/src/boringssl/crypto/fipsmodule/digest/md32_common.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* ==================================================================== |
2 | | * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. |
3 | | * |
4 | | * Redistribution and use in source and binary forms, with or without |
5 | | * modification, are permitted provided that the following conditions |
6 | | * are met: |
7 | | * |
8 | | * 1. Redistributions of source code must retain the above copyright |
9 | | * notice, this list of conditions and the following disclaimer. |
10 | | * |
11 | | * 2. Redistributions in binary form must reproduce the above copyright |
12 | | * notice, this list of conditions and the following disclaimer in |
13 | | * the documentation and/or other materials provided with the |
14 | | * distribution. |
15 | | * |
16 | | * 3. All advertising materials mentioning features or use of this |
17 | | * software must display the following acknowledgment: |
18 | | * "This product includes software developed by the OpenSSL Project |
19 | | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" |
20 | | * |
21 | | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
22 | | * endorse or promote products derived from this software without |
23 | | * prior written permission. For written permission, please contact |
24 | | * licensing@OpenSSL.org. |
25 | | * |
26 | | * 5. Products derived from this software may not be called "OpenSSL" |
27 | | * nor may "OpenSSL" appear in their names without prior written |
28 | | * permission of the OpenSSL Project. |
29 | | * |
30 | | * 6. Redistributions of any form whatsoever must retain the following |
31 | | * acknowledgment: |
32 | | * "This product includes software developed by the OpenSSL Project |
33 | | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" |
34 | | * |
35 | | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
36 | | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
37 | | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
38 | | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
39 | | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
40 | | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
41 | | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
42 | | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
43 | | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
44 | | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
45 | | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
46 | | * OF THE POSSIBILITY OF SUCH DAMAGE. |
47 | | * ==================================================================== */ |
48 | | |
49 | | #ifndef OPENSSL_HEADER_DIGEST_MD32_COMMON_H |
50 | | #define OPENSSL_HEADER_DIGEST_MD32_COMMON_H |
51 | | |
52 | | #include <openssl/base.h> |
53 | | |
54 | | #include <assert.h> |
55 | | |
56 | | #include "../../internal.h" |
57 | | |
58 | | #if defined(__cplusplus) |
59 | | extern "C" { |
60 | | #endif |
61 | | |
62 | | |
63 | | // This is a generic 32-bit "collector" for message digest algorithms. It |
64 | | // collects input character stream into chunks of 32-bit values and invokes the |
65 | | // block function that performs the actual hash calculations. |
66 | | // |
