Rename all algorithm-specific ctx to state

This commit is contained in:
Lucas Gabriel Vuotto 2024-06-15 21:13:31 +00:00
parent 2b76f3df5b
commit 230dedac16
14 changed files with 406 additions and 404 deletions

View File

@ -31,68 +31,69 @@
static int static int
hmac_init(void *arg, void *initparams) hmac_init(void *arg, void *initparams)
{ {
struct hmac_ctx *ctx = arg; struct hmac_state *state = arg;
struct lc_hmac_params *params = initparams; struct lc_hmac_params *params = initparams;
uint8_t ikeypad[HMAC_BLOCKLEN_MAX]; uint8_t ikeypad[HMAC_BLOCKLEN_MAX];
size_t i, olen, blen, keylen; size_t i, olen, blen, keylen;
ctx->hash = params->hash; state->hash = params->hash;
keylen = params->keylen; keylen = params->keylen;
blen = params->hash->impl->blocklen; blen = params->hash->impl->blocklen;
if (keylen > blen) { if (keylen > blen) {
if (!lc_hash(ctx->hash->impl, ctx->key, &olen, params->key, if (!lc_hash(state->hash->impl, state->key, &olen, params->key,
keylen)) keylen))
return 0; return 0;
keylen = olen; keylen = olen;
} else } else
for (i = 0; i < keylen; i++) for (i = 0; i < keylen; i++)
ctx->key[i] = params->key[i]; state->key[i] = params->key[i];
for (i = keylen; i < blen; i++) for (i = keylen; i < blen; i++)
ctx->key[i] = 0; state->key[i] = 0;
for (i = 0; i < blen; i++) for (i = 0; i < blen; i++)
ikeypad[i] = ctx->key[i] ^ HMAC_IPAD; ikeypad[i] = state->key[i] ^ HMAC_IPAD;
return lc_hash_init(ctx->hash) && return lc_hash_init(state->hash) &&
lc_hash_update(ctx->hash, ikeypad, blen); lc_hash_update(state->hash, ikeypad, blen);
} }
static int static int
hmac_update(void *arg, const uint8_t *in, size_t inlen) hmac_update(void *arg, const uint8_t *in, size_t inlen)
{ {
struct hmac_ctx *ctx = arg; struct hmac_state *state = arg;
return lc_hash_update(ctx->hash, in, inlen); return lc_hash_update(state->hash, in, inlen);
} }
static int static int
hmac_final(void *arg, uint8_t *out, size_t *outlen) hmac_final(void *arg, uint8_t *out, size_t *outlen)
{ {
struct hmac_ctx *ctx = arg; struct hmac_state *state = arg;
uint8_t m[HMAC_BLOCKLEN_MAX], okeypad[HMAC_BLOCKLEN_MAX]; uint8_t m[HMAC_BLOCKLEN_MAX],
okeypad[HMAC_BLOCKLEN_MAX];
size_t i, olen, blen; size_t i, olen, blen;
int rc; int rc;
if (out == NULL) { if (out == NULL) {
*outlen = ctx->hash->impl->hashlen; *outlen = state->hash->impl->hashlen;
return 1; return 1;
} }
*outlen = 0; *outlen = 0;
blen = ctx->hash->impl->blocklen; blen = state->hash->impl->blocklen;
for (i = 0; i < blen; i++) for (i = 0; i < blen; i++)
okeypad[i] = ctx->key[i] ^ HMAC_OPAD; okeypad[i] = state->key[i] ^ HMAC_OPAD;
rc = lc_hash_final(ctx->hash, m, &olen) && rc = lc_hash_final(state->hash, m, &olen) &&
lc_hash_init(ctx->hash) && lc_hash_init(state->hash) &&
lc_hash_update(ctx->hash, okeypad, blen) && lc_hash_update(state->hash, okeypad, blen) &&
lc_hash_update(ctx->hash, m, olen) && lc_hash_update(state->hash, m, olen) &&
lc_hash_final(ctx->hash, out, outlen); lc_hash_final(state->hash, out, outlen);
lc_scrub(ctx, sizeof(*ctx)); lc_scrub(state, sizeof(*state));
return rc; return rc;
} }
@ -102,16 +103,16 @@ hmac_auth(uint8_t *out, size_t *outlen, void *initparams, const uint8_t *in,
size_t inlen) size_t inlen)
{ {
struct lc_hmac_params *params = initparams; struct lc_hmac_params *params = initparams;
struct hmac_ctx ctx; struct hmac_state state;
if (out == NULL) { if (out == NULL) {
*outlen = params->hash->impl->hashlen; *outlen = params->hash->impl->hashlen;
return 1; return 1;
} }
return hmac_init(&ctx, initparams) && return hmac_init(&state, initparams) &&
hmac_update(&ctx, in, inlen) && hmac_update(&state, in, inlen) &&
hmac_final(&ctx, out, outlen); hmac_final(&state, out, outlen);
} }
@ -121,7 +122,7 @@ static struct lc_auth_impl hmac_impl = {
.final = &hmac_final, .final = &hmac_final,
.auth = &hmac_auth, .auth = &hmac_auth,
.argsz = sizeof(struct hmac_ctx), .argsz = sizeof(struct hmac_state),
.blocklen = 0, .blocklen = 0,
.taglen = 0, .taglen = 0,
}; };

