/src/openssl/include/crypto/md32_common.h
Line | Count | Source |
1 | | /* |
2 | | * Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | /*- |
11 | | * This is a generic 32 bit "collector" for message digest algorithms. |
12 | | * Whenever needed it collects input character stream into chunks of |
13 | | * 32 bit values and invokes a block function that performs actual hash |
14 | | * calculations. |
15 | | * |
16 | | * Porting guide. |
17 | | * |
18 | | * Obligatory macros: |
19 | | * |
20 | | * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN |
21 | | * this macro defines byte order of input stream. |
22 | | * HASH_CBLOCK |
23 | | * size of a unit chunk HASH_BLOCK operates on. |
24 | | * HASH_LONG |
25 | | * has to be at least 32 bit wide. |
26 | | * HASH_CTX |
27 | | * context structure that at least contains following |
28 | | * members: |
29 | | * typedef struct { |
30 | | * ... |
31 | | * HASH_LONG Nl,Nh; |
32 | | * either { |
33 | | * HASH_LONG data[HASH_LBLOCK]; |
34 | | * unsigned char data[HASH_CBLOCK]; |
35 | | * }; |
36 | | * unsigned int num; |
37 | | * ... |
38 | | * } HASH_CTX; |
39 | | * data[] vector is expected to be zeroed upon first call to |
40 | | * HASH_UPDATE. |
41 | | * HASH_UPDATE |
42 | | * name of "Update" function, implemented here. |
43 | | * HASH_TRANSFORM |
44 | | * name of "Transform" function, implemented here. |
45 | | * HASH_FINAL |
46 | | * name of "Final" function, implemented here. |
47 | | * HASH_BLOCK_DATA_ORDER |
48 | | * name of "block" function capable of treating *unaligned* input |
49 | | * message in original (data) byte order, implemented externally. |
50 | | * HASH_MAKE_STRING |
51 | | * macro converting context variables to an ASCII hash string. |
52 | | * |
53 | | * MD5 example: |
54 | | * |
55 | | * #define DATA_ORDER_IS_LITTLE_ENDIAN |
56 | | * |
57 | | * #define HASH_LONG MD5_LONG |
58 | | * #define HASH_CTX MD5_CTX |
59 | | * #define HASH_CBLOCK MD5_CBLOCK |
60 | | * #define HASH_UPDATE MD5_Update |
61 | | * #define HASH_TRANSFORM MD5_Transform |
62 | | * #define HASH_FINAL MD5_Final |
63 | | * #define HASH_BLOCK_DATA_ORDER md5_block_data_order |
64 | | */ |
65 | | |
66 | | #ifndef OSSL_CRYPTO_MD32_COMMON_H |
67 | | #define OSSL_CRYPTO_MD32_COMMON_H |
68 | | #pragma once |
69 | | |
70 | | #include <openssl/crypto.h> |
71 | | /* |
72 | | * For ossl_(un)likely |
73 | | */ |
74 | | #include <internal/common.h> |
75 | | |
76 | | #if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN) |
77 | | #error "DATA_ORDER must be defined!" |
78 | | #endif |
79 | | |
80 | | #ifndef HASH_CBLOCK |
81 | | #error "HASH_CBLOCK must be defined!" |
82 | | #endif |
83 | | #ifndef HASH_LONG |
84 | | #error "HASH_LONG must be defined!" |
85 | | #endif |
86 | | #ifndef HASH_CTX |
87 | | #error "HASH_CTX must be defined!" |
88 | | #endif |
89 | | |
90 | | #ifndef HASH_UPDATE |
91 | | #error "HASH_UPDATE must be defined!" |
92 | | #endif |
93 | | #ifndef HASH_TRANSFORM |
94 | | #error "HASH_TRANSFORM must be defined!" |
95 | | #endif |
96 | | #ifndef HASH_FINAL |
97 | | #error "HASH_FINAL must be defined!" |
98 | | #endif |
99 | | |
100 | | #ifndef HASH_BLOCK_DATA_ORDER |
101 | | #error "HASH_BLOCK_DATA_ORDER must be defined!" |
102 | | #endif |
103 | | |
104 | 7.91G | #define ROTATE(a, n) (((a) << (n)) | (((a) & 0xffffffff) >> (32 - (n)))) |
105 | | |
106 | | #ifndef PEDANTIC |
107 | | #if defined(__GNUC__) && __GNUC__ >= 2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) |
108 | | #if defined(__riscv_zbb) || defined(__riscv_zbkb) |
109 | | #if __riscv_xlen == 64 |
110 | | #undef ROTATE |
111 | | #define ROTATE(x, n) ({ MD32_REG_T ret; \ |
112 | | asm ("roriw %0, %1, %2" \ |
