/src/lzma-fuzz/sdk/C/Sha256.c

Source (jump to first uncovered line)
/* Crypto/Sha256.c -- SHA-256 Hash
2017-04-03 : Igor Pavlov : Public domain
This code is based on public domain code from Wei Dai's Crypto++ library. */

#include "Precomp.h"

#include <string.h>

#include "CpuArch.h"
#include "RotateDefs.h"
#include "Sha256.h"

/* define it for speed optimization */
#ifndef _SFX
#define _SHA256_UNROLL
#define _SHA256_UNROLL2
#endif

/* #define _SHA256_UNROLL2 */

void Sha256_Init(CSha256 *p)
{
  p->state[0] = 0x6a09e667;
  p->state[1] = 0xbb67ae85;
  p->state[2] = 0x3c6ef372;
  p->state[3] = 0xa54ff53a;
  p->state[4] = 0x510e527f;
  p->state[5] = 0x9b05688c;
  p->state[6] = 0x1f83d9ab;
  p->state[7] = 0x5be0cd19;
  p->count = 0;
}

#define S0(x) (rotrFixed(x, 2) ^ rotrFixed(x,13) ^ rotrFixed(x, 22))
#define S1(x) (rotrFixed(x, 6) ^ rotrFixed(x,11) ^ rotrFixed(x, 25))
#define s0(x) (rotrFixed(x, 7) ^ rotrFixed(x,18) ^ (x >> 3))
#define s1(x) (rotrFixed(x,17) ^ rotrFixed(x,19) ^ (x >> 10))

#define blk0(i) (W[i])
#define blk2(i) (W[i] += s1(W[((i)-2)&15]) + W[((i)-7)&15] + s0(W[((i)-15)&15]))

#define Ch(x,y,z) (z^(x&(y^z)))
#define Maj(x,y,z) ((x&y)|(z&(x|y)))

#ifdef _SHA256_UNROLL2

#define R(a,b,c,d,e,f,g,h, i) \
    h += S1(e) + Ch(e,f,g) + K[(i)+(size_t)(j)] + (j ? blk2(i) : blk0(i)); \
    d += h; \
    h += S0(a) + Maj(a, b, c)

#define RX_8(i) \
  R(a,b,c,d,e,f,g,h, i); \
  R(h,a,b,c,d,e,f,g, i+1); \
  R(g,h,a,b,c,d,e,f, i+2); \
  R(f,g,h,a,b,c,d,e, i+3); \
  R(e,f,g,h,a,b,c,d, i+4); \
  R(d,e,f,g,h,a,b,c, i+5); \
  R(c,d,e,f,g,h,a,b, i+6); \
  R(b,c,d,e,f,g,h,a, i+7)

#define RX_16  RX_8(0); RX_8(8);

#else

#define a(i) T[(0-(i))&7]
#define b(i) T[(1-(i))&7]
#define c(i) T[(2-(i))&7]
#define d(i) T[(3-(i))&7]
#define e(i) T[(4-(i))&7]
#define f(i) T[(5-(i))&7]
#define g(i) T[(6-(i))&7]
#define h(i) T[(7-(i))&7]

#define R(i) \
    h(i) += S1(e(i)) + Ch(e(i),f(i),g(i)) + K[(i)+(size_t)(j)] + (j ? blk2(i) : blk0(i)); \
    d(i) += h(i); \
    h(i) += S0(a(i)) + Maj(a(i), b(i), c(i)) \

#ifdef _SHA256_UNROLL

#define RX_8(i)  R(i+0); R(i+1); R(i+2); R(i+3); R(i+4); R(i+5); R(i+6); R(i+7);
#define RX_16  RX_8(0); RX_8(8);

#else

#define RX_16  unsigned i; for (i = 0; i < 16; i++) { R(i); }

#endif

#endif

static const UInt32 K[64] = {
  0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
  0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
  0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
  0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
  0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
  0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
  0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
  0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
  0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
  0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
  0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
  0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
  0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
  0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
  0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
  0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
};

static void Sha256_WriteByteBlock(CSha256 *p)
{
  UInt32 W[16];
  unsigned j;
  UInt32 *state;