View File

@ -27,40 +27,40 @@ static int
poly1305_init(void *arg, void *initparams) poly1305_init(void *arg, void *initparams)
{ {
struct lc_poly1305_params *params = initparams; struct lc_poly1305_params *params = initparams;
struct poly1305_ctx *ctx = arg; struct poly1305_state *state = arg;
size_t i; size_t i;
uint32_t t0, t1, t2, t3; uint32_t t0, t1, t2, t3;
ctx->h0 = 0; state->h0 = 0;
ctx->h1 = 0; state->h1 = 0;
ctx->h2 = 0; state->h2 = 0;
ctx->h3 = 0; state->h3 = 0;
ctx->h4 = 0; state->h4 = 0;
t0 = load32le(&params->key[0]); t0 = load32le(&params->key[0]);
t1 = load32le(&params->key[4]); t1 = load32le(&params->key[4]);
t2 = load32le(&params->key[8]); t2 = load32le(&params->key[8]);
t3 = load32le(&params->key[12]); t3 = load32le(&params->key[12]);
ctx->r0 = t0 & 0x3ffffff; state->r0 = t0 & 0x3ffffff;
ctx->r1 = ((t1 << 6) | (t0 >> 26)) & 0x3ffff03; state->r1 = ((t1 << 6) | (t0 >> 26)) & 0x3ffff03;
ctx->r2 = ((t2 << 12) | (t1 >> 20)) & 0x3ffc0ff; state->r2 = ((t2 << 12) | (t1 >> 20)) & 0x3ffc0ff;
ctx->r3 = ((t3 << 18) | (t2 >> 14)) & 0x3f03fff; state->r3 = ((t3 << 18) | (t2 >> 14)) & 0x3f03fff;
ctx->r4 = (t3 >> 8) & 0xfffff; state->r4 = (t3 >> 8) & 0xfffff;
ctx->x1 = 5 * ctx->r1; state->x1 = 5 * state->r1;
ctx->x2 = 5 * ctx->r2; state->x2 = 5 * state->r2;
ctx->x3 = 5 * ctx->r3; state->x3 = 5 * state->r3;
ctx->x4 = 5 * ctx->r4; state->x4 = 5 * state->r4;
ctx->s0 = load32le(&params->key[16]); state->s0 = load32le(&params->key[16]);
ctx->s1 = load32le(&params->key[20]); state->s1 = load32le(&params->key[20]);
ctx->s2 = load32le(&params->key[24]); state->s2 = load32le(&params->key[24]);
ctx->s3 = load32le(&params->key[28]); state->s3 = load32le(&params->key[28]);
ctx->mlen = 0; state->mlen = 0;
for (i = 0; i < LC_POLY1305_BLOCKLEN; i++) for (i = 0; i < LC_POLY1305_BLOCKLEN; i++)
ctx->m[i] = 0; state->m[i] = 0;
return 1; return 1;
} }
@ -68,18 +68,18 @@ poly1305_init(void *arg, void *initparams)
static int static int
poly1305_update(void *arg, const uint8_t *in, size_t inlen) poly1305_update(void *arg, const uint8_t *in, size_t inlen)
{ {
struct poly1305_ctx *ctx = arg; struct poly1305_state *state = arg;
size_t i; size_t i;
for (i = 0; i + ctx->mlen < LC_POLY1305_BLOCKLEN && i < inlen; i++) for (i = 0; i + state->mlen < LC_POLY1305_BLOCKLEN && i < inlen; i++)
ctx->m[i + ctx->mlen] = in[i]; state->m[i + state->mlen] = in[i];
ctx->mlen += i; state->mlen += i;
in += i; in += i;
inlen -= i; inlen -= i;
if (ctx->mlen == LC_POLY1305_BLOCKLEN) { if (state->mlen == LC_POLY1305_BLOCKLEN) {
poly1305_block(ctx, 1); poly1305_block(state, 1);
ctx->mlen = 0; state->mlen = 0;
} }
if (inlen == 0) if (inlen == 0)
@ -87,16 +87,16 @@ poly1305_update(void *arg, const uint8_t *in, size_t inlen)
while (inlen >= LC_POLY1305_BLOCKLEN) { while (inlen >= LC_POLY1305_BLOCKLEN) {
for (i = 0; i < LC_POLY1305_BLOCKLEN; i++) for (i = 0; i < LC_POLY1305_BLOCKLEN; i++)
ctx->m[i] = in[i]; state->m[i] = in[i];
poly1305_block(ctx, 1); poly1305_block(state, 1);
in += LC_POLY1305_BLOCKLEN; in += LC_POLY1305_BLOCKLEN;
inlen -= LC_POLY1305_BLOCKLEN; inlen -= LC_POLY1305_BLOCKLEN;
} }
for (i = 0; i < inlen; i++) for (i = 0; i < inlen; i++)
ctx->m[i] = in[i]; state->m[i] = in[i];
ctx->mlen = inlen; state->mlen = inlen;
return 1; return 1;
} }
@ -104,7 +104,7 @@ poly1305_update(void *arg, const uint8_t *in, size_t inlen)
static int static int
poly1305_final(void *arg, uint8_t *out, size_t *outlen) poly1305_final(void *arg, uint8_t *out, size_t *outlen)
{ {
struct poly1305_ctx *ctx = arg; struct poly1305_state *state = arg;
uint32_t tag[POLY1305_TAGLEN_WORDS]; uint32_t tag[POLY1305_TAGLEN_WORDS];
size_t i; size_t i;
@ -112,24 +112,24 @@ poly1305_final(void *arg, uint8_t *out, size_t *outlen)
if (out == NULL) if (out == NULL)
return 1; return 1;
i = ctx->mlen; i = state->mlen;
if (i > 0) { if (i > 0) {
if (i < LC_POLY1305_BLOCKLEN) { if (i < LC_POLY1305_BLOCKLEN) {
ctx->m[i++] = 1; state->m[i++] = 1;
for (; i < LC_POLY1305_BLOCKLEN; i++) for (; i < LC_POLY1305_BLOCKLEN; i++)
ctx->m[i] = 0; state->m[i] = 0;
poly1305_block(ctx, 0); poly1305_block(state, 0);
} else } else
poly1305_block(ctx, 1); poly1305_block(state, 1);
} }
poly1305_reduce(ctx, tag); poly1305_reduce(state, tag);
store32le(&out[0], tag[0]); store32le(&out[0], tag[0]);
store32le(&out[4], tag[1]); store32le(&out[4], tag[1]);
store32le(&out[8], tag[2]); store32le(&out[8], tag[2]);
store32le(&out[12], tag[3]); store32le(&out[12], tag[3]);
lc_scrub(ctx, sizeof(*ctx)); lc_scrub(state, sizeof(*state));
return 1; return 1;
} }
@ -138,16 +138,16 @@ static int
poly1305_auth(uint8_t *out, size_t *outlen, void *initparams, poly1305_auth(uint8_t *out, size_t *outlen, void *initparams,
const uint8_t *in, size_t inlen) const uint8_t *in, size_t inlen)
{ {
struct poly1305_ctx ctx; struct poly1305_state state;
if (out == NULL) { if (out == NULL) {
*outlen = LC_POLY1305_TAGLEN; *outlen = LC_POLY1305_TAGLEN;
return 1; return 1;
} }
return poly1305_init(&ctx, initparams) && return poly1305_init(&state, initparams) &&
poly1305_update(&ctx, in, inlen) && poly1305_update(&state, in, inlen) &&
poly1305_final(&ctx, out, outlen); poly1305_final(&state, out, outlen);
} }
@ -157,7 +157,7 @@ static struct lc_auth_impl poly1305_impl = {
.final = &poly1305_final, .final = &poly1305_final,
.auth = &poly1305_auth, .auth = &poly1305_auth,
.argsz = sizeof(struct poly1305_ctx), .argsz = sizeof(struct poly1305_state),
.blocklen = LC_POLY1305_BLOCKLEN, .blocklen = LC_POLY1305_BLOCKLEN,
.taglen = LC_POLY1305_TAGLEN, .taglen = LC_POLY1305_TAGLEN,
}; };

