Rename all algorithm-specific ctx to state
This commit is contained in:
parent
2b76f3df5b
commit
230dedac16
53
auth_hmac.c
53
auth_hmac.c
@ -31,68 +31,69 @@
|
|||||||
static int
|
static int
|
||||||
hmac_init(void *arg, void *initparams)
|
hmac_init(void *arg, void *initparams)
|
||||||
{
|
{
|
||||||
struct hmac_ctx *ctx = arg;
|
struct hmac_state *state = arg;
|
||||||
struct lc_hmac_params *params = initparams;
|
struct lc_hmac_params *params = initparams;
|
||||||
uint8_t ikeypad[HMAC_BLOCKLEN_MAX];
|
uint8_t ikeypad[HMAC_BLOCKLEN_MAX];
|
||||||
size_t i, olen, blen, keylen;
|
size_t i, olen, blen, keylen;
|
||||||
|
|
||||||
ctx->hash = params->hash;
|
state->hash = params->hash;
|
||||||
keylen = params->keylen;
|
keylen = params->keylen;
|
||||||
blen = params->hash->impl->blocklen;
|
blen = params->hash->impl->blocklen;
|
||||||
|
|
||||||
if (keylen > blen) {
|
if (keylen > blen) {
|
||||||
if (!lc_hash(ctx->hash->impl, ctx->key, &olen, params->key,
|
if (!lc_hash(state->hash->impl, state->key, &olen, params->key,
|
||||||
keylen))
|
keylen))
|
||||||
return 0;
|
return 0;
|
||||||
keylen = olen;
|
keylen = olen;
|
||||||
} else
|
} else
|
||||||
for (i = 0; i < keylen; i++)
|
for (i = 0; i < keylen; i++)
|
||||||
ctx->key[i] = params->key[i];
|
state->key[i] = params->key[i];
|
||||||
|
|
||||||
for (i = keylen; i < blen; i++)
|
for (i = keylen; i < blen; i++)
|
||||||
ctx->key[i] = 0;
|
state->key[i] = 0;
|
||||||
|
|
||||||
for (i = 0; i < blen; i++)
|
for (i = 0; i < blen; i++)
|
||||||
ikeypad[i] = ctx->key[i] ^ HMAC_IPAD;
|
ikeypad[i] = state->key[i] ^ HMAC_IPAD;
|
||||||
|
|
||||||
return lc_hash_init(ctx->hash) &&
|
return lc_hash_init(state->hash) &&
|
||||||
lc_hash_update(ctx->hash, ikeypad, blen);
|
lc_hash_update(state->hash, ikeypad, blen);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
hmac_update(void *arg, const uint8_t *in, size_t inlen)
|
hmac_update(void *arg, const uint8_t *in, size_t inlen)
|
||||||
{
|
{
|
||||||
struct hmac_ctx *ctx = arg;
|
struct hmac_state *state = arg;
|
||||||
|
|
||||||
return lc_hash_update(ctx->hash, in, inlen);
|
return lc_hash_update(state->hash, in, inlen);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
hmac_final(void *arg, uint8_t *out, size_t *outlen)
|
hmac_final(void *arg, uint8_t *out, size_t *outlen)
|
||||||
{
|
{
|
||||||
struct hmac_ctx *ctx = arg;
|
struct hmac_state *state = arg;
|
||||||
uint8_t m[HMAC_BLOCKLEN_MAX], okeypad[HMAC_BLOCKLEN_MAX];
|
uint8_t m[HMAC_BLOCKLEN_MAX],
|
||||||
|
okeypad[HMAC_BLOCKLEN_MAX];
|
||||||
size_t i, olen, blen;
|
size_t i, olen, blen;
|
||||||
int rc;
|
int rc;
|
||||||
|
|
||||||
if (out == NULL) {
|
if (out == NULL) {
|
||||||
*outlen = ctx->hash->impl->hashlen;
|
*outlen = state->hash->impl->hashlen;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
*outlen = 0;
|
*outlen = 0;
|
||||||
blen = ctx->hash->impl->blocklen;
|
blen = state->hash->impl->blocklen;
|
||||||
|
|
||||||
for (i = 0; i < blen; i++)
|
for (i = 0; i < blen; i++)
|
||||||
okeypad[i] = ctx->key[i] ^ HMAC_OPAD;
|
okeypad[i] = state->key[i] ^ HMAC_OPAD;
|
||||||
|
|
||||||
rc = lc_hash_final(ctx->hash, m, &olen) &&
|
rc = lc_hash_final(state->hash, m, &olen) &&
|
||||||
lc_hash_init(ctx->hash) &&
|
lc_hash_init(state->hash) &&
|
||||||
lc_hash_update(ctx->hash, okeypad, blen) &&
|
lc_hash_update(state->hash, okeypad, blen) &&
|
||||||
lc_hash_update(ctx->hash, m, olen) &&
|
lc_hash_update(state->hash, m, olen) &&
|
||||||
lc_hash_final(ctx->hash, out, outlen);
|
lc_hash_final(state->hash, out, outlen);
|
||||||
|
|
||||||
lc_scrub(ctx, sizeof(*ctx));
|
lc_scrub(state, sizeof(*state));
|
||||||
|
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
@ -102,16 +103,16 @@ hmac_auth(uint8_t *out, size_t *outlen, void *initparams, const uint8_t *in,
|
|||||||
size_t inlen)
|
size_t inlen)
|
||||||
{
|
{
|
||||||
struct lc_hmac_params *params = initparams;
|
struct lc_hmac_params *params = initparams;
|
||||||
struct hmac_ctx ctx;
|
struct hmac_state state;
|
||||||
|
|
||||||
if (out == NULL) {
|
if (out == NULL) {
|
||||||
*outlen = params->hash->impl->hashlen;
|
*outlen = params->hash->impl->hashlen;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
return hmac_init(&ctx, initparams) &&
|
return hmac_init(&state, initparams) &&
|
||||||
hmac_update(&ctx, in, inlen) &&
|
hmac_update(&state, in, inlen) &&
|
||||||
hmac_final(&ctx, out, outlen);
|
hmac_final(&state, out, outlen);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -121,7 +122,7 @@ static struct lc_auth_impl hmac_impl = {
|
|||||||
.final = &hmac_final,
|
.final = &hmac_final,
|
||||||
.auth = &hmac_auth,
|
.auth = &hmac_auth,
|
||||||
|
|
||||||
.argsz = sizeof(struct hmac_ctx),
|
.argsz = sizeof(struct hmac_state),
|
||||||
.blocklen = 0,
|
.blocklen = 0,
|
||||||
.taglen = 0,
|
.taglen = 0,
|
||||||
};
|
};
|
||||||
|
@ -27,40 +27,40 @@ static int
|
|||||||
poly1305_init(void *arg, void *initparams)
|
poly1305_init(void *arg, void *initparams)
|
||||||
{
|
{
|
||||||
struct lc_poly1305_params *params = initparams;
|
struct lc_poly1305_params *params = initparams;
|
||||||
struct poly1305_ctx *ctx = arg;
|
struct poly1305_state *state = arg;
|
||||||
size_t i;
|
size_t i;
|
||||||
uint32_t t0, t1, t2, t3;
|
uint32_t t0, t1, t2, t3;
|
||||||
|
|
||||||
ctx->h0 = 0;
|
state->h0 = 0;
|
||||||
ctx->h1 = 0;
|
state->h1 = 0;
|
||||||
ctx->h2 = 0;
|
state->h2 = 0;
|
||||||
ctx->h3 = 0;
|
state->h3 = 0;
|
||||||
ctx->h4 = 0;
|
state->h4 = 0;
|
||||||
|
|
||||||
t0 = load32le(¶ms->key[0]);
|
t0 = load32le(¶ms->key[0]);
|
||||||
t1 = load32le(¶ms->key[4]);
|
t1 = load32le(¶ms->key[4]);
|
||||||
t2 = load32le(¶ms->key[8]);
|
t2 = load32le(¶ms->key[8]);
|
||||||
t3 = load32le(¶ms->key[12]);
|
t3 = load32le(¶ms->key[12]);
|
||||||
|
|
||||||
ctx->r0 = t0 & 0x3ffffff;
|
state->r0 = t0 & 0x3ffffff;
|
||||||
ctx->r1 = ((t1 << 6) | (t0 >> 26)) & 0x3ffff03;
|
state->r1 = ((t1 << 6) | (t0 >> 26)) & 0x3ffff03;
|
||||||
ctx->r2 = ((t2 << 12) | (t1 >> 20)) & 0x3ffc0ff;
|
state->r2 = ((t2 << 12) | (t1 >> 20)) & 0x3ffc0ff;
|
||||||
ctx->r3 = ((t3 << 18) | (t2 >> 14)) & 0x3f03fff;
|
state->r3 = ((t3 << 18) | (t2 >> 14)) & 0x3f03fff;
|
||||||
ctx->r4 = (t3 >> 8) & 0xfffff;
|
state->r4 = (t3 >> 8) & 0xfffff;
|
||||||
|
|
||||||
ctx->x1 = 5 * ctx->r1;
|
state->x1 = 5 * state->r1;
|
||||||
ctx->x2 = 5 * ctx->r2;
|
state->x2 = 5 * state->r2;
|
||||||
ctx->x3 = 5 * ctx->r3;
|
state->x3 = 5 * state->r3;
|
||||||
ctx->x4 = 5 * ctx->r4;
|
state->x4 = 5 * state->r4;
|
||||||
|
|
||||||
ctx->s0 = load32le(¶ms->key[16]);
|
state->s0 = load32le(¶ms->key[16]);
|
||||||
ctx->s1 = load32le(¶ms->key[20]);
|
state->s1 = load32le(¶ms->key[20]);
|
||||||
ctx->s2 = load32le(¶ms->key[24]);
|
state->s2 = load32le(¶ms->key[24]);
|
||||||
ctx->s3 = load32le(¶ms->key[28]);
|
state->s3 = load32le(¶ms->key[28]);
|
||||||
|
|
||||||
ctx->mlen = 0;
|
state->mlen = 0;
|
||||||
for (i = 0; i < LC_POLY1305_BLOCKLEN; i++)
|
for (i = 0; i < LC_POLY1305_BLOCKLEN; i++)
|
||||||
