/src/botan/src/lib/hash/sha2_64/sha2_64.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * SHA-{384,512} |
3 | | * (C) 1999-2011,2015 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #include <botan/internal/sha2_64.h> |
9 | | |
10 | | #include <botan/internal/bit_ops.h> |
11 | | #include <botan/internal/cpuid.h> |
12 | | #include <botan/internal/loadstor.h> |
13 | | #include <botan/internal/rotate.h> |
14 | | #include <botan/internal/sha2_64_f.h> |
15 | | |
16 | | namespace Botan { |
17 | | |
18 | | namespace { |
19 | | |
20 | 0 | std::string sha512_provider() { |
21 | 0 | #if defined(BOTAN_HAS_SHA2_64_BMI2) |
22 | 0 | if(CPUID::has_bmi2()) { |
23 | 0 | return "bmi2"; |
24 | 0 | } |
25 | 0 | #endif |
26 | | |
27 | 0 | return "base"; |
28 | 0 | } |
29 | | |
30 | | } // namespace |
31 | | |
32 | 0 | std::unique_ptr<HashFunction> SHA_384::copy_state() const { return std::make_unique<SHA_384>(*this); } |
33 | | |
34 | 0 | std::unique_ptr<HashFunction> SHA_512::copy_state() const { return std::make_unique<SHA_512>(*this); } |
35 | | |
36 | 0 | std::unique_ptr<HashFunction> SHA_512_256::copy_state() const { return std::make_unique<SHA_512_256>(*this); } |
37 | | |
38 | | /* |
39 | | * SHA-{384,512} Compression Function |
40 | | */ |
41 | | //static |
42 | 0 | void SHA_512::compress_digest(secure_vector<uint64_t>& digest, const uint8_t input[], size_t blocks) { |
43 | 0 | #if defined(BOTAN_HAS_SHA2_64_BMI2) |
44 | 0 | if(CPUID::has_bmi2()) { |
45 | 0 | return compress_digest_bmi2(digest, input, blocks); |
46 | 0 | } |
47 | 0 | #endif |
48 | | |
49 | 0 | uint64_t A = digest[0], B = digest[1], C = digest[2], D = digest[3], E = digest[4], F = digest[5], G = digest[6], |
50 | 0 | H = digest[7]; |
51 | |
|
52 | 0 | for(size_t i = 0; i != blocks; ++i) { |
53 | 0 | uint64_t W00 = load_be<uint64_t>(input, 0); |
54 | 0 | uint64_t W01 = load_be<uint64_t>(input, 1); |
55 | 0 | uint64_t W02 = load_be<uint64_t>(input, 2); |
56 | 0 | uint64_t W03 = load_be<uint64_t>(input, 3); |
57 | 0 | uint64_t W04 = load_be<uint64_t>(input, 4); |
58 | 0 | uint64_t W05 = load_be<uint64_t>(input, 5); |
59 | 0 | uint64_t W06 = load_be<uint64_t>(input, 6); |
60 | 0 | uint64_t W07 = load_be<uint64_t>(input, 7); |
61 | 0 | uint64_t W08 = load_be<uint64_t>(input, 8); |
62 | 0 | uint64_t W09 = load_be<uint64_t>(input, 9); |
63 | 0 | uint64_t W10 = load_be<uint64_t>(input, 10); |
64 | 0 | uint64_t W11 = load_be<uint64_t>(input, 11); |
65 | 0 | uint64_t W12 = load_be<uint64_t>(input, 12); |