View File

@ -34,17 +34,17 @@ static int
chacha20_anycrypt_init(void *arg, void *initparams) chacha20_anycrypt_init(void *arg, void *initparams)
{ {
struct lc_chacha20_params *params = initparams; struct lc_chacha20_params *params = initparams;
struct chacha20_ctx *ctx = arg; struct chacha20_state *state = arg;
size_t i; size_t i;
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++)
ctx->s[i] = 0; state->s[i] = 0;
for (i = 0; i < CHACHA20_KEY_WORDS; i++) for (i = 0; i < CHACHA20_KEY_WORDS; i++)
ctx->k[i] = load32le(&params->key[i * 4]); state->k[i] = load32le(&params->key[i * 4]);
ctx->n[0] = params->counter; state->n[0] = params->counter;
for (i = 1; i < CHACHA20_NONCE_WORDS; i++) for (i = 1; i < CHACHA20_NONCE_WORDS; i++)
ctx->n[i] = load32le(&params->nonce[(i - 1) * 4]); state->n[i] = load32le(&params->nonce[(i - 1) * 4]);
ctx->mlen = 0; state->mlen = 0;
return 1; return 1;
} }
@ -53,31 +53,31 @@ static int
xchacha20_anycrypt_init(void *arg, void *initparams) xchacha20_anycrypt_init(void *arg, void *initparams)
{ {
struct lc_xchacha20_params *params = initparams; struct lc_xchacha20_params *params = initparams;
struct chacha20_ctx *ctx = arg; struct chacha20_state *state = arg;
size_t i; size_t i;
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++)
ctx->s[i] = 0; state->s[i] = 0;
for (i = 0; i < CHACHA20_KEY_WORDS; i++) for (i = 0; i < CHACHA20_KEY_WORDS; i++)
ctx->k[i] = load32le(&params->key[i * 4]); state->k[i] = load32le(&params->key[i * 4]);
for (i = 0; i < CHACHA20_NONCE_WORDS; i++) for (i = 0; i < CHACHA20_NONCE_WORDS; i++)
ctx->n[i] = load32le(&params->nonce[i * 4]); state->n[i] = load32le(&params->nonce[i * 4]);
ctx->mlen = 0; state->mlen = 0;
hchacha20_block(ctx); hchacha20_block(state);
ctx->k[0] = ctx->s[0]; state->k[0] = state->s[0];
ctx->k[1] = ctx->s[1]; state->k[1] = state->s[1];
ctx->k[2] = ctx->s[2]; state->k[2] = state->s[2];
ctx->k[3] = ctx->s[3]; state->k[3] = state->s[3];
ctx->k[4] = ctx->s[12]; state->k[4] = state->s[12];
ctx->k[5] = ctx->s[13]; state->k[5] = state->s[13];
ctx->k[6] = ctx->s[14]; state->k[6] = state->s[14];
ctx->k[7] = ctx->s[15]; state->k[7] = state->s[15];
ctx->n[0] = params->counter; state->n[0] = params->counter;
ctx->n[1] = 0; state->n[1] = 0;
ctx->n[2] = load32le(&params->nonce[16]); state->n[2] = load32le(&params->nonce[16]);
ctx->n[3] = load32le(&params->nonce[20]); state->n[3] = load32le(&params->nonce[20]);
return 1; return 1;
} }
@ -86,52 +86,52 @@ static int
chacha20_anycrypt_update(void *arg, uint8_t *out, size_t *outlen, chacha20_anycrypt_update(void *arg, uint8_t *out, size_t *outlen,
const uint8_t *in, size_t inlen) const uint8_t *in, size_t inlen)
{ {
struct chacha20_ctx *ctx = arg; struct chacha20_state *state = arg;
size_t i, blocks; size_t i, blocks;
uint32_t h; uint32_t h;
*outlen = 0; *outlen = 0;
if (inlen > SIZE_MAX - (LC_CHACHA20_BLOCKLEN - 1) - ctx->mlen) if (inlen > SIZE_MAX - (LC_CHACHA20_BLOCKLEN - 1) - state->mlen)
return 0; return 0;
blocks = (inlen + ctx->mlen + LC_CHACHA20_BLOCKLEN - 1) / blocks = (inlen + state->mlen + LC_CHACHA20_BLOCKLEN - 1) /
LC_CHACHA20_BLOCKLEN; LC_CHACHA20_BLOCKLEN;
if (blocks + ctx->n[0] > CHACHA20_CTRMAX) if (blocks + state->n[0] > CHACHA20_CTRMAX)
return 0; return 0;
*outlen = ctx->mlen + inlen - *outlen = state->mlen + inlen -
((ctx->mlen + inlen) % LC_CHACHA20_BLOCKLEN); ((state->mlen + inlen) % LC_CHACHA20_BLOCKLEN);
if (out == NULL) if (out == NULL)
return 1; return 1;
for (i = 0; i + ctx->mlen < LC_CHACHA20_BLOCKLEN && i < inlen; i++) for (i = 0; i + state->mlen < LC_CHACHA20_BLOCKLEN && i < inlen; i++)
ctx->m[i + ctx->mlen] = in[i]; state->m[i + state->mlen] = in[i];
ctx->mlen += i; state->mlen += i;
in += i; in += i;
inlen -= i; inlen -= i;
if (ctx->mlen == LC_CHACHA20_BLOCKLEN) { if (state->mlen == LC_CHACHA20_BLOCKLEN) {
chacha20_block(ctx); chacha20_block(state);
ctx->n[0]++; state->n[0]++;
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) { for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) {
h = load32le(&ctx->m[i * 4]); h = load32le(&state->m[i * 4]);
h ^= ctx->s[i]; h ^= state->s[i];
store32le(&out[i * 4], h); store32le(&out[i * 4], h);
} }
out += LC_CHACHA20_BLOCKLEN; out += LC_CHACHA20_BLOCKLEN;
ctx->mlen = 0; state->mlen = 0;
} }
if (inlen == 0) if (inlen == 0)