67 | | // To make use of this mechanism, the hash context should be defined with the |
68 | | // following parameters. |
69 | | // |
70 | | // typedef struct <name>_state_st { |
71 | | // uint32_t h[<chaining length> / sizeof(uint32_t)]; |
72 | | // uint32_t Nl, Nh; |
73 | | // uint8_t data[<block size>]; |
74 | | // unsigned num; |
75 | | // ... |
76 | | // } <NAME>_CTX; |
77 | | // |
78 | | // <chaining length> is the output length of the hash in bytes, before |
79 | | // any truncation (e.g. 64 for SHA-224 and SHA-256, 128 for SHA-384 and |
80 | | // SHA-512). |
81 | | // |
82 | | // |h| is the hash state and is updated by a function of type |
83 | | // |crypto_md32_block_func|. |data| is the partial unprocessed block and has |
84 | | // |num| bytes. |Nl| and |Nh| maintain the number of bits processed so far. |
85 | | |
86 | | // A crypto_md32_block_func should incorporate |num_blocks| of input from |data| |
87 | | // into |state|. It is assumed the caller has sized |state| and |data| for the |
88 | | // hash function. |
89 | | typedef void (*crypto_md32_block_func)(uint32_t *state, const uint8_t *data, |
90 | | size_t num_blocks); |
91 | | |
92 | | // crypto_md32_update adds |len| bytes from |in| to the digest. |data| must be a |
93 | | // buffer of length |block_size| with the first |*num| bytes containing a |
94 | | // partial block. This function combines the partial block with |in| and |
95 | | // incorporates any complete blocks into the digest state |h|. It then updates |
96 | | // |data| and |*num| with the new partial block and updates |*Nh| and |*Nl| with |
97 | | // the data consumed. |
98 | | static inline void crypto_md32_update(crypto_md32_block_func block_func, |
99 | | uint32_t *h, uint8_t *data, |
100 | | size_t block_size, unsigned *num, |
101 | | uint32_t *Nh, uint32_t *Nl, |
102 | 112k | const uint8_t *in, size_t len) { |
103 | 112k | if (len == 0) { |
104 | 50.3k | return; |
105 | 50.3k | } |
106 | | |
107 | 62.1k | uint32_t l = *Nl + (((uint32_t)len) << 3); |
108 | 62.1k | if (l < *Nl) { |
109 | | // Handle carries. |
110 | 0 | (*Nh)++; |
111 | 0 | } |
112 | 62.1k | *Nh += (uint32_t)(len >> 29); |
113 | 62.1k | *Nl = l; |
114 | | |
115 | 62.1k | size_t n = *num; |
116 | 62.1k | if (n != 0) { |
117 | 15.9k | if (len >= block_size || len + n >= block_size) { |
118 | 5.13k | OPENSSL_memcpy(data + n, in, block_size - n); |
119 | 5.13k | block_func(h, data, 1); |
120 | 5.13k | n = block_size - n; |
121 | 5.13k | in += n; |
122 | 5.13k | len -= n; |
123 | 5.13k | *num = 0; |
124 | | // Keep |data| zeroed when unused. |
125 | 5.13k | OPENSSL_memset(data, 0, block_size); |
126 | 10.8k | } else { |
127 | 10.8k | OPENSSL_memcpy(data + n, in, len); |
128 | 10.8k | *num += (unsigned)len; |
129 | 10.8k | return; |
130 | 10.8k | } |
131 | 15.9k | } |
132 | | |
133 | 51.3k | n = len / block_size; |
134 | 51.3k | if (n > 0) { |
135 | 12.7k | block_func(h, in, n); |
136 | 12.7k | n *= block_size; |
137 | 12.7k | in += n; |
138 | 12.7k | len -= n; |
139 | 12.7k | } |
140 | | |
141 | 51.3k | if (len != 0) { |
142 | 48.3k | *num = (unsigned)len; |
143 | 48.3k | OPENSSL_memcpy(data, in, len); |
144 | 48.3k | } |