113 | | : "=r"(ret) \ |
114 | | : "r"(x), "i"(32 - (n))); ret; }) |
115 | | #endif |
116 | | #if __riscv_xlen == 32 |
117 | | #undef ROTATE |
118 | | #define ROTATE(x, n) ({ MD32_REG_T ret; \ |
119 | | asm ("rori %0, %1, %2" \ |
120 | | : "=r"(ret) \ |
121 | | : "r"(x), "i"(32 - (n))); ret; }) |
122 | | #endif |
123 | | #endif |
124 | | #endif |
125 | | #endif |
126 | | |
127 | | #if defined(DATA_ORDER_IS_BIG_ENDIAN) |
128 | | |
129 | 238M | #define HOST_c2l(c, l) (l = (((unsigned long)(*((c)++))) << 24), \ |
130 | 238M | l |= (((unsigned long)(*((c)++))) << 16), \ |
131 | 238M | l |= (((unsigned long)(*((c)++))) << 8), \ |
132 | 238M | l |= (((unsigned long)(*((c)++))))) |
133 | 120k | #define HOST_l2c(l, c) (*((c)++) = (unsigned char)(((l) >> 24) & 0xff), \ |
134 | 120k | *((c)++) = (unsigned char)(((l) >> 16) & 0xff), \ |
135 | 120k | *((c)++) = (unsigned char)(((l) >> 8) & 0xff), \ |
136 | 120k | *((c)++) = (unsigned char)(((l)) & 0xff), \ |
137 | 120k | l) |
138 | | |
139 | | #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) |
140 | | |
141 | 53.6M | #define HOST_c2l(c, l) (l = (((unsigned long)(*((c)++)))), \ |
142 | 53.6M | l |= (((unsigned long)(*((c)++))) << 8), \ |
143 | 53.6M | l |= (((unsigned long)(*((c)++))) << 16), \ |
144 | 53.6M | l |= (((unsigned long)(*((c)++))) << 24)) |
145 | 979 | #define HOST_l2c(l, c) (*((c)++) = (unsigned char)(((l)) & 0xff), \ |
146 | 979 | *((c)++) = (unsigned char)(((l) >> 8) & 0xff), \ |
147 | 979 | *((c)++) = (unsigned char)(((l) >> 16) & 0xff), \ |
148 | 979 | *((c)++) = (unsigned char)(((l) >> 24) & 0xff), \ |
149 | 979 | l) |
150 | | |
151 | | #endif |
152 | | |
153 | | /* |
154 | | * Time for some action :-) |
155 | | */ |
156 | | |
157 | | #ifdef HASH_UPDATE_THUNK |
158 | | int HASH_UPDATE(void *cp, const unsigned char *data_, size_t len); |
159 | | int HASH_UPDATE(void *cp, const unsigned char *data_, size_t len) |
160 | | #else |
161 | | int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len) |
162 | | #endif |
163 | 147M | { |
164 | | #ifdef HASH_UPDATE_THUNK |
165 | 147M | HASH_CTX *c = (HASH_CTX *)cp; |
166 | | #endif |
167 | 147M | const unsigned char *data = data_; |
168 | 147M | unsigned char *p; |
169 | 147M | HASH_LONG l; |
170 | 147M | size_t n; |
171 | | |
172 | 147M | if (ossl_unlikely(len == 0)) |
173 | 0 | return 1; |
174 | | |
175 | 147M | l = (c->Nl + (((HASH_LONG)len) << 3)) & 0xffffffffUL; |
176 | 147M | if (ossl_unlikely(l < c->Nl)) /* overflow */ |
177 | 0 | c->Nh++; |
178 | 147M | c->Nh += (HASH_LONG)(len >> 29); /* might cause compiler warning on |
179 | | * 16-bit */ |
180 | 147M | c->Nl = l; |
181 | | |
182 | 147M | n = c->num; |
183 | 147M | if (ossl_likely(n != 0)) { |
184 | 144M | p = (unsigned char *)c->data; |
185 | | |
186 | 144M | if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) { |
187 | 2.30M | memcpy(p + n, data, HASH_CBLOCK - n); |
188 | 2.30M | HASH_BLOCK_DATA_ORDER(c, p, 1); |
189 | 2.30M | n = HASH_CBLOCK - n; |
190 | 2.30M | data += n; |
191 | 2.30M | len -= n; |
192 | 2.30M | c->num = 0; |
193 | | /* |
194 | | * We use memset rather than OPENSSL_cleanse() here deliberately. |
195 | | * Using OPENSSL_cleanse() here could be a performance issue. It |
196 | | * will get properly cleansed on finalisation so this isn't a |
197 | | * security problem. |
198 | | */ |
199 | 2.30M | memset(p, 0, HASH_CBLOCK); /* keep it zeroed */ |
200 | 142M | } else { |
201 | 142M | memcpy(p + n, data, len); |
202 | 142M | c->num += (unsigned int)len; |
203 | 142M | return 1; |
204 | 142M | } |
205 | 144M | } |
206 | | |
207 | 4.62M | n = len / HASH_CBLOCK; |
208 | 4.62M | if (n > 0) { |
209 | 22.1k | HASH_BLOCK_DATA_ORDER(c, data, n); |