return 1; return 1;
while (inlen >= LC_CHACHA20_BLOCKLEN) { while (inlen >= LC_CHACHA20_BLOCKLEN) {
chacha20_block(ctx); chacha20_block(state);
ctx->n[0]++; state->n[0]++;
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) { for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) {
h = load32le(&in[i * 4]); h = load32le(&in[i * 4]);
h ^= ctx->s[i]; h ^= state->s[i];
store32le(&out[i * 4], h); store32le(&out[i * 4], h);
} }
out += LC_CHACHA20_BLOCKLEN; out += LC_CHACHA20_BLOCKLEN;
@ -140,8 +140,8 @@ chacha20_anycrypt_update(void *arg, uint8_t *out, size_t *outlen,
} }
for (i = 0; i < inlen; i++) for (i = 0; i < inlen; i++)
ctx->m[i] = in[i]; state->m[i] = in[i];
ctx->mlen = inlen; state->mlen = inlen;
return 1; return 1;
} }
@ -149,32 +149,32 @@ chacha20_anycrypt_update(void *arg, uint8_t *out, size_t *outlen,
static int static int
chacha20_anycrypt_final(void *arg, uint8_t *out, size_t *outlen) chacha20_anycrypt_final(void *arg, uint8_t *out, size_t *outlen)
{ {
struct chacha20_ctx *ctx = arg; struct chacha20_state *state = arg;
size_t i, off; size_t i, off;
uint32_t h; uint32_t h;
uint8_t s[4]; uint8_t s[4];
*outlen = ctx->mlen; *outlen = state->mlen;
if (out == NULL) if (out == NULL)
return 1; return 1;
if (ctx->mlen > 0) if (state->mlen > 0)
chacha20_block(ctx); chacha20_block(state);
for (i = 0; i < ctx->mlen / 4; i++) { for (i = 0; i < state->mlen / 4; i++) {
h = load32le(&ctx->m[i * 4]); h = load32le(&state->m[i * 4]);
h ^= ctx->s[i]; h ^= state->s[i];
store32le(&out[i * 4], h); store32le(&out[i * 4], h);
} }
off = i * 4; off = i * 4;
ctx->mlen -= off; state->mlen -= off;
out += off; out += off;
store32le(&s[0], ctx->s[i]); store32le(&s[0], state->s[i]);
for (i = 0; i < ctx->mlen; i++) for (i = 0; i < state->mlen; i++)
out[i] = ctx->m[i + off] ^ s[i]; out[i] = state->m[i + off] ^ s[i];
lc_scrub(ctx, sizeof(*ctx)); lc_scrub(state, sizeof(*state));
return 1; return 1;
} }
@ -183,7 +183,7 @@ static int
chacha20_anycrypt(uint8_t *out, size_t *outlen, void *initparams, chacha20_anycrypt(uint8_t *out, size_t *outlen, void *initparams,
const uint8_t *in, size_t inlen) const uint8_t *in, size_t inlen)
{ {
struct chacha20_ctx ctx; struct chacha20_state state;
size_t l0, l1; size_t l0, l1;
int rc; int rc;
@ -199,9 +199,9 @@ chacha20_anycrypt(uint8_t *out, size_t *outlen, void *initparams,
return 1; return 1;
} }
rc = chacha20_anycrypt_init(&ctx, initparams) && rc = chacha20_anycrypt_init(&state, initparams) &&
chacha20_anycrypt_update(&ctx, out, &l0, in, inlen) && chacha20_anycrypt_update(&state, out, &l0, in, inlen) &&
chacha20_anycrypt_final(&ctx, out + l0, &l1); chacha20_anycrypt_final(&state, out + l0, &l1);
if (rc) if (rc)
*outlen = l0 + l1; *outlen = l0 + l1;
@ -213,7 +213,7 @@ static int
xchacha20_anycrypt(uint8_t *out, size_t *outlen, void *initparams, xchacha20_anycrypt(uint8_t *out, size_t *outlen, void *initparams,
const uint8_t *in, size_t inlen) const uint8_t *in, size_t inlen)
{ {
struct chacha20_ctx ctx; struct chacha20_state state;
size_t l0, l1; size_t l0, l1;
int rc; int rc;
@ -229,9 +229,9 @@ xchacha20_anycrypt(uint8_t *out, size_t *outlen, void *initparams,
return 1; return 1;
} }
rc = xchacha20_anycrypt_init(&ctx, initparams) && rc = xchacha20_anycrypt_init(&state, initparams) &&
chacha20_anycrypt_update(&ctx, out, &l0, in, inlen) && chacha20_anycrypt_update(&state, out, &l0, in, inlen) &&
chacha20_anycrypt_final(&ctx, out + l0, &l1); chacha20_anycrypt_final(&state, out + l0, &l1);
if (rc) if (rc)
*outlen = l0 + l1; *outlen = l0 + l1;
@ -251,7 +251,7 @@ static struct lc_cipher_impl chacha20_impl = {
.decrypt_final = &chacha20_anycrypt_final, .decrypt_final = &chacha20_anycrypt_final,
.decrypt = &chacha20_anycrypt, .decrypt = &chacha20_anycrypt,
.argsz = sizeof(struct chacha20_ctx), .argsz = sizeof(struct chacha20_state),
.blocklen = LC_CHACHA20_BLOCKLEN, .blocklen = LC_CHACHA20_BLOCKLEN,
}; };
@ -266,7 +266,7 @@ static struct lc_cipher_impl xchacha20_impl = {
.decrypt_final = &chacha20_anycrypt_final, .decrypt_final = &chacha20_anycrypt_final,
.decrypt = &xchacha20_anycrypt, .decrypt = &xchacha20_anycrypt,
.argsz = sizeof(struct chacha20_ctx), .argsz = sizeof(struct chacha20_state),
.blocklen = LC_XCHACHA20_BLOCKLEN, .blocklen = LC_XCHACHA20_BLOCKLEN,
}; };