145 | 51.3k | } Line | Count | Source | 102 | 82.5k | const uint8_t *in, size_t len) { | 103 | 82.5k | if (len == 0) { | 104 | 33.6k | return; | 105 | 33.6k | } | 106 | | | 107 | 48.9k | uint32_t l = *Nl + (((uint32_t)len) << 3); | 108 | 48.9k | if (l < *Nl) { | 109 | | // Handle carries. | 110 | 0 | (*Nh)++; | 111 | 0 | } | 112 | 48.9k | *Nh += (uint32_t)(len >> 29); | 113 | 48.9k | *Nl = l; | 114 | | | 115 | 48.9k | size_t n = *num; | 116 | 48.9k | if (n != 0) { | 117 | 11.2k | if (len >= block_size || len + n >= block_size) { | 118 | 3.46k | OPENSSL_memcpy(data + n, in, block_size - n); | 119 | 3.46k | block_func(h, data, 1); | 120 | 3.46k | n = block_size - n; | 121 | 3.46k | in += n; | 122 | 3.46k | len -= n; | 123 | 3.46k | *num = 0; | 124 | | // Keep |data| zeroed when unused. | 125 | 3.46k | OPENSSL_memset(data, 0, block_size); | 126 | 7.80k | } else { | 127 | 7.80k | OPENSSL_memcpy(data + n, in, len); | 128 | 7.80k | *num += (unsigned)len; | 129 | 7.80k | return; | 130 | 7.80k | } | 131 | 11.2k | } | 132 | | | 133 | 41.1k | n = len / block_size; | 134 | 41.1k | if (n > 0) { | 135 | 9.64k | block_func(h, in, n); | 136 | 9.64k | n *= block_size; | 137 | 9.64k | in += n; | 138 | 9.64k | len -= n; | 139 | 9.64k | } | 140 | | | 141 | 41.1k | if (len != 0) { | 142 | 39.0k | *num = (unsigned)len; | 143 | 39.0k | OPENSSL_memcpy(data, in, len); | 144 | 39.0k | } | 145 | 41.1k | } |
Line | Count | Source | 102 | 14.8k | const uint8_t *in, size_t len) { | 103 | 14.8k | if (len == 0) { | 104 | 9.99k | return; | 105 | 9.99k | } | 106 | | | 107 | 4.80k | uint32_t l = *Nl + (((uint32_t)len) << 3); | 108 | 4.80k | if (l < *Nl) { | 109 | | // Handle carries. | 110 | 0 | (*Nh)++; | 111 | 0 | } | 112 | 4.80k | *Nh += (uint32_t)(len >> 29); | 113 | 4.80k | *Nl = l; | 114 | | | 115 | 4.80k | size_t n = *num; | 116 | 4.80k | if (n != 0) { | 117 | 1.60k | if (len >= block_size || len + n >= block_size) { | 118 | 443 | OPENSSL_memcpy(data + n, in, block_size - n); | 119 | 443 | block_func(h, data, 1); | 120 | 443 | n = block_size - n; | 121 | 443 | in += n; | 122 | 443 | len -= n; | 123 | 443 | *num = 0; | 124 | | // Keep |data| zeroed when unused. | 125 | 443 | OPENSSL_memset(data, 0, block_size); | 126 | 1.16k | } else { | 127 | 1.16k | OPENSSL_memcpy(data + n, in, len); | 128 | 1.16k | *num += (unsigned)len; | 129 | 1.16k | return; | 130 | 1.16k | } | 131 | 1.60k | } | 132 | | | 133 | 3.64k | n = len / block_size; | 134 | 3.64k | if (n > 0) { | 135 | 1.22k | block_func(h, in, n); | 136 | 1.22k | n *= block_size; | 137 | 1.22k | in += n; | 138 | 1.22k | len -= n; | 139 | 1.22k | } | 140 | | | 141 | 3.64k | if (len != 0) { | 142 | 3.22k | *num = (unsigned)len; | 143 | 3.22k | OPENSSL_memcpy(data, in, len); | 144 | 3.22k | } | 145 | 3.64k | } |
Line | Count | Source | 102 | 15.1k | const uint8_t *in, size_t len) { | 103 | 15.1k | if (len == 0) { | 104 | 6.77k | return; | 105 | 6.77k | } | 106 | | | 107 | 8.33k | uint32_t l = *Nl + (((uint32_t)len) << 3); | 108 | 8.33k | if (l < *Nl) { | 109 | | // Handle carries. | 110 | 0 | (*Nh)++; | 111 | 0 | } | 112 | 8.33k | *Nh += (uint32_t)(len >> 29); | 113 | 8.33k | *Nl = l; | 114 | | | 115 | 8.33k | size_t n = *num; | 116 | 8.33k | if (n != 0) { | 117 | 3.06k | if (len >= block_size || len + n >= block_size) { | 118 | 1.22k | OPENSSL_memcpy(data + n, in, block_size - n); | 119 | 1.22k | block_func(h, data, 1); | 120 | 1.22k | n = block_size - n; | 121 | 1.22k | in += n; | 122 | 1.22k | len -= n; | 123 | 1.22k | *num = 0; | 124 | | // Keep |data| zeroed when unused. | 125 | 1.22k | OPENSSL_memset(data, 0, block_size); | 126 | 1.84k | } else { | 127 | 1.84k | OPENSSL_memcpy(data + n, in, len); | 128 | 1.84k | *num += (unsigned)len; | 129 | 1.84k | return; | 130 | 1.84k | } | 131 | 3.06k | } | 132 | | | 133 | 6.49k | n = len / block_size; | 134 | 6.49k | if (n > 0) { | 135 | 1.88k | block_func(h, in, n); | 136 | 1.88k | n *= block_size; | 137 | 1.88k | in += n; | 138 | 1.88k | len -= n; | 139 | 1.88k | } | 140 | | | 141 | 6.49k | if (len != 0) { | 142 | 6.09k | *num = (unsigned)len; | 143 | 6.09k | OPENSSL_memcpy(data, in, len); | 144 | 6.09k | } | 145 | 6.49k | } |
|
146 | | |
147 | | // crypto_md32_final incorporates the partial block and trailing length into the |
148 | | // digest state |h|. The trailing length is encoded in little-endian if |
149 | | // |is_big_endian| is zero and big-endian otherwise. |data| must be a buffer of |
150 | | // length |block_size| with the first |*num| bytes containing a partial block. |
151 | | // |Nh| and |Nl| contain the total number of bits processed. On return, this |
152 | | // function clears the partial block in |data| and |
153 | | // |*num|. |
154 | | // |
155 | | // This function does not serialize |h| into a final digest. This is the |
156 | | // responsibility of the caller. |
157 | | static inline void crypto_md32_final(crypto_md32_block_func block_func, |
158 | | uint32_t *h, uint8_t *data, |
159 | | size_t block_size, unsigned *num, |
160 | | uint32_t Nh, uint32_t Nl, |
161 | 43.9k | int is_big_endian) { |
162 | | // |data| always has room for at least one byte. A full block would have |
163 | | // been consumed. |
164 | 43.9k | size_t n = *num; |
165 | 43.9k | assert(n < block_size); |
166 | 43.9k | data[n] = 0x80; |
167 | 43.9k | n++; |
168 | | |
169 | | // Fill the block with zeros if there isn't room for a 64-bit length. |
170 | 43.9k | if (n > block_size - 8) { |
171 | 1.98k | OPENSSL_memset(data + n, 0, block_size - n); |
172 | 1.98k | n = 0; |
173 | 1.98k | block_func(h, data, 1); |
174 | 1.98k | } |
175 | 43.9k | OPENSSL_memset(data + n, 0, block_size - 8 - n); |
176 | | |
177 | | // Append a 64-bit length to the block and process it. |
178 | 43.9k | if (is_big_endian) { |
179 | 35.9k | CRYPTO_store_u32_be(data + block_size - 8, Nh); |
180 | 35.9k | CRYPTO_store_u32_be(data + block_size - 4, Nl); |
181 | 35.9k | } else { |
182 | 7.98k | CRYPTO_store_u32_le(data + block_size - 8, Nl); |
183 | 7.98k | CRYPTO_store_u32_le(data + block_size - 4, Nh); |
184 | 7.98k | } |
185 | 43.9k | block_func(h, data, 1); |
186 | 43.9k | *num = 0; |
187 | 43.9k | OPENSSL_memset(data, 0, block_size); |
