/src/boringssl/crypto/fipsmodule/digest/md32_common.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* ==================================================================== |
2 | | * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. |
3 | | * |
4 | | * Redistribution and use in source and binary forms, with or without |
5 | | * modification, are permitted provided that the following conditions |
6 | | * are met: |
7 | | * |
8 | | * 1. Redistributions of source code must retain the above copyright |
9 | | * notice, this list of conditions and the following disclaimer. |
10 | | * |
11 | | * 2. Redistributions in binary form must reproduce the above copyright |
12 | | * notice, this list of conditions and the following disclaimer in |
13 | | * the documentation and/or other materials provided with the |
14 | | * distribution. |
15 | | * |
16 | | * 3. All advertising materials mentioning features or use of this |
17 | | * software must display the following acknowledgment: |
18 | | * "This product includes software developed by the OpenSSL Project |
19 | | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" |
20 | | * |
21 | | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
22 | | * endorse or promote products derived from this software without |
23 | | * prior written permission. For written permission, please contact |
24 | | * licensing@OpenSSL.org. |
25 | | * |
26 | | * 5. Products derived from this software may not be called "OpenSSL" |
27 | | * nor may "OpenSSL" appear in their names without prior written |
28 | | * permission of the OpenSSL Project. |
29 | | * |
30 | | * 6. Redistributions of any form whatsoever must retain the following |
31 | | * acknowledgment: |
32 | | * "This product includes software developed by the OpenSSL Project |
33 | | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" |
34 | | * |
35 | | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
36 | | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
37 | | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
38 | | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
39 | | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
40 | | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
41 | | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
42 | | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
43 | | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
44 | | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
45 | | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
46 | | * OF THE POSSIBILITY OF SUCH DAMAGE. |
47 | | * ==================================================================== */ |
48 | | |
49 | | #ifndef OPENSSL_HEADER_DIGEST_MD32_COMMON_H |
50 | | #define OPENSSL_HEADER_DIGEST_MD32_COMMON_H |
51 | | |
52 | | #include <openssl/base.h> |
53 | | |
54 | | #include <assert.h> |
55 | | |
56 | | #include "../../internal.h" |
57 | | |
58 | | #if defined(__cplusplus) |
59 | | extern "C" { |
60 | | #endif |
61 | | |
62 | | |
63 | | // This is a generic 32-bit "collector" for message digest algorithms. It |
64 | | // collects input character stream into chunks of 32-bit values and invokes the |
65 | | // block function that performs the actual hash calculations. |
66 | | // |
67 | | // To make use of this mechanism, the hash context should be defined with the |
68 | | // following parameters. |
69 | | // |
70 | | // typedef struct <name>_state_st { |
71 | | // uint32_t h[<chaining length> / sizeof(uint32_t)]; |
72 | | // uint32_t Nl, Nh; |
73 | | // uint8_t data[<block size>]; |
74 | | // unsigned num; |
75 | | // ... |
76 | | // } <NAME>_CTX; |
77 | | // |
78 | | // <chaining length> is the output length of the hash in bytes, before |
79 | | // any truncation (e.g. 64 for SHA-224 and SHA-256, 128 for SHA-384 and |
80 | | // SHA-512). |
81 | | // |
82 | | // |h| is the hash state and is updated by a function of type |
83 | | // |crypto_md32_block_func|. |data| is the partial unprocessed block and has |
84 | | // |num| bytes. |Nl| and |Nh| maintain the number of bits processed so far. |
85 | | |
86 | | // A crypto_md32_block_func should incorporate |num_blocks| of input from |data| |
87 | | // into |state|. It is assumed the caller has sized |state| and |data| for the |
88 | | // hash function. |
89 | | typedef void (*crypto_md32_block_func)(uint32_t *state, const uint8_t *data, |