View File

@ -56,23 +56,23 @@
static int static int
sha224_init(void *arg) sha224_init(void *arg)
{ {
struct sha256_ctx *ctx = arg; struct sha256_state *state = arg;
size_t i; size_t i;
ctx->h0 = SHA224_H0_0; state->h0 = SHA224_H0_0;
ctx->h1 = SHA224_H0_1; state->h1 = SHA224_H0_1;
ctx->h2 = SHA224_H0_2; state->h2 = SHA224_H0_2;
ctx->h3 = SHA224_H0_3; state->h3 = SHA224_H0_3;
ctx->h4 = SHA224_H0_4; state->h4 = SHA224_H0_4;
ctx->h5 = SHA224_H0_5; state->h5 = SHA224_H0_5;
ctx->h6 = SHA224_H0_6; state->h6 = SHA224_H0_6;
ctx->h7 = SHA224_H0_7; state->h7 = SHA224_H0_7;
ctx->sz = 0; state->sz = 0;
ctx->mlen = 0; state->mlen = 0;
for (i = 0; i < LC_SHA256_BLOCKLEN; i++) for (i = 0; i < LC_SHA256_BLOCKLEN; i++)
ctx->m[i] = 0; state->m[i] = 0;
return 1; return 1;
} }
@ -80,23 +80,23 @@ sha224_init(void *arg)
static int static int
sha256_init(void *arg) sha256_init(void *arg)
{ {
struct sha256_ctx *ctx = arg; struct sha256_state *state = arg;
size_t i; size_t i;
ctx->h0 = SHA256_H0_0; state->h0 = SHA256_H0_0;
ctx->h1 = SHA256_H0_1; state->h1 = SHA256_H0_1;
ctx->h2 = SHA256_H0_2; state->h2 = SHA256_H0_2;
ctx->h3 = SHA256_H0_3; state->h3 = SHA256_H0_3;
ctx->h4 = SHA256_H0_4; state->h4 = SHA256_H0_4;
ctx->h5 = SHA256_H0_5; state->h5 = SHA256_H0_5;
ctx->h6 = SHA256_H0_6; state->h6 = SHA256_H0_6;
ctx->h7 = SHA256_H0_7; state->h7 = SHA256_H0_7;
ctx->sz = 0; state->sz = 0;
ctx->mlen = 0; state->mlen = 0;
for (i = 0; i < LC_SHA256_BLOCKLEN; i++) for (i = 0; i < LC_SHA256_BLOCKLEN; i++)
ctx->m[i] = 0; state->m[i] = 0;
return 1; return 1;
} }
@ -104,22 +104,22 @@ sha256_init(void *arg)
static int static int
sha224_sha256_update(void *arg, const uint8_t *in, size_t inlen) sha224_sha256_update(void *arg, const uint8_t *in, size_t inlen)
{ {
struct sha256_ctx *ctx = arg; struct sha256_state *state = arg;
size_t i; size_t i;
if (inlen > SHA256_SZ_MAX - ctx->sz) if (inlen > SHA256_SZ_MAX - state->sz)
return 0; return 0;
ctx->sz += inlen; state->sz += inlen;
for (i = 0; i + ctx->mlen < LC_SHA256_BLOCKLEN && i < inlen; i++) for (i = 0; i + state->mlen < LC_SHA256_BLOCKLEN && i < inlen; i++)
ctx->m[i + ctx->mlen] = in[i]; state->m[i + state->mlen] = in[i];
ctx->mlen += i; state->mlen += i;
in += i; in += i;
inlen -= i; inlen -= i;
if (ctx->mlen == LC_SHA256_BLOCKLEN) { if (state->mlen == LC_SHA256_BLOCKLEN) {
sha256_block(ctx); sha256_block(state);
ctx->mlen = 0; state->mlen = 0;
} }
if (inlen == 0) if (inlen == 0)
@ -127,16 +127,16 @@ sha224_sha256_update(void *arg, const uint8_t *in, size_t inlen)
while (inlen >= LC_SHA256_BLOCKLEN) { while (inlen >= LC_SHA256_BLOCKLEN) {
for (i = 0; i < LC_SHA256_BLOCKLEN; i++) for (i = 0; i < LC_SHA256_BLOCKLEN; i++)
ctx->m[i] = in[i]; state->m[i] = in[i];
in += i; in += i;
inlen -= i; inlen -= i;
sha256_block(ctx); sha256_block(state);
} }
for (i = 0; i < inlen; i++) for (i = 0; i < inlen; i++)
ctx->m[i] = in[i]; state->m[i] = in[i];
ctx->mlen = inlen; state->mlen = inlen;
return 1; return 1;
} }
@ -154,45 +154,45 @@ sha256_update(void *arg, const uint8_t *in, size_t inlen)
} }
static void static void
sha224_sha256_final(struct sha256_ctx *ctx) sha224_sha256_final(struct sha256_state *state)
{ {
size_t i, mlen; size_t i, mlen;
mlen = ctx->mlen; mlen = state->mlen;
ctx->m[mlen++] = 0x80; state->m[mlen++] = 0x80;
if (mlen >= LC_SHA256_BLOCKLEN - sizeof(uint64_t)) { if (mlen >= LC_SHA256_BLOCKLEN - sizeof(uint64_t)) {
for (i = mlen; i < LC_SHA256_BLOCKLEN; i++) for (i = mlen; i < LC_SHA256_BLOCKLEN; i++)
ctx->m[i] = 0; state->m[i] = 0;
sha256_block(ctx); sha256_block(state);
mlen = 0; mlen = 0;
} }
for (i = mlen; i < LC_SHA256_BLOCKLEN - sizeof(uint64_t); i++) for (i = mlen; i < LC_SHA256_BLOCKLEN - sizeof(uint64_t); i++)
ctx->m[i] = 0; state->m[i] = 0;
store64be(&ctx->m[i], ctx->sz << 3); store64be(&state->m[i], state->sz << 3);
sha256_block(ctx); sha256_block(state);
} }
static int static int
sha224_final(void *arg, uint8_t *out, size_t *outlen) sha224_final(void *arg, uint8_t *out, size_t *outlen)
{ {
struct sha256_ctx *ctx = arg; struct sha256_state *state = arg;
*outlen = LC_SHA224_HASHLEN; *outlen = LC_SHA224_HASHLEN;
if (out == NULL) if (out == NULL)
return 1; return 1;
sha224_sha256_final(ctx); sha224_sha256_final(state);
store32be(out, ctx->h0); store32be(out, state->h0);
store32be(out + 4, ctx->h1); store32be(out + 4, state->h1);
store32be(out + 8, ctx->h2); store32be(out + 8, state->h2);
store32be(out + 12, ctx->h3); store32be(out + 12, state->h3);
store32be(out + 16, ctx->h4); store32be(out + 16, state->h4);
store32be(out + 20, ctx->h5); store32be(out + 20, state->h5);
store32be(out + 24, ctx->h6); store32be(out + 24, state->h6);
lc_scrub(ctx, sizeof(*ctx)); lc_scrub(state, sizeof(*state));
return 1; return 1;
} }
@ -200,23 +200,23 @@ sha224_final(void *arg, uint8_t *out, size_t *outlen)
static int static int
sha256_final(void *arg, uint8_t *out, size_t *outlen) sha256_final(void *arg, uint8_t *out, size_t *outlen)
{ {
struct sha256_ctx *ctx = arg; struct sha256_state *state = arg;
*outlen = LC_SHA256_HASHLEN; *outlen = LC_SHA256_HASHLEN;
if (out == NULL) if (out == NULL)
return 1; return 1;
sha224_sha256_final(ctx); sha224_sha256_final(state);
store32be(out, ctx->h0); store32be(out, state->h0);
store32be(out + 4, ctx->h1); store32be(out + 4, state->h1);
store32be(out + 8, ctx->h2); store32be(out + 8, state->h2);
store32be(out + 12, ctx->h3); store32be(out + 12, state->h3);
store32be(out + 16, ctx->h4); store32be(out + 16, state->h4);
store32be(out + 20, ctx->h5); store32be(out + 20, state->h5);
store32be(out + 24, ctx->h6); store32be(out + 24, state->h6);
store32be(out + 28, ctx->h7); store32be(out + 28, state->h7);
lc_scrub(ctx, sizeof(*ctx)); lc_scrub(state, sizeof(*state));
return 1; return 1;
} }
@ -224,31 +224,31 @@ sha256_final(void *arg, uint8_t *out, size_t *outlen)
static int static int
sha224_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen) sha224_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen)
{ {
struct sha256_ctx ctx; struct sha256_state state;
if (out == NULL) { if (out == NULL) {
*outlen = LC_SHA224_HASHLEN; *outlen = LC_SHA224_HASHLEN;
return 1; return 1;
} }
return sha224_init(&ctx) && return sha224_init(&state) &&
sha224_update(&ctx, in, inlen) && sha224_update(&state, in, inlen) &&
sha224_final(&ctx, out, outlen); sha224_final(&state, out, outlen);
} }
static int static int
sha256_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen) sha256_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen)
{ {
struct sha256_ctx ctx; struct sha256_state state;
if (out == NULL) { if (out == NULL) {
*outlen = LC_SHA256_HASHLEN; *outlen = LC_SHA256_HASHLEN;
return 1; return 1;
} }
return sha256_init(&ctx) && return sha256_init(&state) &&
sha256_update(&ctx, in, inlen) && sha256_update(&state, in, inlen) &&
sha256_final(&ctx, out, outlen); sha256_final(&state, out, outlen);
} }
@ -258,7 +258,7 @@ static struct lc_hash_impl sha224_impl = {
.final = &sha224_final, .final = &sha224_final,
.hash = &sha224_hash, .hash = &sha224_hash,
.argsz = sizeof(struct sha256_ctx), .argsz = sizeof(struct sha256_state),
.blocklen = LC_SHA224_BLOCKLEN, .blocklen = LC_SHA224_BLOCKLEN,
.hashlen = LC_SHA224_HASHLEN, .hashlen = LC_SHA224_HASHLEN,
}; };
@ -269,7 +269,7 @@ static struct lc_hash_impl sha256_impl = {
.final = &sha256_final, .final = &sha256_final,
.hash = &sha256_hash, .hash = &sha256_hash,
.argsz = sizeof(struct sha256_ctx), .argsz = sizeof(struct sha256_state),
.blocklen = LC_SHA256_BLOCKLEN, .blocklen = LC_SHA256_BLOCKLEN,
.hashlen = LC_SHA256_HASHLEN, .hashlen = LC_SHA256_HASHLEN,
}; };