210 | 22.1k | n *= HASH_CBLOCK; |
211 | 22.1k | data += n; |
212 | 22.1k | len -= n; |
213 | 22.1k | } |
214 | | |
215 | 4.62M | if (len != 0) { |
216 | 2.30M | p = (unsigned char *)c->data; |
217 | 2.30M | c->num = (unsigned int)len; |
218 | 2.30M | memcpy(p, data, len); |
219 | 2.30M | } |
220 | 4.62M | return 1; |
221 | 147M | } Line | Count | Source | 163 | 84 | { | 164 | | #ifdef HASH_UPDATE_THUNK | 165 | | HASH_CTX *c = (HASH_CTX *)cp; | 166 | | #endif | 167 | 84 | const unsigned char *data = data_; | 168 | 84 | unsigned char *p; | 169 | 84 | HASH_LONG l; | 170 | 84 | size_t n; | 171 | | | 172 | 84 | if (ossl_unlikely(len == 0)) | 173 | 0 | return 1; | 174 | | | 175 | 84 | l = (c->Nl + (((HASH_LONG)len) << 3)) & 0xffffffffUL; | 176 | 84 | if (ossl_unlikely(l < c->Nl)) /* overflow */ | 177 | 0 | c->Nh++; | 178 | 84 | c->Nh += (HASH_LONG)(len >> 29); /* might cause compiler warning on | 179 | | * 16-bit */ | 180 | 84 | c->Nl = l; | 181 | | | 182 | 84 | n = c->num; | 183 | 84 | if (ossl_likely(n != 0)) { | 184 | 0 | p = (unsigned char *)c->data; | 185 | |
| 186 | 0 | if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) { | 187 | 0 | memcpy(p + n, data, HASH_CBLOCK - n); | 188 | 0 | HASH_BLOCK_DATA_ORDER(c, p, 1); | 189 | 0 | n = HASH_CBLOCK - n; | 190 | 0 | data += n; | 191 | 0 | len -= n; | 192 | 0 | c->num = 0; | 193 | | /* | 194 | | * We use memset rather than OPENSSL_cleanse() here deliberately. | 195 | | * Using OPENSSL_cleanse() here could be a performance issue. It | 196 | | * will get properly cleansed on finalisation so this isn't a | 197 | | * security problem. | 198 | | */ | 199 | 0 | memset(p, 0, HASH_CBLOCK); /* keep it zeroed */ | 200 | 0 | } else { | 201 | 0 | memcpy(p + n, data, len); | 202 | 0 | c->num += (unsigned int)len; | 203 | 0 | return 1; | 204 | 0 | } | 205 | 0 | } | 206 | | | 207 | 84 | n = len / HASH_CBLOCK; | 208 | 84 | if (n > 0) { | 209 | 84 | HASH_BLOCK_DATA_ORDER(c, data, n); | 210 | 84 | n *= HASH_CBLOCK; | 211 | 84 | data += n; | 212 | 84 | len -= n; | 213 | 84 | } | 214 | | | 215 | 84 | if (len != 0) { | 216 | 31 | p = (unsigned char *)c->data; | 217 | 31 | c->num = (unsigned int)len; | 218 | 31 | memcpy(p, data, len); | 219 | 31 | } | 220 | 84 | return 1; | 221 | 84 | } |
Line | Count | Source | 163 | 170 | { | 164 | | #ifdef HASH_UPDATE_THUNK | 165 | | HASH_CTX *c = (HASH_CTX *)cp; | 166 | | #endif | 167 | 170 | const unsigned char *data = data_; | 168 | 170 | unsigned char *p; | 169 | 170 | HASH_LONG l; | 170 | 170 | size_t n; | 171 | | | 172 | 170 | if (ossl_unlikely(len == 0)) | 173 | 0 | return 1; | 174 | | | 175 | 170 | l = (c->Nl + (((HASH_LONG)len) << 3)) & 0xffffffffUL; | 176 | 170 | if (ossl_unlikely(l < c->Nl)) /* overflow */ | 177 | 0 | c->Nh++; | 178 | 170 | c->Nh += (HASH_LONG)(len >> 29); /* might cause compiler warning on | 179 | | * 16-bit */ | 180 | 170 | c->Nl = l; | 181 | | | 182 | 170 | n = c->num; | 183 | 170 | if (ossl_likely(n != 0)) { | 184 | 0 | p = (unsigned char *)c->data; | 185 | |
| 186 | 0 | if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) { | 187 | 0 | memcpy(p + n, data, HASH_CBLOCK - n); | 188 | 0 | HASH_BLOCK_DATA_ORDER(c, p, 1); | 189 | 0 | n = HASH_CBLOCK - n; | 190 | 0 | data += n; | 191 | 0 | len -= n; | 192 | 0 | c->num = 0; | 193 | | /* | 194 | | * We use memset rather than OPENSSL_cleanse() here deliberately. | 195 | | * Using OPENSSL_cleanse() here could be a performance issue. It | 196 | | * will get properly cleansed on finalisation so this isn't a | 197 | | * security problem. | 198 | | */ | 199 | 0 | memset(p, 0, HASH_CBLOCK); /* keep it zeroed */ | 200 | 0 | } else { | 201 | 0 | memcpy(p + n, data, len); | 202 | 0 | c->num += (unsigned int)len; | 203 | 0 | return 1; | 204 | 0 | } | 205 | 0 | } | 206 | | | 207 | 170 | n = len / HASH_CBLOCK; | 208 | 170 | if (n > 0) { | 209 | 170 | HASH_BLOCK_DATA_ORDER(c, data, n); | 210 | 170 | n *= HASH_CBLOCK; | 211 | 170 | data += n; | 212 | 170 | len -= n; | 213 | 170 | } | 214 | | | 215 | 170 | if (len != 0) { | 216 | 51 | p = (unsigned char *)c->data; | 217 | 51 | c->num = (unsigned int)len; | 218 | 51 | memcpy(p, data, len); | 219 | 51 | } | 220 | 170 | return 1; | 221 | 170 | } |