66 | 0 | uint64_t W13 = load_be<uint64_t>(input, 13); |
67 | 0 | uint64_t W14 = load_be<uint64_t>(input, 14); |
68 | 0 | uint64_t W15 = load_be<uint64_t>(input, 15); |
69 | |
|
70 | 0 | SHA2_64_F(A, B, C, D, E, F, G, H, W00, W14, W09, W01, 0x428A2F98D728AE22); |
71 | 0 | SHA2_64_F(H, A, B, C, D, E, F, G, W01, W15, W10, W02, 0x7137449123EF65CD); |
72 | 0 | SHA2_64_F(G, H, A, B, C, D, E, F, W02, W00, W11, W03, 0xB5C0FBCFEC4D3B2F); |
73 | 0 | SHA2_64_F(F, G, H, A, B, C, D, E, W03, W01, W12, W04, 0xE9B5DBA58189DBBC); |
74 | 0 | SHA2_64_F(E, F, G, H, A, B, C, D, W04, W02, W13, W05, 0x3956C25BF348B538); |
75 | 0 | SHA2_64_F(D, E, F, G, H, A, B, C, W05, W03, W14, W06, 0x59F111F1B605D019); |
76 | 0 | SHA2_64_F(C, D, E, F, G, H, A, B, W06, W04, W15, W07, 0x923F82A4AF194F9B); |
77 | 0 | SHA2_64_F(B, C, D, E, F, G, H, A, W07, W05, W00, W08, 0xAB1C5ED5DA6D8118); |
78 | 0 | SHA2_64_F(A, B, C, D, E, F, G, H, W08, W06, W01, W09, 0xD807AA98A3030242); |
79 | 0 | SHA2_64_F(H, A, B, C, D, E, F, G, W09, W07, W02, W10, 0x12835B0145706FBE); |
80 | 0 | SHA2_64_F(G, H, A, B, C, D, E, F, W10, W08, W03, W11, 0x243185BE4EE4B28C); |
81 | 0 | SHA2_64_F(F, G, H, A, B, C, D, E, W11, W09, W04, W12, 0x550C7DC3D5FFB4E2); |
82 | 0 | SHA2_64_F(E, F, G, H, A, B, C, D, W12, W10, W05, W13, 0x72BE5D74F27B896F); |
83 | 0 | SHA2_64_F(D, E, F, G, H, A, B, C, W13, W11, W06, W14, 0x80DEB1FE3B1696B1); |
84 | 0 | SHA2_64_F(C, D, E, F, G, H, A, B, W14, W12, W07, W15, 0x9BDC06A725C71235); |
85 | 0 | SHA2_64_F(B, C, D, E, F, G, H, A, W15, W13, W08, W00, 0xC19BF174CF692694); |
86 | 0 | SHA2_64_F(A, B, C, D, E, F, G, H, W00, W14, W09, W01, 0xE49B69C19EF14AD2); |
87 | 0 | SHA2_64_F(H, A, B, C, D, E, F, G, W01, W15, W10, W02, 0xEFBE4786384F25E3); |
88 | 0 | SHA2_64_F(G, H, A, B, C, D, E, F, W02, W00, W11, W03, 0x0FC19DC68B8CD5B5); |
89 | 0 | SHA2_64_F(F, G, H, A, B, C, D, E, W03, W01, W12, W04, 0x240CA1CC77AC9C65); |
90 | 0 | SHA2_64_F(E, F, G, H, A, B, C, D, W04, W02, W13, W05, 0x2DE92C6F592B0275); |
91 | 0 | SHA2_64_F(D, E, F, G, H, A, B, C, W05, W03, W14, W06, 0x4A7484AA6EA6E483); |
92 | 0 | SHA2_64_F(C, D, E, F, G, H, A, B, W06, W04, W15, W07, 0x5CB0A9DCBD41FBD4); |
93 | 0 | SHA2_64_F(B, C, D, E, F, G, H, A, W07, W05, W00, W08, 0x76F988DA831153B5); |
94 | 0 | SHA2_64_F(A, B, C, D, E, F, G, H, W08, W06, W01, W09, 0x983E5152EE66DFAB); |
95 | 0 | SHA2_64_F(H, A, B, C, D, E, F, G, W09, W07, W02, W10, 0xA831C66D2DB43210); |
96 | 0 | SHA2_64_F(G, H, A, B, C, D, E, F, W10, W08, W03, W11, 0xB00327C898FB213F); |