View File

@ -57,23 +57,23 @@
static int static int
sha384_init(void *arg) sha384_init(void *arg)
{ {
struct sha512_ctx *ctx = arg; struct sha512_state *state = arg;
size_t i; size_t i;
ctx->h0 = SHA384_H0_0; state->h0 = SHA384_H0_0;
ctx->h1 = SHA384_H0_1; state->h1 = SHA384_H0_1;
ctx->h2 = SHA384_H0_2; state->h2 = SHA384_H0_2;
ctx->h3 = SHA384_H0_3; state->h3 = SHA384_H0_3;
ctx->h4 = SHA384_H0_4; state->h4 = SHA384_H0_4;
ctx->h5 = SHA384_H0_5; state->h5 = SHA384_H0_5;
ctx->h6 = SHA384_H0_6; state->h6 = SHA384_H0_6;
ctx->h7 = SHA384_H0_7; state->h7 = SHA384_H0_7;
ctx->szhi = ctx->szlo = 0; state->szhi = state->szlo = 0;
ctx->mlen = 0; state->mlen = 0;
for (i = 0; i < LC_SHA512_BLOCKLEN; i++) for (i = 0; i < LC_SHA512_BLOCKLEN; i++)
ctx->m[i] = 0; state->m[i] = 0;
return 1; return 1;
} }
@ -81,23 +81,23 @@ sha384_init(void *arg)
static int static int
sha512_init(void *arg) sha512_init(void *arg)
{ {
struct sha512_ctx *ctx = arg; struct sha512_state *state = arg;
size_t i; size_t i;
ctx->h0 = SHA512_H0_0; state->h0 = SHA512_H0_0;
ctx->h1 = SHA512_H0_1; state->h1 = SHA512_H0_1;
ctx->h2 = SHA512_H0_2; state->h2 = SHA512_H0_2;
ctx->h3 = SHA512_H0_3; state->h3 = SHA512_H0_3;
ctx->h4 = SHA512_H0_4; state->h4 = SHA512_H0_4;
ctx->h5 = SHA512_H0_5; state->h5 = SHA512_H0_5;
ctx->h6 = SHA512_H0_6; state->h6 = SHA512_H0_6;
ctx->h7 = SHA512_H0_7; state->h7 = SHA512_H0_7;
ctx->szhi = ctx->szlo = 0; state->szhi = state->szlo = 0;
ctx->mlen = 0; state->mlen = 0;
for (i = 0; i < LC_SHA512_BLOCKLEN; i++) for (i = 0; i < LC_SHA512_BLOCKLEN; i++)
ctx->m[i] = 0; state->m[i] = 0;
return 1; return 1;
} }
@ -105,26 +105,26 @@ sha512_init(void *arg)
static int static int
sha384_sha512_update(void *arg, const uint8_t *in, size_t inlen) sha384_sha512_update(void *arg, const uint8_t *in, size_t inlen)
{ {
struct sha512_ctx *ctx = arg; struct sha512_state *state = arg;
size_t i; size_t i;
if (inlen > SHA512_SZLO_MAX - ctx->szlo) { if (inlen > SHA512_SZLO_MAX - state->szlo) {
if (ctx->szhi == SHA512_SZHI_MAX) if (state->szhi == SHA512_SZHI_MAX)
return 0; return 0;
ctx->szlo += inlen; state->szlo += inlen;
ctx->szhi++; state->szhi++;
} else } else
ctx->szlo += inlen; state->szlo += inlen;
for (i = 0; i + ctx->mlen < LC_SHA512_BLOCKLEN && i < inlen; i++) for (i = 0; i + state->mlen < LC_SHA512_BLOCKLEN && i < inlen; i++)
ctx->m[i + ctx->mlen] = in[i]; state->m[i + state->mlen] = in[i];
ctx->mlen += i; state->mlen += i;
in += i; in += i;
inlen -= i; inlen -= i;
if (ctx->mlen == LC_SHA512_BLOCKLEN) { if (state->mlen == LC_SHA512_BLOCKLEN) {
sha512_block(ctx); sha512_block(state);
ctx->mlen = 0; state->mlen = 0;
} }
if (inlen == 0) if (inlen == 0)
@ -132,16 +132,16 @@ sha384_sha512_update(void *arg, const uint8_t *in, size_t inlen)
while (inlen >= LC_SHA512_BLOCKLEN) { while (inlen >= LC_SHA512_BLOCKLEN) {
for (i = 0; i < LC_SHA512_BLOCKLEN; i++) for (i = 0; i < LC_SHA512_BLOCKLEN; i++)
ctx->m[i] = in[i]; state->m[i] = in[i];
in += i; in += i;
inlen -= i; inlen -= i;
sha512_block(ctx); sha512_block(state);
} }
for (i = 0; i < inlen; i++) for (i = 0; i < inlen; i++)
ctx->m[i] = in[i]; state->m[i] = in[i];
ctx->mlen = inlen; state->mlen = inlen;
return 1; return 1;
} }
@ -159,45 +159,45 @@ sha512_update(void *arg, const uint8_t *in, size_t inlen)
} }
static void static void
sha384_sha512_final(struct sha512_ctx *ctx) sha384_sha512_final(struct sha512_state *state)
{ {
size_t i, mlen; size_t i, mlen;
mlen = ctx->mlen; mlen = state->mlen;
ctx->m[mlen++] = 0x80; state->m[mlen++] = 0x80;
if (mlen >= LC_SHA512_BLOCKLEN - 2 * sizeof(uint64_t)) { if (mlen >= LC_SHA512_BLOCKLEN - 2 * sizeof(uint64_t)) {
for (i = mlen; i < LC_SHA512_BLOCKLEN; i++) for (i = mlen; i < LC_SHA512_BLOCKLEN; i++)
ctx->m[i] = 0; state->m[i] = 0;
sha512_block(ctx); sha512_block(state);
mlen = 0; mlen = 0;
} }
for (i = mlen; i < LC_SHA512_BLOCKLEN - 2 * sizeof(uint64_t); i++) for (i = mlen; i < LC_SHA512_BLOCKLEN - 2 * sizeof(uint64_t); i++)
ctx->m[i] = 0; state->m[i] = 0;
store64be(&ctx->m[i], (ctx->szhi << 3) | (ctx->szlo >> 63)); store64be(&state->m[i], (state->szhi << 3) | (state->szlo >> 63));
store64be(&ctx->m[i + sizeof(uint64_t)], ctx->szlo << 3); store64be(&state->m[i + sizeof(uint64_t)], state->szlo << 3);
sha512_block(ctx); sha512_block(state);
} }
static int static int
sha384_final(void *arg, uint8_t *out, size_t *outlen) sha384_final(void *arg, uint8_t *out, size_t *outlen)
{ {
struct sha512_ctx *ctx = arg; struct sha512_state *state = arg;
*outlen = LC_SHA384_HASHLEN; *outlen = LC_SHA384_HASHLEN;
if (out == NULL) if (out == NULL)
return 1; return 1;
sha384_sha512_final(ctx); sha384_sha512_final(state);
store64be(out, ctx->h0); store64be(out, state->h0);
store64be(out + 8, ctx->h1); store64be(out + 8, state->h1);
store64be(out + 16, ctx->h2); store64be(out + 16, state->h2);
store64be(out + 24, ctx->h3); store64be(out + 24, state->h3);
store64be(out + 32, ctx->h4); store64be(out + 32, state->h4);
store64be(out + 40, ctx->h5); store64be(out + 40, state->h5);
lc_scrub(ctx, sizeof(*ctx)); lc_scrub(state, sizeof(*state));
return 1; return 1;
} }
@ -205,23 +205,23 @@ sha384_final(void *arg, uint8_t *out, size_t *outlen)
static int static int
sha512_final(void *arg, uint8_t *out, size_t *outlen) sha512_final(void *arg, uint8_t *out, size_t *outlen)
{ {
struct sha512_ctx *ctx = arg; struct sha512_state *state = arg;
*outlen = LC_SHA512_HASHLEN; *outlen = LC_SHA512_HASHLEN;
if (out == NULL) if (out == NULL)
return 1; return 1;
sha384_sha512_final(ctx); sha384_sha512_final(state);
store64be(out, ctx->h0); store64be(out, state->h0);
store64be(out + 8, ctx->h1); store64be(out + 8, state->h1);
store64be(out + 16, ctx->h2); store64be(out + 16, state->h2);
store64be(out + 24, ctx->h3); store64be(out + 24, state->h3);
store64be(out + 32, ctx->h4); store64be(out + 32, state->h4);
store64be(out + 40, ctx->h5); store64be(out + 40, state->h5);
store64be(out + 48, ctx->h6); store64be(out + 48, state->h6);
store64be(out + 56, ctx->h7); store64be(out + 56, state->h7);
lc_scrub(ctx, sizeof(*ctx)); lc_scrub(state, sizeof(*state));
return 1; return 1;
} }
@ -229,31 +229,31 @@ sha512_final(void *arg, uint8_t *out, size_t *outlen)
static int static int
sha384_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen) sha384_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen)
{ {
struct sha512_ctx ctx; struct sha512_state state;
if (out == NULL) { if (out == NULL) {
*outlen = LC_SHA384_HASHLEN; *outlen = LC_SHA384_HASHLEN;
return 1; return 1;
} }
return sha384_init(&ctx) && return sha384_init(&state) &&
sha384_update(&ctx, in, inlen) && sha384_update(&state, in, inlen) &&
sha384_final(&ctx, out, outlen); sha384_final(&state, out, outlen);
} }
static int static int
sha512_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen) sha512_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen)
{ {
struct sha512_ctx ctx; struct sha512_state state;
if (out == NULL) { if (out == NULL) {
*outlen = LC_SHA512_HASHLEN; *outlen = LC_SHA512_HASHLEN;
return 1; return 1;
} }
return sha512_init(&ctx) && return sha512_init(&state) &&
sha512_update(&ctx, in, inlen) && sha512_update(&state, in, inlen) &&
sha512_final(&ctx, out, outlen); sha512_final(&state, out, outlen);
} }
@ -263,7 +263,7 @@ static struct lc_hash_impl sha384_impl = {
.final = &sha384_final, .final = &sha384_final,
.hash = &sha384_hash, .hash = &sha384_hash,
.argsz = sizeof(struct sha512_ctx), .argsz = sizeof(struct sha512_state),
.blocklen = LC_SHA384_BLOCKLEN, .blocklen = LC_SHA384_BLOCKLEN,
.hashlen = LC_SHA384_HASHLEN, .hashlen = LC_SHA384_HASHLEN,
}; };
@ -274,7 +274,7 @@ static struct lc_hash_impl sha512_impl = {
.final = &sha512_final, .final = &sha512_final,
.hash = &sha512_hash, .hash = &sha512_hash,
.argsz = sizeof(struct sha512_ctx), .argsz = sizeof(struct sha512_state),
.blocklen = LC_SHA512_BLOCKLEN, .blocklen = LC_SHA512_BLOCKLEN,
.hashlen = LC_SHA512_HASHLEN, .hashlen = LC_SHA512_HASHLEN,
}; };