ctx->m[i] = 0;
|
state->m[i] = 0;
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -68,18 +68,18 @@ poly1305_init(void *arg, void *initparams)
|
|||||||
static int
|
static int
|
||||||
poly1305_update(void *arg, const uint8_t *in, size_t inlen)
|
poly1305_update(void *arg, const uint8_t *in, size_t inlen)
|
||||||
{
|
{
|
||||||
struct poly1305_ctx *ctx = arg;
|
struct poly1305_state *state = arg;
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
for (i = 0; i + ctx->mlen < LC_POLY1305_BLOCKLEN && i < inlen; i++)
|
for (i = 0; i + state->mlen < LC_POLY1305_BLOCKLEN && i < inlen; i++)
|
||||||
ctx->m[i + ctx->mlen] = in[i];
|
state->m[i + state->mlen] = in[i];
|
||||||
ctx->mlen += i;
|
state->mlen += i;
|
||||||
in += i;
|
in += i;
|
||||||
inlen -= i;
|
inlen -= i;
|
||||||
|
|
||||||
if (ctx->mlen == LC_POLY1305_BLOCKLEN) {
|
if (state->mlen == LC_POLY1305_BLOCKLEN) {
|
||||||
poly1305_block(ctx, 1);
|
poly1305_block(state, 1);
|
||||||
ctx->mlen = 0;
|
state->mlen = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (inlen == 0)
|
if (inlen == 0)
|
||||||
@ -87,16 +87,16 @@ poly1305_update(void *arg, const uint8_t *in, size_t inlen)
|
|||||||
|
|
||||||
while (inlen >= LC_POLY1305_BLOCKLEN) {
|
while (inlen >= LC_POLY1305_BLOCKLEN) {
|
||||||
for (i = 0; i < LC_POLY1305_BLOCKLEN; i++)
|
for (i = 0; i < LC_POLY1305_BLOCKLEN; i++)
|
||||||
ctx->m[i] = in[i];
|
state->m[i] = in[i];
|
||||||
poly1305_block(ctx, 1);
|
poly1305_block(state, 1);
|
||||||
|
|
||||||
in += LC_POLY1305_BLOCKLEN;
|
in += LC_POLY1305_BLOCKLEN;
|
||||||
inlen -= LC_POLY1305_BLOCKLEN;
|
inlen -= LC_POLY1305_BLOCKLEN;
|
||||||
}
|
}
|
||||||
|
|
||||||
for (i = 0; i < inlen; i++)
|
for (i = 0; i < inlen; i++)
|
||||||
ctx->m[i] = in[i];
|
state->m[i] = in[i];
|
||||||
ctx->mlen = inlen;
|
state->mlen = inlen;
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -104,7 +104,7 @@ poly1305_update(void *arg, const uint8_t *in, size_t inlen)
|
|||||||
static int
|
static int
|
||||||
poly1305_final(void *arg, uint8_t *out, size_t *outlen)
|
poly1305_final(void *arg, uint8_t *out, size_t *outlen)
|
||||||
{
|
{
|
||||||
struct poly1305_ctx *ctx = arg;
|
struct poly1305_state *state = arg;
|
||||||
uint32_t tag[POLY1305_TAGLEN_WORDS];
|
uint32_t tag[POLY1305_TAGLEN_WORDS];
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
@ -112,24 +112,24 @@ poly1305_final(void *arg, uint8_t *out, size_t *outlen)
|
|||||||
if (out == NULL)
|
if (out == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
i = ctx->mlen;
|
i = state->mlen;
|
||||||
if (i > 0) {
|
if (i > 0) {
|
||||||
if (i < LC_POLY1305_BLOCKLEN) {
|
if (i < LC_POLY1305_BLOCKLEN) {
|
||||||
ctx->m[i++] = 1;
|
state->m[i++] = 1;
|
||||||
for (; i < LC_POLY1305_BLOCKLEN; i++)
|
for (; i < LC_POLY1305_BLOCKLEN; i++)
|
||||||
ctx->m[i] = 0;
|
state->m[i] = 0;
|
||||||
poly1305_block(ctx, 0);
|
poly1305_block(state, 0);
|
||||||
} else
|
} else
|
||||||
poly1305_block(ctx, 1);
|
poly1305_block(state, 1);
|
||||||
}
|
}
|
||||||
poly1305_reduce(ctx, tag);
|
poly1305_reduce(state, tag);
|
||||||
|
|
||||||
store32le(&out[0], tag[0]);
|
store32le(&out[0], tag[0]);
|
||||||
store32le(&out[4], tag[1]);
|
store32le(&out[4], tag[1]);
|
||||||
store32le(&out[8], tag[2]);
|
store32le(&out[8], tag[2]);
|
||||||
store32le(&out[12], tag[3]);
|
store32le(&out[12], tag[3]);
|
||||||
|
|
||||||
lc_scrub(ctx, sizeof(*ctx));
|
lc_scrub(state, sizeof(*state));
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -138,16 +138,16 @@ static int
|
|||||||
poly1305_auth(uint8_t *out, size_t *outlen, void *initparams,
|
poly1305_auth(uint8_t *out, size_t *outlen, void *initparams,
|
||||||
const uint8_t *in, size_t inlen)
|
const uint8_t *in, size_t inlen)
|
||||||
{
|
{
|
||||||
struct poly1305_ctx ctx;
|
struct poly1305_state state;
|
||||||
|
|
||||||
if (out == NULL) {
|
if (out == NULL) {
|
||||||
*outlen = LC_POLY1305_TAGLEN;
|
*outlen = LC_POLY1305_TAGLEN;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
return poly1305_init(&ctx, initparams) &&
|
return poly1305_init(&state, initparams) &&
|
||||||
poly1305_update(&ctx, in, inlen) &&
|
poly1305_update(&state, in, inlen) &&
|
||||||
poly1305_final(&ctx, out, outlen);
|
poly1305_final(&state, out, outlen);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -157,7 +157,7 @@ static struct lc_auth_impl poly1305_impl = {
|
|||||||
.final = &poly1305_final,
|
.final = &poly1305_final,
|
||||||
.auth = &poly1305_auth,
|
.auth = &poly1305_auth,
|
||||||
|
|
||||||
.argsz = sizeof(struct poly1305_ctx),
|
.argsz = sizeof(struct poly1305_state),
|
||||||
.blocklen = LC_POLY1305_BLOCKLEN,
|
.blocklen = LC_POLY1305_BLOCKLEN,
|
||||||
.taglen = LC_POLY1305_TAGLEN,
|
.taglen = LC_POLY1305_TAGLEN,
|
||||||
};
|
};
|
||||||
|
@ -34,17 +34,17 @@ static int
|
|||||||
chacha20_anycrypt_init(void *arg, void *initparams)
|
chacha20_anycrypt_init(void *arg, void *initparams)
|
||||||
{
|
{
|
||||||
struct lc_chacha20_params *params = initparams;
|
struct lc_chacha20_params *params = initparams;
|
||||||
struct chacha20_ctx *ctx = arg;
|
struct chacha20_state *state = arg;
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++)
|
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++)
|
||||||
ctx->s[i] = 0;
|
state->s[i] = 0;
|
||||||
for (i = 0; i < CHACHA20_KEY_WORDS; i++)
|
for (i = 0; i < CHACHA20_KEY_WORDS; i++)
|
||||||
ctx->k[i] = load32le(¶ms->key[i * 4]);
|
state->k[i] = load32le(¶ms->key[i * 4]);
|
||||||
ctx->n[0] = params->counter;
|
state->n[0] = params->counter;
|
||||||
for (i = 1; i < CHACHA20_NONCE_WORDS; i++)
|
for (i = 1; i < CHACHA20_NONCE_WORDS; i++)
|
||||||
ctx->n[i] = load32le(¶ms->nonce[(i - 1) * 4]);
|
state->n[i] = load32le(¶ms->nonce[(i - 1) * 4]);
|
||||||
ctx->mlen = 0;
|
state->mlen = 0;
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -53,31 +53,31 @@ static int
|
|||||||
xchacha20_anycrypt_init(void *arg, void *initparams)
|
xchacha20_anycrypt_init(void *arg, void *initparams)
|
||||||
{
|
{
|
||||||
struct lc_xchacha20_params *params = initparams;
|
struct lc_xchacha20_params *params = initparams;
|
||||||
struct chacha20_ctx *ctx = arg;
|
struct chacha20_state *state = arg;
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++)
|
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++)
|
||||||
ctx->s[i] = 0;
|
state->s[i] = 0;
|
||||||
for (i = 0; i < CHACHA20_KEY_WORDS; i++)
|
for (i = 0; i < CHACHA20_KEY_WORDS; i++)
|
||||||
ctx->k[i] = load32le(¶ms->key[i * 4]);
|
state->k[i] = load32le(¶ms->key[i * 4]);
|
||||||
for (i = 0; i < CHACHA20_NONCE_WORDS; i++)
|
for (i = 0; i < CHACHA20_NONCE_WORDS; i++)
|
||||||
ctx->n[i] = load32le(¶ms->nonce[i * 4]);
|
state->n[i] = load32le(¶ms->nonce[i * 4]);
|
||||||
ctx->mlen = 0;
|
state->mlen = 0;
|
||||||
|
|
||||||
hchacha20_block(ctx);
|
hchacha20_block(state);
|
||||||
|
|
||||||
ctx->k[0] = ctx->s[0];
|
state->k[0] = state->s[0];
|
||||||
ctx->k[1] = ctx->s[1];
|
state->k[1] = state->s[1];
|
||||||
ctx->k[2] = ctx->s[2];
|
state->k[2] = state->s[2];
