From 2a3f11f9c5dab4ef69e01277a0d00168c26afdba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Mon, 29 Aug 2011 16:24:55 +0200
Subject: [PATCH] (COMPRESS): New macro wrapping _nettle_sha256_compress.
(SHA256_INCR): Deleted macro. (sha256_update): Use MD_UPDATE. (sha256_final):
Deleted function. (sha256_write_digest): New function, replacing
sha256_final, and using MD_FINAL. (sha256_digest): Use sha256_write_digest.
(sha224_digest): Likewise.
Rev: nettle/sha256.c:1.6
---
sha256.c | 95 +++++++-------------------------------------------------
1 file changed, 12 insertions(+), 83 deletions(-)
diff --git a/sha256.c b/sha256.c
index fa4f735b..539285ca 100644
--- a/sha256.c
+++ b/sha256.c
@@ -62,6 +62,8 @@ K[64] =
0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL,
};
+#define COMPRESS(digest, data) (_nettle_sha256_compress((digest), (data), K))
+
/* Initialize the SHA values */
void
@@ -83,89 +85,22 @@ sha256_init(struct sha256_ctx *ctx)
ctx->index = 0;
}
-#define SHA256_INCR(ctx) ((ctx)->count_high += !++(ctx)->count_low)
-
void
sha256_update(struct sha256_ctx *ctx,
- unsigned length, const uint8_t *buffer)
+ unsigned length, const uint8_t *data)
{
- if (ctx->index)
- { /* Try to fill partial block */
- unsigned left = SHA256_DATA_SIZE - ctx->index;
- if (length < left)
- {
- memcpy(ctx->block + ctx->index, buffer, length);
- ctx->index += length;
- return; /* Finished */
- }
- else
- {
- memcpy(ctx->block + ctx->index, buffer, left);
-
- _nettle_sha256_compress(ctx->state, ctx->block, K);
- SHA256_INCR(ctx);
-
- buffer += left;
- length -= left;
- }
- }
- while (length >= SHA256_DATA_SIZE)
- {
- _nettle_sha256_compress(ctx->state, buffer, K);
- SHA256_INCR(ctx);
-
- buffer += SHA256_DATA_SIZE;
- length -= SHA256_DATA_SIZE;
- }
- /* Buffer leftovers */
- /* NOTE: The corresponding sha1 code checks for the special case length == 0.
- * That seems supoptimal, as I suspect it increases the number of branches. */
-
- memcpy(ctx->block, buffer, length);
- ctx->index = length;
+ MD_UPDATE (ctx, length, data, COMPRESS);
}
-/* Final wrapup - pad to SHA1_DATA_SIZE-byte boundary with the bit pattern
- 1 0* (64-bit count of bits processed, MSB-first) */
-
static void
-sha256_final(struct sha256_ctx *ctx)
+sha256_write_digest(struct sha256_ctx *ctx,
+ unsigned length,
+ uint8_t *digest)
{
- uint32_t bitcount_high;
- uint32_t bitcount_low;
- int i;
-
- i = ctx->index;
-
- /* Set the first char of padding to 0x80. This is safe since there is
- always at least one byte free */
-
- assert(i < SHA256_DATA_SIZE);
- ctx->block[i++] = 0x80;
-
- if (i > (SHA1_DATA_SIZE - 8))
- { /* No room for length in this block. Process it and
- * pad with another one */
- memset(ctx->block + i, 0, SHA256_DATA_SIZE - i);
- _nettle_sha256_compress(ctx->state, ctx->block, K);
-
- i = 0;
- }
-
- if (i < (SHA256_DATA_SIZE - 8))
- memset(ctx->block + i, 0, (SHA256_DATA_SIZE - 8) - i);
-
- /* There are 512 = 2^9 bits in one block */
- bitcount_high = (ctx->count_high << 9) | (ctx->count_low >> 23);
- bitcount_low = (ctx->count_low << 9) | (ctx->index << 3);
-
- /* This is slightly inefficient, as the numbers are converted to
- big-endian format, and will be converted back by the compression
- function. It's probably not worth the effort to fix this. */
- WRITE_UINT32(ctx->block + (SHA256_DATA_SIZE - 8), bitcount_high);
- WRITE_UINT32(ctx->block + (SHA256_DATA_SIZE - 4), bitcount_low);
+ assert(length <= SHA256_DIGEST_SIZE);
- _nettle_sha256_compress(ctx->state, ctx->block, K);
+ MD_FINAL(ctx, 32, 9, COMPRESS, WRITE_UINT32);
+ _nettle_write_be32(length, digest, ctx->state);
}
void
@@ -173,10 +108,7 @@ sha256_digest(struct sha256_ctx *ctx,
unsigned length,
uint8_t *digest)
{
- assert(length <= SHA256_DIGEST_SIZE);
-
- sha256_final(ctx);
- _nettle_write_be32(length, digest, ctx->state);
+ sha256_write_digest(ctx, length, digest);
sha256_init(ctx);
}
@@ -206,9 +138,6 @@ sha224_digest(struct sha256_ctx *ctx,
unsigned length,
uint8_t *digest)
{
- assert(length <= SHA224_DIGEST_SIZE);
-
- sha256_final(ctx);
- _nettle_write_be32(length, digest, ctx->state);
+ sha256_write_digest(ctx, length, digest);
sha224_init(ctx);
}
--
GitLab