  #ifdef _SHA256_UNROLL2
  UInt32 a,b,c,d,e,f,g,h;
  #else
  UInt32 T[8];
  #endif

  for (j = 0; j < 16; j += 4)
  {
    const Byte *ccc = p->buffer + j * 4;
    W[j    ] = GetBe32(ccc);
    W[j + 1] = GetBe32(ccc + 4);
    W[j + 2] = GetBe32(ccc + 8);
    W[j + 3] = GetBe32(ccc + 12);
  }

  state = p->state;

  #ifdef _SHA256_UNROLL2
  a = state[0];
  b = state[1];
  c = state[2];
  d = state[3];
  e = state[4];
  f = state[5];
  g = state[6];
  h = state[7];
  #else
  for (j = 0; j < 8; j++)
    T[j] = state[j];
  #endif

  for (j = 0; j < 64; j += 16)
  {
    RX_16
  }

  #ifdef _SHA256_UNROLL2
  state[0] += a;
  state[1] += b;
  state[2] += c;
  state[3] += d;
  state[4] += e;
  state[5] += f;
  state[6] += g;
  state[7] += h;
  #else
  for (j = 0; j < 8; j++)
    state[j] += T[j];
  #endif
  
  /* Wipe variables */
  /* memset(W, 0, sizeof(W)); */
  /* memset(T, 0, sizeof(T)); */
}

#undef S0
#undef S1
#undef s0
#undef s1

void Sha256_Update(CSha256 *p, const Byte *data, size_t size)
{
  if (size == 0)
    return;

  {
    unsigned pos = (unsigned)p->count & 0x3F;
    unsigned num;
    
    p->count += size;
    
    num = 64 - pos;
    if (num > size)
    {
      memcpy(p->buffer + pos, data, size);
      return;
    }
    
    size -= num;
    memcpy(p->buffer + pos, data, num);
    data += num;
  }

  for (;;)
  {
    Sha256_WriteByteBlock(p);
    if (size < 64)
      break;
    size -= 64;
    memcpy(p->buffer, data, 64);
    data += 64;
  }

  if (size != 0)
    memcpy(p->buffer, data, size);
}

void Sha256_Final(CSha256 *p, Byte *digest)
{
  unsigned pos = (unsigned)p->count & 0x3F;
  unsigned i;
  
  p->buffer[pos++] = 0x80;
  
  while (pos != (64 - 8))
  {
    pos &= 0x3F;
    if (pos == 0)
      Sha256_WriteByteBlock(p);
    p->buffer[pos++] = 0;
  }

  {
    UInt64 numBits = (p->count << 3);
    SetBe32(p->buffer + 64 - 8, (UInt32)(numBits >> 32));
    SetBe32(p->buffer + 64 - 4, (UInt32)(numBits));
  }
  
  Sha256_WriteByteBlock(p);

  for (i = 0; i < 8; i += 2)
  {
    UInt32 v0 = p->state[i];
    UInt32 v1 = p->state[i + 1];
    SetBe32(digest    , v0);
    SetBe32(digest + 4, v1);
    digest += 8;
  }
  