90 | | size_t num_blocks); |
91 | | |
92 | | // crypto_md32_update adds |len| bytes from |in| to the digest. |data| must be a |
93 | | // buffer of length |block_size| with the first |*num| bytes containing a |
94 | | // partial block. This function combines the partial block with |in| and |
95 | | // incorporates any complete blocks into the digest state |h|. It then updates |
96 | | // |data| and |*num| with the new partial block and updates |*Nh| and |*Nl| with |
97 | | // the data consumed. |
98 | | static inline void crypto_md32_update(crypto_md32_block_func block_func, |
99 | | uint32_t *h, uint8_t *data, |
100 | | size_t block_size, unsigned *num, |
101 | | uint32_t *Nh, uint32_t *Nl, |
102 | 0 | const uint8_t *in, size_t len) { |
103 | 0 | if (len == 0) { |
104 | 0 | return; |
105 | 0 | } |
106 | | |
107 | 0 | uint32_t l = *Nl + (((uint32_t)len) << 3); |
108 | 0 | if (l < *Nl) { |
109 | | // Handle carries. |
110 | 0 | (*Nh)++; |
111 | 0 | } |
112 | 0 | *Nh += (uint32_t)(len >> 29); |
113 | 0 | *Nl = l; |
114 | |
|
115 | 0 | size_t n = *num; |
116 | 0 | if (n != 0) { |
117 | 0 | if (len >= block_size || len + n >= block_size) { |
118 | 0 | OPENSSL_memcpy(data + n, in, block_size - n); |
119 | 0 | block_func(h, data, 1); |
120 | 0 | n = block_size - n; |
121 | 0 | in += n; |
122 | 0 | len -= n; |
123 | 0 | *num = 0; |
124 | | // Keep |data| zeroed when unused. |
125 | 0 | OPENSSL_memset(data, 0, block_size); |
126 | 0 | } else { |
127 | 0 | OPENSSL_memcpy(data + n, in, len); |
128 | 0 | *num += (unsigned)len; |
129 | 0 | return; |
130 | 0 | } |
131 | 0 | } |
132 | | |
133 | 0 | n = len / block_size; |
134 | 0 | if (n > 0) { |
135 | 0 | block_func(h, in, n); |
136 | 0 | n *= block_size; |
137 | 0 | in += n; |
138 | 0 | len -= n; |
139 | 0 | } |
140 | |
|
141 | 0 | if (len != 0) { |
142 | 0 | *num = (unsigned)len; |
143 | 0 | OPENSSL_memcpy(data, in, len); |
144 | 0 | } |
145 | 0 | } Unexecuted instantiation: bcm.c:crypto_md32_update Unexecuted instantiation: md5.c:crypto_md32_update Unexecuted instantiation: md4.c:crypto_md32_update |
146 | | |
147 | | // crypto_md32_final incorporates the partial block and trailing length into the |
148 | | // digest state |h|. The trailing length is encoded in little-endian if |
149 | | // |is_big_endian| is zero and big-endian otherwise. |data| must be a buffer of |
150 | | // length |block_size| with the first |*num| bytes containing a partial block. |
151 | | // |Nh| and |Nl| contain the total number of bits processed. On return, this |
152 | | // function clears the partial block in |data| and |
153 | | // |*num|. |
154 | | // |
155 | | // This function does not serialize |h| into a final digest. This is the |
156 | | // responsibility of the caller. |
157 | | static inline void crypto_md32_final(crypto_md32_block_func block_func, |
158 | | uint32_t *h, uint8_t *data, |
159 | | size_t block_size, unsigned *num, |
160 | | uint32_t Nh, uint32_t Nl, |
161 | 0 | int is_big_endian) { |
162 | | // |data| always has room for at least one byte. A full block would have |
163 | | // been consumed. |
164 | 0 | size_t n = *num; |
165 | 0 | assert(n < block_size); |
166 | 0 | data[n] = 0x80; |
167 | 0 | n++; |
168 | | |
169 | | // Fill the block with zeros if there isn't room for a 64-bit length. |
170 | 0 | if (n > block_size - 8) { |
171 | 0 | OPENSSL_memset(data + n, 0, block_size - n); |
172 | 0 | n = 0; |
173 | 0 | block_func(h, data, 1); |
174 | 0 | } |
175 | 0 | OPENSSL_memset(data + n, 0, block_size - 8 - n); |
176 | | |
177 | | // Append a 64-bit length to the block and process it. |
178 | 0 | if (is_big_endian) { |
179 | 0 | CRYPTO_store_u32_be(data + block_size - 8, Nh); |
180 | 0 | CRYPTO_store_u32_be(data + block_size - 4, Nl); |
181 | 0 | } else { |
182 | 0 | CRYPTO_store_u32_le(data + block_size - 8, Nl); |
183 | 0 | CRYPTO_store_u32_le(data + block_size - 4, Nh); |
184 | 0 | } |
185 | 0 | block_func(h, data, 1); |
186 | 0 | *num = 0; |
187 | 0 | OPENSSL_memset(data, 0, block_size); |
188 | 0 | } Unexecuted instantiation: bcm.c:crypto_md32_final Unexecuted instantiation: md5.c:crypto_md32_final Unexecuted instantiation: md4.c:crypto_md32_final |
189 | | |
190 | | |
191 | | #if defined(__cplusplus) |
192 | | } // extern C |
193 | | #endif |
194 | | |
195 | | #endif // OPENSSL_HEADER_DIGEST_MD32_COMMON_H |