97 | 0 | SHA2_64_F(F, G, H, A, B, C, D, E, W11, W09, W04, W12, 0xBF597FC7BEEF0EE4); |
98 | 0 | SHA2_64_F(E, F, G, H, A, B, C, D, W12, W10, W05, W13, 0xC6E00BF33DA88FC2); |
99 | 0 | SHA2_64_F(D, E, F, G, H, A, B, C, W13, W11, W06, W14, 0xD5A79147930AA725); |
100 | 0 | SHA2_64_F(C, D, E, F, G, H, A, B, W14, W12, W07, W15, 0x06CA6351E003826F); |
101 | 0 | SHA2_64_F(B, C, D, E, F, G, H, A, W15, W13, W08, W00, 0x142929670A0E6E70); |
102 | 0 | SHA2_64_F(A, B, C, D, E, F, G, H, W00, W14, W09, W01, 0x27B70A8546D22FFC); |
103 | 0 | SHA2_64_F(H, A, B, C, D, E, F, G, W01, W15, W10, W02, 0x2E1B21385C26C926); |
104 | 0 | SHA2_64_F(G, H, A, B, C, D, E, F, W02, W00, W11, W03, 0x4D2C6DFC5AC42AED); |
105 | 0 | SHA2_64_F(F, G, H, A, B, C, D, E, W03, W01, W12, W04, 0x53380D139D95B3DF); |
106 | 0 | SHA2_64_F(E, F, G, H, A, B, C, D, W04, W02, W13, W05, 0x650A73548BAF63DE); |
107 | 0 | SHA2_64_F(D, E, F, G, H, A, B, C, W05, W03, W14, W06, 0x766A0ABB3C77B2A8); |
108 | 0 | SHA2_64_F(C, D, E, F, G, H, A, B, W06, W04, W15, W07, 0x81C2C92E47EDAEE6); |
109 | 0 | SHA2_64_F(B, C, D, E, F, G, H, A, W07, W05, W00, W08, 0x92722C851482353B); |
110 | 0 | SHA2_64_F(A, B, C, D, E, F, G, H, W08, W06, W01, W09, 0xA2BFE8A14CF10364); |
111 | 0 | SHA2_64_F(H, A, B, C, D, E, F, G, W09, W07, W02, W10, 0xA81A664BBC423001); |
112 | 0 | SHA2_64_F(G, H, A, B, C, D, E, F, W10, W08, W03, W11, 0xC24B8B70D0F89791); |
113 | 0 | SHA2_64_F(F, G, H, A, B, C, D, E, W11, W09, W04, W12, 0xC76C51A30654BE30); |
114 | 0 | SHA2_64_F(E, F, G, H, A, B, C, D, W12, W10, W05, W13, 0xD192E819D6EF5218); |
115 | 0 | SHA2_64_F(D, E, F, G, H, A, B, C, W13, W11, W06, W14, 0xD69906245565A910); |
116 | 0 | SHA2_64_F(C, D, E, F, G, H, A, B, W14, W12, W07, W15, 0xF40E35855771202A); |
117 | 0 | SHA2_64_F(B, C, D, E, F, G, H, A, W15, W13, W08, W00, 0x106AA07032BBD1B8); |
118 | 0 | SHA2_64_F(A, B, C, D, E, F, G, H, W00, W14, W09, W01, 0x19A4C116B8D2D0C8); |
119 | 0 | SHA2_64_F(H, A, B, C, D, E, F, G, W01, W15, W10, W02, 0x1E376C085141AB53); |
120 | 0 | SHA2_64_F(G, H, A, B, C, D, E, F, W02, W00, W11, W03, 0x2748774CDF8EEB99); |
121 | 0 | SHA2_64_F(F, G, H, A, B, C, D, E, W03, W01, W12, W04, 0x34B0BCB5E19B48A8); |
122 | 0 | SHA2_64_F(E, F, G, H, A, B, C, D, W04, W02, W13, W05, 0x391C0CB3C5C95A63); |
123 | 0 | SHA2_64_F(D, E, F, G, H, A, B, C, W05, W03, W14, W06, 0x4ED8AA4AE3418ACB); |
124 | 0 | SHA2_64_F(C, D, E, F, G, H, A, B, W06, W04, W15, W07, 0x5B9CCA4F7763E373); |
125 | 0 | SHA2_64_F(B, C, D, E, F, G, H, A, W07, W05, W00, W08, 0x682E6FF3D6B2B8A3); |