  Sha256_Init(p);
}

Coverage Report

Created: 2024-07-27 06:13

Line	Count	Source (jump to first uncovered line)
1		/* Crypto/Sha256.c -- SHA-256 Hash
2		2017-04-03 : Igor Pavlov : Public domain
3		This code is based on public domain code from Wei Dai's Crypto++ library. */
4
5		#include "Precomp.h"
6
7		#include <string.h>
8
9		#include "CpuArch.h"
10		#include "RotateDefs.h"
11		#include "Sha256.h"
12
13		/* define it for speed optimization */
14		#ifndef _SFX
15		#define _SHA256_UNROLL
16		#define _SHA256_UNROLL2
17		#endif
18
19		/* #define _SHA256_UNROLL2 */
20
21		void Sha256_Init(CSha256 *p)
22	20.8k	{
23	20.8k	p->state[0] = 0x6a09e667;
24	20.8k	p->state[1] = 0xbb67ae85;
25	20.8k	p->state[2] = 0x3c6ef372;
26	20.8k	p->state[3] = 0xa54ff53a;
27	20.8k	p->state[4] = 0x510e527f;
28	20.8k	p->state[5] = 0x9b05688c;
29	20.8k	p->state[6] = 0x1f83d9ab;
30	20.8k	p->state[7] = 0x5be0cd19;
31	20.8k	p->count = 0;
32	20.8k	}
33
34	45.7M	#define S0(x) (rotrFixed(x, 2) ^ rotrFixed(x,13) ^ rotrFixed(x, 22))
35	45.7M	#define S1(x) (rotrFixed(x, 6) ^ rotrFixed(x,11) ^ rotrFixed(x, 25))
36	34.2M	#define s0(x) (rotrFixed(x, 7) ^ rotrFixed(x,18) ^ (x >> 3))
37	34.2M	#define s1(x) (rotrFixed(x,17) ^ rotrFixed(x,19) ^ (x >> 10))
38
39	11.4M	#define blk0(i) (W[i])
40	34.2M	#define blk2(i) (W[i] += s1(W[((i)-2)&15]) + W[((i)-7)&15] + s0(W[((i)-15)&15]))
41
42	45.7M	#define Ch(x,y,z) (z^(x&(y^z)))
43	45.7M	#define Maj(x,y,z) ((x&y)\|(z&(x\|y)))
44
45		#ifdef _SHA256_UNROLL2
46
47		#define R(a,b,c,d,e,f,g,h, i) \
48	45.7M	h += S1(e) + Ch(e,f,g) + K[(i)+(size_t)(j)] + (j ? blk2(i) : blk0(i)); \
49	45.7M	d += h; \
50	45.7M	h += S0(a) + Maj(a, b, c)
51
52		#define RX_8(i) \
53	5.71M	R(a,b,c,d,e,f,g,h, i); \
54	5.71M	R(h,a,b,c,d,e,f,g, i+1); \
55	5.71M	R(g,h,a,b,c,d,e,f, i+2); \
56	5.71M	R(f,g,h,a,b,c,d,e, i+3); \
57	5.71M	R(e,f,g,h,a,b,c,d, i+4); \
58	5.71M	R(d,e,f,g,h,a,b,c, i+5); \
59	5.71M	R(c,d,e,f,g,h,a,b, i+6); \
60	5.71M	R(b,c,d,e,f,g,h,a, i+7)
61
62	2.85M	#define RX_16 RX_8(0); RX_8(8);
63
64		#else
65
66		#define a(i) T[(0-(i))&7]
67		#define b(i) T[(1-(i))&7]
68		#define c(i) T[(2-(i))&7]
69		#define d(i) T[(3-(i))&7]
70		#define e(i) T[(4-(i))&7]
71		#define f(i) T[(5-(i))&7]
72		#define g(i) T[(6-(i))&7]
73		#define h(i) T[(7-(i))&7]
74
75		#define R(i) \
76		h(i) += S1(e(i)) + Ch(e(i),f(i),g(i)) + K[(i)+(size_t)(j)] + (j ? blk2(i) : blk0(i)); \
77		d(i) += h(i); \
78		h(i) += S0(a(i)) + Maj(a(i), b(i), c(i)) \
79
80		#ifdef _SHA256_UNROLL
81
82		#define RX_8(i) R(i+0); R(i+1); R(i+2); R(i+3); R(i+4); R(i+5); R(i+6); R(i+7);
83		#define RX_16 RX_8(0); RX_8(8);
84
85		#else
86
87		#define RX_16 unsigned i; for (i = 0; i < 16; i++) { R(i); }
88
89		#endif
90
91		#endif
92
93		static const UInt32 K[64] = {
94		0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
95		0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
96		0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
97		0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
98		0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
99		0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
100		0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
101		0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
102		0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
103		0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