Line | Count | Source | 163 | 62 | { | 164 | | #ifdef HASH_UPDATE_THUNK | 165 | | HASH_CTX *c = (HASH_CTX *)cp; | 166 | | #endif | 167 | 62 | const unsigned char *data = data_; | 168 | 62 | unsigned char *p; | 169 | 62 | HASH_LONG l; | 170 | 62 | size_t n; | 171 | | | 172 | 62 | if (ossl_unlikely(len == 0)) | 173 | 0 | return 1; | 174 | | | 175 | 62 | l = (c->Nl + (((HASH_LONG)len) << 3)) & 0xffffffffUL; | 176 | 62 | if (ossl_unlikely(l < c->Nl)) /* overflow */ | 177 | 0 | c->Nh++; | 178 | 62 | c->Nh += (HASH_LONG)(len >> 29); /* might cause compiler warning on | 179 | | * 16-bit */ | 180 | 62 | c->Nl = l; | 181 | | | 182 | 62 | n = c->num; | 183 | 62 | if (ossl_likely(n != 0)) { | 184 | 0 | p = (unsigned char *)c->data; | 185 | |
| 186 | 0 | if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) { | 187 | 0 | memcpy(p + n, data, HASH_CBLOCK - n); | 188 | 0 | HASH_BLOCK_DATA_ORDER(c, p, 1); | 189 | 0 | n = HASH_CBLOCK - n; | 190 | 0 | data += n; | 191 | 0 | len -= n; | 192 | 0 | c->num = 0; | 193 | | /* | 194 | | * We use memset rather than OPENSSL_cleanse() here deliberately. | 195 | | * Using OPENSSL_cleanse() here could be a performance issue. It | 196 | | * will get properly cleansed on finalisation so this isn't a | 197 | | * security problem. | 198 | | */ | 199 | 0 | memset(p, 0, HASH_CBLOCK); /* keep it zeroed */ | 200 | 0 | } else { | 201 | 0 | memcpy(p + n, data, len); | 202 | 0 | c->num += (unsigned int)len; | 203 | 0 | return 1; | 204 | 0 | } | 205 | 0 | } | 206 | | | 207 | 62 | n = len / HASH_CBLOCK; | 208 | 62 | if (n > 0) { | 209 | 62 | HASH_BLOCK_DATA_ORDER(c, data, n); | 210 | 62 | n *= HASH_CBLOCK; | 211 | 62 | data += n; | 212 | 62 | len -= n; | 213 | 62 | } | 214 | | | 215 | 62 | if (len != 0) { | 216 | 27 | p = (unsigned char *)c->data; | 217 | 27 | c->num = (unsigned int)len; | 218 | 27 | memcpy(p, data, len); | 219 | 27 | } | 220 | 62 | return 1; | 221 | 62 | } |
Line | Count | Source | 163 | 232 | { | 164 | 232 | #ifdef HASH_UPDATE_THUNK | 165 | 232 | HASH_CTX *c = (HASH_CTX *)cp; | 166 | 232 | #endif | 167 | 232 | const unsigned char *data = data_; | 168 | 232 | unsigned char *p; | 169 | 232 | HASH_LONG l; | 170 | 232 | size_t n; | 171 | | | 172 | 232 | if (ossl_unlikely(len == 0)) | 173 | 0 | return 1; | 174 | | | 175 | 232 | l = (c->Nl + (((HASH_LONG)len) << 3)) & 0xffffffffUL; | 176 | 232 | if (ossl_unlikely(l < c->Nl)) /* overflow */ | 177 | 0 | c->Nh++; | 178 | 232 | c->Nh += (HASH_LONG)(len >> 29); /* might cause compiler warning on | 179 | | * 16-bit */ | 180 | 232 | c->Nl = l; | 181 | | | 182 | 232 | n = c->num; | 183 | 232 | if (ossl_likely(n != 0)) { | 184 | 0 | p = (unsigned char *)c->data; | 185 | |
