Skip to content
Snippets Groups Projects
Commit 2a3f11f9 authored by Niels Möller's avatar Niels Möller
Browse files

(COMPRESS): New macro wrapping _nettle_sha256_compress. 

(SHA256_INCR): Deleted macro.
(sha256_update): Use MD_UPDATE.
(sha256_final): Deleted function.
(sha256_write_digest): New function, replacing sha256_final, and
using MD_FINAL.
(sha256_digest): Use sha256_write_digest.
(sha224_digest): Likewise.

Rev: nettle/sha256.c:1.6
parent e19c66cf
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 12 additions and 83 deletions
sha256.c
+ 12
83
View file @ 2a3f11f9
...@@ -62,6 +62,8 @@ K[64] = ...@@ -62,6 +62,8 @@ K[64] =
0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL, 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL,
}; };
#define COMPRESS(digest, data) (_nettle_sha256_compress((digest), (data), K))
/* Initialize the SHA values */ /* Initialize the SHA values */
void void
...@@ -83,89 +85,22 @@ sha256_init(struct sha256_ctx *ctx) ...@@ -83,89 +85,22 @@ sha256_init(struct sha256_ctx *ctx)
ctx->index = 0; ctx->index = 0;
} }
#define SHA256_INCR(ctx) ((ctx)->count_high += !++(ctx)->count_low)
void void
sha256_update(struct sha256_ctx *ctx, sha256_update(struct sha256_ctx *ctx,
unsigned length, const uint8_t *buffer) unsigned length, const uint8_t *data)
{ {
if (ctx->index) MD_UPDATE (ctx, length, data, COMPRESS);
{ /* Try to fill partial block */
unsigned left = SHA256_DATA_SIZE - ctx->index;
if (length < left)
{
memcpy(ctx->block + ctx->index, buffer, length);
ctx->index += length;
return; /* Finished */
}
else
{
memcpy(ctx->block + ctx->index, buffer, left);
_nettle_sha256_compress(ctx->state, ctx->block, K);
SHA256_INCR(ctx);
buffer += left;
length -= left;
}
}
while (length >= SHA256_DATA_SIZE)
{
_nettle_sha256_compress(ctx->state, buffer, K);
SHA256_INCR(ctx);
buffer += SHA256_DATA_SIZE;
length -= SHA256_DATA_SIZE;
}
/* Buffer leftovers */
/* NOTE: The corresponding sha1 code checks for the special case length == 0.
* That seems supoptimal, as I suspect it increases the number of branches. */
memcpy(ctx->block, buffer, length);
ctx->index = length;
} }
/* Final wrapup - pad to SHA1_DATA_SIZE-byte boundary with the bit pattern
1 0* (64-bit count of bits processed, MSB-first) */
static void static void
sha256_final(struct sha256_ctx *ctx) sha256_write_digest(struct sha256_ctx *ctx,
unsigned length,
uint8_t *digest)
{ {
uint32_t bitcount_high; assert(length <= SHA256_DIGEST_SIZE);
uint32_t bitcount_low;
int i;
i = ctx->index;
/* Set the first char of padding to 0x80. This is safe since there is
always at least one byte free */
assert(i < SHA256_DATA_SIZE);
ctx->block[i++] = 0x80;
if (i > (SHA1_DATA_SIZE - 8))
{ /* No room for length in this block. Process it and
* pad with another one */
memset(ctx->block + i, 0, SHA256_DATA_SIZE - i);
_nettle_sha256_compress(ctx->state, ctx->block, K);
i = 0;
}
if (i < (SHA256_DATA_SIZE - 8))
memset(ctx->block + i, 0, (SHA256_DATA_SIZE - 8) - i);
/* There are 512 = 2^9 bits in one block */
bitcount_high = (ctx->count_high << 9) | (ctx->count_low >> 23);
bitcount_low = (ctx->count_low << 9) | (ctx->index << 3);
/* This is slightly inefficient, as the numbers are converted to
big-endian format, and will be converted back by the compression
function. It's probably not worth the effort to fix this. */
WRITE_UINT32(ctx->block + (SHA256_DATA_SIZE - 8), bitcount_high);
WRITE_UINT32(ctx->block + (SHA256_DATA_SIZE - 4), bitcount_low);
_nettle_sha256_compress(ctx->state, ctx->block, K); MD_FINAL(ctx, 32, 9, COMPRESS, WRITE_UINT32);
_nettle_write_be32(length, digest, ctx->state);
} }
void void
...@@ -173,10 +108,7 @@ sha256_digest(struct sha256_ctx *ctx, ...@@ -173,10 +108,7 @@ sha256_digest(struct sha256_ctx *ctx,
unsigned length, unsigned length,
uint8_t *digest) uint8_t *digest)
{ {
assert(length <= SHA256_DIGEST_SIZE); sha256_write_digest(ctx, length, digest);
sha256_final(ctx);
_nettle_write_be32(length, digest, ctx->state);
sha256_init(ctx); sha256_init(ctx);
} }
...@@ -206,9 +138,6 @@ sha224_digest(struct sha256_ctx *ctx, ...@@ -206,9 +138,6 @@ sha224_digest(struct sha256_ctx *ctx,
unsigned length, unsigned length,
uint8_t *digest) uint8_t *digest)
{ {
assert(length <= SHA224_DIGEST_SIZE); sha256_write_digest(ctx, length, digest);
sha256_final(ctx);
_nettle_write_be32(length, digest, ctx->state);
sha224_init(ctx); sha224_init(ctx);
} }
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment