Coverage Report

Created: 2024-09-08 06:23

/src/git/sha256/block/sha256.c
Line
Count
Source (jump to first uncovered line)
1
#include "git-compat-util.h"
2
#include "./sha256.h"
3
4
#undef RND
5
#undef BLKSIZE
6
7
#define BLKSIZE blk_SHA256_BLKSIZE
8
9
void blk_SHA256_Init(blk_SHA256_CTX *ctx)
10
0
{
11
0
  ctx->offset = 0;
12
0
  ctx->size = 0;
13
0
  ctx->state[0] = 0x6a09e667ul;
14
0
  ctx->state[1] = 0xbb67ae85ul;
15
0
  ctx->state[2] = 0x3c6ef372ul;
16
0
  ctx->state[3] = 0xa54ff53aul;
17
0
  ctx->state[4] = 0x510e527ful;
18
0
  ctx->state[5] = 0x9b05688cul;
19
0
  ctx->state[6] = 0x1f83d9abul;
20
0
  ctx->state[7] = 0x5be0cd19ul;
21
0
}
22
23
static inline uint32_t ror(uint32_t x, unsigned n)
24
0
{
25
0
  return (x >> n) | (x << (32 - n));
26
0
}
27
28
static inline uint32_t ch(uint32_t x, uint32_t y, uint32_t z)
29
0
{
30
0
  return z ^ (x & (y ^ z));
31
0
}
32
33
static inline uint32_t maj(uint32_t x, uint32_t y, uint32_t z)
34
0
{
35
0
  return ((x | y) & z) | (x & y);
36
0
}
37
38
static inline uint32_t sigma0(uint32_t x)
39
0
{
40
0
  return ror(x, 2) ^ ror(x, 13) ^ ror(x, 22);
41
0
}
42
43
static inline uint32_t sigma1(uint32_t x)
44
0
{
45
0
  return ror(x, 6) ^ ror(x, 11) ^ ror(x, 25);
46
0
}
47
48
static inline uint32_t gamma0(uint32_t x)
49
0
{
50
0
  return ror(x, 7) ^ ror(x, 18) ^ (x >> 3);
51
0
}
52
53
static inline uint32_t gamma1(uint32_t x)
54
0
{
55
0
  return ror(x, 17) ^ ror(x, 19) ^ (x >> 10);
56
0
}
57
58
static void blk_SHA256_Transform(blk_SHA256_CTX *ctx, const unsigned char *buf)
59
0
{
60
61
0
  uint32_t S[8], W[64], t0, t1;
62
0
  int i;
63
64
  /* copy state into S */
65
0
  for (i = 0; i < 8; i++)
66
0
    S[i] = ctx->state[i];
67
68
  /* copy the state into 512-bits into W[0..15] */
69
0
  for (i = 0; i < 16; i++, buf += sizeof(uint32_t))
70
0
    W[i] = get_be32(buf);
71
72
  /* fill W[16..63] */
73
0
  for (i = 16; i < 64; i++)
74
0
    W[i] = gamma1(W[i - 2]) + W[i - 7] + gamma0(W[i - 15]) + W[i - 16];
75
76
0
#define RND(a,b,c,d,e,f,g,h,i,ki)                    \
77
0
  t0 = h + sigma1(e) + ch(e, f, g) + ki + W[i];   \
78
0
  t1 = sigma0(a) + maj(a, b, c);                  \
79
0
  d += t0;                                        \
80
0
  h  = t0 + t1;
81
82
0
  RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],0,0x428a2f98);
83
0
  RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],1,0x71374491);
84
0
  RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],2,0xb5c0fbcf);
85
0
  RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],3,0xe9b5dba5);
86
0
  RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],4,0x3956c25b);
87
0
  RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],5,0x59f111f1);
88
0
  RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],6,0x923f82a4);
89
0
  RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],7,0xab1c5ed5);
90
0
  RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],8,0xd807aa98);
91
0
  RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],9,0x12835b01);
92
0
  RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],10,0x243185be);
93
0
  RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],11,0x550c7dc3);
94
0
  RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],12,0x72be5d74);
95
0
  RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],13,0x80deb1fe);
96
0
  RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],14,0x9bdc06a7);
97
0
  RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],15,0xc19bf174);
98
0
  RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],16,0xe49b69c1);
99
0
  RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],17,0xefbe4786);
100
0
  RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],18,0x0fc19dc6);
101
0
  RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],19,0x240ca1cc);
102
0
  RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],20,0x2de92c6f);
103
0
  RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],21,0x4a7484aa);
104
0
  RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],22,0x5cb0a9dc);
105
0
  RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],23,0x76f988da);
106
0
  RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],24,0x983e5152);
107
0
  RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],25,0xa831c66d);
108
0
  RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],26,0xb00327c8);
109
0
  RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],27,0xbf597fc7);
110
0
  RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],28,0xc6e00bf3);
111
0
  RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],29,0xd5a79147);
112
0
  RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],30,0x06ca6351);
113
0
  RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],31,0x14292967);
114
0
  RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],32,0x27b70a85);
115
0
  RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],33,0x2e1b2138);
116
0
  RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],34,0x4d2c6dfc);
117
0
  RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],35,0x53380d13);
118
0
  RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],36,0x650a7354);
119
0
  RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],37,0x766a0abb);
120
0
  RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],38,0x81c2c92e);
121
0
  RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],39,0x92722c85);
122
0
  RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],40,0xa2bfe8a1);
123
0
  RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],41,0xa81a664b);
124
0
  RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],42,0xc24b8b70);
125
0
  RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],43,0xc76c51a3);
126
0
  RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],44,0xd192e819);
127
0
  RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],45,0xd6990624);
128
0
  RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],46,0xf40e3585);
129
0
  RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],47,0x106aa070);
130
0
  RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],48,0x19a4c116);
131
0
  RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],49,0x1e376c08);
132
0
  RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],50,0x2748774c);
133
0
  RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],51,0x34b0bcb5);
134
0
  RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],52,0x391c0cb3);
135
0
  RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],53,0x4ed8aa4a);
136
0
  RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],54,0x5b9cca4f);
137
0
  RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],55,0x682e6ff3);
138
0
  RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],56,0x748f82ee);
139
0
  RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],57,0x78a5636f);
140
0
  RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],58,0x84c87814);
141
0
  RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],59,0x8cc70208);
142
0
  RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],60,0x90befffa);
143
0
  RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],61,0xa4506ceb);
144
0
  RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],62,0xbef9a3f7);
145
0
  RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],63,0xc67178f2);
146
147
0
  for (i = 0; i < 8; i++)
148
0
    ctx->state[i] += S[i];
149
0
}
150
151
void blk_SHA256_Update(blk_SHA256_CTX *ctx, const void *data, size_t len)
152
0
{
153
0
  unsigned int len_buf = ctx->size & 63;
154
155
0
  ctx->size += len;
156
157
  /* Read the data into buf and process blocks as they get full */
158
0
  if (len_buf) {
159
0
    unsigned int left = 64 - len_buf;
160
0
    if (len < left)
161
0
      left = len;
162
0
    memcpy(len_buf + ctx->buf, data, left);
163
0
    len_buf = (len_buf + left) & 63;
164
0
    len -= left;
165
0
    data = ((const char *)data + left);
166
0
    if (len_buf)
167
0
      return;
168
0
    blk_SHA256_Transform(ctx, ctx->buf);
169
0
  }
170
0
  while (len >= 64) {
171
0
    blk_SHA256_Transform(ctx, data);
172
0
    data = ((const char *)data + 64);
173
0
    len -= 64;
174
0
  }
175
0
  if (len)
176
0
    memcpy(ctx->buf, data, len);
177
0
}
178
179
void blk_SHA256_Final(unsigned char *digest, blk_SHA256_CTX *ctx)
180
0
{
181
0
  static const unsigned char pad[64] = { 0x80 };
182
0
  unsigned int padlen[2];
183
0
  int i;
184
185
  /* Pad with a binary 1 (ie 0x80), then zeroes, then length */
186
0
  padlen[0] = htonl((uint32_t)(ctx->size >> 29));
187
0
  padlen[1] = htonl((uint32_t)(ctx->size << 3));
188
189
0
  i = ctx->size & 63;
190
0
  blk_SHA256_Update(ctx, pad, 1 + (63 & (55 - i)));
191
0
  blk_SHA256_Update(ctx, padlen, 8);
192
193
  /* copy output */
194
0
  for (i = 0; i < 8; i++, digest += sizeof(uint32_t))
195
0
    put_be32(digest, ctx->state[i]);
196
0
}