|
||||||
ctx->k[3] = ctx->s[3];
|
state->k[3] = state->s[3];
|
||||||
ctx->k[4] = ctx->s[12];
|
state->k[4] = state->s[12];
|
||||||
ctx->k[5] = ctx->s[13];
|
state->k[5] = state->s[13];
|
||||||
ctx->k[6] = ctx->s[14];
|
state->k[6] = state->s[14];
|
||||||
ctx->k[7] = ctx->s[15];
|
state->k[7] = state->s[15];
|
||||||
ctx->n[0] = params->counter;
|
state->n[0] = params->counter;
|
||||||
ctx->n[1] = 0;
|
state->n[1] = 0;
|
||||||
ctx->n[2] = load32le(¶ms->nonce[16]);
|
state->n[2] = load32le(¶ms->nonce[16]);
|
||||||
ctx->n[3] = load32le(¶ms->nonce[20]);
|
state->n[3] = load32le(¶ms->nonce[20]);
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -86,52 +86,52 @@ static int
|
|||||||
chacha20_anycrypt_update(void *arg, uint8_t *out, size_t *outlen,
|
chacha20_anycrypt_update(void *arg, uint8_t *out, size_t *outlen,
|
||||||
const uint8_t *in, size_t inlen)
|
const uint8_t *in, size_t inlen)
|
||||||
{
|
{
|
||||||
struct chacha20_ctx *ctx = arg;
|
struct chacha20_state *state = arg;
|
||||||
size_t i, blocks;
|
size_t i, blocks;
|
||||||
uint32_t h;
|
uint32_t h;
|
||||||
|
|
||||||
*outlen = 0;
|
*outlen = 0;
|
||||||
if (inlen > SIZE_MAX - (LC_CHACHA20_BLOCKLEN - 1) - ctx->mlen)
|
if (inlen > SIZE_MAX - (LC_CHACHA20_BLOCKLEN - 1) - state->mlen)
|
||||||
return 0;
|
return 0;
|
||||||
blocks = (inlen + ctx->mlen + LC_CHACHA20_BLOCKLEN - 1) /
|
blocks = (inlen + state->mlen + LC_CHACHA20_BLOCKLEN - 1) /
|
||||||
LC_CHACHA20_BLOCKLEN;
|
LC_CHACHA20_BLOCKLEN;
|
||||||
if (blocks + ctx->n[0] > CHACHA20_CTRMAX)
|
if (blocks + state->n[0] > CHACHA20_CTRMAX)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
*outlen = ctx->mlen + inlen -
|
*outlen = state->mlen + inlen -
|
||||||
((ctx->mlen + inlen) % LC_CHACHA20_BLOCKLEN);
|
((state->mlen + inlen) % LC_CHACHA20_BLOCKLEN);
|
||||||
if (out == NULL)
|
if (out == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
for (i = 0; i + ctx->mlen < LC_CHACHA20_BLOCKLEN && i < inlen; i++)
|
for (i = 0; i + state->mlen < LC_CHACHA20_BLOCKLEN && i < inlen; i++)
|
||||||
ctx->m[i + ctx->mlen] = in[i];
|
state->m[i + state->mlen] = in[i];
|
||||||
ctx->mlen += i;
|
state->mlen += i;
|
||||||
in += i;
|
in += i;
|
||||||
inlen -= i;
|
inlen -= i;
|
||||||
|
|
||||||
if (ctx->mlen == LC_CHACHA20_BLOCKLEN) {
|
if (state->mlen == LC_CHACHA20_BLOCKLEN) {
|
||||||
chacha20_block(ctx);
|
chacha20_block(state);
|
||||||
ctx->n[0]++;
|
state->n[0]++;
|
||||||
|
|
||||||
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) {
|
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) {
|
||||||
h = load32le(&ctx->m[i * 4]);
|
h = load32le(&state->m[i * 4]);
|
||||||
h ^= ctx->s[i];
|
h ^= state->s[i];
|
||||||
store32le(&out[i * 4], h);
|
store32le(&out[i * 4], h);
|
||||||
}
|
}
|
||||||
out += LC_CHACHA20_BLOCKLEN;
|
out += LC_CHACHA20_BLOCKLEN;
|
||||||
ctx->mlen = 0;
|
state->mlen = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (inlen == 0)
|
if (inlen == 0)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
while (inlen >= LC_CHACHA20_BLOCKLEN) {
|
while (inlen >= LC_CHACHA20_BLOCKLEN) {
|
||||||
chacha20_block(ctx);
|
chacha20_block(state);
|
||||||
ctx->n[0]++;
|
state->n[0]++;
|
||||||
|
|
||||||
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) {
|
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) {
|
||||||
h = load32le(&in[i * 4]);
|
h = load32le(&in[i * 4]);
|
||||||
h ^= ctx->s[i];
|
h ^= state->s[i];
|
||||||
store32le(&out[i * 4], h);
|
store32le(&out[i * 4], h);
|
||||||
}
|
}
|
||||||
out += LC_CHACHA20_BLOCKLEN;
|
out += LC_CHACHA20_BLOCKLEN;
|
||||||
@ -140,8 +140,8 @@ chacha20_anycrypt_update(void *arg, uint8_t *out, size_t *outlen,
|
|||||||
}
|
}
|
||||||
|
|
||||||
for (i = 0; i < inlen; i++)
|
for (i = 0; i < inlen; i++)
|
||||||
ctx->m[i] = in[i];
|
state->m[i] = in[i];
|
||||||
ctx->mlen = inlen;
|
state->mlen = inlen;
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -149,32 +149,32 @@ chacha20_anycrypt_update(void *arg, uint8_t *out, size_t *outlen,
|
|||||||
static int
|
static int
|
||||||
chacha20_anycrypt_final(void *arg, uint8_t *out, size_t *outlen)
|
chacha20_anycrypt_final(void *arg, uint8_t *out, size_t *outlen)
|
||||||
{
|
{
|
||||||
struct chacha20_ctx *ctx = arg;
|
struct chacha20_state *state = arg;
|
||||||
size_t i, off;
|
size_t i, off;
|
||||||
uint32_t h;
|
uint32_t h;
|
||||||
uint8_t s[4];
|
uint8_t s[4];
|
||||||
|
|
||||||
*outlen = ctx->mlen;
|
*outlen = state->mlen;
|
||||||
if (out == NULL)
|
if (out == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
if (ctx->mlen > 0)
|
if (state->mlen > 0)
|
||||||
chacha20_block(ctx);
|
chacha20_block(state);
|
||||||
|
|
||||||
for (i = 0; i < ctx->mlen / 4; i++) {
|
for (i = 0; i < state->mlen / 4; i++) {
|
||||||
h = load32le(&ctx->m[i * 4]);
|
h = load32le(&state->m[i * 4]);
|
||||||
h ^= ctx->s[i];
|
h ^= state->s[i];
|
||||||
store32le(&out[i * 4], h);
|
store32le(&out[i * 4], h);
|
||||||
}
|
}
|
||||||
off = i * 4;
|
off = i * 4;
|
||||||
ctx->mlen -= off;
|
state->mlen -= off;
|
||||||
out += off;
|
out += off;
|
||||||
|
|
||||||
store32le(&s[0], ctx->s[i]);
|
store32le(&s[0], state->s[i]);
|
||||||
for (i = 0; i < ctx->mlen; i++)
|
for (i = 0; i < state->mlen; i++)
|
||||||
out[i] = ctx->m[i + off] ^ s[i];
|
out[i] = state->m[i + off] ^ s[i];
|
||||||
|
|
||||||
lc_scrub(ctx, sizeof(*ctx));
|
lc_scrub(state, sizeof(*state));
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -183,7 +183,7 @@ static int
|
|||||||
chacha20_anycrypt(uint8_t *out, size_t *outlen, void *initparams,
|
chacha20_anycrypt(uint8_t *out, size_t *outlen, void *initparams,
|
||||||
const uint8_t *in, size_t inlen)
|
const uint8_t *in, size_t inlen)
|
||||||
{
|
{
|
||||||
struct chacha20_ctx ctx;
|
struct chacha20_state state;
|
||||||
size_t l0, l1;
|
size_t l0, l1;
|
||||||
int rc;
|
int rc;
|
||||||
|
|
||||||
@ -199,9 +199,9 @@ chacha20_anycrypt(uint8_t *out, size_t *outlen, void *initparams,
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
rc = chacha20_anycrypt_init(&ctx, initparams) &&
|
rc = chacha20_anycrypt_init(&state, initparams) &&
|
||||||
chacha20_anycrypt_update(&ctx, out, &l0, in, inlen) &&
|
chacha20_anycrypt_update(&state, out, &l0, in, inlen) &&
|
||||||
chacha20_anycrypt_final(&ctx, out + l0, &l1);
|
chacha20_anycrypt_final(&state, out + l0, &l1);
|
||||||
|
|
||||||
if (rc)
|
if (rc)
|
||||||
*outlen = l0 + l1;
|
*outlen = l0 + l1;
|
||||||
@ -213,7 +213,7 @@ static int
|
|||||||
xchacha20_anycrypt(uint8_t *out, size_t *outlen, void *initparams,
|
xchacha20_anycrypt(uint8_t *out, size_t *outlen, void *initparams,
|
||||||
const uint8_t *in, size_t inlen)
|
const uint8_t *in, size_t inlen)
|
||||||
{
|
{
|
||||||
struct chacha20_ctx ctx;
|
struct chacha20_state state;
|
||||||
size_t l0, l1;
|
size_t l0, l1;
|
||||||
int rc;
|
int rc;
|
||||||
|
|
||||||
@ -229,9 +229,9 @@ xchacha20_anycrypt(uint8_t *out, size_t *outlen, void *initparams,
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
rc = xchacha20_anycrypt_init(&ctx, initparams) &&