| 186 | 0 | if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) { | 187 | 0 | memcpy(p + n, data, HASH_CBLOCK - n); | 188 | 0 | HASH_BLOCK_DATA_ORDER(c, p, 1); | 189 | 0 | n = HASH_CBLOCK - n; | 190 | 0 | data += n; | 191 | 0 | len -= n; | 192 | 0 | c->num = 0; | 193 | | /* | 194 | | * We use memset rather than OPENSSL_cleanse() here deliberately. | 195 | | * Using OPENSSL_cleanse() here could be a performance issue. It | 196 | | * will get properly cleansed on finalisation so this isn't a | 197 | | * security problem. | 198 | | */ | 199 | 0 | memset(p, 0, HASH_CBLOCK); /* keep it zeroed */ | 200 | 0 | } else { | 201 | 0 | memcpy(p + n, data, len); | 202 | 0 | c->num += (unsigned int)len; | 203 | 0 | return 1; | 204 | 0 | } | 205 | 0 | } | 206 | | | 207 | 232 | n = len / HASH_CBLOCK; | 208 | 232 | if (n > 0) { | 209 | 232 | HASH_BLOCK_DATA_ORDER(c, data, n); | 210 | 232 | n *= HASH_CBLOCK; | 211 | 232 | data += n; | 212 | 232 | len -= n; | 213 | 232 | } | 214 | | | 215 | 232 | if (len != 0) { | 216 | 70 | p = (unsigned char *)c->data; | 217 | 70 | c->num = (unsigned int)len; | 218 | 70 | memcpy(p, data, len); | 219 | 70 | } | 220 | 232 | return 1; | 221 | 232 | } |
Line | Count | Source | 163 | 147M | { | 164 | 147M | #ifdef HASH_UPDATE_THUNK | 165 | 147M | HASH_CTX *c = (HASH_CTX *)cp; | 166 | 147M | #endif | 167 | 147M | const unsigned char *data = data_; | 168 | 147M | unsigned char *p; | 169 | 147M | HASH_LONG l; | 170 | 147M | size_t n; | 171 | | | 172 | 147M | if (ossl_unlikely(len == 0)) | 173 | 0 | return 1; | 174 | | | 175 | 147M | l = (c->Nl + (((HASH_LONG)len) << 3)) & 0xffffffffUL; | 176 | 147M | if (ossl_unlikely(l < c->Nl)) /* overflow */ | 177 | 0 | c->Nh++; | 178 | 147M | c->Nh += (HASH_LONG)(len >> 29); /* might cause compiler warning on | 179 | | * 16-bit */ | 180 | 147M | c->Nl = l; | 181 | | | 182 | 147M | n = c->num; | 183 | 147M | if (ossl_likely(n != 0)) { | 184 | 144M | p = (unsigned char *)c->data; | 185 | | | 186 | 144M | if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) { | 187 | 2.30M | memcpy(p + n, data, HASH_CBLOCK - n); | 188 | 2.30M | HASH_BLOCK_DATA_ORDER(c, p, 1); | 189 | 2.30M | n = HASH_CBLOCK - n; | 190 | 2.30M | data += n; | 191 | 2.30M | len -= n; | 192 | 2.30M | c->num = 0; | 193 | | /* | 194 | | * We use memset rather than OPENSSL_cleanse() here deliberately. | 195 | | * Using OPENSSL_cleanse() here could be a performance issue. It | 196 | | * will get properly cleansed on finalisation so this isn't a | 197 | | * security problem. | 198 | | */ | 199 | 2.30M | memset(p, 0, HASH_CBLOCK); /* keep it zeroed */ | 200 | 142M | } else { | 201 | 142M | memcpy(p + n, data, len); | 202 | 142M | c->num += (unsigned int)len; | 203 | 142M | return 1; | 204 | 142M | } | 205 | 144M | } | 206 | | | 207 | 4.62M | n = len / HASH_CBLOCK; | 208 | 4.62M | if (n > 0) { | 209 | 21.4k | HASH_BLOCK_DATA_ORDER(c, data, n); | 210 | 21.4k | n *= HASH_CBLOCK; | 211 | 21.4k | data += n; | 212 | 21.4k | len -= n; | 213 | 21.4k | } | 214 | | | 215 | 4.62M | if (len != 0) { | 216 | 2.30M | p = (unsigned char *)c->data; | 217 | 2.30M | c->num = (unsigned int)len; | 218 | 2.30M | memcpy(p, data, len); | 219 | 2.30M | } | 220 | 4.62M | return 1; | 221 | 147M | } |
Line | Count | Source | 163 | 148 | { | 164 | | #ifdef HASH_UPDATE_THUNK | 165 | | HASH_CTX *c = (HASH_CTX *)cp; | 166 | | #endif | 167 | 148 | const unsigned char *data = data_; | 168 | 148 | unsigned char *p; | 169 | 148 | HASH_LONG l; | 170 | 148 | size_t n; | 171 | | | 172 | 148 | if (ossl_unlikely(len == 0)) | 173 | 0 | return 1; | 174 | | | 175 | 148 | l = (c->Nl + (((HASH_LONG)len) << 3)) & 0xffffffffUL; | 176 | 148 | if (ossl_unlikely(l < c->Nl)) /* overflow */ | 177 | 0 | c->Nh++; | 178 | 148 | c->Nh += (HASH_LONG)(len >> 29); /* might cause compiler warning on | 179 | | * 16-bit */ | 180 | 148 | c->Nl = l; | 181 | | | 182 | 148 | n = c->num; | 183 | 148 | if (ossl_likely(n != 0)) { | 184 | 0 | p = (unsigned char *)c->data; | 185 | |