View File

@ -43,7 +43,7 @@
void void
chacha20_block(struct chacha20_ctx *ctx) chacha20_block(struct chacha20_state *state)
{ {
uint32_t x[CHACHA20_BLOCKLEN_WORDS]; uint32_t x[CHACHA20_BLOCKLEN_WORDS];
size_t i; size_t i;
@ -52,21 +52,21 @@ chacha20_block(struct chacha20_ctx *ctx)
x[1] = SIGMA1; x[1] = SIGMA1;
x[2] = SIGMA2; x[2] = SIGMA2;
x[3] = SIGMA3; x[3] = SIGMA3;
x[4] = ctx->k[0]; x[4] = state->k[0];
x[5] = ctx->k[1]; x[5] = state->k[1];
x[6] = ctx->k[2]; x[6] = state->k[2];
x[7] = ctx->k[3]; x[7] = state->k[3];
x[8] = ctx->k[4]; x[8] = state->k[4];
x[9] = ctx->k[5]; x[9] = state->k[5];
x[10] = ctx->k[6]; x[10] = state->k[6];
x[11] = ctx->k[7]; x[11] = state->k[7];
x[12] = ctx->n[0]; x[12] = state->n[0];
x[13] = ctx->n[1]; x[13] = state->n[1];
x[14] = ctx->n[2]; x[14] = state->n[2];
x[15] = ctx->n[3]; x[15] = state->n[3];
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++)
ctx->s[i] = x[i]; state->s[i] = x[i];
for (i = 0; i < CHACHA20_ROUNDS; i++) { for (i = 0; i < CHACHA20_ROUNDS; i++) {
QUARTERROUND(x[0], x[4], x[8], x[12]); QUARTERROUND(x[0], x[4], x[8], x[12]);
@ -81,11 +81,11 @@ chacha20_block(struct chacha20_ctx *ctx)
} }
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++)
ctx->s[i] += x[i]; state->s[i] += x[i];
} }
void void
hchacha20_block(struct chacha20_ctx *ctx) hchacha20_block(struct chacha20_state *state)
{ {
uint32_t x[CHACHA20_BLOCKLEN_WORDS]; uint32_t x[CHACHA20_BLOCKLEN_WORDS];
size_t i; size_t i;
@ -94,18 +94,18 @@ hchacha20_block(struct chacha20_ctx *ctx)
x[1] = SIGMA1; x[1] = SIGMA1;
x[2] = SIGMA2; x[2] = SIGMA2;
x[3] = SIGMA3; x[3] = SIGMA3;
x[4] = ctx->k[0]; x[4] = state->k[0];
x[5] = ctx->k[1]; x[5] = state->k[1];
x[6] = ctx->k[2]; x[6] = state->k[2];
x[7] = ctx->k[3]; x[7] = state->k[3];
x[8] = ctx->k[4]; x[8] = state->k[4];
x[9] = ctx->k[5]; x[9] = state->k[5];
x[10] = ctx->k[6]; x[10] = state->k[6];
x[11] = ctx->k[7]; x[11] = state->k[7];
x[12] = ctx->n[0]; x[12] = state->n[0];
x[13] = ctx->n[1]; x[13] = state->n[1];
x[14] = ctx->n[2]; x[14] = state->n[2];
x[15] = ctx->n[3]; x[15] = state->n[3];
for (i = 0; i < CHACHA20_ROUNDS; i++) { for (i = 0; i < CHACHA20_ROUNDS; i++) {
QUARTERROUND(x[0], x[4], x[8], x[12]); QUARTERROUND(x[0], x[4], x[8], x[12]);
@ -120,5 +120,5 @@ hchacha20_block(struct chacha20_ctx *ctx)
} }
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++)
ctx->s[i] = x[i]; state->s[i] = x[i];
} }

View File

@ -24,7 +24,7 @@
#define CHACHA20_ROUNDS 10 #define CHACHA20_ROUNDS 10
struct chacha20_ctx { struct chacha20_state {
uint32_t s[CHACHA20_BLOCKLEN_WORDS]; uint32_t s[CHACHA20_BLOCKLEN_WORDS];
uint32_t k[CHACHA20_KEY_WORDS]; uint32_t k[CHACHA20_KEY_WORDS];
uint32_t n[CHACHA20_NONCE_WORDS]; uint32_t n[CHACHA20_NONCE_WORDS];
@ -33,5 +33,5 @@ struct chacha20_ctx {
}; };
void chacha20_block(struct chacha20_ctx *); void chacha20_block(struct chacha20_state *);
void hchacha20_block(struct chacha20_ctx *); void hchacha20_block(struct chacha20_state *);

View File

@ -20,7 +20,7 @@
#define HMAC_BLOCKLEN_MAX LC_SHA512_BLOCKLEN #define HMAC_BLOCKLEN_MAX LC_SHA512_BLOCKLEN
struct hmac_ctx { struct hmac_state {
struct lc_hash_ctx *hash; struct lc_hash_ctx *hash;
uint8_t key[HMAC_BLOCKLEN_MAX]; uint8_t key[HMAC_BLOCKLEN_MAX];
}; };

View File

@ -147,30 +147,30 @@
*/ */
void void
poly1305_block(struct poly1305_ctx *ctx, uint32_t hibit) poly1305_block(struct poly1305_state *state, uint32_t hibit)
{ {
uint64_t h0, h1, h2, h3, h4, t0, t1, t2, t3, t4; uint64_t h0, h1, h2, h3, h4, t0, t1, t2, t3, t4;
uint32_t r0, r1, r2, r3, r4, x1, x2, x3, x4; uint32_t r0, r1, r2, r3, r4, x1, x2, x3, x4;
h0 = ctx->h0; h0 = state->h0;
h1 = ctx->h1; h1 = state->h1;
h2 = ctx->h2; h2 = state->h2;
h3 = ctx->h3; h3 = state->h3;
h4 = ctx->h4; h4 = state->h4;
r0 = ctx->r0; r0 = state->r0;
r1 = ctx->r1; r1 = state->r1;
r2 = ctx->r2; r2 = state->r2;
r3 = ctx->r3; r3 = state->r3;
r4 = ctx->r4; r4 = state->r4;
x1 = ctx->x1; x1 = state->x1;
x2 = ctx->x2; x2 = state->x2;
x3 = ctx->x3; x3 = state->x3;
x4 = ctx->x4; x4 = state->x4;
t0 = load32le(&ctx->m[0]); t0 = load32le(&state->m[0]);
t1 = load32le(&ctx->m[4]); t1 = load32le(&state->m[4]);
t2 = load32le(&ctx->m[8]); t2 = load32le(&state->m[8]);
t3 = load32le(&ctx->m[12]); t3 = load32le(&state->m[12]);
t4 = hibit; t4 = hibit;
h0 += t0 & 0x3ffffff; h0 += t0 & 0x3ffffff;
@ -199,24 +199,25 @@ poly1305_block(struct poly1305_ctx *ctx, uint32_t hibit)
h1 += h0 >> 26; h1 += h0 >> 26;
h0 &= 0x3ffffff; h0 &= 0x3ffffff;
ctx->h0 = h0; state->h0 = h0;
ctx->h1 = h1; state->h1 = h1;
ctx->h2 = h2; state->h2 = h2;
ctx->h3 = h3; state->h3 = h3;
ctx->h4 = h4; state->h4 = h4;
} }
void void
poly1305_reduce(struct poly1305_ctx *ctx, uint32_t a[POLY1305_TAGLEN_WORDS]) poly1305_reduce(struct poly1305_state *state,
uint32_t a[POLY1305_TAGLEN_WORDS])
{ {
uint64_t t0, t1, t2, t3, t4, g0, g1, g2, g3, g4; uint64_t t0, t1, t2, t3, t4, g0, g1, g2, g3, g4;
uint32_t mask; uint32_t mask;
t0 = (ctx->h0 | (ctx->h1 << 26)) & 0xffffffff; t0 = (state->h0 | (state->h1 << 26)) & 0xffffffff;
t1 = ((ctx->h1 >> 6) | (ctx->h2 << 20)) & 0xffffffff; t1 = ((state->h1 >> 6) | (state->h2 << 20)) & 0xffffffff;
t2 = ((ctx->h2 >> 12) | (ctx->h3 << 14)) & 0xffffffff; t2 = ((state->h2 >> 12) | (state->h3 << 14)) & 0xffffffff;
t3 = ((ctx->h3 >> 18) | (ctx->h4 << 8)) & 0xffffffff; t3 = ((state->h3 >> 18) | (state->h4 << 8)) & 0xffffffff;
t4 = ctx->h4 >> 24; t4 = state->h4 >> 24;
g0 = t0 + 5; g0 = t0 + 5;
g1 = t1 + (g0 >> 32); g1 = t1 + (g0 >> 32);
@ -231,10 +232,10 @@ poly1305_reduce(struct poly1305_ctx *ctx, uint32_t a[POLY1305_TAGLEN_WORDS])
t2 = (t2 & ~mask) | (g2 & mask); t2 = (t2 & ~mask) | (g2 & mask);
t3 = (t3 & ~mask) | (g3 & mask); t3 = (t3 & ~mask) | (g3 & mask);
t0 += ctx->s0; t0 += state->s0;
t1 += ctx->s1 + (t0 >> 32); t1 += state->s1 + (t0 >> 32);
t2 += ctx->s2 + (t1 >> 32); t2 += state->s2 + (t1 >> 32);
t3 += ctx->s3 + (t2 >> 32); t3 += state->s3 + (t2 >> 32);
a[0] = t0 & 0xffffffff; a[0] = t0 & 0xffffffff;
a[1] = t1 & 0xffffffff; a[1] = t1 & 0xffffffff;