104		0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
105		0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
106		0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
107		0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
108		0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
109		0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
110		};
111
112		static void Sha256_WriteByteBlock(CSha256 *p)
113	714k	{
114	714k	UInt32 W[16];
115	714k	unsigned j;
116	714k	UInt32 *state;
117
118	714k	#ifdef _SHA256_UNROLL2
119	714k	UInt32 a,b,c,d,e,f,g,h;
120		#else
121		UInt32 T[8];
122		#endif
123
124	3.57M	for (j = 0; j < 16; j += 4)
125	2.85M	{
126	2.85M	const Byte ccc = p->buffer + j 4;
127	2.85M	W[j ] = GetBe32(ccc);
128	2.85M	W[j + 1] = GetBe32(ccc + 4);
129	2.85M	W[j + 2] = GetBe32(ccc + 8);
130	2.85M	W[j + 3] = GetBe32(ccc + 12);
131	2.85M	}
132
133	714k	state = p->state;
134
135	714k	#ifdef _SHA256_UNROLL2
136	714k	a = state[0];
137	714k	b = state[1];
138	714k	c = state[2];
139	714k	d = state[3];
140	714k	e = state[4];
141	714k	f = state[5];
142	714k	g = state[6];
143	714k	h = state[7];
144		#else
145		for (j = 0; j < 8; j++)
146		T[j] = state[j];
147		#endif
148
149	3.57M	for (j = 0; j < 64; j += 16)
150	2.85M	{
151	2.85M	RX_16
152	2.85M	}
153
154	714k	#ifdef _SHA256_UNROLL2
155	714k	state[0] += a;
156	714k	state[1] += b;
157	714k	state[2] += c;
158	714k	state[3] += d;
159	714k	state[4] += e;
160	714k	state[5] += f;
161	714k	state[6] += g;
162	714k	state[7] += h;
163		#else
164		for (j = 0; j < 8; j++)
165		state[j] += T[j];
166		#endif
167
168		/* Wipe variables */
169		/* memset(W, 0, sizeof(W)); */
170		/* memset(T, 0, sizeof(T)); */
171	714k	}
172
173		#undef S0
174		#undef S1
175		#undef s0
176		#undef s1
177
178		void Sha256_Update(CSha256 p, const Byte data, size_t size)
179	62.9k	{
180	62.9k	if (size == 0)
181	1.27k	return;
182
183	61.6k	{
184	61.6k	unsigned pos = (unsigned)p->count & 0x3F;
185	61.6k	unsigned num;
186
187	61.6k	p->count += size;
188
189	61.6k	num = 64 - pos;
190	61.6k	if (num > size)
191	57.8k	{
192	57.8k	memcpy(p->buffer + pos, data, size);
193	57.8k	return;
194	57.8k	}
195
196	3.76k	size -= num;
197	3.76k	memcpy(p->buffer + pos, data, num);
198	3.76k	data += num;
199	3.76k	}
200
201	0	for (;;)
202	707k	{
203	707k	Sha256_WriteByteBlock(p);
204	707k	if (size < 64)
205	3.76k	break;
206	703k	size -= 64;
207	703k	memcpy(p->buffer, data, 64);
208	703k	data += 64;
209	703k	}
210
211	3.76k	if (size != 0)
212	711	memcpy(p->buffer, data, size);
213	3.76k	}
214
215		void Sha256_Final(CSha256 p, Byte digest)
216	6.66k	{
217	6.66k	unsigned pos = (unsigned)p->count & 0x3F;
218	6.66k	unsigned i;
219
220	6.66k	p->buffer[pos++] = 0x80;
221
222	359k	while (pos != (64 - 8))
223	352k	{
224	352k	pos &= 0x3F;
225	352k	if (pos == 0)
226	3	Sha256_WriteByteBlock(p);
227	352k	p->buffer[pos++] = 0;
228	352k	}
229
230	6.66k	{
231	6.66k	UInt64 numBits = (p->count << 3);
232	6.66k	SetBe32(p->buffer + 64 - 8, (UInt32)(numBits >> 32));
233	6.66k	SetBe32(p->buffer + 64 - 4, (UInt32)(numBits));
234	6.66k	}
235
236	6.66k	Sha256_WriteByteBlock(p);
237
238	33.3k	for (i = 0; i < 8; i += 2)
239	26.6k	{
240	26.6k	UInt32 v0 = p->state[i];
241	26.6k	UInt32 v1 = p->state[i + 1];
242	26.6k	SetBe32(digest , v0);
243	26.6k	SetBe32(digest + 4, v1);
244	26.6k	digest += 8;
245	26.6k	}
246
247	6.66k	Sha256_Init(p);
248	6.66k	}