| 186 | 0 | if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) { | 187 | 0 | memcpy(p + n, data, HASH_CBLOCK - n); | 188 | 0 | HASH_BLOCK_DATA_ORDER(c, p, 1); | 189 | 0 | n = HASH_CBLOCK - n; | 190 | 0 | data += n; | 191 | 0 | len -= n; | 192 | 0 | c->num = 0; | 193 | | /* | 194 | | * We use memset rather than OPENSSL_cleanse() here deliberately. | 195 | | * Using OPENSSL_cleanse() here could be a performance issue. It | 196 | | * will get properly cleansed on finalisation so this isn't a | 197 | | * security problem. | 198 | | */ | 199 | 0 | memset(p, 0, HASH_CBLOCK); /* keep it zeroed */ | 200 | 0 | } else { | 201 | 0 | memcpy(p + n, data, len); | 202 | 0 | c->num += (unsigned int)len; | 203 | 0 | return 1; | 204 | 0 | } | 205 | 0 | } | 206 | | | 207 | 148 | n = len / HASH_CBLOCK; | 208 | 148 | if (n > 0) { | 209 | 148 | HASH_BLOCK_DATA_ORDER(c, data, n); | 210 | 148 | n *= HASH_CBLOCK; | 211 | 148 | data += n; | 212 | 148 | len -= n; | 213 | 148 | } | 214 | | | 215 | 148 | if (len != 0) { | 216 | 62 | p = (unsigned char *)c->data; | 217 | 62 | c->num = (unsigned int)len; | 218 | 62 | memcpy(p, data, len); | 219 | 62 | } | 220 | 148 | return 1; | 221 | 148 | } |
|
222 | | |
223 | | void HASH_TRANSFORM(HASH_CTX *c, const unsigned char *data) |
224 | 0 | { |
225 | 0 | HASH_BLOCK_DATA_ORDER(c, data, 1); |
226 | 0 | } Unexecuted instantiation: MD4_Transform Unexecuted instantiation: MD5_Transform Unexecuted instantiation: RIPEMD160_Transform Unexecuted instantiation: SHA1_Transform Unexecuted instantiation: SHA256_Transform Unexecuted instantiation: ossl_sm3_transform |
227 | | |
228 | | int HASH_FINAL(unsigned char *md, HASH_CTX *c) |
229 | 12.2k | { |
230 | 12.2k | unsigned char *p = (unsigned char *)c->data; |
231 | 12.2k | size_t n = c->num; |
232 | | |
233 | 12.2k | p[n] = 0x80; /* there is always room for one */ |
234 | 12.2k | n++; |
235 | | |
236 | 12.2k | if (n > (HASH_CBLOCK - 8)) { |
237 | 147 | memset(p + n, 0, HASH_CBLOCK - n); |
238 | 147 | n = 0; |
239 | 147 | HASH_BLOCK_DATA_ORDER(c, p, 1); |
240 | 147 | } |
241 | 12.2k | memset(p + n, 0, HASH_CBLOCK - 8 - n); |
242 | | |
243 | 12.2k | p += HASH_CBLOCK - 8; |
244 | | #if defined(DATA_ORDER_IS_BIG_ENDIAN) |
245 | 12.0k | (void)HOST_l2c(c->Nh, p); |
246 | 12.0k | (void)HOST_l2c(c->Nl, p); |
247 | | #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) |
248 | 158 | (void)HOST_l2c(c->Nl, p); |
249 | 158 | (void)HOST_l2c(c->Nh, p); |
250 | | #endif |
251 | 12.2k | p -= HASH_CBLOCK; |
252 | 12.2k | HASH_BLOCK_DATA_ORDER(c, p, 1); |
253 | 12.2k | c->num = 0; |
254 | 12.2k | OPENSSL_cleanse(p, HASH_CBLOCK); |
255 | | |
256 | | #ifndef HASH_MAKE_STRING |
257 | | #error "HASH_MAKE_STRING must be defined!" |
258 | | #else |
259 | 12.2k | HASH_MAKE_STRING(c, md); |
260 | 11.8k | #endif |
261 | | |
262 | 11.8k | return 1; |
263 | 12.2k | } Line | Count | Source | 229 | 42 | { | 230 | 42 | unsigned char *p = (unsigned char *)c->data; | 231 | 42 | size_t n = c->num; | 232 | | | 233 | 42 | p[n] = 0x80; /* there is always room for one */ | 234 | 42 | n++; | 235 | | | 236 | 42 | if (n > (HASH_CBLOCK - 8)) { | 237 | 13 | memset(p + n, 0, HASH_CBLOCK - n); | 238 | 13 | n = 0; | 239 | 13 | HASH_BLOCK_DATA_ORDER(c, p, 1); | 240 | 13 | } | 241 | 42 | memset(p + n, 0, HASH_CBLOCK - 8 - n); | 242 | | | 243 | 42 | p += HASH_CBLOCK - 8; | 244 | | #if defined(DATA_ORDER_IS_BIG_ENDIAN) | 245 | | (void)HOST_l2c(c->Nh, p); | 246 | | (void)HOST_l2c(c->Nl, p); | 247 | | #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) | 248 | 42 | (void)HOST_l2c(c->Nl, p); | 249 | 42 | (void)HOST_l2c(c->Nh, p); | 250 | 42 | #endif | 251 | 42 | p -= HASH_CBLOCK; | 252 | 42 | HASH_BLOCK_DATA_ORDER(c, p, 1); | 253 | 42 | c->num = 0; | 254 | 42 | OPENSSL_cleanse(p, HASH_CBLOCK); | 255 | | | 256 | | #ifndef HASH_MAKE_STRING | 257 | | #error "HASH_MAKE_STRING must be defined!" | 258 | | #else | 259 | 42 | HASH_MAKE_STRING(c, md); | 260 | 42 | #endif | 261 | | | 262 | 42 | return 1; | 263 | 42 | } |