126 | 0 | SHA2_64_F(A, B, C, D, E, F, G, H, W08, W06, W01, W09, 0x748F82EE5DEFB2FC); |
127 | 0 | SHA2_64_F(H, A, B, C, D, E, F, G, W09, W07, W02, W10, 0x78A5636F43172F60); |
128 | 0 | SHA2_64_F(G, H, A, B, C, D, E, F, W10, W08, W03, W11, 0x84C87814A1F0AB72); |
129 | 0 | SHA2_64_F(F, G, H, A, B, C, D, E, W11, W09, W04, W12, 0x8CC702081A6439EC); |
130 | 0 | SHA2_64_F(E, F, G, H, A, B, C, D, W12, W10, W05, W13, 0x90BEFFFA23631E28); |
131 | 0 | SHA2_64_F(D, E, F, G, H, A, B, C, W13, W11, W06, W14, 0xA4506CEBDE82BDE9); |
132 | 0 | SHA2_64_F(C, D, E, F, G, H, A, B, W14, W12, W07, W15, 0xBEF9A3F7B2C67915); |
133 | 0 | SHA2_64_F(B, C, D, E, F, G, H, A, W15, W13, W08, W00, 0xC67178F2E372532B); |
134 | 0 | SHA2_64_F(A, B, C, D, E, F, G, H, W00, W14, W09, W01, 0xCA273ECEEA26619C); |
135 | 0 | SHA2_64_F(H, A, B, C, D, E, F, G, W01, W15, W10, W02, 0xD186B8C721C0C207); |
136 | 0 | SHA2_64_F(G, H, A, B, C, D, E, F, W02, W00, W11, W03, 0xEADA7DD6CDE0EB1E); |
137 | 0 | SHA2_64_F(F, G, H, A, B, C, D, E, W03, W01, W12, W04, 0xF57D4F7FEE6ED178); |
138 | 0 | SHA2_64_F(E, F, G, H, A, B, C, D, W04, W02, W13, W05, 0x06F067AA72176FBA); |
139 | 0 | SHA2_64_F(D, E, F, G, H, A, B, C, W05, W03, W14, W06, 0x0A637DC5A2C898A6); |
140 | 0 | SHA2_64_F(C, D, E, F, G, H, A, B, W06, W04, W15, W07, 0x113F9804BEF90DAE); |
141 | 0 | SHA2_64_F(B, C, D, E, F, G, H, A, W07, W05, W00, W08, 0x1B710B35131C471B); |
142 | 0 | SHA2_64_F(A, B, C, D, E, F, G, H, W08, W06, W01, W09, 0x28DB77F523047D84); |
143 | 0 | SHA2_64_F(H, A, B, C, D, E, F, G, W09, W07, W02, W10, 0x32CAAB7B40C72493); |
144 | 0 | SHA2_64_F(G, H, A, B, C, D, E, F, W10, W08, W03, W11, 0x3C9EBE0A15C9BEBC); |
145 | 0 | SHA2_64_F(F, G, H, A, B, C, D, E, W11, W09, W04, W12, 0x431D67C49C100D4C); |
146 | 0 | SHA2_64_F(E, F, G, H, A, B, C, D, W12, W10, W05, W13, 0x4CC5D4BECB3E42B6); |
147 | 0 | SHA2_64_F(D, E, F, G, H, A, B, C, W13, W11, W06, W14, 0x597F299CFC657E2A); |
148 | 0 | SHA2_64_F(C, D, E, F, G, H, A, B, W14, W12, W07, W15, 0x5FCB6FAB3AD6FAEC); |
149 | 0 | SHA2_64_F(B, C, D, E, F, G, H, A, W15, W13, W08, W00, 0x6C44198C4A475817); |
150 | |
|
151 | 0 | A = (digest[0] += A); |
152 | 0 | B = (digest[1] += B); |
153 | 0 | C = (digest[2] += C); |
154 | 0 | D = (digest[3] += D); |
155 | 0 | E = (digest[4] += E); |
156 | 0 | F = (digest[5] += F); |
157 | 0 | G = (digest[6] += G); |
158 | 0 | H = (digest[7] += H); |
159 | |
|
160 | 0 | input += 128; |
161 | 0 | } |
162 | 0 | } |
163 | | |
164 | | #undef SHA2_64_F |
165 | | |