View File

@ -20,7 +20,7 @@
#define POLY1305_TAGLEN_WORDS (LC_POLY1305_TAGLEN / sizeof(uint32_t)) #define POLY1305_TAGLEN_WORDS (LC_POLY1305_TAGLEN / sizeof(uint32_t))
struct poly1305_ctx { struct poly1305_state {
uint32_t h0, h1, h2, h3, h4; uint32_t h0, h1, h2, h3, h4;
uint32_t r0, r1, r2, r3, r4; uint32_t r0, r1, r2, r3, r4;
uint32_t x1, x2, x3, x4; uint32_t x1, x2, x3, x4;
@ -30,6 +30,6 @@ struct poly1305_ctx {
}; };
void poly1305_block(struct poly1305_ctx *, uint32_t); void poly1305_block(struct poly1305_state *, uint32_t);
void poly1305_reduce(struct poly1305_ctx *, void poly1305_reduce(struct poly1305_state *,
uint32_t [POLY1305_TAGLEN_WORDS]); uint32_t [POLY1305_TAGLEN_WORDS]);

View File

@ -48,26 +48,26 @@ static const uint32_t K[SHA256_ROUNDS] = {
#define SSIG1(x) (rotr32(x, 17) ^ rotr32(x, 19) ^ (x >> 10)) #define SSIG1(x) (rotr32(x, 17) ^ rotr32(x, 19) ^ (x >> 10))
void void
sha256_block(struct sha256_ctx *ctx) sha256_block(struct sha256_state *state)
{ {
uint32_t m[SHA256_BLOCKLEN_WORDS], W[SHA256_ROUNDS]; uint32_t m[SHA256_BLOCKLEN_WORDS], W[SHA256_ROUNDS];
uint32_t a, b, c, d, e, f, g, h, T1, T2; uint32_t a, b, c, d, e, f, g, h, T1, T2;
size_t i; size_t i;
for (i = 0; i < SHA256_BLOCKLEN_WORDS; i++) for (i = 0; i < SHA256_BLOCKLEN_WORDS; i++)
W[i] = m[i] = load32be(&ctx->m[i * 4]); W[i] = m[i] = load32be(&state->m[i * 4]);
for (; i < SHA256_ROUNDS; i++) for (; i < SHA256_ROUNDS; i++)
W[i] = SSIG1(W[i - 2]) + W[i - 7] + SSIG0(W[i - 15]) + W[i] = SSIG1(W[i - 2]) + W[i - 7] + SSIG0(W[i - 15]) +
W[i - 16]; W[i - 16];
a = ctx->h0; a = state->h0;
b = ctx->h1; b = state->h1;
c = ctx->h2; c = state->h2;
d = ctx->h3; d = state->h3;
e = ctx->h4; e = state->h4;
f = ctx->h5; f = state->h5;
g = ctx->h6; g = state->h6;
h = ctx->h7; h = state->h7;
for (i = 0; i < SHA256_ROUNDS; i++) { for (i = 0; i < SHA256_ROUNDS; i++) {
T1 = h + BSIG1(e) + CH(e, f, g) + K[i] + W[i]; T1 = h + BSIG1(e) + CH(e, f, g) + K[i] + W[i];
@ -82,12 +82,12 @@ sha256_block(struct sha256_ctx *ctx)
a = T1 + T2; a = T1 + T2;
} }
ctx->h0 += a; state->h0 += a;
ctx->h1 += b; state->h1 += b;
ctx->h2 += c; state->h2 += c;
ctx->h3 += d; state->h3 += d;
ctx->h4 += e; state->h4 += e;
ctx->h5 += f; state->h5 += f;
ctx->h6 += g; state->h6 += g;
ctx->h7 += h; state->h7 += h;
} }

View File

@ -21,7 +21,7 @@
#define SHA256_ROUNDS 64 #define SHA256_ROUNDS 64
struct sha256_ctx { struct sha256_state {
uint32_t h0, h1, h2, h3, h4, h5, h6, h7; uint32_t h0, h1, h2, h3, h4, h5, h6, h7;
uint64_t sz; uint64_t sz;
size_t mlen; size_t mlen;
@ -29,4 +29,4 @@ struct sha256_ctx {
}; };
void sha256_block(struct sha256_ctx *); void sha256_block(struct sha256_state *);

View File

@ -72,26 +72,26 @@ static const uint64_t K[SHA512_ROUNDS] = {
#define SSIG1(x) (rotr64(x, 19) ^ rotr64(x, 61) ^ (x >> 6)) #define SSIG1(x) (rotr64(x, 19) ^ rotr64(x, 61) ^ (x >> 6))
void void
sha512_block(struct sha512_ctx *ctx) sha512_block(struct sha512_state *state)
{ {
uint64_t m[SHA512_BLOCKLEN_WORDS], W[SHA512_ROUNDS]; uint64_t m[SHA512_BLOCKLEN_WORDS], W[SHA512_ROUNDS];
uint64_t a, b, c, d, e, f, g, h, T1, T2; uint64_t a, b, c, d, e, f, g, h, T1, T2;
size_t i; size_t i;
for (i = 0; i < SHA512_BLOCKLEN_WORDS; i++) for (i = 0; i < SHA512_BLOCKLEN_WORDS; i++)
W[i] = m[i] = load64be(&ctx->m[i * 8]); W[i] = m[i] = load64be(&state->m[i * 8]);
for (; i < SHA512_ROUNDS; i++) for (; i < SHA512_ROUNDS; i++)
W[i] = SSIG1(W[i - 2]) + W[i - 7] + SSIG0(W[i - 15]) + W[i] = SSIG1(W[i - 2]) + W[i - 7] + SSIG0(W[i - 15]) +
W[i - 16]; W[i - 16];
a = ctx->h0; a = state->h0;
b = ctx->h1; b = state->h1;
c = ctx->h2; c = state->h2;
d = ctx->h3; d = state->h3;
e = ctx->h4; e = state->h4;
f = ctx->h5; f = state->h5;
g = ctx->h6; g = state->h6;
h = ctx->h7; h = state->h7;
for (i = 0; i < SHA512_ROUNDS; i++) { for (i = 0; i < SHA512_ROUNDS; i++) {
T1 = h + BSIG1(e) + CH(e, f, g) + K[i] + W[i]; T1 = h + BSIG1(e) + CH(e, f, g) + K[i] + W[i];
@ -106,12 +106,12 @@ sha512_block(struct sha512_ctx *ctx)
a = T1 + T2; a = T1 + T2;
} }
ctx->h0 += a; state->h0 += a;
ctx->h1 += b; state->h1 += b;
ctx->h2 += c; state->h2 += c;
ctx->h3 += d; state->h3 += d;
ctx->h4 += e; state->h4 += e;
ctx->h5 += f; state->h5 += f;
ctx->h6 += g; state->h6 += g;
ctx->h7 += h; state->h7 += h;
} }

View File

@ -21,7 +21,7 @@
#define SHA512_ROUNDS 80 #define SHA512_ROUNDS 80
struct sha512_ctx { struct sha512_state {
uint64_t h0, h1, h2, h3, h4, h5, h6, h7; uint64_t h0, h1, h2, h3, h4, h5, h6, h7;
uint64_t szhi, szlo; uint64_t szhi, szlo;
size_t mlen; size_t mlen;
@ -29,4 +29,4 @@ struct sha512_ctx {
}; };
void sha512_block(struct sha512_ctx *); void sha512_block(struct sha512_state *);