlen;
uint8_t m[SHA512_CHUNK];
};
void sha512_block(struct sha512_ctx *);

View File

@ -23,6 +23,10 @@
* Constants.
*/
/* Hashes. */
#define LC_SHA384_HASHLEN 48
#define LC_SHA512_HASHLEN 64
/* Authentitcation. */
#define LC_POLY1305_KEYLEN 32
#define LC_POLY1305_TAGLEN 16
@ -40,7 +44,28 @@ uint32_t lc_ct_cmp(const uint8_t *, const uint8_t *, size_t);
/*
* Message authentication code.
* Hashes.
*/
struct lc_hash_ctx;
struct lc_hash_impl;
int lc_hash_init(struct lc_hash_ctx *);
int lc_hash_update(struct lc_hash_ctx *, const uint8_t *, size_t);
int lc_hash_final(struct lc_hash_ctx *, uint8_t *, size_t *);
int lc_hash(const struct lc_hash_impl *, uint8_t *, size_t *,
const uint8_t *, size_t);
struct lc_hash_ctx *lc_hash_ctx_new(const struct lc_hash_impl *);
void lc_hash_ctx_free(struct lc_hash_ctx *);
const struct lc_hash_impl *lc_hash_impl_sha384(void);
const struct lc_hash_impl *lc_hash_impl_sha512(void);
/*
* Authentication.
*/
struct lc_auth_ctx;

51
util.h
View File

@ -72,6 +72,53 @@ store64le(uint8_t *x, uint64_t v)
x[7] = v >> 56;
}
static inline uint16_t
load16be(const uint8_t *x)
{
return (x[0] << 8) | x[1];
}
static inline uint32_t
load32be(const uint8_t *x)
{
return (x[0] << 24) | (x[1] << 16) | (x[2] << 8) | x[3];
}
static inline uint64_t
load64be(const uint8_t *x)
{
return ((uint64_t)load32be(x) << 32) | load32be(x + 4);
}
static inline void
store16be(uint8_t *x, uint64_t v)
{
x[0] = v >> 8;
x[1] = v & 0xff;
}
static inline void
store32be(uint8_t *x, uint32_t v)
{
x[0] = v >> 24;
x[1] = (v >> 16) & 0xff;
x[2] = (v >> 8) & 0xff;
x[3] = v & 0xff;
}
static inline void
store64be(uint8_t *x, uint64_t v)
{
x[0] = v >> 56;
x[1] = (v >> 48) & 0xff;
x[2] = (v >> 40) & 0xff;
x[3] = (v >> 32) & 0xff;
x[4] = (v >> 24) & 0xff;
x[5] = (v >> 16) & 0xff;
x[6] = (v >> 8) & 0xff;
x[7] = v & 0xff;
}
/*
* rotr and rotl.
@ -92,11 +139,11 @@ rotl64(uint64_t x, uint64_t r)
static inline uint32_t
rotr32(uint32_t x, uint32_t r)
{
return rotl32(x, 32 - r);
return (x >> r) | (x << (32 - r));
}
static inline uint64_t
rotr64(uint64_t x, uint64_t r)
{
return rotl64(x, 64 - r);
return (x >> r) | (x << (64 - r));
}