188 | 43.9k | } Line | Count | Source | 161 | 35.9k | int is_big_endian) { | 162 | | // |data| always has room for at least one byte. A full block would have | 163 | | // been consumed. | 164 | 35.9k | size_t n = *num; | 165 | 35.9k | assert(n < block_size); | 166 | 35.9k | data[n] = 0x80; | 167 | 35.9k | n++; | 168 | | | 169 | | // Fill the block with zeros if there isn't room for a 64-bit length. | 170 | 35.9k | if (n > block_size - 8) { | 171 | 1.56k | OPENSSL_memset(data + n, 0, block_size - n); | 172 | 1.56k | n = 0; | 173 | 1.56k | block_func(h, data, 1); | 174 | 1.56k | } | 175 | 35.9k | OPENSSL_memset(data + n, 0, block_size - 8 - n); | 176 | | | 177 | | // Append a 64-bit length to the block and process it. | 178 | 35.9k | if (is_big_endian) { | 179 | 35.9k | CRYPTO_store_u32_be(data + block_size - 8, Nh); | 180 | 35.9k | CRYPTO_store_u32_be(data + block_size - 4, Nl); | 181 | 35.9k | } else { | 182 | 0 | CRYPTO_store_u32_le(data + block_size - 8, Nl); | 183 | 0 | CRYPTO_store_u32_le(data + block_size - 4, Nh); | 184 | 0 | } | 185 | 35.9k | block_func(h, data, 1); | 186 | 35.9k | *num = 0; | 187 | 35.9k | OPENSSL_memset(data, 0, block_size); | 188 | 35.9k | } |
Line | Count | Source | 161 | 2.97k | int is_big_endian) { | 162 | | // |data| always has room for at least one byte. A full block would have | 163 | | // been consumed. | 164 | 2.97k | size_t n = *num; | 165 | 2.97k | assert(n < block_size); | 166 | 2.97k | data[n] = 0x80; | 167 | 2.97k | n++; | 168 | | | 169 | | // Fill the block with zeros if there isn't room for a 64-bit length. | 170 | 2.97k | if (n > block_size - 8) { | 171 | 110 | OPENSSL_memset(data + n, 0, block_size - n); | 172 | 110 | n = 0; | 173 | 110 | block_func(h, data, 1); | 174 | 110 | } | 175 | 2.97k | OPENSSL_memset(data + n, 0, block_size - 8 - n); | 176 | | | 177 | | // Append a 64-bit length to the block and process it. | 178 | 2.97k | if (is_big_endian) { | 179 | 0 | CRYPTO_store_u32_be(data + block_size - 8, Nh); | 180 | 0 | CRYPTO_store_u32_be(data + block_size - 4, Nl); | 181 | 2.97k | } else { | 182 | 2.97k | CRYPTO_store_u32_le(data + block_size - 8, Nl); | 183 | 2.97k | CRYPTO_store_u32_le(data + block_size - 4, Nh); | 184 | 2.97k | } | 185 | 2.97k | block_func(h, data, 1); | 186 | 2.97k | *num = 0; | 187 | 2.97k | OPENSSL_memset(data, 0, block_size); | 188 | 2.97k | } |
Line | Count | Source | 161 | 5.01k | int is_big_endian) { | 162 | | // |data| always has room for at least one byte. A full block would have | 163 | | // been consumed. | 164 | 5.01k | size_t n = *num; | 165 | 5.01k | assert(n < block_size); | 166 | 5.01k | data[n] = 0x80; | 167 | 5.01k | n++; | 168 | | | 169 | | // Fill the block with zeros if there isn't room for a 64-bit length. | 170 | 5.01k | if (n > block_size - 8) { | 171 | 310 | OPENSSL_memset(data + n, 0, block_size - n); | 172 | 310 | n = 0; | 173 | 310 | block_func(h, data, 1); | 174 | 310 | } | 175 | 5.01k | OPENSSL_memset(data + n, 0, block_size - 8 - n); | 176 | | | 177 | | // Append a 64-bit length to the block and process it. | 178 | 5.01k | if (is_big_endian) { | 179 | 0 | CRYPTO_store_u32_be(data + block_size - 8, Nh); | 180 | 0 | CRYPTO_store_u32_be(data + block_size - 4, Nl); | 181 | 5.01k | } else { | 182 | 5.01k | CRYPTO_store_u32_le(data + block_size - 8, Nl); | 183 | 5.01k | CRYPTO_store_u32_le(data + block_size - 4, Nh); | 184 | 5.01k | } | 185 | 5.01k | block_func(h, data, 1); | 186 | 5.01k | *num = 0; | 187 | 5.01k | OPENSSL_memset(data, 0, block_size); | 188 | 5.01k | } |
|
189 | | |
190 | | |
191 | | #if defined(__cplusplus) |
192 | | } // extern C |
193 | | #endif |
194 | | |
195 | | #endif // OPENSSL_HEADER_DIGEST_MD32_COMMON_H |