diff options
| author | Niels Möller <nisse@lysator.liu.se> | 2011-08-29 16:24:55 +0200 |
|---|---|---|
| committer | Niels Möller <nisse@lysator.liu.se> | 2011-08-29 16:24:55 +0200 |
| commit | 2a3f11f9c5dab4ef69e01277a0d00168c26afdba (patch) | |
| tree | 98619fbe9fb770577f42800ad2da339789efbc2a /sha256.c | |
| parent | e19c66cf019001f8c06c0ab58fa379df176f6e34 (diff) | |
| download | nettle-2a3f11f9c5dab4ef69e01277a0d00168c26afdba.tar.gz | |
(COMPRESS): New macro wrapping _nettle_sha256_compress.
(SHA256_INCR): Deleted macro.
(sha256_update): Use MD_UPDATE.
(sha256_final): Deleted function.
(sha256_write_digest): New function, replacing sha256_final, and
using MD_FINAL.
(sha256_digest): Use sha256_write_digest.
(sha224_digest): Likewise.
Rev: nettle/sha256.c:1.6
Diffstat (limited to 'sha256.c')
| -rw-r--r-- | sha256.c | 95 |
1 files changed, 12 insertions, 83 deletions
@@ -62,6 +62,8 @@ K[64] = 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL, }; +#define COMPRESS(digest, data) (_nettle_sha256_compress((digest), (data), K)) + /* Initialize the SHA values */ void @@ -83,89 +85,22 @@ sha256_init(struct sha256_ctx *ctx) ctx->index = 0; } -#define SHA256_INCR(ctx) ((ctx)->count_high += !++(ctx)->count_low) - void sha256_update(struct sha256_ctx *ctx, - unsigned length, const uint8_t *buffer) + unsigned length, const uint8_t *data) { - if (ctx->index) - { /* Try to fill partial block */ - unsigned left = SHA256_DATA_SIZE - ctx->index; - if (length < left) - { - memcpy(ctx->block + ctx->index, buffer, length); - ctx->index += length; - return; /* Finished */ - } - else - { - memcpy(ctx->block + ctx->index, buffer, left); - - _nettle_sha256_compress(ctx->state, ctx->block, K); - SHA256_INCR(ctx); - - buffer += left; - length -= left; - } - } - while (length >= SHA256_DATA_SIZE) - { - _nettle_sha256_compress(ctx->state, buffer, K); - SHA256_INCR(ctx); - - buffer += SHA256_DATA_SIZE; - length -= SHA256_DATA_SIZE; - } - /* Buffer leftovers */ - /* NOTE: The corresponding sha1 code checks for the special case length == 0. - * That seems supoptimal, as I suspect it increases the number of branches. */ - - memcpy(ctx->block, buffer, length); - ctx->index = length; + MD_UPDATE (ctx, length, data, COMPRESS); } -/* Final wrapup - pad to SHA1_DATA_SIZE-byte boundary with the bit pattern - 1 0* (64-bit count of bits processed, MSB-first) */ - static void -sha256_final(struct sha256_ctx *ctx) +sha256_write_digest(struct sha256_ctx *ctx, + unsigned length, + uint8_t *digest) { - uint32_t bitcount_high; - uint32_t bitcount_low; - int i; - - i = ctx->index; - - /* Set the first char of padding to 0x80. This is safe since there is - always at least one byte free */ - - assert(i < SHA256_DATA_SIZE); - ctx->block[i++] = 0x80; - - if (i > (SHA1_DATA_SIZE - 8)) - { /* No room for length in this block. Process it and - * pad with another one */ - memset(ctx->block + i, 0, SHA256_DATA_SIZE - i); - _nettle_sha256_compress(ctx->state, ctx->block, K); - - i = 0; - } - - if (i < (SHA256_DATA_SIZE - 8)) - memset(ctx->block + i, 0, (SHA256_DATA_SIZE - 8) - i); - - /* There are 512 = 2^9 bits in one block */ - bitcount_high = (ctx->count_high << 9) | (ctx->count_low >> 23); - bitcount_low = (ctx->count_low << 9) | (ctx->index << 3); - - /* This is slightly inefficient, as the numbers are converted to - big-endian format, and will be converted back by the compression - function. It's probably not worth the effort to fix this. */ - WRITE_UINT32(ctx->block + (SHA256_DATA_SIZE - 8), bitcount_high); - WRITE_UINT32(ctx->block + (SHA256_DATA_SIZE - 4), bitcount_low); + assert(length <= SHA256_DIGEST_SIZE); - _nettle_sha256_compress(ctx->state, ctx->block, K); + MD_FINAL(ctx, 32, 9, COMPRESS, WRITE_UINT32); + _nettle_write_be32(length, digest, ctx->state); } void @@ -173,10 +108,7 @@ sha256_digest(struct sha256_ctx *ctx, unsigned length, uint8_t *digest) { - assert(length <= SHA256_DIGEST_SIZE); - - sha256_final(ctx); - _nettle_write_be32(length, digest, ctx->state); + sha256_write_digest(ctx, length, digest); sha256_init(ctx); } @@ -206,9 +138,6 @@ sha224_digest(struct sha256_ctx *ctx, unsigned length, uint8_t *digest) { - assert(length <= SHA224_DIGEST_SIZE); - - sha256_final(ctx); - _nettle_write_be32(length, digest, ctx->state); + sha256_write_digest(ctx, length, digest); sha224_init(ctx); } |