|
rc = xchacha20_anycrypt_init(&state, initparams) &&
|
||||||
chacha20_anycrypt_update(&ctx, out, &l0, in, inlen) &&
|
chacha20_anycrypt_update(&state, out, &l0, in, inlen) &&
|
||||||
chacha20_anycrypt_final(&ctx, out + l0, &l1);
|
chacha20_anycrypt_final(&state, out + l0, &l1);
|
||||||
|
|
||||||
if (rc)
|
if (rc)
|
||||||
*outlen = l0 + l1;
|
*outlen = l0 + l1;
|
||||||
@ -251,7 +251,7 @@ static struct lc_cipher_impl chacha20_impl = {
|
|||||||
.decrypt_final = &chacha20_anycrypt_final,
|
.decrypt_final = &chacha20_anycrypt_final,
|
||||||
.decrypt = &chacha20_anycrypt,
|
.decrypt = &chacha20_anycrypt,
|
||||||
|
|
||||||
.argsz = sizeof(struct chacha20_ctx),
|
.argsz = sizeof(struct chacha20_state),
|
||||||
.blocklen = LC_CHACHA20_BLOCKLEN,
|
.blocklen = LC_CHACHA20_BLOCKLEN,
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -266,7 +266,7 @@ static struct lc_cipher_impl xchacha20_impl = {
|
|||||||
.decrypt_final = &chacha20_anycrypt_final,
|
.decrypt_final = &chacha20_anycrypt_final,
|
||||||
.decrypt = &xchacha20_anycrypt,
|
.decrypt = &xchacha20_anycrypt,
|
||||||
|
|
||||||
.argsz = sizeof(struct chacha20_ctx),
|
.argsz = sizeof(struct chacha20_state),
|
||||||
.blocklen = LC_XCHACHA20_BLOCKLEN,
|
.blocklen = LC_XCHACHA20_BLOCKLEN,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -56,23 +56,23 @@
|
|||||||
static int
|
static int
|
||||||
sha224_init(void *arg)
|
sha224_init(void *arg)
|
||||||
{
|
{
|
||||||
struct sha256_ctx *ctx = arg;
|
struct sha256_state *state = arg;
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
ctx->h0 = SHA224_H0_0;
|
state->h0 = SHA224_H0_0;
|
||||||
ctx->h1 = SHA224_H0_1;
|
state->h1 = SHA224_H0_1;
|
||||||
ctx->h2 = SHA224_H0_2;
|
state->h2 = SHA224_H0_2;
|
||||||
ctx->h3 = SHA224_H0_3;
|
state->h3 = SHA224_H0_3;
|
||||||
ctx->h4 = SHA224_H0_4;
|
state->h4 = SHA224_H0_4;
|
||||||
ctx->h5 = SHA224_H0_5;
|
state->h5 = SHA224_H0_5;
|
||||||
ctx->h6 = SHA224_H0_6;
|
state->h6 = SHA224_H0_6;
|
||||||
ctx->h7 = SHA224_H0_7;
|
state->h7 = SHA224_H0_7;
|
||||||
|
|
||||||
ctx->sz = 0;
|
state->sz = 0;
|
||||||
|
|
||||||
ctx->mlen = 0;
|
state->mlen = 0;
|
||||||
for (i = 0; i < LC_SHA256_BLOCKLEN; i++)
|
for (i = 0; i < LC_SHA256_BLOCKLEN; i++)
|
||||||
ctx->m[i] = 0;
|
state->m[i] = 0;
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -80,23 +80,23 @@ sha224_init(void *arg)
|
|||||||
static int
|
static int
|
||||||
sha256_init(void *arg)
|
sha256_init(void *arg)
|
||||||
{
|
{
|
||||||
struct sha256_ctx *ctx = arg;
|
struct sha256_state *state = arg;
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
ctx->h0 = SHA256_H0_0;
|
state->h0 = SHA256_H0_0;
|
||||||
ctx->h1 = SHA256_H0_1;
|
state->h1 = SHA256_H0_1;
|
||||||
ctx->h2 = SHA256_H0_2;
|
state->h2 = SHA256_H0_2;
|
||||||
ctx->h3 = SHA256_H0_3;
|
state->h3 = SHA256_H0_3;
|
||||||
ctx->h4 = SHA256_H0_4;
|
state->h4 = SHA256_H0_4;
|
||||||
ctx->h5 = SHA256_H0_5;
|
state->h5 = SHA256_H0_5;
|
||||||
ctx->h6 = SHA256_H0_6;
|
state->h6 = SHA256_H0_6;
|
||||||
ctx->h7 = SHA256_H0_7;
|
state->h7 = SHA256_H0_7;
|
||||||
|
|
||||||
ctx->sz = 0;
|
state->sz = 0;
|
||||||
|
|
||||||
ctx->mlen = 0;
|
state->mlen = 0;
|
||||||
for (i = 0; i < LC_SHA256_BLOCKLEN; i++)
|
for (i = 0; i < LC_SHA256_BLOCKLEN; i++)
|
||||||
ctx->m[i] = 0;
|
state->m[i] = 0;
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -104,22 +104,22 @@ sha256_init(void *arg)
|
|||||||
static int
|
static int
|
||||||
sha224_sha256_update(void *arg, const uint8_t *in, size_t inlen)
|
sha224_sha256_update(void *arg, const uint8_t *in, size_t inlen)
|
||||||
{
|
{
|
||||||
struct sha256_ctx *ctx = arg;
|
struct sha256_state *state = arg;
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
if (inlen > SHA256_SZ_MAX - ctx->sz)
|
if (inlen > SHA256_SZ_MAX - state->sz)
|
||||||
return 0;
|
return 0;
|
||||||
ctx->sz += inlen;
|
state->sz += inlen;
|
||||||
|
|
||||||
for (i = 0; i + ctx->mlen < LC_SHA256_BLOCKLEN && i < inlen; i++)
|
for (i = 0; i + state->mlen < LC_SHA256_BLOCKLEN && i < inlen; i++)
|
||||||
ctx->m[i + ctx->mlen] = in[i];
|
state->m[i + state->mlen] = in[i];
|
||||||
ctx->mlen += i;
|
state->mlen += i;
|
||||||
in += i;
|
in += i;
|
||||||
inlen -= i;
|
inlen -= i;
|
||||||
|
|
||||||
if (ctx->mlen == LC_SHA256_BLOCKLEN) {
|
if (state->mlen == LC_SHA256_BLOCKLEN) {
|
||||||
sha256_block(ctx);
|
sha256_block(state);
|
||||||
ctx->mlen = 0;
|
state->mlen = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (inlen == 0)
|
if (inlen == 0)
|
||||||
@ -127,16 +127,16 @@ sha224_sha256_update(void *arg, const uint8_t *in, size_t inlen)
|
|||||||
|
|
||||||
while (inlen >= LC_SHA256_BLOCKLEN) {
|
while (inlen >= LC_SHA256_BLOCKLEN) {
|
||||||
for (i = 0; i < LC_SHA256_BLOCKLEN; i++)
|
for (i = 0; i < LC_SHA256_BLOCKLEN; i++)
|
||||||
ctx->m[i] = in[i];
|
state->m[i] = in[i];
|
||||||
in += i;
|
in += i;
|
||||||
inlen -= i;
|
inlen -= i;
|
||||||
|
|
||||||
sha256_block(ctx);
|
sha256_block(state);
|
||||||
}
|
}
|
||||||
|
|
||||||
for (i = 0; i < inlen; i++)
|
for (i = 0; i < inlen; i++)
|
||||||
ctx->m[i] = in[i];
|
state->m[i] = in[i];
|
||||||
ctx->mlen = inlen;
|
state->mlen = inlen;
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -154,45 +154,45 @@ sha256_update(void *arg, const uint8_t *in, size_t inlen)
|
|||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
sha224_sha256_final(struct sha256_ctx *ctx)
|
sha224_sha256_final(struct sha256_state *state)
|
||||||
{
|
{
|
||||||
size_t i, mlen;
|
size_t i, mlen;
|
||||||
|
|
||||||
mlen = ctx->mlen;
|
mlen = state->mlen;
|
||||||
ctx->m[mlen++] = 0x80;
|
state->m[mlen++] = 0x80;
|
||||||
|
|
||||||
if (mlen >= LC_SHA256_BLOCKLEN - sizeof(uint64_t)) {
|
if (mlen >= LC_SHA256_BLOCKLEN - sizeof(uint64_t)) {
|
||||||
for (i = mlen; i < LC_SHA256_BLOCKLEN; i++)
|
for (i = mlen; i < LC_SHA256_BLOCKLEN; i++)
|
||||||
ctx->m[i] = 0;
|
state->m[i] = 0;
|
||||||
sha256_block(ctx);
|
sha256_block(state);
|
||||||
mlen = 0;
|
mlen = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
for (i = mlen; i < LC_SHA256_BLOCKLEN - sizeof(uint64_t); i++)
|
for (i = mlen; i < LC_SHA256_BLOCKLEN - sizeof(uint64_t); i++)
|
||||||
ctx->m[i] = 0;
|
state->m[i] = 0;
|
||||||
store64be(&ctx->m[i], ctx->sz << 3);
|
store64be(&state->m[i], state->sz << 3);
|
||||||
sha256_block(ctx);
|
sha256_block(state);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
sha224_final(void *arg, uint8_t *out, size_t *outlen)
|
sha224_final(void *arg, uint8_t *out, size_t *outlen)
|
||||||
{
|
{
|
||||||
struct sha256_ctx *ctx = arg;
|
struct sha256_state *state = arg;
|
||||||
|
|
||||||
*outlen = LC_SHA224_HASHLEN;
|
*outlen = LC_SHA224_HASHLEN;
|
||||||
if (out == NULL)
|
if (out == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
sha224_sha256_final(ctx);
|
sha224_sha256_final(state);
|
||||||
store32be(out, ctx->h0);
|
store32be(out, state->h0);
|
||||||
store32be(out + 4, ctx->h1);
|
store32be(out + 4, state->h1);
|
||||||
store32be(out + 8, ctx->h2);
|
store32be(out + 8, state->h2);
|
||||||
store32be(out + 12, ctx->h3);
|
store32be(out + 12, state->h3);
|
||||||
store32be(out + 16, ctx->h4);
|
store32be(out + 16, state->h4);
|
||||||
store32be(out + 20, ctx->h5);
|
store32be(out + 20, state->h5);
|
||||||
store32be(out + 24, ctx->h6);
|
store32be(out + 24, state->h6);
|
||||||
|
|
||||||
lc_scrub(ctx, sizeof(*ctx));
|
lc_scrub(state, sizeof(*state));
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -200,23 +200,23 @@ sha224_final(void *arg, uint8_t *out, size_t *outlen)
|
|||||||
static int
|
static int
|
||||||
sha256_final(void *arg, uint8_t *out, size_t *outlen)
|
sha256_final(void *arg, uint8_t *out, size_t *outlen)
|
||||||
{
|
{
|
||||||
struct sha256_ctx *ctx = arg;
|
struct sha256_state *state = arg;
|
||||||
|
|
||||||
*outlen = LC_SHA256_HASHLEN;
|
*outlen = LC_SHA256_HASHLEN;
|
||||||
if (out == NULL)
|
if (out == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
sha224_sha256_final(ctx);
|
sha224_sha256_final(state);
|
||||||
store32be(out, ctx->h0);
|
store32be(out, state->h0);
|
||||||
store32be(out + 4, ctx->h1);
|
store32be(out + 4, state->h1);
|
||||||
store32be(out + 8, ctx->h2);
|
store32be(out + 8, state->h2);
|
||||||
store32be(out + 12, ctx->h3);
|
store32be(out + 12, state->h3);
|
||||||
store32be(out + 16, ctx->h4);
|
store32be(out + 16, state->h4);
|
||||||
store32be(out + 20, ctx->h5);
|
store32be(out + 20, state->h5);
|
||||||
store32be(out + 24, ctx->h6);
|
store32be(out + 24, state->h6);
|
||||||
store32be(out + 28, ctx->h7);
|
store32be(out + 28, state->h7);
|
||||||
|
|
||||||
lc_scrub(ctx, sizeof(*ctx));
|
lc_scrub(state, sizeof(*state));
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -224,31 +224,31 @@ sha256_final(void *arg, uint8_t *out, size_t *outlen)
|
|||||||
static int
|
static int
|
||||||
sha224_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen)
|
sha224_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen)
|
||||||
{
|
{
|
||||||
struct sha256_ctx ctx;
|
struct sha256_state state;
|
||||||
|
|
||||||
if (out == NULL) {
|
if (out == NULL) {
|
||||||
*outlen = LC_SHA224_HASHLEN;
|
*outlen = LC_SHA224_HASHLEN;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
return sha224_init(&ctx) &&
|
return sha224_init(&state) &&
|
||||||
sha224_update(&ctx, in, inlen) &&
|
sha224_update(&state, in, inlen) &&
|
||||||
sha224_final(&ctx, out, outlen);
|
sha224_final(&state, out, outlen);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
sha256_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen)
|
sha256_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen)
|
||||||
{
|
{
|
||||||
struct sha256_ctx ctx;
|
struct sha256_state state;
|
||||||
|
|
||||||
if (out == NULL) {
|
if (out == NULL) {
|
||||||
*outlen = LC_SHA256_HASHLEN;
|
*outlen = LC_SHA256_HASHLEN;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
return sha256_init(&ctx) &&
|
return sha256_init(&state) &&
|
||||||
sha256_update(&ctx, in, inlen) &&
|
sha256_update(&state, in, inlen) &&
|
||||||
sha256_final(&ctx, out, outlen);
|
sha256_final(&state, out, outlen);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -258,7 +258,7 @@ static struct lc_hash_impl sha224_impl = {
|
|||||||
.final = &sha224_final,
|
.final = &sha224_final,
|
||||||
.hash = &sha224_hash,
|
.hash = &sha224_hash,
|
||||||
|
|
||||||
.argsz = sizeof(struct sha256_ctx),
|
.argsz = sizeof(struct sha256_state),
|
||||||
.blocklen = LC_SHA224_BLOCKLEN,
|
.blocklen = LC_SHA224_BLOCKLEN,
|
||||||
.hashlen = LC_SHA224_HASHLEN,
|
.hashlen = LC_SHA224_HASHLEN,
|
||||||
};
|
};
|
||||||
@ -269,7 +269,7 @@ static struct lc_hash_impl sha256_impl = {
|
|||||||
.final = &sha256_final,
|
.final = &sha256_final,
|
||||||
.hash = &sha256_hash,
|
.hash = &sha256_hash,
|
||||||
|
|
||||||
.argsz = sizeof(struct sha256_ctx),
|
.argsz = sizeof(struct sha256_state),
|
||||||
.blocklen = LC_SHA256_BLOCKLEN,
|
.blocklen = LC_SHA256_BLOCKLEN,
|
||||||
.hashlen = LC_SHA256_HASHLEN,
|
.hashlen = LC_SHA256_HASHLEN,
|
||||||
};
|
};
|
||||||
|
@ -57,23 +57,23 @@
|
|||||||
static int
|
static int
|
||||||
sha384_init(void *arg)
|
sha384_init(void *arg)
|
||||||
{
|
{
|
||||||
struct sha512_ctx *ctx = arg;
|
struct sha512_state *state = arg;
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
ctx->h0 = SHA384_H0_0;
|
state->h0 = SHA384_H0_0;
|
||||||
ctx->h1 = SHA384_H0_1;
|
state->h1 = SHA384_H0_1;
|
||||||
ctx->h2 = SHA384_H0_2;
|
state->h2 = SHA384_H0_2;
|
||||||
ctx->h3 = SHA384_H0_3;
|
state->h3 = SHA384_H0_3;
|
||||||
ctx->h4 = SHA384_H0_4;
|
state->h4 = SHA384_H0_4;
|
||||||
ctx->h5 = SHA384_H0_5;
|
state->h5 = SHA384_H0_5;
|
||||||
ctx->h6 = SHA384_H0_6;
|
state->h6 = SHA384_H0_6;
|
||||||
ctx->h7 = SHA384_H0_7;
|
state->h7 = SHA384_H0_7;
|
||||||
|
|
||||||
ctx->szhi = ctx->szlo = 0;
|
state->szhi = state->szlo = 0;
|
||||||
|
|
||||||
ctx->mlen = 0;
|
state->mlen = 0;
|
||||||
for (i = 0; i < LC_SHA512_BLOCKLEN; i++)
|
for (i = 0; i < LC_SHA512_BLOCKLEN; i++)
|
||||||
ctx->m[i] = 0;
|
state->m[i] = 0;
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -81,23 +81,23 @@ sha384_init(void *arg)
|
|||||||
static int
|
static int
|
||||||
sha512_init(void *arg)
|
sha512_init(void *arg)
|
||||||
{
|
{
|
||||||
struct sha512_ctx *ctx = arg;
|
struct sha512_state *state = arg;
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
ctx->h0 = SHA512_H0_0;
|
state->h0 = SHA512_H0_0;
|
||||||
ctx->h1 = SHA512_H0_1;
|
state->h1 = SHA512_H0_1;
|
||||||
ctx->h2 = SHA512_H0_2;
|
state->h2 = SHA512_H0_2;
|
||||||
ctx->h3 = SHA512_H0_3;
|
state->h3 = SHA512_H0_3;
|
||||||
ctx->h4 = SHA512_H0_4;
|
state->h4 = SHA512_H0_4;
|
||||||
ctx->h5 = SHA512_H0_5;
|
state->h5 = SHA512_H0_5;
|
||||||
ctx->h6 = SHA512_H0_6;
|
state->h6 = SHA512_H0_6;
|
||||||
ctx->h7 = SHA512_H0_7;
|
state->h7 = SHA512_H0_7;
|
||||||
|
|
||||||
ctx->szhi = ctx->szlo = 0;
|
state->szhi = state->szlo = 0;
|
||||||
|
|
||||||
ctx->mlen = 0;
|
state->mlen = 0;
|
||||||
for (i = 0; i < LC_SHA512_BLOCKLEN; i++)
|
for (i = 0; i < LC_SHA512_BLOCKLEN; i++)
|
||||||
ctx->m[i] = 0;
|
state->m[i] = 0;
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -105,26 +105,26 @@ sha512_init(void *arg)
|
|||||||
static int
|
static int
|
||||||
sha384_sha512_update(void *arg, const uint8_t *in, size_t inlen)
|
sha384_sha512_update(void *arg, const uint8_t *in, size_t inlen)
|
||||||
{
|
{
|
||||||
struct sha512_ctx *ctx = arg;
|
struct sha512_state *state = arg;
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
if (inlen > SHA512_SZLO_MAX - ctx->szlo) {
|
if (inlen > SHA512_SZLO_MAX - state->szlo) {
|
||||||
if (ctx->szhi == SHA512_SZHI_MAX)
|
if (state->szhi == SHA512_SZHI_MAX)
|
||||||
return 0;
|
return 0;
|
||||||
ctx->szlo += inlen;
|
state->szlo += inlen;
|
||||||
ctx->szhi++;
|
state->szhi++;
|
||||||
} else
|
} else
|
||||||
ctx->szlo += inlen;
|
state->szlo += inlen;
|
||||||
|
|
||||||
for (i = 0; i + ctx->mlen < LC_SHA512_BLOCKLEN && i < inlen; i++)
|
for (i = 0; i + state->mlen < LC_SHA512_BLOCKLEN && i < inlen; i++)