Line | Count | Source | 229 | 85 | { | 230 | 85 | unsigned char *p = (unsigned char *)c->data; | 231 | 85 | size_t n = c->num; | 232 | | | 233 | 85 | p[n] = 0x80; /* there is always room for one */ | 234 | 85 | n++; | 235 | | | 236 | 85 | if (n > (HASH_CBLOCK - 8)) { | 237 | 24 | memset(p + n, 0, HASH_CBLOCK - n); | 238 | 24 | n = 0; | 239 | 24 | HASH_BLOCK_DATA_ORDER(c, p, 1); | 240 | 24 | } | 241 | 85 | memset(p + n, 0, HASH_CBLOCK - 8 - n); | 242 | | | 243 | 85 | p += HASH_CBLOCK - 8; | 244 | | #if defined(DATA_ORDER_IS_BIG_ENDIAN) | 245 | | (void)HOST_l2c(c->Nh, p); | 246 | | (void)HOST_l2c(c->Nl, p); | 247 | | #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) | 248 | 85 | (void)HOST_l2c(c->Nl, p); | 249 | 85 | (void)HOST_l2c(c->Nh, p); | 250 | 85 | #endif | 251 | 85 | p -= HASH_CBLOCK; | 252 | 85 | HASH_BLOCK_DATA_ORDER(c, p, 1); | 253 | 85 | c->num = 0; | 254 | 85 | OPENSSL_cleanse(p, HASH_CBLOCK); | 255 | | | 256 | | #ifndef HASH_MAKE_STRING | 257 | | #error "HASH_MAKE_STRING must be defined!" | 258 | | #else | 259 | 85 | HASH_MAKE_STRING(c, md); | 260 | 85 | #endif | 261 | | | 262 | 85 | return 1; | 263 | 85 | } |
Line | Count | Source | 229 | 31 | { | 230 | 31 | unsigned char *p = (unsigned char *)c->data; | 231 | 31 | size_t n = c->num; | 232 | | | 233 | 31 | p[n] = 0x80; /* there is always room for one */ | 234 | 31 | n++; | 235 | | | 236 | 31 | if (n > (HASH_CBLOCK - 8)) { | 237 | 15 | memset(p + n, 0, HASH_CBLOCK - n); | 238 | 15 | n = 0; | 239 | 15 | HASH_BLOCK_DATA_ORDER(c, p, 1); | 240 | 15 | } | 241 | 31 | memset(p + n, 0, HASH_CBLOCK - 8 - n); | 242 | | | 243 | 31 | p += HASH_CBLOCK - 8; | 244 | | #if defined(DATA_ORDER_IS_BIG_ENDIAN) | 245 | | (void)HOST_l2c(c->Nh, p); | 246 | | (void)HOST_l2c(c->Nl, p); | 247 | | #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) | 248 | 31 | (void)HOST_l2c(c->Nl, p); | 249 | 31 | (void)HOST_l2c(c->Nh, p); | 250 | 31 | #endif | 251 | 31 | p -= HASH_CBLOCK; | 252 | 31 | HASH_BLOCK_DATA_ORDER(c, p, 1); | 253 | 31 | c->num = 0; | 254 | 31 | OPENSSL_cleanse(p, HASH_CBLOCK); | 255 | | | 256 | | #ifndef HASH_MAKE_STRING | 257 | | #error "HASH_MAKE_STRING must be defined!" | 258 | | #else | 259 | 31 | HASH_MAKE_STRING(c, md); | 260 | 31 | #endif | 261 | | | 262 | 31 | return 1; | 263 | 31 | } |
Line | Count | Source | 229 | 116 | { | 230 | 116 | unsigned char *p = (unsigned char *)c->data; | 231 | 116 | size_t n = c->num; | 232 | | | 233 | 116 | p[n] = 0x80; /* there is always room for one */ | 234 | 116 | n++; | 235 | | | 236 | 116 | if (n > (HASH_CBLOCK - 8)) { | 237 | 37 | memset(p + n, 0, HASH_CBLOCK - n); | 238 | 37 | n = 0; | 239 | 37 | HASH_BLOCK_DATA_ORDER(c, p, 1); | 240 | 37 | } | 241 | 116 | memset(p + n, 0, HASH_CBLOCK - 8 - n); | 242 | | | 243 | 116 | p += HASH_CBLOCK - 8; | 244 | 116 | #if defined(DATA_ORDER_IS_BIG_ENDIAN) | 245 | 116 | (void)HOST_l2c(c->Nh, p); | 246 | 116 | (void)HOST_l2c(c->Nl, p); | 247 | | #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) | 248 | | (void)HOST_l2c(c->Nl, p); | 249 | | (void)HOST_l2c(c->Nh, p); | 250 | | #endif | 251 | 116 | p -= HASH_CBLOCK; | 252 | 116 | HASH_BLOCK_DATA_ORDER(c, p, 1); | 253 | 116 | c->num = 0; | 254 | 116 | OPENSSL_cleanse(p, HASH_CBLOCK); | 255 | | | 256 | | #ifndef HASH_MAKE_STRING | 257 | | #error "HASH_MAKE_STRING must be defined!" | 258 | | #else | 259 | 116 | HASH_MAKE_STRING(c, md); | 260 | 116 | #endif | 261 | | | 262 | 116 | return 1; | 263 | 116 | } |