166 | 0 | std::string SHA_512_256::provider() const { return sha512_provider(); } |
167 | | |
168 | 0 | std::string SHA_384::provider() const { return sha512_provider(); } |
169 | | |
170 | 0 | std::string SHA_512::provider() const { return sha512_provider(); } |
171 | | |
172 | 0 | void SHA_512_256::compress_n(const uint8_t input[], size_t blocks) { |
173 | 0 | SHA_512::compress_digest(m_digest, input, blocks); |
174 | 0 | } |
175 | | |
176 | 0 | void SHA_384::compress_n(const uint8_t input[], size_t blocks) { SHA_512::compress_digest(m_digest, input, blocks); } |
177 | | |
178 | 0 | void SHA_512::compress_n(const uint8_t input[], size_t blocks) { SHA_512::compress_digest(m_digest, input, blocks); } |
179 | | |
180 | 0 | void SHA_512_256::copy_out(uint8_t output[]) { copy_out_vec_be(output, output_length(), m_digest); } |
181 | | |
182 | 0 | void SHA_384::copy_out(uint8_t output[]) { copy_out_vec_be(output, output_length(), m_digest); } |
183 | | |
184 | 0 | void SHA_512::copy_out(uint8_t output[]) { copy_out_vec_be(output, output_length(), m_digest); } |
185 | | |
186 | 0 | void SHA_512_256::clear() { |
187 | 0 | MDx_HashFunction::clear(); |
188 | 0 | m_digest[0] = 0x22312194FC2BF72C; |
189 | 0 | m_digest[1] = 0x9F555FA3C84C64C2; |
190 | 0 | m_digest[2] = 0x2393B86B6F53B151; |
191 | 0 | m_digest[3] = 0x963877195940EABD; |
192 | 0 | m_digest[4] = 0x96283EE2A88EFFE3; |
193 | 0 | m_digest[5] = 0xBE5E1E2553863992; |
194 | 0 | m_digest[6] = 0x2B0199FC2C85B8AA; |
195 | 0 | m_digest[7] = 0x0EB72DDC81C52CA2; |
196 | 0 | } |
197 | | |
198 | 0 | void SHA_384::clear() { |
199 | 0 | MDx_HashFunction::clear(); |
200 | 0 | m_digest[0] = 0xCBBB9D5DC1059ED8; |
201 | 0 | m_digest[1] = 0x629A292A367CD507; |
202 | 0 | m_digest[2] = 0x9159015A3070DD17; |
203 | 0 | m_digest[3] = 0x152FECD8F70E5939; |
204 | 0 | m_digest[4] = 0x67332667FFC00B31; |
205 | 0 | m_digest[5] = 0x8EB44A8768581511; |
206 | 0 | m_digest[6] = 0xDB0C2E0D64F98FA7; |
207 | 0 | m_digest[7] = 0x47B5481DBEFA4FA4; |
208 | 0 | } |
209 | | |
210 | 0 | void SHA_512::clear() { |
211 | 0 | MDx_HashFunction::clear(); |
212 | 0 | m_digest[0] = 0x6A09E667F3BCC908; |
213 | 0 | m_digest[1] = 0xBB67AE8584CAA73B; |
214 | 0 | m_digest[2] = 0x3C6EF372FE94F82B; |
215 | 0 | m_digest[3] = 0xA54FF53A5F1D36F1; |
216 | 0 | m_digest[4] = 0x510E527FADE682D1; |
217 | 0 | m_digest[5] = 0x9B05688C2B3E6C1F; |
218 | 0 | m_digest[6] = 0x1F83D9ABFB41BD6B; |
219 | 0 | m_digest[7] = 0x5BE0CD19137E2179; |
220 | 0 | } |
221 | | |
222 | | } // namespace Botan |