|
||||||
ctx->m[i + ctx->mlen] = in[i];
|
state->m[i + state->mlen] = in[i];
|
||||||
ctx->mlen += i;
|
state->mlen += i;
|
||||||
in += i;
|
in += i;
|
||||||
inlen -= i;
|
inlen -= i;
|
||||||
|
|
||||||
if (ctx->mlen == LC_SHA512_BLOCKLEN) {
|
if (state->mlen == LC_SHA512_BLOCKLEN) {
|
||||||
sha512_block(ctx);
|
sha512_block(state);
|
||||||
ctx->mlen = 0;
|
state->mlen = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (inlen == 0)
|
if (inlen == 0)
|
||||||
@ -132,16 +132,16 @@ sha384_sha512_update(void *arg, const uint8_t *in, size_t inlen)
|
|||||||
|
|
||||||
while (inlen >= LC_SHA512_BLOCKLEN) {
|
while (inlen >= LC_SHA512_BLOCKLEN) {
|
||||||
for (i = 0; i < LC_SHA512_BLOCKLEN; i++)
|
for (i = 0; i < LC_SHA512_BLOCKLEN; i++)
|
||||||
ctx->m[i] = in[i];
|
state->m[i] = in[i];
|
||||||
in += i;
|
in += i;
|
||||||
inlen -= i;
|
inlen -= i;
|
||||||
|
|
||||||
sha512_block(ctx);
|
sha512_block(state);
|
||||||
}
|
}
|
||||||
|
|
||||||
for (i = 0; i < inlen; i++)
|
for (i = 0; i < inlen; i++)
|
||||||
ctx->m[i] = in[i];
|
state->m[i] = in[i];
|
||||||
ctx->mlen = inlen;
|
state->mlen = inlen;
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -159,45 +159,45 @@ sha512_update(void *arg, const uint8_t *in, size_t inlen)
|
|||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
sha384_sha512_final(struct sha512_ctx *ctx)
|
sha384_sha512_final(struct sha512_state *state)
|
||||||
{
|
{
|
||||||
size_t i, mlen;
|
size_t i, mlen;
|
||||||
|
|
||||||
mlen = ctx->mlen;
|
mlen = state->mlen;
|
||||||
ctx->m[mlen++] = 0x80;
|
state->m[mlen++] = 0x80;
|
||||||
|
|
||||||
if (mlen >= LC_SHA512_BLOCKLEN - 2 * sizeof(uint64_t)) {
|
if (mlen >= LC_SHA512_BLOCKLEN - 2 * sizeof(uint64_t)) {
|
||||||
for (i = mlen; i < LC_SHA512_BLOCKLEN; i++)
|
for (i = mlen; i < LC_SHA512_BLOCKLEN; i++)
|
||||||
ctx->m[i] = 0;
|
state->m[i] = 0;
|
||||||
sha512_block(ctx);
|
sha512_block(state);
|
||||||
mlen = 0;
|
mlen = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
for (i = mlen; i < LC_SHA512_BLOCKLEN - 2 * sizeof(uint64_t); i++)
|
for (i = mlen; i < LC_SHA512_BLOCKLEN - 2 * sizeof(uint64_t); i++)
|
||||||
ctx->m[i] = 0;
|
state->m[i] = 0;
|
||||||
store64be(&ctx->m[i], (ctx->szhi << 3) | (ctx->szlo >> 63));
|
store64be(&state->m[i], (state->szhi << 3) | (state->szlo >> 63));
|
||||||
store64be(&ctx->m[i + sizeof(uint64_t)], ctx->szlo << 3);
|
store64be(&state->m[i + sizeof(uint64_t)], state->szlo << 3);
|
||||||
sha512_block(ctx);
|
sha512_block(state);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
sha384_final(void *arg, uint8_t *out, size_t *outlen)
|
sha384_final(void *arg, uint8_t *out, size_t *outlen)
|
||||||
{
|
{
|
||||||
struct sha512_ctx *ctx = arg;
|
struct sha512_state *state = arg;
|
||||||
|
|
||||||
*outlen = LC_SHA384_HASHLEN;
|
*outlen = LC_SHA384_HASHLEN;
|
||||||
if (out == NULL)
|
if (out == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
sha384_sha512_final(ctx);
|
sha384_sha512_final(state);
|
||||||
store64be(out, ctx->h0);
|
store64be(out, state->h0);
|
||||||
store64be(out + 8, ctx->h1);
|
store64be(out + 8, state->h1);
|
||||||
store64be(out + 16, ctx->h2);
|
store64be(out + 16, state->h2);
|
||||||
store64be(out + 24, ctx->h3);
|
store64be(out + 24, state->h3);
|
||||||
store64be(out + 32, ctx->h4);
|
store64be(out + 32, state->h4);
|
||||||
store64be(out + 40, ctx->h5);
|
store64be(out + 40, state->h5);
|
||||||
|
|
||||||
lc_scrub(ctx, sizeof(*ctx));
|
lc_scrub(state, sizeof(*state));
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -205,23 +205,23 @@ sha384_final(void *arg, uint8_t *out, size_t *outlen)
|
|||||||
static int
|
static int
|
||||||
sha512_final(void *arg, uint8_t *out, size_t *outlen)
|
sha512_final(void *arg, uint8_t *out, size_t *outlen)
|
||||||
{
|
{
|
||||||
struct sha512_ctx *ctx = arg;
|
struct sha512_state *state = arg;
|
||||||
|
|
||||||
*outlen = LC_SHA512_HASHLEN;
|
*outlen = LC_SHA512_HASHLEN;
|
||||||
if (out == NULL)
|
if (out == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
sha384_sha512_final(ctx);
|
sha384_sha512_final(state);
|
||||||
store64be(out, ctx->h0);
|
store64be(out, state->h0);
|
||||||
store64be(out + 8, ctx->h1);
|
store64be(out + 8, state->h1);
|
||||||
store64be(out + 16, ctx->h2);
|
store64be(out + 16, state->h2);
|
||||||
store64be(out + 24, ctx->h3);
|
store64be(out + 24, state->h3);
|
||||||
store64be(out + 32, ctx->h4);
|
store64be(out + 32, state->h4);
|
||||||
store64be(out + 40, ctx->h5);
|
store64be(out + 40, state->h5);
|
||||||
store64be(out + 48, ctx->h6);
|
store64be(out + 48, state->h6);
|
||||||
store64be(out + 56, ctx->h7);
|
store64be(out + 56, state->h7);
|
||||||
|
|
||||||
lc_scrub(ctx, sizeof(*ctx));
|
lc_scrub(state, sizeof(*state));
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -229,31 +229,31 @@ sha512_final(void *arg, uint8_t *out, size_t *outlen)
|
|||||||
static int
|
static int
|
||||||
sha384_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen)
|
sha384_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen)
|
||||||
{
|
{
|
||||||
struct sha512_ctx ctx;
|
struct sha512_state state;
|
||||||
|
|
||||||
if (out == NULL) {
|
if (out == NULL) {
|
||||||
*outlen = LC_SHA384_HASHLEN;
|
*outlen = LC_SHA384_HASHLEN;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
return sha384_init(&ctx) &&
|
return sha384_init(&state) &&
|
||||||
sha384_update(&ctx, in, inlen) &&
|
sha384_update(&state, in, inlen) &&
|
||||||
sha384_final(&ctx, out, outlen);
|
sha384_final(&state, out, outlen);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
sha512_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen)
|
sha512_hash(uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen)
|
||||||
{
|
{
|
||||||
struct sha512_ctx ctx;
|
struct sha512_state state;
|
||||||
|
|
||||||
if (out == NULL) {
|
if (out == NULL) {
|
||||||
*outlen = LC_SHA512_HASHLEN;
|
*outlen = LC_SHA512_HASHLEN;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
return sha512_init(&ctx) &&
|
return sha512_init(&state) &&
|
||||||
sha512_update(&ctx, in, inlen) &&
|
sha512_update(&state, in, inlen) &&
|
||||||
sha512_final(&ctx, out, outlen);
|
sha512_final(&state, out, outlen);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -263,7 +263,7 @@ static struct lc_hash_impl sha384_impl = {
|
|||||||
.final = &sha384_final,
|
.final = &sha384_final,
|
||||||
.hash = &sha384_hash,
|
.hash = &sha384_hash,
|
||||||
|
|
||||||
.argsz = sizeof(struct sha512_ctx),
|
.argsz = sizeof(struct sha512_state),
|
||||||
.blocklen = LC_SHA384_BLOCKLEN,
|
.blocklen = LC_SHA384_BLOCKLEN,
|
||||||
.hashlen = LC_SHA384_HASHLEN,
|
.hashlen = LC_SHA384_HASHLEN,
|
||||||
};
|
};
|
||||||
@ -274,7 +274,7 @@ static struct lc_hash_impl sha512_impl = {
|
|||||||
.final = &sha512_final,
|
.final = &sha512_final,
|
||||||
.hash = &sha512_hash,
|
.hash = &sha512_hash,
|
||||||
|
|
||||||
.argsz = sizeof(struct sha512_ctx),
|
.argsz = sizeof(struct sha512_state),
|
||||||
.blocklen = LC_SHA512_BLOCKLEN,