Line | Count | Source | 229 | 11.8k | { | 230 | 11.8k | unsigned char *p = (unsigned char *)c->data; | 231 | 11.8k | size_t n = c->num; | 232 | | | 233 | 11.8k | p[n] = 0x80; /* there is always room for one */ | 234 | 11.8k | n++; | 235 | | | 236 | 11.8k | if (n > (HASH_CBLOCK - 8)) { | 237 | 24 | memset(p + n, 0, HASH_CBLOCK - n); | 238 | 24 | n = 0; | 239 | 24 | HASH_BLOCK_DATA_ORDER(c, p, 1); | 240 | 24 | } | 241 | 11.8k | memset(p + n, 0, HASH_CBLOCK - 8 - n); | 242 | | | 243 | 11.8k | p += HASH_CBLOCK - 8; | 244 | 11.8k | #if defined(DATA_ORDER_IS_BIG_ENDIAN) | 245 | 11.8k | (void)HOST_l2c(c->Nh, p); | 246 | 11.8k | (void)HOST_l2c(c->Nl, p); | 247 | | #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) | 248 | | (void)HOST_l2c(c->Nl, p); | 249 | | (void)HOST_l2c(c->Nh, p); | 250 | | #endif | 251 | 11.8k | p -= HASH_CBLOCK; | 252 | 11.8k | HASH_BLOCK_DATA_ORDER(c, p, 1); | 253 | 11.8k | c->num = 0; | 254 | 11.8k | OPENSSL_cleanse(p, HASH_CBLOCK); | 255 | | | 256 | | #ifndef HASH_MAKE_STRING | 257 | | #error "HASH_MAKE_STRING must be defined!" | 258 | | #else | 259 | 11.8k | HASH_MAKE_STRING(c, md); | 260 | 11.8k | #endif | 261 | | | 262 | 11.8k | return 1; | 263 | 11.8k | } |
Line | Count | Source | 229 | 74 | { | 230 | 74 | unsigned char *p = (unsigned char *)c->data; | 231 | 74 | size_t n = c->num; | 232 | | | 233 | 74 | p[n] = 0x80; /* there is always room for one */ | 234 | 74 | n++; | 235 | | | 236 | 74 | if (n > (HASH_CBLOCK - 8)) { | 237 | 34 | memset(p + n, 0, HASH_CBLOCK - n); | 238 | 34 | n = 0; | 239 | 34 | HASH_BLOCK_DATA_ORDER(c, p, 1); | 240 | 34 | } | 241 | 74 | memset(p + n, 0, HASH_CBLOCK - 8 - n); | 242 | | | 243 | 74 | p += HASH_CBLOCK - 8; | 244 | 74 | #if defined(DATA_ORDER_IS_BIG_ENDIAN) | 245 | 74 | (void)HOST_l2c(c->Nh, p); | 246 | 74 | (void)HOST_l2c(c->Nl, p); | 247 | | #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) | 248 | | (void)HOST_l2c(c->Nl, p); | 249 | | (void)HOST_l2c(c->Nh, p); | 250 | | #endif | 251 | 74 | p -= HASH_CBLOCK; | 252 | 74 | HASH_BLOCK_DATA_ORDER(c, p, 1); | 253 | 74 | c->num = 0; | 254 | 74 | OPENSSL_cleanse(p, HASH_CBLOCK); | 255 | | | 256 | | #ifndef HASH_MAKE_STRING | 257 | | #error "HASH_MAKE_STRING must be defined!" | 258 | | #else | 259 | 74 | HASH_MAKE_STRING(c, md); | 260 | 74 | #endif | 261 | | | 262 | 74 | return 1; | 263 | 74 | } |
|
264 | | |
265 | | #ifndef MD32_REG_T |
266 | | #if defined(__alpha) || defined(__sparcv9) || defined(__mips) |
267 | | #define MD32_REG_T long |
268 | | /* |
269 | | * This comment was originally written for MD5, which is why it |
270 | | * discusses A-D. But it basically applies to all 32-bit digests, |
271 | | * which is why it was moved to common header file. |
272 | | * |
273 | | * In case you wonder why A-D are declared as long and not |
274 | | * as MD5_LONG. Doing so results in slight performance |
275 | | * boost on LP64 architectures. The catch is we don't |
276 | | * really care if 32 MSBs of a 64-bit register get polluted |
277 | | * with eventual overflows as we *save* only 32 LSBs in |
278 | | * *either* case. Now declaring 'em long excuses the compiler |
279 | | * from keeping 32 MSBs zeroed resulting in 13% performance |
280 | | * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. |
281 | | * Well, to be honest it should say that this *prevents* |
282 | | * performance degradation. |
283 | | */ |
284 | | #else |
285 | | /* |
286 | | * Above is not absolute and there are LP64 compilers that |
287 | | * generate better code if MD32_REG_T is defined int. The above |
288 | | * pre-processor condition reflects the circumstances under which |
289 | | * the conclusion was made and is subject to further extension. |
290 | | */ |
291 | | #define MD32_REG_T int |
292 | | #endif |
293 | | #endif |
294 | | |
295 | | #endif |