|
.blocklen = LC_SHA512_BLOCKLEN,
|
||||||
.hashlen = LC_SHA512_HASHLEN,
|
.hashlen = LC_SHA512_HASHLEN,
|
||||||
};
|
};
|
||||||
|
@ -43,7 +43,7 @@
|
|||||||
|
|
||||||
|
|
||||||
void
|
void
|
||||||
chacha20_block(struct chacha20_ctx *ctx)
|
chacha20_block(struct chacha20_state *state)
|
||||||
{
|
{
|
||||||
uint32_t x[CHACHA20_BLOCKLEN_WORDS];
|
uint32_t x[CHACHA20_BLOCKLEN_WORDS];
|
||||||
size_t i;
|
size_t i;
|
||||||
@ -52,21 +52,21 @@ chacha20_block(struct chacha20_ctx *ctx)
|
|||||||
x[1] = SIGMA1;
|
x[1] = SIGMA1;
|
||||||
x[2] = SIGMA2;
|
x[2] = SIGMA2;
|
||||||
x[3] = SIGMA3;
|
x[3] = SIGMA3;
|
||||||
x[4] = ctx->k[0];
|
x[4] = state->k[0];
|
||||||
x[5] = ctx->k[1];
|
x[5] = state->k[1];
|
||||||
x[6] = ctx->k[2];
|
x[6] = state->k[2];
|
||||||
x[7] = ctx->k[3];
|
x[7] = state->k[3];
|
||||||
x[8] = ctx->k[4];
|
x[8] = state->k[4];
|
||||||
x[9] = ctx->k[5];
|
x[9] = state->k[5];
|
||||||
x[10] = ctx->k[6];
|
x[10] = state->k[6];
|
||||||
x[11] = ctx->k[7];
|
x[11] = state->k[7];
|
||||||
x[12] = ctx->n[0];
|
x[12] = state->n[0];
|
||||||
x[13] = ctx->n[1];
|
x[13] = state->n[1];
|
||||||
x[14] = ctx->n[2];
|
x[14] = state->n[2];
|
||||||
x[15] = ctx->n[3];
|
x[15] = state->n[3];
|
||||||
|
|
||||||
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++)
|
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++)
|
||||||
ctx->s[i] = x[i];
|
state->s[i] = x[i];
|
||||||
|
|
||||||
for (i = 0; i < CHACHA20_ROUNDS; i++) {
|
for (i = 0; i < CHACHA20_ROUNDS; i++) {
|
||||||
QUARTERROUND(x[0], x[4], x[8], x[12]);
|
QUARTERROUND(x[0], x[4], x[8], x[12]);
|
||||||
@ -81,11 +81,11 @@ chacha20_block(struct chacha20_ctx *ctx)
|
|||||||
}
|
}
|
||||||
|
|
||||||
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++)
|
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++)
|
||||||
ctx->s[i] += x[i];
|
state->s[i] += x[i];
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
hchacha20_block(struct chacha20_ctx *ctx)
|
hchacha20_block(struct chacha20_state *state)
|
||||||
{
|
{
|
||||||
uint32_t x[CHACHA20_BLOCKLEN_WORDS];
|
uint32_t x[CHACHA20_BLOCKLEN_WORDS];
|
||||||
size_t i;
|
size_t i;
|
||||||
@ -94,18 +94,18 @@ hchacha20_block(struct chacha20_ctx *ctx)
|
|||||||
x[1] = SIGMA1;
|
x[1] = SIGMA1;
|
||||||
x[2] = SIGMA2;
|
x[2] = SIGMA2;
|
||||||
x[3] = SIGMA3;
|
x[3] = SIGMA3;
|
||||||
x[4] = ctx->k[0];
|
x[4] = state->k[0];
|
||||||
x[5] = ctx->k[1];
|
x[5] = state->k[1];
|
||||||
x[6] = ctx->k[2];
|
x[6] = state->k[2];
|
||||||
x[7] = ctx->k[3];
|
x[7] = state->k[3];
|
||||||
x[8] = ctx->k[4];
|
x[8] = state->k[4];
|
||||||
x[9] = ctx->k[5];
|
x[9] = state->k[5];
|
||||||
x[10] = ctx->k[6];
|
x[10] = state->k[6];
|
||||||
x[11] = ctx->k[7];
|
x[11] = state->k[7];
|
||||||
x[12] = ctx->n[0];
|
x[12] = state->n[0];
|
||||||
x[13] = ctx->n[1];
|
x[13] = state->n[1];
|
||||||
x[14] = ctx->n[2];
|
x[14] = state->n[2];
|
||||||
x[15] = ctx->n[3];
|
x[15] = state->n[3];
|
||||||
|
|
||||||
for (i = 0; i < CHACHA20_ROUNDS; i++) {
|
for (i = 0; i < CHACHA20_ROUNDS; i++) {
|
||||||
QUARTERROUND(x[0], x[4], x[8], x[12]);
|
QUARTERROUND(x[0], x[4], x[8], x[12]);
|
||||||
@ -120,5 +120,5 @@ hchacha20_block(struct chacha20_ctx *ctx)
|
|||||||
}
|
}
|
||||||
|
|
||||||
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++)
|
for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++)
|
||||||
ctx->s[i] = x[i];
|
state->s[i] = x[i];
|
||||||
}
|
}
|
||||||
|
@ -24,7 +24,7 @@
|
|||||||
#define CHACHA20_ROUNDS 10
|
#define CHACHA20_ROUNDS 10
|
||||||
|
|
||||||
|
|
||||||
struct chacha20_ctx {
|
struct chacha20_state {
|
||||||
uint32_t s[CHACHA20_BLOCKLEN_WORDS];
|
uint32_t s[CHACHA20_BLOCKLEN_WORDS];
|
||||||
uint32_t k[CHACHA20_KEY_WORDS];
|
uint32_t k[CHACHA20_KEY_WORDS];
|
||||||
uint32_t n[CHACHA20_NONCE_WORDS];
|
uint32_t n[CHACHA20_NONCE_WORDS];
|
||||||
@ -33,5 +33,5 @@ struct chacha20_ctx {
|
|||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
void chacha20_block(struct chacha20_ctx *);
|
void chacha20_block(struct chacha20_state *);
|
||||||
void hchacha20_block(struct chacha20_ctx *);
|
void hchacha20_block(struct chacha20_state *);
|
||||||
|
@ -20,7 +20,7 @@
|
|||||||
#define HMAC_BLOCKLEN_MAX LC_SHA512_BLOCKLEN
|
#define HMAC_BLOCKLEN_MAX LC_SHA512_BLOCKLEN
|
||||||
|
|
||||||
|
|
||||||
struct hmac_ctx {
|
struct hmac_state {
|
||||||
struct lc_hash_ctx *hash;
|
struct lc_hash_ctx *hash;
|
||||||
uint8_t key[HMAC_BLOCKLEN_MAX];
|
uint8_t key[HMAC_BLOCKLEN_MAX];
|
||||||
};
|
};
|
||||||
|
@ -147,30 +147,30 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
void
|
void
|
||||||
poly1305_block(struct poly1305_ctx *ctx, uint32_t hibit)
|
poly1305_block(struct poly1305_state *state, uint32_t hibit)
|
||||||
{
|
{
|
||||||
uint64_t h0, h1, h2, h3, h4, t0, t1, t2, t3, t4;
|
uint64_t h0, h1, h2, h3, h4, t0, t1, t2, t3, t4;
|
||||||
uint32_t r0, r1, r2, r3, r4, x1, x2, x3, x4;
|
uint32_t r0, r1, r2, r3, r4, x1, x2, x3, x4;
|
||||||
|
|
||||||
h0 = ctx->h0;
|
h0 = state->h0;
|
||||||
h1 = ctx->h1;
|
h1 = state->h1;
|
||||||
h2 = ctx->h2;
|
h2 = state->h2;
|
||||||
h3 = ctx->h3;
|
h3 = state->h3;
|
||||||
h4 = ctx->h4;
|
h4 = state->h4;
|
||||||
r0 = ctx->r0;
|
r0 = state->r0;
|
||||||
r1 = ctx->r1;
|
r1 = state->r1;
|
||||||
r2 = ctx->r2;
|
r2 = state->r2;
|
||||||
r3 = ctx->r3;
|
r3 = state->r3;
|
||||||
r4 = ctx->r4;
|
r4 = state->r4;
|
||||||
x1 = ctx->x1;
|
x1 = state->x1;
|
||||||
x2 = ctx->x2;
|
x2 = state->x2;
|
||||||
x3 = ctx->x3;
|
x3 = state->x3;
|
||||||
x4 = ctx->x4;
|
x4 = state->x4;
|
||||||
|
|
||||||
t0 = load32le(&ctx->m[0]);
|
t0 = load32le(&state->m[0]);
|
||||||
t1 = load32le(&ctx->m[4]);
|
t1 = load32le(&state->m[4]);
|
||||||
t2 = load32le(&ctx->m[8]);
|
t2 = load32le(&state->m[8]);
|
||||||
t3 = load32le(&ctx->m[12]);
|
t3 = load32le(&state->m[12]);
|
||||||
t4 = hibit;
|
t4 = hibit;
|
||||||
|
|
||||||
h0 += t0 & 0x3ffffff;
|
h0 += t0 & 0x3ffffff;
|
||||||
@ -199,24 +199,25 @@ poly1305_block(struct poly1305_ctx *ctx, uint32_t hibit)
|
|||||||
h1 += h0 >> 26;
|
h1 += h0 >> 26;
|
||||||
h0 &= 0x3ffffff;
|
h0 &= 0x3ffffff;
|
||||||
|
|
||||||
ctx->h0 = h0;
|
state->h0 = h0;
|
||||||
ctx->h1 = h1;
|
state->h1 = h1;
|
||||||
ctx->h2 = h2;
|
state->h2 = h2;
|
||||||
ctx->h3 = h3;
|
state->h3 = h3;
|
||||||
ctx->h4 = h4;
|
state->h4 = h4;
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
poly1305_reduce(struct poly1305_ctx *ctx, uint32_t a[POLY1305_TAGLEN_WORDS])
|
poly1305_reduce(struct poly1305_state *state,
|
||||||
|
uint32_t a[POLY1305_TAGLEN_WORDS])
|
||||||
{
|
{
|
||||||
uint64_t t0, t1, t2, t3, t4, g0, g1, g2, g3, g4;
|
uint64_t t0, t1, t2, t3, t4, g0, g1, g2, g3, g4;
|
||||||
uint32_t mask;
|
uint32_t mask;
|
||||||
|
|
||||||
t0 = (ctx->h0 | (ctx->h1 << 26)) & 0xffffffff;
|
t0 = (state->h0 | (state->h1 << 26)) & 0xffffffff;
|
||||||
t1 = ((ctx->h1 >> 6) | (ctx->h2 << 20)) & 0xffffffff;
|
t1 = ((state->h1 >> 6) | (state->h2 << 20)) & 0xffffffff;
|
||||||
t2 = ((ctx->h2 >> 12) | (ctx->h3 << 14)) & 0xffffffff;
|
t2 = ((state->h2 >> 12) | (state->h3 << 14)) & 0xffffffff;
|
||||||
t3 = ((ctx->h3 >> 18) | (ctx->h4 << 8)) & 0xffffffff;
|
t3 = ((state->h3 >> 18) | (state->h4 << 8)) & 0xffffffff;
|
||||||
t4 = ctx->h4 >> 24;
|
t4 = state->h4 >> 24;
|
||||||
|
|
||||||
g0 = t0 + 5;
|
g0 = t0 + 5;
|
||||||
g1 = t1 + (g0 >> 32);
|
g1 = t1 + (g0 >> 32);
|
||||||
@ -231,10 +232,10 @@ poly1305_reduce(struct poly1305_ctx *ctx, uint32_t a[POLY1305_TAGLEN_WORDS])
|
|||||||
t2 = (t2 & ~mask) | (g2 & mask);
|
t2 = (t2 & ~mask) | (g2 & mask);
|
||||||
t3 = (t3 & ~mask) | (g3 & mask);
|
t3 = (t3 & ~mask) | (g3 & mask);
|
||||||
|
|
||||||
t0 += ctx->s0;
|
t0 += state->s0;
|
||||||
t1 += ctx->s1 + (t0 >> 32);
|
t1 += state->s1 + (t0 >> 32);
|
||||||
t2 += ctx->s2 + (t1 >> 32);
|
t2 += state->s2 + (t1 >> 32);
|
||||||
t3 += ctx->s3 + (t2 >> 32);
|
t3 += state->s3 + (t2 >> 32);
|
||||||
|
|
||||||
a[0] = t0 & 0xffffffff;
|
a[0] = t0 & 0xffffffff;
|
||||||
a[1] = t1 & 0xffffffff;
|
a[1] = t1 & 0xffffffff;
|
||||||
|
@ -20,7 +20,7 @@
|
|||||||
#define POLY1305_TAGLEN_WORDS (LC_POLY1305_TAGLEN / sizeof(uint32_t))
|
#define POLY1305_TAGLEN_WORDS (LC_POLY1305_TAGLEN / sizeof(uint32_t))
|
||||||
|
|
||||||
|
|
||||||
struct poly1305_ctx {
|
struct poly1305_state {
|
||||||
uint32_t h0, h1, h2, h3, h4;
|
uint32_t h0, h1, h2, h3, h4;
|
||||||
uint32_t r0, r1, r2, r3, r4;
|
uint32_t r0, r1, r2, r3, r4;
|
||||||
uint32_t x1, x2, x3, x4;
|
uint32_t x1, x2, x3, x4;
|
||||||
@ -30,6 +30,6 @@ struct poly1305_ctx {
|
|||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
void poly1305_block(struct poly1305_ctx *, uint32_t);
|
void poly1305_block(struct poly1305_state *, uint32_t);
|
||||||
void poly1305_reduce(struct poly1305_ctx *,
|
void poly1305_reduce(struct poly1305_state *,
|
||||||
uint32_t [POLY1305_TAGLEN_WORDS]);
|
uint32_t [POLY1305_TAGLEN_WORDS]);
|
||||||
|
@ -48,26 +48,26 @@ static const uint32_t K[SHA256_ROUNDS] = {
|
|||||||
#define SSIG1(x) (rotr32(x, 17) ^ rotr32(x, 19) ^ (x >> 10))
|
#define SSIG1(x) (rotr32(x, 17) ^ rotr32(x, 19) ^ (x >> 10))
|
||||||
|
|
||||||
void
|
void
|
||||||
sha256_block(struct sha256_ctx *ctx)
|
sha256_block(struct sha256_state *state)
|
||||||
{
|
{
|
||||||
uint32_t m[SHA256_BLOCKLEN_WORDS], W[SHA256_ROUNDS];
|
uint32_t m[SHA256_BLOCKLEN_WORDS], W[SHA256_ROUNDS];
|
||||||
uint32_t a, b, c, d, e, f, g, h, T1, T2;
|
uint32_t a, b, c, d, e, f, g, h, T1, T2;
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
for (i = 0; i < SHA256_BLOCKLEN_WORDS; i++)
|
for (i = 0; i < SHA256_BLOCKLEN_WORDS; i++)
|
||||||
W[i] = m[i] = load32be(&ctx->m[i * 4]);
|
W[i] = m[i] = load32be(&state->m[i * 4]);
|
||||||
for (; i < SHA256_ROUNDS; i++)
|
for (; i < SHA256_ROUNDS; i++)
|
||||||
W[i] = SSIG1(W[i - 2]) + W[i - 7] + SSIG0(W[i - 15]) +
|
W[i] = SSIG1(W[i - 2]) + W[i - 7] + SSIG0(W[i - 15]) +
|
||||||
W[i - 16];
|
W[i - 16];
|
||||||
|
|
||||||
a = ctx->h0;
|
a = state->h0;
|
||||||
b = ctx->h1;
|
b = state->h1;
|
||||||
c = ctx->h2;
|
c = state->h2;
|
||||||
d = ctx->h3;
|
d = state->h3;
|
||||||
e = ctx->h4;
|
e = state->h4;
|
||||||
f = ctx->h5;
|
f = state->h5;
|
||||||
g = ctx->h6;
|
g = state->h6;
|
||||||
h = ctx->h7;
|
h = state->h7;
|
||||||
|
|
||||||
for (i = 0; i < SHA256_ROUNDS; i++) {
|
for (i = 0; i < SHA256_ROUNDS; i++) {
|
||||||
T1 = h + BSIG1(e) + CH(e, f, g) + K[i] + W[i];
|
T1 = h + BSIG1(e) + CH(e, f, g) + K[i] + W[i];
|
||||||
@ -82,12 +82,12 @@ sha256_block(struct sha256_ctx *ctx)
|
|||||||
a = T1 + T2;
|
a = T1 + T2;
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx->h0 += a;
|
state->h0 += a;
|
||||||
ctx->h1 += b;
|
state->h1 += b;
|
||||||
ctx->h2 += c;
|
state->h2 += c;
|
||||||
ctx->h3 += d;
|
state->h3 += d;
|
||||||
ctx->h4 += e;
|
state->h4 += e;
|
||||||
ctx->h5 += f;
|
state->h5 += f;
|
||||||
ctx->h6 += g;
|
state->h6 += g;
|
||||||
ctx->h7 += h;
|
state->h7 += h;
|
||||||
}
|
}
|
||||||
|
@ -21,7 +21,7 @@
|
|||||||
#define SHA256_ROUNDS 64
|
#define SHA256_ROUNDS 64
|
||||||
|
|
||||||
|
|
||||||
struct sha256_ctx {
|
struct sha256_state {
|
||||||
uint32_t h0, h1, h2, h3, h4, h5, h6, h7;
|
uint32_t h0, h1, h2, h3, h4, h5, h6, h7;
|
||||||
uint64_t sz;
|
uint64_t sz;
|
||||||
size_t mlen;
|
size_t mlen;
|
||||||
@ -29,4 +29,4 @@ struct sha256_ctx {
|
|||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
void sha256_block(struct sha256_ctx *);
|
void sha256_block(struct sha256_state *);
|
||||||
|
@ -72,26 +72,26 @@ static const uint64_t K[SHA512_ROUNDS] = {
|
|||||||
#define SSIG1(x) (rotr64(x, 19) ^ rotr64(x, 61) ^ (x >> 6))
|
#define SSIG1(x) (rotr64(x, 19) ^ rotr64(x, 61) ^ (x >> 6))
|
||||||
|
|
||||||
void
|
void
|
||||||
sha512_block(struct sha512_ctx *ctx)
|
sha512_block(struct sha512_state *state)
|
||||||
{
|
{
|
||||||
uint64_t m[SHA512_BLOCKLEN_WORDS], W[SHA512_ROUNDS];
|
uint64_t m[SHA512_BLOCKLEN_WORDS], W[SHA512_ROUNDS];
|
||||||
uint64_t a, b, c, d, e, f, g, h, T1, T2;
|
uint64_t a, b, c, d, e, f, g, h, T1, T2;
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
for (i = 0; i < SHA512_BLOCKLEN_WORDS; i++)
|
for (i = 0; i < SHA512_BLOCKLEN_WORDS; i++)
|
||||||
W[i] = m[i] = load64be(&ctx->m[i * 8]);
|
W[i] = m[i] = load64be(&state->m[i * 8]);
|
||||||
for (; i < SHA512_ROUNDS; i++)
|
for (; i < SHA512_ROUNDS; i++)
|
||||||
W[i] = SSIG1(W[i - 2]) + W[i - 7] + SSIG0(W[i - 15]) +
|
W[i] = SSIG1(W[i - 2]) + W[i - 7] + SSIG0(W[i - 15]) +
|
||||||
W[i - 16];
|
W[i - 16];
|
||||||
|
|
||||||
a = ctx->h0;
|
a = state->h0;
|
||||||
b = ctx->h1;
|
b = state->h1;
|
||||||
c = ctx->h2;
|
c = state->h2;
|
||||||
d = ctx->h3;
|
d = state->h3;
|
||||||
e = ctx->h4;
|
e = state->h4;
|
||||||
f = ctx->h5;
|
f = state->h5;
|
||||||
g = ctx->h6;
|
g = state->h6;
|
||||||
h = ctx->h7;
|
h = state->h7;
|
||||||
|
|
||||||
for (i = 0; i < SHA512_ROUNDS; i++) {
|
for (i = 0; i < SHA512_ROUNDS; i++) {
|
||||||
T1 = h + BSIG1(e) + CH(e, f, g) + K[i] + W[i];
|
T1 = h + BSIG1(e) + CH(e, f, g) + K[i] + W[i];
|
||||||
@ -106,12 +106,12 @@ sha512_block(struct sha512_ctx *ctx)
|
|||||||
a = T1 + T2;
|
a = T1 + T2;
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx->h0 += a;
|
state->h0 += a;
|
||||||
ctx->h1 += b;
|
state->h1 += b;
|
||||||
ctx->h2 += c;
|
state->h2 += c;
|
||||||
ctx->h3 += d;
|
state->h3 += d;
|
||||||
ctx->h4 += e;
|
state->h4 += e;
|
||||||
ctx->h5 += f;
|
state->h5 += f;
|
||||||
ctx->h6 += g;
|
state->h6 += g;
|
||||||
ctx->h7 += h;
|
state->h7 += h;
|
||||||
}
|
}
|
||||||
|
@ -21,7 +21,7 @@
|
|||||||
#define SHA512_ROUNDS 80
|
#define SHA512_ROUNDS 80
|
||||||
|
|
||||||
|
|
||||||
struct sha512_ctx {
|
struct sha512_state {
|
||||||
uint64_t h0, h1, h2, h3, h4, h5, h6, h7;
|
uint64_t h0, h1, h2, h3, h4, h5, h6, h7;
|
||||||
uint64_t szhi, szlo;
|
uint64_t szhi, szlo;
|
||||||
size_t mlen;
|
size_t mlen;
|
||||||
@ -29,4 +29,4 @@ struct sha512_ctx {
|
|||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
void sha512_block(struct sha512_ctx *);
|
void sha512_block(struct sha512_state *);
|
||||||
|
Loading…
Reference in New Issue
Block a user